JunkBox_Lib  1.10.2
ssl_tool.c
Go to the documentation of this file.
1 
25 #include "ssl_tool.h"
26 #include "dh_tool.h"
27 
28 
29 #ifdef ENABLE_SSL
30 
31 
32 //Buffer* Base64_DHspki = NULL;
33 //Buffer* Base64_RSAspki = NULL;
34 
35 //Buffer* CRYPT_SharedKey = NULL;
36 //const EVP_CIPHER* CRYPT_Type = NULL;
37 //JBXL_DH* DHkey = NULL;
38 
39 //int KEYEX_Algorism = 0;
40 //int CRYPT_Algorism = 0;
41 
42 
43 /*
44 typedef struct dh_st
45 {
46  BIGNUM* p;
47  BIGNUM* g;
48  BIGNUM* pub_key;
49  BIGNUM* priv_key;
50 } DH;
51  */
52 
53 
54 /*
55 ###############################################################################################
56 for OpenSSL3
57 see https://stackoverflow.com/questions/71551116/openssl-3-diffie-hellman-key-exchange-c
58 see https://github.com/eugen15/diffie-hellman-cpp
59 ###############################################################################################
60 */
61 
62 
64 //
65 
89 //Buffer get_DHsharedkey (Buffer pki, JBXL_DH* dhkey); // see dh_tools.c
90 
91 int gen_CRYPT_SharedKey(int keyex, Buffer spki, Buffer* shdkey, void* ptr)
92 {
93  if (spki.buf==NULL || shdkey==NULL) return FALSE;
94 
95  if (keyex==SSL_DH) {
96  JBXL_DH* dhkey = (JBXL_DH*)ptr;
97  *shdkey = get_DHsharedkey(spki, dhkey); // 共有鍵を得る
98  }
99  else if (keyex==SSL_RSA) { // 未実装
100  *shdkey = dup_Buffer(spki);
101  }
102  else return FALSE;
103 
104  return TRUE;
105 }
106 
107 
108 
110 //
111 
112 int udp_send_crypt_Buffer_sockaddr_in(int sock, Buffer* data, struct sockaddr_in* sv, Buffer* key, EVP_CIPHER* cipher)
113 {
114  int cc = 0;
115  Buffer buf;
116 
117  if (data==NULL) return JBXL_ARGS_ERROR;
118 
119  if (key!=NULL && cipher!=NULL) {
120  buf = encode_EVPAPI_Buffer(*data, *key, cipher);
121  cc = udp_send_Buffer_sockaddr_in(sock, &buf, sv);
122  free_Buffer(&buf);
123  }
124  else {
125  cc = udp_send_Buffer_sockaddr_in(sock, data, sv);
126  }
127 
128  return cc;
129 }
130 
131 
132 int udp_recv_crypt_Buffer_sockaddr_in(int sock, Buffer* data, struct sockaddr_in* sv, Buffer* key, EVP_CIPHER* cipher)
133 {
134  Buffer buf;
135 
136  buf = make_Buffer(RECVBUFSZ);
137  int cc = udp_recv_Buffer_sockaddr_in(sock, &buf, sv);
138  if (cc<=0) {
139  free_Buffer(&buf);
140  return cc;
141  }
142 
143  if (key!=NULL && cipher!=NULL) {
144  Buffer dec = decode_EVPAPI_Buffer(buf, *key, cipher);
145  copy_Buffer(&dec, data);
146  free_Buffer(&dec);
147  }
148  else {
149  copy_Buffer(&buf, data);
150  }
151 
152  cc = data->vldsz;
153  free_Buffer(&buf);
154  return cc;
155 }
156 
157 
158 
160 //
161 
162 int udp_send_crypt_Buffer(int sock, Buffer* data, struct addrinfo* sv, Buffer* key, EVP_CIPHER* cipher)
163 {
164  int cc = 0;
165  Buffer buf;
166 
167  if (data==NULL) return JBXL_ARGS_ERROR;
168 
169  if (key!=NULL && cipher!=NULL) {
170  buf = encode_EVPAPI_Buffer(*data, *key, cipher);
171  cc = udp_send_Buffer(sock, &buf, sv);
172  free_Buffer(&buf);
173  }
174  else {
175  cc = udp_send_Buffer(sock, data, sv);
176  }
177 
178  return cc;
179 }
180 
181 
182 int udp_recv_crypt_Buffer(int sock, Buffer* data, struct addrinfo* sv, Buffer* key, EVP_CIPHER* cipher)
183 {
184  Buffer buf;
185 
186  buf = make_Buffer(RECVBUFSZ);
187  int cc = udp_recv_Buffer(sock, &buf, sv);
188  if (cc<=0) {
189  free_Buffer(&buf);
190  return cc;
191  }
192 
193  if (key!=NULL && cipher!=NULL) {
194  Buffer dec = decode_EVPAPI_Buffer(buf, *key, cipher);
195  copy_Buffer(&dec, data);
196  free_Buffer(&dec);
197  }
198  else {
199  copy_Buffer(&buf, data);
200  }
201 
202  cc = data->vldsz;
203  free_Buffer(&buf);
204  return cc;
205 }
206 
207 
208 int tcp_send_crypt_Buffer(int sock, Buffer* data, Buffer* key, EVP_CIPHER* cipher)
209 {
210  int cc = 0;
211  Buffer buf;
212 
213  if (data==NULL) return JBXL_ARGS_ERROR;
214 
215  if (key!=NULL && cipher!=NULL) {
216  buf = encode_EVPAPI_Buffer(*data, *key, cipher);
217  cc = tcp_send_Buffer(sock, &buf);
218  free_Buffer(&buf);
219  }
220  else {
221  cc = tcp_send_Buffer(sock, data);
222  }
223 
224  return cc;
225 }
226 
227 
228 int tcp_recv_crypt_Buffer(int sock, Buffer* data, Buffer* key, EVP_CIPHER* cipher)
229 {
230  Buffer buf;
231 
232  buf = make_Buffer(RECVBUFSZ);
233  int cc = tcp_recv_Buffer(sock, &buf);
234  if (cc<=0) {
235  free_Buffer(&buf);
236  return cc;
237  }
238 
239  if (key!=NULL && cipher!=NULL) {
240  Buffer dec = decode_EVPAPI_Buffer(buf, *key, cipher);
241  copy_Buffer(&dec, data);
242  free_Buffer(&dec);
243  }
244  else {
245  copy_Buffer(&buf, data);
246  }
247 
248  cc = data->vldsz;
249  free_Buffer(&buf);
250  return cc;
251 }
252 
253 
254 Buffer get_plain_Buffer(Buffer data, Buffer* key, EVP_CIPHER* cipher)
255 {
256  Buffer buf = init_Buffer();
257  if (key==NULL || cipher==NULL) return buf;
258 
259  buf = decode_EVPAPI_Buffer(data, *key, cipher);
260  return buf;
261 }
262 
263 
264 Buffer get_crypt_Buffer(Buffer data, Buffer* key, EVP_CIPHER* cipher)
265 {
266  Buffer buf = init_Buffer();
267  if (key==NULL || cipher==NULL) return buf;
268 
269  buf = encode_EVPAPI_Buffer(data, *key, cipher);
270  return buf;
271 }
272 
273 
298 int tcp_send_crypt_mesg(int sock, char* mesg, Buffer* key, EVP_CIPHER* cipher)
299 {
300  int cc = 0;
301  Buffer buf, enc;
302 
303  if (mesg==NULL) return JBXL_ARGS_ERROR;
304  //DEBUG_MODE PRINT_ESC(" SEND -> [%s]\n", mesg);
305 
306  if (key!=NULL && cipher!=NULL) {
307  buf = make_Buffer_bystr(mesg);
308  enc = encode_EVPAPI_Buffer(buf, *key, cipher);
309  free_Buffer(&buf);
310  if (enc.vldsz>0) {
311  buf = encode_base64_Buffer(enc);
312  free_Buffer(&enc);
313 
314  //DEBUG_MODE PRINT_ESC("CSEND -> [%s]\n", (char*)buf.buf);
315  cc = tcp_send_sBufferln(sock, &buf);
316  free_Buffer(&buf);
317  }
318  }
319  else {
320  cc = tcp_send_mesg(sock, mesg);
321  }
322 
323  return cc;
324 }
325 
326 
351 int tcp_send_crypt_sBuffer(int sock, Buffer* mesg, Buffer* key, EVP_CIPHER* cipher)
352 {
353  int cc = 0;
354  Buffer buf, enc;
355 
356  if (mesg==NULL) return JBXL_ARGS_ERROR;
357  //DEBUG_MODE PRINT_ESC(" SEND -> [%s]\n", (char*)mesg->buf);
358 
359  if (key!=NULL && cipher!=NULL) {
360  enc = encode_EVPAPI_Buffer(*mesg, *key, cipher);
361  if (enc.vldsz>0) {
362  buf = encode_base64_Buffer(enc);
363  free_Buffer(&enc);
364 
365  //DEBUG_MODE PRINT_ESC("CSEND -> [%s]\n", (char*)buf.buf);
366  cc = tcp_send_sBufferln(sock, &buf);
367  free_Buffer(&buf);
368  }
369  }
370  else {
371  cc = tcp_send_sBuffer(sock, mesg);
372  }
373 
374  return cc;
375 }
376 
377 
391 Buffer get_plain_message(char* mesg, Buffer* key, EVP_CIPHER* cipher)
392 {
393  Buffer buf, dec;
394 
395  buf = make_Buffer_bystr(mesg);
396  //DEBUG_MODE PRINT_ESC(" MESG -> [%s]\n", mesg);
397  if (key==NULL || cipher==NULL) return buf;
398 
399  dec = decode_base64_Buffer(buf);
400  if (dec.vldsz>0) {
401  free_Buffer(&buf);
402  buf = decode_EVPAPI_Buffer(dec, *key, cipher);
403  free_Buffer(&dec);
404  //DEBUG_MODE PRINT_ESC("DMESG -> [%s]\n", (char*)buf.buf);
405  }
406  return buf;
407 }
408 
409 
423 Buffer get_plain_sBuffer(Buffer mesg, Buffer* key, EVP_CIPHER* cipher)
424 {
425  Buffer buf, dec;
426 
427  buf = dup_Buffer(mesg);
428  //DEBUG_MODE PRINT_ESC(" MESG -> [%s]\n", (char*)mesg.buf);
429  if (key==NULL || cipher==NULL) return buf;
430 
431  dec = decode_base64_Buffer(buf);
432  if (dec.vldsz>0) {
433  free_Buffer(&buf);
434  buf = decode_EVPAPI_Buffer(dec, *key, cipher);
435  free_Buffer(&dec);
436  //DEBUG_MODE PRINT_ESC("DMESG -> [%s]\n", (char*)buf.buf);
437  }
438  return buf;
439 }
440 
441 
455 Buffer get_crypt_message(char* mesg, Buffer* key, EVP_CIPHER* cipher)
456 {
457  Buffer buf, enc;
458 
459  buf = make_Buffer_bystr(mesg);
460  if (key==NULL || cipher==NULL) return buf;
461 
462  enc = encode_EVPAPI_Buffer(buf, *key, cipher);
463  if (enc.vldsz>0) {
464  free_Buffer(&buf);
465  buf = encode_base64_Buffer(enc);
466  free_Buffer(&enc);
467  }
468 
469  return buf;
470 }
471 
472 
486 Buffer get_crypt_sBuffer(Buffer mesg, Buffer* key, EVP_CIPHER* cipher)
487 {
488  Buffer buf, enc;
489 
490  buf = dup_Buffer(mesg);
491  if (key==NULL || cipher==NULL) return buf;
492 
493  enc = encode_EVPAPI_Buffer(buf, *key, cipher);
494  if (enc.vldsz>0) {
495  free_Buffer(&buf);
496  buf = encode_base64_Buffer(enc);
497  free_Buffer(&enc);
498  }
499 
500  return buf;
501 }
502 
503 
504 
506 // Client's Side Check
507 //
508 
524 int check_server_spki(Buffer ipaddr, Buffer spki, char* filename)
525 {
526  Buffer buf;
527  FILE* fp;
528 
529  buf = init_Buffer();
530 
531  fp = fopen(filename, "rb");
532  if (fp!=NULL) {
533  buf = read_spki_with_ipaddr(ipaddr, fp);
534  fclose(fp);
535  if (buf.buf!=NULL) {
536  if (bincmp_Buffer(buf, spki)) {
537  free_Buffer(&buf);
538  return FALSE;
539  }
540  }
541  }
542 
543  if (buf.buf==NULL) {
544  fp = file_chmod_open(filename, (char*)"a", S_IRUSR | S_IWUSR);
545  save_spki_with_ipaddr(ipaddr, spki, fp);
546  fclose(fp);
547  }
548 
549  return TRUE;
550 }
551 
552 
569 int save_spki_with_ipaddr(Buffer ipa, Buffer pki, FILE* fp)
570 {
571  unsigned int md;
572 
573  if (fp==NULL) return FALSE;
574 
575  md = JBXL_FIO_IPADDRESS | JBXL_FIO_STRING;
576  if (!save_tagged_Buffer(ipa, fp, md, FALSE)) return FALSE;
577 
578  md = JBXL_FIO_SPKI | JBXL_FIO_ORIGINAL;
579  if (!save_tagged_Buffer(pki, fp, md, FALSE)) return FALSE;
580 
581  return TRUE;
582 }
583 
584 
595 Buffer read_spki_with_ipaddr(Buffer ipa, FILE* fp)
596 {
597  unsigned int md;
598  Buffer ips, pki;
599 
600  pki = init_Buffer();
601  if (ipa.buf==NULL) return pki;
602 
603  md = JBXL_FIO_IPADDRESS | JBXL_FIO_STRING;
604 
605  ips = read_tagged_Buffer(fp, &md);
606  while (!feof(fp) && strcmp_Buffer(ipa, ips)) {
607  ips = read_tagged_Buffer(fp, &md);
608  }
609 
610  if (!strcmp_Buffer(ipa, ips)) {
611  md = JBXL_FIO_SPKI | JBXL_FIO_ORIGINAL;
612  pki = read_tagged_Buffer(fp, &md);
613  }
614  free_Buffer(&ips);
615 
616  return pki;
617 }
618 
619 
620 
622 // EVP API
623 //
624 
645 EVP_CIPHER* init_EVPAPI_Buffer(int type)
646 {
647  EVP_CIPHER* cipher = NULL;
648 
649  if (type==SSL_AES128CBC) {
650  cipher = (EVP_CIPHER*)EVP_aes_128_cbc();
651  }
652  else if (type==SSL_3DES3CBC) {
653  cipher = (EVP_CIPHER*)EVP_des_ede3_cbc();
654  }
655 
656  return cipher;
657 }
658 
659 
670 Buffer decode_EVPAPI_Buffer(Buffer buf, Buffer shdkey, EVP_CIPHER* cipher)
671 {
672  int sz, ss;
673  Buffer dec;
674  EVP_CIPHER_CTX* ctx;
675  unsigned char* iv;
676 
677  dec = init_Buffer();
678  if (shdkey.buf==NULL || cipher==NULL) return dec;
679 
680  iv = (unsigned char*)&(shdkey.buf[shdkey.vldsz - SSL_IV_SIZE]);
681 
682 #if OPENSSL_VERSION_NUMBER < 0x10101000L
683  ctx = (EVP_CIPHER_CTX*)malloc(sizeof(EVP_CIPHER_CTX)); // v1.1.0
684  memset(ctx, 0, sizeof(EVP_CIPHER_CTX));
685  EVP_CIPHER_CTX_init(ctx);
686 #else
687  ctx = EVP_CIPHER_CTX_new(); // v1.1.1
688  EVP_CIPHER_CTX_reset(ctx);
689 #endif
690 
691  EVP_DecryptInit_ex(ctx, cipher, NULL, shdkey.buf, iv);
692 
693  dec = make_Buffer(buf.vldsz + EVP_CIPHER_CTX_block_size(ctx) + 1);
694  if (dec.buf==NULL) return dec;
695 
696  EVP_DecryptUpdate(ctx, dec.buf, &sz, buf.buf, buf.vldsz);
697  EVP_DecryptFinal_ex(ctx, &(dec.buf[sz]), &ss);
698  dec.vldsz = sz + ss;
699  dec.buf[dec.vldsz] = '\0';
700 
701 #if OPENSSL_VERSION_NUMBER < 0x10101000L
702  EVP_CIPHER_CTX_cleanup(ctx);
703 #endif
704  free(ctx);
705  return dec;
706 }
707 
708 
722 Buffer encode_EVPAPI_Buffer(Buffer buf, Buffer shdkey, EVP_CIPHER* cipher)
723 {
724  int i, len, ss=0, sz;
725  Buffer enc;
726  EVP_CIPHER_CTX* ctx;
727  unsigned char* iv;
728 
729  enc = init_Buffer();
730  //if (CRYPT_SharedKey==NULL || CRYPT_Type==NULL) return enc;
731  if (shdkey.buf==NULL || cipher==NULL) return enc;
732 
733  iv = (unsigned char*)&(shdkey.buf[shdkey.vldsz - SSL_IV_SIZE]);
734 
735 #if OPENSSL_VERSION_NUMBER < 0x10101000L
736  ctx = (EVP_CIPHER_CTX*)malloc(sizeof(EVP_CIPHER_CTX)); // v1.1.0
737  memset(ctx, 0, sizeof(EVP_CIPHER_CTX));
738  EVP_CIPHER_CTX_init(ctx);
739 #else
740  ctx = EVP_CIPHER_CTX_new(); // v1.1.1
741  EVP_CIPHER_CTX_reset(ctx);
742 #endif
743 
744  EVP_EncryptInit_ex(ctx, cipher, NULL, shdkey.buf, iv);
745 
746  len = buf.vldsz;
747  enc = make_Buffer(len + EVP_CIPHER_CTX_block_size(ctx));
748  if (enc.buf==NULL) return enc;
749 
750  for (i=0; i<len/SSL_ENC_BLCKSZ; i++) {
751  EVP_EncryptUpdate(ctx, &(enc.buf[ss]), &sz, &(buf.buf[i*SSL_ENC_BLCKSZ]), SSL_ENC_BLCKSZ);
752  ss += sz;
753  }
754  if (len%SSL_ENC_BLCKSZ!=0) {
755  EVP_EncryptUpdate(ctx, &(enc.buf[ss]), &sz, &(buf.buf[i*SSL_ENC_BLCKSZ]), len%SSL_ENC_BLCKSZ);
756  ss += sz;
757  }
758  EVP_EncryptFinal_ex(ctx, &(enc.buf[ss]), &sz);
759  enc.vldsz = ss + sz;
760 
761 #if OPENSSL_VERSION_NUMBER < 0x10101000L
762  EVP_CIPHER_CTX_cleanup(ctx);
763 #endif
764  free(ctx);
765  //EVP_CIPHER_CTX_free(ctx);
766  return enc;
767 }
768 
769 
773 void free_EVP_CIPHER(EVP_CIPHER** p_cipher)
774 {
775  if (p_cipher==NULL || *p_cipher==NULL) return;
776 
777  //free(*p_cipher); // EVP_CIPHER* は解放する必要がない?
778  *p_cipher = NULL;
779 
780  return;
781 }
782 
783 
784 
786 // SSL/TLS
787 // Reference: http://h71000.www7.hp.com/doc/83final/BA554_90007/ch04s03.html
788 // http://x68000.q-e-d.net/~68user/net/
789 //
790 
806 void ssl_init()
807 {
808  SSL_library_init();
809  SSL_load_error_strings();
810 }
811 
812 
813 
826 SSL_CTX* ssl_client_setup(char* ca)
827 {
828  SSL_CTX* ssl_ctx;
829 
830 #if OPENSSL_VERSION_NUMBER < 0x10101000L
831  ssl_ctx = SSL_CTX_new(SSLv23_client_method());
832 #else
833  ssl_ctx = SSL_CTX_new(TLS_client_method());
834 #endif
835  if (ssl_ctx==NULL) return NULL;
836 
837  // 認証局データを読み込む(PEMデータ)
838  if (ca!=NULL) SSL_CTX_load_verify_locations(ssl_ctx, ca, NULL);
839 
840  return ssl_ctx;
841 }
842 
843 
861 SSL* ssl_client_socket(int sock, SSL_CTX* ssl_ctx, int mode)
862 {
863  if (ssl_ctx==NULL) return NULL;
864  //
865  SSL* ssl = SSL_new(ssl_ctx);
866  if (ssl==NULL) {
867  //SSL_CTX_free(ssl_ctx);
868  return NULL;
869  }
870 
871  int ret = SSL_set_fd(ssl, sock);
872  if (ret!=1) {
873  ssl_close(ssl);
874  return NULL;
875  }
876 
877  // サーバへ接続
878  ret = SSL_connect(ssl);
879  if (ret!=1) {
880  ssl_close(ssl);
881  return NULL;
882  }
883 
884  // サーバ証明書のチェック
885  if (mode==ON) {
886  long lrt = SSL_get_verify_result(ssl);
887  if (lrt!=X509_V_OK) {
888  ssl_close(ssl);
889  return NULL;
890  }
891  }
892 
893  return ssl;
894 }
895 
896 
912 SSL_CTX* ssl_server_setup(char* crt_fn, char* key_fn, char* chn_fn)
913 {
914  int ret;
915  SSL_CTX* ssl_ctx;
916 
917  //
918 #if OPENSSL_VERSION_NUMBER < 0x10101000L
919  ssl_ctx = SSL_CTX_new(SSLv23_server_method());
920 #else
921  ssl_ctx = SSL_CTX_new(TLS_server_method());
922 #endif
923  if (ssl_ctx==NULL) return NULL;
924 
925  // サーバ証明書と秘密鍵の読み込み
926  if (crt_fn!=NULL && key_fn!=NULL) {
927  if (chn_fn!=NULL) {
928  ret = SSL_CTX_use_certificate_file(ssl_ctx, crt_fn, SSL_FILETYPE_PEM);
929  }
930  else {
931  ret = ssl_read_fullchain_cert_file(ssl_ctx, crt_fn);
932  }
933 
934  if (ret==1) {
935  ret = SSL_CTX_use_PrivateKey_file(ssl_ctx, key_fn, SSL_FILETYPE_PEM);
936  }
937 
938  if (ret==1 && chn_fn!=NULL) {
939  ret = ssl_add_chain_file(ssl_ctx, chn_fn);
940  }
941 
942  if (ret!=1) {
943  SSL_CTX_free(ssl_ctx);
944  return NULL;
945  }
946 
947  //SSL_CTX_set_verify(ssl_ctx, SSL_VERIFY_PEER, NULL); // Client Certificate
948  //SSL_CTX_set_verify_depth(ssl_ctx, 1);
949  }
950 
951  return ssl_ctx;
952 }
953 
954 
965 int ssl_add_chain_file(SSL_CTX* ssl_ctx, char* file)
966 {
967  int ret = 0;
968  if (file==NULL) return ret;
969 
970  BIO* bio = BIO_new(BIO_s_file());
971  if (bio==NULL) return ret;
972 
973  BIO_read_filename(bio, file);
974  X509* x509 = PEM_read_bio_X509(bio, NULL, NULL, NULL);
975  while(x509!=NULL) {
976  ret = SSL_CTX_add_extra_chain_cert(ssl_ctx, x509);
977  x509 = PEM_read_bio_X509(bio, NULL, NULL, NULL);
978  }
979  BIO_free(bio);
980 
981  return ret;
982 }
983 
984 
995 int ssl_read_fullchain_cert_file(SSL_CTX* ssl_ctx, char* file)
996 {
997  int ret = 0;
998  if (file==NULL) return ret;
999 
1000  BIO* bio = NULL;
1001  X509* x509 = NULL;
1002 
1003  bio = BIO_new(BIO_s_file());
1004  if (bio==NULL) return ret;
1005  BIO_read_filename(bio, file);
1006 
1007  // cert
1008  x509 = PEM_read_bio_X509(bio, NULL, NULL, NULL);
1009  if (x509!=NULL) {
1010  ret = SSL_CTX_use_certificate(ssl_ctx, x509);
1011  }
1012  // chain
1013  if (ret==1) {
1014  x509 = PEM_read_bio_X509(bio, NULL, NULL, NULL);
1015  while(x509!=NULL) {
1016  ret = SSL_CTX_add_extra_chain_cert(ssl_ctx, x509);
1017  x509 = PEM_read_bio_X509(bio, NULL, NULL, NULL);
1018  }
1019  }
1020 
1021  BIO_free(bio);
1022 
1023  return ret;
1024 }
1025 
1026 
1027 #define SSL_ACCEPT_COUNT_MAX 10
1028 
1042 SSL* ssl_server_socket(int sock, SSL_CTX* ssl_ctx)
1043 {
1044  if (ssl_ctx==NULL) return NULL;
1045  int cnt_max = SSL_ACCEPT_COUNT_MAX;
1046 
1047  SSL* ssl = SSL_new(ssl_ctx);
1048  if (ssl==NULL) {
1049  //SSL_CTX_free(ssl_ctx);
1050  return NULL;
1051  }
1052 
1053  int ret = SSL_set_fd(ssl, sock);
1054  if (ret!=1) {
1055  ssl_close(ssl);
1056  return NULL;
1057  }
1058 
1059  int cnt = 0;
1060  SSL_set_accept_state(ssl);
1061  do {
1062  ret = SSL_accept(ssl);
1063  ret = SSL_get_error(ssl, ret);
1064  cnt++;
1065  } while (cnt<=cnt_max && (ret==SSL_ERROR_WANT_READ || ret==SSL_ERROR_WANT_WRITE || ret==SSL_ERROR_SYSCALL));
1066 
1067  if (ret==SSL_ERROR_SSL || cnt>cnt_max) {
1068  if (ret!=SSL_ERROR_SSL) ssl_close(ssl);
1069  return NULL;
1070  }
1071 
1072  return ssl;
1073 }
1074 
1075 
1083 void ssl_close(SSL* ssl)
1084 {
1085  if (ssl!=NULL) {
1086  //SSL_CTX* p = ssl->ctx;
1087  SSL_shutdown(ssl);
1088  SSL_free(ssl);
1089  //if (p!=NULL) SSL_CTX_free(p);
1090  }
1091 }
1092 
1093 
1104 tList* ssl_get_cert_info(SSL* ssl)
1105 {
1106  tList* lt;
1107  tList* lp;
1108  char* pp;
1109  char buf[LBUF];
1110  X509* x509;
1111  BIO* bio;
1112 
1113  pp = (char*)SSL_get_cipher(ssl);
1114  lt = lp = add_tList_node_str(NULL, "cipher", pp);
1115 
1116  pp = (char*)SSL_get_cipher_version(ssl);
1117  lp = add_tList_node_str(lp, "version", pp);
1118 
1119  x509 = SSL_get_peer_certificate(ssl);
1120  if (x509==NULL) return lt;
1121 
1122  bio = BIO_new(BIO_s_mem());
1123  if (bio==NULL) {
1124  X509_free(x509);
1125  return lt;
1126  }
1127 
1128  X509_NAME_print_ex(bio, X509_get_subject_name(x509), 0, XN_FLAG_RFC2253);
1129  BIO_gets(bio, buf, LBUF);
1130  lp = add_tList_node_str(lp, "subject", buf);
1131 
1132  X509_NAME_print_ex(bio, X509_get_issuer_name(x509), 0, XN_FLAG_RFC2253);
1133  BIO_gets(bio, buf, LBUF);
1134  lp = add_tList_node_str(lp, "issuer", buf);
1135 
1136  ASN1_TIME_print(bio, X509_get_notBefore(x509));
1137  BIO_gets(bio, buf, LBUF);
1138  lp = add_tList_node_str(lp, "before", buf);
1139 
1140  ASN1_TIME_print(bio, X509_get_notAfter(x509));
1141  BIO_gets(bio, buf, LBUF);
1142  lp = add_tList_node_str(lp, "after", buf);
1143 
1144  BIO_free(bio);
1145  X509_free(x509);
1146 
1147  return lt;
1148 }
1149 
1150 
1151 
1153 // SSL communications
1154 
1171 int ssl_recv(SSL* ssl, char* rmsg, int size)
1172 {
1173  int cc;
1174 
1175  if (ssl==NULL || rmsg==NULL) return JBXL_ARGS_ERROR;
1176 
1177  memset(rmsg, 0, size);
1178  cc = SSL_read(ssl, rmsg, size-1);
1179 
1180  if (cc<0) cc = JBXL_SSL_RECV_ERROR;
1181  return cc;
1182 }
1183 
1184 
1202 int ssl_send(SSL* ssl, char* smsg, int size)
1203 {
1204  int cc;
1205 
1206  if (ssl==NULL || smsg==NULL) return JBXL_ARGS_ERROR;
1207 
1208  if (size<=0) size = strlen(smsg);
1209  cc = SSL_write(ssl, smsg, size);
1210 
1211  if (cc<0) cc = JBXL_SSL_SEND_ERROR;
1212  return cc;
1213 }
1214 
1215 
1239 int ssl_recv_wait(int sock, SSL* ssl, char* mesg, int sz, int tm)
1240 {
1241  int cc;
1242 
1243  if (ssl==NULL || mesg==NULL) return JBXL_ARGS_ERROR;
1244 
1245  //memset(mesg, 0, sz);
1246  if (recv_wait(sock, tm)) {
1247  cc = ssl_recv(ssl, mesg, sz);
1248  //if (cc<=0) DEBUG_MODE PRINT_MESG("SSL_RECV_WAIT: Session Closed.\n");
1249  }
1250  else {
1251  //DEBUG_MODE PRINT_MESG("SSL_RECV_WAIT: Time Out. (%ds)\n", tm);
1252  return JBXL_NET_RECV_TIMEOUT;
1253  }
1254 
1255  return cc;
1256 }
1257 
1258 
1271 int ssl_send_mesgln(SSL* ssl, char* mesg)
1272 {
1273  int cc, sz;
1274  char* buf;
1275 
1276  if (ssl==NULL || mesg==NULL) return JBXL_ARGS_ERROR;
1277 
1278  sz = strlen(mesg) + 3; // for CR+LF+0x00
1279  buf = (char*)malloc(sz);
1280  if (buf==NULL) return JBXL_MALLOC_ERROR;
1281 
1282  strncpy(buf, mesg, sz);
1283  strncat(buf, "\r\n", 2);
1284  cc = ssl_send(ssl, buf, strlen(buf));
1285 
1286  free(buf);
1287  return cc;
1288 }
1289 
1290 
1324 int ssl_recv_mstream(int sock, SSL* ssl, char* mesg, int sz, mstream* sb, int tm)
1325 {
1326  int cc;
1327  unsigned char* pp;
1328 
1329  if (ssl==NULL) return JBXL_ARGS_ERROR;
1330  if (mesg==NULL || sb==NULL) return JBXL_ARGS_ERROR;
1331  //memset(mesg, 0, sz);
1332 
1333  if (sb->buf==NULL) {
1334  *sb = make_mstream(RECVBUFSZ);
1335  if (sb->buf==NULL) return JBXL_MALLOC_ERROR;
1336  }
1337 
1338  while (sb->datano==0) {
1339  cc = ssl_recv_wait(sock, ssl, mesg, sz, tm);
1340  if (cc<=0) return cc;
1341  put_mstream(sb, (unsigned char*)mesg);
1342  //memset(mesg, 0, sz);
1343  }
1344 
1345  pp = get_mstream(sb);
1346  if (pp==NULL) return JBXL_NET_BUF_ERROR;
1347  if (strlen((const char*)pp)>=(unsigned int)sz) {
1348  memcpy(mesg, pp, sz-1);
1349  free(pp);
1350  return JBXL_NET_BUFSZ_ERROR;
1351  }
1352  memcpy(mesg, pp, strlen((const char*)pp));
1353 
1354  free(pp);
1355  return strlen(mesg);
1356 }
1357 
1358 
1359 
1361 // SSL with Buffer
1362 
1376 int ssl_recv_Buffer(SSL* ssl, Buffer* str)
1377 {
1378  int cc;
1379 
1380  if (ssl==NULL || str==NULL || str->buf==NULL) return JBXL_ARGS_ERROR;
1381 
1382  memset(str->buf, 0, str->bufsz);
1383  str->vldsz = 0;
1384  str->state = JBXL_NORMAL;
1385 
1386  cc = SSL_read(ssl, str->buf, str->bufsz-1);
1387  if (cc>=0) str->vldsz = cc;
1388  else cc = JBXL_SSL_RECV_ERROR;
1389 
1390  return cc;
1391 }
1392 
1393 
1406 int ssl_send_Buffer(SSL* ssl, Buffer* str)
1407 {
1408  int cc;
1409 
1410  if (ssl==NULL || str==NULL || str->buf==NULL) return JBXL_ARGS_ERROR;
1411 
1412  if (str->vldsz<0) str->vldsz = strlen((const char*)str->buf);
1413  cc = SSL_write(ssl, str->buf, str->vldsz);
1414 
1415  if (cc<0) cc = JBXL_SSL_SEND_ERROR;
1416  return cc;
1417 }
1418 
1419 
1440 int ssl_recv_Buffer_wait(int sock, SSL* ssl, Buffer* str, int tm)
1441 {
1442  int cc;
1443 
1444  if (ssl==NULL || str==NULL || str->buf==NULL) return JBXL_ARGS_ERROR;
1445 
1446  //memset(str->buf, 0, str->bufsz);
1447  str->vldsz = 0;
1448  cc = ssl_recv_wait(sock, ssl, (char*)str->buf, str->bufsz, tm);
1449  if (cc>=0) str->vldsz = cc;
1450 
1451  return cc;
1452 }
1453 
1454 
1467 int ssl_send_sBuffer(SSL* ssl, Buffer* str)
1468 {
1469  int cc;
1470 
1471  if (ssl==NULL || str==NULL || str->buf==NULL) return JBXL_ARGS_ERROR;
1472 
1473  cc = SSL_write(ssl, str->buf, strlen((const char*)str->buf));
1474 
1475  if (cc<0) cc = JBXL_SSL_SEND_ERROR;
1476  return cc;
1477 }
1478 
1479 
1492 int ssl_send_sBufferln(SSL* ssl, Buffer* str)
1493 {
1494  int cc;
1495  Buffer buf;
1496 
1497  if (ssl==NULL || str==NULL || str->buf==NULL) return JBXL_ARGS_ERROR;
1498 
1499  buf = dup_Buffer(*str);
1500  cat_s2Buffer("\r\n", &buf);
1501  cc = SSL_write(ssl, buf.buf, strlen((const char*)buf.buf));
1502  free_Buffer(&buf);
1503 
1504  if (cc<0) cc = JBXL_SSL_SEND_ERROR;
1505  return cc;
1506 }
1507 
1508 
1539 int ssl_recv_mstream_Buffer(int sock, SSL* ssl, Buffer* mesg, mstream* sb, int tm)
1540 {
1541  int cc;
1542  unsigned char* pp;
1543 
1544  if (ssl==NULL) return JBXL_ARGS_ERROR;
1545  if (mesg==NULL || mesg->buf==NULL || sb==NULL) return JBXL_ARGS_ERROR;
1546  *mesg = make_Buffer(LBUF);
1547 
1548  if (sb->buf==NULL) {
1549  *sb = make_mstream(RECVBUFSZ);
1550  if (sb->buf==NULL) return JBXL_MALLOC_ERROR;
1551  }
1552 
1553  while (sb->datano==0) {
1554  cc = ssl_recv_Buffer_wait(sock, ssl, mesg, tm);
1555  if (cc<=0) {
1556  free_Buffer(mesg);
1557  return cc;
1558  }
1559  put_mstream(sb, mesg->buf);
1560  clear_Buffer(mesg);
1561  }
1562 
1563  pp = get_mstream(sb);
1564  if (pp==NULL) return JBXL_NET_BUF_ERROR;
1565  copy_s2Buffer((char*)pp, mesg);
1566  free(pp);
1567 
1568  return mesg->vldsz;
1569 }
1570 
1571 
1595 int ssl_recv_lines_Buffer(int sock, SSL* ssl, Buffer* mesg, int tm)
1596 {
1597  int cc;
1598  Buffer msg, buf;
1599 
1600  if (ssl==NULL || mesg==NULL || mesg->buf==NULL) return JBXL_ARGS_ERROR;
1601  buf = make_Buffer(LBUF);
1602 
1603  cc = ssl_recv_Buffer_wait(sock, ssl, &buf, tm);
1604  while (cc>0) {
1605  cat_Buffer(&buf, &msg);
1606  if (buf.buf[cc-1]==CHAR_LF) break;
1607  clear_Buffer(&buf);
1608  cc = ssl_recv_Buffer_wait(sock, ssl, &buf, tm);
1609  }
1610  free_Buffer(&buf);
1611 
1612  if (cc<=0) {
1613  free_Buffer(mesg);
1614  return cc;
1615  }
1616 
1617  return mesg->vldsz;
1618 }
1619 
1620 
1621 
1623 // SSL / TCP compati communications
1624 
1643 int ssl_tcp_recv(int sock, SSL* ssl, char* rmsg, int size)
1644 {
1645  int cc;
1646 
1647  if (rmsg==NULL) return JBXL_ARGS_ERROR;
1648  memset(rmsg, 0, size);
1649 
1650  if (ssl!=NULL) cc = SSL_read(ssl, rmsg, size-1);
1651  else cc = recv(sock, rmsg, size-1, 0);
1652 
1653  if (cc<0) cc = JBXL_SSL_RECV_ERROR;
1654  return cc;
1655 }
1656 
1657 
1676 int ssl_tcp_send(int sock, SSL* ssl, char* smsg, int size)
1677 {
1678  int cc;
1679 
1680  if (smsg==NULL) return JBXL_ARGS_ERROR;
1681 
1682  if (size<=0) size = strlen(smsg);
1683  if (ssl!=NULL) cc = SSL_write(ssl, smsg, size);
1684  else cc = send(sock, smsg, size, 0);
1685 
1686  if (cc<0) cc = JBXL_SSL_SEND_ERROR;
1687  return cc;
1688 }
1689 
1690 
1714 int ssl_tcp_recv_wait(int sock, SSL* ssl, char* mesg, int sz, int tm)
1715 {
1716  int cc;
1717 
1718  if (mesg==NULL) return JBXL_ARGS_ERROR;
1719 
1720  if (recv_wait(sock, tm)) {
1721  cc = ssl_tcp_recv(sock, ssl, mesg, sz);
1722  //if (cc<=0) DEBUG_MODE PRINT_MESG("SSL_TCP_RECV_WAIT: Session Closed. ret = %d. (%ds)\n", cc, tm);
1723  }
1724  else {
1725  //DEBUG_MODE PRINT_MESG("SSL_TCP_RECV_WAIT: Time Out. (%ds)\n", tm);
1726  return JBXL_NET_RECV_TIMEOUT;
1727  }
1728 
1729  return cc;
1730 }
1731 
1732 
1747 int ssl_tcp_send_mesgln(int sock, SSL* ssl, char* mesg)
1748 {
1749  int cc, sz;
1750  char* buf;
1751 
1752  if (mesg==NULL) return JBXL_ARGS_ERROR;
1753 
1754  sz = strlen(mesg) + 3; // for CR+LF+0x00
1755  buf = (char*)malloc(sz);
1756  if (buf==NULL) return JBXL_MALLOC_ERROR;
1757 
1758  strncpy(buf, mesg, sz);
1759  strncat(buf, "\r\n", 2);
1760  cc = ssl_tcp_send(sock, ssl, buf, strlen(buf));
1761 
1762  free(buf);
1763  return cc;
1764 }
1765 
1766 
1801 int ssl_tcp_recv_mstream(int sock, SSL* ssl, char* mesg, int sz, mstream* sb, int tm)
1802 {
1803  int cc;
1804  unsigned char* pp;
1805 
1806  if (mesg==NULL || sb==NULL) return JBXL_ARGS_ERROR;
1807  //memset(mesg, 0, sz);
1808 
1809  if (sb->buf==NULL) {
1810  *sb = make_mstream(RECVBUFSZ);
1811  if (sb->buf==NULL) return JBXL_MALLOC_ERROR;
1812  }
1813 
1814  while (sb->datano==0) {
1815  cc = ssl_tcp_recv_wait(sock, ssl, mesg, sz, tm);
1816  if (cc<=0) return cc;
1817  put_mstream(sb, (unsigned char*)mesg);
1818  //memset(mesg, 0, sz);
1819  }
1820 
1821  pp = get_mstream(sb);
1822  if (pp==NULL) return JBXL_NET_BUF_ERROR;
1823  if (strlen((const char*)pp)>=(unsigned int)sz) {
1824  memcpy(mesg, pp, sz-1);
1825  free(pp);
1826  return JBXL_NET_BUFSZ_ERROR;
1827  }
1828  memcpy(mesg, pp, strlen((const char*)pp));
1829 
1830  free(pp);
1831  return strlen(mesg);
1832 }
1833 
1834 
1849 int ssl_tcp_recv_Buffer(int sock, SSL* ssl, Buffer* str)
1850 {
1851  int cc;
1852 
1853  if (str==NULL || str->buf==NULL) return JBXL_ARGS_ERROR;
1854 
1855  memset(str->buf, 0, str->bufsz);
1856  str->vldsz = 0;
1857  str->state = JBXL_NORMAL;
1858 
1859  if (ssl!=NULL) cc = SSL_read(ssl, str->buf, str->bufsz-1);
1860  else cc = recv(sock, str->buf, str->bufsz-1, 0);
1861 
1862  if (cc>=0) str->vldsz = cc;
1863  else cc = JBXL_SSL_RECV_ERROR;
1864  return cc;
1865 }
1866 
1867 
1881 int ssl_tcp_send_Buffer(int sock, SSL* ssl, Buffer* str)
1882 {
1883  int cc;
1884 
1885  if (str==NULL || str->buf==NULL) return JBXL_ARGS_ERROR;
1886 
1887  if (str->vldsz<0) str->vldsz = strlen((const char*)str->buf);
1888  if (ssl!=NULL) {
1889  cc = SSL_write(ssl, str->buf, str->vldsz);
1890  }
1891  else {
1892  cc = send(sock, str->buf, str->vldsz, 0);
1893  }
1894 
1895  if (cc<0) cc = JBXL_SSL_SEND_ERROR;
1896  return cc;
1897 }
1898 
1899 
1920 int ssl_tcp_recv_Buffer_wait(int sock, SSL* ssl, Buffer* str, int tm)
1921 {
1922  int cc;
1923 
1924  if (str==NULL || str->buf==NULL) return JBXL_ARGS_ERROR;
1925 
1926  str->vldsz = 0;
1927  cc = ssl_tcp_recv_wait(sock, ssl, (char*)str->buf, str->bufsz, tm);
1928  if (cc>=0) str->vldsz = cc;
1929 
1930  //PRINT_MESG("ssl_tcp_recv_Buffer_wait : %s\n", (char*)str->buf);
1931  return cc;
1932 }
1933 
1934 
1951 int ssl_tcp_recv_Buffer_tosize(int sock, SSL* ssl, Buffer* str, Buffer* mod, int size)
1952 {
1953  int cc, sz;
1954  int modon = FALSE;
1955 
1956  if (str==NULL || str->buf==NULL) return JBXL_ARGS_ERROR;
1957  if (mod!=NULL && mod->buf!=NULL) modon = TRUE;
1958 
1959  if (modon) memset(mod->buf, 0, mod->vldsz);
1960  Buffer buf = make_Buffer(RECVBUFSZ);
1961 
1962  sz = str->vldsz;
1963  while (sz<size) {
1964  cc = ssl_tcp_recv_Buffer(sock, ssl, &buf);
1965  if (cc>0) {
1966  cat_Buffer(&buf, str);
1967  sz += cc;
1968  }
1969  else {
1970  if (cc<0) sz = cc;
1971  break;
1972  }
1973  }
1974  free_Buffer(&buf);
1975 
1976  if (sz>size && modon) {
1977  copy_b2Buffer((void*)(str->buf+size), mod, sz-size);
1978  str->vldsz = size;
1979  }
1980  return sz;
1981 }
1982 
1983 
2006 int ssl_tcp_recv_Buffer_tosize_wait(int sock, SSL* ssl, Buffer* str, Buffer* mod, int size, int tm)
2007 {
2008  int cc, sz;
2009  int modon = FALSE;
2010 
2011  if (str==NULL || str->buf==NULL) return JBXL_ARGS_ERROR;
2012  if (mod!=NULL && mod->buf!=NULL) modon = TRUE;
2013 
2014  if (modon) memset(mod->buf, 0, mod->vldsz);
2015  Buffer buf = make_Buffer(RECVBUFSZ);
2016 
2017  sz = str->vldsz;
2018  while (sz<size) {
2019  cc = ssl_tcp_recv_Buffer_wait(sock, ssl, &buf, tm);
2020  if (cc>0) {
2021  cat_Buffer(&buf, str);
2022  sz += cc;
2023  }
2024  else {
2025  if (cc<0) sz = cc;
2026  break;
2027  }
2028  }
2029  free_Buffer(&buf);
2030 
2031  if (sz>size && modon) {
2032  copy_b2Buffer((void*)(str->buf+size), mod, sz-size);
2033  str->vldsz = size;
2034  }
2035  return sz;
2036 }
2037 
2038 
2052 int ssl_tcp_send_sBuffer(int sock, SSL* ssl, Buffer* str)
2053 {
2054  int cc;
2055 
2056  if (str==NULL || str->buf==NULL) return JBXL_ARGS_ERROR;
2057 
2058  if (ssl!=NULL) cc = SSL_write(ssl, str->buf, strlen((const char*)str->buf));
2059  else cc = send(sock, str->buf, strlen((const char*)str->buf), 0);
2060 
2061  if (cc<0) cc = JBXL_SSL_SEND_ERROR;
2062  return cc;
2063 }
2064 
2065 
2079 int ssl_tcp_send_sBufferln(int sock, SSL* ssl, Buffer* str)
2080 {
2081  int cc;
2082  Buffer buf;
2083 
2084  if (str==NULL || str->buf==NULL) return JBXL_ARGS_ERROR;
2085 
2086  buf = dup_Buffer(*str);
2087  cat_s2Buffer("\r\n", &buf);
2088 
2089  if (ssl!=NULL) cc = SSL_write(ssl, buf.buf, strlen((const char*)buf.buf));
2090  else cc = send(sock, buf.buf, strlen((const char*)buf.buf), 0);
2091 
2092  free_Buffer(&buf);
2093 
2094  if (cc<0) cc = JBXL_SSL_SEND_ERROR;
2095  return cc;
2096 }
2097 
2098 
2128 int ssl_tcp_recv_mstream_Buffer(int sock, SSL* ssl, Buffer* mesg, mstream* sb, int tm)
2129 {
2130  int cc;
2131  unsigned char* pp;
2132 
2133  if (mesg==NULL || mesg->buf==NULL || sb==NULL) return JBXL_ARGS_ERROR;
2134  *mesg = make_Buffer(LBUF);
2135 
2136  if (sb->buf==NULL) {
2137  *sb = make_mstream(RECVBUFSZ);
2138  if (sb->buf==NULL) return JBXL_MALLOC_ERROR;
2139  }
2140 
2141  while (sb->datano==0) {
2142  cc = ssl_tcp_recv_Buffer_wait(sock, ssl, mesg, tm);
2143  if (cc<=0) {
2144  free_Buffer(mesg);
2145  return cc;
2146  }
2147  put_mstream(sb, mesg->buf);
2148  clear_Buffer(mesg);
2149  }
2150 
2151  pp = get_mstream(sb);
2152  if (pp==NULL) return JBXL_NET_BUF_ERROR;
2153  copy_s2Buffer((char*)pp, mesg);
2154  free(pp);
2155 
2156  return mesg->vldsz;
2157 }
2158 
2159 
2182 int ssl_tcp_recv_lines_Buffer(int sock, SSL* ssl, Buffer* mesg, int tm)
2183 {
2184  int cc;
2185  Buffer msg, buf;
2186 
2187  if (mesg==NULL || mesg->buf==NULL) return JBXL_ARGS_ERROR;
2188  buf = make_Buffer(LBUF);
2189 
2190  cc = ssl_tcp_recv_Buffer_wait(sock, ssl, &buf, tm);
2191  while (cc>0) {
2192  cat_Buffer(&buf, &msg);
2193  if (buf.buf[cc-1]==CHAR_LF) break;
2194  clear_Buffer(&buf);
2195  cc = ssl_tcp_recv_Buffer_wait(sock, ssl, &buf, tm);
2196  }
2197  free_Buffer(&buf);
2198 
2199  if (cc<=0) {
2200  free_Buffer(mesg);
2201  return cc;
2202  }
2203 
2204  return mesg->vldsz;
2205 }
2206 
2207 
2208 #endif
encode_base64_Buffer
Buffer encode_base64_Buffer(Buffer buf)
バイナリデータ buf.bufの buf.vldszバイトを Base64にエンコード する
Definition: buffer.c:804
make_Buffer
Buffer make_Buffer(int sz)
Buffer型変数のバッファ部をつくり出す.
Definition: buffer.c:71
clear_Buffer
void clear_Buffer(Buffer *str)
Buffer型変数 のバッファ部を 0クリアする.
Definition: buffer.c:272
free_Buffer
void free_Buffer(Buffer *buf)
Buffer型変数のバッファ部を解放する
Definition: buffer.c:128
init_Buffer
Buffer init_Buffer()
初期化したBuffer型変数を返す.
Definition: buffer.c:47
dup_Buffer
Buffer dup_Buffer(Buffer buf)
Buffer型変数のコピーをつくる.
Definition: buffer.c:211
decode_base64_Buffer
Buffer decode_base64_Buffer(Buffer str)
strのバッファを Base64からデコードする
Definition: buffer.c:850
cat_Buffer
int cat_Buffer(Buffer *src, Buffer *dst)
Buffer変数 srcから dstへバッファを catする.
Definition: buffer.c:384
copy_Buffer
int copy_Buffer(Buffer *src, Buffer *dst)
Buffer型変数 srcから dstへバッファをコピーする.
Definition: buffer.c:315
copy_b2Buffer
int copy_b2Buffer(void *src, Buffer *dst, int len)
任意のバイナリデータsrcを Buffer型変数dstへ lenバイト copyする
Definition: buffer.c:518
copy_s2Buffer
#define copy_s2Buffer(src, dst)
copy_b2Buffer()
Definition: buffer.h:108
bincmp_Buffer
#define bincmp_Buffer(a, b)
cmp_Buffer()
Definition: buffer.h:152
strcmp_Buffer
#define strcmp_Buffer(a, b)
cmp_Buffer()
Definition: buffer.h:150
cat_s2Buffer
#define cat_s2Buffer(src, dst)
cat_b2Buffer()
Definition: buffer.h:122
make_Buffer_bystr
#define make_Buffer_bystr(str)
set_Buffer()
Definition: buffer.h:57
RECVBUFSZ
#define RECVBUFSZ
256K
Definition: common.h:134
LBUF
#define LBUF
Definition: common.h:146
TRUE
#define TRUE
Definition: common.h:226
FALSE
#define FALSE
Definition: common.h:223
ON
#define ON
Definition: common.h:230
dh_tool.h
JBXL_ARGS_ERROR
#define JBXL_ARGS_ERROR
不正な引数(NULLなど)
Definition: jbxl_state.h:42
JBXL_SSL_RECV_ERROR
#define JBXL_SSL_RECV_ERROR
SSL 受信エラー
Definition: jbxl_state.h:122
JBXL_NORMAL
#define JBXL_NORMAL
正常
Definition: jbxl_state.h:32
JBXL_NET_BUFSZ_ERROR
#define JBXL_NET_BUFSZ_ERROR
受信バッファの長さが足りない.はみ出したデータは捨てられた
Definition: jbxl_state.h:73
JBXL_SSL_SEND_ERROR
#define JBXL_SSL_SEND_ERROR
SSL 送信エラー
Definition: jbxl_state.h:123
JBXL_MALLOC_ERROR
#define JBXL_MALLOC_ERROR
メモリ確保エラー
Definition: jbxl_state.h:41
JBXL_NET_BUF_ERROR
#define JBXL_NET_BUF_ERROR
受信バッファにデータは存在するはずだが,原因不明の理由により獲得に失敗した
Definition: jbxl_state.h:72
JBXL_NET_RECV_TIMEOUT
#define JBXL_NET_RECV_TIMEOUT
受信タイムアウト
Definition: jbxl_state.h:76
buf
unsigned char ** buf
Definition: jpeg_tool.h:96
len
unsigned char unsigned long * len
Definition: jpeg_tool.h:96
recv_wait
int recv_wait(int sock, int tm)
Definition: network.c:1443
tcp_send_mesg
#define tcp_send_mesg(s, m)
Definition: network.h:184
get_crypt_Buffer
Buffer get_crypt_Buffer(Buffer data, Buffer *key, EVP_CIPHER *cipher)
Definition: ssl_tool.c:264
tcp_send_crypt_sBuffer
int tcp_send_crypt_sBuffer(int sock, Buffer *mesg, Buffer *key, EVP_CIPHER *cipher)
Definition: ssl_tool.c:351
ssl_recv_Buffer_wait
int ssl_recv_Buffer_wait(int sock, SSL *ssl, Buffer *str, int tm)
Definition: ssl_tool.c:1440
ssl_add_chain_file
int ssl_add_chain_file(SSL_CTX *ssl_ctx, char *file)
Definition: ssl_tool.c:965
ssl_send_Buffer
int ssl_send_Buffer(SSL *ssl, Buffer *str)
Definition: ssl_tool.c:1406
ssl_tcp_recv_wait
int ssl_tcp_recv_wait(int sock, SSL *ssl, char *mesg, int sz, int tm)
Definition: ssl_tool.c:1714
udp_send_crypt_Buffer
int udp_send_crypt_Buffer(int sock, Buffer *data, struct addrinfo *sv, Buffer *key, EVP_CIPHER *cipher)
Definition: ssl_tool.c:162
ssl_server_socket
SSL * ssl_server_socket(int sock, SSL_CTX *ssl_ctx)
Definition: ssl_tool.c:1042
get_plain_message
Buffer get_plain_message(char *mesg, Buffer *key, EVP_CIPHER *cipher)
Definition: ssl_tool.c:391
ssl_tcp_send_sBuffer
int ssl_tcp_send_sBuffer(int sock, SSL *ssl, Buffer *str)
Definition: ssl_tool.c:2052
ssl_recv
int ssl_recv(SSL *ssl, char *rmsg, int size)
Definition: ssl_tool.c:1171
ssl_tcp_recv
int ssl_tcp_recv(int sock, SSL *ssl, char *rmsg, int size)
Definition: ssl_tool.c:1643
udp_recv_crypt_Buffer_sockaddr_in
int udp_recv_crypt_Buffer_sockaddr_in(int sock, Buffer *data, struct sockaddr_in *sv, Buffer *key, EVP_CIPHER *cipher)
Definition: ssl_tool.c:132
ssl_tcp_recv_Buffer_wait
int ssl_tcp_recv_Buffer_wait(int sock, SSL *ssl, Buffer *str, int tm)
Definition: ssl_tool.c:1920
ssl_send
int ssl_send(SSL *ssl, char *smsg, int size)
Definition: ssl_tool.c:1202
ssl_recv_mstream_Buffer
int ssl_recv_mstream_Buffer(int sock, SSL *ssl, Buffer *mesg, mstream *sb, int tm)
Definition: ssl_tool.c:1539
ssl_tcp_recv_Buffer
int ssl_tcp_recv_Buffer(int sock, SSL *ssl, Buffer *str)
Definition: ssl_tool.c:1849
ssl_send_mesgln
int ssl_send_mesgln(SSL *ssl, char *mesg)
Definition: ssl_tool.c:1271
read_spki_with_ipaddr
Buffer read_spki_with_ipaddr(Buffer ipa, FILE *fp)
Definition: ssl_tool.c:595
ssl_tcp_send_sBufferln
int ssl_tcp_send_sBufferln(int sock, SSL *ssl, Buffer *str)
Definition: ssl_tool.c:2079
ssl_tcp_send_Buffer
int ssl_tcp_send_Buffer(int sock, SSL *ssl, Buffer *str)
Definition: ssl_tool.c:1881
ssl_tcp_recv_lines_Buffer
int ssl_tcp_recv_lines_Buffer(int sock, SSL *ssl, Buffer *mesg, int tm)
Definition: ssl_tool.c:2182
ssl_init
void ssl_init()
Definition: ssl_tool.c:806
ssl_client_socket
SSL * ssl_client_socket(int sock, SSL_CTX *ssl_ctx, int mode)
Definition: ssl_tool.c:861
tcp_send_crypt_Buffer
int tcp_send_crypt_Buffer(int sock, Buffer *data, Buffer *key, EVP_CIPHER *cipher)
Definition: ssl_tool.c:208
ssl_tcp_recv_mstream
int ssl_tcp_recv_mstream(int sock, SSL *ssl, char *mesg, int sz, mstream *sb, int tm)
Definition: ssl_tool.c:1801
ssl_get_cert_info
tList * ssl_get_cert_info(SSL *ssl)
Definition: ssl_tool.c:1104
ssl_tcp_recv_Buffer_tosize
int ssl_tcp_recv_Buffer_tosize(int sock, SSL *ssl, Buffer *str, Buffer *mod, int size)
Definition: ssl_tool.c:1951
ssl_server_setup
SSL_CTX * ssl_server_setup(char *crt_fn, char *key_fn, char *chn_fn)
Definition: ssl_tool.c:912
ssl_tcp_send
int ssl_tcp_send(int sock, SSL *ssl, char *smsg, int size)
Definition: ssl_tool.c:1676
ssl_read_fullchain_cert_file
int ssl_read_fullchain_cert_file(SSL_CTX *ssl_ctx, char *file)
Definition: ssl_tool.c:995
ssl_tcp_send_mesgln
int ssl_tcp_send_mesgln(int sock, SSL *ssl, char *mesg)
Definition: ssl_tool.c:1747
encode_EVPAPI_Buffer
Buffer encode_EVPAPI_Buffer(Buffer buf, Buffer shdkey, EVP_CIPHER *cipher)
Definition: ssl_tool.c:722
ssl_tcp_recv_Buffer_tosize_wait
int ssl_tcp_recv_Buffer_tosize_wait(int sock, SSL *ssl, Buffer *str, Buffer *mod, int size, int tm)
Definition: ssl_tool.c:2006
udp_recv_crypt_Buffer
int udp_recv_crypt_Buffer(int sock, Buffer *data, struct addrinfo *sv, Buffer *key, EVP_CIPHER *cipher)
Definition: ssl_tool.c:182
ssl_recv_lines_Buffer
int ssl_recv_lines_Buffer(int sock, SSL *ssl, Buffer *mesg, int tm)
Definition: ssl_tool.c:1595
ssl_send_sBuffer
int ssl_send_sBuffer(SSL *ssl, Buffer *str)
Definition: ssl_tool.c:1467
decode_EVPAPI_Buffer
Buffer decode_EVPAPI_Buffer(Buffer buf, Buffer shdkey, EVP_CIPHER *cipher)
Definition: ssl_tool.c:670
free_EVP_CIPHER
void free_EVP_CIPHER(EVP_CIPHER **p_cipher)
Definition: ssl_tool.c:773
ssl_tcp_recv_mstream_Buffer
int ssl_tcp_recv_mstream_Buffer(int sock, SSL *ssl, Buffer *mesg, mstream *sb, int tm)
Definition: ssl_tool.c:2128
ssl_send_sBufferln
int ssl_send_sBufferln(SSL *ssl, Buffer *str)
Definition: ssl_tool.c:1492
ssl_recv_Buffer
int ssl_recv_Buffer(SSL *ssl, Buffer *str)
Definition: ssl_tool.c:1376
check_server_spki
int check_server_spki(Buffer ipaddr, Buffer spki, char *filename)
Definition: ssl_tool.c:524
ssl_recv_mstream
int ssl_recv_mstream(int sock, SSL *ssl, char *mesg, int sz, mstream *sb, int tm)
Definition: ssl_tool.c:1324
SSL_ACCEPT_COUNT_MAX
#define SSL_ACCEPT_COUNT_MAX
Definition: ssl_tool.c:1027
init_EVPAPI_Buffer
EVP_CIPHER * init_EVPAPI_Buffer(int type)
Definition: ssl_tool.c:645
ssl_close
void ssl_close(SSL *ssl)
Definition: ssl_tool.c:1083
tcp_recv_crypt_Buffer
int tcp_recv_crypt_Buffer(int sock, Buffer *data, Buffer *key, EVP_CIPHER *cipher)
Definition: ssl_tool.c:228
ssl_client_setup
SSL_CTX * ssl_client_setup(char *ca)
Definition: ssl_tool.c:826
gen_CRYPT_SharedKey
int gen_CRYPT_SharedKey(int keyex, Buffer spki, Buffer *shdkey, void *ptr)
Definition: ssl_tool.c:91
get_crypt_sBuffer
Buffer get_crypt_sBuffer(Buffer mesg, Buffer *key, EVP_CIPHER *cipher)
Definition: ssl_tool.c:486
get_crypt_message
Buffer get_crypt_message(char *mesg, Buffer *key, EVP_CIPHER *cipher)
Definition: ssl_tool.c:455
tcp_send_crypt_mesg
int tcp_send_crypt_mesg(int sock, char *mesg, Buffer *key, EVP_CIPHER *cipher)
Definition: ssl_tool.c:298
get_plain_Buffer
Buffer get_plain_Buffer(Buffer data, Buffer *key, EVP_CIPHER *cipher)
Definition: ssl_tool.c:254
udp_send_crypt_Buffer_sockaddr_in
int udp_send_crypt_Buffer_sockaddr_in(int sock, Buffer *data, struct sockaddr_in *sv, Buffer *key, EVP_CIPHER *cipher)
Definition: ssl_tool.c:112
ssl_recv_wait
int ssl_recv_wait(int sock, SSL *ssl, char *mesg, int sz, int tm)
Definition: ssl_tool.c:1239
save_spki_with_ipaddr
int save_spki_with_ipaddr(Buffer ipa, Buffer pki, FILE *fp)
Definition: ssl_tool.c:569
get_plain_sBuffer
Buffer get_plain_sBuffer(Buffer mesg, Buffer *key, EVP_CIPHER *cipher)
Definition: ssl_tool.c:423
ssl_tool.h
Buffer
Definition: buffer.h:35
Buffer::bufsz
int bufsz
確保してあるバッファの大きさ - 1.
Definition: buffer.h:36
Buffer::vldsz
int vldsz
データの長さ.バイナリデータの場合も使用可能.文字列の場合は 0x00 を含まない.
Definition: buffer.h:37
Buffer::state
int state
変数の状態を表す.正常は JBXL_NORMAL
Definition: buffer.h:38
Buffer::buf
unsigned char * buf
バッファの先頭へのポインタ.str[bufsz]は必ず 0x00となる.
Definition: buffer.h:39
add_tList_node_str
#define add_tList_node_str(p, k, v)
add_tList_node_bystr()
Definition: tlist.h:142
put_mstream
int put_mstream(mstream *sb, unsigned char *mesg)
メッセージ(文字列)ストリーム sb へメッセージ(の一部)を格納する
Definition: tools.c:3491
get_mstream
unsigned char * get_mstream(mstream *sb)
メッセージ(文字列)ストリーム sb から次のメッセージを取り出す.改行コードは削除される.
Definition: tools.c:3532
file_chmod_open
FILE * file_chmod_open(const char *fn, const char *fm, mode_t mode)
ファイルの許可属性をmode へ変更した後,ファイルを fmモードでオープン
Definition: tools.c:2366
mstream
#define mstream
バイト型 メッセージストリーム
Definition: tools.h:167
make_mstream
#define make_mstream(s)
make_ringBuffer()
Definition: tools.h:385
CHAR_LF
#define CHAR_LF
ラインフィード
Definition: tools.h:79
tcp_send_sBuffer
int tcp_send_sBuffer(int sock, Buffer *str)
TCP経由で文字列データを送信する.
Definition: xtools.c:524
tcp_send_sBufferln
int tcp_send_sBufferln(int sock, Buffer *str)
TCPメッセージ(文字列)に改行(0x0d, 0x0a)を付け加えて送信する.
Definition: xtools.c:546
udp_recv_Buffer
int udp_recv_Buffer(int sock, Buffer *str, struct addrinfo *sv_addr)
recvform()をラッピングした関数.UDPデータを受信する.
Definition: xtools.c:212
save_tagged_Buffer
int save_tagged_Buffer(Buffer buf, FILE *fp, unsigned int mode, int prfm)
Bufferを指定された形式に従ってタグ付きでファイルに保存する.
Definition: xtools.c:956
tcp_send_Buffer
int tcp_send_Buffer(int sock, Buffer *str)
TCP経由でデータを送信する.
Definition: xtools.c:305
tcp_recv_Buffer
int tcp_recv_Buffer(int sock, Buffer *str)
TCP経由でデータを受信する.バッファリングなし.
Definition: xtools.c:276
udp_send_Buffer_sockaddr_in
int udp_send_Buffer_sockaddr_in(int sock, Buffer *str, struct sockaddr_in *sv_addr)
sendto() をラッピングした関数.UDP経由でデータを送る.IPv4専用.
Definition: xtools.c:72
udp_recv_Buffer_sockaddr_in
int udp_recv_Buffer_sockaddr_in(int sock, Buffer *str, struct sockaddr_in *sv_addr)
recvform()をラッピングした関数.UDPデータを受信する.IPv4専用.
Definition: xtools.c:38
read_tagged_Buffer
Buffer read_tagged_Buffer(FILE *fp, unsigned int *mode)
save_tagged_Buffer() で保存したファイルから,Buffer をタグに従って読み込む.
Definition: xtools.c:1013
udp_send_Buffer
int udp_send_Buffer(int sock, Buffer *str, struct addrinfo *sv_addr)
sendto() をラッピングした関数.UDP経由でデータを送る.
Definition: xtools.c:248
JBXL_FIO_STRING
#define JBXL_FIO_STRING
Definition: xtools.h:31
JBXL_FIO_ORIGINAL
#define JBXL_FIO_ORIGINAL
Definition: xtools.h:27
JBXL_FIO_IPADDRESS
#define JBXL_FIO_IPADDRESS
Definition: xtools.h:22
JBXL_FIO_SPKI
#define JBXL_FIO_SPKI
Definition: xtools.h:25