JunkBox_Lib 1.10.1
Loading...
Searching...
No Matches
ssl_tool.c
Go to the documentation of this file.
1
25#include "ssl_tool.h"
26#include "dh_tool.h"
27
28
29#ifdef ENABLE_SSL
30
31
32//Buffer* Base64_DHspki = NULL;
33//Buffer* Base64_RSAspki = NULL;
34
35//Buffer* CRYPT_SharedKey = NULL;
36//const EVP_CIPHER* CRYPT_Type = NULL;
37//DH* DHkey = NULL;
38
39//int KEYEX_Algorism = 0;
40//int CRYPT_Algorism = 0;
41
42
43/*
44typedef struct dh_st
45{
46 BIGNUM* p;
47 BIGNUM* g;
48 BIGNUM* pub_key;
49 BIGNUM* priv_key;
50} DH;
51 */
52
53
54/*
55###############################################################################################
56for OpenSSL3
57see https://stackoverflow.com/questions/71551116/openssl-3-diffie-hellman-key-exchange-c
58see https://github.com/eugen15/diffie-hellman-cpp
59###############################################################################################
60*/
61
62
64//
65
89//Buffer get_DHsharedkey (Buffer pki, DH* dhkey); // see dh_tools.c
90
91int gen_CRYPT_SharedKey(int keyex, Buffer spki, Buffer* shdkey, void* ptr)
92{
93 if (spki.buf==NULL || shdkey==NULL) return FALSE;
94
95 if (keyex==SSL_DH) {
96 DH* dhkey = (DH*)ptr;
97 *shdkey = get_DHsharedkey(spki, dhkey); // 共有鍵を得る
98 }
99 else if (keyex==SSL_RSA) { // 未実装
100 *shdkey = dup_Buffer(spki);
101 }
102 else return FALSE;
103
104 return TRUE;
105}
106
107
108
110//
111
112int udp_send_crypt_Buffer_sockaddr_in(int sock, Buffer* data, struct sockaddr_in* sv, Buffer* key, EVP_CIPHER* cipher)
113{
114 int cc = 0;
115 Buffer buf;
116
117 if (data==NULL) return JBXL_ARGS_ERROR;
118
119 if (key!=NULL && cipher!=NULL) {
120 buf = encode_EVPAPI_Buffer(*data, *key, cipher);
121 cc = udp_send_Buffer_sockaddr_in(sock, &buf, sv);
122 free_Buffer(&buf);
123 }
124 else {
125 cc = udp_send_Buffer_sockaddr_in(sock, data, sv);
126 }
127
128 return cc;
129}
130
131
132int udp_recv_crypt_Buffer_sockaddr_in(int sock, Buffer* data, struct sockaddr_in* sv, Buffer* key, EVP_CIPHER* cipher)
133{
134 Buffer buf;
135
136 buf = make_Buffer(RECVBUFSZ);
137 int cc = udp_recv_Buffer_sockaddr_in(sock, &buf, sv);
138 if (cc<=0) {
139 free_Buffer(&buf);
140 return cc;
141 }
142
143 if (key!=NULL && cipher!=NULL) {
144 Buffer dec = decode_EVPAPI_Buffer(buf, *key, cipher);
145 copy_Buffer(&dec, data);
146 free_Buffer(&dec);
147 }
148 else {
149 copy_Buffer(&buf, data);
150 }
151
152 cc = data->vldsz;
153 free_Buffer(&buf);
154 return cc;
155}
156
157
158
160//
161
162int udp_send_crypt_Buffer(int sock, Buffer* data, struct addrinfo* sv, Buffer* key, EVP_CIPHER* cipher)
163{
164 int cc = 0;
165 Buffer buf;
166
167 if (data==NULL) return JBXL_ARGS_ERROR;
168
169 if (key!=NULL && cipher!=NULL) {
170 buf = encode_EVPAPI_Buffer(*data, *key, cipher);
171 cc = udp_send_Buffer(sock, &buf, sv);
172 free_Buffer(&buf);
173 }
174 else {
175 cc = udp_send_Buffer(sock, data, sv);
176 }
177
178 return cc;
179}
180
181
182int udp_recv_crypt_Buffer(int sock, Buffer* data, struct addrinfo* sv, Buffer* key, EVP_CIPHER* cipher)
183{
184 Buffer buf;
185
186 buf = make_Buffer(RECVBUFSZ);
187 int cc = udp_recv_Buffer(sock, &buf, sv);
188 if (cc<=0) {
189 free_Buffer(&buf);
190 return cc;
191 }
192
193 if (key!=NULL && cipher!=NULL) {
194 Buffer dec = decode_EVPAPI_Buffer(buf, *key, cipher);
195 copy_Buffer(&dec, data);
196 free_Buffer(&dec);
197 }
198 else {
199 copy_Buffer(&buf, data);
200 }
201
202 cc = data->vldsz;
203 free_Buffer(&buf);
204 return cc;
205}
206
207
208int tcp_send_crypt_Buffer(int sock, Buffer* data, Buffer* key, EVP_CIPHER* cipher)
209{
210 int cc = 0;
211 Buffer buf;
212
213 if (data==NULL) return JBXL_ARGS_ERROR;
214
215 if (key!=NULL && cipher!=NULL) {
216 buf = encode_EVPAPI_Buffer(*data, *key, cipher);
217 cc = tcp_send_Buffer(sock, &buf);
218 free_Buffer(&buf);
219 }
220 else {
221 cc = tcp_send_Buffer(sock, data);
222 }
223
224 return cc;
225}
226
227
228int tcp_recv_crypt_Buffer(int sock, Buffer* data, Buffer* key, EVP_CIPHER* cipher)
229{
230 Buffer buf;
231
232 buf = make_Buffer(RECVBUFSZ);
233 int cc = tcp_recv_Buffer(sock, &buf);
234 if (cc<=0) {
235 free_Buffer(&buf);
236 return cc;
237 }
238
239 if (key!=NULL && cipher!=NULL) {
240 Buffer dec = decode_EVPAPI_Buffer(buf, *key, cipher);
241 copy_Buffer(&dec, data);
242 free_Buffer(&dec);
243 }
244 else {
245 copy_Buffer(&buf, data);
246 }
247
248 cc = data->vldsz;
249 free_Buffer(&buf);
250 return cc;
251}
252
253
254Buffer get_plain_Buffer(Buffer data, Buffer* key, EVP_CIPHER* cipher)
255{
256 Buffer buf = init_Buffer();
257 if (key==NULL || cipher==NULL) return buf;
258
259 buf = decode_EVPAPI_Buffer(data, *key, cipher);
260 return buf;
261}
262
263
264Buffer get_crypt_Buffer(Buffer data, Buffer* key, EVP_CIPHER* cipher)
265{
266 Buffer buf = init_Buffer();
267 if (key==NULL || cipher==NULL) return buf;
268
269 buf = encode_EVPAPI_Buffer(data, *key, cipher);
270 return buf;
271}
272
273
298int tcp_send_crypt_mesg(int sock, char* mesg, Buffer* key, EVP_CIPHER* cipher)
299{
300 int cc = 0;
301 Buffer buf, enc;
302
303 if (mesg==NULL) return JBXL_ARGS_ERROR;
304 //DEBUG_MODE PRINT_ESC(" SEND -> [%s]\n", mesg);
305
306 if (key!=NULL && cipher!=NULL) {
307 buf = make_Buffer_bystr(mesg);
308 enc = encode_EVPAPI_Buffer(buf, *key, cipher);
309 free_Buffer(&buf);
310 if (enc.vldsz>0) {
311 buf = encode_base64_Buffer(enc);
312 free_Buffer(&enc);
313
314 //DEBUG_MODE PRINT_ESC("CSEND -> [%s]\n", (char*)buf.buf);
315 cc = tcp_send_sBufferln(sock, &buf);
316 free_Buffer(&buf);
317 }
318 }
319 else {
320 cc = tcp_send_mesg(sock, mesg);
321 }
322
323 return cc;
324}
325
326
351int tcp_send_crypt_sBuffer(int sock, Buffer* mesg, Buffer* key, EVP_CIPHER* cipher)
352{
353 int cc = 0;
354 Buffer buf, enc;
355
356 if (mesg==NULL) return JBXL_ARGS_ERROR;
357 //DEBUG_MODE PRINT_ESC(" SEND -> [%s]\n", (char*)mesg->buf);
358
359 if (key!=NULL && cipher!=NULL) {
360 enc = encode_EVPAPI_Buffer(*mesg, *key, cipher);
361 if (enc.vldsz>0) {
362 buf = encode_base64_Buffer(enc);
363 free_Buffer(&enc);
364
365 //DEBUG_MODE PRINT_ESC("CSEND -> [%s]\n", (char*)buf.buf);
366 cc = tcp_send_sBufferln(sock, &buf);
367 free_Buffer(&buf);
368 }
369 }
370 else {
371 cc = tcp_send_sBuffer(sock, mesg);
372 }
373
374 return cc;
375}
376
377
391Buffer get_plain_message(char* mesg, Buffer* key, EVP_CIPHER* cipher)
392{
393 Buffer buf, dec;
394
395 buf = make_Buffer_bystr(mesg);
396 //DEBUG_MODE PRINT_ESC(" MESG -> [%s]\n", mesg);
397 if (key==NULL || cipher==NULL) return buf;
398
399 dec = decode_base64_Buffer(buf);
400 if (dec.vldsz>0) {
401 free_Buffer(&buf);
402 buf = decode_EVPAPI_Buffer(dec, *key, cipher);
403 free_Buffer(&dec);
404 //DEBUG_MODE PRINT_ESC("DMESG -> [%s]\n", (char*)buf.buf);
405 }
406 return buf;
407}
408
409
423Buffer get_plain_sBuffer(Buffer mesg, Buffer* key, EVP_CIPHER* cipher)
424{
425 Buffer buf, dec;
426
427 buf = dup_Buffer(mesg);
428 //DEBUG_MODE PRINT_ESC(" MESG -> [%s]\n", (char*)mesg.buf);
429 if (key==NULL || cipher==NULL) return buf;
430
431 dec = decode_base64_Buffer(buf);
432 if (dec.vldsz>0) {
433 free_Buffer(&buf);
434 buf = decode_EVPAPI_Buffer(dec, *key, cipher);
435 free_Buffer(&dec);
436 //DEBUG_MODE PRINT_ESC("DMESG -> [%s]\n", (char*)buf.buf);
437 }
438 return buf;
439}
440
441
455Buffer get_crypt_message(char* mesg, Buffer* key, EVP_CIPHER* cipher)
456{
457 Buffer buf, enc;
458
459 buf = make_Buffer_bystr(mesg);
460 if (key==NULL || cipher==NULL) return buf;
461
462 enc = encode_EVPAPI_Buffer(buf, *key, cipher);
463 if (enc.vldsz>0) {
464 free_Buffer(&buf);
465 buf = encode_base64_Buffer(enc);
466 free_Buffer(&enc);
467 }
468
469 return buf;
470}
471
472
486Buffer get_crypt_sBuffer(Buffer mesg, Buffer* key, EVP_CIPHER* cipher)
487{
488 Buffer buf, enc;
489
490 buf = dup_Buffer(mesg);
491 if (key==NULL || cipher==NULL) return buf;
492
493 enc = encode_EVPAPI_Buffer(buf, *key, cipher);
494 if (enc.vldsz>0) {
495 free_Buffer(&buf);
496 buf = encode_base64_Buffer(enc);
497 free_Buffer(&enc);
498 }
499
500 return buf;
501}
502
503
504
506// Client's Side Check
507//
508
524int check_server_spki(Buffer ipaddr, Buffer spki, char* filename)
525{
526 Buffer buf;
527 FILE* fp;
528
529 buf = init_Buffer();
530
531 fp = fopen(filename, "rb");
532 if (fp!=NULL) {
533 buf = read_spki_with_ipaddr(ipaddr, fp);
534 fclose(fp);
535 if (buf.buf!=NULL) {
536 if (bincmp_Buffer(buf, spki)) {
537 free_Buffer(&buf);
538 return FALSE;
539 }
540 }
541 }
542
543 if (buf.buf==NULL) {
544 fp = file_chmod_open(filename, (char*)"a", S_IRUSR | S_IWUSR);
545 save_spki_with_ipaddr(ipaddr, spki, fp);
546 fclose(fp);
547 }
548
549 return TRUE;
550}
551
552
569int save_spki_with_ipaddr(Buffer ipa, Buffer pki, FILE* fp)
570{
571 unsigned int md;
572
573 if (fp==NULL) return FALSE;
574
575 md = JBXL_FIO_IPADDRESS | JBXL_FIO_STRING;
576 if (!save_tagged_Buffer(ipa, fp, md, FALSE)) return FALSE;
577
578 md = JBXL_FIO_SPKI | JBXL_FIO_ORIGINAL;
579 if (!save_tagged_Buffer(pki, fp, md, FALSE)) return FALSE;
580
581 return TRUE;
582}
583
584
595Buffer read_spki_with_ipaddr(Buffer ipa, FILE* fp)
596{
597 unsigned int md;
598 Buffer ips, pki;
599
600 pki = init_Buffer();
601 if (ipa.buf==NULL) return pki;
602
603 md = JBXL_FIO_IPADDRESS | JBXL_FIO_STRING;
604
605 ips = read_tagged_Buffer(fp, &md);
606 while (!feof(fp) && strcmp_Buffer(ipa, ips)) {
607 ips = read_tagged_Buffer(fp, &md);
608 }
609
610 if (!strcmp_Buffer(ipa, ips)) {
611 md = JBXL_FIO_SPKI | JBXL_FIO_ORIGINAL;
612 pki = read_tagged_Buffer(fp, &md);
613 }
614 free_Buffer(&ips);
615
616 return pki;
617}
618
619
620
622// EVP API
623//
624
645EVP_CIPHER* init_EVPAPI_Buffer(int type)
646{
647 EVP_CIPHER* cipher = NULL;
648
649 if (type==SSL_AES128CBC) {
650 cipher = (EVP_CIPHER*)EVP_aes_128_cbc();
651 }
652 else if (type==SSL_3DES3CBC) {
653 cipher = (EVP_CIPHER*)EVP_des_ede3_cbc();
654 }
655
656 return cipher;
657}
658
659
670Buffer decode_EVPAPI_Buffer(Buffer buf, Buffer shdkey, EVP_CIPHER* cipher)
671{
672 int sz, ss;
673 Buffer dec;
674 EVP_CIPHER_CTX* ctx;
675 unsigned char* iv;
676
677 dec = init_Buffer();
678 if (shdkey.buf==NULL || cipher==NULL) return dec;
679
680 iv = (unsigned char*)&(shdkey.buf[shdkey.vldsz - SSL_IV_SIZE]);
681
682#if OPENSSL_VERSION_NUMBER < 0x10101000L
683 ctx = (EVP_CIPHER_CTX*)malloc(sizeof(EVP_CIPHER_CTX)); // v1.1.0
684 memset(ctx, 0, sizeof(EVP_CIPHER_CTX));
685 EVP_CIPHER_CTX_init(ctx);
686#else
687 ctx = EVP_CIPHER_CTX_new(); // v1.1.1
688 EVP_CIPHER_CTX_reset(ctx);
689#endif
690
691 EVP_DecryptInit_ex(ctx, cipher, NULL, shdkey.buf, iv);
692
693 dec = make_Buffer(buf.vldsz + EVP_CIPHER_CTX_block_size(ctx) + 1);
694 if (dec.buf==NULL) return dec;
695
696 EVP_DecryptUpdate(ctx, dec.buf, &sz, buf.buf, buf.vldsz);
697 EVP_DecryptFinal_ex(ctx, &(dec.buf[sz]), &ss);
698 dec.vldsz = sz + ss;
699 dec.buf[dec.vldsz] = '\0';
700
701#if OPENSSL_VERSION_NUMBER < 0x10101000L
702 EVP_CIPHER_CTX_cleanup(ctx);
703#endif
704 free(ctx);
705 return dec;
706}
707
708
722Buffer encode_EVPAPI_Buffer(Buffer buf, Buffer shdkey, EVP_CIPHER* cipher)
723{
724 int i, len, ss=0, sz;
725 Buffer enc;
726 EVP_CIPHER_CTX* ctx;
727 unsigned char* iv;
728
729 enc = init_Buffer();
730 //if (CRYPT_SharedKey==NULL || CRYPT_Type==NULL) return enc;
731 if (shdkey.buf==NULL || cipher==NULL) return enc;
732
733 iv = (unsigned char*)&(shdkey.buf[shdkey.vldsz - SSL_IV_SIZE]);
734
735#if OPENSSL_VERSION_NUMBER < 0x10101000L
736 ctx = (EVP_CIPHER_CTX*)malloc(sizeof(EVP_CIPHER_CTX)); // v1.1.0
737 memset(ctx, 0, sizeof(EVP_CIPHER_CTX));
738 EVP_CIPHER_CTX_init(ctx);
739#else
740 ctx = EVP_CIPHER_CTX_new(); // v1.1.1
741 EVP_CIPHER_CTX_reset(ctx);
742#endif
743
744 EVP_EncryptInit_ex(ctx, cipher, NULL, shdkey.buf, iv);
745
746 len = buf.vldsz;
747 enc = make_Buffer(len + EVP_CIPHER_CTX_block_size(ctx));
748 if (enc.buf==NULL) return enc;
749
750 for (i=0; i<len/SSL_ENC_BLCKSZ; i++) {
751 EVP_EncryptUpdate(ctx, &(enc.buf[ss]), &sz, &(buf.buf[i*SSL_ENC_BLCKSZ]), SSL_ENC_BLCKSZ);
752 ss += sz;
753 }
754 if (len%SSL_ENC_BLCKSZ!=0) {
755 EVP_EncryptUpdate(ctx, &(enc.buf[ss]), &sz, &(buf.buf[i*SSL_ENC_BLCKSZ]), len%SSL_ENC_BLCKSZ);
756 ss += sz;
757 }
758 EVP_EncryptFinal_ex(ctx, &(enc.buf[ss]), &sz);
759 enc.vldsz = ss + sz;
760
761#if OPENSSL_VERSION_NUMBER < 0x10101000L
762 EVP_CIPHER_CTX_cleanup(ctx);
763#endif
764 free(ctx);
765 //EVP_CIPHER_CTX_free(ctx);
766 return enc;
767}
768
769
773void free_EVP_CIPHER(EVP_CIPHER** p_cipher)
774{
775 if (p_cipher==NULL || *p_cipher==NULL) return;
776
777 //free(*p_cipher); // EVP_CIPHER* は解放する必要がない?
778 *p_cipher = NULL;
779
780 return;
781}
782
783
784
786// SSL/TLS
787// Reference: http://h71000.www7.hp.com/doc/83final/BA554_90007/ch04s03.html
788// http://x68000.q-e-d.net/~68user/net/
789//
790
806void ssl_init()
807{
808 SSL_library_init();
809 SSL_load_error_strings();
810}
811
812
813
826SSL_CTX* ssl_client_setup(char* ca)
827{
828 SSL_CTX* ssl_ctx;
829
830#if OPENSSL_VERSION_NUMBER < 0x10101000L
831 ssl_ctx = SSL_CTX_new(SSLv23_client_method());
832#else
833 ssl_ctx = SSL_CTX_new(TLS_client_method());
834#endif
835 if (ssl_ctx==NULL) return NULL;
836
837 // 認証局データを読み込む(PEMデータ)
838 if (ca!=NULL) SSL_CTX_load_verify_locations(ssl_ctx, ca, NULL);
839
840 return ssl_ctx;
841}
842
843
861SSL* ssl_client_socket(int sock, SSL_CTX* ssl_ctx, int mode)
862{
863 if (ssl_ctx==NULL) return NULL;
864 //
865 SSL* ssl = SSL_new(ssl_ctx);
866 if (ssl==NULL) {
867 //SSL_CTX_free(ssl_ctx);
868 return NULL;
869 }
870
871 int ret = SSL_set_fd(ssl, sock);
872 if (ret!=1) {
873 ssl_close(ssl);
874 return NULL;
875 }
876
877 // サーバへ接続
878 ret = SSL_connect(ssl);
879 if (ret!=1) {
880 ssl_close(ssl);
881 return NULL;
882 }
883
884 // サーバ証明書のチェック
885 if (mode==ON) {
886 long lrt = SSL_get_verify_result(ssl);
887 if (lrt!=X509_V_OK) {
888 ssl_close(ssl);
889 return NULL;
890 }
891 }
892
893 return ssl;
894}
895
896
912SSL_CTX* ssl_server_setup(char* crt_fn, char* key_fn, char* chn_fn)
913{
914 int ret;
915 SSL_CTX* ssl_ctx;
916
917 //
918#if OPENSSL_VERSION_NUMBER < 0x10101000L
919 ssl_ctx = SSL_CTX_new(SSLv23_server_method());
920#else
921 ssl_ctx = SSL_CTX_new(TLS_server_method());
922#endif
923 if (ssl_ctx==NULL) return NULL;
924
925 // サーバ証明書と秘密鍵の読み込み
926 if (crt_fn!=NULL && key_fn!=NULL) {
927 if (chn_fn!=NULL) {
928 ret = SSL_CTX_use_certificate_file(ssl_ctx, crt_fn, SSL_FILETYPE_PEM);
929 }
930 else {
931 ret = ssl_read_fullchain_cert_file(ssl_ctx, crt_fn);
932 }
933
934 if (ret==1) {
935 ret = SSL_CTX_use_PrivateKey_file(ssl_ctx, key_fn, SSL_FILETYPE_PEM);
936 }
937
938 if (ret==1 && chn_fn!=NULL) {
939 ret = ssl_add_chain_file(ssl_ctx, chn_fn);
940 }
941
942 if (ret!=1) {
943 SSL_CTX_free(ssl_ctx);
944 return NULL;
945 }
946
947 //SSL_CTX_set_verify(ssl_ctx, SSL_VERIFY_PEER, NULL); // Client Certificate
948 //SSL_CTX_set_verify_depth(ssl_ctx, 1);
949 }
950
951 return ssl_ctx;
952}
953
954
965int ssl_add_chain_file(SSL_CTX* ssl_ctx, char* file)
966{
967 int ret = 0;
968 if (file==NULL) return ret;
969
970 BIO* bio = BIO_new(BIO_s_file());
971 if (bio==NULL) return ret;
972
973 BIO_read_filename(bio, file);
974 X509* x509 = PEM_read_bio_X509(bio, NULL, NULL, NULL);
975 while(x509!=NULL) {
976 ret = SSL_CTX_add_extra_chain_cert(ssl_ctx, x509);
977 x509 = PEM_read_bio_X509(bio, NULL, NULL, NULL);
978 }
979 BIO_free(bio);
980
981 return ret;
982}
983
984
995int ssl_read_fullchain_cert_file(SSL_CTX* ssl_ctx, char* file)
996{
997 int ret = 0;
998 if (file==NULL) return ret;
999
1000 BIO* bio = NULL;
1001 X509* x509 = NULL;
1002
1003 bio = BIO_new(BIO_s_file());
1004 if (bio==NULL) return ret;
1005 BIO_read_filename(bio, file);
1006
1007 // cert
1008 x509 = PEM_read_bio_X509(bio, NULL, NULL, NULL);
1009 if (x509!=NULL) {
1010 ret = SSL_CTX_use_certificate(ssl_ctx, x509);
1011 }
1012 // chain
1013 if (ret==1) {
1014 x509 = PEM_read_bio_X509(bio, NULL, NULL, NULL);
1015 while(x509!=NULL) {
1016 ret = SSL_CTX_add_extra_chain_cert(ssl_ctx, x509);
1017 x509 = PEM_read_bio_X509(bio, NULL, NULL, NULL);
1018 }
1019 }
1020
1021 BIO_free(bio);
1022
1023 return ret;
1024}
1025
1026
1027#define SSL_ACCEPT_COUNT_MAX 10
1028
1042SSL* ssl_server_socket(int sock, SSL_CTX* ssl_ctx)
1043{
1044 if (ssl_ctx==NULL) return NULL;
1045 int cnt_max = SSL_ACCEPT_COUNT_MAX;
1046
1047 SSL* ssl = SSL_new(ssl_ctx);
1048 if (ssl==NULL) {
1049 //SSL_CTX_free(ssl_ctx);
1050 return NULL;
1051 }
1052
1053 int ret = SSL_set_fd(ssl, sock);
1054 if (ret!=1) {
1055 ssl_close(ssl);
1056 return NULL;
1057 }
1058
1059 int cnt = 0;
1060 SSL_set_accept_state(ssl);
1061 do {
1062 ret = SSL_accept(ssl);
1063 ret = SSL_get_error(ssl, ret);
1064 cnt++;
1065 } while (cnt<=cnt_max && (ret==SSL_ERROR_WANT_READ || ret==SSL_ERROR_WANT_WRITE || ret==SSL_ERROR_SYSCALL));
1066
1067 if (ret==SSL_ERROR_SSL || cnt>cnt_max) {
1068 if (ret!=SSL_ERROR_SSL) ssl_close(ssl);
1069 return NULL;
1070 }
1071
1072 return ssl;
1073}
1074
1075
1083void ssl_close(SSL* ssl)
1084{
1085 if (ssl!=NULL) {
1086 //SSL_CTX* p = ssl->ctx;
1087 SSL_shutdown(ssl);
1088 SSL_free(ssl);
1089 //if (p!=NULL) SSL_CTX_free(p);
1090 }
1091}
1092
1093
1104tList* ssl_get_cert_info(SSL* ssl)
1105{
1106 tList* lt;
1107 tList* lp;
1108 char* pp;
1109 char buf[LBUF];
1110 X509* x509;
1111 BIO* bio;
1112
1113 pp = (char*)SSL_get_cipher(ssl);
1114 lt = lp = add_tList_node_str(NULL, "cipher", pp);
1115
1116 pp = (char*)SSL_get_cipher_version(ssl);
1117 lp = add_tList_node_str(lp, "version", pp);
1118
1119 x509 = SSL_get_peer_certificate(ssl);
1120 if (x509==NULL) return lt;
1121
1122 bio = BIO_new(BIO_s_mem());
1123 if (bio==NULL) {
1124 X509_free(x509);
1125 return lt;
1126 }
1127
1128 X509_NAME_print_ex(bio, X509_get_subject_name(x509), 0, XN_FLAG_RFC2253);
1129 BIO_gets(bio, buf, LBUF);
1130 lp = add_tList_node_str(lp, "subject", buf);
1131
1132 X509_NAME_print_ex(bio, X509_get_issuer_name(x509), 0, XN_FLAG_RFC2253);
1133 BIO_gets(bio, buf, LBUF);
1134 lp = add_tList_node_str(lp, "issuer", buf);
1135
1136 ASN1_TIME_print(bio, X509_get_notBefore(x509));
1137 BIO_gets(bio, buf, LBUF);
1138 lp = add_tList_node_str(lp, "before", buf);
1139
1140 ASN1_TIME_print(bio, X509_get_notAfter(x509));
1141 BIO_gets(bio, buf, LBUF);
1142 lp = add_tList_node_str(lp, "after", buf);
1143
1144 BIO_free(bio);
1145 X509_free(x509);
1146
1147 return lt;
1148}
1149
1150
1151
1153// SSL communications
1154
1171int ssl_recv(SSL* ssl, char* rmsg, int size)
1172{
1173 int cc;
1174
1175 if (ssl==NULL || rmsg==NULL) return JBXL_ARGS_ERROR;
1176
1177 memset(rmsg, 0, size);
1178 cc = SSL_read(ssl, rmsg, size-1);
1179
1180 if (cc<0) cc = JBXL_SSL_RECV_ERROR;
1181 return cc;
1182}
1183
1184
1202int ssl_send(SSL* ssl, char* smsg, int size)
1203{
1204 int cc;
1205
1206 if (ssl==NULL || smsg==NULL) return JBXL_ARGS_ERROR;
1207
1208 if (size<=0) size = strlen(smsg);
1209 cc = SSL_write(ssl, smsg, size);
1210
1211 if (cc<0) cc = JBXL_SSL_SEND_ERROR;
1212 return cc;
1213}
1214
1215
1239int ssl_recv_wait(int sock, SSL* ssl, char* mesg, int sz, int tm)
1240{
1241 int cc;
1242
1243 if (ssl==NULL || mesg==NULL) return JBXL_ARGS_ERROR;
1244
1245 //memset(mesg, 0, sz);
1246 if (recv_wait(sock, tm)) {
1247 cc = ssl_recv(ssl, mesg, sz);
1248 //if (cc<=0) DEBUG_MODE PRINT_MESG("SSL_RECV_WAIT: Session Closed.\n");
1249 }
1250 else {
1251 //DEBUG_MODE PRINT_MESG("SSL_RECV_WAIT: Time Out. (%ds)\n", tm);
1252 return JBXL_NET_RECV_TIMEOUT;
1253 }
1254
1255 return cc;
1256}
1257
1258
1271int ssl_send_mesgln(SSL* ssl, char* mesg)
1272{
1273 int cc, sz;
1274 char* buf;
1275
1276 if (ssl==NULL || mesg==NULL) return JBXL_ARGS_ERROR;
1277
1278 sz = strlen(mesg) + 3; // for CR+LF+0x00
1279 buf = (char*)malloc(sz);
1280 if (buf==NULL) return JBXL_MALLOC_ERROR;
1281
1282 strncpy(buf, mesg, sz);
1283 strncat(buf, "\r\n", 2);
1284 cc = ssl_send(ssl, buf, strlen(buf));
1285
1286 free(buf);
1287 return cc;
1288}
1289
1290
1324int ssl_recv_mstream(int sock, SSL* ssl, char* mesg, int sz, mstream* sb, int tm)
1325{
1326 int cc;
1327 unsigned char* pp;
1328
1329 if (ssl==NULL) return JBXL_ARGS_ERROR;
1330 if (mesg==NULL || sb==NULL) return JBXL_ARGS_ERROR;
1331 //memset(mesg, 0, sz);
1332
1333 if (sb->buf==NULL) {
1334 *sb = make_mstream(RECVBUFSZ);
1335 if (sb->buf==NULL) return JBXL_MALLOC_ERROR;
1336 }
1337
1338 while (sb->datano==0) {
1339 cc = ssl_recv_wait(sock, ssl, mesg, sz, tm);
1340 if (cc<=0) return cc;
1341 put_mstream(sb, (unsigned char*)mesg);
1342 //memset(mesg, 0, sz);
1343 }
1344
1345 pp = get_mstream(sb);
1346 if (pp==NULL) return JBXL_NET_BUF_ERROR;
1347 if (strlen((const char*)pp)>=(unsigned int)sz) {
1348 memcpy(mesg, pp, sz-1);
1349 free(pp);
1350 return JBXL_NET_BUFSZ_ERROR;
1351 }
1352 memcpy(mesg, pp, strlen((const char*)pp));
1353
1354 free(pp);
1355 return strlen(mesg);
1356}
1357
1358
1359
1361// SSL with Buffer
1362
1376int ssl_recv_Buffer(SSL* ssl, Buffer* str)
1377{
1378 int cc;
1379
1380 if (ssl==NULL || str==NULL || str->buf==NULL) return JBXL_ARGS_ERROR;
1381
1382 memset(str->buf, 0, str->bufsz);
1383 str->vldsz = 0;
1384 str->state = JBXL_NORMAL;
1385
1386 cc = SSL_read(ssl, str->buf, str->bufsz-1);
1387 if (cc>=0) str->vldsz = cc;
1388 else cc = JBXL_SSL_RECV_ERROR;
1389
1390 return cc;
1391}
1392
1393
1406int ssl_send_Buffer(SSL* ssl, Buffer* str)
1407{
1408 int cc;
1409
1410 if (ssl==NULL || str==NULL || str->buf==NULL) return JBXL_ARGS_ERROR;
1411
1412 if (str->vldsz<0) str->vldsz = strlen((const char*)str->buf);
1413 cc = SSL_write(ssl, str->buf, str->vldsz);
1414
1415 if (cc<0) cc = JBXL_SSL_SEND_ERROR;
1416 return cc;
1417}
1418
1419
1440int ssl_recv_Buffer_wait(int sock, SSL* ssl, Buffer* str, int tm)
1441{
1442 int cc;
1443
1444 if (ssl==NULL || str==NULL || str->buf==NULL) return JBXL_ARGS_ERROR;
1445
1446 //memset(str->buf, 0, str->bufsz);
1447 str->vldsz = 0;
1448 cc = ssl_recv_wait(sock, ssl, (char*)str->buf, str->bufsz, tm);
1449 if (cc>=0) str->vldsz = cc;
1450
1451 return cc;
1452}
1453
1454
1467int ssl_send_sBuffer(SSL* ssl, Buffer* str)
1468{
1469 int cc;
1470
1471 if (ssl==NULL || str==NULL || str->buf==NULL) return JBXL_ARGS_ERROR;
1472
1473 cc = SSL_write(ssl, str->buf, strlen((const char*)str->buf));
1474
1475 if (cc<0) cc = JBXL_SSL_SEND_ERROR;
1476 return cc;
1477}
1478
1479
1492int ssl_send_sBufferln(SSL* ssl, Buffer* str)
1493{
1494 int cc;
1495 Buffer buf;
1496
1497 if (ssl==NULL || str==NULL || str->buf==NULL) return JBXL_ARGS_ERROR;
1498
1499 buf = dup_Buffer(*str);
1500 cat_s2Buffer("\r\n", &buf);
1501 cc = SSL_write(ssl, buf.buf, strlen((const char*)buf.buf));
1502 free_Buffer(&buf);
1503
1504 if (cc<0) cc = JBXL_SSL_SEND_ERROR;
1505 return cc;
1506}
1507
1508
1539int ssl_recv_mstream_Buffer(int sock, SSL* ssl, Buffer* mesg, mstream* sb, int tm)
1540{
1541 int cc;
1542 unsigned char* pp;
1543
1544 if (ssl==NULL) return JBXL_ARGS_ERROR;
1545 if (mesg==NULL || mesg->buf==NULL || sb==NULL) return JBXL_ARGS_ERROR;
1546 *mesg = make_Buffer(LBUF);
1547
1548 if (sb->buf==NULL) {
1549 *sb = make_mstream(RECVBUFSZ);
1550 if (sb->buf==NULL) return JBXL_MALLOC_ERROR;
1551 }
1552
1553 while (sb->datano==0) {
1554 cc = ssl_recv_Buffer_wait(sock, ssl, mesg, tm);
1555 if (cc<=0) {
1556 free_Buffer(mesg);
1557 return cc;
1558 }
1559 put_mstream(sb, mesg->buf);
1560 clear_Buffer(mesg);
1561 }
1562
1563 pp = get_mstream(sb);
1564 if (pp==NULL) return JBXL_NET_BUF_ERROR;
1565 copy_s2Buffer((char*)pp, mesg);
1566 free(pp);
1567
1568 return mesg->vldsz;
1569}
1570
1571
1595int ssl_recv_lines_Buffer(int sock, SSL* ssl, Buffer* mesg, int tm)
1596{
1597 int cc;
1598 Buffer msg, buf;
1599
1600 if (ssl==NULL || mesg==NULL || mesg->buf==NULL) return JBXL_ARGS_ERROR;
1601 buf = make_Buffer(LBUF);
1602
1603 cc = ssl_recv_Buffer_wait(sock, ssl, &buf, tm);
1604 while (cc>0) {
1605 cat_Buffer(&buf, &msg);
1606 if (buf.buf[cc-1]==CHAR_LF) break;
1607 clear_Buffer(&buf);
1608 cc = ssl_recv_Buffer_wait(sock, ssl, &buf, tm);
1609 }
1610 free_Buffer(&buf);
1611
1612 if (cc<=0) {
1613 free_Buffer(mesg);
1614 return cc;
1615 }
1616
1617 return mesg->vldsz;
1618}
1619
1620
1621
1623// SSL / TCP compati communications
1624
1643int ssl_tcp_recv(int sock, SSL* ssl, char* rmsg, int size)
1644{
1645 int cc;
1646
1647 if (rmsg==NULL) return JBXL_ARGS_ERROR;
1648 memset(rmsg, 0, size);
1649
1650 if (ssl!=NULL) cc = SSL_read(ssl, rmsg, size-1);
1651 else cc = recv(sock, rmsg, size-1, 0);
1652
1653 if (cc<0) cc = JBXL_SSL_RECV_ERROR;
1654 return cc;
1655}
1656
1657
1676int ssl_tcp_send(int sock, SSL* ssl, char* smsg, int size)
1677{
1678 int cc;
1679
1680 if (smsg==NULL) return JBXL_ARGS_ERROR;
1681
1682 if (size<=0) size = strlen(smsg);
1683 if (ssl!=NULL) cc = SSL_write(ssl, smsg, size);
1684 else cc = send(sock, smsg, size, 0);
1685
1686 if (cc<0) cc = JBXL_SSL_SEND_ERROR;
1687 return cc;
1688}
1689
1690
1714int ssl_tcp_recv_wait(int sock, SSL* ssl, char* mesg, int sz, int tm)
1715{
1716 int cc;
1717
1718 if (mesg==NULL) return JBXL_ARGS_ERROR;
1719
1720 if (recv_wait(sock, tm)) {
1721 cc = ssl_tcp_recv(sock, ssl, mesg, sz);
1722 //if (cc<=0) DEBUG_MODE PRINT_MESG("SSL_TCP_RECV_WAIT: Session Closed. ret = %d. (%ds)\n", cc, tm);
1723 }
1724 else {
1725 //DEBUG_MODE PRINT_MESG("SSL_TCP_RECV_WAIT: Time Out. (%ds)\n", tm);
1726 return JBXL_NET_RECV_TIMEOUT;
1727 }
1728
1729 return cc;
1730}
1731
1732
1747int ssl_tcp_send_mesgln(int sock, SSL* ssl, char* mesg)
1748{
1749 int cc, sz;
1750 char* buf;
1751
1752 if (mesg==NULL) return JBXL_ARGS_ERROR;
1753
1754 sz = strlen(mesg) + 3; // for CR+LF+0x00
1755 buf = (char*)malloc(sz);
1756 if (buf==NULL) return JBXL_MALLOC_ERROR;
1757
1758 strncpy(buf, mesg, sz);
1759 strncat(buf, "\r\n", 2);
1760 cc = ssl_tcp_send(sock, ssl, buf, strlen(buf));
1761
1762 free(buf);
1763 return cc;
1764}
1765
1766
1801int ssl_tcp_recv_mstream(int sock, SSL* ssl, char* mesg, int sz, mstream* sb, int tm)
1802{
1803 int cc;
1804 unsigned char* pp;
1805
1806 if (mesg==NULL || sb==NULL) return JBXL_ARGS_ERROR;
1807 //memset(mesg, 0, sz);
1808
1809 if (sb->buf==NULL) {
1810 *sb = make_mstream(RECVBUFSZ);
1811 if (sb->buf==NULL) return JBXL_MALLOC_ERROR;
1812 }
1813
1814 while (sb->datano==0) {
1815 cc = ssl_tcp_recv_wait(sock, ssl, mesg, sz, tm);
1816 if (cc<=0) return cc;
1817 put_mstream(sb, (unsigned char*)mesg);
1818 //memset(mesg, 0, sz);
1819 }
1820
1821 pp = get_mstream(sb);
1822 if (pp==NULL) return JBXL_NET_BUF_ERROR;
1823 if (strlen((const char*)pp)>=(unsigned int)sz) {
1824 memcpy(mesg, pp, sz-1);
1825 free(pp);
1826 return JBXL_NET_BUFSZ_ERROR;
1827 }
1828 memcpy(mesg, pp, strlen((const char*)pp));
1829
1830 free(pp);
1831 return strlen(mesg);
1832}
1833
1834
1849int ssl_tcp_recv_Buffer(int sock, SSL* ssl, Buffer* str)
1850{
1851 int cc;
1852
1853 if (str==NULL || str->buf==NULL) return JBXL_ARGS_ERROR;
1854
1855 memset(str->buf, 0, str->bufsz);
1856 str->vldsz = 0;
1857 str->state = JBXL_NORMAL;
1858
1859 if (ssl!=NULL) cc = SSL_read(ssl, str->buf, str->bufsz-1);
1860 else cc = recv(sock, str->buf, str->bufsz-1, 0);
1861
1862 if (cc>=0) str->vldsz = cc;
1863 else cc = JBXL_SSL_RECV_ERROR;
1864 return cc;
1865}
1866
1867
1881int ssl_tcp_send_Buffer(int sock, SSL* ssl, Buffer* str)
1882{
1883 int cc;
1884
1885 if (str==NULL || str->buf==NULL) return JBXL_ARGS_ERROR;
1886
1887 if (str->vldsz<0) str->vldsz = strlen((const char*)str->buf);
1888 if (ssl!=NULL) {
1889 cc = SSL_write(ssl, str->buf, str->vldsz);
1890 }
1891 else {
1892 cc = send(sock, str->buf, str->vldsz, 0);
1893 }
1894
1895 if (cc<0) cc = JBXL_SSL_SEND_ERROR;
1896 return cc;
1897}
1898
1899
1920int ssl_tcp_recv_Buffer_wait(int sock, SSL* ssl, Buffer* str, int tm)
1921{
1922 int cc;
1923
1924 if (str==NULL || str->buf==NULL) return JBXL_ARGS_ERROR;
1925
1926 str->vldsz = 0;
1927 cc = ssl_tcp_recv_wait(sock, ssl, (char*)str->buf, str->bufsz, tm);
1928 if (cc>=0) str->vldsz = cc;
1929
1930 //PRINT_MESG("ssl_tcp_recv_Buffer_wait : %s\n", (char*)str->buf);
1931 return cc;
1932}
1933
1934
1951int ssl_tcp_recv_Buffer_tosize(int sock, SSL* ssl, Buffer* str, Buffer* mod, int size)
1952{
1953 int cc, sz;
1954 int modon = FALSE;
1955
1956 if (str==NULL || str->buf==NULL) return JBXL_ARGS_ERROR;
1957 if (mod!=NULL && mod->buf!=NULL) modon = TRUE;
1958
1959 if (modon) memset(mod->buf, 0, mod->vldsz);
1960 Buffer buf = make_Buffer(RECVBUFSZ);
1961
1962 sz = str->vldsz;
1963 while (sz<size) {
1964 cc = ssl_tcp_recv_Buffer(sock, ssl, &buf);
1965 if (cc>0) {
1966 cat_Buffer(&buf, str);
1967 sz += cc;
1968 }
1969 else {
1970 if (cc<0) sz = cc;
1971 break;
1972 }
1973 }
1974 free_Buffer(&buf);
1975
1976 if (sz>size && modon) {
1977 copy_b2Buffer((void*)(str->buf+size), mod, sz-size);
1978 str->vldsz = size;
1979 }
1980 return sz;
1981}
1982
1983
2006int ssl_tcp_recv_Buffer_tosize_wait(int sock, SSL* ssl, Buffer* str, Buffer* mod, int size, int tm)
2007{
2008 int cc, sz;
2009 int modon = FALSE;
2010
2011 if (str==NULL || str->buf==NULL) return JBXL_ARGS_ERROR;
2012 if (mod!=NULL && mod->buf!=NULL) modon = TRUE;
2013
2014 if (modon) memset(mod->buf, 0, mod->vldsz);
2015 Buffer buf = make_Buffer(RECVBUFSZ);
2016
2017 sz = str->vldsz;
2018 while (sz<size) {
2019 cc = ssl_tcp_recv_Buffer_wait(sock, ssl, &buf, tm);
2020 if (cc>0) {
2021 cat_Buffer(&buf, str);
2022 sz += cc;
2023 }
2024 else {
2025 if (cc<0) sz = cc;
2026 break;
2027 }
2028 }
2029 free_Buffer(&buf);
2030
2031 if (sz>size && modon) {
2032 copy_b2Buffer((void*)(str->buf+size), mod, sz-size);
2033 str->vldsz = size;
2034 }
2035 return sz;
2036}
2037
2038
2052int ssl_tcp_send_sBuffer(int sock, SSL* ssl, Buffer* str)
2053{
2054 int cc;
2055
2056 if (str==NULL || str->buf==NULL) return JBXL_ARGS_ERROR;
2057
2058 if (ssl!=NULL) cc = SSL_write(ssl, str->buf, strlen((const char*)str->buf));
2059 else cc = send(sock, str->buf, strlen((const char*)str->buf), 0);
2060
2061 if (cc<0) cc = JBXL_SSL_SEND_ERROR;
2062 return cc;
2063}
2064
2065
2079int ssl_tcp_send_sBufferln(int sock, SSL* ssl, Buffer* str)
2080{
2081 int cc;
2082 Buffer buf;
2083
2084 if (str==NULL || str->buf==NULL) return JBXL_ARGS_ERROR;
2085
2086 buf = dup_Buffer(*str);
2087 cat_s2Buffer("\r\n", &buf);
2088
2089 if (ssl!=NULL) cc = SSL_write(ssl, buf.buf, strlen((const char*)buf.buf));
2090 else cc = send(sock, buf.buf, strlen((const char*)buf.buf), 0);
2091
2092 free_Buffer(&buf);
2093
2094 if (cc<0) cc = JBXL_SSL_SEND_ERROR;
2095 return cc;
2096}
2097
2098
2128int ssl_tcp_recv_mstream_Buffer(int sock, SSL* ssl, Buffer* mesg, mstream* sb, int tm)
2129{
2130 int cc;
2131 unsigned char* pp;
2132
2133 if (mesg==NULL || mesg->buf==NULL || sb==NULL) return JBXL_ARGS_ERROR;
2134 *mesg = make_Buffer(LBUF);
2135
2136 if (sb->buf==NULL) {
2137 *sb = make_mstream(RECVBUFSZ);
2138 if (sb->buf==NULL) return JBXL_MALLOC_ERROR;
2139 }
2140
2141 while (sb->datano==0) {
2142 cc = ssl_tcp_recv_Buffer_wait(sock, ssl, mesg, tm);
2143 if (cc<=0) {
2144 free_Buffer(mesg);
2145 return cc;
2146 }
2147 put_mstream(sb, mesg->buf);
2148 clear_Buffer(mesg);
2149 }
2150
2151 pp = get_mstream(sb);
2152 if (pp==NULL) return JBXL_NET_BUF_ERROR;
2153 copy_s2Buffer((char*)pp, mesg);
2154 free(pp);
2155
2156 return mesg->vldsz;
2157}
2158
2159
2182int ssl_tcp_recv_lines_Buffer(int sock, SSL* ssl, Buffer* mesg, int tm)
2183{
2184 int cc;
2185 Buffer msg, buf;
2186
2187 if (mesg==NULL || mesg->buf==NULL) return JBXL_ARGS_ERROR;
2188 buf = make_Buffer(LBUF);
2189
2190 cc = ssl_tcp_recv_Buffer_wait(sock, ssl, &buf, tm);
2191 while (cc>0) {
2192 cat_Buffer(&buf, &msg);
2193 if (buf.buf[cc-1]==CHAR_LF) break;
2194 clear_Buffer(&buf);
2195 cc = ssl_tcp_recv_Buffer_wait(sock, ssl, &buf, tm);
2196 }
2197 free_Buffer(&buf);
2198
2199 if (cc<=0) {
2200 free_Buffer(mesg);
2201 return cc;
2202 }
2203
2204 return mesg->vldsz;
2205}
2206
2207
2208#endif
encode_base64_Buffer
Buffer encode_base64_Buffer(Buffer buf)
バイナリデータ buf.bufの buf.vldszバイトを Base64にエンコード する
Definition buffer.c:804
make_Buffer
Buffer make_Buffer(int sz)
Buffer型変数のバッファ部をつくり出す.
Definition buffer.c:71
clear_Buffer
void clear_Buffer(Buffer *str)
Buffer型変数 のバッファ部を 0クリアする.
Definition buffer.c:272
free_Buffer
void free_Buffer(Buffer *buf)
Buffer型変数のバッファ部を解放する
Definition buffer.c:128
init_Buffer
Buffer init_Buffer()
初期化したBuffer型変数を返す.
Definition buffer.c:47
dup_Buffer
Buffer dup_Buffer(Buffer buf)
Buffer型変数のコピーをつくる.
Definition buffer.c:211
decode_base64_Buffer
Buffer decode_base64_Buffer(Buffer str)
strのバッファを Base64からデコードする
Definition buffer.c:850
cat_Buffer
int cat_Buffer(Buffer *src, Buffer *dst)
Buffer変数 srcから dstへバッファを catする.
Definition buffer.c:384
copy_Buffer
int copy_Buffer(Buffer *src, Buffer *dst)
Buffer型変数 srcから dstへバッファをコピーする.
Definition buffer.c:315
copy_b2Buffer
int copy_b2Buffer(void *src, Buffer *dst, int len)
任意のバイナリデータsrcを Buffer型変数dstへ lenバイト copyする
Definition buffer.c:518
copy_s2Buffer
#define copy_s2Buffer(src, dst)
copy_b2Buffer()
Definition buffer.h:108
bincmp_Buffer
#define bincmp_Buffer(a, b)
cmp_Buffer()
Definition buffer.h:152
strcmp_Buffer
#define strcmp_Buffer(a, b)
cmp_Buffer()
Definition buffer.h:150
cat_s2Buffer
#define cat_s2Buffer(src, dst)
cat_b2Buffer()
Definition buffer.h:122
make_Buffer_bystr
#define make_Buffer_bystr(str)
set_Buffer()
Definition buffer.h:57
RECVBUFSZ
#define RECVBUFSZ
256K
Definition common.h:134
LBUF
#define LBUF
Definition common.h:146
TRUE
#define TRUE
Definition common.h:226
FALSE
#define FALSE
Definition common.h:223
ON
#define ON
Definition common.h:230
dh_tool.h
JBXL_ARGS_ERROR
#define JBXL_ARGS_ERROR
不正な引数(NULLなど)
Definition jbxl_state.h:42
JBXL_SSL_RECV_ERROR
#define JBXL_SSL_RECV_ERROR
SSL 受信エラー
Definition jbxl_state.h:122
JBXL_NORMAL
#define JBXL_NORMAL
正常
Definition jbxl_state.h:32
JBXL_NET_BUFSZ_ERROR
#define JBXL_NET_BUFSZ_ERROR
受信バッファの長さが足りない.はみ出したデータは捨てられた
Definition jbxl_state.h:73
JBXL_SSL_SEND_ERROR
#define JBXL_SSL_SEND_ERROR
SSL 送信エラー
Definition jbxl_state.h:123
JBXL_MALLOC_ERROR
#define JBXL_MALLOC_ERROR
メモリ確保エラー
Definition jbxl_state.h:41
JBXL_NET_BUF_ERROR
#define JBXL_NET_BUF_ERROR
受信バッファにデータは存在するはずだが,原因不明の理由により獲得に失敗した
Definition jbxl_state.h:72
JBXL_NET_RECV_TIMEOUT
#define JBXL_NET_RECV_TIMEOUT
受信タイムアウト
Definition jbxl_state.h:76
buf
unsigned char ** buf
Definition jpeg_tool.h:96
len
unsigned char unsigned long * len
Definition jpeg_tool.h:96
recv_wait
int recv_wait(int sock, int tm)
Definition network.c:1443
tcp_send_mesg
#define tcp_send_mesg(s, m)
Definition network.h:184
ssl_client_setup
SSL_CTX * ssl_client_setup(char *ca)
Definition ssl_tool.c:826
get_crypt_Buffer
Buffer get_crypt_Buffer(Buffer data, Buffer *key, EVP_CIPHER *cipher)
Definition ssl_tool.c:264
tcp_send_crypt_sBuffer
int tcp_send_crypt_sBuffer(int sock, Buffer *mesg, Buffer *key, EVP_CIPHER *cipher)
Definition ssl_tool.c:351
ssl_recv_Buffer_wait
int ssl_recv_Buffer_wait(int sock, SSL *ssl, Buffer *str, int tm)
Definition ssl_tool.c:1440
ssl_add_chain_file
int ssl_add_chain_file(SSL_CTX *ssl_ctx, char *file)
Definition ssl_tool.c:965
ssl_send_Buffer
int ssl_send_Buffer(SSL *ssl, Buffer *str)
Definition ssl_tool.c:1406
ssl_tcp_recv_wait
int ssl_tcp_recv_wait(int sock, SSL *ssl, char *mesg, int sz, int tm)
Definition ssl_tool.c:1714
udp_send_crypt_Buffer
int udp_send_crypt_Buffer(int sock, Buffer *data, struct addrinfo *sv, Buffer *key, EVP_CIPHER *cipher)
Definition ssl_tool.c:162
ssl_server_socket
SSL * ssl_server_socket(int sock, SSL_CTX *ssl_ctx)
Definition ssl_tool.c:1042
get_plain_message
Buffer get_plain_message(char *mesg, Buffer *key, EVP_CIPHER *cipher)
Definition ssl_tool.c:391
ssl_get_cert_info
tList * ssl_get_cert_info(SSL *ssl)
Definition ssl_tool.c:1104
ssl_tcp_send_sBuffer
int ssl_tcp_send_sBuffer(int sock, SSL *ssl, Buffer *str)
Definition ssl_tool.c:2052
ssl_recv
int ssl_recv(SSL *ssl, char *rmsg, int size)
Definition ssl_tool.c:1171
ssl_tcp_recv
int ssl_tcp_recv(int sock, SSL *ssl, char *rmsg, int size)
Definition ssl_tool.c:1643
udp_recv_crypt_Buffer_sockaddr_in
int udp_recv_crypt_Buffer_sockaddr_in(int sock, Buffer *data, struct sockaddr_in *sv, Buffer *key, EVP_CIPHER *cipher)
Definition ssl_tool.c:132
ssl_tcp_recv_Buffer_wait
int ssl_tcp_recv_Buffer_wait(int sock, SSL *ssl, Buffer *str, int tm)
Definition ssl_tool.c:1920
ssl_send
int ssl_send(SSL *ssl, char *smsg, int size)
Definition ssl_tool.c:1202
ssl_recv_mstream_Buffer
int ssl_recv_mstream_Buffer(int sock, SSL *ssl, Buffer *mesg, mstream *sb, int tm)
Definition ssl_tool.c:1539
ssl_tcp_recv_Buffer
int ssl_tcp_recv_Buffer(int sock, SSL *ssl, Buffer *str)
Definition ssl_tool.c:1849
ssl_server_setup
SSL_CTX * ssl_server_setup(char *crt_fn, char *key_fn, char *chn_fn)
Definition ssl_tool.c:912
ssl_send_mesgln
int ssl_send_mesgln(SSL *ssl, char *mesg)
Definition ssl_tool.c:1271
read_spki_with_ipaddr
Buffer read_spki_with_ipaddr(Buffer ipa, FILE *fp)
Definition ssl_tool.c:595
ssl_tcp_send_sBufferln
int ssl_tcp_send_sBufferln(int sock, SSL *ssl, Buffer *str)
Definition ssl_tool.c:2079
ssl_tcp_send_Buffer
int ssl_tcp_send_Buffer(int sock, SSL *ssl, Buffer *str)
Definition ssl_tool.c:1881
ssl_tcp_recv_lines_Buffer
int ssl_tcp_recv_lines_Buffer(int sock, SSL *ssl, Buffer *mesg, int tm)
Definition ssl_tool.c:2182
ssl_init
void ssl_init()
Definition ssl_tool.c:806
tcp_send_crypt_Buffer
int tcp_send_crypt_Buffer(int sock, Buffer *data, Buffer *key, EVP_CIPHER *cipher)
Definition ssl_tool.c:208
ssl_tcp_recv_mstream
int ssl_tcp_recv_mstream(int sock, SSL *ssl, char *mesg, int sz, mstream *sb, int tm)
Definition ssl_tool.c:1801
ssl_tcp_recv_Buffer_tosize
int ssl_tcp_recv_Buffer_tosize(int sock, SSL *ssl, Buffer *str, Buffer *mod, int size)
Definition ssl_tool.c:1951
ssl_tcp_send
int ssl_tcp_send(int sock, SSL *ssl, char *smsg, int size)
Definition ssl_tool.c:1676
ssl_read_fullchain_cert_file
int ssl_read_fullchain_cert_file(SSL_CTX *ssl_ctx, char *file)
Definition ssl_tool.c:995
ssl_tcp_send_mesgln
int ssl_tcp_send_mesgln(int sock, SSL *ssl, char *mesg)
Definition ssl_tool.c:1747
encode_EVPAPI_Buffer
Buffer encode_EVPAPI_Buffer(Buffer buf, Buffer shdkey, EVP_CIPHER *cipher)
Definition ssl_tool.c:722
ssl_tcp_recv_Buffer_tosize_wait
int ssl_tcp_recv_Buffer_tosize_wait(int sock, SSL *ssl, Buffer *str, Buffer *mod, int size, int tm)
Definition ssl_tool.c:2006
udp_recv_crypt_Buffer
int udp_recv_crypt_Buffer(int sock, Buffer *data, struct addrinfo *sv, Buffer *key, EVP_CIPHER *cipher)
Definition ssl_tool.c:182
ssl_recv_lines_Buffer
int ssl_recv_lines_Buffer(int sock, SSL *ssl, Buffer *mesg, int tm)
Definition ssl_tool.c:1595
ssl_send_sBuffer
int ssl_send_sBuffer(SSL *ssl, Buffer *str)
Definition ssl_tool.c:1467
decode_EVPAPI_Buffer
Buffer decode_EVPAPI_Buffer(Buffer buf, Buffer shdkey, EVP_CIPHER *cipher)
Definition ssl_tool.c:670
free_EVP_CIPHER
void free_EVP_CIPHER(EVP_CIPHER **p_cipher)
Definition ssl_tool.c:773
ssl_tcp_recv_mstream_Buffer
int ssl_tcp_recv_mstream_Buffer(int sock, SSL *ssl, Buffer *mesg, mstream *sb, int tm)
Definition ssl_tool.c:2128
ssl_send_sBufferln
int ssl_send_sBufferln(SSL *ssl, Buffer *str)
Definition ssl_tool.c:1492
ssl_recv_Buffer
int ssl_recv_Buffer(SSL *ssl, Buffer *str)
Definition ssl_tool.c:1376
check_server_spki
int check_server_spki(Buffer ipaddr, Buffer spki, char *filename)
Definition ssl_tool.c:524
ssl_client_socket
SSL * ssl_client_socket(int sock, SSL_CTX *ssl_ctx, int mode)
Definition ssl_tool.c:861
ssl_recv_mstream
int ssl_recv_mstream(int sock, SSL *ssl, char *mesg, int sz, mstream *sb, int tm)
Definition ssl_tool.c:1324
SSL_ACCEPT_COUNT_MAX
#define SSL_ACCEPT_COUNT_MAX
Definition ssl_tool.c:1027
ssl_close
void ssl_close(SSL *ssl)
Definition ssl_tool.c:1083
tcp_recv_crypt_Buffer
int tcp_recv_crypt_Buffer(int sock, Buffer *data, Buffer *key, EVP_CIPHER *cipher)
Definition ssl_tool.c:228
gen_CRYPT_SharedKey
int gen_CRYPT_SharedKey(int keyex, Buffer spki, Buffer *shdkey, void *ptr)
Definition ssl_tool.c:91
get_crypt_sBuffer
Buffer get_crypt_sBuffer(Buffer mesg, Buffer *key, EVP_CIPHER *cipher)
Definition ssl_tool.c:486
get_crypt_message
Buffer get_crypt_message(char *mesg, Buffer *key, EVP_CIPHER *cipher)
Definition ssl_tool.c:455
tcp_send_crypt_mesg
int tcp_send_crypt_mesg(int sock, char *mesg, Buffer *key, EVP_CIPHER *cipher)
Definition ssl_tool.c:298
get_plain_Buffer
Buffer get_plain_Buffer(Buffer data, Buffer *key, EVP_CIPHER *cipher)
Definition ssl_tool.c:254
init_EVPAPI_Buffer
EVP_CIPHER * init_EVPAPI_Buffer(int type)
Definition ssl_tool.c:645
udp_send_crypt_Buffer_sockaddr_in
int udp_send_crypt_Buffer_sockaddr_in(int sock, Buffer *data, struct sockaddr_in *sv, Buffer *key, EVP_CIPHER *cipher)
Definition ssl_tool.c:112
ssl_recv_wait
int ssl_recv_wait(int sock, SSL *ssl, char *mesg, int sz, int tm)
Definition ssl_tool.c:1239
save_spki_with_ipaddr
int save_spki_with_ipaddr(Buffer ipa, Buffer pki, FILE *fp)
Definition ssl_tool.c:569
get_plain_sBuffer
Buffer get_plain_sBuffer(Buffer mesg, Buffer *key, EVP_CIPHER *cipher)
Definition ssl_tool.c:423
ssl_tool.h
Buffer::bufsz
int bufsz
確保してあるバッファの大きさ - 1.
Definition buffer.h:36
Buffer::vldsz
int vldsz
データの長さ.バイナリデータの場合も使用可能.文字列の場合は 0x00 を含まない.
Definition buffer.h:37
Buffer::state
int state
変数の状態を表す.正常は JBXL_NORMAL
Definition buffer.h:38
Buffer::buf
unsigned char * buf
バッファの先頭へのポインタ.str[bufsz]は必ず 0x00となる.
Definition buffer.h:39
add_tList_node_str
#define add_tList_node_str(p, k, v)
add_tList_node_bystr()
Definition tlist.h:142
put_mstream
int put_mstream(mstream *sb, unsigned char *mesg)
メッセージ(文字列)ストリーム sb へメッセージ(の一部)を格納する
Definition tools.c:3490
get_mstream
unsigned char * get_mstream(mstream *sb)
メッセージ(文字列)ストリーム sb から次のメッセージを取り出す.改行コードは削除される.
Definition tools.c:3531
file_chmod_open
FILE * file_chmod_open(const char *fn, const char *fm, mode_t mode)
ファイルの許可属性をmode へ変更した後,ファイルを fmモードでオープン
Definition tools.c:2366
mstream
#define mstream
バイト型 メッセージストリーム
Definition tools.h:167
make_mstream
#define make_mstream(s)
make_ringBuffer()
Definition tools.h:385
CHAR_LF
#define CHAR_LF
ラインフィード
Definition tools.h:79
tcp_send_sBuffer
int tcp_send_sBuffer(int sock, Buffer *str)
TCP経由で文字列データを送信する.
Definition xtools.c:524
tcp_send_sBufferln
int tcp_send_sBufferln(int sock, Buffer *str)
TCPメッセージ(文字列)に改行(0x0d, 0x0a)を付け加えて送信する.
Definition xtools.c:546
udp_recv_Buffer
int udp_recv_Buffer(int sock, Buffer *str, struct addrinfo *sv_addr)
recvform()をラッピングした関数.UDPデータを受信する.
Definition xtools.c:212
save_tagged_Buffer
int save_tagged_Buffer(Buffer buf, FILE *fp, unsigned int mode, int prfm)
Bufferを指定された形式に従ってタグ付きでファイルに保存する.
Definition xtools.c:956
tcp_send_Buffer
int tcp_send_Buffer(int sock, Buffer *str)
TCP経由でデータを送信する.
Definition xtools.c:305
tcp_recv_Buffer
int tcp_recv_Buffer(int sock, Buffer *str)
TCP経由でデータを受信する.バッファリングなし.
Definition xtools.c:276
udp_send_Buffer_sockaddr_in
int udp_send_Buffer_sockaddr_in(int sock, Buffer *str, struct sockaddr_in *sv_addr)
sendto() をラッピングした関数.UDP経由でデータを送る.IPv4専用.
Definition xtools.c:72
udp_recv_Buffer_sockaddr_in
int udp_recv_Buffer_sockaddr_in(int sock, Buffer *str, struct sockaddr_in *sv_addr)
recvform()をラッピングした関数.UDPデータを受信する.IPv4専用.
Definition xtools.c:38
read_tagged_Buffer
Buffer read_tagged_Buffer(FILE *fp, unsigned int *mode)
save_tagged_Buffer() で保存したファイルから,Buffer をタグに従って読み込む.
Definition xtools.c:1013
udp_send_Buffer
int udp_send_Buffer(int sock, Buffer *str, struct addrinfo *sv_addr)
sendto() をラッピングした関数.UDP経由でデータを送る.
Definition xtools.c:248
JBXL_FIO_STRING
#define JBXL_FIO_STRING
Definition xtools.h:31
JBXL_FIO_ORIGINAL
#define JBXL_FIO_ORIGINAL
Definition xtools.h:27
JBXL_FIO_IPADDRESS
#define JBXL_FIO_IPADDRESS
Definition xtools.h:22
JBXL_FIO_SPKI
#define JBXL_FIO_SPKI
Definition xtools.h:25