diff options
Diffstat (limited to 'release/src/router/cyassl/swig')
-rwxr-xr-x | release/src/router/cyassl/swig/PythonBuild.sh | 9 | ||||
-rw-r--r-- | release/src/router/cyassl/swig/README | 44 | ||||
-rw-r--r-- | release/src/router/cyassl/swig/cyassl.i | 42 | ||||
-rw-r--r-- | release/src/router/cyassl/swig/cyassl_adds.c | 208 | ||||
-rwxr-xr-x | release/src/router/cyassl/swig/python_cyassl.vcproj | 225 | ||||
-rw-r--r-- | release/src/router/cyassl/swig/rsasign.py | 35 | ||||
-rw-r--r-- | release/src/router/cyassl/swig/runme.py | 30 |
7 files changed, 593 insertions, 0 deletions
diff --git a/release/src/router/cyassl/swig/PythonBuild.sh b/release/src/router/cyassl/swig/PythonBuild.sh new file mode 100755 index 00000000..0fc2a880 --- /dev/null +++ b/release/src/router/cyassl/swig/PythonBuild.sh @@ -0,0 +1,9 @@ +#!/bin/bash +echo +swig -python cyassl.i +pythonIncludes=`python-config --includes` +pythonLibs=`python-config --libs` +gcc -c -fpic cyassl_wrap.c -I$pythonIncludes -I/usr/local/cyassl/include -DHAVE_CONFIG_H +gcc -c -fpic cyassl_adds.c -I/usr/local/cyassl/include +gcc -shared -flat_namespace cyassl_adds.o cyassl_wrap.o -lcyassl -L/usr/local/cyassl/lib $pythonLibs -o _cyassl.so +python runme.py diff --git a/release/src/router/cyassl/swig/README b/release/src/router/cyassl/swig/README new file mode 100644 index 00000000..302bc6be --- /dev/null +++ b/release/src/router/cyassl/swig/README @@ -0,0 +1,44 @@ + + +Initial swig interface file + +Please send questions to support@yassl.com + + + +**Python Support** + + For Linux, OS X, or *nix + +1) build CyaSSL with fpic on Linux, not needed on OS X + ./configure --disable-shared CFLAGS=-fpic + make + sudo make install + + +2) start the example echoserver from the examples/echoserver directory + ./echoserver + +3) run ./PtyonBuild.sh from this directory it will + a) build the swig wrapper file + b) compile the swig wrapper and cyassl wrapper files + c) place them into a cyassl shared library for python + d) run runme.py which will connect to the CyaSSL echo server, write a + string, then read the result and output it + + + Windows only + +1) Make sure the install path to cyassl doesn't have any spaces anywhere in the + directory path because swig doesn't like that +2) Have python for Windows installed, note install directory +3) Have swigwin installed, note install directory +4) Make sure swigwin install direcotry is added to PATH env. variable +5) Make sure env. variables PYTHON_INCLUDE and PYTHON_LIB are set correctly e.g. + PYTHON_INCLUE="c:\Python26\include" + PYTHON_LIB="c:\Python26\libs\python26.lib" +6) Build python_cyassl in Release mode only, Debug build fails to find a debug + python library that isn't included by default +7) The outputs _cyassl.pyd and cyassl.py are the cyassl import library +8) Can now run python runme.py from the swig directory + diff --git a/release/src/router/cyassl/swig/cyassl.i b/release/src/router/cyassl/swig/cyassl.i new file mode 100644 index 00000000..8e5c53cc --- /dev/null +++ b/release/src/router/cyassl/swig/cyassl.i @@ -0,0 +1,42 @@ + + +%module cyassl +%{ + #include "openssl/ssl.h" + #include "rsa.h" + + /* defn adds */ + char* CyaSSL_error_string(int err); + int CyaSSL_connect(SSL*, const char* server, int port); + RNG* GetRng(void); + RsaKey* GetRsaPrivateKey(const char* file); + void FillSignStr(unsigned char*, const char*, int); +%} + + +SSL_METHOD* TLSv1_client_method(void); +SSL_CTX* SSL_CTX_new(SSL_METHOD*); +int SSL_CTX_load_verify_locations(SSL_CTX*, const char*, const char*); +SSL* SSL_new(SSL_CTX*); +int SSL_get_error(SSL*, int); +int SSL_write(SSL*, const char*, int); +char* CyaSSL_error_string(int); +int CyaSSL_connect(SSL*, const char* server, int port); + +int RsaSSL_Sign(const unsigned char* in, int inLen, unsigned char* out, int outLen, RsaKey* key, RNG* rng); + +int RsaSSL_Verify(const unsigned char* in, int inLen, unsigned char* out, int outLen, RsaKey* key); + +RNG* GetRng(void); +RsaKey* GetRsaPrivateKey(const char* file); +void FillSignStr(unsigned char*, const char*, int); + +%include carrays.i +%include cdata.i +%array_class(unsigned char, byteArray); +int SSL_read(SSL*, unsigned char*, int); + + +#define SSL_FAILURE 0 +#define SSL_SUCCESS 1 + diff --git a/release/src/router/cyassl/swig/cyassl_adds.c b/release/src/router/cyassl/swig/cyassl_adds.c new file mode 100644 index 00000000..9dfae43b --- /dev/null +++ b/release/src/router/cyassl/swig/cyassl_adds.c @@ -0,0 +1,208 @@ +/* cyassl_adds.c */ +#ifndef _WIN32 + #define HAVE_CONFIG_H +#endif + +#include "openssl/ssl.h" +#include "rsa.h" +#include "asn.h" + +#include <stdio.h> +#include <stdlib.h> +#include <assert.h> +#include <ctype.h> + +#ifdef _WIN32 + #include <winsock2.h> + #include <process.h> + #ifdef TEST_IPV6 /* don't require newer SDK for IPV4 */ + #include <ws2tcpip.h> + #include <wspiapi.h> + #endif + #define SOCKET_T int +#else + #include <string.h> + #include <unistd.h> + #include <netdb.h> + #include <netinet/in.h> + #include <arpa/inet.h> + #include <sys/ioctl.h> + #include <sys/time.h> + #include <sys/types.h> + #include <sys/socket.h> + #include <pthread.h> + #ifdef NON_BLOCKING + #include <fcntl.h> + #endif + #ifdef TEST_IPV6 + #include <netdb.h> + #endif + #define SOCKET_T unsigned int +#endif /* _WIN32 */ + +#ifdef _MSC_VER + /* disable conversion warning */ + /* 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy */ + #pragma warning(disable:4244 4996) +#endif + +#if defined(__MACH__) || defined(_WIN32) + #ifndef _SOCKLEN_T + typedef int socklen_t; + #endif +#endif + + +/* HPUX doesn't use socklent_t for third parameter to accept */ +#if !defined(__hpux__) + typedef socklen_t* ACCEPT_THIRD_T; +#else + typedef int* ACCEPT_THIRD_T; +#endif + + +#ifdef _WIN32 + #define CloseSocket(s) closesocket(s) + #define StartTCP() { WSADATA wsd; WSAStartup(0x0002, &wsd); } +#else + #define CloseSocket(s) close(s) + #define StartTCP() +#endif + + +#ifdef TEST_IPV6 + typedef struct sockaddr_in6 SOCKADDR_IN_T; + #define AF_INET_V AF_INET6 +#else + typedef struct sockaddr_in SOCKADDR_IN_T; + #define AF_INET_V AF_INET +#endif + + +enum { + SSL_BLOCKING = 2, + SSL_NONBLOCKING = 4 +}; + + +static int tcp_socket(SOCKET_T* sockfd, SOCKADDR_IN_T* addr, const char* peer, + short port) +{ + const char* host = peer; + + /* peer could be in human readable form */ + if (isalpha(peer[0])) { + struct hostent* entry = gethostbyname(peer); + + if (entry) { + struct sockaddr_in tmp; + memset(&tmp, 0, sizeof(struct sockaddr_in)); + memcpy(&tmp.sin_addr.s_addr, entry->h_addr_list[0],entry->h_length); + host = inet_ntoa(tmp.sin_addr); + } + else + return -1; /* no entry for host */ + } + + *sockfd = socket(AF_INET, SOCK_STREAM, 0); + memset(addr, 0, sizeof(SOCKADDR_IN_T)); + + addr->sin_family = AF_INET; + addr->sin_port = htons(port); + addr->sin_addr.s_addr = inet_addr(host); + +#ifdef SO_NOSIGPIPE + { + int on = 1; + socklen_t len = sizeof(on); + setsockopt(*sockfd, SOL_SOCKET, SO_NOSIGPIPE, &on, len); + } +#endif + + return 0; +} + + +static int tcp_connect(SOCKET_T* sockfd, const char* ip, short port) +{ + SOCKADDR_IN_T addr; + int ret = tcp_socket(sockfd, &addr, ip, port); + if (ret != 0) return ret; + + if (connect(*sockfd, (const struct sockaddr*)&addr, sizeof(addr)) != 0) + return -2; /* can't connect */ + + return 0; +} + + +int CyaSSL_connect(SSL* ssl, const char* server, int port) +{ + SOCKET_T sockfd; + int ret = tcp_connect(&sockfd, server, port); + if (ret != 0) return ret; + + SSL_set_fd(ssl, sockfd); + + return SSL_connect(ssl); +} + + +char* CyaSSL_error_string(int err) +{ + static char buffer[80]; + + return ERR_error_string(err, buffer); +} + + +RNG* GetRng(void) +{ + RNG* rng = (RNG*)malloc(sizeof(RNG)); + + if (rng) + if (InitRng(rng) != 0) { + free(rng); + rng = 0; + } + + return rng; +} + + +RsaKey* GetRsaPrivateKey(const char* keyFile) +{ + RsaKey* key = (RsaKey*)malloc(sizeof(RsaKey)); + + if (key) { + byte tmp[1024]; + size_t bytes; + int ret; + word32 idx = 0; + FILE* file = fopen(keyFile, "rb"); + + if (!file) { + free(key); + return 0; + } + + bytes = fread(tmp, 1, sizeof(tmp), file); + fclose(file); + InitRsaKey(key, 0); + + ret = RsaPrivateKeyDecode(tmp, &idx, key, (word32)bytes); + if (ret != 0) { + FreeRsaKey(key); + free(key); + return 0; + } + } + return key; +} + + +void FillSignStr(unsigned char* dst, const char* src, int size) +{ + memcpy(dst, src, size); +} + diff --git a/release/src/router/cyassl/swig/python_cyassl.vcproj b/release/src/router/cyassl/swig/python_cyassl.vcproj new file mode 100755 index 00000000..d4373a94 --- /dev/null +++ b/release/src/router/cyassl/swig/python_cyassl.vcproj @@ -0,0 +1,225 @@ +<?xml version="1.0" encoding="Windows-1252"?> +<VisualStudioProject + ProjectType="Visual C++" + Version="9.00" + Name="python_cyassl" + ProjectGUID="{47A3ABA9-EC54-4788-BC7E-370595B2011A}" + RootNamespace="python_cyassl" + Keyword="Win32Proj" + TargetFrameworkVersion="196613" + > + <Platforms> + <Platform + Name="Win32" + /> + </Platforms> + <ToolFiles> + </ToolFiles> + <Configurations> + <Configuration + Name="Debug|Win32" + OutputDirectory="$(SolutionDir)$(ConfigurationName)" + IntermediateDirectory="$(ConfigurationName)" + ConfigurationType="2" + CharacterSet="1" + > + <Tool + Name="VCPreBuildEventTool" + /> + <Tool + Name="VCCustomBuildTool" + /> + <Tool + Name="VCXMLDataGeneratorTool" + /> + <Tool + Name="VCWebServiceProxyGeneratorTool" + /> + <Tool + Name="VCMIDLTool" + /> + <Tool + Name="VCCLCompilerTool" + Optimization="0" + AdditionalIncludeDirectories="../include;../ctaocrypt/include;"$(PYTHON_INCLUDE)"" + PreprocessorDefinitions="WIN32;_DEBUG;_WINDOWS;_USRDLL;PYTHON_CYASSL_EXPORTS" + MinimalRebuild="true" + BasicRuntimeChecks="3" + RuntimeLibrary="3" + UsePrecompiledHeader="0" + WarningLevel="3" + DebugInformationFormat="4" + /> + <Tool + Name="VCManagedResourceCompilerTool" + /> + <Tool + Name="VCResourceCompilerTool" + /> + <Tool + Name="VCPreLinkEventTool" + /> + <Tool + Name="VCLinkerTool" + AdditionalDependencies="$(PYTHON_LIB) Ws2_32.lib" + OutputFile="_cyassl.pyd" + LinkIncremental="2" + GenerateDebugInformation="true" + SubSystem="2" + TargetMachine="1" + /> + <Tool + Name="VCALinkTool" + /> + <Tool + Name="VCManifestTool" + /> + <Tool + Name="VCXDCMakeTool" + /> + <Tool + Name="VCBscMakeTool" + /> + <Tool + Name="VCFxCopTool" + /> + <Tool + Name="VCAppVerifierTool" + /> + <Tool + Name="VCPostBuildEventTool" + /> + </Configuration> + <Configuration + Name="Release|Win32" + OutputDirectory="$(SolutionDir)$(ConfigurationName)" + IntermediateDirectory="$(ConfigurationName)" + ConfigurationType="2" + CharacterSet="1" + WholeProgramOptimization="1" + > + <Tool + Name="VCPreBuildEventTool" + /> + <Tool + Name="VCCustomBuildTool" + /> + <Tool + Name="VCXMLDataGeneratorTool" + /> + <Tool + Name="VCWebServiceProxyGeneratorTool" + /> + <Tool + Name="VCMIDLTool" + /> + <Tool + Name="VCCLCompilerTool" + Optimization="2" + EnableIntrinsicFunctions="true" + AdditionalIncludeDirectories="../include;../ctaocrypt/include;"$(PYTHON_INCLUDE)"" + PreprocessorDefinitions="WIN32;NDEBUG;_WINDOWS;_USRDLL;PYTHON_CYASSL_EXPORTS" + RuntimeLibrary="2" + EnableFunctionLevelLinking="true" + UsePrecompiledHeader="0" + WarningLevel="3" + DebugInformationFormat="3" + /> + <Tool + Name="VCManagedResourceCompilerTool" + /> + <Tool + Name="VCResourceCompilerTool" + /> + <Tool + Name="VCPreLinkEventTool" + /> + <Tool + Name="VCLinkerTool" + AdditionalDependencies="$(PYTHON_LIB) Ws2_32.lib" + OutputFile="_cyassl.pyd" + LinkIncremental="1" + GenerateDebugInformation="true" + SubSystem="2" + OptimizeReferences="2" + EnableCOMDATFolding="2" + TargetMachine="1" + /> + <Tool + Name="VCALinkTool" + /> + <Tool + Name="VCManifestTool" + /> + <Tool + Name="VCXDCMakeTool" + /> + <Tool + Name="VCBscMakeTool" + /> + <Tool + Name="VCFxCopTool" + /> + <Tool + Name="VCAppVerifierTool" + /> + <Tool + Name="VCPostBuildEventTool" + /> + </Configuration> + </Configurations> + <References> + </References> + <Files> + <Filter + Name="Source Files" + Filter="cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx" + UniqueIdentifier="{4FC737F1-C7A5-4376-A066-2A32D752A2FF}" + > + <File + RelativePath=".\cyassl_adds.c" + > + </File> + <File + RelativePath=".\cyassl_wrap.c" + > + </File> + </Filter> + <Filter + Name="Header Files" + Filter="h;hpp;hxx;hm;inl;inc;xsd" + UniqueIdentifier="{93995380-89BD-4b04-88EB-625FBE52EBFB}" + > + </Filter> + <Filter + Name="Resource Files" + Filter="rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav" + UniqueIdentifier="{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}" + > + </Filter> + <File + RelativePath=".\cyassl.i" + > + <FileConfiguration + Name="Debug|Win32" + > + <Tool + Name="VCCustomBuildTool" + CommandLine="echo In order to function correctly, please ensure the following environment variables are correctly set:
echo PYTHON_INCLUDE: %PYTHON_INCLUDE%
echo PYTHON_LIB: %PYTHON_LIB%
echo on
swig.exe -python $(InputPath)
" + Outputs="$(InputName)_wrap.c" + /> + </FileConfiguration> + <FileConfiguration + Name="Release|Win32" + > + <Tool + Name="VCCustomBuildTool" + CommandLine="echo In order to function correctly, please ensure the following environment variables are correctly set:
echo PYTHON_INCLUDE: %PYTHON_INCLUDE%
echo PYTHON_LIB: %PYTHON_LIB%
echo on
swig.exe -python $(InputPath)" + Outputs="$(InputName)_wrap.c" + /> + </FileConfiguration> + </File> + </Files> + <Globals> + </Globals> +</VisualStudioProject> diff --git a/release/src/router/cyassl/swig/rsasign.py b/release/src/router/cyassl/swig/rsasign.py new file mode 100644 index 00000000..ad2e114f --- /dev/null +++ b/release/src/router/cyassl/swig/rsasign.py @@ -0,0 +1,35 @@ +# file: rsasign.py + +import cyassl + + +# start Random Number Generator +rng = cyassl.GetRng() +if rng == None: + print "Couldn't get an RNG" + exit(-1) + +# load RSA private key in DER format +key = cyassl.GetRsaPrivateKey("../certs/client-key.der") +if key == None: + print "Couldn't load DER private key file" + exit(-1) + +# Make byte Arrays and fill input +signOutput = cyassl.byteArray(128) # 128 allows 1024 bit private key +signStr = cyassl.byteArray(25) # input can't be larger then key size + # 64 for 512 bit 128 for 1024 bit +cyassl.FillSignStr(signStr, "Everybody gets Friday off", 25) + +# Do RSA Sign +signedSize = cyassl.RsaSSL_Sign(signStr, 25, signOutput, 128, key, rng) + +# Show output +print "Signed Size = ", signedSize, " signed array = ", cyassl.cdata(signOutput, signedSize) + +# let's verify this worked +signVerify = cyassl.byteArray(signedSize) +verifySize = cyassl.RsaSSL_Verify(signOutput, signedSize, signVerify, signedSize, key) + +print "Verify Size = ", verifySize, " verify array = ", cyassl.cdata(signVerify, verifySize) + diff --git a/release/src/router/cyassl/swig/runme.py b/release/src/router/cyassl/swig/runme.py new file mode 100644 index 00000000..1734a019 --- /dev/null +++ b/release/src/router/cyassl/swig/runme.py @@ -0,0 +1,30 @@ +# file: runme.py + +import cyassl + +print "" +print "Trying to connect to the echo server..." + +ctx = cyassl.SSL_CTX_new(cyassl.TLSv1_client_method()) +ret = cyassl.SSL_CTX_load_verify_locations(ctx, "../certs/ca-cert.pem", None) +ssl = cyassl.SSL_new(ctx) + +ret = cyassl.CyaSSL_connect(ssl, "localhost", 11111) + +if ret != cyassl.SSL_SUCCESS: + print "Couldn't do SSL connect" + err = cyassl.SSL_get_error(ssl, 0) + print "error string = ", cyassl.CyaSSL_error_string(err) + exit(-1) + +print "...Connected" +written = cyassl.SSL_write(ssl, "hello from python\r\n", 19) + +if written > 0: + print "Wrote ", written, " bytes" + +byteArray = cyassl.byteArray(100) +readBytes = cyassl.SSL_read(ssl, byteArray, 100) + +print "server reply: ", cyassl.cdata(byteArray, readBytes) + |