diff --git a/ChangeLog b/ChangeLog index 9302face1..5a2843379 100644 --- a/ChangeLog +++ b/ChangeLog @@ -5,6 +5,7 @@ Changes * Added option parsing for host and port selection to ssl_client2 * Added support for GeneralizedTime in X509 parsing + * Added const correctness for main code base Bug fixes * Fixed bug resulting in failure to send the last diff --git a/include/polarssl/aes.h b/include/polarssl/aes.h index 5e18ab77a..11abc9054 100644 --- a/include/polarssl/aes.h +++ b/include/polarssl/aes.h @@ -52,7 +52,7 @@ extern "C" { * * \return 0 if successful, or POLARSSL_ERR_AES_INVALID_KEY_LENGTH */ -int aes_setkey_enc( aes_context *ctx, unsigned char *key, int keysize ); +int aes_setkey_enc( aes_context *ctx, const unsigned char *key, int keysize ); /** * \brief AES key schedule (decryption) @@ -63,7 +63,7 @@ int aes_setkey_enc( aes_context *ctx, unsigned char *key, int keysize ); * * \return 0 if successful, or POLARSSL_ERR_AES_INVALID_KEY_LENGTH */ -int aes_setkey_dec( aes_context *ctx, unsigned char *key, int keysize ); +int aes_setkey_dec( aes_context *ctx, const unsigned char *key, int keysize ); /** * \brief AES-ECB block encryption/decryption @@ -75,7 +75,7 @@ int aes_setkey_dec( aes_context *ctx, unsigned char *key, int keysize ); */ void aes_crypt_ecb( aes_context *ctx, int mode, - unsigned char input[16], + const unsigned char input[16], unsigned char output[16] ); /** @@ -94,7 +94,7 @@ void aes_crypt_cbc( aes_context *ctx, int mode, int length, unsigned char iv[16], - unsigned char *input, + const unsigned char *input, unsigned char *output ); /** @@ -113,7 +113,7 @@ void aes_crypt_cfb128( aes_context *ctx, int length, int *iv_off, unsigned char iv[16], - unsigned char *input, + const unsigned char *input, unsigned char *output ); /** diff --git a/include/polarssl/arc4.h b/include/polarssl/arc4.h index b012299f7..20f142a56 100644 --- a/include/polarssl/arc4.h +++ b/include/polarssl/arc4.h @@ -45,7 +45,7 @@ extern "C" { * \param key the secret key * \param keylen length of the key */ -void arc4_setup( arc4_context *ctx, unsigned char *key, int keylen ); +void arc4_setup( arc4_context *ctx, const unsigned char *key, int keylen ); /** * \brief ARC4 cipher function diff --git a/include/polarssl/base64.h b/include/polarssl/base64.h index 4858ef449..614418407 100644 --- a/include/polarssl/base64.h +++ b/include/polarssl/base64.h @@ -46,7 +46,7 @@ extern "C" { * required buffer size in *dlen */ int base64_encode( unsigned char *dst, int *dlen, - unsigned char *src, int slen ); + const unsigned char *src, int slen ); /** * \brief Decode a base64-formatted buffer @@ -65,7 +65,7 @@ int base64_encode( unsigned char *dst, int *dlen, * required buffer size in *dlen */ int base64_decode( unsigned char *dst, int *dlen, - unsigned char *src, int slen ); + const unsigned char *src, int slen ); /** * \brief Checkup routine diff --git a/include/polarssl/bignum.h b/include/polarssl/bignum.h index cb0ac9b8c..f4135123b 100644 --- a/include/polarssl/bignum.h +++ b/include/polarssl/bignum.h @@ -108,7 +108,7 @@ int mpi_grow( mpi *X, int nblimbs ); * \return 0 if successful, * 1 if memory allocation failed */ -int mpi_copy( mpi *X, mpi *Y ); +int mpi_copy( mpi *X, const mpi *Y ); /** * \brief Swap the contents of X and Y @@ -134,21 +134,21 @@ int mpi_lset( mpi *X, int z ); * * \param X MPI to use */ -int mpi_lsb( mpi *X ); +int mpi_lsb( const mpi *X ); /** * \brief Return the number of most significant bits * * \param X MPI to use */ -int mpi_msb( mpi *X ); +int mpi_msb( const mpi *X ); /** * \brief Return the total size in bytes * * \param X MPI to use */ -int mpi_size( mpi *X ); +int mpi_size( const mpi *X ); /** * \brief Import from an ASCII string @@ -159,7 +159,7 @@ int mpi_size( mpi *X ); * * \return 0 if successful, or an POLARSSL_ERR_MPI_XXX error code */ -int mpi_read_string( mpi *X, int radix, char *s ); +int mpi_read_string( mpi *X, int radix, const char *s ); /** * \brief Export into an ASCII string @@ -169,12 +169,14 @@ int mpi_read_string( mpi *X, int radix, char *s ); * \param s String buffer * \param slen String buffer size * - * \return 0 if successful, or an POLARSSL_ERR_MPI_XXX error code + * \return 0 if successful, or an POLARSSL_ERR_MPI_XXX error code. + * *slen is always updated to reflect the amount + * of data that has (or would have) been written. * * \note Call this function with *slen = 0 to obtain the * minimum required buffer size in *slen. */ -int mpi_write_string( mpi *X, int radix, char *s, int *slen ); +int mpi_write_string( const mpi *X, int radix, char *s, int *slen ); /** * \brief Read X from an opened file @@ -199,7 +201,7 @@ int mpi_read_file( mpi *X, int radix, FILE *fin ); * * \note Set fout == NULL to print X on the console. */ -int mpi_write_file( char *p, mpi *X, int radix, FILE *fout ); +int mpi_write_file( const char *p, const mpi *X, int radix, FILE *fout ); /** * \brief Import X from unsigned binary data, big endian @@ -211,7 +213,7 @@ int mpi_write_file( char *p, mpi *X, int radix, FILE *fout ); * \return 0 if successful, * 1 if memory allocation failed */ -int mpi_read_binary( mpi *X, unsigned char *buf, int buflen ); +int mpi_read_binary( mpi *X, const unsigned char *buf, int buflen ); /** * \brief Export X into unsigned binary data, big endian @@ -223,7 +225,7 @@ int mpi_read_binary( mpi *X, unsigned char *buf, int buflen ); * \return 0 if successful, * POLARSSL_ERR_MPI_BUFFER_TOO_SMALL if buf isn't large enough */ -int mpi_write_binary( mpi *X, unsigned char *buf, int buflen ); +int mpi_write_binary( const mpi *X, unsigned char *buf, int buflen ); /** * \brief Left-shift: X <<= count @@ -257,7 +259,7 @@ int mpi_shift_r( mpi *X, int count ); * -1 if |X| is lesser than |Y| or * 0 if |X| is equal to |Y| */ -int mpi_cmp_abs( mpi *X, mpi *Y ); +int mpi_cmp_abs( const mpi *X, const mpi *Y ); /** * \brief Compare signed values @@ -269,7 +271,7 @@ int mpi_cmp_abs( mpi *X, mpi *Y ); * -1 if X is lesser than Y or * 0 if X is equal to Y */ -int mpi_cmp_mpi( mpi *X, mpi *Y ); +int mpi_cmp_mpi( const mpi *X, const mpi *Y ); /** * \brief Compare signed values @@ -281,7 +283,7 @@ int mpi_cmp_mpi( mpi *X, mpi *Y ); * -1 if X is lesser than z or * 0 if X is equal to z */ -int mpi_cmp_int( mpi *X, int z ); +int mpi_cmp_int( const mpi *X, int z ); /** * \brief Unsigned addition: X = |A| + |B| @@ -293,7 +295,7 @@ int mpi_cmp_int( mpi *X, int z ); * \return 0 if successful, * 1 if memory allocation failed */ -int mpi_add_abs( mpi *X, mpi *A, mpi *B ); +int mpi_add_abs( mpi *X, const mpi *A, const mpi *B ); /** * \brief Unsigned substraction: X = |A| - |B| @@ -305,7 +307,7 @@ int mpi_add_abs( mpi *X, mpi *A, mpi *B ); * \return 0 if successful, * POLARSSL_ERR_MPI_NEGATIVE_VALUE if B is greater than A */ -int mpi_sub_abs( mpi *X, mpi *A, mpi *B ); +int mpi_sub_abs( mpi *X, const mpi *A, const mpi *B ); /** * \brief Signed addition: X = A + B @@ -317,7 +319,7 @@ int mpi_sub_abs( mpi *X, mpi *A, mpi *B ); * \return 0 if successful, * 1 if memory allocation failed */ -int mpi_add_mpi( mpi *X, mpi *A, mpi *B ); +int mpi_add_mpi( mpi *X, const mpi *A, const mpi *B ); /** * \brief Signed substraction: X = A - B @@ -329,7 +331,7 @@ int mpi_add_mpi( mpi *X, mpi *A, mpi *B ); * \return 0 if successful, * 1 if memory allocation failed */ -int mpi_sub_mpi( mpi *X, mpi *A, mpi *B ); +int mpi_sub_mpi( mpi *X, const mpi *A, const mpi *B ); /** * \brief Signed addition: X = A + b @@ -341,7 +343,7 @@ int mpi_sub_mpi( mpi *X, mpi *A, mpi *B ); * \return 0 if successful, * 1 if memory allocation failed */ -int mpi_add_int( mpi *X, mpi *A, int b ); +int mpi_add_int( mpi *X, const mpi *A, int b ); /** * \brief Signed substraction: X = A - b @@ -353,7 +355,7 @@ int mpi_add_int( mpi *X, mpi *A, int b ); * \return 0 if successful, * 1 if memory allocation failed */ -int mpi_sub_int( mpi *X, mpi *A, int b ); +int mpi_sub_int( mpi *X, const mpi *A, int b ); /** * \brief Baseline multiplication: X = A * B @@ -365,7 +367,7 @@ int mpi_sub_int( mpi *X, mpi *A, int b ); * \return 0 if successful, * 1 if memory allocation failed */ -int mpi_mul_mpi( mpi *X, mpi *A, mpi *B ); +int mpi_mul_mpi( mpi *X, const mpi *A, const mpi *B ); /** * \brief Baseline multiplication: X = A * b @@ -379,7 +381,7 @@ int mpi_mul_mpi( mpi *X, mpi *A, mpi *B ); * \return 0 if successful, * 1 if memory allocation failed */ -int mpi_mul_int( mpi *X, mpi *A, t_int b ); +int mpi_mul_int( mpi *X, const mpi *A, t_int b ); /** * \brief Division by mpi: A = Q * B + R @@ -395,7 +397,7 @@ int mpi_mul_int( mpi *X, mpi *A, t_int b ); * * \note Either Q or R can be NULL. */ -int mpi_div_mpi( mpi *Q, mpi *R, mpi *A, mpi *B ); +int mpi_div_mpi( mpi *Q, mpi *R, const mpi *A, const mpi *B ); /** * \brief Division by int: A = Q * b + R @@ -411,7 +413,7 @@ int mpi_div_mpi( mpi *Q, mpi *R, mpi *A, mpi *B ); * * \note Either Q or R can be NULL. */ -int mpi_div_int( mpi *Q, mpi *R, mpi *A, int b ); +int mpi_div_int( mpi *Q, mpi *R, const mpi *A, int b ); /** * \brief Modulo: R = A mod B @@ -425,12 +427,12 @@ int mpi_div_int( mpi *Q, mpi *R, mpi *A, int b ); * POLARSSL_ERR_MPI_DIVISION_BY_ZERO if B == 0, * POLARSSL_ERR_MPI_NEGATIVE_VALUE if B < 0 */ -int mpi_mod_mpi( mpi *R, mpi *A, mpi *B ); +int mpi_mod_mpi( mpi *R, const mpi *A, const mpi *B ); /** * \brief Modulo: r = A mod b * - * \param a Destination t_int + * \param r Destination t_int * \param A Left-hand MPI * \param b Integer to divide by * @@ -439,7 +441,7 @@ int mpi_mod_mpi( mpi *R, mpi *A, mpi *B ); * POLARSSL_ERR_MPI_DIVISION_BY_ZERO if b == 0, * POLARSSL_ERR_MPI_NEGATIVE_VALUE if b < 0 */ -int mpi_mod_int( t_int *r, mpi *A, int b ); +int mpi_mod_int( t_int *r, const mpi *A, int b ); /** * \brief Sliding-window exponentiation: X = A^E mod N @@ -458,7 +460,7 @@ int mpi_mod_int( t_int *r, mpi *A, int b ); * multiple calls, which speeds up things a bit. It can * be set to NULL if the extra performance is unneeded. */ -int mpi_exp_mod( mpi *X, mpi *A, mpi *E, mpi *N, mpi *_RR ); +int mpi_exp_mod( mpi *X, const mpi *A, const mpi *E, const mpi *N, mpi *_RR ); /** * \brief Greatest common divisor: G = gcd(A, B) @@ -470,7 +472,7 @@ int mpi_exp_mod( mpi *X, mpi *A, mpi *E, mpi *N, mpi *_RR ); * \return 0 if successful, * 1 if memory allocation failed */ -int mpi_gcd( mpi *G, mpi *A, mpi *B ); +int mpi_gcd( mpi *G, const mpi *A, const mpi *B ); /** * \brief Modular inverse: X = A^-1 mod N @@ -484,7 +486,7 @@ int mpi_gcd( mpi *G, mpi *A, mpi *B ); * POLARSSL_ERR_MPI_BAD_INPUT_DATA if N is negative or nil POLARSSL_ERR_MPI_NOT_ACCEPTABLE if A has no inverse mod N */ -int mpi_inv_mod( mpi *X, mpi *A, mpi *N ); +int mpi_inv_mod( mpi *X, const mpi *A, const mpi *N ); /** * \brief Miller-Rabin primality test diff --git a/include/polarssl/camellia.h b/include/polarssl/camellia.h index be8a42b32..d03495a9d 100644 --- a/include/polarssl/camellia.h +++ b/include/polarssl/camellia.h @@ -56,7 +56,7 @@ extern "C" { * * \return 0 if successful, or POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH */ -int camellia_setkey_enc( camellia_context *ctx, unsigned char *key, int keysize ); +int camellia_setkey_enc( camellia_context *ctx, const unsigned char *key, int keysize ); /** * \brief CAMELLIA key schedule (decryption) @@ -67,7 +67,7 @@ int camellia_setkey_enc( camellia_context *ctx, unsigned char *key, int keysize * * \return 0 if successful, or POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH */ -int camellia_setkey_dec( camellia_context *ctx, unsigned char *key, int keysize ); +int camellia_setkey_dec( camellia_context *ctx, const unsigned char *key, int keysize ); /** * \brief CAMELLIA-ECB block encryption/decryption @@ -79,7 +79,7 @@ int camellia_setkey_dec( camellia_context *ctx, unsigned char *key, int keysize */ void camellia_crypt_ecb( camellia_context *ctx, int mode, - unsigned char input[16], + const unsigned char input[16], unsigned char output[16] ); /** @@ -98,7 +98,7 @@ void camellia_crypt_cbc( camellia_context *ctx, int mode, int length, unsigned char iv[16], - unsigned char *input, + const unsigned char *input, unsigned char *output ); /** @@ -117,7 +117,7 @@ void camellia_crypt_cfb128( camellia_context *ctx, int length, int *iv_off, unsigned char iv[16], - unsigned char *input, + const unsigned char *input, unsigned char *output ); /** diff --git a/include/polarssl/certs.h b/include/polarssl/certs.h index aa5a6c3e1..b982d7e2f 100644 --- a/include/polarssl/certs.h +++ b/include/polarssl/certs.h @@ -27,14 +27,13 @@ extern "C" { #endif -extern char test_ca_crt[]; -extern char test_ca_key[]; -extern char test_ca_pwd[]; -extern char test_srv_crt[]; -extern char test_srv_key[]; -extern char test_cli_crt[]; -extern char test_cli_key[]; -extern char xyssl_ca_crt[]; +extern const char test_ca_crt[]; +extern const char test_ca_key[]; +extern const char test_ca_pwd[]; +extern const char test_srv_crt[]; +extern const char test_srv_key[]; +extern const char test_cli_crt[]; +extern const char test_cli_key[]; #ifdef __cplusplus } diff --git a/include/polarssl/debug.h b/include/polarssl/debug.h index b8b207051..9bae62717 100644 --- a/include/polarssl/debug.h +++ b/include/polarssl/debug.h @@ -59,21 +59,24 @@ extern "C" { char *debug_fmt( const char *format, ... ); -void debug_print_msg( ssl_context *ssl, int level, - char *file, int line, char *text ); +void debug_print_msg( const ssl_context *ssl, int level, + const char *file, int line, const char *text ); -void debug_print_ret( ssl_context *ssl, int level, - char *file, int line, char *text, int ret ); +void debug_print_ret( const ssl_context *ssl, int level, + const char *file, int line, + const char *text, int ret ); -void debug_print_buf( ssl_context *ssl, int level, - char *file, int line, char *text, +void debug_print_buf( const ssl_context *ssl, int level, + const char *file, int line, const char *text, unsigned char *buf, int len ); -void debug_print_mpi( ssl_context *ssl, int level, - char *file, int line, char *text, mpi *X ); +void debug_print_mpi( const ssl_context *ssl, int level, + const char *file, int line, + const char *text, const mpi *X ); -void debug_print_crt( ssl_context *ssl, int level, - char *file, int line, char *text, x509_cert *crt ); +void debug_print_crt( const ssl_context *ssl, int level, + const char *file, int line, + const char *text, const x509_cert *crt ); #ifdef __cplusplus } diff --git a/include/polarssl/des.h b/include/polarssl/des.h index b0fe69e84..1a09ad191 100644 --- a/include/polarssl/des.h +++ b/include/polarssl/des.h @@ -56,7 +56,7 @@ extern "C" { * \param ctx DES context to be initialized * \param key 8-byte secret key */ -void des_setkey_enc( des_context *ctx, unsigned char key[8] ); +void des_setkey_enc( des_context *ctx, const unsigned char key[8] ); /** * \brief DES key schedule (56-bit, decryption) @@ -64,7 +64,7 @@ void des_setkey_enc( des_context *ctx, unsigned char key[8] ); * \param ctx DES context to be initialized * \param key 8-byte secret key */ -void des_setkey_dec( des_context *ctx, unsigned char key[8] ); +void des_setkey_dec( des_context *ctx, const unsigned char key[8] ); /** * \brief Triple-DES key schedule (112-bit, encryption) @@ -72,7 +72,7 @@ void des_setkey_dec( des_context *ctx, unsigned char key[8] ); * \param ctx 3DES context to be initialized * \param key 16-byte secret key */ -void des3_set2key_enc( des3_context *ctx, unsigned char key[16] ); +void des3_set2key_enc( des3_context *ctx, const unsigned char key[16] ); /** * \brief Triple-DES key schedule (112-bit, decryption) @@ -80,7 +80,7 @@ void des3_set2key_enc( des3_context *ctx, unsigned char key[16] ); * \param ctx 3DES context to be initialized * \param key 16-byte secret key */ -void des3_set2key_dec( des3_context *ctx, unsigned char key[16] ); +void des3_set2key_dec( des3_context *ctx, const unsigned char key[16] ); /** * \brief Triple-DES key schedule (168-bit, encryption) @@ -88,7 +88,7 @@ void des3_set2key_dec( des3_context *ctx, unsigned char key[16] ); * \param ctx 3DES context to be initialized * \param key 24-byte secret key */ -void des3_set3key_enc( des3_context *ctx, unsigned char key[24] ); +void des3_set3key_enc( des3_context *ctx, const unsigned char key[24] ); /** * \brief Triple-DES key schedule (168-bit, decryption) @@ -96,7 +96,7 @@ void des3_set3key_enc( des3_context *ctx, unsigned char key[24] ); * \param ctx 3DES context to be initialized * \param key 24-byte secret key */ -void des3_set3key_dec( des3_context *ctx, unsigned char key[24] ); +void des3_set3key_dec( des3_context *ctx, const unsigned char key[24] ); /** * \brief DES-ECB block encryption/decryption @@ -106,7 +106,7 @@ void des3_set3key_dec( des3_context *ctx, unsigned char key[24] ); * \param output 64-bit output block */ void des_crypt_ecb( des_context *ctx, - unsigned char input[8], + const unsigned char input[8], unsigned char output[8] ); /** @@ -123,7 +123,7 @@ void des_crypt_cbc( des_context *ctx, int mode, int length, unsigned char iv[8], - unsigned char *input, + const unsigned char *input, unsigned char *output ); /** @@ -134,7 +134,7 @@ void des_crypt_cbc( des_context *ctx, * \param output 64-bit output block */ void des3_crypt_ecb( des3_context *ctx, - unsigned char input[8], + const unsigned char input[8], unsigned char output[8] ); /** @@ -151,7 +151,7 @@ void des3_crypt_cbc( des3_context *ctx, int mode, int length, unsigned char iv[8], - unsigned char *input, + const unsigned char *input, unsigned char *output ); /* diff --git a/include/polarssl/dhm.h b/include/polarssl/dhm.h index 93cf4baf7..b6f3348d6 100644 --- a/include/polarssl/dhm.h +++ b/include/polarssl/dhm.h @@ -60,7 +60,7 @@ extern "C" { */ int dhm_read_params( dhm_context *ctx, unsigned char **p, - unsigned char *end ); + const unsigned char *end ); /** * \brief Setup and write the ServerKeyExchange parameters @@ -92,7 +92,7 @@ int dhm_make_params( dhm_context *ctx, int s_size, * \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code */ int dhm_read_public( dhm_context *ctx, - unsigned char *input, int ilen ); + const unsigned char *input, int ilen ); /** * \brief Create own private value X and export G^X diff --git a/include/polarssl/md2.h b/include/polarssl/md2.h index 262903962..37eef0a3a 100644 --- a/include/polarssl/md2.h +++ b/include/polarssl/md2.h @@ -56,7 +56,7 @@ void md2_starts( md2_context *ctx ); * \param input buffer holding the data * \param ilen length of the input data */ -void md2_update( md2_context *ctx, unsigned char *input, int ilen ); +void md2_update( md2_context *ctx, const unsigned char *input, int ilen ); /** * \brief MD2 final digest @@ -73,7 +73,7 @@ void md2_finish( md2_context *ctx, unsigned char output[16] ); * \param ilen length of the input data * \param output MD2 checksum result */ -void md2( unsigned char *input, int ilen, unsigned char output[16] ); +void md2( const unsigned char *input, int ilen, unsigned char output[16] ); /** * \brief Output = MD2( file contents ) @@ -84,7 +84,7 @@ void md2( unsigned char *input, int ilen, unsigned char output[16] ); * \return 0 if successful, 1 if fopen failed, * or 2 if fread failed */ -int md2_file( char *path, unsigned char output[16] ); +int md2_file( const char *path, unsigned char output[16] ); /** * \brief MD2 HMAC context setup @@ -93,7 +93,7 @@ int md2_file( char *path, unsigned char output[16] ); * \param key HMAC secret key * \param keylen length of the HMAC key */ -void md2_hmac_starts( md2_context *ctx, unsigned char *key, int keylen ); +void md2_hmac_starts( md2_context *ctx, const unsigned char *key, int keylen ); /** * \brief MD2 HMAC process buffer @@ -102,7 +102,7 @@ void md2_hmac_starts( md2_context *ctx, unsigned char *key, int keylen ); * \param input buffer holding the data * \param ilen length of the input data */ -void md2_hmac_update( md2_context *ctx, unsigned char *input, int ilen ); +void md2_hmac_update( md2_context *ctx, const unsigned char *input, int ilen ); /** * \brief MD2 HMAC final digest @@ -121,8 +121,8 @@ void md2_hmac_finish( md2_context *ctx, unsigned char output[16] ); * \param ilen length of the input data * \param output HMAC-MD2 result */ -void md2_hmac( unsigned char *key, int keylen, - unsigned char *input, int ilen, +void md2_hmac( const unsigned char *key, int keylen, + const unsigned char *input, int ilen, unsigned char output[16] ); /** diff --git a/include/polarssl/md4.h b/include/polarssl/md4.h index 6a9475250..c590736bf 100644 --- a/include/polarssl/md4.h +++ b/include/polarssl/md4.h @@ -55,7 +55,7 @@ void md4_starts( md4_context *ctx ); * \param input buffer holding the data * \param ilen length of the input data */ -void md4_update( md4_context *ctx, unsigned char *input, int ilen ); +void md4_update( md4_context *ctx, const unsigned char *input, int ilen ); /** * \brief MD4 final digest @@ -72,7 +72,7 @@ void md4_finish( md4_context *ctx, unsigned char output[16] ); * \param ilen length of the input data * \param output MD4 checksum result */ -void md4( unsigned char *input, int ilen, unsigned char output[16] ); +void md4( const unsigned char *input, int ilen, unsigned char output[16] ); /** * \brief Output = MD4( file contents ) @@ -83,7 +83,7 @@ void md4( unsigned char *input, int ilen, unsigned char output[16] ); * \return 0 if successful, 1 if fopen failed, * or 2 if fread failed */ -int md4_file( char *path, unsigned char output[16] ); +int md4_file( const char *path, unsigned char output[16] ); /** * \brief MD4 HMAC context setup @@ -92,7 +92,7 @@ int md4_file( char *path, unsigned char output[16] ); * \param key HMAC secret key * \param keylen length of the HMAC key */ -void md4_hmac_starts( md4_context *ctx, unsigned char *key, int keylen ); +void md4_hmac_starts( md4_context *ctx, const unsigned char *key, int keylen ); /** * \brief MD4 HMAC process buffer @@ -101,7 +101,7 @@ void md4_hmac_starts( md4_context *ctx, unsigned char *key, int keylen ); * \param input buffer holding the data * \param ilen length of the input data */ -void md4_hmac_update( md4_context *ctx, unsigned char *input, int ilen ); +void md4_hmac_update( md4_context *ctx, const unsigned char *input, int ilen ); /** * \brief MD4 HMAC final digest @@ -120,8 +120,8 @@ void md4_hmac_finish( md4_context *ctx, unsigned char output[16] ); * \param ilen length of the input data * \param output HMAC-MD4 result */ -void md4_hmac( unsigned char *key, int keylen, - unsigned char *input, int ilen, +void md4_hmac( const unsigned char *key, int keylen, + const unsigned char *input, int ilen, unsigned char output[16] ); /** diff --git a/include/polarssl/md5.h b/include/polarssl/md5.h index a69024d11..2f62ed1d5 100644 --- a/include/polarssl/md5.h +++ b/include/polarssl/md5.h @@ -55,7 +55,7 @@ void md5_starts( md5_context *ctx ); * \param input buffer holding the data * \param ilen length of the input data */ -void md5_update( md5_context *ctx, unsigned char *input, int ilen ); +void md5_update( md5_context *ctx, const unsigned char *input, int ilen ); /** * \brief MD5 final digest @@ -72,7 +72,7 @@ void md5_finish( md5_context *ctx, unsigned char output[16] ); * \param ilen length of the input data * \param output MD5 checksum result */ -void md5( unsigned char *input, int ilen, unsigned char output[16] ); +void md5( const unsigned char *input, int ilen, unsigned char output[16] ); /** * \brief Output = MD5( file contents ) @@ -83,7 +83,7 @@ void md5( unsigned char *input, int ilen, unsigned char output[16] ); * \return 0 if successful, 1 if fopen failed, * or 2 if fread failed */ -int md5_file( char *path, unsigned char output[16] ); +int md5_file( const char *path, unsigned char output[16] ); /** * \brief MD5 HMAC context setup @@ -92,7 +92,8 @@ int md5_file( char *path, unsigned char output[16] ); * \param key HMAC secret key * \param keylen length of the HMAC key */ -void md5_hmac_starts( md5_context *ctx, unsigned char *key, int keylen ); +void md5_hmac_starts( md5_context *ctx, + const unsigned char *key, int keylen ); /** * \brief MD5 HMAC process buffer @@ -101,7 +102,8 @@ void md5_hmac_starts( md5_context *ctx, unsigned char *key, int keylen ); * \param input buffer holding the data * \param ilen length of the input data */ -void md5_hmac_update( md5_context *ctx, unsigned char *input, int ilen ); +void md5_hmac_update( md5_context *ctx, + const unsigned char *input, int ilen ); /** * \brief MD5 HMAC final digest @@ -120,8 +122,8 @@ void md5_hmac_finish( md5_context *ctx, unsigned char output[16] ); * \param ilen length of the input data * \param output HMAC-MD5 result */ -void md5_hmac( unsigned char *key, int keylen, - unsigned char *input, int ilen, +void md5_hmac( const unsigned char *key, int keylen, + const unsigned char *input, int ilen, unsigned char output[16] ); /** diff --git a/include/polarssl/net.h b/include/polarssl/net.h index eff53cb5b..8a5fc4ead 100644 --- a/include/polarssl/net.h +++ b/include/polarssl/net.h @@ -50,7 +50,7 @@ extern "C" { * POLARSSL_ERR_NET_UNKNOWN_HOST, * POLARSSL_ERR_NET_CONNECT_FAILED */ -int net_connect( int *fd, char *host, int port ); +int net_connect( int *fd, const char *host, int port ); /** * \brief Create a listening socket on bind_ip:port. @@ -65,7 +65,7 @@ int net_connect( int *fd, char *host, int port ); * POLARSSL_ERR_NET_BIND_FAILED, * POLARSSL_ERR_NET_LISTEN_FAILED */ -int net_bind( int *fd, char *bind_ip, int port ); +int net_bind( int *fd, const char *bind_ip, int port ); /** * \brief Accept a connection from a remote client @@ -127,8 +127,8 @@ int net_recv( void *ctx, unsigned char *buf, int len ); * the actual amount read is returned. * * \param ctx Socket - * \param buf The buffer to write to - * \param len Maximum length of the buffer + * \param buf The buffer to read from + * \param len The length of the buffer * * \return This function returns the number of bytes sent, * or a non-zero error code; POLARSSL_ERR_NET_TRY_AGAIN diff --git a/include/polarssl/padlock.h b/include/polarssl/padlock.h index 4cc6be27b..cde76aee2 100644 --- a/include/polarssl/padlock.h +++ b/include/polarssl/padlock.h @@ -63,7 +63,7 @@ int padlock_supports( int feature ); */ int padlock_xcryptecb( aes_context *ctx, int mode, - unsigned char input[16], + const unsigned char input[16], unsigned char output[16] ); /** @@ -82,7 +82,7 @@ int padlock_xcryptcbc( aes_context *ctx, int mode, int length, unsigned char iv[16], - unsigned char *input, + const unsigned char *input, unsigned char *output ); #ifdef __cplusplus diff --git a/include/polarssl/rsa.h b/include/polarssl/rsa.h index 295a2db6f..e7ee76a5d 100644 --- a/include/polarssl/rsa.h +++ b/include/polarssl/rsa.h @@ -192,7 +192,7 @@ int rsa_gen_key( rsa_context *ctx, int nbits, int exponent ); * * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code */ -int rsa_check_pubkey( rsa_context *ctx ); +int rsa_check_pubkey( const rsa_context *ctx ); /** * \brief Check a private RSA key @@ -201,7 +201,7 @@ int rsa_check_pubkey( rsa_context *ctx ); * * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code */ -int rsa_check_privkey( rsa_context *ctx ); +int rsa_check_privkey( const rsa_context *ctx ); /** * \brief Do an RSA public key operation @@ -220,7 +220,7 @@ int rsa_check_privkey( rsa_context *ctx ); * enough (eg. 128 bytes if RSA-1024 is used). */ int rsa_public( rsa_context *ctx, - unsigned char *input, + const unsigned char *input, unsigned char *output ); /** @@ -236,7 +236,7 @@ int rsa_public( rsa_context *ctx, * enough (eg. 128 bytes if RSA-1024 is used). */ int rsa_private( rsa_context *ctx, - unsigned char *input, + const unsigned char *input, unsigned char *output ); /** @@ -255,7 +255,7 @@ int rsa_private( rsa_context *ctx, */ int rsa_pkcs1_encrypt( rsa_context *ctx, int mode, int ilen, - unsigned char *input, + const unsigned char *input, unsigned char *output ); /** @@ -276,7 +276,7 @@ int rsa_pkcs1_encrypt( rsa_context *ctx, */ int rsa_pkcs1_decrypt( rsa_context *ctx, int mode, int *olen, - unsigned char *input, + const unsigned char *input, unsigned char *output, int output_max_len ); @@ -300,7 +300,7 @@ int rsa_pkcs1_sign( rsa_context *ctx, int mode, int hash_id, int hashlen, - unsigned char *hash, + const unsigned char *hash, unsigned char *sig ); /** @@ -323,7 +323,7 @@ int rsa_pkcs1_verify( rsa_context *ctx, int mode, int hash_id, int hashlen, - unsigned char *hash, + const unsigned char *hash, unsigned char *sig ); /** diff --git a/include/polarssl/sha1.h b/include/polarssl/sha1.h index 01e522d5d..ec084500a 100644 --- a/include/polarssl/sha1.h +++ b/include/polarssl/sha1.h @@ -55,7 +55,7 @@ void sha1_starts( sha1_context *ctx ); * \param input buffer holding the data * \param ilen length of the input data */ -void sha1_update( sha1_context *ctx, unsigned char *input, int ilen ); +void sha1_update( sha1_context *ctx, const unsigned char *input, int ilen ); /** * \brief SHA-1 final digest @@ -72,7 +72,7 @@ void sha1_finish( sha1_context *ctx, unsigned char output[20] ); * \param ilen length of the input data * \param output SHA-1 checksum result */ -void sha1( unsigned char *input, int ilen, unsigned char output[20] ); +void sha1( const unsigned char *input, int ilen, unsigned char output[20] ); /** * \brief Output = SHA-1( file contents ) @@ -83,7 +83,7 @@ void sha1( unsigned char *input, int ilen, unsigned char output[20] ); * \return 0 if successful, 1 if fopen failed, * or 2 if fread failed */ -int sha1_file( char *path, unsigned char output[20] ); +int sha1_file( const char *path, unsigned char output[20] ); /** * \brief SHA-1 HMAC context setup @@ -92,7 +92,7 @@ int sha1_file( char *path, unsigned char output[20] ); * \param key HMAC secret key * \param keylen length of the HMAC key */ -void sha1_hmac_starts( sha1_context *ctx, unsigned char *key, int keylen ); +void sha1_hmac_starts( sha1_context *ctx, const unsigned char *key, int keylen ); /** * \brief SHA-1 HMAC process buffer @@ -101,7 +101,7 @@ void sha1_hmac_starts( sha1_context *ctx, unsigned char *key, int keylen ); * \param input buffer holding the data * \param ilen length of the input data */ -void sha1_hmac_update( sha1_context *ctx, unsigned char *input, int ilen ); +void sha1_hmac_update( sha1_context *ctx, const unsigned char *input, int ilen ); /** * \brief SHA-1 HMAC final digest @@ -120,8 +120,8 @@ void sha1_hmac_finish( sha1_context *ctx, unsigned char output[20] ); * \param ilen length of the input data * \param output HMAC-SHA-1 result */ -void sha1_hmac( unsigned char *key, int keylen, - unsigned char *input, int ilen, +void sha1_hmac( const unsigned char *key, int keylen, + const unsigned char *input, int ilen, unsigned char output[20] ); /** diff --git a/include/polarssl/sha2.h b/include/polarssl/sha2.h index f3d31ccd7..8b65e9f67 100644 --- a/include/polarssl/sha2.h +++ b/include/polarssl/sha2.h @@ -57,7 +57,7 @@ void sha2_starts( sha2_context *ctx, int is224 ); * \param input buffer holding the data * \param ilen length of the input data */ -void sha2_update( sha2_context *ctx, unsigned char *input, int ilen ); +void sha2_update( sha2_context *ctx, const unsigned char *input, int ilen ); /** * \brief SHA-256 final digest @@ -75,7 +75,7 @@ void sha2_finish( sha2_context *ctx, unsigned char output[32] ); * \param output SHA-224/256 checksum result * \param is224 0 = use SHA256, 1 = use SHA224 */ -void sha2( unsigned char *input, int ilen, +void sha2( const unsigned char *input, int ilen, unsigned char output[32], int is224 ); /** @@ -88,7 +88,7 @@ void sha2( unsigned char *input, int ilen, * \return 0 if successful, 1 if fopen failed, * or 2 if fread failed */ -int sha2_file( char *path, unsigned char output[32], int is224 ); +int sha2_file( const char *path, unsigned char output[32], int is224 ); /** * \brief SHA-256 HMAC context setup @@ -98,7 +98,7 @@ int sha2_file( char *path, unsigned char output[32], int is224 ); * \param keylen length of the HMAC key * \param is224 0 = use SHA256, 1 = use SHA224 */ -void sha2_hmac_starts( sha2_context *ctx, unsigned char *key, int keylen, +void sha2_hmac_starts( sha2_context *ctx, const unsigned char *key, int keylen, int is224 ); /** @@ -108,7 +108,7 @@ void sha2_hmac_starts( sha2_context *ctx, unsigned char *key, int keylen, * \param input buffer holding the data * \param ilen length of the input data */ -void sha2_hmac_update( sha2_context *ctx, unsigned char *input, int ilen ); +void sha2_hmac_update( sha2_context *ctx, const unsigned char *input, int ilen ); /** * \brief SHA-256 HMAC final digest @@ -128,8 +128,8 @@ void sha2_hmac_finish( sha2_context *ctx, unsigned char output[32] ); * \param output HMAC-SHA-224/256 result * \param is224 0 = use SHA256, 1 = use SHA224 */ -void sha2_hmac( unsigned char *key, int keylen, - unsigned char *input, int ilen, +void sha2_hmac( const unsigned char *key, int keylen, + const unsigned char *input, int ilen, unsigned char output[32], int is224 ); /** diff --git a/include/polarssl/sha4.h b/include/polarssl/sha4.h index 114c60d13..3a14c9164 100644 --- a/include/polarssl/sha4.h +++ b/include/polarssl/sha4.h @@ -65,7 +65,7 @@ void sha4_starts( sha4_context *ctx, int is384 ); * \param input buffer holding the data * \param ilen length of the input data */ -void sha4_update( sha4_context *ctx, unsigned char *input, int ilen ); +void sha4_update( sha4_context *ctx, const unsigned char *input, int ilen ); /** * \brief SHA-512 final digest @@ -83,7 +83,7 @@ void sha4_finish( sha4_context *ctx, unsigned char output[64] ); * \param output SHA-384/512 checksum result * \param is384 0 = use SHA512, 1 = use SHA384 */ -void sha4( unsigned char *input, int ilen, +void sha4( const unsigned char *input, int ilen, unsigned char output[64], int is384 ); /** @@ -96,7 +96,7 @@ void sha4( unsigned char *input, int ilen, * \return 0 if successful, 1 if fopen failed, * or 2 if fread failed */ -int sha4_file( char *path, unsigned char output[64], int is384 ); +int sha4_file( const char *path, unsigned char output[64], int is384 ); /** * \brief SHA-512 HMAC context setup @@ -106,7 +106,7 @@ int sha4_file( char *path, unsigned char output[64], int is384 ); * \param key HMAC secret key * \param keylen length of the HMAC key */ -void sha4_hmac_starts( sha4_context *ctx, unsigned char *key, int keylen, +void sha4_hmac_starts( sha4_context *ctx, const unsigned char *key, int keylen, int is384 ); /** @@ -116,7 +116,7 @@ void sha4_hmac_starts( sha4_context *ctx, unsigned char *key, int keylen, * \param input buffer holding the data * \param ilen length of the input data */ -void sha4_hmac_update( sha4_context *ctx, unsigned char *input, int ilen ); +void sha4_hmac_update( sha4_context *ctx, const unsigned char *input, int ilen ); /** * \brief SHA-512 HMAC final digest @@ -136,8 +136,8 @@ void sha4_hmac_finish( sha4_context *ctx, unsigned char output[64] ); * \param output HMAC-SHA-384/512 result * \param is384 0 = use SHA512, 1 = use SHA384 */ -void sha4_hmac( unsigned char *key, int keylen, - unsigned char *input, int ilen, +void sha4_hmac( const unsigned char *key, int keylen, + const unsigned char *input, int ilen, unsigned char output[64], int is384 ); /** diff --git a/include/polarssl/ssl.h b/include/polarssl/ssl.h index 3868505f5..6b2ee3c72 100644 --- a/include/polarssl/ssl.h +++ b/include/polarssl/ssl.h @@ -90,17 +90,17 @@ /* * Supported ciphersuites */ -#define SSL_RSA_RC4_128_MD5 4 -#define SSL_RSA_RC4_128_SHA 5 -#define SSL_RSA_DES_168_SHA 10 -#define SSL_EDH_RSA_DES_168_SHA 22 -#define SSL_RSA_AES_128_SHA 47 -#define SSL_RSA_AES_256_SHA 53 -#define SSL_EDH_RSA_AES_256_SHA 57 +#define SSL_RSA_RC4_128_MD5 4 +#define SSL_RSA_RC4_128_SHA 5 +#define SSL_RSA_DES_168_SHA 10 +#define SSL_EDH_RSA_DES_168_SHA 22 +#define SSL_RSA_AES_128_SHA 47 +#define SSL_RSA_AES_256_SHA 53 +#define SSL_EDH_RSA_AES_256_SHA 57 -#define SSL_RSA_CAMELLIA_128_SHA 0x41 -#define SSL_RSA_CAMELLIA_256_SHA 0x84 -#define SSL_EDH_RSA_CAMELLIA_256_SHA 0x88 +#define SSL_RSA_CAMELLIA_128_SHA 0x41 +#define SSL_RSA_CAMELLIA_256_SHA 0x84 +#define SSL_EDH_RSA_CAMELLIA_256_SHA 0x88 /* * Message, alert and handshake types @@ -189,7 +189,7 @@ struct _ssl_context * Callbacks (RNG, debug, I/O) */ int (*f_rng)(void *); - void (*f_dbg)(void *, int, char *); + void (*f_dbg)(void *, int, const char *); int (*f_recv)(void *, unsigned char *, int); int (*f_send)(void *, unsigned char *, int); @@ -251,8 +251,8 @@ struct _ssl_context /* * Crypto layer */ - dhm_context dhm_ctx; /*!< DHM key exchange */ - md5_context fin_md5; /*!< Finished MD5 checksum */ + dhm_context dhm_ctx; /*!< DHM key exchange */ + md5_context fin_md5; /*!< Finished MD5 checksum */ sha1_context fin_sha1; /*!< Finished SHA-1 checksum */ int do_crypt; /*!< en(de)cryption flag */ @@ -343,7 +343,7 @@ void ssl_set_rng( ssl_context *ssl, * \param p_dbg debug parameter */ void ssl_set_dbg( ssl_context *ssl, - void (*f_dbg)(void *, int, char *), + void (*f_dbg)(void *, int, const char *), void *p_dbg ); /** @@ -422,7 +422,7 @@ void ssl_set_own_cert( ssl_context *ssl, x509_cert *own_cert, * * \return 0 if successful */ -int ssl_set_dh_param( ssl_context *ssl, char *dhm_P, char *dhm_G ); +int ssl_set_dh_param( ssl_context *ssl, const char *dhm_P, const char *dhm_G ); /** * \brief Set hostname for ServerName TLS Extension @@ -433,7 +433,7 @@ int ssl_set_dh_param( ssl_context *ssl, char *dhm_P, char *dhm_G ); * * \return 0 if successful */ -int ssl_set_hostname( ssl_context *ssl, char *hostname ); +int ssl_set_hostname( ssl_context *ssl, const char *hostname ); /** * \brief Return the number of data bytes available to read @@ -442,7 +442,7 @@ int ssl_set_hostname( ssl_context *ssl, char *hostname ); * * \return how many bytes are available in the read buffer */ -int ssl_get_bytes_avail( ssl_context *ssl ); +int ssl_get_bytes_avail( const ssl_context *ssl ); /** * \brief Return the result of the certificate verification @@ -455,7 +455,7 @@ int ssl_get_bytes_avail( ssl_context *ssl ); * BADCERT_CN_MISMATCH * BADCERT_NOT_TRUSTED */ -int ssl_get_verify_result( ssl_context *ssl ); +int ssl_get_verify_result( const ssl_context *ssl ); /** * \brief Return the name of the current cipher @@ -464,7 +464,7 @@ int ssl_get_verify_result( ssl_context *ssl ); * * \return a string containing the cipher name */ -char *ssl_get_cipher( ssl_context *ssl ); +const char *ssl_get_cipher( const ssl_context *ssl ); /** * \brief Perform the SSL handshake @@ -502,7 +502,7 @@ int ssl_read( ssl_context *ssl, unsigned char *buf, int len ); * it must be called later with the *same* arguments, * until it returns a positive value. */ -int ssl_write( ssl_context *ssl, unsigned char *buf, int len ); +int ssl_write( ssl_context *ssl, const unsigned char *buf, int len ); /** * \brief Notify the peer that the connection is being closed diff --git a/include/polarssl/x509.h b/include/polarssl/x509.h index 808f6deb6..06b979fff 100644 --- a/include/polarssl/x509.h +++ b/include/polarssl/x509.h @@ -270,7 +270,7 @@ extern "C" { * * \return 0 if successful, or a specific X509 error code */ -int x509parse_crt( x509_cert *chain, unsigned char *buf, int buflen ); +int x509parse_crt( x509_cert *chain, const unsigned char *buf, int buflen ); /** * \brief Load one or more certificates and add them @@ -281,7 +281,7 @@ int x509parse_crt( x509_cert *chain, unsigned char *buf, int buflen ); * * \return 0 if successful, or a specific X509 error code */ -int x509parse_crtfile( x509_cert *chain, char *path ); +int x509parse_crtfile( x509_cert *chain, const char *path ); /** * \brief Parse one or more CRLs and add them @@ -293,7 +293,7 @@ int x509parse_crtfile( x509_cert *chain, char *path ); * * \return 0 if successful, or a specific X509 error code */ -int x509parse_crl( x509_crl *chain, unsigned char *buf, int buflen ); +int x509parse_crl( x509_crl *chain, const unsigned char *buf, int buflen ); /** * \brief Load one or more CRLs and add them @@ -304,22 +304,22 @@ int x509parse_crl( x509_crl *chain, unsigned char *buf, int buflen ); * * \return 0 if successful, or a specific X509 error code */ -int x509parse_crlfile( x509_crl *chain, char *path ); +int x509parse_crlfile( x509_crl *chain, const char *path ); /** * \brief Parse a private RSA key * * \param rsa RSA context to be initialized - * \param buf input buffer - * \param buflen size of the buffer + * \param key input buffer + * \param keylen size of the buffer * \param pwd password for decryption (optional) * \param pwdlen size of the password * * \return 0 if successful, or a specific X509 error code */ int x509parse_key( rsa_context *rsa, - unsigned char *buf, int buflen, - unsigned char *pwd, int pwdlen ); + const unsigned char *key, int keylen, + const unsigned char *pwd, int pwdlen ); /** * \brief Load and parse a private RSA key @@ -330,7 +330,8 @@ int x509parse_key( rsa_context *rsa, * * \return 0 if successful, or a specific X509 error code */ -int x509parse_keyfile( rsa_context *rsa, char *path, char *password ); +int x509parse_keyfile( rsa_context *rsa, const char *path, + const char *password ); /** * \brief Store the certificate DN in printable form into buf; @@ -343,7 +344,7 @@ int x509parse_keyfile( rsa_context *rsa, char *path, char *password ); * \return The amount of data written to the buffer, or -1 in * case of an error. */ -int x509parse_dn_gets( char *buf, size_t size, x509_name *dn ); +int x509parse_dn_gets( char *buf, size_t size, const x509_name *dn ); /** * \brief Returns an informational string about the @@ -357,7 +358,8 @@ int x509parse_dn_gets( char *buf, size_t size, x509_name *dn ); * \return The amount of data written to the buffer, or -1 in * case of an error. */ -int x509parse_cert_info( char *buf, size_t size, char *prefix, x509_cert *crt ); +int x509parse_cert_info( char *buf, size_t size, const char *prefix, + const x509_cert *crt ); /** * \brief Returns an informational string about the @@ -371,7 +373,8 @@ int x509parse_cert_info( char *buf, size_t size, char *prefix, x509_cert *crt ); * \return The amount of data written to the buffer, or -1 in * case of an error. */ -int x509parse_crl_info( char *buf, size_t size, char *prefix, x509_crl *crl ); +int x509parse_crl_info( char *buf, size_t size, const char *prefix, + const x509_crl *crl ); /** * \brief Check a given x509_time against the system time and check @@ -382,7 +385,7 @@ int x509parse_crl_info( char *buf, size_t size, char *prefix, x509_crl *crl ); * \return Return 0 if the x509_time is still valid, * or 1 otherwise. */ -int x509parse_time_expired( x509_time *time ); +int x509parse_time_expired( const x509_time *time ); /** * \brief Verify the certificate signature @@ -407,7 +410,7 @@ int x509parse_time_expired( x509_time *time ); int x509parse_verify( x509_cert *crt, x509_cert *trust_ca, x509_crl *ca_crl, - char *cn, int *flags ); + const char *cn, int *flags ); /** * \brief Unallocate all certificate data diff --git a/library/Makefile b/library/Makefile index 205c6a2f0..4ba960cca 100644 --- a/library/Makefile +++ b/library/Makefile @@ -1,58 +1,820 @@ +# CMAKE generated file: DO NOT EDIT! +# Generated by "Unix Makefiles" Generator, CMake Version 2.8 -# Also see "include/polarssl/config.h" +# Default target executed when no arguments are given to make. +default_target: all +.PHONY : default_target -CFLAGS = -I../include -D_FILE_OFFSET_BITS=64 -Wall -Wdeclaration-after-statement -OFLAGS = -O +#============================================================================= +# Special targets provided by cmake. -# MicroBlaze specific options: -# CFLAGS += -mno-xl-soft-mul -mxl-barrel-shift +# Disable implicit rules so canoncical targets will work. +.SUFFIXES: -# To compile on Plan9: -# CFLAGS += -D_BSD_EXTENSION +# Remove some rules from gmake that .SUFFIXES does not remove. +SUFFIXES = -# To compile as a shared library: -# CFLAGS += -fPIC +.SUFFIXES: .hpux_make_needs_suffix_list -DLEXT=so -# OSX shared library extension: -# DLEXT=dylib +# Suppress display of executed commands. +$(VERBOSE).SILENT: -OBJS= aes.o arc4.o base64.o \ - bignum.o certs.o debug.o \ - des.o dhm.o havege.o \ - md2.o md4.o md5.o \ - net.o padlock.o rsa.o \ - sha1.o sha2.o sha4.o \ - ssl_cli.o ssl_srv.o ssl_tls.o \ - timing.o x509parse.o xtea.o \ - camellia.o +# A target that is always out of date. +cmake_force: +.PHONY : cmake_force -.SILENT: +#============================================================================= +# Set environment variables for the build. -all: static +# The shell in which to execute make rules. +SHELL = /bin/sh -static: libpolarssl.a +# The CMake executable. +CMAKE_COMMAND = /usr/bin/cmake -shared: libpolarssl.$(DLEXT) +# The command to remove a file. +RM = /usr/bin/cmake -E remove -f -libpolarssl.a: $(OBJS) - echo " AR $@" - ar r $@ $(OBJS) - echo " RL $@" - ranlib $@ +# The top-level source directory on which CMake was run. +CMAKE_SOURCE_DIR = /home/paul/src/polarssl -libpolarssl.so: libpolarssl.a - echo " LD $@" - $(CC) -shared -Wl,-soname,$@ -o $@ $(OBJS) +# The top-level build directory on which CMake was run. +CMAKE_BINARY_DIR = /home/paul/src/polarssl -libpolarssl.dylib: libpolarssl.a - echo " LD $@" - $(CC) -dynamiclib -o $@ $(OBJS) +#============================================================================= +# Targets provided globally by CMake. -.c.o: - echo " CC $<" - $(CC) $(CFLAGS) $(OFLAGS) -c $< +# Special rule for the target edit_cache +edit_cache: + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --cyan "Running interactive CMake command-line interface..." + /usr/bin/cmake -i . +.PHONY : edit_cache +# Special rule for the target edit_cache +edit_cache/fast: edit_cache +.PHONY : edit_cache/fast + +# Special rule for the target rebuild_cache +rebuild_cache: + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --cyan "Running CMake to regenerate build system..." + /usr/bin/cmake -H$(CMAKE_SOURCE_DIR) -B$(CMAKE_BINARY_DIR) +.PHONY : rebuild_cache + +# Special rule for the target rebuild_cache +rebuild_cache/fast: rebuild_cache +.PHONY : rebuild_cache/fast + +# Special rule for the target test +test: + @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --cyan "Running tests..." + /usr/bin/ctest --force-new-ctest-process $(ARGS) +.PHONY : test + +# Special rule for the target test +test/fast: test +.PHONY : test/fast + +# The main all target +all: cmake_check_build_system + cd /home/paul/src/polarssl && $(CMAKE_COMMAND) -E cmake_progress_start /home/paul/src/polarssl/CMakeFiles /home/paul/src/polarssl/library/CMakeFiles/progress.marks + cd /home/paul/src/polarssl && $(MAKE) -f CMakeFiles/Makefile2 library/all + $(CMAKE_COMMAND) -E cmake_progress_start /home/paul/src/polarssl/CMakeFiles 0 +.PHONY : all + +# The main clean target clean: - rm -f *.o libpolarssl.* + cd /home/paul/src/polarssl && $(MAKE) -f CMakeFiles/Makefile2 library/clean +.PHONY : clean + +# The main clean target +clean/fast: clean +.PHONY : clean/fast + +# Prepare targets for installation. +preinstall: all + cd /home/paul/src/polarssl && $(MAKE) -f CMakeFiles/Makefile2 library/preinstall +.PHONY : preinstall + +# Prepare targets for installation. +preinstall/fast: + cd /home/paul/src/polarssl && $(MAKE) -f CMakeFiles/Makefile2 library/preinstall +.PHONY : preinstall/fast + +# clear depends +depend: + cd /home/paul/src/polarssl && $(CMAKE_COMMAND) -H$(CMAKE_SOURCE_DIR) -B$(CMAKE_BINARY_DIR) --check-build-system CMakeFiles/Makefile.cmake 1 +.PHONY : depend + +# Convenience name for target. +library/CMakeFiles/polarssl.dir/rule: + cd /home/paul/src/polarssl && $(MAKE) -f CMakeFiles/Makefile2 library/CMakeFiles/polarssl.dir/rule +.PHONY : library/CMakeFiles/polarssl.dir/rule + +# Convenience name for target. +polarssl: library/CMakeFiles/polarssl.dir/rule +.PHONY : polarssl + +# fast build rule for target. +polarssl/fast: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/build +.PHONY : polarssl/fast + +aes.o: aes.c.o +.PHONY : aes.o + +# target to build an object file +aes.c.o: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/aes.c.o +.PHONY : aes.c.o + +aes.i: aes.c.i +.PHONY : aes.i + +# target to preprocess a source file +aes.c.i: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/aes.c.i +.PHONY : aes.c.i + +aes.s: aes.c.s +.PHONY : aes.s + +# target to generate assembly for a file +aes.c.s: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/aes.c.s +.PHONY : aes.c.s + +arc4.o: arc4.c.o +.PHONY : arc4.o + +# target to build an object file +arc4.c.o: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/arc4.c.o +.PHONY : arc4.c.o + +arc4.i: arc4.c.i +.PHONY : arc4.i + +# target to preprocess a source file +arc4.c.i: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/arc4.c.i +.PHONY : arc4.c.i + +arc4.s: arc4.c.s +.PHONY : arc4.s + +# target to generate assembly for a file +arc4.c.s: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/arc4.c.s +.PHONY : arc4.c.s + +base64.o: base64.c.o +.PHONY : base64.o + +# target to build an object file +base64.c.o: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/base64.c.o +.PHONY : base64.c.o + +base64.i: base64.c.i +.PHONY : base64.i + +# target to preprocess a source file +base64.c.i: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/base64.c.i +.PHONY : base64.c.i + +base64.s: base64.c.s +.PHONY : base64.s + +# target to generate assembly for a file +base64.c.s: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/base64.c.s +.PHONY : base64.c.s + +bignum.o: bignum.c.o +.PHONY : bignum.o + +# target to build an object file +bignum.c.o: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/bignum.c.o +.PHONY : bignum.c.o + +bignum.i: bignum.c.i +.PHONY : bignum.i + +# target to preprocess a source file +bignum.c.i: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/bignum.c.i +.PHONY : bignum.c.i + +bignum.s: bignum.c.s +.PHONY : bignum.s + +# target to generate assembly for a file +bignum.c.s: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/bignum.c.s +.PHONY : bignum.c.s + +camellia.o: camellia.c.o +.PHONY : camellia.o + +# target to build an object file +camellia.c.o: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/camellia.c.o +.PHONY : camellia.c.o + +camellia.i: camellia.c.i +.PHONY : camellia.i + +# target to preprocess a source file +camellia.c.i: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/camellia.c.i +.PHONY : camellia.c.i + +camellia.s: camellia.c.s +.PHONY : camellia.s + +# target to generate assembly for a file +camellia.c.s: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/camellia.c.s +.PHONY : camellia.c.s + +certs.o: certs.c.o +.PHONY : certs.o + +# target to build an object file +certs.c.o: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/certs.c.o +.PHONY : certs.c.o + +certs.i: certs.c.i +.PHONY : certs.i + +# target to preprocess a source file +certs.c.i: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/certs.c.i +.PHONY : certs.c.i + +certs.s: certs.c.s +.PHONY : certs.s + +# target to generate assembly for a file +certs.c.s: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/certs.c.s +.PHONY : certs.c.s + +debug.o: debug.c.o +.PHONY : debug.o + +# target to build an object file +debug.c.o: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/debug.c.o +.PHONY : debug.c.o + +debug.i: debug.c.i +.PHONY : debug.i + +# target to preprocess a source file +debug.c.i: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/debug.c.i +.PHONY : debug.c.i + +debug.s: debug.c.s +.PHONY : debug.s + +# target to generate assembly for a file +debug.c.s: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/debug.c.s +.PHONY : debug.c.s + +des.o: des.c.o +.PHONY : des.o + +# target to build an object file +des.c.o: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/des.c.o +.PHONY : des.c.o + +des.i: des.c.i +.PHONY : des.i + +# target to preprocess a source file +des.c.i: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/des.c.i +.PHONY : des.c.i + +des.s: des.c.s +.PHONY : des.s + +# target to generate assembly for a file +des.c.s: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/des.c.s +.PHONY : des.c.s + +dhm.o: dhm.c.o +.PHONY : dhm.o + +# target to build an object file +dhm.c.o: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/dhm.c.o +.PHONY : dhm.c.o + +dhm.i: dhm.c.i +.PHONY : dhm.i + +# target to preprocess a source file +dhm.c.i: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/dhm.c.i +.PHONY : dhm.c.i + +dhm.s: dhm.c.s +.PHONY : dhm.s + +# target to generate assembly for a file +dhm.c.s: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/dhm.c.s +.PHONY : dhm.c.s + +havege.o: havege.c.o +.PHONY : havege.o + +# target to build an object file +havege.c.o: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/havege.c.o +.PHONY : havege.c.o + +havege.i: havege.c.i +.PHONY : havege.i + +# target to preprocess a source file +havege.c.i: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/havege.c.i +.PHONY : havege.c.i + +havege.s: havege.c.s +.PHONY : havege.s + +# target to generate assembly for a file +havege.c.s: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/havege.c.s +.PHONY : havege.c.s + +md2.o: md2.c.o +.PHONY : md2.o + +# target to build an object file +md2.c.o: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/md2.c.o +.PHONY : md2.c.o + +md2.i: md2.c.i +.PHONY : md2.i + +# target to preprocess a source file +md2.c.i: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/md2.c.i +.PHONY : md2.c.i + +md2.s: md2.c.s +.PHONY : md2.s + +# target to generate assembly for a file +md2.c.s: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/md2.c.s +.PHONY : md2.c.s + +md4.o: md4.c.o +.PHONY : md4.o + +# target to build an object file +md4.c.o: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/md4.c.o +.PHONY : md4.c.o + +md4.i: md4.c.i +.PHONY : md4.i + +# target to preprocess a source file +md4.c.i: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/md4.c.i +.PHONY : md4.c.i + +md4.s: md4.c.s +.PHONY : md4.s + +# target to generate assembly for a file +md4.c.s: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/md4.c.s +.PHONY : md4.c.s + +md5.o: md5.c.o +.PHONY : md5.o + +# target to build an object file +md5.c.o: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/md5.c.o +.PHONY : md5.c.o + +md5.i: md5.c.i +.PHONY : md5.i + +# target to preprocess a source file +md5.c.i: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/md5.c.i +.PHONY : md5.c.i + +md5.s: md5.c.s +.PHONY : md5.s + +# target to generate assembly for a file +md5.c.s: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/md5.c.s +.PHONY : md5.c.s + +net.o: net.c.o +.PHONY : net.o + +# target to build an object file +net.c.o: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/net.c.o +.PHONY : net.c.o + +net.i: net.c.i +.PHONY : net.i + +# target to preprocess a source file +net.c.i: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/net.c.i +.PHONY : net.c.i + +net.s: net.c.s +.PHONY : net.s + +# target to generate assembly for a file +net.c.s: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/net.c.s +.PHONY : net.c.s + +padlock.o: padlock.c.o +.PHONY : padlock.o + +# target to build an object file +padlock.c.o: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/padlock.c.o +.PHONY : padlock.c.o + +padlock.i: padlock.c.i +.PHONY : padlock.i + +# target to preprocess a source file +padlock.c.i: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/padlock.c.i +.PHONY : padlock.c.i + +padlock.s: padlock.c.s +.PHONY : padlock.s + +# target to generate assembly for a file +padlock.c.s: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/padlock.c.s +.PHONY : padlock.c.s + +rsa.o: rsa.c.o +.PHONY : rsa.o + +# target to build an object file +rsa.c.o: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/rsa.c.o +.PHONY : rsa.c.o + +rsa.i: rsa.c.i +.PHONY : rsa.i + +# target to preprocess a source file +rsa.c.i: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/rsa.c.i +.PHONY : rsa.c.i + +rsa.s: rsa.c.s +.PHONY : rsa.s + +# target to generate assembly for a file +rsa.c.s: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/rsa.c.s +.PHONY : rsa.c.s + +sha1.o: sha1.c.o +.PHONY : sha1.o + +# target to build an object file +sha1.c.o: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/sha1.c.o +.PHONY : sha1.c.o + +sha1.i: sha1.c.i +.PHONY : sha1.i + +# target to preprocess a source file +sha1.c.i: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/sha1.c.i +.PHONY : sha1.c.i + +sha1.s: sha1.c.s +.PHONY : sha1.s + +# target to generate assembly for a file +sha1.c.s: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/sha1.c.s +.PHONY : sha1.c.s + +sha2.o: sha2.c.o +.PHONY : sha2.o + +# target to build an object file +sha2.c.o: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/sha2.c.o +.PHONY : sha2.c.o + +sha2.i: sha2.c.i +.PHONY : sha2.i + +# target to preprocess a source file +sha2.c.i: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/sha2.c.i +.PHONY : sha2.c.i + +sha2.s: sha2.c.s +.PHONY : sha2.s + +# target to generate assembly for a file +sha2.c.s: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/sha2.c.s +.PHONY : sha2.c.s + +sha4.o: sha4.c.o +.PHONY : sha4.o + +# target to build an object file +sha4.c.o: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/sha4.c.o +.PHONY : sha4.c.o + +sha4.i: sha4.c.i +.PHONY : sha4.i + +# target to preprocess a source file +sha4.c.i: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/sha4.c.i +.PHONY : sha4.c.i + +sha4.s: sha4.c.s +.PHONY : sha4.s + +# target to generate assembly for a file +sha4.c.s: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/sha4.c.s +.PHONY : sha4.c.s + +ssl_cli.o: ssl_cli.c.o +.PHONY : ssl_cli.o + +# target to build an object file +ssl_cli.c.o: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/ssl_cli.c.o +.PHONY : ssl_cli.c.o + +ssl_cli.i: ssl_cli.c.i +.PHONY : ssl_cli.i + +# target to preprocess a source file +ssl_cli.c.i: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/ssl_cli.c.i +.PHONY : ssl_cli.c.i + +ssl_cli.s: ssl_cli.c.s +.PHONY : ssl_cli.s + +# target to generate assembly for a file +ssl_cli.c.s: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/ssl_cli.c.s +.PHONY : ssl_cli.c.s + +ssl_srv.o: ssl_srv.c.o +.PHONY : ssl_srv.o + +# target to build an object file +ssl_srv.c.o: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/ssl_srv.c.o +.PHONY : ssl_srv.c.o + +ssl_srv.i: ssl_srv.c.i +.PHONY : ssl_srv.i + +# target to preprocess a source file +ssl_srv.c.i: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/ssl_srv.c.i +.PHONY : ssl_srv.c.i + +ssl_srv.s: ssl_srv.c.s +.PHONY : ssl_srv.s + +# target to generate assembly for a file +ssl_srv.c.s: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/ssl_srv.c.s +.PHONY : ssl_srv.c.s + +ssl_tls.o: ssl_tls.c.o +.PHONY : ssl_tls.o + +# target to build an object file +ssl_tls.c.o: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/ssl_tls.c.o +.PHONY : ssl_tls.c.o + +ssl_tls.i: ssl_tls.c.i +.PHONY : ssl_tls.i + +# target to preprocess a source file +ssl_tls.c.i: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/ssl_tls.c.i +.PHONY : ssl_tls.c.i + +ssl_tls.s: ssl_tls.c.s +.PHONY : ssl_tls.s + +# target to generate assembly for a file +ssl_tls.c.s: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/ssl_tls.c.s +.PHONY : ssl_tls.c.s + +timing.o: timing.c.o +.PHONY : timing.o + +# target to build an object file +timing.c.o: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/timing.c.o +.PHONY : timing.c.o + +timing.i: timing.c.i +.PHONY : timing.i + +# target to preprocess a source file +timing.c.i: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/timing.c.i +.PHONY : timing.c.i + +timing.s: timing.c.s +.PHONY : timing.s + +# target to generate assembly for a file +timing.c.s: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/timing.c.s +.PHONY : timing.c.s + +x509parse.o: x509parse.c.o +.PHONY : x509parse.o + +# target to build an object file +x509parse.c.o: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/x509parse.c.o +.PHONY : x509parse.c.o + +x509parse.i: x509parse.c.i +.PHONY : x509parse.i + +# target to preprocess a source file +x509parse.c.i: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/x509parse.c.i +.PHONY : x509parse.c.i + +x509parse.s: x509parse.c.s +.PHONY : x509parse.s + +# target to generate assembly for a file +x509parse.c.s: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/x509parse.c.s +.PHONY : x509parse.c.s + +xtea.o: xtea.c.o +.PHONY : xtea.o + +# target to build an object file +xtea.c.o: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/xtea.c.o +.PHONY : xtea.c.o + +xtea.i: xtea.c.i +.PHONY : xtea.i + +# target to preprocess a source file +xtea.c.i: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/xtea.c.i +.PHONY : xtea.c.i + +xtea.s: xtea.c.s +.PHONY : xtea.s + +# target to generate assembly for a file +xtea.c.s: + cd /home/paul/src/polarssl && $(MAKE) -f library/CMakeFiles/polarssl.dir/build.make library/CMakeFiles/polarssl.dir/xtea.c.s +.PHONY : xtea.c.s + +# Help Target +help: + @echo "The following are some of the valid targets for this Makefile:" + @echo "... all (the default if no target is provided)" + @echo "... clean" + @echo "... depend" + @echo "... edit_cache" + @echo "... polarssl" + @echo "... rebuild_cache" + @echo "... test" + @echo "... aes.o" + @echo "... aes.i" + @echo "... aes.s" + @echo "... arc4.o" + @echo "... arc4.i" + @echo "... arc4.s" + @echo "... base64.o" + @echo "... base64.i" + @echo "... base64.s" + @echo "... bignum.o" + @echo "... bignum.i" + @echo "... bignum.s" + @echo "... camellia.o" + @echo "... camellia.i" + @echo "... camellia.s" + @echo "... certs.o" + @echo "... certs.i" + @echo "... certs.s" + @echo "... debug.o" + @echo "... debug.i" + @echo "... debug.s" + @echo "... des.o" + @echo "... des.i" + @echo "... des.s" + @echo "... dhm.o" + @echo "... dhm.i" + @echo "... dhm.s" + @echo "... havege.o" + @echo "... havege.i" + @echo "... havege.s" + @echo "... md2.o" + @echo "... md2.i" + @echo "... md2.s" + @echo "... md4.o" + @echo "... md4.i" + @echo "... md4.s" + @echo "... md5.o" + @echo "... md5.i" + @echo "... md5.s" + @echo "... net.o" + @echo "... net.i" + @echo "... net.s" + @echo "... padlock.o" + @echo "... padlock.i" + @echo "... padlock.s" + @echo "... rsa.o" + @echo "... rsa.i" + @echo "... rsa.s" + @echo "... sha1.o" + @echo "... sha1.i" + @echo "... sha1.s" + @echo "... sha2.o" + @echo "... sha2.i" + @echo "... sha2.s" + @echo "... sha4.o" + @echo "... sha4.i" + @echo "... sha4.s" + @echo "... ssl_cli.o" + @echo "... ssl_cli.i" + @echo "... ssl_cli.s" + @echo "... ssl_srv.o" + @echo "... ssl_srv.i" + @echo "... ssl_srv.s" + @echo "... ssl_tls.o" + @echo "... ssl_tls.i" + @echo "... ssl_tls.s" + @echo "... timing.o" + @echo "... timing.i" + @echo "... timing.s" + @echo "... x509parse.o" + @echo "... x509parse.i" + @echo "... x509parse.s" + @echo "... xtea.o" + @echo "... xtea.i" + @echo "... xtea.s" +.PHONY : help + + + +#============================================================================= +# Special targets to cleanup operation of make. + +# Special rule to run CMake to check the build system integrity. +# No rule that depends on this can have commands that come from listfiles +# because they might be regenerated. +cmake_check_build_system: + cd /home/paul/src/polarssl && $(CMAKE_COMMAND) -H$(CMAKE_SOURCE_DIR) -B$(CMAKE_BINARY_DIR) --check-build-system CMakeFiles/Makefile.cmake 0 +.PHONY : cmake_check_build_system diff --git a/library/aes.c b/library/aes.c index 04049a409..373b2a05f 100644 --- a/library/aes.c +++ b/library/aes.c @@ -439,7 +439,7 @@ static void aes_gen_tables( void ) /* * AES key schedule (encryption) */ -int aes_setkey_enc( aes_context *ctx, unsigned char *key, int keysize ) +int aes_setkey_enc( aes_context *ctx, const unsigned char *key, int keysize ) { int i; unsigned long *RK; @@ -544,7 +544,7 @@ int aes_setkey_enc( aes_context *ctx, unsigned char *key, int keysize ) /* * AES key schedule (decryption) */ -int aes_setkey_dec( aes_context *ctx, unsigned char *key, int keysize ) +int aes_setkey_dec( aes_context *ctx, const unsigned char *key, int keysize ) { int i, j; aes_context cty; @@ -649,7 +649,7 @@ int aes_setkey_dec( aes_context *ctx, unsigned char *key, int keysize ) */ void aes_crypt_ecb( aes_context *ctx, int mode, - unsigned char input[16], + const unsigned char input[16], unsigned char output[16] ) { int i; @@ -752,7 +752,7 @@ void aes_crypt_cbc( aes_context *ctx, int mode, int length, unsigned char iv[16], - unsigned char *input, + const unsigned char *input, unsigned char *output ) { int i; @@ -808,7 +808,7 @@ void aes_crypt_cfb128( aes_context *ctx, int length, int *iv_off, unsigned char iv[16], - unsigned char *input, + const unsigned char *input, unsigned char *output ) { int c, n = *iv_off; diff --git a/library/arc4.c b/library/arc4.c index 0dccd5383..fb4542f69 100644 --- a/library/arc4.c +++ b/library/arc4.c @@ -35,7 +35,7 @@ /* * ARC4 key schedule */ -void arc4_setup( arc4_context *ctx, unsigned char *key, int keylen ) +void arc4_setup( arc4_context *ctx, const unsigned char *key, int keylen ) { int i, j, k, a; unsigned char *m; diff --git a/library/base64.c b/library/base64.c index 327c02248..6a6c3aeb7 100644 --- a/library/base64.c +++ b/library/base64.c @@ -59,7 +59,7 @@ static const unsigned char base64_dec_map[128] = * Encode a buffer into base64 format */ int base64_encode( unsigned char *dst, int *dlen, - unsigned char *src, int slen ) + const unsigned char *src, int slen ) { int i, n; int C1, C2, C3; @@ -122,7 +122,7 @@ int base64_encode( unsigned char *dst, int *dlen, * Decode a base64-formatted buffer */ int base64_decode( unsigned char *dst, int *dlen, - unsigned char *src, int slen ) + const unsigned char *src, int slen ) { int i, j, n; unsigned long x; diff --git a/library/bignum.c b/library/bignum.c index f5db63f89..357dd4601 100644 --- a/library/bignum.c +++ b/library/bignum.c @@ -128,7 +128,7 @@ int mpi_grow( mpi *X, int nblimbs ) /* * Copy the contents of Y into X */ -int mpi_copy( mpi *X, mpi *Y ) +int mpi_copy( mpi *X, const mpi *Y ) { int ret, i; @@ -185,7 +185,7 @@ cleanup: /* * Return the number of least significant bits */ -int mpi_lsb( mpi *X ) +int mpi_lsb( const mpi *X ) { int i, j, count = 0; @@ -200,7 +200,7 @@ int mpi_lsb( mpi *X ) /* * Return the number of most significant bits */ -int mpi_msb( mpi *X ) +int mpi_msb( const mpi *X ) { int i, j; @@ -218,7 +218,7 @@ int mpi_msb( mpi *X ) /* * Return the total size in bytes */ -int mpi_size( mpi *X ) +int mpi_size( const mpi *X ) { return( ( mpi_msb( X ) + 7 ) >> 3 ); } @@ -243,9 +243,9 @@ static int mpi_get_digit( t_int *d, int radix, char c ) /* * Import from an ASCII string */ -int mpi_read_string( mpi *X, int radix, char *s ) +int mpi_read_string( mpi *X, int radix, const char *s ) { - int ret, i, j, n; + int ret, i, j, n, slen; t_int d; mpi T; @@ -254,14 +254,16 @@ int mpi_read_string( mpi *X, int radix, char *s ) mpi_init( &T, NULL ); + slen = strlen( s ); + if( radix == 16 ) { - n = BITS_TO_LIMBS( strlen( s ) << 2 ); + n = BITS_TO_LIMBS( slen << 2 ); MPI_CHK( mpi_grow( X, n ) ); MPI_CHK( mpi_lset( X, 0 ) ); - for( i = strlen( s ) - 1, j = 0; i >= 0; i--, j++ ) + for( i = slen - 1, j = 0; i >= 0; i--, j++ ) { if( i == 0 && s[i] == '-' ) { @@ -277,7 +279,7 @@ int mpi_read_string( mpi *X, int radix, char *s ) { MPI_CHK( mpi_lset( X, 0 ) ); - for( i = 0; i < (int) strlen( s ); i++ ) + for( i = 0; i < slen; i++ ) { if( i == 0 && s[i] == '-' ) { @@ -336,7 +338,7 @@ cleanup: /* * Export into an ASCII string */ -int mpi_write_string( mpi *X, int radix, char *s, int *slen ) +int mpi_write_string( const mpi *X, int radix, char *s, int *slen ) { int ret = 0, n; char *p; @@ -429,7 +431,7 @@ int mpi_read_file( mpi *X, int radix, FILE *fin ) /* * Write X into an opened file (or stdout if fout == NULL) */ -int mpi_write_file( char *p, mpi *X, int radix, FILE *fout ) +int mpi_write_file( const char *p, const mpi *X, int radix, FILE *fout ) { int n, ret; size_t slen; @@ -466,7 +468,7 @@ cleanup: /* * Import X from unsigned binary data, big endian */ -int mpi_read_binary( mpi *X, unsigned char *buf, int buflen ) +int mpi_read_binary( mpi *X, const unsigned char *buf, int buflen ) { int ret, i, j, n; @@ -488,7 +490,7 @@ cleanup: /* * Export X into unsigned binary data, big endian */ -int mpi_write_binary( mpi *X, unsigned char *buf, int buflen ) +int mpi_write_binary( const mpi *X, unsigned char *buf, int buflen ) { int i, j, n; @@ -597,7 +599,7 @@ int mpi_shift_r( mpi *X, int count ) /* * Compare unsigned values */ -int mpi_cmp_abs( mpi *X, mpi *Y ) +int mpi_cmp_abs( const mpi *X, const mpi *Y ) { int i, j; @@ -627,7 +629,7 @@ int mpi_cmp_abs( mpi *X, mpi *Y ) /* * Compare signed values */ -int mpi_cmp_mpi( mpi *X, mpi *Y ) +int mpi_cmp_mpi( const mpi *X, const mpi *Y ) { int i, j; @@ -660,7 +662,7 @@ int mpi_cmp_mpi( mpi *X, mpi *Y ) /* * Compare signed values */ -int mpi_cmp_int( mpi *X, int z ) +int mpi_cmp_int( const mpi *X, int z ) { mpi Y; t_int p[1]; @@ -676,14 +678,14 @@ int mpi_cmp_int( mpi *X, int z ) /* * Unsigned addition: X = |A| + |B| (HAC 14.7) */ -int mpi_add_abs( mpi *X, mpi *A, mpi *B ) +int mpi_add_abs( mpi *X, const mpi *A, const mpi *B ) { int ret, i, j; t_int *o, *p, c; if( X == B ) { - mpi *T = A; A = X; B = T; + const mpi *T = A; A = X; B = T; } if( X != A ) @@ -748,7 +750,7 @@ static void mpi_sub_hlp( int n, t_int *s, t_int *d ) /* * Unsigned substraction: X = |A| - |B| (HAC 14.9) */ -int mpi_sub_abs( mpi *X, mpi *A, mpi *B ) +int mpi_sub_abs( mpi *X, const mpi *A, const mpi *B ) { mpi TB; int ret, n; @@ -790,7 +792,7 @@ cleanup: /* * Signed addition: X = A + B */ -int mpi_add_mpi( mpi *X, mpi *A, mpi *B ) +int mpi_add_mpi( mpi *X, const mpi *A, const mpi *B ) { int ret, s = A->s; @@ -821,7 +823,7 @@ cleanup: /* * Signed substraction: X = A - B */ -int mpi_sub_mpi( mpi *X, mpi *A, mpi *B ) +int mpi_sub_mpi( mpi *X, const mpi *A, const mpi *B ) { int ret, s = A->s; @@ -852,7 +854,7 @@ cleanup: /* * Signed addition: X = A + b */ -int mpi_add_int( mpi *X, mpi *A, int b ) +int mpi_add_int( mpi *X, const mpi *A, int b ) { mpi _B; t_int p[1]; @@ -868,7 +870,7 @@ int mpi_add_int( mpi *X, mpi *A, int b ) /* * Signed substraction: X = A - b */ -int mpi_sub_int( mpi *X, mpi *A, int b ) +int mpi_sub_int( mpi *X, const mpi *A, int b ) { mpi _B; t_int p[1]; @@ -948,7 +950,7 @@ static void mpi_mul_hlp( int i, t_int *s, t_int *d, t_int b ) /* * Baseline multiplication: X = A * B (HAC 14.12) */ -int mpi_mul_mpi( mpi *X, mpi *A, mpi *B ) +int mpi_mul_mpi( mpi *X, const mpi *A, const mpi *B ) { int ret, i, j; mpi TA, TB; @@ -984,7 +986,7 @@ cleanup: /* * Baseline multiplication: X = A * b */ -int mpi_mul_int( mpi *X, mpi *A, t_int b ) +int mpi_mul_int( mpi *X, const mpi *A, t_int b ) { mpi _B; t_int p[1]; @@ -1000,7 +1002,7 @@ int mpi_mul_int( mpi *X, mpi *A, t_int b ) /* * Division by mpi: A = Q * B + R (HAC 14.20) */ -int mpi_div_mpi( mpi *Q, mpi *R, mpi *A, mpi *B ) +int mpi_div_mpi( mpi *Q, mpi *R, const mpi *A, const mpi *B ) { int ret, i, n, t, k; mpi X, Y, Z, T1, T2; @@ -1165,7 +1167,7 @@ cleanup: * 1 if memory allocation failed * POLARSSL_ERR_MPI_DIVISION_BY_ZERO if b == 0 */ -int mpi_div_int( mpi *Q, mpi *R, mpi *A, int b ) +int mpi_div_int( mpi *Q, mpi *R, const mpi *A, int b ) { mpi _B; t_int p[1]; @@ -1181,7 +1183,7 @@ int mpi_div_int( mpi *Q, mpi *R, mpi *A, int b ) /* * Modulo: R = A mod B */ -int mpi_mod_mpi( mpi *R, mpi *A, mpi *B ) +int mpi_mod_mpi( mpi *R, const mpi *A, const mpi *B ) { int ret; @@ -1204,7 +1206,7 @@ cleanup: /* * Modulo: r = A mod b */ -int mpi_mod_int( t_int *r, mpi *A, int b ) +int mpi_mod_int( t_int *r, const mpi *A, int b ) { int i; t_int x, y, z; @@ -1261,7 +1263,7 @@ int mpi_mod_int( t_int *r, mpi *A, int b ) /* * Fast Montgomery initialization (thanks to Tom St Denis) */ -static void mpi_montg_init( t_int *mm, mpi *N ) +static void mpi_montg_init( t_int *mm, const mpi *N ) { t_int x, m0 = N->p[0]; @@ -1279,7 +1281,7 @@ static void mpi_montg_init( t_int *mm, mpi *N ) /* * Montgomery multiplication: A = A * B * R^-1 mod N (HAC 14.36) */ -static void mpi_montmul( mpi *A, mpi *B, mpi *N, t_int mm, mpi *T ) +static void mpi_montmul( mpi *A, const mpi *B, const mpi *N, t_int mm, const mpi *T ) { int i, n, m; t_int u0, u1, *d; @@ -1316,7 +1318,7 @@ static void mpi_montmul( mpi *A, mpi *B, mpi *N, t_int mm, mpi *T ) /* * Montgomery reduction: A = A * R^-1 mod N */ -static void mpi_montred( mpi *A, mpi *N, t_int mm, mpi *T ) +static void mpi_montred( mpi *A, const mpi *N, t_int mm, const mpi *T ) { t_int z = 1; mpi U; @@ -1330,7 +1332,7 @@ static void mpi_montred( mpi *A, mpi *N, t_int mm, mpi *T ) /* * Sliding-window exponentiation: X = A^E mod N (HAC 14.85) */ -int mpi_exp_mod( mpi *X, mpi *A, mpi *E, mpi *N, mpi *_RR ) +int mpi_exp_mod( mpi *X, const mpi *A, const mpi *E, const mpi *N, mpi *_RR ) { int ret, i, j, wsize, wbits; int bufsize, nblimbs, nbits; @@ -1507,7 +1509,7 @@ cleanup: /* * Greatest common divisor: G = gcd(A, B) (HAC 14.54) */ -int mpi_gcd( mpi *G, mpi *A, mpi *B ) +int mpi_gcd( mpi *G, const mpi *A, const mpi *B ) { int ret, lz, lzt; mpi TG, TA, TB; @@ -1560,7 +1562,7 @@ cleanup: /* * Modular inverse: X = A^-1 mod N (HAC 14.61 / 14.64) */ -int mpi_inv_mod( mpi *X, mpi *A, mpi *N ) +int mpi_inv_mod( mpi *X, const mpi *A, const mpi *N ) { int ret; mpi G, TA, TU, U1, U2, TB, TV, V1, V2; diff --git a/library/camellia.c b/library/camellia.c index 5e86e0aff..7c499cd53 100644 --- a/library/camellia.c +++ b/library/camellia.c @@ -278,7 +278,7 @@ static const signed char transposes[2][20] = } \ } -static void camellia_feistel(uint32_t x[2], uint32_t k[2], uint32_t z[2]) +static void camellia_feistel(const uint32_t x[2], const uint32_t k[2], uint32_t z[2]) { uint32_t I0, I1; I0 = x[0] ^ k[0]; @@ -305,7 +305,7 @@ static void camellia_feistel(uint32_t x[2], uint32_t k[2], uint32_t z[2]) /* * Camellia key schedule (encryption) */ -int camellia_setkey_enc( camellia_context *ctx, unsigned char *key, int keysize ) +int camellia_setkey_enc( camellia_context *ctx, const unsigned char *key, int keysize ) { int i, idx; uint32_t *RK; @@ -408,7 +408,7 @@ int camellia_setkey_enc( camellia_context *ctx, unsigned char *key, int keysize /* * Camellia key schedule (decryption) */ -int camellia_setkey_dec( camellia_context *ctx, unsigned char *key, int keysize ) +int camellia_setkey_dec( camellia_context *ctx, const unsigned char *key, int keysize ) { int i, idx; camellia_context cty; @@ -460,7 +460,7 @@ int camellia_setkey_dec( camellia_context *ctx, unsigned char *key, int keysize */ void camellia_crypt_ecb( camellia_context *ctx, int mode, - unsigned char input[16], + const unsigned char input[16], unsigned char output[16] ) { int NR; @@ -522,7 +522,7 @@ void camellia_crypt_cbc( camellia_context *ctx, int mode, int length, unsigned char iv[16], - unsigned char *input, + const unsigned char *input, unsigned char *output ) { int i; @@ -570,7 +570,7 @@ void camellia_crypt_cfb128( camellia_context *ctx, int length, int *iv_off, unsigned char iv[16], - unsigned char *input, + const unsigned char *input, unsigned char *output ) { int c, n = *iv_off; diff --git a/library/debug.c b/library/debug.c index 843b9f5ce..33151db0d 100644 --- a/library/debug.c +++ b/library/debug.c @@ -52,8 +52,8 @@ char *debug_fmt( const char *format, ... ) return( str ); } -void debug_print_msg( ssl_context *ssl, int level, - char *file, int line, char *text ) +void debug_print_msg( const ssl_context *ssl, int level, + const char *file, int line, const char *text ) { char str[512]; int maxlen = sizeof( str ) - 1; @@ -66,8 +66,9 @@ void debug_print_msg( ssl_context *ssl, int level, ssl->f_dbg( ssl->p_dbg, level, str ); } -void debug_print_ret( ssl_context *ssl, int level, - char *file, int line, char *text, int ret ) +void debug_print_ret( const ssl_context *ssl, int level, + const char *file, int line, + const char *text, int ret ) { char str[512]; int maxlen = sizeof( str ) - 1; @@ -82,8 +83,8 @@ void debug_print_ret( ssl_context *ssl, int level, ssl->f_dbg( ssl->p_dbg, level, str ); } -void debug_print_buf( ssl_context *ssl, int level, - char *file, int line, char *text, +void debug_print_buf( const ssl_context *ssl, int level, + const char *file, int line, const char *text, unsigned char *buf, int len ) { char str[512]; @@ -124,8 +125,9 @@ void debug_print_buf( ssl_context *ssl, int level, ssl->f_dbg( ssl->p_dbg, level, "\n" ); } -void debug_print_mpi( ssl_context *ssl, int level, - char *file, int line, char *text, mpi *X ) +void debug_print_mpi( const ssl_context *ssl, int level, + const char *file, int line, + const char *text, const mpi *X ) { char str[512]; int i, j, k, n, maxlen = sizeof( str ) - 1; @@ -169,8 +171,9 @@ void debug_print_mpi( ssl_context *ssl, int level, ssl->f_dbg( ssl->p_dbg, level, "\n" ); } -void debug_print_crt( ssl_context *ssl, int level, - char *file, int line, char *text, x509_cert *crt ) +void debug_print_crt( const ssl_context *ssl, int level, + const char *file, int line, + const char *text, const x509_cert *crt ) { char str[1024], prefix[64]; int i = 0, maxlen = sizeof( prefix ) - 1; diff --git a/library/des.c b/library/des.c index 65d3f0875..79ebd3836 100644 --- a/library/des.c +++ b/library/des.c @@ -288,7 +288,7 @@ static const unsigned long RHs[16] = #define SWAP(a,b) { unsigned long t = a; a = b; b = t; t = 0; } -static void des_setkey( unsigned long SK[32], unsigned char key[8] ) +static void des_setkey( unsigned long SK[32], const unsigned char key[8] ) { int i; unsigned long X, Y, T; @@ -360,7 +360,7 @@ static void des_setkey( unsigned long SK[32], unsigned char key[8] ) /* * DES key schedule (56-bit, encryption) */ -void des_setkey_enc( des_context *ctx, unsigned char key[8] ) +void des_setkey_enc( des_context *ctx, const unsigned char key[8] ) { des_setkey( ctx->sk, key ); } @@ -368,7 +368,7 @@ void des_setkey_enc( des_context *ctx, unsigned char key[8] ) /* * DES key schedule (56-bit, decryption) */ -void des_setkey_dec( des_context *ctx, unsigned char key[8] ) +void des_setkey_dec( des_context *ctx, const unsigned char key[8] ) { int i; @@ -383,7 +383,7 @@ void des_setkey_dec( des_context *ctx, unsigned char key[8] ) static void des3_set2key( unsigned long esk[96], unsigned long dsk[96], - unsigned char key[16] ) + const unsigned char key[16] ) { int i; @@ -409,7 +409,7 @@ static void des3_set2key( unsigned long esk[96], /* * Triple-DES key schedule (112-bit, encryption) */ -void des3_set2key_enc( des3_context *ctx, unsigned char key[16] ) +void des3_set2key_enc( des3_context *ctx, const unsigned char key[16] ) { unsigned long sk[96]; @@ -420,7 +420,7 @@ void des3_set2key_enc( des3_context *ctx, unsigned char key[16] ) /* * Triple-DES key schedule (112-bit, decryption) */ -void des3_set2key_dec( des3_context *ctx, unsigned char key[16] ) +void des3_set2key_dec( des3_context *ctx, const unsigned char key[16] ) { unsigned long sk[96]; @@ -430,7 +430,7 @@ void des3_set2key_dec( des3_context *ctx, unsigned char key[16] ) static void des3_set3key( unsigned long esk[96], unsigned long dsk[96], - unsigned char key[24] ) + const unsigned char key[24] ) { int i; @@ -454,7 +454,7 @@ static void des3_set3key( unsigned long esk[96], /* * Triple-DES key schedule (168-bit, encryption) */ -void des3_set3key_enc( des3_context *ctx, unsigned char key[24] ) +void des3_set3key_enc( des3_context *ctx, const unsigned char key[24] ) { unsigned long sk[96]; @@ -465,7 +465,7 @@ void des3_set3key_enc( des3_context *ctx, unsigned char key[24] ) /* * Triple-DES key schedule (168-bit, decryption) */ -void des3_set3key_dec( des3_context *ctx, unsigned char key[24] ) +void des3_set3key_dec( des3_context *ctx, const unsigned char key[24] ) { unsigned long sk[96]; @@ -477,7 +477,7 @@ void des3_set3key_dec( des3_context *ctx, unsigned char key[24] ) * DES-ECB block encryption/decryption */ void des_crypt_ecb( des_context *ctx, - unsigned char input[8], + const unsigned char input[8], unsigned char output[8] ) { int i; @@ -509,7 +509,7 @@ void des_crypt_cbc( des_context *ctx, int mode, int length, unsigned char iv[8], - unsigned char *input, + const unsigned char *input, unsigned char *output ) { int i; @@ -553,7 +553,7 @@ void des_crypt_cbc( des_context *ctx, * 3DES-ECB block encryption/decryption */ void des3_crypt_ecb( des3_context *ctx, - unsigned char input[8], + const unsigned char input[8], unsigned char output[8] ) { int i; @@ -597,7 +597,7 @@ void des3_crypt_cbc( des3_context *ctx, int mode, int length, unsigned char iv[8], - unsigned char *input, + const unsigned char *input, unsigned char *output ) { int i; diff --git a/library/dhm.c b/library/dhm.c index ef43ab8b3..04d1e9f1f 100644 --- a/library/dhm.c +++ b/library/dhm.c @@ -39,7 +39,7 @@ */ static int dhm_read_bignum( mpi *X, unsigned char **p, - unsigned char *end ) + const unsigned char *end ) { int ret, n; @@ -65,7 +65,7 @@ static int dhm_read_bignum( mpi *X, */ int dhm_read_params( dhm_context *ctx, unsigned char **p, - unsigned char *end ) + const unsigned char *end ) { int ret, n; @@ -151,7 +151,7 @@ cleanup: * Import the peer's public value G^Y */ int dhm_read_public( dhm_context *ctx, - unsigned char *input, int ilen ) + const unsigned char *input, int ilen ) { int ret; diff --git a/library/md2.c b/library/md2.c index e942ff395..061ebbe34 100644 --- a/library/md2.c +++ b/library/md2.c @@ -114,7 +114,7 @@ static void md2_process( md2_context *ctx ) /* * MD2 process buffer */ -void md2_update( md2_context *ctx, unsigned char *input, int ilen ) +void md2_update( md2_context *ctx, const unsigned char *input, int ilen ) { int fill; @@ -163,7 +163,7 @@ void md2_finish( md2_context *ctx, unsigned char output[16] ) /* * output = MD2( input buffer ) */ -void md2( unsigned char *input, int ilen, unsigned char output[16] ) +void md2( const unsigned char *input, int ilen, unsigned char output[16] ) { md2_context ctx; @@ -177,7 +177,7 @@ void md2( unsigned char *input, int ilen, unsigned char output[16] ) /* * output = MD2( file contents ) */ -int md2_file( char *path, unsigned char output[16] ) +int md2_file( const char *path, unsigned char output[16] ) { FILE *f; size_t n; @@ -209,7 +209,7 @@ int md2_file( char *path, unsigned char output[16] ) /* * MD2 HMAC context setup */ -void md2_hmac_starts( md2_context *ctx, unsigned char *key, int keylen ) +void md2_hmac_starts( md2_context *ctx, const unsigned char *key, int keylen ) { int i; unsigned char sum[16]; @@ -239,7 +239,7 @@ void md2_hmac_starts( md2_context *ctx, unsigned char *key, int keylen ) /* * MD2 HMAC process buffer */ -void md2_hmac_update( md2_context *ctx, unsigned char *input, int ilen ) +void md2_hmac_update( md2_context *ctx, const unsigned char *input, int ilen ) { md2_update( ctx, input, ilen ); } @@ -263,7 +263,8 @@ void md2_hmac_finish( md2_context *ctx, unsigned char output[16] ) /* * output = HMAC-MD2( hmac key, input buffer ) */ -void md2_hmac( unsigned char *key, int keylen, unsigned char *input, int ilen, +void md2_hmac( const unsigned char *key, int keylen, + const unsigned char *input, int ilen, unsigned char output[16] ) { md2_context ctx; diff --git a/library/md4.c b/library/md4.c index 4be1939d6..251e63f16 100644 --- a/library/md4.c +++ b/library/md4.c @@ -73,7 +73,7 @@ void md4_starts( md4_context *ctx ) ctx->state[3] = 0x10325476; } -static void md4_process( md4_context *ctx, unsigned char data[64] ) +static void md4_process( md4_context *ctx, const unsigned char data[64] ) { unsigned long X[16], A, B, C, D; @@ -179,7 +179,7 @@ static void md4_process( md4_context *ctx, unsigned char data[64] ) /* * MD4 process buffer */ -void md4_update( md4_context *ctx, unsigned char *input, int ilen ) +void md4_update( md4_context *ctx, const unsigned char *input, int ilen ) { int fill; unsigned long left; @@ -259,7 +259,7 @@ void md4_finish( md4_context *ctx, unsigned char output[16] ) /* * output = MD4( input buffer ) */ -void md4( unsigned char *input, int ilen, unsigned char output[16] ) +void md4( const unsigned char *input, int ilen, unsigned char output[16] ) { md4_context ctx; @@ -273,7 +273,7 @@ void md4( unsigned char *input, int ilen, unsigned char output[16] ) /* * output = MD4( file contents ) */ -int md4_file( char *path, unsigned char output[16] ) +int md4_file( const char *path, unsigned char output[16] ) { FILE *f; size_t n; @@ -305,7 +305,7 @@ int md4_file( char *path, unsigned char output[16] ) /* * MD4 HMAC context setup */ -void md4_hmac_starts( md4_context *ctx, unsigned char *key, int keylen ) +void md4_hmac_starts( md4_context *ctx, const unsigned char *key, int keylen ) { int i; unsigned char sum[16]; @@ -335,7 +335,7 @@ void md4_hmac_starts( md4_context *ctx, unsigned char *key, int keylen ) /* * MD4 HMAC process buffer */ -void md4_hmac_update( md4_context *ctx, unsigned char *input, int ilen ) +void md4_hmac_update( md4_context *ctx, const unsigned char *input, int ilen ) { md4_update( ctx, input, ilen ); } @@ -359,7 +359,8 @@ void md4_hmac_finish( md4_context *ctx, unsigned char output[16] ) /* * output = HMAC-MD4( hmac key, input buffer ) */ -void md4_hmac( unsigned char *key, int keylen, unsigned char *input, int ilen, +void md4_hmac( const unsigned char *key, int keylen, + const unsigned char *input, int ilen, unsigned char output[16] ) { md4_context ctx; diff --git a/library/md5.c b/library/md5.c index c51808616..ca994b9c1 100644 --- a/library/md5.c +++ b/library/md5.c @@ -72,7 +72,7 @@ void md5_starts( md5_context *ctx ) ctx->state[3] = 0x10325476; } -static void md5_process( md5_context *ctx, unsigned char data[64] ) +static void md5_process( md5_context *ctx, const unsigned char data[64] ) { unsigned long X[16], A, B, C, D; @@ -198,7 +198,7 @@ static void md5_process( md5_context *ctx, unsigned char data[64] ) /* * MD5 process buffer */ -void md5_update( md5_context *ctx, unsigned char *input, int ilen ) +void md5_update( md5_context *ctx, const unsigned char *input, int ilen ) { int fill; unsigned long left; @@ -278,7 +278,7 @@ void md5_finish( md5_context *ctx, unsigned char output[16] ) /* * output = MD5( input buffer ) */ -void md5( unsigned char *input, int ilen, unsigned char output[16] ) +void md5( const unsigned char *input, int ilen, unsigned char output[16] ) { md5_context ctx; @@ -292,7 +292,7 @@ void md5( unsigned char *input, int ilen, unsigned char output[16] ) /* * output = MD5( file contents ) */ -int md5_file( char *path, unsigned char output[16] ) +int md5_file( const char *path, unsigned char output[16] ) { FILE *f; size_t n; @@ -324,7 +324,7 @@ int md5_file( char *path, unsigned char output[16] ) /* * MD5 HMAC context setup */ -void md5_hmac_starts( md5_context *ctx, unsigned char *key, int keylen ) +void md5_hmac_starts( md5_context *ctx, const unsigned char *key, int keylen ) { int i; unsigned char sum[16]; @@ -354,7 +354,7 @@ void md5_hmac_starts( md5_context *ctx, unsigned char *key, int keylen ) /* * MD5 HMAC process buffer */ -void md5_hmac_update( md5_context *ctx, unsigned char *input, int ilen ) +void md5_hmac_update( md5_context *ctx, const unsigned char *input, int ilen ) { md5_update( ctx, input, ilen ); } @@ -378,7 +378,8 @@ void md5_hmac_finish( md5_context *ctx, unsigned char output[16] ) /* * output = HMAC-MD5( hmac key, input buffer ) */ -void md5_hmac( unsigned char *key, int keylen, unsigned char *input, int ilen, +void md5_hmac( const unsigned char *key, int keylen, + const unsigned char *input, int ilen, unsigned char output[16] ) { md5_context ctx; diff --git a/library/net.c b/library/net.c index 9e7c5ddbc..a94ebf794 100644 --- a/library/net.c +++ b/library/net.c @@ -27,7 +27,7 @@ #include "polarssl/net.h" -#if defined(WIN32) || defined(_WIN32_WCE) +#if defined(_WIN32) || defined(_WIN32_WCE) #include #include @@ -89,12 +89,12 @@ unsigned short net_htons(unsigned short n); /* * Initiate a TCP connection with host:port */ -int net_connect( int *fd, char *host, int port ) +int net_connect( int *fd, const char *host, int port ) { struct sockaddr_in server_addr; struct hostent *server_host; -#if defined(WIN32) || defined(_WIN32_WCE) +#if defined(_WIN32) || defined(_WIN32_WCE) WSADATA wsaData; if( wsa_init_done == 0 ) @@ -134,12 +134,12 @@ int net_connect( int *fd, char *host, int port ) /* * Create a listening socket on bind_ip:port */ -int net_bind( int *fd, char *bind_ip, int port ) +int net_bind( int *fd, const char *bind_ip, int port ) { int n, c[4]; struct sockaddr_in server_addr; -#if defined(WIN32) || defined(_WIN32_WCE) +#if defined(_WIN32) || defined(_WIN32_WCE) WSADATA wsaData; if( wsa_init_done == 0 ) @@ -202,7 +202,7 @@ int net_bind( int *fd, char *bind_ip, int port ) */ static int net_is_blocking( void ) { -#if defined(WIN32) || defined(_WIN32_WCE) +#if defined(_WIN32) || defined(_WIN32_WCE) return( WSAGetLastError() == WSAEWOULDBLOCK ); #else switch( errno ) @@ -255,7 +255,7 @@ int net_accept( int bind_fd, int *client_fd, void *client_ip ) */ int net_set_block( int fd ) { -#if defined(WIN32) || defined(_WIN32_WCE) +#if defined(_WIN32) || defined(_WIN32_WCE) long n = 0; return( ioctlsocket( fd, FIONBIO, &n ) ); #else @@ -265,7 +265,7 @@ int net_set_block( int fd ) int net_set_nonblock( int fd ) { -#if defined(WIN32) || defined(_WIN32_WCE) +#if defined(_WIN32) || defined(_WIN32_WCE) long n = 1; return( ioctlsocket( fd, FIONBIO, &n ) ); #else @@ -299,7 +299,7 @@ int net_recv( void *ctx, unsigned char *buf, int len ) if( net_is_blocking() != 0 ) return( POLARSSL_ERR_NET_TRY_AGAIN ); -#if defined(WIN32) || defined(_WIN32_WCE) +#if defined(_WIN32) || defined(_WIN32_WCE) if( WSAGetLastError() == WSAECONNRESET ) return( POLARSSL_ERR_NET_CONN_RESET ); #else @@ -328,7 +328,7 @@ int net_send( void *ctx, unsigned char *buf, int len ) if( net_is_blocking() != 0 ) return( POLARSSL_ERR_NET_TRY_AGAIN ); -#if defined(WIN32) || defined(_WIN32_WCE) +#if defined(_WIN32) || defined(_WIN32_WCE) if( WSAGetLastError() == WSAECONNRESET ) return( POLARSSL_ERR_NET_CONN_RESET ); #else diff --git a/library/padlock.c b/library/padlock.c index 3344a963c..9d62d0a1d 100644 --- a/library/padlock.c +++ b/library/padlock.c @@ -74,7 +74,7 @@ int padlock_supports( int feature ) */ int padlock_xcryptecb( aes_context *ctx, int mode, - unsigned char input[16], + const unsigned char input[16], unsigned char output[16] ) { int ebx; @@ -115,7 +115,7 @@ int padlock_xcryptcbc( aes_context *ctx, int mode, int length, unsigned char iv[16], - unsigned char *input, + const unsigned char *input, unsigned char *output ) { int ebx, count; diff --git a/library/rsa.c b/library/rsa.c index 689cb1e43..6fca27d59 100644 --- a/library/rsa.c +++ b/library/rsa.c @@ -132,7 +132,7 @@ cleanup: /* * Check a public RSA key */ -int rsa_check_pubkey( rsa_context *ctx ) +int rsa_check_pubkey( const rsa_context *ctx ) { if( !ctx->N.p || !ctx->E.p ) return( POLARSSL_ERR_RSA_KEY_CHECK_FAILED ); @@ -155,7 +155,7 @@ int rsa_check_pubkey( rsa_context *ctx ) /* * Check a private RSA key */ -int rsa_check_privkey( rsa_context *ctx ) +int rsa_check_privkey( const rsa_context *ctx ) { int ret; mpi PQ, DE, P1, Q1, H, I, G; @@ -194,7 +194,7 @@ cleanup: * Do an RSA public key operation */ int rsa_public( rsa_context *ctx, - unsigned char *input, + const unsigned char *input, unsigned char *output ) { int ret, olen; @@ -228,7 +228,7 @@ cleanup: * Do an RSA private key operation */ int rsa_private( rsa_context *ctx, - unsigned char *input, + const unsigned char *input, unsigned char *output ) { int ret, olen; @@ -288,7 +288,7 @@ cleanup: */ int rsa_pkcs1_encrypt( rsa_context *ctx, int mode, int ilen, - unsigned char *input, + const unsigned char *input, unsigned char *output ) { int nb_pad, olen; @@ -334,9 +334,9 @@ int rsa_pkcs1_encrypt( rsa_context *ctx, */ int rsa_pkcs1_decrypt( rsa_context *ctx, int mode, int *olen, - unsigned char *input, + const unsigned char *input, unsigned char *output, - int output_max_len) + int output_max_len) { int ret, ilen; unsigned char *p; @@ -393,7 +393,7 @@ int rsa_pkcs1_sign( rsa_context *ctx, int mode, int hash_id, int hashlen, - unsigned char *hash, + const unsigned char *hash, unsigned char *sig ) { int nb_pad, olen; @@ -519,7 +519,7 @@ int rsa_pkcs1_verify( rsa_context *ctx, int mode, int hash_id, int hashlen, - unsigned char *hash, + const unsigned char *hash, unsigned char *sig ) { int ret, len, siglen; diff --git a/library/sha1.c b/library/sha1.c index 8c5b9da4e..f811131fc 100644 --- a/library/sha1.c +++ b/library/sha1.c @@ -73,7 +73,7 @@ void sha1_starts( sha1_context *ctx ) ctx->state[4] = 0xC3D2E1F0; } -static void sha1_process( sha1_context *ctx, unsigned char data[64] ) +static void sha1_process( sha1_context *ctx, const unsigned char data[64] ) { unsigned long temp, W[16], A, B, C, D, E; @@ -232,7 +232,7 @@ static void sha1_process( sha1_context *ctx, unsigned char data[64] ) /* * SHA-1 process buffer */ -void sha1_update( sha1_context *ctx, unsigned char *input, int ilen ) +void sha1_update( sha1_context *ctx, const unsigned char *input, int ilen ) { int fill; unsigned long left; @@ -313,7 +313,7 @@ void sha1_finish( sha1_context *ctx, unsigned char output[20] ) /* * output = SHA-1( input buffer ) */ -void sha1( unsigned char *input, int ilen, unsigned char output[20] ) +void sha1( const unsigned char *input, int ilen, unsigned char output[20] ) { sha1_context ctx; @@ -327,7 +327,7 @@ void sha1( unsigned char *input, int ilen, unsigned char output[20] ) /* * output = SHA-1( file contents ) */ -int sha1_file( char *path, unsigned char output[20] ) +int sha1_file( const char *path, unsigned char output[20] ) { FILE *f; size_t n; @@ -359,7 +359,7 @@ int sha1_file( char *path, unsigned char output[20] ) /* * SHA-1 HMAC context setup */ -void sha1_hmac_starts( sha1_context *ctx, unsigned char *key, int keylen ) +void sha1_hmac_starts( sha1_context *ctx, const unsigned char *key, int keylen ) { int i; unsigned char sum[20]; @@ -389,7 +389,7 @@ void sha1_hmac_starts( sha1_context *ctx, unsigned char *key, int keylen ) /* * SHA-1 HMAC process buffer */ -void sha1_hmac_update( sha1_context *ctx, unsigned char *input, int ilen ) +void sha1_hmac_update( sha1_context *ctx, const unsigned char *input, int ilen ) { sha1_update( ctx, input, ilen ); } @@ -413,8 +413,8 @@ void sha1_hmac_finish( sha1_context *ctx, unsigned char output[20] ) /* * output = HMAC-SHA-1( hmac key, input buffer ) */ -void sha1_hmac( unsigned char *key, int keylen, - unsigned char *input, int ilen, +void sha1_hmac( const unsigned char *key, int keylen, + const unsigned char *input, int ilen, unsigned char output[20] ) { sha1_context ctx; diff --git a/library/sha2.c b/library/sha2.c index 8afe73ca3..87f02ea58 100644 --- a/library/sha2.c +++ b/library/sha2.c @@ -94,7 +94,7 @@ void sha2_starts( sha2_context *ctx, int is224 ) ctx->is224 = is224; } -static void sha2_process( sha2_context *ctx, unsigned char data[64] ) +static void sha2_process( sha2_context *ctx, const unsigned char data[64] ) { unsigned long temp1, temp2, W[64]; unsigned long A, B, C, D, E, F, G, H; @@ -228,7 +228,7 @@ static void sha2_process( sha2_context *ctx, unsigned char data[64] ) /* * SHA-256 process buffer */ -void sha2_update( sha2_context *ctx, unsigned char *input, int ilen ) +void sha2_update( sha2_context *ctx, const unsigned char *input, int ilen ) { int fill; unsigned long left; @@ -314,7 +314,7 @@ void sha2_finish( sha2_context *ctx, unsigned char output[32] ) /* * output = SHA-256( input buffer ) */ -void sha2( unsigned char *input, int ilen, +void sha2( const unsigned char *input, int ilen, unsigned char output[32], int is224 ) { sha2_context ctx; @@ -329,7 +329,7 @@ void sha2( unsigned char *input, int ilen, /* * output = SHA-256( file contents ) */ -int sha2_file( char *path, unsigned char output[32], int is224 ) +int sha2_file( const char *path, unsigned char output[32], int is224 ) { FILE *f; size_t n; @@ -361,7 +361,7 @@ int sha2_file( char *path, unsigned char output[32], int is224 ) /* * SHA-256 HMAC context setup */ -void sha2_hmac_starts( sha2_context *ctx, unsigned char *key, int keylen, +void sha2_hmac_starts( sha2_context *ctx, const unsigned char *key, int keylen, int is224 ) { int i; @@ -392,7 +392,7 @@ void sha2_hmac_starts( sha2_context *ctx, unsigned char *key, int keylen, /* * SHA-256 HMAC process buffer */ -void sha2_hmac_update( sha2_context *ctx, unsigned char *input, int ilen ) +void sha2_hmac_update( sha2_context *ctx, const unsigned char *input, int ilen ) { sha2_update( ctx, input, ilen ); } @@ -420,8 +420,8 @@ void sha2_hmac_finish( sha2_context *ctx, unsigned char output[32] ) /* * output = HMAC-SHA-256( hmac key, input buffer ) */ -void sha2_hmac( unsigned char *key, int keylen, - unsigned char *input, int ilen, +void sha2_hmac( const unsigned char *key, int keylen, + const unsigned char *input, int ilen, unsigned char output[32], int is224 ) { sha2_context ctx; diff --git a/library/sha4.c b/library/sha4.c index e78c3e97e..c21454398 100644 --- a/library/sha4.c +++ b/library/sha4.c @@ -149,7 +149,7 @@ void sha4_starts( sha4_context *ctx, int is384 ) ctx->is384 = is384; } -static void sha4_process( sha4_context *ctx, unsigned char data[128] ) +static void sha4_process( sha4_context *ctx, const unsigned char data[128] ) { int i; unsigned int64 temp1, temp2, W[80]; @@ -221,7 +221,7 @@ static void sha4_process( sha4_context *ctx, unsigned char data[128] ) /* * SHA-512 process buffer */ -void sha4_update( sha4_context *ctx, unsigned char *input, int ilen ) +void sha4_update( sha4_context *ctx, const unsigned char *input, int ilen ) { int fill; unsigned int64 left; @@ -312,7 +312,7 @@ void sha4_finish( sha4_context *ctx, unsigned char output[64] ) /* * output = SHA-512( input buffer ) */ -void sha4( unsigned char *input, int ilen, +void sha4( const unsigned char *input, int ilen, unsigned char output[64], int is384 ) { sha4_context ctx; @@ -327,7 +327,7 @@ void sha4( unsigned char *input, int ilen, /* * output = SHA-512( file contents ) */ -int sha4_file( char *path, unsigned char output[64], int is384 ) +int sha4_file( const char *path, unsigned char output[64], int is384 ) { FILE *f; size_t n; @@ -359,7 +359,7 @@ int sha4_file( char *path, unsigned char output[64], int is384 ) /* * SHA-512 HMAC context setup */ -void sha4_hmac_starts( sha4_context *ctx, unsigned char *key, int keylen, +void sha4_hmac_starts( sha4_context *ctx, const unsigned char *key, int keylen, int is384 ) { int i; @@ -391,7 +391,7 @@ void sha4_hmac_starts( sha4_context *ctx, unsigned char *key, int keylen, * SHA-512 HMAC process buffer */ void sha4_hmac_update( sha4_context *ctx, - unsigned char *input, int ilen ) + const unsigned char *input, int ilen ) { sha4_update( ctx, input, ilen ); } @@ -419,8 +419,8 @@ void sha4_hmac_finish( sha4_context *ctx, unsigned char output[64] ) /* * output = HMAC-SHA-512( hmac key, input buffer ) */ -void sha4_hmac( unsigned char *key, int keylen, - unsigned char *input, int ilen, +void sha4_hmac( const unsigned char *key, int keylen, + const unsigned char *input, int ilen, unsigned char output[64], int is384 ) { sha4_context ctx; diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 8e3bfc327..5802fdc1b 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -90,7 +90,7 @@ static int ssl_write_client_hello( ssl_context *ssl ) n = ssl->session->length; if( n < 16 || n > 32 || ssl->resume == 0 || - t - ssl->session->start > ssl->timeout ) + ( ssl->timeout != 0 && t - ssl->session->start > ssl->timeout ) ) n = 0; *p++ = (unsigned char) n; @@ -274,7 +274,12 @@ static int ssl_parse_server_hello( ssl_context *ssl ) else { ssl->state = SSL_SERVER_CHANGE_CIPHER_SPEC; - ssl_derive_keys( ssl ); + + if( ( ret = ssl_derive_keys( ssl ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "ssl_derive_keys", ret ); + return( ret ); + } } SSL_DEBUG_MSG( 3, ( "%s session has been resumed", @@ -584,7 +589,11 @@ static int ssl_write_client_key_exchange( ssl_context *ssl ) } } - ssl_derive_keys( ssl ); + if( ( ret = ssl_derive_keys( ssl ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "ssl_derive_keys", ret ); + return( ret ); + } ssl->out_msglen = i + n; ssl->out_msgtype = SSL_MSG_HANDSHAKE; diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 57fe82dc8..aec33a247 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -417,7 +417,12 @@ static int ssl_write_server_hello( ssl_context *ssl ) */ ssl->resume = 1; ssl->state = SSL_SERVER_CHANGE_CIPHER_SPEC; - ssl_derive_keys( ssl ); + + if( ( ret = ssl_derive_keys( ssl ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "ssl_derive_keys", ret ); + return( ret ); + } } memcpy( p, ssl->session->id, ssl->session->length ); @@ -451,7 +456,7 @@ static int ssl_write_certificate_request( ssl_context *ssl ) { int ret, n; unsigned char *buf, *p; - x509_cert *crt; + const x509_cert *crt; SSL_DEBUG_MSG( 2, ( "=> write certificate request" ) ); @@ -749,7 +754,11 @@ static int ssl_parse_client_key_exchange( ssl_context *ssl ) } } - ssl_derive_keys( ssl ); + if( ( ret = ssl_derive_keys( ssl ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "ssl_derive_keys", ret ); + return( ret ); + } if( ssl->s_set != NULL ) ssl->s_set( ssl ); diff --git a/library/ssl_tls.c b/library/ssl_tls.c index edd1b8e25..03975d29b 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -1108,7 +1108,7 @@ int ssl_read_record( ssl_context *ssl ) int ssl_write_certificate( ssl_context *ssl ) { int ret, i, n; - x509_cert *crt; + const x509_cert *crt; SSL_DEBUG_MSG( 2, ( "=> write certificate" ) ); @@ -1664,7 +1664,7 @@ void ssl_set_rng( ssl_context *ssl, } void ssl_set_dbg( ssl_context *ssl, - void (*f_dbg)(void *, int, char *), + void (*f_dbg)(void *, int, const char *), void *p_dbg ) { ssl->f_dbg = f_dbg; @@ -1717,7 +1717,7 @@ void ssl_set_own_cert( ssl_context *ssl, x509_cert *own_cert, ssl->rsa_key = rsa_key; } -int ssl_set_dh_param( ssl_context *ssl, char *dhm_P, char *dhm_G ) +int ssl_set_dh_param( ssl_context *ssl, const char *dhm_P, const char *dhm_G ) { int ret; @@ -1736,7 +1736,7 @@ int ssl_set_dh_param( ssl_context *ssl, char *dhm_P, char *dhm_G ) return( 0 ); } -int ssl_set_hostname( ssl_context *ssl, char *hostname ) +int ssl_set_hostname( ssl_context *ssl, const char *hostname ) { if( hostname == NULL ) return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); @@ -1755,17 +1755,17 @@ int ssl_set_hostname( ssl_context *ssl, char *hostname ) /* * SSL get accessors */ -int ssl_get_bytes_avail( ssl_context *ssl ) +int ssl_get_bytes_avail( const ssl_context *ssl ) { return( ssl->in_offt == NULL ? 0 : ssl->in_msglen ); } -int ssl_get_verify_result( ssl_context *ssl ) +int ssl_get_verify_result( const ssl_context *ssl ) { return( ssl->verify_result ); } -char *ssl_get_cipher( ssl_context *ssl ) +const char *ssl_get_cipher( const ssl_context *ssl ) { switch( ssl->session->cipher ) { @@ -1943,7 +1943,7 @@ int ssl_read( ssl_context *ssl, unsigned char *buf, int len ) /* * Send application data to be encrypted by the SSL layer */ -int ssl_write( ssl_context *ssl, unsigned char *buf, int len ) +int ssl_write( ssl_context *ssl, const unsigned char *buf, int len ) { int ret, n; diff --git a/library/timing.c b/library/timing.c index 0f5f4bdae..0b62b1031 100644 --- a/library/timing.c +++ b/library/timing.c @@ -27,7 +27,7 @@ #include "polarssl/timing.h" -#if defined(WIN32) +#if defined(_WIN32) #include #include @@ -164,7 +164,7 @@ unsigned long hardclock( void ) int alarmed = 0; -#if defined(WIN32) +#if defined(_WIN32) unsigned long get_timer( struct hr_time *val, int reset ) { diff --git a/library/x509parse.c b/library/x509parse.c index 430dab923..68d4b7030 100644 --- a/library/x509parse.c +++ b/library/x509parse.c @@ -55,7 +55,7 @@ * ASN.1 DER decoding routines */ static int asn1_get_len( unsigned char **p, - unsigned char *end, + const unsigned char *end, int *len ) { if( ( end - *p ) < 1 ) @@ -96,7 +96,7 @@ static int asn1_get_len( unsigned char **p, } static int asn1_get_tag( unsigned char **p, - unsigned char *end, + const unsigned char *end, int *len, int tag ) { if( ( end - *p ) < 1 ) @@ -111,7 +111,7 @@ static int asn1_get_tag( unsigned char **p, } static int asn1_get_bool( unsigned char **p, - unsigned char *end, + const unsigned char *end, int *val ) { int ret, len; @@ -129,7 +129,7 @@ static int asn1_get_bool( unsigned char **p, } static int asn1_get_int( unsigned char **p, - unsigned char *end, + const unsigned char *end, int *val ) { int ret, len; @@ -152,7 +152,7 @@ static int asn1_get_int( unsigned char **p, } static int asn1_get_mpi( unsigned char **p, - unsigned char *end, + const unsigned char *end, mpi *X ) { int ret, len; @@ -171,7 +171,7 @@ static int asn1_get_mpi( unsigned char **p, * Version ::= INTEGER { v1(0), v2(1), v3(2) } */ static int x509_get_version( unsigned char **p, - unsigned char *end, + const unsigned char *end, int *ver ) { int ret, len; @@ -201,7 +201,7 @@ static int x509_get_version( unsigned char **p, * CertificateSerialNumber ::= INTEGER */ static int x509_get_serial( unsigned char **p, - unsigned char *end, + const unsigned char *end, x509_buf *serial ) { int ret; @@ -232,7 +232,7 @@ static int x509_get_serial( unsigned char **p, * parameters ANY DEFINED BY algorithm OPTIONAL } */ static int x509_get_alg( unsigned char **p, - unsigned char *end, + const unsigned char *end, x509_buf *alg ) { int ret, len; @@ -279,11 +279,11 @@ static int x509_get_alg( unsigned char **p, * AttributeValue ::= ANY DEFINED BY AttributeType */ static int x509_get_name( unsigned char **p, - unsigned char *end, + const unsigned char *end, x509_name *cur ) { int ret, len; - unsigned char *end2; + const unsigned char *end2; x509_buf *oid; x509_buf *val; @@ -357,7 +357,7 @@ static int x509_get_name( unsigned char **p, * generalTime GeneralizedTime } */ static int x509_get_time( unsigned char **p, - unsigned char *end, + const unsigned char *end, x509_time *time ) { int ret, len; @@ -425,7 +425,7 @@ static int x509_get_time( unsigned char **p, * notAfter Time } */ static int x509_get_dates( unsigned char **p, - unsigned char *end, + const unsigned char *end, x509_time *from, x509_time *to ) { @@ -456,7 +456,7 @@ static int x509_get_dates( unsigned char **p, * subjectPublicKey BIT STRING } */ static int x509_get_pubkey( unsigned char **p, - unsigned char *end, + const unsigned char *end, x509_buf *pk_alg_oid, mpi *N, mpi *E ) { @@ -511,7 +511,7 @@ static int x509_get_pubkey( unsigned char **p, } static int x509_get_sig( unsigned char **p, - unsigned char *end, + const unsigned char *end, x509_buf *sig ) { int ret, len; @@ -536,7 +536,7 @@ static int x509_get_sig( unsigned char **p, * X.509 v2/v3 unique identifier (not parsed) */ static int x509_get_uid( unsigned char **p, - unsigned char *end, + const unsigned char *end, x509_buf *uid, int n ) { int ret; @@ -566,7 +566,7 @@ static int x509_get_uid( unsigned char **p, * be either manually updated or extensions should be parsed! */ static int x509_get_ext( unsigned char **p, - unsigned char *end, + const unsigned char *end, x509_buf *ext ) { int ret, len; @@ -575,7 +575,7 @@ static int x509_get_ext( unsigned char **p, return( 0 ); ext->tag = **p; - + if( ( ret = asn1_get_tag( p, end, &ext->len, ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 3 ) ) != 0 ) return( ret ); @@ -606,8 +606,8 @@ static int x509_get_ext( unsigned char **p, * X.509 CRL v2 extensions (no extensions parsed yet.) */ static int x509_get_crl_ext( unsigned char **p, - unsigned char *end, - x509_buf *ext ) + const unsigned char *end, + x509_buf *ext ) { int ret, len; @@ -639,10 +639,10 @@ static int x509_get_crl_ext( unsigned char **p, * X.509 v3 extensions (only BasicConstraints are parsed) */ static int x509_get_crt_ext( unsigned char **p, - unsigned char *end, - x509_buf *ext, - int *ca_istrue, - int *max_pathlen ) + const unsigned char *end, + x509_buf *ext, + int *ca_istrue, + int *max_pathlen ) { int ret, len; int is_critical = 1; @@ -687,7 +687,7 @@ static int x509_get_crt_ext( unsigned char **p, * pathLenConstraint INTEGER (0..MAX) OPTIONAL } */ end_ext_octet = *p + len; - + if( end_ext_octet != end_ext_data ) return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS | POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); @@ -737,7 +737,7 @@ static int x509_get_crt_ext( unsigned char **p, * X.509 CRL Entries */ static int x509_get_entries( unsigned char **p, - unsigned char *end, + const unsigned char *end, x509_crl_entry *entry ) { int ret, entry_len; @@ -793,10 +793,10 @@ static int x509_get_entries( unsigned char **p, /* * Parse one or more certificates and add them to the chained list */ -int x509parse_crt( x509_cert *chain, unsigned char *buf, int buflen ) +int x509parse_crt( x509_cert *chain, const unsigned char *buf, int buflen ) { int ret, len; - unsigned char *s1, *s2; + const unsigned char *s1, *s2; unsigned char *p, *end; x509_cert *crt; @@ -1151,7 +1151,7 @@ int x509parse_crt( x509_cert *chain, unsigned char *buf, int buflen ) /* * Parse one or more CRLs and add them to the chained list */ -int x509parse_crl( x509_crl *chain, unsigned char *buf, int buflen ) +int x509parse_crl( x509_crl *chain, const unsigned char *buf, int buflen ) { int ret, len; unsigned char *s1, *s2; @@ -1459,7 +1459,7 @@ int x509parse_crl( x509_crl *chain, unsigned char *buf, int buflen ) /* * Load all data from a file into a given buffer. */ -int load_file( char *path, unsigned char **buf, size_t *n ) +int load_file( const char *path, unsigned char **buf, size_t *n ) { FILE *f; @@ -1490,7 +1490,7 @@ int load_file( char *path, unsigned char **buf, size_t *n ) /* * Load one or more certificates and add them to the chained list */ -int x509parse_crtfile( x509_cert *chain, char *path ) +int x509parse_crtfile( x509_cert *chain, const char *path ) { int ret; size_t n; @@ -1510,7 +1510,7 @@ int x509parse_crtfile( x509_cert *chain, char *path ) /* * Load one or more CRLs and add them to the chained list */ -int x509parse_crlfile( x509_crl *chain, char *path ) +int x509parse_crlfile( x509_crl *chain, const char *path ) { int ret; size_t n; @@ -1531,7 +1531,7 @@ int x509parse_crlfile( x509_crl *chain, char *path ) /* * Read a 16-byte hex string and convert it to binary */ -static int x509_get_iv( unsigned char *s, unsigned char iv[8] ) +static int x509_get_iv( const unsigned char *s, unsigned char iv[8] ) { int i, j, k; @@ -1557,7 +1557,7 @@ static int x509_get_iv( unsigned char *s, unsigned char iv[8] ) */ static void x509_des3_decrypt( unsigned char des3_iv[8], unsigned char *buf, int buflen, - unsigned char *pwd, int pwdlen ) + const unsigned char *pwd, int pwdlen ) { md5_context md5_ctx; des3_context des3_ctx; @@ -1595,11 +1595,11 @@ static void x509_des3_decrypt( unsigned char des3_iv[8], /* * Parse a private RSA key */ -int x509parse_key( rsa_context *rsa, unsigned char *buf, int buflen, - unsigned char *pwd, int pwdlen ) +int x509parse_key( rsa_context *rsa, const unsigned char *key, int keylen, + const unsigned char *pwd, int pwdlen ) { int ret, len, enc; - unsigned char *s1, *s2; + unsigned char *buf, *s1, *s2; unsigned char *p, *end; #if defined(POLARSSL_DES_C) && defined(POLARSSL_MD5_C) unsigned char des3_iv[8]; @@ -1608,12 +1608,12 @@ int x509parse_key( rsa_context *rsa, unsigned char *buf, int buflen, ((void) pwdlen); #endif - s1 = (unsigned char *) strstr( (char *) buf, + s1 = (unsigned char *) strstr( (char *) key, "-----BEGIN RSA PRIVATE KEY-----" ); if( s1 != NULL ) { - s2 = (unsigned char *) strstr( (char *) buf, + s2 = (unsigned char *) strstr( (char *) key, "-----END RSA PRIVATE KEY-----" ); if( s2 == NULL || s2 <= s1 ) @@ -1667,7 +1667,7 @@ int x509parse_key( rsa_context *rsa, unsigned char *buf, int buflen, return( ret | POLARSSL_ERR_X509_KEY_INVALID_PEM ); } - buflen = len; + keylen = len; if( enc != 0 ) { @@ -1678,7 +1678,7 @@ int x509parse_key( rsa_context *rsa, unsigned char *buf, int buflen, return( POLARSSL_ERR_X509_KEY_PASSWORD_REQUIRED ); } - x509_des3_decrypt( des3_iv, buf, buflen, pwd, pwdlen ); + x509_des3_decrypt( des3_iv, buf, keylen, pwd, pwdlen ); if( buf[0] != 0x30 || buf[1] != 0x82 || buf[4] != 0x02 || buf[5] != 0x01 ) @@ -1691,11 +1691,15 @@ int x509parse_key( rsa_context *rsa, unsigned char *buf, int buflen, #endif } } + else + { + buf = NULL; + } memset( rsa, 0, sizeof( rsa_context ) ); - p = buf; - end = buf + buflen; + p = ( s1 != NULL ) ? buf : (unsigned char *) key; + end = p + keylen; /* * RSAPrivateKey ::= SEQUENCE { @@ -1787,7 +1791,7 @@ int x509parse_key( rsa_context *rsa, unsigned char *buf, int buflen, /* * Load and parse a private RSA key */ -int x509parse_keyfile( rsa_context *rsa, char *path, char *pwd ) +int x509parse_keyfile( rsa_context *rsa, const char *path, const char *pwd ) { int ret; size_t n; @@ -1863,11 +1867,11 @@ int compat_snprintf(char *str, size_t size, const char *format, ...) * Store the name in printable form into buf; no more * than size characters will be written */ -int x509parse_dn_gets( char *buf, size_t size, x509_name *dn ) +int x509parse_dn_gets( char *buf, size_t size, const x509_name *dn ) { int i, ret, n; unsigned char c; - x509_name *name; + const x509_name *name; char s[128], *p; memset( s, 0, sizeof( s ) ); @@ -1954,7 +1958,8 @@ int x509parse_dn_gets( char *buf, size_t size, x509_name *dn ) /* * Return an informational string about the certificate. */ -int x509parse_cert_info( char *buf, size_t size, char *prefix, x509_cert *crt ) +int x509parse_cert_info( char *buf, size_t size, const char *prefix, + const x509_cert *crt ) { int i, n, nr, ret; char *p; @@ -2030,11 +2035,12 @@ int x509parse_cert_info( char *buf, size_t size, char *prefix, x509_cert *crt ) /* * Return an informational string about the CRL. */ -int x509parse_crl_info( char *buf, size_t size, char *prefix, x509_crl *crl ) +int x509parse_crl_info( char *buf, size_t size, const char *prefix, + const x509_crl *crl ) { int i, n, nr, ret; char *p; - x509_crl_entry *entry; + const x509_crl_entry *entry; p = buf; n = size; @@ -2119,7 +2125,7 @@ int x509parse_crl_info( char *buf, size_t size, char *prefix, x509_crl *crl ) /* * Return 0 if the x509_time is still valid, or 1 otherwise. */ -int x509parse_time_expired( x509_time *to ) +int x509parse_time_expired( const x509_time *to ) { struct tm *lt; time_t tt; @@ -2145,9 +2151,9 @@ int x509parse_time_expired( x509_time *to ) /* * Return 1 if the certificate is revoked, or 0 otherwise. */ -int x509parse_revoked( x509_cert *crt, x509_crl *crl ) +int x509parse_revoked( const x509_cert *crt, const x509_crl *crl ) { - x509_crl_entry *cur = &crl->entry; + const x509_crl_entry *cur = &crl->entry; while( cur != NULL && cur->serial.len != 0 ) { @@ -2168,7 +2174,7 @@ int x509parse_revoked( x509_cert *crt, x509_crl *crl ) * * @param out Buffer to receive the hash (Should be at least 64 bytes) */ -static void x509_hash( unsigned char *in, int len, int alg, +static void x509_hash( const unsigned char *in, int len, int alg, unsigned char *out ) { switch( alg ) @@ -2205,7 +2211,7 @@ static void x509_hash( unsigned char *in, int len, int alg, int x509parse_verify( x509_cert *crt, x509_cert *trust_ca, x509_crl *ca_crl, - char *cn, int *flags ) + const char *cn, int *flags ) { int cn_len; int hash_id; diff --git a/programs/ssl/ssl_client1.c b/programs/ssl/ssl_client1.c index 455f08040..43668530a 100644 --- a/programs/ssl/ssl_client1.c +++ b/programs/ssl/ssl_client1.c @@ -38,7 +38,7 @@ #define DEBUG_LEVEL 4 -void my_debug( void *ctx, int level, char *str ) +void my_debug( void *ctx, int level, const char *str ) { if( level < DEBUG_LEVEL ) { diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 642ef8c6c..04613e7c1 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -53,7 +53,7 @@ struct options char *request_page; /* page on server to request */ } opt; -void my_debug( void *ctx, int level, char *str ) +void my_debug( void *ctx, int level, const char *str ) { if( level < opt.debug_level ) { diff --git a/programs/ssl/ssl_server.c b/programs/ssl/ssl_server.c index 67fbd2ecb..e0af1b068 100644 --- a/programs/ssl/ssl_server.c +++ b/programs/ssl/ssl_server.c @@ -80,7 +80,7 @@ int my_ciphers[] = #define DEBUG_LEVEL 0 -void my_debug( void *ctx, int level, char *str ) +void my_debug( void *ctx, int level, const char *str ) { if( level < DEBUG_LEVEL ) { diff --git a/programs/test/ssl_test.c b/programs/test/ssl_test.c index 6ba406981..f12c2e918 100644 --- a/programs/test/ssl_test.c +++ b/programs/test/ssl_test.c @@ -113,7 +113,7 @@ unsigned long int lcppm5( unsigned long int *state ) return( u ); } -void my_debug( void *ctx, int level, char *str ) +void my_debug( void *ctx, int level, const char *str ) { if( level < ((struct options *) ctx)->debug_level ) fprintf( stderr, "%s", str ); diff --git a/tests/suites/test_suite_debug.function b/tests/suites/test_suite_debug.function index c21bab659..b95c1cbbd 100644 --- a/tests/suites/test_suite_debug.function +++ b/tests/suites/test_suite_debug.function @@ -7,9 +7,10 @@ struct buffer_data char *ptr; }; -void string_debug(void *data, int level, char *str) +void string_debug(void *data, int level, const char *str) { struct buffer_data *buffer = (struct buffer_data *) data; + level = 0; memcpy(buffer->ptr, str, strlen(str)); buffer->ptr += strlen(str);