From d730c1263328c5990ce46cdf6394ce6e36cc3609 Mon Sep 17 00:00:00 2001 From: Steven Barth Date: Sun, 22 Feb 2009 23:19:25 +0000 Subject: Add axTLS sourcecode --- libs/nixio/axTLS/bindings/Config.in | 105 +++++ libs/nixio/axTLS/bindings/Makefile | 86 ++++ libs/nixio/axTLS/bindings/README | 43 ++ libs/nixio/axTLS/bindings/csharp/Makefile | 35 ++ libs/nixio/axTLS/bindings/csharp/axTLS.cs | 491 +++++++++++++++++++++ .../axTLS/bindings/generate_SWIG_interface.pl | 393 +++++++++++++++++ libs/nixio/axTLS/bindings/generate_interface.pl | 322 ++++++++++++++ libs/nixio/axTLS/bindings/java/Makefile | 94 ++++ libs/nixio/axTLS/bindings/java/SSL.java | 137 ++++++ libs/nixio/axTLS/bindings/java/SSLCTX.java | 229 ++++++++++ libs/nixio/axTLS/bindings/java/SSLClient.java | 81 ++++ libs/nixio/axTLS/bindings/java/SSLReadHolder.java | 61 +++ libs/nixio/axTLS/bindings/java/SSLServer.java | 72 +++ libs/nixio/axTLS/bindings/java/SSLUtil.java | 116 +++++ libs/nixio/axTLS/bindings/lua/Makefile | 67 +++ libs/nixio/axTLS/bindings/perl/Makefile | 91 ++++ libs/nixio/axTLS/bindings/vbnet/Makefile | 35 ++ libs/nixio/axTLS/bindings/vbnet/axTLSvb.vb | 200 +++++++++ 18 files changed, 2658 insertions(+) create mode 100644 libs/nixio/axTLS/bindings/Config.in create mode 100644 libs/nixio/axTLS/bindings/Makefile create mode 100644 libs/nixio/axTLS/bindings/README create mode 100644 libs/nixio/axTLS/bindings/csharp/Makefile create mode 100644 libs/nixio/axTLS/bindings/csharp/axTLS.cs create mode 100755 libs/nixio/axTLS/bindings/generate_SWIG_interface.pl create mode 100755 libs/nixio/axTLS/bindings/generate_interface.pl create mode 100644 libs/nixio/axTLS/bindings/java/Makefile create mode 100644 libs/nixio/axTLS/bindings/java/SSL.java create mode 100644 libs/nixio/axTLS/bindings/java/SSLCTX.java create mode 100644 libs/nixio/axTLS/bindings/java/SSLClient.java create mode 100644 libs/nixio/axTLS/bindings/java/SSLReadHolder.java create mode 100644 libs/nixio/axTLS/bindings/java/SSLServer.java create mode 100644 libs/nixio/axTLS/bindings/java/SSLUtil.java create mode 100644 libs/nixio/axTLS/bindings/lua/Makefile create mode 100644 libs/nixio/axTLS/bindings/perl/Makefile create mode 100644 libs/nixio/axTLS/bindings/vbnet/Makefile create mode 100644 libs/nixio/axTLS/bindings/vbnet/axTLSvb.vb (limited to 'libs/nixio/axTLS/bindings') diff --git a/libs/nixio/axTLS/bindings/Config.in b/libs/nixio/axTLS/bindings/Config.in new file mode 100644 index 0000000000..12a696ba8b --- /dev/null +++ b/libs/nixio/axTLS/bindings/Config.in @@ -0,0 +1,105 @@ +# +# For a description of the syntax of this configuration file, +# see scripts/config/Kconfig-language.txt +# +menu "Language Bindings" + +config CONFIG_BINDINGS + bool "Create language bindings" + default n + help + axTLS supports language bindings in C#, VB.NET, Java and Perl. + + Select Y here if you want to build the various language bindings. + +config CONFIG_CSHARP_BINDINGS + bool "Create C# bindings" + default n + depends on CONFIG_BINDINGS + help + Build C# bindings. + + This requires .NET to be installed on Win32 platforms and mono to be + installed on all other platforms. + +config CONFIG_VBNET_BINDINGS + bool "Create VB.NET bindings" + default n + depends on CONFIG_BINDINGS + help + Build VB.NET bindings. + + This requires the .NET to be installed and is only built under Win32 + platforms. + +menu ".Net Framework" +depends on CONFIG_CSHARP_BINDINGS || CONFIG_VBNET_BINDINGS +config CONFIG_DOT_NET_FRAMEWORK_BASE + string "Location of .NET Framework" + default "c:\\WINDOWS\\Microsoft.NET\\Framework\\v2.0.50727" +endmenu + +config CONFIG_JAVA_BINDINGS + bool "Create Java bindings" + default n + depends on CONFIG_BINDINGS + help + Build Java bindings. + + Current Issues (see README): + * Needs Java 1.4 or better. + * If building under Win32 it will use the Win32 JDK. + +menu "Java Home" +depends on CONFIG_JAVA_BINDINGS +config CONFIG_JAVA_HOME + string "Location of JDK" + default "c:\\Program Files\\Java\\jdk1.5.0_06" if CONFIG_PLATFORM_WIN32 || CONFIG_PLATFORM_CYGWIN + default "/usr/local/jdk142" if !CONFIG_PLATFORM_WIN32 && !CONFIG_PLATFORM_CYGWIN + depends on CONFIG_JAVA_BINDINGS + help + The location of Sun's JDK. +endmenu + +config CONFIG_PERL_BINDINGS + bool "Create Perl bindings" + default n + depends on CONFIG_BINDINGS + help + Build Perl bindings. + + Current Issues (see README): + * 64 bit versions don't work at present. + * libperl.so needs to be in the shared library path. + +menu "Perl Home" +depends on CONFIG_PERL_BINDINGS && CONFIG_PLATFORM_WIN32 +config CONFIG_PERL_CORE + string "Location of Perl CORE" + default "c:\\perl\\lib\\CORE" + help: + works with ActiveState + "http://www.activestate.com/Products/ActivePerl" + +config CONFIG_PERL_LIB + string "Name of Perl Library" + default "perl58.lib" +endmenu + +config CONFIG_LUA_BINDINGS + bool "Create Lua bindings" + default n + depends on CONFIG_BINDINGS && !CONFIG_PLATFORM_WIN32 + help + Build Lua bindings (see www.lua.org). + +menu "Lua Home" +depends on CONFIG_LUA_BINDINGS +config CONFIG_LUA_CORE + string "Location of Lua CORE" + default "/usr/local" + help: + If the Lua exists on another directory then this needs to be changed +endmenu + +endmenu diff --git a/libs/nixio/axTLS/bindings/Makefile b/libs/nixio/axTLS/bindings/Makefile new file mode 100644 index 0000000000..7654fbba57 --- /dev/null +++ b/libs/nixio/axTLS/bindings/Makefile @@ -0,0 +1,86 @@ +# +# Copyright (c) 2007, Cameron Rich +# +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are met: +# +# * Redistributions of source code must retain the above copyright notice, +# this list of conditions and the following disclaimer. +# * Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# * Neither the name of the axTLS project nor the names of its +# contributors may be used to endorse or promote products derived +# from this software without specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR +# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED +# TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY +# OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING +# NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF +# THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# + +all: + +include ../config/.config +include ../config/makefile.conf + +ifdef CONFIG_CSHARP_BINDINGS +all: csharp/axInterface.cs +endif + +ifdef CONFIG_VBNET_BINDINGS +all: vbnet/axInterface.vb +endif + +ifdef CONFIG_JAVA_BINDINGS +all: java/axtlsj.java +endif + +ifdef CONFIG_PERL_BINDINGS +all: perl/axTLSp_wrap.c +endif + +ifdef CONFIG_LUA_BINDINGS +all: lua/axTLSl_wrap.c +endif + +csharp/axInterface.cs: ../ssl/ssl.h + @perl ./generate_interface.pl -csharp + +vbnet/axInterface.vb: ../ssl/ssl.h + @perl ./generate_interface.pl -vbnet + +java/axTLSj.i: ../ssl/ssl.h + @perl ./generate_SWIG_interface.pl -java + +java/axtlsj.java: java/axTLSj.i $(wildcard java/SSL*.java) + @cd java; swig -java -package axTLSj axTLSj.i; $(MAKE) + +perl/axTLSp.i: ../ssl/ssl.h + @perl ./generate_SWIG_interface.pl -perl + +perl/axTLSp_wrap.c: perl/axTLSp.i + @cd perl; swig -perl5 axTLSp.i; $(MAKE) + +lua/axTLSl.i: ../ssl/ssl.h + @perl ./generate_SWIG_interface.pl -lua + +lua/axTLSl_wrap.c: lua/axTLSl.i + @cd lua; swig -lua axTLSl.i; $(MAKE) + +clean:: + $(MAKE) -C csharp clean + $(MAKE) -C vbnet clean + $(MAKE) -C java clean + $(MAKE) -C perl clean + $(MAKE) -C lua clean + diff --git a/libs/nixio/axTLS/bindings/README b/libs/nixio/axTLS/bindings/README new file mode 100644 index 0000000000..8bc3109c12 --- /dev/null +++ b/libs/nixio/axTLS/bindings/README @@ -0,0 +1,43 @@ +=============================================================================== += Language Bindings = +=============================================================================== + +The tools to generate the various language bindings are done here. +SWIG 1.3.24 or better is required for creating the Java and Perl bindings. + +Perl scripts are used to parse ssl.h and automagically give the appropriate +bindings. + +At present, the four languages supported are: + +* C# +* VB.NET +* Java +* Perl + +To generate each binding run the following: + +C#: +> generate_interface.pl -csharp + +VB.NET: +> generate_interface.pl -vbnet + + +Java: +> generate_SWIG_interface.pl -java +> cd java; swig -java -package axTLSj -noextern axTLSj.i + +Perl: +> generate_SWIG_interface.pl -perl +> cd perl; swig -noextern -perl axTLSp.i + +Java and Perl both create a library each called libaxtlsj.so and libaxtlsp.so +(or axtlsj.dll and atlsp.dll on Win32 platforms). + +Note: the "-noextern" is deprecated in swig 1.3.27 and newer. The "-noextern" +option was required to get Win32 bindings to work (which is why is has probably +been deprecated). + +Each binding (except for Perl) has an extra helper interface to make life +easier. diff --git a/libs/nixio/axTLS/bindings/csharp/Makefile b/libs/nixio/axTLS/bindings/csharp/Makefile new file mode 100644 index 0000000000..3414f85621 --- /dev/null +++ b/libs/nixio/axTLS/bindings/csharp/Makefile @@ -0,0 +1,35 @@ +# +# Copyright (c) 2007, Cameron Rich +# +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are met: +# +# * Redistributions of source code must retain the above copyright notice, +# this list of conditions and the following disclaimer. +# * Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# * Neither the name of the axTLS project nor the names of its +# contributors may be used to endorse or promote products derived +# from this software without specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR +# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED +# TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY +# OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING +# NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF +# THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# + +include ../../config/.config +include ../../config/makefile.conf + +clean:: + @rm -f axssl* axInterface.cs diff --git a/libs/nixio/axTLS/bindings/csharp/axTLS.cs b/libs/nixio/axTLS/bindings/csharp/axTLS.cs new file mode 100644 index 0000000000..cf64a256e7 --- /dev/null +++ b/libs/nixio/axTLS/bindings/csharp/axTLS.cs @@ -0,0 +1,491 @@ +/* + * Copyright (c) 2007, Cameron Rich + * + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * * Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * * Neither the name of the axTLS project nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR + * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +/** + * A wrapper around the unmanaged interface to give a semi-decent C# API + */ + +using System; +using System.Runtime.InteropServices; +using System.Net.Sockets; + +/** + * @defgroup csharp_api C# API. + * + * Ensure that the appropriate Dispose() methods are called when finished with + * various objects - otherwise memory leaks will result. + * @{ + */ +namespace axTLS +{ + /** + * @class SSL + * @ingroup csharp_api + * @brief A representation of an SSL connection. + */ + public class SSL + { + public IntPtr m_ssl; /**< A pointer to the real SSL type */ + + /** + * @brief Store the reference to an SSL context. + * @param ip [in] A reference to an SSL object. + */ + public SSL(IntPtr ip) + { + m_ssl = ip; + } + + /** + * @brief Free any used resources on this connection. + * + * A "Close Notify" message is sent on this connection (if possible). + * It is up to the application to close the socket. + */ + public void Dispose() + { + axtls.ssl_free(m_ssl); + } + + /** + * @brief Return the result of a handshake. + * @return SSL_OK if the handshake is complete and ok. + * @see ssl.h for the error code list. + */ + public int HandshakeStatus() + { + return axtls.ssl_handshake_status(m_ssl); + } + + /** + * @brief Return the SSL cipher id. + * @return The cipher id which is one of: + * - SSL_AES128_SHA (0x2f) + * - SSL_AES256_SHA (0x35) + * - SSL_RC4_128_SHA (0x05) + * - SSL_RC4_128_MD5 (0x04) + */ + public byte GetCipherId() + { + return axtls.ssl_get_cipher_id(m_ssl); + } + + /** + * @brief Get the session id for a handshake. + * + * This will be a 32 byte sequence and is available after the first + * handshaking messages are sent. + * @return The session id as a 32 byte sequence. + * @note A SSLv23 handshake may have only 16 valid bytes. + */ + public byte[] GetSessionId() + { + IntPtr ptr = axtls.ssl_get_session_id(m_ssl); + byte sess_id_size = axtls.ssl_get_session_id_size(m_ssl); + byte[] result = new byte[sess_id_size]; + Marshal.Copy(ptr, result, 0, sess_id_size); + return result; + } + + /** + * @brief Retrieve an X.509 distinguished name component. + * + * When a handshake is complete and a certificate has been exchanged, + * then the details of the remote certificate can be retrieved. + * + * This will usually be used by a client to check that the server's + * common name matches the URL. + * + * A full handshake needs to occur for this call to work. + * + * @param component [in] one of: + * - SSL_X509_CERT_COMMON_NAME + * - SSL_X509_CERT_ORGANIZATION + * - SSL_X509_CERT_ORGANIZATIONAL_NAME + * - SSL_X509_CA_CERT_COMMON_NAME + * - SSL_X509_CA_CERT_ORGANIZATION + * - SSL_X509_CA_CERT_ORGANIZATIONAL_NAME + * @return The appropriate string (or null if not defined) + */ + public string GetCertificateDN(int component) + { + return axtls.ssl_get_cert_dn(m_ssl, component); + } + } + + /** + * @class SSLUtil + * @ingroup csharp_api + * @brief Some global helper functions. + */ + public class SSLUtil + { + + /** + * @brief Return the build mode of the axTLS project. + * @return The build mode is one of: + * - SSL_BUILD_SERVER_ONLY + * - SSL_BUILD_ENABLE_VERIFICATION + * - SSL_BUILD_ENABLE_CLIENT + * - SSL_BUILD_FULL_MODE + */ + public static int BuildMode() + { + return axtls.ssl_get_config(axtls.SSL_BUILD_MODE); + } + + /** + * @brief Return the number of chained certificates that the + * client/server supports. + * @return The number of supported server certificates. + */ + public static int MaxCerts() + { + return axtls.ssl_get_config(axtls.SSL_MAX_CERT_CFG_OFFSET); + } + + /** + * @brief Return the number of CA certificates that the client/server + * supports. + * @return The number of supported CA certificates. + */ + public static int MaxCACerts() + { + return axtls.ssl_get_config(axtls.SSL_MAX_CA_CERT_CFG_OFFSET); + } + + /** + * @brief Indicate if PEM is supported. + * @return true if PEM supported. + */ + public static bool HasPEM() + { + return axtls.ssl_get_config(axtls.SSL_HAS_PEM) > 0 ? true : false; + } + + /** + * @brief Display the text string of the error. + * @param error_code [in] The integer error code. + */ + public static void DisplayError(int error_code) + { + axtls.ssl_display_error(error_code); + } + + /** + * @brief Return the version of the axTLS project. + */ + public static string Version() + { + return axtls.ssl_version(); + } + } + + /** + * @class SSLCTX + * @ingroup csharp_api + * @brief A base object for SSLServer/SSLClient. + */ + public class SSLCTX + { + /** + * @brief A reference to the real client/server context. + */ + protected IntPtr m_ctx; + + /** + * @brief Establish a new client/server context. + * + * This function is called before any client/server SSL connections are + * made. If multiple threads are used, then each thread will have its + * own SSLCTX context. Any number of connections may be made with a + * single context. + * + * Each new connection will use the this context's private key and + * certificate chain. If a different certificate chain is required, + * then a different context needs to be be used. + * + * @param options [in] Any particular options. At present the options + * supported are: + * - SSL_SERVER_VERIFY_LATER (client only): Don't stop a handshake if + * the server authentication fails. The certificate can be + * authenticated later with a call to VerifyCert(). + * - SSL_CLIENT_AUTHENTICATION (server only): Enforce client + * authentication i.e. each handshake will include a "certificate + * request" message from the server. + * - SSL_DISPLAY_BYTES (full mode build only): Display the byte + * sequences during the handshake. + * - SSL_DISPLAY_STATES (full mode build only): Display the state + * changes during the handshake. + * - SSL_DISPLAY_CERTS (full mode build only): Display the + * certificates that are passed during a handshake. + * - SSL_DISPLAY_RSA (full mode build only): Display the RSA key + * details that are passed during a handshake. + * @param num_sessions [in] The number of sessions to be used for + * session caching. If this value is 0, then there is no session + * caching. + * @return A client/server context. + */ + protected SSLCTX(uint options, int num_sessions) + { + m_ctx = axtls.ssl_ctx_new(options, num_sessions); + } + + /** + * @brief Remove a client/server context. + * + * Frees any used resources used by this context. Each connection will + * be sent a "Close Notify" alert (if possible). + */ + public void Dispose() + { + axtls.ssl_ctx_free(m_ctx); + } + + /** + * @brief Read the SSL data stream. + * @param ssl [in] An SSL object reference. + * @param in_data [out] After a successful read, the decrypted data + * will be here. It will be null otherwise. + * @return The number of decrypted bytes: + * - if > 0, then the handshaking is complete and we are returning the + * number of decrypted bytes. + * - SSL_OK if the handshaking stage is successful (but not yet + * complete). + * - < 0 if an error. + * @see ssl.h for the error code list. + * @note Use in_data before doing any successive ssl calls. + */ + public int Read(SSL ssl, out byte[] in_data) + { + IntPtr ptr = IntPtr.Zero; + int ret = axtls.ssl_read(ssl.m_ssl, ref ptr); + + if (ret > axtls.SSL_OK) + { + in_data = new byte[ret]; + Marshal.Copy(ptr, in_data, 0, ret); + } + else + { + in_data = null; + } + + return ret; + } + + /** + * @brief Write to the SSL data stream. + * @param ssl [in] An SSL obect reference. + * @param out_data [in] The data to be written + * @return The number of bytes sent, or if < 0 if an error. + * @see ssl.h for the error code list. + */ + public int Write(SSL ssl, byte[] out_data) + { + return axtls.ssl_write(ssl.m_ssl, out_data, out_data.Length); + } + + /** + * @brief Write to the SSL data stream. + * @param ssl [in] An SSL obect reference. + * @param out_data [in] The data to be written + * @param out_len [in] The number of bytes to be written + * @return The number of bytes sent, or if < 0 if an error. + * @see ssl.h for the error code list. + */ + public int Write(SSL ssl, byte[] out_data, int out_len) + { + return axtls.ssl_write(ssl.m_ssl, out_data, out_len); + } + + /** + * @brief Find an ssl object based on a Socket reference. + * + * Goes through the list of SSL objects maintained in a client/server + * context to look for a socket match. + * @param s [in] A reference to a Socket object. + * @return A reference to the SSL object. Returns null if the object + * could not be found. + */ + public SSL Find(Socket s) + { + int client_fd = s.Handle.ToInt32(); + return new SSL(axtls. ssl_find(m_ctx, client_fd)); + } + + /** + * @brief Authenticate a received certificate. + * + * This call is usually made by a client after a handshake is complete + * and the context is in SSL_SERVER_VERIFY_LATER mode. + * @param ssl [in] An SSL object reference. + * @return SSL_OK if the certificate is verified. + */ + public int VerifyCert(SSL ssl) + { + return axtls.ssl_verify_cert(ssl.m_ssl); + } + + /** + * @brief Force the client to perform its handshake again. + * + * For a client this involves sending another "client hello" message. + * For the server is means sending a "hello request" message. + * + * This is a blocking call on the client (until the handshake + * completes). + * @param ssl [in] An SSL object reference. + * @return SSL_OK if renegotiation instantiation was ok + */ + public int Renegotiate(SSL ssl) + { + return axtls.ssl_renegotiate(ssl.m_ssl); + } + + /** + * @brief Load a file into memory that is in binary DER or ASCII PEM + * format. + * + * These are temporary objects that are used to load private keys, + * certificates etc into memory. + * @param obj_type [in] The format of the file. Can be one of: + * - SSL_OBJ_X509_CERT (no password required) + * - SSL_OBJ_X509_CACERT (no password required) + * - SSL_OBJ_RSA_KEY (AES128/AES256 PEM encryption supported) + * - SSL_OBJ_P8 (RC4-128 encrypted data supported) + * - SSL_OBJ_P12 (RC4-128 encrypted data supported) + * + * PEM files are automatically detected (if supported). + * @param filename [in] The location of a file in DER/PEM format. + * @param password [in] The password used. Can be null if not required. + * @return SSL_OK if all ok + */ + public int ObjLoad(int obj_type, string filename, string password) + { + return axtls.ssl_obj_load(m_ctx, obj_type, filename, password); + } + + /** + * @brief Transfer binary data into the object loader. + * + * These are temporary objects that are used to load private keys, + * certificates etc into memory. + * @param obj_type [in] The format of the memory data. + * @param data [in] The binary data to be loaded. + * @param len [in] The amount of data to be loaded. + * @param password [in] The password used. Can be null if not required. + * @return SSL_OK if all ok + */ + public int ObjLoad(int obj_type, byte[] data, int len, string password) + { + return axtls.ssl_obj_memory_load(m_ctx, obj_type, + data, len, password); + } + } + + /** + * @class SSLServer + * @ingroup csharp_api + * @brief The server context. + * + * All server connections are started within a server context. + */ + public class SSLServer : SSLCTX + { + /** + * @brief Start a new server context. + * + * @see SSLCTX for details. + */ + public SSLServer(uint options, int num_sessions) : + base(options, num_sessions) {} + + /** + * @brief Establish a new SSL connection to an SSL client. + * + * It is up to the application to establish the initial socket + * connection. + * + * Call Dispose() when the connection is to be removed. + * @param s [in] A reference to a Socket object. + * @return An SSL object reference. + */ + public SSL Connect(Socket s) + { + int client_fd = s.Handle.ToInt32(); + return new SSL(axtls.ssl_server_new(m_ctx, client_fd)); + } + } + + /** + * @class SSLClient + * @ingroup csharp_api + * @brief The client context. + * + * All client connections are started within a client context. + */ + public class SSLClient : SSLCTX + { + /** + * @brief Start a new client context. + * + * @see SSLCTX for details. + */ + public SSLClient(uint options, int num_sessions) : + base(options, num_sessions) {} + + /** + * @brief Establish a new SSL connection to an SSL server. + * + * It is up to the application to establish the initial socket + * connection. + * + * This is a blocking call - it will finish when the handshake is + * complete (or has failed). + * + * Call Dispose() when the connection is to be removed. + * @param s [in] A reference to a Socket object. + * @param session_id [in] A 32 byte session id for session resumption. + * This can be null if no session resumption is not required. + * @return An SSL object reference. Use SSL.handshakeStatus() to check + * if a handshake succeeded. + */ + public SSL Connect(Socket s, byte[] session_id) + { + int client_fd = s.Handle.ToInt32(); + byte sess_id_size = (byte)(session_id != null ? + session_id.Length : 0); + return new SSL(axtls.ssl_client_new(m_ctx, client_fd, session_id, + sess_id_size)); + } + } +} +/** @} */ diff --git a/libs/nixio/axTLS/bindings/generate_SWIG_interface.pl b/libs/nixio/axTLS/bindings/generate_SWIG_interface.pl new file mode 100755 index 0000000000..4b2517988f --- /dev/null +++ b/libs/nixio/axTLS/bindings/generate_SWIG_interface.pl @@ -0,0 +1,393 @@ +#!/usr/bin/perl + +# +# Copyright (c) 2007, Cameron Rich +# +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are met: +# +# * Redistributions of source code must retain the above copyright notice, +# this list of conditions and the following disclaimer. +# * Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# * Neither the name of the axTLS project nor the names of its +# contributors may be used to endorse or promote products derived +# from this software without specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR +# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED +# TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY +# OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING +# NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF +# THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# + +#=============================================================== +# Transforms function signature into SWIG format +sub transformSignature +{ + foreach $item (@_) + { + $line =~ s/STDCALL //g; + $line =~ s/EXP_FUNC/extern/g; + + # make API Java more 'byte' friendly + $line =~ s/uint32_t/int/g; + $line =~ s/const uint8_t \* /const unsigned char \* /g; + $line =~ s/\(void\)/()/g; + if ($ARGV[0] eq "-java") + { + $line =~ s/.*ssl_read.*//g; + $line =~ s/const uint8_t \*(\w+)/const signed char $1\[\]/g; + $line =~ s/uint8_t/signed char/g; + } + elsif ($ARGV[0] eq "-perl") + { + $line =~ s/const uint8_t \*(\w+)/const unsigned char $1\[\]/g; + $line =~ s/uint8_t/unsigned char/g; + } + else # lua + { + $line =~ s/const uint8_t \*session_id/const unsigned char session_id\[\]/g; + $line =~ s/const uint8_t \*\w+/unsigned char *INPUT/g; + $line =~ s/uint8_t/unsigned char/g; + } + } + + return $line; +} + +# Parse input file +sub parseFile +{ + foreach $line (@_) + { + next if $line =~ /ssl_x509_create/; # ignore for now + + # test for a #define + if (!$skip && $line =~ m/^#define/) + { + $splitDefine = 1 if $line =~ m/\\$/; + print DATA_OUT $line; + + # check line is not split + next if $splitDefine == 1; + } + + # pick up second line of #define statement + if ($splitDefine) + { + print DATA_OUT $line; + + # check line is not split + $splitDefine = ($line =~ m/\\$/); + next; + } + + # test for function declaration + if (!$skip && $line =~ /EXP_FUNC/ && $line !~/\/\*/) + { + $line = transformSignature($line); + $splitFunctionDeclaration = $line !~ /;/; + print DATA_OUT $line; + next; + } + + if ($splitFunctionDeclaration) + { + $line = transformSignature($line); + $splitFunctionDeclaration = $line !~ /;/; + print DATA_OUT $line; + next; + } + } +} + +#=============================================================== + +# Determine which module to build from cammand-line options +use strict; +use Getopt::Std; + +my $module; +my $interfaceFile; +my $data_file; +my $skip; +my $splitLine; +my @raw_data; + +if (not defined $ARGV[0]) +{ + goto ouch; +} + +if ($ARGV[0] eq "-java") +{ + print "Generating Java interface file\n"; + $module = "axtlsj"; + $interfaceFile = "java/axTLSj.i"; +} +elsif ($ARGV[0] eq "-perl") +{ + print "Generating Perl interface file\n"; + $module = "axtlsp"; + $interfaceFile = "perl/axTLSp.i"; +} +elsif ($ARGV[0] eq "-lua") +{ + print "Generating lua interface file\n"; + $module = "axtlsl"; + $interfaceFile = "lua/axTLSl.i"; +} +else +{ +ouch: + die "Usage: $0 [-java | -perl | -lua]\n"; +} + +# Input file required to generate SWIG interface file. +$data_file = "../ssl/ssl.h"; + +# Open input files +open(DATA_IN, $data_file) || die("Could not open file ($data_file)!"); +@raw_data = ; + +# Open output file +open(DATA_OUT, ">$interfaceFile") || die("Cannot Open File"); + +# +# I wish I could say it was easy to generate the Perl/Java/Lua bindings, +# but each had their own set of challenges... :-(. +# +print DATA_OUT << "END"; +%module $module\n + +/* include our own header */ +%inline %{ +#include "ssl.h" +%} + +%include "typemaps.i" +/* Some SWIG magic to make the API a bit more Java friendly */ +#ifdef SWIGJAVA + +%apply long { SSL * }; +%apply long { SSL_CTX * }; +%apply long { SSLObjLoader * }; + +/* allow "unsigned char []" to become "byte[]" */ +%include "arrays_java.i" + +/* convert these pointers to use long */ +%apply signed char[] {unsigned char *}; +%apply signed char[] {signed char *}; + +/* allow ssl_get_session_id() to return "byte[]" */ +%typemap(out) unsigned char * ssl_get_session_id \"if (result) jresult = SWIG_JavaArrayOutSchar(jenv, result, ssl_get_session_id_size((SSL const *)arg1));\" + +/* allow ssl_client_new() to have a null session_id input */ +%typemap(in) const signed char session_id[] (jbyte *jarr) { + if (jarg3 == NULL) + { + jresult = (jint)ssl_client_new(arg1,arg2,NULL,0); + return jresult; + } + + if (!SWIG_JavaArrayInSchar(jenv, &jarr, &arg3, jarg3)) return 0; +} + +/* Lot's of work required for an ssl_read() due to its various custom + * requirements. + */ +%native (ssl_read) int ssl_read(SSL *ssl, jobject in_data); +%{ +JNIEXPORT jint JNICALL Java_axTLSj_axtlsjJNI_ssl_1read(JNIEnv *jenv, jclass jcls, jint jarg1, jobject jarg2) { + jint jresult = 0 ; + SSL *arg1; + unsigned char *arg2; + jbyte *jarr; + int result; + JNIEnv e = *jenv; + jclass holder_class; + jfieldID fid; + + arg1 = (SSL *)jarg1; + result = (int)ssl_read(arg1, &arg2); + + /* find the "m_buf" entry in the SSLReadHolder class */ + if (!(holder_class = e->GetObjectClass(jenv,jarg2)) || + !(fid = e->GetFieldID(jenv,holder_class, "m_buf", "[B"))) + return SSL_NOT_OK; + + if (result > SSL_OK) + { + int i; + + /* create a new byte array to hold the read data */ + jbyteArray jarray = e->NewByteArray(jenv, result); + + /* copy the bytes across to the java byte array */ + jarr = e->GetByteArrayElements(jenv, jarray, 0); + for (i = 0; i < result; i++) + jarr[i] = (jbyte)arg2[i]; + + /* clean up and set the new m_buf object */ + e->ReleaseByteArrayElements(jenv, jarray, jarr, 0); + e->SetObjectField(jenv, jarg2, fid, jarray); + } + else /* set to null */ + e->SetObjectField(jenv, jarg2, fid, NULL); + + jresult = (jint)result; + return jresult; +} +%} + +/* Big hack to get hold of a socket's file descriptor */ +%typemap (jtype) long "Object" +%typemap (jstype) long "Object" +%native (getFd) int getFd(long sock); +%{ +JNIEXPORT jint JNICALL Java_axTLSj_axtlsjJNI_getFd(JNIEnv *env, jclass jcls, jobject sock) +{ + JNIEnv e = *env; + jfieldID fid; + jobject impl; + jobject fdesc; + + /* get the SocketImpl from the Socket */ + if (!(jcls = e->GetObjectClass(env,sock)) || + !(fid = e->GetFieldID(env,jcls,"impl","Ljava/net/SocketImpl;")) || + !(impl = e->GetObjectField(env,sock,fid))) return -1; + + /* get the FileDescriptor from the SocketImpl */ + if (!(jcls = e->GetObjectClass(env,impl)) || + !(fid = e->GetFieldID(env,jcls,"fd","Ljava/io/FileDescriptor;")) || + !(fdesc = e->GetObjectField(env,impl,fid))) return -1; + + /* get the fd from the FileDescriptor */ + if (!(jcls = e->GetObjectClass(env,fdesc)) || + !(fid = e->GetFieldID(env,jcls,"fd","I"))) return -1; + + /* return the descriptor */ + return e->GetIntField(env,fdesc,fid); +} +%} + +#endif + +/* Some SWIG magic to make the API a bit more Perl friendly */ +#ifdef SWIGPERL + +/* for ssl_session_id() */ +%typemap(out) const unsigned char * { + SV *svs = newSVpv((unsigned char *)\$1, ssl_get_session_id_size((SSL const *)arg1)); + \$result = newRV(svs); + sv_2mortal(\$result); + argvi++; +} + +/* for ssl_write() */ +%typemap(in) const unsigned char out_data[] { + SV* tempsv; + if (!SvROK(\$input)) + croak("Argument \$argnum is not a reference."); + tempsv = SvRV(\$input); + if (SvTYPE(tempsv) != SVt_PV) + croak("Argument \$argnum is not an string."); + \$1 = (unsigned char *)SvPV(tempsv, PL_na); +} + +/* for ssl_read() */ +%typemap(in) unsigned char **in_data (unsigned char *buf) { + \$1 = &buf; +} + +%typemap(argout) unsigned char **in_data { + if (result > SSL_OK) { + SV *svs = newSVpv(*\$1, result); + \$result = newRV(svs); + sv_2mortal(\$result); + argvi++; + } +} + +/* for ssl_client_new() */ +%typemap(in) const unsigned char session_id[] { + /* check for a reference */ + if (SvOK(\$input) && SvROK(\$input)) { + SV* tempsv = SvRV(\$input); + if (SvTYPE(tempsv) != SVt_PV) + croak("Argument \$argnum is not an string."); + \$1 = (unsigned char *)SvPV(tempsv, PL_na); + } + else + \$1 = NULL; +} + +#endif + +/* Some SWIG magic to make the API a bit more Lua friendly */ +#ifdef SWIGLUA +SWIG_NUMBER_TYPEMAP(unsigned char); +SWIG_TYPEMAP_NUM_ARR(uchar,unsigned char); + +/* for ssl_session_id() */ +%typemap(out) const unsigned char * { + int i; + lua_newtable(L); + for (i = 0; i < ssl_get_session_id_size((SSL const *)arg1); i++){ + lua_pushnumber(L,(lua_Number)result[i]); + lua_rawseti(L,-2,i+1); /* -1 is the number, -2 is the table */ + } + SWIG_arg++; +} + +/* for ssl_read() */ +%typemap(in) unsigned char **in_data (unsigned char *buf) { + \$1 = &buf; +} + +%typemap(argout) unsigned char **in_data { + if (result > SSL_OK) { + int i; + lua_newtable(L); + for (i = 0; i < result; i++){ + lua_pushnumber(L,(lua_Number)buf2[i]); + lua_rawseti(L,-2,i+1); /* -1 is the number, -2 is the table */ + } + SWIG_arg++; + } +} + +/* for ssl_client_new() */ +%typemap(in) const unsigned char session_id[] { + if (lua_isnil(L,\$input)) + \$1 = NULL; + else + \$1 = SWIG_get_uchar_num_array_fixed(L,\$input, ssl_get_session_id((SSL const *)\$1)); +} + +#endif + +END + +# Initialise loop variables +$skip = 1; +$splitLine = 0; + +parseFile(@raw_data); + +close(DATA_IN); +close(DATA_OUT); + +#=============================================================== + diff --git a/libs/nixio/axTLS/bindings/generate_interface.pl b/libs/nixio/axTLS/bindings/generate_interface.pl new file mode 100755 index 0000000000..c24bff9f40 --- /dev/null +++ b/libs/nixio/axTLS/bindings/generate_interface.pl @@ -0,0 +1,322 @@ +#!/usr/bin/perl -w + +# +# Copyright (c) 2007, Cameron Rich +# +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are met: +# +# * Redistributions of source code must retain the above copyright notice, +# this list of conditions and the following disclaimer. +# * Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# * Neither the name of the axTLS project nor the names of its +# contributors may be used to endorse or promote products derived +# from this software without specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR +# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED +# TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY +# OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING +# NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF +# THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# + +#=============================================================== +# This application transforms ssl.h into interfaces that can be used by +# other language bindings. It is "SWIG"-like in nature in that various +# files are generated based on the axTLS API. +# +# The file produced is axInterface.? (depending on the file extension). +# +#=============================================================== + +use strict; + +my $CSHARP = 0; +my $VBNET = 1; + +my $binding; +my $skip = 0; +my $signature_ret_type; + +# Transforms function signature into an Interface format +sub transformSignature +{ + my $item; + my ($line) = @_; + + foreach $item ($line) + { + # our very basic preprocessor + if ($binding == $CSHARP) + { + $line =~ s/STDCALL //; + $line =~ s/EXP_FUNC/ [DllImport ("axtls")]\n public static extern/; + $line =~ s/uint32_t/uint/g; + $line =~ s/uint8_t \*\*/ref IntPtr /g; + $line =~ s/const uint8_t \* /IntPtr /g; + $line =~ s/const uint8_t \*/byte[] /g; # note: subtle diff + $line =~ s/uint8_t \* ?/byte[] /g; + $line =~ s/uint8_t ?/byte /g; + $line =~ s/const char \* ?/string /g; + $line =~ s/const SSL_CTX \* ?/IntPtr /g; + $line =~ s/SSL_CTX \* ?/IntPtr /g; + $line =~ s/SSLObjLoader \* ?/IntPtr /g; + $line =~ s/const SSL \* ?/IntPtr /g; + $line =~ s/SSL \* ?/IntPtr /g; + $line =~ s/\(void\)/()/g; + } + elsif ($binding == $VBNET) + { + if ($line =~ /EXP_FUNC/) + { + # Procedure or function? + my $invariant = $line =~ /void /; + + my $proc = $invariant ? "Sub" : "Function"; + ($signature_ret_type) = $line =~ /EXP_FUNC (.*) STDCALL/; + $line =~ s/EXP_FUNC .* STDCALL / Public Shared $proc _\n /; + + $signature_ret_type =~ s/const uint8_t \*/As IntPtr/; + $signature_ret_type =~ s/const char \*/As String/; + $signature_ret_type =~ s/SSL_CTX \*/As IntPtr/; + $signature_ret_type =~ s/SSLObjLoader \*/As IntPtr/; + $signature_ret_type =~ s/SSL \*/As IntPtr/; + $signature_ret_type =~ s/uint8_t/As Byte/; + $signature_ret_type =~ s/int/As Integer/; + $signature_ret_type =~ s/void//; + $signature_ret_type .= "\n End $proc\n\n"; + } + + $line =~ s/uint32_t (\w+)/ByVal $1 As Integer/g; + $line =~ s/int (\w+)/ByVal $1 As Integer/g; + $line =~ s/uint8_t \*\* ?(\w+)/ByRef $1 As IntPtr/g; + $line =~ s/const uint8_t \* ?(\w+)/ByVal $1() As Byte/g; + $line =~ s/uint8_t \* ?(\w+)/ByVal $1() As Byte/g; + $line =~ s/uint8_t ?(\w+)/ByVal $1 As Byte/g; + $line =~ s/const char \* ?(\w+)/ByVal $1 As String/g; + $line =~ s/const SSL_CTX \* ?(\w+)/ByVal $1 As IntPtr/g; + $line =~ s/SSL_CTX \* ?(\w+)/ByVal $1 As IntPtr/g; + $line =~ s/SSLObjLoader \* ?(\w+)/ByVal $1 As IntPtr/g; + $line =~ s/const SSL \* ?(\w+)/ByVal $1 As IntPtr/g; + $line =~ s/SSL \* ?(\w+)/ByVal $1 As IntPtr/g; + $line =~ s/void \* ?(\w+)/Byval $1 As IntPtr/g; + $line =~ s/\(void\)/()/g; + $line =~ s/void//g; + $line =~ s/;\n/ $signature_ret_type;/; + } + } + + return $line; +} + +# Parse input file +sub parseFile +{ + my (@file) = @_; + my $line; + my $splitDefine = 0; + my $splitFunctionDeclaration; + my $vb_hack = " "; + my $vb_line_hack = 0; + + $skip = 0; + + foreach $line (@file) + { + next if $line =~ /sl_x509_create/; # ignore for now + + # test for a #define + if (!$skip && $line =~ m/^#define/) + { + $splitDefine = 1 if $line =~ m/\\$/; + + if ($binding == $VBNET) + { + $line =~ s/\|/Or/g; + $line =~ s/ 0x/ &H/; + } + + my ($name, $value) = $line =~ /#define (\w+) +([^\\]*)[\\]?\n/; + + if (defined $name && defined $value) + { + # C# constant translation + if ($binding == $CSHARP) + { + $line = " public const int $name = $value"; + } + # VB.NET constant translation + elsif ($binding == $VBNET) + { + $line = " Public Const $name As Integer = $value"; + } + } + + next if $line =~ /#define/; # ignore any other defines + + print DATA_OUT $line; + + # check line is not split + next if $splitDefine == 1; + print DATA_OUT ";" if $binding == $CSHARP; + print DATA_OUT "\n"; + } + + # pick up second line of #define statement + if ($splitDefine) + { + if ($line !~ /\\$/) + { + $line =~ s/$/;/ if $binding == $CSHARP; # add the ";" + } + + $line =~ s/ ?\| ?/ Or /g + if ($binding == $VBNET); + + # check line is not split + $splitDefine = ($line =~ m/\\$/); + + # ignore trailing "\" + $line =~ s/\\$// if $binding == $CSHARP; + $line =~ s/\\$/_/ if $binding == $VBNET; + print DATA_OUT $line; + next; + } + + # test for function declaration + if (!$skip && $line =~ /EXP_FUNC/ && $line !~ /\/\*/) + { + $line = transformSignature($line); + $splitFunctionDeclaration = $line !~ /;/; + $line =~ s/;// if ($binding == $VBNET); + $line =~ s/\n$/ _\n/ if ($binding == $VBNET) && + $splitFunctionDeclaration; + print DATA_OUT $line; + next; + } + + if ($splitFunctionDeclaration) + { + $line = transformSignature($line); + $splitFunctionDeclaration = $line !~ /;/; + $line =~ s/;// if ($binding == $VBNET); + $line =~ s/\n/ _\n/ if ($binding == $VBNET) && + $splitFunctionDeclaration == 1; + print DATA_OUT $line; + next; + } + } +} + +#=============================================================== + +# Determine which module to build from command-line options +use strict; +use Getopt::Std; + +my $binding_prefix; +my $binding_suffix; +my $data_file; +my @raw_data; + +if (not defined $ARGV[0]) +{ + goto ouch; +} + +if ($ARGV[0] eq "-csharp") +{ + print "Generating C# interface file\n"; + $binding_prefix = "csharp"; + $binding_suffix = "cs"; + $binding = $CSHARP; +} +elsif ($ARGV[0] eq "-vbnet") +{ + print "Generating VB.NET interface file\n"; + $binding_prefix = "vbnet"; + $binding_suffix = "vb"; + $binding = $VBNET; +} +else +{ +ouch: + die "Usage: $0 [-csharp | -vbnet]\n"; +} + +my $interfaceFile = "$binding_prefix/axInterface.$binding_suffix"; + +# Input file required to generate interface file. +$data_file = "../ssl/ssl.h"; + +# Open input files +open(DATA_IN, $data_file) || die("Could not open file ($data_file)!"); +@raw_data = ; + + +# Open output file +if ($binding == $CSHARP || $binding == $VBNET) +{ + open(DATA_OUT, ">$interfaceFile") || die("Cannot Open File"); +} + +# SPEC interface file header +if ($binding == $CSHARP) +{ + # generate the C#/C interface file + print DATA_OUT << "END"; +// The C# to C interface definition file for the axTLS project +// Do not modify - this file is generated + +using System; +using System.Runtime.InteropServices; + +namespace axTLS +{ + public class axtls + { +END +} +elsif ($binding == $VBNET) +{ + # generate the VB.NET/C interface file + print DATA_OUT << "END"; +' The VB.NET to C interface definition file for the axTLS project +' Do not modify - this file is generated + +Imports System +Imports System.Runtime.InteropServices + +Namespace axTLSvb + Public Class axtls +END +} + +parseFile(@raw_data); + +# finish up +if ($binding == $CSHARP) +{ + print DATA_OUT " };\n"; + print DATA_OUT "};\n"; +} +elsif ($binding == $VBNET) +{ + print DATA_OUT " End Class\nEnd Namespace\n"; +} + +close(DATA_IN); +close(DATA_OUT); + +#=============================================================== + diff --git a/libs/nixio/axTLS/bindings/java/Makefile b/libs/nixio/axTLS/bindings/java/Makefile new file mode 100644 index 0000000000..8df1d0aa83 --- /dev/null +++ b/libs/nixio/axTLS/bindings/java/Makefile @@ -0,0 +1,94 @@ +# +# Copyright (c) 2007, Cameron Rich +# +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are met: +# +# * Redistributions of source code must retain the above copyright notice, +# this list of conditions and the following disclaimer. +# * Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# * Neither the name of the axTLS project nor the names of its +# contributors may be used to endorse or promote products derived +# from this software without specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR +# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED +# TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY +# OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING +# NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF +# THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# + +AXTLS_HOME=../.. + +include $(AXTLS_HOME)/config/.config +include $(AXTLS_HOME)/config/makefile.conf +include $(AXTLS_HOME)/config/makefile.java.conf + +all: lib jar + +JAR=$(AXTLS_HOME)/$(STAGE)/axtls.jar + +ifdef CONFIG_PLATFORM_WIN32 +TARGET=$(AXTLS_HOME)/$(STAGE)/axtlsj.dll +else +TARGET=$(AXTLS_HOME)/$(STAGE)/libaxtlsj.so +endif + +lib: $(TARGET) +axTLSj_wrap.o : axTLSj_wrap.c + +JAVA_FILES= \ + axtlsjJNI.java \ + axtlsjConstants.java \ + axtlsj.java \ + SSLReadHolder.java \ + SSL.java \ + SSLUtil.java \ + SSLCTX.java \ + SSLServer.java \ + SSLClient.java + +OBJ=axTLSj_wrap.o + +JAVA_CLASSES:=$(JAVA_FILES:%.java=classes/axTLSj/%.class) + +ifdef CONFIG_PLATFORM_WIN32 +LDFLAGS += axtls.lib /libpath:"$(AXTLS_HOME)/$(STAGE)" + +include $(AXTLS_HOME)/config/makefile.post + +$(TARGET) : $(OBJ) + $(LD) $(LDFLAGS) $(LDSHARED) /out:$@ $(OBJ) +else # Not Win32 + +$(TARGET) : $(OBJ) + $(LD) $(LDFLAGS) -L $(AXTLS_HOME)/$(STAGE) $(LDSHARED) -o $@ $(OBJ) -laxtls +endif + +jar: $(OBJ) $(JAR) + +# if we are doing the samples then defer creating the jar until then +$(JAR): $(JAVA_CLASSES) +ifndef CONFIG_JAVA_SAMPLES + jar cvf $@ -C classes axTLSj +else + @if [ ! -f $(JAR) ]; then touch $(JAR); fi +endif + +classes/axTLSj/%.class : %.java + javac -d classes -classpath classes $^ + +clean:: + @rm -f $(JAR) $(TARGET) SWIG* axtls* *.i *.c + @rm -fr classes/* + diff --git a/libs/nixio/axTLS/bindings/java/SSL.java b/libs/nixio/axTLS/bindings/java/SSL.java new file mode 100644 index 0000000000..b53a6da067 --- /dev/null +++ b/libs/nixio/axTLS/bindings/java/SSL.java @@ -0,0 +1,137 @@ +/* + * Copyright (c) 2007, Cameron Rich + * + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * * Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * * Neither the name of the axTLS project nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR + * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +/* + * A wrapper around the unmanaged interface to give a semi-decent Java API + */ + +package axTLSj; + +import java.io.*; +import java.util.*; + +/** + * @defgroup java_api Java API. + * + * Ensure that the appropriate dispose() methods are called when finished with + * various objects - otherwise memory leaks will result. + */ + +/** + * @class SSL + * @ingroup java_api + * @brief A representation of an SSL connection. + * + */ +public class SSL +{ + public int m_ssl; /**< A pointer to the real SSL type */ + + /** + * @brief Store the reference to an SSL context. + * @param ip [in] A reference to an SSL object. + */ + public SSL(int ip) + { + m_ssl = ip; + } + + /** + * @brief Free any used resources on this connection. + * + * A "Close Notify" message is sent on this connection (if possible). It + * is up to the application to close the socket. + */ + public void dispose() + { + axtlsj.ssl_free(m_ssl); + } + + /** + * @brief Return the result of a handshake. + * @return SSL_OK if the handshake is complete and ok. + * @see ssl.h for the error code list. + */ + public int handshakeStatus() + { + return axtlsj.ssl_handshake_status(m_ssl); + } + + /** + * @brief Return the SSL cipher id. + * @return The cipher id which is one of: + * - SSL_AES128_SHA (0x2f) + * - SSL_AES256_SHA (0x35) + * - SSL_RC4_128_SHA (0x05) + * - SSL_RC4_128_MD5 (0x04) + */ + public byte getCipherId() + { + return axtlsj.ssl_get_cipher_id(m_ssl); + } + + /** + * @brief Get the session id for a handshake. + * + * This will be a 32 byte sequence and is available after the first + * handshaking messages are sent. + * @return The session id as a 32 byte sequence. + * @note A SSLv23 handshake may have only 16 valid bytes. + */ + public byte[] getSessionId() + { + return axtlsj.ssl_get_session_id(m_ssl); + } + + /** + * @brief Retrieve an X.509 distinguished name component. + * + * When a handshake is complete and a certificate has been exchanged, + * then the details of the remote certificate can be retrieved. + * + * This will usually be used by a client to check that the server's common + * name matches the URL. + * + * A full handshake needs to occur for this call to work. + * + * @param component [in] one of: + * - SSL_X509_CERT_COMMON_NAME + * - SSL_X509_CERT_ORGANIZATION + * - SSL_X509_CERT_ORGANIZATIONAL_NAME + * - SSL_X509_CA_CERT_COMMON_NAME + * - SSL_X509_CA_CERT_ORGANIZATION + * - SSL_X509_CA_CERT_ORGANIZATIONAL_NAME + * @return The appropriate string (or null if not defined) + */ + public String getCertificateDN(int component) + { + return axtlsj.ssl_get_cert_dn(m_ssl, component); + } +} diff --git a/libs/nixio/axTLS/bindings/java/SSLCTX.java b/libs/nixio/axTLS/bindings/java/SSLCTX.java new file mode 100644 index 0000000000..1cd3e032f0 --- /dev/null +++ b/libs/nixio/axTLS/bindings/java/SSLCTX.java @@ -0,0 +1,229 @@ +/* + * Copyright (c) 2007, Cameron Rich + * + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * * Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * * Neither the name of the axTLS project nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR + * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +/* + * A wrapper around the unmanaged interface to give a semi-decent Java API + */ + +package axTLSj; + +import java.net.*; + +/** + * @class SSLCTX + * @ingroup java_api + * @brief A base object for SSLServer/SSLClient. + */ +public class SSLCTX +{ + /** + * A reference to the real client/server context. + */ + protected int m_ctx; + + /** + * @brief Establish a new client/server context. + * + * This function is called before any client/server SSL connections are + * made. If multiple threads are used, then each thread will have its + * own SSLCTX context. Any number of connections may be made with a single + * context. + * + * Each new connection will use the this context's private key and + * certificate chain. If a different certificate chain is required, then a + * different context needs to be be used. + * + * @param options [in] Any particular options. At present the options + * supported are: + * - SSL_SERVER_VERIFY_LATER (client only): Don't stop a handshake if the + * server authentication fails. The certificate can be authenticated later + * with a call to verifyCert(). + * - SSL_CLIENT_AUTHENTICATION (server only): Enforce client authentication + * i.e. each handshake will include a "certificate request" message from + * the server. + * - SSL_DISPLAY_BYTES (full mode build only): Display the byte sequences + * during the handshake. + * - SSL_DISPLAY_STATES (full mode build only): Display the state changes + * during the handshake. + * - SSL_DISPLAY_CERTS (full mode build only): Display the certificates that + * are passed during a handshake. + * - SSL_DISPLAY_RSA (full mode build only): Display the RSA key details + * that are passed during a handshake. + * + * @param num_sessions [in] The number of sessions to be used for session + * caching. If this value is 0, then there is no session caching. + * + * If this option is null, then the default internal private key/ + * certificate pair is used (if CONFIG_SSL_USE_DEFAULT_KEY is set). + * + * The resources used by this object are automatically freed. + * @return A client/server context. + */ + protected SSLCTX(int options, int num_sessions) + { + m_ctx = axtlsj.ssl_ctx_new(options, num_sessions); + } + + /** + * @brief Remove a client/server context. + * + * Frees any used resources used by this context. Each connection will be + * sent a "Close Notify" alert (if possible). + */ + public void dispose() + { + axtlsj.ssl_ctx_free(m_ctx); + } + + /** + * @brief Read the SSL data stream. + * @param ssl [in] An SSL object reference. + * @param rh [out] After a successful read, the decrypted data can be + * retrieved with rh.getData(). It will be null otherwise. + * @return The number of decrypted bytes: + * - if > 0, then the handshaking is complete and we are returning the + * number of decrypted bytes. + * - SSL_OK if the handshaking stage is successful (but not yet complete). + * - < 0 if an error. + * @see ssl.h for the error code list. + * @note Use rh before doing any successive ssl calls. + */ + public int read(SSL ssl, SSLReadHolder rh) + { + return axtlsj.ssl_read(ssl.m_ssl, rh); + } + + /** + * @brief Write to the SSL data stream. + * @param ssl [in] An SSL obect reference. + * @param out_data [in] The data to be written + * @return The number of bytes sent, or if < 0 if an error. + * @see ssl.h for the error code list. + */ + public int write(SSL ssl, byte[] out_data) + { + return axtlsj.ssl_write(ssl.m_ssl, out_data, out_data.length); + } + + /** + * @brief Write to the SSL data stream. + * @param ssl [in] An SSL obect reference. + * @param out_data [in] The data to be written + * @param out_len [in] The number of bytes to be written + * @return The number of bytes sent, or if < 0 if an error. + * @see ssl.h for the error code list. + */ + public int write(SSL ssl, byte[] out_data, int out_len) + { + return axtlsj.ssl_write(ssl.m_ssl, out_data, out_len); + } + + /** + * @brief Find an ssl object based on a Socket reference. + * + * Goes through the list of SSL objects maintained in a client/server + * context to look for a socket match. + * @param s [in] A reference to a Socket object. + * @return A reference to the SSL object. Returns null if the object + * could not be found. + */ + public SSL find(Socket s) + { + int client_fd = axtlsj.getFd(s); + return new SSL(axtlsj.ssl_find(m_ctx, client_fd)); + } + + /** + * @brief Authenticate a received certificate. + * + * This call is usually made by a client after a handshake is complete + * and the context is in SSL_SERVER_VERIFY_LATER mode. + * @param ssl [in] An SSL object reference. + * @return SSL_OK if the certificate is verified. + */ + public int verifyCert(SSL ssl) + { + return axtlsj.ssl_verify_cert(ssl.m_ssl); + } + + /** + * @brief Force the client to perform its handshake again. + * + * For a client this involves sending another "client hello" message. + * For the server is means sending a "hello request" message. + * + * This is a blocking call on the client (until the handshake completes). + * @param ssl [in] An SSL object reference. + * @return SSL_OK if renegotiation instantiation was ok + */ + public int renegotiate(SSL ssl) + { + return axtlsj.ssl_renegotiate(ssl.m_ssl); + } + + /** + * @brief Load a file into memory that is in binary DER or ASCII PEM format. + * + * These are temporary objects that are used to load private keys, + * certificates etc into memory. + * @param obj_type [in] The format of the file. Can be one of: + * - SSL_OBJ_X509_CERT (no password required) + * - SSL_OBJ_X509_CACERT (no password required) + * - SSL_OBJ_RSA_KEY (AES128/AES256 PEM encryption supported) + * - SSL_OBJ_P8 (RC4-128 encrypted data supported) + * - SSL_OBJ_P12 (RC4-128 encrypted data supported) + * + * PEM files are automatically detected (if supported). + * @param filename [in] The location of a file in DER/PEM format. + * @param password [in] The password used. Can be null if not required. + * @return SSL_OK if all ok + */ + public int objLoad(int obj_type, String filename, String password) + { + return axtlsj.ssl_obj_load(m_ctx, obj_type, filename, password); + } + + /** + * @brief Transfer binary data into the object loader. + * + * These are temporary objects that are used to load private keys, + * certificates etc into memory. + * @param obj_type [in] The format of the memory data. + * @param data [in] The binary data to be loaded. + * @param len [in] The amount of data to be loaded. + * @param password [in] The password used. Can be null if not required. + * @return SSL_OK if all ok + */ + + public int objLoad(int obj_type, byte[] data, int len, String password) + { + return axtlsj.ssl_obj_memory_load(m_ctx, obj_type, data, len, password); + } +} diff --git a/libs/nixio/axTLS/bindings/java/SSLClient.java b/libs/nixio/axTLS/bindings/java/SSLClient.java new file mode 100644 index 0000000000..f65fe9c53f --- /dev/null +++ b/libs/nixio/axTLS/bindings/java/SSLClient.java @@ -0,0 +1,81 @@ +/* + * Copyright (c) 2007, Cameron Rich + * + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * * Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * * Neither the name of the axTLS project nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR + * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +/* + * A wrapper around the unmanaged interface to give a semi-decent Java API + */ + +package axTLSj; + +import java.net.*; + +/** + * @class SSLClient + * @ingroup java_api + * @brief The client context. + * + * All client connections are started within a client context. + */ +public class SSLClient extends SSLCTX +{ + /** + * @brief Start a new client context. + * + * @see SSLCTX for details. + */ + public SSLClient(int options, int num_sessions) + { + super(options, num_sessions); + } + + /** + * @brief Establish a new SSL connection to an SSL server. + * + * It is up to the application to establish the initial socket connection. + * + * This is a blocking call - it will finish when the handshake is + * complete (or has failed). + * + * Call dispose() when the connection is to be removed. + * @param s [in] A reference to a Socket object. + * @param session_id [in] A 32 byte session id for session resumption. This + * can be null if no session resumption is not required. + * @return An SSL object reference. Use SSL.handshakeStatus() to check + * if a handshake succeeded. + */ + public SSL connect(Socket s, byte[] session_id) + { + int client_fd = axtlsj.getFd(s); + byte sess_id_size = (byte)(session_id != null ? + session_id.length : 0); + return new SSL(axtlsj.ssl_client_new(m_ctx, client_fd, session_id, + sess_id_size)); + } +} diff --git a/libs/nixio/axTLS/bindings/java/SSLReadHolder.java b/libs/nixio/axTLS/bindings/java/SSLReadHolder.java new file mode 100644 index 0000000000..91fd76b23f --- /dev/null +++ b/libs/nixio/axTLS/bindings/java/SSLReadHolder.java @@ -0,0 +1,61 @@ +/* + * Copyright (c) 2007, Cameron Rich + * + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * * Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * * Neither the name of the axTLS project nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR + * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +/* + * A wrapper around the unmanaged interface to give a semi-decent Java API + */ + +package axTLSj; + +/** + * @class SSLReadHolder + * @ingroup java_api + * @brief A holder for data read in an SSL read. + */ +public class SSLReadHolder +{ + /** + * @brief Contruct a new read holder object. + */ + public SSLReadHolder() + { + m_buf = null; + } + + /** + * @brief Retrieve the reference to the read data. + */ + public byte[] getData() + { + return m_buf; + } + + private byte[] m_buf; +} diff --git a/libs/nixio/axTLS/bindings/java/SSLServer.java b/libs/nixio/axTLS/bindings/java/SSLServer.java new file mode 100644 index 0000000000..514ccb0342 --- /dev/null +++ b/libs/nixio/axTLS/bindings/java/SSLServer.java @@ -0,0 +1,72 @@ +/* + * Copyright (c) 2007, Cameron Rich + * + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * * Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * * Neither the name of the axTLS project nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR + * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +/* + * A wrapper around the unmanaged interface to give a semi-decent Java API + */ + +package axTLSj; + +import java.net.*; + +/** + * @class SSLServer + * @ingroup java_api + * @brief The server context. + * + * All server connections are started within a server context. + */ +public class SSLServer extends SSLCTX +{ + /** + * @brief Start a new server context. + * + * @see SSLCTX for details. + */ + public SSLServer(int options, int num_sessions) + { + super(options, num_sessions); + } + + /** + * @brief Establish a new SSL connection to an SSL client. + * + * It is up to the application to establish the initial socket connection. + * + * Call dispose() when the connection is to be removed. + * @param s [in] A reference to a Socket object. + * @return An SSL object reference. + */ + public SSL connect(Socket s) + { + int client_fd = axtlsj.getFd(s); + return new SSL(axtlsj.ssl_server_new(m_ctx, client_fd)); + } +} diff --git a/libs/nixio/axTLS/bindings/java/SSLUtil.java b/libs/nixio/axTLS/bindings/java/SSLUtil.java new file mode 100644 index 0000000000..3d53de51cb --- /dev/null +++ b/libs/nixio/axTLS/bindings/java/SSLUtil.java @@ -0,0 +1,116 @@ +/* + * Copyright (c) 2007, Cameron Rich + * + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * * Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * * Neither the name of the axTLS project nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR + * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +/* + * A wrapper around the unmanaged interface to give a semi-decent Java API + */ + +package axTLSj; + +import java.io.*; +import java.util.*; + +/** + * @class SSLUtil + * @ingroup java_api + * @brief Some global helper functions. + * + */ +public class SSLUtil +{ + /** + * @brief Load up the ddl/shared library + */ + static + { + System.loadLibrary("axtlsj"); + } + + /** + * @brief Return the build mode of the axTLS project. + * @return The build mode is one of: + * - SSL_BUILD_SERVER_ONLY + * - SSL_BUILD_ENABLE_VERIFICATION + * - SSL_BUILD_ENABLE_CLIENT + * - SSL_BUILD_FULL_MODE + */ + public static int buildMode() + { + return axtlsj.ssl_get_config(axtlsj.SSL_BUILD_MODE); + } + + /** + * @brief Return the number of chained certificates that the client/server + * supports. + * @return The number of supported client/server certificates. + */ + public static int maxCerts() + { + return axtlsj.ssl_get_config(axtlsj.SSL_MAX_CERT_CFG_OFFSET); + } + + /** + * @brief Return the number of CA certificates that the client/server + * supports. + * @return The number of supported CA certificates. + */ + public static int maxCACerts() + { + return axtlsj.ssl_get_config(axtlsj.SSL_MAX_CA_CERT_CFG_OFFSET); + } + + /** + * @brief Indicate if PEM is supported. + * @return true if PEM supported. + */ + public static boolean hasPEM() + { + return axtlsj.ssl_get_config(axtlsj.SSL_HAS_PEM) > 0 ? true : false; + } + + /** + * @brief Display the text string of the error. + * @param error_code [in] The integer error code. + * @see ssl.h for the error code list. + */ + public static void displayError(int error_code) + { + axtlsj.ssl_display_error(error_code); + } + + /** + * @brief Return the version of the axTLS project. + */ + public static String version() + { + return axtlsj.ssl_version(); + } +} + diff --git a/libs/nixio/axTLS/bindings/lua/Makefile b/libs/nixio/axTLS/bindings/lua/Makefile new file mode 100644 index 0000000000..daacf92150 --- /dev/null +++ b/libs/nixio/axTLS/bindings/lua/Makefile @@ -0,0 +1,67 @@ +# +# Copyright (c) 2007, Cameron Rich +# +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are met: +# +# * Redistributions of source code must retain the above copyright notice, +# this list of conditions and the following disclaimer. +# * Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# * Neither the name of the axTLS project nor the names of its +# contributors may be used to endorse or promote products derived +# from this software without specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR +# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED +# TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY +# OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING +# NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF +# THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# + +AXTLS_HOME=../.. + +include $(AXTLS_HOME)/config/.config +include $(AXTLS_HOME)/config/makefile.conf + +all: lib + + +ifdef CONFIG_PLATFORM_WIN32 +TARGET=$(AXTLS_HOME)/$(STAGE)/axtlsl.dll +else +TARGET=$(CONFIG_LUA_CORE)/lib/lua/5.1/axtlsl.so +endif + +ifneq ($(MAKECMDGOALS), clean) + +lib: $(TARGET) +OBJ:=axTLSl_wrap.o +include $(AXTLS_HOME)/config/makefile.post + +# there are a few static functions that aren't used +CFLAGS += -funit-at-a-time + +$(TARGET) : $(OBJ) + $(LD) $(LDFLAGS) $(LDSHARED) -o $@ $^ -L$(AXTLS_HOME)/$(STAGE) -L$(CONFIG_LUA_CORE)/lib -laxtls -llua + +CFLAGS += -I $(CONFIG_LUA_CORE)/include +else +CFLAGS += /I"`cygpath -w $(CONFIG_LUA_CORE)/include`" +LDFLAGS += axtls.lib /libpath:"$(AXTLS_HOME)/$(STAGE)" + +$(TARGET) : $(OBJ) + $(LD) $(LDFLAGS) $(LDSHARED) /out:$@ $(OBJ) +endif # WIN32 + +clean:: + @rm -f $(TARGET) *.i axTLSl* .depend diff --git a/libs/nixio/axTLS/bindings/perl/Makefile b/libs/nixio/axTLS/bindings/perl/Makefile new file mode 100644 index 0000000000..92fd3c50f7 --- /dev/null +++ b/libs/nixio/axTLS/bindings/perl/Makefile @@ -0,0 +1,91 @@ +# +# Copyright (c) 2007, Cameron Rich +# +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are met: +# +# * Redistributions of source code must retain the above copyright notice, +# this list of conditions and the following disclaimer. +# * Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# * Neither the name of the axTLS project nor the names of its +# contributors may be used to endorse or promote products derived +# from this software without specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR +# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED +# TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY +# OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING +# NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF +# THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# + +AXTLS_HOME=../.. + +include $(AXTLS_HOME)/config/.config +include $(AXTLS_HOME)/config/makefile.conf + +all: lib + +ifdef CONFIG_PLATFORM_WIN32 +TARGET=$(AXTLS_HOME)/$(STAGE)/axtlsp.dll +else +TARGET=$(AXTLS_HOME)/$(STAGE)/libaxtlsp.so +endif + +ifneq ($(MAKECMDGOALS), clean) + +ifdef CONFIG_PLATFORM_WIN32 +PERL5_CORE:=$(shell cygpath -w "$(CONFIG_PERL_CORE)") +else +PERL5_CORE= $(shell perl -e 'use Config; print $$Config{archlib};')/CORE +endif + +all: test_perl + +test_perl: + @if ! [ -d "$(PERL5_CORE)" ]; then \ + echo "*** Error: Perl not installed at $(CONFIG_PERL_CORE) - go to " \ + "http://www.cpan.org/authors/id/G/GR/GRAHAMC/SiePerl-5.8.0-bin-1.0-Win32.INSTALL.exe" && exit 1; \ + fi + +endif + +lib: $(TARGET) +OBJ:=axTLSp_wrap.o +include $(AXTLS_HOME)/config/makefile.post + +ifndef CONFIG_PLATFORM_WIN32 # Linux/Unix/Cygwin + +# +# Could have used libperl.a, but it increases the library to over 1MB, so just +# use libperl.so. But this needs to be in the shared library path for things to +# work. +# +$(TARGET) : $(OBJ) + $(LD) $(LDFLAGS) -L$(AXTLS_HOME)/$(STAGE) -L$(PERL5_CORE) $(LDSHARED) -o $@ $(OBJ) -laxtls -lperl +ifdef CONFIG_PLATFORM_CYGWIN + cd $(AXTLS_HOME)/$(STAGE); ln -sf $(notdir $@) axtlsp.dll +endif + @install axtlsp.pm $(AXTLS_HOME)/$(STAGE) + +CFLAGS += -D_GNU_SOURCE -I$(PERL5_CORE) +else +CFLAGS += /I"$(PERL5_CORE)" +LDFLAGS += $(CONFIG_PERL_LIB) /libpath:"$(PERL5_CORE)" axtls.lib /libpath:"$(AXTLS_HOME)/$(STAGE)" + +$(TARGET) : $(OBJ) + $(LD) $(LDFLAGS) $(LDSHARED) /out:$@ $(OBJ) + install axtlsp.pm $(AXTLS_HOME)/$(STAGE) +endif # WIN32 + +clean:: + @rm -f $(TARGET) axtls* *.i axTLSp* *.c .depend $(AXTLS_HOME)/$(STAGE)/axtlsp.pm diff --git a/libs/nixio/axTLS/bindings/vbnet/Makefile b/libs/nixio/axTLS/bindings/vbnet/Makefile new file mode 100644 index 0000000000..7da60d02ed --- /dev/null +++ b/libs/nixio/axTLS/bindings/vbnet/Makefile @@ -0,0 +1,35 @@ +# +# Copyright (c) 2007, Cameron Rich +# +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are met: +# +# * Redistributions of source code must retain the above copyright notice, +# this list of conditions and the following disclaimer. +# * Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# * Neither the name of the axTLS project nor the names of its +# contributors may be used to endorse or promote products derived +# from this software without specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR +# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED +# TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY +# OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING +# NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF +# THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# + +include ../../config/.config +include ../../config/makefile.conf + +clean:: + @rm -f axssl* axInterface.vb diff --git a/libs/nixio/axTLS/bindings/vbnet/axTLSvb.vb b/libs/nixio/axTLS/bindings/vbnet/axTLSvb.vb new file mode 100644 index 0000000000..9388273ce8 --- /dev/null +++ b/libs/nixio/axTLS/bindings/vbnet/axTLSvb.vb @@ -0,0 +1,200 @@ +' +' Copyright (c) 2007, Cameron Rich +' +' All rights reserved. +' +' Redistribution and use in source and binary forms, with or without +' modification, are permitted provided that the following conditions are met: +' +' * Redistributions of source code must retain the above copyright notice, +' this list of conditions and the following disclaimer. +' * Redistributions in binary form must reproduce the above copyright +' notice, this list of conditions and the following disclaimer in the +' documentation and/or other materials provided with the distribution. +' * Neither the name of the axTLS project nor the names of its +' contributors may be used to endorse or promote products derived +' from this software without specific prior written permission. +' +' THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +' "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +' LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +' A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR +' CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +' SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED +' TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +' DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY +' OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING +' NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF +' THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +' + +' +' A wrapper around the unmanaged Integererface to give a semi-decent VB.NET API +' + +Imports System +Imports System.Runtime.InteropServices +Imports System.Net.Sockets +Imports axTLSvb + +Namespace axTLSvb + Public Class SSL + Public m_ssl As IntPtr + + Public Sub New(ByRef ip As IntPtr) + m_ssl = ip + End Sub + + Public Sub Dispose() + axtls.ssl_free(m_ssl) + End Sub + + Public Function HandshakeStatus() As Integer + Return axtls.ssl_handshake_status(m_ssl) + End Function + + Public Function GetCipherId() As Byte + Return axtls.ssl_get_cipher_id(m_ssl) + End Function + + Public Function GetSessionId() As Byte() + Dim ptr As IntPtr = axtls.ssl_get_session_id(m_ssl) + Dim sess_id_size As Integer = axtls.ssl_get_session_id_size(m_ssl) + Dim result(sess_id_size-1) As Byte + Marshal.Copy(ptr, result, 0, sess_id_size) + Return result + End Function + + Public Function GetCertificateDN(component As Integer) As String + Return axtls.ssl_get_cert_dn(m_ssl, component) + End Function + End Class + + Public Class SSLUtil + Private dummy As Integer ' need something here + + Public Shared Function BuildMode() As Integer + Return axtls.ssl_get_config(axtls.SSL_BUILD_MODE) + End Function + + Public Shared Function MaxCerts() As Integer + Return axtls.ssl_get_config(axtls.SSL_MAX_CERT_CFG_OFFSET) + End Function + + Public Shared Function MaxCACerts() As Integer + Return axtls.ssl_get_config(axtls.SSL_MAX_CA_CERT_CFG_OFFSET) + End Function + + Public Shared Function HasPEM() As Boolean + If axtls.ssl_get_config(axtls.SSL_HAS_PEM) > 0 Then + Return True + Else + Return False + End If + End Function + + Public Shared Sub DisplayError(ByVal error_code As Integer) + axtls.ssl_display_error(error_code) + End Sub + + Public Shared Function Version() As String + Return axtls.ssl_version() + End Function + End Class + + Public Class SSLCTX + Protected m_ctx As IntPtr + + Protected Sub New(ByVal options As Integer, _ + ByVal num_sessions As Integer) + m_ctx = axtls.ssl_ctx_new(options, num_sessions) + End Sub + + Public Sub Dispose() + axtls.ssl_ctx_free(m_ctx) + End Sub + + Public Function Read(ByVal ssl As SSL, ByRef in_data As Byte()) As Integer + Dim ptr As IntPtr = IntPtr.Zero + Dim ret as Integer = axtls.ssl_read(ssl.m_ssl, ptr) + + If ret > axtls.SSL_OK Then + ReDim in_data(ret) + Marshal.Copy(ptr, in_data, 0, ret) + Else + in_data = Nothing + End If + + Return ret + End Function + + Public Function Write(ByVal ssl As SSL, _ + ByVal data As Byte(), len As Integer) As Integer + Return axtls.ssl_write(ssl.m_ssl, data, len) + End Function + + Public Function Find(ByVal s As Socket) As SSL + Dim client_fd As Integer = s.Handle.ToInt32() + Return New SSL(axtls.ssl_find(m_ctx, client_fd)) + End Function + + Public Function VerifyCert(ByVal ssl As SSL) As Integer + Return axtls.ssl_verify_cert(ssl.m_ssl) + End Function + + Public Function Renegotiate(ByVal ssl As SSL) As Integer + Return axtls.ssl_renegotiate(ssl.m_ssl) + End Function + + Public Function ObjLoad(ByVal obj_type As Integer, _ + ByVal filename As String, _ + password As String) As Integer + Return axtls.ssl_obj_load(m_ctx, obj_type, filename, password) + End Function + + Public Function ObjLoad(ByVal obj_type As Integer, _ + ByVal data As Byte(), ByVal len As Integer, _ + password As String) As Integer + Return axtls.ssl_obj_memory_load( _ + m_ctx, obj_type, data, len, password) + End Function + End Class + + Public Class SSLServer + Inherits SSLCTX + + Public Sub New(ByVal options As Integer, _ + ByVal num_sessions As Integer) + MyBase.New(options, num_sessions) + End Sub + + Public Function Connect(ByVal s As Socket) As SSL + Dim client_fd As Integer = s.Handle.ToInt32() + Return New SSL(axtls.ssl_server_new(m_ctx, client_fd)) + End Function + End Class + + Public Class SSLClient + Inherits SSLCTX + + Public Sub New(ByVal options As Integer, _ + ByVal num_sessions As Integer) + MyBase.New(options, num_sessions) + End Sub + + Public Function Connect(ByVal s As Socket, _ + ByVal session_id As Byte()) As SSL + Dim client_fd As Integer = s.Handle.ToInt32() + Dim sess_id_size As Byte + If session_id is Nothing Then + sess_id_size = 0 + Else + sess_id_size = session_id.Length + End If + + Return New SSL(axtls.ssl_client_new(m_ctx, client_fd, session_id, _ + sess_id_size)) + End Function + + End Class +End Namespace -- cgit v1.2.3