From f65c7fc9d46215fd2770d7f23afffd1bcc2bf5ff Mon Sep 17 00:00:00 2001 From: Kazuho Oku Date: Mon, 31 Oct 2016 11:52:25 +0900 Subject: [PATCH 1/4] x25519 using libsodium --- CMakeLists.txt | 36 ++++++++-- include/picotls/sodium.h | 31 +++++++++ lib/sodium.c | 138 +++++++++++++++++++++++++++++++++++++++ t/openssl.c | 44 ++++++++----- t/picotls.c | 82 +++++++++++++++-------- t/{test.c => sodium.c} | 44 ++----------- t/test.h | 4 +- 7 files changed, 287 insertions(+), 92 deletions(-) create mode 100644 include/picotls/sodium.h create mode 100644 lib/sodium.c rename t/{test.c => sodium.c} (52%) diff --git a/CMakeLists.txt b/CMakeLists.txt index daa20e234..619b758c1 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -3,18 +3,42 @@ CMAKE_POLICY(SET CMP0003 NEW) PROJECT(picotls) -FIND_PACKAGE(OpenSSL REQUIRED) +FIND_PACKAGE(PkgConfig REQUIRED) SET(CMAKE_C_FLAGS "-Wall -O2 -g ${CC_WARNING_FLAGS} ${CMAKE_C_FLAGS}") INCLUDE_DIRECTORIES(${OPENSSL_INCLUDE_DIR} deps/picotest include) +SET(TEST_EXES) -ADD_EXECUTABLE(test-openssl.t deps/picotest/picotest.c t/picotls.c t/openssl.c t/test.c) -TARGET_LINK_LIBRARIES(test-openssl.t ${OPENSSL_LIBRARIES}) +ADD_LIBRARY(picotls-core lib/picotls.c) -ADD_CUSTOM_TARGET(check prove --exec '' -v ./*.t DEPENDS test-openssl.t) +FIND_PACKAGE(OpenSSL) +IF (OPENSSL_FOUND AND NOT (OPENSSL_VERSION VERSION_LESS "1.0.2")) + MESSAGE(WARNING "Enabling OpenSSL support") + INCLUDE_DIRECTORIES(${OPENSSL_INCLUDE_DIR}) + ADD_LIBRARY(picotls-openssl lib/openssl.c) + ADD_EXECUTABLE(cli t/cli.c) + TARGET_LINK_LIBRARIES(cli picotls-openssl picotls-core ${OPENSSL_LIBRARIES}) + ADD_EXECUTABLE(test-openssl.t deps/picotest/picotest.c t/picotls.c t/openssl.c) + TARGET_LINK_LIBRARIES(test-openssl.t ${OPENSSL_LIBRARIES}) + SET(TEST_EXES ${TEST_EXES} test-openssl.t) +ELSE () + MESSAGE(WARNING "Disabling OpenSSL support") +ENDIF () + +PKG_CHECK_MODULES(LIBSODIUM libsodium) +IF (LIBSODIUM_FOUND) + MESSAGE(WARNING "Enabling libsodium support") + INCLUDE_DIRECTORIES(${LIBSODIUM_INCLUDE_DIRS}) + LINK_DIRECTORIES(${LIBSODIUM_LIBRARY_DIRS}) + ADD_LIBRARY(picotls-sodium lib/sodium.c) + ADD_EXECUTABLE(test-sodium.t deps/picotest/picotest.c t/picotls.c t/sodium.c) + TARGET_LINK_LIBRARIES(test-sodium.t ${LIBSODIUM_LIBRARIES}) + SET(TEST_EXES ${TEST_EXES} test-sodium.t) +ELSE () + MESSAGE(WARNING "Disabling libsodium support") +ENDIF () -ADD_EXECUTABLE(cli lib/picotls.c lib/openssl.c t/cli.c) -TARGET_LINK_LIBRARIES(cli ${OPENSSL_LIBRARIES}) +ADD_CUSTOM_TARGET(check prove --exec '' -v ./*.t DEPENDS ${TEST_EXES}) IF ("${CMAKE_SYSTEM_NAME}" MATCHES "SunOS") TARGET_LINK_LIBRARIES(cli "socket" "nsl") diff --git a/include/picotls/sodium.h b/include/picotls/sodium.h new file mode 100644 index 000000000..b62cc5b23 --- /dev/null +++ b/include/picotls/sodium.h @@ -0,0 +1,31 @@ +/* + * Copyright (c) 2016 DeNA Co., Ltd., Kazuho Oku + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to + * deal in the Software without restriction, including without limitation the + * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or + * sell copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING + * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS + * IN THE SOFTWARE. + */ +#ifndef picotls_sodium_h +#define picotls_sodium_h + +#include "picotls.h" + +void ptls_sodium_random_bytes(void *buf, size_t len); + +extern ptls_key_exchange_algorithm_t ptls_sodium_x25519; + +#endif diff --git a/lib/sodium.c b/lib/sodium.c new file mode 100644 index 000000000..15333d7f0 --- /dev/null +++ b/lib/sodium.c @@ -0,0 +1,138 @@ +/* + * Copyright (c) 2016 DeNA Co., Ltd., Kazuho Oku + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to + * deal in the Software without restriction, including without limitation the + * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or + * sell copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING + * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS + * IN THE SOFTWARE. + */ +#include +#include +#include "picotls.h" +#include "picotls/sodium.h" + +void ptls_sodium_random_bytes(void *buf, size_t len) +{ + randombytes(buf, len); +} + +struct st_x25519_key_exhchange_t { + ptls_key_exchange_context_t super; + uint8_t priv[crypto_box_SECRETKEYBYTES]; + uint8_t pub[crypto_box_PUBLICKEYBYTES]; +}; + +static void x25519_create_keypair(uint8_t *priv, uint8_t *pub) +{ + randombytes_buf(priv, crypto_box_SECRETKEYBYTES); + crypto_scalarmult_base(pub, priv); +} + +static int x25519_derive_secret(ptls_iovec_t *secret, const uint8_t *clientpriv, const uint8_t *clientpub, + const uint8_t *serverpriv, const uint8_t *serverpub) +{ + uint8_t q[crypto_scalarmult_BYTES]; + crypto_generichash_state h; + int ret; + + if (crypto_scalarmult(q, clientpriv != NULL ? clientpriv : serverpriv, clientpriv != NULL ? serverpub : clientpub) != 0) { + ret = PTLS_ALERT_DECRYPT_ERROR; + goto Exit; + } + + if ((secret->base = malloc(crypto_generichash_BYTES)) == NULL) { + ret = PTLS_ERROR_NO_MEMORY; + goto Exit; + } + secret->len = crypto_generichash_BYTES; + + crypto_generichash_init(&h, NULL, 0U, crypto_generichash_BYTES); + crypto_generichash_update(&h, q, sizeof(q)); + crypto_generichash_update(&h, clientpub, crypto_box_PUBLICKEYBYTES); + crypto_generichash_update(&h, serverpub, crypto_box_PUBLICKEYBYTES); + crypto_generichash_final(&h, secret->base, secret->len); + + ret = 0; +Exit: + ptls_clear_memory(q, sizeof(q)); + return ret; +} + +static int x25519_on_exchange(ptls_key_exchange_context_t *_ctx, ptls_iovec_t *secret, ptls_iovec_t peerkey) +{ + struct st_x25519_key_exhchange_t *ctx = (struct st_x25519_key_exhchange_t *)_ctx; + int ret; + + if (secret == NULL) { + ret = 0; + goto Exit; + } + + if (peerkey.len != crypto_box_PUBLICKEYBYTES) { + ret = PTLS_ALERT_DECRYPT_ERROR; + goto Exit; + } + ret = x25519_derive_secret(secret, ctx->priv, ctx->pub, NULL, peerkey.base); + +Exit: + ptls_clear_memory(ctx->priv, sizeof(ctx->priv)); + free(ctx); + return ret; +} + +static int x25519_create_key_exchange(ptls_key_exchange_context_t **_ctx, ptls_iovec_t *pubkey) +{ + struct st_x25519_key_exhchange_t *ctx; + + if ((ctx = (struct st_x25519_key_exhchange_t *)malloc(sizeof(*ctx))) == NULL) + return PTLS_ERROR_NO_MEMORY; + ctx->super = (ptls_key_exchange_context_t){x25519_on_exchange}; + x25519_create_keypair(ctx->priv, ctx->pub); + + *_ctx = &ctx->super; + *pubkey = ptls_iovec_init(ctx->pub, sizeof(ctx->pub)); + return 0; +} + +static int x25519_key_exchange(ptls_iovec_t *pubkey, ptls_iovec_t *secret, ptls_iovec_t peerkey) +{ + uint8_t priv[crypto_box_SECRETKEYBYTES], *pub = NULL; + int ret; + + if (peerkey.len != crypto_box_PUBLICKEYBYTES) { + ret = PTLS_ALERT_DECRYPT_ERROR; + goto Exit; + } + if ((pub = malloc(crypto_box_PUBLICKEYBYTES)) == NULL) { + ret = PTLS_ERROR_NO_MEMORY; + goto Exit; + } + + x25519_create_keypair(priv, pub); + if ((ret = x25519_derive_secret(secret, NULL, peerkey.base, priv, pub)) != 0) + goto Exit; + + *pubkey = ptls_iovec_init(pub, crypto_box_PUBLICKEYBYTES); + ret = 0; + +Exit: + ptls_clear_memory(priv, sizeof(priv)); + if (pub != NULL && ret != 0) + ptls_clear_memory(pub, sizeof(pub)); + return ret; +} + +ptls_key_exchange_algorithm_t ptls_sodium_x25519 = {PTLS_GROUP_SECP256R1, x25519_create_key_exchange, x25519_key_exchange}; diff --git a/t/openssl.c b/t/openssl.c index 067ab4fb8..0f3eb6233 100644 --- a/t/openssl.c +++ b/t/openssl.c @@ -24,6 +24,7 @@ #include #include #include +#include #include "../deps/picotest/picotest.h" #include "../lib/openssl.c" #include "test.h" @@ -83,7 +84,7 @@ static void test_ecdh_key_exchange(void) static void test_rsa_sign(void) { - ptls_openssl_lookup_certificate_t *lookup_certificate = (ptls_openssl_lookup_certificate_t *)ctx->lookup_certificate; + ptls_openssl_lookup_certificate_t *lookup_certificate = (ptls_openssl_lookup_certificate_t *)ctx.lookup_certificate; ok(select_compatible_signature_algorithm(lookup_certificate->identities[0]->key, (uint16_t[]){PTLS_SIGNATURE_ECDSA_SECP256R1_SHA256}, 1) == UINT16_MAX); @@ -98,18 +99,9 @@ static void test_rsa_sign(void) /* TODO verify */ } - -static ptls_context_t *setup_context(void) +static void setup_certificate_lookup(ptls_openssl_lookup_certificate_t *lookup) { - static int inited = 0; - static ptls_openssl_lookup_certificate_t lookup_certificate; - static ptls_context_t ctx = {ptls_openssl_random_bytes, ptls_openssl_key_exchanges, ptls_openssl_cipher_suites, - &lookup_certificate.super}; - - if (inited) - goto Exit; - - ptls_openssl_init_lookup_certificate(&lookup_certificate); + ptls_openssl_init_lookup_certificate(lookup); BIO *bio = BIO_new_mem_buf(RSA_PRIVATE_KEY, strlen(RSA_PRIVATE_KEY)); EVP_PKEY *pkey = PEM_read_bio_PrivateKey(bio, NULL, NULL, NULL); @@ -123,21 +115,37 @@ static ptls_context_t *setup_context(void) STACK_OF(X509) *certs = sk_X509_new(NULL); sk_X509_push(certs, cert); - ptls_openssl_lookup_certificate_add_identity(&lookup_certificate, "example.com", pkey, certs); + ptls_openssl_lookup_certificate_add_identity(lookup, "example.com", pkey, certs); sk_X509_free(certs); X509_free(cert); EVP_PKEY_free(pkey); - -Exit: - return &ctx; } -void test_openssl(void) + +int main(int argc, char **argv) { - ctx = setup_context(); + ptls_openssl_lookup_certificate_t lookup_certificate; + + ERR_load_crypto_strings(); + OpenSSL_add_all_algorithms(); +#if !defined(OPENSSL_NO_ENGINE) + /* Load all compiled-in ENGINEs */ + ENGINE_load_builtin_engines(); + ENGINE_register_all_ciphers(); + ENGINE_register_all_digests(); +#endif + + + ctx.random_bytes = ptls_openssl_random_bytes; + ctx.key_exchanges = ptls_openssl_key_exchanges; + ctx.cipher_suites = ptls_openssl_cipher_suites; + setup_certificate_lookup(&lookup_certificate); + ctx.lookup_certificate = &lookup_certificate.super; subtest("ecdh-key-exchange", test_ecdh_key_exchange); subtest("rsa-sign", test_rsa_sign); subtest("picotls", test_picotls); + + return done_testing(); } diff --git a/t/picotls.c b/t/picotls.c index b360e637a..4f4047107 100644 --- a/t/picotls.c +++ b/t/picotls.c @@ -26,10 +26,12 @@ #include "../lib/picotls.c" #include "test.h" +ptls_context_t ctx; + static ptls_cipher_suite_t *find_aes128gcmsha256(void) { ptls_cipher_suite_t **cs; - for (cs = ctx->cipher_suites; *cs != NULL; ++cs) + for (cs = ctx.cipher_suites; *cs != NULL; ++cs) if ((*cs)->id == PTLS_CIPHER_SUITE_AES_128_GCM_SHA256) return *cs; assert(!"FIXME"); @@ -244,9 +246,9 @@ static int lookup_certificate(ptls_lookup_certificate_t *self, ptls_t *tls, uint static void test_full_handshake(void) { lc_callcnt = 0; - test_handshake(ctx, ptls_iovec_init(NULL, 0), 0); + test_handshake(&ctx, ptls_iovec_init(NULL, 0), 0); ok(lc_callcnt == 1); - test_handshake(ctx, ptls_iovec_init(NULL, 0), 0); + test_handshake(&ctx, ptls_iovec_init(NULL, 0), 0); ok(lc_callcnt == 2); } @@ -277,41 +279,42 @@ static void test_resumption(void) ptls_encrypt_ticket_t et = {copy_ticket}; ptls_save_ticket_t st = {save_ticket}; - assert(ctx->ticket_lifetime == 0); - assert(ctx->max_early_data_size == 0); - assert(ctx->encrypt_ticket == NULL); - assert(ctx->decrypt_ticket == NULL); - assert(ctx->save_ticket == NULL); + assert(ctx.ticket_lifetime == 0); + assert(ctx.max_early_data_size == 0); + assert(ctx.encrypt_ticket == NULL); + assert(ctx.decrypt_ticket == NULL); + assert(ctx.save_ticket == NULL); + saved_ticket = ptls_iovec_init(NULL, 0); - ctx->ticket_lifetime = 86400; - ctx->max_early_data_size = 8192; - ctx->encrypt_ticket = &et; - ctx->decrypt_ticket = &et; - ctx->save_ticket = &st; + ctx.ticket_lifetime = 86400; + ctx.max_early_data_size = 8192; + ctx.encrypt_ticket = &et; + ctx.decrypt_ticket = &et; + ctx.save_ticket = &st; lc_callcnt = 0; - test_handshake(ctx, saved_ticket, 0); + test_handshake(&ctx, saved_ticket, 0); ok(lc_callcnt == 1); ok(saved_ticket.base != NULL); /* psk using saved ticket */ - test_handshake(ctx, saved_ticket, 0); + test_handshake(&ctx, saved_ticket, 0); ok(lc_callcnt == 1); /* psk-dhe using saved ticket */ - ctx->require_dhe_on_psk = 1; - test_handshake(ctx, saved_ticket, 0); + ctx.require_dhe_on_psk = 1; + test_handshake(&ctx, saved_ticket, 0); ok(lc_callcnt == 1); - ctx->require_dhe_on_psk = 0; + ctx.require_dhe_on_psk = 0; /* 0-rtt psk using saved ticket */ - test_handshake(ctx, saved_ticket, 1); + test_handshake(&ctx, saved_ticket, 1); - ctx->ticket_lifetime = 0; - ctx->max_early_data_size = 0; - ctx->encrypt_ticket = NULL; - ctx->decrypt_ticket = NULL; - ctx->save_ticket = NULL; + ctx.ticket_lifetime = 0; + ctx.max_early_data_size = 0; + ctx.encrypt_ticket = NULL; + ctx.decrypt_ticket = NULL; + ctx.save_ticket = NULL; } void test_picotls(void) @@ -321,11 +324,36 @@ void test_picotls(void) subtest("aead-aes128gcm", test_aes128gcm); ptls_lookup_certificate_t lc = {lookup_certificate}; - lc_orig = ctx->lookup_certificate; - ctx->lookup_certificate = &lc; + lc_orig = ctx.lookup_certificate; + ctx.lookup_certificate = &lc; subtest("full-handshake", test_full_handshake); subtest("resumption", test_resumption); - ctx->lookup_certificate = lc_orig; + ctx.lookup_certificate = lc_orig; +} + +void test_key_exchange(ptls_key_exchange_algorithm_t *algo) +{ + ptls_key_exchange_context_t *ctx; + ptls_iovec_t client_pubkey, client_secret, server_pubkey, server_secret; + int ret; + + /* fail */ + ret = algo->exchange(&server_pubkey, &server_secret, (ptls_iovec_t){NULL}); + ok(ret != 0); + + /* perform ecdh */ + ret = algo->create(&ctx, &client_pubkey); + ok(ret == 0); + ret = algo->exchange(&server_pubkey, &server_secret, client_pubkey); + ok(ret == 0); + ret = ctx->on_exchange(ctx, &client_secret, server_pubkey); + ok(ret == 0); + ok(client_secret.len == server_secret.len); + ok(memcmp(client_secret.base, server_secret.base, client_secret.len) == 0); + + free(client_secret.base); + free(server_pubkey.base); + free(server_secret.base); } diff --git a/t/test.c b/t/sodium.c similarity index 52% rename from t/test.c rename to t/sodium.c index 1e9f68d17..8ef604d03 100644 --- a/t/test.c +++ b/t/sodium.c @@ -19,52 +19,20 @@ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS * IN THE SOFTWARE. */ +#include +#include #include -#include -#include -#include #include "../deps/picotest/picotest.h" +#include "../lib/sodium.c" #include "test.h" -ptls_context_t *ctx; - -void test_key_exchange(ptls_key_exchange_algorithm_t *algo) +static void test_x25519_key_exchange(void) { - ptls_key_exchange_context_t *ctx; - ptls_iovec_t client_pubkey, client_secret, server_pubkey, server_secret; - int ret; - - /* fail */ - ret = algo->exchange(&server_pubkey, &server_secret, (ptls_iovec_t){NULL}); - ok(ret != 0); - - /* perform ecdh */ - ret = algo->create(&ctx, &client_pubkey); - ok(ret == 0); - ret = algo->exchange(&server_pubkey, &server_secret, client_pubkey); - ok(ret == 0); - ret = ctx->on_exchange(ctx, &client_secret, server_pubkey); - ok(ret == 0); - ok(client_secret.len == server_secret.len); - ok(memcmp(client_secret.base, server_secret.base, client_secret.len) == 0); - - free(client_secret.base); - free(server_pubkey.base); - free(server_secret.base); + test_key_exchange(&ptls_sodium_x25519); } int main(int argc, char **argv) { - ERR_load_crypto_strings(); - OpenSSL_add_all_algorithms(); -#if !defined(OPENSSL_NO_ENGINE) - /* Load all compiled-in ENGINEs */ - ENGINE_load_builtin_engines(); - ENGINE_register_all_ciphers(); - ENGINE_register_all_digests(); -#endif - - subtest("openssl", test_openssl); - + subtest("x25519", test_x25519_key_exchange); return done_testing(); } diff --git a/t/test.h b/t/test.h index 3f91f52e4..9e90187ac 100644 --- a/t/test.h +++ b/t/test.h @@ -24,11 +24,9 @@ #include "picotls.h" -extern ptls_context_t *ctx; +extern ptls_context_t ctx; void test_key_exchange(ptls_key_exchange_algorithm_t *algo); - void test_picotls(void); -void test_openssl(void); #endif From f0cb5948cb76c013c465bce2c51ab27e437a208a Mon Sep 17 00:00:00 2001 From: Kazuho Oku Date: Mon, 31 Oct 2016 13:35:05 +0900 Subject: [PATCH 2/4] update xcodeproj --- picotls.xcodeproj/project.pbxproj | 316 +++++++++++++++++++++++++++--- 1 file changed, 287 insertions(+), 29 deletions(-) diff --git a/picotls.xcodeproj/project.pbxproj b/picotls.xcodeproj/project.pbxproj index 2db139b8d..21692f7da 100644 --- a/picotls.xcodeproj/project.pbxproj +++ b/picotls.xcodeproj/project.pbxproj @@ -7,17 +7,31 @@ objects = { /* Begin PBXBuildFile section */ - 106530D51D9B3D61005B2C60 /* openssl.c in Sources */ = {isa = PBXBuildFile; fileRef = 106530C51D9B1A98005B2C60 /* openssl.c */; }; - 106530DE1D9B3E7F005B2C60 /* openssl.c in Sources */ = {isa = PBXBuildFile; fileRef = 106530C21D9B004B005B2C60 /* openssl.c */; }; + 1059FFCF1DC7014000FB4085 /* openssl.c in Sources */ = {isa = PBXBuildFile; fileRef = 106530C21D9B004B005B2C60 /* openssl.c */; }; + 1059FFD01DC701B200FB4085 /* libpicotls-openssl.a in Frameworks */ = {isa = PBXBuildFile; fileRef = 1059FFCE1DC7012300FB4085 /* libpicotls-openssl.a */; }; + 1059FFD31DC7021A00FB4085 /* picotls.c in Sources */ = {isa = PBXBuildFile; fileRef = 106530E91D9B7C13005B2C60 /* picotls.c */; }; + 1059FFD41DC7021A00FB4085 /* picotest.c in Sources */ = {isa = PBXBuildFile; fileRef = 106530E31D9B4021005B2C60 /* picotest.c */; }; + 1059FFE61DC7025300FB4085 /* sodium.h in Headers */ = {isa = PBXBuildFile; fileRef = 1059FFE51DC7025300FB4085 /* sodium.h */; }; + 1059FFEB1DC7027B00FB4085 /* sodium.c in Sources */ = {isa = PBXBuildFile; fileRef = 1059FFE71DC7025A00FB4085 /* sodium.c */; }; + 1059FFEC1DC7028500FB4085 /* sodium.c in Sources */ = {isa = PBXBuildFile; fileRef = 1059FFE91DC7026300FB4085 /* sodium.c */; }; + 1059FFED1DC702DE00FB4085 /* openssl.c in Sources */ = {isa = PBXBuildFile; fileRef = 106530C51D9B1A98005B2C60 /* openssl.c */; }; 106530E51D9B4021005B2C60 /* picotest.c in Sources */ = {isa = PBXBuildFile; fileRef = 106530E31D9B4021005B2C60 /* picotest.c */; }; - 106530E81D9B7B29005B2C60 /* test.c in Sources */ = {isa = PBXBuildFile; fileRef = 106530E71D9B7B29005B2C60 /* test.c */; }; 106530EA1D9B7C13005B2C60 /* picotls.c in Sources */ = {isa = PBXBuildFile; fileRef = 106530E91D9B7C13005B2C60 /* picotls.c */; }; 106530EB1D9B7C5C005B2C60 /* picotls.c in Sources */ = {isa = PBXBuildFile; fileRef = 106530BF1D998641005B2C60 /* picotls.c */; }; - 106530FD1DAD89DD005B2C60 /* libpicotls.a in Frameworks */ = {isa = PBXBuildFile; fileRef = 106530DA1D9B3E6F005B2C60 /* libpicotls.a */; }; + 106530FD1DAD89DD005B2C60 /* libpicotls-core.a in Frameworks */ = {isa = PBXBuildFile; fileRef = 106530DA1D9B3E6F005B2C60 /* libpicotls-core.a */; }; 106530FF1DAD8A3C005B2C60 /* cli.c in Sources */ = {isa = PBXBuildFile; fileRef = 106530FE1DAD8A3C005B2C60 /* cli.c */; }; /* End PBXBuildFile section */ /* Begin PBXCopyFilesBuildPhase section */ + 1059FFD71DC7021A00FB4085 /* CopyFiles */ = { + isa = PBXCopyFilesBuildPhase; + buildActionMask = 2147483647; + dstPath = /usr/share/man/man1/; + dstSubfolderSpec = 0; + files = ( + ); + runOnlyForDeploymentPostprocessing = 1; + }; 106530CA1D9B3D45005B2C60 /* CopyFiles */ = { isa = PBXCopyFilesBuildPhase; buildActionMask = 2147483647; @@ -39,16 +53,21 @@ /* End PBXCopyFilesBuildPhase section */ /* Begin PBXFileReference section */ + 1059FFCE1DC7012300FB4085 /* libpicotls-openssl.a */ = {isa = PBXFileReference; explicitFileType = archive.ar; includeInIndex = 0; path = "libpicotls-openssl.a"; sourceTree = BUILT_PRODUCTS_DIR; }; + 1059FFDB1DC7021A00FB4085 /* test-sodium */ = {isa = PBXFileReference; explicitFileType = "compiled.mach-o.executable"; includeInIndex = 0; path = "test-sodium"; sourceTree = BUILT_PRODUCTS_DIR; }; + 1059FFE41DC7022400FB4085 /* libpicotls-sodium.a */ = {isa = PBXFileReference; explicitFileType = archive.ar; includeInIndex = 0; path = "libpicotls-sodium.a"; sourceTree = BUILT_PRODUCTS_DIR; }; + 1059FFE51DC7025300FB4085 /* sodium.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = sodium.h; sourceTree = ""; }; + 1059FFE71DC7025A00FB4085 /* sodium.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = sodium.c; sourceTree = ""; }; + 1059FFE91DC7026300FB4085 /* sodium.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = sodium.c; sourceTree = ""; }; 106530BE1D99863B005B2C60 /* picotls.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = picotls.h; sourceTree = ""; }; 106530BF1D998641005B2C60 /* picotls.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = picotls.c; sourceTree = ""; }; 106530C21D9B004B005B2C60 /* openssl.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = openssl.c; sourceTree = ""; }; 106530C51D9B1A98005B2C60 /* openssl.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = openssl.c; sourceTree = ""; }; 106530CC1D9B3D45005B2C60 /* test-openssl */ = {isa = PBXFileReference; explicitFileType = "compiled.mach-o.executable"; includeInIndex = 0; path = "test-openssl"; sourceTree = BUILT_PRODUCTS_DIR; }; - 106530DA1D9B3E6F005B2C60 /* libpicotls.a */ = {isa = PBXFileReference; explicitFileType = archive.ar; includeInIndex = 0; path = libpicotls.a; sourceTree = BUILT_PRODUCTS_DIR; }; + 106530DA1D9B3E6F005B2C60 /* libpicotls-core.a */ = {isa = PBXFileReference; explicitFileType = archive.ar; includeInIndex = 0; path = "libpicotls-core.a"; sourceTree = BUILT_PRODUCTS_DIR; }; 106530E31D9B4021005B2C60 /* picotest.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = picotest.c; sourceTree = ""; }; 106530E41D9B4021005B2C60 /* picotest.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = picotest.h; sourceTree = ""; }; 106530E61D9B7AF6005B2C60 /* test.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = test.h; sourceTree = ""; }; - 106530E71D9B7B29005B2C60 /* test.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = test.c; sourceTree = ""; }; 106530E91D9B7C13005B2C60 /* picotls.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = picotls.c; sourceTree = ""; }; 106530ED1D9CEFF7005B2C60 /* openssl.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; name = openssl.h; path = include/picotls/openssl.h; sourceTree = SOURCE_ROOT; }; 106530FC1DAD8985005B2C60 /* cli */ = {isa = PBXFileReference; explicitFileType = "compiled.mach-o.executable"; includeInIndex = 0; path = cli; sourceTree = BUILT_PRODUCTS_DIR; }; @@ -56,6 +75,27 @@ /* End PBXFileReference section */ /* Begin PBXFrameworksBuildPhase section */ + 1059FFC91DC7012300FB4085 /* Frameworks */ = { + isa = PBXFrameworksBuildPhase; + buildActionMask = 2147483647; + files = ( + ); + runOnlyForDeploymentPostprocessing = 0; + }; + 1059FFD61DC7021A00FB4085 /* Frameworks */ = { + isa = PBXFrameworksBuildPhase; + buildActionMask = 2147483647; + files = ( + ); + runOnlyForDeploymentPostprocessing = 0; + }; + 1059FFDF1DC7022400FB4085 /* Frameworks */ = { + isa = PBXFrameworksBuildPhase; + buildActionMask = 2147483647; + files = ( + ); + runOnlyForDeploymentPostprocessing = 0; + }; 106530C91D9B3D45005B2C60 /* Frameworks */ = { isa = PBXFrameworksBuildPhase; buildActionMask = 2147483647; @@ -74,7 +114,8 @@ isa = PBXFrameworksBuildPhase; buildActionMask = 2147483647; files = ( - 106530FD1DAD89DD005B2C60 /* libpicotls.a in Frameworks */, + 1059FFD01DC701B200FB4085 /* libpicotls-openssl.a in Frameworks */, + 106530FD1DAD89DD005B2C60 /* libpicotls-core.a in Frameworks */, ); runOnlyForDeploymentPostprocessing = 0; }; @@ -96,8 +137,11 @@ isa = PBXGroup; children = ( 106530CC1D9B3D45005B2C60 /* test-openssl */, - 106530DA1D9B3E6F005B2C60 /* libpicotls.a */, + 106530DA1D9B3E6F005B2C60 /* libpicotls-core.a */, 106530FC1DAD8985005B2C60 /* cli */, + 1059FFCE1DC7012300FB4085 /* libpicotls-openssl.a */, + 1059FFDB1DC7021A00FB4085 /* test-sodium */, + 1059FFE41DC7022400FB4085 /* libpicotls-sodium.a */, ); name = Products; sourceTree = ""; @@ -114,8 +158,9 @@ 106530BD1D998624005B2C60 /* lib */ = { isa = PBXGroup; children = ( - 106530C21D9B004B005B2C60 /* openssl.c */, 106530BF1D998641005B2C60 /* picotls.c */, + 106530C21D9B004B005B2C60 /* openssl.c */, + 1059FFE71DC7025A00FB4085 /* sodium.c */, ); path = lib; sourceTree = ""; @@ -126,8 +171,8 @@ 106530FE1DAD8A3C005B2C60 /* cli.c */, 106530E91D9B7C13005B2C60 /* picotls.c */, 106530C51D9B1A98005B2C60 /* openssl.c */, + 1059FFE91DC7026300FB4085 /* sodium.c */, 106530E61D9B7AF6005B2C60 /* test.h */, - 106530E71D9B7B29005B2C60 /* test.c */, ); path = t; sourceTree = ""; @@ -153,6 +198,7 @@ isa = PBXGroup; children = ( 106530ED1D9CEFF7005B2C60 /* openssl.h */, + 1059FFE51DC7025300FB4085 /* sodium.h */, ); path = picotls; sourceTree = ""; @@ -160,16 +206,82 @@ /* End PBXGroup section */ /* Begin PBXHeadersBuildPhase section */ + 1059FFCA1DC7012300FB4085 /* Headers */ = { + isa = PBXHeadersBuildPhase; + buildActionMask = 2147483647; + files = ( + ); + runOnlyForDeploymentPostprocessing = 0; + }; + 1059FFE01DC7022400FB4085 /* Headers */ = { + isa = PBXHeadersBuildPhase; + buildActionMask = 2147483647; + files = ( + ); + runOnlyForDeploymentPostprocessing = 0; + }; 106530D81D9B3E6F005B2C60 /* Headers */ = { isa = PBXHeadersBuildPhase; buildActionMask = 2147483647; files = ( + 1059FFE61DC7025300FB4085 /* sodium.h in Headers */, ); runOnlyForDeploymentPostprocessing = 0; }; /* End PBXHeadersBuildPhase section */ /* Begin PBXNativeTarget section */ + 1059FFC51DC7012300FB4085 /* picotls-openssl */ = { + isa = PBXNativeTarget; + buildConfigurationList = 1059FFCB1DC7012300FB4085 /* Build configuration list for PBXNativeTarget "picotls-openssl" */; + buildPhases = ( + 1059FFC61DC7012300FB4085 /* Sources */, + 1059FFC91DC7012300FB4085 /* Frameworks */, + 1059FFCA1DC7012300FB4085 /* Headers */, + ); + buildRules = ( + ); + dependencies = ( + ); + name = "picotls-openssl"; + productName = picotls; + productReference = 1059FFCE1DC7012300FB4085 /* libpicotls-openssl.a */; + productType = "com.apple.product-type.library.static"; + }; + 1059FFD11DC7021A00FB4085 /* test-sodium */ = { + isa = PBXNativeTarget; + buildConfigurationList = 1059FFD81DC7021A00FB4085 /* Build configuration list for PBXNativeTarget "test-sodium" */; + buildPhases = ( + 1059FFD21DC7021A00FB4085 /* Sources */, + 1059FFD61DC7021A00FB4085 /* Frameworks */, + 1059FFD71DC7021A00FB4085 /* CopyFiles */, + ); + buildRules = ( + ); + dependencies = ( + ); + name = "test-sodium"; + productName = "test-crypto-openssl"; + productReference = 1059FFDB1DC7021A00FB4085 /* test-sodium */; + productType = "com.apple.product-type.tool"; + }; + 1059FFDC1DC7022400FB4085 /* picotls-sodium */ = { + isa = PBXNativeTarget; + buildConfigurationList = 1059FFE11DC7022400FB4085 /* Build configuration list for PBXNativeTarget "picotls-sodium" */; + buildPhases = ( + 1059FFDD1DC7022400FB4085 /* Sources */, + 1059FFDF1DC7022400FB4085 /* Frameworks */, + 1059FFE01DC7022400FB4085 /* Headers */, + ); + buildRules = ( + ); + dependencies = ( + ); + name = "picotls-sodium"; + productName = picotls; + productReference = 1059FFE41DC7022400FB4085 /* libpicotls-sodium.a */; + productType = "com.apple.product-type.library.static"; + }; 106530CB1D9B3D45005B2C60 /* test-openssl */ = { isa = PBXNativeTarget; buildConfigurationList = 106530D01D9B3D45005B2C60 /* Build configuration list for PBXNativeTarget "test-openssl" */; @@ -187,9 +299,9 @@ productReference = 106530CC1D9B3D45005B2C60 /* test-openssl */; productType = "com.apple.product-type.tool"; }; - 106530D91D9B3E6F005B2C60 /* picotls */ = { + 106530D91D9B3E6F005B2C60 /* picotls-core */ = { isa = PBXNativeTarget; - buildConfigurationList = 106530DD1D9B3E6F005B2C60 /* Build configuration list for PBXNativeTarget "picotls" */; + buildConfigurationList = 106530DD1D9B3E6F005B2C60 /* Build configuration list for PBXNativeTarget "picotls-core" */; buildPhases = ( 106530D61D9B3E6F005B2C60 /* Sources */, 106530D71D9B3E6F005B2C60 /* Frameworks */, @@ -199,9 +311,9 @@ ); dependencies = ( ); - name = picotls; + name = "picotls-core"; productName = picotls; - productReference = 106530DA1D9B3E6F005B2C60 /* libpicotls.a */; + productReference = 106530DA1D9B3E6F005B2C60 /* libpicotls-core.a */; productType = "com.apple.product-type.library.static"; }; 106530F11DAD8985005B2C60 /* cli */ = { @@ -250,22 +362,50 @@ projectDirPath = ""; projectRoot = ""; targets = ( - 106530D91D9B3E6F005B2C60 /* picotls */, + 106530D91D9B3E6F005B2C60 /* picotls-core */, + 1059FFC51DC7012300FB4085 /* picotls-openssl */, + 1059FFDC1DC7022400FB4085 /* picotls-sodium */, 106530F11DAD8985005B2C60 /* cli */, 106530CB1D9B3D45005B2C60 /* test-openssl */, + 1059FFD11DC7021A00FB4085 /* test-sodium */, ); }; /* End PBXProject section */ /* Begin PBXSourcesBuildPhase section */ + 1059FFC61DC7012300FB4085 /* Sources */ = { + isa = PBXSourcesBuildPhase; + buildActionMask = 2147483647; + files = ( + 1059FFCF1DC7014000FB4085 /* openssl.c in Sources */, + ); + runOnlyForDeploymentPostprocessing = 0; + }; + 1059FFD21DC7021A00FB4085 /* Sources */ = { + isa = PBXSourcesBuildPhase; + buildActionMask = 2147483647; + files = ( + 1059FFD31DC7021A00FB4085 /* picotls.c in Sources */, + 1059FFD41DC7021A00FB4085 /* picotest.c in Sources */, + 1059FFEC1DC7028500FB4085 /* sodium.c in Sources */, + ); + runOnlyForDeploymentPostprocessing = 0; + }; + 1059FFDD1DC7022400FB4085 /* Sources */ = { + isa = PBXSourcesBuildPhase; + buildActionMask = 2147483647; + files = ( + 1059FFEB1DC7027B00FB4085 /* sodium.c in Sources */, + ); + runOnlyForDeploymentPostprocessing = 0; + }; 106530C81D9B3D45005B2C60 /* Sources */ = { isa = PBXSourcesBuildPhase; buildActionMask = 2147483647; files = ( 106530EA1D9B7C13005B2C60 /* picotls.c in Sources */, + 1059FFED1DC702DE00FB4085 /* openssl.c in Sources */, 106530E51D9B4021005B2C60 /* picotest.c in Sources */, - 106530D51D9B3D61005B2C60 /* openssl.c in Sources */, - 106530E81D9B7B29005B2C60 /* test.c in Sources */, ); runOnlyForDeploymentPostprocessing = 0; }; @@ -274,7 +414,6 @@ buildActionMask = 2147483647; files = ( 106530EB1D9B7C5C005B2C60 /* picotls.c in Sources */, - 106530DE1D9B3E7F005B2C60 /* openssl.c in Sources */, ); runOnlyForDeploymentPostprocessing = 0; }; @@ -289,6 +428,84 @@ /* End PBXSourcesBuildPhase section */ /* Begin XCBuildConfiguration section */ + 1059FFCC1DC7012300FB4085 /* Debug */ = { + isa = XCBuildConfiguration; + buildSettings = { + EXECUTABLE_PREFIX = lib; + HEADER_SEARCH_PATHS = ( + "/usr/local/openssl-1.0.2/include", + include, + ); + LIBRARY_SEARCH_PATHS = "/usr/local/openssl-1.0.2/lib"; + PRODUCT_NAME = "$(TARGET_NAME)"; + }; + name = Debug; + }; + 1059FFCD1DC7012300FB4085 /* Release */ = { + isa = XCBuildConfiguration; + buildSettings = { + EXECUTABLE_PREFIX = lib; + HEADER_SEARCH_PATHS = ( + "/usr/local/openssl-1.0.2/include", + include, + ); + LIBRARY_SEARCH_PATHS = "/usr/local/openssl-1.0.2/lib"; + PRODUCT_NAME = "$(TARGET_NAME)"; + }; + name = Release; + }; + 1059FFD91DC7021A00FB4085 /* Debug */ = { + isa = XCBuildConfiguration; + buildSettings = { + HEADER_SEARCH_PATHS = ( + /usr/local/include, + include, + ); + LIBRARY_SEARCH_PATHS = /usr/local/lib; + OTHER_LDFLAGS = "-lsodium"; + PRODUCT_NAME = "$(TARGET_NAME)"; + }; + name = Debug; + }; + 1059FFDA1DC7021A00FB4085 /* Release */ = { + isa = XCBuildConfiguration; + buildSettings = { + HEADER_SEARCH_PATHS = ( + /usr/local/include, + include, + ); + LIBRARY_SEARCH_PATHS = /usr/local/lib; + OTHER_LDFLAGS = "-lsodium"; + PRODUCT_NAME = "$(TARGET_NAME)"; + }; + name = Release; + }; + 1059FFE21DC7022400FB4085 /* Debug */ = { + isa = XCBuildConfiguration; + buildSettings = { + EXECUTABLE_PREFIX = lib; + HEADER_SEARCH_PATHS = ( + /usr/local/include, + include, + ); + LIBRARY_SEARCH_PATHS = /usr/local/lib; + PRODUCT_NAME = "$(TARGET_NAME)"; + }; + name = Debug; + }; + 1059FFE31DC7022400FB4085 /* Release */ = { + isa = XCBuildConfiguration; + buildSettings = { + EXECUTABLE_PREFIX = lib; + HEADER_SEARCH_PATHS = ( + /usr/local/include, + include, + ); + LIBRARY_SEARCH_PATHS = /usr/local/lib; + PRODUCT_NAME = "$(TARGET_NAME)"; + }; + name = Release; + }; 106530B71D9985E0005B2C60 /* Debug */ = { isa = XCBuildConfiguration; buildSettings = { @@ -326,11 +543,8 @@ GCC_WARN_UNINITIALIZED_AUTOS = YES_AGGRESSIVE; GCC_WARN_UNUSED_FUNCTION = YES; GCC_WARN_UNUSED_VARIABLE = YES; - HEADER_SEARCH_PATHS = ( - "/usr/local/openssl-1.0.2/include", - include, - ); - LIBRARY_SEARCH_PATHS = "/usr/local/openssl-1.0.2/lib"; + HEADER_SEARCH_PATHS = include; + LIBRARY_SEARCH_PATHS = ""; MACOSX_DEPLOYMENT_TARGET = 10.11; MTL_ENABLE_DEBUG_INFO = YES; ONLY_ACTIVE_ARCH = YES; @@ -369,11 +583,8 @@ GCC_WARN_UNINITIALIZED_AUTOS = YES_AGGRESSIVE; GCC_WARN_UNUSED_FUNCTION = YES; GCC_WARN_UNUSED_VARIABLE = YES; - HEADER_SEARCH_PATHS = ( - "/usr/local/openssl-1.0.2/include", - include, - ); - LIBRARY_SEARCH_PATHS = "/usr/local/openssl-1.0.2/lib"; + HEADER_SEARCH_PATHS = include; + LIBRARY_SEARCH_PATHS = ""; MACOSX_DEPLOYMENT_TARGET = 10.11; MTL_ENABLE_DEBUG_INFO = NO; SDKROOT = macosx; @@ -383,6 +594,11 @@ 106530D11D9B3D45005B2C60 /* Debug */ = { isa = XCBuildConfiguration; buildSettings = { + HEADER_SEARCH_PATHS = ( + "/usr/local/openssl-1.0.2/include", + include, + ); + LIBRARY_SEARCH_PATHS = "/usr/local/openssl-1.0.2/lib"; OTHER_LDFLAGS = "-lcrypto"; PRODUCT_NAME = "$(TARGET_NAME)"; }; @@ -391,6 +607,11 @@ 106530D21D9B3D45005B2C60 /* Release */ = { isa = XCBuildConfiguration; buildSettings = { + HEADER_SEARCH_PATHS = ( + "/usr/local/openssl-1.0.2/include", + include, + ); + LIBRARY_SEARCH_PATHS = "/usr/local/openssl-1.0.2/lib"; OTHER_LDFLAGS = "-lcrypto"; PRODUCT_NAME = "$(TARGET_NAME)"; }; @@ -415,6 +636,11 @@ 106530FA1DAD8985005B2C60 /* Debug */ = { isa = XCBuildConfiguration; buildSettings = { + HEADER_SEARCH_PATHS = ( + "/usr/local/openssl-1.0.2/include", + include, + ); + LIBRARY_SEARCH_PATHS = "/usr/local/openssl-1.0.2/lib"; OTHER_LDFLAGS = "-lcrypto"; PRODUCT_NAME = "$(TARGET_NAME)"; }; @@ -423,6 +649,11 @@ 106530FB1DAD8985005B2C60 /* Release */ = { isa = XCBuildConfiguration; buildSettings = { + HEADER_SEARCH_PATHS = ( + "/usr/local/openssl-1.0.2/include", + include, + ); + LIBRARY_SEARCH_PATHS = "/usr/local/openssl-1.0.2/lib"; OTHER_LDFLAGS = "-lcrypto"; PRODUCT_NAME = "$(TARGET_NAME)"; }; @@ -431,6 +662,33 @@ /* End XCBuildConfiguration section */ /* Begin XCConfigurationList section */ + 1059FFCB1DC7012300FB4085 /* Build configuration list for PBXNativeTarget "picotls-openssl" */ = { + isa = XCConfigurationList; + buildConfigurations = ( + 1059FFCC1DC7012300FB4085 /* Debug */, + 1059FFCD1DC7012300FB4085 /* Release */, + ); + defaultConfigurationIsVisible = 0; + defaultConfigurationName = Release; + }; + 1059FFD81DC7021A00FB4085 /* Build configuration list for PBXNativeTarget "test-sodium" */ = { + isa = XCConfigurationList; + buildConfigurations = ( + 1059FFD91DC7021A00FB4085 /* Debug */, + 1059FFDA1DC7021A00FB4085 /* Release */, + ); + defaultConfigurationIsVisible = 0; + defaultConfigurationName = Release; + }; + 1059FFE11DC7022400FB4085 /* Build configuration list for PBXNativeTarget "picotls-sodium" */ = { + isa = XCConfigurationList; + buildConfigurations = ( + 1059FFE21DC7022400FB4085 /* Debug */, + 1059FFE31DC7022400FB4085 /* Release */, + ); + defaultConfigurationIsVisible = 0; + defaultConfigurationName = Release; + }; 106530AD1D9985E0005B2C60 /* Build configuration list for PBXProject "picotls" */ = { isa = XCConfigurationList; buildConfigurations = ( @@ -449,7 +707,7 @@ defaultConfigurationIsVisible = 0; defaultConfigurationName = Release; }; - 106530DD1D9B3E6F005B2C60 /* Build configuration list for PBXNativeTarget "picotls" */ = { + 106530DD1D9B3E6F005B2C60 /* Build configuration list for PBXNativeTarget "picotls-core" */ = { isa = XCConfigurationList; buildConfigurations = ( 106530DB1D9B3E6F005B2C60 /* Debug */, From adf5cab59ca2426bb7b1e5cfdd326a815142052f Mon Sep 17 00:00:00 2001 From: Kazuho Oku Date: Mon, 31 Oct 2016 13:47:52 +0900 Subject: [PATCH 3/4] we support openssl >= 1.0.1 --- CMakeLists.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 619b758c1..38c9f44d3 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -12,7 +12,7 @@ SET(TEST_EXES) ADD_LIBRARY(picotls-core lib/picotls.c) FIND_PACKAGE(OpenSSL) -IF (OPENSSL_FOUND AND NOT (OPENSSL_VERSION VERSION_LESS "1.0.2")) +IF (OPENSSL_FOUND AND NOT (OPENSSL_VERSION VERSION_LESS "1.0.1")) MESSAGE(WARNING "Enabling OpenSSL support") INCLUDE_DIRECTORIES(${OPENSSL_INCLUDE_DIR}) ADD_LIBRARY(picotls-openssl lib/openssl.c) From 97a506b491d5367a2368e054d9a9b0d4eedaa158 Mon Sep 17 00:00:00 2001 From: Kazuho Oku Date: Mon, 31 Oct 2016 14:33:56 +0900 Subject: [PATCH 4/4] add key_exchanges list --- include/picotls/sodium.h | 1 + lib/sodium.c | 1 + 2 files changed, 2 insertions(+) diff --git a/include/picotls/sodium.h b/include/picotls/sodium.h index b62cc5b23..4453f1ff3 100644 --- a/include/picotls/sodium.h +++ b/include/picotls/sodium.h @@ -27,5 +27,6 @@ void ptls_sodium_random_bytes(void *buf, size_t len); extern ptls_key_exchange_algorithm_t ptls_sodium_x25519; +extern ptls_key_exchange_algorithm_t *ptls_sodium_key_exchanges[]; #endif diff --git a/lib/sodium.c b/lib/sodium.c index 15333d7f0..aebd9a1d0 100644 --- a/lib/sodium.c +++ b/lib/sodium.c @@ -136,3 +136,4 @@ static int x25519_key_exchange(ptls_iovec_t *pubkey, ptls_iovec_t *secret, ptls_ } ptls_key_exchange_algorithm_t ptls_sodium_x25519 = {PTLS_GROUP_SECP256R1, x25519_create_key_exchange, x25519_key_exchange}; +ptls_key_exchange_algorithm_t *ptls_sodium_key_exchanges[] = {&ptls_sodium_x25519, NULL};