From 0155b2098eeb591fa4e558a4a79993c6e067f3ec Mon Sep 17 00:00:00 2001 From: 3DSGuy <3dsguy.dev@gmail.com> Date: Sun, 16 Feb 2014 16:55:00 +0800 Subject: [PATCH] makerom v0.1 --- Application.desc | 258 +++ Application.rsf | 37 + Makefile | 59 + accessdesc_sig.h | 52 + blz.c | 336 ++++ blz.h | 9 + certs.c | 139 ++ certs.h | 47 + cia.c | 613 ++++++ cia.h | 109 ++ crypto.c | 423 +++++ crypto.h | 101 + elf.c | 954 ++++++++++ elf.h | 87 + elf_hdr.h | 177 ++ exefs.c | 179 ++ exefs.h | 54 + exheader.c | 488 +++++ exheader.h | 188 ++ keys_debug.h | 884 +++++++++ keys_retail.h | 557 ++++++ keyset.c | 200 ++ keyset.h | 58 + lib.h | 40 + libyaml/LICENSE | 19 + libyaml/api.c | 1391 ++++++++++++++ libyaml/dumper.c | 394 ++++ libyaml/emitter.c | 2329 +++++++++++++++++++++++ libyaml/loader.c | 432 +++++ libyaml/parser.c | 1374 ++++++++++++++ libyaml/reader.c | 465 +++++ libyaml/scanner.c | 3570 ++++++++++++++++++++++++++++++++++ libyaml/writer.c | 141 ++ libyaml/yaml.h | 1962 +++++++++++++++++++ libyaml/yaml_private.h | 646 +++++++ logo_data.h | 29 + makerom.c | 93 + makerom.h | 0 ncch.c | 1045 ++++++++++ ncch.h | 238 +++ ncsd.c | 554 ++++++ ncsd.h | 162 ++ polarssl/aes.c | 1352 +++++++++++++ polarssl/aes.h | 202 ++ polarssl/arc4.c | 173 ++ polarssl/arc4.h | 98 + polarssl/asn1.h | 246 +++ polarssl/asn1parse.c | 260 +++ polarssl/asn1write.c | 241 +++ polarssl/asn1write.h | 46 + polarssl/base64.c | 269 +++ polarssl/base64.h | 87 + polarssl/bignum.c | 2135 +++++++++++++++++++++ polarssl/bignum.h | 685 +++++++ polarssl/blowfish.c | 632 +++++++ polarssl/blowfish.h | 171 ++ polarssl/bn_mul.h | 864 +++++++++ polarssl/camellia.c | 1035 ++++++++++ polarssl/camellia.h | 200 ++ polarssl/certs.c | 196 ++ polarssl/certs.h | 47 + polarssl/cipher.c | 601 ++++++ polarssl/cipher.h | 463 +++++ polarssl/cipher_wrap.c | 711 +++++++ polarssl/cipher_wrap.h | 107 ++ polarssl/config.h | 1012 ++++++++++ polarssl/ctr_drbg.c | 562 ++++++ polarssl/ctr_drbg.h | 231 +++ polarssl/debug.c | 238 +++ polarssl/debug.h | 89 + polarssl/des.c | 997 ++++++++++ polarssl/des.h | 252 +++ polarssl/dhm.c | 302 +++ polarssl/dhm.h | 244 +++ polarssl/entropy.c | 204 ++ polarssl/entropy.h | 153 ++ polarssl/entropy_poll.c | 136 ++ polarssl/entropy_poll.h | 75 + polarssl/error.c | 612 ++++++ polarssl/error.h | 108 ++ polarssl/gcm.c | 621 ++++++ polarssl/gcm.h | 147 ++ polarssl/havege.c | 231 +++ polarssl/havege.h | 71 + polarssl/md.c | 298 +++ polarssl/md.h | 363 ++++ polarssl/md2.c | 368 ++++ polarssl/md2.h | 171 ++ polarssl/md4.c | 464 +++++ polarssl/md4.h | 177 ++ polarssl/md5.c | 585 ++++++ polarssl/md5.h | 182 ++ polarssl/md_wrap.c | 733 +++++++ polarssl/md_wrap.h | 64 + polarssl/net.c | 374 ++++ polarssl/net.h | 159 ++ polarssl/openssl.h | 136 ++ polarssl/padlock.c | 162 ++ polarssl/padlock.h | 108 ++ polarssl/pbkdf2.c | 60 + polarssl/pbkdf2.h | 82 + polarssl/pem.c | 355 ++++ polarssl/pem.h | 105 + polarssl/pkcs11.c | 238 +++ polarssl/pkcs11.h | 161 ++ polarssl/pkcs12.c | 330 ++++ polarssl/pkcs12.h | 131 ++ polarssl/pkcs5.c | 415 ++++ polarssl/pkcs5.h | 122 ++ polarssl/rsa.c | 1466 ++++++++++++++ polarssl/rsa.h | 597 ++++++ polarssl/sha1.c | 624 ++++++ polarssl/sha1.h | 180 ++ polarssl/sha2.c | 705 +++++++ polarssl/sha2.h | 188 ++ polarssl/sha4.c | 760 ++++++++ polarssl/sha4.h | 186 ++ polarssl/ssl.h | 1140 +++++++++++ polarssl/ssl_cache.c | 221 +++ polarssl/ssl_cache.h | 119 ++ polarssl/ssl_cli.c | 1386 ++++++++++++++ polarssl/ssl_srv.c | 1623 ++++++++++++++++ polarssl/ssl_tls.c | 3991 +++++++++++++++++++++++++++++++++++++++ polarssl/timing.c | 312 +++ polarssl/timing.h | 75 + polarssl/version.c | 50 + polarssl/version.h | 81 + polarssl/x509.h | 778 ++++++++ polarssl/x509parse.c | 3809 +++++++++++++++++++++++++++++++++++++ polarssl/x509write.c | 285 +++ polarssl/x509write.h | 46 + polarssl/xtea.c | 251 +++ polarssl/xtea.h | 129 ++ romfs.c | 31 + romfs.h | 11 + srl.h | 96 + tik.c | 89 + tik.h | 86 + titleid.c | 241 +++ titleid.h | 99 + tmd.c | 92 + tmd.h | 68 + types.h | 39 + usersettings.c | 908 +++++++++ usersettings.h | 318 ++++ utils.c | 373 ++++ utils.h | 46 + yaml_ctr.c | 445 +++++ yaml_ctr.h | 68 + yamlsettings.c | 636 +++++++ yamlsettings.h | 17 + 151 files changed, 67007 insertions(+) create mode 100644 Application.desc create mode 100644 Application.rsf create mode 100644 Makefile create mode 100644 accessdesc_sig.h create mode 100644 blz.c create mode 100644 blz.h create mode 100644 certs.c create mode 100644 certs.h create mode 100644 cia.c create mode 100644 cia.h create mode 100644 crypto.c create mode 100644 crypto.h create mode 100644 elf.c create mode 100644 elf.h create mode 100644 elf_hdr.h create mode 100644 exefs.c create mode 100644 exefs.h create mode 100644 exheader.c create mode 100644 exheader.h create mode 100644 keys_debug.h create mode 100644 keys_retail.h create mode 100644 keyset.c create mode 100644 keyset.h create mode 100644 lib.h create mode 100644 libyaml/LICENSE create mode 100644 libyaml/api.c create mode 100644 libyaml/dumper.c create mode 100644 libyaml/emitter.c create mode 100644 libyaml/loader.c create mode 100644 libyaml/parser.c create mode 100644 libyaml/reader.c create mode 100644 libyaml/scanner.c create mode 100644 libyaml/writer.c create mode 100644 libyaml/yaml.h create mode 100644 libyaml/yaml_private.h create mode 100644 logo_data.h create mode 100644 makerom.c create mode 100644 makerom.h create mode 100644 ncch.c create mode 100644 ncch.h create mode 100644 ncsd.c create mode 100644 ncsd.h create mode 100644 polarssl/aes.c create mode 100644 polarssl/aes.h create mode 100644 polarssl/arc4.c create mode 100644 polarssl/arc4.h create mode 100644 polarssl/asn1.h create mode 100644 polarssl/asn1parse.c create mode 100644 polarssl/asn1write.c create mode 100644 polarssl/asn1write.h create mode 100644 polarssl/base64.c create mode 100644 polarssl/base64.h create mode 100644 polarssl/bignum.c create mode 100644 polarssl/bignum.h create mode 100644 polarssl/blowfish.c create mode 100644 polarssl/blowfish.h create mode 100644 polarssl/bn_mul.h create mode 100644 polarssl/camellia.c create mode 100644 polarssl/camellia.h create mode 100644 polarssl/certs.c create mode 100644 polarssl/certs.h create mode 100644 polarssl/cipher.c create mode 100644 polarssl/cipher.h create mode 100644 polarssl/cipher_wrap.c create mode 100644 polarssl/cipher_wrap.h create mode 100644 polarssl/config.h create mode 100644 polarssl/ctr_drbg.c create mode 100644 polarssl/ctr_drbg.h create mode 100644 polarssl/debug.c create mode 100644 polarssl/debug.h create mode 100644 polarssl/des.c create mode 100644 polarssl/des.h create mode 100644 polarssl/dhm.c create mode 100644 polarssl/dhm.h create mode 100644 polarssl/entropy.c create mode 100644 polarssl/entropy.h create mode 100644 polarssl/entropy_poll.c create mode 100644 polarssl/entropy_poll.h create mode 100644 polarssl/error.c create mode 100644 polarssl/error.h create mode 100644 polarssl/gcm.c create mode 100644 polarssl/gcm.h create mode 100644 polarssl/havege.c create mode 100644 polarssl/havege.h create mode 100644 polarssl/md.c create mode 100644 polarssl/md.h create mode 100644 polarssl/md2.c create mode 100644 polarssl/md2.h create mode 100644 polarssl/md4.c create mode 100644 polarssl/md4.h create mode 100644 polarssl/md5.c create mode 100644 polarssl/md5.h create mode 100644 polarssl/md_wrap.c create mode 100644 polarssl/md_wrap.h create mode 100644 polarssl/net.c create mode 100644 polarssl/net.h create mode 100644 polarssl/openssl.h create mode 100644 polarssl/padlock.c create mode 100644 polarssl/padlock.h create mode 100644 polarssl/pbkdf2.c create mode 100644 polarssl/pbkdf2.h create mode 100644 polarssl/pem.c create mode 100644 polarssl/pem.h create mode 100644 polarssl/pkcs11.c create mode 100644 polarssl/pkcs11.h create mode 100644 polarssl/pkcs12.c create mode 100644 polarssl/pkcs12.h create mode 100644 polarssl/pkcs5.c create mode 100644 polarssl/pkcs5.h create mode 100644 polarssl/rsa.c create mode 100644 polarssl/rsa.h create mode 100644 polarssl/sha1.c create mode 100644 polarssl/sha1.h create mode 100644 polarssl/sha2.c create mode 100644 polarssl/sha2.h create mode 100644 polarssl/sha4.c create mode 100644 polarssl/sha4.h create mode 100644 polarssl/ssl.h create mode 100644 polarssl/ssl_cache.c create mode 100644 polarssl/ssl_cache.h create mode 100644 polarssl/ssl_cli.c create mode 100644 polarssl/ssl_srv.c create mode 100644 polarssl/ssl_tls.c create mode 100644 polarssl/timing.c create mode 100644 polarssl/timing.h create mode 100644 polarssl/version.c create mode 100644 polarssl/version.h create mode 100644 polarssl/x509.h create mode 100644 polarssl/x509parse.c create mode 100644 polarssl/x509write.c create mode 100644 polarssl/x509write.h create mode 100644 polarssl/xtea.c create mode 100644 polarssl/xtea.h create mode 100644 romfs.c create mode 100644 romfs.h create mode 100644 srl.h create mode 100644 tik.c create mode 100644 tik.h create mode 100644 titleid.c create mode 100644 titleid.h create mode 100644 tmd.c create mode 100644 tmd.h create mode 100644 types.h create mode 100644 usersettings.c create mode 100644 usersettings.h create mode 100644 utils.c create mode 100644 utils.h create mode 100644 yaml_ctr.c create mode 100644 yaml_ctr.h create mode 100644 yamlsettings.c create mode 100644 yamlsettings.h diff --git a/Application.desc b/Application.desc new file mode 100644 index 0000000..b3a6094 --- /dev/null +++ b/Application.desc @@ -0,0 +1,258 @@ +AccessControlInfo: + AffinityMask: 1 + AutoGen: true + CoreVersion: 2 + DescVersion: 2 + Descriptor: | + AP///wAABAACAAAAAAAFGJ4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA + AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAiIAAAAAAAABBUFQ6VQAAACRo + aW9GSU8AJGhvc3RpbzAkaG9zdGlvMWFjOnUAAAAAYm9zczpVAABjYW06dQAA + AGNlY2Q6dQAAY2ZnOnUAAABkbHA6RktDTGRscDpTUlZSZHNwOjpEU1BmcmQ6 + dQAAAGZzOlVTRVIAZ3NwOjpHcHVoaWQ6VVNFUmh0dHA6QwAAbWljOnUAAABu + ZG06dQAAAG5ld3M6dQAAbndtOjpVRFNwdG06dQAAAHB4aTpkZXYAc29jOlUA + AABzc2w6QwAAAHkycjp1AAAAbGRyOnJvAABpcjpVU0VSAAAAAAAAAAAAAAAA + AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA + AAAAAAAAAABOn/rw/7//8ec/APIA8JH/APaR/1D/gf9Y/4H/cP+B/3j/gf8B + AQD/AAIA/iECAPz///////////////////////////////////////////// + ////////////////////////////////////////AAAAAAAAAAAAAAAAAAAA + AAADAAAAAAAAAAAAAAAAAAI= + DisableDebug: false + EnableInterruptNumbers: + EnableSystemCalls: + ArbitrateAddress: 34 + Break: 60 + CancelTimer: 28 + ClearEvent: 25 + ClearTimer: 29 + CloseHandle: 35 + ConnectToPort: 45 + ControlMemory: 1 + CreateAddressArbiter: 33 + CreateEvent: 23 + CreateMemoryBlock: 30 + CreateMutex: 19 + CreateSemaphore: 21 + CreateThread: 8 + CreateTimer: 26 + DuplicateHandle: 39 + ExitProcess: 3 + ExitThread: 9 + GetCurrentProcessorNumber: 17 + GetHandleInfo: 41 + GetProcessId: 53 + GetProcessIdOfThread: 54 + GetProcessIdealProcessor: 6 + GetProcessInfo: 43 + GetResourceLimit: 56 + GetResourceLimitCurrentValues: 58 + GetResourceLimitLimitValues: 57 + GetSystemInfo: 42 + GetSystemTick: 40 + GetThreadContext: 59 + GetThreadId: 55 + GetThreadIdealProcessor: 15 + GetThreadInfo: 44 + GetThreadPriority: 11 + MapMemoryBlock: 31 + OutputDebugString: 61 + QueryMemory: 2 + ReleaseMutex: 20 + ReleaseSemaphore: 22 + SendSyncRequest1: 46 + SendSyncRequest2: 47 + SendSyncRequest3: 48 + SendSyncRequest4: 49 + SendSyncRequest: 50 + SetThreadPriority: 12 + SetTimer: 27 + SignalEvent: 24 + SleepThread: 10 + UnmapMemoryBlock: 32 + WaitSynchronization1: 36 + WaitSynchronizationN: 37 + FileSystemAccess: + - Debug + - DirectSdmc + - DirectSdmcWrite + HandleTableSize: 512 + IORegisterMapping: + - 1ff50000-1ff57fff + - 1ff70000-1ff77fff + IdealProcessor: 1 + IoAccessControl: + - UseDirectSdmc + - SdApplication + MemoryMapping: + - 1f000000-1f5fffff:r + MemoryType: Application + Priority: 24 + ProgramId: 0x00040000ffffff00L + ReleaseKernelMajor: "02" + ReleaseKernelMinor: "33" + ServiceAccessControl: + - APT:U + - $hioFIO + - $hostio0 + - $hostio1 + - ac:u + - boss:U + - cam:u + - cecd:u + - cfg:u + - dlp:FKCL + - dlp:SRVR + - dsp::DSP + - frd:u + - fs:USER + - gsp::Gpu + - hid:USER + - http:C + - mic:u + - ndm:u + - news:u + - nwm::UDS + - ptm:u + - pxi:dev + - soc:U + - ssl:C + - y2r:u + - ldr:ro + - ir:USER + Signature: | + 3xyLmORvojVswxgXmPPOVH4ULn8e2G3PvClO/jIuwRGtRprGcOruKFUi4TYF + HASKzg8Mg4/I1t4RjurPrZvPgQ3rcROz066DAkwOEFBZPO5gBvuMf8IgJAFi + VYdgD636cy72ZWLS5RBFaXA5A9E57FDB1CU5spARTpXLGevKD7X6x7Di1+Bx + w+VVM55c3E07URENMXiWytcYWO4A6SjyaHbUV/5lsUtJP/amWErH/MS7YbxY + jVVl5gp5OUG4gGH3BcP+1osJgsJfplb57h0OBj6fP/GTmk+i1ZGHiv7Pw/yK + scR46dEa97HTIMuDvgPVyqVeF6aRENS+I9ZLTwOprg== + StorageId: + - 0 +CommonHeaderKey: + D: | + jL2yO86eUQnYbXIrzgFVMm7FVze0LglZ2f5g+c42hWoEdnb5BOotaMQPBfqt + aUyAEmzQPaoi/4l4V+hTJRXQfthVRqIEx27B84l8LA6Tl5Fy9PaQaQ+4yRfP + g6ylH2l0EikrIVjy2uMlFgl0QJCrG+QGKHftxhaGCifdAwFNmiZuyJ/TmktZ + 0RCb66lYcr2h/p2G7SnpKUliS9h9KnpmG+UEgVYQUK+4SCfByUa9PxYGpT0E + nw1UcRz0gsBmdOqcgzwnAd9vVqgb42hVn6uQZyAl+j1RKiMWywZarazIR/k5 + Lmr4+groimSEa+3ajyoIho9WaWTDmFU3mkhA2tUDIQ== + DP: | + pD8c9uymjXDj6oyhx7EmQcrEDizxsj6hTjJ0x3G/PYNv/v2/DA9gp3X30h35 + uRZ1O+SgonWCGVnOJ7Wfjr4w2cOcSzxpzT3PQsS6Gs9z0RvcDsUHRL5f2EiT + 6A1ZPj6xyzmo9Ts6w9yfxCwaHci0f2hP9bq9FimfFKigCoNcFBE= + DQ: | + y+6Pado7N+SIZJgQ7zEGyQ7/SxGHHEy5uW04HHde9IqHD5HFGG2GegF655mM + iI9ja1eTCh/AFs8xjAg0drQEvB5q80TjPNKtwVUT8ghOlN3xTzpdaLwX0d+c + Twy74VY4KPawcdDeLaGFtXknhFOdGmIbx+BInibz7NZ9eLqGwaE= + Exponent: | + AQAB + InverseQ: | + tc9/lcF837g8AdfyeuCyuLyd36Zm1ZmJ1VSSuH8y3/1ZhBYZkOFXxU7EhMvJ + FyAu4qyCA9otzCXM+cqKxE3ZCkSconsXOu8szZTwuINSkwHlt22FtiTfPt+V + /g5kjtkjoZVOGfSvvfel9Smwy1yrFvKfi/yJsjATeNFjiEquV/w= + Modulus: | + z+yySANtuAnjXGxiLKlJ4fT0DGzD5S+dUKArWgDGcgALowRdlEbnABtIhbVh + LMl0yitDE8F4l1wzLwfHhfDa22CWUA98S3rXF53k5cOrb12leDKtBN2Wbtx1 + /8Iv+qLuRonNrmmSpEi8RkfEjIlj4QpNHNxGL1twinzpIpwJC6iXQMoqfYSh + BEou29fQZEOc0HgRQYgz3TFikC0X8sapK5xwq9zTq13a7j1sDoH/9mdaRPms + Bz0jlHVlkyAMxXYdD2UGPSGi8JaAtwpJUzijXcB0PKTZQDaFH4zRLRX57ySp + fp2yHvigcoEXd3OxVn+tBaLSMFr1068PEEpS2AlHlw== + P: | + 6SdD3AiAybNamgUgGJduyFWO1/LeakmoJm+23IEJADyU4nz+reGjxQnMrR+x + syuB8VPGuf1z0SInfRIu9PEjIfW9/H/fZ59GwckQuJbneODjW7KU1jM3cTVX + +AWvaxWDwlCUmVSYD2OySUJlo3szGmBYh/o/tKAq7kElaaOt+cc= + Q: | + 5EyO8bCyfqgLTfipAG/nNLObQbqMyARdQfudxh4eQqHmzblEM3jareuA8eUZ + K8pIaP+U9UfxwWTeFsOulrpsm04j4gS71WGNx3YwOIRPXXOn7zBkxA3AO9qq + K8lMeV3gNsdt4Fz8Zh2F68HSP4avB+ThO2S18SXMyIkcM7Sbw7E= +DefaultSpec: + AccessControlInfo: + ServiceAccessControl: + - APT:U + - $hioFIO + - $hostio0 + - $hostio1 + - ac:u + - boss:U + - cam:u + - cecd:u + - cfg:u + - dlp:FKCL + - dlp:SRVR + - dsp::DSP + - frd:u + - fs:USER + - gsp::Gpu + - hid:USER + - http:C + - mic:u + - ndm:u + - news:u + - nwm::UDS + - ptm:u + - pxi:dev + - soc:U + - ssl:C + - y2r:u + - ldr:ro + - ir:USER + AffinityMask: 1 + FirmwareVersion: 2 + HandleTableSize: 512 + IORegisterMapping: + - 1ff50000-1ff57fff + - 1ff70000-1ff77fff + IdealProcessor: 0 + MemoryMapping: + - 1f000000-1f5fffff:r + Priority: 16 + BasicInfo: + CompanyCode: "00" + Logo: Nintendo + Title: default + ExeFs: + ReadOnly: + - RO + ReadWrite: + - RW + Text: + - STUP_ENTRY + PlainRegion: + - .module_id + Rom: + DefaultReject: + - .* + File: + - "*" + SystemControlInfo: + Dependency: + ac: 0x0004013000002402L + am: 0x0004013000001502L + boss: 0x0004013000003402L + camera: 0x0004013000001602L + cecd: 0x0004013000002602L + cfg: 0x0004013000001702L + codec: 0x0004013000001802L + csnd: 0x0004013000002702L + dlp: 0x0004013000002802L + dsp: 0x0004013000001a02L + friends: 0x0004013000003202L + gpio: 0x0004013000001b02L + gsp: 0x0004013000001c02L + hid: 0x0004013000001d02L + http: 0x0004013000002902L + i2c: 0x0004013000001e02L + ir: 0x0004013000003302L + mcu: 0x0004013000001f02L + mic: 0x0004013000002002L + ndm: 0x0004013000002b02L + news: 0x0004013000003502L + nim: 0x0004013000002c02L + nwm: 0x0004013000002d02L + pdn: 0x0004013000002102L + ps: 0x0004013000003102L + ptm: 0x0004013000002202L + ro: 0x0004013000003702L + socket: 0x0004013000002e02L + spi: 0x0004013000002302L + ssl: 0x0004013000002f02L + StackSize: 262144 diff --git a/Application.rsf b/Application.rsf new file mode 100644 index 0000000..33d5aa0 --- /dev/null +++ b/Application.rsf @@ -0,0 +1,37 @@ +# Default value for application +BasicInfo: + Title : "Homebrew" + CompanyCode : "00" + MediaSize : 128MB # 128MB / 256MB / 512MB / 1GB / 2GB + MediaFootPadding: false + ProductCode : "CTR-P-HAXX" + ContentType : Application # Application / SystemUpdate / Manual / Child / Trial + Logo : Nintendo # Nintendo / Licenced / Distributed + BackupMemoryType: None # None / 128KB / 512KB + +Rom: + # Specifies the root path of the file system to include in the ROM. + HostRoot: "$(ROMFS_ROOT)" + SaveDataSize: 512KB + + +TitleInfo: + UniqueId: 1337 + #TargetCategory: Contents + Category: Application + #DemoIndex: 1 + Version: 0 + +CardInfo: + #WritableAddress: 0x200 + #CardType : S2 # S1 / S2 + #CryptoType : 3 # 0 - 3 + CardDevice : NorFlash # NorFlash(0), None(1), BT(2) + #MediaType : CARD1 # Card1 / Card2 + +Option: + # ??????????????? true + UseOnSD: true # true if App is to be installed to SD + EnableCompress: true # true / false + FreeProductCode: true # true ??????????????????????? + EnableCrypt : true # fasle ???????? \ No newline at end of file diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..7289448 --- /dev/null +++ b/Makefile @@ -0,0 +1,59 @@ +# Makerom Sources +UTILS_OBJS = utils.o keyset.o titleid.o +CIA_OBJS = cia.o certs.o tik.o tmd.o +NCCH_OBJS = ncch.o exheader.o exefs.o elf.o romfs.o +NCSD_OBJS = ncsd.o +SETTINGS_OBJS = usersettings.o yamlsettings.o +LIB_API_OBJS = crypto.o yaml_ctr.o blz.o + +OBJS = makerom.o $(UTILS_OBJS) $(LIB_API_OBJS) $(SETTINGS_OBJS) $(NCSD_OBJS) $(NCCH_OBJS) $(CIA_OBJS) + +# Libraries +POLAR_OBJS = polarssl/aes.o polarssl/bignum.o polarssl/rsa.o polarssl/sha1.o polarssl/sha2.o polarssl/padlock.o polarssl/md.o polarssl/md_wrap.o polarssl/md2.o polarssl/md4.o polarssl/md5.o polarssl/sha4.o polarssl/base64.o polarssl/cipher.o polarssl/cipher_wrap.o polarssl/camellia.o polarssl/des.o polarssl/blowfish.o +YAML_OBJS = libyaml/api.o libyaml/dumper.o libyaml/emitter.o libyaml/loader.o libyaml/parser.o libyaml/reader.o libyaml/scanner.o libyaml/writer.o + +# Compiler Settings +LIBS = -static-libgcc -static-libstdc++ +CXXFLAGS = -I. +CFLAGS = --std=c99 -Wall -I. -DMAKEROM_VER_MAJOR=$(VER_MAJOR) -DMAKEROM_VER_MINOR=$(VER_MINOR) $(MAKEROM_BUILD_FLAGS) +CC = gcc + +# MAKEROM Build Settings +MAKEROM_BUILD_FLAGS = -DPRIVATE_BUILD -DRETAIL_FSIGN -DELF_DEBUG +VER_MAJOR = 0 +VER_MINOR = 1 +OUTPUT = makerom + +# +main: build + +rebuild: clean build + +build: $(OBJS) $(POLAR_OBJS) $(YAML_OBJS) + g++ -o $(OUTPUT) $(LIBS) $(OBJS) $(POLAR_OBJS) $(YAML_OBJS) + +clean: + rm -rf $(OUTPUT) $(OBJS) $(POLAR_OBJS) $(YAML_OBJS) *.cci *.cia *.cxi *.cfa + +# Winfail compatibility +rebuildwin: cleanwin build +cleanwin: + del $(OUTPUT).exe *.o polarssl\*.o libyaml\*.o *.cci *.cia *.cxi *.cfa + +#Test Functions + +ccigen_sdk: + ctr_makerom32 -f card -rsf testdata\Application.rsf -o content_test_sdk.cci -content testdata\app_zeroskey.cxi:0 -content testdata\manual_zeroskey.cfa:1 -content testdata\dlp_zeroskey.cfa:2 -content testdata\update_zeroskey.cfa:7 + del content_test_sdk.cci.xml + +ccigen: + $(OUTPUT) -f card -rsf testdata\Application.rsf -o content_test.cci -content testdata\app_zeroskey.cxi:0 -content testdata\manual_zeroskey.cfa:1 -content testdata\dlp_zeroskey.cfa:2 -content testdata\update_zeroskey.cfa:7 + +ciagen_sdk: + ctr_makecia32 -o content_test.cia -i testdata\app_zeroskey.cxi:0 -i testdata\manual_zeroskey.cfa:1 -i testdata\dlp_zeroskey.cfa:2 + +ciagen: + $(OUTPUT) -f cia -o content_test.cia -content testdata\app_zeroskey.cxi:0 -content testdata\manual_zeroskey.cfa:1 -content testdata\dlp_zeroskey.cfa:2 -encryptcia + +pyramids: + $(OUTPUT) -f cxi -accessdesc app -o pyramids.cxi -code pyramids\code.bin -exheader pyramids\exheader.bin -rsf pyramids\app.rsf -desc pyramids\build.desc -icon pyramids\icon.icn -banner pyramids\banner.bnr -romfs pyramids\romfs.bin \ No newline at end of file diff --git a/accessdesc_sig.h b/accessdesc_sig.h new file mode 100644 index 0000000..327e5cc --- /dev/null +++ b/accessdesc_sig.h @@ -0,0 +1,52 @@ +#ifndef _ACCESSDESC_SIG_H_ +#define _ACCESSDESC_SIG_H_ + +// APP +static const unsigned char App_HdrPubK[0x100] = +{ + 0xCF, 0xEC, 0xB2, 0x48, 0x03, 0x6D, 0xB8, 0x09, 0xE3, 0x5C, 0x6C, 0x62, 0x2C, 0xA9, 0x49, 0xE1, 0xF4, 0xF4, 0x0C, 0x6C, 0xC3, 0xE5, 0x2F, 0x9D, 0x50, 0xA0, 0x2B, 0x5A, 0x00, 0xC6, 0x72, 0x00, 0x0B, 0xA3, 0x04, 0x5D, 0x94, 0x46, 0xE7, 0x00, 0x1B, 0x48, 0x85, 0xB5, 0x61, 0x2C, 0xC9, 0x74, 0xCA, 0x2B, 0x43, 0x13, 0xC1, 0x78, 0x97, 0x5C, 0x33, 0x2F, 0x07, 0xC7, 0x85, 0xF0, 0xDA, 0xDB, 0x60, 0x96, 0x50, 0x0F, 0x7C, 0x4B, 0x7A, 0xD7, 0x17, 0x9D, 0xE4, 0xE5, 0xC3, 0xAB, 0x6F, 0x5D, 0xA5, 0x78, 0x32, 0xAD, 0x04, 0xDD, 0x96, 0x6E, 0xDC, 0x75, 0xFF, 0xC2, 0x2F, 0xFA, 0xA2, 0xEE, 0x46, 0x89, 0xCD, 0xAE, 0x69, 0x92, 0xA4, 0x48, 0xBC, 0x46, 0x47, 0xC4, 0x8C, 0x89, 0x63, 0xE1, 0x0A, 0x4D, 0x1C, 0xDC, 0x46, 0x2F, 0x5B, 0x70, 0x8A, 0x7C, 0xE9, 0x22, 0x9C, 0x09, 0x0B, 0xA8, 0x97, 0x40, 0xCA, 0x2A, 0x7D, 0x84, 0xA1, 0x04, 0x4A, 0x2E, 0xDB, 0xD7, 0xD0, 0x64, 0x43, 0x9C, 0xD0, 0x78, 0x11, 0x41, 0x88, 0x33, 0xDD, 0x31, 0x62, 0x90, 0x2D, 0x17, 0xF2, 0xC6, 0xA9, 0x2B, 0x9C, 0x70, 0xAB, 0xDC, 0xD3, 0xAB, 0x5D, 0xDA, 0xEE, 0x3D, 0x6C, 0x0E, 0x81, 0xFF, 0xF6, 0x67, 0x5A, 0x44, 0xF9, 0xAC, 0x07, 0x3D, 0x23, 0x94, 0x75, 0x65, 0x93, 0x20, 0x0C, 0xC5, 0x76, 0x1D, 0x0F, 0x65, 0x06, 0x3D, 0x21, 0xA2, 0xF0, 0x96, 0x80, 0xB7, 0x0A, 0x49, 0x53, 0x38, 0xA3, 0x5D, 0xC0, 0x74, 0x3C, 0xA4, 0xD9, 0x40, 0x36, 0x85, 0x1F, 0x8C, 0xD1, 0x2D, 0x15, 0xF9, 0xEF, 0x24, 0xA9, 0x7E, 0x9D, 0xB2, 0x1E, 0xF8, 0xA0, 0x72, 0x81, 0x17, 0x77, 0x73, 0xB1, 0x56, 0x7F, 0xAD, 0x05, 0xA2, 0xD2, 0x30, 0x5A, 0xF5, 0xD3, 0xAF, 0x0F, 0x10, 0x4A, 0x52, 0xD8, 0x09, 0x47, 0x97 +}; + +static const unsigned char App_HdrPrivK[0x100] = +{ + 0x8C, 0xBD, 0xB2, 0x3B, 0xCE, 0x9E, 0x51, 0x09, 0xD8, 0x6D, 0x72, 0x2B, 0xCE, 0x01, 0x55, 0x32, 0x6E, 0xC5, 0x57, 0x37, 0xB4, 0x2E, 0x09, 0x59, 0xD9, 0xFE, 0x60, 0xF9, 0xCE, 0x36, 0x85, 0x6A, 0x04, 0x76, 0x76, 0xF9, 0x04, 0xEA, 0x2D, 0x68, 0xC4, 0x0F, 0x05, 0xFA, 0xAD, 0x69, 0x4C, 0x80, 0x12, 0x6C, 0xD0, 0x3D, 0xAA, 0x22, 0xFF, 0x89, 0x78, 0x57, 0xE8, 0x53, 0x25, 0x15, 0xD0, 0x7E, 0xD8, 0x55, 0x46, 0xA2, 0x04, 0xC7, 0x6E, 0xC1, 0xF3, 0x89, 0x7C, 0x2C, 0x0E, 0x93, 0x97, 0x91, 0x72, 0xF4, 0xF6, 0x90, 0x69, 0x0F, 0xB8, 0xC9, 0x17, 0xCF, 0x83, 0xAC, 0xA5, 0x1F, 0x69, 0x74, 0x12, 0x29, 0x2B, 0x21, 0x58, 0xF2, 0xDA, 0xE3, 0x25, 0x16, 0x09, 0x74, 0x40, 0x90, 0xAB, 0x1B, 0xE4, 0x06, 0x28, 0x77, 0xED, 0xC6, 0x16, 0x86, 0x0A, 0x27, 0xDD, 0x03, 0x01, 0x4D, 0x9A, 0x26, 0x6E, 0xC8, 0x9F, 0xD3, 0x9A, 0x4B, 0x59, 0xD1, 0x10, 0x9B, 0xEB, 0xA9, 0x58, 0x72, 0xBD, 0xA1, 0xFE, 0x9D, 0x86, 0xED, 0x29, 0xE9, 0x29, 0x49, 0x62, 0x4B, 0xD8, 0x7D, 0x2A, 0x7A, 0x66, 0x1B, 0xE5, 0x04, 0x81, 0x56, 0x10, 0x50, 0xAF, 0xB8, 0x48, 0x27, 0xC1, 0xC9, 0x46, 0xBD, 0x3F, 0x16, 0x06, 0xA5, 0x3D, 0x04, 0x9F, 0x0D, 0x54, 0x71, 0x1C, 0xF4, 0x82, 0xC0, 0x66, 0x74, 0xEA, 0x9C, 0x83, 0x3C, 0x27, 0x01, 0xDF, 0x6F, 0x56, 0xA8, 0x1B, 0xE3, 0x68, 0x55, 0x9F, 0xAB, 0x90, 0x67, 0x20, 0x25, 0xFA, 0x3D, 0x51, 0x2A, 0x23, 0x16, 0xCB, 0x06, 0x5A, 0xAD, 0xAC, 0xC8, 0x47, 0xF9, 0x39, 0x2E, 0x6A, 0xF8, 0xFA, 0x0A, 0xE8, 0x8A, 0x64, 0x84, 0x6B, 0xED, 0xDA, 0x8F, 0x2A, 0x08, 0x86, 0x8F, 0x56, 0x69, 0x64, 0xC3, 0x98, 0x55, 0x37, 0x9A, 0x48, 0x40, 0xDA, 0xD5, 0x03, 0x21 +}; + +static const unsigned char App_AcexData[0x400] = +{ + 0xDF, 0x1C, 0x8B, 0x98, 0xE4, 0x6F, 0xA2, 0x35, 0x6C, 0xC3, 0x18, 0x17, 0x98, 0xF3, 0xCE, 0x54, 0x7E, 0x14, 0x2E, 0x7F, 0x1E, 0xD8, 0x6D, 0xCF, 0xBC, 0x29, 0x4E, 0xFE, 0x32, 0x2E, 0xC1, 0x11, 0xAD, 0x46, 0x9A, 0xC6, 0x70, 0xEA, 0xEE, 0x28, 0x55, 0x22, 0xE1, 0x36, 0x05, 0x1C, 0x04, 0x8A, 0xCE, 0x0F, 0x0C, 0x83, 0x8F, 0xC8, 0xD6, 0xDE, 0x11, 0x8E, 0xEA, 0xCF, 0xAD, 0x9B, 0xCF, 0x81, 0x0D, 0xEB, 0x71, 0x13, 0xB3, 0xD3, 0xAE, 0x83, 0x02, 0x4C, 0x0E, 0x10, 0x50, 0x59, 0x3C, 0xEE, 0x60, 0x06, 0xFB, 0x8C, 0x7F, 0xC2, 0x20, 0x24, 0x01, 0x62, 0x55, 0x87, 0x60, 0x0F, 0xAD, 0xFA, 0x73, 0x2E, 0xF6, 0x65, 0x62, 0xD2, 0xE5, 0x10, 0x45, 0x69, 0x70, 0x39, 0x03, 0xD1, 0x39, 0xEC, 0x50, 0xC1, 0xD4, 0x25, 0x39, 0xB2, 0x90, 0x11, 0x4E, 0x95, 0xCB, 0x19, 0xEB, 0xCA, 0x0F, 0xB5, 0xFA, 0xC7, 0xB0, 0xE2, 0xD7, 0xE0, 0x71, 0xC3, 0xE5, 0x55, 0x33, 0x9E, 0x5C, 0xDC, 0x4D, 0x3B, 0x51, 0x11, 0x0D, 0x31, 0x78, 0x96, 0xCA, 0xD7, 0x18, 0x58, 0xEE, 0x00, 0xE9, 0x28, 0xF2, 0x68, 0x76, 0xD4, 0x57, 0xFE, 0x65, 0xB1, 0x4B, 0x49, 0x3F, 0xF6, 0xA6, 0x58, 0x4A, 0xC7, 0xFC, 0xC4, 0xBB, 0x61, 0xBC, 0x58, 0x8D, 0x55, 0x65, 0xE6, 0x0A, 0x79, 0x39, 0x41, 0xB8, 0x80, 0x61, 0xF7, 0x05, 0xC3, 0xFE, 0xD6, 0x8B, 0x09, 0x82, 0xC2, 0x5F, 0xA6, 0x56, 0xF9, 0xEE, 0x1D, 0x0E, 0x06, 0x3E, 0x9F, 0x3F, 0xF1, 0x93, 0x9A, 0x4F, 0xA2, 0xD5, 0x91, 0x87, 0x8A, 0xFE, 0xCF, 0xC3, 0xFC, 0x8A, 0xB1, 0xC4, 0x78, 0xE9, 0xD1, 0x1A, 0xF7, 0xB1, 0xD3, 0x20, 0xCB, 0x83, 0xBE, 0x03, 0xD5, 0xCA, 0xA5, 0x5E, 0x17, 0xA6, 0x91, 0x10, 0xD4, 0xBE, 0x23, 0xD6, 0x4B, 0x4F, 0x03, 0xA9, 0xAE, 0xCF, 0xEC, 0xB2, 0x48, 0x03, 0x6D, 0xB8, 0x09, 0xE3, 0x5C, 0x6C, 0x62, 0x2C, 0xA9, 0x49, 0xE1, 0xF4, 0xF4, 0x0C, 0x6C, 0xC3, 0xE5, 0x2F, 0x9D, 0x50, 0xA0, 0x2B, 0x5A, 0x00, 0xC6, 0x72, 0x00, 0x0B, 0xA3, 0x04, 0x5D, 0x94, 0x46, 0xE7, 0x00, 0x1B, 0x48, 0x85, 0xB5, 0x61, 0x2C, 0xC9, 0x74, 0xCA, 0x2B, 0x43, 0x13, 0xC1, 0x78, 0x97, 0x5C, 0x33, 0x2F, 0x07, 0xC7, 0x85, 0xF0, 0xDA, 0xDB, 0x60, 0x96, 0x50, 0x0F, 0x7C, 0x4B, 0x7A, 0xD7, 0x17, 0x9D, 0xE4, 0xE5, 0xC3, 0xAB, 0x6F, 0x5D, 0xA5, 0x78, 0x32, 0xAD, 0x04, 0xDD, 0x96, 0x6E, 0xDC, 0x75, 0xFF, 0xC2, 0x2F, 0xFA, 0xA2, 0xEE, 0x46, 0x89, 0xCD, 0xAE, 0x69, 0x92, 0xA4, 0x48, 0xBC, 0x46, 0x47, 0xC4, 0x8C, 0x89, 0x63, 0xE1, 0x0A, 0x4D, 0x1C, 0xDC, 0x46, 0x2F, 0x5B, 0x70, 0x8A, 0x7C, 0xE9, 0x22, 0x9C, 0x09, 0x0B, 0xA8, 0x97, 0x40, 0xCA, 0x2A, 0x7D, 0x84, 0xA1, 0x04, 0x4A, 0x2E, 0xDB, 0xD7, 0xD0, 0x64, 0x43, 0x9C, 0xD0, 0x78, 0x11, 0x41, 0x88, 0x33, 0xDD, 0x31, 0x62, 0x90, 0x2D, 0x17, 0xF2, 0xC6, 0xA9, 0x2B, 0x9C, 0x70, 0xAB, 0xDC, 0xD3, 0xAB, 0x5D, 0xDA, 0xEE, 0x3D, 0x6C, 0x0E, 0x81, 0xFF, 0xF6, 0x67, 0x5A, 0x44, 0xF9, 0xAC, 0x07, 0x3D, 0x23, 0x94, 0x75, 0x65, 0x93, 0x20, 0x0C, 0xC5, 0x76, 0x1D, 0x0F, 0x65, 0x06, 0x3D, 0x21, 0xA2, 0xF0, 0x96, 0x80, 0xB7, 0x0A, 0x49, 0x53, 0x38, 0xA3, 0x5D, 0xC0, 0x74, 0x3C, 0xA4, 0xD9, 0x40, 0x36, 0x85, 0x1F, 0x8C, 0xD1, 0x2D, 0x15, 0xF9, 0xEF, 0x24, 0xA9, 0x7E, 0x9D, 0xB2, 0x1E, 0xF8, 0xA0, 0x72, 0x81, 0x17, 0x77, 0x73, 0xB1, 0x56, 0x7F, 0xAD, 0x05, 0xA2, 0xD2, 0x30, 0x5A, 0xF5, 0xD3, 0xAF, 0x0F, 0x10, 0x4A, 0x52, 0xD8, 0x09, 0x47, 0x97, 0x00, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x04, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x05, 0x18, 0x9E, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x88, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x41, 0x50, 0x54, 0x3A, 0x55, 0x00, 0x00, 0x00, 0x24, 0x68, 0x69, 0x6F, 0x46, 0x49, 0x4F, 0x00, 0x24, 0x68, 0x6F, 0x73, 0x74, 0x69, 0x6F, 0x30, 0x24, 0x68, 0x6F, 0x73, 0x74, 0x69, 0x6F, 0x31, 0x61, 0x63, 0x3A, 0x75, 0x00, 0x00, 0x00, 0x00, 0x62, 0x6F, 0x73, 0x73, 0x3A, 0x55, 0x00, 0x00, 0x63, 0x61, 0x6D, 0x3A, 0x75, 0x00, 0x00, 0x00, 0x63, 0x65, 0x63, 0x64, 0x3A, 0x75, 0x00, 0x00, 0x63, 0x66, 0x67, 0x3A, 0x75, 0x00, 0x00, 0x00, 0x64, 0x6C, 0x70, 0x3A, 0x46, 0x4B, 0x43, 0x4C, 0x64, 0x6C, 0x70, 0x3A, 0x53, 0x52, 0x56, 0x52, 0x64, 0x73, 0x70, 0x3A, 0x3A, 0x44, 0x53, 0x50, 0x66, 0x72, 0x64, 0x3A, 0x75, 0x00, 0x00, 0x00, 0x66, 0x73, 0x3A, 0x55, 0x53, 0x45, 0x52, 0x00, 0x67, 0x73, 0x70, 0x3A, 0x3A, 0x47, 0x70, 0x75, 0x68, 0x69, 0x64, 0x3A, 0x55, 0x53, 0x45, 0x52, 0x68, 0x74, 0x74, 0x70, 0x3A, 0x43, 0x00, 0x00, 0x6D, 0x69, 0x63, 0x3A, 0x75, 0x00, 0x00, 0x00, 0x6E, 0x64, 0x6D, 0x3A, 0x75, 0x00, 0x00, 0x00, 0x6E, 0x65, 0x77, 0x73, 0x3A, 0x75, 0x00, 0x00, 0x6E, 0x77, 0x6D, 0x3A, 0x3A, 0x55, 0x44, 0x53, 0x70, 0x74, 0x6D, 0x3A, 0x75, 0x00, 0x00, 0x00, 0x70, 0x78, 0x69, 0x3A, 0x64, 0x65, 0x76, 0x00, 0x73, 0x6F, 0x63, 0x3A, 0x55, 0x00, 0x00, 0x00, 0x73, 0x73, 0x6C, 0x3A, 0x43, 0x00, 0x00, 0x00, 0x79, 0x32, 0x72, 0x3A, 0x75, 0x00, 0x00, 0x00, 0x6C, 0x64, 0x72, 0x3A, 0x72, 0x6F, 0x00, 0x00, 0x69, 0x72, 0x3A, 0x55, 0x53, 0x45, 0x52, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x4E, 0x9F, 0xFA, 0xF0, 0xFF, 0xBF, 0xFF, 0xF1, 0xE7, 0x3F, 0x00, 0xF2, 0x00, 0xF0, 0x91, 0xFF, 0x00, 0xF6, 0x91, 0xFF, 0x50, 0xFF, 0x81, 0xFF, 0x58, 0xFF, 0x81, 0xFF, 0x70, 0xFF, 0x81, 0xFF, 0x78, 0xFF, 0x81, 0xFF, 0x01, 0x01, 0x00, 0xFF, 0x00, 0x02, 0x00, 0xFE, 0x21, 0x02, 0x00, 0xFC, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02 +}; + +// DEMO +static const unsigned char Demo_HdrPubK[0x100] = +{ + 0xB5, 0x11, 0x8D, 0x9E, 0x2D, 0xDB, 0x70, 0x6D, 0x6E, 0xEE, 0xAA, 0x21, 0xE0, 0x4E, 0x80, 0x0A, 0x96, 0x4A, 0x10, 0xD0, 0x9C, 0xD7, 0xD9, 0xD4, 0x94, 0x87, 0x72, 0xA2, 0xAF, 0x02, 0xA0, 0x05, 0x2E, 0xBF, 0x17, 0xEB, 0xFE, 0x5B, 0x9F, 0xB7, 0x0B, 0x1E, 0x3E, 0xF9, 0xAC, 0xBC, 0x7B, 0xB1, 0x56, 0x10, 0x24, 0x5F, 0x57, 0x2C, 0x08, 0xD0, 0x14, 0x79, 0x83, 0x84, 0x6A, 0x45, 0x25, 0xEB, 0xD9, 0xBE, 0x02, 0x21, 0xF7, 0x35, 0xC2, 0x74, 0x57, 0xC5, 0xAC, 0x34, 0x05, 0xC6, 0x9E, 0x82, 0xB8, 0xED, 0x78, 0xC4, 0x3B, 0xFD, 0x23, 0x59, 0x54, 0xD2, 0x0A, 0x0B, 0x5B, 0x25, 0xC0, 0x71, 0xC3, 0x84, 0x3A, 0xA7, 0xF9, 0x99, 0x86, 0xD8, 0xFE, 0x60, 0x10, 0x85, 0x77, 0x57, 0x76, 0x0C, 0x25, 0xE1, 0x18, 0x18, 0x3B, 0x83, 0xFD, 0x36, 0x7C, 0x84, 0x58, 0xC2, 0xC4, 0x68, 0x4F, 0xD1, 0xD7, 0x0A, 0x88, 0xFD, 0xCA, 0x97, 0xA1, 0xE5, 0xCE, 0x72, 0x63, 0xCF, 0x74, 0xD0, 0x20, 0xD9, 0xDE, 0x3F, 0xBB, 0x11, 0xF9, 0x21, 0xAB, 0x3F, 0x54, 0x41, 0xA7, 0xAA, 0xCA, 0xFC, 0xE1, 0x1A, 0x8C, 0x12, 0xC9, 0x39, 0x13, 0x5A, 0x81, 0x29, 0x49, 0xE8, 0xFB, 0x48, 0xC9, 0x4D, 0x50, 0x87, 0xAE, 0x51, 0xFB, 0x94, 0xFC, 0xF0, 0x9C, 0x70, 0x1C, 0xE8, 0x6E, 0x44, 0x53, 0x1E, 0x2F, 0x27, 0x5C, 0xB8, 0xEC, 0xBE, 0xFC, 0xD9, 0x98, 0x6A, 0x08, 0xD0, 0x5C, 0x4D, 0x78, 0x2D, 0x4D, 0x07, 0xAD, 0x5E, 0xB8, 0x51, 0x40, 0xE2, 0x2A, 0x7F, 0xB1, 0x54, 0x47, 0x5C, 0x99, 0x12, 0xC2, 0x6D, 0x5E, 0xED, 0x25, 0x30, 0x6A, 0x99, 0xC5, 0x0D, 0x65, 0x83, 0x68, 0x3A, 0xFD, 0x82, 0x59, 0x0D, 0xCE, 0x0B, 0x49, 0xBE, 0x17, 0x46, 0x51, 0xA9, 0xB6, 0x54, 0xE1, 0x18, 0xBD, 0x49, 0xE6, 0x7F +}; + +static const unsigned char Demo_HdrPrivK[0x100] = +{ + 0x1D, 0x7B, 0x79, 0x32, 0xAB, 0x46, 0xD2, 0xBC, 0x8E, 0xD6, 0x7F, 0x8F, 0x3A, 0x85, 0xAD, 0xA5, 0x8B, 0xA9, 0x0D, 0xA9, 0xDA, 0x0F, 0xEF, 0x61, 0x04, 0xBA, 0x35, 0x39, 0x36, 0x03, 0xD8, 0x68, 0x5F, 0x9F, 0x2F, 0xD6, 0xF6, 0x38, 0x96, 0xFD, 0xE7, 0xEA, 0x89, 0xD8, 0x7F, 0x7E, 0xC5, 0x29, 0x2F, 0xD9, 0x3B, 0x02, 0xE7, 0x1F, 0xBD, 0x63, 0x9C, 0x21, 0xD8, 0xFF, 0x43, 0x8A, 0x74, 0xCD, 0x3D, 0x4C, 0x09, 0xEE, 0xDB, 0xE0, 0xBE, 0x03, 0xD1, 0x92, 0xD7, 0x22, 0x35, 0x5A, 0x8C, 0xCE, 0xBE, 0x2B, 0xB4, 0x81, 0x47, 0x3F, 0x45, 0x75, 0x33, 0x31, 0x6B, 0xFF, 0x43, 0x5D, 0x17, 0x43, 0xAE, 0xD1, 0x25, 0xF7, 0xD9, 0xD5, 0x5C, 0xB6, 0x92, 0x5C, 0xB3, 0xF3, 0xF7, 0x65, 0x9F, 0x4C, 0x05, 0x12, 0xEC, 0xA8, 0x6D, 0x70, 0x65, 0x57, 0x6C, 0xD8, 0xE3, 0xD6, 0xFA, 0xC1, 0xFD, 0x54, 0xE8, 0x34, 0x67, 0x4D, 0x0A, 0x14, 0x2F, 0xA3, 0xD4, 0x81, 0x8C, 0xC3, 0xD0, 0x8B, 0x09, 0x08, 0x90, 0x70, 0x68, 0xA0, 0x0E, 0xD1, 0x0B, 0xAA, 0x71, 0xEC, 0x9A, 0x1A, 0x83, 0xFF, 0xA1, 0x70, 0xEB, 0xAC, 0xF2, 0xE9, 0x80, 0xA1, 0xB8, 0x20, 0x31, 0x83, 0xF5, 0x37, 0x01, 0x72, 0x06, 0x50, 0x05, 0x3F, 0x14, 0xF9, 0x29, 0x48, 0x84, 0xA0, 0x0E, 0xF7, 0xB8, 0x1D, 0xA3, 0x36, 0x5A, 0x78, 0x6D, 0x83, 0x90, 0x27, 0xE3, 0x50, 0x49, 0x2F, 0x65, 0xE5, 0x61, 0xED, 0x65, 0xBE, 0xEA, 0x34, 0xA6, 0x6A, 0xEF, 0x49, 0xB4, 0xE0, 0xBC, 0xC2, 0xA5, 0xB8, 0xEB, 0xA9, 0x2F, 0xBA, 0x26, 0x76, 0xB2, 0x5A, 0x3A, 0x3B, 0xFD, 0xAD, 0xFB, 0xE4, 0x79, 0xE2, 0x85, 0x54, 0x5B, 0xAB, 0x1F, 0x0A, 0xE5, 0x8B, 0x77, 0x3A, 0x10, 0x98, 0x26, 0x74, 0xC8, 0xB0, 0x82, 0xB1, 0xF9, 0x8F, 0x68, 0x59 +}; + +static const unsigned char Demo_AcexData[0x400] = +{ + 0xD3, 0x7D, 0x42, 0xBA, 0x6A, 0x1E, 0xD8, 0x07, 0x3C, 0x4A, 0xC4, 0xCD, 0x8C, 0x68, 0x3D, 0xCD, 0xCD, 0xBD, 0x9D, 0xCE, 0xB5, 0x2A, 0xF9, 0x63, 0x3D, 0xA9, 0x54, 0x0A, 0x2E, 0x4C, 0xE1, 0x60, 0x4B, 0xD0, 0xC9, 0xEB, 0xEF, 0x31, 0x65, 0x70, 0xB9, 0x0E, 0x06, 0x3B, 0x3D, 0x42, 0x4C, 0x6E, 0x8D, 0x2C, 0xD4, 0x71, 0x29, 0x76, 0xB7, 0xDD, 0x8C, 0xDA, 0xE7, 0xE3, 0x96, 0xA7, 0xAA, 0xF8, 0xCA, 0x05, 0xE8, 0xA7, 0x0A, 0xDD, 0x01, 0x49, 0xBD, 0xF1, 0xA5, 0xE8, 0x16, 0x22, 0xEE, 0x47, 0x1F, 0xEF, 0x28, 0x48, 0x87, 0xA9, 0x2D, 0xFC, 0x4E, 0xD5, 0xA5, 0x98, 0xB1, 0xFE, 0x1B, 0xEB, 0xA9, 0x06, 0x3C, 0x76, 0xD9, 0xAA, 0x0E, 0x9C, 0x60, 0xFC, 0xE9, 0x77, 0x9D, 0x7F, 0x67, 0xAC, 0xF5, 0xC7, 0x49, 0x12, 0xFD, 0x76, 0xAC, 0xD2, 0x54, 0xDB, 0x73, 0x41, 0x10, 0x1F, 0x04, 0x3F, 0xD0, 0x6F, 0xE0, 0x80, 0x24, 0xCC, 0xEE, 0xBF, 0x25, 0x9D, 0x0D, 0x5A, 0x2A, 0x1C, 0xC5, 0xD4, 0xE3, 0x5D, 0x3A, 0xC1, 0x86, 0xD3, 0xD4, 0x52, 0x1C, 0x4C, 0xBF, 0x31, 0xEB, 0x54, 0xCA, 0x4C, 0x06, 0x50, 0x52, 0x87, 0xD4, 0x9D, 0x4A, 0x4B, 0x22, 0xE1, 0x4A, 0xE9, 0x4D, 0x05, 0xA8, 0x57, 0xEC, 0xF8, 0x90, 0xF8, 0x58, 0xC3, 0x8B, 0x3A, 0x0F, 0x88, 0x36, 0xF4, 0xE5, 0x44, 0x10, 0x80, 0x68, 0x86, 0x1D, 0xAE, 0x90, 0x20, 0x03, 0x22, 0x2D, 0x44, 0xBF, 0xAB, 0x2B, 0xA1, 0x14, 0xAD, 0x6B, 0x40, 0x57, 0xDB, 0xBB, 0xDA, 0x09, 0x4C, 0x51, 0x26, 0x9B, 0xE3, 0xD9, 0xF9, 0xE1, 0xBC, 0xF1, 0xF1, 0xCD, 0x30, 0xB4, 0xF5, 0x39, 0xD0, 0xBC, 0xF7, 0x98, 0x05, 0xAF, 0xA8, 0x33, 0x4B, 0xC1, 0x16, 0x0F, 0xF2, 0xC2, 0x79, 0x96, 0xEC, 0xBE, 0xA9, 0xF5, 0x55, 0x7C, 0x82, 0x95, 0x73, 0xB5, 0x11, 0x8D, 0x9E, 0x2D, 0xDB, 0x70, 0x6D, 0x6E, 0xEE, 0xAA, 0x21, 0xE0, 0x4E, 0x80, 0x0A, 0x96, 0x4A, 0x10, 0xD0, 0x9C, 0xD7, 0xD9, 0xD4, 0x94, 0x87, 0x72, 0xA2, 0xAF, 0x02, 0xA0, 0x05, 0x2E, 0xBF, 0x17, 0xEB, 0xFE, 0x5B, 0x9F, 0xB7, 0x0B, 0x1E, 0x3E, 0xF9, 0xAC, 0xBC, 0x7B, 0xB1, 0x56, 0x10, 0x24, 0x5F, 0x57, 0x2C, 0x08, 0xD0, 0x14, 0x79, 0x83, 0x84, 0x6A, 0x45, 0x25, 0xEB, 0xD9, 0xBE, 0x02, 0x21, 0xF7, 0x35, 0xC2, 0x74, 0x57, 0xC5, 0xAC, 0x34, 0x05, 0xC6, 0x9E, 0x82, 0xB8, 0xED, 0x78, 0xC4, 0x3B, 0xFD, 0x23, 0x59, 0x54, 0xD2, 0x0A, 0x0B, 0x5B, 0x25, 0xC0, 0x71, 0xC3, 0x84, 0x3A, 0xA7, 0xF9, 0x99, 0x86, 0xD8, 0xFE, 0x60, 0x10, 0x85, 0x77, 0x57, 0x76, 0x0C, 0x25, 0xE1, 0x18, 0x18, 0x3B, 0x83, 0xFD, 0x36, 0x7C, 0x84, 0x58, 0xC2, 0xC4, 0x68, 0x4F, 0xD1, 0xD7, 0x0A, 0x88, 0xFD, 0xCA, 0x97, 0xA1, 0xE5, 0xCE, 0x72, 0x63, 0xCF, 0x74, 0xD0, 0x20, 0xD9, 0xDE, 0x3F, 0xBB, 0x11, 0xF9, 0x21, 0xAB, 0x3F, 0x54, 0x41, 0xA7, 0xAA, 0xCA, 0xFC, 0xE1, 0x1A, 0x8C, 0x12, 0xC9, 0x39, 0x13, 0x5A, 0x81, 0x29, 0x49, 0xE8, 0xFB, 0x48, 0xC9, 0x4D, 0x50, 0x87, 0xAE, 0x51, 0xFB, 0x94, 0xFC, 0xF0, 0x9C, 0x70, 0x1C, 0xE8, 0x6E, 0x44, 0x53, 0x1E, 0x2F, 0x27, 0x5C, 0xB8, 0xEC, 0xBE, 0xFC, 0xD9, 0x98, 0x6A, 0x08, 0xD0, 0x5C, 0x4D, 0x78, 0x2D, 0x4D, 0x07, 0xAD, 0x5E, 0xB8, 0x51, 0x40, 0xE2, 0x2A, 0x7F, 0xB1, 0x54, 0x47, 0x5C, 0x99, 0x12, 0xC2, 0x6D, 0x5E, 0xED, 0x25, 0x30, 0x6A, 0x99, 0xC5, 0x0D, 0x65, 0x83, 0x68, 0x3A, 0xFD, 0x82, 0x59, 0x0D, 0xCE, 0x0B, 0x49, 0xBE, 0x17, 0x46, 0x51, 0xA9, 0xB6, 0x54, 0xE1, 0x18, 0xBD, 0x49, 0xE6, 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0x02, 0x00, 0x04, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x05, 0x18, 0x9E, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x88, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x41, 0x50, 0x54, 0x3A, 0x55, 0x00, 0x00, 0x00, 0x24, 0x68, 0x69, 0x6F, 0x46, 0x49, 0x4F, 0x00, 0x24, 0x68, 0x6F, 0x73, 0x74, 0x69, 0x6F, 0x30, 0x24, 0x68, 0x6F, 0x73, 0x74, 0x69, 0x6F, 0x31, 0x61, 0x63, 0x3A, 0x75, 0x00, 0x00, 0x00, 0x00, 0x62, 0x6F, 0x73, 0x73, 0x3A, 0x55, 0x00, 0x00, 0x63, 0x61, 0x6D, 0x3A, 0x75, 0x00, 0x00, 0x00, 0x63, 0x65, 0x63, 0x64, 0x3A, 0x75, 0x00, 0x00, 0x63, 0x66, 0x67, 0x3A, 0x75, 0x00, 0x00, 0x00, 0x64, 0x6C, 0x70, 0x3A, 0x46, 0x4B, 0x43, 0x4C, 0x64, 0x6C, 0x70, 0x3A, 0x53, 0x52, 0x56, 0x52, 0x64, 0x73, 0x70, 0x3A, 0x3A, 0x44, 0x53, 0x50, 0x66, 0x72, 0x64, 0x3A, 0x75, 0x00, 0x00, 0x00, 0x66, 0x73, 0x3A, 0x55, 0x53, 0x45, 0x52, 0x00, 0x67, 0x73, 0x70, 0x3A, 0x3A, 0x47, 0x70, 0x75, 0x68, 0x69, 0x64, 0x3A, 0x55, 0x53, 0x45, 0x52, 0x68, 0x74, 0x74, 0x70, 0x3A, 0x43, 0x00, 0x00, 0x6D, 0x69, 0x63, 0x3A, 0x75, 0x00, 0x00, 0x00, 0x6E, 0x64, 0x6D, 0x3A, 0x75, 0x00, 0x00, 0x00, 0x6E, 0x65, 0x77, 0x73, 0x3A, 0x75, 0x00, 0x00, 0x6E, 0x77, 0x6D, 0x3A, 0x3A, 0x55, 0x44, 0x53, 0x70, 0x74, 0x6D, 0x3A, 0x75, 0x00, 0x00, 0x00, 0x70, 0x78, 0x69, 0x3A, 0x64, 0x65, 0x76, 0x00, 0x73, 0x6F, 0x63, 0x3A, 0x55, 0x00, 0x00, 0x00, 0x73, 0x73, 0x6C, 0x3A, 0x43, 0x00, 0x00, 0x00, 0x79, 0x32, 0x72, 0x3A, 0x75, 0x00, 0x00, 0x00, 0x6C, 0x64, 0x72, 0x3A, 0x72, 0x6F, 0x00, 0x00, 0x69, 0x72, 0x3A, 0x55, 0x53, 0x45, 0x52, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x4E, 0x9F, 0xFA, 0xF0, 0xFF, 0xBF, 0xFF, 0xF1, 0xE7, 0x3F, 0x00, 0xF2, 0x00, 0xF0, 0x91, 0xFF, 0x00, 0xF6, 0x91, 0xFF, 0x50, 0xFF, 0x81, 0xFF, 0x58, 0xFF, 0x81, 0xFF, 0x70, 0xFF, 0x81, 0xFF, 0x78, 0xFF, 0x81, 0xFF, 0x01, 0x01, 0x00, 0xFF, 0x00, 0x02, 0x00, 0xFE, 0x21, 0x02, 0x00, 0xFC, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02 +}; + +// DLP +static const unsigned char Dlp_HdrPubK[0x100] = +{ + 0xB3, 0x16, 0x68, 0xF1, 0xED, 0x59, 0xC8, 0x7F, 0xC6, 0x50, 0x21, 0xFE, 0x36, 0x7C, 0x55, 0xE7, 0x07, 0xF9, 0x1D, 0x1B, 0xF5, 0xB1, 0x2A, 0x6B, 0x3A, 0xDE, 0x2D, 0x4C, 0x51, 0xCD, 0x4C, 0x9F, 0xEE, 0x1D, 0xE4, 0xE8, 0xF0, 0xFD, 0x09, 0x8E, 0x0F, 0x92, 0x5F, 0xDB, 0x9C, 0x5C, 0x15, 0x55, 0x1A, 0x4D, 0x04, 0x8C, 0xB0, 0xA4, 0x88, 0x97, 0xC4, 0xD5, 0x92, 0x04, 0x42, 0x33, 0x84, 0x81, 0x06, 0xD6, 0xF2, 0x17, 0xDE, 0x83, 0x17, 0x50, 0xD0, 0x47, 0x61, 0x14, 0x0D, 0xB7, 0xC7, 0xA0, 0xC1, 0x8B, 0x82, 0x47, 0x13, 0xEE, 0x76, 0xA2, 0xA3, 0x8D, 0xCE, 0x55, 0xC1, 0xF3, 0x7A, 0xEA, 0x91, 0xE1, 0xB9, 0x2F, 0x8F, 0x9B, 0xC3, 0x7B, 0x51, 0x2F, 0xE7, 0xAD, 0x93, 0x9C, 0xFD, 0xDF, 0x19, 0xC8, 0x6C, 0x24, 0xC2, 0xE2, 0x91, 0x97, 0x1F, 0xEB, 0x4B, 0xD4, 0x46, 0x6C, 0x06, 0x93, 0xAF, 0xF5, 0x5E, 0x8F, 0x77, 0x25, 0xC4, 0x28, 0xC0, 0x82, 0x4A, 0x78, 0xE9, 0x14, 0x08, 0xC3, 0xC3, 0x58, 0x24, 0x44, 0x2D, 0x2B, 0xA7, 0xEE, 0x28, 0xEF, 0x1B, 0x6D, 0xAA, 0x9C, 0xED, 0x7F, 0x35, 0xCE, 0x86, 0x5C, 0x6B, 0x8A, 0x23, 0xD3, 0x9D, 0x05, 0x8F, 0xD2, 0x41, 0x93, 0x1D, 0x1D, 0x7E, 0xB0, 0x46, 0x23, 0x63, 0x07, 0xEA, 0x5F, 0x26, 0xE3, 0x81, 0x27, 0xB3, 0x95, 0xB1, 0x93, 0x59, 0xD4, 0x1A, 0xB8, 0x73, 0xD0, 0x09, 0x95, 0x2B, 0xE8, 0x8B, 0xE2, 0x73, 0x5F, 0x34, 0xB9, 0x98, 0x82, 0xF0, 0x11, 0xC6, 0x8F, 0x12, 0x4D, 0x09, 0x57, 0x10, 0x97, 0x22, 0x0E, 0xC8, 0x7D, 0x40, 0xC1, 0x9D, 0x12, 0x1F, 0x71, 0xFE, 0x1E, 0x1A, 0x8C, 0x3F, 0x56, 0xAC, 0x43, 0xC3, 0x66, 0x0C, 0x81, 0xAE, 0xC1, 0x8F, 0x68, 0xFF, 0x87, 0x07, 0x3C, 0xCD, 0x0A, 0x23, 0xDE, 0xBA, 0x9B +}; + +static const unsigned char Dlp_HdrPrivK[0x100] = +{ + 0x77, 0xC2, 0x7A, 0xB7, 0x9E, 0x13, 0xB6, 0x62, 0xCC, 0x09, 0x76, 0x51, 0xFB, 0xB9, 0xB5, 0xF0, 0x63, 0x82, 0x91, 0x96, 0xCA, 0xFC, 0x88, 0xF3, 0x60, 0x50, 0x87, 0x56, 0x4C, 0x35, 0xD0, 0x11, 0xFB, 0x38, 0x7E, 0x85, 0xCF, 0xF2, 0x46, 0xDB, 0x7B, 0x4A, 0x55, 0x54, 0x15, 0x01, 0xF7, 0x3A, 0x0B, 0xF6, 0x89, 0x1E, 0x54, 0x5A, 0x13, 0x05, 0xFB, 0x19, 0x1F, 0x26, 0x3D, 0xE7, 0x19, 0xAA, 0xF7, 0x19, 0xF2, 0x97, 0x47, 0xB3, 0xBE, 0x79, 0xCA, 0x6E, 0x91, 0x5A, 0xC9, 0xB9, 0xA6, 0x83, 0xB8, 0x2A, 0x45, 0x1A, 0xA7, 0x17, 0x86, 0xBA, 0x48, 0x49, 0x62, 0x3C, 0x33, 0x11, 0x51, 0x97, 0x5F, 0xAA, 0xE5, 0x1E, 0x0B, 0x19, 0x0C, 0xE6, 0x80, 0x6A, 0x5A, 0xB1, 0xD6, 0xCE, 0xDB, 0x6E, 0xC0, 0x5D, 0x29, 0x04, 0x84, 0x56, 0xE3, 0x29, 0x7E, 0xAC, 0xE8, 0xEE, 0xB1, 0x91, 0x37, 0xEB, 0x98, 0x9C, 0xBD, 0x02, 0x6A, 0x78, 0x61, 0xB0, 0x79, 0x1A, 0x9F, 0x30, 0x86, 0xF6, 0x71, 0x5A, 0x5A, 0x12, 0xA1, 0x9E, 0xA1, 0x68, 0x03, 0xE5, 0x95, 0xA8, 0x38, 0x58, 0x87, 0x08, 0x57, 0x35, 0x32, 0x47, 0x3B, 0xFC, 0x02, 0x6F, 0xCE, 0x55, 0x61, 0xA3, 0x2A, 0x6B, 0x2F, 0xF8, 0xEE, 0x8D, 0xFA, 0x43, 0x33, 0x02, 0x63, 0x47, 0x02, 0x78, 0x5A, 0x7F, 0x64, 0x07, 0x92, 0xB7, 0x7C, 0x09, 0x7C, 0xFE, 0x2D, 0x1C, 0xFC, 0x77, 0x9F, 0x19, 0x20, 0xDD, 0x6D, 0x4C, 0xFE, 0x49, 0x09, 0x47, 0xCA, 0x9B, 0x1C, 0x8C, 0x1F, 0x37, 0xAC, 0x14, 0x85, 0x56, 0xC0, 0xFD, 0xD6, 0x01, 0xB3, 0x40, 0xA3, 0x1A, 0x32, 0x78, 0xA0, 0xDD, 0x21, 0x75, 0xBF, 0x24, 0xD2, 0x93, 0x85, 0xED, 0x22, 0xAD, 0x99, 0x91, 0x87, 0x4A, 0xEC, 0xC0, 0x6C, 0x71, 0x00, 0x76, 0x08, 0x23, 0xA2, 0xF3, 0xCF, 0x61 +}; + +static const unsigned char Dlp_AcexData[0x400] = +{ + 0xAC, 0xE2, 0xA7, 0xC3, 0x00, 0xDE, 0xE8, 0xE9, 0xE0, 0x03, 0xB3, 0x54, 0x08, 0xA8, 0xF8, 0x3A, 0x2E, 0xD8, 0x10, 0x6B, 0xEC, 0xDC, 0x4E, 0xEE, 0x62, 0x10, 0x71, 0x49, 0xD4, 0x43, 0xB1, 0x0E, 0x6B, 0x8C, 0xD7, 0x54, 0xD5, 0x62, 0x28, 0x3F, 0xAA, 0xDE, 0xA9, 0x7D, 0xED, 0x37, 0x7C, 0xE7, 0x89, 0x0B, 0x02, 0xB2, 0x72, 0x4B, 0x17, 0xDB, 0xE2, 0xD3, 0x7C, 0x94, 0x12, 0x3F, 0x2E, 0xA1, 0x08, 0x99, 0xCC, 0x7F, 0x93, 0xE6, 0x38, 0xC9, 0x37, 0x84, 0xD7, 0x11, 0x9D, 0x02, 0x4D, 0x66, 0xB4, 0x70, 0x9F, 0xD8, 0xC6, 0xDD, 0xD5, 0x13, 0x52, 0xF0, 0xA6, 0x78, 0x8C, 0x8E, 0x15, 0xA0, 0xA1, 0xF3, 0xC4, 0xC3, 0x48, 0x45, 0xA5, 0xBE, 0xC9, 0x7A, 0x8B, 0xD3, 0x95, 0xA5, 0x4C, 0xF1, 0xB3, 0x0C, 0x6C, 0x76, 0xA7, 0x57, 0xA1, 0x77, 0xDF, 0x2F, 0xC8, 0x06, 0xA6, 0x0D, 0x1A, 0x09, 0xE4, 0x38, 0x64, 0x07, 0xBE, 0x6A, 0xD2, 0xA0, 0xC0, 0xEC, 0x09, 0x64, 0x9F, 0x0D, 0x93, 0x0C, 0x89, 0xA2, 0x71, 0xD6, 0xC6, 0xC2, 0x54, 0x79, 0x2A, 0xA4, 0x31, 0x28, 0x24, 0x1A, 0xF3, 0x56, 0x78, 0x63, 0x99, 0x97, 0xA5, 0xCE, 0x8F, 0x52, 0x7A, 0x79, 0x51, 0xEE, 0x4C, 0x8B, 0x00, 0x9D, 0x5C, 0x3E, 0xD5, 0xAA, 0x24, 0x9C, 0x94, 0xC6, 0xA3, 0x99, 0x1B, 0x2D, 0xD4, 0xFF, 0xB4, 0x25, 0x73, 0x13, 0x33, 0x9F, 0x03, 0x6F, 0x1E, 0x75, 0xC4, 0x70, 0xF4, 0x07, 0x4F, 0x18, 0xFE, 0xBD, 0x8F, 0x2C, 0x9B, 0x33, 0xD4, 0x30, 0xA7, 0x18, 0x4A, 0xF1, 0xA4, 0xDD, 0x78, 0x41, 0xA0, 0xB8, 0x02, 0x8D, 0x51, 0x96, 0xBE, 0xE7, 0x17, 0x94, 0x66, 0x65, 0x27, 0xF7, 0x69, 0x48, 0x7E, 0xA9, 0x08, 0x71, 0x20, 0x76, 0xB7, 0x8E, 0xD2, 0xBF, 0x5C, 0x7E, 0x5E, 0x06, 0x45, 0xAB, 0x7E, 0x2E, 0xB3, 0x16, 0x68, 0xF1, 0xED, 0x59, 0xC8, 0x7F, 0xC6, 0x50, 0x21, 0xFE, 0x36, 0x7C, 0x55, 0xE7, 0x07, 0xF9, 0x1D, 0x1B, 0xF5, 0xB1, 0x2A, 0x6B, 0x3A, 0xDE, 0x2D, 0x4C, 0x51, 0xCD, 0x4C, 0x9F, 0xEE, 0x1D, 0xE4, 0xE8, 0xF0, 0xFD, 0x09, 0x8E, 0x0F, 0x92, 0x5F, 0xDB, 0x9C, 0x5C, 0x15, 0x55, 0x1A, 0x4D, 0x04, 0x8C, 0xB0, 0xA4, 0x88, 0x97, 0xC4, 0xD5, 0x92, 0x04, 0x42, 0x33, 0x84, 0x81, 0x06, 0xD6, 0xF2, 0x17, 0xDE, 0x83, 0x17, 0x50, 0xD0, 0x47, 0x61, 0x14, 0x0D, 0xB7, 0xC7, 0xA0, 0xC1, 0x8B, 0x82, 0x47, 0x13, 0xEE, 0x76, 0xA2, 0xA3, 0x8D, 0xCE, 0x55, 0xC1, 0xF3, 0x7A, 0xEA, 0x91, 0xE1, 0xB9, 0x2F, 0x8F, 0x9B, 0xC3, 0x7B, 0x51, 0x2F, 0xE7, 0xAD, 0x93, 0x9C, 0xFD, 0xDF, 0x19, 0xC8, 0x6C, 0x24, 0xC2, 0xE2, 0x91, 0x97, 0x1F, 0xEB, 0x4B, 0xD4, 0x46, 0x6C, 0x06, 0x93, 0xAF, 0xF5, 0x5E, 0x8F, 0x77, 0x25, 0xC4, 0x28, 0xC0, 0x82, 0x4A, 0x78, 0xE9, 0x14, 0x08, 0xC3, 0xC3, 0x58, 0x24, 0x44, 0x2D, 0x2B, 0xA7, 0xEE, 0x28, 0xEF, 0x1B, 0x6D, 0xAA, 0x9C, 0xED, 0x7F, 0x35, 0xCE, 0x86, 0x5C, 0x6B, 0x8A, 0x23, 0xD3, 0x9D, 0x05, 0x8F, 0xD2, 0x41, 0x93, 0x1D, 0x1D, 0x7E, 0xB0, 0x46, 0x23, 0x63, 0x07, 0xEA, 0x5F, 0x26, 0xE3, 0x81, 0x27, 0xB3, 0x95, 0xB1, 0x93, 0x59, 0xD4, 0x1A, 0xB8, 0x73, 0xD0, 0x09, 0x95, 0x2B, 0xE8, 0x8B, 0xE2, 0x73, 0x5F, 0x34, 0xB9, 0x98, 0x82, 0xF0, 0x11, 0xC6, 0x8F, 0x12, 0x4D, 0x09, 0x57, 0x10, 0x97, 0x22, 0x0E, 0xC8, 0x7D, 0x40, 0xC1, 0x9D, 0x12, 0x1F, 0x71, 0xFE, 0x1E, 0x1A, 0x8C, 0x3F, 0x56, 0xAC, 0x43, 0xC3, 0x66, 0x0C, 0x81, 0xAE, 0xC1, 0x8F, 0x68, 0xFF, 0x87, 0x07, 0x3C, 0xCD, 0x0A, 0x23, 0xDE, 0xBA, 0x9B, 0xFF, 0xFF, 0xFF, 0xFF, 0x01, 0x00, 0x04, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x05, 0x18, 0x9E, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x88, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x41, 0x50, 0x54, 0x3A, 0x55, 0x00, 0x00, 0x00, 0x24, 0x68, 0x69, 0x6F, 0x46, 0x49, 0x4F, 0x00, 0x24, 0x68, 0x6F, 0x73, 0x74, 0x69, 0x6F, 0x30, 0x24, 0x68, 0x6F, 0x73, 0x74, 0x69, 0x6F, 0x31, 0x61, 0x63, 0x3A, 0x75, 0x00, 0x00, 0x00, 0x00, 0x62, 0x6F, 0x73, 0x73, 0x3A, 0x55, 0x00, 0x00, 0x63, 0x61, 0x6D, 0x3A, 0x75, 0x00, 0x00, 0x00, 0x63, 0x65, 0x63, 0x64, 0x3A, 0x75, 0x00, 0x00, 0x63, 0x66, 0x67, 0x3A, 0x75, 0x00, 0x00, 0x00, 0x64, 0x6C, 0x70, 0x3A, 0x46, 0x4B, 0x43, 0x4C, 0x64, 0x6C, 0x70, 0x3A, 0x53, 0x52, 0x56, 0x52, 0x64, 0x73, 0x70, 0x3A, 0x3A, 0x44, 0x53, 0x50, 0x66, 0x72, 0x64, 0x3A, 0x75, 0x00, 0x00, 0x00, 0x66, 0x73, 0x3A, 0x55, 0x53, 0x45, 0x52, 0x00, 0x67, 0x73, 0x70, 0x3A, 0x3A, 0x47, 0x70, 0x75, 0x68, 0x69, 0x64, 0x3A, 0x55, 0x53, 0x45, 0x52, 0x68, 0x74, 0x74, 0x70, 0x3A, 0x43, 0x00, 0x00, 0x6D, 0x69, 0x63, 0x3A, 0x75, 0x00, 0x00, 0x00, 0x6E, 0x64, 0x6D, 0x3A, 0x75, 0x00, 0x00, 0x00, 0x6E, 0x65, 0x77, 0x73, 0x3A, 0x75, 0x00, 0x00, 0x6E, 0x77, 0x6D, 0x3A, 0x3A, 0x55, 0x44, 0x53, 0x70, 0x74, 0x6D, 0x3A, 0x75, 0x00, 0x00, 0x00, 0x70, 0x78, 0x69, 0x3A, 0x64, 0x65, 0x76, 0x00, 0x73, 0x6F, 0x63, 0x3A, 0x55, 0x00, 0x00, 0x00, 0x73, 0x73, 0x6C, 0x3A, 0x43, 0x00, 0x00, 0x00, 0x79, 0x32, 0x72, 0x3A, 0x75, 0x00, 0x00, 0x00, 0x6C, 0x64, 0x72, 0x3A, 0x72, 0x6F, 0x00, 0x00, 0x69, 0x72, 0x3A, 0x55, 0x53, 0x45, 0x52, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x4E, 0x9F, 0xFA, 0xF0, 0xFF, 0xBF, 0xFF, 0xF1, 0xE7, 0x3F, 0x00, 0xF2, 0x00, 0xF0, 0x91, 0xFF, 0x00, 0xF6, 0x91, 0xFF, 0x50, 0xFF, 0x81, 0xFF, 0x58, 0xFF, 0x81, 0xFF, 0x70, 0xFF, 0x81, 0xFF, 0x78, 0xFF, 0x81, 0xFF, 0x01, 0x01, 0x00, 0xFF, 0x00, 0x02, 0x00, 0xFE, 0x21, 0x02, 0x00, 0xFC, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02 +}; + +#endif \ No newline at end of file diff --git a/blz.c b/blz.c new file mode 100644 index 0000000..8fc2355 --- /dev/null +++ b/blz.c @@ -0,0 +1,336 @@ +/*----------------------------------------------------------------------------*/ +/*-- blz.c - Bottom LZ coding for Nintendo GBA/DS --*/ +/*-- Copyright (C) 2011 CUE --*/ +/*-- --*/ +/*-- This program is free software: you can redistribute it and/or modify --*/ +/*-- it under the terms of the GNU General Public License as published by --*/ +/*-- the Free Software Foundation, either version 3 of the License, or --*/ +/*-- (at your option) any later version. --*/ +/*-- --*/ +/*-- This program is distributed in the hope that it will be useful, --*/ +/*-- but WITHOUT ANY WARRANTY; without even the implied warranty of --*/ +/*-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --*/ +/*-- GNU General Public License for more details. --*/ +/*-- --*/ +/*-- You should have received a copy of the GNU General Public License --*/ +/*-- along with this program. If not, see . --*/ +/*----------------------------------------------------------------------------*/ + +/*----------------------------------------------------------------------------*/ +#include "lib.h" +#include "blz.h" + +/*----------------------------------------------------------------------------*/ +#define CMD_DECODE 0x00 // decode +#define CMD_ENCODE 0x01 // encode + +#define BLZ_SHIFT 1 // bits to shift +#define BLZ_MASK 0x80 // bits to check: + // ((((1 << BLZ_SHIFT) - 1) << (8 - BLZ_SHIFT) + +#define BLZ_THRESHOLD 2 // max number of bytes to not encode +#define BLZ_N 0x1002 // max offset ((1 << 12) + 2) +#define BLZ_F 0x12 // max coded ((1 << 4) + BLZ_THRESHOLD) + +#define RAW_MINIM 0x00000000 // empty file, 0 bytes +#define RAW_MAXIM 0x00FFFFFF // 3-bytes length, 16MB - 1 + +#define BLZ_MINIM 0x00000004 // header only (empty RAW file) +#define BLZ_MAXIM 0x01400000 // 0x0120000A, padded to 20MB: + // * length, RAW_MAXIM + // * flags, (RAW_MAXIM + 7) / 8 + // * header, 11 + // 0x00FFFFFF + 0x00200000 + 12 + padding + +/*----------------------------------------------------------------------------*/ +#define BREAK(text) { printf(text); return; } +#define EXIT(text) { printf(text); exit(-1); } + +/*----------------------------------------------------------------------------*/ +u8 *Memory(int length, int size); + +u8 *BLZ_Code(u8 *raw_buffer, int raw_len, u32 *new_len, int best); +void BLZ_Invert(u8 *buffer, int length); + +/*----------------------------------------------------------------------------*/ +u8 *Memory(int length, int size) { + u8 *fb; + + fb = (u8 *) calloc(length * size, size); + if (fb == NULL) EXIT("\nMemory error\n"); + + return(fb); +} + +/*----------------------------------------------------------------------------*/ +void BLZ_Decode(char *filename) { + // u8 *pak_buffer, *raw_buffer, *pak, *raw, *pak_end, *raw_end; + // u32 pak_len, raw_len, len, pos, inc_len, hdr_len, enc_len, dec_len; + // u8 flags, mask; + + // printf("- decoding '%s'", filename); + + // // pak_buffer = Load(filename, &pak_len, BLZ_MINIM, BLZ_MAXIM); + + // inc_len = *(u32 *)(pak_buffer + pak_len - 4); + // if (!inc_len) { + // enc_len = 0; + // dec_len = pak_len - 4; + // pak_len = 0; + // raw_len = dec_len; + // } else { + // if (pak_len < 8) EXIT("File has a bad header\n"); + // hdr_len = pak_buffer[pak_len - 5]; + // if ((hdr_len < 0x08) || (hdr_len > 0x0B)) EXIT("Bad header length\n"); + // if (pak_len <= hdr_len) EXIT("Bad length\n"); + // enc_len = *(u32 *)(pak_buffer + pak_len - 8) & 0x00FFFFFF; + // dec_len = pak_len - enc_len; + // pak_len = enc_len - hdr_len; + // raw_len = dec_len + enc_len + inc_len; + // if (raw_len > RAW_MAXIM) EXIT("Bad decoded length\n"); + // } + + // raw_buffer = (u8 *) Memory(raw_len, sizeof(char)); + + // pak = pak_buffer; + // raw = raw_buffer; + // pak_end = pak_buffer + dec_len + pak_len; + // raw_end = raw_buffer + raw_len; + + // for (len = 0; len < dec_len; len++) *(raw++) = *(pak++); + + // BLZ_Invert(pak_buffer + dec_len, pak_len); + + // mask = 0; + + // while (raw < raw_end) { + // if (!(mask >>= BLZ_SHIFT)) { + // if (pak == pak_end) break; + // flags = *pak++; + // mask = BLZ_MASK; + // } + + // if (!(flags & mask)) { + // if (pak == pak_end) break; + // *raw++ = *pak++; + // } else { + // if (pak + 1 >= pak_end) break; + // pos = *pak++ << 8; + // pos |= *pak++; + // len = (pos >> 12) + BLZ_THRESHOLD + 1; + // if (raw + len > raw_end) { + // printf(", WARNING: wrong decoded length!"); + // len = raw_end - raw; + // } + // pos = (pos & 0xFFF) + 3; + // while (len--) *(raw++) = *(raw - pos); + // } + // } + + // BLZ_Invert(raw_buffer + dec_len, raw_len - dec_len); + + // raw_len = raw - raw_buffer; + + // if (raw != raw_end) printf(", WARNING: unexpected end of encoded file!"); + + // // Save(filename, raw_buffer, raw_len); + + // free(raw_buffer); + // free(pak_buffer); + + // printf("\n"); +} + +u8 *Load(char *filename, u32 *length, int min, int max) { + FILE *fp; + int fs; + u8 *fb; + + if ((fp = fopen(filename, "rb")) == NULL) EXIT("\nFile open error\n"); + fseek(fp, 0, SEEK_END); + fs = ftell(fp); + fseek(fp, 0, SEEK_SET); + if ((fs < min) || (fs > max)) EXIT("\nFile size error\n"); + fb = Memory(fs + 3, sizeof(char)); + if (fread(fb, 1, fs, fp) != fs) EXIT("\nFile read error\n"); + if (fclose(fp) == EOF) EXIT("\nFile close error\n"); + + *length = fs; + + return(fb); +} + +/*----------------------------------------------------------------------------*/ +u8* BLZ_Encode(char *filename, u32* pak_len, int mode) { + u8 *raw_buffer, *pak_buffer, *new_buffer; + u32 raw_len, new_len; + + raw_buffer = Load(filename, &raw_len, RAW_MINIM, RAW_MAXIM); + + pak_buffer = NULL; + *pak_len = BLZ_MAXIM + 1; + + new_buffer = BLZ_Code(raw_buffer, raw_len, &new_len, mode); + if (new_len < *pak_len) { + if (pak_buffer != NULL) free(pak_buffer); + pak_buffer = new_buffer; + *pak_len = new_len; + } + + return pak_buffer; +} + +/*----------------------------------------------------------------------------*/ +u8 *BLZ_Code(u8 *raw_buffer, int raw_len, u32 *new_len, int best) { + u8 *pak_buffer, *pak, *raw, *raw_end, *flg, *tmp; + u32 pak_len, inc_len, hdr_len, enc_len, len, pos, max; + u32 len_best, pos_best, len_next, pos_next, len_post, pos_post; + u32 pak_tmp, raw_tmp; + u8 mask; + +#define SEARCH(l,p) { \ + l = BLZ_THRESHOLD; \ + \ + max = raw - raw_buffer >= BLZ_N ? BLZ_N : raw - raw_buffer; \ + for (pos = 3; pos <= max; pos++) { \ + for (len = 0; len < BLZ_F; len++) { \ + if (raw + len == raw_end) break; \ + if (len >= pos) break; \ + if (*(raw + len) != *(raw + len - pos)) break; \ + } \ + \ + if (len > l) { \ + p = pos; \ + if ((l = len) == BLZ_F) break; \ + } \ + } \ +} + + pak_tmp = 0; + raw_tmp = raw_len; + + pak_len = raw_len + ((raw_len + 7) / 8) + 11; + pak_buffer = (u8 *) Memory(pak_len, sizeof(char)); + + BLZ_Invert(raw_buffer, raw_len); + + pak = pak_buffer; + raw = raw_buffer; + raw_end = raw_buffer + raw_len; + + mask = 0; + + while (raw < raw_end) { + if (!(mask >>= BLZ_SHIFT)) { + *(flg = pak++) = 0; + mask = BLZ_MASK; + } + + SEARCH(len_best, pos_best); + + // LZ-CUE optimization start + if (best) { + if (len_best > BLZ_THRESHOLD) { + if (raw + len_best < raw_end) { + raw += len_best; + SEARCH(len_next, pos_next); + raw -= len_best - 1; + SEARCH(len_post, pos_post); + raw--; + + if (len_next <= BLZ_THRESHOLD) len_next = 1; + if (len_post <= BLZ_THRESHOLD) len_post = 1; + + if (len_best + len_next <= 1 + len_post) len_best = 1; + } + } + } + // LZ-CUE optimization end + + *flg <<= 1; + if (len_best > BLZ_THRESHOLD) { + raw += len_best; + *flg |= 1; + *pak++ = ((len_best - (BLZ_THRESHOLD+1)) << 4) | ((pos_best - 3) >> 8); + *pak++ = (pos_best - 3) & 0xFF; + } else { + *pak++ = *raw++; + } + + if (pak - pak_buffer + raw_len - (raw - raw_buffer) < pak_tmp + raw_tmp) { + pak_tmp = pak - pak_buffer; + raw_tmp = raw_len - (raw - raw_buffer); + } + } + + while (mask && (mask != 1)) { + mask >>= BLZ_SHIFT; + *flg <<= 1; + } + + pak_len = pak - pak_buffer; + + BLZ_Invert(raw_buffer, raw_len); + BLZ_Invert(pak_buffer, pak_len); + + if (!pak_tmp || (raw_len + 4 < ((pak_tmp + raw_tmp + 3) & -4) + 8)) { + pak = pak_buffer; + raw = raw_buffer; + raw_end = raw_buffer + raw_len; + + while (raw < raw_end) *pak++ = *raw++; + + while ((pak - pak_buffer) & 3) *pak++ = 0; + + *(u32 *)pak = 0; pak += 4; + } else { + tmp = (u8 *) Memory(raw_tmp + pak_tmp + 11, sizeof(char)); + + for (len = 0; len < raw_tmp; len++) + tmp[len] = raw_buffer[len]; + + for (len = 0; len < pak_tmp; len++) + tmp[raw_tmp + len] = pak_buffer[len + pak_len - pak_tmp]; + + pak = pak_buffer; + pak_buffer = tmp; + + free(pak); + + pak = pak_buffer + raw_tmp + pak_tmp; + + enc_len = pak_tmp; + hdr_len = 8; + inc_len = raw_len - pak_tmp - raw_tmp; + + while ((pak - pak_buffer) & 3) { + *pak++ = 0xFF; + hdr_len++; + } + + *(u32 *)pak = enc_len + hdr_len; pak += 3; + *pak++ = hdr_len; + *(u32 *)pak = inc_len - hdr_len; pak += 4; + } + + *new_len = pak - pak_buffer; + + return(pak_buffer); +} + +/*----------------------------------------------------------------------------*/ +void BLZ_Invert(u8 *buffer, int length) { + u8 *bottom, ch; + + bottom = buffer + length - 1; + + while (buffer < bottom) { + ch = *buffer; + *buffer++ = *bottom; + *bottom-- = ch; + } +} + +/*----------------------------------------------------------------------------*/ +/*-- EOF Copyright (C) 2011 CUE --*/ +/*----------------------------------------------------------------------------*/ diff --git a/blz.h b/blz.h new file mode 100644 index 0000000..d91ab4e --- /dev/null +++ b/blz.h @@ -0,0 +1,9 @@ +#ifndef _BLZ_H_ +#define _BLZ_H_ + +#define BLZ_NORMAL 0 // normal mode +#define BLZ_BEST 1 // best mode + +u8 *BLZ_Code(u8 *raw_buffer, int raw_len, u32 *new_len, int best); + +#endif diff --git a/certs.c b/certs.c new file mode 100644 index 0000000..5cec50a --- /dev/null +++ b/certs.c @@ -0,0 +1,139 @@ +#include "lib.h" +#include "certs.h" + +// Cert Sizes + +u32 GetCertSize(u8 *cert) +{ + u32 SigSize = 0; + u32 SigPadding = 0; + GetCertSigSectionSizes(&SigSize,&SigPadding,cert); + if(!SigSize || !SigPadding) return 0; + + Cert_Struct *certcore = (Cert_Struct*)(cert+4+SigSize+SigPadding); + + u32 PubKSectionSize = GetCertPubkSectionSize((pubk_types)u8_to_u32(certcore->KeyType,BE)); + + return (4+SigSize+SigPadding+sizeof(Cert_Struct)+PubKSectionSize); +} + +void GetCertSigSectionSizes(u32 *SigSize, u32 *SigPadding, u8 *cert) +{ + sig_types sig = (sig_types)u8_to_u32(cert,BE); + switch(sig){ + case RSA_4096_SHA1 : + *SigSize = 0x200; + *SigPadding = 0x3C; + break; + case RSA_2048_SHA1 : + *SigSize = 0x100; + *SigPadding = 0x3C; + break; + case ECC_SHA1 : + *SigSize = 0x3C; + *SigPadding = 0x40; + break; + case RSA_4096_SHA256 : + *SigSize = 0x200; + *SigPadding = 0x3C; + break; + case RSA_2048_SHA256 : + *SigSize = 0x100; + *SigPadding = 0x3C; + break; + case ECC_SHA256 : + *SigSize = 0x3C; + *SigPadding = 0x40; + break; + default : + *SigSize = 0; + *SigPadding = 0; + break; + } + return; +} + +u32 GetCertPubkSectionSize(pubk_types type) +{ + switch(type){ + case RSA_4096_PUBK : return sizeof(rsa_4096_pubk_struct); + case RSA_2048_PUBK : return sizeof(rsa_2048_pubk_struct); + case ECC_PUBK : return sizeof(ecc_pubk_struct); + default : return 0; + } +} + +// Issuer/Name Functions +u8 *GetCertIssuer(u8 *cert) +{ + u32 SigSize = 0; + u32 SigPadding = 0; + GetCertSigSectionSizes(&SigSize,&SigPadding,cert); + if(!SigSize || !SigPadding) return 0; + + Cert_Struct *certcore = (Cert_Struct*)(cert+4+SigSize+SigPadding); + return certcore->Issuer; +} +u8 *GetCertName(u8 *cert) +{ + u32 SigSize = 0; + u32 SigPadding = 0; + GetCertSigSectionSizes(&SigSize,&SigPadding,cert); + if(!SigSize || !SigPadding) return 0; + + Cert_Struct *certcore = (Cert_Struct*)(cert+4+SigSize+SigPadding); + return certcore->Name; +} + +int GenCertChildIssuer(u8 *dest, u8 *cert) +{ + u8 *Issuer = GetCertIssuer(cert); + u8 *Name = GetCertName(cert); + + u32 out_size = strlen((char*)Issuer) + strlen((char*)Name) + 1; + if(out_size > 0x40) return MEM_ERROR; + + memcpy(dest,Issuer,strlen((char*)Issuer)); + dest[strlen((char*)Issuer)] = '-'; + memcpy((dest+strlen((char*)Issuer)+1),Name,strlen((char*)Name)); + return 0; +} + +// Pubk +pubk_types GetCertPubkType(u8 *cert) +{ + u32 SigSize = 0; + u32 SigPadding = 0; + GetCertSigSectionSizes(&SigSize,&SigPadding,cert); + if(!SigSize || !SigPadding) return 0; + + Cert_Struct *certcore = (Cert_Struct*)(cert+4+SigSize+SigPadding); + + return (pubk_types)u8_to_u32(certcore->KeyType,BE); +} +u8 *GetCertPubk(u8 *cert) +{ + u32 SigSize = 0; + u32 SigPadding = 0; + GetCertSigSectionSizes(&SigSize,&SigPadding,cert); + if(!SigSize || !SigPadding) return 0; + return (cert+4+SigSize+SigPadding+sizeof(Cert_Struct)); +} + +bool VerifyCert(u8 *cert, u8 *pubk) +{ + u32 SigSize = 0; + u32 SigPadding = 0; + GetCertSigSectionSizes(&SigSize,&SigPadding,cert); + if(!SigSize || !SigPadding) return 0; + + + u8 *signature = (cert+4); + u8 *data = (cert+4+SigSize+SigPadding); + u32 datasize = sizeof(Cert_Struct) + GetCertPubkSectionSize(GetCertPubkType(cert)); + + int result = ctr_sig(data,datasize,signature,pubk,NULL,u8_to_u32(cert,BE),CTR_RSA_VERIFY); + + if(result == 0) return true; + else return false; +} \ No newline at end of file diff --git a/certs.h b/certs.h new file mode 100644 index 0000000..3d8ef47 --- /dev/null +++ b/certs.h @@ -0,0 +1,47 @@ +#ifndef _CERTS_H_ +#define _CERTS_H_ + +typedef struct +{ + u8 Issuer[0x40]; + u8 KeyType[4]; + u8 Name[0x40]; + u8 Unknown[4]; +} Cert_Struct; + +typedef struct +{ + u8 Modulus[0x200]; + u8 PubExponent[4]; + u8 Padding[0x34]; +} rsa_4096_pubk_struct; + +typedef struct +{ + u8 Modulus[0x100]; + u8 PubExponent[4]; + u8 Padding[0x34]; +} rsa_2048_pubk_struct; + +typedef struct +{ + u8 PubK[0x3C]; + u8 Padding[0x3C]; +} ecc_pubk_struct; + +#endif +// Cert Sizes +u32 GetCertSize(u8 *cert); +void GetCertSigSectionSizes(u32 *SigSize, u32 *SigPadding, u8 *cert); +u32 GetCertPubkSectionSize(pubk_types type); + +// Issuer/Name Functions +u8 *GetCertIssuer(u8 *cert); +u8 *GetCertName(u8 *cert); +int GenCertChildIssuer(u8 *dest, u8 *cert); + +// Pubk +pubk_types GetCertPubkType(u8 *cert); +u8 *GetCertPubk(u8 *cert); + +bool VerifyCert(u8 *cert, u8 *pubk); \ No newline at end of file diff --git a/cia.c b/cia.c new file mode 100644 index 0000000..07986ae --- /dev/null +++ b/cia.c @@ -0,0 +1,613 @@ +#include "lib.h" +#include "ncch.h" +#include "exheader.h" +#include "exefs.h" +#include "certs.h" +#include "cia.h" +#include "tik.h" +#include "tmd.h" +#include "titleid.h" +#include "srl.h" +#include "ncsd.h" + +// Private Prototypes +/* cia_settings tools */ +void init_CIASettings(cia_settings *set); +void free_CIASettings(cia_settings *set); +int get_CIASettings(cia_settings *ciaset, user_settings *usrset); + +int GetSettingsFromUsrset(cia_settings *ciaset, user_settings *usrset); +int GetSettingsFromNcch0(cia_settings *ciaset, u32 ncch0_offset); +int GetCIADataFromNcch(cia_settings *ciaset, NCCH_Header *NcchHdr, ExtendedHeader_Struct *ExHeader); +int GetMetaRegion(cia_settings *ciaset, ExtendedHeader_Struct *ExHeader, u8 *ExeFs); +int GetContentFilePtrs(cia_settings *ciaset, user_settings *usrset); +int GetSettingsFromSrl(cia_settings *ciaset); +int GetSettingsFromCci(cia_settings *ciaset); + +u16 SetupVersion(u16 Major, u16 Minor, u16 Micro); + +int BuildCIA_CertChain(cia_settings *ciaset); +int BuildCIA_Header(cia_settings *ciaset); + +int WriteCurrentSectionstoFile(cia_settings *ciaset); +int WriteContentsToFile(cia_settings *ciaset, user_settings *usrset); +int WriteTMDToFile(cia_settings *ciaset); + +int CryptContent(u8 *EncBuffer,u8 *DecBuffer,u64 size,u8 *title_key, u16 index, u8 mode); + + +int build_CIA(user_settings *usrset) +{ + int result = 0; + + // Init Settings + cia_settings *ciaset = malloc(sizeof(cia_settings)); + if(!ciaset) {fprintf(stderr,"[CIA ERROR] MEM ERROR\n"); return MEM_ERROR;} + init_CIASettings(ciaset); + + // Get Settings + result = get_CIASettings(ciaset,usrset); + if(result) goto finish; + + // Create Output File + ciaset->out = fopen(usrset->outfile,"wb"); + if(!ciaset->out){ + fprintf(stderr,"[CIA ERROR] Failed to create '%s'\n",usrset->outfile); + result = FAILED_TO_CREATE_OUTFILE; + goto finish; + } + + // Create CIA Sections + /* Certificate Chain */ + result = BuildCIA_CertChain(ciaset); + if(result) goto finish; + + /* Ticket */ + result = BuildTicket(ciaset); + if(result) goto finish; + + /* CIA Header */ + result = BuildCIA_Header(ciaset); + if(result) goto finish; + /* Write To File Current Sections to File */ + /* Explanation : + In order to conserve memory, only one Content is in memory at a time. + This however has the limitation of only being able to generate TMD after all content + has been processed (, encrypted) and written to file. + */ + result = WriteCurrentSectionstoFile(ciaset); + if(result) goto finish; + + result = WriteContentsToFile(ciaset, usrset); + if(result) goto finish; + + result = BuildTMD(ciaset); + if(result) goto finish; + + result = WriteTMDToFile(ciaset); + +finish: + if(result != FAILED_TO_CREATE_OUTFILE && ciaset->out) fclose(ciaset->out); + free_CIASettings(ciaset); + return result; +} + +void init_CIASettings(cia_settings *set) +{ + memset(set,0,sizeof(cia_settings)); +} + +void free_CIASettings(cia_settings *set) +{ + if(set->content.ContentFilePtrs){ + for(u32 i = 1; i < set->content.ContentCount; i++){ + fclose(set->content.ContentFilePtrs[i]); + } + free(set->content.ContentFilePtrs); + } + free(set->CIA_Sections.CertChain.buffer); + free(set->CIA_Sections.Ticket.buffer); + free(set->CIA_Sections.TitleMetaData.buffer); + free(set->CIA_Sections.CXI_MetaData.buffer); + + memset(set,0,sizeof(cia_settings)); + + free(set); +} + +int get_CIASettings(cia_settings *ciaset, user_settings *usrset) +{ + int result = 0; + + // Transfering data from usrset + result = GetSettingsFromUsrset(ciaset,usrset); + + if(usrset->Content0IsNcch){ + result = GetSettingsFromNcch0(ciaset,0); + if(result) return result; + result = GetContentFilePtrs(ciaset,usrset); + if(result) return result; + } + + else if(usrset->Content0IsSrl){ + result = GetSettingsFromSrl(ciaset); + if(result) return result; + } + + else if(usrset->Content0IsCci){ + result = GetSettingsFromCci(ciaset); + if(result) return result; + } + + + return 0; +} + +int GetSettingsFromUsrset(cia_settings *ciaset, user_settings *usrset) +{ + // General Stuff + ciaset->keys = &usrset->keys; + ciaset->content.content0 = usrset->Content0.buffer; + ciaset->content.content0_FileLen = usrset->Content0.size; + u32_to_u8(ciaset->Title_type,TYPE_CTR,BE); + ciaset->content.EncryptContents = usrset->EncryptContents; + ciaset->cert.ca_crl_version = 0; + ciaset->cert.signer_crl_version = 0; + + for(int i = 0; i < 3; i++){ + ciaset->Version[i] = usrset->Version[i]; + } + + // Random Number generator + u8 hash[0x20]; + ctr_sha(ciaset->content.content0,0x100,hash,CTR_SHA_256); + + // Ticket Data + memcpy(ciaset->tik.TicketID,(hash+0x8),8); + if(usrset->RandomTitleKey){ + memcpy(ciaset->tik.TitleKey,(hash+0x10),16); + } + else{ + memcpy(ciaset->tik.TitleKey,usrset->keys.aes.NormalKey,16); + } + + ciaset->tik.ticket_format_ver = 1; + ciaset->tik.UnknownDataType = tik_normal; + + int result = GenCertChildIssuer(ciaset->tik.TicketIssuer,usrset->keys.certs.tik_cert); + if(result) return result; + + // Tmd Stuff + if(usrset->ContentID[0] > 0xffffffff){ + ciaset->content.ContentId[0] = u8_to_u32(hash,BE); + } + else ciaset->content.ContentId[0] = usrset->ContentID[0]; + ciaset->tmd.tmd_format_ver = 1; + result = GenCertChildIssuer(ciaset->tmd.TMDIssuer,usrset->keys.certs.tmd_cert); + return 0; +} + +int GetSettingsFromNcch0(cia_settings *ciaset, u32 ncch0_offset) +{ + /* Sanity Checks */ + if(!ciaset->content.content0_FileLen) + return CIA_NO_NCCH0; + + u8 *ncch0 = (u8*)(ciaset->content.content0+ncch0_offset); + + if(!IsNCCH(NULL,ncch0)){ + fprintf(stderr,"[CIA ERROR] Content0 is not NCCH\n"); + return CIA_INVALID_NCCH0; + } + + /* Get Ncch0 Header */ + NCCH_Header *hdr = NULL; + hdr = GetNCCH_CommonHDR(hdr,NULL,ncch0); + if(IsCfa(hdr)){ + ciaset->content.IsCfa = true; + } + + ciaset->content.ContentOffset[0] = 0; + ciaset->content.ContentSize[0] = GetNCCH_MediaSize(hdr)*GetNCCH_MediaUnitSize(hdr); + ciaset->content.TotalContentSize = ciaset->content.ContentSize[0]; + + /* Get Ncch0 Import Context */ + NCCH_STRUCT *ncch_ctx = malloc(sizeof(NCCH_STRUCT)); + if(!ncch_ctx){ fprintf(stderr,"[CIA ERROR] MEM ERROR\n"); return MEM_ERROR; } + memset(ncch_ctx,0x0,sizeof(NCCH_STRUCT)); + GetCXIStruct(ncch_ctx,hdr); + + /* Verify Ncch0 (Sig&Hash Checks) */ + int result = VerifyNCCH(ncch0,ciaset->keys,true); + if(result == UNABLE_TO_LOAD_NCCH_KEY){ + ciaset->content.KeyNotFound = true; + if(!ciaset->content.IsCfa){ + fprintf(stderr,"[CIA WARNING] CXI AES Key could not be loaded\n"); + fprintf(stderr," Meta Region, SaveDataSize, Remaster Version cannot be obtained\n"); + } + } + else if(result != 0){ + fprintf(stderr,"[CIA ERROR] Content 0 Is Corrupt\n"); + return CIA_INVALID_NCCH0; + } + + /* Gen Settings From Ncch0 */ + endian_memcpy(ciaset->TitleID,hdr->title_id,8,LE); + + + /* Getting ExeFs/ExHeader */ + u8 *ExeFs = malloc(ncch_ctx->exefs_size); + if(!ExeFs){ fprintf(stderr,"[CIA ERROR] MEM ERROR\n"); return MEM_ERROR; } + ExtendedHeader_Struct *ExHeader = malloc(ncch_ctx->exheader_size); + if(!ExHeader){ fprintf(stderr,"[CIA ERROR] MEM ERROR\n"); free(ExeFs); return MEM_ERROR; } + + GetNCCHSection(ExeFs, ncch_ctx->exefs_size, 0, ncch0, ncch_ctx, ciaset->keys, ncch_exefs); + GetNCCHSection((u8*)ExHeader, ncch_ctx->exheader_size, 0, ncch0, ncch_ctx, ciaset->keys, ncch_ExHeader); + + result = GetCIADataFromNcch(ciaset,hdr,ExHeader); // Data For TMD + if(result) goto finish; + result = GetMetaRegion(ciaset,ExHeader,ExeFs); // Meta Region + /* Finish */ +finish: + free(ExeFs); + free(ExHeader); + + /* Return */ + free(ncch_ctx); + return result; +} + +int GetCIADataFromNcch(cia_settings *ciaset, NCCH_Header *NcchHdr, ExtendedHeader_Struct *ExHeader) +{ + u16 Category = u8_to_u16((ciaset->TitleID+2),BE); + bool IsPatch = (Category == 0x000E); + if(IsPatch||ciaset->content.IsCfa||ciaset->content.KeyNotFound) u32_to_u8(ciaset->tmd.SaveDataSize,0,LE); + else u32_to_u8(ciaset->tmd.SaveDataSize,(u32)GetSaveDataSize_frm_exhdr(ExHeader),LE); + + + if(ciaset->content.IsCfa||ciaset->content.KeyNotFound){ + if(ciaset->Version[0] == 0xffff){ // '-major' wasn't set + if(ciaset->content.IsCfa){ // Is a CFA and can be decrypted + fprintf(stderr,"[CIA ERROR] Invalid major version. Use '-major' option.\n"); + return CIA_BAD_VERSION; + } + else // CXI which cannot be decrypted + ciaset->Version[0] = 0; + } + } + else{ // Is a CXI and can be decrypted + if(ciaset->Version[0] != 0xffff){ // '-major' was set + fprintf(stderr,"[CIA ERROR] Option '-major' cannot be applied for cxi.\n"); + return CIA_BAD_VERSION; + } + // Setting remaster ver + ciaset->Version[0] = GetRemasterVersion_frm_exhdr(ExHeader); + } + SetupVersion(ciaset->Version[0],ciaset->Version[1],ciaset->Version[2]); + + u16 version = SetupVersion(ciaset->Version[0],ciaset->Version[1],ciaset->Version[2]); + u16_to_u8(ciaset->tik.TicketVersion,version,BE); + u16_to_u8(ciaset->tmd.TitleVersion,version,BE); + return 0; +} + +int GetMetaRegion(cia_settings *ciaset, ExtendedHeader_Struct *ExHeader, u8 *ExeFs) +{ + if(ciaset->content.IsCfa || ciaset->content.KeyNotFound) return 0; + ciaset->CIA_Sections.CXI_MetaData.size = sizeof(MetaData_Struct) + GetExeFsSectionSize("icon",ExeFs); + ciaset->CIA_Sections.CXI_MetaData.buffer = malloc(ciaset->CIA_Sections.CXI_MetaData.size); + if(!ciaset->CIA_Sections.CXI_MetaData.buffer){ fprintf(stderr,"[CIA ERROR] MEM ERROR\n"); return MEM_ERROR; } + MetaData_Struct *hdr = (MetaData_Struct*)ciaset->CIA_Sections.CXI_MetaData.buffer; + memset(hdr,0,sizeof(MetaData_Struct)); + GetDependancyList_frm_exhdr(hdr->DependancyList,ExHeader); + GetCoreVersion_frm_exhdr(hdr->CoreVersion,ExHeader); + if(DoesExeFsSectionExist("icon",ExeFs)){ + u8 *IconDestPos = (ciaset->CIA_Sections.CXI_MetaData.buffer + sizeof(MetaData_Struct)); + memcpy(IconDestPos,GetExeFsSection("icon",ExeFs),GetExeFsSectionSize("icon",ExeFs)); + } + return 0; +} + +int GetContentFilePtrs(cia_settings *ciaset, user_settings *usrset) +{ + ciaset->content.ContentFilePtrs = malloc(sizeof(FILE*)*CIA_MAX_CONTENT); + if(!ciaset->content.ContentFilePtrs){ fprintf(stderr,"[CIA ERROR] MEM ERROR\n"); return MEM_ERROR; } + memset(ciaset->content.ContentFilePtrs,0,sizeof(FILE*)*CIA_MAX_CONTENT); + int j = 1; + NCCH_Header *hdr = malloc(sizeof(NCCH_Header)); + for(int i = 1; i < CIA_MAX_CONTENT; i++){ + if(usrset->ContentPath[i]){ + ciaset->content.ContentFilePtrs[j] = fopen(usrset->ContentPath[i],"rb"); + if(!ciaset->content.ContentFilePtrs[j]){ fprintf(stderr,"[CIA ERROR] Failed to open '%s'\n",usrset->ContentPath[i]); return FAILED_TO_OPEN_FILE; } + if(usrset->ContentID[i] == 0x100000000){ + u8 hash[0x20]; + ctr_sha(usrset->ContentPath[i],strlen(usrset->ContentPath[i]),hash,CTR_SHA_256); + ciaset->content.ContentId[j] = u8_to_u32(hash,BE); + } + else ciaset->content.ContentId[j] = (u32)usrset->ContentID[i]; + ciaset->content.ContentIndex[j] = (u16)i; + + // Get Data from ncch HDR + GetNCCH_CommonHDR(hdr,ciaset->content.ContentFilePtrs[j],NULL); + + // Get TitleID + memcpy(ciaset->content.ContentTitleId[j],hdr->title_id,8); + + // Get Size + ciaset->content.ContentSize[j] = GetNCCH_MediaSize(hdr)*GetNCCH_MediaUnitSize(hdr); + ciaset->content.ContentOffset[j] = ciaset->content.TotalContentSize; + + ciaset->content.TotalContentSize += ciaset->content.ContentSize[j]; + + + // Finish get next content + j++; + } + } + free(hdr); + ciaset->content.ContentCount = j; + + // Check Conflicting IDs + for(int i = 0; i < ciaset->content.ContentCount; i++){ + for(j = i+1; j < ciaset->content.ContentCount; j++){ + if(ciaset->content.ContentId[j] == ciaset->content.ContentId[i]){ + fprintf(stderr,"[CIA ERROR] CIA Content %d and %d, have conflicting IDs\n",ciaset->content.ContentIndex[j],ciaset->content.ContentIndex[i]); + return CIA_CONFILCTING_CONTENT_IDS; + } + } + } + return 0; +} + +int GetSettingsFromSrl(cia_settings *ciaset) +{ + SRL_Header *hdr = (SRL_Header*)ciaset->content.content0; + if(!hdr || ciaset->content.content0_FileLen < sizeof(SRL_Header)) { + fprintf(stderr,"[CIA ERROR] Invalid TWL SRL File\n"); + return FAILED_TO_IMPORT_FILE; + } + + // Check if TWL SRL File + if(u8_to_u16(&hdr->title_id[6],LE) != 0x0003){ + fprintf(stderr,"[CIA ERROR] Invalid TWL SRL File\n"); + return FAILED_TO_IMPORT_FILE; + } + + // Generate and store Converted TitleID + u64_to_u8(ciaset->TitleID,ConvertTwlIdToCtrId(u8_to_u64(hdr->title_id,LE)),BE); + //memdump(stdout,"SRL TID: ",ciaset->TitleID,8); + + // Get TWL Flag + ciaset->tmd.twl_flag = ((hdr->reserved_flags[3] & 6) >> 1); + + // Get Remaster Version + u16 version = SetupVersion(hdr->rom_version,ciaset->Version[1],0); + u16_to_u8(ciaset->tik.TicketVersion,version,BE); + u16_to_u8(ciaset->tmd.TitleVersion,version,BE); + + // Get SaveDataSize (Public and Private) + memcpy(ciaset->tmd.SaveDataSize,hdr->pub_save_data_size,4); + memcpy(ciaset->tmd.PrivSaveDataSize,hdr->priv_save_data_size,4); + + // Setting CIA Content Settings + ciaset->content.ContentCount = 1; + ciaset->content.ContentOffset[0] = 0; + ciaset->content.ContentSize[0] = ciaset->content.content0_FileLen; + ciaset->content.TotalContentSize = ciaset->content.content0_FileLen; + + return 0; +} + + + +int GetSettingsFromCci(cia_settings *ciaset) +{ + int result = 0; + + if(!IsCci(ciaset->content.content0)){ + fprintf(stderr,"[CIA ERROR] Invalid CCI file\n"); + return FAILED_TO_IMPORT_FILE; + } + + u32 ncch0_offset = GetPartitionOffset(ciaset->content.content0,0); + if(!ncch0_offset){ + fprintf(stderr,"[CIA ERROR] Invalid CCI file (invalid ncch0 size)\n"); + return FAILED_TO_IMPORT_FILE; + } + + result = GetSettingsFromNcch0(ciaset, ncch0_offset); + if(result){ + fprintf(stderr,"Import of Ncch 0 failed(%d)\n",result); + return result; + } + ciaset->content.ContentCount = 1; + ciaset->content.CCIContentOffsets[0] = ncch0_offset; + NCCH_Header *hdr = malloc(sizeof(NCCH_Header)); + for(int i = 1; i < 8; i++){ + if(GetPartitionSize(ciaset->content.content0,i)){ + ciaset->content.CCIContentOffsets[ciaset->content.ContentCount] = GetPartitionOffset(ciaset->content.content0,i); + + // Get Data from ncch HDR + GetNCCH_CommonHDR(hdr,NULL,GetPartition(ciaset->content.content0,i)); + + // Get Size + ciaset->content.ContentSize[ciaset->content.ContentCount] = GetPartitionSize(ciaset->content.content0,i); + ciaset->content.ContentOffset[ciaset->content.ContentCount] = ciaset->content.TotalContentSize; + + ciaset->content.TotalContentSize += ciaset->content.ContentSize[ciaset->content.ContentCount]; + + // Get ID + u8 hash[0x20]; + ctr_sha((u8*)hdr,0x200,hash,CTR_SHA_256); + ciaset->content.ContentId[ciaset->content.ContentCount] = u8_to_u32(hash,BE); + + // Get Index + ciaset->content.ContentIndex[ciaset->content.ContentCount] = i; + + // Increment Content Count + ciaset->content.ContentCount++; + } + } + free(hdr); + + return 0; +} + +u16 SetupVersion(u16 Major, u16 Minor, u16 Micro) +{ + return (((Major << 10) & 0xFC00) | ((Minor << 4) & 0x3F0) | (Micro & 0xf)); +} + +int BuildCIA_CertChain(cia_settings *ciaset) +{ + ciaset->CIA_Sections.CertChain.size = GetCertSize(ciaset->keys->certs.ca_cert) + GetCertSize(ciaset->keys->certs.tik_cert) + GetCertSize(ciaset->keys->certs.tmd_cert); + ciaset->CIA_Sections.CertChain.buffer = malloc(ciaset->CIA_Sections.CertChain.size); + if(!ciaset->CIA_Sections.CertChain.buffer) { fprintf(stderr,"[CIA ERROR] MEM ERROR\n"); return MEM_ERROR; } + memcpy(ciaset->CIA_Sections.CertChain.buffer,ciaset->keys->certs.ca_cert,GetCertSize(ciaset->keys->certs.ca_cert)); + memcpy((ciaset->CIA_Sections.CertChain.buffer+GetCertSize(ciaset->keys->certs.ca_cert)),ciaset->keys->certs.tik_cert,GetCertSize(ciaset->keys->certs.tik_cert)); + memcpy((ciaset->CIA_Sections.CertChain.buffer+GetCertSize(ciaset->keys->certs.ca_cert)+GetCertSize(ciaset->keys->certs.tik_cert)),ciaset->keys->certs.tmd_cert,GetCertSize(ciaset->keys->certs.tmd_cert)); + return 0; +} + +int BuildCIA_Header(cia_settings *ciaset) +{ + // Allocating memory for header + ciaset->CIA_Sections.Header.size = sizeof(CIA_Header); + ciaset->CIA_Sections.Header.buffer = malloc(ciaset->CIA_Sections.Header.size); + if(!ciaset->CIA_Sections.Header.buffer){ fprintf(stderr,"[CIA ERROR] MEM ERROR\n"); return MEM_ERROR; } + + CIA_Header *hdr = (CIA_Header*)ciaset->CIA_Sections.Header.buffer; + + // Clearing + memset(hdr,0,sizeof(CIA_Header)); + + // Predict TMD Size + ciaset->CIA_Sections.TitleMetaData.size = PredictTMDSize(ciaset->content.ContentCount); + + // Setting Data + u32_to_u8(hdr->HdrSize,sizeof(CIA_Header),LE); + u16_to_u8(hdr->Type,0x0,LE); + u16_to_u8(hdr->Version,0x0,LE); + u32_to_u8(hdr->CertChainSize,ciaset->CIA_Sections.CertChain.size,LE); + u32_to_u8(hdr->TicketSize,ciaset->CIA_Sections.Ticket.size,LE); + u32_to_u8(hdr->TitleMetaDataSize,ciaset->CIA_Sections.TitleMetaData.size,LE); + u32_to_u8(hdr->CXI_MetaSize,ciaset->CIA_Sections.CXI_MetaData.size,LE); + u64_to_u8(hdr->ContentSize,ciaset->content.TotalContentSize,LE); + + // Recording Offsets + ciaset->CIA_Sections.CertChainOffset = align_value(sizeof(CIA_Header),0x40); + ciaset->CIA_Sections.TicketOffset = align_value(ciaset->CIA_Sections.CertChainOffset+ciaset->CIA_Sections.CertChain.size,0x40); + ciaset->CIA_Sections.TitleMetaDataOffset = align_value(ciaset->CIA_Sections.TicketOffset+ciaset->CIA_Sections.Ticket.size,0x40); + ciaset->CIA_Sections.ContentOffset = align_value(ciaset->CIA_Sections.TitleMetaDataOffset+ciaset->CIA_Sections.TitleMetaData.size,0x40); + ciaset->CIA_Sections.CXI_MetaDataOffset = align_value(ciaset->CIA_Sections.ContentOffset+ciaset->content.TotalContentSize,0x40); + + // SetCIAContentIndex, actually works for all index values now. CIA files generated can now hold, with + // validity, 65536 contents. Or at least have a content with index value of 65535. + for(int i = 0; i < ciaset->content.ContentCount; i++){ + // This works by treating the 0x2000 byte index array as an array of 2048 u32 values + + // Used for determining which u32 chunk to write the value to + u16 section = ciaset->content.ContentIndex[i]/32; + + // Calculating the value added to the u32 + u32 value = 0x80000000/(1<content.ContentIndex[i]); + + // Retrieving current u32 block + u32 cur_content_index_section = u8_to_u32(hdr->ContentIndex+(sizeof(u32)*section),BE); + + // Adding value to block + cur_content_index_section += value; + + // Returning block + u32_to_u8(hdr->ContentIndex+(sizeof(u32)*section),cur_content_index_section,BE); + } + return 0; +} + +int WriteCurrentSectionstoFile(cia_settings *ciaset) +{ + WriteBuffer(ciaset->CIA_Sections.Header.buffer,ciaset->CIA_Sections.Header.size,0,ciaset->out); + WriteBuffer(ciaset->CIA_Sections.CertChain.buffer,ciaset->CIA_Sections.CertChain.size,ciaset->CIA_Sections.CertChainOffset,ciaset->out); + WriteBuffer(ciaset->CIA_Sections.Ticket.buffer,ciaset->CIA_Sections.Ticket.size,ciaset->CIA_Sections.TicketOffset,ciaset->out); + WriteBuffer(ciaset->CIA_Sections.CXI_MetaData.buffer,ciaset->CIA_Sections.CXI_MetaData.size,ciaset->CIA_Sections.CXI_MetaDataOffset,ciaset->out); + return 0; +} + +int WriteContentsToFile(cia_settings *ciaset, user_settings *usrset) +{ + u8 *Content0 = ciaset->content.content0; + if(usrset->Content0IsCci) Content0 = (u8*)(ciaset->content.content0+ciaset->content.CCIContentOffsets[0]); + + ctr_sha(Content0,ciaset->content.ContentSize[0],ciaset->content.ContentHash[0],CTR_SHA_256); + if(ciaset->content.EncryptContents) { + ciaset->content.ContentType[0] |= Encrypted; + CryptContent(Content0,Content0,ciaset->content.ContentSize[0],ciaset->tik.TitleKey,ciaset->content.ContentIndex[0],ENC); + } + WriteBuffer(Content0,ciaset->content.ContentSize[0],ciaset->content.ContentOffset[0]+ciaset->CIA_Sections.ContentOffset,ciaset->out); + + // Free Buffer if Not CCI + if(!usrset->Content0IsCci){ + free(usrset->Content0.buffer); + usrset->Content0.buffer = NULL; + usrset->Content0.size = 0; + } + + // Add additional contents, recreating them with their new TitleID + if(usrset->Content0IsNcch){ + u8 TitleId[8]; + endian_memcpy(TitleId,ciaset->TitleID,8,LE); + for(int i = 1; i < ciaset->content.ContentCount; i++){ + u8 *ContentBuff = RetargetNCCH(ciaset->content.ContentFilePtrs[i],ciaset->content.ContentSize[i],ciaset->content.ContentTitleId[i],TitleId,ciaset->keys); + if(!ContentBuff){ + fprintf(stderr,"[CIA ERROR] Could not import content %d to CIA\n",i); + return FAILED_TO_IMPORT_FILE; + } + ctr_sha(ContentBuff,ciaset->content.ContentSize[i],ciaset->content.ContentHash[i],CTR_SHA_256); + if(ciaset->content.EncryptContents) { + ciaset->content.ContentType[i] |= Encrypted; + CryptContent(ContentBuff,ContentBuff,ciaset->content.ContentSize[i],ciaset->tik.TitleKey,ciaset->content.ContentIndex[i],ENC); + } + WriteBuffer(ContentBuff,ciaset->content.ContentSize[i],ciaset->content.ContentOffset[i]+ciaset->CIA_Sections.ContentOffset,ciaset->out); + free(ContentBuff); + } + } + else if(usrset->Content0IsCci){ + for(int i = 1; i < ciaset->content.ContentCount; i++){ + u8 *ContentBuff = (u8*)(ciaset->content.content0+ciaset->content.CCIContentOffsets[i]); + ctr_sha(ContentBuff,ciaset->content.ContentSize[i],ciaset->content.ContentHash[i],CTR_SHA_256); + if(ciaset->content.EncryptContents) { + ciaset->content.ContentType[i] |= Encrypted; + CryptContent(ContentBuff,ContentBuff,ciaset->content.ContentSize[i],ciaset->tik.TitleKey,ciaset->content.ContentIndex[i],ENC); + } + WriteBuffer(ContentBuff,ciaset->content.ContentSize[i],ciaset->content.ContentOffset[i]+ciaset->CIA_Sections.ContentOffset,ciaset->out); + } + free(usrset->Content0.buffer); + usrset->Content0.buffer = NULL; + usrset->Content0.size = 0; + } + + + return 0; +} + +int WriteTMDToFile(cia_settings *ciaset) +{ + WriteBuffer(ciaset->CIA_Sections.TitleMetaData.buffer,ciaset->CIA_Sections.TitleMetaData.size,ciaset->CIA_Sections.TitleMetaDataOffset,ciaset->out); + return 0; +} + +int CryptContent(u8 *EncBuffer,u8 *DecBuffer,u64 size,u8 *title_key, u16 index, u8 mode) +{ + //generating IV + u8 iv[16]; + memset(&iv,0x0,16); + iv[0] = (index >> 8) & 0xff; + iv[1] = index & 0xff; + //Crypting content + ctr_aes_context ctx; + memset(&ctx,0x0,sizeof(ctr_aes_context)); + ctr_init_aes_cbc(&ctx,title_key,iv,mode); + if(mode == ENC) ctr_aes_cbc(&ctx,DecBuffer,EncBuffer,size,ENC); + else ctr_aes_cbc(&ctx,EncBuffer,DecBuffer,size,DEC); + return 0; +} \ No newline at end of file diff --git a/cia.h b/cia.h new file mode 100644 index 0000000..7c14b09 --- /dev/null +++ b/cia.h @@ -0,0 +1,109 @@ +// Enums +typedef enum +{ + CIA_NO_NCCH0 = -1, + CIA_INVALID_NCCH0 = -2, + CIA_CONFILCTING_CONTENT_IDS = -3, + CIA_BAD_VERSION = -4, +} cia_errors; + +// Structs +typedef struct +{ + u8 HdrSize[4]; + u8 Type[2]; + u8 Version[2]; + u8 CertChainSize[4]; + u8 TicketSize[4]; + u8 TitleMetaDataSize[4]; + u8 CXI_MetaSize[4]; + u8 ContentSize[8]; + u8 ContentIndex[0x2000]; +} CIA_Header; + +typedef struct +{ + u8 DependancyList[0x30*0x8]; + u8 Reserved0[0x180]; + u8 CoreVersion[4]; + u8 Reserved1[0xfc]; +} MetaData_Struct; + +typedef struct +{ + FILE *out; + + u8 TitleID[8]; + u8 Title_type[4]; + u16 Version[3]; + + keys_struct *keys; + + struct{ + u8 ca_crl_version; + u8 signer_crl_version; + } cert; + + struct{ + u8 TicketIssuer[0x40]; + u8 ticket_format_ver; + u8 TicketID[8]; + u8 DeviceID[8]; + u8 TicketVersion[3]; + u8 TitleKey[16]; + u8 UnknownDataType; + } tik; + + struct{ + u8 TMDIssuer[0x40]; + u8 tmd_format_ver; + u8 TitleVersion[3]; + u8 SaveDataSize[4]; + u8 PrivSaveDataSize[4]; + u8 twl_flag; + } tmd; + + struct{ + u8 *content0; + u64 content0_FileLen; + bool IsCfa; + bool KeyNotFound; + bool EncryptContents; + + FILE **ContentFilePtrs; + u64 CCIContentOffsets[CCI_MAX_CONTENT]; + u16 ContentCount; + u64 ContentSize[CIA_MAX_CONTENT]; + u64 ContentOffset[CIA_MAX_CONTENT]; + u16 ContentIndex[CIA_MAX_CONTENT]; + u16 ContentType[CIA_MAX_CONTENT]; + u32 ContentId[CIA_MAX_CONTENT]; + u8 ContentHash[CIA_MAX_CONTENT][0x20]; + + u8 ContentTitleId[CIA_MAX_CONTENT][8]; + u64 TotalContentSize; + } content; + + struct{ + COMPONENT_STRUCT Header; + + u32 CertChainOffset; + COMPONENT_STRUCT CertChain; + + u32 TicketOffset; + COMPONENT_STRUCT Ticket; + + u32 TitleMetaDataOffset; + COMPONENT_STRUCT TitleMetaData; + + u32 CXI_MetaDataOffset; + COMPONENT_STRUCT CXI_MetaData; + + u64 ContentOffset; + } CIA_Sections; + + // Finish CIA data req. +} cia_settings; + +// Public Prototypes +int build_CIA(user_settings *usrset); \ No newline at end of file diff --git a/crypto.c b/crypto.c new file mode 100644 index 0000000..90dc016 --- /dev/null +++ b/crypto.c @@ -0,0 +1,423 @@ +#include "lib.h" +#include "crypto.h" + +// API for polarssl adapted/copied from CTRTOOL by neimod +void ctr_sha(void *data, u64 size, u8 *hash, int mode) +{ + switch(mode){ + case(CTR_SHA_1): sha1((u8*)data, size, hash); break; + case(CTR_SHA_256): sha2((u8*)data, size, hash, 0); break; + } +} + +void ctr_add_counter(ctr_aes_context* ctx, u32 carry) +{ + u32 counter[4]; + u32 sum; + int i; + + for(i=0; i<4; i++) + counter[i] = (ctx->ctr[i*4+0]<<24) | (ctx->ctr[i*4+1]<<16) | (ctx->ctr[i*4+2]<<8) | (ctx->ctr[i*4+3]<<0); + + for(i=3; i>=0; i--) + { + sum = counter[i] + carry; + + if (sum < counter[i]) + carry = 1; + else + carry = 0; + + counter[i] = sum; + } + + for(i=0; i<4; i++) + { + ctx->ctr[i*4+0] = counter[i]>>24; + ctx->ctr[i*4+1] = counter[i]>>16; + ctx->ctr[i*4+2] = counter[i]>>8; + ctx->ctr[i*4+3] = counter[i]>>0; + } +} + +void ctr_init_counter(ctr_aes_context* ctx, u8 key[16], u8 ctr[16]) +{ + aes_setkey_enc(&ctx->aes, key, 128); + memcpy(ctx->ctr, ctr, 16); +} + +void ctr_crypt_counter_block(ctr_aes_context* ctx, u8 input[16], u8 output[16]) +{ + int i; + u8 stream[16]; + + + aes_crypt_ecb(&ctx->aes, AES_ENCRYPT, ctx->ctr, stream); + + + if (input) + { + for(i=0; i<16; i++) + { + output[i] = stream[i] ^ input[i]; + } + } + else + { + for(i=0; i<16; i++) + output[i] = stream[i]; + } + + ctr_add_counter(ctx, 1); +} + +void ctr_crypt_counter(ctr_aes_context* ctx, u8* input, u8* output, u32 size) +{ + u8 stream[16]; + u32 i; + + while(size >= 16) + { + ctr_crypt_counter_block(ctx, input, output); + + if (input) + input += 16; + if (output) + output += 16; + + size -= 16; + } + + if (size) + { + memset(stream, 0, 16); + ctr_crypt_counter_block(ctx, stream, stream); + + if (input) + { + for(i=0; iaes, key, 128); break; + case(DEC): aes_setkey_dec(&ctx->aes, key, 128); break; + } + memcpy(ctx->iv, iv, 16); +} + +void ctr_aes_cbc(ctr_aes_context* ctx,u8* input,u8* output,u32 size,u8 mode) +{ + switch(mode){ + case(ENC): aes_crypt_cbc(&ctx->aes, AES_ENCRYPT, size, ctx->iv, input, output); break; + case(DEC): aes_crypt_cbc(&ctx->aes, AES_DECRYPT, size, ctx->iv, input, output); break; + } +} + +void ctr_rsa_free(ctr_rsa_context* ctx) +{ + rsa_free(&ctx->rsa); +} + +int ctr_rsa_init(ctr_rsa_context* ctx, u8 *modulus, u8 *private_exp, u8 *exponent, u8 rsa_type, u8 mode) +{ + // Sanity Check + if(ctx == NULL || modulus == NULL ||(private_exp == NULL && mode == RSAKEY_PRIV) || (exponent == NULL && mode == RSAKEY_PUB)) + return Fail; + rsa_init(&ctx->rsa, RSA_PKCS_V15, 0); + u16 n_size = 0; + u16 d_size = 0; + u16 e_size = 0; + switch(rsa_type){ + case RSA_2048: + ctx->rsa.len = 0x100; + n_size = 0x100; + d_size = 0x100; + e_size = 3; + break; + case RSA_4096: + ctx->rsa.len = 0x200; + n_size = 0x200; + d_size = 0x200; + e_size = 3; + break; + default: return Fail; + } + + switch(mode){ + case(RSAKEY_PUB): + if (mpi_read_binary(&ctx->rsa.N, modulus, n_size)) + goto clean; + if (mpi_read_binary(&ctx->rsa.E, exponent, e_size)) + goto clean; + break; + case(RSAKEY_PRIV): + if (mpi_read_binary(&ctx->rsa.N, modulus, n_size)) + goto clean; + if (mpi_read_binary(&ctx->rsa.D, private_exp, d_size)) + goto clean; + break; + default: return Fail; + } + + return Good; +clean: + ctr_rsa_free(ctx); + return Fail; +} + +int ctr_sig(void *data, u64 size, u8 *signature, u8 *modulus, u8 *private_exp, u32 type, u8 mode) +{ + int result = 0; + int hashtype, hashlen, sigtype; + if(data == NULL || signature == NULL || modulus == NULL ||(private_exp == NULL && mode == CTR_RSA_SIGN)) + return Fail; + + switch(type){ + case RSA_4096_SHA1: + hashtype = CTR_SHA_1; + hashlen = 0x14; + sigtype = RSA_4096; + case RSA_4096_SHA256: + hashtype = CTR_SHA_256; + hashlen = 0x20; + sigtype = RSA_4096; + break; + case RSA_2048_SHA1: + hashtype = CTR_SHA_1; + hashlen = 0x14; + sigtype = RSA_2048; + case RSA_2048_SHA256: + hashtype = CTR_SHA_256; + hashlen = 0x20; + sigtype = RSA_2048; + break; + case ECC_SHA1: + hashtype = CTR_SHA_1; + hashlen = 0x14; + sigtype = ECC; + case ECC_SHA256: + hashtype = CTR_SHA_256; + hashlen = 0x20; + sigtype = ECC; + break; + default: return Fail; + } + + u8 hash[hashlen]; + memset(hash,0,hashlen); + ctr_sha(data,size,hash,hashtype); + //memdump(stdout,"Data: ",data,size); + //memdump(stdout,"HashFor Sig: ",hash,hashlen); + + if(sigtype == RSA_2048 || sigtype == RSA_4096) + result = ctr_rsa(hash,signature,modulus,private_exp,type,mode); + else if(sigtype == ECC){ + printf("[!] ECC is not yet implemented\n"); + result = Fail; + } + return result; +} + +int ctr_rsa(u8 *hash, u8 *signature, u8 *modulus, u8 *private_exp, u32 type, u8 mode) +{ + int result = 0; + // Sanity Check + if(hash == NULL || signature == NULL || modulus == NULL ||(private_exp == NULL && mode == CTR_RSA_SIGN)) + return Fail; + + // Getting details from sig type + int hashtype; + int hashlen; + int sigtype; + switch(type){ + case RSA_4096_SHA1: + hashtype = SIG_RSA_SHA1; + hashlen = 0x14; + sigtype = RSA_4096; + break; + case RSA_4096_SHA256: + hashtype = SIG_RSA_SHA256; + hashlen = 0x14; + sigtype = RSA_4096; + break; + case RSA_2048_SHA1: + hashtype = SIG_RSA_SHA1; + hashlen = 0x20; + sigtype = RSA_2048; + break; + case RSA_2048_SHA256: + hashtype = SIG_RSA_SHA256; + hashlen = 0x20; + sigtype = RSA_2048; + break; + default: return Fail; + } + + // Setting up + ctr_rsa_context ctx; + u8 exponent[3] = {0x01,0x00,0x01}; + switch(mode){ + case CTR_RSA_VERIFY: + result = ctr_rsa_init(&ctx,modulus,NULL,(u8*)exponent,sigtype,RSAKEY_PUB); + break; + case CTR_RSA_SIGN: + result = ctr_rsa_init(&ctx,modulus,private_exp,NULL,sigtype,RSAKEY_PRIV); + break; + } + if(result)return result; + + switch(mode){ + case CTR_RSA_VERIFY: + return rsa_pkcs1_verify(&ctx.rsa,RSA_PUBLIC,hashtype,hashlen,hash,signature); + case CTR_RSA_SIGN: + return ctr_rsa_rsassa_pkcs1_v15_sign(&ctx.rsa,RSA_PRIVATE,hashtype,hashlen,hash,signature); + } + return Fail; +} + + +/** +* Hacked from rsa.c, polarssl doesn't like generating signatures when only D and N are present +**/ +int ctr_rsa_rsassa_pkcs1_v15_sign( rsa_context *ctx, + int mode, + int hash_id, + unsigned int hashlen, + const unsigned char *hash, + unsigned char *sig ) +{ + size_t nb_pad, olen, ret; + unsigned char *p = sig; + + if( ctx->padding != RSA_PKCS_V15 ) + return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + + olen = ctx->len; + + switch( hash_id ) + { + case SIG_RSA_RAW: + nb_pad = olen - 3 - hashlen; + break; + + case SIG_RSA_MD2: + case SIG_RSA_MD4: + case SIG_RSA_MD5: + nb_pad = olen - 3 - 34; + break; + + case SIG_RSA_SHA1: + nb_pad = olen - 3 - 35; + break; + + case SIG_RSA_SHA224: + nb_pad = olen - 3 - 47; + break; + + case SIG_RSA_SHA256: + nb_pad = olen - 3 - 51; + break; + + case SIG_RSA_SHA384: + nb_pad = olen - 3 - 67; + break; + + case SIG_RSA_SHA512: + nb_pad = olen - 3 - 83; + break; + + + default: + return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + } + + if( ( nb_pad < 8 ) || ( nb_pad > olen ) ) + return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + + *p++ = 0; + *p++ = RSA_SIGN; + memset( p, 0xFF, nb_pad ); + p += nb_pad; + *p++ = 0; + + switch( hash_id ) + { + case SIG_RSA_RAW: + memcpy( p, hash, hashlen ); + break; + + case SIG_RSA_MD2: + memcpy( p, ASN1_HASH_MDX, 18 ); + memcpy( p + 18, hash, 16 ); + p[13] = 2; break; + + case SIG_RSA_MD4: + memcpy( p, ASN1_HASH_MDX, 18 ); + memcpy( p + 18, hash, 16 ); + p[13] = 4; break; + + case SIG_RSA_MD5: + memcpy( p, ASN1_HASH_MDX, 18 ); + memcpy( p + 18, hash, 16 ); + p[13] = 5; break; + + case SIG_RSA_SHA1: + memcpy( p, ASN1_HASH_SHA1, 15 ); + memcpy( p + 15, hash, 20 ); + break; + + case SIG_RSA_SHA224: + memcpy( p, ASN1_HASH_SHA2X, 19 ); + memcpy( p + 19, hash, 28 ); + p[1] += 28; p[14] = 4; p[18] += 28; break; + + case SIG_RSA_SHA256: + memcpy( p, ASN1_HASH_SHA2X, 19 ); + memcpy( p + 19, hash, 32 ); + p[1] += 32; p[14] = 1; p[18] += 32; break; + + case SIG_RSA_SHA384: + memcpy( p, ASN1_HASH_SHA2X, 19 ); + memcpy( p + 19, hash, 48 ); + p[1] += 48; p[14] = 2; p[18] += 48; break; + + case SIG_RSA_SHA512: + memcpy( p, ASN1_HASH_SHA2X, 19 ); + memcpy( p + 19, hash, 64 ); + p[1] += 64; p[14] = 3; p[18] += 64; break; + + default: + return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + } + + mpi T, T1, T2; + + mpi_init( &T ); mpi_init( &T1 ); mpi_init( &T2 ); + + MPI_CHK( mpi_read_binary( &T, sig, ctx->len ) ); + + if( mpi_cmp_mpi( &T, &ctx->N ) >= 0 ) + { + mpi_free( &T ); + return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + } + + MPI_CHK( mpi_exp_mod( &T, &T, &ctx->D, &ctx->N, &ctx->RN ) ); + + MPI_CHK( mpi_write_binary( &T, sig, olen ) ); + +cleanup: + + mpi_free( &T ); mpi_free( &T1 ); mpi_free( &T2 ); + + return( 0 ); +} \ No newline at end of file diff --git a/crypto.h b/crypto.h new file mode 100644 index 0000000..1380d1b --- /dev/null +++ b/crypto.h @@ -0,0 +1,101 @@ +#ifndef _CTR_CRYPTO_H_ +#define _CTR_CRYPTO_H_ + +#include "polarssl/config.h" +#include "polarssl/aes.h" +#include "polarssl/rsa.h" +#include "polarssl/sha1.h" +#include "polarssl/sha2.h" + +typedef enum +{ + RSA_4096_SHA1 = 0x00010000, + RSA_2048_SHA1 = 0x00010001, + ECC_SHA1 = 0x00010002, + RSA_4096_SHA256 = 0x00010003, + RSA_2048_SHA256 = 0x00010004, + ECC_SHA256 = 0x00010005 +} sig_types; + +typedef enum +{ + RSA_2048 = 0, + RSA_4096 = 1, + ECC = 2, +} ctr_sig_types; + +typedef enum +{ + CTR_RSA_VERIFY = 0, + CTR_RSA_SIGN = 1, +} ctr_rsa_functions; + +typedef enum +{ + CTR_SHA_1 = 1, + CTR_SHA_256 = 256, +} ctr_sha_modes; + +typedef enum +{ + RSA_4096_PUBK = 0, + RSA_2048_PUBK, + ECC_PUBK +} pubk_types; + +typedef enum +{ + ENC, + DEC +} aescbcmode; + +typedef enum +{ + RSAKEY_INVALID, + RSAKEY_PRIV, + RSAKEY_PUB +} rsakeytype; + +typedef struct +{ + u8 ctr[16]; + u8 iv[16]; + aes_context aes; +} ctr_aes_context; + +typedef struct +{ + rsa_context rsa; +} ctr_rsa_context; + +#ifdef __cplusplus +extern "C" { +#endif +// SHA +void ctr_sha(void *data, u64 size, u8 *hash, int mode); +// AES +void ctr_add_counter(ctr_aes_context* ctx, u32 carry); +void ctr_init_counter(ctr_aes_context* ctx, u8 key[16],u8 ctr[16]); +void ctr_crypt_counter_block(ctr_aes_context* ctx, u8 input[16], u8 output[16]); +void ctr_crypt_counter(ctr_aes_context* ctx, u8* input, u8* output, u32 size); +void ctr_init_aes_cbc(ctr_aes_context* ctx,u8 key[16],u8 iv[16], u8 mode); +void ctr_aes_cbc(ctr_aes_context* ctx,u8* input,u8* output,u32 size,u8 mode); +// RSA +void ctr_rsa_free(ctr_rsa_context* ctx); +int ctr_rsa_init(ctr_rsa_context* ctx, u8 *modulus, u8 *private_exp, u8 *exponent, u8 rsa_type, u8 mode); +int ctr_rsa(u8 *hash, u8 *signature, u8 *modulus, u8 *private_exp, u32 type, u8 mode); +int ctr_rsa_rsassa_pkcs1_v15_sign( rsa_context *ctx, + int mode, + int hash_id, + unsigned int hashlen, + const unsigned char *hash, + unsigned char *sig ); + +// Signature Functions +int ctr_sig(void *data, u64 size, u8 *signature, u8 *modulus, u8 *private_exp, u32 type, u8 mode); + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/elf.c b/elf.c new file mode 100644 index 0000000..18b701f --- /dev/null +++ b/elf.c @@ -0,0 +1,954 @@ +#include "lib.h" +#include "ncch.h" +#include "elf_hdr.h" +#include "elf.h" +#include "blz.h" + +int ImportPlainRegionFromFile(ncch_settings *ncchset); +int ImportExeFsCodeBinaryFromFile(ncch_settings *ncchset); + +u32 GetPageSize(ncch_settings *ncchset); +u32 SizeToPage(u32 memorySize, ElfContext *elf); + +int GetBSS_SizeFromElf(ElfContext *elf, u8 *ElfFile, ncch_settings *ncchset); +int ImportPlainRegionFromElf(ElfContext *elf, u8 *ElfFile, ncch_settings *ncchset); +int CreateExeFsCode(ElfContext *elf, u8 *ElfFile, ncch_settings *ncchset); +int CreateCodeSegmentFromElf(CodeSegment *out, ElfContext *elf, u8 *ElfFile, char **Names, u32 NameNum); +ElfSegment** GetContinuousSegments(u16 *ContinuousSegmentNum, ElfContext *elf, char **Names, u32 NameNum); +ElfSegment** GetSegments(u16 *SegmentNum, ElfContext *elf, char **Names, u32 NameNum); + +// ELF Functions +int GetElfContext(ElfContext *elf, u8 *ElfFile); +int GetElfSectionEntries(ElfContext *elf, u8 *ElfFile); +int GetElfProgramEntries(ElfContext *elf, u8 *ElfFile); +void PrintElfContext(ElfContext *elf, u8 *ElfFile); +int ReadElfHdr(ElfContext *elf, u8 *ElfFile); + +int CreateElfSegments(ElfContext *elf, u8 *ElfFile); +bool IsIgnoreSection(ElfSectionEntry info); + +/* ELF Section Entry Functions */ +u8* GetELFSectionHeader(u16 Index, ElfContext *elf, u8 *ElfFile); +u8* GetELFSectionEntry(u16 Index, ElfContext *elf, u8 *ElfFile); +char* GetELFSectionEntryName(u16 Index, ElfContext *elf, u8 *ElfFile); +u64 GetELFSectionEntryType(u16 Index, ElfContext *elf, u8 *ElfFile); +u64 GetELFSectionEntryFlags(u16 Index, ElfContext *elf, u8 *ElfFile); +u64 GetELFSectionEntryAddress(u16 Index, ElfContext *elf, u8 *ElfFile); +u64 GetELFSectionEntryFileOffset(u16 Index, ElfContext *elf, u8 *ElfFile); +u64 GetELFSectionEntrySize(u16 Index, ElfContext *elf, u8 *ElfFile); +u64 GetELFSectionEntryAlignment(u16 Index, ElfContext *elf, u8 *ElfFile); + +u16 GetElfSectionIndexFromName(char *Name, ElfContext *elf, u8 *ElfFile); + +bool IsBss(ElfSectionEntry *Section); +bool IsData(ElfSectionEntry *Section); +bool IsRO(ElfSectionEntry *Section); +bool IsText(ElfSectionEntry *Section); + +/* ELF Program Entry Functions */ +u8* GetELFProgramHeader(u16 Index, ElfContext *elf, u8 *ElfFile); +u8* GetELFProgramEntry(u16 Index, ElfContext *elf, u8 *ElfFile); +u64 GetELFProgramEntryType(u16 Index, ElfContext *elf, u8 *ElfFile); +u64 GetELFProgramEntryFlags(u16 Index, ElfContext *elf, u8 *ElfFile); +u64 GetELFProgramEntryFileSize(u16 Index, ElfContext *elf, u8 *ElfFile); +u64 GetELFProgramEntryFileOffset(u16 Index, ElfContext *elf, u8 *ElfFile); +u64 GetELFProgramEntryMemorySize(u16 Index, ElfContext *elf, u8 *ElfFile); +u64 GetELFProgramEntryVAddress(u16 Index, ElfContext *elf, u8 *ElfFile); +u64 GetELFProgramEntryPAddress(u16 Index, ElfContext *elf, u8 *ElfFile); +u64 GetELFProgramEntryAlignment(u16 Index, ElfContext *elf, u8 *ElfFile); + + +int BuildExeFsCode(ncch_settings *ncchset) +{ + int result = 0; + if(ncchset->ComponentFilePtrs.plainregion){ // Import PlainRegion from file + result = ImportPlainRegionFromFile(ncchset); + if(result) return result; + } + if(!ncchset->Options.IsBuildingCodeSection){ // Import ExeFs Code from file and return + result = ImportExeFsCodeBinaryFromFile(ncchset); + return result; + } + + /* Import ELF */ + u8 *ElfFile = malloc(ncchset->ComponentFilePtrs.elf_size); + if(!ElfFile) {fprintf(stderr,"[ELF ERROR] MEM ERROR\n"); return MEM_ERROR;} + ReadFile_64(ElfFile,ncchset->ComponentFilePtrs.elf_size,0,ncchset->ComponentFilePtrs.elf); + + /* Create ELF Context */ + ElfContext *elf = malloc(sizeof(ElfContext)); + if(!elf) {fprintf(stderr,"[ELF ERROR] MEM ERROR\n"); free(ElfFile); return MEM_ERROR;} + memset(elf,0,sizeof(ElfContext)); + + result = GetElfContext(elf,ElfFile); + if(result) goto finish; + + /* Setting Page Size */ + elf->PageSize = GetPageSize(ncchset); + + if(!ncchset->ComponentFilePtrs.plainregion){ + result = ImportPlainRegionFromElf(elf,ElfFile,ncchset); + if(result) goto finish; + } + +#ifdef ELF_DEBUG + PrintElfContext(elf,ElfFile); +#endif + + result = CreateExeFsCode(elf,ElfFile,ncchset); + if(result) goto finish; + + result = GetBSS_SizeFromElf(elf,ElfFile,ncchset); + if(result) goto finish; + +finish: + if(result){ + if(result == NOT_ELF_FILE) fprintf(stderr,"[ELF ERROR] Not ELF File\n"); + else if(result == NOT_ARM_ELF) fprintf(stderr,"[ELF ERROR] Not ARM ELF\n"); + else if(result == NON_EXECUTABLE_ELF) fprintf(stderr,"[ELF ERROR] Not Executeable ELF\n"); + else if(result == NOT_FIND_BSS_SIZE) fprintf(stderr,"[ELF ERROR] BSS Size Could not be found\n"); + else if(result == NOT_FIND_CODE_SECTIONS) fprintf(stderr,"[ELF ERROR] Failed to retrieve code sections from ELF\n"); + else fprintf(stderr,"[ELF ERROR] Failed to process ELF file (%d)\n",result); + } + for(int i = 0; i < elf->ActiveSegments; i++){ + free(elf->Segments[i].Header); + free(elf->Segments[i].Sections); + } + free(ElfFile); + free(elf->Sections); + free(elf->ProgramHeaders); + free(elf->Segments); + free(elf); + return result; +} + +int ImportPlainRegionFromFile(ncch_settings *ncchset) +{ + ncchset->Sections.PlainRegion.size = align_value(ncchset->ComponentFilePtrs.plainregion_size,ncchset->Options.MediaSize); + ncchset->Sections.PlainRegion.buffer = malloc(ncchset->Sections.PlainRegion.size); + if(!ncchset->Sections.PlainRegion.buffer) {fprintf(stderr,"[ELF ERROR] MEM ERROR\n"); return MEM_ERROR;} + ReadFile_64(ncchset->Sections.PlainRegion.buffer,ncchset->ComponentFilePtrs.plainregion_size,0,ncchset->ComponentFilePtrs.plainregion); + return 0; +} + +int ImportExeFsCodeBinaryFromFile(ncch_settings *ncchset) +{ + u32 size = ncchset->ComponentFilePtrs.code_size; + u8 *buffer = malloc(size); + if(!buffer) {fprintf(stderr,"[ELF ERROR] MEM ERROR\n"); return MEM_ERROR;} + ReadFile_64(buffer,size,0,ncchset->ComponentFilePtrs.code); + + ncchset->ExeFs_Sections.Code.size = ncchset->ComponentFilePtrs.code_size; + ncchset->ExeFs_Sections.Code.buffer = malloc(ncchset->ExeFs_Sections.Code.size); + if(!ncchset->ExeFs_Sections.Code.buffer) {fprintf(stderr,"[ELF ERROR] MEM ERROR\n"); return MEM_ERROR;} + ReadFile_64(ncchset->ExeFs_Sections.Code.buffer,ncchset->ExeFs_Sections.Code.size,0,ncchset->ComponentFilePtrs.code); + if(ncchset->Options.CompressCode){ + u32 new_len; + ncchset->ExeFs_Sections.Code.buffer = BLZ_Code(buffer,size,&new_len,BLZ_NORMAL); + ncchset->ExeFs_Sections.Code.size = new_len; + free(buffer); + } + else{ + ncchset->ExeFs_Sections.Code.size = size; + ncchset->ExeFs_Sections.Code.buffer = buffer; + } + return 0; +} + +u32 GetPageSize(ncch_settings *ncchset) +{ + if(ncchset->yaml_set->DefaultSpec.Option.PageSize) + return strtoul(ncchset->yaml_set->DefaultSpec.Option.PageSize,NULL,10); + return 0x1000; +} + +u32 SizeToPage(u32 memorySize, ElfContext *elf) +{ + return align_value(memorySize,elf->PageSize)/elf->PageSize; +} + + +int GetBSS_SizeFromElf(ElfContext *elf, u8 *ElfFile, ncch_settings *ncchset) +{ + for(int i = 0; i < elf->SectionTableEntryCount; i++){ + if(IsBss(&elf->Sections[i])) { + ncchset->CodeDetails.BSS_Size = elf->Sections[i].Size; + return 0; + } + } + return NOT_FIND_BSS_SIZE; +} + +int ImportPlainRegionFromElf(ElfContext *elf, u8 *ElfFile, ncch_settings *ncchset) // Doesn't work same as N makerom +{ + if(!ncchset->yaml_set->DefaultSpec.PlainRegionNum) return 0; + u16 *Index = malloc(sizeof(u16)*ncchset->yaml_set->DefaultSpec.PlainRegionNum); + + /* Getting Index Values for each section */ + for(int i = 0; i < ncchset->yaml_set->DefaultSpec.PlainRegionNum; i++){ + Index[i] = GetElfSectionIndexFromName(ncchset->yaml_set->DefaultSpec.PlainRegion[i],elf,ElfFile); + } + + // Eliminating Duplicated Sections + for(int i = ncchset->yaml_set->DefaultSpec.PlainRegionNum - 1; i >= 0; i--){ + for(int j = i-1; j >= 0; j--){ + if(Index[i] == Index[j]) Index[i] = 0; + } + } + + /* Calculating Total Size of Data */ + u64 TotalSize = 0; + for(int i = 0; i < ncchset->yaml_set->DefaultSpec.PlainRegionNum; i++){ + TotalSize += elf->Sections[Index[i]].Size; + } + + /* Creating Output Buffer */ + ncchset->Sections.PlainRegion.size = align_value(TotalSize,ncchset->Options.MediaSize); + ncchset->Sections.PlainRegion.buffer = malloc(ncchset->Sections.PlainRegion.size); + if(!ncchset->Sections.PlainRegion.buffer) {fprintf(stderr,"[ELF ERROR] MEM ERROR\n"); return MEM_ERROR;} + memset(ncchset->Sections.PlainRegion.buffer,0,ncchset->Sections.PlainRegion.size); + + /* Storing Sections */ + u64 pos = 0; + for(int i = 0; i < ncchset->yaml_set->DefaultSpec.PlainRegionNum; i++){ + memcpy((ncchset->Sections.PlainRegion.buffer+pos),elf->Sections[Index[i]].Ptr,elf->Sections[Index[i]].Size); + pos += elf->Sections[Index[i]].Size; + } + return 0; +} + +int CreateExeFsCode(ElfContext *elf, u8 *ElfFile, ncch_settings *ncchset) +{ + /* Getting Code Segments */ + CodeSegment Text; + memset(&Text,0,sizeof(CodeSegment)); + CodeSegment RO; + memset(&RO,0,sizeof(CodeSegment)); + CodeSegment Data; + memset(&Data,0,sizeof(CodeSegment)); + + int result = CreateCodeSegmentFromElf(&Text,elf,ElfFile,ncchset->yaml_set->DefaultSpec.ExeFs.Text,ncchset->yaml_set->DefaultSpec.ExeFs.TextNum); + if(result) return result; + result = CreateCodeSegmentFromElf(&RO,elf,ElfFile,ncchset->yaml_set->DefaultSpec.ExeFs.ReadOnly,ncchset->yaml_set->DefaultSpec.ExeFs.ReadOnlyNum); + if(result) return result; + result = CreateCodeSegmentFromElf(&Data,elf,ElfFile,ncchset->yaml_set->DefaultSpec.ExeFs.ReadWrite,ncchset->yaml_set->DefaultSpec.ExeFs.ReadWriteNum); + if(result) return result; + + /* Allocating Buffer for ExeFs Code */ + u32 size = (Text.MaxPageNum + RO.MaxPageNum + Data.MaxPageNum)*elf->PageSize; + u8 *code = malloc(size); + + /* Writing Code into Buffer */ + u8 *TextPos = (code + 0); + u8 *ROPos = (code + Text.MaxPageNum*elf->PageSize); + u8 *DataPos = (code + (Text.MaxPageNum + RO.MaxPageNum)*elf->PageSize); + if(Text.Size) memcpy(TextPos,Text.Data,Text.Size); + if(RO.Size) memcpy(ROPos,RO.Data,RO.Size); + if(Data.Size) memcpy(DataPos,Data.Data,Data.Size); + + + /* Compressing If needed */ + if(ncchset->Options.CompressCode){ + u32 new_len; + ncchset->ExeFs_Sections.Code.buffer = BLZ_Code(code,size,&new_len,BLZ_NORMAL); + ncchset->ExeFs_Sections.Code.size = new_len; + free(code); + } + else{ + ncchset->ExeFs_Sections.Code.size = size; + ncchset->ExeFs_Sections.Code.buffer = code; + } + + /* Setting CodeSegment Data and freeing original buffers */ + ncchset->CodeDetails.TextAddress = Text.Address; + ncchset->CodeDetails.TextMaxPages = Text.MaxPageNum; + ncchset->CodeDetails.TextSize = Text.Size; + if(Text.Size) free(Text.Data); + + ncchset->CodeDetails.ROAddress = RO.Address; + ncchset->CodeDetails.ROMaxPages = RO.MaxPageNum; + ncchset->CodeDetails.ROSize = RO.Size; + if(RO.Size) free(RO.Data); + + ncchset->CodeDetails.DataAddress = Data.Address; + ncchset->CodeDetails.DataMaxPages = Data.MaxPageNum; + ncchset->CodeDetails.DataSize = Data.Size; + if(Data.Size) free(Data.Data); + + /* Return */ + return 0; +} + +int CreateCodeSegmentFromElf(CodeSegment *out, ElfContext *elf, u8 *ElfFile, char **Names, u32 NameNum) +{ + u16 ContinuousSegmentNum = 0; + memset(out,0,sizeof(CodeSegment)); + ElfSegment **ContinuousSegments = GetContinuousSegments(&ContinuousSegmentNum,elf,Names,NameNum); + if (ContinuousSegments == NULL){ + if(!ContinuousSegmentNum) // Nothing Was Found + return 0; + else // Error with found segments + return ELF_SEGMENTS_NOT_CONTINUOUS; + } + + /* Getting Segment Size/Settings */ + u32 vAddr = 0; + u32 memorySize = 0; + for(int i = 0; i < ContinuousSegmentNum; i++){ + if (i==0){ + vAddr = ContinuousSegments[i]->VAddr; + } + else{ // Add rounded size from previous segment + u32 num = ContinuousSegments[i]->VAddr - (vAddr + memorySize); + memorySize += num; + } + + memorySize += ContinuousSegments[i]->Header->SizeInMemory; + for (int j = 0; j < ContinuousSegments[i]->SectionNum; j++){ + ElfSectionEntry *Section = &ContinuousSegments[i]->Sections[j]; + if (IsBss(Section) && j == (ContinuousSegments[i]->SectionNum-1)) + memorySize -= Section->Size; + } + } + + // For Check +#ifdef ELF_DEBUG + printf("Address: 0x%x\n",vAddr); + printf("Size: 0x%x\n",memorySize); +#endif + + out->Address = vAddr; + out->Size = memorySize; + out->MaxPageNum = SizeToPage(memorySize,elf); + out->Data = malloc(memorySize); + + /* Writing Segment to Buffer */ + vAddr = 0; + memorySize = 0; + for(int i = 0; i < ContinuousSegmentNum; i++){ + if (i==0){ + vAddr = ContinuousSegments[i]->VAddr; + } + else{ + u32 num = ContinuousSegments[i]->VAddr - (vAddr + memorySize); + memorySize += num; + } + u32 size = 0; + for (int j = 0; j < ContinuousSegments[i]->SectionNum; j++){ + ElfSectionEntry *Section = &ContinuousSegments[i]->Sections[j]; + if (!IsBss(Section)){ + u8 *pos = (out->Data + memorySize + size); + memcpy(pos,Section->Ptr,Section->Size); + size += Section->Size; + } + + else if (j == (ContinuousSegments[i]->SectionNum-1)) + memorySize -= Section->Size; + else + size += Section->Size; + } + } + + free(ContinuousSegments); + return 0; +} + + +ElfSegment** GetContinuousSegments(u16 *ContinuousSegmentNum, ElfContext *elf, char **Names, u32 NameNum) +{ + u16 SegmentNum = 0; + ElfSegment **Segments = GetSegments(&SegmentNum, elf, Names, NameNum); + if (Segments == NULL || SegmentNum == 0){ // No Segments for the names were found + //printf("Not Found Segment\n"); + return NULL; + } + + if (SegmentNum == 1){ //Return as there is no need to check + *ContinuousSegmentNum = SegmentNum; + return Segments; + } + + u32 vAddr = Segments[0]->VAddr + Segments[0]->Header->SizeInMemory; + for (int i = 1; i < SegmentNum; i++){ + if (Segments[i]->VAddr != (u32)align_value(vAddr,Segments[i]->Header->Alignment)){ //Each Segment must start after each other + fprintf(stderr,"[ELF ERROR] %s segment and %s segment are not continuous\n", Segments[i]->Name, Segments[i - 1]->Name); + free(Segments); + *ContinuousSegmentNum = 0xffff; // Signify to function that an error occured + return NULL; + } + } + *ContinuousSegmentNum = SegmentNum; + return Segments; +} + + +ElfSegment** GetSegments(u16 *SegmentNum, ElfContext *elf, char **Names, u32 NameNum) +{ + if (Names == NULL) + { + return NULL; + } + + ElfSegment **Segments = malloc(sizeof(ElfSegment*)*NameNum); + *SegmentNum = 0; // There can be a max of NameNum Segments, however, they might not all exist + for (int i = 0; i < NameNum; i++){ + for(int j = 0; j < elf->ActiveSegments; j++){ + if(strcmp(Names[i],elf->Segments[j].Name) == 0){ // If there is a match, store Segment data pointer & increment index + Segments[*SegmentNum] = &elf->Segments[j]; + *SegmentNum = *SegmentNum + 1; + } + } + } + return Segments; +} + +// ELF Functions + +int GetElfContext(ElfContext *elf, u8 *ElfFile) +{ + if(u8_to_u32(ElfFile,BE) != ELF_MAGIC) return NOT_ELF_FILE; + + elf->Is64bit = (ElfFile[4] == elf_64_bit); + elf->IsLittleEndian = (ElfFile[5] == elf_little_endian); + + int result = ReadElfHdr(elf,ElfFile); + if(result) return result; + + result = GetElfSectionEntries(elf,ElfFile); + if(result) return result; + + result = GetElfProgramEntries(elf,ElfFile); + if(result) return result; + + result = CreateElfSegments(elf,ElfFile); + if(result) return result; + + return 0; +} + +int GetElfSectionEntries(ElfContext *elf, u8 *ElfFile) +{ + elf->Sections = malloc(sizeof(ElfSectionEntry)*elf->SectionTableEntryCount); + if(!elf->Sections) {fprintf(stderr,"[ELF ERROR] MEM ERROR\n"); return MEM_ERROR;} + + for(int i = 0; i < elf->SectionTableEntryCount; i++){ + elf->Sections[i].Name = GetELFSectionEntryName(i,elf,ElfFile); + elf->Sections[i].Type = GetELFSectionEntryType(i,elf,ElfFile); + elf->Sections[i].Flags = GetELFSectionEntryFlags(i,elf,ElfFile); + elf->Sections[i].Ptr = GetELFSectionEntry(i,elf,ElfFile); + elf->Sections[i].OffsetInFile = GetELFSectionEntryFileOffset(i,elf,ElfFile); + elf->Sections[i].Size = GetELFSectionEntrySize(i,elf,ElfFile); + elf->Sections[i].Address = GetELFSectionEntryAddress(i,elf,ElfFile); + elf->Sections[i].Alignment = GetELFSectionEntryAlignment(i,elf,ElfFile); + } + return 0; +} + +int GetElfProgramEntries(ElfContext *elf, u8 *ElfFile) +{ + elf->ProgramHeaders = malloc(sizeof(ElfProgramEntry)*elf->ProgramTableEntryCount); + if(!elf->ProgramHeaders) {fprintf(stderr,"[ELF ERROR] MEM ERROR\n"); return MEM_ERROR;} + + for(int i = 0; i < elf->ProgramTableEntryCount; i++){ + elf->ProgramHeaders[i].Type = GetELFProgramEntryType(i,elf,ElfFile); + elf->ProgramHeaders[i].Flags = GetELFProgramEntryFlags(i,elf,ElfFile); + elf->ProgramHeaders[i].Ptr = GetELFProgramEntry(i,elf,ElfFile); + elf->ProgramHeaders[i].OffsetInFile = GetELFProgramEntryFileOffset(i,elf,ElfFile); + elf->ProgramHeaders[i].SizeInFile = GetELFProgramEntryFileSize(i,elf,ElfFile); + elf->ProgramHeaders[i].PhysicalAddress = GetELFProgramEntryPAddress(i,elf,ElfFile); + elf->ProgramHeaders[i].VirtualAddress = GetELFProgramEntryVAddress(i,elf,ElfFile); + elf->ProgramHeaders[i].SizeInMemory = GetELFProgramEntryMemorySize(i,elf,ElfFile); + elf->ProgramHeaders[i].Alignment = GetELFProgramEntryAlignment(i,elf,ElfFile); + } + + return 0; +} + +void PrintElfContext(ElfContext *elf, u8 *ElfFile) +{ + printf("[+] Basic Details\n"); + printf(" Class: %s\n",elf->Is64bit ? "64-bit" : "32-bit"); + printf(" Data: %s\n",elf->IsLittleEndian ? "Little Endian" : "Big Endian"); + printf("\n[+] Program Table Data\n"); + printf(" Offset: 0x%lx\n",elf->ProgramTableOffset); + printf(" Size: 0x%x\n",elf->ProgramTableEntrySize); + printf(" Count: 0x%x\n",elf->ProgramTableEntryCount); + printf("\n[+] Section Table Data\n"); + printf(" Offset: 0x%lx\n",elf->SectionTableOffset); + printf(" Size: 0x%x\n",elf->SectionTableEntrySize); + printf(" Count: 0x%x\n",elf->SectionTableEntryCount); + printf(" Lable Index: 0x%x\n",elf->SectionHeaderNameEntryIndex); + for(int i = 0; i < elf->ActiveSegments; i++){ + printf(" Segment [%d][%s]\n",i,elf->Segments[i].Name); + printf(" > Size : 0x%x\n",elf->Segments[i].Header->SizeInFile); + printf(" > Address : 0x%x\n",elf->Segments[i].VAddr); + printf(" > Sections : %d\n",elf->Segments[i].SectionNum); + for(int j = 0; j < elf->Segments[i].SectionNum; j++){ + printf(" > Section [%d][%s]\n",j,elf->Segments[i].Sections[j].Name); + } + + /* + char outpath[100]; + memset(&outpath,0,100); + sprintf(outpath,"%s.bin",elf->Sections[i].Name); + chdir("elfsections"); + FILE *tmp = fopen(outpath,"wb"); + WriteBuffer(elf->Sections[i].Ptr,elf->Sections[i].Size,0,tmp); + fclose(tmp); + chdir(".."); + */ + } + +} + +int ReadElfHdr(ElfContext *elf, u8 *ElfFile) +{ + if(elf->Is64bit){ + elf_64_hdr *hdr = (elf_64_hdr*)ElfFile; + + u16 Architecture = u8_to_u16(hdr->TargetArchitecture,elf->IsLittleEndian); + u16 Type = u8_to_u16(hdr->Type,elf->IsLittleEndian); + if(Architecture != elf_arm) return NOT_ARM_ELF; + if(Type != elf_executeable) return NON_EXECUTABLE_ELF; + + elf->ProgramTableOffset = u8_to_u64(hdr->ProgramHeaderTableOffset,elf->IsLittleEndian); + elf->ProgramTableEntrySize = u8_to_u16(hdr->ProgramHeaderEntrySize,elf->IsLittleEndian); + elf->ProgramTableEntryCount = u8_to_u16(hdr->ProgramHeaderEntryCount,elf->IsLittleEndian); + + elf->SectionTableOffset = u8_to_u64(hdr->SectionHeaderTableOffset,elf->IsLittleEndian); + elf->SectionTableEntrySize = u8_to_u16(hdr->SectionTableEntrySize,elf->IsLittleEndian); + elf->SectionTableEntryCount = u8_to_u16(hdr->SectionHeaderEntryCount,elf->IsLittleEndian); + + elf->SectionHeaderNameEntryIndex = u8_to_u16(hdr->SectionHeaderNameEntryIndex,elf->IsLittleEndian); + } + else{ + elf_32_hdr *hdr = (elf_32_hdr*)ElfFile; + + u16 Architecture = u8_to_u16(hdr->TargetArchitecture,elf->IsLittleEndian); + u16 Type = u8_to_u16(hdr->Type,elf->IsLittleEndian); + if(Architecture != elf_arm) return NOT_ARM_ELF; + if(Type != elf_executeable) return NON_EXECUTABLE_ELF; + + elf->ProgramTableOffset = u8_to_u32(hdr->ProgramHeaderTableOffset,elf->IsLittleEndian); + elf->ProgramTableEntrySize = u8_to_u16(hdr->ProgramHeaderEntrySize,elf->IsLittleEndian); + elf->ProgramTableEntryCount = u8_to_u16(hdr->ProgramHeaderEntryCount,elf->IsLittleEndian); + + elf->SectionTableOffset = u8_to_u32(hdr->SectionHeaderTableOffset,elf->IsLittleEndian); + elf->SectionTableEntrySize = u8_to_u16(hdr->SectionTableEntrySize,elf->IsLittleEndian); + elf->SectionTableEntryCount = u8_to_u16(hdr->SectionHeaderEntryCount,elf->IsLittleEndian); + + elf->SectionHeaderNameEntryIndex = u8_to_u16(hdr->SectionHeaderNameEntryIndex,elf->IsLittleEndian); + } + return 0; +} + +/* Section Hdr Functions */ + +u8* GetELFSectionHeader(u16 Index, ElfContext *elf, u8 *ElfFile) +{ + if(Index >= elf->SectionTableEntryCount) return NULL; + + return (ElfFile + elf->SectionTableOffset + elf->SectionTableEntrySize*Index); +} + +u8* GetELFSectionEntry(u16 Index, ElfContext *elf, u8 *ElfFile) +{ + if(Index >= elf->SectionTableEntryCount) return NULL; + + return (u8*) (ElfFile + GetELFSectionEntryFileOffset(Index,elf,ElfFile)); +} + +char* GetELFSectionEntryName(u16 Index, ElfContext *elf, u8 *ElfFile) +{ + if(Index >= elf->SectionTableEntryCount) return 0; + + u64 NameIndex = 0; + if(elf->Is64bit){ + elf_64_shdr *shdr = (elf_64_shdr*)GetELFSectionHeader(Index,elf,ElfFile); + NameIndex = u8_to_u64(shdr->sh_name,elf->IsLittleEndian); + } + else{ + elf_32_shdr *shdr = (elf_32_shdr*)GetELFSectionHeader(Index,elf,ElfFile); + NameIndex = u8_to_u32(shdr->sh_name,elf->IsLittleEndian); + } + + u8 *NameTable = GetELFSectionEntry(elf->SectionHeaderNameEntryIndex,elf,ElfFile); + + return (char*)(NameTable+NameIndex); +} + +u64 GetELFSectionEntryType(u16 Index, ElfContext *elf, u8 *ElfFile) +{ + if(Index >= elf->SectionTableEntryCount) return 0; + + if(elf->Is64bit){ + elf_64_shdr *shdr = (elf_64_shdr*)GetELFSectionHeader(Index,elf,ElfFile); + return u8_to_u64(shdr->sh_type,elf->IsLittleEndian); + } + else{ + elf_32_shdr *shdr = (elf_32_shdr*)GetELFSectionHeader(Index,elf,ElfFile); + return u8_to_u32(shdr->sh_type,elf->IsLittleEndian); + } + + return 0; +} + +u64 GetELFSectionEntryFlags(u16 Index, ElfContext *elf, u8 *ElfFile) +{ + if(Index >= elf->SectionTableEntryCount) return 0; + + if(elf->Is64bit){ + elf_64_shdr *shdr = (elf_64_shdr*)GetELFSectionHeader(Index,elf,ElfFile); + return u8_to_u64(shdr->sh_flags,elf->IsLittleEndian); + } + else{ + elf_32_shdr *shdr = (elf_32_shdr*)GetELFSectionHeader(Index,elf,ElfFile); + return u8_to_u32(shdr->sh_flags,elf->IsLittleEndian); + } + + return 0; +} + +u64 GetELFSectionEntryAddress(u16 Index, ElfContext *elf, u8 *ElfFile) +{ + if(Index >= elf->SectionTableEntryCount) return 0; + + if(elf->Is64bit){ + elf_64_shdr *shdr = (elf_64_shdr*)GetELFSectionHeader(Index,elf,ElfFile); + return u8_to_u64(shdr->sh_addr,elf->IsLittleEndian); + } + else{ + elf_32_shdr *shdr = (elf_32_shdr*)GetELFSectionHeader(Index,elf,ElfFile); + return u8_to_u32(shdr->sh_addr,elf->IsLittleEndian); + } + + return 0; +} + +u64 GetELFSectionEntryFileOffset(u16 Index, ElfContext *elf, u8 *ElfFile) +{ + if(Index >= elf->SectionTableEntryCount) return 0; + + if(elf->Is64bit){ + elf_64_shdr *shdr = (elf_64_shdr*)GetELFSectionHeader(Index,elf,ElfFile); + return u8_to_u64(shdr->sh_offset,elf->IsLittleEndian); + } + else{ + elf_32_shdr *shdr = (elf_32_shdr*)GetELFSectionHeader(Index,elf,ElfFile); + return u8_to_u32(shdr->sh_offset,elf->IsLittleEndian); + } + + return 0; +} + +u64 GetELFSectionEntrySize(u16 Index, ElfContext *elf, u8 *ElfFile) +{ + if(Index >= elf->SectionTableEntryCount) return 0; + + if(elf->Is64bit){ + elf_64_shdr *shdr = (elf_64_shdr*)GetELFSectionHeader(Index,elf,ElfFile); + return u8_to_u64(shdr->sh_size,elf->IsLittleEndian); + } + else{ + elf_32_shdr *shdr = (elf_32_shdr*)GetELFSectionHeader(Index,elf,ElfFile); + return u8_to_u32(shdr->sh_size,elf->IsLittleEndian); + } + + return 0; +} + +u64 GetELFSectionEntryAlignment(u16 Index, ElfContext *elf, u8 *ElfFile) +{ + if(Index >= elf->SectionTableEntryCount) return 0; + + if(elf->Is64bit){ + elf_64_shdr *shdr = (elf_64_shdr*)GetELFSectionHeader(Index,elf,ElfFile); + return u8_to_u64(shdr->sh_addralign,elf->IsLittleEndian); + } + else{ + elf_32_shdr *shdr = (elf_32_shdr*)GetELFSectionHeader(Index,elf,ElfFile); + return u8_to_u32(shdr->sh_addralign,elf->IsLittleEndian); + } + + return 0; +} + + +u16 GetElfSectionIndexFromName(char *Name, ElfContext *elf, u8 *ElfFile) +{ + for(int i = 0; i < elf->SectionTableEntryCount; i++){ + if(strcmp(Name,elf->Sections[i].Name) == 0) return i; + } + return 0; // Assuming 0 is always empty +} + +bool IsBss(ElfSectionEntry *Section) +{ + if(Section->Type == 8 && Section->Flags == 3) + return true; + return false; +} + +bool IsData(ElfSectionEntry *Section) +{ + if(Section->Type == 1 && Section->Flags == 3) + return true; + return false; +} + +bool IsRO(ElfSectionEntry *Section) +{ + if(Section->Type == 1 && Section->Flags == 2) + return true; + return false; +} + +bool IsText(ElfSectionEntry *Section) +{ + if(Section->Type == 1 && Section->Flags == 6) + return true; + return false; +} + +/* ProgramHeader Functions */ + +u8* GetELFProgramHeader(u16 Index, ElfContext *elf, u8 *ElfFile) +{ + if(Index >= elf->ProgramTableEntryCount) return NULL; + + return (ElfFile + elf->ProgramTableOffset + elf->ProgramTableEntrySize*Index); +} + +u8* GetELFProgramEntry(u16 Index, ElfContext *elf, u8 *ElfFile) +{ + if(Index >= elf->ProgramTableEntryCount) return NULL; + + return (u8*) (ElfFile + GetELFProgramEntryFileOffset(Index,elf,ElfFile)); + + return NULL; +} + +u64 GetELFProgramEntryType(u16 Index, ElfContext *elf, u8 *ElfFile) +{ + if(Index >= elf->ProgramTableEntryCount) return 0; + + if(elf->Is64bit){ + elf_64_phdr *phdr = (elf_64_phdr*)GetELFProgramHeader(Index,elf,ElfFile); + return u8_to_u64(phdr->p_type,elf->IsLittleEndian); + } + else{ + elf_32_phdr *phdr = (elf_32_phdr*)GetELFProgramHeader(Index,elf,ElfFile); + return u8_to_u32(phdr->p_type,elf->IsLittleEndian); + } + + return 0; +} + +u64 GetELFProgramEntryFlags(u16 Index, ElfContext *elf, u8 *ElfFile) +{ + if(Index >= elf->ProgramTableEntryCount) return 0; + + if(elf->Is64bit){ + elf_64_phdr *phdr = (elf_64_phdr*)GetELFProgramHeader(Index,elf,ElfFile); + return u8_to_u64(phdr->p_flags,elf->IsLittleEndian); + } + else{ + elf_32_phdr *phdr = (elf_32_phdr*)GetELFProgramHeader(Index,elf,ElfFile); + return u8_to_u32(phdr->p_flags,elf->IsLittleEndian); + } + + return 0; +} + +u64 GetELFProgramEntryFileSize(u16 Index, ElfContext *elf, u8 *ElfFile) +{ + if(Index >= elf->ProgramTableEntryCount) return 0; + + if(elf->Is64bit){ + elf_64_phdr *phdr = (elf_64_phdr*)GetELFProgramHeader(Index,elf,ElfFile); + return u8_to_u64(phdr->p_filesz,elf->IsLittleEndian); + } + else{ + elf_32_phdr *phdr = (elf_32_phdr*)GetELFProgramHeader(Index,elf,ElfFile); + return u8_to_u32(phdr->p_filesz,elf->IsLittleEndian); + } + + return 0; +} + +u64 GetELFProgramEntryFileOffset(u16 Index, ElfContext *elf, u8 *ElfFile) +{ + if(Index >= elf->ProgramTableEntryCount) return 0; + + if(elf->Is64bit){ + elf_64_phdr *phdr = (elf_64_phdr*)GetELFProgramHeader(Index,elf,ElfFile); + return u8_to_u64(phdr->p_offset,elf->IsLittleEndian); + } + else{ + elf_32_phdr *phdr = (elf_32_phdr*)GetELFProgramHeader(Index,elf,ElfFile); + return u8_to_u32(phdr->p_offset,elf->IsLittleEndian); + } + + return 0; +} + +u64 GetELFProgramEntryMemorySize(u16 Index, ElfContext *elf, u8 *ElfFile) +{ + if(Index >= elf->ProgramTableEntryCount) return 0; + + if(elf->Is64bit){ + elf_64_phdr *phdr = (elf_64_phdr*)GetELFProgramHeader(Index,elf,ElfFile); + return u8_to_u64(phdr->p_memsz,elf->IsLittleEndian); + } + else{ + elf_32_phdr *phdr = (elf_32_phdr*)GetELFProgramHeader(Index,elf,ElfFile); + return u8_to_u32(phdr->p_memsz,elf->IsLittleEndian); + } + + return 0; +} + +u64 GetELFProgramEntryVAddress(u16 Index, ElfContext *elf, u8 *ElfFile) +{ + if(Index >= elf->ProgramTableEntryCount) return 0; + + if(elf->Is64bit){ + elf_64_phdr *phdr = (elf_64_phdr*)GetELFProgramHeader(Index,elf,ElfFile); + return u8_to_u64(phdr->p_vaddr,elf->IsLittleEndian); + } + else{ + elf_32_phdr *phdr = (elf_32_phdr*)GetELFProgramHeader(Index,elf,ElfFile); + return u8_to_u32(phdr->p_vaddr,elf->IsLittleEndian); + } + + return 0; +} + +u64 GetELFProgramEntryPAddress(u16 Index, ElfContext *elf, u8 *ElfFile) +{ + if(Index >= elf->ProgramTableEntryCount) return 0; + + if(elf->Is64bit){ + elf_64_phdr *phdr = (elf_64_phdr*)GetELFProgramHeader(Index,elf,ElfFile); + return u8_to_u64(phdr->p_paddr,elf->IsLittleEndian); + } + else{ + elf_32_phdr *phdr = (elf_32_phdr*)GetELFProgramHeader(Index,elf,ElfFile); + return u8_to_u32(phdr->p_paddr,elf->IsLittleEndian); + } + + return 0; +} + + +u64 GetELFProgramEntryAlignment(u16 Index, ElfContext *elf, u8 *ElfFile) +{ + if(Index >= elf->ProgramTableEntryCount) return 0; + + if(elf->Is64bit){ + elf_64_phdr *phdr = (elf_64_phdr*)GetELFProgramHeader(Index,elf,ElfFile); + return u8_to_u64(phdr->p_align,elf->IsLittleEndian); + } + else{ + elf_32_phdr *phdr = (elf_32_phdr*)GetELFProgramHeader(Index,elf,ElfFile); + return u8_to_u32(phdr->p_align,elf->IsLittleEndian); + } + + return 0; +} + + +int CreateElfSegments(ElfContext *elf, u8 *ElfFile) +{ + int num = 0; + // Interate through Each Program Header + elf->ActiveSegments = 0; + elf->Segments = malloc(sizeof(ElfSegment)*elf->ProgramTableEntryCount); + ElfSegment *segment = malloc(sizeof(ElfSegment)); // Temporary Buffer + for (int i = 0; i < elf->ProgramTableEntryCount; i++){ + if (elf->ProgramHeaders[i].SizeInMemory != 0 && elf->ProgramHeaders[i].Type == 1){ + memset(segment,0,sizeof(ElfSegment)); + + bool flag = false; + u32 size = 0; + u32 vAddr = elf->ProgramHeaders[i].VirtualAddress; + u32 memorySize = elf->ProgramHeaders[i].SizeInMemory; + + u16 SectionInfoCapacity = 10; + segment->SectionNum = 0; + segment->Sections = malloc(sizeof(ElfSectionEntry)*SectionInfoCapacity); + + // Itterate Through Section Headers + for (int j = num; j < elf->SectionTableEntryCount; j++){ + if (!flag){ + if (elf->Sections[j].Address != vAddr) + goto Skip; + + while (j < (int)elf->Sections[j].Size && elf->Sections[j].Address == vAddr && !IsIgnoreSection(elf->Sections[j])) + j++; + + j--; + + flag = true; + segment->VAddr = elf->Sections[j].Address; + segment->Name = elf->Sections[j].Name; + } + + if(segment->SectionNum < SectionInfoCapacity) + memcpy(&segment->Sections[segment->SectionNum],&elf->Sections[j],sizeof(ElfSectionEntry)); + else{ + SectionInfoCapacity = SectionInfoCapacity*2; + ElfSectionEntry *tmp = malloc(sizeof(ElfSectionEntry)*SectionInfoCapacity); + for(int k = 0; k < segment->SectionNum; k++) + memcpy(&tmp[k],&segment->Sections[k],sizeof(ElfSectionEntry)); + free(segment->Sections); + segment->Sections = tmp; + memcpy(&segment->Sections[segment->SectionNum],&elf->Sections[j],sizeof(ElfSectionEntry)); + } + segment->SectionNum++; + + size += elf->Sections[j].Size; + + if (size == memorySize) + break; + + if (size > memorySize){ + fprintf(stderr,"[ELF ERROR] Too large section size.\n Segment size = 0x%x\n Section Size = 0x%x\n", memorySize, size); + return ELF_SEGMENT_SECTION_SIZE_MISMATCH; + } + Skip: ; + } + if(segment->SectionNum){ + segment->Header = &elf->ProgramHeaders[i]; + memcpy(&elf->Segments[elf->ActiveSegments],segment,sizeof(ElfSegment)); + elf->ActiveSegments++; + } + else{ + free(segment->Sections); + free(segment); + fprintf(stderr,"[ELF ERROR] Program Header Has no corresponding Sections, ELF Cannot be proccessed\n"); + return ELF_SEGMENTS_NOT_FOUND; + } + } + } + + free(segment); + return 0; +} + +bool IsIgnoreSection(ElfSectionEntry info) +{ + if (info.Address) + return false; + + if (info.Type != 1 && info.Type != 0) + return true; + + char IgnoreSectionNames[7][20] = { ".debug_abbrev", ".debug_frame", ".debug_info", ".debug_line", ".debug_loc", ".debug_pubnames", ".comment" }; + for (int i = 0; i < 7; i++){ + if (strcmp(IgnoreSectionNames[i],info.Name) == 0) + return true; + } + return false; + +} diff --git a/elf.h b/elf.h new file mode 100644 index 0000000..ece978c --- /dev/null +++ b/elf.h @@ -0,0 +1,87 @@ +#ifndef _ELF_H_ +#define _ELF_H_ + +typedef enum +{ + NOT_ELF_FILE = -10, + NOT_ARM_ELF = -11, + NON_EXECUTABLE_ELF = -12, + ELF_SECTION_NOT_FOUND = -13, + NOT_FIND_BSS_SIZE = -14, + NOT_FIND_CODE_SECTIONS = -15, + ELF_SEGMENT_SECTION_SIZE_MISMATCH = -16, + ELF_SEGMENTS_NOT_CONTINUOUS = -17, + ELF_SEGMENTS_NOT_FOUND = -18, +} elf_errors; + +typedef struct +{ + char *Name; + u64 Type; + u64 Flags; + u8 *Ptr; + u64 OffsetInFile; + u64 Size; + u64 Address; + u64 Alignment; +} ElfSectionEntry; + +typedef struct +{ + u64 Type; + u64 Flags; + u8 *Ptr; + u64 OffsetInFile; + u64 SizeInFile; + u64 VirtualAddress; + u64 PhysicalAddress; + u64 SizeInMemory; + u64 Alignment; + +} ElfProgramEntry; + +typedef struct +{ + char *Name; + u64 VAddr; + + ElfProgramEntry *Header; + u32 SectionNum; + ElfSectionEntry *Sections; +} ElfSegment; + +typedef struct +{ + u32 Address; + u32 Size; + u32 MaxPageNum; + u8 *Data; +} CodeSegment; + +typedef struct +{ + u32 PageSize; + bool IsLittleEndian; + bool Is64bit; + + u64 ProgramTableOffset; + u16 ProgramTableEntrySize; + u16 ProgramTableEntryCount; + + u64 SectionTableOffset; + u16 SectionTableEntrySize; + u16 SectionTableEntryCount; + + u16 SectionHeaderNameEntryIndex; + + ElfSectionEntry *Sections; + ElfProgramEntry *ProgramHeaders; + + u16 ActiveSegments; + ElfSegment *Segments; + +} ElfContext; + +#endif + +int BuildExeFsCode(ncch_settings *ncchset); \ No newline at end of file diff --git a/elf_hdr.h b/elf_hdr.h new file mode 100644 index 0000000..260f420 --- /dev/null +++ b/elf_hdr.h @@ -0,0 +1,177 @@ +#ifndef _ELF_HDR_H_ +#define _ELF_HDR_H_ + +static const u32 ELF_MAGIC = 0x7f454c46; + +typedef enum +{ + elf_32_bit = 1, + elf_64_bit = 2, +} elf_bit_format_types; + +typedef enum +{ + elf_little_endian = 1, + elf_big_endian = 2, +} elf_endianness; + +typedef enum +{ + elf_relocatable = 1, + elf_executeable = 2, + elf_shared = 3, + elf_core = 4, +} elf_type; + +typedef enum +{ + elf_arm = 0x28, +} elf_target_architecture; + +typedef struct +{ + u8 Magic[4]; + u8 BitFormat; + u8 Endianness; + u8 ELF_Version; + u8 OS; + u8 Padding_0[8]; + u8 Type[2]; + u8 TargetArchitecture[2]; + u8 Version[4]; + u8 EntryPoint[4]; + u8 ProgramHeaderTableOffset[4]; + u8 SectionHeaderTableOffset[4]; + u8 Flags[4]; + u8 HeaderSize[2]; + u8 ProgramHeaderEntrySize[2]; + u8 ProgramHeaderEntryCount[2]; + u8 SectionTableEntrySize[2]; + u8 SectionHeaderEntryCount[2]; + u8 SectionHeaderNameEntryIndex[2]; +} elf_32_hdr; + +typedef struct +{ + u8 Magic[4]; + u8 BitFormat; + u8 Endianness; + u8 ELF_Version; + u8 OS; + u8 Padding_0[8]; + u8 Type[2]; + u8 TargetArchitecture[2]; + u8 Version[4]; + u8 EntryPoint[8]; + u8 ProgramHeaderTableOffset[8]; + u8 SectionHeaderTableOffset[8]; + u8 Flags[4]; + u8 HeaderSize[2]; + u8 ProgramHeaderEntrySize[2]; + u8 ProgramHeaderEntryCount[2]; + u8 SectionTableEntrySize[2]; + u8 SectionHeaderEntryCount[2]; + u8 SectionHeaderNameEntryIndex[2]; +} elf_64_hdr; + + +/* Section header. */ + +/* Legal values for sh_type (section type). */ + +#define SHT_NULL 0 /* Section header table entry unused */ +#define SHT_PROGBITS 1 /* Program data */ +#define SHT_SYMTAB 2 /* Symbol table */ +#define SHT_STRTAB 3 /* String table */ +#define SHT_RELA 4 /* Relocation entries with addends */ +#define SHT_HASH 5 /* Symbol hash table */ +#define SHT_DYNAMIC 6 /* Dynamic linking information */ +#define SHT_NOTE 7 /* Notes */ +#define SHT_NOBITS 8 /* Program space with no data (bss) */ +#define SHT_REL 9 /* Relocation entries, no addends */ +#define SHT_SHLIB 10 /* Reserved */ +#define SHT_DYNSYM 11 /* Dynamic linker symbol table */ +#define SHT_NUM 12 /* Number of defined types. */ +#define SHT_LOOS 0x60000000 /* Start OS-specific */ +#define SHT_LOSUNW 0x6ffffffb /* Sun-specific low bound. */ +#define SHT_SUNW_COMDAT 0x6ffffffb +#define SHT_SUNW_syminfo 0x6ffffffc +#define SHT_GNU_verdef 0x6ffffffd /* Version definition section. */ +#define SHT_GNU_verneed 0x6ffffffe /* Version needs section. */ +#define SHT_GNU_versym 0x6fffffff /* Version symbol table. */ +#define SHT_HISUNW 0x6fffffff /* Sun-specific high bound. */ +#define SHT_HIOS 0x6fffffff /* End OS-specific type */ +#define SHT_LOPROC 0x70000000 /* Start of processor-specific */ +#define SHT_HIPROC 0x7fffffff /* End of processor-specific */ +#define SHT_LOUSER 0x80000000 /* Start of application-specific */ +#define SHT_HIUSER 0x8fffffff /* End of application-specific */ + + +typedef struct +{ + u8 sh_name[4]; /* Section name (string tbl index) */ + u8 sh_type[4]; /* Section type */ + u8 sh_flags[4]; /* Section flags */ + u8 sh_addr[4]; /* Section virtual addr at execution */ + u8 sh_offset[4]; /* Section file offset */ + u8 sh_size[4]; /* Section size in bytes */ + u8 sh_link[4]; /* Link to another section */ + u8 sh_info[4]; /* Additional section information */ + u8 sh_addralign[4]; /* Section alignment */ + u8 sh_entsize[4]; /* Entry size if section holds table */ +} elf_32_shdr; + +typedef struct +{ + u8 sh_name[8]; /* Section name (string tbl index) */ + u8 sh_type[8]; /* Section type */ + u8 sh_flags[8]; /* Section flags */ + u8 sh_addr[8]; /* Section virtual addr at execution */ + u8 sh_offset[8]; /* Section file offset */ + u8 sh_size[8]; /* Section size in bytes */ + u8 sh_link[8]; /* Link to another section */ + u8 sh_info[8]; /* Additional section information */ + u8 sh_addralign[8]; /* Section alignment */ + u8 sh_entsize[8]; /* Entry size if section holds table */ +} elf_64_shdr; + +/* Program segment header. */ + +/* p_type legal values */ +#define PT_NULL 0 /* Program header table entry unused */ +#define PT_LOAD 1 /* Loadable program segment */ +#define PT_DYNAMIC 2 /* Dynamic linking information */ +#define PT_INTERP 3 /* Program interpreter */ +#define PT_NOTE 4 /* Auxiliary information */ +#define PT_SHLIB 5 /* Reserved */ +#define PT_PHDR 6 /* Entry for header table itself */ +#define PT_NUM 7 /* Number of defined types. */ +#define PT_LOOS 0x60000000 /* Start of OS-specific */ +#define PT_HIOS 0x6fffffff /* End of OS-specific */ +#define PT_LOPROC 0x70000000 /* Start of processor-specific */ +#define PT_HIPROC 0x7fffffff /* End of processor-specific */ + +typedef struct +{ + u8 p_type[4]; /* Segment type */ + u8 p_offset[4]; /* Segment file offset */ + u8 p_vaddr[4]; /* Segment virtual address */ + u8 p_paddr[4]; /* Segment physical address */ + u8 p_filesz[4]; /* Segment size in file */ + u8 p_memsz[4]; /* Segment size in memory */ + u8 p_flags[4]; /* Segment flags */ + u8 p_align[4]; /* Segment alignment */ +} elf_32_phdr; + +typedef struct +{ + u8 p_type[8]; /* Segment type */ + u8 p_flags[8]; /* Segment flags */ + u8 p_offset[8]; /* Segment file offset */ + u8 p_vaddr[8]; /* Segment virtual address */ + u8 p_paddr[8]; /* Segment physical address */ + u8 p_filesz[8]; /* Segment size in file */ + u8 p_memsz[8]; /* Segment size in memory */ + u8 p_align[8]; /* Segment alignment */ +} elf_64_phdr; +#endif \ No newline at end of file diff --git a/exefs.c b/exefs.c new file mode 100644 index 0000000..15dd4ae --- /dev/null +++ b/exefs.c @@ -0,0 +1,179 @@ +#include "lib.h" +#include "ncch.h" +#include "exefs.h" + +// Private Prototypes +u32 PredictExeFS_Size(ExeFs_BuildContext *ctx); +int GenerateExeFS_Header(ExeFs_BuildContext *ctx, u8 *outbuff); +void InitialiseExeFSContext(ExeFs_BuildContext *ctx); +void FreeExeFSContext(ExeFs_BuildContext *ctx); +int ImportDatatoExeFS(ExeFs_BuildContext *ctx, u8 *outbuff); +int ImportToExeFSContext(ExeFs_BuildContext *ctx, char *lable, u8 *buffer, u32 size); + +// ExeFs Build Functions +int BuildExeFs(ncch_settings *ncchset) +{ + /* Intialising ExeFs Build Context */ + ExeFs_BuildContext *ctx = malloc(sizeof(ExeFs_BuildContext)); + if(!ctx) {fprintf(stderr,"[EXEFS ERROR] MEM ERROR\n"); return MEM_ERROR;} + InitialiseExeFSContext(ctx); + ctx->media_unit = ncchset->Options.MediaSize; + + /* Importing ExeFs */ + if(ncchset->ExeFs_Sections.Code.size) + ImportToExeFSContext(ctx,".code",ncchset->ExeFs_Sections.Code.buffer,ncchset->ExeFs_Sections.Code.size); + if(ncchset->ExeFs_Sections.Banner.size) + ImportToExeFSContext(ctx,"banner",ncchset->ExeFs_Sections.Banner.buffer,ncchset->ExeFs_Sections.Banner.size); + if(ncchset->ExeFs_Sections.Icon.size) + ImportToExeFSContext(ctx,"icon",ncchset->ExeFs_Sections.Icon.buffer,ncchset->ExeFs_Sections.Icon.size); + if(ncchset->Sections.Logo.size && ncchset->Options.IncludeExeFsLogo) + ImportToExeFSContext(ctx,"logo",ncchset->Sections.Logo.buffer,ncchset->Sections.Logo.size); + + /* Allocating Memory for ExeFs */ + ncchset->Sections.ExeFs.size = PredictExeFS_Size(ctx); + ncchset->Sections.ExeFs.buffer = malloc(ncchset->Sections.ExeFs.size); + if(!ncchset->Sections.ExeFs.buffer){ + printf("[EXEFS ERROR] Could Not Allocate Memory for ExeFS\n"); + return Fail; + } + memset(ncchset->Sections.ExeFs.buffer,0,ncchset->Sections.ExeFs.size); + + /* Generating Header, and writing sections to buffer */ + GenerateExeFS_Header(ctx,ncchset->Sections.ExeFs.buffer); + ImportDatatoExeFS(ctx,ncchset->Sections.ExeFs.buffer); + + /* Finish */ + FreeExeFSContext(ctx); + return 0; +} + +u32 PredictExeFS_Size(ExeFs_BuildContext *ctx) +{ + u32 exefs_size = 0x200; // Size of header + for(int i = 0; i < ctx->section_count; i++){ + exefs_size += align_value(ctx->section_size[i],ctx->media_unit); + } + //exefs_size = align_value(ctx->exefs_size,ctx->media_unit); + return exefs_size; +} + +int GenerateExeFS_Header(ExeFs_BuildContext *ctx, u8 *outbuff) +{ + for(int i = 0; i < ctx->section_count; i++){ + if(i == 0) + ctx->section_offset[i] = 0; + else + ctx->section_offset[i] = align_value((ctx->section_offset[i-1]+ctx->section_size[i-1]),ctx->media_unit); + + memcpy(ctx->file_header[i].name,ctx->lable[i],8); + u32_to_u8(ctx->file_header[i].offset,ctx->section_offset[i],LE); + u32_to_u8(ctx->file_header[i].size,ctx->section_size[i],LE); + ctr_sha(ctx->section[i],ctx->section_size[i],ctx->file_hashes[9-i],CTR_SHA_256); + } + memcpy(outbuff,ctx->file_header,sizeof(ExeFs_FileHeader)*10); + memcpy(outbuff+0xc0,ctx->file_hashes,0x20*10); + return 0; +} + +void InitialiseExeFSContext(ExeFs_BuildContext *ctx) +{ + memset(ctx,0,sizeof(ExeFs_BuildContext)); +} + +void FreeExeFSContext(ExeFs_BuildContext *ctx) +{ + /* + if(ctx->outbuff != NULL) + free(ctx->outbuff); + for(int i = 0; i < 10; i++){ + if(ctx->section[i] != NULL) + free(ctx->section[i]); + } + */ + memset(ctx,0,sizeof(ExeFs_BuildContext)); + free(ctx); +} + +int ImportDatatoExeFS(ExeFs_BuildContext *ctx, u8 *outbuff) +{ + for(int i = 0; i < ctx->section_count; i++){ + memcpy(outbuff+ctx->section_offset[i]+0x200,ctx->section[i],ctx->section_size[i]); + } + return 0; +} + +int ImportToExeFSContext(ExeFs_BuildContext *ctx, char *lable, u8 *buffer, u32 size) +{ + if(ctx == NULL || lable == NULL || buffer == NULL){ + printf("[!] PTR ERROR\n"); + return PTR_ERROR; + } + if(ctx->section_count >= 10){ + printf("[!] Maximum ExeFS Capacity Reached\n"); + return EXEFS_MAX_REACHED; + } + if(strlen(lable) > 8){ + printf("[!] ExeFS Section Name: '%s' is too large\n",lable); + return EXEFS_SECTION_NAME_ERROR; + } + + ctx->section_count++; + ctx->section[ctx->section_count - 1] = buffer; + ctx->section_size[ctx->section_count - 1] = size; + strcpy(ctx->lable[ctx->section_count - 1],lable); + return 0; +} + +// ExeFs Read Functions +bool DoesExeFsSectionExist(char *section, u8 *ExeFs) +{ + ExeFs_Header *hdr = (ExeFs_Header*) ExeFs; + for(int i = 0; i < MAX_EXEFS_SECTIONS; i++){ + if(strncmp(hdr->SectionHdr[i].name,section,8) == 0) return true; + } + return false; +} +u8* GetExeFsSection(char *section, u8 *ExeFs) +{ + ExeFs_Header *hdr = (ExeFs_Header*) ExeFs; + for(int i = 0; i < MAX_EXEFS_SECTIONS; i++){ + if(strncmp(hdr->SectionHdr[i].name,section,8) == 0){ + u32 offset = u8_to_u32(hdr->SectionHdr[i].offset,LE) + sizeof(ExeFs_Header); + return (u8*)(ExeFs+offset); + } + } + return NULL; +} + +u8* GetExeFsSectionHash(char *section, u8 *ExeFs) +{ + ExeFs_Header *hdr = (ExeFs_Header*) ExeFs; + for(int i = 0; i < MAX_EXEFS_SECTIONS; i++){ + if(strncmp(hdr->SectionHdr[i].name,section,8) == 0){ + return (u8*)(hdr->SectionHashes[MAX_EXEFS_SECTIONS-1-i]); + } + } + return NULL; +} + +u32 GetExeFsSectionSize(char *section, u8 *ExeFs) +{ + ExeFs_Header *hdr = (ExeFs_Header*) ExeFs; + for(int i = 0; i < MAX_EXEFS_SECTIONS; i++){ + if(strncmp(hdr->SectionHdr[i].name,section,8) == 0){ + return u8_to_u32(hdr->SectionHdr[i].size,LE); + } + } + return 0; +} + +u32 GetExeFsSectionOffset(char *section, u8 *ExeFs) +{ + ExeFs_Header *hdr = (ExeFs_Header*) ExeFs; + for(int i = 0; i < MAX_EXEFS_SECTIONS; i++){ + if(strncmp(hdr->SectionHdr[i].name,section,8) == 0){ + return u8_to_u32(hdr->SectionHdr[i].offset,LE) + sizeof(ExeFs_Header); + } + } + return 0; +} \ No newline at end of file diff --git a/exefs.h b/exefs.h new file mode 100644 index 0000000..4564fc5 --- /dev/null +++ b/exefs.h @@ -0,0 +1,54 @@ +#ifndef _EXEFS_H_ +#define _EXEFS_H_ + +#define MAX_EXEFS_SECTIONS 10 // DO NOT CHANGE + +typedef enum +{ + PTR_ERROR = -10, + EXEFS_MAX_REACHED = -11, + EXEFS_SECTION_NAME_ERROR = -12, + +} exefs_errors; + +typedef struct +{ + char name[8]; + u8 offset[4]; + u8 size[4]; +} ExeFs_FileHeader; + +typedef struct +{ + //Input + int section_count; + u8 *section[10]; + u32 section_size[10]; + u32 section_offset[10]; + char lable[10][8]; + u32 media_unit; + + //Working Data + ExeFs_FileHeader file_header[10]; + u8 file_hashes[10][0x20]; + +} ExeFs_BuildContext; + +typedef struct +{ + ExeFs_FileHeader SectionHdr[MAX_EXEFS_SECTIONS]; + u8 Reserved[0x20]; + u8 SectionHashes[MAX_EXEFS_SECTIONS][0x20]; +} ExeFs_Header; + +#endif + +/* ExeFs Build Functions */ +int BuildExeFs(ncch_settings *ncchset); + +/* ExeFs Read Functions */ +bool DoesExeFsSectionExist(char *section, u8 *ExeFs); +u8* GetExeFsSection(char *section, u8 *ExeFs); +u8* GetExeFsSectionHash(char *section, u8 *ExeFs); +u32 GetExeFsSectionSize(char *section, u8 *ExeFs); +u32 GetExeFsSectionOffset(char *section, u8 *ExeFs); diff --git a/exheader.c b/exheader.c new file mode 100644 index 0000000..61866c0 --- /dev/null +++ b/exheader.c @@ -0,0 +1,488 @@ +#include "lib.h" +#include "ncch.h" +#include "exheader.h" + +#include "titleid.h" +#include "polarssl\base64.h" + +#ifndef RETAIL_FSIGN +#include "accessdesc_sig.h" // For AccessDesc Presets +#endif + +/* Prototypes */ +void init_ExHeaderSettings(exheader_settings *exhdrset); +void free_ExHeaderSettings(exheader_settings *exhdrset); +int get_ExHeaderSettingsFromNcchset(exheader_settings *exhdrset, ncch_settings *ncchset); +int get_ExHeaderSettingsFromYaml(exheader_settings *exhdrset); + +void AdjustBooleans(desc_settings *yaml); +int get_ExHeaderCodeSetInfo(exhdr_CodeSetInfo *CodeSetInfo, desc_settings *yaml); +int get_ExHeaderDependencyList(u8 *DependencyList, desc_settings *yaml); +int get_ExHeaderSystemInfo(exhdr_SystemInfo *SystemInfo, desc_settings *yaml); +int get_ExHeaderARM11SystemLocalInfo(exhdr_ARM11SystemLocalCapabilities *arm11, desc_settings *yaml); +int get_ExHeaderARM11KernelInfo(exhdr_ARM11KernelCapabilities *arm11, desc_settings *yaml); +int get_ExHeaderARM9AccessControlInfo(exhdr_ARM9AccessControlInfo *arm9, desc_settings *yaml); + +int set_AccessDesc(exheader_settings *exhdrset, ncch_settings *ncchset); + +/* ExHeader Signature Functions */ +int SignAccessDesc(ExtendedHeader_Struct *ExHdr, keys_struct *keys) +{ + u8 *AccessDesc = (u8*) &ExHdr->AccessDescriptor.ncchpubkeymodulus; + u8 *Signature = (u8*) &ExHdr->AccessDescriptor.signature; + return ctr_sig(AccessDesc,0x300,Signature,keys->rsa.AccessDesc_Pub,keys->rsa.AccessDesc_Priv,RSA_2048_SHA256,CTR_RSA_SIGN); +} + +int CheckAccessDescSignature(ExtendedHeader_Struct *ExHdr, keys_struct *keys) +{ + u8 *AccessDesc = (u8*) &ExHdr->AccessDescriptor.ncchpubkeymodulus; + u8 *Signature = (u8*) &ExHdr->AccessDescriptor.signature; + return ctr_sig(AccessDesc,0x300,Signature,keys->rsa.AccessDesc_Pub,NULL,RSA_2048_SHA256,CTR_RSA_VERIFY); +} + +/* ExHeader Build Functions */ +int BuildExHeader(ncch_settings *ncchset) +{ + int result = 0; + + exheader_settings *exhdrset = malloc(sizeof(exheader_settings)); + if(!exhdrset) {fprintf(stderr,"[EXHEADER ERROR] MEM ERROR\n"); return MEM_ERROR;} + init_ExHeaderSettings(exhdrset); + + // Get Settings + result = get_ExHeaderSettingsFromNcchset(exhdrset,ncchset); + if(result) goto finish; + + result = get_ExHeaderSettingsFromYaml(exhdrset); + if(result) goto finish; + + result = set_AccessDesc(exhdrset,ncchset); + if(result) goto finish; + + memcpy(&exhdrset->ExHdr->ARM11SystemLocalCapabilities.Flags,&exhdrset->ExHdr->AccessDescriptor.ARM11SystemLocalCapabilities.Flags,0x1f8); + +finish: + if(result) fprintf(stderr,"[EXHEADER ERROR] Failed to create ExHeader\n"); + free_ExHeaderSettings(exhdrset); + return result; +} + + +void init_ExHeaderSettings(exheader_settings *exhdrset) +{ + memset(exhdrset,0,sizeof(exheader_settings)); +} + +void free_ExHeaderSettings(exheader_settings *exhdrset) +{ + free(exhdrset); +} + +int get_ExHeaderSettingsFromNcchset(exheader_settings *exhdrset, ncch_settings *ncchset) +{ + /* Transfer settings */ + exhdrset->keys = ncchset->keys; + exhdrset->yaml = ncchset->yaml_set; + + /* Creating Output Buffer */ + ncchset->Sections.ExHeader.size = 0x800; + ncchset->Sections.ExHeader.buffer = malloc(ncchset->Sections.ExHeader.size); + if(!ncchset->Sections.ExHeader.buffer) {fprintf(stderr,"[EXHEADER ERROR] MEM ERROR\n"); return MEM_ERROR;} + memset(ncchset->Sections.ExHeader.buffer,0,ncchset->Sections.ExHeader.size); + + /* Import ExHeader template */ + if(ncchset->ComponentFilePtrs.exheader_size){ + u32 import_size = min_u64(0x400,ncchset->ComponentFilePtrs.exheader_size); + ReadFile_64(ncchset->Sections.ExHeader.buffer,import_size,0,ncchset->ComponentFilePtrs.exheader); + } + + /* Create ExHeader Struct for output */ + exhdrset->ExHdr = (ExtendedHeader_Struct*)ncchset->Sections.ExHeader.buffer; + + /* Set Code Info if Code Section was built not imported */ + if(ncchset->Options.IsBuildingCodeSection){ + /* BSS Size */ + u32_to_u8(exhdrset->ExHdr->CodeSetInfo.BssSize,ncchset->CodeDetails.BSS_Size,LE); + /* Data */ + u32_to_u8(exhdrset->ExHdr->CodeSetInfo.DataSectionInfo.Address,ncchset->CodeDetails.DataAddress,LE); + u32_to_u8(exhdrset->ExHdr->CodeSetInfo.DataSectionInfo.CodeSize,ncchset->CodeDetails.DataSize,LE); + u32_to_u8(exhdrset->ExHdr->CodeSetInfo.DataSectionInfo.NumMaxPages,ncchset->CodeDetails.DataMaxPages,LE); + /* RO */ + u32_to_u8(exhdrset->ExHdr->CodeSetInfo.ReadOnlySectionInfo.Address,ncchset->CodeDetails.ROAddress,LE); + u32_to_u8(exhdrset->ExHdr->CodeSetInfo.ReadOnlySectionInfo.CodeSize,ncchset->CodeDetails.ROSize,LE); + u32_to_u8(exhdrset->ExHdr->CodeSetInfo.ReadOnlySectionInfo.NumMaxPages,ncchset->CodeDetails.ROMaxPages,LE); + /* Text */ + u32_to_u8(exhdrset->ExHdr->CodeSetInfo.TextSectionInfo.Address,ncchset->CodeDetails.TextAddress,LE); + u32_to_u8(exhdrset->ExHdr->CodeSetInfo.TextSectionInfo.CodeSize,ncchset->CodeDetails.TextSize,LE); + u32_to_u8(exhdrset->ExHdr->CodeSetInfo.TextSectionInfo.NumMaxPages,ncchset->CodeDetails.TextMaxPages,LE); + } + + /* Set Simple Flags */ + if(ncchset->Options.CompressCode) + exhdrset->ExHdr->CodeSetInfo.Flags.flag |= ExeFsCodeCompress; + if(ncchset->Options.UseOnSD) + exhdrset->ExHdr->CodeSetInfo.Flags.flag |= RetailSDAppFlag; + + return 0; +} + +int get_ExHeaderSettingsFromYaml(exheader_settings *exhdrset) +{ + AdjustBooleans(exhdrset->yaml); + + int result = 0; + result = get_ExHeaderCodeSetInfo(&exhdrset->ExHdr->CodeSetInfo, exhdrset->yaml); + if(result) goto finish; + + result = get_ExHeaderDependencyList((u8*)&exhdrset->ExHdr->DependencyList[0], exhdrset->yaml); + if(result) goto finish; + + result = get_ExHeaderSystemInfo(&exhdrset->ExHdr->SystemInfo, exhdrset->yaml); + if(result) goto finish; + + result = get_ExHeaderARM11SystemLocalInfo(&exhdrset->ExHdr->ARM11SystemLocalCapabilities, exhdrset->yaml); + if(result) goto finish; + + result = get_ExHeaderARM11KernelInfo(&exhdrset->ExHdr->ARM11KernelCapabilities, exhdrset->yaml); + if(result) goto finish; + + result = get_ExHeaderARM9AccessControlInfo(&exhdrset->ExHdr->ARM9AccessControlInfo, exhdrset->yaml); + if(result) goto finish; + +finish: + return result; +} + +void AdjustBooleans(desc_settings *yaml) +{ + if(yaml->DefaultSpec.AccessControlInfo.DisableDebug == -1) yaml->DefaultSpec.AccessControlInfo.DisableDebug = 0; + if(yaml->DefaultSpec.AccessControlInfo.EnableForceDebug == -1) yaml->DefaultSpec.AccessControlInfo.EnableForceDebug = 0; + if(yaml->DefaultSpec.AccessControlInfo.CanWriteSharedPage == -1) yaml->DefaultSpec.AccessControlInfo.CanWriteSharedPage = 0; + if(yaml->DefaultSpec.AccessControlInfo.CanUsePrivilegedPriority == -1) yaml->DefaultSpec.AccessControlInfo.CanUsePrivilegedPriority = 0; + if(yaml->DefaultSpec.AccessControlInfo.CanUseNonAlphabetAndNumber == -1) yaml->DefaultSpec.AccessControlInfo.CanUseNonAlphabetAndNumber = 0; + if(yaml->DefaultSpec.AccessControlInfo.PermitMainFunctionArgument == -1) yaml->DefaultSpec.AccessControlInfo.PermitMainFunctionArgument = 0; + if(yaml->DefaultSpec.AccessControlInfo.CanShareDeviceMemory == -1) yaml->DefaultSpec.AccessControlInfo.CanShareDeviceMemory = 0; + if(yaml->DefaultSpec.AccessControlInfo.UseOtherVariationSaveData == -1) yaml->DefaultSpec.AccessControlInfo.UseOtherVariationSaveData = 0; + if(yaml->DefaultSpec.AccessControlInfo.UseExtSaveData == -1) yaml->DefaultSpec.AccessControlInfo.UseExtSaveData = 0; + if(yaml->DefaultSpec.AccessControlInfo.RunnableOnSleep == -1) yaml->DefaultSpec.AccessControlInfo.RunnableOnSleep = 0; + if(yaml->DefaultSpec.AccessControlInfo.SpecialMemoryArrange == -1) yaml->DefaultSpec.AccessControlInfo.SpecialMemoryArrange = 0; +} + +int get_ExHeaderCodeSetInfo(exhdr_CodeSetInfo *CodeSetInfo, desc_settings *yaml) +{ + /* Name */ + if(yaml->DefaultSpec.BasicInfo.Title){ + if(strlen(yaml->DefaultSpec.BasicInfo.Title) > 8){ + fprintf(stderr,"[EXHEADER ERROR] Parameter Too Long 'BasicInfo/Title'\n"); + return EXHDR_BAD_YAML_OPT; + } + strcpy((char*)CodeSetInfo->Name,yaml->DefaultSpec.BasicInfo.Title); + } + else{ + fprintf(stderr,"[EXHEADER ERROR] Parameter Not Found: 'BasicInfo/Title'\n"); + } + /* Stack Size */ + if(yaml->DefaultSpec.SystemControlInfo.StackSize){ + u32 StackSize = strtoul(yaml->DefaultSpec.SystemControlInfo.StackSize,NULL,0); + u32_to_u8(CodeSetInfo->StackSize,StackSize,LE); + } + else{ + fprintf(stderr,"[EXHEADER ERROR] Parameter Not Found: 'SystemControlInfo/StackSize'\n"); + } + /* Remaster Version */ + if(yaml->DefaultSpec.SystemControlInfo.RemasterVersion){ + u16 RemasterVersion = strtol(yaml->DefaultSpec.SystemControlInfo.RemasterVersion,NULL,0); + u16_to_u8(CodeSetInfo->Flags.remasterVersion,RemasterVersion,LE); + } + else{ + u16_to_u8(CodeSetInfo->Flags.remasterVersion,0,LE); + } + return 0; +} + +int get_ExHeaderDependencyList(u8 *DependencyList, desc_settings *yaml) +{ + if(yaml->DefaultSpec.SystemControlInfo.DependencyNum > 0x30){ + fprintf(stderr,"[EXHEADER ERROR] Too Many Dependency IDs\n"); + return EXHDR_BAD_YAML_OPT; + } + for(int i = 0; i < yaml->DefaultSpec.SystemControlInfo.DependencyNum; i++){ + u8 *pos = (DependencyList + 0x8*i); + u64 TitleID = strtoull(yaml->DefaultSpec.SystemControlInfo.Dependency[i],NULL,0); + u64_to_u8(pos,TitleID,LE); + } + return 0; +} + +int get_ExHeaderSystemInfo(exhdr_SystemInfo *SystemInfo, desc_settings *yaml) +{ + /* SaveDataSize */ + if(yaml->DefaultSpec.Rom.SaveDataSize){ + u64 SaveDataSize = strtoull(yaml->DefaultSpec.Rom.SaveDataSize,NULL,10); + if(strstr(yaml->DefaultSpec.Rom.SaveDataSize,"K")){ + char *str = strstr(yaml->DefaultSpec.Rom.SaveDataSize,"K"); + if(strcmp(str,"K") == 0 || strcmp(str,"KB") == 0 ){ + SaveDataSize = SaveDataSize*KB; + } + } + else if(strstr(yaml->DefaultSpec.Rom.SaveDataSize,"M")){ + char *str = strstr(yaml->DefaultSpec.Rom.SaveDataSize,"M"); + if(strcmp(str,"M") == 0 || strcmp(str,"MB") == 0 ){ + SaveDataSize = SaveDataSize*MB; + } + } + else if(strstr(yaml->DefaultSpec.Rom.SaveDataSize,"G")){ + char *str = strstr(yaml->DefaultSpec.Rom.SaveDataSize,"G"); + if(strcmp(str,"G") == 0 || strcmp(str,"GB") == 0 ){ + SaveDataSize = SaveDataSize*GB; + } + } + else{ + fprintf(stderr,"[EXHEADER ERROR] Invalid save data size format.\n"); + return EXHDR_BAD_YAML_OPT; + } + if((SaveDataSize & 65536) != 0){ + fprintf(stderr,"[EXHEADER ERROR] Save data size must be aligned to 64K.\n"); + return EXHDR_BAD_YAML_OPT; + } + u64_to_u8(SystemInfo->SaveDataSize,SaveDataSize,LE); + } + else{ + u64_to_u8(SystemInfo->SaveDataSize,0,LE); + } + /* Jump Id */ + if(yaml->DefaultSpec.SystemControlInfo.JumpId){ + u64 JumpId = strtoull(yaml->DefaultSpec.SystemControlInfo.JumpId,NULL,0); + u64_to_u8(SystemInfo->JumpId,JumpId,LE); + } + else{ + u64 JumpId = 0; + int result = GetProgramID(&JumpId,yaml,false); + if(result) return result; + u64_to_u8(SystemInfo->JumpId,JumpId,LE); + } + return 0; +} + +int get_ExHeaderARM11SystemLocalInfo(exhdr_ARM11SystemLocalCapabilities *arm11, desc_settings *yaml) +{ + /* Program Id */ + u64 ProgramId = 0; + int result = GetProgramID(&ProgramId,yaml,true); + if(result) return result; + u64_to_u8(arm11->ProgramId,ProgramId,LE); + return 0; + /* Flags */ + //u32_to_u8( +} + +int get_ExHeaderARM11KernelInfo(exhdr_ARM11KernelCapabilities *arm11, desc_settings *yaml) +{ + return 0; +} + +int get_ExHeaderARM9AccessControlInfo(exhdr_ARM9AccessControlInfo *arm9, desc_settings *yaml) +{ + return 0; +} + +int set_AccessDesc(exheader_settings *exhdrset, ncch_settings *ncchset) +{ + switch(ncchset->Options.accessdesc){ + case auto_gen : + /* Set RSA Keys */ + memcpy(ncchset->CxiRsaKey.PrivK,exhdrset->keys->rsa.CFA_Priv,0x100); + memcpy(ncchset->CxiRsaKey.PubK,exhdrset->keys->rsa.CFA_Pub,0x100); + memcpy(&exhdrset->ExHdr->AccessDescriptor.ncchpubkeymodulus,exhdrset->keys->rsa.CFA_Pub,0x100); + /* Copy Data From ExHeader */ + memcpy(&exhdrset->ExHdr->AccessDescriptor.ARM11SystemLocalCapabilities,&exhdrset->ExHdr->ARM11SystemLocalCapabilities,sizeof(exhdr_ARM11SystemLocalCapabilities)); + memcpy(&exhdrset->ExHdr->AccessDescriptor.ARM11KernelCapabilities,&exhdrset->ExHdr->ARM11KernelCapabilities,sizeof(exhdr_ARM11KernelCapabilities)); + memcpy(&exhdrset->ExHdr->AccessDescriptor.ARM9AccessControlInfo,&exhdrset->ExHdr->ARM9AccessControlInfo,sizeof(exhdr_ARM9AccessControlInfo)); + /* Sign AccessDesc */ + return SignAccessDesc(exhdrset->ExHdr,exhdrset->keys); +#ifndef RETAIL_FSIGN + case app : + memcpy(ncchset->CxiRsaKey.PrivK,(u8*)App_HdrPrivK,0x100); + memcpy(ncchset->CxiRsaKey.PubK,(u8*)App_HdrPubK,0x100); + memcpy(&exhdrset->ExHdr->AccessDescriptor.signature,(u8*)App_AcexData,0x400); + return 0; + case demo : + memcpy(ncchset->CxiRsaKey.PrivK,(u8*)Demo_HdrPrivK,0x100); + memcpy(ncchset->CxiRsaKey.PubK,(u8*)Demo_HdrPubK,0x100); + memcpy(&exhdrset->ExHdr->AccessDescriptor.signature,(u8*)Demo_AcexData,0x400); + return 0; + case dlp : + memcpy(ncchset->CxiRsaKey.PrivK,(u8*)Dlp_HdrPrivK,0x100); + memcpy(ncchset->CxiRsaKey.PubK,(u8*)Dlp_HdrPubK,0x100); + memcpy(&exhdrset->ExHdr->AccessDescriptor.signature,(u8*)Dlp_AcexData,0x400); + return 0; + case use_desc_file: + /* Yaml Option Sanity Checks */ + if(!exhdrset->yaml->CommonHeaderKey.Found){ + fprintf(stderr,"[EXHEADER ERROR] Desc Section 'CommonHeaderKey' not found\n"); + return COMMON_HEADER_KEY_NOT_FOUND; + } + if(!exhdrset->yaml->CommonHeaderKey.D){ + fprintf(stderr,"[EXHEADER ERROR] 'CommonHeaderKey/D' not found\n"); + return COMMON_HEADER_KEY_NOT_FOUND; + } + if(strlen(exhdrset->yaml->CommonHeaderKey.D) != 350){ + fprintf(stderr,"[EXHEADER ERROR] 'CommonHeaderKey/D' has invalid length (%d)\n",strlen(exhdrset->yaml->CommonHeaderKey.D)); + return COMMON_HEADER_KEY_NOT_FOUND; + } + if(!exhdrset->yaml->CommonHeaderKey.Modulus){ + fprintf(stderr,"[EXHEADER ERROR] 'CommonHeaderKey/Modulus' not found\n"); + return COMMON_HEADER_KEY_NOT_FOUND; + } + if(strlen(exhdrset->yaml->CommonHeaderKey.Modulus) != 350){ + fprintf(stderr,"[EXHEADER ERROR] 'CommonHeaderKey/Modulus' has invalid length (%d)\n",strlen(exhdrset->yaml->CommonHeaderKey.Modulus)); + return COMMON_HEADER_KEY_NOT_FOUND; + } + if(!exhdrset->yaml->AccessControlDescriptor.AccCtlDescSign){ + fprintf(stderr,"[EXHEADER ERROR] 'AccessControlDescriptor/Signature' not found\n"); + return COMMON_HEADER_KEY_NOT_FOUND; + } + if(strlen(exhdrset->yaml->AccessControlDescriptor.AccCtlDescSign) != 350){ + fprintf(stderr,"[EXHEADER ERROR] 'AccessControlDescriptor/Signature' has invalid length (%d)\n",strlen(exhdrset->yaml->AccessControlDescriptor.AccCtlDescSign)); + return COMMON_HEADER_KEY_NOT_FOUND; + } + if(!exhdrset->yaml->AccessControlDescriptor.AccCtlDescBin){ + fprintf(stderr,"[EXHEADER ERROR] 'AccessControlDescriptor/Descriptor' not found\n"); + return COMMON_HEADER_KEY_NOT_FOUND; + } + if(strlen(exhdrset->yaml->AccessControlDescriptor.AccCtlDescBin) != 696){ + fprintf(stderr,"[EXHEADER ERROR] 'AccessControlDescriptor/Descriptor' has invalid length (%d)\n",strlen(exhdrset->yaml->AccessControlDescriptor.AccCtlDescBin)); + return COMMON_HEADER_KEY_NOT_FOUND; + } + /* Set RSA Keys */ + int result = 0; + u32 out = 0x500; + u8 *tmp = malloc(0x500); + result = base64_decode(tmp,&out,(const u8*)exhdrset->yaml->CommonHeaderKey.Modulus,strlen(exhdrset->yaml->CommonHeaderKey.Modulus)); + if(result) goto finish; + memcpy(ncchset->CxiRsaKey.PubK,tmp,0x100); + out = 0x500; + result = base64_decode(tmp,&out,(const u8*)exhdrset->yaml->CommonHeaderKey.D,strlen(exhdrset->yaml->CommonHeaderKey.D)); + if(result) goto finish; + memcpy(ncchset->CxiRsaKey.PrivK,tmp,0x100); + /* Set AccessDesc */ + out = 0x500; + result = base64_decode(tmp,&out,(const u8*)exhdrset->yaml->AccessControlDescriptor.AccCtlDescSign,strlen(exhdrset->yaml->AccessControlDescriptor.AccCtlDescSign)); + if(result) goto finish; + memcpy(exhdrset->ExHdr->AccessDescriptor.signature,tmp,0x100); + memcpy(exhdrset->ExHdr->AccessDescriptor.ncchpubkeymodulus,ncchset->CxiRsaKey.PubK,0x100); + out = 0x500; + result = base64_decode(tmp,&out,(const u8*)exhdrset->yaml->AccessControlDescriptor.AccCtlDescBin,strlen(exhdrset->yaml->AccessControlDescriptor.AccCtlDescBin)); + if(result) goto finish; + memcpy(&exhdrset->ExHdr->AccessDescriptor.ARM11SystemLocalCapabilities,tmp,0x200); +finish: + free(tmp); + return result; +#endif + } + return 0; +} + +/* ExHeader Binary Print Functions */ +void exhdr_Print_ServiceAccessControl(ExtendedHeader_Struct *hdr) +{ + printf("[+] Service Access Control\n"); + for(int i = 0; i < 32; i ++){ + char *SVC_Handle = (char*)hdr->ARM11SystemLocalCapabilities.ServiceAccessControl[i]; + if(SVC_Handle[0] == 0) break; + printf("%.8s\n",hdr->ARM11SystemLocalCapabilities.ServiceAccessControl[i]); + } +} + +/* ExHeader Binary Read Functions */ +u8* GetAccessDescSig_frm_exhdr(ExtendedHeader_Struct *hdr) +{ + if(!hdr) return NULL; + return hdr->AccessDescriptor.signature ; +} + +u8* GetNcchHdrPubKey_frm_exhdr(ExtendedHeader_Struct *hdr) +{ + if(!hdr) return NULL; + return hdr->AccessDescriptor.ncchpubkeymodulus; +} + +u8* GetAccessDesc_frm_exhdr(ExtendedHeader_Struct *hdr) +{ + if(!hdr) return NULL; + return hdr->AccessDescriptor.ncchpubkeymodulus; +} + +u16 GetRemasterVersion_frm_exhdr(ExtendedHeader_Struct *hdr) +{ + return u8_to_u16(hdr->CodeSetInfo.Flags.remasterVersion,LE); +} + +u64 GetSaveDataSize_frm_exhdr(ExtendedHeader_Struct *hdr) +{ + return u8_to_u64(hdr->SystemInfo.SaveDataSize,LE); +} + +int GetCoreVersion_frm_exhdr(u8 *Dest, ExtendedHeader_Struct *hdr) +{ + return (int) memcpy(Dest,hdr->ARM11SystemLocalCapabilities.Flags,4); +} + +int GetDependancyList_frm_exhdr(u8 *Dest,ExtendedHeader_Struct *hdr) +{ + if(!Dest) return -1; + for(int i = 0; i < 0x30; i++){ + memcpy(Dest,hdr->DependencyList,0x30*8); + } + return 0; +} + +/* ExHeader Settings Read from Yaml */ +int GetSaveDataSize_yaml(u64 *SaveDataSize, user_settings *usrset) +{ + + if(usrset->yaml_set.DefaultSpec.Rom.SaveDataSize){ + *SaveDataSize = strtoull(usrset->yaml_set.DefaultSpec.Rom.SaveDataSize,NULL,10); + if(strstr(usrset->yaml_set.DefaultSpec.Rom.SaveDataSize,"K")){ + char *str = strstr(usrset->yaml_set.DefaultSpec.Rom.SaveDataSize,"K"); + if(strcmp(str,"K") == 0 || strcmp(str,"KB") == 0 ){ + *SaveDataSize = *SaveDataSize*KB; + } + } + else if(strstr(usrset->yaml_set.DefaultSpec.Rom.SaveDataSize,"M")){ + char *str = strstr(usrset->yaml_set.DefaultSpec.Rom.SaveDataSize,"M"); + if(strcmp(str,"M") == 0 || strcmp(str,"MB") == 0 ){ + *SaveDataSize = *SaveDataSize*MB; + } + } + else if(strstr(usrset->yaml_set.DefaultSpec.Rom.SaveDataSize,"G")){ + char *str = strstr(usrset->yaml_set.DefaultSpec.Rom.SaveDataSize,"G"); + if(strcmp(str,"G") == 0 || strcmp(str,"GB") == 0 ){ + *SaveDataSize = *SaveDataSize*GB; + } + } + else{ + fprintf(stderr,"[EXHEADER ERROR] Invalid save data size format.\n"); + return EXHDR_BAD_YAML_OPT; + } + if((*SaveDataSize & 65536) != 0){ + fprintf(stderr,"[EXHEADER ERROR] Save data size must be aligned to 64K.\n"); + return EXHDR_BAD_YAML_OPT; + } + } + else{ + *SaveDataSize = 0; + } + return 0; +} + +int GetRemasterVersion_yaml(u16 *RemasterVersion, user_settings *usrset) +{ + char *Str = usrset->yaml_set.DefaultSpec.SystemControlInfo.RemasterVersion; + if(!Str){ + *RemasterVersion = 0; + return 0; + } + *RemasterVersion = strtol(Str,NULL,0); + return 0; +} \ No newline at end of file diff --git a/exheader.h b/exheader.h new file mode 100644 index 0000000..b2ebe83 --- /dev/null +++ b/exheader.h @@ -0,0 +1,188 @@ +#ifndef _EXHEADER_H_ +#define _EXHEADER_H_ + +typedef enum +{ + COMMON_HEADER_KEY_NOT_FOUND = -10, + EXHDR_BAD_YAML_OPT = -11, +} exheader_errors; + +typedef enum +{ + ExeFsCodeCompress = 1, + RetailSDAppFlag = 2, +} SystemInfoFlags_Flagbitmask; + +typedef enum +{ + APPLICATION = 1, + SYSTEM = 2, + BASE = 3 +} MemoryTypeName; + +typedef enum +{ + PERMIT_DEBUG = 1, + FORCE_DEBUG = 2, + CAN_USE_NON_ALPHABET_AND_NUMBER = 4, + CAN_WRITE_SHARED_PAGE = 8, + CAN_USE_PRIVILEGE_PRIORITY = 16, + PERMIT_MAIN_FUNCTION_ARGUMENT = 32, + CAN_SHARE_DEVICE_MEMORY = 64, + RUNNABLE_ON_SLEEP = 128, + SPECIAL_MEMORY_ARRANGE = 4096 +} OtherCapabilities_Flagbitmask; + +typedef struct +{ + u8 reserved[5]; + u8 flag; + u8 remasterVersion[2]; // le u16 +} exhdr_SystemInfoFlags; + +typedef struct +{ + u8 Address[4]; // le u32 + u8 NumMaxPages[4]; // le u32 + u8 CodeSize[4]; // le u32 +} exhdr_CodeSegmentInfo; + +typedef struct +{ + u8 Name[8]; + exhdr_SystemInfoFlags Flags; + exhdr_CodeSegmentInfo TextSectionInfo; + u8 StackSize[4]; // le u32 + exhdr_CodeSegmentInfo ReadOnlySectionInfo; + u8 Reserved[4]; + exhdr_CodeSegmentInfo DataSectionInfo; + u8 BssSize[4]; // le u32 +} exhdr_CodeSetInfo; + +typedef struct +{ + u8 SaveDataSize[8]; + u8 JumpId[8]; + u8 Reserved[0x30]; +} exhdr_SystemInfo; + +typedef struct +{ + u8 extsavedataid[8]; + u8 systemsavedataid[8]; + u8 reserved[8]; + u8 accessinfo[7]; + u8 otherattributes; +} exhdr_StorageInfo; + +typedef struct +{ + u8 ProgramId[8]; + u8 Flags[8]; + u8 MaxCpu; + u8 Reserved0; + u8 ResourceLimitDescriptor[15][2]; + exhdr_StorageInfo StorageInfo; + u8 ServiceAccessControl[32][8]; // Those char[8] svc handles + u8 Reserved1[0x1f]; + u8 ResourceLimitCategory; +} exhdr_ARM11SystemLocalCapabilities; + +typedef struct +{ + u8 descriptors[28][4];// Descripters are a collection of u32s, with bitmask idents so they can be identified, no matter the pos + /* + struct + { + u32 data[8]; + } SystemCallAccessControl; + + struct + { + u32 data[8]; + } InterruptNumberList; + + struct + { + + } AddressMapping; + + struct + { + u32 Data; // le u32 : Flags + } OtherCapabilities; + + struct + { + u32 Data; + } HandleTableSize; + + struct + { + u32 Data; + } ReleaseKernelVersion; + */ + u8 reserved[0x10]; +} exhdr_ARM11KernelCapabilities; + +typedef struct +{ + u8 descriptors[15]; + u8 descversion; +} exhdr_ARM9AccessControlInfo; + +typedef struct +{ + // systemcontrol info { + // coreinfo { + exhdr_CodeSetInfo CodeSetInfo; + u8 DependencyList[0x30][8]; + // } + exhdr_SystemInfo SystemInfo; + // } + // accesscontrolinfo { + exhdr_ARM11SystemLocalCapabilities ARM11SystemLocalCapabilities; + exhdr_ARM11KernelCapabilities ARM11KernelCapabilities; + exhdr_ARM9AccessControlInfo ARM9AccessControlInfo; + // } + struct { + u8 signature[0x100]; + u8 ncchpubkeymodulus[0x100]; + exhdr_ARM11SystemLocalCapabilities ARM11SystemLocalCapabilities; + exhdr_ARM11KernelCapabilities ARM11KernelCapabilities; + exhdr_ARM9AccessControlInfo ARM9AccessControlInfo; + } AccessDescriptor; +} ExtendedHeader_Struct; + +typedef struct +{ + keys_struct *keys; + desc_settings *yaml; + + /* Output */ + ExtendedHeader_Struct *ExHdr; // is the exheader output buffer ptr(in ncchset) cast as exheader struct ptr; +} exheader_settings; + +#endif +/* ExHeader Signature Functions */ +int SignAccessDesc(ExtendedHeader_Struct *ExHdr, keys_struct *keys); +int CheckAccessDescSignature(ExtendedHeader_Struct *ExHdr, keys_struct *keys); + +/* ExHeader Build Functions */ +int BuildExHeader(ncch_settings *ncchset); + +/* ExHeader Binary Print Functions */ +void exhdr_Print_ServiceAccessControl(ExtendedHeader_Struct *hdr); + +/* ExHeader Binary Read Functions */ +u8* GetAccessDescSig_frm_exhdr(ExtendedHeader_Struct *hdr); +u8* GetNcchHdrPubKey_frm_exhdr(ExtendedHeader_Struct *hdr); +u8* GetAccessDesc_frm_exhdr(ExtendedHeader_Struct *hdr); +u16 GetRemasterVersion_frm_exhdr(ExtendedHeader_Struct *hdr); +u64 GetSaveDataSize_frm_exhdr(ExtendedHeader_Struct *hdr); +int GetDependancyList_frm_exhdr(u8 *Dest,ExtendedHeader_Struct *hdr); +int GetCoreVersion_frm_exhdr(u8 *Dest, ExtendedHeader_Struct *hdr); + +/* ExHeader Settings Read from Yaml */ +int GetSaveDataSize_yaml(u64 *SaveDataSize, user_settings *usrset); +int GetRemasterVersion_yaml(u16 *RemasterVersion, user_settings *usrset); \ No newline at end of file diff --git a/keys_debug.h b/keys_debug.h new file mode 100644 index 0000000..224290a --- /dev/null +++ b/keys_debug.h @@ -0,0 +1,884 @@ +#ifndef _KEYS_DEBUG_H_ +#define _KEYS_DEBUG_H_ + +// AES KEYS +static const unsigned char zeros_fixed_aesKey[16] = //zeros_fixed_aesKey +{ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 +}; + +static const unsigned char system_fixed_aesKey[16] = //system_fixed_aesKey +{ + 0x52, 0x7C, 0xE6, 0x30, 0xA9, 0xCA, 0x30, 0x5F, + 0x36, 0x96, 0xF3, 0xCD, 0xE9, 0x54, 0x19, 0x4B +}; + +static const unsigned char ctr_aes_common_key_dev0[16] = //ctr_aes_common_key_dev0 +{ + 0x55, 0xA3, 0xF8, 0x72, 0xBD, 0xC8, 0x0C, 0x55, + 0x5A, 0x65, 0x43, 0x81, 0x13, 0x9E, 0x15, 0x3B +}; + +static const unsigned char ctr_aes_common_key_dev1[16] = //ctr_aes_common_key_dev1 +{ + 0x44, 0x34, 0xED, 0x14, 0x82, 0x0C, 0xA1, 0xEB, + 0xAB, 0x82, 0xC1, 0x6E, 0x7B, 0xEF, 0x0C, 0x25 +}; + +static const unsigned char common_dpki_aesKey[16] = //common_dpki_aesKey +{ + 0xA1, 0x60, 0x4A, 0x6A, 0x71, 0x23, 0xB5, 0x29, + 0xAE, 0x8B, 0xEC, 0x32, 0xC8, 0x16, 0xFC, 0xAA +}; + +//ECC Keys + +static const unsigned char xs_dpki_eccPubKey[60] = //xs_dpki_eccPubKey +{ + 0x01, 0xD5, 0xA2, 0x3C, 0xE8, 0xE9, 0xDF, 0x8C, + 0x0A, 0xA5, 0xAA, 0xE1, 0x76, 0xE1, 0x24, 0x7C, + 0x90, 0x97, 0xA6, 0xFE, 0x2A, 0xD3, 0x8C, 0xB4, + 0xDE, 0x74, 0x32, 0xDE, 0x5B, 0x84, 0x01, 0xAC, + 0xB2, 0x13, 0x71, 0x9D, 0x4B, 0x9C, 0xEB, 0xD4, + 0x13, 0xC2, 0x27, 0x66, 0xC5, 0x5F, 0x83, 0x97, + 0xC4, 0x83, 0xA3, 0x9E, 0x3B, 0xFC, 0xE8, 0xA9, + 0xB5, 0x10, 0x3A, 0x7B +}; + +//RSA Keys + +static const unsigned char cert_root_rsa_pubk[0x200] = +{ + 0xD0, 0x1F, 0xE1, 0x00, 0xD4, 0x35, 0x56, 0xB2, + 0x4B, 0x56, 0xDA, 0xE9, 0x71, 0xB5, 0xA5, 0xD3, + 0x84, 0xB9, 0x30, 0x03, 0xBE, 0x1B, 0xBF, 0x28, + 0xA2, 0x30, 0x5B, 0x06, 0x06, 0x45, 0x46, 0x7D, + 0x5B, 0x02, 0x51, 0xD2, 0x56, 0x1A, 0x27, 0x4F, + 0x9E, 0x9F, 0x9C, 0xEC, 0x64, 0x61, 0x50, 0xAB, + 0x3D, 0x2A, 0xE3, 0x36, 0x68, 0x66, 0xAC, 0xA4, + 0xBA, 0xE8, 0x1A, 0xE3, 0xD7, 0x9A, 0xA6, 0xB0, + 0x4A, 0x8B, 0xCB, 0xA7, 0xE6, 0xFB, 0x64, 0x89, + 0x45, 0xEB, 0xDF, 0xDB, 0x85, 0xBA, 0x09, 0x1F, + 0xD7, 0xD1, 0x14, 0xB5, 0xA3, 0xA7, 0x80, 0xE3, + 0xA2, 0x2E, 0x6E, 0xCD, 0x87, 0xB5, 0xA4, 0xC6, + 0xF9, 0x10, 0xE4, 0x03, 0x22, 0x08, 0x81, 0x4B, + 0x0C, 0xEE, 0xA1, 0xA1, 0x7D, 0xF7, 0x39, 0x69, + 0x5F, 0x61, 0x7E, 0xF6, 0x35, 0x28, 0xDB, 0x94, + 0x96, 0x37, 0xA0, 0x56, 0x03, 0x7F, 0x7B, 0x32, + 0x41, 0x38, 0x95, 0xC0, 0xA8, 0xF1, 0x98, 0x2E, + 0x15, 0x65, 0xE3, 0x8E, 0xED, 0xC2, 0x2E, 0x59, + 0x0E, 0xE2, 0x67, 0x7B, 0x86, 0x09, 0xF4, 0x8C, + 0x2E, 0x30, 0x3F, 0xBC, 0x40, 0x5C, 0xAC, 0x18, + 0x04, 0x2F, 0x82, 0x20, 0x84, 0xE4, 0x93, 0x68, + 0x03, 0xDA, 0x7F, 0x41, 0x34, 0x92, 0x48, 0x56, + 0x2B, 0x8E, 0xE1, 0x2F, 0x78, 0xF8, 0x03, 0x24, + 0x63, 0x30, 0xBC, 0x7B, 0xE7, 0xEE, 0x72, 0x4A, + 0xF4, 0x58, 0xA4, 0x72, 0xE7, 0xAB, 0x46, 0xA1, + 0xA7, 0xC1, 0x0C, 0x2F, 0x18, 0xFA, 0x07, 0xC3, + 0xDD, 0xD8, 0x98, 0x06, 0xA1, 0x1C, 0x9C, 0xC1, + 0x30, 0xB2, 0x47, 0xA3, 0x3C, 0x8D, 0x47, 0xDE, + 0x67, 0xF2, 0x9E, 0x55, 0x77, 0xB1, 0x1C, 0x43, + 0x49, 0x3D, 0x5B, 0xBA, 0x76, 0x34, 0xA7, 0xE4, + 0xE7, 0x15, 0x31, 0xB7, 0xDF, 0x59, 0x81, 0xFE, + 0x24, 0xA1, 0x14, 0x55, 0x4C, 0xBD, 0x8F, 0x00, + 0x5C, 0xE1, 0xDB, 0x35, 0x08, 0x5C, 0xCF, 0xC7, + 0x78, 0x06, 0xB6, 0xDE, 0x25, 0x40, 0x68, 0xA2, + 0x6C, 0xB5, 0x49, 0x2D, 0x45, 0x80, 0x43, 0x8F, + 0xE1, 0xE5, 0xA9, 0xED, 0x75, 0xC5, 0xED, 0x45, + 0x1D, 0xCE, 0x78, 0x94, 0x39, 0xCC, 0xC3, 0xBA, + 0x28, 0xA2, 0x31, 0x2A, 0x1B, 0x87, 0x19, 0xEF, + 0x0F, 0x73, 0xB7, 0x13, 0x95, 0x0C, 0x02, 0x59, + 0x1A, 0x74, 0x62, 0xA6, 0x07, 0xF3, 0x7C, 0x0A, + 0xA7, 0xA1, 0x8F, 0xA9, 0x43, 0xA3, 0x6D, 0x75, + 0x2A, 0x5F, 0x41, 0x92, 0xF0, 0x13, 0x61, 0x00, + 0xAA, 0x9C, 0xB4, 0x1B, 0xBE, 0x14, 0xBE, 0xB1, + 0xF9, 0xFC, 0x69, 0x2F, 0xDF, 0xA0, 0x94, 0x46, + 0xDE, 0x5A, 0x9D, 0xDE, 0x2C, 0xA5, 0xF6, 0x8C, + 0x1C, 0x0C, 0x21, 0x42, 0x92, 0x87, 0xCB, 0x2D, + 0xAA, 0xA3, 0xD2, 0x63, 0x75, 0x2F, 0x73, 0xE0, + 0x9F, 0xAF, 0x44, 0x79, 0xD2, 0x81, 0x74, 0x29, + 0xF6, 0x98, 0x00, 0xAF, 0xDE, 0x6B, 0x59, 0x2D, + 0xC1, 0x98, 0x82, 0xBD, 0xF5, 0x81, 0xCC, 0xAB, + 0xF2, 0xCB, 0x91, 0x02, 0x9E, 0xF3, 0x5C, 0x4C, + 0xFD, 0xBB, 0xFF, 0x49, 0xC1, 0xFA, 0x1B, 0x2F, + 0xE3, 0x1D, 0xE7, 0xA5, 0x60, 0xEC, 0xB4, 0x7E, + 0xBC, 0xFE, 0x32, 0x42, 0x5B, 0x95, 0x6F, 0x81, + 0xB6, 0x99, 0x17, 0x48, 0x7E, 0x3B, 0x78, 0x91, + 0x51, 0xDB, 0x2E, 0x78, 0xB1, 0xFD, 0x2E, 0xBE, + 0x7E, 0x62, 0x6B, 0x3E, 0xA1, 0x65, 0xB4, 0xFB, + 0x00, 0xCC, 0xB7, 0x51, 0xAF, 0x50, 0x73, 0x29, + 0xC4, 0xA3, 0x93, 0x9E, 0xA6, 0xDD, 0x9C, 0x50, + 0xA0, 0xE7, 0x38, 0x6B, 0x01, 0x45, 0x79, 0x6B, + 0x41, 0xAF, 0x61, 0xF7, 0x85, 0x55, 0x94, 0x4F, + 0x3B, 0xC2, 0x2D, 0xC3, 0xBD, 0x0D, 0x00, 0xF8, + 0x79, 0x8A, 0x42, 0xB1, 0xAA, 0xA0, 0x83, 0x20, + 0x65, 0x9A, 0xC7, 0x39, 0x5A, 0xB4, 0xF3, 0x29 +}; + +static const unsigned char cpA_dpki_rsa_privExp[256] = //cpA_dpki_rsa_privExp +{ + 0x28, 0xCE, 0xDC, 0x39, 0x02, 0x7F, 0x3E, 0x8E, + 0xAA, 0xB7, 0x59, 0x11, 0xE0, 0x68, 0xBF, 0x80, + 0xA6, 0x44, 0x77, 0xDB, 0x1B, 0xA2, 0x50, 0xA3, + 0x69, 0xE5, 0x96, 0xB2, 0xC4, 0xCA, 0x7A, 0x35, + 0x0D, 0xFC, 0x4A, 0xB2, 0xFB, 0xC0, 0x18, 0xA5, + 0x30, 0xB4, 0x9D, 0x10, 0x44, 0xD1, 0xAD, 0x33, + 0xFD, 0x15, 0xA7, 0x8D, 0x0F, 0x17, 0xD5, 0xA4, + 0xF5, 0x5E, 0x7F, 0x33, 0xF6, 0x80, 0x04, 0x27, + 0x6A, 0xEA, 0x9C, 0xEE, 0x68, 0x04, 0x1A, 0xA5, + 0xD4, 0x35, 0xA2, 0x25, 0xA2, 0x31, 0xD9, 0xF2, + 0xF0, 0xAC, 0xDE, 0x69, 0xB6, 0x64, 0x56, 0x75, + 0x2E, 0x9B, 0xEA, 0xDE, 0x2A, 0xBB, 0xD6, 0x00, + 0xAA, 0xE6, 0x9B, 0xC2, 0xF6, 0x9F, 0x60, 0xCD, + 0x0E, 0xFA, 0xB1, 0x14, 0x4A, 0x47, 0xD6, 0x63, + 0x9A, 0xCD, 0x9C, 0x93, 0xB9, 0x09, 0x42, 0xDA, + 0x8F, 0xFB, 0xE5, 0x7B, 0xF1, 0x4F, 0x96, 0x33, + 0xF9, 0x45, 0x5B, 0xCC, 0x84, 0xAB, 0xC2, 0xD8, + 0xC4, 0x0C, 0x85, 0xFA, 0x51, 0x28, 0xB9, 0x97, + 0x95, 0x23, 0x8C, 0xB3, 0x1D, 0x4E, 0xB6, 0x1C, + 0xCC, 0x60, 0x41, 0xFB, 0x26, 0xC7, 0xD6, 0xCB, + 0x77, 0x18, 0xF7, 0xEA, 0xCD, 0x10, 0x3C, 0x5B, + 0xA3, 0xC0, 0x77, 0x4C, 0x11, 0xF3, 0x74, 0x50, + 0xEE, 0x23, 0x80, 0xC4, 0x5D, 0xDD, 0x57, 0xF5, + 0x7D, 0x49, 0x57, 0x4A, 0xBA, 0x62, 0xBF, 0x06, + 0xD9, 0xD1, 0x7F, 0x91, 0x10, 0x89, 0x6F, 0x49, + 0x09, 0xD7, 0xE9, 0xAF, 0x4C, 0x9F, 0x67, 0x9D, + 0x89, 0x82, 0xE4, 0xD5, 0xC1, 0x9A, 0xDC, 0x55, + 0x79, 0xE7, 0xE9, 0x2D, 0x81, 0x42, 0x14, 0x55, + 0x61, 0x47, 0x9B, 0xED, 0x76, 0x92, 0x1D, 0x2F, + 0xB5, 0x7C, 0x28, 0x4B, 0xFF, 0x7B, 0xC2, 0x3B, + 0x36, 0x73, 0x99, 0xA6, 0x21, 0x43, 0x0E, 0xA1, + 0x1F, 0x82, 0xB8, 0x91, 0x71, 0x11, 0xB2, 0xC1 +}; + +static const unsigned char cpA_dpki_rsa_pubMod[256] = //cpA_dpki_rsa_pubMod +{ + 0xAA, 0x7F, 0x93, 0x80, 0x28, 0x9B, 0xE8, 0x98, + 0x63, 0x10, 0x7A, 0xE1, 0x0C, 0x59, 0x2C, 0x2F, + 0x7C, 0xFF, 0xBD, 0xAA, 0xDD, 0x74, 0xF4, 0xA2, + 0xFB, 0xAC, 0xD7, 0x6F, 0x00, 0x93, 0x42, 0x06, + 0x34, 0x71, 0x56, 0xD8, 0x40, 0x49, 0x72, 0x9F, + 0x3E, 0x24, 0xFA, 0x5E, 0x19, 0xD1, 0x5B, 0x63, + 0x5C, 0xD2, 0xEF, 0x09, 0xDE, 0x32, 0xEE, 0x6B, + 0x6F, 0xC8, 0xFA, 0x32, 0x8E, 0x2E, 0x96, 0xB9, + 0x94, 0x41, 0x04, 0x7D, 0x07, 0x62, 0x95, 0xDA, + 0x0D, 0x91, 0xD8, 0x09, 0x35, 0xD0, 0xDE, 0x8E, + 0x6B, 0xC6, 0xAB, 0x14, 0x27, 0x01, 0x9C, 0xFE, + 0x49, 0x96, 0xFC, 0x9B, 0x54, 0x79, 0x4D, 0xEB, + 0xD7, 0xC6, 0x66, 0x73, 0xA6, 0xDD, 0x3A, 0x77, + 0x65, 0x47, 0x94, 0xEC, 0x1C, 0x87, 0xAA, 0x46, + 0xD9, 0x78, 0xA9, 0x7D, 0xDB, 0x11, 0x22, 0x6E, + 0xD4, 0x12, 0xC2, 0x78, 0x4B, 0x21, 0x83, 0x92, + 0xC7, 0x10, 0xC7, 0x74, 0x19, 0xFF, 0xAA, 0xF6, + 0x0B, 0x75, 0xD8, 0x23, 0xDD, 0x33, 0xC3, 0xA1, + 0x5B, 0xA7, 0x2D, 0x30, 0xA5, 0xA4, 0xD8, 0xF8, + 0x0F, 0xD6, 0x73, 0xFD, 0x26, 0xCB, 0x29, 0xA6, + 0xEF, 0x50, 0x39, 0xE2, 0x5F, 0x59, 0x61, 0x84, + 0x6B, 0xDA, 0x2E, 0xC7, 0xCB, 0xE4, 0x38, 0x4B, + 0x28, 0xFB, 0x0D, 0xD5, 0x8E, 0x7C, 0xAA, 0x7D, + 0x4B, 0x37, 0x3A, 0xD7, 0x81, 0xDD, 0x73, 0xE3, + 0x09, 0x93, 0xBD, 0xBD, 0x7E, 0x08, 0x55, 0x4A, + 0x8C, 0xA5, 0xC9, 0x84, 0x2D, 0x71, 0x01, 0xA2, + 0x2A, 0x01, 0xB0, 0x15, 0xFB, 0x30, 0x78, 0xB9, + 0x13, 0xF4, 0xC7, 0x3F, 0xB5, 0xA6, 0xF1, 0xA2, + 0x5E, 0x22, 0xB0, 0x02, 0xB6, 0xE0, 0x09, 0x54, + 0x7F, 0x0F, 0xBD, 0xF0, 0xFE, 0xA5, 0x50, 0x1D, + 0x93, 0x15, 0xF9, 0x3D, 0x83, 0x0F, 0x0F, 0x0E, + 0x3D, 0xE2, 0x3D, 0x96, 0xE7, 0x09, 0xD9, 0x77 +}; + +static const unsigned char xs9_dpki_rsa_privExp[256] = //xs9_dpki_rsa_privExp +{ + 0x74, 0xCB, 0xCF, 0x1E, 0xD0, 0x2D, 0xD4, 0xF9, + 0xE0, 0x05, 0xCE, 0x9C, 0x66, 0x3D, 0xE3, 0x62, + 0x66, 0x62, 0x4E, 0xB5, 0x82, 0xE1, 0x24, 0x1B, + 0x5F, 0x73, 0x2A, 0x7F, 0x1D, 0xB3, 0x6E, 0x50, + 0x07, 0x83, 0xA0, 0xC0, 0xED, 0xCE, 0xB7, 0xF9, + 0x3D, 0xAC, 0x61, 0xC5, 0x7B, 0x99, 0xA0, 0xBC, + 0xCE, 0x42, 0x8F, 0xD3, 0xB0, 0xA5, 0xBF, 0x2A, + 0x3D, 0x3E, 0x5E, 0xDC, 0x56, 0xC3, 0xA5, 0xDE, + 0x35, 0xCD, 0x0A, 0x00, 0xF8, 0x17, 0x6B, 0x20, + 0x79, 0xEF, 0xD8, 0x83, 0x23, 0xBF, 0x21, 0x28, + 0xFF, 0x38, 0x7D, 0x80, 0x07, 0x15, 0x18, 0x6C, + 0xB9, 0x20, 0xF8, 0x85, 0x77, 0xBC, 0xD9, 0x2A, + 0x35, 0x1C, 0xFE, 0xE3, 0xF1, 0xE8, 0x98, 0x2E, + 0xA0, 0x4A, 0x48, 0x77, 0x35, 0x03, 0xC9, 0x7A, + 0xAC, 0xDA, 0xBE, 0x6D, 0x1D, 0xFB, 0xE4, 0xDE, + 0xEC, 0x70, 0x65, 0xFA, 0x10, 0x65, 0xA4, 0xB8, + 0x6A, 0xDF, 0x32, 0x6B, 0x8E, 0x28, 0x79, 0x25, + 0x87, 0x72, 0xC0, 0x7C, 0x5B, 0x81, 0xBC, 0x81, + 0x92, 0x44, 0x7D, 0xEA, 0x61, 0xBD, 0x3C, 0x48, + 0xF3, 0x0E, 0x18, 0xDC, 0x8D, 0x89, 0xA0, 0x34, + 0xC3, 0xAE, 0x9C, 0x57, 0x72, 0xA6, 0xD7, 0x7C, + 0x79, 0xF7, 0xE9, 0x14, 0x6E, 0x15, 0xAC, 0x01, + 0xFA, 0xFF, 0xC8, 0xA2, 0x2A, 0x3A, 0xAB, 0x24, + 0x3C, 0x7E, 0x2E, 0xC5, 0xDA, 0x83, 0xD5, 0x9D, + 0x24, 0x10, 0x83, 0x7A, 0xF4, 0xBB, 0xA3, 0x6F, + 0x88, 0xCE, 0xEC, 0x24, 0x1B, 0xF4, 0x36, 0x2E, + 0x96, 0xC9, 0x6D, 0x19, 0x02, 0xFE, 0xAA, 0x21, + 0x3E, 0x95, 0xA7, 0xFE, 0x83, 0xC8, 0x99, 0x7F, + 0xD1, 0xCB, 0x7C, 0x1F, 0x91, 0x30, 0xDB, 0xA4, + 0xD3, 0xDD, 0xDA, 0x9B, 0x12, 0x4E, 0x24, 0xD1, + 0xA5, 0x6F, 0x15, 0xFC, 0x2C, 0x72, 0x98, 0x2C, + 0x89, 0xC5, 0x7D, 0x89, 0xDE, 0x2B, 0x4E, 0x01 +}; + +static const unsigned char xs9_dpki_rsa_pubMod[256] = //xs9_dpki_rsa_pubMod +{ + 0xC0, 0x84, 0x4C, 0xEB, 0x7E, 0xB0, 0xCF, 0xF0, + 0xAE, 0xB7, 0x77, 0x69, 0x85, 0x93, 0xE4, 0x99, + 0x5A, 0x95, 0x4E, 0x58, 0x17, 0x38, 0xCE, 0xD6, + 0x81, 0xB0, 0xBD, 0x77, 0x09, 0xE7, 0xF8, 0x9A, + 0xDF, 0xAD, 0x05, 0x48, 0x83, 0xF6, 0xC3, 0xFD, + 0xDF, 0x7B, 0x83, 0xE0, 0x0C, 0x26, 0x81, 0x54, + 0x43, 0x29, 0xEA, 0x82, 0x6C, 0x89, 0xF0, 0xA6, + 0x74, 0x42, 0x86, 0x4D, 0x32, 0x60, 0x32, 0x7D, + 0xA7, 0x7A, 0x13, 0x40, 0x66, 0x59, 0xDA, 0x3E, + 0x41, 0x6B, 0x27, 0x94, 0x03, 0x4F, 0xAA, 0x22, + 0x9D, 0xD5, 0x54, 0x52, 0xDB, 0x27, 0x0A, 0x6A, + 0xA2, 0x3D, 0x19, 0xB1, 0x66, 0x1B, 0x19, 0x7D, + 0xAB, 0xC7, 0x0E, 0x88, 0x17, 0x91, 0xA1, 0x2A, + 0xB4, 0x3C, 0x6C, 0xCB, 0xF5, 0xAA, 0x7C, 0x3A, + 0xDD, 0x36, 0xFB, 0x35, 0x71, 0x7B, 0x20, 0x01, + 0x59, 0x00, 0xD6, 0xF6, 0x90, 0x39, 0x35, 0x41, + 0x31, 0xF8, 0xC1, 0xC0, 0x57, 0x3A, 0x35, 0x18, + 0x58, 0x90, 0xB1, 0xAD, 0x9A, 0x0E, 0xEC, 0xE0, + 0xF4, 0x7A, 0x7D, 0xA5, 0x27, 0x48, 0xC9, 0x72, + 0xAB, 0x0D, 0x08, 0x7B, 0x62, 0x35, 0x40, 0x91, + 0x14, 0x2B, 0xB1, 0x1D, 0x1A, 0xFA, 0xF9, 0xCD, + 0x5C, 0x17, 0x13, 0x53, 0x52, 0x71, 0xCA, 0xE2, + 0x2A, 0x78, 0xB1, 0x7F, 0x4A, 0xCD, 0x59, 0xD8, + 0xBA, 0x1D, 0x7D, 0x70, 0x5F, 0x78, 0x1B, 0x9F, + 0x9D, 0x37, 0x18, 0x8E, 0xD7, 0xCD, 0x0D, 0x49, + 0x57, 0x74, 0x69, 0x88, 0x3A, 0x6B, 0x8E, 0x4E, + 0x1B, 0x85, 0xDD, 0xBE, 0x39, 0x45, 0x05, 0x89, + 0x56, 0x12, 0x97, 0x59, 0x9A, 0x09, 0xA4, 0xC8, + 0x2D, 0x2F, 0xF5, 0xCF, 0xB4, 0x73, 0x70, 0xDB, + 0x58, 0x1E, 0xB2, 0x4E, 0x77, 0x6F, 0xA4, 0x7E, + 0x62, 0xDF, 0xB7, 0x05, 0xE8, 0x80, 0x42, 0x5C, + 0xB8, 0x78, 0x87, 0x97, 0x7F, 0x66, 0x2C, 0x5F +}; + +static const unsigned char DevNcsdCfa_privExp[256] = //DevNcsdCfa_privExp +{ + 0x32, 0x36, 0x43, 0xC2, 0xB3, 0x1A, 0x7E, 0x13, + 0xAB, 0xA2, 0xB6, 0x8B, 0x4F, 0x05, 0xA7, 0xA6, + 0xCD, 0xE7, 0xA6, 0x74, 0x47, 0x49, 0xE6, 0x51, + 0xE4, 0x71, 0x74, 0x15, 0x76, 0x91, 0xF7, 0x92, + 0xB1, 0x4E, 0xF6, 0x99, 0x73, 0x1E, 0xCF, 0xB5, + 0x1D, 0x7C, 0xAF, 0xC5, 0xEA, 0x57, 0x01, 0xE5, + 0x5C, 0x10, 0x47, 0xEA, 0x3A, 0x54, 0x86, 0x03, + 0x2A, 0x76, 0x05, 0x72, 0x53, 0x16, 0xC2, 0xAE, + 0x2D, 0xBE, 0x71, 0xF7, 0x17, 0x6B, 0x23, 0xDD, + 0x2C, 0xB8, 0x8D, 0x13, 0x14, 0xE5, 0xDA, 0x3B, + 0xC7, 0x33, 0x7A, 0xBA, 0xE5, 0x2A, 0x2B, 0x7D, + 0x5A, 0x12, 0x27, 0x38, 0x56, 0xDF, 0xED, 0x70, + 0x03, 0x0E, 0xED, 0x64, 0xC7, 0xF6, 0x54, 0xAC, + 0xFE, 0x1D, 0x77, 0xA4, 0xE4, 0xBC, 0xEB, 0xB9, + 0xA6, 0xC5, 0xFE, 0x3A, 0xAF, 0x58, 0x81, 0xE4, + 0x3F, 0xA0, 0xE6, 0x93, 0x13, 0x2D, 0x98, 0x7D, + 0xB3, 0xE2, 0xC9, 0xC8, 0xD6, 0x31, 0x91, 0x73, + 0x9D, 0xCA, 0xC9, 0x44, 0xEF, 0xD0, 0x39, 0xBF, + 0x38, 0xFD, 0x1C, 0x91, 0x72, 0x93, 0x40, 0xA9, + 0x8A, 0x0D, 0x3E, 0x32, 0xC4, 0x59, 0x4B, 0x0C, + 0xC7, 0xEA, 0x50, 0x41, 0x9F, 0xF5, 0xE2, 0xB7, + 0x50, 0x7C, 0xE3, 0xC9, 0xEC, 0x46, 0x18, 0xAC, + 0xB4, 0x91, 0x2A, 0x32, 0xE0, 0xD8, 0x10, 0x6F, + 0xFC, 0x81, 0xB3, 0x95, 0xF3, 0xFC, 0x78, 0xC0, + 0xEF, 0xE5, 0x7B, 0x8D, 0x14, 0xD4, 0x36, 0x26, + 0x5F, 0xC6, 0x32, 0xC0, 0x19, 0x87, 0x5C, 0x77, + 0x26, 0x37, 0xD8, 0xAE, 0x66, 0xD6, 0x0B, 0x28, + 0x26, 0x43, 0x7C, 0x25, 0xDB, 0x6D, 0x5C, 0xE8, + 0x94, 0x8F, 0xA9, 0x77, 0x07, 0xB2, 0xC0, 0x85, + 0xCD, 0x41, 0xBA, 0x48, 0x88, 0x73, 0x34, 0xD5, + 0x20, 0x8A, 0x0F, 0xE3, 0x9E, 0x99, 0xF0, 0xC8, + 0xE8, 0xD9, 0x2C, 0x2A, 0x21, 0x69, 0xE4, 0xC1 +}; + +static const unsigned char DevNcsdCfa_pubMod[256] = //DevNcsdCfa_pubMod +{ + 0xB9, 0x0C, 0xC4, 0xC6, 0x78, 0xF8, 0x6E, 0x30, + 0x05, 0x28, 0xC1, 0xCB, 0xD2, 0xCF, 0xA7, 0x80, + 0x5C, 0x57, 0x4D, 0x16, 0x9C, 0xAF, 0xA6, 0xCD, + 0x01, 0xBB, 0x83, 0x33, 0xAD, 0x03, 0xBB, 0x06, + 0x63, 0xD8, 0x17, 0xF5, 0xE3, 0xDF, 0xDA, 0x0D, + 0x3B, 0x86, 0x0E, 0xA2, 0x80, 0x47, 0x94, 0x44, + 0x6F, 0xD9, 0x97, 0x7E, 0x78, 0x6A, 0xC3, 0x93, + 0x93, 0xEF, 0x02, 0xFC, 0x22, 0x9F, 0x80, 0x77, + 0x8C, 0x70, 0x92, 0x1C, 0x43, 0xB1, 0x37, 0x4C, + 0x76, 0xE0, 0x57, 0x3B, 0xAB, 0x89, 0xFF, 0xEF, + 0xE5, 0xBB, 0x3E, 0xAB, 0x91, 0x39, 0xB8, 0xD9, + 0x66, 0x0B, 0x64, 0x28, 0x91, 0x92, 0xE9, 0xD0, + 0xB3, 0xDF, 0xD1, 0x4B, 0xC1, 0x73, 0xB5, 0x3F, + 0x56, 0xA0, 0x40, 0x10, 0xFE, 0x15, 0x2B, 0x1F, + 0xA2, 0x7A, 0xDE, 0x31, 0xB0, 0x26, 0x40, 0xC3, + 0x57, 0xFD, 0x35, 0xCB, 0xF0, 0xFA, 0xFF, 0xFB, + 0x6F, 0xDB, 0xCD, 0x34, 0x1D, 0x51, 0x2D, 0x2D, + 0x81, 0x18, 0xFF, 0x0C, 0x08, 0x51, 0xD5, 0xB4, + 0x4B, 0x56, 0x16, 0x02, 0x9F, 0x4E, 0x6A, 0xDF, + 0x06, 0x6E, 0xCB, 0x72, 0x85, 0xE9, 0x2E, 0x43, + 0xA2, 0x08, 0x78, 0x0C, 0x38, 0x9C, 0x19, 0xBD, + 0x7B, 0x74, 0x74, 0x68, 0xC4, 0x2D, 0xC1, 0x35, + 0x9E, 0x65, 0x3B, 0xD8, 0x99, 0x04, 0x1C, 0x8B, + 0x93, 0x8E, 0x7E, 0x92, 0x7C, 0xBB, 0xDD, 0x60, + 0xEC, 0xE7, 0xFE, 0x0E, 0x9D, 0x4F, 0x36, 0x46, + 0xE6, 0xF1, 0x5C, 0x94, 0x70, 0xEE, 0x67, 0x5F, + 0x36, 0x2B, 0x70, 0x44, 0x8D, 0xCA, 0x09, 0xB9, + 0x58, 0x67, 0xD2, 0x9F, 0xAD, 0x1F, 0x13, 0x54, + 0x74, 0xAD, 0xA6, 0x84, 0x44, 0x28, 0xF3, 0xDE, + 0x7E, 0x4C, 0x20, 0x2B, 0xC5, 0xE9, 0x12, 0xE9, + 0x5E, 0xFB, 0x8D, 0x77, 0xA9, 0xA4, 0xD2, 0x0D, + 0x3C, 0x38, 0x24, 0xBE, 0xF5, 0x8A, 0xB5, 0xF5 +}; + +static const unsigned char AccessDesc_privExp[256] = //AccessDesc_privExp +{ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 +}; + +static const unsigned char AccessDesc_pubMod[256] = //AccessDesc_pubMod +{ + 0xF4, 0x3C, 0x45, 0x82, 0xFB, 0xF8, 0x90, 0x5D, + 0x07, 0x02, 0x9F, 0x2A, 0x98, 0x8B, 0x63, 0xB7, + 0xD3, 0x8F, 0x3C, 0xE2, 0xE0, 0xE0, 0x93, 0xBF, + 0xDF, 0x32, 0x43, 0x4D, 0xBE, 0xF4, 0xD1, 0x7A, + 0x3A, 0x4E, 0x54, 0x31, 0xD7, 0x73, 0xAE, 0x99, + 0x4C, 0xC4, 0x1F, 0x3C, 0x3E, 0xF0, 0x57, 0x05, + 0xA3, 0x8A, 0x45, 0x54, 0x60, 0xD8, 0x8F, 0xD9, + 0x1D, 0x68, 0x0D, 0x0E, 0x2E, 0xEF, 0xC8, 0xE8, + 0x3D, 0xC9, 0x19, 0xF3, 0x73, 0x1E, 0x2D, 0xDA, + 0x77, 0x88, 0x3E, 0xCA, 0x5E, 0x25, 0x70, 0x4B, + 0xF7, 0x70, 0x95, 0x83, 0x54, 0x24, 0xE0, 0xC3, + 0x1A, 0x75, 0xDF, 0x61, 0x3D, 0xD1, 0x42, 0xEC, + 0x35, 0x1B, 0x38, 0xD6, 0xC1, 0xF6, 0x7E, 0x18, + 0x2A, 0x84, 0x85, 0xDD, 0x57, 0x74, 0x1F, 0x0A, + 0x2E, 0xF6, 0xB2, 0x94, 0xA2, 0x3E, 0xE9, 0xA1, + 0xD0, 0x09, 0xF7, 0x3A, 0x99, 0x80, 0x05, 0xAF, + 0x57, 0x55, 0xEF, 0x52, 0xFA, 0x24, 0x3E, 0x7F, + 0xD4, 0x7C, 0x41, 0x44, 0x7B, 0x06, 0x7F, 0xB9, + 0x5B, 0x2E, 0x8E, 0x96, 0xAE, 0x46, 0x12, 0x4D, + 0x64, 0x21, 0xE5, 0x0F, 0x85, 0xCC, 0xEB, 0x92, + 0xE5, 0xF0, 0xF5, 0xA7, 0x42, 0x27, 0x3B, 0xEC, + 0xF8, 0xE7, 0x81, 0x75, 0x6F, 0x63, 0x0A, 0x8B, + 0x0D, 0x77, 0x38, 0x51, 0xE6, 0x66, 0x33, 0xBA, + 0x79, 0xDC, 0x2F, 0x2C, 0x8F, 0xC3, 0x28, 0x06, + 0xBB, 0x03, 0x9C, 0xDB, 0xD1, 0x64, 0x0A, 0x66, + 0xF0, 0xF8, 0xC1, 0x2A, 0x49, 0x1D, 0x0C, 0x6E, + 0x35, 0xBB, 0xEA, 0xB3, 0x5C, 0x0D, 0xE9, 0x95, + 0x7C, 0x67, 0xBE, 0x65, 0x77, 0xEC, 0x07, 0xC0, + 0x23, 0x05, 0x0A, 0x72, 0x48, 0x86, 0xE9, 0x9E, + 0xFC, 0x25, 0x15, 0xE7, 0xC8, 0x21, 0x65, 0xE0, + 0x1B, 0xD5, 0xD5, 0x0E, 0xD3, 0x11, 0x54, 0xBB, + 0x29, 0x78, 0xBF, 0x2A, 0x3C, 0x3B, 0xB6, 0xB1 +}; + +static const unsigned char CrrDevKey_privExp[256] = //CrrDevKey_privExp +{ + 0x8D, 0x27, 0x29, 0x6B, 0xC7, 0xA7, 0xED, 0xCD, + 0x94, 0x2D, 0x36, 0x5E, 0x86, 0xA8, 0x26, 0xE7, + 0x43, 0x9E, 0x64, 0xC8, 0xAA, 0x9A, 0x58, 0x21, + 0x07, 0xF7, 0xB3, 0xFB, 0xCF, 0x8D, 0x3E, 0x53, + 0xF0, 0x02, 0x25, 0x7B, 0x80, 0x18, 0x2E, 0x0D, + 0x84, 0x7D, 0x6C, 0xE0, 0xDA, 0xC0, 0x17, 0xA6, + 0xA5, 0x13, 0xE6, 0xFD, 0xBF, 0x98, 0xFC, 0x87, + 0x9A, 0x9E, 0x0E, 0x13, 0x87, 0x66, 0x24, 0x8D, + 0xA5, 0x6C, 0x58, 0x86, 0x10, 0x80, 0x90, 0x89, + 0xEE, 0xFD, 0x40, 0x94, 0xCB, 0x1F, 0x26, 0xAB, + 0xD1, 0xD3, 0xFF, 0xE9, 0x7B, 0x76, 0xDC, 0x65, + 0xC0, 0x15, 0xD8, 0x9B, 0xF6, 0x29, 0xE1, 0x49, + 0xE9, 0xDC, 0xBE, 0x24, 0x17, 0xFF, 0x09, 0x2C, + 0xD6, 0xC4, 0x6D, 0x50, 0x33, 0xDC, 0xA0, 0x9D, + 0x9D, 0xCC, 0xDD, 0x6E, 0x7B, 0xDF, 0x42, 0x22, + 0x4D, 0x80, 0xC7, 0xEB, 0xCB, 0xB1, 0x60, 0x2F, + 0x04, 0xEE, 0x04, 0x0E, 0x4C, 0x76, 0x49, 0x55, + 0x92, 0xA5, 0xC1, 0x13, 0x60, 0x0A, 0x80, 0x15, + 0x3D, 0x1C, 0xC6, 0x46, 0x57, 0x2E, 0x7C, 0xB0, + 0x3D, 0x87, 0x06, 0x87, 0xFD, 0x31, 0xF8, 0xE7, + 0x14, 0x97, 0x2A, 0x57, 0x40, 0xAC, 0x94, 0x61, + 0xCD, 0xCF, 0xDE, 0x8C, 0x40, 0x46, 0x95, 0xA0, + 0xD6, 0xF9, 0x2C, 0x08, 0x9B, 0x12, 0xBF, 0xF1, + 0x88, 0x9C, 0x5D, 0x40, 0x32, 0x6D, 0x9D, 0x99, + 0xA4, 0x80, 0xA6, 0xC2, 0x45, 0x5A, 0xD3, 0x22, + 0xFE, 0xFA, 0x17, 0x54, 0x11, 0xEA, 0x41, 0xB4, + 0xBD, 0x68, 0x1E, 0xDD, 0x3F, 0xE5, 0x92, 0xCB, + 0x9E, 0xF8, 0xC0, 0x0A, 0x8B, 0xF5, 0x89, 0xA4, + 0x03, 0x68, 0xF8, 0xF8, 0x99, 0x7C, 0xFE, 0xAD, + 0x32, 0xDD, 0x5C, 0xB4, 0x06, 0x29, 0xDA, 0x96, + 0x8B, 0xBA, 0xCB, 0x15, 0xDE, 0x38, 0x0D, 0xCA, + 0xF7, 0x01, 0x65, 0xF6, 0x2D, 0x36, 0x6E, 0x71 +}; + +static const unsigned char CrrDevKey_pubMod[256] = //CrrDevKey_pubMod +{ + 0xE2, 0xAD, 0xA6, 0xEA, 0xCA, 0xA3, 0xE8, 0xCC, + 0xA9, 0x70, 0x1D, 0x2E, 0x23, 0x4B, 0xC6, 0x55, + 0xCE, 0x13, 0xD9, 0xA7, 0x58, 0xB4, 0xC7, 0x73, + 0x96, 0x1D, 0xE8, 0xC3, 0x09, 0x4D, 0x9B, 0xC3, + 0xEB, 0x69, 0xA2, 0x37, 0x83, 0x5D, 0xD8, 0x37, + 0x04, 0x72, 0x7A, 0x4F, 0xEA, 0x53, 0x98, 0x9D, + 0x0E, 0x01, 0x34, 0x70, 0x9A, 0x82, 0x06, 0xE7, + 0x6A, 0xC9, 0xF8, 0x0E, 0x49, 0x5A, 0xA4, 0xE7, + 0x0E, 0xFA, 0xD4, 0xAB, 0x3B, 0xC5, 0xD7, 0xF1, + 0xA4, 0xFC, 0x92, 0x7F, 0xD0, 0xF3, 0xCD, 0xD5, + 0xB9, 0x2A, 0x1A, 0x41, 0x62, 0xB3, 0x7B, 0x3E, + 0x1E, 0x35, 0x46, 0x41, 0x8E, 0xB2, 0x53, 0x1A, + 0x60, 0xF8, 0xC2, 0xD1, 0x94, 0xB3, 0x9D, 0x76, + 0x9F, 0x1D, 0x98, 0xAC, 0xF0, 0xCF, 0xE3, 0xA9, + 0x05, 0x85, 0xF2, 0xBF, 0x55, 0x76, 0x1B, 0x89, + 0x1C, 0xC3, 0x19, 0x2E, 0xEE, 0x94, 0xBE, 0x75, + 0x0F, 0xA3, 0x76, 0x8B, 0x24, 0x24, 0x97, 0xFA, + 0xC0, 0x53, 0x24, 0xF5, 0x85, 0x02, 0x19, 0x9D, + 0xC5, 0x11, 0x2E, 0x6B, 0xA3, 0x26, 0xFE, 0xF7, + 0x55, 0xD4, 0x23, 0x0A, 0x73, 0x3F, 0x37, 0x53, + 0xEA, 0xC2, 0xB7, 0xC1, 0xC9, 0xD8, 0xF3, 0x2F, + 0x78, 0x76, 0x4A, 0xA0, 0x69, 0x60, 0x91, 0xC2, + 0x7D, 0x11, 0x74, 0xEF, 0x96, 0xD9, 0x74, 0x53, + 0xB1, 0x1C, 0xB0, 0xC4, 0x32, 0x16, 0x82, 0x3B, + 0xAF, 0x61, 0xB2, 0xDE, 0x38, 0x87, 0x3E, 0x37, + 0x4B, 0xA3, 0x95, 0x88, 0x8E, 0xE0, 0x27, 0x9A, + 0x1F, 0x7D, 0xB8, 0x23, 0xC3, 0x63, 0xE8, 0x68, + 0x51, 0xD9, 0x8C, 0x4C, 0xC2, 0x59, 0x86, 0x49, + 0xF7, 0x46, 0x9E, 0x3C, 0xD7, 0x9F, 0x89, 0x23, + 0xB4, 0x73, 0x35, 0x2F, 0x18, 0x23, 0x76, 0xA3, + 0x9F, 0x40, 0x0B, 0x76, 0x90, 0x85, 0xC8, 0x89, + 0xDA, 0x65, 0xE7, 0x6E, 0xEF, 0x2E, 0xF5, 0x67 +}; + +static const unsigned char Dummy_rsa_privExp[256] = //Dummy_rsa_privExp +{ + 0xE3, 0xC6, 0x76, 0x57, 0x2E, 0xCB, 0xA5, 0xE6, + 0x0C, 0x01, 0xBD, 0x5C, 0x32, 0x2D, 0x90, 0xE0, + 0xFF, 0x9A, 0x80, 0xE8, 0x66, 0x8D, 0x84, 0xDC, + 0xF7, 0x75, 0x5F, 0x3F, 0x98, 0x7C, 0x97, 0x40, + 0x20, 0x21, 0xB7, 0x24, 0xC0, 0x61, 0x2D, 0x83, + 0xB0, 0x91, 0x8E, 0xE3, 0xC2, 0xD0, 0x2C, 0xA1, + 0x2C, 0x99, 0x4F, 0x48, 0xF7, 0x4E, 0x13, 0xD3, + 0x01, 0x71, 0x25, 0x9B, 0x3C, 0x75, 0x7C, 0xC4, + 0xE5, 0x89, 0x7E, 0xDA, 0xF9, 0x99, 0x5C, 0x83, + 0xE4, 0xDD, 0x36, 0x62, 0x5B, 0x0E, 0x12, 0x91, + 0xD6, 0x39, 0x45, 0x69, 0x62, 0x20, 0xCA, 0xF4, + 0xBA, 0x6B, 0x28, 0x1A, 0x7C, 0xBF, 0xB9, 0x97, + 0x37, 0x46, 0xC2, 0x7A, 0xCF, 0x10, 0x68, 0xC2, + 0xC9, 0xF1, 0x48, 0xDA, 0x8A, 0x2F, 0x4C, 0xBC, + 0x3B, 0x1C, 0xB8, 0x8F, 0x04, 0x7F, 0xFD, 0x9D, + 0xE2, 0x0A, 0xD2, 0x09, 0x39, 0xC7, 0xD9, 0x81, + 0x59, 0x17, 0x73, 0xB2, 0xEC, 0xEB, 0x36, 0x67, + 0xA5, 0xA8, 0xD5, 0x71, 0xD9, 0x38, 0x6A, 0xD1, + 0x28, 0xB9, 0x46, 0x85, 0x3A, 0x81, 0x85, 0x4E, + 0x55, 0xA7, 0x74, 0x79, 0xBB, 0xC5, 0x97, 0xF7, + 0xEF, 0xE0, 0x81, 0x20, 0xE0, 0xEA, 0x45, 0x8F, + 0xED, 0x70, 0x8E, 0xD6, 0xFF, 0x49, 0xCF, 0x7F, + 0xF2, 0xFF, 0x22, 0x20, 0x3F, 0xE9, 0x92, 0x99, + 0xDE, 0x81, 0xD6, 0x27, 0xF7, 0xB8, 0x3A, 0x1D, + 0x4F, 0xA2, 0x50, 0xFB, 0xA5, 0xE7, 0x98, 0x08, + 0xB5, 0x2B, 0xA2, 0x94, 0xA9, 0x17, 0x1A, 0xA8, + 0x34, 0xF6, 0x5E, 0x24, 0x2D, 0x40, 0x2F, 0xCB, + 0x3C, 0xB0, 0xF8, 0x7E, 0x84, 0xB4, 0x87, 0x82, + 0x19, 0xAF, 0x87, 0xB6, 0xFA, 0xA9, 0x67, 0x27, + 0x07, 0x28, 0xBA, 0x2E, 0xA5, 0x8E, 0xDD, 0xE5, + 0xD4, 0xFD, 0x06, 0x09, 0xDF, 0xBD, 0x87, 0x95, + 0x95, 0x25, 0x05, 0x5E, 0xB2, 0x00, 0x18, 0x41 +}; + +static const unsigned char Dummy_rsa_pubMod[256] = //Dummy_rsa_pubMod +{ + 0xE6, 0x64, 0x06, 0x6C, 0x49, 0x6B, 0xEC, 0xEE, + 0x59, 0xAE, 0x11, 0x92, 0xF1, 0x03, 0x43, 0x87, + 0x8E, 0xEB, 0x4D, 0x70, 0xA9, 0x71, 0xB4, 0x6D, + 0x25, 0x19, 0x02, 0x4A, 0x9E, 0x4D, 0xA3, 0x10, + 0xFD, 0xB2, 0x27, 0x56, 0xA3, 0xFB, 0xDD, 0xE5, + 0xE4, 0x4E, 0xE0, 0x62, 0x8F, 0xC3, 0x2E, 0xEE, + 0x8F, 0x9D, 0x4D, 0x6E, 0x00, 0xDB, 0x88, 0x49, + 0xA2, 0xFC, 0x30, 0xFE, 0x94, 0xF3, 0x06, 0x92, + 0x75, 0x61, 0x11, 0x1D, 0x24, 0x07, 0xE9, 0x12, + 0xB6, 0xB1, 0x57, 0xF5, 0xDC, 0x01, 0xF7, 0x54, + 0xBF, 0xC3, 0xAC, 0x8C, 0x73, 0x2C, 0x73, 0x17, + 0x8E, 0xBF, 0x2F, 0x68, 0x3C, 0x61, 0x75, 0x32, + 0x15, 0x39, 0x93, 0xDD, 0xBA, 0x12, 0x42, 0xD3, + 0x25, 0x85, 0xFA, 0xA6, 0x4B, 0xAF, 0x81, 0x4B, + 0xCA, 0xD2, 0x9C, 0xF1, 0x3D, 0x37, 0xAE, 0xB9, + 0xFD, 0x77, 0x59, 0x78, 0xB9, 0x32, 0x95, 0x19, + 0xD1, 0x47, 0xE1, 0xC6, 0xE1, 0x16, 0x13, 0x5D, + 0xCC, 0x99, 0x31, 0x63, 0xAD, 0xBB, 0xA5, 0x4F, + 0xE4, 0x41, 0x67, 0xFD, 0x7F, 0x1E, 0xA8, 0x9A, + 0x35, 0x65, 0xEB, 0xC4, 0x4D, 0xD4, 0xC4, 0x29, + 0x0F, 0x40, 0x95, 0xFD, 0x8A, 0x30, 0x67, 0x79, + 0xFB, 0xD4, 0x76, 0x6F, 0xD1, 0xDE, 0x8C, 0x72, + 0x32, 0x05, 0x97, 0x5A, 0x26, 0x0D, 0x37, 0xCA, + 0x12, 0x2C, 0xDC, 0x14, 0x3F, 0xD3, 0x59, 0x00, + 0x66, 0xD2, 0x8E, 0xF5, 0x6E, 0x22, 0x08, 0x63, + 0x59, 0xB5, 0x3F, 0xBB, 0x3A, 0x4D, 0xD4, 0xD1, + 0xC1, 0x21, 0xA7, 0x4D, 0x02, 0x96, 0x08, 0xF5, + 0x2B, 0x11, 0xE5, 0x85, 0xD2, 0x6E, 0x91, 0xD6, + 0x8F, 0x77, 0x72, 0xEF, 0x37, 0xE3, 0x79, 0x19, + 0xA9, 0xEE, 0x58, 0x5D, 0x52, 0x9B, 0x2D, 0x47, + 0x7D, 0x27, 0xB8, 0xC3, 0x76, 0xCA, 0xDA, 0xC2, + 0xF4, 0xFC, 0xF4, 0x53, 0x7C, 0xD8, 0x43, 0x87 +}; + +//Certificates +static const unsigned char ca4_dpki_cert[0x400] = +{ + 0x00, 0x01, 0x00, 0x03, 0x19, 0x49, 0x42, 0x9D, + 0x1E, 0x58, 0xA6, 0x2E, 0x7E, 0x8B, 0x56, 0xD1, + 0xB7, 0x6A, 0xE3, 0x02, 0xFD, 0x8B, 0x97, 0x49, + 0x1F, 0x77, 0x87, 0x45, 0xF7, 0x53, 0x88, 0xC4, + 0xDD, 0x0B, 0xEB, 0x1D, 0xF1, 0x22, 0xFB, 0x96, + 0x42, 0x15, 0x14, 0x97, 0x76, 0x4A, 0x53, 0xCF, + 0x78, 0x15, 0x18, 0x45, 0xE4, 0x2C, 0xA8, 0xFD, + 0xE4, 0x86, 0xFD, 0x2A, 0x4F, 0x53, 0xF8, 0xA1, + 0xBA, 0x00, 0x8A, 0x74, 0x85, 0xFF, 0x73, 0xB3, + 0xBF, 0x7E, 0x3C, 0x98, 0x07, 0x29, 0xD0, 0x65, + 0x6B, 0x69, 0x32, 0x19, 0xAD, 0xE8, 0x35, 0xEB, + 0x5F, 0xFF, 0xFC, 0xCB, 0x7C, 0xBB, 0x5E, 0x30, + 0x7F, 0xE0, 0x68, 0x8B, 0x88, 0x8E, 0xF2, 0xD2, + 0x05, 0x3F, 0xB7, 0xE7, 0x91, 0xE9, 0x85, 0xFD, + 0x15, 0xEF, 0x10, 0xD7, 0x9C, 0xCA, 0x88, 0xD6, + 0xBB, 0x15, 0xE8, 0xE4, 0x71, 0x4A, 0x98, 0xEE, + 0x09, 0xBF, 0x7B, 0x8A, 0xF0, 0x53, 0x23, 0x2B, + 0x64, 0x50, 0xE6, 0xD5, 0xFD, 0xFF, 0xC2, 0x0A, + 0x6D, 0x1E, 0xA6, 0xA2, 0x38, 0x12, 0xE1, 0x01, + 0x45, 0x25, 0xD5, 0x6D, 0x40, 0x82, 0x70, 0x3B, + 0x86, 0x98, 0x69, 0x59, 0xA7, 0x3C, 0xD1, 0xA1, + 0x43, 0x64, 0xD2, 0xC2, 0xDA, 0xEA, 0x96, 0xB0, + 0x95, 0xF7, 0x6C, 0x46, 0xE4, 0xFF, 0x41, 0x55, + 0x46, 0x5E, 0x70, 0xEF, 0x1E, 0xD3, 0x10, 0x53, + 0xD9, 0x70, 0x11, 0xE0, 0x10, 0xCC, 0x93, 0xE7, + 0x91, 0x40, 0x13, 0x68, 0x7F, 0xA3, 0xA8, 0x02, + 0x99, 0x6D, 0x1E, 0x55, 0x7B, 0x1C, 0xCC, 0x7A, + 0x7E, 0x8F, 0x58, 0x65, 0xC1, 0x74, 0x2E, 0x28, + 0xE2, 0x6D, 0xEF, 0x38, 0xA9, 0x3A, 0xB5, 0xD8, + 0x2D, 0x43, 0xEC, 0xCC, 0xBF, 0x0B, 0xEF, 0x22, + 0xE1, 0xFD, 0x57, 0xE2, 0x86, 0x43, 0x33, 0x58, + 0x2F, 0xED, 0xEA, 0xBC, 0x01, 0x2F, 0x98, 0x6D, + 0xDF, 0xC3, 0xE9, 0x44, 0x79, 0x73, 0x47, 0x03, + 0x08, 0x45, 0x5B, 0xDC, 0x57, 0xAA, 0x17, 0x0B, + 0x84, 0x42, 0x7F, 0x73, 0xA2, 0x9B, 0x48, 0xF6, + 0xDA, 0x13, 0x5F, 0x66, 0xC7, 0x45, 0xC1, 0x42, + 0xA8, 0x4A, 0xFB, 0x0E, 0x6A, 0x5E, 0xED, 0x85, + 0xD7, 0xB9, 0x71, 0x99, 0x36, 0xF8, 0xCE, 0x2B, + 0x62, 0x1F, 0x39, 0x5F, 0x40, 0xDC, 0x03, 0xBE, + 0xF8, 0x85, 0x4C, 0x11, 0x17, 0xFF, 0x0C, 0x12, + 0x86, 0x41, 0xCC, 0x78, 0x43, 0xB9, 0x7B, 0x43, + 0x46, 0xDB, 0x22, 0x6F, 0x60, 0x26, 0xAC, 0xB5, + 0x6C, 0x27, 0x8B, 0x8E, 0x0E, 0xA7, 0x9A, 0x2D, + 0x65, 0xEF, 0x79, 0x8E, 0x10, 0x78, 0xAD, 0x80, + 0xED, 0x4B, 0x96, 0x04, 0xD2, 0xF0, 0x8B, 0x2C, + 0xD6, 0x4A, 0x23, 0xA3, 0xDB, 0x27, 0x08, 0x33, + 0xB4, 0x02, 0xF8, 0x08, 0x51, 0xF3, 0x5B, 0xED, + 0x3E, 0xE4, 0x57, 0x7C, 0x66, 0x60, 0xFB, 0xF1, + 0x6D, 0x94, 0x13, 0xE0, 0x9C, 0x91, 0x7A, 0x49, + 0xD4, 0x2C, 0x6D, 0xA3, 0x75, 0xBC, 0x27, 0xF0, + 0x23, 0x0D, 0xB9, 0x8F, 0x89, 0x73, 0xAB, 0x02, + 0x7B, 0x52, 0x2C, 0xD5, 0x7E, 0xC0, 0x3D, 0x25, + 0xE8, 0xB3, 0xFC, 0x34, 0x94, 0xC9, 0x7F, 0xB1, + 0x08, 0xFE, 0x18, 0xC6, 0x8A, 0x43, 0x36, 0xE4, + 0x6C, 0x26, 0xB6, 0xF2, 0x80, 0xD2, 0x7E, 0x34, + 0xBE, 0x28, 0x7C, 0x3E, 0x46, 0x87, 0xBC, 0x9D, + 0x77, 0x6B, 0x76, 0xD9, 0x28, 0xD1, 0xB6, 0x35, + 0x2E, 0xC0, 0x34, 0x7D, 0x72, 0x94, 0xAA, 0x93, + 0x60, 0x26, 0x8D, 0x26, 0xF5, 0xF6, 0x52, 0x06, + 0x4A, 0xF2, 0x40, 0xD7, 0xD0, 0x0C, 0x7C, 0x5E, + 0xA3, 0xC3, 0x2D, 0xE6, 0x2D, 0x9B, 0x5C, 0x4B, + 0x4C, 0xAB, 0x6F, 0xD7, 0xBD, 0x37, 0x1D, 0x57, + 0xC2, 0x16, 0x60, 0x95, 0x91, 0x0E, 0x4A, 0xD8, + 0xE9, 0xED, 0x18, 0x1E, 0xF7, 0x61, 0x93, 0x61, + 0x53, 0x89, 0x2D, 0x77, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x52, 0x6F, 0x6F, 0x74, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x01, 0x43, 0x41, 0x30, 0x30, + 0x30, 0x30, 0x30, 0x30, 0x30, 0x34, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x81, 0x12, 0x2A, 0x46, + 0xC9, 0xCC, 0x2D, 0xC4, 0xDF, 0x29, 0x30, 0xE4, + 0xDF, 0x3F, 0x8C, 0x70, 0xA0, 0x78, 0x94, 0x87, + 0x75, 0xAD, 0x5E, 0x9A, 0xA6, 0x04, 0xC5, 0xB4, + 0xD8, 0xEA, 0xFF, 0x2A, 0xA1, 0xD2, 0x14, 0x67, + 0x65, 0x64, 0xEF, 0xCA, 0x28, 0xCC, 0x00, 0x15, + 0x45, 0x54, 0xA1, 0xA3, 0xEA, 0x13, 0x79, 0xE9, + 0xE6, 0xCA, 0xAC, 0xED, 0x15, 0x93, 0xFE, 0x88, + 0xD8, 0x9A, 0xC6, 0xB8, 0xAC, 0xCC, 0xAB, 0x6E, + 0x20, 0x7C, 0xEB, 0x7C, 0xCA, 0x29, 0x80, 0x9E, + 0x29, 0x80, 0x44, 0x06, 0x62, 0xB7, 0xD4, 0x38, + 0x2A, 0x15, 0xDA, 0x43, 0x08, 0x57, 0x45, 0xA9, + 0xAA, 0xE5, 0x9A, 0xA0, 0x5B, 0xDB, 0x32, 0xF6, + 0x68, 0x69, 0xA2, 0xDD, 0x42, 0x95, 0x38, 0x6C, + 0x87, 0xEC, 0xDD, 0x35, 0x08, 0xA2, 0xCF, 0x60, + 0xD0, 0x1E, 0x23, 0xEC, 0x2F, 0xE6, 0x98, 0xF4, + 0x70, 0xD6, 0x00, 0x15, 0x49, 0xA2, 0xF0, 0x67, + 0x59, 0x13, 0x1E, 0x53, 0x4C, 0x70, 0x06, 0x05, + 0x7D, 0xEF, 0x1D, 0x18, 0xA8, 0x3F, 0x0A, 0xC7, + 0x9C, 0xFE, 0x80, 0xFF, 0x5A, 0x91, 0xF2, 0xBE, + 0xD4, 0xA0, 0x83, 0x70, 0x61, 0x19, 0x0A, 0x03, + 0x29, 0x90, 0x21, 0x65, 0x40, 0x3C, 0x9A, 0x90, + 0x8F, 0xB6, 0x15, 0x73, 0x9F, 0x3C, 0xE3, 0x3B, + 0xF1, 0xBA, 0xEA, 0x16, 0xC2, 0x5B, 0xCE, 0xD7, + 0x96, 0x3F, 0xAC, 0xC9, 0xD2, 0x4D, 0x9C, 0x0A, + 0xD7, 0x6F, 0xC0, 0x20, 0xB2, 0xC4, 0xB8, 0x4C, + 0x10, 0xA7, 0x41, 0xA2, 0xCC, 0x7D, 0x9B, 0xAC, + 0x3A, 0xAC, 0xCC, 0xA3, 0x52, 0x9B, 0xAC, 0x31, + 0x6A, 0x9A, 0xA7, 0x5D, 0x2A, 0x26, 0xC7, 0xD7, + 0xD2, 0x88, 0xCB, 0xA4, 0x66, 0xC5, 0xFE, 0x5F, + 0x45, 0x4A, 0xE6, 0x79, 0x74, 0x4A, 0x90, 0xA1, + 0x57, 0x72, 0xDB, 0x3B, 0x0E, 0x47, 0xA4, 0x9A, + 0xF0, 0x31, 0xD1, 0x6D, 0xBE, 0xAB, 0x33, 0x2B, + 0x00, 0x01, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 +}; + +static const unsigned char xs9_dpki_cert[0x300] = +{ + 0x00, 0x01, 0x00, 0x04, 0x63, 0x80, 0x5A, 0x35, + 0x1A, 0x43, 0x7B, 0xA2, 0x43, 0x19, 0xBB, 0x3A, + 0x77, 0x7B, 0x7A, 0xF3, 0x5E, 0x72, 0x4B, 0x15, + 0x0A, 0x06, 0x39, 0x6C, 0x5F, 0xEC, 0x38, 0x45, + 0xB1, 0x88, 0x76, 0x26, 0x8D, 0x5E, 0xDA, 0xE6, + 0x2F, 0x14, 0xBA, 0x02, 0xFA, 0xD6, 0xFC, 0x3B, + 0x2B, 0xBE, 0x87, 0x07, 0x63, 0x8E, 0x55, 0xBF, + 0x05, 0x5A, 0xFC, 0xFC, 0xB3, 0x47, 0x69, 0x11, + 0x89, 0xDB, 0x1C, 0xAF, 0x4B, 0x43, 0x76, 0x62, + 0x3E, 0x30, 0x89, 0x0A, 0x9D, 0x3B, 0xBB, 0x3E, + 0x50, 0xBD, 0xF7, 0xA6, 0xC0, 0xF7, 0xF8, 0xBB, + 0x0D, 0xB5, 0x6A, 0xBB, 0xC6, 0xC3, 0x50, 0xC8, + 0x88, 0xBB, 0x9D, 0xF0, 0x9B, 0xD1, 0x30, 0x64, + 0x60, 0x69, 0xDD, 0x34, 0x67, 0xA7, 0x00, 0xEB, + 0xDC, 0xF9, 0x8C, 0xB0, 0xF7, 0x93, 0x0E, 0x81, + 0xFE, 0x98, 0xD9, 0x72, 0x45, 0x8B, 0x94, 0x7E, + 0x59, 0xE2, 0xBE, 0x4E, 0x91, 0x2D, 0x75, 0xCA, + 0x1B, 0x8E, 0x2E, 0xF4, 0x6D, 0x73, 0xB1, 0x6B, + 0x35, 0xB5, 0x67, 0x0D, 0x63, 0x2D, 0x51, 0x38, + 0x53, 0x28, 0x19, 0x1D, 0x9D, 0xAE, 0x8D, 0xC6, + 0x61, 0xCC, 0xEF, 0xA4, 0xAB, 0xE2, 0xF3, 0xB0, + 0x4C, 0x7B, 0xE2, 0x71, 0xB5, 0xF9, 0x2C, 0xFA, + 0x55, 0xCD, 0x88, 0x8B, 0x72, 0xCC, 0xBE, 0x67, + 0xFA, 0xDF, 0xEF, 0x6B, 0x53, 0x3C, 0x45, 0xD8, + 0xCB, 0xDF, 0xB2, 0x76, 0x41, 0x46, 0xD6, 0xC2, + 0x6F, 0x27, 0x16, 0xC5, 0x07, 0xF3, 0xF4, 0x44, + 0x66, 0xA3, 0x15, 0xD2, 0x77, 0xF2, 0x89, 0xDA, + 0xFD, 0xD5, 0x50, 0xCF, 0xA4, 0x9B, 0xEA, 0xCA, + 0xC9, 0x7B, 0xE5, 0x46, 0x0E, 0xED, 0x9B, 0xFB, + 0x04, 0xA9, 0xDA, 0x19, 0x58, 0xD9, 0x2A, 0x20, + 0x8A, 0xAC, 0xC1, 0xF4, 0x8E, 0xE9, 0x14, 0xD8, + 0x8A, 0xD7, 0x41, 0xD5, 0x5B, 0x9B, 0x64, 0x22, + 0xD8, 0xAF, 0xAE, 0xC7, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x52, 0x6F, 0x6F, 0x74, 0x2D, 0x43, 0x41, 0x30, + 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x34, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x01, 0x58, 0x53, 0x30, 0x30, + 0x30, 0x30, 0x30, 0x30, 0x30, 0x39, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x18, 0xA3, 0x47, 0xA4, + 0xC0, 0x84, 0x4C, 0xEB, 0x7E, 0xB0, 0xCF, 0xF0, + 0xAE, 0xB7, 0x77, 0x69, 0x85, 0x93, 0xE4, 0x99, + 0x5A, 0x95, 0x4E, 0x58, 0x17, 0x38, 0xCE, 0xD6, + 0x81, 0xB0, 0xBD, 0x77, 0x09, 0xE7, 0xF8, 0x9A, + 0xDF, 0xAD, 0x05, 0x48, 0x83, 0xF6, 0xC3, 0xFD, + 0xDF, 0x7B, 0x83, 0xE0, 0x0C, 0x26, 0x81, 0x54, + 0x43, 0x29, 0xEA, 0x82, 0x6C, 0x89, 0xF0, 0xA6, + 0x74, 0x42, 0x86, 0x4D, 0x32, 0x60, 0x32, 0x7D, + 0xA7, 0x7A, 0x13, 0x40, 0x66, 0x59, 0xDA, 0x3E, + 0x41, 0x6B, 0x27, 0x94, 0x03, 0x4F, 0xAA, 0x22, + 0x9D, 0xD5, 0x54, 0x52, 0xDB, 0x27, 0x0A, 0x6A, + 0xA2, 0x3D, 0x19, 0xB1, 0x66, 0x1B, 0x19, 0x7D, + 0xAB, 0xC7, 0x0E, 0x88, 0x17, 0x91, 0xA1, 0x2A, + 0xB4, 0x3C, 0x6C, 0xCB, 0xF5, 0xAA, 0x7C, 0x3A, + 0xDD, 0x36, 0xFB, 0x35, 0x71, 0x7B, 0x20, 0x01, + 0x59, 0x00, 0xD6, 0xF6, 0x90, 0x39, 0x35, 0x41, + 0x31, 0xF8, 0xC1, 0xC0, 0x57, 0x3A, 0x35, 0x18, + 0x58, 0x90, 0xB1, 0xAD, 0x9A, 0x0E, 0xEC, 0xE0, + 0xF4, 0x7A, 0x7D, 0xA5, 0x27, 0x48, 0xC9, 0x72, + 0xAB, 0x0D, 0x08, 0x7B, 0x62, 0x35, 0x40, 0x91, + 0x14, 0x2B, 0xB1, 0x1D, 0x1A, 0xFA, 0xF9, 0xCD, + 0x5C, 0x17, 0x13, 0x53, 0x52, 0x71, 0xCA, 0xE2, + 0x2A, 0x78, 0xB1, 0x7F, 0x4A, 0xCD, 0x59, 0xD8, + 0xBA, 0x1D, 0x7D, 0x70, 0x5F, 0x78, 0x1B, 0x9F, + 0x9D, 0x37, 0x18, 0x8E, 0xD7, 0xCD, 0x0D, 0x49, + 0x57, 0x74, 0x69, 0x88, 0x3A, 0x6B, 0x8E, 0x4E, + 0x1B, 0x85, 0xDD, 0xBE, 0x39, 0x45, 0x05, 0x89, + 0x56, 0x12, 0x97, 0x59, 0x9A, 0x09, 0xA4, 0xC8, + 0x2D, 0x2F, 0xF5, 0xCF, 0xB4, 0x73, 0x70, 0xDB, + 0x58, 0x1E, 0xB2, 0x4E, 0x77, 0x6F, 0xA4, 0x7E, + 0x62, 0xDF, 0xB7, 0x05, 0xE8, 0x80, 0x42, 0x5C, + 0xB8, 0x78, 0x87, 0x97, 0x7F, 0x66, 0x2C, 0x5F, + 0x00, 0x01, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 +}; + +static const unsigned char cpA_dpki_cert[0x300] = +{ + 0x00, 0x01, 0x00, 0x04, 0x50, 0x05, 0xD7, 0x5E, + 0x6D, 0xDE, 0xB8, 0x78, 0x3C, 0x81, 0xE9, 0xEF, + 0x0D, 0x17, 0xCD, 0x58, 0xF5, 0x94, 0x26, 0xA3, + 0xFD, 0x6F, 0x69, 0x90, 0xE8, 0xF8, 0x32, 0x87, + 0x12, 0x2E, 0xC2, 0x5C, 0xA1, 0x4B, 0x99, 0x24, + 0x23, 0x37, 0xBA, 0x91, 0xA7, 0x5B, 0x0F, 0x7C, + 0x59, 0xFB, 0xF7, 0xD1, 0x89, 0x27, 0x22, 0xC4, + 0xE6, 0xAF, 0xC7, 0xDE, 0xC7, 0x4A, 0x6E, 0x00, + 0x7F, 0x43, 0x4A, 0x88, 0x8A, 0x82, 0x15, 0xE8, + 0xDF, 0x2B, 0x52, 0xED, 0x42, 0x00, 0xBC, 0x69, + 0xB4, 0xDA, 0x7F, 0xEB, 0x74, 0x6C, 0x7A, 0x2D, + 0x96, 0x56, 0x5B, 0x45, 0x59, 0x7B, 0x8F, 0xAE, + 0xB1, 0x6B, 0xDC, 0x76, 0xC1, 0xC8, 0x0C, 0x47, + 0xF5, 0x0D, 0xA9, 0xC3, 0xE1, 0xFE, 0x28, 0x50, + 0x1C, 0x26, 0xA2, 0xD1, 0x54, 0x4B, 0xD1, 0x60, + 0x4A, 0x9E, 0x8F, 0x32, 0x2A, 0xEF, 0x31, 0x5F, + 0xEA, 0x48, 0x22, 0x67, 0x22, 0xB7, 0xCB, 0x37, + 0x2F, 0xF3, 0x5F, 0x5E, 0x61, 0x6A, 0x53, 0x44, + 0xA5, 0x85, 0xE5, 0xA0, 0x8A, 0x2E, 0x17, 0x77, + 0x57, 0x2B, 0x7A, 0x9A, 0xF7, 0xD2, 0xD8, 0xC4, + 0x9C, 0xD0, 0xA0, 0x54, 0xBF, 0x8A, 0x9D, 0xB4, + 0x9F, 0xC6, 0x60, 0x61, 0x7C, 0xB8, 0x35, 0x4E, + 0x25, 0x7F, 0x68, 0x68, 0x2F, 0x94, 0xB3, 0xCC, + 0x53, 0x8C, 0x42, 0x6F, 0x88, 0xC5, 0x48, 0x5C, + 0xBE, 0xC1, 0xD0, 0x48, 0x04, 0x74, 0x96, 0x5A, + 0x7E, 0x82, 0x59, 0xAA, 0x9F, 0xB6, 0x61, 0x46, + 0xCE, 0x59, 0x21, 0xC6, 0xF0, 0xC1, 0x75, 0x1F, + 0x21, 0x91, 0x7F, 0x24, 0x96, 0xCB, 0x0C, 0x70, + 0x15, 0x7A, 0xB7, 0xBB, 0x3A, 0x9F, 0x57, 0x56, + 0x56, 0x5C, 0x38, 0x92, 0x2E, 0xFD, 0xC8, 0xF1, + 0x70, 0xB9, 0xAE, 0xA1, 0xAE, 0x36, 0xF5, 0x5E, + 0x35, 0x26, 0x63, 0x0A, 0xBA, 0xB2, 0x05, 0x0F, + 0xF0, 0x0C, 0xDC, 0xBB, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x52, 0x6F, 0x6F, 0x74, 0x2D, 0x43, 0x41, 0x30, + 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x34, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x01, 0x43, 0x50, 0x30, 0x30, + 0x30, 0x30, 0x30, 0x30, 0x30, 0x61, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x18, 0xA3, 0x4D, 0x5B, + 0xAA, 0x7F, 0x93, 0x80, 0x28, 0x9B, 0xE8, 0x98, + 0x63, 0x10, 0x7A, 0xE1, 0x0C, 0x59, 0x2C, 0x2F, + 0x7C, 0xFF, 0xBD, 0xAA, 0xDD, 0x74, 0xF4, 0xA2, + 0xFB, 0xAC, 0xD7, 0x6F, 0x00, 0x93, 0x42, 0x06, + 0x34, 0x71, 0x56, 0xD8, 0x40, 0x49, 0x72, 0x9F, + 0x3E, 0x24, 0xFA, 0x5E, 0x19, 0xD1, 0x5B, 0x63, + 0x5C, 0xD2, 0xEF, 0x09, 0xDE, 0x32, 0xEE, 0x6B, + 0x6F, 0xC8, 0xFA, 0x32, 0x8E, 0x2E, 0x96, 0xB9, + 0x94, 0x41, 0x04, 0x7D, 0x07, 0x62, 0x95, 0xDA, + 0x0D, 0x91, 0xD8, 0x09, 0x35, 0xD0, 0xDE, 0x8E, + 0x6B, 0xC6, 0xAB, 0x14, 0x27, 0x01, 0x9C, 0xFE, + 0x49, 0x96, 0xFC, 0x9B, 0x54, 0x79, 0x4D, 0xEB, + 0xD7, 0xC6, 0x66, 0x73, 0xA6, 0xDD, 0x3A, 0x77, + 0x65, 0x47, 0x94, 0xEC, 0x1C, 0x87, 0xAA, 0x46, + 0xD9, 0x78, 0xA9, 0x7D, 0xDB, 0x11, 0x22, 0x6E, + 0xD4, 0x12, 0xC2, 0x78, 0x4B, 0x21, 0x83, 0x92, + 0xC7, 0x10, 0xC7, 0x74, 0x19, 0xFF, 0xAA, 0xF6, + 0x0B, 0x75, 0xD8, 0x23, 0xDD, 0x33, 0xC3, 0xA1, + 0x5B, 0xA7, 0x2D, 0x30, 0xA5, 0xA4, 0xD8, 0xF8, + 0x0F, 0xD6, 0x73, 0xFD, 0x26, 0xCB, 0x29, 0xA6, + 0xEF, 0x50, 0x39, 0xE2, 0x5F, 0x59, 0x61, 0x84, + 0x6B, 0xDA, 0x2E, 0xC7, 0xCB, 0xE4, 0x38, 0x4B, + 0x28, 0xFB, 0x0D, 0xD5, 0x8E, 0x7C, 0xAA, 0x7D, + 0x4B, 0x37, 0x3A, 0xD7, 0x81, 0xDD, 0x73, 0xE3, + 0x09, 0x93, 0xBD, 0xBD, 0x7E, 0x08, 0x55, 0x4A, + 0x8C, 0xA5, 0xC9, 0x84, 0x2D, 0x71, 0x01, 0xA2, + 0x2A, 0x01, 0xB0, 0x15, 0xFB, 0x30, 0x78, 0xB9, + 0x13, 0xF4, 0xC7, 0x3F, 0xB5, 0xA6, 0xF1, 0xA2, + 0x5E, 0x22, 0xB0, 0x02, 0xB6, 0xE0, 0x09, 0x54, + 0x7F, 0x0F, 0xBD, 0xF0, 0xFE, 0xA5, 0x50, 0x1D, + 0x93, 0x15, 0xF9, 0x3D, 0x83, 0x0F, 0x0F, 0x0E, + 0x3D, 0xE2, 0x3D, 0x96, 0xE7, 0x09, 0xD9, 0x77, + 0x00, 0x01, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 +}; + +#endif \ No newline at end of file diff --git a/keys_retail.h b/keys_retail.h new file mode 100644 index 0000000..ecf86ce --- /dev/null +++ b/keys_retail.h @@ -0,0 +1,557 @@ +#ifndef _KEYS_RETAIL_H_ +#define _KEYS_RETAIL_H_ + +// AES KEYS +static const unsigned char zeros_fixed_aesKey[16] = //zeros_fixed_aesKey +{ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 +}; + +// RSA KEYS +static const unsigned char cert_root_rsa_pubk[0x200] = +{ + 0xF8, 0x24, 0x6C, 0x58, 0xBA, 0xE7, 0x50, 0x03, + 0x01, 0xFB, 0xB7, 0xC2, 0xEB, 0xE0, 0x01, 0x05, + 0x71, 0xDA, 0x92, 0x23, 0x78, 0xF0, 0x51, 0x4E, + 0xC0, 0x03, 0x1D, 0xD0, 0xD2, 0x1E, 0xD3, 0xD0, + 0x7E, 0xFC, 0x85, 0x20, 0x69, 0xB5, 0xDE, 0x9B, + 0xB9, 0x51, 0xA8, 0xBC, 0x90, 0xA2, 0x44, 0x92, + 0x6D, 0x37, 0x92, 0x95, 0xAE, 0x94, 0x36, 0xAA, + 0xA6, 0xA3, 0x02, 0x51, 0x0C, 0x7B, 0x1D, 0xED, + 0xD5, 0xFB, 0x20, 0x86, 0x9D, 0x7F, 0x30, 0x16, + 0xF6, 0xBE, 0x65, 0xD3, 0x83, 0xA1, 0x6D, 0xB3, + 0x32, 0x1B, 0x95, 0x35, 0x18, 0x90, 0xB1, 0x70, + 0x02, 0x93, 0x7E, 0xE1, 0x93, 0xF5, 0x7E, 0x99, + 0xA2, 0x47, 0x4E, 0x9D, 0x38, 0x24, 0xC7, 0xAE, + 0xE3, 0x85, 0x41, 0xF5, 0x67, 0xE7, 0x51, 0x8C, + 0x7A, 0x0E, 0x38, 0xE7, 0xEB, 0xAF, 0x41, 0x19, + 0x1B, 0xCF, 0xF1, 0x7B, 0x42, 0xA6, 0xB4, 0xED, + 0xE6, 0xCE, 0x8D, 0xE7, 0x31, 0x8F, 0x7F, 0x52, + 0x04, 0xB3, 0x99, 0x0E, 0x22, 0x67, 0x45, 0xAF, + 0xD4, 0x85, 0xB2, 0x44, 0x93, 0x00, 0x8B, 0x08, + 0xC7, 0xF6, 0xB7, 0xE5, 0x6B, 0x02, 0xB3, 0xE8, + 0xFE, 0x0C, 0x9D, 0x85, 0x9C, 0xB8, 0xB6, 0x82, + 0x23, 0xB8, 0xAB, 0x27, 0xEE, 0x5F, 0x65, 0x38, + 0x07, 0x8B, 0x2D, 0xB9, 0x1E, 0x2A, 0x15, 0x3E, + 0x85, 0x81, 0x80, 0x72, 0xA2, 0x3B, 0x6D, 0xD9, + 0x32, 0x81, 0x05, 0x4F, 0x6F, 0xB0, 0xF6, 0xF5, + 0xAD, 0x28, 0x3E, 0xCA, 0x0B, 0x7A, 0xF3, 0x54, + 0x55, 0xE0, 0x3D, 0xA7, 0xB6, 0x83, 0x26, 0xF3, + 0xEC, 0x83, 0x4A, 0xF3, 0x14, 0x04, 0x8A, 0xC6, + 0xDF, 0x20, 0xD2, 0x85, 0x08, 0x67, 0x3C, 0xAB, + 0x62, 0xA2, 0xC7, 0xBC, 0x13, 0x1A, 0x53, 0x3E, + 0x0B, 0x66, 0x80, 0x6B, 0x1C, 0x30, 0x66, 0x4B, + 0x37, 0x23, 0x31, 0xBD, 0xC4, 0xB0, 0xCA, 0xD8, + 0xD1, 0x1E, 0xE7, 0xBB, 0xD9, 0x28, 0x55, 0x48, + 0xAA, 0xEC, 0x1F, 0x66, 0xE8, 0x21, 0xB3, 0xC8, + 0xA0, 0x47, 0x69, 0x00, 0xC5, 0xE6, 0x88, 0xE8, + 0x0C, 0xCE, 0x3C, 0x61, 0xD6, 0x9C, 0xBB, 0xA1, + 0x37, 0xC6, 0x60, 0x4F, 0x7A, 0x72, 0xDD, 0x8C, + 0x7B, 0x3E, 0x3D, 0x51, 0x29, 0x0D, 0xAA, 0x6A, + 0x59, 0x7B, 0x08, 0x1F, 0x9D, 0x36, 0x33, 0xA3, + 0x46, 0x7A, 0x35, 0x61, 0x09, 0xAC, 0xA7, 0xDD, + 0x7D, 0x2E, 0x2F, 0xB2, 0xC1, 0xAE, 0xB8, 0xE2, + 0x0F, 0x48, 0x92, 0xD8, 0xB9, 0xF8, 0xB4, 0x6F, + 0x4E, 0x3C, 0x11, 0xF4, 0xF4, 0x7D, 0x8B, 0x75, + 0x7D, 0xFE, 0xFE, 0xA3, 0x89, 0x9C, 0x33, 0x59, + 0x5C, 0x5E, 0xFD, 0xEB, 0xCB, 0xAB, 0xE8, 0x41, + 0x3E, 0x3A, 0x9A, 0x80, 0x3C, 0x69, 0x35, 0x6E, + 0xB2, 0xB2, 0xAD, 0x5C, 0xC4, 0xC8, 0x58, 0x45, + 0x5E, 0xF5, 0xF7, 0xB3, 0x06, 0x44, 0xB4, 0x7C, + 0x64, 0x06, 0x8C, 0xDF, 0x80, 0x9F, 0x76, 0x02, + 0x5A, 0x2D, 0xB4, 0x46, 0xE0, 0x3D, 0x7C, 0xF6, + 0x2F, 0x34, 0xE7, 0x02, 0x45, 0x7B, 0x02, 0xA4, + 0xCF, 0x5D, 0x9D, 0xD5, 0x3C, 0xA5, 0x3A, 0x7C, + 0xA6, 0x29, 0x78, 0x8C, 0x67, 0xCA, 0x08, 0xBF, + 0xEC, 0xCA, 0x43, 0xA9, 0x57, 0xAD, 0x16, 0xC9, + 0x4E, 0x1C, 0xD8, 0x75, 0xCA, 0x10, 0x7D, 0xCE, + 0x7E, 0x01, 0x18, 0xF0, 0xDF, 0x6B, 0xFE, 0xE5, + 0x1D, 0xDB, 0xD9, 0x91, 0xC2, 0x6E, 0x60, 0xCD, + 0x48, 0x58, 0xAA, 0x59, 0x2C, 0x82, 0x00, 0x75, + 0xF2, 0x9F, 0x52, 0x6C, 0x91, 0x7C, 0x6F, 0xE5, + 0x40, 0x3E, 0xA7, 0xD4, 0xA5, 0x0C, 0xEC, 0x3B, + 0x73, 0x84, 0xDE, 0x88, 0x6E, 0x82, 0xD2, 0xEB, + 0x4D, 0x4E, 0x42, 0xB5, 0xF2, 0xB1, 0x49, 0xA8, + 0x1E, 0xA7, 0xCE, 0x71, 0x44, 0xDC, 0x29, 0x94, + 0xCF, 0xC4, 0x4E, 0x1F, 0x91, 0xCB, 0xD4, 0x95 +}; + +static const unsigned char AccessDesc_pubMod[0x100] = +{ + 0xB1, 0xE3, 0xE3, 0x5F, 0x01, 0x39, 0x80, 0xD1, + 0x56, 0x78, 0x9D, 0xB7, 0x06, 0xF7, 0x1D, 0xBF, + 0x3E, 0x22, 0x76, 0xED, 0xF9, 0x5D, 0xA2, 0x36, + 0xB6, 0x30, 0x61, 0x05, 0x96, 0xD3, 0x00, 0xB9, + 0xED, 0xF1, 0xD7, 0xE0, 0x1D, 0xA0, 0x4F, 0xB7, + 0xCF, 0x5A, 0x19, 0x87, 0x75, 0x49, 0x88, 0x40, + 0xED, 0xE3, 0x6F, 0x7C, 0x90, 0x4A, 0x64, 0x45, + 0x98, 0xD7, 0x04, 0xB9, 0x5A, 0x6B, 0x45, 0xAA, + 0x7E, 0x94, 0xC0, 0xB3, 0xB7, 0xDB, 0x7B, 0x66, + 0x59, 0x20, 0xB7, 0x08, 0xE2, 0xF3, 0x83, 0xA3, + 0x7F, 0xE3, 0x20, 0x21, 0xA0, 0xEB, 0xB7, 0x28, + 0x0F, 0xF3, 0x2B, 0x15, 0xA4, 0xC9, 0xD0, 0xAB, + 0x89, 0x39, 0x99, 0x7E, 0x76, 0x5F, 0x9E, 0x4D, + 0x1E, 0x01, 0x22, 0x8D, 0x74, 0xA6, 0xEB, 0x9A, + 0xA3, 0x9D, 0x45, 0xE5, 0x10, 0x61, 0x6E, 0x20, + 0xFD, 0x23, 0x75, 0xC0, 0xC5, 0x05, 0x03, 0xC5, + 0x4C, 0x02, 0x4F, 0x54, 0x4B, 0x57, 0x08, 0xB4, + 0x46, 0xC3, 0x2C, 0xF1, 0xF9, 0x52, 0x6C, 0xCD, + 0x14, 0x55, 0xA8, 0x55, 0x92, 0x6D, 0xE2, 0x4A, + 0x41, 0x46, 0xEB, 0x08, 0xC5, 0xF3, 0xB4, 0x8D, + 0x0D, 0x5E, 0x21, 0xEA, 0xAF, 0x4D, 0x27, 0x4D, + 0xDE, 0x77, 0x93, 0x97, 0xE2, 0xC7, 0x6B, 0x66, + 0x1F, 0xDB, 0x2D, 0x6E, 0xA9, 0x5F, 0x61, 0x14, + 0x17, 0x7B, 0x2B, 0x66, 0x5A, 0xB5, 0x01, 0x89, + 0xF2, 0x23, 0x75, 0x25, 0x25, 0x9C, 0x86, 0x9A, + 0x89, 0xFF, 0x64, 0x1D, 0x5B, 0xCE, 0xD7, 0x7E, + 0x3F, 0x2D, 0xA8, 0xDA, 0xB5, 0x5A, 0xC5, 0x5F, + 0x59, 0x20, 0xB0, 0xED, 0x1C, 0x91, 0xFF, 0xA3, + 0x27, 0xB8, 0x8E, 0xCF, 0x82, 0x15, 0xE5, 0x49, + 0xEF, 0xE4, 0x58, 0xE1, 0x5F, 0x8F, 0x53, 0xB9, + 0x33, 0x2A, 0x56, 0x24, 0xAA, 0xA1, 0xD3, 0x6E, + 0x47, 0x1A, 0x63, 0x44, 0x19, 0xB3, 0x8E, 0xA5 +}; + +static const unsigned char RetailNcsdCfa_pubMod[0x100] = +{ + 0xFB, 0xDE, 0xB8, 0x2B, 0x40, 0x93, 0x0F, 0xF6, + 0xB1, 0x9A, 0x08, 0x06, 0x1B, 0x86, 0xFE, 0xD0, + 0xDF, 0x10, 0x79, 0x17, 0x3D, 0x8C, 0xE2, 0x7A, + 0xCE, 0x8F, 0x23, 0x45, 0xB9, 0x0A, 0x6D, 0xED, + 0x30, 0x0E, 0xC1, 0xA8, 0x92, 0xC4, 0xBD, 0x1A, + 0xCE, 0xA7, 0xAC, 0x77, 0xAA, 0x47, 0xE5, 0x20, + 0x4A, 0x44, 0x91, 0xDF, 0x1C, 0xFE, 0x86, 0x28, + 0x12, 0x2D, 0x66, 0xDF, 0xBE, 0xAD, 0x96, 0x61, + 0xED, 0xF2, 0xF7, 0x41, 0x7B, 0x57, 0x88, 0x6B, + 0x24, 0x1E, 0x7D, 0xEC, 0xBE, 0x98, 0x65, 0x65, + 0x36, 0x65, 0x99, 0xA9, 0xFE, 0x24, 0x67, 0x85, + 0x99, 0xEE, 0x2A, 0xAE, 0xEE, 0xB1, 0x81, 0x1A, + 0x22, 0xE3, 0x6D, 0x75, 0x6E, 0x21, 0xBC, 0xEF, + 0x11, 0x5C, 0x61, 0xAF, 0x0C, 0x30, 0x00, 0xB6, + 0xA2, 0x23, 0xED, 0xFE, 0x70, 0x15, 0xDA, 0x52, + 0xE1, 0xE6, 0x2D, 0xCE, 0x34, 0xE8, 0xAA, 0x4C, + 0xF1, 0xD6, 0x67, 0x56, 0x57, 0xD3, 0xDB, 0xC0, + 0x90, 0x49, 0x6F, 0x45, 0x73, 0x93, 0x4E, 0x30, + 0x30, 0x70, 0xF5, 0xC9, 0x8F, 0x31, 0x25, 0xF2, + 0xC2, 0xE7, 0x33, 0x7F, 0x4E, 0xB6, 0xF5, 0x2A, + 0xDF, 0x20, 0x00, 0xE5, 0x79, 0xB2, 0xD0, 0xF9, + 0x17, 0xF7, 0x7E, 0x16, 0x90, 0x40, 0x00, 0x57, + 0x91, 0x44, 0x78, 0xEF, 0x1C, 0xE0, 0x85, 0x09, + 0xDA, 0xF4, 0x14, 0x7E, 0x4B, 0xD7, 0x35, 0xD6, + 0x87, 0x54, 0x8F, 0x2A, 0xB5, 0xA7, 0x6F, 0x50, + 0xD0, 0xF7, 0xD1, 0xF1, 0x19, 0xC9, 0xAC, 0x22, + 0x7E, 0x05, 0x11, 0xF5, 0xF2, 0x6D, 0xEE, 0x92, + 0x27, 0x57, 0x5F, 0xE5, 0x15, 0x0D, 0x27, 0x68, + 0xBF, 0x52, 0x65, 0x74, 0x73, 0xA6, 0x58, 0x6D, + 0x79, 0x18, 0xAC, 0x31, 0xDD, 0xDD, 0x80, 0x8B, + 0x75, 0x24, 0xE1, 0x17, 0xE1, 0x95, 0x25, 0x16, + 0x29, 0xAB, 0x69, 0x69, 0xC8, 0x28, 0xEE, 0x5D +}; + +static const unsigned char Dummy_rsa_privExp[256] = //Dummy_rsa_privExp +{ + 0xE3, 0xC6, 0x76, 0x57, 0x2E, 0xCB, 0xA5, 0xE6, + 0x0C, 0x01, 0xBD, 0x5C, 0x32, 0x2D, 0x90, 0xE0, + 0xFF, 0x9A, 0x80, 0xE8, 0x66, 0x8D, 0x84, 0xDC, + 0xF7, 0x75, 0x5F, 0x3F, 0x98, 0x7C, 0x97, 0x40, + 0x20, 0x21, 0xB7, 0x24, 0xC0, 0x61, 0x2D, 0x83, + 0xB0, 0x91, 0x8E, 0xE3, 0xC2, 0xD0, 0x2C, 0xA1, + 0x2C, 0x99, 0x4F, 0x48, 0xF7, 0x4E, 0x13, 0xD3, + 0x01, 0x71, 0x25, 0x9B, 0x3C, 0x75, 0x7C, 0xC4, + 0xE5, 0x89, 0x7E, 0xDA, 0xF9, 0x99, 0x5C, 0x83, + 0xE4, 0xDD, 0x36, 0x62, 0x5B, 0x0E, 0x12, 0x91, + 0xD6, 0x39, 0x45, 0x69, 0x62, 0x20, 0xCA, 0xF4, + 0xBA, 0x6B, 0x28, 0x1A, 0x7C, 0xBF, 0xB9, 0x97, + 0x37, 0x46, 0xC2, 0x7A, 0xCF, 0x10, 0x68, 0xC2, + 0xC9, 0xF1, 0x48, 0xDA, 0x8A, 0x2F, 0x4C, 0xBC, + 0x3B, 0x1C, 0xB8, 0x8F, 0x04, 0x7F, 0xFD, 0x9D, + 0xE2, 0x0A, 0xD2, 0x09, 0x39, 0xC7, 0xD9, 0x81, + 0x59, 0x17, 0x73, 0xB2, 0xEC, 0xEB, 0x36, 0x67, + 0xA5, 0xA8, 0xD5, 0x71, 0xD9, 0x38, 0x6A, 0xD1, + 0x28, 0xB9, 0x46, 0x85, 0x3A, 0x81, 0x85, 0x4E, + 0x55, 0xA7, 0x74, 0x79, 0xBB, 0xC5, 0x97, 0xF7, + 0xEF, 0xE0, 0x81, 0x20, 0xE0, 0xEA, 0x45, 0x8F, + 0xED, 0x70, 0x8E, 0xD6, 0xFF, 0x49, 0xCF, 0x7F, + 0xF2, 0xFF, 0x22, 0x20, 0x3F, 0xE9, 0x92, 0x99, + 0xDE, 0x81, 0xD6, 0x27, 0xF7, 0xB8, 0x3A, 0x1D, + 0x4F, 0xA2, 0x50, 0xFB, 0xA5, 0xE7, 0x98, 0x08, + 0xB5, 0x2B, 0xA2, 0x94, 0xA9, 0x17, 0x1A, 0xA8, + 0x34, 0xF6, 0x5E, 0x24, 0x2D, 0x40, 0x2F, 0xCB, + 0x3C, 0xB0, 0xF8, 0x7E, 0x84, 0xB4, 0x87, 0x82, + 0x19, 0xAF, 0x87, 0xB6, 0xFA, 0xA9, 0x67, 0x27, + 0x07, 0x28, 0xBA, 0x2E, 0xA5, 0x8E, 0xDD, 0xE5, + 0xD4, 0xFD, 0x06, 0x09, 0xDF, 0xBD, 0x87, 0x95, + 0x95, 0x25, 0x05, 0x5E, 0xB2, 0x00, 0x18, 0x41 +}; + +static const unsigned char Dummy_rsa_pubMod[256] = //Dummy_rsa_pubMod +{ + 0xE6, 0x64, 0x06, 0x6C, 0x49, 0x6B, 0xEC, 0xEE, + 0x59, 0xAE, 0x11, 0x92, 0xF1, 0x03, 0x43, 0x87, + 0x8E, 0xEB, 0x4D, 0x70, 0xA9, 0x71, 0xB4, 0x6D, + 0x25, 0x19, 0x02, 0x4A, 0x9E, 0x4D, 0xA3, 0x10, + 0xFD, 0xB2, 0x27, 0x56, 0xA3, 0xFB, 0xDD, 0xE5, + 0xE4, 0x4E, 0xE0, 0x62, 0x8F, 0xC3, 0x2E, 0xEE, + 0x8F, 0x9D, 0x4D, 0x6E, 0x00, 0xDB, 0x88, 0x49, + 0xA2, 0xFC, 0x30, 0xFE, 0x94, 0xF3, 0x06, 0x92, + 0x75, 0x61, 0x11, 0x1D, 0x24, 0x07, 0xE9, 0x12, + 0xB6, 0xB1, 0x57, 0xF5, 0xDC, 0x01, 0xF7, 0x54, + 0xBF, 0xC3, 0xAC, 0x8C, 0x73, 0x2C, 0x73, 0x17, + 0x8E, 0xBF, 0x2F, 0x68, 0x3C, 0x61, 0x75, 0x32, + 0x15, 0x39, 0x93, 0xDD, 0xBA, 0x12, 0x42, 0xD3, + 0x25, 0x85, 0xFA, 0xA6, 0x4B, 0xAF, 0x81, 0x4B, + 0xCA, 0xD2, 0x9C, 0xF1, 0x3D, 0x37, 0xAE, 0xB9, + 0xFD, 0x77, 0x59, 0x78, 0xB9, 0x32, 0x95, 0x19, + 0xD1, 0x47, 0xE1, 0xC6, 0xE1, 0x16, 0x13, 0x5D, + 0xCC, 0x99, 0x31, 0x63, 0xAD, 0xBB, 0xA5, 0x4F, + 0xE4, 0x41, 0x67, 0xFD, 0x7F, 0x1E, 0xA8, 0x9A, + 0x35, 0x65, 0xEB, 0xC4, 0x4D, 0xD4, 0xC4, 0x29, + 0x0F, 0x40, 0x95, 0xFD, 0x8A, 0x30, 0x67, 0x79, + 0xFB, 0xD4, 0x76, 0x6F, 0xD1, 0xDE, 0x8C, 0x72, + 0x32, 0x05, 0x97, 0x5A, 0x26, 0x0D, 0x37, 0xCA, + 0x12, 0x2C, 0xDC, 0x14, 0x3F, 0xD3, 0x59, 0x00, + 0x66, 0xD2, 0x8E, 0xF5, 0x6E, 0x22, 0x08, 0x63, + 0x59, 0xB5, 0x3F, 0xBB, 0x3A, 0x4D, 0xD4, 0xD1, + 0xC1, 0x21, 0xA7, 0x4D, 0x02, 0x96, 0x08, 0xF5, + 0x2B, 0x11, 0xE5, 0x85, 0xD2, 0x6E, 0x91, 0xD6, + 0x8F, 0x77, 0x72, 0xEF, 0x37, 0xE3, 0x79, 0x19, + 0xA9, 0xEE, 0x58, 0x5D, 0x52, 0x9B, 0x2D, 0x47, + 0x7D, 0x27, 0xB8, 0xC3, 0x76, 0xCA, 0xDA, 0xC2, + 0xF4, 0xFC, 0xF4, 0x53, 0x7C, 0xD8, 0x43, 0x87 +}; + +//Certificates +static const unsigned char ca3_dpki_cert[0x400] = +{ + 0x00, 0x01, 0x00, 0x03, 0x70, 0x41, 0x38, 0xEF, + 0xBB, 0xBD, 0xA1, 0x6A, 0x98, 0x7D, 0xD9, 0x01, + 0x32, 0x6D, 0x1C, 0x94, 0x59, 0x48, 0x4C, 0x88, + 0xA2, 0x86, 0x1B, 0x91, 0xA3, 0x12, 0x58, 0x7A, + 0xE7, 0x0E, 0xF6, 0x23, 0x7E, 0xC5, 0x0E, 0x10, + 0x32, 0xDC, 0x39, 0xDD, 0xE8, 0x9A, 0x96, 0xA8, + 0xE8, 0x59, 0xD7, 0x6A, 0x98, 0xA6, 0xE7, 0xE3, + 0x6A, 0x0C, 0xFE, 0x35, 0x2C, 0xA8, 0x93, 0x05, + 0x82, 0x34, 0xFF, 0x83, 0x3F, 0xCB, 0x3B, 0x03, + 0x81, 0x1E, 0x9F, 0x0D, 0xC0, 0xD9, 0xA5, 0x2F, + 0x80, 0x45, 0xB4, 0xB2, 0xF9, 0x41, 0x1B, 0x67, + 0xA5, 0x1C, 0x44, 0xB5, 0xEF, 0x8C, 0xE7, 0x7B, + 0xD6, 0xD5, 0x6B, 0xA7, 0x57, 0x34, 0xA1, 0x85, + 0x6D, 0xE6, 0xD4, 0xBE, 0xD6, 0xD3, 0xA2, 0x42, + 0xC7, 0xC8, 0x79, 0x1B, 0x34, 0x22, 0x37, 0x5E, + 0x5C, 0x77, 0x9A, 0xBF, 0x07, 0x2F, 0x76, 0x95, + 0xEF, 0xA0, 0xF7, 0x5B, 0xCB, 0x83, 0x78, 0x9F, + 0xC3, 0x0E, 0x3F, 0xE4, 0xCC, 0x83, 0x92, 0x20, + 0x78, 0x40, 0x63, 0x89, 0x49, 0xC7, 0xF6, 0x88, + 0x56, 0x5F, 0x64, 0x9B, 0x74, 0xD6, 0x3D, 0x8D, + 0x58, 0xFF, 0xAD, 0xDA, 0x57, 0x1E, 0x95, 0x54, + 0x42, 0x6B, 0x13, 0x18, 0xFC, 0x46, 0x89, 0x83, + 0xD4, 0xC8, 0xA5, 0x62, 0x8B, 0x06, 0xB6, 0xFC, + 0x5D, 0x50, 0x7C, 0x13, 0xE7, 0xA1, 0x8A, 0xC1, + 0x51, 0x1E, 0xB6, 0xD6, 0x2E, 0xA5, 0x44, 0x8F, + 0x83, 0x50, 0x14, 0x47, 0xA9, 0xAF, 0xB3, 0xEC, + 0xC2, 0x90, 0x3C, 0x9D, 0xD5, 0x2F, 0x92, 0x2A, + 0xC9, 0xAC, 0xDB, 0xEF, 0x58, 0xC6, 0x02, 0x18, + 0x48, 0xD9, 0x6E, 0x20, 0x87, 0x32, 0xD3, 0xD1, + 0xD9, 0xD9, 0xEA, 0x44, 0x0D, 0x91, 0x62, 0x1C, + 0x7A, 0x99, 0xDB, 0x88, 0x43, 0xC5, 0x9C, 0x1F, + 0x2E, 0x2C, 0x7D, 0x9B, 0x57, 0x7D, 0x51, 0x2C, + 0x16, 0x6D, 0x6F, 0x7E, 0x1A, 0xAD, 0x4A, 0x77, + 0x4A, 0x37, 0x44, 0x7E, 0x78, 0xFE, 0x20, 0x21, + 0xE1, 0x4A, 0x95, 0xD1, 0x12, 0xA0, 0x68, 0xAD, + 0xA0, 0x19, 0xF4, 0x63, 0xC7, 0xA5, 0x56, 0x85, + 0xAA, 0xBB, 0x68, 0x88, 0xB9, 0x24, 0x64, 0x83, + 0xD1, 0x8B, 0x9C, 0x80, 0x6F, 0x47, 0x49, 0x18, + 0x33, 0x17, 0x82, 0x34, 0x4A, 0x4B, 0x85, 0x31, + 0x33, 0x4B, 0x26, 0x30, 0x32, 0x63, 0xD9, 0xD2, + 0xEB, 0x4F, 0x4B, 0xB9, 0x96, 0x02, 0xB3, 0x52, + 0xF6, 0xAE, 0x40, 0x46, 0xC6, 0x9A, 0x5E, 0x7E, + 0x8E, 0x4A, 0x18, 0xEF, 0x9B, 0xC0, 0xA2, 0xDE, + 0xD6, 0x13, 0x10, 0x41, 0x70, 0x12, 0xFD, 0x82, + 0x4C, 0xC1, 0x16, 0xCF, 0xB7, 0xC4, 0xC1, 0xF7, + 0xEC, 0x71, 0x77, 0xA1, 0x74, 0x46, 0xCB, 0xDE, + 0x96, 0xF3, 0xED, 0xD8, 0x8F, 0xCD, 0x05, 0x2F, + 0x0B, 0x88, 0x8A, 0x45, 0xFD, 0xAF, 0x2B, 0x63, + 0x13, 0x54, 0xF4, 0x0D, 0x16, 0xE5, 0xFA, 0x9C, + 0x2C, 0x4E, 0xDA, 0x98, 0xE7, 0x98, 0xD1, 0x5E, + 0x60, 0x46, 0xDC, 0x53, 0x63, 0xF3, 0x09, 0x6B, + 0x2C, 0x60, 0x7A, 0x9D, 0x8D, 0xD5, 0x5B, 0x15, + 0x02, 0xA6, 0xAC, 0x7D, 0x3C, 0xC8, 0xD8, 0xC5, + 0x75, 0x99, 0x8E, 0x7D, 0x79, 0x69, 0x10, 0xC8, + 0x04, 0xC4, 0x95, 0x23, 0x50, 0x57, 0xE9, 0x1E, + 0xCD, 0x26, 0x37, 0xC9, 0xC1, 0x84, 0x51, 0x51, + 0xAC, 0x6B, 0x9A, 0x04, 0x90, 0xAE, 0x3E, 0xC6, + 0xF4, 0x77, 0x40, 0xA0, 0xDB, 0x0B, 0xA3, 0x6D, + 0x07, 0x59, 0x56, 0xCE, 0xE7, 0x35, 0x4E, 0xA3, + 0xE9, 0xA4, 0xF2, 0x72, 0x0B, 0x26, 0x55, 0x0C, + 0x7D, 0x39, 0x43, 0x24, 0xBC, 0x0C, 0xB7, 0xE9, + 0x31, 0x7D, 0x8A, 0x86, 0x61, 0xF4, 0x21, 0x91, + 0xFF, 0x10, 0xB0, 0x82, 0x56, 0xCE, 0x3F, 0xD2, + 0x5B, 0x74, 0x5E, 0x51, 0x94, 0x90, 0x6B, 0x4D, + 0x61, 0xCB, 0x4C, 0x2E, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x52, 0x6F, 0x6F, 0x74, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x01, 0x43, 0x41, 0x30, 0x30, + 0x30, 0x30, 0x30, 0x30, 0x30, 0x33, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x7B, 0xE8, 0xEF, 0x6C, + 0xB2, 0x79, 0xC9, 0xE2, 0xEE, 0xE1, 0x21, 0xC6, + 0xEA, 0xF4, 0x4F, 0xF6, 0x39, 0xF8, 0x8F, 0x07, + 0x8B, 0x4B, 0x77, 0xED, 0x9F, 0x95, 0x60, 0xB0, + 0x35, 0x82, 0x81, 0xB5, 0x0E, 0x55, 0xAB, 0x72, + 0x11, 0x15, 0xA1, 0x77, 0x70, 0x3C, 0x7A, 0x30, + 0xFE, 0x3A, 0xE9, 0xEF, 0x1C, 0x60, 0xBC, 0x1D, + 0x97, 0x46, 0x76, 0xB2, 0x3A, 0x68, 0xCC, 0x04, + 0xB1, 0x98, 0x52, 0x5B, 0xC9, 0x68, 0xF1, 0x1D, + 0xE2, 0xDB, 0x50, 0xE4, 0xD9, 0xE7, 0xF0, 0x71, + 0xE5, 0x62, 0xDA, 0xE2, 0x09, 0x22, 0x33, 0xE9, + 0xD3, 0x63, 0xF6, 0x1D, 0xD7, 0xC1, 0x9F, 0xF3, + 0xA4, 0xA9, 0x1E, 0x8F, 0x65, 0x53, 0xD4, 0x71, + 0xDD, 0x7B, 0x84, 0xB9, 0xF1, 0xB8, 0xCE, 0x73, + 0x35, 0xF0, 0xF5, 0x54, 0x05, 0x63, 0xA1, 0xEA, + 0xB8, 0x39, 0x63, 0xE0, 0x9B, 0xE9, 0x01, 0x01, + 0x1F, 0x99, 0x54, 0x63, 0x61, 0x28, 0x70, 0x20, + 0xE9, 0xCC, 0x0D, 0xAB, 0x48, 0x7F, 0x14, 0x0D, + 0x66, 0x26, 0xA1, 0x83, 0x6D, 0x27, 0x11, 0x1F, + 0x20, 0x68, 0xDE, 0x47, 0x72, 0x14, 0x91, 0x51, + 0xCF, 0x69, 0xC6, 0x1B, 0xA6, 0x0E, 0xF9, 0xD9, + 0x49, 0xA0, 0xF7, 0x1F, 0x54, 0x99, 0xF2, 0xD3, + 0x9A, 0xD2, 0x8C, 0x70, 0x05, 0x34, 0x82, 0x93, + 0xC4, 0x31, 0xFF, 0xBD, 0x33, 0xF6, 0xBC, 0xA6, + 0x0D, 0xC7, 0x19, 0x5E, 0xA2, 0xBC, 0xC5, 0x6D, + 0x20, 0x0B, 0xAF, 0x6D, 0x06, 0xD0, 0x9C, 0x41, + 0xDB, 0x8D, 0xE9, 0xC7, 0x20, 0x15, 0x4C, 0xA4, + 0x83, 0x2B, 0x69, 0xC0, 0x8C, 0x69, 0xCD, 0x3B, + 0x07, 0x3A, 0x00, 0x63, 0x60, 0x2F, 0x46, 0x2D, + 0x33, 0x80, 0x61, 0xA5, 0xEA, 0x6C, 0x91, 0x5C, + 0xD5, 0x62, 0x35, 0x79, 0xC3, 0xEB, 0x64, 0xCE, + 0x44, 0xEF, 0x58, 0x6D, 0x14, 0xBA, 0xAA, 0x88, + 0x34, 0x01, 0x9B, 0x3E, 0xEB, 0xEE, 0xD3, 0x79, + 0x00, 0x01, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 +}; + +static const unsigned char xsC_dpki_cert[0x300] = +{ + 0x00, 0x01, 0x00, 0x04, 0x91, 0x9E, 0xBE, 0x46, + 0x4A, 0xD0, 0xF5, 0x52, 0xCD, 0x1B, 0x72, 0xE7, + 0x88, 0x49, 0x10, 0xCF, 0x55, 0xA9, 0xF0, 0x2E, + 0x50, 0x78, 0x96, 0x41, 0xD8, 0x96, 0x68, 0x3D, + 0xC0, 0x05, 0xBD, 0x0A, 0xEA, 0x87, 0x07, 0x9D, + 0x8A, 0xC2, 0x84, 0xC6, 0x75, 0x06, 0x5F, 0x74, + 0xC8, 0xBF, 0x37, 0xC8, 0x80, 0x44, 0x40, 0x95, + 0x02, 0xA0, 0x22, 0x98, 0x0B, 0xB8, 0xAD, 0x48, + 0x38, 0x3F, 0x6D, 0x28, 0xA7, 0x9D, 0xE3, 0x96, + 0x26, 0xCC, 0xB2, 0xB2, 0x2A, 0x0F, 0x19, 0xE4, + 0x10, 0x32, 0xF0, 0x94, 0xB3, 0x9F, 0xF0, 0x13, + 0x31, 0x46, 0xDE, 0xC8, 0xF6, 0xC1, 0xA9, 0xD5, + 0x5C, 0xD2, 0x8D, 0x9E, 0x1C, 0x47, 0xB3, 0xD1, + 0x1F, 0x4F, 0x54, 0x26, 0xC2, 0xC7, 0x80, 0x13, + 0x5A, 0x27, 0x75, 0xD3, 0xCA, 0x67, 0x9B, 0xC7, + 0xE8, 0x34, 0xF0, 0xE0, 0xFB, 0x58, 0xE6, 0x88, + 0x60, 0xA7, 0x13, 0x30, 0xFC, 0x95, 0x79, 0x17, + 0x93, 0xC8, 0xFB, 0xA9, 0x35, 0xA7, 0xA6, 0x90, + 0x8F, 0x22, 0x9D, 0xEE, 0x2A, 0x0C, 0xA6, 0xB9, + 0xB2, 0x3B, 0x12, 0xD4, 0x95, 0xA6, 0xFE, 0x19, + 0xD0, 0xD7, 0x26, 0x48, 0x21, 0x68, 0x78, 0x60, + 0x5A, 0x66, 0x53, 0x8D, 0xBF, 0x37, 0x68, 0x99, + 0x90, 0x5D, 0x34, 0x45, 0xFC, 0x5C, 0x72, 0x7A, + 0x0E, 0x13, 0xE0, 0xE2, 0xC8, 0x97, 0x1C, 0x9C, + 0xFA, 0x6C, 0x60, 0x67, 0x88, 0x75, 0x73, 0x2A, + 0x4E, 0x75, 0x52, 0x3D, 0x2F, 0x56, 0x2F, 0x12, + 0xAA, 0xBD, 0x15, 0x73, 0xBF, 0x06, 0xC9, 0x40, + 0x54, 0xAE, 0xFA, 0x81, 0xA7, 0x14, 0x17, 0xAF, + 0x9A, 0x4A, 0x06, 0x6D, 0x0F, 0xFC, 0x5A, 0xD6, + 0x4B, 0xAB, 0x28, 0xB1, 0xFF, 0x60, 0x66, 0x1F, + 0x44, 0x37, 0xD4, 0x9E, 0x1E, 0x0D, 0x94, 0x12, + 0xEB, 0x4B, 0xCA, 0xCF, 0x4C, 0xFD, 0x6A, 0x34, + 0x08, 0x84, 0x79, 0x82, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x52, 0x6F, 0x6F, 0x74, 0x2D, 0x43, 0x41, 0x30, + 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x33, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x01, 0x58, 0x53, 0x30, 0x30, + 0x30, 0x30, 0x30, 0x30, 0x30, 0x63, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x13, 0x7A, 0x08, 0x94, + 0xAD, 0x50, 0x5B, 0xB6, 0xC6, 0x7E, 0x2E, 0x5B, + 0xDD, 0x6A, 0x3B, 0xEC, 0x43, 0xD9, 0x10, 0xC7, + 0x72, 0xE9, 0xCC, 0x29, 0x0D, 0xA5, 0x85, 0x88, + 0xB7, 0x7D, 0xCC, 0x11, 0x68, 0x0B, 0xB3, 0xE2, + 0x9F, 0x4E, 0xAB, 0xBB, 0x26, 0xE9, 0x8C, 0x26, + 0x01, 0x98, 0x5C, 0x04, 0x1B, 0xB1, 0x43, 0x78, + 0xE6, 0x89, 0x18, 0x1A, 0xAD, 0x77, 0x05, 0x68, + 0xE9, 0x28, 0xA2, 0xB9, 0x81, 0x67, 0xEE, 0x3E, + 0x10, 0xD0, 0x72, 0xBE, 0xEF, 0x1F, 0xA2, 0x2F, + 0xA2, 0xAA, 0x3E, 0x13, 0xF1, 0x1E, 0x18, 0x36, + 0xA9, 0x2A, 0x42, 0x81, 0xEF, 0x70, 0xAA, 0xF4, + 0xE4, 0x62, 0x99, 0x82, 0x21, 0xC6, 0xFB, 0xB9, + 0xBD, 0xD0, 0x17, 0xE6, 0xAC, 0x59, 0x04, 0x94, + 0xE9, 0xCE, 0xA9, 0x85, 0x9C, 0xEB, 0x2D, 0x2A, + 0x4C, 0x17, 0x66, 0xF2, 0xC3, 0x39, 0x12, 0xC5, + 0x8F, 0x14, 0xA8, 0x03, 0xE3, 0x6F, 0xCC, 0xDC, + 0xCC, 0xDC, 0x13, 0xFD, 0x7A, 0xE7, 0x7C, 0x7A, + 0x78, 0xD9, 0x97, 0xE6, 0xAC, 0xC3, 0x55, 0x57, + 0xE0, 0xD3, 0xE9, 0xEB, 0x64, 0xB4, 0x3C, 0x92, + 0xF4, 0xC5, 0x0D, 0x67, 0xA6, 0x02, 0xDE, 0xB3, + 0x91, 0xB0, 0x66, 0x61, 0xCD, 0x32, 0x88, 0x0B, + 0xD6, 0x49, 0x12, 0xAF, 0x1C, 0xBC, 0xB7, 0x16, + 0x2A, 0x06, 0xF0, 0x25, 0x65, 0xD3, 0xB0, 0xEC, + 0xE4, 0xFC, 0xEC, 0xDD, 0xAE, 0x8A, 0x49, 0x34, + 0xDB, 0x8E, 0xE6, 0x7F, 0x30, 0x17, 0x98, 0x62, + 0x21, 0x15, 0x5D, 0x13, 0x1C, 0x6C, 0x3F, 0x09, + 0xAB, 0x19, 0x45, 0xC2, 0x06, 0xAC, 0x70, 0xC9, + 0x42, 0xB3, 0x6F, 0x49, 0xA1, 0x18, 0x3B, 0xCD, + 0x78, 0xB6, 0xE4, 0xB4, 0x7C, 0x6C, 0x5C, 0xAC, + 0x0F, 0x8D, 0x62, 0xF8, 0x97, 0xC6, 0x95, 0x3D, + 0xD1, 0x2F, 0x28, 0xB7, 0x0C, 0x5B, 0x7D, 0xF7, + 0x51, 0x81, 0x9A, 0x98, 0x34, 0x65, 0x26, 0x25, + 0x00, 0x01, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 +}; + +static const unsigned char cpB_dpki_cert[0x300] = +{ + 0x00, 0x01, 0x00, 0x04, 0x2E, 0xA6, 0x6C, 0x66, + 0xCF, 0xF3, 0x35, 0x79, 0x7D, 0x04, 0x97, 0xB7, + 0x7A, 0x19, 0x7F, 0x9F, 0xE5, 0x1A, 0xB5, 0xA4, + 0x13, 0x75, 0xDC, 0x73, 0xFD, 0x9E, 0x0B, 0x10, + 0x66, 0x9B, 0x1B, 0x9A, 0x5B, 0x7E, 0x8A, 0xB2, + 0x8F, 0x01, 0xB6, 0x7B, 0x62, 0x54, 0xC1, 0x4A, + 0xA1, 0x33, 0x14, 0x18, 0xF2, 0x5B, 0xA5, 0x49, + 0x00, 0x4C, 0x37, 0x8D, 0xD7, 0x2F, 0x0C, 0xE6, + 0x3B, 0x1F, 0x70, 0x91, 0xAA, 0xFE, 0x38, 0x09, + 0xB7, 0xAC, 0x6C, 0x28, 0x76, 0xA6, 0x1D, 0x60, + 0x51, 0x6C, 0x43, 0xA6, 0x37, 0x29, 0x16, 0x2D, + 0x28, 0x0B, 0xE2, 0x1B, 0xE8, 0xE2, 0xFE, 0x05, + 0x7D, 0x8E, 0xB6, 0xE2, 0x04, 0x24, 0x22, 0x45, + 0x73, 0x1A, 0xB6, 0xFE, 0xE3, 0x0E, 0x53, 0x35, + 0x37, 0x3E, 0xEB, 0xA9, 0x70, 0xD5, 0x31, 0xBB, + 0xA2, 0xCB, 0x22, 0x2D, 0x96, 0x84, 0x38, 0x7D, + 0x5F, 0x2A, 0x1B, 0xF7, 0x52, 0x00, 0xCE, 0x06, + 0x56, 0xE3, 0x90, 0xCE, 0x19, 0x13, 0x5B, 0x59, + 0xE1, 0x4F, 0x0F, 0xA5, 0xC1, 0x28, 0x1A, 0x73, + 0x86, 0xCC, 0xD1, 0xC8, 0xEC, 0x3F, 0xAD, 0x70, + 0xFB, 0xCE, 0x74, 0xDE, 0xEE, 0x1F, 0xD0, 0x5F, + 0x46, 0x33, 0x0B, 0x51, 0xF9, 0xB7, 0x9E, 0x1D, + 0xDB, 0xF4, 0xE3, 0x3F, 0x14, 0x88, 0x9D, 0x05, + 0x28, 0x29, 0x24, 0xC5, 0xF5, 0xDC, 0x27, 0x66, + 0xEF, 0x06, 0x27, 0xD7, 0xEE, 0xDC, 0x73, 0x6E, + 0x67, 0xC2, 0xE5, 0xB9, 0x38, 0x34, 0x66, 0x80, + 0x72, 0x21, 0x6D, 0x1C, 0x78, 0xB8, 0x23, 0xA0, + 0x72, 0xD3, 0x4F, 0xF3, 0xEC, 0xF9, 0xBD, 0x11, + 0xA2, 0x9A, 0xF1, 0x6C, 0x33, 0xBD, 0x09, 0xAF, + 0xB2, 0xD7, 0x4D, 0x53, 0x4E, 0x02, 0x7C, 0x19, + 0x24, 0x0D, 0x59, 0x5A, 0x68, 0xEB, 0xB3, 0x05, + 0xAC, 0xC4, 0x4A, 0xB3, 0x8A, 0xB8, 0x20, 0xC6, + 0xD4, 0x26, 0x56, 0x0C, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x52, 0x6F, 0x6F, 0x74, 0x2D, 0x43, 0x41, 0x30, + 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x33, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x01, 0x43, 0x50, 0x30, 0x30, + 0x30, 0x30, 0x30, 0x30, 0x30, 0x62, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x13, 0x7A, 0x08, 0x0B, + 0xA6, 0x89, 0xC5, 0x90, 0xFD, 0x0B, 0x2F, 0x0D, + 0x4F, 0x56, 0xB6, 0x32, 0xFB, 0x93, 0x4E, 0xD0, + 0x73, 0x95, 0x17, 0xB3, 0x3A, 0x79, 0xDE, 0x04, + 0x0E, 0xE9, 0x2D, 0xC3, 0x1D, 0x37, 0xC7, 0xF7, + 0x3B, 0xF0, 0x4B, 0xD3, 0xE4, 0x4E, 0x20, 0xAB, + 0x5A, 0x6F, 0xEA, 0xF5, 0x98, 0x4C, 0xC1, 0xF6, + 0x06, 0x2E, 0x9A, 0x9F, 0xE5, 0x6C, 0x32, 0x85, + 0xDC, 0x6F, 0x25, 0xDD, 0xD5, 0xD0, 0xBF, 0x9F, + 0xE2, 0xEF, 0xE8, 0x35, 0xDF, 0x26, 0x34, 0xED, + 0x93, 0x7F, 0xAB, 0x02, 0x14, 0xD1, 0x04, 0x80, + 0x9C, 0xF7, 0x4B, 0x86, 0x0E, 0x6B, 0x04, 0x83, + 0xF4, 0xCD, 0x2D, 0xAB, 0x2A, 0x96, 0x02, 0xBC, + 0x56, 0xF0, 0xD6, 0xBD, 0x94, 0x6A, 0xED, 0x6E, + 0x0B, 0xE4, 0xF0, 0x8F, 0x26, 0x68, 0x6B, 0xD0, + 0x9E, 0xF7, 0xDB, 0x32, 0x5F, 0x82, 0xB1, 0x8F, + 0x6A, 0xF2, 0xED, 0x52, 0x5B, 0xFD, 0x82, 0x8B, + 0x65, 0x3F, 0xEE, 0x6E, 0xCE, 0x40, 0x0D, 0x5A, + 0x48, 0xFF, 0xE2, 0x2D, 0x53, 0x8B, 0xB5, 0x33, + 0x5B, 0x41, 0x53, 0x34, 0x2D, 0x43, 0x35, 0xAC, + 0xF5, 0x90, 0xD0, 0xD3, 0x0A, 0xE2, 0x04, 0x3C, + 0x7F, 0x5A, 0xD2, 0x14, 0xFC, 0x9C, 0x0F, 0xE6, + 0xFA, 0x40, 0xA5, 0xC8, 0x65, 0x06, 0xCA, 0x63, + 0x69, 0xBC, 0xEE, 0x44, 0xA3, 0x2D, 0x9E, 0x69, + 0x5C, 0xF0, 0x0B, 0x4F, 0xD7, 0x9A, 0xDB, 0x56, + 0x8D, 0x14, 0x9C, 0x20, 0x28, 0xA1, 0x4C, 0x9D, + 0x71, 0xB8, 0x50, 0xCA, 0x36, 0x5B, 0x37, 0xF7, + 0x0B, 0x65, 0x77, 0x91, 0xFC, 0x5D, 0x72, 0x8C, + 0x4E, 0x18, 0xFD, 0x22, 0x55, 0x7C, 0x40, 0x62, + 0xD7, 0x47, 0x71, 0x53, 0x3C, 0x70, 0x17, 0x9D, + 0x3D, 0xAE, 0x8F, 0x92, 0xB1, 0x17, 0xE4, 0x5C, + 0xB3, 0x32, 0xF3, 0xB3, 0xC2, 0xA2, 0x2E, 0x70, + 0x5C, 0xFE, 0xC6, 0x6F, 0x6D, 0xA3, 0x77, 0x2B, + 0x00, 0x01, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 +}; + +#endif \ No newline at end of file diff --git a/keyset.c b/keyset.c new file mode 100644 index 0000000..db089bf --- /dev/null +++ b/keyset.c @@ -0,0 +1,200 @@ +#include "lib.h" + +// Private Prototypes +int SetRsaKeySet(u8 **PrivDest, u8 *PrivSource, u8 **PubDest, u8 *PubSource); +int SetUnFixedKey(keys_struct *keys, u8 *UnFixedKey); + +int SetTIK_RsaKey(keys_struct *keys, u8 *PrivateExp, u8 *PublicMod); +int SetTMD_RsaKey(keys_struct *keys, u8 *PrivateExp, u8 *PublicMod); +int SetCFA_RsaKey(keys_struct *keys, u8 *PrivateExp, u8 *PublicMod); +int SetCCI_RsaKey(keys_struct *keys, u8 *PrivateExp, u8 *PublicMod); +int SetAccessDesc_RsaKey(keys_struct *keys, u8 *PrivateExp, u8 *PublicMod); +int SetCXI_RsaKey(keys_struct *keys, u8 *PrivateExp, u8 *PublicMod); + +int SetCaCert(keys_struct *keys, u8 *Cert); +int SetTikCert(keys_struct *keys, u8 *Cert); +int SetTmdCert(keys_struct *keys, u8 *Cert); + + +// Code +void InitKeys(keys_struct *keys) +{ + memset(keys,0,sizeof(keys_struct)); + +#ifdef RETAIL_FSIGN + /* AES Keys */ + // CIA + SetCommonKey(keys,(u8*)zeros_fixed_aesKey,1); + SetCurrentCommonKey(keys,1); + + // NCCH + keys->aes.NormalKey = (u8*)zeros_fixed_aesKey; + SetSystemFixedKey(keys,(u8*)zeros_fixed_aesKey); + + /* RSA Keys */ + // CIA + SetTIK_RsaKey(keys,(u8*)Dummy_rsa_privExp,(u8*)Dummy_rsa_pubMod); + SetTMD_RsaKey(keys,(u8*)Dummy_rsa_privExp,(u8*)Dummy_rsa_pubMod); + // CFA + SetCFA_RsaKey(keys,(u8*)Dummy_rsa_privExp,(u8*)Dummy_rsa_pubMod); + // CCI + SetCCI_RsaKey(keys,(u8*)Dummy_rsa_privExp,(u8*)Dummy_rsa_pubMod); + // CXI + SetAccessDesc_RsaKey(keys,(u8*)Dummy_rsa_privExp,(u8*)Dummy_rsa_pubMod); + + /* Certs */ + SetCaCert(keys,(u8*)ca3_dpki_cert); + SetTikCert(keys,(u8*)xsC_dpki_cert); + SetTmdCert(keys,(u8*)cpB_dpki_cert); +#else // DEBUG KEYS + /* AES Keys */ + // CIA + SetCommonKey(keys,(u8*)ctr_aes_common_key_dev0,0); + SetCommonKey(keys,(u8*)ctr_aes_common_key_dev1,1); + SetCurrentCommonKey(keys,0); + + // NCCH + keys->aes.NormalKey = (u8*)zeros_fixed_aesKey; + SetSystemFixedKey(keys,(u8*)system_fixed_aesKey); + + /* RSA Keys */ + // CIA + SetTIK_RsaKey(keys,(u8*)xs9_dpki_rsa_privExp,(u8*)xs9_dpki_rsa_pubMod); + SetTMD_RsaKey(keys,(u8*)cpA_dpki_rsa_privExp,(u8*)cpA_dpki_rsa_pubMod); + // CFA + SetCFA_RsaKey(keys,(u8*)DevNcsdCfa_privExp,(u8*)DevNcsdCfa_pubMod); + // CCI + SetCCI_RsaKey(keys,(u8*)DevNcsdCfa_privExp,(u8*)DevNcsdCfa_pubMod); + // CXI + SetAccessDesc_RsaKey(keys,(u8*)AccessDesc_privExp,(u8*)AccessDesc_pubMod); + + /* Certs */ + SetCaCert(keys,(u8*)ca4_dpki_cert); + SetTikCert(keys,(u8*)xs9_dpki_cert); + SetTmdCert(keys,(u8*)cpA_dpki_cert); +#endif +} + +void FreeKeys(keys_struct *keys) +{ + // AES + if(keys->aes.CommonKey){ + for(int i = 0; i < 256; i++){ + free(keys->aes.CommonKey[i]); + } + } + free(keys->aes.CommonKey); + free(keys->aes.SystemFixedKey); + free(keys->aes.UnFixedKey); + + // RSA + free(keys->rsa.TIK_Priv); + free(keys->rsa.TIK_Pub); + free(keys->rsa.TMD_Priv); + free(keys->rsa.TMD_Pub); + + free(keys->rsa.CFA_Priv); + free(keys->rsa.CFA_Pub); + + free(keys->rsa.CCI_Priv); + free(keys->rsa.CCI_Pub); + + free(keys->rsa.AccessDesc_Priv); + free(keys->rsa.AccessDesc_Pub); + + // Certs + free(keys->certs.ca_cert); + free(keys->certs.tik_cert); + free(keys->certs.tmd_cert); + memset(keys,0,sizeof(keys_struct)); +} + +int SetRsaKeySet(u8 **PrivDest, u8 *PrivSource, u8 **PubDest, u8 *PubSource) +{ + int result = 0; + if(PrivSource){ + result = CopyData(PrivDest,PrivSource,0x100); + if(result) return result; + } + if(PubSource){ + result = CopyData(PubDest,PubSource,0x100); + if(result) return result; + } + return 0; +} + +int SetCommonKey(keys_struct *keys, u8 *CommonKey, u8 Index) +{ + if(!keys) return -1; + if(!keys->aes.CommonKey){ + keys->aes.CommonKey = malloc(sizeof(u8*)*256); + memset(keys->aes.CommonKey,0,sizeof(u8*)*256); + } + return CopyData(&keys->aes.CommonKey[Index],CommonKey,16); +} + +int SetCurrentCommonKey(keys_struct *keys, u8 Index) +{ + if(!keys) return -1; + keys->aes.CurrentCommonKey = Index; + return 0; +} + +int SetSystemFixedKey(keys_struct *keys, u8 *SystemFixedKey) +{ + if(!keys) return -1; + return CopyData(&keys->aes.SystemFixedKey,SystemFixedKey,16); +} + +int SetUnFixedKey(keys_struct *keys, u8 *UnFixedKey) +{ + if(!keys) return -1; + return CopyData(&keys->aes.UnFixedKey,UnFixedKey,16); +} + +int SetTIK_RsaKey(keys_struct *keys, u8 *PrivateExp, u8 *PublicMod) +{ + if(!keys) return -1; + return SetRsaKeySet(&keys->rsa.TIK_Priv,PrivateExp,&keys->rsa.TIK_Pub,PublicMod); +} + +int SetTMD_RsaKey(keys_struct *keys, u8 *PrivateExp, u8 *PublicMod) +{ + if(!keys) return -1; + return SetRsaKeySet(&keys->rsa.TMD_Priv,PrivateExp,&keys->rsa.TMD_Pub,PublicMod); +} + +int SetCFA_RsaKey(keys_struct *keys, u8 *PrivateExp, u8 *PublicMod) +{ + if(!keys) return -1; + return SetRsaKeySet(&keys->rsa.CFA_Priv,PrivateExp,&keys->rsa.CFA_Pub,PublicMod); +} + +int SetCCI_RsaKey(keys_struct *keys, u8 *PrivateExp, u8 *PublicMod) +{ + if(!keys) return -1; + return SetRsaKeySet(&keys->rsa.CCI_Priv,PrivateExp,&keys->rsa.CCI_Pub,PublicMod); +} + +int SetAccessDesc_RsaKey(keys_struct *keys, u8 *PrivateExp, u8 *PublicMod) +{ + if(!keys) return -1; + return SetRsaKeySet(&keys->rsa.AccessDesc_Priv,PrivateExp,&keys->rsa.AccessDesc_Pub,PublicMod); +} + +int SetCaCert(keys_struct *keys, u8 *Cert) +{ + if(!keys) return -1; + return CopyData(&keys->certs.ca_cert,Cert,0x400); +} +int SetTikCert(keys_struct *keys, u8 *Cert) +{ + if(!keys) return -1; + return CopyData(&keys->certs.tik_cert,Cert,0x300); +} + +int SetTmdCert(keys_struct *keys, u8 *Cert) +{ + if(!keys) return -1; + return CopyData(&keys->certs.tmd_cert,Cert,0x400); +} \ No newline at end of file diff --git a/keyset.h b/keyset.h new file mode 100644 index 0000000..319a911 --- /dev/null +++ b/keyset.h @@ -0,0 +1,58 @@ +#ifndef _KEYSET_H_ +#define _KEYSET_H_ + +// Structs + +typedef struct +{ + struct + { + // CIA + u8 **CommonKey; + u8 CurrentCommonKey; + + // NCCH Keys + u8 *NormalKey; + u8 *SystemFixedKey; + u8 *UnFixedKey; + } aes; + + struct + { + // CIA RSA + u8 *TMD_Priv; + u8 *TMD_Pub; + u8 *TIK_Priv; + u8 *TIK_Pub; + + // CFA + u8 *CFA_Priv; + u8 *CFA_Pub; + + // CCI + u8 *CCI_Priv; + u8 *CCI_Pub; + + // CXI + u8 *AccessDesc_Priv; + u8 *AccessDesc_Pub; + } rsa; + + struct + { + // CIA + u8 *ca_cert; + u8 *tik_cert; + u8 *tmd_cert; + } certs; +} keys_struct; + +#endif + +// Public Prototypes +void InitKeys(keys_struct *keys); +void FreeKeys(keys_struct *keys); + +int SetCommonKey(keys_struct *keys, u8 *CommonKey, u8 Index); +int SetCurrentCommonKey(keys_struct *keys, u8 Index); +int SetSystemFixedKey(keys_struct *keys, u8 *SystemFixedKey); diff --git a/lib.h b/lib.h new file mode 100644 index 0000000..8fe882c --- /dev/null +++ b/lib.h @@ -0,0 +1,40 @@ +#define _LARGEFILE_SOURCE +#define _LARGEFILE64_SOURCE +#define _FILE_OFFSET_BITS 64 + +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#ifdef _WIN32 + #include + #include + #include + //#include +#else + #include + #include +#endif + + +#include "types.h" +#include "utils.h" +#include "crypto.h" +#ifdef RETAIL_FSIGN +#include "keys_retail.h" +#else +#include "keys_debug.h" +#include "accessdesc_sig.h" +#endif +#include "keyset.h" +#include "usersettings.h" +#include "libyaml/yaml.h" +#include "yaml_ctr.h" + + diff --git a/libyaml/LICENSE b/libyaml/LICENSE new file mode 100644 index 0000000..050ced2 --- /dev/null +++ b/libyaml/LICENSE @@ -0,0 +1,19 @@ +Copyright (c) 2006 Kirill Simonov + +Permission is hereby granted, free of charge, to any person obtaining a copy of +this software and associated documentation files (the "Software"), to deal in +the Software without restriction, including without limitation the rights to +use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies +of the Software, and to permit persons to whom the Software is furnished to do +so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/libyaml/api.c b/libyaml/api.c new file mode 100644 index 0000000..d2c13d3 --- /dev/null +++ b/libyaml/api.c @@ -0,0 +1,1391 @@ +#include "libyaml/yaml_private.h" + +/* + * Get the library titleVersion. + */ + +YAML_DECLARE(const char *) +yaml_get_titleVersion_string(void) +{ + return YAML_titleVersion_STRING; +} + +/* + * Get the library titleVersion numbers. + */ + +YAML_DECLARE(void) +yaml_get_titleVersion(int *major, int *minor, int *patch) +{ + *major = YAML_titleVersion_MAJOR; + *minor = YAML_titleVersion_MINOR; + *patch = YAML_titleVersion_PATCH; +} + +/* + * Allocate a dynamic memory block. + */ + +YAML_DECLARE(void *) +yaml_malloc(size_t size) +{ + return malloc(size ? size : 1); +} + +/* + * Reallocate a dynamic memory block. + */ + +YAML_DECLARE(void *) +yaml_realloc(void *ptr, size_t size) +{ + return ptr ? realloc(ptr, size ? size : 1) : malloc(size ? size : 1); +} + +/* + * Free a dynamic memory block. + */ + +YAML_DECLARE(void) +yaml_free(void *ptr) +{ + if (ptr) free(ptr); +} + +/* + * Duplicate a string. + */ + +YAML_DECLARE(yaml_char_t *) +yaml_strdup(const yaml_char_t *str) +{ + if (!str) + return NULL; + + return (yaml_char_t *)strdup((char *)str); +} + +/* + * Extend a string. + */ + +YAML_DECLARE(int) +yaml_string_extend(yaml_char_t **start, + yaml_char_t **pointer, yaml_char_t **end) +{ + yaml_char_t *new_start = yaml_realloc(*start, (*end - *start)*2); + + if (!new_start) return 0; + + memset(new_start + (*end - *start), 0, *end - *start); + + *pointer = new_start + (*pointer - *start); + *end = new_start + (*end - *start)*2; + *start = new_start; + + return 1; +} + +/* + * Append a string B to a string A. + */ + +YAML_DECLARE(int) +yaml_string_join( + yaml_char_t **a_start, yaml_char_t **a_pointer, yaml_char_t **a_end, + yaml_char_t **b_start, yaml_char_t **b_pointer, yaml_char_t **b_end) +{ + if (*b_start == *b_pointer) + return 1; + + while (*a_end - *a_pointer <= *b_pointer - *b_start) { + if (!yaml_string_extend(a_start, a_pointer, a_end)) + return 0; + } + + memcpy(*a_pointer, *b_start, *b_pointer - *b_start); + *a_pointer += *b_pointer - *b_start; + + return 1; +} + +/* + * Extend a stack. + */ + +YAML_DECLARE(int) +yaml_stack_extend(void **start, void **top, void **end) +{ + void *new_start = yaml_realloc(*start, ((char *)*end - (char *)*start)*2); + + if (!new_start) return 0; + + *top = (char *)new_start + ((char *)*top - (char *)*start); + *end = (char *)new_start + ((char *)*end - (char *)*start)*2; + *start = new_start; + + return 1; +} + +/* + * Extend or move a queue. + */ + +YAML_DECLARE(int) +yaml_queue_extend(void **start, void **head, void **tail, void **end) +{ + /* Check if we need to resize the queue. */ + + if (*start == *head && *tail == *end) { + void *new_start = yaml_realloc(*start, + ((char *)*end - (char *)*start)*2); + + if (!new_start) return 0; + + *head = (char *)new_start + ((char *)*head - (char *)*start); + *tail = (char *)new_start + ((char *)*tail - (char *)*start); + *end = (char *)new_start + ((char *)*end - (char *)*start)*2; + *start = new_start; + } + + /* Check if we need to move the queue at the beginning of the buffer. */ + + if (*tail == *end) { + if (*head != *tail) { + memmove(*start, *head, (char *)*tail - (char *)*head); + } + *tail = (char *)*tail - (char *)*head + (char *)*start; + *head = *start; + } + + return 1; +} + + +/* + * Create a new parser object. + */ + +YAML_DECLARE(int) +yaml_parser_initialize(yaml_parser_t *parser) +{ + assert(parser); /* Non-NULL parser object expected. */ + + memset(parser, 0, sizeof(yaml_parser_t)); + if (!BUFFER_INIT(parser, parser->raw_buffer, INPUT_RAW_BUFFER_SIZE)) + goto error; + if (!BUFFER_INIT(parser, parser->buffer, INPUT_BUFFER_SIZE)) + goto error; + if (!QUEUE_INIT(parser, parser->tokens, INITIAL_QUEUE_SIZE)) + goto error; + if (!STACK_INIT(parser, parser->indents, INITIAL_STACK_SIZE)) + goto error; + if (!STACK_INIT(parser, parser->simple_keys, INITIAL_STACK_SIZE)) + goto error; + if (!STACK_INIT(parser, parser->states, INITIAL_STACK_SIZE)) + goto error; + if (!STACK_INIT(parser, parser->marks, INITIAL_STACK_SIZE)) + goto error; + if (!STACK_INIT(parser, parser->tag_directives, INITIAL_STACK_SIZE)) + goto error; + + return 1; + +error: + + BUFFER_DEL(parser, parser->raw_buffer); + BUFFER_DEL(parser, parser->buffer); + QUEUE_DEL(parser, parser->tokens); + STACK_DEL(parser, parser->indents); + STACK_DEL(parser, parser->simple_keys); + STACK_DEL(parser, parser->states); + STACK_DEL(parser, parser->marks); + STACK_DEL(parser, parser->tag_directives); + + return 0; +} + +/* + * Destroy a parser object. + */ + +YAML_DECLARE(void) +yaml_parser_delete(yaml_parser_t *parser) +{ + assert(parser); /* Non-NULL parser object expected. */ + + BUFFER_DEL(parser, parser->raw_buffer); + BUFFER_DEL(parser, parser->buffer); + while (!QUEUE_EMPTY(parser, parser->tokens)) { + yaml_token_delete(&DEQUEUE(parser, parser->tokens)); + } + QUEUE_DEL(parser, parser->tokens); + STACK_DEL(parser, parser->indents); + STACK_DEL(parser, parser->simple_keys); + STACK_DEL(parser, parser->states); + STACK_DEL(parser, parser->marks); + while (!STACK_EMPTY(parser, parser->tag_directives)) { + yaml_tag_directive_t tag_directive = POP(parser, parser->tag_directives); + yaml_free(tag_directive.handle); + yaml_free(tag_directive.prefix); + } + STACK_DEL(parser, parser->tag_directives); + + memset(parser, 0, sizeof(yaml_parser_t)); +} + +/* + * String read handler. + */ + +static int +yaml_string_read_handler(void *data, unsigned char *buffer, size_t size, + size_t *size_read) +{ + yaml_parser_t *parser = data; + + if (parser->input.string.current == parser->input.string.end) { + *size_read = 0; + return 1; + } + + if (size > (size_t)(parser->input.string.end + - parser->input.string.current)) { + size = parser->input.string.end - parser->input.string.current; + } + + memcpy(buffer, parser->input.string.current, size); + parser->input.string.current += size; + *size_read = size; + return 1; +} + +/* + * File read handler. + */ + +static int +yaml_file_read_handler(void *data, unsigned char *buffer, size_t size, + size_t *size_read) +{ + yaml_parser_t *parser = data; + + *size_read = fread(buffer, 1, size, parser->input.file); + return !ferror(parser->input.file); +} + +/* + * Set a string input. + */ + +YAML_DECLARE(void) +yaml_parser_set_input_string(yaml_parser_t *parser, + const unsigned char *input, size_t size) +{ + assert(parser); /* Non-NULL parser object expected. */ + assert(!parser->read_handler); /* You can set the source only once. */ + assert(input); /* Non-NULL input string expected. */ + + parser->read_handler = yaml_string_read_handler; + parser->read_handler_data = parser; + + parser->input.string.start = input; + parser->input.string.current = input; + parser->input.string.end = input+size; +} + +/* + * Set a file input. + */ + +YAML_DECLARE(void) +yaml_parser_set_input_file(yaml_parser_t *parser, FILE *file) +{ + assert(parser); /* Non-NULL parser object expected. */ + assert(!parser->read_handler); /* You can set the source only once. */ + assert(file); /* Non-NULL file object expected. */ + + parser->read_handler = yaml_file_read_handler; + parser->read_handler_data = parser; + + parser->input.file = file; +} + +/* + * Set a generic input. + */ + +YAML_DECLARE(void) +yaml_parser_set_input(yaml_parser_t *parser, + yaml_read_handler_t *handler, void *data) +{ + assert(parser); /* Non-NULL parser object expected. */ + assert(!parser->read_handler); /* You can set the source only once. */ + assert(handler); /* Non-NULL read handler expected. */ + + parser->read_handler = handler; + parser->read_handler_data = data; +} + +/* + * Set the source encoding. + */ + +YAML_DECLARE(void) +yaml_parser_set_encoding(yaml_parser_t *parser, yaml_encoding_t encoding) +{ + assert(parser); /* Non-NULL parser object expected. */ + assert(!parser->encoding); /* Encoding is already set or detected. */ + + parser->encoding = encoding; +} + +/* + * Create a new emitter object. + */ + +YAML_DECLARE(int) +yaml_emitter_initialize(yaml_emitter_t *emitter) +{ + assert(emitter); /* Non-NULL emitter object expected. */ + + memset(emitter, 0, sizeof(yaml_emitter_t)); + if (!BUFFER_INIT(emitter, emitter->buffer, OUTPUT_BUFFER_SIZE)) + goto error; + if (!BUFFER_INIT(emitter, emitter->raw_buffer, OUTPUT_RAW_BUFFER_SIZE)) + goto error; + if (!STACK_INIT(emitter, emitter->states, INITIAL_STACK_SIZE)) + goto error; + if (!QUEUE_INIT(emitter, emitter->events, INITIAL_QUEUE_SIZE)) + goto error; + if (!STACK_INIT(emitter, emitter->indents, INITIAL_STACK_SIZE)) + goto error; + if (!STACK_INIT(emitter, emitter->tag_directives, INITIAL_STACK_SIZE)) + goto error; + + return 1; + +error: + + BUFFER_DEL(emitter, emitter->buffer); + BUFFER_DEL(emitter, emitter->raw_buffer); + STACK_DEL(emitter, emitter->states); + QUEUE_DEL(emitter, emitter->events); + STACK_DEL(emitter, emitter->indents); + STACK_DEL(emitter, emitter->tag_directives); + + return 0; +} + +/* + * Destroy an emitter object. + */ + +YAML_DECLARE(void) +yaml_emitter_delete(yaml_emitter_t *emitter) +{ + assert(emitter); /* Non-NULL emitter object expected. */ + + BUFFER_DEL(emitter, emitter->buffer); + BUFFER_DEL(emitter, emitter->raw_buffer); + STACK_DEL(emitter, emitter->states); + while (!QUEUE_EMPTY(emitter, emitter->events)) { + yaml_event_delete(&DEQUEUE(emitter, emitter->events)); + } + QUEUE_DEL(emitter, emitter->events); + STACK_DEL(emitter, emitter->indents); + while (!STACK_EMPTY(empty, emitter->tag_directives)) { + yaml_tag_directive_t tag_directive = POP(emitter, emitter->tag_directives); + yaml_free(tag_directive.handle); + yaml_free(tag_directive.prefix); + } + STACK_DEL(emitter, emitter->tag_directives); + yaml_free(emitter->anchors); + + memset(emitter, 0, sizeof(yaml_emitter_t)); +} + +/* + * String write handler. + */ + +static int +yaml_string_write_handler(void *data, unsigned char *buffer, size_t size) +{ + yaml_emitter_t *emitter = data; + + if (emitter->output.string.size + *emitter->output.string.size_written + < size) { + memcpy(emitter->output.string.buffer + + *emitter->output.string.size_written, + buffer, + emitter->output.string.size + - *emitter->output.string.size_written); + *emitter->output.string.size_written = emitter->output.string.size; + return 0; + } + + memcpy(emitter->output.string.buffer + + *emitter->output.string.size_written, buffer, size); + *emitter->output.string.size_written += size; + return 1; +} + +/* + * File write handler. + */ + +static int +yaml_file_write_handler(void *data, unsigned char *buffer, size_t size) +{ + yaml_emitter_t *emitter = data; + + return (fwrite(buffer, 1, size, emitter->output.file) == size); +} +/* + * Set a string output. + */ + +YAML_DECLARE(void) +yaml_emitter_set_output_string(yaml_emitter_t *emitter, + unsigned char *output, size_t size, size_t *size_written) +{ + assert(emitter); /* Non-NULL emitter object expected. */ + assert(!emitter->write_handler); /* You can set the output only once. */ + assert(output); /* Non-NULL output string expected. */ + + emitter->write_handler = yaml_string_write_handler; + emitter->write_handler_data = emitter; + + emitter->output.string.buffer = output; + emitter->output.string.size = size; + emitter->output.string.size_written = size_written; + *size_written = 0; +} + +/* + * Set a file output. + */ + +YAML_DECLARE(void) +yaml_emitter_set_output_file(yaml_emitter_t *emitter, FILE *file) +{ + assert(emitter); /* Non-NULL emitter object expected. */ + assert(!emitter->write_handler); /* You can set the output only once. */ + assert(file); /* Non-NULL file object expected. */ + + emitter->write_handler = yaml_file_write_handler; + emitter->write_handler_data = emitter; + + emitter->output.file = file; +} + +/* + * Set a generic output handler. + */ + +YAML_DECLARE(void) +yaml_emitter_set_output(yaml_emitter_t *emitter, + yaml_write_handler_t *handler, void *data) +{ + assert(emitter); /* Non-NULL emitter object expected. */ + assert(!emitter->write_handler); /* You can set the output only once. */ + assert(handler); /* Non-NULL handler object expected. */ + + emitter->write_handler = handler; + emitter->write_handler_data = data; +} + +/* + * Set the output encoding. + */ + +YAML_DECLARE(void) +yaml_emitter_set_encoding(yaml_emitter_t *emitter, yaml_encoding_t encoding) +{ + assert(emitter); /* Non-NULL emitter object expected. */ + assert(!emitter->encoding); /* You can set encoding only once. */ + + emitter->encoding = encoding; +} + +/* + * Set the canonical output style. + */ + +YAML_DECLARE(void) +yaml_emitter_set_canonical(yaml_emitter_t *emitter, int canonical) +{ + assert(emitter); /* Non-NULL emitter object expected. */ + + emitter->canonical = (canonical != 0); +} + +/* + * Set the indentation increment. + */ + +YAML_DECLARE(void) +yaml_emitter_set_indent(yaml_emitter_t *emitter, int indent) +{ + assert(emitter); /* Non-NULL emitter object expected. */ + + emitter->best_indent = (1 < indent && indent < 10) ? indent : 2; +} + +/* + * Set the preferred line width. + */ + +YAML_DECLARE(void) +yaml_emitter_set_width(yaml_emitter_t *emitter, int width) +{ + assert(emitter); /* Non-NULL emitter object expected. */ + + emitter->best_width = (width >= 0) ? width : -1; +} + +/* + * Set if unescaped non-ASCII characters are allowed. + */ + +YAML_DECLARE(void) +yaml_emitter_set_unicode(yaml_emitter_t *emitter, int unicode) +{ + assert(emitter); /* Non-NULL emitter object expected. */ + + emitter->unicode = (unicode != 0); +} + +/* + * Set the preferred line break character. + */ + +YAML_DECLARE(void) +yaml_emitter_set_break(yaml_emitter_t *emitter, yaml_break_t line_break) +{ + assert(emitter); /* Non-NULL emitter object expected. */ + + emitter->line_break = line_break; +} + +/* + * Destroy a token object. + */ + +YAML_DECLARE(void) +yaml_token_delete(yaml_token_t *token) +{ + assert(token); /* Non-NULL token object expected. */ + + switch (token->type) + { + case YAML_TAG_DIRECTIVE_TOKEN: + yaml_free(token->data.tag_directive.handle); + yaml_free(token->data.tag_directive.prefix); + break; + + case YAML_ALIAS_TOKEN: + yaml_free(token->data.alias.value); + break; + + case YAML_ANCHOR_TOKEN: + yaml_free(token->data.anchor.value); + break; + + case YAML_TAG_TOKEN: + yaml_free(token->data.tag.handle); + yaml_free(token->data.tag.suffix); + break; + + case YAML_SCALAR_TOKEN: + yaml_free(token->data.scalar.value); + break; + + default: + break; + } + + memset(token, 0, sizeof(yaml_token_t)); +} + +/* + * Check if a string is a valid UTF-8 sequence. + * + * Check 'reader.c' for more details on UTF-8 encoding. + */ + +static int +yaml_check_utf8(yaml_char_t *start, size_t length) +{ + yaml_char_t *end = start+length; + yaml_char_t *pointer = start; + + while (pointer < end) { + unsigned char octet; + unsigned int width; + unsigned int value; + size_t k; + + octet = pointer[0]; + width = (octet & 0x80) == 0x00 ? 1 : + (octet & 0xE0) == 0xC0 ? 2 : + (octet & 0xF0) == 0xE0 ? 3 : + (octet & 0xF8) == 0xF0 ? 4 : 0; + value = (octet & 0x80) == 0x00 ? octet & 0x7F : + (octet & 0xE0) == 0xC0 ? octet & 0x1F : + (octet & 0xF0) == 0xE0 ? octet & 0x0F : + (octet & 0xF8) == 0xF0 ? octet & 0x07 : 0; + if (!width) return 0; + if (pointer+width > end) return 0; + for (k = 1; k < width; k ++) { + octet = pointer[k]; + if ((octet & 0xC0) != 0x80) return 0; + value = (value << 6) + (octet & 0x3F); + } + if (!((width == 1) || + (width == 2 && value >= 0x80) || + (width == 3 && value >= 0x800) || + (width == 4 && value >= 0x10000))) return 0; + + pointer += width; + } + + return 1; +} + +/* + * Create STREAM-START. + */ + +YAML_DECLARE(int) +yaml_stream_start_event_initialize(yaml_event_t *event, + yaml_encoding_t encoding) +{ + yaml_mark_t mark = { 0, 0, 0 }; + + assert(event); /* Non-NULL event object is expected. */ + + STREAM_START_EVENT_INIT(*event, encoding, mark, mark); + + return 1; +} + +/* + * Create STREAM-END. + */ + +YAML_DECLARE(int) +yaml_stream_end_event_initialize(yaml_event_t *event) +{ + yaml_mark_t mark = { 0, 0, 0 }; + + assert(event); /* Non-NULL event object is expected. */ + + STREAM_END_EVENT_INIT(*event, mark, mark); + + return 1; +} + +/* + * Create DOCUMENT-START. + */ + +YAML_DECLARE(int) +yaml_document_start_event_initialize(yaml_event_t *event, + yaml_titleVersion_directive_t *titleVersion_directive, + yaml_tag_directive_t *tag_directives_start, + yaml_tag_directive_t *tag_directives_end, + int implicit) +{ + struct { + yaml_error_type_t error; + } context; + yaml_mark_t mark = { 0, 0, 0 }; + yaml_titleVersion_directive_t *titleVersion_directive_copy = NULL; + struct { + yaml_tag_directive_t *start; + yaml_tag_directive_t *end; + yaml_tag_directive_t *top; + } tag_directives_copy = { NULL, NULL, NULL }; + yaml_tag_directive_t value = { NULL, NULL }; + + assert(event); /* Non-NULL event object is expected. */ + assert((tag_directives_start && tag_directives_end) || + (tag_directives_start == tag_directives_end)); + /* Valid tag directives are expected. */ + + if (titleVersion_directive) { + titleVersion_directive_copy = yaml_malloc(sizeof(yaml_titleVersion_directive_t)); + if (!titleVersion_directive_copy) goto error; + titleVersion_directive_copy->major = titleVersion_directive->major; + titleVersion_directive_copy->minor = titleVersion_directive->minor; + } + + if (tag_directives_start != tag_directives_end) { + yaml_tag_directive_t *tag_directive; + if (!STACK_INIT(&context, tag_directives_copy, INITIAL_STACK_SIZE)) + goto error; + for (tag_directive = tag_directives_start; + tag_directive != tag_directives_end; tag_directive ++) { + assert(tag_directive->handle); + assert(tag_directive->prefix); + if (!yaml_check_utf8(tag_directive->handle, + strlen((char *)tag_directive->handle))) + goto error; + if (!yaml_check_utf8(tag_directive->prefix, + strlen((char *)tag_directive->prefix))) + goto error; + value.handle = yaml_strdup(tag_directive->handle); + value.prefix = yaml_strdup(tag_directive->prefix); + if (!value.handle || !value.prefix) goto error; + if (!PUSH(&context, tag_directives_copy, value)) + goto error; + value.handle = NULL; + value.prefix = NULL; + } + } + + DOCUMENT_START_EVENT_INIT(*event, titleVersion_directive_copy, + tag_directives_copy.start, tag_directives_copy.top, + implicit, mark, mark); + + return 1; + +error: + yaml_free(titleVersion_directive_copy); + while (!STACK_EMPTY(context, tag_directives_copy)) { + yaml_tag_directive_t value = POP(context, tag_directives_copy); + yaml_free(value.handle); + yaml_free(value.prefix); + } + STACK_DEL(context, tag_directives_copy); + yaml_free(value.handle); + yaml_free(value.prefix); + + return 0; +} + +/* + * Create DOCUMENT-END. + */ + +YAML_DECLARE(int) +yaml_document_end_event_initialize(yaml_event_t *event, int implicit) +{ + yaml_mark_t mark = { 0, 0, 0 }; + + assert(event); /* Non-NULL emitter object is expected. */ + + DOCUMENT_END_EVENT_INIT(*event, implicit, mark, mark); + + return 1; +} + +/* + * Create ALIAS. + */ + +YAML_DECLARE(int) +yaml_alias_event_initialize(yaml_event_t *event, yaml_char_t *anchor) +{ + yaml_mark_t mark = { 0, 0, 0 }; + yaml_char_t *anchor_copy = NULL; + + assert(event); /* Non-NULL event object is expected. */ + assert(anchor); /* Non-NULL anchor is expected. */ + + if (!yaml_check_utf8(anchor, strlen((char *)anchor))) return 0; + + anchor_copy = yaml_strdup(anchor); + if (!anchor_copy) + return 0; + + ALIAS_EVENT_INIT(*event, anchor_copy, mark, mark); + + return 1; +} + +/* + * Create SCALAR. + */ + +YAML_DECLARE(int) +yaml_scalar_event_initialize(yaml_event_t *event, + yaml_char_t *anchor, yaml_char_t *tag, + yaml_char_t *value, int length, + int plain_implicit, int quoted_implicit, + yaml_scalar_style_t style) +{ + yaml_mark_t mark = { 0, 0, 0 }; + yaml_char_t *anchor_copy = NULL; + yaml_char_t *tag_copy = NULL; + yaml_char_t *value_copy = NULL; + + assert(event); /* Non-NULL event object is expected. */ + assert(value); /* Non-NULL anchor is expected. */ + + if (anchor) { + if (!yaml_check_utf8(anchor, strlen((char *)anchor))) goto error; + anchor_copy = yaml_strdup(anchor); + if (!anchor_copy) goto error; + } + + if (tag) { + if (!yaml_check_utf8(tag, strlen((char *)tag))) goto error; + tag_copy = yaml_strdup(tag); + if (!tag_copy) goto error; + } + + if (length < 0) { + length = strlen((char *)value); + } + + if (!yaml_check_utf8(value, length)) goto error; + value_copy = yaml_malloc(length+1); + if (!value_copy) goto error; + memcpy(value_copy, value, length); + value_copy[length] = '\0'; + + SCALAR_EVENT_INIT(*event, anchor_copy, tag_copy, value_copy, length, + plain_implicit, quoted_implicit, style, mark, mark); + + return 1; + +error: + yaml_free(anchor_copy); + yaml_free(tag_copy); + yaml_free(value_copy); + + return 0; +} + +/* + * Create SEQUENCE-START. + */ + +YAML_DECLARE(int) +yaml_sequence_start_event_initialize(yaml_event_t *event, + yaml_char_t *anchor, yaml_char_t *tag, int implicit, + yaml_sequence_style_t style) +{ + yaml_mark_t mark = { 0, 0, 0 }; + yaml_char_t *anchor_copy = NULL; + yaml_char_t *tag_copy = NULL; + + assert(event); /* Non-NULL event object is expected. */ + + if (anchor) { + if (!yaml_check_utf8(anchor, strlen((char *)anchor))) goto error; + anchor_copy = yaml_strdup(anchor); + if (!anchor_copy) goto error; + } + + if (tag) { + if (!yaml_check_utf8(tag, strlen((char *)tag))) goto error; + tag_copy = yaml_strdup(tag); + if (!tag_copy) goto error; + } + + SEQUENCE_START_EVENT_INIT(*event, anchor_copy, tag_copy, + implicit, style, mark, mark); + + return 1; + +error: + yaml_free(anchor_copy); + yaml_free(tag_copy); + + return 0; +} + +/* + * Create SEQUENCE-END. + */ + +YAML_DECLARE(int) +yaml_sequence_end_event_initialize(yaml_event_t *event) +{ + yaml_mark_t mark = { 0, 0, 0 }; + + assert(event); /* Non-NULL event object is expected. */ + + SEQUENCE_END_EVENT_INIT(*event, mark, mark); + + return 1; +} + +/* + * Create MAPPING-START. + */ + +YAML_DECLARE(int) +yaml_mapping_start_event_initialize(yaml_event_t *event, + yaml_char_t *anchor, yaml_char_t *tag, int implicit, + yaml_mapping_style_t style) +{ + yaml_mark_t mark = { 0, 0, 0 }; + yaml_char_t *anchor_copy = NULL; + yaml_char_t *tag_copy = NULL; + + assert(event); /* Non-NULL event object is expected. */ + + if (anchor) { + if (!yaml_check_utf8(anchor, strlen((char *)anchor))) goto error; + anchor_copy = yaml_strdup(anchor); + if (!anchor_copy) goto error; + } + + if (tag) { + if (!yaml_check_utf8(tag, strlen((char *)tag))) goto error; + tag_copy = yaml_strdup(tag); + if (!tag_copy) goto error; + } + + MAPPING_START_EVENT_INIT(*event, anchor_copy, tag_copy, + implicit, style, mark, mark); + + return 1; + +error: + yaml_free(anchor_copy); + yaml_free(tag_copy); + + return 0; +} + +/* + * Create MAPPING-END. + */ + +YAML_DECLARE(int) +yaml_mapping_end_event_initialize(yaml_event_t *event) +{ + yaml_mark_t mark = { 0, 0, 0 }; + + assert(event); /* Non-NULL event object is expected. */ + + MAPPING_END_EVENT_INIT(*event, mark, mark); + + return 1; +} + +/* + * Destroy an event object. + */ + +YAML_DECLARE(void) +yaml_event_delete(yaml_event_t *event) +{ + yaml_tag_directive_t *tag_directive; + + assert(event); /* Non-NULL event object expected. */ + + switch (event->type) + { + case YAML_DOCUMENT_START_EVENT: + yaml_free(event->data.document_start.titleVersion_directive); + for (tag_directive = event->data.document_start.tag_directives.start; + tag_directive != event->data.document_start.tag_directives.end; + tag_directive++) { + yaml_free(tag_directive->handle); + yaml_free(tag_directive->prefix); + } + yaml_free(event->data.document_start.tag_directives.start); + break; + + case YAML_ALIAS_EVENT: + yaml_free(event->data.alias.anchor); + break; + + case YAML_SCALAR_EVENT: + yaml_free(event->data.scalar.anchor); + yaml_free(event->data.scalar.tag); + yaml_free(event->data.scalar.value); + break; + + case YAML_SEQUENCE_START_EVENT: + yaml_free(event->data.sequence_start.anchor); + yaml_free(event->data.sequence_start.tag); + break; + + case YAML_MAPPING_START_EVENT: + yaml_free(event->data.mapping_start.anchor); + yaml_free(event->data.mapping_start.tag); + break; + + default: + break; + } + + memset(event, 0, sizeof(yaml_event_t)); +} + +/* + * Create a document object. + */ + +YAML_DECLARE(int) +yaml_document_initialize(yaml_document_t *document, + yaml_titleVersion_directive_t *titleVersion_directive, + yaml_tag_directive_t *tag_directives_start, + yaml_tag_directive_t *tag_directives_end, + int start_implicit, int end_implicit) +{ + struct { + yaml_error_type_t error; + } context; + struct { + yaml_node_t *start; + yaml_node_t *end; + yaml_node_t *top; + } nodes = { NULL, NULL, NULL }; + yaml_titleVersion_directive_t *titleVersion_directive_copy = NULL; + struct { + yaml_tag_directive_t *start; + yaml_tag_directive_t *end; + yaml_tag_directive_t *top; + } tag_directives_copy = { NULL, NULL, NULL }; + yaml_tag_directive_t value = { NULL, NULL }; + yaml_mark_t mark = { 0, 0, 0 }; + + assert(document); /* Non-NULL document object is expected. */ + assert((tag_directives_start && tag_directives_end) || + (tag_directives_start == tag_directives_end)); + /* Valid tag directives are expected. */ + + if (!STACK_INIT(&context, nodes, INITIAL_STACK_SIZE)) goto error; + + if (titleVersion_directive) { + titleVersion_directive_copy = yaml_malloc(sizeof(yaml_titleVersion_directive_t)); + if (!titleVersion_directive_copy) goto error; + titleVersion_directive_copy->major = titleVersion_directive->major; + titleVersion_directive_copy->minor = titleVersion_directive->minor; + } + + if (tag_directives_start != tag_directives_end) { + yaml_tag_directive_t *tag_directive; + if (!STACK_INIT(&context, tag_directives_copy, INITIAL_STACK_SIZE)) + goto error; + for (tag_directive = tag_directives_start; + tag_directive != tag_directives_end; tag_directive ++) { + assert(tag_directive->handle); + assert(tag_directive->prefix); + if (!yaml_check_utf8(tag_directive->handle, + strlen((char *)tag_directive->handle))) + goto error; + if (!yaml_check_utf8(tag_directive->prefix, + strlen((char *)tag_directive->prefix))) + goto error; + value.handle = yaml_strdup(tag_directive->handle); + value.prefix = yaml_strdup(tag_directive->prefix); + if (!value.handle || !value.prefix) goto error; + if (!PUSH(&context, tag_directives_copy, value)) + goto error; + value.handle = NULL; + value.prefix = NULL; + } + } + + DOCUMENT_INIT(*document, nodes.start, nodes.end, titleVersion_directive_copy, + tag_directives_copy.start, tag_directives_copy.top, + start_implicit, end_implicit, mark, mark); + + return 1; + +error: + STACK_DEL(&context, nodes); + yaml_free(titleVersion_directive_copy); + while (!STACK_EMPTY(&context, tag_directives_copy)) { + yaml_tag_directive_t value = POP(&context, tag_directives_copy); + yaml_free(value.handle); + yaml_free(value.prefix); + } + STACK_DEL(&context, tag_directives_copy); + yaml_free(value.handle); + yaml_free(value.prefix); + + return 0; +} + +/* + * Destroy a document object. + */ + +YAML_DECLARE(void) +yaml_document_delete(yaml_document_t *document) +{ + struct { + yaml_error_type_t error; + } context; + yaml_tag_directive_t *tag_directive; + + context.error = YAML_NO_ERROR; /* Eliminate a compliler warning. */ + + assert(document); /* Non-NULL document object is expected. */ + + while (!STACK_EMPTY(&context, document->nodes)) { + yaml_node_t node = POP(&context, document->nodes); + yaml_free(node.tag); + switch (node.type) { + case YAML_SCALAR_NODE: + yaml_free(node.data.scalar.value); + break; + case YAML_SEQUENCE_NODE: + STACK_DEL(&context, node.data.sequence.items); + break; + case YAML_MAPPING_NODE: + STACK_DEL(&context, node.data.mapping.pairs); + break; + default: + assert(0); /* Should not happen. */ + } + } + STACK_DEL(&context, document->nodes); + + yaml_free(document->titleVersion_directive); + for (tag_directive = document->tag_directives.start; + tag_directive != document->tag_directives.end; + tag_directive++) { + yaml_free(tag_directive->handle); + yaml_free(tag_directive->prefix); + } + yaml_free(document->tag_directives.start); + + memset(document, 0, sizeof(yaml_document_t)); +} + +/** + * Get a document node. + */ + +YAML_DECLARE(yaml_node_t *) +yaml_document_get_node(yaml_document_t *document, int index) +{ + assert(document); /* Non-NULL document object is expected. */ + + if (index > 0 && document->nodes.start + index <= document->nodes.top) { + return document->nodes.start + index - 1; + } + return NULL; +} + +/** + * Get the root object. + */ + +YAML_DECLARE(yaml_node_t *) +yaml_document_get_root_node(yaml_document_t *document) +{ + assert(document); /* Non-NULL document object is expected. */ + + if (document->nodes.top != document->nodes.start) { + return document->nodes.start; + } + return NULL; +} + +/* + * Add a scalar node to a document. + */ + +YAML_DECLARE(int) +yaml_document_add_scalar(yaml_document_t *document, + yaml_char_t *tag, yaml_char_t *value, int length, + yaml_scalar_style_t style) +{ + struct { + yaml_error_type_t error; + } context; + yaml_mark_t mark = { 0, 0, 0 }; + yaml_char_t *tag_copy = NULL; + yaml_char_t *value_copy = NULL; + yaml_node_t node; + + assert(document); /* Non-NULL document object is expected. */ + assert(value); /* Non-NULL value is expected. */ + + if (!tag) { + tag = (yaml_char_t *)YAML_DEFAULT_SCALAR_TAG; + } + + if (!yaml_check_utf8(tag, strlen((char *)tag))) goto error; + tag_copy = yaml_strdup(tag); + if (!tag_copy) goto error; + + if (length < 0) { + length = strlen((char *)value); + } + + if (!yaml_check_utf8(value, length)) goto error; + value_copy = yaml_malloc(length+1); + if (!value_copy) goto error; + memcpy(value_copy, value, length); + value_copy[length] = '\0'; + + SCALAR_NODE_INIT(node, tag_copy, value_copy, length, style, mark, mark); + if (!PUSH(&context, document->nodes, node)) goto error; + + return document->nodes.top - document->nodes.start; + +error: + yaml_free(tag_copy); + yaml_free(value_copy); + + return 0; +} + +/* + * Add a sequence node to a document. + */ + +YAML_DECLARE(int) +yaml_document_add_sequence(yaml_document_t *document, + yaml_char_t *tag, yaml_sequence_style_t style) +{ + struct { + yaml_error_type_t error; + } context; + yaml_mark_t mark = { 0, 0, 0 }; + yaml_char_t *tag_copy = NULL; + struct { + yaml_node_item_t *start; + yaml_node_item_t *end; + yaml_node_item_t *top; + } items = { NULL, NULL, NULL }; + yaml_node_t node; + + assert(document); /* Non-NULL document object is expected. */ + + if (!tag) { + tag = (yaml_char_t *)YAML_DEFAULT_SEQUENCE_TAG; + } + + if (!yaml_check_utf8(tag, strlen((char *)tag))) goto error; + tag_copy = yaml_strdup(tag); + if (!tag_copy) goto error; + + if (!STACK_INIT(&context, items, INITIAL_STACK_SIZE)) goto error; + + SEQUENCE_NODE_INIT(node, tag_copy, items.start, items.end, + style, mark, mark); + if (!PUSH(&context, document->nodes, node)) goto error; + + return document->nodes.top - document->nodes.start; + +error: + STACK_DEL(&context, items); + yaml_free(tag_copy); + + return 0; +} + +/* + * Add a mapping node to a document. + */ + +YAML_DECLARE(int) +yaml_document_add_mapping(yaml_document_t *document, + yaml_char_t *tag, yaml_mapping_style_t style) +{ + struct { + yaml_error_type_t error; + } context; + yaml_mark_t mark = { 0, 0, 0 }; + yaml_char_t *tag_copy = NULL; + struct { + yaml_node_pair_t *start; + yaml_node_pair_t *end; + yaml_node_pair_t *top; + } pairs = { NULL, NULL, NULL }; + yaml_node_t node; + + assert(document); /* Non-NULL document object is expected. */ + + if (!tag) { + tag = (yaml_char_t *)YAML_DEFAULT_MAPPING_TAG; + } + + if (!yaml_check_utf8(tag, strlen((char *)tag))) goto error; + tag_copy = yaml_strdup(tag); + if (!tag_copy) goto error; + + if (!STACK_INIT(&context, pairs, INITIAL_STACK_SIZE)) goto error; + + MAPPING_NODE_INIT(node, tag_copy, pairs.start, pairs.end, + style, mark, mark); + if (!PUSH(&context, document->nodes, node)) goto error; + + return document->nodes.top - document->nodes.start; + +error: + STACK_DEL(&context, pairs); + yaml_free(tag_copy); + + return 0; +} + +/* + * Append an item to a sequence node. + */ + +YAML_DECLARE(int) +yaml_document_append_sequence_item(yaml_document_t *document, + int sequence, int item) +{ + struct { + yaml_error_type_t error; + } context; + + assert(document); /* Non-NULL document is required. */ + assert(sequence > 0 + && document->nodes.start + sequence <= document->nodes.top); + /* Valid sequence id is required. */ + assert(document->nodes.start[sequence-1].type == YAML_SEQUENCE_NODE); + /* A sequence node is required. */ + assert(item > 0 && document->nodes.start + item <= document->nodes.top); + /* Valid item id is required. */ + + if (!PUSH(&context, + document->nodes.start[sequence-1].data.sequence.items, item)) + return 0; + + return 1; +} + +/* + * Append a pair of a key and a value to a mapping node. + */ + +YAML_DECLARE(int) +yaml_document_append_mapping_pair(yaml_document_t *document, + int mapping, int key, int value) +{ + struct { + yaml_error_type_t error; + } context; + + yaml_node_pair_t pair; + + assert(document); /* Non-NULL document is required. */ + assert(mapping > 0 + && document->nodes.start + mapping <= document->nodes.top); + /* Valid mapping id is required. */ + assert(document->nodes.start[mapping-1].type == YAML_MAPPING_NODE); + /* A mapping node is required. */ + assert(key > 0 && document->nodes.start + key <= document->nodes.top); + /* Valid key id is required. */ + assert(value > 0 && document->nodes.start + value <= document->nodes.top); + /* Valid value id is required. */ + + pair.key = key; + pair.value = value; + + if (!PUSH(&context, + document->nodes.start[mapping-1].data.mapping.pairs, pair)) + return 0; + + return 1; +} + + diff --git a/libyaml/dumper.c b/libyaml/dumper.c new file mode 100644 index 0000000..4f89ab1 --- /dev/null +++ b/libyaml/dumper.c @@ -0,0 +1,394 @@ + +#include "libyaml/yaml_private.h" + +/* + * API functions. + */ + +YAML_DECLARE(int) +yaml_emitter_open(yaml_emitter_t *emitter); + +YAML_DECLARE(int) +yaml_emitter_close(yaml_emitter_t *emitter); + +YAML_DECLARE(int) +yaml_emitter_dump(yaml_emitter_t *emitter, yaml_document_t *document); + +/* + * Clean up functions. + */ + +static void +yaml_emitter_delete_document_and_anchors(yaml_emitter_t *emitter); + +/* + * Anchor functions. + */ + +static void +yaml_emitter_anchor_node(yaml_emitter_t *emitter, int index); + +static yaml_char_t * +yaml_emitter_generate_anchor(yaml_emitter_t *emitter, int anchor_id); + + +/* + * Serialize functions. + */ + +static int +yaml_emitter_dump_node(yaml_emitter_t *emitter, int index); + +static int +yaml_emitter_dump_alias(yaml_emitter_t *emitter, yaml_char_t *anchor); + +static int +yaml_emitter_dump_scalar(yaml_emitter_t *emitter, yaml_node_t *node, + yaml_char_t *anchor); + +static int +yaml_emitter_dump_sequence(yaml_emitter_t *emitter, yaml_node_t *node, + yaml_char_t *anchor); + +static int +yaml_emitter_dump_mapping(yaml_emitter_t *emitter, yaml_node_t *node, + yaml_char_t *anchor); + +/* + * Issue a STREAM-START event. + */ + +YAML_DECLARE(int) +yaml_emitter_open(yaml_emitter_t *emitter) +{ + yaml_event_t event; + yaml_mark_t mark = { 0, 0, 0 }; + + assert(emitter); /* Non-NULL emitter object is required. */ + assert(!emitter->opened); /* Emitter should not be opened yet. */ + + STREAM_START_EVENT_INIT(event, YAML_ANY_ENCODING, mark, mark); + + if (!yaml_emitter_emit(emitter, &event)) { + return 0; + } + + emitter->opened = 1; + + return 1; +} + +/* + * Issue a STREAM-END event. + */ + +YAML_DECLARE(int) +yaml_emitter_close(yaml_emitter_t *emitter) +{ + yaml_event_t event; + yaml_mark_t mark = { 0, 0, 0 }; + + assert(emitter); /* Non-NULL emitter object is required. */ + assert(emitter->opened); /* Emitter should be opened. */ + + if (emitter->closed) return 1; + + STREAM_END_EVENT_INIT(event, mark, mark); + + if (!yaml_emitter_emit(emitter, &event)) { + return 0; + } + + emitter->closed = 1; + + return 1; +} + +/* + * Dump a YAML document. + */ + +YAML_DECLARE(int) +yaml_emitter_dump(yaml_emitter_t *emitter, yaml_document_t *document) +{ + yaml_event_t event; + yaml_mark_t mark = { 0, 0, 0 }; + + assert(emitter); /* Non-NULL emitter object is required. */ + assert(document); /* Non-NULL emitter object is expected. */ + + emitter->document = document; + + if (!emitter->opened) { + if (!yaml_emitter_open(emitter)) goto error; + } + + if (STACK_EMPTY(emitter, document->nodes)) { + if (!yaml_emitter_close(emitter)) goto error; + yaml_emitter_delete_document_and_anchors(emitter); + return 1; + } + + assert(emitter->opened); /* Emitter should be opened. */ + + emitter->anchors = yaml_malloc(sizeof(*(emitter->anchors)) + * (document->nodes.top - document->nodes.start)); + if (!emitter->anchors) goto error; + memset(emitter->anchors, 0, sizeof(*(emitter->anchors)) + * (document->nodes.top - document->nodes.start)); + + DOCUMENT_START_EVENT_INIT(event, document->titleVersion_directive, + document->tag_directives.start, document->tag_directives.end, + document->start_implicit, mark, mark); + if (!yaml_emitter_emit(emitter, &event)) goto error; + + yaml_emitter_anchor_node(emitter, 1); + if (!yaml_emitter_dump_node(emitter, 1)) goto error; + + DOCUMENT_END_EVENT_INIT(event, document->end_implicit, mark, mark); + if (!yaml_emitter_emit(emitter, &event)) goto error; + + yaml_emitter_delete_document_and_anchors(emitter); + + return 1; + +error: + + yaml_emitter_delete_document_and_anchors(emitter); + + return 0; +} + +/* + * Clean up the emitter object after a document is dumped. + */ + +static void +yaml_emitter_delete_document_and_anchors(yaml_emitter_t *emitter) +{ + int index; + + if (!emitter->anchors) { + yaml_document_delete(emitter->document); + emitter->document = NULL; + return; + } + + for (index = 0; emitter->document->nodes.start + index + < emitter->document->nodes.top; index ++) { + yaml_node_t node = emitter->document->nodes.start[index]; + if (!emitter->anchors[index].serialized) { + yaml_free(node.tag); + if (node.type == YAML_SCALAR_NODE) { + yaml_free(node.data.scalar.value); + } + } + if (node.type == YAML_SEQUENCE_NODE) { + STACK_DEL(emitter, node.data.sequence.items); + } + if (node.type == YAML_MAPPING_NODE) { + STACK_DEL(emitter, node.data.mapping.pairs); + } + } + + STACK_DEL(emitter, emitter->document->nodes); + yaml_free(emitter->anchors); + + emitter->anchors = NULL; + emitter->last_anchor_id = 0; + emitter->document = NULL; +} + +/* + * Check the references of a node and assign the anchor id if needed. + */ + +static void +yaml_emitter_anchor_node(yaml_emitter_t *emitter, int index) +{ + yaml_node_t *node = emitter->document->nodes.start + index - 1; + yaml_node_item_t *item; + yaml_node_pair_t *pair; + + emitter->anchors[index-1].references ++; + + if (emitter->anchors[index-1].references == 1) { + switch (node->type) { + case YAML_SEQUENCE_NODE: + for (item = node->data.sequence.items.start; + item < node->data.sequence.items.top; item ++) { + yaml_emitter_anchor_node(emitter, *item); + } + break; + case YAML_MAPPING_NODE: + for (pair = node->data.mapping.pairs.start; + pair < node->data.mapping.pairs.top; pair ++) { + yaml_emitter_anchor_node(emitter, pair->key); + yaml_emitter_anchor_node(emitter, pair->value); + } + break; + default: + break; + } + } + + else if (emitter->anchors[index-1].references == 2) { + emitter->anchors[index-1].anchor = (++ emitter->last_anchor_id); + } +} + +/* + * Generate a textual representation for an anchor. + */ + +#define ANCHOR_TEMPLATE "id%03d" +#define ANCHOR_TEMPLATE_LENGTH 16 + +static yaml_char_t * +yaml_emitter_generate_anchor(yaml_emitter_t *emitter, int anchor_id) +{ + yaml_char_t *anchor = yaml_malloc(ANCHOR_TEMPLATE_LENGTH); + + if (!anchor) return NULL; + + sprintf((char *)anchor, ANCHOR_TEMPLATE, anchor_id); + + return anchor; +} + +/* + * Serialize a node. + */ + +static int +yaml_emitter_dump_node(yaml_emitter_t *emitter, int index) +{ + yaml_node_t *node = emitter->document->nodes.start + index - 1; + int anchor_id = emitter->anchors[index-1].anchor; + yaml_char_t *anchor = NULL; + + if (anchor_id) { + anchor = yaml_emitter_generate_anchor(emitter, anchor_id); + if (!anchor) return 0; + } + + if (emitter->anchors[index-1].serialized) { + return yaml_emitter_dump_alias(emitter, anchor); + } + + emitter->anchors[index-1].serialized = 1; + + switch (node->type) { + case YAML_SCALAR_NODE: + return yaml_emitter_dump_scalar(emitter, node, anchor); + case YAML_SEQUENCE_NODE: + return yaml_emitter_dump_sequence(emitter, node, anchor); + case YAML_MAPPING_NODE: + return yaml_emitter_dump_mapping(emitter, node, anchor); + default: + assert(0); /* Could not happen. */ + break; + } + + return 0; /* Could not happen. */ +} + +/* + * Serialize an alias. + */ + +static int +yaml_emitter_dump_alias(yaml_emitter_t *emitter, yaml_char_t *anchor) +{ + yaml_event_t event; + yaml_mark_t mark = { 0, 0, 0 }; + + ALIAS_EVENT_INIT(event, anchor, mark, mark); + + return yaml_emitter_emit(emitter, &event); +} + +/* + * Serialize a scalar. + */ + +static int +yaml_emitter_dump_scalar(yaml_emitter_t *emitter, yaml_node_t *node, + yaml_char_t *anchor) +{ + yaml_event_t event; + yaml_mark_t mark = { 0, 0, 0 }; + + int plain_implicit = (strcmp((char *)node->tag, + YAML_DEFAULT_SCALAR_TAG) == 0); + int quoted_implicit = (strcmp((char *)node->tag, + YAML_DEFAULT_SCALAR_TAG) == 0); + + SCALAR_EVENT_INIT(event, anchor, node->tag, node->data.scalar.value, + node->data.scalar.length, plain_implicit, quoted_implicit, + node->data.scalar.style, mark, mark); + + return yaml_emitter_emit(emitter, &event); +} + +/* + * Serialize a sequence. + */ + +static int +yaml_emitter_dump_sequence(yaml_emitter_t *emitter, yaml_node_t *node, + yaml_char_t *anchor) +{ + yaml_event_t event; + yaml_mark_t mark = { 0, 0, 0 }; + + int implicit = (strcmp((char *)node->tag, YAML_DEFAULT_SEQUENCE_TAG) == 0); + + yaml_node_item_t *item; + + SEQUENCE_START_EVENT_INIT(event, anchor, node->tag, implicit, + node->data.sequence.style, mark, mark); + if (!yaml_emitter_emit(emitter, &event)) return 0; + + for (item = node->data.sequence.items.start; + item < node->data.sequence.items.top; item ++) { + if (!yaml_emitter_dump_node(emitter, *item)) return 0; + } + + SEQUENCE_END_EVENT_INIT(event, mark, mark); + if (!yaml_emitter_emit(emitter, &event)) return 0; + + return 1; +} + +/* + * Serialize a mapping. + */ + +static int +yaml_emitter_dump_mapping(yaml_emitter_t *emitter, yaml_node_t *node, + yaml_char_t *anchor) +{ + yaml_event_t event; + yaml_mark_t mark = { 0, 0, 0 }; + + int implicit = (strcmp((char *)node->tag, YAML_DEFAULT_MAPPING_TAG) == 0); + + yaml_node_pair_t *pair; + + MAPPING_START_EVENT_INIT(event, anchor, node->tag, implicit, + node->data.mapping.style, mark, mark); + if (!yaml_emitter_emit(emitter, &event)) return 0; + + for (pair = node->data.mapping.pairs.start; + pair < node->data.mapping.pairs.top; pair ++) { + if (!yaml_emitter_dump_node(emitter, pair->key)) return 0; + if (!yaml_emitter_dump_node(emitter, pair->value)) return 0; + } + + MAPPING_END_EVENT_INIT(event, mark, mark); + if (!yaml_emitter_emit(emitter, &event)) return 0; + + return 1; +} + diff --git a/libyaml/emitter.c b/libyaml/emitter.c new file mode 100644 index 0000000..5beab1f --- /dev/null +++ b/libyaml/emitter.c @@ -0,0 +1,2329 @@ + +#include "libyaml/yaml_private.h" + +/* + * Flush the buffer if needed. + */ + +#define FLUSH(emitter) \ + ((emitter->buffer.pointer+5 < emitter->buffer.end) \ + || yaml_emitter_flush(emitter)) + +/* + * Put a character to the output buffer. + */ + +#define PUT(emitter,value) \ + (FLUSH(emitter) \ + && (*(emitter->buffer.pointer++) = (yaml_char_t)(value), \ + emitter->column ++, \ + 1)) + +/* + * Put a line break to the output buffer. + */ + +#define PUT_BREAK(emitter) \ + (FLUSH(emitter) \ + && ((emitter->line_break == YAML_CR_BREAK ? \ + (*(emitter->buffer.pointer++) = (yaml_char_t) '\r') : \ + emitter->line_break == YAML_LN_BREAK ? \ + (*(emitter->buffer.pointer++) = (yaml_char_t) '\n') : \ + emitter->line_break == YAML_CRLN_BREAK ? \ + (*(emitter->buffer.pointer++) = (yaml_char_t) '\r', \ + *(emitter->buffer.pointer++) = (yaml_char_t) '\n') : 0), \ + emitter->column = 0, \ + emitter->line ++, \ + 1)) + +/* + * Copy a character from a string into buffer. + */ + +#define WRITE(emitter,string) \ + (FLUSH(emitter) \ + && (COPY(emitter->buffer,string), \ + emitter->column ++, \ + 1)) + +/* + * Copy a line break character from a string into buffer. + */ + +#define WRITE_BREAK(emitter,string) \ + (FLUSH(emitter) \ + && (CHECK(string,'\n') ? \ + (PUT_BREAK(emitter), \ + string.pointer ++, \ + 1) : \ + (COPY(emitter->buffer,string), \ + emitter->column = 0, \ + emitter->line ++, \ + 1))) + +/* + * API functions. + */ + +YAML_DECLARE(int) +yaml_emitter_emit(yaml_emitter_t *emitter, yaml_event_t *event); + +/* + * Utility functions. + */ + +static int +yaml_emitter_set_emitter_error(yaml_emitter_t *emitter, const char *problem); + +static int +yaml_emitter_need_more_events(yaml_emitter_t *emitter); + +static int +yaml_emitter_append_tag_directive(yaml_emitter_t *emitter, + yaml_tag_directive_t value, int allow_duplicates); + +static int +yaml_emitter_increase_indent(yaml_emitter_t *emitter, + int flow, int indentless); + +/* + * State functions. + */ + +static int +yaml_emitter_state_machine(yaml_emitter_t *emitter, yaml_event_t *event); + +static int +yaml_emitter_emit_stream_start(yaml_emitter_t *emitter, + yaml_event_t *event); + +static int +yaml_emitter_emit_document_start(yaml_emitter_t *emitter, + yaml_event_t *event, int first); + +static int +yaml_emitter_emit_document_content(yaml_emitter_t *emitter, + yaml_event_t *event); + +static int +yaml_emitter_emit_document_end(yaml_emitter_t *emitter, + yaml_event_t *event); + +static int +yaml_emitter_emit_flow_sequence_item(yaml_emitter_t *emitter, + yaml_event_t *event, int first); + +static int +yaml_emitter_emit_flow_mapping_key(yaml_emitter_t *emitter, + yaml_event_t *event, int first); + +static int +yaml_emitter_emit_flow_mapping_value(yaml_emitter_t *emitter, + yaml_event_t *event, int simple); + +static int +yaml_emitter_emit_block_sequence_item(yaml_emitter_t *emitter, + yaml_event_t *event, int first); + +static int +yaml_emitter_emit_block_mapping_key(yaml_emitter_t *emitter, + yaml_event_t *event, int first); + +static int +yaml_emitter_emit_block_mapping_value(yaml_emitter_t *emitter, + yaml_event_t *event, int simple); + +static int +yaml_emitter_emit_node(yaml_emitter_t *emitter, yaml_event_t *event, + int root, int sequence, int mapping, int simple_key); + +static int +yaml_emitter_emit_alias(yaml_emitter_t *emitter, yaml_event_t *event); + +static int +yaml_emitter_emit_scalar(yaml_emitter_t *emitter, yaml_event_t *event); + +static int +yaml_emitter_emit_sequence_start(yaml_emitter_t *emitter, yaml_event_t *event); + +static int +yaml_emitter_emit_mapping_start(yaml_emitter_t *emitter, yaml_event_t *event); + +/* + * Checkers. + */ + +static int +yaml_emitter_check_empty_document(yaml_emitter_t *emitter); + +static int +yaml_emitter_check_empty_sequence(yaml_emitter_t *emitter); + +static int +yaml_emitter_check_empty_mapping(yaml_emitter_t *emitter); + +static int +yaml_emitter_check_simple_key(yaml_emitter_t *emitter); + +static int +yaml_emitter_select_scalar_style(yaml_emitter_t *emitter, yaml_event_t *event); + +/* + * Processors. + */ + +static int +yaml_emitter_process_anchor(yaml_emitter_t *emitter); + +static int +yaml_emitter_process_tag(yaml_emitter_t *emitter); + +static int +yaml_emitter_process_scalar(yaml_emitter_t *emitter); + +/* + * Analyzers. + */ + +static int +yaml_emitter_analyze_titleVersion_directive(yaml_emitter_t *emitter, + yaml_titleVersion_directive_t titleVersion_directive); + +static int +yaml_emitter_analyze_tag_directive(yaml_emitter_t *emitter, + yaml_tag_directive_t tag_directive); + +static int +yaml_emitter_analyze_anchor(yaml_emitter_t *emitter, + yaml_char_t *anchor, int alias); + +static int +yaml_emitter_analyze_tag(yaml_emitter_t *emitter, + yaml_char_t *tag); + +static int +yaml_emitter_analyze_scalar(yaml_emitter_t *emitter, + yaml_char_t *value, size_t length); + +static int +yaml_emitter_analyze_event(yaml_emitter_t *emitter, + yaml_event_t *event); + +/* + * Writers. + */ + +static int +yaml_emitter_write_bom(yaml_emitter_t *emitter); + +static int +yaml_emitter_write_indent(yaml_emitter_t *emitter); + +static int +yaml_emitter_write_indicator(yaml_emitter_t *emitter, + char *indicator, int need_whitespace, + int is_whitespace, int is_indention); + +static int +yaml_emitter_write_anchor(yaml_emitter_t *emitter, + yaml_char_t *value, size_t length); + +static int +yaml_emitter_write_tag_handle(yaml_emitter_t *emitter, + yaml_char_t *value, size_t length); + +static int +yaml_emitter_write_tag_content(yaml_emitter_t *emitter, + yaml_char_t *value, size_t length, int need_whitespace); + +static int +yaml_emitter_write_plain_scalar(yaml_emitter_t *emitter, + yaml_char_t *value, size_t length, int allow_breaks); + +static int +yaml_emitter_write_single_quoted_scalar(yaml_emitter_t *emitter, + yaml_char_t *value, size_t length, int allow_breaks); + +static int +yaml_emitter_write_double_quoted_scalar(yaml_emitter_t *emitter, + yaml_char_t *value, size_t length, int allow_breaks); + +static int +yaml_emitter_write_block_scalar_hints(yaml_emitter_t *emitter, + yaml_string_t string); + +static int +yaml_emitter_write_literal_scalar(yaml_emitter_t *emitter, + yaml_char_t *value, size_t length); + +static int +yaml_emitter_write_folded_scalar(yaml_emitter_t *emitter, + yaml_char_t *value, size_t length); + +/* + * Set an emitter error and return 0. + */ + +static int +yaml_emitter_set_emitter_error(yaml_emitter_t *emitter, const char *problem) +{ + emitter->error = YAML_EMITTER_ERROR; + emitter->problem = problem; + + return 0; +} + +/* + * Emit an event. + */ + +YAML_DECLARE(int) +yaml_emitter_emit(yaml_emitter_t *emitter, yaml_event_t *event) +{ + if (!ENQUEUE(emitter, emitter->events, *event)) { + yaml_event_delete(event); + return 0; + } + + while (!yaml_emitter_need_more_events(emitter)) { + if (!yaml_emitter_analyze_event(emitter, emitter->events.head)) + return 0; + if (!yaml_emitter_state_machine(emitter, emitter->events.head)) + return 0; + yaml_event_delete(&DEQUEUE(emitter, emitter->events)); + } + + return 1; +} + +/* + * Check if we need to accumulate more events before emitting. + * + * We accumulate extra + * - 1 event for DOCUMENT-START + * - 2 events for SEQUENCE-START + * - 3 events for MAPPING-START + */ + +static int +yaml_emitter_need_more_events(yaml_emitter_t *emitter) +{ + int level = 0; + int accumulate = 0; + yaml_event_t *event; + + if (QUEUE_EMPTY(emitter, emitter->events)) + return 1; + + switch (emitter->events.head->type) { + case YAML_DOCUMENT_START_EVENT: + accumulate = 1; + break; + case YAML_SEQUENCE_START_EVENT: + accumulate = 2; + break; + case YAML_MAPPING_START_EVENT: + accumulate = 3; + break; + default: + return 0; + } + + if (emitter->events.tail - emitter->events.head > accumulate) + return 0; + + for (event = emitter->events.head; event != emitter->events.tail; event ++) { + switch (event->type) { + case YAML_STREAM_START_EVENT: + case YAML_DOCUMENT_START_EVENT: + case YAML_SEQUENCE_START_EVENT: + case YAML_MAPPING_START_EVENT: + level += 1; + break; + case YAML_STREAM_END_EVENT: + case YAML_DOCUMENT_END_EVENT: + case YAML_SEQUENCE_END_EVENT: + case YAML_MAPPING_END_EVENT: + level -= 1; + break; + default: + break; + } + if (!level) + return 0; + } + + return 1; +} + +/* + * Append a directive to the directives stack. + */ + +static int +yaml_emitter_append_tag_directive(yaml_emitter_t *emitter, + yaml_tag_directive_t value, int allow_duplicates) +{ + yaml_tag_directive_t *tag_directive; + yaml_tag_directive_t copy = { NULL, NULL }; + + for (tag_directive = emitter->tag_directives.start; + tag_directive != emitter->tag_directives.top; tag_directive ++) { + if (strcmp((char *)value.handle, (char *)tag_directive->handle) == 0) { + if (allow_duplicates) + return 1; + return yaml_emitter_set_emitter_error(emitter, + "duplicate %TAG directive"); + } + } + + copy.handle = yaml_strdup(value.handle); + copy.prefix = yaml_strdup(value.prefix); + if (!copy.handle || !copy.prefix) { + emitter->error = YAML_MEMORY_ERROR; + goto error; + } + + if (!PUSH(emitter, emitter->tag_directives, copy)) + goto error; + + return 1; + +error: + yaml_free(copy.handle); + yaml_free(copy.prefix); + return 0; +} + +/* + * Increase the indentation level. + */ + +static int +yaml_emitter_increase_indent(yaml_emitter_t *emitter, + int flow, int indentless) +{ + if (!PUSH(emitter, emitter->indents, emitter->indent)) + return 0; + + if (emitter->indent < 0) { + emitter->indent = flow ? emitter->best_indent : 0; + } + else if (!indentless) { + emitter->indent += emitter->best_indent; + } + + return 1; +} + +/* + * State dispatcher. + */ + +static int +yaml_emitter_state_machine(yaml_emitter_t *emitter, yaml_event_t *event) +{ + switch (emitter->state) + { + case YAML_EMIT_STREAM_START_STATE: + return yaml_emitter_emit_stream_start(emitter, event); + + case YAML_EMIT_FIRST_DOCUMENT_START_STATE: + return yaml_emitter_emit_document_start(emitter, event, 1); + + case YAML_EMIT_DOCUMENT_START_STATE: + return yaml_emitter_emit_document_start(emitter, event, 0); + + case YAML_EMIT_DOCUMENT_CONTENT_STATE: + return yaml_emitter_emit_document_content(emitter, event); + + case YAML_EMIT_DOCUMENT_END_STATE: + return yaml_emitter_emit_document_end(emitter, event); + + case YAML_EMIT_FLOW_SEQUENCE_FIRST_ITEM_STATE: + return yaml_emitter_emit_flow_sequence_item(emitter, event, 1); + + case YAML_EMIT_FLOW_SEQUENCE_ITEM_STATE: + return yaml_emitter_emit_flow_sequence_item(emitter, event, 0); + + case YAML_EMIT_FLOW_MAPPING_FIRST_KEY_STATE: + return yaml_emitter_emit_flow_mapping_key(emitter, event, 1); + + case YAML_EMIT_FLOW_MAPPING_KEY_STATE: + return yaml_emitter_emit_flow_mapping_key(emitter, event, 0); + + case YAML_EMIT_FLOW_MAPPING_SIMPLE_VALUE_STATE: + return yaml_emitter_emit_flow_mapping_value(emitter, event, 1); + + case YAML_EMIT_FLOW_MAPPING_VALUE_STATE: + return yaml_emitter_emit_flow_mapping_value(emitter, event, 0); + + case YAML_EMIT_BLOCK_SEQUENCE_FIRST_ITEM_STATE: + return yaml_emitter_emit_block_sequence_item(emitter, event, 1); + + case YAML_EMIT_BLOCK_SEQUENCE_ITEM_STATE: + return yaml_emitter_emit_block_sequence_item(emitter, event, 0); + + case YAML_EMIT_BLOCK_MAPPING_FIRST_KEY_STATE: + return yaml_emitter_emit_block_mapping_key(emitter, event, 1); + + case YAML_EMIT_BLOCK_MAPPING_KEY_STATE: + return yaml_emitter_emit_block_mapping_key(emitter, event, 0); + + case YAML_EMIT_BLOCK_MAPPING_SIMPLE_VALUE_STATE: + return yaml_emitter_emit_block_mapping_value(emitter, event, 1); + + case YAML_EMIT_BLOCK_MAPPING_VALUE_STATE: + return yaml_emitter_emit_block_mapping_value(emitter, event, 0); + + case YAML_EMIT_END_STATE: + return yaml_emitter_set_emitter_error(emitter, + "expected nothing after STREAM-END"); + + default: + assert(1); /* Invalid state. */ + } + + return 0; +} + +/* + * Expect STREAM-START. + */ + +static int +yaml_emitter_emit_stream_start(yaml_emitter_t *emitter, + yaml_event_t *event) +{ + if (event->type == YAML_STREAM_START_EVENT) + { + if (!emitter->encoding) { + emitter->encoding = event->data.stream_start.encoding; + } + + if (!emitter->encoding) { + emitter->encoding = YAML_UTF8_ENCODING; + } + + if (emitter->best_indent < 2 || emitter->best_indent > 9) { + emitter->best_indent = 2; + } + + if (emitter->best_width >= 0 + && emitter->best_width <= emitter->best_indent*2) { + emitter->best_width = 80; + } + + if (emitter->best_width < 0) { + emitter->best_width = INT_MAX; + } + + if (!emitter->line_break) { + emitter->line_break = YAML_LN_BREAK; + } + + emitter->indent = -1; + + emitter->line = 0; + emitter->column = 0; + emitter->whitespace = 1; + emitter->indention = 1; + + if (emitter->encoding != YAML_UTF8_ENCODING) { + if (!yaml_emitter_write_bom(emitter)) + return 0; + } + + emitter->state = YAML_EMIT_FIRST_DOCUMENT_START_STATE; + + return 1; + } + + return yaml_emitter_set_emitter_error(emitter, + "expected STREAM-START"); +} + +/* + * Expect DOCUMENT-START or STREAM-END. + */ + +static int +yaml_emitter_emit_document_start(yaml_emitter_t *emitter, + yaml_event_t *event, int first) +{ + if (event->type == YAML_DOCUMENT_START_EVENT) + { + yaml_tag_directive_t default_tag_directives[] = { + {(yaml_char_t *)"!", (yaml_char_t *)"!"}, + {(yaml_char_t *)"!!", (yaml_char_t *)"tag:yaml.org,2002:"}, + {NULL, NULL} + }; + yaml_tag_directive_t *tag_directive; + int implicit; + + if (event->data.document_start.titleVersion_directive) { + if (!yaml_emitter_analyze_titleVersion_directive(emitter, + *event->data.document_start.titleVersion_directive)) + return 0; + } + + for (tag_directive = event->data.document_start.tag_directives.start; + tag_directive != event->data.document_start.tag_directives.end; + tag_directive ++) { + if (!yaml_emitter_analyze_tag_directive(emitter, *tag_directive)) + return 0; + if (!yaml_emitter_append_tag_directive(emitter, *tag_directive, 0)) + return 0; + } + + for (tag_directive = default_tag_directives; + tag_directive->handle; tag_directive ++) { + if (!yaml_emitter_append_tag_directive(emitter, *tag_directive, 1)) + return 0; + } + + implicit = event->data.document_start.implicit; + if (!first || emitter->canonical) { + implicit = 0; + } + + if ((event->data.document_start.titleVersion_directive || + (event->data.document_start.tag_directives.start + != event->data.document_start.tag_directives.end)) && + emitter->open_ended) + { + if (!yaml_emitter_write_indicator(emitter, "...", 1, 0, 0)) + return 0; + if (!yaml_emitter_write_indent(emitter)) + return 0; + } + + if (event->data.document_start.titleVersion_directive) { + implicit = 0; + if (!yaml_emitter_write_indicator(emitter, "%YAML", 1, 0, 0)) + return 0; + if (!yaml_emitter_write_indicator(emitter, "1.1", 1, 0, 0)) + return 0; + if (!yaml_emitter_write_indent(emitter)) + return 0; + } + + if (event->data.document_start.tag_directives.start + != event->data.document_start.tag_directives.end) { + implicit = 0; + for (tag_directive = event->data.document_start.tag_directives.start; + tag_directive != event->data.document_start.tag_directives.end; + tag_directive ++) { + if (!yaml_emitter_write_indicator(emitter, "%TAG", 1, 0, 0)) + return 0; + if (!yaml_emitter_write_tag_handle(emitter, tag_directive->handle, + strlen((char *)tag_directive->handle))) + return 0; + if (!yaml_emitter_write_tag_content(emitter, tag_directive->prefix, + strlen((char *)tag_directive->prefix), 1)) + return 0; + if (!yaml_emitter_write_indent(emitter)) + return 0; + } + } + + if (yaml_emitter_check_empty_document(emitter)) { + implicit = 0; + } + + if (!implicit) { + if (!yaml_emitter_write_indent(emitter)) + return 0; + if (!yaml_emitter_write_indicator(emitter, "---", 1, 0, 0)) + return 0; + if (emitter->canonical) { + if (!yaml_emitter_write_indent(emitter)) + return 0; + } + } + + emitter->state = YAML_EMIT_DOCUMENT_CONTENT_STATE; + + return 1; + } + + else if (event->type == YAML_STREAM_END_EVENT) + { + if (emitter->open_ended) + { + if (!yaml_emitter_write_indicator(emitter, "...", 1, 0, 0)) + return 0; + if (!yaml_emitter_write_indent(emitter)) + return 0; + } + + if (!yaml_emitter_flush(emitter)) + return 0; + + emitter->state = YAML_EMIT_END_STATE; + + return 1; + } + + return yaml_emitter_set_emitter_error(emitter, + "expected DOCUMENT-START or STREAM-END"); +} + +/* + * Expect the root node. + */ + +static int +yaml_emitter_emit_document_content(yaml_emitter_t *emitter, + yaml_event_t *event) +{ + if (!PUSH(emitter, emitter->states, YAML_EMIT_DOCUMENT_END_STATE)) + return 0; + + return yaml_emitter_emit_node(emitter, event, 1, 0, 0, 0); +} + +/* + * Expect DOCUMENT-END. + */ + +static int +yaml_emitter_emit_document_end(yaml_emitter_t *emitter, + yaml_event_t *event) +{ + if (event->type == YAML_DOCUMENT_END_EVENT) + { + if (!yaml_emitter_write_indent(emitter)) + return 0; + if (!event->data.document_end.implicit) { + if (!yaml_emitter_write_indicator(emitter, "...", 1, 0, 0)) + return 0; + if (!yaml_emitter_write_indent(emitter)) + return 0; + } + if (!yaml_emitter_flush(emitter)) + return 0; + + emitter->state = YAML_EMIT_DOCUMENT_START_STATE; + + while (!STACK_EMPTY(emitter, emitter->tag_directives)) { + yaml_tag_directive_t tag_directive = POP(emitter, + emitter->tag_directives); + yaml_free(tag_directive.handle); + yaml_free(tag_directive.prefix); + } + + return 1; + } + + return yaml_emitter_set_emitter_error(emitter, + "expected DOCUMENT-END"); +} + +/* + * + * Expect a flow item node. + */ + +static int +yaml_emitter_emit_flow_sequence_item(yaml_emitter_t *emitter, + yaml_event_t *event, int first) +{ + if (first) + { + if (!yaml_emitter_write_indicator(emitter, "[", 1, 1, 0)) + return 0; + if (!yaml_emitter_increase_indent(emitter, 1, 0)) + return 0; + emitter->flow_level ++; + } + + if (event->type == YAML_SEQUENCE_END_EVENT) + { + emitter->flow_level --; + emitter->indent = POP(emitter, emitter->indents); + if (emitter->canonical && !first) { + if (!yaml_emitter_write_indicator(emitter, ",", 0, 0, 0)) + return 0; + if (!yaml_emitter_write_indent(emitter)) + return 0; + } + if (!yaml_emitter_write_indicator(emitter, "]", 0, 0, 0)) + return 0; + emitter->state = POP(emitter, emitter->states); + + return 1; + } + + if (!first) { + if (!yaml_emitter_write_indicator(emitter, ",", 0, 0, 0)) + return 0; + } + + if (emitter->canonical || emitter->column > emitter->best_width) { + if (!yaml_emitter_write_indent(emitter)) + return 0; + } + if (!PUSH(emitter, emitter->states, YAML_EMIT_FLOW_SEQUENCE_ITEM_STATE)) + return 0; + + return yaml_emitter_emit_node(emitter, event, 0, 1, 0, 0); +} + +/* + * Expect a flow key node. + */ + +static int +yaml_emitter_emit_flow_mapping_key(yaml_emitter_t *emitter, + yaml_event_t *event, int first) +{ + if (first) + { + if (!yaml_emitter_write_indicator(emitter, "{", 1, 1, 0)) + return 0; + if (!yaml_emitter_increase_indent(emitter, 1, 0)) + return 0; + emitter->flow_level ++; + } + + if (event->type == YAML_MAPPING_END_EVENT) + { + emitter->flow_level --; + emitter->indent = POP(emitter, emitter->indents); + if (emitter->canonical && !first) { + if (!yaml_emitter_write_indicator(emitter, ",", 0, 0, 0)) + return 0; + if (!yaml_emitter_write_indent(emitter)) + return 0; + } + if (!yaml_emitter_write_indicator(emitter, "}", 0, 0, 0)) + return 0; + emitter->state = POP(emitter, emitter->states); + + return 1; + } + + if (!first) { + if (!yaml_emitter_write_indicator(emitter, ",", 0, 0, 0)) + return 0; + } + if (emitter->canonical || emitter->column > emitter->best_width) { + if (!yaml_emitter_write_indent(emitter)) + return 0; + } + + if (!emitter->canonical && yaml_emitter_check_simple_key(emitter)) + { + if (!PUSH(emitter, emitter->states, + YAML_EMIT_FLOW_MAPPING_SIMPLE_VALUE_STATE)) + return 0; + + return yaml_emitter_emit_node(emitter, event, 0, 0, 1, 1); + } + else + { + if (!yaml_emitter_write_indicator(emitter, "?", 1, 0, 0)) + return 0; + if (!PUSH(emitter, emitter->states, + YAML_EMIT_FLOW_MAPPING_VALUE_STATE)) + return 0; + + return yaml_emitter_emit_node(emitter, event, 0, 0, 1, 0); + } +} + +/* + * Expect a flow value node. + */ + +static int +yaml_emitter_emit_flow_mapping_value(yaml_emitter_t *emitter, + yaml_event_t *event, int simple) +{ + if (simple) { + if (!yaml_emitter_write_indicator(emitter, ":", 0, 0, 0)) + return 0; + } + else { + if (emitter->canonical || emitter->column > emitter->best_width) { + if (!yaml_emitter_write_indent(emitter)) + return 0; + } + if (!yaml_emitter_write_indicator(emitter, ":", 1, 0, 0)) + return 0; + } + if (!PUSH(emitter, emitter->states, YAML_EMIT_FLOW_MAPPING_KEY_STATE)) + return 0; + return yaml_emitter_emit_node(emitter, event, 0, 0, 1, 0); +} + +/* + * Expect a block item node. + */ + +static int +yaml_emitter_emit_block_sequence_item(yaml_emitter_t *emitter, + yaml_event_t *event, int first) +{ + if (first) + { + if (!yaml_emitter_increase_indent(emitter, 0, + (emitter->mapping_context && !emitter->indention))) + return 0; + } + + if (event->type == YAML_SEQUENCE_END_EVENT) + { + emitter->indent = POP(emitter, emitter->indents); + emitter->state = POP(emitter, emitter->states); + + return 1; + } + + if (!yaml_emitter_write_indent(emitter)) + return 0; + if (!yaml_emitter_write_indicator(emitter, "-", 1, 0, 1)) + return 0; + if (!PUSH(emitter, emitter->states, + YAML_EMIT_BLOCK_SEQUENCE_ITEM_STATE)) + return 0; + + return yaml_emitter_emit_node(emitter, event, 0, 1, 0, 0); +} + +/* + * Expect a block key node. + */ + +static int +yaml_emitter_emit_block_mapping_key(yaml_emitter_t *emitter, + yaml_event_t *event, int first) +{ + if (first) + { + if (!yaml_emitter_increase_indent(emitter, 0, 0)) + return 0; + } + + if (event->type == YAML_MAPPING_END_EVENT) + { + emitter->indent = POP(emitter, emitter->indents); + emitter->state = POP(emitter, emitter->states); + + return 1; + } + + if (!yaml_emitter_write_indent(emitter)) + return 0; + + if (yaml_emitter_check_simple_key(emitter)) + { + if (!PUSH(emitter, emitter->states, + YAML_EMIT_BLOCK_MAPPING_SIMPLE_VALUE_STATE)) + return 0; + + return yaml_emitter_emit_node(emitter, event, 0, 0, 1, 1); + } + else + { + if (!yaml_emitter_write_indicator(emitter, "?", 1, 0, 1)) + return 0; + if (!PUSH(emitter, emitter->states, + YAML_EMIT_BLOCK_MAPPING_VALUE_STATE)) + return 0; + + return yaml_emitter_emit_node(emitter, event, 0, 0, 1, 0); + } +} + +/* + * Expect a block value node. + */ + +static int +yaml_emitter_emit_block_mapping_value(yaml_emitter_t *emitter, + yaml_event_t *event, int simple) +{ + if (simple) { + if (!yaml_emitter_write_indicator(emitter, ":", 0, 0, 0)) + return 0; + } + else { + if (!yaml_emitter_write_indent(emitter)) + return 0; + if (!yaml_emitter_write_indicator(emitter, ":", 1, 0, 1)) + return 0; + } + if (!PUSH(emitter, emitter->states, + YAML_EMIT_BLOCK_MAPPING_KEY_STATE)) + return 0; + + return yaml_emitter_emit_node(emitter, event, 0, 0, 1, 0); +} + +/* + * Expect a node. + */ + +static int +yaml_emitter_emit_node(yaml_emitter_t *emitter, yaml_event_t *event, + int root, int sequence, int mapping, int simple_key) +{ + emitter->root_context = root; + emitter->sequence_context = sequence; + emitter->mapping_context = mapping; + emitter->simple_key_context = simple_key; + + switch (event->type) + { + case YAML_ALIAS_EVENT: + return yaml_emitter_emit_alias(emitter, event); + + case YAML_SCALAR_EVENT: + return yaml_emitter_emit_scalar(emitter, event); + + case YAML_SEQUENCE_START_EVENT: + return yaml_emitter_emit_sequence_start(emitter, event); + + case YAML_MAPPING_START_EVENT: + return yaml_emitter_emit_mapping_start(emitter, event); + + default: + return yaml_emitter_set_emitter_error(emitter, + "expected SCALAR, SEQUENCE-START, MAPPING-START, or ALIAS"); + } + + return 0; +} + +/* + * Expect ALIAS. + */ + +static int +yaml_emitter_emit_alias(yaml_emitter_t *emitter, yaml_event_t *event) +{ + if (!yaml_emitter_process_anchor(emitter)) + return 0; + emitter->state = POP(emitter, emitter->states); + + return 1; +} + +/* + * Expect SCALAR. + */ + +static int +yaml_emitter_emit_scalar(yaml_emitter_t *emitter, yaml_event_t *event) +{ + if (!yaml_emitter_select_scalar_style(emitter, event)) + return 0; + if (!yaml_emitter_process_anchor(emitter)) + return 0; + if (!yaml_emitter_process_tag(emitter)) + return 0; + if (!yaml_emitter_increase_indent(emitter, 1, 0)) + return 0; + if (!yaml_emitter_process_scalar(emitter)) + return 0; + emitter->indent = POP(emitter, emitter->indents); + emitter->state = POP(emitter, emitter->states); + + return 1; +} + +/* + * Expect SEQUENCE-START. + */ + +static int +yaml_emitter_emit_sequence_start(yaml_emitter_t *emitter, yaml_event_t *event) +{ + if (!yaml_emitter_process_anchor(emitter)) + return 0; + if (!yaml_emitter_process_tag(emitter)) + return 0; + + if (emitter->flow_level || emitter->canonical + || event->data.sequence_start.style == YAML_FLOW_SEQUENCE_STYLE + || yaml_emitter_check_empty_sequence(emitter)) { + emitter->state = YAML_EMIT_FLOW_SEQUENCE_FIRST_ITEM_STATE; + } + else { + emitter->state = YAML_EMIT_BLOCK_SEQUENCE_FIRST_ITEM_STATE; + } + + return 1; +} + +/* + * Expect MAPPING-START. + */ + +static int +yaml_emitter_emit_mapping_start(yaml_emitter_t *emitter, yaml_event_t *event) +{ + if (!yaml_emitter_process_anchor(emitter)) + return 0; + if (!yaml_emitter_process_tag(emitter)) + return 0; + + if (emitter->flow_level || emitter->canonical + || event->data.mapping_start.style == YAML_FLOW_MAPPING_STYLE + || yaml_emitter_check_empty_mapping(emitter)) { + emitter->state = YAML_EMIT_FLOW_MAPPING_FIRST_KEY_STATE; + } + else { + emitter->state = YAML_EMIT_BLOCK_MAPPING_FIRST_KEY_STATE; + } + + return 1; +} + +/* + * Check if the document content is an empty scalar. + */ + +static int +yaml_emitter_check_empty_document(yaml_emitter_t *emitter) +{ + return 0; +} + +/* + * Check if the next events represent an empty sequence. + */ + +static int +yaml_emitter_check_empty_sequence(yaml_emitter_t *emitter) +{ + if (emitter->events.tail - emitter->events.head < 2) + return 0; + + return (emitter->events.head[0].type == YAML_SEQUENCE_START_EVENT + && emitter->events.head[1].type == YAML_SEQUENCE_END_EVENT); +} + +/* + * Check if the next events represent an empty mapping. + */ + +static int +yaml_emitter_check_empty_mapping(yaml_emitter_t *emitter) +{ + if (emitter->events.tail - emitter->events.head < 2) + return 0; + + return (emitter->events.head[0].type == YAML_MAPPING_START_EVENT + && emitter->events.head[1].type == YAML_MAPPING_END_EVENT); +} + +/* + * Check if the next node can be expressed as a simple key. + */ + +static int +yaml_emitter_check_simple_key(yaml_emitter_t *emitter) +{ + yaml_event_t *event = emitter->events.head; + size_t length = 0; + + switch (event->type) + { + case YAML_ALIAS_EVENT: + length += emitter->anchor_data.anchor_length; + break; + + case YAML_SCALAR_EVENT: + if (emitter->scalar_data.multiline) + return 0; + length += emitter->anchor_data.anchor_length + + emitter->tag_data.handle_length + + emitter->tag_data.suffix_length + + emitter->scalar_data.length; + break; + + case YAML_SEQUENCE_START_EVENT: + if (!yaml_emitter_check_empty_sequence(emitter)) + return 0; + length += emitter->anchor_data.anchor_length + + emitter->tag_data.handle_length + + emitter->tag_data.suffix_length; + break; + + case YAML_MAPPING_START_EVENT: + if (!yaml_emitter_check_empty_mapping(emitter)) + return 0; + length += emitter->anchor_data.anchor_length + + emitter->tag_data.handle_length + + emitter->tag_data.suffix_length; + break; + + default: + return 0; + } + + if (length > 128) + return 0; + + return 1; +} + +/* + * Determine an acceptable scalar style. + */ + +static int +yaml_emitter_select_scalar_style(yaml_emitter_t *emitter, yaml_event_t *event) +{ + yaml_scalar_style_t style = event->data.scalar.style; + int no_tag = (!emitter->tag_data.handle && !emitter->tag_data.suffix); + + if (no_tag && !event->data.scalar.plain_implicit + && !event->data.scalar.quoted_implicit) { + return yaml_emitter_set_emitter_error(emitter, + "neither tag nor implicit flags are specified"); + } + + if (style == YAML_ANY_SCALAR_STYLE) + style = YAML_PLAIN_SCALAR_STYLE; + + if (emitter->canonical) + style = YAML_DOUBLE_QUOTED_SCALAR_STYLE; + + if (emitter->simple_key_context && emitter->scalar_data.multiline) + style = YAML_DOUBLE_QUOTED_SCALAR_STYLE; + + if (style == YAML_PLAIN_SCALAR_STYLE) + { + if ((emitter->flow_level && !emitter->scalar_data.flow_plain_allowed) + || (!emitter->flow_level && !emitter->scalar_data.block_plain_allowed)) + style = YAML_SINGLE_QUOTED_SCALAR_STYLE; + if (!emitter->scalar_data.length + && (emitter->flow_level || emitter->simple_key_context)) + style = YAML_SINGLE_QUOTED_SCALAR_STYLE; + if (no_tag && !event->data.scalar.plain_implicit) + style = YAML_SINGLE_QUOTED_SCALAR_STYLE; + } + + if (style == YAML_SINGLE_QUOTED_SCALAR_STYLE) + { + if (!emitter->scalar_data.single_quoted_allowed) + style = YAML_DOUBLE_QUOTED_SCALAR_STYLE; + } + + if (style == YAML_LITERAL_SCALAR_STYLE || style == YAML_FOLDED_SCALAR_STYLE) + { + if (!emitter->scalar_data.block_allowed + || emitter->flow_level || emitter->simple_key_context) + style = YAML_DOUBLE_QUOTED_SCALAR_STYLE; + } + + if (no_tag && !event->data.scalar.quoted_implicit + && style != YAML_PLAIN_SCALAR_STYLE) + { + emitter->tag_data.handle = (yaml_char_t *)"!"; + emitter->tag_data.handle_length = 1; + } + + emitter->scalar_data.style = style; + + return 1; +} + +/* + * Write an achor. + */ + +static int +yaml_emitter_process_anchor(yaml_emitter_t *emitter) +{ + if (!emitter->anchor_data.anchor) + return 1; + + if (!yaml_emitter_write_indicator(emitter, + (emitter->anchor_data.alias ? "*" : "&"), 1, 0, 0)) + return 0; + + return yaml_emitter_write_anchor(emitter, + emitter->anchor_data.anchor, emitter->anchor_data.anchor_length); +} + +/* + * Write a tag. + */ + +static int +yaml_emitter_process_tag(yaml_emitter_t *emitter) +{ + if (!emitter->tag_data.handle && !emitter->tag_data.suffix) + return 1; + + if (emitter->tag_data.handle) + { + if (!yaml_emitter_write_tag_handle(emitter, emitter->tag_data.handle, + emitter->tag_data.handle_length)) + return 0; + if (emitter->tag_data.suffix) { + if (!yaml_emitter_write_tag_content(emitter, emitter->tag_data.suffix, + emitter->tag_data.suffix_length, 0)) + return 0; + } + } + else + { + if (!yaml_emitter_write_indicator(emitter, "!<", 1, 0, 0)) + return 0; + if (!yaml_emitter_write_tag_content(emitter, emitter->tag_data.suffix, + emitter->tag_data.suffix_length, 0)) + return 0; + if (!yaml_emitter_write_indicator(emitter, ">", 0, 0, 0)) + return 0; + } + + return 1; +} + +/* + * Write a scalar. + */ + +static int +yaml_emitter_process_scalar(yaml_emitter_t *emitter) +{ + switch (emitter->scalar_data.style) + { + case YAML_PLAIN_SCALAR_STYLE: + return yaml_emitter_write_plain_scalar(emitter, + emitter->scalar_data.value, emitter->scalar_data.length, + !emitter->simple_key_context); + + case YAML_SINGLE_QUOTED_SCALAR_STYLE: + return yaml_emitter_write_single_quoted_scalar(emitter, + emitter->scalar_data.value, emitter->scalar_data.length, + !emitter->simple_key_context); + + case YAML_DOUBLE_QUOTED_SCALAR_STYLE: + return yaml_emitter_write_double_quoted_scalar(emitter, + emitter->scalar_data.value, emitter->scalar_data.length, + !emitter->simple_key_context); + + case YAML_LITERAL_SCALAR_STYLE: + return yaml_emitter_write_literal_scalar(emitter, + emitter->scalar_data.value, emitter->scalar_data.length); + + case YAML_FOLDED_SCALAR_STYLE: + return yaml_emitter_write_folded_scalar(emitter, + emitter->scalar_data.value, emitter->scalar_data.length); + + default: + assert(1); /* Impossible. */ + } + + return 0; +} + +/* + * Check if a %YAML directive is valid. + */ + +static int +yaml_emitter_analyze_titleVersion_directive(yaml_emitter_t *emitter, + yaml_titleVersion_directive_t titleVersion_directive) +{ + if (titleVersion_directive.major != 1 || titleVersion_directive.minor != 1) { + return yaml_emitter_set_emitter_error(emitter, + "incompatible %YAML directive"); + } + + return 1; +} + +/* + * Check if a %TAG directive is valid. + */ + +static int +yaml_emitter_analyze_tag_directive(yaml_emitter_t *emitter, + yaml_tag_directive_t tag_directive) +{ + yaml_string_t handle; + yaml_string_t prefix; + size_t handle_length; + size_t prefix_length; + + handle_length = strlen((char *)tag_directive.handle); + prefix_length = strlen((char *)tag_directive.prefix); + STRING_ASSIGN(handle, tag_directive.handle, handle_length); + STRING_ASSIGN(prefix, tag_directive.prefix, prefix_length); + + if (handle.start == handle.end) { + return yaml_emitter_set_emitter_error(emitter, + "tag handle must not be empty"); + } + + if (handle.start[0] != '!') { + return yaml_emitter_set_emitter_error(emitter, + "tag handle must start with '!'"); + } + + if (handle.end[-1] != '!') { + return yaml_emitter_set_emitter_error(emitter, + "tag handle must end with '!'"); + } + + handle.pointer ++; + + while (handle.pointer < handle.end-1) { + if (!IS_ALPHA(handle)) { + return yaml_emitter_set_emitter_error(emitter, + "tag handle must contain alphanumerical characters only"); + } + MOVE(handle); + } + + if (prefix.start == prefix.end) { + return yaml_emitter_set_emitter_error(emitter, + "tag prefix must not be empty"); + } + + return 1; +} + +/* + * Check if an anchor is valid. + */ + +static int +yaml_emitter_analyze_anchor(yaml_emitter_t *emitter, + yaml_char_t *anchor, int alias) +{ + size_t anchor_length; + yaml_string_t string; + + anchor_length = strlen((char *)anchor); + STRING_ASSIGN(string, anchor, anchor_length); + + if (string.start == string.end) { + return yaml_emitter_set_emitter_error(emitter, alias ? + "alias value must not be empty" : + "anchor value must not be empty"); + } + + while (string.pointer != string.end) { + if (!IS_ALPHA(string)) { + return yaml_emitter_set_emitter_error(emitter, alias ? + "alias value must contain alphanumerical characters only" : + "anchor value must contain alphanumerical characters only"); + } + MOVE(string); + } + + emitter->anchor_data.anchor = string.start; + emitter->anchor_data.anchor_length = string.end - string.start; + emitter->anchor_data.alias = alias; + + return 1; +} + +/* + * Check if a tag is valid. + */ + +static int +yaml_emitter_analyze_tag(yaml_emitter_t *emitter, + yaml_char_t *tag) +{ + size_t tag_length; + yaml_string_t string; + yaml_tag_directive_t *tag_directive; + + tag_length = strlen((char *)tag); + STRING_ASSIGN(string, tag, tag_length); + + if (string.start == string.end) { + return yaml_emitter_set_emitter_error(emitter, + "tag value must not be empty"); + } + + for (tag_directive = emitter->tag_directives.start; + tag_directive != emitter->tag_directives.top; tag_directive ++) { + size_t prefix_length = strlen((char *)tag_directive->prefix); + if (prefix_length < (size_t)(string.end - string.start) + && strncmp((char *)tag_directive->prefix, (char *)string.start, + prefix_length) == 0) + { + emitter->tag_data.handle = tag_directive->handle; + emitter->tag_data.handle_length = + strlen((char *)tag_directive->handle); + emitter->tag_data.suffix = string.start + prefix_length; + emitter->tag_data.suffix_length = + (string.end - string.start) - prefix_length; + return 1; + } + } + + emitter->tag_data.suffix = string.start; + emitter->tag_data.suffix_length = string.end - string.start; + + return 1; +} + +/* + * Check if a scalar is valid. + */ + +static int +yaml_emitter_analyze_scalar(yaml_emitter_t *emitter, + yaml_char_t *value, size_t length) +{ + yaml_string_t string; + + int block_indicators = 0; + int flow_indicators = 0; + int line_breaks = 0; + int special_characters = 0; + + int leading_space = 0; + int leading_break = 0; + int trailing_space = 0; + int trailing_break = 0; + int break_space = 0; + int space_break = 0; + + int preceeded_by_whitespace = 0; + int followed_by_whitespace = 0; + int previous_space = 0; + int previous_break = 0; + + STRING_ASSIGN(string, value, length); + + emitter->scalar_data.value = value; + emitter->scalar_data.length = length; + + if (string.start == string.end) + { + emitter->scalar_data.multiline = 0; + emitter->scalar_data.flow_plain_allowed = 0; + emitter->scalar_data.block_plain_allowed = 1; + emitter->scalar_data.single_quoted_allowed = 1; + emitter->scalar_data.block_allowed = 0; + + return 1; + } + + if ((CHECK_AT(string, '-', 0) + && CHECK_AT(string, '-', 1) + && CHECK_AT(string, '-', 2)) + || (CHECK_AT(string, '.', 0) + && CHECK_AT(string, '.', 1) + && CHECK_AT(string, '.', 2))) { + block_indicators = 1; + flow_indicators = 1; + } + + preceeded_by_whitespace = 1; + followed_by_whitespace = IS_BLANKZ_AT(string, WIDTH(string)); + + while (string.pointer != string.end) + { + if (string.start == string.pointer) + { + if (CHECK(string, '#') || CHECK(string, ',') + || CHECK(string, '[') || CHECK(string, ']') + || CHECK(string, '{') || CHECK(string, '}') + || CHECK(string, '&') || CHECK(string, '*') + || CHECK(string, '!') || CHECK(string, '|') + || CHECK(string, '>') || CHECK(string, '\'') + || CHECK(string, '"') || CHECK(string, '%') + || CHECK(string, '@') || CHECK(string, '`')) { + flow_indicators = 1; + block_indicators = 1; + } + + if (CHECK(string, '?') || CHECK(string, ':')) { + flow_indicators = 1; + if (followed_by_whitespace) { + block_indicators = 1; + } + } + + if (CHECK(string, '-') && followed_by_whitespace) { + flow_indicators = 1; + block_indicators = 1; + } + } + else + { + if (CHECK(string, ',') || CHECK(string, '?') + || CHECK(string, '[') || CHECK(string, ']') + || CHECK(string, '{') || CHECK(string, '}')) { + flow_indicators = 1; + } + + if (CHECK(string, ':')) { + flow_indicators = 1; + if (followed_by_whitespace) { + block_indicators = 1; + } + } + + if (CHECK(string, '#') && preceeded_by_whitespace) { + flow_indicators = 1; + block_indicators = 1; + } + } + + if (!IS_PRINTABLE(string) + || (!IS_ASCII(string) && !emitter->unicode)) { + special_characters = 1; + } + + if (IS_BREAK(string)) { + line_breaks = 1; + } + + if (IS_SPACE(string)) + { + if (string.start == string.pointer) { + leading_space = 1; + } + if (string.pointer+WIDTH(string) == string.end) { + trailing_space = 1; + } + if (previous_break) { + break_space = 1; + } + previous_space = 1; + previous_break = 0; + } + else if (IS_BREAK(string)) + { + if (string.start == string.pointer) { + leading_break = 1; + } + if (string.pointer+WIDTH(string) == string.end) { + trailing_break = 1; + } + if (previous_space) { + space_break = 1; + } + previous_space = 0; + previous_break = 1; + } + else + { + previous_space = 0; + previous_break = 0; + } + + preceeded_by_whitespace = IS_BLANKZ(string); + MOVE(string); + if (string.pointer != string.end) { + followed_by_whitespace = IS_BLANKZ_AT(string, WIDTH(string)); + } + } + + emitter->scalar_data.multiline = line_breaks; + + emitter->scalar_data.flow_plain_allowed = 1; + emitter->scalar_data.block_plain_allowed = 1; + emitter->scalar_data.single_quoted_allowed = 1; + emitter->scalar_data.block_allowed = 1; + + if (leading_space || leading_break || trailing_space || trailing_break) { + emitter->scalar_data.flow_plain_allowed = 0; + emitter->scalar_data.block_plain_allowed = 0; + } + + if (trailing_space) { + emitter->scalar_data.block_allowed = 0; + } + + if (break_space) { + emitter->scalar_data.flow_plain_allowed = 0; + emitter->scalar_data.block_plain_allowed = 0; + emitter->scalar_data.single_quoted_allowed = 0; + } + + if (space_break || special_characters) { + emitter->scalar_data.flow_plain_allowed = 0; + emitter->scalar_data.block_plain_allowed = 0; + emitter->scalar_data.single_quoted_allowed = 0; + emitter->scalar_data.block_allowed = 0; + } + + if (line_breaks) { + emitter->scalar_data.flow_plain_allowed = 0; + emitter->scalar_data.block_plain_allowed = 0; + } + + if (flow_indicators) { + emitter->scalar_data.flow_plain_allowed = 0; + } + + if (block_indicators) { + emitter->scalar_data.block_plain_allowed = 0; + } + + return 1; +} + +/* + * Check if the event data is valid. + */ + +static int +yaml_emitter_analyze_event(yaml_emitter_t *emitter, + yaml_event_t *event) +{ + emitter->anchor_data.anchor = NULL; + emitter->anchor_data.anchor_length = 0; + emitter->tag_data.handle = NULL; + emitter->tag_data.handle_length = 0; + emitter->tag_data.suffix = NULL; + emitter->tag_data.suffix_length = 0; + emitter->scalar_data.value = NULL; + emitter->scalar_data.length = 0; + + switch (event->type) + { + case YAML_ALIAS_EVENT: + if (!yaml_emitter_analyze_anchor(emitter, + event->data.alias.anchor, 1)) + return 0; + return 1; + + case YAML_SCALAR_EVENT: + if (event->data.scalar.anchor) { + if (!yaml_emitter_analyze_anchor(emitter, + event->data.scalar.anchor, 0)) + return 0; + } + if (event->data.scalar.tag && (emitter->canonical || + (!event->data.scalar.plain_implicit + && !event->data.scalar.quoted_implicit))) { + if (!yaml_emitter_analyze_tag(emitter, event->data.scalar.tag)) + return 0; + } + if (!yaml_emitter_analyze_scalar(emitter, + event->data.scalar.value, event->data.scalar.length)) + return 0; + return 1; + + case YAML_SEQUENCE_START_EVENT: + if (event->data.sequence_start.anchor) { + if (!yaml_emitter_analyze_anchor(emitter, + event->data.sequence_start.anchor, 0)) + return 0; + } + if (event->data.sequence_start.tag && (emitter->canonical || + !event->data.sequence_start.implicit)) { + if (!yaml_emitter_analyze_tag(emitter, + event->data.sequence_start.tag)) + return 0; + } + return 1; + + case YAML_MAPPING_START_EVENT: + if (event->data.mapping_start.anchor) { + if (!yaml_emitter_analyze_anchor(emitter, + event->data.mapping_start.anchor, 0)) + return 0; + } + if (event->data.mapping_start.tag && (emitter->canonical || + !event->data.mapping_start.implicit)) { + if (!yaml_emitter_analyze_tag(emitter, + event->data.mapping_start.tag)) + return 0; + } + return 1; + + default: + return 1; + } +} + +/* + * Write the BOM character. + */ + +static int +yaml_emitter_write_bom(yaml_emitter_t *emitter) +{ + if (!FLUSH(emitter)) return 0; + + *(emitter->buffer.pointer++) = (yaml_char_t) '\xEF'; + *(emitter->buffer.pointer++) = (yaml_char_t) '\xBB'; + *(emitter->buffer.pointer++) = (yaml_char_t) '\xBF'; + + return 1; +} + +static int +yaml_emitter_write_indent(yaml_emitter_t *emitter) +{ + int indent = (emitter->indent >= 0) ? emitter->indent : 0; + + if (!emitter->indention || emitter->column > indent + || (emitter->column == indent && !emitter->whitespace)) { + if (!PUT_BREAK(emitter)) return 0; + } + + while (emitter->column < indent) { + if (!PUT(emitter, ' ')) return 0; + } + + emitter->whitespace = 1; + emitter->indention = 1; + + return 1; +} + +static int +yaml_emitter_write_indicator(yaml_emitter_t *emitter, + char *indicator, int need_whitespace, + int is_whitespace, int is_indention) +{ + size_t indicator_length; + yaml_string_t string; + + indicator_length = strlen(indicator); + STRING_ASSIGN(string, (yaml_char_t *)indicator, indicator_length); + + if (need_whitespace && !emitter->whitespace) { + if (!PUT(emitter, ' ')) return 0; + } + + while (string.pointer != string.end) { + if (!WRITE(emitter, string)) return 0; + } + + emitter->whitespace = is_whitespace; + emitter->indention = (emitter->indention && is_indention); + emitter->open_ended = 0; + + return 1; +} + +static int +yaml_emitter_write_anchor(yaml_emitter_t *emitter, + yaml_char_t *value, size_t length) +{ + yaml_string_t string; + STRING_ASSIGN(string, value, length); + + while (string.pointer != string.end) { + if (!WRITE(emitter, string)) return 0; + } + + emitter->whitespace = 0; + emitter->indention = 0; + + return 1; +} + +static int +yaml_emitter_write_tag_handle(yaml_emitter_t *emitter, + yaml_char_t *value, size_t length) +{ + yaml_string_t string; + STRING_ASSIGN(string, value, length); + + if (!emitter->whitespace) { + if (!PUT(emitter, ' ')) return 0; + } + + while (string.pointer != string.end) { + if (!WRITE(emitter, string)) return 0; + } + + emitter->whitespace = 0; + emitter->indention = 0; + + return 1; +} + +static int +yaml_emitter_write_tag_content(yaml_emitter_t *emitter, + yaml_char_t *value, size_t length, + int need_whitespace) +{ + yaml_string_t string; + STRING_ASSIGN(string, value, length); + + if (need_whitespace && !emitter->whitespace) { + if (!PUT(emitter, ' ')) return 0; + } + + while (string.pointer != string.end) { + if (IS_ALPHA(string) + || CHECK(string, ';') || CHECK(string, '/') + || CHECK(string, '?') || CHECK(string, ':') + || CHECK(string, '@') || CHECK(string, '&') + || CHECK(string, '=') || CHECK(string, '+') + || CHECK(string, '$') || CHECK(string, ',') + || CHECK(string, '_') || CHECK(string, '.') + || CHECK(string, '~') || CHECK(string, '*') + || CHECK(string, '\'') || CHECK(string, '(') + || CHECK(string, ')') || CHECK(string, '[') + || CHECK(string, ']')) { + if (!WRITE(emitter, string)) return 0; + } + else { + int width = WIDTH(string); + unsigned int value; + while (width --) { + value = *(string.pointer++); + if (!PUT(emitter, '%')) return 0; + if (!PUT(emitter, (value >> 4) + + ((value >> 4) < 10 ? '0' : 'A' - 10))) + return 0; + if (!PUT(emitter, (value & 0x0F) + + ((value & 0x0F) < 10 ? '0' : 'A' - 10))) + return 0; + } + } + } + + emitter->whitespace = 0; + emitter->indention = 0; + + return 1; +} + +static int +yaml_emitter_write_plain_scalar(yaml_emitter_t *emitter, + yaml_char_t *value, size_t length, int allow_breaks) +{ + yaml_string_t string; + int spaces = 0; + int breaks = 0; + + STRING_ASSIGN(string, value, length); + + if (!emitter->whitespace) { + if (!PUT(emitter, ' ')) return 0; + } + + while (string.pointer != string.end) + { + if (IS_SPACE(string)) + { + if (allow_breaks && !spaces + && emitter->column > emitter->best_width + && !IS_SPACE_AT(string, 1)) { + if (!yaml_emitter_write_indent(emitter)) return 0; + MOVE(string); + } + else { + if (!WRITE(emitter, string)) return 0; + } + spaces = 1; + } + else if (IS_BREAK(string)) + { + if (!breaks && CHECK(string, '\n')) { + if (!PUT_BREAK(emitter)) return 0; + } + if (!WRITE_BREAK(emitter, string)) return 0; + emitter->indention = 1; + breaks = 1; + } + else + { + if (breaks) { + if (!yaml_emitter_write_indent(emitter)) return 0; + } + if (!WRITE(emitter, string)) return 0; + emitter->indention = 0; + spaces = 0; + breaks = 0; + } + } + + emitter->whitespace = 0; + emitter->indention = 0; + if (emitter->root_context) + { + emitter->open_ended = 1; + } + + return 1; +} + +static int +yaml_emitter_write_single_quoted_scalar(yaml_emitter_t *emitter, + yaml_char_t *value, size_t length, int allow_breaks) +{ + yaml_string_t string; + int spaces = 0; + int breaks = 0; + + STRING_ASSIGN(string, value, length); + + if (!yaml_emitter_write_indicator(emitter, "'", 1, 0, 0)) + return 0; + + while (string.pointer != string.end) + { + if (IS_SPACE(string)) + { + if (allow_breaks && !spaces + && emitter->column > emitter->best_width + && string.pointer != string.start + && string.pointer != string.end - 1 + && !IS_SPACE_AT(string, 1)) { + if (!yaml_emitter_write_indent(emitter)) return 0; + MOVE(string); + } + else { + if (!WRITE(emitter, string)) return 0; + } + spaces = 1; + } + else if (IS_BREAK(string)) + { + if (!breaks && CHECK(string, '\n')) { + if (!PUT_BREAK(emitter)) return 0; + } + if (!WRITE_BREAK(emitter, string)) return 0; + emitter->indention = 1; + breaks = 1; + } + else + { + if (breaks) { + if (!yaml_emitter_write_indent(emitter)) return 0; + } + if (CHECK(string, '\'')) { + if (!PUT(emitter, '\'')) return 0; + } + if (!WRITE(emitter, string)) return 0; + emitter->indention = 0; + spaces = 0; + breaks = 0; + } + } + + if (!yaml_emitter_write_indicator(emitter, "'", 0, 0, 0)) + return 0; + + emitter->whitespace = 0; + emitter->indention = 0; + + return 1; +} + +static int +yaml_emitter_write_double_quoted_scalar(yaml_emitter_t *emitter, + yaml_char_t *value, size_t length, int allow_breaks) +{ + yaml_string_t string; + int spaces = 0; + + STRING_ASSIGN(string, value, length); + + if (!yaml_emitter_write_indicator(emitter, "\"", 1, 0, 0)) + return 0; + + while (string.pointer != string.end) + { + if (!IS_PRINTABLE(string) || (!emitter->unicode && !IS_ASCII(string)) + || IS_BOM(string) || IS_BREAK(string) + || CHECK(string, '"') || CHECK(string, '\\')) + { + unsigned char octet; + unsigned int width; + unsigned int value; + int k; + + octet = string.pointer[0]; + width = (octet & 0x80) == 0x00 ? 1 : + (octet & 0xE0) == 0xC0 ? 2 : + (octet & 0xF0) == 0xE0 ? 3 : + (octet & 0xF8) == 0xF0 ? 4 : 0; + value = (octet & 0x80) == 0x00 ? octet & 0x7F : + (octet & 0xE0) == 0xC0 ? octet & 0x1F : + (octet & 0xF0) == 0xE0 ? octet & 0x0F : + (octet & 0xF8) == 0xF0 ? octet & 0x07 : 0; + for (k = 1; k < (int)width; k ++) { + octet = string.pointer[k]; + value = (value << 6) + (octet & 0x3F); + } + string.pointer += width; + + if (!PUT(emitter, '\\')) return 0; + + switch (value) + { + case 0x00: + if (!PUT(emitter, '0')) return 0; + break; + + case 0x07: + if (!PUT(emitter, 'a')) return 0; + break; + + case 0x08: + if (!PUT(emitter, 'b')) return 0; + break; + + case 0x09: + if (!PUT(emitter, 't')) return 0; + break; + + case 0x0A: + if (!PUT(emitter, 'n')) return 0; + break; + + case 0x0B: + if (!PUT(emitter, 'v')) return 0; + break; + + case 0x0C: + if (!PUT(emitter, 'f')) return 0; + break; + + case 0x0D: + if (!PUT(emitter, 'r')) return 0; + break; + + case 0x1B: + if (!PUT(emitter, 'e')) return 0; + break; + + case 0x22: + if (!PUT(emitter, '\"')) return 0; + break; + + case 0x5C: + if (!PUT(emitter, '\\')) return 0; + break; + + case 0x85: + if (!PUT(emitter, 'N')) return 0; + break; + + case 0xA0: + if (!PUT(emitter, '_')) return 0; + break; + + case 0x2028: + if (!PUT(emitter, 'L')) return 0; + break; + + case 0x2029: + if (!PUT(emitter, 'P')) return 0; + break; + + default: + if (value <= 0xFF) { + if (!PUT(emitter, 'x')) return 0; + width = 2; + } + else if (value <= 0xFFFF) { + if (!PUT(emitter, 'u')) return 0; + width = 4; + } + else { + if (!PUT(emitter, 'U')) return 0; + width = 8; + } + for (k = (width-1)*4; k >= 0; k -= 4) { + int digit = (value >> k) & 0x0F; + if (!PUT(emitter, digit + (digit < 10 ? '0' : 'A'-10))) + return 0; + } + } + spaces = 0; + } + else if (IS_SPACE(string)) + { + if (allow_breaks && !spaces + && emitter->column > emitter->best_width + && string.pointer != string.start + && string.pointer != string.end - 1) { + if (!yaml_emitter_write_indent(emitter)) return 0; + if (IS_SPACE_AT(string, 1)) { + if (!PUT(emitter, '\\')) return 0; + } + MOVE(string); + } + else { + if (!WRITE(emitter, string)) return 0; + } + spaces = 1; + } + else + { + if (!WRITE(emitter, string)) return 0; + spaces = 0; + } + } + + if (!yaml_emitter_write_indicator(emitter, "\"", 0, 0, 0)) + return 0; + + emitter->whitespace = 0; + emitter->indention = 0; + + return 1; +} + +static int +yaml_emitter_write_block_scalar_hints(yaml_emitter_t *emitter, + yaml_string_t string) +{ + char indent_hint[2]; + char *chomp_hint = NULL; + + if (IS_SPACE(string) || IS_BREAK(string)) + { + indent_hint[0] = '0' + (char)emitter->best_indent; + indent_hint[1] = '\0'; + if (!yaml_emitter_write_indicator(emitter, indent_hint, 0, 0, 0)) + return 0; + } + + emitter->open_ended = 0; + + string.pointer = string.end; + if (string.start == string.pointer) + { + chomp_hint = "-"; + } + else + { + do { + string.pointer --; + } while ((*string.pointer & 0xC0) == 0x80); + if (!IS_BREAK(string)) + { + chomp_hint = "-"; + } + else if (string.start == string.pointer) + { + chomp_hint = "+"; + emitter->open_ended = 1; + } + else + { + do { + string.pointer --; + } while ((*string.pointer & 0xC0) == 0x80); + if (IS_BREAK(string)) + { + chomp_hint = "+"; + emitter->open_ended = 1; + } + } + } + + if (chomp_hint) + { + if (!yaml_emitter_write_indicator(emitter, chomp_hint, 0, 0, 0)) + return 0; + } + + return 1; +} + +static int +yaml_emitter_write_literal_scalar(yaml_emitter_t *emitter, + yaml_char_t *value, size_t length) +{ + yaml_string_t string; + int breaks = 1; + + STRING_ASSIGN(string, value, length); + + if (!yaml_emitter_write_indicator(emitter, "|", 1, 0, 0)) + return 0; + if (!yaml_emitter_write_block_scalar_hints(emitter, string)) + return 0; + if (!PUT_BREAK(emitter)) return 0; + emitter->indention = 1; + emitter->whitespace = 1; + + while (string.pointer != string.end) + { + if (IS_BREAK(string)) + { + if (!WRITE_BREAK(emitter, string)) return 0; + emitter->indention = 1; + breaks = 1; + } + else + { + if (breaks) { + if (!yaml_emitter_write_indent(emitter)) return 0; + } + if (!WRITE(emitter, string)) return 0; + emitter->indention = 0; + breaks = 0; + } + } + + return 1; +} + +static int +yaml_emitter_write_folded_scalar(yaml_emitter_t *emitter, + yaml_char_t *value, size_t length) +{ + yaml_string_t string; + int breaks = 1; + int leading_spaces = 1; + + STRING_ASSIGN(string, value, length); + + if (!yaml_emitter_write_indicator(emitter, ">", 1, 0, 0)) + return 0; + if (!yaml_emitter_write_block_scalar_hints(emitter, string)) + return 0; + if (!PUT_BREAK(emitter)) return 0; + emitter->indention = 1; + emitter->whitespace = 1; + + while (string.pointer != string.end) + { + if (IS_BREAK(string)) + { + if (!breaks && !leading_spaces && CHECK(string, '\n')) { + int k = 0; + while (IS_BREAK_AT(string, k)) { + k += WIDTH_AT(string, k); + } + if (!IS_BLANKZ_AT(string, k)) { + if (!PUT_BREAK(emitter)) return 0; + } + } + if (!WRITE_BREAK(emitter, string)) return 0; + emitter->indention = 1; + breaks = 1; + } + else + { + if (breaks) { + if (!yaml_emitter_write_indent(emitter)) return 0; + leading_spaces = IS_BLANK(string); + } + if (!breaks && IS_SPACE(string) && !IS_SPACE_AT(string, 1) + && emitter->column > emitter->best_width) { + if (!yaml_emitter_write_indent(emitter)) return 0; + MOVE(string); + } + else { + if (!WRITE(emitter, string)) return 0; + } + emitter->indention = 0; + breaks = 0; + } + } + + return 1; +} + diff --git a/libyaml/loader.c b/libyaml/loader.c new file mode 100644 index 0000000..b3bdf25 --- /dev/null +++ b/libyaml/loader.c @@ -0,0 +1,432 @@ + +#include "libyaml/yaml_private.h" + +/* + * API functions. + */ + +YAML_DECLARE(int) +yaml_parser_load(yaml_parser_t *parser, yaml_document_t *document); + +/* + * Error handling. + */ + +static int +yaml_parser_set_composer_error(yaml_parser_t *parser, + const char *problem, yaml_mark_t problem_mark); + +static int +yaml_parser_set_composer_error_context(yaml_parser_t *parser, + const char *context, yaml_mark_t context_mark, + const char *problem, yaml_mark_t problem_mark); + + +/* + * Alias handling. + */ + +static int +yaml_parser_register_anchor(yaml_parser_t *parser, + int index, yaml_char_t *anchor); + +/* + * Clean up functions. + */ + +static void +yaml_parser_delete_aliases(yaml_parser_t *parser); + +/* + * Composer functions. + */ + +static int +yaml_parser_load_document(yaml_parser_t *parser, yaml_event_t *first_event); + +static int +yaml_parser_load_node(yaml_parser_t *parser, yaml_event_t *first_event); + +static int +yaml_parser_load_alias(yaml_parser_t *parser, yaml_event_t *first_event); + +static int +yaml_parser_load_scalar(yaml_parser_t *parser, yaml_event_t *first_event); + +static int +yaml_parser_load_sequence(yaml_parser_t *parser, yaml_event_t *first_event); + +static int +yaml_parser_load_mapping(yaml_parser_t *parser, yaml_event_t *first_event); + +/* + * Load the next document of the stream. + */ + +YAML_DECLARE(int) +yaml_parser_load(yaml_parser_t *parser, yaml_document_t *document) +{ + yaml_event_t event; + + assert(parser); /* Non-NULL parser object is expected. */ + assert(document); /* Non-NULL document object is expected. */ + + memset(document, 0, sizeof(yaml_document_t)); + if (!STACK_INIT(parser, document->nodes, INITIAL_STACK_SIZE)) + goto error; + + if (!parser->stream_start_produced) { + if (!yaml_parser_parse(parser, &event)) goto error; + assert(event.type == YAML_STREAM_START_EVENT); + /* STREAM-START is expected. */ + } + + if (parser->stream_end_produced) { + return 1; + } + + if (!yaml_parser_parse(parser, &event)) goto error; + if (event.type == YAML_STREAM_END_EVENT) { + return 1; + } + + if (!STACK_INIT(parser, parser->aliases, INITIAL_STACK_SIZE)) + goto error; + + parser->document = document; + + if (!yaml_parser_load_document(parser, &event)) goto error; + + yaml_parser_delete_aliases(parser); + parser->document = NULL; + + return 1; + +error: + + yaml_parser_delete_aliases(parser); + yaml_document_delete(document); + parser->document = NULL; + + return 0; +} + +/* + * Set composer error. + */ + +static int +yaml_parser_set_composer_error(yaml_parser_t *parser, + const char *problem, yaml_mark_t problem_mark) +{ + parser->error = YAML_COMPOSER_ERROR; + parser->problem = problem; + parser->problem_mark = problem_mark; + + return 0; +} + +/* + * Set composer error with context. + */ + +static int +yaml_parser_set_composer_error_context(yaml_parser_t *parser, + const char *context, yaml_mark_t context_mark, + const char *problem, yaml_mark_t problem_mark) +{ + parser->error = YAML_COMPOSER_ERROR; + parser->context = context; + parser->context_mark = context_mark; + parser->problem = problem; + parser->problem_mark = problem_mark; + + return 0; +} + +/* + * Delete the stack of aliases. + */ + +static void +yaml_parser_delete_aliases(yaml_parser_t *parser) +{ + while (!STACK_EMPTY(parser, parser->aliases)) { + yaml_free(POP(parser, parser->aliases).anchor); + } + STACK_DEL(parser, parser->aliases); +} + +/* + * Compose a document object. + */ + +static int +yaml_parser_load_document(yaml_parser_t *parser, yaml_event_t *first_event) +{ + yaml_event_t event; + + assert(first_event->type == YAML_DOCUMENT_START_EVENT); + /* DOCUMENT-START is expected. */ + + parser->document->titleVersion_directive + = first_event->data.document_start.titleVersion_directive; + parser->document->tag_directives.start + = first_event->data.document_start.tag_directives.start; + parser->document->tag_directives.end + = first_event->data.document_start.tag_directives.end; + parser->document->start_implicit + = first_event->data.document_start.implicit; + parser->document->start_mark = first_event->start_mark; + + if (!yaml_parser_parse(parser, &event)) return 0; + + if (!yaml_parser_load_node(parser, &event)) return 0; + + if (!yaml_parser_parse(parser, &event)) return 0; + assert(event.type == YAML_DOCUMENT_END_EVENT); + /* DOCUMENT-END is expected. */ + + parser->document->end_implicit = event.data.document_end.implicit; + parser->document->end_mark = event.end_mark; + + return 1; +} + +/* + * Compose a node. + */ + +static int +yaml_parser_load_node(yaml_parser_t *parser, yaml_event_t *first_event) +{ + switch (first_event->type) { + case YAML_ALIAS_EVENT: + return yaml_parser_load_alias(parser, first_event); + case YAML_SCALAR_EVENT: + return yaml_parser_load_scalar(parser, first_event); + case YAML_SEQUENCE_START_EVENT: + return yaml_parser_load_sequence(parser, first_event); + case YAML_MAPPING_START_EVENT: + return yaml_parser_load_mapping(parser, first_event); + default: + assert(0); /* Could not happen. */ + return 0; + } + + return 0; +} + +/* + * Add an anchor. + */ + +static int +yaml_parser_register_anchor(yaml_parser_t *parser, + int index, yaml_char_t *anchor) +{ + yaml_alias_data_t data; + yaml_alias_data_t *alias_data; + + if (!anchor) return 1; + + data.anchor = anchor; + data.index = index; + data.mark = parser->document->nodes.start[index-1].start_mark; + + for (alias_data = parser->aliases.start; + alias_data != parser->aliases.top; alias_data ++) { + if (strcmp((char *)alias_data->anchor, (char *)anchor) == 0) { + yaml_free(anchor); + return yaml_parser_set_composer_error_context(parser, + "found duplicate anchor; first occurence", + alias_data->mark, "second occurence", data.mark); + } + } + + if (!PUSH(parser, parser->aliases, data)) { + yaml_free(anchor); + return 0; + } + + return 1; +} + +/* + * Compose a node corresponding to an alias. + */ + +static int +yaml_parser_load_alias(yaml_parser_t *parser, yaml_event_t *first_event) +{ + yaml_char_t *anchor = first_event->data.alias.anchor; + yaml_alias_data_t *alias_data; + + for (alias_data = parser->aliases.start; + alias_data != parser->aliases.top; alias_data ++) { + if (strcmp((char *)alias_data->anchor, (char *)anchor) == 0) { + yaml_free(anchor); + return alias_data->index; + } + } + + yaml_free(anchor); + return yaml_parser_set_composer_error(parser, "found undefined alias", + first_event->start_mark); +} + +/* + * Compose a scalar node. + */ + +static int +yaml_parser_load_scalar(yaml_parser_t *parser, yaml_event_t *first_event) +{ + yaml_node_t node; + int index; + yaml_char_t *tag = first_event->data.scalar.tag; + + if (!tag || strcmp((char *)tag, "!") == 0) { + yaml_free(tag); + tag = yaml_strdup((yaml_char_t *)YAML_DEFAULT_SCALAR_TAG); + if (!tag) goto error; + } + + SCALAR_NODE_INIT(node, tag, first_event->data.scalar.value, + first_event->data.scalar.length, first_event->data.scalar.style, + first_event->start_mark, first_event->end_mark); + + if (!PUSH(parser, parser->document->nodes, node)) goto error; + + index = parser->document->nodes.top - parser->document->nodes.start; + + if (!yaml_parser_register_anchor(parser, index, + first_event->data.scalar.anchor)) return 0; + + return index; + +error: + yaml_free(tag); + yaml_free(first_event->data.scalar.anchor); + yaml_free(first_event->data.scalar.value); + return 0; +} + +/* + * Compose a sequence node. + */ + +static int +yaml_parser_load_sequence(yaml_parser_t *parser, yaml_event_t *first_event) +{ + yaml_event_t event; + yaml_node_t node; + struct { + yaml_node_item_t *start; + yaml_node_item_t *end; + yaml_node_item_t *top; + } items = { NULL, NULL, NULL }; + int index, item_index; + yaml_char_t *tag = first_event->data.sequence_start.tag; + + if (!tag || strcmp((char *)tag, "!") == 0) { + yaml_free(tag); + tag = yaml_strdup((yaml_char_t *)YAML_DEFAULT_SEQUENCE_TAG); + if (!tag) goto error; + } + + if (!STACK_INIT(parser, items, INITIAL_STACK_SIZE)) goto error; + + SEQUENCE_NODE_INIT(node, tag, items.start, items.end, + first_event->data.sequence_start.style, + first_event->start_mark, first_event->end_mark); + + if (!PUSH(parser, parser->document->nodes, node)) goto error; + + index = parser->document->nodes.top - parser->document->nodes.start; + + if (!yaml_parser_register_anchor(parser, index, + first_event->data.sequence_start.anchor)) return 0; + + if (!yaml_parser_parse(parser, &event)) return 0; + + while (event.type != YAML_SEQUENCE_END_EVENT) { + item_index = yaml_parser_load_node(parser, &event); + if (!item_index) return 0; + if (!PUSH(parser, + parser->document->nodes.start[index-1].data.sequence.items, + item_index)) return 0; + if (!yaml_parser_parse(parser, &event)) return 0; + } + + parser->document->nodes.start[index-1].end_mark = event.end_mark; + + return index; + +error: + yaml_free(tag); + yaml_free(first_event->data.sequence_start.anchor); + return 0; +} + +/* + * Compose a mapping node. + */ + +static int +yaml_parser_load_mapping(yaml_parser_t *parser, yaml_event_t *first_event) +{ + yaml_event_t event; + yaml_node_t node; + struct { + yaml_node_pair_t *start; + yaml_node_pair_t *end; + yaml_node_pair_t *top; + } pairs = { NULL, NULL, NULL }; + int index; + yaml_node_pair_t pair; + yaml_char_t *tag = first_event->data.mapping_start.tag; + + if (!tag || strcmp((char *)tag, "!") == 0) { + yaml_free(tag); + tag = yaml_strdup((yaml_char_t *)YAML_DEFAULT_MAPPING_TAG); + if (!tag) goto error; + } + + if (!STACK_INIT(parser, pairs, INITIAL_STACK_SIZE)) goto error; + + MAPPING_NODE_INIT(node, tag, pairs.start, pairs.end, + first_event->data.mapping_start.style, + first_event->start_mark, first_event->end_mark); + + if (!PUSH(parser, parser->document->nodes, node)) goto error; + + index = parser->document->nodes.top - parser->document->nodes.start; + + if (!yaml_parser_register_anchor(parser, index, + first_event->data.mapping_start.anchor)) return 0; + + if (!yaml_parser_parse(parser, &event)) return 0; + + while (event.type != YAML_MAPPING_END_EVENT) { + pair.key = yaml_parser_load_node(parser, &event); + if (!pair.key) return 0; + if (!yaml_parser_parse(parser, &event)) return 0; + pair.value = yaml_parser_load_node(parser, &event); + if (!pair.value) return 0; + if (!PUSH(parser, + parser->document->nodes.start[index-1].data.mapping.pairs, + pair)) return 0; + if (!yaml_parser_parse(parser, &event)) return 0; + } + + parser->document->nodes.start[index-1].end_mark = event.end_mark; + + return index; + +error: + yaml_free(tag); + yaml_free(first_event->data.mapping_start.anchor); + return 0; +} + diff --git a/libyaml/parser.c b/libyaml/parser.c new file mode 100644 index 0000000..0649d85 --- /dev/null +++ b/libyaml/parser.c @@ -0,0 +1,1374 @@ + +/* + * The parser implements the following grammar: + * + * stream ::= STREAM-START implicit_document? explicit_document* STREAM-END + * implicit_document ::= block_node DOCUMENT-END* + * explicit_document ::= DIRECTIVE* DOCUMENT-START block_node? DOCUMENT-END* + * block_node_or_indentless_sequence ::= + * ALIAS + * | properties (block_content | indentless_block_sequence)? + * | block_content + * | indentless_block_sequence + * block_node ::= ALIAS + * | properties block_content? + * | block_content + * flow_node ::= ALIAS + * | properties flow_content? + * | flow_content + * properties ::= TAG ANCHOR? | ANCHOR TAG? + * block_content ::= block_collection | flow_collection | SCALAR + * flow_content ::= flow_collection | SCALAR + * block_collection ::= block_sequence | block_mapping + * flow_collection ::= flow_sequence | flow_mapping + * block_sequence ::= BLOCK-SEQUENCE-START (BLOCK-ENTRY block_node?)* BLOCK-END + * indentless_sequence ::= (BLOCK-ENTRY block_node?)+ + * block_mapping ::= BLOCK-MAPPING_START + * ((KEY block_node_or_indentless_sequence?)? + * (VALUE block_node_or_indentless_sequence?)?)* + * BLOCK-END + * flow_sequence ::= FLOW-SEQUENCE-START + * (flow_sequence_entry FLOW-ENTRY)* + * flow_sequence_entry? + * FLOW-SEQUENCE-END + * flow_sequence_entry ::= flow_node | KEY flow_node? (VALUE flow_node?)? + * flow_mapping ::= FLOW-MAPPING-START + * (flow_mapping_entry FLOW-ENTRY)* + * flow_mapping_entry? + * FLOW-MAPPING-END + * flow_mapping_entry ::= flow_node | KEY flow_node? (VALUE flow_node?)? + */ + +#include "libyaml/yaml_private.h" + +/* + * Peek the next token in the token queue. + */ + +#define PEEK_TOKEN(parser) \ + ((parser->token_available || yaml_parser_fetch_more_tokens(parser)) ? \ + parser->tokens.head : NULL) + +/* + * Remove the next token from the queue (must be called after PEEK_TOKEN). + */ + +#define SKIP_TOKEN(parser) \ + (parser->token_available = 0, \ + parser->tokens_parsed ++, \ + parser->stream_end_produced = \ + (parser->tokens.head->type == YAML_STREAM_END_TOKEN), \ + parser->tokens.head ++) + +/* + * Public API declarations. + */ + +YAML_DECLARE(int) +yaml_parser_parse(yaml_parser_t *parser, yaml_event_t *event); + +/* + * Error handling. + */ + +static int +yaml_parser_set_parser_error(yaml_parser_t *parser, + const char *problem, yaml_mark_t problem_mark); + +static int +yaml_parser_set_parser_error_context(yaml_parser_t *parser, + const char *context, yaml_mark_t context_mark, + const char *problem, yaml_mark_t problem_mark); + +/* + * State functions. + */ + +static int +yaml_parser_state_machine(yaml_parser_t *parser, yaml_event_t *event); + +static int +yaml_parser_parse_stream_start(yaml_parser_t *parser, yaml_event_t *event); + +static int +yaml_parser_parse_document_start(yaml_parser_t *parser, yaml_event_t *event, + int implicit); + +static int +yaml_parser_parse_document_content(yaml_parser_t *parser, yaml_event_t *event); + +static int +yaml_parser_parse_document_end(yaml_parser_t *parser, yaml_event_t *event); + +static int +yaml_parser_parse_node(yaml_parser_t *parser, yaml_event_t *event, + int block, int indentless_sequence); + +static int +yaml_parser_parse_block_sequence_entry(yaml_parser_t *parser, + yaml_event_t *event, int first); + +static int +yaml_parser_parse_indentless_sequence_entry(yaml_parser_t *parser, + yaml_event_t *event); + +static int +yaml_parser_parse_block_mapping_key(yaml_parser_t *parser, + yaml_event_t *event, int first); + +static int +yaml_parser_parse_block_mapping_value(yaml_parser_t *parser, + yaml_event_t *event); + +static int +yaml_parser_parse_flow_sequence_entry(yaml_parser_t *parser, + yaml_event_t *event, int first); + +static int +yaml_parser_parse_flow_sequence_entry_mapping_key(yaml_parser_t *parser, + yaml_event_t *event); + +static int +yaml_parser_parse_flow_sequence_entry_mapping_value(yaml_parser_t *parser, + yaml_event_t *event); + +static int +yaml_parser_parse_flow_sequence_entry_mapping_end(yaml_parser_t *parser, + yaml_event_t *event); + +static int +yaml_parser_parse_flow_mapping_key(yaml_parser_t *parser, + yaml_event_t *event, int first); + +static int +yaml_parser_parse_flow_mapping_value(yaml_parser_t *parser, + yaml_event_t *event, int empty); + +/* + * Utility functions. + */ + +static int +yaml_parser_process_empty_scalar(yaml_parser_t *parser, + yaml_event_t *event, yaml_mark_t mark); + +static int +yaml_parser_process_directives(yaml_parser_t *parser, + yaml_titleVersion_directive_t **titleVersion_directive_ref, + yaml_tag_directive_t **tag_directives_start_ref, + yaml_tag_directive_t **tag_directives_end_ref); + +static int +yaml_parser_append_tag_directive(yaml_parser_t *parser, + yaml_tag_directive_t value, int allow_duplicates, yaml_mark_t mark); + +/* + * Get the next event. + */ + +YAML_DECLARE(int) +yaml_parser_parse(yaml_parser_t *parser, yaml_event_t *event) +{ + assert(parser); /* Non-NULL parser object is expected. */ + assert(event); /* Non-NULL event object is expected. */ + + /* Erase the event object. */ + + memset(event, 0, sizeof(yaml_event_t)); + + /* No events after the end of the stream or error. */ + + if (parser->stream_end_produced || parser->error || + parser->state == YAML_PARSE_END_STATE) { + return 1; + } + + /* Generate the next event. */ + + return yaml_parser_state_machine(parser, event); +} + +/* + * Set parser error. + */ + +static int +yaml_parser_set_parser_error(yaml_parser_t *parser, + const char *problem, yaml_mark_t problem_mark) +{ + parser->error = YAML_PARSER_ERROR; + parser->problem = problem; + parser->problem_mark = problem_mark; + + return 0; +} + +static int +yaml_parser_set_parser_error_context(yaml_parser_t *parser, + const char *context, yaml_mark_t context_mark, + const char *problem, yaml_mark_t problem_mark) +{ + parser->error = YAML_PARSER_ERROR; + parser->context = context; + parser->context_mark = context_mark; + parser->problem = problem; + parser->problem_mark = problem_mark; + + return 0; +} + + +/* + * State dispatcher. + */ + +static int +yaml_parser_state_machine(yaml_parser_t *parser, yaml_event_t *event) +{ + switch (parser->state) + { + case YAML_PARSE_STREAM_START_STATE: + return yaml_parser_parse_stream_start(parser, event); + + case YAML_PARSE_IMPLICIT_DOCUMENT_START_STATE: + return yaml_parser_parse_document_start(parser, event, 1); + + case YAML_PARSE_DOCUMENT_START_STATE: + return yaml_parser_parse_document_start(parser, event, 0); + + case YAML_PARSE_DOCUMENT_CONTENT_STATE: + return yaml_parser_parse_document_content(parser, event); + + case YAML_PARSE_DOCUMENT_END_STATE: + return yaml_parser_parse_document_end(parser, event); + + case YAML_PARSE_BLOCK_NODE_STATE: + return yaml_parser_parse_node(parser, event, 1, 0); + + case YAML_PARSE_BLOCK_NODE_OR_INDENTLESS_SEQUENCE_STATE: + return yaml_parser_parse_node(parser, event, 1, 1); + + case YAML_PARSE_FLOW_NODE_STATE: + return yaml_parser_parse_node(parser, event, 0, 0); + + case YAML_PARSE_BLOCK_SEQUENCE_FIRST_ENTRY_STATE: + return yaml_parser_parse_block_sequence_entry(parser, event, 1); + + case YAML_PARSE_BLOCK_SEQUENCE_ENTRY_STATE: + return yaml_parser_parse_block_sequence_entry(parser, event, 0); + + case YAML_PARSE_INDENTLESS_SEQUENCE_ENTRY_STATE: + return yaml_parser_parse_indentless_sequence_entry(parser, event); + + case YAML_PARSE_BLOCK_MAPPING_FIRST_KEY_STATE: + return yaml_parser_parse_block_mapping_key(parser, event, 1); + + case YAML_PARSE_BLOCK_MAPPING_KEY_STATE: + return yaml_parser_parse_block_mapping_key(parser, event, 0); + + case YAML_PARSE_BLOCK_MAPPING_VALUE_STATE: + return yaml_parser_parse_block_mapping_value(parser, event); + + case YAML_PARSE_FLOW_SEQUENCE_FIRST_ENTRY_STATE: + return yaml_parser_parse_flow_sequence_entry(parser, event, 1); + + case YAML_PARSE_FLOW_SEQUENCE_ENTRY_STATE: + return yaml_parser_parse_flow_sequence_entry(parser, event, 0); + + case YAML_PARSE_FLOW_SEQUENCE_ENTRY_MAPPING_KEY_STATE: + return yaml_parser_parse_flow_sequence_entry_mapping_key(parser, event); + + case YAML_PARSE_FLOW_SEQUENCE_ENTRY_MAPPING_VALUE_STATE: + return yaml_parser_parse_flow_sequence_entry_mapping_value(parser, event); + + case YAML_PARSE_FLOW_SEQUENCE_ENTRY_MAPPING_END_STATE: + return yaml_parser_parse_flow_sequence_entry_mapping_end(parser, event); + + case YAML_PARSE_FLOW_MAPPING_FIRST_KEY_STATE: + return yaml_parser_parse_flow_mapping_key(parser, event, 1); + + case YAML_PARSE_FLOW_MAPPING_KEY_STATE: + return yaml_parser_parse_flow_mapping_key(parser, event, 0); + + case YAML_PARSE_FLOW_MAPPING_VALUE_STATE: + return yaml_parser_parse_flow_mapping_value(parser, event, 0); + + case YAML_PARSE_FLOW_MAPPING_EMPTY_VALUE_STATE: + return yaml_parser_parse_flow_mapping_value(parser, event, 1); + + default: + assert(1); /* Invalid state. */ + } + + return 0; +} + +/* + * Parse the production: + * stream ::= STREAM-START implicit_document? explicit_document* STREAM-END + * ************ + */ + +static int +yaml_parser_parse_stream_start(yaml_parser_t *parser, yaml_event_t *event) +{ + yaml_token_t *token; + + token = PEEK_TOKEN(parser); + if (!token) return 0; + + if (token->type != YAML_STREAM_START_TOKEN) { + return yaml_parser_set_parser_error(parser, + "did not find expected ", token->start_mark); + } + + parser->state = YAML_PARSE_IMPLICIT_DOCUMENT_START_STATE; + STREAM_START_EVENT_INIT(*event, token->data.stream_start.encoding, + token->start_mark, token->start_mark); + SKIP_TOKEN(parser); + + return 1; +} + +/* + * Parse the productions: + * implicit_document ::= block_node DOCUMENT-END* + * * + * explicit_document ::= DIRECTIVE* DOCUMENT-START block_node? DOCUMENT-END* + * ************************* + */ + +static int +yaml_parser_parse_document_start(yaml_parser_t *parser, yaml_event_t *event, + int implicit) +{ + yaml_token_t *token; + yaml_titleVersion_directive_t *titleVersion_directive = NULL; + struct { + yaml_tag_directive_t *start; + yaml_tag_directive_t *end; + } tag_directives = { NULL, NULL }; + + token = PEEK_TOKEN(parser); + if (!token) return 0; + + /* Parse extra document end indicators. */ + + if (!implicit) + { + while (token->type == YAML_DOCUMENT_END_TOKEN) { + SKIP_TOKEN(parser); + token = PEEK_TOKEN(parser); + if (!token) return 0; + } + } + + /* Parse an implicit document. */ + + if (implicit && token->type != YAML_titleVersion_DIRECTIVE_TOKEN && + token->type != YAML_TAG_DIRECTIVE_TOKEN && + token->type != YAML_DOCUMENT_START_TOKEN && + token->type != YAML_STREAM_END_TOKEN) + { + if (!yaml_parser_process_directives(parser, NULL, NULL, NULL)) + return 0; + if (!PUSH(parser, parser->states, YAML_PARSE_DOCUMENT_END_STATE)) + return 0; + parser->state = YAML_PARSE_BLOCK_NODE_STATE; + DOCUMENT_START_EVENT_INIT(*event, NULL, NULL, NULL, 1, + token->start_mark, token->start_mark); + return 1; + } + + /* Parse an explicit document. */ + + else if (token->type != YAML_STREAM_END_TOKEN) + { + yaml_mark_t start_mark, end_mark; + start_mark = token->start_mark; + if (!yaml_parser_process_directives(parser, &titleVersion_directive, + &tag_directives.start, &tag_directives.end)) + return 0; + token = PEEK_TOKEN(parser); + if (!token) goto error; + if (token->type != YAML_DOCUMENT_START_TOKEN) { + yaml_parser_set_parser_error(parser, + "did not find expected ", token->start_mark); + goto error; + } + if (!PUSH(parser, parser->states, YAML_PARSE_DOCUMENT_END_STATE)) + goto error; + parser->state = YAML_PARSE_DOCUMENT_CONTENT_STATE; + end_mark = token->end_mark; + DOCUMENT_START_EVENT_INIT(*event, titleVersion_directive, + tag_directives.start, tag_directives.end, 0, + start_mark, end_mark); + SKIP_TOKEN(parser); + titleVersion_directive = NULL; + tag_directives.start = tag_directives.end = NULL; + return 1; + } + + /* Parse the stream end. */ + + else + { + parser->state = YAML_PARSE_END_STATE; + STREAM_END_EVENT_INIT(*event, token->start_mark, token->end_mark); + SKIP_TOKEN(parser); + return 1; + } + +error: + yaml_free(titleVersion_directive); + while (tag_directives.start != tag_directives.end) { + yaml_free(tag_directives.end[-1].handle); + yaml_free(tag_directives.end[-1].prefix); + tag_directives.end --; + } + yaml_free(tag_directives.start); + return 0; +} + +/* + * Parse the productions: + * explicit_document ::= DIRECTIVE* DOCUMENT-START block_node? DOCUMENT-END* + * *********** + */ + +static int +yaml_parser_parse_document_content(yaml_parser_t *parser, yaml_event_t *event) +{ + yaml_token_t *token; + + token = PEEK_TOKEN(parser); + if (!token) return 0; + + if (token->type == YAML_titleVersion_DIRECTIVE_TOKEN || + token->type == YAML_TAG_DIRECTIVE_TOKEN || + token->type == YAML_DOCUMENT_START_TOKEN || + token->type == YAML_DOCUMENT_END_TOKEN || + token->type == YAML_STREAM_END_TOKEN) { + parser->state = POP(parser, parser->states); + return yaml_parser_process_empty_scalar(parser, event, + token->start_mark); + } + else { + return yaml_parser_parse_node(parser, event, 1, 0); + } +} + +/* + * Parse the productions: + * implicit_document ::= block_node DOCUMENT-END* + * ************* + * explicit_document ::= DIRECTIVE* DOCUMENT-START block_node? DOCUMENT-END* + * ************* + */ + +static int +yaml_parser_parse_document_end(yaml_parser_t *parser, yaml_event_t *event) +{ + yaml_token_t *token; + yaml_mark_t start_mark, end_mark; + int implicit = 1; + + token = PEEK_TOKEN(parser); + if (!token) return 0; + + start_mark = end_mark = token->start_mark; + + if (token->type == YAML_DOCUMENT_END_TOKEN) { + end_mark = token->end_mark; + SKIP_TOKEN(parser); + implicit = 0; + } + + while (!STACK_EMPTY(parser, parser->tag_directives)) { + yaml_tag_directive_t tag_directive = POP(parser, parser->tag_directives); + yaml_free(tag_directive.handle); + yaml_free(tag_directive.prefix); + } + + parser->state = YAML_PARSE_DOCUMENT_START_STATE; + DOCUMENT_END_EVENT_INIT(*event, implicit, start_mark, end_mark); + + return 1; +} + +/* + * Parse the productions: + * block_node_or_indentless_sequence ::= + * ALIAS + * ***** + * | properties (block_content | indentless_block_sequence)? + * ********** * + * | block_content | indentless_block_sequence + * * + * block_node ::= ALIAS + * ***** + * | properties block_content? + * ********** * + * | block_content + * * + * flow_node ::= ALIAS + * ***** + * | properties flow_content? + * ********** * + * | flow_content + * * + * properties ::= TAG ANCHOR? | ANCHOR TAG? + * ************************* + * block_content ::= block_collection | flow_collection | SCALAR + * ****** + * flow_content ::= flow_collection | SCALAR + * ****** + */ + +static int +yaml_parser_parse_node(yaml_parser_t *parser, yaml_event_t *event, + int block, int indentless_sequence) +{ + yaml_token_t *token; + yaml_char_t *anchor = NULL; + yaml_char_t *tag_handle = NULL; + yaml_char_t *tag_suffix = NULL; + yaml_char_t *tag = NULL; + yaml_mark_t start_mark, end_mark, tag_mark; + int implicit; + + token = PEEK_TOKEN(parser); + if (!token) return 0; + + if (token->type == YAML_ALIAS_TOKEN) + { + parser->state = POP(parser, parser->states); + ALIAS_EVENT_INIT(*event, token->data.alias.value, + token->start_mark, token->end_mark); + SKIP_TOKEN(parser); + return 1; + } + + else + { + start_mark = end_mark = token->start_mark; + + if (token->type == YAML_ANCHOR_TOKEN) + { + anchor = token->data.anchor.value; + start_mark = token->start_mark; + end_mark = token->end_mark; + SKIP_TOKEN(parser); + token = PEEK_TOKEN(parser); + if (!token) goto error; + if (token->type == YAML_TAG_TOKEN) + { + tag_handle = token->data.tag.handle; + tag_suffix = token->data.tag.suffix; + tag_mark = token->start_mark; + end_mark = token->end_mark; + SKIP_TOKEN(parser); + token = PEEK_TOKEN(parser); + if (!token) goto error; + } + } + else if (token->type == YAML_TAG_TOKEN) + { + tag_handle = token->data.tag.handle; + tag_suffix = token->data.tag.suffix; + start_mark = tag_mark = token->start_mark; + end_mark = token->end_mark; + SKIP_TOKEN(parser); + token = PEEK_TOKEN(parser); + if (!token) goto error; + if (token->type == YAML_ANCHOR_TOKEN) + { + anchor = token->data.anchor.value; + end_mark = token->end_mark; + SKIP_TOKEN(parser); + token = PEEK_TOKEN(parser); + if (!token) goto error; + } + } + + if (tag_handle) { + if (!*tag_handle) { + tag = tag_suffix; + yaml_free(tag_handle); + tag_handle = tag_suffix = NULL; + } + else { + yaml_tag_directive_t *tag_directive; + for (tag_directive = parser->tag_directives.start; + tag_directive != parser->tag_directives.top; + tag_directive ++) { + if (strcmp((char *)tag_directive->handle, (char *)tag_handle) == 0) { + size_t prefix_len = strlen((char *)tag_directive->prefix); + size_t suffix_len = strlen((char *)tag_suffix); + tag = yaml_malloc(prefix_len+suffix_len+1); + if (!tag) { + parser->error = YAML_MEMORY_ERROR; + goto error; + } + memcpy(tag, tag_directive->prefix, prefix_len); + memcpy(tag+prefix_len, tag_suffix, suffix_len); + tag[prefix_len+suffix_len] = '\0'; + yaml_free(tag_handle); + yaml_free(tag_suffix); + tag_handle = tag_suffix = NULL; + break; + } + } + if (!tag) { + yaml_parser_set_parser_error_context(parser, + "while parsing a node", start_mark, + "found undefined tag handle", tag_mark); + goto error; + } + } + } + + implicit = (!tag || !*tag); + if (indentless_sequence && token->type == YAML_BLOCK_ENTRY_TOKEN) { + end_mark = token->end_mark; + parser->state = YAML_PARSE_INDENTLESS_SEQUENCE_ENTRY_STATE; + SEQUENCE_START_EVENT_INIT(*event, anchor, tag, implicit, + YAML_BLOCK_SEQUENCE_STYLE, start_mark, end_mark); + return 1; + } + else { + if (token->type == YAML_SCALAR_TOKEN) { + int plain_implicit = 0; + int quoted_implicit = 0; + end_mark = token->end_mark; + if ((token->data.scalar.style == YAML_PLAIN_SCALAR_STYLE && !tag) + || (tag && strcmp((char *)tag, "!") == 0)) { + plain_implicit = 1; + } + else if (!tag) { + quoted_implicit = 1; + } + parser->state = POP(parser, parser->states); + SCALAR_EVENT_INIT(*event, anchor, tag, + token->data.scalar.value, token->data.scalar.length, + plain_implicit, quoted_implicit, + token->data.scalar.style, start_mark, end_mark); + SKIP_TOKEN(parser); + return 1; + } + else if (token->type == YAML_FLOW_SEQUENCE_START_TOKEN) { + end_mark = token->end_mark; + parser->state = YAML_PARSE_FLOW_SEQUENCE_FIRST_ENTRY_STATE; + SEQUENCE_START_EVENT_INIT(*event, anchor, tag, implicit, + YAML_FLOW_SEQUENCE_STYLE, start_mark, end_mark); + return 1; + } + else if (token->type == YAML_FLOW_MAPPING_START_TOKEN) { + end_mark = token->end_mark; + parser->state = YAML_PARSE_FLOW_MAPPING_FIRST_KEY_STATE; + MAPPING_START_EVENT_INIT(*event, anchor, tag, implicit, + YAML_FLOW_MAPPING_STYLE, start_mark, end_mark); + return 1; + } + else if (block && token->type == YAML_BLOCK_SEQUENCE_START_TOKEN) { + end_mark = token->end_mark; + parser->state = YAML_PARSE_BLOCK_SEQUENCE_FIRST_ENTRY_STATE; + SEQUENCE_START_EVENT_INIT(*event, anchor, tag, implicit, + YAML_BLOCK_SEQUENCE_STYLE, start_mark, end_mark); + return 1; + } + else if (block && token->type == YAML_BLOCK_MAPPING_START_TOKEN) { + end_mark = token->end_mark; + parser->state = YAML_PARSE_BLOCK_MAPPING_FIRST_KEY_STATE; + MAPPING_START_EVENT_INIT(*event, anchor, tag, implicit, + YAML_BLOCK_MAPPING_STYLE, start_mark, end_mark); + return 1; + } + else if (anchor || tag) { + yaml_char_t *value = yaml_malloc(1); + if (!value) { + parser->error = YAML_MEMORY_ERROR; + goto error; + } + value[0] = '\0'; + parser->state = POP(parser, parser->states); + SCALAR_EVENT_INIT(*event, anchor, tag, value, 0, + implicit, 0, YAML_PLAIN_SCALAR_STYLE, + start_mark, end_mark); + return 1; + } + else { + yaml_parser_set_parser_error_context(parser, + (block ? "while parsing a block node" + : "while parsing a flow node"), start_mark, + "did not find expected node content", token->start_mark); + goto error; + } + } + } + +error: + yaml_free(anchor); + yaml_free(tag_handle); + yaml_free(tag_suffix); + yaml_free(tag); + + return 0; +} + +/* + * Parse the productions: + * block_sequence ::= BLOCK-SEQUENCE-START (BLOCK-ENTRY block_node?)* BLOCK-END + * ******************** *********** * ********* + */ + +static int +yaml_parser_parse_block_sequence_entry(yaml_parser_t *parser, + yaml_event_t *event, int first) +{ + yaml_token_t *token; + + if (first) { + token = PEEK_TOKEN(parser); + if (!PUSH(parser, parser->marks, token->start_mark)) + return 0; + SKIP_TOKEN(parser); + } + + token = PEEK_TOKEN(parser); + if (!token) return 0; + + if (token->type == YAML_BLOCK_ENTRY_TOKEN) + { + yaml_mark_t mark = token->end_mark; + SKIP_TOKEN(parser); + token = PEEK_TOKEN(parser); + if (!token) return 0; + if (token->type != YAML_BLOCK_ENTRY_TOKEN && + token->type != YAML_BLOCK_END_TOKEN) { + if (!PUSH(parser, parser->states, + YAML_PARSE_BLOCK_SEQUENCE_ENTRY_STATE)) + return 0; + return yaml_parser_parse_node(parser, event, 1, 0); + } + else { + parser->state = YAML_PARSE_BLOCK_SEQUENCE_ENTRY_STATE; + return yaml_parser_process_empty_scalar(parser, event, mark); + } + } + + else if (token->type == YAML_BLOCK_END_TOKEN) + { + yaml_mark_t dummy_mark; /* Used to eliminate a compiler warning. */ + parser->state = POP(parser, parser->states); + dummy_mark = POP(parser, parser->marks); + SEQUENCE_END_EVENT_INIT(*event, token->start_mark, token->end_mark); + SKIP_TOKEN(parser); + return 1; + } + + else + { + return yaml_parser_set_parser_error_context(parser, + "while parsing a block collection", POP(parser, parser->marks), + "did not find expected '-' indicator", token->start_mark); + } +} + +/* + * Parse the productions: + * indentless_sequence ::= (BLOCK-ENTRY block_node?)+ + * *********** * + */ + +static int +yaml_parser_parse_indentless_sequence_entry(yaml_parser_t *parser, + yaml_event_t *event) +{ + yaml_token_t *token; + + token = PEEK_TOKEN(parser); + if (!token) return 0; + + if (token->type == YAML_BLOCK_ENTRY_TOKEN) + { + yaml_mark_t mark = token->end_mark; + SKIP_TOKEN(parser); + token = PEEK_TOKEN(parser); + if (!token) return 0; + if (token->type != YAML_BLOCK_ENTRY_TOKEN && + token->type != YAML_KEY_TOKEN && + token->type != YAML_VALUE_TOKEN && + token->type != YAML_BLOCK_END_TOKEN) { + if (!PUSH(parser, parser->states, + YAML_PARSE_INDENTLESS_SEQUENCE_ENTRY_STATE)) + return 0; + return yaml_parser_parse_node(parser, event, 1, 0); + } + else { + parser->state = YAML_PARSE_INDENTLESS_SEQUENCE_ENTRY_STATE; + return yaml_parser_process_empty_scalar(parser, event, mark); + } + } + + else + { + parser->state = POP(parser, parser->states); + SEQUENCE_END_EVENT_INIT(*event, token->start_mark, token->start_mark); + return 1; + } +} + +/* + * Parse the productions: + * block_mapping ::= BLOCK-MAPPING_START + * ******************* + * ((KEY block_node_or_indentless_sequence?)? + * *** * + * (VALUE block_node_or_indentless_sequence?)?)* + * + * BLOCK-END + * ********* + */ + +static int +yaml_parser_parse_block_mapping_key(yaml_parser_t *parser, + yaml_event_t *event, int first) +{ + yaml_token_t *token; + + if (first) { + token = PEEK_TOKEN(parser); + if (!PUSH(parser, parser->marks, token->start_mark)) + return 0; + SKIP_TOKEN(parser); + } + + token = PEEK_TOKEN(parser); + if (!token) return 0; + + if (token->type == YAML_KEY_TOKEN) + { + yaml_mark_t mark = token->end_mark; + SKIP_TOKEN(parser); + token = PEEK_TOKEN(parser); + if (!token) return 0; + if (token->type != YAML_KEY_TOKEN && + token->type != YAML_VALUE_TOKEN && + token->type != YAML_BLOCK_END_TOKEN) { + if (!PUSH(parser, parser->states, + YAML_PARSE_BLOCK_MAPPING_VALUE_STATE)) + return 0; + return yaml_parser_parse_node(parser, event, 1, 1); + } + else { + parser->state = YAML_PARSE_BLOCK_MAPPING_VALUE_STATE; + return yaml_parser_process_empty_scalar(parser, event, mark); + } + } + + else if (token->type == YAML_BLOCK_END_TOKEN) + { + yaml_mark_t dummy_mark; /* Used to eliminate a compiler warning. */ + parser->state = POP(parser, parser->states); + dummy_mark = POP(parser, parser->marks); + MAPPING_END_EVENT_INIT(*event, token->start_mark, token->end_mark); + SKIP_TOKEN(parser); + return 1; + } + + else + { + return yaml_parser_set_parser_error_context(parser, + "while parsing a block mapping", POP(parser, parser->marks), + "did not find expected key", token->start_mark); + } +} + +/* + * Parse the productions: + * block_mapping ::= BLOCK-MAPPING_START + * + * ((KEY block_node_or_indentless_sequence?)? + * + * (VALUE block_node_or_indentless_sequence?)?)* + * ***** * + * BLOCK-END + * + */ + +static int +yaml_parser_parse_block_mapping_value(yaml_parser_t *parser, + yaml_event_t *event) +{ + yaml_token_t *token; + + token = PEEK_TOKEN(parser); + if (!token) return 0; + + if (token->type == YAML_VALUE_TOKEN) + { + yaml_mark_t mark = token->end_mark; + SKIP_TOKEN(parser); + token = PEEK_TOKEN(parser); + if (!token) return 0; + if (token->type != YAML_KEY_TOKEN && + token->type != YAML_VALUE_TOKEN && + token->type != YAML_BLOCK_END_TOKEN) { + if (!PUSH(parser, parser->states, + YAML_PARSE_BLOCK_MAPPING_KEY_STATE)) + return 0; + return yaml_parser_parse_node(parser, event, 1, 1); + } + else { + parser->state = YAML_PARSE_BLOCK_MAPPING_KEY_STATE; + return yaml_parser_process_empty_scalar(parser, event, mark); + } + } + + else + { + parser->state = YAML_PARSE_BLOCK_MAPPING_KEY_STATE; + return yaml_parser_process_empty_scalar(parser, event, token->start_mark); + } +} + +/* + * Parse the productions: + * flow_sequence ::= FLOW-SEQUENCE-START + * ******************* + * (flow_sequence_entry FLOW-ENTRY)* + * * ********** + * flow_sequence_entry? + * * + * FLOW-SEQUENCE-END + * ***************** + * flow_sequence_entry ::= flow_node | KEY flow_node? (VALUE flow_node?)? + * * + */ + +static int +yaml_parser_parse_flow_sequence_entry(yaml_parser_t *parser, + yaml_event_t *event, int first) +{ + yaml_token_t *token; + yaml_mark_t dummy_mark; /* Used to eliminate a compiler warning. */ + + if (first) { + token = PEEK_TOKEN(parser); + if (!PUSH(parser, parser->marks, token->start_mark)) + return 0; + SKIP_TOKEN(parser); + } + + token = PEEK_TOKEN(parser); + if (!token) return 0; + + if (token->type != YAML_FLOW_SEQUENCE_END_TOKEN) + { + if (!first) { + if (token->type == YAML_FLOW_ENTRY_TOKEN) { + SKIP_TOKEN(parser); + token = PEEK_TOKEN(parser); + if (!token) return 0; + } + else { + return yaml_parser_set_parser_error_context(parser, + "while parsing a flow sequence", POP(parser, parser->marks), + "did not find expected ',' or ']'", token->start_mark); + } + } + + if (token->type == YAML_KEY_TOKEN) { + parser->state = YAML_PARSE_FLOW_SEQUENCE_ENTRY_MAPPING_KEY_STATE; + MAPPING_START_EVENT_INIT(*event, NULL, NULL, + 1, YAML_FLOW_MAPPING_STYLE, + token->start_mark, token->end_mark); + SKIP_TOKEN(parser); + return 1; + } + + else if (token->type != YAML_FLOW_SEQUENCE_END_TOKEN) { + if (!PUSH(parser, parser->states, + YAML_PARSE_FLOW_SEQUENCE_ENTRY_STATE)) + return 0; + return yaml_parser_parse_node(parser, event, 0, 0); + } + } + + parser->state = POP(parser, parser->states); + dummy_mark = POP(parser, parser->marks); + SEQUENCE_END_EVENT_INIT(*event, token->start_mark, token->end_mark); + SKIP_TOKEN(parser); + return 1; +} + +/* + * Parse the productions: + * flow_sequence_entry ::= flow_node | KEY flow_node? (VALUE flow_node?)? + * *** * + */ + +static int +yaml_parser_parse_flow_sequence_entry_mapping_key(yaml_parser_t *parser, + yaml_event_t *event) +{ + yaml_token_t *token; + + token = PEEK_TOKEN(parser); + if (!token) return 0; + + if (token->type != YAML_VALUE_TOKEN && token->type != YAML_FLOW_ENTRY_TOKEN + && token->type != YAML_FLOW_SEQUENCE_END_TOKEN) { + if (!PUSH(parser, parser->states, + YAML_PARSE_FLOW_SEQUENCE_ENTRY_MAPPING_VALUE_STATE)) + return 0; + return yaml_parser_parse_node(parser, event, 0, 0); + } + else { + yaml_mark_t mark = token->end_mark; + SKIP_TOKEN(parser); + parser->state = YAML_PARSE_FLOW_SEQUENCE_ENTRY_MAPPING_VALUE_STATE; + return yaml_parser_process_empty_scalar(parser, event, mark); + } +} + +/* + * Parse the productions: + * flow_sequence_entry ::= flow_node | KEY flow_node? (VALUE flow_node?)? + * ***** * + */ + +static int +yaml_parser_parse_flow_sequence_entry_mapping_value(yaml_parser_t *parser, + yaml_event_t *event) +{ + yaml_token_t *token; + + token = PEEK_TOKEN(parser); + if (!token) return 0; + + if (token->type == YAML_VALUE_TOKEN) { + SKIP_TOKEN(parser); + token = PEEK_TOKEN(parser); + if (!token) return 0; + if (token->type != YAML_FLOW_ENTRY_TOKEN + && token->type != YAML_FLOW_SEQUENCE_END_TOKEN) { + if (!PUSH(parser, parser->states, + YAML_PARSE_FLOW_SEQUENCE_ENTRY_MAPPING_END_STATE)) + return 0; + return yaml_parser_parse_node(parser, event, 0, 0); + } + } + parser->state = YAML_PARSE_FLOW_SEQUENCE_ENTRY_MAPPING_END_STATE; + return yaml_parser_process_empty_scalar(parser, event, token->start_mark); +} + +/* + * Parse the productions: + * flow_sequence_entry ::= flow_node | KEY flow_node? (VALUE flow_node?)? + * * + */ + +static int +yaml_parser_parse_flow_sequence_entry_mapping_end(yaml_parser_t *parser, + yaml_event_t *event) +{ + yaml_token_t *token; + + token = PEEK_TOKEN(parser); + if (!token) return 0; + + parser->state = YAML_PARSE_FLOW_SEQUENCE_ENTRY_STATE; + + MAPPING_END_EVENT_INIT(*event, token->start_mark, token->start_mark); + return 1; +} + +/* + * Parse the productions: + * flow_mapping ::= FLOW-MAPPING-START + * ****************** + * (flow_mapping_entry FLOW-ENTRY)* + * * ********** + * flow_mapping_entry? + * ****************** + * FLOW-MAPPING-END + * **************** + * flow_mapping_entry ::= flow_node | KEY flow_node? (VALUE flow_node?)? + * * *** * + */ + +static int +yaml_parser_parse_flow_mapping_key(yaml_parser_t *parser, + yaml_event_t *event, int first) +{ + yaml_token_t *token; + yaml_mark_t dummy_mark; /* Used to eliminate a compiler warning. */ + + if (first) { + token = PEEK_TOKEN(parser); + if (!PUSH(parser, parser->marks, token->start_mark)) + return 0; + SKIP_TOKEN(parser); + } + + token = PEEK_TOKEN(parser); + if (!token) return 0; + + if (token->type != YAML_FLOW_MAPPING_END_TOKEN) + { + if (!first) { + if (token->type == YAML_FLOW_ENTRY_TOKEN) { + SKIP_TOKEN(parser); + token = PEEK_TOKEN(parser); + if (!token) return 0; + } + else { + return yaml_parser_set_parser_error_context(parser, + "while parsing a flow mapping", POP(parser, parser->marks), + "did not find expected ',' or '}'", token->start_mark); + } + } + + if (token->type == YAML_KEY_TOKEN) { + SKIP_TOKEN(parser); + token = PEEK_TOKEN(parser); + if (!token) return 0; + if (token->type != YAML_VALUE_TOKEN + && token->type != YAML_FLOW_ENTRY_TOKEN + && token->type != YAML_FLOW_MAPPING_END_TOKEN) { + if (!PUSH(parser, parser->states, + YAML_PARSE_FLOW_MAPPING_VALUE_STATE)) + return 0; + return yaml_parser_parse_node(parser, event, 0, 0); + } + else { + parser->state = YAML_PARSE_FLOW_MAPPING_VALUE_STATE; + return yaml_parser_process_empty_scalar(parser, event, + token->start_mark); + } + } + else if (token->type != YAML_FLOW_MAPPING_END_TOKEN) { + if (!PUSH(parser, parser->states, + YAML_PARSE_FLOW_MAPPING_EMPTY_VALUE_STATE)) + return 0; + return yaml_parser_parse_node(parser, event, 0, 0); + } + } + + parser->state = POP(parser, parser->states); + dummy_mark = POP(parser, parser->marks); + MAPPING_END_EVENT_INIT(*event, token->start_mark, token->end_mark); + SKIP_TOKEN(parser); + return 1; +} + +/* + * Parse the productions: + * flow_mapping_entry ::= flow_node | KEY flow_node? (VALUE flow_node?)? + * * ***** * + */ + +static int +yaml_parser_parse_flow_mapping_value(yaml_parser_t *parser, + yaml_event_t *event, int empty) +{ + yaml_token_t *token; + + token = PEEK_TOKEN(parser); + if (!token) return 0; + + if (empty) { + parser->state = YAML_PARSE_FLOW_MAPPING_KEY_STATE; + return yaml_parser_process_empty_scalar(parser, event, + token->start_mark); + } + + if (token->type == YAML_VALUE_TOKEN) { + SKIP_TOKEN(parser); + token = PEEK_TOKEN(parser); + if (!token) return 0; + if (token->type != YAML_FLOW_ENTRY_TOKEN + && token->type != YAML_FLOW_MAPPING_END_TOKEN) { + if (!PUSH(parser, parser->states, + YAML_PARSE_FLOW_MAPPING_KEY_STATE)) + return 0; + return yaml_parser_parse_node(parser, event, 0, 0); + } + } + + parser->state = YAML_PARSE_FLOW_MAPPING_KEY_STATE; + return yaml_parser_process_empty_scalar(parser, event, token->start_mark); +} + +/* + * Generate an empty scalar event. + */ + +static int +yaml_parser_process_empty_scalar(yaml_parser_t *parser, yaml_event_t *event, + yaml_mark_t mark) +{ + yaml_char_t *value; + + value = yaml_malloc(1); + if (!value) { + parser->error = YAML_MEMORY_ERROR; + return 0; + } + value[0] = '\0'; + + SCALAR_EVENT_INIT(*event, NULL, NULL, value, 0, + 1, 0, YAML_PLAIN_SCALAR_STYLE, mark, mark); + + return 1; +} + +/* + * Parse directives. + */ + +static int +yaml_parser_process_directives(yaml_parser_t *parser, + yaml_titleVersion_directive_t **titleVersion_directive_ref, + yaml_tag_directive_t **tag_directives_start_ref, + yaml_tag_directive_t **tag_directives_end_ref) +{ + yaml_tag_directive_t default_tag_directives[] = { + {(yaml_char_t *)"!", (yaml_char_t *)"!"}, + {(yaml_char_t *)"!!", (yaml_char_t *)"tag:yaml.org,2002:"}, + {NULL, NULL} + }; + yaml_tag_directive_t *default_tag_directive; + yaml_titleVersion_directive_t *titleVersion_directive = NULL; + struct { + yaml_tag_directive_t *start; + yaml_tag_directive_t *end; + yaml_tag_directive_t *top; + } tag_directives = { NULL, NULL, NULL }; + yaml_token_t *token; + + if (!STACK_INIT(parser, tag_directives, INITIAL_STACK_SIZE)) + goto error; + + token = PEEK_TOKEN(parser); + if (!token) goto error; + + while (token->type == YAML_titleVersion_DIRECTIVE_TOKEN || + token->type == YAML_TAG_DIRECTIVE_TOKEN) + { + if (token->type == YAML_titleVersion_DIRECTIVE_TOKEN) { + if (titleVersion_directive) { + yaml_parser_set_parser_error(parser, + "found duplicate %YAML directive", token->start_mark); + goto error; + } + if (token->data.titleVersion_directive.major != 1 + || token->data.titleVersion_directive.minor != 1) { + yaml_parser_set_parser_error(parser, + "found incompatible YAML document", token->start_mark); + goto error; + } + titleVersion_directive = yaml_malloc(sizeof(yaml_titleVersion_directive_t)); + if (!titleVersion_directive) { + parser->error = YAML_MEMORY_ERROR; + goto error; + } + titleVersion_directive->major = token->data.titleVersion_directive.major; + titleVersion_directive->minor = token->data.titleVersion_directive.minor; + } + + else if (token->type == YAML_TAG_DIRECTIVE_TOKEN) { + yaml_tag_directive_t value; + value.handle = token->data.tag_directive.handle; + value.prefix = token->data.tag_directive.prefix; + + if (!yaml_parser_append_tag_directive(parser, value, 0, + token->start_mark)) + goto error; + if (!PUSH(parser, tag_directives, value)) + goto error; + } + + SKIP_TOKEN(parser); + token = PEEK_TOKEN(parser); + if (!token) goto error; + } + + for (default_tag_directive = default_tag_directives; + default_tag_directive->handle; default_tag_directive++) { + if (!yaml_parser_append_tag_directive(parser, *default_tag_directive, 1, + token->start_mark)) + goto error; + } + + if (titleVersion_directive_ref) { + *titleVersion_directive_ref = titleVersion_directive; + } + if (tag_directives_start_ref) { + if (STACK_EMPTY(parser, tag_directives)) { + *tag_directives_start_ref = *tag_directives_end_ref = NULL; + STACK_DEL(parser, tag_directives); + } + else { + *tag_directives_start_ref = tag_directives.start; + *tag_directives_end_ref = tag_directives.top; + } + } + else { + STACK_DEL(parser, tag_directives); + } + + return 1; + +error: + yaml_free(titleVersion_directive); + while (!STACK_EMPTY(parser, tag_directives)) { + yaml_tag_directive_t tag_directive = POP(parser, tag_directives); + yaml_free(tag_directive.handle); + yaml_free(tag_directive.prefix); + } + STACK_DEL(parser, tag_directives); + return 0; +} + +/* + * Append a tag directive to the directives stack. + */ + +static int +yaml_parser_append_tag_directive(yaml_parser_t *parser, + yaml_tag_directive_t value, int allow_duplicates, yaml_mark_t mark) +{ + yaml_tag_directive_t *tag_directive; + yaml_tag_directive_t copy = { NULL, NULL }; + + for (tag_directive = parser->tag_directives.start; + tag_directive != parser->tag_directives.top; tag_directive ++) { + if (strcmp((char *)value.handle, (char *)tag_directive->handle) == 0) { + if (allow_duplicates) + return 1; + return yaml_parser_set_parser_error(parser, + "found duplicate %TAG directive", mark); + } + } + + copy.handle = yaml_strdup(value.handle); + copy.prefix = yaml_strdup(value.prefix); + if (!copy.handle || !copy.prefix) { + parser->error = YAML_MEMORY_ERROR; + goto error; + } + + if (!PUSH(parser, parser->tag_directives, copy)) + goto error; + + return 1; + +error: + yaml_free(copy.handle); + yaml_free(copy.prefix); + return 0; +} + diff --git a/libyaml/reader.c b/libyaml/reader.c new file mode 100644 index 0000000..e7ab27a --- /dev/null +++ b/libyaml/reader.c @@ -0,0 +1,465 @@ + +#include "libyaml/yaml_private.h" + +/* + * Declarations. + */ + +static int +yaml_parser_set_reader_error(yaml_parser_t *parser, const char *problem, + size_t offset, int value); + +static int +yaml_parser_update_raw_buffer(yaml_parser_t *parser); + +static int +yaml_parser_determine_encoding(yaml_parser_t *parser); + +YAML_DECLARE(int) +yaml_parser_update_buffer(yaml_parser_t *parser, size_t length); + +/* + * Set the reader error and return 0. + */ + +static int +yaml_parser_set_reader_error(yaml_parser_t *parser, const char *problem, + size_t offset, int value) +{ + parser->error = YAML_READER_ERROR; + parser->problem = problem; + parser->problem_offset = offset; + parser->problem_value = value; + + return 0; +} + +/* + * Byte order marks. + */ + +#define BOM_UTF8 "\xef\xbb\xbf" +#define BOM_UTF16LE "\xff\xfe" +#define BOM_UTF16BE "\xfe\xff" + +/* + * Determine the input stream encoding by checking the BOM symbol. If no BOM is + * found, the UTF-8 encoding is assumed. Return 1 on success, 0 on failure. + */ + +static int +yaml_parser_determine_encoding(yaml_parser_t *parser) +{ + /* Ensure that we had enough bytes in the raw buffer. */ + + while (!parser->eof + && parser->raw_buffer.last - parser->raw_buffer.pointer < 3) { + if (!yaml_parser_update_raw_buffer(parser)) { + return 0; + } + } + + /* Determine the encoding. */ + + if (parser->raw_buffer.last - parser->raw_buffer.pointer >= 2 + && !memcmp(parser->raw_buffer.pointer, BOM_UTF16LE, 2)) { + parser->encoding = YAML_UTF16LE_ENCODING; + parser->raw_buffer.pointer += 2; + parser->offset += 2; + } + else if (parser->raw_buffer.last - parser->raw_buffer.pointer >= 2 + && !memcmp(parser->raw_buffer.pointer, BOM_UTF16BE, 2)) { + parser->encoding = YAML_UTF16BE_ENCODING; + parser->raw_buffer.pointer += 2; + parser->offset += 2; + } + else if (parser->raw_buffer.last - parser->raw_buffer.pointer >= 3 + && !memcmp(parser->raw_buffer.pointer, BOM_UTF8, 3)) { + parser->encoding = YAML_UTF8_ENCODING; + parser->raw_buffer.pointer += 3; + parser->offset += 3; + } + else { + parser->encoding = YAML_UTF8_ENCODING; + } + + return 1; +} + +/* + * Update the raw buffer. + */ + +static int +yaml_parser_update_raw_buffer(yaml_parser_t *parser) +{ + size_t size_read = 0; + + /* Return if the raw buffer is full. */ + + if (parser->raw_buffer.start == parser->raw_buffer.pointer + && parser->raw_buffer.last == parser->raw_buffer.end) + return 1; + + /* Return on EOF. */ + + if (parser->eof) return 1; + + /* Move the remaining bytes in the raw buffer to the beginning. */ + + if (parser->raw_buffer.start < parser->raw_buffer.pointer + && parser->raw_buffer.pointer < parser->raw_buffer.last) { + memmove(parser->raw_buffer.start, parser->raw_buffer.pointer, + parser->raw_buffer.last - parser->raw_buffer.pointer); + } + parser->raw_buffer.last -= + parser->raw_buffer.pointer - parser->raw_buffer.start; + parser->raw_buffer.pointer = parser->raw_buffer.start; + + /* Call the read handler to fill the buffer. */ + + if (!parser->read_handler(parser->read_handler_data, parser->raw_buffer.last, + parser->raw_buffer.end - parser->raw_buffer.last, &size_read)) { + return yaml_parser_set_reader_error(parser, "input error", + parser->offset, -1); + } + parser->raw_buffer.last += size_read; + if (!size_read) { + parser->eof = 1; + } + + return 1; +} + +/* + * Ensure that the buffer contains at least `length` characters. + * Return 1 on success, 0 on failure. + * + * The length is supposed to be significantly less that the buffer size. + */ + +YAML_DECLARE(int) +yaml_parser_update_buffer(yaml_parser_t *parser, size_t length) +{ + int first = 1; + + assert(parser->read_handler); /* Read handler must be set. */ + + /* If the EOF flag is set and the raw buffer is empty, do nothing. */ + + if (parser->eof && parser->raw_buffer.pointer == parser->raw_buffer.last) + return 1; + + /* Return if the buffer contains enough characters. */ + + if (parser->unread >= length) + return 1; + + /* Determine the input encoding if it is not known yet. */ + + if (!parser->encoding) { + if (!yaml_parser_determine_encoding(parser)) + return 0; + } + + /* Move the unread characters to the beginning of the buffer. */ + + if (parser->buffer.start < parser->buffer.pointer + && parser->buffer.pointer < parser->buffer.last) { + size_t size = parser->buffer.last - parser->buffer.pointer; + memmove(parser->buffer.start, parser->buffer.pointer, size); + parser->buffer.pointer = parser->buffer.start; + parser->buffer.last = parser->buffer.start + size; + } + else if (parser->buffer.pointer == parser->buffer.last) { + parser->buffer.pointer = parser->buffer.start; + parser->buffer.last = parser->buffer.start; + } + + /* Fill the buffer until it has enough characters. */ + + while (parser->unread < length) + { + /* Fill the raw buffer if necessary. */ + + if (!first || parser->raw_buffer.pointer == parser->raw_buffer.last) { + if (!yaml_parser_update_raw_buffer(parser)) return 0; + } + first = 0; + + /* Decode the raw buffer. */ + + while (parser->raw_buffer.pointer != parser->raw_buffer.last) + { + unsigned int value = 0, value2 = 0; + int incomplete = 0; + unsigned char octet; + unsigned int width = 0; + int low, high; + size_t k; + size_t raw_unread = parser->raw_buffer.last - parser->raw_buffer.pointer; + + /* Decode the next character. */ + + switch (parser->encoding) + { + case YAML_UTF8_ENCODING: + + /* + * Decode a UTF-8 character. Check RFC 3629 + * (http://www.ietf.org/rfc/rfc3629.txt) for more details. + * + * The following table (taken from the RFC) is used for + * decoding. + * + * Char. number range | UTF-8 octet sequence + * (hexadecimal) | (binary) + * --------------------+------------------------------------ + * 0000 0000-0000 007F | 0xxxxxxx + * 0000 0080-0000 07FF | 110xxxxx 10xxxxxx + * 0000 0800-0000 FFFF | 1110xxxx 10xxxxxx 10xxxxxx + * 0001 0000-0010 FFFF | 11110xxx 10xxxxxx 10xxxxxx 10xxxxxx + * + * Additionally, the characters in the range 0xD800-0xDFFF + * are prohibited as they are reserved for use with UTF-16 + * surrogate pairs. + */ + + /* Determine the length of the UTF-8 sequence. */ + + octet = parser->raw_buffer.pointer[0]; + width = (octet & 0x80) == 0x00 ? 1 : + (octet & 0xE0) == 0xC0 ? 2 : + (octet & 0xF0) == 0xE0 ? 3 : + (octet & 0xF8) == 0xF0 ? 4 : 0; + + /* Check if the leading octet is valid. */ + + if (!width) + return yaml_parser_set_reader_error(parser, + "invalid leading UTF-8 octet", + parser->offset, octet); + + /* Check if the raw buffer contains an incomplete character. */ + + if (width > raw_unread) { + if (parser->eof) { + return yaml_parser_set_reader_error(parser, + "incomplete UTF-8 octet sequence", + parser->offset, -1); + } + incomplete = 1; + break; + } + + /* Decode the leading octet. */ + + value = (octet & 0x80) == 0x00 ? octet & 0x7F : + (octet & 0xE0) == 0xC0 ? octet & 0x1F : + (octet & 0xF0) == 0xE0 ? octet & 0x0F : + (octet & 0xF8) == 0xF0 ? octet & 0x07 : 0; + + /* Check and decode the trailing octets. */ + + for (k = 1; k < width; k ++) + { + octet = parser->raw_buffer.pointer[k]; + + /* Check if the octet is valid. */ + + if ((octet & 0xC0) != 0x80) + return yaml_parser_set_reader_error(parser, + "invalid trailing UTF-8 octet", + parser->offset+k, octet); + + /* Decode the octet. */ + + value = (value << 6) + (octet & 0x3F); + } + + /* Check the length of the sequence against the value. */ + + if (!((width == 1) || + (width == 2 && value >= 0x80) || + (width == 3 && value >= 0x800) || + (width == 4 && value >= 0x10000))) + return yaml_parser_set_reader_error(parser, + "invalid length of a UTF-8 sequence", + parser->offset, -1); + + /* Check the range of the value. */ + + if ((value >= 0xD800 && value <= 0xDFFF) || value > 0x10FFFF) + return yaml_parser_set_reader_error(parser, + "invalid Unicode character", + parser->offset, value); + + break; + + case YAML_UTF16LE_ENCODING: + case YAML_UTF16BE_ENCODING: + + low = (parser->encoding == YAML_UTF16LE_ENCODING ? 0 : 1); + high = (parser->encoding == YAML_UTF16LE_ENCODING ? 1 : 0); + + /* + * The UTF-16 encoding is not as simple as one might + * naively think. Check RFC 2781 + * (http://www.ietf.org/rfc/rfc2781.txt). + * + * Normally, two subsequent bytes describe a Unicode + * character. However a special technique (called a + * surrogate pair) is used for specifying character + * values larger than 0xFFFF. + * + * A surrogate pair consists of two pseudo-characters: + * high surrogate area (0xD800-0xDBFF) + * low surrogate area (0xDC00-0xDFFF) + * + * The following formulas are used for decoding + * and encoding characters using surrogate pairs: + * + * U = U' + 0x10000 (0x01 00 00 <= U <= 0x10 FF FF) + * U' = yyyyyyyyyyxxxxxxxxxx (0 <= U' <= 0x0F FF FF) + * W1 = 110110yyyyyyyyyy + * W2 = 110111xxxxxxxxxx + * + * where U is the character value, W1 is the high surrogate + * area, W2 is the low surrogate area. + */ + + /* Check for incomplete UTF-16 character. */ + + if (raw_unread < 2) { + if (parser->eof) { + return yaml_parser_set_reader_error(parser, + "incomplete UTF-16 character", + parser->offset, -1); + } + incomplete = 1; + break; + } + + /* Get the character. */ + + value = parser->raw_buffer.pointer[low] + + (parser->raw_buffer.pointer[high] << 8); + + /* Check for unexpected low surrogate area. */ + + if ((value & 0xFC00) == 0xDC00) + return yaml_parser_set_reader_error(parser, + "unexpected low surrogate area", + parser->offset, value); + + /* Check for a high surrogate area. */ + + if ((value & 0xFC00) == 0xD800) { + + width = 4; + + /* Check for incomplete surrogate pair. */ + + if (raw_unread < 4) { + if (parser->eof) { + return yaml_parser_set_reader_error(parser, + "incomplete UTF-16 surrogate pair", + parser->offset, -1); + } + incomplete = 1; + break; + } + + /* Get the next character. */ + + value2 = parser->raw_buffer.pointer[low+2] + + (parser->raw_buffer.pointer[high+2] << 8); + + /* Check for a low surrogate area. */ + + if ((value2 & 0xFC00) != 0xDC00) + return yaml_parser_set_reader_error(parser, + "expected low surrogate area", + parser->offset+2, value2); + + /* Generate the value of the surrogate pair. */ + + value = 0x10000 + ((value & 0x3FF) << 10) + (value2 & 0x3FF); + } + + else { + width = 2; + } + + break; + + default: + assert(1); /* Impossible. */ + } + + /* Check if the raw buffer contains enough bytes to form a character. */ + + if (incomplete) break; + + /* + * Check if the character is in the allowed range: + * #x9 | #xA | #xD | [#x20-#x7E] (8 bit) + * | #x85 | [#xA0-#xD7FF] | [#xE000-#xFFFD] (16 bit) + * | [#x10000-#x10FFFF] (32 bit) + */ + + if (! (value == 0x09 || value == 0x0A || value == 0x0D + || (value >= 0x20 && value <= 0x7E) + || (value == 0x85) || (value >= 0xA0 && value <= 0xD7FF) + || (value >= 0xE000 && value <= 0xFFFD) + || (value >= 0x10000 && value <= 0x10FFFF))) + return yaml_parser_set_reader_error(parser, + "control characters are not allowed", + parser->offset, value); + + /* Move the raw pointers. */ + + parser->raw_buffer.pointer += width; + parser->offset += width; + + /* Finally put the character into the buffer. */ + + /* 0000 0000-0000 007F -> 0xxxxxxx */ + if (value <= 0x7F) { + *(parser->buffer.last++) = value; + } + /* 0000 0080-0000 07FF -> 110xxxxx 10xxxxxx */ + else if (value <= 0x7FF) { + *(parser->buffer.last++) = 0xC0 + (value >> 6); + *(parser->buffer.last++) = 0x80 + (value & 0x3F); + } + /* 0000 0800-0000 FFFF -> 1110xxxx 10xxxxxx 10xxxxxx */ + else if (value <= 0xFFFF) { + *(parser->buffer.last++) = 0xE0 + (value >> 12); + *(parser->buffer.last++) = 0x80 + ((value >> 6) & 0x3F); + *(parser->buffer.last++) = 0x80 + (value & 0x3F); + } + /* 0001 0000-0010 FFFF -> 11110xxx 10xxxxxx 10xxxxxx 10xxxxxx */ + else { + *(parser->buffer.last++) = 0xF0 + (value >> 18); + *(parser->buffer.last++) = 0x80 + ((value >> 12) & 0x3F); + *(parser->buffer.last++) = 0x80 + ((value >> 6) & 0x3F); + *(parser->buffer.last++) = 0x80 + (value & 0x3F); + } + + parser->unread ++; + } + + /* On EOF, put NUL into the buffer and return. */ + + if (parser->eof) { + *(parser->buffer.last++) = '\0'; + parser->unread ++; + return 1; + } + + } + + return 1; +} + diff --git a/libyaml/scanner.c b/libyaml/scanner.c new file mode 100644 index 0000000..0ed7c7b --- /dev/null +++ b/libyaml/scanner.c @@ -0,0 +1,3570 @@ + +/* + * Introduction + * ************ + * + * The following notes assume that you are familiar with the YAML specification + * (http://yaml.org/spec/cvs/current.html). We mostly follow it, although in + * some cases we are less restrictive that it requires. + * + * The process of transforming a YAML stream into a sequence of events is + * divided on two steps: Scanning and Parsing. + * + * The Scanner transforms the input stream into a sequence of tokens, while the + * parser transform the sequence of tokens produced by the Scanner into a + * sequence of parsing events. + * + * The Scanner is rather clever and complicated. The Parser, on the contrary, + * is a straightforward implementation of a recursive-descendant parser (or, + * LL(1) parser, as it is usually called). + * + * Actually there are two issues of Scanning that might be called "clever", the + * rest is quite straightforward. The issues are "block collection start" and + * "simple keys". Both issues are explained below in details. + * + * Here the Scanning step is explained and implemented. We start with the list + * of all the tokens produced by the Scanner together with short descriptions. + * + * Now, tokens: + * + * STREAM-START(encoding) # The stream start. + * STREAM-END # The stream end. + * titleVersion-DIRECTIVE(major,minor) # The '%YAML' directive. + * TAG-DIRECTIVE(handle,prefix) # The '%TAG' directive. + * DOCUMENT-START # '---' + * DOCUMENT-END # '...' + * BLOCK-SEQUENCE-START # Indentation increase denoting a block + * BLOCK-MAPPING-START # sequence or a block mapping. + * BLOCK-END # Indentation decrease. + * FLOW-SEQUENCE-START # '[' + * FLOW-SEQUENCE-END # ']' + * BLOCK-SEQUENCE-START # '{' + * BLOCK-SEQUENCE-END # '}' + * BLOCK-ENTRY # '-' + * FLOW-ENTRY # ',' + * KEY # '?' or nothing (simple keys). + * VALUE # ':' + * ALIAS(anchor) # '*anchor' + * ANCHOR(anchor) # '&anchor' + * TAG(handle,suffix) # '!handle!suffix' + * SCALAR(value,style) # A scalar. + * + * The following two tokens are "virtual" tokens denoting the beginning and the + * end of the stream: + * + * STREAM-START(encoding) + * STREAM-END + * + * We pass the information about the input stream encoding with the + * STREAM-START token. + * + * The next two tokens are responsible for tags: + * + * titleVersion-DIRECTIVE(major,minor) + * TAG-DIRECTIVE(handle,prefix) + * + * Example: + * + * %YAML 1.1 + * %TAG ! !foo + * %TAG !yaml! tag:yaml.org,2002: + * --- + * + * The correspoding sequence of tokens: + * + * STREAM-START(utf-8) + * titleVersion-DIRECTIVE(1,1) + * TAG-DIRECTIVE("!","!foo") + * TAG-DIRECTIVE("!yaml","tag:yaml.org,2002:") + * DOCUMENT-START + * STREAM-END + * + * Note that the titleVersion-DIRECTIVE and TAG-DIRECTIVE tokens occupy a whole + * line. + * + * The document start and end indicators are represented by: + * + * DOCUMENT-START + * DOCUMENT-END + * + * Note that if a YAML stream contains an implicit document (without '---' + * and '...' indicators), no DOCUMENT-START and DOCUMENT-END tokens will be + * produced. + * + * In the following examples, we present whole documents together with the + * produced tokens. + * + * 1. An implicit document: + * + * 'a scalar' + * + * Tokens: + * + * STREAM-START(utf-8) + * SCALAR("a scalar",single-quoted) + * STREAM-END + * + * 2. An explicit document: + * + * --- + * 'a scalar' + * ... + * + * Tokens: + * + * STREAM-START(utf-8) + * DOCUMENT-START + * SCALAR("a scalar",single-quoted) + * DOCUMENT-END + * STREAM-END + * + * 3. Several documents in a stream: + * + * 'a scalar' + * --- + * 'another scalar' + * --- + * 'yet another scalar' + * + * Tokens: + * + * STREAM-START(utf-8) + * SCALAR("a scalar",single-quoted) + * DOCUMENT-START + * SCALAR("another scalar",single-quoted) + * DOCUMENT-START + * SCALAR("yet another scalar",single-quoted) + * STREAM-END + * + * We have already introduced the SCALAR token above. The following tokens are + * used to describe aliases, anchors, tag, and scalars: + * + * ALIAS(anchor) + * ANCHOR(anchor) + * TAG(handle,suffix) + * SCALAR(value,style) + * + * The following series of examples illustrate the usage of these tokens: + * + * 1. A recursive sequence: + * + * &A [ *A ] + * + * Tokens: + * + * STREAM-START(utf-8) + * ANCHOR("A") + * FLOW-SEQUENCE-START + * ALIAS("A") + * FLOW-SEQUENCE-END + * STREAM-END + * + * 2. A tagged scalar: + * + * !!float "3.14" # A good approximation. + * + * Tokens: + * + * STREAM-START(utf-8) + * TAG("!!","float") + * SCALAR("3.14",double-quoted) + * STREAM-END + * + * 3. Various scalar styles: + * + * --- # Implicit empty plain scalars do not produce tokens. + * --- a plain scalar + * --- 'a single-quoted scalar' + * --- "a double-quoted scalar" + * --- |- + * a literal scalar + * --- >- + * a folded + * scalar + * + * Tokens: + * + * STREAM-START(utf-8) + * DOCUMENT-START + * DOCUMENT-START + * SCALAR("a plain scalar",plain) + * DOCUMENT-START + * SCALAR("a single-quoted scalar",single-quoted) + * DOCUMENT-START + * SCALAR("a double-quoted scalar",double-quoted) + * DOCUMENT-START + * SCALAR("a literal scalar",literal) + * DOCUMENT-START + * SCALAR("a folded scalar",folded) + * STREAM-END + * + * Now it's time to review collection-related tokens. We will start with + * flow collections: + * + * FLOW-SEQUENCE-START + * FLOW-SEQUENCE-END + * FLOW-MAPPING-START + * FLOW-MAPPING-END + * FLOW-ENTRY + * KEY + * VALUE + * + * The tokens FLOW-SEQUENCE-START, FLOW-SEQUENCE-END, FLOW-MAPPING-START, and + * FLOW-MAPPING-END represent the indicators '[', ']', '{', and '}' + * correspondingly. FLOW-ENTRY represent the ',' indicator. Finally the + * indicators '?' and ':', which are used for denoting mapping keys and values, + * are represented by the KEY and VALUE tokens. + * + * The following examples show flow collections: + * + * 1. A flow sequence: + * + * [item 1, item 2, item 3] + * + * Tokens: + * + * STREAM-START(utf-8) + * FLOW-SEQUENCE-START + * SCALAR("item 1",plain) + * FLOW-ENTRY + * SCALAR("item 2",plain) + * FLOW-ENTRY + * SCALAR("item 3",plain) + * FLOW-SEQUENCE-END + * STREAM-END + * + * 2. A flow mapping: + * + * { + * a simple key: a value, # Note that the KEY token is produced. + * ? a complex key: another value, + * } + * + * Tokens: + * + * STREAM-START(utf-8) + * FLOW-MAPPING-START + * KEY + * SCALAR("a simple key",plain) + * VALUE + * SCALAR("a value",plain) + * FLOW-ENTRY + * KEY + * SCALAR("a complex key",plain) + * VALUE + * SCALAR("another value",plain) + * FLOW-ENTRY + * FLOW-MAPPING-END + * STREAM-END + * + * A simple key is a key which is not denoted by the '?' indicator. Note that + * the Scanner still produce the KEY token whenever it encounters a simple key. + * + * For scanning block collections, the following tokens are used (note that we + * repeat KEY and VALUE here): + * + * BLOCK-SEQUENCE-START + * BLOCK-MAPPING-START + * BLOCK-END + * BLOCK-ENTRY + * KEY + * VALUE + * + * The tokens BLOCK-SEQUENCE-START and BLOCK-MAPPING-START denote indentation + * increase that precedes a block collection (cf. the INDENT token in Python). + * The token BLOCK-END denote indentation decrease that ends a block collection + * (cf. the DEDENT token in Python). However YAML has some syntax pecularities + * that makes detections of these tokens more complex. + * + * The tokens BLOCK-ENTRY, KEY, and VALUE are used to represent the indicators + * '-', '?', and ':' correspondingly. + * + * The following examples show how the tokens BLOCK-SEQUENCE-START, + * BLOCK-MAPPING-START, and BLOCK-END are emitted by the Scanner: + * + * 1. Block sequences: + * + * - item 1 + * - item 2 + * - + * - item 3.1 + * - item 3.2 + * - + * key 1: value 1 + * key 2: value 2 + * + * Tokens: + * + * STREAM-START(utf-8) + * BLOCK-SEQUENCE-START + * BLOCK-ENTRY + * SCALAR("item 1",plain) + * BLOCK-ENTRY + * SCALAR("item 2",plain) + * BLOCK-ENTRY + * BLOCK-SEQUENCE-START + * BLOCK-ENTRY + * SCALAR("item 3.1",plain) + * BLOCK-ENTRY + * SCALAR("item 3.2",plain) + * BLOCK-END + * BLOCK-ENTRY + * BLOCK-MAPPING-START + * KEY + * SCALAR("key 1",plain) + * VALUE + * SCALAR("value 1",plain) + * KEY + * SCALAR("key 2",plain) + * VALUE + * SCALAR("value 2",plain) + * BLOCK-END + * BLOCK-END + * STREAM-END + * + * 2. Block mappings: + * + * a simple key: a value # The KEY token is produced here. + * ? a complex key + * : another value + * a mapping: + * key 1: value 1 + * key 2: value 2 + * a sequence: + * - item 1 + * - item 2 + * + * Tokens: + * + * STREAM-START(utf-8) + * BLOCK-MAPPING-START + * KEY + * SCALAR("a simple key",plain) + * VALUE + * SCALAR("a value",plain) + * KEY + * SCALAR("a complex key",plain) + * VALUE + * SCALAR("another value",plain) + * KEY + * SCALAR("a mapping",plain) + * BLOCK-MAPPING-START + * KEY + * SCALAR("key 1",plain) + * VALUE + * SCALAR("value 1",plain) + * KEY + * SCALAR("key 2",plain) + * VALUE + * SCALAR("value 2",plain) + * BLOCK-END + * KEY + * SCALAR("a sequence",plain) + * VALUE + * BLOCK-SEQUENCE-START + * BLOCK-ENTRY + * SCALAR("item 1",plain) + * BLOCK-ENTRY + * SCALAR("item 2",plain) + * BLOCK-END + * BLOCK-END + * STREAM-END + * + * YAML does not always require to start a new block collection from a new + * line. If the current line contains only '-', '?', and ':' indicators, a new + * block collection may start at the current line. The following examples + * illustrate this case: + * + * 1. Collections in a sequence: + * + * - - item 1 + * - item 2 + * - key 1: value 1 + * key 2: value 2 + * - ? complex key + * : complex value + * + * Tokens: + * + * STREAM-START(utf-8) + * BLOCK-SEQUENCE-START + * BLOCK-ENTRY + * BLOCK-SEQUENCE-START + * BLOCK-ENTRY + * SCALAR("item 1",plain) + * BLOCK-ENTRY + * SCALAR("item 2",plain) + * BLOCK-END + * BLOCK-ENTRY + * BLOCK-MAPPING-START + * KEY + * SCALAR("key 1",plain) + * VALUE + * SCALAR("value 1",plain) + * KEY + * SCALAR("key 2",plain) + * VALUE + * SCALAR("value 2",plain) + * BLOCK-END + * BLOCK-ENTRY + * BLOCK-MAPPING-START + * KEY + * SCALAR("complex key") + * VALUE + * SCALAR("complex value") + * BLOCK-END + * BLOCK-END + * STREAM-END + * + * 2. Collections in a mapping: + * + * ? a sequence + * : - item 1 + * - item 2 + * ? a mapping + * : key 1: value 1 + * key 2: value 2 + * + * Tokens: + * + * STREAM-START(utf-8) + * BLOCK-MAPPING-START + * KEY + * SCALAR("a sequence",plain) + * VALUE + * BLOCK-SEQUENCE-START + * BLOCK-ENTRY + * SCALAR("item 1",plain) + * BLOCK-ENTRY + * SCALAR("item 2",plain) + * BLOCK-END + * KEY + * SCALAR("a mapping",plain) + * VALUE + * BLOCK-MAPPING-START + * KEY + * SCALAR("key 1",plain) + * VALUE + * SCALAR("value 1",plain) + * KEY + * SCALAR("key 2",plain) + * VALUE + * SCALAR("value 2",plain) + * BLOCK-END + * BLOCK-END + * STREAM-END + * + * YAML also permits non-indented sequences if they are included into a block + * mapping. In this case, the token BLOCK-SEQUENCE-START is not produced: + * + * key: + * - item 1 # BLOCK-SEQUENCE-START is NOT produced here. + * - item 2 + * + * Tokens: + * + * STREAM-START(utf-8) + * BLOCK-MAPPING-START + * KEY + * SCALAR("key",plain) + * VALUE + * BLOCK-ENTRY + * SCALAR("item 1",plain) + * BLOCK-ENTRY + * SCALAR("item 2",plain) + * BLOCK-END + */ + +#include "libyaml/yaml_private.h" + +/* + * Ensure that the buffer contains the required number of characters. + * Return 1 on success, 0 on failure (reader error or memory error). + */ + +#define CACHE(parser,length) \ + (parser->unread >= (length) \ + ? 1 \ + : yaml_parser_update_buffer(parser, (length))) + +/* + * Advance the buffer pointer. + */ + +#define SKIP(parser) \ + (parser->mark.index ++, \ + parser->mark.column ++, \ + parser->unread --, \ + parser->buffer.pointer += WIDTH(parser->buffer)) + +#define SKIP_LINE(parser) \ + (IS_CRLF(parser->buffer) ? \ + (parser->mark.index += 2, \ + parser->mark.column = 0, \ + parser->mark.line ++, \ + parser->unread -= 2, \ + parser->buffer.pointer += 2) : \ + IS_BREAK(parser->buffer) ? \ + (parser->mark.index ++, \ + parser->mark.column = 0, \ + parser->mark.line ++, \ + parser->unread --, \ + parser->buffer.pointer += WIDTH(parser->buffer)) : 0) + +/* + * Copy a character to a string buffer and advance pointers. + */ + +#define READ(parser,string) \ + (STRING_EXTEND(parser,string) ? \ + (COPY(string,parser->buffer), \ + parser->mark.index ++, \ + parser->mark.column ++, \ + parser->unread --, \ + 1) : 0) + +/* + * Copy a line break character to a string buffer and advance pointers. + */ + +#define READ_LINE(parser,string) \ + (STRING_EXTEND(parser,string) ? \ + (((CHECK_AT(parser->buffer,'\r',0) \ + && CHECK_AT(parser->buffer,'\n',1)) ? /* CR LF -> LF */ \ + (*((string).pointer++) = (yaml_char_t) '\n', \ + parser->buffer.pointer += 2, \ + parser->mark.index += 2, \ + parser->mark.column = 0, \ + parser->mark.line ++, \ + parser->unread -= 2) : \ + (CHECK_AT(parser->buffer,'\r',0) \ + || CHECK_AT(parser->buffer,'\n',0)) ? /* CR|LF -> LF */ \ + (*((string).pointer++) = (yaml_char_t) '\n', \ + parser->buffer.pointer ++, \ + parser->mark.index ++, \ + parser->mark.column = 0, \ + parser->mark.line ++, \ + parser->unread --) : \ + (CHECK_AT(parser->buffer,'\xC2',0) \ + && CHECK_AT(parser->buffer,'\x85',1)) ? /* NEL -> LF */ \ + (*((string).pointer++) = (yaml_char_t) '\n', \ + parser->buffer.pointer += 2, \ + parser->mark.index ++, \ + parser->mark.column = 0, \ + parser->mark.line ++, \ + parser->unread --) : \ + (CHECK_AT(parser->buffer,'\xE2',0) && \ + CHECK_AT(parser->buffer,'\x80',1) && \ + (CHECK_AT(parser->buffer,'\xA8',2) || \ + CHECK_AT(parser->buffer,'\xA9',2))) ? /* LS|PS -> LS|PS */ \ + (*((string).pointer++) = *(parser->buffer.pointer++), \ + *((string).pointer++) = *(parser->buffer.pointer++), \ + *((string).pointer++) = *(parser->buffer.pointer++), \ + parser->mark.index ++, \ + parser->mark.column = 0, \ + parser->mark.line ++, \ + parser->unread --) : 0), \ + 1) : 0) + +/* + * Public API declarations. + */ + +YAML_DECLARE(int) +yaml_parser_scan(yaml_parser_t *parser, yaml_token_t *token); + +/* + * Error handling. + */ + +static int +yaml_parser_set_scanner_error(yaml_parser_t *parser, const char *context, + yaml_mark_t context_mark, const char *problem); + +/* + * High-level token API. + */ + +YAML_DECLARE(int) +yaml_parser_fetch_more_tokens(yaml_parser_t *parser); + +static int +yaml_parser_fetch_next_token(yaml_parser_t *parser); + +/* + * Potential simple keys. + */ + +static int +yaml_parser_stale_simple_keys(yaml_parser_t *parser); + +static int +yaml_parser_save_simple_key(yaml_parser_t *parser); + +static int +yaml_parser_remove_simple_key(yaml_parser_t *parser); + +static int +yaml_parser_increase_flow_level(yaml_parser_t *parser); + +static int +yaml_parser_decrease_flow_level(yaml_parser_t *parser); + +/* + * Indentation treatment. + */ + +static int +yaml_parser_roll_indent(yaml_parser_t *parser, int column, + int number, yaml_token_type_t type, yaml_mark_t mark); + +static int +yaml_parser_unroll_indent(yaml_parser_t *parser, int column); + +/* + * Token fetchers. + */ + +static int +yaml_parser_fetch_stream_start(yaml_parser_t *parser); + +static int +yaml_parser_fetch_stream_end(yaml_parser_t *parser); + +static int +yaml_parser_fetch_directive(yaml_parser_t *parser); + +static int +yaml_parser_fetch_document_indicator(yaml_parser_t *parser, + yaml_token_type_t type); + +static int +yaml_parser_fetch_flow_collection_start(yaml_parser_t *parser, + yaml_token_type_t type); + +static int +yaml_parser_fetch_flow_collection_end(yaml_parser_t *parser, + yaml_token_type_t type); + +static int +yaml_parser_fetch_flow_entry(yaml_parser_t *parser); + +static int +yaml_parser_fetch_block_entry(yaml_parser_t *parser); + +static int +yaml_parser_fetch_key(yaml_parser_t *parser); + +static int +yaml_parser_fetch_value(yaml_parser_t *parser); + +static int +yaml_parser_fetch_anchor(yaml_parser_t *parser, yaml_token_type_t type); + +static int +yaml_parser_fetch_tag(yaml_parser_t *parser); + +static int +yaml_parser_fetch_block_scalar(yaml_parser_t *parser, int literal); + +static int +yaml_parser_fetch_flow_scalar(yaml_parser_t *parser, int single); + +static int +yaml_parser_fetch_plain_scalar(yaml_parser_t *parser); + +/* + * Token scanners. + */ + +static int +yaml_parser_scan_to_next_token(yaml_parser_t *parser); + +static int +yaml_parser_scan_directive(yaml_parser_t *parser, yaml_token_t *token); + +static int +yaml_parser_scan_directive_name(yaml_parser_t *parser, + yaml_mark_t start_mark, yaml_char_t **name); + +static int +yaml_parser_scan_titleVersion_directive_value(yaml_parser_t *parser, + yaml_mark_t start_mark, int *major, int *minor); + +static int +yaml_parser_scan_titleVersion_directive_number(yaml_parser_t *parser, + yaml_mark_t start_mark, int *number); + +static int +yaml_parser_scan_tag_directive_value(yaml_parser_t *parser, + yaml_mark_t mark, yaml_char_t **handle, yaml_char_t **prefix); + +static int +yaml_parser_scan_anchor(yaml_parser_t *parser, yaml_token_t *token, + yaml_token_type_t type); + +static int +yaml_parser_scan_tag(yaml_parser_t *parser, yaml_token_t *token); + +static int +yaml_parser_scan_tag_handle(yaml_parser_t *parser, int directive, + yaml_mark_t start_mark, yaml_char_t **handle); + +static int +yaml_parser_scan_tag_uri(yaml_parser_t *parser, int directive, + yaml_char_t *head, yaml_mark_t start_mark, yaml_char_t **uri); + +static int +yaml_parser_scan_uri_escapes(yaml_parser_t *parser, int directive, + yaml_mark_t start_mark, yaml_string_t *string); + +static int +yaml_parser_scan_block_scalar(yaml_parser_t *parser, yaml_token_t *token, + int literal); + +static int +yaml_parser_scan_block_scalar_breaks(yaml_parser_t *parser, + int *indent, yaml_string_t *breaks, + yaml_mark_t start_mark, yaml_mark_t *end_mark); + +static int +yaml_parser_scan_flow_scalar(yaml_parser_t *parser, yaml_token_t *token, + int single); + +static int +yaml_parser_scan_plain_scalar(yaml_parser_t *parser, yaml_token_t *token); + +/* + * Get the next token. + */ + +YAML_DECLARE(int) +yaml_parser_scan(yaml_parser_t *parser, yaml_token_t *token) +{ + assert(parser); /* Non-NULL parser object is expected. */ + assert(token); /* Non-NULL token object is expected. */ + + /* Erase the token object. */ + + memset(token, 0, sizeof(yaml_token_t)); + + /* No tokens after STREAM-END or error. */ + + if (parser->stream_end_produced || parser->error) { + return 1; + } + + /* Ensure that the tokens queue contains enough tokens. */ + + if (!parser->token_available) { + if (!yaml_parser_fetch_more_tokens(parser)) + return 0; + } + + /* Fetch the next token from the queue. */ + + *token = DEQUEUE(parser, parser->tokens); + parser->token_available = 0; + parser->tokens_parsed ++; + + if (token->type == YAML_STREAM_END_TOKEN) { + parser->stream_end_produced = 1; + } + + return 1; +} + +/* + * Set the scanner error and return 0. + */ + +static int +yaml_parser_set_scanner_error(yaml_parser_t *parser, const char *context, + yaml_mark_t context_mark, const char *problem) +{ + parser->error = YAML_SCANNER_ERROR; + parser->context = context; + parser->context_mark = context_mark; + parser->problem = problem; + parser->problem_mark = parser->mark; + + return 0; +} + +/* + * Ensure that the tokens queue contains at least one token which can be + * returned to the Parser. + */ + +YAML_DECLARE(int) +yaml_parser_fetch_more_tokens(yaml_parser_t *parser) +{ + int need_more_tokens; + + /* While we need more tokens to fetch, do it. */ + + while (1) + { + /* + * Check if we really need to fetch more tokens. + */ + + need_more_tokens = 0; + + if (parser->tokens.head == parser->tokens.tail) + { + /* Queue is empty. */ + + need_more_tokens = 1; + } + else + { + yaml_simple_key_t *simple_key; + + /* Check if any potential simple key may occupy the head position. */ + + if (!yaml_parser_stale_simple_keys(parser)) + return 0; + + for (simple_key = parser->simple_keys.start; + simple_key != parser->simple_keys.top; simple_key++) { + if (simple_key->possible + && simple_key->token_number == parser->tokens_parsed) { + need_more_tokens = 1; + break; + } + } + } + + /* We are finished. */ + + if (!need_more_tokens) + break; + + /* Fetch the next token. */ + + if (!yaml_parser_fetch_next_token(parser)) + return 0; + } + + parser->token_available = 1; + + return 1; +} + +/* + * The dispatcher for token fetchers. + */ + +static int +yaml_parser_fetch_next_token(yaml_parser_t *parser) +{ + /* Ensure that the buffer is initialized. */ + + if (!CACHE(parser, 1)) + return 0; + + /* Check if we just started scanning. Fetch STREAM-START then. */ + + if (!parser->stream_start_produced) + return yaml_parser_fetch_stream_start(parser); + + /* Eat whitespaces and comments until we reach the next token. */ + + if (!yaml_parser_scan_to_next_token(parser)) + return 0; + + /* Remove obsolete potential simple keys. */ + + if (!yaml_parser_stale_simple_keys(parser)) + return 0; + + /* Check the indentation level against the current column. */ + + if (!yaml_parser_unroll_indent(parser, parser->mark.column)) + return 0; + + /* + * Ensure that the buffer contains at least 4 characters. 4 is the length + * of the longest indicators ('--- ' and '... '). + */ + + if (!CACHE(parser, 4)) + return 0; + + /* Is it the end of the stream? */ + + if (IS_Z(parser->buffer)) + return yaml_parser_fetch_stream_end(parser); + + /* Is it a directive? */ + + if (parser->mark.column == 0 && CHECK(parser->buffer, '%')) + return yaml_parser_fetch_directive(parser); + + /* Is it the document start indicator? */ + + if (parser->mark.column == 0 + && CHECK_AT(parser->buffer, '-', 0) + && CHECK_AT(parser->buffer, '-', 1) + && CHECK_AT(parser->buffer, '-', 2) + && IS_BLANKZ_AT(parser->buffer, 3)) + return yaml_parser_fetch_document_indicator(parser, + YAML_DOCUMENT_START_TOKEN); + + /* Is it the document end indicator? */ + + if (parser->mark.column == 0 + && CHECK_AT(parser->buffer, '.', 0) + && CHECK_AT(parser->buffer, '.', 1) + && CHECK_AT(parser->buffer, '.', 2) + && IS_BLANKZ_AT(parser->buffer, 3)) + return yaml_parser_fetch_document_indicator(parser, + YAML_DOCUMENT_END_TOKEN); + + /* Is it the flow sequence start indicator? */ + + if (CHECK(parser->buffer, '[')) + return yaml_parser_fetch_flow_collection_start(parser, + YAML_FLOW_SEQUENCE_START_TOKEN); + + /* Is it the flow mapping start indicator? */ + + if (CHECK(parser->buffer, '{')) + return yaml_parser_fetch_flow_collection_start(parser, + YAML_FLOW_MAPPING_START_TOKEN); + + /* Is it the flow sequence end indicator? */ + + if (CHECK(parser->buffer, ']')) + return yaml_parser_fetch_flow_collection_end(parser, + YAML_FLOW_SEQUENCE_END_TOKEN); + + /* Is it the flow mapping end indicator? */ + + if (CHECK(parser->buffer, '}')) + return yaml_parser_fetch_flow_collection_end(parser, + YAML_FLOW_MAPPING_END_TOKEN); + + /* Is it the flow entry indicator? */ + + if (CHECK(parser->buffer, ',')) + return yaml_parser_fetch_flow_entry(parser); + + /* Is it the block entry indicator? */ + + if (CHECK(parser->buffer, '-') && IS_BLANKZ_AT(parser->buffer, 1)) + return yaml_parser_fetch_block_entry(parser); + + /* Is it the key indicator? */ + + if (CHECK(parser->buffer, '?') + && (parser->flow_level || IS_BLANKZ_AT(parser->buffer, 1))) + return yaml_parser_fetch_key(parser); + + /* Is it the value indicator? */ + + if (CHECK(parser->buffer, ':') + && (parser->flow_level || IS_BLANKZ_AT(parser->buffer, 1))) + return yaml_parser_fetch_value(parser); + + /* Is it an alias? */ + + if (CHECK(parser->buffer, '*')) + return yaml_parser_fetch_anchor(parser, YAML_ALIAS_TOKEN); + + /* Is it an anchor? */ + + if (CHECK(parser->buffer, '&')) + return yaml_parser_fetch_anchor(parser, YAML_ANCHOR_TOKEN); + + /* Is it a tag? */ + + if (CHECK(parser->buffer, '!')) + return yaml_parser_fetch_tag(parser); + + /* Is it a literal scalar? */ + + if (CHECK(parser->buffer, '|') && !parser->flow_level) + return yaml_parser_fetch_block_scalar(parser, 1); + + /* Is it a folded scalar? */ + + if (CHECK(parser->buffer, '>') && !parser->flow_level) + return yaml_parser_fetch_block_scalar(parser, 0); + + /* Is it a single-quoted scalar? */ + + if (CHECK(parser->buffer, '\'')) + return yaml_parser_fetch_flow_scalar(parser, 1); + + /* Is it a double-quoted scalar? */ + + if (CHECK(parser->buffer, '"')) + return yaml_parser_fetch_flow_scalar(parser, 0); + + /* + * Is it a plain scalar? + * + * A plain scalar may start with any non-blank characters except + * + * '-', '?', ':', ',', '[', ']', '{', '}', + * '#', '&', '*', '!', '|', '>', '\'', '\"', + * '%', '@', '`'. + * + * In the block context (and, for the '-' indicator, in the flow context + * too), it may also start with the characters + * + * '-', '?', ':' + * + * if it is followed by a non-space character. + * + * The last rule is more restrictive than the specification requires. + */ + + if (!(IS_BLANKZ(parser->buffer) || CHECK(parser->buffer, '-') + || CHECK(parser->buffer, '?') || CHECK(parser->buffer, ':') + || CHECK(parser->buffer, ',') || CHECK(parser->buffer, '[') + || CHECK(parser->buffer, ']') || CHECK(parser->buffer, '{') + || CHECK(parser->buffer, '}') || CHECK(parser->buffer, '#') + || CHECK(parser->buffer, '&') || CHECK(parser->buffer, '*') + || CHECK(parser->buffer, '!') || CHECK(parser->buffer, '|') + || CHECK(parser->buffer, '>') || CHECK(parser->buffer, '\'') + || CHECK(parser->buffer, '"') || CHECK(parser->buffer, '%') + || CHECK(parser->buffer, '@') || CHECK(parser->buffer, '`')) || + (CHECK(parser->buffer, '-') && !IS_BLANK_AT(parser->buffer, 1)) || + (!parser->flow_level && + (CHECK(parser->buffer, '?') || CHECK(parser->buffer, ':')) + && !IS_BLANKZ_AT(parser->buffer, 1))) + return yaml_parser_fetch_plain_scalar(parser); + + /* + * If we don't determine the token type so far, it is an error. + */ + + return yaml_parser_set_scanner_error(parser, + "while scanning for the next token", parser->mark, + "found character that cannot start any token"); +} + +/* + * Check the list of potential simple keys and remove the positions that + * cannot contain simple keys anymore. + */ + +static int +yaml_parser_stale_simple_keys(yaml_parser_t *parser) +{ + yaml_simple_key_t *simple_key; + + /* Check for a potential simple key for each flow level. */ + + for (simple_key = parser->simple_keys.start; + simple_key != parser->simple_keys.top; simple_key ++) + { + /* + * The specification requires that a simple key + * + * - is limited to a single line, + * - is shorter than 1024 characters. + */ + + if (simple_key->possible + && (simple_key->mark.line < parser->mark.line + || simple_key->mark.index+1024 < parser->mark.index)) { + + /* Check if the potential simple key to be removed is required. */ + + if (simple_key->required) { + return yaml_parser_set_scanner_error(parser, + "while scanning a simple key", simple_key->mark, + "could not find expected ':'"); + } + + simple_key->possible = 0; + } + } + + return 1; +} + +/* + * Check if a simple key may start at the current position and add it if + * needed. + */ + +static int +yaml_parser_save_simple_key(yaml_parser_t *parser) +{ + /* + * A simple key is required at the current position if the scanner is in + * the block context and the current column coincides with the indentation + * level. + */ + + int required = (!parser->flow_level + && parser->indent == (int)parser->mark.column); + + /* + * A simple key is required only when it is the first token in the current + * line. Therefore it is always allowed. But we add a check anyway. + */ + + assert(parser->simple_key_allowed || !required); /* Impossible. */ + + /* + * If the current position may start a simple key, save it. + */ + + if (parser->simple_key_allowed) + { + yaml_simple_key_t simple_key; + simple_key.possible = 1; + simple_key.required = required; + simple_key.token_number = + parser->tokens_parsed + (parser->tokens.tail - parser->tokens.head); + simple_key.mark = parser->mark; + + if (!yaml_parser_remove_simple_key(parser)) return 0; + + *(parser->simple_keys.top-1) = simple_key; + } + + return 1; +} + +/* + * Remove a potential simple key at the current flow level. + */ + +static int +yaml_parser_remove_simple_key(yaml_parser_t *parser) +{ + yaml_simple_key_t *simple_key = parser->simple_keys.top-1; + + if (simple_key->possible) + { + /* If the key is required, it is an error. */ + + if (simple_key->required) { + return yaml_parser_set_scanner_error(parser, + "while scanning a simple key", simple_key->mark, + "could not find expected ':'"); + } + } + + /* Remove the key from the stack. */ + + simple_key->possible = 0; + + return 1; +} + +/* + * Increase the flow level and resize the simple key list if needed. + */ + +static int +yaml_parser_increase_flow_level(yaml_parser_t *parser) +{ + yaml_simple_key_t empty_simple_key = { 0, 0, 0, { 0, 0, 0 } }; + + /* Reset the simple key on the next level. */ + + if (!PUSH(parser, parser->simple_keys, empty_simple_key)) + return 0; + + /* Increase the flow level. */ + + parser->flow_level++; + + return 1; +} + +/* + * Decrease the flow level. + */ + +static int +yaml_parser_decrease_flow_level(yaml_parser_t *parser) +{ + yaml_simple_key_t dummy_key; /* Used to eliminate a compiler warning. */ + + if (parser->flow_level) { + parser->flow_level --; + dummy_key = POP(parser, parser->simple_keys); + } + + return 1; +} + +/* + * Push the current indentation level to the stack and set the new level + * the current column is greater than the indentation level. In this case, + * append or insert the specified token into the token queue. + * + */ + +static int +yaml_parser_roll_indent(yaml_parser_t *parser, int column, + int number, yaml_token_type_t type, yaml_mark_t mark) +{ + yaml_token_t token; + + /* In the flow context, do nothing. */ + + if (parser->flow_level) + return 1; + + if (parser->indent < column) + { + /* + * Push the current indentation level to the stack and set the new + * indentation level. + */ + + if (!PUSH(parser, parser->indents, parser->indent)) + return 0; + + parser->indent = column; + + /* Create a token and insert it into the queue. */ + + TOKEN_INIT(token, type, mark, mark); + + if (number == -1) { + if (!ENQUEUE(parser, parser->tokens, token)) + return 0; + } + else { + if (!QUEUE_INSERT(parser, + parser->tokens, number - parser->tokens_parsed, token)) + return 0; + } + } + + return 1; +} + +/* + * Pop indentation levels from the indents stack until the current level + * becomes less or equal to the column. For each intendation level, append + * the BLOCK-END token. + */ + + +static int +yaml_parser_unroll_indent(yaml_parser_t *parser, int column) +{ + yaml_token_t token; + + /* In the flow context, do nothing. */ + + if (parser->flow_level) + return 1; + + /* Loop through the intendation levels in the stack. */ + + while (parser->indent > column) + { + /* Create a token and append it to the queue. */ + + TOKEN_INIT(token, YAML_BLOCK_END_TOKEN, parser->mark, parser->mark); + + if (!ENQUEUE(parser, parser->tokens, token)) + return 0; + + /* Pop the indentation level. */ + + parser->indent = POP(parser, parser->indents); + } + + return 1; +} + +/* + * Initialize the scanner and produce the STREAM-START token. + */ + +static int +yaml_parser_fetch_stream_start(yaml_parser_t *parser) +{ + yaml_simple_key_t simple_key = { 0, 0, 0, { 0, 0, 0 } }; + yaml_token_t token; + + /* Set the initial indentation. */ + + parser->indent = -1; + + /* Initialize the simple key stack. */ + + if (!PUSH(parser, parser->simple_keys, simple_key)) + return 0; + + /* A simple key is allowed at the beginning of the stream. */ + + parser->simple_key_allowed = 1; + + /* We have started. */ + + parser->stream_start_produced = 1; + + /* Create the STREAM-START token and append it to the queue. */ + + STREAM_START_TOKEN_INIT(token, parser->encoding, + parser->mark, parser->mark); + + if (!ENQUEUE(parser, parser->tokens, token)) + return 0; + + return 1; +} + +/* + * Produce the STREAM-END token and shut down the scanner. + */ + +static int +yaml_parser_fetch_stream_end(yaml_parser_t *parser) +{ + yaml_token_t token; + + /* Force new line. */ + + if (parser->mark.column != 0) { + parser->mark.column = 0; + parser->mark.line ++; + } + + /* Reset the indentation level. */ + + if (!yaml_parser_unroll_indent(parser, -1)) + return 0; + + /* Reset simple keys. */ + + if (!yaml_parser_remove_simple_key(parser)) + return 0; + + parser->simple_key_allowed = 0; + + /* Create the STREAM-END token and append it to the queue. */ + + STREAM_END_TOKEN_INIT(token, parser->mark, parser->mark); + + if (!ENQUEUE(parser, parser->tokens, token)) + return 0; + + return 1; +} + +/* + * Produce a titleVersion-DIRECTIVE or TAG-DIRECTIVE token. + */ + +static int +yaml_parser_fetch_directive(yaml_parser_t *parser) +{ + yaml_token_t token; + + /* Reset the indentation level. */ + + if (!yaml_parser_unroll_indent(parser, -1)) + return 0; + + /* Reset simple keys. */ + + if (!yaml_parser_remove_simple_key(parser)) + return 0; + + parser->simple_key_allowed = 0; + + /* Create the YAML-DIRECTIVE or TAG-DIRECTIVE token. */ + + if (!yaml_parser_scan_directive(parser, &token)) + return 0; + + /* Append the token to the queue. */ + + if (!ENQUEUE(parser, parser->tokens, token)) { + yaml_token_delete(&token); + return 0; + } + + return 1; +} + +/* + * Produce the DOCUMENT-START or DOCUMENT-END token. + */ + +static int +yaml_parser_fetch_document_indicator(yaml_parser_t *parser, + yaml_token_type_t type) +{ + yaml_mark_t start_mark, end_mark; + yaml_token_t token; + + /* Reset the indentation level. */ + + if (!yaml_parser_unroll_indent(parser, -1)) + return 0; + + /* Reset simple keys. */ + + if (!yaml_parser_remove_simple_key(parser)) + return 0; + + parser->simple_key_allowed = 0; + + /* Consume the token. */ + + start_mark = parser->mark; + + SKIP(parser); + SKIP(parser); + SKIP(parser); + + end_mark = parser->mark; + + /* Create the DOCUMENT-START or DOCUMENT-END token. */ + + TOKEN_INIT(token, type, start_mark, end_mark); + + /* Append the token to the queue. */ + + if (!ENQUEUE(parser, parser->tokens, token)) + return 0; + + return 1; +} + +/* + * Produce the FLOW-SEQUENCE-START or FLOW-MAPPING-START token. + */ + +static int +yaml_parser_fetch_flow_collection_start(yaml_parser_t *parser, + yaml_token_type_t type) +{ + yaml_mark_t start_mark, end_mark; + yaml_token_t token; + + /* The indicators '[' and '{' may start a simple key. */ + + if (!yaml_parser_save_simple_key(parser)) + return 0; + + /* Increase the flow level. */ + + if (!yaml_parser_increase_flow_level(parser)) + return 0; + + /* A simple key may follow the indicators '[' and '{'. */ + + parser->simple_key_allowed = 1; + + /* Consume the token. */ + + start_mark = parser->mark; + SKIP(parser); + end_mark = parser->mark; + + /* Create the FLOW-SEQUENCE-START of FLOW-MAPPING-START token. */ + + TOKEN_INIT(token, type, start_mark, end_mark); + + /* Append the token to the queue. */ + + if (!ENQUEUE(parser, parser->tokens, token)) + return 0; + + return 1; +} + +/* + * Produce the FLOW-SEQUENCE-END or FLOW-MAPPING-END token. + */ + +static int +yaml_parser_fetch_flow_collection_end(yaml_parser_t *parser, + yaml_token_type_t type) +{ + yaml_mark_t start_mark, end_mark; + yaml_token_t token; + + /* Reset any potential simple key on the current flow level. */ + + if (!yaml_parser_remove_simple_key(parser)) + return 0; + + /* Decrease the flow level. */ + + if (!yaml_parser_decrease_flow_level(parser)) + return 0; + + /* No simple keys after the indicators ']' and '}'. */ + + parser->simple_key_allowed = 0; + + /* Consume the token. */ + + start_mark = parser->mark; + SKIP(parser); + end_mark = parser->mark; + + /* Create the FLOW-SEQUENCE-END of FLOW-MAPPING-END token. */ + + TOKEN_INIT(token, type, start_mark, end_mark); + + /* Append the token to the queue. */ + + if (!ENQUEUE(parser, parser->tokens, token)) + return 0; + + return 1; +} + +/* + * Produce the FLOW-ENTRY token. + */ + +static int +yaml_parser_fetch_flow_entry(yaml_parser_t *parser) +{ + yaml_mark_t start_mark, end_mark; + yaml_token_t token; + + /* Reset any potential simple keys on the current flow level. */ + + if (!yaml_parser_remove_simple_key(parser)) + return 0; + + /* Simple keys are allowed after ','. */ + + parser->simple_key_allowed = 1; + + /* Consume the token. */ + + start_mark = parser->mark; + SKIP(parser); + end_mark = parser->mark; + + /* Create the FLOW-ENTRY token and append it to the queue. */ + + TOKEN_INIT(token, YAML_FLOW_ENTRY_TOKEN, start_mark, end_mark); + + if (!ENQUEUE(parser, parser->tokens, token)) + return 0; + + return 1; +} + +/* + * Produce the BLOCK-ENTRY token. + */ + +static int +yaml_parser_fetch_block_entry(yaml_parser_t *parser) +{ + yaml_mark_t start_mark, end_mark; + yaml_token_t token; + + /* Check if the scanner is in the block context. */ + + if (!parser->flow_level) + { + /* Check if we are allowed to start a new entry. */ + + if (!parser->simple_key_allowed) { + return yaml_parser_set_scanner_error(parser, NULL, parser->mark, + "block sequence entries are not allowed in this context"); + } + + /* Add the BLOCK-SEQUENCE-START token if needed. */ + + if (!yaml_parser_roll_indent(parser, parser->mark.column, -1, + YAML_BLOCK_SEQUENCE_START_TOKEN, parser->mark)) + return 0; + } + else + { + /* + * It is an error for the '-' indicator to occur in the flow context, + * but we let the Parser detect and report about it because the Parser + * is able to point to the context. + */ + } + + /* Reset any potential simple keys on the current flow level. */ + + if (!yaml_parser_remove_simple_key(parser)) + return 0; + + /* Simple keys are allowed after '-'. */ + + parser->simple_key_allowed = 1; + + /* Consume the token. */ + + start_mark = parser->mark; + SKIP(parser); + end_mark = parser->mark; + + /* Create the BLOCK-ENTRY token and append it to the queue. */ + + TOKEN_INIT(token, YAML_BLOCK_ENTRY_TOKEN, start_mark, end_mark); + + if (!ENQUEUE(parser, parser->tokens, token)) + return 0; + + return 1; +} + +/* + * Produce the KEY token. + */ + +static int +yaml_parser_fetch_key(yaml_parser_t *parser) +{ + yaml_mark_t start_mark, end_mark; + yaml_token_t token; + + /* In the block context, additional checks are required. */ + + if (!parser->flow_level) + { + /* Check if we are allowed to start a new key (not nessesary simple). */ + + if (!parser->simple_key_allowed) { + return yaml_parser_set_scanner_error(parser, NULL, parser->mark, + "mapping keys are not allowed in this context"); + } + + /* Add the BLOCK-MAPPING-START token if needed. */ + + if (!yaml_parser_roll_indent(parser, parser->mark.column, -1, + YAML_BLOCK_MAPPING_START_TOKEN, parser->mark)) + return 0; + } + + /* Reset any potential simple keys on the current flow level. */ + + if (!yaml_parser_remove_simple_key(parser)) + return 0; + + /* Simple keys are allowed after '?' in the block context. */ + + parser->simple_key_allowed = (!parser->flow_level); + + /* Consume the token. */ + + start_mark = parser->mark; + SKIP(parser); + end_mark = parser->mark; + + /* Create the KEY token and append it to the queue. */ + + TOKEN_INIT(token, YAML_KEY_TOKEN, start_mark, end_mark); + + if (!ENQUEUE(parser, parser->tokens, token)) + return 0; + + return 1; +} + +/* + * Produce the VALUE token. + */ + +static int +yaml_parser_fetch_value(yaml_parser_t *parser) +{ + yaml_mark_t start_mark, end_mark; + yaml_token_t token; + yaml_simple_key_t *simple_key = parser->simple_keys.top-1; + + /* Have we found a simple key? */ + + if (simple_key->possible) + { + + /* Create the KEY token and insert it into the queue. */ + + TOKEN_INIT(token, YAML_KEY_TOKEN, simple_key->mark, simple_key->mark); + + if (!QUEUE_INSERT(parser, parser->tokens, + simple_key->token_number - parser->tokens_parsed, token)) + return 0; + + /* In the block context, we may need to add the BLOCK-MAPPING-START token. */ + + if (!yaml_parser_roll_indent(parser, simple_key->mark.column, + simple_key->token_number, + YAML_BLOCK_MAPPING_START_TOKEN, simple_key->mark)) + return 0; + + /* Remove the simple key. */ + + simple_key->possible = 0; + + /* A simple key cannot follow another simple key. */ + + parser->simple_key_allowed = 0; + } + else + { + /* The ':' indicator follows a complex key. */ + + /* In the block context, extra checks are required. */ + + if (!parser->flow_level) + { + /* Check if we are allowed to start a complex value. */ + + if (!parser->simple_key_allowed) { + return yaml_parser_set_scanner_error(parser, NULL, parser->mark, + "mapping values are not allowed in this context"); + } + + /* Add the BLOCK-MAPPING-START token if needed. */ + + if (!yaml_parser_roll_indent(parser, parser->mark.column, -1, + YAML_BLOCK_MAPPING_START_TOKEN, parser->mark)) + return 0; + } + + /* Simple keys after ':' are allowed in the block context. */ + + parser->simple_key_allowed = (!parser->flow_level); + } + + /* Consume the token. */ + + start_mark = parser->mark; + SKIP(parser); + end_mark = parser->mark; + + /* Create the VALUE token and append it to the queue. */ + + TOKEN_INIT(token, YAML_VALUE_TOKEN, start_mark, end_mark); + + if (!ENQUEUE(parser, parser->tokens, token)) + return 0; + + return 1; +} + +/* + * Produce the ALIAS or ANCHOR token. + */ + +static int +yaml_parser_fetch_anchor(yaml_parser_t *parser, yaml_token_type_t type) +{ + yaml_token_t token; + + /* An anchor or an alias could be a simple key. */ + + if (!yaml_parser_save_simple_key(parser)) + return 0; + + /* A simple key cannot follow an anchor or an alias. */ + + parser->simple_key_allowed = 0; + + /* Create the ALIAS or ANCHOR token and append it to the queue. */ + + if (!yaml_parser_scan_anchor(parser, &token, type)) + return 0; + + if (!ENQUEUE(parser, parser->tokens, token)) { + yaml_token_delete(&token); + return 0; + } + return 1; +} + +/* + * Produce the TAG token. + */ + +static int +yaml_parser_fetch_tag(yaml_parser_t *parser) +{ + yaml_token_t token; + + /* A tag could be a simple key. */ + + if (!yaml_parser_save_simple_key(parser)) + return 0; + + /* A simple key cannot follow a tag. */ + + parser->simple_key_allowed = 0; + + /* Create the TAG token and append it to the queue. */ + + if (!yaml_parser_scan_tag(parser, &token)) + return 0; + + if (!ENQUEUE(parser, parser->tokens, token)) { + yaml_token_delete(&token); + return 0; + } + + return 1; +} + +/* + * Produce the SCALAR(...,literal) or SCALAR(...,folded) tokens. + */ + +static int +yaml_parser_fetch_block_scalar(yaml_parser_t *parser, int literal) +{ + yaml_token_t token; + + /* Remove any potential simple keys. */ + + if (!yaml_parser_remove_simple_key(parser)) + return 0; + + /* A simple key may follow a block scalar. */ + + parser->simple_key_allowed = 1; + + /* Create the SCALAR token and append it to the queue. */ + + if (!yaml_parser_scan_block_scalar(parser, &token, literal)) + return 0; + + if (!ENQUEUE(parser, parser->tokens, token)) { + yaml_token_delete(&token); + return 0; + } + + return 1; +} + +/* + * Produce the SCALAR(...,single-quoted) or SCALAR(...,double-quoted) tokens. + */ + +static int +yaml_parser_fetch_flow_scalar(yaml_parser_t *parser, int single) +{ + yaml_token_t token; + + /* A plain scalar could be a simple key. */ + + if (!yaml_parser_save_simple_key(parser)) + return 0; + + /* A simple key cannot follow a flow scalar. */ + + parser->simple_key_allowed = 0; + + /* Create the SCALAR token and append it to the queue. */ + + if (!yaml_parser_scan_flow_scalar(parser, &token, single)) + return 0; + + if (!ENQUEUE(parser, parser->tokens, token)) { + yaml_token_delete(&token); + return 0; + } + + return 1; +} + +/* + * Produce the SCALAR(...,plain) token. + */ + +static int +yaml_parser_fetch_plain_scalar(yaml_parser_t *parser) +{ + yaml_token_t token; + + /* A plain scalar could be a simple key. */ + + if (!yaml_parser_save_simple_key(parser)) + return 0; + + /* A simple key cannot follow a flow scalar. */ + + parser->simple_key_allowed = 0; + + /* Create the SCALAR token and append it to the queue. */ + + if (!yaml_parser_scan_plain_scalar(parser, &token)) + return 0; + + if (!ENQUEUE(parser, parser->tokens, token)) { + yaml_token_delete(&token); + return 0; + } + + return 1; +} + +/* + * Eat whitespaces and comments until the next token is found. + */ + +static int +yaml_parser_scan_to_next_token(yaml_parser_t *parser) +{ + /* Until the next token is not found. */ + + while (1) + { + /* Allow the BOM mark to start a line. */ + + if (!CACHE(parser, 1)) return 0; + + if (parser->mark.column == 0 && IS_BOM(parser->buffer)) + SKIP(parser); + + /* + * Eat whitespaces. + * + * Tabs are allowed: + * + * - in the flow context; + * - in the block context, but not at the beginning of the line or + * after '-', '?', or ':' (complex value). + */ + + if (!CACHE(parser, 1)) return 0; + + while (CHECK(parser->buffer,' ') || + ((parser->flow_level || !parser->simple_key_allowed) && + CHECK(parser->buffer, '\t'))) { + SKIP(parser); + if (!CACHE(parser, 1)) return 0; + } + + /* Eat a comment until a line break. */ + + if (CHECK(parser->buffer, '#')) { + while (!IS_BREAKZ(parser->buffer)) { + SKIP(parser); + if (!CACHE(parser, 1)) return 0; + } + } + + /* If it is a line break, eat it. */ + + if (IS_BREAK(parser->buffer)) + { + if (!CACHE(parser, 2)) return 0; + SKIP_LINE(parser); + + /* In the block context, a new line may start a simple key. */ + + if (!parser->flow_level) { + parser->simple_key_allowed = 1; + } + } + else + { + /* We have found a token. */ + + break; + } + } + + return 1; +} + +/* + * Scan a YAML-DIRECTIVE or TAG-DIRECTIVE token. + * + * Scope: + * %YAML 1.1 # a comment \n + * ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + * %TAG !yaml! tag:yaml.org,2002: \n + * ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + */ + +int +yaml_parser_scan_directive(yaml_parser_t *parser, yaml_token_t *token) +{ + yaml_mark_t start_mark, end_mark; + yaml_char_t *name = NULL; + int major, minor; + yaml_char_t *handle = NULL, *prefix = NULL; + + /* Eat '%'. */ + + start_mark = parser->mark; + + SKIP(parser); + + /* Scan the directive name. */ + + if (!yaml_parser_scan_directive_name(parser, start_mark, &name)) + goto error; + + /* Is it a YAML directive? */ + + if (strcmp((char *)name, "YAML") == 0) + { + /* Scan the titleVersion directive value. */ + + if (!yaml_parser_scan_titleVersion_directive_value(parser, start_mark, + &major, &minor)) + goto error; + + end_mark = parser->mark; + + /* Create a titleVersion-DIRECTIVE token. */ + + titleVersion_DIRECTIVE_TOKEN_INIT(*token, major, minor, + start_mark, end_mark); + } + + /* Is it a TAG directive? */ + + else if (strcmp((char *)name, "TAG") == 0) + { + /* Scan the TAG directive value. */ + + if (!yaml_parser_scan_tag_directive_value(parser, start_mark, + &handle, &prefix)) + goto error; + + end_mark = parser->mark; + + /* Create a TAG-DIRECTIVE token. */ + + TAG_DIRECTIVE_TOKEN_INIT(*token, handle, prefix, + start_mark, end_mark); + } + + /* Unknown directive. */ + + else + { + yaml_parser_set_scanner_error(parser, "while scanning a directive", + start_mark, "found uknown directive name"); + goto error; + } + + /* Eat the rest of the line including any comments. */ + + if (!CACHE(parser, 1)) goto error; + + while (IS_BLANK(parser->buffer)) { + SKIP(parser); + if (!CACHE(parser, 1)) goto error; + } + + if (CHECK(parser->buffer, '#')) { + while (!IS_BREAKZ(parser->buffer)) { + SKIP(parser); + if (!CACHE(parser, 1)) goto error; + } + } + + /* Check if we are at the end of the line. */ + + if (!IS_BREAKZ(parser->buffer)) { + yaml_parser_set_scanner_error(parser, "while scanning a directive", + start_mark, "did not find expected comment or line break"); + goto error; + } + + /* Eat a line break. */ + + if (IS_BREAK(parser->buffer)) { + if (!CACHE(parser, 2)) goto error; + SKIP_LINE(parser); + } + + yaml_free(name); + + return 1; + +error: + yaml_free(prefix); + yaml_free(handle); + yaml_free(name); + return 0; +} + +/* + * Scan the directive name. + * + * Scope: + * %YAML 1.1 # a comment \n + * ^^^^ + * %TAG !yaml! tag:yaml.org,2002: \n + * ^^^ + */ + +static int +yaml_parser_scan_directive_name(yaml_parser_t *parser, + yaml_mark_t start_mark, yaml_char_t **name) +{ + yaml_string_t string = NULL_STRING; + + if (!STRING_INIT(parser, string, INITIAL_STRING_SIZE)) goto error; + + /* Consume the directive name. */ + + if (!CACHE(parser, 1)) goto error; + + while (IS_ALPHA(parser->buffer)) + { + if (!READ(parser, string)) goto error; + if (!CACHE(parser, 1)) goto error; + } + + /* Check if the name is empty. */ + + if (string.start == string.pointer) { + yaml_parser_set_scanner_error(parser, "while scanning a directive", + start_mark, "could not find expected directive name"); + goto error; + } + + /* Check for an blank character after the name. */ + + if (!IS_BLANKZ(parser->buffer)) { + yaml_parser_set_scanner_error(parser, "while scanning a directive", + start_mark, "found unexpected non-alphabetical character"); + goto error; + } + + *name = string.start; + + return 1; + +error: + STRING_DEL(parser, string); + return 0; +} + +/* + * Scan the value of titleVersion-DIRECTIVE. + * + * Scope: + * %YAML 1.1 # a comment \n + * ^^^^^^ + */ + +static int +yaml_parser_scan_titleVersion_directive_value(yaml_parser_t *parser, + yaml_mark_t start_mark, int *major, int *minor) +{ + /* Eat whitespaces. */ + + if (!CACHE(parser, 1)) return 0; + + while (IS_BLANK(parser->buffer)) { + SKIP(parser); + if (!CACHE(parser, 1)) return 0; + } + + /* Consume the major titleVersion number. */ + + if (!yaml_parser_scan_titleVersion_directive_number(parser, start_mark, major)) + return 0; + + /* Eat '.'. */ + + if (!CHECK(parser->buffer, '.')) { + return yaml_parser_set_scanner_error(parser, "while scanning a %YAML directive", + start_mark, "did not find expected digit or '.' character"); + } + + SKIP(parser); + + /* Consume the minor titleVersion number. */ + + if (!yaml_parser_scan_titleVersion_directive_number(parser, start_mark, minor)) + return 0; + + return 1; +} + +#define MAX_NUMBER_LENGTH 9 + +/* + * Scan the titleVersion number of titleVersion-DIRECTIVE. + * + * Scope: + * %YAML 1.1 # a comment \n + * ^ + * %YAML 1.1 # a comment \n + * ^ + */ + +static int +yaml_parser_scan_titleVersion_directive_number(yaml_parser_t *parser, + yaml_mark_t start_mark, int *number) +{ + int value = 0; + size_t length = 0; + + /* Repeat while the next character is digit. */ + + if (!CACHE(parser, 1)) return 0; + + while (IS_DIGIT(parser->buffer)) + { + /* Check if the number is too long. */ + + if (++length > MAX_NUMBER_LENGTH) { + return yaml_parser_set_scanner_error(parser, "while scanning a %YAML directive", + start_mark, "found extremely long titleVersion number"); + } + + value = value*10 + AS_DIGIT(parser->buffer); + + SKIP(parser); + + if (!CACHE(parser, 1)) return 0; + } + + /* Check if the number was present. */ + + if (!length) { + return yaml_parser_set_scanner_error(parser, "while scanning a %YAML directive", + start_mark, "did not find expected titleVersion number"); + } + + *number = value; + + return 1; +} + +/* + * Scan the value of a TAG-DIRECTIVE token. + * + * Scope: + * %TAG !yaml! tag:yaml.org,2002: \n + * ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + */ + +static int +yaml_parser_scan_tag_directive_value(yaml_parser_t *parser, + yaml_mark_t start_mark, yaml_char_t **handle, yaml_char_t **prefix) +{ + yaml_char_t *handle_value = NULL; + yaml_char_t *prefix_value = NULL; + + /* Eat whitespaces. */ + + if (!CACHE(parser, 1)) goto error; + + while (IS_BLANK(parser->buffer)) { + SKIP(parser); + if (!CACHE(parser, 1)) goto error; + } + + /* Scan a handle. */ + + if (!yaml_parser_scan_tag_handle(parser, 1, start_mark, &handle_value)) + goto error; + + /* Expect a whitespace. */ + + if (!CACHE(parser, 1)) goto error; + + if (!IS_BLANK(parser->buffer)) { + yaml_parser_set_scanner_error(parser, "while scanning a %TAG directive", + start_mark, "did not find expected whitespace"); + goto error; + } + + /* Eat whitespaces. */ + + while (IS_BLANK(parser->buffer)) { + SKIP(parser); + if (!CACHE(parser, 1)) goto error; + } + + /* Scan a prefix. */ + + if (!yaml_parser_scan_tag_uri(parser, 1, NULL, start_mark, &prefix_value)) + goto error; + + /* Expect a whitespace or line break. */ + + if (!CACHE(parser, 1)) goto error; + + if (!IS_BLANKZ(parser->buffer)) { + yaml_parser_set_scanner_error(parser, "while scanning a %TAG directive", + start_mark, "did not find expected whitespace or line break"); + goto error; + } + + *handle = handle_value; + *prefix = prefix_value; + + return 1; + +error: + yaml_free(handle_value); + yaml_free(prefix_value); + return 0; +} + +static int +yaml_parser_scan_anchor(yaml_parser_t *parser, yaml_token_t *token, + yaml_token_type_t type) +{ + int length = 0; + yaml_mark_t start_mark, end_mark; + yaml_string_t string = NULL_STRING; + + if (!STRING_INIT(parser, string, INITIAL_STRING_SIZE)) goto error; + + /* Eat the indicator character. */ + + start_mark = parser->mark; + + SKIP(parser); + + /* Consume the value. */ + + if (!CACHE(parser, 1)) goto error; + + while (IS_ALPHA(parser->buffer)) { + if (!READ(parser, string)) goto error; + if (!CACHE(parser, 1)) goto error; + length ++; + } + + end_mark = parser->mark; + + /* + * Check if length of the anchor is greater than 0 and it is followed by + * a whitespace character or one of the indicators: + * + * '?', ':', ',', ']', '}', '%', '@', '`'. + */ + + if (!length || !(IS_BLANKZ(parser->buffer) || CHECK(parser->buffer, '?') + || CHECK(parser->buffer, ':') || CHECK(parser->buffer, ',') + || CHECK(parser->buffer, ']') || CHECK(parser->buffer, '}') + || CHECK(parser->buffer, '%') || CHECK(parser->buffer, '@') + || CHECK(parser->buffer, '`'))) { + yaml_parser_set_scanner_error(parser, type == YAML_ANCHOR_TOKEN ? + "while scanning an anchor" : "while scanning an alias", start_mark, + "did not find expected alphabetic or numeric character"); + goto error; + } + + /* Create a token. */ + + if (type == YAML_ANCHOR_TOKEN) { + ANCHOR_TOKEN_INIT(*token, string.start, start_mark, end_mark); + } + else { + ALIAS_TOKEN_INIT(*token, string.start, start_mark, end_mark); + } + + return 1; + +error: + STRING_DEL(parser, string); + return 0; +} + +/* + * Scan a TAG token. + */ + +static int +yaml_parser_scan_tag(yaml_parser_t *parser, yaml_token_t *token) +{ + yaml_char_t *handle = NULL; + yaml_char_t *suffix = NULL; + yaml_mark_t start_mark, end_mark; + + start_mark = parser->mark; + + /* Check if the tag is in the canonical form. */ + + if (!CACHE(parser, 2)) goto error; + + if (CHECK_AT(parser->buffer, '<', 1)) + { + /* Set the handle to '' */ + + handle = yaml_malloc(1); + if (!handle) goto error; + handle[0] = '\0'; + + /* Eat '!<' */ + + SKIP(parser); + SKIP(parser); + + /* Consume the tag value. */ + + if (!yaml_parser_scan_tag_uri(parser, 0, NULL, start_mark, &suffix)) + goto error; + + /* Check for '>' and eat it. */ + + if (!CHECK(parser->buffer, '>')) { + yaml_parser_set_scanner_error(parser, "while scanning a tag", + start_mark, "did not find the expected '>'"); + goto error; + } + + SKIP(parser); + } + else + { + /* The tag has either the '!suffix' or the '!handle!suffix' form. */ + + /* First, try to scan a handle. */ + + if (!yaml_parser_scan_tag_handle(parser, 0, start_mark, &handle)) + goto error; + + /* Check if it is, indeed, handle. */ + + if (handle[0] == '!' && handle[1] != '\0' && handle[strlen((char *)handle)-1] == '!') + { + /* Scan the suffix now. */ + + if (!yaml_parser_scan_tag_uri(parser, 0, NULL, start_mark, &suffix)) + goto error; + } + else + { + /* It wasn't a handle after all. Scan the rest of the tag. */ + + if (!yaml_parser_scan_tag_uri(parser, 0, handle, start_mark, &suffix)) + goto error; + + /* Set the handle to '!'. */ + + yaml_free(handle); + handle = yaml_malloc(2); + if (!handle) goto error; + handle[0] = '!'; + handle[1] = '\0'; + + /* + * A special case: the '!' tag. Set the handle to '' and the + * suffix to '!'. + */ + + if (suffix[0] == '\0') { + yaml_char_t *tmp = handle; + handle = suffix; + suffix = tmp; + } + } + } + + /* Check the character which ends the tag. */ + + if (!CACHE(parser, 1)) goto error; + + if (!IS_BLANKZ(parser->buffer)) { + yaml_parser_set_scanner_error(parser, "while scanning a tag", + start_mark, "did not find expected whitespace or line break"); + goto error; + } + + end_mark = parser->mark; + + /* Create a token. */ + + TAG_TOKEN_INIT(*token, handle, suffix, start_mark, end_mark); + + return 1; + +error: + yaml_free(handle); + yaml_free(suffix); + return 0; +} + +/* + * Scan a tag handle. + */ + +static int +yaml_parser_scan_tag_handle(yaml_parser_t *parser, int directive, + yaml_mark_t start_mark, yaml_char_t **handle) +{ + yaml_string_t string = NULL_STRING; + + if (!STRING_INIT(parser, string, INITIAL_STRING_SIZE)) goto error; + + /* Check the initial '!' character. */ + + if (!CACHE(parser, 1)) goto error; + + if (!CHECK(parser->buffer, '!')) { + yaml_parser_set_scanner_error(parser, directive ? + "while scanning a tag directive" : "while scanning a tag", + start_mark, "did not find expected '!'"); + goto error; + } + + /* Copy the '!' character. */ + + if (!READ(parser, string)) goto error; + + /* Copy all subsequent alphabetical and numerical characters. */ + + if (!CACHE(parser, 1)) goto error; + + while (IS_ALPHA(parser->buffer)) + { + if (!READ(parser, string)) goto error; + if (!CACHE(parser, 1)) goto error; + } + + /* Check if the trailing character is '!' and copy it. */ + + if (CHECK(parser->buffer, '!')) + { + if (!READ(parser, string)) goto error; + } + else + { + /* + * It's either the '!' tag or not really a tag handle. If it's a %TAG + * directive, it's an error. If it's a tag token, it must be a part of + * URI. + */ + + if (directive && !(string.start[0] == '!' && string.start[1] == '\0')) { + yaml_parser_set_scanner_error(parser, "while parsing a tag directive", + start_mark, "did not find expected '!'"); + goto error; + } + } + + *handle = string.start; + + return 1; + +error: + STRING_DEL(parser, string); + return 0; +} + +/* + * Scan a tag. + */ + +static int +yaml_parser_scan_tag_uri(yaml_parser_t *parser, int directive, + yaml_char_t *head, yaml_mark_t start_mark, yaml_char_t **uri) +{ + size_t length = head ? strlen((char *)head) : 0; + yaml_string_t string = NULL_STRING; + + if (!STRING_INIT(parser, string, INITIAL_STRING_SIZE)) goto error; + + /* Resize the string to include the head. */ + + while (string.end - string.start <= (int)length) { + if (!yaml_string_extend(&string.start, &string.pointer, &string.end)) { + parser->error = YAML_MEMORY_ERROR; + goto error; + } + } + + /* + * Copy the head if needed. + * + * Note that we don't copy the leading '!' character. + */ + + if (length > 1) { + memcpy(string.start, head+1, length-1); + string.pointer += length-1; + } + + /* Scan the tag. */ + + if (!CACHE(parser, 1)) goto error; + + /* + * The set of characters that may appear in URI is as follows: + * + * '0'-'9', 'A'-'Z', 'a'-'z', '_', '-', ';', '/', '?', ':', '@', '&', + * '=', '+', '$', ',', '.', '!', '~', '*', '\'', '(', ')', '[', ']', + * '%'. + */ + + while (IS_ALPHA(parser->buffer) || CHECK(parser->buffer, ';') + || CHECK(parser->buffer, '/') || CHECK(parser->buffer, '?') + || CHECK(parser->buffer, ':') || CHECK(parser->buffer, '@') + || CHECK(parser->buffer, '&') || CHECK(parser->buffer, '=') + || CHECK(parser->buffer, '+') || CHECK(parser->buffer, '$') + || CHECK(parser->buffer, ',') || CHECK(parser->buffer, '.') + || CHECK(parser->buffer, '!') || CHECK(parser->buffer, '~') + || CHECK(parser->buffer, '*') || CHECK(parser->buffer, '\'') + || CHECK(parser->buffer, '(') || CHECK(parser->buffer, ')') + || CHECK(parser->buffer, '[') || CHECK(parser->buffer, ']') + || CHECK(parser->buffer, '%')) + { + /* Check if it is a URI-escape sequence. */ + + if (CHECK(parser->buffer, '%')) { + if (!yaml_parser_scan_uri_escapes(parser, + directive, start_mark, &string)) goto error; + } + else { + if (!READ(parser, string)) goto error; + } + + length ++; + if (!CACHE(parser, 1)) goto error; + } + + /* Check if the tag is non-empty. */ + + if (!length) { + if (!STRING_EXTEND(parser, string)) + goto error; + + yaml_parser_set_scanner_error(parser, directive ? + "while parsing a %TAG directive" : "while parsing a tag", + start_mark, "did not find expected tag URI"); + goto error; + } + + *uri = string.start; + + return 1; + +error: + STRING_DEL(parser, string); + return 0; +} + +/* + * Decode an URI-escape sequence corresponding to a single UTF-8 character. + */ + +static int +yaml_parser_scan_uri_escapes(yaml_parser_t *parser, int directive, + yaml_mark_t start_mark, yaml_string_t *string) +{ + int width = 0; + + /* Decode the required number of characters. */ + + do { + + unsigned char octet = 0; + + /* Check for a URI-escaped octet. */ + + if (!CACHE(parser, 3)) return 0; + + if (!(CHECK(parser->buffer, '%') + && IS_HEX_AT(parser->buffer, 1) + && IS_HEX_AT(parser->buffer, 2))) { + return yaml_parser_set_scanner_error(parser, directive ? + "while parsing a %TAG directive" : "while parsing a tag", + start_mark, "did not find URI escaped octet"); + } + + /* Get the octet. */ + + octet = (AS_HEX_AT(parser->buffer, 1) << 4) + AS_HEX_AT(parser->buffer, 2); + + /* If it is the leading octet, determine the length of the UTF-8 sequence. */ + + if (!width) + { + width = (octet & 0x80) == 0x00 ? 1 : + (octet & 0xE0) == 0xC0 ? 2 : + (octet & 0xF0) == 0xE0 ? 3 : + (octet & 0xF8) == 0xF0 ? 4 : 0; + if (!width) { + return yaml_parser_set_scanner_error(parser, directive ? + "while parsing a %TAG directive" : "while parsing a tag", + start_mark, "found an incorrect leading UTF-8 octet"); + } + } + else + { + /* Check if the trailing octet is correct. */ + + if ((octet & 0xC0) != 0x80) { + return yaml_parser_set_scanner_error(parser, directive ? + "while parsing a %TAG directive" : "while parsing a tag", + start_mark, "found an incorrect trailing UTF-8 octet"); + } + } + + /* Copy the octet and move the pointers. */ + + *(string->pointer++) = octet; + SKIP(parser); + SKIP(parser); + SKIP(parser); + + } while (--width); + + return 1; +} + +/* + * Scan a block scalar. + */ + +static int +yaml_parser_scan_block_scalar(yaml_parser_t *parser, yaml_token_t *token, + int literal) +{ + yaml_mark_t start_mark; + yaml_mark_t end_mark; + yaml_string_t string = NULL_STRING; + yaml_string_t leading_break = NULL_STRING; + yaml_string_t trailing_breaks = NULL_STRING; + int chomping = 0; + int increment = 0; + int indent = 0; + int leading_blank = 0; + int trailing_blank = 0; + + if (!STRING_INIT(parser, string, INITIAL_STRING_SIZE)) goto error; + if (!STRING_INIT(parser, leading_break, INITIAL_STRING_SIZE)) goto error; + if (!STRING_INIT(parser, trailing_breaks, INITIAL_STRING_SIZE)) goto error; + + /* Eat the indicator '|' or '>'. */ + + start_mark = parser->mark; + + SKIP(parser); + + /* Scan the additional block scalar indicators. */ + + if (!CACHE(parser, 1)) goto error; + + /* Check for a chomping indicator. */ + + if (CHECK(parser->buffer, '+') || CHECK(parser->buffer, '-')) + { + /* Set the chomping method and eat the indicator. */ + + chomping = CHECK(parser->buffer, '+') ? +1 : -1; + + SKIP(parser); + + /* Check for an indentation indicator. */ + + if (!CACHE(parser, 1)) goto error; + + if (IS_DIGIT(parser->buffer)) + { + /* Check that the intendation is greater than 0. */ + + if (CHECK(parser->buffer, '0')) { + yaml_parser_set_scanner_error(parser, "while scanning a block scalar", + start_mark, "found an intendation indicator equal to 0"); + goto error; + } + + /* Get the intendation level and eat the indicator. */ + + increment = AS_DIGIT(parser->buffer); + + SKIP(parser); + } + } + + /* Do the same as above, but in the opposite order. */ + + else if (IS_DIGIT(parser->buffer)) + { + if (CHECK(parser->buffer, '0')) { + yaml_parser_set_scanner_error(parser, "while scanning a block scalar", + start_mark, "found an intendation indicator equal to 0"); + goto error; + } + + increment = AS_DIGIT(parser->buffer); + + SKIP(parser); + + if (!CACHE(parser, 1)) goto error; + + if (CHECK(parser->buffer, '+') || CHECK(parser->buffer, '-')) { + chomping = CHECK(parser->buffer, '+') ? +1 : -1; + + SKIP(parser); + } + } + + /* Eat whitespaces and comments to the end of the line. */ + + if (!CACHE(parser, 1)) goto error; + + while (IS_BLANK(parser->buffer)) { + SKIP(parser); + if (!CACHE(parser, 1)) goto error; + } + + if (CHECK(parser->buffer, '#')) { + while (!IS_BREAKZ(parser->buffer)) { + SKIP(parser); + if (!CACHE(parser, 1)) goto error; + } + } + + /* Check if we are at the end of the line. */ + + if (!IS_BREAKZ(parser->buffer)) { + yaml_parser_set_scanner_error(parser, "while scanning a block scalar", + start_mark, "did not find expected comment or line break"); + goto error; + } + + /* Eat a line break. */ + + if (IS_BREAK(parser->buffer)) { + if (!CACHE(parser, 2)) goto error; + SKIP_LINE(parser); + } + + end_mark = parser->mark; + + /* Set the intendation level if it was specified. */ + + if (increment) { + indent = parser->indent >= 0 ? parser->indent+increment : increment; + } + + /* Scan the leading line breaks and determine the indentation level if needed. */ + + if (!yaml_parser_scan_block_scalar_breaks(parser, &indent, &trailing_breaks, + start_mark, &end_mark)) goto error; + + /* Scan the block scalar content. */ + + if (!CACHE(parser, 1)) goto error; + + while ((int)parser->mark.column == indent && !IS_Z(parser->buffer)) + { + /* + * We are at the beginning of a non-empty line. + */ + + /* Is it a trailing whitespace? */ + + trailing_blank = IS_BLANK(parser->buffer); + + /* Check if we need to fold the leading line break. */ + + if (!literal && (*leading_break.start == '\n') + && !leading_blank && !trailing_blank) + { + /* Do we need to join the lines by space? */ + + if (*trailing_breaks.start == '\0') { + if (!STRING_EXTEND(parser, string)) goto error; + *(string.pointer ++) = ' '; + } + + CLEAR(parser, leading_break); + } + else { + if (!JOIN(parser, string, leading_break)) goto error; + CLEAR(parser, leading_break); + } + + /* Append the remaining line breaks. */ + + if (!JOIN(parser, string, trailing_breaks)) goto error; + CLEAR(parser, trailing_breaks); + + /* Is it a leading whitespace? */ + + leading_blank = IS_BLANK(parser->buffer); + + /* Consume the current line. */ + + while (!IS_BREAKZ(parser->buffer)) { + if (!READ(parser, string)) goto error; + if (!CACHE(parser, 1)) goto error; + } + + /* Consume the line break. */ + + if (!CACHE(parser, 2)) goto error; + + if (!READ_LINE(parser, leading_break)) goto error; + + /* Eat the following intendation spaces and line breaks. */ + + if (!yaml_parser_scan_block_scalar_breaks(parser, + &indent, &trailing_breaks, start_mark, &end_mark)) goto error; + } + + /* Chomp the tail. */ + + if (chomping != -1) { + if (!JOIN(parser, string, leading_break)) goto error; + } + if (chomping == 1) { + if (!JOIN(parser, string, trailing_breaks)) goto error; + } + + /* Create a token. */ + + SCALAR_TOKEN_INIT(*token, string.start, string.pointer-string.start, + literal ? YAML_LITERAL_SCALAR_STYLE : YAML_FOLDED_SCALAR_STYLE, + start_mark, end_mark); + + STRING_DEL(parser, leading_break); + STRING_DEL(parser, trailing_breaks); + + return 1; + +error: + STRING_DEL(parser, string); + STRING_DEL(parser, leading_break); + STRING_DEL(parser, trailing_breaks); + + return 0; +} + +/* + * Scan intendation spaces and line breaks for a block scalar. Determine the + * intendation level if needed. + */ + +static int +yaml_parser_scan_block_scalar_breaks(yaml_parser_t *parser, + int *indent, yaml_string_t *breaks, + yaml_mark_t start_mark, yaml_mark_t *end_mark) +{ + int max_indent = 0; + + *end_mark = parser->mark; + + /* Eat the intendation spaces and line breaks. */ + + while (1) + { + /* Eat the intendation spaces. */ + + if (!CACHE(parser, 1)) return 0; + + while ((!*indent || (int)parser->mark.column < *indent) + && IS_SPACE(parser->buffer)) { + SKIP(parser); + if (!CACHE(parser, 1)) return 0; + } + + if ((int)parser->mark.column > max_indent) + max_indent = (int)parser->mark.column; + + /* Check for a tab character messing the intendation. */ + + if ((!*indent || (int)parser->mark.column < *indent) + && IS_TAB(parser->buffer)) { + return yaml_parser_set_scanner_error(parser, "while scanning a block scalar", + start_mark, "found a tab character where an intendation space is expected"); + } + + /* Have we found a non-empty line? */ + + if (!IS_BREAK(parser->buffer)) break; + + /* Consume the line break. */ + + if (!CACHE(parser, 2)) return 0; + if (!READ_LINE(parser, *breaks)) return 0; + *end_mark = parser->mark; + } + + /* Determine the indentation level if needed. */ + + if (!*indent) { + *indent = max_indent; + if (*indent < parser->indent + 1) + *indent = parser->indent + 1; + if (*indent < 1) + *indent = 1; + } + + return 1; +} + +/* + * Scan a quoted scalar. + */ + +static int +yaml_parser_scan_flow_scalar(yaml_parser_t *parser, yaml_token_t *token, + int single) +{ + yaml_mark_t start_mark; + yaml_mark_t end_mark; + yaml_string_t string = NULL_STRING; + yaml_string_t leading_break = NULL_STRING; + yaml_string_t trailing_breaks = NULL_STRING; + yaml_string_t whitespaces = NULL_STRING; + int leading_blanks; + + if (!STRING_INIT(parser, string, INITIAL_STRING_SIZE)) goto error; + if (!STRING_INIT(parser, leading_break, INITIAL_STRING_SIZE)) goto error; + if (!STRING_INIT(parser, trailing_breaks, INITIAL_STRING_SIZE)) goto error; + if (!STRING_INIT(parser, whitespaces, INITIAL_STRING_SIZE)) goto error; + + /* Eat the left quote. */ + + start_mark = parser->mark; + + SKIP(parser); + + /* Consume the content of the quoted scalar. */ + + while (1) + { + /* Check that there are no document indicators at the beginning of the line. */ + + if (!CACHE(parser, 4)) goto error; + + if (parser->mark.column == 0 && + ((CHECK_AT(parser->buffer, '-', 0) && + CHECK_AT(parser->buffer, '-', 1) && + CHECK_AT(parser->buffer, '-', 2)) || + (CHECK_AT(parser->buffer, '.', 0) && + CHECK_AT(parser->buffer, '.', 1) && + CHECK_AT(parser->buffer, '.', 2))) && + IS_BLANKZ_AT(parser->buffer, 3)) + { + yaml_parser_set_scanner_error(parser, "while scanning a quoted scalar", + start_mark, "found unexpected document indicator"); + goto error; + } + + /* Check for EOF. */ + + if (IS_Z(parser->buffer)) { + yaml_parser_set_scanner_error(parser, "while scanning a quoted scalar", + start_mark, "found unexpected end of stream"); + goto error; + } + + /* Consume non-blank characters. */ + + if (!CACHE(parser, 2)) goto error; + + leading_blanks = 0; + + while (!IS_BLANKZ(parser->buffer)) + { + /* Check for an escaped single quote. */ + + if (single && CHECK_AT(parser->buffer, '\'', 0) + && CHECK_AT(parser->buffer, '\'', 1)) + { + if (!STRING_EXTEND(parser, string)) goto error; + *(string.pointer++) = '\''; + SKIP(parser); + SKIP(parser); + } + + /* Check for the right quote. */ + + else if (CHECK(parser->buffer, single ? '\'' : '"')) + { + break; + } + + /* Check for an escaped line break. */ + + else if (!single && CHECK(parser->buffer, '\\') + && IS_BREAK_AT(parser->buffer, 1)) + { + if (!CACHE(parser, 3)) goto error; + SKIP(parser); + SKIP_LINE(parser); + leading_blanks = 1; + break; + } + + /* Check for an escape sequence. */ + + else if (!single && CHECK(parser->buffer, '\\')) + { + size_t code_length = 0; + + if (!STRING_EXTEND(parser, string)) goto error; + + /* Check the escape character. */ + + switch (parser->buffer.pointer[1]) + { + case '0': + *(string.pointer++) = '\0'; + break; + + case 'a': + *(string.pointer++) = '\x07'; + break; + + case 'b': + *(string.pointer++) = '\x08'; + break; + + case 't': + case '\t': + *(string.pointer++) = '\x09'; + break; + + case 'n': + *(string.pointer++) = '\x0A'; + break; + + case 'v': + *(string.pointer++) = '\x0B'; + break; + + case 'f': + *(string.pointer++) = '\x0C'; + break; + + case 'r': + *(string.pointer++) = '\x0D'; + break; + + case 'e': + *(string.pointer++) = '\x1B'; + break; + + case ' ': + *(string.pointer++) = '\x20'; + break; + + case '"': + *(string.pointer++) = '"'; + break; + + case '\'': + *(string.pointer++) = '\''; + break; + + case '\\': + *(string.pointer++) = '\\'; + break; + + case 'N': /* NEL (#x85) */ + *(string.pointer++) = '\xC2'; + *(string.pointer++) = '\x85'; + break; + + case '_': /* #xA0 */ + *(string.pointer++) = '\xC2'; + *(string.pointer++) = '\xA0'; + break; + + case 'L': /* LS (#x2028) */ + *(string.pointer++) = '\xE2'; + *(string.pointer++) = '\x80'; + *(string.pointer++) = '\xA8'; + break; + + case 'P': /* PS (#x2029) */ + *(string.pointer++) = '\xE2'; + *(string.pointer++) = '\x80'; + *(string.pointer++) = '\xA9'; + break; + + case 'x': + code_length = 2; + break; + + case 'u': + code_length = 4; + break; + + case 'U': + code_length = 8; + break; + + default: + yaml_parser_set_scanner_error(parser, "while parsing a quoted scalar", + start_mark, "found unknown escape character"); + goto error; + } + + SKIP(parser); + SKIP(parser); + + /* Consume an arbitrary escape code. */ + + if (code_length) + { + unsigned int value = 0; + size_t k; + + /* Scan the character value. */ + + if (!CACHE(parser, code_length)) goto error; + + for (k = 0; k < code_length; k ++) { + if (!IS_HEX_AT(parser->buffer, k)) { + yaml_parser_set_scanner_error(parser, "while parsing a quoted scalar", + start_mark, "did not find expected hexdecimal number"); + goto error; + } + value = (value << 4) + AS_HEX_AT(parser->buffer, k); + } + + /* Check the value and write the character. */ + + if ((value >= 0xD800 && value <= 0xDFFF) || value > 0x10FFFF) { + yaml_parser_set_scanner_error(parser, "while parsing a quoted scalar", + start_mark, "found invalid Unicode character escape code"); + goto error; + } + + if (value <= 0x7F) { + *(string.pointer++) = value; + } + else if (value <= 0x7FF) { + *(string.pointer++) = 0xC0 + (value >> 6); + *(string.pointer++) = 0x80 + (value & 0x3F); + } + else if (value <= 0xFFFF) { + *(string.pointer++) = 0xE0 + (value >> 12); + *(string.pointer++) = 0x80 + ((value >> 6) & 0x3F); + *(string.pointer++) = 0x80 + (value & 0x3F); + } + else { + *(string.pointer++) = 0xF0 + (value >> 18); + *(string.pointer++) = 0x80 + ((value >> 12) & 0x3F); + *(string.pointer++) = 0x80 + ((value >> 6) & 0x3F); + *(string.pointer++) = 0x80 + (value & 0x3F); + } + + /* Advance the pointer. */ + + for (k = 0; k < code_length; k ++) { + SKIP(parser); + } + } + } + + else + { + /* It is a non-escaped non-blank character. */ + + if (!READ(parser, string)) goto error; + } + + if (!CACHE(parser, 2)) goto error; + } + + /* Check if we are at the end of the scalar. */ + + if (CHECK(parser->buffer, single ? '\'' : '"')) + break; + + /* Consume blank characters. */ + + if (!CACHE(parser, 1)) goto error; + + while (IS_BLANK(parser->buffer) || IS_BREAK(parser->buffer)) + { + if (IS_BLANK(parser->buffer)) + { + /* Consume a space or a tab character. */ + + if (!leading_blanks) { + if (!READ(parser, whitespaces)) goto error; + } + else { + SKIP(parser); + } + } + else + { + if (!CACHE(parser, 2)) goto error; + + /* Check if it is a first line break. */ + + if (!leading_blanks) + { + CLEAR(parser, whitespaces); + if (!READ_LINE(parser, leading_break)) goto error; + leading_blanks = 1; + } + else + { + if (!READ_LINE(parser, trailing_breaks)) goto error; + } + } + if (!CACHE(parser, 1)) goto error; + } + + /* Join the whitespaces or fold line breaks. */ + + if (leading_blanks) + { + /* Do we need to fold line breaks? */ + + if (leading_break.start[0] == '\n') { + if (trailing_breaks.start[0] == '\0') { + if (!STRING_EXTEND(parser, string)) goto error; + *(string.pointer++) = ' '; + } + else { + if (!JOIN(parser, string, trailing_breaks)) goto error; + CLEAR(parser, trailing_breaks); + } + CLEAR(parser, leading_break); + } + else { + if (!JOIN(parser, string, leading_break)) goto error; + if (!JOIN(parser, string, trailing_breaks)) goto error; + CLEAR(parser, leading_break); + CLEAR(parser, trailing_breaks); + } + } + else + { + if (!JOIN(parser, string, whitespaces)) goto error; + CLEAR(parser, whitespaces); + } + } + + /* Eat the right quote. */ + + SKIP(parser); + + end_mark = parser->mark; + + /* Create a token. */ + + SCALAR_TOKEN_INIT(*token, string.start, string.pointer-string.start, + single ? YAML_SINGLE_QUOTED_SCALAR_STYLE : YAML_DOUBLE_QUOTED_SCALAR_STYLE, + start_mark, end_mark); + + STRING_DEL(parser, leading_break); + STRING_DEL(parser, trailing_breaks); + STRING_DEL(parser, whitespaces); + + return 1; + +error: + STRING_DEL(parser, string); + STRING_DEL(parser, leading_break); + STRING_DEL(parser, trailing_breaks); + STRING_DEL(parser, whitespaces); + + return 0; +} + +/* + * Scan a plain scalar. + */ + +static int +yaml_parser_scan_plain_scalar(yaml_parser_t *parser, yaml_token_t *token) +{ + yaml_mark_t start_mark; + yaml_mark_t end_mark; + yaml_string_t string = NULL_STRING; + yaml_string_t leading_break = NULL_STRING; + yaml_string_t trailing_breaks = NULL_STRING; + yaml_string_t whitespaces = NULL_STRING; + int leading_blanks = 0; + int indent = parser->indent+1; + + if (!STRING_INIT(parser, string, INITIAL_STRING_SIZE)) goto error; + if (!STRING_INIT(parser, leading_break, INITIAL_STRING_SIZE)) goto error; + if (!STRING_INIT(parser, trailing_breaks, INITIAL_STRING_SIZE)) goto error; + if (!STRING_INIT(parser, whitespaces, INITIAL_STRING_SIZE)) goto error; + + start_mark = end_mark = parser->mark; + + /* Consume the content of the plain scalar. */ + + while (1) + { + /* Check for a document indicator. */ + + if (!CACHE(parser, 4)) goto error; + + if (parser->mark.column == 0 && + ((CHECK_AT(parser->buffer, '-', 0) && + CHECK_AT(parser->buffer, '-', 1) && + CHECK_AT(parser->buffer, '-', 2)) || + (CHECK_AT(parser->buffer, '.', 0) && + CHECK_AT(parser->buffer, '.', 1) && + CHECK_AT(parser->buffer, '.', 2))) && + IS_BLANKZ_AT(parser->buffer, 3)) break; + + /* Check for a comment. */ + + if (CHECK(parser->buffer, '#')) + break; + + /* Consume non-blank characters. */ + + while (!IS_BLANKZ(parser->buffer)) + { + /* Check for 'x:x' in the flow context. TODO: Fix the test "spec-08-13". */ + + if (parser->flow_level + && CHECK(parser->buffer, ':') + && !IS_BLANKZ_AT(parser->buffer, 1)) { + yaml_parser_set_scanner_error(parser, "while scanning a plain scalar", + start_mark, "found unexpected ':'"); + goto error; + } + + /* Check for indicators that may end a plain scalar. */ + + if ((CHECK(parser->buffer, ':') && IS_BLANKZ_AT(parser->buffer, 1)) + || (parser->flow_level && + (CHECK(parser->buffer, ',') || CHECK(parser->buffer, ':') + || CHECK(parser->buffer, '?') || CHECK(parser->buffer, '[') + || CHECK(parser->buffer, ']') || CHECK(parser->buffer, '{') + || CHECK(parser->buffer, '}')))) + break; + + /* Check if we need to join whitespaces and breaks. */ + + if (leading_blanks || whitespaces.start != whitespaces.pointer) + { + if (leading_blanks) + { + /* Do we need to fold line breaks? */ + + if (leading_break.start[0] == '\n') { + if (trailing_breaks.start[0] == '\0') { + if (!STRING_EXTEND(parser, string)) goto error; + *(string.pointer++) = ' '; + } + else { + if (!JOIN(parser, string, trailing_breaks)) goto error; + CLEAR(parser, trailing_breaks); + } + CLEAR(parser, leading_break); + } + else { + if (!JOIN(parser, string, leading_break)) goto error; + if (!JOIN(parser, string, trailing_breaks)) goto error; + CLEAR(parser, leading_break); + CLEAR(parser, trailing_breaks); + } + + leading_blanks = 0; + } + else + { + if (!JOIN(parser, string, whitespaces)) goto error; + CLEAR(parser, whitespaces); + } + } + + /* Copy the character. */ + + if (!READ(parser, string)) goto error; + + end_mark = parser->mark; + + if (!CACHE(parser, 2)) goto error; + } + + /* Is it the end? */ + + if (!(IS_BLANK(parser->buffer) || IS_BREAK(parser->buffer))) + break; + + /* Consume blank characters. */ + + if (!CACHE(parser, 1)) goto error; + + while (IS_BLANK(parser->buffer) || IS_BREAK(parser->buffer)) + { + if (IS_BLANK(parser->buffer)) + { + /* Check for tab character that abuse intendation. */ + + if (leading_blanks && (int)parser->mark.column < indent + && IS_TAB(parser->buffer)) { + yaml_parser_set_scanner_error(parser, "while scanning a plain scalar", + start_mark, "found a tab character that violate intendation"); + goto error; + } + + /* Consume a space or a tab character. */ + + if (!leading_blanks) { + if (!READ(parser, whitespaces)) goto error; + } + else { + SKIP(parser); + } + } + else + { + if (!CACHE(parser, 2)) goto error; + + /* Check if it is a first line break. */ + + if (!leading_blanks) + { + CLEAR(parser, whitespaces); + if (!READ_LINE(parser, leading_break)) goto error; + leading_blanks = 1; + } + else + { + if (!READ_LINE(parser, trailing_breaks)) goto error; + } + } + if (!CACHE(parser, 1)) goto error; + } + + /* Check intendation level. */ + + if (!parser->flow_level && (int)parser->mark.column < indent) + break; + } + + /* Create a token. */ + + SCALAR_TOKEN_INIT(*token, string.start, string.pointer-string.start, + YAML_PLAIN_SCALAR_STYLE, start_mark, end_mark); + + /* Note that we change the 'simple_key_allowed' flag. */ + + if (leading_blanks) { + parser->simple_key_allowed = 1; + } + + STRING_DEL(parser, leading_break); + STRING_DEL(parser, trailing_breaks); + STRING_DEL(parser, whitespaces); + + return 1; + +error: + STRING_DEL(parser, string); + STRING_DEL(parser, leading_break); + STRING_DEL(parser, trailing_breaks); + STRING_DEL(parser, whitespaces); + + return 0; +} + diff --git a/libyaml/writer.c b/libyaml/writer.c new file mode 100644 index 0000000..7fc4754 --- /dev/null +++ b/libyaml/writer.c @@ -0,0 +1,141 @@ + +#include "libyaml/yaml_private.h" + +/* + * Declarations. + */ + +static int +yaml_emitter_set_writer_error(yaml_emitter_t *emitter, const char *problem); + +YAML_DECLARE(int) +yaml_emitter_flush(yaml_emitter_t *emitter); + +/* + * Set the writer error and return 0. + */ + +static int +yaml_emitter_set_writer_error(yaml_emitter_t *emitter, const char *problem) +{ + emitter->error = YAML_WRITER_ERROR; + emitter->problem = problem; + + return 0; +} + +/* + * Flush the output buffer. + */ + +YAML_DECLARE(int) +yaml_emitter_flush(yaml_emitter_t *emitter) +{ + int low, high; + + assert(emitter); /* Non-NULL emitter object is expected. */ + assert(emitter->write_handler); /* Write handler must be set. */ + assert(emitter->encoding); /* Output encoding must be set. */ + + emitter->buffer.last = emitter->buffer.pointer; + emitter->buffer.pointer = emitter->buffer.start; + + /* Check if the buffer is empty. */ + + if (emitter->buffer.start == emitter->buffer.last) { + return 1; + } + + /* If the output encoding is UTF-8, we don't need to recode the buffer. */ + + if (emitter->encoding == YAML_UTF8_ENCODING) + { + if (emitter->write_handler(emitter->write_handler_data, + emitter->buffer.start, + emitter->buffer.last - emitter->buffer.start)) { + emitter->buffer.last = emitter->buffer.start; + emitter->buffer.pointer = emitter->buffer.start; + return 1; + } + else { + return yaml_emitter_set_writer_error(emitter, "write error"); + } + } + + /* Recode the buffer into the raw buffer. */ + + low = (emitter->encoding == YAML_UTF16LE_ENCODING ? 0 : 1); + high = (emitter->encoding == YAML_UTF16LE_ENCODING ? 1 : 0); + + while (emitter->buffer.pointer != emitter->buffer.last) + { + unsigned char octet; + unsigned int width; + unsigned int value; + size_t k; + + /* + * See the "reader.c" code for more details on UTF-8 encoding. Note + * that we assume that the buffer contains a valid UTF-8 sequence. + */ + + /* Read the next UTF-8 character. */ + + octet = emitter->buffer.pointer[0]; + + width = (octet & 0x80) == 0x00 ? 1 : + (octet & 0xE0) == 0xC0 ? 2 : + (octet & 0xF0) == 0xE0 ? 3 : + (octet & 0xF8) == 0xF0 ? 4 : 0; + + value = (octet & 0x80) == 0x00 ? octet & 0x7F : + (octet & 0xE0) == 0xC0 ? octet & 0x1F : + (octet & 0xF0) == 0xE0 ? octet & 0x0F : + (octet & 0xF8) == 0xF0 ? octet & 0x07 : 0; + + for (k = 1; k < width; k ++) { + octet = emitter->buffer.pointer[k]; + value = (value << 6) + (octet & 0x3F); + } + + emitter->buffer.pointer += width; + + /* Write the character. */ + + if (value < 0x10000) + { + emitter->raw_buffer.last[high] = value >> 8; + emitter->raw_buffer.last[low] = value & 0xFF; + + emitter->raw_buffer.last += 2; + } + else + { + /* Write the character using a surrogate pair (check "reader.c"). */ + + value -= 0x10000; + emitter->raw_buffer.last[high] = 0xD8 + (value >> 18); + emitter->raw_buffer.last[low] = (value >> 10) & 0xFF; + emitter->raw_buffer.last[high+2] = 0xDC + ((value >> 8) & 0xFF); + emitter->raw_buffer.last[low+2] = value & 0xFF; + + emitter->raw_buffer.last += 4; + } + } + + /* Write the raw buffer. */ + + if (emitter->write_handler(emitter->write_handler_data, + emitter->raw_buffer.start, + emitter->raw_buffer.last - emitter->raw_buffer.start)) { + emitter->buffer.last = emitter->buffer.start; + emitter->buffer.pointer = emitter->buffer.start; + emitter->raw_buffer.last = emitter->raw_buffer.start; + emitter->raw_buffer.pointer = emitter->raw_buffer.start; + return 1; + } + else { + return yaml_emitter_set_writer_error(emitter, "write error"); + } +} + diff --git a/libyaml/yaml.h b/libyaml/yaml.h new file mode 100644 index 0000000..e4e73bf --- /dev/null +++ b/libyaml/yaml.h @@ -0,0 +1,1962 @@ +/** + * @file yaml_api.h + * @brief Public interface for libyaml. + * + * Include the header file with the code: + * @code + * #include + * @endcode + */ + +#ifndef YAML_H +#define YAML_H + +#ifdef __cplusplus +extern "C" { +#endif + +#include +#include +#include + +/** + * @defgroup export Export Definitions + * @{ + */ + +/** The public API declaration. */ + + +# define YAML_DECLARE(type) type + +/** @} */ + +/** + * @defgroup titleVersion titleVersion Information + * @{ + */ + +/** + * Get the library titleVersion as a string. + * + * @returns The function returns the pointer to a static string of the form + * @c "X.Y.Z", where @c X is the major titleVersion number, @c Y is a minor titleVersion + * number, and @c Z is the patch titleVersion number. + */ + +YAML_DECLARE(const char *) +yaml_get_titleVersion_string(void); + +/** + * Get the library titleVersion numbers. + * + * @param[out] major Major titleVersion number. + * @param[out] minor Minor titleVersion number. + * @param[out] patch Patch titleVersion number. + */ + +YAML_DECLARE(void) +yaml_get_titleVersion(int *major, int *minor, int *patch); + +/** @} */ + +/** + * @defgroup basic Basic Types + * @{ + */ + +/** The character type (UTF-8 octet). */ +typedef unsigned char yaml_char_t; + +/** The titleVersion directive data. */ +typedef struct yaml_titleVersion_directive_s { + /** The major titleVersion number. */ + int major; + /** The minor titleVersion number. */ + int minor; +} yaml_titleVersion_directive_t; + +/** The tag directive data. */ +typedef struct yaml_tag_directive_s { + /** The tag handle. */ + yaml_char_t *handle; + /** The tag prefix. */ + yaml_char_t *prefix; +} yaml_tag_directive_t; + +/** The stream encoding. */ +typedef enum yaml_encoding_e { + /** Let the parser choose the encoding. */ + YAML_ANY_ENCODING, + /** The default UTF-8 encoding. */ + YAML_UTF8_ENCODING, + /** The UTF-16-LE encoding with BOM. */ + YAML_UTF16LE_ENCODING, + /** The UTF-16-BE encoding with BOM. */ + YAML_UTF16BE_ENCODING +} yaml_encoding_t; + +/** Line break types. */ + +typedef enum yaml_break_e { + /** Let the parser choose the break type. */ + YAML_ANY_BREAK, + /** Use CR for line breaks (Mac style). */ + YAML_CR_BREAK, + /** Use LN for line breaks (Unix style). */ + YAML_LN_BREAK, + /** Use CR LN for line breaks (DOS style). */ + YAML_CRLN_BREAK +} yaml_break_t; + +/** Many bad things could happen with the parser and emitter. */ +typedef enum yaml_error_type_e { + /** No error is produced. */ + YAML_NO_ERROR, + + /** Cannot allocate or reallocate a block of memory. */ + YAML_MEMORY_ERROR, + + /** Cannot read or decode the input stream. */ + YAML_READER_ERROR, + /** Cannot scan the input stream. */ + YAML_SCANNER_ERROR, + /** Cannot parse the input stream. */ + YAML_PARSER_ERROR, + /** Cannot compose a YAML document. */ + YAML_COMPOSER_ERROR, + + /** Cannot write to the output stream. */ + YAML_WRITER_ERROR, + /** Cannot emit a YAML stream. */ + YAML_EMITTER_ERROR +} yaml_error_type_t; + +/** The pointer position. */ +typedef struct yaml_mark_s { + /** The position index. */ + size_t index; + + /** The position line. */ + size_t line; + + /** The position column. */ + size_t column; +} yaml_mark_t; + +/** @} */ + +/** + * @defgroup styles Node Styles + * @{ + */ + +/** Scalar styles. */ +typedef enum yaml_scalar_style_e { + /** Let the emitter choose the style. */ + YAML_ANY_SCALAR_STYLE, + + /** The plain scalar style. */ + YAML_PLAIN_SCALAR_STYLE, + + /** The single-quoted scalar style. */ + YAML_SINGLE_QUOTED_SCALAR_STYLE, + /** The double-quoted scalar style. */ + YAML_DOUBLE_QUOTED_SCALAR_STYLE, + + /** The literal scalar style. */ + YAML_LITERAL_SCALAR_STYLE, + /** The folded scalar style. */ + YAML_FOLDED_SCALAR_STYLE +} yaml_scalar_style_t; + +/** Sequence styles. */ +typedef enum yaml_sequence_style_e { + /** Let the emitter choose the style. */ + YAML_ANY_SEQUENCE_STYLE, + + /** The block sequence style. */ + YAML_BLOCK_SEQUENCE_STYLE, + /** The flow sequence style. */ + YAML_FLOW_SEQUENCE_STYLE +} yaml_sequence_style_t; + +/** Mapping styles. */ +typedef enum yaml_mapping_style_e { + /** Let the emitter choose the style. */ + YAML_ANY_MAPPING_STYLE, + + /** The block mapping style. */ + YAML_BLOCK_MAPPING_STYLE, + /** The flow mapping style. */ + YAML_FLOW_MAPPING_STYLE +/* YAML_FLOW_SET_MAPPING_STYLE */ +} yaml_mapping_style_t; + +/** @} */ + +/** + * @defgroup tokens Tokens + * @{ + */ + +/** Token types. */ +typedef enum yaml_token_type_e { + /** An empty token. */ + YAML_NO_TOKEN, + + /** A STREAM-START token. */ + YAML_STREAM_START_TOKEN, + /** A STREAM-END token. */ + YAML_STREAM_END_TOKEN, + + /** A titleVersion-DIRECTIVE token. */ + YAML_titleVersion_DIRECTIVE_TOKEN, + /** A TAG-DIRECTIVE token. */ + YAML_TAG_DIRECTIVE_TOKEN, + /** A DOCUMENT-START token. */ + YAML_DOCUMENT_START_TOKEN, + /** A DOCUMENT-END token. */ + YAML_DOCUMENT_END_TOKEN, + + /** A BLOCK-SEQUENCE-START token. */ + YAML_BLOCK_SEQUENCE_START_TOKEN, + /** A BLOCK-SEQUENCE-END token. */ + YAML_BLOCK_MAPPING_START_TOKEN, + /** A BLOCK-END token. */ + YAML_BLOCK_END_TOKEN, + + /** A FLOW-SEQUENCE-START token. */ + YAML_FLOW_SEQUENCE_START_TOKEN, + /** A FLOW-SEQUENCE-END token. */ + YAML_FLOW_SEQUENCE_END_TOKEN, + /** A FLOW-MAPPING-START token. */ + YAML_FLOW_MAPPING_START_TOKEN, + /** A FLOW-MAPPING-END token. */ + YAML_FLOW_MAPPING_END_TOKEN, + + /** A BLOCK-ENTRY token. */ + YAML_BLOCK_ENTRY_TOKEN, + /** A FLOW-ENTRY token. */ + YAML_FLOW_ENTRY_TOKEN, + /** A KEY token. */ + YAML_KEY_TOKEN, + /** A VALUE token. */ + YAML_VALUE_TOKEN, + + /** An ALIAS token. */ + YAML_ALIAS_TOKEN, + /** An ANCHOR token. */ + YAML_ANCHOR_TOKEN, + /** A TAG token. */ + YAML_TAG_TOKEN, + /** A SCALAR token. */ + YAML_SCALAR_TOKEN +} yaml_token_type_t; + +/** The token structure. */ +typedef struct yaml_token_s { + + /** The token type. */ + yaml_token_type_t type; + + /** The token data. */ + union { + + /** The stream start (for @c YAML_STREAM_START_TOKEN). */ + struct { + /** The stream encoding. */ + yaml_encoding_t encoding; + } stream_start; + + /** The alias (for @c YAML_ALIAS_TOKEN). */ + struct { + /** The alias value. */ + yaml_char_t *value; + } alias; + + /** The anchor (for @c YAML_ANCHOR_TOKEN). */ + struct { + /** The anchor value. */ + yaml_char_t *value; + } anchor; + + /** The tag (for @c YAML_TAG_TOKEN). */ + struct { + /** The tag handle. */ + yaml_char_t *handle; + /** The tag suffix. */ + yaml_char_t *suffix; + } tag; + + /** The scalar value (for @c YAML_SCALAR_TOKEN). */ + struct { + /** The scalar value. */ + yaml_char_t *value; + /** The length of the scalar value. */ + size_t length; + /** The scalar style. */ + yaml_scalar_style_t style; + } scalar; + + /** The titleVersion directive (for @c YAML_titleVersion_DIRECTIVE_TOKEN). */ + struct { + /** The major titleVersion number. */ + int major; + /** The minor titleVersion number. */ + int minor; + } titleVersion_directive; + + /** The tag directive (for @c YAML_TAG_DIRECTIVE_TOKEN). */ + struct { + /** The tag handle. */ + yaml_char_t *handle; + /** The tag prefix. */ + yaml_char_t *prefix; + } tag_directive; + + } data; + + /** The beginning of the token. */ + yaml_mark_t start_mark; + /** The end of the token. */ + yaml_mark_t end_mark; + +} yaml_token_t; + +/** + * Free any memory allocated for a token object. + * + * @param[in,out] token A token object. + */ + +YAML_DECLARE(void) +yaml_token_delete(yaml_token_t *token); + +/** @} */ + +/** + * @defgroup events Events + * @{ + */ + +/** Event types. */ +typedef enum yaml_event_type_e { + /** An empty event. */ + YAML_NO_EVENT, // 0 + + /** A STREAM-START event. */ + YAML_STREAM_START_EVENT, // 1 + /** A STREAM-END event. */ + YAML_STREAM_END_EVENT, // 2 + + /** A DOCUMENT-START event. */ + YAML_DOCUMENT_START_EVENT, // 3 + /** A DOCUMENT-END event. */ + YAML_DOCUMENT_END_EVENT, // 4 + + /** An ALIAS event. */ + YAML_ALIAS_EVENT, // 5 + /** A SCALAR event. */ + YAML_SCALAR_EVENT, // 6 + + /** A SEQUENCE-START event. */ + YAML_SEQUENCE_START_EVENT, // 7 + /** A SEQUENCE-END event. */ + YAML_SEQUENCE_END_EVENT, // 8 + + /** A MAPPING-START event. */ + YAML_MAPPING_START_EVENT, // 9 + /** A MAPPING-END event. */ + YAML_MAPPING_END_EVENT // 10 +} yaml_event_type_t; + +/** The event structure. */ +typedef struct yaml_event_s { + + /** The event type. */ + yaml_event_type_t type; + + /** The event data. */ + union { + + /** The stream parameters (for @c YAML_STREAM_START_EVENT). */ // 1 + struct { + /** The document encoding. */ + yaml_encoding_t encoding; + } stream_start; + + /** The document parameters (for @c YAML_DOCUMENT_START_EVENT). */ // 3 + struct { + /** The titleVersion directive. */ + yaml_titleVersion_directive_t *titleVersion_directive; + + /** The list of tag directives. */ + struct { + /** The beginning of the tag directives list. */ + yaml_tag_directive_t *start; + /** The end of the tag directives list. */ + yaml_tag_directive_t *end; + } tag_directives; + + /** Is the document indicator implicit? */ + int implicit; + } document_start; + + /** The document end parameters (for @c YAML_DOCUMENT_END_EVENT). */ // 4 + struct { + /** Is the document end indicator implicit? */ + int implicit; + } document_end; + + /** The alias parameters (for @c YAML_ALIAS_EVENT). */ // 5 + struct { + /** The anchor. */ + yaml_char_t *anchor; + } alias; + + /** The scalar parameters (for @c YAML_SCALAR_EVENT). */ // 6 + struct { + /** The anchor. */ + yaml_char_t *anchor; + /** The tag. */ + yaml_char_t *tag; + /** The scalar value. */ + yaml_char_t *value; + /** The length of the scalar value. */ + size_t length; + /** Is the tag optional for the plain style? */ + int plain_implicit; + /** Is the tag optional for any non-plain style? */ + int quoted_implicit; + /** The scalar style. */ + yaml_scalar_style_t style; + } scalar; + + /** The sequence parameters (for @c YAML_SEQUENCE_START_EVENT). */ // 7 + struct { + /** The anchor. */ + yaml_char_t *anchor; + /** The tag. */ + yaml_char_t *tag; + /** Is the tag optional? */ + int implicit; + /** The sequence style. */ + yaml_sequence_style_t style; + } sequence_start; + + /** The mapping parameters (for @c YAML_MAPPING_START_EVENT). */ // 9 + struct { + /** The anchor. */ + yaml_char_t *anchor; + /** The tag. */ + yaml_char_t *tag; + /** Is the tag optional? */ + int implicit; + /** The mapping style. */ + yaml_mapping_style_t style; + } mapping_start; + + } data; + + /** The beginning of the event. */ + yaml_mark_t start_mark; + /** The end of the event. */ + yaml_mark_t end_mark; + +} yaml_event_t; + +/** + * Create the STREAM-START event. + * + * @param[out] event An empty event object. + * @param[in] encoding The stream encoding. + * + * @returns @c 1 if the function succeeded, @c 0 on error. + */ + +YAML_DECLARE(int) +yaml_stream_start_event_initialize(yaml_event_t *event, + yaml_encoding_t encoding); + +/** + * Create the STREAM-END event. + * + * @param[out] event An empty event object. + * + * @returns @c 1 if the function succeeded, @c 0 on error. + */ + +YAML_DECLARE(int) +yaml_stream_end_event_initialize(yaml_event_t *event); + +/** + * Create the DOCUMENT-START event. + * + * The @a implicit argument is considered as a stylistic parameter and may be + * ignored by the emitter. + * + * @param[out] event An empty event object. + * @param[in] titleVersion_directive The %YAML directive value or + * @c NULL. + * @param[in] tag_directives_start The beginning of the %TAG + * directives list. + * @param[in] tag_directives_end The end of the %TAG directives + * list. + * @param[in] implicit If the document start indicator is + * implicit. + * + * @returns @c 1 if the function succeeded, @c 0 on error. + */ + +YAML_DECLARE(int) +yaml_document_start_event_initialize(yaml_event_t *event, + yaml_titleVersion_directive_t *titleVersion_directive, + yaml_tag_directive_t *tag_directives_start, + yaml_tag_directive_t *tag_directives_end, + int implicit); + +/** + * Create the DOCUMENT-END event. + * + * The @a implicit argument is considered as a stylistic parameter and may be + * ignored by the emitter. + * + * @param[out] event An empty event object. + * @param[in] implicit If the document end indicator is implicit. + * + * @returns @c 1 if the function succeeded, @c 0 on error. + */ + +YAML_DECLARE(int) +yaml_document_end_event_initialize(yaml_event_t *event, int implicit); + +/** + * Create an ALIAS event. + * + * @param[out] event An empty event object. + * @param[in] anchor The anchor value. + * + * @returns @c 1 if the function succeeded, @c 0 on error. + */ + +YAML_DECLARE(int) +yaml_alias_event_initialize(yaml_event_t *event, yaml_char_t *anchor); + +/** + * Create a SCALAR event. + * + * The @a style argument may be ignored by the emitter. + * + * Either the @a tag attribute or one of the @a plain_implicit and + * @a quoted_implicit flags must be set. + * + * @param[out] event An empty event object. + * @param[in] anchor The scalar anchor or @c NULL. + * @param[in] tag The scalar tag or @c NULL. + * @param[in] value The scalar value. + * @param[in] length The length of the scalar value. + * @param[in] plain_implicit If the tag may be omitted for the plain + * style. + * @param[in] quoted_implicit If the tag may be omitted for any + * non-plain style. + * @param[in] style The scalar style. + * + * @returns @c 1 if the function succeeded, @c 0 on error. + */ + +YAML_DECLARE(int) +yaml_scalar_event_initialize(yaml_event_t *event, + yaml_char_t *anchor, yaml_char_t *tag, + yaml_char_t *value, int length, + int plain_implicit, int quoted_implicit, + yaml_scalar_style_t style); + +/** + * Create a SEQUENCE-START event. + * + * The @a style argument may be ignored by the emitter. + * + * Either the @a tag attribute or the @a implicit flag must be set. + * + * @param[out] event An empty event object. + * @param[in] anchor The sequence anchor or @c NULL. + * @param[in] tag The sequence tag or @c NULL. + * @param[in] implicit If the tag may be omitted. + * @param[in] style The sequence style. + * + * @returns @c 1 if the function succeeded, @c 0 on error. + */ + +YAML_DECLARE(int) +yaml_sequence_start_event_initialize(yaml_event_t *event, + yaml_char_t *anchor, yaml_char_t *tag, int implicit, + yaml_sequence_style_t style); + +/** + * Create a SEQUENCE-END event. + * + * @param[out] event An empty event object. + * + * @returns @c 1 if the function succeeded, @c 0 on error. + */ + +YAML_DECLARE(int) +yaml_sequence_end_event_initialize(yaml_event_t *event); + +/** + * Create a MAPPING-START event. + * + * The @a style argument may be ignored by the emitter. + * + * Either the @a tag attribute or the @a implicit flag must be set. + * + * @param[out] event An empty event object. + * @param[in] anchor The mapping anchor or @c NULL. + * @param[in] tag The mapping tag or @c NULL. + * @param[in] implicit If the tag may be omitted. + * @param[in] style The mapping style. + * + * @returns @c 1 if the function succeeded, @c 0 on error. + */ + +YAML_DECLARE(int) +yaml_mapping_start_event_initialize(yaml_event_t *event, + yaml_char_t *anchor, yaml_char_t *tag, int implicit, + yaml_mapping_style_t style); + +/** + * Create a MAPPING-END event. + * + * @param[out] event An empty event object. + * + * @returns @c 1 if the function succeeded, @c 0 on error. + */ + +YAML_DECLARE(int) +yaml_mapping_end_event_initialize(yaml_event_t *event); + +/** + * Free any memory allocated for an event object. + * + * @param[in,out] event An event object. + */ + +YAML_DECLARE(void) +yaml_event_delete(yaml_event_t *event); + +/** @} */ + +/** + * @defgroup nodes Nodes + * @{ + */ + +/** The tag @c !!null with the only possible value: @c null. */ +#define YAML_NULL_TAG "tag:yaml.org,2002:null" +/** The tag @c !!bool with the values: @c true and @c falce. */ +#define YAML_BOOL_TAG "tag:yaml.org,2002:bool" +/** The tag @c !!str for string values. */ +#define YAML_STR_TAG "tag:yaml.org,2002:str" +/** The tag @c !!int for integer values. */ +#define YAML_INT_TAG "tag:yaml.org,2002:int" +/** The tag @c !!float for float values. */ +#define YAML_FLOAT_TAG "tag:yaml.org,2002:float" +/** The tag @c !!timestamp for date and time values. */ +#define YAML_TIMESTAMP_TAG "tag:yaml.org,2002:timestamp" + +/** The tag @c !!seq is used to denote sequences. */ +#define YAML_SEQ_TAG "tag:yaml.org,2002:seq" +/** The tag @c !!map is used to denote mapping. */ +#define YAML_MAP_TAG "tag:yaml.org,2002:map" + +/** The default scalar tag is @c !!str. */ +#define YAML_DEFAULT_SCALAR_TAG YAML_STR_TAG +/** The default sequence tag is @c !!seq. */ +#define YAML_DEFAULT_SEQUENCE_TAG YAML_SEQ_TAG +/** The default mapping tag is @c !!map. */ +#define YAML_DEFAULT_MAPPING_TAG YAML_MAP_TAG + +/** Node types. */ +typedef enum yaml_node_type_e { + /** An empty node. */ + YAML_NO_NODE, + + /** A scalar node. */ + YAML_SCALAR_NODE, + /** A sequence node. */ + YAML_SEQUENCE_NODE, + /** A mapping node. */ + YAML_MAPPING_NODE +} yaml_node_type_t; + +/** The forward definition of a document node structure. */ +typedef struct yaml_node_s yaml_node_t; + +/** An element of a sequence node. */ +typedef int yaml_node_item_t; + +/** An element of a mapping node. */ +typedef struct yaml_node_pair_s { + /** The key of the element. */ + int key; + /** The value of the element. */ + int value; +} yaml_node_pair_t; + +/** The node structure. */ +struct yaml_node_s { + + /** The node type. */ + yaml_node_type_t type; + + /** The node tag. */ + yaml_char_t *tag; + + /** The node data. */ + union { + + /** The scalar parameters (for @c YAML_SCALAR_NODE). */ + struct { + /** The scalar value. */ + yaml_char_t *value; + /** The length of the scalar value. */ + size_t length; + /** The scalar style. */ + yaml_scalar_style_t style; + } scalar; + + /** The sequence parameters (for @c YAML_SEQUENCE_NODE). */ + struct { + /** The stack of sequence items. */ + struct { + /** The beginning of the stack. */ + yaml_node_item_t *start; + /** The end of the stack. */ + yaml_node_item_t *end; + /** The top of the stack. */ + yaml_node_item_t *top; + } items; + /** The sequence style. */ + yaml_sequence_style_t style; + } sequence; + + /** The mapping parameters (for @c YAML_MAPPING_NODE). */ + struct { + /** The stack of mapping pairs (key, value). */ + struct { + /** The beginning of the stack. */ + yaml_node_pair_t *start; + /** The end of the stack. */ + yaml_node_pair_t *end; + /** The top of the stack. */ + yaml_node_pair_t *top; + } pairs; + /** The mapping style. */ + yaml_mapping_style_t style; + } mapping; + + } data; + + /** The beginning of the node. */ + yaml_mark_t start_mark; + /** The end of the node. */ + yaml_mark_t end_mark; + +}; + +/** The document structure. */ +typedef struct yaml_document_s { + + /** The document nodes. */ + struct { + /** The beginning of the stack. */ + yaml_node_t *start; + /** The end of the stack. */ + yaml_node_t *end; + /** The top of the stack. */ + yaml_node_t *top; + } nodes; + + /** The titleVersion directive. */ + yaml_titleVersion_directive_t *titleVersion_directive; + + /** The list of tag directives. */ + struct { + /** The beginning of the tag directives list. */ + yaml_tag_directive_t *start; + /** The end of the tag directives list. */ + yaml_tag_directive_t *end; + } tag_directives; + + /** Is the document start indicator implicit? */ + int start_implicit; + /** Is the document end indicator implicit? */ + int end_implicit; + + /** The beginning of the document. */ + yaml_mark_t start_mark; + /** The end of the document. */ + yaml_mark_t end_mark; + +} yaml_document_t; + +/** + * Create a YAML document. + * + * @param[out] document An empty document object. + * @param[in] titleVersion_directive The %YAML directive value or + * @c NULL. + * @param[in] tag_directives_start The beginning of the %TAG + * directives list. + * @param[in] tag_directives_end The end of the %TAG directives + * list. + * @param[in] start_implicit If the document start indicator is + * implicit. + * @param[in] end_implicit If the document end indicator is + * implicit. + * + * @returns @c 1 if the function succeeded, @c 0 on error. + */ + +YAML_DECLARE(int) +yaml_document_initialize(yaml_document_t *document, + yaml_titleVersion_directive_t *titleVersion_directive, + yaml_tag_directive_t *tag_directives_start, + yaml_tag_directive_t *tag_directives_end, + int start_implicit, int end_implicit); + +/** + * Delete a YAML document and all its nodes. + * + * @param[in,out] document A document object. + */ + +YAML_DECLARE(void) +yaml_document_delete(yaml_document_t *document); + +/** + * Get a node of a YAML document. + * + * The pointer returned by this function is valid until any of the functions + * modifying the documents are called. + * + * @param[in] document A document object. + * @param[in] index The node id. + * + * @returns the node objct or @c NULL if @c node_id is out of range. + */ + +YAML_DECLARE(yaml_node_t *) +yaml_document_get_node(yaml_document_t *document, int index); + +/** + * Get the root of a YAML document node. + * + * The root object is the first object added to the document. + * + * The pointer returned by this function is valid until any of the functions + * modifying the documents are called. + * + * An empty document produced by the parser signifies the end of a YAML + * stream. + * + * @param[in] document A document object. + * + * @returns the node object or @c NULL if the document is empty. + */ + +YAML_DECLARE(yaml_node_t *) +yaml_document_get_root_node(yaml_document_t *document); + +/** + * Create a SCALAR node and attach it to the document. + * + * The @a style argument may be ignored by the emitter. + * + * @param[in,out] document A document object. + * @param[in] tag The scalar tag. + * @param[in] value The scalar value. + * @param[in] length The length of the scalar value. + * @param[in] style The scalar style. + * + * @returns the node id or @c 0 on error. + */ + +YAML_DECLARE(int) +yaml_document_add_scalar(yaml_document_t *document, + yaml_char_t *tag, yaml_char_t *value, int length, + yaml_scalar_style_t style); + +/** + * Create a SEQUENCE node and attach it to the document. + * + * The @a style argument may be ignored by the emitter. + * + * @param[in,out] document A document object. + * @param[in] tag The sequence tag. + * @param[in] style The sequence style. + * + * @returns the node id or @c 0 on error. + */ + +YAML_DECLARE(int) +yaml_document_add_sequence(yaml_document_t *document, + yaml_char_t *tag, yaml_sequence_style_t style); + +/** + * Create a MAPPING node and attach it to the document. + * + * The @a style argument may be ignored by the emitter. + * + * @param[in,out] document A document object. + * @param[in] tag The sequence tag. + * @param[in] style The sequence style. + * + * @returns the node id or @c 0 on error. + */ + +YAML_DECLARE(int) +yaml_document_add_mapping(yaml_document_t *document, + yaml_char_t *tag, yaml_mapping_style_t style); + +/** + * Add an item to a SEQUENCE node. + * + * @param[in,out] document A document object. + * @param[in] sequence The sequence node id. + * @param[in] item The item node id. +* + * @returns @c 1 if the function succeeded, @c 0 on error. + */ + +YAML_DECLARE(int) +yaml_document_append_sequence_item(yaml_document_t *document, + int sequence, int item); + +/** + * Add a pair of a key and a value to a MAPPING node. + * + * @param[in,out] document A document object. + * @param[in] mapping The mapping node id. + * @param[in] key The key node id. + * @param[in] value The value node id. +* + * @returns @c 1 if the function succeeded, @c 0 on error. + */ + +YAML_DECLARE(int) +yaml_document_append_mapping_pair(yaml_document_t *document, + int mapping, int key, int value); + +/** @} */ + +/** + * @defgroup parser Parser Definitions + * @{ + */ + +/** + * The prototype of a read handler. + * + * The read handler is called when the parser needs to read more bytes from the + * source. The handler should write not more than @a size bytes to the @a + * buffer. The number of written bytes should be set to the @a length variable. + * + * @param[in,out] data A pointer to an application data specified by + * yaml_parser_set_input(). + * @param[out] buffer The buffer to write the data from the source. + * @param[in] size The size of the buffer. + * @param[out] size_read The actual number of bytes read from the source. + * + * @returns On success, the handler should return @c 1. If the handler failed, + * the returned value should be @c 0. On EOF, the handler should set the + * @a size_read to @c 0 and return @c 1. + */ + +typedef int yaml_read_handler_t(void *data, unsigned char *buffer, size_t size, + size_t *size_read); + +/** + * This structure holds information about a potential simple key. + */ + +typedef struct yaml_simple_key_s { + /** Is a simple key possible? */ + int possible; + + /** Is a simple key required? */ + int required; + + /** The number of the token. */ + size_t token_number; + + /** The position mark. */ + yaml_mark_t mark; +} yaml_simple_key_t; + +/** + * The states of the parser. + */ +typedef enum yaml_parser_state_e { + /** Expect STREAM-START. */ + YAML_PARSE_STREAM_START_STATE, + /** Expect the beginning of an implicit document. */ + YAML_PARSE_IMPLICIT_DOCUMENT_START_STATE, + /** Expect DOCUMENT-START. */ + YAML_PARSE_DOCUMENT_START_STATE, + /** Expect the content of a document. */ + YAML_PARSE_DOCUMENT_CONTENT_STATE, + /** Expect DOCUMENT-END. */ + YAML_PARSE_DOCUMENT_END_STATE, + /** Expect a block node. */ + YAML_PARSE_BLOCK_NODE_STATE, + /** Expect a block node or indentless sequence. */ + YAML_PARSE_BLOCK_NODE_OR_INDENTLESS_SEQUENCE_STATE, + /** Expect a flow node. */ + YAML_PARSE_FLOW_NODE_STATE, + /** Expect the first entry of a block sequence. */ + YAML_PARSE_BLOCK_SEQUENCE_FIRST_ENTRY_STATE, + /** Expect an entry of a block sequence. */ + YAML_PARSE_BLOCK_SEQUENCE_ENTRY_STATE, + /** Expect an entry of an indentless sequence. */ + YAML_PARSE_INDENTLESS_SEQUENCE_ENTRY_STATE, + /** Expect the first key of a block mapping. */ + YAML_PARSE_BLOCK_MAPPING_FIRST_KEY_STATE, + /** Expect a block mapping key. */ + YAML_PARSE_BLOCK_MAPPING_KEY_STATE, + /** Expect a block mapping value. */ + YAML_PARSE_BLOCK_MAPPING_VALUE_STATE, + /** Expect the first entry of a flow sequence. */ + YAML_PARSE_FLOW_SEQUENCE_FIRST_ENTRY_STATE, + /** Expect an entry of a flow sequence. */ + YAML_PARSE_FLOW_SEQUENCE_ENTRY_STATE, + /** Expect a key of an ordered mapping. */ + YAML_PARSE_FLOW_SEQUENCE_ENTRY_MAPPING_KEY_STATE, + /** Expect a value of an ordered mapping. */ + YAML_PARSE_FLOW_SEQUENCE_ENTRY_MAPPING_VALUE_STATE, + /** Expect the and of an ordered mapping entry. */ + YAML_PARSE_FLOW_SEQUENCE_ENTRY_MAPPING_END_STATE, + /** Expect the first key of a flow mapping. */ + YAML_PARSE_FLOW_MAPPING_FIRST_KEY_STATE, + /** Expect a key of a flow mapping. */ + YAML_PARSE_FLOW_MAPPING_KEY_STATE, + /** Expect a value of a flow mapping. */ + YAML_PARSE_FLOW_MAPPING_VALUE_STATE, + /** Expect an empty value of a flow mapping. */ + YAML_PARSE_FLOW_MAPPING_EMPTY_VALUE_STATE, + /** Expect nothing. */ + YAML_PARSE_END_STATE +} yaml_parser_state_t; + +/** + * This structure holds aliases data. + */ + +typedef struct yaml_alias_data_s { + /** The anchor. */ + yaml_char_t *anchor; + /** The node id. */ + int index; + /** The anchor mark. */ + yaml_mark_t mark; +} yaml_alias_data_t; + +/** + * The parser structure. + * + * All members are internal. Manage the structure using the @c yaml_parser_ + * family of functions. + */ + +typedef struct yaml_parser_s { + + /** + * @name Error handling + * @{ + */ + + /** Error type. */ + yaml_error_type_t error; + /** Error description. */ + const char *problem; + /** The byte about which the problem occured. */ + size_t problem_offset; + /** The problematic value (@c -1 is none). */ + int problem_value; + /** The problem position. */ + yaml_mark_t problem_mark; + /** The error context. */ + const char *context; + /** The context position. */ + yaml_mark_t context_mark; + + /** + * @} + */ + + /** + * @name Reader stuff + * @{ + */ + + /** Read handler. */ + yaml_read_handler_t *read_handler; + + /** A pointer for passing to the read handler. */ + void *read_handler_data; + + /** Standard (string or file) input data. */ + union { + /** String input data. */ + struct { + /** The string start pointer. */ + const unsigned char *start; + /** The string end pointer. */ + const unsigned char *end; + /** The string current position. */ + const unsigned char *current; + } string; + + /** File input data. */ + FILE *file; + } input; + + /** EOF flag */ + int eof; + + /** The working buffer. */ + struct { + /** The beginning of the buffer. */ + yaml_char_t *start; + /** The end of the buffer. */ + yaml_char_t *end; + /** The current position of the buffer. */ + yaml_char_t *pointer; + /** The last filled position of the buffer. */ + yaml_char_t *last; + } buffer; + + /* The number of unread characters in the buffer. */ + size_t unread; + + /** The raw buffer. */ + struct { + /** The beginning of the buffer. */ + unsigned char *start; + /** The end of the buffer. */ + unsigned char *end; + /** The current position of the buffer. */ + unsigned char *pointer; + /** The last filled position of the buffer. */ + unsigned char *last; + } raw_buffer; + + /** The input encoding. */ + yaml_encoding_t encoding; + + /** The offset of the current position (in bytes). */ + size_t offset; + + /** The mark of the current position. */ + yaml_mark_t mark; + + /** + * @} + */ + + /** + * @name Scanner stuff + * @{ + */ + + /** Have we started to scan the input stream? */ + int stream_start_produced; + + /** Have we reached the end of the input stream? */ + int stream_end_produced; + + /** The number of unclosed '[' and '{' indicators. */ + int flow_level; + + /** The tokens queue. */ + struct { + /** The beginning of the tokens queue. */ + yaml_token_t *start; + /** The end of the tokens queue. */ + yaml_token_t *end; + /** The head of the tokens queue. */ + yaml_token_t *head; + /** The tail of the tokens queue. */ + yaml_token_t *tail; + } tokens; + + /** The number of tokens fetched from the queue. */ + size_t tokens_parsed; + + /* Does the tokens queue contain a token ready for dequeueing. */ + int token_available; + + /** The indentation levels stack. */ + struct { + /** The beginning of the stack. */ + int *start; + /** The end of the stack. */ + int *end; + /** The top of the stack. */ + int *top; + } indents; + + /** The current indentation level. */ + int indent; + + /** May a simple key occur at the current position? */ + int simple_key_allowed; + + /** The stack of simple keys. */ + struct { + /** The beginning of the stack. */ + yaml_simple_key_t *start; + /** The end of the stack. */ + yaml_simple_key_t *end; + /** The top of the stack. */ + yaml_simple_key_t *top; + } simple_keys; + + /** + * @} + */ + + /** + * @name Parser stuff + * @{ + */ + + /** The parser states stack. */ + struct { + /** The beginning of the stack. */ + yaml_parser_state_t *start; + /** The end of the stack. */ + yaml_parser_state_t *end; + /** The top of the stack. */ + yaml_parser_state_t *top; + } states; + + /** The current parser state. */ + yaml_parser_state_t state; + + /** The stack of marks. */ + struct { + /** The beginning of the stack. */ + yaml_mark_t *start; + /** The end of the stack. */ + yaml_mark_t *end; + /** The top of the stack. */ + yaml_mark_t *top; + } marks; + + /** The list of TAG directives. */ + struct { + /** The beginning of the list. */ + yaml_tag_directive_t *start; + /** The end of the list. */ + yaml_tag_directive_t *end; + /** The top of the list. */ + yaml_tag_directive_t *top; + } tag_directives; + + /** + * @} + */ + + /** + * @name Dumper stuff + * @{ + */ + + /** The alias data. */ + struct { + /** The beginning of the list. */ + yaml_alias_data_t *start; + /** The end of the list. */ + yaml_alias_data_t *end; + /** The top of the list. */ + yaml_alias_data_t *top; + } aliases; + + /** The currently parsed document. */ + yaml_document_t *document; + + /** + * @} + */ + +} yaml_parser_t; + +/** + * Initialize a parser. + * + * This function creates a new parser object. An application is responsible + * for destroying the object using the yaml_parser_delete() function. + * + * @param[out] parser An empty parser object. + * + * @returns @c 1 if the function succeeded, @c 0 on error. + */ + +YAML_DECLARE(int) +yaml_parser_initialize(yaml_parser_t *parser); + +/** + * Destroy a parser. + * + * @param[in,out] parser A parser object. + */ + +YAML_DECLARE(void) +yaml_parser_delete(yaml_parser_t *parser); + +/** + * Set a string input. + * + * Note that the @a input pointer must be valid while the @a parser object + * exists. The application is responsible for destroing @a input after + * destroying the @a parser. + * + * @param[in,out] parser A parser object. + * @param[in] input A source data. + * @param[in] size The length of the source data in bytes. + */ + +YAML_DECLARE(void) +yaml_parser_set_input_string(yaml_parser_t *parser, + const unsigned char *input, size_t size); + +/** + * Set a file input. + * + * @a file should be a file object open for reading. The application is + * responsible for closing the @a file. + * + * @param[in,out] parser A parser object. + * @param[in] file An open file. + */ + +YAML_DECLARE(void) +yaml_parser_set_input_file(yaml_parser_t *parser, FILE *file); + +/** + * Set a generic input handler. + * + * @param[in,out] parser A parser object. + * @param[in] handler A read handler. + * @param[in] data Any application data for passing to the read + * handler. + */ + +YAML_DECLARE(void) +yaml_parser_set_input(yaml_parser_t *parser, + yaml_read_handler_t *handler, void *data); + +/** + * Set the source encoding. + * + * @param[in,out] parser A parser object. + * @param[in] encoding The source encoding. + */ + +YAML_DECLARE(void) +yaml_parser_set_encoding(yaml_parser_t *parser, yaml_encoding_t encoding); + +/** + * Scan the input stream and produce the next token. + * + * Call the function subsequently to produce a sequence of tokens corresponding + * to the input stream. The initial token has the type + * @c YAML_STREAM_START_TOKEN while the ending token has the type + * @c YAML_STREAM_END_TOKEN. + * + * An application is responsible for freeing any buffers associated with the + * produced token object using the @c yaml_token_delete function. + * + * An application must not alternate the calls of yaml_parser_scan() with the + * calls of yaml_parser_parse() or yaml_parser_load(). Doing this will break + * the parser. + * + * @param[in,out] parser A parser object. + * @param[out] token An empty token object. + * + * @returns @c 1 if the function succeeded, @c 0 on error. + */ + +YAML_DECLARE(int) +yaml_parser_scan(yaml_parser_t *parser, yaml_token_t *token); + +/** + * Parse the input stream and produce the next parsing event. + * + * Call the function subsequently to produce a sequence of events corresponding + * to the input stream. The initial event has the type + * @c YAML_STREAM_START_EVENT while the ending event has the type + * @c YAML_STREAM_END_EVENT. + * + * An application is responsible for freeing any buffers associated with the + * produced event object using the yaml_event_delete() function. + * + * An application must not alternate the calls of yaml_parser_parse() with the + * calls of yaml_parser_scan() or yaml_parser_load(). Doing this will break the + * parser. + * + * @param[in,out] parser A parser object. + * @param[out] event An empty event object. + * + * @returns @c 1 if the function succeeded, @c 0 on error. + */ + +YAML_DECLARE(int) +yaml_parser_parse(yaml_parser_t *parser, yaml_event_t *event); + +/** + * Parse the input stream and produce the next YAML document. + * + * Call this function subsequently to produce a sequence of documents + * constituting the input stream. + * + * If the produced document has no root node, it means that the document + * end has been reached. + * + * An application is responsible for freeing any data associated with the + * produced document object using the yaml_document_delete() function. + * + * An application must not alternate the calls of yaml_parser_load() with the + * calls of yaml_parser_scan() or yaml_parser_parse(). Doing this will break + * the parser. + * + * @param[in,out] parser A parser object. + * @param[out] document An empty document object. + * + * @return @c 1 if the function succeeded, @c 0 on error. + */ + +YAML_DECLARE(int) +yaml_parser_load(yaml_parser_t *parser, yaml_document_t *document); + +/** @} */ + +/** + * @defgroup emitter Emitter Definitions + * @{ + */ + +/** + * The prototype of a write handler. + * + * The write handler is called when the emitter needs to flush the accumulated + * characters to the output. The handler should write @a size bytes of the + * @a buffer to the output. + * + * @param[in,out] data A pointer to an application data specified by + * yaml_emitter_set_output(). + * @param[in] buffer The buffer with bytes to be written. + * @param[in] size The size of the buffer. + * + * @returns On success, the handler should return @c 1. If the handler failed, + * the returned value should be @c 0. + */ + +typedef int yaml_write_handler_t(void *data, unsigned char *buffer, size_t size); + +/** The emitter states. */ +typedef enum yaml_emitter_state_e { + /** Expect STREAM-START. */ + YAML_EMIT_STREAM_START_STATE, + /** Expect the first DOCUMENT-START or STREAM-END. */ + YAML_EMIT_FIRST_DOCUMENT_START_STATE, + /** Expect DOCUMENT-START or STREAM-END. */ + YAML_EMIT_DOCUMENT_START_STATE, + /** Expect the content of a document. */ + YAML_EMIT_DOCUMENT_CONTENT_STATE, + /** Expect DOCUMENT-END. */ + YAML_EMIT_DOCUMENT_END_STATE, + /** Expect the first item of a flow sequence. */ + YAML_EMIT_FLOW_SEQUENCE_FIRST_ITEM_STATE, + /** Expect an item of a flow sequence. */ + YAML_EMIT_FLOW_SEQUENCE_ITEM_STATE, + /** Expect the first key of a flow mapping. */ + YAML_EMIT_FLOW_MAPPING_FIRST_KEY_STATE, + /** Expect a key of a flow mapping. */ + YAML_EMIT_FLOW_MAPPING_KEY_STATE, + /** Expect a value for a simple key of a flow mapping. */ + YAML_EMIT_FLOW_MAPPING_SIMPLE_VALUE_STATE, + /** Expect a value of a flow mapping. */ + YAML_EMIT_FLOW_MAPPING_VALUE_STATE, + /** Expect the first item of a block sequence. */ + YAML_EMIT_BLOCK_SEQUENCE_FIRST_ITEM_STATE, + /** Expect an item of a block sequence. */ + YAML_EMIT_BLOCK_SEQUENCE_ITEM_STATE, + /** Expect the first key of a block mapping. */ + YAML_EMIT_BLOCK_MAPPING_FIRST_KEY_STATE, + /** Expect the key of a block mapping. */ + YAML_EMIT_BLOCK_MAPPING_KEY_STATE, + /** Expect a value for a simple key of a block mapping. */ + YAML_EMIT_BLOCK_MAPPING_SIMPLE_VALUE_STATE, + /** Expect a value of a block mapping. */ + YAML_EMIT_BLOCK_MAPPING_VALUE_STATE, + /** Expect nothing. */ + YAML_EMIT_END_STATE +} yaml_emitter_state_t; + +/** + * The emitter structure. + * + * All members are internal. Manage the structure using the @c yaml_emitter_ + * family of functions. + */ + +typedef struct yaml_emitter_s { + + /** + * @name Error handling + * @{ + */ + + /** Error type. */ + yaml_error_type_t error; + /** Error description. */ + const char *problem; + + /** + * @} + */ + + /** + * @name Writer stuff + * @{ + */ + + /** Write handler. */ + yaml_write_handler_t *write_handler; + + /** A pointer for passing to the white handler. */ + void *write_handler_data; + + /** Standard (string or file) output data. */ + union { + /** String output data. */ + struct { + /** The buffer pointer. */ + unsigned char *buffer; + /** The buffer size. */ + size_t size; + /** The number of written bytes. */ + size_t *size_written; + } string; + + /** File output data. */ + FILE *file; + } output; + + /** The working buffer. */ + struct { + /** The beginning of the buffer. */ + yaml_char_t *start; + /** The end of the buffer. */ + yaml_char_t *end; + /** The current position of the buffer. */ + yaml_char_t *pointer; + /** The last filled position of the buffer. */ + yaml_char_t *last; + } buffer; + + /** The raw buffer. */ + struct { + /** The beginning of the buffer. */ + unsigned char *start; + /** The end of the buffer. */ + unsigned char *end; + /** The current position of the buffer. */ + unsigned char *pointer; + /** The last filled position of the buffer. */ + unsigned char *last; + } raw_buffer; + + /** The stream encoding. */ + yaml_encoding_t encoding; + + /** + * @} + */ + + /** + * @name Emitter stuff + * @{ + */ + + /** If the output is in the canonical style? */ + int canonical; + /** The number of indentation spaces. */ + int best_indent; + /** The preferred width of the output lines. */ + int best_width; + /** Allow unescaped non-ASCII characters? */ + int unicode; + /** The preferred line break. */ + yaml_break_t line_break; + + /** The stack of states. */ + struct { + /** The beginning of the stack. */ + yaml_emitter_state_t *start; + /** The end of the stack. */ + yaml_emitter_state_t *end; + /** The top of the stack. */ + yaml_emitter_state_t *top; + } states; + + /** The current emitter state. */ + yaml_emitter_state_t state; + + /** The event queue. */ + struct { + /** The beginning of the event queue. */ + yaml_event_t *start; + /** The end of the event queue. */ + yaml_event_t *end; + /** The head of the event queue. */ + yaml_event_t *head; + /** The tail of the event queue. */ + yaml_event_t *tail; + } events; + + /** The stack of indentation levels. */ + struct { + /** The beginning of the stack. */ + int *start; + /** The end of the stack. */ + int *end; + /** The top of the stack. */ + int *top; + } indents; + + /** The list of tag directives. */ + struct { + /** The beginning of the list. */ + yaml_tag_directive_t *start; + /** The end of the list. */ + yaml_tag_directive_t *end; + /** The top of the list. */ + yaml_tag_directive_t *top; + } tag_directives; + + /** The current indentation level. */ + int indent; + + /** The current flow level. */ + int flow_level; + + /** Is it the document root context? */ + int root_context; + /** Is it a sequence context? */ + int sequence_context; + /** Is it a mapping context? */ + int mapping_context; + /** Is it a simple mapping key context? */ + int simple_key_context; + + /** The current line. */ + int line; + /** The current column. */ + int column; + /** If the last character was a whitespace? */ + int whitespace; + /** If the last character was an indentation character (' ', '-', '?', ':')? */ + int indention; + /** If an explicit document end is required? */ + int open_ended; + + /** Anchor analysis. */ + struct { + /** The anchor value. */ + yaml_char_t *anchor; + /** The anchor length. */ + size_t anchor_length; + /** Is it an alias? */ + int alias; + } anchor_data; + + /** Tag analysis. */ + struct { + /** The tag handle. */ + yaml_char_t *handle; + /** The tag handle length. */ + size_t handle_length; + /** The tag suffix. */ + yaml_char_t *suffix; + /** The tag suffix length. */ + size_t suffix_length; + } tag_data; + + /** Scalar analysis. */ + struct { + /** The scalar value. */ + yaml_char_t *value; + /** The scalar length. */ + size_t length; + /** Does the scalar contain line breaks? */ + int multiline; + /** Can the scalar be expessed in the flow plain style? */ + int flow_plain_allowed; + /** Can the scalar be expressed in the block plain style? */ + int block_plain_allowed; + /** Can the scalar be expressed in the single quoted style? */ + int single_quoted_allowed; + /** Can the scalar be expressed in the literal or folded styles? */ + int block_allowed; + /** The output style. */ + yaml_scalar_style_t style; + } scalar_data; + + /** + * @} + */ + + /** + * @name Dumper stuff + * @{ + */ + + /** If the stream was already opened? */ + int opened; + /** If the stream was already closed? */ + int closed; + + /** The information associated with the document nodes. */ + struct { + /** The number of references. */ + int references; + /** The anchor id. */ + int anchor; + /** If the node has been emitted? */ + int serialized; + } *anchors; + + /** The last assigned anchor id. */ + int last_anchor_id; + + /** The currently emitted document. */ + yaml_document_t *document; + + /** + * @} + */ + +} yaml_emitter_t; + +/** + * Initialize an emitter. + * + * This function creates a new emitter object. An application is responsible + * for destroying the object using the yaml_emitter_delete() function. + * + * @param[out] emitter An empty parser object. + * + * @returns @c 1 if the function succeeded, @c 0 on error. + */ + +YAML_DECLARE(int) +yaml_emitter_initialize(yaml_emitter_t *emitter); + +/** + * Destroy an emitter. + * + * @param[in,out] emitter An emitter object. + */ + +YAML_DECLARE(void) +yaml_emitter_delete(yaml_emitter_t *emitter); + +/** + * Set a string output. + * + * The emitter will write the output characters to the @a output buffer of the + * size @a size. The emitter will set @a size_written to the number of written + * bytes. If the buffer is smaller than required, the emitter produces the + * YAML_WRITE_ERROR error. + * + * @param[in,out] emitter An emitter object. + * @param[in] output An output buffer. + * @param[in] size The buffer size. + * @param[in] size_written The pointer to save the number of written + * bytes. + */ + +YAML_DECLARE(void) +yaml_emitter_set_output_string(yaml_emitter_t *emitter, + unsigned char *output, size_t size, size_t *size_written); + +/** + * Set a file output. + * + * @a file should be a file object open for writing. The application is + * responsible for closing the @a file. + * + * @param[in,out] emitter An emitter object. + * @param[in] file An open file. + */ + +YAML_DECLARE(void) +yaml_emitter_set_output_file(yaml_emitter_t *emitter, FILE *file); + +/** + * Set a generic output handler. + * + * @param[in,out] emitter An emitter object. + * @param[in] handler A write handler. + * @param[in] data Any application data for passing to the write + * handler. + */ + +YAML_DECLARE(void) +yaml_emitter_set_output(yaml_emitter_t *emitter, + yaml_write_handler_t *handler, void *data); + +/** + * Set the output encoding. + * + * @param[in,out] emitter An emitter object. + * @param[in] encoding The output encoding. + */ + +YAML_DECLARE(void) +yaml_emitter_set_encoding(yaml_emitter_t *emitter, yaml_encoding_t encoding); + +/** + * Set if the output should be in the "canonical" format as in the YAML + * specification. + * + * @param[in,out] emitter An emitter object. + * @param[in] canonical If the output is canonical. + */ + +YAML_DECLARE(void) +yaml_emitter_set_canonical(yaml_emitter_t *emitter, int canonical); + +/** + * Set the intendation increment. + * + * @param[in,out] emitter An emitter object. + * @param[in] indent The indentation increment (1 < . < 10). + */ + +YAML_DECLARE(void) +yaml_emitter_set_indent(yaml_emitter_t *emitter, int indent); + +/** + * Set the preferred line width. @c -1 means unlimited. + * + * @param[in,out] emitter An emitter object. + * @param[in] width The preferred line width. + */ + +YAML_DECLARE(void) +yaml_emitter_set_width(yaml_emitter_t *emitter, int width); + +/** + * Set if unescaped non-ASCII characters are allowed. + * + * @param[in,out] emitter An emitter object. + * @param[in] unicode If unescaped Unicode characters are allowed. + */ + +YAML_DECLARE(void) +yaml_emitter_set_unicode(yaml_emitter_t *emitter, int unicode); + +/** + * Set the preferred line break. + * + * @param[in,out] emitter An emitter object. + * @param[in] line_break The preferred line break. + */ + +YAML_DECLARE(void) +yaml_emitter_set_break(yaml_emitter_t *emitter, yaml_break_t line_break); + +/** + * Emit an event. + * + * The event object may be generated using the yaml_parser_parse() function. + * The emitter takes the responsibility for the event object and destroys its + * content after it is emitted. The event object is destroyed even if the + * function fails. + * + * @param[in,out] emitter An emitter object. + * @param[in,out] event An event object. + * + * @returns @c 1 if the function succeeded, @c 0 on error. + */ + +YAML_DECLARE(int) +yaml_emitter_emit(yaml_emitter_t *emitter, yaml_event_t *event); + +/** + * Start a YAML stream. + * + * This function should be used before yaml_emitter_dump() is called. + * + * @param[in,out] emitter An emitter object. + * + * @returns @c 1 if the function succeeded, @c 0 on error. + */ + +YAML_DECLARE(int) +yaml_emitter_open(yaml_emitter_t *emitter); + +/** + * Finish a YAML stream. + * + * This function should be used after yaml_emitter_dump() is called. + * + * @param[in,out] emitter An emitter object. + * + * @returns @c 1 if the function succeeded, @c 0 on error. + */ + +YAML_DECLARE(int) +yaml_emitter_close(yaml_emitter_t *emitter); + +/** + * Emit a YAML document. + * + * The documen object may be generated using the yaml_parser_load() function + * or the yaml_document_initialize() function. The emitter takes the + * responsibility for the document object and destoys its content after + * it is emitted. The document object is destroyedeven if the function fails. + * + * @param[in,out] emitter An emitter object. + * @param[in,out] document A document object. + * + * @returns @c 1 if the function succeeded, @c 0 on error. + */ + +YAML_DECLARE(int) +yaml_emitter_dump(yaml_emitter_t *emitter, yaml_document_t *document); + +/** + * Flush the accumulated characters to the output. + * + * @param[in,out] emitter An emitter object. + * + * @returns @c 1 if the function succeeded, @c 0 on error. + */ + +YAML_DECLARE(int) +yaml_emitter_flush(yaml_emitter_t *emitter); + +/** @} */ + +#ifdef __cplusplus +} +#endif + +#endif /* #ifndef YAML_H */ + diff --git a/libyaml/yaml_private.h b/libyaml/yaml_private.h new file mode 100644 index 0000000..31ed23c --- /dev/null +++ b/libyaml/yaml_private.h @@ -0,0 +1,646 @@ + +#if HAVE_CONFIG_H +#include +#endif + +#include "libyaml/yaml.h" + +#include +#include + + +#define YAML_titleVersion_STRING "0.1.4" +#define YAML_titleVersion_MAJOR 0 +#define YAML_titleVersion_MINOR 1 +#define YAML_titleVersion_PATCH 4 + +/* + * Memory management. + */ + +YAML_DECLARE(void *) +yaml_malloc(size_t size); + +YAML_DECLARE(void *) +yaml_realloc(void *ptr, size_t size); + +YAML_DECLARE(void) +yaml_free(void *ptr); + +YAML_DECLARE(yaml_char_t *) +yaml_strdup(const yaml_char_t *); + +/* + * Reader: Ensure that the buffer contains at least `length` characters. + */ + +YAML_DECLARE(int) +yaml_parser_update_buffer(yaml_parser_t *parser, size_t length); + +/* + * Scanner: Ensure that the token stack contains at least one token ready. + */ + +YAML_DECLARE(int) +yaml_parser_fetch_more_tokens(yaml_parser_t *parser); + +/* + * The size of the input raw buffer. + */ + +#define INPUT_RAW_BUFFER_SIZE 16384 + +/* + * The size of the input buffer. + * + * It should be possible to decode the whole raw buffer. + */ + +#define INPUT_BUFFER_SIZE (INPUT_RAW_BUFFER_SIZE*3) + +/* + * The size of the output buffer. + */ + +#define OUTPUT_BUFFER_SIZE 16384 + +/* + * The size of the output raw buffer. + * + * It should be possible to encode the whole output buffer. + */ + +#define OUTPUT_RAW_BUFFER_SIZE (OUTPUT_BUFFER_SIZE*2+2) + +/* + * The size of other stacks and queues. + */ + +#define INITIAL_STACK_SIZE 16 +#define INITIAL_QUEUE_SIZE 16 +#define INITIAL_STRING_SIZE 16 + +/* + * Buffer management. + */ + +#define BUFFER_INIT(context,buffer,size) \ + (((buffer).start = yaml_malloc(size)) ? \ + ((buffer).last = (buffer).pointer = (buffer).start, \ + (buffer).end = (buffer).start+(size), \ + 1) : \ + ((context)->error = YAML_MEMORY_ERROR, \ + 0)) + +#define BUFFER_DEL(context,buffer) \ + (yaml_free((buffer).start), \ + (buffer).start = (buffer).pointer = (buffer).end = 0) + +/* + * String management. + */ + +typedef struct { + yaml_char_t *start; + yaml_char_t *end; + yaml_char_t *pointer; +} yaml_string_t; + +YAML_DECLARE(int) +yaml_string_extend(yaml_char_t **start, + yaml_char_t **pointer, yaml_char_t **end); + +YAML_DECLARE(int) +yaml_string_join( + yaml_char_t **a_start, yaml_char_t **a_pointer, yaml_char_t **a_end, + yaml_char_t **b_start, yaml_char_t **b_pointer, yaml_char_t **b_end); + +#define NULL_STRING { NULL, NULL, NULL } + +#define STRING(string,length) { (string), (string)+(length), (string) } + +#define STRING_ASSIGN(value,string,length) \ + ((value).start = (string), \ + (value).end = (string)+(length), \ + (value).pointer = (string)) + +#define STRING_INIT(context,string,size) \ + (((string).start = yaml_malloc(size)) ? \ + ((string).pointer = (string).start, \ + (string).end = (string).start+(size), \ + memset((string).start, 0, (size)), \ + 1) : \ + ((context)->error = YAML_MEMORY_ERROR, \ + 0)) + +#define STRING_DEL(context,string) \ + (yaml_free((string).start), \ + (string).start = (string).pointer = (string).end = 0) + +#define STRING_EXTEND(context,string) \ + (((string).pointer+5 < (string).end) \ + || yaml_string_extend(&(string).start, \ + &(string).pointer, &(string).end)) + +#define CLEAR(context,string) \ + ((string).pointer = (string).start, \ + memset((string).start, 0, (string).end-(string).start)) + +#define JOIN(context,string_a,string_b) \ + ((yaml_string_join(&(string_a).start, &(string_a).pointer, \ + &(string_a).end, &(string_b).start, \ + &(string_b).pointer, &(string_b).end)) ? \ + ((string_b).pointer = (string_b).start, \ + 1) : \ + ((context)->error = YAML_MEMORY_ERROR, \ + 0)) + +/* + * String check operations. + */ + +/* + * Check the octet at the specified position. + */ + +#define CHECK_AT(string,octet,offset) \ + ((string).pointer[offset] == (yaml_char_t)(octet)) + +/* + * Check the current octet in the buffer. + */ + +#define CHECK(string,octet) CHECK_AT((string),(octet),0) + +/* + * Check if the character at the specified position is an alphabetical + * character, a digit, '_', or '-'. + */ + +#define IS_ALPHA_AT(string,offset) \ + (((string).pointer[offset] >= (yaml_char_t) '0' && \ + (string).pointer[offset] <= (yaml_char_t) '9') || \ + ((string).pointer[offset] >= (yaml_char_t) 'A' && \ + (string).pointer[offset] <= (yaml_char_t) 'Z') || \ + ((string).pointer[offset] >= (yaml_char_t) 'a' && \ + (string).pointer[offset] <= (yaml_char_t) 'z') || \ + (string).pointer[offset] == '_' || \ + (string).pointer[offset] == '-') + +#define IS_ALPHA(string) IS_ALPHA_AT((string),0) + +/* + * Check if the character at the specified position is a digit. + */ + +#define IS_DIGIT_AT(string,offset) \ + (((string).pointer[offset] >= (yaml_char_t) '0' && \ + (string).pointer[offset] <= (yaml_char_t) '9')) + +#define IS_DIGIT(string) IS_DIGIT_AT((string),0) + +/* + * Get the value of a digit. + */ + +#define AS_DIGIT_AT(string,offset) \ + ((string).pointer[offset] - (yaml_char_t) '0') + +#define AS_DIGIT(string) AS_DIGIT_AT((string),0) + +/* + * Check if the character at the specified position is a hex-digit. + */ + +#define IS_HEX_AT(string,offset) \ + (((string).pointer[offset] >= (yaml_char_t) '0' && \ + (string).pointer[offset] <= (yaml_char_t) '9') || \ + ((string).pointer[offset] >= (yaml_char_t) 'A' && \ + (string).pointer[offset] <= (yaml_char_t) 'F') || \ + ((string).pointer[offset] >= (yaml_char_t) 'a' && \ + (string).pointer[offset] <= (yaml_char_t) 'f')) + +#define IS_HEX(string) IS_HEX_AT((string),0) + +/* + * Get the value of a hex-digit. + */ + +#define AS_HEX_AT(string,offset) \ + (((string).pointer[offset] >= (yaml_char_t) 'A' && \ + (string).pointer[offset] <= (yaml_char_t) 'F') ? \ + ((string).pointer[offset] - (yaml_char_t) 'A' + 10) : \ + ((string).pointer[offset] >= (yaml_char_t) 'a' && \ + (string).pointer[offset] <= (yaml_char_t) 'f') ? \ + ((string).pointer[offset] - (yaml_char_t) 'a' + 10) : \ + ((string).pointer[offset] - (yaml_char_t) '0')) + +#define AS_HEX(string) AS_HEX_AT((string),0) + +/* + * Check if the character is ASCII. + */ + +#define IS_ASCII_AT(string,offset) \ + ((string).pointer[offset] <= (yaml_char_t) '\x7F') + +#define IS_ASCII(string) IS_ASCII_AT((string),0) + +/* + * Check if the character can be printed unescaped. + */ + +#define IS_PRINTABLE_AT(string,offset) \ + (((string).pointer[offset] == 0x0A) /* . == #x0A */ \ + || ((string).pointer[offset] >= 0x20 /* #x20 <= . <= #x7E */ \ + && (string).pointer[offset] <= 0x7E) \ + || ((string).pointer[offset] == 0xC2 /* #0xA0 <= . <= #xD7FF */ \ + && (string).pointer[offset+1] >= 0xA0) \ + || ((string).pointer[offset] > 0xC2 \ + && (string).pointer[offset] < 0xED) \ + || ((string).pointer[offset] == 0xED \ + && (string).pointer[offset+1] < 0xA0) \ + || ((string).pointer[offset] == 0xEE) \ + || ((string).pointer[offset] == 0xEF /* #xE000 <= . <= #xFFFD */ \ + && !((string).pointer[offset+1] == 0xBB /* && . != #xFEFF */ \ + && (string).pointer[offset+2] == 0xBF) \ + && !((string).pointer[offset+1] == 0xBF \ + && ((string).pointer[offset+2] == 0xBE \ + || (string).pointer[offset+2] == 0xBF)))) + +#define IS_PRINTABLE(string) IS_PRINTABLE_AT((string),0) + +/* + * Check if the character at the specified position is NUL. + */ + +#define IS_Z_AT(string,offset) CHECK_AT((string),'\0',(offset)) + +#define IS_Z(string) IS_Z_AT((string),0) + +/* + * Check if the character at the specified position is BOM. + */ + +#define IS_BOM_AT(string,offset) \ + (CHECK_AT((string),'\xEF',(offset)) \ + && CHECK_AT((string),'\xBB',(offset)+1) \ + && CHECK_AT((string),'\xBF',(offset)+2)) /* BOM (#xFEFF) */ + +#define IS_BOM(string) IS_BOM_AT(string,0) + +/* + * Check if the character at the specified position is space. + */ + +#define IS_SPACE_AT(string,offset) CHECK_AT((string),' ',(offset)) + +#define IS_SPACE(string) IS_SPACE_AT((string),0) + +/* + * Check if the character at the specified position is tab. + */ + +#define IS_TAB_AT(string,offset) CHECK_AT((string),'\t',(offset)) + +#define IS_TAB(string) IS_TAB_AT((string),0) + +/* + * Check if the character at the specified position is blank (space or tab). + */ + +#define IS_BLANK_AT(string,offset) \ + (IS_SPACE_AT((string),(offset)) || IS_TAB_AT((string),(offset))) + +#define IS_BLANK(string) IS_BLANK_AT((string),0) + +/* + * Check if the character at the specified position is a line break. + */ + +#define IS_BREAK_AT(string,offset) \ + (CHECK_AT((string),'\r',(offset)) /* CR (#xD)*/ \ + || CHECK_AT((string),'\n',(offset)) /* LF (#xA) */ \ + || (CHECK_AT((string),'\xC2',(offset)) \ + && CHECK_AT((string),'\x85',(offset)+1)) /* NEL (#x85) */ \ + || (CHECK_AT((string),'\xE2',(offset)) \ + && CHECK_AT((string),'\x80',(offset)+1) \ + && CHECK_AT((string),'\xA8',(offset)+2)) /* LS (#x2028) */ \ + || (CHECK_AT((string),'\xE2',(offset)) \ + && CHECK_AT((string),'\x80',(offset)+1) \ + && CHECK_AT((string),'\xA9',(offset)+2))) /* PS (#x2029) */ + +#define IS_BREAK(string) IS_BREAK_AT((string),0) + +#define IS_CRLF_AT(string,offset) \ + (CHECK_AT((string),'\r',(offset)) && CHECK_AT((string),'\n',(offset)+1)) + +#define IS_CRLF(string) IS_CRLF_AT((string),0) + +/* + * Check if the character is a line break or NUL. + */ + +#define IS_BREAKZ_AT(string,offset) \ + (IS_BREAK_AT((string),(offset)) || IS_Z_AT((string),(offset))) + +#define IS_BREAKZ(string) IS_BREAKZ_AT((string),0) + +/* + * Check if the character is a line break, space, or NUL. + */ + +#define IS_SPACEZ_AT(string,offset) \ + (IS_SPACE_AT((string),(offset)) || IS_BREAKZ_AT((string),(offset))) + +#define IS_SPACEZ(string) IS_SPACEZ_AT((string),0) + +/* + * Check if the character is a line break, space, tab, or NUL. + */ + +#define IS_BLANKZ_AT(string,offset) \ + (IS_BLANK_AT((string),(offset)) || IS_BREAKZ_AT((string),(offset))) + +#define IS_BLANKZ(string) IS_BLANKZ_AT((string),0) + +/* + * Determine the width of the character. + */ + +#define WIDTH_AT(string,offset) \ + (((string).pointer[offset] & 0x80) == 0x00 ? 1 : \ + ((string).pointer[offset] & 0xE0) == 0xC0 ? 2 : \ + ((string).pointer[offset] & 0xF0) == 0xE0 ? 3 : \ + ((string).pointer[offset] & 0xF8) == 0xF0 ? 4 : 0) + +#define WIDTH(string) WIDTH_AT((string),0) + +/* + * Move the string pointer to the next character. + */ + +#define MOVE(string) ((string).pointer += WIDTH((string))) + +/* + * Copy a character and move the pointers of both strings. + */ + +#define COPY(string_a,string_b) \ + ((*(string_b).pointer & 0x80) == 0x00 ? \ + (*((string_a).pointer++) = *((string_b).pointer++)) : \ + (*(string_b).pointer & 0xE0) == 0xC0 ? \ + (*((string_a).pointer++) = *((string_b).pointer++), \ + *((string_a).pointer++) = *((string_b).pointer++)) : \ + (*(string_b).pointer & 0xF0) == 0xE0 ? \ + (*((string_a).pointer++) = *((string_b).pointer++), \ + *((string_a).pointer++) = *((string_b).pointer++), \ + *((string_a).pointer++) = *((string_b).pointer++)) : \ + (*(string_b).pointer & 0xF8) == 0xF0 ? \ + (*((string_a).pointer++) = *((string_b).pointer++), \ + *((string_a).pointer++) = *((string_b).pointer++), \ + *((string_a).pointer++) = *((string_b).pointer++), \ + *((string_a).pointer++) = *((string_b).pointer++)) : 0) + +/* + * Stack and queue management. + */ + +YAML_DECLARE(int) +yaml_stack_extend(void **start, void **top, void **end); + +YAML_DECLARE(int) +yaml_queue_extend(void **start, void **head, void **tail, void **end); + +#define STACK_INIT(context,stack,size) \ + (((stack).start = yaml_malloc((size)*sizeof(*(stack).start))) ? \ + ((stack).top = (stack).start, \ + (stack).end = (stack).start+(size), \ + 1) : \ + ((context)->error = YAML_MEMORY_ERROR, \ + 0)) + +#define STACK_DEL(context,stack) \ + (yaml_free((stack).start), \ + (stack).start = (stack).top = (stack).end = 0) + +#define STACK_EMPTY(context,stack) \ + ((stack).start == (stack).top) + +#define PUSH(context,stack,value) \ + (((stack).top != (stack).end \ + || yaml_stack_extend((void **)&(stack).start, \ + (void **)&(stack).top, (void **)&(stack).end)) ? \ + (*((stack).top++) = value, \ + 1) : \ + ((context)->error = YAML_MEMORY_ERROR, \ + 0)) + +#define POP(context,stack) \ + (*(--(stack).top)) + +#define QUEUE_INIT(context,queue,size) \ + (((queue).start = yaml_malloc((size)*sizeof(*(queue).start))) ? \ + ((queue).head = (queue).tail = (queue).start, \ + (queue).end = (queue).start+(size), \ + 1) : \ + ((context)->error = YAML_MEMORY_ERROR, \ + 0)) + +#define QUEUE_DEL(context,queue) \ + (yaml_free((queue).start), \ + (queue).start = (queue).head = (queue).tail = (queue).end = 0) + +#define QUEUE_EMPTY(context,queue) \ + ((queue).head == (queue).tail) + +#define ENQUEUE(context,queue,value) \ + (((queue).tail != (queue).end \ + || yaml_queue_extend((void **)&(queue).start, (void **)&(queue).head, \ + (void **)&(queue).tail, (void **)&(queue).end)) ? \ + (*((queue).tail++) = value, \ + 1) : \ + ((context)->error = YAML_MEMORY_ERROR, \ + 0)) + +#define DEQUEUE(context,queue) \ + (*((queue).head++)) + +#define QUEUE_INSERT(context,queue,index,value) \ + (((queue).tail != (queue).end \ + || yaml_queue_extend((void **)&(queue).start, (void **)&(queue).head, \ + (void **)&(queue).tail, (void **)&(queue).end)) ? \ + (memmove((queue).head+(index)+1,(queue).head+(index), \ + ((queue).tail-(queue).head-(index))*sizeof(*(queue).start)), \ + *((queue).head+(index)) = value, \ + (queue).tail++, \ + 1) : \ + ((context)->error = YAML_MEMORY_ERROR, \ + 0)) + +/* + * Token initializers. + */ + +#define TOKEN_INIT(token,token_type,token_start_mark,token_end_mark) \ + (memset(&(token), 0, sizeof(yaml_token_t)), \ + (token).type = (token_type), \ + (token).start_mark = (token_start_mark), \ + (token).end_mark = (token_end_mark)) + +#define STREAM_START_TOKEN_INIT(token,token_encoding,start_mark,end_mark) \ + (TOKEN_INIT((token),YAML_STREAM_START_TOKEN,(start_mark),(end_mark)), \ + (token).data.stream_start.encoding = (token_encoding)) + +#define STREAM_END_TOKEN_INIT(token,start_mark,end_mark) \ + (TOKEN_INIT((token),YAML_STREAM_END_TOKEN,(start_mark),(end_mark))) + +#define ALIAS_TOKEN_INIT(token,token_value,start_mark,end_mark) \ + (TOKEN_INIT((token),YAML_ALIAS_TOKEN,(start_mark),(end_mark)), \ + (token).data.alias.value = (token_value)) + +#define ANCHOR_TOKEN_INIT(token,token_value,start_mark,end_mark) \ + (TOKEN_INIT((token),YAML_ANCHOR_TOKEN,(start_mark),(end_mark)), \ + (token).data.anchor.value = (token_value)) + +#define TAG_TOKEN_INIT(token,token_handle,token_suffix,start_mark,end_mark) \ + (TOKEN_INIT((token),YAML_TAG_TOKEN,(start_mark),(end_mark)), \ + (token).data.tag.handle = (token_handle), \ + (token).data.tag.suffix = (token_suffix)) + +#define SCALAR_TOKEN_INIT(token,token_value,token_length,token_style,start_mark,end_mark) \ + (TOKEN_INIT((token),YAML_SCALAR_TOKEN,(start_mark),(end_mark)), \ + (token).data.scalar.value = (token_value), \ + (token).data.scalar.length = (token_length), \ + (token).data.scalar.style = (token_style)) + +#define titleVersion_DIRECTIVE_TOKEN_INIT(token,token_major,token_minor,start_mark,end_mark) \ + (TOKEN_INIT((token),YAML_titleVersion_DIRECTIVE_TOKEN,(start_mark),(end_mark)), \ + (token).data.titleVersion_directive.major = (token_major), \ + (token).data.titleVersion_directive.minor = (token_minor)) + +#define TAG_DIRECTIVE_TOKEN_INIT(token,token_handle,token_prefix,start_mark,end_mark) \ + (TOKEN_INIT((token),YAML_TAG_DIRECTIVE_TOKEN,(start_mark),(end_mark)), \ + (token).data.tag_directive.handle = (token_handle), \ + (token).data.tag_directive.prefix = (token_prefix)) + +/* + * Event initializers. + */ + +#define EVENT_INIT(event,event_type,event_start_mark,event_end_mark) \ + (memset(&(event), 0, sizeof(yaml_event_t)), \ + (event).type = (event_type), \ + (event).start_mark = (event_start_mark), \ + (event).end_mark = (event_end_mark)) + +#define STREAM_START_EVENT_INIT(event,event_encoding,start_mark,end_mark) \ + (EVENT_INIT((event),YAML_STREAM_START_EVENT,(start_mark),(end_mark)), \ + (event).data.stream_start.encoding = (event_encoding)) + +#define STREAM_END_EVENT_INIT(event,start_mark,end_mark) \ + (EVENT_INIT((event),YAML_STREAM_END_EVENT,(start_mark),(end_mark))) + +#define DOCUMENT_START_EVENT_INIT(event,event_titleVersion_directive, \ + event_tag_directives_start,event_tag_directives_end,event_implicit,start_mark,end_mark) \ + (EVENT_INIT((event),YAML_DOCUMENT_START_EVENT,(start_mark),(end_mark)), \ + (event).data.document_start.titleVersion_directive = (event_titleVersion_directive), \ + (event).data.document_start.tag_directives.start = (event_tag_directives_start), \ + (event).data.document_start.tag_directives.end = (event_tag_directives_end), \ + (event).data.document_start.implicit = (event_implicit)) + +#define DOCUMENT_END_EVENT_INIT(event,event_implicit,start_mark,end_mark) \ + (EVENT_INIT((event),YAML_DOCUMENT_END_EVENT,(start_mark),(end_mark)), \ + (event).data.document_end.implicit = (event_implicit)) + +#define ALIAS_EVENT_INIT(event,event_anchor,start_mark,end_mark) \ + (EVENT_INIT((event),YAML_ALIAS_EVENT,(start_mark),(end_mark)), \ + (event).data.alias.anchor = (event_anchor)) + +#define SCALAR_EVENT_INIT(event,event_anchor,event_tag,event_value,event_length, \ + event_plain_implicit, event_quoted_implicit,event_style,start_mark,end_mark) \ + (EVENT_INIT((event),YAML_SCALAR_EVENT,(start_mark),(end_mark)), \ + (event).data.scalar.anchor = (event_anchor), \ + (event).data.scalar.tag = (event_tag), \ + (event).data.scalar.value = (event_value), \ + (event).data.scalar.length = (event_length), \ + (event).data.scalar.plain_implicit = (event_plain_implicit), \ + (event).data.scalar.quoted_implicit = (event_quoted_implicit), \ + (event).data.scalar.style = (event_style)) + +#define SEQUENCE_START_EVENT_INIT(event,event_anchor,event_tag, \ + event_implicit,event_style,start_mark,end_mark) \ + (EVENT_INIT((event),YAML_SEQUENCE_START_EVENT,(start_mark),(end_mark)), \ + (event).data.sequence_start.anchor = (event_anchor), \ + (event).data.sequence_start.tag = (event_tag), \ + (event).data.sequence_start.implicit = (event_implicit), \ + (event).data.sequence_start.style = (event_style)) + +#define SEQUENCE_END_EVENT_INIT(event,start_mark,end_mark) \ + (EVENT_INIT((event),YAML_SEQUENCE_END_EVENT,(start_mark),(end_mark))) + +#define MAPPING_START_EVENT_INIT(event,event_anchor,event_tag, \ + event_implicit,event_style,start_mark,end_mark) \ + (EVENT_INIT((event),YAML_MAPPING_START_EVENT,(start_mark),(end_mark)), \ + (event).data.mapping_start.anchor = (event_anchor), \ + (event).data.mapping_start.tag = (event_tag), \ + (event).data.mapping_start.implicit = (event_implicit), \ + (event).data.mapping_start.style = (event_style)) + +#define MAPPING_END_EVENT_INIT(event,start_mark,end_mark) \ + (EVENT_INIT((event),YAML_MAPPING_END_EVENT,(start_mark),(end_mark))) + +/* + * Document initializer. + */ + +#define DOCUMENT_INIT(document,document_nodes_start,document_nodes_end, \ + document_titleVersion_directive,document_tag_directives_start, \ + document_tag_directives_end,document_start_implicit, \ + document_end_implicit,document_start_mark,document_end_mark) \ + (memset(&(document), 0, sizeof(yaml_document_t)), \ + (document).nodes.start = (document_nodes_start), \ + (document).nodes.end = (document_nodes_end), \ + (document).nodes.top = (document_nodes_start), \ + (document).titleVersion_directive = (document_titleVersion_directive), \ + (document).tag_directives.start = (document_tag_directives_start), \ + (document).tag_directives.end = (document_tag_directives_end), \ + (document).start_implicit = (document_start_implicit), \ + (document).end_implicit = (document_end_implicit), \ + (document).start_mark = (document_start_mark), \ + (document).end_mark = (document_end_mark)) + +/* + * Node initializers. + */ + +#define NODE_INIT(node,node_type,node_tag,node_start_mark,node_end_mark) \ + (memset(&(node), 0, sizeof(yaml_node_t)), \ + (node).type = (node_type), \ + (node).tag = (node_tag), \ + (node).start_mark = (node_start_mark), \ + (node).end_mark = (node_end_mark)) + +#define SCALAR_NODE_INIT(node,node_tag,node_value,node_length, \ + node_style,start_mark,end_mark) \ + (NODE_INIT((node),YAML_SCALAR_NODE,(node_tag),(start_mark),(end_mark)), \ + (node).data.scalar.value = (node_value), \ + (node).data.scalar.length = (node_length), \ + (node).data.scalar.style = (node_style)) + +#define SEQUENCE_NODE_INIT(node,node_tag,node_items_start,node_items_end, \ + node_style,start_mark,end_mark) \ + (NODE_INIT((node),YAML_SEQUENCE_NODE,(node_tag),(start_mark),(end_mark)), \ + (node).data.sequence.items.start = (node_items_start), \ + (node).data.sequence.items.end = (node_items_end), \ + (node).data.sequence.items.top = (node_items_start), \ + (node).data.sequence.style = (node_style)) + +#define MAPPING_NODE_INIT(node,node_tag,node_pairs_start,node_pairs_end, \ + node_style,start_mark,end_mark) \ + (NODE_INIT((node),YAML_MAPPING_NODE,(node_tag),(start_mark),(end_mark)), \ + (node).data.mapping.pairs.start = (node_pairs_start), \ + (node).data.mapping.pairs.end = (node_pairs_end), \ + (node).data.mapping.pairs.top = (node_pairs_start), \ + (node).data.mapping.style = (node_style)) + diff --git a/logo_data.h b/logo_data.h new file mode 100644 index 0000000..66ec98a --- /dev/null +++ b/logo_data.h @@ -0,0 +1,29 @@ +#ifndef _LOGO_DATA_H_ +#define _LOGO_DATA_H_ + +static const unsigned char Nintendo_LZ[0x2000] = +{ + 0x11, 0x48, 0x65, 0x00, 0x00, 0x64, 0x61, 0x72, 0x63, 0xFF, 0xFE, 0x1C, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x28, 0x65, 0x00, 0x00, 0x83, 0x30, 0x09, 0x1C, 0x04, 0x00, 0x00, 0x40, 0x20, 0x03, 0x30, 0x13, 0xAB, 0x30, 0x18, 0x15, 0x20, 0x1D, 0x02, 0xA0, 0x0B, 0x06, 0x20, 0x2B, 0x30, 0x18, 0x5A, 0x09, 0x20, 0x35, 0x10, 0x20, 0x39, 0x30, 0x2B, 0xF8, 0x20, 0x41, 0x54, 0x85, 0x30, 0x0B, 0x05, 0x00, 0x00, 0xEC, 0x20, 0x4D, 0x98, 0x30, 0x17, 0xD0, 0x20, 0x28, 0x30, 0x17, 0xDC, 0x30, 0x23, 0x07, 0x00, 0x00, 0xCC, 0x09, 0x0C, 0x00, 0x00, 0x20, 0x20, 0x51, 0x20, 0x14, 0x20, 0x2B, 0xA0, 0x20, 0x0B, 0x64, 0x20, 0x5D, 0x80, 0x20, 0x00, 0x00, 0x4C, 0x99, 0x20, 0x5C, 0xA8, 0x01, 0x50, 0x53, 0x20, 0x22, 0x00, 0xB2, 0x20, 0x75, 0x34, 0xE0, 0x22, 0x20, 0x13, 0x20, 0x74, 0xE2, 0x20, 0x81, 0xA0, 0x25, 0x13, 0x00, 0x00, 0x3C, 0x20, 0x68, 0x12, 0x02, 0x50, 0x77, 0x30, 0x8F, 0x41, 0x1C, 0x20, 0x90, 0x00, 0x36, 0x00, 0x00, 0x28, 0x20, 0xAB, 0x4D, 0x3E, 0x20, 0x9C, 0x80, 0x3A, 0x20, 0x0B, 0x20, 0xAD, 0x60, 0x30, 0x17, 0x54, 0x3C, 0x50, 0x17, 0x82, 0x30, 0x17, 0x40, 0x20, 0x23, 0x08, 0x00, 0x2D, 0x00, 0xA4, 0x30, 0x2F, 0x49, 0x20, 0x67, 0x20, 0xE9, 0xC4, 0x30, 0x3B, 0x56, 0x4A, 0x50, 0x17, 0xDC, 0x30, 0x3B, 0x52, 0x20, 0x47, 0x20, 0xE0, 0xF4, 0xB2, 0x30, 0x53, 0x55, 0x20, 0x53, 0x30, 0xD4, 0x00, 0x2E, 0x21, 0x13, 0x61, 0x02, 0x00, 0x6E, 0x00, 0x69, 0x00, 0x6D, 0x21, 0x1D, 0x4E, 0x82, 0x20, 0x07, 0x6E, 0x00, 0x74, 0x00, 0x65, 0x20, 0x11, 0x64, 0x0A, 0x00, 0x6F, 0x00, 0x4C, 0x20, 0x03, 0x67, 0x20, 0x07, 0x5F, 0x28, 0x00, 0x44, 0x20, 0x03, 0x30, 0x20, 0x01, 0x5F, 0x00, 0x53, 0x20, 0x00, 0x63, 0x40, 0x1F, 0x65, 0x00, 0x4F, 0x00, 0x75, 0xAB, 0x20, 0x2B, 0x41, 0x20, 0x43, 0x62, 0x20, 0x13, 0x6C, 0x40, 0x47, 0x02, 0x50, 0x43, 0x57, 0x42, 0x03, 0x20, 0x43, 0x43, 0x01, 0x80, 0x87, 0x55, 0x03, 0x20, 0xCB, 0x00, 0x90, 0x43, 0x01, 0x90, 0xCB, 0xD7, 0x00, 0x90, 0x87, 0xF0, 0xCB, 0x62, 0x21, 0x5D, 0x79, 0x21, 0x97, 0x01, 0x31, 0xA1, 0x71, 0x8D, 0xEA, 0x00, 0xF0, 0x2F, 0x71, 0x05, 0xD0, 0x2F, 0x74, 0x42, 0x09, 0x67, 0x23, 0x29, 0x33, 0xBD, 0x22, 0x01, 0x73, 0xA2, 0x01, 0xB0, 0x5B, 0x52, 0x2D, 0x00, 0x10, 0x21, 0x31, 0x01, 0x00, 0x21, 0x55, 0x32, 0x01, 0x00, 0x43, 0x33, 0xE0, 0x65, 0x4C, 0x23, 0x71, 0x4D, 0x22, 0xA3, 0x1F, 0x73, 0x00, 0x6B, 0x00, 0x40, 0x85, 0x30, 0x1F, 0x00, 0xB0, 0x17, 0xF0, 0x93, 0xF2, 0xE3, 0x41, 0x5F, 0x20, 0xB5, 0x32, 0x00, 0x38, 0x00, 0x78, 0x23, 0x68, 0x60, 0x34, 0xE0, 0xE1, 0x70, 0x02, 0x43, 0x4C, 0x41, 0x4E, 0xFF, 0x46, 0xFE, 0x23, 0xD0, 0x00, 0x02, 0x02, 0x34, 0x03, 0x33, 0x96, 0x70, 0x1D, 0x61, 0x74, 0x31, 0x23, 0x82, 0x44, 0x3E, 0x34, 0x59, 0x28, 0x33, 0x73, 0x10, 0xFF, 0xFF, 0xFF, 0x34, 0x4C, 0x53, 0x63, 0x65, 0x6E, 0x04, 0x65, 0x4F, 0x75, 0x74, 0x41, 0x24, 0x71, 0x47, 0x5F, 0x0C, 0x41, 0x5F, 0x30, 0x30, 0xA0, 0x4C, 0x40, 0x3B, 0x69, 0x31, 0xCD, 0x33, 0xA3, 0x50, 0x3F, 0x02, 0x00, 0x30, 0x59, 0x34, 0x9D, 0x68, 0x24, 0xA1, 0x00, 0x50, 0x5F, 0x4E, 0x69, 0x6E, 0x4C, 0x6F, 0x67, 0x70, 0x6F, 0xA0, 0x35, 0x34, 0xA0, 0x34, 0xBD, 0x43, 0x4C, 0x56, 0x43, 0x8F, 0x74, 0x3F, 0x00, 0x10, 0x02, 0x40, 0x87, 0x40, 0x0B, 0xD0, 0x5D, 0x20, 0x76, 0x20, 0x7F, 0x43, 0x34, 0xEC, 0x4E, 0x5F, 0x52, 0x6F, 0x6F, 0x73, 0x74, 0xD0, 0x7E, 0x00, 0x70, 0x4B, 0x80, 0x57, 0x00, 0x20, 0x20, 0x3B, 0x50, 0x3F, 0xF8, 0x00, 0x30, 0xFF, 0x34, 0xF7, 0xB0, 0xFF, 0x24, 0xD2, 0x80, 0xFF, 0x00, 0x00, 0x1E, 0xD5, 0x45, 0x4C, 0x70, 0xFF, 0x42, 0x40, 0xFF, 0x42, 0x00, 0x40, 0xFF, 0x9C, 0x80, 0x2D, 0xB2, 0x90, 0xFF, 0x5C, 0x01, 0xE0, 0xFF, 0x90, 0xB3, 0x34, 0xC2, 0x02, 0xD0, 0xF3, 0xC8, 0xFD, 0x20, 0xAA, 0xD0, 0xF3, 0x00, 0x70, 0xFF, 0xF1, 0xFF, 0x31, 0x39, 0x71, 0xFF, 0x65, 0x23, 0x31, 0xC5, 0xB1, 0xFF, 0x31, 0x84, 0x47, 0x5F, 0x43, 0x00, 0x81, 0xFF, 0x0F, 0xE1, 0xFF, 0x99, 0x02, 0x90, 0xFF, 0x12, 0xC3, 0x02, 0x31, 0xF3, 0x92, 0x3F, 0x80, 0xBF, 0x91, 0xF3, 0x7B, 0x60, 0x32, 0xB6, 0x00, 0x80, 0xFF, 0x36, 0xDF, 0x03, 0x32, 0xFF, 0x7C, 0x27, 0x27, 0x53, 0x3F, 0x55, 0x0D, 0x42, 0xFF, 0x48, 0x27, 0x9D, 0xB0, 0x27, 0xA1, 0xA4, 0x27, 0x8D, 0x60, 0x24, 0x27, 0x88, 0x36, 0xCB, 0x30, 0x03, 0x00, 0x00, 0xBC, 0xAD, 0x20, 0x03, 0x24, 0x27, 0xAB, 0x88, 0x37, 0x73, 0x27, 0x94, 0xB0, 0x26, 0xE7, 0x02, 0x74, 0x0A, 0x00, 0x00, 0x78, 0x0B, 0x32, 0xDF, 0x57, 0xF9, 0x00, 0x03, 0x5B, 0x37, 0x32, 0x27, 0x6E, 0x26, 0xB1, 0x33, 0xB7, 0x50, 0x41, 0x83, 0x2F, 0x71, 0x02, 0xF2, 0xE3, 0x73, 0xDB, 0x01, 0x13, 0x07, 0x50, 0x5F, 0x33, 0x00, 0x80, 0x67, 0x77, 0xB8, 0x60, 0x67, 0x20, 0xAA, 0x43, 0xC7, 0x38, 0x63, 0xC7, 0x30, 0x6F, 0x93, 0x9F, 0x53, 0xA0, 0x24, 0x0A, 0xA0, 0x27, 0xA5, 0x80, 0xBE, 0x24, 0x39, 0x23, 0x16, 0x23, 0xA0, 0xC0, 0x48, 0x79, 0x06, 0x02, 0x00, 0x30, 0x37, 0x70, 0x23, 0x00, 0x33, 0x33, 0xB3, 0x3F, 0xFC, 0x2D, 0xEC, 0xBC, 0x8C, 0x70, 0x0B, 0x0A, 0xD7, 0x23, 0x20, 0x0B, 0x30, 0x2F, 0x80, 0x3F, 0xBC, 0x48, 0xA9, 0x07, 0x01, 0xD0, 0x2F, 0xF4, 0x2F, 0xB0, 0x6B, 0x39, 0x0C, 0x40, 0x9D, 0x6F, 0x1C, 0x30, 0x97, 0x61, 0xEF, 0xCC, 0x28, 0x45, 0x30, 0x9B, 0x70, 0xF3, 0x24, 0x87, 0xDC, 0xE4, 0xB9, 0x71, 0x5B, 0x50, 0xF1, 0x5B, 0x29, 0x39, 0xD4, 0x8B, 0x80, 0x41, 0x17, 0xCD, 0xCC, 0xCC, 0x20, 0xEB, 0x20, 0x34, 0x02, 0x00, 0x41, 0x67, 0x00, 0x14, 0xBB, 0xE6, 0x30, 0x7F, 0x30, 0x2F, 0x71, 0x73, 0x44, 0x73, 0xF5, 0x38, 0x01, 0xA0, 0x7F, 0xC1, 0xA3, 0x20, 0x7F, 0x3E, 0x02, 0xD0, 0x7F, 0x52, 0x65, 0x64, 0x01, 0x70, 0xFF, 0xC1, 0xEB, 0x85, 0x45, 0x43, 0xC2, 0xB7, 0x6D, 0xDB, 0x20, 0x7F, 0x8C, 0x25, 0x02, 0x35, 0x20, 0xC1, 0x00, 0xD1, 0x8B, 0xB6, 0x1B, 0x5C, 0xA4, 0x87, 0xB4, 0x41, 0x3B, 0x0B, 0x92, 0x24, 0xE9, 0xC0, 0x60, 0x8B, 0x31, 0x00, 0x32, 0xE7, 0x35, 0x33, 0xD7, 0xF2, 0xE7, 0x92, 0x53, 0xF0, 0x26, 0x82, 0x20, 0x25, 0x1B, 0x90, 0x0B, 0x50, 0x97, 0xFA, 0x34, 0xEF, 0x00, 0x50, 0x97, 0x96, 0x53, 0x30, 0x3B, 0x77, 0x04, 0xAA, 0xF1, 0x17, 0x32, 0xFF, 0x02, 0x13, 0x73, 0x32, 0xF7, 0x50, 0x8B, 0x00, 0x96, 0x7B, 0x33, 0x1B, 0x57, 0x78, 0x00, 0x31, 0x7F, 0x3B, 0x90, 0x9B, 0x57, 0x07, 0x54, 0x53, 0x2A, 0xEE, 0x47, 0x73, 0x4C, 0x37, 0x8B, 0x2B, 0xD9, 0x76, 0x94, 0x63, 0x8B, 0x3B, 0x87, 0x3B, 0xD1, 0x24, 0x4B, 0xD5, 0x00, 0x01, 0x97, 0xC0, 0x1E, 0x39, 0x8E, 0xE3, 0x2B, 0x39, 0x51, 0x5B, 0x5B, 0xFD, 0x01, 0x20, 0x23, 0x03, 0x81, 0xF7, 0x6B, 0x40, 0x41, 0x9E, 0x15, 0x8D, 0xBD, 0x31, 0xA3, 0x1A, 0x9A, 0x99, 0xB9, 0x2B, 0x7D, 0x2C, 0x5A, 0x04, 0x01, 0x10, 0x23, 0x01, 0xAA, 0x01, 0x20, 0x8F, 0x01, 0x01, 0x20, 0x8F, 0x01, 0x00, 0x10, 0x8F, 0xC1, 0x20, 0x8F, 0x3D, 0xD8, 0x60, 0x8F, 0x44, 0x5B, 0x01, 0x00, 0x10, 0x8F, 0x00, 0x00, 0x23, 0x50, 0x5F, 0x42, 0x20, 0x6C, 0x6B, 0x03, 0xE1, 0x63, 0x9A, 0x99, 0x19, 0xC0, 0x0E, 0x3F, 0x74, 0xDA, 0x00, 0xC1, 0x63, 0x00, 0x40, 0x23, 0x04, 0x61, 0x63, 0x00, 0x30, 0x8F, 0xF1, 0x63, 0x00, 0x40, 0x23, 0xEA, 0x03, 0x81, 0x63, 0x00, 0x13, 0xBB, 0x00, 0x32, 0xC7, 0x58, 0x2E, 0x9D, 0x88, 0x66, 0x4F, 0xE8, 0xAB, 0x2E, 0xA9, 0x18, 0x2E, 0x95, 0x48, 0x2E, 0x99, 0x78, 0x62, 0xC7, 0xE3, 0xD3, 0xEF, 0x56, 0x3F, 0x60, 0x0B, 0x52, 0xD3, 0xF0, 0xC2, 0xD3, 0x01, 0xC0, 0x2F, 0x22, 0xDF, 0xD4, 0x33, 0x77, 0x40, 0x68, 0x03, 0x50, 0x0B, 0x52, 0xEB, 0xF0, 0xC2, 0xEB, 0x01, 0xB0, 0x2F, 0x32, 0xF7, 0xFF, 0x01, 0xB0, 0xBF, 0x33, 0x03, 0x01, 0xC0, 0x2F, 0x00, 0x10, 0xBF, 0x45, 0x73, 0x70, 0x0B, 0x53, 0x1B, 0x40, 0xBF, 0xFF, 0x83, 0x1B, 0x01, 0xB0, 0x2F, 0x63, 0x27, 0x03, 0xC1, 0xC3, 0x33, 0x27, 0x75, 0x97, 0x93, 0x33, 0x00, 0x91, 0xC3, 0xFF, 0x01, 0x00, 0x2F, 0x05, 0xE1, 0xC3, 0x00, 0xF0, 0xBF, 0xF1, 0xC3, 0x01, 0x00, 0x2F, 0x05, 0x01, 0xC3, 0x00, 0x16, 0xB7, 0x00, 0x36, 0x4F, 0xF5, 0x35, 0xCC, 0x33, 0x8B, 0x36, 0x53, 0x33, 0x8F, 0xA0, 0x69, 0xE3, 0xD0, 0x6D, 0xAB, 0xFF, 0xE6, 0xCF, 0x59, 0xC7, 0x26, 0x43, 0x00, 0x40, 0x17, 0x26, 0x37, 0xD6, 0xFF, 0x63, 0x57, 0x26, 0x2B, 0xFF, 0x00, 0x30, 0x17, 0x36, 0x1F, 0x00, 0x30, 0x5F, 0x36, 0x13, 0x00, 0x40, 0x17, 0x00, 0x10, 0x5F, 0x48, 0x6B, 0x35, 0xFB, 0xFF, 0x00, 0x30, 0x17, 0x65, 0xEF, 0x03, 0xC1, 0x03, 0x82, 0xC7, 0xE1, 0x03, 0x82, 0xDF, 0x02, 0xE1, 0x03, 0x73, 0x27, 0xF6, 0xF1, 0x03, 0x80, 0x17, 0x01, 0xE1, 0x03, 0x00, 0xFD, 0xDF, 0x54, 0xEC, 0xDF, 0x02, 0x7E, 0xDF, 0x04, 0xEA, 0x2F, 0xA4, 0x5F, 0x0D, 0xDC, 0xDF, 0x50, 0x2F, 0xCC, 0xB8, 0x2F, 0xD0, 0x20, 0xAA, 0x2F, 0xBC, 0xA0, 0x2F, 0xC0, 0x2C, 0x2C, 0xE3, 0xAC, 0x2C, 0xE7, 0x10, 0xA5, 0x2C, 0xDF, 0x74, 0x2C, 0xDF, 0xD8, 0x07, 0x2D, 0x17, 0x09, 0x2C, 0x31, 0xFD, 0x2C, 0xE3, 0x02, 0x9C, 0xDF, 0x3E, 0xCF, 0x00, 0xFC, 0xDF, 0x9E, 0xF3, 0x00, 0xBC, 0xDF, 0x7C, 0xEC, 0xDF, 0x7F, 0x2C, 0x6D, 0x5B, 0xDD, 0x4F, 0x4C, 0xE3, 0x8C, 0xD3, 0xD0, 0x17, 0x9C, 0xBB, 0x00, 0x30, 0x17, 0xFB, 0x00, 0x9F, 0xD3, 0x3F, 0xFD, 0x01, 0x1C, 0x8B, 0x00, 0x0D, 0xE7, 0xC3, 0xA3, 0xA0, 0x81, 0xF3, 0x00, 0x9F, 0xFB, 0xF6, 0x30, 0x23, 0x01, 0x1C, 0x73, 0x03, 0xD0, 0x67, 0x02, 0x7C, 0x5B, 0x70, 0x2B, 0xCB, 0x7C, 0x5B, 0x20, 0xFE, 0x3B, 0xDB, 0x00, 0xEB, 0xC3, 0x3E, 0x67, 0x7F, 0xD7, 0x5B, 0xCF, 0x00, 0xFC, 0x4F, 0x00, 0xDC, 0xDB, 0xF0, 0xFB, 0x2C, 0xCB, 0x80, 0x7F, 0x01, 0x2C, 0xDB, 0x30, 0x2F, 0x7F, 0xFB, 0xC8, 0x2F, 0x03, 0x7C, 0xDB, 0xFF, 0x5B, 0xE7, 0xAC, 0xDB, 0x00, 0x4C, 0x4F, 0x03, 0x3D, 0x67, 0x00, 0x1E, 0x67, 0xDD, 0x67, 0x04, 0x1C, 0x67, 0x41, 0xA3, 0xFF, 0x79, 0x93, 0x9D, 0x43, 0xCC, 0x67, 0x00, 0x60, 0x23, 0xCC, 0x67, 0x31, 0xEB, 0x89, 0x7B, 0x28, 0x2F, 0xFF, 0x00, 0x3C, 0x67, 0x00, 0x50, 0x23, 0xDC, 0x67, 0x00, 0x50, 0x8F, 0xDC, 0x67, 0x00, 0x60, 0x23, 0x00, 0x10, 0x8F, 0x79, 0x4B, 0xF3, 0x30, 0x8F, 0x00, 0x2C, 0x67, 0x00, 0x50, 0x23, 0x04, 0x1C, 0x67, 0x70, 0xC2, 0xA9, 0x33, 0x00, 0x81, 0x63, 0xFF, 0x00, 0x40, 0x23, 0x04, 0x61, 0x63, 0x00, 0x30, 0x8F, 0xF1, 0x63, 0x00, 0x40, 0x23, 0x03, 0x81, 0x63, 0x01, 0x5C, 0x67, 0x01, 0x9F, 0x2F, 0xFF, 0x43, 0xEB, 0x6F, 0x2F, 0x9F, 0x97, 0xDF, 0x2F, 0x00, 0x60, 0x23, 0xCF, 0x2F, 0x34, 0x33, 0x7F, 0x2F, 0xFF, 0x38, 0x2F, 0x00, 0x3F, 0x2F, 0x00, 0x50, 0x23, 0xDF, 0x2F, 0x00, 0x50, 0x8F, 0xDF, 0x2F, 0x00, 0x60, 0x23, 0x00, 0x10, 0x8F, 0xFF, 0x6F, 0x2F, 0x40, 0x8F, 0x00, 0x2F, 0x2F, 0x00, 0x50, 0x23, 0x01, 0x7C, 0x07, 0x01, 0xB1, 0x63, 0x9F, 0x2F, 0x00, 0x91, 0x63, 0xFF, 0x00, 0x40, 0x23, 0x04, 0x61, 0x63, 0x00, 0x30, 0x8F, 0xF1, 0x63, 0x00, 0x40, 0x23, 0x03, 0x81, 0x63, 0x01, 0x5B, 0xA7, 0x01, 0x95, 0x8F, 0xFF, 0x46, 0x27, 0x6F, 0x23, 0x9F, 0xDF, 0xD5, 0x8F, 0x00, 0x60, 0x23, 0xC5, 0x8F, 0x4F, 0xDF, 0x6F, 0x0B, 0xFF, 0x4F, 0xDF, 0x00, 0x25, 0x8F, 0x00, 0x50, 0x23, 0xD5, 0x8F, 0x00, 0x50, 0x8F, 0xD5, 0x8F, 0x00, 0x60, 0x23, 0x00, 0x10, 0x8F, 0xFF, 0x6E, 0xDB, 0x40, 0x8F, 0x00, 0x25, 0x8F, 0x00, 0x50, 0x23, 0x01, 0x7C, 0x07, 0x01, 0xB1, 0x63, 0x9E, 0xC3, 0x00, 0x91, 0x63, 0xFE, 0x00, 0x40, 0x23, 0x04, 0x61, 0x63, 0x00, 0x30, 0x8F, 0xF1, 0x63, 0x00, 0x40, 0x23, 0x03, 0x61, 0x63, 0x00, 0x7C, 0x5F, 0x4C, 0xF1, 0x2C, 0x5C, 0xBC, 0x5F, 0x3E, 0x51, 0x7C, 0x5F, 0x65, 0x00, 0x73, 0xCC, 0x5F, 0x8A, 0x3B, 0x9C, 0x47, 0x5F, 0x43, 0x00, 0x4C, 0x5F, 0xFC, 0x2E, 0xBB, 0x0F, 0xF5, 0x5B, 0x58, 0x4C, 0x5F, 0x3C, 0x82, 0x3B, 0xAB, 0xBC, 0x2F, 0xFF, 0xFC, 0x2F, 0xF8, 0x57, 0x3C, 0x2E, 0xDB, 0x7C, 0x2E, 0xDF, 0xBC, 0x2E, 0xE3, 0x00, 0x3C, 0x47, 0x3E, 0xC7, 0xCB, 0x5E, 0xFB, 0x00, 0x7A, 0x3B, 0x80, 0xBF, 0x9A, 0x3B, 0x60, 0x88, 0xC7, 0x00, 0x3C, 0x2B, 0xDD, 0x00, 0x70, 0x4B, 0x9F, 0x2B, 0xCA, 0x2A, 0xB7, 0x00, 0x9B, 0xCB, 0x01, 0x10, 0x3F, 0xF2, 0xA0, 0x3F, 0xF7, 0x00, 0x1B, 0xA3, 0x01, 0xD0, 0x3F, 0x00, 0x29, 0xEF, 0x01, 0x00, 0xBF, 0x8E, 0x2B, 0x77, 0x70, 0xFF, 0x00, 0x27, 0x67, 0xBB, 0x01, 0x00, 0xFF, 0x24, 0xF0, 0x3F, 0xDF, 0x83, 0x01, 0x01, 0x3F, 0x30, 0x00, 0x8E, 0xBB, 0x5E, 0xBF, 0x2A, 0x59, 0x54, 0x7E, 0xBF, 0xA8, 0x2E, 0xBC, 0x10, 0x2F, 0xFB, 0x6C, 0x19, 0x79, 0x74, 0x31, 0x3E, 0xD1, 0x4A, 0x9E, 0x00, 0xA0, 0x2D, 0xE7, 0x03, 0x70, 0x43, 0x74, 0x78, 0x6C, 0x31, 0x3F, 0xDF, 0x3F, 0xBF, 0x60, 0x04, 0x2F, 0xFF, 0x2D, 0x55, 0x74, 0x65, 0x6E, 0x64, 0x6F, 0x00, 0x5F, 0x31, 0x32, 0x38, 0x78, 0x36, 0x34, 0x2E, 0x05, 0x62, 0x63, 0x6C, 0x69, 0x6D, 0x2F, 0xFF, 0x6D, 0x2E, 0xFB, 0x70, 0x60, 0x62, 0x23, 0x30, 0x4B, 0x4D, 0x7F, 0x4C, 0x6F, 0x67, 0x6F, 0x8D, 0xAE, 0xE9, 0xFF, 0xFF, 0xFF, 0x30, 0x03, 0x00, 0x40, 0x02, 0x15, 0x5F, 0xE0, 0xF0, 0x30, 0x62, 0xAF, 0x72, 0x3E, 0x07, 0x5E, 0x0B, 0x70, 0x61, 0x6E, 0x31, 0x80, 0x3B, 0x4F, 0x01, 0x04, 0xFF, 0x00, 0x52, 0x6F, 0x6F, 0x07, 0x74, 0x50, 0x61, 0x6E, 0x65, 0x00, 0xB0, 0xDF, 0x00, 0x50, 0x47, 0x50, 0xD3, 0x0D, 0x70, 0x61, 0x73, 0x31, 0x3B, 0xA3, 0x70, 0x53, 0x03, 0x20, 0x53, 0x3D, 0x4E, 0x5F, 0x30, 0x55, 0x00, 0x0F, 0x96, 0x01, 0x20, 0x53, 0x4C, 0xD3, 0x42, 0x80, 0x53, 0x09, 0x69, 0x63, 0x31, 0x80, 0x3C, 0x0F, 0x07, 0xFF, 0x00, 0x41, 0x03, 0xF9, 0x7E, 0xE0, 0x2D, 0x5B, 0x82, 0x1F, 0x00, 0x20, 0xEF, 0x2F, 0x63, 0x80, 0x42, 0xF1, 0x2B, 0xE0, 0x71, 0x99, 0xCF, 0x23, 0xC1, 0x27, 0x80, 0x3F, 0x70, 0x61, 0x65, 0xC3, 0x60, 0xDB, 0x50, 0x07, 0x67, 0x72, 0x70, 0x31, 0x3C, 0x97, 0x31, 0x33, 0x0C, 0x47, 0x72, 0x6F, 0x75, 0x3C, 0x8F, 0x7F, 0xE7, 0x67, 0x72, 0xE3, 0x51, 0x07, 0x30, 0x23, 0x34, 0x57, 0x47, 0x5F, 0x41, 0xCF, 0xD3, 0x3F, 0xCF, 0xF1, 0xF1, 0x17, 0xF1, 0xD7, 0x30, 0x5F, 0x3F, 0xDF, 0x47, 0x5F, 0x42, 0xCF, 0x6D, 0xF9, 0x3F, 0xE7, 0x00, 0x90, 0x2B, 0xD4, 0x9F, 0x3F, 0xFB, 0xF1, 0x7F, 0x67, 0x72, 0x50, 0xC7, 0xAB, 0x01, 0x32, 0xBF, 0x3C, 0x22, 0xBC, 0x22, 0x00, 0x02, 0xBF, 0xC8, 0x82, 0xBF, 0x3D, 0x7F, 0x59, 0x07, 0x64, 0xBB, 0x2D, 0x2F, 0xFF, 0x2F, 0x08, 0x00, 0x4F, 0x34, 0xA1, 0xD1, 0x32, 0xF3, 0x2F, 0xFF, 0x78, 0x2F, 0xFB, 0x33, 0x64, 0x73, 0x62, 0xAD, 0xD5, 0x62, 0xD2, 0x80, 0x10, 0x31, 0xF0, 0x10, 0x32, 0xF0, 0x21, 0x33, 0x63, 0x05, 0x38, 0x4C, 0x54, 0x90, 0x3E, 0x30, 0x0B, 0x70, 0x39, 0x4C, 0x54, 0x4D, 0x38, 0x61, 0x73, 0x3C, 0xCC, 0x63, 0x2D, 0x33, 0x2B, 0xA8, 0x06, 0x00, 0x2A, 0x00, 0x0B, 0x2F, 0xFF, 0x38, 0x2F, 0xFF, 0x88, 0x2F, 0xFB, 0x08, 0xAA, 0x2F, 0xF4, 0x88, 0x2F, 0xF8, 0x08, 0x2F, 0xD4, 0x88, 0x2F, 0xD8, 0x4C, 0xA9, 0x2F, 0x10, 0xE8, 0x2F, 0x14, 0xAC, 0x23, 0x74, 0x48, 0x05, 0x2F, 0xD7, 0xDB, 0x20, 0x2F, 0x00, 0x35, 0x47, 0xAA, 0x53, 0x57, 0x00, 0x83, 0x53, 0x02, 0x00, 0xA3, 0x53, 0x00, 0x35, 0x57, 0xB6, 0x00, 0xB3, 0xA3, 0xD5, 0x20, 0xB3, 0x00, 0xB3, 0xA3, 0x40, 0x24, 0x20, 0x30, 0x03, 0x11, 0x86, 0x2F, 0xFB, 0x74, 0x06, 0x00, 0x04, 0x30, 0x03, 0x30, 0x0B, 0x65, 0x1E, 0x06, 0x00, 0x01, 0x30, 0x03, 0x30, 0x17, 0x31, 0x87, 0x5E, 0x03, 0x05, 0x9B, 0x2F, 0x47, 0x4F, 0x5F, 0x31, 0x32, 0x01, 0xB0, 0x7F, 0x01, 0x03, 0xE0, 0x7F, 0xD2, 0xB5, 0x07, 0x00, 0x00, 0x8C, 0x8C, 0x8C, 0x05, 0xA0, 0x7F, 0x00, 0x16, 0x97, 0x00, 0xF1, 0x7F, 0x7C, 0x03, 0x03, 0xC1, 0x7F, 0x00, 0x16, 0xD7, 0x45, 0xA7, 0x2F, 0xB4, 0x00, 0x25, 0xA7, 0x80, 0x3F, 0xB0, 0x23, 0x44, 0x04, 0x25, 0xA3, 0x30, 0x03, 0x06, 0x00, 0x06, 0x06, 0x0C, 0x73, 0x09, 0xED, 0xBE, 0x30, 0x03, 0x3F, 0xFB, 0x3A, 0x57, 0x37, 0xDE, 0x40, 0x30, 0x03, 0xE0, 0x13, 0xC0, 0x30, 0x03, 0x00, 0x75, 0xD3, 0x78, 0x54, 0x00, 0x10, 0x04, 0x00, 0x01, 0x10, 0x04, 0x10, 0x02, 0xA0, 0xA2, 0x37, 0x46, 0xF2, 0x37, 0x26, 0x06, 0x02, 0x05, 0x66, 0xF9, 0x23, 0x33, 0x00, 0x12, 0x43, 0x4D, 0x5F, 0x00, 0x35, 0xB6, 0x00, 0x36, 0x6A, 0x80, 0xEA, 0x23, 0x77, 0x61, 0x05, 0x26, 0x67, 0x30, 0x03, 0x30, 0x8E, 0xE3, 0xBE, 0x30, 0x03, 0xF7, 0xB0, 0xBF, 0xE0, 0x13, 0xC0, 0xBF, 0x50, 0xA7, 0x00, 0x00, 0xC0, 0xA7, 0x00, 0x21, 0x5F, 0xCF, 0x5F, 0x86, 0x01, 0xB1, 0x5F, 0x2F, 0xA1, 0xBD, 0xBF, 0x30, 0x03, 0x3F, 0xF7, 0xCE, 0x1B, 0x95, 0x17, 0x41, 0x30, 0x03, 0xE0, 0x13, 0xC1, 0x30, 0x03, 0x05, 0x21, 0x5F, 0xC3, 0x00, 0x00, 0xC3, 0x01, 0x31, 0x5F, 0x61, 0x0B, 0xB6, 0xBF, 0x30, 0x03, 0xB0, 0xBF, 0xFF, 0xE0, 0x13, 0xC0, 0xBF, 0x02, 0x61, 0x5F, 0xCD, 0xF7, 0x01, 0xB2, 0xBF, 0x3F, 0xF7, 0x50, 0x03, 0x5D, 0xA7, 0xFF, 0x50, 0x03, 0xC0, 0x13, 0x4F, 0xF7, 0x05, 0x22, 0xBF, 0x00, 0x00, 0xC3, 0x01, 0x32, 0xBF, 0x3F, 0xE3, 0x3F, 0xE7, 0xFF, 0xB0, 0xBF, 0xE0, 0x13, 0xC0, 0xBF, 0x01, 0xF2, 0xBF, 0x03, 0x59, 0x73, 0x57, 0x87, 0x00, 0x59, 0x73, 0x00, 0x1C, 0x63, 0xFA, 0x99, 0x1F, 0x40, 0x03, 0x00, 0x79, 0x1F, 0x3F, 0x93, 0xC9, 0x73, 0xA0, 0x4E, 0xC7, 0xF5, 0xC7, 0x00, 0x84, 0xD3, 0x70, 0x53, 0x46, 0x31, 0x32, 0x00, 0x63, 0x2F, 0x58, 0x2F, 0xFA, 0x9F, 0x41, 0x05, 0x4F, 0xF1, 0x00, 0x00, 0xCD, 0xCC, 0x4C, 0x28, 0x36, 0x3F, 0x80, 0x3F, 0x50, 0x07, 0x40, 0x0F, 0x4A, 0x9B, 0x50, 0x07, 0x9F, 0xEC, 0xE0, 0x0B, 0xFB, 0x40, 0x03, 0x00, 0x0A, 0x1B, 0x2A, 0xC3, 0x00, 0xA4, 0xB7, 0x60, 0xFB, 0x20, 0x01, 0xC0, 0xA7, 0x27, 0x62, 0xEC, 0x01, 0x00, 0xA7, 0x8A, 0x1B, 0x81, 0x2F, 0x91, 0x00, 0x84, 0xA3, 0x71, 0x83, 0x10, 0xF4, 0x5D, 0xBF, 0x01, 0xC1, 0x2F, 0x07, 0x04, 0xD1, 0x2F, 0x00, 0x80, 0xA7, 0x01, 0xF1, 0x2F, 0x08, 0x02, 0x41, 0x2F, 0xF7, 0x00, 0x5D, 0x8B, 0xE1, 0xB7, 0xEB, 0xD7, 0x00, 0xD2, 0x5F, 0x09, 0x04, 0xD2, 0x5F, 0x00, 0xB0, 0xA7, 0x01, 0xC3, 0x07, 0x7B, 0x0A, 0x01, 0xE2, 0x5F, 0x92, 0xE7, 0x00, 0x1F, 0xFB, 0x5F, 0xC7, 0xF8, 0x25, 0x6F, 0x3D, 0x07, 0x5A, 0xA0, 0x00, 0x68, 0x1F, 0x10, 0x43, 0xE3, 0x00, 0x5D, 0x03, 0x50, 0x43, 0x83, 0x00, 0x3F, 0x00, 0x44, 0x6D, 0x03, 0x30, 0x0F, 0x3E, 0x2B, 0x30, 0x0F, 0x2D, 0x03, 0x6D, 0x83, 0x3D, 0x03, 0x08, 0x6D, 0x83, 0x00, 0xC3, 0x67, 0x00, 0x70, 0x7F, 0x4D, 0x83, 0x41, 0xFE, 0xAF, 0x7F, 0x01, 0x01, 0x4D, 0x83, 0x00, 0x3E, 0x0B, 0x00, 0x1A, 0xEB, 0x01, 0x94, 0xEB, 0x00, 0x10, 0x87, 0x5F, 0xE9, 0x00, 0xEE, 0x0B, 0xBB, 0x7E, 0x8B, 0x01, 0x50, 0x7F, 0xFA, 0xEB, 0x02, 0xB0, 0x7F, 0x03, 0x8E, 0x8B, 0x9E, 0x7B, 0xDF, 0xFE, 0x9B, 0x00, 0x02, 0x0F, 0x03, 0x3F, 0x13, 0x00, 0x1A, 0xF3, 0x01, 0x91, 0x8F, 0x00, 0x12, 0x0F, 0x2A, 0x3A, 0xAF, 0x04, 0x8F, 0x13, 0xDC, 0x00, 0x2F, 0x13, 0x0C, 0x4F, 0x13, 0xD6, 0xB7, 0xFD, 0x97, 0xFD, 0x57, 0xFF, 0xFC, 0xE7, 0xFC, 0x77, 0xFC, 0x07, 0xFB, 0x97, 0xFA, 0xE3, 0xFA, 0x57, 0xF9, 0xA3, 0xF9, 0x17, 0xDD, 0xF8, 0x63, 0x3F, 0xEF, 0xCC, 0x00, 0x2F, 0xB3, 0x3E, 0x8F, 0x0A, 0x30, 0xCB, 0x2C, 0x41, 0xA7, 0x73, 0x43, 0xCF, 0x1B, 0x37, 0x0D, 0xF8, 0x5F, 0x67, 0x72, 0x56, 0xFF, 0x03, 0x40, 0x02, 0x04, 0x40, 0x00, 0x78, 0x80, 0x80, 0x34, 0x8F, 0x00, 0x00, 0x60, 0x0A, 0x2B, 0xA1, 0x20, 0x0B, 0xEF, 0x80, 0x80, 0xEF, 0xEF, 0x00, 0xFF, 0xF8, 0x0B, 0xBF, 0x70, 0x01, 0xFF, 0xF6, 0x82, 0x8F, 0xA5, 0x20, 0x00, 0x88, 0x40, 0x30, 0x50, 0x27, 0x1C, 0x0F, 0xCF, 0x00, 0x01, 0x30, 0x20, 0x0B, 0x30, 0x03, 0x38, 0x56, 0x4F, 0x99, 0x01, 0x87, 0x00, 0x05, 0xFD, 0xFC, 0x0B, 0x0A, 0x3F, 0xA5, 0x86, 0x3F, 0xA9, 0xFC, 0xFC, 0x0A, 0x0A, 0x30, 0x03, 0x2F, 0xE5, 0x83, 0x09, 0x00, 0x00, 0xF7, 0xF7, 0x3F, 0x30, 0xBF, 0xFF, 0x31, 0x9A, 0xC0, 0x20, 0x0B, 0x20, 0x0F, 0xFF, 0x9F, 0xCF, 0xFF, 0x1F, 0x2F, 0x20, 0xF6, 0x60, 0xAF, 0xD3, 0x81, 0x00, 0x00, 0xF3, 0xF3, 0x49, 0x01, 0x22, 0xD0, 0xCF, 0xFF, 0x30, 0x05, 0xF3, 0xF3, 0x40, 0x03, 0x04, 0x28, 0x00, 0x00, 0x5F, 0x5F, 0x40, 0x5F, 0x88, 0xFE, 0x1C, 0xCA, 0xFF, 0xCC, 0x30, 0x0B, 0x40, 0x0F, 0x7F, 0xEC, 0x88, 0x00, 0x19, 0x88, 0xFF, 0xCC, 0x2F, 0xEC, 0x30, 0x07, 0xCF, 0xFF, 0x22, 0x0E, 0x2E, 0xFC, 0xFC, 0x30, 0x7D, 0x0C, 0x22, 0xE0, 0x30, 0x03, 0x20, 0x1F, 0x06, 0x00, 0xFF, 0xCC, 0x0D, 0x0A, 0x00, 0x30, 0x00, 0x88, 0x3E, 0x60, 0x60, 0x50, 0xE7, 0x3F, 0xFD, 0x30, 0x0B, 0x40, 0x0F, 0x30, 0x3F, 0xCD, 0xC8, 0x20, 0x37, 0x50, 0x47, 0xCC, 0x02, 0x2D, 0xC7, 0x34, 0xFF, 0x33, 0xB5, 0x41, 0x0F, 0x33, 0x30, 0x07, 0x40, 0x3F, 0x0E, 0x30, 0xC7, 0x84, 0x25, 0xEB, 0x7C, 0xF8, 0x4F, 0xF3, 0x2F, 0xBF, 0x50, 0x0B, 0x20, 0x0F, 0x2F, 0x88, 0xAF, 0xFF, 0x60, 0x00, 0x30, 0xE7, 0x5F, 0xF7, 0x8E, 0xBF, 0xFF, 0x0E, 0x1E, 0x28, 0xF7, 0x70, 0x32, 0x84, 0xBF, 0x40, 0xC7, 0x00, 0x82, 0x00, 0x27, 0x00, 0xF4, 0x40, 0xC7, 0x4F, 0x4F, 0x3F, 0xF1, 0x50, 0xD7, 0x30, 0x0B, 0x80, 0x40, 0x0F, 0x80, 0x00, 0x88, 0xF1, 0xE1, 0xFF, 0xEF, 0x86, 0x70, 0x7F, 0xE1, 0xE1, 0x7F, 0x7F, 0x30, 0x03, 0xE0, 0xDF, 0xDC, 0x01, 0x00, 0x15, 0x00, 0x00, 0xEF, 0xFF, 0x05, 0x40, 0x41, 0x89, 0x3F, 0xFA, 0xD3, 0x40, 0xDF, 0x2E, 0xDE, 0xFD, 0xFA, 0x00, 0x0E, 0x2F, 0x9C, 0x2F, 0xD5, 0x07, 0x09, 0x01, 0xAA, 0xDD, 0x21, 0xEB, 0x31, 0xEF, 0x01, 0x01, 0x60, 0x60, 0x25, 0x5F, 0x40, 0x0F, 0xFF, 0x70, 0x00, 0xDE, 0x01, 0xC0, 0x30, 0x0B, 0x39, 0x89, 0xFF, 0xF6, 0x1C, 0xCF, 0x50, 0x00, 0x01, 0xFF, 0xF5, 0x30, 0x31, 0xFF, 0xFF, 0x5C, 0x46, 0xB7, 0x40, 0x50, 0x5F, 0xDF, 0xF5, 0xFF, 0xFF, 0x40, 0x00, 0xEE, 0x70, 0x10, 0xF1, 0xEF, 0x41, 0xFF, 0x2F, 0xFF, 0xFC, 0xFD, 0x0A, 0x0B, 0x30, 0xEB, 0x10, 0x30, 0x88, 0x51, 0xEF, 0x2F, 0x2F, 0x00, 0x00, 0xCA, 0x30, 0x03, 0x51, 0xFF, 0xE6, 0x10, 0x30, 0x0F, 0x2E, 0x2F, 0xFF, 0xF5, 0x40, 0x50, 0x30, 0xC7, 0xF5, 0x40, 0x02, 0x1D, 0xF3, 0xF2, 0x68, 0xDF, 0x20, 0x54, 0x7F, 0xC3, 0xF4, 0x2F, 0xB9, 0x00, 0x00, 0xD4, 0xEE, 0x41, 0xFB, 0xB1, 0xEF, 0x32, 0x0B, 0x4E, 0xB6, 0xBA, 0xF1, 0xEF, 0x20, 0x79, 0x00, 0x1E, 0x00, 0xEB, 0x10, 0x31, 0xFF, 0x34, 0x07, 0x00, 0x01, 0xEF, 0xB1, 0xFF, 0x00, 0x03, 0xEE, 0x11, 0xFF, 0x35, 0xFF, 0x33, 0x30, 0xF7, 0x21, 0xF2, 0x40, 0x33, 0x3F, 0xFF, 0x57, 0xFF, 0x55, 0xFF, 0xEE, 0x11, 0x16, 0xEE, 0x11, 0x55, 0x60, 0x07, 0x06, 0x87, 0x26, 0x51, 0xEF, 0x55, 0x06, 0xFF, 0x04, 0x0D, 0xEE, 0x11, 0x34, 0x61, 0x32, 0x0B, 0xE7, 0x04, 0x10, 0x1E, 0x1E, 0x00, 0x00, 0x30, 0x03, 0xF6, 0x60, 0x40, 0xCF, 0x2F, 0x0E, 0xF6, 0x50, 0x1E, 0x1F, 0x00, 0x00, 0x41, 0x1D, 0xAF, 0xC4, 0x01, 0x1C, 0xF3, 0xF3, 0xCF, 0x21, 0x2C, 0x97, 0x71, 0xEF, 0xF5, 0x50, 0x37, 0xFB, 0xE4, 0x42, 0x0B, 0x30, 0xC7, 0x61, 0xEF, 0x41, 0x6F, 0x7F, 0xF7, 0xE1, 0xF1, 0xAF, 0xFF, 0xD1, 0x20, 0x97, 0xC1, 0x70, 0x7F, 0x9F, 0x73, 0xF9, 0xFB, 0x10, 0x90, 0xFE, 0x20, 0x9D, 0x40, 0x65, 0x30, 0x9F, 0x01, 0xFB, 0xFF, 0x9F, 0x0B, 0x7C, 0xD8, 0x33, 0xB3, 0x2C, 0x8C, 0x06, 0x5B, 0xDA, 0x00, 0x4C, 0xD2, 0x43, 0x4C, 0x49, 0x08, 0x4D, 0xFF, 0xFE, 0x14, 0x2F, 0xFA, 0x02, 0x02, 0x28, 0xC1, 0x29, 0xF7, 0x3B, 0x5D, 0x69, 0x6D, 0x61, 0x67, 0x10, 0x4C, 0x9C, 0x18, 0x10, 0x00, 0x0D, 0x62, 0x33, 0x06, 0xD0, 0x01, 0x20, 0xA0, 0x00, 0x54, 0x71, 0x23, 0xDF, 0xFF, 0x33, 0xBF, 0xC0, 0x2E, 0xCB, 0xC0, 0xC0, 0x07, 0xAF, 0x9F, 0x00, 0x00, 0x9F, 0x20, 0x03, 0x73, 0x97, 0x80, 0x07, 0x81, 0xFF, 0xC0, 0x78, 0x00, 0x02, 0xFF, 0xFC, 0x3E, 0x4F, 0x9B, 0x87, 0x3F, 0xEE, 0x90, 0x90, 0xDF, 0xDF, 0x30, 0x03, 0x01, 0x9D, 0xDF, 0x50, 0x6F, 0xCA, 0x30, 0x6B, 0x40, 0x6F, 0x00, 0xB0, 0x44, 0x93, 0xDF, 0x22, 0x07, 0xD7, 0x3E, 0x00, 0xEE, 0x00, 0x0E, 0xCE, 0x42, 0x17, 0x20, 0x17, 0x70, 0x07, 0x40, 0x6F, 0x80, 0x81, 0x90, 0x6F, 0xC5, 0xFF, 0xCF, 0x7F, 0xDE, 0x00, 0x95, 0x9D, 0xEE, 0xC1, 0x7F, 0x63, 0x53, 0x71, 0x7F, 0x20, 0x71, 0x7F, 0xC2, 0xCF, 0x06, 0xB1, 0x8B, 0x50, 0xB0, 0xA8, 0x42, 0x70, 0x28, 0x4E, 0x2E, 0x06, 0x10, 0x00, 0x43, 0xFD, 0x89, 0x3A, 0xAF, 0x76, 0x00, 0x98, 0x6F, 0xC8, 0xCE, 0x47, 0x2D, 0xA3, 0x08, 0xFF, 0x7A, 0xFF, 0x45, 0x4F, 0xFE, 0xAA, 0x00, 0xBB, 0xA2, 0x4A, 0xCF, 0xBB, 0x50, 0x07, 0xFF, 0x23, 0xEF, 0x42, 0xB3, 0xFF, 0x11, 0x21, 0xFF, 0x53, 0x4F, 0xFF, 0x9A, 0x00, 0x68, 0x4A, 0xEF, 0x41, 0x24, 0x25, 0x1B, 0xFF, 0xAD, 0xFF, 0xFF, 0xC8, 0x3A, 0xFB, 0x68, 0xB3, 0x20, 0x0B, 0x2E, 0xA1, 0xFA, 0x56, 0x77, 0x27, 0xFF, 0x00, 0x7E, 0x4B, 0x85, 0x3F, 0x7B, 0xA7, 0x26, 0x8B, 0x2E, 0x0D, 0xB3, 0xC2, 0x07, 0xC0, 0x0A, 0x21, 0x1C, 0xF6, 0x22, 0xFF, 0x26, 0xC5, 0x86, 0x4F, 0x7F, 0xFD, 0x22, 0xFF, 0x46, 0x32, 0x4F, 0x7A, 0x43, 0xFF, 0x97, 0x6B, 0xE7, 0x37, 0x3B, 0x10, 0x03, 0xE7, 0xF2, 0xF4, 0xFF, 0xFF, 0xFC, 0x2F, 0x94, 0x30, 0x03, 0xA0, 0x9F, 0x9B, 0xDF, 0xAF, 0xA6, 0x0C, 0x09, 0xFF, 0x4F, 0x02, 0x00, 0x00, 0xFF, 0xAD, 0xBF, 0x04, 0x28, 0xFF, 0x00, 0x22, 0x6C, 0x03, 0x07, 0xE0, 0xF8, 0xD6, 0x00, 0xDD, 0x00, 0x48, 0x71, 0xDD, 0xD0, 0x26, 0x03, 0x61, 0xEF, 0x54, 0x00, 0x3D, 0x1D, 0xFF, 0xB8, 0xFF, 0xFE, 0x12, 0x00, 0x00, 0x51, 0x41, 0xEF, 0xFD, 0xA0, 0x97, 0x7F, 0x10, 0x06, 0x00, 0xFE, 0xFC, 0x10, 0xA0, 0x23, 0xF1, 0x6F, 0xFF, 0x2C, 0x01, 0xEF, 0x00, 0x03, 0xFF, 0xFF, 0x1E, 0x8F, 0xA1, 0x1B, 0x50, 0xEF, 0x21, 0x1F, 0xAF, 0x05, 0x94, 0x99, 0xA1, 0xF2, 0x00, 0x00, 0x70, 0xF2, 0x20, 0x03, 0x85, 0x89, 0x40, 0xD7, 0x37, 0xFF, 0x01, 0xBE, 0x88, 0x4D, 0xAF, 0x58, 0x00, 0x23, 0x4F, 0x7B, 0x64, 0xFF, 0xA7, 0x8B, 0x47, 0xE7, 0xDC, 0xFF, 0xED, 0x79, 0xA0, 0xDE, 0x28, 0x80, 0x30, 0xD2, 0x22, 0xCC, 0xFF, 0x50, 0xCF, 0x21, 0x00, 0x32, 0x42, 0xDF, 0x33, 0x47, 0x00, 0x26, 0x52, 0x73, 0x30, 0xFB, 0x3F, 0xB3, 0x40, 0x04, 0x63, 0x3F, 0x4C, 0x12, 0x38, 0x27, 0x7A, 0xEF, 0x35, 0x94, 0x72, 0xEF, 0x8E, 0xFF, 0x0B, 0xFF, 0x2F, 0x05, 0x4D, 0x2F, 0xCA, 0x6B, 0x03, 0xE4, 0x0C, 0x00, 0xB5, 0xFF, 0x74, 0x40, 0x29, 0xD4, 0x07, 0x55, 0xFF, 0x08, 0xC0, 0x7F, 0x91, 0x4A, 0x8B, 0x99, 0x00, 0x7E, 0x99, 0x5F, 0xB7, 0x5A, 0x97, 0x8F, 0xC7, 0x70, 0x17, 0x60, 0x1F, 0x8F, 0xE7, 0x56, 0x1B, 0xFF, 0x55, 0x01, 0x37, 0x97, 0x90, 0x1F, 0x78, 0x4F, 0xFF, 0x27, 0xC0, 0x9B, 0x4A, 0x27, 0x97, 0xFF, 0x2A, 0xA7, 0x27, 0x85, 0x35, 0x26, 0xBF, 0x24, 0x07, 0x88, 0x3F, 0xFF, 0x8B, 0xFF, 0x03, 0x44, 0x10, 0xC6, 0x00, 0xFF, 0x68, 0xD4, 0x80, 0x5F, 0x3F, 0xF0, 0x17, 0x9F, 0xF5, 0xEF, 0xFF, 0x07, 0x66, 0xCF, 0x45, 0x6F, 0x2B, 0x77, 0x3E, 0xEF, 0x3B, 0x7D, 0xAF, 0xF5, 0x30, 0x22, 0x20, 0xFB, 0x5F, 0x87, 0xF3, 0xF9, 0xF8, 0x90, 0x3F, 0x31, 0x4C, 0xB7, 0x22, 0x97, 0x00, 0x75, 0x85, 0xBF, 0x2F, 0xFF, 0xAF, 0x0D, 0x08, 0xFF, 0x9E, 0xFF, 0x45, 0x4F, 0x79, 0xA9, 0x00, 0x9A, 0xA2, 0x45, 0xBF, 0x89, 0x55, 0xA7, 0xFF, 0x22, 0xFF, 0x3E, 0x9F, 0x00, 0x0A, 0xFF, 0x75, 0xFF, 0xDA, 0x4F, 0xE3, 0x23, 0x35, 0xB7, 0x5E, 0x83, 0x8A, 0x8F, 0xFF, 0xFF, 0x7F, 0x8F, 0x52, 0x23, 0x0C, 0x0D, 0x92, 0x31, 0xEF, 0xE1, 0xEF, 0xE1, 0xFF, 0x7F, 0xC7, 0x02, 0x2D, 0x07, 0x30, 0x03, 0xF0, 0x0F, 0x01, 0x1D, 0xA6, 0x83, 0x45, 0x3E, 0x00, 0xFB, 0xB0, 0xFF, 0xFF, 0x25, 0x13, 0x4C, 0x5F, 0x9D, 0x5F, 0xFB, 0xF2, 0xD0, 0x28, 0x8B, 0x25, 0x31, 0x77, 0x11, 0x0D, 0xA5, 0x1B, 0xC1, 0x96, 0x44, 0x2D, 0x69, 0xFB, 0x01, 0x07, 0xF8, 0xF2, 0x86, 0x45, 0x04, 0x0E, 0x50, 0x00, 0x2F, 0x3F, 0x2C, 0x87, 0xE5, 0xFF, 0x09, 0xFF, 0x20, 0x00, 0xFA, 0x2D, 0xB1, 0x0D, 0x6F, 0x76, 0x87, 0x0E, 0x18, 0xEF, 0x00, 0x38, 0x77, 0x77, 0xC2, 0x5F, 0xAE, 0x4B, 0x6B, 0x1E, 0xFF, 0x01, 0xAF, 0x47, 0xCF, 0x4C, 0x6F, 0x26, 0x89, 0x00, 0x3E, 0x67, 0x3A, 0xE5, 0x0D, 0xB4, 0x2F, 0x04, 0xF1, 0xFF, 0x7F, 0xEB, 0xA0, 0xB0, 0x2C, 0x0D, 0xF4, 0x79, 0x7C, 0x0E, 0x00, 0x60, 0xFB, 0xFF, 0x28, 0x32, 0x00, 0xB0, 0x01, 0x24, 0x07, 0x4F, 0x3C, 0x08, 0x2F, 0x2C, 0x6F, 0x2E, 0xDD, 0xBD, 0xFE, 0xDB, 0x59, 0x00, 0xD8, 0xAD, 0x5E, 0x97, 0xA5, 0x37, 0x87, 0x61, 0x00, 0x17, 0x9F, 0x38, 0x93, 0x40, 0x96, 0x9E, 0xA5, 0x7D, 0xDF, 0xFE, 0x28, 0xAF, 0xD0, 0xE1, 0x39, 0xF1, 0x1A, 0x27, 0x87, 0xD8, 0x2F, 0xF7, 0x2F, 0xE3, 0x3F, 0x2B, 0x55, 0x98, 0xBE, 0x04, 0x07, 0xFF, 0x34, 0xFF, 0x08, 0x4F, 0x09, 0x0E, 0x13, 0xFF, 0x20, 0x4A, 0xBF, 0x22, 0x00, 0x47, 0x22, 0xC3, 0xEF, 0xDE, 0xFF, 0xDD, 0x55, 0x42, 0x60, 0x17, 0x30, 0x1F, 0x80, 0x49, 0x23, 0xFF, 0xED, 0xFF, 0x00, 0x31, 0x00, 0x95, 0xC9, 0x7A, 0xDB, 0x60, 0x37, 0xEE, 0x12, 0x2F, 0x61, 0x50, 0xFD, 0xDA, 0x11, 0x09, 0xFF, 0xBD, 0xFF, 0x69, 0x45, 0xE7, 0x14, 0x6B, 0x9B, 0x0F, 0x0D, 0x8E, 0x5E, 0x01, 0x9F, 0x6C, 0x52, 0x00, 0x1C, 0x2A, 0x35, 0x2E, 0xEF, 0x89, 0x2F, 0x03, 0xAD, 0x00, 0x47, 0x5A, 0x6F, 0xFD, 0x74, 0x4F, 0x9F, 0x1E, 0xB9, 0xFF, 0xDC, 0x4F, 0xFF, 0x28, 0x6C, 0x2B, 0xB2, 0x4F, 0x57, 0xBB, 0x6A, 0xFF, 0x2B, 0xAA, 0x2D, 0x64, 0x10, 0x60, 0xB7, 0x32, 0x35, 0xDC, 0x10, 0x15, 0x00, 0xB4, 0xEC, 0x2F, 0xD7, 0xF9, 0x7B, 0x78, 0xEF, 0x68, 0x9F, 0x10, 0x8B, 0xFF, 0x25, 0xAB, 0x8F, 0x6D, 0xFF, 0x8F, 0x02, 0x5F, 0x00, 0x3F, 0xCD, 0x6C, 0x01, 0xEC, 0xAC, 0xCE, 0x7F, 0x2E, 0xAB, 0xDE, 0x7F, 0x68, 0x7F, 0xC0, 0x9D, 0x2E, 0x04, 0x0E, 0x88, 0xFF, 0xEF, 0xEF, 0x8A, 0xAF, 0x8E, 0x00, 0x47, 0x24, 0xDD, 0x78, 0xDD, 0x77, 0x33, 0x11, 0x01, 0x33, 0x11, 0x8D, 0x7D, 0x13, 0x13, 0x7D, 0x20, 0x03, 0xBF, 0x8A, 0xBF, 0x77, 0x50, 0x17, 0x70, 0x07, 0xFF, 0x49, 0x30, 0x2B, 0xB0, 0x2F, 0xF0, 0x0F, 0xB7, 0x01, 0xB9, 0x7F, 0xA8, 0x6D, 0xEA, 0x7F, 0x7F, 0x10, 0x6F, 0x7F, 0x27, 0xB0, 0x04, 0xA1, 0x00, 0xA0, 0x0D, 0xB0, 0x01, 0x02, 0x60, 0xED, 0x61, 0xFF, 0x2C, 0xFF, 0xBE, 0x35, 0xFF, 0xF0, 0x3E, 0xB7, 0x00, 0xC0, 0xFF, 0x19, 0x00, 0x21, 0x1D, 0x01, 0x28, 0xFA, 0x18, 0xCC, 0xFF, 0x3A, 0x3B, 0x92, 0x40, 0x3F, 0x17, 0xFF, 0x6B, 0x8D, 0x27, 0x4C, 0x84, 0xFF, 0xE9, 0xBD, 0xB9, 0x3C, 0xB8, 0xFD, 0x23, 0x34, 0xE2, 0x30, 0x62, 0x4C, 0xDA, 0x40, 0x13, 0xF7, 0xFF, 0xF1, 0x20, 0x03, 0xEF, 0x08, 0xFF, 0xE8, 0xFF, 0xE0, 0x20, 0x03, 0xE1, 0xFF, 0xD9, 0x38, 0xFF, 0xD3, 0x50, 0x95, 0x2E, 0xE1, 0x21, 0x87, 0x57, 0xFF, 0x86, 0x34, 0xFF, 0xD1, 0x93, 0x69, 0x30, 0x41, 0xFA, 0x31, 0x9F, 0xAC, 0xFF, 0x44, 0xC7, 0x41, 0xA5, 0xD9, 0xFF, 0xE4, 0x50, 0x5B, 0xF6, 0xFF, 0x41, 0xF2, 0x20, 0x5D, 0xFB, 0xFF, 0xEE, 0xFF, 0xEA, 0x2F, 0x23, 0x54, 0xF5, 0x20, 0x05, 0xE4, 0x23, 0x97, 0xEA, 0x2E, 0x2E, 0xDA, 0xFF, 0x10, 0xDB, 0xFF, 0xD5, 0x2C, 0x6E, 0xC6, 0xFF, 0xD0, 0xFF, 0x05, 0xCB, 0xFF, 0xC1, 0xFF, 0xBC, 0x27, 0xE7, 0xE1, 0x20, 0x11, 0x41, 0xD2, 0x24, 0x7A, 0xDA, 0xFF, 0xCD, 0xFF, 0xCA, 0x20, 0x19, 0x04, 0xC1, 0xFF, 0xB7, 0xFF, 0xB3, 0x20, 0xFE, 0xBA, 0xFF, 0x14, 0xAF, 0xFF, 0xAB, 0x05, 0xD1, 0xFF, 0x5F, 0x62, 0x6D, 0x03, 0xFF, 0x51, 0x29, 0x20, 0xC2, 0xC2, 0xE1, 0x7F, 0x05, 0xFF, 0x9F, 0x22, 0x8D, 0x5B, 0x07, 0x21, 0x61, 0xA7, 0x20, 0x9A, 0x5F, 0xE9, 0x8A, 0xD9, 0x48, 0x38, 0x99, 0x50, 0xFE, 0x41, 0x01, 0xF7, 0x25, 0x34, 0xEA, 0xFF, 0xE0, 0x8D, 0xA2, 0xD1, 0x73, 0xF6, 0x80, 0x27, 0xF7, 0xFF, 0xEB, 0x25, 0x56, 0xE0, 0xA8, 0x21, 0x1D, 0xE9, 0x21, 0x25, 0xDE, 0x2F, 0x4A, 0xD4, 0xFF, 0xD3, 0x28, 0xFF, 0xC9, 0x2F, 0x52, 0xD3, 0x2B, 0x3D, 0xC9, 0xFF, 0xC8, 0xA8, 0x25, 0x49, 0xBD, 0x21, 0x07, 0xFC, 0x27, 0x46, 0xF0, 0xFF, 0xE6, 0xA2, 0x20, 0x2D, 0xE2, 0x25, 0x9E, 0xD5, 0xFF, 0xE3, 0x21, 0x95, 0xD6, 0xAA, 0x2D, 0xB0, 0xD0, 0x20, 0x21, 0xC3, 0x25, 0x10, 0xDA, 0x21, 0x3B, 0xCD, 0x28, 0xFF, 0xC5, 0x21, 0x4D, 0xC4, 0x25, 0x7B, 0xB6, 0xFF, 0xBF, 0x80, 0x21, 0x3D, 0xB2, 0xFF, 0xAB, 0xFF, 0xB0, 0xFF, 0xA9, 0x0A, 0xFF, 0xA3, 0xFF, 0x9C, 0x21, 0x51, 0xC0, 0x22, 0x4A, 0xB5, 0xA8, 0x21, 0x53, 0xAE, 0x21, 0xA8, 0xA2, 0x21, 0x59, 0xAA, 0xFF, 0xA8, 0xA0, 0x20, 0xC8, 0xA0, 0x2F, 0xE0, 0x95, 0xFF, 0x8C, 0xFF, 0xA6, 0x80, 0x2B, 0x49, 0x9A, 0xFF, 0x92, 0xFF, 0x96, 0xFF, 0x8F, 0xA8, 0x25, 0x33, 0x84, 0x20, 0x05, 0x87, 0x22, 0x2C, 0x7C, 0xFF, 0x7F, 0x2A, 0xFF, 0x79, 0x2B, 0x43, 0x6E, 0x22, 0x86, 0xB8, 0x20, 0x4B, 0xAA, 0x8C, 0x20, 0x53, 0xAD, 0xFF, 0xA4, 0x21, 0x00, 0x30, 0x53, 0x96, 0xFF, 0x54, 0x90, 0x2B, 0xFF, 0x92, 0x20, 0xFC, 0x85, 0x20, 0x4B, 0xA4, 0xFF, 0x41, 0x9B, 0x20, 0x3D, 0xA0, 0xFF, 0x9D, 0xFF, 0x93, 0x20, 0x17, 0x04, 0x8D, 0xFF, 0x89, 0xFF, 0x80, 0x20, 0x3F, 0x86, 0xFF, 0x50, 0x83, 0x20, 0x41, 0x76, 0x20, 0x0D, 0x83, 0xFF, 0x7D, 0xFF, 0x14, 0x77, 0xFF, 0x7E, 0x20, 0x4F, 0x72, 0x25, 0x87, 0x72, 0xFF, 0x04, 0x6C, 0xFF, 0x67, 0xFF, 0x62, 0x40, 0x03, 0x5C, 0xFF, 0x00, 0x58, 0xFF, 0x74, 0xFF, 0x70, 0xFF, 0x69, 0xFF, 0x50, 0x65, 0x25, 0xA1, 0x6A, 0x20, 0x15, 0x5F, 0xFF, 0x5E, 0xFF, 0x04, 0x5A, 0xFF, 0x53, 0xFF, 0x50, 0x22, 0x6C, 0x54, 0xFF, 0x14, 0x4D, 0xFF, 0x4A, 0x00, 0xD3, 0xFF, 0x16, 0x24, 0x1D, 0x6B, 0xFF, 0x6A, 0x15, 0x22, 0x66, 0x72, 0xD7, 0x85, 0x2F, 0xA8, 0xED, 0x5F, 0x95, 0xF9, 0xAA, 0x2E, 0xCE, 0xF0, 0x94, 0x3F, 0x75, 0x21, 0xBF, 0xD5, 0x84, 0x4D, 0x3D, 0xD5, 0x2F, 0xD0, 0xAF, 0xAC, 0xFD, 0x22, 0xFB, 0xE8, 0x26, 0x3B, 0xE0, 0x2F, 0xE7, 0x55, 0xF8, 0x2F, 0x06, 0xF1, 0x23, 0x03, 0xD9, 0x23, 0x01, 0xD3, 0x21, 0x7F, 0x55, 0xF0, 0x28, 0xC8, 0xE6, 0x21, 0x77, 0xD6, 0x23, 0x0F, 0xCC, 0x22, 0xD1, 0x55, 0xDD, 0x21, 0x89, 0xD5, 0x22, 0xBF, 0xC3, 0x22, 0xF6, 0xBB, 0x22, 0xB1, 0x55, 0xBF, 0x21, 0x61, 0xB5, 0x22, 0xB1, 0xA8, 0x21, 0x59, 0x9F, 0x22, 0xBB, 0x55, 0xAB, 0x21, 0x69, 0xA2, 0x21, 0x5F, 0x95, 0x2D, 0x23, 0x8C, 0x42, 0xD5, 0x5A, 0xD2, 0x21, 0x9F, 0xBF, 0x21, 0x95, 0x30, 0x1B, 0xCB, 0x27, 0x21, 0xC4, 0xAA, 0x21, 0xA7, 0xB0, 0x21, 0x9D, 0xA9, 0x21, 0x9F, 0xA6, 0x21, 0x7D, 0x9E, 0xAB, 0x21, 0x7F, 0x8F, 0x23, 0xA2, 0x87, 0x21, 0x77, 0x96, 0x26, 0xB9, 0x30, 0x0B, 0x51, 0x7F, 0x21, 0x19, 0x78, 0x21, 0x7F, 0x9E, 0xFF, 0x94, 0x20, 0x01, 0x45, 0x8A, 0x26, 0xCF, 0x82, 0xFF, 0x81, 0x20, 0x11, 0x8B, 0x20, 0x05, 0x62, 0x82, 0x20, 0x19, 0x30, 0x1B, 0x6E, 0xFF, 0x66, 0x21, 0xA5, 0x71, 0xA2, 0x21, 0x41, 0x68, 0x21, 0x3D, 0x63, 0xFF, 0x60, 0x21, 0x3B, 0x66, 0xA0, 0x21, 0x41, 0x5E, 0x2D, 0xBD, 0x57, 0xFF, 0x51, 0xFF, 0x4F, 0x2A, 0xFF, 0x48, 0x21, 0xC5, 0x70, 0x20, 0x21, 0x68, 0x80, 0x17, 0x6A, 0xAA, 0x20, 0x25, 0x63, 0x21, 0x63, 0x57, 0x20, 0x1D, 0x50, 0x20, 0x1F, 0x55, 0x20, 0xFF, 0x4E, 0x20, 0x01, 0x46, 0xFF, 0x47, 0xFF, 0x40, 0x0A, 0xFF, 0x3F, 0xFF, 0x39, 0x20, 0x07, 0x3F, 0x20, 0x09, 0x39, 0xA2, 0x20, 0x09, 0x32, 0x20, 0x01, 0x2C, 0xFF, 0x5D, 0x23, 0xF6, 0x53, 0xC0, 0x20, 0x23, 0x30, 0x03, 0x49, 0xFF, 0x44, 0xFF, 0x4B, 0xFF, 0x10, 0x45, 0xFF, 0x42, 0x21, 0x3E, 0x40, 0xFF, 0x3C, 0xFF, 0x05, 0x38, 0xFF, 0x34, 0xFF, 0x4A, 0x20, 0x39, 0x41, 0x21, 0x4E, 0x50, 0x43, 0x20, 0x05, 0x3B, 0x20, 0x11, 0x38, 0xFF, 0x35, 0xFF, 0x00, 0x31, 0xFF, 0x2E, 0xFF, 0x33, 0xFF, 0x30, 0xFF, 0x55, 0x2B, 0x23, 0x46, 0x3B, 0x20, 0x0F, 0x33, 0x20, 0x0F, 0x30, 0x24, 0xD2, 0x05, 0x2A, 0xFF, 0x26, 0xFF, 0x2D, 0x2B, 0x94, 0x27, 0x2D, 0xA5, 0x01, 0x23, 0xFF, 0x20, 0xFF, 0x1E, 0xFF, 0x1B, 0x23, 0x68, 0x50, 0x26, 0x40, 0x0B, 0x24, 0x2D, 0xB9, 0x1E, 0xFF, 0x1C, 0xFF, 0x05, 0x1D, 0xFF, 0x1A, 0xFF, 0x18, 0x21, 0xD2, 0x18, 0x24, 0xB8, 0x15, 0x13, 0xFF, 0x12, 0x33, 0x8B, 0x00, 0x20, 0x36, 0xD2, 0x6B, 0xF6, 0xB5, 0x34, 0x85, 0x00, 0x24, 0x87, 0x64, 0xB3, 0xFA, 0x2C, 0x0B, 0xEA, 0x24, 0x61, 0x55, 0xE4, 0x24, 0x57, 0xCC, 0x24, 0x59, 0xC6, 0x27, 0xFF, 0xDF, 0x24, 0x75, 0x52, 0xDA, 0x24, 0x5F, 0xC1, 0x24, 0x4D, 0xBC, 0x00, 0x22, 0xB6, 0x00, 0xC5, 0x23, 0x56, 0x43, 0x7B, 0xFE, 0xFF, 0xF2, 0x34, 0xA5, 0x00, 0x23, 0x4E, 0xAA, 0x24, 0xFD, 0xED, 0x2A, 0x35, 0xEA, 0x2C, 0x67, 0xD5, 0x24, 0xE9, 0xD2, 0xAA, 0x24, 0x91, 0xB7, 0x24, 0x8F, 0xB2, 0x29, 0x02, 0xCD, 0x24, 0xA5, 0xCA, 0xAA, 0x25, 0x7E, 0xAF, 0x24, 0x81, 0xAB, 0x25, 0x86, 0xB0, 0x23, 0x01, 0xAA, 0xAA, 0x23, 0x4B, 0x96, 0x23, 0x4D, 0x90, 0x23, 0x5B, 0xA4, 0x23, 0x09, 0x9F, 0xAA, 0x2E, 0xFF, 0x8A, 0x23, 0x35, 0x85, 0x22, 0xED, 0x7D, 0x22, 0xE9, 0x77, 0xAA, 0x22, 0xDB, 0x67, 0x22, 0xD9, 0x62, 0x22, 0xE7, 0x72, 0x23, 0x39, 0x6D, 0xAA, 0x22, 0xE3, 0x5C, 0x22, 0xE5, 0x57, 0x23, 0x6B, 0x9A, 0x23, 0x37, 0x96, 0xAA, 0x23, 0x17, 0x80, 0x23, 0x19, 0x7C, 0x23, 0x77, 0x93, 0x23, 0x29, 0x90, 0xAA, 0x25, 0x4A, 0x79, 0x23, 0x21, 0x76, 0x22, 0xFF, 0x6A, 0x23, 0x01, 0x65, 0xAA, 0x24, 0x7A, 0x53, 0x22, 0xF9, 0x50, 0x28, 0xA9, 0x62, 0x23, 0x09, 0x5F, 0xAA, 0x25, 0x6C, 0x4D, 0x23, 0x01, 0x4A, 0x21, 0x7F, 0x53, 0x25, 0x78, 0x4E, 0xA2, 0x21, 0x77, 0x42, 0x21, 0x79, 0x3D, 0xFF, 0x52, 0x21, 0x85, 0x4E, 0xAA, 0x21, 0x87, 0x40, 0x21, 0x7D, 0x3C, 0x21, 0x7F, 0x3A, 0x21, 0x69, 0x35, 0xAA, 0x21, 0x6F, 0x2D, 0x25, 0xA4, 0x28, 0x2E, 0xFD, 0x30, 0x21, 0x65, 0x2C, 0xAA, 0x41, 0x53, 0x1E, 0x21, 0x61, 0x1B, 0x21, 0x9F, 0x41, 0x21, 0xDD, 0x3D, 0xAA, 0x21, 0xAB, 0x31, 0x21, 0x99, 0x2D, 0x21, 0xA7, 0x3B, 0x21, 0xAF, 0x38, 0xAA, 0x21, 0x9F, 0x2B, 0x21, 0xA1, 0x29, 0x24, 0xE8, 0x23, 0x21, 0x95, 0x20, 0xAA, 0x21, 0x77, 0x18, 0x21, 0x79, 0x15, 0x21, 0x87, 0x1E, 0x2F, 0x43, 0x1C, 0xAA, 0x21, 0x83, 0x13, 0x23, 0x5E, 0x12, 0x2F, 0x4F, 0x1D, 0x40, 0x1B, 0x19, 0x8A, 0x23, 0x6C, 0x14, 0xFF, 0x11, 0x26, 0x72, 0x14, 0x23, 0x76, 0x11, 0xA8, 0x20, 0x09, 0x0E, 0x20, 0x01, 0x0B, 0x21, 0xA3, 0x10, 0xFF, 0x0F, 0x20, 0xFF, 0x0D, 0x40, 0x03, 0x0B, 0xFF, 0x0A, 0xFF, 0x0C, 0xAA, 0x20, 0x03, 0x09, 0x25, 0x24, 0x08, 0x25, 0x28, 0x06, 0x25, 0x32, 0x13, 0xAA, 0x20, 0x1D, 0x10, 0x20, 0x1F, 0x0C, 0x20, 0x15, 0x0A, 0x25, 0x3C, 0x0F, 0xAB, 0x20, 0x33, 0x0D, 0x20, 0x27, 0x08, 0x20, 0x1D, 0x07, 0x25, 0x52, 0x50, 0x25, 0x56, 0x04, 0x20, 0x01, 0x03, 0x25, 0x76, 0x02, 0x80, 0x07, 0x50, 0x01, 0x01, 0xAC, 0x00, 0xB9, 0x7F, 0x20, 0x2C, 0x1D, 0x03, 0x04, 0xE9, 0x7F, 0x10, 0x04, 0x80, 0x59, 0x30, 0xC2, 0x30, 0xFE, 0xE2, 0x2C, 0x3A, 0x3A, 0x46, 0x20, 0xF8, 0xE9, 0xFF, 0x0C, 0x00, 0x95, 0x00, 0xDC, 0x00, 0x3E, 0x2E, 0x03, 0x1F, 0xA9, 0x80, 0xF2, 0x18, 0x00, 0x10, 0xF9, 0x38, 0xEF, 0x4F, 0x02, 0x50, 0x90, 0xFF, 0x1F, 0xFF, 0xC0, 0xD0, 0x00, 0xDE, 0x98, 0xBF, 0x1B, 0xCB, 0xFF, 0x2F, 0x23, 0xF2, 0x7F, 0xE2, 0x4B, 0xFF, 0x01, 0xCF, 0x27, 0x10, 0x5B, 0x20, 0x2B, 0x10, 0x00, 0x11, 0x49, 0x71, 0x11, 0xFD, 0x60, 0x07, 0xF9, 0x7E, 0x70, 0x17, 0x0B, 0x10, 0x1F, 0x3A, 0x6E, 0x0C, 0xBA, 0x5C, 0x40, 0x41, 0xCD, 0x00, 0x30, 0xE3, 0xFF, 0x20, 0xF9, 0xB7, 0xFF, 0xFF, 0x00, 0xAF, 0xCF, 0x03, 0xD1, 0xF8, 0xFF, 0x7F, 0xFE, 0x00, 0xFF, 0x0C, 0x05, 0x06, 0x00, 0x00, 0x50, 0x00, 0x00, 0x00, 0x90, 0x80, 0xED, 0xFF, 0xEE, 0xFF, 0x79, 0x0A, 0x00, 0x77, 0x00, 0xEE, 0x20, 0x07, 0x77, 0x20, 0x07, 0x00, 0x01, 0xAA, 0x00, 0x07, 0xFF, 0xFF, 0x3F, 0xCF, 0x2B, 0x90, 0x06, 0xA5, 0x00, 0x00, 0xF9, 0xF8, 0x70, 0x17, 0x80, 0x1F, 0x4A, 0x00, 0x00, 0xA0, 0x6F, 0x6F, 0xF0, 0x30, 0x00, 0x9B, 0x07, 0x00, 0x00, 0xEF, 0x23, 0x00, 0x80, 0x37, 0x80, 0x3F, 0xEA, 0x05, 0x8B, 0x00, 0x30, 0x1F, 0x80, 0xE8, 0xAB, 0x59, 0xF7, 0x59, 0x00, 0x60, 0x3F, 0x3B, 0xFC, 0xE0, 0x6B, 0xF2, 0x00, 0xE0, 0x5F, 0x00, 0x90, 0x7F, 0xA2, 0x00, 0x6A, 0xF4, 0xF3, 0x2A, 0x9F, 0x8F, 0x90, 0xBF, 0xDE, 0x20, 0xDF, 0x97, 0xDC, 0x48, 0x01, 0x00, 0x20, 0x10, 0x7B, 0xFF, 0x02, 0xAF, 0xFC, 0x30, 0x20, 0xFF, 0xFA, 0x39, 0xE3, 0x4E, 0xFF, 0x00, 0x04, 0x00, 0x00, 0x65, 0x50, 0x01, 0xA9, 0x88, 0x05, 0x04, 0xFF, 0x02, 0xF6, 0x1E, 0x8F, 0xB0, 0x50, 0xEF, 0x00, 0x4A, 0x9F, 0x01, 0x4B, 0x05, 0x08, 0x3C, 0x8F, 0x70, 0x90, 0x21, 0xCF, 0x70, 0xA1, 0xFA, 0x41, 0x45, 0x0C, 0xFF, 0xEF, 0x02, 0x00, 0x20, 0xC5, 0x2A, 0xD9, 0x80, 0x80, 0x80, 0x30, 0x03, 0xFF, 0xFE, 0x05, 0x0B, 0xF8, 0xE1, 0x6F, 0x81, 0x2B, 0x97, 0x80, 0x90, 0x00, 0x05, 0x60, 0x00, 0x2F, 0x66, 0x00, 0xB6, 0xFF, 0xFF, 0x25, 0x06, 0x06, 0x1F, 0xF8, 0x08, 0xF8, 0x9F, 0xF8, 0xF7, 0x2F, 0x73, 0x06, 0x07, 0xBB, 0x90, 0x21, 0x06, 0xD0, 0x40, 0x3B, 0xBB, 0xB8, 0x00, 0x6F, 0x6F, 0x00, 0x70, 0xF0, 0x6F, 0x6F, 0xE0, 0xE0, 0x68, 0xDF, 0x02, 0x50, 0xA0, 0xDF, 0xDF, 0x90, 0x90, 0x20, 0x0B, 0xF0, 0x08, 0x4B, 0x00, 0xB0, 0x00, 0x20, 0x0B, 0xA0, 0x9B, 0x00, 0x00, 0x70, 0x00, 0x89, 0xFF, 0xB6, 0x8D, 0xFF, 0xFF, 0x00, 0x04, 0x03, 0xAD, 0xFD, 0x23, 0x2F, 0xF3, 0xF3, 0x24, 0x9F, 0xAF, 0x20, 0x0B, 0x04, 0xBB, 0x2D, 0xB5, 0xF3, 0xF3, 0x00, 0xAF, 0xBF, 0xB2, 0x00, 0x8B, 0x00, 0xE8, 0xB0, 0x00, 0xFF, 0xEF, 0xC0, 0xC0, 0xFF, 0xFF, 0x49, 0x10, 0x0C, 0x81, 0xFD, 0x90, 0xC1, 0x2B, 0x9B, 0x20, 0x0B, 0x90, 0x00, 0x00, 0xBB, 0x00, 0xA0, 0x21, 0xFF, 0xFF, 0x01, 0x00, 0x00, 0xB3, 0x00, 0xCC, 0x07, 0x7C, 0xFA, 0x68, 0xAC, 0x00, 0xFB, 0x89, 0x00, 0x0A, 0x95, 0xFA, 0x5F, 0x48, 0x00, 0xF8, 0xF9, 0x03, 0x06, 0x72, 0xFA, 0xBD, 0x21, 0x00, 0x9D, 0x01, 0x17, 0x0D, 0xF9, 0xF9, 0x01, 0x00, 0x00, 0xB7, 0x00, 0x58, 0xDF, 0xDB, 0xD8, 0x4F, 0x3F, 0x00, 0x30, 0x20, 0x3A, 0xFF, 0x00, 0x03, 0xFF, 0xFF, 0x01, 0x38, 0x6A, 0x4F, 0x4F, 0x20, 0x30, 0x3B, 0x2E, 0x19, 0x04, 0xFF, 0xFF, 0x4A, 0x0B, 0xBB, 0x2E, 0x18, 0x70, 0xFA, 0x00, 0xCC, 0x5E, 0xFF, 0xFF, 0x09, 0x08, 0xFA, 0xFA, 0x00, 0x8F, 0x8F, 0xF3, 0xF3, 0x8F, 0x7F, 0xFF, 0xFC, 0x00, 0x08, 0x3D, 0x91, 0x00, 0xDD, 0x00, 0xF3, 0xF9, 0x00, 0x8F, 0x9F, 0xBA, 0x00, 0x6B, 0x00, 0x00, 0xB0, 0x00, 0xC7, 0xAF, 0xF4, 0xF7, 0x6F, 0x7F, 0xDC, 0x70, 0x00, 0x19, 0xDF, 0x30, 0x30, 0xFF, 0xFF, 0xF5, 0xC0, 0x00, 0x6F, 0x9F, 0x10, 0x00, 0xD8, 0x00, 0x30, 0x60, 0x01, 0xFF, 0xEF, 0xDB, 0x12, 0x2A, 0x00, 0x31, 0x2E, 0x70, 0x20, 0x09, 0x0C, 0x34, 0xF2, 0xFF, 0xFE, 0x00, 0x10, 0xFD, 0x22, 0xFF, 0x09, 0x5B, 0xEB, 0x40, 0x40, 0xB0, 0x20, 0x2B, 0xFF, 0x0D, 0x9F, 0x1E, 0x08, 0x09, 0x20, 0x1F, 0xAE, 0x7F, 0x05, 0x09, 0xE4, 0x31, 0x08, 0x40, 0x00, 0xFF, 0xE4, 0x3F, 0x49, 0x9F, 0xFF, 0x02, 0x07, 0xBF, 0xFA, 0x30, 0xFF, 0xC8, 0x00, 0x0F, 0x49, 0x23, 0xFC, 0x24, 0x02, 0x7F, 0xEE, 0x24, 0x02, 0x40, 0x07, 0x00, 0x05, 0xFA, 0x60, 0x17, 0x70, 0x1F, 0x00, 0x05, 0xFA, 0x09, 0x90, 0x1F, 0x60, 0x87, 0xD0, 0xBF, 0x55, 0xFA, 0x20, 0xFB, 0xF9, 0xFF, 0xFF, 0x02, 0x8C, 0xAF, 0x03, 0xFF, 0x5E, 0x04, 0x10, 0x16, 0x4D, 0xE6, 0x43, 0x02, 0x4C, 0x49, 0x4D, 0xFF, 0xFE, 0x14, 0x2F, 0xFF, 0x02, 0x30, 0x02, 0x28, 0x26, 0xF7, 0x38, 0x90, 0x69, 0x6D, 0x61, 0x67, 0xA8, 0x37, 0x02, 0x80, 0x27, 0xBE, 0x0D, 0x67, 0x0F, 0x2B, 0xEA, 0x91, 0x00, 0xE1, 0x95, 0x34, 0xA7, 0x5B, 0x58, 0x01, 0xAD, 0x00, 0x9B, 0xEF, 0x2F, 0x93, 0x39, 0x5F, 0x2E, 0x47, 0x00, 0x1A, 0x26, 0x38, 0x61, 0xA5, 0x72, 0xFA, 0x4F, 0x00, 0xFE, 0x8B, 0x89, 0x49, 0xE9, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 +}; + +static const unsigned char Nintendo_LicensedBy_LZ[0x2000] = +{ + 0x11, 0x48, 0x65, 0x00, 0x00, 0x64, 0x61, 0x72, 0x63, 0xFF, 0xFE, 0x1C, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x28, 0x65, 0x00, 0x00, 0x83, 0x30, 0x09, 0x32, 0x04, 0x00, 0x00, 0x60, 0x20, 0x03, 0x30, 0x13, 0xAB, 0x30, 0x18, 0x15, 0x20, 0x1D, 0x02, 0xA0, 0x0B, 0x06, 0x20, 0x2B, 0x30, 0x18, 0x5A, 0x09, 0x20, 0x35, 0x10, 0x20, 0x39, 0x30, 0x2B, 0xF8, 0x20, 0x41, 0x54, 0x85, 0x30, 0x0B, 0x05, 0x00, 0x00, 0xEC, 0x20, 0x4D, 0x98, 0x30, 0x17, 0xD0, 0x20, 0x28, 0x30, 0x17, 0xDC, 0x30, 0x23, 0x07, 0x00, 0x00, 0xCC, 0x09, 0x0C, 0x00, 0x00, 0x20, 0x20, 0x51, 0x40, 0x14, 0x20, 0x2B, 0xA0, 0x20, 0x0B, 0x64, 0x20, 0x5D, 0xA0, 0x20, 0x00, 0x00, 0x4C, 0x99, 0x20, 0x5C, 0xA8, 0x01, 0x50, 0x53, 0x20, 0x22, 0x00, 0xB2, 0x30, 0x75, 0x0A, 0x23, 0x00, 0x00, 0xB4, 0x20, 0x74, 0xE2, 0x20, 0x81, 0xC0, 0x09, 0x25, 0x00, 0x00, 0x3C, 0x20, 0x68, 0x12, 0x02, 0x50, 0x77, 0xA0, 0x30, 0x8F, 0x1C, 0x20, 0x90, 0x00, 0x36, 0x00, 0x00, 0x28, 0xA6, 0x20, 0xAB, 0x3E, 0x20, 0x9C, 0x80, 0x3A, 0x20, 0x0B, 0x20, 0xAD, 0x60, 0xAA, 0x30, 0x17, 0x3C, 0x50, 0x17, 0x82, 0x30, 0x17, 0x40, 0x20, 0x23, 0x08, 0x16, 0x00, 0x00, 0xA4, 0x30, 0x2F, 0x49, 0x20, 0x67, 0x20, 0xE9, 0xC4, 0xAB, 0x30, 0x3B, 0x4A, 0x50, 0x17, 0xDC, 0x30, 0x3B, 0x52, 0x20, 0x47, 0x20, 0xE0, 0x59, 0xF4, 0x30, 0x53, 0x55, 0x20, 0x53, 0x30, 0xD4, 0x00, 0x2E, 0x21, 0x13, 0x01, 0x61, 0x00, 0x6E, 0x00, 0x69, 0x00, 0x6D, 0x21, 0x1D, 0x41, 0x4E, 0x20, 0x07, 0x6E, 0x00, 0x74, 0x00, 0x65, 0x20, 0x11, 0x05, 0x64, 0x00, 0x6F, 0x00, 0x4C, 0x20, 0x03, 0x67, 0x20, 0x07, 0x14, 0x5F, 0x00, 0x44, 0x20, 0x03, 0x30, 0x20, 0x01, 0x5F, 0x00, 0x10, 0x53, 0x00, 0x63, 0x40, 0x1F, 0x65, 0x00, 0x4F, 0x00, 0x55, 0x75, 0x20, 0x2B, 0x41, 0x20, 0x43, 0x62, 0x20, 0x13, 0x6C, 0x40, 0x47, 0xAB, 0x02, 0x50, 0x43, 0x42, 0x03, 0x20, 0x43, 0x43, 0x01, 0x80, 0x87, 0x55, 0x03, 0x20, 0xCB, 0x00, 0x90, 0x43, 0xEB, 0x01, 0x90, 0xCB, 0x00, 0x90, 0x87, 0xF0, 0xCB, 0x62, 0x21, 0x5D, 0x79, 0x21, 0x97, 0x01, 0x31, 0xA1, 0xF5, 0x71, 0x8D, 0x00, 0xF0, 0x2F, 0x71, 0x05, 0xD0, 0x2F, 0x74, 0x42, 0x09, 0x67, 0x23, 0x29, 0x5E, 0x33, 0x22, 0x01, 0x73, 0xA2, 0x01, 0xB0, 0x5B, 0x52, 0x2D, 0x00, 0x10, 0x21, 0x31, 0xAA, 0x01, 0x00, 0x21, 0x32, 0x01, 0x00, 0x43, 0x33, 0xE0, 0x65, 0x4C, 0x23, 0x71, 0x4D, 0x8F, 0x22, 0xA3, 0x73, 0x00, 0x6B, 0x00, 0x40, 0x85, 0x30, 0x1F, 0x00, 0xB0, 0x17, 0xF0, 0x93, 0xAA, 0xF2, 0xE3, 0x5F, 0x22, 0xE5, 0x69, 0x62, 0xD3, 0x73, 0x22, 0xF9, 0x64, 0xA8, 0x22, 0x8D, 0x79, 0x22, 0xF1, 0x31, 0x20, 0xAB, 0x38, 0x00, 0x78, 0xB0, 0x23, 0x7E, 0x34, 0xE0, 0xF7, 0x00, 0x10, 0x02, 0x43, 0x4C, 0x41, 0x4E, 0x23, 0xFF, 0xFE, 0x23, 0xF0, 0x00, 0x02, 0x02, 0x34, 0x23, 0x33, 0xB6, 0x0E, 0x70, 0x61, 0x74, 0x31, 0x23, 0xA2, 0x44, 0x5E, 0x34, 0x79, 0x28, 0x88, 0x33, 0x93, 0xFF, 0xFF, 0xFF, 0x34, 0x6C, 0x53, 0x63, 0x65, 0x02, 0x6E, 0x65, 0x4F, 0x75, 0x74, 0x41, 0x24, 0x91, 0x47, 0x04, 0x5F, 0x41, 0x5F, 0x30, 0x30, 0xD0, 0x56, 0x70, 0x61, 0x33, 0x69, 0x31, 0x33, 0xC3, 0x50, 0x3F, 0x02, 0x00, 0x30, 0x59, 0x34, 0xBD, 0x40, 0x68, 0x24, 0xC1, 0x50, 0x5F, 0x4E, 0x69, 0x6E, 0x4C, 0x1C, 0x6F, 0x67, 0x6F, 0xA0, 0x35, 0x34, 0xC0, 0x34, 0xDD, 0x43, 0x4C, 0x23, 0x56, 0x43, 0x74, 0x5F, 0x00, 0x10, 0x02, 0x40, 0x87, 0x40, 0x0B, 0xC8, 0xD0, 0x5D, 0x20, 0x76, 0x7F, 0x43, 0x35, 0x0C, 0x4E, 0x5F, 0x52, 0x1C, 0x6F, 0x6F, 0x74, 0xD0, 0x7E, 0x00, 0x70, 0x4B, 0x80, 0x57, 0x00, 0x20, 0xFE, 0x20, 0x3B, 0x50, 0x3F, 0x00, 0x30, 0xFF, 0x35, 0x17, 0xB0, 0xFF, 0x24, 0xF2, 0x80, 0xFF, 0x00, 0x35, 0x00, 0x1E, 0x45, 0x6C, 0x70, 0xFF, 0x42, 0x40, 0xFF, 0x42, 0x00, 0x40, 0xFF, 0x6C, 0x9C, 0x80, 0x2D, 0x90, 0xFF, 0x5C, 0x01, 0xE0, 0xFF, 0x90, 0xB3, 0x34, 0xC2, 0xBE, 0x02, 0xD0, 0xF3, 0xC8, 0x20, 0xAA, 0xD0, 0xF3, 0x01, 0x71, 0xFF, 0x31, 0x39, 0x71, 0xFF, 0x65, 0xE2, 0x23, 0x51, 0xB1, 0xFF, 0x31, 0x84, 0x47, 0x5F, 0x43, 0x00, 0x81, 0xFF, 0x0F, 0xCC, 0xE1, 0xFF, 0x02, 0x90, 0xFF, 0x12, 0xC3, 0x02, 0x31, 0xF3, 0x92, 0x3F, 0x80, 0xBF, 0xBD, 0x91, 0xF3, 0x60, 0x32, 0xB6, 0x00, 0x82, 0xFF, 0x36, 0xFF, 0x03, 0x32, 0xFF, 0x7C, 0x27, 0x47, 0xAA, 0x53, 0x3F, 0x0D, 0x42, 0xFF, 0x48, 0x27, 0xBD, 0xB0, 0x27, 0xC1, 0xA4, 0xB0, 0x27, 0xAD, 0x24, 0x27, 0xA8, 0x36, 0xEB, 0x30, 0x03, 0x00, 0x00, 0x56, 0xBC, 0x20, 0x03, 0x24, 0x27, 0xCB, 0x88, 0x37, 0x93, 0x27, 0xB4, 0xB0, 0x81, 0x27, 0x07, 0x74, 0x0A, 0x00, 0x00, 0x78, 0x0B, 0x32, 0xDF, 0x7C, 0x57, 0x00, 0x03, 0x5B, 0x37, 0x52, 0x27, 0x8E, 0x26, 0xD1, 0x33, 0xB7, 0x50, 0x41, 0xB8, 0x83, 0x2F, 0x02, 0xF2, 0xE3, 0x73, 0xDB, 0x01, 0x13, 0x07, 0x50, 0x5F, 0x33, 0xBB, 0x00, 0x80, 0x67, 0xB8, 0x60, 0x67, 0x20, 0xAA, 0x43, 0xC7, 0x38, 0x63, 0xC7, 0x30, 0x6F, 0xA9, 0x93, 0x9F, 0xA0, 0x24, 0x0A, 0xA0, 0x27, 0xC5, 0x80, 0xBE, 0x24, 0x39, 0x91, 0x23, 0x16, 0xA0, 0xC0, 0x48, 0x99, 0x06, 0x02, 0x00, 0x30, 0x37, 0x80, 0x70, 0x23, 0x33, 0x33, 0xB3, 0x3F, 0xFC, 0x2D, 0xEC, 0x46, 0xBC, 0x70, 0x0B, 0x0A, 0xD7, 0x23, 0x20, 0x0B, 0x30, 0x2F, 0x80, 0x5E, 0x3F, 0x48, 0xC9, 0x07, 0x01, 0xD0, 0x2F, 0xF4, 0x2F, 0xB0, 0x6B, 0x39, 0x2C, 0x40, 0x37, 0x9D, 0x1C, 0x30, 0x97, 0x61, 0xEF, 0xCC, 0x28, 0x65, 0x30, 0x9B, 0x70, 0xF3, 0xEE, 0x24, 0x87, 0xE4, 0xB9, 0x71, 0x5B, 0x50, 0xF1, 0x5B, 0x29, 0x59, 0xD4, 0x8B, 0x80, 0x0B, 0x41, 0xCD, 0xCC, 0xCC, 0x20, 0xEB, 0x20, 0x34, 0x02, 0x00, 0x41, 0x67, 0xF3, 0x00, 0x14, 0xBB, 0x30, 0x7F, 0x30, 0x2F, 0x71, 0x73, 0x44, 0x73, 0xF5, 0x38, 0x01, 0xA0, 0x7F, 0x51, 0xC1, 0x20, 0x7F, 0x3E, 0x02, 0xD0, 0x7F, 0x52, 0x65, 0x64, 0x01, 0x70, 0xFF, 0xC2, 0xC1, 0xEB, 0x45, 0x43, 0xC2, 0xB7, 0x6D, 0xDB, 0x20, 0x7F, 0x8C, 0x9A, 0x25, 0x02, 0x20, 0xC1, 0x00, 0xD1, 0x8B, 0xB6, 0x72, 0x5C, 0xA4, 0x87, 0xB4, 0x85, 0x41, 0x3B, 0x92, 0x24, 0xE9, 0xC0, 0x60, 0x8B, 0x31, 0x00, 0x32, 0xE7, 0xEB, 0x35, 0x33, 0xF2, 0xE7, 0x92, 0x53, 0xF0, 0x26, 0x82, 0x20, 0x25, 0x1B, 0x90, 0x0B, 0xFD, 0x50, 0x97, 0x34, 0xEF, 0x00, 0x50, 0x97, 0x96, 0x53, 0x30, 0x3B, 0x77, 0x0E, 0xAA, 0xF1, 0x17, 0x7F, 0x32, 0x02, 0x13, 0x73, 0x32, 0xF7, 0x50, 0x8B, 0x00, 0x96, 0x7B, 0x33, 0x1B, 0x57, 0x82, 0x00, 0x31, 0x7F, 0xCD, 0x3B, 0xB0, 0x57, 0x07, 0x54, 0x53, 0x2B, 0x0E, 0x47, 0x73, 0x4C, 0x37, 0x8B, 0xBB, 0x2B, 0xF9, 0x94, 0x63, 0x8B, 0x3B, 0xA7, 0x3B, 0xF1, 0x24, 0x4B, 0xF5, 0x00, 0x01, 0x97, 0x0F, 0xC0, 0x39, 0x8E, 0xE3, 0x2B, 0x59, 0x51, 0x5B, 0x5C, 0x1D, 0x01, 0x20, 0x23, 0x40, 0x03, 0xF7, 0x6B, 0x40, 0x41, 0x9E, 0x15, 0x8D, 0xBD, 0x8D, 0x31, 0xA3, 0x9A, 0x99, 0xB9, 0x2B, 0x9D, 0x2C, 0x7A, 0x04, 0x01, 0x10, 0x23, 0x55, 0x01, 0x01, 0x20, 0x8F, 0x01, 0x01, 0x20, 0x8F, 0x01, 0x00, 0x10, 0x8F, 0xC1, 0x20, 0x8F, 0x6C, 0x3D, 0x60, 0x8F, 0x44, 0x5B, 0x01, 0x00, 0x10, 0x8F, 0x00, 0x00, 0x23, 0x50, 0x5F, 0x10, 0x42, 0x6C, 0x6B, 0x03, 0xE1, 0x63, 0x9A, 0x99, 0x19, 0xC0, 0x1F, 0x0E, 0x74, 0xDA, 0x00, 0xC1, 0x63, 0x00, 0x40, 0x23, 0x04, 0x61, 0x63, 0x00, 0x30, 0x8F, 0xF1, 0x63, 0xF5, 0x00, 0x40, 0x23, 0x03, 0x81, 0x63, 0x00, 0x13, 0xBB, 0x00, 0x32, 0xC7, 0x58, 0x2E, 0xBD, 0x88, 0x66, 0x4F, 0x55, 0xE8, 0x2E, 0xC9, 0x18, 0x2E, 0xB5, 0x48, 0x2E, 0xB9, 0x78, 0x62, 0xC7, 0xF7, 0xE3, 0xD3, 0x56, 0x3F, 0x60, 0x0B, 0x52, 0xD3, 0xF0, 0xC2, 0xD3, 0x01, 0xC0, 0x2F, 0x22, 0xDF, 0xBB, 0xD4, 0x33, 0x40, 0x68, 0x03, 0x50, 0x0B, 0x52, 0xEB, 0xF0, 0xC2, 0xEB, 0x01, 0xB0, 0x2F, 0xFF, 0x32, 0xF7, 0x01, 0xB0, 0xBF, 0x33, 0x03, 0x01, 0xC0, 0x2F, 0x00, 0x10, 0xBF, 0x45, 0x73, 0x70, 0x0B, 0x53, 0x1B, 0xFF, 0x40, 0xBF, 0x83, 0x1B, 0x01, 0xB0, 0x2F, 0x63, 0x27, 0x03, 0xC1, 0xC3, 0x33, 0x27, 0x75, 0x97, 0x93, 0x33, 0xFF, 0x00, 0x91, 0xC3, 0x01, 0x00, 0x2F, 0x05, 0xE1, 0xC3, 0x00, 0xF0, 0xBF, 0xF1, 0xC3, 0x01, 0x00, 0x2F, 0x05, 0x01, 0xC3, 0x00, 0x16, 0xB7, 0xFA, 0x00, 0x36, 0x4F, 0x35, 0xCC, 0x33, 0x8B, 0x36, 0x53, 0x33, 0x8F, 0xA0, 0x69, 0xE3, 0xD0, 0xFF, 0x6D, 0xAB, 0xE6, 0xCF, 0x59, 0xC7, 0x26, 0x43, 0x00, 0x40, 0x17, 0x26, 0x37, 0xD6, 0xFF, 0x63, 0x57, 0xFF, 0x26, 0x2B, 0x00, 0x30, 0x17, 0x36, 0x1F, 0x00, 0x30, 0x5F, 0x36, 0x13, 0x00, 0x40, 0x17, 0x00, 0x10, 0x5F, 0x48, 0x6B, 0xFF, 0x35, 0xFB, 0x00, 0x30, 0x17, 0x65, 0xEF, 0x03, 0xC1, 0x03, 0x82, 0xC7, 0xE1, 0x03, 0x82, 0xDF, 0x02, 0xE1, 0x03, 0xFB, 0x73, 0x27, 0xF1, 0x03, 0x80, 0x17, 0x01, 0xE1, 0x03, 0x00, 0xFF, 0xDF, 0x54, 0xEC, 0xDF, 0x02, 0x7E, 0xDF, 0x75, 0x04, 0x2F, 0xA4, 0x5F, 0x0D, 0xDC, 0xDF, 0x50, 0x2F, 0xCC, 0xB8, 0x2F, 0xD0, 0x55, 0x20, 0x2F, 0xBC, 0xA0, 0x2F, 0xC0, 0x2C, 0x2C, 0xE3, 0xAC, 0x2C, 0xE7, 0x52, 0x10, 0x2C, 0xDF, 0x74, 0x2C, 0xDF, 0xD8, 0x07, 0x2D, 0x17, 0x09, 0xFE, 0x2C, 0x31, 0x2C, 0xE3, 0x02, 0x9C, 0xDF, 0x3E, 0xCF, 0x00, 0xFC, 0xDF, 0x9E, 0xF3, 0x00, 0xBC, 0xDF, 0x7C, 0xBF, 0xEC, 0xDF, 0x2C, 0x6D, 0x5B, 0xDD, 0x4F, 0x4C, 0xE3, 0x8C, 0xD3, 0xD0, 0x17, 0x9C, 0xBB, 0xFD, 0x00, 0x30, 0x17, 0x00, 0x9F, 0xD3, 0x3F, 0xFD, 0x01, 0x1C, 0x8B, 0x00, 0x0D, 0xE7, 0xC3, 0xA3, 0xA0, 0x81, 0xF3, 0xFB, 0x00, 0x9F, 0xFB, 0x30, 0x23, 0x01, 0x1C, 0x73, 0x03, 0xD0, 0x67, 0x02, 0x7C, 0x5B, 0x70, 0x2B, 0xCB, 0x7C, 0x5B, 0x7F, 0x20, 0x3B, 0xDB, 0x00, 0xEB, 0xC3, 0x3E, 0x67, 0x7F, 0xD7, 0x5B, 0xCF, 0x00, 0xFC, 0x4F, 0x00, 0xDC, 0xDB, 0x7D, 0xF0, 0x2C, 0xCB, 0x80, 0x7F, 0x01, 0x2C, 0xDB, 0x30, 0x2F, 0x7F, 0xFB, 0xC8, 0x2F, 0x03, 0xFF, 0x7C, 0xDB, 0x5B, 0xE7, 0xAC, 0xDB, 0x00, 0x4C, 0x4F, 0x03, 0x3D, 0x67, 0x00, 0x1E, 0x67, 0xDD, 0x67, 0x04, 0x1C, 0x67, 0xFF, 0x41, 0xA3, 0x79, 0x93, 0x9D, 0x43, 0xCC, 0x67, 0x00, 0x60, 0x23, 0xCC, 0x67, 0x31, 0xEB, 0x89, 0x7B, 0xFF, 0x28, 0x2F, 0x00, 0x3C, 0x67, 0x00, 0x50, 0x23, 0xDC, 0x67, 0x00, 0x50, 0x8F, 0xDC, 0x67, 0x00, 0x60, 0x23, 0x00, 0x10, 0x8F, 0xF9, 0x79, 0x4B, 0x30, 0x8F, 0x00, 0x2C, 0x67, 0x00, 0x50, 0x23, 0x04, 0x1C, 0x67, 0x70, 0xC2, 0xA9, 0x33, 0xFF, 0x00, 0x81, 0x63, 0x00, 0x40, 0x23, 0x04, 0x61, 0x63, 0x00, 0x30, 0x8F, 0xF1, 0x63, 0x00, 0x40, 0x23, 0x03, 0x81, 0x63, 0x01, 0x5C, 0x67, 0xFF, 0x01, 0x9F, 0x2F, 0x43, 0xEB, 0x6F, 0x2F, 0x9F, 0x97, 0xDF, 0x2F, 0x00, 0x60, 0x23, 0xCF, 0x2F, 0x34, 0x33, 0xFF, 0x7F, 0x2F, 0x38, 0x2F, 0x00, 0x3F, 0x2F, 0x00, 0x50, 0x23, 0xDF, 0x2F, 0x00, 0x50, 0x8F, 0xDF, 0x2F, 0x00, 0x60, 0x23, 0xFF, 0x00, 0x10, 0x8F, 0x6F, 0x2F, 0x40, 0x8F, 0x00, 0x2F, 0x2F, 0x00, 0x50, 0x23, 0x01, 0x7C, 0x07, 0x01, 0xB1, 0x63, 0x9F, 0x2F, 0xFF, 0x00, 0x91, 0x63, 0x00, 0x40, 0x23, 0x04, 0x61, 0x63, 0x00, 0x30, 0x8F, 0xF1, 0x63, 0x00, 0x40, 0x23, 0x03, 0x81, 0x63, 0x01, 0x5B, 0xA7, 0xFF, 0x01, 0x95, 0x8F, 0x46, 0x27, 0x6F, 0x23, 0x9F, 0xDF, 0xD5, 0x8F, 0x00, 0x60, 0x23, 0xC5, 0x8F, 0x4F, 0xDF, 0xFF, 0x6F, 0x0B, 0x4F, 0xDF, 0x00, 0x25, 0x8F, 0x00, 0x50, 0x23, 0xD5, 0x8F, 0x00, 0x50, 0x8F, 0xD5, 0x8F, 0x00, 0x60, 0x23, 0xFF, 0x00, 0x10, 0x8F, 0x6E, 0xDB, 0x40, 0x8F, 0x00, 0x25, 0x8F, 0x00, 0x50, 0x23, 0x01, 0x7C, 0x07, 0x01, 0xB1, 0x63, 0x9E, 0xC3, 0xFF, 0x00, 0x91, 0x63, 0x00, 0x40, 0x23, 0x04, 0x61, 0x63, 0x00, 0x30, 0x8F, 0xF1, 0x63, 0x00, 0x40, 0x23, 0x03, 0x61, 0x63, 0x00, 0x7C, 0x5F, 0x78, 0x4C, 0x2C, 0x5C, 0xBC, 0x5F, 0x3E, 0x51, 0x7C, 0x5F, 0x65, 0x00, 0x73, 0xC5, 0xCC, 0x5F, 0x3B, 0x9C, 0x47, 0x5F, 0x43, 0x00, 0x4C, 0x5F, 0xFC, 0x2E, 0xBB, 0x7A, 0x0F, 0x5B, 0x58, 0x4C, 0x5F, 0x3C, 0x82, 0x3B, 0xAB, 0xBC, 0x2F, 0xFF, 0xFC, 0xAB, 0x2F, 0xF8, 0x3C, 0x2E, 0xDB, 0x7C, 0x2E, 0xDF, 0xBC, 0x2E, 0xE3, 0x00, 0x3C, 0x47, 0xE5, 0x3E, 0xC7, 0x5E, 0xFB, 0x00, 0x7A, 0x3B, 0x80, 0xBF, 0x9A, 0x3B, 0x60, 0x88, 0xC7, 0xEE, 0x00, 0x3C, 0x2B, 0x00, 0x70, 0x4B, 0x9F, 0x2B, 0xCA, 0x2A, 0xB7, 0x00, 0x9B, 0xCB, 0x01, 0x10, 0x3F, 0xF2, 0xFB, 0xA0, 0x3F, 0x00, 0x1B, 0xA3, 0x01, 0xD0, 0x3F, 0x00, 0x29, 0xEF, 0x01, 0x00, 0xBF, 0x8E, 0x2B, 0x77, 0x70, 0xFF, 0xDD, 0x00, 0x27, 0x67, 0x01, 0x00, 0xFF, 0x24, 0xF0, 0x3F, 0xDF, 0x83, 0x01, 0x01, 0x3F, 0x30, 0x00, 0x8E, 0xBB, 0x95, 0x5E, 0xBF, 0x59, 0x54, 0x7E, 0xBF, 0xB4, 0x2E, 0xBC, 0x10, 0x2F, 0xFB, 0x0C, 0x6C, 0x79, 0x74, 0x31, 0x3E, 0xD1, 0x4A, 0x9E, 0x00, 0xA0, 0x80, 0x2D, 0xE7, 0x70, 0x43, 0x74, 0x78, 0x6C, 0x31, 0x34, 0xB0, 0x61, 0xFB, 0x04, 0x2F, 0xFF, 0x2D, 0x55, 0x74, 0x65, 0x6E, 0x64, 0x08, 0x6F, 0x5F, 0x4C, 0x69, 0x2E, 0xD1, 0x73, 0x65, 0x64, 0x00, 0x42, 0x79, 0x5F, 0x31, 0x32, 0x38, 0x78, 0x36, 0x01, 0x34, 0x2E, 0x62, 0x63, 0x6C, 0x69, 0x6D, 0x3F, 0xEE, 0x5C, 0x6D, 0x2F, 0x07, 0x60, 0x62, 0x2F, 0x30, 0x57, 0x4D, 0x8B, 0x4C, 0x6F, 0x23, 0x67, 0x6F, 0xAE, 0xF5, 0xFF, 0xFF, 0xFF, 0x30, 0x03, 0x00, 0x40, 0x02, 0x7C, 0x15, 0x5F, 0xEC, 0x30, 0x6E, 0xAF, 0x7E, 0x3E, 0x13, 0x5E, 0x17, 0x70, 0x61, 0x20, 0x6E, 0x31, 0x3B, 0x5B, 0x01, 0x04, 0xFF, 0x00, 0x52, 0x01, 0x6F, 0x6F, 0x74, 0x50, 0x61, 0x6E, 0x65, 0x00, 0xB0, 0xEB, 0xC3, 0x00, 0x50, 0x47, 0x50, 0xDF, 0x70, 0x61, 0x73, 0x31, 0x3B, 0xAF, 0x70, 0x53, 0x4F, 0x03, 0x20, 0x53, 0x4E, 0x5F, 0x30, 0x55, 0x00, 0x0F, 0xA2, 0x01, 0x20, 0x53, 0x4C, 0xDF, 0x42, 0x42, 0x80, 0x53, 0x69, 0x63, 0x31, 0x80, 0x3C, 0x1B, 0x07, 0x7E, 0xFF, 0x00, 0x41, 0x03, 0x7E, 0xEC, 0x2D, 0x67, 0x82, 0x2B, 0x00, 0x20, 0xEF, 0x2F, 0x6F, 0x80, 0x78, 0x42, 0xF1, 0x2B, 0x71, 0xA5, 0xCF, 0x2F, 0xC1, 0x27, 0x80, 0x3F, 0x70, 0x30, 0x61, 0x65, 0x60, 0xDB, 0x50, 0x07, 0x67, 0x72, 0x70, 0x31, 0xC3, 0x3C, 0xA3, 0x31, 0x33, 0x47, 0x72, 0x6F, 0x75, 0x3C, 0x9B, 0x7F, 0xF3, 0x38, 0x67, 0x72, 0x51, 0x07, 0x30, 0x23, 0x34, 0x63, 0x47, 0x5F, 0x41, 0xFC, 0xCF, 0xDF, 0x3F, 0xDB, 0xF1, 0x17, 0xF1, 0xD7, 0x30, 0x5F, 0x3F, 0xEB, 0x47, 0x5F, 0x7E, 0x42, 0xCF, 0x79, 0x3F, 0xF3, 0x00, 0x90, 0x2B, 0xD4, 0xAB, 0x3F, 0xEF, 0xF1, 0x7F, 0x67, 0x6A, 0x72, 0x50, 0xC7, 0x00, 0x72, 0xBF, 0x3C, 0x22, 0xBC, 0x22, 0x00, 0x02, 0xBF, 0xC8, 0xD6, 0x82, 0xBF, 0x3D, 0x7F, 0x07, 0x64, 0xBB, 0x2D, 0x2F, 0xFF, 0x2F, 0x08, 0x00, 0x74, 0x4F, 0x34, 0xA1, 0x32, 0xF3, 0x2F, 0xFF, 0x78, 0x2F, 0xFB, 0x33, 0x64, 0x75, 0x73, 0x62, 0xA1, 0x62, 0xC7, 0x80, 0x10, 0x31, 0xF0, 0x10, 0x32, 0xF0, 0x21, 0x4E, 0x33, 0x62, 0xFA, 0x4C, 0x54, 0x90, 0x3E, 0x30, 0x0B, 0x70, 0x39, 0x4C, 0x0E, 0x54, 0x4D, 0x61, 0x73, 0x3C, 0xCC, 0x63, 0x22, 0x33, 0x1F, 0xA8, 0x0A, 0x06, 0x00, 0x00, 0x0B, 0x2F, 0xFF, 0x38, 0x2F, 0xFF, 0x88, 0xAA, 0x2F, 0xFB, 0x08, 0x2F, 0xF4, 0x88, 0x2F, 0xF8, 0x08, 0x2F, 0xD4, 0x88, 0xAA, 0x2F, 0xD8, 0x4C, 0x2F, 0x10, 0xE8, 0x2F, 0x14, 0xAC, 0x23, 0x74, 0x48, 0x76, 0x05, 0x2F, 0xD7, 0x20, 0x2F, 0x00, 0x35, 0x47, 0xAA, 0x53, 0x4B, 0x00, 0x83, 0x47, 0x02, 0xED, 0x00, 0xA3, 0x47, 0x00, 0x35, 0x57, 0x00, 0xB3, 0x97, 0xD5, 0x20, 0xB3, 0x00, 0xB3, 0x97, 0x40, 0x24, 0x20, 0xA1, 0x30, 0x03, 0x11, 0x2F, 0xFB, 0x74, 0x06, 0x00, 0x04, 0x30, 0x03, 0x87, 0x30, 0x0B, 0x65, 0x06, 0x00, 0x01, 0x30, 0x03, 0x30, 0x17, 0x31, 0x87, 0xA6, 0x5E, 0x03, 0x05, 0x2F, 0x47, 0x4F, 0x5F, 0x31, 0x32, 0x01, 0xB0, 0x7F, 0x01, 0xC1, 0x03, 0xE0, 0x7F, 0xD2, 0xA9, 0x00, 0x00, 0x8C, 0x8C, 0x8C, 0x05, 0xA0, 0x7F, 0xDF, 0x00, 0x16, 0x97, 0x00, 0xF1, 0x7F, 0x03, 0x03, 0xC1, 0x7F, 0x00, 0x16, 0xD7, 0x45, 0x9B, 0x2F, 0xB4, 0x00, 0x25, 0x9B, 0x2C, 0x80, 0x3F, 0x23, 0x44, 0x04, 0x25, 0x97, 0x30, 0x03, 0x06, 0x00, 0x03, 0x06, 0x06, 0x73, 0x09, 0xED, 0xBE, 0x30, 0x03, 0x3F, 0xFB, 0x0D, 0x3A, 0x57, 0xDE, 0x40, 0x30, 0x03, 0xE0, 0x13, 0xC0, 0x30, 0x03, 0xC0, 0x00, 0x75, 0xC7, 0x78, 0x54, 0x10, 0x04, 0x00, 0x01, 0x10, 0x04, 0x28, 0x10, 0x02, 0xA2, 0x37, 0x46, 0xF2, 0x37, 0x26, 0x06, 0x02, 0x3E, 0x05, 0x66, 0x23, 0x33, 0x00, 0x12, 0x43, 0x4D, 0x5F, 0x00, 0x35, 0xAA, 0x00, 0x36, 0x5E, 0x80, 0x58, 0xEA, 0x23, 0x77, 0x05, 0x26, 0x5B, 0x30, 0x03, 0x30, 0x8E, 0xE3, 0x7D, 0xBE, 0x30, 0x03, 0xB0, 0xBF, 0xE0, 0x13, 0xC0, 0xBF, 0x50, 0xA7, 0x00, 0x00, 0xC0, 0xA7, 0xE1, 0x00, 0x21, 0x5F, 0xCF, 0x5F, 0x01, 0xB1, 0x5F, 0x2F, 0xA1, 0xBD, 0xBF, 0x30, 0x03, 0x86, 0x3F, 0xF7, 0xCE, 0x95, 0x17, 0x41, 0x30, 0x03, 0xE0, 0x13, 0xC1, 0xF0, 0x30, 0x03, 0x05, 0x21, 0x5F, 0x00, 0x00, 0xC3, 0x01, 0x31, 0x5F, 0x61, 0x0B, 0xB6, 0xBF, 0xFF, 0x30, 0x03, 0xB0, 0xBF, 0xE0, 0x13, 0xC0, 0xBF, 0x02, 0x61, 0x5F, 0xCD, 0xF7, 0x01, 0xB2, 0xBF, 0x3F, 0xF7, 0xFF, 0x50, 0x03, 0x5D, 0xA7, 0x50, 0x03, 0xC0, 0x13, 0x4F, 0xF7, 0x05, 0x22, 0xBF, 0x00, 0x00, 0xC3, 0x01, 0x32, 0xBF, 0xFF, 0x3F, 0xE3, 0x3F, 0xE7, 0xB0, 0xBF, 0xE0, 0x13, 0xC0, 0xBF, 0x01, 0xF2, 0xBF, 0x03, 0x59, 0x67, 0x57, 0x87, 0xFE, 0x00, 0x59, 0x67, 0x00, 0x1C, 0x63, 0x99, 0x13, 0x40, 0x03, 0x00, 0x79, 0x13, 0x3F, 0x93, 0xC9, 0x67, 0xA0, 0xB1, 0x4E, 0xC7, 0xF5, 0x00, 0x84, 0xD3, 0x70, 0x53, 0x46, 0x31, 0x32, 0x00, 0x63, 0x2F, 0xD0, 0x58, 0x2F, 0xFA, 0x93, 0x05, 0x4F, 0xF1, 0x00, 0x00, 0xCD, 0xCC, 0x4F, 0x4C, 0x28, 0x36, 0x80, 0x3F, 0x50, 0x07, 0x40, 0x0F, 0x4A, 0x8F, 0x50, 0x07, 0xFE, 0x9F, 0xEC, 0xE0, 0x0B, 0x40, 0x03, 0x00, 0x0A, 0x0F, 0x2A, 0xB7, 0x00, 0xA4, 0xB7, 0x60, 0xFB, 0x20, 0xFB, 0x01, 0xC0, 0xA7, 0x27, 0x62, 0x01, 0x00, 0xA7, 0x8A, 0x0F, 0x81, 0x2F, 0x91, 0x00, 0x84, 0xA3, 0x71, 0x83, 0x17, 0x10, 0xF4, 0xBF, 0x01, 0xC1, 0x2F, 0x07, 0x04, 0xD1, 0x2F, 0x00, 0x80, 0xA7, 0x01, 0xF1, 0x2F, 0x7D, 0x08, 0x02, 0x41, 0x2F, 0x00, 0x5D, 0x8B, 0xE1, 0xB7, 0xEB, 0xCB, 0x00, 0xD2, 0x5F, 0x09, 0x04, 0xD2, 0x5F, 0xDE, 0x00, 0xB0, 0xA7, 0x01, 0xC3, 0x07, 0x0A, 0x01, 0xE2, 0x5F, 0x92, 0xE7, 0x00, 0x1F, 0xFB, 0x5F, 0xC7, 0xF8, 0xD6, 0x25, 0x6F, 0x3C, 0xFB, 0xA0, 0x00, 0x68, 0x1F, 0x10, 0x43, 0xE3, 0x00, 0x5C, 0xF7, 0x50, 0x8F, 0x43, 0x83, 0x00, 0x00, 0x44, 0x6C, 0xF7, 0x30, 0x0F, 0x3E, 0x1F, 0x30, 0x0F, 0xCF, 0x2C, 0xF7, 0x6D, 0x77, 0x03, 0x08, 0x6D, 0x77, 0x00, 0xC3, 0x67, 0x00, 0x70, 0x7F, 0x4D, 0x77, 0x5F, 0x41, 0xFE, 0xA3, 0x01, 0x01, 0x4D, 0x77, 0x00, 0x3D, 0xFF, 0x00, 0x1A, 0xEB, 0x01, 0x94, 0xEB, 0x00, 0x10, 0x87, 0xEE, 0x5F, 0xE9, 0x00, 0xED, 0xFF, 0x7E, 0x7F, 0x01, 0x50, 0x7F, 0xFA, 0xEB, 0x02, 0xB0, 0x7F, 0x03, 0xF7, 0x8E, 0x7F, 0x9E, 0x6F, 0xFE, 0x8F, 0x00, 0x02, 0x0F, 0x03, 0x3F, 0x07, 0x00, 0x1A, 0xF3, 0x01, 0x91, 0x8F, 0xEB, 0x00, 0x12, 0x0F, 0x2A, 0x3A, 0x04, 0x8F, 0x07, 0xDC, 0x00, 0x2F, 0x07, 0x0C, 0x4F, 0x07, 0xD6, 0xB7, 0xFF, 0xFD, 0x97, 0xFD, 0x57, 0xFC, 0xE7, 0xFC, 0x77, 0xFC, 0x07, 0xFB, 0x97, 0xFA, 0xE3, 0xFA, 0x57, 0xF7, 0xF9, 0xA3, 0xF9, 0x17, 0xF8, 0x63, 0x3F, 0xE3, 0xCC, 0x00, 0x2F, 0xA7, 0x3E, 0x8F, 0x0A, 0x30, 0xCB, 0x5C, 0x2C, 0x41, 0xA7, 0x43, 0xCF, 0x1B, 0x37, 0x0D, 0xF8, 0x5F, 0x67, 0x72, 0xC1, 0x56, 0xFF, 0x01, 0x48, 0xC3, 0x40, 0x00, 0x78, 0x80, 0x80, 0x34, 0x6F, 0x18, 0x00, 0x00, 0x0A, 0x2B, 0x81, 0x20, 0x0B, 0xEF, 0x80, 0x80, 0x00, 0xEF, 0xEF, 0xFF, 0xF8, 0x0B, 0xBF, 0x70, 0x01, 0x20, 0xFF, 0xF6, 0x8F, 0x85, 0x20, 0x00, 0x88, 0x40, 0x30, 0x83, 0x50, 0x27, 0x1C, 0xCF, 0x00, 0x01, 0x30, 0x20, 0x0B, 0x30, 0x03, 0xC0, 0x38, 0x36, 0x4F, 0x79, 0x87, 0x00, 0x05, 0xFD, 0xFC, 0x0B, 0x61, 0x0A, 0x3F, 0x85, 0x3F, 0x89, 0xFC, 0xFC, 0x0A, 0x0A, 0x30, 0x03, 0x82, 0x2F, 0xFA, 0x83, 0x00, 0x00, 0xF7, 0xF7, 0x3F, 0x10, 0xBF, 0x70, 0xFF, 0x31, 0x7A, 0x20, 0x0B, 0x20, 0x0F, 0xFF, 0x9F, 0xCF, 0xFF, 0x08, 0x1F, 0x2F, 0xF6, 0x60, 0xAF, 0xE5, 0x81, 0x00, 0x00, 0x12, 0xF3, 0xF3, 0x01, 0x22, 0xB0, 0xCF, 0xFF, 0x30, 0x05, 0xF3, 0x41, 0xF3, 0x40, 0x03, 0x28, 0x00, 0x00, 0x5F, 0x5F, 0x40, 0x5F, 0x07, 0x88, 0xFE, 0xCA, 0xFF, 0xCC, 0x30, 0x0B, 0x40, 0x0F, 0x7F, 0xEC, 0x06, 0x88, 0x00, 0x88, 0xFF, 0xCC, 0x2F, 0xCC, 0x30, 0x07, 0xCF, 0x4B, 0xFF, 0x21, 0xEE, 0xFC, 0xFC, 0x30, 0x7D, 0x0C, 0x22, 0xC0, 0x30, 0x03, 0x80, 0x20, 0x1F, 0x06, 0xFF, 0xCC, 0x0D, 0x0A, 0x00, 0x30, 0x0F, 0x00, 0x88, 0x60, 0x60, 0x50, 0xE7, 0x3F, 0xFF, 0x30, 0x0B, 0x40, 0x0F, 0xB2, 0x30, 0x3F, 0xCD, 0x20, 0x37, 0x50, 0x47, 0xCC, 0x02, 0x2D, 0xA7, 0x34, 0x2D, 0xFF, 0x33, 0x41, 0x0F, 0x33, 0x30, 0x07, 0x40, 0x3F, 0x0E, 0x30, 0xC7, 0x5F, 0x84, 0x25, 0xCB, 0xF8, 0x4F, 0xD3, 0x2F, 0x9F, 0x50, 0x0B, 0x20, 0x0F, 0x2F, 0xE8, 0x18, 0xAF, 0xFF, 0x00, 0x30, 0xE7, 0x5F, 0xD7, 0x8E, 0xBF, 0xFF, 0x0A, 0x0E, 0x1E, 0xF7, 0x70, 0x32, 0x64, 0xBF, 0x40, 0xC7, 0x00, 0x09, 0x82, 0x00, 0x00, 0xF4, 0x40, 0xC7, 0x4F, 0x4F, 0x3F, 0xFF, 0xE0, 0x50, 0xD7, 0x30, 0x0B, 0x40, 0x0F, 0x80, 0x00, 0x88, 0xF1, 0xE1, 0x21, 0xFF, 0xEF, 0x70, 0x7F, 0xE1, 0xE1, 0x7F, 0x7F, 0x30, 0x03, 0x80, 0xE0, 0xDF, 0xDC, 0x00, 0x15, 0x00, 0x00, 0xEF, 0xFF, 0x62, 0x05, 0x40, 0x41, 0x3F, 0xDA, 0xD3, 0x40, 0xDF, 0x2E, 0xBE, 0xFD, 0x67, 0xFA, 0x00, 0x0E, 0x0F, 0x2F, 0xB5, 0x07, 0x09, 0x01, 0xAA, 0xBD, 0x21, 0xEB, 0x31, 0xEF, 0x18, 0x01, 0x01, 0x60, 0x25, 0x3F, 0x40, 0x0F, 0xFF, 0x70, 0x00, 0x30, 0xDE, 0x01, 0x30, 0x0B, 0x39, 0x69, 0xFF, 0xF6, 0x1C, 0xCF, 0x00, 0x50, 0x00, 0xFF, 0xF5, 0x30, 0x31, 0xFF, 0xFF, 0x50, 0x5C, 0x46, 0x97, 0x50, 0x5F, 0xBF, 0xF5, 0xFF, 0xFF, 0x40, 0x1C, 0x00, 0xEE, 0x10, 0xF1, 0xEF, 0x41, 0xFF, 0x2F, 0xFF, 0xFC, 0xFD, 0x0C, 0x0A, 0x0B, 0xEB, 0x10, 0x30, 0x88, 0x51, 0xEF, 0x2F, 0x2F, 0x32, 0x00, 0x00, 0x30, 0x03, 0x51, 0xFF, 0xE6, 0x10, 0x30, 0x0F, 0x2E, 0x90, 0x2F, 0xE0, 0xF5, 0x50, 0x30, 0xC7, 0xF5, 0x40, 0x02, 0x1D, 0x1A, 0xF3, 0xF2, 0xDF, 0x20, 0x54, 0x7F, 0xF3, 0xF4, 0x2F, 0x99, 0x00, 0x3B, 0x00, 0xD4, 0x41, 0xFB, 0xB1, 0xEF, 0x32, 0x0B, 0x4E, 0xB6, 0x9A, 0xF1, 0xEF, 0x87, 0x20, 0x79, 0x00, 0x00, 0xEB, 0x10, 0x31, 0xFF, 0x33, 0xE7, 0x00, 0x01, 0xEF, 0x80, 0xB1, 0xFF, 0x00, 0xEE, 0x11, 0xFF, 0x35, 0xFF, 0x33, 0xD0, 0x30, 0xF7, 0x21, 0xF2, 0x33, 0x3F, 0xDF, 0x57, 0xFF, 0x55, 0xFF, 0x05, 0xEE, 0x11, 0xEE, 0x11, 0x55, 0x60, 0x07, 0x06, 0x87, 0x06, 0x81, 0x51, 0xEF, 0x55, 0xFF, 0x04, 0x0D, 0xEE, 0x11, 0x34, 0x41, 0x81, 0x32, 0x0B, 0xE7, 0x10, 0x1E, 0x1E, 0x00, 0x00, 0x30, 0x03, 0x10, 0xF6, 0x60, 0xCF, 0x2E, 0xEE, 0xF6, 0x50, 0x1E, 0x1F, 0x10, 0x00, 0x00, 0x1D, 0xAF, 0xA4, 0x01, 0x1C, 0xF3, 0xF3, 0x65, 0xCF, 0x21, 0x2C, 0x71, 0xEF, 0xF5, 0x50, 0x37, 0xDB, 0xE4, 0x42, 0x0B, 0xD0, 0x30, 0xC7, 0x61, 0xEF, 0x6F, 0x7F, 0xD7, 0xE1, 0xF1, 0xAF, 0xFF, 0x70, 0xD1, 0x20, 0x97, 0x70, 0x7F, 0x9F, 0xEF, 0xF9, 0xFB, 0x10, 0x90, 0x50, 0xFE, 0x20, 0x9D, 0x65, 0x30, 0x9F, 0x01, 0xFB, 0xFF, 0x9F, 0x36, 0x0B, 0x7C, 0x33, 0xB3, 0x2C, 0x6C, 0x06, 0x5B, 0xBA, 0x00, 0x4C, 0xB2, 0x43, 0x02, 0x4C, 0x49, 0x4D, 0xFF, 0xFE, 0x14, 0x2F, 0xFA, 0x02, 0x30, 0x02, 0x28, 0x29, 0xD7, 0x3B, 0x3D, 0x69, 0x6D, 0x61, 0x67, 0x46, 0x10, 0x4C, 0x7C, 0x10, 0x00, 0x0D, 0x62, 0x33, 0x06, 0xD0, 0x01, 0x20, 0x15, 0xA0, 0x00, 0x71, 0x23, 0xDF, 0xFF, 0x33, 0xBF, 0xC0, 0x2E, 0xAB, 0x01, 0xC0, 0xC0, 0xAF, 0x9F, 0x00, 0x00, 0x9F, 0x20, 0x03, 0xE0, 0x73, 0x97, 0x80, 0x07, 0xFF, 0xA0, 0x78, 0x00, 0x02, 0xFF, 0xFC, 0x61, 0x3E, 0x4F, 0x7B, 0x3F, 0xCE, 0x90, 0x90, 0xDF, 0xDF, 0x30, 0x03, 0xF2, 0x01, 0x9D, 0xBF, 0x50, 0x6F, 0x30, 0x6B, 0x40, 0x6F, 0x00, 0xB0, 0x44, 0x93, 0xDF, 0x8F, 0x22, 0x07, 0xD7, 0x00, 0xEE, 0x00, 0x0E, 0xAE, 0x42, 0x17, 0x20, 0x17, 0x70, 0x07, 0xA0, 0x40, 0x6F, 0x80, 0x90, 0x6F, 0xC5, 0xFF, 0xCF, 0x7F, 0xDE, 0x7B, 0x00, 0x95, 0x7D, 0xC1, 0x7F, 0x63, 0x53, 0x71, 0x7F, 0x20, 0x71, 0x7F, 0xC2, 0xCF, 0xAC, 0x06, 0xB1, 0x8B, 0x50, 0xA8, 0x22, 0x70, 0x28, 0x2E, 0x2D, 0xE6, 0x10, 0x00, 0x22, 0x43, 0xFD, 0x3A, 0x8F, 0x76, 0x00, 0x98, 0x6F, 0xA8, 0xCE, 0x42, 0x47, 0x2D, 0x83, 0xFF, 0x7A, 0xFF, 0x45, 0x4F, 0xDE, 0xAA, 0x28, 0x00, 0xBB, 0x4A, 0xAF, 0xBB, 0x50, 0x07, 0xFF, 0x23, 0xEF, 0x84, 0x42, 0xB3, 0xFF, 0x21, 0xFF, 0x53, 0x4F, 0xFE, 0x9A, 0x00, 0x50, 0x68, 0x4A, 0xCF, 0x24, 0x3F, 0xE8, 0xAD, 0xFF, 0xFF, 0xC8, 0xA8, 0x3A, 0xDB, 0xB3, 0x5F, 0xF4, 0xFA, 0x56, 0x77, 0x27, 0xFF, 0x00, 0x7E, 0x4B, 0x85, 0x3F, 0x7B, 0x87, 0x26, 0x8B, 0x2D, 0xED, 0xB3, 0xC2, 0x07, 0xC0, 0x0A, 0x21, 0x1C, 0xF6, 0x22, 0xFF, 0x26, 0xC5, 0x86, 0x4F, 0x7F, 0xDD, 0x22, 0xFF, 0x46, 0x32, 0x4F, 0x5A, 0x43, 0xFF, 0x97, 0x6B, 0xC7, 0x37, 0x3B, 0x10, 0x03, 0xE7, 0xF2, 0xF4, 0xFF, 0xFF, 0xFC, 0x2F, 0x74, 0x30, 0x03, 0xA0, 0x9F, 0x7B, 0xDF, 0xAF, 0x86, 0x0C, 0x09, 0xFF, 0x4F, 0x02, 0x00, 0x00, 0xFF, 0xAD, 0xBF, 0x04, 0x28, 0xFF, 0x00, 0x22, 0x6C, 0x03, 0x07, 0xE0, 0xF8, 0xD6, 0x00, 0xDD, 0x00, 0x48, 0x51, 0xDD, 0xD0, 0x26, 0x03, 0x61, 0xEF, 0x54, 0x00, 0x3C, 0xFD, 0xFF, 0xB8, 0xFF, 0xFE, 0x12, 0x00, 0x00, 0x51, 0x41, 0xEF, 0xFD, 0xA0, 0x97, 0x7F, 0x10, 0x06, 0x00, 0xFE, 0xFC, 0x10, 0xA0, 0x23, 0xF1, 0x6F, 0xE0, 0x2C, 0x01, 0xEF, 0x00, 0x03, 0xFF, 0xFF, 0x1E, 0x8F, 0xA1, 0x1B, 0x50, 0xEF, 0x21, 0x1F, 0xAF, 0x05, 0x94, 0x99, 0xA1, 0xF2, 0x00, 0x00, 0x70, 0xF2, 0x20, 0x03, 0x85, 0x89, 0x40, 0xD7, 0x37, 0xFF, 0x01, 0xBE, 0x88, 0x4D, 0x8F, 0x58, 0x00, 0x23, 0x4F, 0xFF, 0x64, 0xFF, 0xA7, 0x8B, 0x47, 0xE7, 0xDC, 0xFF, 0xED, 0x79, 0x80, 0xDE, 0x28, 0x80, 0x30, 0xD2, 0x22, 0xCC, 0xFF, 0x50, 0xCF, 0x21, 0x00, 0x32, 0x42, 0xDF, 0x33, 0x47, 0x00, 0x26, 0x52, 0x73, 0x30, 0xFB, 0x3F, 0x93, 0x40, 0x04, 0x63, 0x3F, 0x4C, 0x12, 0x38, 0x27, 0x7A, 0xEF, 0x35, 0x94, 0x72, 0xEF, 0x8E, 0xFF, 0x0B, 0xFF, 0x2F, 0x05, 0x4D, 0x2F, 0xAA, 0x6B, 0x03, 0xE4, 0x0C, 0x00, 0xB5, 0xFF, 0x74, 0x40, 0x29, 0xD4, 0x07, 0x55, 0xFF, 0x08, 0xC0, 0x7F, 0x91, 0x4A, 0x8B, 0x99, 0x00, 0x7E, 0x99, 0x5F, 0x97, 0x5A, 0x97, 0x8F, 0xA7, 0x70, 0x17, 0x60, 0x1F, 0x8F, 0xC7, 0x56, 0x1B, 0xFF, 0x55, 0x01, 0x37, 0x97, 0x90, 0x1F, 0x78, 0x4F, 0xE3, 0x27, 0xC0, 0x9B, 0x4A, 0x27, 0x97, 0xFF, 0x2A, 0xA7, 0x27, 0x85, 0x35, 0x26, 0xBF, 0x24, 0x07, 0x88, 0x3F, 0xE7, 0x8B, 0xFF, 0x03, 0x44, 0x10, 0xC6, 0x00, 0xFF, 0x68, 0xD4, 0x80, 0x5F, 0x3F, 0xFF, 0x17, 0x9F, 0xD5, 0xEF, 0xFF, 0x07, 0x66, 0xCF, 0x45, 0x6F, 0x2B, 0x77, 0x3E, 0xEF, 0x3B, 0x7D, 0xAF, 0xF1, 0x30, 0x22, 0x20, 0xFB, 0x5F, 0xEF, 0xF3, 0xF9, 0xF8, 0x90, 0x3F, 0x31, 0x4C, 0xB7, 0x22, 0x97, 0x00, 0x75, 0x85, 0xBF, 0x2F, 0xEA, 0xAF, 0x0D, 0x08, 0xFF, 0x9E, 0xFF, 0x45, 0x4F, 0xE1, 0xA9, 0x00, 0x9A, 0xA2, 0x45, 0xBF, 0x89, 0x55, 0xA7, 0xFF, 0x22, 0xFF, 0x3E, 0x7F, 0x00, 0x0A, 0xFF, 0x75, 0xFF, 0xDA, 0x4F, 0xFF, 0x23, 0x35, 0xB7, 0x5E, 0x83, 0x8A, 0x8F, 0xFF, 0xFF, 0x7F, 0x8F, 0x52, 0x23, 0x0C, 0x0D, 0x92, 0x31, 0xEF, 0xE1, 0xEF, 0xE1, 0xFF, 0x7F, 0xA7, 0x02, 0x2D, 0x07, 0x30, 0x03, 0xF0, 0x0F, 0x01, 0x1D, 0x86, 0x83, 0x45, 0x3E, 0x00, 0xFB, 0xB0, 0xFF, 0xFF, 0x25, 0x13, 0x4C, 0x5F, 0x9D, 0x5F, 0xE8, 0xF2, 0xD0, 0x28, 0x8B, 0x25, 0x31, 0x77, 0x11, 0x0D, 0xA5, 0x1B, 0xC1, 0x96, 0x44, 0x2D, 0x69, 0xFB, 0x01, 0x07, 0xF8, 0xF2, 0x86, 0x45, 0x04, 0x0E, 0x50, 0x00, 0x2F, 0x3F, 0x2C, 0x87, 0xE5, 0xFF, 0x09, 0xFF, 0x20, 0x00, 0xFA, 0x2D, 0xB1, 0x0D, 0x6F, 0x76, 0x87, 0x0E, 0x18, 0xEF, 0x00, 0x38, 0x77, 0x77, 0xC2, 0x5F, 0xAE, 0x2B, 0x6B, 0x1E, 0xFF, 0x01, 0xAF, 0x47, 0xCF, 0x4C, 0x6F, 0x26, 0x89, 0x00, 0x3E, 0x47, 0x3A, 0xE5, 0x0D, 0xB4, 0x2F, 0x04, 0xF1, 0xFF, 0x7F, 0xF1, 0xA0, 0xB0, 0x2C, 0x0D, 0xF4, 0x79, 0x7C, 0x0E, 0x00, 0x60, 0xFB, 0xFF, 0x28, 0x32, 0x00, 0xB0, 0x01, 0x24, 0x07, 0x4F, 0x3C, 0x08, 0x2F, 0x2C, 0x6F, 0x2E, 0xDD, 0xBD, 0xFE, 0xDB, 0x59, 0x00, 0xD8, 0xAD, 0x5E, 0x97, 0xA5, 0x37, 0x87, 0x61, 0x00, 0x17, 0x9F, 0x38, 0x93, 0x40, 0x96, 0x9E, 0xA5, 0x7D, 0xDF, 0xFE, 0x28, 0xAF, 0xD0, 0xE1, 0x39, 0xF1, 0x1A, 0x27, 0x87, 0xD8, 0x2F, 0xF7, 0x2F, 0xE3, 0x3F, 0x2B, 0x55, 0x98, 0xBE, 0x04, 0x07, 0xFF, 0x34, 0xFF, 0x08, 0x4F, 0x09, 0x0E, 0x13, 0xFF, 0x20, 0x4A, 0xBF, 0x22, 0x00, 0x47, 0x22, 0xC3, 0xEF, 0xDE, 0xFF, 0xDD, 0x55, 0x42, 0x60, 0x17, 0x30, 0x1F, 0x80, 0x49, 0x23, 0xFF, 0xED, 0xFF, 0x00, 0x31, 0x00, 0x95, 0xC9, 0x7A, 0xDB, 0x60, 0x37, 0xEE, 0x12, 0x2F, 0x61, 0x50, 0xFD, 0xDA, 0x11, 0x09, 0xFF, 0xBD, 0xFF, 0x69, 0x45, 0xE7, 0x14, 0x6B, 0x9B, 0x0F, 0x0D, 0x8E, 0x5E, 0x01, 0x9F, 0x6C, 0x52, 0x00, 0x1C, 0x2A, 0x35, 0x2E, 0xEF, 0x89, 0x2F, 0x03, 0xAD, 0x00, 0x47, 0x5A, 0x6F, 0xFD, 0x74, 0x4F, 0x9F, 0x1E, 0xB9, 0xFF, 0xDC, 0x4F, 0xFF, 0x28, 0x6C, 0x2B, 0xB2, 0x4F, 0x57, 0xBB, 0x6A, 0xFF, 0x2B, 0xAA, 0x2D, 0x64, 0x10, 0x60, 0xB7, 0x32, 0x35, 0xDC, 0x10, 0x15, 0x00, 0xB4, 0xEC, 0x2F, 0xD7, 0xF9, 0x7B, 0x78, 0xEF, 0x68, 0x9F, 0x10, 0x8B, 0xFF, 0x25, 0xAB, 0x8F, 0x6D, 0xFF, 0x8F, 0x02, 0x5F, 0x00, 0x3F, 0xCD, 0x6C, 0x01, 0xEC, 0xAC, 0xCE, 0x7F, 0x2E, 0xAB, 0xDE, 0x7F, 0x68, 0x7F, 0xC0, 0x9D, 0x2E, 0x04, 0x0E, 0x88, 0xFF, 0xEF, 0xEF, 0x8A, 0xAF, 0x8E, 0x00, 0x47, 0x24, 0xDD, 0x78, 0xDD, 0x77, 0x33, 0x11, 0x01, 0x33, 0x11, 0x8D, 0x7D, 0x13, 0x13, 0x7D, 0x20, 0x03, 0xBF, 0x8A, 0xBF, 0x77, 0x50, 0x17, 0x70, 0x07, 0xFF, 0x49, 0x30, 0x2B, 0xB0, 0x2F, 0xF0, 0x0F, 0xB7, 0x01, 0xB9, 0x7F, 0xA8, 0x6D, 0xEA, 0x7F, 0x7F, 0x10, 0x6F, 0x7F, 0x27, 0xB0, 0x04, 0xA1, 0x00, 0xA0, 0x0D, 0xB0, 0x01, 0x02, 0x60, 0xED, 0x61, 0xFF, 0x2C, 0xFF, 0xBE, 0x35, 0xFF, 0xF0, 0x3E, 0xB7, 0x00, 0xC0, 0xFF, 0x19, 0x00, 0x21, 0x1D, 0x01, 0x28, 0xFA, 0x18, 0xCC, 0xFF, 0x3A, 0x3B, 0x92, 0x40, 0x3F, 0x17, 0xFF, 0x6B, 0x8D, 0x27, 0x4C, 0x84, 0xFF, 0xE9, 0xBD, 0xB9, 0x3C, 0xB8, 0xFD, 0x23, 0x34, 0xE2, 0x30, 0x62, 0x4C, 0xDA, 0x40, 0x13, 0xF7, 0xFF, 0xF1, 0x20, 0x03, 0xEF, 0x08, 0xFF, 0xE8, 0xFF, 0xE0, 0x20, 0x03, 0xE1, 0xFF, 0xD9, 0x38, 0xFF, 0xD3, 0x50, 0x95, 0x2E, 0xE1, 0x21, 0x87, 0x57, 0xFF, 0x86, 0x34, 0xFF, 0xD1, 0x93, 0x69, 0x30, 0x41, 0xFA, 0x31, 0x9F, 0xAC, 0xFF, 0x44, 0xC7, 0x41, 0xA5, 0xD9, 0xFF, 0xE4, 0x50, 0x5B, 0xF6, 0xFF, 0x41, 0xF2, 0x20, 0x5D, 0xFB, 0xFF, 0xEE, 0xFF, 0xEA, 0x2F, 0x23, 0x54, 0xF5, 0x20, 0x05, 0xE4, 0x23, 0x97, 0xEA, 0x2E, 0x2E, 0xDA, 0xFF, 0x10, 0xDB, 0xFF, 0xD5, 0x2C, 0x6E, 0xC6, 0xFF, 0xD0, 0xFF, 0x05, 0xCB, 0xFF, 0xC1, 0xFF, 0xBC, 0x27, 0xE7, 0xE1, 0x20, 0x11, 0x41, 0xD2, 0x24, 0x7A, 0xDA, 0xFF, 0xCD, 0xFF, 0xCA, 0x20, 0x19, 0x04, 0xC1, 0xFF, 0xB7, 0xFF, 0xB3, 0x20, 0xFE, 0xBA, 0xFF, 0x14, 0xAF, 0xFF, 0xAB, 0x05, 0xD1, 0xFF, 0x5F, 0x62, 0x6D, 0x03, 0xFF, 0x51, 0x29, 0x20, 0xC2, 0xC2, 0xE1, 0x7F, 0x05, 0xFF, 0x9F, 0x22, 0x8D, 0x5B, 0x07, 0x21, 0x61, 0xA7, 0x20, 0x9A, 0x5F, 0xE9, 0x8A, 0xD9, 0x48, 0x38, 0x99, 0x50, 0xFE, 0x41, 0x01, 0xF7, 0x25, 0x34, 0xEA, 0xFF, 0xE0, 0x8D, 0xA2, 0xD1, 0x73, 0xF6, 0x80, 0x27, 0xF7, 0xFF, 0xEB, 0x25, 0x56, 0xE0, 0xA8, 0x21, 0x1D, 0xE9, 0x21, 0x25, 0xDE, 0x2F, 0x4A, 0xD4, 0xFF, 0xD3, 0x28, 0xFF, 0xC9, 0x2F, 0x52, 0xD3, 0x2B, 0x3D, 0xC9, 0xFF, 0xC8, 0xA8, 0x25, 0x49, 0xBD, 0x21, 0x07, 0xFC, 0x27, 0x46, 0xF0, 0xFF, 0xE6, 0xA2, 0x20, 0x2D, 0xE2, 0x25, 0x9E, 0xD5, 0xFF, 0xE3, 0x21, 0x95, 0xD6, 0xAA, 0x2D, 0xB0, 0xD0, 0x20, 0x21, 0xC3, 0x25, 0x10, 0xDA, 0x21, 0x3B, 0xCD, 0x28, 0xFF, 0xC5, 0x21, 0x4D, 0xC4, 0x25, 0x7B, 0xB6, 0xFF, 0xBF, 0x80, 0x21, 0x3D, 0xB2, 0xFF, 0xAB, 0xFF, 0xB0, 0xFF, 0xA9, 0x0A, 0xFF, 0xA3, 0xFF, 0x9C, 0x21, 0x51, 0xC0, 0x22, 0x4A, 0xB5, 0xA8, 0x21, 0x53, 0xAE, 0x21, 0xA8, 0xA2, 0x21, 0x59, 0xAA, 0xFF, 0xA8, 0xA0, 0x20, 0xC8, 0xA0, 0x2F, 0xE0, 0x95, 0xFF, 0x8C, 0xFF, 0xA6, 0x80, 0x2B, 0x49, 0x9A, 0xFF, 0x92, 0xFF, 0x96, 0xFF, 0x8F, 0xA8, 0x25, 0x33, 0x84, 0x20, 0x05, 0x87, 0x22, 0x2C, 0x7C, 0xFF, 0x7F, 0x2A, 0xFF, 0x79, 0x2B, 0x43, 0x6E, 0x22, 0x86, 0xB8, 0x20, 0x4B, 0xAA, 0x8C, 0x20, 0x53, 0xAD, 0xFF, 0xA4, 0x21, 0x00, 0x30, 0x53, 0x96, 0xFF, 0x54, 0x90, 0x2B, 0xFF, 0x92, 0x20, 0xFC, 0x85, 0x20, 0x4B, 0xA4, 0xFF, 0x41, 0x9B, 0x20, 0x3D, 0xA0, 0xFF, 0x9D, 0xFF, 0x93, 0x20, 0x17, 0x04, 0x8D, 0xFF, 0x89, 0xFF, 0x80, 0x20, 0x3F, 0x86, 0xFF, 0x50, 0x83, 0x20, 0x41, 0x76, 0x20, 0x0D, 0x83, 0xFF, 0x7D, 0xFF, 0x14, 0x77, 0xFF, 0x7E, 0x20, 0x4F, 0x72, 0x25, 0x87, 0x72, 0xFF, 0x04, 0x6C, 0xFF, 0x67, 0xFF, 0x62, 0x40, 0x03, 0x5C, 0xFF, 0x00, 0x58, 0xFF, 0x74, 0xFF, 0x70, 0xFF, 0x69, 0xFF, 0x50, 0x65, 0x25, 0xA1, 0x6A, 0x20, 0x15, 0x5F, 0xFF, 0x5E, 0xFF, 0x04, 0x5A, 0xFF, 0x53, 0xFF, 0x50, 0x22, 0x6C, 0x54, 0xFF, 0x14, 0x4D, 0xFF, 0x4A, 0x00, 0xD3, 0xFF, 0x16, 0x24, 0x1D, 0x6B, 0xFF, 0x6A, 0x15, 0x22, 0x66, 0x72, 0xD7, 0x85, 0x2F, 0xA8, 0xED, 0x5F, 0x95, 0xF9, 0xAA, 0x2E, 0xCE, 0xF0, 0x94, 0x3F, 0x75, 0x21, 0xBF, 0xD5, 0x84, 0x4D, 0x3D, 0xD5, 0x2F, 0xD0, 0xAF, 0xAC, 0xFD, 0x22, 0xFB, 0xE8, 0x26, 0x3B, 0xE0, 0x2F, 0xE7, 0x55, 0xF8, 0x2F, 0x06, 0xF1, 0x23, 0x03, 0xD9, 0x23, 0x01, 0xD3, 0x21, 0x7F, 0x55, 0xF0, 0x28, 0xC8, 0xE6, 0x21, 0x77, 0xD6, 0x23, 0x0F, 0xCC, 0x22, 0xD1, 0x55, 0xDD, 0x21, 0x89, 0xD5, 0x22, 0xBF, 0xC3, 0x22, 0xF6, 0xBB, 0x22, 0xB1, 0x55, 0xBF, 0x21, 0x61, 0xB5, 0x22, 0xB1, 0xA8, 0x21, 0x59, 0x9F, 0x22, 0xBB, 0x55, 0xAB, 0x21, 0x69, 0xA2, 0x21, 0x5F, 0x95, 0x2D, 0x23, 0x8C, 0x42, 0xD5, 0x5A, 0xD2, 0x21, 0x9F, 0xBF, 0x21, 0x95, 0x30, 0x1B, 0xCB, 0x27, 0x21, 0xC4, 0xAA, 0x21, 0xA7, 0xB0, 0x21, 0x9D, 0xA9, 0x21, 0x9F, 0xA6, 0x21, 0x7D, 0x9E, 0xAB, 0x21, 0x7F, 0x8F, 0x23, 0xA2, 0x87, 0x21, 0x77, 0x96, 0x26, 0xB9, 0x30, 0x0B, 0x51, 0x7F, 0x21, 0x19, 0x78, 0x21, 0x7F, 0x9E, 0xFF, 0x94, 0x20, 0x01, 0x45, 0x8A, 0x26, 0xCF, 0x82, 0xFF, 0x81, 0x20, 0x11, 0x8B, 0x20, 0x05, 0x62, 0x82, 0x20, 0x19, 0x30, 0x1B, 0x6E, 0xFF, 0x66, 0x21, 0xA5, 0x71, 0xA2, 0x21, 0x41, 0x68, 0x21, 0x3D, 0x63, 0xFF, 0x60, 0x21, 0x3B, 0x66, 0xA0, 0x21, 0x41, 0x5E, 0x2D, 0xBD, 0x57, 0xFF, 0x51, 0xFF, 0x4F, 0x2A, 0xFF, 0x48, 0x21, 0xC5, 0x70, 0x20, 0x21, 0x68, 0x80, 0x17, 0x6A, 0xAA, 0x20, 0x25, 0x63, 0x21, 0x63, 0x57, 0x20, 0x1D, 0x50, 0x20, 0x1F, 0x55, 0x20, 0xFF, 0x4E, 0x20, 0x01, 0x46, 0xFF, 0x47, 0xFF, 0x40, 0x0A, 0xFF, 0x3F, 0xFF, 0x39, 0x20, 0x07, 0x3F, 0x20, 0x09, 0x39, 0xA2, 0x20, 0x09, 0x32, 0x20, 0x01, 0x2C, 0xFF, 0x5D, 0x23, 0xF6, 0x53, 0xC0, 0x20, 0x23, 0x30, 0x03, 0x49, 0xFF, 0x44, 0xFF, 0x4B, 0xFF, 0x10, 0x45, 0xFF, 0x42, 0x21, 0x3E, 0x40, 0xFF, 0x3C, 0xFF, 0x05, 0x38, 0xFF, 0x34, 0xFF, 0x4A, 0x20, 0x39, 0x41, 0x21, 0x4E, 0x50, 0x43, 0x20, 0x05, 0x3B, 0x20, 0x11, 0x38, 0xFF, 0x35, 0xFF, 0x00, 0x31, 0xFF, 0x2E, 0xFF, 0x33, 0xFF, 0x30, 0xFF, 0x55, 0x2B, 0x23, 0x46, 0x3B, 0x20, 0x0F, 0x33, 0x20, 0x0F, 0x30, 0x24, 0xD2, 0x05, 0x2A, 0xFF, 0x26, 0xFF, 0x2D, 0x2B, 0x94, 0x27, 0x2D, 0xA5, 0x01, 0x23, 0xFF, 0x20, 0xFF, 0x1E, 0xFF, 0x1B, 0x23, 0x68, 0x50, 0x26, 0x40, 0x0B, 0x24, 0x2D, 0xB9, 0x1E, 0xFF, 0x1C, 0xFF, 0x05, 0x1D, 0xFF, 0x1A, 0xFF, 0x18, 0x21, 0xD2, 0x18, 0x24, 0xB8, 0x15, 0x13, 0xFF, 0x12, 0x33, 0x8B, 0x00, 0x20, 0x36, 0xD2, 0x6B, 0xF6, 0xB5, 0x34, 0x85, 0x00, 0x24, 0x87, 0x64, 0xB3, 0xFA, 0x2C, 0x0B, 0xEA, 0x24, 0x61, 0x55, 0xE4, 0x24, 0x57, 0xCC, 0x24, 0x59, 0xC6, 0x27, 0xFF, 0xDF, 0x24, 0x75, 0x52, 0xDA, 0x24, 0x5F, 0xC1, 0x24, 0x4D, 0xBC, 0x00, 0x22, 0xB6, 0x00, 0xC5, 0x23, 0x56, 0x43, 0x7B, 0xFE, 0xFF, 0xF2, 0x34, 0xA5, 0x00, 0x23, 0x4E, 0xAA, 0x24, 0xFD, 0xED, 0x2A, 0x35, 0xEA, 0x2C, 0x67, 0xD5, 0x24, 0xE9, 0xD2, 0xAA, 0x24, 0x91, 0xB7, 0x24, 0x8F, 0xB2, 0x29, 0x02, 0xCD, 0x24, 0xA5, 0xCA, 0xAA, 0x25, 0x7E, 0xAF, 0x24, 0x81, 0xAB, 0x25, 0x86, 0xB0, 0x23, 0x01, 0xAA, 0xAA, 0x23, 0x4B, 0x96, 0x23, 0x4D, 0x90, 0x23, 0x5B, 0xA4, 0x23, 0x09, 0x9F, 0xAA, 0x2E, 0xFF, 0x8A, 0x23, 0x35, 0x85, 0x22, 0xED, 0x7D, 0x22, 0xE9, 0x77, 0xAA, 0x22, 0xDB, 0x67, 0x22, 0xD9, 0x62, 0x22, 0xE7, 0x72, 0x23, 0x39, 0x6D, 0xAA, 0x22, 0xE3, 0x5C, 0x22, 0xE5, 0x57, 0x23, 0x6B, 0x9A, 0x23, 0x37, 0x96, 0xAA, 0x23, 0x17, 0x80, 0x23, 0x19, 0x7C, 0x23, 0x77, 0x93, 0x23, 0x29, 0x90, 0xAA, 0x25, 0x4A, 0x79, 0x23, 0x21, 0x76, 0x22, 0xFF, 0x6A, 0x23, 0x01, 0x65, 0xAA, 0x24, 0x7A, 0x53, 0x22, 0xF9, 0x50, 0x28, 0xA9, 0x62, 0x23, 0x09, 0x5F, 0xAA, 0x25, 0x6C, 0x4D, 0x23, 0x01, 0x4A, 0x21, 0x7F, 0x53, 0x25, 0x78, 0x4E, 0xA2, 0x21, 0x77, 0x42, 0x21, 0x79, 0x3D, 0xFF, 0x52, 0x21, 0x85, 0x4E, 0xAA, 0x21, 0x87, 0x40, 0x21, 0x7D, 0x3C, 0x21, 0x7F, 0x3A, 0x21, 0x69, 0x35, 0xAA, 0x21, 0x6F, 0x2D, 0x25, 0xA4, 0x28, 0x2E, 0xFD, 0x30, 0x21, 0x65, 0x2C, 0xAA, 0x41, 0x53, 0x1E, 0x21, 0x61, 0x1B, 0x21, 0x9F, 0x41, 0x21, 0xDD, 0x3D, 0xAA, 0x21, 0xAB, 0x31, 0x21, 0x99, 0x2D, 0x21, 0xA7, 0x3B, 0x21, 0xAF, 0x38, 0xAA, 0x21, 0x9F, 0x2B, 0x21, 0xA1, 0x29, 0x24, 0xE8, 0x23, 0x21, 0x95, 0x20, 0xAA, 0x21, 0x77, 0x18, 0x21, 0x79, 0x15, 0x21, 0x87, 0x1E, 0x2F, 0x43, 0x1C, 0xAA, 0x21, 0x83, 0x13, 0x23, 0x5E, 0x12, 0x2F, 0x4F, 0x1D, 0x40, 0x1B, 0x19, 0x8A, 0x23, 0x6C, 0x14, 0xFF, 0x11, 0x26, 0x72, 0x14, 0x23, 0x76, 0x11, 0xA8, 0x20, 0x09, 0x0E, 0x20, 0x01, 0x0B, 0x21, 0xA3, 0x10, 0xFF, 0x0F, 0x20, 0xFF, 0x0D, 0x40, 0x03, 0x0B, 0xFF, 0x0A, 0xFF, 0x0C, 0xAA, 0x20, 0x03, 0x09, 0x25, 0x24, 0x08, 0x25, 0x28, 0x06, 0x25, 0x32, 0x13, 0xAA, 0x20, 0x1D, 0x10, 0x20, 0x1F, 0x0C, 0x20, 0x15, 0x0A, 0x25, 0x3C, 0x0F, 0xAB, 0x20, 0x33, 0x0D, 0x20, 0x27, 0x08, 0x20, 0x1D, 0x07, 0x25, 0x52, 0x50, 0x25, 0x56, 0x04, 0x20, 0x01, 0x03, 0x25, 0x76, 0x02, 0x80, 0x07, 0x50, 0x01, 0x01, 0xAC, 0x00, 0xB9, 0x7F, 0x20, 0x2C, 0x1D, 0x03, 0x04, 0xE9, 0x7F, 0x10, 0x04, 0x80, 0x59, 0x30, 0xC2, 0x30, 0xFE, 0xE2, 0x2C, 0x3A, 0x3A, 0x46, 0x20, 0xF8, 0xE9, 0xFF, 0x0C, 0x00, 0x95, 0x00, 0xDC, 0x00, 0x3E, 0x2E, 0x03, 0x1F, 0xA9, 0x80, 0xF2, 0x18, 0x00, 0x10, 0xF9, 0x38, 0xEF, 0x4F, 0x02, 0x50, 0x90, 0xFF, 0x1F, 0xFF, 0xC0, 0xD0, 0x00, 0xDE, 0x98, 0xBF, 0x1B, 0xCB, 0xFF, 0x2F, 0x23, 0xF2, 0x7F, 0xE0, 0x4B, 0xFF, 0x01, 0xCF, 0x27, 0x10, 0x3A, 0x60, 0x2B, 0x20, 0x01, 0x1C, 0x20, 0x20, 0x22, 0x1E, 0x1D, 0x80, 0x0E, 0x20, 0x1D, 0x0D, 0x20, 0x0F, 0xCE, 0xA2, 0x25, 0xBE, 0xB0, 0x25, 0xCC, 0xA0, 0x00, 0x04, 0x27, 0x9B, 0x03, 0x00, 0x20, 0xCA, 0x00, 0x00, 0xC0, 0xC0, 0x00, 0xCC, 0x00, 0xC0, 0xA3, 0x74, 0xA4, 0x0B, 0x05, 0x84, 0x14, 0x21, 0x0A, 0xBB, 0x3F, 0xFF, 0x01, 0x6C, 0x00, 0x90, 0x3F, 0xFF, 0x00, 0x12, 0xBB, 0x00, 0x06, 0x20, 0x00, 0xA5, 0xC9, 0x00, 0x20, 0x7B, 0xB6, 0xA0, 0x30, 0xAA, 0x1E, 0x18, 0x08, 0x00, 0xBA, 0x04, 0x09, 0x4F, 0xFF, 0xBA, 0x02, 0xDB, 0x80, 0x4F, 0xFF, 0x12, 0x20, 0xAB, 0x6C, 0x3C, 0x90, 0x70, 0x00, 0x4C, 0x3B, 0x80, 0x70, 0x38, 0x09, 0x2E, 0xB6, 0x0A, 0x29, 0x28, 0x03, 0xAC, 0x40, 0x3F, 0x4C, 0x90, 0x3F, 0x11, 0x00, 0x2B, 0xA6, 0xC9, 0xB8, 0x6C, 0xA6, 0xA0, 0x40, 0x02, 0xAA, 0x2E, 0x48, 0x00, 0xBA, 0x24, 0x30, 0x3F, 0x70, 0x0A, 0x10, 0xD5, 0x82, 0xDB, 0x38, 0x03, 0x09, 0x28, 0x1F, 0x3D, 0x00, 0x0C, 0x90, 0x60, 0x2E, 0xC7, 0xA0, 0xCA, 0x09, 0x90, 0x20, 0x59, 0x09, 0x07, 0x26, 0x5C, 0xC1, 0x00, 0x00, 0xD1, 0x20, 0xE1, 0x21, 0x40, 0x87, 0x00, 0x0B, 0x01, 0x6A, 0xE1, 0x00, 0xC1, 0x03, 0x00, 0xE1, 0xC1, 0x02, 0xAA, 0x7B, 0x02, 0xA7, 0xC4, 0xD0, 0x8B, 0x1C, 0x70, 0x58, 0x38, 0x50, 0x20, 0x00, 0x0A, 0x78, 0x41, 0xA0, 0xC5, 0x06, 0x01, 0xAE, 0x54, 0x5F, 0x10, 0x00, 0x38, 0x4F, 0x11, 0x99, 0x64, 0x10, 0x60, 0x0C, 0x11, 0x00, 0x5D, 0x11, 0x90, 0x15, 0x20, 0xB0, 0x2A, 0x80, 0x1F, 0x77, 0x1A, 0x22, 0xD0, 0x4A, 0xED, 0x80, 0x3F, 0xA8, 0x10, 0x02, 0x40, 0x3F, 0x20, 0x00, 0x37, 0x7C, 0xC0, 0x5F, 0x31, 0x6A, 0x1C, 0x27, 0x51, 0xC5, 0x00, 0x30, 0x9F, 0x1E, 0x05, 0x00, 0x40, 0xEA, 0x70, 0xDF, 0x3A, 0x6E, 0xA0, 0x0C, 0xBA, 0x5C, 0x40, 0x41, 0xCD, 0x30, 0xE3, 0xFF, 0x20, 0xF9, 0x00, 0xB7, 0xFF, 0xFF, 0xAF, 0xCF, 0x03, 0xD1, 0xF8, 0x01, 0xFF, 0x7F, 0xFE, 0xFF, 0x0C, 0x05, 0x06, 0x33, 0x15, 0x00, 0x00, 0x90, 0x80, 0xED, 0xFF, 0xEE, 0xFF, 0x79, 0x0A, 0x00, 0x77, 0x00, 0xEE, 0x20, 0x07, 0x77, 0x20, 0x07, 0x00, 0x01, 0xAA, 0x00, 0x07, 0xFF, 0xFF, 0x3F, 0xCF, 0x2B, 0x90, 0x06, 0xA5, 0x00, 0x00, 0xF9, 0xF8, 0x70, 0x17, 0x80, 0x1F, 0x4A, 0x00, 0x00, 0xA0, 0x6F, 0x6F, 0xF0, 0x30, 0x00, 0x9B, 0x07, 0x00, 0x00, 0xEF, 0x23, 0x00, 0x80, 0x37, 0x80, 0x3F, 0xEA, 0x05, 0x8B, 0x00, 0x30, 0x1F, 0x80, 0xE8, 0xAB, 0x59, 0xF7, 0x59, 0x00, 0x60, 0x3F, 0x3B, 0xFC, 0xE0, 0x6B, 0xF2, 0x00, 0xE0, 0x5F, 0x00, 0x90, 0x7F, 0xA2, 0x00, 0x6A, 0xF4, 0xF3, 0x2A, 0x9F, 0x8F, 0x90, 0xBF, 0xDE, 0x20, 0xDF, 0x97, 0xDC, 0x48, 0x01, 0x00, 0x20, 0x10, 0x7B, 0xFF, 0x02, 0xAF, 0xFC, 0x30, 0x24, 0xFF, 0xFA, 0x39, 0xE3, 0x4E, 0xFF, 0x24, 0xE5, 0x65, 0x50, 0x00, 0x01, 0xA9, 0x88, 0x05, 0x04, 0xFF, 0xF6, 0x1E, 0x0B, 0x8F, 0xB0, 0x50, 0xEF, 0x00, 0x4A, 0x9F, 0x01, 0x00, 0x32, 0x53, 0x07, 0x0C, 0xA2, 0x5C, 0x70, 0x25, 0x83, 0x90, 0x64, 0xF0, 0x41, 0xFA, 0x41, 0x45, 0xFF, 0xEF, 0x32, 0x02, 0x00, 0x20, 0xC5, 0x2A, 0xD9, 0x80, 0x80, 0x30, 0x03, 0xFF, 0x02, 0xFE, 0x05, 0x0B, 0xF8, 0xE1, 0x6F, 0x2B, 0x97, 0x80, 0x04, 0x90, 0x00, 0x05, 0x60, 0x00, 0x2F, 0x66, 0xB6, 0xFF, 0x00, 0xFF, 0x25, 0x06, 0x06, 0x1F, 0xF8, 0xF8, 0x9F, 0x22, 0xF8, 0xF7, 0x2F, 0x73, 0x06, 0x07, 0xBB, 0x25, 0xEC, 0xD0, 0x40, 0x40, 0x3B, 0xBB, 0xB8, 0x00, 0x6F, 0x6F, 0x70, 0xF0, 0x00, 0x6F, 0x6F, 0xE0, 0xE0, 0x68, 0xDF, 0x50, 0xA0, 0x08, 0xDF, 0xDF, 0x90, 0x90, 0x20, 0x0B, 0xF0, 0x4B, 0x00, 0x20, 0xB0, 0x00, 0x20, 0x0B, 0xA0, 0x9B, 0x00, 0x70, 0x00, 0x00, 0x89, 0xFF, 0xB6, 0x8D, 0xFF, 0xFF, 0x04, 0x03, 0x00, 0xAD, 0xFD, 0x23, 0x2F, 0xF3, 0xF3, 0x9F, 0xAF, 0x90, 0x20, 0x0B, 0x04, 0xBB, 0x2D, 0xB5, 0xF3, 0xF3, 0xAF, 0xBF, 0x00, 0xB2, 0x00, 0x8B, 0x00, 0xE8, 0xB0, 0xFF, 0xEF, 0x00, 0xC0, 0xC0, 0xFF, 0xFF, 0x49, 0x10, 0x81, 0xFD, 0x30, 0x90, 0xC1, 0x2B, 0x9B, 0x20, 0x0B, 0x90, 0x00, 0xBB, 0x00, 0x00, 0xA0, 0x21, 0xFF, 0xFF, 0x01, 0x00, 0xB3, 0x00, 0x00, 0xCC, 0x07, 0x7C, 0xFA, 0x68, 0xAC, 0xFB, 0x89, 0x00, 0x00, 0x0A, 0x95, 0xFA, 0x5F, 0x48, 0xF8, 0xF9, 0x00, 0x03, 0x06, 0x72, 0xFA, 0xBD, 0x21, 0x9D, 0x01, 0x00, 0x17, 0x0D, 0xF9, 0xF9, 0x01, 0x00, 0xB7, 0x00, 0x00, 0x58, 0xDF, 0xDB, 0xD8, 0x4F, 0x3F, 0x30, 0x20, 0x00, 0x3A, 0xFF, 0x00, 0x03, 0xFF, 0xFF, 0x38, 0x6A, 0x04, 0x4F, 0x4F, 0x20, 0x30, 0x3B, 0x2E, 0x19, 0xFF, 0xFF, 0x10, 0x4A, 0x0B, 0xBB, 0x2E, 0x18, 0x70, 0xFA, 0xCC, 0x5E, 0x00, 0xFF, 0xFF, 0x09, 0x08, 0xFA, 0xFA, 0x8F, 0x8F, 0x00, 0xF3, 0xF3, 0x8F, 0x7F, 0xFF, 0xFC, 0x08, 0x3D, 0x00, 0x91, 0x00, 0xDD, 0x00, 0xF3, 0xF9, 0x8F, 0x9F, 0x00, 0xBA, 0x00, 0x6B, 0x00, 0x00, 0xB0, 0xC7, 0xAF, 0x00, 0xF4, 0xF7, 0x6F, 0x7F, 0xDC, 0x70, 0x19, 0xDF, 0x00, 0x30, 0x30, 0xFF, 0xFF, 0xF5, 0xC0, 0x6F, 0x9F, 0x00, 0x10, 0x00, 0xD8, 0x00, 0x30, 0x60, 0xFF, 0xEF, 0x04, 0xDB, 0x12, 0x2A, 0x00, 0x31, 0x2E, 0x70, 0x09, 0x0C, 0x80, 0x34, 0xF2, 0xFF, 0xFE, 0x00, 0x10, 0xFD, 0xFF, 0x09, 0x88, 0x5B, 0xEB, 0x40, 0x40, 0xB0, 0x20, 0x2B, 0xFF, 0x9F, 0x1E, 0x68, 0x08, 0x36, 0x67, 0xAE, 0x7F, 0x05, 0x09, 0xE4, 0x31, 0x40, 0x00, 0xFF, 0x40, 0xE4, 0x3F, 0x49, 0x9F, 0xFF, 0x02, 0xBF, 0xFA, 0x30, 0x3B, 0xFF, 0xC8, 0x00, 0x0F, 0x49, 0x23, 0xFC, 0x24, 0x02, 0xEE, 0x24, 0x02, 0x40, 0x07, 0xFD, 0xA5, 0xFA, 0x5F, 0x74, 0x60, 0x17, 0x70, 0x1F, 0x00, 0x05, 0xDA, 0x09, 0x90, 0x1F, 0x87, 0xD0, 0xBF, 0x80, 0x55, 0xFA, 0x20, 0xFB, 0xF9, 0xFF, 0xFF, 0x8C, 0xAF, 0x08, 0x03, 0xFF, 0x5E, 0x04, 0x10, 0x16, 0x4D, 0xE6, 0x43, 0x4C, 0x49, 0x08, 0x4D, 0xFF, 0xFE, 0x14, 0x2F, 0xFF, 0x02, 0x02, 0x28, 0xC2, 0x26, 0xF7, 0x38, 0x90, 0x69, 0x6D, 0x61, 0x67, 0x37, 0x02, 0x80, 0xA0, 0x27, 0xBE, 0x0D, 0x67, 0x0F, 0x4A, 0x4A, 0xE3, 0x64, 0xDB, 0x00, 0xE2, 0x95, 0x36, 0xB4, 0xC5, 0xE8, 0xC1, 0x17, 0x00, 0xED, 0xFB, 0xAB, 0x9B, 0x18, 0xC3, 0x05, 0x24, 0x00, 0xB5, 0x7C, 0x77, 0xB7, 0xD1, 0x53, 0x44, 0x24, 0x00, 0xD2, 0xBC, 0x44, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 +}; + +static const unsigned char Nintendo_DistributedBy_LZ[0x2000] = +{ + 0x11, 0x48, 0x65, 0x00, 0x00, 0x64, 0x61, 0x72, 0x63, 0xFF, 0xFE, 0x1C, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x28, 0x65, 0x00, 0x00, 0x83, 0x30, 0x09, 0x38, 0x04, 0x00, 0x00, 0x60, 0x20, 0x03, 0x30, 0x13, 0xAB, 0x30, 0x18, 0x15, 0x20, 0x1D, 0x02, 0xA0, 0x0B, 0x06, 0x20, 0x2B, 0x30, 0x18, 0x5A, 0x09, 0x20, 0x35, 0x10, 0x20, 0x39, 0x30, 0x2B, 0xF8, 0x20, 0x41, 0x54, 0x85, 0x30, 0x0B, 0x05, 0x00, 0x00, 0xEC, 0x20, 0x4D, 0x98, 0x30, 0x17, 0xD0, 0x20, 0x28, 0x30, 0x17, 0xDC, 0x30, 0x23, 0x07, 0x00, 0x00, 0xCC, 0x09, 0x0C, 0x00, 0x00, 0x20, 0x20, 0x51, 0x40, 0x14, 0x20, 0x2B, 0xA0, 0x20, 0x0B, 0x64, 0x20, 0x5D, 0xA0, 0x20, 0x00, 0x00, 0x4C, 0x99, 0x20, 0x5C, 0xA8, 0x01, 0x50, 0x53, 0x20, 0x22, 0x00, 0xB2, 0x30, 0x75, 0x0A, 0x23, 0x00, 0x00, 0xB4, 0x20, 0x74, 0xE2, 0x20, 0x81, 0xC0, 0x09, 0x25, 0x00, 0x00, 0x3C, 0x20, 0x68, 0x12, 0x02, 0x50, 0x77, 0xA0, 0x30, 0x8F, 0x1C, 0x20, 0x90, 0x00, 0x36, 0x00, 0x00, 0x28, 0xA6, 0x20, 0xAB, 0x3E, 0x20, 0x9C, 0x80, 0x3A, 0x20, 0x0B, 0x20, 0xAD, 0x60, 0xAA, 0x30, 0x17, 0x3C, 0x50, 0x17, 0x82, 0x30, 0x17, 0x40, 0x20, 0x23, 0x08, 0x16, 0x00, 0x00, 0xA4, 0x30, 0x2F, 0x49, 0x20, 0x67, 0x20, 0xE9, 0xC4, 0xAB, 0x30, 0x3B, 0x4A, 0x50, 0x17, 0xDC, 0x30, 0x3B, 0x52, 0x20, 0x47, 0x20, 0xE0, 0x59, 0xF4, 0x30, 0x53, 0x55, 0x20, 0x53, 0x30, 0xD4, 0x00, 0x2E, 0x21, 0x13, 0x01, 0x61, 0x00, 0x6E, 0x00, 0x69, 0x00, 0x6D, 0x21, 0x1D, 0x41, 0x4E, 0x20, 0x07, 0x6E, 0x00, 0x74, 0x00, 0x65, 0x20, 0x11, 0x05, 0x64, 0x00, 0x6F, 0x00, 0x4C, 0x20, 0x03, 0x67, 0x20, 0x07, 0x14, 0x5F, 0x00, 0x44, 0x20, 0x03, 0x30, 0x20, 0x01, 0x5F, 0x00, 0x10, 0x53, 0x00, 0x63, 0x40, 0x1F, 0x65, 0x00, 0x4F, 0x00, 0x55, 0x75, 0x20, 0x2B, 0x41, 0x20, 0x43, 0x62, 0x20, 0x13, 0x6C, 0x40, 0x47, 0xAB, 0x02, 0x50, 0x43, 0x42, 0x03, 0x20, 0x43, 0x43, 0x01, 0x80, 0x87, 0x55, 0x03, 0x20, 0xCB, 0x00, 0x90, 0x43, 0xEB, 0x01, 0x90, 0xCB, 0x00, 0x90, 0x87, 0xF0, 0xCB, 0x62, 0x21, 0x5D, 0x79, 0x21, 0x97, 0x01, 0x31, 0xA1, 0xF5, 0x71, 0x8D, 0x00, 0xF0, 0x2F, 0x71, 0x05, 0xD0, 0x2F, 0x74, 0x42, 0x09, 0x67, 0x23, 0x29, 0x5E, 0x33, 0x22, 0x01, 0x73, 0xA2, 0x01, 0xB0, 0x5B, 0x52, 0x2D, 0x00, 0x10, 0x21, 0x31, 0xAA, 0x01, 0x00, 0x21, 0x32, 0x01, 0x00, 0x43, 0x33, 0xE0, 0x65, 0x4C, 0x23, 0x71, 0x4D, 0x8F, 0x22, 0xA3, 0x73, 0x00, 0x6B, 0x00, 0x40, 0x85, 0x30, 0x1F, 0x00, 0xB0, 0x17, 0xF0, 0x93, 0xD1, 0xF2, 0xE3, 0x32, 0xDB, 0x69, 0x20, 0xE9, 0x74, 0x00, 0x72, 0x23, 0x05, 0x55, 0x62, 0x42, 0xD3, 0x65, 0x22, 0xFD, 0x42, 0x21, 0x71, 0x5F, 0x20, 0xD1, 0x05, 0x32, 0x00, 0x38, 0x00, 0x78, 0x23, 0x84, 0x34, 0xE0, 0xFD, 0x81, 0xB0, 0x02, 0x43, 0x4C, 0x41, 0x4E, 0xFF, 0xFE, 0x23, 0xF0, 0x18, 0x00, 0x02, 0x02, 0x34, 0x23, 0x33, 0xB6, 0x70, 0x61, 0x74, 0x74, 0x31, 0x23, 0xA2, 0x44, 0x5E, 0x34, 0x79, 0x28, 0x33, 0x93, 0xFF, 0xFF, 0x40, 0xFF, 0x34, 0x6C, 0x53, 0x63, 0x65, 0x6E, 0x65, 0x4F, 0x10, 0x75, 0x74, 0x41, 0x24, 0x91, 0x47, 0x5F, 0x41, 0x5F, 0x21, 0x30, 0x30, 0xD0, 0x50, 0x70, 0x61, 0x69, 0x31, 0x33, 0xC3, 0x9A, 0x50, 0x3F, 0x02, 0x00, 0x30, 0x59, 0x34, 0xBD, 0x68, 0x24, 0xC1, 0x50, 0x00, 0x5F, 0x4E, 0x69, 0x6E, 0x4C, 0x6F, 0x67, 0x6F, 0xE1, 0xA0, 0x35, 0x34, 0xC0, 0x34, 0xDD, 0x43, 0x4C, 0x56, 0x43, 0x74, 0x5F, 0x1E, 0x00, 0x10, 0x02, 0x40, 0x87, 0x40, 0x0B, 0xD0, 0x5D, 0x20, 0x76, 0x7F, 0x40, 0x43, 0x35, 0x0C, 0x4E, 0x5F, 0x52, 0x6F, 0x6F, 0x74, 0xE7, 0xD0, 0x7E, 0x00, 0x70, 0x4B, 0x80, 0x57, 0x00, 0x20, 0x20, 0x3B, 0x50, 0x3F, 0x00, 0x30, 0xFF, 0xF1, 0x35, 0x17, 0xB0, 0xFF, 0x24, 0xF2, 0x80, 0xFF, 0x00, 0x00, 0x1E, 0x45, 0x6C, 0xAB, 0x70, 0xFF, 0x42, 0x40, 0xFF, 0x42, 0x00, 0x40, 0xFF, 0x9C, 0x80, 0x2D, 0x90, 0xFF, 0x65, 0x5C, 0x01, 0xE0, 0xFF, 0x90, 0xB3, 0x34, 0xC2, 0x02, 0xD0, 0xF3, 0xC8, 0x20, 0xAA, 0xF7, 0xD0, 0xF3, 0x01, 0x71, 0xFF, 0x31, 0x39, 0x71, 0xFF, 0x65, 0x23, 0x51, 0xB1, 0xFF, 0x31, 0x84, 0x16, 0x47, 0x5F, 0x43, 0x00, 0x81, 0xFF, 0x0F, 0xE1, 0xFF, 0x02, 0x90, 0xFF, 0x12, 0x65, 0xC3, 0x02, 0x31, 0xF3, 0x92, 0x3F, 0x80, 0xBF, 0x91, 0xF3, 0x60, 0x32, 0xB6, 0xED, 0x00, 0x82, 0xFF, 0x36, 0xFF, 0x03, 0x32, 0xFF, 0x7C, 0x27, 0x47, 0x53, 0x3F, 0x0D, 0x42, 0xFF, 0x55, 0x48, 0x27, 0xBD, 0xB0, 0x27, 0xC1, 0xA4, 0x27, 0xAD, 0x24, 0x27, 0xA8, 0x82, 0x36, 0xEB, 0x30, 0x03, 0x00, 0x00, 0xBC, 0x20, 0x03, 0x24, 0xB4, 0x27, 0xCB, 0x88, 0x37, 0x93, 0x27, 0xB4, 0xB0, 0x27, 0x07, 0x74, 0x0A, 0x0B, 0x00, 0x00, 0x78, 0x0B, 0x32, 0xDF, 0x57, 0x00, 0x03, 0x5B, 0x37, 0x52, 0xE5, 0x27, 0x8E, 0x26, 0xD1, 0x33, 0xB7, 0x50, 0x41, 0x83, 0x2F, 0x02, 0xF2, 0xE3, 0xC5, 0x73, 0xDB, 0x01, 0x13, 0x07, 0x50, 0x5F, 0x33, 0x00, 0x80, 0x67, 0xB8, 0x60, 0x67, 0xDD, 0x20, 0xAA, 0x43, 0xC7, 0x38, 0x63, 0xC7, 0x30, 0x6F, 0x93, 0x9F, 0xA0, 0x24, 0x0A, 0x4C, 0xA0, 0x27, 0xC5, 0x80, 0xBE, 0x24, 0x39, 0x23, 0x16, 0xA0, 0xC0, 0x8C, 0x48, 0x99, 0x06, 0x02, 0x00, 0x30, 0x37, 0x70, 0x23, 0x33, 0x33, 0x02, 0xB3, 0x3F, 0xFC, 0x2D, 0xEC, 0xBC, 0x70, 0x0B, 0x0A, 0x32, 0xD7, 0x23, 0x20, 0x0B, 0x30, 0x2F, 0x80, 0x3F, 0x48, 0xC9, 0x07, 0xF1, 0x01, 0xD0, 0x2F, 0xF4, 0x2F, 0xB0, 0x6B, 0x39, 0x2C, 0x40, 0x9D, 0x1C, 0x30, 0x97, 0xBF, 0x61, 0xEF, 0xCC, 0x28, 0x65, 0x30, 0x9B, 0x70, 0xF3, 0x24, 0x87, 0xE4, 0xB9, 0x71, 0x5B, 0x70, 0x50, 0xF1, 0x5B, 0x29, 0x59, 0xD4, 0x8B, 0x80, 0x41, 0xCD, 0xCC, 0x5F, 0xCC, 0x20, 0xEB, 0x20, 0x34, 0x02, 0x00, 0x41, 0x67, 0x00, 0x14, 0xBB, 0x30, 0x7F, 0x30, 0x2F, 0x9A, 0x71, 0x73, 0x44, 0x73, 0xF5, 0x38, 0x01, 0xA0, 0x7F, 0xC1, 0x20, 0x7F, 0x3E, 0x8E, 0x02, 0xD0, 0x7F, 0x52, 0x65, 0x64, 0x01, 0x70, 0xFF, 0xC1, 0xEB, 0x45, 0x43, 0xC2, 0x14, 0xB7, 0x6D, 0xDB, 0x20, 0x7F, 0x8C, 0x25, 0x02, 0x20, 0xC1, 0xD4, 0x00, 0xD1, 0x8B, 0xB6, 0x6C, 0x5C, 0xA4, 0x87, 0xB4, 0x41, 0x3B, 0x92, 0x24, 0x2F, 0xE9, 0xC0, 0x60, 0x8B, 0x31, 0x00, 0x32, 0xE7, 0x35, 0x33, 0xF2, 0xE7, 0x92, 0x53, 0x5F, 0xF0, 0x26, 0x82, 0x20, 0x25, 0x1B, 0x90, 0x0B, 0x50, 0x97, 0x34, 0xEF, 0x00, 0x50, 0x97, 0xEB, 0x96, 0x53, 0x30, 0x3B, 0x77, 0x08, 0xAA, 0xF1, 0x17, 0x32, 0x02, 0x13, 0x73, 0x32, 0xF7, 0xFE, 0x50, 0x8B, 0x00, 0x96, 0x7B, 0x33, 0x1B, 0x57, 0x7C, 0x00, 0x31, 0x7F, 0x3B, 0xB0, 0x57, 0x07, 0x54, 0x6D, 0x53, 0x2B, 0x0E, 0x47, 0x73, 0x4C, 0x37, 0x8B, 0x2B, 0xF9, 0x94, 0x63, 0x8B, 0xD8, 0x3B, 0xA7, 0x3B, 0xF1, 0x24, 0x4B, 0xF5, 0x00, 0x01, 0x97, 0xC0, 0x39, 0x8E, 0x7A, 0xE3, 0x2B, 0x59, 0x51, 0x5B, 0x5C, 0x1D, 0x01, 0x20, 0x23, 0x03, 0xF7, 0x6B, 0x40, 0x04, 0x41, 0x9E, 0x15, 0x8D, 0xBD, 0x31, 0xA3, 0x9A, 0x99, 0x6A, 0xB9, 0x2B, 0x9D, 0x2C, 0x7A, 0x04, 0x01, 0x10, 0x23, 0x01, 0x01, 0x20, 0x8F, 0x01, 0xAB, 0x01, 0x20, 0x8F, 0x01, 0x00, 0x10, 0x8F, 0xC1, 0x20, 0x8F, 0x3D, 0x60, 0x8F, 0x44, 0x5B, 0x60, 0x01, 0x00, 0x10, 0x8F, 0x00, 0x00, 0x23, 0x50, 0x5F, 0x42, 0x6C, 0x6B, 0x80, 0x03, 0xE1, 0x63, 0x9A, 0x99, 0x19, 0xC0, 0x0E, 0x74, 0xDA, 0xFF, 0x00, 0xC1, 0x63, 0x00, 0x40, 0x23, 0x04, 0x61, 0x63, 0x00, 0x30, 0x8F, 0xF1, 0x63, 0x00, 0x40, 0x23, 0x03, 0x81, 0x63, 0x00, 0x13, 0xBB, 0xAA, 0x00, 0x32, 0xC7, 0x58, 0x2E, 0xBD, 0x88, 0x66, 0x4F, 0xE8, 0x2E, 0xC9, 0x18, 0xAF, 0x2E, 0xB5, 0x48, 0x2E, 0xB9, 0x78, 0x62, 0xC7, 0xE3, 0xD3, 0x56, 0x3F, 0x60, 0x0B, 0xBD, 0x52, 0xD3, 0xF0, 0xC2, 0xD3, 0x01, 0xC0, 0x2F, 0x22, 0xDF, 0xD4, 0x33, 0x40, 0x68, 0x03, 0xDF, 0x50, 0x0B, 0x52, 0xEB, 0xF0, 0xC2, 0xEB, 0x01, 0xB0, 0x2F, 0x32, 0xF7, 0x01, 0xB0, 0xBF, 0x33, 0x03, 0xFF, 0x01, 0xC0, 0x2F, 0x00, 0x10, 0xBF, 0x45, 0x73, 0x70, 0x0B, 0x53, 0x1B, 0x40, 0xBF, 0x83, 0x1B, 0x01, 0xB0, 0x2F, 0xFF, 0x63, 0x27, 0x03, 0xC1, 0xC3, 0x33, 0x27, 0x75, 0x97, 0x93, 0x33, 0x00, 0x91, 0xC3, 0x01, 0x00, 0x2F, 0x05, 0xE1, 0xC3, 0xFF, 0x00, 0xF0, 0xBF, 0xF1, 0xC3, 0x01, 0x00, 0x2F, 0x05, 0x01, 0xC3, 0x00, 0x16, 0xB7, 0x00, 0x36, 0x4F, 0x35, 0xCC, 0x33, 0x8B, 0xD7, 0x36, 0x53, 0x33, 0x8F, 0xA0, 0x69, 0xE3, 0xD0, 0x6D, 0xAB, 0xE6, 0xCF, 0x59, 0xC7, 0xFF, 0x26, 0x43, 0x00, 0x40, 0x17, 0x26, 0x37, 0xD6, 0xFF, 0x63, 0x57, 0x26, 0x2B, 0x00, 0x30, 0x17, 0x36, 0x1F, 0xFF, 0x00, 0x30, 0x5F, 0x36, 0x13, 0x00, 0x40, 0x17, 0x00, 0x10, 0x5F, 0x48, 0x6B, 0x35, 0xFB, 0x00, 0x30, 0x17, 0x65, 0xEF, 0xFF, 0x03, 0xC1, 0x03, 0x82, 0xC7, 0xE1, 0x03, 0x82, 0xDF, 0x02, 0xE1, 0x03, 0x73, 0x27, 0xF1, 0x03, 0x80, 0x17, 0xDB, 0x01, 0xE1, 0x03, 0x00, 0xFD, 0xDF, 0x54, 0xEC, 0xDF, 0x02, 0x7E, 0xDF, 0x04, 0x2F, 0xA4, 0x5F, 0x0D, 0xAA, 0xDC, 0xDF, 0x50, 0x2F, 0xCC, 0xB8, 0x2F, 0xD0, 0x20, 0x2F, 0xBC, 0xA0, 0xAA, 0x2F, 0xC0, 0x2C, 0x2C, 0xE3, 0xAC, 0x2C, 0xE7, 0x10, 0x2C, 0xDF, 0x74, 0x97, 0x2C, 0xDF, 0xD8, 0x07, 0x2D, 0x17, 0x09, 0x2C, 0x31, 0x2C, 0xE3, 0x02, 0x9C, 0xDF, 0xF5, 0x3E, 0xCF, 0x00, 0xFC, 0xDF, 0x9E, 0xF3, 0x00, 0xBC, 0xDF, 0x7C, 0xEC, 0xDF, 0x2C, 0x6D, 0x5B, 0xFF, 0xDD, 0x4F, 0x4C, 0xE3, 0x8C, 0xD3, 0xD0, 0x17, 0x9C, 0xBB, 0x00, 0x30, 0x17, 0x00, 0x9F, 0xD3, 0x3F, 0xFD, 0xEF, 0x01, 0x1C, 0x8B, 0x00, 0x0D, 0xE7, 0xC3, 0xA3, 0xA0, 0x81, 0xF3, 0x00, 0x9F, 0xFB, 0x30, 0x23, 0x01, 0x1C, 0x73, 0xDB, 0x03, 0xD0, 0x67, 0x02, 0x7C, 0x5B, 0x70, 0x2B, 0xCB, 0x7C, 0x5B, 0x20, 0x3B, 0xDB, 0x00, 0xEB, 0xC3, 0xFB, 0x3E, 0x67, 0x7F, 0xD7, 0x5B, 0xCF, 0x00, 0xFC, 0x4F, 0x00, 0xDC, 0xDB, 0xF0, 0x2C, 0xCB, 0x80, 0x7F, 0xEF, 0x01, 0x2C, 0xDB, 0x30, 0x2F, 0x7F, 0xFB, 0xC8, 0x2F, 0x03, 0x7C, 0xDB, 0x5B, 0xE7, 0xAC, 0xDB, 0xFF, 0x00, 0x4C, 0x4F, 0x03, 0x3D, 0x67, 0x00, 0x1E, 0x67, 0xDD, 0x67, 0x04, 0x1C, 0x67, 0x41, 0xA3, 0x79, 0x93, 0x9D, 0x43, 0xFF, 0xCC, 0x67, 0x00, 0x60, 0x23, 0xCC, 0x67, 0x31, 0xEB, 0x89, 0x7B, 0x28, 0x2F, 0x00, 0x3C, 0x67, 0x00, 0x50, 0x23, 0xFF, 0xDC, 0x67, 0x00, 0x50, 0x8F, 0xDC, 0x67, 0x00, 0x60, 0x23, 0x00, 0x10, 0x8F, 0x79, 0x4B, 0x30, 0x8F, 0x00, 0x2C, 0x67, 0xCF, 0x00, 0x50, 0x23, 0x04, 0x1C, 0x67, 0x70, 0xC2, 0xA9, 0x33, 0x00, 0x81, 0x63, 0x00, 0x40, 0x23, 0x04, 0x61, 0x63, 0xFF, 0x00, 0x30, 0x8F, 0xF1, 0x63, 0x00, 0x40, 0x23, 0x03, 0x81, 0x63, 0x01, 0x5C, 0x67, 0x01, 0x9F, 0x2F, 0x43, 0xEB, 0x6F, 0x2F, 0xFF, 0x9F, 0x97, 0xDF, 0x2F, 0x00, 0x60, 0x23, 0xCF, 0x2F, 0x34, 0x33, 0x7F, 0x2F, 0x38, 0x2F, 0x00, 0x3F, 0x2F, 0xFF, 0x00, 0x50, 0x23, 0xDF, 0x2F, 0x00, 0x50, 0x8F, 0xDF, 0x2F, 0x00, 0x60, 0x23, 0x00, 0x10, 0x8F, 0x6F, 0x2F, 0x40, 0x8F, 0xFF, 0x00, 0x2F, 0x2F, 0x00, 0x50, 0x23, 0x01, 0x7C, 0x07, 0x01, 0xB1, 0x63, 0x9F, 0x2F, 0x00, 0x91, 0x63, 0x00, 0x40, 0x23, 0x04, 0x61, 0x63, 0xFF, 0x00, 0x30, 0x8F, 0xF1, 0x63, 0x00, 0x40, 0x23, 0x03, 0x81, 0x63, 0x01, 0x5B, 0xA7, 0x01, 0x95, 0x8F, 0x46, 0x27, 0x6F, 0x23, 0xFF, 0x9F, 0xDF, 0xD5, 0x8F, 0x00, 0x60, 0x23, 0xC5, 0x8F, 0x4F, 0xDF, 0x6F, 0x0B, 0x4F, 0xDF, 0x00, 0x25, 0x8F, 0xFF, 0x00, 0x50, 0x23, 0xD5, 0x8F, 0x00, 0x50, 0x8F, 0xD5, 0x8F, 0x00, 0x60, 0x23, 0x00, 0x10, 0x8F, 0x6E, 0xDB, 0x40, 0x8F, 0xFF, 0x00, 0x25, 0x8F, 0x00, 0x50, 0x23, 0x01, 0x7C, 0x07, 0x01, 0xB1, 0x63, 0x9E, 0xC3, 0x00, 0x91, 0x63, 0x00, 0x40, 0x23, 0x04, 0x61, 0x63, 0xFB, 0x00, 0x30, 0x8F, 0xF1, 0x63, 0x00, 0x40, 0x23, 0x03, 0x61, 0x63, 0x00, 0x7C, 0x5F, 0x4C, 0x2C, 0x5C, 0xBC, 0x5F, 0xC6, 0x3E, 0x51, 0x7C, 0x5F, 0x65, 0x00, 0x73, 0xCC, 0x5F, 0x3B, 0x9C, 0x47, 0x2B, 0x5F, 0x43, 0x00, 0x4C, 0x5F, 0xFC, 0x2E, 0xBB, 0x0F, 0x5B, 0x58, 0x4C, 0x5F, 0xD5, 0x3C, 0x82, 0x3B, 0xAB, 0xBC, 0x2F, 0xFF, 0xFC, 0x2F, 0xF8, 0x3C, 0x2E, 0xDB, 0x5F, 0x7C, 0x2E, 0xDF, 0xBC, 0x2E, 0xE3, 0x00, 0x3C, 0x47, 0x3E, 0xC7, 0x5E, 0xFB, 0x00, 0x7A, 0x3B, 0x2F, 0x80, 0xBF, 0x9A, 0x3B, 0x60, 0x88, 0xC7, 0x00, 0x3C, 0x2B, 0x00, 0x70, 0x4B, 0x9F, 0x2B, 0x77, 0xCA, 0x2A, 0xB7, 0x00, 0x9B, 0xCB, 0x01, 0x10, 0x3F, 0xF2, 0xA0, 0x3F, 0x00, 0x1B, 0xA3, 0x01, 0xD0, 0x3F, 0xDE, 0x00, 0x29, 0xEF, 0x01, 0x00, 0xBF, 0x8E, 0x2B, 0x77, 0x70, 0xFF, 0x00, 0x27, 0x67, 0x01, 0x00, 0xFF, 0x24, 0xEC, 0xF0, 0x3F, 0xDF, 0x83, 0x01, 0x01, 0x3F, 0x30, 0x00, 0x8E, 0xBB, 0x5E, 0xBF, 0x59, 0x54, 0xA8, 0x7E, 0xBF, 0xB4, 0x2E, 0xBC, 0x10, 0x2F, 0xFB, 0x6C, 0x79, 0x74, 0x64, 0x31, 0x3E, 0xD1, 0x4A, 0x9E, 0x00, 0xA0, 0x2D, 0xE7, 0x70, 0x43, 0x05, 0x74, 0x78, 0x6C, 0x31, 0x34, 0x61, 0xFB, 0x04, 0x2F, 0xFF, 0x80, 0x2D, 0x55, 0x74, 0x65, 0x6E, 0x64, 0x6F, 0x5F, 0x44, 0x00, 0x69, 0x73, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x00, 0x65, 0x64, 0x42, 0x79, 0x5F, 0x31, 0x32, 0x38, 0x00, 0x78, 0x36, 0x34, 0x2E, 0x62, 0x63, 0x6C, 0x69, 0x17, 0x6D, 0x00, 0x6D, 0x2F, 0x07, 0x60, 0x62, 0x2F, 0x30, 0x57, 0x4D, 0x8B, 0x08, 0x4C, 0x6F, 0x67, 0x6F, 0xAE, 0xF5, 0xFF, 0xFF, 0xFF, 0xDF, 0x30, 0x03, 0x00, 0x40, 0x02, 0x15, 0x5F, 0xEC, 0x30, 0x6E, 0xAF, 0x7E, 0x3E, 0x13, 0x5E, 0x17, 0x08, 0x70, 0x61, 0x6E, 0x31, 0x3B, 0x5B, 0x01, 0x04, 0xFF, 0x00, 0x00, 0x52, 0x6F, 0x6F, 0x74, 0x50, 0x61, 0x6E, 0x70, 0x65, 0x00, 0xB0, 0xEB, 0x00, 0x50, 0x47, 0x50, 0xDF, 0x70, 0x61, 0x73, 0x31, 0xD3, 0x3B, 0xAF, 0x70, 0x53, 0x03, 0x20, 0x53, 0x4E, 0x5F, 0x30, 0x55, 0x00, 0x0F, 0xA2, 0xD0, 0x01, 0x20, 0x53, 0x4C, 0xDF, 0x42, 0x80, 0x53, 0x69, 0x63, 0x31, 0x80, 0x9F, 0x3C, 0x1B, 0x07, 0xFF, 0x00, 0x41, 0x03, 0x7E, 0xEC, 0x2D, 0x67, 0x82, 0x2B, 0x00, 0x20, 0xEF, 0x9E, 0x2F, 0x6F, 0x80, 0x42, 0xF1, 0x2B, 0x71, 0xA5, 0xCF, 0x2F, 0xC1, 0x27, 0x80, 0x0C, 0x3F, 0x70, 0x61, 0x65, 0x60, 0xDB, 0x50, 0x07, 0x67, 0x72, 0x30, 0x70, 0x31, 0x3C, 0xA3, 0x31, 0x33, 0x47, 0x72, 0x6F, 0x75, 0xCE, 0x3C, 0x9B, 0x7F, 0xF3, 0x67, 0x72, 0x51, 0x07, 0x30, 0x23, 0x34, 0x63, 0x47, 0x3F, 0x5F, 0x41, 0xCF, 0xDF, 0x3F, 0xDB, 0xF1, 0x17, 0xF1, 0xD7, 0x30, 0x5F, 0x3F, 0xEB, 0x1F, 0x47, 0x5F, 0x42, 0xCF, 0x79, 0x3F, 0xF3, 0x00, 0x90, 0x2B, 0xD4, 0xAB, 0x3F, 0xEF, 0x9A, 0xF1, 0x7F, 0x67, 0x72, 0x50, 0xC7, 0x00, 0x72, 0xBF, 0x3C, 0x22, 0xBC, 0x22, 0xB5, 0x00, 0x02, 0xBF, 0xC8, 0x82, 0xBF, 0x3D, 0x7F, 0x07, 0x64, 0xBB, 0x2D, 0x2F, 0xFF, 0x9D, 0x2F, 0x08, 0x00, 0x4F, 0x34, 0xA1, 0x32, 0xF3, 0x2F, 0xFF, 0x78, 0x2F, 0xFB, 0x1D, 0x33, 0x64, 0x73, 0x62, 0xA1, 0x62, 0xC4, 0x80, 0x10, 0x31, 0xF0, 0x10, 0x53, 0x32, 0xF0, 0x21, 0x33, 0x62, 0xF7, 0x4C, 0x54, 0x90, 0x3E, 0x30, 0x0B, 0x83, 0x70, 0x39, 0x4C, 0x54, 0x4D, 0x61, 0x73, 0x3C, 0xCC, 0xA3, 0x1F, 0x05, 0xA8, 0x06, 0x00, 0x00, 0x0B, 0x2F, 0xFF, 0x38, 0x2F, 0xFF, 0x55, 0x88, 0x2F, 0xFB, 0x08, 0x2F, 0xF4, 0x88, 0x2F, 0xF8, 0x08, 0x2F, 0xD4, 0x55, 0x88, 0x2F, 0xD8, 0x4C, 0x2F, 0x10, 0xE8, 0x2F, 0x14, 0xAC, 0x23, 0x74, 0x3B, 0x48, 0x05, 0x2F, 0xD7, 0x20, 0x2F, 0x00, 0x35, 0x47, 0xAA, 0x53, 0x4B, 0x00, 0x83, 0x47, 0x76, 0x02, 0x00, 0xA3, 0x47, 0x00, 0x35, 0x57, 0x00, 0xB3, 0x97, 0xD5, 0x20, 0xB3, 0x00, 0xB3, 0x97, 0x40, 0xD0, 0x24, 0x20, 0x30, 0x03, 0x11, 0x2F, 0xFB, 0x74, 0x06, 0x00, 0x04, 0xC3, 0x30, 0x03, 0x30, 0x0B, 0x65, 0x06, 0x00, 0x01, 0x30, 0x03, 0x30, 0x17, 0xD3, 0x31, 0x87, 0x5E, 0x03, 0x05, 0x2F, 0x47, 0x4F, 0x5F, 0x31, 0x32, 0x01, 0xB0, 0x7F, 0x60, 0x01, 0x03, 0xE0, 0x7F, 0xD2, 0xA9, 0x00, 0x00, 0x8C, 0x8C, 0x8C, 0xEF, 0x05, 0xA0, 0x7F, 0x00, 0x16, 0x97, 0x00, 0xF1, 0x7F, 0x03, 0x03, 0xC1, 0x7F, 0x00, 0x16, 0xD7, 0x45, 0x9B, 0x2F, 0xB4, 0x96, 0x00, 0x25, 0x9B, 0x80, 0x3F, 0x23, 0x44, 0x04, 0x25, 0x97, 0x30, 0x03, 0x06, 0x01, 0x00, 0x06, 0x06, 0x73, 0x09, 0xED, 0xBE, 0x30, 0x03, 0x86, 0x3F, 0xFB, 0x3A, 0x57, 0xDE, 0x40, 0x30, 0x03, 0xE0, 0x13, 0xC0, 0xE0, 0x30, 0x03, 0x00, 0x75, 0xC7, 0x78, 0x54, 0x10, 0x04, 0x00, 0x01, 0x10, 0x14, 0x04, 0x10, 0x02, 0xA2, 0x37, 0x46, 0xF2, 0x37, 0x26, 0x06, 0x1F, 0x02, 0x05, 0x66, 0x23, 0x33, 0x00, 0x12, 0x43, 0x4D, 0x5F, 0x00, 0x35, 0xAA, 0x00, 0x36, 0x5E, 0x2C, 0x80, 0xEA, 0x23, 0x77, 0x05, 0x26, 0x5B, 0x30, 0x03, 0x30, 0x8E, 0x3E, 0xE3, 0xBE, 0x30, 0x03, 0xB0, 0xBF, 0xE0, 0x13, 0xC0, 0xBF, 0x50, 0xA7, 0x00, 0xF0, 0x00, 0xC0, 0xA7, 0x00, 0x21, 0x5F, 0xCF, 0x5F, 0x01, 0xB1, 0x5F, 0x2F, 0xA1, 0xBD, 0xBF, 0xC3, 0x30, 0x03, 0x3F, 0xF7, 0xCE, 0x95, 0x17, 0x41, 0x30, 0x03, 0xE0, 0x13, 0x78, 0xC1, 0x30, 0x03, 0x05, 0x21, 0x5F, 0x00, 0x00, 0xC3, 0x01, 0x31, 0x5F, 0x61, 0x0B, 0xB6, 0x7F, 0xBF, 0x30, 0x03, 0xB0, 0xBF, 0xE0, 0x13, 0xC0, 0xBF, 0x02, 0x61, 0x5F, 0xCD, 0xF7, 0x01, 0xB2, 0xBF, 0xFF, 0x3F, 0xF7, 0x50, 0x03, 0x5D, 0xA7, 0x50, 0x03, 0xC0, 0x13, 0x4F, 0xF7, 0x05, 0x22, 0xBF, 0x00, 0x00, 0xC3, 0xFF, 0x01, 0x32, 0xBF, 0x3F, 0xE3, 0x3F, 0xE7, 0xB0, 0xBF, 0xE0, 0x13, 0xC0, 0xBF, 0x01, 0xF2, 0xBF, 0x03, 0x59, 0x67, 0xFF, 0x57, 0x87, 0x00, 0x59, 0x67, 0x00, 0x1C, 0x63, 0x99, 0x13, 0x40, 0x03, 0x00, 0x79, 0x13, 0x3F, 0x93, 0xC9, 0x67, 0x58, 0xA0, 0x4E, 0xC7, 0xF5, 0x00, 0x84, 0xD3, 0x70, 0x53, 0x46, 0x31, 0x32, 0xE8, 0x00, 0x63, 0x2F, 0x58, 0x2F, 0xFA, 0x93, 0x05, 0x4F, 0xF1, 0x00, 0x00, 0xCD, 0x27, 0xCC, 0x4C, 0x28, 0x36, 0x80, 0x3F, 0x50, 0x07, 0x40, 0x0F, 0x4A, 0x8F, 0xFF, 0x50, 0x07, 0x9F, 0xEC, 0xE0, 0x0B, 0x40, 0x03, 0x00, 0x0A, 0x0F, 0x2A, 0xB7, 0x00, 0xA4, 0xB7, 0x60, 0xFB, 0x7D, 0x20, 0x01, 0xC0, 0xA7, 0x27, 0x62, 0x01, 0x00, 0xA7, 0x8A, 0x0F, 0x81, 0x2F, 0x91, 0x00, 0x84, 0xA3, 0x8B, 0x71, 0x83, 0x10, 0xF4, 0xBF, 0x01, 0xC1, 0x2F, 0x07, 0x04, 0xD1, 0x2F, 0x00, 0x80, 0xA7, 0xBE, 0x01, 0xF1, 0x2F, 0x08, 0x02, 0x41, 0x2F, 0x00, 0x5D, 0x8B, 0xE1, 0xB7, 0xEB, 0xCB, 0x00, 0xD2, 0x5F, 0x09, 0xEF, 0x04, 0xD2, 0x5F, 0x00, 0xB0, 0xA7, 0x01, 0xC3, 0x07, 0x0A, 0x01, 0xE2, 0x5F, 0x92, 0xE7, 0x00, 0x1F, 0xFB, 0x5F, 0xC7, 0x6B, 0xF8, 0x25, 0x6F, 0x3C, 0xFB, 0xA0, 0x00, 0x68, 0x1F, 0x10, 0x43, 0xE3, 0x00, 0x5C, 0xF7, 0x47, 0x50, 0x43, 0x83, 0x00, 0x00, 0x44, 0x6C, 0xF7, 0x30, 0x0F, 0x3E, 0x1F, 0xE7, 0x30, 0x0F, 0x2C, 0xF7, 0x6D, 0x77, 0x03, 0x08, 0x6D, 0x77, 0x00, 0xC3, 0x67, 0x00, 0x70, 0x7F, 0xAF, 0x4D, 0x77, 0x41, 0xFE, 0xA3, 0x01, 0x01, 0x4D, 0x77, 0x00, 0x3D, 0xFF, 0x00, 0x1A, 0xEB, 0x01, 0x94, 0xEB, 0xF7, 0x00, 0x10, 0x87, 0x5F, 0xE9, 0x00, 0xED, 0xFF, 0x7E, 0x7F, 0x01, 0x50, 0x7F, 0xFA, 0xEB, 0x02, 0xB0, 0x7F, 0x7B, 0x03, 0x8E, 0x7F, 0x9E, 0x6F, 0xFE, 0x8F, 0x00, 0x02, 0x0F, 0x03, 0x3F, 0x07, 0x00, 0x1A, 0xF3, 0xF5, 0x01, 0x91, 0x8F, 0x00, 0x12, 0x0F, 0x2A, 0x3A, 0x04, 0x8F, 0x07, 0xDC, 0x00, 0x2F, 0x07, 0x0C, 0x4F, 0x07, 0xFF, 0xD6, 0xB7, 0xFD, 0x97, 0xFD, 0x57, 0xFC, 0xE7, 0xFC, 0x77, 0xFC, 0x07, 0xFB, 0x97, 0xFA, 0xE3, 0xFB, 0xFA, 0x57, 0xF9, 0xA3, 0xF9, 0x17, 0xF8, 0x63, 0x3F, 0xE3, 0xCC, 0x00, 0x2F, 0xA7, 0x3E, 0x8F, 0xAE, 0x0A, 0x30, 0xCB, 0x2C, 0x41, 0xA7, 0x43, 0xCF, 0x1B, 0x37, 0x0D, 0xF8, 0x5F, 0x67, 0x60, 0x72, 0x56, 0xFF, 0x01, 0x48, 0xC3, 0x40, 0x00, 0x78, 0x80, 0x80, 0x8C, 0x34, 0x6F, 0x00, 0x00, 0x0A, 0x2B, 0x81, 0x20, 0x0B, 0xEF, 0x80, 0x00, 0x80, 0xEF, 0xEF, 0xFF, 0xF8, 0x0B, 0xBF, 0x70, 0x10, 0x01, 0xFF, 0xF6, 0x8F, 0x85, 0x20, 0x00, 0x88, 0x40, 0x41, 0x30, 0x50, 0x27, 0x1C, 0xCF, 0x00, 0x01, 0x30, 0x20, 0x0B, 0xE0, 0x30, 0x03, 0x38, 0x36, 0x4F, 0x79, 0x87, 0x00, 0x05, 0xFD, 0xFC, 0x30, 0x0B, 0x0A, 0x3F, 0x85, 0x3F, 0x89, 0xFC, 0xFC, 0x0A, 0x0A, 0xC1, 0x30, 0x03, 0x2F, 0xFA, 0x83, 0x00, 0x00, 0xF7, 0xF7, 0x3F, 0x10, 0x38, 0xBF, 0xFF, 0x31, 0x7A, 0x20, 0x0B, 0x20, 0x0F, 0xFF, 0x9F, 0xCF, 0x04, 0xFF, 0x1F, 0x2F, 0xF6, 0x60, 0xAF, 0xE5, 0x81, 0x00, 0x09, 0x00, 0xF3, 0xF3, 0x01, 0x22, 0xB0, 0xCF, 0xFF, 0x30, 0x05, 0x20, 0xF3, 0xF3, 0x40, 0x03, 0x28, 0x00, 0x00, 0x5F, 0x5F, 0x83, 0x40, 0x5F, 0x88, 0xFE, 0xCA, 0xFF, 0xCC, 0x30, 0x0B, 0x40, 0x0F, 0x83, 0x7F, 0xEC, 0x88, 0x00, 0x88, 0xFF, 0xCC, 0x2F, 0xCC, 0x30, 0x07, 0x25, 0xCF, 0xFF, 0x21, 0xEE, 0xFC, 0xFC, 0x30, 0x7D, 0x0C, 0x22, 0xC0, 0xC0, 0x30, 0x03, 0x20, 0x1F, 0x06, 0xFF, 0xCC, 0x0D, 0x0A, 0x00, 0x07, 0x30, 0x00, 0x88, 0x60, 0x60, 0x50, 0xE7, 0x3F, 0xFF, 0x30, 0x0B, 0xD9, 0x40, 0x0F, 0x30, 0x3F, 0xCD, 0x20, 0x37, 0x50, 0x47, 0xCC, 0x02, 0x2D, 0xA7, 0x16, 0x34, 0xFF, 0x33, 0x41, 0x0F, 0x33, 0x30, 0x07, 0x40, 0x3F, 0x0E, 0xAF, 0x30, 0xC7, 0x84, 0x25, 0xCB, 0xF8, 0x4F, 0xD3, 0x2F, 0x9F, 0x50, 0x0B, 0x20, 0x0F, 0x8C, 0x2F, 0xE8, 0xAF, 0xFF, 0x00, 0x30, 0xE7, 0x5F, 0xD7, 0x8E, 0xBF, 0x05, 0xFF, 0x0E, 0x1E, 0xF7, 0x70, 0x32, 0x64, 0xBF, 0x40, 0xC7, 0x04, 0x00, 0x82, 0x00, 0x00, 0xF4, 0x40, 0xC7, 0x4F, 0x4F, 0xF0, 0x3F, 0xFF, 0x50, 0xD7, 0x30, 0x0B, 0x40, 0x0F, 0x80, 0x00, 0x88, 0xF1, 0x10, 0xE1, 0xFF, 0xEF, 0x70, 0x7F, 0xE1, 0xE1, 0x7F, 0x7F, 0xC0, 0x30, 0x03, 0xE0, 0xDF, 0xDC, 0x00, 0x15, 0x00, 0x00, 0xEF, 0x31, 0xFF, 0x05, 0x40, 0x41, 0x3F, 0xDA, 0xD3, 0x40, 0xDF, 0x2E, 0xBE, 0x33, 0xFD, 0xFA, 0x00, 0x0E, 0x0F, 0x2F, 0xB5, 0x07, 0x09, 0x01, 0xAA, 0xBD, 0x21, 0xEB, 0x8C, 0x31, 0xEF, 0x01, 0x01, 0x60, 0x25, 0x3F, 0x40, 0x0F, 0xFF, 0x70, 0x18, 0x00, 0xDE, 0x01, 0x30, 0x0B, 0x39, 0x69, 0xFF, 0xF6, 0x1C, 0x00, 0xCF, 0x50, 0x00, 0xFF, 0xF5, 0x30, 0x31, 0xFF, 0x28, 0xFF, 0x5C, 0x46, 0x97, 0x50, 0x5F, 0xBF, 0xF5, 0xFF, 0xFF, 0x0E, 0x40, 0x00, 0xEE, 0x10, 0xF1, 0xEF, 0x41, 0xFF, 0x2F, 0xFF, 0xFC, 0x06, 0xFD, 0x0A, 0x0B, 0xEB, 0x10, 0x30, 0x88, 0x51, 0xEF, 0x2F, 0x19, 0x2F, 0x00, 0x00, 0x30, 0x03, 0x51, 0xFF, 0xE6, 0x10, 0x30, 0x0F, 0x48, 0x2E, 0x2F, 0xE0, 0xF5, 0x50, 0x30, 0xC7, 0xF5, 0x40, 0x02, 0x0D, 0x1D, 0xF3, 0xF2, 0xDF, 0x20, 0x54, 0x7F, 0xF3, 0xF4, 0x2F, 0x99, 0x1D, 0x00, 0x00, 0xD4, 0x41, 0xFB, 0xB1, 0xEF, 0x32, 0x0B, 0x4E, 0xB6, 0x9A, 0xC3, 0xF1, 0xEF, 0x20, 0x79, 0x00, 0x00, 0xEB, 0x10, 0x31, 0xFF, 0x33, 0xE7, 0xC0, 0x00, 0x01, 0xEF, 0xB1, 0xFF, 0x00, 0xEE, 0x11, 0xFF, 0x35, 0xFF, 0x68, 0x33, 0x30, 0xF7, 0x21, 0xF2, 0x33, 0x3F, 0xDF, 0x57, 0xFF, 0x55, 0x02, 0xFF, 0xEE, 0x11, 0xEE, 0x11, 0x55, 0x60, 0x07, 0x06, 0xC0, 0x87, 0x06, 0x51, 0xEF, 0x55, 0xFF, 0x04, 0x0D, 0xEE, 0x11, 0xC0, 0x34, 0x41, 0x32, 0x0B, 0xE7, 0x10, 0x1E, 0x1E, 0x00, 0x00, 0x88, 0x30, 0x03, 0xF6, 0x60, 0xCF, 0x2E, 0xEE, 0xF6, 0x50, 0x1E, 0x08, 0x1F, 0x00, 0x00, 0x1D, 0xAF, 0xA4, 0x01, 0x1C, 0xF3, 0x32, 0xF3, 0xCF, 0x21, 0x2C, 0x71, 0xEF, 0xF5, 0x50, 0x37, 0xDB, 0xE4, 0xE8, 0x42, 0x0B, 0x30, 0xC7, 0x61, 0xEF, 0x6F, 0x7F, 0xD7, 0xE1, 0xF1, 0xAF, 0x38, 0xFF, 0xD1, 0x20, 0x97, 0x70, 0x7F, 0x9F, 0xEF, 0xF9, 0xFB, 0x10, 0x28, 0x90, 0xFE, 0x20, 0x9D, 0x65, 0x30, 0x9F, 0x01, 0xFB, 0xFF, 0x1B, 0x9F, 0x0B, 0x7C, 0x33, 0xB3, 0x2C, 0x6C, 0x06, 0x5B, 0xBA, 0x00, 0x4C, 0xB2, 0x01, 0x43, 0x4C, 0x49, 0x4D, 0xFF, 0xFE, 0x14, 0x2F, 0xFA, 0x18, 0x02, 0x02, 0x28, 0x29, 0xD7, 0x3B, 0x3D, 0x69, 0x6D, 0x61, 0x23, 0x67, 0x10, 0x4C, 0x7C, 0x10, 0x00, 0x0D, 0x62, 0x33, 0x06, 0xD0, 0x01, 0x0A, 0x20, 0xA0, 0x00, 0x71, 0x23, 0xDF, 0xFF, 0x33, 0xBF, 0xC0, 0x80, 0x2E, 0xAB, 0xC0, 0xC0, 0xAF, 0x9F, 0x00, 0x00, 0x9F, 0xF0, 0x20, 0x03, 0x73, 0x97, 0x80, 0x07, 0xFF, 0xA0, 0x78, 0x00, 0x02, 0xFF, 0x30, 0xFC, 0x3E, 0x4F, 0x7B, 0x3F, 0xCE, 0x90, 0x90, 0xDF, 0xDF, 0xF9, 0x30, 0x03, 0x01, 0x9D, 0xBF, 0x50, 0x6F, 0x30, 0x6B, 0x40, 0x6F, 0x00, 0xB0, 0x44, 0x93, 0x47, 0xDF, 0x22, 0x07, 0xD7, 0x00, 0xEE, 0x00, 0x0E, 0xAE, 0x42, 0x17, 0x20, 0x17, 0xD0, 0x70, 0x07, 0x40, 0x6F, 0x80, 0x90, 0x6F, 0xC5, 0xFF, 0xCF, 0x7F, 0x3D, 0xDE, 0x00, 0x95, 0x7D, 0xC1, 0x7F, 0x63, 0x53, 0x71, 0x7F, 0x20, 0x71, 0x7F, 0xD6, 0xC2, 0xCF, 0x06, 0xB1, 0x8B, 0x50, 0xA8, 0x22, 0x70, 0x28, 0x2E, 0x2D, 0xE6, 0x10, 0x11, 0x00, 0x43, 0xFD, 0x3A, 0x8F, 0x76, 0x00, 0x98, 0x6F, 0xA8, 0x21, 0xCE, 0x47, 0x2D, 0x83, 0xFF, 0x7A, 0xFF, 0x45, 0x4F, 0xDE, 0x14, 0xAA, 0x00, 0xBB, 0x4A, 0xAF, 0xBB, 0x50, 0x07, 0xFF, 0x23, 0x42, 0xEF, 0x42, 0xB3, 0xFF, 0x21, 0xFF, 0x53, 0x4F, 0xFE, 0x9A, 0x28, 0x00, 0x68, 0x4A, 0xCF, 0x24, 0x3F, 0xE8, 0xAD, 0xFF, 0xFF, 0x54, 0xC8, 0x3A, 0xDB, 0xB3, 0x5F, 0xF4, 0xFA, 0x56, 0x77, 0x27, 0xFF, 0x3F, 0x00, 0x4B, 0x85, 0x3F, 0x7B, 0x87, 0x26, 0x8B, 0x2D, 0xED, 0xB3, 0xC2, 0x07, 0xC0, 0x0A, 0x0E, 0x21, 0xF6, 0x22, 0xFF, 0x26, 0xC5, 0x86, 0x4F, 0x7F, 0xDD, 0x22, 0x23, 0xFF, 0x32, 0x4F, 0x5A, 0x43, 0xFF, 0x97, 0x6B, 0xC7, 0x37, 0x3B, 0x01, 0x10, 0xE7, 0xF2, 0xF4, 0xFF, 0xFF, 0xFC, 0x2F, 0x74, 0xD0, 0x30, 0x03, 0x9F, 0x7B, 0xDF, 0xAF, 0x86, 0x0C, 0x09, 0xFF, 0x4F, 0x00, 0x02, 0x00, 0xFF, 0xAD, 0xBF, 0x04, 0x28, 0xFF, 0x11, 0x00, 0x6C, 0x03, 0x07, 0xE0, 0xF8, 0xD6, 0x00, 0xDD, 0x00, 0x48, 0x51, 0x68, 0xDD, 0x26, 0x03, 0x61, 0xEF, 0x54, 0x00, 0x3C, 0xFD, 0xFF, 0xB8, 0xFF, 0x09, 0xFE, 0x00, 0x00, 0x51, 0x41, 0xEF, 0xFD, 0xA0, 0x97, 0x7F, 0x03, 0x10, 0x00, 0xFE, 0xFC, 0x10, 0xA0, 0x23, 0xF1, 0x6F, 0xE0, 0x00, 0x2C, 0xEF, 0x00, 0x03, 0xFF, 0xFF, 0x1E, 0x8F, 0xA8, 0xA1, 0x1B, 0xEF, 0x21, 0x1F, 0xAF, 0x05, 0x94, 0x99, 0xA1, 0xF2, 0x00, 0x38, 0x00, 0xF2, 0x20, 0x03, 0x85, 0x89, 0x40, 0xD7, 0x37, 0xFF, 0x01, 0x44, 0xBE, 0x4D, 0x8F, 0x58, 0x00, 0x23, 0x4F, 0xFF, 0x64, 0xFF, 0x45, 0xA7, 0x47, 0xE7, 0xDC, 0xFF, 0xED, 0x79, 0x80, 0xDE, 0x28, 0x80, 0x91, 0x30, 0xD2, 0xCC, 0xFF, 0x50, 0xCF, 0x21, 0x00, 0x32, 0x42, 0xDF, 0x23, 0x33, 0x00, 0x26, 0x52, 0x73, 0x30, 0xFB, 0x3F, 0x93, 0x40, 0x04, 0xA6, 0x63, 0x3F, 0x12, 0x38, 0x27, 0x7A, 0xEF, 0x35, 0x94, 0x72, 0xEF, 0x8E, 0x05, 0xFF, 0xFF, 0x2F, 0x05, 0x4D, 0x2F, 0xAA, 0x6B, 0x03, 0xE4, 0x0C, 0xBA, 0x00, 0xB5, 0xFF, 0x40, 0x29, 0xD4, 0x07, 0x55, 0xFF, 0x08, 0xC0, 0x7F, 0x91, 0x4A, 0x8B, 0x99, 0x3F, 0x00, 0x99, 0x5F, 0x97, 0x5A, 0x97, 0x8F, 0xA7, 0x70, 0x17, 0x60, 0x1F, 0x8F, 0xC7, 0x0D, 0x56, 0xFF, 0x55, 0x01, 0x37, 0x97, 0x90, 0x1F, 0x78, 0x4F, 0xE3, 0xCD, 0x27, 0xC0, 0x4A, 0x27, 0x97, 0xFF, 0x2A, 0xA7, 0x27, 0x85, 0x35, 0x26, 0xBF, 0xC4, 0x24, 0x07, 0x3F, 0xE7, 0x8B, 0xFF, 0x03, 0x44, 0x10, 0xC6, 0x00, 0x34, 0xFF, 0xD4, 0x80, 0x5F, 0x3F, 0xFF, 0x17, 0x9F, 0xD5, 0xEF, 0xFF, 0x33, 0x07, 0xCF, 0x45, 0x6F, 0x2B, 0x77, 0x3E, 0xEF, 0x3B, 0x7D, 0xAF, 0xF1, 0x11, 0x30, 0x20, 0xFB, 0x5F, 0xEF, 0xF3, 0xF9, 0xF8, 0x90, 0x3F, 0x26, 0x31, 0xB7, 0x22, 0x97, 0x00, 0x75, 0x85, 0xBF, 0x2F, 0xEA, 0xAF, 0x04, 0x0D, 0xFF, 0x9E, 0xFF, 0x45, 0x4F, 0xE1, 0xA9, 0x00, 0x51, 0x9A, 0x45, 0xBF, 0x89, 0x55, 0xA7, 0xFF, 0x22, 0xFF, 0x3E, 0x7F, 0x05, 0x00, 0xFF, 0x75, 0xFF, 0xDA, 0x4F, 0xFF, 0x23, 0x35, 0xB7, 0x41, 0x5E, 0x8A, 0x8F, 0xFF, 0xFF, 0x7F, 0x8F, 0x52, 0x23, 0x0C, 0xF7, 0x0D, 0x92, 0x31, 0xE1, 0xEF, 0xE1, 0xFF, 0x7F, 0xA7, 0x02, 0x2D, 0x07, 0x30, 0x03, 0xF0, 0x0F, 0xC1, 0x01, 0x1D, 0x86, 0x45, 0x3E, 0x00, 0xFB, 0xB0, 0xFF, 0xFF, 0x25, 0x13, 0xCE, 0x4C, 0x5F, 0x5F, 0xE8, 0xF2, 0xD0, 0x28, 0x8B, 0x25, 0x31, 0x77, 0x11, 0x0D, 0xE0, 0xA5, 0x1B, 0x96, 0x44, 0x2D, 0x69, 0xFB, 0x01, 0x07, 0xF8, 0xF2, 0x82, 0x86, 0x45, 0x0E, 0x50, 0x00, 0x2F, 0x3F, 0x2C, 0x87, 0xE5, 0x04, 0xFF, 0xFF, 0x20, 0x00, 0xFA, 0x2D, 0xB1, 0x0D, 0x6F, 0x87, 0x76, 0x87, 0x18, 0xEF, 0x00, 0x38, 0x77, 0x77, 0xC2, 0x5F, 0xAE, 0x2B, 0x0F, 0x6B, 0xFF, 0x01, 0xAF, 0x47, 0xCF, 0x4C, 0x6F, 0x26, 0x89, 0x00, 0x3E, 0x47, 0x72, 0x3A, 0x0D, 0xB4, 0x2F, 0x04, 0xF1, 0xFF, 0x7F, 0xF1, 0xA0, 0xB0, 0x2C, 0x0D, 0xF4, 0x87, 0x79, 0x7C, 0x00, 0x60, 0xFB, 0xFF, 0x28, 0x32, 0x00, 0xB0, 0x01, 0x24, 0x07, 0x1E, 0x4F, 0x08, 0x2F, 0x2C, 0x6F, 0x2E, 0xDD, 0xBD, 0xFE, 0xDB, 0x59, 0x00, 0x56, 0xD8, 0x5E, 0x97, 0xA5, 0x37, 0x87, 0x61, 0x00, 0x17, 0x9F, 0x38, 0x93, 0x40, 0xD2, 0x96, 0x9E, 0x7D, 0xDF, 0xFE, 0x28, 0xAF, 0xD0, 0xE1, 0x39, 0xF1, 0x1A, 0xEC, 0x27, 0x87, 0x2F, 0xF7, 0x2F, 0xE3, 0x3F, 0x2B, 0x55, 0x98, 0xBE, 0x04, 0x07, 0x1A, 0xFF, 0xFF, 0x08, 0x4F, 0x09, 0x0E, 0x13, 0xFF, 0x20, 0x4A, 0xBF, 0x22, 0x23, 0x00, 0x22, 0xC3, 0xEF, 0xDE, 0xFF, 0xDD, 0x55, 0x42, 0x60, 0x17, 0xC0, 0x30, 0x1F, 0x49, 0x23, 0xFF, 0xED, 0xFF, 0x00, 0x31, 0x00, 0x64, 0x95, 0x7A, 0xDB, 0x60, 0x37, 0xEE, 0x12, 0x2F, 0x61, 0x50, 0xFD, 0x84, 0xDA, 0x11, 0xFF, 0xBD, 0xFF, 0x69, 0x45, 0xE7, 0x14, 0x6B, 0x86, 0x9B, 0x0F, 0x8E, 0x5E, 0x01, 0x9F, 0x6C, 0x52, 0x00, 0x1C, 0x2A, 0x35, 0xC4, 0x2E, 0xEF, 0x2F, 0x03, 0xAD, 0x00, 0x47, 0x5A, 0x6F, 0xFD, 0x74, 0x8F, 0x4F, 0x9F, 0xB9, 0xFF, 0xDC, 0x4F, 0xFF, 0x28, 0x6C, 0x2B, 0xB2, 0x4F, 0x57, 0x35, 0xBB, 0xFF, 0x2B, 0xAA, 0x2D, 0x64, 0x10, 0x60, 0xB7, 0x32, 0x35, 0xDC, 0x0A, 0x10, 0x00, 0xB4, 0xEC, 0x2F, 0xD7, 0xF9, 0x7B, 0x78, 0xEF, 0x88, 0x68, 0x9F, 0x8B, 0xFF, 0x25, 0xAB, 0x8F, 0x6D, 0xFF, 0x8F, 0x2F, 0x02, 0x00, 0x3F, 0xCD, 0x6C, 0x01, 0xEC, 0xAC, 0xCE, 0x7F, 0x2E, 0xAB, 0xDE, 0x7F, 0xE0, 0x68, 0x7F, 0x9D, 0x2E, 0x04, 0x0E, 0x88, 0xFF, 0xEF, 0xEF, 0x8A, 0xAF, 0x00, 0x8E, 0x47, 0x24, 0xDD, 0x78, 0xDD, 0x77, 0x33, 0x00, 0x11, 0x33, 0x11, 0x8D, 0x7D, 0x13, 0x13, 0x7D, 0xDF, 0x20, 0x03, 0x8A, 0xBF, 0x77, 0x50, 0x17, 0x70, 0x07, 0xFF, 0x49, 0x30, 0x2B, 0xB0, 0x2F, 0xDB, 0xF0, 0x0F, 0x01, 0xB9, 0x7F, 0xA8, 0x6D, 0xEA, 0x7F, 0x7F, 0x10, 0x6F, 0x7F, 0x27, 0xB0, 0xD0, 0x04, 0xA1, 0x00, 0x0D, 0xB0, 0x01, 0x02, 0x60, 0xED, 0x61, 0xFF, 0x2C, 0xFF, 0x1A, 0xBE, 0xFF, 0xF0, 0x3E, 0xB7, 0x00, 0xC0, 0xFF, 0x19, 0x00, 0x21, 0x1D, 0x01, 0x8C, 0x28, 0xFA, 0xCC, 0xFF, 0x3A, 0x3B, 0x92, 0x40, 0x3F, 0x17, 0xFF, 0x46, 0x6B, 0x27, 0x4C, 0x84, 0xFF, 0xE9, 0xBD, 0xB9, 0x3C, 0xB8, 0xFD, 0xF1, 0x23, 0x34, 0x30, 0x62, 0x4C, 0xDA, 0x40, 0x13, 0xF7, 0xFF, 0xF1, 0x20, 0x03, 0x04, 0xEF, 0xFF, 0xE8, 0xFF, 0xE0, 0x20, 0x03, 0xE1, 0xFF, 0x1C, 0xD9, 0xFF, 0xD3, 0x50, 0x95, 0x2E, 0xE1, 0x21, 0x87, 0x57, 0xFF, 0x1A, 0x86, 0xFF, 0xD1, 0x93, 0x69, 0x30, 0x41, 0xFA, 0x31, 0x9F, 0xAC, 0x22, 0xFF, 0xC7, 0x41, 0xA5, 0xD9, 0xFF, 0xE4, 0x50, 0x5B, 0xF6, 0x20, 0xFF, 0xF2, 0x20, 0x5D, 0xFB, 0xFF, 0xEE, 0xFF, 0xEA, 0xAA, 0x2F, 0x23, 0xF5, 0x20, 0x05, 0xE4, 0x23, 0x97, 0xEA, 0x2E, 0x2E, 0xDA, 0x08, 0xFF, 0xDB, 0xFF, 0xD5, 0x2C, 0x6E, 0xC6, 0xFF, 0xD0, 0x02, 0xFF, 0xCB, 0xFF, 0xC1, 0xFF, 0xBC, 0x27, 0xE7, 0xE1, 0xA0, 0x20, 0x11, 0xD2, 0x24, 0x7A, 0xDA, 0xFF, 0xCD, 0xFF, 0xCA, 0x82, 0x20, 0x19, 0xC1, 0xFF, 0xB7, 0xFF, 0xB3, 0x20, 0xFE, 0xBA, 0x0A, 0xFF, 0xAF, 0xFF, 0xAB, 0x05, 0xD1, 0xFF, 0x5F, 0x62, 0x6D, 0x03, 0x28, 0xFF, 0x29, 0x20, 0xC2, 0xC2, 0xE1, 0x7F, 0x05, 0xFF, 0x9F, 0xAD, 0x22, 0x8D, 0x07, 0x21, 0x61, 0xA7, 0x20, 0x9A, 0x5F, 0xE9, 0x8A, 0xD9, 0x48, 0xA8, 0x38, 0x99, 0xFE, 0x41, 0x01, 0xF7, 0x25, 0x34, 0xEA, 0xFF, 0xE0, 0x51, 0x8D, 0xD1, 0x73, 0xF6, 0x80, 0x27, 0xF7, 0xFF, 0xEB, 0x25, 0x56, 0x54, 0xE0, 0x21, 0x1D, 0xE9, 0x21, 0x25, 0xDE, 0x2F, 0x4A, 0xD4, 0xFF, 0x14, 0xD3, 0xFF, 0xC9, 0x2F, 0x52, 0xD3, 0x2B, 0x3D, 0xC9, 0xFF, 0x54, 0xC8, 0x25, 0x49, 0xBD, 0x21, 0x07, 0xFC, 0x27, 0x46, 0xF0, 0xFF, 0x51, 0xE6, 0x20, 0x2D, 0xE2, 0x25, 0x9E, 0xD5, 0xFF, 0xE3, 0x21, 0x95, 0x55, 0xD6, 0x2D, 0xB0, 0xD0, 0x20, 0x21, 0xC3, 0x25, 0x10, 0xDA, 0x21, 0x3B, 0x14, 0xCD, 0xFF, 0xC5, 0x21, 0x4D, 0xC4, 0x25, 0x7B, 0xB6, 0xFF, 0x40, 0xBF, 0x21, 0x3D, 0xB2, 0xFF, 0xAB, 0xFF, 0xB0, 0xFF, 0x05, 0xA9, 0xFF, 0xA3, 0xFF, 0x9C, 0x21, 0x51, 0xC0, 0x22, 0x4A, 0x54, 0xB5, 0x21, 0x53, 0xAE, 0x21, 0xA8, 0xA2, 0x21, 0x59, 0xAA, 0xFF, 0x50, 0xA8, 0x20, 0xC8, 0xA0, 0x2F, 0xE0, 0x95, 0xFF, 0x8C, 0xFF, 0x40, 0xA6, 0x2B, 0x49, 0x9A, 0xFF, 0x92, 0xFF, 0x96, 0xFF, 0x54, 0x8F, 0x25, 0x33, 0x84, 0x20, 0x05, 0x87, 0x22, 0x2C, 0x7C, 0xFF, 0x15, 0x7F, 0xFF, 0x79, 0x2B, 0x43, 0x6E, 0x22, 0x86, 0xB8, 0x20, 0x4B, 0x46, 0xAA, 0x20, 0x53, 0xAD, 0xFF, 0xA4, 0x21, 0x00, 0x30, 0x53, 0x96, 0x2A, 0xFF, 0x90, 0x2B, 0xFF, 0x92, 0x20, 0xFC, 0x85, 0x20, 0x4B, 0xA4, 0x20, 0xFF, 0x9B, 0x20, 0x3D, 0xA0, 0xFF, 0x9D, 0xFF, 0x93, 0x82, 0x20, 0x17, 0x8D, 0xFF, 0x89, 0xFF, 0x80, 0x20, 0x3F, 0x86, 0x28, 0xFF, 0x83, 0x20, 0x41, 0x76, 0x20, 0x0D, 0x83, 0xFF, 0x7D, 0x0A, 0xFF, 0x77, 0xFF, 0x7E, 0x20, 0x4F, 0x72, 0x25, 0x87, 0x72, 0x02, 0xFF, 0x6C, 0xFF, 0x67, 0xFF, 0x62, 0x40, 0x03, 0x5C, 0x00, 0xFF, 0x58, 0xFF, 0x74, 0xFF, 0x70, 0xFF, 0x69, 0x28, 0xFF, 0x65, 0x25, 0xA1, 0x6A, 0x20, 0x15, 0x5F, 0xFF, 0x5E, 0x02, 0xFF, 0x5A, 0xFF, 0x53, 0xFF, 0x50, 0x22, 0x6C, 0x54, 0x0A, 0xFF, 0x4D, 0xFF, 0x4A, 0x00, 0xD3, 0xFF, 0x16, 0x24, 0x1D, 0x6B, 0x35, 0xFF, 0x15, 0x22, 0x66, 0x72, 0xD7, 0x85, 0x2F, 0xA8, 0xED, 0x5F, 0x95, 0x55, 0xF9, 0x2E, 0xCE, 0xF0, 0x94, 0x3F, 0x75, 0x21, 0xBF, 0xD5, 0x84, 0x4D, 0x6A, 0x3D, 0x2F, 0xD0, 0xAF, 0xAC, 0xFD, 0x22, 0xFB, 0xE8, 0x26, 0x3B, 0xE0, 0xAA, 0x2F, 0xE7, 0xF8, 0x2F, 0x06, 0xF1, 0x23, 0x03, 0xD9, 0x23, 0x01, 0xD3, 0xAA, 0x21, 0x7F, 0xF0, 0x28, 0xC8, 0xE6, 0x21, 0x77, 0xD6, 0x23, 0x0F, 0xCC, 0xAA, 0x22, 0xD1, 0xDD, 0x21, 0x89, 0xD5, 0x22, 0xBF, 0xC3, 0x22, 0xF6, 0xBB, 0xAA, 0x22, 0xB1, 0xBF, 0x21, 0x61, 0xB5, 0x22, 0xB1, 0xA8, 0x21, 0x59, 0x9F, 0xAA, 0x22, 0xBB, 0xAB, 0x21, 0x69, 0xA2, 0x21, 0x5F, 0x95, 0x2D, 0x23, 0x8C, 0xAD, 0x42, 0xD5, 0xD2, 0x21, 0x9F, 0xBF, 0x21, 0x95, 0x30, 0x1B, 0xCB, 0x27, 0x21, 0x55, 0xC4, 0x21, 0xA7, 0xB0, 0x21, 0x9D, 0xA9, 0x21, 0x9F, 0xA6, 0x21, 0x7D, 0x55, 0x9E, 0x21, 0x7F, 0x8F, 0x23, 0xA2, 0x87, 0x21, 0x77, 0x96, 0x26, 0xB9, 0xA8, 0x30, 0x0B, 0x7F, 0x21, 0x19, 0x78, 0x21, 0x7F, 0x9E, 0xFF, 0x94, 0xA2, 0x20, 0x01, 0x8A, 0x26, 0xCF, 0x82, 0xFF, 0x81, 0x20, 0x11, 0x8B, 0xB1, 0x20, 0x05, 0x82, 0x20, 0x19, 0x30, 0x1B, 0x6E, 0xFF, 0x66, 0x21, 0xA5, 0x51, 0x71, 0x21, 0x41, 0x68, 0x21, 0x3D, 0x63, 0xFF, 0x60, 0x21, 0x3B, 0x50, 0x66, 0x21, 0x41, 0x5E, 0x2D, 0xBD, 0x57, 0xFF, 0x51, 0xFF, 0x15, 0x4F, 0xFF, 0x48, 0x21, 0xC5, 0x70, 0x20, 0x21, 0x68, 0x80, 0x17, 0x55, 0x6A, 0x20, 0x25, 0x63, 0x21, 0x63, 0x57, 0x20, 0x1D, 0x50, 0x20, 0x1F, 0x10, 0x55, 0xFF, 0x4E, 0x20, 0x01, 0x46, 0xFF, 0x47, 0xFF, 0x05, 0x40, 0xFF, 0x3F, 0xFF, 0x39, 0x20, 0x07, 0x3F, 0x20, 0x09, 0x51, 0x39, 0x20, 0x09, 0x32, 0x20, 0x01, 0x2C, 0xFF, 0x5D, 0x23, 0xF6, 0x60, 0x53, 0x20, 0x23, 0x30, 0x03, 0x49, 0xFF, 0x44, 0xFF, 0x4B, 0x08, 0xFF, 0x45, 0xFF, 0x42, 0x21, 0x3E, 0x40, 0xFF, 0x3C, 0x02, 0xFF, 0x38, 0xFF, 0x34, 0xFF, 0x4A, 0x20, 0x39, 0x41, 0xA8, 0x21, 0x4E, 0x43, 0x20, 0x05, 0x3B, 0x20, 0x11, 0x38, 0xFF, 0x35, 0x00, 0xFF, 0x31, 0xFF, 0x2E, 0xFF, 0x33, 0xFF, 0x30, 0x2A, 0xFF, 0x2B, 0x23, 0x46, 0x3B, 0x20, 0x0F, 0x33, 0x20, 0x0F, 0x30, 0x82, 0x24, 0xD2, 0x2A, 0xFF, 0x26, 0xFF, 0x2D, 0x2B, 0x94, 0x27, 0x80, 0x2D, 0xA5, 0x23, 0xFF, 0x20, 0xFF, 0x1E, 0xFF, 0x1B, 0xA8, 0x23, 0x68, 0x26, 0x40, 0x0B, 0x24, 0x2D, 0xB9, 0x1E, 0xFF, 0x1C, 0x02, 0xFF, 0x1D, 0xFF, 0x1A, 0xFF, 0x18, 0x21, 0xD2, 0x18, 0x8A, 0x24, 0xB8, 0x13, 0xFF, 0x12, 0x33, 0x8B, 0x00, 0x20, 0x36, 0xD2, 0xDA, 0x6B, 0xF6, 0x34, 0x85, 0x00, 0x24, 0x87, 0x64, 0xB3, 0xFA, 0x2C, 0x0B, 0xEA, 0xAA, 0x24, 0x61, 0xE4, 0x24, 0x57, 0xCC, 0x24, 0x59, 0xC6, 0x27, 0xFF, 0xDF, 0xA9, 0x24, 0x75, 0xDA, 0x24, 0x5F, 0xC1, 0x24, 0x4D, 0xBC, 0x00, 0x22, 0xB6, 0x62, 0x00, 0x23, 0x56, 0x43, 0x7B, 0xFE, 0xFF, 0xF2, 0x34, 0xA5, 0x00, 0xD5, 0x23, 0x4E, 0x24, 0xFD, 0xED, 0x2A, 0x35, 0xEA, 0x2C, 0x67, 0xD5, 0x24, 0xE9, 0x55, 0xD2, 0x24, 0x91, 0xB7, 0x24, 0x8F, 0xB2, 0x29, 0x02, 0xCD, 0x24, 0xA5, 0x55, 0xCA, 0x25, 0x7E, 0xAF, 0x24, 0x81, 0xAB, 0x25, 0x86, 0xB0, 0x23, 0x01, 0x55, 0xAA, 0x23, 0x4B, 0x96, 0x23, 0x4D, 0x90, 0x23, 0x5B, 0xA4, 0x23, 0x09, 0x55, 0x9F, 0x2E, 0xFF, 0x8A, 0x23, 0x35, 0x85, 0x22, 0xED, 0x7D, 0x22, 0xE9, 0x55, 0x77, 0x22, 0xDB, 0x67, 0x22, 0xD9, 0x62, 0x22, 0xE7, 0x72, 0x23, 0x39, 0x55, 0x6D, 0x22, 0xE3, 0x5C, 0x22, 0xE5, 0x57, 0x23, 0x6B, 0x9A, 0x23, 0x37, 0x55, 0x96, 0x23, 0x17, 0x80, 0x23, 0x19, 0x7C, 0x23, 0x77, 0x93, 0x23, 0x29, 0x55, 0x90, 0x25, 0x4A, 0x79, 0x23, 0x21, 0x76, 0x22, 0xFF, 0x6A, 0x23, 0x01, 0x55, 0x65, 0x24, 0x7A, 0x53, 0x22, 0xF9, 0x50, 0x28, 0xA9, 0x62, 0x23, 0x09, 0x55, 0x5F, 0x25, 0x6C, 0x4D, 0x23, 0x01, 0x4A, 0x21, 0x7F, 0x53, 0x25, 0x78, 0x51, 0x4E, 0x21, 0x77, 0x42, 0x21, 0x79, 0x3D, 0xFF, 0x52, 0x21, 0x85, 0x55, 0x4E, 0x21, 0x87, 0x40, 0x21, 0x7D, 0x3C, 0x21, 0x7F, 0x3A, 0x21, 0x69, 0x55, 0x35, 0x21, 0x6F, 0x2D, 0x25, 0xA4, 0x28, 0x2E, 0xFD, 0x30, 0x21, 0x65, 0x55, 0x2C, 0x41, 0x53, 0x1E, 0x21, 0x61, 0x1B, 0x21, 0x9F, 0x41, 0x21, 0xDD, 0x55, 0x3D, 0x21, 0xAB, 0x31, 0x21, 0x99, 0x2D, 0x21, 0xA7, 0x3B, 0x21, 0xAF, 0x55, 0x38, 0x21, 0x9F, 0x2B, 0x21, 0xA1, 0x29, 0x24, 0xE8, 0x23, 0x21, 0x95, 0x55, 0x20, 0x21, 0x77, 0x18, 0x21, 0x79, 0x15, 0x21, 0x87, 0x1E, 0x2F, 0x43, 0x55, 0x1C, 0x21, 0x83, 0x13, 0x23, 0x5E, 0x12, 0x2F, 0x4F, 0x1D, 0x40, 0x1B, 0x45, 0x19, 0x23, 0x6C, 0x14, 0xFF, 0x11, 0x26, 0x72, 0x14, 0x23, 0x76, 0x54, 0x11, 0x20, 0x09, 0x0E, 0x20, 0x01, 0x0B, 0x21, 0xA3, 0x10, 0xFF, 0x10, 0x0F, 0xFF, 0x0D, 0x40, 0x03, 0x0B, 0xFF, 0x0A, 0xFF, 0x55, 0x0C, 0x20, 0x03, 0x09, 0x25, 0x24, 0x08, 0x25, 0x28, 0x06, 0x25, 0x32, 0x55, 0x13, 0x20, 0x1D, 0x10, 0x20, 0x1F, 0x0C, 0x20, 0x15, 0x0A, 0x25, 0x3C, 0x55, 0x0F, 0x20, 0x33, 0x0D, 0x20, 0x27, 0x08, 0x20, 0x1D, 0x07, 0x25, 0x52, 0xAB, 0x50, 0x25, 0x04, 0x20, 0x01, 0x03, 0x25, 0x76, 0x02, 0x80, 0x07, 0x50, 0x01, 0x56, 0x01, 0x00, 0xB9, 0x7F, 0x20, 0x2C, 0x1D, 0x03, 0x04, 0xE9, 0x7F, 0x10, 0x04, 0x80, 0x59, 0x30, 0x18, 0xC2, 0xFE, 0xE2, 0x2C, 0x3A, 0x3A, 0x46, 0x20, 0xF8, 0xE9, 0x06, 0xFF, 0x00, 0x95, 0x00, 0xDC, 0x00, 0x3E, 0x2E, 0x03, 0x1F, 0xA9, 0x80, 0x0C, 0xF2, 0x00, 0x10, 0xF9, 0x38, 0xEF, 0x4F, 0x02, 0x50, 0x90, 0x0F, 0xFF, 0xFF, 0xC0, 0xD0, 0x00, 0xDE, 0x98, 0xBF, 0x1B, 0xCB, 0xFF, 0x2F, 0x23, 0xF0, 0xF2, 0x7F, 0x4B, 0xFF, 0x01, 0xCF, 0x27, 0x10, 0x39, 0xE0, 0x2B, 0x80, 0x11, 0xCD, 0x90, 0x00, 0x90, 0x09, 0x08, 0x01, 0x9C, 0x00, 0x00, 0xB2, 0x00, 0x10, 0x0A, 0x0E, 0x90, 0x90, 0x08, 0x08, 0x90, 0x00, 0x80, 0x09, 0xBD, 0x00, 0x20, 0x2D, 0x1E, 0xB1, 0x00, 0x9C, 0x0A, 0x00, 0x01, 0x5B, 0x00, 0x00, 0x13, 0x10, 0x49, 0x00, 0xC3, 0x35, 0xC7, 0x02, 0xBA, 0x40, 0xA2, 0x00, 0x4B, 0x5B, 0xC7, 0x80, 0x5C, 0x4B, 0x13, 0xC5, 0x00, 0x21, 0xAC, 0x41, 0x31, 0xC0, 0xCA, 0x37, 0x13, 0x02, 0x00, 0x06, 0x00, 0x00, 0x0D, 0x7F, 0x30, 0x1F, 0x01, 0x00, 0x3B, 0x01, 0x3C, 0x13, 0x3A, 0x0C, 0x0C, 0xE4, 0x00, 0xC4, 0x0D, 0x8D, 0xC4, 0xB4, 0x01, 0x00, 0x3C, 0x00, 0x3C, 0x00, 0x00, 0x3C, 0x3B, 0x00, 0x86, 0x00, 0x04, 0x00, 0x97, 0xD6, 0x11, 0xDA, 0x4F, 0xFF, 0x07, 0x00, 0x00, 0x4B, 0xB7, 0x87, 0x20, 0x00, 0xA7, 0xC6, 0x20, 0x00, 0xCA, 0x1E, 0x3C, 0x4C, 0x4B, 0x1E, 0x08, 0x5C, 0x40, 0xD6, 0x47, 0xD9, 0x60, 0x00, 0x58, 0x00, 0x26, 0x00, 0x00, 0x00, 0x5C, 0xCE, 0x00, 0x41, 0x70, 0x70, 0x0A, 0x00, 0x0A, 0x90, 0xCA, 0x0A, 0x08, 0x4C, 0x3C, 0xC0, 0x04, 0xE1, 0x4C, 0xC8, 0xD0, 0x52, 0x37, 0xFE, 0x21, 0xBC, 0x20, 0x00, 0x0A, 0x36, 0x47, 0x00, 0xB1, 0x22, 0xBB, 0x13, 0x00, 0xA9, 0x7C, 0x49, 0x03, 0xAC, 0x23, 0x3C, 0xA8, 0x00, 0x5B, 0x30, 0x00, 0x99, 0xC1, 0x20, 0xAA, 0x01, 0x04, 0x1C, 0x00, 0x00, 0x1D, 0x1E, 0x28, 0x3E, 0x90, 0x00, 0x02, 0x07, 0x90, 0x90, 0x27, 0xBD, 0x1D, 0x20, 0x0F, 0x1E, 0x85, 0x20, 0x13, 0x90, 0x90, 0x0A, 0x06, 0x20, 0xC7, 0xAC, 0x38, 0x3E, 0x08, 0x01, 0x5D, 0x00, 0xB3, 0x68, 0x41, 0x2B, 0xD4, 0xD0, 0x00, 0xD0, 0x70, 0xD3, 0x6D, 0x10, 0x00, 0x33, 0x8A, 0x0B, 0x0C, 0x08, 0xDD, 0xD9, 0x0F, 0x35, 0xD8, 0x11, 0x49, 0x5C, 0x39, 0x77, 0xAF, 0x89, 0x65, 0x10, 0x60, 0x14, 0x11, 0x30, 0x1C, 0x39, 0x89, 0x22, 0x03, 0xD0, 0x32, 0xB5, 0x80, 0x1F, 0x21, 0x00, 0x50, 0x52, 0xA0, 0x3F, 0x22, 0x69, 0xBC, 0x20, 0x00, 0x40, 0x3F, 0xEF, 0x77, 0x5A, 0xA0, 0x1D, 0xC0, 0x5F, 0x31, 0x89, 0xFA, 0xA0, 0x81, 0xC0, 0x5F, 0x7A, 0x1B, 0x93, 0x00, 0x70, 0x5F, 0x20, 0xB0, 0x3A, 0x42, 0x7C, 0x09, 0x00, 0x40, 0xBF, 0xC0, 0xF6, 0xA0, 0x0C, 0x2A, 0x65, 0x40, 0x43, 0x37, 0x30, 0xE3, 0xFF, 0x20, 0xF9, 0x00, 0xB7, 0xFF, 0xFF, 0xAF, 0xCF, 0x03, 0xD1, 0xF8, 0x02, 0xFF, 0x7F, 0xFE, 0xFF, 0x0C, 0x05, 0x23, 0xB6, 0x50, 0x80, 0x23, 0x34, 0x80, 0xED, 0xFF, 0xEE, 0xFF, 0x79, 0x00, 0x14, 0x77, 0x00, 0xEE, 0x20, 0x07, 0x77, 0x20, 0x07, 0x00, 0xAA, 0x02, 0x00, 0x07, 0xFF, 0xFF, 0x3F, 0xCF, 0x2B, 0x90, 0xA5, 0x0C, 0x00, 0x00, 0xF9, 0xF8, 0x70, 0x17, 0x80, 0x1F, 0x4A, 0x00, 0x00, 0xA0, 0x6F, 0x6F, 0xF0, 0x30, 0x00, 0x9B, 0x00, 0x0F, 0x00, 0xEF, 0x23, 0x00, 0x80, 0x37, 0x80, 0x3F, 0xEA, 0x05, 0x00, 0x30, 0x1F, 0x17, 0x80, 0xE8, 0xAB, 0x59, 0xF7, 0x59, 0x00, 0x60, 0x3F, 0x52, 0x72, 0x4B, 0xF4, 0xC0, 0x00, 0xE0, 0x5F, 0x00, 0x90, 0x7F, 0xA2, 0x00, 0x6A, 0xF4, 0xF3, 0x9F, 0x54, 0x8F, 0x90, 0xBF, 0xDE, 0x20, 0xDF, 0x97, 0xDC, 0x48, 0x01, 0x20, 0x00, 0x10, 0x7B, 0xFF, 0x02, 0xAF, 0xFC, 0x30, 0xFF, 0x40, 0xFA, 0x39, 0xE3, 0x4E, 0xFF, 0x00, 0x04, 0x00, 0x65, 0x00, 0x50, 0x01, 0xA9, 0x88, 0x05, 0x04, 0xFF, 0xF6, 0x04, 0x1E, 0x8F, 0xB0, 0x50, 0xEF, 0x00, 0x4A, 0x9F, 0x01, 0x05, 0x96, 0x08, 0x3C, 0x8F, 0x70, 0x90, 0x25, 0x04, 0x70, 0xA1, 0xFA, 0x43, 0xB8, 0xFF, 0x19, 0xEF, 0x02, 0x00, 0x20, 0xC5, 0x2A, 0xD9, 0x80, 0x80, 0x30, 0x03, 0x01, 0xFF, 0xFE, 0x05, 0x0B, 0xF8, 0xE1, 0x6F, 0x2B, 0x97, 0x02, 0x80, 0x90, 0x00, 0x05, 0x60, 0x00, 0x2F, 0x66, 0xB6, 0x00, 0xFF, 0xFF, 0x25, 0x06, 0x06, 0x1F, 0xF8, 0xF8, 0x11, 0x9F, 0xF8, 0xF7, 0x2F, 0x73, 0x06, 0x07, 0xBB, 0x21, 0x06, 0x20, 0xD0, 0x40, 0x3B, 0xBB, 0xB8, 0x00, 0x6F, 0x6F, 0x70, 0x00, 0xF0, 0x6F, 0x6F, 0xE0, 0xE0, 0x68, 0xDF, 0x50, 0x04, 0xA0, 0xDF, 0xDF, 0x90, 0x90, 0x20, 0x0B, 0xF0, 0x4B, 0x10, 0x00, 0xB0, 0x00, 0x20, 0x0B, 0xA0, 0x9B, 0x00, 0x70, 0x00, 0x00, 0x89, 0xFF, 0xB6, 0x8D, 0xFF, 0xFF, 0x04, 0x00, 0x03, 0xAD, 0xFD, 0x23, 0x2F, 0xF3, 0xF3, 0x9F, 0x48, 0xAF, 0x20, 0x0B, 0x04, 0xBB, 0x2D, 0xB5, 0xF3, 0xF3, 0xAF, 0x00, 0xBF, 0xB2, 0x00, 0x8B, 0x00, 0xE8, 0xB0, 0xFF, 0x00, 0xEF, 0xC0, 0xC0, 0xFF, 0xFF, 0x49, 0x10, 0x81, 0x18, 0xFD, 0x90, 0xC1, 0x2B, 0x9B, 0x20, 0x0B, 0x90, 0x00, 0xBB, 0x02, 0x00, 0xA0, 0x21, 0xFF, 0xFF, 0x01, 0x25, 0x96, 0xCC, 0x00, 0x07, 0x7C, 0xFA, 0x68, 0xAC, 0xFB, 0x89, 0x00, 0x00, 0x0A, 0x95, 0xFA, 0x5F, 0x48, 0xF8, 0xF9, 0x03, 0x00, 0x06, 0x72, 0xFA, 0xBD, 0x21, 0x9D, 0x01, 0x17, 0x00, 0x0D, 0xF9, 0xF9, 0x01, 0x00, 0xB7, 0x00, 0x58, 0x00, 0xDF, 0xDB, 0xD8, 0x4F, 0x3F, 0x30, 0x20, 0x3A, 0x00, 0xFF, 0x00, 0x03, 0xFF, 0xFF, 0x38, 0x6A, 0x4F, 0x08, 0x4F, 0x20, 0x30, 0x3B, 0x2E, 0x19, 0xFF, 0xFF, 0x4A, 0x20, 0x0B, 0xBB, 0x2E, 0x18, 0x70, 0xFA, 0xCC, 0x5E, 0xFF, 0x00, 0xFF, 0x09, 0x08, 0xFA, 0xFA, 0x8F, 0x8F, 0xF3, 0x00, 0xF3, 0x8F, 0x7F, 0xFF, 0xFC, 0x08, 0x3D, 0x91, 0x00, 0x00, 0xDD, 0x00, 0xF3, 0xF9, 0x8F, 0x9F, 0xBA, 0x00, 0x00, 0x6B, 0x00, 0x00, 0xB0, 0xC7, 0xAF, 0xF4, 0x00, 0xF7, 0x6F, 0x7F, 0xDC, 0x70, 0x19, 0xDF, 0x30, 0x00, 0x30, 0xFF, 0xFF, 0xF5, 0xC0, 0x6F, 0x9F, 0x10, 0x00, 0x00, 0xD8, 0x00, 0x30, 0x60, 0xFF, 0xEF, 0xDB, 0x09, 0x12, 0x2A, 0x00, 0x31, 0x2E, 0x70, 0x09, 0x0C, 0x36, 0x5C, 0x01, 0xFF, 0xFE, 0x00, 0x10, 0xFD, 0xFF, 0x09, 0x5B, 0xEB, 0x10, 0x40, 0x40, 0xB0, 0x20, 0x2B, 0xFF, 0x9F, 0x1E, 0x08, 0xA8, 0x24, 0x37, 0x09, 0xAE, 0x7F, 0x05, 0x09, 0xE4, 0x31, 0x40, 0x00, 0xFF, 0x40, 0xE4, 0x3F, 0x49, 0x9F, 0xFF, 0x02, 0xBF, 0xFA, 0x30, 0x3B, 0xFF, 0xC8, 0x00, 0x0F, 0x49, 0x23, 0xFC, 0x24, 0x02, 0xEE, 0x24, 0x02, 0x40, 0x07, 0xFD, 0xC5, 0xFA, 0x3F, 0x7B, 0x60, 0x17, 0x70, 0x1F, 0x00, 0x05, 0x7A, 0x09, 0x90, 0x1F, 0x87, 0xD0, 0xBF, 0x80, 0x56, 0xF1, 0x20, 0xFB, 0xF9, 0xFF, 0xFF, 0x8C, 0xAF, 0x08, 0x03, 0xFF, 0x5E, 0x04, 0x10, 0x16, 0x4D, 0xE6, 0x43, 0x4C, 0x49, 0x08, 0x4D, 0xFF, 0xFE, 0x14, 0x2F, 0xFF, 0x02, 0x02, 0x28, 0xC2, 0x29, 0x6A, 0x39, 0x87, 0x69, 0x6D, 0x61, 0x67, 0x39, 0x75, 0x80, 0xA0, 0x27, 0xBE, 0x0D, 0x67, 0x0F, 0x6C, 0x1E, 0xCE, 0x25, 0x67, 0x00, 0xD5, 0x3B, 0x50, 0x41, 0x4B, 0x55, 0x53, 0xBB, 0x00, 0xB5, 0xA2, 0xE7, 0x03, 0x3F, 0x61, 0x30, 0xD2, 0x00, 0x45, 0x8F, 0x3B, 0x58, 0x49, 0xCA, 0xF6, 0xA4, 0x00, 0x24, 0x2D, 0x95, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 +}; + +static const unsigned char iQue_with_ISBN_LZ[0x2000] = +{ + 0x11, 0x48, 0x70, 0x00, 0x00, 0x64, 0x61, 0x72, 0x63, 0xFF, 0xFE, 0x1C, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x28, 0x70, 0x00, 0x00, 0x83, 0x30, 0x09, 0x1C, 0x04, 0x00, 0x00, 0x40, 0x20, 0x03, 0x30, 0x13, 0xAB, 0x30, 0x18, 0x15, 0x20, 0x1D, 0x02, 0xA0, 0x0B, 0x06, 0x20, 0x2B, 0x30, 0x18, 0x5A, 0x09, 0x20, 0x35, 0x10, 0x20, 0x39, 0x30, 0x2B, 0x48, 0x20, 0x29, 0x54, 0x82, 0x20, 0x45, 0xA0, 0x05, 0x00, 0x00, 0x30, 0x20, 0x35, 0x98, 0xAA, 0x20, 0x51, 0xE0, 0x20, 0x28, 0x3C, 0x20, 0x41, 0xDC, 0x20, 0x5D, 0x20, 0x07, 0x08, 0x00, 0x00, 0xCC, 0x0C, 0x20, 0x07, 0x30, 0x51, 0x20, 0x50, 0x50, 0x54, 0x20, 0x0B, 0x64, 0x20, 0x5D, 0x60, 0x21, 0x00, 0x00, 0x4C, 0x4C, 0x20, 0x5C, 0xA8, 0x01, 0x50, 0x53, 0x20, 0x22, 0x00, 0xB2, 0x82, 0x20, 0x75, 0xC0, 0x23, 0x00, 0x00, 0x94, 0x20, 0x2F, 0xE2, 0xB3, 0x30, 0x23, 0x30, 0x20, 0x47, 0x20, 0x68, 0x12, 0x02, 0x50, 0x77, 0x30, 0x8F, 0x41, 0x1C, 0x20, 0x90, 0x00, 0x41, 0x00, 0x00, 0x28, 0x20, 0xAB, 0x4E, 0x3E, 0x20, 0x9C, 0x80, 0x45, 0x20, 0x0B, 0x30, 0x4F, 0x30, 0x17, 0x47, 0xAD, 0x50, 0x17, 0x82, 0x30, 0x17, 0x4B, 0x20, 0x23, 0x20, 0x7B, 0xA4, 0x30, 0x2F, 0xAA, 0x20, 0xA0, 0xA8, 0x20, 0xE9, 0xC4, 0x30, 0x3B, 0x55, 0x50, 0x17, 0xDC, 0xB5, 0x30, 0x3B, 0x5D, 0x20, 0x47, 0x20, 0xE0, 0xF4, 0x30, 0x53, 0x60, 0x20, 0x53, 0x90, 0x30, 0xD4, 0x00, 0x2E, 0x21, 0x13, 0x61, 0x00, 0x6E, 0x00, 0x14, 0x69, 0x00, 0x6D, 0x21, 0x1D, 0x4E, 0x20, 0x07, 0x6E, 0x00, 0x10, 0x74, 0x00, 0x65, 0x20, 0x11, 0x64, 0x00, 0x6F, 0x00, 0x51, 0x4C, 0x20, 0x03, 0x67, 0x20, 0x07, 0x5F, 0x00, 0x44, 0x20, 0x03, 0x41, 0x30, 0x20, 0x01, 0x5F, 0x00, 0x53, 0x00, 0x63, 0x40, 0x1F, 0x05, 0x65, 0x00, 0x4F, 0x00, 0x75, 0x20, 0x2B, 0x41, 0x20, 0x43, 0x5A, 0x62, 0x20, 0x13, 0x6C, 0x40, 0x47, 0x02, 0x50, 0x43, 0x42, 0x03, 0x20, 0x43, 0x43, 0xBE, 0x01, 0x80, 0x87, 0x55, 0x03, 0x20, 0xCB, 0x00, 0x90, 0x43, 0x01, 0x90, 0xCB, 0x00, 0x90, 0x87, 0xF0, 0xCB, 0x62, 0xBF, 0x21, 0x5D, 0x79, 0x21, 0x97, 0x01, 0x31, 0xA1, 0x71, 0x8D, 0x00, 0xF0, 0x2F, 0x71, 0x05, 0xD0, 0x2F, 0x55, 0x74, 0x42, 0x09, 0x67, 0x23, 0x29, 0x33, 0x22, 0x01, 0x73, 0xA2, 0x01, 0xEA, 0xB0, 0x5B, 0x52, 0x2D, 0x00, 0x10, 0x21, 0x31, 0x01, 0x00, 0x21, 0x32, 0x01, 0x00, 0x43, 0x33, 0xA8, 0xE0, 0x65, 0x4C, 0x23, 0x71, 0x4D, 0x22, 0xA3, 0x73, 0x00, 0x6B, 0xFA, 0x00, 0x40, 0x85, 0x30, 0x1F, 0x00, 0xB0, 0x17, 0xF0, 0x93, 0xF2, 0xE3, 0x5F, 0x20, 0xB5, 0x32, 0x00, 0x00, 0x38, 0x00, 0x78, 0x00, 0x36, 0x00, 0x34, 0xC0, 0xE0, 0xE1, 0x70, 0x02, 0x43, 0x4C, 0x41, 0x4E, 0xFF, 0xFE, 0x58, 0x14, 0x34, 0x21, 0x02, 0x34, 0x03, 0x33, 0x96, 0x70, 0x61, 0x74, 0x34, 0x31, 0x3C, 0x64, 0x3E, 0x34, 0x59, 0x28, 0x33, 0x73, 0xFF, 0xFF, 0x40, 0xFF, 0x34, 0x4C, 0x53, 0x63, 0x65, 0x6E, 0x65, 0x4F, 0x20, 0x75, 0x74, 0x23, 0xBA, 0x00, 0x47, 0x5F, 0x41, 0x5F, 0x60, 0x30, 0x23, 0xDB, 0xB0, 0x01, 0x70, 0x61, 0x69, 0x31, 0xF8, 0xCA, 0x24, 0x8D, 0x50, 0x3F, 0x03, 0x00, 0x30, 0x59, 0x20, 0x24, 0x9D, 0x6C, 0xA0, 0x24, 0xA1, 0xAC, 0x24, 0xA5, 0x50, 0x5F, 0x4E, 0x69, 0x6E, 0x0E, 0x4C, 0x6F, 0x67, 0x6F, 0xA0, 0x39, 0x34, 0xA4, 0x34, 0xC1, 0x43, 0x11, 0x4C, 0x56, 0x43, 0x74, 0x43, 0x00, 0x10, 0x02, 0x40, 0x8B, 0xE4, 0x40, 0x0B, 0xD0, 0x61, 0x24, 0x35, 0x7F, 0x43, 0x34, 0xF0, 0x4E, 0x5F, 0x0E, 0x52, 0x6F, 0x6F, 0x74, 0xD0, 0x82, 0x00, 0x70, 0x4B, 0x80, 0x57, 0x00, 0x61, 0x20, 0x20, 0x3B, 0x70, 0x3F, 0x49, 0x53, 0x42, 0x4E, 0xD0, 0xBF, 0xFE, 0x02, 0x70, 0x8B, 0x00, 0x70, 0x03, 0xB1, 0x5F, 0x35, 0x57, 0xB1, 0x5F, 0x25, 0x32, 0x81, 0x5F, 0x00, 0x35, 0x00, 0x1E, 0x45, 0xAC, 0x71, 0x5F, 0x42, 0x41, 0x5F, 0x42, 0x00, 0x41, 0x5F, 0x73, 0xE0, 0x80, 0x2D, 0x91, 0x5F, 0x24, 0xF6, 0x00, 0xA0, 0x01, 0xE1, 0x5F, 0x91, 0x13, 0x2F, 0x34, 0xC2, 0x02, 0xD1, 0x53, 0xC8, 0x20, 0xAE, 0x02, 0x11, 0x53, 0x00, 0x30, 0x7F, 0x00, 0xB1, 0x3F, 0xF7, 0x36, 0x8B, 0xB2, 0x9F, 0x31, 0xD5, 0x72, 0x9F, 0x65, 0x23, 0xD1, 0xB2, 0x9F, 0x32, 0x20, 0x15, 0x47, 0x5F, 0x43, 0x00, 0x42, 0x9F, 0xEC, 0x27, 0x2D, 0x0F, 0xE2, 0x9F, 0xE6, 0x31, 0x3F, 0x01, 0xF2, 0x9F, 0x92, 0x53, 0x12, 0xC3, 0x02, 0x32, 0x93, 0x92, 0xDF, 0x80, 0x5F, 0xBF, 0x92, 0x47, 0x60, 0x33, 0x5A, 0x47, 0xBC, 0x02, 0x51, 0x4B, 0x90, 0x8B, 0xF3, 0xDF, 0xDA, 0x37, 0xBF, 0x03, 0x33, 0xDF, 0x7C, 0x28, 0x07, 0x54, 0x1F, 0x0D, 0x43, 0xDF, 0x48, 0xAB, 0x28, 0x7D, 0xB0, 0x28, 0x81, 0xA4, 0x28, 0x6D, 0x24, 0x28, 0x68, 0x37, 0xAB, 0x05, 0x30, 0x03, 0x00, 0x00, 0xBC, 0x20, 0x03, 0x24, 0x28, 0x8B, 0x54, 0x88, 0x28, 0x53, 0xEC, 0x28, 0x74, 0xB0, 0x28, 0x43, 0x74, 0x0A, 0x0B, 0x00, 0x00, 0x78, 0x0B, 0x33, 0xBB, 0x57, 0x00, 0x04, 0x3B, 0x38, 0x12, 0xA5, 0x34, 0x2B, 0x44, 0x44, 0x97, 0x50, 0x41, 0x84, 0x0B, 0x02, 0xF3, 0xBF, 0xC5, 0x74, 0xBB, 0x01, 0x13, 0xE3, 0x50, 0x5F, 0x33, 0x00, 0x80, 0x67, 0xB8, 0x60, 0x67, 0xD6, 0x20, 0xAA, 0x44, 0xA7, 0x38, 0x29, 0x45, 0x68, 0x60, 0x6F, 0x94, 0x7B, 0xA0, 0x96, 0x28, 0xA5, 0xA0, 0x40, 0x28, 0xA1, 0xBE, 0x25, 0x19, 0x23, 0x96, 0xA0, 0x4C, 0xC0, 0x49, 0x59, 0x06, 0x02, 0x24, 0xDD, 0x90, 0x23, 0x33, 0x33, 0x02, 0xB3, 0x3F, 0xFC, 0x2D, 0xEC, 0xBC, 0x70, 0x0B, 0x0A, 0x32, 0xD7, 0x23, 0x20, 0x0B, 0x30, 0x2F, 0x80, 0x3F, 0x49, 0x89, 0x07, 0xF1, 0x01, 0xD0, 0x2F, 0xF5, 0x0B, 0xB0, 0x6B, 0x39, 0xEC, 0x40, 0x9D, 0x1C, 0x30, 0x97, 0xBF, 0x62, 0x2B, 0xCC, 0x20, 0x9F, 0x30, 0x9B, 0x70, 0xF3, 0x25, 0x63, 0xE5, 0x99, 0x71, 0x5B, 0x70, 0x50, 0xF1, 0x5B, 0x2A, 0x19, 0xD5, 0x67, 0x70, 0xC1, 0xCD, 0xCC, 0x53, 0xCC, 0x20, 0xEB, 0x20, 0x24, 0x82, 0xF8, 0xC1, 0x00, 0x31, 0x67, 0x00, 0x15, 0x97, 0xE6, 0x30, 0x7F, 0x30, 0x2F, 0x71, 0x73, 0x44, 0x73, 0xF6, 0x18, 0x01, 0x90, 0x7F, 0x3C, 0x51, 0xC2, 0x20, 0x7F, 0x3E, 0x02, 0xD0, 0x7F, 0x52, 0x65, 0x64, 0x01, 0x70, 0xFF, 0xC2, 0xC1, 0xEB, 0x46, 0x1F, 0xC2, 0xB7, 0x6D, 0xDB, 0x20, 0x7F, 0x8C, 0xBA, 0x25, 0x82, 0x20, 0x00, 0x40, 0xFF, 0x91, 0xF7, 0xB6, 0xFB, 0x5C, 0x85, 0x03, 0x00, 0x20, 0x00, 0xB4, 0x35, 0xBE, 0x00, 0x92, 0x24, 0xE9, 0xC0, 0xAD, 0x60, 0x8B, 0x31, 0x00, 0x32, 0xE7, 0x5C, 0x00, 0x22, 0xE7, 0x92, 0x53, 0xF0, 0x2B, 0x1D, 0x7F, 0x20, 0x25, 0x97, 0x90, 0x0B, 0x50, 0x97, 0x35, 0x6B, 0x00, 0x50, 0x97, 0x97, 0x2F, 0x30, 0x3B, 0xAF, 0x77, 0xE4, 0xAA, 0xF1, 0x17, 0x32, 0x02, 0x13, 0x73, 0x32, 0xF7, 0x50, 0x8B, 0x00, 0x97, 0x57, 0xF9, 0x33, 0x1B, 0x58, 0x58, 0x00, 0x31, 0x7F, 0x3C, 0x70, 0x57, 0xE3, 0x54, 0x53, 0x2C, 0x4A, 0xB7, 0x48, 0x53, 0x4C, 0x38, 0x6B, 0x2C, 0xB9, 0x94, 0x63, 0x8B, 0x3C, 0x67, 0x3C, 0xB1, 0x61, 0x24, 0x4C, 0xB5, 0x00, 0x01, 0x97, 0xC0, 0x39, 0x8E, 0xE3, 0x28, 0x96, 0xE8, 0x51, 0x5B, 0x5C, 0xDD, 0x01, 0x20, 0x23, 0x03, 0xF8, 0x47, 0x40, 0x41, 0x9E, 0x11, 0x15, 0x8D, 0xBD, 0x31, 0xA3, 0x9A, 0x99, 0xB9, 0x23, 0xD7, 0xAA, 0x2D, 0x3A, 0x04, 0x01, 0x10, 0x23, 0x01, 0x01, 0x20, 0x8F, 0x01, 0x01, 0x20, 0x8F, 0x01, 0xAD, 0x00, 0x10, 0x8F, 0xC1, 0x20, 0x8F, 0x3D, 0x60, 0x8F, 0x44, 0x5B, 0x01, 0x00, 0x10, 0x8F, 0x82, 0x00, 0x00, 0x23, 0x50, 0x5F, 0x42, 0x6C, 0x6B, 0x03, 0xE1, 0x63, 0x9A, 0x03, 0x99, 0x19, 0xC0, 0x0E, 0x74, 0xDA, 0x00, 0xC1, 0x63, 0x00, 0x40, 0x23, 0xFE, 0x04, 0x61, 0x63, 0x00, 0x30, 0x8F, 0xF1, 0x63, 0x00, 0x40, 0x23, 0x03, 0x81, 0x63, 0x00, 0x13, 0xBB, 0x00, 0x32, 0xC7, 0x58, 0xAB, 0x2F, 0x7D, 0x88, 0x66, 0x4F, 0xE8, 0x2F, 0x89, 0x18, 0x2F, 0x75, 0x3F, 0x4F, 0x7D, 0x78, 0x62, 0xC7, 0xE3, 0xD3, 0x56, 0x3F, 0x60, 0x0B, 0x52, 0xD3, 0xF0, 0xC2, 0xD3, 0xEE, 0x01, 0xC0, 0x2F, 0x22, 0xDF, 0xD4, 0x33, 0x40, 0x68, 0x3F, 0x50, 0x0B, 0x52, 0xEB, 0xF0, 0xFF, 0xC2, 0xEB, 0x01, 0xB0, 0x2F, 0x32, 0xF7, 0x01, 0xB0, 0xBF, 0x33, 0x03, 0x01, 0xC0, 0x2F, 0x00, 0x10, 0xBF, 0x46, 0x73, 0xFF, 0x70, 0x0B, 0x53, 0x1B, 0x40, 0xBF, 0x83, 0x1B, 0x01, 0xB0, 0x2F, 0x63, 0x27, 0x03, 0xC1, 0xC3, 0x33, 0x27, 0xFF, 0x75, 0x97, 0x93, 0x33, 0x00, 0x91, 0xC3, 0x01, 0x00, 0x2F, 0x05, 0xE1, 0xC3, 0x00, 0xF0, 0xBF, 0xF1, 0xC3, 0x01, 0x00, 0x2F, 0xFF, 0x05, 0x01, 0xC3, 0x00, 0x16, 0xB7, 0x00, 0x36, 0x4F, 0x35, 0xCC, 0x33, 0x8B, 0x36, 0x53, 0x33, 0x8F, 0x3D, 0x0F, 0xBF, 0x39, 0xE3, 0xD0, 0x6A, 0x5D, 0xE6, 0xCF, 0x59, 0xC7, 0x26, 0x43, 0x00, 0x40, 0x17, 0x26, 0x37, 0xFF, 0xD6, 0xFF, 0x63, 0x57, 0x26, 0x2B, 0x00, 0x30, 0x17, 0x36, 0x1F, 0x00, 0x30, 0x5F, 0x36, 0x13, 0x00, 0x40, 0x17, 0xFF, 0x00, 0x10, 0x5F, 0x49, 0x6B, 0x35, 0xFB, 0x00, 0x30, 0x17, 0x65, 0xEF, 0x03, 0xC1, 0x03, 0x82, 0xC7, 0xE1, 0x03, 0xFE, 0x82, 0xDF, 0x02, 0xE1, 0x03, 0x73, 0x27, 0xF1, 0x03, 0x80, 0x17, 0x01, 0xE1, 0x03, 0x00, 0xFF, 0x5F, 0x54, 0xDD, 0xEC, 0xDF, 0x02, 0x7F, 0x5F, 0x04, 0x2F, 0xF4, 0x5F, 0x8D, 0xDC, 0xDF, 0x50, 0x2F, 0xBF, 0x55, 0xB8, 0x2F, 0xC3, 0x20, 0x2F, 0xC4, 0xA0, 0x2F, 0xC8, 0x2C, 0x2C, 0xE3, 0x54, 0xAC, 0x2C, 0xE7, 0x10, 0x2C, 0xDF, 0x74, 0x2C, 0xDF, 0xD8, 0x07, 0xBF, 0x2D, 0x17, 0x09, 0x2F, 0x87, 0x2C, 0xE3, 0x02, 0x9C, 0xDF, 0x3F, 0x4B, 0x00, 0xFC, 0xDF, 0x9F, 0x6F, 0xAF, 0x00, 0xBC, 0xDF, 0x7C, 0xEC, 0xDF, 0x2C, 0x6D, 0x5B, 0xDD, 0x4F, 0x4C, 0xE3, 0x8C, 0xD3, 0xFF, 0xD0, 0x17, 0x9C, 0xBB, 0x00, 0x30, 0x17, 0x00, 0x9F, 0xCF, 0x3F, 0xFF, 0x01, 0x1C, 0x8B, 0x00, 0x0D, 0xE7, 0xC3, 0xA3, 0x7E, 0xA0, 0x2C, 0x7B, 0x00, 0x5C, 0x7F, 0xD0, 0x23, 0x01, 0x1C, 0x73, 0x03, 0xD0, 0x67, 0x02, 0x7C, 0x5B, 0x70, 0xDF, 0x2B, 0xCB, 0x7C, 0x5B, 0x20, 0x3B, 0xDB, 0x00, 0xED, 0x5B, 0x3E, 0x67, 0x7F, 0xC7, 0x5B, 0xCF, 0xDF, 0x00, 0xFC, 0x4F, 0x00, 0xDC, 0xDB, 0xF0, 0x2D, 0xCB, 0x80, 0x7F, 0x01, 0x2C, 0xDB, 0x30, 0x2F, 0x7F, 0xFB, 0x7F, 0xC8, 0x2F, 0x03, 0x7C, 0xDB, 0x5B, 0xE7, 0xAC, 0xDB, 0x00, 0x4C, 0x4F, 0x03, 0x3D, 0x67, 0x00, 0x1E, 0x67, 0xFF, 0xDD, 0x67, 0x04, 0x1C, 0x67, 0x41, 0xA3, 0x79, 0x93, 0x9D, 0x43, 0xCC, 0x67, 0x00, 0x60, 0x23, 0xCC, 0x67, 0xFF, 0x31, 0xEB, 0x89, 0x7B, 0x28, 0x2F, 0x00, 0x3C, 0x67, 0x00, 0x50, 0x23, 0xDC, 0x67, 0x00, 0x50, 0x8F, 0xDC, 0x67, 0xFE, 0x00, 0x60, 0x23, 0x00, 0x10, 0x8F, 0x79, 0x4B, 0x30, 0x8F, 0x00, 0x2C, 0x67, 0x00, 0x50, 0x23, 0x04, 0x1C, 0x67, 0x70, 0x7F, 0xC2, 0xA9, 0x33, 0x00, 0x81, 0x63, 0x00, 0x40, 0x23, 0x04, 0x61, 0x63, 0x00, 0x30, 0x8F, 0xF1, 0x63, 0x00, 0x40, 0x23, 0xFF, 0x03, 0x81, 0x63, 0x01, 0x5C, 0x67, 0x01, 0x9F, 0x2F, 0x43, 0xEB, 0x6F, 0x2F, 0x9F, 0x97, 0xDF, 0x2F, 0x00, 0x60, 0x23, 0xFF, 0xCF, 0x2F, 0x34, 0x33, 0x7F, 0x2F, 0x38, 0x2F, 0x00, 0x3F, 0x2F, 0x00, 0x50, 0x23, 0xDF, 0x2F, 0x00, 0x50, 0x8F, 0xFF, 0xDF, 0x2F, 0x00, 0x60, 0x23, 0x00, 0x10, 0x8F, 0x6F, 0x2F, 0x40, 0x8F, 0x00, 0x2F, 0x2F, 0x00, 0x50, 0x23, 0x01, 0x7C, 0x07, 0xFF, 0x01, 0xB1, 0x63, 0x9F, 0x2F, 0x00, 0x91, 0x63, 0x00, 0x40, 0x23, 0x04, 0x61, 0x63, 0x00, 0x30, 0x8F, 0xF1, 0x63, 0x00, 0x40, 0x23, 0xFF, 0x03, 0x81, 0x63, 0x01, 0x5B, 0xA7, 0x01, 0x95, 0x8F, 0x46, 0x27, 0x6F, 0x23, 0x9F, 0xDF, 0xD5, 0x8F, 0x00, 0x60, 0x23, 0xFF, 0xC5, 0x8F, 0x4F, 0xDF, 0x6F, 0x0B, 0x4F, 0xDF, 0x00, 0x25, 0x8F, 0x00, 0x50, 0x23, 0xD5, 0x8F, 0x00, 0x50, 0x8F, 0xFF, 0xD5, 0x8F, 0x00, 0x60, 0x23, 0x00, 0x10, 0x8F, 0x6E, 0xDB, 0x40, 0x8F, 0x00, 0x25, 0x8F, 0x00, 0x50, 0x23, 0x01, 0x7C, 0x07, 0xFF, 0x01, 0xB1, 0x63, 0x9E, 0xC3, 0x00, 0x91, 0x63, 0x00, 0x40, 0x23, 0x04, 0x61, 0x63, 0x00, 0x30, 0x8F, 0xF1, 0x63, 0x00, 0x40, 0x23, 0xDE, 0x03, 0x61, 0x63, 0x00, 0x7C, 0x5F, 0x4C, 0x2C, 0x5C, 0xBC, 0x5F, 0x3E, 0x51, 0x7C, 0x5F, 0x65, 0x31, 0x00, 0x73, 0xCC, 0x5F, 0x3B, 0x9C, 0x47, 0x5F, 0x43, 0x00, 0x4C, 0x5F, 0x5E, 0xFC, 0x2E, 0xBB, 0x0F, 0x5B, 0x58, 0x4C, 0x5F, 0x3C, 0x82, 0x3B, 0xAB, 0xBC, 0xAA, 0x2F, 0xFF, 0xFC, 0x2F, 0xF8, 0x3C, 0x2E, 0xDB, 0x7C, 0x2E, 0xDF, 0xBC, 0xF9, 0x2E, 0xE3, 0x00, 0x3C, 0x47, 0x3E, 0xC7, 0x5E, 0xFB, 0x00, 0x7A, 0x3B, 0x80, 0xBF, 0x9A, 0x3B, 0x7B, 0x60, 0x88, 0xC7, 0x00, 0x3C, 0x2B, 0x00, 0x70, 0x4B, 0x9F, 0x2B, 0xCA, 0x2A, 0xB7, 0x00, 0x9B, 0xCB, 0xBE, 0x01, 0x10, 0x3F, 0xF2, 0xA0, 0x3F, 0x00, 0x1B, 0xA3, 0x01, 0xD0, 0x3F, 0x00, 0x29, 0xEF, 0x01, 0x00, 0xBF, 0x8E, 0xF7, 0x2B, 0x77, 0x70, 0xFF, 0x00, 0x27, 0x67, 0x01, 0x00, 0xFF, 0x24, 0xF0, 0x3F, 0xDF, 0x83, 0x01, 0x01, 0x3F, 0x65, 0x30, 0x00, 0x8E, 0xBB, 0x5E, 0xBF, 0x59, 0x54, 0x7E, 0xBF, 0x94, 0x2F, 0xF4, 0x86, 0x3E, 0x1F, 0x6C, 0x79, 0x74, 0x31, 0x3E, 0xD1, 0x4A, 0x9E, 0x00, 0x40, 0xA0, 0x2D, 0xE7, 0x70, 0x43, 0x74, 0x78, 0x6C, 0x31, 0xD8, 0x3F, 0xDF, 0x3F, 0xBF, 0x04, 0x2F, 0xFF, 0x2D, 0x55, 0x74, 0x65, 0x6E, 0x00, 0x64, 0x6F, 0x5F, 0x31, 0x32, 0x38, 0x78, 0x36, 0x01, 0x34, 0x2E, 0x62, 0x63, 0x6C, 0x69, 0x6D, 0x2F, 0xFF, 0x0C, 0x66, 0x6E, 0x6C, 0x31, 0x3E, 0x63, 0x70, 0x27, 0x63, 0x62, 0x04, 0x66, 0x5F, 0x73, 0x74, 0x64, 0x20, 0x1F, 0x66, 0x6E, 0x5B, 0x74, 0x2F, 0xFB, 0x6D, 0x2F, 0x1B, 0x3B, 0xE4, 0x0D, 0x35, 0x11, 0x2F, 0xFC, 0x56, 0x90, 0x2F, 0xFF, 0xC4, 0x2F, 0xFB, 0xF8, 0x3E, 0x1F, 0x2F, 0xEC, 0x60, 0xAD, 0x2F, 0xF0, 0x94, 0x2F, 0xF4, 0xC8, 0x2F, 0xF8, 0x32, 0xA7, 0x30, 0x2F, 0x50, 0x56, 0x64, 0x2F, 0x54, 0x98, 0x2F, 0x58, 0xCC, 0x2F, 0x5C, 0x4D, 0xCF, 0x4C, 0x11, 0x6F, 0x67, 0x6F, 0xAF, 0x39, 0xFF, 0xFF, 0xFF, 0x30, 0x03, 0xBE, 0x00, 0x40, 0x02, 0x15, 0x5A, 0xF8, 0x30, 0xB2, 0xAF, 0xC2, 0x3E, 0x57, 0x5E, 0x5B, 0x54, 0x0E, 0x69, 0x74, 0x6C, 0x65, 0x00, 0x2F, 0xDC, 0x00, 0x70, 0x4F, 0x3F, 0xFF, 0x48, 0x08, 0x65, 0x61, 0x74, 0x68, 0x01, 0xE0, 0x33, 0x50, 0x75, 0x62, 0x02, 0x6C, 0x69, 0x73, 0x68, 0x65, 0x72, 0x01, 0xA0, 0x67, 0x49, 0x18, 0x53, 0x42, 0x4E, 0x00, 0x31, 0xBB, 0x00, 0xF0, 0x33, 0x5F, 0x4E, 0x75, 0xC0, 0x31, 0x8A, 0x01, 0x80, 0xCF, 0x43, 0x6F, 0x6E, 0x74, 0x72, 0x61, 0x78, 0x63, 0x31, 0x9E, 0x02, 0x00, 0x33, 0xF0, 0x6B, 0x00, 0xB1, 0x37, 0x4E, 0x65, 0x77, 0x66, 0x73, 0x21, 0x07, 0x01, 0xC1, 0x6B, 0x4C, 0x53, 0x9A, 0x3E, 0x01, 0xE0, 0x67, 0x5F, 0x6A, 0x4C, 0xE1, 0x08, 0x00, 0xB1, 0xD3, 0x52, 0x02, 0xA0, 0x67, 0x52, 0x01, 0xA0, 0x67, 0x70, 0x10, 0x61, 0x6E, 0x31, 0x3E, 0x0F, 0x01, 0x04, 0xFF, 0x00, 0x01, 0x52, 0x6F, 0x6F, 0x74, 0x50, 0x61, 0x6E, 0x00, 0x32, 0x7E, 0xE1, 0x00, 0x63, 0xB2, 0x72, 0xB7, 0x53, 0x93, 0x70, 0x61, 0x73, 0x31, 0x3E, 0x63, 0xA7, 0x70, 0x53, 0x03, 0x20, 0x53, 0x4E, 0x5F, 0x30, 0x55, 0x00, 0x05, 0xF6, 0x01, 0x20, 0x53, 0xA1, 0x4F, 0x93, 0x42, 0x80, 0x53, 0x69, 0x63, 0x31, 0x80, 0x3E, 0x56, 0x3F, 0x07, 0xFF, 0x00, 0x43, 0x73, 0x73, 0x48, 0x2F, 0xD7, 0x84, 0xDF, 0x00, 0x23, 0x5F, 0x2F, 0xB3, 0x3C, 0x80, 0x42, 0x00, 0x13, 0x43, 0x54, 0x59, 0x93, 0x8B, 0xF3, 0x97, 0x80, 0x3F, 0xBE, 0x71, 0x27, 0x07, 0x40, 0xD3, 0x00, 0x73, 0x09, 0x30, 0x7F, 0x40, 0x03, 0x00, 0x61, 0x27, 0x96, 0xA0, 0x2F, 0xA7, 0xC8, 0x80, 0xD3, 0x74, 0x78, 0x74, 0x31, 0x84, 0xEC, 0x61, 0x7B, 0x00, 0x73, 0xF7, 0x5F, 0xEE, 0xC4, 0x00, 0x22, 0x74, 0x54, 0x33, 0xCE, 0xCC, 0x41, 0xF4, 0x2F, 0xFF, 0xCC, 0x41, 0x0E, 0x00, 0x0E, 0x85, 0x0B, 0xD4, 0x34, 0xD7, 0x94, 0x1F, 0xAA, 0x2F, 0xB7, 0xCC, 0x8F, 0xBB, 0x65, 0x50, 0x00, 0xB7, 0x5E, 0x38, 0x6E, 0x0F, 0x62, 0xE0, 0x5F, 0x3F, 0x4A, 0x54, 0x3F, 0xF6, 0x30, 0x83, 0x37, 0x63, 0x31, 0xFF, 0x00, 0x74, 0x47, 0x5F, 0xF7, 0x44, 0x38, 0x00, 0x80, 0x83, 0x67, 0x66, 0x68, 0x27, 0xDE, 0x9C, 0x42, 0x1A, 0x88, 0x00, 0x88, 0x4F, 0xF3, 0x00, 0x10, 0x83, 0x8C, 0x2F, 0xAB, 0xA8, 0x80, 0x7F, 0xAF, 0xC0, 0xB5, 0x62, 0x36, 0x52, 0x0D, 0x4E, 0x2C, 0x6F, 0x82, 0x30, 0x87, 0x20, 0x25, 0xE1, 0x30, 0x03, 0xD2, 0x62, 0x02, 0xDD, 0x7E, 0xD7, 0x76, 0x48, 0x72, 0x30, 0x9B, 0x0A, 0x00, 0x00, 0xE8, 0x6C, 0x0F, 0x61, 0xEA, 0x81, 0x11, 0x08, 0x62, 0xDD, 0x4F, 0xA4, 0x80, 0x21, 0x28, 0x8C, 0x32, 0x00, 0x96, 0xD7, 0x53, 0x97, 0x9A, 0x0A, 0x4E, 0x53, 0x02, 0x5F, 0x0A, 0x00, 0x02, 0x90, 0xA6, 0x40, 0xC7, 0xCA, 0x10, 0x76, 0x11, 0x81, 0x70, 0x43, 0x89, 0x6C, 0xF7, 0x8F, 0x80, 0x30, 0xDB, 0x24, 0x4F, 0xAB, 0x8E, 0x0A, 0x00, 0x08, 0x00, 0x54, 0x06, 0x74, 0x89, 0x5B, 0x92, 0x63, 0xF6, 0x10, 0x65, 0xF4, 0x95, 0x70, 0x65, 0xAB, 0x4E, 0xD7, 0x53, 0x8F, 0x31, 0x01, 0x1F, 0x75, 0x3B, 0x26, 0x1C, 0x31, 0x7F, 0x3F, 0x9F, 0x32, 0xFB, 0xD8, 0x00, 0x75, 0x0F, 0x52, 0x53, 0xA0, 0x00, 0x09, 0x07, 0x75, 0xB3, 0x02, 0x00, 0x7C, 0x9C, 0x28, 0xDA, 0xA8, 0x41, 0x30, 0xC7, 0x26, 0x46, 0x00, 0xF0, 0xFB, 0x00, 0x5F, 0x00, 0x6C, 0xCF, 0x82, 0xE4, 0x51, 0xF0, 0x51, 0x35, 0x00, 0x75, 0x50, 0x5B, 0xF3, 0x97, 0xCF, 0x50, 0xFA, 0x00, 0x51, 0x48, 0x72, 0x3E, 0x79, 0x09, 0x67, 0x50, 0x06, 0x96, 0x6C, 0x51, 0xF8, 0x53, 0x52, 0x13, 0x32, 0xE7, 0x01, 0x22, 0x00, 0xFF, 0x00, 0x85, 0x6F, 0x00, 0x00, 0xBE, 0x2F, 0xEB, 0x70, 0xD0, 0x00, 0x27, 0x47, 0x76, 0x47, 0x14, 0x2E, 0xE3, 0x9C, 0x41, 0x0A, 0x00, 0x75, 0x0A, 0x47, 0x1B, 0x41, 0xE7, 0xC2, 0x13, 0x82, 0x2F, 0xD7, 0x9C, 0x8F, 0xDB, 0x03, 0x49, 0x00, 0x53, 0x00, 0x42, 0x00, 0x55, 0xDA, 0x32, 0x93, 0x62, 0x98, 0xA0, 0x7F, 0x00, 0x35, 0xBB, 0x00, 0x00, 0x58, 0x00, 0xE0, 0x7F, 0x34, 0x81, 0x32, 0x0F, 0x41, 0x24, 0x00, 0x24, 0x00, 0x05, 0x01, 0x20, 0x7F, 0x5F, 0x30, 0x40, 0x01, 0x2D, 0x60, 0x03, 0x70, 0x01, 0x70, 0x0B, 0x30, 0x17, 0xA3, 0x2B, 0xC5, 0x21, 0x17, 0x00, 0x76, 0x1F, 0x00, 0x00, 0xC2, 0x29, 0x9B, 0x04, 0x00, 0xA3, 0xFF, 0x68, 0xBE, 0x41, 0x17, 0x33, 0x2B, 0x06, 0x01, 0x21, 0x17, 0x08, 0x54, 0x0C, 0x00, 0x54, 0x7B, 0x76, 0xB0, 0x8B, 0xF7, 0x53, 0x1A, 0xFB, 0x47, 0x67, 0x33, 0xAF, 0x38, 0x1F, 0xB0, 0x83, 0x00, 0x16, 0xDB, 0xE0, 0x2F, 0x83, 0x00, 0xB0, 0x83, 0x47, 0x0C, 0x41, 0x1B, 0x1A, 0x00, 0x1A, 0x2A, 0xED, 0x01, 0xB1, 0x1B, 0xD1, 0x15, 0xF5, 0x73, 0xBB, 0x72, 0x2B, 0x00, 0x76, 0xCB, 0x51, 0x13, 0x4C, 0x00, 0xA5, 0x13, 0x80, 0x82, 0x2B, 0xC0, 0x3F, 0xF3, 0x00, 0xF2, 0x2B, 0xB0, 0x65, 0xFA, 0x51, 0xA1, 0x5B, 0x2F, 0x57, 0x5B, 0x74, 0x3B, 0x78, 0x62, 0xAB, 0x00, 0x77, 0x17, 0x21, 0x0F, 0x2F, 0xCF, 0x6B, 0x4A, 0x00, 0xB5, 0x93, 0x42, 0x8B, 0x04, 0x29, 0xC5, 0x09, 0x01, 0x22, 0xAB, 0x30, 0x78, 0xFE, 0x00, 0x20, 0xF7, 0x00, 0x07, 0x5B, 0x20, 0xA9, 0x2F, 0xB7, 0x00, 0xB0, 0xF7, 0x36, 0x5F, 0x53, 0x23, 0x0A, 0xFE, 0x01, 0x82, 0xA3, 0x91, 0x77, 0x70, 0xF7, 0x00, 0x77, 0xA7, 0x2A, 0xB5, 0x2C, 0x67, 0x01, 0x50, 0xF7, 0x0B, 0xBE, 0x01, 0x23, 0xA3, 0x5D, 0x00, 0x60, 0xF7, 0xF7, 0xEB, 0x21, 0xA1, 0x2C, 0xDF, 0x00, 0xB1, 0xEF, 0xA0, 0xBA, 0x44, 0x1B, 0x0C, 0x2F, 0xE5, 0x7F, 0xE7, 0x01, 0x30, 0xF7, 0xF7, 0x24, 0x9B, 0x70, 0x30, 0x61, 0x65, 0x67, 0xDF, 0xD0, 0x07, 0x67, 0x72, 0x70, 0x31, 0xC3, 0x3F, 0x6F, 0x38, 0x3F, 0x47, 0x72, 0x6F, 0x75, 0x3F, 0x67, 0x7F, 0xFA, 0x38, 0x67, 0x72, 0x58, 0x13, 0x30, 0x23, 0x3F, 0x83, 0x47, 0x5F, 0x41, 0xFE, 0xCE, 0x03, 0x35, 0x33, 0xF8, 0x23, 0xFB, 0x53, 0xF7, 0x6F, 0x30, 0x6F, 0x3E, 0x6F, 0x47, 0x3B, 0x5F, 0x42, 0xCE, 0x4F, 0x3F, 0xC3, 0x01, 0x30, 0x3B, 0x2C, 0x00, 0x2E, 0x8B, 0x3E, 0xAB, 0x98, 0xF8, 0xAB, 0x67, 0x72, 0x50, 0xEF, 0x00, 0x7C, 0x9F, 0x3C, 0x10, 0x00, 0x2F, 0x00, 0x22, 0x00, 0x0C, 0x9F, 0xC8, 0x8C, 0x9F, 0x36, 0x5B, 0x33, 0xE3, 0x3F, 0x13, 0x57, 0x2D, 0x2F, 0xFC, 0x3E, 0x2F, 0xFF, 0x4F, 0x3E, 0x81, 0x3C, 0xD3, 0x2F, 0xFF, 0x8E, 0x33, 0x3B, 0x33, 0x64, 0x73, 0x6C, 0x3D, 0x6C, 0xB2, 0x80, 0x10, 0x31, 0xA9, 0xF0, 0x10, 0x32, 0xF0, 0x21, 0x33, 0x6C, 0xE5, 0x4C, 0x54, 0x90, 0x3E, 0xC0, 0x30, 0x0B, 0x70, 0x39, 0x4C, 0x54, 0x4D, 0x61, 0x73, 0x6B, 0xDA, 0x90, 0x5A, 0x3C, 0xEB, 0xA8, 0x24, 0xF8, 0x32, 0x6F, 0x38, 0x2F, 0xFC, 0x88, 0xD5, 0x34, 0xE3, 0x2F, 0xA4, 0x88, 0x2F, 0xA8, 0x08, 0x2F, 0xCB, 0x88, 0x2F, 0xCF, 0x55, 0x4C, 0x2D, 0x0B, 0xE8, 0x2D, 0x0F, 0xAC, 0x2D, 0x54, 0x48, 0x25, 0xBC, 0x6D, 0x0C, 0x25, 0x28, 0x00, 0x3F, 0x27, 0xAA, 0x00, 0xAC, 0x93, 0x3C, 0xE3, 0x02, 0x00, 0xAC, 0xE3, 0xDB, 0x00, 0x3F, 0x37, 0x00, 0xBD, 0x33, 0xD5, 0x45, 0xAC, 0x00, 0x9D, 0x33, 0x40, 0x2E, 0x00, 0x30, 0x03, 0x46, 0x11, 0x39, 0x53, 0x06, 0x00, 0x04, 0x30, 0x03, 0x30, 0x0B, 0x65, 0x1C, 0x06, 0x00, 0x01, 0x30, 0x03, 0x30, 0x17, 0x75, 0x6B, 0x01, 0x04, 0x4D, 0x05, 0x2F, 0xF7, 0x4F, 0x5F, 0x31, 0x32, 0x01, 0xB0, 0x7F, 0x01, 0x03, 0xE0, 0x7F, 0xC9, 0xD2, 0xB9, 0x29, 0x21, 0x8C, 0x8C, 0x05, 0xA0, 0x7F, 0x44, 0x73, 0xFB, 0x91, 0xA3, 0x00, 0xF1, 0x7F, 0x03, 0x03, 0xC1, 0x7F, 0x52, 0x65, 0x64, 0x00, 0x2C, 0x12, 0x2E, 0xCC, 0x4E, 0x40, 0x00, 0x2F, 0x37, 0x80, 0x3F, 0x27, 0x28, 0x26, 0x1F, 0x2F, 0x34, 0x04, 0x00, 0x04, 0x06, 0x00, 0x06, 0x06, 0x73, 0x09, 0xED, 0x61, 0xBE, 0x30, 0x03, 0x3F, 0x6F, 0x3A, 0x57, 0xDE, 0x40, 0x30, 0x03, 0xB8, 0xE0, 0x13, 0xC0, 0x30, 0x03, 0x00, 0x7F, 0x63, 0x73, 0xF0, 0x10, 0x04, 0x00, 0x05, 0x01, 0x10, 0x04, 0x10, 0x02, 0xA2, 0x37, 0x46, 0xF2, 0x37, 0x06, 0x26, 0x06, 0x02, 0x05, 0x66, 0x28, 0x2C, 0x00, 0x12, 0x43, 0x42, 0x65, 0x6C, 0x33, 0x5A, 0x01, 0x6F, 0xAA, 0x80, 0xEA, 0x28, 0x70, 0x05, 0x2F, 0xF7, 0x87, 0x30, 0x03, 0x30, 0x8E, 0xE3, 0xBE, 0x30, 0x03, 0xB0, 0xBF, 0xE0, 0x13, 0xDA, 0xC0, 0xBF, 0x50, 0xA7, 0x00, 0x00, 0xC0, 0xA7, 0x00, 0x21, 0x5F, 0x31, 0x02, 0x71, 0x5F, 0x2F, 0x18, 0xA1, 0xBD, 0xBF, 0x30, 0x03, 0x3F, 0xF3, 0xCE, 0x95, 0x17, 0x6F, 0x41, 0x30, 0x03, 0xE0, 0x13, 0xC1, 0x30, 0x03, 0x05, 0x21, 0x5F, 0x00, 0x00, 0xC3, 0x01, 0x31, 0x5F, 0x0F, 0x61, 0x0B, 0xB6, 0xBF, 0x30, 0x03, 0xB0, 0xBF, 0xE0, 0x13, 0xC0, 0xBF, 0xBF, 0x02, 0x61, 0x5F, 0x32, 0x02, 0x72, 0xBF, 0x2E, 0xDB, 0x2C, 0x4F, 0x30, 0x03, 0x44, 0xBD, 0x2D, 0x9F, 0xFE, 0x30, 0x03, 0xC0, 0x13, 0x2B, 0xDB, 0x30, 0x03, 0x05, 0x02, 0xBF, 0x00, 0x00, 0xC3, 0x01, 0x32, 0xBF, 0x9A, 0x1F, 0x99, 0x19, 0xC0, 0x30, 0x03, 0xB0, 0xBF, 0xE0, 0x13, 0xC0, 0xBF, 0x01, 0xF2, 0xBF, 0xE3, 0x7F, 0x6B, 0x3F, 0x17, 0x38, 0x53, 0x50, 0x61, 0x6E, 0x00, 0x9F, 0x1A, 0x00, 0x8F, 0xEB, 0xEB, 0x57, 0x87, 0x7F, 0x6B, 0x7F, 0xBF, 0x03, 0x4F, 0xBF, 0x57, 0x00, 0x53, 0xB9, 0x01, 0x0F, 0xBF, 0xE1, 0x2D, 0x26, 0x20, 0x03, 0x80, 0x53, 0x69, 0x63, 0x31, 0xA0, 0x4F, 0xBF, 0x63, 0xF5, 0x00, 0x84, 0xD3, 0x70, 0x53, 0x46, 0x31, 0x32, 0x00, 0x63, 0x2F, 0x58, 0x2F, 0xA0, 0xF7, 0x4B, 0x05, 0x4F, 0x49, 0x00, 0x00, 0xCD, 0xCC, 0x4C, 0x9F, 0x28, 0x36, 0x80, 0x3F, 0x50, 0x07, 0x40, 0x0F, 0x4F, 0xF7, 0x50, 0x07, 0x8F, 0xAC, 0x7F, 0x40, 0xE0, 0x0B, 0x40, 0x03, 0xB0, 0xA7, 0x4E, 0x53, 0x3E, 0xE7, 0x00, 0x94, 0xB7, 0x60, 0xFB, 0x7D, 0x20, 0x01, 0xC0, 0xA7, 0x27, 0x62, 0x01, 0x00, 0xA7, 0x8A, 0x37, 0x81, 0x2F, 0x91, 0x00, 0x84, 0xA3, 0x8B, 0x71, 0x83, 0x10, 0xF4, 0xBF, 0x01, 0xC1, 0x2F, 0x07, 0x04, 0xD1, 0x2F, 0x00, 0x80, 0xA7, 0xBF, 0x01, 0xF1, 0x2F, 0x08, 0x02, 0x41, 0x2F, 0x3B, 0x13, 0x00, 0x54, 0x73, 0xA1, 0xB7, 0xEE, 0xF7, 0x00, 0xD2, 0x5F, 0x77, 0x09, 0x04, 0xD2, 0x5F, 0x00, 0xB0, 0xA7, 0x01, 0xC3, 0x07, 0x0A, 0x01, 0xE2, 0x5F, 0x92, 0xE7, 0x00, 0x1A, 0xB3, 0xAE, 0xD3, 0xE7, 0xA0, 0x00, 0x68, 0x1F, 0x10, 0x43, 0xE3, 0xFA, 0xDB, 0x5C, 0x21, 0x50, 0x8F, 0x43, 0x83, 0x00, 0x00, 0x44, 0x68, 0x47, 0x30, 0x0F, 0x3F, 0xD7, 0x30, 0x0F, 0x27, 0x80, 0x3F, 0x73, 0x67, 0x03, 0x05, 0x33, 0x67, 0x00, 0x1A, 0xE3, 0x5F, 0xEE, 0x7B, 0xF8, 0x37, 0x37, 0x00, 0xA0, 0x7F, 0x3F, 0x8F, 0x00, 0x10, 0x7F, 0x01, 0x6C, 0x5D, 0x9F, 0xBB, 0xEE, 0x00, 0x0F, 0xC7, 0x23, 0x67, 0xE3, 0xEF, 0x07, 0x33, 0xEF, 0x00, 0x1A, 0xEB, 0x01, 0x94, 0xEB, 0x80, 0x5B, 0x41, 0xFB, 0xE3, 0x02, 0x01, 0x30, 0x87, 0x74, 0x6F, 0x01, 0x50, 0x7F, 0xFA, 0xEB, 0xBD, 0x02, 0xB0, 0x7F, 0x03, 0x81, 0x07, 0x90, 0xF7, 0xF1, 0x17, 0x00, 0x02, 0x0F, 0x03, 0x34, 0xF7, 0xDF, 0x00, 0x1A, 0xF3, 0x01, 0x51, 0x8F, 0x00, 0x2D, 0xCF, 0x00, 0x12, 0x0F, 0x2A, 0x3A, 0x01, 0x21, 0x8F, 0x02, 0x5F, 0x27, 0x7F, 0xDC, 0x00, 0x2F, 0x27, 0x3F, 0xAB, 0xF6, 0xB7, 0xFD, 0x97, 0xFD, 0x57, 0xFC, 0xE7, 0xFC, 0x77, 0xFF, 0xFC, 0x07, 0xFB, 0x97, 0xFA, 0xE3, 0xFA, 0x57, 0xF9, 0xA3, 0xF9, 0x17, 0xF8, 0x63, 0x3F, 0xB7, 0x75, 0xCC, 0x00, 0x2F, 0xB7, 0x3E, 0x8F, 0x0A, 0x30, 0xCB, 0x2C, 0x41, 0xA7, 0x43, 0xCF, 0x1B, 0xCC, 0x37, 0x0D, 0xF8, 0x5F, 0x67, 0x72, 0x56, 0xFF, 0x08, 0x40, 0x02, 0x60, 0x00, 0x1E, 0x5A, 0xF8, 0xFA, 0x34, 0xDF, 0x2C, 0x9F, 0x4F, 0x67, 0x00, 0x0C, 0xD1, 0x82, 0x00, 0xA0, 0xFC, 0xFF, 0x5F, 0x00, 0xFE, 0x00, 0xFF, 0x60, 0x5A, 0x48, 0xFE, 0xED, 0xB5, 0xDF, 0x00, 0x28, 0xF9, 0x20, 0x26, 0xFF, 0xFE, 0x3F, 0xEB, 0x1A, 0xEF, 0x68, 0xB4, 0x08, 0x40, 0xEB, 0x20, 0x42, 0x50, 0x3F, 0xFF, 0xF6, 0x40, 0xFF, 0x26, 0x2F, 0xF7, 0x63, 0x00, 0x03, 0x00, 0xC0, 0xF4, 0x00, 0x10, 0xFD, 0xFF, 0x40, 0xE8, 0x2F, 0xF8, 0xF5, 0xF0, 0xFF, 0xFF, 0x20, 0x50, 0x09, 0xFF, 0xFF, 0x30, 0x20, 0x58, 0x49, 0x9F, 0x6F, 0x9F, 0xE9, 0x02, 0x4F, 0x4F, 0x00, 0x00, 0x6F, 0xAF, 0xBF, 0xF9, 0xF2, 0x43, 0x60, 0x5F, 0x2F, 0x0E, 0x8F, 0xFF, 0xF9, 0x51, 0x37, 0x3F, 0xDA, 0x06, 0xF5, 0xF2, 0xFF, 0xFF, 0xF2, 0x20, 0x03, 0x4F, 0xE6, 0x26, 0x32, 0x00, 0x22, 0x4F, 0xEE, 0x29, 0xC2, 0xFF, 0x58, 0x29, 0x23, 0x06, 0x03, 0xFF, 0xFF, 0x2F, 0x2F, 0x00, 0x00, 0x30, 0x03, 0x4F, 0xF3, 0x50, 0x22, 0xA0, 0x1F, 0xC1, 0x50, 0x77, 0x0A, 0x0A, 0x00, 0x30, 0x0A, 0x0A, 0x0A, 0xD0, 0xF3, 0x6F, 0xE3, 0x64, 0x4F, 0xEB, 0x46, 0x10, 0x00, 0x00, 0xE3, 0x24, 0x6A, 0x8F, 0x9F, 0x00, 0x66, 0x03, 0xFF, 0xF4, 0x2D, 0xDF, 0xC0, 0xC6, 0x90, 0x6F, 0xBF, 0xBC, 0x63, 0x04, 0x01, 0x52, 0x5C, 0x20, 0xB7, 0x20, 0x00, 0xF0, 0x20, 0xEB, 0x30, 0x03, 0xB0, 0x2F, 0xF1, 0xF8, 0x30, 0xCB, 0x20, 0xB6, 0xFF, 0x66, 0x00, 0x66, 0x38, 0x00, 0x02, 0x20, 0xE3, 0x20, 0x6E, 0x2E, 0xBC, 0x00, 0x04, 0xFF, 0x10, 0xFF, 0x0D, 0x8F, 0x7F, 0xEB, 0xF7, 0x30, 0xFF, 0xFD, 0x00, 0x00, 0x00, 0x30, 0x00, 0x19, 0xFF, 0x00, 0xAA, 0x60, 0xE6, 0x61, 0xE7, 0x2F, 0x39, 0xC0, 0xF5, 0xF9, 0xFF, 0xDF, 0x80, 0x20, 0xD5, 0x07, 0x10, 0xFC, 0xFC, 0xAF, 0xDF, 0xFF, 0x10, 0x02, 0x9F, 0x6F, 0x3A, 0xAE, 0x35, 0x00, 0xD7, 0x02, 0x8C, 0x30, 0x41, 0x00, 0xFF, 0xFD, 0x40, 0xEF, 0x21, 0x3B, 0x00, 0x00, 0x00, 0xF9, 0xF2, 0x01, 0x0B, 0x20, 0x00, 0xCF, 0xFF, 0x01, 0x21, 0xFF, 0xA8, 0x00, 0x5A, 0x00, 0x20, 0x21, 0x63, 0x40, 0x20, 0x2F, 0xE5, 0x0B, 0x0A, 0xF6, 0xF6, 0x0A, 0x0C, 0x00, 0xF6, 0xF2, 0xF7, 0x8E, 0xFF, 0xFF, 0x21, 0x00, 0x01, 0x69, 0x00, 0x8F, 0xFF, 0xA2, 0x06, 0x12, 0x3F, 0x3C, 0x00, 0x4F, 0xFF, 0x00, 0xDF, 0xFF, 0x00, 0x1C, 0xFF, 0x80, 0x3E, 0xAD, 0x00, 0x00, 0xC3, 0xFF, 0xFC, 0xFF, 0xFF, 0x00, 0x40, 0x00, 0xA9, 0x00, 0xFB, 0xFF, 0xFF, 0x4F, 0x55, 0x6A, 0x2F, 0xB4, 0x0A, 0x3F, 0xBA, 0x09, 0x9F, 0xD9, 0x03, 0x04, 0x83, 0x57, 0xC0, 0xE8, 0x1E, 0x7F, 0xDC, 0xF6, 0xFF, 0xFF, 0x10, 0x00, 0xC6, 0x8E, 0x3F, 0xE4, 0x6F, 0xFF, 0x00, 0xA0, 0x88, 0x05, 0x00, 0x8F, 0x01, 0x5D, 0x01, 0x43, 0x02, 0x4C, 0x49, 0x4D, 0xFF, 0xFE, 0x14, 0x32, 0x7C, 0x02, 0x60, 0x28, 0x2A, 0x37, 0x3B, 0x9D, 0x69, 0x6D, 0x61, 0x67, 0x10, 0x8C, 0x4C, 0x24, 0x20, 0x00, 0x0D, 0x42, 0x30, 0x07, 0x03, 0x8B, 0xA0, 0x00, 0x02, 0x71, 0x00, 0x88, 0xFE, 0xFF, 0xFF, 0x26, 0x0E, 0xC0, 0x80, 0x2F, 0x0B, 0xC0, 0xC0, 0xAF, 0x9F, 0x00, 0x00, 0x9F, 0x81, 0x20, 0x03, 0x00, 0x88, 0x00, 0x88, 0xFF, 0xCC, 0x20, 0x17, 0xC0, 0x70, 0x07, 0xFF, 0xFF, 0x78, 0x00, 0x02, 0xFF, 0xFC, 0x3E, 0xC3, 0x4F, 0xDB, 0x3F, 0xDF, 0x90, 0x90, 0xDF, 0xDF, 0x30, 0x03, 0x01, 0xA1, 0xD7, 0xE4, 0x40, 0x6F, 0x30, 0x6B, 0x40, 0x6F, 0x00, 0xB0, 0x43, 0xCF, 0xDF, 0xFF, 0x05, 0x55, 0xFF, 0xD7, 0x00, 0xEE, 0x00, 0x0F, 0x0E, 0x55, 0x20, 0x17, 0x74, 0xEE, 0x20, 0x17, 0x70, 0x07, 0x40, 0x6F, 0x80, 0x90, 0x6F, 0xC5, 0xFF, 0x0F, 0xCF, 0x7F, 0xDE, 0x00, 0x95, 0xDD, 0xC1, 0x7F, 0x2F, 0xA3, 0xB1, 0x7F, 0x1D, 0x20, 0x00, 0x10, 0x51, 0x7F, 0xB9, 0xCA, 0x06, 0xC6, 0x17, 0x50, 0xA8, 0x82, 0x61, 0x70, 0x28, 0x8E, 0x2E, 0x46, 0x10, 0x00, 0x43, 0xFD, 0x3A, 0xEF, 0x12, 0x76, 0x00, 0x98, 0x6F, 0xFF, 0xCE, 0x47, 0x2D, 0xE3, 0xFF, 0x11, 0x7A, 0xFF, 0x45, 0x4F, 0xEF, 0xAA, 0x00, 0xBB, 0x4B, 0x0F, 0x45, 0xBB, 0x50, 0x07, 0xFF, 0x23, 0xEF, 0x3F, 0xD6, 0x00, 0x23, 0xDE, 0x45, 0x53, 0x4F, 0xFB, 0x9A, 0x00, 0x68, 0x4B, 0x2F, 0x24, 0x35, 0x23, 0x0A, 0xAD, 0xFF, 0xFF, 0xC8, 0x3B, 0x3B, 0xB3, 0x33, 0x2F, 0xFF, 0x43, 0xFF, 0x66, 0x67, 0x27, 0xFF, 0x00, 0x4B, 0x83, 0x4F, 0x7B, 0xE7, 0xF0, 0x21, 0xD1, 0x2E, 0x4D, 0x38, 0x0A, 0x08, 0x47, 0x29, 0x21, 0xF6, 0x22, 0xFF, 0x22, 0xF7, 0xF7, 0x00, 0x15, 0x7F, 0x22, 0xFF, 0x32, 0x4F, 0xBA, 0x43, 0x30, 0xFF, 0x97, 0x6C, 0x27, 0x36, 0x6A, 0x10, 0xE7, 0xF2, 0xF4, 0x7C, 0xFF, 0x34, 0xBA, 0x40, 0x03, 0x9F, 0xDB, 0x25, 0x32, 0x8F, 0xE8, 0x0C, 0x09, 0x20, 0xFF, 0x4F, 0x25, 0x2D, 0xAD, 0xBF, 0x04, 0x28, 0xFF, 0x31, 0x00, 0x6C, 0x06, 0xF4, 0x37, 0xFF, 0x87, 0xD6, 0x00, 0xDD, 0x00, 0x4D, 0x3C, 0x1A, 0xDD, 0x00, 0xEE, 0x34, 0x4A, 0x31, 0xEF, 0x54, 0x00, 0x45, 0x1F, 0xB8, 0xA4, 0x38, 0x0B, 0x51, 0x41, 0xEF, 0xFD, 0xA0, 0x97, 0x1F, 0x10, 0x00, 0x0C, 0xFE, 0xFC, 0x10, 0xA0, 0x23, 0xF1, 0x6F, 0xB8, 0x2C, 0xEF, 0x02, 0x00, 0x03, 0xFF, 0xFF, 0x1E, 0x8F, 0xA1, 0x1B, 0xEF, 0xE7, 0x21, 0x1F, 0xC7, 0x69, 0x04, 0xD9, 0x32, 0xA1, 0xF2, 0x27, 0xCB, 0x20, 0x03, 0x7F, 0xD9, 0x42, 0xE1, 0x40, 0xD7, 0x37, 0xFF, 0x01, 0xBE, 0x4D, 0xEF, 0x58, 0x22, 0x00, 0x23, 0x4F, 0xBB, 0x64, 0xFF, 0xA7, 0x47, 0xEF, 0xDC, 0x2C, 0xFF, 0xED, 0x79, 0xE0, 0xDE, 0x24, 0xA0, 0x37, 0x04, 0xCC, 0xFF, 0x88, 0x50, 0xCF, 0x21, 0x00, 0x32, 0x42, 0xDF, 0x33, 0x00, 0x33, 0x09, 0x00, 0x00, 0x73, 0x30, 0x26, 0xAA, 0xFF, 0xFF, 0x40, 0x04, 0xCE, 0x63, 0x3F, 0x46, 0xD7, 0x7A, 0xEF, 0x35, 0x94, 0x72, 0xEF, 0x26, 0xF5, 0x2F, 0x2E, 0x05, 0x4D, 0x2E, 0xDA, 0x6B, 0x03, 0xE4, 0x0C, 0x09, 0x55, 0xFF, 0x08, 0xC0, 0x7F, 0x91, 0x00, 0x00, 0x00, 0xF3, 0xF3, 0x00, 0x99, 0x00, 0x99, 0xFE, 0x5F, 0xF7, 0x20, 0x0B, 0x20, 0x0F, 0x7F, 0x8F, 0x80, 0x17, 0x60, 0x1F, 0x8F, 0xA7, 0x56, 0x1A, 0xFF, 0x55, 0x01, 0x3A, 0xFD, 0x90, 0x1F, 0x78, 0x4F, 0xC3, 0x55, 0x23, 0xFF, 0x65, 0x4A, 0x2F, 0x97, 0xFF, 0xFC, 0x35, 0x5C, 0x29, 0x23, 0x63, 0x02, 0x34, 0x07, 0x3F, 0xFB, 0x8B, 0xFF, 0x03, 0x44, 0x10, 0x28, 0x4D, 0x68, 0xD4, 0x80, 0x5F, 0x3F, 0xE5, 0x17, 0x9F, 0xEA, 0xEF, 0xFF, 0x07, 0x68, 0xCF, 0x45, 0x6F, 0x2B, 0x59, 0x3E, 0xFB, 0x5F, 0x30, 0x20, 0xFB, 0x89, 0x5F, 0xC7, 0xF3, 0xF9, 0xF8, 0x90, 0x3F, 0x31, 0xB7, 0x22, 0x97, 0x30, 0x00, 0x75, 0x85, 0xBF, 0x2F, 0xC2, 0xAF, 0x0D, 0xFF, 0x9E, 0x22, 0xFF, 0x45, 0x4F, 0xB9, 0xA9, 0x00, 0x9A, 0x45, 0xBF, 0x89, 0x88, 0x55, 0xA7, 0xFF, 0x22, 0xFF, 0x3E, 0xDF, 0x00, 0xFF, 0x75, 0x29, 0xFF, 0xDA, 0x4F, 0xFF, 0x23, 0x3A, 0xDB, 0x5E, 0x7F, 0x95, 0x9F, 0x1F, 0x7F, 0x8F, 0x52, 0x23, 0x0C, 0x0D, 0x92, 0x31, 0xE1, 0xEF, 0xE1, 0xFF, 0x7F, 0xFF, 0x7C, 0x02, 0x2C, 0xE9, 0x30, 0x03, 0xF0, 0x0F, 0x01, 0x1D, 0xE6, 0x45, 0x3E, 0x00, 0xFB, 0x5B, 0xB0, 0x3A, 0x47, 0xFE, 0x2B, 0x83, 0x8C, 0x57, 0xD0, 0x28, 0x8B, 0x25, 0x31, 0xB0, 0x77, 0x11, 0x0D, 0xA5, 0x1B, 0x96, 0x44, 0x00, 0x00, 0xFC, 0xFB, 0x18, 0x01, 0x07, 0xF8, 0x3B, 0xB6, 0x56, 0x45, 0x0E, 0x50, 0x00, 0x28, 0x2F, 0x3F, 0x2C, 0x8F, 0xE5, 0x2C, 0xC3, 0x00, 0xFA, 0x30, 0xA1, 0x2B, 0xBB, 0x6F, 0x76, 0x87, 0x18, 0xEF, 0x00, 0x38, 0x77, 0x77, 0xC2, 0xC2, 0x5F, 0xAE, 0x8B, 0x6B, 0xFF, 0x01, 0xAF, 0x47, 0xCF, 0x15, 0xEE, 0x32, 0x6B, 0x26, 0x89, 0x00, 0x3E, 0xA7, 0x3A, 0x0D, 0xB4, 0x2F, 0x04, 0xF1, 0xFF, 0x7F, 0xFF, 0xA0, 0x50, 0xB0, 0x26, 0x73, 0xF4, 0x79, 0x7C, 0x00, 0x60, 0xFB, 0xFF, 0xE0, 0x28, 0x32, 0x00, 0xB0, 0x01, 0x24, 0x07, 0x4F, 0x08, 0x2F, 0x1F, 0x00, 0x39, 0x00, 0x0D, 0x3D, 0x04, 0x7D, 0xFB, 0xFE, 0xE5, 0x00, 0xD8, 0x5C, 0xA7, 0x5B, 0xA5, 0x3F, 0x93, 0x61, 0x00, 0x1C, 0xBF, 0x38, 0x93, 0x40, 0x96, 0x9E, 0x2A, 0x03, 0xA5, 0x4F, 0xF4, 0xFE, 0x28, 0xAF, 0xD0, 0xE1, 0x3E, 0xFF, 0x1A, 0x27, 0x87, 0x8C, 0x3E, 0x05, 0x00, 0x00, 0x3F, 0x2B, 0x55, 0x98, 0xBE, 0x04, 0x07, 0x0B, 0xFF, 0xFF, 0x08, 0x06, 0x0E, 0x53, 0xFF, 0x20, 0x4A, 0xBF, 0x3F, 0xB6, 0x8E, 0xB3, 0xFF, 0xDE, 0xFF, 0xDD, 0x55, 0x42, 0x60, 0x17, 0x7F, 0xD6, 0xDD, 0x01, 0xFF, 0xED, 0xFF, 0x00, 0x31, 0x00, 0x95, 0x7A, 0xDB, 0x92, 0x60, 0x37, 0xEE, 0x12, 0x2E, 0xBF, 0x50, 0xFD, 0xDA, 0x11, 0xFF, 0x12, 0xBD, 0xFF, 0x69, 0x45, 0xE7, 0x14, 0x6B, 0x9B, 0x0F, 0x8E, 0x1A, 0x5E, 0x01, 0x9F, 0x6F, 0xD3, 0x00, 0x1C, 0x2A, 0x35, 0x2F, 0x8F, 0xFC, 0x04, 0xFC, 0x00, 0xAD, 0x00, 0x47, 0x5A, 0x6F, 0xFD, 0x74, 0x8F, 0x4E, 0x97, 0xB9, 0xFF, 0xDC, 0x4F, 0xFF, 0x2F, 0x44, 0x2B, 0xB2, 0x4F, 0x3C, 0x35, 0xBB, 0xFF, 0x2B, 0xAA, 0x2D, 0x64, 0x10, 0x60, 0xB7, 0x32, 0x35, 0xDC, 0x0A, 0x10, 0x00, 0xB4, 0xEC, 0x2F, 0xF3, 0xF9, 0x7B, 0x78, 0xEF, 0x88, 0x68, 0x9F, 0x8B, 0xFF, 0x25, 0xAB, 0x8F, 0x6D, 0xFF, 0x8F, 0x5E, 0x02, 0x4E, 0xDD, 0x6C, 0x01, 0xEC, 0xAC, 0xCE, 0x7F, 0x2D, 0x16, 0xBE, 0x7F, 0x80, 0xE0, 0x7E, 0x7F, 0x9D, 0x2E, 0x04, 0x0F, 0xBD, 0xFF, 0xEF, 0xEF, 0x8A, 0xAF, 0x00, 0x8E, 0x47, 0x24, 0xDD, 0x78, 0xDD, 0x77, 0x33, 0x00, 0x11, 0x33, 0x11, 0x8D, 0x7D, 0x13, 0x13, 0x7D, 0xDF, 0x20, 0x03, 0x8A, 0xBF, 0x77, 0x50, 0x17, 0x70, 0x07, 0xFF, 0xFF, 0x30, 0x2B, 0xB0, 0x2F, 0xDB, 0xF0, 0x0F, 0x01, 0xBF, 0x7F, 0xA8, 0x6D, 0xEA, 0x7F, 0x7F, 0x10, 0x6D, 0xFF, 0x27, 0xB0, 0xD0, 0x04, 0xA1, 0x00, 0x0D, 0xB0, 0x01, 0x02, 0x60, 0xED, 0x61, 0xFF, 0x2C, 0xFF, 0x1A, 0xBE, 0xFF, 0xF0, 0x3E, 0xB7, 0x00, 0xC0, 0xFF, 0x19, 0x00, 0x21, 0x1D, 0x01, 0x8C, 0x28, 0xFA, 0xCC, 0xFF, 0x3A, 0x3B, 0x92, 0x40, 0x3F, 0x17, 0xFF, 0x46, 0x6B, 0x27, 0x4C, 0x84, 0xFF, 0xE9, 0xBD, 0xB9, 0x3C, 0xB8, 0xFD, 0xF1, 0x23, 0x34, 0x30, 0x62, 0x4C, 0xDA, 0x40, 0x13, 0xF7, 0xFF, 0xF1, 0x20, 0x03, 0x04, 0xEF, 0xFF, 0xE8, 0xFF, 0xE0, 0x20, 0x03, 0xE1, 0xFF, 0x1C, 0xD9, 0xFF, 0xD3, 0x50, 0x95, 0x2E, 0xE1, 0x21, 0x87, 0x57, 0xFF, 0x1A, 0x86, 0xFF, 0xD1, 0x93, 0x69, 0x30, 0x41, 0xFA, 0x31, 0x9F, 0xAC, 0x22, 0xFF, 0xC7, 0x41, 0xA5, 0xD9, 0xFF, 0xE4, 0x50, 0x5B, 0xF6, 0x20, 0xFF, 0xF2, 0x20, 0x5D, 0xFB, 0xFF, 0xEE, 0xFF, 0xEA, 0xAA, 0x2F, 0x23, 0xF5, 0x20, 0x05, 0xE4, 0x23, 0x97, 0xEA, 0x2E, 0x2E, 0xDA, 0x08, 0xFF, 0xDB, 0xFF, 0xD5, 0x2C, 0x6E, 0xC6, 0xFF, 0xD0, 0x02, 0xFF, 0xCB, 0xFF, 0xC1, 0xFF, 0xBC, 0x27, 0xE7, 0xE1, 0xA0, 0x20, 0x11, 0xD2, 0x24, 0x7A, 0xDA, 0xFF, 0xCD, 0xFF, 0xCA, 0x82, 0x20, 0x19, 0xC1, 0xFF, 0xB7, 0xFF, 0xB3, 0x20, 0xFE, 0xBA, 0x0A, 0xFF, 0xAF, 0xFF, 0xAB, 0x05, 0xD1, 0xFF, 0x5F, 0x62, 0x6D, 0x03, 0x28, 0xFF, 0x29, 0x20, 0xC2, 0xC2, 0xE1, 0x7F, 0x05, 0xFF, 0x9F, 0xAD, 0x22, 0x8D, 0x07, 0x21, 0x61, 0xA7, 0x20, 0x9A, 0x5F, 0xE9, 0x8A, 0xD9, 0x48, 0xA8, 0x38, 0x99, 0xFE, 0x41, 0x01, 0xF7, 0x25, 0x34, 0xEA, 0xFF, 0xE0, 0x51, 0x8D, 0xD1, 0x73, 0xF6, 0x80, 0x27, 0xF7, 0xFF, 0xEB, 0x25, 0x56, 0x54, 0xE0, 0x21, 0x1D, 0xE9, 0x21, 0x25, 0xDE, 0x2F, 0x4A, 0xD4, 0xFF, 0x14, 0xD3, 0xFF, 0xC9, 0x2F, 0x52, 0xD3, 0x2B, 0x3D, 0xC9, 0xFF, 0x54, 0xC8, 0x25, 0x49, 0xBD, 0x21, 0x07, 0xFC, 0x27, 0x46, 0xF0, 0xFF, 0x51, 0xE6, 0x20, 0x2D, 0xE2, 0x25, 0x9E, 0xD5, 0xFF, 0xE3, 0x21, 0x95, 0x55, 0xD6, 0x2D, 0xB0, 0xD0, 0x20, 0x21, 0xC3, 0x25, 0x10, 0xDA, 0x21, 0x3B, 0x14, 0xCD, 0xFF, 0xC5, 0x21, 0x4D, 0xC4, 0x25, 0x7B, 0xB6, 0xFF, 0x40, 0xBF, 0x21, 0x3D, 0xB2, 0xFF, 0xAB, 0xFF, 0xB0, 0xFF, 0x05, 0xA9, 0xFF, 0xA3, 0xFF, 0x9C, 0x21, 0x51, 0xC0, 0x22, 0x4A, 0x54, 0xB5, 0x21, 0x53, 0xAE, 0x21, 0xA8, 0xA2, 0x21, 0x59, 0xAA, 0xFF, 0x50, 0xA8, 0x20, 0xC8, 0xA0, 0x2F, 0xE0, 0x95, 0xFF, 0x8C, 0xFF, 0x40, 0xA6, 0x2B, 0x49, 0x9A, 0xFF, 0x92, 0xFF, 0x96, 0xFF, 0x54, 0x8F, 0x25, 0x33, 0x84, 0x20, 0x05, 0x87, 0x22, 0x2C, 0x7C, 0xFF, 0x15, 0x7F, 0xFF, 0x79, 0x2B, 0x43, 0x6E, 0x22, 0x86, 0xB8, 0x20, 0x4B, 0x46, 0xAA, 0x20, 0x53, 0xAD, 0xFF, 0xA4, 0x21, 0x00, 0x30, 0x53, 0x96, 0x2A, 0xFF, 0x90, 0x2B, 0xFF, 0x92, 0x20, 0xFC, 0x85, 0x20, 0x4B, 0xA4, 0x20, 0xFF, 0x9B, 0x20, 0x3D, 0xA0, 0xFF, 0x9D, 0xFF, 0x93, 0x82, 0x20, 0x17, 0x8D, 0xFF, 0x89, 0xFF, 0x80, 0x20, 0x3F, 0x86, 0x28, 0xFF, 0x83, 0x20, 0x41, 0x76, 0x20, 0x0D, 0x83, 0xFF, 0x7D, 0x0A, 0xFF, 0x77, 0xFF, 0x7E, 0x20, 0x4F, 0x72, 0x25, 0x87, 0x72, 0x02, 0xFF, 0x6C, 0xFF, 0x67, 0xFF, 0x62, 0x40, 0x03, 0x5C, 0x00, 0xFF, 0x58, 0xFF, 0x74, 0xFF, 0x70, 0xFF, 0x69, 0x28, 0xFF, 0x65, 0x25, 0xA1, 0x6A, 0x20, 0x15, 0x5F, 0xFF, 0x5E, 0x02, 0xFF, 0x5A, 0xFF, 0x53, 0xFF, 0x50, 0x22, 0x6C, 0x54, 0x0A, 0xFF, 0x4D, 0xFF, 0x4A, 0x00, 0xD3, 0xFF, 0x16, 0x24, 0x1D, 0x6B, 0x35, 0xFF, 0x15, 0x22, 0x66, 0x72, 0xD7, 0x85, 0x2F, 0xA8, 0xED, 0x5F, 0x95, 0x55, 0xF9, 0x2E, 0xCE, 0xF0, 0x94, 0x3F, 0x75, 0x21, 0xBF, 0xD5, 0x84, 0x4D, 0x6A, 0x3D, 0x2F, 0xD0, 0xAF, 0xAC, 0xFD, 0x22, 0xFB, 0xE8, 0x26, 0x3B, 0xE0, 0xAA, 0x2F, 0xE7, 0xF8, 0x2F, 0x06, 0xF1, 0x23, 0x03, 0xD9, 0x23, 0x01, 0xD3, 0xAA, 0x21, 0x7F, 0xF0, 0x28, 0xC8, 0xE6, 0x21, 0x77, 0xD6, 0x23, 0x0F, 0xCC, 0xAA, 0x22, 0xD1, 0xDD, 0x21, 0x89, 0xD5, 0x22, 0xBF, 0xC3, 0x22, 0xF6, 0xBB, 0xAA, 0x22, 0xB1, 0xBF, 0x21, 0x61, 0xB5, 0x22, 0xB1, 0xA8, 0x21, 0x59, 0x9F, 0xAA, 0x22, 0xBB, 0xAB, 0x21, 0x69, 0xA2, 0x21, 0x5F, 0x95, 0x2D, 0x23, 0x8C, 0xAD, 0x42, 0xD5, 0xD2, 0x21, 0x9F, 0xBF, 0x21, 0x95, 0x30, 0x1B, 0xCB, 0x27, 0x21, 0x55, 0xC4, 0x21, 0xA7, 0xB0, 0x21, 0x9D, 0xA9, 0x21, 0x9F, 0xA6, 0x21, 0x7D, 0x55, 0x9E, 0x21, 0x7F, 0x8F, 0x23, 0xA2, 0x87, 0x21, 0x77, 0x96, 0x26, 0xB9, 0xA8, 0x30, 0x0B, 0x7F, 0x21, 0x19, 0x78, 0x21, 0x7F, 0x9E, 0xFF, 0x94, 0xA2, 0x20, 0x01, 0x8A, 0x26, 0xCF, 0x82, 0xFF, 0x81, 0x20, 0x11, 0x8B, 0xB1, 0x20, 0x05, 0x82, 0x20, 0x19, 0x30, 0x1B, 0x6E, 0xFF, 0x66, 0x21, 0xA5, 0x51, 0x71, 0x21, 0x41, 0x68, 0x21, 0x3D, 0x63, 0xFF, 0x60, 0x21, 0x3B, 0x50, 0x66, 0x21, 0x41, 0x5E, 0x2D, 0xBD, 0x57, 0xFF, 0x51, 0xFF, 0x15, 0x4F, 0xFF, 0x48, 0x21, 0xC5, 0x70, 0x20, 0x21, 0x68, 0x80, 0x17, 0x55, 0x6A, 0x20, 0x25, 0x63, 0x21, 0x63, 0x57, 0x20, 0x1D, 0x50, 0x20, 0x1F, 0x10, 0x55, 0xFF, 0x4E, 0x20, 0x01, 0x46, 0xFF, 0x47, 0xFF, 0x05, 0x40, 0xFF, 0x3F, 0xFF, 0x39, 0x20, 0x07, 0x3F, 0x20, 0x09, 0x51, 0x39, 0x20, 0x09, 0x32, 0x20, 0x01, 0x2C, 0xFF, 0x5D, 0x23, 0xF6, 0x60, 0x53, 0x20, 0x23, 0x30, 0x03, 0x49, 0xFF, 0x44, 0xFF, 0x4B, 0x08, 0xFF, 0x45, 0xFF, 0x42, 0x21, 0x3E, 0x40, 0xFF, 0x3C, 0x02, 0xFF, 0x38, 0xFF, 0x34, 0xFF, 0x4A, 0x20, 0x39, 0x41, 0xA8, 0x21, 0x4E, 0x43, 0x20, 0x05, 0x3B, 0x20, 0x11, 0x38, 0xFF, 0x35, 0x00, 0xFF, 0x31, 0xFF, 0x2E, 0xFF, 0x33, 0xFF, 0x30, 0x2A, 0xFF, 0x2B, 0x23, 0x46, 0x3B, 0x20, 0x0F, 0x33, 0x20, 0x0F, 0x30, 0x82, 0x24, 0xD2, 0x2A, 0xFF, 0x26, 0xFF, 0x2D, 0x2B, 0x94, 0x27, 0x80, 0x2D, 0xA5, 0x23, 0xFF, 0x20, 0xFF, 0x1E, 0xFF, 0x1B, 0xA8, 0x23, 0x68, 0x26, 0x40, 0x0B, 0x24, 0x2D, 0xB9, 0x1E, 0xFF, 0x1C, 0x02, 0xFF, 0x1D, 0xFF, 0x1A, 0xFF, 0x18, 0x21, 0xD2, 0x18, 0x8A, 0x24, 0xB8, 0x13, 0xFF, 0x12, 0x33, 0x8B, 0x00, 0x20, 0x36, 0xD2, 0xDA, 0x6B, 0xF6, 0x34, 0x85, 0x00, 0x24, 0x87, 0x64, 0xB3, 0xFA, 0x2C, 0x0B, 0xEA, 0xAA, 0x24, 0x61, 0xE4, 0x24, 0x57, 0xCC, 0x24, 0x59, 0xC6, 0x27, 0xFF, 0xDF, 0xA9, 0x24, 0x75, 0xDA, 0x24, 0x5F, 0xC1, 0x24, 0x4D, 0xBC, 0x00, 0x22, 0xB6, 0x62, 0x00, 0x23, 0x56, 0x43, 0x7B, 0xFE, 0xFF, 0xF2, 0x34, 0xA5, 0x00, 0xD5, 0x23, 0x4E, 0x24, 0xFD, 0xED, 0x2A, 0x35, 0xEA, 0x2C, 0x67, 0xD5, 0x24, 0xE9, 0x55, 0xD2, 0x24, 0x91, 0xB7, 0x24, 0x8F, 0xB2, 0x29, 0x02, 0xCD, 0x24, 0xA5, 0x55, 0xCA, 0x25, 0x7E, 0xAF, 0x24, 0x81, 0xAB, 0x25, 0x86, 0xB0, 0x23, 0x01, 0x55, 0xAA, 0x23, 0x4B, 0x96, 0x23, 0x4D, 0x90, 0x23, 0x5B, 0xA4, 0x23, 0x09, 0x55, 0x9F, 0x2E, 0xFF, 0x8A, 0x23, 0x35, 0x85, 0x22, 0xED, 0x7D, 0x22, 0xE9, 0x55, 0x77, 0x22, 0xDB, 0x67, 0x22, 0xD9, 0x62, 0x22, 0xE7, 0x72, 0x23, 0x39, 0x55, 0x6D, 0x22, 0xE3, 0x5C, 0x22, 0xE5, 0x57, 0x23, 0x6B, 0x9A, 0x23, 0x37, 0x55, 0x96, 0x23, 0x17, 0x80, 0x23, 0x19, 0x7C, 0x23, 0x77, 0x93, 0x23, 0x29, 0x55, 0x90, 0x25, 0x4A, 0x79, 0x23, 0x21, 0x76, 0x22, 0xFF, 0x6A, 0x23, 0x01, 0x55, 0x65, 0x24, 0x7A, 0x53, 0x22, 0xF9, 0x50, 0x28, 0xA9, 0x62, 0x23, 0x09, 0x55, 0x5F, 0x25, 0x6C, 0x4D, 0x23, 0x01, 0x4A, 0x21, 0x7F, 0x53, 0x25, 0x78, 0x51, 0x4E, 0x21, 0x77, 0x42, 0x21, 0x79, 0x3D, 0xFF, 0x52, 0x21, 0x85, 0x55, 0x4E, 0x21, 0x87, 0x40, 0x21, 0x7D, 0x3C, 0x21, 0x7F, 0x3A, 0x21, 0x69, 0x55, 0x35, 0x21, 0x6F, 0x2D, 0x25, 0xA4, 0x28, 0x2E, 0xFD, 0x30, 0x21, 0x65, 0x55, 0x2C, 0x41, 0x53, 0x1E, 0x21, 0x61, 0x1B, 0x21, 0x9F, 0x41, 0x21, 0xDD, 0x55, 0x3D, 0x21, 0xAB, 0x31, 0x21, 0x99, 0x2D, 0x21, 0xA7, 0x3B, 0x21, 0xAF, 0x55, 0x38, 0x21, 0x9F, 0x2B, 0x21, 0xA1, 0x29, 0x24, 0xE8, 0x23, 0x21, 0x95, 0x55, 0x20, 0x21, 0x77, 0x18, 0x21, 0x79, 0x15, 0x21, 0x87, 0x1E, 0x2F, 0x43, 0x55, 0x1C, 0x21, 0x83, 0x13, 0x23, 0x5E, 0x12, 0x2F, 0x4F, 0x1D, 0x40, 0x1B, 0x45, 0x19, 0x23, 0x6C, 0x14, 0xFF, 0x11, 0x26, 0x72, 0x14, 0x23, 0x76, 0x54, 0x11, 0x20, 0x09, 0x0E, 0x20, 0x01, 0x0B, 0x21, 0xA3, 0x10, 0xFF, 0x10, 0x0F, 0xFF, 0x0D, 0x40, 0x03, 0x0B, 0xFF, 0x0A, 0xFF, 0x55, 0x0C, 0x20, 0x03, 0x09, 0x25, 0x24, 0x08, 0x25, 0x28, 0x06, 0x25, 0x32, 0x55, 0x13, 0x20, 0x1D, 0x10, 0x20, 0x1F, 0x0C, 0x20, 0x15, 0x0A, 0x25, 0x3C, 0x55, 0x0F, 0x20, 0x33, 0x0D, 0x20, 0x27, 0x08, 0x20, 0x1D, 0x07, 0x25, 0x52, 0xAB, 0x50, 0x25, 0x04, 0x20, 0x01, 0x03, 0x25, 0x76, 0x02, 0x80, 0x07, 0x50, 0x01, 0x56, 0x01, 0x00, 0xB9, 0x7F, 0x20, 0x2C, 0x1D, 0x03, 0x04, 0xE9, 0x7F, 0x10, 0x04, 0x80, 0x59, 0x30, 0x18, 0xC2, 0xFE, 0xE2, 0x2C, 0x3A, 0x3A, 0x46, 0x20, 0xF8, 0xE9, 0x06, 0xFF, 0x00, 0x95, 0x00, 0xDC, 0x00, 0x3E, 0x2E, 0x03, 0x1F, 0xA9, 0x80, 0x0C, 0xF2, 0x00, 0x10, 0xF9, 0x38, 0xEF, 0x4F, 0x02, 0x50, 0x90, 0x0F, 0xFF, 0xFF, 0xC0, 0xD0, 0x00, 0xDE, 0x98, 0xBF, 0x1B, 0xCB, 0xFF, 0x2F, 0x23, 0xF1, 0xF2, 0x7F, 0x4B, 0xFF, 0x01, 0xCF, 0x27, 0x10, 0x5B, 0x20, 0x2B, 0x10, 0x00, 0x11, 0x49, 0x71, 0x7E, 0x11, 0x60, 0x07, 0xF9, 0x7E, 0x70, 0x17, 0x0B, 0x10, 0x1F, 0x3A, 0x6E, 0x0C, 0xBA, 0x5C, 0x40, 0x80, 0x41, 0xCD, 0x30, 0xE3, 0xFF, 0x20, 0xF9, 0xB7, 0xFF, 0x00, 0xFF, 0xAF, 0xCF, 0x03, 0xD1, 0xF8, 0xFF, 0x7F, 0x00, 0xFE, 0xFF, 0x0C, 0x05, 0x06, 0x00, 0x00, 0x50, 0x00, 0x00, 0x00, 0x90, 0x80, 0xED, 0xFF, 0xEE, 0xFF, 0x05, 0x79, 0x00, 0x77, 0x00, 0xEE, 0x20, 0x07, 0x77, 0x20, 0x07, 0x00, 0x00, 0xAA, 0x00, 0x07, 0xFF, 0xFF, 0x3F, 0xCF, 0x83, 0x2B, 0x90, 0xA5, 0x00, 0x00, 0xF9, 0xF8, 0x70, 0x17, 0x80, 0x1F, 0x00, 0x4A, 0x00, 0xA0, 0x6F, 0x6F, 0xF0, 0x30, 0x00, 0x03, 0x9B, 0x00, 0x00, 0xEF, 0x23, 0x00, 0x80, 0x37, 0x80, 0x3F, 0xC5, 0xEA, 0x05, 0x00, 0x30, 0x1F, 0x80, 0xE8, 0xAB, 0x59, 0xF7, 0x59, 0x00, 0x60, 0x3F, 0xF0, 0x3B, 0xFC, 0x6B, 0xF2, 0x00, 0xE0, 0x5F, 0x00, 0x90, 0x7F, 0xA2, 0x00, 0x6A, 0xF4, 0x15, 0xF3, 0x9F, 0x8F, 0x90, 0xBF, 0xDE, 0x20, 0xDF, 0x97, 0xDC, 0x48, 0x00, 0x01, 0x20, 0x10, 0x7B, 0xFF, 0x02, 0xAF, 0xFC, 0x10, 0x30, 0xFF, 0xFA, 0x39, 0xE3, 0x4E, 0xFF, 0x00, 0x04, 0x00, 0x00, 0x65, 0x50, 0x01, 0xA9, 0x88, 0x05, 0x04, 0x01, 0xFF, 0xF6, 0x1E, 0x8F, 0xB0, 0x50, 0xEF, 0x00, 0x4A, 0x9F, 0x25, 0x01, 0x05, 0x08, 0x3C, 0x8F, 0x70, 0x90, 0x21, 0xCF, 0x70, 0xA1, 0xFA, 0x86, 0x41, 0x45, 0xFF, 0xEF, 0x02, 0x00, 0x20, 0xC5, 0x2A, 0xD9, 0x80, 0x40, 0x80, 0x30, 0x03, 0xFF, 0xFE, 0x05, 0x0B, 0xF8, 0xE1, 0x40, 0x6F, 0x2B, 0x97, 0x80, 0x90, 0x00, 0x05, 0x60, 0x00, 0x80, 0x2F, 0x66, 0xB6, 0xFF, 0xFF, 0x25, 0x06, 0x06, 0x1F, 0x04, 0xF8, 0xF8, 0x9F, 0xF8, 0xF7, 0x2F, 0x73, 0x06, 0x07, 0x48, 0xBB, 0x21, 0x06, 0xD0, 0x40, 0x3B, 0xBB, 0xB8, 0x00, 0x6F, 0x00, 0x6F, 0x70, 0xF0, 0x6F, 0x6F, 0xE0, 0xE0, 0x68, 0x01, 0xDF, 0x50, 0xA0, 0xDF, 0xDF, 0x90, 0x90, 0x20, 0x0B, 0x04, 0xF0, 0x4B, 0x00, 0xB0, 0x00, 0x20, 0x0B, 0xA0, 0x9B, 0x00, 0x00, 0x70, 0x00, 0x89, 0xFF, 0xB6, 0x8D, 0xFF, 0x00, 0xFF, 0x04, 0x03, 0xAD, 0xFD, 0x23, 0x2F, 0xF3, 0x12, 0xF3, 0x9F, 0xAF, 0x20, 0x0B, 0x04, 0xBB, 0x2D, 0xB5, 0xF3, 0x00, 0xF3, 0xAF, 0xBF, 0xB2, 0x00, 0x8B, 0x00, 0xE8, 0x00, 0xB0, 0xFF, 0xEF, 0xC0, 0xC0, 0xFF, 0xFF, 0x49, 0x06, 0x10, 0x81, 0xFD, 0x90, 0xC1, 0x2B, 0x9B, 0x20, 0x0B, 0x90, 0x00, 0x00, 0xBB, 0x00, 0xA0, 0x21, 0xFF, 0xFF, 0x01, 0x00, 0x00, 0xB3, 0x00, 0xCC, 0x07, 0x7C, 0xFA, 0x68, 0x00, 0xAC, 0xFB, 0x89, 0x00, 0x0A, 0x95, 0xFA, 0x5F, 0x00, 0x48, 0xF8, 0xF9, 0x03, 0x06, 0x72, 0xFA, 0xBD, 0x00, 0x21, 0x9D, 0x01, 0x17, 0x0D, 0xF9, 0xF9, 0x01, 0x00, 0x00, 0xB7, 0x00, 0x58, 0xDF, 0xDB, 0xD8, 0x4F, 0x00, 0x3F, 0x30, 0x20, 0x3A, 0xFF, 0x00, 0x03, 0xFF, 0x00, 0xFF, 0x38, 0x6A, 0x4F, 0x4F, 0x20, 0x30, 0x3B, 0x82, 0x2E, 0x19, 0xFF, 0xFF, 0x4A, 0x0B, 0xBB, 0x2E, 0x18, 0x70, 0x00, 0xFA, 0xCC, 0x5E, 0xFF, 0xFF, 0x09, 0x08, 0xFA, 0x00, 0xFA, 0x8F, 0x8F, 0xF3, 0xF3, 0x8F, 0x7F, 0xFF, 0x00, 0xFC, 0x08, 0x3D, 0x91, 0x00, 0xDD, 0x00, 0xF3, 0x00, 0xF9, 0x8F, 0x9F, 0xBA, 0x00, 0x6B, 0x00, 0x00, 0x00, 0xB0, 0xC7, 0xAF, 0xF4, 0xF7, 0x6F, 0x7F, 0xDC, 0x00, 0x70, 0x19, 0xDF, 0x30, 0x30, 0xFF, 0xFF, 0xF5, 0x00, 0xC0, 0x6F, 0x9F, 0x10, 0x00, 0xD8, 0x00, 0x30, 0x00, 0x60, 0xFF, 0xEF, 0xDB, 0x12, 0x2A, 0x00, 0x31, 0x90, 0x2E, 0x70, 0x09, 0x0C, 0x34, 0xF2, 0xFF, 0xFE, 0x00, 0x10, 0x11, 0xFD, 0xFF, 0x09, 0x5B, 0xEB, 0x40, 0x40, 0xB0, 0x20, 0x2B, 0x06, 0xFF, 0x9F, 0x1E, 0x08, 0x09, 0x20, 0x1F, 0xAE, 0x7F, 0x05, 0x84, 0x09, 0xE4, 0x31, 0x40, 0x00, 0xFF, 0xE4, 0x3F, 0x49, 0x9F, 0xFF, 0x03, 0x02, 0xBF, 0xFA, 0x30, 0xFF, 0xC8, 0x00, 0x0F, 0x49, 0x23, 0xFC, 0xBF, 0x24, 0x02, 0xEE, 0x24, 0x02, 0x40, 0x07, 0x00, 0x05, 0xFA, 0x60, 0x17, 0x70, 0x1F, 0x00, 0x05, 0xFA, 0xB0, 0x09, 0x90, 0x1F, 0x87, 0xD0, 0xBF, 0x55, 0xFA, 0x20, 0xFB, 0xF9, 0xFF, 0x01, 0xFF, 0x8C, 0xAF, 0x03, 0xFF, 0x5E, 0x04, 0x10, 0x16, 0x4D, 0xE6, 0x01, 0x43, 0x4C, 0x49, 0x4D, 0xFF, 0xFE, 0x14, 0x2F, 0xFF, 0x18, 0x02, 0x02, 0x28, 0x26, 0xF7, 0x38, 0x90, 0x69, 0x6D, 0x61, 0x54, 0x67, 0x37, 0x02, 0x80, 0x27, 0xBE, 0x0D, 0x67, 0x0F, 0x9C, 0x6D, 0x00, 0xF7, 0xA2, 0xC3, 0x19, 0x7A, 0x1E, 0xE4, 0xC4, 0x00, 0x31, 0xB6, 0x92, 0x11, 0x0E, 0x96, 0xE4, 0xD2, 0x00, 0xE7, 0xF3, 0x4C, 0xB3, 0xFF, 0x51, 0x7C, 0x7E, 0x00, 0x52, 0x2C, 0x8D, 0x15, 0xC5, 0xAB, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 +}; + +static const unsigned char iQue_without_ISBN_LZ[0x2000] = +{ + 0x11, 0x48, 0x65, 0x00, 0x00, 0x64, 0x61, 0x72, 0x63, 0xFF, 0xFE, 0x1C, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x28, 0x65, 0x00, 0x00, 0x83, 0x30, 0x09, 0x1C, 0x04, 0x00, 0x00, 0x40, 0x20, 0x03, 0x30, 0x13, 0xAB, 0x30, 0x18, 0x15, 0x20, 0x1D, 0x02, 0xA0, 0x0B, 0x06, 0x20, 0x2B, 0x30, 0x18, 0x5A, 0x09, 0x20, 0x35, 0x10, 0x20, 0x39, 0x30, 0x2B, 0xF8, 0x20, 0x41, 0x54, 0x85, 0x30, 0x0B, 0x05, 0x00, 0x00, 0xEC, 0x20, 0x4D, 0x98, 0x30, 0x17, 0xD0, 0x20, 0x28, 0x30, 0x17, 0xDC, 0x30, 0x23, 0x07, 0x00, 0x00, 0xCC, 0x09, 0x0C, 0x00, 0x00, 0x20, 0x20, 0x51, 0x20, 0x14, 0x20, 0x2B, 0xA0, 0x20, 0x0B, 0x64, 0x20, 0x5D, 0x80, 0x20, 0x00, 0x00, 0x4C, 0x99, 0x20, 0x5C, 0xA8, 0x01, 0x50, 0x53, 0x20, 0x22, 0x00, 0xB2, 0x20, 0x75, 0x34, 0xE0, 0x22, 0x20, 0x13, 0x20, 0x74, 0xE2, 0x20, 0x81, 0xA0, 0x25, 0x13, 0x00, 0x00, 0x3C, 0x20, 0x68, 0x12, 0x02, 0x50, 0x77, 0x30, 0x8F, 0x41, 0x1C, 0x20, 0x90, 0x00, 0x36, 0x00, 0x00, 0x28, 0x20, 0xAB, 0x4D, 0x3E, 0x20, 0x9C, 0x80, 0x3A, 0x20, 0x0B, 0x20, 0xAD, 0x60, 0x30, 0x17, 0x54, 0x3C, 0x50, 0x17, 0x82, 0x30, 0x17, 0x40, 0x20, 0x23, 0x08, 0x00, 0x2D, 0x00, 0xA4, 0x30, 0x2F, 0x49, 0x20, 0x67, 0x20, 0xE9, 0xC4, 0x30, 0x3B, 0x56, 0x4A, 0x50, 0x17, 0xDC, 0x30, 0x3B, 0x52, 0x20, 0x47, 0x20, 0xE0, 0xF4, 0xB2, 0x30, 0x53, 0x55, 0x20, 0x53, 0x30, 0xD4, 0x00, 0x2E, 0x21, 0x13, 0x61, 0x02, 0x00, 0x6E, 0x00, 0x69, 0x00, 0x6D, 0x21, 0x1D, 0x4E, 0x82, 0x20, 0x07, 0x6E, 0x00, 0x74, 0x00, 0x65, 0x20, 0x11, 0x64, 0x0A, 0x00, 0x6F, 0x00, 0x4C, 0x20, 0x03, 0x67, 0x20, 0x07, 0x5F, 0x28, 0x00, 0x44, 0x20, 0x03, 0x30, 0x20, 0x01, 0x5F, 0x00, 0x53, 0x20, 0x00, 0x63, 0x40, 0x1F, 0x65, 0x00, 0x4F, 0x00, 0x75, 0xAB, 0x20, 0x2B, 0x41, 0x20, 0x43, 0x62, 0x20, 0x13, 0x6C, 0x40, 0x47, 0x02, 0x50, 0x43, 0x57, 0x42, 0x03, 0x20, 0x43, 0x43, 0x01, 0x80, 0x87, 0x55, 0x03, 0x20, 0xCB, 0x00, 0x90, 0x43, 0x01, 0x90, 0xCB, 0xD7, 0x00, 0x90, 0x87, 0xF0, 0xCB, 0x62, 0x21, 0x5D, 0x79, 0x21, 0x97, 0x01, 0x31, 0xA1, 0x71, 0x8D, 0xEA, 0x00, 0xF0, 0x2F, 0x71, 0x05, 0xD0, 0x2F, 0x74, 0x42, 0x09, 0x67, 0x23, 0x29, 0x33, 0xBD, 0x22, 0x01, 0x73, 0xA2, 0x01, 0xB0, 0x5B, 0x52, 0x2D, 0x00, 0x10, 0x21, 0x31, 0x01, 0x00, 0x21, 0x55, 0x32, 0x01, 0x00, 0x43, 0x33, 0xE0, 0x65, 0x4C, 0x23, 0x71, 0x4D, 0x22, 0xA3, 0x1F, 0x73, 0x00, 0x6B, 0x00, 0x40, 0x85, 0x30, 0x1F, 0x00, 0xB0, 0x17, 0xF0, 0x93, 0xF2, 0xE3, 0x41, 0x5F, 0x20, 0xB5, 0x32, 0x00, 0x38, 0x00, 0x78, 0x23, 0x68, 0x60, 0x34, 0xE0, 0xE1, 0x70, 0x02, 0x43, 0x4C, 0x41, 0x4E, 0xFF, 0x46, 0xFE, 0x23, 0xD0, 0x00, 0x02, 0x02, 0x34, 0x03, 0x33, 0x96, 0x70, 0x1D, 0x61, 0x74, 0x31, 0x23, 0x82, 0x44, 0x3E, 0x34, 0x59, 0x28, 0x33, 0x73, 0x10, 0xFF, 0xFF, 0xFF, 0x34, 0x4C, 0x53, 0x63, 0x65, 0x6E, 0x04, 0x65, 0x4F, 0x75, 0x74, 0x41, 0x24, 0x71, 0x47, 0x5F, 0x0C, 0x41, 0x5F, 0x30, 0x30, 0xA0, 0x4C, 0x40, 0x3B, 0x69, 0x31, 0xCD, 0x33, 0xA3, 0x50, 0x3F, 0x02, 0x00, 0x30, 0x59, 0x34, 0x9D, 0x68, 0x24, 0xA1, 0x00, 0x50, 0x5F, 0x4E, 0x69, 0x6E, 0x4C, 0x6F, 0x67, 0x70, 0x6F, 0xA0, 0x35, 0x34, 0xA0, 0x34, 0xBD, 0x43, 0x4C, 0x56, 0x43, 0x8F, 0x74, 0x3F, 0x00, 0x10, 0x02, 0x40, 0x87, 0x40, 0x0B, 0xD0, 0x5D, 0x20, 0x76, 0x20, 0x7F, 0x43, 0x34, 0xEC, 0x4E, 0x5F, 0x52, 0x6F, 0x6F, 0x73, 0x74, 0xD0, 0x7E, 0x00, 0x70, 0x4B, 0x80, 0x57, 0x00, 0x20, 0x20, 0x3B, 0x50, 0x3F, 0xF8, 0x00, 0x30, 0xFF, 0x34, 0xF7, 0xB0, 0xFF, 0x24, 0xD2, 0x80, 0xFF, 0x00, 0x00, 0x1E, 0xD5, 0x45, 0x4C, 0x70, 0xFF, 0x42, 0x40, 0xFF, 0x42, 0x00, 0x40, 0xFF, 0x9C, 0x80, 0x2D, 0xB2, 0x90, 0xFF, 0x5C, 0x01, 0xE0, 0xFF, 0x90, 0xB3, 0x34, 0xC2, 0x02, 0xD0, 0xF3, 0xC8, 0xFD, 0x20, 0xAA, 0xD0, 0xF3, 0x00, 0x70, 0xFF, 0xF1, 0xFF, 0x31, 0x39, 0x71, 0xFF, 0x65, 0x23, 0x31, 0xC5, 0xB1, 0xFF, 0x31, 0x84, 0x47, 0x5F, 0x43, 0x00, 0x81, 0xFF, 0x0F, 0xE1, 0xFF, 0x99, 0x02, 0x90, 0xFF, 0x12, 0xC3, 0x02, 0x31, 0xF3, 0x92, 0x3F, 0x80, 0xBF, 0x91, 0xF3, 0x7B, 0x60, 0x32, 0xB6, 0x00, 0x80, 0xFF, 0x36, 0xDF, 0x03, 0x32, 0xFF, 0x7C, 0x27, 0x27, 0x53, 0x3F, 0x55, 0x0D, 0x42, 0xFF, 0x48, 0x27, 0x9D, 0xB0, 0x27, 0xA1, 0xA4, 0x27, 0x8D, 0x60, 0x24, 0x27, 0x88, 0x36, 0xCB, 0x30, 0x03, 0x00, 0x00, 0xBC, 0xAD, 0x20, 0x03, 0x24, 0x27, 0xAB, 0x88, 0x37, 0x73, 0x27, 0x94, 0xB0, 0x26, 0xE7, 0x02, 0x74, 0x0A, 0x00, 0x00, 0x78, 0x0B, 0x32, 0xDF, 0x57, 0xF9, 0x00, 0x03, 0x5B, 0x37, 0x32, 0x27, 0x6E, 0x26, 0xB1, 0x33, 0xB7, 0x50, 0x41, 0x83, 0x2F, 0x71, 0x02, 0xF2, 0xE3, 0x73, 0xDB, 0x01, 0x13, 0x07, 0x50, 0x5F, 0x33, 0x00, 0x80, 0x67, 0x77, 0xB8, 0x60, 0x67, 0x20, 0xAA, 0x43, 0xC7, 0x38, 0x63, 0xC7, 0x30, 0x6F, 0x93, 0x9F, 0x53, 0xA0, 0x24, 0x0A, 0xA0, 0x27, 0xA5, 0x80, 0xBE, 0x24, 0x39, 0x23, 0x16, 0x23, 0xA0, 0xC0, 0x48, 0x79, 0x06, 0x02, 0x00, 0x30, 0x37, 0x70, 0x23, 0x00, 0x33, 0x33, 0xB3, 0x3F, 0xFC, 0x2D, 0xEC, 0xBC, 0x8C, 0x70, 0x0B, 0x0A, 0xD7, 0x23, 0x20, 0x0B, 0x30, 0x2F, 0x80, 0x3F, 0xBC, 0x48, 0xA9, 0x07, 0x01, 0xD0, 0x2F, 0xF4, 0x2F, 0xB0, 0x6B, 0x39, 0x0C, 0x40, 0x9D, 0x6F, 0x1C, 0x30, 0x97, 0x61, 0xEF, 0xCC, 0x28, 0x45, 0x30, 0x9B, 0x70, 0xF3, 0x24, 0x87, 0xDC, 0xE4, 0xB9, 0x71, 0x5B, 0x50, 0xF1, 0x5B, 0x29, 0x39, 0xD4, 0x8B, 0x70, 0xC1, 0x14, 0xCD, 0xCC, 0xCC, 0x20, 0xEB, 0x20, 0x24, 0x02, 0xF8, 0xC1, 0xF9, 0x00, 0x31, 0x67, 0x00, 0x14, 0xBB, 0x30, 0x7F, 0x30, 0x2F, 0x71, 0x73, 0x44, 0x73, 0xF5, 0x38, 0x94, 0x01, 0x90, 0x7F, 0x3C, 0xC2, 0x20, 0x7F, 0x3E, 0x02, 0xD0, 0x7F, 0x52, 0x65, 0x70, 0x64, 0x01, 0x70, 0xFF, 0xC1, 0xEB, 0x45, 0x43, 0xC2, 0xB7, 0x6D, 0xDB, 0xAE, 0x20, 0x7F, 0x8C, 0x25, 0x02, 0x20, 0x00, 0x40, 0xFF, 0x91, 0xF7, 0xB6, 0x1B, 0x5C, 0xA0, 0xA4, 0x87, 0xB4, 0x35, 0x3E, 0x00, 0x92, 0x24, 0xE9, 0xC0, 0xBD, 0x60, 0x8B, 0x31, 0x00, 0x32, 0xE7, 0x35, 0x33, 0xF2, 0xE7, 0x92, 0x53, 0xF0, 0x26, 0x82, 0x7F, 0x20, 0x25, 0x1B, 0x90, 0x0B, 0x50, 0x97, 0x34, 0xEF, 0x00, 0x50, 0x97, 0x96, 0x53, 0x30, 0x3B, 0xAF, 0x77, 0x04, 0xAA, 0xF1, 0x17, 0x32, 0x02, 0x13, 0x73, 0x32, 0xF7, 0x50, 0x8B, 0x00, 0x96, 0x7B, 0xF9, 0x33, 0x1B, 0x57, 0x78, 0x00, 0x31, 0x7F, 0x3B, 0x90, 0x57, 0x07, 0x54, 0x53, 0x2A, 0xEE, 0xB7, 0x47, 0x73, 0x4C, 0x37, 0x8B, 0x2B, 0xD9, 0x94, 0x63, 0x8B, 0x3B, 0x87, 0x3B, 0xD1, 0x61, 0x24, 0x4B, 0xD5, 0x00, 0x01, 0x97, 0xC0, 0x39, 0x8E, 0xE3, 0x2B, 0x39, 0xE8, 0x51, 0x5B, 0x5B, 0xFD, 0x01, 0x20, 0x23, 0x03, 0xF7, 0x6B, 0x40, 0x41, 0x9E, 0x11, 0x15, 0x8D, 0xBD, 0x31, 0xA3, 0x9A, 0x99, 0xB9, 0x2B, 0x7D, 0xAA, 0x2C, 0x5A, 0x04, 0x01, 0x10, 0x23, 0x01, 0x01, 0x20, 0x8F, 0x01, 0x01, 0x20, 0x8F, 0x01, 0xAD, 0x00, 0x10, 0x8F, 0xC1, 0x20, 0x8F, 0x3D, 0x60, 0x8F, 0x44, 0x5B, 0x01, 0x00, 0x10, 0x8F, 0x82, 0x00, 0x00, 0x23, 0x50, 0x5F, 0x42, 0x6C, 0x6B, 0x03, 0xE1, 0x63, 0x9A, 0x03, 0x99, 0x19, 0xC0, 0x0E, 0x74, 0xDA, 0x00, 0xC1, 0x63, 0x00, 0x40, 0x23, 0xFE, 0x04, 0x61, 0x63, 0x00, 0x30, 0x8F, 0xF1, 0x63, 0x00, 0x40, 0x23, 0x03, 0x81, 0x63, 0x00, 0x13, 0xBB, 0x00, 0x32, 0xC7, 0x58, 0xAA, 0x2E, 0x9D, 0x88, 0x66, 0x4F, 0xE8, 0x2E, 0xA9, 0x18, 0x2E, 0x95, 0x48, 0xBE, 0x2E, 0x99, 0x78, 0x62, 0xC7, 0xE3, 0xD3, 0x56, 0x3F, 0x60, 0x0B, 0x52, 0xD3, 0xF0, 0xF7, 0xC2, 0xD3, 0x01, 0xC0, 0x2F, 0x22, 0xDF, 0xD4, 0x33, 0x40, 0x68, 0x03, 0x50, 0x0B, 0x52, 0xEB, 0x7F, 0xF0, 0xC2, 0xEB, 0x01, 0xB0, 0x2F, 0x32, 0xF7, 0x01, 0xB0, 0xBF, 0x33, 0x03, 0x01, 0xC0, 0x2F, 0x00, 0x10, 0xBF, 0xFF, 0x46, 0x73, 0x70, 0x0B, 0x53, 0x1B, 0x40, 0xBF, 0x83, 0x1B, 0x01, 0xB0, 0x2F, 0x63, 0x27, 0x03, 0xC1, 0xC3, 0xFF, 0x33, 0x27, 0x75, 0x97, 0x93, 0x33, 0x00, 0x91, 0xC3, 0x01, 0x00, 0x2F, 0x05, 0xE1, 0xC3, 0x00, 0xF0, 0xBF, 0xF1, 0xC3, 0xFF, 0x01, 0x00, 0x2F, 0x05, 0x01, 0xC3, 0x00, 0x16, 0xB7, 0x00, 0x36, 0x4F, 0x35, 0xCC, 0x33, 0x8B, 0x36, 0x53, 0x33, 0x8F, 0x5F, 0xA0, 0x69, 0xE3, 0xD0, 0x6D, 0xAB, 0xE6, 0xCF, 0x59, 0xC7, 0x26, 0x43, 0x00, 0x40, 0x17, 0xFF, 0x26, 0x37, 0xD6, 0xFF, 0x63, 0x57, 0x26, 0x2B, 0x00, 0x30, 0x17, 0x36, 0x1F, 0x00, 0x30, 0x5F, 0x36, 0x13, 0xFF, 0x00, 0x40, 0x17, 0x00, 0x10, 0x5F, 0x49, 0x6B, 0x35, 0xFB, 0x00, 0x30, 0x17, 0x65, 0xEF, 0x03, 0xC1, 0x03, 0x82, 0xC7, 0xFF, 0xE1, 0x03, 0x82, 0xDF, 0x02, 0xE1, 0x03, 0x73, 0x27, 0xF1, 0x03, 0x80, 0x17, 0x01, 0xE1, 0x03, 0x00, 0xFD, 0xDF, 0x6E, 0x54, 0xEC, 0xDF, 0x02, 0x7E, 0xDF, 0x04, 0x2F, 0xA4, 0x5F, 0x0D, 0xDC, 0xDF, 0x50, 0xAA, 0x2F, 0xCC, 0xB8, 0x2F, 0xD0, 0x20, 0x2F, 0xBC, 0xA0, 0x2F, 0xC0, 0x2C, 0xAA, 0x2C, 0xE3, 0xAC, 0x2C, 0xE7, 0x10, 0x2C, 0xDF, 0x74, 0x2C, 0xDF, 0xD8, 0x5F, 0x07, 0x2D, 0x17, 0x09, 0x2C, 0x31, 0x2C, 0xE3, 0x02, 0x9C, 0xDF, 0x3E, 0xCF, 0x00, 0xFC, 0xDF, 0xD7, 0x9E, 0xF3, 0x00, 0xBC, 0xDF, 0x7C, 0xEC, 0xDF, 0x2C, 0x6D, 0x5B, 0xDD, 0x4F, 0x4C, 0xE3, 0xFF, 0x8C, 0xD3, 0xD0, 0x17, 0x9C, 0xBB, 0x00, 0x30, 0x17, 0x00, 0x9F, 0xD3, 0x3F, 0xFD, 0x01, 0x1C, 0x8B, 0x00, 0x0D, 0xE7, 0xBF, 0xC3, 0xA3, 0xA0, 0x2C, 0x7B, 0x00, 0x5C, 0x7F, 0xD0, 0x23, 0x01, 0x1C, 0x73, 0x03, 0xD0, 0x67, 0x02, 0x7C, 0x5B, 0x6F, 0x70, 0x2B, 0xCB, 0x7C, 0x5B, 0x20, 0x3B, 0xDB, 0x00, 0xED, 0x5B, 0x3E, 0x67, 0x7F, 0xD7, 0xEF, 0x5B, 0xCF, 0x00, 0xFC, 0x4F, 0x00, 0xDC, 0xDB, 0xF0, 0x2D, 0xCB, 0x80, 0x7F, 0x01, 0x2C, 0xDB, 0x30, 0x2F, 0xBF, 0x7F, 0xFB, 0xC8, 0x2F, 0x03, 0x7C, 0xDB, 0x5B, 0xE7, 0xAC, 0xDB, 0x00, 0x4C, 0x4F, 0x03, 0x3D, 0x67, 0xFF, 0x00, 0x1E, 0x67, 0xDD, 0x67, 0x04, 0x1C, 0x67, 0x41, 0xA3, 0x79, 0x93, 0x9D, 0x43, 0xCC, 0x67, 0x00, 0x60, 0x23, 0xFF, 0xCC, 0x67, 0x31, 0xEB, 0x89, 0x7B, 0x28, 0x2F, 0x00, 0x3C, 0x67, 0x00, 0x50, 0x23, 0xDC, 0x67, 0x00, 0x50, 0x8F, 0xFF, 0xDC, 0x67, 0x00, 0x60, 0x23, 0x00, 0x10, 0x8F, 0x79, 0x4B, 0x30, 0x8F, 0x00, 0x2C, 0x67, 0x00, 0x50, 0x23, 0x04, 0x1C, 0x67, 0x3F, 0x70, 0xC2, 0xA9, 0x33, 0x00, 0x81, 0x63, 0x00, 0x40, 0x23, 0x04, 0x61, 0x63, 0x00, 0x30, 0x8F, 0xF1, 0x63, 0xFF, 0x00, 0x40, 0x23, 0x03, 0x81, 0x63, 0x01, 0x5C, 0x67, 0x01, 0x9F, 0x2F, 0x43, 0xEB, 0x6F, 0x2F, 0x9F, 0x97, 0xDF, 0x2F, 0xFF, 0x00, 0x60, 0x23, 0xCF, 0x2F, 0x34, 0x33, 0x7F, 0x2F, 0x38, 0x2F, 0x00, 0x3F, 0x2F, 0x00, 0x50, 0x23, 0xDF, 0x2F, 0xFF, 0x00, 0x50, 0x8F, 0xDF, 0x2F, 0x00, 0x60, 0x23, 0x00, 0x10, 0x8F, 0x6F, 0x2F, 0x40, 0x8F, 0x00, 0x2F, 0x2F, 0x00, 0x50, 0x23, 0xFF, 0x01, 0x7C, 0x07, 0x01, 0xB1, 0x63, 0x9F, 0x2F, 0x00, 0x91, 0x63, 0x00, 0x40, 0x23, 0x04, 0x61, 0x63, 0x00, 0x30, 0x8F, 0xF1, 0x63, 0xFF, 0x00, 0x40, 0x23, 0x03, 0x81, 0x63, 0x01, 0x5B, 0xA7, 0x01, 0x95, 0x8F, 0x46, 0x27, 0x6F, 0x23, 0x9F, 0xDF, 0xD5, 0x8F, 0xFF, 0x00, 0x60, 0x23, 0xC5, 0x8F, 0x4F, 0xDF, 0x6F, 0x0B, 0x4F, 0xDF, 0x00, 0x25, 0x8F, 0x00, 0x50, 0x23, 0xD5, 0x8F, 0xFF, 0x00, 0x50, 0x8F, 0xD5, 0x8F, 0x00, 0x60, 0x23, 0x00, 0x10, 0x8F, 0x6E, 0xDB, 0x40, 0x8F, 0x00, 0x25, 0x8F, 0x00, 0x50, 0x23, 0xFF, 0x01, 0x7C, 0x07, 0x01, 0xB1, 0x63, 0x9E, 0xC3, 0x00, 0x91, 0x63, 0x00, 0x40, 0x23, 0x04, 0x61, 0x63, 0x00, 0x30, 0x8F, 0xF1, 0x63, 0xEF, 0x00, 0x40, 0x23, 0x03, 0x61, 0x63, 0x00, 0x7C, 0x5F, 0x4C, 0x2C, 0x5C, 0xBC, 0x5F, 0x3E, 0x51, 0x7C, 0x5F, 0x18, 0x65, 0x00, 0x73, 0xCC, 0x5F, 0x3B, 0x9C, 0x47, 0x5F, 0x43, 0xAF, 0x00, 0x4C, 0x5F, 0xFC, 0x2E, 0xBB, 0x0F, 0x5B, 0x58, 0x4C, 0x5F, 0x3C, 0x82, 0x3B, 0xAB, 0x55, 0xBC, 0x2F, 0xFF, 0xFC, 0x2F, 0xF8, 0x3C, 0x2E, 0xDB, 0x7C, 0x2E, 0xDF, 0x7C, 0xBC, 0x2E, 0xE3, 0x00, 0x3C, 0x47, 0x3E, 0xC7, 0x5E, 0xFB, 0x00, 0x7A, 0x3B, 0x80, 0xBF, 0xBD, 0x9A, 0x3B, 0x60, 0x88, 0xC7, 0x00, 0x3C, 0x2B, 0x00, 0x70, 0x4B, 0x9F, 0x2B, 0xCA, 0x2A, 0xB7, 0xDF, 0x00, 0x9B, 0xCB, 0x01, 0x10, 0x3F, 0xF2, 0xA0, 0x3F, 0x00, 0x1B, 0xA3, 0x01, 0xD0, 0x3F, 0x00, 0x29, 0xEF, 0x01, 0x00, 0xBF, 0x7B, 0x8E, 0x2B, 0x77, 0x70, 0xFF, 0x00, 0x27, 0x67, 0x01, 0x00, 0xFF, 0x24, 0xF0, 0x3F, 0xDF, 0x83, 0xB2, 0x01, 0x01, 0x3F, 0x30, 0x00, 0x8E, 0xBB, 0x5E, 0xBF, 0x59, 0x54, 0x7E, 0xBF, 0xA8, 0xA1, 0x2E, 0xBC, 0x10, 0x2F, 0xFB, 0x6C, 0x79, 0x74, 0x31, 0x3E, 0xD1, 0x90, 0x4A, 0x9E, 0x00, 0xA0, 0x2D, 0xE7, 0x70, 0x43, 0x74, 0x78, 0x36, 0x6C, 0x31, 0x3F, 0xDF, 0x3F, 0xBF, 0x04, 0x2F, 0xFF, 0x2D, 0x55, 0x74, 0x00, 0x65, 0x6E, 0x64, 0x6F, 0x5F, 0x31, 0x32, 0x38, 0x00, 0x78, 0x36, 0x34, 0x2E, 0x62, 0x63, 0x6C, 0x69, 0x57, 0x6D, 0x2F, 0xFF, 0x6D, 0x2E, 0xFB, 0x60, 0x62, 0x23, 0x30, 0x4B, 0x4D, 0x7F, 0x08, 0x4C, 0x6F, 0x67, 0x6F, 0xAE, 0xE9, 0xFF, 0xFF, 0xFF, 0xDF, 0x30, 0x03, 0x00, 0x40, 0x02, 0x15, 0x5F, 0xE0, 0x30, 0x62, 0xAF, 0x72, 0x3E, 0x07, 0x5E, 0x0B, 0x08, 0x70, 0x61, 0x6E, 0x31, 0x3B, 0x4F, 0x01, 0x04, 0xFF, 0x00, 0x00, 0x52, 0x6F, 0x6F, 0x74, 0x50, 0x61, 0x6E, 0x70, 0x65, 0x00, 0xB0, 0xDF, 0x00, 0x50, 0x47, 0x50, 0xD3, 0x70, 0x61, 0x73, 0x31, 0xD3, 0x3B, 0xA3, 0x70, 0x53, 0x03, 0x20, 0x53, 0x4E, 0x5F, 0x30, 0x55, 0x00, 0x0F, 0x96, 0xD0, 0x01, 0x20, 0x53, 0x4C, 0xD3, 0x42, 0x80, 0x53, 0x69, 0x63, 0x31, 0x80, 0x9F, 0x3C, 0x0F, 0x07, 0xFF, 0x00, 0x41, 0x03, 0x7E, 0xE0, 0x2D, 0x5B, 0x82, 0x1F, 0x00, 0x20, 0xEF, 0x9E, 0x2F, 0x63, 0x80, 0x42, 0xF1, 0x2B, 0x71, 0x99, 0xCF, 0x23, 0xC1, 0x27, 0x80, 0x0C, 0x3F, 0x70, 0x61, 0x65, 0x60, 0xDB, 0x50, 0x07, 0x67, 0x72, 0x30, 0x70, 0x31, 0x3C, 0x97, 0x31, 0x33, 0x47, 0x72, 0x6F, 0x75, 0xCE, 0x3C, 0x8F, 0x7F, 0xE7, 0x67, 0x72, 0x51, 0x07, 0x30, 0x23, 0x34, 0x57, 0x47, 0x3F, 0x5F, 0x41, 0xCF, 0xD3, 0x3F, 0xCF, 0xF1, 0x17, 0xF1, 0xD7, 0x30, 0x5F, 0x3F, 0xDF, 0x1F, 0x47, 0x5F, 0x42, 0xCF, 0x6D, 0x3F, 0xE7, 0x00, 0x90, 0x2B, 0xD4, 0x9F, 0x3F, 0xFB, 0x9A, 0xF1, 0x7F, 0x67, 0x72, 0x50, 0xC7, 0x01, 0x32, 0xBF, 0x3C, 0x22, 0xBC, 0x22, 0xB5, 0x00, 0x02, 0xBF, 0xC8, 0x82, 0xBF, 0x3D, 0x7F, 0x07, 0x64, 0xBB, 0x2D, 0x2F, 0xFF, 0x9D, 0x2F, 0x08, 0x00, 0x4F, 0x34, 0xA1, 0x32, 0xF3, 0x2F, 0xFF, 0x78, 0x2F, 0xFB, 0x1D, 0x33, 0x64, 0x73, 0x62, 0xAD, 0x62, 0xD2, 0x80, 0x10, 0x31, 0xF0, 0x10, 0x53, 0x32, 0xF0, 0x21, 0x33, 0x63, 0x05, 0x4C, 0x54, 0x90, 0x3E, 0x30, 0x0B, 0x83, 0x70, 0x39, 0x4C, 0x54, 0x4D, 0x61, 0x73, 0x3C, 0xCC, 0x63, 0x2D, 0x82, 0x33, 0x2B, 0xA8, 0x06, 0x00, 0x00, 0x0B, 0x2F, 0xFC, 0x38, 0xAA, 0x2F, 0xFF, 0x88, 0x2F, 0xFB, 0x08, 0x2F, 0xF4, 0x88, 0x2F, 0xF8, 0x08, 0xAA, 0x2F, 0xD4, 0x88, 0x2F, 0xD8, 0x4C, 0x2F, 0x10, 0xE8, 0x2F, 0x14, 0xAC, 0x9D, 0x23, 0x74, 0x48, 0x05, 0x2F, 0xD7, 0x20, 0x2F, 0x00, 0x35, 0x47, 0xAA, 0x53, 0x57, 0xBB, 0x00, 0x83, 0x53, 0x02, 0x00, 0xA3, 0x53, 0x00, 0x35, 0x57, 0x00, 0xB3, 0xA3, 0xD5, 0x20, 0xB3, 0x00, 0xB3, 0xA3, 0x68, 0x40, 0x24, 0x20, 0x30, 0x03, 0x11, 0x2F, 0xFB, 0x74, 0x06, 0x00, 0x61, 0x04, 0x30, 0x03, 0x30, 0x0B, 0x65, 0x06, 0x00, 0x01, 0x30, 0x03, 0xE9, 0x30, 0x17, 0x31, 0x87, 0x5E, 0x03, 0x05, 0x2F, 0x47, 0x4F, 0x5F, 0x31, 0x32, 0xB0, 0x01, 0xB0, 0x7F, 0x01, 0x03, 0xE0, 0x7F, 0xD2, 0xB5, 0x00, 0x00, 0x8C, 0x8C, 0x77, 0x8C, 0x05, 0xA0, 0x7F, 0x00, 0x16, 0x97, 0x00, 0xF1, 0x7F, 0x03, 0x03, 0xC1, 0x7F, 0x00, 0x16, 0xD7, 0x45, 0xA7, 0xCB, 0x2F, 0xB4, 0x00, 0x25, 0xA7, 0x80, 0x3F, 0x23, 0x44, 0x04, 0x25, 0xA3, 0x30, 0x03, 0x00, 0x06, 0x00, 0x06, 0x06, 0x73, 0x09, 0xED, 0xBE, 0xC3, 0x30, 0x03, 0x3F, 0xFB, 0x3A, 0x57, 0xDE, 0x40, 0x30, 0x03, 0xE0, 0x13, 0x70, 0xC0, 0x30, 0x03, 0x00, 0x75, 0xD3, 0x78, 0x54, 0x10, 0x04, 0x00, 0x01, 0x0A, 0x10, 0x04, 0x10, 0x02, 0xA2, 0x37, 0x46, 0xF2, 0x37, 0x26, 0x0F, 0x06, 0x02, 0x05, 0x66, 0x23, 0x33, 0x00, 0x12, 0x43, 0x4D, 0x5F, 0x00, 0x35, 0xB6, 0x96, 0x00, 0x36, 0x6A, 0x80, 0xEA, 0x23, 0x77, 0x05, 0x26, 0x67, 0x30, 0x03, 0x30, 0x1F, 0x8E, 0xE3, 0xBE, 0x30, 0x03, 0xB0, 0xBF, 0xE0, 0x13, 0xC0, 0xBF, 0x50, 0xA7, 0x78, 0x00, 0x00, 0xC0, 0xA7, 0x00, 0x21, 0x5F, 0xCF, 0x5F, 0x01, 0xB1, 0x5F, 0x2F, 0xA1, 0xBD, 0x61, 0xBF, 0x30, 0x03, 0x3F, 0xF7, 0xCE, 0x95, 0x17, 0x41, 0x30, 0x03, 0xBC, 0xE0, 0x13, 0xC1, 0x30, 0x03, 0x05, 0x21, 0x5F, 0x00, 0x00, 0xC3, 0x01, 0x31, 0x5F, 0x61, 0x0B, 0x3F, 0xB6, 0xBF, 0x30, 0x03, 0xB0, 0xBF, 0xE0, 0x13, 0xC0, 0xBF, 0x02, 0x61, 0x5F, 0xCD, 0xF7, 0xFF, 0x01, 0xB2, 0xBF, 0x3F, 0xF7, 0x50, 0x03, 0x5D, 0xA7, 0x50, 0x03, 0xC0, 0x13, 0x4F, 0xF7, 0x05, 0x22, 0xBF, 0xFF, 0x00, 0x00, 0xC3, 0x01, 0x32, 0xBF, 0x3F, 0xE3, 0x3F, 0xE7, 0xB0, 0xBF, 0xE0, 0x13, 0xC0, 0xBF, 0x01, 0xF2, 0xBF, 0xFF, 0x03, 0x59, 0x73, 0x57, 0x87, 0x00, 0x59, 0x73, 0x00, 0x1C, 0x63, 0x99, 0x1F, 0x40, 0x03, 0x00, 0x79, 0x1F, 0x3F, 0x93, 0xAC, 0xC9, 0x73, 0xA0, 0x4E, 0xC7, 0xF5, 0x00, 0x84, 0xD3, 0x70, 0x53, 0x46, 0x31, 0x74, 0x32, 0x00, 0x63, 0x2F, 0x58, 0x2F, 0xFA, 0x9F, 0x05, 0x4F, 0xF1, 0x00, 0x00, 0x13, 0xCD, 0xCC, 0x4C, 0x28, 0x36, 0x80, 0x3F, 0x50, 0x07, 0x40, 0x0F, 0xFF, 0x4A, 0x9B, 0x50, 0x07, 0x9F, 0xEC, 0xE0, 0x0B, 0x40, 0x03, 0x00, 0x0A, 0x1B, 0x2A, 0xC3, 0x00, 0xA4, 0xB7, 0xBE, 0x60, 0xFB, 0x20, 0x01, 0xC0, 0xA7, 0x27, 0x62, 0x01, 0x00, 0xA7, 0x8A, 0x1B, 0x81, 0x2F, 0x91, 0xC5, 0x00, 0x84, 0xA3, 0x71, 0x83, 0x10, 0xF4, 0xBF, 0x01, 0xC1, 0x2F, 0x07, 0x04, 0xD1, 0x2F, 0xDF, 0x00, 0x80, 0xA7, 0x01, 0xF1, 0x2F, 0x08, 0x02, 0x41, 0x2F, 0x00, 0x5D, 0x8B, 0xE1, 0xB7, 0xEB, 0xD7, 0x00, 0xD2, 0x5F, 0x77, 0x09, 0x04, 0xD2, 0x5F, 0x00, 0xB0, 0xA7, 0x01, 0xC3, 0x07, 0x0A, 0x01, 0xE2, 0x5F, 0x92, 0xE7, 0x00, 0x1F, 0xFB, 0xAD, 0xDD, 0x07, 0xA0, 0x00, 0x68, 0x1F, 0x10, 0x43, 0xE3, 0x00, 0x5D, 0x03, 0x50, 0x43, 0x83, 0x1F, 0x00, 0x00, 0x44, 0x6D, 0x03, 0x30, 0x0F, 0x3E, 0x2B, 0x30, 0x0F, 0x2D, 0x03, 0x9B, 0x6D, 0x83, 0x03, 0x05, 0x6D, 0x83, 0x00, 0x4D, 0xD6, 0xF8, 0x3F, 0x1F, 0x00, 0xA0, 0x7F, 0x5E, 0x80, 0x00, 0x40, 0x7F, 0x01, 0x01, 0x4D, 0x83, 0x00, 0x3E, 0x0B, 0x00, 0x1A, 0xEB, 0x01, 0x94, 0xEB, 0x80, 0x7B, 0x41, 0xFF, 0x37, 0x5F, 0xE9, 0x00, 0xEE, 0x0B, 0x7E, 0x8B, 0x01, 0x50, 0x7F, 0xFA, 0xEB, 0xBD, 0x02, 0xB0, 0x7F, 0x03, 0x8E, 0x8B, 0x9E, 0x7B, 0xFE, 0x9B, 0x00, 0x02, 0x0F, 0x03, 0x3F, 0x13, 0xFD, 0x00, 0x1A, 0xF3, 0x01, 0x51, 0x8F, 0x3F, 0x13, 0x00, 0x12, 0x0F, 0x2A, 0x3A, 0x04, 0x8F, 0x13, 0xDC, 0x00, 0x2F, 0x13, 0x7F, 0x0C, 0x4F, 0x13, 0xD6, 0xB7, 0xFD, 0x97, 0xFD, 0x57, 0xFC, 0xE7, 0xFC, 0x77, 0xFC, 0x07, 0xFE, 0xFB, 0x97, 0xFA, 0xE3, 0xFA, 0x57, 0xF9, 0xA3, 0xF9, 0x17, 0xF8, 0x63, 0x3F, 0xEF, 0xCC, 0xEB, 0x00, 0x2F, 0xB3, 0x3E, 0x8F, 0x0A, 0x30, 0xCB, 0x2C, 0x41, 0xA7, 0x43, 0xCF, 0x1B, 0x37, 0x0D, 0x98, 0xF8, 0x5F, 0x67, 0x72, 0x56, 0xFF, 0x04, 0x40, 0x02, 0x60, 0x00, 0x5A, 0x3C, 0xF8, 0xFA, 0x34, 0x9F, 0x2C, 0x5F, 0x4F, 0x27, 0x00, 0x0C, 0x91, 0x82, 0xA0, 0x00, 0xFC, 0xFF, 0x5F, 0x00, 0xFE, 0x00, 0xFF, 0x5A, 0xC0, 0x48, 0xBE, 0xED, 0x75, 0xDF, 0x00, 0x28, 0xF9, 0x20, 0xFF, 0x4C, 0xFE, 0x3F, 0xDD, 0x1A, 0xEF, 0x68, 0x74, 0x08, 0x40, 0x04, 0x20, 0x50, 0x84, 0x3F, 0xFF, 0xF6, 0x40, 0xFF, 0x26, 0x2F, 0xFF, 0x63, 0x03, 0x00, 0x00, 0xC0, 0xF4, 0x00, 0x10, 0xFD, 0xFF, 0xE8, 0x80, 0x2F, 0xB8, 0xF5, 0xF0, 0xFF, 0xFF, 0x20, 0x50, 0xFF, 0x12, 0xFF, 0x30, 0x20, 0x58, 0x09, 0x9F, 0x6F, 0x9F, 0xD9, 0x4F, 0x04, 0x4F, 0x00, 0x00, 0x6F, 0xAF, 0xBF, 0xE9, 0xF2, 0x60, 0x86, 0x5F, 0xEF, 0x0E, 0x8F, 0xFF, 0xF9, 0x51, 0x37, 0x3F, 0xFF, 0xF5, 0x0C, 0xF2, 0xFF, 0xFF, 0xF2, 0x20, 0x03, 0x4F, 0xE3, 0x26, 0x00, 0x64, 0x22, 0x4F, 0xEB, 0x29, 0x82, 0xFF, 0x58, 0x28, 0xE3, 0x06, 0xFF, 0x06, 0xFF, 0x2F, 0x2F, 0x00, 0x00, 0x30, 0x03, 0x4F, 0xFF, 0x22, 0xA0, 0xA0, 0x1F, 0xC1, 0x50, 0x77, 0x0A, 0x0A, 0x00, 0x30, 0x0A, 0x14, 0x0A, 0xD0, 0xF3, 0x6F, 0xE6, 0x64, 0x4F, 0xEE, 0x46, 0x00, 0x20, 0x00, 0xE3, 0x24, 0x2A, 0x8F, 0x9F, 0x00, 0x66, 0xFF, 0x06, 0xF4, 0x2D, 0xDF, 0xC0, 0xC6, 0x90, 0x6F, 0xBF, 0xFB, 0x04, 0xC7, 0x01, 0x52, 0x1C, 0x20, 0xB7, 0x20, 0x00, 0xF0, 0x20, 0xEB, 0x30, 0x03, 0x2F, 0xB1, 0x60, 0xF8, 0x30, 0xCB, 0x20, 0xB6, 0xFF, 0x66, 0x00, 0x66, 0x00, 0x70, 0x02, 0x20, 0xE3, 0x20, 0x6E, 0x2F, 0xC7, 0x00, 0x04, 0xFF, 0xFF, 0x20, 0x0D, 0x8F, 0x7F, 0xDC, 0xF7, 0x30, 0xFF, 0xFD, 0x00, 0x00, 0x00, 0x30, 0x00, 0x19, 0xFF, 0x00, 0xAA, 0xE6, 0xC1, 0x61, 0xE7, 0x2E, 0xF9, 0xC0, 0xF5, 0xF9, 0xFF, 0xDF, 0x20, 0xD5, 0x00, 0x07, 0x10, 0xFC, 0xFC, 0xAF, 0xDF, 0xFF, 0x02, 0x21, 0x9F, 0x6F, 0x3A, 0x6E, 0x35, 0x00, 0xD7, 0x02, 0x30, 0x41, 0x18, 0x00, 0xFF, 0xFD, 0x40, 0xEF, 0x21, 0x3B, 0x00, 0x00, 0xF9, 0x00, 0xF2, 0x01, 0x0B, 0x20, 0x00, 0xCF, 0xFF, 0x21, 0x02, 0xFF, 0xA8, 0x00, 0x5A, 0x00, 0x20, 0x21, 0x63, 0x20, 0x80, 0x2F, 0xA5, 0x0B, 0x0A, 0xF6, 0xF6, 0x0A, 0x0C, 0xF6, 0x00, 0xF2, 0xF7, 0x8E, 0xFF, 0xFF, 0x21, 0x00, 0x69, 0x02, 0x00, 0x8F, 0xFF, 0xA2, 0x06, 0x12, 0x3F, 0xC3, 0x4F, 0x01, 0xFF, 0x00, 0xDF, 0xFF, 0x00, 0x1C, 0xFF, 0x3F, 0xCD, 0x00, 0x00, 0x00, 0xC3, 0xFF, 0xFC, 0xFF, 0xFF, 0x40, 0x00, 0x00, 0xA9, 0x00, 0xFB, 0xFF, 0xFF, 0x4F, 0x6A, 0xAB, 0x2F, 0x74, 0x0A, 0x3F, 0x7A, 0x09, 0x9F, 0xF9, 0x03, 0x04, 0x82, 0x70, 0xEF, 0xFE, 0x81, 0x7F, 0x9C, 0xF6, 0xFF, 0xFF, 0x10, 0x00, 0xC6, 0x3F, 0xA4, 0x1C, 0x6F, 0xFF, 0x00, 0xA0, 0x88, 0x05, 0x00, 0x8F, 0x01, 0x5C, 0xC1, 0x43, 0x4C, 0x04, 0x49, 0x4D, 0xFF, 0xFE, 0x14, 0x32, 0x7C, 0x02, 0x28, 0xC1, 0x29, 0xF7, 0x3B, 0x5D, 0x69, 0x6D, 0x61, 0x67, 0x10, 0x4B, 0xE4, 0x18, 0x20, 0x00, 0x0D, 0x42, 0x30, 0x07, 0x03, 0x8B, 0xA0, 0x00, 0x71, 0x05, 0x00, 0x88, 0xFE, 0xFF, 0xFF, 0x25, 0xCE, 0xC0, 0x2E, 0xCB, 0x01, 0xC0, 0xC0, 0xAF, 0x9F, 0x00, 0x00, 0x9F, 0x20, 0x03, 0x03, 0x00, 0x88, 0x00, 0x88, 0xFF, 0xCC, 0x20, 0x17, 0x70, 0x07, 0x81, 0xFF, 0xC0, 0x78, 0x00, 0x02, 0xFF, 0xFC, 0x3E, 0x4F, 0x9B, 0x87, 0x3F, 0xEE, 0x90, 0x90, 0xDF, 0xDF, 0x30, 0x03, 0x01, 0xA1, 0xD7, 0x40, 0x6F, 0xC8, 0x30, 0x6B, 0x40, 0x6F, 0x00, 0xB0, 0x43, 0xCF, 0xDF, 0xFF, 0x55, 0x0A, 0xFF, 0xD7, 0x00, 0xEE, 0x00, 0x0E, 0xCE, 0x55, 0x20, 0x17, 0xEE, 0xE8, 0x20, 0x17, 0x70, 0x07, 0x40, 0x6F, 0x80, 0x90, 0x6F, 0xC5, 0xFF, 0xCF, 0x1E, 0x7F, 0xDE, 0x00, 0x95, 0x9D, 0xC1, 0x7F, 0x2F, 0x63, 0xB1, 0x7F, 0x20, 0x3A, 0x00, 0x10, 0x51, 0x7F, 0xB9, 0x8A, 0x06, 0xC5, 0x30, 0x50, 0xA8, 0x42, 0x70, 0xC2, 0x28, 0x4E, 0x2E, 0x06, 0x10, 0x00, 0x43, 0xFD, 0x3A, 0xAF, 0x76, 0x24, 0x00, 0x98, 0x6F, 0xC8, 0xCE, 0x47, 0x2D, 0xA3, 0xFF, 0x7A, 0x22, 0xFF, 0x45, 0x4F, 0xFE, 0xAA, 0x00, 0xBB, 0x4A, 0xCF, 0xBB, 0x8A, 0x50, 0x07, 0xFF, 0x23, 0xEF, 0x3F, 0x96, 0x00, 0x23, 0xDE, 0x53, 0x8A, 0x4F, 0xFF, 0x9A, 0x00, 0x68, 0x4A, 0xEF, 0x24, 0x35, 0x23, 0xAD, 0x14, 0xFF, 0xFF, 0xC8, 0x3A, 0xFB, 0xB3, 0x33, 0x2F, 0xFF, 0xFF, 0x87, 0x66, 0x67, 0x27, 0xFF, 0x00, 0x4B, 0x83, 0x4F, 0x7B, 0xA7, 0x21, 0xD1, 0xE0, 0x2E, 0x0D, 0x37, 0xCA, 0x08, 0x46, 0x42, 0x21, 0xF6, 0x22, 0xFF, 0xF7, 0x44, 0xF7, 0x00, 0x15, 0x7F, 0x22, 0xFF, 0x32, 0x4F, 0x7A, 0x43, 0xFF, 0x60, 0x97, 0x6B, 0xE7, 0x36, 0x6A, 0x10, 0xE7, 0xF2, 0xF4, 0xFF, 0xF8, 0x34, 0xBA, 0x40, 0x03, 0x9F, 0x9B, 0x25, 0x32, 0x8F, 0xA8, 0x0C, 0x09, 0xFF, 0x40, 0x4F, 0x25, 0x2D, 0xAD, 0xBF, 0x04, 0x28, 0xFF, 0x00, 0x62, 0x6C, 0x06, 0xF4, 0x37, 0xFF, 0xCF, 0xD6, 0x00, 0xDD, 0x00, 0x4C, 0xFC, 0xDD, 0x35, 0x00, 0xEE, 0x34, 0x4A, 0x31, 0xEF, 0x54, 0x00, 0x45, 0x1F, 0xB8, 0x38, 0x0B, 0x48, 0x51, 0x41, 0xEF, 0xFD, 0xA0, 0x97, 0x1F, 0x10, 0x00, 0xFE, 0x18, 0xFC, 0x10, 0xA0, 0x23, 0xF1, 0x6F, 0xFF, 0x2C, 0xEF, 0x00, 0x05, 0x03, 0xFF, 0xFF, 0x1E, 0x8F, 0xA1, 0x1B, 0xEF, 0x21, 0x1F, 0xCE, 0xC7, 0x69, 0x04, 0xD8, 0x4B, 0xA1, 0xF2, 0x27, 0xCB, 0x20, 0x03, 0x7F, 0xD5, 0xE1, 0x84, 0x40, 0xD7, 0x37, 0xFF, 0x01, 0xBE, 0x4D, 0xAF, 0x58, 0x00, 0x44, 0x23, 0x4F, 0x7B, 0x64, 0xFF, 0xA7, 0x47, 0xEF, 0xDC, 0xFF, 0x59, 0xED, 0x79, 0xA0, 0xDE, 0x24, 0xA0, 0x37, 0x04, 0xCC, 0xFF, 0x50, 0xCF, 0x10, 0x21, 0x00, 0x32, 0x42, 0xDF, 0x33, 0x00, 0x33, 0x00, 0x13, 0x00, 0x73, 0x30, 0x26, 0xAA, 0xFF, 0xFF, 0x40, 0x04, 0x63, 0x3F, 0x9C, 0x46, 0xD7, 0x7A, 0xEF, 0x35, 0x94, 0x72, 0xEF, 0x26, 0xF5, 0x2F, 0x05, 0x5C, 0x4D, 0x2F, 0xCA, 0x6B, 0x03, 0xE4, 0x0C, 0x09, 0x55, 0xFF, 0x08, 0xC0, 0x7F, 0x91, 0x00, 0x01, 0x00, 0xF3, 0xF3, 0x00, 0x99, 0x00, 0x99, 0x5F, 0xB7, 0xFC, 0x20, 0x0B, 0x20, 0x0F, 0x8F, 0xC7, 0x70, 0x17, 0x60, 0x1F, 0x8F, 0xE7, 0x56, 0xFF, 0x34, 0x55, 0x01, 0x3A, 0xFD, 0x90, 0x1F, 0x78, 0x4F, 0xFF, 0x55, 0xFF, 0x46, 0x65, 0x4A, 0x2F, 0x97, 0xFF, 0xFC, 0x35, 0x5C, 0x29, 0x23, 0x02, 0xC6, 0x34, 0x07, 0x3F, 0xFF, 0x8B, 0xFF, 0x03, 0x44, 0x10, 0x28, 0x4D, 0xD4, 0xD0, 0x80, 0x5F, 0x3F, 0xF0, 0x17, 0x9F, 0xF5, 0xEF, 0xFF, 0x07, 0xCF, 0xD1, 0x45, 0x6F, 0x2B, 0x59, 0x3E, 0xFB, 0x5F, 0x30, 0x20, 0xFB, 0x5F, 0x87, 0x12, 0xF3, 0xF9, 0xF8, 0x90, 0x3F, 0x31, 0xB7, 0x22, 0x97, 0x00, 0x60, 0x75, 0x85, 0xBF, 0x2F, 0xFF, 0xAF, 0x0D, 0xFF, 0x9E, 0xFF, 0x45, 0x45, 0x4F, 0x79, 0xA9, 0x00, 0x9A, 0x45, 0xBF, 0x89, 0x55, 0xA7, 0x10, 0xFF, 0x22, 0xFF, 0x3E, 0x9F, 0x00, 0xFF, 0x75, 0xFF, 0x52, 0xDA, 0x4F, 0xE3, 0x23, 0x3A, 0xDB, 0x5E, 0x7F, 0x95, 0x9F, 0x7F, 0x3E, 0x8F, 0x52, 0x23, 0x0C, 0x0D, 0x92, 0x31, 0xE1, 0xEF, 0xE1, 0xFF, 0x7F, 0xC7, 0x02, 0xF8, 0x2C, 0xE9, 0x30, 0x03, 0xF0, 0x0F, 0x01, 0x1D, 0xA6, 0x45, 0x3E, 0x00, 0xFB, 0xB0, 0xB7, 0x3A, 0x47, 0xFE, 0x2B, 0x83, 0x8C, 0x57, 0xD0, 0x28, 0x8B, 0x25, 0x31, 0x77, 0x11, 0x60, 0x0D, 0xA5, 0x1B, 0x96, 0x44, 0x00, 0x00, 0xFC, 0xFB, 0x01, 0x30, 0x07, 0xF8, 0x3B, 0xB6, 0x56, 0x45, 0x0E, 0x50, 0x00, 0x2F, 0x51, 0x3F, 0x2C, 0x8F, 0xE5, 0x2C, 0xC3, 0x00, 0xFA, 0x30, 0x2B, 0xBB, 0x43, 0x6F, 0x76, 0x87, 0x18, 0xEF, 0x00, 0x38, 0x77, 0x77, 0xC2, 0x5F, 0x85, 0xAE, 0x4B, 0x6B, 0xFF, 0x01, 0xAF, 0x47, 0xCF, 0x15, 0x32, 0x6B, 0xDC, 0x26, 0x89, 0x00, 0x3E, 0x67, 0x3A, 0x0D, 0xB4, 0x2F, 0x04, 0xF1, 0xFF, 0x7F, 0xEB, 0xA0, 0xB0, 0xA1, 0x26, 0x73, 0xF4, 0x79, 0x7C, 0x00, 0x60, 0xFB, 0xFF, 0x28, 0x32, 0xC0, 0x00, 0xB0, 0x01, 0x24, 0x07, 0x4F, 0x08, 0x2F, 0x1F, 0x00, 0x00, 0x72, 0x0D, 0x3D, 0x04, 0x7D, 0xFB, 0xFE, 0xE5, 0x00, 0xD8, 0x5C, 0xA7, 0xA5, 0xB7, 0x3F, 0x93, 0x61, 0x00, 0x1C, 0xBF, 0x38, 0x93, 0x40, 0x96, 0x9E, 0x2A, 0x03, 0x4F, 0xF4, 0x4B, 0xFE, 0x28, 0xAF, 0xD0, 0xE1, 0x3E, 0xFF, 0x1A, 0x27, 0x87, 0x3E, 0x05, 0x18, 0x00, 0x00, 0x3F, 0x2B, 0x55, 0x98, 0xBE, 0x04, 0x07, 0xFF, 0x17, 0xFF, 0x08, 0x06, 0x0E, 0x53, 0xFF, 0x20, 0x4A, 0xBF, 0x3F, 0xB6, 0xB3, 0xFF, 0x1C, 0xDE, 0xFF, 0xDD, 0x55, 0x42, 0x60, 0x17, 0x7F, 0xD6, 0xDD, 0xFF, 0x03, 0xED, 0xFF, 0x00, 0x31, 0x00, 0x95, 0x7A, 0xDB, 0x60, 0x37, 0x24, 0xEE, 0x12, 0x2E, 0xBF, 0x50, 0xFD, 0xDA, 0x11, 0xFF, 0xBD, 0x24, 0xFF, 0x69, 0x45, 0xE7, 0x14, 0x6B, 0x9B, 0x0F, 0x8E, 0x5E, 0x34, 0x01, 0x9F, 0x6F, 0xD3, 0x00, 0x1C, 0x2A, 0x35, 0x2F, 0x8F, 0xFC, 0xFC, 0x09, 0x00, 0xAD, 0x00, 0x47, 0x5A, 0x6F, 0xFD, 0x74, 0x4E, 0x97, 0x1E, 0xB9, 0xFF, 0xDC, 0x4F, 0xFF, 0x2F, 0x44, 0x2B, 0xB2, 0x4F, 0x3C, 0xBB, 0x6A, 0xFF, 0x2B, 0xAA, 0x2D, 0x64, 0x10, 0x60, 0xB7, 0x32, 0x35, 0xDC, 0x10, 0x15, 0x00, 0xB4, 0xEC, 0x2F, 0xF3, 0xF9, 0x7B, 0x78, 0xEF, 0x68, 0x9F, 0x10, 0x8B, 0xFF, 0x25, 0xAB, 0x8F, 0x6D, 0xFF, 0x8F, 0x02, 0xBD, 0x4E, 0xDD, 0x6C, 0x01, 0xEC, 0xAC, 0xCE, 0x7F, 0x2D, 0x16, 0xBE, 0x7F, 0x80, 0x7E, 0x7F, 0xC0, 0x9D, 0x2E, 0x04, 0x0F, 0xBD, 0xFF, 0xEF, 0xEF, 0x8A, 0xAF, 0x8E, 0x00, 0x47, 0x24, 0xDD, 0x78, 0xDD, 0x77, 0x33, 0x11, 0x01, 0x33, 0x11, 0x8D, 0x7D, 0x13, 0x13, 0x7D, 0x20, 0x03, 0xBF, 0x8A, 0xBF, 0x77, 0x50, 0x17, 0x70, 0x07, 0xFF, 0xFF, 0x30, 0x2B, 0xB0, 0x2F, 0xF0, 0x0F, 0xB7, 0x01, 0xBF, 0x7F, 0xA8, 0x6D, 0xEA, 0x7F, 0x7F, 0x10, 0x6D, 0xFF, 0x27, 0xB0, 0x04, 0xA1, 0x00, 0xA0, 0x0D, 0xB0, 0x01, 0x02, 0x60, 0xED, 0x61, 0xFF, 0x2C, 0xFF, 0xBE, 0x35, 0xFF, 0xF0, 0x3E, 0xB7, 0x00, 0xC0, 0xFF, 0x19, 0x00, 0x21, 0x1D, 0x01, 0x28, 0xFA, 0x18, 0xCC, 0xFF, 0x3A, 0x3B, 0x92, 0x40, 0x3F, 0x17, 0xFF, 0x6B, 0x8D, 0x27, 0x4C, 0x84, 0xFF, 0xE9, 0xBD, 0xB9, 0x3C, 0xB8, 0xFD, 0x23, 0x34, 0xE2, 0x30, 0x62, 0x4C, 0xDA, 0x40, 0x13, 0xF7, 0xFF, 0xF1, 0x20, 0x03, 0xEF, 0x08, 0xFF, 0xE8, 0xFF, 0xE0, 0x20, 0x03, 0xE1, 0xFF, 0xD9, 0x38, 0xFF, 0xD3, 0x50, 0x95, 0x2E, 0xE1, 0x21, 0x87, 0x57, 0xFF, 0x86, 0x34, 0xFF, 0xD1, 0x93, 0x69, 0x30, 0x41, 0xFA, 0x31, 0x9F, 0xAC, 0xFF, 0x44, 0xC7, 0x41, 0xA5, 0xD9, 0xFF, 0xE4, 0x50, 0x5B, 0xF6, 0xFF, 0x41, 0xF2, 0x20, 0x5D, 0xFB, 0xFF, 0xEE, 0xFF, 0xEA, 0x2F, 0x23, 0x54, 0xF5, 0x20, 0x05, 0xE4, 0x23, 0x97, 0xEA, 0x2E, 0x2E, 0xDA, 0xFF, 0x10, 0xDB, 0xFF, 0xD5, 0x2C, 0x6E, 0xC6, 0xFF, 0xD0, 0xFF, 0x05, 0xCB, 0xFF, 0xC1, 0xFF, 0xBC, 0x27, 0xE7, 0xE1, 0x20, 0x11, 0x41, 0xD2, 0x24, 0x7A, 0xDA, 0xFF, 0xCD, 0xFF, 0xCA, 0x20, 0x19, 0x04, 0xC1, 0xFF, 0xB7, 0xFF, 0xB3, 0x20, 0xFE, 0xBA, 0xFF, 0x14, 0xAF, 0xFF, 0xAB, 0x05, 0xD1, 0xFF, 0x5F, 0x62, 0x6D, 0x03, 0xFF, 0x51, 0x29, 0x20, 0xC2, 0xC2, 0xE1, 0x7F, 0x05, 0xFF, 0x9F, 0x22, 0x8D, 0x5B, 0x07, 0x21, 0x61, 0xA7, 0x20, 0x9A, 0x5F, 0xE9, 0x8A, 0xD9, 0x48, 0x38, 0x99, 0x50, 0xFE, 0x41, 0x01, 0xF7, 0x25, 0x34, 0xEA, 0xFF, 0xE0, 0x8D, 0xA2, 0xD1, 0x73, 0xF6, 0x80, 0x27, 0xF7, 0xFF, 0xEB, 0x25, 0x56, 0xE0, 0xA8, 0x21, 0x1D, 0xE9, 0x21, 0x25, 0xDE, 0x2F, 0x4A, 0xD4, 0xFF, 0xD3, 0x28, 0xFF, 0xC9, 0x2F, 0x52, 0xD3, 0x2B, 0x3D, 0xC9, 0xFF, 0xC8, 0xA8, 0x25, 0x49, 0xBD, 0x21, 0x07, 0xFC, 0x27, 0x46, 0xF0, 0xFF, 0xE6, 0xA2, 0x20, 0x2D, 0xE2, 0x25, 0x9E, 0xD5, 0xFF, 0xE3, 0x21, 0x95, 0xD6, 0xAA, 0x2D, 0xB0, 0xD0, 0x20, 0x21, 0xC3, 0x25, 0x10, 0xDA, 0x21, 0x3B, 0xCD, 0x28, 0xFF, 0xC5, 0x21, 0x4D, 0xC4, 0x25, 0x7B, 0xB6, 0xFF, 0xBF, 0x80, 0x21, 0x3D, 0xB2, 0xFF, 0xAB, 0xFF, 0xB0, 0xFF, 0xA9, 0x0A, 0xFF, 0xA3, 0xFF, 0x9C, 0x21, 0x51, 0xC0, 0x22, 0x4A, 0xB5, 0xA8, 0x21, 0x53, 0xAE, 0x21, 0xA8, 0xA2, 0x21, 0x59, 0xAA, 0xFF, 0xA8, 0xA0, 0x20, 0xC8, 0xA0, 0x2F, 0xE0, 0x95, 0xFF, 0x8C, 0xFF, 0xA6, 0x80, 0x2B, 0x49, 0x9A, 0xFF, 0x92, 0xFF, 0x96, 0xFF, 0x8F, 0xA8, 0x25, 0x33, 0x84, 0x20, 0x05, 0x87, 0x22, 0x2C, 0x7C, 0xFF, 0x7F, 0x2A, 0xFF, 0x79, 0x2B, 0x43, 0x6E, 0x22, 0x86, 0xB8, 0x20, 0x4B, 0xAA, 0x8C, 0x20, 0x53, 0xAD, 0xFF, 0xA4, 0x21, 0x00, 0x30, 0x53, 0x96, 0xFF, 0x54, 0x90, 0x2B, 0xFF, 0x92, 0x20, 0xFC, 0x85, 0x20, 0x4B, 0xA4, 0xFF, 0x41, 0x9B, 0x20, 0x3D, 0xA0, 0xFF, 0x9D, 0xFF, 0x93, 0x20, 0x17, 0x04, 0x8D, 0xFF, 0x89, 0xFF, 0x80, 0x20, 0x3F, 0x86, 0xFF, 0x50, 0x83, 0x20, 0x41, 0x76, 0x20, 0x0D, 0x83, 0xFF, 0x7D, 0xFF, 0x14, 0x77, 0xFF, 0x7E, 0x20, 0x4F, 0x72, 0x25, 0x87, 0x72, 0xFF, 0x04, 0x6C, 0xFF, 0x67, 0xFF, 0x62, 0x40, 0x03, 0x5C, 0xFF, 0x00, 0x58, 0xFF, 0x74, 0xFF, 0x70, 0xFF, 0x69, 0xFF, 0x50, 0x65, 0x25, 0xA1, 0x6A, 0x20, 0x15, 0x5F, 0xFF, 0x5E, 0xFF, 0x04, 0x5A, 0xFF, 0x53, 0xFF, 0x50, 0x22, 0x6C, 0x54, 0xFF, 0x14, 0x4D, 0xFF, 0x4A, 0x00, 0xD3, 0xFF, 0x16, 0x24, 0x1D, 0x6B, 0xFF, 0x6A, 0x15, 0x22, 0x66, 0x72, 0xD7, 0x85, 0x2F, 0xA8, 0xED, 0x5F, 0x95, 0xF9, 0xAA, 0x2E, 0xCE, 0xF0, 0x94, 0x3F, 0x75, 0x21, 0xBF, 0xD5, 0x84, 0x4D, 0x3D, 0xD5, 0x2F, 0xD0, 0xAF, 0xAC, 0xFD, 0x22, 0xFB, 0xE8, 0x26, 0x3B, 0xE0, 0x2F, 0xE7, 0x55, 0xF8, 0x2F, 0x06, 0xF1, 0x23, 0x03, 0xD9, 0x23, 0x01, 0xD3, 0x21, 0x7F, 0x55, 0xF0, 0x28, 0xC8, 0xE6, 0x21, 0x77, 0xD6, 0x23, 0x0F, 0xCC, 0x22, 0xD1, 0x55, 0xDD, 0x21, 0x89, 0xD5, 0x22, 0xBF, 0xC3, 0x22, 0xF6, 0xBB, 0x22, 0xB1, 0x55, 0xBF, 0x21, 0x61, 0xB5, 0x22, 0xB1, 0xA8, 0x21, 0x59, 0x9F, 0x22, 0xBB, 0x55, 0xAB, 0x21, 0x69, 0xA2, 0x21, 0x5F, 0x95, 0x2D, 0x23, 0x8C, 0x42, 0xD5, 0x5A, 0xD2, 0x21, 0x9F, 0xBF, 0x21, 0x95, 0x30, 0x1B, 0xCB, 0x27, 0x21, 0xC4, 0xAA, 0x21, 0xA7, 0xB0, 0x21, 0x9D, 0xA9, 0x21, 0x9F, 0xA6, 0x21, 0x7D, 0x9E, 0xAB, 0x21, 0x7F, 0x8F, 0x23, 0xA2, 0x87, 0x21, 0x77, 0x96, 0x26, 0xB9, 0x30, 0x0B, 0x51, 0x7F, 0x21, 0x19, 0x78, 0x21, 0x7F, 0x9E, 0xFF, 0x94, 0x20, 0x01, 0x45, 0x8A, 0x26, 0xCF, 0x82, 0xFF, 0x81, 0x20, 0x11, 0x8B, 0x20, 0x05, 0x62, 0x82, 0x20, 0x19, 0x30, 0x1B, 0x6E, 0xFF, 0x66, 0x21, 0xA5, 0x71, 0xA2, 0x21, 0x41, 0x68, 0x21, 0x3D, 0x63, 0xFF, 0x60, 0x21, 0x3B, 0x66, 0xA0, 0x21, 0x41, 0x5E, 0x2D, 0xBD, 0x57, 0xFF, 0x51, 0xFF, 0x4F, 0x2A, 0xFF, 0x48, 0x21, 0xC5, 0x70, 0x20, 0x21, 0x68, 0x80, 0x17, 0x6A, 0xAA, 0x20, 0x25, 0x63, 0x21, 0x63, 0x57, 0x20, 0x1D, 0x50, 0x20, 0x1F, 0x55, 0x20, 0xFF, 0x4E, 0x20, 0x01, 0x46, 0xFF, 0x47, 0xFF, 0x40, 0x0A, 0xFF, 0x3F, 0xFF, 0x39, 0x20, 0x07, 0x3F, 0x20, 0x09, 0x39, 0xA2, 0x20, 0x09, 0x32, 0x20, 0x01, 0x2C, 0xFF, 0x5D, 0x23, 0xF6, 0x53, 0xC0, 0x20, 0x23, 0x30, 0x03, 0x49, 0xFF, 0x44, 0xFF, 0x4B, 0xFF, 0x10, 0x45, 0xFF, 0x42, 0x21, 0x3E, 0x40, 0xFF, 0x3C, 0xFF, 0x05, 0x38, 0xFF, 0x34, 0xFF, 0x4A, 0x20, 0x39, 0x41, 0x21, 0x4E, 0x50, 0x43, 0x20, 0x05, 0x3B, 0x20, 0x11, 0x38, 0xFF, 0x35, 0xFF, 0x00, 0x31, 0xFF, 0x2E, 0xFF, 0x33, 0xFF, 0x30, 0xFF, 0x55, 0x2B, 0x23, 0x46, 0x3B, 0x20, 0x0F, 0x33, 0x20, 0x0F, 0x30, 0x24, 0xD2, 0x05, 0x2A, 0xFF, 0x26, 0xFF, 0x2D, 0x2B, 0x94, 0x27, 0x2D, 0xA5, 0x01, 0x23, 0xFF, 0x20, 0xFF, 0x1E, 0xFF, 0x1B, 0x23, 0x68, 0x50, 0x26, 0x40, 0x0B, 0x24, 0x2D, 0xB9, 0x1E, 0xFF, 0x1C, 0xFF, 0x05, 0x1D, 0xFF, 0x1A, 0xFF, 0x18, 0x21, 0xD2, 0x18, 0x24, 0xB8, 0x15, 0x13, 0xFF, 0x12, 0x33, 0x8B, 0x00, 0x20, 0x36, 0xD2, 0x6B, 0xF6, 0xB5, 0x34, 0x85, 0x00, 0x24, 0x87, 0x64, 0xB3, 0xFA, 0x2C, 0x0B, 0xEA, 0x24, 0x61, 0x55, 0xE4, 0x24, 0x57, 0xCC, 0x24, 0x59, 0xC6, 0x27, 0xFF, 0xDF, 0x24, 0x75, 0x52, 0xDA, 0x24, 0x5F, 0xC1, 0x24, 0x4D, 0xBC, 0x00, 0x22, 0xB6, 0x00, 0xC5, 0x23, 0x56, 0x43, 0x7B, 0xFE, 0xFF, 0xF2, 0x34, 0xA5, 0x00, 0x23, 0x4E, 0xAA, 0x24, 0xFD, 0xED, 0x2A, 0x35, 0xEA, 0x2C, 0x67, 0xD5, 0x24, 0xE9, 0xD2, 0xAA, 0x24, 0x91, 0xB7, 0x24, 0x8F, 0xB2, 0x29, 0x02, 0xCD, 0x24, 0xA5, 0xCA, 0xAA, 0x25, 0x7E, 0xAF, 0x24, 0x81, 0xAB, 0x25, 0x86, 0xB0, 0x23, 0x01, 0xAA, 0xAA, 0x23, 0x4B, 0x96, 0x23, 0x4D, 0x90, 0x23, 0x5B, 0xA4, 0x23, 0x09, 0x9F, 0xAA, 0x2E, 0xFF, 0x8A, 0x23, 0x35, 0x85, 0x22, 0xED, 0x7D, 0x22, 0xE9, 0x77, 0xAA, 0x22, 0xDB, 0x67, 0x22, 0xD9, 0x62, 0x22, 0xE7, 0x72, 0x23, 0x39, 0x6D, 0xAA, 0x22, 0xE3, 0x5C, 0x22, 0xE5, 0x57, 0x23, 0x6B, 0x9A, 0x23, 0x37, 0x96, 0xAA, 0x23, 0x17, 0x80, 0x23, 0x19, 0x7C, 0x23, 0x77, 0x93, 0x23, 0x29, 0x90, 0xAA, 0x25, 0x4A, 0x79, 0x23, 0x21, 0x76, 0x22, 0xFF, 0x6A, 0x23, 0x01, 0x65, 0xAA, 0x24, 0x7A, 0x53, 0x22, 0xF9, 0x50, 0x28, 0xA9, 0x62, 0x23, 0x09, 0x5F, 0xAA, 0x25, 0x6C, 0x4D, 0x23, 0x01, 0x4A, 0x21, 0x7F, 0x53, 0x25, 0x78, 0x4E, 0xA2, 0x21, 0x77, 0x42, 0x21, 0x79, 0x3D, 0xFF, 0x52, 0x21, 0x85, 0x4E, 0xAA, 0x21, 0x87, 0x40, 0x21, 0x7D, 0x3C, 0x21, 0x7F, 0x3A, 0x21, 0x69, 0x35, 0xAA, 0x21, 0x6F, 0x2D, 0x25, 0xA4, 0x28, 0x2E, 0xFD, 0x30, 0x21, 0x65, 0x2C, 0xAA, 0x41, 0x53, 0x1E, 0x21, 0x61, 0x1B, 0x21, 0x9F, 0x41, 0x21, 0xDD, 0x3D, 0xAA, 0x21, 0xAB, 0x31, 0x21, 0x99, 0x2D, 0x21, 0xA7, 0x3B, 0x21, 0xAF, 0x38, 0xAA, 0x21, 0x9F, 0x2B, 0x21, 0xA1, 0x29, 0x24, 0xE8, 0x23, 0x21, 0x95, 0x20, 0xAA, 0x21, 0x77, 0x18, 0x21, 0x79, 0x15, 0x21, 0x87, 0x1E, 0x2F, 0x43, 0x1C, 0xAA, 0x21, 0x83, 0x13, 0x23, 0x5E, 0x12, 0x2F, 0x4F, 0x1D, 0x40, 0x1B, 0x19, 0x8A, 0x23, 0x6C, 0x14, 0xFF, 0x11, 0x26, 0x72, 0x14, 0x23, 0x76, 0x11, 0xA8, 0x20, 0x09, 0x0E, 0x20, 0x01, 0x0B, 0x21, 0xA3, 0x10, 0xFF, 0x0F, 0x20, 0xFF, 0x0D, 0x40, 0x03, 0x0B, 0xFF, 0x0A, 0xFF, 0x0C, 0xAA, 0x20, 0x03, 0x09, 0x25, 0x24, 0x08, 0x25, 0x28, 0x06, 0x25, 0x32, 0x13, 0xAA, 0x20, 0x1D, 0x10, 0x20, 0x1F, 0x0C, 0x20, 0x15, 0x0A, 0x25, 0x3C, 0x0F, 0xAB, 0x20, 0x33, 0x0D, 0x20, 0x27, 0x08, 0x20, 0x1D, 0x07, 0x25, 0x52, 0x50, 0x25, 0x56, 0x04, 0x20, 0x01, 0x03, 0x25, 0x76, 0x02, 0x80, 0x07, 0x50, 0x01, 0x01, 0xAC, 0x00, 0xB9, 0x7F, 0x20, 0x2C, 0x1D, 0x03, 0x04, 0xE9, 0x7F, 0x10, 0x04, 0x80, 0x59, 0x30, 0xC2, 0x30, 0xFE, 0xE2, 0x2C, 0x3A, 0x3A, 0x46, 0x20, 0xF8, 0xE9, 0xFF, 0x0C, 0x00, 0x95, 0x00, 0xDC, 0x00, 0x3E, 0x2E, 0x03, 0x1F, 0xA9, 0x80, 0xF2, 0x18, 0x00, 0x10, 0xF9, 0x38, 0xEF, 0x4F, 0x02, 0x50, 0x90, 0xFF, 0x1F, 0xFF, 0xC0, 0xD0, 0x00, 0xDE, 0x98, 0xBF, 0x1B, 0xCB, 0xFF, 0x2F, 0x23, 0xF2, 0x7F, 0xE2, 0x4B, 0xFF, 0x01, 0xCF, 0x27, 0x10, 0x5B, 0x20, 0x2B, 0x10, 0x00, 0x11, 0x49, 0x71, 0x11, 0xFD, 0x60, 0x07, 0xF9, 0x7E, 0x70, 0x17, 0x0B, 0x10, 0x1F, 0x3A, 0x6E, 0x0C, 0xBA, 0x5C, 0x40, 0x41, 0xCD, 0x00, 0x30, 0xE3, 0xFF, 0x20, 0xF9, 0xB7, 0xFF, 0xFF, 0x00, 0xAF, 0xCF, 0x03, 0xD1, 0xF8, 0xFF, 0x7F, 0xFE, 0x00, 0xFF, 0x0C, 0x05, 0x06, 0x00, 0x00, 0x50, 0x00, 0x00, 0x00, 0x90, 0x80, 0xED, 0xFF, 0xEE, 0xFF, 0x79, 0x0A, 0x00, 0x77, 0x00, 0xEE, 0x20, 0x07, 0x77, 0x20, 0x07, 0x00, 0x01, 0xAA, 0x00, 0x07, 0xFF, 0xFF, 0x3F, 0xCF, 0x2B, 0x90, 0x06, 0xA5, 0x00, 0x00, 0xF9, 0xF8, 0x70, 0x17, 0x80, 0x1F, 0x4A, 0x00, 0x00, 0xA0, 0x6F, 0x6F, 0xF0, 0x30, 0x00, 0x9B, 0x07, 0x00, 0x00, 0xEF, 0x23, 0x00, 0x80, 0x37, 0x80, 0x3F, 0xEA, 0x05, 0x8B, 0x00, 0x30, 0x1F, 0x80, 0xE8, 0xAB, 0x59, 0xF7, 0x59, 0x00, 0x60, 0x3F, 0x3B, 0xFC, 0xE0, 0x6B, 0xF2, 0x00, 0xE0, 0x5F, 0x00, 0x90, 0x7F, 0xA2, 0x00, 0x6A, 0xF4, 0xF3, 0x2A, 0x9F, 0x8F, 0x90, 0xBF, 0xDE, 0x20, 0xDF, 0x97, 0xDC, 0x48, 0x01, 0x00, 0x20, 0x10, 0x7B, 0xFF, 0x02, 0xAF, 0xFC, 0x30, 0x20, 0xFF, 0xFA, 0x39, 0xE3, 0x4E, 0xFF, 0x00, 0x04, 0x00, 0x00, 0x65, 0x50, 0x01, 0xA9, 0x88, 0x05, 0x04, 0xFF, 0x02, 0xF6, 0x1E, 0x8F, 0xB0, 0x50, 0xEF, 0x00, 0x4A, 0x9F, 0x01, 0x4B, 0x05, 0x08, 0x3C, 0x8F, 0x70, 0x90, 0x21, 0xCF, 0x70, 0xA1, 0xFA, 0x41, 0x45, 0x0C, 0xFF, 0xEF, 0x02, 0x00, 0x20, 0xC5, 0x2A, 0xD9, 0x80, 0x80, 0x80, 0x30, 0x03, 0xFF, 0xFE, 0x05, 0x0B, 0xF8, 0xE1, 0x6F, 0x81, 0x2B, 0x97, 0x80, 0x90, 0x00, 0x05, 0x60, 0x00, 0x2F, 0x66, 0x00, 0xB6, 0xFF, 0xFF, 0x25, 0x06, 0x06, 0x1F, 0xF8, 0x08, 0xF8, 0x9F, 0xF8, 0xF7, 0x2F, 0x73, 0x06, 0x07, 0xBB, 0x90, 0x21, 0x06, 0xD0, 0x40, 0x3B, 0xBB, 0xB8, 0x00, 0x6F, 0x6F, 0x00, 0x70, 0xF0, 0x6F, 0x6F, 0xE0, 0xE0, 0x68, 0xDF, 0x02, 0x50, 0xA0, 0xDF, 0xDF, 0x90, 0x90, 0x20, 0x0B, 0xF0, 0x08, 0x4B, 0x00, 0xB0, 0x00, 0x20, 0x0B, 0xA0, 0x9B, 0x00, 0x00, 0x70, 0x00, 0x89, 0xFF, 0xB6, 0x8D, 0xFF, 0xFF, 0x00, 0x04, 0x03, 0xAD, 0xFD, 0x23, 0x2F, 0xF3, 0xF3, 0x24, 0x9F, 0xAF, 0x20, 0x0B, 0x04, 0xBB, 0x2D, 0xB5, 0xF3, 0xF3, 0x00, 0xAF, 0xBF, 0xB2, 0x00, 0x8B, 0x00, 0xE8, 0xB0, 0x00, 0xFF, 0xEF, 0xC0, 0xC0, 0xFF, 0xFF, 0x49, 0x10, 0x0C, 0x81, 0xFD, 0x90, 0xC1, 0x2B, 0x9B, 0x20, 0x0B, 0x90, 0x00, 0x00, 0xBB, 0x00, 0xA0, 0x21, 0xFF, 0xFF, 0x01, 0x00, 0x00, 0xB3, 0x00, 0xCC, 0x07, 0x7C, 0xFA, 0x68, 0xAC, 0x00, 0xFB, 0x89, 0x00, 0x0A, 0x95, 0xFA, 0x5F, 0x48, 0x00, 0xF8, 0xF9, 0x03, 0x06, 0x72, 0xFA, 0xBD, 0x21, 0x00, 0x9D, 0x01, 0x17, 0x0D, 0xF9, 0xF9, 0x01, 0x00, 0x00, 0xB7, 0x00, 0x58, 0xDF, 0xDB, 0xD8, 0x4F, 0x3F, 0x00, 0x30, 0x20, 0x3A, 0xFF, 0x00, 0x03, 0xFF, 0xFF, 0x01, 0x38, 0x6A, 0x4F, 0x4F, 0x20, 0x30, 0x3B, 0x2E, 0x19, 0x04, 0xFF, 0xFF, 0x4A, 0x0B, 0xBB, 0x2E, 0x18, 0x70, 0xFA, 0x00, 0xCC, 0x5E, 0xFF, 0xFF, 0x09, 0x08, 0xFA, 0xFA, 0x00, 0x8F, 0x8F, 0xF3, 0xF3, 0x8F, 0x7F, 0xFF, 0xFC, 0x00, 0x08, 0x3D, 0x91, 0x00, 0xDD, 0x00, 0xF3, 0xF9, 0x00, 0x8F, 0x9F, 0xBA, 0x00, 0x6B, 0x00, 0x00, 0xB0, 0x00, 0xC7, 0xAF, 0xF4, 0xF7, 0x6F, 0x7F, 0xDC, 0x70, 0x00, 0x19, 0xDF, 0x30, 0x30, 0xFF, 0xFF, 0xF5, 0xC0, 0x00, 0x6F, 0x9F, 0x10, 0x00, 0xD8, 0x00, 0x30, 0x60, 0x01, 0xFF, 0xEF, 0xDB, 0x12, 0x2A, 0x00, 0x31, 0x2E, 0x70, 0x20, 0x09, 0x0C, 0x34, 0xF2, 0xFF, 0xFE, 0x00, 0x10, 0xFD, 0x22, 0xFF, 0x09, 0x5B, 0xEB, 0x40, 0x40, 0xB0, 0x20, 0x2B, 0xFF, 0x0D, 0x9F, 0x1E, 0x08, 0x09, 0x20, 0x1F, 0xAE, 0x7F, 0x05, 0x09, 0xE4, 0x31, 0x08, 0x40, 0x00, 0xFF, 0xE4, 0x3F, 0x49, 0x9F, 0xFF, 0x02, 0x07, 0xBF, 0xFA, 0x30, 0xFF, 0xC8, 0x00, 0x0F, 0x49, 0x23, 0xFC, 0x24, 0x02, 0x7F, 0xEE, 0x24, 0x02, 0x40, 0x07, 0x00, 0x05, 0xFA, 0x60, 0x17, 0x70, 0x1F, 0x00, 0x05, 0xFA, 0x09, 0x90, 0x1F, 0x60, 0x87, 0xD0, 0xBF, 0x55, 0xFA, 0x20, 0xFB, 0xF9, 0xFF, 0xFF, 0x02, 0x8C, 0xAF, 0x03, 0xFF, 0x5E, 0x04, 0x10, 0x16, 0x4D, 0xE6, 0x43, 0x02, 0x4C, 0x49, 0x4D, 0xFF, 0xFE, 0x14, 0x2F, 0xFF, 0x02, 0x30, 0x02, 0x28, 0x26, 0xF7, 0x38, 0x90, 0x69, 0x6D, 0x61, 0x67, 0xA8, 0x37, 0x02, 0x80, 0x27, 0xBE, 0x0D, 0x67, 0x0F, 0x47, 0x06, 0x16, 0x00, 0x8A, 0x12, 0x3A, 0x5B, 0x41, 0xDB, 0x11, 0xF4, 0x00, 0xAC, 0xCF, 0xDD, 0x96, 0xDB, 0x5F, 0xAA, 0xAE, 0x00, 0x6D, 0x3C, 0x2E, 0x7F, 0x8B, 0x72, 0xA3, 0x56, 0x00, 0x47, 0x7A, 0xF8, 0x43, 0x6B, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 +}; + +#endif \ No newline at end of file diff --git a/makerom.c b/makerom.c new file mode 100644 index 0000000..7ae172b --- /dev/null +++ b/makerom.c @@ -0,0 +1,93 @@ +#include "lib.h" +#include "ncch.h" +#include "ncsd.h" +#include "cia.h" + +int main(int argc, char *argv[]) +{ + // Setting up user settings + user_settings *usrset = malloc(sizeof(user_settings)); + if(usrset == NULL) {fprintf(stderr,"[!] MEM ERROR\n"); return -1;} + init_UserSettings(usrset); + + int result; + + // Parsing command args + result = ParseArgs(argc,argv,usrset); + if(result < 0) goto fail_finalise; + + // Import RSF/DESC Settings if present + result = GetYamlSettings(usrset); + if(result < 0) goto fail_finalise; + + // Setup Content 0 + if(!usrset->IsBuildingNCCH0){ // Import Content 0 + if(usrset->Content0IsNcch){ + FILE *ncch0 = fopen(usrset->ContentPath[0],"rb"); + if(!ncch0) {fprintf(stderr,"[MAKEROM ERROR] Failed to open Content 0: %s\n",usrset->ContentPath[0]); goto fail_finalise;} + fclose(ncch0); + usrset->Content0.size = GetFileSize_u64(usrset->ContentPath[0]); + usrset->Content0.buffer = malloc(usrset->Content0.size); + ncch0 = fopen(usrset->ContentPath[0],"rb"); + ReadFile_64(usrset->Content0.buffer, usrset->Content0.size,0,ncch0); + fclose(ncch0); + } + else if(usrset->Content0IsSrl){ + FILE *srl = fopen(usrset->SrlPath,"rb"); + if(!srl) {fprintf(stderr,"[MAKEROM ERROR] Failed to open SRL: %s\n",usrset->SrlPath); goto fail_finalise;} + fclose(srl); + u64 size = GetFileSize_u64(usrset->SrlPath); + usrset->Content0.size = align_value(size,0x10); + usrset->Content0.buffer = malloc(usrset->Content0.size); + srl = fopen(usrset->SrlPath,"rb"); + ReadFile_64(usrset->Content0.buffer,size,0,srl); + fclose(srl); + } + else if(usrset->Content0IsCci){ + FILE *cci = fopen(usrset->CciPath,"rb"); + if(!cci) {fprintf(stderr,"[MAKEROM ERROR] Failed to open CCI: %s\n",usrset->CciPath); goto fail_finalise;} + fclose(cci); + usrset->Content0.size = GetFileSize_u64(usrset->CciPath); + usrset->Content0.buffer = malloc(usrset->Content0.size); + cci = fopen(usrset->CciPath,"rb"); + ReadFile_64(usrset->Content0.buffer, usrset->Content0.size,0,cci); + fclose(cci); + } + } + else{// Build Content 0 + result = build_NCCH(usrset); + if(result < 0) { + fprintf(stderr,"[ERROR] %s generation failed\n",usrset->build_ncch_type == CXI? "CXI" : "CFA"); + fprintf(stderr,"[RESULT] Failed to build outfile\n"); + goto fail_finalise; + } + } + // Make CCI + if(usrset->out_format == CCI){ + result = build_CCI(usrset); + if(result < 0) { fprintf(stderr,"[RESULT] Failed to build CCI\n"); goto fail_finalise; } + } + // Make CIA + else if(usrset->out_format == CIA){ + result = build_CIA(usrset); + if(result < 0) { fprintf(stderr,"[RESULT] Failed to build CIA\n"); goto fail_finalise; } + } + // No Container Raw CXI/CFA + else if(usrset->out_format == CXI || usrset->out_format == CFA){ + FILE *ncch_out = fopen(usrset->outfile,"wb"); + if(!ncch_out) { + fprintf(stderr,"[ERROR] Failed to create '%s'\n",usrset->outfile); + fprintf(stderr,"[RESULT] Failed to build '%s'\n",usrset->out_format == CXI? "CXI" : "CFA"); + result = FAILED_TO_CREATE_OUTFILE; + goto fail_finalise; + } + WriteBuffer(usrset->Content0.buffer,usrset->Content0.size,0,ncch_out); + fclose(ncch_out); + } + + free_UserSettings(usrset); + return 0; +fail_finalise: + free_UserSettings(usrset); + return result; +} \ No newline at end of file diff --git a/makerom.h b/makerom.h new file mode 100644 index 0000000..e69de29 diff --git a/ncch.c b/ncch.c new file mode 100644 index 0000000..07627ff --- /dev/null +++ b/ncch.c @@ -0,0 +1,1045 @@ +#include "lib.h" +#include "ncch.h" +#include "exheader.h" +#include "elf.h" +#include "exefs.h" +#include "romfs.h" +#include "titleid.h" +#include "logo_data.h" + +// Private Prototypes +int SignCFA(u8 *Signature, u8 *CFA_HDR, keys_struct *keys); +int CheckCFASignature(u8 *Signature, u8 *CFA_HDR, keys_struct *keys); +int SignCXI(u8 *Signature, u8 *CXI_HDR, u8 *PubK, u8 *PrivK); +int CheckCXISignature(u8 *Signature, u8 *CXI_HDR, u8 *PubK); + +void init_NCCHSettings(ncch_settings *set); +void free_NCCHSettings(ncch_settings *set); +int get_NCCHSettings(ncch_settings *ncchset, user_settings *usrset); +int SetBasicOptions(ncch_settings *ncchset, user_settings *usrset); +int CreateInputFilePtrs(ncch_settings *ncchset, user_settings *usrset); +int ImportNonCodeExeFsSections(ncch_settings *ncchset); +int ImportLogo(ncch_settings *ncchset); + +int SetCommonHeaderBasicData(ncch_settings *ncchset, NCCH_Header *hdr); +int SetCommonHeaderSectionData(ncch_settings *ncchset, NCCH_Header *hdr); +bool IsValidProductCode(char *ProductCode, bool FreeProductCode); + +int BuildCommonHeader(ncch_settings *ncchset); +int EncryptNCCHSections(ncch_settings *ncchset); +int WriteNCCHSectionsToBuffer(ncch_settings *ncchset); + +// Code + +int SignCFA(u8 *Signature, u8 *CFA_HDR, keys_struct *keys) +{ + return ctr_sig(CFA_HDR,sizeof(NCCH_Header),Signature,keys->rsa.CFA_Pub,keys->rsa.CFA_Priv,RSA_2048_SHA256,CTR_RSA_SIGN); +} + +int CheckCFASignature(u8 *Signature, u8 *CFA_HDR, keys_struct *keys) +{ + return ctr_sig(CFA_HDR,sizeof(NCCH_Header),Signature,keys->rsa.CFA_Pub,NULL,RSA_2048_SHA256,CTR_RSA_VERIFY); +} + +int SignCXI(u8 *Signature, u8 *CXI_HDR, u8 *PubK, u8 *PrivK) +{ + return ctr_sig(CXI_HDR,sizeof(NCCH_Header),Signature,PubK,PrivK,RSA_2048_SHA256,CTR_RSA_SIGN); +} + +int CheckCXISignature(u8 *Signature, u8 *CXI_HDR, u8 *PubK) +{ + int result = ctr_sig(CXI_HDR,sizeof(NCCH_Header),Signature,PubK,NULL,RSA_2048_SHA256,CTR_RSA_VERIFY); + return result; +} + +// NCCH Build Functions + +int build_NCCH(user_settings *usrset) +{ + int result; + + // Init Settings + ncch_settings *ncchset = malloc(sizeof(ncch_settings)); + if(!ncchset) {fprintf(stderr,"[NCCH ERROR] MEM ERROR\n"); return MEM_ERROR;} + init_NCCHSettings(ncchset); + + // Get Settings + result = get_NCCHSettings(ncchset,usrset); + if(result) goto finish; + + // Build ExeFs Code Section + result = BuildExeFsCode(ncchset); + if(result) goto finish; + +#ifdef ELF_DEBUG + FILE *code = fopen("code.bin","wb"); + fwrite(ncchset->ExeFs_Sections.Code.buffer,ncchset->ExeFs_Sections.Code.size,1,code); + fclose(code); + u8 hash[0x20]; + ctr_sha(ncchset->ExeFs_Sections.Code.buffer,ncchset->ExeFs_Sections.Code.size,hash,CTR_SHA_256); + printf("BSS Size: 0x%x\n",ncchset->CodeDetails.BSS_Size); + printf("Code Size: 0x%x\n",ncchset->ExeFs_Sections.Code.size); + memdump(stdout,"Code Hash: ",hash,0x20); +#endif + + // Build ExHeader + result = BuildExHeader(ncchset); + if(result) goto finish; + + + // Build ExeFs/RomFs + result = BuildExeFs(ncchset); + if(result) goto finish; + result = BuildRomFs(ncchset); + if(result) goto finish; + + // Final Steps + result = BuildCommonHeader(ncchset); + if(result) goto finish; + result = EncryptNCCHSections(ncchset); + if(result) goto finish; + result = WriteNCCHSectionsToBuffer(ncchset); + if(result) goto finish; +finish: + if(result) fprintf(stderr,"[NCCH ERROR] NCCH Build Process Failed\n"); + free_NCCHSettings(ncchset); + return result; +} + +void init_NCCHSettings(ncch_settings *set) +{ + memset(set,0,sizeof(ncch_settings)); +} + +void free_NCCHSettings(ncch_settings *set) +{ + if(set->CxiRsaKey.PrivK) free(set->CxiRsaKey.PrivK); + if(set->CxiRsaKey.PubK) free(set->CxiRsaKey.PubK); + + if(set->ComponentFilePtrs.elf) fclose(set->ComponentFilePtrs.elf); + if(set->ComponentFilePtrs.banner) fclose(set->ComponentFilePtrs.banner); + if(set->ComponentFilePtrs.icon) fclose(set->ComponentFilePtrs.icon); + if(set->ComponentFilePtrs.logo) fclose(set->ComponentFilePtrs.logo); + if(set->ComponentFilePtrs.code) fclose(set->ComponentFilePtrs.code); + if(set->ComponentFilePtrs.exheader) fclose(set->ComponentFilePtrs.exheader); + if(set->ComponentFilePtrs.romfs) fclose(set->ComponentFilePtrs.romfs); + if(set->ComponentFilePtrs.plainregion) fclose(set->ComponentFilePtrs.plainregion); + + if(set->ExeFs_Sections.Code.size) free(set->ExeFs_Sections.Code.buffer); + if(set->ExeFs_Sections.Banner.size) free(set->ExeFs_Sections.Banner.buffer); + if(set->ExeFs_Sections.Icon.size) free(set->ExeFs_Sections.Icon.buffer); + + if(set->Sections.CommonHeader.size) free(set->Sections.CommonHeader.buffer); + if(set->Sections.ExHeader.size) free(set->Sections.ExHeader.buffer); + if(set->Sections.Logo.size) free(set->Sections.Logo.buffer); + if(set->Sections.PlainRegion.size) free(set->Sections.PlainRegion.buffer); + if(set->Sections.ExeFs.size) free(set->Sections.ExeFs.buffer); + if(set->Sections.RomFs.size) free(set->Sections.RomFs.buffer); + + memset(set,0,sizeof(ncch_settings)); + + free(set); +} + +int get_NCCHSettings(ncch_settings *ncchset, user_settings *usrset) +{ + int result = 0; + ncchset->out = &usrset->Content0; + ncchset->yaml_set = &usrset->yaml_set; + ncchset->keys = &usrset->keys; + + result = SetBasicOptions(ncchset,usrset); + if(result) return result; + result = CreateInputFilePtrs(ncchset,usrset); + if(result) return result; + result = ImportNonCodeExeFsSections(ncchset); + if(result) return result; + result = ImportLogo(ncchset); + if(result) return result; + + + return 0; +} + +int SetBasicOptions(ncch_settings *ncchset, user_settings *usrset) +{ + int result = 0; + + /* Options */ + ncchset->Options.MediaSize = 0x200; + + ncchset->Options.IncludeExeFsLogo = usrset->include_exefs_logo; + + if(usrset->yaml_set.DefaultSpec.Option.EnableCompress != -1) ncchset->Options.CompressCode = usrset->yaml_set.DefaultSpec.Option.EnableCompress; + else ncchset->Options.CompressCode = true; + + if(usrset->yaml_set.DefaultSpec.Option.UseOnSD != -1) ncchset->Options.UseOnSD = usrset->yaml_set.DefaultSpec.Option.UseOnSD; + else ncchset->Options.UseOnSD = false; + + if(usrset->yaml_set.DefaultSpec.Option.EnableCrypt != -1) ncchset->Options.Encrypt = usrset->yaml_set.DefaultSpec.Option.EnableCrypt; + else ncchset->Options.Encrypt = true; + + if(usrset->yaml_set.DefaultSpec.Option.FreeProductCode != -1) ncchset->Options.FreeProductCode = usrset->yaml_set.DefaultSpec.Option.FreeProductCode; + else ncchset->Options.FreeProductCode = false; + + ncchset->Options.IsCfa = (usrset->build_ncch_type == CFA); + + ncchset->Options.IsBuildingCodeSection = (usrset->elf_path != NULL); + + ncchset->Options.accessdesc = usrset->accessdesc; + + ncchset->CxiRsaKey.PrivK = malloc(0x100); + ncchset->CxiRsaKey.PubK = malloc(0x100); + + return result; +} + +int CreateInputFilePtrs(ncch_settings *ncchset, user_settings *usrset) +{ + if(usrset->elf_path){ + ncchset->ComponentFilePtrs.elf_size = GetFileSize_u64(usrset->elf_path); + ncchset->ComponentFilePtrs.elf = fopen(usrset->elf_path,"rb"); + if(!ncchset->ComponentFilePtrs.elf){ + fprintf(stderr,"[NCCH ERROR] Failed to open elf file '%s'\n",usrset->elf_path); + return FAILED_TO_IMPORT_FILE; + } + } + if(usrset->banner_path){ + ncchset->ComponentFilePtrs.banner_size = GetFileSize_u64(usrset->banner_path); + ncchset->ComponentFilePtrs.banner = fopen(usrset->banner_path,"rb"); + if(!ncchset->ComponentFilePtrs.banner){ + fprintf(stderr,"[NCCH ERROR] Failed to open banner file '%s'\n",usrset->banner_path); + return FAILED_TO_IMPORT_FILE; + } + } + if(usrset->icon_path){ + ncchset->ComponentFilePtrs.icon_size = GetFileSize_u64(usrset->icon_path); + ncchset->ComponentFilePtrs.icon = fopen(usrset->icon_path,"rb"); + if(!ncchset->ComponentFilePtrs.icon){ + fprintf(stderr,"[NCCH ERROR] Failed to open icon file '%s'\n",usrset->icon_path); + return FAILED_TO_IMPORT_FILE; + } + } + if(usrset->logo_path){ + ncchset->ComponentFilePtrs.logo_size = GetFileSize_u64(usrset->logo_path); + ncchset->ComponentFilePtrs.logo = fopen(usrset->logo_path,"rb"); + if(!ncchset->ComponentFilePtrs.logo){ + fprintf(stderr,"[NCCH ERROR] Failed to open logo file '%s'\n",usrset->logo_path); + return FAILED_TO_IMPORT_FILE; + } + } + + if(usrset->exefs_code_path){ + ncchset->ComponentFilePtrs.code_size = GetFileSize_u64(usrset->exefs_code_path); + ncchset->ComponentFilePtrs.code = fopen(usrset->exefs_code_path,"rb"); + if(!ncchset->ComponentFilePtrs.code){ + fprintf(stderr,"[NCCH ERROR] Failed to open ExeFs Code file '%s'\n",usrset->exefs_code_path); + return FAILED_TO_IMPORT_FILE; + } + } + if(usrset->exheader_path){ + ncchset->ComponentFilePtrs.exheader_size = GetFileSize_u64(usrset->exheader_path); + ncchset->ComponentFilePtrs.exheader = fopen(usrset->exheader_path,"rb"); + if(!ncchset->ComponentFilePtrs.exheader){ + fprintf(stderr,"[NCCH ERROR] Failed to open ExHeader file '%s'\n",usrset->exheader_path); + return FAILED_TO_IMPORT_FILE; + } + } + if(usrset->romfs_path){ + ncchset->ComponentFilePtrs.romfs_size = GetFileSize_u64(usrset->romfs_path); + ncchset->ComponentFilePtrs.romfs = fopen(usrset->romfs_path,"rb"); + if(!ncchset->ComponentFilePtrs.romfs){ + fprintf(stderr,"[NCCH ERROR] Failed to open RomFs file '%s'\n",usrset->romfs_path); + return FAILED_TO_IMPORT_FILE; + } + } + if(usrset->plain_region_path){ + ncchset->ComponentFilePtrs.plainregion_size = GetFileSize_u64(usrset->plain_region_path); + ncchset->ComponentFilePtrs.plainregion = fopen(usrset->plain_region_path,"rb"); + if(!ncchset->ComponentFilePtrs.plainregion){ + fprintf(stderr,"[NCCH ERROR] Failed to open PlainRegion file '%s'\n",usrset->plain_region_path); + return FAILED_TO_IMPORT_FILE; + } + } + return 0; +} + +int ImportNonCodeExeFsSections(ncch_settings *ncchset) +{ + if(ncchset->ComponentFilePtrs.banner){ + ncchset->ExeFs_Sections.Banner.size = ncchset->ComponentFilePtrs.banner_size; + ncchset->ExeFs_Sections.Banner.buffer = malloc(ncchset->ExeFs_Sections.Banner.size); + if(!ncchset->ExeFs_Sections.Banner.buffer) {fprintf(stderr,"[NCCH ERROR] MEM ERROR\n"); return MEM_ERROR;} + ReadFile_64(ncchset->ExeFs_Sections.Banner.buffer,ncchset->ExeFs_Sections.Banner.size,0,ncchset->ComponentFilePtrs.banner); + } + if(ncchset->ComponentFilePtrs.icon){ + ncchset->ExeFs_Sections.Icon.size = ncchset->ComponentFilePtrs.icon_size; + ncchset->ExeFs_Sections.Icon.buffer = malloc(ncchset->ExeFs_Sections.Icon.size); + if(!ncchset->ExeFs_Sections.Icon.buffer) {fprintf(stderr,"[NCCH ERROR] MEM ERROR\n"); return MEM_ERROR;} + ReadFile_64(ncchset->ExeFs_Sections.Icon.buffer,ncchset->ExeFs_Sections.Icon.size,0,ncchset->ComponentFilePtrs.icon); + } + return 0; +} + +int ImportLogo(ncch_settings *ncchset) +{ + if(ncchset->ComponentFilePtrs.logo){ + ncchset->Sections.Logo.size = ncchset->ComponentFilePtrs.logo_size; + ncchset->Sections.Logo.buffer = malloc(ncchset->Sections.Logo.size); + if(!ncchset->Sections.Logo.buffer) {fprintf(stderr,"[NCCH ERROR] MEM ERROR\n"); return MEM_ERROR;} + ReadFile_64(ncchset->Sections.Logo.buffer,ncchset->Sections.Logo.size,0,ncchset->ComponentFilePtrs.logo); + } + else if(ncchset->yaml_set->DefaultSpec.BasicInfo.Logo){ + if(strcasecmp(ncchset->yaml_set->DefaultSpec.BasicInfo.Logo,"nintendo") == 0){ + ncchset->Sections.Logo.size = 0x2000; + ncchset->Sections.Logo.buffer = malloc(ncchset->Sections.Logo.size); + if(!ncchset->Sections.Logo.buffer) {fprintf(stderr,"[NCCH ERROR] MEM ERROR\n"); return MEM_ERROR;} + memcpy(ncchset->Sections.Logo.buffer,Nintendo_LZ,0x2000); + } + else if(strcasecmp(ncchset->yaml_set->DefaultSpec.BasicInfo.Logo,"licensed") == 0){ + ncchset->Sections.Logo.size = 0x2000; + ncchset->Sections.Logo.buffer = malloc(ncchset->Sections.Logo.size); + if(!ncchset->Sections.Logo.buffer) {fprintf(stderr,"[NCCH ERROR] MEM ERROR\n"); return MEM_ERROR;} + memcpy(ncchset->Sections.Logo.buffer,Nintendo_LicensedBy_LZ,0x2000); + } + else if(strcasecmp(ncchset->yaml_set->DefaultSpec.BasicInfo.Logo,"distributed") == 0){ + ncchset->Sections.Logo.size = 0x2000; + ncchset->Sections.Logo.buffer = malloc(ncchset->Sections.Logo.size); + if(!ncchset->Sections.Logo.buffer) {fprintf(stderr,"[NCCH ERROR] MEM ERROR\n"); return MEM_ERROR;} + memcpy(ncchset->Sections.Logo.buffer,Nintendo_DistributedBy_LZ,0x2000); + } + else if(strcasecmp(ncchset->yaml_set->DefaultSpec.BasicInfo.Logo,"ique") == 0){ + ncchset->Sections.Logo.size = 0x2000; + ncchset->Sections.Logo.buffer = malloc(ncchset->Sections.Logo.size); + if(!ncchset->Sections.Logo.buffer) {fprintf(stderr,"[NCCH ERROR] MEM ERROR\n"); return MEM_ERROR;} + memcpy(ncchset->Sections.Logo.buffer,iQue_with_ISBN_LZ,0x2000); + } + else if(strcasecmp(ncchset->yaml_set->DefaultSpec.BasicInfo.Logo,"ique_without_isbn") == 0){ + ncchset->Sections.Logo.size = 0x2000; + ncchset->Sections.Logo.buffer = malloc(ncchset->Sections.Logo.size); + if(!ncchset->Sections.Logo.buffer) {fprintf(stderr,"[NCCH ERROR] MEM ERROR\n"); return MEM_ERROR;} + memcpy(ncchset->Sections.Logo.buffer,iQue_without_ISBN_LZ,0x2000); + } + else if(strcasecmp(ncchset->yaml_set->DefaultSpec.BasicInfo.Logo,"none") != 0){ + fprintf(stderr,"[NCCH ERROR] Invalid logo name\n"); + return NCCH_BAD_YAML_SET; + } + } + return 0; +} + +int SetCommonHeaderBasicData(ncch_settings *ncchset, NCCH_Header *hdr) +{ + /* NCCH Format Version */ + u16_to_u8(hdr->version,0x2,LE); + + /* Setting ProgramId/TitleId */ + u64 ProgramId = 0; + int result = GetProgramID(&ProgramId,ncchset->yaml_set,false); + if(result) return result; + + u64_to_u8(hdr->program_id,ProgramId,LE); + u64_to_u8(hdr->title_id,ProgramId,LE); + + /* Get Product Code and Maker Code */ + if(ncchset->yaml_set->DefaultSpec.BasicInfo.ProductCode){ + if(!IsValidProductCode((char*)ncchset->yaml_set->DefaultSpec.BasicInfo.ProductCode,ncchset->Options.FreeProductCode)){ + fprintf(stderr,"[NCCH ERROR] Invalid Product Code\n"); + return NCCH_BAD_YAML_SET; + } + memcpy(hdr->product_code,ncchset->yaml_set->DefaultSpec.BasicInfo.ProductCode,strlen((char*)ncchset->yaml_set->DefaultSpec.BasicInfo.ProductCode)); + } + else memcpy(hdr->product_code,"CTR-P-CTAP",10); + + if(ncchset->yaml_set->DefaultSpec.BasicInfo.CompanyCode){ + if(strlen((char*)ncchset->yaml_set->DefaultSpec.BasicInfo.CompanyCode) != 2){ + fprintf(stderr,"[NCCH ERROR] Company code length must be 2\n"); + return NCCH_BAD_YAML_SET; + } + memcpy(hdr->maker_code,ncchset->yaml_set->DefaultSpec.BasicInfo.CompanyCode,2); + } + else memcpy(hdr->maker_code,"00",2); + + /* Set ContentUnitSize */ + hdr->flags[ContentUnitSize] = 0; + + /* Setting ContentPlatform */ + if(ncchset->yaml_set->DefaultSpec.TitleInfo.Platform){ + if(strcasecmp(ncchset->yaml_set->DefaultSpec.TitleInfo.Platform,"ctr") == 0) hdr->flags[ContentPlatform] = 1; + else{ + fprintf(stderr,"[NCCH ERROR] Invalid Platform: %s\n",ncchset->yaml_set->DefaultSpec.TitleInfo.Platform); + return NCCH_BAD_YAML_SET; + } + } + else + hdr->flags[ContentPlatform] = 1; // CTR + + /* Setting OtherFlag */ + hdr->flags[OtherFlag] = FixedCryptoKey; + if(!ncchset->Options.Encrypt) hdr->flags[OtherFlag] |= NoCrypto; + if(!ncchset->Sections.RomFs.size) hdr->flags[OtherFlag] |= NoMountRomFs; + + + /* Setting ContentType */ + hdr->flags[ContentType] = 0; + if(ncchset->Sections.RomFs.size) hdr->flags[ContentType] |= RomFS; + if(ncchset->Sections.ExeFs.size) hdr->flags[ContentType] |= ExeFS; + if(ncchset->yaml_set->DefaultSpec.BasicInfo.ContentType){ + if(strcmp(ncchset->yaml_set->DefaultSpec.BasicInfo.ContentType,"Application") == 0) hdr->flags[ContentType] |= 0; + else if(strcmp(ncchset->yaml_set->DefaultSpec.BasicInfo.ContentType,"SystemUpdate") == 0) hdr->flags[ContentType] |= SystemUpdate; + else if(strcmp(ncchset->yaml_set->DefaultSpec.BasicInfo.ContentType,"Manual") == 0) hdr->flags[ContentType] |= Manual; + else if(strcmp(ncchset->yaml_set->DefaultSpec.BasicInfo.ContentType,"Child") == 0) hdr->flags[ContentType] |= Child; + else if(strcmp(ncchset->yaml_set->DefaultSpec.BasicInfo.ContentType,"Trial") == 0) hdr->flags[ContentType] |= Trial; + else{ + fprintf(stderr,"[NCCH ERROR] Invalid ContentType '%s'\n",ncchset->yaml_set->DefaultSpec.BasicInfo.ContentType); + return NCCH_BAD_YAML_SET; + } + } + + return 0; +} + +int SetCommonHeaderSectionData(ncch_settings *ncchset, NCCH_Header *hdr) +{ + /* Set Sizes/Hashes to Hdr */ + u32 ExHeaderSize = (u32) ncchset->Sections.ExHeader.size - 0x400; + u32 LogoSize = (u32) (ncchset->Sections.Logo.size/ncchset->Options.MediaSize); + u32 PlainRegionSize = (u32) (ncchset->Sections.PlainRegion.size/ncchset->Options.MediaSize); + u32 ExeFsSize = (u32) (ncchset->Sections.ExeFs.size/ncchset->Options.MediaSize); + u32 ExeFsHashSize = (u32) ExeFsSize? ncchset->Options.MediaSize/ncchset->Options.MediaSize : 0; + u32 RomFsSize = (u32) (ncchset->Sections.RomFs.size/ncchset->Options.MediaSize); + u32 RomFsHashSize = (u32) RomFsSize? ncchset->Options.MediaSize/ncchset->Options.MediaSize : 0; + + u32_to_u8(hdr->extended_header_size,ExHeaderSize,LE); + if(ExHeaderSize) ctr_sha(ncchset->Sections.ExHeader.buffer,ExHeaderSize,hdr->extended_header_sha_256_hash,CTR_SHA_256); + + u32_to_u8(hdr->logo_region_size,LogoSize,LE); + if(LogoSize) ctr_sha(ncchset->Sections.Logo.buffer,ncchset->Sections.Logo.size,hdr->logo_sha_256_hash,CTR_SHA_256); + + u32_to_u8(hdr->plain_region_size,PlainRegionSize,LE); + + u32_to_u8(hdr->exefs_size,ExeFsSize,LE); + u32_to_u8(hdr->exefs_hash_size,ExeFsHashSize,LE); + if(ExeFsSize) ctr_sha(ncchset->Sections.ExeFs.buffer,ncchset->Options.MediaSize,hdr->exefs_sha_256_hash,CTR_SHA_256); + + u32_to_u8(hdr->romfs_size,RomFsSize,LE); + u32_to_u8(hdr->romfs_hash_size,RomFsHashSize,LE); + if(RomFsSize) ctr_sha(ncchset->Sections.RomFs.buffer,ncchset->Options.MediaSize,hdr->romfs_sha_256_hash,CTR_SHA_256); + + + /* Get Section Offsets */ + u32 size = 1; + if (ExHeaderSize) + size += 4; + + if (LogoSize){ + u32_to_u8(hdr->logo_region_offset,size,LE); + ncchset->Sections.LogoOffset = size*ncchset->Options.MediaSize; + size += LogoSize; + } + + if(PlainRegionSize){ + u32_to_u8(hdr->plain_region_offset,size,LE); + ncchset->Sections.PlainRegionOffset = size*ncchset->Options.MediaSize; + size += PlainRegionSize; + } + + if (ExeFsSize){ + u32_to_u8(hdr->exefs_offset,size,LE); + ncchset->Sections.ExeFsOffset = size*ncchset->Options.MediaSize; + size += ExeFsSize; + } + + if (RomFsSize){ + u32_to_u8(hdr->romfs_offset,size,LE); + ncchset->Sections.RomFsOffset = size*ncchset->Options.MediaSize; + size += RomFsSize; + } + + u32_to_u8(hdr->content_size,size,LE); + + ncchset->Sections.TotalContentSize = size * ncchset->Options.MediaSize; + + return 0; +} + +bool IsValidProductCode(char *ProductCode, bool FreeProductCode) +{ + if(strlen(ProductCode) > 16) return false; + + if(FreeProductCode) + return true; + + if(strlen(ProductCode) < 10) return false; + if(strncmp(ProductCode,"CTR-",4) != 0) return false; + if(ProductCode[5] != '-') return false; + if(!isdigit(ProductCode[4]) && !isupper(ProductCode[4])) return false; + for(int i = 6; i < 10; i++){ + if(!isdigit(ProductCode[i]) && !isupper(ProductCode[i])) return false; + } + + return true; +} + +int BuildCommonHeader(ncch_settings *ncchset) +{ + int result = 0; + + // Initialising Header + ncchset->Sections.CommonHeader.size = 0x100 + sizeof(NCCH_Header); + ncchset->Sections.CommonHeader.buffer = malloc(ncchset->Sections.CommonHeader.size); + if(!ncchset->Sections.CommonHeader.buffer) { fprintf(stderr,"[NCCH ERROR] MEM ERROR\n"); return MEM_ERROR; } + memset(ncchset->Sections.CommonHeader.buffer,0,ncchset->Sections.CommonHeader.size); + + // Creating Ptrs + u8 *sig = ncchset->Sections.CommonHeader.buffer; + NCCH_Header *hdr = (NCCH_Header*)(ncchset->Sections.CommonHeader.buffer+0x100); + + // Setting Data in Hdr + memcpy(hdr->magic,"NCCH",4); + + result = SetCommonHeaderBasicData(ncchset,hdr); + if(result) return result; + + result = SetCommonHeaderSectionData(ncchset,hdr); + if(result) return result; + + + // Signing Hdr + int sig_result = Good; + if(ncchset->Options.IsCfa) sig_result = SignCFA(sig,(u8*)hdr,ncchset->keys); + else sig_result = SignCXI(sig,(u8*)hdr,ncchset->CxiRsaKey.PubK,ncchset->CxiRsaKey.PrivK); + if(sig_result != Good){ + fprintf(stderr,"[NCCH ERROR] Failed to sign %s header\n",ncchset->Options.IsCfa ? "CFA" : "CXI"); + return sig_result; + } + + return 0; +} + +int EncryptNCCHSections(ncch_settings *ncchset) +{ + if(!ncchset->Options.Encrypt) return 0; + + /* Getting NCCH_STRUCT */ + NCCH_Header *hdr = GetNCCH_CommonHDR(NULL,NULL,ncchset->Sections.CommonHeader.buffer); + NCCH_STRUCT *ncch = malloc(sizeof(NCCH_STRUCT)); + if(!ncch) { fprintf(stderr,"[NCCH ERROR] MEM ERROR\n"); return MEM_ERROR;} + memset(ncch,0,sizeof(NCCH_STRUCT)); + GetCXIStruct(ncch,hdr); + + u8 *ncch_key = GetNCCHKey(hdr,ncchset->keys); + + if(ncchset->Sections.ExHeader.size) + CryptNCCHSection(ncchset->Sections.ExHeader.buffer,ncchset->Sections.ExHeader.size,0,ncch,ncch_key,ncch_ExHeader); + + if(ncchset->Sections.ExeFs.size) + CryptNCCHSection(ncchset->Sections.ExeFs.buffer,ncchset->Sections.ExeFs.size,0,ncch,ncch_key,ncch_exefs); + + if(ncchset->Sections.RomFs.size) + CryptNCCHSection(ncchset->Sections.RomFs.buffer,ncchset->Sections.RomFs.size,0,ncch,ncch_key,ncch_romfs); + + return 0; +} + +int WriteNCCHSectionsToBuffer(ncch_settings *ncchset) +{ + /* Allocating Memory for NCCH, and clearing */ + ncchset->out->size = ncchset->Sections.TotalContentSize; + ncchset->out->buffer = malloc(ncchset->out->size); + if(!ncchset->out->buffer) { fprintf(stderr,"[NCCH ERROR] MEM ERROR\n"); return MEM_ERROR;} + memset(ncchset->out->buffer,0,ncchset->out->size); + + /* Copy Header+Sig */ + memcpy(ncchset->out->buffer,ncchset->Sections.CommonHeader.buffer,ncchset->Sections.CommonHeader.size); + + /* Copy Exheader+AccessDesc */ + if(ncchset->Sections.ExHeader.size) + memcpy(ncchset->out->buffer+0x200,ncchset->Sections.ExHeader.buffer,ncchset->Sections.ExHeader.size); + + /* Copy Logo */ + if(ncchset->Sections.Logo.size) + memcpy(ncchset->out->buffer+ncchset->Sections.LogoOffset,ncchset->Sections.Logo.buffer,ncchset->Sections.Logo.size); + + /* Copy PlainRegion */ + if(ncchset->Sections.PlainRegion.size) + memcpy(ncchset->out->buffer+ncchset->Sections.PlainRegionOffset,ncchset->Sections.PlainRegion.buffer,ncchset->Sections.PlainRegion.size); + + /* Copy ExeFs */ + if(ncchset->Sections.ExeFs.size) + memcpy(ncchset->out->buffer+ncchset->Sections.ExeFsOffset,ncchset->Sections.ExeFs.buffer,ncchset->Sections.ExeFs.size); + + /* Copy RomFs */ + if(ncchset->Sections.RomFs.size) + memcpy(ncchset->out->buffer+ncchset->Sections.RomFsOffset,ncchset->Sections.RomFs.buffer,ncchset->Sections.RomFs.size); + + return 0; +} + +// NCCH Read Functions + +int VerifyNCCH(u8 *ncch, keys_struct *keys, bool SuppressOutput) +{ + // Setup + u8 Hash[0x20]; + u8 *hdr_sig = ncch; + NCCH_Header* hdr = GetNCCH_CommonHDR(NULL,NULL,ncch); + + NCCH_STRUCT *ncch_ctx = malloc(sizeof(NCCH_STRUCT)); + if(!ncch_ctx){ fprintf(stderr,"[NCCH ERROR] MEM ERROR\n"); return MEM_ERROR; } + memset(ncch_ctx,0x0,sizeof(NCCH_STRUCT)); + GetCXIStruct(ncch_ctx,hdr); + + if(IsCfa(hdr)){ + if(CheckCFASignature(hdr_sig,(u8*)hdr,keys) != Good){ +#ifdef RETAIL_FSIGN + if(!SuppressOutput) fprintf(stderr,"[NCCH WARNING] CFA Sigcheck Failed\n"); +#else + if(!SuppressOutput) fprintf(stderr,"[NCCH ERROR] CFA Sigcheck Failed\n"); + free(ncch_ctx); + return NCCH_HDR_SIG_BAD; +#endif + } + if(!ncch_ctx->romfs_size){ + if(!SuppressOutput) fprintf(stderr,"[NCCH ERROR] CFA is corrupt\n"); + free(ncch_ctx); + return NO_ROMFS_IN_CFA; + } + u8 *RomFs = malloc(ncch_ctx->romfs_hash_src_size); + if(!RomFs){ + fprintf(stderr,"[NCCH ERROR] MEM ERROR\n"); + free(ncch_ctx); + return MEM_ERROR; + } + int ret = GetNCCHSection(RomFs,ncch_ctx->romfs_hash_src_size,0,ncch,ncch_ctx,keys,ncch_romfs); + if(ret != 0 && ret != UNABLE_TO_LOAD_NCCH_KEY){ + if(!SuppressOutput) fprintf(stderr,"[NCCH ERROR] CFA is corrupt\n"); + free(ncch_ctx); + free(RomFs); + return CXI_CORRUPT; + } + else if(ret == UNABLE_TO_LOAD_NCCH_KEY){ + if(!SuppressOutput) fprintf(stderr,"[NCCH ERROR] Failed to load ncch aes key.\n"); + free(ncch_ctx); + free(RomFs); + return UNABLE_TO_LOAD_NCCH_KEY; + } + + ctr_sha(RomFs,ncch_ctx->romfs_hash_src_size,Hash,CTR_SHA_256); + free(RomFs); + if(memcmp(Hash,hdr->romfs_sha_256_hash,0x20) != 0){ + if(!SuppressOutput) fprintf(stderr,"[NCCH ERROR] RomFs Hashcheck Failed\n"); + free(ncch_ctx); + return ExeFs_Hashfail; + } + } + else{ // IsCxi + // Checking for necessary sections + if(!ncch_ctx->exheader_size){ + if(!SuppressOutput) fprintf(stderr,"[NCCH ERROR] CXI is corrupt\n"); + free(ncch_ctx); + return NO_EXHEADER_IN_CXI; + } + if(!ncch_ctx->exefs_size){ + if(!SuppressOutput) fprintf(stderr,"[NCCH ERROR] CXI is corrupt\n"); + free(ncch_ctx); + return NO_EXEFS_IN_CXI; + } + // Get ExHeader + ExtendedHeader_Struct *ExHeader = malloc(ncch_ctx->exheader_size); + if(!ExHeader){ + fprintf(stderr,"[NCCH ERROR] MEM ERROR\n"); + free(ncch_ctx); + return MEM_ERROR; + } + int ret = GetNCCHSection((u8*)ExHeader,ncch_ctx->exheader_size,0,ncch,ncch_ctx,keys,ncch_ExHeader); + if(ret != 0 && ret != UNABLE_TO_LOAD_NCCH_KEY){ + if(!SuppressOutput) fprintf(stderr,"[NCCH ERROR] CXI is corrupt\n"); + free(ncch_ctx); + free(ExHeader); + return CXI_CORRUPT; + } + else if(ret == UNABLE_TO_LOAD_NCCH_KEY){ + if(!SuppressOutput) fprintf(stderr,"[NCCH ERROR] Failed to load ncch aes key.\n"); + free(ncch_ctx); + free(ExHeader); + return UNABLE_TO_LOAD_NCCH_KEY; + } + + // Checking Exheader Hash to see if decryption was sucessful + ctr_sha(ExHeader,0x400,Hash,CTR_SHA_256); + if(memcmp(Hash,hdr->extended_header_sha_256_hash,0x20) != 0){ + if(!SuppressOutput) { + fprintf(stderr,"[NCCH ERROR] ExHeader Hashcheck Failed\n"); + fprintf(stderr,"[NCCH ERROR] CXI is corrupt\n"); + } + free(ncch_ctx); + free(ExHeader); + return ExHeader_Hashfail; + } + + // Checking RSA Sigs + u8 *hdr_pubk = GetNcchHdrPubKey_frm_exhdr(ExHeader); + + if(CheckAccessDescSignature(ExHeader,keys) != 0){ +#ifdef RETAIL_FSIGN + if(!SuppressOutput) fprintf(stderr,"[NCCH WARNING] AccessDesc Sigcheck Failed\n"); +#else + if(!SuppressOutput) fprintf(stderr,"[NCCH ERROR] AccessDesc Sigcheck Failed\n"); + free(ncch_ctx); + free(ExHeader); + return ACCESSDESC_SIG_BAD; +#endif + } + if(CheckCXISignature(hdr_sig,(u8*)hdr,hdr_pubk) != 0){ + if(!SuppressOutput) fprintf(stderr,"[NCCH ERROR] CXI Header Sigcheck Failed\n"); + free(ncch_ctx); + free(ExHeader); + return NCCH_HDR_SIG_BAD; + } + free(ExHeader); + + // It is assumed by this point, everything is fine + + /* Checking ExeFs Hash */ + u8 *ExeFs = malloc(ncch_ctx->exefs_hash_src_size); + if(!ExeFs){ + fprintf(stderr,"[NCCH ERROR] MEM ERROR\n"); + free(ncch_ctx); + return MEM_ERROR; + } + GetNCCHSection(ExeFs,ncch_ctx->exefs_hash_src_size,0,ncch,ncch_ctx,keys,ncch_exefs); + ctr_sha(ExeFs,ncch_ctx->exefs_hash_src_size,Hash,CTR_SHA_256); + free(ExeFs); + if(memcmp(Hash,hdr->exefs_sha_256_hash,0x20) != 0){ + if(!SuppressOutput) fprintf(stderr,"[NCCH ERROR] ExeFs Hashcheck Failed\n"); + free(ncch_ctx); + return ExeFs_Hashfail; + } + + /* Checking RomFs hash, if present */ + if(ncch_ctx->romfs_size){ + u8 *RomFs = malloc(ncch_ctx->romfs_hash_src_size); + if(!RomFs){ + fprintf(stderr,"[NCCH ERROR] MEM ERROR\n"); + free(ncch_ctx); + return MEM_ERROR; + } + GetNCCHSection(RomFs,ncch_ctx->romfs_hash_src_size,0,ncch,ncch_ctx,keys,ncch_romfs); + ctr_sha(RomFs,ncch_ctx->romfs_hash_src_size,Hash,CTR_SHA_256); + free(RomFs); + if(memcmp(Hash,hdr->romfs_sha_256_hash,0x20) != 0){ + if(!SuppressOutput) fprintf(stderr,"[NCCH ERROR] RomFs Hashcheck Failed\n"); + free(ncch_ctx); + return ExeFs_Hashfail; + } + } + + /* Checking the Logo Hash, if present */ + if(ncch_ctx->logo_size){ + u8 *logo = (ncch+ncch_ctx->logo_offset); + ctr_sha(logo,ncch_ctx->logo_size,Hash,CTR_SHA_256); + if(memcmp(Hash,hdr->logo_sha_256_hash,0x20) != 0){ + if(!SuppressOutput) fprintf(stderr,"[NCCH ERROR] Logo Hashcheck Failed\n"); + free(ncch_ctx); + return Logo_Hashfail; + } + } + } + + free(ncch_ctx); + return 0; +} + + +u8* RetargetNCCH(FILE *fp, u64 size, u8 *TitleId, u8 *ProgramId, keys_struct *keys) +{ + u8 *ncch = malloc(size); + if(!ncch){ + fprintf(stderr,"[NCCH ERROR] MEM ERROR\n"); + return NULL; + } + ReadFile_64(ncch,size,0,fp); // Importing + + if(!IsNCCH(NULL,ncch)){ + free(ncch); + return NULL; + } + + NCCH_Header *hdr = NULL; + hdr = GetNCCH_CommonHDR(NULL,NULL,ncch); + + if(!IsCfa(hdr)){ + fprintf(stderr,"[NCCH ERROR] CXI's ID cannot be modified\n"); // Not yet yet, requires AccessDesc Privk, may implement anyway later + free(ncch); + return NULL; + } + + if((memcmp(TitleId,hdr->title_id,8) == 0) && (memcmp(ProgramId,hdr->program_id,8) == 0)) + return ncch;// if no modification is required don't do anything + + if(memcmp(TitleId,hdr->title_id,8) == 0){ // If TitleID Same, no crypto required, just resign. + memcpy(hdr->program_id,ProgramId,8); + SignCFA(ncch,(u8*)hdr,keys); + return ncch; + } + + ncch_key_type keytype = GetNCCHKeyType(hdr); + u8 *key = NULL; + + if(keytype == KeyIsUnFixed || keytype == KeyIsUnFixed2){ + fprintf(stderr,"[NCCH ERROR] Unknown aes key\n"); + free(ncch); + return NULL; + } + + + NCCH_STRUCT ncch_struct; + if(keytype != NoKey){ //Decrypting if necessary + GetCXIStruct(&ncch_struct,hdr); + u8 *romfs = (ncch+ncch_struct.romfs_offset); + key = GetNCCHKey(hdr,keys); + if(key == NULL){ + fprintf(stderr,"[NCCH ERROR] Failed to load ncch aes key\n"); + free(ncch); + return NULL; + } + CryptNCCHSection(romfs,ncch_struct.romfs_size,0,&ncch_struct,key,ncch_romfs); + } + + + memcpy(hdr->title_id,TitleId,8); + memcpy(hdr->program_id,ProgramId,8); + + //Checking New Fixed Key Type + keytype = GetNCCHKeyType(hdr); + + if(keytype != NoKey){ // Re-encrypting if necessary + GetCXIStruct(&ncch_struct,hdr); + u8 *romfs = (ncch+ncch_struct.romfs_offset); + key = GetNCCHKey(hdr,keys); + if(key == NULL){ + fprintf(stderr,"[NCCH ERROR] Failed to load ncch aes key\n"); + free(ncch); + return NULL; + } + CryptNCCHSection(romfs,ncch_struct.romfs_size,0,&ncch_struct,key,ncch_romfs); + } + + SignCFA(ncch,(u8*)hdr,keys); + + return ncch; +} + + +NCCH_Header* GetNCCH_CommonHDR(void *out, FILE *fp, u8 *buf) +{ + if(!fp && !buf) return NULL; + if(fp){ + if(!out) return NULL; + ReadFile_64(out,0x100,0x100,fp); + return (NCCH_Header*)out; + } + else{ + return (NCCH_Header*)(buf+0x100); + } +} + + +bool IsNCCH(FILE *fp, u8 *buf) +{ + if(!fp && !buf) return false; + NCCH_Header *ncchHDR = NULL; + bool result; + if(fp) { + ncchHDR = malloc(sizeof(NCCH_Header)); + GetNCCH_CommonHDR(ncchHDR,fp,NULL); + result = (memcmp(ncchHDR->magic,"NCCH",4) == 0); + free(ncchHDR); + } + else { + ncchHDR = GetNCCH_CommonHDR(ncchHDR,NULL,buf); + result = (memcmp(ncchHDR->magic,"NCCH",4) == 0); + } + return result; +} + +bool IsCfa(NCCH_Header* hdr) +{ + return (((hdr->flags[ContentType] & RomFS) == RomFS) && ((hdr->flags[ContentType] & ExeFS) != ExeFS)); +} + +u32 GetNCCH_MediaUnitSize(NCCH_Header* hdr) +{ + return 0x200*pow(2,hdr->flags[ContentUnitSize]); +} + +u32 GetNCCH_MediaSize(NCCH_Header* hdr) +{ + return u8_to_u32(hdr->content_size,LE); +} + +ncch_key_type GetNCCHKeyType(NCCH_Header* hdr) +{ + // Non-Secure Key Options + if((hdr->flags[OtherFlag] & NoCrypto) == NoCrypto) return NoKey; + if((hdr->flags[OtherFlag] & FixedCryptoKey) == FixedCryptoKey){ + if((hdr->program_id[3] & 0x10) == 0x10) return KeyIsSystemFixed; + else return KeyIsNormalFixed; + } + + // Secure Key Options + if(hdr->flags[SecureCrypto2] == 1) return KeyIsUnFixed2; + return KeyIsUnFixed; +} + +u8* GetNCCHKey(NCCH_Header* hdr, keys_struct *keys) +{ + ncch_key_type keytype = GetNCCHKeyType(hdr); + switch(keytype){ + case NoKey: return NULL; + case KeyIsNormalFixed: return keys->aes.NormalKey; + case KeyIsSystemFixed: + if(!keys->aes.SystemFixedKey) fprintf(stderr,"[NCCH WARNING] Unable to load SystemFixed Key\n"); + return keys->aes.SystemFixedKey; + case KeyIsUnFixed: + if(!keys->aes.UnFixedKey) fprintf(stderr,"[NCCH WARNING] Unable to load UnFixed Key\n"); + return keys->aes.UnFixedKey; + case KeyIsUnFixed2: + fprintf(stderr,"[NCCH WARNING] Crypto method (Secure2) not supported yet\n"); + return NULL; + } + return NULL; +} + +int GetNCCHSection(u8 *dest, u64 dest_max_size, u64 src_pos, u8 *ncch, NCCH_STRUCT *ncch_ctx, keys_struct *keys, ncch_section section) +{ + if(!ncch) return MEM_ERROR; + u8 *key = NULL; + NCCH_Header* hdr = GetNCCH_CommonHDR(NULL,NULL,ncch); + ncch_key_type keytype = GetNCCHKeyType(hdr); + + if(keytype != NoKey && (section == ncch_ExHeader || section == ncch_exefs || section == ncch_romfs)){ + key = GetNCCHKey(hdr,keys); + if(key == NULL){ + //fprintf(stderr,"[NCCH ERROR] Failed to load ncch aes key.\n"); + return UNABLE_TO_LOAD_NCCH_KEY; + } + } + //printf("detecting section type\n"); + u64 offset = 0; + u64 size = 0; + switch(section){ + case ncch_ExHeader: + offset = ncch_ctx->exheader_offset; + size = ncch_ctx->exheader_size; + break; + case ncch_Logo: + offset = ncch_ctx->logo_offset; + size = ncch_ctx->logo_size; + break; + case ncch_PlainRegion: + offset = ncch_ctx->plain_region_offset; + size = ncch_ctx->plain_region_size; + break; + case ncch_exefs: + offset = ncch_ctx->exefs_offset; + size = ncch_ctx->exefs_size; + break; + case ncch_romfs: + offset = ncch_ctx->romfs_offset; + size = ncch_ctx->romfs_size; + break; + } + if(!offset || !size) return NCCH_SECTION_NOT_EXIST; + + if(src_pos > size) return DATA_POS_DNE; + + size = min_u64(size-src_pos,dest_max_size); + + //printf("Copying data\n"); + u8 *section_pos = (ncch + offset + src_pos); + memcpy(dest,section_pos,size); + + //printf("decrypting if needed\n"); + if(keytype != NoKey && (section == ncch_ExHeader || section == ncch_exefs || section == ncch_romfs)){ // Decrypt + //memdump(stdout,"Key: ",key,16); + CryptNCCHSection(dest,size,src_pos,ncch_ctx,key,section); + //printf("no cigar\n"); + } + + return 0; +} + +int GetCXIStruct(NCCH_STRUCT *ctx, NCCH_Header *header) +{ + memcpy(ctx->titleID,header->title_id,8); + memcpy(ctx->programID,header->program_id,8); + + + u32 media_unit = GetNCCH_MediaUnitSize(header); + + ctx->version = u8_to_u16(header->version,LE); + if(!IsCfa(header)){ + ctx->exheader_offset = 0x200; + ctx->exheader_size = u8_to_u32(header->extended_header_size,LE) + 0x400; + ctx->logo_offset = (u64)(u8_to_u32(header->logo_region_offset,LE)*media_unit); + ctx->logo_size = (u64)(u8_to_u32(header->logo_region_size,LE)*media_unit); + ctx->plain_region_offset = (u64)(u8_to_u32(header->plain_region_offset,LE)*media_unit); + ctx->plain_region_size = (u64)(u8_to_u32(header->plain_region_size,LE)*media_unit); + ctx->exefs_offset = (u64)(u8_to_u32(header->exefs_offset,LE)*media_unit); + ctx->exefs_size = (u64)(u8_to_u32(header->exefs_size,LE)*media_unit); + ctx->exefs_hash_src_size = (u64)(u8_to_u32(header->exefs_hash_size,LE)*media_unit); + } + ctx->romfs_offset = (u64) (u8_to_u32(header->romfs_offset,LE)*media_unit); + ctx->romfs_size = (u64) (u8_to_u32(header->romfs_size,LE)*media_unit); + ctx->romfs_hash_src_size = (u64)(u8_to_u32(header->romfs_hash_size,LE)*media_unit); + return 0; +} + +void CryptNCCHSection(u8 *buffer, u64 size, u64 src_pos, NCCH_STRUCT *ctx, u8 key[16], u8 type) +{ + if(type < 1 || type > 3) + return; + u8 counter[0x10]; + ncch_get_counter(ctx,counter,type); + ctr_aes_context aes_ctx; + memset(&aes_ctx,0x0,sizeof(ctr_aes_context)); + ctr_init_counter(&aes_ctx, key, counter); + if(src_pos > 0){ + u32 carry = 0; + carry = align_value(src_pos,0x10); + carry = carry/0x10; + ctr_add_counter(&aes_ctx,carry); + } + ctr_crypt_counter(&aes_ctx, buffer, buffer, size); + return; +} + +void ncch_get_counter(NCCH_STRUCT *ctx, u8 counter[16], u8 type) +{ + u8 *titleID = ctx->titleID; + u32 i; + u32 x = 0; + + memset(counter, 0, 16); + + if (ctx->version == 2 || ctx->version == 0) + { + for(i=0; i<8; i++) + counter[i] = titleID[7-i]; + counter[8] = type; + } + else if (ctx->version == 1) + { + switch(type){ + case ncch_ExHeader : x = ctx->exheader_offset; break; + case ncch_exefs : x = ctx->exefs_offset; break; + case ncch_romfs : x = ctx->romfs_offset; break; + } + for(i=0; i<8; i++) + counter[i] = titleID[i]; + for(i=0; i<4; i++) + counter[12+i] = x>>((3-i)*8); + } +} \ No newline at end of file diff --git a/ncch.h b/ncch.h new file mode 100644 index 0000000..a58ac6f --- /dev/null +++ b/ncch.h @@ -0,0 +1,238 @@ +#ifndef _NCCH_H_ +#define _NCCH_H_ + +typedef enum +{ + NCCH_MEMERROR = -1, + SAVE_DATA_TOO_LARGE = -2, + NCCH_SECTION_NOT_EXIST = -3, + UNABLE_TO_LOAD_NCCH_KEY = -4, + NCCH_EXPORT_BUFFER_TOO_SMALL = -5, + NO_ROMFS_IN_CFA = -6, + NO_EXHEADER_IN_CXI = -7, + NO_EXEFS_IN_CXI = -8, + // SigCheck Errors + CXI_CORRUPT = -9, + ACCESSDESC_SIG_BAD = -10, + NCCH_HDR_SIG_BAD = -11, + // HashCheck Errors + ExHeader_Hashfail = -12, + Logo_Hashfail = -13, + ExeFs_Hashfail = -14, + RomFs_Hashfail = -15, + // Others + NCCH_BAD_YAML_SET = -16, + DATA_POS_DNE = -17, +} ncch_errors; + +typedef enum +{ + ncch_ExHeader = 1, + ncch_exefs, + ncch_romfs, + ncch_Logo, + ncch_PlainRegion, +} ncch_section; + +typedef enum +{ + NoKey, + KeyIsNormalFixed, + KeyIsSystemFixed, + KeyIsUnFixed, + KeyIsUnFixed2, +} ncch_key_type; + +typedef enum +{ + SecureCrypto2 = 3, + ContentPlatform = 4, + ContentType = 5, + ContentUnitSize = 6, + OtherFlag = 7 +} ncch_flags; + +typedef enum +{ + FixedCryptoKey = 0x1, + NoMountRomFs = 0x2, + NoCrypto = 0x4, +} ncch_otherflag_bitmask; + +typedef enum +{ + RomFS = 0x1, + ExeFS = 0x2, + SystemUpdate = 0x4, + Manual = 0x8, + Child = (0x4|0x8), + Trial = 0x10 +} ncch_content_bitmask; + +typedef struct +{ + u16 version; + u32 exheader_offset; + u32 exheader_size; + u64 logo_offset; + u64 logo_size; + u64 plain_region_offset; + u64 plain_region_size; + u64 exefs_offset; + u64 exefs_size; + u64 exefs_hash_src_size; + u64 romfs_offset; + u64 romfs_size; + u64 romfs_hash_src_size; + u8 titleID[8]; + u8 programID[8]; +}NCCH_STRUCT; + +typedef struct +{ + u8 magic[4]; + u8 content_size[4]; + u8 title_id[8]; + u8 maker_code[2]; + u8 version[2]; + u8 reserved_0[4]; + u8 program_id[8]; + u8 reserved_1[0x10]; + u8 logo_sha_256_hash[0x20]; + u8 product_code[0x10]; + u8 extended_header_sha_256_hash[0x20]; + u8 extended_header_size[4]; + u8 reserved_2[4]; + u8 flags[8]; + u8 plain_region_offset[4]; + u8 plain_region_size[4]; + u8 logo_region_offset[4]; + u8 logo_region_size[4]; + u8 exefs_offset[4]; + u8 exefs_size[4]; + u8 exefs_hash_size[4]; + u8 reserved_4[4]; + u8 romfs_offset[4]; + u8 romfs_size[4]; + u8 romfs_hash_size[4]; + u8 reserved_5[4]; + u8 exefs_sha_256_hash[0x20]; + u8 romfs_sha_256_hash[0x20]; +} NCCH_Header; + + +typedef struct +{ + keys_struct *keys; + desc_settings *yaml_set; + COMPONENT_STRUCT *out; + + struct{ + u8 *PubK; + u8 *PrivK; + } CxiRsaKey; + + struct + { + u32 MediaSize; + + fixed_accessdesc_type accessdesc; + + bool IncludeExeFsLogo; + bool CompressCode; + bool UseOnSD; + bool Encrypt; + bool FreeProductCode; + bool IsCfa; + bool IsBuildingCodeSection; + } Options; + + struct + { + FILE *elf; + u64 elf_size; + + FILE *banner; + u64 banner_size; + + FILE *icon; + u64 icon_size; + + FILE *logo; + u64 logo_size; + + FILE *code; + u64 code_size; + + FILE *exheader; + u64 exheader_size; + + FILE *romfs; + u64 romfs_size; + + FILE *plainregion; + u64 plainregion_size; + } ComponentFilePtrs; + + struct + { + COMPONENT_STRUCT Code; + COMPONENT_STRUCT Banner; + COMPONENT_STRUCT Icon; + } ExeFs_Sections; + + struct + { + u32 TextAddress; + u32 TextSize; + u32 TextMaxPages; + u32 ROAddress; + u32 ROSize; + u32 ROMaxPages; + u32 DataAddress; + u32 DataSize; + u32 DataMaxPages; + u32 BSS_Size; + } CodeDetails; + + struct + { + u64 TotalContentSize; + COMPONENT_STRUCT CommonHeader; + COMPONENT_STRUCT ExHeader; + u64 LogoOffset; + COMPONENT_STRUCT Logo; + u64 PlainRegionOffset; + COMPONENT_STRUCT PlainRegion; + u64 ExeFsOffset; + COMPONENT_STRUCT ExeFs; + u64 RomFsOffset; + COMPONENT_STRUCT RomFs; + } Sections; + +} ncch_settings; + +#endif + +// NCCH Build Functions +int build_NCCH(user_settings *usrset); + + +// NCCH Read Functions +int VerifyNCCH(u8 *ncch, keys_struct *keys, bool SuppressOutput); + +u8* RetargetNCCH(FILE *fp, u64 size, u8 *TitleId, u8 *ProgramId, keys_struct *keys); + +NCCH_Header* GetNCCH_CommonHDR(void *out, FILE *fp, u8 *buf); +bool IsNCCH(FILE *fp, u8 *buf); +bool IsCfa(NCCH_Header* hdr); +u32 GetNCCH_MediaUnitSize(NCCH_Header* hdr); +u32 GetNCCH_MediaSize(NCCH_Header* hdr); +ncch_key_type GetNCCHKeyType(NCCH_Header* hdr); + +int GetNCCHSection(u8 *dest, u64 dest_max_size, u64 src_pos, u8 *ncch, NCCH_STRUCT *ncch_ctx, keys_struct *keys, ncch_section section); +u8* GetNCCHKey(NCCH_Header* hdr, keys_struct *keys); + +int GetCXIStruct(NCCH_STRUCT *ctx, NCCH_Header *header); +void ncch_get_counter(NCCH_STRUCT *ctx, u8 counter[16], u8 type); +void CryptNCCHSection(u8 *buffer, u64 size, u64 src_pos, NCCH_STRUCT *ctx, u8 key[16], u8 type); \ No newline at end of file diff --git a/ncsd.c b/ncsd.c new file mode 100644 index 0000000..c79acba --- /dev/null +++ b/ncsd.c @@ -0,0 +1,554 @@ +#include "lib.h" +#include "ncch.h" +#include "exheader.h" +#include "ncsd.h" + +// Private Prototypes + +/* RSA Crypto */ +int SignCCI(u8 *Signature, u8 *NCSD_HDR); +int CheckCCISignature(u8 *Signature, u8 *NCSD_HDR); + +/* cci_settings tools */ +void init_CCISettings(cci_settings *set); +int get_CCISettings(cci_settings *cciset, user_settings *usrset); +void free_CCISettings(cci_settings *set); + +/* CCI Data Gen/Write */ +int GenNCSDHeader(cci_settings *cciset, user_settings *usrset); +int GenCardInfoHeader(cci_settings *cciset, user_settings *usrset); +int WriteCCI_HDR_ToFile(cci_settings *cciset); +int WriteCCI_Content_ToFile(cci_settings *cciset,user_settings *usrset); +int WriteCCI_DummyBytes(cci_settings *cciset); + +/* Get Data from Content Files */ +int CheckContent0(cci_settings *cciset, user_settings *usrset); +int GetDataFromContent0(cci_settings *cciset, user_settings *usrset); +int GetContentFP(cci_settings *cciset, user_settings *usrset); + +/* Get Data from YAML Settings */ +int GetMediaSize(cci_settings *cciset, user_settings *usrset); +u64 GetUnusedSize(u64 MediaSize, u8 CardType); +int GetMediaType(cci_settings *cciset, user_settings *usrset); +int GetPlatform(cci_settings *cciset, user_settings *usrset); +int GetCardDevice(cci_settings *cciset, user_settings *usrset); +int GetWriteableAddress(cci_settings *cciset, user_settings *usrset); +int GetCardInfoBitmask(cci_settings *cciset, user_settings *usrset); + +int CheckMediaSize(cci_settings *cciset); + +static InternalCCI_Context ctx; + +// Code +int build_CCI(user_settings *usrset) +{ + int result = 0; + + // Init Settings + cci_settings *cciset = malloc(sizeof(cci_settings)); + if(!cciset) {fprintf(stderr,"[CCI ERROR] MEM ERROR\n"); return MEM_ERROR;} + init_CCISettings(cciset); + + // Get Settings + result = get_CCISettings(cciset,usrset); + if(result) goto finish; + + // Create Output File + cciset->out = fopen(usrset->outfile,"wb"); + if(!cciset->out){ + fprintf(stderr,"[CCI ERROR] Failed to create '%s'\n",usrset->outfile); + result = FAILED_TO_CREATE_OUTFILE; + goto finish; + } + + // Generate NCSD Header and Additional Header + result = GenNCSDHeader(cciset,usrset); + if(result) goto finish; + GenCardInfoHeader(cciset,usrset); + + // Write to File + WriteCCI_HDR_ToFile(cciset); + result = WriteCCI_Content_ToFile(cciset,usrset); + if(result) goto finish; + + // Fill out file if necessary + if(cciset->MediaFootPadding) WriteCCI_DummyBytes(cciset); + + // Close output file +finish: + if(result != FAILED_TO_CREATE_OUTFILE && cciset->out) fclose(cciset->out); + free_CCISettings(cciset); + return result; +} + + +int SignCCI(u8 *Signature, u8 *NCSD_HDR) +{ + return ctr_sig(NCSD_HDR,sizeof(NCSD_Header),Signature,ctx.keys->rsa.CCI_Pub,ctx.keys->rsa.CCI_Priv,RSA_2048_SHA256,CTR_RSA_SIGN); +} + +int CheckCCISignature(u8 *Signature, u8 *NCSD_HDR) +{ + return ctr_sig(NCSD_HDR,sizeof(NCSD_Header),Signature,ctx.keys->rsa.CCI_Pub,NULL,RSA_2048_SHA256,CTR_RSA_VERIFY); +} + +void init_CCISettings(cci_settings *set) +{ + memset(set,0,sizeof(cci_settings)); + memset(&ctx,0,sizeof(InternalCCI_Context)); +} + +int get_CCISettings(cci_settings *cciset, user_settings *usrset) +{ + ctx.keys = &usrset->keys; + int result = 0; + + /* Importing Data from Content0 */ + result = CheckContent0(cciset,usrset); + if(result) return result; + + result = GetDataFromContent0(cciset,usrset); + if(result) return result; + + result = GetMediaSize(cciset,usrset); + if(result) return result; + + /* Getting Data from YAML */ + result = GetMediaType(cciset,usrset); + if(result) return result; + + result = GetPlatform(cciset,usrset); + if(result) return result; + + result = GetCardDevice(cciset,usrset); + if(result) return result; + + result = GetContentFP(cciset,usrset); + if(result) return result; + + result = CheckMediaSize(cciset); + if(result) return result; + + /** Card Info Header Data **/ + result = GetWriteableAddress(cciset,usrset); + if(result) return result; + + result = GetCardInfoBitmask(cciset,usrset); + if(result) return result; + + /* All Done */ + return 0; +} + +void free_CCISettings(cci_settings *set) +{ + if(set->content){ + for(int i = 1; i < 8; i++) { + if(set->content[i]) fclose(set->content[i]); + } + free(set->content); + } + free(set); +} + +int GenNCSDHeader(cci_settings *cciset, user_settings *usrset) +{ + memcpy((u8*)ctx.commonHDR.magic,"NCSD",4); + u32_to_u8((u8*)ctx.commonHDR.media_size,(cciset->MediaSize/cciset->MediaUnitSize),LE); + memcpy((u8*)ctx.commonHDR.title_id,cciset->MediaID,8); + for(int i = 0; i < 8; i++){ + u32_to_u8((u8*)ctx.commonHDR.offsetsize_table[i].offset,(cciset->ContentOffset[i]/cciset->MediaUnitSize),LE); + u32_to_u8((u8*)ctx.commonHDR.offsetsize_table[i].size,(cciset->ContentSize[i]/cciset->MediaUnitSize),LE); + memcpy((u8*)ctx.commonHDR.partition_id_table[i],cciset->ContentTitleID[i],8); + } + memcpy((u8*)ctx.commonHDR.partition_flags,cciset->NCSD_Flags,8); + if(SignCCI(ctx.Signature,(u8*)&ctx.commonHDR) != Good){ + fprintf(stderr,"[CCI ERROR] Failed to sign CCI\n"); + return CCI_SIG_FAIL; + } + return 0; +} + +int GenCardInfoHeader(cci_settings *cciset, user_settings *usrset) +{ + u32_to_u8((u8*)ctx.CardInfoHDR.writable_address,(cciset->WritableAddress/cciset->MediaUnitSize),LE); + u32_to_u8((u8*)ctx.CardInfoHDR.card_info_bitmask,cciset->CardInfoBitmask,BE); + u32_to_u8((u8*)ctx.CardInfoHDR.media_size_used,cciset->TotalContentSize,LE); + memcpy((u8*)ctx.CardInfoHDR.ncch_0_title_id,cciset->ContentTitleID[0],8); + memcpy((u8*)ctx.CardInfoHDR.initial_data,cciset->InitialData,0x30); + if(!(usrset->OmitImportedNcchHdr && !usrset->IsBuildingNCCH0)) memcpy((u8*)ctx.CardInfoHDR.ncch_0_header,cciset->NCCH_HDR,0x100); + memcpy((u8*)ctx.DevCardInfoHDR.TitleKey,cciset->TitleKey,0x10); + return 0; +} + +int WriteCCI_HDR_ToFile(cci_settings *cciset) +{ + WriteBuffer(ctx.Signature,0x100,0,cciset->out); + WriteBuffer((u8*)&ctx.commonHDR,sizeof(NCSD_Header),0x100,cciset->out); + WriteBuffer((u8*)&ctx.CardInfoHDR,sizeof(CardInfo_Header),0x200,cciset->out); + WriteBuffer((u8*)&ctx.DevCardInfoHDR,sizeof(Dev_CardInfo_Header),0x1200,cciset->out); + return 0; +} + +int WriteCCI_Content_ToFile(cci_settings *cciset,user_settings *usrset) +{ + // Write Content 0 + WriteBuffer(cciset->ncch0,cciset->ContentSize[0],cciset->ContentOffset[0],cciset->out); + free(usrset->Content0.buffer); + usrset->Content0.buffer = NULL; + usrset->Content0.size = 0; + + // Add additional contents, recreating them with their new TitleID + for(int i = 1; i < 8; i++){ + if(cciset->content[i]){ + u8 *ContentBuff = RetargetNCCH(cciset->content[i],cciset->ContentSize[i],cciset->ContentTitleID[i],cciset->MediaID,ctx.keys); + if(!ContentBuff){ + fprintf(stderr,"[CCI ERROR] Could not import content %d to CCI\n",i); + return FAILED_TO_IMPORT_FILE; + } + WriteBuffer(ContentBuff,cciset->ContentSize[i],cciset->ContentOffset[i],cciset->out); + free(ContentBuff); + } + } + return 0; +} + +int WriteCCI_DummyBytes(cci_settings *cciset) +{ + // Seeking end of CCI Data + fseek_64(cciset->out,cciset->TotalContentSize,SEEK_SET); + + // Determining Size of Dummy Bytes + u64 len = cciset->MediaSize - cciset->TotalContentSize; + + // Creating Buffer of Dummy Bytes + u8 dummy_bytes[cciset->MediaUnitSize]; + memset(&dummy_bytes,0xff,cciset->MediaUnitSize); + + // Writing Dummy Bytes to file + for(u64 i = 0; i < len; i += cciset->MediaUnitSize){ + fwrite(&dummy_bytes,cciset->MediaUnitSize,1,cciset->out); + } + + return 0; +} + +int GetContentFP(cci_settings *cciset, user_settings *usrset) +{ + cciset->content = malloc(sizeof(FILE*)*8); + if(!cciset->content){ + fprintf(stderr,"[CCI ERROR] MEM ERROR\n"); + return MEM_ERROR; + } + memset(cciset->content,0,sizeof(FILE*)*8); + + for(int i = 1; i < 8; i++){ + if(usrset->ContentPath[i]){ + cciset->content[i] = fopen(usrset->ContentPath[i],"rb"); + if(!cciset->content[i]){ // Checking if file could be opened + fprintf(stderr,"[CCI ERROR] Failed to create '%s'\n",usrset->outfile); + return FAILED_TO_OPEN_FILE; + } + if(!IsNCCH(cciset->content[i],NULL)){ // Checking if NCCH + fprintf(stderr,"[CCI ERROR] Content '%s' is invalid\n",usrset->ContentPath[i]); + return NCSD_INVALID_NCCH0; + } + + // Getting NCCH Header + NCCH_Header *hdr = malloc(sizeof(NCCH_Header));; + GetNCCH_CommonHDR(hdr,cciset->content[i],NULL); + + if(GetNCCH_MediaUnitSize(hdr) != cciset->MediaUnitSize){ // Checking if Media Unit Size matches CCI + fprintf(stderr,"[CCI ERROR] Content '%s' is invalid\n",usrset->ContentPath[i]); + return NCSD_INVALID_NCCH0; + } + + memcpy(&cciset->ContentTitleID[i],cciset->MediaID,8); // Set TitleID + + // Modify TitleID Accordingly + u16 tmp = u8_to_u16(&hdr->title_id[6],LE); + tmp |= (i+4); + u16_to_u8(&cciset->ContentTitleID[i][6],tmp,LE); + + cciset->ContentSize[i] = GetNCCH_MediaSize(hdr)*cciset->MediaUnitSize; + cciset->ContentOffset[i] = cciset->TotalContentSize; + + cciset->TotalContentSize += cciset->ContentSize[i]; + + free(hdr); + } + } + return 0; +} + +int CheckContent0(cci_settings *cciset, user_settings *usrset) +{ + if(!usrset->Content0.size) + return NCSD_NO_NCCH0; + cciset->ncch0 = usrset->Content0.buffer; + cciset->ncch0_FileLen = usrset->Content0.size; + + if(!IsNCCH(NULL,cciset->ncch0)) + return NCSD_INVALID_NCCH0; + + return 0; +} + +int GetDataFromContent0(cci_settings *cciset, user_settings *usrset) +{ + cciset->TotalContentSize = 0x4000; + + NCCH_Header *hdr; + + hdr = GetNCCH_CommonHDR(NULL,NULL,cciset->ncch0); + + cciset->NCCH_HDR = hdr; + + //memdump(stdout,"ncch0 head: ",(cciset->ncch0+0x100),0x100); + //memdump(stdout,"ncch0 head: ",(u8*)(hdr),0x100); + + memcpy(cciset->MediaID,hdr->title_id,8); + memcpy(&cciset->ContentTitleID[0],hdr->title_id,8); + if(usrset->GenSDKCardInfoHeader){ + memcpy(cciset->InitialData,Stock_InitialData,0x30); + memcpy(cciset->TitleKey,Stock_TitleKey,0x10); + } + else{ + u8 Hash[0x40]; + ctr_sha(cciset->ncch0,0x80,Hash,CTR_SHA_256); + ctr_sha((cciset->ncch0+0x80),0x80,(Hash+0x20),CTR_SHA_256); + memcpy(cciset->InitialData,Hash,0x2C); + //memcpy(cciset->TitleKey,(Hash+0x30),0x10); // Might Remove + } + + + cciset->NCSD_Flags[MediaUnitSize] = hdr->flags[ContentUnitSize]; + cciset->MediaUnitSize = GetNCCH_MediaUnitSize(hdr); + + cciset->ContentSize[0] = (u64)(GetNCCH_MediaSize(hdr) * cciset->MediaUnitSize); + cciset->ContentOffset[0] = cciset->TotalContentSize; + + cciset->TotalContentSize += cciset->ContentSize[0]; + return 0; +} + +int GetMediaSize(cci_settings *cciset, user_settings *usrset) +{ + char *MediaSizeStr = usrset->yaml_set.DefaultSpec.BasicInfo.MediaSize; + if(!MediaSizeStr) cciset->MediaSize = (u64)GB*2; + else{ + if(strcasecmp(MediaSizeStr,"128MB") == 0) cciset->MediaSize = (u64)MB*128; + else if(strcasecmp(MediaSizeStr,"256MB") == 0) cciset->MediaSize = (u64)MB*256; + else if(strcasecmp(MediaSizeStr,"512MB") == 0) cciset->MediaSize = (u64)MB*512; + else if(strcasecmp(MediaSizeStr,"1GB") == 0) cciset->MediaSize = (u64)GB*1; + else if(strcasecmp(MediaSizeStr,"2GB") == 0) cciset->MediaSize = (u64)GB*2; + else if(strcasecmp(MediaSizeStr,"4GB") == 0) cciset->MediaSize = (u64)GB*4; + else if(strcasecmp(MediaSizeStr,"8GB") == 0) cciset->MediaSize = (u64)GB*8; + else if(strcasecmp(MediaSizeStr,"16GB") == 0) cciset->MediaSize = (u64)GB*16; + else if(strcasecmp(MediaSizeStr,"32GB") == 0) cciset->MediaSize = (u64)GB*32; + else { + fprintf(stderr,"[CCI ERROR] Invalid MediaSize: %s\n",MediaSizeStr); + return INVALID_YAML_OPT; + } + } + + if(usrset->yaml_set.DefaultSpec.BasicInfo.MediaFootPadding != -1) cciset->MediaFootPadding = usrset->yaml_set.DefaultSpec.BasicInfo.MediaFootPadding; + + return 0; +} + +u64 GetUnusedSize(u64 MediaSize, u8 CardType) +{ + if(CardType == CARD1){ + switch(MediaSize){ + case (u64)MB*128: return (u64)2621440; + case (u64)MB*256: return (u64)5242880; + case (u64)MB*512: return (u64)10485760; + case (u64)GB*1: return (u64)73924608; + case (u64)GB*2: return (u64)147324928; + case (u64)GB*4: return (u64)294649856; + case (u64)GB*8: return (u64)587202560; + default: return (u64)((MediaSize/MB)*0x11800); // Aprox + } + } + else if(CardType == CARD2){ + switch(MediaSize){ + case (u64)MB*512: return (u64)37224448; + case (u64)GB*1: return (u64)73924608; + case (u64)GB*2: return (u64)147324928; + case (u64)GB*4: return (u64)294649856; + case (u64)GB*8: return (u64)587202560; + default: return (u64)((MediaSize/MB)*0x11800); // Aprox + } + } + return 0; +} + +int GetMediaType(cci_settings *cciset, user_settings *usrset) +{ + char *MediaTypeStr = usrset->yaml_set.DefaultSpec.CardInfo.MediaType; + if(!MediaTypeStr) cciset->NCSD_Flags[MediaTypeIndex] = CARD1; + else{ + if(strcasecmp(MediaTypeStr,"Card1") == 0) cciset->NCSD_Flags[MediaTypeIndex] = CARD1; + else if(strcasecmp(MediaTypeStr,"Card2") == 0) cciset->NCSD_Flags[MediaTypeIndex] = CARD2; + else { + fprintf(stderr,"[CCI ERROR] Invalid MediaType: %s\n",MediaTypeStr); + return INVALID_YAML_OPT; + } + } + return 0; +} + +int GetPlatform(cci_settings *cciset, user_settings *usrset) +{ + char *PlatformStr = usrset->yaml_set.DefaultSpec.TitleInfo.Platform; + if(!PlatformStr) cciset->NCSD_Flags[MediaPlatformIndex] = CTR; + else{ + if(strcasecmp(PlatformStr,"ctr") == 0) cciset->NCSD_Flags[MediaPlatformIndex] = CTR; + else { + fprintf(stderr,"[CCI ERROR] Invalid Platform: %s\n",PlatformStr); + return INVALID_YAML_OPT; + } + } + return 0; +} + +int GetCardDevice(cci_settings *cciset, user_settings *usrset) +{ + char *CardDeviceStr = usrset->yaml_set.DefaultSpec.CardInfo.CardDevice; + if(!CardDeviceStr) cciset->NCSD_Flags[CardDeviceFlag] = CARD_DEVICE_NONE; + else{ + if(strcmp(CardDeviceStr,"NorFlash") == 0) { + cciset->NCSD_Flags[CardDeviceFlag] = CARD_DEVICE_NOR_FLASH; + if(cciset->NCSD_Flags[MediaTypeIndex] == CARD2){ + fprintf(stderr,"[CCI WARNING] 'CardDevice: NorFlash' is invalid on Card2\n"); + cciset->NCSD_Flags[CardDeviceFlag] = CARD_DEVICE_NONE; + } + } + else if(strcmp(CardDeviceStr,"None") == 0) cciset->NCSD_Flags[CardDeviceFlag] = CARD_DEVICE_NONE; + else if(strcmp(CardDeviceStr,"BT") == 0) cciset->NCSD_Flags[CardDeviceFlag] = CARD_DEVICE_BT; + else { + fprintf(stderr,"[CCI ERROR] Invalid CardDevice: %s\n",CardDeviceStr); + return INVALID_YAML_OPT; + } + } + return 0; +} + +int GetWriteableAddress(cci_settings *cciset, user_settings *usrset) +{ + int result = GetSaveDataSize_yaml(&cciset->SaveDataSize,usrset); + if(result) return result; + + char *WriteableAddressStr = usrset->yaml_set.DefaultSpec.CardInfo.WritableAddress;; + + cciset->WritableAddress = -1; + if(cciset->NCSD_Flags[MediaTypeIndex] != CARD2) return 0; // Can only be set for Card2 Media + + if(WriteableAddressStr){ + if(strncmp(WriteableAddressStr,"0x",2) != 0){ + fprintf(stderr,"[CCI ERROR] WritableAddress requires a Hexadecimal value\n"); + return INVALID_YAML_OPT; + } + cciset->WritableAddress = strtoul((WriteableAddressStr+2),NULL,16); + } + if(cciset->WritableAddress == -1){ // If not set manually or is max size + if ((cciset->MediaSize / 2) < cciset->SaveDataSize){ // If SaveData size is greater than half the MediaSize + u64 saveDataSize = cciset->SaveDataSize / KB; + fprintf(stderr,"[CCI ERROR] Too large SaveDataSize %luK\n",saveDataSize); + return SAVE_DATA_TOO_LARGE; + } + if (cciset->SaveDataSize > (u64)(2047*MB)){ // Limit set by Nintendo + u64 saveDataSize = cciset->SaveDataSize / KB; + fprintf(stderr,"[CCI ERROR] Too large SaveDataSize %luK\n",saveDataSize); + return SAVE_DATA_TOO_LARGE; + } + u64 UnusedSize = GetUnusedSize(cciset->MediaSize,cciset->NCSD_Flags[MediaTypeIndex]); // Need to look into this + cciset->WritableAddress = cciset->MediaSize - UnusedSize - cciset->SaveDataSize; + } + return 0; +} + +int GetCardInfoBitmask(cci_settings *cciset, user_settings *usrset) +{ + char *str = usrset->yaml_set.DefaultSpec.CardInfo.CardType; + if(!str) cciset->CardInfoBitmask |= 0; + else{ + if(strcasecmp(str,"s1") == 0) cciset->CardInfoBitmask |= 0; + else if(strcasecmp(str,"s2") == 0) cciset->CardInfoBitmask |= 0x20; + else { + fprintf(stderr,"[CCI ERROR] Invalid CardType: %s\n",str); + return INVALID_YAML_OPT; + } + } + + str = usrset->yaml_set.DefaultSpec.CardInfo.CryptoType; + if(!str) cciset->CardInfoBitmask |= (3*0x40); + else{ + int Value = strtol(str,NULL,10); + if(Value < 0 || Value > 3) { + fprintf(stderr,"[CCI ERROR] Invalid CryptoType: %s\n",str); + return INVALID_YAML_OPT; + } + if(Value != 3){ + fprintf(stderr,"[CCI WARNING] Card crypto type = '%d'\n",Value); + } + cciset->CardInfoBitmask |= (Value*0x40); + } + + return 0; +} + +int CheckMediaSize(cci_settings *cciset) +{ + if(cciset->TotalContentSize > cciset->MediaSize){ + char *MediaSizeStr = NULL; + switch(cciset->MediaSize){ + case (u64)128*MB: MediaSizeStr = " '128MB'"; break; + case (u64)256*MB: MediaSizeStr = " '256MB'"; break; + case (u64)512*MB: MediaSizeStr = " '512MB'"; break; + case (u64)1*GB: MediaSizeStr = " '1GB'"; break; + case (u64)2*GB: MediaSizeStr = " '2GB'"; break; + case (u64)4*GB: MediaSizeStr = " '4GB'"; break; + case (u64)8*GB: MediaSizeStr = " '8GB'"; break; + case (u64)16*GB: MediaSizeStr = " '16GB'"; break; + case (u64)32*GB: MediaSizeStr = " '32GB'"; break; + default: MediaSizeStr = ""; break; + } + fprintf(stderr,"[CCI ERROR] MediaSize%s is too Small\n",MediaSizeStr); + return INVALID_YAML_OPT; + } + return 0; +} + +bool IsCci(u8 *ncsd) +{ + NCSD_Header *hdr = (NCSD_Header*)(ncsd+0x100); + if(!hdr) return false; + if(memcmp(hdr->magic,"NCSD",4)!=0) return false; + if(hdr->partition_flags[MediaPlatformIndex] != CTR) return false; + if(hdr->partition_flags[MediaTypeIndex] != CARD1 && hdr->partition_flags[MediaTypeIndex] != CARD2) return false; + return true; +} + +u8* GetPartition(u8 *ncsd, u8 index) +{ + return (u8*)(ncsd+GetPartitionOffset(ncsd,index)); +} + + +u64 GetPartitionOffset(u8 *ncsd, u8 index) +{ + NCSD_Header *hdr = (NCSD_Header*)(ncsd+0x100); + u32 media_size = 0x200*pow(2,hdr->partition_flags[MediaUnitSize]); + u32 offset = u8_to_u64(hdr->offsetsize_table[index].offset,LE); + return offset*media_size; +} + +u64 GetPartitionSize(u8 *ncsd, u8 index) +{ + NCSD_Header *hdr = (NCSD_Header*)(ncsd+0x100); + u32 media_size = 0x200*pow(2,hdr->partition_flags[MediaUnitSize]); + u32 size = u8_to_u64(hdr->offsetsize_table[index].size,LE); + return size*media_size; +} diff --git a/ncsd.h b/ncsd.h new file mode 100644 index 0000000..ff0e7b7 --- /dev/null +++ b/ncsd.h @@ -0,0 +1,162 @@ +#ifndef _NCSD_H_ +#define _NCSD_H_ + + +// Enums +typedef enum +{ + NCSD_NO_NCCH0 = -1, + NCSD_INVALID_NCCH0 = -2, + INVALID_YAML_OPT = -3, + CCI_SIG_FAIL = -4, + +} ncsd_errors; + +typedef enum +{ + FW6x_SaveCryptoFlag = 1, + CardDeviceFlag = 3, + MediaPlatformIndex = 4, + MediaTypeIndex = 5, + MediaUnitSize = 6, + OldCardDeviceFlag = 7 +} FlagIndex; + +typedef enum +{ + CARD_DEVICE_NOR_FLASH = 1, + CARD_DEVICE_NONE = 2, + CARD_DEVICE_BT = 3 +} _CardDevice; + +typedef enum +{ + CTR = 1, +} _PlatformIndex; + +typedef enum +{ + INNER_DEVICE, + CARD1, + CARD2, + EXTENDED_DEVICE +} _TypeIndex; + +// Structs +typedef struct +{ + u8 offset[4]; + u8 size[4]; +} partition_offsetsize; + +typedef struct +{ + u8 magic[4]; + u8 media_size[4]; + u8 title_id[8]; + u8 partitions_fs_type[8]; + u8 partitions_crypto_type[8]; + partition_offsetsize offsetsize_table[8]; + u8 exheader_hash[0x20]; + u8 additional_header_size[0x4]; + u8 sector_zero_offset[0x4]; + u8 partition_flags[8]; + u8 partition_id_table[8][8]; + u8 reserved[0x30]; +} NCSD_Header; + +typedef struct +{ + u8 writable_address[4]; + u8 card_info_bitmask[4]; + // Notes + u8 reserved_0[0xf8]; + u8 media_size_used[8]; + u8 reserved_1[0x18]; + u8 cver_title_id[8]; + u8 cver_title_version[2]; + u8 reserved_2[0xcd6]; + // + u8 ncch_0_title_id[8]; + u8 reserved_3[8]; + u8 initial_data[0x30]; + u8 reserved_4[0xc0]; + u8 ncch_0_header[0x100]; +} CardInfo_Header; + +typedef struct +{ + u8 CardDeviceReserved1[0x200]; + u8 TitleKey[0x10]; + u8 CardDeviceReserved2[0xf0]; +} Dev_CardInfo_Header; + +typedef struct +{ + u8 Signature[0x100]; + NCSD_Header commonHDR; + CardInfo_Header CardInfoHDR; + Dev_CardInfo_Header DevCardInfoHDR; + u8 *ContentImportBuffer; + keys_struct *keys; +} InternalCCI_Context; + +typedef struct +{ + u64 MediaSize; + u8 MediaID[8]; + u8 NCSD_Flags[8]; + u64 SaveDataSize; + u64 WritableAddress; + u32 CardInfoBitmask; + + u8 InitialData[0x30]; + NCCH_Header *NCCH_HDR; + u8 TitleKey[0x10]; + + u8 *ncch0; + u64 ncch0_FileLen; + FILE **content; + u64 ContentSize[CCI_MAX_CONTENT]; + u64 ContentOffset[CCI_MAX_CONTENT]; + u8 ContentTitleID[CCI_MAX_CONTENT][8]; + u64 TotalContentSize; + + bool MediaFootPadding; + u32 MediaUnitSize; + + FILE *out; +} cci_settings; + +static const u8 Stock_InitialData[0x30] = +{ + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0xAD, 0x88, + 0xAC, 0x41, 0xA2, 0xB1, 0x5E, 0x8F, + 0x66, 0x9C, 0x97, 0xE5, 0xE1, 0x5E, + 0xA3, 0xEB, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 +}; + +static const u8 Stock_TitleKey[0x10] = +{ + 0x6E, 0xC7, 0x5F, 0xB2, 0xE2, 0xB4, + 0x87, 0x46, 0x1E, 0xDD, 0xCB, 0xB8, + 0x97, 0x11, 0x92, 0xBA +}; + +#endif + +// Public Prototypes + + +// Build Functions +int build_CCI(user_settings *usrset); + +// Read Functions +bool IsCci(u8 *ncsd); +u8* GetPartition(u8 *ncsd, u8 index); +u64 GetPartitionOffset(u8 *ncsd, u8 index); +u64 GetPartitionSize(u8 *ncsd, u8 index); \ No newline at end of file diff --git a/polarssl/aes.c b/polarssl/aes.c new file mode 100644 index 0000000..6456c54 --- /dev/null +++ b/polarssl/aes.c @@ -0,0 +1,1352 @@ +/* + * FIPS-197 compliant AES implementation + * + * Copyright (C) 2006-2013, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +/* + * The AES block cipher was designed by Vincent Rijmen and Joan Daemen. + * + * http://csrc.nist.gov/encryption/aes/rijndael/Rijndael.pdf + * http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf + */ + +#include "polarssl/config.h" + +#if defined(POLARSSL_AES_C) + +#include "polarssl/aes.h" +#if defined(POLARSSL_PADLOCK_C) +#include "polarssl/padlock.h" +#endif + +#if !defined(POLARSSL_AES_ALT) + +/* + * 32-bit integer manipulation macros (little endian) + */ +#ifndef GET_UINT32_LE +#define GET_UINT32_LE(n,b,i) \ +{ \ + (n) = ( (uint32_t) (b)[(i) ] ) \ + | ( (uint32_t) (b)[(i) + 1] << 8 ) \ + | ( (uint32_t) (b)[(i) + 2] << 16 ) \ + | ( (uint32_t) (b)[(i) + 3] << 24 ); \ +} +#endif + +#ifndef PUT_UINT32_LE +#define PUT_UINT32_LE(n,b,i) \ +{ \ + (b)[(i) ] = (unsigned char) ( (n) ); \ + (b)[(i) + 1] = (unsigned char) ( (n) >> 8 ); \ + (b)[(i) + 2] = (unsigned char) ( (n) >> 16 ); \ + (b)[(i) + 3] = (unsigned char) ( (n) >> 24 ); \ +} +#endif + +#if defined(POLARSSL_PADLOCK_C) && \ + ( defined(POLARSSL_HAVE_X86) || defined(PADLOCK_ALIGN16) ) +static int aes_padlock_ace = -1; +#endif + +#if defined(POLARSSL_AES_ROM_TABLES) +/* + * Forward S-box + */ +static const unsigned char FSb[256] = +{ + 0x63, 0x7C, 0x77, 0x7B, 0xF2, 0x6B, 0x6F, 0xC5, + 0x30, 0x01, 0x67, 0x2B, 0xFE, 0xD7, 0xAB, 0x76, + 0xCA, 0x82, 0xC9, 0x7D, 0xFA, 0x59, 0x47, 0xF0, + 0xAD, 0xD4, 0xA2, 0xAF, 0x9C, 0xA4, 0x72, 0xC0, + 0xB7, 0xFD, 0x93, 0x26, 0x36, 0x3F, 0xF7, 0xCC, + 0x34, 0xA5, 0xE5, 0xF1, 0x71, 0xD8, 0x31, 0x15, + 0x04, 0xC7, 0x23, 0xC3, 0x18, 0x96, 0x05, 0x9A, + 0x07, 0x12, 0x80, 0xE2, 0xEB, 0x27, 0xB2, 0x75, + 0x09, 0x83, 0x2C, 0x1A, 0x1B, 0x6E, 0x5A, 0xA0, + 0x52, 0x3B, 0xD6, 0xB3, 0x29, 0xE3, 0x2F, 0x84, + 0x53, 0xD1, 0x00, 0xED, 0x20, 0xFC, 0xB1, 0x5B, + 0x6A, 0xCB, 0xBE, 0x39, 0x4A, 0x4C, 0x58, 0xCF, + 0xD0, 0xEF, 0xAA, 0xFB, 0x43, 0x4D, 0x33, 0x85, + 0x45, 0xF9, 0x02, 0x7F, 0x50, 0x3C, 0x9F, 0xA8, + 0x51, 0xA3, 0x40, 0x8F, 0x92, 0x9D, 0x38, 0xF5, + 0xBC, 0xB6, 0xDA, 0x21, 0x10, 0xFF, 0xF3, 0xD2, + 0xCD, 0x0C, 0x13, 0xEC, 0x5F, 0x97, 0x44, 0x17, + 0xC4, 0xA7, 0x7E, 0x3D, 0x64, 0x5D, 0x19, 0x73, + 0x60, 0x81, 0x4F, 0xDC, 0x22, 0x2A, 0x90, 0x88, + 0x46, 0xEE, 0xB8, 0x14, 0xDE, 0x5E, 0x0B, 0xDB, + 0xE0, 0x32, 0x3A, 0x0A, 0x49, 0x06, 0x24, 0x5C, + 0xC2, 0xD3, 0xAC, 0x62, 0x91, 0x95, 0xE4, 0x79, + 0xE7, 0xC8, 0x37, 0x6D, 0x8D, 0xD5, 0x4E, 0xA9, + 0x6C, 0x56, 0xF4, 0xEA, 0x65, 0x7A, 0xAE, 0x08, + 0xBA, 0x78, 0x25, 0x2E, 0x1C, 0xA6, 0xB4, 0xC6, + 0xE8, 0xDD, 0x74, 0x1F, 0x4B, 0xBD, 0x8B, 0x8A, + 0x70, 0x3E, 0xB5, 0x66, 0x48, 0x03, 0xF6, 0x0E, + 0x61, 0x35, 0x57, 0xB9, 0x86, 0xC1, 0x1D, 0x9E, + 0xE1, 0xF8, 0x98, 0x11, 0x69, 0xD9, 0x8E, 0x94, + 0x9B, 0x1E, 0x87, 0xE9, 0xCE, 0x55, 0x28, 0xDF, + 0x8C, 0xA1, 0x89, 0x0D, 0xBF, 0xE6, 0x42, 0x68, + 0x41, 0x99, 0x2D, 0x0F, 0xB0, 0x54, 0xBB, 0x16 +}; + +/* + * Forward tables + */ +#define FT \ +\ + V(A5,63,63,C6), V(84,7C,7C,F8), V(99,77,77,EE), V(8D,7B,7B,F6), \ + V(0D,F2,F2,FF), V(BD,6B,6B,D6), V(B1,6F,6F,DE), V(54,C5,C5,91), \ + V(50,30,30,60), V(03,01,01,02), V(A9,67,67,CE), V(7D,2B,2B,56), \ + V(19,FE,FE,E7), V(62,D7,D7,B5), V(E6,AB,AB,4D), V(9A,76,76,EC), \ + V(45,CA,CA,8F), V(9D,82,82,1F), V(40,C9,C9,89), V(87,7D,7D,FA), \ + V(15,FA,FA,EF), V(EB,59,59,B2), V(C9,47,47,8E), V(0B,F0,F0,FB), \ + V(EC,AD,AD,41), V(67,D4,D4,B3), V(FD,A2,A2,5F), V(EA,AF,AF,45), \ + V(BF,9C,9C,23), V(F7,A4,A4,53), V(96,72,72,E4), V(5B,C0,C0,9B), \ + V(C2,B7,B7,75), V(1C,FD,FD,E1), V(AE,93,93,3D), V(6A,26,26,4C), \ + V(5A,36,36,6C), V(41,3F,3F,7E), V(02,F7,F7,F5), V(4F,CC,CC,83), \ + V(5C,34,34,68), V(F4,A5,A5,51), V(34,E5,E5,D1), V(08,F1,F1,F9), \ + V(93,71,71,E2), V(73,D8,D8,AB), V(53,31,31,62), V(3F,15,15,2A), \ + V(0C,04,04,08), V(52,C7,C7,95), V(65,23,23,46), V(5E,C3,C3,9D), \ + V(28,18,18,30), V(A1,96,96,37), V(0F,05,05,0A), V(B5,9A,9A,2F), \ + V(09,07,07,0E), V(36,12,12,24), V(9B,80,80,1B), V(3D,E2,E2,DF), \ + V(26,EB,EB,CD), V(69,27,27,4E), V(CD,B2,B2,7F), V(9F,75,75,EA), \ + V(1B,09,09,12), V(9E,83,83,1D), V(74,2C,2C,58), V(2E,1A,1A,34), \ + V(2D,1B,1B,36), V(B2,6E,6E,DC), V(EE,5A,5A,B4), V(FB,A0,A0,5B), \ + V(F6,52,52,A4), V(4D,3B,3B,76), V(61,D6,D6,B7), V(CE,B3,B3,7D), \ + V(7B,29,29,52), V(3E,E3,E3,DD), V(71,2F,2F,5E), V(97,84,84,13), \ + V(F5,53,53,A6), V(68,D1,D1,B9), V(00,00,00,00), V(2C,ED,ED,C1), \ + V(60,20,20,40), V(1F,FC,FC,E3), V(C8,B1,B1,79), V(ED,5B,5B,B6), \ + V(BE,6A,6A,D4), V(46,CB,CB,8D), V(D9,BE,BE,67), V(4B,39,39,72), \ + V(DE,4A,4A,94), V(D4,4C,4C,98), V(E8,58,58,B0), V(4A,CF,CF,85), \ + V(6B,D0,D0,BB), V(2A,EF,EF,C5), V(E5,AA,AA,4F), V(16,FB,FB,ED), \ + V(C5,43,43,86), V(D7,4D,4D,9A), V(55,33,33,66), V(94,85,85,11), \ + V(CF,45,45,8A), V(10,F9,F9,E9), V(06,02,02,04), V(81,7F,7F,FE), \ + V(F0,50,50,A0), V(44,3C,3C,78), V(BA,9F,9F,25), V(E3,A8,A8,4B), \ + V(F3,51,51,A2), V(FE,A3,A3,5D), V(C0,40,40,80), V(8A,8F,8F,05), \ + V(AD,92,92,3F), V(BC,9D,9D,21), V(48,38,38,70), V(04,F5,F5,F1), \ + V(DF,BC,BC,63), V(C1,B6,B6,77), V(75,DA,DA,AF), V(63,21,21,42), \ + V(30,10,10,20), V(1A,FF,FF,E5), V(0E,F3,F3,FD), V(6D,D2,D2,BF), \ + V(4C,CD,CD,81), V(14,0C,0C,18), V(35,13,13,26), V(2F,EC,EC,C3), \ + V(E1,5F,5F,BE), V(A2,97,97,35), V(CC,44,44,88), V(39,17,17,2E), \ + V(57,C4,C4,93), V(F2,A7,A7,55), V(82,7E,7E,FC), V(47,3D,3D,7A), \ + V(AC,64,64,C8), V(E7,5D,5D,BA), V(2B,19,19,32), V(95,73,73,E6), \ + V(A0,60,60,C0), V(98,81,81,19), V(D1,4F,4F,9E), V(7F,DC,DC,A3), \ + V(66,22,22,44), V(7E,2A,2A,54), V(AB,90,90,3B), V(83,88,88,0B), \ + V(CA,46,46,8C), V(29,EE,EE,C7), V(D3,B8,B8,6B), V(3C,14,14,28), \ + V(79,DE,DE,A7), V(E2,5E,5E,BC), V(1D,0B,0B,16), V(76,DB,DB,AD), \ + V(3B,E0,E0,DB), V(56,32,32,64), V(4E,3A,3A,74), V(1E,0A,0A,14), \ + V(DB,49,49,92), V(0A,06,06,0C), V(6C,24,24,48), V(E4,5C,5C,B8), \ + V(5D,C2,C2,9F), V(6E,D3,D3,BD), V(EF,AC,AC,43), V(A6,62,62,C4), \ + V(A8,91,91,39), V(A4,95,95,31), V(37,E4,E4,D3), V(8B,79,79,F2), \ + V(32,E7,E7,D5), V(43,C8,C8,8B), V(59,37,37,6E), V(B7,6D,6D,DA), \ + V(8C,8D,8D,01), V(64,D5,D5,B1), V(D2,4E,4E,9C), V(E0,A9,A9,49), \ + V(B4,6C,6C,D8), V(FA,56,56,AC), V(07,F4,F4,F3), V(25,EA,EA,CF), \ + V(AF,65,65,CA), V(8E,7A,7A,F4), V(E9,AE,AE,47), V(18,08,08,10), \ + V(D5,BA,BA,6F), V(88,78,78,F0), V(6F,25,25,4A), V(72,2E,2E,5C), \ + V(24,1C,1C,38), V(F1,A6,A6,57), V(C7,B4,B4,73), V(51,C6,C6,97), \ + V(23,E8,E8,CB), V(7C,DD,DD,A1), V(9C,74,74,E8), V(21,1F,1F,3E), \ + V(DD,4B,4B,96), V(DC,BD,BD,61), V(86,8B,8B,0D), V(85,8A,8A,0F), \ + V(90,70,70,E0), V(42,3E,3E,7C), V(C4,B5,B5,71), V(AA,66,66,CC), \ + V(D8,48,48,90), V(05,03,03,06), V(01,F6,F6,F7), V(12,0E,0E,1C), \ + V(A3,61,61,C2), V(5F,35,35,6A), V(F9,57,57,AE), V(D0,B9,B9,69), \ + V(91,86,86,17), V(58,C1,C1,99), V(27,1D,1D,3A), V(B9,9E,9E,27), \ + V(38,E1,E1,D9), V(13,F8,F8,EB), V(B3,98,98,2B), V(33,11,11,22), \ + V(BB,69,69,D2), V(70,D9,D9,A9), V(89,8E,8E,07), V(A7,94,94,33), \ + V(B6,9B,9B,2D), V(22,1E,1E,3C), V(92,87,87,15), V(20,E9,E9,C9), \ + V(49,CE,CE,87), V(FF,55,55,AA), V(78,28,28,50), V(7A,DF,DF,A5), \ + V(8F,8C,8C,03), V(F8,A1,A1,59), V(80,89,89,09), V(17,0D,0D,1A), \ + V(DA,BF,BF,65), V(31,E6,E6,D7), V(C6,42,42,84), V(B8,68,68,D0), \ + V(C3,41,41,82), V(B0,99,99,29), V(77,2D,2D,5A), V(11,0F,0F,1E), \ + V(CB,B0,B0,7B), V(FC,54,54,A8), V(D6,BB,BB,6D), V(3A,16,16,2C) + +#define V(a,b,c,d) 0x##a##b##c##d +static const uint32_t FT0[256] = { FT }; +#undef V + +#define V(a,b,c,d) 0x##b##c##d##a +static const uint32_t FT1[256] = { FT }; +#undef V + +#define V(a,b,c,d) 0x##c##d##a##b +static const uint32_t FT2[256] = { FT }; +#undef V + +#define V(a,b,c,d) 0x##d##a##b##c +static const uint32_t FT3[256] = { FT }; +#undef V + +#undef FT + +/* + * Reverse S-box + */ +static const unsigned char RSb[256] = +{ + 0x52, 0x09, 0x6A, 0xD5, 0x30, 0x36, 0xA5, 0x38, + 0xBF, 0x40, 0xA3, 0x9E, 0x81, 0xF3, 0xD7, 0xFB, + 0x7C, 0xE3, 0x39, 0x82, 0x9B, 0x2F, 0xFF, 0x87, + 0x34, 0x8E, 0x43, 0x44, 0xC4, 0xDE, 0xE9, 0xCB, + 0x54, 0x7B, 0x94, 0x32, 0xA6, 0xC2, 0x23, 0x3D, + 0xEE, 0x4C, 0x95, 0x0B, 0x42, 0xFA, 0xC3, 0x4E, + 0x08, 0x2E, 0xA1, 0x66, 0x28, 0xD9, 0x24, 0xB2, + 0x76, 0x5B, 0xA2, 0x49, 0x6D, 0x8B, 0xD1, 0x25, + 0x72, 0xF8, 0xF6, 0x64, 0x86, 0x68, 0x98, 0x16, + 0xD4, 0xA4, 0x5C, 0xCC, 0x5D, 0x65, 0xB6, 0x92, + 0x6C, 0x70, 0x48, 0x50, 0xFD, 0xED, 0xB9, 0xDA, + 0x5E, 0x15, 0x46, 0x57, 0xA7, 0x8D, 0x9D, 0x84, + 0x90, 0xD8, 0xAB, 0x00, 0x8C, 0xBC, 0xD3, 0x0A, + 0xF7, 0xE4, 0x58, 0x05, 0xB8, 0xB3, 0x45, 0x06, + 0xD0, 0x2C, 0x1E, 0x8F, 0xCA, 0x3F, 0x0F, 0x02, + 0xC1, 0xAF, 0xBD, 0x03, 0x01, 0x13, 0x8A, 0x6B, + 0x3A, 0x91, 0x11, 0x41, 0x4F, 0x67, 0xDC, 0xEA, + 0x97, 0xF2, 0xCF, 0xCE, 0xF0, 0xB4, 0xE6, 0x73, + 0x96, 0xAC, 0x74, 0x22, 0xE7, 0xAD, 0x35, 0x85, + 0xE2, 0xF9, 0x37, 0xE8, 0x1C, 0x75, 0xDF, 0x6E, + 0x47, 0xF1, 0x1A, 0x71, 0x1D, 0x29, 0xC5, 0x89, + 0x6F, 0xB7, 0x62, 0x0E, 0xAA, 0x18, 0xBE, 0x1B, + 0xFC, 0x56, 0x3E, 0x4B, 0xC6, 0xD2, 0x79, 0x20, + 0x9A, 0xDB, 0xC0, 0xFE, 0x78, 0xCD, 0x5A, 0xF4, + 0x1F, 0xDD, 0xA8, 0x33, 0x88, 0x07, 0xC7, 0x31, + 0xB1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xEC, 0x5F, + 0x60, 0x51, 0x7F, 0xA9, 0x19, 0xB5, 0x4A, 0x0D, + 0x2D, 0xE5, 0x7A, 0x9F, 0x93, 0xC9, 0x9C, 0xEF, + 0xA0, 0xE0, 0x3B, 0x4D, 0xAE, 0x2A, 0xF5, 0xB0, + 0xC8, 0xEB, 0xBB, 0x3C, 0x83, 0x53, 0x99, 0x61, + 0x17, 0x2B, 0x04, 0x7E, 0xBA, 0x77, 0xD6, 0x26, + 0xE1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0C, 0x7D +}; + +/* + * Reverse tables + */ +#define RT \ +\ + V(50,A7,F4,51), V(53,65,41,7E), V(C3,A4,17,1A), V(96,5E,27,3A), \ + V(CB,6B,AB,3B), V(F1,45,9D,1F), V(AB,58,FA,AC), V(93,03,E3,4B), \ + V(55,FA,30,20), V(F6,6D,76,AD), V(91,76,CC,88), V(25,4C,02,F5), \ + V(FC,D7,E5,4F), V(D7,CB,2A,C5), V(80,44,35,26), V(8F,A3,62,B5), \ + V(49,5A,B1,DE), V(67,1B,BA,25), V(98,0E,EA,45), V(E1,C0,FE,5D), \ + V(02,75,2F,C3), V(12,F0,4C,81), V(A3,97,46,8D), V(C6,F9,D3,6B), \ + V(E7,5F,8F,03), V(95,9C,92,15), V(EB,7A,6D,BF), V(DA,59,52,95), \ + V(2D,83,BE,D4), V(D3,21,74,58), V(29,69,E0,49), V(44,C8,C9,8E), \ + V(6A,89,C2,75), V(78,79,8E,F4), V(6B,3E,58,99), V(DD,71,B9,27), \ + V(B6,4F,E1,BE), V(17,AD,88,F0), V(66,AC,20,C9), V(B4,3A,CE,7D), \ + V(18,4A,DF,63), V(82,31,1A,E5), V(60,33,51,97), V(45,7F,53,62), \ + V(E0,77,64,B1), V(84,AE,6B,BB), V(1C,A0,81,FE), V(94,2B,08,F9), \ + V(58,68,48,70), V(19,FD,45,8F), V(87,6C,DE,94), V(B7,F8,7B,52), \ + V(23,D3,73,AB), V(E2,02,4B,72), V(57,8F,1F,E3), V(2A,AB,55,66), \ + V(07,28,EB,B2), V(03,C2,B5,2F), V(9A,7B,C5,86), V(A5,08,37,D3), \ + V(F2,87,28,30), V(B2,A5,BF,23), V(BA,6A,03,02), V(5C,82,16,ED), \ + V(2B,1C,CF,8A), V(92,B4,79,A7), V(F0,F2,07,F3), V(A1,E2,69,4E), \ + V(CD,F4,DA,65), V(D5,BE,05,06), V(1F,62,34,D1), V(8A,FE,A6,C4), \ + V(9D,53,2E,34), V(A0,55,F3,A2), V(32,E1,8A,05), V(75,EB,F6,A4), \ + V(39,EC,83,0B), V(AA,EF,60,40), V(06,9F,71,5E), V(51,10,6E,BD), \ + V(F9,8A,21,3E), V(3D,06,DD,96), V(AE,05,3E,DD), V(46,BD,E6,4D), \ + V(B5,8D,54,91), V(05,5D,C4,71), V(6F,D4,06,04), V(FF,15,50,60), \ + V(24,FB,98,19), V(97,E9,BD,D6), V(CC,43,40,89), V(77,9E,D9,67), \ + V(BD,42,E8,B0), V(88,8B,89,07), V(38,5B,19,E7), V(DB,EE,C8,79), \ + V(47,0A,7C,A1), V(E9,0F,42,7C), V(C9,1E,84,F8), V(00,00,00,00), \ + V(83,86,80,09), V(48,ED,2B,32), V(AC,70,11,1E), V(4E,72,5A,6C), \ + V(FB,FF,0E,FD), V(56,38,85,0F), V(1E,D5,AE,3D), V(27,39,2D,36), \ + V(64,D9,0F,0A), V(21,A6,5C,68), V(D1,54,5B,9B), V(3A,2E,36,24), \ + V(B1,67,0A,0C), V(0F,E7,57,93), V(D2,96,EE,B4), V(9E,91,9B,1B), \ + V(4F,C5,C0,80), V(A2,20,DC,61), V(69,4B,77,5A), V(16,1A,12,1C), \ + V(0A,BA,93,E2), V(E5,2A,A0,C0), V(43,E0,22,3C), V(1D,17,1B,12), \ + V(0B,0D,09,0E), V(AD,C7,8B,F2), V(B9,A8,B6,2D), V(C8,A9,1E,14), \ + V(85,19,F1,57), V(4C,07,75,AF), V(BB,DD,99,EE), V(FD,60,7F,A3), \ + V(9F,26,01,F7), V(BC,F5,72,5C), V(C5,3B,66,44), V(34,7E,FB,5B), \ + V(76,29,43,8B), V(DC,C6,23,CB), V(68,FC,ED,B6), V(63,F1,E4,B8), \ + V(CA,DC,31,D7), V(10,85,63,42), V(40,22,97,13), V(20,11,C6,84), \ + V(7D,24,4A,85), V(F8,3D,BB,D2), V(11,32,F9,AE), V(6D,A1,29,C7), \ + V(4B,2F,9E,1D), V(F3,30,B2,DC), V(EC,52,86,0D), V(D0,E3,C1,77), \ + V(6C,16,B3,2B), V(99,B9,70,A9), V(FA,48,94,11), V(22,64,E9,47), \ + V(C4,8C,FC,A8), V(1A,3F,F0,A0), V(D8,2C,7D,56), V(EF,90,33,22), \ + V(C7,4E,49,87), V(C1,D1,38,D9), V(FE,A2,CA,8C), V(36,0B,D4,98), \ + V(CF,81,F5,A6), V(28,DE,7A,A5), V(26,8E,B7,DA), V(A4,BF,AD,3F), \ + V(E4,9D,3A,2C), V(0D,92,78,50), V(9B,CC,5F,6A), V(62,46,7E,54), \ + V(C2,13,8D,F6), V(E8,B8,D8,90), V(5E,F7,39,2E), V(F5,AF,C3,82), \ + V(BE,80,5D,9F), V(7C,93,D0,69), V(A9,2D,D5,6F), V(B3,12,25,CF), \ + V(3B,99,AC,C8), V(A7,7D,18,10), V(6E,63,9C,E8), V(7B,BB,3B,DB), \ + V(09,78,26,CD), V(F4,18,59,6E), V(01,B7,9A,EC), V(A8,9A,4F,83), \ + V(65,6E,95,E6), V(7E,E6,FF,AA), V(08,CF,BC,21), V(E6,E8,15,EF), \ + V(D9,9B,E7,BA), V(CE,36,6F,4A), V(D4,09,9F,EA), V(D6,7C,B0,29), \ + V(AF,B2,A4,31), V(31,23,3F,2A), V(30,94,A5,C6), V(C0,66,A2,35), \ + V(37,BC,4E,74), V(A6,CA,82,FC), V(B0,D0,90,E0), V(15,D8,A7,33), \ + V(4A,98,04,F1), V(F7,DA,EC,41), V(0E,50,CD,7F), V(2F,F6,91,17), \ + V(8D,D6,4D,76), V(4D,B0,EF,43), V(54,4D,AA,CC), V(DF,04,96,E4), \ + V(E3,B5,D1,9E), V(1B,88,6A,4C), V(B8,1F,2C,C1), V(7F,51,65,46), \ + V(04,EA,5E,9D), V(5D,35,8C,01), V(73,74,87,FA), V(2E,41,0B,FB), \ + V(5A,1D,67,B3), V(52,D2,DB,92), V(33,56,10,E9), V(13,47,D6,6D), \ + V(8C,61,D7,9A), V(7A,0C,A1,37), V(8E,14,F8,59), V(89,3C,13,EB), \ + V(EE,27,A9,CE), V(35,C9,61,B7), V(ED,E5,1C,E1), V(3C,B1,47,7A), \ + V(59,DF,D2,9C), V(3F,73,F2,55), V(79,CE,14,18), V(BF,37,C7,73), \ + V(EA,CD,F7,53), V(5B,AA,FD,5F), V(14,6F,3D,DF), V(86,DB,44,78), \ + V(81,F3,AF,CA), V(3E,C4,68,B9), V(2C,34,24,38), V(5F,40,A3,C2), \ + V(72,C3,1D,16), V(0C,25,E2,BC), V(8B,49,3C,28), V(41,95,0D,FF), \ + V(71,01,A8,39), V(DE,B3,0C,08), V(9C,E4,B4,D8), V(90,C1,56,64), \ + V(61,84,CB,7B), V(70,B6,32,D5), V(74,5C,6C,48), V(42,57,B8,D0) + +#define V(a,b,c,d) 0x##a##b##c##d +static const uint32_t RT0[256] = { RT }; +#undef V + +#define V(a,b,c,d) 0x##b##c##d##a +static const uint32_t RT1[256] = { RT }; +#undef V + +#define V(a,b,c,d) 0x##c##d##a##b +static const uint32_t RT2[256] = { RT }; +#undef V + +#define V(a,b,c,d) 0x##d##a##b##c +static const uint32_t RT3[256] = { RT }; +#undef V + +#undef RT + +/* + * Round constants + */ +static const uint32_t RCON[10] = +{ + 0x00000001, 0x00000002, 0x00000004, 0x00000008, + 0x00000010, 0x00000020, 0x00000040, 0x00000080, + 0x0000001B, 0x00000036 +}; + +#else + +/* + * Forward S-box & tables + */ +static unsigned char FSb[256]; +static uint32_t FT0[256]; +static uint32_t FT1[256]; +static uint32_t FT2[256]; +static uint32_t FT3[256]; + +/* + * Reverse S-box & tables + */ +static unsigned char RSb[256]; +static uint32_t RT0[256]; +static uint32_t RT1[256]; +static uint32_t RT2[256]; +static uint32_t RT3[256]; + +/* + * Round constants + */ +static uint32_t RCON[10]; + +/* + * Tables generation code + */ +#define ROTL8(x) ( ( x << 8 ) & 0xFFFFFFFF ) | ( x >> 24 ) +#define XTIME(x) ( ( x << 1 ) ^ ( ( x & 0x80 ) ? 0x1B : 0x00 ) ) +#define MUL(x,y) ( ( x && y ) ? pow[(log[x]+log[y]) % 255] : 0 ) + +static int aes_init_done = 0; + +static void aes_gen_tables( void ) +{ + int i, x, y, z; + int pow[256]; + int log[256]; + + /* + * compute pow and log tables over GF(2^8) + */ + for( i = 0, x = 1; i < 256; i++ ) + { + pow[i] = x; + log[x] = i; + x = ( x ^ XTIME( x ) ) & 0xFF; + } + + /* + * calculate the round constants + */ + for( i = 0, x = 1; i < 10; i++ ) + { + RCON[i] = (uint32_t) x; + x = XTIME( x ) & 0xFF; + } + + /* + * generate the forward and reverse S-boxes + */ + FSb[0x00] = 0x63; + RSb[0x63] = 0x00; + + for( i = 1; i < 256; i++ ) + { + x = pow[255 - log[i]]; + + y = x; y = ( (y << 1) | (y >> 7) ) & 0xFF; + x ^= y; y = ( (y << 1) | (y >> 7) ) & 0xFF; + x ^= y; y = ( (y << 1) | (y >> 7) ) & 0xFF; + x ^= y; y = ( (y << 1) | (y >> 7) ) & 0xFF; + x ^= y ^ 0x63; + + FSb[i] = (unsigned char) x; + RSb[x] = (unsigned char) i; + } + + /* + * generate the forward and reverse tables + */ + for( i = 0; i < 256; i++ ) + { + x = FSb[i]; + y = XTIME( x ) & 0xFF; + z = ( y ^ x ) & 0xFF; + + FT0[i] = ( (uint32_t) y ) ^ + ( (uint32_t) x << 8 ) ^ + ( (uint32_t) x << 16 ) ^ + ( (uint32_t) z << 24 ); + + FT1[i] = ROTL8( FT0[i] ); + FT2[i] = ROTL8( FT1[i] ); + FT3[i] = ROTL8( FT2[i] ); + + x = RSb[i]; + + RT0[i] = ( (uint32_t) MUL( 0x0E, x ) ) ^ + ( (uint32_t) MUL( 0x09, x ) << 8 ) ^ + ( (uint32_t) MUL( 0x0D, x ) << 16 ) ^ + ( (uint32_t) MUL( 0x0B, x ) << 24 ); + + RT1[i] = ROTL8( RT0[i] ); + RT2[i] = ROTL8( RT1[i] ); + RT3[i] = ROTL8( RT2[i] ); + } +} + +#endif + +/* + * AES key schedule (encryption) + */ +int aes_setkey_enc( aes_context *ctx, const unsigned char *key, unsigned int keysize ) +{ + unsigned int i; + uint32_t *RK; + +#if !defined(POLARSSL_AES_ROM_TABLES) + if( aes_init_done == 0 ) + { + aes_gen_tables(); + aes_init_done = 1; + + } +#endif + + switch( keysize ) + { + case 128: ctx->nr = 10; break; + case 192: ctx->nr = 12; break; + case 256: ctx->nr = 14; break; + default : return( POLARSSL_ERR_AES_INVALID_KEY_LENGTH ); + } + +#if defined(POLARSSL_PADLOCK_C) && defined(PADLOCK_ALIGN16) + if( aes_padlock_ace == -1 ) + aes_padlock_ace = padlock_supports( PADLOCK_ACE ); + + if( aes_padlock_ace ) + ctx->rk = RK = PADLOCK_ALIGN16( ctx->buf ); + else +#endif + ctx->rk = RK = ctx->buf; + + for( i = 0; i < (keysize >> 5); i++ ) + { + GET_UINT32_LE( RK[i], key, i << 2 ); + } + + switch( ctx->nr ) + { + case 10: + + for( i = 0; i < 10; i++, RK += 4 ) + { + RK[4] = RK[0] ^ RCON[i] ^ + ( (uint32_t) FSb[ ( RK[3] >> 8 ) & 0xFF ] ) ^ + ( (uint32_t) FSb[ ( RK[3] >> 16 ) & 0xFF ] << 8 ) ^ + ( (uint32_t) FSb[ ( RK[3] >> 24 ) & 0xFF ] << 16 ) ^ + ( (uint32_t) FSb[ ( RK[3] ) & 0xFF ] << 24 ); + + RK[5] = RK[1] ^ RK[4]; + RK[6] = RK[2] ^ RK[5]; + RK[7] = RK[3] ^ RK[6]; + } + break; + + case 12: + + for( i = 0; i < 8; i++, RK += 6 ) + { + RK[6] = RK[0] ^ RCON[i] ^ + ( (uint32_t) FSb[ ( RK[5] >> 8 ) & 0xFF ] ) ^ + ( (uint32_t) FSb[ ( RK[5] >> 16 ) & 0xFF ] << 8 ) ^ + ( (uint32_t) FSb[ ( RK[5] >> 24 ) & 0xFF ] << 16 ) ^ + ( (uint32_t) FSb[ ( RK[5] ) & 0xFF ] << 24 ); + + RK[7] = RK[1] ^ RK[6]; + RK[8] = RK[2] ^ RK[7]; + RK[9] = RK[3] ^ RK[8]; + RK[10] = RK[4] ^ RK[9]; + RK[11] = RK[5] ^ RK[10]; + } + break; + + case 14: + + for( i = 0; i < 7; i++, RK += 8 ) + { + RK[8] = RK[0] ^ RCON[i] ^ + ( (uint32_t) FSb[ ( RK[7] >> 8 ) & 0xFF ] ) ^ + ( (uint32_t) FSb[ ( RK[7] >> 16 ) & 0xFF ] << 8 ) ^ + ( (uint32_t) FSb[ ( RK[7] >> 24 ) & 0xFF ] << 16 ) ^ + ( (uint32_t) FSb[ ( RK[7] ) & 0xFF ] << 24 ); + + RK[9] = RK[1] ^ RK[8]; + RK[10] = RK[2] ^ RK[9]; + RK[11] = RK[3] ^ RK[10]; + + RK[12] = RK[4] ^ + ( (uint32_t) FSb[ ( RK[11] ) & 0xFF ] ) ^ + ( (uint32_t) FSb[ ( RK[11] >> 8 ) & 0xFF ] << 8 ) ^ + ( (uint32_t) FSb[ ( RK[11] >> 16 ) & 0xFF ] << 16 ) ^ + ( (uint32_t) FSb[ ( RK[11] >> 24 ) & 0xFF ] << 24 ); + + RK[13] = RK[5] ^ RK[12]; + RK[14] = RK[6] ^ RK[13]; + RK[15] = RK[7] ^ RK[14]; + } + break; + + default: + + break; + } + + return( 0 ); +} + +/* + * AES key schedule (decryption) + */ +int aes_setkey_dec( aes_context *ctx, const unsigned char *key, unsigned int keysize ) +{ + int i, j; + aes_context cty; + uint32_t *RK; + uint32_t *SK; + int ret; + + switch( keysize ) + { + case 128: ctx->nr = 10; break; + case 192: ctx->nr = 12; break; + case 256: ctx->nr = 14; break; + default : return( POLARSSL_ERR_AES_INVALID_KEY_LENGTH ); + } + +#if defined(POLARSSL_PADLOCK_C) && defined(PADLOCK_ALIGN16) + if( aes_padlock_ace == -1 ) + aes_padlock_ace = padlock_supports( PADLOCK_ACE ); + + if( aes_padlock_ace ) + ctx->rk = RK = PADLOCK_ALIGN16( ctx->buf ); + else +#endif + ctx->rk = RK = ctx->buf; + + ret = aes_setkey_enc( &cty, key, keysize ); + if( ret != 0 ) + return( ret ); + + SK = cty.rk + cty.nr * 4; + + *RK++ = *SK++; + *RK++ = *SK++; + *RK++ = *SK++; + *RK++ = *SK++; + + for( i = ctx->nr - 1, SK -= 8; i > 0; i--, SK -= 8 ) + { + for( j = 0; j < 4; j++, SK++ ) + { + *RK++ = RT0[ FSb[ ( *SK ) & 0xFF ] ] ^ + RT1[ FSb[ ( *SK >> 8 ) & 0xFF ] ] ^ + RT2[ FSb[ ( *SK >> 16 ) & 0xFF ] ] ^ + RT3[ FSb[ ( *SK >> 24 ) & 0xFF ] ]; + } + } + + *RK++ = *SK++; + *RK++ = *SK++; + *RK++ = *SK++; + *RK++ = *SK++; + + memset( &cty, 0, sizeof( aes_context ) ); + + return( 0 ); +} + +#define AES_FROUND(X0,X1,X2,X3,Y0,Y1,Y2,Y3) \ +{ \ + X0 = *RK++ ^ FT0[ ( Y0 ) & 0xFF ] ^ \ + FT1[ ( Y1 >> 8 ) & 0xFF ] ^ \ + FT2[ ( Y2 >> 16 ) & 0xFF ] ^ \ + FT3[ ( Y3 >> 24 ) & 0xFF ]; \ + \ + X1 = *RK++ ^ FT0[ ( Y1 ) & 0xFF ] ^ \ + FT1[ ( Y2 >> 8 ) & 0xFF ] ^ \ + FT2[ ( Y3 >> 16 ) & 0xFF ] ^ \ + FT3[ ( Y0 >> 24 ) & 0xFF ]; \ + \ + X2 = *RK++ ^ FT0[ ( Y2 ) & 0xFF ] ^ \ + FT1[ ( Y3 >> 8 ) & 0xFF ] ^ \ + FT2[ ( Y0 >> 16 ) & 0xFF ] ^ \ + FT3[ ( Y1 >> 24 ) & 0xFF ]; \ + \ + X3 = *RK++ ^ FT0[ ( Y3 ) & 0xFF ] ^ \ + FT1[ ( Y0 >> 8 ) & 0xFF ] ^ \ + FT2[ ( Y1 >> 16 ) & 0xFF ] ^ \ + FT3[ ( Y2 >> 24 ) & 0xFF ]; \ +} + +#define AES_RROUND(X0,X1,X2,X3,Y0,Y1,Y2,Y3) \ +{ \ + X0 = *RK++ ^ RT0[ ( Y0 ) & 0xFF ] ^ \ + RT1[ ( Y3 >> 8 ) & 0xFF ] ^ \ + RT2[ ( Y2 >> 16 ) & 0xFF ] ^ \ + RT3[ ( Y1 >> 24 ) & 0xFF ]; \ + \ + X1 = *RK++ ^ RT0[ ( Y1 ) & 0xFF ] ^ \ + RT1[ ( Y0 >> 8 ) & 0xFF ] ^ \ + RT2[ ( Y3 >> 16 ) & 0xFF ] ^ \ + RT3[ ( Y2 >> 24 ) & 0xFF ]; \ + \ + X2 = *RK++ ^ RT0[ ( Y2 ) & 0xFF ] ^ \ + RT1[ ( Y1 >> 8 ) & 0xFF ] ^ \ + RT2[ ( Y0 >> 16 ) & 0xFF ] ^ \ + RT3[ ( Y3 >> 24 ) & 0xFF ]; \ + \ + X3 = *RK++ ^ RT0[ ( Y3 ) & 0xFF ] ^ \ + RT1[ ( Y2 >> 8 ) & 0xFF ] ^ \ + RT2[ ( Y1 >> 16 ) & 0xFF ] ^ \ + RT3[ ( Y0 >> 24 ) & 0xFF ]; \ +} + +/* + * AES-ECB block encryption/decryption + */ +int aes_crypt_ecb( aes_context *ctx, + int mode, + const unsigned char input[16], + unsigned char output[16] ) +{ + int i; + uint32_t *RK, X0, X1, X2, X3, Y0, Y1, Y2, Y3; + +#if defined(POLARSSL_PADLOCK_C) && defined(POLARSSL_HAVE_X86) + if( aes_padlock_ace ) + { + if( padlock_xcryptecb( ctx, mode, input, output ) == 0 ) + return( 0 ); + + // If padlock data misaligned, we just fall back to + // unaccelerated mode + // + } +#endif + + RK = ctx->rk; + + GET_UINT32_LE( X0, input, 0 ); X0 ^= *RK++; + GET_UINT32_LE( X1, input, 4 ); X1 ^= *RK++; + GET_UINT32_LE( X2, input, 8 ); X2 ^= *RK++; + GET_UINT32_LE( X3, input, 12 ); X3 ^= *RK++; + + if( mode == AES_DECRYPT ) + { + for( i = (ctx->nr >> 1) - 1; i > 0; i-- ) + { + AES_RROUND( Y0, Y1, Y2, Y3, X0, X1, X2, X3 ); + AES_RROUND( X0, X1, X2, X3, Y0, Y1, Y2, Y3 ); + } + + AES_RROUND( Y0, Y1, Y2, Y3, X0, X1, X2, X3 ); + + X0 = *RK++ ^ \ + ( (uint32_t) RSb[ ( Y0 ) & 0xFF ] ) ^ + ( (uint32_t) RSb[ ( Y3 >> 8 ) & 0xFF ] << 8 ) ^ + ( (uint32_t) RSb[ ( Y2 >> 16 ) & 0xFF ] << 16 ) ^ + ( (uint32_t) RSb[ ( Y1 >> 24 ) & 0xFF ] << 24 ); + + X1 = *RK++ ^ \ + ( (uint32_t) RSb[ ( Y1 ) & 0xFF ] ) ^ + ( (uint32_t) RSb[ ( Y0 >> 8 ) & 0xFF ] << 8 ) ^ + ( (uint32_t) RSb[ ( Y3 >> 16 ) & 0xFF ] << 16 ) ^ + ( (uint32_t) RSb[ ( Y2 >> 24 ) & 0xFF ] << 24 ); + + X2 = *RK++ ^ \ + ( (uint32_t) RSb[ ( Y2 ) & 0xFF ] ) ^ + ( (uint32_t) RSb[ ( Y1 >> 8 ) & 0xFF ] << 8 ) ^ + ( (uint32_t) RSb[ ( Y0 >> 16 ) & 0xFF ] << 16 ) ^ + ( (uint32_t) RSb[ ( Y3 >> 24 ) & 0xFF ] << 24 ); + + X3 = *RK++ ^ \ + ( (uint32_t) RSb[ ( Y3 ) & 0xFF ] ) ^ + ( (uint32_t) RSb[ ( Y2 >> 8 ) & 0xFF ] << 8 ) ^ + ( (uint32_t) RSb[ ( Y1 >> 16 ) & 0xFF ] << 16 ) ^ + ( (uint32_t) RSb[ ( Y0 >> 24 ) & 0xFF ] << 24 ); + } + else /* AES_ENCRYPT */ + { + for( i = (ctx->nr >> 1) - 1; i > 0; i-- ) + { + AES_FROUND( Y0, Y1, Y2, Y3, X0, X1, X2, X3 ); + AES_FROUND( X0, X1, X2, X3, Y0, Y1, Y2, Y3 ); + } + + AES_FROUND( Y0, Y1, Y2, Y3, X0, X1, X2, X3 ); + + X0 = *RK++ ^ \ + ( (uint32_t) FSb[ ( Y0 ) & 0xFF ] ) ^ + ( (uint32_t) FSb[ ( Y1 >> 8 ) & 0xFF ] << 8 ) ^ + ( (uint32_t) FSb[ ( Y2 >> 16 ) & 0xFF ] << 16 ) ^ + ( (uint32_t) FSb[ ( Y3 >> 24 ) & 0xFF ] << 24 ); + + X1 = *RK++ ^ \ + ( (uint32_t) FSb[ ( Y1 ) & 0xFF ] ) ^ + ( (uint32_t) FSb[ ( Y2 >> 8 ) & 0xFF ] << 8 ) ^ + ( (uint32_t) FSb[ ( Y3 >> 16 ) & 0xFF ] << 16 ) ^ + ( (uint32_t) FSb[ ( Y0 >> 24 ) & 0xFF ] << 24 ); + + X2 = *RK++ ^ \ + ( (uint32_t) FSb[ ( Y2 ) & 0xFF ] ) ^ + ( (uint32_t) FSb[ ( Y3 >> 8 ) & 0xFF ] << 8 ) ^ + ( (uint32_t) FSb[ ( Y0 >> 16 ) & 0xFF ] << 16 ) ^ + ( (uint32_t) FSb[ ( Y1 >> 24 ) & 0xFF ] << 24 ); + + X3 = *RK++ ^ \ + ( (uint32_t) FSb[ ( Y3 ) & 0xFF ] ) ^ + ( (uint32_t) FSb[ ( Y0 >> 8 ) & 0xFF ] << 8 ) ^ + ( (uint32_t) FSb[ ( Y1 >> 16 ) & 0xFF ] << 16 ) ^ + ( (uint32_t) FSb[ ( Y2 >> 24 ) & 0xFF ] << 24 ); + } + + PUT_UINT32_LE( X0, output, 0 ); + PUT_UINT32_LE( X1, output, 4 ); + PUT_UINT32_LE( X2, output, 8 ); + PUT_UINT32_LE( X3, output, 12 ); + + return( 0 ); +} + +/* + * AES-CBC buffer encryption/decryption + */ +int aes_crypt_cbc( aes_context *ctx, + int mode, + size_t length, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output ) +{ + int i; + unsigned char temp[16]; + + if( length % 16 ) + return( POLARSSL_ERR_AES_INVALID_INPUT_LENGTH ); + +#if defined(POLARSSL_PADLOCK_C) && defined(POLARSSL_HAVE_X86) + if( aes_padlock_ace ) + { + if( padlock_xcryptcbc( ctx, mode, length, iv, input, output ) == 0 ) + return( 0 ); + + // If padlock data misaligned, we just fall back to + // unaccelerated mode + // + } +#endif + + if( mode == AES_DECRYPT ) + { + while( length > 0 ) + { + memcpy( temp, input, 16 ); + aes_crypt_ecb( ctx, mode, input, output ); + + for( i = 0; i < 16; i++ ) + output[i] = (unsigned char)( output[i] ^ iv[i] ); + + memcpy( iv, temp, 16 ); + + input += 16; + output += 16; + length -= 16; + } + } + else + { + while( length > 0 ) + { + for( i = 0; i < 16; i++ ) + output[i] = (unsigned char)( input[i] ^ iv[i] ); + + aes_crypt_ecb( ctx, mode, output, output ); + memcpy( iv, output, 16 ); + + input += 16; + output += 16; + length -= 16; + } + } + + return( 0 ); +} + +#if defined(POLARSSL_CIPHER_MODE_CFB) +/* + * AES-CFB128 buffer encryption/decryption + */ +int aes_crypt_cfb128( aes_context *ctx, + int mode, + size_t length, + size_t *iv_off, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output ) +{ + int c; + size_t n = *iv_off; + + if( mode == AES_DECRYPT ) + { + while( length-- ) + { + if( n == 0 ) + aes_crypt_ecb( ctx, AES_ENCRYPT, iv, iv ); + + c = *input++; + *output++ = (unsigned char)( c ^ iv[n] ); + iv[n] = (unsigned char) c; + + n = (n + 1) & 0x0F; + } + } + else + { + while( length-- ) + { + if( n == 0 ) + aes_crypt_ecb( ctx, AES_ENCRYPT, iv, iv ); + + iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ ); + + n = (n + 1) & 0x0F; + } + } + + *iv_off = n; + + return( 0 ); +} +#endif /*POLARSSL_CIPHER_MODE_CFB */ + +#if defined(POLARSSL_CIPHER_MODE_CTR) +/* + * AES-CTR buffer encryption/decryption + */ +int aes_crypt_ctr( aes_context *ctx, + size_t length, + size_t *nc_off, + unsigned char nonce_counter[16], + unsigned char stream_block[16], + const unsigned char *input, + unsigned char *output ) +{ + int c, i; + size_t n = *nc_off; + + while( length-- ) + { + if( n == 0 ) { + aes_crypt_ecb( ctx, AES_ENCRYPT, nonce_counter, stream_block ); + + for( i = 16; i > 0; i-- ) + if( ++nonce_counter[i - 1] != 0 ) + break; + } + c = *input++; + *output++ = (unsigned char)( c ^ stream_block[n] ); + + n = (n + 1) & 0x0F; + } + + *nc_off = n; + + return( 0 ); +} +#endif /* POLARSSL_CIPHER_MODE_CTR */ +#endif /* !POLARSSL_AES_ALT */ + +#if defined(POLARSSL_SELF_TEST) + +#include + +/* + * AES test vectors from: + * + * http://csrc.nist.gov/archive/aes/rijndael/rijndael-vals.zip + */ +static const unsigned char aes_test_ecb_dec[3][16] = +{ + { 0x44, 0x41, 0x6A, 0xC2, 0xD1, 0xF5, 0x3C, 0x58, + 0x33, 0x03, 0x91, 0x7E, 0x6B, 0xE9, 0xEB, 0xE0 }, + { 0x48, 0xE3, 0x1E, 0x9E, 0x25, 0x67, 0x18, 0xF2, + 0x92, 0x29, 0x31, 0x9C, 0x19, 0xF1, 0x5B, 0xA4 }, + { 0x05, 0x8C, 0xCF, 0xFD, 0xBB, 0xCB, 0x38, 0x2D, + 0x1F, 0x6F, 0x56, 0x58, 0x5D, 0x8A, 0x4A, 0xDE } +}; + +static const unsigned char aes_test_ecb_enc[3][16] = +{ + { 0xC3, 0x4C, 0x05, 0x2C, 0xC0, 0xDA, 0x8D, 0x73, + 0x45, 0x1A, 0xFE, 0x5F, 0x03, 0xBE, 0x29, 0x7F }, + { 0xF3, 0xF6, 0x75, 0x2A, 0xE8, 0xD7, 0x83, 0x11, + 0x38, 0xF0, 0x41, 0x56, 0x06, 0x31, 0xB1, 0x14 }, + { 0x8B, 0x79, 0xEE, 0xCC, 0x93, 0xA0, 0xEE, 0x5D, + 0xFF, 0x30, 0xB4, 0xEA, 0x21, 0x63, 0x6D, 0xA4 } +}; + +static const unsigned char aes_test_cbc_dec[3][16] = +{ + { 0xFA, 0xCA, 0x37, 0xE0, 0xB0, 0xC8, 0x53, 0x73, + 0xDF, 0x70, 0x6E, 0x73, 0xF7, 0xC9, 0xAF, 0x86 }, + { 0x5D, 0xF6, 0x78, 0xDD, 0x17, 0xBA, 0x4E, 0x75, + 0xB6, 0x17, 0x68, 0xC6, 0xAD, 0xEF, 0x7C, 0x7B }, + { 0x48, 0x04, 0xE1, 0x81, 0x8F, 0xE6, 0x29, 0x75, + 0x19, 0xA3, 0xE8, 0x8C, 0x57, 0x31, 0x04, 0x13 } +}; + +static const unsigned char aes_test_cbc_enc[3][16] = +{ + { 0x8A, 0x05, 0xFC, 0x5E, 0x09, 0x5A, 0xF4, 0x84, + 0x8A, 0x08, 0xD3, 0x28, 0xD3, 0x68, 0x8E, 0x3D }, + { 0x7B, 0xD9, 0x66, 0xD5, 0x3A, 0xD8, 0xC1, 0xBB, + 0x85, 0xD2, 0xAD, 0xFA, 0xE8, 0x7B, 0xB1, 0x04 }, + { 0xFE, 0x3C, 0x53, 0x65, 0x3E, 0x2F, 0x45, 0xB5, + 0x6F, 0xCD, 0x88, 0xB2, 0xCC, 0x89, 0x8F, 0xF0 } +}; + +#if defined(POLARSSL_CIPHER_MODE_CFB) +/* + * AES-CFB128 test vectors from: + * + * http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf + */ +static const unsigned char aes_test_cfb128_key[3][32] = +{ + { 0x2B, 0x7E, 0x15, 0x16, 0x28, 0xAE, 0xD2, 0xA6, + 0xAB, 0xF7, 0x15, 0x88, 0x09, 0xCF, 0x4F, 0x3C }, + { 0x8E, 0x73, 0xB0, 0xF7, 0xDA, 0x0E, 0x64, 0x52, + 0xC8, 0x10, 0xF3, 0x2B, 0x80, 0x90, 0x79, 0xE5, + 0x62, 0xF8, 0xEA, 0xD2, 0x52, 0x2C, 0x6B, 0x7B }, + { 0x60, 0x3D, 0xEB, 0x10, 0x15, 0xCA, 0x71, 0xBE, + 0x2B, 0x73, 0xAE, 0xF0, 0x85, 0x7D, 0x77, 0x81, + 0x1F, 0x35, 0x2C, 0x07, 0x3B, 0x61, 0x08, 0xD7, + 0x2D, 0x98, 0x10, 0xA3, 0x09, 0x14, 0xDF, 0xF4 } +}; + +static const unsigned char aes_test_cfb128_iv[16] = +{ + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F +}; + +static const unsigned char aes_test_cfb128_pt[64] = +{ + 0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96, + 0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A, + 0xAE, 0x2D, 0x8A, 0x57, 0x1E, 0x03, 0xAC, 0x9C, + 0x9E, 0xB7, 0x6F, 0xAC, 0x45, 0xAF, 0x8E, 0x51, + 0x30, 0xC8, 0x1C, 0x46, 0xA3, 0x5C, 0xE4, 0x11, + 0xE5, 0xFB, 0xC1, 0x19, 0x1A, 0x0A, 0x52, 0xEF, + 0xF6, 0x9F, 0x24, 0x45, 0xDF, 0x4F, 0x9B, 0x17, + 0xAD, 0x2B, 0x41, 0x7B, 0xE6, 0x6C, 0x37, 0x10 +}; + +static const unsigned char aes_test_cfb128_ct[3][64] = +{ + { 0x3B, 0x3F, 0xD9, 0x2E, 0xB7, 0x2D, 0xAD, 0x20, + 0x33, 0x34, 0x49, 0xF8, 0xE8, 0x3C, 0xFB, 0x4A, + 0xC8, 0xA6, 0x45, 0x37, 0xA0, 0xB3, 0xA9, 0x3F, + 0xCD, 0xE3, 0xCD, 0xAD, 0x9F, 0x1C, 0xE5, 0x8B, + 0x26, 0x75, 0x1F, 0x67, 0xA3, 0xCB, 0xB1, 0x40, + 0xB1, 0x80, 0x8C, 0xF1, 0x87, 0xA4, 0xF4, 0xDF, + 0xC0, 0x4B, 0x05, 0x35, 0x7C, 0x5D, 0x1C, 0x0E, + 0xEA, 0xC4, 0xC6, 0x6F, 0x9F, 0xF7, 0xF2, 0xE6 }, + { 0xCD, 0xC8, 0x0D, 0x6F, 0xDD, 0xF1, 0x8C, 0xAB, + 0x34, 0xC2, 0x59, 0x09, 0xC9, 0x9A, 0x41, 0x74, + 0x67, 0xCE, 0x7F, 0x7F, 0x81, 0x17, 0x36, 0x21, + 0x96, 0x1A, 0x2B, 0x70, 0x17, 0x1D, 0x3D, 0x7A, + 0x2E, 0x1E, 0x8A, 0x1D, 0xD5, 0x9B, 0x88, 0xB1, + 0xC8, 0xE6, 0x0F, 0xED, 0x1E, 0xFA, 0xC4, 0xC9, + 0xC0, 0x5F, 0x9F, 0x9C, 0xA9, 0x83, 0x4F, 0xA0, + 0x42, 0xAE, 0x8F, 0xBA, 0x58, 0x4B, 0x09, 0xFF }, + { 0xDC, 0x7E, 0x84, 0xBF, 0xDA, 0x79, 0x16, 0x4B, + 0x7E, 0xCD, 0x84, 0x86, 0x98, 0x5D, 0x38, 0x60, + 0x39, 0xFF, 0xED, 0x14, 0x3B, 0x28, 0xB1, 0xC8, + 0x32, 0x11, 0x3C, 0x63, 0x31, 0xE5, 0x40, 0x7B, + 0xDF, 0x10, 0x13, 0x24, 0x15, 0xE5, 0x4B, 0x92, + 0xA1, 0x3E, 0xD0, 0xA8, 0x26, 0x7A, 0xE2, 0xF9, + 0x75, 0xA3, 0x85, 0x74, 0x1A, 0xB9, 0xCE, 0xF8, + 0x20, 0x31, 0x62, 0x3D, 0x55, 0xB1, 0xE4, 0x71 } +}; +#endif /* POLARSSL_CIPHER_MODE_CFB */ + +#if defined(POLARSSL_CIPHER_MODE_CTR) +/* + * AES-CTR test vectors from: + * + * http://www.faqs.org/rfcs/rfc3686.html + */ + +static const unsigned char aes_test_ctr_key[3][16] = +{ + { 0xAE, 0x68, 0x52, 0xF8, 0x12, 0x10, 0x67, 0xCC, + 0x4B, 0xF7, 0xA5, 0x76, 0x55, 0x77, 0xF3, 0x9E }, + { 0x7E, 0x24, 0x06, 0x78, 0x17, 0xFA, 0xE0, 0xD7, + 0x43, 0xD6, 0xCE, 0x1F, 0x32, 0x53, 0x91, 0x63 }, + { 0x76, 0x91, 0xBE, 0x03, 0x5E, 0x50, 0x20, 0xA8, + 0xAC, 0x6E, 0x61, 0x85, 0x29, 0xF9, 0xA0, 0xDC } +}; + +static const unsigned char aes_test_ctr_nonce_counter[3][16] = +{ + { 0x00, 0x00, 0x00, 0x30, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 }, + { 0x00, 0x6C, 0xB6, 0xDB, 0xC0, 0x54, 0x3B, 0x59, + 0xDA, 0x48, 0xD9, 0x0B, 0x00, 0x00, 0x00, 0x01 }, + { 0x00, 0xE0, 0x01, 0x7B, 0x27, 0x77, 0x7F, 0x3F, + 0x4A, 0x17, 0x86, 0xF0, 0x00, 0x00, 0x00, 0x01 } +}; + +static const unsigned char aes_test_ctr_pt[3][48] = +{ + { 0x53, 0x69, 0x6E, 0x67, 0x6C, 0x65, 0x20, 0x62, + 0x6C, 0x6F, 0x63, 0x6B, 0x20, 0x6D, 0x73, 0x67 }, + + { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F }, + + { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, + 0x20, 0x21, 0x22, 0x23 } +}; + +static const unsigned char aes_test_ctr_ct[3][48] = +{ + { 0xE4, 0x09, 0x5D, 0x4F, 0xB7, 0xA7, 0xB3, 0x79, + 0x2D, 0x61, 0x75, 0xA3, 0x26, 0x13, 0x11, 0xB8 }, + { 0x51, 0x04, 0xA1, 0x06, 0x16, 0x8A, 0x72, 0xD9, + 0x79, 0x0D, 0x41, 0xEE, 0x8E, 0xDA, 0xD3, 0x88, + 0xEB, 0x2E, 0x1E, 0xFC, 0x46, 0xDA, 0x57, 0xC8, + 0xFC, 0xE6, 0x30, 0xDF, 0x91, 0x41, 0xBE, 0x28 }, + { 0xC1, 0xCF, 0x48, 0xA8, 0x9F, 0x2F, 0xFD, 0xD9, + 0xCF, 0x46, 0x52, 0xE9, 0xEF, 0xDB, 0x72, 0xD7, + 0x45, 0x40, 0xA4, 0x2B, 0xDE, 0x6D, 0x78, 0x36, + 0xD5, 0x9A, 0x5C, 0xEA, 0xAE, 0xF3, 0x10, 0x53, + 0x25, 0xB2, 0x07, 0x2F } +}; + +static const int aes_test_ctr_len[3] = + { 16, 32, 36 }; +#endif /* POLARSSL_CIPHER_MODE_CTR */ + +/* + * Checkup routine + */ +int aes_self_test( int verbose ) +{ + int i, j, u, v; + unsigned char key[32]; + unsigned char buf[64]; + unsigned char prv[16]; + unsigned char iv[16]; +#if defined(POLARSSL_CIPHER_MODE_CTR) || defined(POLARSSL_CIPHER_MODE_CFB) + size_t offset; +#endif +#if defined(POLARSSL_CIPHER_MODE_CTR) + int len; + unsigned char nonce_counter[16]; + unsigned char stream_block[16]; +#endif + aes_context ctx; + + memset( key, 0, 32 ); + + /* + * ECB mode + */ + for( i = 0; i < 6; i++ ) + { + u = i >> 1; + v = i & 1; + + if( verbose != 0 ) + printf( " AES-ECB-%3d (%s): ", 128 + u * 64, + ( v == AES_DECRYPT ) ? "dec" : "enc" ); + + memset( buf, 0, 16 ); + + if( v == AES_DECRYPT ) + { + aes_setkey_dec( &ctx, key, 128 + u * 64 ); + + for( j = 0; j < 10000; j++ ) + aes_crypt_ecb( &ctx, v, buf, buf ); + + if( memcmp( buf, aes_test_ecb_dec[u], 16 ) != 0 ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( 1 ); + } + } + else + { + aes_setkey_enc( &ctx, key, 128 + u * 64 ); + + for( j = 0; j < 10000; j++ ) + aes_crypt_ecb( &ctx, v, buf, buf ); + + if( memcmp( buf, aes_test_ecb_enc[u], 16 ) != 0 ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( 1 ); + } + } + + if( verbose != 0 ) + printf( "passed\n" ); + } + + if( verbose != 0 ) + printf( "\n" ); + + /* + * CBC mode + */ + for( i = 0; i < 6; i++ ) + { + u = i >> 1; + v = i & 1; + + if( verbose != 0 ) + printf( " AES-CBC-%3d (%s): ", 128 + u * 64, + ( v == AES_DECRYPT ) ? "dec" : "enc" ); + + memset( iv , 0, 16 ); + memset( prv, 0, 16 ); + memset( buf, 0, 16 ); + + if( v == AES_DECRYPT ) + { + aes_setkey_dec( &ctx, key, 128 + u * 64 ); + + for( j = 0; j < 10000; j++ ) + aes_crypt_cbc( &ctx, v, 16, iv, buf, buf ); + + if( memcmp( buf, aes_test_cbc_dec[u], 16 ) != 0 ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( 1 ); + } + } + else + { + aes_setkey_enc( &ctx, key, 128 + u * 64 ); + + for( j = 0; j < 10000; j++ ) + { + unsigned char tmp[16]; + + aes_crypt_cbc( &ctx, v, 16, iv, buf, buf ); + + memcpy( tmp, prv, 16 ); + memcpy( prv, buf, 16 ); + memcpy( buf, tmp, 16 ); + } + + if( memcmp( prv, aes_test_cbc_enc[u], 16 ) != 0 ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( 1 ); + } + } + + if( verbose != 0 ) + printf( "passed\n" ); + } + + if( verbose != 0 ) + printf( "\n" ); + +#if defined(POLARSSL_CIPHER_MODE_CFB) + /* + * CFB128 mode + */ + for( i = 0; i < 6; i++ ) + { + u = i >> 1; + v = i & 1; + + if( verbose != 0 ) + printf( " AES-CFB128-%3d (%s): ", 128 + u * 64, + ( v == AES_DECRYPT ) ? "dec" : "enc" ); + + memcpy( iv, aes_test_cfb128_iv, 16 ); + memcpy( key, aes_test_cfb128_key[u], 16 + u * 8 ); + + offset = 0; + aes_setkey_enc( &ctx, key, 128 + u * 64 ); + + if( v == AES_DECRYPT ) + { + memcpy( buf, aes_test_cfb128_ct[u], 64 ); + aes_crypt_cfb128( &ctx, v, 64, &offset, iv, buf, buf ); + + if( memcmp( buf, aes_test_cfb128_pt, 64 ) != 0 ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( 1 ); + } + } + else + { + memcpy( buf, aes_test_cfb128_pt, 64 ); + aes_crypt_cfb128( &ctx, v, 64, &offset, iv, buf, buf ); + + if( memcmp( buf, aes_test_cfb128_ct[u], 64 ) != 0 ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( 1 ); + } + } + + if( verbose != 0 ) + printf( "passed\n" ); + } + + if( verbose != 0 ) + printf( "\n" ); +#endif /* POLARSSL_CIPHER_MODE_CFB */ + +#if defined(POLARSSL_CIPHER_MODE_CTR) + /* + * CTR mode + */ + for( i = 0; i < 6; i++ ) + { + u = i >> 1; + v = i & 1; + + if( verbose != 0 ) + printf( " AES-CTR-128 (%s): ", + ( v == AES_DECRYPT ) ? "dec" : "enc" ); + + memcpy( nonce_counter, aes_test_ctr_nonce_counter[u], 16 ); + memcpy( key, aes_test_ctr_key[u], 16 ); + + offset = 0; + aes_setkey_enc( &ctx, key, 128 ); + + if( v == AES_DECRYPT ) + { + len = aes_test_ctr_len[u]; + memcpy( buf, aes_test_ctr_ct[u], len ); + + aes_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block, buf, buf ); + + if( memcmp( buf, aes_test_ctr_pt[u], len ) != 0 ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( 1 ); + } + } + else + { + len = aes_test_ctr_len[u]; + memcpy( buf, aes_test_ctr_pt[u], len ); + + aes_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block, buf, buf ); + + if( memcmp( buf, aes_test_ctr_ct[u], len ) != 0 ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( 1 ); + } + } + + if( verbose != 0 ) + printf( "passed\n" ); + } + + if( verbose != 0 ) + printf( "\n" ); +#endif /* POLARSSL_CIPHER_MODE_CTR */ + + return( 0 ); +} + +#endif + +#endif diff --git a/polarssl/aes.h b/polarssl/aes.h new file mode 100644 index 0000000..0a4519c --- /dev/null +++ b/polarssl/aes.h @@ -0,0 +1,202 @@ +/** + * \file aes.h + * + * \brief AES block cipher + * + * Copyright (C) 2006-2013, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef POLARSSL_AES_H +#define POLARSSL_AES_H + +#include "polarssl/config.h" + +#include + +#ifdef _MSC_VER +#include +typedef UINT32 uint32_t; +#else +#include +#endif + +#define AES_ENCRYPT 1 +#define AES_DECRYPT 0 + +#define POLARSSL_ERR_AES_INVALID_KEY_LENGTH -0x0020 /**< Invalid key length. */ +#define POLARSSL_ERR_AES_INVALID_INPUT_LENGTH -0x0022 /**< Invalid data input length. */ + +#if !defined(POLARSSL_AES_ALT) +// Regular implementation +// + +/** + * \brief AES context structure + */ +typedef struct +{ + int nr; /*!< number of rounds */ + uint32_t *rk; /*!< AES round keys */ + uint32_t buf[68]; /*!< unaligned data */ +} +aes_context; + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief AES key schedule (encryption) + * + * \param ctx AES context to be initialized + * \param key encryption key + * \param keysize must be 128, 192 or 256 + * + * \return 0 if successful, or POLARSSL_ERR_AES_INVALID_KEY_LENGTH + */ +int aes_setkey_enc( aes_context *ctx, const unsigned char *key, unsigned int keysize ); + +/** + * \brief AES key schedule (decryption) + * + * \param ctx AES context to be initialized + * \param key decryption key + * \param keysize must be 128, 192 or 256 + * + * \return 0 if successful, or POLARSSL_ERR_AES_INVALID_KEY_LENGTH + */ +int aes_setkey_dec( aes_context *ctx, const unsigned char *key, unsigned int keysize ); + +/** + * \brief AES-ECB block encryption/decryption + * + * \param ctx AES context + * \param mode AES_ENCRYPT or AES_DECRYPT + * \param input 16-byte input block + * \param output 16-byte output block + * + * \return 0 if successful + */ +int aes_crypt_ecb( aes_context *ctx, + int mode, + const unsigned char input[16], + unsigned char output[16] ); + +/** + * \brief AES-CBC buffer encryption/decryption + * Length should be a multiple of the block + * size (16 bytes) + * + * \param ctx AES context + * \param mode AES_ENCRYPT or AES_DECRYPT + * \param length length of the input data + * \param iv initialization vector (updated after use) + * \param input buffer holding the input data + * \param output buffer holding the output data + * + * \return 0 if successful, or POLARSSL_ERR_AES_INVALID_INPUT_LENGTH + */ +int aes_crypt_cbc( aes_context *ctx, + int mode, + size_t length, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output ); + +/** + * \brief AES-CFB128 buffer encryption/decryption. + * + * Note: Due to the nature of CFB you should use the same key schedule for + * both encryption and decryption. So a context initialized with + * aes_setkey_enc() for both AES_ENCRYPT and AES_DECRYPT. + * + * both + * \param ctx AES context + * \param mode AES_ENCRYPT or AES_DECRYPT + * \param length length of the input data + * \param iv_off offset in IV (updated after use) + * \param iv initialization vector (updated after use) + * \param input buffer holding the input data + * \param output buffer holding the output data + * + * \return 0 if successful + */ +int aes_crypt_cfb128( aes_context *ctx, + int mode, + size_t length, + size_t *iv_off, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output ); + +/** + * \brief AES-CTR buffer encryption/decryption + * + * Warning: You have to keep the maximum use of your counter in mind! + * + * Note: Due to the nature of CTR you should use the same key schedule for + * both encryption and decryption. So a context initialized with + * aes_setkey_enc() for both AES_ENCRYPT and AES_DECRYPT. + * + * \param length The length of the data + * \param nc_off The offset in the current stream_block (for resuming + * within current cipher stream). The offset pointer to + * should be 0 at the start of a stream. + * \param nonce_counter The 128-bit nonce and counter. + * \param stream_block The saved stream-block for resuming. Is overwritten + * by the function. + * \param input The input data stream + * \param output The output data stream + * + * \return 0 if successful + */ +int aes_crypt_ctr( aes_context *ctx, + size_t length, + size_t *nc_off, + unsigned char nonce_counter[16], + unsigned char stream_block[16], + const unsigned char *input, + unsigned char *output ); + +#ifdef __cplusplus +} +#endif + +#else /* POLARSSL_AES_ALT */ +#include "polarssl/aes_alt.h" +#endif /* POLARSSL_AES_ALT */ + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief Checkup routine + * + * \return 0 if successful, or 1 if the test failed + */ +int aes_self_test( int verbose ); + +#ifdef __cplusplus +} +#endif + +#endif /* aes.h */ diff --git a/polarssl/arc4.c b/polarssl/arc4.c new file mode 100644 index 0000000..85b78f5 --- /dev/null +++ b/polarssl/arc4.c @@ -0,0 +1,173 @@ +/* + * An implementation of the ARCFOUR algorithm + * + * Copyright (C) 2006-2013, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +/* + * The ARCFOUR algorithm was publicly disclosed on 94/09. + * + * http://groups.google.com/group/sci.crypt/msg/10a300c9d21afca0 + */ + +#include "polarssl/config.h" + +#if defined(POLARSSL_ARC4_C) + +#include "polarssl/arc4.h" + +#if !defined(POLARSSL_ARC4_ALT) + +/* + * ARC4 key schedule + */ +void arc4_setup( arc4_context *ctx, const unsigned char *key, unsigned int keylen ) +{ + int i, j, a; + unsigned int k; + unsigned char *m; + + ctx->x = 0; + ctx->y = 0; + m = ctx->m; + + for( i = 0; i < 256; i++ ) + m[i] = (unsigned char) i; + + j = k = 0; + + for( i = 0; i < 256; i++, k++ ) + { + if( k >= keylen ) k = 0; + + a = m[i]; + j = ( j + a + key[k] ) & 0xFF; + m[i] = m[j]; + m[j] = (unsigned char) a; + } +} + +/* + * ARC4 cipher function + */ +int arc4_crypt( arc4_context *ctx, size_t length, const unsigned char *input, + unsigned char *output ) +{ + int x, y, a, b; + size_t i; + unsigned char *m; + + x = ctx->x; + y = ctx->y; + m = ctx->m; + + for( i = 0; i < length; i++ ) + { + x = ( x + 1 ) & 0xFF; a = m[x]; + y = ( y + a ) & 0xFF; b = m[y]; + + m[x] = (unsigned char) b; + m[y] = (unsigned char) a; + + output[i] = (unsigned char) + ( input[i] ^ m[(unsigned char)( a + b )] ); + } + + ctx->x = x; + ctx->y = y; + + return( 0 ); +} + +#endif /* !POLARSSL_ARC4_ALT */ + +#if defined(POLARSSL_SELF_TEST) + +#include +#include + +/* + * ARC4 tests vectors as posted by Eric Rescorla in sep. 1994: + * + * http://groups.google.com/group/comp.security.misc/msg/10a300c9d21afca0 + */ +static const unsigned char arc4_test_key[3][8] = +{ + { 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF }, + { 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF }, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } +}; + +static const unsigned char arc4_test_pt[3][8] = +{ + { 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF }, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } +}; + +static const unsigned char arc4_test_ct[3][8] = +{ + { 0x75, 0xB7, 0x87, 0x80, 0x99, 0xE0, 0xC5, 0x96 }, + { 0x74, 0x94, 0xC2, 0xE7, 0x10, 0x4B, 0x08, 0x79 }, + { 0xDE, 0x18, 0x89, 0x41, 0xA3, 0x37, 0x5D, 0x3A } +}; + +/* + * Checkup routine + */ +int arc4_self_test( int verbose ) +{ + int i; + unsigned char ibuf[8]; + unsigned char obuf[8]; + arc4_context ctx; + + for( i = 0; i < 3; i++ ) + { + if( verbose != 0 ) + printf( " ARC4 test #%d: ", i + 1 ); + + memcpy( ibuf, arc4_test_pt[i], 8 ); + + arc4_setup( &ctx, arc4_test_key[i], 8 ); + arc4_crypt( &ctx, 8, ibuf, obuf ); + + if( memcmp( obuf, arc4_test_ct[i], 8 ) != 0 ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( 1 ); + } + + if( verbose != 0 ) + printf( "passed\n" ); + } + + if( verbose != 0 ) + printf( "\n" ); + + return( 0 ); +} + +#endif + +#endif diff --git a/polarssl/arc4.h b/polarssl/arc4.h new file mode 100644 index 0000000..d60be3f --- /dev/null +++ b/polarssl/arc4.h @@ -0,0 +1,98 @@ +/** + * \file arc4.h + * + * \brief The ARCFOUR stream cipher + * + * Copyright (C) 2006-2013, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef POLARSSL_ARC4_H +#define POLARSSL_ARC4_H + +#include "polarssl/config.h" + +#include + +#if !defined(POLARSSL_ARC4_ALT) +// Regular implementation +// + +/** + * \brief ARC4 context structure + */ +typedef struct +{ + int x; /*!< permutation index */ + int y; /*!< permutation index */ + unsigned char m[256]; /*!< permutation table */ +} +arc4_context; + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief ARC4 key schedule + * + * \param ctx ARC4 context to be initialized + * \param key the secret key + * \param keylen length of the key + */ +void arc4_setup( arc4_context *ctx, const unsigned char *key, unsigned int keylen ); + +/** + * \brief ARC4 cipher function + * + * \param ctx ARC4 context + * \param length length of the input data + * \param input buffer holding the input data + * \param output buffer for the output data + * + * \return 0 if successful + */ +int arc4_crypt( arc4_context *ctx, size_t length, const unsigned char *input, + unsigned char *output ); + +#ifdef __cplusplus +} +#endif + +#else /* POLARSSL_ARC4_ALT */ +#include "polarssl/arc4_alt.h" +#endif /* POLARSSL_ARC4_ALT */ + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief Checkup routine + * + * \return 0 if successful, or 1 if the test failed + */ +int arc4_self_test( int verbose ); + +#ifdef __cplusplus +} +#endif + +#endif /* arc4.h */ diff --git a/polarssl/asn1.h b/polarssl/asn1.h new file mode 100644 index 0000000..e21ae09 --- /dev/null +++ b/polarssl/asn1.h @@ -0,0 +1,246 @@ +/** + * \file asn1.h + * + * \brief Generic ASN.1 parsing + * + * Copyright (C) 2006-2011, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef POLARSSL_ASN1_H +#define POLARSSL_ASN1_H + +#include "polarssl/config.h" + +#if defined(POLARSSL_BIGNUM_C) +#include "polarssl/bignum.h" +#endif + +#include + +/** + * \addtogroup asn1_module + * \{ + */ + +/** + * \name ASN1 Error codes + * These error codes are OR'ed to X509 error codes for + * higher error granularity. + * ASN1 is a standard to specify data structures. + * \{ + */ +#define POLARSSL_ERR_ASN1_OUT_OF_DATA -0x0060 /**< Out of data when parsing an ASN1 data structure. */ +#define POLARSSL_ERR_ASN1_UNEXPECTED_TAG -0x0062 /**< ASN1 tag was of an unexpected value. */ +#define POLARSSL_ERR_ASN1_INVALID_LENGTH -0x0064 /**< Error when trying to determine the length or invalid length. */ +#define POLARSSL_ERR_ASN1_LENGTH_MISMATCH -0x0066 /**< Actual length differs from expected length. */ +#define POLARSSL_ERR_ASN1_INVALID_DATA -0x0068 /**< Data is invalid. (not used) */ +#define POLARSSL_ERR_ASN1_MALLOC_FAILED -0x006A /**< Memory allocation failed */ +#define POLARSSL_ERR_ASN1_BUF_TOO_SMALL -0x006C /**< Buffer too small when writing ASN.1 data structure. */ + +/* \} name */ + +/** + * \name DER constants + * These constants comply with DER encoded the ANS1 type tags. + * DER encoding uses hexadecimal representation. + * An example DER sequence is:\n + * - 0x02 -- tag indicating INTEGER + * - 0x01 -- length in octets + * - 0x05 -- value + * Such sequences are typically read into \c ::x509_buf. + * \{ + */ +#define ASN1_BOOLEAN 0x01 +#define ASN1_INTEGER 0x02 +#define ASN1_BIT_STRING 0x03 +#define ASN1_OCTET_STRING 0x04 +#define ASN1_NULL 0x05 +#define ASN1_OID 0x06 +#define ASN1_UTF8_STRING 0x0C +#define ASN1_SEQUENCE 0x10 +#define ASN1_SET 0x11 +#define ASN1_PRINTABLE_STRING 0x13 +#define ASN1_T61_STRING 0x14 +#define ASN1_IA5_STRING 0x16 +#define ASN1_UTC_TIME 0x17 +#define ASN1_GENERALIZED_TIME 0x18 +#define ASN1_UNIVERSAL_STRING 0x1C +#define ASN1_BMP_STRING 0x1E +#define ASN1_PRIMITIVE 0x00 +#define ASN1_CONSTRUCTED 0x20 +#define ASN1_CONTEXT_SPECIFIC 0x80 +/* \} name */ +/* \} addtogroup asn1_module */ + +/** Returns the size of the binary string, without the trailing \\0 */ +#define OID_SIZE(x) (sizeof(x) - 1) + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \name Functions to parse ASN.1 data structures + * \{ + */ + +/** + * Type-length-value structure that allows for ASN1 using DER. + */ +typedef struct _asn1_buf +{ + int tag; /**< ASN1 type, e.g. ASN1_UTF8_STRING. */ + size_t len; /**< ASN1 length, e.g. in octets. */ + unsigned char *p; /**< ASN1 data, e.g. in ASCII. */ +} +asn1_buf; + +/** + * Container for ASN1 bit strings. + */ +typedef struct _asn1_bitstring +{ + size_t len; /**< ASN1 length, e.g. in octets. */ + unsigned char unused_bits; /**< Number of unused bits at the end of the string */ + unsigned char *p; /**< Raw ASN1 data for the bit string */ +} +asn1_bitstring; + +/** + * Container for a sequence of ASN.1 items + */ +typedef struct _asn1_sequence +{ + asn1_buf buf; /**< Buffer containing the given ASN.1 item. */ + struct _asn1_sequence *next; /**< The next entry in the sequence. */ +} +asn1_sequence; + +/** + * Get the length of an ASN.1 element. + * Updates the pointer to immediately behind the length. + * + * \param p The position in the ASN.1 data + * \param end End of data + * \param len The variable that will receive the value + * + * \return 0 if successful, POLARSSL_ERR_ASN1_OUT_OF_DATA on reaching + * end of data, POLARSSL_ERR_ASN1_INVALID_LENGTH if length is + * unparseable. + */ +int asn1_get_len( unsigned char **p, + const unsigned char *end, + size_t *len ); + +/** + * Get the tag and length of the tag. Check for the requested tag. + * Updates the pointer to immediately behind the tag and length. + * + * \param p The position in the ASN.1 data + * \param end End of data + * \param len The variable that will receive the length + * \param tag The expected tag + * + * \return 0 if successful, POLARSSL_ERR_ASN1_UNEXPECTED_TAG if tag did + * not match requested tag, or another specific ASN.1 error code. + */ +int asn1_get_tag( unsigned char **p, + const unsigned char *end, + size_t *len, int tag ); + +/** + * Retrieve a boolean ASN.1 tag and its value. + * Updates the pointer to immediately behind the full tag. + * + * \param p The position in the ASN.1 data + * \param end End of data + * \param val The variable that will receive the value + * + * \return 0 if successful or a specific ASN.1 error code. + */ +int asn1_get_bool( unsigned char **p, + const unsigned char *end, + int *val ); + +/** + * Retrieve an integer ASN.1 tag and its value. + * Updates the pointer to immediately behind the full tag. + * + * \param p The position in the ASN.1 data + * \param end End of data + * \param val The variable that will receive the value + * + * \return 0 if successful or a specific ASN.1 error code. + */ +int asn1_get_int( unsigned char **p, + const unsigned char *end, + int *val ); + +/** + * Retrieve a bitstring ASN.1 tag and its value. + * Updates the pointer to immediately behind the full tag. + * + * \param p The position in the ASN.1 data + * \param end End of data + * \param bs The variable that will receive the value + * + * \return 0 if successful or a specific ASN.1 error code. + */ +int asn1_get_bitstring( unsigned char **p, const unsigned char *end, + asn1_bitstring *bs); + +/** + * Parses and splits an ASN.1 "SEQUENCE OF " + * Updated the pointer to immediately behind the full sequence tag. + * + * \param p The position in the ASN.1 data + * \param end End of data + * \param cur First variable in the chain to fill + * \param tag Type of sequence + * + * \return 0 if successful or a specific ASN.1 error code. + */ +int asn1_get_sequence_of( unsigned char **p, + const unsigned char *end, + asn1_sequence *cur, + int tag); + +#if defined(POLARSSL_BIGNUM_C) +/** + * Retrieve a MPI value from an integer ASN.1 tag. + * Updates the pointer to immediately behind the full tag. + * + * \param p The position in the ASN.1 data + * \param end End of data + * \param X The MPI that will receive the value + * + * \return 0 if successful or a specific ASN.1 or MPI error code. + */ +int asn1_get_mpi( unsigned char **p, + const unsigned char *end, + mpi *X ); +#endif + +#ifdef __cplusplus +} +#endif + +#endif /* asn1.h */ diff --git a/polarssl/asn1parse.c b/polarssl/asn1parse.c new file mode 100644 index 0000000..2584774 --- /dev/null +++ b/polarssl/asn1parse.c @@ -0,0 +1,260 @@ +/* + * Generic ASN.1 parsing + * + * Copyright (C) 2006-2011, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#include "polarssl/config.h" + +#if defined(POLARSSL_ASN1_PARSE_C) + +#include "polarssl/asn1.h" + +#if defined(POLARSSL_BIGNUM_C) +#include "polarssl/bignum.h" +#endif + +#include +#include +#include + +/* + * ASN.1 DER decoding routines + */ +int asn1_get_len( unsigned char **p, + const unsigned char *end, + size_t *len ) +{ + if( ( end - *p ) < 1 ) + return( POLARSSL_ERR_ASN1_OUT_OF_DATA ); + + if( ( **p & 0x80 ) == 0 ) + *len = *(*p)++; + else + { + switch( **p & 0x7F ) + { + case 1: + if( ( end - *p ) < 2 ) + return( POLARSSL_ERR_ASN1_OUT_OF_DATA ); + + *len = (*p)[1]; + (*p) += 2; + break; + + case 2: + if( ( end - *p ) < 3 ) + return( POLARSSL_ERR_ASN1_OUT_OF_DATA ); + + *len = ( (*p)[1] << 8 ) | (*p)[2]; + (*p) += 3; + break; + + case 3: + if( ( end - *p ) < 4 ) + return( POLARSSL_ERR_ASN1_OUT_OF_DATA ); + + *len = ( (*p)[1] << 16 ) | ( (*p)[2] << 8 ) | (*p)[3]; + (*p) += 4; + break; + + case 4: + if( ( end - *p ) < 5 ) + return( POLARSSL_ERR_ASN1_OUT_OF_DATA ); + + *len = ( (*p)[1] << 24 ) | ( (*p)[2] << 16 ) | ( (*p)[3] << 8 ) | (*p)[4]; + (*p) += 5; + break; + + default: + return( POLARSSL_ERR_ASN1_INVALID_LENGTH ); + } + } + + if( *len > (size_t) ( end - *p ) ) + return( POLARSSL_ERR_ASN1_OUT_OF_DATA ); + + return( 0 ); +} + +int asn1_get_tag( unsigned char **p, + const unsigned char *end, + size_t *len, int tag ) +{ + if( ( end - *p ) < 1 ) + return( POLARSSL_ERR_ASN1_OUT_OF_DATA ); + + if( **p != tag ) + return( POLARSSL_ERR_ASN1_UNEXPECTED_TAG ); + + (*p)++; + + return( asn1_get_len( p, end, len ) ); +} + +int asn1_get_bool( unsigned char **p, + const unsigned char *end, + int *val ) +{ + int ret; + size_t len; + + if( ( ret = asn1_get_tag( p, end, &len, ASN1_BOOLEAN ) ) != 0 ) + return( ret ); + + if( len != 1 ) + return( POLARSSL_ERR_ASN1_INVALID_LENGTH ); + + *val = ( **p != 0 ) ? 1 : 0; + (*p)++; + + return( 0 ); +} + +int asn1_get_int( unsigned char **p, + const unsigned char *end, + int *val ) +{ + int ret; + size_t len; + + if( ( ret = asn1_get_tag( p, end, &len, ASN1_INTEGER ) ) != 0 ) + return( ret ); + + if( len > sizeof( int ) || ( **p & 0x80 ) != 0 ) + return( POLARSSL_ERR_ASN1_INVALID_LENGTH ); + + *val = 0; + + while( len-- > 0 ) + { + *val = ( *val << 8 ) | **p; + (*p)++; + } + + return( 0 ); +} + +#if defined(POLARSSL_BIGNUM_C) +int asn1_get_mpi( unsigned char **p, + const unsigned char *end, + mpi *X ) +{ + int ret; + size_t len; + + if( ( ret = asn1_get_tag( p, end, &len, ASN1_INTEGER ) ) != 0 ) + return( ret ); + + ret = mpi_read_binary( X, *p, len ); + + *p += len; + + return( ret ); +} +#endif /* POLARSSL_BIGNUM_C */ + +int asn1_get_bitstring( unsigned char **p, const unsigned char *end, + asn1_bitstring *bs) +{ + int ret; + + /* Certificate type is a single byte bitstring */ + if( ( ret = asn1_get_tag( p, end, &bs->len, ASN1_BIT_STRING ) ) != 0 ) + return( ret ); + + /* Check length, subtract one for actual bit string length */ + if ( bs->len < 1 ) + return( POLARSSL_ERR_ASN1_OUT_OF_DATA ); + bs->len -= 1; + + /* Get number of unused bits, ensure unused bits <= 7 */ + bs->unused_bits = **p; + if( bs->unused_bits > 7 ) + return( POLARSSL_ERR_ASN1_INVALID_LENGTH ); + (*p)++; + + /* Get actual bitstring */ + bs->p = *p; + *p += bs->len; + + if( *p != end ) + return( POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + + return 0; +} + + +/* + * Parses and splits an ASN.1 "SEQUENCE OF " + */ +int asn1_get_sequence_of( unsigned char **p, + const unsigned char *end, + asn1_sequence *cur, + int tag) +{ + int ret; + size_t len; + asn1_buf *buf; + + /* Get main sequence tag */ + if( ( ret = asn1_get_tag( p, end, &len, + ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + return( ret ); + + if( *p + len != end ) + return( POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + + while( *p < end ) + { + buf = &(cur->buf); + buf->tag = **p; + + if( ( ret = asn1_get_tag( p, end, &buf->len, tag ) ) != 0 ) + return( ret ); + + buf->p = *p; + *p += buf->len; + + /* Allocate and assign next pointer */ + if (*p < end) + { + cur->next = (asn1_sequence *) malloc( + sizeof( asn1_sequence ) ); + + if( cur->next == NULL ) + return( POLARSSL_ERR_ASN1_MALLOC_FAILED ); + + cur = cur->next; + } + } + + /* Set final sequence entry's next pointer to NULL */ + cur->next = NULL; + + if( *p != end ) + return( POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + + return( 0 ); +} + +#endif diff --git a/polarssl/asn1write.c b/polarssl/asn1write.c new file mode 100644 index 0000000..e50c17c --- /dev/null +++ b/polarssl/asn1write.c @@ -0,0 +1,241 @@ +/* + * ASN.1 buffer writing functionality + * + * Copyright (C) 2006-2012, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#include "polarssl/config.h" + +#if defined(POLARSSL_ASN1_WRITE_C) + +#include "polarssl/asn1write.h" + +int asn1_write_len( unsigned char **p, unsigned char *start, size_t len ) +{ + if( len < 0x80 ) + { + if( *p - start < 1 ) + return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL ); + + *--(*p) = len; + return( 1 ); + } + + if( len <= 0xFF ) + { + if( *p - start < 2 ) + return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL ); + + *--(*p) = len; + *--(*p) = 0x81; + return( 2 ); + } + + if( *p - start < 3 ) + return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL ); + + // We assume we never have lengths larger than 65535 bytes + // + *--(*p) = len % 256; + *--(*p) = ( len / 256 ) % 256; + *--(*p) = 0x82; + + return( 3 ); +} + +int asn1_write_tag( unsigned char **p, unsigned char *start, unsigned char tag ) +{ + if( *p - start < 1 ) + return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL ); + + *--(*p) = tag; + + return( 1 ); +} + +int asn1_write_mpi( unsigned char **p, unsigned char *start, mpi *X ) +{ + int ret; + size_t len = 0; + + // Write the MPI + // + len = mpi_size( X ); + + if( *p - start < (int) len ) + return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL ); + + (*p) -= len; + mpi_write_binary( X, *p, len ); + + // DER format assumes 2s complement for numbers, so the leftmost bit + // should be 0 for positive numbers and 1 for negative numbers. + // + if ( X->s ==1 && **p & 0x80 ) + { + if( *p - start < 1 ) + return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL ); + + *--(*p) = 0x00; + len += 1; + } + + ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) ); + ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_INTEGER ) ); + + return( len ); +} + +int asn1_write_null( unsigned char **p, unsigned char *start ) +{ + int ret; + size_t len = 0; + + // Write NULL + // + ASN1_CHK_ADD( len, asn1_write_len( p, start, 0) ); + ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_NULL ) ); + + return( len ); +} + +int asn1_write_oid( unsigned char **p, unsigned char *start, char *oid ) +{ + int ret; + size_t len = 0; + + // Write OID + // + len = strlen( oid ); + + if( *p - start < (int) len ) + return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL ); + + (*p) -= len; + memcpy( *p, oid, len ); + + ASN1_CHK_ADD( len , asn1_write_len( p, start, len ) ); + ASN1_CHK_ADD( len , asn1_write_tag( p, start, ASN1_OID ) ); + + return( len ); +} + +int asn1_write_algorithm_identifier( unsigned char **p, unsigned char *start, + char *algorithm_oid ) +{ + int ret; + size_t null_len = 0; + size_t oid_len = 0; + size_t len = 0; + + // Write NULL + // + ASN1_CHK_ADD( null_len, asn1_write_null( p, start ) ); + + // Write OID + // + ASN1_CHK_ADD( oid_len, asn1_write_oid( p, start, algorithm_oid ) ); + + len = oid_len + null_len; + ASN1_CHK_ADD( len, asn1_write_len( p, start, oid_len + null_len ) ); + ASN1_CHK_ADD( len, asn1_write_tag( p, start, + ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ); + + return( len ); +} + +int asn1_write_int( unsigned char **p, unsigned char *start, int val ) +{ + int ret; + size_t len = 0; + + // TODO negative values and values larger than 128 + // DER format assumes 2s complement for numbers, so the leftmost bit + // should be 0 for positive numbers and 1 for negative numbers. + // + if( *p - start < 1 ) + return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL ); + + len += 1; + *--(*p) = val; + + if ( val > 0 && **p & 0x80 ) + { + if( *p - start < 1 ) + return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL ); + + *--(*p) = 0x00; + len += 1; + } + + ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) ); + ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_INTEGER ) ); + + return( len ); +} + +int asn1_write_printable_string( unsigned char **p, unsigned char *start, + char *text ) +{ + int ret; + size_t len = 0; + + // Write string + // + len = strlen( text ); + + if( *p - start < (int) len ) + return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL ); + + (*p) -= len; + memcpy( *p, text, len ); + + ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) ); + ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_PRINTABLE_STRING ) ); + + return( len ); +} + +int asn1_write_ia5_string( unsigned char **p, unsigned char *start, + char *text ) +{ + int ret; + size_t len = 0; + + // Write string + // + len = strlen( text ); + + if( *p - start < (int) len ) + return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL ); + + (*p) -= len; + memcpy( *p, text, len ); + + ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) ); + ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_IA5_STRING ) ); + + return( len ); +} + + +#endif diff --git a/polarssl/asn1write.h b/polarssl/asn1write.h new file mode 100644 index 0000000..7ea2680 --- /dev/null +++ b/polarssl/asn1write.h @@ -0,0 +1,46 @@ +/** + * \file asn1write.h + * + * \brief ASN.1 buffer writing functionality + * + * Copyright (C) 2006-2012, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef POLARSSL_ASN1_WRITE_H +#define POLARSSL_ASN1_WRITE_H + +#include "polarssl/asn1.h" + +#define ASN1_CHK_ADD(g, f) if( ( ret = f ) < 0 ) return( ret ); else g += ret + +int asn1_write_len( unsigned char **p, unsigned char *start, size_t len ); +int asn1_write_tag( unsigned char **p, unsigned char *start, unsigned char tag ); +int asn1_write_mpi( unsigned char **p, unsigned char *start, mpi *X ); +int asn1_write_null( unsigned char **p, unsigned char *start ); +int asn1_write_oid( unsigned char **p, unsigned char *start, char *oid ); +int asn1_write_algorithm_identifier( unsigned char **p, unsigned char *start, char *algorithm_oid ); +int asn1_write_int( unsigned char **p, unsigned char *start, int val ); +int asn1_write_printable_string( unsigned char **p, unsigned char *start, + char *text ); +int asn1_write_ia5_string( unsigned char **p, unsigned char *start, + char *text ); + +#endif /* POLARSSL_ASN1_WRITE_H */ diff --git a/polarssl/base64.c b/polarssl/base64.c new file mode 100644 index 0000000..f320f3c --- /dev/null +++ b/polarssl/base64.c @@ -0,0 +1,269 @@ +/* + * RFC 1521 base64 encoding/decoding + * + * Copyright (C) 2006-2010, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#include "polarssl/config.h" + +#if defined(POLARSSL_BASE64_C) + +#include "polarssl/base64.h" + +#ifdef _MSC_VER +#include +typedef UINT32 uint32_t; +#else +#include +#endif + +static const unsigned char base64_enc_map[64] = +{ + 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', + 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', + 'U', 'V', 'W', 'X', 'Y', 'Z', 'a', 'b', 'c', 'd', + 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', + 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', + 'y', 'z', '0', '1', '2', '3', '4', '5', '6', '7', + '8', '9', '+', '/' +}; + +static const unsigned char base64_dec_map[128] = +{ + 127, 127, 127, 127, 127, 127, 127, 127, 127, 127, + 127, 127, 127, 127, 127, 127, 127, 127, 127, 127, + 127, 127, 127, 127, 127, 127, 127, 127, 127, 127, + 127, 127, 127, 127, 127, 127, 127, 127, 127, 127, + 127, 127, 127, 62, 127, 127, 127, 63, 52, 53, + 54, 55, 56, 57, 58, 59, 60, 61, 127, 127, + 127, 64, 127, 127, 127, 0, 1, 2, 3, 4, + 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, + 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, + 25, 127, 127, 127, 127, 127, 127, 26, 27, 28, + 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, + 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, + 49, 50, 51, 127, 127, 127, 127, 127 +}; + +/* + * Encode a buffer into base64 format + */ +int base64_encode( unsigned char *dst, size_t *dlen, + const unsigned char *src, size_t slen ) +{ + size_t i, n; + int C1, C2, C3; + unsigned char *p; + + if( slen == 0 ) + return( 0 ); + + n = (slen << 3) / 6; + + switch( (slen << 3) - (n * 6) ) + { + case 2: n += 3; break; + case 4: n += 2; break; + default: break; + } + + if( *dlen < n + 1 ) + { + *dlen = n + 1; + return( POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL ); + } + + n = (slen / 3) * 3; + + for( i = 0, p = dst; i < n; i += 3 ) + { + C1 = *src++; + C2 = *src++; + C3 = *src++; + + *p++ = base64_enc_map[(C1 >> 2) & 0x3F]; + *p++ = base64_enc_map[(((C1 & 3) << 4) + (C2 >> 4)) & 0x3F]; + *p++ = base64_enc_map[(((C2 & 15) << 2) + (C3 >> 6)) & 0x3F]; + *p++ = base64_enc_map[C3 & 0x3F]; + } + + if( i < slen ) + { + C1 = *src++; + C2 = ((i + 1) < slen) ? *src++ : 0; + + *p++ = base64_enc_map[(C1 >> 2) & 0x3F]; + *p++ = base64_enc_map[(((C1 & 3) << 4) + (C2 >> 4)) & 0x3F]; + + if( (i + 1) < slen ) + *p++ = base64_enc_map[((C2 & 15) << 2) & 0x3F]; + else *p++ = '='; + + *p++ = '='; + } + + *dlen = p - dst; + *p = 0; + + return( 0 ); +} + +/* + * Decode a base64-formatted buffer + */ +int base64_decode( unsigned char *dst, size_t *dlen, + const unsigned char *src, size_t slen ) +{ + size_t i, n; + uint32_t j, x; + unsigned char *p; + + for( i = j = n = 0; i < slen; i++ ) + { + if( ( slen - i ) >= 2 && + src[i] == '\r' && src[i + 1] == '\n' ) + continue; + + if( src[i] == '\n' ) + continue; + + if( src[i] == '=' && ++j > 2 ){ + printf("err 0 char[%d] = '%c' (0x%x)\n",i,src[i],src[i]); + return( POLARSSL_ERR_BASE64_INVALID_CHARACTER ); + } + + if( src[i] > 127 || base64_dec_map[src[i]] == 127 ){ + printf("err 1 char[%d] = '%c' (0x%x)\n",i,src[i],src[i]); + return( POLARSSL_ERR_BASE64_INVALID_CHARACTER ); + } + + if( base64_dec_map[src[i]] < 64 && j != 0 ){ + printf("err 2 char[%d] = '%c' (0x%x)\n",i,src[i],src[i]); + return( POLARSSL_ERR_BASE64_INVALID_CHARACTER ); + } + + n++; + } + + if( n == 0 ) + return( 0 ); + + + n = ((n * 6) + 7) >> 3; + + if( (*dlen+4) < n ) + { + *dlen = n; + return( POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL ); + } + + for( j = 3, n = x = 0, p = dst; i > 0; i--, src++ ) + { + if( *src == '\r' || *src == '\n' ) + continue; + + j -= ( base64_dec_map[*src] == 64 ); + x = (x << 6) | ( base64_dec_map[*src] & 0x3F ); + + if( ++n == 4 ) + { + n = 0; + if( j > 0 ) *p++ = (unsigned char)( x >> 16 ); + if( j > 1 ) *p++ = (unsigned char)( x >> 8 ); + if( j > 2 ) *p++ = (unsigned char)( x ); + } + } + + *dlen = p - dst; + + return( 0 ); +} + +#if defined(POLARSSL_SELF_TEST) + +#include +#include + +static const unsigned char base64_test_dec[64] = +{ + 0x24, 0x48, 0x6E, 0x56, 0x87, 0x62, 0x5A, 0xBD, + 0xBF, 0x17, 0xD9, 0xA2, 0xC4, 0x17, 0x1A, 0x01, + 0x94, 0xED, 0x8F, 0x1E, 0x11, 0xB3, 0xD7, 0x09, + 0x0C, 0xB6, 0xE9, 0x10, 0x6F, 0x22, 0xEE, 0x13, + 0xCA, 0xB3, 0x07, 0x05, 0x76, 0xC9, 0xFA, 0x31, + 0x6C, 0x08, 0x34, 0xFF, 0x8D, 0xC2, 0x6C, 0x38, + 0x00, 0x43, 0xE9, 0x54, 0x97, 0xAF, 0x50, 0x4B, + 0xD1, 0x41, 0xBA, 0x95, 0x31, 0x5A, 0x0B, 0x97 +}; + +static const unsigned char base64_test_enc[] = + "JEhuVodiWr2/F9mixBcaAZTtjx4Rs9cJDLbpEG8i7hPK" + "swcFdsn6MWwINP+Nwmw4AEPpVJevUEvRQbqVMVoLlw=="; + +/* + * Checkup routine + */ +int base64_self_test( int verbose ) +{ + size_t len; + const unsigned char *src; + unsigned char buffer[128]; + + if( verbose != 0 ) + printf( " Base64 encoding test: " ); + + len = sizeof( buffer ); + src = base64_test_dec; + + if( base64_encode( buffer, &len, src, 64 ) != 0 || + memcmp( base64_test_enc, buffer, 88 ) != 0 ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( 1 ); + } + + if( verbose != 0 ) + printf( "passed\n Base64 decoding test: " ); + + len = sizeof( buffer ); + src = base64_test_enc; + + if( base64_decode( buffer, &len, src, 88 ) != 0 || + memcmp( base64_test_dec, buffer, 64 ) != 0 ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( 1 ); + } + + if( verbose != 0 ) + printf( "passed\n\n" ); + + return( 0 ); +} + +#endif + +#endif diff --git a/polarssl/base64.h b/polarssl/base64.h new file mode 100644 index 0000000..fb0d753 --- /dev/null +++ b/polarssl/base64.h @@ -0,0 +1,87 @@ +/** + * \file base64.h + * + * \brief RFC 1521 base64 encoding/decoding + * + * Copyright (C) 2006-2010, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef POLARSSL_BASE64_H +#define POLARSSL_BASE64_H + +#include + +#define POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL -0x002A /**< Output buffer too small. */ +#define POLARSSL_ERR_BASE64_INVALID_CHARACTER -0x002C /**< Invalid character in input. */ + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief Encode a buffer into base64 format + * + * \param dst destination buffer + * \param dlen size of the buffer + * \param src source buffer + * \param slen amount of data to be encoded + * + * \return 0 if successful, or POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL. + * *dlen is always updated to reflect the amount + * of data that has (or would have) been written. + * + * \note Call this function with *dlen = 0 to obtain the + * required buffer size in *dlen + */ +int base64_encode( unsigned char *dst, size_t *dlen, + const unsigned char *src, size_t slen ); + +/** + * \brief Decode a base64-formatted buffer + * + * \param dst destination buffer + * \param dlen size of the buffer + * \param src source buffer + * \param slen amount of data to be decoded + * + * \return 0 if successful, POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL, or + * POLARSSL_ERR_BASE64_INVALID_CHARACTER if the input data is + * not correct. *dlen is always updated to reflect the amount + * of data that has (or would have) been written. + * + * \note Call this function with *dlen = 0 to obtain the + * required buffer size in *dlen + */ +int base64_decode( unsigned char *dst, size_t *dlen, + const unsigned char *src, size_t slen ); + +/** + * \brief Checkup routine + * + * \return 0 if successful, or 1 if the test failed + */ +int base64_self_test( int verbose ); + +#ifdef __cplusplus +} +#endif + +#endif /* base64.h */ diff --git a/polarssl/bignum.c b/polarssl/bignum.c new file mode 100644 index 0000000..5c8f96c --- /dev/null +++ b/polarssl/bignum.c @@ -0,0 +1,2135 @@ +/* + * Multi-precision integer library + * + * Copyright (C) 2006-2010, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +/* + * This MPI implementation is based on: + * + * http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf + * http://www.stillhq.com/extracted/gnupg-api/mpi/ + * http://math.libtomcrypt.com/files/tommath.pdf + */ + +#include "polarssl/config.h" + +#if defined(POLARSSL_BIGNUM_C) + +#include "polarssl/bignum.h" +#include "polarssl/bn_mul.h" + +#include + +#define ciL (sizeof(t_uint)) /* chars in limb */ +#define biL (ciL << 3) /* bits in limb */ +#define biH (ciL << 2) /* half limb size */ + +/* + * Convert between bits/chars and number of limbs + */ +#define BITS_TO_LIMBS(i) (((i) + biL - 1) / biL) +#define CHARS_TO_LIMBS(i) (((i) + ciL - 1) / ciL) + +/* + * Initialize one MPI + */ +void mpi_init( mpi *X ) +{ + if( X == NULL ) + return; + + X->s = 1; + X->n = 0; + X->p = NULL; +} + +/* + * Unallocate one MPI + */ +void mpi_free( mpi *X ) +{ + if( X == NULL ) + return; + + if( X->p != NULL ) + { + memset( X->p, 0, X->n * ciL ); + free( X->p ); + } + + X->s = 1; + X->n = 0; + X->p = NULL; +} + +/* + * Enlarge to the specified number of limbs + */ +int mpi_grow( mpi *X, size_t nblimbs ) +{ + t_uint *p; + + if( nblimbs > POLARSSL_MPI_MAX_LIMBS ) + return( POLARSSL_ERR_MPI_MALLOC_FAILED ); + + if( X->n < nblimbs ) + { + if( ( p = (t_uint *) malloc( nblimbs * ciL ) ) == NULL ) + return( POLARSSL_ERR_MPI_MALLOC_FAILED ); + + memset( p, 0, nblimbs * ciL ); + + if( X->p != NULL ) + { + memcpy( p, X->p, X->n * ciL ); + memset( X->p, 0, X->n * ciL ); + free( X->p ); + } + + X->n = nblimbs; + X->p = p; + } + + return( 0 ); +} + +/* + * Copy the contents of Y into X + */ +int mpi_copy( mpi *X, const mpi *Y ) +{ + int ret; + size_t i; + + if( X == Y ) + return( 0 ); + + for( i = Y->n - 1; i > 0; i-- ) + if( Y->p[i] != 0 ) + break; + i++; + + X->s = Y->s; + + MPI_CHK( mpi_grow( X, i ) ); + + memset( X->p, 0, X->n * ciL ); + memcpy( X->p, Y->p, i * ciL ); + +cleanup: + + return( ret ); +} + +/* + * Swap the contents of X and Y + */ +void mpi_swap( mpi *X, mpi *Y ) +{ + mpi T; + + memcpy( &T, X, sizeof( mpi ) ); + memcpy( X, Y, sizeof( mpi ) ); + memcpy( Y, &T, sizeof( mpi ) ); +} + +/* + * Set value from integer + */ +int mpi_lset( mpi *X, t_sint z ) +{ + int ret; + + MPI_CHK( mpi_grow( X, 1 ) ); + memset( X->p, 0, X->n * ciL ); + + X->p[0] = ( z < 0 ) ? -z : z; + X->s = ( z < 0 ) ? -1 : 1; + +cleanup: + + return( ret ); +} + +/* + * Get a specific bit + */ +int mpi_get_bit( const mpi *X, size_t pos ) +{ + if( X->n * biL <= pos ) + return( 0 ); + + return ( X->p[pos / biL] >> ( pos % biL ) ) & 0x01; +} + +/* + * Set a bit to a specific value of 0 or 1 + */ +int mpi_set_bit( mpi *X, size_t pos, unsigned char val ) +{ + int ret = 0; + size_t off = pos / biL; + size_t idx = pos % biL; + + if( val != 0 && val != 1 ) + return POLARSSL_ERR_MPI_BAD_INPUT_DATA; + + if( X->n * biL <= pos ) + { + if( val == 0 ) + return ( 0 ); + + MPI_CHK( mpi_grow( X, off + 1 ) ); + } + + X->p[off] = ( X->p[off] & ~( 0x01 << idx ) ) | ( val << idx ); + +cleanup: + + return( ret ); +} + +/* + * Return the number of least significant bits + */ +size_t mpi_lsb( const mpi *X ) +{ + size_t i, j, count = 0; + + for( i = 0; i < X->n; i++ ) + for( j = 0; j < biL; j++, count++ ) + if( ( ( X->p[i] >> j ) & 1 ) != 0 ) + return( count ); + + return( 0 ); +} + +/* + * Return the number of most significant bits + */ +size_t mpi_msb( const mpi *X ) +{ + size_t i, j; + + for( i = X->n - 1; i > 0; i-- ) + if( X->p[i] != 0 ) + break; + + for( j = biL; j > 0; j-- ) + if( ( ( X->p[i] >> ( j - 1 ) ) & 1 ) != 0 ) + break; + + return( ( i * biL ) + j ); +} + +/* + * Return the total size in bytes + */ +size_t mpi_size( const mpi *X ) +{ + return( ( mpi_msb( X ) + 7 ) >> 3 ); +} + +/* + * Convert an ASCII character to digit value + */ +static int mpi_get_digit( t_uint *d, int radix, char c ) +{ + *d = 255; + + if( c >= 0x30 && c <= 0x39 ) *d = c - 0x30; + if( c >= 0x41 && c <= 0x46 ) *d = c - 0x37; + if( c >= 0x61 && c <= 0x66 ) *d = c - 0x57; + + if( *d >= (t_uint) radix ) + return( POLARSSL_ERR_MPI_INVALID_CHARACTER ); + + return( 0 ); +} + +/* + * Import from an ASCII string + */ +int mpi_read_string( mpi *X, int radix, const char *s ) +{ + int ret; + size_t i, j, slen, n; + t_uint d; + mpi T; + + if( radix < 2 || radix > 16 ) + return( POLARSSL_ERR_MPI_BAD_INPUT_DATA ); + + mpi_init( &T ); + + slen = strlen( s ); + + if( radix == 16 ) + { + n = BITS_TO_LIMBS( slen << 2 ); + + MPI_CHK( mpi_grow( X, n ) ); + MPI_CHK( mpi_lset( X, 0 ) ); + + for( i = slen, j = 0; i > 0; i--, j++ ) + { + if( i == 1 && s[i - 1] == '-' ) + { + X->s = -1; + break; + } + + MPI_CHK( mpi_get_digit( &d, radix, s[i - 1] ) ); + X->p[j / (2 * ciL)] |= d << ( (j % (2 * ciL)) << 2 ); + } + } + else + { + MPI_CHK( mpi_lset( X, 0 ) ); + + for( i = 0; i < slen; i++ ) + { + if( i == 0 && s[i] == '-' ) + { + X->s = -1; + continue; + } + + MPI_CHK( mpi_get_digit( &d, radix, s[i] ) ); + MPI_CHK( mpi_mul_int( &T, X, radix ) ); + + if( X->s == 1 ) + { + MPI_CHK( mpi_add_int( X, &T, d ) ); + } + else + { + MPI_CHK( mpi_sub_int( X, &T, d ) ); + } + } + } + +cleanup: + + mpi_free( &T ); + + return( ret ); +} + +/* + * Helper to write the digits high-order first + */ +static int mpi_write_hlp( mpi *X, int radix, char **p ) +{ + int ret; + t_uint r; + + if( radix < 2 || radix > 16 ) + return( POLARSSL_ERR_MPI_BAD_INPUT_DATA ); + + MPI_CHK( mpi_mod_int( &r, X, radix ) ); + MPI_CHK( mpi_div_int( X, NULL, X, radix ) ); + + if( mpi_cmp_int( X, 0 ) != 0 ) + MPI_CHK( mpi_write_hlp( X, radix, p ) ); + + if( r < 10 ) + *(*p)++ = (char)( r + 0x30 ); + else + *(*p)++ = (char)( r + 0x37 ); + +cleanup: + + return( ret ); +} + +/* + * Export into an ASCII string + */ +int mpi_write_string( const mpi *X, int radix, char *s, size_t *slen ) +{ + int ret = 0; + size_t n; + char *p; + mpi T; + + if( radix < 2 || radix > 16 ) + return( POLARSSL_ERR_MPI_BAD_INPUT_DATA ); + + n = mpi_msb( X ); + if( radix >= 4 ) n >>= 1; + if( radix >= 16 ) n >>= 1; + n += 3; + + if( *slen < n ) + { + *slen = n; + return( POLARSSL_ERR_MPI_BUFFER_TOO_SMALL ); + } + + p = s; + mpi_init( &T ); + + if( X->s == -1 ) + *p++ = '-'; + + if( radix == 16 ) + { + int c; + size_t i, j, k; + + for( i = X->n, k = 0; i > 0; i-- ) + { + for( j = ciL; j > 0; j-- ) + { + c = ( X->p[i - 1] >> ( ( j - 1 ) << 3) ) & 0xFF; + + if( c == 0 && k == 0 && ( i + j + 3 ) != 0 ) + continue; + + *(p++) = "0123456789ABCDEF" [c / 16]; + *(p++) = "0123456789ABCDEF" [c % 16]; + k = 1; + } + } + } + else + { + MPI_CHK( mpi_copy( &T, X ) ); + + if( T.s == -1 ) + T.s = 1; + + MPI_CHK( mpi_write_hlp( &T, radix, &p ) ); + } + + *p++ = '\0'; + *slen = p - s; + +cleanup: + + mpi_free( &T ); + + return( ret ); +} + +#if defined(POLARSSL_FS_IO) +/* + * Read X from an opened file + */ +int mpi_read_file( mpi *X, int radix, FILE *fin ) +{ + t_uint d; + size_t slen; + char *p; + /* + * Buffer should have space for (short) label and decimal formatted MPI, + * newline characters and '\0' + */ + char s[ POLARSSL_MPI_RW_BUFFER_SIZE ]; + + memset( s, 0, sizeof( s ) ); + if( fgets( s, sizeof( s ) - 1, fin ) == NULL ) + return( POLARSSL_ERR_MPI_FILE_IO_ERROR ); + + slen = strlen( s ); + if( slen == sizeof( s ) - 2 ) + return( POLARSSL_ERR_MPI_BUFFER_TOO_SMALL ); + + if( s[slen - 1] == '\n' ) { slen--; s[slen] = '\0'; } + if( s[slen - 1] == '\r' ) { slen--; s[slen] = '\0'; } + + p = s + slen; + while( --p >= s ) + if( mpi_get_digit( &d, radix, *p ) != 0 ) + break; + + return( mpi_read_string( X, radix, p + 1 ) ); +} + +/* + * Write X into an opened file (or stdout if fout == NULL) + */ +int mpi_write_file( const char *p, const mpi *X, int radix, FILE *fout ) +{ + int ret; + size_t n, slen, plen; + /* + * Buffer should have space for (short) label and decimal formatted MPI, + * newline characters and '\0' + */ + char s[ POLARSSL_MPI_RW_BUFFER_SIZE ]; + + n = sizeof( s ); + memset( s, 0, n ); + n -= 2; + + MPI_CHK( mpi_write_string( X, radix, s, (size_t *) &n ) ); + + if( p == NULL ) p = ""; + + plen = strlen( p ); + slen = strlen( s ); + s[slen++] = '\r'; + s[slen++] = '\n'; + + if( fout != NULL ) + { + if( fwrite( p, 1, plen, fout ) != plen || + fwrite( s, 1, slen, fout ) != slen ) + return( POLARSSL_ERR_MPI_FILE_IO_ERROR ); + } + else + printf( "%s%s", p, s ); + +cleanup: + + return( ret ); +} +#endif /* POLARSSL_FS_IO */ + +/* + * Import X from unsigned binary data, big endian + */ +int mpi_read_binary( mpi *X, const unsigned char *buf, size_t buflen ) +{ + int ret; + size_t i, j, n; + + for( n = 0; n < buflen; n++ ) + if( buf[n] != 0 ) + break; + + MPI_CHK( mpi_grow( X, CHARS_TO_LIMBS( buflen - n ) ) ); + MPI_CHK( mpi_lset( X, 0 ) ); + + for( i = buflen, j = 0; i > n; i--, j++ ) + X->p[j / ciL] |= ((t_uint) buf[i - 1]) << ((j % ciL) << 3); + +cleanup: + + return( ret ); +} + +/* + * Export X into unsigned binary data, big endian + */ +int mpi_write_binary( const mpi *X, unsigned char *buf, size_t buflen ) +{ + size_t i, j, n; + + n = mpi_size( X ); + + if( buflen < n ) + return( POLARSSL_ERR_MPI_BUFFER_TOO_SMALL ); + + memset( buf, 0, buflen ); + + for( i = buflen - 1, j = 0; n > 0; i--, j++, n-- ) + buf[i] = (unsigned char)( X->p[j / ciL] >> ((j % ciL) << 3) ); + + return( 0 ); +} + +/* + * Left-shift: X <<= count + */ +int mpi_shift_l( mpi *X, size_t count ) +{ + int ret; + size_t i, v0, t1; + t_uint r0 = 0, r1; + + v0 = count / (biL ); + t1 = count & (biL - 1); + + i = mpi_msb( X ) + count; + + if( X->n * biL < i ) + MPI_CHK( mpi_grow( X, BITS_TO_LIMBS( i ) ) ); + + ret = 0; + + /* + * shift by count / limb_size + */ + if( v0 > 0 ) + { + for( i = X->n; i > v0; i-- ) + X->p[i - 1] = X->p[i - v0 - 1]; + + for( ; i > 0; i-- ) + X->p[i - 1] = 0; + } + + /* + * shift by count % limb_size + */ + if( t1 > 0 ) + { + for( i = v0; i < X->n; i++ ) + { + r1 = X->p[i] >> (biL - t1); + X->p[i] <<= t1; + X->p[i] |= r0; + r0 = r1; + } + } + +cleanup: + + return( ret ); +} + +/* + * Right-shift: X >>= count + */ +int mpi_shift_r( mpi *X, size_t count ) +{ + size_t i, v0, v1; + t_uint r0 = 0, r1; + + v0 = count / biL; + v1 = count & (biL - 1); + + if( v0 > X->n || ( v0 == X->n && v1 > 0 ) ) + return mpi_lset( X, 0 ); + + /* + * shift by count / limb_size + */ + if( v0 > 0 ) + { + for( i = 0; i < X->n - v0; i++ ) + X->p[i] = X->p[i + v0]; + + for( ; i < X->n; i++ ) + X->p[i] = 0; + } + + /* + * shift by count % limb_size + */ + if( v1 > 0 ) + { + for( i = X->n; i > 0; i-- ) + { + r1 = X->p[i - 1] << (biL - v1); + X->p[i - 1] >>= v1; + X->p[i - 1] |= r0; + r0 = r1; + } + } + + return( 0 ); +} + +/* + * Compare unsigned values + */ +int mpi_cmp_abs( const mpi *X, const mpi *Y ) +{ + size_t i, j; + + for( i = X->n; i > 0; i-- ) + if( X->p[i - 1] != 0 ) + break; + + for( j = Y->n; j > 0; j-- ) + if( Y->p[j - 1] != 0 ) + break; + + if( i == 0 && j == 0 ) + return( 0 ); + + if( i > j ) return( 1 ); + if( j > i ) return( -1 ); + + for( ; i > 0; i-- ) + { + if( X->p[i - 1] > Y->p[i - 1] ) return( 1 ); + if( X->p[i - 1] < Y->p[i - 1] ) return( -1 ); + } + + return( 0 ); +} + +/* + * Compare signed values + */ +int mpi_cmp_mpi( const mpi *X, const mpi *Y ) +{ + size_t i, j; + + for( i = X->n; i > 0; i-- ) + if( X->p[i - 1] != 0 ) + break; + + for( j = Y->n; j > 0; j-- ) + if( Y->p[j - 1] != 0 ) + break; + + if( i == 0 && j == 0 ) + return( 0 ); + + if( i > j ) return( X->s ); + if( j > i ) return( -Y->s ); + + if( X->s > 0 && Y->s < 0 ) return( 1 ); + if( Y->s > 0 && X->s < 0 ) return( -1 ); + + for( ; i > 0; i-- ) + { + if( X->p[i - 1] > Y->p[i - 1] ) return( X->s ); + if( X->p[i - 1] < Y->p[i - 1] ) return( -X->s ); + } + + return( 0 ); +} + +/* + * Compare signed values + */ +int mpi_cmp_int( const mpi *X, t_sint z ) +{ + mpi Y; + t_uint p[1]; + + *p = ( z < 0 ) ? -z : z; + Y.s = ( z < 0 ) ? -1 : 1; + Y.n = 1; + Y.p = p; + + return( mpi_cmp_mpi( X, &Y ) ); +} + +/* + * Unsigned addition: X = |A| + |B| (HAC 14.7) + */ +int mpi_add_abs( mpi *X, const mpi *A, const mpi *B ) +{ + int ret; + size_t i, j; + t_uint *o, *p, c; + + if( X == B ) + { + const mpi *T = A; A = X; B = T; + } + + if( X != A ) + MPI_CHK( mpi_copy( X, A ) ); + + /* + * X should always be positive as a result of unsigned additions. + */ + X->s = 1; + + for( j = B->n; j > 0; j-- ) + if( B->p[j - 1] != 0 ) + break; + + MPI_CHK( mpi_grow( X, j ) ); + + o = B->p; p = X->p; c = 0; + + for( i = 0; i < j; i++, o++, p++ ) + { + *p += c; c = ( *p < c ); + *p += *o; c += ( *p < *o ); + } + + while( c != 0 ) + { + if( i >= X->n ) + { + MPI_CHK( mpi_grow( X, i + 1 ) ); + p = X->p + i; + } + + *p += c; c = ( *p < c ); i++; p++; + } + +cleanup: + + return( ret ); +} + +/* + * Helper for mpi substraction + */ +static void mpi_sub_hlp( size_t n, t_uint *s, t_uint *d ) +{ + size_t i; + t_uint c, z; + + for( i = c = 0; i < n; i++, s++, d++ ) + { + z = ( *d < c ); *d -= c; + c = ( *d < *s ) + z; *d -= *s; + } + + while( c != 0 ) + { + z = ( *d < c ); *d -= c; + c = z; i++; d++; + } +} + +/* + * Unsigned substraction: X = |A| - |B| (HAC 14.9) + */ +int mpi_sub_abs( mpi *X, const mpi *A, const mpi *B ) +{ + mpi TB; + int ret; + size_t n; + + if( mpi_cmp_abs( A, B ) < 0 ) + return( POLARSSL_ERR_MPI_NEGATIVE_VALUE ); + + mpi_init( &TB ); + + if( X == B ) + { + MPI_CHK( mpi_copy( &TB, B ) ); + B = &TB; + } + + if( X != A ) + MPI_CHK( mpi_copy( X, A ) ); + + /* + * X should always be positive as a result of unsigned substractions. + */ + X->s = 1; + + ret = 0; + + for( n = B->n; n > 0; n-- ) + if( B->p[n - 1] != 0 ) + break; + + mpi_sub_hlp( n, B->p, X->p ); + +cleanup: + + mpi_free( &TB ); + + return( ret ); +} + +/* + * Signed addition: X = A + B + */ +int mpi_add_mpi( mpi *X, const mpi *A, const mpi *B ) +{ + int ret, s = A->s; + + if( A->s * B->s < 0 ) + { + if( mpi_cmp_abs( A, B ) >= 0 ) + { + MPI_CHK( mpi_sub_abs( X, A, B ) ); + X->s = s; + } + else + { + MPI_CHK( mpi_sub_abs( X, B, A ) ); + X->s = -s; + } + } + else + { + MPI_CHK( mpi_add_abs( X, A, B ) ); + X->s = s; + } + +cleanup: + + return( ret ); +} + +/* + * Signed substraction: X = A - B + */ +int mpi_sub_mpi( mpi *X, const mpi *A, const mpi *B ) +{ + int ret, s = A->s; + + if( A->s * B->s > 0 ) + { + if( mpi_cmp_abs( A, B ) >= 0 ) + { + MPI_CHK( mpi_sub_abs( X, A, B ) ); + X->s = s; + } + else + { + MPI_CHK( mpi_sub_abs( X, B, A ) ); + X->s = -s; + } + } + else + { + MPI_CHK( mpi_add_abs( X, A, B ) ); + X->s = s; + } + +cleanup: + + return( ret ); +} + +/* + * Signed addition: X = A + b + */ +int mpi_add_int( mpi *X, const mpi *A, t_sint b ) +{ + mpi _B; + t_uint p[1]; + + p[0] = ( b < 0 ) ? -b : b; + _B.s = ( b < 0 ) ? -1 : 1; + _B.n = 1; + _B.p = p; + + return( mpi_add_mpi( X, A, &_B ) ); +} + +/* + * Signed substraction: X = A - b + */ +int mpi_sub_int( mpi *X, const mpi *A, t_sint b ) +{ + mpi _B; + t_uint p[1]; + + p[0] = ( b < 0 ) ? -b : b; + _B.s = ( b < 0 ) ? -1 : 1; + _B.n = 1; + _B.p = p; + + return( mpi_sub_mpi( X, A, &_B ) ); +} + +/* + * Helper for mpi multiplication + */ +static void mpi_mul_hlp( size_t i, t_uint *s, t_uint *d, t_uint b ) +{ + t_uint c = 0, t = 0; + +#if defined(MULADDC_HUIT) + for( ; i >= 8; i -= 8 ) + { + MULADDC_INIT + MULADDC_HUIT + MULADDC_STOP + } + + for( ; i > 0; i-- ) + { + MULADDC_INIT + MULADDC_CORE + MULADDC_STOP + } +#else + for( ; i >= 16; i -= 16 ) + { + MULADDC_INIT + MULADDC_CORE MULADDC_CORE + MULADDC_CORE MULADDC_CORE + MULADDC_CORE MULADDC_CORE + MULADDC_CORE MULADDC_CORE + + MULADDC_CORE MULADDC_CORE + MULADDC_CORE MULADDC_CORE + MULADDC_CORE MULADDC_CORE + MULADDC_CORE MULADDC_CORE + MULADDC_STOP + } + + for( ; i >= 8; i -= 8 ) + { + MULADDC_INIT + MULADDC_CORE MULADDC_CORE + MULADDC_CORE MULADDC_CORE + + MULADDC_CORE MULADDC_CORE + MULADDC_CORE MULADDC_CORE + MULADDC_STOP + } + + for( ; i > 0; i-- ) + { + MULADDC_INIT + MULADDC_CORE + MULADDC_STOP + } +#endif + + t++; + + do { + *d += c; c = ( *d < c ); d++; + } + while( c != 0 ); +} + +/* + * Baseline multiplication: X = A * B (HAC 14.12) + */ +int mpi_mul_mpi( mpi *X, const mpi *A, const mpi *B ) +{ + int ret; + size_t i, j; + mpi TA, TB; + + mpi_init( &TA ); mpi_init( &TB ); + + if( X == A ) { MPI_CHK( mpi_copy( &TA, A ) ); A = &TA; } + if( X == B ) { MPI_CHK( mpi_copy( &TB, B ) ); B = &TB; } + + for( i = A->n; i > 0; i-- ) + if( A->p[i - 1] != 0 ) + break; + + for( j = B->n; j > 0; j-- ) + if( B->p[j - 1] != 0 ) + break; + + MPI_CHK( mpi_grow( X, i + j ) ); + MPI_CHK( mpi_lset( X, 0 ) ); + + for( i++; j > 0; j-- ) + mpi_mul_hlp( i - 1, A->p, X->p + j - 1, B->p[j - 1] ); + + X->s = A->s * B->s; + +cleanup: + + mpi_free( &TB ); mpi_free( &TA ); + + return( ret ); +} + +/* + * Baseline multiplication: X = A * b + */ +int mpi_mul_int( mpi *X, const mpi *A, t_sint b ) +{ + mpi _B; + t_uint p[1]; + + _B.s = 1; + _B.n = 1; + _B.p = p; + p[0] = b; + + return( mpi_mul_mpi( X, A, &_B ) ); +} + +/* + * Division by mpi: A = Q * B + R (HAC 14.20) + */ +int mpi_div_mpi( mpi *Q, mpi *R, const mpi *A, const mpi *B ) +{ + int ret; + size_t i, n, t, k; + mpi X, Y, Z, T1, T2; + + if( mpi_cmp_int( B, 0 ) == 0 ) + return( POLARSSL_ERR_MPI_DIVISION_BY_ZERO ); + + mpi_init( &X ); mpi_init( &Y ); mpi_init( &Z ); + mpi_init( &T1 ); mpi_init( &T2 ); + + if( mpi_cmp_abs( A, B ) < 0 ) + { + if( Q != NULL ) MPI_CHK( mpi_lset( Q, 0 ) ); + if( R != NULL ) MPI_CHK( mpi_copy( R, A ) ); + return( 0 ); + } + + MPI_CHK( mpi_copy( &X, A ) ); + MPI_CHK( mpi_copy( &Y, B ) ); + X.s = Y.s = 1; + + MPI_CHK( mpi_grow( &Z, A->n + 2 ) ); + MPI_CHK( mpi_lset( &Z, 0 ) ); + MPI_CHK( mpi_grow( &T1, 2 ) ); + MPI_CHK( mpi_grow( &T2, 3 ) ); + + k = mpi_msb( &Y ) % biL; + if( k < biL - 1 ) + { + k = biL - 1 - k; + MPI_CHK( mpi_shift_l( &X, k ) ); + MPI_CHK( mpi_shift_l( &Y, k ) ); + } + else k = 0; + + n = X.n - 1; + t = Y.n - 1; + MPI_CHK( mpi_shift_l( &Y, biL * (n - t) ) ); + + while( mpi_cmp_mpi( &X, &Y ) >= 0 ) + { + Z.p[n - t]++; + mpi_sub_mpi( &X, &X, &Y ); + } + mpi_shift_r( &Y, biL * (n - t) ); + + for( i = n; i > t ; i-- ) + { + if( X.p[i] >= Y.p[t] ) + Z.p[i - t - 1] = ~0; + else + { +#if defined(POLARSSL_HAVE_UDBL) + t_udbl r; + + r = (t_udbl) X.p[i] << biL; + r |= (t_udbl) X.p[i - 1]; + r /= Y.p[t]; + if( r > ((t_udbl) 1 << biL) - 1) + r = ((t_udbl) 1 << biL) - 1; + + Z.p[i - t - 1] = (t_uint) r; +#else + /* + * __udiv_qrnnd_c, from gmp/longlong.h + */ + t_uint q0, q1, r0, r1; + t_uint d0, d1, d, m; + + d = Y.p[t]; + d0 = ( d << biH ) >> biH; + d1 = ( d >> biH ); + + q1 = X.p[i] / d1; + r1 = X.p[i] - d1 * q1; + r1 <<= biH; + r1 |= ( X.p[i - 1] >> biH ); + + m = q1 * d0; + if( r1 < m ) + { + q1--, r1 += d; + while( r1 >= d && r1 < m ) + q1--, r1 += d; + } + r1 -= m; + + q0 = r1 / d1; + r0 = r1 - d1 * q0; + r0 <<= biH; + r0 |= ( X.p[i - 1] << biH ) >> biH; + + m = q0 * d0; + if( r0 < m ) + { + q0--, r0 += d; + while( r0 >= d && r0 < m ) + q0--, r0 += d; + } + r0 -= m; + + Z.p[i - t - 1] = ( q1 << biH ) | q0; +#endif + } + + Z.p[i - t - 1]++; + do + { + Z.p[i - t - 1]--; + + MPI_CHK( mpi_lset( &T1, 0 ) ); + T1.p[0] = (t < 1) ? 0 : Y.p[t - 1]; + T1.p[1] = Y.p[t]; + MPI_CHK( mpi_mul_int( &T1, &T1, Z.p[i - t - 1] ) ); + + MPI_CHK( mpi_lset( &T2, 0 ) ); + T2.p[0] = (i < 2) ? 0 : X.p[i - 2]; + T2.p[1] = (i < 1) ? 0 : X.p[i - 1]; + T2.p[2] = X.p[i]; + } + while( mpi_cmp_mpi( &T1, &T2 ) > 0 ); + + MPI_CHK( mpi_mul_int( &T1, &Y, Z.p[i - t - 1] ) ); + MPI_CHK( mpi_shift_l( &T1, biL * (i - t - 1) ) ); + MPI_CHK( mpi_sub_mpi( &X, &X, &T1 ) ); + + if( mpi_cmp_int( &X, 0 ) < 0 ) + { + MPI_CHK( mpi_copy( &T1, &Y ) ); + MPI_CHK( mpi_shift_l( &T1, biL * (i - t - 1) ) ); + MPI_CHK( mpi_add_mpi( &X, &X, &T1 ) ); + Z.p[i - t - 1]--; + } + } + + if( Q != NULL ) + { + mpi_copy( Q, &Z ); + Q->s = A->s * B->s; + } + + if( R != NULL ) + { + mpi_shift_r( &X, k ); + X.s = A->s; + mpi_copy( R, &X ); + + if( mpi_cmp_int( R, 0 ) == 0 ) + R->s = 1; + } + +cleanup: + + mpi_free( &X ); mpi_free( &Y ); mpi_free( &Z ); + mpi_free( &T1 ); mpi_free( &T2 ); + + return( ret ); +} + +/* + * Division by int: A = Q * b + R + */ +int mpi_div_int( mpi *Q, mpi *R, const mpi *A, t_sint b ) +{ + mpi _B; + t_uint p[1]; + + p[0] = ( b < 0 ) ? -b : b; + _B.s = ( b < 0 ) ? -1 : 1; + _B.n = 1; + _B.p = p; + + return( mpi_div_mpi( Q, R, A, &_B ) ); +} + +/* + * Modulo: R = A mod B + */ +int mpi_mod_mpi( mpi *R, const mpi *A, const mpi *B ) +{ + int ret; + + if( mpi_cmp_int( B, 0 ) < 0 ) + return POLARSSL_ERR_MPI_NEGATIVE_VALUE; + + MPI_CHK( mpi_div_mpi( NULL, R, A, B ) ); + + while( mpi_cmp_int( R, 0 ) < 0 ) + MPI_CHK( mpi_add_mpi( R, R, B ) ); + + while( mpi_cmp_mpi( R, B ) >= 0 ) + MPI_CHK( mpi_sub_mpi( R, R, B ) ); + +cleanup: + + return( ret ); +} + +/* + * Modulo: r = A mod b + */ +int mpi_mod_int( t_uint *r, const mpi *A, t_sint b ) +{ + size_t i; + t_uint x, y, z; + + if( b == 0 ) + return( POLARSSL_ERR_MPI_DIVISION_BY_ZERO ); + + if( b < 0 ) + return POLARSSL_ERR_MPI_NEGATIVE_VALUE; + + /* + * handle trivial cases + */ + if( b == 1 ) + { + *r = 0; + return( 0 ); + } + + if( b == 2 ) + { + *r = A->p[0] & 1; + return( 0 ); + } + + /* + * general case + */ + for( i = A->n, y = 0; i > 0; i-- ) + { + x = A->p[i - 1]; + y = ( y << biH ) | ( x >> biH ); + z = y / b; + y -= z * b; + + x <<= biH; + y = ( y << biH ) | ( x >> biH ); + z = y / b; + y -= z * b; + } + + /* + * If A is negative, then the current y represents a negative value. + * Flipping it to the positive side. + */ + if( A->s < 0 && y != 0 ) + y = b - y; + + *r = y; + + return( 0 ); +} + +/* + * Fast Montgomery initialization (thanks to Tom St Denis) + */ +static void mpi_montg_init( t_uint *mm, const mpi *N ) +{ + t_uint x, m0 = N->p[0]; + + x = m0; + x += ( ( m0 + 2 ) & 4 ) << 1; + x *= ( 2 - ( m0 * x ) ); + + if( biL >= 16 ) x *= ( 2 - ( m0 * x ) ); + if( biL >= 32 ) x *= ( 2 - ( m0 * x ) ); + if( biL >= 64 ) x *= ( 2 - ( m0 * x ) ); + + *mm = ~x + 1; +} + +/* + * Montgomery multiplication: A = A * B * R^-1 mod N (HAC 14.36) + */ +static void mpi_montmul( mpi *A, const mpi *B, const mpi *N, t_uint mm, const mpi *T ) +{ + size_t i, n, m; + t_uint u0, u1, *d; + + memset( T->p, 0, T->n * ciL ); + + d = T->p; + n = N->n; + m = ( B->n < n ) ? B->n : n; + + for( i = 0; i < n; i++ ) + { + /* + * T = (T + u0*B + u1*N) / 2^biL + */ + u0 = A->p[i]; + u1 = ( d[0] + u0 * B->p[0] ) * mm; + + mpi_mul_hlp( m, B->p, d, u0 ); + mpi_mul_hlp( n, N->p, d, u1 ); + + *d++ = u0; d[n + 1] = 0; + } + + memcpy( A->p, d, (n + 1) * ciL ); + + if( mpi_cmp_abs( A, N ) >= 0 ) + mpi_sub_hlp( n, N->p, A->p ); + else + /* prevent timing attacks */ + mpi_sub_hlp( n, A->p, T->p ); +} + +/* + * Montgomery reduction: A = A * R^-1 mod N + */ +static void mpi_montred( mpi *A, const mpi *N, t_uint mm, const mpi *T ) +{ + t_uint z = 1; + mpi U; + + U.n = U.s = (int) z; + U.p = &z; + + mpi_montmul( A, &U, N, mm, T ); +} + +/* + * Sliding-window exponentiation: X = A^E mod N (HAC 14.85) + */ +int mpi_exp_mod( mpi *X, const mpi *A, const mpi *E, const mpi *N, mpi *_RR ) +{ + int ret; + size_t wbits, wsize, one = 1; + size_t i, j, nblimbs; + size_t bufsize, nbits; + t_uint ei, mm, state; + mpi RR, T, W[ 2 << POLARSSL_MPI_WINDOW_SIZE ], Apos; + int neg; + + if( mpi_cmp_int( N, 0 ) < 0 || ( N->p[0] & 1 ) == 0 ) + return( POLARSSL_ERR_MPI_BAD_INPUT_DATA ); + + if( mpi_cmp_int( E, 0 ) < 0 ) + return( POLARSSL_ERR_MPI_BAD_INPUT_DATA ); + + /* + * Init temps and window size + */ + mpi_montg_init( &mm, N ); + mpi_init( &RR ); mpi_init( &T ); + memset( W, 0, sizeof( W ) ); + + i = mpi_msb( E ); + + wsize = ( i > 671 ) ? 6 : ( i > 239 ) ? 5 : + ( i > 79 ) ? 4 : ( i > 23 ) ? 3 : 1; + + if( wsize > POLARSSL_MPI_WINDOW_SIZE ) + wsize = POLARSSL_MPI_WINDOW_SIZE; + + j = N->n + 1; + MPI_CHK( mpi_grow( X, j ) ); + MPI_CHK( mpi_grow( &W[1], j ) ); + MPI_CHK( mpi_grow( &T, j * 2 ) ); + + /* + * Compensate for negative A (and correct at the end) + */ + neg = ( A->s == -1 ); + + mpi_init( &Apos ); + if( neg ) + { + MPI_CHK( mpi_copy( &Apos, A ) ); + Apos.s = 1; + A = &Apos; + } + + /* + * If 1st call, pre-compute R^2 mod N + */ + if( _RR == NULL || _RR->p == NULL ) + { + MPI_CHK( mpi_lset( &RR, 1 ) ); + MPI_CHK( mpi_shift_l( &RR, N->n * 2 * biL ) ); + MPI_CHK( mpi_mod_mpi( &RR, &RR, N ) ); + + if( _RR != NULL ) + memcpy( _RR, &RR, sizeof( mpi ) ); + } + else + memcpy( &RR, _RR, sizeof( mpi ) ); + + /* + * W[1] = A * R^2 * R^-1 mod N = A * R mod N + */ + if( mpi_cmp_mpi( A, N ) >= 0 ) + mpi_mod_mpi( &W[1], A, N ); + else mpi_copy( &W[1], A ); + + mpi_montmul( &W[1], &RR, N, mm, &T ); + + /* + * X = R^2 * R^-1 mod N = R mod N + */ + MPI_CHK( mpi_copy( X, &RR ) ); + mpi_montred( X, N, mm, &T ); + + if( wsize > 1 ) + { + /* + * W[1 << (wsize - 1)] = W[1] ^ (wsize - 1) + */ + j = one << (wsize - 1); + + MPI_CHK( mpi_grow( &W[j], N->n + 1 ) ); + MPI_CHK( mpi_copy( &W[j], &W[1] ) ); + + for( i = 0; i < wsize - 1; i++ ) + mpi_montmul( &W[j], &W[j], N, mm, &T ); + + /* + * W[i] = W[i - 1] * W[1] + */ + for( i = j + 1; i < (one << wsize); i++ ) + { + MPI_CHK( mpi_grow( &W[i], N->n + 1 ) ); + MPI_CHK( mpi_copy( &W[i], &W[i - 1] ) ); + + mpi_montmul( &W[i], &W[1], N, mm, &T ); + } + } + + nblimbs = E->n; + bufsize = 0; + nbits = 0; + wbits = 0; + state = 0; + + while( 1 ) + { + if( bufsize == 0 ) + { + if( nblimbs-- == 0 ) + break; + + bufsize = sizeof( t_uint ) << 3; + } + + bufsize--; + + ei = (E->p[nblimbs] >> bufsize) & 1; + + /* + * skip leading 0s + */ + if( ei == 0 && state == 0 ) + continue; + + if( ei == 0 && state == 1 ) + { + /* + * out of window, square X + */ + mpi_montmul( X, X, N, mm, &T ); + continue; + } + + /* + * add ei to current window + */ + state = 2; + + nbits++; + wbits |= (ei << (wsize - nbits)); + + if( nbits == wsize ) + { + /* + * X = X^wsize R^-1 mod N + */ + for( i = 0; i < wsize; i++ ) + mpi_montmul( X, X, N, mm, &T ); + + /* + * X = X * W[wbits] R^-1 mod N + */ + mpi_montmul( X, &W[wbits], N, mm, &T ); + + state--; + nbits = 0; + wbits = 0; + } + } + + /* + * process the remaining bits + */ + for( i = 0; i < nbits; i++ ) + { + mpi_montmul( X, X, N, mm, &T ); + + wbits <<= 1; + + if( (wbits & (one << wsize)) != 0 ) + mpi_montmul( X, &W[1], N, mm, &T ); + } + + /* + * X = A^E * R * R^-1 mod N = A^E mod N + */ + mpi_montred( X, N, mm, &T ); + + if( neg ) + { + X->s = -1; + mpi_add_mpi( X, N, X ); + } + +cleanup: + + for( i = (one << (wsize - 1)); i < (one << wsize); i++ ) + mpi_free( &W[i] ); + + mpi_free( &W[1] ); mpi_free( &T ); mpi_free( &Apos ); + + if( _RR == NULL ) + mpi_free( &RR ); + + return( ret ); +} + +/* + * Greatest common divisor: G = gcd(A, B) (HAC 14.54) + */ +int mpi_gcd( mpi *G, const mpi *A, const mpi *B ) +{ + int ret; + size_t lz, lzt; + mpi TG, TA, TB; + + mpi_init( &TG ); mpi_init( &TA ); mpi_init( &TB ); + + MPI_CHK( mpi_copy( &TA, A ) ); + MPI_CHK( mpi_copy( &TB, B ) ); + + lz = mpi_lsb( &TA ); + lzt = mpi_lsb( &TB ); + + if ( lzt < lz ) + lz = lzt; + + MPI_CHK( mpi_shift_r( &TA, lz ) ); + MPI_CHK( mpi_shift_r( &TB, lz ) ); + + TA.s = TB.s = 1; + + while( mpi_cmp_int( &TA, 0 ) != 0 ) + { + MPI_CHK( mpi_shift_r( &TA, mpi_lsb( &TA ) ) ); + MPI_CHK( mpi_shift_r( &TB, mpi_lsb( &TB ) ) ); + + if( mpi_cmp_mpi( &TA, &TB ) >= 0 ) + { + MPI_CHK( mpi_sub_abs( &TA, &TA, &TB ) ); + MPI_CHK( mpi_shift_r( &TA, 1 ) ); + } + else + { + MPI_CHK( mpi_sub_abs( &TB, &TB, &TA ) ); + MPI_CHK( mpi_shift_r( &TB, 1 ) ); + } + } + + MPI_CHK( mpi_shift_l( &TB, lz ) ); + MPI_CHK( mpi_copy( G, &TB ) ); + +cleanup: + + mpi_free( &TG ); mpi_free( &TA ); mpi_free( &TB ); + + return( ret ); +} + +int mpi_fill_random( mpi *X, size_t size, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ) +{ + int ret; + + MPI_CHK( mpi_grow( X, CHARS_TO_LIMBS( size ) ) ); + MPI_CHK( mpi_lset( X, 0 ) ); + + MPI_CHK( f_rng( p_rng, (unsigned char *) X->p, size ) ); + +cleanup: + return( ret ); +} + +/* + * Modular inverse: X = A^-1 mod N (HAC 14.61 / 14.64) + */ +int mpi_inv_mod( mpi *X, const mpi *A, const mpi *N ) +{ + int ret; + mpi G, TA, TU, U1, U2, TB, TV, V1, V2; + + if( mpi_cmp_int( N, 0 ) <= 0 ) + return( POLARSSL_ERR_MPI_BAD_INPUT_DATA ); + + mpi_init( &TA ); mpi_init( &TU ); mpi_init( &U1 ); mpi_init( &U2 ); + mpi_init( &G ); mpi_init( &TB ); mpi_init( &TV ); + mpi_init( &V1 ); mpi_init( &V2 ); + + MPI_CHK( mpi_gcd( &G, A, N ) ); + + if( mpi_cmp_int( &G, 1 ) != 0 ) + { + ret = POLARSSL_ERR_MPI_NOT_ACCEPTABLE; + goto cleanup; + } + + MPI_CHK( mpi_mod_mpi( &TA, A, N ) ); + MPI_CHK( mpi_copy( &TU, &TA ) ); + MPI_CHK( mpi_copy( &TB, N ) ); + MPI_CHK( mpi_copy( &TV, N ) ); + + MPI_CHK( mpi_lset( &U1, 1 ) ); + MPI_CHK( mpi_lset( &U2, 0 ) ); + MPI_CHK( mpi_lset( &V1, 0 ) ); + MPI_CHK( mpi_lset( &V2, 1 ) ); + + do + { + while( ( TU.p[0] & 1 ) == 0 ) + { + MPI_CHK( mpi_shift_r( &TU, 1 ) ); + + if( ( U1.p[0] & 1 ) != 0 || ( U2.p[0] & 1 ) != 0 ) + { + MPI_CHK( mpi_add_mpi( &U1, &U1, &TB ) ); + MPI_CHK( mpi_sub_mpi( &U2, &U2, &TA ) ); + } + + MPI_CHK( mpi_shift_r( &U1, 1 ) ); + MPI_CHK( mpi_shift_r( &U2, 1 ) ); + } + + while( ( TV.p[0] & 1 ) == 0 ) + { + MPI_CHK( mpi_shift_r( &TV, 1 ) ); + + if( ( V1.p[0] & 1 ) != 0 || ( V2.p[0] & 1 ) != 0 ) + { + MPI_CHK( mpi_add_mpi( &V1, &V1, &TB ) ); + MPI_CHK( mpi_sub_mpi( &V2, &V2, &TA ) ); + } + + MPI_CHK( mpi_shift_r( &V1, 1 ) ); + MPI_CHK( mpi_shift_r( &V2, 1 ) ); + } + + if( mpi_cmp_mpi( &TU, &TV ) >= 0 ) + { + MPI_CHK( mpi_sub_mpi( &TU, &TU, &TV ) ); + MPI_CHK( mpi_sub_mpi( &U1, &U1, &V1 ) ); + MPI_CHK( mpi_sub_mpi( &U2, &U2, &V2 ) ); + } + else + { + MPI_CHK( mpi_sub_mpi( &TV, &TV, &TU ) ); + MPI_CHK( mpi_sub_mpi( &V1, &V1, &U1 ) ); + MPI_CHK( mpi_sub_mpi( &V2, &V2, &U2 ) ); + } + } + while( mpi_cmp_int( &TU, 0 ) != 0 ); + + while( mpi_cmp_int( &V1, 0 ) < 0 ) + MPI_CHK( mpi_add_mpi( &V1, &V1, N ) ); + + while( mpi_cmp_mpi( &V1, N ) >= 0 ) + MPI_CHK( mpi_sub_mpi( &V1, &V1, N ) ); + + MPI_CHK( mpi_copy( X, &V1 ) ); + +cleanup: + + mpi_free( &TA ); mpi_free( &TU ); mpi_free( &U1 ); mpi_free( &U2 ); + mpi_free( &G ); mpi_free( &TB ); mpi_free( &TV ); + mpi_free( &V1 ); mpi_free( &V2 ); + + return( ret ); +} + +#if defined(POLARSSL_GENPRIME) + +static const int small_prime[] = +{ + 3, 5, 7, 11, 13, 17, 19, 23, + 29, 31, 37, 41, 43, 47, 53, 59, + 61, 67, 71, 73, 79, 83, 89, 97, + 101, 103, 107, 109, 113, 127, 131, 137, + 139, 149, 151, 157, 163, 167, 173, 179, + 181, 191, 193, 197, 199, 211, 223, 227, + 229, 233, 239, 241, 251, 257, 263, 269, + 271, 277, 281, 283, 293, 307, 311, 313, + 317, 331, 337, 347, 349, 353, 359, 367, + 373, 379, 383, 389, 397, 401, 409, 419, + 421, 431, 433, 439, 443, 449, 457, 461, + 463, 467, 479, 487, 491, 499, 503, 509, + 521, 523, 541, 547, 557, 563, 569, 571, + 577, 587, 593, 599, 601, 607, 613, 617, + 619, 631, 641, 643, 647, 653, 659, 661, + 673, 677, 683, 691, 701, 709, 719, 727, + 733, 739, 743, 751, 757, 761, 769, 773, + 787, 797, 809, 811, 821, 823, 827, 829, + 839, 853, 857, 859, 863, 877, 881, 883, + 887, 907, 911, 919, 929, 937, 941, 947, + 953, 967, 971, 977, 983, 991, 997, -103 +}; + +/* + * Miller-Rabin primality test (HAC 4.24) + */ +int mpi_is_prime( mpi *X, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ) +{ + int ret, xs; + size_t i, j, n, s; + mpi W, R, T, A, RR; + + if( mpi_cmp_int( X, 0 ) == 0 || + mpi_cmp_int( X, 1 ) == 0 ) + return( POLARSSL_ERR_MPI_NOT_ACCEPTABLE ); + + if( mpi_cmp_int( X, 2 ) == 0 ) + return( 0 ); + + mpi_init( &W ); mpi_init( &R ); mpi_init( &T ); mpi_init( &A ); + mpi_init( &RR ); + + xs = X->s; X->s = 1; + + /* + * test trivial factors first + */ + if( ( X->p[0] & 1 ) == 0 ) + return( POLARSSL_ERR_MPI_NOT_ACCEPTABLE ); + + for( i = 0; small_prime[i] > 0; i++ ) + { + t_uint r; + + if( mpi_cmp_int( X, small_prime[i] ) <= 0 ) + return( 0 ); + + MPI_CHK( mpi_mod_int( &r, X, small_prime[i] ) ); + + if( r == 0 ) + return( POLARSSL_ERR_MPI_NOT_ACCEPTABLE ); + } + + /* + * W = |X| - 1 + * R = W >> lsb( W ) + */ + MPI_CHK( mpi_sub_int( &W, X, 1 ) ); + s = mpi_lsb( &W ); + MPI_CHK( mpi_copy( &R, &W ) ); + MPI_CHK( mpi_shift_r( &R, s ) ); + + i = mpi_msb( X ); + /* + * HAC, table 4.4 + */ + n = ( ( i >= 1300 ) ? 2 : ( i >= 850 ) ? 3 : + ( i >= 650 ) ? 4 : ( i >= 350 ) ? 8 : + ( i >= 250 ) ? 12 : ( i >= 150 ) ? 18 : 27 ); + + for( i = 0; i < n; i++ ) + { + /* + * pick a random A, 1 < A < |X| - 1 + */ + MPI_CHK( mpi_fill_random( &A, X->n * ciL, f_rng, p_rng ) ); + + if( mpi_cmp_mpi( &A, &W ) >= 0 ) + { + j = mpi_msb( &A ) - mpi_msb( &W ); + MPI_CHK( mpi_shift_r( &A, j + 1 ) ); + } + A.p[0] |= 3; + + /* + * A = A^R mod |X| + */ + MPI_CHK( mpi_exp_mod( &A, &A, &R, X, &RR ) ); + + if( mpi_cmp_mpi( &A, &W ) == 0 || + mpi_cmp_int( &A, 1 ) == 0 ) + continue; + + j = 1; + while( j < s && mpi_cmp_mpi( &A, &W ) != 0 ) + { + /* + * A = A * A mod |X| + */ + MPI_CHK( mpi_mul_mpi( &T, &A, &A ) ); + MPI_CHK( mpi_mod_mpi( &A, &T, X ) ); + + if( mpi_cmp_int( &A, 1 ) == 0 ) + break; + + j++; + } + + /* + * not prime if A != |X| - 1 or A == 1 + */ + if( mpi_cmp_mpi( &A, &W ) != 0 || + mpi_cmp_int( &A, 1 ) == 0 ) + { + ret = POLARSSL_ERR_MPI_NOT_ACCEPTABLE; + break; + } + } + +cleanup: + + X->s = xs; + + mpi_free( &W ); mpi_free( &R ); mpi_free( &T ); mpi_free( &A ); + mpi_free( &RR ); + + return( ret ); +} + +/* + * Prime number generation + */ +int mpi_gen_prime( mpi *X, size_t nbits, int dh_flag, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ) +{ + int ret; + size_t k, n; + mpi Y; + + if( nbits < 3 || nbits > POLARSSL_MPI_MAX_BITS ) + return( POLARSSL_ERR_MPI_BAD_INPUT_DATA ); + + mpi_init( &Y ); + + n = BITS_TO_LIMBS( nbits ); + + MPI_CHK( mpi_fill_random( X, n * ciL, f_rng, p_rng ) ); + + k = mpi_msb( X ); + if( k < nbits ) MPI_CHK( mpi_shift_l( X, nbits - k ) ); + if( k > nbits ) MPI_CHK( mpi_shift_r( X, k - nbits ) ); + + X->p[0] |= 3; + + if( dh_flag == 0 ) + { + while( ( ret = mpi_is_prime( X, f_rng, p_rng ) ) != 0 ) + { + if( ret != POLARSSL_ERR_MPI_NOT_ACCEPTABLE ) + goto cleanup; + + MPI_CHK( mpi_add_int( X, X, 2 ) ); + } + } + else + { + MPI_CHK( mpi_sub_int( &Y, X, 1 ) ); + MPI_CHK( mpi_shift_r( &Y, 1 ) ); + + while( 1 ) + { + if( ( ret = mpi_is_prime( X, f_rng, p_rng ) ) == 0 ) + { + if( ( ret = mpi_is_prime( &Y, f_rng, p_rng ) ) == 0 ) + break; + + if( ret != POLARSSL_ERR_MPI_NOT_ACCEPTABLE ) + goto cleanup; + } + + if( ret != POLARSSL_ERR_MPI_NOT_ACCEPTABLE ) + goto cleanup; + + MPI_CHK( mpi_add_int( &Y, X, 1 ) ); + MPI_CHK( mpi_add_int( X, X, 2 ) ); + MPI_CHK( mpi_shift_r( &Y, 1 ) ); + } + } + +cleanup: + + mpi_free( &Y ); + + return( ret ); +} + +#endif + +#if defined(POLARSSL_SELF_TEST) + +#define GCD_PAIR_COUNT 3 + +static const int gcd_pairs[GCD_PAIR_COUNT][3] = +{ + { 693, 609, 21 }, + { 1764, 868, 28 }, + { 768454923, 542167814, 1 } +}; + +/* + * Checkup routine + */ +int mpi_self_test( int verbose ) +{ + int ret, i; + mpi A, E, N, X, Y, U, V; + + mpi_init( &A ); mpi_init( &E ); mpi_init( &N ); mpi_init( &X ); + mpi_init( &Y ); mpi_init( &U ); mpi_init( &V ); + + MPI_CHK( mpi_read_string( &A, 16, + "EFE021C2645FD1DC586E69184AF4A31E" \ + "D5F53E93B5F123FA41680867BA110131" \ + "944FE7952E2517337780CB0DB80E61AA" \ + "E7C8DDC6C5C6AADEB34EB38A2F40D5E6" ) ); + + MPI_CHK( mpi_read_string( &E, 16, + "B2E7EFD37075B9F03FF989C7C5051C20" \ + "34D2A323810251127E7BF8625A4F49A5" \ + "F3E27F4DA8BD59C47D6DAABA4C8127BD" \ + "5B5C25763222FEFCCFC38B832366C29E" ) ); + + MPI_CHK( mpi_read_string( &N, 16, + "0066A198186C18C10B2F5ED9B522752A" \ + "9830B69916E535C8F047518A889A43A5" \ + "94B6BED27A168D31D4A52F88925AA8F5" ) ); + + MPI_CHK( mpi_mul_mpi( &X, &A, &N ) ); + + MPI_CHK( mpi_read_string( &U, 16, + "602AB7ECA597A3D6B56FF9829A5E8B85" \ + "9E857EA95A03512E2BAE7391688D264A" \ + "A5663B0341DB9CCFD2C4C5F421FEC814" \ + "8001B72E848A38CAE1C65F78E56ABDEF" \ + "E12D3C039B8A02D6BE593F0BBBDA56F1" \ + "ECF677152EF804370C1A305CAF3B5BF1" \ + "30879B56C61DE584A0F53A2447A51E" ) ); + + if( verbose != 0 ) + printf( " MPI test #1 (mul_mpi): " ); + + if( mpi_cmp_mpi( &X, &U ) != 0 ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( 1 ); + } + + if( verbose != 0 ) + printf( "passed\n" ); + + MPI_CHK( mpi_div_mpi( &X, &Y, &A, &N ) ); + + MPI_CHK( mpi_read_string( &U, 16, + "256567336059E52CAE22925474705F39A94" ) ); + + MPI_CHK( mpi_read_string( &V, 16, + "6613F26162223DF488E9CD48CC132C7A" \ + "0AC93C701B001B092E4E5B9F73BCD27B" \ + "9EE50D0657C77F374E903CDFA4C642" ) ); + + if( verbose != 0 ) + printf( " MPI test #2 (div_mpi): " ); + + if( mpi_cmp_mpi( &X, &U ) != 0 || + mpi_cmp_mpi( &Y, &V ) != 0 ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( 1 ); + } + + if( verbose != 0 ) + printf( "passed\n" ); + + MPI_CHK( mpi_exp_mod( &X, &A, &E, &N, NULL ) ); + + MPI_CHK( mpi_read_string( &U, 16, + "36E139AEA55215609D2816998ED020BB" \ + "BD96C37890F65171D948E9BC7CBAA4D9" \ + "325D24D6A3C12710F10A09FA08AB87" ) ); + + if( verbose != 0 ) + printf( " MPI test #3 (exp_mod): " ); + + if( mpi_cmp_mpi( &X, &U ) != 0 ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( 1 ); + } + + if( verbose != 0 ) + printf( "passed\n" ); + +#if defined(POLARSSL_GENPRIME) + MPI_CHK( mpi_inv_mod( &X, &A, &N ) ); + + MPI_CHK( mpi_read_string( &U, 16, + "003A0AAEDD7E784FC07D8F9EC6E3BFD5" \ + "C3DBA76456363A10869622EAC2DD84EC" \ + "C5B8A74DAC4D09E03B5E0BE779F2DF61" ) ); + + if( verbose != 0 ) + printf( " MPI test #4 (inv_mod): " ); + + if( mpi_cmp_mpi( &X, &U ) != 0 ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( 1 ); + } + + if( verbose != 0 ) + printf( "passed\n" ); +#endif + + if( verbose != 0 ) + printf( " MPI test #5 (simple gcd): " ); + + for ( i = 0; i < GCD_PAIR_COUNT; i++) + { + MPI_CHK( mpi_lset( &X, gcd_pairs[i][0] ) ); + MPI_CHK( mpi_lset( &Y, gcd_pairs[i][1] ) ); + + MPI_CHK( mpi_gcd( &A, &X, &Y ) ); + + if( mpi_cmp_int( &A, gcd_pairs[i][2] ) != 0 ) + { + if( verbose != 0 ) + printf( "failed at %d\n", i ); + + return( 1 ); + } + } + + if( verbose != 0 ) + printf( "passed\n" ); + +cleanup: + + if( ret != 0 && verbose != 0 ) + printf( "Unexpected error, return code = %08X\n", ret ); + + mpi_free( &A ); mpi_free( &E ); mpi_free( &N ); mpi_free( &X ); + mpi_free( &Y ); mpi_free( &U ); mpi_free( &V ); + + if( verbose != 0 ) + printf( "\n" ); + + return( ret ); +} + +#endif + +#endif diff --git a/polarssl/bignum.h b/polarssl/bignum.h new file mode 100644 index 0000000..ad06b57 --- /dev/null +++ b/polarssl/bignum.h @@ -0,0 +1,685 @@ +/** + * \file bignum.h + * + * \brief Multi-precision integer library + * + * Copyright (C) 2006-2013, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef POLARSSL_BIGNUM_H +#define POLARSSL_BIGNUM_H + +#include +#include + +#include "polarssl/config.h" + +#ifdef _MSC_VER +#include +#if (_MSC_VER <= 1200) +typedef signed short int16_t; +typedef unsigned short uint16_t; +#else +typedef INT16 int16_t; +typedef UINT16 uint16_t; +#endif +typedef INT32 int32_t; +typedef INT64 int64_t; +typedef UINT32 uint32_t; +typedef UINT64 uint64_t; +#else +#include +#endif + +#define POLARSSL_ERR_MPI_FILE_IO_ERROR -0x0002 /**< An error occurred while reading from or writing to a file. */ +#define POLARSSL_ERR_MPI_BAD_INPUT_DATA -0x0004 /**< Bad input parameters to function. */ +#define POLARSSL_ERR_MPI_INVALID_CHARACTER -0x0006 /**< There is an invalid character in the digit string. */ +#define POLARSSL_ERR_MPI_BUFFER_TOO_SMALL -0x0008 /**< The buffer is too small to write to. */ +#define POLARSSL_ERR_MPI_NEGATIVE_VALUE -0x000A /**< The input arguments are negative or result in illegal output. */ +#define POLARSSL_ERR_MPI_DIVISION_BY_ZERO -0x000C /**< The input argument for division is zero, which is not allowed. */ +#define POLARSSL_ERR_MPI_NOT_ACCEPTABLE -0x000E /**< The input arguments are not acceptable. */ +#define POLARSSL_ERR_MPI_MALLOC_FAILED -0x0010 /**< Memory allocation failed. */ + +#define MPI_CHK(f) if( ( ret = f ) != 0 ) goto cleanup + +/* + * Maximum size MPIs are allowed to grow to in number of limbs. + */ +#define POLARSSL_MPI_MAX_LIMBS 10000 + +#if !defined(POLARSSL_CONFIG_OPTIONS) +/* + * Maximum window size used for modular exponentiation. Default: 6 + * Minimum value: 1. Maximum value: 6. + * + * Result is an array of ( 2 << POLARSSL_MPI_WINDOW_SIZE ) MPIs used + * for the sliding window calculation. (So 64 by default) + * + * Reduction in size, reduces speed. + */ +#define POLARSSL_MPI_WINDOW_SIZE 6 /**< Maximum windows size used. */ + +/* + * Maximum size of MPIs allowed in bits and bytes for user-MPIs. + * ( Default: 512 bytes => 4096 bits, Maximum tested: 2048 bytes => 16384 bits ) + * + * Note: Calculations can results temporarily in larger MPIs. So the number + * of limbs required (POLARSSL_MPI_MAX_LIMBS) is higher. + */ +#define POLARSSL_MPI_MAX_SIZE 512 /**< Maximum number of bytes for usable MPIs. */ + +#endif /* !POLARSSL_CONFIG_OPTIONS */ + +#define POLARSSL_MPI_MAX_BITS ( 8 * POLARSSL_MPI_MAX_SIZE ) /**< Maximum number of bits for usable MPIs. */ + +/* + * When reading from files with mpi_read_file() and writing to files with + * mpi_write_file() the buffer should have space + * for a (short) label, the MPI (in the provided radix), the newline + * characters and the '\0'. + * + * By default we assume at least a 10 char label, a minimum radix of 10 + * (decimal) and a maximum of 4096 bit numbers (1234 decimal chars). + * Autosized at compile time for at least a 10 char label, a minimum radix + * of 10 (decimal) for a number of POLARSSL_MPI_MAX_BITS size. + * + * This used to be statically sized to 1250 for a maximum of 4096 bit + * numbers (1234 decimal chars). + * + * Calculate using the formula: + * POLARSSL_MPI_RW_BUFFER_SIZE = ceil(POLARSSL_MPI_MAX_BITS / ln(10) * ln(2)) + + * LabelSize + 6 + */ +#define POLARSSL_MPI_MAX_BITS_SCALE100 ( 100 * POLARSSL_MPI_MAX_BITS ) +#define LN_2_DIV_LN_10_SCALE100 332 +#define POLARSSL_MPI_RW_BUFFER_SIZE ( ((POLARSSL_MPI_MAX_BITS_SCALE100 + LN_2_DIV_LN_10_SCALE100 - 1) / LN_2_DIV_LN_10_SCALE100) + 10 + 6 ) + +/* + * Define the base integer type, architecture-wise + */ +#if defined(POLARSSL_HAVE_INT8) +typedef signed char t_sint; +typedef unsigned char t_uint; +typedef uint16_t t_udbl; +#define POLARSSL_HAVE_UDBL +#else +#if defined(POLARSSL_HAVE_INT16) +typedef int16_t t_sint; +typedef uint16_t t_uint; +typedef uint32_t t_udbl; +#define POLARSSL_HAVE_UDBL +#else + #if ( defined(_MSC_VER) && defined(_M_AMD64) ) + typedef int64_t t_sint; + typedef uint64_t t_uint; + #else + #if ( defined(__GNUC__) && ( \ + defined(__amd64__) || defined(__x86_64__) || \ + defined(__ppc64__) || defined(__powerpc64__) || \ + defined(__ia64__) || defined(__alpha__) || \ + (defined(__sparc__) && defined(__arch64__)) || \ + defined(__s390x__) ) ) + typedef int64_t t_sint; + typedef uint64_t t_uint; + typedef unsigned int t_udbl __attribute__((mode(TI))); + #define POLARSSL_HAVE_UDBL + #else + typedef int32_t t_sint; + typedef uint32_t t_uint; + #if ( defined(_MSC_VER) && defined(_M_IX86) ) + typedef uint64_t t_udbl; + #define POLARSSL_HAVE_UDBL + #else + #if defined( POLARSSL_HAVE_LONGLONG ) + typedef unsigned long long t_udbl; + #define POLARSSL_HAVE_UDBL + #endif + #endif + #endif + #endif +#endif /* POLARSSL_HAVE_INT16 */ +#endif /* POLARSSL_HAVE_INT8 */ + +/** + * \brief MPI structure + */ +typedef struct +{ + int s; /*!< integer sign */ + size_t n; /*!< total # of limbs */ + t_uint *p; /*!< pointer to limbs */ +} +mpi; + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief Initialize one MPI + * + * \param X One MPI to initialize. + */ +void mpi_init( mpi *X ); + +/** + * \brief Unallocate one MPI + * + * \param X One MPI to unallocate. + */ +void mpi_free( mpi *X ); + +/** + * \brief Enlarge to the specified number of limbs + * + * \param X MPI to grow + * \param nblimbs The target number of limbs + * + * \return 0 if successful, + * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed + */ +int mpi_grow( mpi *X, size_t nblimbs ); + +/** + * \brief Copy the contents of Y into X + * + * \param X Destination MPI + * \param Y Source MPI + * + * \return 0 if successful, + * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed + */ +int mpi_copy( mpi *X, const mpi *Y ); + +/** + * \brief Swap the contents of X and Y + * + * \param X First MPI value + * \param Y Second MPI value + */ +void mpi_swap( mpi *X, mpi *Y ); + +/** + * \brief Set value from integer + * + * \param X MPI to set + * \param z Value to use + * + * \return 0 if successful, + * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed + */ +int mpi_lset( mpi *X, t_sint z ); + +/** + * \brief Get a specific bit from X + * + * \param X MPI to use + * \param pos Zero-based index of the bit in X + * + * \return Either a 0 or a 1 + */ +int mpi_get_bit( const mpi *X, size_t pos ); + +/** + * \brief Set a bit of X to a specific value of 0 or 1 + * + * \note Will grow X if necessary to set a bit to 1 in a not yet + * existing limb. Will not grow if bit should be set to 0 + * + * \param X MPI to use + * \param pos Zero-based index of the bit in X + * \param val The value to set the bit to (0 or 1) + * + * \return 0 if successful, + * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed, + * POLARSSL_ERR_MPI_BAD_INPUT_DATA if val is not 0 or 1 + */ +int mpi_set_bit( mpi *X, size_t pos, unsigned char val ); + +/** + * \brief Return the number of zero-bits before the least significant + * '1' bit + * + * Note: Thus also the zero-based index of the least significant '1' bit + * + * \param X MPI to use + */ +size_t mpi_lsb( const mpi *X ); + +/** + * \brief Return the number of bits up to and including the most + * significant '1' bit' + * + * Note: Thus also the one-based index of the most significant '1' bit + * + * \param X MPI to use + */ +size_t mpi_msb( const mpi *X ); + +/** + * \brief Return the total size in bytes + * + * \param X MPI to use + */ +size_t mpi_size( const mpi *X ); + +/** + * \brief Import from an ASCII string + * + * \param X Destination MPI + * \param radix Input numeric base + * \param s Null-terminated string buffer + * + * \return 0 if successful, or a POLARSSL_ERR_MPI_XXX error code + */ +int mpi_read_string( mpi *X, int radix, const char *s ); + +/** + * \brief Export into an ASCII string + * + * \param X Source MPI + * \param radix Output numeric base + * \param s String buffer + * \param slen String buffer size + * + * \return 0 if successful, or a POLARSSL_ERR_MPI_XXX error code. + * *slen is always updated to reflect the amount + * of data that has (or would have) been written. + * + * \note Call this function with *slen = 0 to obtain the + * minimum required buffer size in *slen. + */ +int mpi_write_string( const mpi *X, int radix, char *s, size_t *slen ); + +#if defined(POLARSSL_FS_IO) +/** + * \brief Read X from an opened file + * + * \param X Destination MPI + * \param radix Input numeric base + * \param fin Input file handle + * + * \return 0 if successful, POLARSSL_ERR_MPI_BUFFER_TOO_SMALL if + * the file read buffer is too small or a + * POLARSSL_ERR_MPI_XXX error code + */ +int mpi_read_file( mpi *X, int radix, FILE *fin ); + +/** + * \brief Write X into an opened file, or stdout if fout is NULL + * + * \param p Prefix, can be NULL + * \param X Source MPI + * \param radix Output numeric base + * \param fout Output file handle (can be NULL) + * + * \return 0 if successful, or a POLARSSL_ERR_MPI_XXX error code + * + * \note Set fout == NULL to print X on the console. + */ +int mpi_write_file( const char *p, const mpi *X, int radix, FILE *fout ); +#endif /* POLARSSL_FS_IO */ + +/** + * \brief Import X from unsigned binary data, big endian + * + * \param X Destination MPI + * \param buf Input buffer + * \param buflen Input buffer size + * + * \return 0 if successful, + * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed + */ +int mpi_read_binary( mpi *X, const unsigned char *buf, size_t buflen ); + +/** + * \brief Export X into unsigned binary data, big endian + * + * \param X Source MPI + * \param buf Output buffer + * \param buflen Output buffer size + * + * \return 0 if successful, + * POLARSSL_ERR_MPI_BUFFER_TOO_SMALL if buf isn't large enough + */ +int mpi_write_binary( const mpi *X, unsigned char *buf, size_t buflen ); + +/** + * \brief Left-shift: X <<= count + * + * \param X MPI to shift + * \param count Amount to shift + * + * \return 0 if successful, + * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed + */ +int mpi_shift_l( mpi *X, size_t count ); + +/** + * \brief Right-shift: X >>= count + * + * \param X MPI to shift + * \param count Amount to shift + * + * \return 0 if successful, + * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed + */ +int mpi_shift_r( mpi *X, size_t count ); + +/** + * \brief Compare unsigned values + * + * \param X Left-hand MPI + * \param Y Right-hand MPI + * + * \return 1 if |X| is greater than |Y|, + * -1 if |X| is lesser than |Y| or + * 0 if |X| is equal to |Y| + */ +int mpi_cmp_abs( const mpi *X, const mpi *Y ); + +/** + * \brief Compare signed values + * + * \param X Left-hand MPI + * \param Y Right-hand MPI + * + * \return 1 if X is greater than Y, + * -1 if X is lesser than Y or + * 0 if X is equal to Y + */ +int mpi_cmp_mpi( const mpi *X, const mpi *Y ); + +/** + * \brief Compare signed values + * + * \param X Left-hand MPI + * \param z The integer value to compare to + * + * \return 1 if X is greater than z, + * -1 if X is lesser than z or + * 0 if X is equal to z + */ +int mpi_cmp_int( const mpi *X, t_sint z ); + +/** + * \brief Unsigned addition: X = |A| + |B| + * + * \param X Destination MPI + * \param A Left-hand MPI + * \param B Right-hand MPI + * + * \return 0 if successful, + * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed + */ +int mpi_add_abs( mpi *X, const mpi *A, const mpi *B ); + +/** + * \brief Unsigned substraction: X = |A| - |B| + * + * \param X Destination MPI + * \param A Left-hand MPI + * \param B Right-hand MPI + * + * \return 0 if successful, + * POLARSSL_ERR_MPI_NEGATIVE_VALUE if B is greater than A + */ +int mpi_sub_abs( mpi *X, const mpi *A, const mpi *B ); + +/** + * \brief Signed addition: X = A + B + * + * \param X Destination MPI + * \param A Left-hand MPI + * \param B Right-hand MPI + * + * \return 0 if successful, + * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed + */ +int mpi_add_mpi( mpi *X, const mpi *A, const mpi *B ); + +/** + * \brief Signed substraction: X = A - B + * + * \param X Destination MPI + * \param A Left-hand MPI + * \param B Right-hand MPI + * + * \return 0 if successful, + * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed + */ +int mpi_sub_mpi( mpi *X, const mpi *A, const mpi *B ); + +/** + * \brief Signed addition: X = A + b + * + * \param X Destination MPI + * \param A Left-hand MPI + * \param b The integer value to add + * + * \return 0 if successful, + * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed + */ +int mpi_add_int( mpi *X, const mpi *A, t_sint b ); + +/** + * \brief Signed substraction: X = A - b + * + * \param X Destination MPI + * \param A Left-hand MPI + * \param b The integer value to subtract + * + * \return 0 if successful, + * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed + */ +int mpi_sub_int( mpi *X, const mpi *A, t_sint b ); + +/** + * \brief Baseline multiplication: X = A * B + * + * \param X Destination MPI + * \param A Left-hand MPI + * \param B Right-hand MPI + * + * \return 0 if successful, + * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed + */ +int mpi_mul_mpi( mpi *X, const mpi *A, const mpi *B ); + +/** + * \brief Baseline multiplication: X = A * b + * Note: b is an unsigned integer type, thus + * Negative values of b are ignored. + * + * \param X Destination MPI + * \param A Left-hand MPI + * \param b The integer value to multiply with + * + * \return 0 if successful, + * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed + */ +int mpi_mul_int( mpi *X, const mpi *A, t_sint b ); + +/** + * \brief Division by mpi: A = Q * B + R + * + * \param Q Destination MPI for the quotient + * \param R Destination MPI for the rest value + * \param A Left-hand MPI + * \param B Right-hand MPI + * + * \return 0 if successful, + * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed, + * POLARSSL_ERR_MPI_DIVISION_BY_ZERO if B == 0 + * + * \note Either Q or R can be NULL. + */ +int mpi_div_mpi( mpi *Q, mpi *R, const mpi *A, const mpi *B ); + +/** + * \brief Division by int: A = Q * b + R + * + * \param Q Destination MPI for the quotient + * \param R Destination MPI for the rest value + * \param A Left-hand MPI + * \param b Integer to divide by + * + * \return 0 if successful, + * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed, + * POLARSSL_ERR_MPI_DIVISION_BY_ZERO if b == 0 + * + * \note Either Q or R can be NULL. + */ +int mpi_div_int( mpi *Q, mpi *R, const mpi *A, t_sint b ); + +/** + * \brief Modulo: R = A mod B + * + * \param R Destination MPI for the rest value + * \param A Left-hand MPI + * \param B Right-hand MPI + * + * \return 0 if successful, + * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed, + * POLARSSL_ERR_MPI_DIVISION_BY_ZERO if B == 0, + * POLARSSL_ERR_MPI_NEGATIVE_VALUE if B < 0 + */ +int mpi_mod_mpi( mpi *R, const mpi *A, const mpi *B ); + +/** + * \brief Modulo: r = A mod b + * + * \param r Destination t_uint + * \param A Left-hand MPI + * \param b Integer to divide by + * + * \return 0 if successful, + * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed, + * POLARSSL_ERR_MPI_DIVISION_BY_ZERO if b == 0, + * POLARSSL_ERR_MPI_NEGATIVE_VALUE if b < 0 + */ +int mpi_mod_int( t_uint *r, const mpi *A, t_sint b ); + +/** + * \brief Sliding-window exponentiation: X = A^E mod N + * + * \param X Destination MPI + * \param A Left-hand MPI + * \param E Exponent MPI + * \param N Modular MPI + * \param _RR Speed-up MPI used for recalculations + * + * \return 0 if successful, + * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed, + * POLARSSL_ERR_MPI_BAD_INPUT_DATA if N is negative or even or if + * E is negative + * + * \note _RR is used to avoid re-computing R*R mod N across + * multiple calls, which speeds up things a bit. It can + * be set to NULL if the extra performance is unneeded. + */ +int mpi_exp_mod( mpi *X, const mpi *A, const mpi *E, const mpi *N, mpi *_RR ); + +/** + * \brief Fill an MPI X with size bytes of random + * + * \param X Destination MPI + * \param size Size in bytes + * \param f_rng RNG function + * \param p_rng RNG parameter + * + * \return 0 if successful, + * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed + */ +int mpi_fill_random( mpi *X, size_t size, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ); + +/** + * \brief Greatest common divisor: G = gcd(A, B) + * + * \param G Destination MPI + * \param A Left-hand MPI + * \param B Right-hand MPI + * + * \return 0 if successful, + * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed + */ +int mpi_gcd( mpi *G, const mpi *A, const mpi *B ); + +/** + * \brief Modular inverse: X = A^-1 mod N + * + * \param X Destination MPI + * \param A Left-hand MPI + * \param N Right-hand MPI + * + * \return 0 if successful, + * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed, + * POLARSSL_ERR_MPI_BAD_INPUT_DATA if N is negative or nil + POLARSSL_ERR_MPI_NOT_ACCEPTABLE if A has no inverse mod N + */ +int mpi_inv_mod( mpi *X, const mpi *A, const mpi *N ); + +/** + * \brief Miller-Rabin primality test + * + * \param X MPI to check + * \param f_rng RNG function + * \param p_rng RNG parameter + * + * \return 0 if successful (probably prime), + * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed, + * POLARSSL_ERR_MPI_NOT_ACCEPTABLE if X is not prime + */ +int mpi_is_prime( mpi *X, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ); + +/** + * \brief Prime number generation + * + * \param X Destination MPI + * \param nbits Required size of X in bits ( 3 <= nbits <= POLARSSL_MPI_MAX_BITS ) + * \param dh_flag If 1, then (X-1)/2 will be prime too + * \param f_rng RNG function + * \param p_rng RNG parameter + * + * \return 0 if successful (probably prime), + * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed, + * POLARSSL_ERR_MPI_BAD_INPUT_DATA if nbits is < 3 + */ +int mpi_gen_prime( mpi *X, size_t nbits, int dh_flag, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ); + +/** + * \brief Checkup routine + * + * \return 0 if successful, or 1 if the test failed + */ +int mpi_self_test( int verbose ); + +#ifdef __cplusplus +} +#endif + +#endif /* bignum.h */ diff --git a/polarssl/blowfish.c b/polarssl/blowfish.c new file mode 100644 index 0000000..719aea6 --- /dev/null +++ b/polarssl/blowfish.c @@ -0,0 +1,632 @@ +/* + * Blowfish implementation + * + * Copyright (C) 2012-2013, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +/* + * The Blowfish block cipher was designed by Bruce Schneier in 1993. + * http://www.schneier.com/blowfish.html + * http://en.wikipedia.org/wiki/Blowfish_%28cipher%29 + * + */ + +#include "polarssl/config.h" + +#if defined(POLARSSL_BLOWFISH_C) + +#include "polarssl/blowfish.h" + +#if !defined(POLARSSL_BLOWFISH_ALT) + +/* + * 32-bit integer manipulation macros (big endian) + */ +#ifndef GET_UINT32_BE +#define GET_UINT32_BE(n,b,i) \ +{ \ + (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ + | ( (uint32_t) (b)[(i) + 1] << 16 ) \ + | ( (uint32_t) (b)[(i) + 2] << 8 ) \ + | ( (uint32_t) (b)[(i) + 3] ); \ +} +#endif + +#ifndef PUT_UINT32_BE +#define PUT_UINT32_BE(n,b,i) \ +{ \ + (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ + (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ + (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ + (b)[(i) + 3] = (unsigned char) ( (n) ); \ +} +#endif + +static const uint32_t P[BLOWFISH_ROUNDS + 2] = { + 0x243F6A88L, 0x85A308D3L, 0x13198A2EL, 0x03707344L, + 0xA4093822L, 0x299F31D0L, 0x082EFA98L, 0xEC4E6C89L, + 0x452821E6L, 0x38D01377L, 0xBE5466CFL, 0x34E90C6CL, + 0xC0AC29B7L, 0xC97C50DDL, 0x3F84D5B5L, 0xB5470917L, + 0x9216D5D9L, 0x8979FB1BL +}; + +/* declarations of data at the end of this file */ +static const uint32_t S[4][256]; + +static uint32_t F(blowfish_context *ctx, uint32_t x) +{ + unsigned short a, b, c, d; + uint32_t y; + + d = (unsigned short)(x & 0xFF); + x >>= 8; + c = (unsigned short)(x & 0xFF); + x >>= 8; + b = (unsigned short)(x & 0xFF); + x >>= 8; + a = (unsigned short)(x & 0xFF); + y = ctx->S[0][a] + ctx->S[1][b]; + y = y ^ ctx->S[2][c]; + y = y + ctx->S[3][d]; + + return y; +} + +static void blowfish_enc(blowfish_context *ctx, uint32_t *xl, uint32_t *xr) +{ + uint32_t Xl, Xr, temp; + short i; + + Xl = *xl; + Xr = *xr; + + for (i = 0; i < BLOWFISH_ROUNDS; ++i) + { + Xl = Xl ^ ctx->P[i]; + Xr = F(ctx, Xl) ^ Xr; + + temp = Xl; + Xl = Xr; + Xr = temp; + } + + temp = Xl; + Xl = Xr; + Xr = temp; + + Xr = Xr ^ ctx->P[BLOWFISH_ROUNDS]; + Xl = Xl ^ ctx->P[BLOWFISH_ROUNDS + 1]; + + *xl = Xl; + *xr = Xr; +} + +static void blowfish_dec(blowfish_context *ctx, uint32_t *xl, uint32_t *xr) +{ + uint32_t Xl, Xr, temp; + short i; + + Xl = *xl; + Xr = *xr; + + for (i = BLOWFISH_ROUNDS + 1; i > 1; --i) + { + Xl = Xl ^ ctx->P[i]; + Xr = F(ctx, Xl) ^ Xr; + + temp = Xl; + Xl = Xr; + Xr = temp; + } + + temp = Xl; + Xl = Xr; + Xr = temp; + + Xr = Xr ^ ctx->P[1]; + Xl = Xl ^ ctx->P[0]; + + *xl = Xl; + *xr = Xr; +} + +/* + * Blowfish key schedule + */ +int blowfish_setkey( blowfish_context *ctx, const unsigned char *key, unsigned int keysize ) +{ + unsigned int i, j, k; + uint32_t data, datal, datar; + + if( keysize < BLOWFISH_MIN_KEY || keysize > BLOWFISH_MAX_KEY || + ( keysize % 8 ) ) + { + return POLARSSL_ERR_BLOWFISH_INVALID_KEY_LENGTH; + } + + keysize >>= 3; + + for( i = 0; i < 4; i++ ) + { + for( j = 0; j < 256; j++ ) + ctx->S[i][j] = S[i][j]; + } + + j = 0; + for( i = 0; i < BLOWFISH_ROUNDS + 2; ++i ) + { + data = 0x00000000; + for( k = 0; k < 4; ++k ) + { + data = ( data << 8 ) | key[j++]; + if( j >= keysize ) + j = 0; + } + ctx->P[i] = P[i] ^ data; + } + + datal = 0x00000000; + datar = 0x00000000; + + for( i = 0; i < BLOWFISH_ROUNDS + 2; i += 2 ) + { + blowfish_enc( ctx, &datal, &datar ); + ctx->P[i] = datal; + ctx->P[i + 1] = datar; + } + + for( i = 0; i < 4; i++ ) + { + for( j = 0; j < 256; j += 2 ) + { + blowfish_enc( ctx, &datal, &datar ); + ctx->S[i][j] = datal; + ctx->S[i][j + 1] = datar; + } + } + return( 0 ); +} + +/* + * Blowfish-ECB block encryption/decryption + */ +int blowfish_crypt_ecb( blowfish_context *ctx, + int mode, + const unsigned char input[BLOWFISH_BLOCKSIZE], + unsigned char output[BLOWFISH_BLOCKSIZE] ) +{ + uint32_t X0, X1; + + GET_UINT32_BE( X0, input, 0 ); + GET_UINT32_BE( X1, input, 4 ); + + if( mode == BLOWFISH_DECRYPT ) + { + blowfish_dec(ctx, &X0, &X1); + } + else /* BLOWFISH_ENCRYPT */ + { + blowfish_enc(ctx, &X0, &X1); + } + + PUT_UINT32_BE( X0, output, 0 ); + PUT_UINT32_BE( X1, output, 4 ); + + return( 0 ); +} + +/* + * Blowfish-CBC buffer encryption/decryption + */ +int blowfish_crypt_cbc( blowfish_context *ctx, + int mode, + size_t length, + unsigned char iv[BLOWFISH_BLOCKSIZE], + const unsigned char *input, + unsigned char *output ) +{ + int i; + unsigned char temp[BLOWFISH_BLOCKSIZE]; + + if( length % BLOWFISH_BLOCKSIZE ) + return( POLARSSL_ERR_BLOWFISH_INVALID_INPUT_LENGTH ); + + if( mode == BLOWFISH_DECRYPT ) + { + while( length > 0 ) + { + memcpy( temp, input, BLOWFISH_BLOCKSIZE ); + blowfish_crypt_ecb( ctx, mode, input, output ); + + for( i = 0; i < BLOWFISH_BLOCKSIZE;i++ ) + output[i] = (unsigned char)( output[i] ^ iv[i] ); + + memcpy( iv, temp, BLOWFISH_BLOCKSIZE ); + + input += BLOWFISH_BLOCKSIZE; + output += BLOWFISH_BLOCKSIZE; + length -= BLOWFISH_BLOCKSIZE; + } + } + else + { + while( length > 0 ) + { + for( i = 0; i < BLOWFISH_BLOCKSIZE; i++ ) + output[i] = (unsigned char)( input[i] ^ iv[i] ); + + blowfish_crypt_ecb( ctx, mode, output, output ); + memcpy( iv, output, BLOWFISH_BLOCKSIZE ); + + input += BLOWFISH_BLOCKSIZE; + output += BLOWFISH_BLOCKSIZE; + length -= BLOWFISH_BLOCKSIZE; + } + } + + return( 0 ); +} + +#if defined(POLARSSL_CIPHER_MODE_CFB) +/* + * Blowfish CFB buffer encryption/decryption + */ +int blowfish_crypt_cfb64( blowfish_context *ctx, + int mode, + size_t length, + size_t *iv_off, + unsigned char iv[BLOWFISH_BLOCKSIZE], + const unsigned char *input, + unsigned char *output ) +{ + int c; + size_t n = *iv_off; + + if( mode == BLOWFISH_DECRYPT ) + { + while( length-- ) + { + if( n == 0 ) + blowfish_crypt_ecb( ctx, BLOWFISH_ENCRYPT, iv, iv ); + + c = *input++; + *output++ = (unsigned char)( c ^ iv[n] ); + iv[n] = (unsigned char) c; + + n = (n + 1) % BLOWFISH_BLOCKSIZE; + } + } + else + { + while( length-- ) + { + if( n == 0 ) + blowfish_crypt_ecb( ctx, BLOWFISH_ENCRYPT, iv, iv ); + + iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ ); + + n = (n + 1) % BLOWFISH_BLOCKSIZE; + } + } + + *iv_off = n; + + return( 0 ); +} +#endif /*POLARSSL_CIPHER_MODE_CFB */ + +#if defined(POLARSSL_CIPHER_MODE_CTR) +/* + * Blowfish CTR buffer encryption/decryption + */ +int blowfish_crypt_ctr( blowfish_context *ctx, + size_t length, + size_t *nc_off, + unsigned char nonce_counter[BLOWFISH_BLOCKSIZE], + unsigned char stream_block[BLOWFISH_BLOCKSIZE], + const unsigned char *input, + unsigned char *output ) +{ + int c, i; + size_t n = *nc_off; + + while( length-- ) + { + if( n == 0 ) { + blowfish_crypt_ecb( ctx, BLOWFISH_ENCRYPT, nonce_counter, stream_block ); + + for( i = BLOWFISH_BLOCKSIZE; i > 0; i-- ) + if( ++nonce_counter[i - 1] != 0 ) + break; + } + c = *input++; + *output++ = (unsigned char)( c ^ stream_block[n] ); + + n = (n + 1) % BLOWFISH_BLOCKSIZE; + } + + *nc_off = n; + + return( 0 ); +} +#endif /* POLARSSL_CIPHER_MODE_CTR */ + +static const uint32_t S[4][256] = { + { 0xD1310BA6L, 0x98DFB5ACL, 0x2FFD72DBL, 0xD01ADFB7L, + 0xB8E1AFEDL, 0x6A267E96L, 0xBA7C9045L, 0xF12C7F99L, + 0x24A19947L, 0xB3916CF7L, 0x0801F2E2L, 0x858EFC16L, + 0x636920D8L, 0x71574E69L, 0xA458FEA3L, 0xF4933D7EL, + 0x0D95748FL, 0x728EB658L, 0x718BCD58L, 0x82154AEEL, + 0x7B54A41DL, 0xC25A59B5L, 0x9C30D539L, 0x2AF26013L, + 0xC5D1B023L, 0x286085F0L, 0xCA417918L, 0xB8DB38EFL, + 0x8E79DCB0L, 0x603A180EL, 0x6C9E0E8BL, 0xB01E8A3EL, + 0xD71577C1L, 0xBD314B27L, 0x78AF2FDAL, 0x55605C60L, + 0xE65525F3L, 0xAA55AB94L, 0x57489862L, 0x63E81440L, + 0x55CA396AL, 0x2AAB10B6L, 0xB4CC5C34L, 0x1141E8CEL, + 0xA15486AFL, 0x7C72E993L, 0xB3EE1411L, 0x636FBC2AL, + 0x2BA9C55DL, 0x741831F6L, 0xCE5C3E16L, 0x9B87931EL, + 0xAFD6BA33L, 0x6C24CF5CL, 0x7A325381L, 0x28958677L, + 0x3B8F4898L, 0x6B4BB9AFL, 0xC4BFE81BL, 0x66282193L, + 0x61D809CCL, 0xFB21A991L, 0x487CAC60L, 0x5DEC8032L, + 0xEF845D5DL, 0xE98575B1L, 0xDC262302L, 0xEB651B88L, + 0x23893E81L, 0xD396ACC5L, 0x0F6D6FF3L, 0x83F44239L, + 0x2E0B4482L, 0xA4842004L, 0x69C8F04AL, 0x9E1F9B5EL, + 0x21C66842L, 0xF6E96C9AL, 0x670C9C61L, 0xABD388F0L, + 0x6A51A0D2L, 0xD8542F68L, 0x960FA728L, 0xAB5133A3L, + 0x6EEF0B6CL, 0x137A3BE4L, 0xBA3BF050L, 0x7EFB2A98L, + 0xA1F1651DL, 0x39AF0176L, 0x66CA593EL, 0x82430E88L, + 0x8CEE8619L, 0x456F9FB4L, 0x7D84A5C3L, 0x3B8B5EBEL, + 0xE06F75D8L, 0x85C12073L, 0x401A449FL, 0x56C16AA6L, + 0x4ED3AA62L, 0x363F7706L, 0x1BFEDF72L, 0x429B023DL, + 0x37D0D724L, 0xD00A1248L, 0xDB0FEAD3L, 0x49F1C09BL, + 0x075372C9L, 0x80991B7BL, 0x25D479D8L, 0xF6E8DEF7L, + 0xE3FE501AL, 0xB6794C3BL, 0x976CE0BDL, 0x04C006BAL, + 0xC1A94FB6L, 0x409F60C4L, 0x5E5C9EC2L, 0x196A2463L, + 0x68FB6FAFL, 0x3E6C53B5L, 0x1339B2EBL, 0x3B52EC6FL, + 0x6DFC511FL, 0x9B30952CL, 0xCC814544L, 0xAF5EBD09L, + 0xBEE3D004L, 0xDE334AFDL, 0x660F2807L, 0x192E4BB3L, + 0xC0CBA857L, 0x45C8740FL, 0xD20B5F39L, 0xB9D3FBDBL, + 0x5579C0BDL, 0x1A60320AL, 0xD6A100C6L, 0x402C7279L, + 0x679F25FEL, 0xFB1FA3CCL, 0x8EA5E9F8L, 0xDB3222F8L, + 0x3C7516DFL, 0xFD616B15L, 0x2F501EC8L, 0xAD0552ABL, + 0x323DB5FAL, 0xFD238760L, 0x53317B48L, 0x3E00DF82L, + 0x9E5C57BBL, 0xCA6F8CA0L, 0x1A87562EL, 0xDF1769DBL, + 0xD542A8F6L, 0x287EFFC3L, 0xAC6732C6L, 0x8C4F5573L, + 0x695B27B0L, 0xBBCA58C8L, 0xE1FFA35DL, 0xB8F011A0L, + 0x10FA3D98L, 0xFD2183B8L, 0x4AFCB56CL, 0x2DD1D35BL, + 0x9A53E479L, 0xB6F84565L, 0xD28E49BCL, 0x4BFB9790L, + 0xE1DDF2DAL, 0xA4CB7E33L, 0x62FB1341L, 0xCEE4C6E8L, + 0xEF20CADAL, 0x36774C01L, 0xD07E9EFEL, 0x2BF11FB4L, + 0x95DBDA4DL, 0xAE909198L, 0xEAAD8E71L, 0x6B93D5A0L, + 0xD08ED1D0L, 0xAFC725E0L, 0x8E3C5B2FL, 0x8E7594B7L, + 0x8FF6E2FBL, 0xF2122B64L, 0x8888B812L, 0x900DF01CL, + 0x4FAD5EA0L, 0x688FC31CL, 0xD1CFF191L, 0xB3A8C1ADL, + 0x2F2F2218L, 0xBE0E1777L, 0xEA752DFEL, 0x8B021FA1L, + 0xE5A0CC0FL, 0xB56F74E8L, 0x18ACF3D6L, 0xCE89E299L, + 0xB4A84FE0L, 0xFD13E0B7L, 0x7CC43B81L, 0xD2ADA8D9L, + 0x165FA266L, 0x80957705L, 0x93CC7314L, 0x211A1477L, + 0xE6AD2065L, 0x77B5FA86L, 0xC75442F5L, 0xFB9D35CFL, + 0xEBCDAF0CL, 0x7B3E89A0L, 0xD6411BD3L, 0xAE1E7E49L, + 0x00250E2DL, 0x2071B35EL, 0x226800BBL, 0x57B8E0AFL, + 0x2464369BL, 0xF009B91EL, 0x5563911DL, 0x59DFA6AAL, + 0x78C14389L, 0xD95A537FL, 0x207D5BA2L, 0x02E5B9C5L, + 0x83260376L, 0x6295CFA9L, 0x11C81968L, 0x4E734A41L, + 0xB3472DCAL, 0x7B14A94AL, 0x1B510052L, 0x9A532915L, + 0xD60F573FL, 0xBC9BC6E4L, 0x2B60A476L, 0x81E67400L, + 0x08BA6FB5L, 0x571BE91FL, 0xF296EC6BL, 0x2A0DD915L, + 0xB6636521L, 0xE7B9F9B6L, 0xFF34052EL, 0xC5855664L, + 0x53B02D5DL, 0xA99F8FA1L, 0x08BA4799L, 0x6E85076AL }, + { 0x4B7A70E9L, 0xB5B32944L, 0xDB75092EL, 0xC4192623L, + 0xAD6EA6B0L, 0x49A7DF7DL, 0x9CEE60B8L, 0x8FEDB266L, + 0xECAA8C71L, 0x699A17FFL, 0x5664526CL, 0xC2B19EE1L, + 0x193602A5L, 0x75094C29L, 0xA0591340L, 0xE4183A3EL, + 0x3F54989AL, 0x5B429D65L, 0x6B8FE4D6L, 0x99F73FD6L, + 0xA1D29C07L, 0xEFE830F5L, 0x4D2D38E6L, 0xF0255DC1L, + 0x4CDD2086L, 0x8470EB26L, 0x6382E9C6L, 0x021ECC5EL, + 0x09686B3FL, 0x3EBAEFC9L, 0x3C971814L, 0x6B6A70A1L, + 0x687F3584L, 0x52A0E286L, 0xB79C5305L, 0xAA500737L, + 0x3E07841CL, 0x7FDEAE5CL, 0x8E7D44ECL, 0x5716F2B8L, + 0xB03ADA37L, 0xF0500C0DL, 0xF01C1F04L, 0x0200B3FFL, + 0xAE0CF51AL, 0x3CB574B2L, 0x25837A58L, 0xDC0921BDL, + 0xD19113F9L, 0x7CA92FF6L, 0x94324773L, 0x22F54701L, + 0x3AE5E581L, 0x37C2DADCL, 0xC8B57634L, 0x9AF3DDA7L, + 0xA9446146L, 0x0FD0030EL, 0xECC8C73EL, 0xA4751E41L, + 0xE238CD99L, 0x3BEA0E2FL, 0x3280BBA1L, 0x183EB331L, + 0x4E548B38L, 0x4F6DB908L, 0x6F420D03L, 0xF60A04BFL, + 0x2CB81290L, 0x24977C79L, 0x5679B072L, 0xBCAF89AFL, + 0xDE9A771FL, 0xD9930810L, 0xB38BAE12L, 0xDCCF3F2EL, + 0x5512721FL, 0x2E6B7124L, 0x501ADDE6L, 0x9F84CD87L, + 0x7A584718L, 0x7408DA17L, 0xBC9F9ABCL, 0xE94B7D8CL, + 0xEC7AEC3AL, 0xDB851DFAL, 0x63094366L, 0xC464C3D2L, + 0xEF1C1847L, 0x3215D908L, 0xDD433B37L, 0x24C2BA16L, + 0x12A14D43L, 0x2A65C451L, 0x50940002L, 0x133AE4DDL, + 0x71DFF89EL, 0x10314E55L, 0x81AC77D6L, 0x5F11199BL, + 0x043556F1L, 0xD7A3C76BL, 0x3C11183BL, 0x5924A509L, + 0xF28FE6EDL, 0x97F1FBFAL, 0x9EBABF2CL, 0x1E153C6EL, + 0x86E34570L, 0xEAE96FB1L, 0x860E5E0AL, 0x5A3E2AB3L, + 0x771FE71CL, 0x4E3D06FAL, 0x2965DCB9L, 0x99E71D0FL, + 0x803E89D6L, 0x5266C825L, 0x2E4CC978L, 0x9C10B36AL, + 0xC6150EBAL, 0x94E2EA78L, 0xA5FC3C53L, 0x1E0A2DF4L, + 0xF2F74EA7L, 0x361D2B3DL, 0x1939260FL, 0x19C27960L, + 0x5223A708L, 0xF71312B6L, 0xEBADFE6EL, 0xEAC31F66L, + 0xE3BC4595L, 0xA67BC883L, 0xB17F37D1L, 0x018CFF28L, + 0xC332DDEFL, 0xBE6C5AA5L, 0x65582185L, 0x68AB9802L, + 0xEECEA50FL, 0xDB2F953BL, 0x2AEF7DADL, 0x5B6E2F84L, + 0x1521B628L, 0x29076170L, 0xECDD4775L, 0x619F1510L, + 0x13CCA830L, 0xEB61BD96L, 0x0334FE1EL, 0xAA0363CFL, + 0xB5735C90L, 0x4C70A239L, 0xD59E9E0BL, 0xCBAADE14L, + 0xEECC86BCL, 0x60622CA7L, 0x9CAB5CABL, 0xB2F3846EL, + 0x648B1EAFL, 0x19BDF0CAL, 0xA02369B9L, 0x655ABB50L, + 0x40685A32L, 0x3C2AB4B3L, 0x319EE9D5L, 0xC021B8F7L, + 0x9B540B19L, 0x875FA099L, 0x95F7997EL, 0x623D7DA8L, + 0xF837889AL, 0x97E32D77L, 0x11ED935FL, 0x16681281L, + 0x0E358829L, 0xC7E61FD6L, 0x96DEDFA1L, 0x7858BA99L, + 0x57F584A5L, 0x1B227263L, 0x9B83C3FFL, 0x1AC24696L, + 0xCDB30AEBL, 0x532E3054L, 0x8FD948E4L, 0x6DBC3128L, + 0x58EBF2EFL, 0x34C6FFEAL, 0xFE28ED61L, 0xEE7C3C73L, + 0x5D4A14D9L, 0xE864B7E3L, 0x42105D14L, 0x203E13E0L, + 0x45EEE2B6L, 0xA3AAABEAL, 0xDB6C4F15L, 0xFACB4FD0L, + 0xC742F442L, 0xEF6ABBB5L, 0x654F3B1DL, 0x41CD2105L, + 0xD81E799EL, 0x86854DC7L, 0xE44B476AL, 0x3D816250L, + 0xCF62A1F2L, 0x5B8D2646L, 0xFC8883A0L, 0xC1C7B6A3L, + 0x7F1524C3L, 0x69CB7492L, 0x47848A0BL, 0x5692B285L, + 0x095BBF00L, 0xAD19489DL, 0x1462B174L, 0x23820E00L, + 0x58428D2AL, 0x0C55F5EAL, 0x1DADF43EL, 0x233F7061L, + 0x3372F092L, 0x8D937E41L, 0xD65FECF1L, 0x6C223BDBL, + 0x7CDE3759L, 0xCBEE7460L, 0x4085F2A7L, 0xCE77326EL, + 0xA6078084L, 0x19F8509EL, 0xE8EFD855L, 0x61D99735L, + 0xA969A7AAL, 0xC50C06C2L, 0x5A04ABFCL, 0x800BCADCL, + 0x9E447A2EL, 0xC3453484L, 0xFDD56705L, 0x0E1E9EC9L, + 0xDB73DBD3L, 0x105588CDL, 0x675FDA79L, 0xE3674340L, + 0xC5C43465L, 0x713E38D8L, 0x3D28F89EL, 0xF16DFF20L, + 0x153E21E7L, 0x8FB03D4AL, 0xE6E39F2BL, 0xDB83ADF7L }, + { 0xE93D5A68L, 0x948140F7L, 0xF64C261CL, 0x94692934L, + 0x411520F7L, 0x7602D4F7L, 0xBCF46B2EL, 0xD4A20068L, + 0xD4082471L, 0x3320F46AL, 0x43B7D4B7L, 0x500061AFL, + 0x1E39F62EL, 0x97244546L, 0x14214F74L, 0xBF8B8840L, + 0x4D95FC1DL, 0x96B591AFL, 0x70F4DDD3L, 0x66A02F45L, + 0xBFBC09ECL, 0x03BD9785L, 0x7FAC6DD0L, 0x31CB8504L, + 0x96EB27B3L, 0x55FD3941L, 0xDA2547E6L, 0xABCA0A9AL, + 0x28507825L, 0x530429F4L, 0x0A2C86DAL, 0xE9B66DFBL, + 0x68DC1462L, 0xD7486900L, 0x680EC0A4L, 0x27A18DEEL, + 0x4F3FFEA2L, 0xE887AD8CL, 0xB58CE006L, 0x7AF4D6B6L, + 0xAACE1E7CL, 0xD3375FECL, 0xCE78A399L, 0x406B2A42L, + 0x20FE9E35L, 0xD9F385B9L, 0xEE39D7ABL, 0x3B124E8BL, + 0x1DC9FAF7L, 0x4B6D1856L, 0x26A36631L, 0xEAE397B2L, + 0x3A6EFA74L, 0xDD5B4332L, 0x6841E7F7L, 0xCA7820FBL, + 0xFB0AF54EL, 0xD8FEB397L, 0x454056ACL, 0xBA489527L, + 0x55533A3AL, 0x20838D87L, 0xFE6BA9B7L, 0xD096954BL, + 0x55A867BCL, 0xA1159A58L, 0xCCA92963L, 0x99E1DB33L, + 0xA62A4A56L, 0x3F3125F9L, 0x5EF47E1CL, 0x9029317CL, + 0xFDF8E802L, 0x04272F70L, 0x80BB155CL, 0x05282CE3L, + 0x95C11548L, 0xE4C66D22L, 0x48C1133FL, 0xC70F86DCL, + 0x07F9C9EEL, 0x41041F0FL, 0x404779A4L, 0x5D886E17L, + 0x325F51EBL, 0xD59BC0D1L, 0xF2BCC18FL, 0x41113564L, + 0x257B7834L, 0x602A9C60L, 0xDFF8E8A3L, 0x1F636C1BL, + 0x0E12B4C2L, 0x02E1329EL, 0xAF664FD1L, 0xCAD18115L, + 0x6B2395E0L, 0x333E92E1L, 0x3B240B62L, 0xEEBEB922L, + 0x85B2A20EL, 0xE6BA0D99L, 0xDE720C8CL, 0x2DA2F728L, + 0xD0127845L, 0x95B794FDL, 0x647D0862L, 0xE7CCF5F0L, + 0x5449A36FL, 0x877D48FAL, 0xC39DFD27L, 0xF33E8D1EL, + 0x0A476341L, 0x992EFF74L, 0x3A6F6EABL, 0xF4F8FD37L, + 0xA812DC60L, 0xA1EBDDF8L, 0x991BE14CL, 0xDB6E6B0DL, + 0xC67B5510L, 0x6D672C37L, 0x2765D43BL, 0xDCD0E804L, + 0xF1290DC7L, 0xCC00FFA3L, 0xB5390F92L, 0x690FED0BL, + 0x667B9FFBL, 0xCEDB7D9CL, 0xA091CF0BL, 0xD9155EA3L, + 0xBB132F88L, 0x515BAD24L, 0x7B9479BFL, 0x763BD6EBL, + 0x37392EB3L, 0xCC115979L, 0x8026E297L, 0xF42E312DL, + 0x6842ADA7L, 0xC66A2B3BL, 0x12754CCCL, 0x782EF11CL, + 0x6A124237L, 0xB79251E7L, 0x06A1BBE6L, 0x4BFB6350L, + 0x1A6B1018L, 0x11CAEDFAL, 0x3D25BDD8L, 0xE2E1C3C9L, + 0x44421659L, 0x0A121386L, 0xD90CEC6EL, 0xD5ABEA2AL, + 0x64AF674EL, 0xDA86A85FL, 0xBEBFE988L, 0x64E4C3FEL, + 0x9DBC8057L, 0xF0F7C086L, 0x60787BF8L, 0x6003604DL, + 0xD1FD8346L, 0xF6381FB0L, 0x7745AE04L, 0xD736FCCCL, + 0x83426B33L, 0xF01EAB71L, 0xB0804187L, 0x3C005E5FL, + 0x77A057BEL, 0xBDE8AE24L, 0x55464299L, 0xBF582E61L, + 0x4E58F48FL, 0xF2DDFDA2L, 0xF474EF38L, 0x8789BDC2L, + 0x5366F9C3L, 0xC8B38E74L, 0xB475F255L, 0x46FCD9B9L, + 0x7AEB2661L, 0x8B1DDF84L, 0x846A0E79L, 0x915F95E2L, + 0x466E598EL, 0x20B45770L, 0x8CD55591L, 0xC902DE4CL, + 0xB90BACE1L, 0xBB8205D0L, 0x11A86248L, 0x7574A99EL, + 0xB77F19B6L, 0xE0A9DC09L, 0x662D09A1L, 0xC4324633L, + 0xE85A1F02L, 0x09F0BE8CL, 0x4A99A025L, 0x1D6EFE10L, + 0x1AB93D1DL, 0x0BA5A4DFL, 0xA186F20FL, 0x2868F169L, + 0xDCB7DA83L, 0x573906FEL, 0xA1E2CE9BL, 0x4FCD7F52L, + 0x50115E01L, 0xA70683FAL, 0xA002B5C4L, 0x0DE6D027L, + 0x9AF88C27L, 0x773F8641L, 0xC3604C06L, 0x61A806B5L, + 0xF0177A28L, 0xC0F586E0L, 0x006058AAL, 0x30DC7D62L, + 0x11E69ED7L, 0x2338EA63L, 0x53C2DD94L, 0xC2C21634L, + 0xBBCBEE56L, 0x90BCB6DEL, 0xEBFC7DA1L, 0xCE591D76L, + 0x6F05E409L, 0x4B7C0188L, 0x39720A3DL, 0x7C927C24L, + 0x86E3725FL, 0x724D9DB9L, 0x1AC15BB4L, 0xD39EB8FCL, + 0xED545578L, 0x08FCA5B5L, 0xD83D7CD3L, 0x4DAD0FC4L, + 0x1E50EF5EL, 0xB161E6F8L, 0xA28514D9L, 0x6C51133CL, + 0x6FD5C7E7L, 0x56E14EC4L, 0x362ABFCEL, 0xDDC6C837L, + 0xD79A3234L, 0x92638212L, 0x670EFA8EL, 0x406000E0L }, + { 0x3A39CE37L, 0xD3FAF5CFL, 0xABC27737L, 0x5AC52D1BL, + 0x5CB0679EL, 0x4FA33742L, 0xD3822740L, 0x99BC9BBEL, + 0xD5118E9DL, 0xBF0F7315L, 0xD62D1C7EL, 0xC700C47BL, + 0xB78C1B6BL, 0x21A19045L, 0xB26EB1BEL, 0x6A366EB4L, + 0x5748AB2FL, 0xBC946E79L, 0xC6A376D2L, 0x6549C2C8L, + 0x530FF8EEL, 0x468DDE7DL, 0xD5730A1DL, 0x4CD04DC6L, + 0x2939BBDBL, 0xA9BA4650L, 0xAC9526E8L, 0xBE5EE304L, + 0xA1FAD5F0L, 0x6A2D519AL, 0x63EF8CE2L, 0x9A86EE22L, + 0xC089C2B8L, 0x43242EF6L, 0xA51E03AAL, 0x9CF2D0A4L, + 0x83C061BAL, 0x9BE96A4DL, 0x8FE51550L, 0xBA645BD6L, + 0x2826A2F9L, 0xA73A3AE1L, 0x4BA99586L, 0xEF5562E9L, + 0xC72FEFD3L, 0xF752F7DAL, 0x3F046F69L, 0x77FA0A59L, + 0x80E4A915L, 0x87B08601L, 0x9B09E6ADL, 0x3B3EE593L, + 0xE990FD5AL, 0x9E34D797L, 0x2CF0B7D9L, 0x022B8B51L, + 0x96D5AC3AL, 0x017DA67DL, 0xD1CF3ED6L, 0x7C7D2D28L, + 0x1F9F25CFL, 0xADF2B89BL, 0x5AD6B472L, 0x5A88F54CL, + 0xE029AC71L, 0xE019A5E6L, 0x47B0ACFDL, 0xED93FA9BL, + 0xE8D3C48DL, 0x283B57CCL, 0xF8D56629L, 0x79132E28L, + 0x785F0191L, 0xED756055L, 0xF7960E44L, 0xE3D35E8CL, + 0x15056DD4L, 0x88F46DBAL, 0x03A16125L, 0x0564F0BDL, + 0xC3EB9E15L, 0x3C9057A2L, 0x97271AECL, 0xA93A072AL, + 0x1B3F6D9BL, 0x1E6321F5L, 0xF59C66FBL, 0x26DCF319L, + 0x7533D928L, 0xB155FDF5L, 0x03563482L, 0x8ABA3CBBL, + 0x28517711L, 0xC20AD9F8L, 0xABCC5167L, 0xCCAD925FL, + 0x4DE81751L, 0x3830DC8EL, 0x379D5862L, 0x9320F991L, + 0xEA7A90C2L, 0xFB3E7BCEL, 0x5121CE64L, 0x774FBE32L, + 0xA8B6E37EL, 0xC3293D46L, 0x48DE5369L, 0x6413E680L, + 0xA2AE0810L, 0xDD6DB224L, 0x69852DFDL, 0x09072166L, + 0xB39A460AL, 0x6445C0DDL, 0x586CDECFL, 0x1C20C8AEL, + 0x5BBEF7DDL, 0x1B588D40L, 0xCCD2017FL, 0x6BB4E3BBL, + 0xDDA26A7EL, 0x3A59FF45L, 0x3E350A44L, 0xBCB4CDD5L, + 0x72EACEA8L, 0xFA6484BBL, 0x8D6612AEL, 0xBF3C6F47L, + 0xD29BE463L, 0x542F5D9EL, 0xAEC2771BL, 0xF64E6370L, + 0x740E0D8DL, 0xE75B1357L, 0xF8721671L, 0xAF537D5DL, + 0x4040CB08L, 0x4EB4E2CCL, 0x34D2466AL, 0x0115AF84L, + 0xE1B00428L, 0x95983A1DL, 0x06B89FB4L, 0xCE6EA048L, + 0x6F3F3B82L, 0x3520AB82L, 0x011A1D4BL, 0x277227F8L, + 0x611560B1L, 0xE7933FDCL, 0xBB3A792BL, 0x344525BDL, + 0xA08839E1L, 0x51CE794BL, 0x2F32C9B7L, 0xA01FBAC9L, + 0xE01CC87EL, 0xBCC7D1F6L, 0xCF0111C3L, 0xA1E8AAC7L, + 0x1A908749L, 0xD44FBD9AL, 0xD0DADECBL, 0xD50ADA38L, + 0x0339C32AL, 0xC6913667L, 0x8DF9317CL, 0xE0B12B4FL, + 0xF79E59B7L, 0x43F5BB3AL, 0xF2D519FFL, 0x27D9459CL, + 0xBF97222CL, 0x15E6FC2AL, 0x0F91FC71L, 0x9B941525L, + 0xFAE59361L, 0xCEB69CEBL, 0xC2A86459L, 0x12BAA8D1L, + 0xB6C1075EL, 0xE3056A0CL, 0x10D25065L, 0xCB03A442L, + 0xE0EC6E0EL, 0x1698DB3BL, 0x4C98A0BEL, 0x3278E964L, + 0x9F1F9532L, 0xE0D392DFL, 0xD3A0342BL, 0x8971F21EL, + 0x1B0A7441L, 0x4BA3348CL, 0xC5BE7120L, 0xC37632D8L, + 0xDF359F8DL, 0x9B992F2EL, 0xE60B6F47L, 0x0FE3F11DL, + 0xE54CDA54L, 0x1EDAD891L, 0xCE6279CFL, 0xCD3E7E6FL, + 0x1618B166L, 0xFD2C1D05L, 0x848FD2C5L, 0xF6FB2299L, + 0xF523F357L, 0xA6327623L, 0x93A83531L, 0x56CCCD02L, + 0xACF08162L, 0x5A75EBB5L, 0x6E163697L, 0x88D273CCL, + 0xDE966292L, 0x81B949D0L, 0x4C50901BL, 0x71C65614L, + 0xE6C6C7BDL, 0x327A140AL, 0x45E1D006L, 0xC3F27B9AL, + 0xC9AA53FDL, 0x62A80F00L, 0xBB25BFE2L, 0x35BDD2F6L, + 0x71126905L, 0xB2040222L, 0xB6CBCF7CL, 0xCD769C2BL, + 0x53113EC0L, 0x1640E3D3L, 0x38ABBD60L, 0x2547ADF0L, + 0xBA38209CL, 0xF746CE76L, 0x77AFA1C5L, 0x20756060L, + 0x85CBFE4EL, 0x8AE88DD8L, 0x7AAAF9B0L, 0x4CF9AA7EL, + 0x1948C25CL, 0x02FB8A8CL, 0x01C36AE4L, 0xD6EBE1F9L, + 0x90D4F869L, 0xA65CDEA0L, 0x3F09252DL, 0xC208E69FL, + 0xB74E6132L, 0xCE77E25BL, 0x578FDFE3L, 0x3AC372E6L } +}; + +#endif /* !POLARSSL_BLOWFISH_ALT */ +#endif /* POLARSSL_BLOWFISH_C */ diff --git a/polarssl/blowfish.h b/polarssl/blowfish.h new file mode 100644 index 0000000..0157f8e --- /dev/null +++ b/polarssl/blowfish.h @@ -0,0 +1,171 @@ +/** + * \file blowfish.h + * + * \brief Blowfish block cipher + * + * Copyright (C) 2012-2013, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef POLARSSL_BLOWFISH_H +#define POLARSSL_BLOWFISH_H + +#include "polarssl/config.h" + +#include + +#ifdef _MSC_VER +#include +typedef UINT32 uint32_t; +#else +#include +#endif + +#define BLOWFISH_ENCRYPT 1 +#define BLOWFISH_DECRYPT 0 +#define BLOWFISH_MAX_KEY 448 +#define BLOWFISH_MIN_KEY 32 +#define BLOWFISH_ROUNDS 16 /* when increasing this value, make sure to extend the initialisation vectors */ +#define BLOWFISH_BLOCKSIZE 8 /* Blowfish uses 64 bit blocks */ + +#define POLARSSL_ERR_BLOWFISH_INVALID_KEY_LENGTH -0x0016 /**< Invalid key length. */ +#define POLARSSL_ERR_BLOWFISH_INVALID_INPUT_LENGTH -0x0018 /**< Invalid data input length. */ + +#if !defined(POLARSSL_BLOWFISH_ALT) +// Regular implementation +// + +/** + * \brief Blowfish context structure + */ +typedef struct +{ + uint32_t P[BLOWFISH_ROUNDS + 2]; /*!< Blowfish round keys */ + uint32_t S[4][256]; /*!< key dependent S-boxes */ +} +blowfish_context; + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief Blowfish key schedule + * + * \param ctx Blowfish context to be initialized + * \param key encryption key + * \param keysize must be between 32 and 448 bits + * + * \return 0 if successful, or POLARSSL_ERR_BLOWFISH_INVALID_KEY_LENGTH + */ +int blowfish_setkey( blowfish_context *ctx, const unsigned char *key, unsigned int keysize ); + +/** + * \brief Blowfish-ECB block encryption/decryption + * + * \param ctx Blowfish context + * \param mode BLOWFISH_ENCRYPT or BLOWFISH_DECRYPT + * \param input 8-byte input block + * \param output 8-byte output block + * + * \return 0 if successful + */ +int blowfish_crypt_ecb( blowfish_context *ctx, + int mode, + const unsigned char input[BLOWFISH_BLOCKSIZE], + unsigned char output[BLOWFISH_BLOCKSIZE] ); + +/** + * \brief Blowfish-CBC buffer encryption/decryption + * Length should be a multiple of the block + * size (8 bytes) + * + * \param ctx Blowfish context + * \param mode BLOWFISH_ENCRYPT or BLOWFISH_DECRYPT + * \param length length of the input data + * \param iv initialization vector (updated after use) + * \param input buffer holding the input data + * \param output buffer holding the output data + * + * \return 0 if successful, or POLARSSL_ERR_BLOWFISH_INVALID_INPUT_LENGTH + */ +int blowfish_crypt_cbc( blowfish_context *ctx, + int mode, + size_t length, + unsigned char iv[BLOWFISH_BLOCKSIZE], + const unsigned char *input, + unsigned char *output ); + +/** + * \brief Blowfish CFB buffer encryption/decryption. + * + * both + * \param ctx Blowfish context + * \param mode BLOWFISH_ENCRYPT or BLOWFISH_DECRYPT + * \param length length of the input data + * \param iv_off offset in IV (updated after use) + * \param iv initialization vector (updated after use) + * \param input buffer holding the input data + * \param output buffer holding the output data + * + * \return 0 if successful + */ +int blowfish_crypt_cfb64( blowfish_context *ctx, + int mode, + size_t length, + size_t *iv_off, + unsigned char iv[BLOWFISH_BLOCKSIZE], + const unsigned char *input, + unsigned char *output ); + +/** + * \brief Blowfish-CTR buffer encryption/decryption + * + * Warning: You have to keep the maximum use of your counter in mind! + * + * \param length The length of the data + * \param nc_off The offset in the current stream_block (for resuming + * within current cipher stream). The offset pointer to + * should be 0 at the start of a stream. + * \param nonce_counter The 64-bit nonce and counter. + * \param stream_block The saved stream-block for resuming. Is overwritten + * by the function. + * \param input The input data stream + * \param output The output data stream + * + * \return 0 if successful + */ +int blowfish_crypt_ctr( blowfish_context *ctx, + size_t length, + size_t *nc_off, + unsigned char nonce_counter[BLOWFISH_BLOCKSIZE], + unsigned char stream_block[BLOWFISH_BLOCKSIZE], + const unsigned char *input, + unsigned char *output ); + +#ifdef __cplusplus +} +#endif + +#else /* POLARSSL_BLOWFISH_ALT */ +#include "polarssl/blowfish_alt.h" +#endif /* POLARSSL_BLOWFISH_ALT */ + +#endif /* blowfish.h */ diff --git a/polarssl/bn_mul.h b/polarssl/bn_mul.h new file mode 100644 index 0000000..6d6c182 --- /dev/null +++ b/polarssl/bn_mul.h @@ -0,0 +1,864 @@ +/** + * \file bn_mul.h + * + * \brief Multi-precision integer library + * + * Copyright (C) 2006-2010, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +/* + * Multiply source vector [s] with b, add result + * to destination vector [d] and set carry c. + * + * Currently supports: + * + * . IA-32 (386+) . AMD64 / EM64T + * . IA-32 (SSE2) . Motorola 68000 + * . PowerPC, 32-bit . MicroBlaze + * . PowerPC, 64-bit . TriCore + * . SPARC v8 . ARM v3+ + * . Alpha . MIPS32 + * . C, longlong . C, generic + */ +#ifndef POLARSSL_BN_MUL_H +#define POLARSSL_BN_MUL_H + +#include "polarssl/bignum.h" + +#if defined(POLARSSL_HAVE_ASM) + +#if defined(__GNUC__) +#if defined(__i386__) + +#define MULADDC_INIT \ + __asm__( " \ + movl %%ebx, %0; \ + movl %5, %%esi; \ + movl %6, %%edi; \ + movl %7, %%ecx; \ + movl %8, %%ebx; \ + " + +#define MULADDC_CORE \ + " \ + lodsl; \ + mull %%ebx; \ + addl %%ecx, %%eax; \ + adcl $0, %%edx; \ + addl (%%edi), %%eax; \ + adcl $0, %%edx; \ + movl %%edx, %%ecx; \ + stosl; \ + " + +#if defined(POLARSSL_HAVE_SSE2) + +#define MULADDC_HUIT \ + " \ + movd %%ecx, %%mm1; \ + movd %%ebx, %%mm0; \ + movd (%%edi), %%mm3; \ + paddq %%mm3, %%mm1; \ + movd (%%esi), %%mm2; \ + pmuludq %%mm0, %%mm2; \ + movd 4(%%esi), %%mm4; \ + pmuludq %%mm0, %%mm4; \ + movd 8(%%esi), %%mm6; \ + pmuludq %%mm0, %%mm6; \ + movd 12(%%esi), %%mm7; \ + pmuludq %%mm0, %%mm7; \ + paddq %%mm2, %%mm1; \ + movd 4(%%edi), %%mm3; \ + paddq %%mm4, %%mm3; \ + movd 8(%%edi), %%mm5; \ + paddq %%mm6, %%mm5; \ + movd 12(%%edi), %%mm4; \ + paddq %%mm4, %%mm7; \ + movd %%mm1, (%%edi); \ + movd 16(%%esi), %%mm2; \ + pmuludq %%mm0, %%mm2; \ + psrlq $32, %%mm1; \ + movd 20(%%esi), %%mm4; \ + pmuludq %%mm0, %%mm4; \ + paddq %%mm3, %%mm1; \ + movd 24(%%esi), %%mm6; \ + pmuludq %%mm0, %%mm6; \ + movd %%mm1, 4(%%edi); \ + psrlq $32, %%mm1; \ + movd 28(%%esi), %%mm3; \ + pmuludq %%mm0, %%mm3; \ + paddq %%mm5, %%mm1; \ + movd 16(%%edi), %%mm5; \ + paddq %%mm5, %%mm2; \ + movd %%mm1, 8(%%edi); \ + psrlq $32, %%mm1; \ + paddq %%mm7, %%mm1; \ + movd 20(%%edi), %%mm5; \ + paddq %%mm5, %%mm4; \ + movd %%mm1, 12(%%edi); \ + psrlq $32, %%mm1; \ + paddq %%mm2, %%mm1; \ + movd 24(%%edi), %%mm5; \ + paddq %%mm5, %%mm6; \ + movd %%mm1, 16(%%edi); \ + psrlq $32, %%mm1; \ + paddq %%mm4, %%mm1; \ + movd 28(%%edi), %%mm5; \ + paddq %%mm5, %%mm3; \ + movd %%mm1, 20(%%edi); \ + psrlq $32, %%mm1; \ + paddq %%mm6, %%mm1; \ + movd %%mm1, 24(%%edi); \ + psrlq $32, %%mm1; \ + paddq %%mm3, %%mm1; \ + movd %%mm1, 28(%%edi); \ + addl $32, %%edi; \ + addl $32, %%esi; \ + psrlq $32, %%mm1; \ + movd %%mm1, %%ecx; \ + " + +#define MULADDC_STOP \ + " \ + emms; \ + movl %4, %%ebx; \ + movl %%ecx, %1; \ + movl %%edi, %2; \ + movl %%esi, %3; \ + " \ + : "=m" (t), "=m" (c), "=m" (d), "=m" (s) \ + : "m" (t), "m" (s), "m" (d), "m" (c), "m" (b) \ + : "eax", "ecx", "edx", "esi", "edi" \ + ); + +#else + +#define MULADDC_STOP \ + " \ + movl %4, %%ebx; \ + movl %%ecx, %1; \ + movl %%edi, %2; \ + movl %%esi, %3; \ + " \ + : "=m" (t), "=m" (c), "=m" (d), "=m" (s) \ + : "m" (t), "m" (s), "m" (d), "m" (c), "m" (b) \ + : "eax", "ecx", "edx", "esi", "edi" \ + ); +#endif /* SSE2 */ +#endif /* i386 */ + +#if defined(__amd64__) || defined (__x86_64__) + +#define MULADDC_INIT \ + __asm__( "movq %0, %%rsi " :: "m" (s)); \ + __asm__( "movq %0, %%rdi " :: "m" (d)); \ + __asm__( "movq %0, %%rcx " :: "m" (c)); \ + __asm__( "movq %0, %%rbx " :: "m" (b)); \ + __asm__( "xorq %r8, %r8 " ); + +#define MULADDC_CORE \ + __asm__( "movq (%rsi),%rax " ); \ + __asm__( "mulq %rbx " ); \ + __asm__( "addq $8, %rsi " ); \ + __asm__( "addq %rcx, %rax " ); \ + __asm__( "movq %r8, %rcx " ); \ + __asm__( "adcq $0, %rdx " ); \ + __asm__( "nop " ); \ + __asm__( "addq %rax, (%rdi) " ); \ + __asm__( "adcq %rdx, %rcx " ); \ + __asm__( "addq $8, %rdi " ); + +#define MULADDC_STOP \ + __asm__( "movq %%rcx, %0 " : "=m" (c)); \ + __asm__( "movq %%rdi, %0 " : "=m" (d)); \ + __asm__( "movq %%rsi, %0 " : "=m" (s) :: \ + "rax", "rcx", "rdx", "rbx", "rsi", "rdi", "r8" ); + +#endif /* AMD64 */ + +#if defined(__mc68020__) || defined(__mcpu32__) + +#define MULADDC_INIT \ + __asm__( "movl %0, %%a2 " :: "m" (s)); \ + __asm__( "movl %0, %%a3 " :: "m" (d)); \ + __asm__( "movl %0, %%d3 " :: "m" (c)); \ + __asm__( "movl %0, %%d2 " :: "m" (b)); \ + __asm__( "moveq #0, %d0 " ); + +#define MULADDC_CORE \ + __asm__( "movel %a2@+, %d1 " ); \ + __asm__( "mulul %d2, %d4:%d1 " ); \ + __asm__( "addl %d3, %d1 " ); \ + __asm__( "addxl %d0, %d4 " ); \ + __asm__( "moveq #0, %d3 " ); \ + __asm__( "addl %d1, %a3@+ " ); \ + __asm__( "addxl %d4, %d3 " ); + +#define MULADDC_STOP \ + __asm__( "movl %%d3, %0 " : "=m" (c)); \ + __asm__( "movl %%a3, %0 " : "=m" (d)); \ + __asm__( "movl %%a2, %0 " : "=m" (s) :: \ + "d0", "d1", "d2", "d3", "d4", "a2", "a3" ); + +#define MULADDC_HUIT \ + __asm__( "movel %a2@+, %d1 " ); \ + __asm__( "mulul %d2, %d4:%d1 " ); \ + __asm__( "addxl %d3, %d1 " ); \ + __asm__( "addxl %d0, %d4 " ); \ + __asm__( "addl %d1, %a3@+ " ); \ + __asm__( "movel %a2@+, %d1 " ); \ + __asm__( "mulul %d2, %d3:%d1 " ); \ + __asm__( "addxl %d4, %d1 " ); \ + __asm__( "addxl %d0, %d3 " ); \ + __asm__( "addl %d1, %a3@+ " ); \ + __asm__( "movel %a2@+, %d1 " ); \ + __asm__( "mulul %d2, %d4:%d1 " ); \ + __asm__( "addxl %d3, %d1 " ); \ + __asm__( "addxl %d0, %d4 " ); \ + __asm__( "addl %d1, %a3@+ " ); \ + __asm__( "movel %a2@+, %d1 " ); \ + __asm__( "mulul %d2, %d3:%d1 " ); \ + __asm__( "addxl %d4, %d1 " ); \ + __asm__( "addxl %d0, %d3 " ); \ + __asm__( "addl %d1, %a3@+ " ); \ + __asm__( "movel %a2@+, %d1 " ); \ + __asm__( "mulul %d2, %d4:%d1 " ); \ + __asm__( "addxl %d3, %d1 " ); \ + __asm__( "addxl %d0, %d4 " ); \ + __asm__( "addl %d1, %a3@+ " ); \ + __asm__( "movel %a2@+, %d1 " ); \ + __asm__( "mulul %d2, %d3:%d1 " ); \ + __asm__( "addxl %d4, %d1 " ); \ + __asm__( "addxl %d0, %d3 " ); \ + __asm__( "addl %d1, %a3@+ " ); \ + __asm__( "movel %a2@+, %d1 " ); \ + __asm__( "mulul %d2, %d4:%d1 " ); \ + __asm__( "addxl %d3, %d1 " ); \ + __asm__( "addxl %d0, %d4 " ); \ + __asm__( "addl %d1, %a3@+ " ); \ + __asm__( "movel %a2@+, %d1 " ); \ + __asm__( "mulul %d2, %d3:%d1 " ); \ + __asm__( "addxl %d4, %d1 " ); \ + __asm__( "addxl %d0, %d3 " ); \ + __asm__( "addl %d1, %a3@+ " ); \ + __asm__( "addxl %d0, %d3 " ); + +#endif /* MC68000 */ + +#if defined(__powerpc__) || defined(__ppc__) +#if defined(__powerpc64__) || defined(__ppc64__) + +#if defined(__MACH__) && defined(__APPLE__) + +#define MULADDC_INIT \ + __asm__( "ld r3, %0 " :: "m" (s)); \ + __asm__( "ld r4, %0 " :: "m" (d)); \ + __asm__( "ld r5, %0 " :: "m" (c)); \ + __asm__( "ld r6, %0 " :: "m" (b)); \ + __asm__( "addi r3, r3, -8 " ); \ + __asm__( "addi r4, r4, -8 " ); \ + __asm__( "addic r5, r5, 0 " ); + +#define MULADDC_CORE \ + __asm__( "ldu r7, 8(r3) " ); \ + __asm__( "mulld r8, r7, r6 " ); \ + __asm__( "mulhdu r9, r7, r6 " ); \ + __asm__( "adde r8, r8, r5 " ); \ + __asm__( "ld r7, 8(r4) " ); \ + __asm__( "addze r5, r9 " ); \ + __asm__( "addc r8, r8, r7 " ); \ + __asm__( "stdu r8, 8(r4) " ); + +#define MULADDC_STOP \ + __asm__( "addze r5, r5 " ); \ + __asm__( "addi r4, r4, 8 " ); \ + __asm__( "addi r3, r3, 8 " ); \ + __asm__( "std r5, %0 " : "=m" (c)); \ + __asm__( "std r4, %0 " : "=m" (d)); \ + __asm__( "std r3, %0 " : "=m" (s) :: \ + "r3", "r4", "r5", "r6", "r7", "r8", "r9" ); + +#else + +#define MULADDC_INIT \ + __asm__( "ld %%r3, %0 " :: "m" (s)); \ + __asm__( "ld %%r4, %0 " :: "m" (d)); \ + __asm__( "ld %%r5, %0 " :: "m" (c)); \ + __asm__( "ld %%r6, %0 " :: "m" (b)); \ + __asm__( "addi %r3, %r3, -8 " ); \ + __asm__( "addi %r4, %r4, -8 " ); \ + __asm__( "addic %r5, %r5, 0 " ); + +#define MULADDC_CORE \ + __asm__( "ldu %r7, 8(%r3) " ); \ + __asm__( "mulld %r8, %r7, %r6 " ); \ + __asm__( "mulhdu %r9, %r7, %r6 " ); \ + __asm__( "adde %r8, %r8, %r5 " ); \ + __asm__( "ld %r7, 8(%r4) " ); \ + __asm__( "addze %r5, %r9 " ); \ + __asm__( "addc %r8, %r8, %r7 " ); \ + __asm__( "stdu %r8, 8(%r4) " ); + +#define MULADDC_STOP \ + __asm__( "addze %r5, %r5 " ); \ + __asm__( "addi %r4, %r4, 8 " ); \ + __asm__( "addi %r3, %r3, 8 " ); \ + __asm__( "std %%r5, %0 " : "=m" (c)); \ + __asm__( "std %%r4, %0 " : "=m" (d)); \ + __asm__( "std %%r3, %0 " : "=m" (s) :: \ + "r3", "r4", "r5", "r6", "r7", "r8", "r9" ); + +#endif + +#else /* PPC32 */ + +#if defined(__MACH__) && defined(__APPLE__) + +#define MULADDC_INIT \ + __asm__( "lwz r3, %0 " :: "m" (s)); \ + __asm__( "lwz r4, %0 " :: "m" (d)); \ + __asm__( "lwz r5, %0 " :: "m" (c)); \ + __asm__( "lwz r6, %0 " :: "m" (b)); \ + __asm__( "addi r3, r3, -4 " ); \ + __asm__( "addi r4, r4, -4 " ); \ + __asm__( "addic r5, r5, 0 " ); + +#define MULADDC_CORE \ + __asm__( "lwzu r7, 4(r3) " ); \ + __asm__( "mullw r8, r7, r6 " ); \ + __asm__( "mulhwu r9, r7, r6 " ); \ + __asm__( "adde r8, r8, r5 " ); \ + __asm__( "lwz r7, 4(r4) " ); \ + __asm__( "addze r5, r9 " ); \ + __asm__( "addc r8, r8, r7 " ); \ + __asm__( "stwu r8, 4(r4) " ); + +#define MULADDC_STOP \ + __asm__( "addze r5, r5 " ); \ + __asm__( "addi r4, r4, 4 " ); \ + __asm__( "addi r3, r3, 4 " ); \ + __asm__( "stw r5, %0 " : "=m" (c)); \ + __asm__( "stw r4, %0 " : "=m" (d)); \ + __asm__( "stw r3, %0 " : "=m" (s) :: \ + "r3", "r4", "r5", "r6", "r7", "r8", "r9" ); + +#else + +#define MULADDC_INIT \ + __asm__( "lwz %%r3, %0 " :: "m" (s)); \ + __asm__( "lwz %%r4, %0 " :: "m" (d)); \ + __asm__( "lwz %%r5, %0 " :: "m" (c)); \ + __asm__( "lwz %%r6, %0 " :: "m" (b)); \ + __asm__( "addi %r3, %r3, -4 " ); \ + __asm__( "addi %r4, %r4, -4 " ); \ + __asm__( "addic %r5, %r5, 0 " ); + +#define MULADDC_CORE \ + __asm__( "lwzu %r7, 4(%r3) " ); \ + __asm__( "mullw %r8, %r7, %r6 " ); \ + __asm__( "mulhwu %r9, %r7, %r6 " ); \ + __asm__( "adde %r8, %r8, %r5 " ); \ + __asm__( "lwz %r7, 4(%r4) " ); \ + __asm__( "addze %r5, %r9 " ); \ + __asm__( "addc %r8, %r8, %r7 " ); \ + __asm__( "stwu %r8, 4(%r4) " ); + +#define MULADDC_STOP \ + __asm__( "addze %r5, %r5 " ); \ + __asm__( "addi %r4, %r4, 4 " ); \ + __asm__( "addi %r3, %r3, 4 " ); \ + __asm__( "stw %%r5, %0 " : "=m" (c)); \ + __asm__( "stw %%r4, %0 " : "=m" (d)); \ + __asm__( "stw %%r3, %0 " : "=m" (s) :: \ + "r3", "r4", "r5", "r6", "r7", "r8", "r9" ); + +#endif + +#endif /* PPC32 */ +#endif /* PPC64 */ + +#if defined(__sparc__) && defined(__sparc64__) + +#define MULADDC_INIT \ + __asm__( \ + " \ + ldx %3, %%o0; \ + ldx %4, %%o1; \ + ld %5, %%o2; \ + ld %6, %%o3; \ + " + +#define MULADDC_CORE \ + " \ + ld [%%o0], %%o4; \ + inc 4, %%o0; \ + ld [%%o1], %%o5; \ + umul %%o3, %%o4, %%o4; \ + addcc %%o4, %%o2, %%o4; \ + rd %%y, %%g1; \ + addx %%g1, 0, %%g1; \ + addcc %%o4, %%o5, %%o4; \ + st %%o4, [%%o1]; \ + addx %%g1, 0, %%o2; \ + inc 4, %%o1; \ + " + +#define MULADDC_STOP \ + " \ + st %%o2, %0; \ + stx %%o1, %1; \ + stx %%o0, %2; \ + " \ + : "=m" (c), "=m" (d), "=m" (s) \ + : "m" (s), "m" (d), "m" (c), "m" (b) \ + : "g1", "o0", "o1", "o2", "o3", "o4", \ + "o5" \ + ); +#endif /* SPARCv9 */ + +#if defined(__sparc__) && !defined(__sparc64__) + +#define MULADDC_INIT \ + __asm__( \ + " \ + ld %3, %%o0; \ + ld %4, %%o1; \ + ld %5, %%o2; \ + ld %6, %%o3; \ + " + +#define MULADDC_CORE \ + " \ + ld [%%o0], %%o4; \ + inc 4, %%o0; \ + ld [%%o1], %%o5; \ + umul %%o3, %%o4, %%o4; \ + addcc %%o4, %%o2, %%o4; \ + rd %%y, %%g1; \ + addx %%g1, 0, %%g1; \ + addcc %%o4, %%o5, %%o4; \ + st %%o4, [%%o1]; \ + addx %%g1, 0, %%o2; \ + inc 4, %%o1; \ + " + +#define MULADDC_STOP \ + " \ + st %%o2, %0; \ + st %%o1, %1; \ + st %%o0, %2; \ + " \ + : "=m" (c), "=m" (d), "=m" (s) \ + : "m" (s), "m" (d), "m" (c), "m" (b) \ + : "g1", "o0", "o1", "o2", "o3", "o4", \ + "o5" \ + ); + +#endif /* SPARCv8 */ + +#if defined(__microblaze__) || defined(microblaze) + +#define MULADDC_INIT \ + __asm__( "lwi r3, %0 " :: "m" (s)); \ + __asm__( "lwi r4, %0 " :: "m" (d)); \ + __asm__( "lwi r5, %0 " :: "m" (c)); \ + __asm__( "lwi r6, %0 " :: "m" (b)); \ + __asm__( "andi r7, r6, 0xffff" ); \ + __asm__( "bsrli r6, r6, 16 " ); + +#define MULADDC_CORE \ + __asm__( "lhui r8, r3, 0 " ); \ + __asm__( "addi r3, r3, 2 " ); \ + __asm__( "lhui r9, r3, 0 " ); \ + __asm__( "addi r3, r3, 2 " ); \ + __asm__( "mul r10, r9, r6 " ); \ + __asm__( "mul r11, r8, r7 " ); \ + __asm__( "mul r12, r9, r7 " ); \ + __asm__( "mul r13, r8, r6 " ); \ + __asm__( "bsrli r8, r10, 16 " ); \ + __asm__( "bsrli r9, r11, 16 " ); \ + __asm__( "add r13, r13, r8 " ); \ + __asm__( "add r13, r13, r9 " ); \ + __asm__( "bslli r10, r10, 16 " ); \ + __asm__( "bslli r11, r11, 16 " ); \ + __asm__( "add r12, r12, r10 " ); \ + __asm__( "addc r13, r13, r0 " ); \ + __asm__( "add r12, r12, r11 " ); \ + __asm__( "addc r13, r13, r0 " ); \ + __asm__( "lwi r10, r4, 0 " ); \ + __asm__( "add r12, r12, r10 " ); \ + __asm__( "addc r13, r13, r0 " ); \ + __asm__( "add r12, r12, r5 " ); \ + __asm__( "addc r5, r13, r0 " ); \ + __asm__( "swi r12, r4, 0 " ); \ + __asm__( "addi r4, r4, 4 " ); + +#define MULADDC_STOP \ + __asm__( "swi r5, %0 " : "=m" (c)); \ + __asm__( "swi r4, %0 " : "=m" (d)); \ + __asm__( "swi r3, %0 " : "=m" (s) :: \ + "r3", "r4" , "r5" , "r6" , "r7" , "r8" , \ + "r9", "r10", "r11", "r12", "r13" ); + +#endif /* MicroBlaze */ + +#if defined(__tricore__) + +#define MULADDC_INIT \ + __asm__( "ld.a %%a2, %0 " :: "m" (s)); \ + __asm__( "ld.a %%a3, %0 " :: "m" (d)); \ + __asm__( "ld.w %%d4, %0 " :: "m" (c)); \ + __asm__( "ld.w %%d1, %0 " :: "m" (b)); \ + __asm__( "xor %d5, %d5 " ); + +#define MULADDC_CORE \ + __asm__( "ld.w %d0, [%a2+] " ); \ + __asm__( "madd.u %e2, %e4, %d0, %d1 " ); \ + __asm__( "ld.w %d0, [%a3] " ); \ + __asm__( "addx %d2, %d2, %d0 " ); \ + __asm__( "addc %d3, %d3, 0 " ); \ + __asm__( "mov %d4, %d3 " ); \ + __asm__( "st.w [%a3+], %d2 " ); + +#define MULADDC_STOP \ + __asm__( "st.w %0, %%d4 " : "=m" (c)); \ + __asm__( "st.a %0, %%a3 " : "=m" (d)); \ + __asm__( "st.a %0, %%a2 " : "=m" (s) :: \ + "d0", "d1", "e2", "d4", "a2", "a3" ); + +#endif /* TriCore */ + +#if defined(__arm__) + +#if defined(__thumb__) && !defined(__thumb2__) + +#define MULADDC_INIT \ + __asm__( \ + " \ + ldr r0, %3; \ + ldr r1, %4; \ + ldr r2, %5; \ + ldr r3, %6; \ + lsr r7, r3, #16; \ + mov r9, r7; \ + lsl r7, r3, #16; \ + lsr r7, r7, #16; \ + mov r8, r7; \ + " + +#define MULADDC_CORE \ + " \ + ldmia r0!, {r6}; \ + lsr r7, r6, #16; \ + lsl r6, r6, #16; \ + lsr r6, r6, #16; \ + mov r4, r8; \ + mul r4, r6; \ + mov r3, r9; \ + mul r6, r3; \ + mov r5, r9; \ + mul r5, r7; \ + mov r3, r8; \ + mul r7, r3; \ + lsr r3, r6, #16; \ + add r5, r5, r3; \ + lsr r3, r7, #16; \ + add r5, r5, r3; \ + add r4, r4, r2; \ + mov r2, #0; \ + adc r5, r2; \ + lsl r3, r6, #16; \ + add r4, r4, r3; \ + adc r5, r2; \ + lsl r3, r7, #16; \ + add r4, r4, r3; \ + adc r5, r2; \ + ldr r3, [r1]; \ + add r4, r4, r3; \ + adc r2, r5; \ + stmia r1!, {r4}; \ + " + +#define MULADDC_STOP \ + " \ + str r2, %0; \ + str r1, %1; \ + str r0, %2; \ + " \ + : "=m" (c), "=m" (d), "=m" (s) \ + : "m" (s), "m" (d), "m" (c), "m" (b) \ + : "r0", "r1", "r2", "r3", "r4", "r5", \ + "r6", "r7", "r8", "r9", "cc" \ + ); + +#else + +#define MULADDC_INIT \ + __asm__( \ + " \ + ldr r0, %3; \ + ldr r1, %4; \ + ldr r2, %5; \ + ldr r3, %6; \ + " + +#define MULADDC_CORE \ + " \ + ldr r4, [r0], #4; \ + mov r5, #0; \ + ldr r6, [r1]; \ + umlal r2, r5, r3, r4; \ + adds r7, r6, r2; \ + adc r2, r5, #0; \ + str r7, [r1], #4; \ + " + +#define MULADDC_STOP \ + " \ + str r2, %0; \ + str r1, %1; \ + str r0, %2; \ + " \ + : "=m" (c), "=m" (d), "=m" (s) \ + : "m" (s), "m" (d), "m" (c), "m" (b) \ + : "r0", "r1", "r2", "r3", "r4", "r5", \ + "r6", "r7", "cc" \ + ); + +#endif /* Thumb */ + +#endif /* ARMv3 */ + +#if defined(__alpha__) + +#define MULADDC_INIT \ + __asm__( "ldq $1, %0 " :: "m" (s)); \ + __asm__( "ldq $2, %0 " :: "m" (d)); \ + __asm__( "ldq $3, %0 " :: "m" (c)); \ + __asm__( "ldq $4, %0 " :: "m" (b)); + +#define MULADDC_CORE \ + __asm__( "ldq $6, 0($1) " ); \ + __asm__( "addq $1, 8, $1 " ); \ + __asm__( "mulq $6, $4, $7 " ); \ + __asm__( "umulh $6, $4, $6 " ); \ + __asm__( "addq $7, $3, $7 " ); \ + __asm__( "cmpult $7, $3, $3 " ); \ + __asm__( "ldq $5, 0($2) " ); \ + __asm__( "addq $7, $5, $7 " ); \ + __asm__( "cmpult $7, $5, $5 " ); \ + __asm__( "stq $7, 0($2) " ); \ + __asm__( "addq $2, 8, $2 " ); \ + __asm__( "addq $6, $3, $3 " ); \ + __asm__( "addq $5, $3, $3 " ); + +#define MULADDC_STOP \ + __asm__( "stq $3, %0 " : "=m" (c)); \ + __asm__( "stq $2, %0 " : "=m" (d)); \ + __asm__( "stq $1, %0 " : "=m" (s) :: \ + "$1", "$2", "$3", "$4", "$5", "$6", "$7" ); + +#endif /* Alpha */ + +#if defined(__mips__) + +#define MULADDC_INIT \ + __asm__( "lw $10, %0 " :: "m" (s)); \ + __asm__( "lw $11, %0 " :: "m" (d)); \ + __asm__( "lw $12, %0 " :: "m" (c)); \ + __asm__( "lw $13, %0 " :: "m" (b)); + +#define MULADDC_CORE \ + __asm__( "lw $14, 0($10) " ); \ + __asm__( "multu $13, $14 " ); \ + __asm__( "addi $10, $10, 4 " ); \ + __asm__( "mflo $14 " ); \ + __asm__( "mfhi $9 " ); \ + __asm__( "addu $14, $12, $14 " ); \ + __asm__( "lw $15, 0($11) " ); \ + __asm__( "sltu $12, $14, $12 " ); \ + __asm__( "addu $15, $14, $15 " ); \ + __asm__( "sltu $14, $15, $14 " ); \ + __asm__( "addu $12, $12, $9 " ); \ + __asm__( "sw $15, 0($11) " ); \ + __asm__( "addu $12, $12, $14 " ); \ + __asm__( "addi $11, $11, 4 " ); + +#define MULADDC_STOP \ + __asm__( "sw $12, %0 " : "=m" (c)); \ + __asm__( "sw $11, %0 " : "=m" (d)); \ + __asm__( "sw $10, %0 " : "=m" (s) :: \ + "$9", "$10", "$11", "$12", "$13", "$14", "$15" ); + +#endif /* MIPS */ +#endif /* GNUC */ + +#if (defined(_MSC_VER) && defined(_M_IX86)) || defined(__WATCOMC__) + +#define MULADDC_INIT \ + ____asm__ mov esi, s \ + ____asm__ mov edi, d \ + ____asm__ mov ecx, c \ + ____asm__ mov ebx, b + +#define MULADDC_CORE \ + ____asm__ lodsd \ + ____asm__ mul ebx \ + ____asm__ add eax, ecx \ + ____asm__ adc edx, 0 \ + ____asm__ add eax, [edi] \ + ____asm__ adc edx, 0 \ + ____asm__ mov ecx, edx \ + ____asm__ stosd + +#if defined(POLARSSL_HAVE_SSE2) + +#define EMIT ____asm__ _emit + +#define MULADDC_HUIT \ + EMIT 0x0F EMIT 0x6E EMIT 0xC9 \ + EMIT 0x0F EMIT 0x6E EMIT 0xC3 \ + EMIT 0x0F EMIT 0x6E EMIT 0x1F \ + EMIT 0x0F EMIT 0xD4 EMIT 0xCB \ + EMIT 0x0F EMIT 0x6E EMIT 0x16 \ + EMIT 0x0F EMIT 0xF4 EMIT 0xD0 \ + EMIT 0x0F EMIT 0x6E EMIT 0x66 EMIT 0x04 \ + EMIT 0x0F EMIT 0xF4 EMIT 0xE0 \ + EMIT 0x0F EMIT 0x6E EMIT 0x76 EMIT 0x08 \ + EMIT 0x0F EMIT 0xF4 EMIT 0xF0 \ + EMIT 0x0F EMIT 0x6E EMIT 0x7E EMIT 0x0C \ + EMIT 0x0F EMIT 0xF4 EMIT 0xF8 \ + EMIT 0x0F EMIT 0xD4 EMIT 0xCA \ + EMIT 0x0F EMIT 0x6E EMIT 0x5F EMIT 0x04 \ + EMIT 0x0F EMIT 0xD4 EMIT 0xDC \ + EMIT 0x0F EMIT 0x6E EMIT 0x6F EMIT 0x08 \ + EMIT 0x0F EMIT 0xD4 EMIT 0xEE \ + EMIT 0x0F EMIT 0x6E EMIT 0x67 EMIT 0x0C \ + EMIT 0x0F EMIT 0xD4 EMIT 0xFC \ + EMIT 0x0F EMIT 0x7E EMIT 0x0F \ + EMIT 0x0F EMIT 0x6E EMIT 0x56 EMIT 0x10 \ + EMIT 0x0F EMIT 0xF4 EMIT 0xD0 \ + EMIT 0x0F EMIT 0x73 EMIT 0xD1 EMIT 0x20 \ + EMIT 0x0F EMIT 0x6E EMIT 0x66 EMIT 0x14 \ + EMIT 0x0F EMIT 0xF4 EMIT 0xE0 \ + EMIT 0x0F EMIT 0xD4 EMIT 0xCB \ + EMIT 0x0F EMIT 0x6E EMIT 0x76 EMIT 0x18 \ + EMIT 0x0F EMIT 0xF4 EMIT 0xF0 \ + EMIT 0x0F EMIT 0x7E EMIT 0x4F EMIT 0x04 \ + EMIT 0x0F EMIT 0x73 EMIT 0xD1 EMIT 0x20 \ + EMIT 0x0F EMIT 0x6E EMIT 0x5E EMIT 0x1C \ + EMIT 0x0F EMIT 0xF4 EMIT 0xD8 \ + EMIT 0x0F EMIT 0xD4 EMIT 0xCD \ + EMIT 0x0F EMIT 0x6E EMIT 0x6F EMIT 0x10 \ + EMIT 0x0F EMIT 0xD4 EMIT 0xD5 \ + EMIT 0x0F EMIT 0x7E EMIT 0x4F EMIT 0x08 \ + EMIT 0x0F EMIT 0x73 EMIT 0xD1 EMIT 0x20 \ + EMIT 0x0F EMIT 0xD4 EMIT 0xCF \ + EMIT 0x0F EMIT 0x6E EMIT 0x6F EMIT 0x14 \ + EMIT 0x0F EMIT 0xD4 EMIT 0xE5 \ + EMIT 0x0F EMIT 0x7E EMIT 0x4F EMIT 0x0C \ + EMIT 0x0F EMIT 0x73 EMIT 0xD1 EMIT 0x20 \ + EMIT 0x0F EMIT 0xD4 EMIT 0xCA \ + EMIT 0x0F EMIT 0x6E EMIT 0x6F EMIT 0x18 \ + EMIT 0x0F EMIT 0xD4 EMIT 0xF5 \ + EMIT 0x0F EMIT 0x7E EMIT 0x4F EMIT 0x10 \ + EMIT 0x0F EMIT 0x73 EMIT 0xD1 EMIT 0x20 \ + EMIT 0x0F EMIT 0xD4 EMIT 0xCC \ + EMIT 0x0F EMIT 0x6E EMIT 0x6F EMIT 0x1C \ + EMIT 0x0F EMIT 0xD4 EMIT 0xDD \ + EMIT 0x0F EMIT 0x7E EMIT 0x4F EMIT 0x14 \ + EMIT 0x0F EMIT 0x73 EMIT 0xD1 EMIT 0x20 \ + EMIT 0x0F EMIT 0xD4 EMIT 0xCE \ + EMIT 0x0F EMIT 0x7E EMIT 0x4F EMIT 0x18 \ + EMIT 0x0F EMIT 0x73 EMIT 0xD1 EMIT 0x20 \ + EMIT 0x0F EMIT 0xD4 EMIT 0xCB \ + EMIT 0x0F EMIT 0x7E EMIT 0x4F EMIT 0x1C \ + EMIT 0x83 EMIT 0xC7 EMIT 0x20 \ + EMIT 0x83 EMIT 0xC6 EMIT 0x20 \ + EMIT 0x0F EMIT 0x73 EMIT 0xD1 EMIT 0x20 \ + EMIT 0x0F EMIT 0x7E EMIT 0xC9 + +#define MULADDC_STOP \ + EMIT 0x0F EMIT 0x77 \ + ____asm__ mov c, ecx \ + ____asm__ mov d, edi \ + ____asm__ mov s, esi \ + +#else + +#define MULADDC_STOP \ + ____asm__ mov c, ecx \ + ____asm__ mov d, edi \ + ____asm__ mov s, esi \ + +#endif /* SSE2 */ +#endif /* MSVC */ + +#endif /* POLARSSL_HAVE_ASM */ + +#if !defined(MULADDC_CORE) +#if defined(POLARSSL_HAVE_UDBL) + +#define MULADDC_INIT \ +{ \ + t_udbl r; \ + t_uint r0, r1; + +#define MULADDC_CORE \ + r = *(s++) * (t_udbl) b; \ + r0 = r; \ + r1 = r >> biL; \ + r0 += c; r1 += (r0 < c); \ + r0 += *d; r1 += (r0 < *d); \ + c = r1; *(d++) = r0; + +#define MULADDC_STOP \ +} + +#else +#define MULADDC_INIT \ +{ \ + t_uint s0, s1, b0, b1; \ + t_uint r0, r1, rx, ry; \ + b0 = ( b << biH ) >> biH; \ + b1 = ( b >> biH ); + +#define MULADDC_CORE \ + s0 = ( *s << biH ) >> biH; \ + s1 = ( *s >> biH ); s++; \ + rx = s0 * b1; r0 = s0 * b0; \ + ry = s1 * b0; r1 = s1 * b1; \ + r1 += ( rx >> biH ); \ + r1 += ( ry >> biH ); \ + rx <<= biH; ry <<= biH; \ + r0 += rx; r1 += (r0 < rx); \ + r0 += ry; r1 += (r0 < ry); \ + r0 += c; r1 += (r0 < c); \ + r0 += *d; r1 += (r0 < *d); \ + c = r1; *(d++) = r0; + +#define MULADDC_STOP \ +} + +#endif /* C (generic) */ +#endif /* C (longlong) */ + +#endif /* bn_mul.h */ diff --git a/polarssl/camellia.c b/polarssl/camellia.c new file mode 100644 index 0000000..bb87875 --- /dev/null +++ b/polarssl/camellia.c @@ -0,0 +1,1035 @@ +/* + * Camellia implementation + * + * Copyright (C) 2006-2013, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +/* + * The Camellia block cipher was designed by NTT and Mitsubishi Electric + * Corporation. + * + * http://info.isl.ntt.co.jp/crypt/eng/camellia/dl/01espec.pdf + */ + +#include "polarssl/config.h" + +#if defined(POLARSSL_CAMELLIA_C) + +#include "polarssl/camellia.h" + +#if !defined(POLARSSL_CAMELLIA_ALT) + +/* + * 32-bit integer manipulation macros (big endian) + */ +#ifndef GET_UINT32_BE +#define GET_UINT32_BE(n,b,i) \ +{ \ + (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ + | ( (uint32_t) (b)[(i) + 1] << 16 ) \ + | ( (uint32_t) (b)[(i) + 2] << 8 ) \ + | ( (uint32_t) (b)[(i) + 3] ); \ +} +#endif + +#ifndef PUT_UINT32_BE +#define PUT_UINT32_BE(n,b,i) \ +{ \ + (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ + (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ + (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ + (b)[(i) + 3] = (unsigned char) ( (n) ); \ +} +#endif + +static const unsigned char SIGMA_CHARS[6][8] = +{ + { 0xa0, 0x9e, 0x66, 0x7f, 0x3b, 0xcc, 0x90, 0x8b }, + { 0xb6, 0x7a, 0xe8, 0x58, 0x4c, 0xaa, 0x73, 0xb2 }, + { 0xc6, 0xef, 0x37, 0x2f, 0xe9, 0x4f, 0x82, 0xbe }, + { 0x54, 0xff, 0x53, 0xa5, 0xf1, 0xd3, 0x6f, 0x1c }, + { 0x10, 0xe5, 0x27, 0xfa, 0xde, 0x68, 0x2d, 0x1d }, + { 0xb0, 0x56, 0x88, 0xc2, 0xb3, 0xe6, 0xc1, 0xfd } +}; + +#if defined(POLARSSL_CAMELLIA_SMALL_MEMORY) + +static const unsigned char FSb[256] = +{ + 112,130, 44,236,179, 39,192,229,228,133, 87, 53,234, 12,174, 65, + 35,239,107,147, 69, 25,165, 33,237, 14, 79, 78, 29,101,146,189, + 134,184,175,143,124,235, 31,206, 62, 48,220, 95, 94,197, 11, 26, + 166,225, 57,202,213, 71, 93, 61,217, 1, 90,214, 81, 86,108, 77, + 139, 13,154,102,251,204,176, 45,116, 18, 43, 32,240,177,132,153, + 223, 76,203,194, 52,126,118, 5,109,183,169, 49,209, 23, 4,215, + 20, 88, 58, 97,222, 27, 17, 28, 50, 15,156, 22, 83, 24,242, 34, + 254, 68,207,178,195,181,122,145, 36, 8,232,168, 96,252,105, 80, + 170,208,160,125,161,137, 98,151, 84, 91, 30,149,224,255,100,210, + 16,196, 0, 72,163,247,117,219,138, 3,230,218, 9, 63,221,148, + 135, 92,131, 2,205, 74,144, 51,115,103,246,243,157,127,191,226, + 82,155,216, 38,200, 55,198, 59,129,150,111, 75, 19,190, 99, 46, + 233,121,167,140,159,110,188,142, 41,245,249,182, 47,253,180, 89, + 120,152, 6,106,231, 70,113,186,212, 37,171, 66,136,162,141,250, + 114, 7,185, 85,248,238,172, 10, 54, 73, 42,104, 60, 56,241,164, + 64, 40,211,123,187,201, 67,193, 21,227,173,244,119,199,128,158 +}; + +#define SBOX1(n) FSb[(n)] +#define SBOX2(n) (unsigned char)((FSb[(n)] >> 7 ^ FSb[(n)] << 1) & 0xff) +#define SBOX3(n) (unsigned char)((FSb[(n)] >> 1 ^ FSb[(n)] << 7) & 0xff) +#define SBOX4(n) FSb[((n) << 1 ^ (n) >> 7) &0xff] + +#else + +static const unsigned char FSb[256] = +{ + 112, 130, 44, 236, 179, 39, 192, 229, 228, 133, 87, 53, 234, 12, 174, 65, + 35, 239, 107, 147, 69, 25, 165, 33, 237, 14, 79, 78, 29, 101, 146, 189, + 134, 184, 175, 143, 124, 235, 31, 206, 62, 48, 220, 95, 94, 197, 11, 26, + 166, 225, 57, 202, 213, 71, 93, 61, 217, 1, 90, 214, 81, 86, 108, 77, + 139, 13, 154, 102, 251, 204, 176, 45, 116, 18, 43, 32, 240, 177, 132, 153, + 223, 76, 203, 194, 52, 126, 118, 5, 109, 183, 169, 49, 209, 23, 4, 215, + 20, 88, 58, 97, 222, 27, 17, 28, 50, 15, 156, 22, 83, 24, 242, 34, + 254, 68, 207, 178, 195, 181, 122, 145, 36, 8, 232, 168, 96, 252, 105, 80, + 170, 208, 160, 125, 161, 137, 98, 151, 84, 91, 30, 149, 224, 255, 100, 210, + 16, 196, 0, 72, 163, 247, 117, 219, 138, 3, 230, 218, 9, 63, 221, 148, + 135, 92, 131, 2, 205, 74, 144, 51, 115, 103, 246, 243, 157, 127, 191, 226, + 82, 155, 216, 38, 200, 55, 198, 59, 129, 150, 111, 75, 19, 190, 99, 46, + 233, 121, 167, 140, 159, 110, 188, 142, 41, 245, 249, 182, 47, 253, 180, 89, + 120, 152, 6, 106, 231, 70, 113, 186, 212, 37, 171, 66, 136, 162, 141, 250, + 114, 7, 185, 85, 248, 238, 172, 10, 54, 73, 42, 104, 60, 56, 241, 164, + 64, 40, 211, 123, 187, 201, 67, 193, 21, 227, 173, 244, 119, 199, 128, 158 +}; + +static const unsigned char FSb2[256] = +{ + 224, 5, 88, 217, 103, 78, 129, 203, 201, 11, 174, 106, 213, 24, 93, 130, + 70, 223, 214, 39, 138, 50, 75, 66, 219, 28, 158, 156, 58, 202, 37, 123, + 13, 113, 95, 31, 248, 215, 62, 157, 124, 96, 185, 190, 188, 139, 22, 52, + 77, 195, 114, 149, 171, 142, 186, 122, 179, 2, 180, 173, 162, 172, 216, 154, + 23, 26, 53, 204, 247, 153, 97, 90, 232, 36, 86, 64, 225, 99, 9, 51, + 191, 152, 151, 133, 104, 252, 236, 10, 218, 111, 83, 98, 163, 46, 8, 175, + 40, 176, 116, 194, 189, 54, 34, 56, 100, 30, 57, 44, 166, 48, 229, 68, + 253, 136, 159, 101, 135, 107, 244, 35, 72, 16, 209, 81, 192, 249, 210, 160, + 85, 161, 65, 250, 67, 19, 196, 47, 168, 182, 60, 43, 193, 255, 200, 165, + 32, 137, 0, 144, 71, 239, 234, 183, 21, 6, 205, 181, 18, 126, 187, 41, + 15, 184, 7, 4, 155, 148, 33, 102, 230, 206, 237, 231, 59, 254, 127, 197, + 164, 55, 177, 76, 145, 110, 141, 118, 3, 45, 222, 150, 38, 125, 198, 92, + 211, 242, 79, 25, 63, 220, 121, 29, 82, 235, 243, 109, 94, 251, 105, 178, + 240, 49, 12, 212, 207, 140, 226, 117, 169, 74, 87, 132, 17, 69, 27, 245, + 228, 14, 115, 170, 241, 221, 89, 20, 108, 146, 84, 208, 120, 112, 227, 73, + 128, 80, 167, 246, 119, 147, 134, 131, 42, 199, 91, 233, 238, 143, 1, 61 +}; + +static const unsigned char FSb3[256] = +{ + 56, 65, 22, 118, 217, 147, 96, 242, 114, 194, 171, 154, 117, 6, 87, 160, + 145, 247, 181, 201, 162, 140, 210, 144, 246, 7, 167, 39, 142, 178, 73, 222, + 67, 92, 215, 199, 62, 245, 143, 103, 31, 24, 110, 175, 47, 226, 133, 13, + 83, 240, 156, 101, 234, 163, 174, 158, 236, 128, 45, 107, 168, 43, 54, 166, + 197, 134, 77, 51, 253, 102, 88, 150, 58, 9, 149, 16, 120, 216, 66, 204, + 239, 38, 229, 97, 26, 63, 59, 130, 182, 219, 212, 152, 232, 139, 2, 235, + 10, 44, 29, 176, 111, 141, 136, 14, 25, 135, 78, 11, 169, 12, 121, 17, + 127, 34, 231, 89, 225, 218, 61, 200, 18, 4, 116, 84, 48, 126, 180, 40, + 85, 104, 80, 190, 208, 196, 49, 203, 42, 173, 15, 202, 112, 255, 50, 105, + 8, 98, 0, 36, 209, 251, 186, 237, 69, 129, 115, 109, 132, 159, 238, 74, + 195, 46, 193, 1, 230, 37, 72, 153, 185, 179, 123, 249, 206, 191, 223, 113, + 41, 205, 108, 19, 100, 155, 99, 157, 192, 75, 183, 165, 137, 95, 177, 23, + 244, 188, 211, 70, 207, 55, 94, 71, 148, 250, 252, 91, 151, 254, 90, 172, + 60, 76, 3, 53, 243, 35, 184, 93, 106, 146, 213, 33, 68, 81, 198, 125, + 57, 131, 220, 170, 124, 119, 86, 5, 27, 164, 21, 52, 30, 28, 248, 82, + 32, 20, 233, 189, 221, 228, 161, 224, 138, 241, 214, 122, 187, 227, 64, 79 +}; + +static const unsigned char FSb4[256] = +{ + 112, 44, 179, 192, 228, 87, 234, 174, 35, 107, 69, 165, 237, 79, 29, 146, + 134, 175, 124, 31, 62, 220, 94, 11, 166, 57, 213, 93, 217, 90, 81, 108, + 139, 154, 251, 176, 116, 43, 240, 132, 223, 203, 52, 118, 109, 169, 209, 4, + 20, 58, 222, 17, 50, 156, 83, 242, 254, 207, 195, 122, 36, 232, 96, 105, + 170, 160, 161, 98, 84, 30, 224, 100, 16, 0, 163, 117, 138, 230, 9, 221, + 135, 131, 205, 144, 115, 246, 157, 191, 82, 216, 200, 198, 129, 111, 19, 99, + 233, 167, 159, 188, 41, 249, 47, 180, 120, 6, 231, 113, 212, 171, 136, 141, + 114, 185, 248, 172, 54, 42, 60, 241, 64, 211, 187, 67, 21, 173, 119, 128, + 130, 236, 39, 229, 133, 53, 12, 65, 239, 147, 25, 33, 14, 78, 101, 189, + 184, 143, 235, 206, 48, 95, 197, 26, 225, 202, 71, 61, 1, 214, 86, 77, + 13, 102, 204, 45, 18, 32, 177, 153, 76, 194, 126, 5, 183, 49, 23, 215, + 88, 97, 27, 28, 15, 22, 24, 34, 68, 178, 181, 145, 8, 168, 252, 80, + 208, 125, 137, 151, 91, 149, 255, 210, 196, 72, 247, 219, 3, 218, 63, 148, + 92, 2, 74, 51, 103, 243, 127, 226, 155, 38, 55, 59, 150, 75, 190, 46, + 121, 140, 110, 142, 245, 182, 253, 89, 152, 106, 70, 186, 37, 66, 162, 250, + 7, 85, 238, 10, 73, 104, 56, 164, 40, 123, 201, 193, 227, 244, 199, 158 +}; + +#define SBOX1(n) FSb[(n)] +#define SBOX2(n) FSb2[(n)] +#define SBOX3(n) FSb3[(n)] +#define SBOX4(n) FSb4[(n)] + +#endif + +static const unsigned char shifts[2][4][4] = +{ + { + { 1, 1, 1, 1 }, /* KL */ + { 0, 0, 0, 0 }, /* KR */ + { 1, 1, 1, 1 }, /* KA */ + { 0, 0, 0, 0 } /* KB */ + }, + { + { 1, 0, 1, 1 }, /* KL */ + { 1, 1, 0, 1 }, /* KR */ + { 1, 1, 1, 0 }, /* KA */ + { 1, 1, 0, 1 } /* KB */ + } +}; + +static const signed char indexes[2][4][20] = +{ + { + { 0, 1, 2, 3, 8, 9, 10, 11, 38, 39, + 36, 37, 23, 20, 21, 22, 27, -1, -1, 26 }, /* KL -> RK */ + { -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1 }, /* KR -> RK */ + { 4, 5, 6, 7, 12, 13, 14, 15, 16, 17, + 18, 19, -1, 24, 25, -1, 31, 28, 29, 30 }, /* KA -> RK */ + { -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1 } /* KB -> RK */ + }, + { + { 0, 1, 2, 3, 61, 62, 63, 60, -1, -1, + -1, -1, 27, 24, 25, 26, 35, 32, 33, 34 }, /* KL -> RK */ + { -1, -1, -1, -1, 8, 9, 10, 11, 16, 17, + 18, 19, -1, -1, -1, -1, 39, 36, 37, 38 }, /* KR -> RK */ + { -1, -1, -1, -1, 12, 13, 14, 15, 58, 59, + 56, 57, 31, 28, 29, 30, -1, -1, -1, -1 }, /* KA -> RK */ + { 4, 5, 6, 7, 65, 66, 67, 64, 20, 21, + 22, 23, -1, -1, -1, -1, 43, 40, 41, 42 } /* KB -> RK */ + } +}; + +static const signed char transposes[2][20] = +{ + { + 21, 22, 23, 20, + -1, -1, -1, -1, + 18, 19, 16, 17, + 11, 8, 9, 10, + 15, 12, 13, 14 + }, + { + 25, 26, 27, 24, + 29, 30, 31, 28, + 18, 19, 16, 17, + -1, -1, -1, -1, + -1, -1, -1, -1 + } +}; + +/* Shift macro for 128 bit strings with rotation smaller than 32 bits (!) */ +#define ROTL(DEST, SRC, SHIFT) \ +{ \ + (DEST)[0] = (SRC)[0] << (SHIFT) ^ (SRC)[1] >> (32 - (SHIFT)); \ + (DEST)[1] = (SRC)[1] << (SHIFT) ^ (SRC)[2] >> (32 - (SHIFT)); \ + (DEST)[2] = (SRC)[2] << (SHIFT) ^ (SRC)[3] >> (32 - (SHIFT)); \ + (DEST)[3] = (SRC)[3] << (SHIFT) ^ (SRC)[0] >> (32 - (SHIFT)); \ +} + +#define FL(XL, XR, KL, KR) \ +{ \ + (XR) = ((((XL) & (KL)) << 1) | (((XL) & (KL)) >> 31)) ^ (XR); \ + (XL) = ((XR) | (KR)) ^ (XL); \ +} + +#define FLInv(YL, YR, KL, KR) \ +{ \ + (YL) = ((YR) | (KR)) ^ (YL); \ + (YR) = ((((YL) & (KL)) << 1) | (((YL) & (KL)) >> 31)) ^ (YR); \ +} + +#define SHIFT_AND_PLACE(INDEX, OFFSET) \ +{ \ + TK[0] = KC[(OFFSET) * 4 + 0]; \ + TK[1] = KC[(OFFSET) * 4 + 1]; \ + TK[2] = KC[(OFFSET) * 4 + 2]; \ + TK[3] = KC[(OFFSET) * 4 + 3]; \ + \ + for ( i = 1; i <= 4; i++ ) \ + if (shifts[(INDEX)][(OFFSET)][i -1]) \ + ROTL(TK + i * 4, TK, (15 * i) % 32); \ + \ + for ( i = 0; i < 20; i++ ) \ + if (indexes[(INDEX)][(OFFSET)][i] != -1) { \ + RK[indexes[(INDEX)][(OFFSET)][i]] = TK[ i ]; \ + } \ +} + +static void camellia_feistel(const uint32_t x[2], const uint32_t k[2], uint32_t z[2]) +{ + uint32_t I0, I1; + I0 = x[0] ^ k[0]; + I1 = x[1] ^ k[1]; + + I0 = (SBOX1((I0 >> 24) & 0xFF) << 24) | + (SBOX2((I0 >> 16) & 0xFF) << 16) | + (SBOX3((I0 >> 8) & 0xFF) << 8) | + (SBOX4((I0 ) & 0xFF) ); + I1 = (SBOX2((I1 >> 24) & 0xFF) << 24) | + (SBOX3((I1 >> 16) & 0xFF) << 16) | + (SBOX4((I1 >> 8) & 0xFF) << 8) | + (SBOX1((I1 ) & 0xFF) ); + + I0 ^= (I1 << 8) | (I1 >> 24); + I1 ^= (I0 << 16) | (I0 >> 16); + I0 ^= (I1 >> 8) | (I1 << 24); + I1 ^= (I0 >> 8) | (I0 << 24); + + z[0] ^= I1; + z[1] ^= I0; +} + +/* + * Camellia key schedule (encryption) + */ +int camellia_setkey_enc( camellia_context *ctx, const unsigned char *key, unsigned int keysize ) +{ + int idx; + size_t i; + uint32_t *RK; + unsigned char t[64]; + uint32_t SIGMA[6][2]; + uint32_t KC[16]; + uint32_t TK[20]; + + RK = ctx->rk; + + memset(t, 0, 64); + memset(RK, 0, sizeof(ctx->rk)); + + switch( keysize ) + { + case 128: ctx->nr = 3; idx = 0; break; + case 192: + case 256: ctx->nr = 4; idx = 1; break; + default : return( POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH ); + } + + for( i = 0; i < keysize / 8; ++i) + t[i] = key[i]; + + if (keysize == 192) { + for (i = 0; i < 8; i++) + t[24 + i] = ~t[16 + i]; + } + + /* + * Prepare SIGMA values + */ + for (i = 0; i < 6; i++) { + GET_UINT32_BE(SIGMA[i][0], SIGMA_CHARS[i], 0); + GET_UINT32_BE(SIGMA[i][1], SIGMA_CHARS[i], 4); + } + + /* + * Key storage in KC + * Order: KL, KR, KA, KB + */ + memset(KC, 0, sizeof(KC)); + + /* Store KL, KR */ + for (i = 0; i < 8; i++) + GET_UINT32_BE(KC[i], t, i * 4); + + /* Generate KA */ + for( i = 0; i < 4; ++i) + KC[8 + i] = KC[i] ^ KC[4 + i]; + + camellia_feistel(KC + 8, SIGMA[0], KC + 10); + camellia_feistel(KC + 10, SIGMA[1], KC + 8); + + for( i = 0; i < 4; ++i) + KC[8 + i] ^= KC[i]; + + camellia_feistel(KC + 8, SIGMA[2], KC + 10); + camellia_feistel(KC + 10, SIGMA[3], KC + 8); + + if (keysize > 128) { + /* Generate KB */ + for( i = 0; i < 4; ++i) + KC[12 + i] = KC[4 + i] ^ KC[8 + i]; + + camellia_feistel(KC + 12, SIGMA[4], KC + 14); + camellia_feistel(KC + 14, SIGMA[5], KC + 12); + } + + /* + * Generating subkeys + */ + + /* Manipulating KL */ + SHIFT_AND_PLACE(idx, 0); + + /* Manipulating KR */ + if (keysize > 128) { + SHIFT_AND_PLACE(idx, 1); + } + + /* Manipulating KA */ + SHIFT_AND_PLACE(idx, 2); + + /* Manipulating KB */ + if (keysize > 128) { + SHIFT_AND_PLACE(idx, 3); + } + + /* Do transpositions */ + for ( i = 0; i < 20; i++ ) { + if (transposes[idx][i] != -1) { + RK[32 + 12 * idx + i] = RK[transposes[idx][i]]; + } + } + + return( 0 ); +} + +/* + * Camellia key schedule (decryption) + */ +int camellia_setkey_dec( camellia_context *ctx, const unsigned char *key, unsigned int keysize ) +{ + int idx; + size_t i; + camellia_context cty; + uint32_t *RK; + uint32_t *SK; + int ret; + + switch( keysize ) + { + case 128: ctx->nr = 3; idx = 0; break; + case 192: + case 256: ctx->nr = 4; idx = 1; break; + default : return( POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH ); + } + + RK = ctx->rk; + + ret = camellia_setkey_enc(&cty, key, keysize); + if( ret != 0 ) + return( ret ); + + SK = cty.rk + 24 * 2 + 8 * idx * 2; + + *RK++ = *SK++; + *RK++ = *SK++; + *RK++ = *SK++; + *RK++ = *SK++; + + for (i = 22 + 8 * idx, SK -= 6; i > 0; i--, SK -= 4) + { + *RK++ = *SK++; + *RK++ = *SK++; + } + + SK -= 2; + + *RK++ = *SK++; + *RK++ = *SK++; + *RK++ = *SK++; + *RK++ = *SK++; + + memset( &cty, 0, sizeof( camellia_context ) ); + + return( 0 ); +} + +/* + * Camellia-ECB block encryption/decryption + */ +int camellia_crypt_ecb( camellia_context *ctx, + int mode, + const unsigned char input[16], + unsigned char output[16] ) +{ + int NR; + uint32_t *RK, X[4]; + + ( (void) mode ); + + NR = ctx->nr; + RK = ctx->rk; + + GET_UINT32_BE( X[0], input, 0 ); + GET_UINT32_BE( X[1], input, 4 ); + GET_UINT32_BE( X[2], input, 8 ); + GET_UINT32_BE( X[3], input, 12 ); + + X[0] ^= *RK++; + X[1] ^= *RK++; + X[2] ^= *RK++; + X[3] ^= *RK++; + + while (NR) { + --NR; + camellia_feistel(X, RK, X + 2); + RK += 2; + camellia_feistel(X + 2, RK, X); + RK += 2; + camellia_feistel(X, RK, X + 2); + RK += 2; + camellia_feistel(X + 2, RK, X); + RK += 2; + camellia_feistel(X, RK, X + 2); + RK += 2; + camellia_feistel(X + 2, RK, X); + RK += 2; + + if (NR) { + FL(X[0], X[1], RK[0], RK[1]); + RK += 2; + FLInv(X[2], X[3], RK[0], RK[1]); + RK += 2; + } + } + + X[2] ^= *RK++; + X[3] ^= *RK++; + X[0] ^= *RK++; + X[1] ^= *RK++; + + PUT_UINT32_BE( X[2], output, 0 ); + PUT_UINT32_BE( X[3], output, 4 ); + PUT_UINT32_BE( X[0], output, 8 ); + PUT_UINT32_BE( X[1], output, 12 ); + + return( 0 ); +} + +/* + * Camellia-CBC buffer encryption/decryption + */ +int camellia_crypt_cbc( camellia_context *ctx, + int mode, + size_t length, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output ) +{ + int i; + unsigned char temp[16]; + + if( length % 16 ) + return( POLARSSL_ERR_CAMELLIA_INVALID_INPUT_LENGTH ); + + if( mode == CAMELLIA_DECRYPT ) + { + while( length > 0 ) + { + memcpy( temp, input, 16 ); + camellia_crypt_ecb( ctx, mode, input, output ); + + for( i = 0; i < 16; i++ ) + output[i] = (unsigned char)( output[i] ^ iv[i] ); + + memcpy( iv, temp, 16 ); + + input += 16; + output += 16; + length -= 16; + } + } + else + { + while( length > 0 ) + { + for( i = 0; i < 16; i++ ) + output[i] = (unsigned char)( input[i] ^ iv[i] ); + + camellia_crypt_ecb( ctx, mode, output, output ); + memcpy( iv, output, 16 ); + + input += 16; + output += 16; + length -= 16; + } + } + + return( 0 ); +} + +#if defined(POLARSSL_CIPHER_MODE_CFB) +/* + * Camellia-CFB128 buffer encryption/decryption + */ +int camellia_crypt_cfb128( camellia_context *ctx, + int mode, + size_t length, + size_t *iv_off, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output ) +{ + int c; + size_t n = *iv_off; + + if( mode == CAMELLIA_DECRYPT ) + { + while( length-- ) + { + if( n == 0 ) + camellia_crypt_ecb( ctx, CAMELLIA_ENCRYPT, iv, iv ); + + c = *input++; + *output++ = (unsigned char)( c ^ iv[n] ); + iv[n] = (unsigned char) c; + + n = (n + 1) & 0x0F; + } + } + else + { + while( length-- ) + { + if( n == 0 ) + camellia_crypt_ecb( ctx, CAMELLIA_ENCRYPT, iv, iv ); + + iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ ); + + n = (n + 1) & 0x0F; + } + } + + *iv_off = n; + + return( 0 ); +} +#endif /* POLARSSL_CIPHER_MODE_CFB */ + +#if defined(POLARSSL_CIPHER_MODE_CTR) +/* + * Camellia-CTR buffer encryption/decryption + */ +int camellia_crypt_ctr( camellia_context *ctx, + size_t length, + size_t *nc_off, + unsigned char nonce_counter[16], + unsigned char stream_block[16], + const unsigned char *input, + unsigned char *output ) +{ + int c, i; + size_t n = *nc_off; + + while( length-- ) + { + if( n == 0 ) { + camellia_crypt_ecb( ctx, CAMELLIA_ENCRYPT, nonce_counter, stream_block ); + + for( i = 16; i > 0; i-- ) + if( ++nonce_counter[i - 1] != 0 ) + break; + } + c = *input++; + *output++ = (unsigned char)( c ^ stream_block[n] ); + + n = (n + 1) & 0x0F; + } + + *nc_off = n; + + return( 0 ); +} +#endif /* POLARSSL_CIPHER_MODE_CTR */ +#endif /* !POLARSSL_CAMELLIA_ALT */ + +#if defined(POLARSSL_SELF_TEST) + +#include + +/* + * Camellia test vectors from: + * + * http://info.isl.ntt.co.jp/crypt/eng/camellia/technology.html: + * http://info.isl.ntt.co.jp/crypt/eng/camellia/dl/cryptrec/intermediate.txt + * http://info.isl.ntt.co.jp/crypt/eng/camellia/dl/cryptrec/t_camellia.txt + * (For each bitlength: Key 0, Nr 39) + */ +#define CAMELLIA_TESTS_ECB 2 + +static const unsigned char camellia_test_ecb_key[3][CAMELLIA_TESTS_ECB][32] = +{ + { + { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, + 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 }, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } + }, + { + { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, + 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10, + 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77 }, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } + }, + { + { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, + 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10, + 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, + 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff }, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } + }, +}; + +static const unsigned char camellia_test_ecb_plain[CAMELLIA_TESTS_ECB][16] = +{ + { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, + 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 }, + { 0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } +}; + +static const unsigned char camellia_test_ecb_cipher[3][CAMELLIA_TESTS_ECB][16] = +{ + { + { 0x67, 0x67, 0x31, 0x38, 0x54, 0x96, 0x69, 0x73, + 0x08, 0x57, 0x06, 0x56, 0x48, 0xea, 0xbe, 0x43 }, + { 0x38, 0x3C, 0x6C, 0x2A, 0xAB, 0xEF, 0x7F, 0xDE, + 0x25, 0xCD, 0x47, 0x0B, 0xF7, 0x74, 0xA3, 0x31 } + }, + { + { 0xb4, 0x99, 0x34, 0x01, 0xb3, 0xe9, 0x96, 0xf8, + 0x4e, 0xe5, 0xce, 0xe7, 0xd7, 0x9b, 0x09, 0xb9 }, + { 0xD1, 0x76, 0x3F, 0xC0, 0x19, 0xD7, 0x7C, 0xC9, + 0x30, 0xBF, 0xF2, 0xA5, 0x6F, 0x7C, 0x93, 0x64 } + }, + { + { 0x9a, 0xcc, 0x23, 0x7d, 0xff, 0x16, 0xd7, 0x6c, + 0x20, 0xef, 0x7c, 0x91, 0x9e, 0x3a, 0x75, 0x09 }, + { 0x05, 0x03, 0xFB, 0x10, 0xAB, 0x24, 0x1E, 0x7C, + 0xF4, 0x5D, 0x8C, 0xDE, 0xEE, 0x47, 0x43, 0x35 } + } +}; + +#define CAMELLIA_TESTS_CBC 3 + +static const unsigned char camellia_test_cbc_key[3][32] = +{ + { 0x2B, 0x7E, 0x15, 0x16, 0x28, 0xAE, 0xD2, 0xA6, + 0xAB, 0xF7, 0x15, 0x88, 0x09, 0xCF, 0x4F, 0x3C } + , + { 0x8E, 0x73, 0xB0, 0xF7, 0xDA, 0x0E, 0x64, 0x52, + 0xC8, 0x10, 0xF3, 0x2B, 0x80, 0x90, 0x79, 0xE5, + 0x62, 0xF8, 0xEA, 0xD2, 0x52, 0x2C, 0x6B, 0x7B } + , + { 0x60, 0x3D, 0xEB, 0x10, 0x15, 0xCA, 0x71, 0xBE, + 0x2B, 0x73, 0xAE, 0xF0, 0x85, 0x7D, 0x77, 0x81, + 0x1F, 0x35, 0x2C, 0x07, 0x3B, 0x61, 0x08, 0xD7, + 0x2D, 0x98, 0x10, 0xA3, 0x09, 0x14, 0xDF, 0xF4 } +}; + +static const unsigned char camellia_test_cbc_iv[16] = + + { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F } +; + +static const unsigned char camellia_test_cbc_plain[CAMELLIA_TESTS_CBC][16] = +{ + { 0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96, + 0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A }, + { 0xAE, 0x2D, 0x8A, 0x57, 0x1E, 0x03, 0xAC, 0x9C, + 0x9E, 0xB7, 0x6F, 0xAC, 0x45, 0xAF, 0x8E, 0x51 }, + { 0x30, 0xC8, 0x1C, 0x46, 0xA3, 0x5C, 0xE4, 0x11, + 0xE5, 0xFB, 0xC1, 0x19, 0x1A, 0x0A, 0x52, 0xEF } + +}; + +static const unsigned char camellia_test_cbc_cipher[3][CAMELLIA_TESTS_CBC][16] = +{ + { + { 0x16, 0x07, 0xCF, 0x49, 0x4B, 0x36, 0xBB, 0xF0, + 0x0D, 0xAE, 0xB0, 0xB5, 0x03, 0xC8, 0x31, 0xAB }, + { 0xA2, 0xF2, 0xCF, 0x67, 0x16, 0x29, 0xEF, 0x78, + 0x40, 0xC5, 0xA5, 0xDF, 0xB5, 0x07, 0x48, 0x87 }, + { 0x0F, 0x06, 0x16, 0x50, 0x08, 0xCF, 0x8B, 0x8B, + 0x5A, 0x63, 0x58, 0x63, 0x62, 0x54, 0x3E, 0x54 } + }, + { + { 0x2A, 0x48, 0x30, 0xAB, 0x5A, 0xC4, 0xA1, 0xA2, + 0x40, 0x59, 0x55, 0xFD, 0x21, 0x95, 0xCF, 0x93 }, + { 0x5D, 0x5A, 0x86, 0x9B, 0xD1, 0x4C, 0xE5, 0x42, + 0x64, 0xF8, 0x92, 0xA6, 0xDD, 0x2E, 0xC3, 0xD5 }, + { 0x37, 0xD3, 0x59, 0xC3, 0x34, 0x98, 0x36, 0xD8, + 0x84, 0xE3, 0x10, 0xAD, 0xDF, 0x68, 0xC4, 0x49 } + }, + { + { 0xE6, 0xCF, 0xA3, 0x5F, 0xC0, 0x2B, 0x13, 0x4A, + 0x4D, 0x2C, 0x0B, 0x67, 0x37, 0xAC, 0x3E, 0xDA }, + { 0x36, 0xCB, 0xEB, 0x73, 0xBD, 0x50, 0x4B, 0x40, + 0x70, 0xB1, 0xB7, 0xDE, 0x2B, 0x21, 0xEB, 0x50 }, + { 0xE3, 0x1A, 0x60, 0x55, 0x29, 0x7D, 0x96, 0xCA, + 0x33, 0x30, 0xCD, 0xF1, 0xB1, 0x86, 0x0A, 0x83 } + } +}; + +#if defined(POLARSSL_CIPHER_MODE_CTR) +/* + * Camellia-CTR test vectors from: + * + * http://www.faqs.org/rfcs/rfc5528.html + */ + +static const unsigned char camellia_test_ctr_key[3][16] = +{ + { 0xAE, 0x68, 0x52, 0xF8, 0x12, 0x10, 0x67, 0xCC, + 0x4B, 0xF7, 0xA5, 0x76, 0x55, 0x77, 0xF3, 0x9E }, + { 0x7E, 0x24, 0x06, 0x78, 0x17, 0xFA, 0xE0, 0xD7, + 0x43, 0xD6, 0xCE, 0x1F, 0x32, 0x53, 0x91, 0x63 }, + { 0x76, 0x91, 0xBE, 0x03, 0x5E, 0x50, 0x20, 0xA8, + 0xAC, 0x6E, 0x61, 0x85, 0x29, 0xF9, 0xA0, 0xDC } +}; + +static const unsigned char camellia_test_ctr_nonce_counter[3][16] = +{ + { 0x00, 0x00, 0x00, 0x30, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 }, + { 0x00, 0x6C, 0xB6, 0xDB, 0xC0, 0x54, 0x3B, 0x59, + 0xDA, 0x48, 0xD9, 0x0B, 0x00, 0x00, 0x00, 0x01 }, + { 0x00, 0xE0, 0x01, 0x7B, 0x27, 0x77, 0x7F, 0x3F, + 0x4A, 0x17, 0x86, 0xF0, 0x00, 0x00, 0x00, 0x01 } +}; + +static const unsigned char camellia_test_ctr_pt[3][48] = +{ + { 0x53, 0x69, 0x6E, 0x67, 0x6C, 0x65, 0x20, 0x62, + 0x6C, 0x6F, 0x63, 0x6B, 0x20, 0x6D, 0x73, 0x67 }, + + { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F }, + + { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, + 0x20, 0x21, 0x22, 0x23 } +}; + +static const unsigned char camellia_test_ctr_ct[3][48] = +{ + { 0xD0, 0x9D, 0xC2, 0x9A, 0x82, 0x14, 0x61, 0x9A, + 0x20, 0x87, 0x7C, 0x76, 0xDB, 0x1F, 0x0B, 0x3F }, + { 0xDB, 0xF3, 0xC7, 0x8D, 0xC0, 0x83, 0x96, 0xD4, + 0xDA, 0x7C, 0x90, 0x77, 0x65, 0xBB, 0xCB, 0x44, + 0x2B, 0x8E, 0x8E, 0x0F, 0x31, 0xF0, 0xDC, 0xA7, + 0x2C, 0x74, 0x17, 0xE3, 0x53, 0x60, 0xE0, 0x48 }, + { 0xB1, 0x9D, 0x1F, 0xCD, 0xCB, 0x75, 0xEB, 0x88, + 0x2F, 0x84, 0x9C, 0xE2, 0x4D, 0x85, 0xCF, 0x73, + 0x9C, 0xE6, 0x4B, 0x2B, 0x5C, 0x9D, 0x73, 0xF1, + 0x4F, 0x2D, 0x5D, 0x9D, 0xCE, 0x98, 0x89, 0xCD, + 0xDF, 0x50, 0x86, 0x96 } +}; + +static const int camellia_test_ctr_len[3] = + { 16, 32, 36 }; +#endif /* POLARSSL_CIPHER_MODE_CTR */ + +/* + * Checkup routine + */ +int camellia_self_test( int verbose ) +{ + int i, j, u, v; + unsigned char key[32]; + unsigned char buf[64]; + unsigned char src[16]; + unsigned char dst[16]; + unsigned char iv[16]; +#if defined(POLARSSL_CIPHER_MODE_CTR) + size_t offset, len; + unsigned char nonce_counter[16]; + unsigned char stream_block[16]; +#endif + + camellia_context ctx; + + memset( key, 0, 32 ); + + for (j = 0; j < 6; j++) { + u = j >> 1; + v = j & 1; + + if( verbose != 0 ) + printf( " CAMELLIA-ECB-%3d (%s): ", 128 + u * 64, + (v == CAMELLIA_DECRYPT) ? "dec" : "enc"); + + for (i = 0; i < CAMELLIA_TESTS_ECB; i++ ) { + memcpy( key, camellia_test_ecb_key[u][i], 16 + 8 * u); + + if (v == CAMELLIA_DECRYPT) { + camellia_setkey_dec(&ctx, key, 128 + u * 64); + memcpy(src, camellia_test_ecb_cipher[u][i], 16); + memcpy(dst, camellia_test_ecb_plain[i], 16); + } else { /* CAMELLIA_ENCRYPT */ + camellia_setkey_enc(&ctx, key, 128 + u * 64); + memcpy(src, camellia_test_ecb_plain[i], 16); + memcpy(dst, camellia_test_ecb_cipher[u][i], 16); + } + + camellia_crypt_ecb(&ctx, v, src, buf); + + if( memcmp( buf, dst, 16 ) != 0 ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( 1 ); + } + } + + if( verbose != 0 ) + printf( "passed\n" ); + } + + if( verbose != 0 ) + printf( "\n" ); + + /* + * CBC mode + */ + for( j = 0; j < 6; j++ ) + { + u = j >> 1; + v = j & 1; + + if( verbose != 0 ) + printf( " CAMELLIA-CBC-%3d (%s): ", 128 + u * 64, + ( v == CAMELLIA_DECRYPT ) ? "dec" : "enc" ); + + memcpy( src, camellia_test_cbc_iv, 16); + memcpy( dst, camellia_test_cbc_iv, 16); + memcpy( key, camellia_test_cbc_key[u], 16 + 8 * u); + + if (v == CAMELLIA_DECRYPT) { + camellia_setkey_dec(&ctx, key, 128 + u * 64); + } else { + camellia_setkey_enc(&ctx, key, 128 + u * 64); + } + + for (i = 0; i < CAMELLIA_TESTS_CBC; i++ ) { + + if (v == CAMELLIA_DECRYPT) { + memcpy( iv , src, 16 ); + memcpy(src, camellia_test_cbc_cipher[u][i], 16); + memcpy(dst, camellia_test_cbc_plain[i], 16); + } else { /* CAMELLIA_ENCRYPT */ + memcpy( iv , dst, 16 ); + memcpy(src, camellia_test_cbc_plain[i], 16); + memcpy(dst, camellia_test_cbc_cipher[u][i], 16); + } + + camellia_crypt_cbc(&ctx, v, 16, iv, src, buf); + + if( memcmp( buf, dst, 16 ) != 0 ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( 1 ); + } + } + + if( verbose != 0 ) + printf( "passed\n" ); + } + + if( verbose != 0 ) + printf( "\n" ); + +#if defined(POLARSSL_CIPHER_MODE_CTR) + /* + * CTR mode + */ + for( i = 0; i < 6; i++ ) + { + u = i >> 1; + v = i & 1; + + if( verbose != 0 ) + printf( " CAMELLIA-CTR-128 (%s): ", + ( v == CAMELLIA_DECRYPT ) ? "dec" : "enc" ); + + memcpy( nonce_counter, camellia_test_ctr_nonce_counter[u], 16 ); + memcpy( key, camellia_test_ctr_key[u], 16 ); + + offset = 0; + camellia_setkey_enc( &ctx, key, 128 ); + + if( v == CAMELLIA_DECRYPT ) + { + len = camellia_test_ctr_len[u]; + memcpy( buf, camellia_test_ctr_ct[u], len ); + + camellia_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block, buf, buf ); + + if( memcmp( buf, camellia_test_ctr_pt[u], len ) != 0 ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( 1 ); + } + } + else + { + len = camellia_test_ctr_len[u]; + memcpy( buf, camellia_test_ctr_pt[u], len ); + + camellia_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block, buf, buf ); + + if( memcmp( buf, camellia_test_ctr_ct[u], len ) != 0 ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( 1 ); + } + } + + if( verbose != 0 ) + printf( "passed\n" ); + } + + if( verbose != 0 ) + printf( "\n" ); +#endif /* POLARSSL_CIPHER_MODE_CTR */ + + return ( 0 ); +} + +#endif + +#endif diff --git a/polarssl/camellia.h b/polarssl/camellia.h new file mode 100644 index 0000000..3bd3bc3 --- /dev/null +++ b/polarssl/camellia.h @@ -0,0 +1,200 @@ +/** + * \file camellia.h + * + * \brief Camellia block cipher + * + * Copyright (C) 2006-2013, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef POLARSSL_CAMELLIA_H +#define POLARSSL_CAMELLIA_H + +#include "polarssl/config.h" + +#include + +#ifdef _MSC_VER +#include +typedef UINT32 uint32_t; +#else +#include +#endif + +#define CAMELLIA_ENCRYPT 1 +#define CAMELLIA_DECRYPT 0 + +#define POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH -0x0024 /**< Invalid key length. */ +#define POLARSSL_ERR_CAMELLIA_INVALID_INPUT_LENGTH -0x0026 /**< Invalid data input length. */ + +#if !defined(POLARSSL_CAMELLIA_ALT) +// Regular implementation +// + +/** + * \brief CAMELLIA context structure + */ +typedef struct +{ + int nr; /*!< number of rounds */ + uint32_t rk[68]; /*!< CAMELLIA round keys */ +} +camellia_context; + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief CAMELLIA key schedule (encryption) + * + * \param ctx CAMELLIA context to be initialized + * \param key encryption key + * \param keysize must be 128, 192 or 256 + * + * \return 0 if successful, or POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH + */ +int camellia_setkey_enc( camellia_context *ctx, const unsigned char *key, unsigned int keysize ); + +/** + * \brief CAMELLIA key schedule (decryption) + * + * \param ctx CAMELLIA context to be initialized + * \param key decryption key + * \param keysize must be 128, 192 or 256 + * + * \return 0 if successful, or POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH + */ +int camellia_setkey_dec( camellia_context *ctx, const unsigned char *key, unsigned int keysize ); + +/** + * \brief CAMELLIA-ECB block encryption/decryption + * + * \param ctx CAMELLIA context + * \param mode CAMELLIA_ENCRYPT or CAMELLIA_DECRYPT + * \param input 16-byte input block + * \param output 16-byte output block + * + * \return 0 if successful + */ +int camellia_crypt_ecb( camellia_context *ctx, + int mode, + const unsigned char input[16], + unsigned char output[16] ); + +/** + * \brief CAMELLIA-CBC buffer encryption/decryption + * Length should be a multiple of the block + * size (16 bytes) + * + * \param ctx CAMELLIA context + * \param mode CAMELLIA_ENCRYPT or CAMELLIA_DECRYPT + * \param length length of the input data + * \param iv initialization vector (updated after use) + * \param input buffer holding the input data + * \param output buffer holding the output data + * + * \return 0 if successful, or POLARSSL_ERR_CAMELLIA_INVALID_INPUT_LENGTH + */ +int camellia_crypt_cbc( camellia_context *ctx, + int mode, + size_t length, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output ); + +/** + * \brief CAMELLIA-CFB128 buffer encryption/decryption + * + * Note: Due to the nature of CFB you should use the same key schedule for + * both encryption and decryption. So a context initialized with + * camellia_setkey_enc() for both CAMELLIA_ENCRYPT and CAMELLIE_DECRYPT. + * + * \param ctx CAMELLIA context + * \param mode CAMELLIA_ENCRYPT or CAMELLIA_DECRYPT + * \param length length of the input data + * \param iv_off offset in IV (updated after use) + * \param iv initialization vector (updated after use) + * \param input buffer holding the input data + * \param output buffer holding the output data + * + * \return 0 if successful, or POLARSSL_ERR_CAMELLIA_INVALID_INPUT_LENGTH + */ +int camellia_crypt_cfb128( camellia_context *ctx, + int mode, + size_t length, + size_t *iv_off, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output ); + +/** + * \brief CAMELLIA-CTR buffer encryption/decryption + * + * Warning: You have to keep the maximum use of your counter in mind! + * + * Note: Due to the nature of CTR you should use the same key schedule for + * both encryption and decryption. So a context initialized with + * camellia_setkey_enc() for both CAMELLIA_ENCRYPT and CAMELLIA_DECRYPT. + * + * \param length The length of the data + * \param nc_off The offset in the current stream_block (for resuming + * within current cipher stream). The offset pointer to + * should be 0 at the start of a stream. + * \param nonce_counter The 128-bit nonce and counter. + * \param stream_block The saved stream-block for resuming. Is overwritten + * by the function. + * \param input The input data stream + * \param output The output data stream + * + * \return 0 if successful + */ +int camellia_crypt_ctr( camellia_context *ctx, + size_t length, + size_t *nc_off, + unsigned char nonce_counter[16], + unsigned char stream_block[16], + const unsigned char *input, + unsigned char *output ); + +#ifdef __cplusplus +} +#endif + +#else /* POLARSSL_CAMELLIA_ALT */ +#include "polarssl/camellia_alt.h" +#endif /* POLARSSL_CAMELLIA_ALT */ + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief Checkup routine + * + * \return 0 if successful, or 1 if the test failed + */ +int camellia_self_test( int verbose ); + +#ifdef __cplusplus +} +#endif + +#endif /* camellia.h */ diff --git a/polarssl/certs.c b/polarssl/certs.c new file mode 100644 index 0000000..e2d07f7 --- /dev/null +++ b/polarssl/certs.c @@ -0,0 +1,196 @@ +/* + * X.509 test certificates + * + * Copyright (C) 2006-2010, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#include "polarssl/config.h" + +#if defined(POLARSSL_CERTS_C) + +const char test_ca_crt[] = +"-----BEGIN CERTIFICATE-----\r\n" +"MIIDhzCCAm+gAwIBAgIBADANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER\r\n" +"MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n" +"MTEwMjEyMTQ0NDAwWhcNMjEwMjEyMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G\r\n" +"A1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G\r\n" +"CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx\r\n" +"mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny\r\n" +"50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n\r\n" +"YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL\r\n" +"R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu\r\n" +"KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj\r\n" +"gZUwgZIwDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUtFrkpbPe0lL2udWmlQ/rPrzH\r\n" +"/f8wYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJBgNV\r\n" +"BAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVz\r\n" +"dCBDQYIBADANBgkqhkiG9w0BAQUFAAOCAQEAuP1U2ABUkIslsCfdlc2i94QHHYeJ\r\n" +"SsR4EdgHtdciUI5I62J6Mom+Y0dT/7a+8S6MVMCZP6C5NyNyXw1GWY/YR82XTJ8H\r\n" +"DBJiCTok5DbZ6SzaONBzdWHXwWwmi5vg1dxn7YxrM9d0IjxM27WNKs4sDQhZBQkF\r\n" +"pjmfs2cb4oPl4Y9T9meTx/lvdkRYEug61Jfn6cA+qHpyPYdTH+UshITnmp5/Ztkf\r\n" +"m/UTSLBNFNHesiTZeH31NcxYGdHSme9Nc/gfidRa0FLOCfWxRlFqAI47zG9jAQCZ\r\n" +"7Z2mCGDNMhjQc+BYcdnl0lPXjdDK6V0qCg1dVewhUBcW5gZKzV7e9+DpVA==\r\n" +"-----END CERTIFICATE-----\r\n"; + +const char test_ca_key[] = +"-----BEGIN RSA PRIVATE KEY-----\r\n" +"Proc-Type: 4,ENCRYPTED\r\n" +"DEK-Info: DES-EDE3-CBC,A8A95B05D5B7206B\r\n" +"\r\n" +"9Qd9GeArejl1GDVh2lLV1bHt0cPtfbh5h/5zVpAVaFpqtSPMrElp50Rntn9et+JA\r\n" +"7VOyboR+Iy2t/HU4WvA687k3Bppe9GwKHjHhtl//8xFKwZr3Xb5yO5JUP8AUctQq\r\n" +"Nb8CLlZyuUC+52REAAthdWgsX+7dJO4yabzUcQ22Tp9JSD0hiL43BlkWYUNK3dAo\r\n" +"PZlmiptjnzVTjg1MxsBSydZinWOLBV8/JQgxSPo2yD4uEfig28qbvQ2wNIn0pnAb\r\n" +"GxnSAOazkongEGfvcjIIs+LZN9gXFhxcOh6kc4Q/c99B7QWETwLLkYgZ+z1a9VY9\r\n" +"gEU7CwCxYCD+h9hY6FPmsK0/lC4O7aeRKpYq00rPPxs6i7phiexg6ax6yTMmArQq\r\n" +"QmK3TAsJm8V/J5AWpLEV6jAFgRGymGGHnof0DXzVWZidrcZJWTNuGEX90nB3ee2w\r\n" +"PXJEFWKoD3K3aFcSLdHYr3mLGxP7H9ThQai9VsycxZKS5kwvBKQ//YMrmFfwPk8x\r\n" +"vTeY4KZMaUrveEel5tWZC94RSMKgxR6cyE1nBXyTQnDOGbfpNNgBKxyKbINWoOJU\r\n" +"WJZAwlsQn+QzCDwpri7+sV1mS3gBE6UY7aQmnmiiaC2V3Hbphxct/en5QsfDOt1X\r\n" +"JczSfpRWLlbPznZg8OQh/VgCMA58N5DjOzTIK7sJJ5r+94ZBTCpgAMbF588f0NTR\r\n" +"KCe4yrxGJR7X02M4nvD4IwOlpsQ8xQxZtOSgXv4LkxvdU9XJJKWZ/XNKJeWztxSe\r\n" +"Z1vdTc2YfsDBA2SEv33vxHx2g1vqtw8SjDRT2RaQSS0QuSaMJimdOX6mTOCBKk1J\r\n" +"9Q5mXTrER+/LnK0jEmXsBXWA5bqqVZIyahXSx4VYZ7l7w/PHiUDtDgyRhMMKi4n2\r\n" +"iQvQcWSQTjrpnlJbca1/DkpRt3YwrvJwdqb8asZU2VrNETh5x0QVefDRLFiVpif/\r\n" +"tUaeAe/P1F8OkS7OIZDs1SUbv/sD2vMbhNkUoCms3/PvNtdnvgL4F0zhaDpKCmlT\r\n" +"P8vx49E7v5CyRNmED9zZg4o3wmMqrQO93PtTug3Eu9oVx1zPQM1NVMyBa2+f29DL\r\n" +"1nuTCeXdo9+ni45xx+jAI4DCwrRdhJ9uzZyC6962H37H6D+5naNvClFR1s6li1Gb\r\n" +"nqPoiy/OBsEx9CaDGcqQBp5Wme/3XW+6z1ISOx+igwNTVCT14mHdBMbya0eIKft5\r\n" +"X+GnwtgEMyCYyyWuUct8g4RzErcY9+yW9Om5Hzpx4zOuW4NPZgPDTgK+t2RSL/Yq\r\n" +"rE1njrgeGYcVeG3f+OftH4s6fPbq7t1A5ZgUscbLMBqr9tK+OqygR4EgKBPsH6Cz\r\n" +"L6zlv/2RV0qAHvVuDJcIDIgwY5rJtINEm32rhOeFNJwZS5MNIC1czXZx5//ugX7l\r\n" +"I4sy5nbVhwSjtAk8Xg5dZbdTZ6mIrb7xqH+fdakZor1khG7bC2uIwibD3cSl2XkR\r\n" +"wN48lslbHnqqagr6Xm1nNOSVl8C/6kbJEsMpLhAezfRtGwvOucoaE+WbeUNolGde\r\n" +"P/eQiddSf0brnpiLJRh7qZrl9XuqYdpUqnoEdMAfotDOID8OtV7gt8a48ad8VPW2\r\n" +"-----END RSA PRIVATE KEY-----\r\n"; + +const char test_ca_pwd[] = "PolarSSLTest"; + +const char test_srv_crt[] = +"-----BEGIN CERTIFICATE-----\r\n" +"MIIDPzCCAiegAwIBAgIBATANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER\r\n" +"MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n" +"MTEwMjEyMTQ0NDA2WhcNMjEwMjEyMTQ0NDA2WjA8MQswCQYDVQQGEwJOTDERMA8G\r\n" +"A1UEChMIUG9sYXJTU0wxGjAYBgNVBAMTEVBvbGFyU1NMIFNlcnZlciAxMIIBIjAN\r\n" +"BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQIfPUBq1VVTi/027oJlLhVhXom/\r\n" +"uOhFkNvuiBZS0/FDUEeWEllkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq1UFD\r\n" +"d185fAkER4KwVzlw7aPsFRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPhtgSVf\r\n" +"CrFTxjB+FTms+Vruf5KepgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1lLGTr\r\n" +"lZvc/kFeF6babFtpzAK6FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9w\r\n" +"bp7OvViJ4lNZnm5akmXiiD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQAB\r\n" +"o00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBQfdNY/KcF0dEU7BRIsPai9Q1kCpjAf\r\n" +"BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQUFAAOC\r\n" +"AQEAvc+WwZUemsJu2IiI2Cp6liA+UAvIx98dQe3kZs2zAoF9VwQbXcYzWQ/BILkj\r\n" +"NImKbPL9x0g2jIDn4ZvGYFywMwIO/d++YbwYiQw42/v7RiMy94zBPnzeHi86dy/0\r\n" +"jpOOJUx3IXRsGLdyjb/1T11klcFqGnARiK+8VYolMPP6afKvLXX7K4kiUpsFQhUp\r\n" +"E5VeM5pV1Mci2ETOJau2cO40FJvI/C9W/wR+GAArMaw2fxG77E3laaa0LAOlexM6\r\n" +"A4KOb5f5cGTM5Ih6tEF5FVq3/9vzNIYMa1FqzacBLZF8zSHYLEimXBdzjBoN4qDU\r\n" +"/WzRyYRBRjAI49mzHX6raleqnw==\r\n" +"-----END CERTIFICATE-----\r\n"; + +const char test_srv_key[] = +"-----BEGIN RSA PRIVATE KEY-----\r\n" +"MIIEogIBAAKCAQEAqQIfPUBq1VVTi/027oJlLhVhXom/uOhFkNvuiBZS0/FDUEeW\r\n" +"Ellkh2v9K+BG+XO+3c+S4ZFb7Wagb4kpeUWA0INq1UFDd185fAkER4KwVzlw7aPs\r\n" +"FRkeqDMIR8EFQqn9TMO0390GH00QUUBncxMPQPhtgSVfCrFTxjB+FTms+Vruf5Ke\r\n" +"pgVb5xOXhbUjktnUJAbVCSWJdQfdphqPPwkZvq1lLGTrlZvc/kFeF6babFtpzAK6\r\n" +"FCwWJJxK3M3Q91Jnc/EtoCP9fvQxyi1wyokLBNsupk9wbp7OvViJ4lNZnm5akmXi\r\n" +"iD8MlBmj3eXonZUT7Snbq3AS3FrKaxerUoJUsQIDAQABAoIBABaJ9eiRQq4Ypv+w\r\n" +"UTcVpLC0oTueWzcpor1i1zjG4Vzqe/Ok2FqyGToGKMlFK7Hwwa+LEyeJ3xyV5yd4\r\n" +"v1Mw9bDZFdJC1eCBjoUAHtX6k9HOE0Vd6woVQ4Vi6OPI1g7B5Mnr/58rNrnN6TMs\r\n" +"x58NF6euecwTU811QJrZtLbX7j2Cr28yB2Vs8qyYlHwVw5jbDOv43D7vU5gmlIDN\r\n" +"0JQRuWAnOuPzZNoJr4SfJKqHNGxYYY6pHZ1s0dOTLIDb/B8KQWapA2kRmZyid2EH\r\n" +"nwzgLbAsHJCf+bQnhXjXuxtUsrcIL8noZLazlOMxwNEammglVWW23Ud/QRnFgJg5\r\n" +"UgcAcRECgYEA19uYetht5qmwdJ+12oC6zeO+vXLcyD9gon23T5J6w2YThld7/OW0\r\n" +"oArQJGgkAdaq0pcTyOIjtTQVMFygdVmCEJmxh/3RutPcTeydqW9fphKDMej32J8e\r\n" +"GniGmNGiclbcfNOS8E5TGp445yZb9P1+7AHng16bGg3Ykj5EA4G+HCcCgYEAyHAl\r\n" +"//ekk8YjQElm+8izLtFkymIK0aCtEe9C/RIRhFYBeFaotC5dStNhBOncn4ovMAPD\r\n" +"lX/92yDi9OP8PPLN3a4B9XpW3k/SS5GrbT5cwOivBHNllZSmu/2qz5WPGcjVCOrB\r\n" +"LYl3YWr2h3EGKICT03kEoTkiDBvCeOpW7cCGl2cCgYBD5whoXHz1+ptPlI4YVjZt\r\n" +"Xh86aU+ajpVPiEyJ84I6xXmO4SZXv8q6LaycR0ZMbcL+zBelMb4Z2nBv7jNrtuR7\r\n" +"ZF28cdPv+YVr3esaybZE/73VjXup4SQPH6r3l7qKTVi+y6+FeJ4b2Xn8/MwgnT23\r\n" +"8EFrye7wmzpthrjOgZnUMQKBgE9Lhsz/5J0Nis6Y+2Pqn3CLKEukg9Ewtqdct2y0\r\n" +"5Dcta0F3TyCRIxlCDKTL/BslqMtfAdY4H268UO0+8IAQMn9boqzBrHIgs/pvc5kx\r\n" +"TbKHmw2wtWR6vYersBKVgVpbCGSRssDYHGFu1n74qM4HJ/RGcR1zI9QUe1gopSFD\r\n" +"xDtLAoGAVAdWvrqDwgoL2hHW3scGpxdE/ygJDOwHnf+1B9goKAOP5lf2FJaiAxf3\r\n" +"ectoPOgZbCmm/iiDmigu703ld3O+VoCLDD4qx3R+KyALL78gtVJYzSRiKhzgCZ3g\r\n" +"mKsIVRBq4IfwiwyMNG2BYZQAwbSDjjPtn/kPBduPzPj7eriByhI=\r\n" +"-----END RSA PRIVATE KEY-----\r\n"; + +const char test_cli_crt[] = +"-----BEGIN CERTIFICATE-----\r\n" +"MIIDPzCCAiegAwIBAgIBBDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER\r\n" +"MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n" +"MTEwMjEyMTQ0NDA3WhcNMjEwMjEyMTQ0NDA3WjA8MQswCQYDVQQGEwJOTDERMA8G\r\n" +"A1UEChMIUG9sYXJTU0wxGjAYBgNVBAMTEVBvbGFyU1NMIENsaWVudCAyMIIBIjAN\r\n" +"BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHTEzLn5tXnpRdkUYLB9u5Pyax6f\r\n" +"M60Nj4o8VmXl3ETZzGaFB9X4J7BKNdBjngpuG7fa8H6r7gwQk4ZJGDTzqCrSV/Uu\r\n" +"1C93KYRhTYJQj6eVSHD1bk2y1RPD0hrt5kPqQhTrdOrA7R/UV06p86jt0uDBMHEw\r\n" +"MjDV0/YI0FZPRo7yX/k9Z5GIMC5Cst99++UMd//sMcB4j7/Cf8qtbCHWjdmLao5v\r\n" +"4Jv4EFbMs44TFeY0BGbH7vk2DmqV9gmaBmf0ZXH4yqSxJeD+PIs1BGe64E92hfx/\r\n" +"/DZrtenNLQNiTrM9AM+vdqBpVoNq0qjU51Bx5rU2BXcFbXvI5MT9TNUhXwIDAQAB\r\n" +"o00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBRxoQBzckAvVHZeM/xSj7zx3WtGITAf\r\n" +"BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQUFAAOC\r\n" +"AQEAAn86isAM8X+mVwJqeItt6E9slhEQbAofyk+diH1Lh8Y9iLlWQSKbw/UXYjx5\r\n" +"LLPZcniovxIcARC/BjyZR9g3UwTHNGNm+rwrqa15viuNOFBchykX/Orsk02EH7NR\r\n" +"Alw5WLPorYjED6cdVQgBl9ot93HdJogRiXCxErM7NC8/eP511mjq+uLDjLKH8ZPQ\r\n" +"8I4ekHJnroLsDkIwXKGIsvIBHQy2ac/NwHLCQOK6mfum1pRx52V4Utu5dLLjD5bM\r\n" +"xOBC7KU4xZKuMXXZM6/93Yb51K/J4ahf1TxJlTWXtnzDr9saEYdNy2SKY/6ZiDNH\r\n" +"D+stpAKiQLAWaAusIWKYEyw9MQ==\r\n" +"-----END CERTIFICATE-----\r\n"; + +const char test_cli_key[] = +"-----BEGIN RSA PRIVATE KEY-----\r\n" +"MIIEpAIBAAKCAQEAyHTEzLn5tXnpRdkUYLB9u5Pyax6fM60Nj4o8VmXl3ETZzGaF\r\n" +"B9X4J7BKNdBjngpuG7fa8H6r7gwQk4ZJGDTzqCrSV/Uu1C93KYRhTYJQj6eVSHD1\r\n" +"bk2y1RPD0hrt5kPqQhTrdOrA7R/UV06p86jt0uDBMHEwMjDV0/YI0FZPRo7yX/k9\r\n" +"Z5GIMC5Cst99++UMd//sMcB4j7/Cf8qtbCHWjdmLao5v4Jv4EFbMs44TFeY0BGbH\r\n" +"7vk2DmqV9gmaBmf0ZXH4yqSxJeD+PIs1BGe64E92hfx//DZrtenNLQNiTrM9AM+v\r\n" +"dqBpVoNq0qjU51Bx5rU2BXcFbXvI5MT9TNUhXwIDAQABAoIBAGdNtfYDiap6bzst\r\n" +"yhCiI8m9TtrhZw4MisaEaN/ll3XSjaOG2dvV6xMZCMV+5TeXDHOAZnY18Yi18vzz\r\n" +"4Ut2TnNFzizCECYNaA2fST3WgInnxUkV3YXAyP6CNxJaCmv2aA0yFr2kFVSeaKGt\r\n" +"ymvljNp2NVkvm7Th8fBQBO7I7AXhz43k0mR7XmPgewe8ApZOG3hstkOaMvbWAvWA\r\n" +"zCZupdDjZYjOJqlA4eEA4H8/w7F83r5CugeBE8LgEREjLPiyejrU5H1fubEY+h0d\r\n" +"l5HZBJ68ybTXfQ5U9o/QKA3dd0toBEhhdRUDGzWtjvwkEQfqF1reGWj/tod/gCpf\r\n" +"DFi6X0ECgYEA4wOv/pjSC3ty6TuOvKX2rOUiBrLXXv2JSxZnMoMiWI5ipLQt+RYT\r\n" +"VPafL/m7Dn6MbwjayOkcZhBwk5CNz5A6Q4lJ64Mq/lqHznRCQQ2Mc1G8eyDF/fYL\r\n" +"Ze2pLvwP9VD5jTc2miDfw+MnvJhywRRLcemDFP8k4hQVtm8PMp3ZmNECgYEA4gz7\r\n" +"wzObR4gn8ibe617uQPZjWzUj9dUHYd+in1gwBCIrtNnaRn9I9U/Q6tegRYpii4ys\r\n" +"c176NmU+umy6XmuSKV5qD9bSpZWG2nLFnslrN15Lm3fhZxoeMNhBaEDTnLT26yoi\r\n" +"33gp0mSSWy94ZEqipms+ULF6sY1ZtFW6tpGFoy8CgYAQHhnnvJflIs2ky4q10B60\r\n" +"ZcxFp3rtDpkp0JxhFLhiizFrujMtZSjYNm5U7KkgPVHhLELEUvCmOnKTt4ap/vZ0\r\n" +"BxJNe1GZH3pW6SAvGDQpl9sG7uu/vTFP+lCxukmzxB0DrrDcvorEkKMom7ZCCRvW\r\n" +"KZsZ6YeH2Z81BauRj218kQKBgQCUV/DgKP2985xDTT79N08jUo3hTP5MVYCCuj/+\r\n" +"UeEw1TvZcx3LJby7P6Xad6a1/BqveaGyFKIfEFIaBUBItk801sDDpDaYc4gL00Xc\r\n" +"7lFuBHOZkxJYlss5QrGpuOEl9ZwUt5IrFLBdYaKqNHzNVC1pCPfb/JyH6Dr2HUxq\r\n" +"gxUwAQKBgQCcU6G2L8AG9d9c0UpOyL1tMvFe5Ttw0KjlQVdsh1MP6yigYo9DYuwu\r\n" +"bHFVW2r0dBTqegP2/KTOxKzaHfC1qf0RGDsUoJCNJrd1cwoCLG8P2EF4w3OBrKqv\r\n" +"8u4ytY0F+Vlanj5lm3TaoHSVF1+NWPyOTiwevIECGKwSxvlki4fDAA==\r\n" +"-----END RSA PRIVATE KEY-----\r\n"; + +const char test_dhm_params[] = +"-----BEGIN DH PARAMETERS-----\r\n" +"MIGHAoGBAJ419DBEOgmQTzo5qXl5fQcN9TN455wkOL7052HzxxRVMyhYmwQcgJvh\r\n" +"1sa18fyfR9OiVEMYglOpkqVoGLN7qd5aQNNi5W7/C+VBdHTBJcGZJyyP5B3qcz32\r\n" +"9mLJKudlVudV0Qxk5qUJaPZ/xupz0NyoVpviuiBOI1gNi8ovSXWzAgEC\r\n" +"-----END DH PARAMETERS-----\r\n"; + +#endif diff --git a/polarssl/certs.h b/polarssl/certs.h new file mode 100644 index 0000000..5399e32 --- /dev/null +++ b/polarssl/certs.h @@ -0,0 +1,47 @@ +/** + * \file certs.h + * + * \brief Sample certificates and DHM parameters for testing + * + * Copyright (C) 2006-2010, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef POLARSSL_CERTS_H +#define POLARSSL_CERTS_H + +#ifdef __cplusplus +extern "C" { +#endif + +extern const char test_ca_crt[]; +extern const char test_ca_key[]; +extern const char test_ca_pwd[]; +extern const char test_srv_crt[]; +extern const char test_srv_key[]; +extern const char test_cli_crt[]; +extern const char test_cli_key[]; +extern const char test_dhm_params[]; + +#ifdef __cplusplus +} +#endif + +#endif /* certs.h */ diff --git a/polarssl/cipher.c b/polarssl/cipher.c new file mode 100644 index 0000000..f20cc73 --- /dev/null +++ b/polarssl/cipher.c @@ -0,0 +1,601 @@ +/** + * \file cipher.c + * + * \brief Generic cipher wrapper for PolarSSL + * + * \author Adriaan de Jong + * + * Copyright (C) 2006-2012, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#include "polarssl/config.h" + +#if defined(POLARSSL_CIPHER_C) + +#include "polarssl/cipher.h" +#include "polarssl/cipher_wrap.h" + +#include + +#if defined _MSC_VER && !defined strcasecmp +#define strcasecmp _stricmp +#endif + +static const int supported_ciphers[] = { + +#if defined(POLARSSL_AES_C) + POLARSSL_CIPHER_AES_128_CBC, + POLARSSL_CIPHER_AES_192_CBC, + POLARSSL_CIPHER_AES_256_CBC, + +#if defined(POLARSSL_CIPHER_MODE_CFB) + POLARSSL_CIPHER_AES_128_CFB128, + POLARSSL_CIPHER_AES_192_CFB128, + POLARSSL_CIPHER_AES_256_CFB128, +#endif /* defined(POLARSSL_CIPHER_MODE_CFB) */ + +#if defined(POLARSSL_CIPHER_MODE_CTR) + POLARSSL_CIPHER_AES_128_CTR, + POLARSSL_CIPHER_AES_192_CTR, + POLARSSL_CIPHER_AES_256_CTR, +#endif /* defined(POLARSSL_CIPHER_MODE_CTR) */ + +#endif /* defined(POLARSSL_AES_C) */ + +#if defined(POLARSSL_CAMELLIA_C) + POLARSSL_CIPHER_CAMELLIA_128_CBC, + POLARSSL_CIPHER_CAMELLIA_192_CBC, + POLARSSL_CIPHER_CAMELLIA_256_CBC, + +#if defined(POLARSSL_CIPHER_MODE_CFB) + POLARSSL_CIPHER_CAMELLIA_128_CFB128, + POLARSSL_CIPHER_CAMELLIA_192_CFB128, + POLARSSL_CIPHER_CAMELLIA_256_CFB128, +#endif /* defined(POLARSSL_CIPHER_MODE_CFB) */ + +#if defined(POLARSSL_CIPHER_MODE_CTR) + POLARSSL_CIPHER_CAMELLIA_128_CTR, + POLARSSL_CIPHER_CAMELLIA_192_CTR, + POLARSSL_CIPHER_CAMELLIA_256_CTR, +#endif /* defined(POLARSSL_CIPHER_MODE_CTR) */ + +#endif /* defined(POLARSSL_CAMELLIA_C) */ + +#if defined(POLARSSL_DES_C) + POLARSSL_CIPHER_DES_CBC, + POLARSSL_CIPHER_DES_EDE_CBC, + POLARSSL_CIPHER_DES_EDE3_CBC, +#endif /* defined(POLARSSL_DES_C) */ + +#if defined(POLARSSL_BLOWFISH_C) + POLARSSL_CIPHER_BLOWFISH_CBC, + +#if defined(POLARSSL_CIPHER_MODE_CFB) + POLARSSL_CIPHER_BLOWFISH_CFB64, +#endif /* defined(POLARSSL_CIPHER_MODE_CFB) */ + +#if defined(POLARSSL_CIPHER_MODE_CTR) + POLARSSL_CIPHER_BLOWFISH_CTR, +#endif /* defined(POLARSSL_CIPHER_MODE_CTR) */ + +#endif /* defined(POLARSSL_BLOWFISH_C) */ + +#if defined(POLARSSL_CIPHER_NULL_CIPHER) + POLARSSL_CIPHER_NULL, +#endif /* defined(POLARSSL_CIPHER_NULL_CIPHER) */ + + 0 +}; + +const int *cipher_list( void ) +{ + return supported_ciphers; +} + +const cipher_info_t *cipher_info_from_type( const cipher_type_t cipher_type ) +{ + /* Find static cipher information */ + switch ( cipher_type ) + { +#if defined(POLARSSL_AES_C) + case POLARSSL_CIPHER_AES_128_CBC: + return &aes_128_cbc_info; + case POLARSSL_CIPHER_AES_192_CBC: + return &aes_192_cbc_info; + case POLARSSL_CIPHER_AES_256_CBC: + return &aes_256_cbc_info; + +#if defined(POLARSSL_CIPHER_MODE_CFB) + case POLARSSL_CIPHER_AES_128_CFB128: + return &aes_128_cfb128_info; + case POLARSSL_CIPHER_AES_192_CFB128: + return &aes_192_cfb128_info; + case POLARSSL_CIPHER_AES_256_CFB128: + return &aes_256_cfb128_info; +#endif /* defined(POLARSSL_CIPHER_MODE_CFB) */ + +#if defined(POLARSSL_CIPHER_MODE_CTR) + case POLARSSL_CIPHER_AES_128_CTR: + return &aes_128_ctr_info; + case POLARSSL_CIPHER_AES_192_CTR: + return &aes_192_ctr_info; + case POLARSSL_CIPHER_AES_256_CTR: + return &aes_256_ctr_info; +#endif /* defined(POLARSSL_CIPHER_MODE_CTR) */ + +#endif + +#if defined(POLARSSL_CAMELLIA_C) + case POLARSSL_CIPHER_CAMELLIA_128_CBC: + return &camellia_128_cbc_info; + case POLARSSL_CIPHER_CAMELLIA_192_CBC: + return &camellia_192_cbc_info; + case POLARSSL_CIPHER_CAMELLIA_256_CBC: + return &camellia_256_cbc_info; + +#if defined(POLARSSL_CIPHER_MODE_CFB) + case POLARSSL_CIPHER_CAMELLIA_128_CFB128: + return &camellia_128_cfb128_info; + case POLARSSL_CIPHER_CAMELLIA_192_CFB128: + return &camellia_192_cfb128_info; + case POLARSSL_CIPHER_CAMELLIA_256_CFB128: + return &camellia_256_cfb128_info; +#endif /* defined(POLARSSL_CIPHER_MODE_CFB) */ + +#if defined(POLARSSL_CIPHER_MODE_CTR) + case POLARSSL_CIPHER_CAMELLIA_128_CTR: + return &camellia_128_ctr_info; + case POLARSSL_CIPHER_CAMELLIA_192_CTR: + return &camellia_192_ctr_info; + case POLARSSL_CIPHER_CAMELLIA_256_CTR: + return &camellia_256_ctr_info; +#endif /* defined(POLARSSL_CIPHER_MODE_CTR) */ + +#endif + +#if defined(POLARSSL_DES_C) + case POLARSSL_CIPHER_DES_CBC: + return &des_cbc_info; + case POLARSSL_CIPHER_DES_EDE_CBC: + return &des_ede_cbc_info; + case POLARSSL_CIPHER_DES_EDE3_CBC: + return &des_ede3_cbc_info; +#endif + +#if defined(POLARSSL_BLOWFISH_C) + case POLARSSL_CIPHER_BLOWFISH_CBC: + return &blowfish_cbc_info; + +#if defined(POLARSSL_CIPHER_MODE_CFB) + case POLARSSL_CIPHER_BLOWFISH_CFB64: + return &blowfish_cfb64_info; +#endif /* defined(POLARSSL_CIPHER_MODE_CFB) */ + +#if defined(POLARSSL_CIPHER_MODE_CTR) + case POLARSSL_CIPHER_BLOWFISH_CTR: + return &blowfish_ctr_info; +#endif /* defined(POLARSSL_CIPHER_MODE_CTR) */ + +#endif + +#if defined(POLARSSL_CIPHER_NULL_CIPHER) + case POLARSSL_CIPHER_NULL: + return &null_cipher_info; +#endif /* defined(POLARSSL_CIPHER_NULL_CIPHER) */ + + default: + return NULL; + } +} + +const cipher_info_t *cipher_info_from_string( const char *cipher_name ) +{ + if( NULL == cipher_name ) + return NULL; + + /* Get the appropriate cipher information */ +#if defined(POLARSSL_CAMELLIA_C) + if( !strcasecmp( "CAMELLIA-128-CBC", cipher_name ) ) + return cipher_info_from_type( POLARSSL_CIPHER_CAMELLIA_128_CBC ); + if( !strcasecmp( "CAMELLIA-192-CBC", cipher_name ) ) + return cipher_info_from_type( POLARSSL_CIPHER_CAMELLIA_192_CBC ); + if( !strcasecmp( "CAMELLIA-256-CBC", cipher_name ) ) + return cipher_info_from_type( POLARSSL_CIPHER_CAMELLIA_256_CBC ); + +#if defined(POLARSSL_CIPHER_MODE_CFB) + if( !strcasecmp( "CAMELLIA-128-CFB128", cipher_name ) ) + return cipher_info_from_type( POLARSSL_CIPHER_CAMELLIA_128_CFB128 ); + if( !strcasecmp( "CAMELLIA-192-CFB128", cipher_name ) ) + return cipher_info_from_type( POLARSSL_CIPHER_CAMELLIA_192_CFB128 ); + if( !strcasecmp( "CAMELLIA-256-CFB128", cipher_name ) ) + return cipher_info_from_type( POLARSSL_CIPHER_CAMELLIA_256_CFB128 ); +#endif /* defined(POLARSSL_CIPHER_MODE_CFB) */ + +#if defined(POLARSSL_CIPHER_MODE_CTR) + if( !strcasecmp( "CAMELLIA-128-CTR", cipher_name ) ) + return cipher_info_from_type( POLARSSL_CIPHER_CAMELLIA_128_CTR ); + if( !strcasecmp( "CAMELLIA-192-CTR", cipher_name ) ) + return cipher_info_from_type( POLARSSL_CIPHER_CAMELLIA_192_CTR ); + if( !strcasecmp( "CAMELLIA-256-CTR", cipher_name ) ) + return cipher_info_from_type( POLARSSL_CIPHER_CAMELLIA_256_CTR ); +#endif /* defined(POLARSSL_CIPHER_MODE_CTR) */ +#endif + +#if defined(POLARSSL_AES_C) + if( !strcasecmp( "AES-128-CBC", cipher_name ) ) + return cipher_info_from_type( POLARSSL_CIPHER_AES_128_CBC ); + if( !strcasecmp( "AES-192-CBC", cipher_name ) ) + return cipher_info_from_type( POLARSSL_CIPHER_AES_192_CBC ); + if( !strcasecmp( "AES-256-CBC", cipher_name ) ) + return cipher_info_from_type( POLARSSL_CIPHER_AES_256_CBC ); + +#if defined(POLARSSL_CIPHER_MODE_CFB) + if( !strcasecmp( "AES-128-CFB128", cipher_name ) ) + return cipher_info_from_type( POLARSSL_CIPHER_AES_128_CFB128 ); + if( !strcasecmp( "AES-192-CFB128", cipher_name ) ) + return cipher_info_from_type( POLARSSL_CIPHER_AES_192_CFB128 ); + if( !strcasecmp( "AES-256-CFB128", cipher_name ) ) + return cipher_info_from_type( POLARSSL_CIPHER_AES_256_CFB128 ); +#endif /* defined(POLARSSL_CIPHER_MODE_CFB) */ + +#if defined(POLARSSL_CIPHER_MODE_CTR) + if( !strcasecmp( "AES-128-CTR", cipher_name ) ) + return cipher_info_from_type( POLARSSL_CIPHER_AES_128_CTR ); + if( !strcasecmp( "AES-192-CTR", cipher_name ) ) + return cipher_info_from_type( POLARSSL_CIPHER_AES_192_CTR ); + if( !strcasecmp( "AES-256-CTR", cipher_name ) ) + return cipher_info_from_type( POLARSSL_CIPHER_AES_256_CTR ); +#endif /* defined(POLARSSL_CIPHER_MODE_CTR) */ +#endif + +#if defined(POLARSSL_DES_C) + if( !strcasecmp( "DES-CBC", cipher_name ) ) + return cipher_info_from_type( POLARSSL_CIPHER_DES_CBC ); + if( !strcasecmp( "DES-EDE-CBC", cipher_name ) ) + return cipher_info_from_type( POLARSSL_CIPHER_DES_EDE_CBC ); + if( !strcasecmp( "DES-EDE3-CBC", cipher_name ) ) + return cipher_info_from_type( POLARSSL_CIPHER_DES_EDE3_CBC ); +#endif + +#if defined(POLARSSL_BLOWFISH_C) + if( !strcasecmp( "BLOWFISH-CBC", cipher_name ) ) + return cipher_info_from_type( POLARSSL_CIPHER_BLOWFISH_CBC ); + +#if defined(POLARSSL_CIPHER_MODE_CFB) + if( !strcasecmp( "BLOWFISH-CFB64", cipher_name ) ) + return cipher_info_from_type( POLARSSL_CIPHER_BLOWFISH_CFB64 ); +#endif /* defined(POLARSSL_CIPHER_MODE_CFB) */ + +#if defined(POLARSSL_CIPHER_MODE_CTR) + if( !strcasecmp( "BLOWFISH-CTR", cipher_name ) ) + return cipher_info_from_type( POLARSSL_CIPHER_BLOWFISH_CTR ); +#endif /* defined(POLARSSL_CIPHER_MODE_CTR) */ +#endif + +#if defined(POLARSSL_CIPHER_NULL_CIPHER) + if( !strcasecmp( "NULL", cipher_name ) ) + return cipher_info_from_type( POLARSSL_CIPHER_NULL ); +#endif /* defined(POLARSSL_CIPHER_NULL_CIPHER) */ + + return NULL; +} + +int cipher_init_ctx( cipher_context_t *ctx, const cipher_info_t *cipher_info ) +{ + if( NULL == cipher_info || NULL == ctx ) + return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA; + + memset( ctx, 0, sizeof( cipher_context_t ) ); + + if( NULL == ( ctx->cipher_ctx = cipher_info->base->ctx_alloc_func() ) ) + return POLARSSL_ERR_CIPHER_ALLOC_FAILED; + + ctx->cipher_info = cipher_info; + + return 0; +} + +int cipher_free_ctx( cipher_context_t *ctx ) +{ + if( ctx == NULL || ctx->cipher_info == NULL ) + return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA; + + ctx->cipher_info->base->ctx_free_func( ctx->cipher_ctx ); + + return 0; +} + +int cipher_setkey( cipher_context_t *ctx, const unsigned char *key, + int key_length, const operation_t operation ) +{ + if( NULL == ctx || NULL == ctx->cipher_info ) + return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA; + + ctx->key_length = key_length; + ctx->operation = operation; + +#if defined(POLARSSL_CIPHER_NULL_CIPHER) + if( ctx->cipher_info->mode == POLARSSL_MODE_NULL ) + return 0; +#endif /* defined(POLARSSL_CIPHER_NULL_CIPHER) */ + + /* + * For CFB and CTR mode always use the encryption key schedule + */ + if( POLARSSL_ENCRYPT == operation || + POLARSSL_MODE_CFB == ctx->cipher_info->mode || + POLARSSL_MODE_CTR == ctx->cipher_info->mode ) + { + return ctx->cipher_info->base->setkey_enc_func( ctx->cipher_ctx, key, + ctx->key_length ); + } + + if( POLARSSL_DECRYPT == operation ) + return ctx->cipher_info->base->setkey_dec_func( ctx->cipher_ctx, key, + ctx->key_length ); + + return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA; +} + +int cipher_reset( cipher_context_t *ctx, const unsigned char *iv ) +{ + if( NULL == ctx || NULL == ctx->cipher_info || NULL == iv ) + return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA; + + ctx->unprocessed_len = 0; + + memcpy( ctx->iv, iv, cipher_get_iv_size( ctx ) ); + + return 0; +} + +int cipher_update( cipher_context_t *ctx, const unsigned char *input, size_t ilen, + unsigned char *output, size_t *olen ) +{ + int ret; + size_t copy_len = 0; + + if( NULL == ctx || NULL == ctx->cipher_info || NULL == olen || + input == output ) + { + return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA; + } + + *olen = 0; + +#if defined(POLARSSL_CIPHER_NULL_CIPHER) + if( ctx->cipher_info->mode == POLARSSL_MODE_NULL ) + { + memcpy( output, input, ilen ); + *olen = ilen; + return 0; + } +#endif /* defined(POLARSSL_CIPHER_NULL_CIPHER) */ + + if( ctx->cipher_info->mode == POLARSSL_MODE_CBC ) + { + /* + * If there is not enough data for a full block, cache it. + */ + if( ( ctx->operation == POLARSSL_DECRYPT && + ilen + ctx->unprocessed_len <= cipher_get_block_size( ctx ) ) || + ( ctx->operation == POLARSSL_ENCRYPT && + ilen + ctx->unprocessed_len < cipher_get_block_size( ctx ) ) ) + { + memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ), input, + ilen ); + + ctx->unprocessed_len += ilen; + return 0; + } + + /* + * Process cached data first + */ + if( ctx->unprocessed_len != 0 ) + { + copy_len = cipher_get_block_size( ctx ) - ctx->unprocessed_len; + + memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ), input, + copy_len ); + + if( 0 != ( ret = ctx->cipher_info->base->cbc_func( ctx->cipher_ctx, + ctx->operation, cipher_get_block_size( ctx ), ctx->iv, + ctx->unprocessed_data, output ) ) ) + { + return ret; + } + + *olen += cipher_get_block_size( ctx ); + output += cipher_get_block_size( ctx ); + ctx->unprocessed_len = 0; + + input += copy_len; + ilen -= copy_len; + } + + /* + * Cache final, incomplete block + */ + if( 0 != ilen ) + { + copy_len = ilen % cipher_get_block_size( ctx ); + if( copy_len == 0 && ctx->operation == POLARSSL_DECRYPT ) + copy_len = cipher_get_block_size(ctx); + + memcpy( ctx->unprocessed_data, &( input[ilen - copy_len] ), + copy_len ); + + ctx->unprocessed_len += copy_len; + ilen -= copy_len; + } + + /* + * Process remaining full blocks + */ + if( ilen ) + { + if( 0 != ( ret = ctx->cipher_info->base->cbc_func( ctx->cipher_ctx, + ctx->operation, ilen, ctx->iv, input, output ) ) ) + { + return ret; + } + *olen += ilen; + } + + return 0; + } + + if( ctx->cipher_info->mode == POLARSSL_MODE_CFB ) + { + if( 0 != ( ret = ctx->cipher_info->base->cfb_func( ctx->cipher_ctx, + ctx->operation, ilen, &ctx->unprocessed_len, ctx->iv, + input, output ) ) ) + { + return ret; + } + + *olen = ilen; + + return 0; + } + + if( ctx->cipher_info->mode == POLARSSL_MODE_CTR ) + { + if( 0 != ( ret = ctx->cipher_info->base->ctr_func( ctx->cipher_ctx, + ilen, &ctx->unprocessed_len, ctx->iv, + ctx->unprocessed_data, input, output ) ) ) + { + return ret; + } + + *olen = ilen; + + return 0; + } + + return POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE; +} + +static void add_pkcs_padding( unsigned char *output, size_t output_len, + size_t data_len ) +{ + size_t padding_len = output_len - data_len; + unsigned char i = 0; + + for( i = 0; i < padding_len; i++ ) + output[data_len + i] = (unsigned char) padding_len; +} + +static int get_pkcs_padding( unsigned char *input, unsigned int input_len, + size_t *data_len) +{ + unsigned int i, padding_len = 0; + + if( NULL == input || NULL == data_len ) + return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA; + + padding_len = input[input_len - 1]; + + if( padding_len > input_len ) + return POLARSSL_ERR_CIPHER_INVALID_PADDING; + + for( i = input_len - padding_len; i < input_len; i++ ) + if( input[i] != padding_len ) + return POLARSSL_ERR_CIPHER_INVALID_PADDING; + + *data_len = input_len - padding_len; + + return 0; +} + +int cipher_finish( cipher_context_t *ctx, unsigned char *output, size_t *olen) +{ + int ret = 0; + + if( NULL == ctx || NULL == ctx->cipher_info || NULL == olen ) + return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA; + + *olen = 0; + + if( POLARSSL_MODE_CFB == ctx->cipher_info->mode || + POLARSSL_MODE_CTR == ctx->cipher_info->mode || + POLARSSL_MODE_NULL == ctx->cipher_info->mode ) + { + return 0; + } + + if( POLARSSL_MODE_CBC == ctx->cipher_info->mode ) + { + if( POLARSSL_ENCRYPT == ctx->operation ) + { + add_pkcs_padding( ctx->unprocessed_data, cipher_get_iv_size( ctx ), + ctx->unprocessed_len ); + } + else if ( cipher_get_block_size( ctx ) != ctx->unprocessed_len ) + { + /* For decrypt operations, expect a full block */ + return POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED; + } + + /* cipher block */ + if( 0 != ( ret = ctx->cipher_info->base->cbc_func( ctx->cipher_ctx, + ctx->operation, cipher_get_block_size( ctx ), ctx->iv, + ctx->unprocessed_data, output ) ) ) + { + return ret; + } + + /* Set output size for decryption */ + if( POLARSSL_DECRYPT == ctx->operation ) + return get_pkcs_padding( output, cipher_get_block_size( ctx ), olen ); + + /* Set output size for encryption */ + *olen = cipher_get_block_size( ctx ); + return 0; + } + + return POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE; +} + +#if defined(POLARSSL_SELF_TEST) + +#include + +#define ASSERT(x) if (!(x)) { \ + printf( "failed with %i at %s\n", value, (#x) ); \ + return( 1 ); \ +} +/* + * Checkup routine + */ + +int cipher_self_test( int verbose ) +{ + ((void) verbose); + + return( 0 ); +} + +#endif + +#endif diff --git a/polarssl/cipher.h b/polarssl/cipher.h new file mode 100644 index 0000000..8224128 --- /dev/null +++ b/polarssl/cipher.h @@ -0,0 +1,463 @@ +/** + * \file cipher.h + * + * \brief Generic cipher wrapper. + * + * \author Adriaan de Jong + * + * Copyright (C) 2006-2012, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#ifndef POLARSSL_CIPHER_H +#define POLARSSL_CIPHER_H + +#include + +#if defined(_MSC_VER) && !defined(inline) +#define inline _inline +#else +#if defined(__ARMCC_VERSION) && !defined(inline) +#define inline __inline +#endif /* __ARMCC_VERSION */ +#endif /*_MSC_VER */ + +#define POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE -0x6080 /**< The selected feature is not available. */ +#define POLARSSL_ERR_CIPHER_BAD_INPUT_DATA -0x6100 /**< Bad input parameters to function. */ +#define POLARSSL_ERR_CIPHER_ALLOC_FAILED -0x6180 /**< Failed to allocate memory. */ +#define POLARSSL_ERR_CIPHER_INVALID_PADDING -0x6200 /**< Input data contains invalid padding and is rejected. */ +#define POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED -0x6280 /**< Decryption of block requires a full block. */ + +typedef enum { + POLARSSL_CIPHER_ID_NONE = 0, + POLARSSL_CIPHER_ID_NULL, + POLARSSL_CIPHER_ID_AES, + POLARSSL_CIPHER_ID_DES, + POLARSSL_CIPHER_ID_3DES, + POLARSSL_CIPHER_ID_CAMELLIA, + POLARSSL_CIPHER_ID_BLOWFISH, +} cipher_id_t; + +typedef enum { + POLARSSL_CIPHER_NONE = 0, + POLARSSL_CIPHER_NULL, + POLARSSL_CIPHER_AES_128_CBC, + POLARSSL_CIPHER_AES_192_CBC, + POLARSSL_CIPHER_AES_256_CBC, + POLARSSL_CIPHER_AES_128_CFB128, + POLARSSL_CIPHER_AES_192_CFB128, + POLARSSL_CIPHER_AES_256_CFB128, + POLARSSL_CIPHER_AES_128_CTR, + POLARSSL_CIPHER_AES_192_CTR, + POLARSSL_CIPHER_AES_256_CTR, + POLARSSL_CIPHER_CAMELLIA_128_CBC, + POLARSSL_CIPHER_CAMELLIA_192_CBC, + POLARSSL_CIPHER_CAMELLIA_256_CBC, + POLARSSL_CIPHER_CAMELLIA_128_CFB128, + POLARSSL_CIPHER_CAMELLIA_192_CFB128, + POLARSSL_CIPHER_CAMELLIA_256_CFB128, + POLARSSL_CIPHER_CAMELLIA_128_CTR, + POLARSSL_CIPHER_CAMELLIA_192_CTR, + POLARSSL_CIPHER_CAMELLIA_256_CTR, + POLARSSL_CIPHER_DES_CBC, + POLARSSL_CIPHER_DES_EDE_CBC, + POLARSSL_CIPHER_DES_EDE3_CBC, + POLARSSL_CIPHER_BLOWFISH_CBC, + POLARSSL_CIPHER_BLOWFISH_CFB64, + POLARSSL_CIPHER_BLOWFISH_CTR, +} cipher_type_t; + +typedef enum { + POLARSSL_MODE_NONE = 0, + POLARSSL_MODE_NULL, + POLARSSL_MODE_CBC, + POLARSSL_MODE_CFB, + POLARSSL_MODE_OFB, + POLARSSL_MODE_CTR, +} cipher_mode_t; + +typedef enum { + POLARSSL_OPERATION_NONE = -1, + POLARSSL_DECRYPT = 0, + POLARSSL_ENCRYPT, +} operation_t; + +enum { + /** Undefined key length */ + POLARSSL_KEY_LENGTH_NONE = 0, + /** Key length, in bits (including parity), for DES keys */ + POLARSSL_KEY_LENGTH_DES = 64, + /** Key length, in bits (including parity), for DES in two key EDE */ + POLARSSL_KEY_LENGTH_DES_EDE = 128, + /** Key length, in bits (including parity), for DES in three-key EDE */ + POLARSSL_KEY_LENGTH_DES_EDE3 = 192, + /** Maximum length of any IV, in bytes */ + POLARSSL_MAX_IV_LENGTH = 16, +}; + +/** + * Base cipher information. The non-mode specific functions and values. + */ +typedef struct { + + /** Base Cipher type (e.g. POLARSSL_CIPHER_ID_AES) */ + cipher_id_t cipher; + + /** Encrypt using CBC */ + int (*cbc_func)( void *ctx, operation_t mode, size_t length, unsigned char *iv, + const unsigned char *input, unsigned char *output ); + + /** Encrypt using CFB (Full length) */ + int (*cfb_func)( void *ctx, operation_t mode, size_t length, size_t *iv_off, + unsigned char *iv, const unsigned char *input, unsigned char *output ); + + /** Encrypt using CTR */ + int (*ctr_func)( void *ctx, size_t length, size_t *nc_off, unsigned char *nonce_counter, + unsigned char *stream_block, const unsigned char *input, unsigned char *output ); + + /** Set key for encryption purposes */ + int (*setkey_enc_func)( void *ctx, const unsigned char *key, unsigned int key_length); + + /** Set key for decryption purposes */ + int (*setkey_dec_func)( void *ctx, const unsigned char *key, unsigned int key_length); + + /** Allocate a new context */ + void * (*ctx_alloc_func)( void ); + + /** Free the given context */ + void (*ctx_free_func)( void *ctx ); + +} cipher_base_t; + +/** + * Cipher information. Allows cipher functions to be called in a generic way. + */ +typedef struct { + /** Full cipher identifier (e.g. POLARSSL_CIPHER_AES_256_CBC) */ + cipher_type_t type; + + /** Cipher mode (e.g. POLARSSL_MODE_CBC) */ + cipher_mode_t mode; + + /** Cipher key length, in bits (default length for variable sized ciphers) + * (Includes parity bits for ciphers like DES) */ + unsigned int key_length; + + /** Name of the cipher */ + const char * name; + + /** IV size, in bytes */ + unsigned int iv_size; + + /** block size, in bytes */ + unsigned int block_size; + + /** Base cipher information and functions */ + const cipher_base_t *base; + +} cipher_info_t; + +/** + * Generic cipher context. + */ +typedef struct { + /** Information about the associated cipher */ + const cipher_info_t *cipher_info; + + /** Key length to use */ + int key_length; + + /** Operation that the context's key has been initialised for */ + operation_t operation; + + /** Buffer for data that hasn't been encrypted yet */ + unsigned char unprocessed_data[POLARSSL_MAX_IV_LENGTH]; + + /** Number of bytes that still need processing */ + size_t unprocessed_len; + + /** Current IV or NONCE_COUNTER for CTR-mode */ + unsigned char iv[POLARSSL_MAX_IV_LENGTH]; + + /** Cipher-specific context */ + void *cipher_ctx; +} cipher_context_t; + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief Returns the list of ciphers supported by the generic cipher module. + * + * \return a statically allocated array of ciphers, the last entry + * is 0. + */ +const int *cipher_list( void ); + +/** + * \brief Returns the cipher information structure associated + * with the given cipher name. + * + * \param cipher_name Name of the cipher to search for. + * + * \return the cipher information structure associated with the + * given cipher_name, or NULL if not found. + */ +const cipher_info_t *cipher_info_from_string( const char *cipher_name ); + +/** + * \brief Returns the cipher information structure associated + * with the given cipher type. + * + * \param cipher_type Type of the cipher to search for. + * + * \return the cipher information structure associated with the + * given cipher_type, or NULL if not found. + */ +const cipher_info_t *cipher_info_from_type( const cipher_type_t cipher_type ); + +/** + * \brief Initialises and fills the cipher context structure with + * the appropriate values. + * + * \param ctx context to initialise. May not be NULL. + * \param cipher_info cipher to use. + * + * \return \c 0 on success, + * \c POLARSSL_ERR_CIPHER_BAD_INPUT_DATA on parameter failure, + * \c POLARSSL_ERR_CIPHER_ALLOC_FAILED if allocation of the + * cipher-specific context failed. + */ +int cipher_init_ctx( cipher_context_t *ctx, const cipher_info_t *cipher_info ); + +/** + * \brief Free the cipher-specific context of ctx. Freeing ctx + * itself remains the responsibility of the caller. + * + * \param ctx Free the cipher-specific context + * + * \returns 0 on success, POLARSSL_ERR_CIPHER_BAD_INPUT_DATA if + * parameter verification fails. + */ +int cipher_free_ctx( cipher_context_t *ctx ); + +/** + * \brief Returns the block size of the given cipher. + * + * \param ctx cipher's context. Must have been initialised. + * + * \return size of the cipher's blocks, or 0 if ctx has not been + * initialised. + */ +static inline unsigned int cipher_get_block_size( const cipher_context_t *ctx ) +{ + if( NULL == ctx || NULL == ctx->cipher_info ) + return 0; + + return ctx->cipher_info->block_size; +} + +/** + * \brief Returns the mode of operation for the cipher. + * (e.g. POLARSSL_MODE_CBC) + * + * \param ctx cipher's context. Must have been initialised. + * + * \return mode of operation, or POLARSSL_MODE_NONE if ctx + * has not been initialised. + */ +static inline cipher_mode_t cipher_get_cipher_mode( const cipher_context_t *ctx ) +{ + if( NULL == ctx || NULL == ctx->cipher_info ) + return POLARSSL_MODE_NONE; + + return ctx->cipher_info->mode; +} + +/** + * \brief Returns the size of the cipher's IV. + * + * \param ctx cipher's context. Must have been initialised. + * + * \return size of the cipher's IV, or 0 if ctx has not been + * initialised. + */ +static inline int cipher_get_iv_size( const cipher_context_t *ctx ) +{ + if( NULL == ctx || NULL == ctx->cipher_info ) + return 0; + + return ctx->cipher_info->iv_size; +} + +/** + * \brief Returns the type of the given cipher. + * + * \param ctx cipher's context. Must have been initialised. + * + * \return type of the cipher, or POLARSSL_CIPHER_NONE if ctx has + * not been initialised. + */ +static inline cipher_type_t cipher_get_type( const cipher_context_t *ctx ) +{ + if( NULL == ctx || NULL == ctx->cipher_info ) + return POLARSSL_CIPHER_NONE; + + return ctx->cipher_info->type; +} + +/** + * \brief Returns the name of the given cipher, as a string. + * + * \param ctx cipher's context. Must have been initialised. + * + * \return name of the cipher, or NULL if ctx was not initialised. + */ +static inline const char *cipher_get_name( const cipher_context_t *ctx ) +{ + if( NULL == ctx || NULL == ctx->cipher_info ) + return 0; + + return ctx->cipher_info->name; +} + +/** + * \brief Returns the key length of the cipher. + * + * \param ctx cipher's context. Must have been initialised. + * + * \return cipher's key length, in bits, or + * POLARSSL_KEY_LENGTH_NONE if ctx has not been + * initialised. + */ +static inline int cipher_get_key_size ( const cipher_context_t *ctx ) +{ + if( NULL == ctx ) + return POLARSSL_KEY_LENGTH_NONE; + + return ctx->key_length; +} + +/** + * \brief Returns the operation of the given cipher. + * + * \param ctx cipher's context. Must have been initialised. + * + * \return operation (POLARSSL_ENCRYPT or POLARSSL_DECRYPT), + * or POLARSSL_OPERATION_NONE if ctx has not been + * initialised. + */ +static inline operation_t cipher_get_operation( const cipher_context_t *ctx ) +{ + if( NULL == ctx || NULL == ctx->cipher_info ) + return POLARSSL_OPERATION_NONE; + + return ctx->operation; +} + +/** + * \brief Set the key to use with the given context. + * + * \param ctx generic cipher context. May not be NULL. Must have been + * initialised using cipher_context_from_type or + * cipher_context_from_string. + * \param key The key to use. + * \param key_length key length to use, in bits. + * \param operation Operation that the key will be used for, either + * POLARSSL_ENCRYPT or POLARSSL_DECRYPT. + * + * \returns 0 on success, POLARSSL_ERR_CIPHER_BAD_INPUT_DATA if + * parameter verification fails or a cipher specific + * error code. + */ +int cipher_setkey( cipher_context_t *ctx, const unsigned char *key, int key_length, + const operation_t operation ); + +/** + * \brief Reset the given context, setting the IV to iv + * + * \param ctx generic cipher context + * \param iv IV to use or NONCE_COUNTER in the case of a CTR-mode cipher + * + * \returns 0 on success, POLARSSL_ERR_CIPHER_BAD_INPUT_DATA + * if parameter verification fails. + */ +int cipher_reset( cipher_context_t *ctx, const unsigned char *iv ); + +/** + * \brief Generic cipher update function. Encrypts/decrypts + * using the given cipher context. Writes as many block + * size'd blocks of data as possible to output. Any data + * that cannot be written immediately will either be added + * to the next block, or flushed when cipher_final is + * called. + * + * \param ctx generic cipher context + * \param input buffer holding the input data + * \param ilen length of the input data + * \param output buffer for the output data. Should be able to hold at + * least ilen + block_size. Cannot be the same buffer as + * input! + * \param olen length of the output data, will be filled with the + * actual number of bytes written. + * + * \returns 0 on success, POLARSSL_ERR_CIPHER_BAD_INPUT_DATA if + * parameter verification fails, + * POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE on an + * unsupported mode for a cipher or a cipher specific + * error code. + */ +int cipher_update( cipher_context_t *ctx, const unsigned char *input, size_t ilen, + unsigned char *output, size_t *olen ); + +/** + * \brief Generic cipher finalisation function. If data still + * needs to be flushed from an incomplete block, data + * contained within it will be padded with the size of + * the last block, and written to the output buffer. + * + * \param ctx Generic cipher context + * \param output buffer to write data to. Needs block_size data available. + * \param olen length of the data written to the output buffer. + * + * \returns 0 on success, POLARSSL_ERR_CIPHER_BAD_INPUT_DATA if + * parameter verification fails, + * POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED if decryption + * expected a full block but was not provided one, + * POLARSSL_ERR_CIPHER_INVALID_PADDING on invalid padding + * while decrypting or a cipher specific error code. + */ +int cipher_finish( cipher_context_t *ctx, unsigned char *output, size_t *olen); + + +/** + * \brief Checkup routine + * + * \return 0 if successful, or 1 if the test failed + */ +int cipher_self_test( int verbose ); + +#ifdef __cplusplus +} +#endif + +#endif /* POLARSSL_MD_H */ diff --git a/polarssl/cipher_wrap.c b/polarssl/cipher_wrap.c new file mode 100644 index 0000000..9437212 --- /dev/null +++ b/polarssl/cipher_wrap.c @@ -0,0 +1,711 @@ +/** + * \file md_wrap.c + * + * \brief Generic cipher wrapper for PolarSSL + * + * \author Adriaan de Jong + * + * Copyright (C) 2006-2012, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#include "polarssl/config.h" + +#if defined(POLARSSL_CIPHER_C) + +#include "polarssl/cipher_wrap.h" + +#if defined(POLARSSL_AES_C) +#include "polarssl/aes.h" +#endif + +#if defined(POLARSSL_CAMELLIA_C) +#include "polarssl/camellia.h" +#endif + +#if defined(POLARSSL_DES_C) +#include "polarssl/des.h" +#endif + +#if defined(POLARSSL_BLOWFISH_C) +#include "polarssl/blowfish.h" +#endif + +#include + +#if defined(POLARSSL_AES_C) + +int aes_crypt_cbc_wrap( void *ctx, operation_t operation, size_t length, + unsigned char *iv, const unsigned char *input, unsigned char *output ) +{ + return aes_crypt_cbc( (aes_context *) ctx, operation, length, iv, input, output ); +} + +int aes_crypt_cfb128_wrap( void *ctx, operation_t operation, size_t length, + size_t *iv_off, unsigned char *iv, const unsigned char *input, unsigned char *output ) +{ +#if defined(POLARSSL_CIPHER_MODE_CFB) + return aes_crypt_cfb128( (aes_context *) ctx, operation, length, iv_off, iv, input, output ); +#else + ((void) ctx); + ((void) operation); + ((void) length); + ((void) iv_off); + ((void) iv); + ((void) input); + ((void) output); + + return POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE; +#endif +} + +int aes_crypt_ctr_wrap( void *ctx, size_t length, + size_t *nc_off, unsigned char *nonce_counter, unsigned char *stream_block, + const unsigned char *input, unsigned char *output ) +{ +#if defined(POLARSSL_CIPHER_MODE_CTR) + return aes_crypt_ctr( (aes_context *) ctx, length, nc_off, nonce_counter, + stream_block, input, output ); +#else + ((void) ctx); + ((void) length); + ((void) nc_off); + ((void) nonce_counter); + ((void) stream_block); + ((void) input); + ((void) output); + + return POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE; +#endif +} + +int aes_setkey_dec_wrap( void *ctx, const unsigned char *key, unsigned int key_length ) +{ + return aes_setkey_dec( (aes_context *) ctx, key, key_length ); +} + +int aes_setkey_enc_wrap( void *ctx, const unsigned char *key, unsigned int key_length ) +{ + return aes_setkey_enc( (aes_context *) ctx, key, key_length ); +} + +static void * aes_ctx_alloc( void ) +{ + return malloc( sizeof( aes_context ) ); +} + +static void aes_ctx_free( void *ctx ) +{ + free( ctx ); +} + +const cipher_base_t aes_info = { + POLARSSL_CIPHER_ID_AES, + aes_crypt_cbc_wrap, + aes_crypt_cfb128_wrap, + aes_crypt_ctr_wrap, + aes_setkey_enc_wrap, + aes_setkey_dec_wrap, + aes_ctx_alloc, + aes_ctx_free +}; + +const cipher_info_t aes_128_cbc_info = { + POLARSSL_CIPHER_AES_128_CBC, + POLARSSL_MODE_CBC, + 128, + "AES-128-CBC", + 16, + 16, + &aes_info +}; + +const cipher_info_t aes_192_cbc_info = { + POLARSSL_CIPHER_AES_192_CBC, + POLARSSL_MODE_CBC, + 192, + "AES-192-CBC", + 16, + 16, + &aes_info +}; + +const cipher_info_t aes_256_cbc_info = { + POLARSSL_CIPHER_AES_256_CBC, + POLARSSL_MODE_CBC, + 256, + "AES-256-CBC", + 16, + 16, + &aes_info +}; + +#if defined(POLARSSL_CIPHER_MODE_CFB) +const cipher_info_t aes_128_cfb128_info = { + POLARSSL_CIPHER_AES_128_CFB128, + POLARSSL_MODE_CFB, + 128, + "AES-128-CFB128", + 16, + 16, + &aes_info +}; + +const cipher_info_t aes_192_cfb128_info = { + POLARSSL_CIPHER_AES_192_CFB128, + POLARSSL_MODE_CFB, + 192, + "AES-192-CFB128", + 16, + 16, + &aes_info +}; + +const cipher_info_t aes_256_cfb128_info = { + POLARSSL_CIPHER_AES_256_CFB128, + POLARSSL_MODE_CFB, + 256, + "AES-256-CFB128", + 16, + 16, + &aes_info +}; +#endif /* POLARSSL_CIPHER_MODE_CFB */ + +#if defined(POLARSSL_CIPHER_MODE_CTR) +const cipher_info_t aes_128_ctr_info = { + POLARSSL_CIPHER_AES_128_CTR, + POLARSSL_MODE_CTR, + 128, + "AES-128-CTR", + 16, + 16, + &aes_info +}; + +const cipher_info_t aes_192_ctr_info = { + POLARSSL_CIPHER_AES_192_CTR, + POLARSSL_MODE_CTR, + 192, + "AES-192-CTR", + 16, + 16, + &aes_info +}; + +const cipher_info_t aes_256_ctr_info = { + POLARSSL_CIPHER_AES_256_CTR, + POLARSSL_MODE_CTR, + 256, + "AES-256-CTR", + 16, + 16, + &aes_info +}; +#endif /* POLARSSL_CIPHER_MODE_CTR */ + +#endif + +#if defined(POLARSSL_CAMELLIA_C) + +int camellia_crypt_cbc_wrap( void *ctx, operation_t operation, size_t length, + unsigned char *iv, const unsigned char *input, unsigned char *output ) +{ + return camellia_crypt_cbc( (camellia_context *) ctx, operation, length, iv, input, output ); +} + +int camellia_crypt_cfb128_wrap( void *ctx, operation_t operation, size_t length, + size_t *iv_off, unsigned char *iv, const unsigned char *input, unsigned char *output ) +{ +#if defined(POLARSSL_CIPHER_MODE_CFB) + return camellia_crypt_cfb128( (camellia_context *) ctx, operation, length, iv_off, iv, input, output ); +#else + ((void) ctx); + ((void) operation); + ((void) length); + ((void) iv_off); + ((void) iv); + ((void) input); + ((void) output); + + return POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE; +#endif +} + +int camellia_crypt_ctr_wrap( void *ctx, size_t length, + size_t *nc_off, unsigned char *nonce_counter, unsigned char *stream_block, + const unsigned char *input, unsigned char *output ) +{ +#if defined(POLARSSL_CIPHER_MODE_CTR) + return camellia_crypt_ctr( (camellia_context *) ctx, length, nc_off, nonce_counter, + stream_block, input, output ); +#else + ((void) ctx); + ((void) length); + ((void) nc_off); + ((void) nonce_counter); + ((void) stream_block); + ((void) input); + ((void) output); + + return POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE; +#endif +} + +int camellia_setkey_dec_wrap( void *ctx, const unsigned char *key, unsigned int key_length ) +{ + return camellia_setkey_dec( (camellia_context *) ctx, key, key_length ); +} + +int camellia_setkey_enc_wrap( void *ctx, const unsigned char *key, unsigned int key_length ) +{ + return camellia_setkey_enc( (camellia_context *) ctx, key, key_length ); +} + +static void * camellia_ctx_alloc( void ) +{ + return malloc( sizeof( camellia_context ) ); +} + +static void camellia_ctx_free( void *ctx ) +{ + free( ctx ); +} + +const cipher_base_t camellia_info = { + POLARSSL_CIPHER_ID_CAMELLIA, + camellia_crypt_cbc_wrap, + camellia_crypt_cfb128_wrap, + camellia_crypt_ctr_wrap, + camellia_setkey_enc_wrap, + camellia_setkey_dec_wrap, + camellia_ctx_alloc, + camellia_ctx_free +}; + +const cipher_info_t camellia_128_cbc_info = { + POLARSSL_CIPHER_CAMELLIA_128_CBC, + POLARSSL_MODE_CBC, + 128, + "CAMELLIA-128-CBC", + 16, + 16, + &camellia_info +}; + +const cipher_info_t camellia_192_cbc_info = { + POLARSSL_CIPHER_CAMELLIA_192_CBC, + POLARSSL_MODE_CBC, + 192, + "CAMELLIA-192-CBC", + 16, + 16, + &camellia_info +}; + +const cipher_info_t camellia_256_cbc_info = { + POLARSSL_CIPHER_CAMELLIA_256_CBC, + POLARSSL_MODE_CBC, + 256, + "CAMELLIA-256-CBC", + 16, + 16, + &camellia_info +}; + +#if defined(POLARSSL_CIPHER_MODE_CFB) +const cipher_info_t camellia_128_cfb128_info = { + POLARSSL_CIPHER_CAMELLIA_128_CFB128, + POLARSSL_MODE_CFB, + 128, + "CAMELLIA-128-CFB128", + 16, + 16, + &camellia_info +}; + +const cipher_info_t camellia_192_cfb128_info = { + POLARSSL_CIPHER_CAMELLIA_192_CFB128, + POLARSSL_MODE_CFB, + 192, + "CAMELLIA-192-CFB128", + 16, + 16, + &camellia_info +}; + +const cipher_info_t camellia_256_cfb128_info = { + POLARSSL_CIPHER_CAMELLIA_256_CFB128, + POLARSSL_MODE_CFB, + 256, + "CAMELLIA-256-CFB128", + 16, + 16, + &camellia_info +}; +#endif /* POLARSSL_CIPHER_MODE_CFB */ + +#if defined(POLARSSL_CIPHER_MODE_CTR) +const cipher_info_t camellia_128_ctr_info = { + POLARSSL_CIPHER_CAMELLIA_128_CTR, + POLARSSL_MODE_CTR, + 128, + "CAMELLIA-128-CTR", + 16, + 16, + &camellia_info +}; + +const cipher_info_t camellia_192_ctr_info = { + POLARSSL_CIPHER_CAMELLIA_192_CTR, + POLARSSL_MODE_CTR, + 192, + "CAMELLIA-192-CTR", + 16, + 16, + &camellia_info +}; + +const cipher_info_t camellia_256_ctr_info = { + POLARSSL_CIPHER_CAMELLIA_256_CTR, + POLARSSL_MODE_CTR, + 256, + "CAMELLIA-256-CTR", + 16, + 16, + &camellia_info +}; +#endif /* POLARSSL_CIPHER_MODE_CTR */ + +#endif + +#if defined(POLARSSL_DES_C) + +int des_crypt_cbc_wrap( void *ctx, operation_t operation, size_t length, + unsigned char *iv, const unsigned char *input, unsigned char *output ) +{ + return des_crypt_cbc( (des_context *) ctx, operation, length, iv, input, output ); +} + +int des3_crypt_cbc_wrap( void *ctx, operation_t operation, size_t length, + unsigned char *iv, const unsigned char *input, unsigned char *output ) +{ + return des3_crypt_cbc( (des3_context *) ctx, operation, length, iv, input, output ); +} + +int des_crypt_cfb128_wrap( void *ctx, operation_t operation, size_t length, + size_t *iv_off, unsigned char *iv, const unsigned char *input, unsigned char *output ) +{ + ((void) ctx); + ((void) operation); + ((void) length); + ((void) iv_off); + ((void) iv); + ((void) input); + ((void) output); + + return POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE; +} + +int des_crypt_ctr_wrap( void *ctx, size_t length, + size_t *nc_off, unsigned char *nonce_counter, unsigned char *stream_block, + const unsigned char *input, unsigned char *output ) +{ + ((void) ctx); + ((void) length); + ((void) nc_off); + ((void) nonce_counter); + ((void) stream_block); + ((void) input); + ((void) output); + + return POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE; +} + + +int des_setkey_dec_wrap( void *ctx, const unsigned char *key, unsigned int key_length ) +{ + ((void) key_length); + + return des_setkey_dec( (des_context *) ctx, key ); +} + +int des_setkey_enc_wrap( void *ctx, const unsigned char *key, unsigned int key_length ) +{ + ((void) key_length); + + return des_setkey_enc( (des_context *) ctx, key ); +} + +int des3_set2key_dec_wrap( void *ctx, const unsigned char *key, unsigned int key_length ) +{ + ((void) key_length); + + return des3_set2key_dec( (des3_context *) ctx, key ); +} + +int des3_set2key_enc_wrap( void *ctx, const unsigned char *key, unsigned int key_length ) +{ + ((void) key_length); + + return des3_set2key_enc( (des3_context *) ctx, key ); +} + +int des3_set3key_dec_wrap( void *ctx, const unsigned char *key, unsigned int key_length ) +{ + ((void) key_length); + + return des3_set3key_dec( (des3_context *) ctx, key ); +} + +int des3_set3key_enc_wrap( void *ctx, const unsigned char *key, unsigned int key_length ) +{ + ((void) key_length); + + return des3_set3key_enc( (des3_context *) ctx, key ); +} + +static void * des_ctx_alloc( void ) +{ + return malloc( sizeof( des_context ) ); +} + +static void * des3_ctx_alloc( void ) +{ + return malloc( sizeof( des3_context ) ); +} + +static void des_ctx_free( void *ctx ) +{ + free( ctx ); +} + +const cipher_base_t des_info = { + POLARSSL_CIPHER_ID_DES, + des_crypt_cbc_wrap, + des_crypt_cfb128_wrap, + des_crypt_ctr_wrap, + des_setkey_enc_wrap, + des_setkey_dec_wrap, + des_ctx_alloc, + des_ctx_free +}; + +const cipher_info_t des_cbc_info = { + POLARSSL_CIPHER_DES_CBC, + POLARSSL_MODE_CBC, + POLARSSL_KEY_LENGTH_DES, + "DES-CBC", + 8, + 8, + &des_info +}; + +const cipher_base_t des_ede_info = { + POLARSSL_CIPHER_ID_DES, + des3_crypt_cbc_wrap, + des_crypt_cfb128_wrap, + des_crypt_ctr_wrap, + des3_set2key_enc_wrap, + des3_set2key_dec_wrap, + des3_ctx_alloc, + des_ctx_free +}; + +const cipher_info_t des_ede_cbc_info = { + POLARSSL_CIPHER_DES_EDE_CBC, + POLARSSL_MODE_CBC, + POLARSSL_KEY_LENGTH_DES_EDE, + "DES-EDE-CBC", + 8, + 8, + &des_ede_info +}; + +const cipher_base_t des_ede3_info = { + POLARSSL_CIPHER_ID_DES, + des3_crypt_cbc_wrap, + des_crypt_cfb128_wrap, + des_crypt_ctr_wrap, + des3_set3key_enc_wrap, + des3_set3key_dec_wrap, + des3_ctx_alloc, + des_ctx_free +}; + +const cipher_info_t des_ede3_cbc_info = { + POLARSSL_CIPHER_DES_EDE3_CBC, + POLARSSL_MODE_CBC, + POLARSSL_KEY_LENGTH_DES_EDE3, + "DES-EDE3-CBC", + 8, + 8, + &des_ede3_info +}; +#endif + +#if defined(POLARSSL_BLOWFISH_C) + +int blowfish_crypt_cbc_wrap( void *ctx, operation_t operation, size_t length, + unsigned char *iv, const unsigned char *input, unsigned char *output ) +{ + return blowfish_crypt_cbc( (blowfish_context *) ctx, operation, length, iv, input, output ); +} + +int blowfish_crypt_cfb64_wrap( void *ctx, operation_t operation, size_t length, + size_t *iv_off, unsigned char *iv, const unsigned char *input, unsigned char *output ) +{ +#if defined(POLARSSL_CIPHER_MODE_CFB) + return blowfish_crypt_cfb64( (blowfish_context *) ctx, operation, length, iv_off, iv, input, output ); +#else + ((void) ctx); + ((void) operation); + ((void) length); + ((void) iv_off); + ((void) iv); + ((void) input); + ((void) output); + + return POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE; +#endif +} + +int blowfish_crypt_ctr_wrap( void *ctx, size_t length, + size_t *nc_off, unsigned char *nonce_counter, unsigned char *stream_block, + const unsigned char *input, unsigned char *output ) +{ +#if defined(POLARSSL_CIPHER_MODE_CTR) + return blowfish_crypt_ctr( (blowfish_context *) ctx, length, nc_off, nonce_counter, + stream_block, input, output ); +#else + ((void) ctx); + ((void) length); + ((void) nc_off); + ((void) nonce_counter); + ((void) stream_block); + ((void) input); + ((void) output); + + return POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE; +#endif +} + +int blowfish_setkey_dec_wrap( void *ctx, const unsigned char *key, unsigned int key_length ) +{ + return blowfish_setkey( (blowfish_context *) ctx, key, key_length ); +} + +int blowfish_setkey_enc_wrap( void *ctx, const unsigned char *key, unsigned int key_length ) +{ + return blowfish_setkey( (blowfish_context *) ctx, key, key_length ); +} + +static void * blowfish_ctx_alloc( void ) +{ + return malloc( sizeof( blowfish_context ) ); +} + +static void blowfish_ctx_free( void *ctx ) +{ + free( ctx ); +} + +const cipher_base_t blowfish_info = { + POLARSSL_CIPHER_ID_BLOWFISH, + blowfish_crypt_cbc_wrap, + blowfish_crypt_cfb64_wrap, + blowfish_crypt_ctr_wrap, + blowfish_setkey_enc_wrap, + blowfish_setkey_dec_wrap, + blowfish_ctx_alloc, + blowfish_ctx_free +}; + +const cipher_info_t blowfish_cbc_info = { + POLARSSL_CIPHER_BLOWFISH_CBC, + POLARSSL_MODE_CBC, + 128, + "BLOWFISH-CBC", + 8, + 8, + &blowfish_info +}; + +#if defined(POLARSSL_CIPHER_MODE_CFB) +const cipher_info_t blowfish_cfb64_info = { + POLARSSL_CIPHER_BLOWFISH_CFB64, + POLARSSL_MODE_CFB, + 128, + "BLOWFISH-CFB64", + 8, + 8, + &blowfish_info +}; +#endif /* POLARSSL_CIPHER_MODE_CFB */ + +#if defined(POLARSSL_CIPHER_MODE_CTR) +const cipher_info_t blowfish_ctr_info = { + POLARSSL_CIPHER_BLOWFISH_CTR, + POLARSSL_MODE_CTR, + 128, + "BLOWFISH-CTR", + 8, + 8, + &blowfish_info +}; +#endif /* POLARSSL_CIPHER_MODE_CTR */ +#endif /* POLARSSL_BLOWFISH_C */ + +#if defined(POLARSSL_CIPHER_NULL_CIPHER) +static void * null_ctx_alloc( void ) +{ + return (void *) 1; +} + + +static void null_ctx_free( void *ctx ) +{ + ((void) ctx); +} + +const cipher_base_t null_base_info = { + POLARSSL_CIPHER_ID_NULL, + NULL, + NULL, + NULL, + NULL, + NULL, + null_ctx_alloc, + null_ctx_free +}; + +const cipher_info_t null_cipher_info = { + POLARSSL_CIPHER_NULL, + POLARSSL_MODE_NULL, + 0, + "NULL", + 1, + 1, + &null_base_info +}; +#endif /* defined(POLARSSL_CIPHER_NULL_CIPHER) */ + +#endif diff --git a/polarssl/cipher_wrap.h b/polarssl/cipher_wrap.h new file mode 100644 index 0000000..2f18eff --- /dev/null +++ b/polarssl/cipher_wrap.h @@ -0,0 +1,107 @@ +/** + * \file cipher_wrap.h + * + * \brief Cipher wrappers. + * + * \author Adriaan de Jong + * + * Copyright (C) 2006-2012, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef POLARSSL_CIPHER_WRAP_H +#define POLARSSL_CIPHER_WRAP_H + +#include "polarssl/config.h" +#include "polarssl/cipher.h" + +#ifdef __cplusplus +extern "C" { +#endif + +#if defined(POLARSSL_AES_C) + +extern const cipher_info_t aes_128_cbc_info; +extern const cipher_info_t aes_192_cbc_info; +extern const cipher_info_t aes_256_cbc_info; + +#if defined(POLARSSL_CIPHER_MODE_CFB) +extern const cipher_info_t aes_128_cfb128_info; +extern const cipher_info_t aes_192_cfb128_info; +extern const cipher_info_t aes_256_cfb128_info; +#endif /* POLARSSL_CIPHER_MODE_CFB */ + +#if defined(POLARSSL_CIPHER_MODE_CTR) +extern const cipher_info_t aes_128_ctr_info; +extern const cipher_info_t aes_192_ctr_info; +extern const cipher_info_t aes_256_ctr_info; +#endif /* POLARSSL_CIPHER_MODE_CTR */ + +#endif /* defined(POLARSSL_AES_C) */ + +#if defined(POLARSSL_CAMELLIA_C) + +extern const cipher_info_t camellia_128_cbc_info; +extern const cipher_info_t camellia_192_cbc_info; +extern const cipher_info_t camellia_256_cbc_info; + +#if defined(POLARSSL_CIPHER_MODE_CFB) +extern const cipher_info_t camellia_128_cfb128_info; +extern const cipher_info_t camellia_192_cfb128_info; +extern const cipher_info_t camellia_256_cfb128_info; +#endif /* POLARSSL_CIPHER_MODE_CFB */ + +#if defined(POLARSSL_CIPHER_MODE_CTR) +extern const cipher_info_t camellia_128_ctr_info; +extern const cipher_info_t camellia_192_ctr_info; +extern const cipher_info_t camellia_256_ctr_info; +#endif /* POLARSSL_CIPHER_MODE_CTR */ + +#endif /* defined(POLARSSL_CAMELLIA_C) */ + +#if defined(POLARSSL_DES_C) + +extern const cipher_info_t des_cbc_info; +extern const cipher_info_t des_ede_cbc_info; +extern const cipher_info_t des_ede3_cbc_info; + +#endif /* defined(POLARSSL_DES_C) */ + +#if defined(POLARSSL_BLOWFISH_C) +extern const cipher_info_t blowfish_cbc_info; + +#if defined(POLARSSL_CIPHER_MODE_CFB) +extern const cipher_info_t blowfish_cfb64_info; +#endif /* POLARSSL_CIPHER_MODE_CFB */ + +#if defined(POLARSSL_CIPHER_MODE_CTR) +extern const cipher_info_t blowfish_ctr_info; +#endif /* POLARSSL_CIPHER_MODE_CTR */ +#endif /* defined(POLARSSL_BLOWFISH_C) */ + +#if defined(POLARSSL_CIPHER_NULL_CIPHER) +extern const cipher_info_t null_cipher_info; +#endif /* defined(POLARSSL_CIPHER_NULL_CIPHER) */ + +#ifdef __cplusplus +} +#endif + +#endif /* POLARSSL_CIPHER_WRAP_H */ diff --git a/polarssl/config.h b/polarssl/config.h new file mode 100644 index 0000000..bd1a466 --- /dev/null +++ b/polarssl/config.h @@ -0,0 +1,1012 @@ +/** + * \file config.h + * + * \brief Configuration options (set of defines) + * + * Copyright (C) 2006-2013, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + * + * This set of compile-time options may be used to enable + * or disable features selectively, and reduce the global + * memory footprint. + */ +#ifndef POLARSSL_CONFIG_H +#define POLARSSL_CONFIG_H + +#if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE) +#define _CRT_SECURE_NO_DEPRECATE 1 +#endif + +/** + * \name SECTION: System support + * + * This section sets system specific settings. + * \{ + */ + +/** + * \def POLARSSL_HAVE_INT8 + * + * The system uses 8-bit wide native integers. + * + * Uncomment if native integers are 8-bit wide. +#define POLARSSL_HAVE_INT8 + */ + +/** + * \def POLARSSL_HAVE_INT16 + * + * The system uses 16-bit wide native integers. + * + * Uncomment if native integers are 16-bit wide. +#define POLARSSL_HAVE_INT16 + */ + +/** + * \def POLARSSL_HAVE_LONGLONG + * + * The compiler supports the 'long long' type. + * (Only used on 32-bit platforms) + */ +#define POLARSSL_HAVE_LONGLONG + +/** + * \def POLARSSL_HAVE_ASM + * + * The compiler has support for asm() + * + * Uncomment to enable the use of assembly code. + * + * Requires support for asm() in compiler. + * + * Used in: + * library/timing.c + * library/padlock.c + * include/polarssl/bn_mul.h + * + */ +#define POLARSSL_HAVE_ASM + +/** + * \def POLARSSL_HAVE_SSE2 + * + * CPU supports SSE2 instruction set. + * + * Uncomment if the CPU supports SSE2 (IA-32 specific). + * +#define POLARSSL_HAVE_SSE2 + */ +/* \} name */ + +/** + * \name SECTION: PolarSSL feature support + * + * This section sets support for features that are or are not needed + * within the modules that are enabled. + * \{ + */ + +/** + * \def POLARSSL_XXX_ALT + * + * Uncomment a macro to let PolarSSL use your alternate core implementation of + * a symmetric or hash algorithm (e.g. platform specific assembly optimized + * implementations). Keep in mind that the function prototypes should remain + * the same. + * + * Example: In case you uncomment POLARSSL_AES_ALT, PolarSSL will no longer + * provide the "struct aes_context" definition and omit the base function + * declarations and implementations. "aes_alt.h" will be included from + * "aes.h" to include the new function definitions. + * + * Uncomment a macro to enable alternate implementation for core algorithm + * functions +#define POLARSSL_AES_ALT +#define POLARSSL_ARC4_ALT +#define POLARSSL_BLOWFISH_ALT +#define POLARSSL_CAMELLIA_ALT +#define POLARSSL_DES_ALT +#define POLARSSL_XTEA_ALT +#define POLARSSL_MD2_ALT +#define POLARSSL_MD4_ALT +#define POLARSSL_MD5_ALT +#define POLARSSL_SHA1_ALT +#define POLARSSL_SHA2_ALT +#define POLARSSL_SHA4_ALT + */ + +/** + * \def POLARSSL_AES_ROM_TABLES + * + * Store the AES tables in ROM. + * + * Uncomment this macro to store the AES tables in ROM. + * +#define POLARSSL_AES_ROM_TABLES + */ + +/** + * \def POLARSSL_CIPHER_MODE_CFB + * + * Enable Cipher Feedback mode (CFB) for symmetric ciphers. + */ +#define POLARSSL_CIPHER_MODE_CFB + +/** + * \def POLARSSL_CIPHER_MODE_CTR + * + * Enable Counter Block Cipher mode (CTR) for symmetric ciphers. + */ +#define POLARSSL_CIPHER_MODE_CTR + +/** + * \def POLARSSL_CIPHER_NULL_CIPHER + * + * Enable NULL cipher. + * Warning: Only do so when you know what you are doing. This allows for + * encryption or channels without any security! + * + * Requires POLARSSL_ENABLE_WEAK_CIPHERSUITES as well to enable + * the following ciphersuites: + * TLS_RSA_WITH_NULL_MD5 + * TLS_RSA_WITH_NULL_SHA + * TLS_RSA_WITH_NULL_SHA256 + * + * Uncomment this macro to enable the NULL cipher and ciphersuites +#define POLARSSL_CIPHER_NULL_CIPHER + */ + +/** + * \def POLARSSL_ENABLE_WEAK_CIPHERSUITES + * + * Enable weak ciphersuites in SSL / TLS + * Warning: Only do so when you know what you are doing. This allows for + * channels with virtually no security at all! + * + * This enables the following ciphersuites: + * TLS_RSA_WITH_DES_CBC_SHA + * TLS_DHE_RSA_WITH_DES_CBC_SHA + * + * Uncomment this macro to enable weak ciphersuites +#define POLARSSL_ENABLE_WEAK_CIPHERSUITES + */ + +/** + * \def POLARSSL_ERROR_STRERROR_DUMMY + * + * Enable a dummy error function to make use of error_strerror() in + * third party libraries easier. + * + * Disable if you run into name conflicts and want to really remove the + * error_strerror() + */ +#define POLARSSL_ERROR_STRERROR_DUMMY + +/** + * \def POLARSSL_GENPRIME + * + * Requires: POLARSSL_BIGNUM_C, POLARSSL_RSA_C + * + * Enable the RSA prime-number generation code. + */ +#define POLARSSL_GENPRIME + +/** + * \def POLARSSL_FS_IO + * + * Enable functions that use the filesystem. + */ +#define POLARSSL_FS_IO + +/** + * \def POLARSSL_NO_DEFAULT_ENTROPY_SOURCES + * + * Do not add default entropy sources. These are the platform specific, + * hardclock and HAVEGE based poll functions. + * + * This is useful to have more control over the added entropy sources in an + * application. + * + * Uncomment this macro to prevent loading of default entropy functions. +#define POLARSSL_NO_DEFAULT_ENTROPY_SOURCES + */ + +/** + * \def POLARSSL_NO_PLATFORM_ENTROPY + * + * Do not use built-in platform entropy functions. + * This is useful if your platform does not support + * standards like the /dev/urandom or Windows CryptoAPI. + * + * Uncomment this macro to disable the built-in platform entropy functions. +#define POLARSSL_NO_PLATFORM_ENTROPY + */ + +/** + * \def POLARSSL_PKCS1_V21 + * + * Requires: POLARSSL_MD_C, POLARSSL_RSA_C + * + * Enable support for PKCS#1 v2.1 encoding. + * This enables support for RSAES-OAEP and RSASSA-PSS operations. + */ +#define POLARSSL_PKCS1_V21 + +/** + * \def POLARSSL_RSA_NO_CRT + * + * Do not use the Chinese Remainder Theorem for the RSA private operation. + * + * Uncomment this macro to disable the use of CRT in RSA. + * +#define POLARSSL_RSA_NO_CRT + */ + +/** + * \def POLARSSL_SELF_TEST + * + * Enable the checkup functions (*_self_test). + */ +#define POLARSSL_SELF_TEST + +/** + * \def POLARSSL_SSL_ALL_ALERT_MESSAGES + * + * Enable sending of alert messages in case of encountered errors as per RFC. + * If you choose not to send the alert messages, PolarSSL can still communicate + * with other servers, only debugging of failures is harder. + * + * The advantage of not sending alert messages, is that no information is given + * about reasons for failures thus preventing adversaries of gaining intel. + * + * Enable sending of all alert messages + */ +#define POLARSSL_SSL_ALERT_MESSAGES + +/** + * \def POLARSSL_SSL_DEBUG_ALL + * + * Enable the debug messages in SSL module for all issues. + * Debug messages have been disabled in some places to prevent timing + * attacks due to (unbalanced) debugging function calls. + * + * If you need all error reporting you should enable this during debugging, + * but remove this for production servers that should log as well. + * + * Uncomment this macro to report all debug messages on errors introducing + * a timing side-channel. + * +#define POLARSSL_SSL_DEBUG_ALL + */ + +/** + * \def POLARSSL_SSL_HW_RECORD_ACCEL + * + * Enable hooking functions in SSL module for hardware acceleration of + * individual records. + * + * Uncomment this macro to enable hooking functions. +#define POLARSSL_SSL_HW_RECORD_ACCEL + */ + +/** + * \def POLARSSL_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO + * + * Enable support for receiving and parsing SSLv2 Client Hello messages for the + * SSL Server module (POLARSSL_SSL_SRV_C) + * + * Comment this macro to disable support for SSLv2 Client Hello messages. + */ +#define POLARSSL_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO + +/** + * \def POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION + * + * If set, the X509 parser will not break-off when parsing an X509 certificate + * and encountering an unknown critical extension. + * + * Uncomment to prevent an error. + * +#define POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION + */ + +/** + * \def POLARSSL_ZLIB_SUPPORT + * + * If set, the SSL/TLS module uses ZLIB to support compression and + * decompression of packet data. + * + * Used in: library/ssl_tls.c + * library/ssl_cli.c + * library/ssl_srv.c + * + * This feature requires zlib library and headers to be present. + * + * Uncomment to enable use of ZLIB +#define POLARSSL_ZLIB_SUPPORT + */ +/* \} name */ + +/** + * \name SECTION: PolarSSL modules + * + * This section enables or disables entire modules in PolarSSL + * \{ + */ + +/** + * \def POLARSSL_AES_C + * + * Enable the AES block cipher. + * + * Module: library/aes.c + * Caller: library/ssl_tls.c + * library/pem.c + * library/ctr_drbg.c + * + * This module enables the following ciphersuites (if other requisites are + * enabled as well): + * TLS_RSA_WITH_AES_128_CBC_SHA + * TLS_RSA_WITH_AES_256_CBC_SHA + * TLS_DHE_RSA_WITH_AES_128_CBC_SHA + * TLS_DHE_RSA_WITH_AES_256_CBC_SHA + * TLS_RSA_WITH_AES_128_CBC_SHA256 + * TLS_RSA_WITH_AES_256_CBC_SHA256 + * TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 + * TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 + * TLS_RSA_WITH_AES_128_GCM_SHA256 + * TLS_RSA_WITH_AES_256_GCM_SHA384 + * + * PEM uses AES for decrypting encrypted keys. + */ +#define POLARSSL_AES_C + +/** + * \def POLARSSL_ARC4_C + * + * Enable the ARCFOUR stream cipher. + * + * Module: library/arc4.c + * Caller: library/ssl_tls.c + * + * This module enables the following ciphersuites: + * TLS_RSA_WITH_RC4_128_MD5 + * TLS_RSA_WITH_RC4_128_SHA + */ +#define POLARSSL_ARC4_C + +/** + * \def POLARSSL_ASN1_PARSE_C + * + * Enable the generic ASN1 parser. + * + * Module: library/asn1.c + * Caller: library/x509parse.c + */ +#define POLARSSL_ASN1_PARSE_C + +/** + * \def POLARSSL_ASN1_WRITE_C + * + * Enable the generic ASN1 writer. + * + * Module: library/asn1write.c + */ +#define POLARSSL_ASN1_WRITE_C + +/** + * \def POLARSSL_BASE64_C + * + * Enable the Base64 module. + * + * Module: library/base64.c + * Caller: library/pem.c + * + * This module is required for PEM support (required by X.509). + */ +#define POLARSSL_BASE64_C + +/** + * \def POLARSSL_BIGNUM_C + * + * Enable the multi-precision integer library. + * + * Module: library/bignum.c + * Caller: library/dhm.c + * library/rsa.c + * library/ssl_tls.c + * library/x509parse.c + * + * This module is required for RSA and DHM support. + */ +#define POLARSSL_BIGNUM_C + +/** + * \def POLARSSL_BLOWFISH_C + * + * Enable the Blowfish block cipher. + * + * Module: library/blowfish.c + */ +#define POLARSSL_BLOWFISH_C + +/** + * \def POLARSSL_CAMELLIA_C + * + * Enable the Camellia block cipher. + * + * Module: library/camellia.c + * Caller: library/ssl_tls.c + * + * This module enables the following ciphersuites (if other requisites are + * enabled as well): + * TLS_RSA_WITH_CAMELLIA_128_CBC_SHA + * TLS_RSA_WITH_CAMELLIA_256_CBC_SHA + * TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA + * TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA + * TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 + * TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 + */ +#define POLARSSL_CAMELLIA_C + +/** + * \def POLARSSL_CERTS_C + * + * Enable the test certificates. + * + * Module: library/certs.c + * Caller: + * + * This module is used for testing (ssl_client/server). + */ +#define POLARSSL_CERTS_C + +/** + * \def POLARSSL_CIPHER_C + * + * Enable the generic cipher layer. + * + * Module: library/cipher.c + * Caller: + * + * Uncomment to enable generic cipher wrappers. + */ +#define POLARSSL_CIPHER_C + +/** + * \def POLARSSL_CTR_DRBG_C + * + * Enable the CTR_DRBG AES-256-based random generator + * + * Module: library/ctr_drbg.c + * Caller: + * + * Requires: POLARSSL_AES_C + * + * This module provides the CTR_DRBG AES-256 random number generator. + */ +#define POLARSSL_CTR_DRBG_C + +/** + * \def POLARSSL_DEBUG_C + * + * Enable the debug functions. + * + * Module: library/debug.c + * Caller: library/ssl_cli.c + * library/ssl_srv.c + * library/ssl_tls.c + * + * This module provides debugging functions. + */ +#define POLARSSL_DEBUG_C + +/** + * \def POLARSSL_DES_C + * + * Enable the DES block cipher. + * + * Module: library/des.c + * Caller: library/pem.c + * library/ssl_tls.c + * + * This module enables the following ciphersuites (if other requisites are + * enabled as well): + * TLS_RSA_WITH_3DES_EDE_CBC_SHA + * TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA + * + * PEM uses DES/3DES for decrypting encrypted keys. + */ +#define POLARSSL_DES_C + +/** + * \def POLARSSL_DHM_C + * + * Enable the Diffie-Hellman-Merkle key exchange. + * + * Module: library/dhm.c + * Caller: library/ssl_cli.c + * library/ssl_srv.c + * + * This module enables the following ciphersuites (if other requisites are + * enabled as well): + * TLS_DHE_RSA_WITH_DES_CBC_SHA + * TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA + * TLS_DHE_RSA_WITH_AES_128_CBC_SHA + * TLS_DHE_RSA_WITH_AES_256_CBC_SHA + * TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 + * TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 + * TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA + * TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA + * TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 + * TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 + * TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 + * TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 + */ +#define POLARSSL_DHM_C + +/** + * \def POLARSSL_ENTROPY_C + * + * Enable the platform-specific entropy code. + * + * Module: library/entropy.c + * Caller: + * + * Requires: POLARSSL_SHA4_C + * + * This module provides a generic entropy pool + */ +#define POLARSSL_ENTROPY_C + +/** + * \def POLARSSL_ERROR_C + * + * Enable error code to error string conversion. + * + * Module: library/error.c + * Caller: + * + * This module enables err_strerror(). + */ +#define POLARSSL_ERROR_C + +/** + * \def POLARSSL_GCM_C + * + * Enable the Galois/Counter Mode (GCM) for AES + * + * Module: library/gcm.c + * + * Requires: POLARSSL_AES_C + * + * This module enables the following ciphersuites (if other requisites are + * enabled as well): + * TLS_RSA_WITH_AES_128_GCM_SHA256 + * TLS_RSA_WITH_AES_256_GCM_SHA384 + */ +#define POLARSSL_GCM_C + +/** + * \def POLARSSL_HAVEGE_C + * + * Enable the HAVEGE random generator. + * + * Warning: the HAVEGE random generator is not suitable for virtualized + * environments + * + * Warning: the HAVEGE random generator is dependent on timing and specific + * processor traits. It is therefore not advised to use HAVEGE as + * your applications primary random generator or primary entropy pool + * input. As a secondary input to your entropy pool, it IS able add + * the (limited) extra entropy it provides. + * + * Module: library/havege.c + * Caller: + * + * Requires: POLARSSL_TIMING_C + * + * Uncomment to enable the HAVEGE random generator. +#define POLARSSL_HAVEGE_C + */ + +/** + * \def POLARSSL_MD_C + * + * Enable the generic message digest layer. + * + * Module: library/md.c + * Caller: + * + * Uncomment to enable generic message digest wrappers. + */ +#define POLARSSL_MD_C + +/** + * \def POLARSSL_MD2_C + * + * Enable the MD2 hash algorithm + * + * Module: library/md2.c + * Caller: library/x509parse.c + * + * Uncomment to enable support for (rare) MD2-signed X.509 certs. + * +#define POLARSSL_MD2_C + */ + +/** + * \def POLARSSL_MD4_C + * + * Enable the MD4 hash algorithm + * + * Module: library/md4.c + * Caller: library/x509parse.c + * + * Uncomment to enable support for (rare) MD4-signed X.509 certs. + * +#define POLARSSL_MD4_C + */ + +/** + * \def POLARSSL_MD5_C + * + * Enable the MD5 hash algorithm + * + * Module: library/md5.c + * Caller: library/pem.c + * library/ssl_tls.c + * library/x509parse.c + * + * This module is required for SSL/TLS and X.509. + * PEM uses MD5 for decrypting encrypted keys. + */ +#define POLARSSL_MD5_C + +/** + * \def POLARSSL_NET_C + * + * Enable the TCP/IP networking routines. + * + * Module: library/net.c + * Caller: + * + * This module provides TCP/IP networking routines. + */ +#define POLARSSL_NET_C + +/** + * \def POLARSSL_PADLOCK_C + * + * Enable VIA Padlock support on x86. + * + * Module: library/padlock.c + * Caller: library/aes.c + * + * This modules adds support for the VIA PadLock on x86. + */ +#define POLARSSL_PADLOCK_C + +/** + * \def POLARSSL_PBKDF2_C + * + * Enable PKCS#5 PBKDF2 key derivation function + * DEPRECATED: Use POLARSSL_PKCS5_C instead + * + * Module: library/pbkdf2.c + * + * Requires: POLARSSL_PKCS5_C + * + * This module adds support for the PKCS#5 PBKDF2 key derivation function. +#define POLARSSL_PBKDF2_C + */ + +/** + * \def POLARSSL_PEM_C + * + * Enable PEM decoding + * + * Module: library/pem.c + * Caller: library/x509parse.c + * + * Requires: POLARSSL_BASE64_C + * + * This modules adds support for decoding PEM files. + */ +#define POLARSSL_PEM_C + +/** + * \def POLARSSL_PKCS5_C + * + * Enable PKCS#5 functions + * + * Module: library/pkcs5.c + * + * Requires: POLARSSL_MD_C + * + * This module adds support for the PKCS#5 functions. + */ +#define POLARSSL_PKCS5_C + +/** + * \def POLARSSL_PKCS11_C + * + * Enable wrapper for PKCS#11 smartcard support. + * + * Module: library/ssl_srv.c + * Caller: library/ssl_cli.c + * library/ssl_srv.c + * + * Requires: POLARSSL_SSL_TLS_C + * + * This module enables SSL/TLS PKCS #11 smartcard support. + * Requires the presence of the PKCS#11 helper library (libpkcs11-helper) +#define POLARSSL_PKCS11_C + */ + +/** + * \def POLARSSL_PKCS12_C + * + * Enable PKCS#12 PBE functions + * Adds algorithms for parsing PKCS#8 encrypted private keys + * + * Module: library/pkcs12.c + * Caller: library/x509parse.c + * + * Requires: POLARSSL_ASN1_PARSE_C, POLARSSL_CIPHER_C, POLARSSL_MD_C + * Can use: POLARSSL_ARC4_C + * + * This module enables PKCS#12 functions. + */ +#define POLARSSL_PKCS12_C + +/** + * \def POLARSSL_RSA_C + * + * Enable the RSA public-key cryptosystem. + * + * Module: library/rsa.c + * Caller: library/ssl_cli.c + * library/ssl_srv.c + * library/ssl_tls.c + * library/x509.c + * + * Requires: POLARSSL_BIGNUM_C + * + * This module is required for SSL/TLS and MD5-signed certificates. + */ +#define POLARSSL_RSA_C + +/** + * \def POLARSSL_SHA1_C + * + * Enable the SHA1 cryptographic hash algorithm. + * + * Module: library/sha1.c + * Caller: library/ssl_cli.c + * library/ssl_srv.c + * library/ssl_tls.c + * library/x509parse.c + * + * This module is required for SSL/TLS and SHA1-signed certificates. + */ +#define POLARSSL_SHA1_C + +/** + * \def POLARSSL_SHA2_C + * + * Enable the SHA-224 and SHA-256 cryptographic hash algorithms. + * + * Module: library/sha2.c + * Caller: library/md_wrap.c + * library/x509parse.c + * + * This module adds support for SHA-224 and SHA-256. + * This module is required for the SSL/TLS 1.2 PRF function. + */ +#define POLARSSL_SHA2_C + +/** + * \def POLARSSL_SHA4_C + * + * Enable the SHA-384 and SHA-512 cryptographic hash algorithms. + * + * Module: library/sha4.c + * Caller: library/md_wrap.c + * library/x509parse.c + * + * This module adds support for SHA-384 and SHA-512. + */ +#define POLARSSL_SHA4_C + +/** + * \def POLARSSL_SSL_CACHE_C + * + * Enable simple SSL cache implementation. + * + * Module: library/ssl_cache.c + * Caller: + * + * Requires: POLARSSL_SSL_CACHE_C + */ +#define POLARSSL_SSL_CACHE_C + +/** + * \def POLARSSL_SSL_CLI_C + * + * Enable the SSL/TLS client code. + * + * Module: library/ssl_cli.c + * Caller: + * + * Requires: POLARSSL_SSL_TLS_C + * + * This module is required for SSL/TLS client support. + */ +#define POLARSSL_SSL_CLI_C + +/** + * \def POLARSSL_SSL_SRV_C + * + * Enable the SSL/TLS server code. + * + * Module: library/ssl_srv.c + * Caller: + * + * Requires: POLARSSL_SSL_TLS_C + * + * This module is required for SSL/TLS server support. + */ +#define POLARSSL_SSL_SRV_C + +/** + * \def POLARSSL_SSL_TLS_C + * + * Enable the generic SSL/TLS code. + * + * Module: library/ssl_tls.c + * Caller: library/ssl_cli.c + * library/ssl_srv.c + * + * Requires: POLARSSL_MD5_C, POLARSSL_SHA1_C, POLARSSL_X509_PARSE_C + * + * This module is required for SSL/TLS. + */ +#define POLARSSL_SSL_TLS_C + +/** + * \def POLARSSL_TIMING_C + * + * Enable the portable timing interface. + * + * Module: library/timing.c + * Caller: library/havege.c + * + * This module is used by the HAVEGE random number generator. + */ +#define POLARSSL_TIMING_C + +/** + * \def POLARSSL_VERSION_C + * + * Enable run-time version information. + * + * Module: library/version.c + * + * This module provides run-time version information. + */ +#define POLARSSL_VERSION_C + +/** + * \def POLARSSL_X509_PARSE_C + * + * Enable X.509 certificate parsing. + * + * Module: library/x509parse.c + * Caller: library/ssl_cli.c + * library/ssl_srv.c + * library/ssl_tls.c + * + * Requires: POLARSSL_ASN1_PARSE_C, POLARSSL_BIGNUM_C, POLARSSL_RSA_C + * + * This module is required for X.509 certificate parsing. + */ +#define POLARSSL_X509_PARSE_C + +/** + * \def POLARSSL_X509_WRITE_C + * + * Enable X.509 buffer writing. + * + * Module: library/x509write.c + * + * Requires: POLARSSL_BIGNUM_C, POLARSSL_RSA_C + * + * This module is required for X.509 certificate request writing. + */ +#define POLARSSL_X509_WRITE_C + +/** + * \def POLARSSL_XTEA_C + * + * Enable the XTEA block cipher. + * + * Module: library/xtea.c + * Caller: + */ +#define POLARSSL_XTEA_C +/* \} name */ + +/** + * \name SECTION: Module configuration options + * + * This section allows for the setting of module specific sizes and + * configuration options. The default values are already present in the + * relevant header files and should suffice for the regular use cases. + * Our advice is to enable POLARSSL_CONFIG_OPTIONS and change values here + * only if you have a good reason and know the consequences. + * + * If POLARSSL_CONFIG_OPTIONS is undefined here the options in the module + * header file take precedence. + * + * Please check the respective header file for documentation on these + * parameters (to prevent duplicate documentation). + * + * Uncomment POLARSSL_CONFIG_OPTIONS to enable using the values defined here. + * \{ + */ +//#define POLARSSL_CONFIG_OPTIONS /**< Enable config.h module value configuration */ + +#if defined(POLARSSL_CONFIG_OPTIONS) + +// MPI / BIGNUM options +// +#define POLARSSL_MPI_WINDOW_SIZE 6 /**< Maximum windows size used. */ +#define POLARSSL_MPI_MAX_SIZE 512 /**< Maximum number of bytes for usable MPIs. */ + +// CTR_DRBG options +// +#define CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default */ +#define CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ +#define CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ +#define CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ +#define CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ + +// Entropy options +// +#define ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */ +#define ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */ + +// SSL Cache options +// +#define SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */ +#define SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */ + +// SSL options +// +#define SSL_MAX_CONTENT_LEN 16384 /**< Size of the input / output buffer */ + +#endif /* POLARSSL_CONFIG_OPTIONS */ + +/* \} name */ +#endif /* config.h */ diff --git a/polarssl/ctr_drbg.c b/polarssl/ctr_drbg.c new file mode 100644 index 0000000..8cf0371 --- /dev/null +++ b/polarssl/ctr_drbg.c @@ -0,0 +1,562 @@ +/* + * CTR_DRBG implementation based on AES-256 (NIST SP 800-90) + * + * Copyright (C) 2006-2011, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +/* + * The NIST SP 800-90 DRBGs are described in the following publucation. + * + * http://csrc.nist.gov/publications/nistpubs/800-90/SP800-90revised_March2007.pdf + */ + +#include "polarssl/config.h" + +#if defined(POLARSSL_CTR_DRBG_C) + +#include "polarssl/ctr_drbg.h" + +#if defined(POLARSSL_FS_IO) +#include +#endif + +/* + * Non-public function wrapped by ctr_crbg_init(). Necessary to allow NIST + * tests to succeed (which require known length fixed entropy) + */ +int ctr_drbg_init_entropy_len( + ctr_drbg_context *ctx, + int (*f_entropy)(void *, unsigned char *, size_t), + void *p_entropy, + const unsigned char *custom, + size_t len, + size_t entropy_len ) +{ + int ret; + unsigned char key[CTR_DRBG_KEYSIZE]; + + memset( ctx, 0, sizeof(ctr_drbg_context) ); + memset( key, 0, CTR_DRBG_KEYSIZE ); + + ctx->f_entropy = f_entropy; + ctx->p_entropy = p_entropy; + + ctx->entropy_len = entropy_len; + ctx->reseed_interval = CTR_DRBG_RESEED_INTERVAL; + + /* + * Initialize with an empty key + */ + aes_setkey_enc( &ctx->aes_ctx, key, CTR_DRBG_KEYBITS ); + + if( ( ret = ctr_drbg_reseed( ctx, custom, len ) ) != 0 ) + return( ret ); + + return( 0 ); +} + +int ctr_drbg_init( ctr_drbg_context *ctx, + int (*f_entropy)(void *, unsigned char *, size_t), + void *p_entropy, + const unsigned char *custom, + size_t len ) +{ + return( ctr_drbg_init_entropy_len( ctx, f_entropy, p_entropy, custom, len, + CTR_DRBG_ENTROPY_LEN ) ); +} + +void ctr_drbg_set_prediction_resistance( ctr_drbg_context *ctx, int resistance ) +{ + ctx->prediction_resistance = resistance; +} + +void ctr_drbg_set_entropy_len( ctr_drbg_context *ctx, size_t len ) +{ + ctx->entropy_len = len; +} + +void ctr_drbg_set_reseed_interval( ctr_drbg_context *ctx, int interval ) +{ + ctx->reseed_interval = interval; +} + +int block_cipher_df( unsigned char *output, + const unsigned char *data, size_t data_len ) +{ + unsigned char buf[CTR_DRBG_MAX_SEED_INPUT + CTR_DRBG_BLOCKSIZE + 16]; + unsigned char tmp[CTR_DRBG_SEEDLEN]; + unsigned char key[CTR_DRBG_KEYSIZE]; + unsigned char chain[CTR_DRBG_BLOCKSIZE]; + unsigned char *p = buf, *iv; + aes_context aes_ctx; + + int i, j, buf_len, use_len; + + memset( buf, 0, CTR_DRBG_MAX_SEED_INPUT + CTR_DRBG_BLOCKSIZE + 16 ); + + /* + * Construct IV (16 bytes) and S in buffer + * IV = Counter (in 32-bits) padded to 16 with zeroes + * S = Length input string (in 32-bits) || Length of output (in 32-bits) || + * data || 0x80 + * (Total is padded to a multiple of 16-bytes with zeroes) + */ + p = buf + CTR_DRBG_BLOCKSIZE; + *p++ = ( data_len >> 24 ) & 0xff; + *p++ = ( data_len >> 16 ) & 0xff; + *p++ = ( data_len >> 8 ) & 0xff; + *p++ = ( data_len ) & 0xff; + p += 3; + *p++ = CTR_DRBG_SEEDLEN; + memcpy( p, data, data_len ); + p[data_len] = 0x80; + + buf_len = CTR_DRBG_BLOCKSIZE + 8 + data_len + 1; + + for( i = 0; i < CTR_DRBG_KEYSIZE; i++ ) + key[i] = i; + + aes_setkey_enc( &aes_ctx, key, CTR_DRBG_KEYBITS ); + + /* + * Reduce data to POLARSSL_CTR_DRBG_SEEDLEN bytes of data + */ + for( j = 0; j < CTR_DRBG_SEEDLEN; j += CTR_DRBG_BLOCKSIZE ) + { + p = buf; + memset( chain, 0, CTR_DRBG_BLOCKSIZE ); + use_len = buf_len; + + while( use_len > 0 ) + { + for( i = 0; i < CTR_DRBG_BLOCKSIZE; i++ ) + chain[i] ^= p[i]; + p += CTR_DRBG_BLOCKSIZE; + use_len -= CTR_DRBG_BLOCKSIZE; + + aes_crypt_ecb( &aes_ctx, AES_ENCRYPT, chain, chain ); + } + + memcpy( tmp + j, chain, CTR_DRBG_BLOCKSIZE ); + + /* + * Update IV + */ + buf[3]++; + } + + /* + * Do final encryption with reduced data + */ + aes_setkey_enc( &aes_ctx, tmp, CTR_DRBG_KEYBITS ); + iv = tmp + CTR_DRBG_KEYSIZE; + p = output; + + for( j = 0; j < CTR_DRBG_SEEDLEN; j += CTR_DRBG_BLOCKSIZE ) + { + aes_crypt_ecb( &aes_ctx, AES_ENCRYPT, iv, iv ); + memcpy( p, iv, CTR_DRBG_BLOCKSIZE ); + p += CTR_DRBG_BLOCKSIZE; + } + + return( 0 ); +} + +int ctr_drbg_update_internal( ctr_drbg_context *ctx, + const unsigned char data[CTR_DRBG_SEEDLEN] ) +{ + unsigned char tmp[CTR_DRBG_SEEDLEN]; + unsigned char *p = tmp; + int i, j; + + memset( tmp, 0, CTR_DRBG_SEEDLEN ); + + for( j = 0; j < CTR_DRBG_SEEDLEN; j += CTR_DRBG_BLOCKSIZE ) + { + /* + * Increase counter + */ + for( i = CTR_DRBG_BLOCKSIZE; i > 0; i-- ) + if( ++ctx->counter[i - 1] != 0 ) + break; + + /* + * Crypt counter block + */ + aes_crypt_ecb( &ctx->aes_ctx, AES_ENCRYPT, ctx->counter, p ); + + p += CTR_DRBG_BLOCKSIZE; + } + + for( i = 0; i < CTR_DRBG_SEEDLEN; i++ ) + tmp[i] ^= data[i]; + + /* + * Update key and counter + */ + aes_setkey_enc( &ctx->aes_ctx, tmp, CTR_DRBG_KEYBITS ); + memcpy( ctx->counter, tmp + CTR_DRBG_KEYSIZE, CTR_DRBG_BLOCKSIZE ); + + return( 0 ); +} + +void ctr_drbg_update( ctr_drbg_context *ctx, + const unsigned char *additional, size_t add_len ) +{ + unsigned char add_input[CTR_DRBG_SEEDLEN]; + + if( add_len > 0 ) + { + block_cipher_df( add_input, additional, add_len ); + ctr_drbg_update_internal( ctx, add_input ); + } +} + +int ctr_drbg_reseed( ctr_drbg_context *ctx, + const unsigned char *additional, size_t len ) +{ + unsigned char seed[CTR_DRBG_MAX_SEED_INPUT]; + size_t seedlen = 0; + + if( ctx->entropy_len + len > CTR_DRBG_MAX_SEED_INPUT ) + return( POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG ); + + memset( seed, 0, CTR_DRBG_MAX_SEED_INPUT ); + + /* + * Gather enropy_len bytes of entropy to seed state + */ + if( 0 != ctx->f_entropy( ctx->p_entropy, seed, + ctx->entropy_len ) ) + { + return( POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED ); + } + + seedlen += ctx->entropy_len; + + /* + * Add additional data + */ + if( additional && len ) + { + memcpy( seed + seedlen, additional, len ); + seedlen += len; + } + + /* + * Reduce to 384 bits + */ + block_cipher_df( seed, seed, seedlen ); + + /* + * Update state + */ + ctr_drbg_update_internal( ctx, seed ); + ctx->reseed_counter = 1; + + return( 0 ); +} + +int ctr_drbg_random_with_add( void *p_rng, + unsigned char *output, size_t output_len, + const unsigned char *additional, size_t add_len ) +{ + int ret = 0; + ctr_drbg_context *ctx = (ctr_drbg_context *) p_rng; + unsigned char add_input[CTR_DRBG_SEEDLEN]; + unsigned char *p = output; + unsigned char tmp[CTR_DRBG_BLOCKSIZE]; + int i; + size_t use_len; + + if( output_len > CTR_DRBG_MAX_REQUEST ) + return( POLARSSL_ERR_CTR_DRBG_REQUEST_TOO_BIG ); + + if( add_len > CTR_DRBG_MAX_INPUT ) + return( POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG ); + + memset( add_input, 0, CTR_DRBG_SEEDLEN ); + + if( ctx->reseed_counter > ctx->reseed_interval || + ctx->prediction_resistance ) + { + if( ( ret = ctr_drbg_reseed( ctx, additional, add_len ) ) != 0 ) + return( ret ); + + add_len = 0; + } + + if( add_len > 0 ) + { + block_cipher_df( add_input, additional, add_len ); + ctr_drbg_update_internal( ctx, add_input ); + } + + while( output_len > 0 ) + { + /* + * Increase counter + */ + for( i = CTR_DRBG_BLOCKSIZE; i > 0; i-- ) + if( ++ctx->counter[i - 1] != 0 ) + break; + + /* + * Crypt counter block + */ + aes_crypt_ecb( &ctx->aes_ctx, AES_ENCRYPT, ctx->counter, tmp ); + + use_len = (output_len > CTR_DRBG_BLOCKSIZE ) ? CTR_DRBG_BLOCKSIZE : output_len; + /* + * Copy random block to destination + */ + memcpy( p, tmp, use_len ); + p += use_len; + output_len -= use_len; + } + + ctr_drbg_update_internal( ctx, add_input ); + + ctx->reseed_counter++; + + return( 0 ); +} + +int ctr_drbg_random( void *p_rng, unsigned char *output, size_t output_len ) +{ + return ctr_drbg_random_with_add( p_rng, output, output_len, NULL, 0 ); +} + +#if defined(POLARSSL_FS_IO) +int ctr_drbg_write_seed_file( ctr_drbg_context *ctx, const char *path ) +{ + int ret; + FILE *f; + unsigned char buf[ CTR_DRBG_MAX_INPUT ]; + + if( ( f = fopen( path, "wb" ) ) == NULL ) + return( POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR ); + + if( ( ret = ctr_drbg_random( ctx, buf, CTR_DRBG_MAX_INPUT ) ) != 0 ) + return( ret ); + + if( fwrite( buf, 1, CTR_DRBG_MAX_INPUT, f ) != CTR_DRBG_MAX_INPUT ) + { + fclose( f ); + return( POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR ); + } + + fclose( f ); + return( 0 ); +} + +int ctr_drbg_update_seed_file( ctr_drbg_context *ctx, const char *path ) +{ + FILE *f; + size_t n; + unsigned char buf[ CTR_DRBG_MAX_INPUT ]; + + if( ( f = fopen( path, "rb" ) ) == NULL ) + return( POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR ); + + fseek( f, 0, SEEK_END ); + n = (size_t) ftell( f ); + fseek( f, 0, SEEK_SET ); + + if( n > CTR_DRBG_MAX_INPUT ) + return( POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG ); + + if( fread( buf, 1, n, f ) != n ) + { + fclose( f ); + return( POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR ); + } + + ctr_drbg_update( ctx, buf, n ); + + fclose( f ); + + return( ctr_drbg_write_seed_file( ctx, path ) ); +} +#endif /* POLARSSL_FS_IO */ + +#if defined(POLARSSL_SELF_TEST) + +#include + +unsigned char entropy_source_pr[96] = + { 0xc1, 0x80, 0x81, 0xa6, 0x5d, 0x44, 0x02, 0x16, + 0x19, 0xb3, 0xf1, 0x80, 0xb1, 0xc9, 0x20, 0x02, + 0x6a, 0x54, 0x6f, 0x0c, 0x70, 0x81, 0x49, 0x8b, + 0x6e, 0xa6, 0x62, 0x52, 0x6d, 0x51, 0xb1, 0xcb, + 0x58, 0x3b, 0xfa, 0xd5, 0x37, 0x5f, 0xfb, 0xc9, + 0xff, 0x46, 0xd2, 0x19, 0xc7, 0x22, 0x3e, 0x95, + 0x45, 0x9d, 0x82, 0xe1, 0xe7, 0x22, 0x9f, 0x63, + 0x31, 0x69, 0xd2, 0x6b, 0x57, 0x47, 0x4f, 0xa3, + 0x37, 0xc9, 0x98, 0x1c, 0x0b, 0xfb, 0x91, 0x31, + 0x4d, 0x55, 0xb9, 0xe9, 0x1c, 0x5a, 0x5e, 0xe4, + 0x93, 0x92, 0xcf, 0xc5, 0x23, 0x12, 0xd5, 0x56, + 0x2c, 0x4a, 0x6e, 0xff, 0xdc, 0x10, 0xd0, 0x68 }; + +unsigned char entropy_source_nopr[64] = + { 0x5a, 0x19, 0x4d, 0x5e, 0x2b, 0x31, 0x58, 0x14, + 0x54, 0xde, 0xf6, 0x75, 0xfb, 0x79, 0x58, 0xfe, + 0xc7, 0xdb, 0x87, 0x3e, 0x56, 0x89, 0xfc, 0x9d, + 0x03, 0x21, 0x7c, 0x68, 0xd8, 0x03, 0x38, 0x20, + 0xf9, 0xe6, 0x5e, 0x04, 0xd8, 0x56, 0xf3, 0xa9, + 0xc4, 0x4a, 0x4c, 0xbd, 0xc1, 0xd0, 0x08, 0x46, + 0xf5, 0x98, 0x3d, 0x77, 0x1c, 0x1b, 0x13, 0x7e, + 0x4e, 0x0f, 0x9d, 0x8e, 0xf4, 0x09, 0xf9, 0x2e }; + +unsigned char nonce_pers_pr[16] = + { 0xd2, 0x54, 0xfc, 0xff, 0x02, 0x1e, 0x69, 0xd2, + 0x29, 0xc9, 0xcf, 0xad, 0x85, 0xfa, 0x48, 0x6c }; + +unsigned char nonce_pers_nopr[16] = + { 0x1b, 0x54, 0xb8, 0xff, 0x06, 0x42, 0xbf, 0xf5, + 0x21, 0xf1, 0x5c, 0x1c, 0x0b, 0x66, 0x5f, 0x3f }; + +unsigned char result_pr[16] = + { 0x34, 0x01, 0x16, 0x56, 0xb4, 0x29, 0x00, 0x8f, + 0x35, 0x63, 0xec, 0xb5, 0xf2, 0x59, 0x07, 0x23 }; + +unsigned char result_nopr[16] = + { 0xa0, 0x54, 0x30, 0x3d, 0x8a, 0x7e, 0xa9, 0x88, + 0x9d, 0x90, 0x3e, 0x07, 0x7c, 0x6f, 0x21, 0x8f }; + +int test_offset; +int ctr_drbg_self_test_entropy( void *data, unsigned char *buf, size_t len ) +{ + unsigned char *p = data; + memcpy( buf, p + test_offset, len ); + test_offset += 32; + return( 0 ); +} + +/* + * Checkup routine + */ +int ctr_drbg_self_test( int verbose ) +{ + ctr_drbg_context ctx; + unsigned char buf[16]; + + /* + * Based on a NIST CTR_DRBG test vector (PR = True) + */ + if( verbose != 0 ) + printf( " CTR_DRBG (PR = TRUE) : " ); + + test_offset = 0; + if( ctr_drbg_init_entropy_len( &ctx, ctr_drbg_self_test_entropy, entropy_source_pr, nonce_pers_pr, 16, 32 ) != 0 ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( 1 ); + } + ctr_drbg_set_prediction_resistance( &ctx, CTR_DRBG_PR_ON ); + + if( ctr_drbg_random( &ctx, buf, CTR_DRBG_BLOCKSIZE ) != 0 ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( 1 ); + } + + if( ctr_drbg_random( &ctx, buf, CTR_DRBG_BLOCKSIZE ) != 0 ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( 1 ); + } + + if( memcmp( buf, result_pr, CTR_DRBG_BLOCKSIZE ) != 0 ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( 1 ); + } + + if( verbose != 0 ) + printf( "passed\n" ); + + /* + * Based on a NIST CTR_DRBG test vector (PR = FALSE) + */ + if( verbose != 0 ) + printf( " CTR_DRBG (PR = FALSE): " ); + + test_offset = 0; + if( ctr_drbg_init_entropy_len( &ctx, ctr_drbg_self_test_entropy, entropy_source_nopr, nonce_pers_nopr, 16, 32 ) != 0 ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( 1 ); + } + + if( ctr_drbg_random( &ctx, buf, 16 ) != 0 ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( 1 ); + } + + if( ctr_drbg_reseed( &ctx, NULL, 0 ) != 0 ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( 1 ); + } + + if( ctr_drbg_random( &ctx, buf, 16 ) != 0 ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( 1 ); + } + + if( memcmp( buf, result_nopr, 16 ) != 0 ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( 1 ); + } + + if( verbose != 0 ) + printf( "passed\n" ); + + if( verbose != 0 ) + printf( "\n" ); + + return( 0 ); +} +#endif + +#endif diff --git a/polarssl/ctr_drbg.h b/polarssl/ctr_drbg.h new file mode 100644 index 0000000..c75feda --- /dev/null +++ b/polarssl/ctr_drbg.h @@ -0,0 +1,231 @@ +/** + * \file ctr_drbg.h + * + * \brief CTR_DRBG based on AES-256 (NIST SP 800-90) + * + * Copyright (C) 2006-2013, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef POLARSSL_CTR_DRBG_H +#define POLARSSL_CTR_DRBG_H + +#include + +#include "polarssl/aes.h" + +#define POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED -0x0034 /**< The entropy source failed. */ +#define POLARSSL_ERR_CTR_DRBG_REQUEST_TOO_BIG -0x0036 /**< Too many random requested in single call. */ +#define POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG -0x0038 /**< Input too large (Entropy + additional). */ +#define POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR -0x003A /**< Read/write error in file. */ + +#define CTR_DRBG_BLOCKSIZE 16 /**< Block size used by the cipher */ +#define CTR_DRBG_KEYSIZE 32 /**< Key size used by the cipher */ +#define CTR_DRBG_KEYBITS ( CTR_DRBG_KEYSIZE * 8 ) +#define CTR_DRBG_SEEDLEN ( CTR_DRBG_KEYSIZE + CTR_DRBG_BLOCKSIZE ) + /**< The seed length (counter + AES key) */ + +#if !defined(POLARSSL_CONFIG_OPTIONS) +#define CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default */ +#define CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ +#define CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ +#define CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ +#define CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ +#endif /* !POLARSSL_CONFIG_OPTIONS */ + +#define CTR_DRBG_PR_OFF 0 /**< No prediction resistance */ +#define CTR_DRBG_PR_ON 1 /**< Prediction resistance enabled */ + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief CTR_DRBG context structure + */ +typedef struct +{ + unsigned char counter[16]; /*!< counter (V) */ + int reseed_counter; /*!< reseed counter */ + int prediction_resistance; /*!< enable prediction resistance (Automatic + reseed before every random generation) */ + size_t entropy_len; /*!< amount of entropy grabbed on each (re)seed */ + int reseed_interval; /*!< reseed interval */ + + aes_context aes_ctx; /*!< AES context */ + + /* + * Callbacks (Entropy) + */ + int (*f_entropy)(void *, unsigned char *, size_t); + + void *p_entropy; /*!< context for the entropy function */ +} +ctr_drbg_context; + +/** + * \brief CTR_DRBG initialization + * + * Note: Personalization data can be provided in addition to the more generic + * entropy source to make this instantiation as unique as possible. + * + * \param ctx CTR_DRBG context to be initialized + * \param f_entropy Entropy callback (p_entropy, buffer to fill, buffer + * length) + * \param p_entropy Entropy context + * \param custom Personalization data (Device specific identifiers) + * (Can be NULL) + * \param len Length of personalization data + * + * \return 0 if successful, or + * POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED + */ +int ctr_drbg_init( ctr_drbg_context *ctx, + int (*f_entropy)(void *, unsigned char *, size_t), + void *p_entropy, + const unsigned char *custom, + size_t len ); + +/** + * \brief Enable / disable prediction resistance (Default: Off) + * + * Note: If enabled, entropy is used for ctx->entropy_len before each call! + * Only use this if you have ample supply of good entropy! + * + * \param ctx CTR_DRBG context + * \param resistance CTR_DRBG_PR_ON or CTR_DRBG_PR_OFF + */ +void ctr_drbg_set_prediction_resistance( ctr_drbg_context *ctx, + int resistance ); + +/** + * \brief Set the amount of entropy grabbed on each (re)seed + * (Default: CTR_DRBG_ENTROPY_LEN) + * + * \param ctx CTR_DRBG context + * \param len Amount of entropy to grab + */ +void ctr_drbg_set_entropy_len( ctr_drbg_context *ctx, + size_t len ); + +/** + * \brief Set the reseed interval + * (Default: CTR_DRBG_RESEED_INTERVAL) + * + * \param ctx CTR_DRBG context + * \param interval Reseed interval + */ +void ctr_drbg_set_reseed_interval( ctr_drbg_context *ctx, + int interval ); + +/** + * \brief CTR_DRBG reseeding (extracts data from entropy source) + * + * \param ctx CTR_DRBG context + * \param additional Additional data to add to state (Can be NULL) + * \param len Length of additional data + * + * \return 0 if successful, or + * POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED + */ +int ctr_drbg_reseed( ctr_drbg_context *ctx, + const unsigned char *additional, size_t len ); + +/** + * \brief CTR_DRBG update state + * + * \param ctx CTR_DRBG context + * \param additional Additional data to update state with + * \param add_len Length of additional data + */ +void ctr_drbg_update( ctr_drbg_context *ctx, + const unsigned char *additional, size_t add_len ); + +/** + * \brief CTR_DRBG generate random with additional update input + * + * Note: Automatically reseeds if reseed_counter is reached. + * + * \param p_rng CTR_DRBG context + * \param output Buffer to fill + * \param output_len Length of the buffer + * \param additional Additional data to update with (Can be NULL) + * \param add_len Length of additional data + * + * \return 0 if successful, or + * POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED, or + * POLARSSL_ERR_CTR_DRBG_REQUEST_TOO_BIG + */ +int ctr_drbg_random_with_add( void *p_rng, + unsigned char *output, size_t output_len, + const unsigned char *additional, size_t add_len ); + +/** + * \brief CTR_DRBG generate random + * + * Note: Automatically reseeds if reseed_counter is reached. + * + * \param p_rng CTR_DRBG context + * \param output Buffer to fill + * \param output_len Length of the buffer + * + * \return 0 if successful, or + * POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED, or + * POLARSSL_ERR_CTR_DRBG_REQUEST_TOO_BIG + */ +int ctr_drbg_random( void *p_rng, + unsigned char *output, size_t output_len ); + +#if defined(POLARSSL_FS_IO) +/** + * \brief Write a seed file + * + * \param path Name of the file + * + * \return 0 if successful, 1 on file error, or + * POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED + */ +int ctr_drbg_write_seed_file( ctr_drbg_context *ctx, const char *path ); + +/** + * \brief Read and update a seed file. Seed is added to this + * instance + * + * \param path Name of the file + * + * \return 0 if successful, 1 on file error, + * POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED or + * POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG + */ +int ctr_drbg_update_seed_file( ctr_drbg_context *ctx, const char *path ); +#endif + +/** + * \brief Checkup routine + * + * \return 0 if successful, or 1 if the test failed + */ +int ctr_drbg_self_test( int verbose ); + +#ifdef __cplusplus +} +#endif + +#endif /* ctr_drbg.h */ diff --git a/polarssl/debug.c b/polarssl/debug.c new file mode 100644 index 0000000..81ee649 --- /dev/null +++ b/polarssl/debug.c @@ -0,0 +1,238 @@ +/* + * Debugging routines + * + * Copyright (C) 2006-2010, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#include "polarssl/config.h" + +#if defined(POLARSSL_DEBUG_C) + +#include "polarssl/debug.h" + +#include +#include + +#if defined _MSC_VER && !defined snprintf +#define snprintf _snprintf +#endif + +#if defined _MSC_VER && !defined vsnprintf +#define vsnprintf _vsnprintf +#endif + +char *debug_fmt( const char *format, ... ) +{ + va_list argp; + static char str[512]; + int maxlen = sizeof( str ) - 1; + + va_start( argp, format ); + vsnprintf( str, maxlen, format, argp ); + va_end( argp ); + + str[maxlen] = '\0'; + return( str ); +} + +void debug_print_msg( const ssl_context *ssl, int level, + const char *file, int line, const char *text ) +{ + char str[512]; + int maxlen = sizeof( str ) - 1; + + if( ssl->f_dbg == NULL ) + return; + + snprintf( str, maxlen, "%s(%04d): %s\n", file, line, text ); + str[maxlen] = '\0'; + ssl->f_dbg( ssl->p_dbg, level, str ); +} + +void debug_print_ret( const ssl_context *ssl, int level, + const char *file, int line, + const char *text, int ret ) +{ + char str[512]; + int maxlen = sizeof( str ) - 1; + + if( ssl->f_dbg == NULL ) + return; + + snprintf( str, maxlen, "%s(%04d): %s() returned %d (0x%x)\n", + file, line, text, ret, ret ); + + str[maxlen] = '\0'; + ssl->f_dbg( ssl->p_dbg, level, str ); +} + +void debug_print_buf( const ssl_context *ssl, int level, + const char *file, int line, const char *text, + unsigned char *buf, size_t len ) +{ + char str[512]; + size_t i, maxlen = sizeof( str ) - 1; + + if( ssl->f_dbg == NULL ) + return; + + snprintf( str, maxlen, "%s(%04d): dumping '%s' (%d bytes)\n", + file, line, text, (unsigned int) len ); + + str[maxlen] = '\0'; + ssl->f_dbg( ssl->p_dbg, level, str ); + + for( i = 0; i < len; i++ ) + { + if( i >= 4096 ) + break; + + if( i % 16 == 0 ) + { + if( i > 0 ) + ssl->f_dbg( ssl->p_dbg, level, "\n" ); + + snprintf( str, maxlen, "%s(%04d): %04x: ", file, line, + (unsigned int) i ); + + str[maxlen] = '\0'; + ssl->f_dbg( ssl->p_dbg, level, str ); + } + + snprintf( str, maxlen, " %02x", (unsigned int) buf[i] ); + + str[maxlen] = '\0'; + ssl->f_dbg( ssl->p_dbg, level, str ); + } + + if( len > 0 ) + ssl->f_dbg( ssl->p_dbg, level, "\n" ); +} + +void debug_print_mpi( const ssl_context *ssl, int level, + const char *file, int line, + const char *text, const mpi *X ) +{ + char str[512]; + int j, k, maxlen = sizeof( str ) - 1, zeros = 1; + size_t i, n; + + if( ssl->f_dbg == NULL || X == NULL ) + return; + + for( n = X->n - 1; n > 0; n-- ) + if( X->p[n] != 0 ) + break; + + for( j = ( sizeof(t_uint) << 3 ) - 1; j >= 0; j-- ) + if( ( ( X->p[n] >> j ) & 1 ) != 0 ) + break; + + snprintf( str, maxlen, "%s(%04d): value of '%s' (%d bits) is:\n", + file, line, text, + (int) ( ( n * ( sizeof(t_uint) << 3 ) ) + j + 1 ) ); + + str[maxlen] = '\0'; + ssl->f_dbg( ssl->p_dbg, level, str ); + + for( i = n + 1, j = 0; i > 0; i-- ) + { + if( zeros && X->p[i - 1] == 0 ) + continue; + + for( k = sizeof( t_uint ) - 1; k >= 0; k-- ) + { + if( zeros && ( ( X->p[i - 1] >> (k << 3) ) & 0xFF ) == 0 ) + continue; + else + zeros = 0; + + if( j % 16 == 0 ) + { + if( j > 0 ) + ssl->f_dbg( ssl->p_dbg, level, "\n" ); + + snprintf( str, maxlen, "%s(%04d): ", file, line ); + + str[maxlen] = '\0'; + ssl->f_dbg( ssl->p_dbg, level, str ); + } + + snprintf( str, maxlen, " %02x", (unsigned int) + ( X->p[i - 1] >> (k << 3) ) & 0xFF ); + + str[maxlen] = '\0'; + ssl->f_dbg( ssl->p_dbg, level, str ); + + j++; + } + + } + + if( zeros == 1 ) + { + snprintf( str, maxlen, "%s(%04d): ", file, line ); + + str[maxlen] = '\0'; + ssl->f_dbg( ssl->p_dbg, level, str ); + ssl->f_dbg( ssl->p_dbg, level, " 00" ); + } + + ssl->f_dbg( ssl->p_dbg, level, "\n" ); +} + +void debug_print_crt( const ssl_context *ssl, int level, + const char *file, int line, + const char *text, const x509_cert *crt ) +{ + char str[1024], prefix[64]; + int i = 0, maxlen = sizeof( prefix ) - 1; + + if( ssl->f_dbg == NULL || crt == NULL ) + return; + + snprintf( prefix, maxlen, "%s(%04d): ", file, line ); + prefix[maxlen] = '\0'; + maxlen = sizeof( str ) - 1; + + while( crt != NULL ) + { + char buf[1024]; + x509parse_cert_info( buf, sizeof( buf ) - 1, prefix, crt ); + + snprintf( str, maxlen, "%s(%04d): %s #%d:\n%s", + file, line, text, ++i, buf ); + + str[maxlen] = '\0'; + ssl->f_dbg( ssl->p_dbg, level, str ); + + debug_print_mpi( ssl, level, file, line, + "crt->rsa.N", &crt->rsa.N ); + + debug_print_mpi( ssl, level, file, line, + "crt->rsa.E", &crt->rsa.E ); + + crt = crt->next; + } +} + +#endif diff --git a/polarssl/debug.h b/polarssl/debug.h new file mode 100644 index 0000000..d85b6d3 --- /dev/null +++ b/polarssl/debug.h @@ -0,0 +1,89 @@ +/** + * \file debug.h + * + * \brief Debug functions + * + * Copyright (C) 2006-2011, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef POLARSSL_DEBUG_H +#define POLARSSL_DEBUG_H + +#include "polarssl/config.h" +#include "polarssl/ssl.h" + +#if defined(POLARSSL_DEBUG_C) + +#define SSL_DEBUG_MSG( level, args ) \ + debug_print_msg( ssl, level, __FILE__, __LINE__, debug_fmt args ); + +#define SSL_DEBUG_RET( level, text, ret ) \ + debug_print_ret( ssl, level, __FILE__, __LINE__, text, ret ); + +#define SSL_DEBUG_BUF( level, text, buf, len ) \ + debug_print_buf( ssl, level, __FILE__, __LINE__, text, buf, len ); + +#define SSL_DEBUG_MPI( level, text, X ) \ + debug_print_mpi( ssl, level, __FILE__, __LINE__, text, X ); + +#define SSL_DEBUG_CRT( level, text, crt ) \ + debug_print_crt( ssl, level, __FILE__, __LINE__, text, crt ); + +#else + +#define SSL_DEBUG_MSG( level, args ) do { } while( 0 ) +#define SSL_DEBUG_RET( level, text, ret ) do { } while( 0 ) +#define SSL_DEBUG_BUF( level, text, buf, len ) do { } while( 0 ) +#define SSL_DEBUG_MPI( level, text, X ) do { } while( 0 ) +#define SSL_DEBUG_CRT( level, text, crt ) do { } while( 0 ) + +#endif + +#ifdef __cplusplus +extern "C" { +#endif + +char *debug_fmt( const char *format, ... ); + +void debug_print_msg( const ssl_context *ssl, int level, + const char *file, int line, const char *text ); + +void debug_print_ret( const ssl_context *ssl, int level, + const char *file, int line, + const char *text, int ret ); + +void debug_print_buf( const ssl_context *ssl, int level, + const char *file, int line, const char *text, + unsigned char *buf, size_t len ); + +void debug_print_mpi( const ssl_context *ssl, int level, + const char *file, int line, + const char *text, const mpi *X ); + +void debug_print_crt( const ssl_context *ssl, int level, + const char *file, int line, + const char *text, const x509_cert *crt ); + +#ifdef __cplusplus +} +#endif + +#endif /* debug.h */ diff --git a/polarssl/des.c b/polarssl/des.c new file mode 100644 index 0000000..0cf4b3d --- /dev/null +++ b/polarssl/des.c @@ -0,0 +1,997 @@ +/* + * FIPS-46-3 compliant Triple-DES implementation + * + * Copyright (C) 2006-2013, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +/* + * DES, on which TDES is based, was originally designed by Horst Feistel + * at IBM in 1974, and was adopted as a standard by NIST (formerly NBS). + * + * http://csrc.nist.gov/publications/fips/fips46-3/fips46-3.pdf + */ + +#include "polarssl/config.h" + +#if defined(POLARSSL_DES_C) + +#include "polarssl/des.h" + +#if !defined(POLARSSL_DES_ALT) + +/* + * 32-bit integer manipulation macros (big endian) + */ +#ifndef GET_UINT32_BE +#define GET_UINT32_BE(n,b,i) \ +{ \ + (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ + | ( (uint32_t) (b)[(i) + 1] << 16 ) \ + | ( (uint32_t) (b)[(i) + 2] << 8 ) \ + | ( (uint32_t) (b)[(i) + 3] ); \ +} +#endif + +#ifndef PUT_UINT32_BE +#define PUT_UINT32_BE(n,b,i) \ +{ \ + (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ + (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ + (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ + (b)[(i) + 3] = (unsigned char) ( (n) ); \ +} +#endif + +/* + * Expanded DES S-boxes + */ +static const uint32_t SB1[64] = +{ + 0x01010400, 0x00000000, 0x00010000, 0x01010404, + 0x01010004, 0x00010404, 0x00000004, 0x00010000, + 0x00000400, 0x01010400, 0x01010404, 0x00000400, + 0x01000404, 0x01010004, 0x01000000, 0x00000004, + 0x00000404, 0x01000400, 0x01000400, 0x00010400, + 0x00010400, 0x01010000, 0x01010000, 0x01000404, + 0x00010004, 0x01000004, 0x01000004, 0x00010004, + 0x00000000, 0x00000404, 0x00010404, 0x01000000, + 0x00010000, 0x01010404, 0x00000004, 0x01010000, + 0x01010400, 0x01000000, 0x01000000, 0x00000400, + 0x01010004, 0x00010000, 0x00010400, 0x01000004, + 0x00000400, 0x00000004, 0x01000404, 0x00010404, + 0x01010404, 0x00010004, 0x01010000, 0x01000404, + 0x01000004, 0x00000404, 0x00010404, 0x01010400, + 0x00000404, 0x01000400, 0x01000400, 0x00000000, + 0x00010004, 0x00010400, 0x00000000, 0x01010004 +}; + +static const uint32_t SB2[64] = +{ + 0x80108020, 0x80008000, 0x00008000, 0x00108020, + 0x00100000, 0x00000020, 0x80100020, 0x80008020, + 0x80000020, 0x80108020, 0x80108000, 0x80000000, + 0x80008000, 0x00100000, 0x00000020, 0x80100020, + 0x00108000, 0x00100020, 0x80008020, 0x00000000, + 0x80000000, 0x00008000, 0x00108020, 0x80100000, + 0x00100020, 0x80000020, 0x00000000, 0x00108000, + 0x00008020, 0x80108000, 0x80100000, 0x00008020, + 0x00000000, 0x00108020, 0x80100020, 0x00100000, + 0x80008020, 0x80100000, 0x80108000, 0x00008000, + 0x80100000, 0x80008000, 0x00000020, 0x80108020, + 0x00108020, 0x00000020, 0x00008000, 0x80000000, + 0x00008020, 0x80108000, 0x00100000, 0x80000020, + 0x00100020, 0x80008020, 0x80000020, 0x00100020, + 0x00108000, 0x00000000, 0x80008000, 0x00008020, + 0x80000000, 0x80100020, 0x80108020, 0x00108000 +}; + +static const uint32_t SB3[64] = +{ + 0x00000208, 0x08020200, 0x00000000, 0x08020008, + 0x08000200, 0x00000000, 0x00020208, 0x08000200, + 0x00020008, 0x08000008, 0x08000008, 0x00020000, + 0x08020208, 0x00020008, 0x08020000, 0x00000208, + 0x08000000, 0x00000008, 0x08020200, 0x00000200, + 0x00020200, 0x08020000, 0x08020008, 0x00020208, + 0x08000208, 0x00020200, 0x00020000, 0x08000208, + 0x00000008, 0x08020208, 0x00000200, 0x08000000, + 0x08020200, 0x08000000, 0x00020008, 0x00000208, + 0x00020000, 0x08020200, 0x08000200, 0x00000000, + 0x00000200, 0x00020008, 0x08020208, 0x08000200, + 0x08000008, 0x00000200, 0x00000000, 0x08020008, + 0x08000208, 0x00020000, 0x08000000, 0x08020208, + 0x00000008, 0x00020208, 0x00020200, 0x08000008, + 0x08020000, 0x08000208, 0x00000208, 0x08020000, + 0x00020208, 0x00000008, 0x08020008, 0x00020200 +}; + +static const uint32_t SB4[64] = +{ + 0x00802001, 0x00002081, 0x00002081, 0x00000080, + 0x00802080, 0x00800081, 0x00800001, 0x00002001, + 0x00000000, 0x00802000, 0x00802000, 0x00802081, + 0x00000081, 0x00000000, 0x00800080, 0x00800001, + 0x00000001, 0x00002000, 0x00800000, 0x00802001, + 0x00000080, 0x00800000, 0x00002001, 0x00002080, + 0x00800081, 0x00000001, 0x00002080, 0x00800080, + 0x00002000, 0x00802080, 0x00802081, 0x00000081, + 0x00800080, 0x00800001, 0x00802000, 0x00802081, + 0x00000081, 0x00000000, 0x00000000, 0x00802000, + 0x00002080, 0x00800080, 0x00800081, 0x00000001, + 0x00802001, 0x00002081, 0x00002081, 0x00000080, + 0x00802081, 0x00000081, 0x00000001, 0x00002000, + 0x00800001, 0x00002001, 0x00802080, 0x00800081, + 0x00002001, 0x00002080, 0x00800000, 0x00802001, + 0x00000080, 0x00800000, 0x00002000, 0x00802080 +}; + +static const uint32_t SB5[64] = +{ + 0x00000100, 0x02080100, 0x02080000, 0x42000100, + 0x00080000, 0x00000100, 0x40000000, 0x02080000, + 0x40080100, 0x00080000, 0x02000100, 0x40080100, + 0x42000100, 0x42080000, 0x00080100, 0x40000000, + 0x02000000, 0x40080000, 0x40080000, 0x00000000, + 0x40000100, 0x42080100, 0x42080100, 0x02000100, + 0x42080000, 0x40000100, 0x00000000, 0x42000000, + 0x02080100, 0x02000000, 0x42000000, 0x00080100, + 0x00080000, 0x42000100, 0x00000100, 0x02000000, + 0x40000000, 0x02080000, 0x42000100, 0x40080100, + 0x02000100, 0x40000000, 0x42080000, 0x02080100, + 0x40080100, 0x00000100, 0x02000000, 0x42080000, + 0x42080100, 0x00080100, 0x42000000, 0x42080100, + 0x02080000, 0x00000000, 0x40080000, 0x42000000, + 0x00080100, 0x02000100, 0x40000100, 0x00080000, + 0x00000000, 0x40080000, 0x02080100, 0x40000100 +}; + +static const uint32_t SB6[64] = +{ + 0x20000010, 0x20400000, 0x00004000, 0x20404010, + 0x20400000, 0x00000010, 0x20404010, 0x00400000, + 0x20004000, 0x00404010, 0x00400000, 0x20000010, + 0x00400010, 0x20004000, 0x20000000, 0x00004010, + 0x00000000, 0x00400010, 0x20004010, 0x00004000, + 0x00404000, 0x20004010, 0x00000010, 0x20400010, + 0x20400010, 0x00000000, 0x00404010, 0x20404000, + 0x00004010, 0x00404000, 0x20404000, 0x20000000, + 0x20004000, 0x00000010, 0x20400010, 0x00404000, + 0x20404010, 0x00400000, 0x00004010, 0x20000010, + 0x00400000, 0x20004000, 0x20000000, 0x00004010, + 0x20000010, 0x20404010, 0x00404000, 0x20400000, + 0x00404010, 0x20404000, 0x00000000, 0x20400010, + 0x00000010, 0x00004000, 0x20400000, 0x00404010, + 0x00004000, 0x00400010, 0x20004010, 0x00000000, + 0x20404000, 0x20000000, 0x00400010, 0x20004010 +}; + +static const uint32_t SB7[64] = +{ + 0x00200000, 0x04200002, 0x04000802, 0x00000000, + 0x00000800, 0x04000802, 0x00200802, 0x04200800, + 0x04200802, 0x00200000, 0x00000000, 0x04000002, + 0x00000002, 0x04000000, 0x04200002, 0x00000802, + 0x04000800, 0x00200802, 0x00200002, 0x04000800, + 0x04000002, 0x04200000, 0x04200800, 0x00200002, + 0x04200000, 0x00000800, 0x00000802, 0x04200802, + 0x00200800, 0x00000002, 0x04000000, 0x00200800, + 0x04000000, 0x00200800, 0x00200000, 0x04000802, + 0x04000802, 0x04200002, 0x04200002, 0x00000002, + 0x00200002, 0x04000000, 0x04000800, 0x00200000, + 0x04200800, 0x00000802, 0x00200802, 0x04200800, + 0x00000802, 0x04000002, 0x04200802, 0x04200000, + 0x00200800, 0x00000000, 0x00000002, 0x04200802, + 0x00000000, 0x00200802, 0x04200000, 0x00000800, + 0x04000002, 0x04000800, 0x00000800, 0x00200002 +}; + +static const uint32_t SB8[64] = +{ + 0x10001040, 0x00001000, 0x00040000, 0x10041040, + 0x10000000, 0x10001040, 0x00000040, 0x10000000, + 0x00040040, 0x10040000, 0x10041040, 0x00041000, + 0x10041000, 0x00041040, 0x00001000, 0x00000040, + 0x10040000, 0x10000040, 0x10001000, 0x00001040, + 0x00041000, 0x00040040, 0x10040040, 0x10041000, + 0x00001040, 0x00000000, 0x00000000, 0x10040040, + 0x10000040, 0x10001000, 0x00041040, 0x00040000, + 0x00041040, 0x00040000, 0x10041000, 0x00001000, + 0x00000040, 0x10040040, 0x00001000, 0x00041040, + 0x10001000, 0x00000040, 0x10000040, 0x10040000, + 0x10040040, 0x10000000, 0x00040000, 0x10001040, + 0x00000000, 0x10041040, 0x00040040, 0x10000040, + 0x10040000, 0x10001000, 0x10001040, 0x00000000, + 0x10041040, 0x00041000, 0x00041000, 0x00001040, + 0x00001040, 0x00040040, 0x10000000, 0x10041000 +}; + +/* + * PC1: left and right halves bit-swap + */ +static const uint32_t LHs[16] = +{ + 0x00000000, 0x00000001, 0x00000100, 0x00000101, + 0x00010000, 0x00010001, 0x00010100, 0x00010101, + 0x01000000, 0x01000001, 0x01000100, 0x01000101, + 0x01010000, 0x01010001, 0x01010100, 0x01010101 +}; + +static const uint32_t RHs[16] = +{ + 0x00000000, 0x01000000, 0x00010000, 0x01010000, + 0x00000100, 0x01000100, 0x00010100, 0x01010100, + 0x00000001, 0x01000001, 0x00010001, 0x01010001, + 0x00000101, 0x01000101, 0x00010101, 0x01010101, +}; + +/* + * Initial Permutation macro + */ +#define DES_IP(X,Y) \ +{ \ + T = ((X >> 4) ^ Y) & 0x0F0F0F0F; Y ^= T; X ^= (T << 4); \ + T = ((X >> 16) ^ Y) & 0x0000FFFF; Y ^= T; X ^= (T << 16); \ + T = ((Y >> 2) ^ X) & 0x33333333; X ^= T; Y ^= (T << 2); \ + T = ((Y >> 8) ^ X) & 0x00FF00FF; X ^= T; Y ^= (T << 8); \ + Y = ((Y << 1) | (Y >> 31)) & 0xFFFFFFFF; \ + T = (X ^ Y) & 0xAAAAAAAA; Y ^= T; X ^= T; \ + X = ((X << 1) | (X >> 31)) & 0xFFFFFFFF; \ +} + +/* + * Final Permutation macro + */ +#define DES_FP(X,Y) \ +{ \ + X = ((X << 31) | (X >> 1)) & 0xFFFFFFFF; \ + T = (X ^ Y) & 0xAAAAAAAA; X ^= T; Y ^= T; \ + Y = ((Y << 31) | (Y >> 1)) & 0xFFFFFFFF; \ + T = ((Y >> 8) ^ X) & 0x00FF00FF; X ^= T; Y ^= (T << 8); \ + T = ((Y >> 2) ^ X) & 0x33333333; X ^= T; Y ^= (T << 2); \ + T = ((X >> 16) ^ Y) & 0x0000FFFF; Y ^= T; X ^= (T << 16); \ + T = ((X >> 4) ^ Y) & 0x0F0F0F0F; Y ^= T; X ^= (T << 4); \ +} + +/* + * DES round macro + */ +#define DES_ROUND(X,Y) \ +{ \ + T = *SK++ ^ X; \ + Y ^= SB8[ (T ) & 0x3F ] ^ \ + SB6[ (T >> 8) & 0x3F ] ^ \ + SB4[ (T >> 16) & 0x3F ] ^ \ + SB2[ (T >> 24) & 0x3F ]; \ + \ + T = *SK++ ^ ((X << 28) | (X >> 4)); \ + Y ^= SB7[ (T ) & 0x3F ] ^ \ + SB5[ (T >> 8) & 0x3F ] ^ \ + SB3[ (T >> 16) & 0x3F ] ^ \ + SB1[ (T >> 24) & 0x3F ]; \ +} + +#define SWAP(a,b) { uint32_t t = a; a = b; b = t; t = 0; } + +static const unsigned char odd_parity_table[128] = { 1, 2, 4, 7, 8, + 11, 13, 14, 16, 19, 21, 22, 25, 26, 28, 31, 32, 35, 37, 38, 41, 42, 44, + 47, 49, 50, 52, 55, 56, 59, 61, 62, 64, 67, 69, 70, 73, 74, 76, 79, 81, + 82, 84, 87, 88, 91, 93, 94, 97, 98, 100, 103, 104, 107, 109, 110, 112, + 115, 117, 118, 121, 122, 124, 127, 128, 131, 133, 134, 137, 138, 140, + 143, 145, 146, 148, 151, 152, 155, 157, 158, 161, 162, 164, 167, 168, + 171, 173, 174, 176, 179, 181, 182, 185, 186, 188, 191, 193, 194, 196, + 199, 200, 203, 205, 206, 208, 211, 213, 214, 217, 218, 220, 223, 224, + 227, 229, 230, 233, 234, 236, 239, 241, 242, 244, 247, 248, 251, 253, + 254 }; + +void des_key_set_parity( unsigned char key[DES_KEY_SIZE] ) +{ + int i; + + for( i = 0; i < DES_KEY_SIZE; i++ ) + key[i] = odd_parity_table[key[i] / 2]; +} + +/* + * Check the given key's parity, returns 1 on failure, 0 on SUCCESS + */ +int des_key_check_key_parity( const unsigned char key[DES_KEY_SIZE] ) +{ + int i; + + for( i = 0; i < DES_KEY_SIZE; i++ ) + if ( key[i] != odd_parity_table[key[i] / 2] ) + return( 1 ); + + return( 0 ); +} + +/* + * Table of weak and semi-weak keys + * + * Source: http://en.wikipedia.org/wiki/Weak_key + * + * Weak: + * Alternating ones + zeros (0x0101010101010101) + * Alternating 'F' + 'E' (0xFEFEFEFEFEFEFEFE) + * '0xE0E0E0E0F1F1F1F1' + * '0x1F1F1F1F0E0E0E0E' + * + * Semi-weak: + * 0x011F011F010E010E and 0x1F011F010E010E01 + * 0x01E001E001F101F1 and 0xE001E001F101F101 + * 0x01FE01FE01FE01FE and 0xFE01FE01FE01FE01 + * 0x1FE01FE00EF10EF1 and 0xE01FE01FF10EF10E + * 0x1FFE1FFE0EFE0EFE and 0xFE1FFE1FFE0EFE0E + * 0xE0FEE0FEF1FEF1FE and 0xFEE0FEE0FEF1FEF1 + * + */ + +#define WEAK_KEY_COUNT 16 + +static const unsigned char weak_key_table[WEAK_KEY_COUNT][DES_KEY_SIZE] = +{ + { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, + { 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE }, + { 0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E }, + { 0xE0, 0xE0, 0xE0, 0xE0, 0xF1, 0xF1, 0xF1, 0xF1 }, + + { 0x01, 0x1F, 0x01, 0x1F, 0x01, 0x0E, 0x01, 0x0E }, + { 0x1F, 0x01, 0x1F, 0x01, 0x0E, 0x01, 0x0E, 0x01 }, + { 0x01, 0xE0, 0x01, 0xE0, 0x01, 0xF1, 0x01, 0xF1 }, + { 0xE0, 0x01, 0xE0, 0x01, 0xF1, 0x01, 0xF1, 0x01 }, + { 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE }, + { 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01 }, + { 0x1F, 0xE0, 0x1F, 0xE0, 0x0E, 0xF1, 0x0E, 0xF1 }, + { 0xE0, 0x1F, 0xE0, 0x1F, 0xF1, 0x0E, 0xF1, 0x0E }, + { 0x1F, 0xFE, 0x1F, 0xFE, 0x0E, 0xFE, 0x0E, 0xFE }, + { 0xFE, 0x1F, 0xFE, 0x1F, 0xFE, 0x0E, 0xFE, 0x0E }, + { 0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1, 0xFE }, + { 0xFE, 0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1 } +}; + +int des_key_check_weak( const unsigned char key[DES_KEY_SIZE] ) +{ + int i; + + for( i = 0; i < WEAK_KEY_COUNT; i++ ) + if( memcmp( weak_key_table[i], key, DES_KEY_SIZE) == 0) + return( 1 ); + + return( 0 ); +} + +static void des_setkey( uint32_t SK[32], const unsigned char key[DES_KEY_SIZE] ) +{ + int i; + uint32_t X, Y, T; + + GET_UINT32_BE( X, key, 0 ); + GET_UINT32_BE( Y, key, 4 ); + + /* + * Permuted Choice 1 + */ + T = ((Y >> 4) ^ X) & 0x0F0F0F0F; X ^= T; Y ^= (T << 4); + T = ((Y ) ^ X) & 0x10101010; X ^= T; Y ^= (T ); + + X = (LHs[ (X ) & 0xF] << 3) | (LHs[ (X >> 8) & 0xF ] << 2) + | (LHs[ (X >> 16) & 0xF] << 1) | (LHs[ (X >> 24) & 0xF ] ) + | (LHs[ (X >> 5) & 0xF] << 7) | (LHs[ (X >> 13) & 0xF ] << 6) + | (LHs[ (X >> 21) & 0xF] << 5) | (LHs[ (X >> 29) & 0xF ] << 4); + + Y = (RHs[ (Y >> 1) & 0xF] << 3) | (RHs[ (Y >> 9) & 0xF ] << 2) + | (RHs[ (Y >> 17) & 0xF] << 1) | (RHs[ (Y >> 25) & 0xF ] ) + | (RHs[ (Y >> 4) & 0xF] << 7) | (RHs[ (Y >> 12) & 0xF ] << 6) + | (RHs[ (Y >> 20) & 0xF] << 5) | (RHs[ (Y >> 28) & 0xF ] << 4); + + X &= 0x0FFFFFFF; + Y &= 0x0FFFFFFF; + + /* + * calculate subkeys + */ + for( i = 0; i < 16; i++ ) + { + if( i < 2 || i == 8 || i == 15 ) + { + X = ((X << 1) | (X >> 27)) & 0x0FFFFFFF; + Y = ((Y << 1) | (Y >> 27)) & 0x0FFFFFFF; + } + else + { + X = ((X << 2) | (X >> 26)) & 0x0FFFFFFF; + Y = ((Y << 2) | (Y >> 26)) & 0x0FFFFFFF; + } + + *SK++ = ((X << 4) & 0x24000000) | ((X << 28) & 0x10000000) + | ((X << 14) & 0x08000000) | ((X << 18) & 0x02080000) + | ((X << 6) & 0x01000000) | ((X << 9) & 0x00200000) + | ((X >> 1) & 0x00100000) | ((X << 10) & 0x00040000) + | ((X << 2) & 0x00020000) | ((X >> 10) & 0x00010000) + | ((Y >> 13) & 0x00002000) | ((Y >> 4) & 0x00001000) + | ((Y << 6) & 0x00000800) | ((Y >> 1) & 0x00000400) + | ((Y >> 14) & 0x00000200) | ((Y ) & 0x00000100) + | ((Y >> 5) & 0x00000020) | ((Y >> 10) & 0x00000010) + | ((Y >> 3) & 0x00000008) | ((Y >> 18) & 0x00000004) + | ((Y >> 26) & 0x00000002) | ((Y >> 24) & 0x00000001); + + *SK++ = ((X << 15) & 0x20000000) | ((X << 17) & 0x10000000) + | ((X << 10) & 0x08000000) | ((X << 22) & 0x04000000) + | ((X >> 2) & 0x02000000) | ((X << 1) & 0x01000000) + | ((X << 16) & 0x00200000) | ((X << 11) & 0x00100000) + | ((X << 3) & 0x00080000) | ((X >> 6) & 0x00040000) + | ((X << 15) & 0x00020000) | ((X >> 4) & 0x00010000) + | ((Y >> 2) & 0x00002000) | ((Y << 8) & 0x00001000) + | ((Y >> 14) & 0x00000808) | ((Y >> 9) & 0x00000400) + | ((Y ) & 0x00000200) | ((Y << 7) & 0x00000100) + | ((Y >> 7) & 0x00000020) | ((Y >> 3) & 0x00000011) + | ((Y << 2) & 0x00000004) | ((Y >> 21) & 0x00000002); + } +} + +/* + * DES key schedule (56-bit, encryption) + */ +int des_setkey_enc( des_context *ctx, const unsigned char key[DES_KEY_SIZE] ) +{ + des_setkey( ctx->sk, key ); + + return( 0 ); +} + +/* + * DES key schedule (56-bit, decryption) + */ +int des_setkey_dec( des_context *ctx, const unsigned char key[DES_KEY_SIZE] ) +{ + int i; + + des_setkey( ctx->sk, key ); + + for( i = 0; i < 16; i += 2 ) + { + SWAP( ctx->sk[i ], ctx->sk[30 - i] ); + SWAP( ctx->sk[i + 1], ctx->sk[31 - i] ); + } + + return( 0 ); +} + +static void des3_set2key( uint32_t esk[96], + uint32_t dsk[96], + const unsigned char key[DES_KEY_SIZE*2] ) +{ + int i; + + des_setkey( esk, key ); + des_setkey( dsk + 32, key + 8 ); + + for( i = 0; i < 32; i += 2 ) + { + dsk[i ] = esk[30 - i]; + dsk[i + 1] = esk[31 - i]; + + esk[i + 32] = dsk[62 - i]; + esk[i + 33] = dsk[63 - i]; + + esk[i + 64] = esk[i ]; + esk[i + 65] = esk[i + 1]; + + dsk[i + 64] = dsk[i ]; + dsk[i + 65] = dsk[i + 1]; + } +} + +/* + * Triple-DES key schedule (112-bit, encryption) + */ +int des3_set2key_enc( des3_context *ctx, const unsigned char key[DES_KEY_SIZE * 2] ) +{ + uint32_t sk[96]; + + des3_set2key( ctx->sk, sk, key ); + memset( sk, 0, sizeof( sk ) ); + + return( 0 ); +} + +/* + * Triple-DES key schedule (112-bit, decryption) + */ +int des3_set2key_dec( des3_context *ctx, const unsigned char key[DES_KEY_SIZE * 2] ) +{ + uint32_t sk[96]; + + des3_set2key( sk, ctx->sk, key ); + memset( sk, 0, sizeof( sk ) ); + + return( 0 ); +} + +static void des3_set3key( uint32_t esk[96], + uint32_t dsk[96], + const unsigned char key[24] ) +{ + int i; + + des_setkey( esk, key ); + des_setkey( dsk + 32, key + 8 ); + des_setkey( esk + 64, key + 16 ); + + for( i = 0; i < 32; i += 2 ) + { + dsk[i ] = esk[94 - i]; + dsk[i + 1] = esk[95 - i]; + + esk[i + 32] = dsk[62 - i]; + esk[i + 33] = dsk[63 - i]; + + dsk[i + 64] = esk[30 - i]; + dsk[i + 65] = esk[31 - i]; + } +} + +/* + * Triple-DES key schedule (168-bit, encryption) + */ +int des3_set3key_enc( des3_context *ctx, const unsigned char key[DES_KEY_SIZE * 3] ) +{ + uint32_t sk[96]; + + des3_set3key( ctx->sk, sk, key ); + memset( sk, 0, sizeof( sk ) ); + + return( 0 ); +} + +/* + * Triple-DES key schedule (168-bit, decryption) + */ +int des3_set3key_dec( des3_context *ctx, const unsigned char key[DES_KEY_SIZE * 3] ) +{ + uint32_t sk[96]; + + des3_set3key( sk, ctx->sk, key ); + memset( sk, 0, sizeof( sk ) ); + + return( 0 ); +} + +/* + * DES-ECB block encryption/decryption + */ +int des_crypt_ecb( des_context *ctx, + const unsigned char input[8], + unsigned char output[8] ) +{ + int i; + uint32_t X, Y, T, *SK; + + SK = ctx->sk; + + GET_UINT32_BE( X, input, 0 ); + GET_UINT32_BE( Y, input, 4 ); + + DES_IP( X, Y ); + + for( i = 0; i < 8; i++ ) + { + DES_ROUND( Y, X ); + DES_ROUND( X, Y ); + } + + DES_FP( Y, X ); + + PUT_UINT32_BE( Y, output, 0 ); + PUT_UINT32_BE( X, output, 4 ); + + return( 0 ); +} + +/* + * DES-CBC buffer encryption/decryption + */ +int des_crypt_cbc( des_context *ctx, + int mode, + size_t length, + unsigned char iv[8], + const unsigned char *input, + unsigned char *output ) +{ + int i; + unsigned char temp[8]; + + if( length % 8 ) + return( POLARSSL_ERR_DES_INVALID_INPUT_LENGTH ); + + if( mode == DES_ENCRYPT ) + { + while( length > 0 ) + { + for( i = 0; i < 8; i++ ) + output[i] = (unsigned char)( input[i] ^ iv[i] ); + + des_crypt_ecb( ctx, output, output ); + memcpy( iv, output, 8 ); + + input += 8; + output += 8; + length -= 8; + } + } + else /* DES_DECRYPT */ + { + while( length > 0 ) + { + memcpy( temp, input, 8 ); + des_crypt_ecb( ctx, input, output ); + + for( i = 0; i < 8; i++ ) + output[i] = (unsigned char)( output[i] ^ iv[i] ); + + memcpy( iv, temp, 8 ); + + input += 8; + output += 8; + length -= 8; + } + } + + return( 0 ); +} + +/* + * 3DES-ECB block encryption/decryption + */ +int des3_crypt_ecb( des3_context *ctx, + const unsigned char input[8], + unsigned char output[8] ) +{ + int i; + uint32_t X, Y, T, *SK; + + SK = ctx->sk; + + GET_UINT32_BE( X, input, 0 ); + GET_UINT32_BE( Y, input, 4 ); + + DES_IP( X, Y ); + + for( i = 0; i < 8; i++ ) + { + DES_ROUND( Y, X ); + DES_ROUND( X, Y ); + } + + for( i = 0; i < 8; i++ ) + { + DES_ROUND( X, Y ); + DES_ROUND( Y, X ); + } + + for( i = 0; i < 8; i++ ) + { + DES_ROUND( Y, X ); + DES_ROUND( X, Y ); + } + + DES_FP( Y, X ); + + PUT_UINT32_BE( Y, output, 0 ); + PUT_UINT32_BE( X, output, 4 ); + + return( 0 ); +} + +/* + * 3DES-CBC buffer encryption/decryption + */ +int des3_crypt_cbc( des3_context *ctx, + int mode, + size_t length, + unsigned char iv[8], + const unsigned char *input, + unsigned char *output ) +{ + int i; + unsigned char temp[8]; + + if( length % 8 ) + return( POLARSSL_ERR_DES_INVALID_INPUT_LENGTH ); + + if( mode == DES_ENCRYPT ) + { + while( length > 0 ) + { + for( i = 0; i < 8; i++ ) + output[i] = (unsigned char)( input[i] ^ iv[i] ); + + des3_crypt_ecb( ctx, output, output ); + memcpy( iv, output, 8 ); + + input += 8; + output += 8; + length -= 8; + } + } + else /* DES_DECRYPT */ + { + while( length > 0 ) + { + memcpy( temp, input, 8 ); + des3_crypt_ecb( ctx, input, output ); + + for( i = 0; i < 8; i++ ) + output[i] = (unsigned char)( output[i] ^ iv[i] ); + + memcpy( iv, temp, 8 ); + + input += 8; + output += 8; + length -= 8; + } + } + + return( 0 ); +} + +#endif /* !POLARSSL_DES_ALT */ + +#if defined(POLARSSL_SELF_TEST) + +#include + +/* + * DES and 3DES test vectors from: + * + * http://csrc.nist.gov/groups/STM/cavp/documents/des/tripledes-vectors.zip + */ +static const unsigned char des3_test_keys[24] = +{ + 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, + 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, 0x01, + 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, 0x01, 0x23 +}; + +static const unsigned char des3_test_iv[8] = +{ + 0x12, 0x34, 0x56, 0x78, 0x90, 0xAB, 0xCD, 0xEF, +}; + +static const unsigned char des3_test_buf[8] = +{ + 0x4E, 0x6F, 0x77, 0x20, 0x69, 0x73, 0x20, 0x74 +}; + +static const unsigned char des3_test_ecb_dec[3][8] = +{ + { 0xCD, 0xD6, 0x4F, 0x2F, 0x94, 0x27, 0xC1, 0x5D }, + { 0x69, 0x96, 0xC8, 0xFA, 0x47, 0xA2, 0xAB, 0xEB }, + { 0x83, 0x25, 0x39, 0x76, 0x44, 0x09, 0x1A, 0x0A } +}; + +static const unsigned char des3_test_ecb_enc[3][8] = +{ + { 0x6A, 0x2A, 0x19, 0xF4, 0x1E, 0xCA, 0x85, 0x4B }, + { 0x03, 0xE6, 0x9F, 0x5B, 0xFA, 0x58, 0xEB, 0x42 }, + { 0xDD, 0x17, 0xE8, 0xB8, 0xB4, 0x37, 0xD2, 0x32 } +}; + +static const unsigned char des3_test_cbc_dec[3][8] = +{ + { 0x12, 0x9F, 0x40, 0xB9, 0xD2, 0x00, 0x56, 0xB3 }, + { 0x47, 0x0E, 0xFC, 0x9A, 0x6B, 0x8E, 0xE3, 0x93 }, + { 0xC5, 0xCE, 0xCF, 0x63, 0xEC, 0xEC, 0x51, 0x4C } +}; + +static const unsigned char des3_test_cbc_enc[3][8] = +{ + { 0x54, 0xF1, 0x5A, 0xF6, 0xEB, 0xE3, 0xA4, 0xB4 }, + { 0x35, 0x76, 0x11, 0x56, 0x5F, 0xA1, 0x8E, 0x4D }, + { 0xCB, 0x19, 0x1F, 0x85, 0xD1, 0xED, 0x84, 0x39 } +}; + +/* + * Checkup routine + */ +int des_self_test( int verbose ) +{ + int i, j, u, v; + des_context ctx; + des3_context ctx3; + unsigned char key[24]; + unsigned char buf[8]; + unsigned char prv[8]; + unsigned char iv[8]; + + memset( key, 0, 24 ); + + /* + * ECB mode + */ + for( i = 0; i < 6; i++ ) + { + u = i >> 1; + v = i & 1; + + if( verbose != 0 ) + printf( " DES%c-ECB-%3d (%s): ", + ( u == 0 ) ? ' ' : '3', 56 + u * 56, + ( v == DES_DECRYPT ) ? "dec" : "enc" ); + + memcpy( buf, des3_test_buf, 8 ); + + switch( i ) + { + case 0: + des_setkey_dec( &ctx, des3_test_keys ); + break; + + case 1: + des_setkey_enc( &ctx, des3_test_keys ); + break; + + case 2: + des3_set2key_dec( &ctx3, des3_test_keys ); + break; + + case 3: + des3_set2key_enc( &ctx3, des3_test_keys ); + break; + + case 4: + des3_set3key_dec( &ctx3, des3_test_keys ); + break; + + case 5: + des3_set3key_enc( &ctx3, des3_test_keys ); + break; + + default: + return( 1 ); + } + + for( j = 0; j < 10000; j++ ) + { + if( u == 0 ) + des_crypt_ecb( &ctx, buf, buf ); + else + des3_crypt_ecb( &ctx3, buf, buf ); + } + + if( ( v == DES_DECRYPT && + memcmp( buf, des3_test_ecb_dec[u], 8 ) != 0 ) || + ( v != DES_DECRYPT && + memcmp( buf, des3_test_ecb_enc[u], 8 ) != 0 ) ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( 1 ); + } + + if( verbose != 0 ) + printf( "passed\n" ); + } + + if( verbose != 0 ) + printf( "\n" ); + + /* + * CBC mode + */ + for( i = 0; i < 6; i++ ) + { + u = i >> 1; + v = i & 1; + + if( verbose != 0 ) + printf( " DES%c-CBC-%3d (%s): ", + ( u == 0 ) ? ' ' : '3', 56 + u * 56, + ( v == DES_DECRYPT ) ? "dec" : "enc" ); + + memcpy( iv, des3_test_iv, 8 ); + memcpy( prv, des3_test_iv, 8 ); + memcpy( buf, des3_test_buf, 8 ); + + switch( i ) + { + case 0: + des_setkey_dec( &ctx, des3_test_keys ); + break; + + case 1: + des_setkey_enc( &ctx, des3_test_keys ); + break; + + case 2: + des3_set2key_dec( &ctx3, des3_test_keys ); + break; + + case 3: + des3_set2key_enc( &ctx3, des3_test_keys ); + break; + + case 4: + des3_set3key_dec( &ctx3, des3_test_keys ); + break; + + case 5: + des3_set3key_enc( &ctx3, des3_test_keys ); + break; + + default: + return( 1 ); + } + + if( v == DES_DECRYPT ) + { + for( j = 0; j < 10000; j++ ) + { + if( u == 0 ) + des_crypt_cbc( &ctx, v, 8, iv, buf, buf ); + else + des3_crypt_cbc( &ctx3, v, 8, iv, buf, buf ); + } + } + else + { + for( j = 0; j < 10000; j++ ) + { + unsigned char tmp[8]; + + if( u == 0 ) + des_crypt_cbc( &ctx, v, 8, iv, buf, buf ); + else + des3_crypt_cbc( &ctx3, v, 8, iv, buf, buf ); + + memcpy( tmp, prv, 8 ); + memcpy( prv, buf, 8 ); + memcpy( buf, tmp, 8 ); + } + + memcpy( buf, prv, 8 ); + } + + if( ( v == DES_DECRYPT && + memcmp( buf, des3_test_cbc_dec[u], 8 ) != 0 ) || + ( v != DES_DECRYPT && + memcmp( buf, des3_test_cbc_enc[u], 8 ) != 0 ) ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( 1 ); + } + + if( verbose != 0 ) + printf( "passed\n" ); + } + + if( verbose != 0 ) + printf( "\n" ); + + return( 0 ); +} + +#endif + +#endif diff --git a/polarssl/des.h b/polarssl/des.h new file mode 100644 index 0000000..443cd3f --- /dev/null +++ b/polarssl/des.h @@ -0,0 +1,252 @@ +/** + * \file des.h + * + * \brief DES block cipher + * + * Copyright (C) 2006-2013, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef POLARSSL_DES_H +#define POLARSSL_DES_H + +#include "polarssl/config.h" + +#include + +#ifdef _MSC_VER +#include +typedef UINT32 uint32_t; +#else +#include +#endif + +#define DES_ENCRYPT 1 +#define DES_DECRYPT 0 + +#define POLARSSL_ERR_DES_INVALID_INPUT_LENGTH -0x0032 /**< The data input has an invalid length. */ + +#define DES_KEY_SIZE 8 + +#if !defined(POLARSSL_DES_ALT) +// Regular implementation +// + +/** + * \brief DES context structure + */ +typedef struct +{ + int mode; /*!< encrypt/decrypt */ + uint32_t sk[32]; /*!< DES subkeys */ +} +des_context; + +/** + * \brief Triple-DES context structure + */ +typedef struct +{ + int mode; /*!< encrypt/decrypt */ + uint32_t sk[96]; /*!< 3DES subkeys */ +} +des3_context; + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief Set key parity on the given key to odd. + * + * DES keys are 56 bits long, but each byte is padded with + * a parity bit to allow verification. + * + * \param key 8-byte secret key + */ +void des_key_set_parity( unsigned char key[DES_KEY_SIZE] ); + +/** + * \brief Check that key parity on the given key is odd. + * + * DES keys are 56 bits long, but each byte is padded with + * a parity bit to allow verification. + * + * \param key 8-byte secret key + * + * \return 0 is parity was ok, 1 if parity was not correct. + */ +int des_key_check_key_parity( const unsigned char key[DES_KEY_SIZE] ); + +/** + * \brief Check that key is not a weak or semi-weak DES key + * + * \param key 8-byte secret key + * + * \return 0 if no weak key was found, 1 if a weak key was identified. + */ +int des_key_check_weak( const unsigned char key[DES_KEY_SIZE] ); + +/** + * \brief DES key schedule (56-bit, encryption) + * + * \param ctx DES context to be initialized + * \param key 8-byte secret key + * + * \return 0 + */ +int des_setkey_enc( des_context *ctx, const unsigned char key[DES_KEY_SIZE] ); + +/** + * \brief DES key schedule (56-bit, decryption) + * + * \param ctx DES context to be initialized + * \param key 8-byte secret key + * + * \return 0 + */ +int des_setkey_dec( des_context *ctx, const unsigned char key[DES_KEY_SIZE] ); + +/** + * \brief Triple-DES key schedule (112-bit, encryption) + * + * \param ctx 3DES context to be initialized + * \param key 16-byte secret key + * + * \return 0 + */ +int des3_set2key_enc( des3_context *ctx, const unsigned char key[DES_KEY_SIZE * 2] ); + +/** + * \brief Triple-DES key schedule (112-bit, decryption) + * + * \param ctx 3DES context to be initialized + * \param key 16-byte secret key + * + * \return 0 + */ +int des3_set2key_dec( des3_context *ctx, const unsigned char key[DES_KEY_SIZE * 2] ); + +/** + * \brief Triple-DES key schedule (168-bit, encryption) + * + * \param ctx 3DES context to be initialized + * \param key 24-byte secret key + * + * \return 0 + */ +int des3_set3key_enc( des3_context *ctx, const unsigned char key[DES_KEY_SIZE * 3] ); + +/** + * \brief Triple-DES key schedule (168-bit, decryption) + * + * \param ctx 3DES context to be initialized + * \param key 24-byte secret key + * + * \return 0 + */ +int des3_set3key_dec( des3_context *ctx, const unsigned char key[DES_KEY_SIZE * 3] ); + +/** + * \brief DES-ECB block encryption/decryption + * + * \param ctx DES context + * \param input 64-bit input block + * \param output 64-bit output block + * + * \return 0 if successful + */ +int des_crypt_ecb( des_context *ctx, + const unsigned char input[8], + unsigned char output[8] ); + +/** + * \brief DES-CBC buffer encryption/decryption + * + * \param ctx DES context + * \param mode DES_ENCRYPT or DES_DECRYPT + * \param length length of the input data + * \param iv initialization vector (updated after use) + * \param input buffer holding the input data + * \param output buffer holding the output data + */ +int des_crypt_cbc( des_context *ctx, + int mode, + size_t length, + unsigned char iv[8], + const unsigned char *input, + unsigned char *output ); + +/** + * \brief 3DES-ECB block encryption/decryption + * + * \param ctx 3DES context + * \param input 64-bit input block + * \param output 64-bit output block + * + * \return 0 if successful + */ +int des3_crypt_ecb( des3_context *ctx, + const unsigned char input[8], + unsigned char output[8] ); + +/** + * \brief 3DES-CBC buffer encryption/decryption + * + * \param ctx 3DES context + * \param mode DES_ENCRYPT or DES_DECRYPT + * \param length length of the input data + * \param iv initialization vector (updated after use) + * \param input buffer holding the input data + * \param output buffer holding the output data + * + * \return 0 if successful, or POLARSSL_ERR_DES_INVALID_INPUT_LENGTH + */ +int des3_crypt_cbc( des3_context *ctx, + int mode, + size_t length, + unsigned char iv[8], + const unsigned char *input, + unsigned char *output ); + +#ifdef __cplusplus +} +#endif + +#else /* POLARSSL_DES_ALT */ +#include "polarssl/des_alt.h" +#endif /* POLARSSL_DES_ALT */ + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief Checkup routine + * + * \return 0 if successful, or 1 if the test failed + */ +int des_self_test( int verbose ); + +#ifdef __cplusplus +} +#endif + +#endif /* des.h */ diff --git a/polarssl/dhm.c b/polarssl/dhm.c new file mode 100644 index 0000000..90e5b4b --- /dev/null +++ b/polarssl/dhm.c @@ -0,0 +1,302 @@ +/* + * Diffie-Hellman-Merkle key exchange + * + * Copyright (C) 2006-2010, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +/* + * Reference: + * + * http://www.cacr.math.uwaterloo.ca/hac/ (chapter 12) + */ + +#include "polarssl/config.h" + +#if defined(POLARSSL_DHM_C) + +#include "polarssl/dhm.h" + +/* + * helper to validate the mpi size and import it + */ +static int dhm_read_bignum( mpi *X, + unsigned char **p, + const unsigned char *end ) +{ + int ret, n; + + if( end - *p < 2 ) + return( POLARSSL_ERR_DHM_BAD_INPUT_DATA ); + + n = ( (*p)[0] << 8 ) | (*p)[1]; + (*p) += 2; + + if( (int)( end - *p ) < n ) + return( POLARSSL_ERR_DHM_BAD_INPUT_DATA ); + + if( ( ret = mpi_read_binary( X, *p, n ) ) != 0 ) + return( POLARSSL_ERR_DHM_READ_PARAMS_FAILED + ret ); + + (*p) += n; + + return( 0 ); +} + +/* + * Verify sanity of parameter with regards to P + * + * Parameter should be: 2 <= public_param <= P - 2 + * + * For more information on the attack, see: + * http://www.cl.cam.ac.uk/~rja14/Papers/psandqs.pdf + * http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2643 + */ +static int dhm_check_range( const mpi *param, const mpi *P ) +{ + mpi L, U; + int ret = POLARSSL_ERR_DHM_BAD_INPUT_DATA; + + mpi_init( &L ); mpi_init( &U ); + mpi_lset( &L, 2 ); + mpi_sub_int( &U, P, 2 ); + + if( mpi_cmp_mpi( param, &L ) >= 0 && + mpi_cmp_mpi( param, &U ) <= 0 ) + { + ret = 0; + } + + mpi_free( &L ); mpi_free( &U ); + + return( ret ); +} + +/* + * Parse the ServerKeyExchange parameters + */ +int dhm_read_params( dhm_context *ctx, + unsigned char **p, + const unsigned char *end ) +{ + int ret; + + memset( ctx, 0, sizeof( dhm_context ) ); + + if( ( ret = dhm_read_bignum( &ctx->P, p, end ) ) != 0 || + ( ret = dhm_read_bignum( &ctx->G, p, end ) ) != 0 || + ( ret = dhm_read_bignum( &ctx->GY, p, end ) ) != 0 ) + return( ret ); + + if( ( ret = dhm_check_range( &ctx->GY, &ctx->P ) ) != 0 ) + return( ret ); + + ctx->len = mpi_size( &ctx->P ); + + if( end - *p < 2 ) + return( POLARSSL_ERR_DHM_BAD_INPUT_DATA ); + + return( 0 ); +} + +/* + * Setup and write the ServerKeyExchange parameters + */ +int dhm_make_params( dhm_context *ctx, int x_size, + unsigned char *output, size_t *olen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ) +{ + int ret, count = 0; + size_t n1, n2, n3; + unsigned char *p; + + if( mpi_cmp_int( &ctx->P, 0 ) == 0 ) + return( POLARSSL_ERR_DHM_BAD_INPUT_DATA ); + + /* + * Generate X as large as possible ( < P ) + */ + do + { + mpi_fill_random( &ctx->X, x_size, f_rng, p_rng ); + + while( mpi_cmp_mpi( &ctx->X, &ctx->P ) >= 0 ) + mpi_shift_r( &ctx->X, 1 ); + + if( count++ > 10 ) + return( POLARSSL_ERR_DHM_MAKE_PARAMS_FAILED ); + } + while( dhm_check_range( &ctx->X, &ctx->P ) != 0 ); + + /* + * Calculate GX = G^X mod P + */ + MPI_CHK( mpi_exp_mod( &ctx->GX, &ctx->G, &ctx->X, + &ctx->P , &ctx->RP ) ); + + if( ( ret = dhm_check_range( &ctx->GX, &ctx->P ) ) != 0 ) + return( ret ); + + /* + * export P, G, GX + */ +#define DHM_MPI_EXPORT(X,n) \ + MPI_CHK( mpi_write_binary( X, p + 2, n ) ); \ + *p++ = (unsigned char)( n >> 8 ); \ + *p++ = (unsigned char)( n ); p += n; + + n1 = mpi_size( &ctx->P ); + n2 = mpi_size( &ctx->G ); + n3 = mpi_size( &ctx->GX ); + + p = output; + DHM_MPI_EXPORT( &ctx->P , n1 ); + DHM_MPI_EXPORT( &ctx->G , n2 ); + DHM_MPI_EXPORT( &ctx->GX, n3 ); + + *olen = p - output; + + ctx->len = n1; + +cleanup: + + if( ret != 0 ) + return( POLARSSL_ERR_DHM_MAKE_PARAMS_FAILED + ret ); + + return( 0 ); +} + +/* + * Import the peer's public value G^Y + */ +int dhm_read_public( dhm_context *ctx, + const unsigned char *input, size_t ilen ) +{ + int ret; + + if( ctx == NULL || ilen < 1 || ilen > ctx->len ) + return( POLARSSL_ERR_DHM_BAD_INPUT_DATA ); + + if( ( ret = mpi_read_binary( &ctx->GY, input, ilen ) ) != 0 ) + return( POLARSSL_ERR_DHM_READ_PUBLIC_FAILED + ret ); + + return( 0 ); +} + +/* + * Create own private value X and export G^X + */ +int dhm_make_public( dhm_context *ctx, int x_size, + unsigned char *output, size_t olen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ) +{ + int ret, count = 0; + + if( ctx == NULL || olen < 1 || olen > ctx->len ) + return( POLARSSL_ERR_DHM_BAD_INPUT_DATA ); + + if( mpi_cmp_int( &ctx->P, 0 ) == 0 ) + return( POLARSSL_ERR_DHM_BAD_INPUT_DATA ); + + /* + * generate X and calculate GX = G^X mod P + */ + do + { + mpi_fill_random( &ctx->X, x_size, f_rng, p_rng ); + + while( mpi_cmp_mpi( &ctx->X, &ctx->P ) >= 0 ) + mpi_shift_r( &ctx->X, 1 ); + + if( count++ > 10 ) + return( POLARSSL_ERR_DHM_MAKE_PUBLIC_FAILED ); + } + while( dhm_check_range( &ctx->X, &ctx->P ) != 0 ); + + MPI_CHK( mpi_exp_mod( &ctx->GX, &ctx->G, &ctx->X, + &ctx->P , &ctx->RP ) ); + + if( ( ret = dhm_check_range( &ctx->GX, &ctx->P ) ) != 0 ) + return( ret ); + + MPI_CHK( mpi_write_binary( &ctx->GX, output, olen ) ); + +cleanup: + + if( ret != 0 ) + return( POLARSSL_ERR_DHM_MAKE_PUBLIC_FAILED + ret ); + + return( 0 ); +} + +/* + * Derive and export the shared secret (G^Y)^X mod P + */ +int dhm_calc_secret( dhm_context *ctx, + unsigned char *output, size_t *olen ) +{ + int ret; + + if( ctx == NULL || *olen < ctx->len ) + return( POLARSSL_ERR_DHM_BAD_INPUT_DATA ); + + MPI_CHK( mpi_exp_mod( &ctx->K, &ctx->GY, &ctx->X, + &ctx->P, &ctx->RP ) ); + + if( ( ret = dhm_check_range( &ctx->GY, &ctx->P ) ) != 0 ) + return( ret ); + + *olen = mpi_size( &ctx->K ); + + MPI_CHK( mpi_write_binary( &ctx->K, output, *olen ) ); + +cleanup: + + if( ret != 0 ) + return( POLARSSL_ERR_DHM_CALC_SECRET_FAILED + ret ); + + return( 0 ); +} + +/* + * Free the components of a DHM key + */ +void dhm_free( dhm_context *ctx ) +{ + mpi_free( &ctx->RP ); mpi_free( &ctx->K ); mpi_free( &ctx->GY ); + mpi_free( &ctx->GX ); mpi_free( &ctx->X ); mpi_free( &ctx->G ); + mpi_free( &ctx->P ); +} + +#if defined(POLARSSL_SELF_TEST) + +/* + * Checkup routine + */ +int dhm_self_test( int verbose ) +{ + return( verbose++ ); +} + +#endif + +#endif diff --git a/polarssl/dhm.h b/polarssl/dhm.h new file mode 100644 index 0000000..a1643ca --- /dev/null +++ b/polarssl/dhm.h @@ -0,0 +1,244 @@ +/** + * \file dhm.h + * + * \brief Diffie-Hellman-Merkle key exchange + * + * Copyright (C) 2006-2010, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef POLARSSL_DHM_H +#define POLARSSL_DHM_H + +#include "polarssl/bignum.h" + +/* + * DHM Error codes + */ +#define POLARSSL_ERR_DHM_BAD_INPUT_DATA -0x3080 /**< Bad input parameters to function. */ +#define POLARSSL_ERR_DHM_READ_PARAMS_FAILED -0x3100 /**< Reading of the DHM parameters failed. */ +#define POLARSSL_ERR_DHM_MAKE_PARAMS_FAILED -0x3180 /**< Making of the DHM parameters failed. */ +#define POLARSSL_ERR_DHM_READ_PUBLIC_FAILED -0x3200 /**< Reading of the public values failed. */ +#define POLARSSL_ERR_DHM_MAKE_PUBLIC_FAILED -0x3280 /**< Making of the public value failed. */ +#define POLARSSL_ERR_DHM_CALC_SECRET_FAILED -0x3300 /**< Calculation of the DHM secret failed. */ + +/** + * RFC 3526 defines a number of standardized Diffie-Hellman groups + * for IKE. + * RFC 5114 defines a number of standardized Diffie-Hellman groups + * that can be used. + * + * Some are included here for convenience. + * + * Included are: + * RFC 3526 3. 2048-bit MODP Group + * RFC 3526 4. 3072-bit MODP Group + * RFC 5114 2.1. 1024-bit MODP Group with 160-bit Prime Order Subgroup + * RFC 5114 2.2. 2048-bit MODP Group with 224-bit Prime Order Subgroup + */ +#define POLARSSL_DHM_RFC3526_MODP_2048_P \ + "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \ + "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" \ + "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" \ + "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" \ + "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" \ + "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" \ + "83655D23DCA3AD961C62F356208552BB9ED529077096966D" \ + "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" \ + "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9" \ + "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" \ + "15728E5A8AACAA68FFFFFFFFFFFFFFFF" + +#define POLARSSL_DHM_RFC3526_MODP_2048_G "02" + +#define POLARSSL_DHM_RFC3526_MODP_3072_P \ + "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \ + "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" \ + "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" \ + "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" \ + "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" \ + "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" \ + "83655D23DCA3AD961C62F356208552BB9ED529077096966D" \ + "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" \ + "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9" \ + "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" \ + "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64" \ + "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7" \ + "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B" \ + "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C" \ + "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31" \ + "43DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF" + +#define POLARSSL_DHM_RFC3526_MODP_3072_G "02" + +#define POLARSSL_DHM_RFC5114_MODP_1024_P \ + "B10B8F96A080E01DDE92DE5EAE5D54EC52C99FBCFB06A3C6" \ + "9A6A9DCA52D23B616073E28675A23D189838EF1E2EE652C0" \ + "13ECB4AEA906112324975C3CD49B83BFACCBDD7D90C4BD70" \ + "98488E9C219A73724EFFD6FAE5644738FAA31A4FF55BCCC0" \ + "A151AF5F0DC8B4BD45BF37DF365C1A65E68CFDA76D4DA708" \ + "DF1FB2BC2E4A4371" + +#define POLARSSL_DHM_RFC5114_MODP_1024_G \ + "A4D1CBD5C3FD34126765A442EFB99905F8104DD258AC507F" \ + "D6406CFF14266D31266FEA1E5C41564B777E690F5504F213" \ + "160217B4B01B886A5E91547F9E2749F4D7FBD7D3B9A92EE1" \ + "909D0D2263F80A76A6A24C087A091F531DBF0A0169B6A28A" \ + "D662A4D18E73AFA32D779D5918D08BC8858F4DCEF97C2A24" \ + "855E6EEB22B3B2E5" + +#define POLARSSL_DHM_RFC5114_MODP_2048_P \ + "AD107E1E9123A9D0D660FAA79559C51FA20D64E5683B9FD1" \ + "B54B1597B61D0A75E6FA141DF95A56DBAF9A3C407BA1DF15" \ + "EB3D688A309C180E1DE6B85A1274A0A66D3F8152AD6AC212" \ + "9037C9EDEFDA4DF8D91E8FEF55B7394B7AD5B7D0B6C12207" \ + "C9F98D11ED34DBF6C6BA0B2C8BBC27BE6A00E0A0B9C49708" \ + "B3BF8A317091883681286130BC8985DB1602E714415D9330" \ + "278273C7DE31EFDC7310F7121FD5A07415987D9ADC0A486D" \ + "CDF93ACC44328387315D75E198C641A480CD86A1B9E587E8" \ + "BE60E69CC928B2B9C52172E413042E9B23F10B0E16E79763" \ + "C9B53DCF4BA80A29E3FB73C16B8E75B97EF363E2FFA31F71" \ + "CF9DE5384E71B81C0AC4DFFE0C10E64F" + +#define POLARSSL_DHM_RFC5114_MODP_2048_G \ + "AC4032EF4F2D9AE39DF30B5C8FFDAC506CDEBE7B89998CAF"\ + "74866A08CFE4FFE3A6824A4E10B9A6F0DD921F01A70C4AFA"\ + "AB739D7700C29F52C57DB17C620A8652BE5E9001A8D66AD7"\ + "C17669101999024AF4D027275AC1348BB8A762D0521BC98A"\ + "E247150422EA1ED409939D54DA7460CDB5F6C6B250717CBE"\ + "F180EB34118E98D119529A45D6F834566E3025E316A330EF"\ + "BB77A86F0C1AB15B051AE3D428C8F8ACB70A8137150B8EEB"\ + "10E183EDD19963DDD9E263E4770589EF6AA21E7F5F2FF381"\ + "B539CCE3409D13CD566AFBB48D6C019181E1BCFE94B30269"\ + "EDFE72FE9B6AA4BD7B5A0F1C71CFFF4C19C418E1F6EC0179"\ + "81BC087F2A7065B384B890D3191F2BFA" + +/** + * \brief DHM context structure + */ +typedef struct +{ + size_t len; /*!< size(P) in chars */ + mpi P; /*!< prime modulus */ + mpi G; /*!< generator */ + mpi X; /*!< secret value */ + mpi GX; /*!< self = G^X mod P */ + mpi GY; /*!< peer = G^Y mod P */ + mpi K; /*!< key = GY^X mod P */ + mpi RP; /*!< cached R^2 mod P */ +} +dhm_context; + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief Parse the ServerKeyExchange parameters + * + * \param ctx DHM context + * \param p &(start of input buffer) + * \param end end of buffer + * + * \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code + */ +int dhm_read_params( dhm_context *ctx, + unsigned char **p, + const unsigned char *end ); + +/** + * \brief Setup and write the ServerKeyExchange parameters + * + * \param ctx DHM context + * \param x_size private value size in bytes + * \param output destination buffer + * \param olen number of chars written + * \param f_rng RNG function + * \param p_rng RNG parameter + * + * \note This function assumes that ctx->P and ctx->G + * have already been properly set (for example + * using mpi_read_string or mpi_read_binary). + * + * \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code + */ +int dhm_make_params( dhm_context *ctx, int x_size, + unsigned char *output, size_t *olen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ); + +/** + * \brief Import the peer's public value G^Y + * + * \param ctx DHM context + * \param input input buffer + * \param ilen size of buffer + * + * \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code + */ +int dhm_read_public( dhm_context *ctx, + const unsigned char *input, size_t ilen ); + +/** + * \brief Create own private value X and export G^X + * + * \param ctx DHM context + * \param x_size private value size in bytes + * \param output destination buffer + * \param olen must be equal to ctx->P.len + * \param f_rng RNG function + * \param p_rng RNG parameter + * + * \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code + */ +int dhm_make_public( dhm_context *ctx, int x_size, + unsigned char *output, size_t olen, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ); + +/** + * \brief Derive and export the shared secret (G^Y)^X mod P + * + * \param ctx DHM context + * \param output destination buffer + * \param olen number of chars written + * + * \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code + */ +int dhm_calc_secret( dhm_context *ctx, + unsigned char *output, size_t *olen ); + +/** + * \brief Free the components of a DHM key + */ +void dhm_free( dhm_context *ctx ); + +/** + * \brief Checkup routine + * + * \return 0 if successful, or 1 if the test failed + */ +int dhm_self_test( int verbose ); + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/polarssl/entropy.c b/polarssl/entropy.c new file mode 100644 index 0000000..9662454 --- /dev/null +++ b/polarssl/entropy.c @@ -0,0 +1,204 @@ +/* + * Entropy accumulator implementation + * + * Copyright (C) 2006-2011, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#include "polarssl/config.h" + +#if defined(POLARSSL_ENTROPY_C) + +#include "polarssl/entropy.h" +#include "polarssl/entropy_poll.h" + +#if defined(POLARSSL_HAVEGE_C) +#include "polarssl/havege.h" +#endif + +#define ENTROPY_MAX_LOOP 256 /**< Maximum amount to loop before error */ + +void entropy_init( entropy_context *ctx ) +{ + memset( ctx, 0, sizeof(entropy_context) ); + + sha4_starts( &ctx->accumulator, 0 ); +#if defined(POLARSSL_HAVEGE_C) + havege_init( &ctx->havege_data ); +#endif + +#if !defined(POLARSSL_NO_DEFAULT_ENTROPY_SOURCES) +#if !defined(POLARSSL_NO_PLATFORM_ENTROPY) + entropy_add_source( ctx, platform_entropy_poll, NULL, + ENTROPY_MIN_PLATFORM ); +#endif +#if defined(POLARSSL_TIMING_C) + entropy_add_source( ctx, hardclock_poll, NULL, ENTROPY_MIN_HARDCLOCK ); +#endif +#if defined(POLARSSL_HAVEGE_C) + entropy_add_source( ctx, havege_poll, &ctx->havege_data, + ENTROPY_MIN_HAVEGE ); +#endif +#endif /* POLARSSL_NO_DEFAULT_ENTROPY_SOURCES */ +} + +int entropy_add_source( entropy_context *ctx, + f_source_ptr f_source, void *p_source, + size_t threshold ) +{ + int index = ctx->source_count; + + if( index >= ENTROPY_MAX_SOURCES ) + return( POLARSSL_ERR_ENTROPY_MAX_SOURCES ); + + ctx->source[index].f_source = f_source; + ctx->source[index].p_source = p_source; + ctx->source[index].threshold = threshold; + + ctx->source_count++; + + return( 0 ); +} + +/* + * Entropy accumulator update + */ +int entropy_update( entropy_context *ctx, unsigned char source_id, + const unsigned char *data, size_t len ) +{ + unsigned char header[2]; + unsigned char tmp[ENTROPY_BLOCK_SIZE]; + size_t use_len = len; + const unsigned char *p = data; + + if( use_len > ENTROPY_BLOCK_SIZE ) + { + sha4( data, len, tmp, 0 ); + + p = tmp; + use_len = ENTROPY_BLOCK_SIZE; + } + + header[0] = source_id; + header[1] = use_len & 0xFF; + + sha4_update( &ctx->accumulator, header, 2 ); + sha4_update( &ctx->accumulator, p, use_len ); + + return( 0 ); +} + +int entropy_update_manual( entropy_context *ctx, + const unsigned char *data, size_t len ) +{ + return entropy_update( ctx, ENTROPY_SOURCE_MANUAL, data, len ); +} + +/* + * Run through the different sources to add entropy to our accumulator + */ +int entropy_gather( entropy_context *ctx ) +{ + int ret, i; + unsigned char buf[ENTROPY_MAX_GATHER]; + size_t olen; + + if( ctx->source_count == 0 ) + return( POLARSSL_ERR_ENTROPY_NO_SOURCES_DEFINED ); + + /* + * Run through our entropy sources + */ + for( i = 0; i < ctx->source_count; i++ ) + { + olen = 0; + if ( ( ret = ctx->source[i].f_source( ctx->source[i].p_source, + buf, ENTROPY_MAX_GATHER, &olen ) ) != 0 ) + { + return( ret ); + } + + /* + * Add if we actually gathered something + */ + if( olen > 0 ) + { + entropy_update( ctx, (unsigned char) i, buf, olen ); + ctx->source[i].size += olen; + } + } + + return( 0 ); +} + +int entropy_func( void *data, unsigned char *output, size_t len ) +{ + int ret, count = 0, i, reached; + entropy_context *ctx = (entropy_context *) data; + unsigned char buf[ENTROPY_BLOCK_SIZE]; + + if( len > ENTROPY_BLOCK_SIZE ) + return( POLARSSL_ERR_ENTROPY_SOURCE_FAILED ); + + /* + * Always gather extra entropy before a call + */ + do + { + if( count++ > ENTROPY_MAX_LOOP ) + return( POLARSSL_ERR_ENTROPY_SOURCE_FAILED ); + + if( ( ret = entropy_gather( ctx ) ) != 0 ) + return( ret ); + + reached = 0; + + for( i = 0; i < ctx->source_count; i++ ) + if( ctx->source[i].size >= ctx->source[i].threshold ) + reached++; + } + while( reached != ctx->source_count ); + + memset( buf, 0, ENTROPY_BLOCK_SIZE ); + + sha4_finish( &ctx->accumulator, buf ); + + /* + * Perform second SHA-512 on entropy + */ + sha4( buf, ENTROPY_BLOCK_SIZE, buf, 0 ); + + /* + * Reset accumulator and counters and recycle existing entropy + */ + memset( &ctx->accumulator, 0, sizeof( sha4_context ) ); + sha4_starts( &ctx->accumulator, 0 ); + sha4_update( &ctx->accumulator, buf, ENTROPY_BLOCK_SIZE ); + + for( i = 0; i < ctx->source_count; i++ ) + ctx->source[i].size = 0; + + memcpy( output, buf, len ); + + return( 0 ); +} + +#endif diff --git a/polarssl/entropy.h b/polarssl/entropy.h new file mode 100644 index 0000000..5b6b380 --- /dev/null +++ b/polarssl/entropy.h @@ -0,0 +1,153 @@ +/** + * \file entropy.h + * + * \brief Entropy accumulator implementation + * + * Copyright (C) 2006-2013, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef POLARSSL_ENTROPY_H +#define POLARSSL_ENTROPY_H + +#include + +#include "polarssl/config.h" + +#include "polarssl/sha4.h" +#if defined(POLARSSL_HAVEGE_C) +#include "polarssl/havege.h" +#endif + +#define POLARSSL_ERR_ENTROPY_SOURCE_FAILED -0x003C /**< Critical entropy source failure. */ +#define POLARSSL_ERR_ENTROPY_MAX_SOURCES -0x003E /**< No more sources can be added. */ +#define POLARSSL_ERR_ENTROPY_NO_SOURCES_DEFINED -0x0040 /**< No sources have been added to poll. */ + +#if !defined(POLARSSL_CONFIG_OPTIONS) +#define ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */ +#define ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */ +#endif /* !POLARSSL_CONFIG_OPTIONS */ + +#define ENTROPY_BLOCK_SIZE 64 /**< Block size of entropy accumulator (SHA-512) */ + +#define ENTROPY_SOURCE_MANUAL ENTROPY_MAX_SOURCES + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief Entropy poll callback pointer + * + * \param data Callback-specific data pointer + * \param output Data to fill + * \param len Maximum size to provide + * \param olen The actual amount of bytes put into the buffer (Can be 0) + * + * \return 0 if no critical failures occurred, + * POLARSSL_ERR_ENTROPY_SOURCE_FAILED otherwise + */ +typedef int (*f_source_ptr)(void *, unsigned char *, size_t, size_t *); + +/** + * \brief Entropy source state + */ +typedef struct +{ + f_source_ptr f_source; /**< The entropy source callback */ + void * p_source; /**< The callback data pointer */ + size_t size; /**< Amount received */ + size_t threshold; /**< Minimum level required before release */ +} +source_state; + +/** + * \brief Entropy context structure + */ +typedef struct +{ + sha4_context accumulator; + int source_count; + source_state source[ENTROPY_MAX_SOURCES]; +#if defined(POLARSSL_HAVEGE_C) + havege_state havege_data; +#endif +} +entropy_context; + +/** + * \brief Initialize the context + * + * \param ctx Entropy context to initialize + */ +void entropy_init( entropy_context *ctx ); + +/** + * \brief Adds an entropy source to poll + * + * \param ctx Entropy context + * \param f_source Entropy function + * \param p_source Function data + * \param threshold Minimum required from source before entropy is released + * ( with entropy_func() ) + * + * \return 0 if successful or POLARSSL_ERR_ENTROPY_MAX_SOURCES + */ +int entropy_add_source( entropy_context *ctx, + f_source_ptr f_source, void *p_source, + size_t threshold ); + +/** + * \brief Trigger an extra gather poll for the accumulator + * + * \param ctx Entropy context + * + * \return 0 if successful, or POLARSSL_ERR_ENTROPY_SOURCE_FAILED + */ +int entropy_gather( entropy_context *ctx ); + +/** + * \brief Retrieve entropy from the accumulator (Max ENTROPY_BLOCK_SIZE) + * + * \param data Entropy context + * \param output Buffer to fill + * \param len Length of buffer + * + * \return 0 if successful, or POLARSSL_ERR_ENTROPY_SOURCE_FAILED + */ +int entropy_func( void *data, unsigned char *output, size_t len ); + +/** + * \brief Add data to the accumulator manually + * + * \param ctx Entropy context + * \param data Data to add + * \param len Length of data + * + * \return 0 if successful + */ +int entropy_update_manual( entropy_context *ctx, + const unsigned char *data, size_t len ); + +#ifdef __cplusplus +} +#endif + +#endif /* entropy.h */ diff --git a/polarssl/entropy_poll.c b/polarssl/entropy_poll.c new file mode 100644 index 0000000..b5d9f78 --- /dev/null +++ b/polarssl/entropy_poll.c @@ -0,0 +1,136 @@ +/* + * Platform-specific and custom entropy polling functions + * + * Copyright (C) 2006-2011, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#include "polarssl/config.h" + +#if defined(POLARSSL_ENTROPY_C) + +#include "polarssl/entropy.h" +#include "polarssl/entropy_poll.h" + +#if defined(POLARSSL_TIMING_C) +#include "polarssl/timing.h" +#endif +#if defined(POLARSSL_HAVEGE_C) +#include "polarssl/havege.h" +#endif + +#if !defined(POLARSSL_NO_PLATFORM_ENTROPY) +#if defined(_WIN32) + +#if !defined(_WIN32_WINNT) +#define _WIN32_WINNT 0x0400 +#endif +#include +#include + +int platform_entropy_poll( void *data, unsigned char *output, size_t len, + size_t *olen ) +{ + HCRYPTPROV provider; + ((void) data); + *olen = 0; + + if( CryptAcquireContext( &provider, NULL, NULL, + PROV_RSA_FULL, CRYPT_VERIFYCONTEXT ) == FALSE ) + { + return POLARSSL_ERR_ENTROPY_SOURCE_FAILED; + } + + if( CryptGenRandom( provider, len, output ) == FALSE ) + return POLARSSL_ERR_ENTROPY_SOURCE_FAILED; + + CryptReleaseContext( provider, 0 ); + *olen = len; + + return( 0 ); +} +#else + +#include + +int platform_entropy_poll( void *data, + unsigned char *output, size_t len, size_t *olen ) +{ + FILE *file; + size_t ret; + ((void) data); + + *olen = 0; + + file = fopen( "/dev/urandom", "rb" ); + if( file == NULL ) + return POLARSSL_ERR_ENTROPY_SOURCE_FAILED; + + ret = fread( output, 1, len, file ); + if( ret != len ) + { + fclose( file ); + return POLARSSL_ERR_ENTROPY_SOURCE_FAILED; + } + + fclose( file ); + *olen = len; + + return( 0 ); +} +#endif +#endif + +#if defined(POLARSSL_TIMING_C) +int hardclock_poll( void *data, + unsigned char *output, size_t len, size_t *olen ) +{ + unsigned long timer = hardclock(); + ((void) data); + *olen = 0; + + if( len < sizeof(unsigned long) ) + return( 0 ); + + memcpy( output, &timer, sizeof(unsigned long) ); + *olen = sizeof(unsigned long); + + return( 0 ); +} +#endif + +#if defined(POLARSSL_HAVEGE_C) +int havege_poll( void *data, + unsigned char *output, size_t len, size_t *olen ) +{ + havege_state *hs = (havege_state *) data; + *olen = 0; + + if( havege_random( hs, output, len ) != 0 ) + return POLARSSL_ERR_ENTROPY_SOURCE_FAILED; + + *olen = len; + + return( 0 ); +} +#endif + +#endif /* POLARSSL_ENTROPY_C */ diff --git a/polarssl/entropy_poll.h b/polarssl/entropy_poll.h new file mode 100644 index 0000000..4d09e74 --- /dev/null +++ b/polarssl/entropy_poll.h @@ -0,0 +1,75 @@ +/** + * \file entropy_poll.h + * + * \brief Platform-specific and custom entropy polling functions + * + * Copyright (C) 2006-2011, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef POLARSSL_ENTROPY_POLL_H +#define POLARSSL_ENTROPY_POLL_H + +#include + +#include "polarssl/config.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/* + * Default thresholds for built-in sources + */ +#define ENTROPY_MIN_PLATFORM 128 /**< Minimum for platform source */ +#define ENTROPY_MIN_HAVEGE 128 /**< Minimum for HAVEGE */ +#define ENTROPY_MIN_HARDCLOCK 32 /**< Minimum for hardclock() */ + +#if !defined(POLARSSL_NO_PLATFORM_ENTROPY) +/** + * \brief Platform-specific entropy poll callback + */ +int platform_entropy_poll( void *data, + unsigned char *output, size_t len, size_t *olen ); +#endif + +#if defined(POLARSSL_HAVEGE_C) +/** + * \brief HAVEGE based entropy poll callback + * + * Requires an HAVEGE state as its data pointer. + */ +int havege_poll( void *data, + unsigned char *output, size_t len, size_t *olen ); +#endif + +#if defined(POLARSSL_TIMING_C) +/** + * \brief hardclock-based entropy poll callback + */ +int hardclock_poll( void *data, + unsigned char *output, size_t len, size_t *olen ); +#endif + +#ifdef __cplusplus +} +#endif + +#endif /* entropy_poll.h */ diff --git a/polarssl/error.c b/polarssl/error.c new file mode 100644 index 0000000..036b834 --- /dev/null +++ b/polarssl/error.c @@ -0,0 +1,612 @@ +/* + * Error message information + * + * Copyright (C) 2006-2012, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#include "polarssl/config.h" + +#if defined(POLARSSL_ERROR_C) + +#include "polarssl/error.h" + +#if defined(POLARSSL_AES_C) +#include "polarssl/aes.h" +#endif + +#if defined(POLARSSL_BASE64_C) +#include "polarssl/base64.h" +#endif + +#if defined(POLARSSL_BIGNUM_C) +#include "polarssl/bignum.h" +#endif + +#if defined(POLARSSL_BLOWFISH_C) +#include "polarssl/blowfish.h" +#endif + +#if defined(POLARSSL_CAMELLIA_C) +#include "polarssl/camellia.h" +#endif + +#if defined(POLARSSL_CIPHER_C) +#include "polarssl/cipher.h" +#endif + +#if defined(POLARSSL_CTR_DRBG_C) +#include "polarssl/ctr_drbg.h" +#endif + +#if defined(POLARSSL_DES_C) +#include "polarssl/des.h" +#endif + +#if defined(POLARSSL_DHM_C) +#include "polarssl/dhm.h" +#endif + +#if defined(POLARSSL_ENTROPY_C) +#include "polarssl/entropy.h" +#endif + +#if defined(POLARSSL_GCM_C) +#include "polarssl/gcm.h" +#endif + +#if defined(POLARSSL_MD_C) +#include "polarssl/md.h" +#endif + +#if defined(POLARSSL_MD2_C) +#include "polarssl/md2.h" +#endif + +#if defined(POLARSSL_MD4_C) +#include "polarssl/md4.h" +#endif + +#if defined(POLARSSL_MD5_C) +#include "polarssl/md5.h" +#endif + +#if defined(POLARSSL_NET_C) +#include "polarssl/net.h" +#endif + +#if defined(POLARSSL_PADLOCK_C) +#include "polarssl/padlock.h" +#endif + +#if defined(POLARSSL_PBKDF2_C) +#include "polarssl/pbkdf2.h" +#endif + +#if defined(POLARSSL_PEM_C) +#include "polarssl/pem.h" +#endif + +#if defined(POLARSSL_PKCS12_C) +#include "polarssl/pkcs12.h" +#endif + +#if defined(POLARSSL_PKCS5_C) +#include "polarssl/pkcs5.h" +#endif + +#if defined(POLARSSL_RSA_C) +#include "polarssl/rsa.h" +#endif + +#if defined(POLARSSL_SHA1_C) +#include "polarssl/sha1.h" +#endif + +#if defined(POLARSSL_SHA2_C) +#include "polarssl/sha2.h" +#endif + +#if defined(POLARSSL_SHA4_C) +#include "polarssl/sha4.h" +#endif + +#if defined(POLARSSL_SSL_TLS_C) +#include "polarssl/ssl.h" +#endif + +#if defined(POLARSSL_X509_PARSE_C) +#include "polarssl/x509.h" +#endif + +#if defined(POLARSSL_XTEA_C) +#include "polarssl/xtea.h" +#endif + + +#include + +#if defined _MSC_VER && !defined snprintf +#define snprintf _snprintf +#endif + +void error_strerror( int ret, char *buf, size_t buflen ) +{ + size_t len; + int use_ret; + + memset( buf, 0x00, buflen ); + + if( ret < 0 ) + ret = -ret; + + if( ret & 0xFF80 ) + { + use_ret = ret & 0xFF80; + + // High level error codes + // +#if defined(POLARSSL_CIPHER_C) + if( use_ret == -(POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE) ) + snprintf( buf, buflen, "CIPHER - The selected feature is not available" ); + if( use_ret == -(POLARSSL_ERR_CIPHER_BAD_INPUT_DATA) ) + snprintf( buf, buflen, "CIPHER - Bad input parameters to function" ); + if( use_ret == -(POLARSSL_ERR_CIPHER_ALLOC_FAILED) ) + snprintf( buf, buflen, "CIPHER - Failed to allocate memory" ); + if( use_ret == -(POLARSSL_ERR_CIPHER_INVALID_PADDING) ) + snprintf( buf, buflen, "CIPHER - Input data contains invalid padding and is rejected" ); + if( use_ret == -(POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED) ) + snprintf( buf, buflen, "CIPHER - Decryption of block requires a full block" ); +#endif /* POLARSSL_CIPHER_C */ + +#if defined(POLARSSL_DHM_C) + if( use_ret == -(POLARSSL_ERR_DHM_BAD_INPUT_DATA) ) + snprintf( buf, buflen, "DHM - Bad input parameters to function" ); + if( use_ret == -(POLARSSL_ERR_DHM_READ_PARAMS_FAILED) ) + snprintf( buf, buflen, "DHM - Reading of the DHM parameters failed" ); + if( use_ret == -(POLARSSL_ERR_DHM_MAKE_PARAMS_FAILED) ) + snprintf( buf, buflen, "DHM - Making of the DHM parameters failed" ); + if( use_ret == -(POLARSSL_ERR_DHM_READ_PUBLIC_FAILED) ) + snprintf( buf, buflen, "DHM - Reading of the public values failed" ); + if( use_ret == -(POLARSSL_ERR_DHM_MAKE_PUBLIC_FAILED) ) + snprintf( buf, buflen, "DHM - Making of the public value failed" ); + if( use_ret == -(POLARSSL_ERR_DHM_CALC_SECRET_FAILED) ) + snprintf( buf, buflen, "DHM - Calculation of the DHM secret failed" ); +#endif /* POLARSSL_DHM_C */ + +#if defined(POLARSSL_MD_C) + if( use_ret == -(POLARSSL_ERR_MD_FEATURE_UNAVAILABLE) ) + snprintf( buf, buflen, "MD - The selected feature is not available" ); + if( use_ret == -(POLARSSL_ERR_MD_BAD_INPUT_DATA) ) + snprintf( buf, buflen, "MD - Bad input parameters to function" ); + if( use_ret == -(POLARSSL_ERR_MD_ALLOC_FAILED) ) + snprintf( buf, buflen, "MD - Failed to allocate memory" ); + if( use_ret == -(POLARSSL_ERR_MD_FILE_IO_ERROR) ) + snprintf( buf, buflen, "MD - Opening or reading of file failed" ); +#endif /* POLARSSL_MD_C */ + +#if defined(POLARSSL_PEM_C) + if( use_ret == -(POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT) ) + snprintf( buf, buflen, "PEM - No PEM header or footer found" ); + if( use_ret == -(POLARSSL_ERR_PEM_INVALID_DATA) ) + snprintf( buf, buflen, "PEM - PEM string is not as expected" ); + if( use_ret == -(POLARSSL_ERR_PEM_MALLOC_FAILED) ) + snprintf( buf, buflen, "PEM - Failed to allocate memory" ); + if( use_ret == -(POLARSSL_ERR_PEM_INVALID_ENC_IV) ) + snprintf( buf, buflen, "PEM - RSA IV is not in hex-format" ); + if( use_ret == -(POLARSSL_ERR_PEM_UNKNOWN_ENC_ALG) ) + snprintf( buf, buflen, "PEM - Unsupported key encryption algorithm" ); + if( use_ret == -(POLARSSL_ERR_PEM_PASSWORD_REQUIRED) ) + snprintf( buf, buflen, "PEM - Private key password can't be empty" ); + if( use_ret == -(POLARSSL_ERR_PEM_PASSWORD_MISMATCH) ) + snprintf( buf, buflen, "PEM - Given private key password does not allow for correct decryption" ); + if( use_ret == -(POLARSSL_ERR_PEM_FEATURE_UNAVAILABLE) ) + snprintf( buf, buflen, "PEM - Unavailable feature, e.g. hashing/encryption combination" ); + if( use_ret == -(POLARSSL_ERR_PEM_BAD_INPUT_DATA) ) + snprintf( buf, buflen, "PEM - Bad input parameters to function" ); +#endif /* POLARSSL_PEM_C */ + +#if defined(POLARSSL_PKCS12_C) + if( use_ret == -(POLARSSL_ERR_PKCS12_BAD_INPUT_DATA) ) + snprintf( buf, buflen, "PKCS12 - Bad input parameters to function" ); + if( use_ret == -(POLARSSL_ERR_PKCS12_FEATURE_UNAVAILABLE) ) + snprintf( buf, buflen, "PKCS12 - Feature not available, e.g. unsupported encryption scheme" ); + if( use_ret == -(POLARSSL_ERR_PKCS12_PBE_INVALID_FORMAT) ) + snprintf( buf, buflen, "PKCS12 - PBE ASN.1 data not as expected" ); + if( use_ret == -(POLARSSL_ERR_PKCS12_PASSWORD_MISMATCH) ) + snprintf( buf, buflen, "PKCS12 - Given private key password does not allow for correct decryption" ); +#endif /* POLARSSL_PKCS12_C */ + +#if defined(POLARSSL_PKCS5_C) + if( use_ret == -(POLARSSL_ERR_PKCS5_BAD_INPUT_DATA) ) + snprintf( buf, buflen, "PKCS5 - Bad input parameters to function" ); + if( use_ret == -(POLARSSL_ERR_PKCS5_INVALID_FORMAT) ) + snprintf( buf, buflen, "PKCS5 - Unexpected ASN.1 data" ); + if( use_ret == -(POLARSSL_ERR_PKCS5_FEATURE_UNAVAILABLE) ) + snprintf( buf, buflen, "PKCS5 - Requested encryption or digest alg not available" ); + if( use_ret == -(POLARSSL_ERR_PKCS5_PASSWORD_MISMATCH) ) + snprintf( buf, buflen, "PKCS5 - Given private key password does not allow for correct decryption" ); +#endif /* POLARSSL_PKCS5_C */ + +#if defined(POLARSSL_RSA_C) + if( use_ret == -(POLARSSL_ERR_RSA_BAD_INPUT_DATA) ) + snprintf( buf, buflen, "RSA - Bad input parameters to function" ); + if( use_ret == -(POLARSSL_ERR_RSA_INVALID_PADDING) ) + snprintf( buf, buflen, "RSA - Input data contains invalid padding and is rejected" ); + if( use_ret == -(POLARSSL_ERR_RSA_KEY_GEN_FAILED) ) + snprintf( buf, buflen, "RSA - Something failed during generation of a key" ); + if( use_ret == -(POLARSSL_ERR_RSA_KEY_CHECK_FAILED) ) + snprintf( buf, buflen, "RSA - Key failed to pass the libraries validity check" ); + if( use_ret == -(POLARSSL_ERR_RSA_PUBLIC_FAILED) ) + snprintf( buf, buflen, "RSA - The public key operation failed" ); + if( use_ret == -(POLARSSL_ERR_RSA_PRIVATE_FAILED) ) + snprintf( buf, buflen, "RSA - The private key operation failed" ); + if( use_ret == -(POLARSSL_ERR_RSA_VERIFY_FAILED) ) + snprintf( buf, buflen, "RSA - The PKCS#1 verification failed" ); + if( use_ret == -(POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE) ) + snprintf( buf, buflen, "RSA - The output buffer for decryption is not large enough" ); + if( use_ret == -(POLARSSL_ERR_RSA_RNG_FAILED) ) + snprintf( buf, buflen, "RSA - The random generator failed to generate non-zeros" ); +#endif /* POLARSSL_RSA_C */ + +#if defined(POLARSSL_SSL_TLS_C) + if( use_ret == -(POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE) ) + snprintf( buf, buflen, "SSL - The requested feature is not available" ); + if( use_ret == -(POLARSSL_ERR_SSL_BAD_INPUT_DATA) ) + snprintf( buf, buflen, "SSL - Bad input parameters to function" ); + if( use_ret == -(POLARSSL_ERR_SSL_INVALID_MAC) ) + snprintf( buf, buflen, "SSL - Verification of the message MAC failed" ); + if( use_ret == -(POLARSSL_ERR_SSL_INVALID_RECORD) ) + snprintf( buf, buflen, "SSL - An invalid SSL record was received" ); + if( use_ret == -(POLARSSL_ERR_SSL_CONN_EOF) ) + snprintf( buf, buflen, "SSL - The connection indicated an EOF" ); + if( use_ret == -(POLARSSL_ERR_SSL_UNKNOWN_CIPHER) ) + snprintf( buf, buflen, "SSL - An unknown cipher was received" ); + if( use_ret == -(POLARSSL_ERR_SSL_NO_CIPHER_CHOSEN) ) + snprintf( buf, buflen, "SSL - The server has no ciphersuites in common with the client" ); + if( use_ret == -(POLARSSL_ERR_SSL_NO_SESSION_FOUND) ) + snprintf( buf, buflen, "SSL - No session to recover was found" ); + if( use_ret == -(POLARSSL_ERR_SSL_NO_CLIENT_CERTIFICATE) ) + snprintf( buf, buflen, "SSL - No client certification received from the client, but required by the authentication mode" ); + if( use_ret == -(POLARSSL_ERR_SSL_CERTIFICATE_TOO_LARGE) ) + snprintf( buf, buflen, "SSL - DESCRIPTION MISSING" ); + if( use_ret == -(POLARSSL_ERR_SSL_CERTIFICATE_REQUIRED) ) + snprintf( buf, buflen, "SSL - The own certificate is not set, but needed by the server" ); + if( use_ret == -(POLARSSL_ERR_SSL_PRIVATE_KEY_REQUIRED) ) + snprintf( buf, buflen, "SSL - The own private key is not set, but needed" ); + if( use_ret == -(POLARSSL_ERR_SSL_CA_CHAIN_REQUIRED) ) + snprintf( buf, buflen, "SSL - No CA Chain is set, but required to operate" ); + if( use_ret == -(POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE) ) + snprintf( buf, buflen, "SSL - An unexpected message was received from our peer" ); + if( use_ret == -(POLARSSL_ERR_SSL_FATAL_ALERT_MESSAGE) ) + { + snprintf( buf, buflen, "SSL - A fatal alert message was received from our peer" ); + return; + } + if( use_ret == -(POLARSSL_ERR_SSL_PEER_VERIFY_FAILED) ) + snprintf( buf, buflen, "SSL - Verification of our peer failed" ); + if( use_ret == -(POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY) ) + snprintf( buf, buflen, "SSL - The peer notified us that the connection is going to be closed" ); + if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO) ) + snprintf( buf, buflen, "SSL - Processing of the ClientHello handshake message failed" ); + if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO) ) + snprintf( buf, buflen, "SSL - Processing of the ServerHello handshake message failed" ); + if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE) ) + snprintf( buf, buflen, "SSL - Processing of the Certificate handshake message failed" ); + if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST) ) + snprintf( buf, buflen, "SSL - Processing of the CertificateRequest handshake message failed" ); + if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE) ) + snprintf( buf, buflen, "SSL - Processing of the ServerKeyExchange handshake message failed" ); + if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO_DONE) ) + snprintf( buf, buflen, "SSL - Processing of the ServerHelloDone handshake message failed" ); + if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE) ) + snprintf( buf, buflen, "SSL - Processing of the ClientKeyExchange handshake message failed" ); + if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_DHM_RP) ) + snprintf( buf, buflen, "SSL - Processing of the ClientKeyExchange handshake message failed in DHM Read Public" ); + if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_DHM_CS) ) + snprintf( buf, buflen, "SSL - Processing of the ClientKeyExchange handshake message failed in DHM Calculate Secret" ); + if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY) ) + snprintf( buf, buflen, "SSL - Processing of the CertificateVerify handshake message failed" ); + if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC) ) + snprintf( buf, buflen, "SSL - Processing of the ChangeCipherSpec handshake message failed" ); + if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_FINISHED) ) + snprintf( buf, buflen, "SSL - Processing of the Finished handshake message failed" ); + if( use_ret == -(POLARSSL_ERR_SSL_MALLOC_FAILED) ) + snprintf( buf, buflen, "SSL - Memory allocation failed" ); + if( use_ret == -(POLARSSL_ERR_SSL_HW_ACCEL_FAILED) ) + snprintf( buf, buflen, "SSL - Hardware acceleration function returned with error" ); + if( use_ret == -(POLARSSL_ERR_SSL_HW_ACCEL_FALLTHROUGH) ) + snprintf( buf, buflen, "SSL - Hardware acceleration function skipped / left alone data" ); + if( use_ret == -(POLARSSL_ERR_SSL_COMPRESSION_FAILED) ) + snprintf( buf, buflen, "SSL - Processing of the compression / decompression failed" ); + if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_PROTOCOL_VERSION) ) + snprintf( buf, buflen, "SSL - Handshake protocol not within min/max boundaries" ); +#endif /* POLARSSL_SSL_TLS_C */ + +#if defined(POLARSSL_X509_PARSE_C) + if( use_ret == -(POLARSSL_ERR_X509_FEATURE_UNAVAILABLE) ) + snprintf( buf, buflen, "X509 - Unavailable feature, e.g. RSA hashing/encryption combination" ); + if( use_ret == -(POLARSSL_ERR_X509_CERT_INVALID_PEM) ) + snprintf( buf, buflen, "X509 - The PEM-encoded certificate contains invalid elements, e.g. invalid character" ); + if( use_ret == -(POLARSSL_ERR_X509_CERT_INVALID_FORMAT) ) + snprintf( buf, buflen, "X509 - The certificate format is invalid, e.g. different type expected" ); + if( use_ret == -(POLARSSL_ERR_X509_CERT_INVALID_VERSION) ) + snprintf( buf, buflen, "X509 - The certificate version element is invalid" ); + if( use_ret == -(POLARSSL_ERR_X509_CERT_INVALID_SERIAL) ) + snprintf( buf, buflen, "X509 - The serial tag or value is invalid" ); + if( use_ret == -(POLARSSL_ERR_X509_CERT_INVALID_ALG) ) + snprintf( buf, buflen, "X509 - The algorithm tag or value is invalid" ); + if( use_ret == -(POLARSSL_ERR_X509_CERT_INVALID_NAME) ) + snprintf( buf, buflen, "X509 - The name tag or value is invalid" ); + if( use_ret == -(POLARSSL_ERR_X509_CERT_INVALID_DATE) ) + snprintf( buf, buflen, "X509 - The date tag or value is invalid" ); + if( use_ret == -(POLARSSL_ERR_X509_CERT_INVALID_PUBKEY) ) + snprintf( buf, buflen, "X509 - The pubkey tag or value is invalid (only RSA is supported)" ); + if( use_ret == -(POLARSSL_ERR_X509_CERT_INVALID_SIGNATURE) ) + snprintf( buf, buflen, "X509 - The signature tag or value invalid" ); + if( use_ret == -(POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS) ) + snprintf( buf, buflen, "X509 - The extension tag or value is invalid" ); + if( use_ret == -(POLARSSL_ERR_X509_CERT_UNKNOWN_VERSION) ) + snprintf( buf, buflen, "X509 - Certificate or CRL has an unsupported version number" ); + if( use_ret == -(POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG) ) + snprintf( buf, buflen, "X509 - Signature algorithm (oid) is unsupported" ); + if( use_ret == -(POLARSSL_ERR_X509_UNKNOWN_PK_ALG) ) + snprintf( buf, buflen, "X509 - Key algorithm is unsupported (only RSA is supported)" ); + if( use_ret == -(POLARSSL_ERR_X509_CERT_SIG_MISMATCH) ) + snprintf( buf, buflen, "X509 - Certificate signature algorithms do not match. (see \\c ::x509_cert sig_oid)" ); + if( use_ret == -(POLARSSL_ERR_X509_CERT_VERIFY_FAILED) ) + snprintf( buf, buflen, "X509 - Certificate verification failed, e.g. CRL, CA or signature check failed" ); + if( use_ret == -(POLARSSL_ERR_X509_KEY_INVALID_VERSION) ) + snprintf( buf, buflen, "X509 - Unsupported RSA key version" ); + if( use_ret == -(POLARSSL_ERR_X509_KEY_INVALID_FORMAT) ) + snprintf( buf, buflen, "X509 - Invalid RSA key tag or value" ); + if( use_ret == -(POLARSSL_ERR_X509_CERT_UNKNOWN_FORMAT) ) + snprintf( buf, buflen, "X509 - Format not recognized as DER or PEM" ); + if( use_ret == -(POLARSSL_ERR_X509_INVALID_INPUT) ) + snprintf( buf, buflen, "X509 - Input invalid" ); + if( use_ret == -(POLARSSL_ERR_X509_MALLOC_FAILED) ) + snprintf( buf, buflen, "X509 - Allocation of memory failed" ); + if( use_ret == -(POLARSSL_ERR_X509_FILE_IO_ERROR) ) + snprintf( buf, buflen, "X509 - Read/write of file failed" ); + if( use_ret == -(POLARSSL_ERR_X509_PASSWORD_REQUIRED) ) + snprintf( buf, buflen, "X509 - Private key password can't be empty" ); + if( use_ret == -(POLARSSL_ERR_X509_PASSWORD_MISMATCH) ) + snprintf( buf, buflen, "X509 - Given private key password does not allow for correct decryption" ); +#endif /* POLARSSL_X509_PARSE_C */ + + if( strlen( buf ) == 0 ) + snprintf( buf, buflen, "UNKNOWN ERROR CODE (%04X)", use_ret ); + } + + use_ret = ret & ~0xFF80; + + if( use_ret == 0 ) + return; + + // If high level code is present, make a concatenation between both + // error strings. + // + len = strlen( buf ); + + if( len > 0 ) + { + if( buflen - len < 5 ) + return; + + snprintf( buf + len, buflen - len, " : " ); + + buf += len + 3; + buflen -= len + 3; + } + + // Low level error codes + // +#if defined(POLARSSL_AES_C) + if( use_ret == -(POLARSSL_ERR_AES_INVALID_KEY_LENGTH) ) + snprintf( buf, buflen, "AES - Invalid key length" ); + if( use_ret == -(POLARSSL_ERR_AES_INVALID_INPUT_LENGTH) ) + snprintf( buf, buflen, "AES - Invalid data input length" ); +#endif /* POLARSSL_AES_C */ + +#if defined(POLARSSL_ASN1_PARSE_C) + if( use_ret == -(POLARSSL_ERR_ASN1_OUT_OF_DATA) ) + snprintf( buf, buflen, "ASN1 - Out of data when parsing an ASN1 data structure" ); + if( use_ret == -(POLARSSL_ERR_ASN1_UNEXPECTED_TAG) ) + snprintf( buf, buflen, "ASN1 - ASN1 tag was of an unexpected value" ); + if( use_ret == -(POLARSSL_ERR_ASN1_INVALID_LENGTH) ) + snprintf( buf, buflen, "ASN1 - Error when trying to determine the length or invalid length" ); + if( use_ret == -(POLARSSL_ERR_ASN1_LENGTH_MISMATCH) ) + snprintf( buf, buflen, "ASN1 - Actual length differs from expected length" ); + if( use_ret == -(POLARSSL_ERR_ASN1_INVALID_DATA) ) + snprintf( buf, buflen, "ASN1 - Data is invalid. (not used)" ); + if( use_ret == -(POLARSSL_ERR_ASN1_MALLOC_FAILED) ) + snprintf( buf, buflen, "ASN1 - Memory allocation failed" ); + if( use_ret == -(POLARSSL_ERR_ASN1_BUF_TOO_SMALL) ) + snprintf( buf, buflen, "ASN1 - Buffer too small when writing ASN.1 data structure" ); +#endif /* POLARSSL_ASN1_PARSE_C */ + +#if defined(POLARSSL_BASE64_C) + if( use_ret == -(POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL) ) + snprintf( buf, buflen, "BASE64 - Output buffer too small" ); + if( use_ret == -(POLARSSL_ERR_BASE64_INVALID_CHARACTER) ) + snprintf( buf, buflen, "BASE64 - Invalid character in input" ); +#endif /* POLARSSL_BASE64_C */ + +#if defined(POLARSSL_BIGNUM_C) + if( use_ret == -(POLARSSL_ERR_MPI_FILE_IO_ERROR) ) + snprintf( buf, buflen, "BIGNUM - An error occurred while reading from or writing to a file" ); + if( use_ret == -(POLARSSL_ERR_MPI_BAD_INPUT_DATA) ) + snprintf( buf, buflen, "BIGNUM - Bad input parameters to function" ); + if( use_ret == -(POLARSSL_ERR_MPI_INVALID_CHARACTER) ) + snprintf( buf, buflen, "BIGNUM - There is an invalid character in the digit string" ); + if( use_ret == -(POLARSSL_ERR_MPI_BUFFER_TOO_SMALL) ) + snprintf( buf, buflen, "BIGNUM - The buffer is too small to write to" ); + if( use_ret == -(POLARSSL_ERR_MPI_NEGATIVE_VALUE) ) + snprintf( buf, buflen, "BIGNUM - The input arguments are negative or result in illegal output" ); + if( use_ret == -(POLARSSL_ERR_MPI_DIVISION_BY_ZERO) ) + snprintf( buf, buflen, "BIGNUM - The input argument for division is zero, which is not allowed" ); + if( use_ret == -(POLARSSL_ERR_MPI_NOT_ACCEPTABLE) ) + snprintf( buf, buflen, "BIGNUM - The input arguments are not acceptable" ); + if( use_ret == -(POLARSSL_ERR_MPI_MALLOC_FAILED) ) + snprintf( buf, buflen, "BIGNUM - Memory allocation failed" ); +#endif /* POLARSSL_BIGNUM_C */ + +#if defined(POLARSSL_BLOWFISH_C) + if( use_ret == -(POLARSSL_ERR_BLOWFISH_INVALID_KEY_LENGTH) ) + snprintf( buf, buflen, "BLOWFISH - Invalid key length" ); + if( use_ret == -(POLARSSL_ERR_BLOWFISH_INVALID_INPUT_LENGTH) ) + snprintf( buf, buflen, "BLOWFISH - Invalid data input length" ); +#endif /* POLARSSL_BLOWFISH_C */ + +#if defined(POLARSSL_CAMELLIA_C) + if( use_ret == -(POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH) ) + snprintf( buf, buflen, "CAMELLIA - Invalid key length" ); + if( use_ret == -(POLARSSL_ERR_CAMELLIA_INVALID_INPUT_LENGTH) ) + snprintf( buf, buflen, "CAMELLIA - Invalid data input length" ); +#endif /* POLARSSL_CAMELLIA_C */ + +#if defined(POLARSSL_CTR_DRBG_C) + if( use_ret == -(POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED) ) + snprintf( buf, buflen, "CTR_DRBG - The entropy source failed" ); + if( use_ret == -(POLARSSL_ERR_CTR_DRBG_REQUEST_TOO_BIG) ) + snprintf( buf, buflen, "CTR_DRBG - Too many random requested in single call" ); + if( use_ret == -(POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG) ) + snprintf( buf, buflen, "CTR_DRBG - Input too large (Entropy + additional)" ); + if( use_ret == -(POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR) ) + snprintf( buf, buflen, "CTR_DRBG - Read/write error in file" ); +#endif /* POLARSSL_CTR_DRBG_C */ + +#if defined(POLARSSL_DES_C) + if( use_ret == -(POLARSSL_ERR_DES_INVALID_INPUT_LENGTH) ) + snprintf( buf, buflen, "DES - The data input has an invalid length" ); +#endif /* POLARSSL_DES_C */ + +#if defined(POLARSSL_ENTROPY_C) + if( use_ret == -(POLARSSL_ERR_ENTROPY_SOURCE_FAILED) ) + snprintf( buf, buflen, "ENTROPY - Critical entropy source failure" ); + if( use_ret == -(POLARSSL_ERR_ENTROPY_MAX_SOURCES) ) + snprintf( buf, buflen, "ENTROPY - No more sources can be added" ); + if( use_ret == -(POLARSSL_ERR_ENTROPY_NO_SOURCES_DEFINED) ) + snprintf( buf, buflen, "ENTROPY - No sources have been added to poll" ); +#endif /* POLARSSL_ENTROPY_C */ + +#if defined(POLARSSL_GCM_C) + if( use_ret == -(POLARSSL_ERR_GCM_AUTH_FAILED) ) + snprintf( buf, buflen, "GCM - Authenticated decryption failed" ); + if( use_ret == -(POLARSSL_ERR_GCM_BAD_INPUT) ) + snprintf( buf, buflen, "GCM - Bad input parameters to function" ); +#endif /* POLARSSL_GCM_C */ + +#if defined(POLARSSL_MD2_C) + if( use_ret == -(POLARSSL_ERR_MD2_FILE_IO_ERROR) ) + snprintf( buf, buflen, "MD2 - Read/write error in file" ); +#endif /* POLARSSL_MD2_C */ + +#if defined(POLARSSL_MD4_C) + if( use_ret == -(POLARSSL_ERR_MD4_FILE_IO_ERROR) ) + snprintf( buf, buflen, "MD4 - Read/write error in file" ); +#endif /* POLARSSL_MD4_C */ + +#if defined(POLARSSL_MD5_C) + if( use_ret == -(POLARSSL_ERR_MD5_FILE_IO_ERROR) ) + snprintf( buf, buflen, "MD5 - Read/write error in file" ); +#endif /* POLARSSL_MD5_C */ + +#if defined(POLARSSL_NET_C) + if( use_ret == -(POLARSSL_ERR_NET_UNKNOWN_HOST) ) + snprintf( buf, buflen, "NET - Failed to get an IP address for the given hostname" ); + if( use_ret == -(POLARSSL_ERR_NET_SOCKET_FAILED) ) + snprintf( buf, buflen, "NET - Failed to open a socket" ); + if( use_ret == -(POLARSSL_ERR_NET_CONNECT_FAILED) ) + snprintf( buf, buflen, "NET - The connection to the given server / port failed" ); + if( use_ret == -(POLARSSL_ERR_NET_BIND_FAILED) ) + snprintf( buf, buflen, "NET - Binding of the socket failed" ); + if( use_ret == -(POLARSSL_ERR_NET_LISTEN_FAILED) ) + snprintf( buf, buflen, "NET - Could not listen on the socket" ); + if( use_ret == -(POLARSSL_ERR_NET_ACCEPT_FAILED) ) + snprintf( buf, buflen, "NET - Could not accept the incoming connection" ); + if( use_ret == -(POLARSSL_ERR_NET_RECV_FAILED) ) + snprintf( buf, buflen, "NET - Reading information from the socket failed" ); + if( use_ret == -(POLARSSL_ERR_NET_SEND_FAILED) ) + snprintf( buf, buflen, "NET - Sending information through the socket failed" ); + if( use_ret == -(POLARSSL_ERR_NET_CONN_RESET) ) + snprintf( buf, buflen, "NET - Connection was reset by peer" ); + if( use_ret == -(POLARSSL_ERR_NET_WANT_READ) ) + snprintf( buf, buflen, "NET - Connection requires a read call" ); + if( use_ret == -(POLARSSL_ERR_NET_WANT_WRITE) ) + snprintf( buf, buflen, "NET - Connection requires a write call" ); +#endif /* POLARSSL_NET_C */ + +#if defined(POLARSSL_PADLOCK_C) + if( use_ret == -(POLARSSL_ERR_PADLOCK_DATA_MISALIGNED) ) + snprintf( buf, buflen, "PADLOCK - Input data should be aligned" ); +#endif /* POLARSSL_PADLOCK_C */ + +#if defined(POLARSSL_PBKDF2_C) + if( use_ret == -(POLARSSL_ERR_PBKDF2_BAD_INPUT_DATA) ) + snprintf( buf, buflen, "PBKDF2 - Bad input parameters to function" ); +#endif /* POLARSSL_PBKDF2_C */ + +#if defined(POLARSSL_SHA1_C) + if( use_ret == -(POLARSSL_ERR_SHA1_FILE_IO_ERROR) ) + snprintf( buf, buflen, "SHA1 - Read/write error in file" ); +#endif /* POLARSSL_SHA1_C */ + +#if defined(POLARSSL_SHA2_C) + if( use_ret == -(POLARSSL_ERR_SHA2_FILE_IO_ERROR) ) + snprintf( buf, buflen, "SHA2 - Read/write error in file" ); +#endif /* POLARSSL_SHA2_C */ + +#if defined(POLARSSL_SHA4_C) + if( use_ret == -(POLARSSL_ERR_SHA4_FILE_IO_ERROR) ) + snprintf( buf, buflen, "SHA4 - Read/write error in file" ); +#endif /* POLARSSL_SHA4_C */ + +#if defined(POLARSSL_XTEA_C) + if( use_ret == -(POLARSSL_ERR_XTEA_INVALID_INPUT_LENGTH) ) + snprintf( buf, buflen, "XTEA - The data input has an invalid length" ); +#endif /* POLARSSL_XTEA_C */ + + if( strlen( buf ) != 0 ) + return; + + snprintf( buf, buflen, "UNKNOWN ERROR CODE (%04X)", use_ret ); +} + +#else /* POLARSSL_ERROR_C */ + +#if defined(POLARSSL_ERROR_STRERROR_DUMMY) + +#include + +/* + * Provide an non-function in case POLARSSL_ERROR_C is not defined + */ +void error_strerror( int ret, char *buf, size_t buflen ) +{ + ((void) ret); + + if( buflen > 0 ) + buf[0] = '\0'; +} + +#endif /* POLARSSL_ERROR_STRERROR_DUMMY */ +#endif /* POLARSSL_ERROR_C */ diff --git a/polarssl/error.h b/polarssl/error.h new file mode 100644 index 0000000..94c73a8 --- /dev/null +++ b/polarssl/error.h @@ -0,0 +1,108 @@ +/** + * \file error.h + * + * \brief Error to string translation + * + * Copyright (C) 2006-2010, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef POLARSSL_ERROR_H +#define POLARSSL_ERROR_H + +#include + +/** + * Error code layout. + * + * Currently we try to keep all error codes within the negative space of 16 + * bytes signed integers to support all platforms (-0x0000 - -0x8000). In + * addition we'd like to give two layers of information on the error if + * possible. + * + * For that purpose the error codes are segmented in the following manner: + * + * 16 bit error code bit-segmentation + * + * 1 bit - Intentionally not used + * 3 bits - High level module ID + * 5 bits - Module-dependent error code + * 6 bits - Low level module errors + * 1 bit - Intentionally not used + * + * Low-level module errors (0x007E-0x0002) + * + * Module Nr Codes assigned + * MPI 7 0x0002-0x0010 + * GCM 2 0x0012-0x0014 + * BLOWFISH 2 0x0016-0x0018 + * AES 2 0x0020-0x0022 + * CAMELLIA 2 0x0024-0x0026 + * XTEA 1 0x0028-0x0028 + * BASE64 2 0x002A-0x002C + * PADLOCK 1 0x0030-0x0030 + * DES 1 0x0032-0x0032 + * CTR_DBRG 3 0x0034-0x003A + * ENTROPY 3 0x003C-0x0040 + * NET 11 0x0042-0x0056 + * ASN1 7 0x0060-0x006C + * MD2 1 0x0070-0x0070 + * MD4 1 0x0072-0x0072 + * MD5 1 0x0074-0x0074 + * SHA1 1 0x0076-0x0076 + * SHA2 1 0x0078-0x0078 + * SHA4 1 0x007A-0x007A + * + * High-level module nr (3 bits - 0x1...-0x8...) + * Name ID Nr of Errors + * PEM 1 9 + * PKCS#12 1 4 (Started from top) + * X509 2 23 + * DHM 3 6 + * PKCS5 3 4 (Started from top) + * RSA 4 9 + * MD 5 4 + * CIPHER 6 5 + * SSL 6 2 (Started from top) + * SSL 7 31 + * + * Module dependent error code (5 bits 0x.08.-0x.F8.) + */ + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief Translate a PolarSSL error code into a string representation, + * Result is truncated if necessary and always includes a terminating + * null byte. + * + * \param errnum error code + * \param buffer buffer to place representation in + * \param buflen length of the buffer + */ +void error_strerror( int errnum, char *buffer, size_t buflen ); + +#ifdef __cplusplus +} +#endif + +#endif /* error.h */ diff --git a/polarssl/gcm.c b/polarssl/gcm.c new file mode 100644 index 0000000..60dc0cd --- /dev/null +++ b/polarssl/gcm.c @@ -0,0 +1,621 @@ +/* + * NIST SP800-38D compliant GCM implementation + * + * Copyright (C) 2006-2012, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +/* + * http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf + */ +#include "polarssl/config.h" + +#if defined(POLARSSL_GCM_C) + +#include "polarssl/gcm.h" + +/* + * 32-bit integer manipulation macros (big endian) + */ +#ifndef GET_UINT32_BE +#define GET_UINT32_BE(n,b,i) \ +{ \ + (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ + | ( (uint32_t) (b)[(i) + 1] << 16 ) \ + | ( (uint32_t) (b)[(i) + 2] << 8 ) \ + | ( (uint32_t) (b)[(i) + 3] ); \ +} +#endif + +#ifndef PUT_UINT32_BE +#define PUT_UINT32_BE(n,b,i) \ +{ \ + (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ + (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ + (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ + (b)[(i) + 3] = (unsigned char) ( (n) ); \ +} +#endif + +static void gcm_gen_table( gcm_context *ctx ) +{ + int i, j; + uint64_t hi, lo; + uint64_t vl, vh; + unsigned char h[16]; + + memset( h, 0, 16 ); + aes_crypt_ecb( &ctx->aes_ctx, AES_ENCRYPT, h, h ); + + ctx->HH[0] = 0; + ctx->HL[0] = 0; + + GET_UINT32_BE( hi, h, 0 ); + GET_UINT32_BE( lo, h, 4 ); + vh = (uint64_t) hi << 32 | lo; + + GET_UINT32_BE( hi, h, 8 ); + GET_UINT32_BE( lo, h, 12 ); + vl = (uint64_t) hi << 32 | lo; + + ctx->HL[8] = vl; + ctx->HH[8] = vh; + + for( i = 4; i > 0; i >>= 1 ) + { + uint32_t T = ( vl & 1 ) * 0xe1000000U; + vl = ( vh << 63 ) | ( vl >> 1 ); + vh = ( vh >> 1 ) ^ ( (uint64_t) T << 32); + + ctx->HL[i] = vl; + ctx->HH[i] = vh; + } + + for (i = 2; i < 16; i <<= 1 ) + { + uint64_t *HiL = ctx->HL + i, *HiH = ctx->HH + i; + vh = *HiH; + vl = *HiL; + for( j = 1; j < i; j++ ) + { + HiH[j] = vh ^ ctx->HH[j]; + HiL[j] = vl ^ ctx->HL[j]; + } + } + +} + +int gcm_init( gcm_context *ctx, const unsigned char *key, unsigned int keysize ) +{ + int ret; + + memset( ctx, 0, sizeof(gcm_context) ); + + if( ( ret = aes_setkey_enc( &ctx->aes_ctx, key, keysize ) ) != 0 ) + return( ret ); + + gcm_gen_table( ctx ); + + return( 0 ); +} + +static const uint64_t last4[16] = +{ + 0x0000, 0x1c20, 0x3840, 0x2460, + 0x7080, 0x6ca0, 0x48c0, 0x54e0, + 0xe100, 0xfd20, 0xd940, 0xc560, + 0x9180, 0x8da0, 0xa9c0, 0xb5e0 +}; + +void gcm_mult( gcm_context *ctx, const unsigned char x[16], unsigned char output[16] ) +{ + int i = 0; + unsigned char z[16]; + unsigned char lo, hi, rem; + uint64_t zh, zl; + + memset( z, 0x00, 16 ); + + lo = x[15] & 0xf; + hi = x[15] >> 4; + + zh = ctx->HH[lo]; + zl = ctx->HL[lo]; + + for( i = 15; i >= 0; i-- ) + { + lo = x[i] & 0xf; + hi = x[i] >> 4; + + if( i != 15 ) + { + rem = (unsigned char) zl & 0xf; + zl = ( zh << 60 ) | ( zl >> 4 ); + zh = ( zh >> 4 ); + zh ^= (uint64_t) last4[rem] << 48; + zh ^= ctx->HH[lo]; + zl ^= ctx->HL[lo]; + + } + + rem = (unsigned char) zl & 0xf; + zl = ( zh << 60 ) | ( zl >> 4 ); + zh = ( zh >> 4 ); + zh ^= (uint64_t) last4[rem] << 48; + zh ^= ctx->HH[hi]; + zl ^= ctx->HL[hi]; + } + + PUT_UINT32_BE( zh >> 32, output, 0 ); + PUT_UINT32_BE( zh, output, 4 ); + PUT_UINT32_BE( zl >> 32, output, 8 ); + PUT_UINT32_BE( zl, output, 12 ); +} + +int gcm_crypt_and_tag( gcm_context *ctx, + int mode, + size_t length, + const unsigned char *iv, + size_t iv_len, + const unsigned char *add, + size_t add_len, + const unsigned char *input, + unsigned char *output, + size_t tag_len, + unsigned char *tag ) +{ + unsigned char y[16]; + unsigned char ectr[16]; + unsigned char buf[16]; + unsigned char work_buf[16]; + size_t i; + const unsigned char *p; + unsigned char *out_p = output; + size_t use_len; + uint64_t orig_len = length * 8; + uint64_t orig_add_len = add_len * 8; + + memset( y, 0x00, 16 ); + memset( work_buf, 0x00, 16 ); + memset( tag, 0x00, tag_len ); + memset( buf, 0x00, 16 ); + + if( ( mode == GCM_DECRYPT && output <= input && ( input - output ) < 8 ) || + ( output > input && (size_t) ( output - input ) < length ) ) + { + return( POLARSSL_ERR_GCM_BAD_INPUT ); + } + + if( iv_len == 12 ) + { + memcpy( y, iv, iv_len ); + y[15] = 1; + } + else + { + memset( work_buf, 0x00, 16 ); + PUT_UINT32_BE( iv_len * 8, work_buf, 12 ); + + p = iv; + while( iv_len > 0 ) + { + use_len = ( iv_len < 16 ) ? iv_len : 16; + + for( i = 0; i < use_len; i++ ) + y[i] ^= p[i]; + + gcm_mult( ctx, y, y ); + + iv_len -= use_len; + p += use_len; + } + + for( i = 0; i < 16; i++ ) + y[i] ^= work_buf[i]; + + gcm_mult( ctx, y, y ); + } + + aes_crypt_ecb( &ctx->aes_ctx, AES_ENCRYPT, y, ectr ); + memcpy( tag, ectr, tag_len ); + + p = add; + while( add_len > 0 ) + { + use_len = ( add_len < 16 ) ? add_len : 16; + + for( i = 0; i < use_len; i++ ) + buf[i] ^= p[i]; + + gcm_mult( ctx, buf, buf ); + + add_len -= use_len; + p += use_len; + } + + p = input; + while( length > 0 ) + { + use_len = ( length < 16 ) ? length : 16; + + for( i = 16; i > 12; i-- ) + if( ++y[i - 1] != 0 ) + break; + + aes_crypt_ecb( &ctx->aes_ctx, AES_ENCRYPT, y, ectr ); + + for( i = 0; i < use_len; i++ ) + { + out_p[i] = ectr[i] ^ p[i]; + if( mode == GCM_ENCRYPT ) + buf[i] ^= out_p[i]; + else + buf[i] ^= p[i]; + } + + gcm_mult( ctx, buf, buf ); + + length -= use_len; + p += use_len; + out_p += use_len; + } + + if( orig_len || orig_add_len ) + { + memset( work_buf, 0x00, 16 ); + + PUT_UINT32_BE( ( orig_add_len >> 32 ), work_buf, 0 ); + PUT_UINT32_BE( ( orig_add_len ), work_buf, 4 ); + PUT_UINT32_BE( ( orig_len >> 32 ), work_buf, 8 ); + PUT_UINT32_BE( ( orig_len ), work_buf, 12 ); + + for( i = 0; i < 16; i++ ) + buf[i] ^= work_buf[i]; + + gcm_mult( ctx, buf, buf ); + + for( i = 0; i < tag_len; i++ ) + tag[i] ^= buf[i]; + } + + return( 0 ); +} + +int gcm_auth_decrypt( gcm_context *ctx, + size_t length, + const unsigned char *iv, + size_t iv_len, + const unsigned char *add, + size_t add_len, + const unsigned char *tag, + size_t tag_len, + const unsigned char *input, + unsigned char *output ) +{ + unsigned char check_tag[16]; + + gcm_crypt_and_tag( ctx, GCM_DECRYPT, length, iv, iv_len, add, add_len, input, output, tag_len, check_tag ); + + if( memcmp( check_tag, tag, tag_len ) == 0 ) + return( 0 ); + + memset( output, 0, length ); + + return( POLARSSL_ERR_GCM_AUTH_FAILED ); +} + +#if defined(POLARSSL_SELF_TEST) + +#include + +/* + * GCM test vectors from: + * + * http://csrc.nist.gov/groups/STM/cavp/documents/mac/gcmtestvectors.zip + */ +#define MAX_TESTS 6 + +int key_index[MAX_TESTS] = + { 0, 0, 1, 1, 1, 1 }; + +unsigned char key[MAX_TESTS][32] = +{ + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + { 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, + 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08, + 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, + 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08 }, +}; + +size_t iv_len[MAX_TESTS] = + { 12, 12, 12, 12, 8, 60 }; + +int iv_index[MAX_TESTS] = + { 0, 0, 1, 1, 1, 2 }; + +unsigned char iv[MAX_TESTS][64] = +{ + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00 }, + { 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad, + 0xde, 0xca, 0xf8, 0x88 }, + { 0x93, 0x13, 0x22, 0x5d, 0xf8, 0x84, 0x06, 0xe5, + 0x55, 0x90, 0x9c, 0x5a, 0xff, 0x52, 0x69, 0xaa, + 0x6a, 0x7a, 0x95, 0x38, 0x53, 0x4f, 0x7d, 0xa1, + 0xe4, 0xc3, 0x03, 0xd2, 0xa3, 0x18, 0xa7, 0x28, + 0xc3, 0xc0, 0xc9, 0x51, 0x56, 0x80, 0x95, 0x39, + 0xfc, 0xf0, 0xe2, 0x42, 0x9a, 0x6b, 0x52, 0x54, + 0x16, 0xae, 0xdb, 0xf5, 0xa0, 0xde, 0x6a, 0x57, + 0xa6, 0x37, 0xb3, 0x9b }, +}; + +size_t add_len[MAX_TESTS] = + { 0, 0, 0, 20, 20, 20 }; + +int add_index[MAX_TESTS] = + { 0, 0, 0, 1, 1, 1 }; + +unsigned char additional[MAX_TESTS][64] = +{ + { 0x00 }, + { 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, + 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, + 0xab, 0xad, 0xda, 0xd2 }, +}; + +size_t pt_len[MAX_TESTS] = + { 0, 16, 64, 60, 60, 60 }; + +int pt_index[MAX_TESTS] = + { 0, 0, 1, 1, 1, 1 }; + +unsigned char pt[MAX_TESTS][64] = +{ + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + { 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, + 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a, + 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda, + 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, + 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53, + 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25, + 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, + 0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55 }, +}; + +unsigned char ct[MAX_TESTS * 3][64] = +{ + { 0x00 }, + { 0x03, 0x88, 0xda, 0xce, 0x60, 0xb6, 0xa3, 0x92, + 0xf3, 0x28, 0xc2, 0xb9, 0x71, 0xb2, 0xfe, 0x78 }, + { 0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24, + 0x4b, 0x72, 0x21, 0xb7, 0x84, 0xd0, 0xd4, 0x9c, + 0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, 0xa4, 0xe0, + 0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e, + 0x21, 0xd5, 0x14, 0xb2, 0x54, 0x66, 0x93, 0x1c, + 0x7d, 0x8f, 0x6a, 0x5a, 0xac, 0x84, 0xaa, 0x05, + 0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, 0x97, + 0x3d, 0x58, 0xe0, 0x91, 0x47, 0x3f, 0x59, 0x85 }, + { 0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24, + 0x4b, 0x72, 0x21, 0xb7, 0x84, 0xd0, 0xd4, 0x9c, + 0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, 0xa4, 0xe0, + 0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e, + 0x21, 0xd5, 0x14, 0xb2, 0x54, 0x66, 0x93, 0x1c, + 0x7d, 0x8f, 0x6a, 0x5a, 0xac, 0x84, 0xaa, 0x05, + 0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, 0x97, + 0x3d, 0x58, 0xe0, 0x91 }, + { 0x61, 0x35, 0x3b, 0x4c, 0x28, 0x06, 0x93, 0x4a, + 0x77, 0x7f, 0xf5, 0x1f, 0xa2, 0x2a, 0x47, 0x55, + 0x69, 0x9b, 0x2a, 0x71, 0x4f, 0xcd, 0xc6, 0xf8, + 0x37, 0x66, 0xe5, 0xf9, 0x7b, 0x6c, 0x74, 0x23, + 0x73, 0x80, 0x69, 0x00, 0xe4, 0x9f, 0x24, 0xb2, + 0x2b, 0x09, 0x75, 0x44, 0xd4, 0x89, 0x6b, 0x42, + 0x49, 0x89, 0xb5, 0xe1, 0xeb, 0xac, 0x0f, 0x07, + 0xc2, 0x3f, 0x45, 0x98 }, + { 0x8c, 0xe2, 0x49, 0x98, 0x62, 0x56, 0x15, 0xb6, + 0x03, 0xa0, 0x33, 0xac, 0xa1, 0x3f, 0xb8, 0x94, + 0xbe, 0x91, 0x12, 0xa5, 0xc3, 0xa2, 0x11, 0xa8, + 0xba, 0x26, 0x2a, 0x3c, 0xca, 0x7e, 0x2c, 0xa7, + 0x01, 0xe4, 0xa9, 0xa4, 0xfb, 0xa4, 0x3c, 0x90, + 0xcc, 0xdc, 0xb2, 0x81, 0xd4, 0x8c, 0x7c, 0x6f, + 0xd6, 0x28, 0x75, 0xd2, 0xac, 0xa4, 0x17, 0x03, + 0x4c, 0x34, 0xae, 0xe5 }, + { 0x00 }, + { 0x98, 0xe7, 0x24, 0x7c, 0x07, 0xf0, 0xfe, 0x41, + 0x1c, 0x26, 0x7e, 0x43, 0x84, 0xb0, 0xf6, 0x00 }, + { 0x39, 0x80, 0xca, 0x0b, 0x3c, 0x00, 0xe8, 0x41, + 0xeb, 0x06, 0xfa, 0xc4, 0x87, 0x2a, 0x27, 0x57, + 0x85, 0x9e, 0x1c, 0xea, 0xa6, 0xef, 0xd9, 0x84, + 0x62, 0x85, 0x93, 0xb4, 0x0c, 0xa1, 0xe1, 0x9c, + 0x7d, 0x77, 0x3d, 0x00, 0xc1, 0x44, 0xc5, 0x25, + 0xac, 0x61, 0x9d, 0x18, 0xc8, 0x4a, 0x3f, 0x47, + 0x18, 0xe2, 0x44, 0x8b, 0x2f, 0xe3, 0x24, 0xd9, + 0xcc, 0xda, 0x27, 0x10, 0xac, 0xad, 0xe2, 0x56 }, + { 0x39, 0x80, 0xca, 0x0b, 0x3c, 0x00, 0xe8, 0x41, + 0xeb, 0x06, 0xfa, 0xc4, 0x87, 0x2a, 0x27, 0x57, + 0x85, 0x9e, 0x1c, 0xea, 0xa6, 0xef, 0xd9, 0x84, + 0x62, 0x85, 0x93, 0xb4, 0x0c, 0xa1, 0xe1, 0x9c, + 0x7d, 0x77, 0x3d, 0x00, 0xc1, 0x44, 0xc5, 0x25, + 0xac, 0x61, 0x9d, 0x18, 0xc8, 0x4a, 0x3f, 0x47, + 0x18, 0xe2, 0x44, 0x8b, 0x2f, 0xe3, 0x24, 0xd9, + 0xcc, 0xda, 0x27, 0x10 }, + { 0x0f, 0x10, 0xf5, 0x99, 0xae, 0x14, 0xa1, 0x54, + 0xed, 0x24, 0xb3, 0x6e, 0x25, 0x32, 0x4d, 0xb8, + 0xc5, 0x66, 0x63, 0x2e, 0xf2, 0xbb, 0xb3, 0x4f, + 0x83, 0x47, 0x28, 0x0f, 0xc4, 0x50, 0x70, 0x57, + 0xfd, 0xdc, 0x29, 0xdf, 0x9a, 0x47, 0x1f, 0x75, + 0xc6, 0x65, 0x41, 0xd4, 0xd4, 0xda, 0xd1, 0xc9, + 0xe9, 0x3a, 0x19, 0xa5, 0x8e, 0x8b, 0x47, 0x3f, + 0xa0, 0xf0, 0x62, 0xf7 }, + { 0xd2, 0x7e, 0x88, 0x68, 0x1c, 0xe3, 0x24, 0x3c, + 0x48, 0x30, 0x16, 0x5a, 0x8f, 0xdc, 0xf9, 0xff, + 0x1d, 0xe9, 0xa1, 0xd8, 0xe6, 0xb4, 0x47, 0xef, + 0x6e, 0xf7, 0xb7, 0x98, 0x28, 0x66, 0x6e, 0x45, + 0x81, 0xe7, 0x90, 0x12, 0xaf, 0x34, 0xdd, 0xd9, + 0xe2, 0xf0, 0x37, 0x58, 0x9b, 0x29, 0x2d, 0xb3, + 0xe6, 0x7c, 0x03, 0x67, 0x45, 0xfa, 0x22, 0xe7, + 0xe9, 0xb7, 0x37, 0x3b }, + { 0x00 }, + { 0xce, 0xa7, 0x40, 0x3d, 0x4d, 0x60, 0x6b, 0x6e, + 0x07, 0x4e, 0xc5, 0xd3, 0xba, 0xf3, 0x9d, 0x18 }, + { 0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07, + 0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d, + 0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9, + 0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa, + 0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d, + 0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38, + 0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a, + 0xbc, 0xc9, 0xf6, 0x62, 0x89, 0x80, 0x15, 0xad }, + { 0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07, + 0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d, + 0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9, + 0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa, + 0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d, + 0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38, + 0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a, + 0xbc, 0xc9, 0xf6, 0x62 }, + { 0xc3, 0x76, 0x2d, 0xf1, 0xca, 0x78, 0x7d, 0x32, + 0xae, 0x47, 0xc1, 0x3b, 0xf1, 0x98, 0x44, 0xcb, + 0xaf, 0x1a, 0xe1, 0x4d, 0x0b, 0x97, 0x6a, 0xfa, + 0xc5, 0x2f, 0xf7, 0xd7, 0x9b, 0xba, 0x9d, 0xe0, + 0xfe, 0xb5, 0x82, 0xd3, 0x39, 0x34, 0xa4, 0xf0, + 0x95, 0x4c, 0xc2, 0x36, 0x3b, 0xc7, 0x3f, 0x78, + 0x62, 0xac, 0x43, 0x0e, 0x64, 0xab, 0xe4, 0x99, + 0xf4, 0x7c, 0x9b, 0x1f }, + { 0x5a, 0x8d, 0xef, 0x2f, 0x0c, 0x9e, 0x53, 0xf1, + 0xf7, 0x5d, 0x78, 0x53, 0x65, 0x9e, 0x2a, 0x20, + 0xee, 0xb2, 0xb2, 0x2a, 0xaf, 0xde, 0x64, 0x19, + 0xa0, 0x58, 0xab, 0x4f, 0x6f, 0x74, 0x6b, 0xf4, + 0x0f, 0xc0, 0xc3, 0xb7, 0x80, 0xf2, 0x44, 0x45, + 0x2d, 0xa3, 0xeb, 0xf1, 0xc5, 0xd8, 0x2c, 0xde, + 0xa2, 0x41, 0x89, 0x97, 0x20, 0x0e, 0xf8, 0x2e, + 0x44, 0xae, 0x7e, 0x3f }, +}; + +unsigned char tag[MAX_TESTS * 3][16] = +{ + { 0x58, 0xe2, 0xfc, 0xce, 0xfa, 0x7e, 0x30, 0x61, + 0x36, 0x7f, 0x1d, 0x57, 0xa4, 0xe7, 0x45, 0x5a }, + { 0xab, 0x6e, 0x47, 0xd4, 0x2c, 0xec, 0x13, 0xbd, + 0xf5, 0x3a, 0x67, 0xb2, 0x12, 0x57, 0xbd, 0xdf }, + { 0x4d, 0x5c, 0x2a, 0xf3, 0x27, 0xcd, 0x64, 0xa6, + 0x2c, 0xf3, 0x5a, 0xbd, 0x2b, 0xa6, 0xfa, 0xb4 }, + { 0x5b, 0xc9, 0x4f, 0xbc, 0x32, 0x21, 0xa5, 0xdb, + 0x94, 0xfa, 0xe9, 0x5a, 0xe7, 0x12, 0x1a, 0x47 }, + { 0x36, 0x12, 0xd2, 0xe7, 0x9e, 0x3b, 0x07, 0x85, + 0x56, 0x1b, 0xe1, 0x4a, 0xac, 0xa2, 0xfc, 0xcb }, + { 0x61, 0x9c, 0xc5, 0xae, 0xff, 0xfe, 0x0b, 0xfa, + 0x46, 0x2a, 0xf4, 0x3c, 0x16, 0x99, 0xd0, 0x50 }, + { 0xcd, 0x33, 0xb2, 0x8a, 0xc7, 0x73, 0xf7, 0x4b, + 0xa0, 0x0e, 0xd1, 0xf3, 0x12, 0x57, 0x24, 0x35 }, + { 0x2f, 0xf5, 0x8d, 0x80, 0x03, 0x39, 0x27, 0xab, + 0x8e, 0xf4, 0xd4, 0x58, 0x75, 0x14, 0xf0, 0xfb }, + { 0x99, 0x24, 0xa7, 0xc8, 0x58, 0x73, 0x36, 0xbf, + 0xb1, 0x18, 0x02, 0x4d, 0xb8, 0x67, 0x4a, 0x14 }, + { 0x25, 0x19, 0x49, 0x8e, 0x80, 0xf1, 0x47, 0x8f, + 0x37, 0xba, 0x55, 0xbd, 0x6d, 0x27, 0x61, 0x8c }, + { 0x65, 0xdc, 0xc5, 0x7f, 0xcf, 0x62, 0x3a, 0x24, + 0x09, 0x4f, 0xcc, 0xa4, 0x0d, 0x35, 0x33, 0xf8 }, + { 0xdc, 0xf5, 0x66, 0xff, 0x29, 0x1c, 0x25, 0xbb, + 0xb8, 0x56, 0x8f, 0xc3, 0xd3, 0x76, 0xa6, 0xd9 }, + { 0x53, 0x0f, 0x8a, 0xfb, 0xc7, 0x45, 0x36, 0xb9, + 0xa9, 0x63, 0xb4, 0xf1, 0xc4, 0xcb, 0x73, 0x8b }, + { 0xd0, 0xd1, 0xc8, 0xa7, 0x99, 0x99, 0x6b, 0xf0, + 0x26, 0x5b, 0x98, 0xb5, 0xd4, 0x8a, 0xb9, 0x19 }, + { 0xb0, 0x94, 0xda, 0xc5, 0xd9, 0x34, 0x71, 0xbd, + 0xec, 0x1a, 0x50, 0x22, 0x70, 0xe3, 0xcc, 0x6c }, + { 0x76, 0xfc, 0x6e, 0xce, 0x0f, 0x4e, 0x17, 0x68, + 0xcd, 0xdf, 0x88, 0x53, 0xbb, 0x2d, 0x55, 0x1b }, + { 0x3a, 0x33, 0x7d, 0xbf, 0x46, 0xa7, 0x92, 0xc4, + 0x5e, 0x45, 0x49, 0x13, 0xfe, 0x2e, 0xa8, 0xf2 }, + { 0xa4, 0x4a, 0x82, 0x66, 0xee, 0x1c, 0x8e, 0xb0, + 0xc8, 0xb5, 0xd4, 0xcf, 0x5a, 0xe9, 0xf1, 0x9a }, +}; + +int gcm_self_test( int verbose ) +{ + gcm_context ctx; + unsigned char buf[64]; + unsigned char tag_buf[16]; + int i, j, ret; + + for( j = 0; j < 3; j++ ) + { + int key_len = 128 + 64 * j; + + for( i = 0; i < MAX_TESTS; i++ ) + { + printf( " AES-GCM-%3d #%d (%s): ", key_len, i, "enc" ); + gcm_init( &ctx, key[key_index[i]], key_len ); + + ret = gcm_crypt_and_tag( &ctx, GCM_ENCRYPT, + pt_len[i], + iv[iv_index[i]], iv_len[i], + additional[add_index[i]], add_len[i], + pt[pt_index[i]], buf, 16, tag_buf ); + + if( ret != 0 || + memcmp( buf, ct[j * 6 + i], pt_len[i] ) != 0 || + memcmp( tag_buf, tag[j * 6 + i], 16 ) != 0 ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( 1 ); + } + + if( verbose != 0 ) + printf( "passed\n" ); + + printf( " AES-GCM-%3d #%d (%s): ", key_len, i, "dec" ); + gcm_init( &ctx, key[key_index[i]], key_len ); + + ret = gcm_crypt_and_tag( &ctx, GCM_DECRYPT, + pt_len[i], + iv[iv_index[i]], iv_len[i], + additional[add_index[i]], add_len[i], + ct[j * 6 + i], buf, 16, tag_buf ); + + if( ret != 0 || + memcmp( buf, pt[pt_index[i]], pt_len[i] ) != 0 || + memcmp( tag_buf, tag[j * 6 + i], 16 ) != 0 ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( 1 ); + } + + if( verbose != 0 ) + printf( "passed\n" ); + } + } + + printf( "\n" ); + + return( 0 ); +} + +#endif + +#endif diff --git a/polarssl/gcm.h b/polarssl/gcm.h new file mode 100644 index 0000000..b3df62c --- /dev/null +++ b/polarssl/gcm.h @@ -0,0 +1,147 @@ +/** + * \file gcm.h + * + * \brief Galois/Counter mode for AES + * + * Copyright (C) 2006-2012, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef POLARSSL_GCM_H +#define POLARSSL_GCM_H + +#include "polarssl/aes.h" + +#ifdef _MSC_VER +#include +typedef UINT64 uint64_t; +#else +#include +#endif + +#define GCM_ENCRYPT 1 +#define GCM_DECRYPT 0 + +#define POLARSSL_ERR_GCM_AUTH_FAILED -0x0012 /**< Authenticated decryption failed. */ +#define POLARSSL_ERR_GCM_BAD_INPUT -0x0014 /**< Bad input parameters to function. */ + +/** + * \brief GCM context structure + */ +typedef struct { + aes_context aes_ctx; /*!< AES context used */ + uint64_t HL[16]; /*!< Precalculated HTable */ + uint64_t HH[16]; /*!< Precalculated HTable */ +} +gcm_context; + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief GCM initialization (encryption) + * + * \param ctx GCM context to be initialized + * \param key encryption key + * \param keysize must be 128, 192 or 256 + * + * \return 0 if successful, or POLARSSL_ERR_AES_INVALID_KEY_LENGTH + */ +int gcm_init( gcm_context *ctx, const unsigned char *key, unsigned int keysize ); + +/** + * \brief GCM buffer encryption/decryption using AES + * + * \note On encryption, the output buffer can be the same as the input buffer. + * On decryption, the output buffer cannot be the same as input buffer. + * If buffers overlap, the output buffer must trail at least 8 bytes + * behind the input buffer. + * + * \param ctx GCM context + * \param mode GCM_ENCRYPT or GCM_DECRYPT + * \param length length of the input data + * \param iv initialization vector + * \param iv_len length of IV + * \param add additional data + * \param add_len length of additional data + * \param input buffer holding the input data + * \param output buffer for holding the output data + * \param tag_len length of the tag to generate + * \param tag buffer for holding the tag + * + * \return 0 if successful + */ +int gcm_crypt_and_tag( gcm_context *ctx, + int mode, + size_t length, + const unsigned char *iv, + size_t iv_len, + const unsigned char *add, + size_t add_len, + const unsigned char *input, + unsigned char *output, + size_t tag_len, + unsigned char *tag ); + +/** + * \brief GCM buffer authenticated decryption using AES + * + * \note On decryption, the output buffer cannot be the same as input buffer. + * If buffers overlap, the output buffer must trail at least 8 bytes + * behind the input buffer. + * + * \param ctx GCM context + * \param length length of the input data + * \param iv initialization vector + * \param iv_len length of IV + * \param add additional data + * \param add_len length of additional data + * \param tag buffer holding the tag + * \param tag_len length of the tag + * \param input buffer holding the input data + * \param output buffer for holding the output data + * + * \return 0 if successful and authenticated, + * POLARSSL_ERR_GCM_AUTH_FAILED if tag does not match + */ +int gcm_auth_decrypt( gcm_context *ctx, + size_t length, + const unsigned char *iv, + size_t iv_len, + const unsigned char *add, + size_t add_len, + const unsigned char *tag, + size_t tag_len, + const unsigned char *input, + unsigned char *output ); + +/** + * \brief Checkup routine + * + * \return 0 if successful, or 1 if the test failed + */ +int gcm_self_test( int verbose ); + +#ifdef __cplusplus +} +#endif + +#endif /* gcm.h */ diff --git a/polarssl/havege.c b/polarssl/havege.c new file mode 100644 index 0000000..ff302c5 --- /dev/null +++ b/polarssl/havege.c @@ -0,0 +1,231 @@ +/** + * \brief HAVEGE: HArdware Volatile Entropy Gathering and Expansion + * + * Copyright (C) 2006-2010, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +/* + * The HAVEGE RNG was designed by Andre Seznec in 2002. + * + * http://www.irisa.fr/caps/projects/hipsor/publi.php + * + * Contact: seznec(at)irisa_dot_fr - orocheco(at)irisa_dot_fr + */ + +#include "polarssl/config.h" + +#if defined(POLARSSL_HAVEGE_C) + +#include "polarssl/havege.h" +#include "polarssl/timing.h" + +#include +#include + +/* ------------------------------------------------------------------------ + * On average, one iteration accesses two 8-word blocks in the havege WALK + * table, and generates 16 words in the RES array. + * + * The data read in the WALK table is updated and permuted after each use. + * The result of the hardware clock counter read is used for this update. + * + * 25 conditional tests are present. The conditional tests are grouped in + * two nested groups of 12 conditional tests and 1 test that controls the + * permutation; on average, there should be 6 tests executed and 3 of them + * should be mispredicted. + * ------------------------------------------------------------------------ + */ + +#define SWAP(X,Y) { int *T = X; X = Y; Y = T; } + +#define TST1_ENTER if( PTEST & 1 ) { PTEST ^= 3; PTEST >>= 1; +#define TST2_ENTER if( PTEST & 1 ) { PTEST ^= 3; PTEST >>= 1; + +#define TST1_LEAVE U1++; } +#define TST2_LEAVE U2++; } + +#define ONE_ITERATION \ + \ + PTEST = PT1 >> 20; \ + \ + TST1_ENTER TST1_ENTER TST1_ENTER TST1_ENTER \ + TST1_ENTER TST1_ENTER TST1_ENTER TST1_ENTER \ + TST1_ENTER TST1_ENTER TST1_ENTER TST1_ENTER \ + \ + TST1_LEAVE TST1_LEAVE TST1_LEAVE TST1_LEAVE \ + TST1_LEAVE TST1_LEAVE TST1_LEAVE TST1_LEAVE \ + TST1_LEAVE TST1_LEAVE TST1_LEAVE TST1_LEAVE \ + \ + PTX = (PT1 >> 18) & 7; \ + PT1 &= 0x1FFF; \ + PT2 &= 0x1FFF; \ + CLK = (int) hardclock(); \ + \ + i = 0; \ + A = &WALK[PT1 ]; RES[i++] ^= *A; \ + B = &WALK[PT2 ]; RES[i++] ^= *B; \ + C = &WALK[PT1 ^ 1]; RES[i++] ^= *C; \ + D = &WALK[PT2 ^ 4]; RES[i++] ^= *D; \ + \ + IN = (*A >> (1)) ^ (*A << (31)) ^ CLK; \ + *A = (*B >> (2)) ^ (*B << (30)) ^ CLK; \ + *B = IN ^ U1; \ + *C = (*C >> (3)) ^ (*C << (29)) ^ CLK; \ + *D = (*D >> (4)) ^ (*D << (28)) ^ CLK; \ + \ + A = &WALK[PT1 ^ 2]; RES[i++] ^= *A; \ + B = &WALK[PT2 ^ 2]; RES[i++] ^= *B; \ + C = &WALK[PT1 ^ 3]; RES[i++] ^= *C; \ + D = &WALK[PT2 ^ 6]; RES[i++] ^= *D; \ + \ + if( PTEST & 1 ) SWAP( A, C ); \ + \ + IN = (*A >> (5)) ^ (*A << (27)) ^ CLK; \ + *A = (*B >> (6)) ^ (*B << (26)) ^ CLK; \ + *B = IN; CLK = (int) hardclock(); \ + *C = (*C >> (7)) ^ (*C << (25)) ^ CLK; \ + *D = (*D >> (8)) ^ (*D << (24)) ^ CLK; \ + \ + A = &WALK[PT1 ^ 4]; \ + B = &WALK[PT2 ^ 1]; \ + \ + PTEST = PT2 >> 1; \ + \ + PT2 = (RES[(i - 8) ^ PTY] ^ WALK[PT2 ^ PTY ^ 7]); \ + PT2 = ((PT2 & 0x1FFF) & (~8)) ^ ((PT1 ^ 8) & 0x8); \ + PTY = (PT2 >> 10) & 7; \ + \ + TST2_ENTER TST2_ENTER TST2_ENTER TST2_ENTER \ + TST2_ENTER TST2_ENTER TST2_ENTER TST2_ENTER \ + TST2_ENTER TST2_ENTER TST2_ENTER TST2_ENTER \ + \ + TST2_LEAVE TST2_LEAVE TST2_LEAVE TST2_LEAVE \ + TST2_LEAVE TST2_LEAVE TST2_LEAVE TST2_LEAVE \ + TST2_LEAVE TST2_LEAVE TST2_LEAVE TST2_LEAVE \ + \ + C = &WALK[PT1 ^ 5]; \ + D = &WALK[PT2 ^ 5]; \ + \ + RES[i++] ^= *A; \ + RES[i++] ^= *B; \ + RES[i++] ^= *C; \ + RES[i++] ^= *D; \ + \ + IN = (*A >> ( 9)) ^ (*A << (23)) ^ CLK; \ + *A = (*B >> (10)) ^ (*B << (22)) ^ CLK; \ + *B = IN ^ U2; \ + *C = (*C >> (11)) ^ (*C << (21)) ^ CLK; \ + *D = (*D >> (12)) ^ (*D << (20)) ^ CLK; \ + \ + A = &WALK[PT1 ^ 6]; RES[i++] ^= *A; \ + B = &WALK[PT2 ^ 3]; RES[i++] ^= *B; \ + C = &WALK[PT1 ^ 7]; RES[i++] ^= *C; \ + D = &WALK[PT2 ^ 7]; RES[i++] ^= *D; \ + \ + IN = (*A >> (13)) ^ (*A << (19)) ^ CLK; \ + *A = (*B >> (14)) ^ (*B << (18)) ^ CLK; \ + *B = IN; \ + *C = (*C >> (15)) ^ (*C << (17)) ^ CLK; \ + *D = (*D >> (16)) ^ (*D << (16)) ^ CLK; \ + \ + PT1 = ( RES[(i - 8) ^ PTX] ^ \ + WALK[PT1 ^ PTX ^ 7] ) & (~1); \ + PT1 ^= (PT2 ^ 0x10) & 0x10; \ + \ + for( n++, i = 0; i < 16; i++ ) \ + hs->pool[n % COLLECT_SIZE] ^= RES[i]; + +/* + * Entropy gathering function + */ +static void havege_fill( havege_state *hs ) +{ + int i, n = 0; + int U1, U2, *A, *B, *C, *D; + int PT1, PT2, *WALK, RES[16]; + int PTX, PTY, CLK, PTEST, IN; + + WALK = hs->WALK; + PT1 = hs->PT1; + PT2 = hs->PT2; + + PTX = U1 = 0; + PTY = U2 = 0; + + memset( RES, 0, sizeof( RES ) ); + + while( n < COLLECT_SIZE * 4 ) + { + ONE_ITERATION + ONE_ITERATION + ONE_ITERATION + ONE_ITERATION + } + + hs->PT1 = PT1; + hs->PT2 = PT2; + + hs->offset[0] = 0; + hs->offset[1] = COLLECT_SIZE / 2; +} + +/* + * HAVEGE initialization + */ +void havege_init( havege_state *hs ) +{ + memset( hs, 0, sizeof( havege_state ) ); + + havege_fill( hs ); +} + +/* + * HAVEGE rand function + */ +int havege_random( void *p_rng, unsigned char *buf, size_t len ) +{ + int val; + size_t use_len; + havege_state *hs = (havege_state *) p_rng; + unsigned char *p = buf; + + while( len > 0 ) + { + use_len = len; + if( use_len > sizeof(int) ) + use_len = sizeof(int); + + if( hs->offset[1] >= COLLECT_SIZE ) + havege_fill( hs ); + + val = hs->pool[hs->offset[0]++]; + val ^= hs->pool[hs->offset[1]++]; + + memcpy( p, &val, use_len ); + + len -= use_len; + p += use_len; + } + + return( 0 ); +} + +#endif diff --git a/polarssl/havege.h b/polarssl/havege.h new file mode 100644 index 0000000..53c4f38 --- /dev/null +++ b/polarssl/havege.h @@ -0,0 +1,71 @@ +/** + * \file havege.h + * + * \brief HAVEGE: HArdware Volatile Entropy Gathering and Expansion + * + * Copyright (C) 2006-2010, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef POLARSSL_HAVEGE_H +#define POLARSSL_HAVEGE_H + +#include + +#define COLLECT_SIZE 1024 + +/** + * \brief HAVEGE state structure + */ +typedef struct +{ + int PT1, PT2, offset[2]; + int pool[COLLECT_SIZE]; + int WALK[8192]; +} +havege_state; + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief HAVEGE initialization + * + * \param hs HAVEGE state to be initialized + */ +void havege_init( havege_state *hs ); + +/** + * \brief HAVEGE rand function + * + * \param p_rng A HAVEGE state + * \param output Buffer to fill + * \param len Length of buffer + * + * \return 0 + */ +int havege_random( void *p_rng, unsigned char *output, size_t len ); + +#ifdef __cplusplus +} +#endif + +#endif /* havege.h */ diff --git a/polarssl/md.c b/polarssl/md.c new file mode 100644 index 0000000..ab0f468 --- /dev/null +++ b/polarssl/md.c @@ -0,0 +1,298 @@ +/** + * \file md.c + * + * \brief Generic message digest wrapper for PolarSSL + * + * \author Adriaan de Jong + * + * Copyright (C) 2006-2010, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#include "polarssl/config.h" + +#if defined(POLARSSL_MD_C) + +#include "polarssl/md.h" +#include "polarssl/md_wrap.h" + +#include +#include + +//#if defined _MSC_VER && !defined strcasecmp +//#define strcasecmp _stricmp +//#endif + +static const int supported_digests[] = { + +#if defined(POLARSSL_MD2_C) + POLARSSL_MD_MD2, +#endif + +#if defined(POLARSSL_MD4_C) + POLARSSL_MD_MD4, +#endif + +#if defined(POLARSSL_MD5_C) + POLARSSL_MD_MD5, +#endif + +#if defined(POLARSSL_SHA1_C) + POLARSSL_MD_SHA1, +#endif + +#if defined(POLARSSL_SHA2_C) + POLARSSL_MD_SHA224, + POLARSSL_MD_SHA256, +#endif + +#if defined(POLARSSL_SHA4_C) + POLARSSL_MD_SHA384, + POLARSSL_MD_SHA512, +#endif + + 0 +}; + +const int *md_list( void ) +{ + return supported_digests; +} + +const md_info_t *md_info_from_string( const char *md_name ) +{ + if( NULL == md_name ) + return NULL; + + /* Get the appropriate digest information */ +#if defined(POLARSSL_MD2_C) + if( !strcasecmp( "MD2", md_name ) ) + return md_info_from_type( POLARSSL_MD_MD2 ); +#endif +#if defined(POLARSSL_MD4_C) + if( !strcasecmp( "MD4", md_name ) ) + return md_info_from_type( POLARSSL_MD_MD4 ); +#endif +#if defined(POLARSSL_MD5_C) + if( !strcasecmp( "MD5", md_name ) ) + return md_info_from_type( POLARSSL_MD_MD5 ); +#endif +#if defined(POLARSSL_SHA1_C) + if( !strcasecmp( "SHA1", md_name ) || !strcasecmp( "SHA", md_name ) ) + return md_info_from_type( POLARSSL_MD_SHA1 ); +#endif +#if defined(POLARSSL_SHA2_C) + if( !strcasecmp( "SHA224", md_name ) ) + return md_info_from_type( POLARSSL_MD_SHA224 ); + if( !strcasecmp( "SHA256", md_name ) ) + return md_info_from_type( POLARSSL_MD_SHA256 ); +#endif +#if defined(POLARSSL_SHA4_C) + if( !strcasecmp( "SHA384", md_name ) ) + return md_info_from_type( POLARSSL_MD_SHA384 ); + if( !strcasecmp( "SHA512", md_name ) ) + return md_info_from_type( POLARSSL_MD_SHA512 ); +#endif + return NULL; +} + +const md_info_t *md_info_from_type( md_type_t md_type ) +{ + switch( md_type ) + { +#if defined(POLARSSL_MD2_C) + case POLARSSL_MD_MD2: + return &md2_info; +#endif +#if defined(POLARSSL_MD4_C) + case POLARSSL_MD_MD4: + return &md4_info; +#endif +#if defined(POLARSSL_MD5_C) + case POLARSSL_MD_MD5: + return &md5_info; +#endif +#if defined(POLARSSL_SHA1_C) + case POLARSSL_MD_SHA1: + return &sha1_info; +#endif +#if defined(POLARSSL_SHA2_C) + case POLARSSL_MD_SHA224: + return &sha224_info; + case POLARSSL_MD_SHA256: + return &sha256_info; +#endif +#if defined(POLARSSL_SHA4_C) + case POLARSSL_MD_SHA384: + return &sha384_info; + case POLARSSL_MD_SHA512: + return &sha512_info; +#endif + default: + return NULL; + } +} + +int md_init_ctx( md_context_t *ctx, const md_info_t *md_info ) +{ + if( md_info == NULL || ctx == NULL ) + return POLARSSL_ERR_MD_BAD_INPUT_DATA; + + memset( ctx, 0, sizeof( md_context_t ) ); + + if( ( ctx->md_ctx = md_info->ctx_alloc_func() ) == NULL ) + return POLARSSL_ERR_MD_ALLOC_FAILED; + + ctx->md_info = md_info; + + md_info->starts_func( ctx->md_ctx ); + + return 0; +} + +int md_free_ctx( md_context_t *ctx ) +{ + if( ctx == NULL || ctx->md_info == NULL ) + return POLARSSL_ERR_MD_BAD_INPUT_DATA; + + ctx->md_info->ctx_free_func( ctx->md_ctx ); + ctx->md_ctx = NULL; + + return 0; +} + +int md_starts( md_context_t *ctx ) +{ + if( ctx == NULL || ctx->md_info == NULL ) + return POLARSSL_ERR_MD_BAD_INPUT_DATA; + + ctx->md_info->starts_func( ctx->md_ctx ); + + return 0; +} + +int md_update( md_context_t *ctx, const unsigned char *input, size_t ilen ) +{ + if( ctx == NULL || ctx->md_info == NULL ) + return POLARSSL_ERR_MD_BAD_INPUT_DATA; + + ctx->md_info->update_func( ctx->md_ctx, input, ilen ); + + return 0; +} + +int md_finish( md_context_t *ctx, unsigned char *output ) +{ + if( ctx == NULL || ctx->md_info == NULL ) + return POLARSSL_ERR_MD_BAD_INPUT_DATA; + + ctx->md_info->finish_func( ctx->md_ctx, output ); + + return 0; +} + +int md( const md_info_t *md_info, const unsigned char *input, size_t ilen, + unsigned char *output ) +{ + if ( md_info == NULL ) + return POLARSSL_ERR_MD_BAD_INPUT_DATA; + + md_info->digest_func( input, ilen, output ); + + return 0; +} + +int md_file( const md_info_t *md_info, const char *path, unsigned char *output ) +{ +#if defined(POLARSSL_FS_IO) + int ret; +#endif + + if( md_info == NULL ) + return POLARSSL_ERR_MD_BAD_INPUT_DATA; + +#if defined(POLARSSL_FS_IO) + ret = md_info->file_func( path, output ); + if( ret != 0 ) + return( POLARSSL_ERR_MD_FILE_IO_ERROR + ret ); + + return( ret ); +#else + ((void) path); + ((void) output); + + return POLARSSL_ERR_MD_FEATURE_UNAVAILABLE; +#endif +} + +int md_hmac_starts( md_context_t *ctx, const unsigned char *key, size_t keylen ) +{ + if( ctx == NULL || ctx->md_info == NULL ) + return POLARSSL_ERR_MD_BAD_INPUT_DATA; + + ctx->md_info->hmac_starts_func( ctx->md_ctx, key, keylen); + + return 0; +} + +int md_hmac_update( md_context_t *ctx, const unsigned char *input, size_t ilen ) +{ + if( ctx == NULL || ctx->md_info == NULL ) + return POLARSSL_ERR_MD_BAD_INPUT_DATA; + + ctx->md_info->hmac_update_func( ctx->md_ctx, input, ilen ); + + return 0; +} + +int md_hmac_finish( md_context_t *ctx, unsigned char *output) +{ + if( ctx == NULL || ctx->md_info == NULL ) + return POLARSSL_ERR_MD_BAD_INPUT_DATA; + + ctx->md_info->hmac_finish_func( ctx->md_ctx, output); + + return 0; +} + +int md_hmac_reset( md_context_t *ctx ) +{ + if( ctx == NULL || ctx->md_info == NULL ) + return POLARSSL_ERR_MD_BAD_INPUT_DATA; + + ctx->md_info->hmac_reset_func( ctx->md_ctx); + + return 0; +} + +int md_hmac( const md_info_t *md_info, const unsigned char *key, size_t keylen, + const unsigned char *input, size_t ilen, + unsigned char *output ) +{ + if( md_info == NULL ) + return POLARSSL_ERR_MD_BAD_INPUT_DATA; + + md_info->hmac_func( key, keylen, input, ilen, output ); + + return 0; +} + +#endif diff --git a/polarssl/md.h b/polarssl/md.h new file mode 100644 index 0000000..6a1bdd4 --- /dev/null +++ b/polarssl/md.h @@ -0,0 +1,363 @@ +/** + * \file md.h + * + * \brief Generic message digest wrapper + * + * \author Adriaan de Jong + * + * Copyright (C) 2006-2011, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef POLARSSL_MD_H +#define POLARSSL_MD_H + +#include + +#if defined(_MSC_VER) && !defined(inline) +#define inline _inline +#else +#if defined(__ARMCC_VERSION) && !defined(inline) +#define inline __inline +#endif /* __ARMCC_VERSION */ +#endif /*_MSC_VER */ + +#define POLARSSL_ERR_MD_FEATURE_UNAVAILABLE -0x5080 /**< The selected feature is not available. */ +#define POLARSSL_ERR_MD_BAD_INPUT_DATA -0x5100 /**< Bad input parameters to function. */ +#define POLARSSL_ERR_MD_ALLOC_FAILED -0x5180 /**< Failed to allocate memory. */ +#define POLARSSL_ERR_MD_FILE_IO_ERROR -0x5200 /**< Opening or reading of file failed. */ + +typedef enum { + POLARSSL_MD_NONE=0, + POLARSSL_MD_MD2, + POLARSSL_MD_MD4, + POLARSSL_MD_MD5, + POLARSSL_MD_SHA1, + POLARSSL_MD_SHA224, + POLARSSL_MD_SHA256, + POLARSSL_MD_SHA384, + POLARSSL_MD_SHA512, +} md_type_t; + +#define POLARSSL_MD_MAX_SIZE 64 /* longest known is SHA512 */ + +/** + * Message digest information. Allows message digest functions to be called + * in a generic way. + */ +typedef struct { + /** Digest identifier */ + md_type_t type; + + /** Name of the message digest */ + const char * name; + + /** Output length of the digest function */ + int size; + + /** Digest initialisation function */ + void (*starts_func)( void *ctx ); + + /** Digest update function */ + void (*update_func)( void *ctx, const unsigned char *input, size_t ilen ); + + /** Digest finalisation function */ + void (*finish_func)( void *ctx, unsigned char *output ); + + /** Generic digest function */ + void (*digest_func)( const unsigned char *input, size_t ilen, + unsigned char *output ); + + /** Generic file digest function */ + int (*file_func)( const char *path, unsigned char *output ); + + /** HMAC Initialisation function */ + void (*hmac_starts_func)( void *ctx, const unsigned char *key, size_t keylen ); + + /** HMAC update function */ + void (*hmac_update_func)( void *ctx, const unsigned char *input, size_t ilen ); + + /** HMAC finalisation function */ + void (*hmac_finish_func)( void *ctx, unsigned char *output); + + /** HMAC context reset function */ + void (*hmac_reset_func)( void *ctx ); + + /** Generic HMAC function */ + void (*hmac_func)( const unsigned char *key, size_t keylen, + const unsigned char *input, size_t ilen, + unsigned char *output ); + + /** Allocate a new context */ + void * (*ctx_alloc_func)( void ); + + /** Free the given context */ + void (*ctx_free_func)( void *ctx ); + +} md_info_t; + +/** + * Generic message digest context. + */ +typedef struct { + /** Information about the associated message digest */ + const md_info_t *md_info; + + /** Digest-specific context */ + void *md_ctx; +} md_context_t; + +#define MD_CONTEXT_T_INIT { \ + NULL, /* md_info */ \ + NULL, /* md_ctx */ \ +} + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief Returns the list of digests supported by the generic digest module. + * + * \return a statically allocated array of digests, the last entry + * is 0. + */ +const int *md_list( void ); + +/** + * \brief Returns the message digest information associated with the + * given digest name. + * + * \param md_name Name of the digest to search for. + * + * \return The message digest information associated with md_name or + * NULL if not found. + */ +const md_info_t *md_info_from_string( const char *md_name ); + +/** + * \brief Returns the message digest information associated with the + * given digest type. + * + * \param md_type type of digest to search for. + * + * \return The message digest information associated with md_type or + * NULL if not found. + */ +const md_info_t *md_info_from_type( md_type_t md_type ); + +/** + * \brief Initialises and fills the message digest context structure with + * the appropriate values. + * + * \param ctx context to initialise. May not be NULL. The + * digest-specific context (ctx->md_ctx) must be NULL. It will + * be allocated, and must be freed using md_free_ctx() later. + * \param md_info message digest to use. + * + * \returns \c 0 on success, \c POLARSSL_ERR_MD_BAD_INPUT_DATA on + * parameter failure, \c POLARSSL_ERR_MD_ALLOC_FAILED if + * allocation of the digest-specific context failed. + */ +int md_init_ctx( md_context_t *ctx, const md_info_t *md_info ); + +/** + * \brief Free the message-specific context of ctx. Freeing ctx itself + * remains the responsibility of the caller. + * + * \param ctx Free the message-specific context + * + * \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter + * verification fails. + */ +int md_free_ctx( md_context_t *ctx ); + +/** + * \brief Returns the size of the message digest output. + * + * \param md_info message digest info + * + * \return size of the message digest output. + */ +static inline unsigned char md_get_size( const md_info_t *md_info ) +{ + if( md_info == NULL ) + return( 0 ); + + return md_info->size; +} + +/** + * \brief Returns the type of the message digest output. + * + * \param md_info message digest info + * + * \return type of the message digest output. + */ +static inline md_type_t md_get_type( const md_info_t *md_info ) +{ + if( md_info == NULL ) + return( POLARSSL_MD_NONE ); + + return md_info->type; +} + +/** + * \brief Returns the name of the message digest output. + * + * \param md_info message digest info + * + * \return name of the message digest output. + */ +static inline const char *md_get_name( const md_info_t *md_info ) +{ + if( md_info == NULL ) + return( NULL ); + + return md_info->name; +} + +/** + * \brief Set-up the given context for a new message digest + * + * \param ctx generic message digest context. + * + * \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter + * verification fails. + */ +int md_starts( md_context_t *ctx ); + +/** + * \brief Generic message digest process buffer + * + * \param ctx Generic message digest context + * \param input buffer holding the datal + * \param ilen length of the input data + * + * \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter + * verification fails. + */ +int md_update( md_context_t *ctx, const unsigned char *input, size_t ilen ); + +/** + * \brief Generic message digest final digest + * + * \param ctx Generic message digest context + * \param output Generic message digest checksum result + * + * \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter + * verification fails. + */ +int md_finish( md_context_t *ctx, unsigned char *output ); + +/** + * \brief Output = message_digest( input buffer ) + * + * \param md_info message digest info + * \param input buffer holding the data + * \param ilen length of the input data + * \param output Generic message digest checksum result + * + * \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter + * verification fails. + */ +int md( const md_info_t *md_info, const unsigned char *input, size_t ilen, + unsigned char *output ); + +/** + * \brief Output = message_digest( file contents ) + * + * \param md_info message digest info + * \param path input file name + * \param output generic message digest checksum result + * + * \return 0 if successful, POLARSSL_ERR_MD_FILE_OPEN_FAILED if fopen + * failed, POLARSSL_ERR_MD_FILE_READ_FAILED if fread failed, + * POLARSSL_ERR_MD_BAD_INPUT_DATA if md_info was NULL. + */ +int md_file( const md_info_t *md_info, const char *path, unsigned char *output ); + +/** + * \brief Generic HMAC context setup + * + * \param ctx HMAC context to be initialized + * \param key HMAC secret key + * \param keylen length of the HMAC key + * + * \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter + * verification fails. + */ +int md_hmac_starts( md_context_t *ctx, const unsigned char *key, size_t keylen ); + +/** + * \brief Generic HMAC process buffer + * + * \param ctx HMAC context + * \param input buffer holding the data + * \param ilen length of the input data + * + * \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter + * verification fails. + */ +int md_hmac_update( md_context_t *ctx, const unsigned char *input, size_t ilen ); + +/** + * \brief Generic HMAC final digest + * + * \param ctx HMAC context + * \param output Generic HMAC checksum result + * + * \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter + * verification fails. + */ +int md_hmac_finish( md_context_t *ctx, unsigned char *output); + +/** + * \brief Generic HMAC context reset + * + * \param ctx HMAC context to be reset + * + * \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter + * verification fails. + */ +int md_hmac_reset( md_context_t *ctx ); + +/** + * \brief Output = Generic_HMAC( hmac key, input buffer ) + * + * \param md_info message digest info + * \param key HMAC secret key + * \param keylen length of the HMAC key + * \param input buffer holding the data + * \param ilen length of the input data + * \param output Generic HMAC-result + * + * \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter + * verification fails. + */ +int md_hmac( const md_info_t *md_info, const unsigned char *key, size_t keylen, + const unsigned char *input, size_t ilen, + unsigned char *output ); + +#ifdef __cplusplus +} +#endif + +#endif /* POLARSSL_MD_H */ diff --git a/polarssl/md2.c b/polarssl/md2.c new file mode 100644 index 0000000..2c8754a --- /dev/null +++ b/polarssl/md2.c @@ -0,0 +1,368 @@ +/* + * RFC 1115/1319 compliant MD2 implementation + * + * Copyright (C) 2006-2013, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +/* + * The MD2 algorithm was designed by Ron Rivest in 1989. + * + * http://www.ietf.org/rfc/rfc1115.txt + * http://www.ietf.org/rfc/rfc1319.txt + */ + +#include "polarssl/config.h" + +#if defined(POLARSSL_MD2_C) + +#include "polarssl/md2.h" + +#if defined(POLARSSL_FS_IO) || defined(POLARSSL_SELF_TEST) +#include +#endif + +#if !defined(POLARSSL_MD2_ALT) + +static const unsigned char PI_SUBST[256] = +{ + 0x29, 0x2E, 0x43, 0xC9, 0xA2, 0xD8, 0x7C, 0x01, 0x3D, 0x36, + 0x54, 0xA1, 0xEC, 0xF0, 0x06, 0x13, 0x62, 0xA7, 0x05, 0xF3, + 0xC0, 0xC7, 0x73, 0x8C, 0x98, 0x93, 0x2B, 0xD9, 0xBC, 0x4C, + 0x82, 0xCA, 0x1E, 0x9B, 0x57, 0x3C, 0xFD, 0xD4, 0xE0, 0x16, + 0x67, 0x42, 0x6F, 0x18, 0x8A, 0x17, 0xE5, 0x12, 0xBE, 0x4E, + 0xC4, 0xD6, 0xDA, 0x9E, 0xDE, 0x49, 0xA0, 0xFB, 0xF5, 0x8E, + 0xBB, 0x2F, 0xEE, 0x7A, 0xA9, 0x68, 0x79, 0x91, 0x15, 0xB2, + 0x07, 0x3F, 0x94, 0xC2, 0x10, 0x89, 0x0B, 0x22, 0x5F, 0x21, + 0x80, 0x7F, 0x5D, 0x9A, 0x5A, 0x90, 0x32, 0x27, 0x35, 0x3E, + 0xCC, 0xE7, 0xBF, 0xF7, 0x97, 0x03, 0xFF, 0x19, 0x30, 0xB3, + 0x48, 0xA5, 0xB5, 0xD1, 0xD7, 0x5E, 0x92, 0x2A, 0xAC, 0x56, + 0xAA, 0xC6, 0x4F, 0xB8, 0x38, 0xD2, 0x96, 0xA4, 0x7D, 0xB6, + 0x76, 0xFC, 0x6B, 0xE2, 0x9C, 0x74, 0x04, 0xF1, 0x45, 0x9D, + 0x70, 0x59, 0x64, 0x71, 0x87, 0x20, 0x86, 0x5B, 0xCF, 0x65, + 0xE6, 0x2D, 0xA8, 0x02, 0x1B, 0x60, 0x25, 0xAD, 0xAE, 0xB0, + 0xB9, 0xF6, 0x1C, 0x46, 0x61, 0x69, 0x34, 0x40, 0x7E, 0x0F, + 0x55, 0x47, 0xA3, 0x23, 0xDD, 0x51, 0xAF, 0x3A, 0xC3, 0x5C, + 0xF9, 0xCE, 0xBA, 0xC5, 0xEA, 0x26, 0x2C, 0x53, 0x0D, 0x6E, + 0x85, 0x28, 0x84, 0x09, 0xD3, 0xDF, 0xCD, 0xF4, 0x41, 0x81, + 0x4D, 0x52, 0x6A, 0xDC, 0x37, 0xC8, 0x6C, 0xC1, 0xAB, 0xFA, + 0x24, 0xE1, 0x7B, 0x08, 0x0C, 0xBD, 0xB1, 0x4A, 0x78, 0x88, + 0x95, 0x8B, 0xE3, 0x63, 0xE8, 0x6D, 0xE9, 0xCB, 0xD5, 0xFE, + 0x3B, 0x00, 0x1D, 0x39, 0xF2, 0xEF, 0xB7, 0x0E, 0x66, 0x58, + 0xD0, 0xE4, 0xA6, 0x77, 0x72, 0xF8, 0xEB, 0x75, 0x4B, 0x0A, + 0x31, 0x44, 0x50, 0xB4, 0x8F, 0xED, 0x1F, 0x1A, 0xDB, 0x99, + 0x8D, 0x33, 0x9F, 0x11, 0x83, 0x14 +}; + +/* + * MD2 context setup + */ +void md2_starts( md2_context *ctx ) +{ + memset( ctx->cksum, 0, 16 ); + memset( ctx->state, 0, 46 ); + memset( ctx->buffer, 0, 16 ); + ctx->left = 0; +} + +static void md2_process( md2_context *ctx ) +{ + int i, j; + unsigned char t = 0; + + for( i = 0; i < 16; i++ ) + { + ctx->state[i + 16] = ctx->buffer[i]; + ctx->state[i + 32] = + (unsigned char)( ctx->buffer[i] ^ ctx->state[i]); + } + + for( i = 0; i < 18; i++ ) + { + for( j = 0; j < 48; j++ ) + { + ctx->state[j] = (unsigned char) + ( ctx->state[j] ^ PI_SUBST[t] ); + t = ctx->state[j]; + } + + t = (unsigned char)( t + i ); + } + + t = ctx->cksum[15]; + + for( i = 0; i < 16; i++ ) + { + ctx->cksum[i] = (unsigned char) + ( ctx->cksum[i] ^ PI_SUBST[ctx->buffer[i] ^ t] ); + t = ctx->cksum[i]; + } +} + +/* + * MD2 process buffer + */ +void md2_update( md2_context *ctx, const unsigned char *input, size_t ilen ) +{ + size_t fill; + + while( ilen > 0 ) + { + if( ctx->left + ilen > 16 ) + fill = 16 - ctx->left; + else + fill = ilen; + + memcpy( ctx->buffer + ctx->left, input, fill ); + + ctx->left += fill; + input += fill; + ilen -= fill; + + if( ctx->left == 16 ) + { + ctx->left = 0; + md2_process( ctx ); + } + } +} + +/* + * MD2 final digest + */ +void md2_finish( md2_context *ctx, unsigned char output[16] ) +{ + size_t i; + unsigned char x; + + x = (unsigned char)( 16 - ctx->left ); + + for( i = ctx->left; i < 16; i++ ) + ctx->buffer[i] = x; + + md2_process( ctx ); + + memcpy( ctx->buffer, ctx->cksum, 16 ); + md2_process( ctx ); + + memcpy( output, ctx->state, 16 ); +} + +#endif /* !POLARSSL_MD2_ALT */ + +/* + * output = MD2( input buffer ) + */ +void md2( const unsigned char *input, size_t ilen, unsigned char output[16] ) +{ + md2_context ctx; + + md2_starts( &ctx ); + md2_update( &ctx, input, ilen ); + md2_finish( &ctx, output ); + + memset( &ctx, 0, sizeof( md2_context ) ); +} + +#if defined(POLARSSL_FS_IO) +/* + * output = MD2( file contents ) + */ +int md2_file( const char *path, unsigned char output[16] ) +{ + FILE *f; + size_t n; + md2_context ctx; + unsigned char buf[1024]; + + if( ( f = fopen( path, "rb" ) ) == NULL ) + return( POLARSSL_ERR_MD2_FILE_IO_ERROR ); + + md2_starts( &ctx ); + + while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 ) + md2_update( &ctx, buf, n ); + + md2_finish( &ctx, output ); + + memset( &ctx, 0, sizeof( md2_context ) ); + + if( ferror( f ) != 0 ) + { + fclose( f ); + return( POLARSSL_ERR_MD2_FILE_IO_ERROR ); + } + + fclose( f ); + return( 0 ); +} +#endif /* POLARSSL_FS_IO */ + +/* + * MD2 HMAC context setup + */ +void md2_hmac_starts( md2_context *ctx, const unsigned char *key, size_t keylen ) +{ + size_t i; + unsigned char sum[16]; + + if( keylen > 16 ) + { + md2( key, keylen, sum ); + keylen = 16; + key = sum; + } + + memset( ctx->ipad, 0x36, 16 ); + memset( ctx->opad, 0x5C, 16 ); + + for( i = 0; i < keylen; i++ ) + { + ctx->ipad[i] = (unsigned char)( ctx->ipad[i] ^ key[i] ); + ctx->opad[i] = (unsigned char)( ctx->opad[i] ^ key[i] ); + } + + md2_starts( ctx ); + md2_update( ctx, ctx->ipad, 16 ); + + memset( sum, 0, sizeof( sum ) ); +} + +/* + * MD2 HMAC process buffer + */ +void md2_hmac_update( md2_context *ctx, const unsigned char *input, size_t ilen ) +{ + md2_update( ctx, input, ilen ); +} + +/* + * MD2 HMAC final digest + */ +void md2_hmac_finish( md2_context *ctx, unsigned char output[16] ) +{ + unsigned char tmpbuf[16]; + + md2_finish( ctx, tmpbuf ); + md2_starts( ctx ); + md2_update( ctx, ctx->opad, 16 ); + md2_update( ctx, tmpbuf, 16 ); + md2_finish( ctx, output ); + + memset( tmpbuf, 0, sizeof( tmpbuf ) ); +} + +/* + * MD2 HMAC context reset + */ +void md2_hmac_reset( md2_context *ctx ) +{ + md2_starts( ctx ); + md2_update( ctx, ctx->ipad, 16 ); +} + +/* + * output = HMAC-MD2( hmac key, input buffer ) + */ +void md2_hmac( const unsigned char *key, size_t keylen, + const unsigned char *input, size_t ilen, + unsigned char output[16] ) +{ + md2_context ctx; + + md2_hmac_starts( &ctx, key, keylen ); + md2_hmac_update( &ctx, input, ilen ); + md2_hmac_finish( &ctx, output ); + + memset( &ctx, 0, sizeof( md2_context ) ); +} + +#if defined(POLARSSL_SELF_TEST) + +/* + * RFC 1319 test vectors + */ +static const char md2_test_str[7][81] = +{ + { "" }, + { "a" }, + { "abc" }, + { "message digest" }, + { "abcdefghijklmnopqrstuvwxyz" }, + { "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789" }, + { "12345678901234567890123456789012345678901234567890123456789012" \ + "345678901234567890" } +}; + +static const unsigned char md2_test_sum[7][16] = +{ + { 0x83, 0x50, 0xE5, 0xA3, 0xE2, 0x4C, 0x15, 0x3D, + 0xF2, 0x27, 0x5C, 0x9F, 0x80, 0x69, 0x27, 0x73 }, + { 0x32, 0xEC, 0x01, 0xEC, 0x4A, 0x6D, 0xAC, 0x72, + 0xC0, 0xAB, 0x96, 0xFB, 0x34, 0xC0, 0xB5, 0xD1 }, + { 0xDA, 0x85, 0x3B, 0x0D, 0x3F, 0x88, 0xD9, 0x9B, + 0x30, 0x28, 0x3A, 0x69, 0xE6, 0xDE, 0xD6, 0xBB }, + { 0xAB, 0x4F, 0x49, 0x6B, 0xFB, 0x2A, 0x53, 0x0B, + 0x21, 0x9F, 0xF3, 0x30, 0x31, 0xFE, 0x06, 0xB0 }, + { 0x4E, 0x8D, 0xDF, 0xF3, 0x65, 0x02, 0x92, 0xAB, + 0x5A, 0x41, 0x08, 0xC3, 0xAA, 0x47, 0x94, 0x0B }, + { 0xDA, 0x33, 0xDE, 0xF2, 0xA4, 0x2D, 0xF1, 0x39, + 0x75, 0x35, 0x28, 0x46, 0xC3, 0x03, 0x38, 0xCD }, + { 0xD5, 0x97, 0x6F, 0x79, 0xD8, 0x3D, 0x3A, 0x0D, + 0xC9, 0x80, 0x6C, 0x3C, 0x66, 0xF3, 0xEF, 0xD8 } +}; + +/* + * Checkup routine + */ +int md2_self_test( int verbose ) +{ + int i; + unsigned char md2sum[16]; + + for( i = 0; i < 7; i++ ) + { + if( verbose != 0 ) + printf( " MD2 test #%d: ", i + 1 ); + + md2( (unsigned char *) md2_test_str[i], + strlen( md2_test_str[i] ), md2sum ); + + if( memcmp( md2sum, md2_test_sum[i], 16 ) != 0 ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( 1 ); + } + + if( verbose != 0 ) + printf( "passed\n" ); + } + + if( verbose != 0 ) + printf( "\n" ); + + return( 0 ); +} + +#endif + +#endif diff --git a/polarssl/md2.h b/polarssl/md2.h new file mode 100644 index 0000000..f437242 --- /dev/null +++ b/polarssl/md2.h @@ -0,0 +1,171 @@ +/** + * \file md2.h + * + * \brief MD2 message digest algorithm (hash function) + * + * Copyright (C) 2006-2013, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef POLARSSL_MD2_H +#define POLARSSL_MD2_H + +#include "polarssl/config.h" + +#include + +#define POLARSSL_ERR_MD2_FILE_IO_ERROR -0x0070 /**< Read/write error in file. */ + +#if !defined(POLARSSL_MD2_ALT) +// Regular implementation +// + +/** + * \brief MD2 context structure + */ +typedef struct +{ + unsigned char cksum[16]; /*!< checksum of the data block */ + unsigned char state[48]; /*!< intermediate digest state */ + unsigned char buffer[16]; /*!< data block being processed */ + + unsigned char ipad[16]; /*!< HMAC: inner padding */ + unsigned char opad[16]; /*!< HMAC: outer padding */ + size_t left; /*!< amount of data in buffer */ +} +md2_context; + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief MD2 context setup + * + * \param ctx context to be initialized + */ +void md2_starts( md2_context *ctx ); + +/** + * \brief MD2 process buffer + * + * \param ctx MD2 context + * \param input buffer holding the data + * \param ilen length of the input data + */ +void md2_update( md2_context *ctx, const unsigned char *input, size_t ilen ); + +/** + * \brief MD2 final digest + * + * \param ctx MD2 context + * \param output MD2 checksum result + */ +void md2_finish( md2_context *ctx, unsigned char output[16] ); + +#ifdef __cplusplus +} +#endif + +#else /* POLARSSL_MD2_ALT */ +#include "polarssl/md2_alt.h" +#endif /* POLARSSL_MD2_ALT */ + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief Output = MD2( input buffer ) + * + * \param input buffer holding the data + * \param ilen length of the input data + * \param output MD2 checksum result + */ +void md2( const unsigned char *input, size_t ilen, unsigned char output[16] ); + +/** + * \brief Output = MD2( file contents ) + * + * \param path input file name + * \param output MD2 checksum result + * + * \return 0 if successful, or POLARSSL_ERR_MD2_FILE_IO_ERROR + */ +int md2_file( const char *path, unsigned char output[16] ); + +/** + * \brief MD2 HMAC context setup + * + * \param ctx HMAC context to be initialized + * \param key HMAC secret key + * \param keylen length of the HMAC key + */ +void md2_hmac_starts( md2_context *ctx, const unsigned char *key, size_t keylen ); + +/** + * \brief MD2 HMAC process buffer + * + * \param ctx HMAC context + * \param input buffer holding the data + * \param ilen length of the input data + */ +void md2_hmac_update( md2_context *ctx, const unsigned char *input, size_t ilen ); + +/** + * \brief MD2 HMAC final digest + * + * \param ctx HMAC context + * \param output MD2 HMAC checksum result + */ +void md2_hmac_finish( md2_context *ctx, unsigned char output[16] ); + +/** + * \brief MD2 HMAC context reset + * + * \param ctx HMAC context to be reset + */ +void md2_hmac_reset( md2_context *ctx ); + +/** + * \brief Output = HMAC-MD2( hmac key, input buffer ) + * + * \param key HMAC secret key + * \param keylen length of the HMAC key + * \param input buffer holding the data + * \param ilen length of the input data + * \param output HMAC-MD2 result + */ +void md2_hmac( const unsigned char *key, size_t keylen, + const unsigned char *input, size_t ilen, + unsigned char output[16] ); + +/** + * \brief Checkup routine + * + * \return 0 if successful, or 1 if the test failed + */ +int md2_self_test( int verbose ); + +#ifdef __cplusplus +} +#endif + +#endif /* md2.h */ diff --git a/polarssl/md4.c b/polarssl/md4.c new file mode 100644 index 0000000..980f5e4 --- /dev/null +++ b/polarssl/md4.c @@ -0,0 +1,464 @@ +/* + * RFC 1186/1320 compliant MD4 implementation + * + * Copyright (C) 2006-2013, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +/* + * The MD4 algorithm was designed by Ron Rivest in 1990. + * + * http://www.ietf.org/rfc/rfc1186.txt + * http://www.ietf.org/rfc/rfc1320.txt + */ + +#include "polarssl/config.h" + +#if defined(POLARSSL_MD4_C) + +#include "polarssl/md4.h" + +#if defined(POLARSSL_FS_IO) || defined(POLARSSL_SELF_TEST) +#include +#endif + +#if !defined(POLARSSL_MD4_ALT) + +/* + * 32-bit integer manipulation macros (little endian) + */ +#ifndef GET_UINT32_LE +#define GET_UINT32_LE(n,b,i) \ +{ \ + (n) = ( (uint32_t) (b)[(i) ] ) \ + | ( (uint32_t) (b)[(i) + 1] << 8 ) \ + | ( (uint32_t) (b)[(i) + 2] << 16 ) \ + | ( (uint32_t) (b)[(i) + 3] << 24 ); \ +} +#endif + +#ifndef PUT_UINT32_LE +#define PUT_UINT32_LE(n,b,i) \ +{ \ + (b)[(i) ] = (unsigned char) ( (n) ); \ + (b)[(i) + 1] = (unsigned char) ( (n) >> 8 ); \ + (b)[(i) + 2] = (unsigned char) ( (n) >> 16 ); \ + (b)[(i) + 3] = (unsigned char) ( (n) >> 24 ); \ +} +#endif + +/* + * MD4 context setup + */ +void md4_starts( md4_context *ctx ) +{ + ctx->total[0] = 0; + ctx->total[1] = 0; + + ctx->state[0] = 0x67452301; + ctx->state[1] = 0xEFCDAB89; + ctx->state[2] = 0x98BADCFE; + ctx->state[3] = 0x10325476; +} + +static void md4_process( md4_context *ctx, const unsigned char data[64] ) +{ + uint32_t X[16], A, B, C, D; + + GET_UINT32_LE( X[ 0], data, 0 ); + GET_UINT32_LE( X[ 1], data, 4 ); + GET_UINT32_LE( X[ 2], data, 8 ); + GET_UINT32_LE( X[ 3], data, 12 ); + GET_UINT32_LE( X[ 4], data, 16 ); + GET_UINT32_LE( X[ 5], data, 20 ); + GET_UINT32_LE( X[ 6], data, 24 ); + GET_UINT32_LE( X[ 7], data, 28 ); + GET_UINT32_LE( X[ 8], data, 32 ); + GET_UINT32_LE( X[ 9], data, 36 ); + GET_UINT32_LE( X[10], data, 40 ); + GET_UINT32_LE( X[11], data, 44 ); + GET_UINT32_LE( X[12], data, 48 ); + GET_UINT32_LE( X[13], data, 52 ); + GET_UINT32_LE( X[14], data, 56 ); + GET_UINT32_LE( X[15], data, 60 ); + +#define S(x,n) ((x << n) | ((x & 0xFFFFFFFF) >> (32 - n))) + + A = ctx->state[0]; + B = ctx->state[1]; + C = ctx->state[2]; + D = ctx->state[3]; + +#define F(x, y, z) ((x & y) | ((~x) & z)) +#define P(a,b,c,d,x,s) { a += F(b,c,d) + x; a = S(a,s); } + + P( A, B, C, D, X[ 0], 3 ); + P( D, A, B, C, X[ 1], 7 ); + P( C, D, A, B, X[ 2], 11 ); + P( B, C, D, A, X[ 3], 19 ); + P( A, B, C, D, X[ 4], 3 ); + P( D, A, B, C, X[ 5], 7 ); + P( C, D, A, B, X[ 6], 11 ); + P( B, C, D, A, X[ 7], 19 ); + P( A, B, C, D, X[ 8], 3 ); + P( D, A, B, C, X[ 9], 7 ); + P( C, D, A, B, X[10], 11 ); + P( B, C, D, A, X[11], 19 ); + P( A, B, C, D, X[12], 3 ); + P( D, A, B, C, X[13], 7 ); + P( C, D, A, B, X[14], 11 ); + P( B, C, D, A, X[15], 19 ); + +#undef P +#undef F + +#define F(x,y,z) ((x & y) | (x & z) | (y & z)) +#define P(a,b,c,d,x,s) { a += F(b,c,d) + x + 0x5A827999; a = S(a,s); } + + P( A, B, C, D, X[ 0], 3 ); + P( D, A, B, C, X[ 4], 5 ); + P( C, D, A, B, X[ 8], 9 ); + P( B, C, D, A, X[12], 13 ); + P( A, B, C, D, X[ 1], 3 ); + P( D, A, B, C, X[ 5], 5 ); + P( C, D, A, B, X[ 9], 9 ); + P( B, C, D, A, X[13], 13 ); + P( A, B, C, D, X[ 2], 3 ); + P( D, A, B, C, X[ 6], 5 ); + P( C, D, A, B, X[10], 9 ); + P( B, C, D, A, X[14], 13 ); + P( A, B, C, D, X[ 3], 3 ); + P( D, A, B, C, X[ 7], 5 ); + P( C, D, A, B, X[11], 9 ); + P( B, C, D, A, X[15], 13 ); + +#undef P +#undef F + +#define F(x,y,z) (x ^ y ^ z) +#define P(a,b,c,d,x,s) { a += F(b,c,d) + x + 0x6ED9EBA1; a = S(a,s); } + + P( A, B, C, D, X[ 0], 3 ); + P( D, A, B, C, X[ 8], 9 ); + P( C, D, A, B, X[ 4], 11 ); + P( B, C, D, A, X[12], 15 ); + P( A, B, C, D, X[ 2], 3 ); + P( D, A, B, C, X[10], 9 ); + P( C, D, A, B, X[ 6], 11 ); + P( B, C, D, A, X[14], 15 ); + P( A, B, C, D, X[ 1], 3 ); + P( D, A, B, C, X[ 9], 9 ); + P( C, D, A, B, X[ 5], 11 ); + P( B, C, D, A, X[13], 15 ); + P( A, B, C, D, X[ 3], 3 ); + P( D, A, B, C, X[11], 9 ); + P( C, D, A, B, X[ 7], 11 ); + P( B, C, D, A, X[15], 15 ); + +#undef F +#undef P + + ctx->state[0] += A; + ctx->state[1] += B; + ctx->state[2] += C; + ctx->state[3] += D; +} + +/* + * MD4 process buffer + */ +void md4_update( md4_context *ctx, const unsigned char *input, size_t ilen ) +{ + size_t fill; + uint32_t left; + + if( ilen <= 0 ) + return; + + left = ctx->total[0] & 0x3F; + fill = 64 - left; + + ctx->total[0] += (uint32_t) ilen; + ctx->total[0] &= 0xFFFFFFFF; + + if( ctx->total[0] < (uint32_t) ilen ) + ctx->total[1]++; + + if( left && ilen >= fill ) + { + memcpy( (void *) (ctx->buffer + left), + (void *) input, fill ); + md4_process( ctx, ctx->buffer ); + input += fill; + ilen -= fill; + left = 0; + } + + while( ilen >= 64 ) + { + md4_process( ctx, input ); + input += 64; + ilen -= 64; + } + + if( ilen > 0 ) + { + memcpy( (void *) (ctx->buffer + left), + (void *) input, ilen ); + } +} + +static const unsigned char md4_padding[64] = +{ + 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 +}; + +/* + * MD4 final digest + */ +void md4_finish( md4_context *ctx, unsigned char output[16] ) +{ + uint32_t last, padn; + uint32_t high, low; + unsigned char msglen[8]; + + high = ( ctx->total[0] >> 29 ) + | ( ctx->total[1] << 3 ); + low = ( ctx->total[0] << 3 ); + + PUT_UINT32_LE( low, msglen, 0 ); + PUT_UINT32_LE( high, msglen, 4 ); + + last = ctx->total[0] & 0x3F; + padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last ); + + md4_update( ctx, (unsigned char *) md4_padding, padn ); + md4_update( ctx, msglen, 8 ); + + PUT_UINT32_LE( ctx->state[0], output, 0 ); + PUT_UINT32_LE( ctx->state[1], output, 4 ); + PUT_UINT32_LE( ctx->state[2], output, 8 ); + PUT_UINT32_LE( ctx->state[3], output, 12 ); +} + +#endif /* !POLARSSL_MD4_ALT */ + +/* + * output = MD4( input buffer ) + */ +void md4( const unsigned char *input, size_t ilen, unsigned char output[16] ) +{ + md4_context ctx; + + md4_starts( &ctx ); + md4_update( &ctx, input, ilen ); + md4_finish( &ctx, output ); + + memset( &ctx, 0, sizeof( md4_context ) ); +} + +#if defined(POLARSSL_FS_IO) +/* + * output = MD4( file contents ) + */ +int md4_file( const char *path, unsigned char output[16] ) +{ + FILE *f; + size_t n; + md4_context ctx; + unsigned char buf[1024]; + + if( ( f = fopen( path, "rb" ) ) == NULL ) + return( POLARSSL_ERR_MD4_FILE_IO_ERROR ); + + md4_starts( &ctx ); + + while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 ) + md4_update( &ctx, buf, n ); + + md4_finish( &ctx, output ); + + memset( &ctx, 0, sizeof( md4_context ) ); + + if( ferror( f ) != 0 ) + { + fclose( f ); + return( POLARSSL_ERR_MD4_FILE_IO_ERROR ); + } + + fclose( f ); + return( 0 ); +} +#endif /* POLARSSL_FS_IO */ + +/* + * MD4 HMAC context setup + */ +void md4_hmac_starts( md4_context *ctx, const unsigned char *key, size_t keylen ) +{ + size_t i; + unsigned char sum[16]; + + if( keylen > 64 ) + { + md4( key, keylen, sum ); + keylen = 16; + key = sum; + } + + memset( ctx->ipad, 0x36, 64 ); + memset( ctx->opad, 0x5C, 64 ); + + for( i = 0; i < keylen; i++ ) + { + ctx->ipad[i] = (unsigned char)( ctx->ipad[i] ^ key[i] ); + ctx->opad[i] = (unsigned char)( ctx->opad[i] ^ key[i] ); + } + + md4_starts( ctx ); + md4_update( ctx, ctx->ipad, 64 ); + + memset( sum, 0, sizeof( sum ) ); +} + +/* + * MD4 HMAC process buffer + */ +void md4_hmac_update( md4_context *ctx, const unsigned char *input, size_t ilen ) +{ + md4_update( ctx, input, ilen ); +} + +/* + * MD4 HMAC final digest + */ +void md4_hmac_finish( md4_context *ctx, unsigned char output[16] ) +{ + unsigned char tmpbuf[16]; + + md4_finish( ctx, tmpbuf ); + md4_starts( ctx ); + md4_update( ctx, ctx->opad, 64 ); + md4_update( ctx, tmpbuf, 16 ); + md4_finish( ctx, output ); + + memset( tmpbuf, 0, sizeof( tmpbuf ) ); +} + +/* + * MD4 HMAC context reset + */ +void md4_hmac_reset( md4_context *ctx ) +{ + md4_starts( ctx ); + md4_update( ctx, ctx->ipad, 64 ); +} + +/* + * output = HMAC-MD4( hmac key, input buffer ) + */ +void md4_hmac( const unsigned char *key, size_t keylen, + const unsigned char *input, size_t ilen, + unsigned char output[16] ) +{ + md4_context ctx; + + md4_hmac_starts( &ctx, key, keylen ); + md4_hmac_update( &ctx, input, ilen ); + md4_hmac_finish( &ctx, output ); + + memset( &ctx, 0, sizeof( md4_context ) ); +} + +#if defined(POLARSSL_SELF_TEST) + +/* + * RFC 1320 test vectors + */ +static const char md4_test_str[7][81] = +{ + { "" }, + { "a" }, + { "abc" }, + { "message digest" }, + { "abcdefghijklmnopqrstuvwxyz" }, + { "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789" }, + { "12345678901234567890123456789012345678901234567890123456789012" \ + "345678901234567890" } +}; + +static const unsigned char md4_test_sum[7][16] = +{ + { 0x31, 0xD6, 0xCF, 0xE0, 0xD1, 0x6A, 0xE9, 0x31, + 0xB7, 0x3C, 0x59, 0xD7, 0xE0, 0xC0, 0x89, 0xC0 }, + { 0xBD, 0xE5, 0x2C, 0xB3, 0x1D, 0xE3, 0x3E, 0x46, + 0x24, 0x5E, 0x05, 0xFB, 0xDB, 0xD6, 0xFB, 0x24 }, + { 0xA4, 0x48, 0x01, 0x7A, 0xAF, 0x21, 0xD8, 0x52, + 0x5F, 0xC1, 0x0A, 0xE8, 0x7A, 0xA6, 0x72, 0x9D }, + { 0xD9, 0x13, 0x0A, 0x81, 0x64, 0x54, 0x9F, 0xE8, + 0x18, 0x87, 0x48, 0x06, 0xE1, 0xC7, 0x01, 0x4B }, + { 0xD7, 0x9E, 0x1C, 0x30, 0x8A, 0xA5, 0xBB, 0xCD, + 0xEE, 0xA8, 0xED, 0x63, 0xDF, 0x41, 0x2D, 0xA9 }, + { 0x04, 0x3F, 0x85, 0x82, 0xF2, 0x41, 0xDB, 0x35, + 0x1C, 0xE6, 0x27, 0xE1, 0x53, 0xE7, 0xF0, 0xE4 }, + { 0xE3, 0x3B, 0x4D, 0xDC, 0x9C, 0x38, 0xF2, 0x19, + 0x9C, 0x3E, 0x7B, 0x16, 0x4F, 0xCC, 0x05, 0x36 } +}; + +/* + * Checkup routine + */ +int md4_self_test( int verbose ) +{ + int i; + unsigned char md4sum[16]; + + for( i = 0; i < 7; i++ ) + { + if( verbose != 0 ) + printf( " MD4 test #%d: ", i + 1 ); + + md4( (unsigned char *) md4_test_str[i], + strlen( md4_test_str[i] ), md4sum ); + + if( memcmp( md4sum, md4_test_sum[i], 16 ) != 0 ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( 1 ); + } + + if( verbose != 0 ) + printf( "passed\n" ); + } + + if( verbose != 0 ) + printf( "\n" ); + + return( 0 ); +} + +#endif + +#endif diff --git a/polarssl/md4.h b/polarssl/md4.h new file mode 100644 index 0000000..9600361 --- /dev/null +++ b/polarssl/md4.h @@ -0,0 +1,177 @@ +/** + * \file md4.h + * + * \brief MD4 message digest algorithm (hash function) + * + * Copyright (C) 2006-2013, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef POLARSSL_MD4_H +#define POLARSSL_MD4_H + +#include "polarssl/config.h" + +#include + +#ifdef _MSC_VER +#include +typedef UINT32 uint32_t; +#else +#include +#endif + +#define POLARSSL_ERR_MD4_FILE_IO_ERROR -0x0072 /**< Read/write error in file. */ + +#if !defined(POLARSSL_MD4_ALT) +// Regular implementation +// + +/** + * \brief MD4 context structure + */ +typedef struct +{ + uint32_t total[2]; /*!< number of bytes processed */ + uint32_t state[4]; /*!< intermediate digest state */ + unsigned char buffer[64]; /*!< data block being processed */ + + unsigned char ipad[64]; /*!< HMAC: inner padding */ + unsigned char opad[64]; /*!< HMAC: outer padding */ +} +md4_context; + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief MD4 context setup + * + * \param ctx context to be initialized + */ +void md4_starts( md4_context *ctx ); + +/** + * \brief MD4 process buffer + * + * \param ctx MD4 context + * \param input buffer holding the data + * \param ilen length of the input data + */ +void md4_update( md4_context *ctx, const unsigned char *input, size_t ilen ); + +/** + * \brief MD4 final digest + * + * \param ctx MD4 context + * \param output MD4 checksum result + */ +void md4_finish( md4_context *ctx, unsigned char output[16] ); + +#ifdef __cplusplus +} +#endif + +#else /* POLARSSL_MD4_ALT */ +#include "polarssl/md4_alt.h" +#endif /* POLARSSL_MD4_ALT */ + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief Output = MD4( input buffer ) + * + * \param input buffer holding the data + * \param ilen length of the input data + * \param output MD4 checksum result + */ +void md4( const unsigned char *input, size_t ilen, unsigned char output[16] ); + +/** + * \brief Output = MD4( file contents ) + * + * \param path input file name + * \param output MD4 checksum result + * + * \return 0 if successful, or POLARSSL_ERR_MD4_FILE_IO_ERROR + */ +int md4_file( const char *path, unsigned char output[16] ); + +/** + * \brief MD4 HMAC context setup + * + * \param ctx HMAC context to be initialized + * \param key HMAC secret key + * \param keylen length of the HMAC key + */ +void md4_hmac_starts( md4_context *ctx, const unsigned char *key, size_t keylen ); + +/** + * \brief MD4 HMAC process buffer + * + * \param ctx HMAC context + * \param input buffer holding the data + * \param ilen length of the input data + */ +void md4_hmac_update( md4_context *ctx, const unsigned char *input, size_t ilen ); + +/** + * \brief MD4 HMAC final digest + * + * \param ctx HMAC context + * \param output MD4 HMAC checksum result + */ +void md4_hmac_finish( md4_context *ctx, unsigned char output[16] ); + +/** + * \brief MD4 HMAC context reset + * + * \param ctx HMAC context to be reset + */ +void md4_hmac_reset( md4_context *ctx ); + +/** + * \brief Output = HMAC-MD4( hmac key, input buffer ) + * + * \param key HMAC secret key + * \param keylen length of the HMAC key + * \param input buffer holding the data + * \param ilen length of the input data + * \param output HMAC-MD4 result + */ +void md4_hmac( const unsigned char *key, size_t keylen, + const unsigned char *input, size_t ilen, + unsigned char output[16] ); + +/** + * \brief Checkup routine + * + * \return 0 if successful, or 1 if the test failed + */ +int md4_self_test( int verbose ); + +#ifdef __cplusplus +} +#endif + +#endif /* md4.h */ diff --git a/polarssl/md5.c b/polarssl/md5.c new file mode 100644 index 0000000..b28461e --- /dev/null +++ b/polarssl/md5.c @@ -0,0 +1,585 @@ +/* + * RFC 1321 compliant MD5 implementation + * + * Copyright (C) 2006-2013, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +/* + * The MD5 algorithm was designed by Ron Rivest in 1991. + * + * http://www.ietf.org/rfc/rfc1321.txt + */ + +#include "polarssl/config.h" + +#if defined(POLARSSL_MD5_C) + +#include "polarssl/md5.h" + +#if defined(POLARSSL_FS_IO) || defined(POLARSSL_SELF_TEST) +#include +#endif + +#if !defined(POLARSSL_MD5_ALT) + +/* + * 32-bit integer manipulation macros (little endian) + */ +#ifndef GET_UINT32_LE +#define GET_UINT32_LE(n,b,i) \ +{ \ + (n) = ( (uint32_t) (b)[(i) ] ) \ + | ( (uint32_t) (b)[(i) + 1] << 8 ) \ + | ( (uint32_t) (b)[(i) + 2] << 16 ) \ + | ( (uint32_t) (b)[(i) + 3] << 24 ); \ +} +#endif + +#ifndef PUT_UINT32_LE +#define PUT_UINT32_LE(n,b,i) \ +{ \ + (b)[(i) ] = (unsigned char) ( (n) ); \ + (b)[(i) + 1] = (unsigned char) ( (n) >> 8 ); \ + (b)[(i) + 2] = (unsigned char) ( (n) >> 16 ); \ + (b)[(i) + 3] = (unsigned char) ( (n) >> 24 ); \ +} +#endif + +/* + * MD5 context setup + */ +void md5_starts( md5_context *ctx ) +{ + ctx->total[0] = 0; + ctx->total[1] = 0; + + ctx->state[0] = 0x67452301; + ctx->state[1] = 0xEFCDAB89; + ctx->state[2] = 0x98BADCFE; + ctx->state[3] = 0x10325476; +} + +void md5_process( md5_context *ctx, const unsigned char data[64] ) +{ + uint32_t X[16], A, B, C, D; + + GET_UINT32_LE( X[ 0], data, 0 ); + GET_UINT32_LE( X[ 1], data, 4 ); + GET_UINT32_LE( X[ 2], data, 8 ); + GET_UINT32_LE( X[ 3], data, 12 ); + GET_UINT32_LE( X[ 4], data, 16 ); + GET_UINT32_LE( X[ 5], data, 20 ); + GET_UINT32_LE( X[ 6], data, 24 ); + GET_UINT32_LE( X[ 7], data, 28 ); + GET_UINT32_LE( X[ 8], data, 32 ); + GET_UINT32_LE( X[ 9], data, 36 ); + GET_UINT32_LE( X[10], data, 40 ); + GET_UINT32_LE( X[11], data, 44 ); + GET_UINT32_LE( X[12], data, 48 ); + GET_UINT32_LE( X[13], data, 52 ); + GET_UINT32_LE( X[14], data, 56 ); + GET_UINT32_LE( X[15], data, 60 ); + +#define S(x,n) ((x << n) | ((x & 0xFFFFFFFF) >> (32 - n))) + +#define P(a,b,c,d,k,s,t) \ +{ \ + a += F(b,c,d) + X[k] + t; a = S(a,s) + b; \ +} + + A = ctx->state[0]; + B = ctx->state[1]; + C = ctx->state[2]; + D = ctx->state[3]; + +#define F(x,y,z) (z ^ (x & (y ^ z))) + + P( A, B, C, D, 0, 7, 0xD76AA478 ); + P( D, A, B, C, 1, 12, 0xE8C7B756 ); + P( C, D, A, B, 2, 17, 0x242070DB ); + P( B, C, D, A, 3, 22, 0xC1BDCEEE ); + P( A, B, C, D, 4, 7, 0xF57C0FAF ); + P( D, A, B, C, 5, 12, 0x4787C62A ); + P( C, D, A, B, 6, 17, 0xA8304613 ); + P( B, C, D, A, 7, 22, 0xFD469501 ); + P( A, B, C, D, 8, 7, 0x698098D8 ); + P( D, A, B, C, 9, 12, 0x8B44F7AF ); + P( C, D, A, B, 10, 17, 0xFFFF5BB1 ); + P( B, C, D, A, 11, 22, 0x895CD7BE ); + P( A, B, C, D, 12, 7, 0x6B901122 ); + P( D, A, B, C, 13, 12, 0xFD987193 ); + P( C, D, A, B, 14, 17, 0xA679438E ); + P( B, C, D, A, 15, 22, 0x49B40821 ); + +#undef F + +#define F(x,y,z) (y ^ (z & (x ^ y))) + + P( A, B, C, D, 1, 5, 0xF61E2562 ); + P( D, A, B, C, 6, 9, 0xC040B340 ); + P( C, D, A, B, 11, 14, 0x265E5A51 ); + P( B, C, D, A, 0, 20, 0xE9B6C7AA ); + P( A, B, C, D, 5, 5, 0xD62F105D ); + P( D, A, B, C, 10, 9, 0x02441453 ); + P( C, D, A, B, 15, 14, 0xD8A1E681 ); + P( B, C, D, A, 4, 20, 0xE7D3FBC8 ); + P( A, B, C, D, 9, 5, 0x21E1CDE6 ); + P( D, A, B, C, 14, 9, 0xC33707D6 ); + P( C, D, A, B, 3, 14, 0xF4D50D87 ); + P( B, C, D, A, 8, 20, 0x455A14ED ); + P( A, B, C, D, 13, 5, 0xA9E3E905 ); + P( D, A, B, C, 2, 9, 0xFCEFA3F8 ); + P( C, D, A, B, 7, 14, 0x676F02D9 ); + P( B, C, D, A, 12, 20, 0x8D2A4C8A ); + +#undef F + +#define F(x,y,z) (x ^ y ^ z) + + P( A, B, C, D, 5, 4, 0xFFFA3942 ); + P( D, A, B, C, 8, 11, 0x8771F681 ); + P( C, D, A, B, 11, 16, 0x6D9D6122 ); + P( B, C, D, A, 14, 23, 0xFDE5380C ); + P( A, B, C, D, 1, 4, 0xA4BEEA44 ); + P( D, A, B, C, 4, 11, 0x4BDECFA9 ); + P( C, D, A, B, 7, 16, 0xF6BB4B60 ); + P( B, C, D, A, 10, 23, 0xBEBFBC70 ); + P( A, B, C, D, 13, 4, 0x289B7EC6 ); + P( D, A, B, C, 0, 11, 0xEAA127FA ); + P( C, D, A, B, 3, 16, 0xD4EF3085 ); + P( B, C, D, A, 6, 23, 0x04881D05 ); + P( A, B, C, D, 9, 4, 0xD9D4D039 ); + P( D, A, B, C, 12, 11, 0xE6DB99E5 ); + P( C, D, A, B, 15, 16, 0x1FA27CF8 ); + P( B, C, D, A, 2, 23, 0xC4AC5665 ); + +#undef F + +#define F(x,y,z) (y ^ (x | ~z)) + + P( A, B, C, D, 0, 6, 0xF4292244 ); + P( D, A, B, C, 7, 10, 0x432AFF97 ); + P( C, D, A, B, 14, 15, 0xAB9423A7 ); + P( B, C, D, A, 5, 21, 0xFC93A039 ); + P( A, B, C, D, 12, 6, 0x655B59C3 ); + P( D, A, B, C, 3, 10, 0x8F0CCC92 ); + P( C, D, A, B, 10, 15, 0xFFEFF47D ); + P( B, C, D, A, 1, 21, 0x85845DD1 ); + P( A, B, C, D, 8, 6, 0x6FA87E4F ); + P( D, A, B, C, 15, 10, 0xFE2CE6E0 ); + P( C, D, A, B, 6, 15, 0xA3014314 ); + P( B, C, D, A, 13, 21, 0x4E0811A1 ); + P( A, B, C, D, 4, 6, 0xF7537E82 ); + P( D, A, B, C, 11, 10, 0xBD3AF235 ); + P( C, D, A, B, 2, 15, 0x2AD7D2BB ); + P( B, C, D, A, 9, 21, 0xEB86D391 ); + +#undef F + + ctx->state[0] += A; + ctx->state[1] += B; + ctx->state[2] += C; + ctx->state[3] += D; +} + +/* + * MD5 process buffer + */ +void md5_update( md5_context *ctx, const unsigned char *input, size_t ilen ) +{ + size_t fill; + uint32_t left; + + if( ilen <= 0 ) + return; + + left = ctx->total[0] & 0x3F; + fill = 64 - left; + + ctx->total[0] += (uint32_t) ilen; + ctx->total[0] &= 0xFFFFFFFF; + + if( ctx->total[0] < (uint32_t) ilen ) + ctx->total[1]++; + + if( left && ilen >= fill ) + { + memcpy( (void *) (ctx->buffer + left), input, fill ); + md5_process( ctx, ctx->buffer ); + input += fill; + ilen -= fill; + left = 0; + } + + while( ilen >= 64 ) + { + md5_process( ctx, input ); + input += 64; + ilen -= 64; + } + + if( ilen > 0 ) + { + memcpy( (void *) (ctx->buffer + left), input, ilen ); + } +} + +static const unsigned char md5_padding[64] = +{ + 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 +}; + +/* + * MD5 final digest + */ +void md5_finish( md5_context *ctx, unsigned char output[16] ) +{ + uint32_t last, padn; + uint32_t high, low; + unsigned char msglen[8]; + + high = ( ctx->total[0] >> 29 ) + | ( ctx->total[1] << 3 ); + low = ( ctx->total[0] << 3 ); + + PUT_UINT32_LE( low, msglen, 0 ); + PUT_UINT32_LE( high, msglen, 4 ); + + last = ctx->total[0] & 0x3F; + padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last ); + + md5_update( ctx, md5_padding, padn ); + md5_update( ctx, msglen, 8 ); + + PUT_UINT32_LE( ctx->state[0], output, 0 ); + PUT_UINT32_LE( ctx->state[1], output, 4 ); + PUT_UINT32_LE( ctx->state[2], output, 8 ); + PUT_UINT32_LE( ctx->state[3], output, 12 ); +} + +#endif /* !POLARSSL_MD5_ALT */ + +/* + * output = MD5( input buffer ) + */ +void md5( const unsigned char *input, size_t ilen, unsigned char output[16] ) +{ + md5_context ctx; + + md5_starts( &ctx ); + md5_update( &ctx, input, ilen ); + md5_finish( &ctx, output ); + + memset( &ctx, 0, sizeof( md5_context ) ); +} + +#if defined(POLARSSL_FS_IO) +/* + * output = MD5( file contents ) + */ +int md5_file( const char *path, unsigned char output[16] ) +{ + FILE *f; + size_t n; + md5_context ctx; + unsigned char buf[1024]; + + if( ( f = fopen( path, "rb" ) ) == NULL ) + return( POLARSSL_ERR_MD5_FILE_IO_ERROR ); + + md5_starts( &ctx ); + + while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 ) + md5_update( &ctx, buf, n ); + + md5_finish( &ctx, output ); + + memset( &ctx, 0, sizeof( md5_context ) ); + + if( ferror( f ) != 0 ) + { + fclose( f ); + return( POLARSSL_ERR_MD5_FILE_IO_ERROR ); + } + + fclose( f ); + return( 0 ); +} +#endif /* POLARSSL_FS_IO */ + +/* + * MD5 HMAC context setup + */ +void md5_hmac_starts( md5_context *ctx, const unsigned char *key, size_t keylen ) +{ + size_t i; + unsigned char sum[16]; + + if( keylen > 64 ) + { + md5( key, keylen, sum ); + keylen = 16; + key = sum; + } + + memset( ctx->ipad, 0x36, 64 ); + memset( ctx->opad, 0x5C, 64 ); + + for( i = 0; i < keylen; i++ ) + { + ctx->ipad[i] = (unsigned char)( ctx->ipad[i] ^ key[i] ); + ctx->opad[i] = (unsigned char)( ctx->opad[i] ^ key[i] ); + } + + md5_starts( ctx ); + md5_update( ctx, ctx->ipad, 64 ); + + memset( sum, 0, sizeof( sum ) ); +} + +/* + * MD5 HMAC process buffer + */ +void md5_hmac_update( md5_context *ctx, const unsigned char *input, size_t ilen ) +{ + md5_update( ctx, input, ilen ); +} + +/* + * MD5 HMAC final digest + */ +void md5_hmac_finish( md5_context *ctx, unsigned char output[16] ) +{ + unsigned char tmpbuf[16]; + + md5_finish( ctx, tmpbuf ); + md5_starts( ctx ); + md5_update( ctx, ctx->opad, 64 ); + md5_update( ctx, tmpbuf, 16 ); + md5_finish( ctx, output ); + + memset( tmpbuf, 0, sizeof( tmpbuf ) ); +} + +/* + * MD5 HMAC context reset + */ +void md5_hmac_reset( md5_context *ctx ) +{ + md5_starts( ctx ); + md5_update( ctx, ctx->ipad, 64 ); +} + +/* + * output = HMAC-MD5( hmac key, input buffer ) + */ +void md5_hmac( const unsigned char *key, size_t keylen, + const unsigned char *input, size_t ilen, + unsigned char output[16] ) +{ + md5_context ctx; + + md5_hmac_starts( &ctx, key, keylen ); + md5_hmac_update( &ctx, input, ilen ); + md5_hmac_finish( &ctx, output ); + + memset( &ctx, 0, sizeof( md5_context ) ); +} + +#if defined(POLARSSL_SELF_TEST) +/* + * RFC 1321 test vectors + */ +static unsigned char md5_test_buf[7][81] = +{ + { "" }, + { "a" }, + { "abc" }, + { "message digest" }, + { "abcdefghijklmnopqrstuvwxyz" }, + { "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789" }, + { "12345678901234567890123456789012345678901234567890123456789012" \ + "345678901234567890" } +}; + +static const int md5_test_buflen[7] = +{ + 0, 1, 3, 14, 26, 62, 80 +}; + +static const unsigned char md5_test_sum[7][16] = +{ + { 0xD4, 0x1D, 0x8C, 0xD9, 0x8F, 0x00, 0xB2, 0x04, + 0xE9, 0x80, 0x09, 0x98, 0xEC, 0xF8, 0x42, 0x7E }, + { 0x0C, 0xC1, 0x75, 0xB9, 0xC0, 0xF1, 0xB6, 0xA8, + 0x31, 0xC3, 0x99, 0xE2, 0x69, 0x77, 0x26, 0x61 }, + { 0x90, 0x01, 0x50, 0x98, 0x3C, 0xD2, 0x4F, 0xB0, + 0xD6, 0x96, 0x3F, 0x7D, 0x28, 0xE1, 0x7F, 0x72 }, + { 0xF9, 0x6B, 0x69, 0x7D, 0x7C, 0xB7, 0x93, 0x8D, + 0x52, 0x5A, 0x2F, 0x31, 0xAA, 0xF1, 0x61, 0xD0 }, + { 0xC3, 0xFC, 0xD3, 0xD7, 0x61, 0x92, 0xE4, 0x00, + 0x7D, 0xFB, 0x49, 0x6C, 0xCA, 0x67, 0xE1, 0x3B }, + { 0xD1, 0x74, 0xAB, 0x98, 0xD2, 0x77, 0xD9, 0xF5, + 0xA5, 0x61, 0x1C, 0x2C, 0x9F, 0x41, 0x9D, 0x9F }, + { 0x57, 0xED, 0xF4, 0xA2, 0x2B, 0xE3, 0xC9, 0x55, + 0xAC, 0x49, 0xDA, 0x2E, 0x21, 0x07, 0xB6, 0x7A } +}; + +/* + * RFC 2202 test vectors + */ +static unsigned char md5_hmac_test_key[7][26] = +{ + { "\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B" }, + { "Jefe" }, + { "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" }, + { "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10" + "\x11\x12\x13\x14\x15\x16\x17\x18\x19" }, + { "\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C" }, + { "" }, /* 0xAA 80 times */ + { "" } +}; + +static const int md5_hmac_test_keylen[7] = +{ + 16, 4, 16, 25, 16, 80, 80 +}; + +static unsigned char md5_hmac_test_buf[7][74] = +{ + { "Hi There" }, + { "what do ya want for nothing?" }, + { "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" }, + { "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" + "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" + "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" + "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" + "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" }, + { "Test With Truncation" }, + { "Test Using Larger Than Block-Size Key - Hash Key First" }, + { "Test Using Larger Than Block-Size Key and Larger" + " Than One Block-Size Data" } +}; + +static const int md5_hmac_test_buflen[7] = +{ + 8, 28, 50, 50, 20, 54, 73 +}; + +static const unsigned char md5_hmac_test_sum[7][16] = +{ + { 0x92, 0x94, 0x72, 0x7A, 0x36, 0x38, 0xBB, 0x1C, + 0x13, 0xF4, 0x8E, 0xF8, 0x15, 0x8B, 0xFC, 0x9D }, + { 0x75, 0x0C, 0x78, 0x3E, 0x6A, 0xB0, 0xB5, 0x03, + 0xEA, 0xA8, 0x6E, 0x31, 0x0A, 0x5D, 0xB7, 0x38 }, + { 0x56, 0xBE, 0x34, 0x52, 0x1D, 0x14, 0x4C, 0x88, + 0xDB, 0xB8, 0xC7, 0x33, 0xF0, 0xE8, 0xB3, 0xF6 }, + { 0x69, 0x7E, 0xAF, 0x0A, 0xCA, 0x3A, 0x3A, 0xEA, + 0x3A, 0x75, 0x16, 0x47, 0x46, 0xFF, 0xAA, 0x79 }, + { 0x56, 0x46, 0x1E, 0xF2, 0x34, 0x2E, 0xDC, 0x00, + 0xF9, 0xBA, 0xB9, 0x95 }, + { 0x6B, 0x1A, 0xB7, 0xFE, 0x4B, 0xD7, 0xBF, 0x8F, + 0x0B, 0x62, 0xE6, 0xCE, 0x61, 0xB9, 0xD0, 0xCD }, + { 0x6F, 0x63, 0x0F, 0xAD, 0x67, 0xCD, 0xA0, 0xEE, + 0x1F, 0xB1, 0xF5, 0x62, 0xDB, 0x3A, 0xA5, 0x3E } +}; + +/* + * Checkup routine + */ +int md5_self_test( int verbose ) +{ + int i, buflen; + unsigned char buf[1024]; + unsigned char md5sum[16]; + md5_context ctx; + + for( i = 0; i < 7; i++ ) + { + if( verbose != 0 ) + printf( " MD5 test #%d: ", i + 1 ); + + md5( md5_test_buf[i], md5_test_buflen[i], md5sum ); + + if( memcmp( md5sum, md5_test_sum[i], 16 ) != 0 ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( 1 ); + } + + if( verbose != 0 ) + printf( "passed\n" ); + } + + if( verbose != 0 ) + printf( "\n" ); + + for( i = 0; i < 7; i++ ) + { + if( verbose != 0 ) + printf( " HMAC-MD5 test #%d: ", i + 1 ); + + if( i == 5 || i == 6 ) + { + memset( buf, '\xAA', buflen = 80 ); + md5_hmac_starts( &ctx, buf, buflen ); + } + else + md5_hmac_starts( &ctx, md5_hmac_test_key[i], + md5_hmac_test_keylen[i] ); + + md5_hmac_update( &ctx, md5_hmac_test_buf[i], + md5_hmac_test_buflen[i] ); + + md5_hmac_finish( &ctx, md5sum ); + + buflen = ( i == 4 ) ? 12 : 16; + + if( memcmp( md5sum, md5_hmac_test_sum[i], buflen ) != 0 ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( 1 ); + } + + if( verbose != 0 ) + printf( "passed\n" ); + } + + if( verbose != 0 ) + printf( "\n" ); + + return( 0 ); +} + +#endif + +#endif diff --git a/polarssl/md5.h b/polarssl/md5.h new file mode 100644 index 0000000..ecb6428 --- /dev/null +++ b/polarssl/md5.h @@ -0,0 +1,182 @@ +/** + * \file md5.h + * + * \brief MD5 message digest algorithm (hash function) + * + * Copyright (C) 2006-2013, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef POLARSSL_MD5_H +#define POLARSSL_MD5_H + +#include "polarssl/config.h" + +#include + +#ifdef _MSC_VER +#include +typedef UINT32 uint32_t; +#else +#include +#endif + +#define POLARSSL_ERR_MD5_FILE_IO_ERROR -0x0074 /**< Read/write error in file. */ + +#if !defined(POLARSSL_MD5_ALT) +// Regular implementation +// + +/** + * \brief MD5 context structure + */ +typedef struct +{ + uint32_t total[2]; /*!< number of bytes processed */ + uint32_t state[4]; /*!< intermediate digest state */ + unsigned char buffer[64]; /*!< data block being processed */ + + unsigned char ipad[64]; /*!< HMAC: inner padding */ + unsigned char opad[64]; /*!< HMAC: outer padding */ +} +md5_context; + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief MD5 context setup + * + * \param ctx context to be initialized + */ +void md5_starts( md5_context *ctx ); + +/** + * \brief MD5 process buffer + * + * \param ctx MD5 context + * \param input buffer holding the data + * \param ilen length of the input data + */ +void md5_update( md5_context *ctx, const unsigned char *input, size_t ilen ); + +/** + * \brief MD5 final digest + * + * \param ctx MD5 context + * \param output MD5 checksum result + */ +void md5_finish( md5_context *ctx, unsigned char output[16] ); + +/* Internal use */ +void md5_process( md5_context *ctx, const unsigned char data[64] ); + +#ifdef __cplusplus +} +#endif + +#else /* POLARSSL_MD5_ALT */ +#include "polarssl/md5_alt.h" +#endif /* POLARSSL_MD5_ALT */ + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief Output = MD5( input buffer ) + * + * \param input buffer holding the data + * \param ilen length of the input data + * \param output MD5 checksum result + */ +void md5( const unsigned char *input, size_t ilen, unsigned char output[16] ); + +/** + * \brief Output = MD5( file contents ) + * + * \param path input file name + * \param output MD5 checksum result + * + * \return 0 if successful, or POLARSSL_ERR_MD5_FILE_IO_ERROR + */ +int md5_file( const char *path, unsigned char output[16] ); + +/** + * \brief MD5 HMAC context setup + * + * \param ctx HMAC context to be initialized + * \param key HMAC secret key + * \param keylen length of the HMAC key + */ +void md5_hmac_starts( md5_context *ctx, + const unsigned char *key, size_t keylen ); + +/** + * \brief MD5 HMAC process buffer + * + * \param ctx HMAC context + * \param input buffer holding the data + * \param ilen length of the input data + */ +void md5_hmac_update( md5_context *ctx, + const unsigned char *input, size_t ilen ); + +/** + * \brief MD5 HMAC final digest + * + * \param ctx HMAC context + * \param output MD5 HMAC checksum result + */ +void md5_hmac_finish( md5_context *ctx, unsigned char output[16] ); + +/** + * \brief MD5 HMAC context reset + * + * \param ctx HMAC context to be reset + */ +void md5_hmac_reset( md5_context *ctx ); + +/** + * \brief Output = HMAC-MD5( hmac key, input buffer ) + * + * \param key HMAC secret key + * \param keylen length of the HMAC key + * \param input buffer holding the data + * \param ilen length of the input data + * \param output HMAC-MD5 result + */ +void md5_hmac( const unsigned char *key, size_t keylen, + const unsigned char *input, size_t ilen, + unsigned char output[16] ); + +/** + * \brief Checkup routine + * + * \return 0 if successful, or 1 if the test failed + */ +int md5_self_test( int verbose ); + +#ifdef __cplusplus +} +#endif + +#endif /* md5.h */ diff --git a/polarssl/md_wrap.c b/polarssl/md_wrap.c new file mode 100644 index 0000000..f276db5 --- /dev/null +++ b/polarssl/md_wrap.c @@ -0,0 +1,733 @@ +/** + * \file md_wrap.c + + * \brief Generic message digest wrapper for PolarSSL + * + * \author Adriaan de Jong + * + * Copyright (C) 2006-2010, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#include "polarssl/config.h" + +#if defined(POLARSSL_MD_C) + +#include "polarssl/md_wrap.h" + +#if defined(POLARSSL_MD2_C) +#include "polarssl/md2.h" +#endif + +#if defined(POLARSSL_MD4_C) +#include "polarssl/md4.h" +#endif + +#if defined(POLARSSL_MD5_C) +#include "polarssl/md5.h" +#endif + +#if defined(POLARSSL_SHA1_C) +#include "polarssl/sha1.h" +#endif + +#if defined(POLARSSL_SHA2_C) +#include "polarssl/sha2.h" +#endif + +#if defined(POLARSSL_SHA4_C) +#include "polarssl/sha4.h" +#endif + +#include + +#if defined(POLARSSL_MD2_C) + +static void md2_starts_wrap( void *ctx ) +{ + md2_starts( (md2_context *) ctx ); +} + +static void md2_update_wrap( void *ctx, const unsigned char *input, size_t ilen ) +{ + md2_update( (md2_context *) ctx, input, ilen ); +} + +static void md2_finish_wrap( void *ctx, unsigned char *output ) +{ + md2_finish( (md2_context *) ctx, output ); +} + +int md2_file_wrap( const char *path, unsigned char *output ) +{ +#if defined(POLARSSL_FS_IO) + return md2_file( path, output ); +#else + ((void) path); + ((void) output); + return POLARSSL_ERR_MD_FEATURE_UNAVAILABLE; +#endif +} + +static void md2_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen ) +{ + md2_hmac_starts( (md2_context *) ctx, key, keylen ); +} + +static void md2_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen ) +{ + md2_hmac_update( (md2_context *) ctx, input, ilen ); +} + +static void md2_hmac_finish_wrap( void *ctx, unsigned char *output ) +{ + md2_hmac_finish( (md2_context *) ctx, output ); +} + +static void md2_hmac_reset_wrap( void *ctx ) +{ + md2_hmac_reset( (md2_context *) ctx ); +} + +static void * md2_ctx_alloc( void ) +{ + return malloc( sizeof( md2_context ) ); +} + +static void md2_ctx_free( void *ctx ) +{ + free( ctx ); +} + +const md_info_t md2_info = { + POLARSSL_MD_MD2, + "MD2", + 16, + md2_starts_wrap, + md2_update_wrap, + md2_finish_wrap, + md2, + md2_file_wrap, + md2_hmac_starts_wrap, + md2_hmac_update_wrap, + md2_hmac_finish_wrap, + md2_hmac_reset_wrap, + md2_hmac, + md2_ctx_alloc, + md2_ctx_free, +}; + +#endif + +#if defined(POLARSSL_MD4_C) + +void md4_starts_wrap( void *ctx ) +{ + md4_starts( (md4_context *) ctx ); +} + +void md4_update_wrap( void *ctx, const unsigned char *input, size_t ilen ) +{ + md4_update( (md4_context *) ctx, input, ilen ); +} + +void md4_finish_wrap( void *ctx, unsigned char *output ) +{ + md4_finish( (md4_context *) ctx, output ); +} + +int md4_file_wrap( const char *path, unsigned char *output ) +{ +#if defined(POLARSSL_FS_IO) + return md4_file( path, output ); +#else + ((void) path); + ((void) output); + return POLARSSL_ERR_MD_FEATURE_UNAVAILABLE; +#endif +} + +void md4_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen ) +{ + md4_hmac_starts( (md4_context *) ctx, key, keylen ); +} + +void md4_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen ) +{ + md4_hmac_update( (md4_context *) ctx, input, ilen ); +} + +void md4_hmac_finish_wrap( void *ctx, unsigned char *output ) +{ + md4_hmac_finish( (md4_context *) ctx, output ); +} + +void md4_hmac_reset_wrap( void *ctx ) +{ + md4_hmac_reset( (md4_context *) ctx ); +} + +void *md4_ctx_alloc( void ) +{ + return malloc( sizeof( md4_context ) ); +} + +void md4_ctx_free( void *ctx ) +{ + free( ctx ); +} + +const md_info_t md4_info = { + POLARSSL_MD_MD4, + "MD4", + 16, + md4_starts_wrap, + md4_update_wrap, + md4_finish_wrap, + md4, + md4_file_wrap, + md4_hmac_starts_wrap, + md4_hmac_update_wrap, + md4_hmac_finish_wrap, + md4_hmac_reset_wrap, + md4_hmac, + md4_ctx_alloc, + md4_ctx_free, +}; + +#endif + +#if defined(POLARSSL_MD5_C) + +static void md5_starts_wrap( void *ctx ) +{ + md5_starts( (md5_context *) ctx ); +} + +static void md5_update_wrap( void *ctx, const unsigned char *input, size_t ilen ) +{ + md5_update( (md5_context *) ctx, input, ilen ); +} + +static void md5_finish_wrap( void *ctx, unsigned char *output ) +{ + md5_finish( (md5_context *) ctx, output ); +} + +int md5_file_wrap( const char *path, unsigned char *output ) +{ +#if defined(POLARSSL_FS_IO) + return md5_file( path, output ); +#else + ((void) path); + ((void) output); + return POLARSSL_ERR_MD_FEATURE_UNAVAILABLE; +#endif +} + +static void md5_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen ) +{ + md5_hmac_starts( (md5_context *) ctx, key, keylen ); +} + +static void md5_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen ) +{ + md5_hmac_update( (md5_context *) ctx, input, ilen ); +} + +static void md5_hmac_finish_wrap( void *ctx, unsigned char *output ) +{ + md5_hmac_finish( (md5_context *) ctx, output ); +} + +static void md5_hmac_reset_wrap( void *ctx ) +{ + md5_hmac_reset( (md5_context *) ctx ); +} + +static void * md5_ctx_alloc( void ) +{ + return malloc( sizeof( md5_context ) ); +} + +static void md5_ctx_free( void *ctx ) +{ + free( ctx ); +} + +const md_info_t md5_info = { + POLARSSL_MD_MD5, + "MD5", + 16, + md5_starts_wrap, + md5_update_wrap, + md5_finish_wrap, + md5, + md5_file_wrap, + md5_hmac_starts_wrap, + md5_hmac_update_wrap, + md5_hmac_finish_wrap, + md5_hmac_reset_wrap, + md5_hmac, + md5_ctx_alloc, + md5_ctx_free, +}; + +#endif + +#if defined(POLARSSL_SHA1_C) + +void sha1_starts_wrap( void *ctx ) +{ + sha1_starts( (sha1_context *) ctx ); +} + +void sha1_update_wrap( void *ctx, const unsigned char *input, size_t ilen ) +{ + sha1_update( (sha1_context *) ctx, input, ilen ); +} + +void sha1_finish_wrap( void *ctx, unsigned char *output ) +{ + sha1_finish( (sha1_context *) ctx, output ); +} + +int sha1_file_wrap( const char *path, unsigned char *output ) +{ +#if defined(POLARSSL_FS_IO) + return sha1_file( path, output ); +#else + ((void) path); + ((void) output); + return POLARSSL_ERR_MD_FEATURE_UNAVAILABLE; +#endif +} + +void sha1_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen ) +{ + sha1_hmac_starts( (sha1_context *) ctx, key, keylen ); +} + +void sha1_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen ) +{ + sha1_hmac_update( (sha1_context *) ctx, input, ilen ); +} + +void sha1_hmac_finish_wrap( void *ctx, unsigned char *output ) +{ + sha1_hmac_finish( (sha1_context *) ctx, output ); +} + +void sha1_hmac_reset_wrap( void *ctx ) +{ + sha1_hmac_reset( (sha1_context *) ctx ); +} + +void * sha1_ctx_alloc( void ) +{ + return malloc( sizeof( sha1_context ) ); +} + +void sha1_ctx_free( void *ctx ) +{ + free( ctx ); +} + +const md_info_t sha1_info = { + POLARSSL_MD_SHA1, + "SHA1", + 20, + sha1_starts_wrap, + sha1_update_wrap, + sha1_finish_wrap, + sha1, + sha1_file_wrap, + sha1_hmac_starts_wrap, + sha1_hmac_update_wrap, + sha1_hmac_finish_wrap, + sha1_hmac_reset_wrap, + sha1_hmac, + sha1_ctx_alloc, + sha1_ctx_free, +}; + +#endif + +/* + * Wrappers for generic message digests + */ +#if defined(POLARSSL_SHA2_C) + +void sha224_starts_wrap( void *ctx ) +{ + sha2_starts( (sha2_context *) ctx, 1 ); +} + +void sha224_update_wrap( void *ctx, const unsigned char *input, size_t ilen ) +{ + sha2_update( (sha2_context *) ctx, input, ilen ); +} + +void sha224_finish_wrap( void *ctx, unsigned char *output ) +{ + sha2_finish( (sha2_context *) ctx, output ); +} + +void sha224_wrap( const unsigned char *input, size_t ilen, + unsigned char *output ) +{ + sha2( input, ilen, output, 1 ); +} + +int sha224_file_wrap( const char *path, unsigned char *output ) +{ +#if defined(POLARSSL_FS_IO) + return sha2_file( path, output, 1 ); +#else + ((void) path); + ((void) output); + return POLARSSL_ERR_MD_FEATURE_UNAVAILABLE; +#endif +} + +void sha224_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen ) +{ + sha2_hmac_starts( (sha2_context *) ctx, key, keylen, 1 ); +} + +void sha224_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen ) +{ + sha2_hmac_update( (sha2_context *) ctx, input, ilen ); +} + +void sha224_hmac_finish_wrap( void *ctx, unsigned char *output ) +{ + sha2_hmac_finish( (sha2_context *) ctx, output ); +} + +void sha224_hmac_reset_wrap( void *ctx ) +{ + sha2_hmac_reset( (sha2_context *) ctx ); +} + +void sha224_hmac_wrap( const unsigned char *key, size_t keylen, + const unsigned char *input, size_t ilen, + unsigned char *output ) +{ + sha2_hmac( key, keylen, input, ilen, output, 1 ); +} + +void * sha224_ctx_alloc( void ) +{ + return malloc( sizeof( sha2_context ) ); +} + +void sha224_ctx_free( void *ctx ) +{ + free( ctx ); +} + +const md_info_t sha224_info = { + POLARSSL_MD_SHA224, + "SHA224", + 28, + sha224_starts_wrap, + sha224_update_wrap, + sha224_finish_wrap, + sha224_wrap, + sha224_file_wrap, + sha224_hmac_starts_wrap, + sha224_hmac_update_wrap, + sha224_hmac_finish_wrap, + sha224_hmac_reset_wrap, + sha224_hmac_wrap, + sha224_ctx_alloc, + sha224_ctx_free, +}; + +void sha256_starts_wrap( void *ctx ) +{ + sha2_starts( (sha2_context *) ctx, 0 ); +} + +void sha256_update_wrap( void *ctx, const unsigned char *input, size_t ilen ) +{ + sha2_update( (sha2_context *) ctx, input, ilen ); +} + +void sha256_finish_wrap( void *ctx, unsigned char *output ) +{ + sha2_finish( (sha2_context *) ctx, output ); +} + +void sha256_wrap( const unsigned char *input, size_t ilen, + unsigned char *output ) +{ + sha2( input, ilen, output, 0 ); +} + +int sha256_file_wrap( const char *path, unsigned char *output ) +{ +#if defined(POLARSSL_FS_IO) + return sha2_file( path, output, 0 ); +#else + ((void) path); + ((void) output); + return POLARSSL_ERR_MD_FEATURE_UNAVAILABLE; +#endif +} + +void sha256_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen ) +{ + sha2_hmac_starts( (sha2_context *) ctx, key, keylen, 0 ); +} + +void sha256_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen ) +{ + sha2_hmac_update( (sha2_context *) ctx, input, ilen ); +} + +void sha256_hmac_finish_wrap( void *ctx, unsigned char *output ) +{ + sha2_hmac_finish( (sha2_context *) ctx, output ); +} + +void sha256_hmac_reset_wrap( void *ctx ) +{ + sha2_hmac_reset( (sha2_context *) ctx ); +} + +void sha256_hmac_wrap( const unsigned char *key, size_t keylen, + const unsigned char *input, size_t ilen, + unsigned char *output ) +{ + sha2_hmac( key, keylen, input, ilen, output, 0 ); +} + +void * sha256_ctx_alloc( void ) +{ + return malloc( sizeof( sha2_context ) ); +} + +void sha256_ctx_free( void *ctx ) +{ + free( ctx ); +} + +const md_info_t sha256_info = { + POLARSSL_MD_SHA256, + "SHA256", + 32, + sha256_starts_wrap, + sha256_update_wrap, + sha256_finish_wrap, + sha256_wrap, + sha256_file_wrap, + sha256_hmac_starts_wrap, + sha256_hmac_update_wrap, + sha256_hmac_finish_wrap, + sha256_hmac_reset_wrap, + sha256_hmac_wrap, + sha256_ctx_alloc, + sha256_ctx_free, +}; + +#endif + +#if defined(POLARSSL_SHA4_C) + +void sha384_starts_wrap( void *ctx ) +{ + sha4_starts( (sha4_context *) ctx, 1 ); +} + +void sha384_update_wrap( void *ctx, const unsigned char *input, size_t ilen ) +{ + sha4_update( (sha4_context *) ctx, input, ilen ); +} + +void sha384_finish_wrap( void *ctx, unsigned char *output ) +{ + sha4_finish( (sha4_context *) ctx, output ); +} + +void sha384_wrap( const unsigned char *input, size_t ilen, + unsigned char *output ) +{ + sha4( input, ilen, output, 1 ); +} + +int sha384_file_wrap( const char *path, unsigned char *output ) +{ +#if defined(POLARSSL_FS_IO) + return sha4_file( path, output, 1 ); +#else + ((void) path); + ((void) output); + return POLARSSL_ERR_MD_FEATURE_UNAVAILABLE; +#endif +} + +void sha384_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen ) +{ + sha4_hmac_starts( (sha4_context *) ctx, key, keylen, 1 ); +} + +void sha384_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen ) +{ + sha4_hmac_update( (sha4_context *) ctx, input, ilen ); +} + +void sha384_hmac_finish_wrap( void *ctx, unsigned char *output ) +{ + sha4_hmac_finish( (sha4_context *) ctx, output ); +} + +void sha384_hmac_reset_wrap( void *ctx ) +{ + sha4_hmac_reset( (sha4_context *) ctx ); +} + +void sha384_hmac_wrap( const unsigned char *key, size_t keylen, + const unsigned char *input, size_t ilen, + unsigned char *output ) +{ + sha4_hmac( key, keylen, input, ilen, output, 1 ); +} + +void * sha384_ctx_alloc( void ) +{ + return malloc( sizeof( sha4_context ) ); +} + +void sha384_ctx_free( void *ctx ) +{ + free( ctx ); +} + +const md_info_t sha384_info = { + POLARSSL_MD_SHA384, + "SHA384", + 48, + sha384_starts_wrap, + sha384_update_wrap, + sha384_finish_wrap, + sha384_wrap, + sha384_file_wrap, + sha384_hmac_starts_wrap, + sha384_hmac_update_wrap, + sha384_hmac_finish_wrap, + sha384_hmac_reset_wrap, + sha384_hmac_wrap, + sha384_ctx_alloc, + sha384_ctx_free, +}; + +void sha512_starts_wrap( void *ctx ) +{ + sha4_starts( (sha4_context *) ctx, 0 ); +} + +void sha512_update_wrap( void *ctx, const unsigned char *input, size_t ilen ) +{ + sha4_update( (sha4_context *) ctx, input, ilen ); +} + +void sha512_finish_wrap( void *ctx, unsigned char *output ) +{ + sha4_finish( (sha4_context *) ctx, output ); +} + +void sha512_wrap( const unsigned char *input, size_t ilen, + unsigned char *output ) +{ + sha4( input, ilen, output, 0 ); +} + +int sha512_file_wrap( const char *path, unsigned char *output ) +{ +#if defined(POLARSSL_FS_IO) + return sha4_file( path, output, 0 ); +#else + ((void) path); + ((void) output); + return POLARSSL_ERR_MD_FEATURE_UNAVAILABLE; +#endif +} + +void sha512_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen ) +{ + sha4_hmac_starts( (sha4_context *) ctx, key, keylen, 0 ); +} + +void sha512_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen ) +{ + sha4_hmac_update( (sha4_context *) ctx, input, ilen ); +} + +void sha512_hmac_finish_wrap( void *ctx, unsigned char *output ) +{ + sha4_hmac_finish( (sha4_context *) ctx, output ); +} + +void sha512_hmac_reset_wrap( void *ctx ) +{ + sha4_hmac_reset( (sha4_context *) ctx ); +} + +void sha512_hmac_wrap( const unsigned char *key, size_t keylen, + const unsigned char *input, size_t ilen, + unsigned char *output ) +{ + sha4_hmac( key, keylen, input, ilen, output, 0 ); +} + +void * sha512_ctx_alloc( void ) +{ + return malloc( sizeof( sha4_context ) ); +} + +void sha512_ctx_free( void *ctx ) +{ + free( ctx ); +} + +const md_info_t sha512_info = { + POLARSSL_MD_SHA512, + "SHA512", + 64, + sha512_starts_wrap, + sha512_update_wrap, + sha512_finish_wrap, + sha512_wrap, + sha512_file_wrap, + sha512_hmac_starts_wrap, + sha512_hmac_update_wrap, + sha512_hmac_finish_wrap, + sha512_hmac_reset_wrap, + sha512_hmac_wrap, + sha512_ctx_alloc, + sha512_ctx_free, +}; + +#endif + +#endif diff --git a/polarssl/md_wrap.h b/polarssl/md_wrap.h new file mode 100644 index 0000000..43fc76f --- /dev/null +++ b/polarssl/md_wrap.h @@ -0,0 +1,64 @@ +/** + * \file md_wrap.h + * + * \brief Message digest wrappers. + * + * \author Adriaan de Jong + * + * Copyright (C) 2006-2011, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef POLARSSL_MD_WRAP_H +#define POLARSSL_MD_WRAP_H + +#include "polarssl/config.h" +#include "polarssl/md.h" + +#ifdef __cplusplus +extern "C" { +#endif + +#if defined(POLARSSL_MD2_C) +extern const md_info_t md2_info; +#endif +#if defined(POLARSSL_MD4_C) +extern const md_info_t md4_info; +#endif +#if defined(POLARSSL_MD5_C) +extern const md_info_t md5_info; +#endif +#if defined(POLARSSL_SHA1_C) +extern const md_info_t sha1_info; +#endif +#if defined(POLARSSL_SHA2_C) +extern const md_info_t sha224_info; +extern const md_info_t sha256_info; +#endif +#if defined(POLARSSL_SHA4_C) +extern const md_info_t sha384_info; +extern const md_info_t sha512_info; +#endif + +#ifdef __cplusplus +} +#endif + +#endif /* POLARSSL_MD_WRAP_H */ diff --git a/polarssl/net.c b/polarssl/net.c new file mode 100644 index 0000000..7a1818d --- /dev/null +++ b/polarssl/net.c @@ -0,0 +1,374 @@ +/* + * TCP networking functions + * + * Copyright (C) 2006-2010, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#include "polarssl/config.h" + +#if defined(POLARSSL_NET_C) + +#include "polarssl/net.h" + +#if defined(_WIN32) || defined(_WIN32_WCE) + +#include +#include + +#if defined(_WIN32_WCE) +#pragma comment( lib, "ws2.lib" ) +#else +#pragma comment( lib, "ws2_32.lib" ) +#endif + +#define read(fd,buf,len) recv(fd,(char*)buf,(int) len,0) +#define write(fd,buf,len) send(fd,(char*)buf,(int) len,0) +#define close(fd) closesocket(fd) + +static int wsa_init_done = 0; + +#else + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#if defined(__FreeBSD__) || defined(__OpenBSD__) || defined(__NetBSD__) || \ + defined(__DragonflyBSD__) +#include +#elif defined(__APPLE__) +#include +#elif defined(sun) +#include +#else +#include +#endif + +#endif + +#include +#include +#include + +#ifdef _MSC_VER +#include +typedef UINT32 uint32_t; +#else +#include +#endif + +/* + * htons() is not always available. + * By default go for LITTLE_ENDIAN variant. Otherwise hope for _BYTE_ORDER and __BIG_ENDIAN + * to help determine endianess. + */ +#if defined(__BYTE_ORDER) && defined(__BIG_ENDIAN) && __BYTE_ORDER == __BIG_ENDIAN +#define POLARSSL_HTONS(n) (n) +#define POLARSSL_HTONL(n) (n) +#else +#define POLARSSL_HTONS(n) ((((unsigned short)(n) & 0xFF ) << 8 ) | \ + (((unsigned short)(n) & 0xFF00 ) >> 8 )) +#define POLARSSL_HTONL(n) ((((unsigned long )(n) & 0xFF ) << 24) | \ + (((unsigned long )(n) & 0xFF00 ) << 8 ) | \ + (((unsigned long )(n) & 0xFF0000 ) >> 8 ) | \ + (((unsigned long )(n) & 0xFF000000) >> 24)) +#endif + +unsigned short net_htons(unsigned short n); +unsigned long net_htonl(unsigned long n); +#define net_htons(n) POLARSSL_HTONS(n) +#define net_htonl(n) POLARSSL_HTONL(n) + +/* + * Initiate a TCP connection with host:port + */ +int net_connect( int *fd, const char *host, int port ) +{ + struct sockaddr_in server_addr; + struct hostent *server_host; + +#if defined(_WIN32) || defined(_WIN32_WCE) + WSADATA wsaData; + + if( wsa_init_done == 0 ) + { + if( WSAStartup( MAKEWORD(2,0), &wsaData ) == SOCKET_ERROR ) + return( POLARSSL_ERR_NET_SOCKET_FAILED ); + + wsa_init_done = 1; + } +#else + signal( SIGPIPE, SIG_IGN ); +#endif + + if( ( server_host = gethostbyname( host ) ) == NULL ) + return( POLARSSL_ERR_NET_UNKNOWN_HOST ); + + if( ( *fd = socket( AF_INET, SOCK_STREAM, IPPROTO_IP ) ) < 0 ) + return( POLARSSL_ERR_NET_SOCKET_FAILED ); + + memcpy( (void *) &server_addr.sin_addr, + (void *) server_host->h_addr, + server_host->h_length ); + + server_addr.sin_family = AF_INET; + server_addr.sin_port = net_htons( port ); + + if( connect( *fd, (struct sockaddr *) &server_addr, + sizeof( server_addr ) ) < 0 ) + { + close( *fd ); + return( POLARSSL_ERR_NET_CONNECT_FAILED ); + } + + return( 0 ); +} + +/* + * Create a listening socket on bind_ip:port + */ +int net_bind( int *fd, const char *bind_ip, int port ) +{ + int n, c[4]; + struct sockaddr_in server_addr; + +#if defined(_WIN32) || defined(_WIN32_WCE) + WSADATA wsaData; + + if( wsa_init_done == 0 ) + { + if( WSAStartup( MAKEWORD(2,0), &wsaData ) == SOCKET_ERROR ) + return( POLARSSL_ERR_NET_SOCKET_FAILED ); + + wsa_init_done = 1; + } +#else + signal( SIGPIPE, SIG_IGN ); +#endif + + if( ( *fd = socket( AF_INET, SOCK_STREAM, IPPROTO_IP ) ) < 0 ) + return( POLARSSL_ERR_NET_SOCKET_FAILED ); + + n = 1; + setsockopt( *fd, SOL_SOCKET, SO_REUSEADDR, + (const char *) &n, sizeof( n ) ); + + server_addr.sin_addr.s_addr = net_htonl( INADDR_ANY ); + server_addr.sin_family = AF_INET; + server_addr.sin_port = net_htons( port ); + + if( bind_ip != NULL ) + { + memset( c, 0, sizeof( c ) ); + sscanf( bind_ip, "%d.%d.%d.%d", &c[0], &c[1], &c[2], &c[3] ); + + for( n = 0; n < 4; n++ ) + if( c[n] < 0 || c[n] > 255 ) + break; + + if( n == 4 ) + server_addr.sin_addr.s_addr = net_htonl( + ( (uint32_t) c[0] << 24 ) | + ( (uint32_t) c[1] << 16 ) | + ( (uint32_t) c[2] << 8 ) | + ( (uint32_t) c[3] ) ); + } + + if( bind( *fd, (struct sockaddr *) &server_addr, + sizeof( server_addr ) ) < 0 ) + { + close( *fd ); + return( POLARSSL_ERR_NET_BIND_FAILED ); + } + + if( listen( *fd, POLARSSL_NET_LISTEN_BACKLOG ) != 0 ) + { + close( *fd ); + return( POLARSSL_ERR_NET_LISTEN_FAILED ); + } + + return( 0 ); +} + +/* + * Check if the current operation is blocking + */ +static int net_is_blocking( void ) +{ +#if defined(_WIN32) || defined(_WIN32_WCE) + return( WSAGetLastError() == WSAEWOULDBLOCK ); +#else + switch( errno ) + { +#if defined EAGAIN + case EAGAIN: +#endif +#if defined EWOULDBLOCK && EWOULDBLOCK != EAGAIN + case EWOULDBLOCK: +#endif + return( 1 ); + } + return( 0 ); +#endif +} + +/* + * Accept a connection from a remote client + */ +int net_accept( int bind_fd, int *client_fd, void *client_ip ) +{ + struct sockaddr_in client_addr; + +#if defined(__socklen_t_defined) || defined(_SOCKLEN_T) || \ + defined(_SOCKLEN_T_DECLARED) + socklen_t n = (socklen_t) sizeof( client_addr ); +#else + int n = (int) sizeof( client_addr ); +#endif + + *client_fd = accept( bind_fd, (struct sockaddr *) + &client_addr, &n ); + + if( *client_fd < 0 ) + { + if( net_is_blocking() != 0 ) + return( POLARSSL_ERR_NET_WANT_READ ); + + return( POLARSSL_ERR_NET_ACCEPT_FAILED ); + } + + if( client_ip != NULL ) + memcpy( client_ip, &client_addr.sin_addr.s_addr, + sizeof( client_addr.sin_addr.s_addr ) ); + + return( 0 ); +} + +/* + * Set the socket blocking or non-blocking + */ +int net_set_block( int fd ) +{ +#if defined(_WIN32) || defined(_WIN32_WCE) + u_long n = 0; + return( ioctlsocket( fd, FIONBIO, &n ) ); +#else + return( fcntl( fd, F_SETFL, fcntl( fd, F_GETFL ) & ~O_NONBLOCK ) ); +#endif +} + +int net_set_nonblock( int fd ) +{ +#if defined(_WIN32) || defined(_WIN32_WCE) + u_long n = 1; + return( ioctlsocket( fd, FIONBIO, &n ) ); +#else + return( fcntl( fd, F_SETFL, fcntl( fd, F_GETFL ) | O_NONBLOCK ) ); +#endif +} + +/* + * Portable usleep helper + */ +void net_usleep( unsigned long usec ) +{ + struct timeval tv; + tv.tv_sec = 0; + tv.tv_usec = usec; + select( 0, NULL, NULL, NULL, &tv ); +} + +/* + * Read at most 'len' characters + */ +int net_recv( void *ctx, unsigned char *buf, size_t len ) +{ + int ret = read( *((int *) ctx), buf, len ); + + if( ret < 0 ) + { + if( net_is_blocking() != 0 ) + return( POLARSSL_ERR_NET_WANT_READ ); + +#if defined(_WIN32) || defined(_WIN32_WCE) + if( WSAGetLastError() == WSAECONNRESET ) + return( POLARSSL_ERR_NET_CONN_RESET ); +#else + if( errno == EPIPE || errno == ECONNRESET ) + return( POLARSSL_ERR_NET_CONN_RESET ); + + if( errno == EINTR ) + return( POLARSSL_ERR_NET_WANT_READ ); +#endif + + return( POLARSSL_ERR_NET_RECV_FAILED ); + } + + return( ret ); +} + +/* + * Write at most 'len' characters + */ +int net_send( void *ctx, const unsigned char *buf, size_t len ) +{ + int ret = write( *((int *) ctx), buf, len ); + + if( ret < 0 ) + { + if( net_is_blocking() != 0 ) + return( POLARSSL_ERR_NET_WANT_WRITE ); + +#if defined(_WIN32) || defined(_WIN32_WCE) + if( WSAGetLastError() == WSAECONNRESET ) + return( POLARSSL_ERR_NET_CONN_RESET ); +#else + if( errno == EPIPE || errno == ECONNRESET ) + return( POLARSSL_ERR_NET_CONN_RESET ); + + if( errno == EINTR ) + return( POLARSSL_ERR_NET_WANT_WRITE ); +#endif + + return( POLARSSL_ERR_NET_SEND_FAILED ); + } + + return( ret ); +} + +/* + * Gracefully close the connection + */ +void net_close( int fd ) +{ + shutdown( fd, 2 ); + close( fd ); +} + +#endif diff --git a/polarssl/net.h b/polarssl/net.h new file mode 100644 index 0000000..88302ac --- /dev/null +++ b/polarssl/net.h @@ -0,0 +1,159 @@ +/** + * \file net.h + * + * \brief Network communication functions + * + * Copyright (C) 2006-2011, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef POLARSSL_NET_H +#define POLARSSL_NET_H + +#include + +#define POLARSSL_ERR_NET_UNKNOWN_HOST -0x0056 /**< Failed to get an IP address for the given hostname. */ +#define POLARSSL_ERR_NET_SOCKET_FAILED -0x0042 /**< Failed to open a socket. */ +#define POLARSSL_ERR_NET_CONNECT_FAILED -0x0044 /**< The connection to the given server / port failed. */ +#define POLARSSL_ERR_NET_BIND_FAILED -0x0046 /**< Binding of the socket failed. */ +#define POLARSSL_ERR_NET_LISTEN_FAILED -0x0048 /**< Could not listen on the socket. */ +#define POLARSSL_ERR_NET_ACCEPT_FAILED -0x004A /**< Could not accept the incoming connection. */ +#define POLARSSL_ERR_NET_RECV_FAILED -0x004C /**< Reading information from the socket failed. */ +#define POLARSSL_ERR_NET_SEND_FAILED -0x004E /**< Sending information through the socket failed. */ +#define POLARSSL_ERR_NET_CONN_RESET -0x0050 /**< Connection was reset by peer. */ +#define POLARSSL_ERR_NET_WANT_READ -0x0052 /**< Connection requires a read call. */ +#define POLARSSL_ERR_NET_WANT_WRITE -0x0054 /**< Connection requires a write call. */ + +#define POLARSSL_NET_LISTEN_BACKLOG 10 /**< The backlog that listen() should use. */ + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief Initiate a TCP connection with host:port + * + * \param fd Socket to use + * \param host Host to connect to + * \param port Port to connect to + * + * \return 0 if successful, or one of: + * POLARSSL_ERR_NET_SOCKET_FAILED, + * POLARSSL_ERR_NET_UNKNOWN_HOST, + * POLARSSL_ERR_NET_CONNECT_FAILED + */ +int net_connect( int *fd, const char *host, int port ); + +/** + * \brief Create a listening socket on bind_ip:port. + * If bind_ip == NULL, all interfaces are binded. + * + * \param fd Socket to use + * \param bind_ip IP to bind to, can be NULL + * \param port Port number to use + * + * \return 0 if successful, or one of: + * POLARSSL_ERR_NET_SOCKET_FAILED, + * POLARSSL_ERR_NET_BIND_FAILED, + * POLARSSL_ERR_NET_LISTEN_FAILED + */ +int net_bind( int *fd, const char *bind_ip, int port ); + +/** + * \brief Accept a connection from a remote client + * + * \param bind_fd Relevant socket + * \param client_fd Will contain the connected client socket + * \param client_ip Will contain the client IP address + * + * \return 0 if successful, POLARSSL_ERR_NET_ACCEPT_FAILED, or + * POLARSSL_ERR_NET_WOULD_BLOCK is bind_fd was set to + * non-blocking and accept() is blocking. + */ +int net_accept( int bind_fd, int *client_fd, void *client_ip ); + +/** + * \brief Set the socket blocking + * + * \param fd Socket to set + * + * \return 0 if successful, or a non-zero error code + */ +int net_set_block( int fd ); + +/** + * \brief Set the socket non-blocking + * + * \param fd Socket to set + * + * \return 0 if successful, or a non-zero error code + */ +int net_set_nonblock( int fd ); + +/** + * \brief Portable usleep helper + * + * \param usec Amount of microseconds to sleep + * + * \note Real amount of time slept will not be less than + * select()'s timeout granularity (typically, 10ms). + */ +void net_usleep( unsigned long usec ); + +/** + * \brief Read at most 'len' characters. If no error occurs, + * the actual amount read is returned. + * + * \param ctx Socket + * \param buf The buffer to write to + * \param len Maximum length of the buffer + * + * \return This function returns the number of bytes received, + * or a non-zero error code; POLARSSL_ERR_NET_WANT_READ + * indicates read() is blocking. + */ +int net_recv( void *ctx, unsigned char *buf, size_t len ); + +/** + * \brief Write at most 'len' characters. If no error occurs, + * the actual amount read is returned. + * + * \param ctx Socket + * \param buf The buffer to read from + * \param len The length of the buffer + * + * \return This function returns the number of bytes sent, + * or a non-zero error code; POLARSSL_ERR_NET_WANT_WRITE + * indicates write() is blocking. + */ +int net_send( void *ctx, const unsigned char *buf, size_t len ); + +/** + * \brief Gracefully shutdown the connection + * + * \param fd The socket to close + */ +void net_close( int fd ); + +#ifdef __cplusplus +} +#endif + +#endif /* net.h */ diff --git a/polarssl/openssl.h b/polarssl/openssl.h new file mode 100644 index 0000000..4423857 --- /dev/null +++ b/polarssl/openssl.h @@ -0,0 +1,136 @@ +/** + * \file openssl.h + * + * \brief OpenSSL wrapper (definitions, inline functions). + * + * Copyright (C) 2006-2010, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +/* + * OpenSSL wrapper contributed by David Barett + */ +#ifndef POLARSSL_OPENSSL_H +#define POLARSSL_OPENSSL_H + +#include "polarssl/aes.h" +#include "polarssl/md5.h" +#include "polarssl/rsa.h" +#include "polarssl/sha1.h" + +#define AES_SIZE 16 +#define AES_BLOCK_SIZE 16 +#define AES_KEY aes_context +#define MD5_CTX md5_context +#define SHA_CTX sha1_context + +#define SHA1_Init( CTX ) \ + sha1_starts( (CTX) ) +#define SHA1_Update( CTX, BUF, LEN ) \ + sha1_update( (CTX), (unsigned char *)(BUF), (LEN) ) +#define SHA1_Final( OUT, CTX ) \ + sha1_finish( (CTX), (OUT) ) + +#define MD5_Init( CTX ) \ + md5_starts( (CTX) ) +#define MD5_Update( CTX, BUF, LEN ) \ + md5_update( (CTX), (unsigned char *)(BUF), (LEN) ) +#define MD5_Final( OUT, CTX ) \ + md5_finish( (CTX), (OUT) ) + +#define AES_set_encrypt_key( KEY, KEYSIZE, CTX ) \ + aes_setkey_enc( (CTX), (KEY), (KEYSIZE) ) +#define AES_set_decrypt_key( KEY, KEYSIZE, CTX ) \ + aes_setkey_dec( (CTX), (KEY), (KEYSIZE) ) +#define AES_cbc_encrypt( INPUT, OUTPUT, LEN, CTX, IV, MODE ) \ + aes_crypt_cbc( (CTX), (MODE), (LEN), (IV), (INPUT), (OUTPUT) ) + +/* + * RSA stuff follows. TODO: needs cleanup + */ +inline int __RSA_Passthrough( void *output, void *input, int size ) +{ + memcpy( output, input, size ); + return size; +} + +inline rsa_context* d2i_RSA_PUBKEY( void *ignore, unsigned char **bufptr, + int len ) +{ + unsigned char *buffer = *(unsigned char **) bufptr; + rsa_context *rsa; + + /* + * Not a general-purpose parser: only parses public key from *exactly* + * openssl genrsa -out privkey.pem 512 (or 1024) + * openssl rsa -in privkey.pem -out privatekey.der -outform der + * openssl rsa -in privkey.pem -out pubkey.der -outform der -pubout + * + * TODO: make a general-purpose parse + */ + if( ignore != 0 || ( len != 94 && len != 162 ) ) + return( 0 ); + + rsa = (rsa_context *) malloc( sizeof( rsa_rsa ) ); + if( rsa == NULL ) + return( 0 ); + + memset( rsa, 0, sizeof( rsa_context ) ); + + if( ( len == 94 && + mpi_read_binary( &rsa->N, &buffer[ 25], 64 ) == 0 && + mpi_read_binary( &rsa->E, &buffer[ 91], 3 ) == 0 ) || + ( len == 162 && + mpi_read_binary( &rsa->N, &buffer[ 29], 128 ) == 0 ) && + mpi_read_binary( &rsa->E, &buffer[159], 3 ) == 0 ) + { + /* + * key read successfully + */ + rsa->len = ( mpi_msb( &rsa->N ) + 7 ) >> 3; + return( rsa ); + } + else + { + memset( rsa, 0, sizeof( rsa_context ) ); + free( rsa ); + return( 0 ); + } +} + +#define RSA rsa_context +#define RSA_PKCS1_PADDING 1 /* ignored; always encrypt with this */ +#define RSA_size( CTX ) (CTX)->len +#define RSA_free( CTX ) rsa_free( CTX ) +#define ERR_get_error( ) "ERR_get_error() not supported" +#define RSA_blinding_off( IGNORE ) + +#define d2i_RSAPrivateKey( a, b, c ) new rsa_context /* TODO: C++ bleh */ + +inline int RSA_public_decrypt ( int size, unsigned char* input, unsigned char* output, RSA* key, int ignore ) { int outsize=size; if( !rsa_pkcs1_decrypt( key, RSA_PUBLIC, &outsize, input, output ) ) return outsize; else return -1; } +inline int RSA_private_decrypt( int size, unsigned char* input, unsigned char* output, RSA* key, int ignore ) { int outsize=size; if( !rsa_pkcs1_decrypt( key, RSA_PRIVATE, &outsize, input, output ) ) return outsize; else return -1; } +inline int RSA_public_encrypt ( int size, unsigned char* input, unsigned char* output, RSA* key, int ignore ) { if( !rsa_pkcs1_encrypt( key, RSA_PUBLIC, size, input, output ) ) return RSA_size(key); else return -1; } +inline int RSA_private_encrypt( int size, unsigned char* input, unsigned char* output, RSA* key, int ignore ) { if( !rsa_pkcs1_encrypt( key, RSA_PRIVATE, size, input, output ) ) return RSA_size(key); else return -1; } + +#ifdef __cplusplus +} +#endif + +#endif /* openssl.h */ diff --git a/polarssl/padlock.c b/polarssl/padlock.c new file mode 100644 index 0000000..9ddac15 --- /dev/null +++ b/polarssl/padlock.c @@ -0,0 +1,162 @@ +/* + * VIA PadLock support functions + * + * Copyright (C) 2006-2010, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +/* + * This implementation is based on the VIA PadLock Programming Guide: + * + * http://www.via.com.tw/en/downloads/whitepapers/initiatives/padlock/ + * programming_guide.pdf + */ + +#include "polarssl/config.h" + +#if defined(POLARSSL_PADLOCK_C) + +#include "polarssl/padlock.h" + +#if defined(POLARSSL_HAVE_X86) + +/* + * PadLock detection routine + */ +int padlock_supports( int feature ) +{ + static int flags = -1; + int ebx, edx; + + if( flags == -1 ) + { + __asm__( "movl %%ebx, %0 \n" \ + "movl $0xC0000000, %%eax \n" \ + "cpuid \n" \ + "cmpl $0xC0000001, %%eax \n" \ + "movl $0, %%edx \n" \ + "jb unsupported \n" \ + "movl $0xC0000001, %%eax \n" \ + "cpuid \n" \ + "unsupported: \n" \ + "movl %%edx, %1 \n" \ + "movl %2, %%ebx \n" + : "=m" (ebx), "=m" (edx) + : "m" (ebx) + : "eax", "ecx", "edx" ); + + flags = edx; + } + + return( flags & feature ); +} + +/* + * PadLock AES-ECB block en(de)cryption + */ +int padlock_xcryptecb( aes_context *ctx, + int mode, + const unsigned char input[16], + unsigned char output[16] ) +{ + int ebx; + uint32_t *rk; + uint32_t *blk; + uint32_t *ctrl; + unsigned char buf[256]; + + rk = ctx->rk; + blk = PADLOCK_ALIGN16( buf ); + memcpy( blk, input, 16 ); + + ctrl = blk + 4; + *ctrl = 0x80 | ctx->nr | ( ( ctx->nr + ( mode^1 ) - 10 ) << 9 ); + + __asm__( "pushfl; popfl \n" \ + "movl %%ebx, %0 \n" \ + "movl $1, %%ecx \n" \ + "movl %2, %%edx \n" \ + "movl %3, %%ebx \n" \ + "movl %4, %%esi \n" \ + "movl %4, %%edi \n" \ + ".byte 0xf3,0x0f,0xa7,0xc8\n" \ + "movl %1, %%ebx \n" + : "=m" (ebx) + : "m" (ebx), "m" (ctrl), "m" (rk), "m" (blk) + : "ecx", "edx", "esi", "edi" ); + + memcpy( output, blk, 16 ); + + return( 0 ); +} + +/* + * PadLock AES-CBC buffer en(de)cryption + */ +int padlock_xcryptcbc( aes_context *ctx, + int mode, + size_t length, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output ) +{ + int ebx; + size_t count; + uint32_t *rk; + uint32_t *iw; + uint32_t *ctrl; + unsigned char buf[256]; + + if( ( (long) input & 15 ) != 0 || + ( (long) output & 15 ) != 0 ) + return( POLARSSL_ERR_PADLOCK_DATA_MISALIGNED ); + + rk = ctx->rk; + iw = PADLOCK_ALIGN16( buf ); + memcpy( iw, iv, 16 ); + + ctrl = iw + 4; + *ctrl = 0x80 | ctx->nr | ( ( ctx->nr + (mode^1) - 10 ) << 9 ); + + count = (length + 15) >> 4; + + __asm__( "pushfl; popfl \n" \ + "movl %%ebx, %0 \n" \ + "movl %2, %%ecx \n" \ + "movl %3, %%edx \n" \ + "movl %4, %%ebx \n" \ + "movl %5, %%esi \n" \ + "movl %6, %%edi \n" \ + "movl %7, %%eax \n" \ + ".byte 0xf3,0x0f,0xa7,0xd0\n" \ + "movl %1, %%ebx \n" + : "=m" (ebx) + : "m" (ebx), "m" (count), "m" (ctrl), + "m" (rk), "m" (input), "m" (output), "m" (iw) + : "eax", "ecx", "edx", "esi", "edi" ); + + memcpy( iv, iw, 16 ); + + return( 0 ); +} + +#endif + +#endif diff --git a/polarssl/padlock.h b/polarssl/padlock.h new file mode 100644 index 0000000..48f5f62 --- /dev/null +++ b/polarssl/padlock.h @@ -0,0 +1,108 @@ +/** + * \file padlock.h + * + * \brief VIA PadLock ACE for HW encryption/decryption supported by some processors + * + * Copyright (C) 2006-2010, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef POLARSSL_PADLOCK_H +#define POLARSSL_PADLOCK_H + +#include "polarssl/aes.h" + +#define POLARSSL_ERR_PADLOCK_DATA_MISALIGNED -0x0030 /**< Input data should be aligned. */ + +#if defined(POLARSSL_HAVE_ASM) && defined(__GNUC__) && defined(__i386__) + +#ifndef POLARSSL_HAVE_X86 +#define POLARSSL_HAVE_X86 +#endif + +#ifdef _MSC_VER +#include +typedef INT32 int32_t; +#else +#include +#endif + + +#define PADLOCK_RNG 0x000C +#define PADLOCK_ACE 0x00C0 +#define PADLOCK_PHE 0x0C00 +#define PADLOCK_PMM 0x3000 + +#define PADLOCK_ALIGN16(x) (uint32_t *) (16 + ((int32_t) x & ~15)) + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief PadLock detection routine + * + * \param The feature to detect + * + * \return 1 if CPU has support for the feature, 0 otherwise + */ +int padlock_supports( int feature ); + +/** + * \brief PadLock AES-ECB block en(de)cryption + * + * \param ctx AES context + * \param mode AES_ENCRYPT or AES_DECRYPT + * \param input 16-byte input block + * \param output 16-byte output block + * + * \return 0 if success, 1 if operation failed + */ +int padlock_xcryptecb( aes_context *ctx, + int mode, + const unsigned char input[16], + unsigned char output[16] ); + +/** + * \brief PadLock AES-CBC buffer en(de)cryption + * + * \param ctx AES context + * \param mode AES_ENCRYPT or AES_DECRYPT + * \param length length of the input data + * \param iv initialization vector (updated after use) + * \param input buffer holding the input data + * \param output buffer holding the output data + * + * \return 0 if success, 1 if operation failed + */ +int padlock_xcryptcbc( aes_context *ctx, + int mode, + size_t length, + unsigned char iv[16], + const unsigned char *input, + unsigned char *output ); + +#ifdef __cplusplus +} +#endif + +#endif /* HAVE_X86 */ + +#endif /* padlock.h */ diff --git a/polarssl/pbkdf2.c b/polarssl/pbkdf2.c new file mode 100644 index 0000000..09e56df --- /dev/null +++ b/polarssl/pbkdf2.c @@ -0,0 +1,60 @@ +/** + * \file pbkdf2.c + * + * \brief Password-Based Key Derivation Function 2 (from PKCS#5) + * DEPRECATED: Use pkcs5.c instead + * + * \author Mathias Olsson + * + * Copyright (C) 2006-2012, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +/* + * PBKDF2 is part of PKCS#5 + * + * http://tools.ietf.org/html/rfc2898 (Specification) + * http://tools.ietf.org/html/rfc6070 (Test vectors) + */ + +#include "polarssl/config.h" + +#if defined(POLARSSL_PBKDF2_C) + +#include "polarssl/pbkdf2.h" +#include "polarssl/pkcs5.h" + +int pbkdf2_hmac( md_context_t *ctx, const unsigned char *password, size_t plen, + const unsigned char *salt, size_t slen, + unsigned int iteration_count, + uint32_t key_length, unsigned char *output ) +{ + return pkcs5_pbkdf2_hmac( ctx, password, plen, salt, slen, iteration_count, + key_length, output ); +} + +#if defined(POLARSSL_SELF_TEST) +int pbkdf2_self_test( int verbose ) +{ + return pkcs5_self_test( verbose ); +} +#endif /* POLARSSL_SELF_TEST */ + +#endif /* POLARSSL_PBKDF2_C */ diff --git a/polarssl/pbkdf2.h b/polarssl/pbkdf2.h new file mode 100644 index 0000000..2a1f4ba --- /dev/null +++ b/polarssl/pbkdf2.h @@ -0,0 +1,82 @@ +/** + * \file pbkdf2.h + * + * \brief Password-Based Key Derivation Function 2 (from PKCS#5) + * DEPRECATED: use pkcs5.h instead. + * + * \author Mathias Olsson + * + * Copyright (C) 2006-2012, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef POLARSSL_PBKDF2_H +#define POLARSSL_PBKDF2_H + +#include + +#include "polarssl/md.h" + +#ifdef _MSC_VER +#include +typedef UINT32 uint32_t; +#else +#include +#endif + +#define POLARSSL_ERR_PBKDF2_BAD_INPUT_DATA -0x007C /**< Bad input parameters to function. */ + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief PKCS#5 PBKDF2 using HMAC + * DEPRECATED: Use pkcs5_pbkdf2_hmac() instead! + * + * \param ctx Generic HMAC context + * \param password Password to use when generating key + * \param plen Length of password + * \param salt Salt to use when generating key + * \param slen Length of salt + * \param iteration_count Iteration count + * \param key_length Length of generated key + * \param output Generated key. Must be at least as big as key_length + * + * \returns 0 on success, or a PolarSSL error code if verification fails. + */ +int pbkdf2_hmac( md_context_t *ctx, const unsigned char *password, + size_t plen, const unsigned char *salt, size_t slen, + unsigned int iteration_count, + uint32_t key_length, unsigned char *output ); + +/** + * \brief Checkup routine + * DEPRECATED: Use pkcs5_self_test() instead! + * + * \return 0 if successful, or 1 if the test failed + */ +int pbkdf2_self_test( int verbose ); + +#ifdef __cplusplus +} +#endif + +#endif /* pbkdf2.h */ diff --git a/polarssl/pem.c b/polarssl/pem.c new file mode 100644 index 0000000..e2e3998 --- /dev/null +++ b/polarssl/pem.c @@ -0,0 +1,355 @@ +/* + * Privacy Enhanced Mail (PEM) decoding + * + * Copyright (C) 2006-2013, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#include "polarssl/config.h" + +#if defined(POLARSSL_PEM_C) + +#include "polarssl/pem.h" +#include "polarssl/base64.h" +#include "polarssl/des.h" +#include "polarssl/aes.h" +#include "polarssl/md5.h" +#include "polarssl/cipher.h" + +#include + +void pem_init( pem_context *ctx ) +{ + memset( ctx, 0, sizeof( pem_context ) ); +} + +#if defined(POLARSSL_MD5_C) && (defined(POLARSSL_DES_C) || defined(POLARSSL_AES_C)) +/* + * Read a 16-byte hex string and convert it to binary + */ +static int pem_get_iv( const unsigned char *s, unsigned char *iv, size_t iv_len ) +{ + size_t i, j, k; + + memset( iv, 0, iv_len ); + + for( i = 0; i < iv_len * 2; i++, s++ ) + { + if( *s >= '0' && *s <= '9' ) j = *s - '0'; else + if( *s >= 'A' && *s <= 'F' ) j = *s - '7'; else + if( *s >= 'a' && *s <= 'f' ) j = *s - 'W'; else + return( POLARSSL_ERR_PEM_INVALID_ENC_IV ); + + k = ( ( i & 1 ) != 0 ) ? j : j << 4; + + iv[i >> 1] = (unsigned char)( iv[i >> 1] | k ); + } + + return( 0 ); +} + +static void pem_pbkdf1( unsigned char *key, size_t keylen, + unsigned char *iv, + const unsigned char *pwd, size_t pwdlen ) +{ + md5_context md5_ctx; + unsigned char md5sum[16]; + size_t use_len; + + /* + * key[ 0..15] = MD5(pwd || IV) + */ + md5_starts( &md5_ctx ); + md5_update( &md5_ctx, pwd, pwdlen ); + md5_update( &md5_ctx, iv, 8 ); + md5_finish( &md5_ctx, md5sum ); + + if( keylen <= 16 ) + { + memcpy( key, md5sum, keylen ); + + memset( &md5_ctx, 0, sizeof( md5_ctx ) ); + memset( md5sum, 0, 16 ); + return; + } + + memcpy( key, md5sum, 16 ); + + /* + * key[16..23] = MD5(key[ 0..15] || pwd || IV]) + */ + md5_starts( &md5_ctx ); + md5_update( &md5_ctx, md5sum, 16 ); + md5_update( &md5_ctx, pwd, pwdlen ); + md5_update( &md5_ctx, iv, 8 ); + md5_finish( &md5_ctx, md5sum ); + + use_len = 16; + if( keylen < 32 ) + use_len = keylen - 16; + + memcpy( key + 16, md5sum, use_len ); + + memset( &md5_ctx, 0, sizeof( md5_ctx ) ); + memset( md5sum, 0, 16 ); +} + +#if defined(POLARSSL_DES_C) +/* + * Decrypt with DES-CBC, using PBKDF1 for key derivation + */ +static void pem_des_decrypt( unsigned char des_iv[8], + unsigned char *buf, size_t buflen, + const unsigned char *pwd, size_t pwdlen ) +{ + des_context des_ctx; + unsigned char des_key[8]; + + pem_pbkdf1( des_key, 8, des_iv, pwd, pwdlen ); + + des_setkey_dec( &des_ctx, des_key ); + des_crypt_cbc( &des_ctx, DES_DECRYPT, buflen, + des_iv, buf, buf ); + + memset( &des_ctx, 0, sizeof( des_ctx ) ); + memset( des_key, 0, 8 ); +} + +/* + * Decrypt with 3DES-CBC, using PBKDF1 for key derivation + */ +static void pem_des3_decrypt( unsigned char des3_iv[8], + unsigned char *buf, size_t buflen, + const unsigned char *pwd, size_t pwdlen ) +{ + des3_context des3_ctx; + unsigned char des3_key[24]; + + pem_pbkdf1( des3_key, 24, des3_iv, pwd, pwdlen ); + + des3_set3key_dec( &des3_ctx, des3_key ); + des3_crypt_cbc( &des3_ctx, DES_DECRYPT, buflen, + des3_iv, buf, buf ); + + memset( &des3_ctx, 0, sizeof( des3_ctx ) ); + memset( des3_key, 0, 24 ); +} +#endif /* POLARSSL_DES_C */ + +#if defined(POLARSSL_AES_C) +/* + * Decrypt with AES-XXX-CBC, using PBKDF1 for key derivation + */ +static void pem_aes_decrypt( unsigned char aes_iv[16], unsigned int keylen, + unsigned char *buf, size_t buflen, + const unsigned char *pwd, size_t pwdlen ) +{ + aes_context aes_ctx; + unsigned char aes_key[32]; + + pem_pbkdf1( aes_key, keylen, aes_iv, pwd, pwdlen ); + + aes_setkey_dec( &aes_ctx, aes_key, keylen * 8 ); + aes_crypt_cbc( &aes_ctx, AES_DECRYPT, buflen, + aes_iv, buf, buf ); + + memset( &aes_ctx, 0, sizeof( aes_ctx ) ); + memset( aes_key, 0, keylen ); +} +#endif /* POLARSSL_AES_C */ + +#endif /* POLARSSL_MD5_C && (POLARSSL_AES_C || POLARSSL_DES_C) */ + +int pem_read_buffer( pem_context *ctx, char *header, char *footer, const unsigned char *data, const unsigned char *pwd, size_t pwdlen, size_t *use_len ) +{ + int ret, enc; + size_t len; + unsigned char *buf; + const unsigned char *s1, *s2, *end; +#if defined(POLARSSL_MD5_C) && (defined(POLARSSL_DES_C) || defined(POLARSSL_AES_C)) + unsigned char pem_iv[16]; + cipher_type_t enc_alg = POLARSSL_CIPHER_NONE; +#else + ((void) pwd); + ((void) pwdlen); +#endif /* POLARSSL_MD5_C && (POLARSSL_AES_C || POLARSSL_DES_C) */ + + if( ctx == NULL ) + return( POLARSSL_ERR_PEM_BAD_INPUT_DATA ); + + s1 = (unsigned char *) strstr( (const char *) data, header ); + + if( s1 == NULL ) + return( POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT ); + + s2 = (unsigned char *) strstr( (const char *) data, footer ); + + if( s2 == NULL || s2 <= s1 ) + return( POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT ); + + s1 += strlen( header ); + if( *s1 == '\r' ) s1++; + if( *s1 == '\n' ) s1++; + else return( POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT ); + + end = s2; + end += strlen( footer ); + if( *end == '\r' ) end++; + if( *end == '\n' ) end++; + *use_len = end - data; + + enc = 0; + + if( memcmp( s1, "Proc-Type: 4,ENCRYPTED", 22 ) == 0 ) + { +#if defined(POLARSSL_MD5_C) && (defined(POLARSSL_DES_C) || defined(POLARSSL_AES_C)) + enc++; + + s1 += 22; + if( *s1 == '\r' ) s1++; + if( *s1 == '\n' ) s1++; + else return( POLARSSL_ERR_PEM_INVALID_DATA ); + + +#if defined(POLARSSL_DES_C) + if( memcmp( s1, "DEK-Info: DES-EDE3-CBC,", 23 ) == 0 ) + { + enc_alg = POLARSSL_CIPHER_DES_EDE3_CBC; + + s1 += 23; + if( pem_get_iv( s1, pem_iv, 8 ) != 0 ) + return( POLARSSL_ERR_PEM_INVALID_ENC_IV ); + + s1 += 16; + } + else if( memcmp( s1, "DEK-Info: DES-CBC,", 18 ) == 0 ) + { + enc_alg = POLARSSL_CIPHER_DES_CBC; + + s1 += 18; + if( pem_get_iv( s1, pem_iv, 8) != 0 ) + return( POLARSSL_ERR_PEM_INVALID_ENC_IV ); + + s1 += 16; + } +#endif /* POLARSSL_DES_C */ + +#if defined(POLARSSL_AES_C) + if( memcmp( s1, "DEK-Info: AES-", 14 ) == 0 ) + { + if( memcmp( s1, "DEK-Info: AES-128-CBC,", 22 ) == 0 ) + enc_alg = POLARSSL_CIPHER_AES_128_CBC; + else if( memcmp( s1, "DEK-Info: AES-192-CBC,", 22 ) == 0 ) + enc_alg = POLARSSL_CIPHER_AES_192_CBC; + else if( memcmp( s1, "DEK-Info: AES-256-CBC,", 22 ) == 0 ) + enc_alg = POLARSSL_CIPHER_AES_256_CBC; + else + return( POLARSSL_ERR_PEM_UNKNOWN_ENC_ALG ); + + s1 += 22; + if( pem_get_iv( s1, pem_iv, 16 ) != 0 ) + return( POLARSSL_ERR_PEM_INVALID_ENC_IV ); + + s1 += 32; + } +#endif /* POLARSSL_AES_C */ + + if( enc_alg == POLARSSL_CIPHER_NONE ) + return( POLARSSL_ERR_PEM_UNKNOWN_ENC_ALG ); + + if( *s1 == '\r' ) s1++; + if( *s1 == '\n' ) s1++; + else return( POLARSSL_ERR_PEM_INVALID_DATA ); +#else + return( POLARSSL_ERR_PEM_FEATURE_UNAVAILABLE ); +#endif /* POLARSSL_MD5_C && (POLARSSL_AES_C || POLARSSL_DES_C) */ + } + + len = 0; + ret = base64_decode( NULL, &len, s1, s2 - s1 ); + + if( ret == POLARSSL_ERR_BASE64_INVALID_CHARACTER ) + return( POLARSSL_ERR_PEM_INVALID_DATA + ret ); + + if( ( buf = (unsigned char *) malloc( len ) ) == NULL ) + return( POLARSSL_ERR_PEM_MALLOC_FAILED ); + + if( ( ret = base64_decode( buf, &len, s1, s2 - s1 ) ) != 0 ) + { + free( buf ); + return( POLARSSL_ERR_PEM_INVALID_DATA + ret ); + } + + if( enc != 0 ) + { +#if defined(POLARSSL_MD5_C) && (defined(POLARSSL_DES_C) || defined(POLARSSL_AES_C)) + if( pwd == NULL ) + { + free( buf ); + return( POLARSSL_ERR_PEM_PASSWORD_REQUIRED ); + } + +#if defined(POLARSSL_DES_C) + if( enc_alg == POLARSSL_CIPHER_DES_EDE3_CBC ) + pem_des3_decrypt( pem_iv, buf, len, pwd, pwdlen ); + else if( enc_alg == POLARSSL_CIPHER_DES_CBC ) + pem_des_decrypt( pem_iv, buf, len, pwd, pwdlen ); +#endif /* POLARSSL_DES_C */ + +#if defined(POLARSSL_AES_C) + if( enc_alg == POLARSSL_CIPHER_AES_128_CBC ) + pem_aes_decrypt( pem_iv, 16, buf, len, pwd, pwdlen ); + else if( enc_alg == POLARSSL_CIPHER_AES_192_CBC ) + pem_aes_decrypt( pem_iv, 24, buf, len, pwd, pwdlen ); + else if( enc_alg == POLARSSL_CIPHER_AES_256_CBC ) + pem_aes_decrypt( pem_iv, 32, buf, len, pwd, pwdlen ); +#endif /* POLARSSL_AES_C */ + + if( buf[0] != 0x30 || buf[1] != 0x82 || + buf[4] != 0x02 || buf[5] != 0x01 ) + { + free( buf ); + return( POLARSSL_ERR_PEM_PASSWORD_MISMATCH ); + } +#else + free( buf ); + return( POLARSSL_ERR_PEM_FEATURE_UNAVAILABLE ); +#endif + } + + ctx->buf = buf; + ctx->buflen = len; + + return( 0 ); +} + +void pem_free( pem_context *ctx ) +{ + if( ctx->buf ) + free( ctx->buf ); + + if( ctx->info ) + free( ctx->info ); + + memset( ctx, 0, sizeof( pem_context ) ); +} + +#endif diff --git a/polarssl/pem.h b/polarssl/pem.h new file mode 100644 index 0000000..e95dc10 --- /dev/null +++ b/polarssl/pem.h @@ -0,0 +1,105 @@ +/** + * \file pem.h + * + * \brief Privacy Enhanced Mail (PEM) decoding + * + * Copyright (C) 2006-2013, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef POLARSSL_PEM_H +#define POLARSSL_PEM_H + +#include + +/** + * \name PEM Error codes + * These error codes are returned in case of errors reading the + * PEM data. + * \{ + */ +#define POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT -0x1080 /**< No PEM header or footer found. */ +#define POLARSSL_ERR_PEM_INVALID_DATA -0x1100 /**< PEM string is not as expected. */ +#define POLARSSL_ERR_PEM_MALLOC_FAILED -0x1180 /**< Failed to allocate memory. */ +#define POLARSSL_ERR_PEM_INVALID_ENC_IV -0x1200 /**< RSA IV is not in hex-format. */ +#define POLARSSL_ERR_PEM_UNKNOWN_ENC_ALG -0x1280 /**< Unsupported key encryption algorithm. */ +#define POLARSSL_ERR_PEM_PASSWORD_REQUIRED -0x1300 /**< Private key password can't be empty. */ +#define POLARSSL_ERR_PEM_PASSWORD_MISMATCH -0x1380 /**< Given private key password does not allow for correct decryption. */ +#define POLARSSL_ERR_PEM_FEATURE_UNAVAILABLE -0x1400 /**< Unavailable feature, e.g. hashing/encryption combination. */ +#define POLARSSL_ERR_PEM_BAD_INPUT_DATA -0x1480 /**< Bad input parameters to function. */ +/* \} name */ + +/** + * \brief PEM context structure + */ +typedef struct +{ + unsigned char *buf; /*!< buffer for decoded data */ + size_t buflen; /*!< length of the buffer */ + unsigned char *info; /*!< buffer for extra header information */ +} +pem_context; + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief PEM context setup + * + * \param ctx context to be initialized + */ +void pem_init( pem_context *ctx ); + +/** + * \brief Read a buffer for PEM information and store the resulting + * data into the specified context buffers. + * + * \param ctx context to use + * \param header header string to seek and expect + * \param footer footer string to seek and expect + * \param data source data to look in + * \param pwd password for decryption (can be NULL) + * \param pwdlen length of password + * \param use_len destination for total length used (set after header is + * correctly read, so unless you get + * POLARSSL_ERR_PEM_BAD_INPUT_DATA or + * POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT, use_len is + * the length to skip) + * + * \return 0 on success, ior a specific PEM error code + */ +int pem_read_buffer( pem_context *ctx, char *header, char *footer, + const unsigned char *data, + const unsigned char *pwd, + size_t pwdlen, size_t *use_len ); + +/** + * \brief PEM context memory freeing + * + * \param ctx context to be freed + */ +void pem_free( pem_context *ctx ); + +#ifdef __cplusplus +} +#endif + +#endif /* pem.h */ diff --git a/polarssl/pkcs11.c b/polarssl/pkcs11.c new file mode 100644 index 0000000..b68d688 --- /dev/null +++ b/polarssl/pkcs11.c @@ -0,0 +1,238 @@ +/** + * \file pkcs11.c + * + * \brief Wrapper for PKCS#11 library libpkcs11-helper + * + * \author Adriaan de Jong + * + * Copyright (C) 2006-2010, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#include "polarssl/pkcs11.h" + +#if defined(POLARSSL_PKCS11_C) + +#include + +int pkcs11_x509_cert_init( x509_cert *cert, pkcs11h_certificate_t pkcs11_cert ) +{ + int ret = 1; + unsigned char *cert_blob = NULL; + size_t cert_blob_size = 0; + + if( cert == NULL ) + { + ret = 2; + goto cleanup; + } + + if( pkcs11h_certificate_getCertificateBlob( pkcs11_cert, NULL, &cert_blob_size ) != CKR_OK ) + { + ret = 3; + goto cleanup; + } + + cert_blob = malloc( cert_blob_size ); + if( NULL == cert_blob ) + { + ret = 4; + goto cleanup; + } + + if( pkcs11h_certificate_getCertificateBlob( pkcs11_cert, cert_blob, &cert_blob_size ) != CKR_OK ) + { + ret = 5; + goto cleanup; + } + + if( 0 != x509parse_crt(cert, cert_blob, cert_blob_size ) ) + { + ret = 6; + goto cleanup; + } + + ret = 0; + +cleanup: + if( NULL != cert_blob ) + free( cert_blob ); + + return ret; +} + + +int pkcs11_priv_key_init( pkcs11_context *priv_key, + pkcs11h_certificate_t pkcs11_cert ) +{ + int ret = 1; + x509_cert cert; + + memset( &cert, 0, sizeof( cert ) ); + + if( priv_key == NULL ) + goto cleanup; + + if( 0 != pkcs11_x509_cert_init( &cert, pkcs11_cert ) ) + goto cleanup; + + priv_key->len = cert.rsa.len; + priv_key->pkcs11h_cert = pkcs11_cert; + + ret = 0; + +cleanup: + x509_free( &cert ); + + return ret; +} + +void pkcs11_priv_key_free( pkcs11_context *priv_key ) +{ + if( NULL != priv_key ) + pkcs11h_certificate_freeCertificate( priv_key->pkcs11h_cert ); +} + +int pkcs11_decrypt( pkcs11_context *ctx, + int mode, size_t *olen, + const unsigned char *input, + unsigned char *output, + size_t output_max_len ) +{ + size_t input_len, output_len; + + if( NULL == ctx ) + return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + + if( RSA_PUBLIC == mode ) + return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + + output_len = input_len = ctx->len; + + if( input_len < 16 || input_len > output_max_len ) + return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + + /* Determine size of output buffer */ + if( pkcs11h_certificate_decryptAny( ctx->pkcs11h_cert, CKM_RSA_PKCS, input, + input_len, NULL, &output_len ) != CKR_OK ) + { + return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + } + + if( output_len > output_max_len ) + return( POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE ); + + if( pkcs11h_certificate_decryptAny( ctx->pkcs11h_cert, CKM_RSA_PKCS, input, + input_len, output, &output_len ) != CKR_OK ) + { + return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + } + *olen = output_len; + return( 0 ); +} + +int pkcs11_sign( pkcs11_context *ctx, + int mode, + int hash_id, + unsigned int hashlen, + const unsigned char *hash, + unsigned char *sig ) +{ + size_t olen, asn_len; + unsigned char *p = sig; + + if( NULL == ctx ) + return POLARSSL_ERR_RSA_BAD_INPUT_DATA; + + if( RSA_PUBLIC == mode ) + return POLARSSL_ERR_RSA_BAD_INPUT_DATA; + + olen = ctx->len; + + switch( hash_id ) + { + case SIG_RSA_RAW: + asn_len = 0; + memcpy( p, hash, hashlen ); + break; + + case SIG_RSA_MD2: + asn_len = OID_SIZE(ASN1_HASH_MDX); + memcpy( p, ASN1_HASH_MDX, asn_len ); + memcpy( p + asn_len, hash, hashlen ); + p[13] = 2; break; + + case SIG_RSA_MD4: + asn_len = OID_SIZE(ASN1_HASH_MDX); + memcpy( p, ASN1_HASH_MDX, asn_len ); + memcpy( p + asn_len, hash, hashlen ); + p[13] = 4; break; + + case SIG_RSA_MD5: + asn_len = OID_SIZE(ASN1_HASH_MDX); + memcpy( p, ASN1_HASH_MDX, asn_len ); + memcpy( p + asn_len, hash, hashlen ); + p[13] = 5; break; + + case SIG_RSA_SHA1: + asn_len = OID_SIZE(ASN1_HASH_SHA1); + memcpy( p, ASN1_HASH_SHA1, asn_len ); + memcpy( p + 15, hash, hashlen ); + break; + + case SIG_RSA_SHA224: + asn_len = OID_SIZE(ASN1_HASH_SHA2X); + memcpy( p, ASN1_HASH_SHA2X, asn_len ); + memcpy( p + asn_len, hash, hashlen ); + p[1] += hashlen; p[14] = 4; p[18] += hashlen; break; + + case SIG_RSA_SHA256: + asn_len = OID_SIZE(ASN1_HASH_SHA2X); + memcpy( p, ASN1_HASH_SHA2X, asn_len ); + memcpy( p + asn_len, hash, hashlen ); + p[1] += hashlen; p[14] = 1; p[18] += hashlen; break; + + case SIG_RSA_SHA384: + asn_len = OID_SIZE(ASN1_HASH_SHA2X); + memcpy( p, ASN1_HASH_SHA2X, asn_len ); + memcpy( p + asn_len, hash, hashlen ); + p[1] += hashlen; p[14] = 2; p[18] += hashlen; break; + + case SIG_RSA_SHA512: + asn_len = OID_SIZE(ASN1_HASH_SHA2X); + memcpy( p, ASN1_HASH_SHA2X, asn_len ); + memcpy( p + asn_len, hash, hashlen ); + p[1] += hashlen; p[14] = 3; p[18] += hashlen; break; + + default: + return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + } + + if( pkcs11h_certificate_signAny( ctx->pkcs11h_cert, CKM_RSA_PKCS, sig, + asn_len + hashlen, sig, &olen ) != CKR_OK ) + { + return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + } + + return( 0 ); +} + +#endif /* defined(POLARSSL_PKCS11_C) */ diff --git a/polarssl/pkcs11.h b/polarssl/pkcs11.h new file mode 100644 index 0000000..3e95392 --- /dev/null +++ b/polarssl/pkcs11.h @@ -0,0 +1,161 @@ +/** + * \file pkcs11.h + * + * \brief Wrapper for PKCS#11 library libpkcs11-helper + * + * \author Adriaan de Jong + * + * Copyright (C) 2006-2011, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef POLARSSL_PKCS11_H +#define POLARSSL_PKCS11_H + +#include "polarssl/config.h" + +#if defined(POLARSSL_PKCS11_C) + +#include "polarssl/x509.h" + +#include + +#if defined(_MSC_VER) && !defined(inline) +#define inline _inline +#else +#if defined(__ARMCC_VERSION) && !defined(inline) +#define inline __inline +#endif /* __ARMCC_VERSION */ +#endif /*_MSC_VER */ + +/** + * Context for PKCS #11 private keys. + */ +typedef struct { + pkcs11h_certificate_t pkcs11h_cert; + int len; +} pkcs11_context; + +/** + * Fill in a PolarSSL certificate, based on the given PKCS11 helper certificate. + * + * \param cert X.509 certificate to fill + * \param pkcs11h_cert PKCS #11 helper certificate + * + * \return 0 on success. + */ +int pkcs11_x509_cert_init( x509_cert *cert, pkcs11h_certificate_t pkcs11h_cert ); + +/** + * Initialise a pkcs11_context, storing the given certificate. Note that the + * pkcs11_context will take over control of the certificate, freeing it when + * done. + * + * \param priv_key Private key structure to fill. + * \param pkcs11_cert PKCS #11 helper certificate + * + * \return 0 on success + */ +int pkcs11_priv_key_init( pkcs11_context *priv_key, + pkcs11h_certificate_t pkcs11_cert ); + +/** + * Free the contents of the given private key context. Note that the structure + * itself is not freed. + * + * \param priv_key Private key structure to cleanup + */ +void pkcs11_priv_key_free( pkcs11_context *priv_key ); + +/** + * \brief Do an RSA private key decrypt, then remove the message padding + * + * \param ctx PKCS #11 context + * \param mode must be RSA_PRIVATE, for compatibility with rsa.c's signature + * \param input buffer holding the encrypted data + * \param output buffer that will hold the plaintext + * \param olen will contain the plaintext length + * \param output_max_len maximum length of the output buffer + * + * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code + * + * \note The output buffer must be as large as the size + * of ctx->N (eg. 128 bytes if RSA-1024 is used) otherwise + * an error is thrown. + */ +int pkcs11_decrypt( pkcs11_context *ctx, + int mode, size_t *olen, + const unsigned char *input, + unsigned char *output, + size_t output_max_len ); + +/** + * \brief Do a private RSA to sign a message digest + * + * \param ctx PKCS #11 context + * \param mode must be RSA_PRIVATE, for compatibility with rsa.c's signature + * \param hash_id SIG_RSA_RAW, SIG_RSA_MD{2,4,5} or SIG_RSA_SHA{1,224,256,384,512} + * \param hashlen message digest length (for SIG_RSA_RAW only) + * \param hash buffer holding the message digest + * \param sig buffer that will hold the ciphertext + * + * \return 0 if the signing operation was successful, + * or an POLARSSL_ERR_RSA_XXX error code + * + * \note The "sig" buffer must be as large as the size + * of ctx->N (eg. 128 bytes if RSA-1024 is used). + */ +int pkcs11_sign( pkcs11_context *ctx, + int mode, + int hash_id, + unsigned int hashlen, + const unsigned char *hash, + unsigned char *sig ); + +/** + * SSL/TLS wrappers for PKCS#11 functions + */ +static inline int ssl_pkcs11_decrypt( void *ctx, int mode, size_t *olen, + const unsigned char *input, unsigned char *output, + size_t output_max_len ) +{ + return pkcs11_decrypt( (pkcs11_context *) ctx, mode, olen, input, output, + output_max_len ); +} + +static inline int ssl_pkcs11_sign( void *ctx, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, + int mode, int hash_id, unsigned int hashlen, + const unsigned char *hash, unsigned char *sig ) +{ + ((void) f_rng); + ((void) p_rng); + return pkcs11_sign( (pkcs11_context *) ctx, mode, hash_id, + hashlen, hash, sig ); +} + +static inline size_t ssl_pkcs11_key_len( void *ctx ) +{ + return ( (pkcs11_context *) ctx )->len; +} + +#endif /* POLARSSL_PKCS11_C */ + +#endif /* POLARSSL_PKCS11_H */ diff --git a/polarssl/pkcs12.c b/polarssl/pkcs12.c new file mode 100644 index 0000000..2ee9c5e --- /dev/null +++ b/polarssl/pkcs12.c @@ -0,0 +1,330 @@ +/* + * PKCS#12 Personal Information Exchange Syntax + * + * Copyright (C) 2006-2013, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +/* + * The PKCS #12 Personal Information Exchange Syntax Standard v1.1 + * + * http://www.rsa.com/rsalabs/pkcs/files/h11301-wp-pkcs-12v1-1-personal-information-exchange-syntax.pdf + * ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-12/pkcs-12v1-1.asn + */ + +#include "polarssl/config.h" + +#if defined(POLARSSL_PKCS12_C) + +#include "polarssl/pkcs12.h" +#include "polarssl/asn1.h" +#include "polarssl/cipher.h" + +#if defined(POLARSSL_ARC4_C) +#include "polarssl/arc4.h" +#endif + +#if defined(POLARSSL_DES_C) +#include "polarssl/des.h" +#endif + +static int pkcs12_parse_pbe_params( unsigned char **p, + const unsigned char *end, + asn1_buf *salt, int *iterations ) +{ + int ret; + size_t len = 0; + + /* + * pkcs-12PbeParams ::= SEQUENCE { + * salt OCTET STRING, + * iterations INTEGER + * } + * + */ + if( ( ret = asn1_get_tag( p, end, &len, + ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + { + return( POLARSSL_ERR_PKCS12_PBE_INVALID_FORMAT + ret ); + } + + end = *p + len; + + if( ( ret = asn1_get_tag( p, end, &salt->len, ASN1_OCTET_STRING ) ) != 0 ) + return( POLARSSL_ERR_PKCS12_PBE_INVALID_FORMAT + ret ); + + salt->p = *p; + *p += salt->len; + + if( ( ret = asn1_get_int( p, end, iterations ) ) != 0 ) + return( POLARSSL_ERR_PKCS12_PBE_INVALID_FORMAT + ret ); + + if( *p != end ) + return( POLARSSL_ERR_PKCS12_PBE_INVALID_FORMAT + + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + + return( 0 ); +} + +static int pkcs12_pbe_derive_key_iv( asn1_buf *pbe_params, md_type_t md_type, + const unsigned char *pwd, size_t pwdlen, + unsigned char *key, size_t keylen, + unsigned char *iv, size_t ivlen ) +{ + int ret, iterations; + asn1_buf salt; + size_t i; + unsigned char *p, *end; + unsigned char unipwd[258]; + + memset(&salt, 0, sizeof(asn1_buf)); + memset(&unipwd, 0, sizeof(unipwd)); + + p = pbe_params->p; + end = p + pbe_params->len; + + if( ( ret = pkcs12_parse_pbe_params( &p, end, &salt, &iterations ) ) != 0 ) + return( ret ); + + for(i = 0; i < pwdlen; i++) + unipwd[i * 2 + 1] = pwd[i]; + + if( ( ret = pkcs12_derivation( key, keylen, unipwd, pwdlen * 2 + 2, + salt.p, salt.len, md_type, + PKCS12_DERIVE_KEY, iterations ) ) != 0 ) + { + return( ret ); + } + + if( iv == NULL || ivlen == 0 ) + return( 0 ); + + if( ( ret = pkcs12_derivation( iv, ivlen, unipwd, pwdlen * 2 + 2, + salt.p, salt.len, md_type, + PKCS12_DERIVE_IV, iterations ) ) != 0 ) + { + return( ret ); + } + return( 0 ); +} + +int pkcs12_pbe_sha1_rc4_128( asn1_buf *pbe_params, int mode, + const unsigned char *pwd, size_t pwdlen, + const unsigned char *data, size_t len, + unsigned char *output ) +{ +#if !defined(POLARSSL_ARC4_C) + ((void) pbe_params); + ((void) mode); + ((void) pwd); + ((void) pwdlen); + ((void) data); + ((void) len); + ((void) output); + return( POLARSSL_ERR_PKCS12_FEATURE_UNAVAILABLE ); +#else + int ret; + unsigned char key[16]; + arc4_context ctx; + ((void) mode); + + if( ( ret = pkcs12_pbe_derive_key_iv( pbe_params, POLARSSL_MD_SHA1, + pwd, pwdlen, + key, 16, NULL, 0 ) ) != 0 ) + { + return( ret ); + } + + arc4_setup( &ctx, key, 16 ); + if( ( ret = arc4_crypt( &ctx, len, data, output ) ) != 0 ) + return( ret ); + + return( 0 ); +#endif /* POLARSSL_ARC4_C */ +} + +int pkcs12_pbe( asn1_buf *pbe_params, int mode, + cipher_type_t cipher_type, md_type_t md_type, + const unsigned char *pwd, size_t pwdlen, + const unsigned char *data, size_t len, + unsigned char *output ) +{ + int ret, keylen = 0; + unsigned char key[32]; + unsigned char iv[16]; + const cipher_info_t *cipher_info; + cipher_context_t cipher_ctx; + size_t olen = 0; + + cipher_info = cipher_info_from_type( cipher_type ); + if( cipher_info == NULL ) + return( POLARSSL_ERR_PKCS12_FEATURE_UNAVAILABLE ); + + keylen = cipher_info->key_length / 8; + + if( ( ret = pkcs12_pbe_derive_key_iv( pbe_params, md_type, pwd, pwdlen, + key, keylen, + iv, cipher_info->iv_size ) ) != 0 ) + { + return( ret ); + } + + if( ( ret = cipher_init_ctx( &cipher_ctx, cipher_info ) ) != 0 ) + return( ret ); + + if( ( ret = cipher_setkey( &cipher_ctx, key, keylen, mode ) ) != 0 ) + return( ret ); + + if( ( ret = cipher_reset( &cipher_ctx, iv ) ) != 0 ) + return( ret ); + + if( ( ret = cipher_update( &cipher_ctx, data, len, + output, &olen ) ) != 0 ) + { + return( ret ); + } + + if( ( ret = cipher_finish( &cipher_ctx, output + olen, &olen ) ) != 0 ) + return( POLARSSL_ERR_PKCS12_PASSWORD_MISMATCH ); + + return( 0 ); +} + +static void pkcs12_fill_buffer( unsigned char *data, size_t data_len, + const unsigned char *filler, size_t fill_len ) +{ + unsigned char *p = data; + size_t use_len; + + while( data_len > 0 ) + { + use_len = ( data_len > fill_len ) ? fill_len : data_len; + memcpy( p, filler, use_len ); + p += use_len; + data_len -= use_len; + } +} + +int pkcs12_derivation( unsigned char *data, size_t datalen, + const unsigned char *pwd, size_t pwdlen, + const unsigned char *salt, size_t saltlen, + md_type_t md_type, int id, int iterations ) +{ + int ret, i; + unsigned int j; + + unsigned char diversifier[128]; + unsigned char salt_block[128], pwd_block[128], hash_block[128]; + unsigned char hash_output[POLARSSL_MD_MAX_SIZE]; + unsigned char *p; + unsigned char c; + + size_t hlen, use_len, v; + + const md_info_t *md_info; + md_context_t md_ctx; + + // This version only allows max of 64 bytes of password or salt + if( datalen > 128 || pwdlen > 64 || saltlen > 64 ) + return( POLARSSL_ERR_PKCS12_BAD_INPUT_DATA ); + + md_info = md_info_from_type( md_type ); + if( md_info == NULL ) + return( POLARSSL_ERR_PKCS12_FEATURE_UNAVAILABLE ); + + if ( ( ret = md_init_ctx( &md_ctx, md_info ) ) != 0 ) + return( ret ); + hlen = md_get_size( md_info ); + + if( hlen <= 32 ) + v = 64; + else + v = 128; + + memset( diversifier, (unsigned char) id, v ); + + pkcs12_fill_buffer( salt_block, v, salt, saltlen ); + pkcs12_fill_buffer( pwd_block, v, pwd, pwdlen ); + + p = data; + while( datalen > 0 ) + { + // Calculate hash( diversifier || salt_block || pwd_block ) + if( ( ret = md_starts( &md_ctx ) ) != 0 ) + return( ret ); + + if( ( ret = md_update( &md_ctx, diversifier, v ) ) != 0 ) + return( ret ); + + if( ( ret = md_update( &md_ctx, salt_block, v ) ) != 0 ) + return( ret ); + + if( ( ret = md_update( &md_ctx, pwd_block, v ) ) != 0 ) + return( ret ); + + if( ( ret = md_finish( &md_ctx, hash_output ) ) != 0 ) + return( ret ); + + // Perform remaining ( iterations - 1 ) recursive hash calculations + for( i = 1; i < iterations; i++ ) + { + if( ( ret = md( md_info, hash_output, hlen, hash_output ) ) != 0 ) + return( ret ); + } + + use_len = ( datalen > hlen ) ? hlen : datalen; + memcpy( p, hash_output, use_len ); + datalen -= use_len; + p += use_len; + + if( datalen == 0 ) + break; + + // Concatenating copies of hash_output into hash_block (B) + pkcs12_fill_buffer( hash_block, v, hash_output, hlen ); + + // B += 1 + for( i = v; i > 0; i-- ) + if( ++hash_block[i - 1] != 0 ) + break; + + // salt_block += B + c = 0; + for( i = v; i > 0; i-- ) + { + j = salt_block[i - 1] + hash_block[i - 1] + c; + c = (unsigned char) (j >> 8); + salt_block[i - 1] = j & 0xFF; + } + + // pwd_block += B + c = 0; + for( i = v; i > 0; i-- ) + { + j = pwd_block[i - 1] + hash_block[i - 1] + c; + c = (unsigned char) (j >> 8); + pwd_block[i - 1] = j & 0xFF; + } + } + + return( 0 ); +} + +#endif /* POLARSSL_PKCS12_C */ diff --git a/polarssl/pkcs12.h b/polarssl/pkcs12.h new file mode 100644 index 0000000..ef559bd --- /dev/null +++ b/polarssl/pkcs12.h @@ -0,0 +1,131 @@ +/** + * \file pkcs12.h + * + * \brief PKCS#12 Personal Information Exchange Syntax + * + * Copyright (C) 2006-2013, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef POLARSSL_PKCS12_H +#define POLARSSL_PKCS12_H + +#include + +#include "polarssl/md.h" +#include "polarssl/cipher.h" +#include "polarssl/asn1.h" + +#define POLARSSL_ERR_PKCS12_BAD_INPUT_DATA -0x1F80 /**< Bad input parameters to function. */ +#define POLARSSL_ERR_PKCS12_FEATURE_UNAVAILABLE -0x1F00 /**< Feature not available, e.g. unsupported encryption scheme. */ +#define POLARSSL_ERR_PKCS12_PBE_INVALID_FORMAT -0x1E80 /**< PBE ASN.1 data not as expected. */ +#define POLARSSL_ERR_PKCS12_PASSWORD_MISMATCH -0x1E00 /**< Given private key password does not allow for correct decryption. */ + +#define PKCS12_DERIVE_KEY 1 /*< encryption/decryption key */ +#define PKCS12_DERIVE_IV 2 /*< initialization vector */ +#define PKCS12_DERIVE_MAC_KEY 3 /*< integrity / MAC key */ + +#define PKCS12_PBE_DECRYPT 0 +#define PKCS12_PBE_ENCRYPT 1 + +/* + * PKCS#12 PBE types + */ +#define OID_PKCS12 "\x2a\x86\x48\x86\xf7\x0d\x01\x0c" +#define OID_PKCS12_PBE_SHA1_RC4_128 OID_PKCS12 "\x01\x01" +#define OID_PKCS12_PBE_SHA1_DES3_EDE_CBC OID_PKCS12 "\x01\x03" +#define OID_PKCS12_PBE_SHA1_DES2_EDE_CBC OID_PKCS12 "\x01\x04" + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief PKCS12 Password Based function (encryption / decryption) + * for pbeWithSHAAnd128BitRC4 + * + * \param pbe_params an ASN1 buffer containing the pkcs-12PbeParams structure + * \param mode either PKCS12_PBE_ENCRYPT or PKCS12_PBE_DECRYPT + * \param pwd the password used (may be NULL if no password is used) + * \param pwdlen length of the password (may be 0) + * \param input the input data + * \param len data length + * \param output the output buffer + * + * \return 0 if successful, or a PolarSSL error code + */ +int pkcs12_pbe_sha1_rc4_128( asn1_buf *pbe_params, int mode, + const unsigned char *pwd, size_t pwdlen, + const unsigned char *input, size_t len, + unsigned char *output ); + +/** + * \brief PKCS12 Password Based function (encryption / decryption) + * for cipher-based and md-based PBE's + * + * \param pbe_params an ASN1 buffer containing the pkcs-12PbeParams structure + * \param mode either PKCS12_PBE_ENCRYPT or PKCS12_PBE_DECRYPT + * \param cipher_type the cipher used + * \param md_type the md used + * \param pwd the password used (may be NULL if no password is used) + * \param pwdlen length of the password (may be 0) + * \param input the input data + * \param len data length + * \param output the output buffer + * + * \return 0 if successful, or a PolarSSL error code + */ +int pkcs12_pbe( asn1_buf *pbe_params, int mode, + cipher_type_t cipher_type, md_type_t md_type, + const unsigned char *pwd, size_t pwdlen, + const unsigned char *input, size_t len, + unsigned char *output ); + +/** + * \brief The PKCS#12 derivation function uses a password and a salt + * to produce pseudo-random bits for a particular "purpose". + * + * Depending on the given id, this function can produce an + * encryption/decryption key, an nitialization vector or an + * integrity key. + * + * \param data buffer to store the derived data in + * \param datalen length to fill + * \param pwd password to use (may be NULL if no password is used) + * \param pwdlen length of the password (may be 0) + * \param salt salt buffer to use + * \param saltlen length of the salt + * \param md md type to use during the derivation + * \param id id that describes the purpose (can be PKCS12_DERIVE_KEY, + * PKCS12_DERIVE_IV or PKCS12_DERIVE_MAC_KEY) + * \param iterations number of iterations + * + * \return 0 if successful, or a MD, BIGNUM type error. + */ +int pkcs12_derivation( unsigned char *data, size_t datalen, + const unsigned char *pwd, size_t pwdlen, + const unsigned char *salt, size_t saltlen, + md_type_t md, int id, int iterations ); + +#ifdef __cplusplus +} +#endif + +#endif /* pkcs12.h */ diff --git a/polarssl/pkcs5.c b/polarssl/pkcs5.c new file mode 100644 index 0000000..8e55415 --- /dev/null +++ b/polarssl/pkcs5.c @@ -0,0 +1,415 @@ +/** + * \file pkcs5.c + * + * \brief PKCS#5 functions + * + * \author Mathias Olsson + * + * Copyright (C) 2006-2013, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +/* + * PKCS#5 includes PBKDF2 and more + * + * http://tools.ietf.org/html/rfc2898 (Specification) + * http://tools.ietf.org/html/rfc6070 (Test vectors) + */ + +#include "polarssl/config.h" + +#if defined(POLARSSL_PKCS5_C) + +#include "polarssl/pkcs5.h" +#include "polarssl/asn1.h" +#include "polarssl/cipher.h" + +#define OID_CMP(oid_str, oid_buf) \ + ( ( OID_SIZE(oid_str) == (oid_buf)->len ) && \ + memcmp( (oid_str), (oid_buf)->p, (oid_buf)->len) == 0) + +static int pkcs5_parse_pbkdf2_params( unsigned char **p, + const unsigned char *end, + asn1_buf *salt, int *iterations, + int *keylen, md_type_t *md_type ) +{ + int ret; + size_t len = 0; + asn1_buf prf_alg_oid; + + /* + * PBKDF2-params ::= SEQUENCE { + * salt OCTET STRING, + * iterationCount INTEGER, + * keyLength INTEGER OPTIONAL + * prf AlgorithmIdentifier DEFAULT algid-hmacWithSHA1 + * } + * + */ + if( ( ret = asn1_get_tag( p, end, &len, + ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + { + return( POLARSSL_ERR_PKCS5_INVALID_FORMAT + ret ); + } + + end = *p + len; + + if( ( ret = asn1_get_tag( p, end, &salt->len, ASN1_OCTET_STRING ) ) != 0 ) + return( POLARSSL_ERR_PKCS5_INVALID_FORMAT + ret ); + + salt->p = *p; + *p += salt->len; + + if( ( ret = asn1_get_int( p, end, iterations ) ) != 0 ) + return( POLARSSL_ERR_PKCS5_INVALID_FORMAT + ret ); + + if( *p == end ) + return( 0 ); + + if( ( ret = asn1_get_int( p, end, keylen ) ) != 0 ) + { + if( ret != POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) + return( POLARSSL_ERR_PKCS5_INVALID_FORMAT + ret ); + } + + if( *p == end ) + return( 0 ); + + if( ( ret = asn1_get_tag( p, end, &prf_alg_oid.len, ASN1_OID ) ) != 0 ) + return( POLARSSL_ERR_PKCS5_INVALID_FORMAT + ret ); + + if( !OID_CMP( OID_HMAC_SHA1, &prf_alg_oid ) ) + return( POLARSSL_ERR_PKCS5_FEATURE_UNAVAILABLE ); + + *md_type = POLARSSL_MD_SHA1; + + if( *p != end ) + return( POLARSSL_ERR_PKCS5_INVALID_FORMAT + + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + + return( 0 ); +} + +int pkcs5_pbes2( asn1_buf *pbe_params, int mode, + const unsigned char *pwd, size_t pwdlen, + const unsigned char *data, size_t datalen, + unsigned char *output ) +{ + int ret, iterations = 0, keylen = 0; + unsigned char *p, *end, *end2; + asn1_buf kdf_alg_oid, enc_scheme_oid, salt; + md_type_t md_type = POLARSSL_MD_SHA1; + unsigned char key[32], iv[32]; + size_t len = 0, olen = 0; + const md_info_t *md_info; + const cipher_info_t *cipher_info; + md_context_t md_ctx; + cipher_context_t cipher_ctx; + + p = pbe_params->p; + end = p + pbe_params->len; + + /* + * PBES2-params ::= SEQUENCE { + * keyDerivationFunc AlgorithmIdentifier {{PBES2-KDFs}}, + * encryptionScheme AlgorithmIdentifier {{PBES2-Encs}} + * } + */ + if( ( ret = asn1_get_tag( &p, end, &len, + ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + { + return( POLARSSL_ERR_PKCS5_INVALID_FORMAT + ret ); + } + + if( ( ret = asn1_get_tag( &p, end, &len, + ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + { + return( POLARSSL_ERR_PKCS5_INVALID_FORMAT + ret ); + } + + end2 = p + len; + + if( ( ret = asn1_get_tag( &p, end2, &kdf_alg_oid.len, ASN1_OID ) ) != 0 ) + return( POLARSSL_ERR_PKCS5_INVALID_FORMAT + ret ); + + kdf_alg_oid.p = p; + p += kdf_alg_oid.len; + + // Only PBKDF2 supported at the moment + // + if( !OID_CMP( OID_PKCS5_PBKDF2, &kdf_alg_oid ) ) + return( POLARSSL_ERR_PKCS5_FEATURE_UNAVAILABLE ); + + if( ( ret = pkcs5_parse_pbkdf2_params( &p, end2, + &salt, &iterations, &keylen, + &md_type ) ) != 0 ) + { + return( ret ); + } + + md_info = md_info_from_type( md_type ); + if( md_info == NULL ) + return( POLARSSL_ERR_PKCS5_FEATURE_UNAVAILABLE ); + + if( ( ret = asn1_get_tag( &p, end, &len, + ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + { + return( POLARSSL_ERR_PKCS5_INVALID_FORMAT + ret ); + } + + end2 = p + len; + + if( ( ret = asn1_get_tag( &p, end2, &enc_scheme_oid.len, ASN1_OID ) ) != 0 ) + return( POLARSSL_ERR_PKCS5_INVALID_FORMAT + ret ); + + enc_scheme_oid.p = p; + p += enc_scheme_oid.len; + +#if defined(POLARSSL_DES_C) + // Only DES-CBC and DES-EDE3-CBC supported at the moment + // + if( OID_CMP( OID_DES_EDE3_CBC, &enc_scheme_oid ) ) + { + cipher_info = cipher_info_from_type( POLARSSL_CIPHER_DES_EDE3_CBC ); + } + else if( OID_CMP( OID_DES_CBC, &enc_scheme_oid ) ) + { + cipher_info = cipher_info_from_type( POLARSSL_CIPHER_DES_CBC ); + } + else +#endif /* POLARSSL_DES_C */ + return( POLARSSL_ERR_PKCS5_FEATURE_UNAVAILABLE ); + + if( cipher_info == NULL ) + return( POLARSSL_ERR_PKCS5_FEATURE_UNAVAILABLE ); + + keylen = cipher_info->key_length / 8; + + if( ( ret = asn1_get_tag( &p, end2, &len, ASN1_OCTET_STRING ) ) != 0 ) + return( POLARSSL_ERR_PKCS5_INVALID_FORMAT + ret ); + + if( len != cipher_info->iv_size ) + return( POLARSSL_ERR_PKCS5_INVALID_FORMAT ); + + memcpy( iv, p, len ); + + if( ( ret = md_init_ctx( &md_ctx, md_info ) ) != 0 ) + return( ret ); + + if( ( ret = cipher_init_ctx( &cipher_ctx, cipher_info ) ) != 0 ) + return( ret ); + + if ( ( ret = pkcs5_pbkdf2_hmac( &md_ctx, pwd, pwdlen, salt.p, salt.len, + iterations, keylen, key ) ) != 0 ) + { + return( ret ); + } + + if( ( ret = cipher_setkey( &cipher_ctx, key, keylen, mode ) ) != 0 ) + return( ret ); + + if( ( ret = cipher_reset( &cipher_ctx, iv ) ) != 0 ) + return( ret ); + + if( ( ret = cipher_update( &cipher_ctx, data, datalen, + output, &olen ) ) != 0 ) + { + return( ret ); + } + + if( ( ret = cipher_finish( &cipher_ctx, output + olen, &olen ) ) != 0 ) + return( POLARSSL_ERR_PKCS5_PASSWORD_MISMATCH ); + + return( 0 ); +} + +int pkcs5_pbkdf2_hmac( md_context_t *ctx, const unsigned char *password, + size_t plen, const unsigned char *salt, size_t slen, + unsigned int iteration_count, + uint32_t key_length, unsigned char *output ) +{ + int ret, j; + unsigned int i; + unsigned char md1[POLARSSL_MD_MAX_SIZE]; + unsigned char work[POLARSSL_MD_MAX_SIZE]; + unsigned char md_size = md_get_size( ctx->md_info ); + size_t use_len; + unsigned char *out_p = output; + unsigned char counter[4]; + + memset( counter, 0, 4 ); + counter[3] = 1; + + if( iteration_count > 0xFFFFFFFF ) + return( POLARSSL_ERR_PKCS5_BAD_INPUT_DATA ); + + while( key_length ) + { + // U1 ends up in work + // + if( ( ret = md_hmac_starts( ctx, password, plen ) ) != 0 ) + return( ret ); + + if( ( ret = md_hmac_update( ctx, salt, slen ) ) != 0 ) + return( ret ); + + if( ( ret = md_hmac_update( ctx, counter, 4 ) ) != 0 ) + return( ret ); + + if( ( ret = md_hmac_finish( ctx, work ) ) != 0 ) + return( ret ); + + memcpy( md1, work, md_size ); + + for ( i = 1; i < iteration_count; i++ ) + { + // U2 ends up in md1 + // + if( ( ret = md_hmac_starts( ctx, password, plen ) ) != 0 ) + return( ret ); + + if( ( ret = md_hmac_update( ctx, md1, md_size ) ) != 0 ) + return( ret ); + + if( ( ret = md_hmac_finish( ctx, md1 ) ) != 0 ) + return( ret ); + + // U1 xor U2 + // + for( j = 0; j < md_size; j++ ) + work[j] ^= md1[j]; + } + + use_len = ( key_length < md_size ) ? key_length : md_size; + memcpy( out_p, work, use_len ); + + key_length -= use_len; + out_p += use_len; + + for( i = 4; i > 0; i-- ) + if( ++counter[i - 1] != 0 ) + break; + } + + return( 0 ); +} + +#if defined(POLARSSL_SELF_TEST) + +#include + +#define MAX_TESTS 6 + +size_t plen[MAX_TESTS] = + { 8, 8, 8, 8, 24, 9 }; + +unsigned char password[MAX_TESTS][32] = +{ + "password", + "password", + "password", + "password", + "passwordPASSWORDpassword", + "pass\0word", +}; + +size_t slen[MAX_TESTS] = + { 4, 4, 4, 4, 36, 5 }; + +unsigned char salt[MAX_TESTS][40] = +{ + "salt", + "salt", + "salt", + "salt", + "saltSALTsaltSALTsaltSALTsaltSALTsalt", + "sa\0lt", +}; + +uint32_t it_cnt[MAX_TESTS] = + { 1, 2, 4096, 16777216, 4096, 4096 }; + +uint32_t key_len[MAX_TESTS] = + { 20, 20, 20, 20, 25, 16 }; + + +unsigned char result_key[MAX_TESTS][32] = +{ + { 0x0c, 0x60, 0xc8, 0x0f, 0x96, 0x1f, 0x0e, 0x71, + 0xf3, 0xa9, 0xb5, 0x24, 0xaf, 0x60, 0x12, 0x06, + 0x2f, 0xe0, 0x37, 0xa6 }, + { 0xea, 0x6c, 0x01, 0x4d, 0xc7, 0x2d, 0x6f, 0x8c, + 0xcd, 0x1e, 0xd9, 0x2a, 0xce, 0x1d, 0x41, 0xf0, + 0xd8, 0xde, 0x89, 0x57 }, + { 0x4b, 0x00, 0x79, 0x01, 0xb7, 0x65, 0x48, 0x9a, + 0xbe, 0xad, 0x49, 0xd9, 0x26, 0xf7, 0x21, 0xd0, + 0x65, 0xa4, 0x29, 0xc1 }, + { 0xee, 0xfe, 0x3d, 0x61, 0xcd, 0x4d, 0xa4, 0xe4, + 0xe9, 0x94, 0x5b, 0x3d, 0x6b, 0xa2, 0x15, 0x8c, + 0x26, 0x34, 0xe9, 0x84 }, + { 0x3d, 0x2e, 0xec, 0x4f, 0xe4, 0x1c, 0x84, 0x9b, + 0x80, 0xc8, 0xd8, 0x36, 0x62, 0xc0, 0xe4, 0x4a, + 0x8b, 0x29, 0x1a, 0x96, 0x4c, 0xf2, 0xf0, 0x70, + 0x38 }, + { 0x56, 0xfa, 0x6a, 0xa7, 0x55, 0x48, 0x09, 0x9d, + 0xcc, 0x37, 0xd7, 0xf0, 0x34, 0x25, 0xe0, 0xc3 }, +}; + +int pkcs5_self_test( int verbose ) +{ + md_context_t sha1_ctx; + const md_info_t *info_sha1; + int ret, i; + unsigned char key[64]; + + info_sha1 = md_info_from_type( POLARSSL_MD_SHA1 ); + if( info_sha1 == NULL ) + return( 1 ); + + if( ( ret = md_init_ctx( &sha1_ctx, info_sha1 ) ) != 0 ) + return( 1 ); + + for( i = 0; i < MAX_TESTS; i++ ) + { + printf( " PBKDF2 (SHA1) #%d: ", i ); + + ret = pkcs5_pbkdf2_hmac( &sha1_ctx, password[i], plen[i], salt[i], + slen[i], it_cnt[i], key_len[i], key ); + if( ret != 0 || + memcmp( result_key[i], key, key_len[i] ) != 0 ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( 1 ); + } + + if( verbose != 0 ) + printf( "passed\n" ); + } + + printf( "\n" ); + + return( 0 ); +} + +#endif /* POLARSSL_SELF_TEST */ + +#endif /* POLARSSL_PKCS5_C */ diff --git a/polarssl/pkcs5.h b/polarssl/pkcs5.h new file mode 100644 index 0000000..18f1a4b --- /dev/null +++ b/polarssl/pkcs5.h @@ -0,0 +1,122 @@ +/** + * \file pkcs#5.h + * + * \brief PKCS#5 functions + * + * \author Mathias Olsson + * + * Copyright (C) 2006-2013, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef POLARSSL_PKCS5_H +#define POLARSSL_PKCS5_H + +#include + +#include "polarssl/asn1.h" +#include "polarssl/md.h" + +#ifdef _MSC_VER +#include +typedef UINT32 uint32_t; +#else +#include +#endif + +#define POLARSSL_ERR_PKCS5_BAD_INPUT_DATA -0x3f80 /**< Bad input parameters to function. */ +#define POLARSSL_ERR_PKCS5_INVALID_FORMAT -0x3f00 /**< Unexpected ASN.1 data. */ +#define POLARSSL_ERR_PKCS5_FEATURE_UNAVAILABLE -0x3e80 /**< Requested encryption or digest alg not available. */ +#define POLARSSL_ERR_PKCS5_PASSWORD_MISMATCH -0x3e00 /**< Given private key password does not allow for correct decryption. */ + +#define PKCS5_DECRYPT 0 +#define PKCS5_ENCRYPT 1 + +/* + * PKCS#5 OIDs + */ +#define OID_PKCS5 "\x2a\x86\x48\x86\xf7\x0d\x01\x05" +#define OID_PKCS5_PBES2 OID_PKCS5 "\x0d" +#define OID_PKCS5_PBKDF2 OID_PKCS5 "\x0c" + +/* + * Encryption Algorithm OIDs + */ +#define OID_DES_CBC "\x2b\x0e\x03\x02\x07" +#define OID_DES_EDE3_CBC "\x2a\x86\x48\x86\xf7\x0d\x03\x07" + +/* + * Digest Algorithm OIDs + */ +#define OID_HMAC_SHA1 "\x2a\x86\x48\x86\xf7\x0d\x02\x07" + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief PKCS#5 PBES2 function + * + * \param pbe_params the ASN.1 algorithm parameters + * \param mode either PKCS5_DECRYPT or PKCS5_ENCRYPT + * \param pwd password to use when generating key + * \param plen length of password + * \param data data to process + * \param datalen length of data + * \param output output buffer + * + * \returns 0 on success, or a PolarSSL error code if verification fails. + */ +int pkcs5_pbes2( asn1_buf *pbe_params, int mode, + const unsigned char *pwd, size_t pwdlen, + const unsigned char *data, size_t datalen, + unsigned char *output ); + +/** + * \brief PKCS#5 PBKDF2 using HMAC + * + * \param ctx Generic HMAC context + * \param password Password to use when generating key + * \param plen Length of password + * \param salt Salt to use when generating key + * \param slen Length of salt + * \param iteration_count Iteration count + * \param key_length Length of generated key + * \param output Generated key. Must be at least as big as key_length + * + * \returns 0 on success, or a PolarSSL error code if verification fails. + */ +int pkcs5_pbkdf2_hmac( md_context_t *ctx, const unsigned char *password, + size_t plen, const unsigned char *salt, size_t slen, + unsigned int iteration_count, + uint32_t key_length, unsigned char *output ); + +/** + * \brief Checkup routine + * + * \return 0 if successful, or 1 if the test failed + */ +int pkcs5_self_test( int verbose ); + +#ifdef __cplusplus +} +#endif + +#endif /* pkcs5.h */ diff --git a/polarssl/rsa.c b/polarssl/rsa.c new file mode 100644 index 0000000..e53d9a2 --- /dev/null +++ b/polarssl/rsa.c @@ -0,0 +1,1466 @@ +/* + * The RSA public-key cryptosystem + * + * Copyright (C) 2006-2011, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +/* + * RSA was designed by Ron Rivest, Adi Shamir and Len Adleman. + * + * http://theory.lcs.mit.edu/~rivest/rsapaper.pdf + * http://www.cacr.math.uwaterloo.ca/hac/about/chap8.pdf + */ + +#include "polarssl/config.h" + +#if defined(POLARSSL_RSA_C) + +#include "polarssl/rsa.h" + +#if defined(POLARSSL_PKCS1_V21) +#include "polarssl/md.h" +#endif + +#include +#include + +/* + * Initialize an RSA context + */ +void rsa_init( rsa_context *ctx, + int padding, + int hash_id ) +{ + memset( ctx, 0, sizeof( rsa_context ) ); + + ctx->padding = padding; + ctx->hash_id = hash_id; +} + +#if defined(POLARSSL_GENPRIME) + +/* + * Generate an RSA keypair + */ +int rsa_gen_key( rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + unsigned int nbits, int exponent ) +{ + int ret; + mpi P1, Q1, H, G; + + if( f_rng == NULL || nbits < 128 || exponent < 3 ) + return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + + mpi_init( &P1 ); mpi_init( &Q1 ); mpi_init( &H ); mpi_init( &G ); + + /* + * find primes P and Q with Q < P so that: + * GCD( E, (P-1)*(Q-1) ) == 1 + */ + MPI_CHK( mpi_lset( &ctx->E, exponent ) ); + + do + { + MPI_CHK( mpi_gen_prime( &ctx->P, ( nbits + 1 ) >> 1, 0, + f_rng, p_rng ) ); + + MPI_CHK( mpi_gen_prime( &ctx->Q, ( nbits + 1 ) >> 1, 0, + f_rng, p_rng ) ); + + if( mpi_cmp_mpi( &ctx->P, &ctx->Q ) < 0 ) + mpi_swap( &ctx->P, &ctx->Q ); + + if( mpi_cmp_mpi( &ctx->P, &ctx->Q ) == 0 ) + continue; + + MPI_CHK( mpi_mul_mpi( &ctx->N, &ctx->P, &ctx->Q ) ); + if( mpi_msb( &ctx->N ) != nbits ) + continue; + + MPI_CHK( mpi_sub_int( &P1, &ctx->P, 1 ) ); + MPI_CHK( mpi_sub_int( &Q1, &ctx->Q, 1 ) ); + MPI_CHK( mpi_mul_mpi( &H, &P1, &Q1 ) ); + MPI_CHK( mpi_gcd( &G, &ctx->E, &H ) ); + } + while( mpi_cmp_int( &G, 1 ) != 0 ); + + /* + * D = E^-1 mod ((P-1)*(Q-1)) + * DP = D mod (P - 1) + * DQ = D mod (Q - 1) + * QP = Q^-1 mod P + */ + MPI_CHK( mpi_inv_mod( &ctx->D , &ctx->E, &H ) ); + MPI_CHK( mpi_mod_mpi( &ctx->DP, &ctx->D, &P1 ) ); + MPI_CHK( mpi_mod_mpi( &ctx->DQ, &ctx->D, &Q1 ) ); + MPI_CHK( mpi_inv_mod( &ctx->QP, &ctx->Q, &ctx->P ) ); + + ctx->len = ( mpi_msb( &ctx->N ) + 7 ) >> 3; + +cleanup: + + mpi_free( &P1 ); mpi_free( &Q1 ); mpi_free( &H ); mpi_free( &G ); + + if( ret != 0 ) + { + rsa_free( ctx ); + return( POLARSSL_ERR_RSA_KEY_GEN_FAILED + ret ); + } + + return( 0 ); +} + +#endif + +/* + * Check a public RSA key + */ +int rsa_check_pubkey( const rsa_context *ctx ) +{ + if( !ctx->N.p || !ctx->E.p ) + return( POLARSSL_ERR_RSA_KEY_CHECK_FAILED ); + + if( ( ctx->N.p[0] & 1 ) == 0 || + ( ctx->E.p[0] & 1 ) == 0 ) + return( POLARSSL_ERR_RSA_KEY_CHECK_FAILED ); + + if( mpi_msb( &ctx->N ) < 128 || + mpi_msb( &ctx->N ) > POLARSSL_MPI_MAX_BITS ) + return( POLARSSL_ERR_RSA_KEY_CHECK_FAILED ); + + if( mpi_msb( &ctx->E ) < 2 || + mpi_msb( &ctx->E ) > 64 ) + return( POLARSSL_ERR_RSA_KEY_CHECK_FAILED ); + + return( 0 ); +} + +/* + * Check a private RSA key + */ +int rsa_check_privkey( const rsa_context *ctx ) +{ + int ret; + mpi PQ, DE, P1, Q1, H, I, G, G2, L1, L2, DP, DQ, QP; + + if( ( ret = rsa_check_pubkey( ctx ) ) != 0 ) + return( ret ); + + if( !ctx->P.p || !ctx->Q.p || !ctx->D.p ) + return( POLARSSL_ERR_RSA_KEY_CHECK_FAILED ); + + mpi_init( &PQ ); mpi_init( &DE ); mpi_init( &P1 ); mpi_init( &Q1 ); + mpi_init( &H ); mpi_init( &I ); mpi_init( &G ); mpi_init( &G2 ); + mpi_init( &L1 ); mpi_init( &L2 ); mpi_init( &DP ); mpi_init( &DQ ); + mpi_init( &QP ); + + MPI_CHK( mpi_mul_mpi( &PQ, &ctx->P, &ctx->Q ) ); + MPI_CHK( mpi_mul_mpi( &DE, &ctx->D, &ctx->E ) ); + MPI_CHK( mpi_sub_int( &P1, &ctx->P, 1 ) ); + MPI_CHK( mpi_sub_int( &Q1, &ctx->Q, 1 ) ); + MPI_CHK( mpi_mul_mpi( &H, &P1, &Q1 ) ); + MPI_CHK( mpi_gcd( &G, &ctx->E, &H ) ); + + MPI_CHK( mpi_gcd( &G2, &P1, &Q1 ) ); + MPI_CHK( mpi_div_mpi( &L1, &L2, &H, &G2 ) ); + MPI_CHK( mpi_mod_mpi( &I, &DE, &L1 ) ); + + MPI_CHK( mpi_mod_mpi( &DP, &ctx->D, &P1 ) ); + MPI_CHK( mpi_mod_mpi( &DQ, &ctx->D, &Q1 ) ); + MPI_CHK( mpi_inv_mod( &QP, &ctx->Q, &ctx->P ) ); + /* + * Check for a valid PKCS1v2 private key + */ + if( mpi_cmp_mpi( &PQ, &ctx->N ) != 0 || + mpi_cmp_mpi( &DP, &ctx->DP ) != 0 || + mpi_cmp_mpi( &DQ, &ctx->DQ ) != 0 || + mpi_cmp_mpi( &QP, &ctx->QP ) != 0 || + mpi_cmp_int( &L2, 0 ) != 0 || + mpi_cmp_int( &I, 1 ) != 0 || + mpi_cmp_int( &G, 1 ) != 0 ) + { + ret = POLARSSL_ERR_RSA_KEY_CHECK_FAILED; + } + +cleanup: + mpi_free( &PQ ); mpi_free( &DE ); mpi_free( &P1 ); mpi_free( &Q1 ); + mpi_free( &H ); mpi_free( &I ); mpi_free( &G ); mpi_free( &G2 ); + mpi_free( &L1 ); mpi_free( &L2 ); mpi_free( &DP ); mpi_free( &DQ ); + mpi_free( &QP ); + + if( ret == POLARSSL_ERR_RSA_KEY_CHECK_FAILED ) + return( ret ); + + if( ret != 0 ) + return( POLARSSL_ERR_RSA_KEY_CHECK_FAILED + ret ); + + return( 0 ); +} + +/* + * Do an RSA public key operation + */ +int rsa_public( rsa_context *ctx, + const unsigned char *input, + unsigned char *output ) +{ + int ret; + size_t olen; + mpi T; + + mpi_init( &T ); + + MPI_CHK( mpi_read_binary( &T, input, ctx->len ) ); + + if( mpi_cmp_mpi( &T, &ctx->N ) >= 0 ) + { + mpi_free( &T ); + return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + } + + olen = ctx->len; + MPI_CHK( mpi_exp_mod( &T, &T, &ctx->E, &ctx->N, &ctx->RN ) ); + MPI_CHK( mpi_write_binary( &T, output, olen ) ); + +cleanup: + + mpi_free( &T ); + + if( ret != 0 ) + return( POLARSSL_ERR_RSA_PUBLIC_FAILED + ret ); + + return( 0 ); +} + +/* + * Do an RSA private key operation + */ +int rsa_private( rsa_context *ctx, + const unsigned char *input, + unsigned char *output ) +{ + int ret; + size_t olen; + mpi T, T1, T2; + + mpi_init( &T ); mpi_init( &T1 ); mpi_init( &T2 ); + + MPI_CHK( mpi_read_binary( &T, input, ctx->len ) ); + + if( mpi_cmp_mpi( &T, &ctx->N ) >= 0 ) + { + mpi_free( &T ); + return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + } + +#if defined(POLARSSL_RSA_NO_CRT) + MPI_CHK( mpi_exp_mod( &T, &T, &ctx->D, &ctx->N, &ctx->RN ) ); +#else + /* + * faster decryption using the CRT + * + * T1 = input ^ dP mod P + * T2 = input ^ dQ mod Q + */ + MPI_CHK( mpi_exp_mod( &T1, &T, &ctx->DP, &ctx->P, &ctx->RP ) ); + MPI_CHK( mpi_exp_mod( &T2, &T, &ctx->DQ, &ctx->Q, &ctx->RQ ) ); + + /* + * T = (T1 - T2) * (Q^-1 mod P) mod P + */ + MPI_CHK( mpi_sub_mpi( &T, &T1, &T2 ) ); + MPI_CHK( mpi_mul_mpi( &T1, &T, &ctx->QP ) ); + MPI_CHK( mpi_mod_mpi( &T, &T1, &ctx->P ) ); + + /* + * output = T2 + T * Q + */ + MPI_CHK( mpi_mul_mpi( &T1, &T, &ctx->Q ) ); + MPI_CHK( mpi_add_mpi( &T, &T2, &T1 ) ); +#endif + + olen = ctx->len; + MPI_CHK( mpi_write_binary( &T, output, olen ) ); + +cleanup: + + mpi_free( &T ); mpi_free( &T1 ); mpi_free( &T2 ); + + if( ret != 0 ) + return( POLARSSL_ERR_RSA_PRIVATE_FAILED + ret ); + + return( 0 ); +} + +#if defined(POLARSSL_PKCS1_V21) +/** + * Generate and apply the MGF1 operation (from PKCS#1 v2.1) to a buffer. + * + * \param dst buffer to mask + * \param dlen length of destination buffer + * \param src source of the mask generation + * \param slen length of the source buffer + * \param md_ctx message digest context to use + */ +static void mgf_mask( unsigned char *dst, size_t dlen, unsigned char *src, size_t slen, + md_context_t *md_ctx ) +{ + unsigned char mask[POLARSSL_MD_MAX_SIZE]; + unsigned char counter[4]; + unsigned char *p; + unsigned int hlen; + size_t i, use_len; + + memset( mask, 0, POLARSSL_MD_MAX_SIZE ); + memset( counter, 0, 4 ); + + hlen = md_ctx->md_info->size; + + // Generate and apply dbMask + // + p = dst; + + while( dlen > 0 ) + { + use_len = hlen; + if( dlen < hlen ) + use_len = dlen; + + md_starts( md_ctx ); + md_update( md_ctx, src, slen ); + md_update( md_ctx, counter, 4 ); + md_finish( md_ctx, mask ); + + for( i = 0; i < use_len; ++i ) + *p++ ^= mask[i]; + + counter[3]++; + + dlen -= use_len; + } +} +#endif + +#if defined(POLARSSL_PKCS1_V21) +/* + * Implementation of the PKCS#1 v2.1 RSAES-OAEP-ENCRYPT function + */ +int rsa_rsaes_oaep_encrypt( rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + const unsigned char *label, size_t label_len, + size_t ilen, + const unsigned char *input, + unsigned char *output ) +{ + size_t olen; + int ret; + unsigned char *p = output; + unsigned int hlen; + const md_info_t *md_info; + md_context_t md_ctx; + + if( ctx->padding != RSA_PKCS_V21 || f_rng == NULL ) + return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + + md_info = md_info_from_type( ctx->hash_id ); + + if( md_info == NULL ) + return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + + olen = ctx->len; + hlen = md_get_size( md_info ); + + if( olen < ilen + 2 * hlen + 2 || f_rng == NULL ) + return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + + memset( output, 0, olen ); + + *p++ = 0; + + // Generate a random octet string seed + // + if( ( ret = f_rng( p_rng, p, hlen ) ) != 0 ) + return( POLARSSL_ERR_RSA_RNG_FAILED + ret ); + + p += hlen; + + // Construct DB + // + md( md_info, label, label_len, p ); + p += hlen; + p += olen - 2 * hlen - 2 - ilen; + *p++ = 1; + memcpy( p, input, ilen ); + + md_init_ctx( &md_ctx, md_info ); + + // maskedDB: Apply dbMask to DB + // + mgf_mask( output + hlen + 1, olen - hlen - 1, output + 1, hlen, + &md_ctx ); + + // maskedSeed: Apply seedMask to seed + // + mgf_mask( output + 1, hlen, output + hlen + 1, olen - hlen - 1, + &md_ctx ); + + md_free_ctx( &md_ctx ); + + return( ( mode == RSA_PUBLIC ) + ? rsa_public( ctx, output, output ) + : rsa_private( ctx, output, output ) ); +} +#endif /* POLARSSL_PKCS1_V21 */ + +/* + * Implementation of the PKCS#1 v2.1 RSAES-PKCS1-V1_5-ENCRYPT function + */ +int rsa_rsaes_pkcs1_v15_encrypt( rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, size_t ilen, + const unsigned char *input, + unsigned char *output ) +{ + size_t nb_pad, olen; + int ret; + unsigned char *p = output; + + if( ctx->padding != RSA_PKCS_V15 || f_rng == NULL ) + return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + + olen = ctx->len; + + if( olen < ilen + 11 ) + return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + + nb_pad = olen - 3 - ilen; + + *p++ = 0; + if( mode == RSA_PUBLIC ) + { + *p++ = RSA_CRYPT; + + while( nb_pad-- > 0 ) + { + int rng_dl = 100; + + do { + ret = f_rng( p_rng, p, 1 ); + } while( *p == 0 && --rng_dl && ret == 0 ); + + // Check if RNG failed to generate data + // + if( rng_dl == 0 || ret != 0) + return POLARSSL_ERR_RSA_RNG_FAILED + ret; + + p++; + } + } + else + { + *p++ = RSA_SIGN; + + while( nb_pad-- > 0 ) + *p++ = 0xFF; + } + + *p++ = 0; + memcpy( p, input, ilen ); + + return( ( mode == RSA_PUBLIC ) + ? rsa_public( ctx, output, output ) + : rsa_private( ctx, output, output ) ); +} + +/* + * Add the message padding, then do an RSA operation + */ +int rsa_pkcs1_encrypt( rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, size_t ilen, + const unsigned char *input, + unsigned char *output ) +{ + switch( ctx->padding ) + { + case RSA_PKCS_V15: + return rsa_rsaes_pkcs1_v15_encrypt( ctx, f_rng, p_rng, mode, ilen, + input, output ); + +#if defined(POLARSSL_PKCS1_V21) + case RSA_PKCS_V21: + return rsa_rsaes_oaep_encrypt( ctx, f_rng, p_rng, mode, NULL, 0, + ilen, input, output ); +#endif + + default: + return( POLARSSL_ERR_RSA_INVALID_PADDING ); + } +} + +#if defined(POLARSSL_PKCS1_V21) +/* + * Implementation of the PKCS#1 v2.1 RSAES-OAEP-DECRYPT function + */ +int rsa_rsaes_oaep_decrypt( rsa_context *ctx, + int mode, + const unsigned char *label, size_t label_len, + size_t *olen, + const unsigned char *input, + unsigned char *output, + size_t output_max_len ) +{ + int ret; + size_t ilen; + unsigned char *p; + unsigned char buf[POLARSSL_MPI_MAX_SIZE]; + unsigned char lhash[POLARSSL_MD_MAX_SIZE]; + unsigned int hlen; + const md_info_t *md_info; + md_context_t md_ctx; + + if( ctx->padding != RSA_PKCS_V21 ) + return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + + ilen = ctx->len; + + if( ilen < 16 || ilen > sizeof( buf ) ) + return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + + ret = ( mode == RSA_PUBLIC ) + ? rsa_public( ctx, input, buf ) + : rsa_private( ctx, input, buf ); + + if( ret != 0 ) + return( ret ); + + p = buf; + + if( *p++ != 0 ) + return( POLARSSL_ERR_RSA_INVALID_PADDING ); + + md_info = md_info_from_type( ctx->hash_id ); + if( md_info == NULL ) + return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + + hlen = md_get_size( md_info ); + + md_init_ctx( &md_ctx, md_info ); + + // Generate lHash + // + md( md_info, label, label_len, lhash ); + + // seed: Apply seedMask to maskedSeed + // + mgf_mask( buf + 1, hlen, buf + hlen + 1, ilen - hlen - 1, + &md_ctx ); + + // DB: Apply dbMask to maskedDB + // + mgf_mask( buf + hlen + 1, ilen - hlen - 1, buf + 1, hlen, + &md_ctx ); + + p += hlen; + md_free_ctx( &md_ctx ); + + // Check validity + // + if( memcmp( lhash, p, hlen ) != 0 ) + return( POLARSSL_ERR_RSA_INVALID_PADDING ); + + p += hlen; + + while( *p == 0 && p < buf + ilen ) + p++; + + if( p == buf + ilen ) + return( POLARSSL_ERR_RSA_INVALID_PADDING ); + + if( *p++ != 0x01 ) + return( POLARSSL_ERR_RSA_INVALID_PADDING ); + + if (ilen - (p - buf) > output_max_len) + return( POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE ); + + *olen = ilen - (p - buf); + memcpy( output, p, *olen ); + + return( 0 ); +} +#endif /* POLARSSL_PKCS1_V21 */ + +/* + * Implementation of the PKCS#1 v2.1 RSAES-PKCS1-V1_5-DECRYPT function + */ +int rsa_rsaes_pkcs1_v15_decrypt( rsa_context *ctx, + int mode, size_t *olen, + const unsigned char *input, + unsigned char *output, + size_t output_max_len) +{ + int ret, correct = 1; + size_t ilen, pad_count = 0; + unsigned char *p, *q; + unsigned char bt; + unsigned char buf[POLARSSL_MPI_MAX_SIZE]; + + if( ctx->padding != RSA_PKCS_V15 ) + return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + + ilen = ctx->len; + + if( ilen < 16 || ilen > sizeof( buf ) ) + return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + + ret = ( mode == RSA_PUBLIC ) + ? rsa_public( ctx, input, buf ) + : rsa_private( ctx, input, buf ); + + if( ret != 0 ) + return( ret ); + + p = buf; + + if( *p++ != 0 ) + correct = 0; + + bt = *p++; + if( ( bt != RSA_CRYPT && mode == RSA_PRIVATE ) || + ( bt != RSA_SIGN && mode == RSA_PUBLIC ) ) + { + correct = 0; + } + + if( bt == RSA_CRYPT ) + { + while( *p != 0 && p < buf + ilen - 1 ) + pad_count += ( *p++ != 0 ); + + correct &= ( *p == 0 && p < buf + ilen - 1 ); + + q = p; + + // Also pass over all other bytes to reduce timing differences + // + while ( q < buf + ilen - 1 ) + pad_count += ( *q++ != 0 ); + + // Prevent compiler optimization of pad_count + // + correct |= pad_count & 0x100000; /* Always 0 unless 1M bit keys */ + p++; + } + else + { + while( *p == 0xFF && p < buf + ilen - 1 ) + pad_count += ( *p++ == 0xFF ); + + correct &= ( *p == 0 && p < buf + ilen - 1 ); + + q = p; + + // Also pass over all other bytes to reduce timing differences + // + while ( q < buf + ilen - 1 ) + pad_count += ( *q++ != 0 ); + + // Prevent compiler optimization of pad_count + // + correct |= pad_count & 0x100000; /* Always 0 unless 1M bit keys */ + p++; + } + + if( correct == 0 ) + return( POLARSSL_ERR_RSA_INVALID_PADDING ); + + if (ilen - (p - buf) > output_max_len) + return( POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE ); + + *olen = ilen - (p - buf); + memcpy( output, p, *olen ); + + return( 0 ); +} + +/* + * Do an RSA operation, then remove the message padding + */ +int rsa_pkcs1_decrypt( rsa_context *ctx, + int mode, size_t *olen, + const unsigned char *input, + unsigned char *output, + size_t output_max_len) +{ + switch( ctx->padding ) + { + case RSA_PKCS_V15: + return rsa_rsaes_pkcs1_v15_decrypt( ctx, mode, olen, input, output, + output_max_len ); + +#if defined(POLARSSL_PKCS1_V21) + case RSA_PKCS_V21: + return rsa_rsaes_oaep_decrypt( ctx, mode, NULL, 0, olen, input, + output, output_max_len ); +#endif + + default: + return( POLARSSL_ERR_RSA_INVALID_PADDING ); + } +} + +#if defined(POLARSSL_PKCS1_V21) +/* + * Implementation of the PKCS#1 v2.1 RSASSA-PSS-SIGN function + */ +int rsa_rsassa_pss_sign( rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + int hash_id, + unsigned int hashlen, + const unsigned char *hash, + unsigned char *sig ) +{ + size_t olen; + unsigned char *p = sig; + unsigned char salt[POLARSSL_MD_MAX_SIZE]; + unsigned int slen, hlen, offset = 0; + int ret; + size_t msb; + const md_info_t *md_info; + md_context_t md_ctx; + + if( ctx->padding != RSA_PKCS_V21 || f_rng == NULL ) + return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + + olen = ctx->len; + + switch( hash_id ) + { + case SIG_RSA_MD2: + case SIG_RSA_MD4: + case SIG_RSA_MD5: + hashlen = 16; + break; + + case SIG_RSA_SHA1: + hashlen = 20; + break; + + case SIG_RSA_SHA224: + hashlen = 28; + break; + + case SIG_RSA_SHA256: + hashlen = 32; + break; + + case SIG_RSA_SHA384: + hashlen = 48; + break; + + case SIG_RSA_SHA512: + hashlen = 64; + break; + + default: + return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + } + + md_info = md_info_from_type( ctx->hash_id ); + if( md_info == NULL ) + return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + + hlen = md_get_size( md_info ); + slen = hlen; + + if( olen < hlen + slen + 2 ) + return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + + memset( sig, 0, olen ); + + msb = mpi_msb( &ctx->N ) - 1; + + // Generate salt of length slen + // + if( ( ret = f_rng( p_rng, salt, slen ) ) != 0 ) + return( POLARSSL_ERR_RSA_RNG_FAILED + ret ); + + // Note: EMSA-PSS encoding is over the length of N - 1 bits + // + msb = mpi_msb( &ctx->N ) - 1; + p += olen - hlen * 2 - 2; + *p++ = 0x01; + memcpy( p, salt, slen ); + p += slen; + + md_init_ctx( &md_ctx, md_info ); + + // Generate H = Hash( M' ) + // + md_starts( &md_ctx ); + md_update( &md_ctx, p, 8 ); + md_update( &md_ctx, hash, hashlen ); + md_update( &md_ctx, salt, slen ); + md_finish( &md_ctx, p ); + + // Compensate for boundary condition when applying mask + // + if( msb % 8 == 0 ) + offset = 1; + + // maskedDB: Apply dbMask to DB + // + mgf_mask( sig + offset, olen - hlen - 1 - offset, p, hlen, &md_ctx ); + + md_free_ctx( &md_ctx ); + + msb = mpi_msb( &ctx->N ) - 1; + sig[0] &= 0xFF >> ( olen * 8 - msb ); + + p += hlen; + *p++ = 0xBC; + + return( ( mode == RSA_PUBLIC ) + ? rsa_public( ctx, sig, sig ) + : rsa_private( ctx, sig, sig ) ); +} +#endif /* POLARSSL_PKCS1_V21 */ + +/* + * Implementation of the PKCS#1 v2.1 RSASSA-PKCS1-V1_5-SIGN function + */ +/* + * Do an RSA operation to sign the message digest + */ +int rsa_rsassa_pkcs1_v15_sign( rsa_context *ctx, + int mode, + int hash_id, + unsigned int hashlen, + const unsigned char *hash, + unsigned char *sig ) +{ + size_t nb_pad, olen; + unsigned char *p = sig; + + if( ctx->padding != RSA_PKCS_V15 ) + return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + + olen = ctx->len; + + switch( hash_id ) + { + case SIG_RSA_RAW: + nb_pad = olen - 3 - hashlen; + break; + + case SIG_RSA_MD2: + case SIG_RSA_MD4: + case SIG_RSA_MD5: + nb_pad = olen - 3 - 34; + break; + + case SIG_RSA_SHA1: + nb_pad = olen - 3 - 35; + break; + + case SIG_RSA_SHA224: + nb_pad = olen - 3 - 47; + break; + + case SIG_RSA_SHA256: + nb_pad = olen - 3 - 51; + break; + + case SIG_RSA_SHA384: + nb_pad = olen - 3 - 67; + break; + + case SIG_RSA_SHA512: + nb_pad = olen - 3 - 83; + break; + + + default: + return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + } + + if( ( nb_pad < 8 ) || ( nb_pad > olen ) ) + return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + + *p++ = 0; + *p++ = RSA_SIGN; + memset( p, 0xFF, nb_pad ); + p += nb_pad; + *p++ = 0; + + switch( hash_id ) + { + case SIG_RSA_RAW: + memcpy( p, hash, hashlen ); + break; + + case SIG_RSA_MD2: + memcpy( p, ASN1_HASH_MDX, 18 ); + memcpy( p + 18, hash, 16 ); + p[13] = 2; break; + + case SIG_RSA_MD4: + memcpy( p, ASN1_HASH_MDX, 18 ); + memcpy( p + 18, hash, 16 ); + p[13] = 4; break; + + case SIG_RSA_MD5: + memcpy( p, ASN1_HASH_MDX, 18 ); + memcpy( p + 18, hash, 16 ); + p[13] = 5; break; + + case SIG_RSA_SHA1: + memcpy( p, ASN1_HASH_SHA1, 15 ); + memcpy( p + 15, hash, 20 ); + break; + + case SIG_RSA_SHA224: + memcpy( p, ASN1_HASH_SHA2X, 19 ); + memcpy( p + 19, hash, 28 ); + p[1] += 28; p[14] = 4; p[18] += 28; break; + + case SIG_RSA_SHA256: + memcpy( p, ASN1_HASH_SHA2X, 19 ); + memcpy( p + 19, hash, 32 ); + p[1] += 32; p[14] = 1; p[18] += 32; break; + + case SIG_RSA_SHA384: + memcpy( p, ASN1_HASH_SHA2X, 19 ); + memcpy( p + 19, hash, 48 ); + p[1] += 48; p[14] = 2; p[18] += 48; break; + + case SIG_RSA_SHA512: + memcpy( p, ASN1_HASH_SHA2X, 19 ); + memcpy( p + 19, hash, 64 ); + p[1] += 64; p[14] = 3; p[18] += 64; break; + + default: + return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + } + + return( ( mode == RSA_PUBLIC ) + ? rsa_public( ctx, sig, sig ) + : rsa_private( ctx, sig, sig ) ); +} + +/* + * Do an RSA operation to sign the message digest + */ +int rsa_pkcs1_sign( rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + int hash_id, + unsigned int hashlen, + const unsigned char *hash, + unsigned char *sig ) +{ + switch( ctx->padding ) + { + case RSA_PKCS_V15: + return rsa_rsassa_pkcs1_v15_sign( ctx, mode, hash_id, + hashlen, hash, sig ); + +#if defined(POLARSSL_PKCS1_V21) + case RSA_PKCS_V21: + return rsa_rsassa_pss_sign( ctx, f_rng, p_rng, mode, hash_id, + hashlen, hash, sig ); +#endif + + default: + return( POLARSSL_ERR_RSA_INVALID_PADDING ); + } +} + +#if defined(POLARSSL_PKCS1_V21) +/* + * Implementation of the PKCS#1 v2.1 RSASSA-PSS-VERIFY function + */ +int rsa_rsassa_pss_verify( rsa_context *ctx, + int mode, + int hash_id, + unsigned int hashlen, + const unsigned char *hash, + unsigned char *sig ) +{ + int ret; + size_t siglen; + unsigned char *p; + unsigned char buf[POLARSSL_MPI_MAX_SIZE]; + unsigned char result[POLARSSL_MD_MAX_SIZE]; + unsigned char zeros[8]; + unsigned int hlen; + size_t slen, msb; + const md_info_t *md_info; + md_context_t md_ctx; + + if( ctx->padding != RSA_PKCS_V21 ) + return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + + siglen = ctx->len; + + if( siglen < 16 || siglen > sizeof( buf ) ) + return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + + ret = ( mode == RSA_PUBLIC ) + ? rsa_public( ctx, sig, buf ) + : rsa_private( ctx, sig, buf ); + + if( ret != 0 ) + return( ret ); + + p = buf; + + if( buf[siglen - 1] != 0xBC ) + return( POLARSSL_ERR_RSA_INVALID_PADDING ); + + switch( hash_id ) + { + case SIG_RSA_MD2: + case SIG_RSA_MD4: + case SIG_RSA_MD5: + hashlen = 16; + break; + + case SIG_RSA_SHA1: + hashlen = 20; + break; + + case SIG_RSA_SHA224: + hashlen = 28; + break; + + case SIG_RSA_SHA256: + hashlen = 32; + break; + + case SIG_RSA_SHA384: + hashlen = 48; + break; + + case SIG_RSA_SHA512: + hashlen = 64; + break; + + default: + return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + } + + md_info = md_info_from_type( ctx->hash_id ); + if( md_info == NULL ) + return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + + hlen = md_get_size( md_info ); + slen = siglen - hlen - 1; + + memset( zeros, 0, 8 ); + + // Note: EMSA-PSS verification is over the length of N - 1 bits + // + msb = mpi_msb( &ctx->N ) - 1; + + // Compensate for boundary condition when applying mask + // + if( msb % 8 == 0 ) + { + p++; + siglen -= 1; + } + if( buf[0] >> ( 8 - siglen * 8 + msb ) ) + return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + + md_init_ctx( &md_ctx, md_info ); + + mgf_mask( p, siglen - hlen - 1, p + siglen - hlen - 1, hlen, &md_ctx ); + + buf[0] &= 0xFF >> ( siglen * 8 - msb ); + + while( *p == 0 && p < buf + siglen ) + p++; + + if( p == buf + siglen || + *p++ != 0x01 ) + { + md_free_ctx( &md_ctx ); + return( POLARSSL_ERR_RSA_INVALID_PADDING ); + } + + slen -= p - buf; + + // Generate H = Hash( M' ) + // + md_starts( &md_ctx ); + md_update( &md_ctx, zeros, 8 ); + md_update( &md_ctx, hash, hashlen ); + md_update( &md_ctx, p, slen ); + md_finish( &md_ctx, result ); + + md_free_ctx( &md_ctx ); + + if( memcmp( p + slen, result, hlen ) == 0 ) + return( 0 ); + else + return( POLARSSL_ERR_RSA_VERIFY_FAILED ); +} +#endif /* POLARSSL_PKCS1_V21 */ + +/* + * Implementation of the PKCS#1 v2.1 RSASSA-PKCS1-v1_5-VERIFY function + */ +int rsa_rsassa_pkcs1_v15_verify( rsa_context *ctx, + int mode, + int hash_id, + unsigned int hashlen, + const unsigned char *hash, + unsigned char *sig ) +{ + int ret; + size_t len, siglen; + unsigned char *p, c; + unsigned char buf[POLARSSL_MPI_MAX_SIZE]; + + if( ctx->padding != RSA_PKCS_V15 ) + return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + + siglen = ctx->len; + + if( siglen < 16 || siglen > sizeof( buf ) ) + return( POLARSSL_ERR_RSA_BAD_INPUT_DATA ); + + ret = ( mode == RSA_PUBLIC ) + ? rsa_public( ctx, sig, buf ) + : rsa_private( ctx, sig, buf ); + + if( ret != 0 ) + return( ret ); + + p = buf; + + if( *p++ != 0 || *p++ != RSA_SIGN ) + return( POLARSSL_ERR_RSA_INVALID_PADDING ); + + while( *p != 0 ) + { + if( p >= buf + siglen - 1 || *p != 0xFF ) + return( POLARSSL_ERR_RSA_INVALID_PADDING ); + p++; + } + p++; + + len = siglen - ( p - buf ); + + if( len == 33 && hash_id == SIG_RSA_SHA1 ) + { + if( memcmp( p, ASN1_HASH_SHA1_ALT, 13 ) == 0 && + memcmp( p + 13, hash, 20 ) == 0 ) + return( 0 ); + else + return( POLARSSL_ERR_RSA_VERIFY_FAILED ); + } + if( len == 34 ) + { + c = p[13]; + p[13] = 0; + + if( memcmp( p, ASN1_HASH_MDX, 18 ) != 0 ) + return( POLARSSL_ERR_RSA_VERIFY_FAILED ); + + if( ( c == 2 && hash_id == SIG_RSA_MD2 ) || + ( c == 4 && hash_id == SIG_RSA_MD4 ) || + ( c == 5 && hash_id == SIG_RSA_MD5 ) ) + { + if( memcmp( p + 18, hash, 16 ) == 0 ) + return( 0 ); + else + return( POLARSSL_ERR_RSA_VERIFY_FAILED ); + } + } + + if( len == 35 && hash_id == SIG_RSA_SHA1 ) + { + if( memcmp( p, ASN1_HASH_SHA1, 15 ) == 0 && + memcmp( p + 15, hash, 20 ) == 0 ) + return( 0 ); + else + return( POLARSSL_ERR_RSA_VERIFY_FAILED ); + } + if( ( len == 19 + 28 && p[14] == 4 && hash_id == SIG_RSA_SHA224 ) || + ( len == 19 + 32 && p[14] == 1 && hash_id == SIG_RSA_SHA256 ) || + ( len == 19 + 48 && p[14] == 2 && hash_id == SIG_RSA_SHA384 ) || + ( len == 19 + 64 && p[14] == 3 && hash_id == SIG_RSA_SHA512 ) ) + { + c = p[1] - 17; + p[1] = 17; + p[14] = 0; + + if( p[18] == c && + memcmp( p, ASN1_HASH_SHA2X, 18 ) == 0 && + memcmp( p + 19, hash, c ) == 0 ) + return( 0 ); + else + return( POLARSSL_ERR_RSA_VERIFY_FAILED ); + } + + if( len == hashlen && hash_id == SIG_RSA_RAW ) + { + if( memcmp( p, hash, hashlen ) == 0 ) + return( 0 ); + else + return( POLARSSL_ERR_RSA_VERIFY_FAILED ); + } + + return( POLARSSL_ERR_RSA_INVALID_PADDING ); +} + +/* + * Do an RSA operation and check the message digest + */ +int rsa_pkcs1_verify( rsa_context *ctx, + int mode, + int hash_id, + unsigned int hashlen, + const unsigned char *hash, + unsigned char *sig ) +{ + switch( ctx->padding ) + { + case RSA_PKCS_V15: + return rsa_rsassa_pkcs1_v15_verify( ctx, mode, hash_id, + hashlen, hash, sig ); + +#if defined(POLARSSL_PKCS1_V21) + case RSA_PKCS_V21: + return rsa_rsassa_pss_verify( ctx, mode, hash_id, + hashlen, hash, sig ); +#endif + + default: + return( POLARSSL_ERR_RSA_INVALID_PADDING ); + } +} + +/* + * Free the components of an RSA key + */ +void rsa_free( rsa_context *ctx ) +{ + mpi_free( &ctx->RQ ); mpi_free( &ctx->RP ); mpi_free( &ctx->RN ); + mpi_free( &ctx->QP ); mpi_free( &ctx->DQ ); mpi_free( &ctx->DP ); + mpi_free( &ctx->Q ); mpi_free( &ctx->P ); mpi_free( &ctx->D ); + mpi_free( &ctx->E ); mpi_free( &ctx->N ); +} + +#if defined(POLARSSL_SELF_TEST) + +#include "polarssl/sha1.h" + +/* + * Example RSA-1024 keypair, for test purposes + */ +#define KEY_LEN 128 + +#define RSA_N "9292758453063D803DD603D5E777D788" \ + "8ED1D5BF35786190FA2F23EBC0848AEA" \ + "DDA92CA6C3D80B32C4D109BE0F36D6AE" \ + "7130B9CED7ACDF54CFC7555AC14EEBAB" \ + "93A89813FBF3C4F8066D2D800F7C38A8" \ + "1AE31942917403FF4946B0A83D3D3E05" \ + "EE57C6F5F5606FB5D4BC6CD34EE0801A" \ + "5E94BB77B07507233A0BC7BAC8F90F79" + +#define RSA_E "10001" + +#define RSA_D "24BF6185468786FDD303083D25E64EFC" \ + "66CA472BC44D253102F8B4A9D3BFA750" \ + "91386C0077937FE33FA3252D28855837" \ + "AE1B484A8A9A45F7EE8C0C634F99E8CD" \ + "DF79C5CE07EE72C7F123142198164234" \ + "CABB724CF78B8173B9F880FC86322407" \ + "AF1FEDFDDE2BEB674CA15F3E81A1521E" \ + "071513A1E85B5DFA031F21ECAE91A34D" + +#define RSA_P "C36D0EB7FCD285223CFB5AABA5BDA3D8" \ + "2C01CAD19EA484A87EA4377637E75500" \ + "FCB2005C5C7DD6EC4AC023CDA285D796" \ + "C3D9E75E1EFC42488BB4F1D13AC30A57" + +#define RSA_Q "C000DF51A7C77AE8D7C7370C1FF55B69" \ + "E211C2B9E5DB1ED0BF61D0D9899620F4" \ + "910E4168387E3C30AA1E00C339A79508" \ + "8452DD96A9A5EA5D9DCA68DA636032AF" + +#define RSA_DP "C1ACF567564274FB07A0BBAD5D26E298" \ + "3C94D22288ACD763FD8E5600ED4A702D" \ + "F84198A5F06C2E72236AE490C93F07F8" \ + "3CC559CD27BC2D1CA488811730BB5725" + +#define RSA_DQ "4959CBF6F8FEF750AEE6977C155579C7" \ + "D8AAEA56749EA28623272E4F7D0592AF" \ + "7C1F1313CAC9471B5C523BFE592F517B" \ + "407A1BD76C164B93DA2D32A383E58357" + +#define RSA_QP "9AE7FBC99546432DF71896FC239EADAE" \ + "F38D18D2B2F0E2DD275AA977E2BF4411" \ + "F5A3B2A5D33605AEBBCCBA7FEB9F2D2F" \ + "A74206CEC169D74BF5A8C50D6F48EA08" + +#define PT_LEN 24 +#define RSA_PT "\xAA\xBB\xCC\x03\x02\x01\x00\xFF\xFF\xFF\xFF\xFF" \ + "\x11\x22\x33\x0A\x0B\x0C\xCC\xDD\xDD\xDD\xDD\xDD" + +static int myrand( void *rng_state, unsigned char *output, size_t len ) +{ + size_t i; + + if( rng_state != NULL ) + rng_state = NULL; + + for( i = 0; i < len; ++i ) + output[i] = rand(); + + return( 0 ); +} + +/* + * Checkup routine + */ +int rsa_self_test( int verbose ) +{ + size_t len; + rsa_context rsa; + unsigned char rsa_plaintext[PT_LEN]; + unsigned char rsa_decrypted[PT_LEN]; + unsigned char rsa_ciphertext[KEY_LEN]; +#if defined(POLARSSL_SHA1_C) + unsigned char sha1sum[20]; +#endif + + rsa_init( &rsa, RSA_PKCS_V15, 0 ); + + rsa.len = KEY_LEN; + mpi_read_string( &rsa.N , 16, RSA_N ); + mpi_read_string( &rsa.E , 16, RSA_E ); + mpi_read_string( &rsa.D , 16, RSA_D ); + mpi_read_string( &rsa.P , 16, RSA_P ); + mpi_read_string( &rsa.Q , 16, RSA_Q ); + mpi_read_string( &rsa.DP, 16, RSA_DP ); + mpi_read_string( &rsa.DQ, 16, RSA_DQ ); + mpi_read_string( &rsa.QP, 16, RSA_QP ); + + if( verbose != 0 ) + printf( " RSA key validation: " ); + + if( rsa_check_pubkey( &rsa ) != 0 || + rsa_check_privkey( &rsa ) != 0 ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( 1 ); + } + + if( verbose != 0 ) + printf( "passed\n PKCS#1 encryption : " ); + + memcpy( rsa_plaintext, RSA_PT, PT_LEN ); + + if( rsa_pkcs1_encrypt( &rsa, &myrand, NULL, RSA_PUBLIC, PT_LEN, + rsa_plaintext, rsa_ciphertext ) != 0 ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( 1 ); + } + + if( verbose != 0 ) + printf( "passed\n PKCS#1 decryption : " ); + + if( rsa_pkcs1_decrypt( &rsa, RSA_PRIVATE, &len, + rsa_ciphertext, rsa_decrypted, + sizeof(rsa_decrypted) ) != 0 ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( 1 ); + } + + if( memcmp( rsa_decrypted, rsa_plaintext, len ) != 0 ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( 1 ); + } + +#if defined(POLARSSL_SHA1_C) + if( verbose != 0 ) + printf( "passed\n PKCS#1 data sign : " ); + + sha1( rsa_plaintext, PT_LEN, sha1sum ); + + if( rsa_pkcs1_sign( &rsa, NULL, NULL, RSA_PRIVATE, SIG_RSA_SHA1, 20, + sha1sum, rsa_ciphertext ) != 0 ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( 1 ); + } + + if( verbose != 0 ) + printf( "passed\n PKCS#1 sig. verify: " ); + + if( rsa_pkcs1_verify( &rsa, RSA_PUBLIC, SIG_RSA_SHA1, 20, + sha1sum, rsa_ciphertext ) != 0 ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( 1 ); + } + + if( verbose != 0 ) + printf( "passed\n\n" ); +#endif /* POLARSSL_SHA1_C */ + + rsa_free( &rsa ); + + return( 0 ); +} + +#endif + +#endif diff --git a/polarssl/rsa.h b/polarssl/rsa.h new file mode 100644 index 0000000..2424cc1 --- /dev/null +++ b/polarssl/rsa.h @@ -0,0 +1,597 @@ +/** + * \file rsa.h + * + * \brief The RSA public-key cryptosystem + * + * Copyright (C) 2006-2010, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef POLARSSL_RSA_H +#define POLARSSL_RSA_H + +#include "polarssl/bignum.h" + +/* + * RSA Error codes + */ +#define POLARSSL_ERR_RSA_BAD_INPUT_DATA -0x4080 /**< Bad input parameters to function. */ +#define POLARSSL_ERR_RSA_INVALID_PADDING -0x4100 /**< Input data contains invalid padding and is rejected. */ +#define POLARSSL_ERR_RSA_KEY_GEN_FAILED -0x4180 /**< Something failed during generation of a key. */ +#define POLARSSL_ERR_RSA_KEY_CHECK_FAILED -0x4200 /**< Key failed to pass the libraries validity check. */ +#define POLARSSL_ERR_RSA_PUBLIC_FAILED -0x4280 /**< The public key operation failed. */ +#define POLARSSL_ERR_RSA_PRIVATE_FAILED -0x4300 /**< The private key operation failed. */ +#define POLARSSL_ERR_RSA_VERIFY_FAILED -0x4380 /**< The PKCS#1 verification failed. */ +#define POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE -0x4400 /**< The output buffer for decryption is not large enough. */ +#define POLARSSL_ERR_RSA_RNG_FAILED -0x4480 /**< The random generator failed to generate non-zeros. */ + +/* + * PKCS#1 constants + */ +#define SIG_RSA_RAW 0 +#define SIG_RSA_MD2 2 +#define SIG_RSA_MD4 3 +#define SIG_RSA_MD5 4 +#define SIG_RSA_SHA1 5 +#define SIG_RSA_SHA224 14 +#define SIG_RSA_SHA256 11 +#define SIG_RSA_SHA384 12 +#define SIG_RSA_SHA512 13 + +#define RSA_PUBLIC 0 +#define RSA_PRIVATE 1 + +#define RSA_PKCS_V15 0 +#define RSA_PKCS_V21 1 + +#define RSA_SIGN 1 +#define RSA_CRYPT 2 + +#define ASN1_STR_CONSTRUCTED_SEQUENCE "\x30" +#define ASN1_STR_NULL "\x05" +#define ASN1_STR_OID "\x06" +#define ASN1_STR_OCTET_STRING "\x04" + +#define OID_DIGEST_ALG_MDX "\x2A\x86\x48\x86\xF7\x0D\x02\x00" +#define OID_HASH_ALG_SHA1 "\x2b\x0e\x03\x02\x1a" +#define OID_HASH_ALG_SHA2X "\x60\x86\x48\x01\x65\x03\x04\x02\x00" + +#define OID_ISO_MEMBER_BODIES "\x2a" +#define OID_ISO_IDENTIFIED_ORG "\x2b" + +/* + * ISO Member bodies OID parts + */ +#define OID_COUNTRY_US "\x86\x48" +#define OID_RSA_DATA_SECURITY "\x86\xf7\x0d" + +/* + * ISO Identified organization OID parts + */ +#define OID_OIW_SECSIG_SHA1 "\x0e\x03\x02\x1a" + +/* + * DigestInfo ::= SEQUENCE { + * digestAlgorithm DigestAlgorithmIdentifier, + * digest Digest } + * + * DigestAlgorithmIdentifier ::= AlgorithmIdentifier + * + * Digest ::= OCTET STRING + */ +#define ASN1_HASH_MDX \ +( \ + ASN1_STR_CONSTRUCTED_SEQUENCE "\x20" \ + ASN1_STR_CONSTRUCTED_SEQUENCE "\x0C" \ + ASN1_STR_OID "\x08" \ + OID_DIGEST_ALG_MDX \ + ASN1_STR_NULL "\x00" \ + ASN1_STR_OCTET_STRING "\x10" \ +) + +#define ASN1_HASH_SHA1 \ + ASN1_STR_CONSTRUCTED_SEQUENCE "\x21" \ + ASN1_STR_CONSTRUCTED_SEQUENCE "\x09" \ + ASN1_STR_OID "\x05" \ + OID_HASH_ALG_SHA1 \ + ASN1_STR_NULL "\x00" \ + ASN1_STR_OCTET_STRING "\x14" + +#define ASN1_HASH_SHA1_ALT \ + ASN1_STR_CONSTRUCTED_SEQUENCE "\x1F" \ + ASN1_STR_CONSTRUCTED_SEQUENCE "\x07" \ + ASN1_STR_OID "\x05" \ + OID_HASH_ALG_SHA1 \ + ASN1_STR_OCTET_STRING "\x14" + +#define ASN1_HASH_SHA2X \ + ASN1_STR_CONSTRUCTED_SEQUENCE "\x11" \ + ASN1_STR_CONSTRUCTED_SEQUENCE "\x0d" \ + ASN1_STR_OID "\x09" \ + OID_HASH_ALG_SHA2X \ + ASN1_STR_NULL "\x00" \ + ASN1_STR_OCTET_STRING "\x00" + +/** + * \brief RSA context structure + */ +typedef struct +{ + int ver; /*!< always 0 */ + size_t len; /*!< size(N) in chars */ + + mpi N; /*!< public modulus */ + mpi E; /*!< public exponent */ + + mpi D; /*!< private exponent */ + mpi P; /*!< 1st prime factor */ + mpi Q; /*!< 2nd prime factor */ + mpi DP; /*!< D % (P - 1) */ + mpi DQ; /*!< D % (Q - 1) */ + mpi QP; /*!< 1 / (Q % P) */ + + mpi RN; /*!< cached R^2 mod N */ + mpi RP; /*!< cached R^2 mod P */ + mpi RQ; /*!< cached R^2 mod Q */ + + int padding; /*!< RSA_PKCS_V15 for 1.5 padding and + RSA_PKCS_v21 for OAEP/PSS */ + int hash_id; /*!< Hash identifier of md_type_t as + specified in the md.h header file + for the EME-OAEP and EMSA-PSS + encoding */ +} +rsa_context; + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief Initialize an RSA context + * + * Note: Set padding to RSA_PKCS_V21 for the RSAES-OAEP + * encryption scheme and the RSASSA-PSS signature scheme. + * + * \param ctx RSA context to be initialized + * \param padding RSA_PKCS_V15 or RSA_PKCS_V21 + * \param hash_id RSA_PKCS_V21 hash identifier + * + * \note The hash_id parameter is actually ignored + * when using RSA_PKCS_V15 padding. + */ +void rsa_init( rsa_context *ctx, + int padding, + int hash_id); + +/** + * \brief Generate an RSA keypair + * + * \param ctx RSA context that will hold the key + * \param f_rng RNG function + * \param p_rng RNG parameter + * \param nbits size of the public key in bits + * \param exponent public exponent (e.g., 65537) + * + * \note rsa_init() must be called beforehand to setup + * the RSA context. + * + * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code + */ +int rsa_gen_key( rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + unsigned int nbits, int exponent ); + +/** + * \brief Check a public RSA key + * + * \param ctx RSA context to be checked + * + * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code + */ +int rsa_check_pubkey( const rsa_context *ctx ); + +/** + * \brief Check a private RSA key + * + * \param ctx RSA context to be checked + * + * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code + */ +int rsa_check_privkey( const rsa_context *ctx ); + +/** + * \brief Do an RSA public key operation + * + * \param ctx RSA context + * \param input input buffer + * \param output output buffer + * + * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code + * + * \note This function does NOT take care of message + * padding. Also, be sure to set input[0] = 0 or assure that + * input is smaller than N. + * + * \note The input and output buffers must be large + * enough (eg. 128 bytes if RSA-1024 is used). + */ +int rsa_public( rsa_context *ctx, + const unsigned char *input, + unsigned char *output ); + +/** + * \brief Do an RSA private key operation + * + * \param ctx RSA context + * \param input input buffer + * \param output output buffer + * + * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code + * + * \note The input and output buffers must be large + * enough (eg. 128 bytes if RSA-1024 is used). + */ +int rsa_private( rsa_context *ctx, + const unsigned char *input, + unsigned char *output ); + +/** + * \brief Generic wrapper to perform a PKCS#1 encryption using the + * mode from the context. Add the message padding, then do an + * RSA operation. + * + * \param ctx RSA context + * \param f_rng RNG function (Needed for padding and PKCS#1 v2.1 encoding) + * \param p_rng RNG parameter + * \param mode RSA_PUBLIC or RSA_PRIVATE + * \param ilen contains the plaintext length + * \param input buffer holding the data to be encrypted + * \param output buffer that will hold the ciphertext + * + * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code + * + * \note The output buffer must be as large as the size + * of ctx->N (eg. 128 bytes if RSA-1024 is used). + */ +int rsa_pkcs1_encrypt( rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, size_t ilen, + const unsigned char *input, + unsigned char *output ); + +/** + * \brief Perform a PKCS#1 v1.5 encryption (RSAES-PKCS1-v1_5-ENCRYPT) + * + * \param ctx RSA context + * \param f_rng RNG function (Needed for padding) + * \param p_rng RNG parameter + * \param mode RSA_PUBLIC or RSA_PRIVATE + * \param ilen contains the plaintext length + * \param input buffer holding the data to be encrypted + * \param output buffer that will hold the ciphertext + * + * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code + * + * \note The output buffer must be as large as the size + * of ctx->N (eg. 128 bytes if RSA-1024 is used). + */ +int rsa_rsaes_pkcs1_v15_encrypt( rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, size_t ilen, + const unsigned char *input, + unsigned char *output ); + +/** + * \brief Perform a PKCS#1 v2.1 OAEP encryption (RSAES-OAEP-ENCRYPT) + * + * \param ctx RSA context + * \param f_rng RNG function (Needed for padding and PKCS#1 v2.1 encoding) + * \param p_rng RNG parameter + * \param mode RSA_PUBLIC or RSA_PRIVATE + * \param label buffer holding the custom label to use + * \param label_len contains the label length + * \param ilen contains the plaintext length + * \param input buffer holding the data to be encrypted + * \param output buffer that will hold the ciphertext + * + * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code + * + * \note The output buffer must be as large as the size + * of ctx->N (eg. 128 bytes if RSA-1024 is used). + */ +int rsa_rsaes_oaep_encrypt( rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + const unsigned char *label, size_t label_len, + size_t ilen, + const unsigned char *input, + unsigned char *output ); + +/** + * \brief Generic wrapper to perform a PKCS#1 decryption using the + * mode from the context. Do an RSA operation, then remove + * the message padding + * + * \param ctx RSA context + * \param mode RSA_PUBLIC or RSA_PRIVATE + * \param olen will contain the plaintext length + * \param input buffer holding the encrypted data + * \param output buffer that will hold the plaintext + * \param output_max_len maximum length of the output buffer + * + * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code + * + * \note The output buffer must be as large as the size + * of ctx->N (eg. 128 bytes if RSA-1024 is used) otherwise + * an error is thrown. + */ +int rsa_pkcs1_decrypt( rsa_context *ctx, + int mode, size_t *olen, + const unsigned char *input, + unsigned char *output, + size_t output_max_len ); + +/** + * \brief Perform a PKCS#1 v1.5 decryption (RSAES-PKCS1-v1_5-DECRYPT) + * + * \param ctx RSA context + * \param mode RSA_PUBLIC or RSA_PRIVATE + * \param olen will contain the plaintext length + * \param input buffer holding the encrypted data + * \param output buffer that will hold the plaintext + * \param output_max_len maximum length of the output buffer + * + * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code + * + * \note The output buffer must be as large as the size + * of ctx->N (eg. 128 bytes if RSA-1024 is used) otherwise + * an error is thrown. + */ +int rsa_rsaes_pkcs1_v15_decrypt( rsa_context *ctx, + int mode, size_t *olen, + const unsigned char *input, + unsigned char *output, + size_t output_max_len ); + +/** + * \brief Perform a PKCS#1 v2.1 OAEP decryption (RSAES-OAEP-DECRYPT) + * + * \param ctx RSA context + * \param mode RSA_PUBLIC or RSA_PRIVATE + * \param label buffer holding the custom label to use + * \param label_len contains the label length + * \param olen will contain the plaintext length + * \param input buffer holding the encrypted data + * \param output buffer that will hold the plaintext + * \param output_max_len maximum length of the output buffer + * + * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code + * + * \note The output buffer must be as large as the size + * of ctx->N (eg. 128 bytes if RSA-1024 is used) otherwise + * an error is thrown. + */ +int rsa_rsaes_oaep_decrypt( rsa_context *ctx, + int mode, + const unsigned char *label, size_t label_len, + size_t *olen, + const unsigned char *input, + unsigned char *output, + size_t output_max_len ); + +/** + * \brief Generic wrapper to perform a PKCS#1 signature using the + * mode from the context. Do a private RSA operation to sign + * a message digest + * + * \param ctx RSA context + * \param f_rng RNG function (Needed for PKCS#1 v2.1 encoding) + * \param p_rng RNG parameter + * \param mode RSA_PUBLIC or RSA_PRIVATE + * \param hash_id SIG_RSA_RAW, SIG_RSA_MD{2,4,5} or SIG_RSA_SHA{1,224,256,384,512} + * \param hashlen message digest length (for SIG_RSA_RAW only) + * \param hash buffer holding the message digest + * \param sig buffer that will hold the ciphertext + * + * \return 0 if the signing operation was successful, + * or an POLARSSL_ERR_RSA_XXX error code + * + * \note The "sig" buffer must be as large as the size + * of ctx->N (eg. 128 bytes if RSA-1024 is used). + * + * \note In case of PKCS#1 v2.1 encoding keep in mind that + * the hash_id in the RSA context is the one used for the + * encoding. hash_id in the function call is the type of hash + * that is encoded. According to RFC 3447 it is advised to + * keep both hashes the same. + */ +int rsa_pkcs1_sign( rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + int hash_id, + unsigned int hashlen, + const unsigned char *hash, + unsigned char *sig ); + +/** + * \brief Perform a PKCS#1 v1.5 signature (RSASSA-PKCS1-v1_5-SIGN) + * + * \param ctx RSA context + * \param mode RSA_PUBLIC or RSA_PRIVATE + * \param hash_id SIG_RSA_RAW, SIG_RSA_MD{2,4,5} or SIG_RSA_SHA{1,224,256,384,512} + * \param hashlen message digest length (for SIG_RSA_RAW only) + * \param hash buffer holding the message digest + * \param sig buffer that will hold the ciphertext + * + * \return 0 if the signing operation was successful, + * or an POLARSSL_ERR_RSA_XXX error code + * + * \note The "sig" buffer must be as large as the size + * of ctx->N (eg. 128 bytes if RSA-1024 is used). + */ +int rsa_rsassa_pkcs1_v15_sign( rsa_context *ctx, + int mode, + int hash_id, + unsigned int hashlen, + const unsigned char *hash, + unsigned char *sig ); + +/** + * \brief Perform a PKCS#1 v2.1 PSS signature (RSASSA-PSS-SIGN) + * + * \param ctx RSA context + * \param f_rng RNG function (Needed for PKCS#1 v2.1 encoding) + * \param p_rng RNG parameter + * \param mode RSA_PUBLIC or RSA_PRIVATE + * \param hash_id SIG_RSA_RAW, SIG_RSA_MD{2,4,5} or SIG_RSA_SHA{1,224,256,384,512} + * \param hashlen message digest length (for SIG_RSA_RAW only) + * \param hash buffer holding the message digest + * \param sig buffer that will hold the ciphertext + * + * \return 0 if the signing operation was successful, + * or an POLARSSL_ERR_RSA_XXX error code + * + * \note The "sig" buffer must be as large as the size + * of ctx->N (eg. 128 bytes if RSA-1024 is used). + * + * \note In case of PKCS#1 v2.1 encoding keep in mind that + * the hash_id in the RSA context is the one used for the + * encoding. hash_id in the function call is the type of hash + * that is encoded. According to RFC 3447 it is advised to + * keep both hashes the same. + */ +int rsa_rsassa_pss_sign( rsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + int mode, + int hash_id, + unsigned int hashlen, + const unsigned char *hash, + unsigned char *sig ); + +/** + * \brief Generic wrapper to perform a PKCS#1 verification using the + * mode from the context. Do a public RSA operation and check + * the message digest + * + * \param ctx points to an RSA public key + * \param mode RSA_PUBLIC or RSA_PRIVATE + * \param hash_id SIG_RSA_RAW, SIG_RSA_MD{2,4,5} or SIG_RSA_SHA{1,224,256,384,512} + * \param hashlen message digest length (for SIG_RSA_RAW only) + * \param hash buffer holding the message digest + * \param sig buffer holding the ciphertext + * + * \return 0 if the verify operation was successful, + * or an POLARSSL_ERR_RSA_XXX error code + * + * \note The "sig" buffer must be as large as the size + * of ctx->N (eg. 128 bytes if RSA-1024 is used). + * + * \note In case of PKCS#1 v2.1 encoding keep in mind that + * the hash_id in the RSA context is the one used for the + * verification. hash_id in the function call is the type of hash + * that is verified. According to RFC 3447 it is advised to + * keep both hashes the same. + */ +int rsa_pkcs1_verify( rsa_context *ctx, + int mode, + int hash_id, + unsigned int hashlen, + const unsigned char *hash, + unsigned char *sig ); + +/** + * \brief Perform a PKCS#1 v1.5 verification (RSASSA-PKCS1-v1_5-VERIFY) + * + * \param ctx points to an RSA public key + * \param mode RSA_PUBLIC or RSA_PRIVATE + * \param hash_id SIG_RSA_RAW, SIG_RSA_MD{2,4,5} or SIG_RSA_SHA{1,224,256,384,512} + * \param hashlen message digest length (for SIG_RSA_RAW only) + * \param hash buffer holding the message digest + * \param sig buffer holding the ciphertext + * + * \return 0 if the verify operation was successful, + * or an POLARSSL_ERR_RSA_XXX error code + * + * \note The "sig" buffer must be as large as the size + * of ctx->N (eg. 128 bytes if RSA-1024 is used). + */ +int rsa_rsassa_pkcs1_v15_verify( rsa_context *ctx, + int mode, + int hash_id, + unsigned int hashlen, + const unsigned char *hash, + unsigned char *sig ); + +/** + * \brief Perform a PKCS#1 v2.1 PSS verification (RSASSA-PSS-VERIFY) + * \brief Do a public RSA and check the message digest + * + * \param ctx points to an RSA public key + * \param mode RSA_PUBLIC or RSA_PRIVATE + * \param hash_id SIG_RSA_RAW, SIG_RSA_MD{2,4,5} or SIG_RSA_SHA{1,224,256,384,512} + * \param hashlen message digest length (for SIG_RSA_RAW only) + * \param hash buffer holding the message digest + * \param sig buffer holding the ciphertext + * + * \return 0 if the verify operation was successful, + * or an POLARSSL_ERR_RSA_XXX error code + * + * \note The "sig" buffer must be as large as the size + * of ctx->N (eg. 128 bytes if RSA-1024 is used). + * + * \note In case of PKCS#1 v2.1 encoding keep in mind that + * the hash_id in the RSA context is the one used for the + * verification. hash_id in the function call is the type of hash + * that is verified. According to RFC 3447 it is advised to + * keep both hashes the same. + */ +int rsa_rsassa_pss_verify( rsa_context *ctx, + int mode, + int hash_id, + unsigned int hashlen, + const unsigned char *hash, + unsigned char *sig ); + +/** + * \brief Free the components of an RSA key + * + * \param ctx RSA Context to free + */ +void rsa_free( rsa_context *ctx ); + +/** + * \brief Checkup routine + * + * \return 0 if successful, or 1 if the test failed + */ +int rsa_self_test( int verbose ); + +#ifdef __cplusplus +} +#endif + +#endif /* rsa.h */ diff --git a/polarssl/sha1.c b/polarssl/sha1.c new file mode 100644 index 0000000..b301b09 --- /dev/null +++ b/polarssl/sha1.c @@ -0,0 +1,624 @@ +/* + * FIPS-180-1 compliant SHA-1 implementation + * + * Copyright (C) 2006-2013, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +/* + * The SHA-1 standard was published by NIST in 1993. + * + * http://www.itl.nist.gov/fipspubs/fip180-1.htm + */ + +#include "polarssl/config.h" + +#if defined(POLARSSL_SHA1_C) + +#include "polarssl/sha1.h" + +#if defined(POLARSSL_FS_IO) || defined(POLARSSL_SELF_TEST) +#include +#endif + +#if !defined(POLARSSL_SHA1_ALT) + +/* + * 32-bit integer manipulation macros (big endian) + */ +#ifndef GET_UINT32_BE +#define GET_UINT32_BE(n,b,i) \ +{ \ + (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ + | ( (uint32_t) (b)[(i) + 1] << 16 ) \ + | ( (uint32_t) (b)[(i) + 2] << 8 ) \ + | ( (uint32_t) (b)[(i) + 3] ); \ +} +#endif + +#ifndef PUT_UINT32_BE +#define PUT_UINT32_BE(n,b,i) \ +{ \ + (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ + (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ + (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ + (b)[(i) + 3] = (unsigned char) ( (n) ); \ +} +#endif + +/* + * SHA-1 context setup + */ +void sha1_starts( sha1_context *ctx ) +{ + ctx->total[0] = 0; + ctx->total[1] = 0; + + ctx->state[0] = 0x67452301; + ctx->state[1] = 0xEFCDAB89; + ctx->state[2] = 0x98BADCFE; + ctx->state[3] = 0x10325476; + ctx->state[4] = 0xC3D2E1F0; +} + +void sha1_process( sha1_context *ctx, const unsigned char data[64] ) +{ + uint32_t temp, W[16], A, B, C, D, E; + + GET_UINT32_BE( W[ 0], data, 0 ); + GET_UINT32_BE( W[ 1], data, 4 ); + GET_UINT32_BE( W[ 2], data, 8 ); + GET_UINT32_BE( W[ 3], data, 12 ); + GET_UINT32_BE( W[ 4], data, 16 ); + GET_UINT32_BE( W[ 5], data, 20 ); + GET_UINT32_BE( W[ 6], data, 24 ); + GET_UINT32_BE( W[ 7], data, 28 ); + GET_UINT32_BE( W[ 8], data, 32 ); + GET_UINT32_BE( W[ 9], data, 36 ); + GET_UINT32_BE( W[10], data, 40 ); + GET_UINT32_BE( W[11], data, 44 ); + GET_UINT32_BE( W[12], data, 48 ); + GET_UINT32_BE( W[13], data, 52 ); + GET_UINT32_BE( W[14], data, 56 ); + GET_UINT32_BE( W[15], data, 60 ); + +#define S(x,n) ((x << n) | ((x & 0xFFFFFFFF) >> (32 - n))) + +#define R(t) \ +( \ + temp = W[(t - 3) & 0x0F] ^ W[(t - 8) & 0x0F] ^ \ + W[(t - 14) & 0x0F] ^ W[ t & 0x0F], \ + ( W[t & 0x0F] = S(temp,1) ) \ +) + +#define P(a,b,c,d,e,x) \ +{ \ + e += S(a,5) + F(b,c,d) + K + x; b = S(b,30); \ +} + + A = ctx->state[0]; + B = ctx->state[1]; + C = ctx->state[2]; + D = ctx->state[3]; + E = ctx->state[4]; + +#define F(x,y,z) (z ^ (x & (y ^ z))) +#define K 0x5A827999 + + P( A, B, C, D, E, W[0] ); + P( E, A, B, C, D, W[1] ); + P( D, E, A, B, C, W[2] ); + P( C, D, E, A, B, W[3] ); + P( B, C, D, E, A, W[4] ); + P( A, B, C, D, E, W[5] ); + P( E, A, B, C, D, W[6] ); + P( D, E, A, B, C, W[7] ); + P( C, D, E, A, B, W[8] ); + P( B, C, D, E, A, W[9] ); + P( A, B, C, D, E, W[10] ); + P( E, A, B, C, D, W[11] ); + P( D, E, A, B, C, W[12] ); + P( C, D, E, A, B, W[13] ); + P( B, C, D, E, A, W[14] ); + P( A, B, C, D, E, W[15] ); + P( E, A, B, C, D, R(16) ); + P( D, E, A, B, C, R(17) ); + P( C, D, E, A, B, R(18) ); + P( B, C, D, E, A, R(19) ); + +#undef K +#undef F + +#define F(x,y,z) (x ^ y ^ z) +#define K 0x6ED9EBA1 + + P( A, B, C, D, E, R(20) ); + P( E, A, B, C, D, R(21) ); + P( D, E, A, B, C, R(22) ); + P( C, D, E, A, B, R(23) ); + P( B, C, D, E, A, R(24) ); + P( A, B, C, D, E, R(25) ); + P( E, A, B, C, D, R(26) ); + P( D, E, A, B, C, R(27) ); + P( C, D, E, A, B, R(28) ); + P( B, C, D, E, A, R(29) ); + P( A, B, C, D, E, R(30) ); + P( E, A, B, C, D, R(31) ); + P( D, E, A, B, C, R(32) ); + P( C, D, E, A, B, R(33) ); + P( B, C, D, E, A, R(34) ); + P( A, B, C, D, E, R(35) ); + P( E, A, B, C, D, R(36) ); + P( D, E, A, B, C, R(37) ); + P( C, D, E, A, B, R(38) ); + P( B, C, D, E, A, R(39) ); + +#undef K +#undef F + +#define F(x,y,z) ((x & y) | (z & (x | y))) +#define K 0x8F1BBCDC + + P( A, B, C, D, E, R(40) ); + P( E, A, B, C, D, R(41) ); + P( D, E, A, B, C, R(42) ); + P( C, D, E, A, B, R(43) ); + P( B, C, D, E, A, R(44) ); + P( A, B, C, D, E, R(45) ); + P( E, A, B, C, D, R(46) ); + P( D, E, A, B, C, R(47) ); + P( C, D, E, A, B, R(48) ); + P( B, C, D, E, A, R(49) ); + P( A, B, C, D, E, R(50) ); + P( E, A, B, C, D, R(51) ); + P( D, E, A, B, C, R(52) ); + P( C, D, E, A, B, R(53) ); + P( B, C, D, E, A, R(54) ); + P( A, B, C, D, E, R(55) ); + P( E, A, B, C, D, R(56) ); + P( D, E, A, B, C, R(57) ); + P( C, D, E, A, B, R(58) ); + P( B, C, D, E, A, R(59) ); + +#undef K +#undef F + +#define F(x,y,z) (x ^ y ^ z) +#define K 0xCA62C1D6 + + P( A, B, C, D, E, R(60) ); + P( E, A, B, C, D, R(61) ); + P( D, E, A, B, C, R(62) ); + P( C, D, E, A, B, R(63) ); + P( B, C, D, E, A, R(64) ); + P( A, B, C, D, E, R(65) ); + P( E, A, B, C, D, R(66) ); + P( D, E, A, B, C, R(67) ); + P( C, D, E, A, B, R(68) ); + P( B, C, D, E, A, R(69) ); + P( A, B, C, D, E, R(70) ); + P( E, A, B, C, D, R(71) ); + P( D, E, A, B, C, R(72) ); + P( C, D, E, A, B, R(73) ); + P( B, C, D, E, A, R(74) ); + P( A, B, C, D, E, R(75) ); + P( E, A, B, C, D, R(76) ); + P( D, E, A, B, C, R(77) ); + P( C, D, E, A, B, R(78) ); + P( B, C, D, E, A, R(79) ); + +#undef K +#undef F + + ctx->state[0] += A; + ctx->state[1] += B; + ctx->state[2] += C; + ctx->state[3] += D; + ctx->state[4] += E; +} + +/* + * SHA-1 process buffer + */ +void sha1_update( sha1_context *ctx, const unsigned char *input, size_t ilen ) +{ + size_t fill; + uint32_t left; + + if( ilen <= 0 ) + return; + + left = ctx->total[0] & 0x3F; + fill = 64 - left; + + ctx->total[0] += (uint32_t) ilen; + ctx->total[0] &= 0xFFFFFFFF; + + if( ctx->total[0] < (uint32_t) ilen ) + ctx->total[1]++; + + if( left && ilen >= fill ) + { + memcpy( (void *) (ctx->buffer + left), input, fill ); + sha1_process( ctx, ctx->buffer ); + input += fill; + ilen -= fill; + left = 0; + } + + while( ilen >= 64 ) + { + sha1_process( ctx, input ); + input += 64; + ilen -= 64; + } + + if( ilen > 0 ) + memcpy( (void *) (ctx->buffer + left), input, ilen ); +} + +static const unsigned char sha1_padding[64] = +{ + 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 +}; + +/* + * SHA-1 final digest + */ +void sha1_finish( sha1_context *ctx, unsigned char output[20] ) +{ + uint32_t last, padn; + uint32_t high, low; + unsigned char msglen[8]; + + high = ( ctx->total[0] >> 29 ) + | ( ctx->total[1] << 3 ); + low = ( ctx->total[0] << 3 ); + + PUT_UINT32_BE( high, msglen, 0 ); + PUT_UINT32_BE( low, msglen, 4 ); + + last = ctx->total[0] & 0x3F; + padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last ); + + sha1_update( ctx, sha1_padding, padn ); + sha1_update( ctx, msglen, 8 ); + + PUT_UINT32_BE( ctx->state[0], output, 0 ); + PUT_UINT32_BE( ctx->state[1], output, 4 ); + PUT_UINT32_BE( ctx->state[2], output, 8 ); + PUT_UINT32_BE( ctx->state[3], output, 12 ); + PUT_UINT32_BE( ctx->state[4], output, 16 ); +} + +#endif /* !POLARSSL_SHA1_ALT */ + +/* + * output = SHA-1( input buffer ) + */ +void sha1( const unsigned char *input, size_t ilen, unsigned char output[20] ) +{ + sha1_context ctx; + + sha1_starts( &ctx ); + sha1_update( &ctx, input, ilen ); + sha1_finish( &ctx, output ); + + memset( &ctx, 0, sizeof( sha1_context ) ); +} + +#if defined(POLARSSL_FS_IO) +/* + * output = SHA-1( file contents ) + */ +int sha1_file( const char *path, unsigned char output[20] ) +{ + FILE *f; + size_t n; + sha1_context ctx; + unsigned char buf[1024]; + + if( ( f = fopen( path, "rb" ) ) == NULL ) + return( POLARSSL_ERR_SHA1_FILE_IO_ERROR ); + + sha1_starts( &ctx ); + + while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 ) + sha1_update( &ctx, buf, n ); + + sha1_finish( &ctx, output ); + + memset( &ctx, 0, sizeof( sha1_context ) ); + + if( ferror( f ) != 0 ) + { + fclose( f ); + return( POLARSSL_ERR_SHA1_FILE_IO_ERROR ); + } + + fclose( f ); + return( 0 ); +} +#endif /* POLARSSL_FS_IO */ + +/* + * SHA-1 HMAC context setup + */ +void sha1_hmac_starts( sha1_context *ctx, const unsigned char *key, size_t keylen ) +{ + size_t i; + unsigned char sum[20]; + + if( keylen > 64 ) + { + sha1( key, keylen, sum ); + keylen = 20; + key = sum; + } + + memset( ctx->ipad, 0x36, 64 ); + memset( ctx->opad, 0x5C, 64 ); + + for( i = 0; i < keylen; i++ ) + { + ctx->ipad[i] = (unsigned char)( ctx->ipad[i] ^ key[i] ); + ctx->opad[i] = (unsigned char)( ctx->opad[i] ^ key[i] ); + } + + sha1_starts( ctx ); + sha1_update( ctx, ctx->ipad, 64 ); + + memset( sum, 0, sizeof( sum ) ); +} + +/* + * SHA-1 HMAC process buffer + */ +void sha1_hmac_update( sha1_context *ctx, const unsigned char *input, size_t ilen ) +{ + sha1_update( ctx, input, ilen ); +} + +/* + * SHA-1 HMAC final digest + */ +void sha1_hmac_finish( sha1_context *ctx, unsigned char output[20] ) +{ + unsigned char tmpbuf[20]; + + sha1_finish( ctx, tmpbuf ); + sha1_starts( ctx ); + sha1_update( ctx, ctx->opad, 64 ); + sha1_update( ctx, tmpbuf, 20 ); + sha1_finish( ctx, output ); + + memset( tmpbuf, 0, sizeof( tmpbuf ) ); +} + +/* + * SHA1 HMAC context reset + */ +void sha1_hmac_reset( sha1_context *ctx ) +{ + sha1_starts( ctx ); + sha1_update( ctx, ctx->ipad, 64 ); +} + +/* + * output = HMAC-SHA-1( hmac key, input buffer ) + */ +void sha1_hmac( const unsigned char *key, size_t keylen, + const unsigned char *input, size_t ilen, + unsigned char output[20] ) +{ + sha1_context ctx; + + sha1_hmac_starts( &ctx, key, keylen ); + sha1_hmac_update( &ctx, input, ilen ); + sha1_hmac_finish( &ctx, output ); + + memset( &ctx, 0, sizeof( sha1_context ) ); +} + +#if defined(POLARSSL_SELF_TEST) +/* + * FIPS-180-1 test vectors + */ +static unsigned char sha1_test_buf[3][57] = +{ + { "abc" }, + { "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" }, + { "" } +}; + +static const int sha1_test_buflen[3] = +{ + 3, 56, 1000 +}; + +static const unsigned char sha1_test_sum[3][20] = +{ + { 0xA9, 0x99, 0x3E, 0x36, 0x47, 0x06, 0x81, 0x6A, 0xBA, 0x3E, + 0x25, 0x71, 0x78, 0x50, 0xC2, 0x6C, 0x9C, 0xD0, 0xD8, 0x9D }, + { 0x84, 0x98, 0x3E, 0x44, 0x1C, 0x3B, 0xD2, 0x6E, 0xBA, 0xAE, + 0x4A, 0xA1, 0xF9, 0x51, 0x29, 0xE5, 0xE5, 0x46, 0x70, 0xF1 }, + { 0x34, 0xAA, 0x97, 0x3C, 0xD4, 0xC4, 0xDA, 0xA4, 0xF6, 0x1E, + 0xEB, 0x2B, 0xDB, 0xAD, 0x27, 0x31, 0x65, 0x34, 0x01, 0x6F } +}; + +/* + * RFC 2202 test vectors + */ +static unsigned char sha1_hmac_test_key[7][26] = +{ + { "\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B" + "\x0B\x0B\x0B\x0B" }, + { "Jefe" }, + { "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" + "\xAA\xAA\xAA\xAA" }, + { "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10" + "\x11\x12\x13\x14\x15\x16\x17\x18\x19" }, + { "\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C" + "\x0C\x0C\x0C\x0C" }, + { "" }, /* 0xAA 80 times */ + { "" } +}; + +static const int sha1_hmac_test_keylen[7] = +{ + 20, 4, 20, 25, 20, 80, 80 +}; + +static unsigned char sha1_hmac_test_buf[7][74] = +{ + { "Hi There" }, + { "what do ya want for nothing?" }, + { "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" }, + { "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" + "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" + "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" + "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" + "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" }, + { "Test With Truncation" }, + { "Test Using Larger Than Block-Size Key - Hash Key First" }, + { "Test Using Larger Than Block-Size Key and Larger" + " Than One Block-Size Data" } +}; + +static const int sha1_hmac_test_buflen[7] = +{ + 8, 28, 50, 50, 20, 54, 73 +}; + +static const unsigned char sha1_hmac_test_sum[7][20] = +{ + { 0xB6, 0x17, 0x31, 0x86, 0x55, 0x05, 0x72, 0x64, 0xE2, 0x8B, + 0xC0, 0xB6, 0xFB, 0x37, 0x8C, 0x8E, 0xF1, 0x46, 0xBE, 0x00 }, + { 0xEF, 0xFC, 0xDF, 0x6A, 0xE5, 0xEB, 0x2F, 0xA2, 0xD2, 0x74, + 0x16, 0xD5, 0xF1, 0x84, 0xDF, 0x9C, 0x25, 0x9A, 0x7C, 0x79 }, + { 0x12, 0x5D, 0x73, 0x42, 0xB9, 0xAC, 0x11, 0xCD, 0x91, 0xA3, + 0x9A, 0xF4, 0x8A, 0xA1, 0x7B, 0x4F, 0x63, 0xF1, 0x75, 0xD3 }, + { 0x4C, 0x90, 0x07, 0xF4, 0x02, 0x62, 0x50, 0xC6, 0xBC, 0x84, + 0x14, 0xF9, 0xBF, 0x50, 0xC8, 0x6C, 0x2D, 0x72, 0x35, 0xDA }, + { 0x4C, 0x1A, 0x03, 0x42, 0x4B, 0x55, 0xE0, 0x7F, 0xE7, 0xF2, + 0x7B, 0xE1 }, + { 0xAA, 0x4A, 0xE5, 0xE1, 0x52, 0x72, 0xD0, 0x0E, 0x95, 0x70, + 0x56, 0x37, 0xCE, 0x8A, 0x3B, 0x55, 0xED, 0x40, 0x21, 0x12 }, + { 0xE8, 0xE9, 0x9D, 0x0F, 0x45, 0x23, 0x7D, 0x78, 0x6D, 0x6B, + 0xBA, 0xA7, 0x96, 0x5C, 0x78, 0x08, 0xBB, 0xFF, 0x1A, 0x91 } +}; + +/* + * Checkup routine + */ +int sha1_self_test( int verbose ) +{ + int i, j, buflen; + unsigned char buf[1024]; + unsigned char sha1sum[20]; + sha1_context ctx; + + /* + * SHA-1 + */ + for( i = 0; i < 3; i++ ) + { + if( verbose != 0 ) + printf( " SHA-1 test #%d: ", i + 1 ); + + sha1_starts( &ctx ); + + if( i == 2 ) + { + memset( buf, 'a', buflen = 1000 ); + + for( j = 0; j < 1000; j++ ) + sha1_update( &ctx, buf, buflen ); + } + else + sha1_update( &ctx, sha1_test_buf[i], + sha1_test_buflen[i] ); + + sha1_finish( &ctx, sha1sum ); + + if( memcmp( sha1sum, sha1_test_sum[i], 20 ) != 0 ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( 1 ); + } + + if( verbose != 0 ) + printf( "passed\n" ); + } + + if( verbose != 0 ) + printf( "\n" ); + + for( i = 0; i < 7; i++ ) + { + if( verbose != 0 ) + printf( " HMAC-SHA-1 test #%d: ", i + 1 ); + + if( i == 5 || i == 6 ) + { + memset( buf, '\xAA', buflen = 80 ); + sha1_hmac_starts( &ctx, buf, buflen ); + } + else + sha1_hmac_starts( &ctx, sha1_hmac_test_key[i], + sha1_hmac_test_keylen[i] ); + + sha1_hmac_update( &ctx, sha1_hmac_test_buf[i], + sha1_hmac_test_buflen[i] ); + + sha1_hmac_finish( &ctx, sha1sum ); + + buflen = ( i == 4 ) ? 12 : 20; + + if( memcmp( sha1sum, sha1_hmac_test_sum[i], buflen ) != 0 ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( 1 ); + } + + if( verbose != 0 ) + printf( "passed\n" ); + } + + if( verbose != 0 ) + printf( "\n" ); + + return( 0 ); +} + +#endif + +#endif diff --git a/polarssl/sha1.h b/polarssl/sha1.h new file mode 100644 index 0000000..ac7e5d3 --- /dev/null +++ b/polarssl/sha1.h @@ -0,0 +1,180 @@ +/** + * \file sha1.h + * + * \brief SHA-1 cryptographic hash function + * + * Copyright (C) 2006-2013, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef POLARSSL_SHA1_H +#define POLARSSL_SHA1_H + +#include "polarssl/config.h" + +#include + +#ifdef _MSC_VER +#include +typedef UINT32 uint32_t; +#else +#include +#endif + +#define POLARSSL_ERR_SHA1_FILE_IO_ERROR -0x0076 /**< Read/write error in file. */ + +#if !defined(POLARSSL_SHA1_ALT) +// Regular implementation +// + +/** + * \brief SHA-1 context structure + */ +typedef struct +{ + uint32_t total[2]; /*!< number of bytes processed */ + uint32_t state[5]; /*!< intermediate digest state */ + unsigned char buffer[64]; /*!< data block being processed */ + + unsigned char ipad[64]; /*!< HMAC: inner padding */ + unsigned char opad[64]; /*!< HMAC: outer padding */ +} +sha1_context; + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief SHA-1 context setup + * + * \param ctx context to be initialized + */ +void sha1_starts( sha1_context *ctx ); + +/** + * \brief SHA-1 process buffer + * + * \param ctx SHA-1 context + * \param input buffer holding the data + * \param ilen length of the input data + */ +void sha1_update( sha1_context *ctx, const unsigned char *input, size_t ilen ); + +/** + * \brief SHA-1 final digest + * + * \param ctx SHA-1 context + * \param output SHA-1 checksum result + */ +void sha1_finish( sha1_context *ctx, unsigned char output[20] ); + +/* Internal use */ +void sha1_process( sha1_context *ctx, const unsigned char data[64] ); + +#ifdef __cplusplus +} +#endif + +#else /* POLARSSL_SHA1_ALT */ +#include "polarssl/sha1_alt.h" +#endif /* POLARSSL_SHA1_ALT */ + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief Output = SHA-1( input buffer ) + * + * \param input buffer holding the data + * \param ilen length of the input data + * \param output SHA-1 checksum result + */ +void sha1( const unsigned char *input, size_t ilen, unsigned char output[20] ); + +/** + * \brief Output = SHA-1( file contents ) + * + * \param path input file name + * \param output SHA-1 checksum result + * + * \return 0 if successful, or POLARSSL_ERR_SHA1_FILE_IO_ERROR + */ +int sha1_file( const char *path, unsigned char output[20] ); + +/** + * \brief SHA-1 HMAC context setup + * + * \param ctx HMAC context to be initialized + * \param key HMAC secret key + * \param keylen length of the HMAC key + */ +void sha1_hmac_starts( sha1_context *ctx, const unsigned char *key, size_t keylen ); + +/** + * \brief SHA-1 HMAC process buffer + * + * \param ctx HMAC context + * \param input buffer holding the data + * \param ilen length of the input data + */ +void sha1_hmac_update( sha1_context *ctx, const unsigned char *input, size_t ilen ); + +/** + * \brief SHA-1 HMAC final digest + * + * \param ctx HMAC context + * \param output SHA-1 HMAC checksum result + */ +void sha1_hmac_finish( sha1_context *ctx, unsigned char output[20] ); + +/** + * \brief SHA-1 HMAC context reset + * + * \param ctx HMAC context to be reset + */ +void sha1_hmac_reset( sha1_context *ctx ); + +/** + * \brief Output = HMAC-SHA-1( hmac key, input buffer ) + * + * \param key HMAC secret key + * \param keylen length of the HMAC key + * \param input buffer holding the data + * \param ilen length of the input data + * \param output HMAC-SHA-1 result + */ +void sha1_hmac( const unsigned char *key, size_t keylen, + const unsigned char *input, size_t ilen, + unsigned char output[20] ); + +/** + * \brief Checkup routine + * + * \return 0 if successful, or 1 if the test failed + */ +int sha1_self_test( int verbose ); + +#ifdef __cplusplus +} +#endif + +#endif /* sha1.h */ diff --git a/polarssl/sha2.c b/polarssl/sha2.c new file mode 100644 index 0000000..20772ec --- /dev/null +++ b/polarssl/sha2.c @@ -0,0 +1,705 @@ +/* + * FIPS-180-2 compliant SHA-256 implementation + * + * Copyright (C) 2006-2013, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +/* + * The SHA-256 Secure Hash Standard was published by NIST in 2002. + * + * http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf + */ + +#include "polarssl/config.h" + +#if defined(POLARSSL_SHA2_C) + +#include "polarssl/sha2.h" + +#if defined(POLARSSL_FS_IO) || defined(POLARSSL_SELF_TEST) +#include +#endif + +#if !defined(POLARSSL_SHA2_ALT) + +/* + * 32-bit integer manipulation macros (big endian) + */ +#ifndef GET_UINT32_BE +#define GET_UINT32_BE(n,b,i) \ +{ \ + (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ + | ( (uint32_t) (b)[(i) + 1] << 16 ) \ + | ( (uint32_t) (b)[(i) + 2] << 8 ) \ + | ( (uint32_t) (b)[(i) + 3] ); \ +} +#endif + +#ifndef PUT_UINT32_BE +#define PUT_UINT32_BE(n,b,i) \ +{ \ + (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ + (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ + (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ + (b)[(i) + 3] = (unsigned char) ( (n) ); \ +} +#endif + +/* + * SHA-256 context setup + */ +void sha2_starts( sha2_context *ctx, int is224 ) +{ + ctx->total[0] = 0; + ctx->total[1] = 0; + + if( is224 == 0 ) + { + /* SHA-256 */ + ctx->state[0] = 0x6A09E667; + ctx->state[1] = 0xBB67AE85; + ctx->state[2] = 0x3C6EF372; + ctx->state[3] = 0xA54FF53A; + ctx->state[4] = 0x510E527F; + ctx->state[5] = 0x9B05688C; + ctx->state[6] = 0x1F83D9AB; + ctx->state[7] = 0x5BE0CD19; + } + else + { + /* SHA-224 */ + ctx->state[0] = 0xC1059ED8; + ctx->state[1] = 0x367CD507; + ctx->state[2] = 0x3070DD17; + ctx->state[3] = 0xF70E5939; + ctx->state[4] = 0xFFC00B31; + ctx->state[5] = 0x68581511; + ctx->state[6] = 0x64F98FA7; + ctx->state[7] = 0xBEFA4FA4; + } + + ctx->is224 = is224; +} + +void sha2_process( sha2_context *ctx, const unsigned char data[64] ) +{ + uint32_t temp1, temp2, W[64]; + uint32_t A, B, C, D, E, F, G, H; + + GET_UINT32_BE( W[ 0], data, 0 ); + GET_UINT32_BE( W[ 1], data, 4 ); + GET_UINT32_BE( W[ 2], data, 8 ); + GET_UINT32_BE( W[ 3], data, 12 ); + GET_UINT32_BE( W[ 4], data, 16 ); + GET_UINT32_BE( W[ 5], data, 20 ); + GET_UINT32_BE( W[ 6], data, 24 ); + GET_UINT32_BE( W[ 7], data, 28 ); + GET_UINT32_BE( W[ 8], data, 32 ); + GET_UINT32_BE( W[ 9], data, 36 ); + GET_UINT32_BE( W[10], data, 40 ); + GET_UINT32_BE( W[11], data, 44 ); + GET_UINT32_BE( W[12], data, 48 ); + GET_UINT32_BE( W[13], data, 52 ); + GET_UINT32_BE( W[14], data, 56 ); + GET_UINT32_BE( W[15], data, 60 ); + +#define SHR(x,n) ((x & 0xFFFFFFFF) >> n) +#define ROTR(x,n) (SHR(x,n) | (x << (32 - n))) + +#define S0(x) (ROTR(x, 7) ^ ROTR(x,18) ^ SHR(x, 3)) +#define S1(x) (ROTR(x,17) ^ ROTR(x,19) ^ SHR(x,10)) + +#define S2(x) (ROTR(x, 2) ^ ROTR(x,13) ^ ROTR(x,22)) +#define S3(x) (ROTR(x, 6) ^ ROTR(x,11) ^ ROTR(x,25)) + +#define F0(x,y,z) ((x & y) | (z & (x | y))) +#define F1(x,y,z) (z ^ (x & (y ^ z))) + +#define R(t) \ +( \ + W[t] = S1(W[t - 2]) + W[t - 7] + \ + S0(W[t - 15]) + W[t - 16] \ +) + +#define P(a,b,c,d,e,f,g,h,x,K) \ +{ \ + temp1 = h + S3(e) + F1(e,f,g) + K + x; \ + temp2 = S2(a) + F0(a,b,c); \ + d += temp1; h = temp1 + temp2; \ +} + + A = ctx->state[0]; + B = ctx->state[1]; + C = ctx->state[2]; + D = ctx->state[3]; + E = ctx->state[4]; + F = ctx->state[5]; + G = ctx->state[6]; + H = ctx->state[7]; + + P( A, B, C, D, E, F, G, H, W[ 0], 0x428A2F98 ); + P( H, A, B, C, D, E, F, G, W[ 1], 0x71374491 ); + P( G, H, A, B, C, D, E, F, W[ 2], 0xB5C0FBCF ); + P( F, G, H, A, B, C, D, E, W[ 3], 0xE9B5DBA5 ); + P( E, F, G, H, A, B, C, D, W[ 4], 0x3956C25B ); + P( D, E, F, G, H, A, B, C, W[ 5], 0x59F111F1 ); + P( C, D, E, F, G, H, A, B, W[ 6], 0x923F82A4 ); + P( B, C, D, E, F, G, H, A, W[ 7], 0xAB1C5ED5 ); + P( A, B, C, D, E, F, G, H, W[ 8], 0xD807AA98 ); + P( H, A, B, C, D, E, F, G, W[ 9], 0x12835B01 ); + P( G, H, A, B, C, D, E, F, W[10], 0x243185BE ); + P( F, G, H, A, B, C, D, E, W[11], 0x550C7DC3 ); + P( E, F, G, H, A, B, C, D, W[12], 0x72BE5D74 ); + P( D, E, F, G, H, A, B, C, W[13], 0x80DEB1FE ); + P( C, D, E, F, G, H, A, B, W[14], 0x9BDC06A7 ); + P( B, C, D, E, F, G, H, A, W[15], 0xC19BF174 ); + P( A, B, C, D, E, F, G, H, R(16), 0xE49B69C1 ); + P( H, A, B, C, D, E, F, G, R(17), 0xEFBE4786 ); + P( G, H, A, B, C, D, E, F, R(18), 0x0FC19DC6 ); + P( F, G, H, A, B, C, D, E, R(19), 0x240CA1CC ); + P( E, F, G, H, A, B, C, D, R(20), 0x2DE92C6F ); + P( D, E, F, G, H, A, B, C, R(21), 0x4A7484AA ); + P( C, D, E, F, G, H, A, B, R(22), 0x5CB0A9DC ); + P( B, C, D, E, F, G, H, A, R(23), 0x76F988DA ); + P( A, B, C, D, E, F, G, H, R(24), 0x983E5152 ); + P( H, A, B, C, D, E, F, G, R(25), 0xA831C66D ); + P( G, H, A, B, C, D, E, F, R(26), 0xB00327C8 ); + P( F, G, H, A, B, C, D, E, R(27), 0xBF597FC7 ); + P( E, F, G, H, A, B, C, D, R(28), 0xC6E00BF3 ); + P( D, E, F, G, H, A, B, C, R(29), 0xD5A79147 ); + P( C, D, E, F, G, H, A, B, R(30), 0x06CA6351 ); + P( B, C, D, E, F, G, H, A, R(31), 0x14292967 ); + P( A, B, C, D, E, F, G, H, R(32), 0x27B70A85 ); + P( H, A, B, C, D, E, F, G, R(33), 0x2E1B2138 ); + P( G, H, A, B, C, D, E, F, R(34), 0x4D2C6DFC ); + P( F, G, H, A, B, C, D, E, R(35), 0x53380D13 ); + P( E, F, G, H, A, B, C, D, R(36), 0x650A7354 ); + P( D, E, F, G, H, A, B, C, R(37), 0x766A0ABB ); + P( C, D, E, F, G, H, A, B, R(38), 0x81C2C92E ); + P( B, C, D, E, F, G, H, A, R(39), 0x92722C85 ); + P( A, B, C, D, E, F, G, H, R(40), 0xA2BFE8A1 ); + P( H, A, B, C, D, E, F, G, R(41), 0xA81A664B ); + P( G, H, A, B, C, D, E, F, R(42), 0xC24B8B70 ); + P( F, G, H, A, B, C, D, E, R(43), 0xC76C51A3 ); + P( E, F, G, H, A, B, C, D, R(44), 0xD192E819 ); + P( D, E, F, G, H, A, B, C, R(45), 0xD6990624 ); + P( C, D, E, F, G, H, A, B, R(46), 0xF40E3585 ); + P( B, C, D, E, F, G, H, A, R(47), 0x106AA070 ); + P( A, B, C, D, E, F, G, H, R(48), 0x19A4C116 ); + P( H, A, B, C, D, E, F, G, R(49), 0x1E376C08 ); + P( G, H, A, B, C, D, E, F, R(50), 0x2748774C ); + P( F, G, H, A, B, C, D, E, R(51), 0x34B0BCB5 ); + P( E, F, G, H, A, B, C, D, R(52), 0x391C0CB3 ); + P( D, E, F, G, H, A, B, C, R(53), 0x4ED8AA4A ); + P( C, D, E, F, G, H, A, B, R(54), 0x5B9CCA4F ); + P( B, C, D, E, F, G, H, A, R(55), 0x682E6FF3 ); + P( A, B, C, D, E, F, G, H, R(56), 0x748F82EE ); + P( H, A, B, C, D, E, F, G, R(57), 0x78A5636F ); + P( G, H, A, B, C, D, E, F, R(58), 0x84C87814 ); + P( F, G, H, A, B, C, D, E, R(59), 0x8CC70208 ); + P( E, F, G, H, A, B, C, D, R(60), 0x90BEFFFA ); + P( D, E, F, G, H, A, B, C, R(61), 0xA4506CEB ); + P( C, D, E, F, G, H, A, B, R(62), 0xBEF9A3F7 ); + P( B, C, D, E, F, G, H, A, R(63), 0xC67178F2 ); + + ctx->state[0] += A; + ctx->state[1] += B; + ctx->state[2] += C; + ctx->state[3] += D; + ctx->state[4] += E; + ctx->state[5] += F; + ctx->state[6] += G; + ctx->state[7] += H; +} + +/* + * SHA-256 process buffer + */ +void sha2_update( sha2_context *ctx, const unsigned char *input, size_t ilen ) +{ + size_t fill; + uint32_t left; + + if( ilen <= 0 ) + return; + + left = ctx->total[0] & 0x3F; + fill = 64 - left; + + ctx->total[0] += (uint32_t) ilen; + ctx->total[0] &= 0xFFFFFFFF; + + if( ctx->total[0] < (uint32_t) ilen ) + ctx->total[1]++; + + if( left && ilen >= fill ) + { + memcpy( (void *) (ctx->buffer + left), input, fill ); + sha2_process( ctx, ctx->buffer ); + input += fill; + ilen -= fill; + left = 0; + } + + while( ilen >= 64 ) + { + sha2_process( ctx, input ); + input += 64; + ilen -= 64; + } + + if( ilen > 0 ) + memcpy( (void *) (ctx->buffer + left), input, ilen ); +} + +static const unsigned char sha2_padding[64] = +{ + 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 +}; + +/* + * SHA-256 final digest + */ +void sha2_finish( sha2_context *ctx, unsigned char output[32] ) +{ + uint32_t last, padn; + uint32_t high, low; + unsigned char msglen[8]; + + high = ( ctx->total[0] >> 29 ) + | ( ctx->total[1] << 3 ); + low = ( ctx->total[0] << 3 ); + + PUT_UINT32_BE( high, msglen, 0 ); + PUT_UINT32_BE( low, msglen, 4 ); + + last = ctx->total[0] & 0x3F; + padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last ); + + sha2_update( ctx, sha2_padding, padn ); + sha2_update( ctx, msglen, 8 ); + + PUT_UINT32_BE( ctx->state[0], output, 0 ); + PUT_UINT32_BE( ctx->state[1], output, 4 ); + PUT_UINT32_BE( ctx->state[2], output, 8 ); + PUT_UINT32_BE( ctx->state[3], output, 12 ); + PUT_UINT32_BE( ctx->state[4], output, 16 ); + PUT_UINT32_BE( ctx->state[5], output, 20 ); + PUT_UINT32_BE( ctx->state[6], output, 24 ); + + if( ctx->is224 == 0 ) + PUT_UINT32_BE( ctx->state[7], output, 28 ); +} + +#endif /* !POLARSSL_SHA2_ALT */ + +/* + * output = SHA-256( input buffer ) + */ +void sha2( const unsigned char *input, size_t ilen, + unsigned char output[32], int is224 ) +{ + sha2_context ctx; + + sha2_starts( &ctx, is224 ); + sha2_update( &ctx, input, ilen ); + sha2_finish( &ctx, output ); + + memset( &ctx, 0, sizeof( sha2_context ) ); +} + +#if defined(POLARSSL_FS_IO) +/* + * output = SHA-256( file contents ) + */ +int sha2_file( const char *path, unsigned char output[32], int is224 ) +{ + FILE *f; + size_t n; + sha2_context ctx; + unsigned char buf[1024]; + + if( ( f = fopen( path, "rb" ) ) == NULL ) + return( POLARSSL_ERR_SHA2_FILE_IO_ERROR ); + + sha2_starts( &ctx, is224 ); + + while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 ) + sha2_update( &ctx, buf, n ); + + sha2_finish( &ctx, output ); + + memset( &ctx, 0, sizeof( sha2_context ) ); + + if( ferror( f ) != 0 ) + { + fclose( f ); + return( POLARSSL_ERR_SHA2_FILE_IO_ERROR ); + } + + fclose( f ); + return( 0 ); +} +#endif /* POLARSSL_FS_IO */ + +/* + * SHA-256 HMAC context setup + */ +void sha2_hmac_starts( sha2_context *ctx, const unsigned char *key, size_t keylen, + int is224 ) +{ + size_t i; + unsigned char sum[32]; + + if( keylen > 64 ) + { + sha2( key, keylen, sum, is224 ); + keylen = ( is224 ) ? 28 : 32; + key = sum; + } + + memset( ctx->ipad, 0x36, 64 ); + memset( ctx->opad, 0x5C, 64 ); + + for( i = 0; i < keylen; i++ ) + { + ctx->ipad[i] = (unsigned char)( ctx->ipad[i] ^ key[i] ); + ctx->opad[i] = (unsigned char)( ctx->opad[i] ^ key[i] ); + } + + sha2_starts( ctx, is224 ); + sha2_update( ctx, ctx->ipad, 64 ); + + memset( sum, 0, sizeof( sum ) ); +} + +/* + * SHA-256 HMAC process buffer + */ +void sha2_hmac_update( sha2_context *ctx, const unsigned char *input, size_t ilen ) +{ + sha2_update( ctx, input, ilen ); +} + +/* + * SHA-256 HMAC final digest + */ +void sha2_hmac_finish( sha2_context *ctx, unsigned char output[32] ) +{ + int is224, hlen; + unsigned char tmpbuf[32]; + + is224 = ctx->is224; + hlen = ( is224 == 0 ) ? 32 : 28; + + sha2_finish( ctx, tmpbuf ); + sha2_starts( ctx, is224 ); + sha2_update( ctx, ctx->opad, 64 ); + sha2_update( ctx, tmpbuf, hlen ); + sha2_finish( ctx, output ); + + memset( tmpbuf, 0, sizeof( tmpbuf ) ); +} + +/* + * SHA-256 HMAC context reset + */ +void sha2_hmac_reset( sha2_context *ctx ) +{ + sha2_starts( ctx, ctx->is224 ); + sha2_update( ctx, ctx->ipad, 64 ); +} + +/* + * output = HMAC-SHA-256( hmac key, input buffer ) + */ +void sha2_hmac( const unsigned char *key, size_t keylen, + const unsigned char *input, size_t ilen, + unsigned char output[32], int is224 ) +{ + sha2_context ctx; + + sha2_hmac_starts( &ctx, key, keylen, is224 ); + sha2_hmac_update( &ctx, input, ilen ); + sha2_hmac_finish( &ctx, output ); + + memset( &ctx, 0, sizeof( sha2_context ) ); +} + +#if defined(POLARSSL_SELF_TEST) +/* + * FIPS-180-2 test vectors + */ +static unsigned char sha2_test_buf[3][57] = +{ + { "abc" }, + { "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" }, + { "" } +}; + +static const int sha2_test_buflen[3] = +{ + 3, 56, 1000 +}; + +static const unsigned char sha2_test_sum[6][32] = +{ + /* + * SHA-224 test vectors + */ + { 0x23, 0x09, 0x7D, 0x22, 0x34, 0x05, 0xD8, 0x22, + 0x86, 0x42, 0xA4, 0x77, 0xBD, 0xA2, 0x55, 0xB3, + 0x2A, 0xAD, 0xBC, 0xE4, 0xBD, 0xA0, 0xB3, 0xF7, + 0xE3, 0x6C, 0x9D, 0xA7 }, + { 0x75, 0x38, 0x8B, 0x16, 0x51, 0x27, 0x76, 0xCC, + 0x5D, 0xBA, 0x5D, 0xA1, 0xFD, 0x89, 0x01, 0x50, + 0xB0, 0xC6, 0x45, 0x5C, 0xB4, 0xF5, 0x8B, 0x19, + 0x52, 0x52, 0x25, 0x25 }, + { 0x20, 0x79, 0x46, 0x55, 0x98, 0x0C, 0x91, 0xD8, + 0xBB, 0xB4, 0xC1, 0xEA, 0x97, 0x61, 0x8A, 0x4B, + 0xF0, 0x3F, 0x42, 0x58, 0x19, 0x48, 0xB2, 0xEE, + 0x4E, 0xE7, 0xAD, 0x67 }, + + /* + * SHA-256 test vectors + */ + { 0xBA, 0x78, 0x16, 0xBF, 0x8F, 0x01, 0xCF, 0xEA, + 0x41, 0x41, 0x40, 0xDE, 0x5D, 0xAE, 0x22, 0x23, + 0xB0, 0x03, 0x61, 0xA3, 0x96, 0x17, 0x7A, 0x9C, + 0xB4, 0x10, 0xFF, 0x61, 0xF2, 0x00, 0x15, 0xAD }, + { 0x24, 0x8D, 0x6A, 0x61, 0xD2, 0x06, 0x38, 0xB8, + 0xE5, 0xC0, 0x26, 0x93, 0x0C, 0x3E, 0x60, 0x39, + 0xA3, 0x3C, 0xE4, 0x59, 0x64, 0xFF, 0x21, 0x67, + 0xF6, 0xEC, 0xED, 0xD4, 0x19, 0xDB, 0x06, 0xC1 }, + { 0xCD, 0xC7, 0x6E, 0x5C, 0x99, 0x14, 0xFB, 0x92, + 0x81, 0xA1, 0xC7, 0xE2, 0x84, 0xD7, 0x3E, 0x67, + 0xF1, 0x80, 0x9A, 0x48, 0xA4, 0x97, 0x20, 0x0E, + 0x04, 0x6D, 0x39, 0xCC, 0xC7, 0x11, 0x2C, 0xD0 } +}; + +/* + * RFC 4231 test vectors + */ +static unsigned char sha2_hmac_test_key[7][26] = +{ + { "\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B" + "\x0B\x0B\x0B\x0B" }, + { "Jefe" }, + { "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" + "\xAA\xAA\xAA\xAA" }, + { "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10" + "\x11\x12\x13\x14\x15\x16\x17\x18\x19" }, + { "\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C" + "\x0C\x0C\x0C\x0C" }, + { "" }, /* 0xAA 131 times */ + { "" } +}; + +static const int sha2_hmac_test_keylen[7] = +{ + 20, 4, 20, 25, 20, 131, 131 +}; + +static unsigned char sha2_hmac_test_buf[7][153] = +{ + { "Hi There" }, + { "what do ya want for nothing?" }, + { "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" }, + { "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" + "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" + "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" + "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" + "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" }, + { "Test With Truncation" }, + { "Test Using Larger Than Block-Size Key - Hash Key First" }, + { "This is a test using a larger than block-size key " + "and a larger than block-size data. The key needs to " + "be hashed before being used by the HMAC algorithm." } +}; + +static const int sha2_hmac_test_buflen[7] = +{ + 8, 28, 50, 50, 20, 54, 152 +}; + +static const unsigned char sha2_hmac_test_sum[14][32] = +{ + /* + * HMAC-SHA-224 test vectors + */ + { 0x89, 0x6F, 0xB1, 0x12, 0x8A, 0xBB, 0xDF, 0x19, + 0x68, 0x32, 0x10, 0x7C, 0xD4, 0x9D, 0xF3, 0x3F, + 0x47, 0xB4, 0xB1, 0x16, 0x99, 0x12, 0xBA, 0x4F, + 0x53, 0x68, 0x4B, 0x22 }, + { 0xA3, 0x0E, 0x01, 0x09, 0x8B, 0xC6, 0xDB, 0xBF, + 0x45, 0x69, 0x0F, 0x3A, 0x7E, 0x9E, 0x6D, 0x0F, + 0x8B, 0xBE, 0xA2, 0xA3, 0x9E, 0x61, 0x48, 0x00, + 0x8F, 0xD0, 0x5E, 0x44 }, + { 0x7F, 0xB3, 0xCB, 0x35, 0x88, 0xC6, 0xC1, 0xF6, + 0xFF, 0xA9, 0x69, 0x4D, 0x7D, 0x6A, 0xD2, 0x64, + 0x93, 0x65, 0xB0, 0xC1, 0xF6, 0x5D, 0x69, 0xD1, + 0xEC, 0x83, 0x33, 0xEA }, + { 0x6C, 0x11, 0x50, 0x68, 0x74, 0x01, 0x3C, 0xAC, + 0x6A, 0x2A, 0xBC, 0x1B, 0xB3, 0x82, 0x62, 0x7C, + 0xEC, 0x6A, 0x90, 0xD8, 0x6E, 0xFC, 0x01, 0x2D, + 0xE7, 0xAF, 0xEC, 0x5A }, + { 0x0E, 0x2A, 0xEA, 0x68, 0xA9, 0x0C, 0x8D, 0x37, + 0xC9, 0x88, 0xBC, 0xDB, 0x9F, 0xCA, 0x6F, 0xA8 }, + { 0x95, 0xE9, 0xA0, 0xDB, 0x96, 0x20, 0x95, 0xAD, + 0xAE, 0xBE, 0x9B, 0x2D, 0x6F, 0x0D, 0xBC, 0xE2, + 0xD4, 0x99, 0xF1, 0x12, 0xF2, 0xD2, 0xB7, 0x27, + 0x3F, 0xA6, 0x87, 0x0E }, + { 0x3A, 0x85, 0x41, 0x66, 0xAC, 0x5D, 0x9F, 0x02, + 0x3F, 0x54, 0xD5, 0x17, 0xD0, 0xB3, 0x9D, 0xBD, + 0x94, 0x67, 0x70, 0xDB, 0x9C, 0x2B, 0x95, 0xC9, + 0xF6, 0xF5, 0x65, 0xD1 }, + + /* + * HMAC-SHA-256 test vectors + */ + { 0xB0, 0x34, 0x4C, 0x61, 0xD8, 0xDB, 0x38, 0x53, + 0x5C, 0xA8, 0xAF, 0xCE, 0xAF, 0x0B, 0xF1, 0x2B, + 0x88, 0x1D, 0xC2, 0x00, 0xC9, 0x83, 0x3D, 0xA7, + 0x26, 0xE9, 0x37, 0x6C, 0x2E, 0x32, 0xCF, 0xF7 }, + { 0x5B, 0xDC, 0xC1, 0x46, 0xBF, 0x60, 0x75, 0x4E, + 0x6A, 0x04, 0x24, 0x26, 0x08, 0x95, 0x75, 0xC7, + 0x5A, 0x00, 0x3F, 0x08, 0x9D, 0x27, 0x39, 0x83, + 0x9D, 0xEC, 0x58, 0xB9, 0x64, 0xEC, 0x38, 0x43 }, + { 0x77, 0x3E, 0xA9, 0x1E, 0x36, 0x80, 0x0E, 0x46, + 0x85, 0x4D, 0xB8, 0xEB, 0xD0, 0x91, 0x81, 0xA7, + 0x29, 0x59, 0x09, 0x8B, 0x3E, 0xF8, 0xC1, 0x22, + 0xD9, 0x63, 0x55, 0x14, 0xCE, 0xD5, 0x65, 0xFE }, + { 0x82, 0x55, 0x8A, 0x38, 0x9A, 0x44, 0x3C, 0x0E, + 0xA4, 0xCC, 0x81, 0x98, 0x99, 0xF2, 0x08, 0x3A, + 0x85, 0xF0, 0xFA, 0xA3, 0xE5, 0x78, 0xF8, 0x07, + 0x7A, 0x2E, 0x3F, 0xF4, 0x67, 0x29, 0x66, 0x5B }, + { 0xA3, 0xB6, 0x16, 0x74, 0x73, 0x10, 0x0E, 0xE0, + 0x6E, 0x0C, 0x79, 0x6C, 0x29, 0x55, 0x55, 0x2B }, + { 0x60, 0xE4, 0x31, 0x59, 0x1E, 0xE0, 0xB6, 0x7F, + 0x0D, 0x8A, 0x26, 0xAA, 0xCB, 0xF5, 0xB7, 0x7F, + 0x8E, 0x0B, 0xC6, 0x21, 0x37, 0x28, 0xC5, 0x14, + 0x05, 0x46, 0x04, 0x0F, 0x0E, 0xE3, 0x7F, 0x54 }, + { 0x9B, 0x09, 0xFF, 0xA7, 0x1B, 0x94, 0x2F, 0xCB, + 0x27, 0x63, 0x5F, 0xBC, 0xD5, 0xB0, 0xE9, 0x44, + 0xBF, 0xDC, 0x63, 0x64, 0x4F, 0x07, 0x13, 0x93, + 0x8A, 0x7F, 0x51, 0x53, 0x5C, 0x3A, 0x35, 0xE2 } +}; + +/* + * Checkup routine + */ +int sha2_self_test( int verbose ) +{ + int i, j, k, buflen; + unsigned char buf[1024]; + unsigned char sha2sum[32]; + sha2_context ctx; + + for( i = 0; i < 6; i++ ) + { + j = i % 3; + k = i < 3; + + if( verbose != 0 ) + printf( " SHA-%d test #%d: ", 256 - k * 32, j + 1 ); + + sha2_starts( &ctx, k ); + + if( j == 2 ) + { + memset( buf, 'a', buflen = 1000 ); + + for( j = 0; j < 1000; j++ ) + sha2_update( &ctx, buf, buflen ); + } + else + sha2_update( &ctx, sha2_test_buf[j], + sha2_test_buflen[j] ); + + sha2_finish( &ctx, sha2sum ); + + if( memcmp( sha2sum, sha2_test_sum[i], 32 - k * 4 ) != 0 ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( 1 ); + } + + if( verbose != 0 ) + printf( "passed\n" ); + } + + if( verbose != 0 ) + printf( "\n" ); + + for( i = 0; i < 14; i++ ) + { + j = i % 7; + k = i < 7; + + if( verbose != 0 ) + printf( " HMAC-SHA-%d test #%d: ", 256 - k * 32, j + 1 ); + + if( j == 5 || j == 6 ) + { + memset( buf, '\xAA', buflen = 131 ); + sha2_hmac_starts( &ctx, buf, buflen, k ); + } + else + sha2_hmac_starts( &ctx, sha2_hmac_test_key[j], + sha2_hmac_test_keylen[j], k ); + + sha2_hmac_update( &ctx, sha2_hmac_test_buf[j], + sha2_hmac_test_buflen[j] ); + + sha2_hmac_finish( &ctx, sha2sum ); + + buflen = ( j == 4 ) ? 16 : 32 - k * 4; + + if( memcmp( sha2sum, sha2_hmac_test_sum[i], buflen ) != 0 ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( 1 ); + } + + if( verbose != 0 ) + printf( "passed\n" ); + } + + if( verbose != 0 ) + printf( "\n" ); + + return( 0 ); +} + +#endif + +#endif diff --git a/polarssl/sha2.h b/polarssl/sha2.h new file mode 100644 index 0000000..4f12472 --- /dev/null +++ b/polarssl/sha2.h @@ -0,0 +1,188 @@ +/** + * \file sha2.h + * + * \brief SHA-224 and SHA-256 cryptographic hash function + * + * Copyright (C) 2006-2013, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef POLARSSL_SHA2_H +#define POLARSSL_SHA2_H + +#include "polarssl/config.h" + +#include + +#ifdef _MSC_VER +#include +typedef UINT32 uint32_t; +#else +#include +#endif + +#define POLARSSL_ERR_SHA2_FILE_IO_ERROR -0x0078 /**< Read/write error in file. */ + +#if !defined(POLARSSL_SHA2_ALT) +// Regular implementation +// + +/** + * \brief SHA-256 context structure + */ +typedef struct +{ + uint32_t total[2]; /*!< number of bytes processed */ + uint32_t state[8]; /*!< intermediate digest state */ + unsigned char buffer[64]; /*!< data block being processed */ + + unsigned char ipad[64]; /*!< HMAC: inner padding */ + unsigned char opad[64]; /*!< HMAC: outer padding */ + int is224; /*!< 0 => SHA-256, else SHA-224 */ +} +sha2_context; + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief SHA-256 context setup + * + * \param ctx context to be initialized + * \param is224 0 = use SHA256, 1 = use SHA224 + */ +void sha2_starts( sha2_context *ctx, int is224 ); + +/** + * \brief SHA-256 process buffer + * + * \param ctx SHA-256 context + * \param input buffer holding the data + * \param ilen length of the input data + */ +void sha2_update( sha2_context *ctx, const unsigned char *input, size_t ilen ); + +/** + * \brief SHA-256 final digest + * + * \param ctx SHA-256 context + * \param output SHA-224/256 checksum result + */ +void sha2_finish( sha2_context *ctx, unsigned char output[32] ); + +/* Internal use */ +void sha2_process( sha2_context *ctx, const unsigned char data[64] ); + +#ifdef __cplusplus +} +#endif + +#else /* POLARSSL_SHA2_ALT */ +#include "polarssl/sha2_alt.h" +#endif /* POLARSSL_SHA2_ALT */ + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief Output = SHA-256( input buffer ) + * + * \param input buffer holding the data + * \param ilen length of the input data + * \param output SHA-224/256 checksum result + * \param is224 0 = use SHA256, 1 = use SHA224 + */ +void sha2( const unsigned char *input, size_t ilen, + unsigned char output[32], int is224 ); + +/** + * \brief Output = SHA-256( file contents ) + * + * \param path input file name + * \param output SHA-224/256 checksum result + * \param is224 0 = use SHA256, 1 = use SHA224 + * + * \return 0 if successful, or POLARSSL_ERR_SHA2_FILE_IO_ERROR + */ +int sha2_file( const char *path, unsigned char output[32], int is224 ); + +/** + * \brief SHA-256 HMAC context setup + * + * \param ctx HMAC context to be initialized + * \param key HMAC secret key + * \param keylen length of the HMAC key + * \param is224 0 = use SHA256, 1 = use SHA224 + */ +void sha2_hmac_starts( sha2_context *ctx, const unsigned char *key, size_t keylen, + int is224 ); + +/** + * \brief SHA-256 HMAC process buffer + * + * \param ctx HMAC context + * \param input buffer holding the data + * \param ilen length of the input data + */ +void sha2_hmac_update( sha2_context *ctx, const unsigned char *input, size_t ilen ); + +/** + * \brief SHA-256 HMAC final digest + * + * \param ctx HMAC context + * \param output SHA-224/256 HMAC checksum result + */ +void sha2_hmac_finish( sha2_context *ctx, unsigned char output[32] ); + +/** + * \brief SHA-256 HMAC context reset + * + * \param ctx HMAC context to be reset + */ +void sha2_hmac_reset( sha2_context *ctx ); + +/** + * \brief Output = HMAC-SHA-256( hmac key, input buffer ) + * + * \param key HMAC secret key + * \param keylen length of the HMAC key + * \param input buffer holding the data + * \param ilen length of the input data + * \param output HMAC-SHA-224/256 result + * \param is224 0 = use SHA256, 1 = use SHA224 + */ +void sha2_hmac( const unsigned char *key, size_t keylen, + const unsigned char *input, size_t ilen, + unsigned char output[32], int is224 ); + +/** + * \brief Checkup routine + * + * \return 0 if successful, or 1 if the test failed + */ +int sha2_self_test( int verbose ); + +#ifdef __cplusplus +} +#endif + +#endif /* sha2.h */ diff --git a/polarssl/sha4.c b/polarssl/sha4.c new file mode 100644 index 0000000..466420a --- /dev/null +++ b/polarssl/sha4.c @@ -0,0 +1,760 @@ +/* + * FIPS-180-2 compliant SHA-384/512 implementation + * + * Copyright (C) 2006-2013, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +/* + * The SHA-512 Secure Hash Standard was published by NIST in 2002. + * + * http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf + */ + +#include "polarssl/config.h" + +#if defined(POLARSSL_SHA4_C) + +#include "polarssl/sha4.h" + +#if defined(POLARSSL_FS_IO) || defined(POLARSSL_SELF_TEST) +#include +#endif + +#if !defined(POLARSSL_SHA4_ALT) + +/* + * 64-bit integer manipulation macros (big endian) + */ +#ifndef GET_UINT64_BE +#define GET_UINT64_BE(n,b,i) \ +{ \ + (n) = ( (uint64_t) (b)[(i) ] << 56 ) \ + | ( (uint64_t) (b)[(i) + 1] << 48 ) \ + | ( (uint64_t) (b)[(i) + 2] << 40 ) \ + | ( (uint64_t) (b)[(i) + 3] << 32 ) \ + | ( (uint64_t) (b)[(i) + 4] << 24 ) \ + | ( (uint64_t) (b)[(i) + 5] << 16 ) \ + | ( (uint64_t) (b)[(i) + 6] << 8 ) \ + | ( (uint64_t) (b)[(i) + 7] ); \ +} +#endif + +#ifndef PUT_UINT64_BE +#define PUT_UINT64_BE(n,b,i) \ +{ \ + (b)[(i) ] = (unsigned char) ( (n) >> 56 ); \ + (b)[(i) + 1] = (unsigned char) ( (n) >> 48 ); \ + (b)[(i) + 2] = (unsigned char) ( (n) >> 40 ); \ + (b)[(i) + 3] = (unsigned char) ( (n) >> 32 ); \ + (b)[(i) + 4] = (unsigned char) ( (n) >> 24 ); \ + (b)[(i) + 5] = (unsigned char) ( (n) >> 16 ); \ + (b)[(i) + 6] = (unsigned char) ( (n) >> 8 ); \ + (b)[(i) + 7] = (unsigned char) ( (n) ); \ +} +#endif + +/* + * Round constants + */ +static const uint64_t K[80] = +{ + UL64(0x428A2F98D728AE22), UL64(0x7137449123EF65CD), + UL64(0xB5C0FBCFEC4D3B2F), UL64(0xE9B5DBA58189DBBC), + UL64(0x3956C25BF348B538), UL64(0x59F111F1B605D019), + UL64(0x923F82A4AF194F9B), UL64(0xAB1C5ED5DA6D8118), + UL64(0xD807AA98A3030242), UL64(0x12835B0145706FBE), + UL64(0x243185BE4EE4B28C), UL64(0x550C7DC3D5FFB4E2), + UL64(0x72BE5D74F27B896F), UL64(0x80DEB1FE3B1696B1), + UL64(0x9BDC06A725C71235), UL64(0xC19BF174CF692694), + UL64(0xE49B69C19EF14AD2), UL64(0xEFBE4786384F25E3), + UL64(0x0FC19DC68B8CD5B5), UL64(0x240CA1CC77AC9C65), + UL64(0x2DE92C6F592B0275), UL64(0x4A7484AA6EA6E483), + UL64(0x5CB0A9DCBD41FBD4), UL64(0x76F988DA831153B5), + UL64(0x983E5152EE66DFAB), UL64(0xA831C66D2DB43210), + UL64(0xB00327C898FB213F), UL64(0xBF597FC7BEEF0EE4), + UL64(0xC6E00BF33DA88FC2), UL64(0xD5A79147930AA725), + UL64(0x06CA6351E003826F), UL64(0x142929670A0E6E70), + UL64(0x27B70A8546D22FFC), UL64(0x2E1B21385C26C926), + UL64(0x4D2C6DFC5AC42AED), UL64(0x53380D139D95B3DF), + UL64(0x650A73548BAF63DE), UL64(0x766A0ABB3C77B2A8), + UL64(0x81C2C92E47EDAEE6), UL64(0x92722C851482353B), + UL64(0xA2BFE8A14CF10364), UL64(0xA81A664BBC423001), + UL64(0xC24B8B70D0F89791), UL64(0xC76C51A30654BE30), + UL64(0xD192E819D6EF5218), UL64(0xD69906245565A910), + UL64(0xF40E35855771202A), UL64(0x106AA07032BBD1B8), + UL64(0x19A4C116B8D2D0C8), UL64(0x1E376C085141AB53), + UL64(0x2748774CDF8EEB99), UL64(0x34B0BCB5E19B48A8), + UL64(0x391C0CB3C5C95A63), UL64(0x4ED8AA4AE3418ACB), + UL64(0x5B9CCA4F7763E373), UL64(0x682E6FF3D6B2B8A3), + UL64(0x748F82EE5DEFB2FC), UL64(0x78A5636F43172F60), + UL64(0x84C87814A1F0AB72), UL64(0x8CC702081A6439EC), + UL64(0x90BEFFFA23631E28), UL64(0xA4506CEBDE82BDE9), + UL64(0xBEF9A3F7B2C67915), UL64(0xC67178F2E372532B), + UL64(0xCA273ECEEA26619C), UL64(0xD186B8C721C0C207), + UL64(0xEADA7DD6CDE0EB1E), UL64(0xF57D4F7FEE6ED178), + UL64(0x06F067AA72176FBA), UL64(0x0A637DC5A2C898A6), + UL64(0x113F9804BEF90DAE), UL64(0x1B710B35131C471B), + UL64(0x28DB77F523047D84), UL64(0x32CAAB7B40C72493), + UL64(0x3C9EBE0A15C9BEBC), UL64(0x431D67C49C100D4C), + UL64(0x4CC5D4BECB3E42B6), UL64(0x597F299CFC657E2A), + UL64(0x5FCB6FAB3AD6FAEC), UL64(0x6C44198C4A475817) +}; + +/* + * SHA-512 context setup + */ +void sha4_starts( sha4_context *ctx, int is384 ) +{ + ctx->total[0] = 0; + ctx->total[1] = 0; + + if( is384 == 0 ) + { + /* SHA-512 */ + ctx->state[0] = UL64(0x6A09E667F3BCC908); + ctx->state[1] = UL64(0xBB67AE8584CAA73B); + ctx->state[2] = UL64(0x3C6EF372FE94F82B); + ctx->state[3] = UL64(0xA54FF53A5F1D36F1); + ctx->state[4] = UL64(0x510E527FADE682D1); + ctx->state[5] = UL64(0x9B05688C2B3E6C1F); + ctx->state[6] = UL64(0x1F83D9ABFB41BD6B); + ctx->state[7] = UL64(0x5BE0CD19137E2179); + } + else + { + /* SHA-384 */ + ctx->state[0] = UL64(0xCBBB9D5DC1059ED8); + ctx->state[1] = UL64(0x629A292A367CD507); + ctx->state[2] = UL64(0x9159015A3070DD17); + ctx->state[3] = UL64(0x152FECD8F70E5939); + ctx->state[4] = UL64(0x67332667FFC00B31); + ctx->state[5] = UL64(0x8EB44A8768581511); + ctx->state[6] = UL64(0xDB0C2E0D64F98FA7); + ctx->state[7] = UL64(0x47B5481DBEFA4FA4); + } + + ctx->is384 = is384; +} + +static void sha4_process( sha4_context *ctx, const unsigned char data[128] ) +{ + int i; + uint64_t temp1, temp2, W[80]; + uint64_t A, B, C, D, E, F, G, H; + +#define SHR(x,n) (x >> n) +#define ROTR(x,n) (SHR(x,n) | (x << (64 - n))) + +#define S0(x) (ROTR(x, 1) ^ ROTR(x, 8) ^ SHR(x, 7)) +#define S1(x) (ROTR(x,19) ^ ROTR(x,61) ^ SHR(x, 6)) + +#define S2(x) (ROTR(x,28) ^ ROTR(x,34) ^ ROTR(x,39)) +#define S3(x) (ROTR(x,14) ^ ROTR(x,18) ^ ROTR(x,41)) + +#define F0(x,y,z) ((x & y) | (z & (x | y))) +#define F1(x,y,z) (z ^ (x & (y ^ z))) + +#define P(a,b,c,d,e,f,g,h,x,K) \ +{ \ + temp1 = h + S3(e) + F1(e,f,g) + K + x; \ + temp2 = S2(a) + F0(a,b,c); \ + d += temp1; h = temp1 + temp2; \ +} + + for( i = 0; i < 16; i++ ) + { + GET_UINT64_BE( W[i], data, i << 3 ); + } + + for( ; i < 80; i++ ) + { + W[i] = S1(W[i - 2]) + W[i - 7] + + S0(W[i - 15]) + W[i - 16]; + } + + A = ctx->state[0]; + B = ctx->state[1]; + C = ctx->state[2]; + D = ctx->state[3]; + E = ctx->state[4]; + F = ctx->state[5]; + G = ctx->state[6]; + H = ctx->state[7]; + i = 0; + + do + { + P( A, B, C, D, E, F, G, H, W[i], K[i] ); i++; + P( H, A, B, C, D, E, F, G, W[i], K[i] ); i++; + P( G, H, A, B, C, D, E, F, W[i], K[i] ); i++; + P( F, G, H, A, B, C, D, E, W[i], K[i] ); i++; + P( E, F, G, H, A, B, C, D, W[i], K[i] ); i++; + P( D, E, F, G, H, A, B, C, W[i], K[i] ); i++; + P( C, D, E, F, G, H, A, B, W[i], K[i] ); i++; + P( B, C, D, E, F, G, H, A, W[i], K[i] ); i++; + } + while( i < 80 ); + + ctx->state[0] += A; + ctx->state[1] += B; + ctx->state[2] += C; + ctx->state[3] += D; + ctx->state[4] += E; + ctx->state[5] += F; + ctx->state[6] += G; + ctx->state[7] += H; +} + +/* + * SHA-512 process buffer + */ +void sha4_update( sha4_context *ctx, const unsigned char *input, size_t ilen ) +{ + size_t fill; + unsigned int left; + + if( ilen <= 0 ) + return; + + left = (unsigned int) (ctx->total[0] & 0x7F); + fill = 128 - left; + + ctx->total[0] += (uint64_t) ilen; + + if( ctx->total[0] < (uint64_t) ilen ) + ctx->total[1]++; + + if( left && ilen >= fill ) + { + memcpy( (void *) (ctx->buffer + left), input, fill ); + sha4_process( ctx, ctx->buffer ); + input += fill; + ilen -= fill; + left = 0; + } + + while( ilen >= 128 ) + { + sha4_process( ctx, input ); + input += 128; + ilen -= 128; + } + + if( ilen > 0 ) + memcpy( (void *) (ctx->buffer + left), input, ilen ); +} + +static const unsigned char sha4_padding[128] = +{ + 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 +}; + +/* + * SHA-512 final digest + */ +void sha4_finish( sha4_context *ctx, unsigned char output[64] ) +{ + size_t last, padn; + uint64_t high, low; + unsigned char msglen[16]; + + high = ( ctx->total[0] >> 61 ) + | ( ctx->total[1] << 3 ); + low = ( ctx->total[0] << 3 ); + + PUT_UINT64_BE( high, msglen, 0 ); + PUT_UINT64_BE( low, msglen, 8 ); + + last = (size_t)( ctx->total[0] & 0x7F ); + padn = ( last < 112 ) ? ( 112 - last ) : ( 240 - last ); + + sha4_update( ctx, sha4_padding, padn ); + sha4_update( ctx, msglen, 16 ); + + PUT_UINT64_BE( ctx->state[0], output, 0 ); + PUT_UINT64_BE( ctx->state[1], output, 8 ); + PUT_UINT64_BE( ctx->state[2], output, 16 ); + PUT_UINT64_BE( ctx->state[3], output, 24 ); + PUT_UINT64_BE( ctx->state[4], output, 32 ); + PUT_UINT64_BE( ctx->state[5], output, 40 ); + + if( ctx->is384 == 0 ) + { + PUT_UINT64_BE( ctx->state[6], output, 48 ); + PUT_UINT64_BE( ctx->state[7], output, 56 ); + } +} + +#endif /* !POLARSSL_SHA4_ALT */ + +/* + * output = SHA-512( input buffer ) + */ +void sha4( const unsigned char *input, size_t ilen, + unsigned char output[64], int is384 ) +{ + sha4_context ctx; + + sha4_starts( &ctx, is384 ); + sha4_update( &ctx, input, ilen ); + sha4_finish( &ctx, output ); + + memset( &ctx, 0, sizeof( sha4_context ) ); +} + +#if defined(POLARSSL_FS_IO) +/* + * output = SHA-512( file contents ) + */ +int sha4_file( const char *path, unsigned char output[64], int is384 ) +{ + FILE *f; + size_t n; + sha4_context ctx; + unsigned char buf[1024]; + + if( ( f = fopen( path, "rb" ) ) == NULL ) + return( POLARSSL_ERR_SHA4_FILE_IO_ERROR ); + + sha4_starts( &ctx, is384 ); + + while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 ) + sha4_update( &ctx, buf, n ); + + sha4_finish( &ctx, output ); + + memset( &ctx, 0, sizeof( sha4_context ) ); + + if( ferror( f ) != 0 ) + { + fclose( f ); + return( POLARSSL_ERR_SHA4_FILE_IO_ERROR ); + } + + fclose( f ); + return( 0 ); +} +#endif /* POLARSSL_FS_IO */ + +/* + * SHA-512 HMAC context setup + */ +void sha4_hmac_starts( sha4_context *ctx, const unsigned char *key, size_t keylen, + int is384 ) +{ + size_t i; + unsigned char sum[64]; + + if( keylen > 128 ) + { + sha4( key, keylen, sum, is384 ); + keylen = ( is384 ) ? 48 : 64; + key = sum; + } + + memset( ctx->ipad, 0x36, 128 ); + memset( ctx->opad, 0x5C, 128 ); + + for( i = 0; i < keylen; i++ ) + { + ctx->ipad[i] = (unsigned char)( ctx->ipad[i] ^ key[i] ); + ctx->opad[i] = (unsigned char)( ctx->opad[i] ^ key[i] ); + } + + sha4_starts( ctx, is384 ); + sha4_update( ctx, ctx->ipad, 128 ); + + memset( sum, 0, sizeof( sum ) ); +} + +/* + * SHA-512 HMAC process buffer + */ +void sha4_hmac_update( sha4_context *ctx, + const unsigned char *input, size_t ilen ) +{ + sha4_update( ctx, input, ilen ); +} + +/* + * SHA-512 HMAC final digest + */ +void sha4_hmac_finish( sha4_context *ctx, unsigned char output[64] ) +{ + int is384, hlen; + unsigned char tmpbuf[64]; + + is384 = ctx->is384; + hlen = ( is384 == 0 ) ? 64 : 48; + + sha4_finish( ctx, tmpbuf ); + sha4_starts( ctx, is384 ); + sha4_update( ctx, ctx->opad, 128 ); + sha4_update( ctx, tmpbuf, hlen ); + sha4_finish( ctx, output ); + + memset( tmpbuf, 0, sizeof( tmpbuf ) ); +} + +/* + * SHA-512 HMAC context reset + */ +void sha4_hmac_reset( sha4_context *ctx ) +{ + sha4_starts( ctx, ctx->is384 ); + sha4_update( ctx, ctx->ipad, 128 ); +} + +/* + * output = HMAC-SHA-512( hmac key, input buffer ) + */ +void sha4_hmac( const unsigned char *key, size_t keylen, + const unsigned char *input, size_t ilen, + unsigned char output[64], int is384 ) +{ + sha4_context ctx; + + sha4_hmac_starts( &ctx, key, keylen, is384 ); + sha4_hmac_update( &ctx, input, ilen ); + sha4_hmac_finish( &ctx, output ); + + memset( &ctx, 0, sizeof( sha4_context ) ); +} + +#if defined(POLARSSL_SELF_TEST) + +/* + * FIPS-180-2 test vectors + */ +static unsigned char sha4_test_buf[3][113] = +{ + { "abc" }, + { "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmn" + "hijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" }, + { "" } +}; + +static const int sha4_test_buflen[3] = +{ + 3, 112, 1000 +}; + +static const unsigned char sha4_test_sum[6][64] = +{ + /* + * SHA-384 test vectors + */ + { 0xCB, 0x00, 0x75, 0x3F, 0x45, 0xA3, 0x5E, 0x8B, + 0xB5, 0xA0, 0x3D, 0x69, 0x9A, 0xC6, 0x50, 0x07, + 0x27, 0x2C, 0x32, 0xAB, 0x0E, 0xDE, 0xD1, 0x63, + 0x1A, 0x8B, 0x60, 0x5A, 0x43, 0xFF, 0x5B, 0xED, + 0x80, 0x86, 0x07, 0x2B, 0xA1, 0xE7, 0xCC, 0x23, + 0x58, 0xBA, 0xEC, 0xA1, 0x34, 0xC8, 0x25, 0xA7 }, + { 0x09, 0x33, 0x0C, 0x33, 0xF7, 0x11, 0x47, 0xE8, + 0x3D, 0x19, 0x2F, 0xC7, 0x82, 0xCD, 0x1B, 0x47, + 0x53, 0x11, 0x1B, 0x17, 0x3B, 0x3B, 0x05, 0xD2, + 0x2F, 0xA0, 0x80, 0x86, 0xE3, 0xB0, 0xF7, 0x12, + 0xFC, 0xC7, 0xC7, 0x1A, 0x55, 0x7E, 0x2D, 0xB9, + 0x66, 0xC3, 0xE9, 0xFA, 0x91, 0x74, 0x60, 0x39 }, + { 0x9D, 0x0E, 0x18, 0x09, 0x71, 0x64, 0x74, 0xCB, + 0x08, 0x6E, 0x83, 0x4E, 0x31, 0x0A, 0x4A, 0x1C, + 0xED, 0x14, 0x9E, 0x9C, 0x00, 0xF2, 0x48, 0x52, + 0x79, 0x72, 0xCE, 0xC5, 0x70, 0x4C, 0x2A, 0x5B, + 0x07, 0xB8, 0xB3, 0xDC, 0x38, 0xEC, 0xC4, 0xEB, + 0xAE, 0x97, 0xDD, 0xD8, 0x7F, 0x3D, 0x89, 0x85 }, + + /* + * SHA-512 test vectors + */ + { 0xDD, 0xAF, 0x35, 0xA1, 0x93, 0x61, 0x7A, 0xBA, + 0xCC, 0x41, 0x73, 0x49, 0xAE, 0x20, 0x41, 0x31, + 0x12, 0xE6, 0xFA, 0x4E, 0x89, 0xA9, 0x7E, 0xA2, + 0x0A, 0x9E, 0xEE, 0xE6, 0x4B, 0x55, 0xD3, 0x9A, + 0x21, 0x92, 0x99, 0x2A, 0x27, 0x4F, 0xC1, 0xA8, + 0x36, 0xBA, 0x3C, 0x23, 0xA3, 0xFE, 0xEB, 0xBD, + 0x45, 0x4D, 0x44, 0x23, 0x64, 0x3C, 0xE8, 0x0E, + 0x2A, 0x9A, 0xC9, 0x4F, 0xA5, 0x4C, 0xA4, 0x9F }, + { 0x8E, 0x95, 0x9B, 0x75, 0xDA, 0xE3, 0x13, 0xDA, + 0x8C, 0xF4, 0xF7, 0x28, 0x14, 0xFC, 0x14, 0x3F, + 0x8F, 0x77, 0x79, 0xC6, 0xEB, 0x9F, 0x7F, 0xA1, + 0x72, 0x99, 0xAE, 0xAD, 0xB6, 0x88, 0x90, 0x18, + 0x50, 0x1D, 0x28, 0x9E, 0x49, 0x00, 0xF7, 0xE4, + 0x33, 0x1B, 0x99, 0xDE, 0xC4, 0xB5, 0x43, 0x3A, + 0xC7, 0xD3, 0x29, 0xEE, 0xB6, 0xDD, 0x26, 0x54, + 0x5E, 0x96, 0xE5, 0x5B, 0x87, 0x4B, 0xE9, 0x09 }, + { 0xE7, 0x18, 0x48, 0x3D, 0x0C, 0xE7, 0x69, 0x64, + 0x4E, 0x2E, 0x42, 0xC7, 0xBC, 0x15, 0xB4, 0x63, + 0x8E, 0x1F, 0x98, 0xB1, 0x3B, 0x20, 0x44, 0x28, + 0x56, 0x32, 0xA8, 0x03, 0xAF, 0xA9, 0x73, 0xEB, + 0xDE, 0x0F, 0xF2, 0x44, 0x87, 0x7E, 0xA6, 0x0A, + 0x4C, 0xB0, 0x43, 0x2C, 0xE5, 0x77, 0xC3, 0x1B, + 0xEB, 0x00, 0x9C, 0x5C, 0x2C, 0x49, 0xAA, 0x2E, + 0x4E, 0xAD, 0xB2, 0x17, 0xAD, 0x8C, 0xC0, 0x9B } +}; + +/* + * RFC 4231 test vectors + */ +static unsigned char sha4_hmac_test_key[7][26] = +{ + { "\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B" + "\x0B\x0B\x0B\x0B" }, + { "Jefe" }, + { "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" + "\xAA\xAA\xAA\xAA" }, + { "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10" + "\x11\x12\x13\x14\x15\x16\x17\x18\x19" }, + { "\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C" + "\x0C\x0C\x0C\x0C" }, + { "" }, /* 0xAA 131 times */ + { "" } +}; + +static const int sha4_hmac_test_keylen[7] = +{ + 20, 4, 20, 25, 20, 131, 131 +}; + +static unsigned char sha4_hmac_test_buf[7][153] = +{ + { "Hi There" }, + { "what do ya want for nothing?" }, + { "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" }, + { "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" + "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" + "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" + "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" + "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" }, + { "Test With Truncation" }, + { "Test Using Larger Than Block-Size Key - Hash Key First" }, + { "This is a test using a larger than block-size key " + "and a larger than block-size data. The key needs to " + "be hashed before being used by the HMAC algorithm." } +}; + +static const int sha4_hmac_test_buflen[7] = +{ + 8, 28, 50, 50, 20, 54, 152 +}; + +static const unsigned char sha4_hmac_test_sum[14][64] = +{ + /* + * HMAC-SHA-384 test vectors + */ + { 0xAF, 0xD0, 0x39, 0x44, 0xD8, 0x48, 0x95, 0x62, + 0x6B, 0x08, 0x25, 0xF4, 0xAB, 0x46, 0x90, 0x7F, + 0x15, 0xF9, 0xDA, 0xDB, 0xE4, 0x10, 0x1E, 0xC6, + 0x82, 0xAA, 0x03, 0x4C, 0x7C, 0xEB, 0xC5, 0x9C, + 0xFA, 0xEA, 0x9E, 0xA9, 0x07, 0x6E, 0xDE, 0x7F, + 0x4A, 0xF1, 0x52, 0xE8, 0xB2, 0xFA, 0x9C, 0xB6 }, + { 0xAF, 0x45, 0xD2, 0xE3, 0x76, 0x48, 0x40, 0x31, + 0x61, 0x7F, 0x78, 0xD2, 0xB5, 0x8A, 0x6B, 0x1B, + 0x9C, 0x7E, 0xF4, 0x64, 0xF5, 0xA0, 0x1B, 0x47, + 0xE4, 0x2E, 0xC3, 0x73, 0x63, 0x22, 0x44, 0x5E, + 0x8E, 0x22, 0x40, 0xCA, 0x5E, 0x69, 0xE2, 0xC7, + 0x8B, 0x32, 0x39, 0xEC, 0xFA, 0xB2, 0x16, 0x49 }, + { 0x88, 0x06, 0x26, 0x08, 0xD3, 0xE6, 0xAD, 0x8A, + 0x0A, 0xA2, 0xAC, 0xE0, 0x14, 0xC8, 0xA8, 0x6F, + 0x0A, 0xA6, 0x35, 0xD9, 0x47, 0xAC, 0x9F, 0xEB, + 0xE8, 0x3E, 0xF4, 0xE5, 0x59, 0x66, 0x14, 0x4B, + 0x2A, 0x5A, 0xB3, 0x9D, 0xC1, 0x38, 0x14, 0xB9, + 0x4E, 0x3A, 0xB6, 0xE1, 0x01, 0xA3, 0x4F, 0x27 }, + { 0x3E, 0x8A, 0x69, 0xB7, 0x78, 0x3C, 0x25, 0x85, + 0x19, 0x33, 0xAB, 0x62, 0x90, 0xAF, 0x6C, 0xA7, + 0x7A, 0x99, 0x81, 0x48, 0x08, 0x50, 0x00, 0x9C, + 0xC5, 0x57, 0x7C, 0x6E, 0x1F, 0x57, 0x3B, 0x4E, + 0x68, 0x01, 0xDD, 0x23, 0xC4, 0xA7, 0xD6, 0x79, + 0xCC, 0xF8, 0xA3, 0x86, 0xC6, 0x74, 0xCF, 0xFB }, + { 0x3A, 0xBF, 0x34, 0xC3, 0x50, 0x3B, 0x2A, 0x23, + 0xA4, 0x6E, 0xFC, 0x61, 0x9B, 0xAE, 0xF8, 0x97 }, + { 0x4E, 0xCE, 0x08, 0x44, 0x85, 0x81, 0x3E, 0x90, + 0x88, 0xD2, 0xC6, 0x3A, 0x04, 0x1B, 0xC5, 0xB4, + 0x4F, 0x9E, 0xF1, 0x01, 0x2A, 0x2B, 0x58, 0x8F, + 0x3C, 0xD1, 0x1F, 0x05, 0x03, 0x3A, 0xC4, 0xC6, + 0x0C, 0x2E, 0xF6, 0xAB, 0x40, 0x30, 0xFE, 0x82, + 0x96, 0x24, 0x8D, 0xF1, 0x63, 0xF4, 0x49, 0x52 }, + { 0x66, 0x17, 0x17, 0x8E, 0x94, 0x1F, 0x02, 0x0D, + 0x35, 0x1E, 0x2F, 0x25, 0x4E, 0x8F, 0xD3, 0x2C, + 0x60, 0x24, 0x20, 0xFE, 0xB0, 0xB8, 0xFB, 0x9A, + 0xDC, 0xCE, 0xBB, 0x82, 0x46, 0x1E, 0x99, 0xC5, + 0xA6, 0x78, 0xCC, 0x31, 0xE7, 0x99, 0x17, 0x6D, + 0x38, 0x60, 0xE6, 0x11, 0x0C, 0x46, 0x52, 0x3E }, + + /* + * HMAC-SHA-512 test vectors + */ + { 0x87, 0xAA, 0x7C, 0xDE, 0xA5, 0xEF, 0x61, 0x9D, + 0x4F, 0xF0, 0xB4, 0x24, 0x1A, 0x1D, 0x6C, 0xB0, + 0x23, 0x79, 0xF4, 0xE2, 0xCE, 0x4E, 0xC2, 0x78, + 0x7A, 0xD0, 0xB3, 0x05, 0x45, 0xE1, 0x7C, 0xDE, + 0xDA, 0xA8, 0x33, 0xB7, 0xD6, 0xB8, 0xA7, 0x02, + 0x03, 0x8B, 0x27, 0x4E, 0xAE, 0xA3, 0xF4, 0xE4, + 0xBE, 0x9D, 0x91, 0x4E, 0xEB, 0x61, 0xF1, 0x70, + 0x2E, 0x69, 0x6C, 0x20, 0x3A, 0x12, 0x68, 0x54 }, + { 0x16, 0x4B, 0x7A, 0x7B, 0xFC, 0xF8, 0x19, 0xE2, + 0xE3, 0x95, 0xFB, 0xE7, 0x3B, 0x56, 0xE0, 0xA3, + 0x87, 0xBD, 0x64, 0x22, 0x2E, 0x83, 0x1F, 0xD6, + 0x10, 0x27, 0x0C, 0xD7, 0xEA, 0x25, 0x05, 0x54, + 0x97, 0x58, 0xBF, 0x75, 0xC0, 0x5A, 0x99, 0x4A, + 0x6D, 0x03, 0x4F, 0x65, 0xF8, 0xF0, 0xE6, 0xFD, + 0xCA, 0xEA, 0xB1, 0xA3, 0x4D, 0x4A, 0x6B, 0x4B, + 0x63, 0x6E, 0x07, 0x0A, 0x38, 0xBC, 0xE7, 0x37 }, + { 0xFA, 0x73, 0xB0, 0x08, 0x9D, 0x56, 0xA2, 0x84, + 0xEF, 0xB0, 0xF0, 0x75, 0x6C, 0x89, 0x0B, 0xE9, + 0xB1, 0xB5, 0xDB, 0xDD, 0x8E, 0xE8, 0x1A, 0x36, + 0x55, 0xF8, 0x3E, 0x33, 0xB2, 0x27, 0x9D, 0x39, + 0xBF, 0x3E, 0x84, 0x82, 0x79, 0xA7, 0x22, 0xC8, + 0x06, 0xB4, 0x85, 0xA4, 0x7E, 0x67, 0xC8, 0x07, + 0xB9, 0x46, 0xA3, 0x37, 0xBE, 0xE8, 0x94, 0x26, + 0x74, 0x27, 0x88, 0x59, 0xE1, 0x32, 0x92, 0xFB }, + { 0xB0, 0xBA, 0x46, 0x56, 0x37, 0x45, 0x8C, 0x69, + 0x90, 0xE5, 0xA8, 0xC5, 0xF6, 0x1D, 0x4A, 0xF7, + 0xE5, 0x76, 0xD9, 0x7F, 0xF9, 0x4B, 0x87, 0x2D, + 0xE7, 0x6F, 0x80, 0x50, 0x36, 0x1E, 0xE3, 0xDB, + 0xA9, 0x1C, 0xA5, 0xC1, 0x1A, 0xA2, 0x5E, 0xB4, + 0xD6, 0x79, 0x27, 0x5C, 0xC5, 0x78, 0x80, 0x63, + 0xA5, 0xF1, 0x97, 0x41, 0x12, 0x0C, 0x4F, 0x2D, + 0xE2, 0xAD, 0xEB, 0xEB, 0x10, 0xA2, 0x98, 0xDD }, + { 0x41, 0x5F, 0xAD, 0x62, 0x71, 0x58, 0x0A, 0x53, + 0x1D, 0x41, 0x79, 0xBC, 0x89, 0x1D, 0x87, 0xA6 }, + { 0x80, 0xB2, 0x42, 0x63, 0xC7, 0xC1, 0xA3, 0xEB, + 0xB7, 0x14, 0x93, 0xC1, 0xDD, 0x7B, 0xE8, 0xB4, + 0x9B, 0x46, 0xD1, 0xF4, 0x1B, 0x4A, 0xEE, 0xC1, + 0x12, 0x1B, 0x01, 0x37, 0x83, 0xF8, 0xF3, 0x52, + 0x6B, 0x56, 0xD0, 0x37, 0xE0, 0x5F, 0x25, 0x98, + 0xBD, 0x0F, 0xD2, 0x21, 0x5D, 0x6A, 0x1E, 0x52, + 0x95, 0xE6, 0x4F, 0x73, 0xF6, 0x3F, 0x0A, 0xEC, + 0x8B, 0x91, 0x5A, 0x98, 0x5D, 0x78, 0x65, 0x98 }, + { 0xE3, 0x7B, 0x6A, 0x77, 0x5D, 0xC8, 0x7D, 0xBA, + 0xA4, 0xDF, 0xA9, 0xF9, 0x6E, 0x5E, 0x3F, 0xFD, + 0xDE, 0xBD, 0x71, 0xF8, 0x86, 0x72, 0x89, 0x86, + 0x5D, 0xF5, 0xA3, 0x2D, 0x20, 0xCD, 0xC9, 0x44, + 0xB6, 0x02, 0x2C, 0xAC, 0x3C, 0x49, 0x82, 0xB1, + 0x0D, 0x5E, 0xEB, 0x55, 0xC3, 0xE4, 0xDE, 0x15, + 0x13, 0x46, 0x76, 0xFB, 0x6D, 0xE0, 0x44, 0x60, + 0x65, 0xC9, 0x74, 0x40, 0xFA, 0x8C, 0x6A, 0x58 } +}; + +/* + * Checkup routine + */ +int sha4_self_test( int verbose ) +{ + int i, j, k, buflen; + unsigned char buf[1024]; + unsigned char sha4sum[64]; + sha4_context ctx; + + for( i = 0; i < 6; i++ ) + { + j = i % 3; + k = i < 3; + + if( verbose != 0 ) + printf( " SHA-%d test #%d: ", 512 - k * 128, j + 1 ); + + sha4_starts( &ctx, k ); + + if( j == 2 ) + { + memset( buf, 'a', buflen = 1000 ); + + for( j = 0; j < 1000; j++ ) + sha4_update( &ctx, buf, buflen ); + } + else + sha4_update( &ctx, sha4_test_buf[j], + sha4_test_buflen[j] ); + + sha4_finish( &ctx, sha4sum ); + + if( memcmp( sha4sum, sha4_test_sum[i], 64 - k * 16 ) != 0 ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( 1 ); + } + + if( verbose != 0 ) + printf( "passed\n" ); + } + + if( verbose != 0 ) + printf( "\n" ); + + for( i = 0; i < 14; i++ ) + { + j = i % 7; + k = i < 7; + + if( verbose != 0 ) + printf( " HMAC-SHA-%d test #%d: ", 512 - k * 128, j + 1 ); + + if( j == 5 || j == 6 ) + { + memset( buf, '\xAA', buflen = 131 ); + sha4_hmac_starts( &ctx, buf, buflen, k ); + } + else + sha4_hmac_starts( &ctx, sha4_hmac_test_key[j], + sha4_hmac_test_keylen[j], k ); + + sha4_hmac_update( &ctx, sha4_hmac_test_buf[j], + sha4_hmac_test_buflen[j] ); + + sha4_hmac_finish( &ctx, sha4sum ); + + buflen = ( j == 4 ) ? 16 : 64 - k * 16; + + if( memcmp( sha4sum, sha4_hmac_test_sum[i], buflen ) != 0 ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( 1 ); + } + + if( verbose != 0 ) + printf( "passed\n" ); + } + + if( verbose != 0 ) + printf( "\n" ); + + return( 0 ); +} + +#endif + +#endif diff --git a/polarssl/sha4.h b/polarssl/sha4.h new file mode 100644 index 0000000..e2fd55a --- /dev/null +++ b/polarssl/sha4.h @@ -0,0 +1,186 @@ +/** + * \file sha4.h + * + * \brief SHA-384 and SHA-512 cryptographic hash function + * + * Copyright (C) 2006-2013, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef POLARSSL_SHA4_H +#define POLARSSL_SHA4_H + +#include "polarssl/config.h" + +#include + +#if defined(_MSC_VER) || defined(__WATCOMC__) + #define UL64(x) x##ui64 + typedef unsigned __int64 uint64_t; +#else + #include + #define UL64(x) x##ULL +#endif + +#define POLARSSL_ERR_SHA4_FILE_IO_ERROR -0x007A /**< Read/write error in file. */ + +#if !defined(POLARSSL_SHA1_ALT) +// Regular implementation +// + +/** + * \brief SHA-512 context structure + */ +typedef struct +{ + uint64_t total[2]; /*!< number of bytes processed */ + uint64_t state[8]; /*!< intermediate digest state */ + unsigned char buffer[128]; /*!< data block being processed */ + + unsigned char ipad[128]; /*!< HMAC: inner padding */ + unsigned char opad[128]; /*!< HMAC: outer padding */ + int is384; /*!< 0 => SHA-512, else SHA-384 */ +} +sha4_context; + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief SHA-512 context setup + * + * \param ctx context to be initialized + * \param is384 0 = use SHA512, 1 = use SHA384 + */ +void sha4_starts( sha4_context *ctx, int is384 ); + +/** + * \brief SHA-512 process buffer + * + * \param ctx SHA-512 context + * \param input buffer holding the data + * \param ilen length of the input data + */ +void sha4_update( sha4_context *ctx, const unsigned char *input, size_t ilen ); + +/** + * \brief SHA-512 final digest + * + * \param ctx SHA-512 context + * \param output SHA-384/512 checksum result + */ +void sha4_finish( sha4_context *ctx, unsigned char output[64] ); + +#ifdef __cplusplus +} +#endif + +#else /* POLARSSL_SHA4_ALT */ +#include "polarssl/sha4_alt.h" +#endif /* POLARSSL_SHA4_ALT */ + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief Output = SHA-512( input buffer ) + * + * \param input buffer holding the data + * \param ilen length of the input data + * \param output SHA-384/512 checksum result + * \param is384 0 = use SHA512, 1 = use SHA384 + */ +void sha4( const unsigned char *input, size_t ilen, + unsigned char output[64], int is384 ); + +/** + * \brief Output = SHA-512( file contents ) + * + * \param path input file name + * \param output SHA-384/512 checksum result + * \param is384 0 = use SHA512, 1 = use SHA384 + * + * \return 0 if successful, or POLARSSL_ERR_SHA4_FILE_IO_ERROR + */ +int sha4_file( const char *path, unsigned char output[64], int is384 ); + +/** + * \brief SHA-512 HMAC context setup + * + * \param ctx HMAC context to be initialized + * \param is384 0 = use SHA512, 1 = use SHA384 + * \param key HMAC secret key + * \param keylen length of the HMAC key + */ +void sha4_hmac_starts( sha4_context *ctx, const unsigned char *key, size_t keylen, + int is384 ); + +/** + * \brief SHA-512 HMAC process buffer + * + * \param ctx HMAC context + * \param input buffer holding the data + * \param ilen length of the input data + */ +void sha4_hmac_update( sha4_context *ctx, const unsigned char *input, size_t ilen ); + +/** + * \brief SHA-512 HMAC final digest + * + * \param ctx HMAC context + * \param output SHA-384/512 HMAC checksum result + */ +void sha4_hmac_finish( sha4_context *ctx, unsigned char output[64] ); + +/** + * \brief SHA-512 HMAC context reset + * + * \param ctx HMAC context to be reset + */ +void sha4_hmac_reset( sha4_context *ctx ); + +/** + * \brief Output = HMAC-SHA-512( hmac key, input buffer ) + * + * \param key HMAC secret key + * \param keylen length of the HMAC key + * \param input buffer holding the data + * \param ilen length of the input data + * \param output HMAC-SHA-384/512 result + * \param is384 0 = use SHA512, 1 = use SHA384 + */ +void sha4_hmac( const unsigned char *key, size_t keylen, + const unsigned char *input, size_t ilen, + unsigned char output[64], int is384 ); + +/** + * \brief Checkup routine + * + * \return 0 if successful, or 1 if the test failed + */ +int sha4_self_test( int verbose ); + +#ifdef __cplusplus +} +#endif + +#endif /* sha4.h */ diff --git a/polarssl/ssl.h b/polarssl/ssl.h new file mode 100644 index 0000000..5b2d978 --- /dev/null +++ b/polarssl/ssl.h @@ -0,0 +1,1140 @@ +/** + * \file ssl.h + * + * \brief SSL/TLS functions. + * + * Copyright (C) 2006-2013, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef POLARSSL_SSL_H +#define POLARSSL_SSL_H + +#include + +#include "polarssl/net.h" +#include "polarssl/rsa.h" +#include "polarssl/md5.h" +#include "polarssl/sha1.h" +#include "polarssl/sha2.h" +#include "polarssl/sha4.h" +#include "polarssl/x509.h" +#include "polarssl/config.h" + +#if defined(POLARSSL_DHM_C) +#include "polarssl/dhm.h" +#endif + +#if defined(POLARSSL_ZLIB_SUPPORT) +#include "polarssl/zlib.h" +#endif + +#if defined(_MSC_VER) && !defined(inline) +#define inline _inline +#else +#if defined(__ARMCC_VERSION) && !defined(inline) +#define inline __inline +#endif /* __ARMCC_VERSION */ +#endif /*_MSC_VER */ + +/* + * SSL Error codes + */ +#define POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE -0x7080 /**< The requested feature is not available. */ +#define POLARSSL_ERR_SSL_BAD_INPUT_DATA -0x7100 /**< Bad input parameters to function. */ +#define POLARSSL_ERR_SSL_INVALID_MAC -0x7180 /**< Verification of the message MAC failed. */ +#define POLARSSL_ERR_SSL_INVALID_RECORD -0x7200 /**< An invalid SSL record was received. */ +#define POLARSSL_ERR_SSL_CONN_EOF -0x7280 /**< The connection indicated an EOF. */ +#define POLARSSL_ERR_SSL_UNKNOWN_CIPHER -0x7300 /**< An unknown cipher was received. */ +#define POLARSSL_ERR_SSL_NO_CIPHER_CHOSEN -0x7380 /**< The server has no ciphersuites in common with the client. */ +#define POLARSSL_ERR_SSL_NO_SESSION_FOUND -0x7400 /**< No session to recover was found. */ +#define POLARSSL_ERR_SSL_NO_CLIENT_CERTIFICATE -0x7480 /**< No client certification received from the client, but required by the authentication mode. */ +#define POLARSSL_ERR_SSL_CERTIFICATE_TOO_LARGE -0x7500 /**< Our own certificate(s) is/are too large to send in an SSL message.*/ +#define POLARSSL_ERR_SSL_CERTIFICATE_REQUIRED -0x7580 /**< The own certificate is not set, but needed by the server. */ +#define POLARSSL_ERR_SSL_PRIVATE_KEY_REQUIRED -0x7600 /**< The own private key is not set, but needed. */ +#define POLARSSL_ERR_SSL_CA_CHAIN_REQUIRED -0x7680 /**< No CA Chain is set, but required to operate. */ +#define POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE -0x7700 /**< An unexpected message was received from our peer. */ +#define POLARSSL_ERR_SSL_FATAL_ALERT_MESSAGE -0x7780 /**< A fatal alert message was received from our peer. */ +#define POLARSSL_ERR_SSL_PEER_VERIFY_FAILED -0x7800 /**< Verification of our peer failed. */ +#define POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY -0x7880 /**< The peer notified us that the connection is going to be closed. */ +#define POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO -0x7900 /**< Processing of the ClientHello handshake message failed. */ +#define POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO -0x7980 /**< Processing of the ServerHello handshake message failed. */ +#define POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE -0x7A00 /**< Processing of the Certificate handshake message failed. */ +#define POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST -0x7A80 /**< Processing of the CertificateRequest handshake message failed. */ +#define POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE -0x7B00 /**< Processing of the ServerKeyExchange handshake message failed. */ +#define POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO_DONE -0x7B80 /**< Processing of the ServerHelloDone handshake message failed. */ +#define POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE -0x7C00 /**< Processing of the ClientKeyExchange handshake message failed. */ +#define POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_DHM_RP -0x7C80 /**< Processing of the ClientKeyExchange handshake message failed in DHM Read Public. */ +#define POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_DHM_CS -0x7D00 /**< Processing of the ClientKeyExchange handshake message failed in DHM Calculate Secret. */ +#define POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY -0x7D80 /**< Processing of the CertificateVerify handshake message failed. */ +#define POLARSSL_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC -0x7E00 /**< Processing of the ChangeCipherSpec handshake message failed. */ +#define POLARSSL_ERR_SSL_BAD_HS_FINISHED -0x7E80 /**< Processing of the Finished handshake message failed. */ +#define POLARSSL_ERR_SSL_MALLOC_FAILED -0x7F00 /**< Memory allocation failed */ +#define POLARSSL_ERR_SSL_HW_ACCEL_FAILED -0x7F80 /**< Hardware acceleration function returned with error */ +#define POLARSSL_ERR_SSL_HW_ACCEL_FALLTHROUGH -0x6F80 /**< Hardware acceleration function skipped / left alone data */ +#define POLARSSL_ERR_SSL_COMPRESSION_FAILED -0x6F00 /**< Processing of the compression / decompression failed */ +#define POLARSSL_ERR_SSL_BAD_HS_PROTOCOL_VERSION -0x6E80 /**< Handshake protocol not within min/max boundaries */ + +/* + * Various constants + */ +#define SSL_MAJOR_VERSION_3 3 +#define SSL_MINOR_VERSION_0 0 /*!< SSL v3.0 */ +#define SSL_MINOR_VERSION_1 1 /*!< TLS v1.0 */ +#define SSL_MINOR_VERSION_2 2 /*!< TLS v1.1 */ +#define SSL_MINOR_VERSION_3 3 /*!< TLS v1.2 */ + +#define SSL_IS_CLIENT 0 +#define SSL_IS_SERVER 1 +#define SSL_COMPRESS_NULL 0 +#define SSL_COMPRESS_DEFLATE 1 + +#define SSL_VERIFY_NONE 0 +#define SSL_VERIFY_OPTIONAL 1 +#define SSL_VERIFY_REQUIRED 2 + +#define SSL_INITIAL_HANDSHAKE 0 +#define SSL_RENEGOTIATION 1 + +#define SSL_LEGACY_RENEGOTIATION 0 +#define SSL_SECURE_RENEGOTIATION 1 + +#define SSL_RENEGOTIATION_DISABLED 0 +#define SSL_RENEGOTIATION_ENABLED 1 + +#define SSL_LEGACY_NO_RENEGOTIATION 0 +#define SSL_LEGACY_ALLOW_RENEGOTIATION 1 +#define SSL_LEGACY_BREAK_HANDSHAKE 2 + +/* + * Size of the input / output buffer. + * Note: the RFC defines the default size of SSL / TLS messages. If you + * change the value here, other clients / servers may not be able to + * communicate with you anymore. Only change this value if you control + * both sides of the connection and have it reduced at both sides! + */ +#if !defined(POLARSSL_CONFIG_OPTIONS) +#define SSL_MAX_CONTENT_LEN 16384 /**< Size of the input / output buffer */ +#endif /* !POLARSSL_CONFIG_OPTIONS */ + +/* + * Allow an extra 512 bytes for the record header + * and encryption overhead (counter + MAC + padding) + * and allow for a maximum of 1024 of compression expansion if + * enabled. + */ +#if defined(POLARSSL_ZLIB_SUPPORT) +#define SSL_COMPRESSION_ADD 1024 +#else +#define SSL_COMPRESSION_ADD 0 +#endif + +#define SSL_BUFFER_LEN (SSL_MAX_CONTENT_LEN + SSL_COMPRESSION_ADD + 512) + +/* + * Supported ciphersuites (Official IANA names) + */ +#define TLS_RSA_WITH_NULL_MD5 0x01 /**< Weak! */ +#define TLS_RSA_WITH_NULL_SHA 0x02 /**< Weak! */ +#define TLS_RSA_WITH_NULL_SHA256 0x3B /**< Weak! */ +#define TLS_RSA_WITH_DES_CBC_SHA 0x09 /**< Weak! Not in TLS 1.2 */ +#define TLS_DHE_RSA_WITH_DES_CBC_SHA 0x15 /**< Weak! Not in TLS 1.2 */ + +#define TLS_RSA_WITH_RC4_128_MD5 0x04 +#define TLS_RSA_WITH_RC4_128_SHA 0x05 + +#define TLS_RSA_WITH_3DES_EDE_CBC_SHA 0x0A +#define TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA 0x16 + +#define TLS_RSA_WITH_AES_128_CBC_SHA 0x2F +#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA 0x33 +#define TLS_RSA_WITH_AES_256_CBC_SHA 0x35 +#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA 0x39 +#define TLS_RSA_WITH_AES_128_CBC_SHA256 0x3C /**< TLS 1.2 */ +#define TLS_RSA_WITH_AES_256_CBC_SHA256 0x3D /**< TLS 1.2 */ +#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 0x67 /**< TLS 1.2 */ +#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 0x6B /**< TLS 1.2 */ + +#define TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 0x41 +#define TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 0x45 +#define TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 0x84 +#define TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 0x88 +#define TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBA /**< TLS 1.2 */ +#define TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBE /**< TLS 1.2 */ +#define TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC0 /**< TLS 1.2 */ +#define TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC4 /**< TLS 1.2 */ + +#define TLS_RSA_WITH_AES_128_GCM_SHA256 0x9C +#define TLS_RSA_WITH_AES_256_GCM_SHA384 0x9D +#define TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 0x9E +#define TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 0x9F + +#define SSL_EMPTY_RENEGOTIATION_INFO 0xFF /**< renegotiation info ext */ + +/* + * Supported Signature and Hash algorithms (For TLS 1.2) + */ +#define SSL_HASH_NONE 0 +#define SSL_HASH_MD5 1 +#define SSL_HASH_SHA1 2 +#define SSL_HASH_SHA224 3 +#define SSL_HASH_SHA256 4 +#define SSL_HASH_SHA384 5 +#define SSL_HASH_SHA512 6 + +#define SSL_SIG_RSA 1 + +/* + * Client Certificate Types + */ +#define SSL_CERT_TYPE_RSA_SIGN 1 + +/* + * Message, alert and handshake types + */ +#define SSL_MSG_CHANGE_CIPHER_SPEC 20 +#define SSL_MSG_ALERT 21 +#define SSL_MSG_HANDSHAKE 22 +#define SSL_MSG_APPLICATION_DATA 23 + +#define SSL_ALERT_LEVEL_WARNING 1 +#define SSL_ALERT_LEVEL_FATAL 2 + +#define SSL_ALERT_MSG_CLOSE_NOTIFY 0 /* 0x00 */ +#define SSL_ALERT_MSG_UNEXPECTED_MESSAGE 10 /* 0x0A */ +#define SSL_ALERT_MSG_BAD_RECORD_MAC 20 /* 0x14 */ +#define SSL_ALERT_MSG_DECRYPTION_FAILED 21 /* 0x15 */ +#define SSL_ALERT_MSG_RECORD_OVERFLOW 22 /* 0x16 */ +#define SSL_ALERT_MSG_DECOMPRESSION_FAILURE 30 /* 0x1E */ +#define SSL_ALERT_MSG_HANDSHAKE_FAILURE 40 /* 0x28 */ +#define SSL_ALERT_MSG_NO_CERT 41 /* 0x29 */ +#define SSL_ALERT_MSG_BAD_CERT 42 /* 0x2A */ +#define SSL_ALERT_MSG_UNSUPPORTED_CERT 43 /* 0x2B */ +#define SSL_ALERT_MSG_CERT_REVOKED 44 /* 0x2C */ +#define SSL_ALERT_MSG_CERT_EXPIRED 45 /* 0x2D */ +#define SSL_ALERT_MSG_CERT_UNKNOWN 46 /* 0x2E */ +#define SSL_ALERT_MSG_ILLEGAL_PARAMETER 47 /* 0x2F */ +#define SSL_ALERT_MSG_UNKNOWN_CA 48 /* 0x30 */ +#define SSL_ALERT_MSG_ACCESS_DENIED 49 /* 0x31 */ +#define SSL_ALERT_MSG_DECODE_ERROR 50 /* 0x32 */ +#define SSL_ALERT_MSG_DECRYPT_ERROR 51 /* 0x33 */ +#define SSL_ALERT_MSG_EXPORT_RESTRICTION 60 /* 0x3C */ +#define SSL_ALERT_MSG_PROTOCOL_VERSION 70 /* 0x46 */ +#define SSL_ALERT_MSG_INSUFFICIENT_SECURITY 71 /* 0x47 */ +#define SSL_ALERT_MSG_INTERNAL_ERROR 80 /* 0x50 */ +#define SSL_ALERT_MSG_USER_CANCELED 90 /* 0x5A */ +#define SSL_ALERT_MSG_NO_RENEGOTIATION 100 /* 0x64 */ +#define SSL_ALERT_MSG_UNSUPPORTED_EXT 110 /* 0x6E */ +#define SSL_ALERT_MSG_UNRECOGNIZED_NAME 112 /* 0x70 */ + +#define SSL_HS_HELLO_REQUEST 0 +#define SSL_HS_CLIENT_HELLO 1 +#define SSL_HS_SERVER_HELLO 2 +#define SSL_HS_CERTIFICATE 11 +#define SSL_HS_SERVER_KEY_EXCHANGE 12 +#define SSL_HS_CERTIFICATE_REQUEST 13 +#define SSL_HS_SERVER_HELLO_DONE 14 +#define SSL_HS_CERTIFICATE_VERIFY 15 +#define SSL_HS_CLIENT_KEY_EXCHANGE 16 +#define SSL_HS_FINISHED 20 + +/* + * TLS extensions + */ +#define TLS_EXT_SERVERNAME 0 +#define TLS_EXT_SERVERNAME_HOSTNAME 0 + +#define TLS_EXT_SIG_ALG 13 + +#define TLS_EXT_RENEGOTIATION_INFO 0xFF01 + + +/* + * Generic function pointers for allowing external RSA private key + * implementations. + */ +typedef int (*rsa_decrypt_func)( void *ctx, int mode, size_t *olen, + const unsigned char *input, unsigned char *output, + size_t output_max_len ); +typedef int (*rsa_sign_func)( void *ctx, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, + int mode, int hash_id, unsigned int hashlen, + const unsigned char *hash, unsigned char *sig ); +typedef size_t (*rsa_key_len_func)( void *ctx ); + +/* + * SSL state machine + */ +typedef enum +{ + SSL_HELLO_REQUEST, + SSL_CLIENT_HELLO, + SSL_SERVER_HELLO, + SSL_SERVER_CERTIFICATE, + SSL_SERVER_KEY_EXCHANGE, + SSL_CERTIFICATE_REQUEST, + SSL_SERVER_HELLO_DONE, + SSL_CLIENT_CERTIFICATE, + SSL_CLIENT_KEY_EXCHANGE, + SSL_CERTIFICATE_VERIFY, + SSL_CLIENT_CHANGE_CIPHER_SPEC, + SSL_CLIENT_FINISHED, + SSL_SERVER_CHANGE_CIPHER_SPEC, + SSL_SERVER_FINISHED, + SSL_FLUSH_BUFFERS, + SSL_HANDSHAKE_WRAPUP, + SSL_HANDSHAKE_OVER +} +ssl_states; + +typedef struct _ssl_session ssl_session; +typedef struct _ssl_context ssl_context; +typedef struct _ssl_transform ssl_transform; +typedef struct _ssl_handshake_params ssl_handshake_params; + +/* + * This structure is used for storing current session data. + */ +struct _ssl_session +{ + time_t start; /*!< starting time */ + int ciphersuite; /*!< chosen ciphersuite */ + int compression; /*!< chosen compression */ + size_t length; /*!< session id length */ + unsigned char id[32]; /*!< session identifier */ + unsigned char master[48]; /*!< the master secret */ + x509_cert *peer_cert; /*!< peer X.509 cert chain */ +}; + +/* + * This structure contains a full set of runtime transform parameters + * either in negotiation or active. + */ +struct _ssl_transform +{ + /* + * Session specific crypto layer + */ + unsigned int keylen; /*!< symmetric key length */ + size_t minlen; /*!< min. ciphertext length */ + size_t ivlen; /*!< IV length */ + size_t fixed_ivlen; /*!< Fixed part of IV (AEAD) */ + size_t maclen; /*!< MAC length */ + + unsigned char iv_enc[16]; /*!< IV (encryption) */ + unsigned char iv_dec[16]; /*!< IV (decryption) */ + + unsigned char mac_enc[32]; /*!< MAC (encryption) */ + unsigned char mac_dec[32]; /*!< MAC (decryption) */ + + uint32_t ctx_enc[136]; /*!< encryption context */ + uint32_t ctx_dec[136]; /*!< decryption context */ + + /* + * Session specific compression layer + */ +#if defined(POLARSSL_ZLIB_SUPPORT) + z_stream ctx_deflate; /*!< compression context */ + z_stream ctx_inflate; /*!< decompression context */ +#endif +}; + +/* + * This structure contains the parameters only needed during handshake. + */ +struct _ssl_handshake_params +{ + /* + * Handshake specific crypto variables + */ + int sig_alg; /*!< Signature algorithm */ + int cert_type; /*!< Requested cert type */ + int verify_sig_alg; /*!< Signature algorithm for verify */ +#if defined(POLARSSL_DHM_C) + dhm_context dhm_ctx; /*!< DHM key exchange */ +#endif + + /* + * Checksum contexts + */ + md5_context fin_md5; + sha1_context fin_sha1; + sha2_context fin_sha2; + sha4_context fin_sha4; + + void (*update_checksum)(ssl_context *, unsigned char *, size_t); + void (*calc_verify)(ssl_context *, unsigned char *); + void (*calc_finished)(ssl_context *, unsigned char *, int); + int (*tls_prf)(unsigned char *, size_t, char *, + unsigned char *, size_t, + unsigned char *, size_t); + + size_t pmslen; /*!< premaster length */ + + unsigned char randbytes[64]; /*!< random bytes */ + unsigned char premaster[POLARSSL_MPI_MAX_SIZE]; + /*!< premaster secret */ + + int resume; /*!< session resume indicator*/ +}; + +struct _ssl_context +{ + /* + * Miscellaneous + */ + int state; /*!< SSL handshake: current state */ + int renegotiation; /*!< Initial or renegotiation */ + + int major_ver; /*!< equal to SSL_MAJOR_VERSION_3 */ + int minor_ver; /*!< either 0 (SSL3) or 1 (TLS1.0) */ + + int max_major_ver; /*!< max. major version from client */ + int max_minor_ver; /*!< max. minor version from client */ + int min_major_ver; /*!< min. major version accepted */ + int min_minor_ver; /*!< min. minor version accepted */ + + /* + * Callbacks (RNG, debug, I/O, verification) + */ + int (*f_rng)(void *, unsigned char *, size_t); + void (*f_dbg)(void *, int, const char *); + int (*f_recv)(void *, unsigned char *, size_t); + int (*f_send)(void *, const unsigned char *, size_t); + int (*f_vrfy)(void *, x509_cert *, int, int *); + int (*f_get_cache)(void *, ssl_session *); + int (*f_set_cache)(void *, const ssl_session *); + int (*f_sni)(void *, ssl_context *, const unsigned char *, size_t); + + void *p_rng; /*!< context for the RNG function */ + void *p_dbg; /*!< context for the debug function */ + void *p_recv; /*!< context for reading operations */ + void *p_send; /*!< context for writing operations */ + void *p_vrfy; /*!< context for verification */ + void *p_get_cache; /*!< context for cache retrieval */ + void *p_set_cache; /*!< context for cache store */ + void *p_sni; /*!< context for SNI extension */ + void *p_hw_data; /*!< context for HW acceleration */ + + /* + * Session layer + */ + ssl_session *session_in; /*!< current session data (in) */ + ssl_session *session_out; /*!< current session data (out) */ + ssl_session *session; /*!< negotiated session data */ + ssl_session *session_negotiate; /*!< session data in negotiation */ + + ssl_handshake_params *handshake; /*!< params required only during + the handshake process */ + + /* + * Record layer transformations + */ + ssl_transform *transform_in; /*!< current transform params (in) */ + ssl_transform *transform_out; /*!< current transform params (in) */ + ssl_transform *transform; /*!< negotiated transform params */ + ssl_transform *transform_negotiate; /*!< transform params in negotiation */ + + /* + * Record layer (incoming data) + */ + unsigned char *in_ctr; /*!< 64-bit incoming message counter */ + unsigned char *in_hdr; /*!< 5-byte record header (in_ctr+8) */ + unsigned char *in_msg; /*!< the message contents (in_hdr+5) */ + unsigned char *in_offt; /*!< read offset in application data */ + + int in_msgtype; /*!< record header: message type */ + size_t in_msglen; /*!< record header: message length */ + size_t in_left; /*!< amount of data read so far */ + + size_t in_hslen; /*!< current handshake message length */ + int nb_zero; /*!< # of 0-length encrypted messages */ + + /* + * Record layer (outgoing data) + */ + unsigned char *out_ctr; /*!< 64-bit outgoing message counter */ + unsigned char *out_hdr; /*!< 5-byte record header (out_ctr+8) */ + unsigned char *out_msg; /*!< the message contents (out_hdr+32)*/ + + int out_msgtype; /*!< record header: message type */ + size_t out_msglen; /*!< record header: message length */ + size_t out_left; /*!< amount of data not yet written */ + + /* + * PKI layer + */ + void *rsa_key; /*!< own RSA private key */ + rsa_decrypt_func rsa_decrypt; /*!< function for RSA decrypt*/ + rsa_sign_func rsa_sign; /*!< function for RSA sign */ + rsa_key_len_func rsa_key_len; /*!< function for RSA key len*/ + + x509_cert *own_cert; /*!< own X.509 certificate */ + x509_cert *ca_chain; /*!< own trusted CA chain */ + x509_crl *ca_crl; /*!< trusted CA CRLs */ + const char *peer_cn; /*!< expected peer CN */ + + /* + * User settings + */ + int endpoint; /*!< 0: client, 1: server */ + int authmode; /*!< verification mode */ + int client_auth; /*!< flag for client auth. */ + int verify_result; /*!< verification result */ + int disable_renegotiation; /*!< enable/disable renegotiation */ + int allow_legacy_renegotiation; /*!< allow legacy renegotiation */ + const int **ciphersuites; /*!< allowed ciphersuites / version */ + +#if defined(POLARSSL_DHM_C) + mpi dhm_P; /*!< prime modulus for DHM */ + mpi dhm_G; /*!< generator for DHM */ +#endif + + /* + * TLS extensions + */ + unsigned char *hostname; + size_t hostname_len; + + /* + * Secure renegotiation + */ + int secure_renegotiation; /*!< does peer support legacy or + secure renegotiation */ + size_t verify_data_len; /*!< length of verify data stored */ + char own_verify_data[36]; /*!< previous handshake verify data */ + char peer_verify_data[36]; /*!< previous handshake verify data */ +}; + +#ifdef __cplusplus +extern "C" { +#endif + +extern const int ssl_default_ciphersuites[]; + +#if defined(POLARSSL_SSL_HW_RECORD_ACCEL) +extern int (*ssl_hw_record_init)(ssl_context *ssl, + const unsigned char *key_enc, const unsigned char *key_dec, + const unsigned char *iv_enc, const unsigned char *iv_dec, + const unsigned char *mac_enc, const unsigned char *mac_dec); +extern int (*ssl_hw_record_reset)(ssl_context *ssl); +extern int (*ssl_hw_record_write)(ssl_context *ssl); +extern int (*ssl_hw_record_read)(ssl_context *ssl); +extern int (*ssl_hw_record_finish)(ssl_context *ssl); +#endif + +/** + * \brief Returns the list of ciphersuites supported by the SSL/TLS module. + * + * \return a statically allocated array of ciphersuites, the last + * entry is 0. + */ +static inline const int *ssl_list_ciphersuites( void ) +{ + return ssl_default_ciphersuites; +} + +/** + * \brief Return the name of the ciphersuite associated with the given + * ID + * + * \param ciphersuite_id SSL ciphersuite ID + * + * \return a string containing the ciphersuite name + */ +const char *ssl_get_ciphersuite_name( const int ciphersuite_id ); + +/** + * \brief Return the ID of the ciphersuite associated with the given + * name + * + * \param ciphersuite_name SSL ciphersuite name + * + * \return the ID with the ciphersuite or 0 if not found + */ +int ssl_get_ciphersuite_id( const char *ciphersuite_name ); + +/** + * \brief Initialize an SSL context + * + * \param ssl SSL context + * + * \return 0 if successful, or POLARSSL_ERR_SSL_MALLOC_FAILED if + * memory allocation failed + */ +int ssl_init( ssl_context *ssl ); + +/** + * \brief Reset an already initialized SSL context for re-use + * while retaining application-set variables, function + * pointers and data. + * + * \param ssl SSL context + * \return 0 if successful, or POLASSL_ERR_SSL_MALLOC_FAILED, + POLARSSL_ERR_SSL_HW_ACCEL_FAILED or + * POLARSSL_ERR_SSL_COMPRESSION_FAILED + */ +int ssl_session_reset( ssl_context *ssl ); + +/** + * \brief Set the current endpoint type + * + * \param ssl SSL context + * \param endpoint must be SSL_IS_CLIENT or SSL_IS_SERVER + */ +void ssl_set_endpoint( ssl_context *ssl, int endpoint ); + +/** + * \brief Set the certificate verification mode + * + * \param ssl SSL context + * \param authmode can be: + * + * SSL_VERIFY_NONE: peer certificate is not checked (default), + * this is insecure and SHOULD be avoided. + * + * SSL_VERIFY_OPTIONAL: peer certificate is checked, however the + * handshake continues even if verification failed; + * ssl_get_verify_result() can be called after the + * handshake is complete. + * + * SSL_VERIFY_REQUIRED: peer *must* present a valid certificate, + * handshake is aborted if verification failed. + */ +void ssl_set_authmode( ssl_context *ssl, int authmode ); + +/** + * \brief Set the verification callback (Optional). + * + * If set, the verify callback is called for each + * certificate in the chain. For implementation + * information, please see \c x509parse_verify() + * + * \param ssl SSL context + * \param f_vrfy verification function + * \param p_vrfy verification parameter + */ +void ssl_set_verify( ssl_context *ssl, + int (*f_vrfy)(void *, x509_cert *, int, int *), + void *p_vrfy ); + +/** + * \brief Set the random number generator callback + * + * \param ssl SSL context + * \param f_rng RNG function + * \param p_rng RNG parameter + */ +void ssl_set_rng( ssl_context *ssl, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ); + +/** + * \brief Set the debug callback + * + * \param ssl SSL context + * \param f_dbg debug function + * \param p_dbg debug parameter + */ +void ssl_set_dbg( ssl_context *ssl, + void (*f_dbg)(void *, int, const char *), + void *p_dbg ); + +/** + * \brief Set the underlying BIO read and write callbacks + * + * \param ssl SSL context + * \param f_recv read callback + * \param p_recv read parameter + * \param f_send write callback + * \param p_send write parameter + */ +void ssl_set_bio( ssl_context *ssl, + int (*f_recv)(void *, unsigned char *, size_t), void *p_recv, + int (*f_send)(void *, const unsigned char *, size_t), void *p_send ); + +/** + * \brief Set the session cache callbacks (server-side only) + * If not set, no session resuming is done. + * + * The session cache has the responsibility to check for stale + * entries based on timeout. See RFC 5246 for recommendations. + * + * Warning: session.peer_cert is cleared by the SSL/TLS layer on + * connection shutdown, so do not cache the pointer! Either set + * it to NULL or make a full copy of the certificate. + * + * The get callback is called once during the initial handshake + * to enable session resuming. The get function has the + * following parameters: (void *parameter, ssl_session *session) + * If a valid entry is found, it should fill the master of + * the session object with the cached values and return 0, + * return 1 otherwise. Optionally peer_cert can be set as well + * if it is properly present in cache entry. + * + * The set callback is called once during the initial handshake + * to enable session resuming after the entire handshake has + * been finished. The set function has the following parameters: + * (void *parameter, const ssl_session *session). The function + * should create a cache entry for future retrieval based on + * the data in the session structure and should keep in mind + * that the ssl_session object presented (and all its referenced + * data) is cleared by the SSL/TLS layer when the connection is + * terminated. It is recommended to add metadata to determine if + * an entry is still valid in the future. Return 0 if + * successfully cached, return 1 otherwise. + * + * \param ssl SSL context + * \param f_get_cache session get callback + * \param p_get_cache session get parameter + * \param f_set_cache session set callback + * \param p_set_cache session set parameter + */ +void ssl_set_session_cache( ssl_context *ssl, + int (*f_get_cache)(void *, ssl_session *), void *p_get_cache, + int (*f_set_cache)(void *, const ssl_session *), void *p_set_cache ); + +/** + * \brief Request resumption of session (client-side only) + * Session data is copied from presented session structure. + * + * Warning: session.peer_cert is cleared by the SSL/TLS layer on + * connection shutdown, so do not cache the pointer! Either set + * it to NULL or make a full copy of the certificate when + * storing the session for use in this function. + * + * \param ssl SSL context + * \param session session context + */ +void ssl_set_session( ssl_context *ssl, const ssl_session *session ); + +/** + * \brief Set the list of allowed ciphersuites + * (Default: ssl_default_ciphersuites) + * (Overrides all version specific lists) + * + * \param ssl SSL context + * \param ciphersuites 0-terminated list of allowed ciphersuites + */ +void ssl_set_ciphersuites( ssl_context *ssl, const int *ciphersuites ); + +/** + * \brief Set the list of allowed ciphersuites for a specific + * version of the protocol. + * (Default: ssl_default_ciphersuites) + * (Only useful on the server side) + * + * \param ssl SSL context + * \param ciphersuites 0-terminated list of allowed ciphersuites + * \param major Major version number (only SSL_MAJOR_VERSION_3 + * supported) + * \param minor Minor version number (SSL_MINOR_VERSION_0, + * SSL_MINOR_VERSION_1 and SSL_MINOR_VERSION_2, + * SSL_MINOR_VERSION_3 supported) + */ +void ssl_set_ciphersuites_for_version( ssl_context *ssl, + const int *ciphersuites, + int major, int minor ); + +/** + * \brief Set the data required to verify peer certificate + * + * \param ssl SSL context + * \param ca_chain trusted CA chain (meaning all fully trusted top-level CAs) + * \param ca_crl trusted CA CRLs + * \param peer_cn expected peer CommonName (or NULL) + */ +void ssl_set_ca_chain( ssl_context *ssl, x509_cert *ca_chain, + x509_crl *ca_crl, const char *peer_cn ); + +/** + * \brief Set own certificate chain and private key + * + * Note: own_cert should contain IN order from the bottom + * up your certificate chain. The top certificate (self-signed) + * can be omitted. + * + * \param ssl SSL context + * \param own_cert own public certificate chain + * \param rsa_key own private RSA key + */ +void ssl_set_own_cert( ssl_context *ssl, x509_cert *own_cert, + rsa_context *rsa_key ); + +/** + * \brief Set own certificate and alternate non-PolarSSL private + * key and handling callbacks, such as the PKCS#11 wrappers + * or any other external private key handler. + * (see the respective RSA functions in rsa.h for documentation + * of the callback parameters, with the only change being + * that the rsa_context * is a void * in the callbacks) + * + * Note: own_cert should contain IN order from the bottom + * up your certificate chain. The top certificate (self-signed) + * can be omitted. + * + * \param ssl SSL context + * \param own_cert own public certificate chain + * \param rsa_key alternate implementation private RSA key + * \param rsa_decrypt_func alternate implementation of \c rsa_pkcs1_decrypt() + * \param rsa_sign_func alternate implementation of \c rsa_pkcs1_sign() + * \param rsa_key_len_func function returning length of RSA key in bytes + */ +void ssl_set_own_cert_alt( ssl_context *ssl, x509_cert *own_cert, + void *rsa_key, + rsa_decrypt_func rsa_decrypt, + rsa_sign_func rsa_sign, + rsa_key_len_func rsa_key_len ); + +#if defined(POLARSSL_DHM_C) +/** + * \brief Set the Diffie-Hellman public P and G values, + * read as hexadecimal strings (server-side only) + * (Default: POLARSSL_DHM_RFC5114_MODP_1024_[PG]) + * + * \param ssl SSL context + * \param dhm_P Diffie-Hellman-Merkle modulus + * \param dhm_G Diffie-Hellman-Merkle generator + * + * \return 0 if successful + */ +int ssl_set_dh_param( ssl_context *ssl, const char *dhm_P, const char *dhm_G ); + +/** + * \brief Set the Diffie-Hellman public P and G values, + * read from existing context (server-side only) + * + * \param ssl SSL context + * \param dhm_ctx Diffie-Hellman-Merkle context + * + * \return 0 if successful + */ +int ssl_set_dh_param_ctx( ssl_context *ssl, dhm_context *dhm_ctx ); +#endif + +/** + * \brief Set hostname for ServerName TLS extension + * (client-side only) + * + * + * \param ssl SSL context + * \param hostname the server hostname + * + * \return 0 if successful or POLARSSL_ERR_SSL_MALLOC_FAILED + */ +int ssl_set_hostname( ssl_context *ssl, const char *hostname ); + +/** + * \brief Set server side ServerName TLS extension callback + * (optional, server-side only). + * + * If set, the ServerName callback is called whenever the + * server receives a ServerName TLS extension from the client + * during a handshake. The ServerName callback has the + * following parameters: (void *parameter, ssl_context *ssl, + * const unsigned char *hostname, size_t len). If a suitable + * certificate is found, the callback should set the + * certificate and key to use with ssl_set_own_cert() (and + * possibly adjust the CA chain as well) and return 0. The + * callback should return -1 to abort the handshake at this + * point. + * + * \param ssl SSL context + * \param f_sni verification function + * \param p_sni verification parameter + */ +void ssl_set_sni( ssl_context *ssl, + int (*f_sni)(void *, ssl_context *, const unsigned char *, + size_t), + void *p_sni ); + +/** + * \brief Set the maximum supported version sent from the client side + * + * \param ssl SSL context + * \param major Major version number (only SSL_MAJOR_VERSION_3 supported) + * \param minor Minor version number (SSL_MINOR_VERSION_0, + * SSL_MINOR_VERSION_1 and SSL_MINOR_VERSION_2, + * SSL_MINOR_VERSION_3 supported) + */ +void ssl_set_max_version( ssl_context *ssl, int major, int minor ); + + +/** + * \brief Set the minimum accepted SSL/TLS protocol version + * (Default: SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0) + * + * \param ssl SSL context + * \param major Major version number (only SSL_MAJOR_VERSION_3 supported) + * \param minor Minor version number (SSL_MINOR_VERSION_0, + * SSL_MINOR_VERSION_1 and SSL_MINOR_VERSION_2, + * SSL_MINOR_VERSION_3 supported) + */ +void ssl_set_min_version( ssl_context *ssl, int major, int minor ); + +/** + * \brief Enable / Disable renegotiation support for connection when + * initiated by peer + * (Default: SSL_RENEGOTIATION_DISABLED) + * + * Note: A server with support enabled is more vulnerable for a + * resource DoS by a malicious client. You should enable this on + * a client to enable server-initiated renegotiation. + * + * \param ssl SSL context + * \param renegotiation Enable or disable (SSL_RENEGOTIATION_ENABLED or + * SSL_RENEGOTIATION_DISABLED) + */ +void ssl_set_renegotiation( ssl_context *ssl, int renegotiation ); + +/** + * \brief Prevent or allow legacy renegotiation. + * (Default: SSL_LEGACY_NO_RENEGOTIATION) + * + * SSL_LEGACY_NO_RENEGOTIATION allows connections to + * be established even if the peer does not support + * secure renegotiation, but does not allow renegotiation + * to take place if not secure. + * (Interoperable and secure option) + * + * SSL_LEGACY_ALLOW_RENEGOTIATION allows renegotiations + * with non-upgraded peers. Allowing legacy renegotiation + * makes the connection vulnerable to specific man in the + * middle attacks. (See RFC 5746) + * (Most interoperable and least secure option) + * + * SSL_LEGACY_BREAK_HANDSHAKE breaks off connections + * if peer does not support secure renegotiation. Results + * in interoperability issues with non-upgraded peers + * that do not support renegotiation altogether. + * (Most secure option, interoperability issues) + * + * \param ssl SSL context + * \param allow_legacy Prevent or allow (SSL_NO_LEGACY_RENEGOTIATION, + * SSL_ALLOW_LEGACY_RENEGOTIATION or + * SSL_LEGACY_BREAK_HANDSHAKE) + */ +void ssl_legacy_renegotiation( ssl_context *ssl, int allow_legacy ); + +/** + * \brief Return the number of data bytes available to read + * + * \param ssl SSL context + * + * \return how many bytes are available in the read buffer + */ +size_t ssl_get_bytes_avail( const ssl_context *ssl ); + +/** + * \brief Return the result of the certificate verification + * + * \param ssl SSL context + * + * \return 0 if successful, or a combination of: + * BADCERT_EXPIRED + * BADCERT_REVOKED + * BADCERT_CN_MISMATCH + * BADCERT_NOT_TRUSTED + */ +int ssl_get_verify_result( const ssl_context *ssl ); + +/** + * \brief Return the name of the current ciphersuite + * + * \param ssl SSL context + * + * \return a string containing the ciphersuite name + */ +const char *ssl_get_ciphersuite( const ssl_context *ssl ); + +/** + * \brief Return the current SSL version (SSLv3/TLSv1/etc) + * + * \param ssl SSL context + * + * \return a string containing the SSL version + */ +const char *ssl_get_version( const ssl_context *ssl ); + +/** + * \brief Return the peer certificate from the current connection + * + * Note: Can be NULL in case no certificate was sent during + * the handshake. Different calls for the same connection can + * return the same or different pointers for the same + * certificate and even a different certificate altogether. + * The peer cert CAN change in a single connection if + * renegotiation is performed. + * + * \param ssl SSL context + * + * \return the current peer certificate + */ +const x509_cert *ssl_get_peer_cert( const ssl_context *ssl ); + +/** + * \brief Perform the SSL handshake + * + * \param ssl SSL context + * + * \return 0 if successful, POLARSSL_ERR_NET_WANT_READ, + * POLARSSL_ERR_NET_WANT_WRITE, or a specific SSL error code. + */ +int ssl_handshake( ssl_context *ssl ); + +/** + * \brief Perform a single step of the SSL handshake + * + * Note: the state of the context (ssl->state) will be at + * the following state after execution of this function. + * Do not call this function if state is SSL_HANDSHAKE_OVER. + * + * \param ssl SSL context + * + * \return 0 if successful, POLARSSL_ERR_NET_WANT_READ, + * POLARSSL_ERR_NET_WANT_WRITE, or a specific SSL error code. + */ +int ssl_handshake_step( ssl_context *ssl ); + +/** + * \brief Perform an SSL renegotiation on the running connection + * + * \param ssl SSL context + * + * \return 0 if succesful, or any ssl_handshake() return value. + */ +int ssl_renegotiate( ssl_context *ssl ); + +/** + * \brief Read at most 'len' application data bytes + * + * \param ssl SSL context + * \param buf buffer that will hold the data + * \param len how many bytes must be read + * + * \return This function returns the number of bytes read, 0 for EOF, + * or a negative error code. + */ +int ssl_read( ssl_context *ssl, unsigned char *buf, size_t len ); + +/** + * \brief Write exactly 'len' application data bytes + * + * \param ssl SSL context + * \param buf buffer holding the data + * \param len how many bytes must be written + * + * \return This function returns the number of bytes written, + * or a negative error code. + * + * \note When this function returns POLARSSL_ERR_NET_WANT_WRITE, + * it must be called later with the *same* arguments, + * until it returns a positive value. + */ +int ssl_write( ssl_context *ssl, const unsigned char *buf, size_t len ); + +/** + * \brief Send an alert message + * + * \param ssl SSL context + * \param level The alert level of the message + * (SSL_ALERT_LEVEL_WARNING or SSL_ALERT_LEVEL_FATAL) + * \param message The alert message (SSL_ALERT_MSG_*) + * + * \return 0 if successful, or a specific SSL error code. + */ +int ssl_send_alert_message( ssl_context *ssl, + unsigned char level, + unsigned char message ); +/** + * \brief Notify the peer that the connection is being closed + * + * \param ssl SSL context + */ +int ssl_close_notify( ssl_context *ssl ); + +/** + * \brief Free referenced items in an SSL context and clear memory + * + * \param ssl SSL context + */ +void ssl_free( ssl_context *ssl ); + +/** + * \brief Free referenced items in an SSL session including the + * peer certificate and clear memory + * + * \param session SSL session + */ +void ssl_session_free( ssl_session *session ); + +/** + * \brief Free referenced items in an SSL transform context and clear + * memory + * + * \param transform SSL transform context + */ +void ssl_transform_free( ssl_transform *transform ); + +/** + * \brief Free referenced items in an SSL handshake context and clear + * memory + * + * \param handshake SSL handshake context + */ +void ssl_handshake_free( ssl_handshake_params *handshake ); + +/* + * Internal functions (do not call directly) + */ +int ssl_handshake_client_step( ssl_context *ssl ); +int ssl_handshake_server_step( ssl_context *ssl ); +void ssl_handshake_wrapup( ssl_context *ssl ); + +int ssl_send_fatal_handshake_failure( ssl_context *ssl ); + +int ssl_derive_keys( ssl_context *ssl ); + +int ssl_read_record( ssl_context *ssl ); +/** + * \return 0 if successful, POLARSSL_ERR_SSL_CONN_EOF on EOF or + * another negative error code. + */ +int ssl_fetch_input( ssl_context *ssl, size_t nb_want ); + +int ssl_write_record( ssl_context *ssl ); +int ssl_flush_output( ssl_context *ssl ); + +int ssl_parse_certificate( ssl_context *ssl ); +int ssl_write_certificate( ssl_context *ssl ); + +int ssl_parse_change_cipher_spec( ssl_context *ssl ); +int ssl_write_change_cipher_spec( ssl_context *ssl ); + +int ssl_parse_finished( ssl_context *ssl ); +int ssl_write_finished( ssl_context *ssl ); + +void ssl_optimize_checksum( ssl_context *ssl, int ciphersuite ); + +#ifdef __cplusplus +} +#endif + +#endif /* ssl.h */ diff --git a/polarssl/ssl_cache.c b/polarssl/ssl_cache.c new file mode 100644 index 0000000..f5686be --- /dev/null +++ b/polarssl/ssl_cache.c @@ -0,0 +1,221 @@ +/* + * SSL session cache implementation + * + * Copyright (C) 2006-2012, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +/* + * These session callbacks use a simple chained list + * to store and retrieve the session information. + */ + +#include "polarssl/config.h" + +#if defined(POLARSSL_SSL_CACHE_C) + +#include "polarssl/ssl_cache.h" + +#include + +void ssl_cache_init( ssl_cache_context *cache ) +{ + memset( cache, 0, sizeof( ssl_cache_context ) ); + + cache->timeout = SSL_CACHE_DEFAULT_TIMEOUT; + cache->max_entries = SSL_CACHE_DEFAULT_MAX_ENTRIES; +} + +int ssl_cache_get( void *data, ssl_session *session ) +{ + time_t t = time( NULL ); + ssl_cache_context *cache = (ssl_cache_context *) data; + ssl_cache_entry *cur, *entry; + + cur = cache->chain; + entry = NULL; + + while( cur != NULL ) + { + entry = cur; + cur = cur->next; + + if( cache->timeout != 0 && + (int) ( t - entry->timestamp ) > cache->timeout ) + continue; + + if( session->ciphersuite != entry->session.ciphersuite || + session->compression != entry->session.compression || + session->length != entry->session.length ) + continue; + + if( memcmp( session->id, entry->session.id, + entry->session.length ) != 0 ) + continue; + + memcpy( session->master, entry->session.master, 48 ); + + /* + * Restore peer certificate (without rest of the original chain) + */ + if( entry->peer_cert.p != NULL ) + { + session->peer_cert = (x509_cert *) malloc( sizeof(x509_cert) ); + if( session->peer_cert == NULL ) + return( 1 ); + + memset( session->peer_cert, 0, sizeof(x509_cert) ); + if( x509parse_crt( session->peer_cert, entry->peer_cert.p, + entry->peer_cert.len ) != 0 ) + { + free( session->peer_cert ); + session->peer_cert = NULL; + return( 1 ); + } + } + + return( 0 ); + } + + return( 1 ); +} + +int ssl_cache_set( void *data, const ssl_session *session ) +{ + time_t t = time( NULL ), oldest = 0; + ssl_cache_context *cache = (ssl_cache_context *) data; + ssl_cache_entry *cur, *prv, *old = NULL; + int count = 0; + + cur = cache->chain; + prv = NULL; + + while( cur != NULL ) + { + count++; + + if( cache->timeout != 0 && + (int) ( t - cur->timestamp ) > cache->timeout ) + { + cur->timestamp = t; + break; /* expired, reuse this slot, update timestamp */ + } + + if( memcmp( session->id, cur->session.id, cur->session.length ) == 0 ) + break; /* client reconnected, keep timestamp for session id */ + + if( oldest == 0 || cur->timestamp < oldest ) + { + oldest = cur->timestamp; + old = cur; + } + + prv = cur; + cur = cur->next; + } + + if( cur == NULL ) + { + /* + * Reuse oldest entry if max_entries reached + */ + if( old != NULL && count >= cache->max_entries ) + { + cur = old; + memset( &cur->session, 0, sizeof(ssl_session) ); + if( cur->peer_cert.p != NULL ) + { + free( cur->peer_cert.p ); + memset( &cur->peer_cert, 0, sizeof(x509_buf) ); + } + } + else + { + cur = (ssl_cache_entry *) malloc( sizeof(ssl_cache_entry) ); + if( cur == NULL ) + return( 1 ); + + memset( cur, 0, sizeof(ssl_cache_entry) ); + + if( prv == NULL ) + cache->chain = cur; + else + prv->next = cur; + } + + cur->timestamp = t; + } + + memcpy( &cur->session, session, sizeof( ssl_session ) ); + + /* + * Store peer certificate + */ + if( session->peer_cert != NULL ) + { + cur->peer_cert.p = (unsigned char *) malloc( session->peer_cert->raw.len ); + if( cur->peer_cert.p == NULL ) + return( 1 ); + + memcpy( cur->peer_cert.p, session->peer_cert->raw.p, + session->peer_cert->raw.len ); + cur->peer_cert.len = session->peer_cert->raw.len; + + cur->session.peer_cert = NULL; + } + + return( 0 ); +} + +void ssl_cache_set_timeout( ssl_cache_context *cache, int timeout ) +{ + if( timeout < 0 ) timeout = 0; + + cache->timeout = timeout; +} + +void ssl_cache_set_max_entries( ssl_cache_context *cache, int max ) +{ + if( max < 0 ) max = 0; + + cache->max_entries = max; +} + +void ssl_cache_free( ssl_cache_context *cache ) +{ + ssl_cache_entry *cur, *prv; + + cur = cache->chain; + + while( cur != NULL ) + { + prv = cur; + cur = cur->next; + + ssl_session_free( &prv->session ); + + if( prv->peer_cert.p != NULL ) + free( prv->peer_cert.p ); + + free( prv ); + } +} + +#endif /* POLARSSL_SSL_CACHE_C */ diff --git a/polarssl/ssl_cache.h b/polarssl/ssl_cache.h new file mode 100644 index 0000000..521129a --- /dev/null +++ b/polarssl/ssl_cache.h @@ -0,0 +1,119 @@ +/** + * \file ssl_cache.h + * + * \brief SSL session cache implementation + * + * Copyright (C) 2006-2013, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef POLARSSL_SSL_CACHE_H +#define POLARSSL_SSL_CACHE_H + +#include "polarssl/ssl.h" + +#if !defined(POLARSSL_CONFIG_OPTIONS) +#define SSL_CACHE_DEFAULT_TIMEOUT 86400 /*!< 1 day */ +#define SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /*!< Maximum entries in cache */ +#endif /* !POLARSSL_CONFIG_OPTIONS */ + +#ifdef __cplusplus +extern "C" { +#endif + +typedef struct _ssl_cache_context ssl_cache_context; +typedef struct _ssl_cache_entry ssl_cache_entry; + +/** + * \brief This structure is used for storing cache entries + */ +struct _ssl_cache_entry +{ + time_t timestamp; /*!< entry timestamp */ + ssl_session session; /*!< entry session */ + x509_buf peer_cert; /*!< entry peer_cert */ + ssl_cache_entry *next; /*!< chain pointer */ +}; + +/** + * \brief Cache context + */ +struct _ssl_cache_context +{ + ssl_cache_entry *chain; /*!< start of the chain */ + int timeout; /*!< cache entry timeout */ + int max_entries; /*!< maximum entries */ +}; + +/** + * \brief Initialize an SSL cache context + * + * \param cache SSL cache context + */ +void ssl_cache_init( ssl_cache_context *cache ); + +/** + * \brief Cache get callback implementation + * + * \param data SSL cache context + * \param session session to retrieve entry for + */ +int ssl_cache_get( void *data, ssl_session *session ); + +/** + * \brief Cache set callback implementation + * + * \param data SSL cache context + * \param session session to store entry for + */ +int ssl_cache_set( void *data, const ssl_session *session ); + +/** + * \brief Set the cache timeout + * (Default: SSL_CACHE_DEFAULT_TIMEOUT (1 day)) + * + * A timeout of 0 indicates no timeout. + * + * \param cache SSL cache context + * \param timeout cache entry timeout + */ +void ssl_cache_set_timeout( ssl_cache_context *cache, int timeout ); + +/** + * \brief Set the cache timeout + * (Default: SSL_CACHE_DEFAULT_MAX_ENTRIES (50)) + * + * \param cache SSL cache context + * \param max cache entry maximum + */ +void ssl_cache_set_max_entries( ssl_cache_context *cache, int max ); + +/** + * \brief Free referenced items in a cache context and clear memory + * + * \param cache SSL cache context + */ +void ssl_cache_free( ssl_cache_context *cache ); + +#ifdef __cplusplus +} +#endif + +#endif /* ssl_cache.h */ diff --git a/polarssl/ssl_cli.c b/polarssl/ssl_cli.c new file mode 100644 index 0000000..e4a102b --- /dev/null +++ b/polarssl/ssl_cli.c @@ -0,0 +1,1386 @@ +/* + * SSLv3/TLSv1 client-side functions + * + * Copyright (C) 2006-2012, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#include "polarssl/config.h" + +#if defined(POLARSSL_SSL_CLI_C) + +#include "polarssl/debug.h" +#include "polarssl/ssl.h" + +#include +#include +#include + +#if defined(POLARSSL_SHA4_C) +#include "polarssl/sha4.h" +#endif + +static int ssl_write_client_hello( ssl_context *ssl ) +{ + int ret; + size_t i, n, ext_len = 0; + unsigned char *buf; + unsigned char *p; + time_t t; + unsigned char sig_alg_list[20]; + size_t sig_alg_len = 0; + + SSL_DEBUG_MSG( 2, ( "=> write client hello" ) ); + + if( ssl->renegotiation == SSL_INITIAL_HANDSHAKE ) + { + ssl->major_ver = ssl->min_major_ver; + ssl->minor_ver = ssl->min_minor_ver; + } + + if( ssl->max_major_ver == 0 && ssl->max_minor_ver == 0 ) + { + ssl->max_major_ver = SSL_MAJOR_VERSION_3; + ssl->max_minor_ver = SSL_MINOR_VERSION_3; + } + + /* + * 0 . 0 handshake type + * 1 . 3 handshake length + * 4 . 5 highest version supported + * 6 . 9 current UNIX time + * 10 . 37 random bytes + */ + buf = ssl->out_msg; + p = buf + 4; + + *p++ = (unsigned char) ssl->max_major_ver; + *p++ = (unsigned char) ssl->max_minor_ver; + + SSL_DEBUG_MSG( 3, ( "client hello, max version: [%d:%d]", + buf[4], buf[5] ) ); + + t = time( NULL ); + *p++ = (unsigned char)( t >> 24 ); + *p++ = (unsigned char)( t >> 16 ); + *p++ = (unsigned char)( t >> 8 ); + *p++ = (unsigned char)( t ); + + SSL_DEBUG_MSG( 3, ( "client hello, current time: %lu", t ) ); + + if( ( ret = ssl->f_rng( ssl->p_rng, p, 28 ) ) != 0 ) + return( ret ); + + p += 28; + + memcpy( ssl->handshake->randbytes, buf + 6, 32 ); + + SSL_DEBUG_BUF( 3, "client hello, random bytes", buf + 6, 32 ); + + /* + * 38 . 38 session id length + * 39 . 39+n session id + * 40+n . 41+n ciphersuitelist length + * 42+n . .. ciphersuitelist + * .. . .. compression methods length + * .. . .. compression methods + * .. . .. extensions length + * .. . .. extensions + */ + n = ssl->session_negotiate->length; + + if( ssl->renegotiation != SSL_INITIAL_HANDSHAKE || n < 16 || n > 32 || + ssl->handshake->resume == 0 ) + n = 0; + + *p++ = (unsigned char) n; + + for( i = 0; i < n; i++ ) + *p++ = ssl->session_negotiate->id[i]; + + SSL_DEBUG_MSG( 3, ( "client hello, session id len.: %d", n ) ); + SSL_DEBUG_BUF( 3, "client hello, session id", buf + 39, n ); + + for( n = 0; ssl->ciphersuites[ssl->minor_ver][n] != 0; n++ ); + if( ssl->renegotiation == SSL_INITIAL_HANDSHAKE ) n++; + *p++ = (unsigned char)( n >> 7 ); + *p++ = (unsigned char)( n << 1 ); + + /* + * Add TLS_EMPTY_RENEGOTIATION_INFO_SCSV + */ + if( ssl->renegotiation == SSL_INITIAL_HANDSHAKE ) + { + *p++ = (unsigned char)( SSL_EMPTY_RENEGOTIATION_INFO >> 8 ); + *p++ = (unsigned char)( SSL_EMPTY_RENEGOTIATION_INFO ); + n--; + } + + SSL_DEBUG_MSG( 3, ( "client hello, got %d ciphersuites", n ) ); + + for( i = 0; i < n; i++ ) + { + SSL_DEBUG_MSG( 3, ( "client hello, add ciphersuite: %2d", + ssl->ciphersuites[ssl->minor_ver][i] ) ); + + *p++ = (unsigned char)( ssl->ciphersuites[ssl->minor_ver][i] >> 8 ); + *p++ = (unsigned char)( ssl->ciphersuites[ssl->minor_ver][i] ); + } + +#if defined(POLARSSL_ZLIB_SUPPORT) + SSL_DEBUG_MSG( 3, ( "client hello, compress len.: %d", 2 ) ); + SSL_DEBUG_MSG( 3, ( "client hello, compress alg.: %d %d", + SSL_COMPRESS_DEFLATE, SSL_COMPRESS_NULL ) ); + + *p++ = 2; + *p++ = SSL_COMPRESS_DEFLATE; + *p++ = SSL_COMPRESS_NULL; +#else + SSL_DEBUG_MSG( 3, ( "client hello, compress len.: %d", 1 ) ); + SSL_DEBUG_MSG( 3, ( "client hello, compress alg.: %d", SSL_COMPRESS_NULL ) ); + + *p++ = 1; + *p++ = SSL_COMPRESS_NULL; +#endif + + if ( ssl->hostname != NULL ) + { + SSL_DEBUG_MSG( 3, ( "client hello, prepping for server name extension: %s", + ssl->hostname ) ); + + ext_len += ssl->hostname_len + 9; + } + + if( ssl->renegotiation == SSL_RENEGOTIATION ) + { + SSL_DEBUG_MSG( 3, ( "client hello, prepping for renegotiation extension" ) ); + ext_len += 5 + ssl->verify_data_len; + } + + /* + * Prepare signature_algorithms extension (TLS 1.2) + */ + if( ssl->max_minor_ver == SSL_MINOR_VERSION_3 ) + { +#if defined(POLARSSL_SHA4_C) + sig_alg_list[sig_alg_len++] = SSL_HASH_SHA512; + sig_alg_list[sig_alg_len++] = SSL_SIG_RSA; + sig_alg_list[sig_alg_len++] = SSL_HASH_SHA384; + sig_alg_list[sig_alg_len++] = SSL_SIG_RSA; +#endif +#if defined(POLARSSL_SHA2_C) + sig_alg_list[sig_alg_len++] = SSL_HASH_SHA256; + sig_alg_list[sig_alg_len++] = SSL_SIG_RSA; + sig_alg_list[sig_alg_len++] = SSL_HASH_SHA224; + sig_alg_list[sig_alg_len++] = SSL_SIG_RSA; +#endif +#if defined(POLARSSL_SHA1_C) + sig_alg_list[sig_alg_len++] = SSL_HASH_SHA1; + sig_alg_list[sig_alg_len++] = SSL_SIG_RSA; +#endif +#if defined(POLARSSL_MD5_C) + sig_alg_list[sig_alg_len++] = SSL_HASH_MD5; + sig_alg_list[sig_alg_len++] = SSL_SIG_RSA; +#endif + ext_len += 6 + sig_alg_len; + } + + SSL_DEBUG_MSG( 3, ( "client hello, total extension length: %d", + ext_len ) ); + + *p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( ext_len ) & 0xFF ); + + if ( ssl->hostname != NULL ) + { + /* + * struct { + * NameType name_type; + * select (name_type) { + * case host_name: HostName; + * } name; + * } ServerName; + * + * enum { + * host_name(0), (255) + * } NameType; + * + * opaque HostName<1..2^16-1>; + * + * struct { + * ServerName server_name_list<1..2^16-1> + * } ServerNameList; + */ + SSL_DEBUG_MSG( 3, ( "client hello, adding server name extension: %s", + ssl->hostname ) ); + + *p++ = (unsigned char)( ( TLS_EXT_SERVERNAME >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( TLS_EXT_SERVERNAME ) & 0xFF ); + + *p++ = (unsigned char)( ( (ssl->hostname_len + 5) >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( (ssl->hostname_len + 5) ) & 0xFF ); + + *p++ = (unsigned char)( ( (ssl->hostname_len + 3) >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( (ssl->hostname_len + 3) ) & 0xFF ); + + *p++ = (unsigned char)( ( TLS_EXT_SERVERNAME_HOSTNAME ) & 0xFF ); + *p++ = (unsigned char)( ( ssl->hostname_len >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( ssl->hostname_len ) & 0xFF ); + + memcpy( p, ssl->hostname, ssl->hostname_len ); + p += ssl->hostname_len; + } + + if( ssl->renegotiation == SSL_RENEGOTIATION ) + { + /* + * Secure renegotiation + */ + SSL_DEBUG_MSG( 3, ( "client hello, renegotiation info extension" ) ); + + *p++ = (unsigned char)( ( TLS_EXT_RENEGOTIATION_INFO >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( TLS_EXT_RENEGOTIATION_INFO ) & 0xFF ); + + *p++ = 0x00; + *p++ = ( ssl->verify_data_len + 1 ) & 0xFF; + *p++ = ssl->verify_data_len & 0xFF; + + memcpy( p, ssl->own_verify_data, ssl->verify_data_len ); + p += ssl->verify_data_len; + } + + if( ssl->max_minor_ver == SSL_MINOR_VERSION_3 ) + { + /* + * enum { + * none(0), md5(1), sha1(2), sha224(3), sha256(4), sha384(5), + * sha512(6), (255) + * } HashAlgorithm; + * + * enum { anonymous(0), rsa(1), dsa(2), ecdsa(3), (255) } + * SignatureAlgorithm; + * + * struct { + * HashAlgorithm hash; + * SignatureAlgorithm signature; + * } SignatureAndHashAlgorithm; + * + * SignatureAndHashAlgorithm + * supported_signature_algorithms<2..2^16-2>; + */ + SSL_DEBUG_MSG( 3, ( "client hello, adding signature_algorithms extension" ) ); + + *p++ = (unsigned char)( ( TLS_EXT_SIG_ALG >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( TLS_EXT_SIG_ALG ) & 0xFF ); + + *p++ = (unsigned char)( ( ( sig_alg_len + 2 ) >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( ( sig_alg_len + 2 ) ) & 0xFF ); + + *p++ = (unsigned char)( ( sig_alg_len >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( sig_alg_len ) & 0xFF ); + + memcpy( p, sig_alg_list, sig_alg_len ); + + p += sig_alg_len; + } + + ssl->out_msglen = p - buf; + ssl->out_msgtype = SSL_MSG_HANDSHAKE; + ssl->out_msg[0] = SSL_HS_CLIENT_HELLO; + + ssl->state++; + + if( ( ret = ssl_write_record( ssl ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "ssl_write_record", ret ); + return( ret ); + } + + SSL_DEBUG_MSG( 2, ( "<= write client hello" ) ); + + return( 0 ); +} + +static int ssl_parse_renegotiation_info( ssl_context *ssl, + unsigned char *buf, + size_t len ) +{ + int ret; + + if( ssl->renegotiation == SSL_INITIAL_HANDSHAKE ) + { + if( len != 1 || buf[0] != 0x0 ) + { + SSL_DEBUG_MSG( 1, ( "non-zero length renegotiated connection field" ) ); + + if( ( ret = ssl_send_fatal_handshake_failure( ssl ) ) != 0 ) + return( ret ); + + return( POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO ); + } + + ssl->secure_renegotiation = SSL_SECURE_RENEGOTIATION; + } + else + { + if( len != 1 + ssl->verify_data_len * 2 || + buf[0] != ssl->verify_data_len * 2 || + memcmp( buf + 1, ssl->own_verify_data, ssl->verify_data_len ) != 0 || + memcmp( buf + 1 + ssl->verify_data_len, + ssl->peer_verify_data, ssl->verify_data_len ) != 0 ) + { + SSL_DEBUG_MSG( 1, ( "non-matching renegotiated connection field" ) ); + + if( ( ret = ssl_send_fatal_handshake_failure( ssl ) ) != 0 ) + return( ret ); + + return( POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO ); + } + } + + return( 0 ); +} + +static int ssl_parse_server_hello( ssl_context *ssl ) +{ +#if defined(POLARSSL_DEBUG_C) + time_t t; +#endif + int ret, i, comp; + size_t n; + size_t ext_len = 0; + unsigned char *buf, *ext; + int renegotiation_info_seen = 0; + int handshake_failure = 0; + + SSL_DEBUG_MSG( 2, ( "=> parse server hello" ) ); + + /* + * 0 . 0 handshake type + * 1 . 3 handshake length + * 4 . 5 protocol version + * 6 . 9 UNIX time() + * 10 . 37 random bytes + */ + buf = ssl->in_msg; + + if( ( ret = ssl_read_record( ssl ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "ssl_read_record", ret ); + return( ret ); + } + + if( ssl->in_msgtype != SSL_MSG_HANDSHAKE ) + { + SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); + return( POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE ); + } + + SSL_DEBUG_MSG( 3, ( "server hello, chosen version: [%d:%d]", + buf[4], buf[5] ) ); + + if( ssl->in_hslen < 42 || + buf[0] != SSL_HS_SERVER_HELLO || + buf[4] != SSL_MAJOR_VERSION_3 ) + { + SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO ); + } + + if( buf[5] > ssl->max_minor_ver ) + { + SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO ); + } + + ssl->minor_ver = buf[5]; + + if( ssl->minor_ver < ssl->min_minor_ver ) + { + SSL_DEBUG_MSG( 1, ( "server only supports ssl smaller than minimum" + " [%d:%d] < [%d:%d]", ssl->major_ver, ssl->minor_ver, + buf[4], buf[5] ) ); + + ssl_send_alert_message( ssl, SSL_ALERT_LEVEL_FATAL, + SSL_ALERT_MSG_PROTOCOL_VERSION ); + + return( POLARSSL_ERR_SSL_BAD_HS_PROTOCOL_VERSION ); + } + +#if defined(POLARSSL_DEBUG_C) + t = ( (time_t) buf[6] << 24 ) + | ( (time_t) buf[7] << 16 ) + | ( (time_t) buf[8] << 8 ) + | ( (time_t) buf[9] ); +#endif + + memcpy( ssl->handshake->randbytes + 32, buf + 6, 32 ); + + n = buf[38]; + + SSL_DEBUG_MSG( 3, ( "server hello, current time: %lu", t ) ); + SSL_DEBUG_BUF( 3, "server hello, random bytes", buf + 6, 32 ); + + if( n > 32 ) + { + SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO ); + } + + /* + * 38 . 38 session id length + * 39 . 38+n session id + * 39+n . 40+n chosen ciphersuite + * 41+n . 41+n chosen compression alg. + * 42+n . 43+n extensions length + * 44+n . 44+n+m extensions + */ + if( ssl->in_hslen > 42 + n ) + { + ext_len = ( ( buf[42 + n] << 8 ) + | ( buf[43 + n] ) ); + + if( ( ext_len > 0 && ext_len < 4 ) || + ssl->in_hslen != 44 + n + ext_len ) + { + SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO ); + } + } + + i = ( buf[39 + n] << 8 ) | buf[40 + n]; + comp = buf[41 + n]; + + /* + * Initialize update checksum functions + */ + ssl_optimize_checksum( ssl, i ); + + SSL_DEBUG_MSG( 3, ( "server hello, session id len.: %d", n ) ); + SSL_DEBUG_BUF( 3, "server hello, session id", buf + 39, n ); + + /* + * Check if the session can be resumed + */ + if( ssl->renegotiation != SSL_INITIAL_HANDSHAKE || + ssl->handshake->resume == 0 || n == 0 || + ssl->session_negotiate->ciphersuite != i || + ssl->session_negotiate->compression != comp || + ssl->session_negotiate->length != n || + memcmp( ssl->session_negotiate->id, buf + 39, n ) != 0 ) + { + ssl->state++; + ssl->handshake->resume = 0; + ssl->session_negotiate->start = time( NULL ); + ssl->session_negotiate->ciphersuite = i; + ssl->session_negotiate->compression = comp; + ssl->session_negotiate->length = n; + memcpy( ssl->session_negotiate->id, buf + 39, n ); + } + else + { + ssl->state = SSL_SERVER_CHANGE_CIPHER_SPEC; + + if( ( ret = ssl_derive_keys( ssl ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "ssl_derive_keys", ret ); + return( ret ); + } + } + + SSL_DEBUG_MSG( 3, ( "%s session has been resumed", + ssl->handshake->resume ? "a" : "no" ) ); + + SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: %d", i ) ); + SSL_DEBUG_MSG( 3, ( "server hello, compress alg.: %d", buf[41 + n] ) ); + + i = 0; + while( 1 ) + { + if( ssl->ciphersuites[ssl->minor_ver][i] == 0 ) + { + SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO ); + } + + if( ssl->ciphersuites[ssl->minor_ver][i++] == ssl->session_negotiate->ciphersuite ) + break; + } + + if( comp != SSL_COMPRESS_NULL +#if defined(POLARSSL_ZLIB_SUPPORT) + && comp != SSL_COMPRESS_DEFLATE +#endif + ) + { + SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO ); + } + ssl->session_negotiate->compression = comp; + + ext = buf + 44 + n; + + while( ext_len ) + { + unsigned int ext_id = ( ( ext[0] << 8 ) + | ( ext[1] ) ); + unsigned int ext_size = ( ( ext[2] << 8 ) + | ( ext[3] ) ); + + if( ext_size + 4 > ext_len ) + { + SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO ); + } + + switch( ext_id ) + { + case TLS_EXT_RENEGOTIATION_INFO: + SSL_DEBUG_MSG( 3, ( "found renegotiation extension" ) ); + renegotiation_info_seen = 1; + + if( ( ret = ssl_parse_renegotiation_info( ssl, ext + 4, ext_size ) ) != 0 ) + return( ret ); + + break; + + default: + SSL_DEBUG_MSG( 3, ( "unknown extension found: %d (ignoring)", + ext_id ) ); + } + + ext_len -= 4 + ext_size; + ext += 4 + ext_size; + + if( ext_len > 0 && ext_len < 4 ) + { + SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO ); + } + } + + /* + * Renegotiation security checks + */ + if( ssl->secure_renegotiation == SSL_LEGACY_RENEGOTIATION && + ssl->allow_legacy_renegotiation == SSL_LEGACY_BREAK_HANDSHAKE ) + { + SSL_DEBUG_MSG( 1, ( "legacy renegotiation, breaking off handshake" ) ); + handshake_failure = 1; + } + else if( ssl->renegotiation == SSL_RENEGOTIATION && + ssl->secure_renegotiation == SSL_SECURE_RENEGOTIATION && + renegotiation_info_seen == 0 ) + { + SSL_DEBUG_MSG( 1, ( "renegotiation_info extension missing (secure)" ) ); + handshake_failure = 1; + } + else if( ssl->renegotiation == SSL_RENEGOTIATION && + ssl->secure_renegotiation == SSL_LEGACY_RENEGOTIATION && + ssl->allow_legacy_renegotiation == SSL_LEGACY_NO_RENEGOTIATION ) + { + SSL_DEBUG_MSG( 1, ( "legacy renegotiation not allowed" ) ); + handshake_failure = 1; + } + else if( ssl->renegotiation == SSL_RENEGOTIATION && + ssl->secure_renegotiation == SSL_LEGACY_RENEGOTIATION && + renegotiation_info_seen == 1 ) + { + SSL_DEBUG_MSG( 1, ( "renegotiation_info extension present (legacy)" ) ); + handshake_failure = 1; + } + + if( handshake_failure == 1 ) + { + if( ( ret = ssl_send_fatal_handshake_failure( ssl ) ) != 0 ) + return( ret ); + + return( POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO ); + } + + SSL_DEBUG_MSG( 2, ( "<= parse server hello" ) ); + + return( 0 ); +} + +static int ssl_parse_server_key_exchange( ssl_context *ssl ) +{ +#if defined(POLARSSL_DHM_C) + int ret; + size_t n; + unsigned char *p, *end; + unsigned char hash[64]; + md5_context md5; + sha1_context sha1; + int hash_id = SIG_RSA_RAW; + unsigned int hashlen = 0; +#endif + + SSL_DEBUG_MSG( 2, ( "=> parse server key exchange" ) ); + + if( ssl->session_negotiate->ciphersuite != TLS_DHE_RSA_WITH_DES_CBC_SHA && + ssl->session_negotiate->ciphersuite != TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA && + ssl->session_negotiate->ciphersuite != TLS_DHE_RSA_WITH_AES_128_CBC_SHA && + ssl->session_negotiate->ciphersuite != TLS_DHE_RSA_WITH_AES_256_CBC_SHA && + ssl->session_negotiate->ciphersuite != TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 && + ssl->session_negotiate->ciphersuite != TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 && + ssl->session_negotiate->ciphersuite != TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA && + ssl->session_negotiate->ciphersuite != TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA && + ssl->session_negotiate->ciphersuite != TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 && + ssl->session_negotiate->ciphersuite != TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 && + ssl->session_negotiate->ciphersuite != TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 && + ssl->session_negotiate->ciphersuite != TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 ) + { + SSL_DEBUG_MSG( 2, ( "<= skip parse server key exchange" ) ); + ssl->state++; + return( 0 ); + } + +#if !defined(POLARSSL_DHM_C) + SSL_DEBUG_MSG( 1, ( "support for dhm in not available" ) ); + return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE ); +#else + if( ( ret = ssl_read_record( ssl ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "ssl_read_record", ret ); + return( ret ); + } + + if( ssl->in_msgtype != SSL_MSG_HANDSHAKE ) + { + SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); + return( POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE ); + } + + if( ssl->in_msg[0] != SSL_HS_SERVER_KEY_EXCHANGE ) + { + SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + } + + SSL_DEBUG_BUF( 3, "server key exchange", ssl->in_msg + 4, ssl->in_hslen - 4 ); + + /* + * Ephemeral DH parameters: + * + * struct { + * opaque dh_p<1..2^16-1>; + * opaque dh_g<1..2^16-1>; + * opaque dh_Ys<1..2^16-1>; + * } ServerDHParams; + */ + p = ssl->in_msg + 4; + end = ssl->in_msg + ssl->in_hslen; + + if( ( ret = dhm_read_params( &ssl->handshake->dhm_ctx, &p, end ) ) != 0 ) + { + SSL_DEBUG_MSG( 2, ( "DHM Read Params returned -0x%x", -ret ) ); + SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + } + + if( ssl->minor_ver == SSL_MINOR_VERSION_3 ) + { + if( p[1] != SSL_SIG_RSA ) + { + SSL_DEBUG_MSG( 2, ( "server used unsupported SignatureAlgorithm %d", p[1] ) ); + SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + } + + switch( p[0] ) + { +#if defined(POLARSSL_MD5_C) + case SSL_HASH_MD5: + hash_id = SIG_RSA_MD5; + break; +#endif +#if defined(POLARSSL_SHA1_C) + case SSL_HASH_SHA1: + hash_id = SIG_RSA_SHA1; + break; +#endif +#if defined(POLARSSL_SHA2_C) + case SSL_HASH_SHA224: + hash_id = SIG_RSA_SHA224; + break; + case SSL_HASH_SHA256: + hash_id = SIG_RSA_SHA256; + break; +#endif +#if defined(POLARSSL_SHA4_C) + case SSL_HASH_SHA384: + hash_id = SIG_RSA_SHA384; + break; + case SSL_HASH_SHA512: + hash_id = SIG_RSA_SHA512; + break; +#endif + default: + SSL_DEBUG_MSG( 2, ( "Server used unsupported HashAlgorithm %d", p[0] ) ); + SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + } + + SSL_DEBUG_MSG( 2, ( "Server used SignatureAlgorithm %d", p[1] ) ); + SSL_DEBUG_MSG( 2, ( "Server used HashAlgorithm %d", p[0] ) ); + p += 2; + } + + n = ( p[0] << 8 ) | p[1]; + p += 2; + + if( end != p + n ) + { + SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + } + + if( (unsigned int)( end - p ) != + ssl->session_negotiate->peer_cert->rsa.len ) + { + SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + } + + if( ssl->handshake->dhm_ctx.len < 64 || ssl->handshake->dhm_ctx.len > 512 ) + { + SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + } + + SSL_DEBUG_MPI( 3, "DHM: P ", &ssl->handshake->dhm_ctx.P ); + SSL_DEBUG_MPI( 3, "DHM: G ", &ssl->handshake->dhm_ctx.G ); + SSL_DEBUG_MPI( 3, "DHM: GY", &ssl->handshake->dhm_ctx.GY ); + + if( ssl->minor_ver != SSL_MINOR_VERSION_3 ) + { + /* + * digitally-signed struct { + * opaque md5_hash[16]; + * opaque sha_hash[20]; + * }; + * + * md5_hash + * MD5(ClientHello.random + ServerHello.random + * + ServerParams); + * sha_hash + * SHA(ClientHello.random + ServerHello.random + * + ServerParams); + */ + n = ssl->in_hslen - ( end - p ) - 6; + + md5_starts( &md5 ); + md5_update( &md5, ssl->handshake->randbytes, 64 ); + md5_update( &md5, ssl->in_msg + 4, n ); + md5_finish( &md5, hash ); + + sha1_starts( &sha1 ); + sha1_update( &sha1, ssl->handshake->randbytes, 64 ); + sha1_update( &sha1, ssl->in_msg + 4, n ); + sha1_finish( &sha1, hash + 16 ); + + hash_id = SIG_RSA_RAW; + hashlen = 36; + } + else + { + sha2_context sha2; +#if defined(POLARSSL_SHA4_C) + sha4_context sha4; +#endif + + n = ssl->in_hslen - ( end - p ) - 8; + + /* + * digitally-signed struct { + * opaque client_random[32]; + * opaque server_random[32]; + * ServerDHParams params; + * }; + */ + switch( hash_id ) + { +#if defined(POLARSSL_MD5_C) + case SIG_RSA_MD5: + md5_starts( &md5 ); + md5_update( &md5, ssl->handshake->randbytes, 64 ); + md5_update( &md5, ssl->in_msg + 4, n ); + md5_finish( &md5, hash ); + hashlen = 16; + break; +#endif +#if defined(POLARSSL_SHA1_C) + case SIG_RSA_SHA1: + sha1_starts( &sha1 ); + sha1_update( &sha1, ssl->handshake->randbytes, 64 ); + sha1_update( &sha1, ssl->in_msg + 4, n ); + sha1_finish( &sha1, hash ); + hashlen = 20; + break; +#endif +#if defined(POLARSSL_SHA2_C) + case SIG_RSA_SHA224: + sha2_starts( &sha2, 1 ); + sha2_update( &sha2, ssl->handshake->randbytes, 64 ); + sha2_update( &sha2, ssl->in_msg + 4, n ); + sha2_finish( &sha2, hash ); + hashlen = 28; + break; + case SIG_RSA_SHA256: + sha2_starts( &sha2, 0 ); + sha2_update( &sha2, ssl->handshake->randbytes, 64 ); + sha2_update( &sha2, ssl->in_msg + 4, n ); + sha2_finish( &sha2, hash ); + hashlen = 32; + break; +#endif +#if defined(POLARSSL_SHA4_C) + case SIG_RSA_SHA384: + sha4_starts( &sha4, 1 ); + sha4_update( &sha4, ssl->handshake->randbytes, 64 ); + sha4_update( &sha4, ssl->in_msg + 4, n ); + sha4_finish( &sha4, hash ); + hashlen = 48; + break; + case SIG_RSA_SHA512: + sha4_starts( &sha4, 0 ); + sha4_update( &sha4, ssl->handshake->randbytes, 64 ); + sha4_update( &sha4, ssl->in_msg + 4, n ); + sha4_finish( &sha4, hash ); + hashlen = 64; + break; +#endif + } + } + + SSL_DEBUG_BUF( 3, "parameters hash", hash, hashlen ); + + if( ( ret = rsa_pkcs1_verify( &ssl->session_negotiate->peer_cert->rsa, + RSA_PUBLIC, + hash_id, hashlen, hash, p ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "rsa_pkcs1_verify", ret ); + return( ret ); + } + + ssl->state++; + + SSL_DEBUG_MSG( 2, ( "<= parse server key exchange" ) ); + + return( 0 ); +#endif +} + +static int ssl_parse_certificate_request( ssl_context *ssl ) +{ + int ret; + unsigned char *buf, *p; + size_t n = 0, m = 0; + size_t cert_type_len = 0, sig_alg_len = 0, dn_len = 0; + + SSL_DEBUG_MSG( 2, ( "=> parse certificate request" ) ); + + /* + * 0 . 0 handshake type + * 1 . 3 handshake length + * 4 . 4 cert type count + * 5 .. m-1 cert types + * m .. m+1 sig alg length (TLS 1.2 only) + * m+1 .. n-1 SignatureAndHashAlgorithms (TLS 1.2 only) + * n .. n+1 length of all DNs + * n+2 .. n+3 length of DN 1 + * n+4 .. ... Distinguished Name #1 + * ... .. ... length of DN 2, etc. + */ + if( ( ret = ssl_read_record( ssl ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "ssl_read_record", ret ); + return( ret ); + } + + if( ssl->in_msgtype != SSL_MSG_HANDSHAKE ) + { + SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) ); + return( POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE ); + } + + ssl->client_auth = 0; + ssl->state++; + + if( ssl->in_msg[0] == SSL_HS_CERTIFICATE_REQUEST ) + ssl->client_auth++; + + SSL_DEBUG_MSG( 3, ( "got %s certificate request", + ssl->client_auth ? "a" : "no" ) ); + + if( ssl->client_auth == 0 ) + goto exit; + + // TODO: handshake_failure alert for an anonymous server to request + // client authentication + + buf = ssl->in_msg; + + // Retrieve cert types + // + cert_type_len = buf[4]; + n = cert_type_len; + + if( ssl->in_hslen < 6 + n ) + { + SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST ); + } + + p = buf + 5; + while( cert_type_len > 0 ) + { + if( *p == SSL_CERT_TYPE_RSA_SIGN ) + { + ssl->handshake->cert_type = SSL_CERT_TYPE_RSA_SIGN; + break; + } + + cert_type_len--; + p++; + } + + if( ssl->handshake->cert_type == 0 ) + { + SSL_DEBUG_MSG( 1, ( "no known cert_type provided" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST ); + } + + if( ssl->minor_ver == SSL_MINOR_VERSION_3 ) + { + sig_alg_len = ( ( buf[5 + n] << 8 ) + | ( buf[6 + n] ) ); + + p = buf + 7 + n; + m += 2; + n += sig_alg_len; + + if( ssl->in_hslen < 6 + n ) + { + SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST ); + } + } + + dn_len = ( ( buf[5 + m + n] << 8 ) + | ( buf[6 + m + n] ) ); + + n += dn_len; + if( ssl->in_hslen != 7 + m + n ) + { + SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST ); + } + +exit: + SSL_DEBUG_MSG( 2, ( "<= parse certificate request" ) ); + + return( 0 ); +} + +static int ssl_parse_server_hello_done( ssl_context *ssl ) +{ + int ret; + + SSL_DEBUG_MSG( 2, ( "=> parse server hello done" ) ); + + if( ssl->client_auth != 0 ) + { + if( ( ret = ssl_read_record( ssl ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "ssl_read_record", ret ); + return( ret ); + } + + if( ssl->in_msgtype != SSL_MSG_HANDSHAKE ) + { + SSL_DEBUG_MSG( 1, ( "bad server hello done message" ) ); + return( POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE ); + } + } + + if( ssl->in_hslen != 4 || + ssl->in_msg[0] != SSL_HS_SERVER_HELLO_DONE ) + { + SSL_DEBUG_MSG( 1, ( "bad server hello done message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO_DONE ); + } + + ssl->state++; + + SSL_DEBUG_MSG( 2, ( "<= parse server hello done" ) ); + + return( 0 ); +} + +static int ssl_write_client_key_exchange( ssl_context *ssl ) +{ + int ret; + size_t i, n; + + SSL_DEBUG_MSG( 2, ( "=> write client key exchange" ) ); + + if( ssl->session_negotiate->ciphersuite == TLS_DHE_RSA_WITH_DES_CBC_SHA || + ssl->session_negotiate->ciphersuite == TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA || + ssl->session_negotiate->ciphersuite == TLS_DHE_RSA_WITH_AES_128_CBC_SHA || + ssl->session_negotiate->ciphersuite == TLS_DHE_RSA_WITH_AES_256_CBC_SHA || + ssl->session_negotiate->ciphersuite == TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 || + ssl->session_negotiate->ciphersuite == TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 || + ssl->session_negotiate->ciphersuite == TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA || + ssl->session_negotiate->ciphersuite == TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA || + ssl->session_negotiate->ciphersuite == TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 || + ssl->session_negotiate->ciphersuite == TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 || + ssl->session_negotiate->ciphersuite == TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 || + ssl->session_negotiate->ciphersuite == TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 ) + { +#if !defined(POLARSSL_DHM_C) + SSL_DEBUG_MSG( 1, ( "support for dhm in not available" ) ); + return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE ); +#else + /* + * DHM key exchange -- send G^X mod P + */ + n = ssl->handshake->dhm_ctx.len; + + ssl->out_msg[4] = (unsigned char)( n >> 8 ); + ssl->out_msg[5] = (unsigned char)( n ); + i = 6; + + ret = dhm_make_public( &ssl->handshake->dhm_ctx, + mpi_size( &ssl->handshake->dhm_ctx.P ), + &ssl->out_msg[i], n, + ssl->f_rng, ssl->p_rng ); + if( ret != 0 ) + { + SSL_DEBUG_RET( 1, "dhm_make_public", ret ); + return( ret ); + } + + SSL_DEBUG_MPI( 3, "DHM: X ", &ssl->handshake->dhm_ctx.X ); + SSL_DEBUG_MPI( 3, "DHM: GX", &ssl->handshake->dhm_ctx.GX ); + + ssl->handshake->pmslen = ssl->handshake->dhm_ctx.len; + + if( ( ret = dhm_calc_secret( &ssl->handshake->dhm_ctx, + ssl->handshake->premaster, + &ssl->handshake->pmslen ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "dhm_calc_secret", ret ); + return( ret ); + } + + SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->handshake->dhm_ctx.K ); +#endif + } + else + { + /* + * RSA key exchange -- send rsa_public(pkcs1 v1.5(premaster)) + */ + ssl->handshake->premaster[0] = (unsigned char) ssl->max_major_ver; + ssl->handshake->premaster[1] = (unsigned char) ssl->max_minor_ver; + ssl->handshake->pmslen = 48; + + ret = ssl->f_rng( ssl->p_rng, ssl->handshake->premaster + 2, + ssl->handshake->pmslen - 2 ); + if( ret != 0 ) + return( ret ); + + i = 4; + n = ssl->session_negotiate->peer_cert->rsa.len; + + if( ssl->minor_ver != SSL_MINOR_VERSION_0 ) + { + i += 2; + ssl->out_msg[4] = (unsigned char)( n >> 8 ); + ssl->out_msg[5] = (unsigned char)( n ); + } + + ret = rsa_pkcs1_encrypt( &ssl->session_negotiate->peer_cert->rsa, + ssl->f_rng, ssl->p_rng, + RSA_PUBLIC, + ssl->handshake->pmslen, + ssl->handshake->premaster, + ssl->out_msg + i ); + if( ret != 0 ) + { + SSL_DEBUG_RET( 1, "rsa_pkcs1_encrypt", ret ); + return( ret ); + } + } + + if( ( ret = ssl_derive_keys( ssl ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "ssl_derive_keys", ret ); + return( ret ); + } + + ssl->out_msglen = i + n; + ssl->out_msgtype = SSL_MSG_HANDSHAKE; + ssl->out_msg[0] = SSL_HS_CLIENT_KEY_EXCHANGE; + + ssl->state++; + + if( ( ret = ssl_write_record( ssl ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "ssl_write_record", ret ); + return( ret ); + } + + SSL_DEBUG_MSG( 2, ( "<= write client key exchange" ) ); + + return( 0 ); +} + +static int ssl_write_certificate_verify( ssl_context *ssl ) +{ + int ret = 0; + size_t n = 0, offset = 0; + unsigned char hash[48]; + int hash_id = SIG_RSA_RAW; + unsigned int hashlen = 36; + + SSL_DEBUG_MSG( 2, ( "=> write certificate verify" ) ); + + if( ssl->client_auth == 0 || ssl->own_cert == NULL ) + { + SSL_DEBUG_MSG( 2, ( "<= skip write certificate verify" ) ); + ssl->state++; + return( 0 ); + } + + if( ssl->rsa_key == NULL ) + { + SSL_DEBUG_MSG( 1, ( "got no private key" ) ); + return( POLARSSL_ERR_SSL_PRIVATE_KEY_REQUIRED ); + } + + /* + * Make an RSA signature of the handshake digests + */ + ssl->handshake->calc_verify( ssl, hash ); + + if( ssl->minor_ver != SSL_MINOR_VERSION_3 ) + { + /* + * digitally-signed struct { + * opaque md5_hash[16]; + * opaque sha_hash[20]; + * }; + * + * md5_hash + * MD5(handshake_messages); + * + * sha_hash + * SHA(handshake_messages); + */ + hashlen = 36; + hash_id = SIG_RSA_RAW; + } + else + { + /* + * digitally-signed struct { + * opaque handshake_messages[handshake_messages_length]; + * }; + * + * Taking shortcut here. We assume that the server always allows the + * PRF Hash function and has sent it in the allowed signature + * algorithms list received in the Certificate Request message. + * + * Until we encounter a server that does not, we will take this + * shortcut. + * + * Reason: Otherwise we should have running hashes for SHA512 and SHA224 + * in order to satisfy 'weird' needs from the server side. + */ + if( ssl->session_negotiate->ciphersuite == TLS_RSA_WITH_AES_256_GCM_SHA384 || + ssl->session_negotiate->ciphersuite == TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 ) + { + hash_id = SIG_RSA_SHA384; + hashlen = 48; + ssl->out_msg[4] = SSL_HASH_SHA384; + ssl->out_msg[5] = SSL_SIG_RSA; + } + else + { + hash_id = SIG_RSA_SHA256; + hashlen = 32; + ssl->out_msg[4] = SSL_HASH_SHA256; + ssl->out_msg[5] = SSL_SIG_RSA; + } + + offset = 2; + } + + if ( ssl->rsa_key ) + n = ssl->rsa_key_len ( ssl->rsa_key ); + + ssl->out_msg[4 + offset] = (unsigned char)( n >> 8 ); + ssl->out_msg[5 + offset] = (unsigned char)( n ); + + if( ssl->rsa_key ) + { + ret = ssl->rsa_sign( ssl->rsa_key, ssl->f_rng, ssl->p_rng, + RSA_PRIVATE, hash_id, + hashlen, hash, ssl->out_msg + 6 + offset ); + } + + if (ret != 0) + { + SSL_DEBUG_RET( 1, "pkcs1_sign", ret ); + return( ret ); + } + + ssl->out_msglen = 6 + n + offset; + ssl->out_msgtype = SSL_MSG_HANDSHAKE; + ssl->out_msg[0] = SSL_HS_CERTIFICATE_VERIFY; + + ssl->state++; + + if( ( ret = ssl_write_record( ssl ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "ssl_write_record", ret ); + return( ret ); + } + + SSL_DEBUG_MSG( 2, ( "<= write certificate verify" ) ); + + return( 0 ); +} + +/* + * SSL handshake -- client side -- single step + */ +int ssl_handshake_client_step( ssl_context *ssl ) +{ + int ret = 0; + + if( ssl->state == SSL_HANDSHAKE_OVER ) + return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); + + SSL_DEBUG_MSG( 2, ( "client state: %d", ssl->state ) ); + + if( ( ret = ssl_flush_output( ssl ) ) != 0 ) + return( ret ); + + switch( ssl->state ) + { + case SSL_HELLO_REQUEST: + ssl->state = SSL_CLIENT_HELLO; + break; + + /* + * ==> ClientHello + */ + case SSL_CLIENT_HELLO: + ret = ssl_write_client_hello( ssl ); + break; + + /* + * <== ServerHello + * Certificate + * ( ServerKeyExchange ) + * ( CertificateRequest ) + * ServerHelloDone + */ + case SSL_SERVER_HELLO: + ret = ssl_parse_server_hello( ssl ); + break; + + case SSL_SERVER_CERTIFICATE: + ret = ssl_parse_certificate( ssl ); + break; + + case SSL_SERVER_KEY_EXCHANGE: + ret = ssl_parse_server_key_exchange( ssl ); + break; + + case SSL_CERTIFICATE_REQUEST: + ret = ssl_parse_certificate_request( ssl ); + break; + + case SSL_SERVER_HELLO_DONE: + ret = ssl_parse_server_hello_done( ssl ); + break; + + /* + * ==> ( Certificate/Alert ) + * ClientKeyExchange + * ( CertificateVerify ) + * ChangeCipherSpec + * Finished + */ + case SSL_CLIENT_CERTIFICATE: + ret = ssl_write_certificate( ssl ); + break; + + case SSL_CLIENT_KEY_EXCHANGE: + ret = ssl_write_client_key_exchange( ssl ); + break; + + case SSL_CERTIFICATE_VERIFY: + ret = ssl_write_certificate_verify( ssl ); + break; + + case SSL_CLIENT_CHANGE_CIPHER_SPEC: + ret = ssl_write_change_cipher_spec( ssl ); + break; + + case SSL_CLIENT_FINISHED: + ret = ssl_write_finished( ssl ); + break; + + /* + * <== ChangeCipherSpec + * Finished + */ + case SSL_SERVER_CHANGE_CIPHER_SPEC: + ret = ssl_parse_change_cipher_spec( ssl ); + break; + + case SSL_SERVER_FINISHED: + ret = ssl_parse_finished( ssl ); + break; + + case SSL_FLUSH_BUFFERS: + SSL_DEBUG_MSG( 2, ( "handshake: done" ) ); + ssl->state = SSL_HANDSHAKE_WRAPUP; + break; + + case SSL_HANDSHAKE_WRAPUP: + ssl_handshake_wrapup( ssl ); + break; + + default: + SSL_DEBUG_MSG( 1, ( "invalid state %d", ssl->state ) ); + return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); + } + + return( ret ); +} +#endif diff --git a/polarssl/ssl_srv.c b/polarssl/ssl_srv.c new file mode 100644 index 0000000..9ba2294 --- /dev/null +++ b/polarssl/ssl_srv.c @@ -0,0 +1,1623 @@ +/* + * SSLv3/TLSv1 server-side functions + * + * Copyright (C) 2006-2012, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#include "polarssl/config.h" + +#if defined(POLARSSL_SSL_SRV_C) + +#include "polarssl/debug.h" +#include "polarssl/ssl.h" + +#include +#include +#include + +static int ssl_parse_servername_ext( ssl_context *ssl, + const unsigned char *buf, + size_t len ) +{ + int ret; + size_t servername_list_size, hostname_len; + const unsigned char *p; + + servername_list_size = ( ( buf[0] << 8 ) | ( buf[1] ) ); + if( servername_list_size + 2 != len ) + { + SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + p = buf + 2; + while( servername_list_size > 0 ) + { + hostname_len = ( ( p[1] << 8 ) | p[2] ); + if( hostname_len + 3 > servername_list_size ) + { + SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + if( p[0] == TLS_EXT_SERVERNAME_HOSTNAME ) + { + ret = ssl->f_sni( ssl->p_sni, ssl, p + 3, hostname_len ); + if( ret != 0 ) + { + ssl_send_alert_message( ssl, SSL_ALERT_LEVEL_FATAL, + SSL_ALERT_MSG_UNRECOGNIZED_NAME ); + return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + return( 0 ); + } + + servername_list_size -= hostname_len + 3; + p += hostname_len + 3; + } + + if( servername_list_size != 0 ) + { + SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + return( 0 ); +} + +static int ssl_parse_renegotiation_info( ssl_context *ssl, + const unsigned char *buf, + size_t len ) +{ + int ret; + + if( ssl->renegotiation == SSL_INITIAL_HANDSHAKE ) + { + if( len != 1 || buf[0] != 0x0 ) + { + SSL_DEBUG_MSG( 1, ( "non-zero length renegotiated connection field" ) ); + + if( ( ret = ssl_send_fatal_handshake_failure( ssl ) ) != 0 ) + return( ret ); + + return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + ssl->secure_renegotiation = SSL_SECURE_RENEGOTIATION; + } + else + { + if( len != 1 + ssl->verify_data_len || + buf[0] != ssl->verify_data_len || + memcmp( buf + 1, ssl->peer_verify_data, ssl->verify_data_len ) != 0 ) + { + SSL_DEBUG_MSG( 1, ( "non-matching renegotiated connection field" ) ); + + if( ( ret = ssl_send_fatal_handshake_failure( ssl ) ) != 0 ) + return( ret ); + + return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + } + + return( 0 ); +} + +static int ssl_parse_signature_algorithms_ext( ssl_context *ssl, + const unsigned char *buf, + size_t len ) +{ + size_t sig_alg_list_size; + const unsigned char *p; + + sig_alg_list_size = ( ( buf[0] << 8 ) | ( buf[1] ) ); + if( sig_alg_list_size + 2 != len || + sig_alg_list_size %2 != 0 ) + { + SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + p = buf + 2; + while( sig_alg_list_size > 0 ) + { + if( p[1] != SSL_SIG_RSA ) + { + sig_alg_list_size -= 2; + p += 2; + continue; + } +#if defined(POLARSSL_SHA4_C) + if( p[0] == SSL_HASH_SHA512 ) + { + ssl->handshake->sig_alg = SSL_HASH_SHA512; + break; + } + if( p[0] == SSL_HASH_SHA384 ) + { + ssl->handshake->sig_alg = SSL_HASH_SHA384; + break; + } +#endif +#if defined(POLARSSL_SHA2_C) + if( p[0] == SSL_HASH_SHA256 ) + { + ssl->handshake->sig_alg = SSL_HASH_SHA256; + break; + } + if( p[0] == SSL_HASH_SHA224 ) + { + ssl->handshake->sig_alg = SSL_HASH_SHA224; + break; + } +#endif + if( p[0] == SSL_HASH_SHA1 ) + { + ssl->handshake->sig_alg = SSL_HASH_SHA1; + break; + } + if( p[0] == SSL_HASH_MD5 ) + { + ssl->handshake->sig_alg = SSL_HASH_MD5; + break; + } + + sig_alg_list_size -= 2; + p += 2; + } + + SSL_DEBUG_MSG( 3, ( "client hello v3, signature_algorithm ext: %d", + ssl->handshake->sig_alg ) ); + + return( 0 ); +} + +#if defined(POLARSSL_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO) +static int ssl_parse_client_hello_v2( ssl_context *ssl ) +{ + int ret; + unsigned int i, j; + size_t n; + unsigned int ciph_len, sess_len, chal_len; + unsigned char *buf, *p; + + SSL_DEBUG_MSG( 2, ( "=> parse client hello v2" ) ); + + if( ssl->renegotiation != SSL_INITIAL_HANDSHAKE ) + { + SSL_DEBUG_MSG( 1, ( "client hello v2 illegal for renegotiation" ) ); + + if( ( ret = ssl_send_fatal_handshake_failure( ssl ) ) != 0 ) + return( ret ); + + return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + buf = ssl->in_hdr; + + SSL_DEBUG_BUF( 4, "record header", buf, 5 ); + + SSL_DEBUG_MSG( 3, ( "client hello v2, message type: %d", + buf[2] ) ); + SSL_DEBUG_MSG( 3, ( "client hello v2, message len.: %d", + ( ( buf[0] & 0x7F ) << 8 ) | buf[1] ) ); + SSL_DEBUG_MSG( 3, ( "client hello v2, max. version: [%d:%d]", + buf[3], buf[4] ) ); + + /* + * SSLv2 Client Hello + * + * Record layer: + * 0 . 1 message length + * + * SSL layer: + * 2 . 2 message type + * 3 . 4 protocol version + */ + if( buf[2] != SSL_HS_CLIENT_HELLO || + buf[3] != SSL_MAJOR_VERSION_3 ) + { + SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + n = ( ( buf[0] << 8 ) | buf[1] ) & 0x7FFF; + + if( n < 17 || n > 512 ) + { + SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + ssl->major_ver = SSL_MAJOR_VERSION_3; + ssl->minor_ver = ( buf[4] <= SSL_MINOR_VERSION_3 ) + ? buf[4] : SSL_MINOR_VERSION_3; + + if( ssl->minor_ver < ssl->min_minor_ver ) + { + SSL_DEBUG_MSG( 1, ( "client only supports ssl smaller than minimum" + " [%d:%d] < [%d:%d]", ssl->major_ver, ssl->minor_ver, + ssl->min_major_ver, ssl->min_minor_ver ) ); + + ssl_send_alert_message( ssl, SSL_ALERT_LEVEL_FATAL, + SSL_ALERT_MSG_PROTOCOL_VERSION ); + return( POLARSSL_ERR_SSL_BAD_HS_PROTOCOL_VERSION ); + } + + ssl->max_major_ver = buf[3]; + ssl->max_minor_ver = buf[4]; + + if( ( ret = ssl_fetch_input( ssl, 2 + n ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "ssl_fetch_input", ret ); + return( ret ); + } + + ssl->handshake->update_checksum( ssl, buf + 2, n ); + + buf = ssl->in_msg; + n = ssl->in_left - 5; + + /* + * 0 . 1 ciphersuitelist length + * 2 . 3 session id length + * 4 . 5 challenge length + * 6 . .. ciphersuitelist + * .. . .. session id + * .. . .. challenge + */ + SSL_DEBUG_BUF( 4, "record contents", buf, n ); + + ciph_len = ( buf[0] << 8 ) | buf[1]; + sess_len = ( buf[2] << 8 ) | buf[3]; + chal_len = ( buf[4] << 8 ) | buf[5]; + + SSL_DEBUG_MSG( 3, ( "ciph_len: %d, sess_len: %d, chal_len: %d", + ciph_len, sess_len, chal_len ) ); + + /* + * Make sure each parameter length is valid + */ + if( ciph_len < 3 || ( ciph_len % 3 ) != 0 ) + { + SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + if( sess_len > 32 ) + { + SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + if( chal_len < 8 || chal_len > 32 ) + { + SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + if( n != 6 + ciph_len + sess_len + chal_len ) + { + SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + SSL_DEBUG_BUF( 3, "client hello, ciphersuitelist", + buf + 6, ciph_len ); + SSL_DEBUG_BUF( 3, "client hello, session id", + buf + 6 + ciph_len, sess_len ); + SSL_DEBUG_BUF( 3, "client hello, challenge", + buf + 6 + ciph_len + sess_len, chal_len ); + + p = buf + 6 + ciph_len; + ssl->session_negotiate->length = sess_len; + memset( ssl->session_negotiate->id, 0, sizeof( ssl->session_negotiate->id ) ); + memcpy( ssl->session_negotiate->id, p, ssl->session_negotiate->length ); + + p += sess_len; + memset( ssl->handshake->randbytes, 0, 64 ); + memcpy( ssl->handshake->randbytes + 32 - chal_len, p, chal_len ); + + /* + * Check for TLS_EMPTY_RENEGOTIATION_INFO_SCSV + */ + for( i = 0, p = buf + 6; i < ciph_len; i += 3, p += 3 ) + { + if( p[0] == 0 && p[1] == 0 && p[2] == SSL_EMPTY_RENEGOTIATION_INFO ) + { + SSL_DEBUG_MSG( 3, ( "received TLS_EMPTY_RENEGOTIATION_INFO " ) ); + if( ssl->renegotiation == SSL_RENEGOTIATION ) + { + SSL_DEBUG_MSG( 1, ( "received RENEGOTIATION SCSV during renegotiation" ) ); + + if( ( ret = ssl_send_fatal_handshake_failure( ssl ) ) != 0 ) + return( ret ); + + return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + ssl->secure_renegotiation = SSL_SECURE_RENEGOTIATION; + break; + } + } + + for( i = 0; ssl->ciphersuites[ssl->minor_ver][i] != 0; i++ ) + { + for( j = 0, p = buf + 6; j < ciph_len; j += 3, p += 3 ) + { + if( p[0] == 0 && + p[1] == 0 && + p[2] == ssl->ciphersuites[ssl->minor_ver][i] ) + goto have_ciphersuite_v2; + } + } + + SSL_DEBUG_MSG( 1, ( "got no ciphersuites in common" ) ); + + return( POLARSSL_ERR_SSL_NO_CIPHER_CHOSEN ); + +have_ciphersuite_v2: + ssl->session_negotiate->ciphersuite = ssl->ciphersuites[ssl->minor_ver][i]; + ssl_optimize_checksum( ssl, ssl->session_negotiate->ciphersuite ); + + /* + * SSLv2 Client Hello relevant renegotiation security checks + */ + if( ssl->secure_renegotiation == SSL_LEGACY_RENEGOTIATION && + ssl->allow_legacy_renegotiation == SSL_LEGACY_BREAK_HANDSHAKE ) + { + SSL_DEBUG_MSG( 1, ( "legacy renegotiation, breaking off handshake" ) ); + + if( ( ret = ssl_send_fatal_handshake_failure( ssl ) ) != 0 ) + return( ret ); + + return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + ssl->in_left = 0; + ssl->state++; + + SSL_DEBUG_MSG( 2, ( "<= parse client hello v2" ) ); + + return( 0 ); +} +#endif /* POLARSSL_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO */ + +static int ssl_parse_client_hello( ssl_context *ssl ) +{ + int ret; + unsigned int i, j; + size_t n; + unsigned int ciph_len, sess_len; + unsigned int comp_len; + unsigned int ext_len = 0; + unsigned char *buf, *p, *ext; + int renegotiation_info_seen = 0; + int handshake_failure = 0; + + SSL_DEBUG_MSG( 2, ( "=> parse client hello" ) ); + + if( ssl->renegotiation == SSL_INITIAL_HANDSHAKE && + ( ret = ssl_fetch_input( ssl, 5 ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "ssl_fetch_input", ret ); + return( ret ); + } + + buf = ssl->in_hdr; + +#if defined(POLARSSL_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO) + if( ( buf[0] & 0x80 ) != 0 ) + return ssl_parse_client_hello_v2( ssl ); +#endif + + SSL_DEBUG_BUF( 4, "record header", buf, 5 ); + + SSL_DEBUG_MSG( 3, ( "client hello v3, message type: %d", + buf[0] ) ); + SSL_DEBUG_MSG( 3, ( "client hello v3, message len.: %d", + ( buf[3] << 8 ) | buf[4] ) ); + SSL_DEBUG_MSG( 3, ( "client hello v3, protocol ver: [%d:%d]", + buf[1], buf[2] ) ); + + /* + * SSLv3 Client Hello + * + * Record layer: + * 0 . 0 message type + * 1 . 2 protocol version + * 3 . 4 message length + */ + if( buf[0] != SSL_MSG_HANDSHAKE || + buf[1] != SSL_MAJOR_VERSION_3 ) + { + SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + n = ( buf[3] << 8 ) | buf[4]; + + if( n < 45 || n > 512 ) + { + SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + if( ssl->renegotiation == SSL_INITIAL_HANDSHAKE && + ( ret = ssl_fetch_input( ssl, 5 + n ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "ssl_fetch_input", ret ); + return( ret ); + } + + buf = ssl->in_msg; + if( !ssl->renegotiation ) + n = ssl->in_left - 5; + else + n = ssl->in_msglen; + + ssl->handshake->update_checksum( ssl, buf, n ); + + /* + * SSL layer: + * 0 . 0 handshake type + * 1 . 3 handshake length + * 4 . 5 protocol version + * 6 . 9 UNIX time() + * 10 . 37 random bytes + * 38 . 38 session id length + * 39 . 38+x session id + * 39+x . 40+x ciphersuitelist length + * 41+x . .. ciphersuitelist + * .. . .. compression alg. + * .. . .. extensions + */ + SSL_DEBUG_BUF( 4, "record contents", buf, n ); + + SSL_DEBUG_MSG( 3, ( "client hello v3, handshake type: %d", + buf[0] ) ); + SSL_DEBUG_MSG( 3, ( "client hello v3, handshake len.: %d", + ( buf[1] << 16 ) | ( buf[2] << 8 ) | buf[3] ) ); + SSL_DEBUG_MSG( 3, ( "client hello v3, max. version: [%d:%d]", + buf[4], buf[5] ) ); + + /* + * Check the handshake type and protocol version + */ + if( buf[0] != SSL_HS_CLIENT_HELLO || + buf[4] != SSL_MAJOR_VERSION_3 ) + { + SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + ssl->major_ver = SSL_MAJOR_VERSION_3; + ssl->minor_ver = ( buf[5] <= SSL_MINOR_VERSION_3 ) + ? buf[5] : SSL_MINOR_VERSION_3; + + if( ssl->minor_ver < ssl->min_minor_ver ) + { + SSL_DEBUG_MSG( 1, ( "client only supports ssl smaller than minimum" + " [%d:%d] < [%d:%d]", ssl->major_ver, ssl->minor_ver, + ssl->min_major_ver, ssl->min_minor_ver ) ); + + ssl_send_alert_message( ssl, SSL_ALERT_LEVEL_FATAL, + SSL_ALERT_MSG_PROTOCOL_VERSION ); + + return( POLARSSL_ERR_SSL_BAD_HS_PROTOCOL_VERSION ); + } + + ssl->max_major_ver = buf[4]; + ssl->max_minor_ver = buf[5]; + + memcpy( ssl->handshake->randbytes, buf + 6, 32 ); + + /* + * Check the handshake message length + */ + if( buf[1] != 0 || n != (unsigned int) 4 + ( ( buf[2] << 8 ) | buf[3] ) ) + { + SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + /* + * Check the session length + */ + sess_len = buf[38]; + + if( sess_len > 32 ) + { + SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + ssl->session_negotiate->length = sess_len; + memset( ssl->session_negotiate->id, 0, + sizeof( ssl->session_negotiate->id ) ); + memcpy( ssl->session_negotiate->id, buf + 39, + ssl->session_negotiate->length ); + + /* + * Check the ciphersuitelist length + */ + ciph_len = ( buf[39 + sess_len] << 8 ) + | ( buf[40 + sess_len] ); + + if( ciph_len < 2 || ciph_len > 256 || ( ciph_len % 2 ) != 0 ) + { + SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + /* + * Check the compression algorithms length + */ + comp_len = buf[41 + sess_len + ciph_len]; + + if( comp_len < 1 || comp_len > 16 ) + { + SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + /* + * Check the extension length + */ + if( n > 42 + sess_len + ciph_len + comp_len ) + { + ext_len = ( buf[42 + sess_len + ciph_len + comp_len] << 8 ) + | ( buf[43 + sess_len + ciph_len + comp_len] ); + + if( ( ext_len > 0 && ext_len < 4 ) || + n != 44 + sess_len + ciph_len + comp_len + ext_len ) + { + SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + SSL_DEBUG_BUF( 3, "Ext", buf + 44 + sess_len + ciph_len + comp_len, ext_len); + return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + } + + ssl->session_negotiate->compression = SSL_COMPRESS_NULL; +#if defined(POLARSSL_ZLIB_SUPPORT) + for( i = 0; i < comp_len; ++i ) + { + if( buf[42 + sess_len + ciph_len + i] == SSL_COMPRESS_DEFLATE ) + { + ssl->session_negotiate->compression = SSL_COMPRESS_DEFLATE; + break; + } + } +#endif + + SSL_DEBUG_BUF( 3, "client hello, random bytes", + buf + 6, 32 ); + SSL_DEBUG_BUF( 3, "client hello, session id", + buf + 38, sess_len ); + SSL_DEBUG_BUF( 3, "client hello, ciphersuitelist", + buf + 41 + sess_len, ciph_len ); + SSL_DEBUG_BUF( 3, "client hello, compression", + buf + 42 + sess_len + ciph_len, comp_len ); + + /* + * Check for TLS_EMPTY_RENEGOTIATION_INFO_SCSV + */ + for( i = 0, p = buf + 41 + sess_len; i < ciph_len; i += 2, p += 2 ) + { + if( p[0] == 0 && p[1] == SSL_EMPTY_RENEGOTIATION_INFO ) + { + SSL_DEBUG_MSG( 3, ( "received TLS_EMPTY_RENEGOTIATION_INFO " ) ); + if( ssl->renegotiation == SSL_RENEGOTIATION ) + { + SSL_DEBUG_MSG( 1, ( "received RENEGOTIATION SCSV during renegotiation" ) ); + + if( ( ret = ssl_send_fatal_handshake_failure( ssl ) ) != 0 ) + return( ret ); + + return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + ssl->secure_renegotiation = SSL_SECURE_RENEGOTIATION; + break; + } + } + + /* + * Search for a matching ciphersuite + */ + for( i = 0; ssl->ciphersuites[ssl->minor_ver][i] != 0; i++ ) + { + for( j = 0, p = buf + 41 + sess_len; j < ciph_len; + j += 2, p += 2 ) + { + if( p[0] == 0 && p[1] == ssl->ciphersuites[ssl->minor_ver][i] ) + goto have_ciphersuite; + } + } + + SSL_DEBUG_MSG( 1, ( "got no ciphersuites in common" ) ); + + return( POLARSSL_ERR_SSL_NO_CIPHER_CHOSEN ); + +have_ciphersuite: + ssl->session_negotiate->ciphersuite = ssl->ciphersuites[ssl->minor_ver][i]; + ssl_optimize_checksum( ssl, ssl->session_negotiate->ciphersuite ); + + ext = buf + 44 + sess_len + ciph_len + comp_len; + + while( ext_len ) + { + unsigned int ext_id = ( ( ext[0] << 8 ) + | ( ext[1] ) ); + unsigned int ext_size = ( ( ext[2] << 8 ) + | ( ext[3] ) ); + + if( ext_size + 4 > ext_len ) + { + SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + switch( ext_id ) + { + case TLS_EXT_SERVERNAME: + SSL_DEBUG_MSG( 3, ( "found ServerName extension" ) ); + if( ssl->f_sni == NULL ) + break; + + ret = ssl_parse_servername_ext( ssl, ext + 4, ext_size ); + if( ret != 0 ) + return( ret ); + break; + + case TLS_EXT_RENEGOTIATION_INFO: + SSL_DEBUG_MSG( 3, ( "found renegotiation extension" ) ); + renegotiation_info_seen = 1; + + ret = ssl_parse_renegotiation_info( ssl, ext + 4, ext_size ); + if( ret != 0 ) + return( ret ); + break; + + case TLS_EXT_SIG_ALG: + SSL_DEBUG_MSG( 3, ( "found signature_algorithms extension" ) ); + if( ssl->renegotiation == SSL_RENEGOTIATION ) + break; + + ret = ssl_parse_signature_algorithms_ext( ssl, ext + 4, ext_size ); + if( ret != 0 ) + return( ret ); + break; + + default: + SSL_DEBUG_MSG( 3, ( "unknown extension found: %d (ignoring)", + ext_id ) ); + } + + ext_len -= 4 + ext_size; + ext += 4 + ext_size; + + if( ext_len > 0 && ext_len < 4 ) + { + SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + } + + /* + * Renegotiation security checks + */ + if( ssl->secure_renegotiation == SSL_LEGACY_RENEGOTIATION && + ssl->allow_legacy_renegotiation == SSL_LEGACY_BREAK_HANDSHAKE ) + { + SSL_DEBUG_MSG( 1, ( "legacy renegotiation, breaking off handshake" ) ); + handshake_failure = 1; + } + else if( ssl->renegotiation == SSL_RENEGOTIATION && + ssl->secure_renegotiation == SSL_SECURE_RENEGOTIATION && + renegotiation_info_seen == 0 ) + { + SSL_DEBUG_MSG( 1, ( "renegotiation_info extension missing (secure)" ) ); + handshake_failure = 1; + } + else if( ssl->renegotiation == SSL_RENEGOTIATION && + ssl->secure_renegotiation == SSL_LEGACY_RENEGOTIATION && + ssl->allow_legacy_renegotiation == SSL_LEGACY_NO_RENEGOTIATION ) + { + SSL_DEBUG_MSG( 1, ( "legacy renegotiation not allowed" ) ); + handshake_failure = 1; + } + else if( ssl->renegotiation == SSL_RENEGOTIATION && + ssl->secure_renegotiation == SSL_LEGACY_RENEGOTIATION && + renegotiation_info_seen == 1 ) + { + SSL_DEBUG_MSG( 1, ( "renegotiation_info extension present (legacy)" ) ); + handshake_failure = 1; + } + + if( handshake_failure == 1 ) + { + if( ( ret = ssl_send_fatal_handshake_failure( ssl ) ) != 0 ) + return( ret ); + + return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + ssl->in_left = 0; + ssl->state++; + + SSL_DEBUG_MSG( 2, ( "<= parse client hello" ) ); + + return( 0 ); +} + +static int ssl_write_server_hello( ssl_context *ssl ) +{ + time_t t; + int ret, n; + size_t ext_len = 0; + unsigned char *buf, *p; + + SSL_DEBUG_MSG( 2, ( "=> write server hello" ) ); + + /* + * 0 . 0 handshake type + * 1 . 3 handshake length + * 4 . 5 protocol version + * 6 . 9 UNIX time() + * 10 . 37 random bytes + */ + buf = ssl->out_msg; + p = buf + 4; + + *p++ = (unsigned char) ssl->major_ver; + *p++ = (unsigned char) ssl->minor_ver; + + SSL_DEBUG_MSG( 3, ( "server hello, chosen version: [%d:%d]", + buf[4], buf[5] ) ); + + t = time( NULL ); + *p++ = (unsigned char)( t >> 24 ); + *p++ = (unsigned char)( t >> 16 ); + *p++ = (unsigned char)( t >> 8 ); + *p++ = (unsigned char)( t ); + + SSL_DEBUG_MSG( 3, ( "server hello, current time: %lu", t ) ); + + if( ( ret = ssl->f_rng( ssl->p_rng, p, 28 ) ) != 0 ) + return( ret ); + + p += 28; + + memcpy( ssl->handshake->randbytes + 32, buf + 6, 32 ); + + SSL_DEBUG_BUF( 3, "server hello, random bytes", buf + 6, 32 ); + + /* + * 38 . 38 session id length + * 39 . 38+n session id + * 39+n . 40+n chosen ciphersuite + * 41+n . 41+n chosen compression alg. + */ + ssl->session_negotiate->length = n = 32; + *p++ = (unsigned char) ssl->session_negotiate->length; + + if( ssl->renegotiation != SSL_INITIAL_HANDSHAKE || + ssl->f_get_cache == NULL || + ssl->f_get_cache( ssl->p_get_cache, ssl->session_negotiate ) != 0 ) + { + /* + * Not found, create a new session id + */ + ssl->handshake->resume = 0; + ssl->state++; + + if( ( ret = ssl->f_rng( ssl->p_rng, ssl->session_negotiate->id, + n ) ) != 0 ) + return( ret ); + } + else + { + /* + * Found a matching session, resuming it + */ + ssl->handshake->resume = 1; + ssl->state = SSL_SERVER_CHANGE_CIPHER_SPEC; + + if( ( ret = ssl_derive_keys( ssl ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "ssl_derive_keys", ret ); + return( ret ); + } + } + + memcpy( p, ssl->session_negotiate->id, ssl->session_negotiate->length ); + p += ssl->session_negotiate->length; + + SSL_DEBUG_MSG( 3, ( "server hello, session id len.: %d", n ) ); + SSL_DEBUG_BUF( 3, "server hello, session id", buf + 39, n ); + SSL_DEBUG_MSG( 3, ( "%s session has been resumed", + ssl->handshake->resume ? "a" : "no" ) ); + + *p++ = (unsigned char)( ssl->session_negotiate->ciphersuite >> 8 ); + *p++ = (unsigned char)( ssl->session_negotiate->ciphersuite ); + *p++ = (unsigned char)( ssl->session_negotiate->compression ); + + SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: %d", + ssl->session_negotiate->ciphersuite ) ); + SSL_DEBUG_MSG( 3, ( "server hello, compress alg.: %d", + ssl->session_negotiate->compression ) ); + + if( ssl->secure_renegotiation == SSL_SECURE_RENEGOTIATION ) + { + SSL_DEBUG_MSG( 3, ( "server hello, prepping for secure renegotiation extension" ) ); + ext_len += 5 + ssl->verify_data_len * 2; + + SSL_DEBUG_MSG( 3, ( "server hello, total extension length: %d", + ext_len ) ); + + *p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( ext_len ) & 0xFF ); + + /* + * Secure renegotiation + */ + SSL_DEBUG_MSG( 3, ( "client hello, secure renegotiation extension" ) ); + + *p++ = (unsigned char)( ( TLS_EXT_RENEGOTIATION_INFO >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( TLS_EXT_RENEGOTIATION_INFO ) & 0xFF ); + + *p++ = 0x00; + *p++ = ( ssl->verify_data_len * 2 + 1 ) & 0xFF; + *p++ = ssl->verify_data_len * 2 & 0xFF; + + memcpy( p, ssl->peer_verify_data, ssl->verify_data_len ); + p += ssl->verify_data_len; + memcpy( p, ssl->own_verify_data, ssl->verify_data_len ); + p += ssl->verify_data_len; + } + + ssl->out_msglen = p - buf; + ssl->out_msgtype = SSL_MSG_HANDSHAKE; + ssl->out_msg[0] = SSL_HS_SERVER_HELLO; + + ret = ssl_write_record( ssl ); + + SSL_DEBUG_MSG( 2, ( "<= write server hello" ) ); + + return( ret ); +} + +static int ssl_write_certificate_request( ssl_context *ssl ) +{ + int ret; + size_t n = 0, dn_size, total_dn_size; + unsigned char *buf, *p; + const x509_cert *crt; + + SSL_DEBUG_MSG( 2, ( "=> write certificate request" ) ); + + ssl->state++; + + if( ssl->authmode == SSL_VERIFY_NONE ) + { + SSL_DEBUG_MSG( 2, ( "<= skip write certificate request" ) ); + return( 0 ); + } + + /* + * 0 . 0 handshake type + * 1 . 3 handshake length + * 4 . 4 cert type count + * 5 .. m-1 cert types + * m .. m+1 sig alg length (TLS 1.2 only) + * m+1 .. n-1 SignatureAndHashAlgorithms (TLS 1.2 only) + * n .. n+1 length of all DNs + * n+2 .. n+3 length of DN 1 + * n+4 .. ... Distinguished Name #1 + * ... .. ... length of DN 2, etc. + */ + buf = ssl->out_msg; + p = buf + 4; + + /* + * At the moment, only RSA certificates are supported + */ + *p++ = 1; + *p++ = SSL_CERT_TYPE_RSA_SIGN; + + /* + * Add signature_algorithms for verify (TLS 1.2) + * Only add current running algorithm that is already required for + * requested ciphersuite. + * + * Length is always 2 + */ + if( ssl->minor_ver == SSL_MINOR_VERSION_3 ) + { + ssl->handshake->verify_sig_alg = SSL_HASH_SHA256; + + *p++ = 0; + *p++ = 2; + + if( ssl->session_negotiate->ciphersuite == TLS_RSA_WITH_AES_256_GCM_SHA384 || + ssl->session_negotiate->ciphersuite == TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 ) + { + ssl->handshake->verify_sig_alg = SSL_HASH_SHA384; + } + + *p++ = ssl->handshake->verify_sig_alg; + *p++ = SSL_SIG_RSA; + + n += 4; + } + + p += 2; + crt = ssl->ca_chain; + + total_dn_size = 0; + while( crt != NULL && crt->version != 0) + { + if( p - buf > 4096 ) + break; + + dn_size = crt->subject_raw.len; + *p++ = (unsigned char)( dn_size >> 8 ); + *p++ = (unsigned char)( dn_size ); + memcpy( p, crt->subject_raw.p, dn_size ); + p += dn_size; + + SSL_DEBUG_BUF( 3, "requested DN", p, dn_size ); + + total_dn_size += 2 + dn_size; + crt = crt->next; + } + + ssl->out_msglen = p - buf; + ssl->out_msgtype = SSL_MSG_HANDSHAKE; + ssl->out_msg[0] = SSL_HS_CERTIFICATE_REQUEST; + ssl->out_msg[6 + n] = (unsigned char)( total_dn_size >> 8 ); + ssl->out_msg[7 + n] = (unsigned char)( total_dn_size ); + + ret = ssl_write_record( ssl ); + + SSL_DEBUG_MSG( 2, ( "<= write certificate request" ) ); + + return( ret ); +} + +static int ssl_write_server_key_exchange( ssl_context *ssl ) +{ +#if defined(POLARSSL_DHM_C) + int ret; + size_t n, rsa_key_len = 0; + unsigned char hash[64]; + int hash_id = 0; + unsigned int hashlen = 0; +#endif + + SSL_DEBUG_MSG( 2, ( "=> write server key exchange" ) ); + + if( ssl->session_negotiate->ciphersuite != TLS_DHE_RSA_WITH_DES_CBC_SHA && + ssl->session_negotiate->ciphersuite != TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA && + ssl->session_negotiate->ciphersuite != TLS_DHE_RSA_WITH_AES_128_CBC_SHA && + ssl->session_negotiate->ciphersuite != TLS_DHE_RSA_WITH_AES_256_CBC_SHA && + ssl->session_negotiate->ciphersuite != TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 && + ssl->session_negotiate->ciphersuite != TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 && + ssl->session_negotiate->ciphersuite != TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA && + ssl->session_negotiate->ciphersuite != TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA && + ssl->session_negotiate->ciphersuite != TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 && + ssl->session_negotiate->ciphersuite != TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 && + ssl->session_negotiate->ciphersuite != TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 && + ssl->session_negotiate->ciphersuite != TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 ) + { + SSL_DEBUG_MSG( 2, ( "<= skip write server key exchange" ) ); + ssl->state++; + return( 0 ); + } + +#if !defined(POLARSSL_DHM_C) + SSL_DEBUG_MSG( 1, ( "support for dhm is not available" ) ); + return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE ); +#else + + if( ssl->rsa_key == NULL ) + { + SSL_DEBUG_MSG( 1, ( "got no private key" ) ); + return( POLARSSL_ERR_SSL_PRIVATE_KEY_REQUIRED ); + } + + /* + * Ephemeral DH parameters: + * + * struct { + * opaque dh_p<1..2^16-1>; + * opaque dh_g<1..2^16-1>; + * opaque dh_Ys<1..2^16-1>; + * } ServerDHParams; + */ + if( ( ret = mpi_copy( &ssl->handshake->dhm_ctx.P, &ssl->dhm_P ) ) != 0 || + ( ret = mpi_copy( &ssl->handshake->dhm_ctx.G, &ssl->dhm_G ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "mpi_copy", ret ); + return( ret ); + } + + if( ( ret = dhm_make_params( &ssl->handshake->dhm_ctx, + mpi_size( &ssl->handshake->dhm_ctx.P ), + ssl->out_msg + 4, + &n, ssl->f_rng, ssl->p_rng ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "dhm_make_params", ret ); + return( ret ); + } + + SSL_DEBUG_MPI( 3, "DHM: X ", &ssl->handshake->dhm_ctx.X ); + SSL_DEBUG_MPI( 3, "DHM: P ", &ssl->handshake->dhm_ctx.P ); + SSL_DEBUG_MPI( 3, "DHM: G ", &ssl->handshake->dhm_ctx.G ); + SSL_DEBUG_MPI( 3, "DHM: GX", &ssl->handshake->dhm_ctx.GX ); + + if( ssl->minor_ver != SSL_MINOR_VERSION_3 ) + { + md5_context md5; + sha1_context sha1; + + /* + * digitally-signed struct { + * opaque md5_hash[16]; + * opaque sha_hash[20]; + * }; + * + * md5_hash + * MD5(ClientHello.random + ServerHello.random + * + ServerParams); + * sha_hash + * SHA(ClientHello.random + ServerHello.random + * + ServerParams); + */ + md5_starts( &md5 ); + md5_update( &md5, ssl->handshake->randbytes, 64 ); + md5_update( &md5, ssl->out_msg + 4, n ); + md5_finish( &md5, hash ); + + sha1_starts( &sha1 ); + sha1_update( &sha1, ssl->handshake->randbytes, 64 ); + sha1_update( &sha1, ssl->out_msg + 4, n ); + sha1_finish( &sha1, hash + 16 ); + + hashlen = 36; + hash_id = SIG_RSA_RAW; + } + else + { + /* + * digitally-signed struct { + * opaque client_random[32]; + * opaque server_random[32]; + * ServerDHParams params; + * }; + */ +#if defined(POLARSSL_SHA4_C) + if( ssl->handshake->sig_alg == SSL_HASH_SHA512 ) + { + sha4_context sha4; + + sha4_starts( &sha4, 0 ); + sha4_update( &sha4, ssl->handshake->randbytes, 64 ); + sha4_update( &sha4, ssl->out_msg + 4, n ); + sha4_finish( &sha4, hash ); + + hashlen = 64; + hash_id = SIG_RSA_SHA512; + } + else if( ssl->handshake->sig_alg == SSL_HASH_SHA384 ) + { + sha4_context sha4; + + sha4_starts( &sha4, 1 ); + sha4_update( &sha4, ssl->handshake->randbytes, 64 ); + sha4_update( &sha4, ssl->out_msg + 4, n ); + sha4_finish( &sha4, hash ); + + hashlen = 48; + hash_id = SIG_RSA_SHA384; + } + else +#endif +#if defined(POLARSSL_SHA2_C) + if( ssl->handshake->sig_alg == SSL_HASH_SHA256 ) + { + sha2_context sha2; + + sha2_starts( &sha2, 0 ); + sha2_update( &sha2, ssl->handshake->randbytes, 64 ); + sha2_update( &sha2, ssl->out_msg + 4, n ); + sha2_finish( &sha2, hash ); + + hashlen = 32; + hash_id = SIG_RSA_SHA256; + } + else if( ssl->handshake->sig_alg == SSL_HASH_SHA224 ) + { + sha2_context sha2; + + sha2_starts( &sha2, 1 ); + sha2_update( &sha2, ssl->handshake->randbytes, 64 ); + sha2_update( &sha2, ssl->out_msg + 4, n ); + sha2_finish( &sha2, hash ); + + hashlen = 24; + hash_id = SIG_RSA_SHA224; + } + else +#endif + if( ssl->handshake->sig_alg == SSL_HASH_SHA1 ) + { + sha1_context sha1; + + sha1_starts( &sha1 ); + sha1_update( &sha1, ssl->handshake->randbytes, 64 ); + sha1_update( &sha1, ssl->out_msg + 4, n ); + sha1_finish( &sha1, hash ); + + hashlen = 20; + hash_id = SIG_RSA_SHA1; + } + else if( ssl->handshake->sig_alg == SSL_HASH_MD5 ) + { + md5_context md5; + + md5_starts( &md5 ); + md5_update( &md5, ssl->handshake->randbytes, 64 ); + md5_update( &md5, ssl->out_msg + 4, n ); + md5_finish( &md5, hash ); + + hashlen = 16; + hash_id = SIG_RSA_MD5; + } + } + + SSL_DEBUG_BUF( 3, "parameters hash", hash, hashlen ); + + if ( ssl->rsa_key ) + rsa_key_len = ssl->rsa_key_len( ssl->rsa_key ); + + if( ssl->minor_ver == SSL_MINOR_VERSION_3 ) + { + ssl->out_msg[4 + n] = ssl->handshake->sig_alg; + ssl->out_msg[5 + n] = SSL_SIG_RSA; + + n += 2; + } + + ssl->out_msg[4 + n] = (unsigned char)( rsa_key_len >> 8 ); + ssl->out_msg[5 + n] = (unsigned char)( rsa_key_len ); + + if ( ssl->rsa_key ) + { + ret = ssl->rsa_sign( ssl->rsa_key, ssl->f_rng, ssl->p_rng, + RSA_PRIVATE, + hash_id, hashlen, hash, + ssl->out_msg + 6 + n ); + } + + if( ret != 0 ) + { + SSL_DEBUG_RET( 1, "pkcs1_sign", ret ); + return( ret ); + } + + SSL_DEBUG_BUF( 3, "my RSA sig", ssl->out_msg + 6 + n, rsa_key_len ); + + ssl->out_msglen = 6 + n + rsa_key_len; + ssl->out_msgtype = SSL_MSG_HANDSHAKE; + ssl->out_msg[0] = SSL_HS_SERVER_KEY_EXCHANGE; + + ssl->state++; + + if( ( ret = ssl_write_record( ssl ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "ssl_write_record", ret ); + return( ret ); + } + + SSL_DEBUG_MSG( 2, ( "<= write server key exchange" ) ); + + return( 0 ); +#endif +} + +static int ssl_write_server_hello_done( ssl_context *ssl ) +{ + int ret; + + SSL_DEBUG_MSG( 2, ( "=> write server hello done" ) ); + + ssl->out_msglen = 4; + ssl->out_msgtype = SSL_MSG_HANDSHAKE; + ssl->out_msg[0] = SSL_HS_SERVER_HELLO_DONE; + + ssl->state++; + + if( ( ret = ssl_write_record( ssl ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "ssl_write_record", ret ); + return( ret ); + } + + SSL_DEBUG_MSG( 2, ( "<= write server hello done" ) ); + + return( 0 ); +} + +static int ssl_parse_client_key_exchange( ssl_context *ssl ) +{ + int ret; + size_t i, n = 0; + + SSL_DEBUG_MSG( 2, ( "=> parse client key exchange" ) ); + + if( ( ret = ssl_read_record( ssl ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "ssl_read_record", ret ); + return( ret ); + } + + if( ssl->in_msgtype != SSL_MSG_HANDSHAKE ) + { + SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + } + + if( ssl->in_msg[0] != SSL_HS_CLIENT_KEY_EXCHANGE ) + { + SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + } + + if( ssl->session_negotiate->ciphersuite == TLS_DHE_RSA_WITH_DES_CBC_SHA || + ssl->session_negotiate->ciphersuite == TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA || + ssl->session_negotiate->ciphersuite == TLS_DHE_RSA_WITH_AES_128_CBC_SHA || + ssl->session_negotiate->ciphersuite == TLS_DHE_RSA_WITH_AES_256_CBC_SHA || + ssl->session_negotiate->ciphersuite == TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 || + ssl->session_negotiate->ciphersuite == TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 || + ssl->session_negotiate->ciphersuite == TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA || + ssl->session_negotiate->ciphersuite == TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA || + ssl->session_negotiate->ciphersuite == TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 || + ssl->session_negotiate->ciphersuite == TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 || + ssl->session_negotiate->ciphersuite == TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 || + ssl->session_negotiate->ciphersuite == TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 ) + { +#if !defined(POLARSSL_DHM_C) + SSL_DEBUG_MSG( 1, ( "support for dhm is not available" ) ); + return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE ); +#else + /* + * Receive G^Y mod P, premaster = (G^Y)^X mod P + */ + n = ( ssl->in_msg[4] << 8 ) | ssl->in_msg[5]; + + if( n < 1 || n > ssl->handshake->dhm_ctx.len || + n + 6 != ssl->in_hslen ) + { + SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + } + + if( ( ret = dhm_read_public( &ssl->handshake->dhm_ctx, + ssl->in_msg + 6, n ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "dhm_read_public", ret ); + return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_DHM_RP ); + } + + SSL_DEBUG_MPI( 3, "DHM: GY", &ssl->handshake->dhm_ctx.GY ); + + ssl->handshake->pmslen = ssl->handshake->dhm_ctx.len; + + if( ( ret = dhm_calc_secret( &ssl->handshake->dhm_ctx, + ssl->handshake->premaster, + &ssl->handshake->pmslen ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "dhm_calc_secret", ret ); + return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_DHM_CS ); + } + + SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->handshake->dhm_ctx.K ); +#endif + } + else + { + if( ssl->rsa_key == NULL ) + { + SSL_DEBUG_MSG( 1, ( "got no private key" ) ); + return( POLARSSL_ERR_SSL_PRIVATE_KEY_REQUIRED ); + } + + /* + * Decrypt the premaster using own private RSA key + */ + i = 4; + if( ssl->rsa_key ) + n = ssl->rsa_key_len( ssl->rsa_key ); + ssl->handshake->pmslen = 48; + + if( ssl->minor_ver != SSL_MINOR_VERSION_0 ) + { + i += 2; + if( ssl->in_msg[4] != ( ( n >> 8 ) & 0xFF ) || + ssl->in_msg[5] != ( ( n ) & 0xFF ) ) + { + SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + } + } + + if( ssl->in_hslen != i + n ) + { + SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + } + + if( ssl->rsa_key ) { + ret = ssl->rsa_decrypt( ssl->rsa_key, RSA_PRIVATE, + &ssl->handshake->pmslen, + ssl->in_msg + i, + ssl->handshake->premaster, + sizeof(ssl->handshake->premaster) ); + } + + if( ret != 0 || ssl->handshake->pmslen != 48 || + ssl->handshake->premaster[0] != ssl->max_major_ver || + ssl->handshake->premaster[1] != ssl->max_minor_ver ) + { + SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); + + /* + * Protection against Bleichenbacher's attack: + * invalid PKCS#1 v1.5 padding must not cause + * the connection to end immediately; instead, + * send a bad_record_mac later in the handshake. + */ + ssl->handshake->pmslen = 48; + + ret = ssl->f_rng( ssl->p_rng, ssl->handshake->premaster, + ssl->handshake->pmslen ); + if( ret != 0 ) + return( ret ); + } + } + + if( ( ret = ssl_derive_keys( ssl ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "ssl_derive_keys", ret ); + return( ret ); + } + + ssl->state++; + + SSL_DEBUG_MSG( 2, ( "<= parse client key exchange" ) ); + + return( 0 ); +} + +static int ssl_parse_certificate_verify( ssl_context *ssl ) +{ + int ret; + size_t n = 0, n1, n2; + unsigned char hash[48]; + int hash_id; + unsigned int hashlen; + + SSL_DEBUG_MSG( 2, ( "=> parse certificate verify" ) ); + + if( ssl->session_negotiate->peer_cert == NULL ) + { + SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) ); + ssl->state++; + return( 0 ); + } + + ssl->handshake->calc_verify( ssl, hash ); + + if( ( ret = ssl_read_record( ssl ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "ssl_read_record", ret ); + return( ret ); + } + + ssl->state++; + + if( ssl->in_msgtype != SSL_MSG_HANDSHAKE ) + { + SSL_DEBUG_MSG( 1, ( "bad certificate verify message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); + } + + if( ssl->in_msg[0] != SSL_HS_CERTIFICATE_VERIFY ) + { + SSL_DEBUG_MSG( 1, ( "bad certificate verify message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); + } + + if( ssl->minor_ver == SSL_MINOR_VERSION_3 ) + { + /* + * As server we know we either have SSL_HASH_SHA384 or + * SSL_HASH_SHA256 + */ + if( ssl->in_msg[4] != ssl->handshake->verify_sig_alg || + ssl->in_msg[5] != SSL_SIG_RSA ) + { + SSL_DEBUG_MSG( 1, ( "peer not adhering to requested sig_alg for verify message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); + } + + if( ssl->handshake->verify_sig_alg == SSL_HASH_SHA384 ) + { + hashlen = 48; + hash_id = SIG_RSA_SHA384; + } + else + { + hashlen = 32; + hash_id = SIG_RSA_SHA256; + } + + n += 2; + } + else + { + hashlen = 36; + hash_id = SIG_RSA_RAW; + } + + n1 = ssl->session_negotiate->peer_cert->rsa.len; + n2 = ( ssl->in_msg[4 + n] << 8 ) | ssl->in_msg[5 + n]; + + if( n + n1 + 6 != ssl->in_hslen || n1 != n2 ) + { + SSL_DEBUG_MSG( 1, ( "bad certificate verify message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); + } + + ret = rsa_pkcs1_verify( &ssl->session_negotiate->peer_cert->rsa, RSA_PUBLIC, + hash_id, hashlen, hash, ssl->in_msg + 6 + n ); + if( ret != 0 ) + { + SSL_DEBUG_RET( 1, "rsa_pkcs1_verify", ret ); + return( ret ); + } + + SSL_DEBUG_MSG( 2, ( "<= parse certificate verify" ) ); + + return( 0 ); +} + +/* + * SSL handshake -- server side -- single step + */ +int ssl_handshake_server_step( ssl_context *ssl ) +{ + int ret = 0; + + if( ssl->state == SSL_HANDSHAKE_OVER ) + return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); + + SSL_DEBUG_MSG( 2, ( "server state: %d", ssl->state ) ); + + if( ( ret = ssl_flush_output( ssl ) ) != 0 ) + return( ret ); + + switch( ssl->state ) + { + case SSL_HELLO_REQUEST: + ssl->state = SSL_CLIENT_HELLO; + break; + + /* + * <== ClientHello + */ + case SSL_CLIENT_HELLO: + ret = ssl_parse_client_hello( ssl ); + break; + + /* + * ==> ServerHello + * Certificate + * ( ServerKeyExchange ) + * ( CertificateRequest ) + * ServerHelloDone + */ + case SSL_SERVER_HELLO: + ret = ssl_write_server_hello( ssl ); + break; + + case SSL_SERVER_CERTIFICATE: + ret = ssl_write_certificate( ssl ); + break; + + case SSL_SERVER_KEY_EXCHANGE: + ret = ssl_write_server_key_exchange( ssl ); + break; + + case SSL_CERTIFICATE_REQUEST: + ret = ssl_write_certificate_request( ssl ); + break; + + case SSL_SERVER_HELLO_DONE: + ret = ssl_write_server_hello_done( ssl ); + break; + + /* + * <== ( Certificate/Alert ) + * ClientKeyExchange + * ( CertificateVerify ) + * ChangeCipherSpec + * Finished + */ + case SSL_CLIENT_CERTIFICATE: + ret = ssl_parse_certificate( ssl ); + break; + + case SSL_CLIENT_KEY_EXCHANGE: + ret = ssl_parse_client_key_exchange( ssl ); + break; + + case SSL_CERTIFICATE_VERIFY: + ret = ssl_parse_certificate_verify( ssl ); + break; + + case SSL_CLIENT_CHANGE_CIPHER_SPEC: + ret = ssl_parse_change_cipher_spec( ssl ); + break; + + case SSL_CLIENT_FINISHED: + ret = ssl_parse_finished( ssl ); + break; + + /* + * ==> ChangeCipherSpec + * Finished + */ + case SSL_SERVER_CHANGE_CIPHER_SPEC: + ret = ssl_write_change_cipher_spec( ssl ); + break; + + case SSL_SERVER_FINISHED: + ret = ssl_write_finished( ssl ); + break; + + case SSL_FLUSH_BUFFERS: + SSL_DEBUG_MSG( 2, ( "handshake: done" ) ); + ssl->state = SSL_HANDSHAKE_WRAPUP; + break; + + case SSL_HANDSHAKE_WRAPUP: + ssl_handshake_wrapup( ssl ); + break; + + default: + SSL_DEBUG_MSG( 1, ( "invalid state %d", ssl->state ) ); + return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); + } + + return( ret ); +} +#endif diff --git a/polarssl/ssl_tls.c b/polarssl/ssl_tls.c new file mode 100644 index 0000000..cde6795 --- /dev/null +++ b/polarssl/ssl_tls.c @@ -0,0 +1,3991 @@ +/* + * SSLv3/TLSv1 shared functions + * + * Copyright (C) 2006-2012, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +/* + * The SSL 3.0 specification was drafted by Netscape in 1996, + * and became an IETF standard in 1999. + * + * http://wp.netscape.com/eng/ssl3/ + * http://www.ietf.org/rfc/rfc2246.txt + * http://www.ietf.org/rfc/rfc4346.txt + */ + +#include "polarssl/config.h" + +#if defined(POLARSSL_SSL_TLS_C) + +#include "polarssl/aes.h" +#include "polarssl/arc4.h" +#include "polarssl/camellia.h" +#include "polarssl/des.h" +#include "polarssl/debug.h" +#include "polarssl/ssl.h" +#include "polarssl/sha2.h" + +#if defined(POLARSSL_GCM_C) +#include "polarssl/gcm.h" +#endif + +#include +#include + +#if defined _MSC_VER && !defined strcasecmp +#define strcasecmp _stricmp +#endif + +#if defined(POLARSSL_SSL_HW_RECORD_ACCEL) +int (*ssl_hw_record_init)(ssl_context *ssl, + const unsigned char *key_enc, const unsigned char *key_dec, + const unsigned char *iv_enc, const unsigned char *iv_dec, + const unsigned char *mac_enc, const unsigned char *mac_dec) = NULL; +int (*ssl_hw_record_reset)(ssl_context *ssl) = NULL; +int (*ssl_hw_record_write)(ssl_context *ssl) = NULL; +int (*ssl_hw_record_read)(ssl_context *ssl) = NULL; +int (*ssl_hw_record_finish)(ssl_context *ssl) = NULL; +#endif + +static int ssl_rsa_decrypt( void *ctx, int mode, size_t *olen, + const unsigned char *input, unsigned char *output, + size_t output_max_len ) +{ + return rsa_pkcs1_decrypt( (rsa_context *) ctx, mode, olen, input, output, + output_max_len ); +} + +static int ssl_rsa_sign( void *ctx, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, + int mode, int hash_id, unsigned int hashlen, + const unsigned char *hash, unsigned char *sig ) +{ + return rsa_pkcs1_sign( (rsa_context *) ctx, f_rng, p_rng, mode, hash_id, + hashlen, hash, sig ); +} + +static size_t ssl_rsa_key_len( void *ctx ) +{ + return ( (rsa_context *) ctx )->len; +} + +/* + * Key material generation + */ +static int ssl3_prf( unsigned char *secret, size_t slen, char *label, + unsigned char *random, size_t rlen, + unsigned char *dstbuf, size_t dlen ) +{ + size_t i; + md5_context md5; + sha1_context sha1; + unsigned char padding[16]; + unsigned char sha1sum[20]; + ((void)label); + + /* + * SSLv3: + * block = + * MD5( secret + SHA1( 'A' + secret + random ) ) + + * MD5( secret + SHA1( 'BB' + secret + random ) ) + + * MD5( secret + SHA1( 'CCC' + secret + random ) ) + + * ... + */ + for( i = 0; i < dlen / 16; i++ ) + { + memset( padding, 'A' + i, 1 + i ); + + sha1_starts( &sha1 ); + sha1_update( &sha1, padding, 1 + i ); + sha1_update( &sha1, secret, slen ); + sha1_update( &sha1, random, rlen ); + sha1_finish( &sha1, sha1sum ); + + md5_starts( &md5 ); + md5_update( &md5, secret, slen ); + md5_update( &md5, sha1sum, 20 ); + md5_finish( &md5, dstbuf + i * 16 ); + } + + memset( &md5, 0, sizeof( md5 ) ); + memset( &sha1, 0, sizeof( sha1 ) ); + + memset( padding, 0, sizeof( padding ) ); + memset( sha1sum, 0, sizeof( sha1sum ) ); + + return( 0 ); +} + +static int tls1_prf( unsigned char *secret, size_t slen, char *label, + unsigned char *random, size_t rlen, + unsigned char *dstbuf, size_t dlen ) +{ + size_t nb, hs; + size_t i, j, k; + unsigned char *S1, *S2; + unsigned char tmp[128]; + unsigned char h_i[20]; + + if( sizeof( tmp ) < 20 + strlen( label ) + rlen ) + return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); + + hs = ( slen + 1 ) / 2; + S1 = secret; + S2 = secret + slen - hs; + + nb = strlen( label ); + memcpy( tmp + 20, label, nb ); + memcpy( tmp + 20 + nb, random, rlen ); + nb += rlen; + + /* + * First compute P_md5(secret,label+random)[0..dlen] + */ + md5_hmac( S1, hs, tmp + 20, nb, 4 + tmp ); + + for( i = 0; i < dlen; i += 16 ) + { + md5_hmac( S1, hs, 4 + tmp, 16 + nb, h_i ); + md5_hmac( S1, hs, 4 + tmp, 16, 4 + tmp ); + + k = ( i + 16 > dlen ) ? dlen % 16 : 16; + + for( j = 0; j < k; j++ ) + dstbuf[i + j] = h_i[j]; + } + + /* + * XOR out with P_sha1(secret,label+random)[0..dlen] + */ + sha1_hmac( S2, hs, tmp + 20, nb, tmp ); + + for( i = 0; i < dlen; i += 20 ) + { + sha1_hmac( S2, hs, tmp, 20 + nb, h_i ); + sha1_hmac( S2, hs, tmp, 20, tmp ); + + k = ( i + 20 > dlen ) ? dlen % 20 : 20; + + for( j = 0; j < k; j++ ) + dstbuf[i + j] = (unsigned char)( dstbuf[i + j] ^ h_i[j] ); + } + + memset( tmp, 0, sizeof( tmp ) ); + memset( h_i, 0, sizeof( h_i ) ); + + return( 0 ); +} + +static int tls_prf_sha256( unsigned char *secret, size_t slen, char *label, + unsigned char *random, size_t rlen, + unsigned char *dstbuf, size_t dlen ) +{ + size_t nb; + size_t i, j, k; + unsigned char tmp[128]; + unsigned char h_i[32]; + + if( sizeof( tmp ) < 32 + strlen( label ) + rlen ) + return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); + + nb = strlen( label ); + memcpy( tmp + 32, label, nb ); + memcpy( tmp + 32 + nb, random, rlen ); + nb += rlen; + + /* + * Compute P_(secret, label + random)[0..dlen] + */ + sha2_hmac( secret, slen, tmp + 32, nb, tmp, 0 ); + + for( i = 0; i < dlen; i += 32 ) + { + sha2_hmac( secret, slen, tmp, 32 + nb, h_i, 0 ); + sha2_hmac( secret, slen, tmp, 32, tmp, 0 ); + + k = ( i + 32 > dlen ) ? dlen % 32 : 32; + + for( j = 0; j < k; j++ ) + dstbuf[i + j] = h_i[j]; + } + + memset( tmp, 0, sizeof( tmp ) ); + memset( h_i, 0, sizeof( h_i ) ); + + return( 0 ); +} + +#if defined(POLARSSL_SHA4_C) +static int tls_prf_sha384( unsigned char *secret, size_t slen, char *label, + unsigned char *random, size_t rlen, + unsigned char *dstbuf, size_t dlen ) +{ + size_t nb; + size_t i, j, k; + unsigned char tmp[128]; + unsigned char h_i[48]; + + if( sizeof( tmp ) < 48 + strlen( label ) + rlen ) + return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); + + nb = strlen( label ); + memcpy( tmp + 48, label, nb ); + memcpy( tmp + 48 + nb, random, rlen ); + nb += rlen; + + /* + * Compute P_(secret, label + random)[0..dlen] + */ + sha4_hmac( secret, slen, tmp + 48, nb, tmp, 1 ); + + for( i = 0; i < dlen; i += 48 ) + { + sha4_hmac( secret, slen, tmp, 48 + nb, h_i, 1 ); + sha4_hmac( secret, slen, tmp, 48, tmp, 1 ); + + k = ( i + 48 > dlen ) ? dlen % 48 : 48; + + for( j = 0; j < k; j++ ) + dstbuf[i + j] = h_i[j]; + } + + memset( tmp, 0, sizeof( tmp ) ); + memset( h_i, 0, sizeof( h_i ) ); + + return( 0 ); +} +#endif + +static void ssl_update_checksum_start(ssl_context *, unsigned char *, size_t); +static void ssl_update_checksum_md5sha1(ssl_context *, unsigned char *, size_t); +static void ssl_update_checksum_sha256(ssl_context *, unsigned char *, size_t); + +static void ssl_calc_verify_ssl(ssl_context *,unsigned char *); +static void ssl_calc_verify_tls(ssl_context *,unsigned char *); +static void ssl_calc_verify_tls_sha256(ssl_context *,unsigned char *); + +static void ssl_calc_finished_ssl(ssl_context *,unsigned char *,int); +static void ssl_calc_finished_tls(ssl_context *,unsigned char *,int); +static void ssl_calc_finished_tls_sha256(ssl_context *,unsigned char *,int); + +#if defined(POLARSSL_SHA4_C) +static void ssl_update_checksum_sha384(ssl_context *, unsigned char *, size_t); +static void ssl_calc_verify_tls_sha384(ssl_context *,unsigned char *); +static void ssl_calc_finished_tls_sha384(ssl_context *,unsigned char *,int); +#endif + +int ssl_derive_keys( ssl_context *ssl ) +{ + unsigned char tmp[64]; + unsigned char keyblk[256]; + unsigned char *key1; + unsigned char *key2; + unsigned int iv_copy_len; + ssl_session *session = ssl->session_negotiate; + ssl_transform *transform = ssl->transform_negotiate; + ssl_handshake_params *handshake = ssl->handshake; + + SSL_DEBUG_MSG( 2, ( "=> derive keys" ) ); + + /* + * Set appropriate PRF function and other SSL / TLS / TLS1.2 functions + */ + if( ssl->minor_ver == SSL_MINOR_VERSION_0 ) + { + handshake->tls_prf = ssl3_prf; + handshake->calc_verify = ssl_calc_verify_ssl; + handshake->calc_finished = ssl_calc_finished_ssl; + } + else if( ssl->minor_ver < SSL_MINOR_VERSION_3 ) + { + handshake->tls_prf = tls1_prf; + handshake->calc_verify = ssl_calc_verify_tls; + handshake->calc_finished = ssl_calc_finished_tls; + } +#if defined(POLARSSL_SHA4_C) + else if( session->ciphersuite == TLS_RSA_WITH_AES_256_GCM_SHA384 || + session->ciphersuite == TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 ) + { + handshake->tls_prf = tls_prf_sha384; + handshake->calc_verify = ssl_calc_verify_tls_sha384; + handshake->calc_finished = ssl_calc_finished_tls_sha384; + } +#endif + else + { + handshake->tls_prf = tls_prf_sha256; + handshake->calc_verify = ssl_calc_verify_tls_sha256; + handshake->calc_finished = ssl_calc_finished_tls_sha256; + } + + /* + * SSLv3: + * master = + * MD5( premaster + SHA1( 'A' + premaster + randbytes ) ) + + * MD5( premaster + SHA1( 'BB' + premaster + randbytes ) ) + + * MD5( premaster + SHA1( 'CCC' + premaster + randbytes ) ) + * + * TLSv1: + * master = PRF( premaster, "master secret", randbytes )[0..47] + */ + if( handshake->resume == 0 ) + { + SSL_DEBUG_BUF( 3, "premaster secret", handshake->premaster, + handshake->pmslen ); + + handshake->tls_prf( handshake->premaster, handshake->pmslen, + "master secret", + handshake->randbytes, 64, session->master, 48 ); + + memset( handshake->premaster, 0, sizeof( handshake->premaster ) ); + } + else + SSL_DEBUG_MSG( 3, ( "no premaster (session resumed)" ) ); + + /* + * Swap the client and server random values. + */ + memcpy( tmp, handshake->randbytes, 64 ); + memcpy( handshake->randbytes, tmp + 32, 32 ); + memcpy( handshake->randbytes + 32, tmp, 32 ); + memset( tmp, 0, sizeof( tmp ) ); + + /* + * SSLv3: + * key block = + * MD5( master + SHA1( 'A' + master + randbytes ) ) + + * MD5( master + SHA1( 'BB' + master + randbytes ) ) + + * MD5( master + SHA1( 'CCC' + master + randbytes ) ) + + * MD5( master + SHA1( 'DDDD' + master + randbytes ) ) + + * ... + * + * TLSv1: + * key block = PRF( master, "key expansion", randbytes ) + */ + handshake->tls_prf( session->master, 48, "key expansion", + handshake->randbytes, 64, keyblk, 256 ); + + SSL_DEBUG_MSG( 3, ( "ciphersuite = %s", + ssl_get_ciphersuite_name( session->ciphersuite ) ) ); + SSL_DEBUG_BUF( 3, "master secret", session->master, 48 ); + SSL_DEBUG_BUF( 4, "random bytes", handshake->randbytes, 64 ); + SSL_DEBUG_BUF( 4, "key block", keyblk, 256 ); + + memset( handshake->randbytes, 0, sizeof( handshake->randbytes ) ); + + /* + * Determine the appropriate key, IV and MAC length. + */ + switch( session->ciphersuite ) + { +#if defined(POLARSSL_ARC4_C) + case TLS_RSA_WITH_RC4_128_MD5: + transform->keylen = 16; transform->minlen = 16; + transform->ivlen = 0; transform->maclen = 16; + break; + + case TLS_RSA_WITH_RC4_128_SHA: + transform->keylen = 16; transform->minlen = 20; + transform->ivlen = 0; transform->maclen = 20; + break; +#endif + +#if defined(POLARSSL_DES_C) + case TLS_RSA_WITH_3DES_EDE_CBC_SHA: + case TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA: + transform->keylen = 24; transform->minlen = 24; + transform->ivlen = 8; transform->maclen = 20; + break; +#endif + +#if defined(POLARSSL_AES_C) + case TLS_RSA_WITH_AES_128_CBC_SHA: + case TLS_DHE_RSA_WITH_AES_128_CBC_SHA: + transform->keylen = 16; transform->minlen = 32; + transform->ivlen = 16; transform->maclen = 20; + break; + + case TLS_RSA_WITH_AES_256_CBC_SHA: + case TLS_DHE_RSA_WITH_AES_256_CBC_SHA: + transform->keylen = 32; transform->minlen = 32; + transform->ivlen = 16; transform->maclen = 20; + break; + +#if defined(POLARSSL_SHA2_C) + case TLS_RSA_WITH_AES_128_CBC_SHA256: + case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256: + transform->keylen = 16; transform->minlen = 32; + transform->ivlen = 16; transform->maclen = 32; + break; + + case TLS_RSA_WITH_AES_256_CBC_SHA256: + case TLS_DHE_RSA_WITH_AES_256_CBC_SHA256: + transform->keylen = 32; transform->minlen = 32; + transform->ivlen = 16; transform->maclen = 32; + break; +#endif +#if defined(POLARSSL_GCM_C) + case TLS_RSA_WITH_AES_128_GCM_SHA256: + case TLS_DHE_RSA_WITH_AES_128_GCM_SHA256: + transform->keylen = 16; transform->minlen = 1; + transform->ivlen = 12; transform->maclen = 0; + transform->fixed_ivlen = 4; + break; + + case TLS_RSA_WITH_AES_256_GCM_SHA384: + case TLS_DHE_RSA_WITH_AES_256_GCM_SHA384: + transform->keylen = 32; transform->minlen = 1; + transform->ivlen = 12; transform->maclen = 0; + transform->fixed_ivlen = 4; + break; +#endif +#endif + +#if defined(POLARSSL_CAMELLIA_C) + case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA: + case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA: + transform->keylen = 16; transform->minlen = 32; + transform->ivlen = 16; transform->maclen = 20; + break; + + case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA: + case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA: + transform->keylen = 32; transform->minlen = 32; + transform->ivlen = 16; transform->maclen = 20; + break; + +#if defined(POLARSSL_SHA2_C) + case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256: + transform->keylen = 16; transform->minlen = 32; + transform->ivlen = 16; transform->maclen = 32; + break; + + case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256: + case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256: + transform->keylen = 32; transform->minlen = 32; + transform->ivlen = 16; transform->maclen = 32; + break; +#endif +#endif + +#if defined(POLARSSL_ENABLE_WEAK_CIPHERSUITES) +#if defined(POLARSSL_CIPHER_NULL_CIPHER) + case TLS_RSA_WITH_NULL_MD5: + transform->keylen = 0; transform->minlen = 0; + transform->ivlen = 0; transform->maclen = 16; + break; + + case TLS_RSA_WITH_NULL_SHA: + transform->keylen = 0; transform->minlen = 0; + transform->ivlen = 0; transform->maclen = 20; + break; + + case TLS_RSA_WITH_NULL_SHA256: + transform->keylen = 0; transform->minlen = 0; + transform->ivlen = 0; transform->maclen = 32; + break; +#endif /* defined(POLARSSL_CIPHER_NULL_CIPHER) */ + +#if defined(POLARSSL_DES_C) + case TLS_RSA_WITH_DES_CBC_SHA: + case TLS_DHE_RSA_WITH_DES_CBC_SHA: + transform->keylen = 8; transform->minlen = 8; + transform->ivlen = 8; transform->maclen = 20; + break; +#endif +#endif /* defined(POLARSSL_ENABLE_WEAK_CIPHERSUITES) */ + + default: + SSL_DEBUG_MSG( 1, ( "ciphersuite %s is not available", + ssl_get_ciphersuite_name( session->ciphersuite ) ) ); + return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE ); + } + + SSL_DEBUG_MSG( 3, ( "keylen: %d, minlen: %d, ivlen: %d, maclen: %d", + transform->keylen, transform->minlen, transform->ivlen, + transform->maclen ) ); + + /* + * Finally setup the cipher contexts, IVs and MAC secrets. + */ + if( ssl->endpoint == SSL_IS_CLIENT ) + { + key1 = keyblk + transform->maclen * 2; + key2 = keyblk + transform->maclen * 2 + transform->keylen; + + memcpy( transform->mac_enc, keyblk, transform->maclen ); + memcpy( transform->mac_dec, keyblk + transform->maclen, + transform->maclen ); + + /* + * This is not used in TLS v1.1. + */ + iv_copy_len = ( transform->fixed_ivlen ) ? + transform->fixed_ivlen : transform->ivlen; + memcpy( transform->iv_enc, key2 + transform->keylen, iv_copy_len ); + memcpy( transform->iv_dec, key2 + transform->keylen + iv_copy_len, + iv_copy_len ); + } + else + { + key1 = keyblk + transform->maclen * 2 + transform->keylen; + key2 = keyblk + transform->maclen * 2; + + memcpy( transform->mac_dec, keyblk, transform->maclen ); + memcpy( transform->mac_enc, keyblk + transform->maclen, + transform->maclen ); + + /* + * This is not used in TLS v1.1. + */ + iv_copy_len = ( transform->fixed_ivlen ) ? + transform->fixed_ivlen : transform->ivlen; + memcpy( transform->iv_dec, key1 + transform->keylen, iv_copy_len ); + memcpy( transform->iv_enc, key1 + transform->keylen + iv_copy_len, + iv_copy_len ); + } + +#if defined(POLARSSL_SSL_HW_RECORD_ACCEL) + if( ssl_hw_record_init != NULL) + { + int ret = 0; + + SSL_DEBUG_MSG( 2, ( "going for ssl_hw_record_init()" ) ); + + if( ( ret = ssl_hw_record_init( ssl, key1, key2, transform->iv_enc, + transform->iv_dec, transform->mac_enc, + transform->mac_dec ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "ssl_hw_record_init", ret ); + return POLARSSL_ERR_SSL_HW_ACCEL_FAILED; + } + } +#endif + + switch( session->ciphersuite ) + { +#if defined(POLARSSL_ARC4_C) + case TLS_RSA_WITH_RC4_128_MD5: + case TLS_RSA_WITH_RC4_128_SHA: + arc4_setup( (arc4_context *) transform->ctx_enc, key1, + transform->keylen ); + arc4_setup( (arc4_context *) transform->ctx_dec, key2, + transform->keylen ); + break; +#endif + +#if defined(POLARSSL_DES_C) + case TLS_RSA_WITH_3DES_EDE_CBC_SHA: + case TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA: + des3_set3key_enc( (des3_context *) transform->ctx_enc, key1 ); + des3_set3key_dec( (des3_context *) transform->ctx_dec, key2 ); + break; +#endif + +#if defined(POLARSSL_AES_C) + case TLS_RSA_WITH_AES_128_CBC_SHA: + case TLS_DHE_RSA_WITH_AES_128_CBC_SHA: + case TLS_RSA_WITH_AES_128_CBC_SHA256: + case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256: + aes_setkey_enc( (aes_context *) transform->ctx_enc, key1, 128 ); + aes_setkey_dec( (aes_context *) transform->ctx_dec, key2, 128 ); + break; + + case TLS_RSA_WITH_AES_256_CBC_SHA: + case TLS_DHE_RSA_WITH_AES_256_CBC_SHA: + case TLS_RSA_WITH_AES_256_CBC_SHA256: + case TLS_DHE_RSA_WITH_AES_256_CBC_SHA256: + aes_setkey_enc( (aes_context *) transform->ctx_enc, key1, 256 ); + aes_setkey_dec( (aes_context *) transform->ctx_dec, key2, 256 ); + break; + +#if defined(POLARSSL_GCM_C) + case TLS_RSA_WITH_AES_128_GCM_SHA256: + case TLS_DHE_RSA_WITH_AES_128_GCM_SHA256: + gcm_init( (gcm_context *) transform->ctx_enc, key1, 128 ); + gcm_init( (gcm_context *) transform->ctx_dec, key2, 128 ); + break; + + case TLS_RSA_WITH_AES_256_GCM_SHA384: + case TLS_DHE_RSA_WITH_AES_256_GCM_SHA384: + gcm_init( (gcm_context *) transform->ctx_enc, key1, 256 ); + gcm_init( (gcm_context *) transform->ctx_dec, key2, 256 ); + break; +#endif +#endif + +#if defined(POLARSSL_CAMELLIA_C) + case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA: + case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA: + case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256: + case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256: + camellia_setkey_enc( (camellia_context *) transform->ctx_enc, key1, 128 ); + camellia_setkey_dec( (camellia_context *) transform->ctx_dec, key2, 128 ); + break; + + case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA: + case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA: + case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256: + case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256: + camellia_setkey_enc( (camellia_context *) transform->ctx_enc, key1, 256 ); + camellia_setkey_dec( (camellia_context *) transform->ctx_dec, key2, 256 ); + break; +#endif + +#if defined(POLARSSL_ENABLE_WEAK_CIPHERSUITES) +#if defined(POLARSSL_CIPHER_NULL_CIPHER) + case TLS_RSA_WITH_NULL_MD5: + case TLS_RSA_WITH_NULL_SHA: + case TLS_RSA_WITH_NULL_SHA256: + break; +#endif /* defined(POLARSSL_CIPHER_NULL_CIPHER) */ + +#if defined(POLARSSL_DES_C) + case TLS_RSA_WITH_DES_CBC_SHA: + case TLS_DHE_RSA_WITH_DES_CBC_SHA: + des_setkey_enc( (des_context *) transform->ctx_enc, key1 ); + des_setkey_dec( (des_context *) transform->ctx_dec, key2 ); + break; +#endif +#endif /* defined(POLARSSL_ENABLE_WEAK_CIPHERSUITES) */ + + default: + return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE ); + } + + memset( keyblk, 0, sizeof( keyblk ) ); + +#if defined(POLARSSL_ZLIB_SUPPORT) + // Initialize compression + // + if( session->compression == SSL_COMPRESS_DEFLATE ) + { + SSL_DEBUG_MSG( 3, ( "Initializing zlib states" ) ); + + memset( &transform->ctx_deflate, 0, sizeof( transform->ctx_deflate ) ); + memset( &transform->ctx_inflate, 0, sizeof( transform->ctx_inflate ) ); + + if( deflateInit( &transform->ctx_deflate, Z_DEFAULT_COMPRESSION ) != Z_OK || + inflateInit( &transform->ctx_inflate ) != Z_OK ) + { + SSL_DEBUG_MSG( 1, ( "Failed to initialize compression" ) ); + return( POLARSSL_ERR_SSL_COMPRESSION_FAILED ); + } + } +#endif /* POLARSSL_ZLIB_SUPPORT */ + + SSL_DEBUG_MSG( 2, ( "<= derive keys" ) ); + + return( 0 ); +} + +void ssl_calc_verify_ssl( ssl_context *ssl, unsigned char hash[36] ) +{ + md5_context md5; + sha1_context sha1; + unsigned char pad_1[48]; + unsigned char pad_2[48]; + + SSL_DEBUG_MSG( 2, ( "=> calc verify ssl" ) ); + + memcpy( &md5 , &ssl->handshake->fin_md5 , sizeof(md5_context) ); + memcpy( &sha1, &ssl->handshake->fin_sha1, sizeof(sha1_context) ); + + memset( pad_1, 0x36, 48 ); + memset( pad_2, 0x5C, 48 ); + + md5_update( &md5, ssl->session_negotiate->master, 48 ); + md5_update( &md5, pad_1, 48 ); + md5_finish( &md5, hash ); + + md5_starts( &md5 ); + md5_update( &md5, ssl->session_negotiate->master, 48 ); + md5_update( &md5, pad_2, 48 ); + md5_update( &md5, hash, 16 ); + md5_finish( &md5, hash ); + + sha1_update( &sha1, ssl->session_negotiate->master, 48 ); + sha1_update( &sha1, pad_1, 40 ); + sha1_finish( &sha1, hash + 16 ); + + sha1_starts( &sha1 ); + sha1_update( &sha1, ssl->session_negotiate->master, 48 ); + sha1_update( &sha1, pad_2, 40 ); + sha1_update( &sha1, hash + 16, 20 ); + sha1_finish( &sha1, hash + 16 ); + + SSL_DEBUG_BUF( 3, "calculated verify result", hash, 36 ); + SSL_DEBUG_MSG( 2, ( "<= calc verify" ) ); + + return; +} + +void ssl_calc_verify_tls( ssl_context *ssl, unsigned char hash[36] ) +{ + md5_context md5; + sha1_context sha1; + + SSL_DEBUG_MSG( 2, ( "=> calc verify tls" ) ); + + memcpy( &md5 , &ssl->handshake->fin_md5 , sizeof(md5_context) ); + memcpy( &sha1, &ssl->handshake->fin_sha1, sizeof(sha1_context) ); + + md5_finish( &md5, hash ); + sha1_finish( &sha1, hash + 16 ); + + SSL_DEBUG_BUF( 3, "calculated verify result", hash, 36 ); + SSL_DEBUG_MSG( 2, ( "<= calc verify" ) ); + + return; +} + +void ssl_calc_verify_tls_sha256( ssl_context *ssl, unsigned char hash[32] ) +{ + sha2_context sha2; + + SSL_DEBUG_MSG( 2, ( "=> calc verify sha256" ) ); + + memcpy( &sha2, &ssl->handshake->fin_sha2, sizeof(sha2_context) ); + sha2_finish( &sha2, hash ); + + SSL_DEBUG_BUF( 3, "calculated verify result", hash, 32 ); + SSL_DEBUG_MSG( 2, ( "<= calc verify" ) ); + + return; +} + +#if defined(POLARSSL_SHA4_C) +void ssl_calc_verify_tls_sha384( ssl_context *ssl, unsigned char hash[48] ) +{ + sha4_context sha4; + + SSL_DEBUG_MSG( 2, ( "=> calc verify sha384" ) ); + + memcpy( &sha4, &ssl->handshake->fin_sha4, sizeof(sha4_context) ); + sha4_finish( &sha4, hash ); + + SSL_DEBUG_BUF( 3, "calculated verify result", hash, 48 ); + SSL_DEBUG_MSG( 2, ( "<= calc verify" ) ); + + return; +} +#endif + +/* + * SSLv3.0 MAC functions + */ +static void ssl_mac_md5( unsigned char *secret, + unsigned char *buf, size_t len, + unsigned char *ctr, int type ) +{ + unsigned char header[11]; + unsigned char padding[48]; + md5_context md5; + + memcpy( header, ctr, 8 ); + header[ 8] = (unsigned char) type; + header[ 9] = (unsigned char)( len >> 8 ); + header[10] = (unsigned char)( len ); + + memset( padding, 0x36, 48 ); + md5_starts( &md5 ); + md5_update( &md5, secret, 16 ); + md5_update( &md5, padding, 48 ); + md5_update( &md5, header, 11 ); + md5_update( &md5, buf, len ); + md5_finish( &md5, buf + len ); + + memset( padding, 0x5C, 48 ); + md5_starts( &md5 ); + md5_update( &md5, secret, 16 ); + md5_update( &md5, padding, 48 ); + md5_update( &md5, buf + len, 16 ); + md5_finish( &md5, buf + len ); +} + +static void ssl_mac_sha1( unsigned char *secret, + unsigned char *buf, size_t len, + unsigned char *ctr, int type ) +{ + unsigned char header[11]; + unsigned char padding[40]; + sha1_context sha1; + + memcpy( header, ctr, 8 ); + header[ 8] = (unsigned char) type; + header[ 9] = (unsigned char)( len >> 8 ); + header[10] = (unsigned char)( len ); + + memset( padding, 0x36, 40 ); + sha1_starts( &sha1 ); + sha1_update( &sha1, secret, 20 ); + sha1_update( &sha1, padding, 40 ); + sha1_update( &sha1, header, 11 ); + sha1_update( &sha1, buf, len ); + sha1_finish( &sha1, buf + len ); + + memset( padding, 0x5C, 40 ); + sha1_starts( &sha1 ); + sha1_update( &sha1, secret, 20 ); + sha1_update( &sha1, padding, 40 ); + sha1_update( &sha1, buf + len, 20 ); + sha1_finish( &sha1, buf + len ); +} + +static void ssl_mac_sha2( unsigned char *secret, + unsigned char *buf, size_t len, + unsigned char *ctr, int type ) +{ + unsigned char header[11]; + unsigned char padding[32]; + sha2_context sha2; + + memcpy( header, ctr, 8 ); + header[ 8] = (unsigned char) type; + header[ 9] = (unsigned char)( len >> 8 ); + header[10] = (unsigned char)( len ); + + memset( padding, 0x36, 32 ); + sha2_starts( &sha2, 0 ); + sha2_update( &sha2, secret, 32 ); + sha2_update( &sha2, padding, 32 ); + sha2_update( &sha2, header, 11 ); + sha2_update( &sha2, buf, len ); + sha2_finish( &sha2, buf + len ); + + memset( padding, 0x5C, 32 ); + sha2_starts( &sha2, 0 ); + sha2_update( &sha2, secret, 32 ); + sha2_update( &sha2, padding, 32 ); + sha2_update( &sha2, buf + len, 32 ); + sha2_finish( &sha2, buf + len ); +} + +/* + * Encryption/decryption functions + */ +static int ssl_encrypt_buf( ssl_context *ssl ) +{ + size_t i, padlen; + + SSL_DEBUG_MSG( 2, ( "=> encrypt buf" ) ); + + /* + * Add MAC then encrypt + */ + if( ssl->minor_ver == SSL_MINOR_VERSION_0 ) + { + if( ssl->transform_out->maclen == 16 ) + ssl_mac_md5( ssl->transform_out->mac_enc, + ssl->out_msg, ssl->out_msglen, + ssl->out_ctr, ssl->out_msgtype ); + else if( ssl->transform_out->maclen == 20 ) + ssl_mac_sha1( ssl->transform_out->mac_enc, + ssl->out_msg, ssl->out_msglen, + ssl->out_ctr, ssl->out_msgtype ); + else if( ssl->transform_out->maclen == 32 ) + ssl_mac_sha2( ssl->transform_out->mac_enc, + ssl->out_msg, ssl->out_msglen, + ssl->out_ctr, ssl->out_msgtype ); + else if( ssl->transform_out->maclen != 0 ) + { + SSL_DEBUG_MSG( 1, ( "invalid MAC len: %d", + ssl->transform_out->maclen ) ); + return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE ); + } + } + else + { + if( ssl->transform_out->maclen == 16 ) + { + md5_context ctx; + md5_hmac_starts( &ctx, ssl->transform_out->mac_enc, 16 ); + md5_hmac_update( &ctx, ssl->out_ctr, 13 ); + md5_hmac_update( &ctx, ssl->out_msg, ssl->out_msglen ); + md5_hmac_finish( &ctx, ssl->out_msg + ssl->out_msglen ); + memset( &ctx, 0, sizeof(md5_context)); + } + else if( ssl->transform_out->maclen == 20 ) + { + sha1_context ctx; + sha1_hmac_starts( &ctx, ssl->transform_out->mac_enc, 20 ); + sha1_hmac_update( &ctx, ssl->out_ctr, 13 ); + sha1_hmac_update( &ctx, ssl->out_msg, ssl->out_msglen ); + sha1_hmac_finish( &ctx, ssl->out_msg + ssl->out_msglen ); + memset( &ctx, 0, sizeof(sha1_context)); + } + else if( ssl->transform_out->maclen == 32 ) + { + sha2_context ctx; + sha2_hmac_starts( &ctx, ssl->transform_out->mac_enc, 32, 0 ); + sha2_hmac_update( &ctx, ssl->out_ctr, 13 ); + sha2_hmac_update( &ctx, ssl->out_msg, ssl->out_msglen ); + sha2_hmac_finish( &ctx, ssl->out_msg + ssl->out_msglen ); + memset( &ctx, 0, sizeof(sha2_context)); + } + else if( ssl->transform_out->maclen != 0 ) + { + SSL_DEBUG_MSG( 1, ( "invalid MAC len: %d", + ssl->transform_out->maclen ) ); + return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE ); + } + } + + SSL_DEBUG_BUF( 4, "computed mac", + ssl->out_msg + ssl->out_msglen, ssl->transform_out->maclen ); + + ssl->out_msglen += ssl->transform_out->maclen; + + if( ssl->transform_out->ivlen == 0 ) + { + padlen = 0; + + SSL_DEBUG_MSG( 3, ( "before encrypt: msglen = %d, " + "including %d bytes of padding", + ssl->out_msglen, 0 ) ); + + SSL_DEBUG_BUF( 4, "before encrypt: output payload", + ssl->out_msg, ssl->out_msglen ); + +#if defined(POLARSSL_ARC4_C) + if( ssl->session_out->ciphersuite == TLS_RSA_WITH_RC4_128_MD5 || + ssl->session_out->ciphersuite == TLS_RSA_WITH_RC4_128_SHA ) + { + arc4_crypt( (arc4_context *) ssl->transform_out->ctx_enc, + ssl->out_msglen, ssl->out_msg, + ssl->out_msg ); + } else +#endif +#if defined(POLARSSL_CIPHER_NULL_CIPHER) + if( ssl->session_out->ciphersuite == TLS_RSA_WITH_NULL_MD5 || + ssl->session_out->ciphersuite == TLS_RSA_WITH_NULL_SHA || + ssl->session_out->ciphersuite == TLS_RSA_WITH_NULL_SHA256 ) + { + } else +#endif + return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE ); + } + else if( ssl->transform_out->ivlen == 12 ) + { + size_t enc_msglen; + unsigned char *enc_msg; + unsigned char add_data[13]; + int ret = POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE; + + padlen = 0; + enc_msglen = ssl->out_msglen; + + memcpy( add_data, ssl->out_ctr, 8 ); + add_data[8] = ssl->out_msgtype; + add_data[9] = ssl->major_ver; + add_data[10] = ssl->minor_ver; + add_data[11] = ( ssl->out_msglen >> 8 ) & 0xFF; + add_data[12] = ssl->out_msglen & 0xFF; + + SSL_DEBUG_BUF( 4, "additional data used for AEAD", + add_data, 13 ); + +#if defined(POLARSSL_AES_C) && defined(POLARSSL_GCM_C) + + if( ssl->session_out->ciphersuite == TLS_RSA_WITH_AES_128_GCM_SHA256 || + ssl->session_out->ciphersuite == TLS_RSA_WITH_AES_256_GCM_SHA384 || + ssl->session_out->ciphersuite == TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 || + ssl->session_out->ciphersuite == TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 ) + { + /* + * Generate IV + */ + ret = ssl->f_rng( ssl->p_rng, + ssl->transform_out->iv_enc + ssl->transform_out->fixed_ivlen, + ssl->transform_out->ivlen - ssl->transform_out->fixed_ivlen ); + if( ret != 0 ) + return( ret ); + + /* + * Shift message for ivlen bytes and prepend IV + */ + memmove( ssl->out_msg + ssl->transform_out->ivlen - + ssl->transform_out->fixed_ivlen, + ssl->out_msg, ssl->out_msglen ); + memcpy( ssl->out_msg, + ssl->transform_out->iv_enc + ssl->transform_out->fixed_ivlen, + ssl->transform_out->ivlen - ssl->transform_out->fixed_ivlen ); + + /* + * Fix pointer positions and message length with added IV + */ + enc_msg = ssl->out_msg + ssl->transform_out->ivlen - + ssl->transform_out->fixed_ivlen; + enc_msglen = ssl->out_msglen; + ssl->out_msglen += ssl->transform_out->ivlen - + ssl->transform_out->fixed_ivlen; + + SSL_DEBUG_MSG( 3, ( "before encrypt: msglen = %d, " + "including %d bytes of padding", + ssl->out_msglen, 0 ) ); + + SSL_DEBUG_BUF( 4, "before encrypt: output payload", + ssl->out_msg, ssl->out_msglen ); + + /* + * Adjust for tag + */ + ssl->out_msglen += 16; + + gcm_crypt_and_tag( (gcm_context *) ssl->transform_out->ctx_enc, + GCM_ENCRYPT, enc_msglen, + ssl->transform_out->iv_enc, ssl->transform_out->ivlen, + add_data, 13, + enc_msg, enc_msg, + 16, enc_msg + enc_msglen ); + + SSL_DEBUG_BUF( 4, "after encrypt: tag", + enc_msg + enc_msglen, 16 ); + + } else +#endif + return( ret ); + } + else + { + unsigned char *enc_msg; + size_t enc_msglen; + + padlen = ssl->transform_out->ivlen - ( ssl->out_msglen + 1 ) % + ssl->transform_out->ivlen; + if( padlen == ssl->transform_out->ivlen ) + padlen = 0; + + for( i = 0; i <= padlen; i++ ) + ssl->out_msg[ssl->out_msglen + i] = (unsigned char) padlen; + + ssl->out_msglen += padlen + 1; + + enc_msglen = ssl->out_msglen; + enc_msg = ssl->out_msg; + + /* + * Prepend per-record IV for block cipher in TLS v1.1 and up as per + * Method 1 (6.2.3.2. in RFC4346 and RFC5246) + */ + if( ssl->minor_ver >= SSL_MINOR_VERSION_2 ) + { + /* + * Generate IV + */ + int ret = ssl->f_rng( ssl->p_rng, ssl->transform_out->iv_enc, + ssl->transform_out->ivlen ); + if( ret != 0 ) + return( ret ); + + /* + * Shift message for ivlen bytes and prepend IV + */ + memmove( ssl->out_msg + ssl->transform_out->ivlen, ssl->out_msg, + ssl->out_msglen ); + memcpy( ssl->out_msg, ssl->transform_out->iv_enc, + ssl->transform_out->ivlen ); + + /* + * Fix pointer positions and message length with added IV + */ + enc_msg = ssl->out_msg + ssl->transform_out->ivlen; + enc_msglen = ssl->out_msglen; + ssl->out_msglen += ssl->transform_out->ivlen; + } + + SSL_DEBUG_MSG( 3, ( "before encrypt: msglen = %d, " + "including %d bytes of IV and %d bytes of padding", + ssl->out_msglen, ssl->transform_out->ivlen, padlen + 1 ) ); + + SSL_DEBUG_BUF( 4, "before encrypt: output payload", + ssl->out_msg, ssl->out_msglen ); + + switch( ssl->transform_out->ivlen ) + { +#if defined(POLARSSL_DES_C) + case 8: +#if defined(POLARSSL_ENABLE_WEAK_CIPHERSUITES) + if( ssl->session_out->ciphersuite == TLS_RSA_WITH_DES_CBC_SHA || + ssl->session_out->ciphersuite == TLS_DHE_RSA_WITH_DES_CBC_SHA ) + { + des_crypt_cbc( (des_context *) ssl->transform_out->ctx_enc, + DES_ENCRYPT, enc_msglen, + ssl->transform_out->iv_enc, enc_msg, enc_msg ); + } + else +#endif + des3_crypt_cbc( (des3_context *) ssl->transform_out->ctx_enc, + DES_ENCRYPT, enc_msglen, + ssl->transform_out->iv_enc, enc_msg, enc_msg ); + break; +#endif + + case 16: +#if defined(POLARSSL_AES_C) + if ( ssl->session_out->ciphersuite == TLS_RSA_WITH_AES_128_CBC_SHA || + ssl->session_out->ciphersuite == TLS_DHE_RSA_WITH_AES_128_CBC_SHA || + ssl->session_out->ciphersuite == TLS_RSA_WITH_AES_256_CBC_SHA || + ssl->session_out->ciphersuite == TLS_DHE_RSA_WITH_AES_256_CBC_SHA || + ssl->session_out->ciphersuite == TLS_RSA_WITH_AES_128_CBC_SHA256 || + ssl->session_out->ciphersuite == TLS_RSA_WITH_AES_256_CBC_SHA256 || + ssl->session_out->ciphersuite == TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 || + ssl->session_out->ciphersuite == TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 ) + { + aes_crypt_cbc( (aes_context *) ssl->transform_out->ctx_enc, + AES_ENCRYPT, enc_msglen, + ssl->transform_out->iv_enc, enc_msg, enc_msg); + break; + } +#endif + +#if defined(POLARSSL_CAMELLIA_C) + if ( ssl->session_out->ciphersuite == TLS_RSA_WITH_CAMELLIA_128_CBC_SHA || + ssl->session_out->ciphersuite == TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA || + ssl->session_out->ciphersuite == TLS_RSA_WITH_CAMELLIA_256_CBC_SHA || + ssl->session_out->ciphersuite == TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA || + ssl->session_out->ciphersuite == TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 || + ssl->session_out->ciphersuite == TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 || + ssl->session_out->ciphersuite == TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 || + ssl->session_out->ciphersuite == TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 ) + { + camellia_crypt_cbc( (camellia_context *) ssl->transform_out->ctx_enc, + CAMELLIA_ENCRYPT, enc_msglen, + ssl->transform_out->iv_enc, enc_msg, enc_msg ); + break; + } +#endif + + default: + return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE ); + } + } + + for( i = 8; i > 0; i-- ) + if( ++ssl->out_ctr[i - 1] != 0 ) + break; + + SSL_DEBUG_MSG( 2, ( "<= encrypt buf" ) ); + + return( 0 ); +} + +/* + * TODO: Use digest version when integrated! + */ +#define POLARSSL_SSL_MAX_MAC_SIZE 32 + +static int ssl_decrypt_buf( ssl_context *ssl ) +{ + size_t i, padlen = 0, correct = 1; + unsigned char tmp[POLARSSL_SSL_MAX_MAC_SIZE]; + + SSL_DEBUG_MSG( 2, ( "=> decrypt buf" ) ); + + if( ssl->in_msglen < ssl->transform_in->minlen ) + { + SSL_DEBUG_MSG( 1, ( "in_msglen (%d) < minlen (%d)", + ssl->in_msglen, ssl->transform_in->minlen ) ); + return( POLARSSL_ERR_SSL_INVALID_MAC ); + } + + if( ssl->transform_in->ivlen == 0 ) + { +#if defined(POLARSSL_ARC4_C) + if( ssl->session_in->ciphersuite == TLS_RSA_WITH_RC4_128_MD5 || + ssl->session_in->ciphersuite == TLS_RSA_WITH_RC4_128_SHA ) + { + arc4_crypt( (arc4_context *) ssl->transform_in->ctx_dec, + ssl->in_msglen, ssl->in_msg, + ssl->in_msg ); + } else +#endif +#if defined(POLARSSL_CIPHER_NULL_CIPHER) + if( ssl->session_in->ciphersuite == TLS_RSA_WITH_NULL_MD5 || + ssl->session_in->ciphersuite == TLS_RSA_WITH_NULL_SHA || + ssl->session_in->ciphersuite == TLS_RSA_WITH_NULL_SHA256 ) + { + } else +#endif + return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE ); + } + else if( ssl->transform_in->ivlen == 12 ) + { + unsigned char *dec_msg; + unsigned char *dec_msg_result; + size_t dec_msglen; + unsigned char add_data[13]; + int ret = POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE; + +#if defined(POLARSSL_AES_C) && defined(POLARSSL_GCM_C) + if( ssl->session_in->ciphersuite == TLS_RSA_WITH_AES_128_GCM_SHA256 || + ssl->session_in->ciphersuite == TLS_RSA_WITH_AES_256_GCM_SHA384 || + ssl->session_in->ciphersuite == TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 || + ssl->session_in->ciphersuite == TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 ) + { + dec_msglen = ssl->in_msglen - ( ssl->transform_in->ivlen - + ssl->transform_in->fixed_ivlen ); + dec_msglen -= 16; + dec_msg = ssl->in_msg + ( ssl->transform_in->ivlen - + ssl->transform_in->fixed_ivlen ); + dec_msg_result = ssl->in_msg; + ssl->in_msglen = dec_msglen; + + memcpy( add_data, ssl->in_ctr, 8 ); + add_data[8] = ssl->in_msgtype; + add_data[9] = ssl->major_ver; + add_data[10] = ssl->minor_ver; + add_data[11] = ( ssl->in_msglen >> 8 ) & 0xFF; + add_data[12] = ssl->in_msglen & 0xFF; + + SSL_DEBUG_BUF( 4, "additional data used for AEAD", + add_data, 13 ); + + memcpy( ssl->transform_in->iv_dec + ssl->transform_in->fixed_ivlen, + ssl->in_msg, + ssl->transform_in->ivlen - ssl->transform_in->fixed_ivlen ); + + SSL_DEBUG_BUF( 4, "IV used", ssl->transform_in->iv_dec, + ssl->transform_in->ivlen ); + SSL_DEBUG_BUF( 4, "TAG used", dec_msg + dec_msglen, 16 ); + + memcpy( ssl->transform_in->iv_dec + ssl->transform_in->fixed_ivlen, + ssl->in_msg, + ssl->transform_in->ivlen - ssl->transform_in->fixed_ivlen ); + + ret = gcm_auth_decrypt( (gcm_context *) ssl->transform_in->ctx_dec, + dec_msglen, + ssl->transform_in->iv_dec, + ssl->transform_in->ivlen, + add_data, 13, + dec_msg + dec_msglen, 16, + dec_msg, dec_msg_result ); + + if( ret != 0 ) + { + SSL_DEBUG_MSG( 1, ( "AEAD decrypt failed on validation (ret = -0x%02x)", + -ret ) ); + + return( POLARSSL_ERR_SSL_INVALID_MAC ); + } + } else +#endif + return( ret ); + } + else + { + /* + * Decrypt and check the padding + */ + unsigned char *dec_msg; + unsigned char *dec_msg_result; + size_t dec_msglen; + size_t minlen = 0; + + /* + * Check immediate ciphertext sanity + */ + if( ssl->in_msglen % ssl->transform_in->ivlen != 0 ) + { + SSL_DEBUG_MSG( 1, ( "msglen (%d) %% ivlen (%d) != 0", + ssl->in_msglen, ssl->transform_in->ivlen ) ); + return( POLARSSL_ERR_SSL_INVALID_MAC ); + } + + if( ssl->minor_ver >= SSL_MINOR_VERSION_2 ) + minlen += ssl->transform_in->ivlen; + + if( ssl->in_msglen < minlen + ssl->transform_in->ivlen || + ssl->in_msglen < minlen + ssl->transform_in->maclen + 1 ) + { + SSL_DEBUG_MSG( 1, ( "msglen (%d) < max( ivlen(%d), maclen (%d) + 1 ) ( + expl IV )", + ssl->in_msglen, ssl->transform_in->ivlen, ssl->transform_in->maclen ) ); + return( POLARSSL_ERR_SSL_INVALID_MAC ); + } + + dec_msglen = ssl->in_msglen; + dec_msg = ssl->in_msg; + dec_msg_result = ssl->in_msg; + + /* + * Initialize for prepended IV for block cipher in TLS v1.1 and up + */ + if( ssl->minor_ver >= SSL_MINOR_VERSION_2 ) + { + dec_msg += ssl->transform_in->ivlen; + dec_msglen -= ssl->transform_in->ivlen; + ssl->in_msglen -= ssl->transform_in->ivlen; + + for( i = 0; i < ssl->transform_in->ivlen; i++ ) + ssl->transform_in->iv_dec[i] = ssl->in_msg[i]; + } + + switch( ssl->transform_in->ivlen ) + { +#if defined(POLARSSL_DES_C) + case 8: +#if defined(POLARSSL_ENABLE_WEAK_CIPHERSUITES) + if( ssl->session_in->ciphersuite == TLS_RSA_WITH_DES_CBC_SHA || + ssl->session_in->ciphersuite == TLS_DHE_RSA_WITH_DES_CBC_SHA ) + { + des_crypt_cbc( (des_context *) ssl->transform_in->ctx_dec, + DES_DECRYPT, dec_msglen, + ssl->transform_in->iv_dec, dec_msg, dec_msg_result ); + } + else +#endif + des3_crypt_cbc( (des3_context *) ssl->transform_in->ctx_dec, + DES_DECRYPT, dec_msglen, + ssl->transform_in->iv_dec, dec_msg, dec_msg_result ); + break; +#endif + + case 16: +#if defined(POLARSSL_AES_C) + if ( ssl->session_in->ciphersuite == TLS_RSA_WITH_AES_128_CBC_SHA || + ssl->session_in->ciphersuite == TLS_DHE_RSA_WITH_AES_128_CBC_SHA || + ssl->session_in->ciphersuite == TLS_RSA_WITH_AES_256_CBC_SHA || + ssl->session_in->ciphersuite == TLS_DHE_RSA_WITH_AES_256_CBC_SHA || + ssl->session_in->ciphersuite == TLS_RSA_WITH_AES_128_CBC_SHA256 || + ssl->session_in->ciphersuite == TLS_RSA_WITH_AES_256_CBC_SHA256 || + ssl->session_in->ciphersuite == TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 || + ssl->session_in->ciphersuite == TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 ) + { + aes_crypt_cbc( (aes_context *) ssl->transform_in->ctx_dec, + AES_DECRYPT, dec_msglen, + ssl->transform_in->iv_dec, dec_msg, dec_msg_result ); + break; + } +#endif + +#if defined(POLARSSL_CAMELLIA_C) + if ( ssl->session_in->ciphersuite == TLS_RSA_WITH_CAMELLIA_128_CBC_SHA || + ssl->session_in->ciphersuite == TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA || + ssl->session_in->ciphersuite == TLS_RSA_WITH_CAMELLIA_256_CBC_SHA || + ssl->session_in->ciphersuite == TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA || + ssl->session_in->ciphersuite == TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 || + ssl->session_in->ciphersuite == TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 || + ssl->session_in->ciphersuite == TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 || + ssl->session_in->ciphersuite == TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 ) + { + camellia_crypt_cbc( (camellia_context *) ssl->transform_in->ctx_dec, + CAMELLIA_DECRYPT, dec_msglen, + ssl->transform_in->iv_dec, dec_msg, dec_msg_result ); + break; + } +#endif + + default: + return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE ); + } + + padlen = 1 + ssl->in_msg[ssl->in_msglen - 1]; + + if( ssl->in_msglen < ssl->transform_in->maclen + padlen ) + { +#if defined(POLARSSL_SSL_DEBUG_ALL) + SSL_DEBUG_MSG( 1, ( "msglen (%d) < maclen (%d) + padlen (%d)", + ssl->in_msglen, ssl->transform_in->maclen, padlen ) ); +#endif + padlen = 0; + correct = 0; + } + + if( ssl->minor_ver == SSL_MINOR_VERSION_0 ) + { + if( padlen > ssl->transform_in->ivlen ) + { +#if defined(POLARSSL_SSL_DEBUG_ALL) + SSL_DEBUG_MSG( 1, ( "bad padding length: is %d, " + "should be no more than %d", + padlen, ssl->transform_in->ivlen ) ); +#endif + correct = 0; + } + } + else + { + /* + * TLSv1+: always check the padding up to the first failure + * and fake check up to 256 bytes of padding + */ + size_t pad_count = 0, fake_pad_count = 0; + size_t padding_idx = ssl->in_msglen - padlen - 1; + + for( i = 1; i <= padlen; i++ ) + pad_count += ( ssl->in_msg[padding_idx + i] == padlen - 1 ); + + for( ; i <= 256; i++ ) + fake_pad_count += ( ssl->in_msg[padding_idx + i] == padlen - 1 ); + + correct &= ( pad_count == padlen ); /* Only 1 on correct padding */ + correct &= ( pad_count + fake_pad_count < 512 ); /* Always 1 */ + +#if defined(POLARSSL_SSL_DEBUG_ALL) + if( padlen > 0 && correct == 0) + SSL_DEBUG_MSG( 1, ( "bad padding byte detected" ) ); +#endif + padlen &= correct * 0x1FF; + } + } + + SSL_DEBUG_BUF( 4, "raw buffer after decryption", + ssl->in_msg, ssl->in_msglen ); + + /* + * Always compute the MAC (RFC4346, CBCTIME). + */ + ssl->in_msglen -= ( ssl->transform_in->maclen + padlen ); + + ssl->in_hdr[3] = (unsigned char)( ssl->in_msglen >> 8 ); + ssl->in_hdr[4] = (unsigned char)( ssl->in_msglen ); + + memcpy( tmp, ssl->in_msg + ssl->in_msglen, ssl->transform_in->maclen ); + + if( ssl->minor_ver == SSL_MINOR_VERSION_0 ) + { + if( ssl->transform_in->maclen == 16 ) + ssl_mac_md5( ssl->transform_in->mac_dec, + ssl->in_msg, ssl->in_msglen, + ssl->in_ctr, ssl->in_msgtype ); + else if( ssl->transform_in->maclen == 20 ) + ssl_mac_sha1( ssl->transform_in->mac_dec, + ssl->in_msg, ssl->in_msglen, + ssl->in_ctr, ssl->in_msgtype ); + else if( ssl->transform_in->maclen == 32 ) + ssl_mac_sha2( ssl->transform_in->mac_dec, + ssl->in_msg, ssl->in_msglen, + ssl->in_ctr, ssl->in_msgtype ); + else if( ssl->transform_in->maclen != 0 ) + { + SSL_DEBUG_MSG( 1, ( "invalid MAC len: %d", + ssl->transform_in->maclen ) ); + return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE ); + } + } + else + { + /* + * Process MAC and always update for padlen afterwards to make + * total time independent of padlen + * + * extra_run compensates MAC check for padlen + * + * Known timing attacks: + * - Lucky Thirteen (http://www.isg.rhul.ac.uk/tls/TLStiming.pdf) + * + * We use ( ( Lx + 8 ) / 64 ) to handle 'negative Lx' values + * correctly. (We round down instead of up, so -56 is the correct + * value for our calculations instead of -55) + */ + int j, extra_run = 0; + extra_run = ( 13 + ssl->in_msglen + padlen + 8 ) / 64 - + ( 13 + ssl->in_msglen + 8 ) / 64; + + extra_run &= correct * 0xFF; + + if( ssl->transform_in->maclen == 16 ) + { + md5_context ctx; + md5_hmac_starts( &ctx, ssl->transform_in->mac_dec, 16 ); + md5_hmac_update( &ctx, ssl->in_ctr, ssl->in_msglen + 13 ); + md5_hmac_finish( &ctx, ssl->in_msg + ssl->in_msglen ); + + for( j = 0; j < extra_run; j++ ) + md5_process( &ctx, ssl->in_msg ); + } + else if( ssl->transform_in->maclen == 20 ) + { + sha1_context ctx; + sha1_hmac_starts( &ctx, ssl->transform_in->mac_dec, 20 ); + sha1_hmac_update( &ctx, ssl->in_ctr, ssl->in_msglen + 13 ); + sha1_hmac_finish( &ctx, ssl->in_msg + ssl->in_msglen ); + + for( j = 0; j < extra_run; j++ ) + sha1_process( &ctx, ssl->in_msg ); + } + else if( ssl->transform_in->maclen == 32 ) + { + sha2_context ctx; + sha2_hmac_starts( &ctx, ssl->transform_in->mac_dec, 32, 0 ); + sha2_hmac_update( &ctx, ssl->in_ctr, ssl->in_msglen + 13 ); + sha2_hmac_finish( &ctx, ssl->in_msg + ssl->in_msglen ); + + for( j = 0; j < extra_run; j++ ) + sha2_process( &ctx, ssl->in_msg ); + } + else if( ssl->transform_in->maclen != 0 ) + { + SSL_DEBUG_MSG( 1, ( "invalid MAC len: %d", + ssl->transform_in->maclen ) ); + return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE ); + } + } + + SSL_DEBUG_BUF( 4, "message mac", tmp, ssl->transform_in->maclen ); + SSL_DEBUG_BUF( 4, "computed mac", ssl->in_msg + ssl->in_msglen, + ssl->transform_in->maclen ); + + if( memcmp( tmp, ssl->in_msg + ssl->in_msglen, + ssl->transform_in->maclen ) != 0 ) + { +#if defined(POLARSSL_SSL_DEBUG_ALL) + SSL_DEBUG_MSG( 1, ( "message mac does not match" ) ); +#endif + correct = 0; + } + + /* + * Finally check the correct flag + */ + if( correct == 0 ) + return( POLARSSL_ERR_SSL_INVALID_MAC ); + + if( ssl->in_msglen == 0 ) + { + ssl->nb_zero++; + + /* + * Three or more empty messages may be a DoS attack + * (excessive CPU consumption). + */ + if( ssl->nb_zero > 3 ) + { + SSL_DEBUG_MSG( 1, ( "received four consecutive empty " + "messages, possible DoS attack" ) ); + return( POLARSSL_ERR_SSL_INVALID_MAC ); + } + } + else + ssl->nb_zero = 0; + + for( i = 8; i > 0; i-- ) + if( ++ssl->in_ctr[i - 1] != 0 ) + break; + + SSL_DEBUG_MSG( 2, ( "<= decrypt buf" ) ); + + return( 0 ); +} + +#if defined(POLARSSL_ZLIB_SUPPORT) +/* + * Compression/decompression functions + */ +static int ssl_compress_buf( ssl_context *ssl ) +{ + int ret; + unsigned char *msg_post = ssl->out_msg; + size_t len_pre = ssl->out_msglen; + unsigned char *msg_pre; + + SSL_DEBUG_MSG( 2, ( "=> compress buf" ) ); + + msg_pre = (unsigned char*) malloc( len_pre ); + if( msg_pre == NULL ) + { + SSL_DEBUG_MSG( 1, ( "malloc(%d bytes) failed", len_pre ) ); + return( POLARSSL_ERR_SSL_MALLOC_FAILED ); + } + + memcpy( msg_pre, ssl->out_msg, len_pre ); + + SSL_DEBUG_MSG( 3, ( "before compression: msglen = %d, ", + ssl->out_msglen ) ); + + SSL_DEBUG_BUF( 4, "before compression: output payload", + ssl->out_msg, ssl->out_msglen ); + + ssl->transform_out->ctx_deflate.next_in = msg_pre; + ssl->transform_out->ctx_deflate.avail_in = len_pre; + ssl->transform_out->ctx_deflate.next_out = msg_post; + ssl->transform_out->ctx_deflate.avail_out = SSL_BUFFER_LEN; + + ret = deflate( &ssl->transform_out->ctx_deflate, Z_SYNC_FLUSH ); + if( ret != Z_OK ) + { + SSL_DEBUG_MSG( 1, ( "failed to perform compression (%d)", ret ) ); + return( POLARSSL_ERR_SSL_COMPRESSION_FAILED ); + } + + ssl->out_msglen = SSL_BUFFER_LEN - ssl->transform_out->ctx_deflate.avail_out; + + free( msg_pre ); + + SSL_DEBUG_MSG( 3, ( "after compression: msglen = %d, ", + ssl->out_msglen ) ); + + SSL_DEBUG_BUF( 4, "after compression: output payload", + ssl->out_msg, ssl->out_msglen ); + + SSL_DEBUG_MSG( 2, ( "<= compress buf" ) ); + + return( 0 ); +} + +static int ssl_decompress_buf( ssl_context *ssl ) +{ + int ret; + unsigned char *msg_post = ssl->in_msg; + size_t len_pre = ssl->in_msglen; + unsigned char *msg_pre; + + SSL_DEBUG_MSG( 2, ( "=> decompress buf" ) ); + + msg_pre = (unsigned char*) malloc( len_pre ); + if( msg_pre == NULL ) + { + SSL_DEBUG_MSG( 1, ( "malloc(%d bytes) failed", len_pre ) ); + return( POLARSSL_ERR_SSL_MALLOC_FAILED ); + } + + memcpy( msg_pre, ssl->in_msg, len_pre ); + + SSL_DEBUG_MSG( 3, ( "before decompression: msglen = %d, ", + ssl->in_msglen ) ); + + SSL_DEBUG_BUF( 4, "before decompression: input payload", + ssl->in_msg, ssl->in_msglen ); + + ssl->transform_in->ctx_inflate.next_in = msg_pre; + ssl->transform_in->ctx_inflate.avail_in = len_pre; + ssl->transform_in->ctx_inflate.next_out = msg_post; + ssl->transform_in->ctx_inflate.avail_out = SSL_MAX_CONTENT_LEN; + + ret = inflate( &ssl->transform_in->ctx_inflate, Z_SYNC_FLUSH ); + if( ret != Z_OK ) + { + SSL_DEBUG_MSG( 1, ( "failed to perform decompression (%d)", ret ) ); + return( POLARSSL_ERR_SSL_COMPRESSION_FAILED ); + } + + ssl->in_msglen = SSL_MAX_CONTENT_LEN - ssl->transform_in->ctx_inflate.avail_out; + + free( msg_pre ); + + SSL_DEBUG_MSG( 3, ( "after decompression: msglen = %d, ", + ssl->in_msglen ) ); + + SSL_DEBUG_BUF( 4, "after decompression: input payload", + ssl->in_msg, ssl->in_msglen ); + + SSL_DEBUG_MSG( 2, ( "<= decompress buf" ) ); + + return( 0 ); +} +#endif /* POLARSSL_ZLIB_SUPPORT */ + +/* + * Fill the input message buffer + */ +int ssl_fetch_input( ssl_context *ssl, size_t nb_want ) +{ + int ret; + size_t len; + + SSL_DEBUG_MSG( 2, ( "=> fetch input" ) ); + + while( ssl->in_left < nb_want ) + { + len = nb_want - ssl->in_left; + ret = ssl->f_recv( ssl->p_recv, ssl->in_hdr + ssl->in_left, len ); + + SSL_DEBUG_MSG( 2, ( "in_left: %d, nb_want: %d", + ssl->in_left, nb_want ) ); + SSL_DEBUG_RET( 2, "ssl->f_recv", ret ); + + if( ret == 0 ) + return( POLARSSL_ERR_SSL_CONN_EOF ); + + if( ret < 0 ) + return( ret ); + + ssl->in_left += ret; + } + + SSL_DEBUG_MSG( 2, ( "<= fetch input" ) ); + + return( 0 ); +} + +/* + * Flush any data not yet written + */ +int ssl_flush_output( ssl_context *ssl ) +{ + int ret; + unsigned char *buf; + + SSL_DEBUG_MSG( 2, ( "=> flush output" ) ); + + while( ssl->out_left > 0 ) + { + SSL_DEBUG_MSG( 2, ( "message length: %d, out_left: %d", + 5 + ssl->out_msglen, ssl->out_left ) ); + + if( ssl->out_msglen < ssl->out_left ) + { + size_t header_left = ssl->out_left - ssl->out_msglen; + + buf = ssl->out_hdr + 5 - header_left; + ret = ssl->f_send( ssl->p_send, buf, header_left ); + + SSL_DEBUG_RET( 2, "ssl->f_send (header)", ret ); + + if( ret <= 0 ) + return( ret ); + + ssl->out_left -= ret; + } + + buf = ssl->out_msg + ssl->out_msglen - ssl->out_left; + ret = ssl->f_send( ssl->p_send, buf, ssl->out_left ); + + SSL_DEBUG_RET( 2, "ssl->f_send", ret ); + + if( ret <= 0 ) + return( ret ); + + ssl->out_left -= ret; + } + + SSL_DEBUG_MSG( 2, ( "<= flush output" ) ); + + return( 0 ); +} + +/* + * Record layer functions + */ +int ssl_write_record( ssl_context *ssl ) +{ + int ret, done = 0; + size_t len = ssl->out_msglen; + + SSL_DEBUG_MSG( 2, ( "=> write record" ) ); + + if( ssl->out_msgtype == SSL_MSG_HANDSHAKE ) + { + ssl->out_msg[1] = (unsigned char)( ( len - 4 ) >> 16 ); + ssl->out_msg[2] = (unsigned char)( ( len - 4 ) >> 8 ); + ssl->out_msg[3] = (unsigned char)( ( len - 4 ) ); + + ssl->handshake->update_checksum( ssl, ssl->out_msg, len ); + } + +#if defined(POLARSSL_ZLIB_SUPPORT) + if( ssl->transform_out != NULL && + ssl->session_out->compression == SSL_COMPRESS_DEFLATE ) + { + if( ( ret = ssl_compress_buf( ssl ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "ssl_compress_buf", ret ); + return( ret ); + } + + len = ssl->out_msglen; + } +#endif /*POLARSSL_ZLIB_SUPPORT */ + +#if defined(POLARSSL_SSL_HW_RECORD_ACCEL) + if( ssl_hw_record_write != NULL) + { + SSL_DEBUG_MSG( 2, ( "going for ssl_hw_record_write()" ) ); + + ret = ssl_hw_record_write( ssl ); + if( ret != 0 && ret != POLARSSL_ERR_SSL_HW_ACCEL_FALLTHROUGH ) + { + SSL_DEBUG_RET( 1, "ssl_hw_record_write", ret ); + return POLARSSL_ERR_SSL_HW_ACCEL_FAILED; + } + done = 1; + } +#endif + if( !done ) + { + ssl->out_hdr[0] = (unsigned char) ssl->out_msgtype; + ssl->out_hdr[1] = (unsigned char) ssl->major_ver; + ssl->out_hdr[2] = (unsigned char) ssl->minor_ver; + ssl->out_hdr[3] = (unsigned char)( len >> 8 ); + ssl->out_hdr[4] = (unsigned char)( len ); + + if( ssl->transform_out != NULL ) + { + if( ( ret = ssl_encrypt_buf( ssl ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "ssl_encrypt_buf", ret ); + return( ret ); + } + + len = ssl->out_msglen; + ssl->out_hdr[3] = (unsigned char)( len >> 8 ); + ssl->out_hdr[4] = (unsigned char)( len ); + } + + ssl->out_left = 5 + ssl->out_msglen; + + SSL_DEBUG_MSG( 3, ( "output record: msgtype = %d, " + "version = [%d:%d], msglen = %d", + ssl->out_hdr[0], ssl->out_hdr[1], ssl->out_hdr[2], + ( ssl->out_hdr[3] << 8 ) | ssl->out_hdr[4] ) ); + + SSL_DEBUG_BUF( 4, "output record header sent to network", + ssl->out_hdr, 5 ); + SSL_DEBUG_BUF( 4, "output record sent to network", + ssl->out_hdr + 32, ssl->out_msglen ); + } + + if( ( ret = ssl_flush_output( ssl ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "ssl_flush_output", ret ); + return( ret ); + } + + SSL_DEBUG_MSG( 2, ( "<= write record" ) ); + + return( 0 ); +} + +int ssl_read_record( ssl_context *ssl ) +{ + int ret, done = 0; + + SSL_DEBUG_MSG( 2, ( "=> read record" ) ); + + if( ssl->in_hslen != 0 && + ssl->in_hslen < ssl->in_msglen ) + { + /* + * Get next Handshake message in the current record + */ + ssl->in_msglen -= ssl->in_hslen; + + memmove( ssl->in_msg, ssl->in_msg + ssl->in_hslen, + ssl->in_msglen ); + + ssl->in_hslen = 4; + ssl->in_hslen += ( ssl->in_msg[2] << 8 ) | ssl->in_msg[3]; + + SSL_DEBUG_MSG( 3, ( "handshake message: msglen =" + " %d, type = %d, hslen = %d", + ssl->in_msglen, ssl->in_msg[0], ssl->in_hslen ) ); + + if( ssl->in_msglen < 4 || ssl->in_msg[1] != 0 ) + { + SSL_DEBUG_MSG( 1, ( "bad handshake length" ) ); + return( POLARSSL_ERR_SSL_INVALID_RECORD ); + } + + if( ssl->in_msglen < ssl->in_hslen ) + { + SSL_DEBUG_MSG( 1, ( "bad handshake length" ) ); + return( POLARSSL_ERR_SSL_INVALID_RECORD ); + } + + ssl->handshake->update_checksum( ssl, ssl->in_msg, ssl->in_hslen ); + + return( 0 ); + } + + ssl->in_hslen = 0; + + /* + * Read the record header and validate it + */ + if( ( ret = ssl_fetch_input( ssl, 5 ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "ssl_fetch_input", ret ); + return( ret ); + } + + ssl->in_msgtype = ssl->in_hdr[0]; + ssl->in_msglen = ( ssl->in_hdr[3] << 8 ) | ssl->in_hdr[4]; + + SSL_DEBUG_MSG( 3, ( "input record: msgtype = %d, " + "version = [%d:%d], msglen = %d", + ssl->in_hdr[0], ssl->in_hdr[1], ssl->in_hdr[2], + ( ssl->in_hdr[3] << 8 ) | ssl->in_hdr[4] ) ); + + if( ssl->in_hdr[1] != ssl->major_ver ) + { + SSL_DEBUG_MSG( 1, ( "major version mismatch" ) ); + return( POLARSSL_ERR_SSL_INVALID_RECORD ); + } + + if( ssl->in_hdr[2] > ssl->max_minor_ver ) + { + SSL_DEBUG_MSG( 1, ( "minor version mismatch" ) ); + return( POLARSSL_ERR_SSL_INVALID_RECORD ); + } + + /* + * Make sure the message length is acceptable + */ + if( ssl->transform_in == NULL ) + { + if( ssl->in_msglen < 1 || + ssl->in_msglen > SSL_MAX_CONTENT_LEN ) + { + SSL_DEBUG_MSG( 1, ( "bad message length" ) ); + return( POLARSSL_ERR_SSL_INVALID_RECORD ); + } + } + else + { + if( ssl->in_msglen < ssl->transform_in->minlen ) + { + SSL_DEBUG_MSG( 1, ( "bad message length" ) ); + return( POLARSSL_ERR_SSL_INVALID_RECORD ); + } + + if( ssl->minor_ver == SSL_MINOR_VERSION_0 && + ssl->in_msglen > ssl->transform_in->minlen + SSL_MAX_CONTENT_LEN ) + { + SSL_DEBUG_MSG( 1, ( "bad message length" ) ); + return( POLARSSL_ERR_SSL_INVALID_RECORD ); + } + + /* + * TLS encrypted messages can have up to 256 bytes of padding + */ + if( ssl->minor_ver >= SSL_MINOR_VERSION_1 && + ssl->in_msglen > ssl->transform_in->minlen + SSL_MAX_CONTENT_LEN + 256 ) + { + SSL_DEBUG_MSG( 1, ( "bad message length" ) ); + return( POLARSSL_ERR_SSL_INVALID_RECORD ); + } + } + + /* + * Read and optionally decrypt the message contents + */ + if( ( ret = ssl_fetch_input( ssl, 5 + ssl->in_msglen ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "ssl_fetch_input", ret ); + return( ret ); + } + + SSL_DEBUG_BUF( 4, "input record from network", + ssl->in_hdr, 5 + ssl->in_msglen ); + +#if defined(POLARSSL_SSL_HW_RECORD_ACCEL) + if( ssl_hw_record_read != NULL) + { + SSL_DEBUG_MSG( 2, ( "going for ssl_hw_record_read()" ) ); + + ret = ssl_hw_record_read( ssl ); + if( ret != 0 && ret != POLARSSL_ERR_SSL_HW_ACCEL_FALLTHROUGH ) + { + SSL_DEBUG_RET( 1, "ssl_hw_record_read", ret ); + return POLARSSL_ERR_SSL_HW_ACCEL_FAILED; + } + done = 1; + } +#endif + if( !done && ssl->transform_in != NULL ) + { + if( ( ret = ssl_decrypt_buf( ssl ) ) != 0 ) + { +#if defined(POLARSSL_SSL_ALERT_MESSAGES) + if( ret == POLARSSL_ERR_SSL_INVALID_MAC ) + { + ssl_send_alert_message( ssl, + SSL_ALERT_LEVEL_FATAL, + SSL_ALERT_MSG_BAD_RECORD_MAC ); + } +#endif + SSL_DEBUG_RET( 1, "ssl_decrypt_buf", ret ); + return( ret ); + } + + SSL_DEBUG_BUF( 4, "input payload after decrypt", + ssl->in_msg, ssl->in_msglen ); + + if( ssl->in_msglen > SSL_MAX_CONTENT_LEN ) + { + SSL_DEBUG_MSG( 1, ( "bad message length" ) ); + return( POLARSSL_ERR_SSL_INVALID_RECORD ); + } + } + +#if defined(POLARSSL_ZLIB_SUPPORT) + if( ssl->transform_in != NULL && + ssl->session_in->compression == SSL_COMPRESS_DEFLATE ) + { + if( ( ret = ssl_decompress_buf( ssl ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "ssl_decompress_buf", ret ); + return( ret ); + } + + ssl->in_hdr[3] = (unsigned char)( ssl->in_msglen >> 8 ); + ssl->in_hdr[4] = (unsigned char)( ssl->in_msglen ); + } +#endif /* POLARSSL_ZLIB_SUPPORT */ + + if( ssl->in_msgtype != SSL_MSG_HANDSHAKE && + ssl->in_msgtype != SSL_MSG_ALERT && + ssl->in_msgtype != SSL_MSG_CHANGE_CIPHER_SPEC && + ssl->in_msgtype != SSL_MSG_APPLICATION_DATA ) + { + SSL_DEBUG_MSG( 1, ( "unknown record type" ) ); + + if( ( ret = ssl_send_alert_message( ssl, + SSL_ALERT_LEVEL_FATAL, + SSL_ALERT_MSG_UNEXPECTED_MESSAGE ) ) != 0 ) + { + return( ret ); + } + + return( POLARSSL_ERR_SSL_INVALID_RECORD ); + } + + if( ssl->in_msgtype == SSL_MSG_HANDSHAKE ) + { + ssl->in_hslen = 4; + ssl->in_hslen += ( ssl->in_msg[2] << 8 ) | ssl->in_msg[3]; + + SSL_DEBUG_MSG( 3, ( "handshake message: msglen =" + " %d, type = %d, hslen = %d", + ssl->in_msglen, ssl->in_msg[0], ssl->in_hslen ) ); + + /* + * Additional checks to validate the handshake header + */ + if( ssl->in_msglen < 4 || ssl->in_msg[1] != 0 ) + { + SSL_DEBUG_MSG( 1, ( "bad handshake length" ) ); + return( POLARSSL_ERR_SSL_INVALID_RECORD ); + } + + if( ssl->in_msglen < ssl->in_hslen ) + { + SSL_DEBUG_MSG( 1, ( "bad handshake length" ) ); + return( POLARSSL_ERR_SSL_INVALID_RECORD ); + } + + if( ssl->state != SSL_HANDSHAKE_OVER ) + ssl->handshake->update_checksum( ssl, ssl->in_msg, ssl->in_hslen ); + } + + if( ssl->in_msgtype == SSL_MSG_ALERT ) + { + SSL_DEBUG_MSG( 2, ( "got an alert message, type: [%d:%d]", + ssl->in_msg[0], ssl->in_msg[1] ) ); + + /* + * Ignore non-fatal alerts, except close_notify + */ + if( ssl->in_msg[0] == SSL_ALERT_LEVEL_FATAL ) + { + SSL_DEBUG_MSG( 1, ( "is a fatal alert message (msg %d)", + ssl->in_msg[1] ) ); + /** + * Subtract from error code as ssl->in_msg[1] is 7-bit positive + * error identifier. + */ + return( POLARSSL_ERR_SSL_FATAL_ALERT_MESSAGE ); + } + + if( ssl->in_msg[0] == SSL_ALERT_LEVEL_WARNING && + ssl->in_msg[1] == SSL_ALERT_MSG_CLOSE_NOTIFY ) + { + SSL_DEBUG_MSG( 2, ( "is a close notify message" ) ); + return( POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY ); + } + } + + ssl->in_left = 0; + + SSL_DEBUG_MSG( 2, ( "<= read record" ) ); + + return( 0 ); +} + +int ssl_send_fatal_handshake_failure( ssl_context *ssl ) +{ + int ret; + + if( ( ret = ssl_send_alert_message( ssl, + SSL_ALERT_LEVEL_FATAL, + SSL_ALERT_MSG_HANDSHAKE_FAILURE ) ) != 0 ) + { + return( ret ); + } + + return( 0 ); +} + +int ssl_send_alert_message( ssl_context *ssl, + unsigned char level, + unsigned char message ) +{ + int ret; + + SSL_DEBUG_MSG( 2, ( "=> send alert message" ) ); + + ssl->out_msgtype = SSL_MSG_ALERT; + ssl->out_msglen = 2; + ssl->out_msg[0] = level; + ssl->out_msg[1] = message; + + if( ( ret = ssl_write_record( ssl ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "ssl_write_record", ret ); + return( ret ); + } + + SSL_DEBUG_MSG( 2, ( "<= send alert message" ) ); + + return( 0 ); +} + +/* + * Handshake functions + */ +int ssl_write_certificate( ssl_context *ssl ) +{ + int ret; + size_t i, n; + const x509_cert *crt; + + SSL_DEBUG_MSG( 2, ( "=> write certificate" ) ); + + if( ssl->endpoint == SSL_IS_CLIENT ) + { + if( ssl->client_auth == 0 ) + { + SSL_DEBUG_MSG( 2, ( "<= skip write certificate" ) ); + ssl->state++; + return( 0 ); + } + + /* + * If using SSLv3 and got no cert, send an Alert message + * (otherwise an empty Certificate message will be sent). + */ + if( ssl->own_cert == NULL && + ssl->minor_ver == SSL_MINOR_VERSION_0 ) + { + ssl->out_msglen = 2; + ssl->out_msgtype = SSL_MSG_ALERT; + ssl->out_msg[0] = SSL_ALERT_LEVEL_WARNING; + ssl->out_msg[1] = SSL_ALERT_MSG_NO_CERT; + + SSL_DEBUG_MSG( 2, ( "got no certificate to send" ) ); + goto write_msg; + } + } + else /* SSL_IS_SERVER */ + { + if( ssl->own_cert == NULL ) + { + SSL_DEBUG_MSG( 1, ( "got no certificate to send" ) ); + return( POLARSSL_ERR_SSL_CERTIFICATE_REQUIRED ); + } + } + + SSL_DEBUG_CRT( 3, "own certificate", ssl->own_cert ); + + /* + * 0 . 0 handshake type + * 1 . 3 handshake length + * 4 . 6 length of all certs + * 7 . 9 length of cert. 1 + * 10 . n-1 peer certificate + * n . n+2 length of cert. 2 + * n+3 . ... upper level cert, etc. + */ + i = 7; + crt = ssl->own_cert; + + while( crt != NULL ) + { + n = crt->raw.len; + if( i + 3 + n > SSL_MAX_CONTENT_LEN ) + { + SSL_DEBUG_MSG( 1, ( "certificate too large, %d > %d", + i + 3 + n, SSL_MAX_CONTENT_LEN ) ); + return( POLARSSL_ERR_SSL_CERTIFICATE_TOO_LARGE ); + } + + ssl->out_msg[i ] = (unsigned char)( n >> 16 ); + ssl->out_msg[i + 1] = (unsigned char)( n >> 8 ); + ssl->out_msg[i + 2] = (unsigned char)( n ); + + i += 3; memcpy( ssl->out_msg + i, crt->raw.p, n ); + i += n; crt = crt->next; + } + + ssl->out_msg[4] = (unsigned char)( ( i - 7 ) >> 16 ); + ssl->out_msg[5] = (unsigned char)( ( i - 7 ) >> 8 ); + ssl->out_msg[6] = (unsigned char)( ( i - 7 ) ); + + ssl->out_msglen = i; + ssl->out_msgtype = SSL_MSG_HANDSHAKE; + ssl->out_msg[0] = SSL_HS_CERTIFICATE; + +write_msg: + + ssl->state++; + + if( ( ret = ssl_write_record( ssl ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "ssl_write_record", ret ); + return( ret ); + } + + SSL_DEBUG_MSG( 2, ( "<= write certificate" ) ); + + return( 0 ); +} + +int ssl_parse_certificate( ssl_context *ssl ) +{ + int ret; + size_t i, n; + + SSL_DEBUG_MSG( 2, ( "=> parse certificate" ) ); + + if( ssl->endpoint == SSL_IS_SERVER && + ssl->authmode == SSL_VERIFY_NONE ) + { + ssl->verify_result = BADCERT_SKIP_VERIFY; + SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) ); + ssl->state++; + return( 0 ); + } + + if( ( ret = ssl_read_record( ssl ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "ssl_read_record", ret ); + return( ret ); + } + + ssl->state++; + + /* + * Check if the client sent an empty certificate + */ + if( ssl->endpoint == SSL_IS_SERVER && + ssl->minor_ver == SSL_MINOR_VERSION_0 ) + { + if( ssl->in_msglen == 2 && + ssl->in_msgtype == SSL_MSG_ALERT && + ssl->in_msg[0] == SSL_ALERT_LEVEL_WARNING && + ssl->in_msg[1] == SSL_ALERT_MSG_NO_CERT ) + { + SSL_DEBUG_MSG( 1, ( "SSLv3 client has no certificate" ) ); + + ssl->verify_result = BADCERT_MISSING; + if( ssl->authmode == SSL_VERIFY_OPTIONAL ) + return( 0 ); + else + return( POLARSSL_ERR_SSL_NO_CLIENT_CERTIFICATE ); + } + } + + if( ssl->endpoint == SSL_IS_SERVER && + ssl->minor_ver != SSL_MINOR_VERSION_0 ) + { + if( ssl->in_hslen == 7 && + ssl->in_msgtype == SSL_MSG_HANDSHAKE && + ssl->in_msg[0] == SSL_HS_CERTIFICATE && + memcmp( ssl->in_msg + 4, "\0\0\0", 3 ) == 0 ) + { + SSL_DEBUG_MSG( 1, ( "TLSv1 client has no certificate" ) ); + + ssl->verify_result = BADCERT_MISSING; + if( ssl->authmode == SSL_VERIFY_REQUIRED ) + return( POLARSSL_ERR_SSL_NO_CLIENT_CERTIFICATE ); + else + return( 0 ); + } + } + + if( ssl->in_msgtype != SSL_MSG_HANDSHAKE ) + { + SSL_DEBUG_MSG( 1, ( "bad certificate message" ) ); + return( POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE ); + } + + if( ssl->in_msg[0] != SSL_HS_CERTIFICATE || ssl->in_hslen < 10 ) + { + SSL_DEBUG_MSG( 1, ( "bad certificate message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE ); + } + + /* + * Same message structure as in ssl_write_certificate() + */ + n = ( ssl->in_msg[5] << 8 ) | ssl->in_msg[6]; + + if( ssl->in_msg[4] != 0 || ssl->in_hslen != 7 + n ) + { + SSL_DEBUG_MSG( 1, ( "bad certificate message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE ); + } + + if( ( ssl->session_negotiate->peer_cert = (x509_cert *) malloc( + sizeof( x509_cert ) ) ) == NULL ) + { + SSL_DEBUG_MSG( 1, ( "malloc(%d bytes) failed", + sizeof( x509_cert ) ) ); + return( POLARSSL_ERR_SSL_MALLOC_FAILED ); + } + + memset( ssl->session_negotiate->peer_cert, 0, sizeof( x509_cert ) ); + + i = 7; + + while( i < ssl->in_hslen ) + { + if( ssl->in_msg[i] != 0 ) + { + SSL_DEBUG_MSG( 1, ( "bad certificate message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE ); + } + + n = ( (unsigned int) ssl->in_msg[i + 1] << 8 ) + | (unsigned int) ssl->in_msg[i + 2]; + i += 3; + + if( n < 128 || i + n > ssl->in_hslen ) + { + SSL_DEBUG_MSG( 1, ( "bad certificate message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE ); + } + + ret = x509parse_crt_der( ssl->session_negotiate->peer_cert, + ssl->in_msg + i, n ); + if( ret != 0 ) + { + SSL_DEBUG_RET( 1, " x509parse_crt", ret ); + return( ret ); + } + + i += n; + } + + SSL_DEBUG_CRT( 3, "peer certificate", ssl->session_negotiate->peer_cert ); + + if( ssl->authmode != SSL_VERIFY_NONE ) + { + if( ssl->ca_chain == NULL ) + { + SSL_DEBUG_MSG( 1, ( "got no CA chain" ) ); + return( POLARSSL_ERR_SSL_CA_CHAIN_REQUIRED ); + } + + ret = x509parse_verify( ssl->session_negotiate->peer_cert, + ssl->ca_chain, ssl->ca_crl, + ssl->peer_cn, &ssl->verify_result, + ssl->f_vrfy, ssl->p_vrfy ); + + if( ret != 0 ) + SSL_DEBUG_RET( 1, "x509_verify_cert", ret ); + + if( ssl->authmode != SSL_VERIFY_REQUIRED ) + ret = 0; + } + + SSL_DEBUG_MSG( 2, ( "<= parse certificate" ) ); + + return( ret ); +} + +int ssl_write_change_cipher_spec( ssl_context *ssl ) +{ + int ret; + + SSL_DEBUG_MSG( 2, ( "=> write change cipher spec" ) ); + + ssl->out_msgtype = SSL_MSG_CHANGE_CIPHER_SPEC; + ssl->out_msglen = 1; + ssl->out_msg[0] = 1; + + ssl->state++; + + if( ( ret = ssl_write_record( ssl ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "ssl_write_record", ret ); + return( ret ); + } + + SSL_DEBUG_MSG( 2, ( "<= write change cipher spec" ) ); + + return( 0 ); +} + +int ssl_parse_change_cipher_spec( ssl_context *ssl ) +{ + int ret; + + SSL_DEBUG_MSG( 2, ( "=> parse change cipher spec" ) ); + + if( ( ret = ssl_read_record( ssl ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "ssl_read_record", ret ); + return( ret ); + } + + if( ssl->in_msgtype != SSL_MSG_CHANGE_CIPHER_SPEC ) + { + SSL_DEBUG_MSG( 1, ( "bad change cipher spec message" ) ); + return( POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE ); + } + + if( ssl->in_msglen != 1 || ssl->in_msg[0] != 1 ) + { + SSL_DEBUG_MSG( 1, ( "bad change cipher spec message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC ); + } + + ssl->state++; + + SSL_DEBUG_MSG( 2, ( "<= parse change cipher spec" ) ); + + return( 0 ); +} + +void ssl_optimize_checksum( ssl_context *ssl, int ciphersuite ) +{ +#if !defined(POLARSSL_SHA4_C) + ((void) ciphersuite); +#endif + + if( ssl->minor_ver < SSL_MINOR_VERSION_3 ) + ssl->handshake->update_checksum = ssl_update_checksum_md5sha1; +#if defined(POLARSSL_SHA4_C) + else if ( ciphersuite == TLS_RSA_WITH_AES_256_GCM_SHA384 || + ciphersuite == TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 ) + { + ssl->handshake->update_checksum = ssl_update_checksum_sha384; + } +#endif + else + ssl->handshake->update_checksum = ssl_update_checksum_sha256; +} + +static void ssl_update_checksum_start( ssl_context *ssl, unsigned char *buf, + size_t len ) +{ + md5_update( &ssl->handshake->fin_md5 , buf, len ); + sha1_update( &ssl->handshake->fin_sha1, buf, len ); + sha2_update( &ssl->handshake->fin_sha2, buf, len ); +#if defined(POLARSSL_SHA4_C) + sha4_update( &ssl->handshake->fin_sha4, buf, len ); +#endif +} + +static void ssl_update_checksum_md5sha1( ssl_context *ssl, unsigned char *buf, + size_t len ) +{ + md5_update( &ssl->handshake->fin_md5 , buf, len ); + sha1_update( &ssl->handshake->fin_sha1, buf, len ); +} + +static void ssl_update_checksum_sha256( ssl_context *ssl, unsigned char *buf, + size_t len ) +{ + sha2_update( &ssl->handshake->fin_sha2, buf, len ); +} + +#if defined(POLARSSL_SHA4_C) +static void ssl_update_checksum_sha384( ssl_context *ssl, unsigned char *buf, + size_t len ) +{ + sha4_update( &ssl->handshake->fin_sha4, buf, len ); +} +#endif + +static void ssl_calc_finished_ssl( + ssl_context *ssl, unsigned char *buf, int from ) +{ + const char *sender; + md5_context md5; + sha1_context sha1; + + unsigned char padbuf[48]; + unsigned char md5sum[16]; + unsigned char sha1sum[20]; + + ssl_session *session = ssl->session_negotiate; + if( !session ) + session = ssl->session; + + SSL_DEBUG_MSG( 2, ( "=> calc finished ssl" ) ); + + memcpy( &md5 , &ssl->handshake->fin_md5 , sizeof(md5_context) ); + memcpy( &sha1, &ssl->handshake->fin_sha1, sizeof(sha1_context) ); + + /* + * SSLv3: + * hash = + * MD5( master + pad2 + + * MD5( handshake + sender + master + pad1 ) ) + * + SHA1( master + pad2 + + * SHA1( handshake + sender + master + pad1 ) ) + */ + +#if !defined(POLARSSL_MD5_ALT) + SSL_DEBUG_BUF( 4, "finished md5 state", (unsigned char *) + md5.state, sizeof( md5.state ) ); +#endif + +#if !defined(POLARSSL_SHA1_ALT) + SSL_DEBUG_BUF( 4, "finished sha1 state", (unsigned char *) + sha1.state, sizeof( sha1.state ) ); +#endif + + sender = ( from == SSL_IS_CLIENT ) ? "CLNT" + : "SRVR"; + + memset( padbuf, 0x36, 48 ); + + md5_update( &md5, (const unsigned char *) sender, 4 ); + md5_update( &md5, session->master, 48 ); + md5_update( &md5, padbuf, 48 ); + md5_finish( &md5, md5sum ); + + sha1_update( &sha1, (const unsigned char *) sender, 4 ); + sha1_update( &sha1, session->master, 48 ); + sha1_update( &sha1, padbuf, 40 ); + sha1_finish( &sha1, sha1sum ); + + memset( padbuf, 0x5C, 48 ); + + md5_starts( &md5 ); + md5_update( &md5, session->master, 48 ); + md5_update( &md5, padbuf, 48 ); + md5_update( &md5, md5sum, 16 ); + md5_finish( &md5, buf ); + + sha1_starts( &sha1 ); + sha1_update( &sha1, session->master, 48 ); + sha1_update( &sha1, padbuf , 40 ); + sha1_update( &sha1, sha1sum, 20 ); + sha1_finish( &sha1, buf + 16 ); + + SSL_DEBUG_BUF( 3, "calc finished result", buf, 36 ); + + memset( &md5, 0, sizeof( md5_context ) ); + memset( &sha1, 0, sizeof( sha1_context ) ); + + memset( padbuf, 0, sizeof( padbuf ) ); + memset( md5sum, 0, sizeof( md5sum ) ); + memset( sha1sum, 0, sizeof( sha1sum ) ); + + SSL_DEBUG_MSG( 2, ( "<= calc finished" ) ); +} + +static void ssl_calc_finished_tls( + ssl_context *ssl, unsigned char *buf, int from ) +{ + int len = 12; + const char *sender; + md5_context md5; + sha1_context sha1; + unsigned char padbuf[36]; + + ssl_session *session = ssl->session_negotiate; + if( !session ) + session = ssl->session; + + SSL_DEBUG_MSG( 2, ( "=> calc finished tls" ) ); + + memcpy( &md5 , &ssl->handshake->fin_md5 , sizeof(md5_context) ); + memcpy( &sha1, &ssl->handshake->fin_sha1, sizeof(sha1_context) ); + + /* + * TLSv1: + * hash = PRF( master, finished_label, + * MD5( handshake ) + SHA1( handshake ) )[0..11] + */ + +#if !defined(POLARSSL_MD5_ALT) + SSL_DEBUG_BUF( 4, "finished md5 state", (unsigned char *) + md5.state, sizeof( md5.state ) ); +#endif + +#if !defined(POLARSSL_SHA1_ALT) + SSL_DEBUG_BUF( 4, "finished sha1 state", (unsigned char *) + sha1.state, sizeof( sha1.state ) ); +#endif + + sender = ( from == SSL_IS_CLIENT ) + ? "client finished" + : "server finished"; + + md5_finish( &md5, padbuf ); + sha1_finish( &sha1, padbuf + 16 ); + + ssl->handshake->tls_prf( session->master, 48, (char *) sender, + padbuf, 36, buf, len ); + + SSL_DEBUG_BUF( 3, "calc finished result", buf, len ); + + memset( &md5, 0, sizeof( md5_context ) ); + memset( &sha1, 0, sizeof( sha1_context ) ); + + memset( padbuf, 0, sizeof( padbuf ) ); + + SSL_DEBUG_MSG( 2, ( "<= calc finished" ) ); +} + +static void ssl_calc_finished_tls_sha256( + ssl_context *ssl, unsigned char *buf, int from ) +{ + int len = 12; + const char *sender; + sha2_context sha2; + unsigned char padbuf[32]; + + ssl_session *session = ssl->session_negotiate; + if( !session ) + session = ssl->session; + + SSL_DEBUG_MSG( 2, ( "=> calc finished tls sha256" ) ); + + memcpy( &sha2, &ssl->handshake->fin_sha2, sizeof(sha2_context) ); + + /* + * TLSv1.2: + * hash = PRF( master, finished_label, + * Hash( handshake ) )[0.11] + */ + +#if !defined(POLARSSL_SHA2_ALT) + SSL_DEBUG_BUF( 4, "finished sha2 state", (unsigned char *) + sha2.state, sizeof( sha2.state ) ); +#endif + + sender = ( from == SSL_IS_CLIENT ) + ? "client finished" + : "server finished"; + + sha2_finish( &sha2, padbuf ); + + ssl->handshake->tls_prf( session->master, 48, (char *) sender, + padbuf, 32, buf, len ); + + SSL_DEBUG_BUF( 3, "calc finished result", buf, len ); + + memset( &sha2, 0, sizeof( sha2_context ) ); + + memset( padbuf, 0, sizeof( padbuf ) ); + + SSL_DEBUG_MSG( 2, ( "<= calc finished" ) ); +} + +#if defined(POLARSSL_SHA4_C) +static void ssl_calc_finished_tls_sha384( + ssl_context *ssl, unsigned char *buf, int from ) +{ + int len = 12; + const char *sender; + sha4_context sha4; + unsigned char padbuf[48]; + + ssl_session *session = ssl->session_negotiate; + if( !session ) + session = ssl->session; + + SSL_DEBUG_MSG( 2, ( "=> calc finished tls sha384" ) ); + + memcpy( &sha4, &ssl->handshake->fin_sha4, sizeof(sha4_context) ); + + /* + * TLSv1.2: + * hash = PRF( master, finished_label, + * Hash( handshake ) )[0.11] + */ + +#if !defined(POLARSSL_SHA4_ALT) + SSL_DEBUG_BUF( 4, "finished sha4 state", (unsigned char *) + sha4.state, sizeof( sha4.state ) ); +#endif + + sender = ( from == SSL_IS_CLIENT ) + ? "client finished" + : "server finished"; + + sha4_finish( &sha4, padbuf ); + + ssl->handshake->tls_prf( session->master, 48, (char *) sender, + padbuf, 48, buf, len ); + + SSL_DEBUG_BUF( 3, "calc finished result", buf, len ); + + memset( &sha4, 0, sizeof( sha4_context ) ); + + memset( padbuf, 0, sizeof( padbuf ) ); + + SSL_DEBUG_MSG( 2, ( "<= calc finished" ) ); +} +#endif + +void ssl_handshake_wrapup( ssl_context *ssl ) +{ + SSL_DEBUG_MSG( 3, ( "=> handshake wrapup" ) ); + + /* + * Free our handshake params + */ + ssl_handshake_free( ssl->handshake ); + free( ssl->handshake ); + ssl->handshake = NULL; + + /* + * Switch in our now active transform context + */ + if( ssl->transform ) + { + ssl_transform_free( ssl->transform ); + free( ssl->transform ); + } + ssl->transform = ssl->transform_negotiate; + ssl->transform_negotiate = NULL; + + if( ssl->session ) + { + ssl_session_free( ssl->session ); + free( ssl->session ); + } + ssl->session = ssl->session_negotiate; + ssl->session_negotiate = NULL; + + /* + * Add cache entry + */ + if( ssl->f_set_cache != NULL ) + if( ssl->f_set_cache( ssl->p_set_cache, ssl->session ) != 0 ) + SSL_DEBUG_MSG( 1, ( "cache did not store session" ) ); + + ssl->state++; + + SSL_DEBUG_MSG( 3, ( "<= handshake wrapup" ) ); +} + +int ssl_write_finished( ssl_context *ssl ) +{ + int ret, hash_len; + + SSL_DEBUG_MSG( 2, ( "=> write finished" ) ); + + ssl->handshake->calc_finished( ssl, ssl->out_msg + 4, ssl->endpoint ); + + // TODO TLS/1.2 Hash length is determined by cipher suite (Page 63) + hash_len = ( ssl->minor_ver == SSL_MINOR_VERSION_0 ) ? 36 : 12; + + ssl->verify_data_len = hash_len; + memcpy( ssl->own_verify_data, ssl->out_msg + 4, hash_len ); + + ssl->out_msglen = 4 + hash_len; + ssl->out_msgtype = SSL_MSG_HANDSHAKE; + ssl->out_msg[0] = SSL_HS_FINISHED; + + /* + * In case of session resuming, invert the client and server + * ChangeCipherSpec messages order. + */ + if( ssl->handshake->resume != 0 ) + { + if( ssl->endpoint == SSL_IS_CLIENT ) + ssl->state = SSL_HANDSHAKE_WRAPUP; + else + ssl->state = SSL_CLIENT_CHANGE_CIPHER_SPEC; + } + else + ssl->state++; + + /* + * Switch to our negotiated transform and session parameters for outbound data. + */ + SSL_DEBUG_MSG( 3, ( "switching to new transform spec for outbound data" ) ); + ssl->transform_out = ssl->transform_negotiate; + ssl->session_out = ssl->session_negotiate; + memset( ssl->out_ctr, 0, 8 ); + + if( ( ret = ssl_write_record( ssl ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "ssl_write_record", ret ); + return( ret ); + } + + SSL_DEBUG_MSG( 2, ( "<= write finished" ) ); + + return( 0 ); +} + +int ssl_parse_finished( ssl_context *ssl ) +{ + int ret; + unsigned int hash_len; + unsigned char buf[36]; + + SSL_DEBUG_MSG( 2, ( "=> parse finished" ) ); + + ssl->handshake->calc_finished( ssl, buf, ssl->endpoint ^ 1 ); + + /* + * Switch to our negotiated transform and session parameters for inbound data. + */ + SSL_DEBUG_MSG( 3, ( "switching to new transform spec for inbound data" ) ); + ssl->transform_in = ssl->transform_negotiate; + ssl->session_in = ssl->session_negotiate; + memset( ssl->in_ctr, 0, 8 ); + + if( ( ret = ssl_read_record( ssl ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "ssl_read_record", ret ); + return( ret ); + } + + if( ssl->in_msgtype != SSL_MSG_HANDSHAKE ) + { + SSL_DEBUG_MSG( 1, ( "bad finished message" ) ); + return( POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE ); + } + + // TODO TLS/1.2 Hash length is determined by cipher suite (Page 63) + hash_len = ( ssl->minor_ver == SSL_MINOR_VERSION_0 ) ? 36 : 12; + + if( ssl->in_msg[0] != SSL_HS_FINISHED || + ssl->in_hslen != 4 + hash_len ) + { + SSL_DEBUG_MSG( 1, ( "bad finished message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_FINISHED ); + } + + if( memcmp( ssl->in_msg + 4, buf, hash_len ) != 0 ) + { + SSL_DEBUG_MSG( 1, ( "bad finished message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_FINISHED ); + } + + ssl->verify_data_len = hash_len; + memcpy( ssl->peer_verify_data, buf, hash_len ); + + if( ssl->handshake->resume != 0 ) + { + if( ssl->endpoint == SSL_IS_CLIENT ) + ssl->state = SSL_CLIENT_CHANGE_CIPHER_SPEC; + + if( ssl->endpoint == SSL_IS_SERVER ) + ssl->state = SSL_HANDSHAKE_WRAPUP; + } + else + ssl->state++; + + SSL_DEBUG_MSG( 2, ( "<= parse finished" ) ); + + return( 0 ); +} + +int ssl_handshake_init( ssl_context *ssl ) +{ + if( ssl->transform_negotiate ) + ssl_transform_free( ssl->transform_negotiate ); + else + ssl->transform_negotiate = malloc( sizeof(ssl_transform) ); + + if( ssl->session_negotiate ) + ssl_session_free( ssl->session_negotiate ); + else + ssl->session_negotiate = malloc( sizeof(ssl_session) ); + + if( ssl->handshake ) + ssl_handshake_free( ssl->handshake ); + else + ssl->handshake = malloc( sizeof(ssl_handshake_params) ); + + if( ssl->handshake == NULL || + ssl->transform_negotiate == NULL || + ssl->session_negotiate == NULL ) + { + SSL_DEBUG_MSG( 1, ( "malloc() of ssl sub-contexts failed" ) ); + return( POLARSSL_ERR_SSL_MALLOC_FAILED ); + } + + memset( ssl->handshake, 0, sizeof(ssl_handshake_params) ); + memset( ssl->transform_negotiate, 0, sizeof(ssl_transform) ); + memset( ssl->session_negotiate, 0, sizeof(ssl_session) ); + + md5_starts( &ssl->handshake->fin_md5 ); + sha1_starts( &ssl->handshake->fin_sha1 ); + sha2_starts( &ssl->handshake->fin_sha2, 0 ); +#if defined(POLARSSL_SHA4_C) + sha4_starts( &ssl->handshake->fin_sha4, 1 ); +#endif + + ssl->handshake->update_checksum = ssl_update_checksum_start; + ssl->handshake->sig_alg = SSL_HASH_SHA1; + + return( 0 ); +} + +/* + * Initialize an SSL context + */ +int ssl_init( ssl_context *ssl ) +{ + int ret; + int len = SSL_BUFFER_LEN; + + memset( ssl, 0, sizeof( ssl_context ) ); + + /* + * Sane defaults + */ + ssl->rsa_decrypt = ssl_rsa_decrypt; + ssl->rsa_sign = ssl_rsa_sign; + ssl->rsa_key_len = ssl_rsa_key_len; + + ssl->min_major_ver = SSL_MAJOR_VERSION_3; + ssl->min_minor_ver = SSL_MINOR_VERSION_0; + + ssl->ciphersuites = malloc( sizeof(int *) * 4 ); + ssl_set_ciphersuites( ssl, ssl_default_ciphersuites ); + +#if defined(POLARSSL_DHM_C) + if( ( ret = mpi_read_string( &ssl->dhm_P, 16, + POLARSSL_DHM_RFC5114_MODP_1024_P) ) != 0 || + ( ret = mpi_read_string( &ssl->dhm_G, 16, + POLARSSL_DHM_RFC5114_MODP_1024_G) ) != 0 ) + { + SSL_DEBUG_RET( 1, "mpi_read_string", ret ); + return( ret ); + } +#endif + + /* + * Prepare base structures + */ + ssl->in_ctr = (unsigned char *) malloc( len ); + ssl->in_hdr = ssl->in_ctr + 8; + ssl->in_msg = ssl->in_ctr + 13; + + if( ssl->in_ctr == NULL ) + { + SSL_DEBUG_MSG( 1, ( "malloc(%d bytes) failed", len ) ); + return( POLARSSL_ERR_SSL_MALLOC_FAILED ); + } + + ssl->out_ctr = (unsigned char *) malloc( len ); + ssl->out_hdr = ssl->out_ctr + 8; + ssl->out_msg = ssl->out_ctr + 40; + + if( ssl->out_ctr == NULL ) + { + SSL_DEBUG_MSG( 1, ( "malloc(%d bytes) failed", len ) ); + free( ssl-> in_ctr ); + return( POLARSSL_ERR_SSL_MALLOC_FAILED ); + } + + memset( ssl-> in_ctr, 0, SSL_BUFFER_LEN ); + memset( ssl->out_ctr, 0, SSL_BUFFER_LEN ); + + ssl->hostname = NULL; + ssl->hostname_len = 0; + + if( ( ret = ssl_handshake_init( ssl ) ) != 0 ) + return( ret ); + + return( 0 ); +} + +/* + * Reset an initialized and used SSL context for re-use while retaining + * all application-set variables, function pointers and data. + */ +int ssl_session_reset( ssl_context *ssl ) +{ + int ret; + + ssl->state = SSL_HELLO_REQUEST; + ssl->renegotiation = SSL_INITIAL_HANDSHAKE; + ssl->secure_renegotiation = SSL_LEGACY_RENEGOTIATION; + + ssl->verify_data_len = 0; + memset( ssl->own_verify_data, 0, 36 ); + memset( ssl->peer_verify_data, 0, 36 ); + + ssl->in_offt = NULL; + + ssl->in_msgtype = 0; + ssl->in_msglen = 0; + ssl->in_left = 0; + + ssl->in_hslen = 0; + ssl->nb_zero = 0; + + ssl->out_msgtype = 0; + ssl->out_msglen = 0; + ssl->out_left = 0; + + ssl->transform_in = NULL; + ssl->transform_out = NULL; + + memset( ssl->out_ctr, 0, SSL_BUFFER_LEN ); + memset( ssl->in_ctr, 0, SSL_BUFFER_LEN ); + +#if defined(POLARSSL_SSL_HW_RECORD_ACCEL) + if( ssl_hw_record_reset != NULL) + { + SSL_DEBUG_MSG( 2, ( "going for ssl_hw_record_reset()" ) ); + if( ssl_hw_record_reset( ssl ) != 0 ) + { + SSL_DEBUG_RET( 1, "ssl_hw_record_reset", ret ); + return( POLARSSL_ERR_SSL_HW_ACCEL_FAILED ); + } + } +#endif + + if( ssl->transform ) + { + ssl_transform_free( ssl->transform ); + free( ssl->transform ); + ssl->transform = NULL; + } + + if( ssl->session ) + { + ssl_session_free( ssl->session ); + free( ssl->session ); + ssl->session = NULL; + } + + if( ( ret = ssl_handshake_init( ssl ) ) != 0 ) + return( ret ); + + return( 0 ); +} + +/* + * SSL set accessors + */ +void ssl_set_endpoint( ssl_context *ssl, int endpoint ) +{ + ssl->endpoint = endpoint; +} + +void ssl_set_authmode( ssl_context *ssl, int authmode ) +{ + ssl->authmode = authmode; +} + +void ssl_set_verify( ssl_context *ssl, + int (*f_vrfy)(void *, x509_cert *, int, int *), + void *p_vrfy ) +{ + ssl->f_vrfy = f_vrfy; + ssl->p_vrfy = p_vrfy; +} + +void ssl_set_rng( ssl_context *ssl, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng ) +{ + ssl->f_rng = f_rng; + ssl->p_rng = p_rng; +} + +void ssl_set_dbg( ssl_context *ssl, + void (*f_dbg)(void *, int, const char *), + void *p_dbg ) +{ + ssl->f_dbg = f_dbg; + ssl->p_dbg = p_dbg; +} + +void ssl_set_bio( ssl_context *ssl, + int (*f_recv)(void *, unsigned char *, size_t), void *p_recv, + int (*f_send)(void *, const unsigned char *, size_t), void *p_send ) +{ + ssl->f_recv = f_recv; + ssl->f_send = f_send; + ssl->p_recv = p_recv; + ssl->p_send = p_send; +} + +void ssl_set_session_cache( ssl_context *ssl, + int (*f_get_cache)(void *, ssl_session *), void *p_get_cache, + int (*f_set_cache)(void *, const ssl_session *), void *p_set_cache ) +{ + ssl->f_get_cache = f_get_cache; + ssl->p_get_cache = p_get_cache; + ssl->f_set_cache = f_set_cache; + ssl->p_set_cache = p_set_cache; +} + +void ssl_set_session( ssl_context *ssl, const ssl_session *session ) +{ + memcpy( ssl->session_negotiate, session, sizeof(ssl_session) ); + ssl->handshake->resume = 1; +} + +void ssl_set_ciphersuites( ssl_context *ssl, const int *ciphersuites ) +{ + ssl->ciphersuites[SSL_MINOR_VERSION_0] = ciphersuites; + ssl->ciphersuites[SSL_MINOR_VERSION_1] = ciphersuites; + ssl->ciphersuites[SSL_MINOR_VERSION_2] = ciphersuites; + ssl->ciphersuites[SSL_MINOR_VERSION_3] = ciphersuites; +} + +void ssl_set_ciphersuites_for_version( ssl_context *ssl, const int *ciphersuites, + int major, int minor ) +{ + if( major != SSL_MAJOR_VERSION_3 ) + return; + + if( minor < SSL_MINOR_VERSION_0 || minor > SSL_MINOR_VERSION_3 ) + return; + + ssl->ciphersuites[minor] = ciphersuites; +} + +void ssl_set_ca_chain( ssl_context *ssl, x509_cert *ca_chain, + x509_crl *ca_crl, const char *peer_cn ) +{ + ssl->ca_chain = ca_chain; + ssl->ca_crl = ca_crl; + ssl->peer_cn = peer_cn; +} + +void ssl_set_own_cert( ssl_context *ssl, x509_cert *own_cert, + rsa_context *rsa_key ) +{ + ssl->own_cert = own_cert; + ssl->rsa_key = rsa_key; +} + +void ssl_set_own_cert_alt( ssl_context *ssl, x509_cert *own_cert, + void *rsa_key, + rsa_decrypt_func rsa_decrypt, + rsa_sign_func rsa_sign, + rsa_key_len_func rsa_key_len ) +{ + ssl->own_cert = own_cert; + ssl->rsa_key = rsa_key; + ssl->rsa_decrypt = rsa_decrypt; + ssl->rsa_sign = rsa_sign; + ssl->rsa_key_len = rsa_key_len; +} + + +#if defined(POLARSSL_DHM_C) +int ssl_set_dh_param( ssl_context *ssl, const char *dhm_P, const char *dhm_G ) +{ + int ret; + + if( ( ret = mpi_read_string( &ssl->dhm_P, 16, dhm_P ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "mpi_read_string", ret ); + return( ret ); + } + + if( ( ret = mpi_read_string( &ssl->dhm_G, 16, dhm_G ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "mpi_read_string", ret ); + return( ret ); + } + + return( 0 ); +} + +int ssl_set_dh_param_ctx( ssl_context *ssl, dhm_context *dhm_ctx ) +{ + int ret; + + if( ( ret = mpi_copy(&ssl->dhm_P, &dhm_ctx->P) ) != 0 ) + { + SSL_DEBUG_RET( 1, "mpi_copy", ret ); + return( ret ); + } + + if( ( ret = mpi_copy(&ssl->dhm_G, &dhm_ctx->G) ) != 0 ) + { + SSL_DEBUG_RET( 1, "mpi_copy", ret ); + return( ret ); + } + + return( 0 ); +} +#endif /* POLARSSL_DHM_C */ + +int ssl_set_hostname( ssl_context *ssl, const char *hostname ) +{ + if( hostname == NULL ) + return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); + + ssl->hostname_len = strlen( hostname ); + ssl->hostname = (unsigned char *) malloc( ssl->hostname_len + 1 ); + + if( ssl->hostname == NULL ) + return( POLARSSL_ERR_SSL_MALLOC_FAILED ); + + memcpy( ssl->hostname, (const unsigned char *) hostname, + ssl->hostname_len ); + + ssl->hostname[ssl->hostname_len] = '\0'; + + return( 0 ); +} + +void ssl_set_sni( ssl_context *ssl, + int (*f_sni)(void *, ssl_context *, + const unsigned char *, size_t), + void *p_sni ) +{ + ssl->f_sni = f_sni; + ssl->p_sni = p_sni; +} + +void ssl_set_max_version( ssl_context *ssl, int major, int minor ) +{ + ssl->max_major_ver = major; + ssl->max_minor_ver = minor; +} + +void ssl_set_min_version( ssl_context *ssl, int major, int minor ) +{ + ssl->min_major_ver = major; + ssl->min_minor_ver = minor; +} + +void ssl_set_renegotiation( ssl_context *ssl, int renegotiation ) +{ + ssl->disable_renegotiation = renegotiation; +} + +void ssl_legacy_renegotiation( ssl_context *ssl, int allow_legacy ) +{ + ssl->allow_legacy_renegotiation = allow_legacy; +} + +/* + * SSL get accessors + */ +size_t ssl_get_bytes_avail( const ssl_context *ssl ) +{ + return( ssl->in_offt == NULL ? 0 : ssl->in_msglen ); +} + +int ssl_get_verify_result( const ssl_context *ssl ) +{ + return( ssl->verify_result ); +} + +const char *ssl_get_ciphersuite_name( const int ciphersuite_id ) +{ + switch( ciphersuite_id ) + { +#if defined(POLARSSL_ARC4_C) + case TLS_RSA_WITH_RC4_128_MD5: + return( "TLS-RSA-WITH-RC4-128-MD5" ); + + case TLS_RSA_WITH_RC4_128_SHA: + return( "TLS-RSA-WITH-RC4-128-SHA" ); +#endif + +#if defined(POLARSSL_DES_C) + case TLS_RSA_WITH_3DES_EDE_CBC_SHA: + return( "TLS-RSA-WITH-3DES-EDE-CBC-SHA" ); + + case TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA: + return( "TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA" ); +#endif + +#if defined(POLARSSL_AES_C) + case TLS_RSA_WITH_AES_128_CBC_SHA: + return( "TLS-RSA-WITH-AES-128-CBC-SHA" ); + + case TLS_DHE_RSA_WITH_AES_128_CBC_SHA: + return( "TLS-DHE-RSA-WITH-AES-128-CBC-SHA" ); + + case TLS_RSA_WITH_AES_256_CBC_SHA: + return( "TLS-RSA-WITH-AES-256-CBC-SHA" ); + + case TLS_DHE_RSA_WITH_AES_256_CBC_SHA: + return( "TLS-DHE-RSA-WITH-AES-256-CBC-SHA" ); + +#if defined(POLARSSL_SHA2_C) + case TLS_RSA_WITH_AES_128_CBC_SHA256: + return( "TLS-RSA-WITH-AES-128-CBC-SHA256" ); + + case TLS_RSA_WITH_AES_256_CBC_SHA256: + return( "TLS-RSA-WITH-AES-256-CBC-SHA256" ); + + case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256: + return( "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256" ); + + case TLS_DHE_RSA_WITH_AES_256_CBC_SHA256: + return( "TLS-DHE-RSA-WITH-AES-256-CBC-SHA256" ); +#endif + +#if defined(POLARSSL_GCM_C) && defined(POLARSSL_SHA2_C) + case TLS_RSA_WITH_AES_128_GCM_SHA256: + return( "TLS-RSA-WITH-AES-128-GCM-SHA256" ); + + case TLS_RSA_WITH_AES_256_GCM_SHA384: + return( "TLS-RSA-WITH-AES-256-GCM-SHA384" ); +#endif + +#if defined(POLARSSL_GCM_C) && defined(POLARSSL_SHA4_C) + case TLS_DHE_RSA_WITH_AES_128_GCM_SHA256: + return( "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256" ); + + case TLS_DHE_RSA_WITH_AES_256_GCM_SHA384: + return( "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384" ); +#endif +#endif /* POLARSSL_AES_C */ + +#if defined(POLARSSL_CAMELLIA_C) + case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA: + return( "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA" ); + + case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA: + return( "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA" ); + + case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA: + return( "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA" ); + + case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA: + return( "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA" ); + +#if defined(POLARSSL_SHA2_C) + case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256: + return( "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256" ); + + case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256: + return( "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256" ); + + case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256: + return( "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256" ); + + case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256: + return( "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256" ); +#endif +#endif + +#if defined(POLARSSL_ENABLE_WEAK_CIPHERSUITES) +#if defined(POLARSSL_CIPHER_NULL_CIPHER) + case TLS_RSA_WITH_NULL_MD5: + return( "TLS-RSA-WITH-NULL-MD5" ); + case TLS_RSA_WITH_NULL_SHA: + return( "TLS-RSA-WITH-NULL-SHA" ); + case TLS_RSA_WITH_NULL_SHA256: + return( "TLS-RSA-WITH-NULL-SHA256" ); +#endif /* defined(POLARSSL_CIPHER_NULL_CIPHER) */ + +#if defined(POLARSSL_DES_C) + case TLS_RSA_WITH_DES_CBC_SHA: + return( "TLS-RSA-WITH-DES-CBC-SHA" ); + case TLS_DHE_RSA_WITH_DES_CBC_SHA: + return( "TLS-DHE-RSA-WITH-DES-CBC-SHA" ); +#endif +#endif /* defined(POLARSSL_ENABLE_WEAK_CIPHERSUITES) */ + + default: + break; + } + + return( "unknown" ); +} + +int ssl_get_ciphersuite_id( const char *ciphersuite_name ) +{ +#if defined(POLARSSL_ARC4_C) + if (0 == strcasecmp(ciphersuite_name, "TLS-RSA-WITH-RC4-128-MD5")) + return( TLS_RSA_WITH_RC4_128_MD5 ); + if (0 == strcasecmp(ciphersuite_name, "TLS-RSA-WITH-RC4-128-SHA")) + return( TLS_RSA_WITH_RC4_128_SHA ); +#endif + +#if defined(POLARSSL_DES_C) + if (0 == strcasecmp(ciphersuite_name, "TLS-RSA-WITH-3DES-EDE-CBC-SHA")) + return( TLS_RSA_WITH_3DES_EDE_CBC_SHA ); + if (0 == strcasecmp(ciphersuite_name, "TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA")) + return( TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA ); +#endif + +#if defined(POLARSSL_AES_C) + if (0 == strcasecmp(ciphersuite_name, "TLS-RSA-WITH-AES-128-CBC-SHA")) + return( TLS_RSA_WITH_AES_128_CBC_SHA ); + if (0 == strcasecmp(ciphersuite_name, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA")) + return( TLS_DHE_RSA_WITH_AES_128_CBC_SHA ); + if (0 == strcasecmp(ciphersuite_name, "TLS-RSA-WITH-AES-256-CBC-SHA")) + return( TLS_RSA_WITH_AES_256_CBC_SHA ); + if (0 == strcasecmp(ciphersuite_name, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA")) + return( TLS_DHE_RSA_WITH_AES_256_CBC_SHA ); + +#if defined(POLARSSL_SHA2_C) + if (0 == strcasecmp(ciphersuite_name, "TLS-RSA-WITH-AES-128-CBC-SHA256")) + return( TLS_RSA_WITH_AES_128_CBC_SHA256 ); + if (0 == strcasecmp(ciphersuite_name, "TLS-RSA-WITH-AES-256-CBC-SHA256")) + return( TLS_RSA_WITH_AES_256_CBC_SHA256 ); + if (0 == strcasecmp(ciphersuite_name, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA256")) + return( TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 ); + if (0 == strcasecmp(ciphersuite_name, "TLS-DHE-RSA-WITH-AES-256-CBC-SHA256")) + return( TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 ); +#endif + +#if defined(POLARSSL_GCM_C) && defined(POLARSSL_SHA2_C) + if (0 == strcasecmp(ciphersuite_name, "TLS-RSA-WITH-AES-128-GCM-SHA256")) + return( TLS_RSA_WITH_AES_128_GCM_SHA256 ); + if (0 == strcasecmp(ciphersuite_name, "TLS-RSA-WITH-AES-256-GCM-SHA384")) + return( TLS_RSA_WITH_AES_256_GCM_SHA384 ); +#endif + +#if defined(POLARSSL_GCM_C) && defined(POLARSSL_SHA2_C) + if (0 == strcasecmp(ciphersuite_name, "TLS-DHE-RSA-WITH-AES-128-GCM-SHA256")) + return( TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 ); + if (0 == strcasecmp(ciphersuite_name, "TLS-DHE-RSA-WITH-AES-256-GCM-SHA384")) + return( TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 ); +#endif +#endif + +#if defined(POLARSSL_CAMELLIA_C) + if (0 == strcasecmp(ciphersuite_name, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA")) + return( TLS_RSA_WITH_CAMELLIA_128_CBC_SHA ); + if (0 == strcasecmp(ciphersuite_name, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA")) + return( TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA ); + if (0 == strcasecmp(ciphersuite_name, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA")) + return( TLS_RSA_WITH_CAMELLIA_256_CBC_SHA ); + if (0 == strcasecmp(ciphersuite_name, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA")) + return( TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA ); + +#if defined(POLARSSL_SHA2_C) + if (0 == strcasecmp(ciphersuite_name, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256")) + return( TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 ); + if (0 == strcasecmp(ciphersuite_name, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256")) + return( TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 ); + if (0 == strcasecmp(ciphersuite_name, "TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256")) + return( TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 ); + if (0 == strcasecmp(ciphersuite_name, "TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256")) + return( TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 ); +#endif +#endif + +#if defined(POLARSSL_ENABLE_WEAK_CIPHERSUITES) +#if defined(POLARSSL_CIPHER_NULL_CIPHER) + if (0 == strcasecmp(ciphersuite_name, "TLS-RSA-WITH-NULL-MD5")) + return( TLS_RSA_WITH_NULL_MD5 ); + if (0 == strcasecmp(ciphersuite_name, "TLS-RSA-WITH-NULL-SHA")) + return( TLS_RSA_WITH_NULL_SHA ); + if (0 == strcasecmp(ciphersuite_name, "TLS-RSA-WITH-NULL-SHA256")) + return( TLS_RSA_WITH_NULL_SHA256 ); +#endif /* defined(POLARSSL_CIPHER_NULL_CIPHER) */ + +#if defined(POLARSSL_DES_C) + if (0 == strcasecmp(ciphersuite_name, "TLS-RSA-WITH-DES-CBC-SHA")) + return( TLS_RSA_WITH_DES_CBC_SHA ); + if (0 == strcasecmp(ciphersuite_name, "TLS-DHE-RSA-WITH-DES-CBC-SHA")) + return( TLS_DHE_RSA_WITH_DES_CBC_SHA ); +#endif +#endif /* defined(POLARSSL_ENABLE_WEAK_CIPHERSUITES) */ + + return( 0 ); +} + +const char *ssl_get_ciphersuite( const ssl_context *ssl ) +{ + if( ssl == NULL || ssl->session == NULL ) + return NULL; + + return ssl_get_ciphersuite_name( ssl->session->ciphersuite ); +} + +const char *ssl_get_version( const ssl_context *ssl ) +{ + switch( ssl->minor_ver ) + { + case SSL_MINOR_VERSION_0: + return( "SSLv3.0" ); + + case SSL_MINOR_VERSION_1: + return( "TLSv1.0" ); + + case SSL_MINOR_VERSION_2: + return( "TLSv1.1" ); + + case SSL_MINOR_VERSION_3: + return( "TLSv1.2" ); + + default: + break; + } + return( "unknown" ); +} + +const x509_cert *ssl_get_peer_cert( const ssl_context *ssl ) +{ + if( ssl == NULL || ssl->session == NULL ) + return NULL; + + return ssl->session->peer_cert; +} + +const int ssl_default_ciphersuites[] = +{ +#if defined(POLARSSL_DHM_C) +#if defined(POLARSSL_AES_C) +#if defined(POLARSSL_SHA2_C) + TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, +#endif /* POLARSSL_SHA2_C */ +#if defined(POLARSSL_GCM_C) && defined(POLARSSL_SHA4_C) + TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, +#endif + TLS_DHE_RSA_WITH_AES_256_CBC_SHA, +#if defined(POLARSSL_SHA2_C) + TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, +#endif +#if defined(POLARSSL_GCM_C) && defined(POLARSSL_SHA2_C) + TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, +#endif + TLS_DHE_RSA_WITH_AES_128_CBC_SHA, +#endif +#if defined(POLARSSL_CAMELLIA_C) +#if defined(POLARSSL_SHA2_C) + TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, +#endif /* POLARSSL_SHA2_C */ + TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, +#if defined(POLARSSL_SHA2_C) + TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, +#endif /* POLARSSL_SHA2_C */ + TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, +#endif +#if defined(POLARSSL_DES_C) + TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, +#endif +#endif + +#if defined(POLARSSL_AES_C) +#if defined(POLARSSL_SHA2_C) + TLS_RSA_WITH_AES_256_CBC_SHA256, +#endif /* POLARSSL_SHA2_C */ +#if defined(POLARSSL_GCM_C) && defined(POLARSSL_SHA4_C) + TLS_RSA_WITH_AES_256_GCM_SHA384, +#endif /* POLARSSL_SHA2_C */ + TLS_RSA_WITH_AES_256_CBC_SHA, +#endif +#if defined(POLARSSL_CAMELLIA_C) +#if defined(POLARSSL_SHA2_C) + TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, +#endif /* POLARSSL_SHA2_C */ + TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, +#endif +#if defined(POLARSSL_AES_C) +#if defined(POLARSSL_SHA2_C) + TLS_RSA_WITH_AES_128_CBC_SHA256, +#endif /* POLARSSL_SHA2_C */ +#if defined(POLARSSL_GCM_C) && defined(POLARSSL_SHA2_C) + TLS_RSA_WITH_AES_128_GCM_SHA256, +#endif /* POLARSSL_SHA2_C */ + TLS_RSA_WITH_AES_128_CBC_SHA, +#endif +#if defined(POLARSSL_CAMELLIA_C) +#if defined(POLARSSL_SHA2_C) + TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, +#endif /* POLARSSL_SHA2_C */ + TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, +#endif +#if defined(POLARSSL_DES_C) + TLS_RSA_WITH_3DES_EDE_CBC_SHA, +#endif +#if defined(POLARSSL_ARC4_C) + TLS_RSA_WITH_RC4_128_SHA, + TLS_RSA_WITH_RC4_128_MD5, +#endif + 0 +}; + +/* + * Perform a single step of the SSL handshake + */ +int ssl_handshake_step( ssl_context *ssl ) +{ + int ret = POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE; + +#if defined(POLARSSL_SSL_CLI_C) + if( ssl->endpoint == SSL_IS_CLIENT ) + ret = ssl_handshake_client_step( ssl ); +#endif + +#if defined(POLARSSL_SSL_SRV_C) + if( ssl->endpoint == SSL_IS_SERVER ) + ret = ssl_handshake_server_step( ssl ); +#endif + + return( ret ); +} + +/* + * Perform the SSL handshake + */ +int ssl_handshake( ssl_context *ssl ) +{ + int ret = 0; + + SSL_DEBUG_MSG( 2, ( "=> handshake" ) ); + + while( ssl->state != SSL_HANDSHAKE_OVER ) + { + ret = ssl_handshake_step( ssl ); + + if( ret != 0 ) + break; + } + + SSL_DEBUG_MSG( 2, ( "<= handshake" ) ); + + return( ret ); +} + +/* + * Renegotiate current connection + */ +int ssl_renegotiate( ssl_context *ssl ) +{ + int ret; + + SSL_DEBUG_MSG( 2, ( "=> renegotiate" ) ); + + if( ssl->state != SSL_HANDSHAKE_OVER ) + return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); + + ssl->state = SSL_HELLO_REQUEST; + ssl->renegotiation = SSL_RENEGOTIATION; + + if( ( ret = ssl_handshake_init( ssl ) ) != 0 ) + return( ret ); + + if( ( ret = ssl_handshake( ssl ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "ssl_handshake", ret ); + return( ret ); + } + + SSL_DEBUG_MSG( 2, ( "<= renegotiate" ) ); + + return( 0 ); +} + +/* + * Receive application data decrypted from the SSL layer + */ +int ssl_read( ssl_context *ssl, unsigned char *buf, size_t len ) +{ + int ret; + size_t n; + + SSL_DEBUG_MSG( 2, ( "=> read" ) ); + + if( ssl->state != SSL_HANDSHAKE_OVER ) + { + if( ( ret = ssl_handshake( ssl ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "ssl_handshake", ret ); + return( ret ); + } + } + + if( ssl->in_offt == NULL ) + { + if( ( ret = ssl_read_record( ssl ) ) != 0 ) + { + if( ret == POLARSSL_ERR_SSL_CONN_EOF ) + return( 0 ); + + SSL_DEBUG_RET( 1, "ssl_read_record", ret ); + return( ret ); + } + + if( ssl->in_msglen == 0 && + ssl->in_msgtype == SSL_MSG_APPLICATION_DATA ) + { + /* + * OpenSSL sends empty messages to randomize the IV + */ + if( ( ret = ssl_read_record( ssl ) ) != 0 ) + { + if( ret == POLARSSL_ERR_SSL_CONN_EOF ) + return( 0 ); + + SSL_DEBUG_RET( 1, "ssl_read_record", ret ); + return( ret ); + } + } + + if( ssl->in_msgtype == SSL_MSG_HANDSHAKE ) + { + SSL_DEBUG_MSG( 1, ( "received handshake message" ) ); + + if( ssl->endpoint == SSL_IS_CLIENT && + ( ssl->in_msg[0] != SSL_HS_HELLO_REQUEST || + ssl->in_hslen != 4 ) ) + { + SSL_DEBUG_MSG( 1, ( "handshake received (not HelloRequest)" ) ); + return( POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE ); + } + + if( ssl->disable_renegotiation == SSL_RENEGOTIATION_DISABLED || + ( ssl->secure_renegotiation == SSL_LEGACY_RENEGOTIATION && + ssl->allow_legacy_renegotiation == SSL_LEGACY_NO_RENEGOTIATION ) ) + { + SSL_DEBUG_MSG( 3, ( "ignoring renegotiation, sending alert" ) ); + + if( ssl->minor_ver == SSL_MINOR_VERSION_0 ) + { + /* + * SSLv3 does not have a "no_renegotiation" alert + */ + if( ( ret = ssl_send_fatal_handshake_failure( ssl ) ) != 0 ) + return( ret ); + } + else + { + if( ( ret = ssl_send_alert_message( ssl, + SSL_ALERT_LEVEL_WARNING, + SSL_ALERT_MSG_NO_RENEGOTIATION ) ) != 0 ) + { + return( ret ); + } + } + } + else + { + if( ( ret = ssl_renegotiate( ssl ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "ssl_renegotiate", ret ); + return( ret ); + } + + return( POLARSSL_ERR_NET_WANT_READ ); + } + } + else if( ssl->in_msgtype != SSL_MSG_APPLICATION_DATA ) + { + SSL_DEBUG_MSG( 1, ( "bad application data message" ) ); + return( POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE ); + } + + ssl->in_offt = ssl->in_msg; + } + + n = ( len < ssl->in_msglen ) + ? len : ssl->in_msglen; + + memcpy( buf, ssl->in_offt, n ); + ssl->in_msglen -= n; + + if( ssl->in_msglen == 0 ) + /* all bytes consumed */ + ssl->in_offt = NULL; + else + /* more data available */ + ssl->in_offt += n; + + SSL_DEBUG_MSG( 2, ( "<= read" ) ); + + return( (int) n ); +} + +/* + * Send application data to be encrypted by the SSL layer + */ +int ssl_write( ssl_context *ssl, const unsigned char *buf, size_t len ) +{ + int ret; + size_t n; + + SSL_DEBUG_MSG( 2, ( "=> write" ) ); + + if( ssl->state != SSL_HANDSHAKE_OVER ) + { + if( ( ret = ssl_handshake( ssl ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "ssl_handshake", ret ); + return( ret ); + } + } + + n = ( len < SSL_MAX_CONTENT_LEN ) + ? len : SSL_MAX_CONTENT_LEN; + + if( ssl->out_left != 0 ) + { + if( ( ret = ssl_flush_output( ssl ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "ssl_flush_output", ret ); + return( ret ); + } + } + else + { + ssl->out_msglen = n; + ssl->out_msgtype = SSL_MSG_APPLICATION_DATA; + memcpy( ssl->out_msg, buf, n ); + + if( ( ret = ssl_write_record( ssl ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "ssl_write_record", ret ); + return( ret ); + } + } + + SSL_DEBUG_MSG( 2, ( "<= write" ) ); + + return( (int) n ); +} + +/* + * Notify the peer that the connection is being closed + */ +int ssl_close_notify( ssl_context *ssl ) +{ + int ret; + + SSL_DEBUG_MSG( 2, ( "=> write close notify" ) ); + + if( ( ret = ssl_flush_output( ssl ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "ssl_flush_output", ret ); + return( ret ); + } + + if( ssl->state == SSL_HANDSHAKE_OVER ) + { + if( ( ret = ssl_send_alert_message( ssl, + SSL_ALERT_LEVEL_WARNING, + SSL_ALERT_MSG_CLOSE_NOTIFY ) ) != 0 ) + { + return( ret ); + } + } + + SSL_DEBUG_MSG( 2, ( "<= write close notify" ) ); + + return( ret ); +} + +void ssl_transform_free( ssl_transform *transform ) +{ +#if defined(POLARSSL_ZLIB_SUPPORT) + deflateEnd( &transform->ctx_deflate ); + inflateEnd( &transform->ctx_inflate ); +#endif + + memset( transform, 0, sizeof( ssl_transform ) ); +} + +void ssl_handshake_free( ssl_handshake_params *handshake ) +{ +#if defined(POLARSSL_DHM_C) + dhm_free( &handshake->dhm_ctx ); +#endif + memset( handshake, 0, sizeof( ssl_handshake_params ) ); +} + +void ssl_session_free( ssl_session *session ) +{ + if( session->peer_cert != NULL ) + { + x509_free( session->peer_cert ); + free( session->peer_cert ); + } + + memset( session, 0, sizeof( ssl_session ) ); +} + +/* + * Free an SSL context + */ +void ssl_free( ssl_context *ssl ) +{ + SSL_DEBUG_MSG( 2, ( "=> free" ) ); + + free( ssl->ciphersuites ); + + if( ssl->out_ctr != NULL ) + { + memset( ssl->out_ctr, 0, SSL_BUFFER_LEN ); + free( ssl->out_ctr ); + } + + if( ssl->in_ctr != NULL ) + { + memset( ssl->in_ctr, 0, SSL_BUFFER_LEN ); + free( ssl->in_ctr ); + } + +#if defined(POLARSSL_DHM_C) + mpi_free( &ssl->dhm_P ); + mpi_free( &ssl->dhm_G ); +#endif + + if( ssl->transform ) + { + ssl_transform_free( ssl->transform ); + free( ssl->transform ); + } + + if( ssl->handshake ) + { + ssl_handshake_free( ssl->handshake ); + ssl_transform_free( ssl->transform_negotiate ); + ssl_session_free( ssl->session_negotiate ); + + free( ssl->handshake ); + free( ssl->transform_negotiate ); + free( ssl->session_negotiate ); + } + + if( ssl->session ) + { + ssl_session_free( ssl->session ); + free( ssl->session ); + } + + if ( ssl->hostname != NULL) + { + memset( ssl->hostname, 0, ssl->hostname_len ); + free( ssl->hostname ); + ssl->hostname_len = 0; + } + +#if defined(POLARSSL_SSL_HW_RECORD_ACCEL) + if( ssl_hw_record_finish != NULL ) + { + SSL_DEBUG_MSG( 2, ( "going for ssl_hw_record_finish()" ) ); + ssl_hw_record_finish( ssl ); + } +#endif + + SSL_DEBUG_MSG( 2, ( "<= free" ) ); + + /* Actually clear after last debug message */ + memset( ssl, 0, sizeof( ssl_context ) ); +} + +#endif diff --git a/polarssl/timing.c b/polarssl/timing.c new file mode 100644 index 0000000..0273d1a --- /dev/null +++ b/polarssl/timing.c @@ -0,0 +1,312 @@ +/* + * Portable interface to the CPU cycle counter + * + * Copyright (C) 2006-2010, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#include "polarssl/config.h" + +#if defined(POLARSSL_TIMING_C) + +#include "polarssl/timing.h" + +#if defined(_WIN32) + +#include +#include + +struct _hr_time +{ + LARGE_INTEGER start; +}; + +#else + +#include +#include +#include +#include +#include + +struct _hr_time +{ + struct timeval start; +}; + +#endif + +#if !defined(POLARSSL_HAVE_HARDCLOCK) && defined(POLARSSL_HAVE_ASM) && \ + (defined(_MSC_VER) && defined(_M_IX86)) || defined(__WATCOMC__) + +#define POLARSSL_HAVE_HARDCLOCK + +unsigned long hardclock( void ) +{ + unsigned long tsc; + __asm rdtsc + __asm mov [tsc], eax + return( tsc ); +} +#endif + +#if !defined(POLARSSL_HAVE_HARDCLOCK) && defined(POLARSSL_HAVE_ASM) && \ + defined(__GNUC__) && defined(__i386__) + +#define POLARSSL_HAVE_HARDCLOCK + +unsigned long hardclock( void ) +{ + unsigned long lo, hi; + asm( "rdtsc" : "=a" (lo), "=d" (hi) ); + return( lo ); +} +#endif + +#if !defined(POLARSSL_HAVE_HARDCLOCK) && defined(POLARSSL_HAVE_ASM) && \ + defined(__GNUC__) && (defined(__amd64__) || defined(__x86_64__)) + +#define POLARSSL_HAVE_HARDCLOCK + +unsigned long hardclock( void ) +{ + unsigned long lo, hi; + asm( "rdtsc" : "=a" (lo), "=d" (hi) ); + return( lo | (hi << 32) ); +} +#endif + +#if !defined(POLARSSL_HAVE_HARDCLOCK) && defined(POLARSSL_HAVE_ASM) && \ + defined(__GNUC__) && (defined(__powerpc__) || defined(__ppc__)) + +#define POLARSSL_HAVE_HARDCLOCK + +unsigned long hardclock( void ) +{ + unsigned long tbl, tbu0, tbu1; + + do + { + asm( "mftbu %0" : "=r" (tbu0) ); + asm( "mftb %0" : "=r" (tbl ) ); + asm( "mftbu %0" : "=r" (tbu1) ); + } + while( tbu0 != tbu1 ); + + return( tbl ); +} +#endif + +#if !defined(POLARSSL_HAVE_HARDCLOCK) && defined(POLARSSL_HAVE_ASM) && \ + defined(__GNUC__) && defined(__sparc64__) + +#if defined(__OpenBSD__) +#warning OpenBSD does not allow access to tick register using software version instead +#else +#define POLARSSL_HAVE_HARDCLOCK + +unsigned long hardclock( void ) +{ + unsigned long tick; + asm( "rdpr %%tick, %0;" : "=&r" (tick) ); + return( tick ); +} +#endif +#endif + +#if !defined(POLARSSL_HAVE_HARDCLOCK) && defined(POLARSSL_HAVE_ASM) && \ + defined(__GNUC__) && defined(__sparc__) && !defined(__sparc64__) + +#define POLARSSL_HAVE_HARDCLOCK + +unsigned long hardclock( void ) +{ + unsigned long tick; + asm( ".byte 0x83, 0x41, 0x00, 0x00" ); + asm( "mov %%g1, %0" : "=r" (tick) ); + return( tick ); +} +#endif + +#if !defined(POLARSSL_HAVE_HARDCLOCK) && defined(POLARSSL_HAVE_ASM) && \ + defined(__GNUC__) && defined(__alpha__) + +#define POLARSSL_HAVE_HARDCLOCK + +unsigned long hardclock( void ) +{ + unsigned long cc; + asm( "rpcc %0" : "=r" (cc) ); + return( cc & 0xFFFFFFFF ); +} +#endif + +#if !defined(POLARSSL_HAVE_HARDCLOCK) && defined(POLARSSL_HAVE_ASM) && \ + defined(__GNUC__) && defined(__ia64__) + +#define POLARSSL_HAVE_HARDCLOCK + +unsigned long hardclock( void ) +{ + unsigned long itc; + asm( "mov %0 = ar.itc" : "=r" (itc) ); + return( itc ); +} +#endif + +#if !defined(POLARSSL_HAVE_HARDCLOCK) && defined(_MSC_VER) + +#define POLARSSL_HAVE_HARDCLOCK + +unsigned long hardclock( void ) +{ + LARGE_INTEGER offset; + + QueryPerformanceCounter( &offset ); + + return (unsigned long)( offset.QuadPart ); +} +#endif + +#if !defined(POLARSSL_HAVE_HARDCLOCK) + +#define POLARSSL_HAVE_HARDCLOCK + +static int hardclock_init = 0; +static struct timeval tv_init; + +unsigned long hardclock( void ) +{ + struct timeval tv_cur; + + if( hardclock_init == 0 ) + { + gettimeofday( &tv_init, NULL ); + hardclock_init = 1; + } + + gettimeofday( &tv_cur, NULL ); + return( ( tv_cur.tv_sec - tv_init.tv_sec ) * 1000000 + + ( tv_cur.tv_usec - tv_init.tv_usec ) ); +} +#endif + +volatile int alarmed = 0; + +#if defined(_WIN32) + +unsigned long get_timer( struct hr_time *val, int reset ) +{ + unsigned long delta; + LARGE_INTEGER offset, hfreq; + struct _hr_time *t = (struct _hr_time *) val; + + QueryPerformanceCounter( &offset ); + QueryPerformanceFrequency( &hfreq ); + + delta = (unsigned long)( ( 1000 * + ( offset.QuadPart - t->start.QuadPart ) ) / + hfreq.QuadPart ); + + if( reset ) + QueryPerformanceCounter( &t->start ); + + return( delta ); +} + +DWORD WINAPI TimerProc( LPVOID uElapse ) +{ + Sleep( (DWORD) uElapse ); + alarmed = 1; + return( TRUE ); +} + +void set_alarm( int seconds ) +{ + DWORD ThreadId; + + alarmed = 0; + CloseHandle( CreateThread( NULL, 0, TimerProc, + (LPVOID) ( seconds * 1000 ), 0, &ThreadId ) ); +} + +void m_sleep( int milliseconds ) +{ + Sleep( milliseconds ); +} + +#else + +unsigned long get_timer( struct hr_time *val, int reset ) +{ + unsigned long delta; + struct timeval offset; + struct _hr_time *t = (struct _hr_time *) val; + + gettimeofday( &offset, NULL ); + + delta = ( offset.tv_sec - t->start.tv_sec ) * 1000 + + ( offset.tv_usec - t->start.tv_usec ) / 1000; + + if( reset ) + { + t->start.tv_sec = offset.tv_sec; + t->start.tv_usec = offset.tv_usec; + } + + return( delta ); +} + +#if defined(INTEGRITY) +void m_sleep( int milliseconds ) +{ + usleep( milliseconds * 1000 ); +} + +#else + +static void sighandler( int signum ) +{ + alarmed = 1; + signal( signum, sighandler ); +} + +void set_alarm( int seconds ) +{ + alarmed = 0; + signal( SIGALRM, sighandler ); + alarm( seconds ); +} + +void m_sleep( int milliseconds ) +{ + struct timeval tv; + + tv.tv_sec = milliseconds / 1000; + tv.tv_usec = milliseconds * 1000; + + select( 0, NULL, NULL, NULL, &tv ); +} +#endif /* INTEGRITY */ + +#endif + +#endif diff --git a/polarssl/timing.h b/polarssl/timing.h new file mode 100644 index 0000000..355c63c --- /dev/null +++ b/polarssl/timing.h @@ -0,0 +1,75 @@ +/** + * \file timing.h + * + * \brief Portable interface to the CPU cycle counter + * + * Copyright (C) 2006-2010, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef POLARSSL_TIMING_H +#define POLARSSL_TIMING_H + +/** + * \brief timer structure + */ +struct hr_time +{ + unsigned char opaque[32]; +}; + +#ifdef __cplusplus +extern "C" { +#endif + +extern volatile int alarmed; + +/** + * \brief Return the CPU cycle counter value + */ +unsigned long hardclock( void ); + +/** + * \brief Return the elapsed time in milliseconds + * + * \param val points to a timer structure + * \param reset if set to 1, the timer is restarted + */ +unsigned long get_timer( struct hr_time *val, int reset ); + +/** + * \brief Setup an alarm clock + * + * \param seconds delay before the "alarmed" flag is set + */ +void set_alarm( int seconds ); + +/** + * \brief Sleep for a certain amount of time + * + * \param milliseconds delay in milliseconds + */ +void m_sleep( int milliseconds ); + +#ifdef __cplusplus +} +#endif + +#endif /* timing.h */ diff --git a/polarssl/version.c b/polarssl/version.c new file mode 100644 index 0000000..c1080b7 --- /dev/null +++ b/polarssl/version.c @@ -0,0 +1,50 @@ +/* + * Version information + * + * Copyright (C) 2006-2010, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#include "polarssl/config.h" + +#if defined(POLARSSL_VERSION_C) + +#include "polarssl/version.h" +#include + +const char version[] = POLARSSL_VERSION_STRING; + +unsigned int version_get_number() +{ + return POLARSSL_VERSION_NUMBER; +} + +void version_get_string( char *string ) +{ + memcpy( string, POLARSSL_VERSION_STRING, sizeof( POLARSSL_VERSION_STRING ) ); +} + +void version_get_string_full( char *string ) +{ + memcpy( string, POLARSSL_VERSION_STRING_FULL, sizeof( POLARSSL_VERSION_STRING_FULL ) ); +} + +#endif /* POLARSSL_VERSION_C */ diff --git a/polarssl/version.h b/polarssl/version.h new file mode 100644 index 0000000..ebaa9c0 --- /dev/null +++ b/polarssl/version.h @@ -0,0 +1,81 @@ +/** + * \file version.h + * + * \brief Run-time version information + * + * Copyright (C) 2006-2012, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +/* + * This set of compile-time defines and run-time variables can be used to + * determine the version number of the PolarSSL library used. + */ +#ifndef POLARSSL_VERSION_H +#define POLARSSL_VERSION_H + +#include "polarssl/config.h" + +/** + * The version number x.y.z is split into three parts. + * Major, Minor, Patchlevel + */ +#define POLARSSL_VERSION_MAJOR 1 +#define POLARSSL_VERSION_MINOR 2 +#define POLARSSL_VERSION_PATCH 8 + +/** + * The single version number has the following structure: + * MMNNPP00 + * Major version | Minor version | Patch version + */ +#define POLARSSL_VERSION_NUMBER 0x01020800 +#define POLARSSL_VERSION_STRING "1.2.8" +#define POLARSSL_VERSION_STRING_FULL "PolarSSL 1.2.8" + +#if defined(POLARSSL_VERSION_C) + +/** + * Get the version number. + * + * \return The constructed version number in the format + * MMNNPP00 (Major, Minor, Patch). + */ +unsigned int version_get_number( void ); + +/** + * Get the version string ("x.y.z"). + * + * \param string The string that will receive the value. + * (Should be at least 9 bytes in size) + */ +void version_get_string( char *string ); + +/** + * Get the full version string ("PolarSSL x.y.z"). + * + * \param string The string that will receive the value. + * (Should be at least 18 bytes in size) + */ +void version_get_string_full( char *string ); + +#endif /* POLARSSL_VERSION_C */ + +#endif /* version.h */ diff --git a/polarssl/x509.h b/polarssl/x509.h new file mode 100644 index 0000000..71a51a9 --- /dev/null +++ b/polarssl/x509.h @@ -0,0 +1,778 @@ +/** + * \file x509.h + * + * \brief X.509 certificate and private key decoding + * + * Copyright (C) 2006-2011, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef POLARSSL_X509_H +#define POLARSSL_X509_H + +#include "polarssl/asn1.h" +#include "polarssl/rsa.h" +#include "polarssl/dhm.h" + +/** + * \addtogroup x509_module + * \{ + */ + +/** + * \name X509 Error codes + * \{ + */ +#define POLARSSL_ERR_X509_FEATURE_UNAVAILABLE -0x2080 /**< Unavailable feature, e.g. RSA hashing/encryption combination. */ +#define POLARSSL_ERR_X509_CERT_INVALID_PEM -0x2100 /**< The PEM-encoded certificate contains invalid elements, e.g. invalid character. */ +#define POLARSSL_ERR_X509_CERT_INVALID_FORMAT -0x2180 /**< The certificate format is invalid, e.g. different type expected. */ +#define POLARSSL_ERR_X509_CERT_INVALID_VERSION -0x2200 /**< The certificate version element is invalid. */ +#define POLARSSL_ERR_X509_CERT_INVALID_SERIAL -0x2280 /**< The serial tag or value is invalid. */ +#define POLARSSL_ERR_X509_CERT_INVALID_ALG -0x2300 /**< The algorithm tag or value is invalid. */ +#define POLARSSL_ERR_X509_CERT_INVALID_NAME -0x2380 /**< The name tag or value is invalid. */ +#define POLARSSL_ERR_X509_CERT_INVALID_DATE -0x2400 /**< The date tag or value is invalid. */ +#define POLARSSL_ERR_X509_CERT_INVALID_PUBKEY -0x2480 /**< The pubkey tag or value is invalid (only RSA is supported). */ +#define POLARSSL_ERR_X509_CERT_INVALID_SIGNATURE -0x2500 /**< The signature tag or value invalid. */ +#define POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS -0x2580 /**< The extension tag or value is invalid. */ +#define POLARSSL_ERR_X509_CERT_UNKNOWN_VERSION -0x2600 /**< Certificate or CRL has an unsupported version number. */ +#define POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG -0x2680 /**< Signature algorithm (oid) is unsupported. */ +#define POLARSSL_ERR_X509_UNKNOWN_PK_ALG -0x2700 /**< Key algorithm is unsupported (only RSA is supported). */ +#define POLARSSL_ERR_X509_CERT_SIG_MISMATCH -0x2780 /**< Certificate signature algorithms do not match. (see \c ::x509_cert sig_oid) */ +#define POLARSSL_ERR_X509_CERT_VERIFY_FAILED -0x2800 /**< Certificate verification failed, e.g. CRL, CA or signature check failed. */ +#define POLARSSL_ERR_X509_KEY_INVALID_VERSION -0x2880 /**< Unsupported RSA key version */ +#define POLARSSL_ERR_X509_KEY_INVALID_FORMAT -0x2900 /**< Invalid RSA key tag or value. */ +#define POLARSSL_ERR_X509_CERT_UNKNOWN_FORMAT -0x2980 /**< Format not recognized as DER or PEM. */ +#define POLARSSL_ERR_X509_INVALID_INPUT -0x2A00 /**< Input invalid. */ +#define POLARSSL_ERR_X509_MALLOC_FAILED -0x2A80 /**< Allocation of memory failed. */ +#define POLARSSL_ERR_X509_FILE_IO_ERROR -0x2B00 /**< Read/write of file failed. */ +#define POLARSSL_ERR_X509_PASSWORD_REQUIRED -0x2B80 /**< Private key password can't be empty. */ +#define POLARSSL_ERR_X509_PASSWORD_MISMATCH -0x2C00 /**< Given private key password does not allow for correct decryption. */ +/* \} name */ + + +/** + * \name X509 Verify codes + * \{ + */ +#define BADCERT_EXPIRED 0x01 /**< The certificate validity has expired. */ +#define BADCERT_REVOKED 0x02 /**< The certificate has been revoked (is on a CRL). */ +#define BADCERT_CN_MISMATCH 0x04 /**< The certificate Common Name (CN) does not match with the expected CN. */ +#define BADCERT_NOT_TRUSTED 0x08 /**< The certificate is not correctly signed by the trusted CA. */ +#define BADCRL_NOT_TRUSTED 0x10 /**< CRL is not correctly signed by the trusted CA. */ +#define BADCRL_EXPIRED 0x20 /**< CRL is expired. */ +#define BADCERT_MISSING 0x40 /**< Certificate was missing. */ +#define BADCERT_SKIP_VERIFY 0x80 /**< Certificate verification was skipped. */ +#define BADCERT_OTHER 0x0100 /**< Other reason (can be used by verify callback) */ +/* \} name */ +/* \} addtogroup x509_module */ + +/* + * various object identifiers + */ +#define X520_COMMON_NAME 3 +#define X520_COUNTRY 6 +#define X520_LOCALITY 7 +#define X520_STATE 8 +#define X520_ORGANIZATION 10 +#define X520_ORG_UNIT 11 +#define PKCS9_EMAIL 1 + +#define X509_OUTPUT_DER 0x01 +#define X509_OUTPUT_PEM 0x02 +#define PEM_LINE_LENGTH 72 +#define X509_ISSUER 0x01 +#define X509_SUBJECT 0x02 + +#define OID_X520 "\x55\x04" +#define OID_CN OID_X520 "\x03" +#define OID_COUNTRY OID_X520 "\x06" +#define OID_LOCALITY OID_X520 "\x07" +#define OID_STATE OID_X520 "\x08" +#define OID_ORGANIZATION OID_X520 "\x0A" +#define OID_ORG_UNIT OID_X520 "\x0B" + +#define OID_PKCS1 "\x2A\x86\x48\x86\xF7\x0D\x01\x01" +#define OID_PKCS1_RSA OID_PKCS1 "\x01" +#define OID_PKCS1_SHA1 OID_PKCS1 "\x05" + +#define OID_RSA_SHA_OBS "\x2B\x0E\x03\x02\x1D" + +#define OID_PKCS9 "\x2A\x86\x48\x86\xF7\x0D\x01\x09" +#define OID_PKCS9_EMAIL OID_PKCS9 "\x01" + +/** ISO arc for standard certificate and CRL extensions */ +#define OID_ID_CE "\x55\x1D" /**< id-ce OBJECT IDENTIFIER ::= {joint-iso-ccitt(2) ds(5) 29} */ + +/** + * Private Internet Extensions + * { iso(1) identified-organization(3) dod(6) internet(1) + * security(5) mechanisms(5) pkix(7) } + */ +#define OID_PKIX "\x2B\x06\x01\x05\x05\x07" + +/* + * OIDs for standard certificate extensions + */ +#define OID_AUTHORITY_KEY_IDENTIFIER OID_ID_CE "\x23" /**< id-ce-authorityKeyIdentifier OBJECT IDENTIFIER ::= { id-ce 35 } */ +#define OID_SUBJECT_KEY_IDENTIFIER OID_ID_CE "\x0E" /**< id-ce-subjectKeyIdentifier OBJECT IDENTIFIER ::= { id-ce 14 } */ +#define OID_KEY_USAGE OID_ID_CE "\x0F" /**< id-ce-keyUsage OBJECT IDENTIFIER ::= { id-ce 15 } */ +#define OID_CERTIFICATE_POLICIES OID_ID_CE "\x20" /**< id-ce-certificatePolicies OBJECT IDENTIFIER ::= { id-ce 32 } */ +#define OID_POLICY_MAPPINGS OID_ID_CE "\x21" /**< id-ce-policyMappings OBJECT IDENTIFIER ::= { id-ce 33 } */ +#define OID_SUBJECT_ALT_NAME OID_ID_CE "\x11" /**< id-ce-subjectAltName OBJECT IDENTIFIER ::= { id-ce 17 } */ +#define OID_ISSUER_ALT_NAME OID_ID_CE "\x12" /**< id-ce-issuerAltName OBJECT IDENTIFIER ::= { id-ce 18 } */ +#define OID_SUBJECT_DIRECTORY_ATTRS OID_ID_CE "\x09" /**< id-ce-subjectDirectoryAttributes OBJECT IDENTIFIER ::= { id-ce 9 } */ +#define OID_BASIC_CONSTRAINTS OID_ID_CE "\x13" /**< id-ce-basicConstraints OBJECT IDENTIFIER ::= { id-ce 19 } */ +#define OID_NAME_CONSTRAINTS OID_ID_CE "\x1E" /**< id-ce-nameConstraints OBJECT IDENTIFIER ::= { id-ce 30 } */ +#define OID_POLICY_CONSTRAINTS OID_ID_CE "\x24" /**< id-ce-policyConstraints OBJECT IDENTIFIER ::= { id-ce 36 } */ +#define OID_EXTENDED_KEY_USAGE OID_ID_CE "\x25" /**< id-ce-extKeyUsage OBJECT IDENTIFIER ::= { id-ce 37 } */ +#define OID_CRL_DISTRIBUTION_POINTS OID_ID_CE "\x1F" /**< id-ce-cRLDistributionPoints OBJECT IDENTIFIER ::= { id-ce 31 } */ +#define OID_INIHIBIT_ANYPOLICY OID_ID_CE "\x36" /**< id-ce-inhibitAnyPolicy OBJECT IDENTIFIER ::= { id-ce 54 } */ +#define OID_FRESHEST_CRL OID_ID_CE "\x2E" /**< id-ce-freshestCRL OBJECT IDENTIFIER ::= { id-ce 46 } */ + +/* + * X.509 v3 Key Usage Extension flags + */ +#define KU_DIGITAL_SIGNATURE (0x80) /* bit 0 */ +#define KU_NON_REPUDIATION (0x40) /* bit 1 */ +#define KU_KEY_ENCIPHERMENT (0x20) /* bit 2 */ +#define KU_DATA_ENCIPHERMENT (0x10) /* bit 3 */ +#define KU_KEY_AGREEMENT (0x08) /* bit 4 */ +#define KU_KEY_CERT_SIGN (0x04) /* bit 5 */ +#define KU_CRL_SIGN (0x02) /* bit 6 */ + +/* + * X.509 v3 Extended key usage OIDs + */ +#define OID_ANY_EXTENDED_KEY_USAGE OID_EXTENDED_KEY_USAGE "\x00" /**< anyExtendedKeyUsage OBJECT IDENTIFIER ::= { id-ce-extKeyUsage 0 } */ + +#define OID_KP OID_PKIX "\x03" /**< id-kp OBJECT IDENTIFIER ::= { id-pkix 3 } */ +#define OID_SERVER_AUTH OID_KP "\x01" /**< id-kp-serverAuth OBJECT IDENTIFIER ::= { id-kp 1 } */ +#define OID_CLIENT_AUTH OID_KP "\x02" /**< id-kp-clientAuth OBJECT IDENTIFIER ::= { id-kp 2 } */ +#define OID_CODE_SIGNING OID_KP "\x03" /**< id-kp-codeSigning OBJECT IDENTIFIER ::= { id-kp 3 } */ +#define OID_EMAIL_PROTECTION OID_KP "\x04" /**< id-kp-emailProtection OBJECT IDENTIFIER ::= { id-kp 4 } */ +#define OID_TIME_STAMPING OID_KP "\x08" /**< id-kp-timeStamping OBJECT IDENTIFIER ::= { id-kp 8 } */ +#define OID_OCSP_SIGNING OID_KP "\x09" /**< id-kp-OCSPSigning OBJECT IDENTIFIER ::= { id-kp 9 } */ + +#define STRING_SERVER_AUTH "TLS Web Server Authentication" +#define STRING_CLIENT_AUTH "TLS Web Client Authentication" +#define STRING_CODE_SIGNING "Code Signing" +#define STRING_EMAIL_PROTECTION "E-mail Protection" +#define STRING_TIME_STAMPING "Time Stamping" +#define STRING_OCSP_SIGNING "OCSP Signing" + +/* + * OIDs for CRL extensions + */ +#define OID_PRIVATE_KEY_USAGE_PERIOD OID_ID_CE "\x10" +#define OID_CRL_NUMBER OID_ID_CE "\x14" /**< id-ce-cRLNumber OBJECT IDENTIFIER ::= { id-ce 20 } */ + +/* + * Netscape certificate extensions + */ +#define OID_NETSCAPE "\x60\x86\x48\x01\x86\xF8\x42" /**< Netscape OID */ +#define OID_NS_CERT OID_NETSCAPE "\x01" +#define OID_NS_CERT_TYPE OID_NS_CERT "\x01" +#define OID_NS_BASE_URL OID_NS_CERT "\x02" +#define OID_NS_REVOCATION_URL OID_NS_CERT "\x03" +#define OID_NS_CA_REVOCATION_URL OID_NS_CERT "\x04" +#define OID_NS_RENEWAL_URL OID_NS_CERT "\x07" +#define OID_NS_CA_POLICY_URL OID_NS_CERT "\x08" +#define OID_NS_SSL_SERVER_NAME OID_NS_CERT "\x0C" +#define OID_NS_COMMENT OID_NS_CERT "\x0D" +#define OID_NS_DATA_TYPE OID_NETSCAPE "\x02" +#define OID_NS_CERT_SEQUENCE OID_NS_DATA_TYPE "\x05" + +/* + * Netscape certificate types + * (http://www.mozilla.org/projects/security/pki/nss/tech-notes/tn3.html) + */ + +#define NS_CERT_TYPE_SSL_CLIENT (0x80) /* bit 0 */ +#define NS_CERT_TYPE_SSL_SERVER (0x40) /* bit 1 */ +#define NS_CERT_TYPE_EMAIL (0x20) /* bit 2 */ +#define NS_CERT_TYPE_OBJECT_SIGNING (0x10) /* bit 3 */ +#define NS_CERT_TYPE_RESERVED (0x08) /* bit 4 */ +#define NS_CERT_TYPE_SSL_CA (0x04) /* bit 5 */ +#define NS_CERT_TYPE_EMAIL_CA (0x02) /* bit 6 */ +#define NS_CERT_TYPE_OBJECT_SIGNING_CA (0x01) /* bit 7 */ + +#define EXT_AUTHORITY_KEY_IDENTIFIER (1 << 0) +#define EXT_SUBJECT_KEY_IDENTIFIER (1 << 1) +#define EXT_KEY_USAGE (1 << 2) +#define EXT_CERTIFICATE_POLICIES (1 << 3) +#define EXT_POLICY_MAPPINGS (1 << 4) +#define EXT_SUBJECT_ALT_NAME (1 << 5) +#define EXT_ISSUER_ALT_NAME (1 << 6) +#define EXT_SUBJECT_DIRECTORY_ATTRS (1 << 7) +#define EXT_BASIC_CONSTRAINTS (1 << 8) +#define EXT_NAME_CONSTRAINTS (1 << 9) +#define EXT_POLICY_CONSTRAINTS (1 << 10) +#define EXT_EXTENDED_KEY_USAGE (1 << 11) +#define EXT_CRL_DISTRIBUTION_POINTS (1 << 12) +#define EXT_INIHIBIT_ANYPOLICY (1 << 13) +#define EXT_FRESHEST_CRL (1 << 14) + +#define EXT_NS_CERT_TYPE (1 << 16) + +/* + * Storage format identifiers + * Recognized formats: PEM and DER + */ +#define X509_FORMAT_DER 1 +#define X509_FORMAT_PEM 2 + +/** + * \addtogroup x509_module + * \{ */ + +/** + * \name Structures for parsing X.509 certificates and CRLs + * \{ + */ + +/** + * Type-length-value structure that allows for ASN1 using DER. + */ +typedef asn1_buf x509_buf; + +/** + * Container for ASN1 bit strings. + */ +typedef asn1_bitstring x509_bitstring; + +/** + * Container for ASN1 named information objects. + * It allows for Relative Distinguished Names (e.g. cn=polarssl,ou=code,etc.). + */ +typedef struct _x509_name +{ + x509_buf oid; /**< The object identifier. */ + x509_buf val; /**< The named value. */ + struct _x509_name *next; /**< The next named information object. */ +} +x509_name; + +/** + * Container for a sequence of ASN.1 items + */ +typedef asn1_sequence x509_sequence; + +/** Container for date and time (precision in seconds). */ +typedef struct _x509_time +{ + int year, mon, day; /**< Date. */ + int hour, min, sec; /**< Time. */ +} +x509_time; + +/** + * Container for an X.509 certificate. The certificate may be chained. + */ +typedef struct _x509_cert +{ + x509_buf raw; /**< The raw certificate data (DER). */ + x509_buf tbs; /**< The raw certificate body (DER). The part that is To Be Signed. */ + + int version; /**< The X.509 version. (0=v1, 1=v2, 2=v3) */ + x509_buf serial; /**< Unique id for certificate issued by a specific CA. */ + x509_buf sig_oid1; /**< Signature algorithm, e.g. sha1RSA */ + + x509_buf issuer_raw; /**< The raw issuer data (DER). Used for quick comparison. */ + x509_buf subject_raw; /**< The raw subject data (DER). Used for quick comparison. */ + + x509_name issuer; /**< The parsed issuer data (named information object). */ + x509_name subject; /**< The parsed subject data (named information object). */ + + x509_time valid_from; /**< Start time of certificate validity. */ + x509_time valid_to; /**< End time of certificate validity. */ + + x509_buf pk_oid; /**< Subject public key info. Includes the public key algorithm and the key itself. */ + rsa_context rsa; /**< Container for the RSA context. Only RSA is supported for public keys at this time. */ + + x509_buf issuer_id; /**< Optional X.509 v2/v3 issuer unique identifier. */ + x509_buf subject_id; /**< Optional X.509 v2/v3 subject unique identifier. */ + x509_buf v3_ext; /**< Optional X.509 v3 extensions. Only Basic Contraints are supported at this time. */ + x509_sequence subject_alt_names; /**< Optional list of Subject Alternative Names (Only dNSName supported). */ + + int ext_types; /**< Bit string containing detected and parsed extensions */ + int ca_istrue; /**< Optional Basic Constraint extension value: 1 if this certificate belongs to a CA, 0 otherwise. */ + int max_pathlen; /**< Optional Basic Constraint extension value: The maximum path length to the root certificate. Path length is 1 higher than RFC 5280 'meaning', so 1+ */ + + unsigned char key_usage; /**< Optional key usage extension value: See the values below */ + + x509_sequence ext_key_usage; /**< Optional list of extended key usage OIDs. */ + + unsigned char ns_cert_type; /**< Optional Netscape certificate type extension value: See the values below */ + + x509_buf sig_oid2; /**< Signature algorithm. Must match sig_oid1. */ + x509_buf sig; /**< Signature: hash of the tbs part signed with the private key. */ + int sig_alg; /**< Internal representation of the signature algorithm, e.g. SIG_RSA_MD2 */ + + struct _x509_cert *next; /**< Next certificate in the CA-chain. */ +} +x509_cert; + +/** + * Certificate revocation list entry. + * Contains the CA-specific serial numbers and revocation dates. + */ +typedef struct _x509_crl_entry +{ + x509_buf raw; + + x509_buf serial; + + x509_time revocation_date; + + x509_buf entry_ext; + + struct _x509_crl_entry *next; +} +x509_crl_entry; + +/** + * Certificate revocation list structure. + * Every CRL may have multiple entries. + */ +typedef struct _x509_crl +{ + x509_buf raw; /**< The raw certificate data (DER). */ + x509_buf tbs; /**< The raw certificate body (DER). The part that is To Be Signed. */ + + int version; + x509_buf sig_oid1; + + x509_buf issuer_raw; /**< The raw issuer data (DER). */ + + x509_name issuer; /**< The parsed issuer data (named information object). */ + + x509_time this_update; + x509_time next_update; + + x509_crl_entry entry; /**< The CRL entries containing the certificate revocation times for this CA. */ + + x509_buf crl_ext; + + x509_buf sig_oid2; + x509_buf sig; + int sig_alg; + + struct _x509_crl *next; +} +x509_crl; +/** \} name Structures for parsing X.509 certificates and CRLs */ +/** \} addtogroup x509_module */ + +/** + * \name Structures for writing X.509 certificates. + * XvP: commented out as they are not used. + * - typedef struct _x509_node x509_node; + * - typedef struct _x509_raw x509_raw; + */ +/* +typedef struct _x509_node +{ + unsigned char *data; + unsigned char *p; + unsigned char *end; + + size_t len; +} +x509_node; + +typedef struct _x509_raw +{ + x509_node raw; + x509_node tbs; + + x509_node version; + x509_node serial; + x509_node tbs_signalg; + x509_node issuer; + x509_node validity; + x509_node subject; + x509_node subpubkey; + + x509_node signalg; + x509_node sign; +} +x509_raw; +*/ + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \name Functions to read in DHM parameters, a certificate, CRL or private RSA key + * \{ + */ + +/** \ingroup x509_module */ +/** + * \brief Parse a single DER formatted certificate and add it + * to the chained list. + * + * \param chain points to the start of the chain + * \param buf buffer holding the certificate DER data + * \param buflen size of the buffer + * + * \return 0 if successful, or a specific X509 or PEM error code + */ +int x509parse_crt_der( x509_cert *chain, const unsigned char *buf, size_t buflen ); + +/** + * \brief Parse one or more certificates and add them + * to the chained list. Parses permissively. If some + * certificates can be parsed, the result is the number + * of failed certificates it encountered. If none complete + * correctly, the first error is returned. + * + * \param chain points to the start of the chain + * \param buf buffer holding the certificate data + * \param buflen size of the buffer + * + * \return 0 if all certificates parsed successfully, a positive number + * if partly successful or a specific X509 or PEM error code + */ +int x509parse_crt( x509_cert *chain, const unsigned char *buf, size_t buflen ); + +/** \ingroup x509_module */ +/** + * \brief Load one or more certificates and add them + * to the chained list. Parses permissively. If some + * certificates can be parsed, the result is the number + * of failed certificates it encountered. If none complete + * correctly, the first error is returned. + * + * \param chain points to the start of the chain + * \param path filename to read the certificates from + * + * \return 0 if all certificates parsed successfully, a positive number + * if partly successful or a specific X509 or PEM error code + */ +int x509parse_crtfile( x509_cert *chain, const char *path ); + +/** \ingroup x509_module */ +/** + * \brief Load one or more certificate files from a path and add them + * to the chained list. Parses permissively. If some + * certificates can be parsed, the result is the number + * of failed certificates it encountered. If none complete + * correctly, the first error is returned. + * + * \param chain points to the start of the chain + * \param path directory / folder to read the certificate files from + * + * \return 0 if all certificates parsed successfully, a positive number + * if partly successful or a specific X509 or PEM error code + */ +int x509parse_crtpath( x509_cert *chain, const char *path ); + +/** \ingroup x509_module */ +/** + * \brief Parse one or more CRLs and add them + * to the chained list + * + * \param chain points to the start of the chain + * \param buf buffer holding the CRL data + * \param buflen size of the buffer + * + * \return 0 if successful, or a specific X509 or PEM error code + */ +int x509parse_crl( x509_crl *chain, const unsigned char *buf, size_t buflen ); + +/** \ingroup x509_module */ +/** + * \brief Load one or more CRLs and add them + * to the chained list + * + * \param chain points to the start of the chain + * \param path filename to read the CRLs from + * + * \return 0 if successful, or a specific X509 or PEM error code + */ +int x509parse_crlfile( x509_crl *chain, const char *path ); + +/** \ingroup x509_module */ +/** + * \brief Parse a private RSA key + * + * \param rsa RSA context to be initialized + * \param key input buffer + * \param keylen size of the buffer + * \param pwd password for decryption (optional) + * \param pwdlen size of the password + * + * \return 0 if successful, or a specific X509 or PEM error code + */ +int x509parse_key( rsa_context *rsa, + const unsigned char *key, size_t keylen, + const unsigned char *pwd, size_t pwdlen ); + +/** \ingroup x509_module */ +/** + * \brief Load and parse a private RSA key + * + * \param rsa RSA context to be initialized + * \param path filename to read the private key from + * \param password password to decrypt the file (can be NULL) + * + * \return 0 if successful, or a specific X509 or PEM error code + */ +int x509parse_keyfile( rsa_context *rsa, const char *path, + const char *password ); + +/** \ingroup x509_module */ +/** + * \brief Parse a public RSA key + * + * \param rsa RSA context to be initialized + * \param key input buffer + * \param keylen size of the buffer + * + * \return 0 if successful, or a specific X509 or PEM error code + */ +int x509parse_public_key( rsa_context *rsa, + const unsigned char *key, size_t keylen ); + +/** \ingroup x509_module */ +/** + * \brief Load and parse a public RSA key + * + * \param rsa RSA context to be initialized + * \param path filename to read the private key from + * + * \return 0 if successful, or a specific X509 or PEM error code + */ +int x509parse_public_keyfile( rsa_context *rsa, const char *path ); + +/** \ingroup x509_module */ +/** + * \brief Parse DHM parameters + * + * \param dhm DHM context to be initialized + * \param dhmin input buffer + * \param dhminlen size of the buffer + * + * \return 0 if successful, or a specific X509 or PEM error code + */ +int x509parse_dhm( dhm_context *dhm, const unsigned char *dhmin, size_t dhminlen ); + +/** \ingroup x509_module */ +/** + * \brief Load and parse DHM parameters + * + * \param dhm DHM context to be initialized + * \param path filename to read the DHM Parameters from + * + * \return 0 if successful, or a specific X509 or PEM error code + */ +int x509parse_dhmfile( dhm_context *dhm, const char *path ); + +/** \} name Functions to read in DHM parameters, a certificate, CRL or private RSA key */ + +/** + * \brief Store the certificate DN in printable form into buf; + * no more than size characters will be written. + * + * \param buf Buffer to write to + * \param size Maximum size of buffer + * \param dn The X509 name to represent + * + * \return The amount of data written to the buffer, or -1 in + * case of an error. + */ +int x509parse_dn_gets( char *buf, size_t size, const x509_name *dn ); + +/** + * \brief Store the certificate serial in printable form into buf; + * no more than size characters will be written. + * + * \param buf Buffer to write to + * \param size Maximum size of buffer + * \param serial The X509 serial to represent + * + * \return The amount of data written to the buffer, or -1 in + * case of an error. + */ +int x509parse_serial_gets( char *buf, size_t size, const x509_buf *serial ); + +/** + * \brief Returns an informational string about the + * certificate. + * + * \param buf Buffer to write to + * \param size Maximum size of buffer + * \param prefix A line prefix + * \param crt The X509 certificate to represent + * + * \return The amount of data written to the buffer, or -1 in + * case of an error. + */ +int x509parse_cert_info( char *buf, size_t size, const char *prefix, + const x509_cert *crt ); + +/** + * \brief Returns an informational string about the + * CRL. + * + * \param buf Buffer to write to + * \param size Maximum size of buffer + * \param prefix A line prefix + * \param crl The X509 CRL to represent + * + * \return The amount of data written to the buffer, or -1 in + * case of an error. + */ +int x509parse_crl_info( char *buf, size_t size, const char *prefix, + const x509_crl *crl ); + +/** + * \brief Give an known OID, return its descriptive string. + * + * \param oid buffer containing the oid + * + * \return Return a string if the OID is known, + * or NULL otherwise. + */ +const char *x509_oid_get_description( x509_buf *oid ); + +/** + * \brief Give an OID, return a string version of its OID number. + * + * \param buf Buffer to write to + * \param size Maximum size of buffer + * \param oid Buffer containing the OID + * + * \return The amount of data written to the buffer, or -1 in + * case of an error. + */ +int x509_oid_get_numeric_string( char *buf, size_t size, x509_buf *oid ); + +/** + * \brief Check a given x509_time against the system time and check + * if it is valid. + * + * \param time x509_time to check + * + * \return Return 0 if the x509_time is still valid, + * or 1 otherwise. + */ +int x509parse_time_expired( const x509_time *time ); + +/** + * \name Functions to verify a certificate + * \{ + */ +/** \ingroup x509_module */ +/** + * \brief Verify the certificate signature + * + * The verify callback is a user-supplied callback that + * can clear / modify / add flags for a certificate. If set, + * the verification callback is called for each + * certificate in the chain (from the trust-ca down to the + * presented crt). The parameters for the callback are: + * (void *parameter, x509_cert *crt, int certificate_depth, + * int *flags). With the flags representing current flags for + * that specific certificate and the certificate depth from + * the bottom (Peer cert depth = 0). + * + * All flags left after returning from the callback + * are also returned to the application. The function should + * return 0 for anything but a fatal error. + * + * \param crt a certificate to be verified + * \param trust_ca the trusted CA chain + * \param ca_crl the CRL chain for trusted CA's + * \param cn expected Common Name (can be set to + * NULL if the CN must not be verified) + * \param flags result of the verification + * \param f_vrfy verification function + * \param p_vrfy verification parameter + * + * \return 0 if successful or POLARSSL_ERR_X509_SIG_VERIFY_FAILED, + * in which case *flags will have one or more of + * the following values set: + * BADCERT_EXPIRED -- + * BADCERT_REVOKED -- + * BADCERT_CN_MISMATCH -- + * BADCERT_NOT_TRUSTED + * or another error in case of a fatal error encountered + * during the verification process. + */ +int x509parse_verify( x509_cert *crt, + x509_cert *trust_ca, + x509_crl *ca_crl, + const char *cn, int *flags, + int (*f_vrfy)(void *, x509_cert *, int, int *), + void *p_vrfy ); + +/** + * \brief Verify the certificate signature + * + * \param crt a certificate to be verified + * \param crl the CRL to verify against + * + * \return 1 if the certificate is revoked, 0 otherwise + * + */ +int x509parse_revoked( const x509_cert *crt, const x509_crl *crl ); + +/** \} name Functions to verify a certificate */ + + + +/** + * \name Functions to clear a certificate, CRL or private RSA key + * \{ + */ +/** \ingroup x509_module */ +/** + * \brief Unallocate all certificate data + * + * \param crt Certificate chain to free + */ +void x509_free( x509_cert *crt ); + +/** \ingroup x509_module */ +/** + * \brief Unallocate all CRL data + * + * \param crl CRL chain to free + */ +void x509_crl_free( x509_crl *crl ); + +/** \} name Functions to clear a certificate, CRL or private RSA key */ + + +/** + * \brief Checkup routine + * + * \return 0 if successful, or 1 if the test failed + */ +int x509_self_test( int verbose ); + +#ifdef __cplusplus +} +#endif + +#endif /* x509.h */ diff --git a/polarssl/x509parse.c b/polarssl/x509parse.c new file mode 100644 index 0000000..77725e0 --- /dev/null +++ b/polarssl/x509parse.c @@ -0,0 +1,3809 @@ +/* + * X.509 certificate and private key decoding + * + * Copyright (C) 2006-2011, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +/* + * The ITU-T X.509 standard defines a certificate format for PKI. + * + * http://www.ietf.org/rfc/rfc3279.txt + * http://www.ietf.org/rfc/rfc3280.txt + * + * ftp://ftp.rsasecurity.com/pub/pkcs/ascii/pkcs-1v2.asc + * + * http://www.itu.int/ITU-T/studygroups/com17/languages/X.680-0207.pdf + * http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf + */ + +#include "polarssl/config.h" + +#if defined(POLARSSL_X509_PARSE_C) + +#include "polarssl/x509.h" +#include "polarssl/asn1.h" +#include "polarssl/pem.h" +#include "polarssl/des.h" +#if defined(POLARSSL_MD2_C) +#include "polarssl/md2.h" +#endif +#if defined(POLARSSL_MD4_C) +#include "polarssl/md4.h" +#endif +#if defined(POLARSSL_MD5_C) +#include "polarssl/md5.h" +#endif +#if defined(POLARSSL_SHA1_C) +#include "polarssl/sha1.h" +#endif +#if defined(POLARSSL_SHA2_C) +#include "polarssl/sha2.h" +#endif +#if defined(POLARSSL_SHA4_C) +#include "polarssl/sha4.h" +#endif +#include "polarssl/dhm.h" +#if defined(POLARSSL_PKCS5_C) +#include "polarssl/pkcs5.h" +#endif +#if defined(POLARSSL_PKCS12_C) +#include "polarssl/pkcs12.h" +#endif + +#include +#include +#if defined(_WIN32) +#include +#else +#include +#endif + +#if defined(POLARSSL_FS_IO) +#include +#if !defined(_WIN32) +#include +#include +#include +#endif +#endif + +/* Compare a given OID string with an OID x509_buf * */ +#define OID_CMP(oid_str, oid_buf) \ + ( ( OID_SIZE(oid_str) == (oid_buf)->len ) && \ + memcmp( (oid_str), (oid_buf)->p, (oid_buf)->len) == 0) + +/* + * Version ::= INTEGER { v1(0), v2(1), v3(2) } + */ +static int x509_get_version( unsigned char **p, + const unsigned char *end, + int *ver ) +{ + int ret; + size_t len; + + if( ( ret = asn1_get_tag( p, end, &len, + ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 0 ) ) != 0 ) + { + if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) + { + *ver = 0; + return( 0 ); + } + + return( ret ); + } + + end = *p + len; + + if( ( ret = asn1_get_int( p, end, ver ) ) != 0 ) + return( POLARSSL_ERR_X509_CERT_INVALID_VERSION + ret ); + + if( *p != end ) + return( POLARSSL_ERR_X509_CERT_INVALID_VERSION + + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + + return( 0 ); +} + +/* + * Version ::= INTEGER { v1(0), v2(1) } + */ +static int x509_crl_get_version( unsigned char **p, + const unsigned char *end, + int *ver ) +{ + int ret; + + if( ( ret = asn1_get_int( p, end, ver ) ) != 0 ) + { + if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) + { + *ver = 0; + return( 0 ); + } + + return( POLARSSL_ERR_X509_CERT_INVALID_VERSION + ret ); + } + + return( 0 ); +} + +/* + * CertificateSerialNumber ::= INTEGER + */ +static int x509_get_serial( unsigned char **p, + const unsigned char *end, + x509_buf *serial ) +{ + int ret; + + if( ( end - *p ) < 1 ) + return( POLARSSL_ERR_X509_CERT_INVALID_SERIAL + + POLARSSL_ERR_ASN1_OUT_OF_DATA ); + + if( **p != ( ASN1_CONTEXT_SPECIFIC | ASN1_PRIMITIVE | 2 ) && + **p != ASN1_INTEGER ) + return( POLARSSL_ERR_X509_CERT_INVALID_SERIAL + + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ); + + serial->tag = *(*p)++; + + if( ( ret = asn1_get_len( p, end, &serial->len ) ) != 0 ) + return( POLARSSL_ERR_X509_CERT_INVALID_SERIAL + ret ); + + serial->p = *p; + *p += serial->len; + + return( 0 ); +} + +/* + * AlgorithmIdentifier ::= SEQUENCE { + * algorithm OBJECT IDENTIFIER, + * parameters ANY DEFINED BY algorithm OPTIONAL } + */ +static int x509_get_alg( unsigned char **p, + const unsigned char *end, + x509_buf *alg ) +{ + int ret; + size_t len; + + if( ( ret = asn1_get_tag( p, end, &len, + ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + return( POLARSSL_ERR_X509_CERT_INVALID_ALG + ret ); + + end = *p + len; + alg->tag = **p; + + if( ( ret = asn1_get_tag( p, end, &alg->len, ASN1_OID ) ) != 0 ) + return( POLARSSL_ERR_X509_CERT_INVALID_ALG + ret ); + + alg->p = *p; + *p += alg->len; + + if( *p == end ) + return( 0 ); + + /* + * assume the algorithm parameters must be NULL + */ + if( ( ret = asn1_get_tag( p, end, &len, ASN1_NULL ) ) != 0 ) + return( POLARSSL_ERR_X509_CERT_INVALID_ALG + ret ); + + if( *p != end ) + return( POLARSSL_ERR_X509_CERT_INVALID_ALG + + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + + return( 0 ); +} + +/* + * AttributeTypeAndValue ::= SEQUENCE { + * type AttributeType, + * value AttributeValue } + * + * AttributeType ::= OBJECT IDENTIFIER + * + * AttributeValue ::= ANY DEFINED BY AttributeType + */ +static int x509_get_attr_type_value( unsigned char **p, + const unsigned char *end, + x509_name *cur ) +{ + int ret; + size_t len; + x509_buf *oid; + x509_buf *val; + + if( ( ret = asn1_get_tag( p, end, &len, + ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + return( POLARSSL_ERR_X509_CERT_INVALID_NAME + ret ); + + oid = &cur->oid; + oid->tag = **p; + + if( ( ret = asn1_get_tag( p, end, &oid->len, ASN1_OID ) ) != 0 ) + return( POLARSSL_ERR_X509_CERT_INVALID_NAME + ret ); + + oid->p = *p; + *p += oid->len; + + if( ( end - *p ) < 1 ) + return( POLARSSL_ERR_X509_CERT_INVALID_NAME + + POLARSSL_ERR_ASN1_OUT_OF_DATA ); + + if( **p != ASN1_BMP_STRING && **p != ASN1_UTF8_STRING && + **p != ASN1_T61_STRING && **p != ASN1_PRINTABLE_STRING && + **p != ASN1_IA5_STRING && **p != ASN1_UNIVERSAL_STRING ) + return( POLARSSL_ERR_X509_CERT_INVALID_NAME + + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ); + + val = &cur->val; + val->tag = *(*p)++; + + if( ( ret = asn1_get_len( p, end, &val->len ) ) != 0 ) + return( POLARSSL_ERR_X509_CERT_INVALID_NAME + ret ); + + val->p = *p; + *p += val->len; + + cur->next = NULL; + + return( 0 ); +} + +/* + * RelativeDistinguishedName ::= + * SET OF AttributeTypeAndValue + * + * AttributeTypeAndValue ::= SEQUENCE { + * type AttributeType, + * value AttributeValue } + * + * AttributeType ::= OBJECT IDENTIFIER + * + * AttributeValue ::= ANY DEFINED BY AttributeType + */ +static int x509_get_name( unsigned char **p, + const unsigned char *end, + x509_name *cur ) +{ + int ret; + size_t len; + const unsigned char *end2; + x509_name *use; + + if( ( ret = asn1_get_tag( p, end, &len, + ASN1_CONSTRUCTED | ASN1_SET ) ) != 0 ) + return( POLARSSL_ERR_X509_CERT_INVALID_NAME + ret ); + + end2 = end; + end = *p + len; + use = cur; + + do + { + if( ( ret = x509_get_attr_type_value( p, end, use ) ) != 0 ) + return( ret ); + + if( *p != end ) + { + use->next = (x509_name *) malloc( + sizeof( x509_name ) ); + + if( use->next == NULL ) + return( POLARSSL_ERR_X509_MALLOC_FAILED ); + + memset( use->next, 0, sizeof( x509_name ) ); + + use = use->next; + } + } + while( *p != end ); + + /* + * recurse until end of SEQUENCE is reached + */ + if( *p == end2 ) + return( 0 ); + + cur->next = (x509_name *) malloc( + sizeof( x509_name ) ); + + if( cur->next == NULL ) + return( POLARSSL_ERR_X509_MALLOC_FAILED ); + + memset( cur->next, 0, sizeof( x509_name ) ); + + return( x509_get_name( p, end2, cur->next ) ); +} + +/* + * Time ::= CHOICE { + * utcTime UTCTime, + * generalTime GeneralizedTime } + */ +static int x509_get_time( unsigned char **p, + const unsigned char *end, + x509_time *time ) +{ + int ret; + size_t len; + char date[64]; + unsigned char tag; + + if( ( end - *p ) < 1 ) + return( POLARSSL_ERR_X509_CERT_INVALID_DATE + + POLARSSL_ERR_ASN1_OUT_OF_DATA ); + + tag = **p; + + if ( tag == ASN1_UTC_TIME ) + { + (*p)++; + ret = asn1_get_len( p, end, &len ); + + if( ret != 0 ) + return( POLARSSL_ERR_X509_CERT_INVALID_DATE + ret ); + + memset( date, 0, sizeof( date ) ); + memcpy( date, *p, ( len < sizeof( date ) - 1 ) ? + len : sizeof( date ) - 1 ); + + if( sscanf( date, "%2d%2d%2d%2d%2d%2d", + &time->year, &time->mon, &time->day, + &time->hour, &time->min, &time->sec ) < 5 ) + return( POLARSSL_ERR_X509_CERT_INVALID_DATE ); + + time->year += 100 * ( time->year < 50 ); + time->year += 1900; + + *p += len; + + return( 0 ); + } + else if ( tag == ASN1_GENERALIZED_TIME ) + { + (*p)++; + ret = asn1_get_len( p, end, &len ); + + if( ret != 0 ) + return( POLARSSL_ERR_X509_CERT_INVALID_DATE + ret ); + + memset( date, 0, sizeof( date ) ); + memcpy( date, *p, ( len < sizeof( date ) - 1 ) ? + len : sizeof( date ) - 1 ); + + if( sscanf( date, "%4d%2d%2d%2d%2d%2d", + &time->year, &time->mon, &time->day, + &time->hour, &time->min, &time->sec ) < 5 ) + return( POLARSSL_ERR_X509_CERT_INVALID_DATE ); + + *p += len; + + return( 0 ); + } + else + return( POLARSSL_ERR_X509_CERT_INVALID_DATE + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ); +} + + +/* + * Validity ::= SEQUENCE { + * notBefore Time, + * notAfter Time } + */ +static int x509_get_dates( unsigned char **p, + const unsigned char *end, + x509_time *from, + x509_time *to ) +{ + int ret; + size_t len; + + if( ( ret = asn1_get_tag( p, end, &len, + ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + return( POLARSSL_ERR_X509_CERT_INVALID_DATE + ret ); + + end = *p + len; + + if( ( ret = x509_get_time( p, end, from ) ) != 0 ) + return( ret ); + + if( ( ret = x509_get_time( p, end, to ) ) != 0 ) + return( ret ); + + if( *p != end ) + return( POLARSSL_ERR_X509_CERT_INVALID_DATE + + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + + return( 0 ); +} + +/* + * SubjectPublicKeyInfo ::= SEQUENCE { + * algorithm AlgorithmIdentifier, + * subjectPublicKey BIT STRING } + */ +static int x509_get_pubkey( unsigned char **p, + const unsigned char *end, + x509_buf *pk_alg_oid, + mpi *N, mpi *E ) +{ + int ret; + size_t len; + unsigned char *end2; + + if( ( ret = x509_get_alg( p, end, pk_alg_oid ) ) != 0 ) + return( ret ); + + /* + * only RSA public keys handled at this time + */ + if( pk_alg_oid->len != 9 || + memcmp( pk_alg_oid->p, OID_PKCS1_RSA, 9 ) != 0 ) + { + return( POLARSSL_ERR_X509_UNKNOWN_PK_ALG ); + } + + if( ( ret = asn1_get_tag( p, end, &len, ASN1_BIT_STRING ) ) != 0 ) + return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + ret ); + + if( ( end - *p ) < 1 ) + return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + + POLARSSL_ERR_ASN1_OUT_OF_DATA ); + + end2 = *p + len; + + if( *(*p)++ != 0 ) + return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY ); + + /* + * RSAPublicKey ::= SEQUENCE { + * modulus INTEGER, -- n + * publicExponent INTEGER -- e + * } + */ + if( ( ret = asn1_get_tag( p, end2, &len, + ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + ret ); + + if( *p + len != end2 ) + return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + + if( ( ret = asn1_get_mpi( p, end2, N ) ) != 0 || + ( ret = asn1_get_mpi( p, end2, E ) ) != 0 ) + return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + ret ); + + if( *p != end ) + return( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + + return( 0 ); +} + +static int x509_get_sig( unsigned char **p, + const unsigned char *end, + x509_buf *sig ) +{ + int ret; + size_t len; + + if( ( end - *p ) < 1 ) + return( POLARSSL_ERR_X509_CERT_INVALID_SIGNATURE + + POLARSSL_ERR_ASN1_OUT_OF_DATA ); + + sig->tag = **p; + + if( ( ret = asn1_get_tag( p, end, &len, ASN1_BIT_STRING ) ) != 0 ) + return( POLARSSL_ERR_X509_CERT_INVALID_SIGNATURE + ret ); + + + if( --len < 1 || *(*p)++ != 0 ) + return( POLARSSL_ERR_X509_CERT_INVALID_SIGNATURE ); + + sig->len = len; + sig->p = *p; + + *p += len; + + return( 0 ); +} + +/* + * X.509 v2/v3 unique identifier (not parsed) + */ +static int x509_get_uid( unsigned char **p, + const unsigned char *end, + x509_buf *uid, int n ) +{ + int ret; + + if( *p == end ) + return( 0 ); + + uid->tag = **p; + + if( ( ret = asn1_get_tag( p, end, &uid->len, + ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | n ) ) != 0 ) + { + if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) + return( 0 ); + + return( ret ); + } + + uid->p = *p; + *p += uid->len; + + return( 0 ); +} + +/* + * X.509 Extensions (No parsing of extensions, pointer should + * be either manually updated or extensions should be parsed! + */ +static int x509_get_ext( unsigned char **p, + const unsigned char *end, + x509_buf *ext, int tag ) +{ + int ret; + size_t len; + + if( *p == end ) + return( 0 ); + + ext->tag = **p; + + if( ( ret = asn1_get_tag( p, end, &ext->len, + ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | tag ) ) != 0 ) + return( ret ); + + ext->p = *p; + end = *p + ext->len; + + /* + * Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension + * + * Extension ::= SEQUENCE { + * extnID OBJECT IDENTIFIER, + * critical BOOLEAN DEFAULT FALSE, + * extnValue OCTET STRING } + */ + if( ( ret = asn1_get_tag( p, end, &len, + ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret ); + + if( end != *p + len ) + return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + + return( 0 ); +} + +/* + * X.509 CRL v2 extensions (no extensions parsed yet.) + */ +static int x509_get_crl_ext( unsigned char **p, + const unsigned char *end, + x509_buf *ext ) +{ + int ret; + size_t len = 0; + + /* Get explicit tag */ + if( ( ret = x509_get_ext( p, end, ext, 0) ) != 0 ) + { + if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) + return( 0 ); + + return( ret ); + } + + while( *p < end ) + { + if( ( ret = asn1_get_tag( p, end, &len, + ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret ); + + *p += len; + } + + if( *p != end ) + return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + + return( 0 ); +} + +/* + * X.509 CRL v2 entry extensions (no extensions parsed yet.) + */ +static int x509_get_crl_entry_ext( unsigned char **p, + const unsigned char *end, + x509_buf *ext ) +{ + int ret; + size_t len = 0; + + /* OPTIONAL */ + if (end <= *p) + return( 0 ); + + ext->tag = **p; + ext->p = *p; + + /* + * Get CRL-entry extension sequence header + * crlEntryExtensions Extensions OPTIONAL -- if present, MUST be v2 + */ + if( ( ret = asn1_get_tag( p, end, &ext->len, + ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + { + if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) + { + ext->p = NULL; + return( 0 ); + } + return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret ); + } + + end = *p + ext->len; + + if( end != *p + ext->len ) + return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + + while( *p < end ) + { + if( ( ret = asn1_get_tag( p, end, &len, + ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret ); + + *p += len; + } + + if( *p != end ) + return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + + return( 0 ); +} + +static int x509_get_basic_constraints( unsigned char **p, + const unsigned char *end, + int *ca_istrue, + int *max_pathlen ) +{ + int ret; + size_t len; + + /* + * BasicConstraints ::= SEQUENCE { + * cA BOOLEAN DEFAULT FALSE, + * pathLenConstraint INTEGER (0..MAX) OPTIONAL } + */ + *ca_istrue = 0; /* DEFAULT FALSE */ + *max_pathlen = 0; /* endless */ + + if( ( ret = asn1_get_tag( p, end, &len, + ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret ); + + if( *p == end ) + return 0; + + if( ( ret = asn1_get_bool( p, end, ca_istrue ) ) != 0 ) + { + if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) + ret = asn1_get_int( p, end, ca_istrue ); + + if( ret != 0 ) + return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret ); + + if( *ca_istrue != 0 ) + *ca_istrue = 1; + } + + if( *p == end ) + return 0; + + if( ( ret = asn1_get_int( p, end, max_pathlen ) ) != 0 ) + return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret ); + + if( *p != end ) + return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + + (*max_pathlen)++; + + return 0; +} + +static int x509_get_ns_cert_type( unsigned char **p, + const unsigned char *end, + unsigned char *ns_cert_type) +{ + int ret; + x509_bitstring bs = { 0, 0, NULL }; + + if( ( ret = asn1_get_bitstring( p, end, &bs ) ) != 0 ) + return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret ); + + if( bs.len != 1 ) + return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + + POLARSSL_ERR_ASN1_INVALID_LENGTH ); + + /* Get actual bitstring */ + *ns_cert_type = *bs.p; + return 0; +} + +static int x509_get_key_usage( unsigned char **p, + const unsigned char *end, + unsigned char *key_usage) +{ + int ret; + x509_bitstring bs = { 0, 0, NULL }; + + if( ( ret = asn1_get_bitstring( p, end, &bs ) ) != 0 ) + return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret ); + + if( bs.len < 1 ) + return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + + POLARSSL_ERR_ASN1_INVALID_LENGTH ); + + /* Get actual bitstring */ + *key_usage = *bs.p; + return 0; +} + +/* + * ExtKeyUsageSyntax ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId + * + * KeyPurposeId ::= OBJECT IDENTIFIER + */ +static int x509_get_ext_key_usage( unsigned char **p, + const unsigned char *end, + x509_sequence *ext_key_usage) +{ + int ret; + + if( ( ret = asn1_get_sequence_of( p, end, ext_key_usage, ASN1_OID ) ) != 0 ) + return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret ); + + /* Sequence length must be >= 1 */ + if( ext_key_usage->buf.p == NULL ) + return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + + POLARSSL_ERR_ASN1_INVALID_LENGTH ); + + return 0; +} + +/* + * SubjectAltName ::= GeneralNames + * + * GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName + * + * GeneralName ::= CHOICE { + * otherName [0] OtherName, + * rfc822Name [1] IA5String, + * dNSName [2] IA5String, + * x400Address [3] ORAddress, + * directoryName [4] Name, + * ediPartyName [5] EDIPartyName, + * uniformResourceIdentifier [6] IA5String, + * iPAddress [7] OCTET STRING, + * registeredID [8] OBJECT IDENTIFIER } + * + * OtherName ::= SEQUENCE { + * type-id OBJECT IDENTIFIER, + * value [0] EXPLICIT ANY DEFINED BY type-id } + * + * EDIPartyName ::= SEQUENCE { + * nameAssigner [0] DirectoryString OPTIONAL, + * partyName [1] DirectoryString } + * + * NOTE: PolarSSL only parses and uses dNSName at this point. + */ +static int x509_get_subject_alt_name( unsigned char **p, + const unsigned char *end, + x509_sequence *subject_alt_name ) +{ + int ret; + size_t len, tag_len; + asn1_buf *buf; + unsigned char tag; + asn1_sequence *cur = subject_alt_name; + + /* Get main sequence tag */ + if( ( ret = asn1_get_tag( p, end, &len, + ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret ); + + if( *p + len != end ) + return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + + while( *p < end ) + { + if( ( end - *p ) < 1 ) + return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + + POLARSSL_ERR_ASN1_OUT_OF_DATA ); + + tag = **p; + (*p)++; + if( ( ret = asn1_get_len( p, end, &tag_len ) ) != 0 ) + return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret ); + + if( ( tag & ASN1_CONTEXT_SPECIFIC ) != ASN1_CONTEXT_SPECIFIC ) + return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ); + + if( tag != ( ASN1_CONTEXT_SPECIFIC | 2 ) ) + { + *p += tag_len; + continue; + } + + buf = &(cur->buf); + buf->tag = tag; + buf->p = *p; + buf->len = tag_len; + *p += buf->len; + + /* Allocate and assign next pointer */ + if (*p < end) + { + cur->next = (asn1_sequence *) malloc( + sizeof( asn1_sequence ) ); + + if( cur->next == NULL ) + return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + + POLARSSL_ERR_ASN1_MALLOC_FAILED ); + + memset( cur->next, 0, sizeof( asn1_sequence ) ); + cur = cur->next; + } + } + + /* Set final sequence entry's next pointer to NULL */ + cur->next = NULL; + + if( *p != end ) + return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + + return( 0 ); +} + +/* + * X.509 v3 extensions + * + * TODO: Perform all of the basic constraints tests required by the RFC + * TODO: Set values for undetected extensions to a sane default? + * + */ +static int x509_get_crt_ext( unsigned char **p, + const unsigned char *end, + x509_cert *crt ) +{ + int ret; + size_t len; + unsigned char *end_ext_data, *end_ext_octet; + + if( ( ret = x509_get_ext( p, end, &crt->v3_ext, 3 ) ) != 0 ) + { + if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) + return( 0 ); + + return( ret ); + } + + while( *p < end ) + { + /* + * Extension ::= SEQUENCE { + * extnID OBJECT IDENTIFIER, + * critical BOOLEAN DEFAULT FALSE, + * extnValue OCTET STRING } + */ + x509_buf extn_oid = {0, 0, NULL}; + int is_critical = 0; /* DEFAULT FALSE */ + + if( ( ret = asn1_get_tag( p, end, &len, + ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret ); + + end_ext_data = *p + len; + + /* Get extension ID */ + extn_oid.tag = **p; + + if( ( ret = asn1_get_tag( p, end, &extn_oid.len, ASN1_OID ) ) != 0 ) + return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret ); + + extn_oid.p = *p; + *p += extn_oid.len; + + if( ( end - *p ) < 1 ) + return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + + POLARSSL_ERR_ASN1_OUT_OF_DATA ); + + /* Get optional critical */ + if( ( ret = asn1_get_bool( p, end_ext_data, &is_critical ) ) != 0 && + ( ret != POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) ) + return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret ); + + /* Data should be octet string type */ + if( ( ret = asn1_get_tag( p, end_ext_data, &len, + ASN1_OCTET_STRING ) ) != 0 ) + return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + ret ); + + end_ext_octet = *p + len; + + if( end_ext_octet != end_ext_data ) + return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + + /* + * Detect supported extensions + */ + if( ( OID_SIZE( OID_BASIC_CONSTRAINTS ) == extn_oid.len ) && + memcmp( extn_oid.p, OID_BASIC_CONSTRAINTS, extn_oid.len ) == 0 ) + { + /* Parse basic constraints */ + if( ( ret = x509_get_basic_constraints( p, end_ext_octet, + &crt->ca_istrue, &crt->max_pathlen ) ) != 0 ) + return ( ret ); + crt->ext_types |= EXT_BASIC_CONSTRAINTS; + } + else if( ( OID_SIZE( OID_NS_CERT_TYPE ) == extn_oid.len ) && + memcmp( extn_oid.p, OID_NS_CERT_TYPE, extn_oid.len ) == 0 ) + { + /* Parse netscape certificate type */ + if( ( ret = x509_get_ns_cert_type( p, end_ext_octet, + &crt->ns_cert_type ) ) != 0 ) + return ( ret ); + crt->ext_types |= EXT_NS_CERT_TYPE; + } + else if( ( OID_SIZE( OID_KEY_USAGE ) == extn_oid.len ) && + memcmp( extn_oid.p, OID_KEY_USAGE, extn_oid.len ) == 0 ) + { + /* Parse key usage */ + if( ( ret = x509_get_key_usage( p, end_ext_octet, + &crt->key_usage ) ) != 0 ) + return ( ret ); + crt->ext_types |= EXT_KEY_USAGE; + } + else if( ( OID_SIZE( OID_EXTENDED_KEY_USAGE ) == extn_oid.len ) && + memcmp( extn_oid.p, OID_EXTENDED_KEY_USAGE, extn_oid.len ) == 0 ) + { + /* Parse extended key usage */ + if( ( ret = x509_get_ext_key_usage( p, end_ext_octet, + &crt->ext_key_usage ) ) != 0 ) + return ( ret ); + crt->ext_types |= EXT_EXTENDED_KEY_USAGE; + } + else if( ( OID_SIZE( OID_SUBJECT_ALT_NAME ) == extn_oid.len ) && + memcmp( extn_oid.p, OID_SUBJECT_ALT_NAME, extn_oid.len ) == 0 ) + { + /* Parse extended key usage */ + if( ( ret = x509_get_subject_alt_name( p, end_ext_octet, + &crt->subject_alt_names ) ) != 0 ) + return ( ret ); + crt->ext_types |= EXT_SUBJECT_ALT_NAME; + } + else + { + /* No parser found, skip extension */ + *p = end_ext_octet; + +#if !defined(POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION) + if( is_critical ) + { + /* Data is marked as critical: fail */ + return ( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ); + } +#endif + } + } + + if( *p != end ) + return( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + + return( 0 ); +} + +/* + * X.509 CRL Entries + */ +static int x509_get_entries( unsigned char **p, + const unsigned char *end, + x509_crl_entry *entry ) +{ + int ret; + size_t entry_len; + x509_crl_entry *cur_entry = entry; + + if( *p == end ) + return( 0 ); + + if( ( ret = asn1_get_tag( p, end, &entry_len, + ASN1_SEQUENCE | ASN1_CONSTRUCTED ) ) != 0 ) + { + if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) + return( 0 ); + + return( ret ); + } + + end = *p + entry_len; + + while( *p < end ) + { + size_t len2; + const unsigned char *end2; + + if( ( ret = asn1_get_tag( p, end, &len2, + ASN1_SEQUENCE | ASN1_CONSTRUCTED ) ) != 0 ) + { + return( ret ); + } + + cur_entry->raw.tag = **p; + cur_entry->raw.p = *p; + cur_entry->raw.len = len2; + end2 = *p + len2; + + if( ( ret = x509_get_serial( p, end2, &cur_entry->serial ) ) != 0 ) + return( ret ); + + if( ( ret = x509_get_time( p, end2, &cur_entry->revocation_date ) ) != 0 ) + return( ret ); + + if( ( ret = x509_get_crl_entry_ext( p, end2, &cur_entry->entry_ext ) ) != 0 ) + return( ret ); + + if ( *p < end ) + { + cur_entry->next = malloc( sizeof( x509_crl_entry ) ); + + if( cur_entry->next == NULL ) + return( POLARSSL_ERR_X509_MALLOC_FAILED ); + + cur_entry = cur_entry->next; + memset( cur_entry, 0, sizeof( x509_crl_entry ) ); + } + } + + return( 0 ); +} + +static int x509_get_sig_alg( const x509_buf *sig_oid, int *sig_alg ) +{ + if( sig_oid->len == 9 && + memcmp( sig_oid->p, OID_PKCS1, 8 ) == 0 ) + { + if( sig_oid->p[8] >= 2 && sig_oid->p[8] <= 5 ) + { + *sig_alg = sig_oid->p[8]; + return( 0 ); + } + + if ( sig_oid->p[8] >= 11 && sig_oid->p[8] <= 14 ) + { + *sig_alg = sig_oid->p[8]; + return( 0 ); + } + + return( POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG ); + } + if( sig_oid->len == 5 && + memcmp( sig_oid->p, OID_RSA_SHA_OBS, 5 ) == 0 ) + { + *sig_alg = SIG_RSA_SHA1; + return( 0 ); + } + + return( POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG ); +} + +/* + * Parse and fill a single X.509 certificate in DER format + */ +int x509parse_crt_der_core( x509_cert *crt, const unsigned char *buf, + size_t buflen ) +{ + int ret; + size_t len; + unsigned char *p, *end, *crt_end; + + /* + * Check for valid input + */ + if( crt == NULL || buf == NULL ) + return( POLARSSL_ERR_X509_INVALID_INPUT ); + + p = (unsigned char *) malloc( len = buflen ); + + if( p == NULL ) + return( POLARSSL_ERR_X509_MALLOC_FAILED ); + + memcpy( p, buf, buflen ); + + buflen = 0; + + crt->raw.p = p; + crt->raw.len = len; + end = p + len; + + /* + * Certificate ::= SEQUENCE { + * tbsCertificate TBSCertificate, + * signatureAlgorithm AlgorithmIdentifier, + * signatureValue BIT STRING } + */ + if( ( ret = asn1_get_tag( &p, end, &len, + ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + { + x509_free( crt ); + return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT ); + } + + if( len > (size_t) ( end - p ) ) + { + x509_free( crt ); + return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + } + crt_end = p + len; + + /* + * TBSCertificate ::= SEQUENCE { + */ + crt->tbs.p = p; + + if( ( ret = asn1_get_tag( &p, end, &len, + ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + { + x509_free( crt ); + return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + ret ); + } + + end = p + len; + crt->tbs.len = end - crt->tbs.p; + + /* + * Version ::= INTEGER { v1(0), v2(1), v3(2) } + * + * CertificateSerialNumber ::= INTEGER + * + * signature AlgorithmIdentifier + */ + if( ( ret = x509_get_version( &p, end, &crt->version ) ) != 0 || + ( ret = x509_get_serial( &p, end, &crt->serial ) ) != 0 || + ( ret = x509_get_alg( &p, end, &crt->sig_oid1 ) ) != 0 ) + { + x509_free( crt ); + return( ret ); + } + + crt->version++; + + if( crt->version > 3 ) + { + x509_free( crt ); + return( POLARSSL_ERR_X509_CERT_UNKNOWN_VERSION ); + } + + if( ( ret = x509_get_sig_alg( &crt->sig_oid1, &crt->sig_alg ) ) != 0 ) + { + x509_free( crt ); + return( ret ); + } + + /* + * issuer Name + */ + crt->issuer_raw.p = p; + + if( ( ret = asn1_get_tag( &p, end, &len, + ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + { + x509_free( crt ); + return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + ret ); + } + + if( ( ret = x509_get_name( &p, p + len, &crt->issuer ) ) != 0 ) + { + x509_free( crt ); + return( ret ); + } + + crt->issuer_raw.len = p - crt->issuer_raw.p; + + /* + * Validity ::= SEQUENCE { + * notBefore Time, + * notAfter Time } + * + */ + if( ( ret = x509_get_dates( &p, end, &crt->valid_from, + &crt->valid_to ) ) != 0 ) + { + x509_free( crt ); + return( ret ); + } + + /* + * subject Name + */ + crt->subject_raw.p = p; + + if( ( ret = asn1_get_tag( &p, end, &len, + ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + { + x509_free( crt ); + return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + ret ); + } + + if( len && ( ret = x509_get_name( &p, p + len, &crt->subject ) ) != 0 ) + { + x509_free( crt ); + return( ret ); + } + + crt->subject_raw.len = p - crt->subject_raw.p; + + /* + * SubjectPublicKeyInfo ::= SEQUENCE + * algorithm AlgorithmIdentifier, + * subjectPublicKey BIT STRING } + */ + if( ( ret = asn1_get_tag( &p, end, &len, + ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + { + x509_free( crt ); + return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + ret ); + } + + if( ( ret = x509_get_pubkey( &p, p + len, &crt->pk_oid, + &crt->rsa.N, &crt->rsa.E ) ) != 0 ) + { + x509_free( crt ); + return( ret ); + } + + if( ( ret = rsa_check_pubkey( &crt->rsa ) ) != 0 ) + { + x509_free( crt ); + return( ret ); + } + + crt->rsa.len = mpi_size( &crt->rsa.N ); + + /* + * issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL, + * -- If present, version shall be v2 or v3 + * subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL, + * -- If present, version shall be v2 or v3 + * extensions [3] EXPLICIT Extensions OPTIONAL + * -- If present, version shall be v3 + */ + if( crt->version == 2 || crt->version == 3 ) + { + ret = x509_get_uid( &p, end, &crt->issuer_id, 1 ); + if( ret != 0 ) + { + x509_free( crt ); + return( ret ); + } + } + + if( crt->version == 2 || crt->version == 3 ) + { + ret = x509_get_uid( &p, end, &crt->subject_id, 2 ); + if( ret != 0 ) + { + x509_free( crt ); + return( ret ); + } + } + + if( crt->version == 3 ) + { + ret = x509_get_crt_ext( &p, end, crt); + if( ret != 0 ) + { + x509_free( crt ); + return( ret ); + } + } + + if( p != end ) + { + x509_free( crt ); + return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + } + + end = crt_end; + + /* + * signatureAlgorithm AlgorithmIdentifier, + * signatureValue BIT STRING + */ + if( ( ret = x509_get_alg( &p, end, &crt->sig_oid2 ) ) != 0 ) + { + x509_free( crt ); + return( ret ); + } + + if( crt->sig_oid1.len != crt->sig_oid2.len || + memcmp( crt->sig_oid1.p, crt->sig_oid2.p, crt->sig_oid1.len ) != 0 ) + { + x509_free( crt ); + return( POLARSSL_ERR_X509_CERT_SIG_MISMATCH ); + } + + if( ( ret = x509_get_sig( &p, end, &crt->sig ) ) != 0 ) + { + x509_free( crt ); + return( ret ); + } + + if( p != end ) + { + x509_free( crt ); + return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + } + + return( 0 ); +} + +/* + * Parse one X.509 certificate in DER format from a buffer and add them to a + * chained list + */ +int x509parse_crt_der( x509_cert *chain, const unsigned char *buf, size_t buflen ) +{ + int ret; + x509_cert *crt = chain, *prev = NULL; + + /* + * Check for valid input + */ + if( crt == NULL || buf == NULL ) + return( POLARSSL_ERR_X509_INVALID_INPUT ); + + while( crt->version != 0 && crt->next != NULL ) + { + prev = crt; + crt = crt->next; + } + + /* + * Add new certificate on the end of the chain if needed. + */ + if ( crt->version != 0 && crt->next == NULL) + { + crt->next = (x509_cert *) malloc( sizeof( x509_cert ) ); + + if( crt->next == NULL ) + return( POLARSSL_ERR_X509_MALLOC_FAILED ); + + prev = crt; + crt = crt->next; + memset( crt, 0, sizeof( x509_cert ) ); + } + + if( ( ret = x509parse_crt_der_core( crt, buf, buflen ) ) != 0 ) + { + if( prev ) + prev->next = NULL; + + if( crt != chain ) + free( crt ); + + return( ret ); + } + + return( 0 ); +} + +/* + * Parse one or more PEM certificates from a buffer and add them to the chained list + */ +int x509parse_crt( x509_cert *chain, const unsigned char *buf, size_t buflen ) +{ + int ret, success = 0, first_error = 0, total_failed = 0; + int buf_format = X509_FORMAT_DER; + + /* + * Check for valid input + */ + if( chain == NULL || buf == NULL ) + return( POLARSSL_ERR_X509_INVALID_INPUT ); + + /* + * Determine buffer content. Buffer contains either one DER certificate or + * one or more PEM certificates. + */ +#if defined(POLARSSL_PEM_C) + if( strstr( (const char *) buf, "-----BEGIN CERTIFICATE-----" ) != NULL ) + buf_format = X509_FORMAT_PEM; +#endif + + if( buf_format == X509_FORMAT_DER ) + return x509parse_crt_der( chain, buf, buflen ); + +#if defined(POLARSSL_PEM_C) + if( buf_format == X509_FORMAT_PEM ) + { + pem_context pem; + + while( buflen > 0 ) + { + size_t use_len; + pem_init( &pem ); + + ret = pem_read_buffer( &pem, + "-----BEGIN CERTIFICATE-----", + "-----END CERTIFICATE-----", + buf, NULL, 0, &use_len ); + + if( ret == 0 ) + { + /* + * Was PEM encoded + */ + buflen -= use_len; + buf += use_len; + } + else if( ret == POLARSSL_ERR_PEM_BAD_INPUT_DATA ) + { + return( ret ); + } + else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) + { + pem_free( &pem ); + + /* + * PEM header and footer were found + */ + buflen -= use_len; + buf += use_len; + + if( first_error == 0 ) + first_error = ret; + + continue; + } + else + break; + + ret = x509parse_crt_der( chain, pem.buf, pem.buflen ); + + pem_free( &pem ); + + if( ret != 0 ) + { + /* + * Quit parsing on a memory error + */ + if( ret == POLARSSL_ERR_X509_MALLOC_FAILED ) + return( ret ); + + if( first_error == 0 ) + first_error = ret; + + total_failed++; + continue; + } + + success = 1; + } + } +#endif + + if( success ) + return( total_failed ); + else if( first_error ) + return( first_error ); + else + return( POLARSSL_ERR_X509_CERT_UNKNOWN_FORMAT ); +} + +/* + * Parse one or more CRLs and add them to the chained list + */ +int x509parse_crl( x509_crl *chain, const unsigned char *buf, size_t buflen ) +{ + int ret; + size_t len; + unsigned char *p, *end; + x509_crl *crl; +#if defined(POLARSSL_PEM_C) + size_t use_len; + pem_context pem; +#endif + + crl = chain; + + /* + * Check for valid input + */ + if( crl == NULL || buf == NULL ) + return( POLARSSL_ERR_X509_INVALID_INPUT ); + + while( crl->version != 0 && crl->next != NULL ) + crl = crl->next; + + /* + * Add new CRL on the end of the chain if needed. + */ + if ( crl->version != 0 && crl->next == NULL) + { + crl->next = (x509_crl *) malloc( sizeof( x509_crl ) ); + + if( crl->next == NULL ) + { + x509_crl_free( crl ); + return( POLARSSL_ERR_X509_MALLOC_FAILED ); + } + + crl = crl->next; + memset( crl, 0, sizeof( x509_crl ) ); + } + +#if defined(POLARSSL_PEM_C) + pem_init( &pem ); + ret = pem_read_buffer( &pem, + "-----BEGIN X509 CRL-----", + "-----END X509 CRL-----", + buf, NULL, 0, &use_len ); + + if( ret == 0 ) + { + /* + * Was PEM encoded + */ + buflen -= use_len; + buf += use_len; + + /* + * Steal PEM buffer + */ + p = pem.buf; + pem.buf = NULL; + len = pem.buflen; + pem_free( &pem ); + } + else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) + { + pem_free( &pem ); + return( ret ); + } + else + { + /* + * nope, copy the raw DER data + */ + p = (unsigned char *) malloc( len = buflen ); + + if( p == NULL ) + return( POLARSSL_ERR_X509_MALLOC_FAILED ); + + memcpy( p, buf, buflen ); + + buflen = 0; + } +#else + p = (unsigned char *) malloc( len = buflen ); + + if( p == NULL ) + return( POLARSSL_ERR_X509_MALLOC_FAILED ); + + memcpy( p, buf, buflen ); + + buflen = 0; +#endif + + crl->raw.p = p; + crl->raw.len = len; + end = p + len; + + /* + * CertificateList ::= SEQUENCE { + * tbsCertList TBSCertList, + * signatureAlgorithm AlgorithmIdentifier, + * signatureValue BIT STRING } + */ + if( ( ret = asn1_get_tag( &p, end, &len, + ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + { + x509_crl_free( crl ); + return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT ); + } + + if( len != (size_t) ( end - p ) ) + { + x509_crl_free( crl ); + return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + } + + /* + * TBSCertList ::= SEQUENCE { + */ + crl->tbs.p = p; + + if( ( ret = asn1_get_tag( &p, end, &len, + ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + { + x509_crl_free( crl ); + return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + ret ); + } + + end = p + len; + crl->tbs.len = end - crl->tbs.p; + + /* + * Version ::= INTEGER OPTIONAL { v1(0), v2(1) } + * -- if present, MUST be v2 + * + * signature AlgorithmIdentifier + */ + if( ( ret = x509_crl_get_version( &p, end, &crl->version ) ) != 0 || + ( ret = x509_get_alg( &p, end, &crl->sig_oid1 ) ) != 0 ) + { + x509_crl_free( crl ); + return( ret ); + } + + crl->version++; + + if( crl->version > 2 ) + { + x509_crl_free( crl ); + return( POLARSSL_ERR_X509_CERT_UNKNOWN_VERSION ); + } + + if( ( ret = x509_get_sig_alg( &crl->sig_oid1, &crl->sig_alg ) ) != 0 ) + { + x509_crl_free( crl ); + return( POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG ); + } + + /* + * issuer Name + */ + crl->issuer_raw.p = p; + + if( ( ret = asn1_get_tag( &p, end, &len, + ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + { + x509_crl_free( crl ); + return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + ret ); + } + + if( ( ret = x509_get_name( &p, p + len, &crl->issuer ) ) != 0 ) + { + x509_crl_free( crl ); + return( ret ); + } + + crl->issuer_raw.len = p - crl->issuer_raw.p; + + /* + * thisUpdate Time + * nextUpdate Time OPTIONAL + */ + if( ( ret = x509_get_time( &p, end, &crl->this_update ) ) != 0 ) + { + x509_crl_free( crl ); + return( ret ); + } + + if( ( ret = x509_get_time( &p, end, &crl->next_update ) ) != 0 ) + { + if ( ret != ( POLARSSL_ERR_X509_CERT_INVALID_DATE + + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) && + ret != ( POLARSSL_ERR_X509_CERT_INVALID_DATE + + POLARSSL_ERR_ASN1_OUT_OF_DATA ) ) + { + x509_crl_free( crl ); + return( ret ); + } + } + + /* + * revokedCertificates SEQUENCE OF SEQUENCE { + * userCertificate CertificateSerialNumber, + * revocationDate Time, + * crlEntryExtensions Extensions OPTIONAL + * -- if present, MUST be v2 + * } OPTIONAL + */ + if( ( ret = x509_get_entries( &p, end, &crl->entry ) ) != 0 ) + { + x509_crl_free( crl ); + return( ret ); + } + + /* + * crlExtensions EXPLICIT Extensions OPTIONAL + * -- if present, MUST be v2 + */ + if( crl->version == 2 ) + { + ret = x509_get_crl_ext( &p, end, &crl->crl_ext ); + + if( ret != 0 ) + { + x509_crl_free( crl ); + return( ret ); + } + } + + if( p != end ) + { + x509_crl_free( crl ); + return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + } + + end = crl->raw.p + crl->raw.len; + + /* + * signatureAlgorithm AlgorithmIdentifier, + * signatureValue BIT STRING + */ + if( ( ret = x509_get_alg( &p, end, &crl->sig_oid2 ) ) != 0 ) + { + x509_crl_free( crl ); + return( ret ); + } + + if( crl->sig_oid1.len != crl->sig_oid2.len || + memcmp( crl->sig_oid1.p, crl->sig_oid2.p, crl->sig_oid1.len ) != 0 ) + { + x509_crl_free( crl ); + return( POLARSSL_ERR_X509_CERT_SIG_MISMATCH ); + } + + if( ( ret = x509_get_sig( &p, end, &crl->sig ) ) != 0 ) + { + x509_crl_free( crl ); + return( ret ); + } + + if( p != end ) + { + x509_crl_free( crl ); + return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + } + + if( buflen > 0 ) + { + crl->next = (x509_crl *) malloc( sizeof( x509_crl ) ); + + if( crl->next == NULL ) + { + x509_crl_free( crl ); + return( POLARSSL_ERR_X509_MALLOC_FAILED ); + } + + crl = crl->next; + memset( crl, 0, sizeof( x509_crl ) ); + + return( x509parse_crl( crl, buf, buflen ) ); + } + + return( 0 ); +} + +#if defined(POLARSSL_FS_IO) +/* + * Load all data from a file into a given buffer. + */ +int load_file( const char *path, unsigned char **buf, size_t *n ) +{ + FILE *f; + + if( ( f = fopen( path, "rb" ) ) == NULL ) + return( POLARSSL_ERR_X509_FILE_IO_ERROR ); + + fseek( f, 0, SEEK_END ); + *n = (size_t) ftell( f ); + fseek( f, 0, SEEK_SET ); + + if( ( *buf = (unsigned char *) malloc( *n + 1 ) ) == NULL ) + return( POLARSSL_ERR_X509_MALLOC_FAILED ); + + if( fread( *buf, 1, *n, f ) != *n ) + { + fclose( f ); + free( *buf ); + return( POLARSSL_ERR_X509_FILE_IO_ERROR ); + } + + fclose( f ); + + (*buf)[*n] = '\0'; + + return( 0 ); +} + +/* + * Load one or more certificates and add them to the chained list + */ +int x509parse_crtfile( x509_cert *chain, const char *path ) +{ + int ret; + size_t n; + unsigned char *buf; + + if ( (ret = load_file( path, &buf, &n ) ) != 0 ) + return( ret ); + + ret = x509parse_crt( chain, buf, n ); + + memset( buf, 0, n + 1 ); + free( buf ); + + return( ret ); +} + +int x509parse_crtpath( x509_cert *chain, const char *path ) +{ + int ret = 0; +#if defined(_WIN32) + int w_ret; + WCHAR szDir[MAX_PATH]; + char filename[MAX_PATH]; + char *p; + int len = strlen( path ); + + WIN32_FIND_DATAW file_data; + HANDLE hFind; + + if( len > MAX_PATH - 3 ) + return( POLARSSL_ERR_X509_INVALID_INPUT ); + + memset( szDir, 0, sizeof(szDir) ); + memset( filename, 0, MAX_PATH ); + memcpy( filename, path, len ); + filename[len++] = '\\'; + p = filename + len; + filename[len++] = '*'; + + w_ret = MultiByteToWideChar( CP_ACP, 0, path, len, szDir, MAX_PATH - 3 ); + + hFind = FindFirstFileW( szDir, &file_data ); + if (hFind == INVALID_HANDLE_VALUE) + return( POLARSSL_ERR_X509_FILE_IO_ERROR ); + + len = MAX_PATH - len; + do + { + memset( p, 0, len ); + + if( file_data.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY ) + continue; + + w_ret = WideCharToMultiByte( CP_ACP, 0, file_data.cFileName, + lstrlenW(file_data.cFileName), + p, len - 1, + NULL, NULL ); + + w_ret = x509parse_crtfile( chain, filename ); + if( w_ret < 0 ) + ret++; + else + ret += w_ret; + } + while( FindNextFileW( hFind, &file_data ) != 0 ); + + if (GetLastError() != ERROR_NO_MORE_FILES) + ret = POLARSSL_ERR_X509_FILE_IO_ERROR; + +cleanup: + FindClose( hFind ); +#else + int t_ret, i; + struct stat sb; + struct dirent entry, *result = NULL; + char entry_name[255]; + DIR *dir = opendir( path ); + + if( dir == NULL) + return( POLARSSL_ERR_X509_FILE_IO_ERROR ); + + while( ( t_ret = readdir_r( dir, &entry, &result ) ) == 0 ) + { + if( result == NULL ) + break; + + snprintf( entry_name, sizeof(entry_name), "%s/%s", path, entry.d_name ); + + i = stat( entry_name, &sb ); + + if( i == -1 ) + return( POLARSSL_ERR_X509_FILE_IO_ERROR ); + + if( !S_ISREG( sb.st_mode ) ) + continue; + + // Ignore parse errors + // + t_ret = x509parse_crtfile( chain, entry_name ); + if( t_ret < 0 ) + ret++; + else + ret += t_ret; + } + closedir( dir ); +#endif + + return( ret ); +} + +/* + * Load one or more CRLs and add them to the chained list + */ +int x509parse_crlfile( x509_crl *chain, const char *path ) +{ + int ret; + size_t n; + unsigned char *buf; + + if ( (ret = load_file( path, &buf, &n ) ) != 0 ) + return( ret ); + + ret = x509parse_crl( chain, buf, n ); + + memset( buf, 0, n + 1 ); + free( buf ); + + return( ret ); +} + +/* + * Load and parse a private RSA key + */ +int x509parse_keyfile( rsa_context *rsa, const char *path, const char *pwd ) +{ + int ret; + size_t n; + unsigned char *buf; + + if ( (ret = load_file( path, &buf, &n ) ) != 0 ) + return( ret ); + + if( pwd == NULL ) + ret = x509parse_key( rsa, buf, n, NULL, 0 ); + else + ret = x509parse_key( rsa, buf, n, + (unsigned char *) pwd, strlen( pwd ) ); + + memset( buf, 0, n + 1 ); + free( buf ); + + return( ret ); +} + +/* + * Load and parse a public RSA key + */ +int x509parse_public_keyfile( rsa_context *rsa, const char *path ) +{ + int ret; + size_t n; + unsigned char *buf; + + if ( (ret = load_file( path, &buf, &n ) ) != 0 ) + return( ret ); + + ret = x509parse_public_key( rsa, buf, n ); + + memset( buf, 0, n + 1 ); + free( buf ); + + return( ret ); +} +#endif /* POLARSSL_FS_IO */ + +/* + * Parse a PKCS#1 encoded private RSA key + */ +static int x509parse_key_pkcs1_der( rsa_context *rsa, + const unsigned char *key, + size_t keylen ) +{ + int ret; + size_t len; + unsigned char *p, *end; + + p = (unsigned char *) key; + end = p + keylen; + + /* + * This function parses the RSAPrivateKey (PKCS#1) + * + * RSAPrivateKey ::= SEQUENCE { + * version Version, + * modulus INTEGER, -- n + * publicExponent INTEGER, -- e + * privateExponent INTEGER, -- d + * prime1 INTEGER, -- p + * prime2 INTEGER, -- q + * exponent1 INTEGER, -- d mod (p-1) + * exponent2 INTEGER, -- d mod (q-1) + * coefficient INTEGER, -- (inverse of q) mod p + * otherPrimeInfos OtherPrimeInfos OPTIONAL + * } + */ + if( ( ret = asn1_get_tag( &p, end, &len, + ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + { + return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret ); + } + + end = p + len; + + if( ( ret = asn1_get_int( &p, end, &rsa->ver ) ) != 0 ) + { + return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret ); + } + + if( rsa->ver != 0 ) + { + return( POLARSSL_ERR_X509_KEY_INVALID_VERSION + ret ); + } + + if( ( ret = asn1_get_mpi( &p, end, &rsa->N ) ) != 0 || + ( ret = asn1_get_mpi( &p, end, &rsa->E ) ) != 0 || + ( ret = asn1_get_mpi( &p, end, &rsa->D ) ) != 0 || + ( ret = asn1_get_mpi( &p, end, &rsa->P ) ) != 0 || + ( ret = asn1_get_mpi( &p, end, &rsa->Q ) ) != 0 || + ( ret = asn1_get_mpi( &p, end, &rsa->DP ) ) != 0 || + ( ret = asn1_get_mpi( &p, end, &rsa->DQ ) ) != 0 || + ( ret = asn1_get_mpi( &p, end, &rsa->QP ) ) != 0 ) + { + rsa_free( rsa ); + return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret ); + } + + rsa->len = mpi_size( &rsa->N ); + + if( p != end ) + { + rsa_free( rsa ); + return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + } + + if( ( ret = rsa_check_privkey( rsa ) ) != 0 ) + { + rsa_free( rsa ); + return( ret ); + } + + return( 0 ); +} + +/* + * Parse an unencrypted PKCS#8 encoded private RSA key + */ +static int x509parse_key_pkcs8_unencrypted_der( + rsa_context *rsa, + const unsigned char *key, + size_t keylen ) +{ + int ret; + size_t len; + unsigned char *p, *end; + x509_buf pk_alg_oid; + + p = (unsigned char *) key; + end = p + keylen; + + /* + * This function parses the PrivatKeyInfo object (PKCS#8) + * + * PrivateKeyInfo ::= SEQUENCE { + * version Version, + * algorithm AlgorithmIdentifier, + * PrivateKey BIT STRING + * } + * + * AlgorithmIdentifier ::= SEQUENCE { + * algorithm OBJECT IDENTIFIER, + * parameters ANY DEFINED BY algorithm OPTIONAL + * } + * + * The PrivateKey BIT STRING is a PKCS#1 RSAPrivateKey + */ + if( ( ret = asn1_get_tag( &p, end, &len, + ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + { + return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret ); + } + + end = p + len; + + if( ( ret = asn1_get_int( &p, end, &rsa->ver ) ) != 0 ) + { + return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret ); + } + + if( rsa->ver != 0 ) + { + return( POLARSSL_ERR_X509_KEY_INVALID_VERSION + ret ); + } + + if( ( ret = x509_get_alg( &p, end, &pk_alg_oid ) ) != 0 ) + { + return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret ); + } + + /* + * only RSA keys handled at this time + */ + if( pk_alg_oid.len != 9 || + memcmp( pk_alg_oid.p, OID_PKCS1_RSA, 9 ) != 0 ) + { + return( POLARSSL_ERR_X509_UNKNOWN_PK_ALG ); + } + + /* + * Get the OCTET STRING and parse the PKCS#1 format inside + */ + if( ( ret = asn1_get_tag( &p, end, &len, ASN1_OCTET_STRING ) ) != 0 ) + return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret ); + + if( ( end - p ) < 1 ) + { + return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + + POLARSSL_ERR_ASN1_OUT_OF_DATA ); + } + + end = p + len; + + if( ( ret = x509parse_key_pkcs1_der( rsa, p, end - p ) ) != 0 ) + return( ret ); + + return( 0 ); +} + +/* + * Parse an encrypted PKCS#8 encoded private RSA key + */ +static int x509parse_key_pkcs8_encrypted_der( + rsa_context *rsa, + const unsigned char *key, + size_t keylen, + const unsigned char *pwd, + size_t pwdlen ) +{ + int ret; + size_t len; + unsigned char *p, *end, *end2; + x509_buf pbe_alg_oid, pbe_params; + unsigned char buf[2048]; + + memset(buf, 0, 2048); + + p = (unsigned char *) key; + end = p + keylen; + + if( pwdlen == 0 ) + return( POLARSSL_ERR_X509_PASSWORD_REQUIRED ); + + /* + * This function parses the EncryptedPrivatKeyInfo object (PKCS#8) + * + * EncryptedPrivateKeyInfo ::= SEQUENCE { + * encryptionAlgorithm EncryptionAlgorithmIdentifier, + * encryptedData EncryptedData + * } + * + * EncryptionAlgorithmIdentifier ::= AlgorithmIdentifier + * + * EncryptedData ::= OCTET STRING + * + * The EncryptedData OCTET STRING is a PKCS#8 PrivateKeyInfo + */ + if( ( ret = asn1_get_tag( &p, end, &len, + ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + { + return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret ); + } + + end = p + len; + + if( ( ret = asn1_get_tag( &p, end, &len, + ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + { + return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret ); + } + + end2 = p + len; + + if( ( ret = asn1_get_tag( &p, end, &pbe_alg_oid.len, ASN1_OID ) ) != 0 ) + return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret ); + + pbe_alg_oid.p = p; + p += pbe_alg_oid.len; + + /* + * Store the algorithm parameters + */ + pbe_params.p = p; + pbe_params.len = end2 - p; + p += pbe_params.len; + + if( ( ret = asn1_get_tag( &p, end, &len, ASN1_OCTET_STRING ) ) != 0 ) + return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret ); + + // buf has been sized to 2048 bytes + if( len > 2048 ) + return( POLARSSL_ERR_X509_INVALID_INPUT ); + + /* + * Decrypt EncryptedData with appropriate PDE + */ +#if defined(POLARSSL_PKCS12_C) + if( OID_CMP( OID_PKCS12_PBE_SHA1_DES3_EDE_CBC, &pbe_alg_oid ) ) + { + if( ( ret = pkcs12_pbe( &pbe_params, PKCS12_PBE_DECRYPT, + POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, + pwd, pwdlen, p, len, buf ) ) != 0 ) + { + if( ret == POLARSSL_ERR_PKCS12_PASSWORD_MISMATCH ) + return( POLARSSL_ERR_X509_PASSWORD_MISMATCH ); + + return( ret ); + } + } + else if( OID_CMP( OID_PKCS12_PBE_SHA1_DES2_EDE_CBC, &pbe_alg_oid ) ) + { + if( ( ret = pkcs12_pbe( &pbe_params, PKCS12_PBE_DECRYPT, + POLARSSL_CIPHER_DES_EDE_CBC, POLARSSL_MD_SHA1, + pwd, pwdlen, p, len, buf ) ) != 0 ) + { + if( ret == POLARSSL_ERR_PKCS12_PASSWORD_MISMATCH ) + return( POLARSSL_ERR_X509_PASSWORD_MISMATCH ); + + return( ret ); + } + } + else if( OID_CMP( OID_PKCS12_PBE_SHA1_RC4_128, &pbe_alg_oid ) ) + { + if( ( ret = pkcs12_pbe_sha1_rc4_128( &pbe_params, + PKCS12_PBE_DECRYPT, + pwd, pwdlen, + p, len, buf ) ) != 0 ) + { + return( ret ); + } + + // Best guess for password mismatch when using RC4. If first tag is + // not ASN1_CONSTRUCTED | ASN1_SEQUENCE + // + if( *buf != ( ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) + return( POLARSSL_ERR_X509_PASSWORD_MISMATCH ); + } + else +#endif /* POLARSSL_PKCS12_C */ +#if defined(POLARSSL_PKCS5_C) + if( OID_CMP( OID_PKCS5_PBES2, &pbe_alg_oid ) ) + { + if( ( ret = pkcs5_pbes2( &pbe_params, PKCS5_DECRYPT, pwd, pwdlen, + p, len, buf ) ) != 0 ) + { + if( ret == POLARSSL_ERR_PKCS5_PASSWORD_MISMATCH ) + return( POLARSSL_ERR_X509_PASSWORD_MISMATCH ); + + return( ret ); + } + } + else +#endif /* POLARSSL_PKCS5_C */ + return( POLARSSL_ERR_X509_FEATURE_UNAVAILABLE ); + + return x509parse_key_pkcs8_unencrypted_der( rsa, buf, len ); +} + +/* + * Parse a private RSA key + */ +int x509parse_key( rsa_context *rsa, const unsigned char *key, size_t keylen, + const unsigned char *pwd, size_t pwdlen ) +{ + int ret; + +#if defined(POLARSSL_PEM_C) + size_t len; + pem_context pem; + + pem_init( &pem ); + ret = pem_read_buffer( &pem, + "-----BEGIN RSA PRIVATE KEY-----", + "-----END RSA PRIVATE KEY-----", + key, pwd, pwdlen, &len ); + if( ret == 0 ) + { + if( ( ret = x509parse_key_pkcs1_der( rsa, pem.buf, pem.buflen ) ) != 0 ) + { + rsa_free( rsa ); + } + + pem_free( &pem ); + return( ret ); + } + else if( ret == POLARSSL_ERR_PEM_PASSWORD_MISMATCH ) + return( POLARSSL_ERR_X509_PASSWORD_MISMATCH ); + else if( ret == POLARSSL_ERR_PEM_PASSWORD_REQUIRED ) + return( POLARSSL_ERR_X509_PASSWORD_REQUIRED ); + else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) + return( ret ); + + ret = pem_read_buffer( &pem, + "-----BEGIN PRIVATE KEY-----", + "-----END PRIVATE KEY-----", + key, NULL, 0, &len ); + if( ret == 0 ) + { + if( ( ret = x509parse_key_pkcs8_unencrypted_der( rsa, + pem.buf, pem.buflen ) ) != 0 ) + { + rsa_free( rsa ); + } + + pem_free( &pem ); + return( ret ); + } + else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) + return( ret ); + + ret = pem_read_buffer( &pem, + "-----BEGIN ENCRYPTED PRIVATE KEY-----", + "-----END ENCRYPTED PRIVATE KEY-----", + key, NULL, 0, &len ); + if( ret == 0 ) + { + if( ( ret = x509parse_key_pkcs8_encrypted_der( rsa, + pem.buf, pem.buflen, + pwd, pwdlen ) ) != 0 ) + { + rsa_free( rsa ); + } + + pem_free( &pem ); + return( ret ); + } + else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) + return( ret ); +#else + ((void) pwd); + ((void) pwdlen); +#endif /* POLARSSL_PEM_C */ + + // At this point we only know it's not a PEM formatted key. Could be any + // of the known DER encoded private key formats + // + // We try the different DER format parsers to see if one passes without + // error + // + if( ( ret = x509parse_key_pkcs8_encrypted_der( rsa, key, keylen, + pwd, pwdlen ) ) == 0 ) + { + return( 0 ); + } + + rsa_free( rsa ); + + if( ret == POLARSSL_ERR_X509_PASSWORD_MISMATCH ) + { + return( ret ); + } + + if( ( ret = x509parse_key_pkcs8_unencrypted_der( rsa, key, keylen ) ) == 0 ) + return( 0 ); + + rsa_free( rsa ); + + if( ( ret = x509parse_key_pkcs1_der( rsa, key, keylen ) ) == 0 ) + return( 0 ); + + rsa_free( rsa ); + + return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT ); +} + +/* + * Parse a public RSA key + */ +int x509parse_public_key( rsa_context *rsa, const unsigned char *key, size_t keylen ) +{ + int ret; + size_t len; + unsigned char *p, *end; + x509_buf alg_oid; +#if defined(POLARSSL_PEM_C) + pem_context pem; + + pem_init( &pem ); + ret = pem_read_buffer( &pem, + "-----BEGIN PUBLIC KEY-----", + "-----END PUBLIC KEY-----", + key, NULL, 0, &len ); + + if( ret == 0 ) + { + /* + * Was PEM encoded + */ + keylen = pem.buflen; + } + else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) + { + pem_free( &pem ); + return( ret ); + } + + p = ( ret == 0 ) ? pem.buf : (unsigned char *) key; +#else + p = (unsigned char *) key; +#endif + end = p + keylen; + + /* + * PublicKeyInfo ::= SEQUENCE { + * algorithm AlgorithmIdentifier, + * PublicKey BIT STRING + * } + * + * AlgorithmIdentifier ::= SEQUENCE { + * algorithm OBJECT IDENTIFIER, + * parameters ANY DEFINED BY algorithm OPTIONAL + * } + * + * RSAPublicKey ::= SEQUENCE { + * modulus INTEGER, -- n + * publicExponent INTEGER -- e + * } + */ + + if( ( ret = asn1_get_tag( &p, end, &len, + ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + { +#if defined(POLARSSL_PEM_C) + pem_free( &pem ); +#endif + rsa_free( rsa ); + return( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + ret ); + } + + if( ( ret = x509_get_pubkey( &p, end, &alg_oid, &rsa->N, &rsa->E ) ) != 0 ) + { +#if defined(POLARSSL_PEM_C) + pem_free( &pem ); +#endif + rsa_free( rsa ); + return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret ); + } + + if( ( ret = rsa_check_pubkey( rsa ) ) != 0 ) + { +#if defined(POLARSSL_PEM_C) + pem_free( &pem ); +#endif + rsa_free( rsa ); + return( ret ); + } + + rsa->len = mpi_size( &rsa->N ); + +#if defined(POLARSSL_PEM_C) + pem_free( &pem ); +#endif + + return( 0 ); +} + +#if defined(POLARSSL_DHM_C) +/* + * Parse DHM parameters + */ +int x509parse_dhm( dhm_context *dhm, const unsigned char *dhmin, size_t dhminlen ) +{ + int ret; + size_t len; + unsigned char *p, *end; +#if defined(POLARSSL_PEM_C) + pem_context pem; + + pem_init( &pem ); + + ret = pem_read_buffer( &pem, + "-----BEGIN DH PARAMETERS-----", + "-----END DH PARAMETERS-----", + dhmin, NULL, 0, &dhminlen ); + + if( ret == 0 ) + { + /* + * Was PEM encoded + */ + dhminlen = pem.buflen; + } + else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) + { + pem_free( &pem ); + return( ret ); + } + + p = ( ret == 0 ) ? pem.buf : (unsigned char *) dhmin; +#else + p = (unsigned char *) dhmin; +#endif + end = p + dhminlen; + + memset( dhm, 0, sizeof( dhm_context ) ); + + /* + * DHParams ::= SEQUENCE { + * prime INTEGER, -- P + * generator INTEGER, -- g + * } + */ + if( ( ret = asn1_get_tag( &p, end, &len, + ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) + { +#if defined(POLARSSL_PEM_C) + pem_free( &pem ); +#endif + return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret ); + } + + end = p + len; + + if( ( ret = asn1_get_mpi( &p, end, &dhm->P ) ) != 0 || + ( ret = asn1_get_mpi( &p, end, &dhm->G ) ) != 0 ) + { +#if defined(POLARSSL_PEM_C) + pem_free( &pem ); +#endif + dhm_free( dhm ); + return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret ); + } + + if( p != end ) + { +#if defined(POLARSSL_PEM_C) + pem_free( &pem ); +#endif + dhm_free( dhm ); + return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); + } + +#if defined(POLARSSL_PEM_C) + pem_free( &pem ); +#endif + + return( 0 ); +} + +#if defined(POLARSSL_FS_IO) +/* + * Load and parse a private RSA key + */ +int x509parse_dhmfile( dhm_context *dhm, const char *path ) +{ + int ret; + size_t n; + unsigned char *buf; + + if ( ( ret = load_file( path, &buf, &n ) ) != 0 ) + return( ret ); + + ret = x509parse_dhm( dhm, buf, n ); + + memset( buf, 0, n + 1 ); + free( buf ); + + return( ret ); +} +#endif /* POLARSSL_FS_IO */ +#endif /* POLARSSL_DHM_C */ + +#if defined _MSC_VER && !defined snprintf +#include + +#if !defined vsnprintf +#define vsnprintf _vsnprintf +#endif // vsnprintf + +/* + * Windows _snprintf and _vsnprintf are not compatible to linux versions. + * Result value is not size of buffer needed, but -1 if no fit is possible. + * + * This fuction tries to 'fix' this by at least suggesting enlarging the + * size by 20. + */ +int compat_snprintf(char *str, size_t size, const char *format, ...) +{ + va_list ap; + int res = -1; + + va_start( ap, format ); + + res = vsnprintf( str, size, format, ap ); + + va_end( ap ); + + // No quick fix possible + if ( res < 0 ) + return( (int) size + 20 ); + + return res; +} + +#define snprintf compat_snprintf +#endif + +#define POLARSSL_ERR_DEBUG_BUF_TOO_SMALL -2 + +#define SAFE_SNPRINTF() \ +{ \ + if( ret == -1 ) \ + return( -1 ); \ + \ + if ( (unsigned int) ret > n ) { \ + p[n - 1] = '\0'; \ + return POLARSSL_ERR_DEBUG_BUF_TOO_SMALL;\ + } \ + \ + n -= (unsigned int) ret; \ + p += (unsigned int) ret; \ +} + +/* + * Store the name in printable form into buf; no more + * than size characters will be written + */ +int x509parse_dn_gets( char *buf, size_t size, const x509_name *dn ) +{ + int ret; + size_t i, n; + unsigned char c; + const x509_name *name; + char s[128], *p; + + memset( s, 0, sizeof( s ) ); + + name = dn; + p = buf; + n = size; + + while( name != NULL ) + { + if( !name->oid.p ) + { + name = name->next; + continue; + } + + if( name != dn ) + { + ret = snprintf( p, n, ", " ); + SAFE_SNPRINTF(); + } + + if( name->oid.len == 3 && + memcmp( name->oid.p, OID_X520, 2 ) == 0 ) + { + switch( name->oid.p[2] ) + { + case X520_COMMON_NAME: + ret = snprintf( p, n, "CN=" ); break; + + case X520_COUNTRY: + ret = snprintf( p, n, "C=" ); break; + + case X520_LOCALITY: + ret = snprintf( p, n, "L=" ); break; + + case X520_STATE: + ret = snprintf( p, n, "ST=" ); break; + + case X520_ORGANIZATION: + ret = snprintf( p, n, "O=" ); break; + + case X520_ORG_UNIT: + ret = snprintf( p, n, "OU=" ); break; + + default: + ret = snprintf( p, n, "0x%02X=", + name->oid.p[2] ); + break; + } + SAFE_SNPRINTF(); + } + else if( name->oid.len == 9 && + memcmp( name->oid.p, OID_PKCS9, 8 ) == 0 ) + { + switch( name->oid.p[8] ) + { + case PKCS9_EMAIL: + ret = snprintf( p, n, "emailAddress=" ); break; + + default: + ret = snprintf( p, n, "0x%02X=", + name->oid.p[8] ); + break; + } + SAFE_SNPRINTF(); + } + else + { + ret = snprintf( p, n, "\?\?=" ); + SAFE_SNPRINTF(); + } + + for( i = 0; i < name->val.len; i++ ) + { + if( i >= sizeof( s ) - 1 ) + break; + + c = name->val.p[i]; + if( c < 32 || c == 127 || ( c > 128 && c < 160 ) ) + s[i] = '?'; + else s[i] = c; + } + s[i] = '\0'; + ret = snprintf( p, n, "%s", s ); + SAFE_SNPRINTF(); + name = name->next; + } + + return( (int) ( size - n ) ); +} + +/* + * Store the serial in printable form into buf; no more + * than size characters will be written + */ +int x509parse_serial_gets( char *buf, size_t size, const x509_buf *serial ) +{ + int ret; + size_t i, n, nr; + char *p; + + p = buf; + n = size; + + nr = ( serial->len <= 32 ) + ? serial->len : 28; + + for( i = 0; i < nr; i++ ) + { + if( i == 0 && nr > 1 && serial->p[i] == 0x0 ) + continue; + + ret = snprintf( p, n, "%02X%s", + serial->p[i], ( i < nr - 1 ) ? ":" : "" ); + SAFE_SNPRINTF(); + } + + if( nr != serial->len ) + { + ret = snprintf( p, n, "...." ); + SAFE_SNPRINTF(); + } + + return( (int) ( size - n ) ); +} + +/* + * Return an informational string about the certificate. + */ +int x509parse_cert_info( char *buf, size_t size, const char *prefix, + const x509_cert *crt ) +{ + int ret; + size_t n; + char *p; + + p = buf; + n = size; + + ret = snprintf( p, n, "%scert. version : %d\n", + prefix, crt->version ); + SAFE_SNPRINTF(); + ret = snprintf( p, n, "%sserial number : ", + prefix ); + SAFE_SNPRINTF(); + + ret = x509parse_serial_gets( p, n, &crt->serial); + SAFE_SNPRINTF(); + + ret = snprintf( p, n, "\n%sissuer name : ", prefix ); + SAFE_SNPRINTF(); + ret = x509parse_dn_gets( p, n, &crt->issuer ); + SAFE_SNPRINTF(); + + ret = snprintf( p, n, "\n%ssubject name : ", prefix ); + SAFE_SNPRINTF(); + ret = x509parse_dn_gets( p, n, &crt->subject ); + SAFE_SNPRINTF(); + + ret = snprintf( p, n, "\n%sissued on : " \ + "%04d-%02d-%02d %02d:%02d:%02d", prefix, + crt->valid_from.year, crt->valid_from.mon, + crt->valid_from.day, crt->valid_from.hour, + crt->valid_from.min, crt->valid_from.sec ); + SAFE_SNPRINTF(); + + ret = snprintf( p, n, "\n%sexpires on : " \ + "%04d-%02d-%02d %02d:%02d:%02d", prefix, + crt->valid_to.year, crt->valid_to.mon, + crt->valid_to.day, crt->valid_to.hour, + crt->valid_to.min, crt->valid_to.sec ); + SAFE_SNPRINTF(); + + ret = snprintf( p, n, "\n%ssigned using : RSA+", prefix ); + SAFE_SNPRINTF(); + + switch( crt->sig_alg ) + { + case SIG_RSA_MD2 : ret = snprintf( p, n, "MD2" ); break; + case SIG_RSA_MD4 : ret = snprintf( p, n, "MD4" ); break; + case SIG_RSA_MD5 : ret = snprintf( p, n, "MD5" ); break; + case SIG_RSA_SHA1 : ret = snprintf( p, n, "SHA1" ); break; + case SIG_RSA_SHA224 : ret = snprintf( p, n, "SHA224" ); break; + case SIG_RSA_SHA256 : ret = snprintf( p, n, "SHA256" ); break; + case SIG_RSA_SHA384 : ret = snprintf( p, n, "SHA384" ); break; + case SIG_RSA_SHA512 : ret = snprintf( p, n, "SHA512" ); break; + default: ret = snprintf( p, n, "???" ); break; + } + SAFE_SNPRINTF(); + + ret = snprintf( p, n, "\n%sRSA key size : %d bits\n", prefix, + (int) crt->rsa.N.n * (int) sizeof( t_uint ) * 8 ); + SAFE_SNPRINTF(); + + return( (int) ( size - n ) ); +} + +/* + * Return an informational string describing the given OID + */ +const char *x509_oid_get_description( x509_buf *oid ) +{ + if ( oid == NULL ) + return ( NULL ); + + else if( OID_CMP( OID_SERVER_AUTH, oid ) ) + return( STRING_SERVER_AUTH ); + + else if( OID_CMP( OID_CLIENT_AUTH, oid ) ) + return( STRING_CLIENT_AUTH ); + + else if( OID_CMP( OID_CODE_SIGNING, oid ) ) + return( STRING_CODE_SIGNING ); + + else if( OID_CMP( OID_EMAIL_PROTECTION, oid ) ) + return( STRING_EMAIL_PROTECTION ); + + else if( OID_CMP( OID_TIME_STAMPING, oid ) ) + return( STRING_TIME_STAMPING ); + + else if( OID_CMP( OID_OCSP_SIGNING, oid ) ) + return( STRING_OCSP_SIGNING ); + + return( NULL ); +} + +/* Return the x.y.z.... style numeric string for the given OID */ +int x509_oid_get_numeric_string( char *buf, size_t size, x509_buf *oid ) +{ + int ret; + size_t i, n; + unsigned int value; + char *p; + + p = buf; + n = size; + + /* First byte contains first two dots */ + if( oid->len > 0 ) + { + ret = snprintf( p, n, "%d.%d", oid->p[0]/40, oid->p[0]%40 ); + SAFE_SNPRINTF(); + } + + /* TODO: value can overflow in value. */ + value = 0; + for( i = 1; i < oid->len; i++ ) + { + value <<= 7; + value += oid->p[i] & 0x7F; + + if( !( oid->p[i] & 0x80 ) ) + { + /* Last byte */ + ret = snprintf( p, n, ".%d", value ); + SAFE_SNPRINTF(); + value = 0; + } + } + + return( (int) ( size - n ) ); +} + +/* + * Return an informational string about the CRL. + */ +int x509parse_crl_info( char *buf, size_t size, const char *prefix, + const x509_crl *crl ) +{ + int ret; + size_t n; + char *p; + const x509_crl_entry *entry; + + p = buf; + n = size; + + ret = snprintf( p, n, "%sCRL version : %d", + prefix, crl->version ); + SAFE_SNPRINTF(); + + ret = snprintf( p, n, "\n%sissuer name : ", prefix ); + SAFE_SNPRINTF(); + ret = x509parse_dn_gets( p, n, &crl->issuer ); + SAFE_SNPRINTF(); + + ret = snprintf( p, n, "\n%sthis update : " \ + "%04d-%02d-%02d %02d:%02d:%02d", prefix, + crl->this_update.year, crl->this_update.mon, + crl->this_update.day, crl->this_update.hour, + crl->this_update.min, crl->this_update.sec ); + SAFE_SNPRINTF(); + + ret = snprintf( p, n, "\n%snext update : " \ + "%04d-%02d-%02d %02d:%02d:%02d", prefix, + crl->next_update.year, crl->next_update.mon, + crl->next_update.day, crl->next_update.hour, + crl->next_update.min, crl->next_update.sec ); + SAFE_SNPRINTF(); + + entry = &crl->entry; + + ret = snprintf( p, n, "\n%sRevoked certificates:", + prefix ); + SAFE_SNPRINTF(); + + while( entry != NULL && entry->raw.len != 0 ) + { + ret = snprintf( p, n, "\n%sserial number: ", + prefix ); + SAFE_SNPRINTF(); + + ret = x509parse_serial_gets( p, n, &entry->serial); + SAFE_SNPRINTF(); + + ret = snprintf( p, n, " revocation date: " \ + "%04d-%02d-%02d %02d:%02d:%02d", + entry->revocation_date.year, entry->revocation_date.mon, + entry->revocation_date.day, entry->revocation_date.hour, + entry->revocation_date.min, entry->revocation_date.sec ); + SAFE_SNPRINTF(); + + entry = entry->next; + } + + ret = snprintf( p, n, "\n%ssigned using : RSA+", prefix ); + SAFE_SNPRINTF(); + + switch( crl->sig_alg ) + { + case SIG_RSA_MD2 : ret = snprintf( p, n, "MD2" ); break; + case SIG_RSA_MD4 : ret = snprintf( p, n, "MD4" ); break; + case SIG_RSA_MD5 : ret = snprintf( p, n, "MD5" ); break; + case SIG_RSA_SHA1 : ret = snprintf( p, n, "SHA1" ); break; + case SIG_RSA_SHA224 : ret = snprintf( p, n, "SHA224" ); break; + case SIG_RSA_SHA256 : ret = snprintf( p, n, "SHA256" ); break; + case SIG_RSA_SHA384 : ret = snprintf( p, n, "SHA384" ); break; + case SIG_RSA_SHA512 : ret = snprintf( p, n, "SHA512" ); break; + default: ret = snprintf( p, n, "???" ); break; + } + SAFE_SNPRINTF(); + + ret = snprintf( p, n, "\n" ); + SAFE_SNPRINTF(); + + return( (int) ( size - n ) ); +} + +/* + * Return 0 if the x509_time is still valid, or 1 otherwise. + */ +int x509parse_time_expired( const x509_time *to ) +{ + int year, mon, day; + int hour, min, sec; + +#if defined(_WIN32) + SYSTEMTIME st; + + GetLocalTime(&st); + + year = st.wYear; + mon = st.wMonth; + day = st.wDay; + hour = st.wHour; + min = st.wMinute; + sec = st.wSecond; +#else + struct tm *lt; + time_t tt; + + tt = time( NULL ); + lt = localtime( &tt ); + + year = lt->tm_year + 1900; + mon = lt->tm_mon + 1; + day = lt->tm_mday; + hour = lt->tm_hour; + min = lt->tm_min; + sec = lt->tm_sec; +#endif + + if( year > to->year ) + return( 1 ); + + if( year == to->year && + mon > to->mon ) + return( 1 ); + + if( year == to->year && + mon == to->mon && + day > to->day ) + return( 1 ); + + if( year == to->year && + mon == to->mon && + day == to->day && + hour > to->hour ) + return( 1 ); + + if( year == to->year && + mon == to->mon && + day == to->day && + hour == to->hour && + min > to->min ) + return( 1 ); + + if( year == to->year && + mon == to->mon && + day == to->day && + hour == to->hour && + min == to->min && + sec > to->sec ) + return( 1 ); + + return( 0 ); +} + +/* + * Return 1 if the certificate is revoked, or 0 otherwise. + */ +int x509parse_revoked( const x509_cert *crt, const x509_crl *crl ) +{ + const x509_crl_entry *cur = &crl->entry; + + while( cur != NULL && cur->serial.len != 0 ) + { + if( crt->serial.len == cur->serial.len && + memcmp( crt->serial.p, cur->serial.p, crt->serial.len ) == 0 ) + { + if( x509parse_time_expired( &cur->revocation_date ) ) + return( 1 ); + } + + cur = cur->next; + } + + return( 0 ); +} + +/* + * Wrapper for x509 hashes. + */ +static void x509_hash( const unsigned char *in, size_t len, int alg, + unsigned char *out ) +{ + switch( alg ) + { +#if defined(POLARSSL_MD2_C) + case SIG_RSA_MD2 : md2( in, len, out ); break; +#endif +#if defined(POLARSSL_MD4_C) + case SIG_RSA_MD4 : md4( in, len, out ); break; +#endif +#if defined(POLARSSL_MD5_C) + case SIG_RSA_MD5 : md5( in, len, out ); break; +#endif +#if defined(POLARSSL_SHA1_C) + case SIG_RSA_SHA1 : sha1( in, len, out ); break; +#endif +#if defined(POLARSSL_SHA2_C) + case SIG_RSA_SHA224 : sha2( in, len, out, 1 ); break; + case SIG_RSA_SHA256 : sha2( in, len, out, 0 ); break; +#endif +#if defined(POLARSSL_SHA4_C) + case SIG_RSA_SHA384 : sha4( in, len, out, 1 ); break; + case SIG_RSA_SHA512 : sha4( in, len, out, 0 ); break; +#endif + default: + memset( out, '\xFF', 64 ); + break; + } +} + +/* + * Check that the given certificate is valid accoring to the CRL. + */ +static int x509parse_verifycrl(x509_cert *crt, x509_cert *ca, + x509_crl *crl_list) +{ + int flags = 0; + int hash_id; + unsigned char hash[64]; + + if( ca == NULL ) + return( flags ); + + /* + * TODO: What happens if no CRL is present? + * Suggestion: Revocation state should be unknown if no CRL is present. + * For backwards compatibility this is not yet implemented. + */ + + while( crl_list != NULL ) + { + if( crl_list->version == 0 || + crl_list->issuer_raw.len != ca->subject_raw.len || + memcmp( crl_list->issuer_raw.p, ca->subject_raw.p, + crl_list->issuer_raw.len ) != 0 ) + { + crl_list = crl_list->next; + continue; + } + + /* + * Check if CRL is correctly signed by the trusted CA + */ + hash_id = crl_list->sig_alg; + + x509_hash( crl_list->tbs.p, crl_list->tbs.len, hash_id, hash ); + + if( !rsa_pkcs1_verify( &ca->rsa, RSA_PUBLIC, hash_id, + 0, hash, crl_list->sig.p ) == 0 ) + { + /* + * CRL is not trusted + */ + flags |= BADCRL_NOT_TRUSTED; + break; + } + + /* + * Check for validity of CRL (Do not drop out) + */ + if( x509parse_time_expired( &crl_list->next_update ) ) + flags |= BADCRL_EXPIRED; + + /* + * Check if certificate is revoked + */ + if( x509parse_revoked(crt, crl_list) ) + { + flags |= BADCERT_REVOKED; + break; + } + + crl_list = crl_list->next; + } + return flags; +} + +int x509_wildcard_verify( const char *cn, x509_buf *name ) +{ + size_t i; + size_t cn_idx = 0; + + if( name->len < 3 || name->p[0] != '*' || name->p[1] != '.' ) + return( 0 ); + + for( i = 0; i < strlen( cn ); ++i ) + { + if( cn[i] == '.' ) + { + cn_idx = i; + break; + } + } + + if( cn_idx == 0 ) + return( 0 ); + + if( strlen( cn ) - cn_idx == name->len - 1 && + memcmp( name->p + 1, cn + cn_idx, name->len - 1 ) == 0 ) + { + return( 1 ); + } + + return( 0 ); +} + +static int x509parse_verify_top( + x509_cert *child, x509_cert *trust_ca, + x509_crl *ca_crl, int path_cnt, int *flags, + int (*f_vrfy)(void *, x509_cert *, int, int *), + void *p_vrfy ) +{ + int hash_id, ret; + int ca_flags = 0, check_path_cnt = path_cnt + 1; + unsigned char hash[64]; + + if( x509parse_time_expired( &child->valid_to ) ) + *flags |= BADCERT_EXPIRED; + + /* + * Child is the top of the chain. Check against the trust_ca list. + */ + *flags |= BADCERT_NOT_TRUSTED; + + while( trust_ca != NULL ) + { + if( trust_ca->version == 0 || + child->issuer_raw.len != trust_ca->subject_raw.len || + memcmp( child->issuer_raw.p, trust_ca->subject_raw.p, + child->issuer_raw.len ) != 0 ) + { + trust_ca = trust_ca->next; + continue; + } + + /* + * Reduce path_len to check against if top of the chain is + * the same as the trusted CA + */ + if( child->subject_raw.len == trust_ca->subject_raw.len && + memcmp( child->subject_raw.p, trust_ca->subject_raw.p, + child->issuer_raw.len ) == 0 ) + { + check_path_cnt--; + } + + if( trust_ca->max_pathlen > 0 && + trust_ca->max_pathlen < check_path_cnt ) + { + trust_ca = trust_ca->next; + continue; + } + + hash_id = child->sig_alg; + + x509_hash( child->tbs.p, child->tbs.len, hash_id, hash ); + + if( rsa_pkcs1_verify( &trust_ca->rsa, RSA_PUBLIC, hash_id, + 0, hash, child->sig.p ) != 0 ) + { + trust_ca = trust_ca->next; + continue; + } + + /* + * Top of chain is signed by a trusted CA + */ + *flags &= ~BADCERT_NOT_TRUSTED; + break; + } + + /* + * If top of chain is not the same as the trusted CA send a verify request + * to the callback for any issues with validity and CRL presence for the + * trusted CA certificate. + */ + if( trust_ca != NULL && + ( child->subject_raw.len != trust_ca->subject_raw.len || + memcmp( child->subject_raw.p, trust_ca->subject_raw.p, + child->issuer_raw.len ) != 0 ) ) + { + /* Check trusted CA's CRL for then chain's top crt */ + *flags |= x509parse_verifycrl( child, trust_ca, ca_crl ); + + if( x509parse_time_expired( &trust_ca->valid_to ) ) + ca_flags |= BADCERT_EXPIRED; + + if( NULL != f_vrfy ) + { + if( ( ret = f_vrfy( p_vrfy, trust_ca, path_cnt + 1, &ca_flags ) ) != 0 ) + return( ret ); + } + } + + /* Call callback on top cert */ + if( NULL != f_vrfy ) + { + if( ( ret = f_vrfy(p_vrfy, child, path_cnt, flags ) ) != 0 ) + return( ret ); + } + + *flags |= ca_flags; + + return( 0 ); +} + +static int x509parse_verify_child( + x509_cert *child, x509_cert *parent, x509_cert *trust_ca, + x509_crl *ca_crl, int path_cnt, int *flags, + int (*f_vrfy)(void *, x509_cert *, int, int *), + void *p_vrfy ) +{ + int hash_id, ret; + int parent_flags = 0; + unsigned char hash[64]; + x509_cert *grandparent; + + if( x509parse_time_expired( &child->valid_to ) ) + *flags |= BADCERT_EXPIRED; + + hash_id = child->sig_alg; + + x509_hash( child->tbs.p, child->tbs.len, hash_id, hash ); + + if( rsa_pkcs1_verify( &parent->rsa, RSA_PUBLIC, hash_id, 0, hash, + child->sig.p ) != 0 ) + *flags |= BADCERT_NOT_TRUSTED; + + /* Check trusted CA's CRL for the given crt */ + *flags |= x509parse_verifycrl(child, parent, ca_crl); + + grandparent = parent->next; + + while( grandparent != NULL ) + { + if( grandparent->version == 0 || + grandparent->ca_istrue == 0 || + parent->issuer_raw.len != grandparent->subject_raw.len || + memcmp( parent->issuer_raw.p, grandparent->subject_raw.p, + parent->issuer_raw.len ) != 0 ) + { + grandparent = grandparent->next; + continue; + } + break; + } + + if( grandparent != NULL ) + { + /* + * Part of the chain + */ + ret = x509parse_verify_child( parent, grandparent, trust_ca, ca_crl, path_cnt + 1, &parent_flags, f_vrfy, p_vrfy ); + if( ret != 0 ) + return( ret ); + } + else + { + ret = x509parse_verify_top( parent, trust_ca, ca_crl, path_cnt + 1, &parent_flags, f_vrfy, p_vrfy ); + if( ret != 0 ) + return( ret ); + } + + /* child is verified to be a child of the parent, call verify callback */ + if( NULL != f_vrfy ) + if( ( ret = f_vrfy( p_vrfy, child, path_cnt, flags ) ) != 0 ) + return( ret ); + + *flags |= parent_flags; + + return( 0 ); +} + +/* + * Verify the certificate validity + */ +int x509parse_verify( x509_cert *crt, + x509_cert *trust_ca, + x509_crl *ca_crl, + const char *cn, int *flags, + int (*f_vrfy)(void *, x509_cert *, int, int *), + void *p_vrfy ) +{ + size_t cn_len; + int ret; + int pathlen = 0; + x509_cert *parent; + x509_name *name; + x509_sequence *cur = NULL; + + *flags = 0; + + if( cn != NULL ) + { + name = &crt->subject; + cn_len = strlen( cn ); + + if( crt->ext_types & EXT_SUBJECT_ALT_NAME ) + { + cur = &crt->subject_alt_names; + + while( cur != NULL ) + { + if( cur->buf.len == cn_len && + memcmp( cn, cur->buf.p, cn_len ) == 0 ) + break; + + if( cur->buf.len > 2 && + memcmp( cur->buf.p, "*.", 2 ) == 0 && + x509_wildcard_verify( cn, &cur->buf ) ) + break; + + cur = cur->next; + } + + if( cur == NULL ) + *flags |= BADCERT_CN_MISMATCH; + } + else + { + while( name != NULL ) + { + if( name->oid.len == 3 && + memcmp( name->oid.p, OID_CN, 3 ) == 0 ) + { + if( name->val.len == cn_len && + memcmp( name->val.p, cn, cn_len ) == 0 ) + break; + + if( name->val.len > 2 && + memcmp( name->val.p, "*.", 2 ) == 0 && + x509_wildcard_verify( cn, &name->val ) ) + break; + } + + name = name->next; + } + + if( name == NULL ) + *flags |= BADCERT_CN_MISMATCH; + } + } + + /* + * Iterate upwards in the given cert chain, to find our crt parent. + * Ignore any upper cert with CA != TRUE. + */ + parent = crt->next; + + while( parent != NULL && parent->version != 0 ) + { + if( parent->ca_istrue == 0 || + crt->issuer_raw.len != parent->subject_raw.len || + memcmp( crt->issuer_raw.p, parent->subject_raw.p, + crt->issuer_raw.len ) != 0 ) + { + parent = parent->next; + continue; + } + break; + } + + if( parent != NULL ) + { + /* + * Part of the chain + */ + ret = x509parse_verify_child( crt, parent, trust_ca, ca_crl, pathlen, flags, f_vrfy, p_vrfy ); + if( ret != 0 ) + return( ret ); + } + else + { + ret = x509parse_verify_top( crt, trust_ca, ca_crl, pathlen, flags, f_vrfy, p_vrfy ); + if( ret != 0 ) + return( ret ); + } + + if( *flags != 0 ) + return( POLARSSL_ERR_X509_CERT_VERIFY_FAILED ); + + return( 0 ); +} + +/* + * Unallocate all certificate data + */ +void x509_free( x509_cert *crt ) +{ + x509_cert *cert_cur = crt; + x509_cert *cert_prv; + x509_name *name_cur; + x509_name *name_prv; + x509_sequence *seq_cur; + x509_sequence *seq_prv; + + if( crt == NULL ) + return; + + do + { + rsa_free( &cert_cur->rsa ); + + name_cur = cert_cur->issuer.next; + while( name_cur != NULL ) + { + name_prv = name_cur; + name_cur = name_cur->next; + memset( name_prv, 0, sizeof( x509_name ) ); + free( name_prv ); + } + + name_cur = cert_cur->subject.next; + while( name_cur != NULL ) + { + name_prv = name_cur; + name_cur = name_cur->next; + memset( name_prv, 0, sizeof( x509_name ) ); + free( name_prv ); + } + + seq_cur = cert_cur->ext_key_usage.next; + while( seq_cur != NULL ) + { + seq_prv = seq_cur; + seq_cur = seq_cur->next; + memset( seq_prv, 0, sizeof( x509_sequence ) ); + free( seq_prv ); + } + + seq_cur = cert_cur->subject_alt_names.next; + while( seq_cur != NULL ) + { + seq_prv = seq_cur; + seq_cur = seq_cur->next; + memset( seq_prv, 0, sizeof( x509_sequence ) ); + free( seq_prv ); + } + + if( cert_cur->raw.p != NULL ) + { + memset( cert_cur->raw.p, 0, cert_cur->raw.len ); + free( cert_cur->raw.p ); + } + + cert_cur = cert_cur->next; + } + while( cert_cur != NULL ); + + cert_cur = crt; + do + { + cert_prv = cert_cur; + cert_cur = cert_cur->next; + + memset( cert_prv, 0, sizeof( x509_cert ) ); + if( cert_prv != crt ) + free( cert_prv ); + } + while( cert_cur != NULL ); +} + +/* + * Unallocate all CRL data + */ +void x509_crl_free( x509_crl *crl ) +{ + x509_crl *crl_cur = crl; + x509_crl *crl_prv; + x509_name *name_cur; + x509_name *name_prv; + x509_crl_entry *entry_cur; + x509_crl_entry *entry_prv; + + if( crl == NULL ) + return; + + do + { + name_cur = crl_cur->issuer.next; + while( name_cur != NULL ) + { + name_prv = name_cur; + name_cur = name_cur->next; + memset( name_prv, 0, sizeof( x509_name ) ); + free( name_prv ); + } + + entry_cur = crl_cur->entry.next; + while( entry_cur != NULL ) + { + entry_prv = entry_cur; + entry_cur = entry_cur->next; + memset( entry_prv, 0, sizeof( x509_crl_entry ) ); + free( entry_prv ); + } + + if( crl_cur->raw.p != NULL ) + { + memset( crl_cur->raw.p, 0, crl_cur->raw.len ); + free( crl_cur->raw.p ); + } + + crl_cur = crl_cur->next; + } + while( crl_cur != NULL ); + + crl_cur = crl; + do + { + crl_prv = crl_cur; + crl_cur = crl_cur->next; + + memset( crl_prv, 0, sizeof( x509_crl ) ); + if( crl_prv != crl ) + free( crl_prv ); + } + while( crl_cur != NULL ); +} + +#if defined(POLARSSL_SELF_TEST) + +#include "polarssl/certs.h" + +/* + * Checkup routine + */ +int x509_self_test( int verbose ) +{ +#if defined(POLARSSL_CERTS_C) && defined(POLARSSL_MD5_C) + int ret; + int flags; + size_t i, j; + x509_cert cacert; + x509_cert clicert; + rsa_context rsa; +#if defined(POLARSSL_DHM_C) + dhm_context dhm; +#endif + + if( verbose != 0 ) + printf( " X.509 certificate load: " ); + + memset( &clicert, 0, sizeof( x509_cert ) ); + + ret = x509parse_crt( &clicert, (const unsigned char *) test_cli_crt, + strlen( test_cli_crt ) ); + if( ret != 0 ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( ret ); + } + + memset( &cacert, 0, sizeof( x509_cert ) ); + + ret = x509parse_crt( &cacert, (const unsigned char *) test_ca_crt, + strlen( test_ca_crt ) ); + if( ret != 0 ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( ret ); + } + + if( verbose != 0 ) + printf( "passed\n X.509 private key load: " ); + + i = strlen( test_ca_key ); + j = strlen( test_ca_pwd ); + + rsa_init( &rsa, RSA_PKCS_V15, 0 ); + + if( ( ret = x509parse_key( &rsa, + (const unsigned char *) test_ca_key, i, + (const unsigned char *) test_ca_pwd, j ) ) != 0 ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( ret ); + } + + if( verbose != 0 ) + printf( "passed\n X.509 signature verify: "); + + ret = x509parse_verify( &clicert, &cacert, NULL, "PolarSSL Client 2", &flags, NULL, NULL ); + if( ret != 0 ) + { + printf("%02x", flags); + if( verbose != 0 ) + printf( "failed\n" ); + + return( ret ); + } + +#if defined(POLARSSL_DHM_C) + if( verbose != 0 ) + printf( "passed\n X.509 DHM parameter load: " ); + + i = strlen( test_dhm_params ); + j = strlen( test_ca_pwd ); + + if( ( ret = x509parse_dhm( &dhm, (const unsigned char *) test_dhm_params, i ) ) != 0 ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( ret ); + } + + if( verbose != 0 ) + printf( "passed\n\n" ); +#endif + + x509_free( &cacert ); + x509_free( &clicert ); + rsa_free( &rsa ); +#if defined(POLARSSL_DHM_C) + dhm_free( &dhm ); +#endif + + return( 0 ); +#else + ((void) verbose); + return( POLARSSL_ERR_X509_FEATURE_UNAVAILABLE ); +#endif +} + +#endif + +#endif diff --git a/polarssl/x509write.c b/polarssl/x509write.c new file mode 100644 index 0000000..9f5a910 --- /dev/null +++ b/polarssl/x509write.c @@ -0,0 +1,285 @@ +/* + * X509 buffer writing functionality + * + * Copyright (C) 2006-2012, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#include "polarssl/config.h" + +#if defined(POLARSSL_X509_WRITE_C) + +#include "polarssl/asn1write.h" +#include "polarssl/x509write.h" +#include "polarssl/x509.h" +#include "polarssl/sha1.h" +#include "polarssl/sha2.h" +#include "polarssl/sha4.h" +#include "polarssl/md4.h" +#include "polarssl/md5.h" + +int x509_write_pubkey_der( unsigned char *buf, size_t size, rsa_context *rsa ) +{ + int ret; + unsigned char *c; + size_t len = 0; + + c = buf + size - 1; + + ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->E ) ); + ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->N ) ); + + ASN1_CHK_ADD( len, asn1_write_len( &c, buf, len ) ); + ASN1_CHK_ADD( len, asn1_write_tag( &c, buf, ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ); + + if( c - buf < 1 ) + return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL ); + + *--c = 0; + len += 1; + + ASN1_CHK_ADD( len, asn1_write_len( &c, buf, len ) ); + ASN1_CHK_ADD( len, asn1_write_tag( &c, buf, ASN1_BIT_STRING ) ); + + ASN1_CHK_ADD( len, asn1_write_algorithm_identifier( &c, buf, OID_PKCS1_RSA ) ); + + ASN1_CHK_ADD( len, asn1_write_len( &c, buf, len ) ); + ASN1_CHK_ADD( len, asn1_write_tag( &c, buf, ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ); + + return( len ); +} + +int x509_write_key_der( unsigned char *buf, size_t size, rsa_context *rsa ) +{ + int ret; + unsigned char *c; + size_t len = 0; + + c = buf + size - 1; + + ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->QP ) ); + ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->DQ ) ); + ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->DP ) ); + ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->Q ) ); + ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->P ) ); + ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->D ) ); + ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->E ) ); + ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->N ) ); + ASN1_CHK_ADD( len, asn1_write_int( &c, buf, 0 ) ); + + ASN1_CHK_ADD( len, asn1_write_len( &c, buf, len ) ); + ASN1_CHK_ADD( len, asn1_write_tag( &c, buf, ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ); + + // TODO: Make NON RSA Specific variant later on +/* *--c = 0; + len += 1; + + len += asn1_write_len( &c, len); + len += asn1_write_tag( &c, ASN1_BIT_STRING ); + + len += asn1_write_oid( &c, OID_PKCS1_RSA ); + + len += asn1_write_int( &c, 0 ); + + len += asn1_write_len( &c, len); + len += asn1_write_tag( &c, ASN1_CONSTRUCTED | ASN1_SEQUENCE );*/ + +/* for(i = 0; i < len; ++i) + { + if (i % 16 == 0 ) printf("\n"); + printf("%02x ", c[i]); + } + printf("\n");*/ + + return( len ); +} + +int x509_write_name( unsigned char **p, unsigned char *start, char *oid, + char *name ) +{ + int ret; + size_t string_len = 0; + size_t oid_len = 0; + size_t len = 0; + + // Write PrintableString for all except OID_PKCS9_EMAIL + // + if( OID_SIZE( OID_PKCS9_EMAIL ) == strlen( oid ) && + memcmp( oid, OID_PKCS9_EMAIL, strlen( oid ) ) == 0 ) + { + ASN1_CHK_ADD( string_len, asn1_write_ia5_string( p, start, name ) ); + } + else + ASN1_CHK_ADD( string_len, asn1_write_printable_string( p, start, name ) ); + + // Write OID + // + ASN1_CHK_ADD( oid_len, asn1_write_oid( p, start, oid ) ); + + len = oid_len + string_len; + ASN1_CHK_ADD( len, asn1_write_len( p, start, oid_len + string_len ) ); + ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ); + + ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) ); + ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_CONSTRUCTED | ASN1_SET ) ); + + return( len ); +} + +/* + * Wrapper for x509 hashes. + */ +static void x509_hash( const unsigned char *in, size_t len, int alg, + unsigned char *out ) +{ + switch( alg ) + { +#if defined(POLARSSL_MD2_C) + case SIG_RSA_MD2 : md2( in, len, out ); break; +#endif +#if defined(POLARSSL_MD4_C) + case SIG_RSA_MD4 : md4( in, len, out ); break; +#endif +#if defined(POLARSSL_MD5_C) + case SIG_RSA_MD5 : md5( in, len, out ); break; +#endif +#if defined(POLARSSL_SHA1_C) + case SIG_RSA_SHA1 : sha1( in, len, out ); break; +#endif +#if defined(POLARSSL_SHA2_C) + case SIG_RSA_SHA224 : sha2( in, len, out, 1 ); break; + case SIG_RSA_SHA256 : sha2( in, len, out, 0 ); break; +#endif +#if defined(POLARSSL_SHA4_C) + case SIG_RSA_SHA384 : sha4( in, len, out, 1 ); break; + case SIG_RSA_SHA512 : sha4( in, len, out, 0 ); break; +#endif + default: + memset( out, '\xFF', 64 ); + break; + } +} + +int x509_write_sig( unsigned char **p, unsigned char *start, char *oid, + unsigned char *sig, size_t size ) +{ + int ret; + size_t len = 0; + + if( *p - start < (int) size + 1 ) + return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL ); + + len = size; + (*p) -= len; + memcpy( *p, sig, len ); + + *--(*p) = 0; + len += 1; + + ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) ); + ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_BIT_STRING ) ); + + // Write OID + // + ASN1_CHK_ADD( len, asn1_write_algorithm_identifier( p, start, oid ) ); + + return( len ); +} + +int x509_write_cert_req( unsigned char *buf, size_t size, rsa_context *rsa, + x509_req_name *req_name, int hash_id ) +{ + int ret; + char sig_oid[10]; + unsigned char *c, *c2; + unsigned char hash[64]; + unsigned char sig[POLARSSL_MPI_MAX_SIZE]; + unsigned char tmp_buf[2048]; + size_t sub_len = 0, pub_len = 0, sig_len = 0; + size_t len = 0; + x509_req_name *cur = req_name; + + c = tmp_buf + 2048 - 1; + + ASN1_CHK_ADD( len, asn1_write_len( &c, tmp_buf, 0 ) ); + ASN1_CHK_ADD( len, asn1_write_tag( &c, tmp_buf, ASN1_CONSTRUCTED | ASN1_CONTEXT_SPECIFIC ) ); + + ASN1_CHK_ADD( pub_len, asn1_write_mpi( &c, tmp_buf, &rsa->E ) ); + ASN1_CHK_ADD( pub_len, asn1_write_mpi( &c, tmp_buf, &rsa->N ) ); + + ASN1_CHK_ADD( pub_len, asn1_write_len( &c, tmp_buf, pub_len ) ); + ASN1_CHK_ADD( pub_len, asn1_write_tag( &c, tmp_buf, ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ); + + if( c - tmp_buf < 1 ) + return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL ); + + *--c = 0; + pub_len += 1; + + ASN1_CHK_ADD( pub_len, asn1_write_len( &c, tmp_buf, pub_len ) ); + ASN1_CHK_ADD( pub_len, asn1_write_tag( &c, tmp_buf, ASN1_BIT_STRING ) ); + + ASN1_CHK_ADD( pub_len, asn1_write_algorithm_identifier( &c, tmp_buf, OID_PKCS1_RSA ) ); + + len += pub_len; + ASN1_CHK_ADD( len, asn1_write_len( &c, tmp_buf, pub_len ) ); + ASN1_CHK_ADD( len, asn1_write_tag( &c, tmp_buf, ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ); + + while( cur != NULL ) + { + ASN1_CHK_ADD( sub_len, x509_write_name( &c, tmp_buf, cur->oid, cur->name ) ); + + cur = cur->next; + } + + len += sub_len; + ASN1_CHK_ADD( len, asn1_write_len( &c, tmp_buf, sub_len ) ); + ASN1_CHK_ADD( len, asn1_write_tag( &c, tmp_buf, ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ); + + ASN1_CHK_ADD( len, asn1_write_int( &c, tmp_buf, 0 ) ); + + ASN1_CHK_ADD( len, asn1_write_len( &c, tmp_buf, len ) ); + ASN1_CHK_ADD( len, asn1_write_tag( &c, tmp_buf, ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ); + + x509_hash( c, len, hash_id, hash ); + + rsa_pkcs1_sign( rsa, NULL, NULL, RSA_PRIVATE, hash_id, 0, hash, sig ); + + // Generate correct OID + // + memcpy( sig_oid, OID_PKCS1, 8 ); + sig_oid[8] = hash_id; + sig_oid[9] = '\0'; + + c2 = buf + size - 1; + ASN1_CHK_ADD( sig_len, x509_write_sig( &c2, buf, sig_oid, sig, rsa->len ) ); + + c2 -= len; + memcpy( c2, c, len ); + + len += sig_len; + ASN1_CHK_ADD( len, asn1_write_len( &c2, buf, len ) ); + ASN1_CHK_ADD( len, asn1_write_tag( &c2, buf, ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ); + + return( len ); +} + +#endif diff --git a/polarssl/x509write.h b/polarssl/x509write.h new file mode 100644 index 0000000..16bfab3 --- /dev/null +++ b/polarssl/x509write.h @@ -0,0 +1,46 @@ +/** + * \file x509write.h + * + * \brief X509 buffer writing functionality + * + * Copyright (C) 2006-2012, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef POLARSSL_X509_WRITE_H +#define POLARSSL_X509_WRITE_H + +#include "polarssl/rsa.h" + +typedef struct _x509_req_name +{ + char oid[128]; + char name[128]; + + struct _x509_req_name *next; +} +x509_req_name; + +int x509_write_pubkey_der( unsigned char *buf, size_t size, rsa_context *rsa ); +int x509_write_key_der( unsigned char *buf, size_t size, rsa_context *rsa ); +int x509_write_cert_req( unsigned char *buf, size_t size, rsa_context *rsa, + x509_req_name *req_name, int hash_id ); + +#endif /* POLARSSL_X509_WRITE_H */ diff --git a/polarssl/xtea.c b/polarssl/xtea.c new file mode 100644 index 0000000..f8ab014 --- /dev/null +++ b/polarssl/xtea.c @@ -0,0 +1,251 @@ +/* + * An 32-bit implementation of the XTEA algorithm + * + * Copyright (C) 2006-2013, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#include "polarssl/config.h" + +#if defined(POLARSSL_XTEA_C) + +#include "polarssl/xtea.h" + +#if !defined(POLARSSL_XTEA_ALT) + +/* + * 32-bit integer manipulation macros (big endian) + */ +#ifndef GET_UINT32_BE +#define GET_UINT32_BE(n,b,i) \ +{ \ + (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ + | ( (uint32_t) (b)[(i) + 1] << 16 ) \ + | ( (uint32_t) (b)[(i) + 2] << 8 ) \ + | ( (uint32_t) (b)[(i) + 3] ); \ +} +#endif + +#ifndef PUT_UINT32_BE +#define PUT_UINT32_BE(n,b,i) \ +{ \ + (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ + (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ + (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ + (b)[(i) + 3] = (unsigned char) ( (n) ); \ +} +#endif + +/* + * XTEA key schedule + */ +void xtea_setup( xtea_context *ctx, unsigned char key[16] ) +{ + int i; + + memset(ctx, 0, sizeof(xtea_context)); + + for( i = 0; i < 4; i++ ) + { + GET_UINT32_BE( ctx->k[i], key, i << 2 ); + } +} + +/* + * XTEA encrypt function + */ +int xtea_crypt_ecb( xtea_context *ctx, int mode, unsigned char input[8], + unsigned char output[8]) +{ + uint32_t *k, v0, v1, i; + + k = ctx->k; + + GET_UINT32_BE( v0, input, 0 ); + GET_UINT32_BE( v1, input, 4 ); + + if( mode == XTEA_ENCRYPT ) + { + uint32_t sum = 0, delta = 0x9E3779B9; + + for( i = 0; i < 32; i++ ) + { + v0 += (((v1 << 4) ^ (v1 >> 5)) + v1) ^ (sum + k[sum & 3]); + sum += delta; + v1 += (((v0 << 4) ^ (v0 >> 5)) + v0) ^ (sum + k[(sum>>11) & 3]); + } + } + else /* XTEA_DECRYPT */ + { + uint32_t delta = 0x9E3779B9, sum = delta * 32; + + for( i = 0; i < 32; i++ ) + { + v1 -= (((v0 << 4) ^ (v0 >> 5)) + v0) ^ (sum + k[(sum>>11) & 3]); + sum -= delta; + v0 -= (((v1 << 4) ^ (v1 >> 5)) + v1) ^ (sum + k[sum & 3]); + } + } + + PUT_UINT32_BE( v0, output, 0 ); + PUT_UINT32_BE( v1, output, 4 ); + + return( 0 ); +} + +/* + * XTEA-CBC buffer encryption/decryption + */ +int xtea_crypt_cbc( xtea_context *ctx, + int mode, + size_t length, + unsigned char iv[8], + unsigned char *input, + unsigned char *output) +{ + int i; + unsigned char temp[8]; + + if(length % 8) + return( POLARSSL_ERR_XTEA_INVALID_INPUT_LENGTH ); + + if( mode == XTEA_DECRYPT ) + { + while( length > 0 ) + { + memcpy( temp, input, 8 ); + xtea_crypt_ecb( ctx, mode, input, output ); + + for(i = 0; i < 8; i++) + output[i] = (unsigned char)( output[i] ^ iv[i] ); + + memcpy( iv, temp, 8 ); + + input += 8; + output += 8; + length -= 8; + } + } + else + { + while( length > 0 ) + { + for( i = 0; i < 8; i++ ) + output[i] = (unsigned char)( input[i] ^ iv[i] ); + + xtea_crypt_ecb( ctx, mode, output, output ); + memcpy( iv, output, 8 ); + + input += 8; + output += 8; + length -= 8; + } + } + + return( 0 ); +} +#endif /* !POLARSSL_XTEA_ALT */ + +#if defined(POLARSSL_SELF_TEST) + +#include +#include + +/* + * XTEA tests vectors (non-official) + */ + +static const unsigned char xtea_test_key[6][16] = +{ + { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, + 0x0c, 0x0d, 0x0e, 0x0f }, + { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, + 0x0c, 0x0d, 0x0e, 0x0f }, + { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, + 0x0c, 0x0d, 0x0e, 0x0f }, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00 }, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00 }, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00 } +}; + +static const unsigned char xtea_test_pt[6][8] = +{ + { 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48 }, + { 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41 }, + { 0x5a, 0x5b, 0x6e, 0x27, 0x89, 0x48, 0xd7, 0x7f }, + { 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48 }, + { 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41 }, + { 0x70, 0xe1, 0x22, 0x5d, 0x6e, 0x4e, 0x76, 0x55 } +}; + +static const unsigned char xtea_test_ct[6][8] = +{ + { 0x49, 0x7d, 0xf3, 0xd0, 0x72, 0x61, 0x2c, 0xb5 }, + { 0xe7, 0x8f, 0x2d, 0x13, 0x74, 0x43, 0x41, 0xd8 }, + { 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41 }, + { 0xa0, 0x39, 0x05, 0x89, 0xf8, 0xb8, 0xef, 0xa5 }, + { 0xed, 0x23, 0x37, 0x5a, 0x82, 0x1a, 0x8c, 0x2d }, + { 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41, 0x41 } +}; + +/* + * Checkup routine + */ +int xtea_self_test( int verbose ) +{ + int i; + unsigned char buf[8]; + xtea_context ctx; + + for( i = 0; i < 6; i++ ) + { + if( verbose != 0 ) + printf( " XTEA test #%d: ", i + 1 ); + + memcpy( buf, xtea_test_pt[i], 8 ); + + xtea_setup( &ctx, (unsigned char *) xtea_test_key[i] ); + xtea_crypt_ecb( &ctx, XTEA_ENCRYPT, buf, buf ); + + if( memcmp( buf, xtea_test_ct[i], 8 ) != 0 ) + { + if( verbose != 0 ) + printf( "failed\n" ); + + return( 1 ); + } + + if( verbose != 0 ) + printf( "passed\n" ); + } + + if( verbose != 0 ) + printf( "\n" ); + + return( 0 ); +} + +#endif + +#endif diff --git a/polarssl/xtea.h b/polarssl/xtea.h new file mode 100644 index 0000000..eda7e44 --- /dev/null +++ b/polarssl/xtea.h @@ -0,0 +1,129 @@ +/** + * \file xtea.h + * + * \brief XTEA block cipher (32-bit) + * + * Copyright (C) 2006-2013, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef POLARSSL_XTEA_H +#define POLARSSL_XTEA_H + +#include "polarssl/config.h" + +#include + +#ifdef _MSC_VER +#include +typedef UINT32 uint32_t; +#else +#include +#endif + +#define XTEA_ENCRYPT 1 +#define XTEA_DECRYPT 0 + +#define POLARSSL_ERR_XTEA_INVALID_INPUT_LENGTH -0x0028 /**< The data input has an invalid length. */ + +#if !defined(POLARSSL_XTEA_ALT) +// Regular implementation +// + +/** + * \brief XTEA context structure + */ +typedef struct +{ + uint32_t k[4]; /*!< key */ +} +xtea_context; + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief XTEA key schedule + * + * \param ctx XTEA context to be initialized + * \param key the secret key + */ +void xtea_setup( xtea_context *ctx, unsigned char key[16] ); + +/** + * \brief XTEA cipher function + * + * \param ctx XTEA context + * \param mode XTEA_ENCRYPT or XTEA_DECRYPT + * \param input 8-byte input block + * \param output 8-byte output block + * + * \return 0 if successful + */ +int xtea_crypt_ecb( xtea_context *ctx, + int mode, + unsigned char input[8], + unsigned char output[8] ); + +/** + * \brief XTEA CBC cipher function + * + * \param ctx XTEA context + * \param mode XTEA_ENCRYPT or XTEA_DECRYPT + * \param length the length of input, multiple of 8 + * \param iv initialization vector for CBC mode + * \param input input block + * \param output output block + * + * \return 0 if successful, + * POLARSSL_ERR_XTEA_INVALID_INPUT_LENGTH if the length % 8 != 0 + */ +int xtea_crypt_cbc( xtea_context *ctx, + int mode, + size_t length, + unsigned char iv[8], + unsigned char *input, + unsigned char *output); + +#ifdef __cplusplus +} +#endif + +#else /* POLARSSL_XTEA_ALT */ +#include "polarssl/xtea_alt.h" +#endif /* POLARSSL_XTEA_ALT */ + +#ifdef __cplusplus +extern "C" { +#endif + +/** + * \brief Checkup routine + * + * \return 0 if successful, or 1 if the test failed + */ +int xtea_self_test( int verbose ); + +#ifdef __cplusplus +} +#endif + +#endif /* xtea.h */ diff --git a/romfs.c b/romfs.c new file mode 100644 index 0000000..e95b919 --- /dev/null +++ b/romfs.c @@ -0,0 +1,31 @@ +#include "lib.h" +#include "ncch.h" +#include "romfs.h" + +// RomFs Build Functions + +int ImportRomFsBinaryFromFile(ncch_settings *ncchset); + +int BuildRomFs(ncch_settings *ncchset) +{ + int result = 0; + if(ncchset->ComponentFilePtrs.romfs){ // The user has specified a pre-built RomFs Binary + result = ImportRomFsBinaryFromFile(ncchset); + return result; + } + + // Need to implement RomFs generation + + return result; +} + +int ImportRomFsBinaryFromFile(ncch_settings *ncchset) +{ + ncchset->Sections.RomFs.size = ncchset->ComponentFilePtrs.romfs_size; + ncchset->Sections.RomFs.buffer = malloc(ncchset->Sections.RomFs.size); + if(!ncchset->Sections.RomFs.buffer) {fprintf(stderr,"[ROMFS ERROR] MEM ERROR\n"); return MEM_ERROR;} + ReadFile_64(ncchset->Sections.RomFs.buffer,ncchset->Sections.RomFs.size,0,ncchset->ComponentFilePtrs.romfs); + return 0; +} + +// RomFs Read Functions \ No newline at end of file diff --git a/romfs.h b/romfs.h new file mode 100644 index 0000000..36f688f --- /dev/null +++ b/romfs.h @@ -0,0 +1,11 @@ +#ifndef _ROMFS_H_ +#define _ROMFS_H_ + + +#endif + +// RomFs Build Functions + +int BuildRomFs(ncch_settings *ncchset); + +// RomFs Read Functions \ No newline at end of file diff --git a/srl.h b/srl.h new file mode 100644 index 0000000..e4d1661 --- /dev/null +++ b/srl.h @@ -0,0 +1,96 @@ +#ifndef _SRL_H_ +#define _SRL_H_ + +typedef struct +{ + u8 game_title[0xC]; + u8 game_code[4]; + u8 maker_code[2]; + u8 unit_code; + u8 encryption_seed_select; + u8 device_capacity; + u8 reserved_0[9]; + u8 rom_version; + u8 internal_flag; + u8 arm9_rom_offset[4]; + u8 arm9_entry_address[4]; + u8 arm9_ram_address[4]; + u8 arm9_size[4]; + u8 arm7_rom_offset[4]; + u8 arm7_entry_address[4]; + u8 arm7_ram_address[4]; + u8 arm7_size[4]; + u8 fnt_offset[4]; + u8 fnt_size[4]; + u8 fat_offset[4]; + u8 fat_size[4]; + u8 arm9_overlay_offset[4]; + u8 arm9_overlay_size[4]; + u8 arm7_overlay_offset[4]; + u8 arm7_overlay_size[4]; + u8 normal_card_control_reg_settings[4]; + u8 secure_card_control_reg_settings[4]; + u8 icon_banner_offset[4]; + u8 secure_area_crc[2]; + u8 secure_transfer_timeout[2]; + u8 arm9_autoload[4]; + u8 arm7_autoload[4]; + u8 secure_disable[8]; + u8 ntr_rom_size[4]; + u8 header_size[4]; + u8 reserved_1[0x38]; + u8 nintendo_logo[0x9C]; + u8 nintendo_logo_crc[2]; + u8 header_crc[2]; + u8 debug_reserved[0x20]; + + //TWL Only Data + u8 config_settings[0x34]; + u8 access_control[4]; + u8 arm7_scfg_ext_mask[4]; + u8 reserved_flags[4]; + u8 arm9i_rom_offset[4]; + u8 reserved_2[4]; + u8 arm9i_load_address[4]; + u8 arm9i_size[4]; + u8 arm7i_rom_offset[4]; + u8 struct_param_base_address[4]; + u8 arm7i_load_address[4]; + u8 arm7i_size[4]; + u8 digest_ntr_region_offset[4]; + u8 digest_ntr_region_size[4]; + u8 digest_twl_region_offset[4]; + u8 digest_twl_region_size[4]; + u8 digest_sector_hashtable_offset[4]; + u8 digest_sector_hashtable_size[4]; + u8 digest_block_hashtable_offset[4]; + u8 digest_block_hashtable_size[4]; + u8 digest_sector_size[4]; + u8 digest_block_sectorcount[4]; + u8 reserved_3[8]; + u8 twl_rom_size[8]; + u8 unknown[8]; + u8 modcrypt_area_1_offset[4]; + u8 modcrypt_area_1_size[4]; + u8 modcrypt_area_2_offset[4]; + u8 modcrypt_area_2_size[4]; + u8 title_id[8]; + u8 pub_save_data_size[4]; + u8 priv_save_data_size[4]; + u8 reserved_4[0xC0]; + + // TWL and Signed NTR + u8 arm9_with_sec_area_sha1_hmac[0x14]; + u8 arm7_sha1_hmac[0x14]; + u8 digest_master_sha1_hmac[0x14]; + u8 banner_sha1_hmac[0x14]; + u8 arm9i_sha1_hmac[0x14]; + u8 arm7i_sha1_hmac[0x14]; + u8 reserved_5[0x28]; + u8 arm9_sha1_hmac[0x14]; + u8 reserved_6[0xA4C]; + u8 reserved_7[0x180]; + u8 signature[0x80]; +} SRL_Header; + +#endif \ No newline at end of file diff --git a/tik.c b/tik.c new file mode 100644 index 0000000..7b558be --- /dev/null +++ b/tik.c @@ -0,0 +1,89 @@ +#include "lib.h" +#include "cia.h" +#include "tik.h" + +// Private Prototypes +int SetupTicketBuffer(COMPONENT_STRUCT *tik); +int SetupTicketHeader(TicketStruct *hdr, cia_settings *ciaset); +int SignTicketHeader(TicketStruct *hdr, TicketSignatureStruct *sig, keys_struct *keys); +void SetUnknownTicketData(u8 *dest, u8 type); + + +int BuildTicket(cia_settings *ciaset) +{ + int result = 0; + result = SetupTicketBuffer(&ciaset->CIA_Sections.Ticket); + if(result) return result; + + // Setting Ticket Struct Ptrs + TicketSignatureStruct *sig = (TicketSignatureStruct*)ciaset->CIA_Sections.Ticket.buffer; + TicketStruct *hdr = (TicketStruct*)(ciaset->CIA_Sections.Ticket.buffer+sizeof(TicketSignatureStruct)); + + result = SetupTicketHeader(hdr,ciaset); + if(result) return result; + result = SignTicketHeader(hdr,sig,ciaset->keys); + return 0; +} + +int SetupTicketBuffer(COMPONENT_STRUCT *tik) +{ + tik->size = sizeof(TicketSignatureStruct) + sizeof(TicketStruct); + tik->buffer = malloc(tik->size); + if(!tik->buffer) { fprintf(stderr,"[ERROR] MEM ERROR\n"); return MEM_ERROR; } + memset(tik->buffer,0,tik->size); + return 0; +} + +int SetupTicketHeader(TicketStruct *hdr, cia_settings *ciaset) +{ + memset(hdr,0,sizeof(TicketStruct)); + + memcpy(hdr->Issuer,ciaset->tik.TicketIssuer,0x40); + hdr->TicketFormatVersion = ciaset->tik.ticket_format_ver; + hdr->ca_crl_version = ciaset->cert.ca_crl_version; + hdr->signer_crl_version = ciaset->cert.signer_crl_version; + CryptTitleKey(hdr->EncryptedTitleKey, ciaset->tik.TitleKey,ciaset->TitleID,ciaset->keys,ENC); + memcpy(hdr->TicketID,ciaset->tik.TicketID,8); + memcpy(hdr->DeviceID,ciaset->tik.DeviceID,8); + memcpy(hdr->TitleID,ciaset->TitleID,8); + memcpy(hdr->TicketVersion,ciaset->tik.TicketVersion,2); + hdr->CommonKeyID = ciaset->keys->aes.CurrentCommonKey; + SetUnknownTicketData(hdr->StaticData,ciaset->tik.UnknownDataType); + return 0; +} + +int SignTicketHeader(TicketStruct *hdr, TicketSignatureStruct *sig, keys_struct *keys) +{ + memset(sig,0,sizeof(TicketSignatureStruct)); + u32_to_u8(sig->sig_type,RSA_2048_SHA256,BE); + return ctr_sig((u8*)hdr,sizeof(TicketStruct),sig->data,keys->rsa.TIK_Pub,keys->rsa.TIK_Priv,RSA_2048_SHA256,CTR_RSA_SIGN); +} + +int CryptTitleKey(u8 *EncTitleKey, u8 *DecTitleKey, u8 *TitleID, keys_struct *keys, u8 mode) +{ + //Generating IV + u8 iv[16]; + memset(&iv,0x0,16); + memcpy(iv,TitleID,0x8); + + //Setting up Aes Context + ctr_aes_context ctx; + memset(&ctx,0x0,sizeof(ctr_aes_context)); + + //Crypting TitleKey + ctr_init_aes_cbc(&ctx,keys->aes.CommonKey[keys->aes.CurrentCommonKey],iv,mode); + if(mode == ENC) ctr_aes_cbc(&ctx,DecTitleKey,EncTitleKey,0x10,ENC); + else ctr_aes_cbc(&ctx,EncTitleKey,DecTitleKey,0x10,DEC); + + // Return + return 0; +} + +void SetUnknownTicketData(u8 *dest, u8 type) +{ + switch(type){ + case tik_normal: memcpy(dest,normal_static_ticket_data,0x30); break; + case tik_system: memcpy(dest,system_static_ticket_data,0x30); break; + case tik_test: memset(dest,0xff,0x30); break; + } +} diff --git a/tik.h b/tik.h new file mode 100644 index 0000000..f61b90e --- /dev/null +++ b/tik.h @@ -0,0 +1,86 @@ +#ifndef _TIK_H_ +#define _TIK_H_ + +static const unsigned char normal_static_ticket_data[0x30] = +{ + 0x00, 0x01, 0x00, 0x14, 0x00, 0x00, 0x00, 0xAC, + 0x00, 0x00, 0x00, 0x14, 0x00, 0x01, 0x00, 0x14, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x28, + 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x84, + 0x00, 0x00, 0x00, 0x84, 0x00, 0x03, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00 +}; + +static const unsigned char system_static_ticket_data[0x30] = +{ + 0x00, 0x01, 0x00, 0x14, 0x00, 0x00, 0x00, 0xAC, + 0x00, 0x00, 0x00, 0x14, 0x00, 0x01, 0x00, 0x14, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x28, + 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x84, + 0x00, 0x00, 0x00, 0x84, 0x00, 0x03, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x03, 0x00, 0x00, 0x00 +}; + +typedef enum +{ + lic_Permanent = 0, + lic_Demo = 1, + lic_Trial = 2, + lic_Rental = 3, + lic_Subscription = 4, + lic_Service = 5, + lic_Mask = 15 +} ticket_license_type; + +typedef enum +{ + right_Permanent = 1, + right_Subscription = 2, + right_Content = 3, + right_ContentConsumption = 4, + right_AccessTitle = 5 +} ticket_item_rights; + +typedef enum +{ + tik_normal = 1, + tik_system, + tik_test +} cia_type; + +typedef struct +{ + u8 sig_type[4]; + u8 data[0x100]; + u8 padding[0x3C]; +} TicketSignatureStruct; + +typedef struct +{ + u8 Issuer[0x40]; + u8 ECDH[0x3c]; + u8 TicketFormatVersion; + u8 ca_crl_version; + u8 signer_crl_version; + u8 EncryptedTitleKey[0x10]; + u8 unknown_0; + u8 TicketID[8]; + u8 DeviceID[4]; + u8 TitleID[8]; + u8 unknown_1[2]; + u8 TicketVersion[2]; + u8 unused_0[8]; + u8 unused_1; + u8 CommonKeyID; + u8 unused_2[0x2F]; + u8 unknown_2; + u8 unused_3[0x82]; + u8 StaticData[0x30]; + u8 unused_4[0x7C]; +} TicketStruct; + +#endif + +// Prototypes +int BuildTicket(cia_settings *ciaset); +int CryptTitleKey(u8 *EncTitleKey, u8 *DecTitleKey, u8 *TitleID, keys_struct *keys, u8 mode); \ No newline at end of file diff --git a/titleid.c b/titleid.c new file mode 100644 index 0000000..8740c69 --- /dev/null +++ b/titleid.c @@ -0,0 +1,241 @@ +#include "lib.h" +#include "ncch.h" +#include "titleid.h" + +u32 SetPIDCategoryFromName(char *Category); +u32 SetPIDCategoryFromFlags(char **CategoryFlags, u32 FlagNum); +u32 SetPIDCategoryFromFlag(u32 Category, u32 Flag, char *FlagName); +u32 SetPIDUniqueId(char *UniqueIdStr); +u16 SetTitleVariation(u16 Category, desc_settings *yaml_set); + +u64 ConvertTwlIdToCtrId(u64 pgid) +{ + return 0x0004800000000000 | (pgid & 0x00007FFFFFFFFFFF); +} + +int GetProgramID(u64 *dest, desc_settings *yaml, bool IsForExheader) +{ + if(yaml->DefaultSpec.TitleInfo.Category && yaml->DefaultSpec.TitleInfo.CategoryFlags){ + fprintf(stderr,"[ERROR] Can not set Cateory and CategoryFlags at the same time.\n"); + return PID_BAD_YAML_SET; + } + u16 Type = 0x0004; + u32 m_Category = 0; + u32 UniqueId = 0; + u16 m_Variation = 0; + + // Getting Category + if(yaml->DefaultSpec.TitleInfo.Category) + m_Category = SetPIDCategoryFromName(yaml->DefaultSpec.TitleInfo.Category); + else if(yaml->DefaultSpec.TitleInfo.CategoryFlags) + m_Category = SetPIDCategoryFromFlags(yaml->DefaultSpec.TitleInfo.CategoryFlags,yaml->DefaultSpec.TitleInfo.CategoryFlagsNum); + if(IsForExheader && yaml->DefaultSpec.TitleInfo.TargetCategory) + m_Category = SetPIDCategoryFromName(yaml->DefaultSpec.TitleInfo.TargetCategory); + if(m_Category == PID_INVALID_CATEGORY) // Error occured + return PID_BAD_YAML_SET; + + // Getting UniqueId + if(yaml->DefaultSpec.TitleInfo.UniqueId) UniqueId = SetPIDUniqueId(yaml->DefaultSpec.TitleInfo.UniqueId); + else UniqueId = 0xf7fff; + if(UniqueId == PID_INVALID_UNIQUE_ID) // Error occured + return PID_BAD_YAML_SET; + + m_Variation = SetTitleVariation(m_Category,yaml); + if(m_Variation == PID_INVALID_VARIATION) // Error occured + return PID_BAD_YAML_SET; + + u16 Category = (u16)m_Category; + u8 Variation = (u8)m_Variation; + + u64 ProgramID = 0; + ProgramID |= (u64)Variation<<0; + ProgramID |= (u64)UniqueId<<8; + ProgramID |= (u64)Category<<32; + ProgramID |= (u64)Type<<48; + + *dest = ProgramID; + + return 0; +} + +int GetUniqueID(u32 *dest, desc_settings *yaml) +{ + if(yaml->DefaultSpec.TitleInfo.UniqueId) *dest = SetPIDUniqueId(yaml->DefaultSpec.TitleInfo.UniqueId); + else *dest = 0xf7fff; + return 0; +} + +u32 SetPIDCategoryFromName(char *Category) +{ + if(strcmp(Category,"Application") == 0) return PROGRAM_ID_CATEGORY_APPLICATION; + else if(strcmp(Category,"SystemApplication") == 0) return PROGRAM_ID_CATEGORY_SYSTEM_APPLICATION; + else if(strcmp(Category,"Applet") == 0) return PROGRAM_ID_CATEGORY_APPLET; + else if(strcmp(Category,"Firmware") == 0) return PROGRAM_ID_CATEGORY_FIRMWARE; + else if(strcmp(Category,"Base") == 0) return PROGRAM_ID_CATEGORY_BASE; + else if(strcmp(Category,"DlpChild") == 0) return PROGRAM_ID_CATEGORY_DLP_CHILD; + else if(strcmp(Category,"Demo") == 0) return PROGRAM_ID_CATEGORY_DEMO; + else if(strcmp(Category,"Contents") == 0) return PROGRAM_ID_CATEGORY_CONTENTS; + else if(strcmp(Category,"SystemContents") == 0) return PROGRAM_ID_CATEGORY_SYSTEM_CONTENT; + else if(strcmp(Category,"SharedContents") == 0) return PROGRAM_ID_CATEGORY_SHARED_CONTENT; + else if(strcmp(Category,"AddOnContents") == 0) return PROGRAM_ID_CATEGORY_ADD_ON_CONTENTS; + else if(strcmp(Category,"Patch") == 0) return PROGRAM_ID_CATEGORY_PATCH; + else if(strcmp(Category,"AutoUpdateContents") == 0) return PROGRAM_ID_CATEGORY_AUTO_UPDATE_CONTENT; + else { + fprintf(stderr,"[ERROR] Invalid Category: %s\n",Category); + return PID_INVALID_CATEGORY; + } +} + +u32 SetPIDCategoryFromFlags(char **CategoryFlags, u32 FlagNum) +{ + u32 Category = 0; + for(u32 i = 0; i < FlagNum; i++){ + if(strcmp(CategoryFlags[i],"Normal") == 0) + Category = SetPIDCategoryFromFlag(Category,PROGRAM_ID_CATEGORY_FLAG_NORMAL,"Normal"); + else if(strcmp(CategoryFlags[i],"DlpChild") == 0) + Category = SetPIDCategoryFromFlag(Category,PROGRAM_ID_CATEGORY_FLAG_DLP_CHILD,"DlpChild"); + else if(strcmp(CategoryFlags[i],"Demo") == 0) + Category = SetPIDCategoryFromFlag(Category,PROGRAM_ID_CATEGORY_FLAG_DEMO,"Demo"); + else if(strcmp(CategoryFlags[i],"Contents") == 0) + Category = SetPIDCategoryFromFlag(Category,PROGRAM_ID_CATEGORY_FLAG_CONTENTS,"Contents"); + else if(strcmp(CategoryFlags[i],"AddOnContents") == 0) + Category = SetPIDCategoryFromFlag(Category,PROGRAM_ID_CATEGORY_FLAG_ADD_ON_CONTENTS,"AddOnContents"); + else if(strcmp(CategoryFlags[i],"Patch") == 0) + Category = SetPIDCategoryFromFlag(Category,PROGRAM_ID_CATEGORY_FLAG_PATCH,"Patch"); + else if(strcmp(CategoryFlags[i],"CannotExecution") == 0) + Category = SetPIDCategoryFromFlag(Category,PROGRAM_ID_CATEGORY_FLAG_CANNOT_EXECUTION,"CannotExecution"); + else if(strcmp(CategoryFlags[i],"System") == 0) + Category = SetPIDCategoryFromFlag(Category,PROGRAM_ID_CATEGORY_FLAG_SYSTEM,"System"); + else if(strcmp(CategoryFlags[i],"RequireBatchUpdate") == 0) + Category = SetPIDCategoryFromFlag(Category,PROGRAM_ID_CATEGORY_FLAG_REQUIRE_BATCH_UPDATE,"RequireBatchUpdate"); + else if(strcmp(CategoryFlags[i],"NotRequireUserApproval") == 0) + Category = SetPIDCategoryFromFlag(Category,PROGRAM_ID_CATEGORY_FLAG_NOT_REQUIRE_USER_APPROVAL,"NotRequireUserApproval"); + else if(strcmp(CategoryFlags[i],"NotRequireRightForMount") == 0) + Category = SetPIDCategoryFromFlag(Category,PROGRAM_ID_CATEGORY_FLAG_NOT_REQUIRE_RIGHT_FOR_MOUNT,"NotRequireRightForMount"); + else if(strcmp(CategoryFlags[i],"CanSkipConvertJumpId") == 0) + Category = SetPIDCategoryFromFlag(Category,PROGRAM_ID_CATEGORY_FLAG_CAN_SKIP_CONVERT_JUMP_ID,"CanSkipConvertJumpId"); + + else { + fprintf(stderr,"[ERROR] Invalid CategoryFlag: %s\n",CategoryFlags[i]); + return PID_INVALID_CATEGORY; + } + + if(Category == PID_INVALID_CATEGORY) return PID_INVALID_CATEGORY; + } + return Category; +} + +u32 SetPIDCategoryFromFlag(u32 Category, u32 Flag, char *FlagName) +{ + if(!Flag) return Category; + if((Category & Flag) == Flag){ + fprintf(stderr,"[ERROR] Failed to set '%s' for category. CategoryFlag was already set.\n",FlagName); + return PID_INVALID_CATEGORY; + } + return Category |= Flag; +} + +u32 SetPIDUniqueId(char *UniqueIdStr) +{ + u32 UniqueId = strtoul(UniqueIdStr,NULL,0); + if(UniqueId > 0xffffff) return PID_INVALID_UNIQUE_ID; + return UniqueId; +} + +u16 SetTitleVariation(u16 Category, desc_settings *yaml_set) +{ + if(IsDemo(Category)){ + if(yaml_set->DefaultSpec.TitleInfo.DemoIndex){ + u16 DemoIndex = strtol(yaml_set->DefaultSpec.TitleInfo.DemoIndex,NULL,10); + if(DemoIndex > 255 || DemoIndex == 0){ + fprintf(stderr,"[ERROR] Invalid demo index '%d'\n",DemoIndex); + return PID_INVALID_VARIATION; + } + return DemoIndex; + } + else{ + fprintf(stderr,"[ERROR] ParameterNotFound: 'TitleInfo/DemoIndex'\n"); + return PID_INVALID_VARIATION; + } + } + + else if(IsDlpChild(Category)){ + if(yaml_set->DefaultSpec.TitleInfo.ChildIndex){ + u16 ChildIndex = strtol(yaml_set->DefaultSpec.TitleInfo.ChildIndex,NULL,10); + if(ChildIndex > 255){ + fprintf(stderr,"[ERROR] Invalid child index '%d'\n",ChildIndex); + return PID_INVALID_VARIATION; + } + return ChildIndex; + } + else + return 0; + } + else if(IsAddOnContent(Category)){ + if(yaml_set->DefaultSpec.TitleInfo.Variation){ + u16 DataTitleIndex = strtol(yaml_set->DefaultSpec.TitleInfo.Variation,NULL,10); + if(DataTitleIndex > 255){ + fprintf(stderr,"[ERROR] Invalid variation '%d'\n",DataTitleIndex); + return PID_INVALID_VARIATION; + } + return DataTitleIndex; + } + else + return 0; + } + else if(IsContents(Category)){ + if(yaml_set->DefaultSpec.TitleInfo.ContentsIndex){ + u16 ContentsIndex = strtol(yaml_set->DefaultSpec.TitleInfo.ContentsIndex,NULL,10); + if(ContentsIndex > 255){ + fprintf(stderr,"[ERROR] Invalid content index '%d'\n",ContentsIndex); + return PID_INVALID_VARIATION; + } + return ContentsIndex; + } + else + return 0; + } + else{ + if(yaml_set->DefaultSpec.TitleInfo.Version){ + u16 Version = strtol(yaml_set->DefaultSpec.TitleInfo.Version,NULL,10); + if(Version > 255){ + fprintf(stderr,"[ERROR] Invalid version '%d'\n",Version); + return PID_INVALID_VARIATION; + } + return Version; + } + else + return 0; + } + return PID_INVALID_VARIATION; +} + +bool IsDemo(u16 Category) +{ + return Category == PROGRAM_ID_CATEGORY_DEMO; +} + +bool IsSystem(u16 Category) +{ + return (Category & PROGRAM_ID_CATEGORY_FLAG_SYSTEM) == PROGRAM_ID_CATEGORY_FLAG_SYSTEM; +} + +bool IsDlpChild(u16 Category) +{ + return Category == PROGRAM_ID_CATEGORY_DLP_CHILD; +} + +bool IsPatch(u16 Category) +{ + return Category == PROGRAM_ID_CATEGORY_PATCH; +} + +bool IsContents(u16 Category) +{ + return (Category & PROGRAM_ID_CATEGORY_FLAG_CONTENTS) == PROGRAM_ID_CATEGORY_FLAG_CONTENTS; +} + +bool IsAddOnContent(u16 Category) +{ + return Category == PROGRAM_ID_CATEGORY_ADD_ON_CONTENTS; +} \ No newline at end of file diff --git a/titleid.h b/titleid.h new file mode 100644 index 0000000..943cf02 --- /dev/null +++ b/titleid.h @@ -0,0 +1,99 @@ +#ifndef _TITLEID_H_ +#define _TITLEID_H_ + +typedef enum +{ + PID_BAD_YAML_SET = -1, + PID_INVALID_CATEGORY = 0x10000, + PID_INVALID_UNIQUE_ID = 0x1000000, + PID_INVALID_VARIATION = 0x100, +} Pid_Errors; + +typedef enum +{ + PROGRAM_ID_CATEGORY_FLAG_NORMAL = 0x0000, + PROGRAM_ID_CATEGORY_FLAG_DLP_CHILD = 0x0001, + PROGRAM_ID_CATEGORY_FLAG_DEMO = 0x0002, + PROGRAM_ID_CATEGORY_FLAG_CONTENTS = 0x0003, + PROGRAM_ID_CATEGORY_FLAG_ADD_ON_CONTENTS = 0x0004, + PROGRAM_ID_CATEGORY_FLAG_PATCH = 0x0006, + PROGRAM_ID_CATEGORY_FLAG_CANNOT_EXECUTION = 0x0008, + PROGRAM_ID_CATEGORY_FLAG_SYSTEM = 0x0010, + PROGRAM_ID_CATEGORY_FLAG_REQUIRE_BATCH_UPDATE = 0x0020, + PROGRAM_ID_CATEGORY_FLAG_NOT_REQUIRE_USER_APPROVAL = 0x0040, + PROGRAM_ID_CATEGORY_FLAG_NOT_REQUIRE_RIGHT_FOR_MOUNT = 0x0080, + PROGRAM_ID_CATEGORY_FLAG_CAN_SKIP_CONVERT_JUMP_ID = 0x0100, + PROGRAM_ID_CATEGORY_FLAG_TWL = 0x8000, +} ProgramIdCategoryFlag; + +typedef enum +{ + PROGRAM_ID_CATEGORY_APPLICATION = ( PROGRAM_ID_CATEGORY_FLAG_NORMAL ), + + PROGRAM_ID_CATEGORY_DLP_CHILD = ( PROGRAM_ID_CATEGORY_FLAG_DLP_CHILD ), + + PROGRAM_ID_CATEGORY_DEMO = ( PROGRAM_ID_CATEGORY_FLAG_DEMO ), + + PROGRAM_ID_CATEGORY_CONTENTS = ( PROGRAM_ID_CATEGORY_FLAG_CONTENTS ), + + PROGRAM_ID_CATEGORY_PATCH = ( PROGRAM_ID_CATEGORY_FLAG_CANNOT_EXECUTION + | PROGRAM_ID_CATEGORY_FLAG_PATCH), + + PROGRAM_ID_CATEGORY_ADD_ON_CONTENTS = ( PROGRAM_ID_CATEGORY_FLAG_ADD_ON_CONTENTS + | PROGRAM_ID_CATEGORY_FLAG_CANNOT_EXECUTION + | PROGRAM_ID_CATEGORY_FLAG_NOT_REQUIRE_RIGHT_FOR_MOUNT ), + + PROGRAM_ID_CATEGORY_FIRMWARE = ( PROGRAM_ID_CATEGORY_FLAG_NORMAL + | PROGRAM_ID_CATEGORY_FLAG_CANNOT_EXECUTION + | PROGRAM_ID_CATEGORY_FLAG_SYSTEM + | PROGRAM_ID_CATEGORY_FLAG_REQUIRE_BATCH_UPDATE + | PROGRAM_ID_CATEGORY_FLAG_CAN_SKIP_CONVERT_JUMP_ID ), + + + PROGRAM_ID_CATEGORY_BASE = ( PROGRAM_ID_CATEGORY_FLAG_NORMAL + | PROGRAM_ID_CATEGORY_FLAG_SYSTEM + | PROGRAM_ID_CATEGORY_FLAG_REQUIRE_BATCH_UPDATE + | PROGRAM_ID_CATEGORY_FLAG_CAN_SKIP_CONVERT_JUMP_ID ), + + + PROGRAM_ID_CATEGORY_APPLET = ( PROGRAM_ID_CATEGORY_FLAG_NORMAL + | PROGRAM_ID_CATEGORY_FLAG_SYSTEM + | PROGRAM_ID_CATEGORY_FLAG_REQUIRE_BATCH_UPDATE ), + + + PROGRAM_ID_CATEGORY_SYSTEM_APPLICATION = ( PROGRAM_ID_CATEGORY_FLAG_NORMAL + | PROGRAM_ID_CATEGORY_FLAG_SYSTEM ), + + + PROGRAM_ID_CATEGORY_SYSTEM_CONTENT = ( PROGRAM_ID_CATEGORY_FLAG_CONTENTS + | PROGRAM_ID_CATEGORY_FLAG_CANNOT_EXECUTION + | PROGRAM_ID_CATEGORY_FLAG_SYSTEM ), + + + PROGRAM_ID_CATEGORY_SHARED_CONTENT = ( PROGRAM_ID_CATEGORY_FLAG_CONTENTS + | PROGRAM_ID_CATEGORY_FLAG_CANNOT_EXECUTION + | PROGRAM_ID_CATEGORY_FLAG_SYSTEM + | PROGRAM_ID_CATEGORY_FLAG_NOT_REQUIRE_RIGHT_FOR_MOUNT ), + + + PROGRAM_ID_CATEGORY_AUTO_UPDATE_CONTENT = ( PROGRAM_ID_CATEGORY_FLAG_CONTENTS + | PROGRAM_ID_CATEGORY_FLAG_CANNOT_EXECUTION + | PROGRAM_ID_CATEGORY_FLAG_SYSTEM + | PROGRAM_ID_CATEGORY_FLAG_NOT_REQUIRE_USER_APPROVAL + | PROGRAM_ID_CATEGORY_FLAG_NOT_REQUIRE_RIGHT_FOR_MOUNT ), + +} ProgramIdCategory; + +#endif + +u64 ConvertTwlIdToCtrId(u64 pgid); + +int GetProgramID(u64 *dest, desc_settings *yaml, bool IsForExheader); +int GetUniqueID(u32 *dest, desc_settings *yaml); + +bool IsDemo(u16 Category); +bool IsSystem(u16 Category); +bool IsDlpChild(u16 Category); +bool IsPatch(u16 Category); +bool IsContents(u16 Category); +bool IsAddOnContent(u16 Category); diff --git a/tmd.c b/tmd.c new file mode 100644 index 0000000..2dadf12 --- /dev/null +++ b/tmd.c @@ -0,0 +1,92 @@ +#include "lib.h" +#include "cia.h" +#include "tmd.h" + +// Private Prototypes +int SetupTMDBuffer(COMPONENT_STRUCT *tik); +int SetupTMDHeader(TMD_Struct *hdr, TMD_CONTENT_INFO_RECORD *info_record, cia_settings *ciaset); +int SignTMDHeader(TMD_Struct *hdr, TMD_SignatureStruct *sig, keys_struct *keys); +int SetupTMDInfoRecord(TMD_CONTENT_INFO_RECORD *info_record, u8 *content_record, u16 ContentCount); +int SetupTMDContentRecord(u8 *content_record, cia_settings *ciaset); + +u32 PredictTMDSize(u16 ContentCount) +{ + return sizeof(TMD_SignatureStruct) + sizeof(TMD_Struct) + sizeof(TMD_CONTENT_INFO_RECORD)*64 + sizeof(TMD_CONTENT_CHUNK_STRUCT)*ContentCount; +} + +int BuildTMD(cia_settings *ciaset) +{ + int result = 0; + result = SetupTMDBuffer(&ciaset->CIA_Sections.TitleMetaData); + if(result) return result; + + // Setting TMD Struct Ptrs + TMD_SignatureStruct *sig = (TMD_SignatureStruct*)ciaset->CIA_Sections.TitleMetaData.buffer; + TMD_Struct *hdr = (TMD_Struct*)(ciaset->CIA_Sections.TitleMetaData.buffer+sizeof(TMD_SignatureStruct)); + TMD_CONTENT_INFO_RECORD *info_record = (TMD_CONTENT_INFO_RECORD*)(ciaset->CIA_Sections.TitleMetaData.buffer+sizeof(TMD_SignatureStruct)+sizeof(TMD_Struct)); + u8 *content_record = (u8*)(ciaset->CIA_Sections.TitleMetaData.buffer+sizeof(TMD_SignatureStruct)+sizeof(TMD_Struct)+sizeof(TMD_CONTENT_INFO_RECORD)*64); + + + SetupTMDContentRecord(content_record,ciaset); + SetupTMDInfoRecord(info_record,content_record,ciaset->content.ContentCount); + result = SetupTMDHeader(hdr,info_record,ciaset); + if(result) return result; + result = SignTMDHeader(hdr,sig,ciaset->keys); + return 0; +} + +int SetupTMDBuffer(COMPONENT_STRUCT *tmd) +{ + tmd->buffer = malloc(tmd->size); // already set before + if(!tmd->buffer) { fprintf(stderr,"[ERROR] MEM ERROR\n"); return MEM_ERROR; } + memset(tmd->buffer,0,tmd->size); + return 0; +} + +int SetupTMDHeader(TMD_Struct *hdr, TMD_CONTENT_INFO_RECORD *info_record, cia_settings *ciaset) +{ + memset(hdr,0,sizeof(TMD_Struct)); + + memcpy(hdr->Issuer,ciaset->tmd.TMDIssuer,0x40); + hdr->TMDFormatVersion = ciaset->tmd.tmd_format_ver; + hdr->ca_crl_version = ciaset->cert.ca_crl_version; + hdr->signer_crl_version = ciaset->cert.signer_crl_version; + memcpy(hdr->TitleID,ciaset->TitleID,8); + memcpy(hdr->TitleType,ciaset->Title_type,4); + memcpy(hdr->SaveDataSize,ciaset->tmd.SaveDataSize,4); + memcpy(hdr->PrivSaveDataSize,ciaset->tmd.PrivSaveDataSize,4); + hdr->TWL_Flag = ciaset->tmd.twl_flag; + memcpy(hdr->TitleVersion,ciaset->tmd.TitleVersion,2); + u16_to_u8(hdr->ContentCount,ciaset->content.ContentCount,BE); + ctr_sha(info_record,sizeof(TMD_CONTENT_INFO_RECORD)*64,hdr->sha_256_hash,CTR_SHA_256); + return 0; +} + +int SignTMDHeader(TMD_Struct *hdr, TMD_SignatureStruct *sig, keys_struct *keys) +{ + memset(sig,0,sizeof(TMD_SignatureStruct)); + u32_to_u8(sig->sig_type,RSA_2048_SHA256,BE); + return ctr_sig((u8*)hdr,sizeof(TMD_Struct),sig->data,keys->rsa.TMD_Pub,keys->rsa.TMD_Priv,RSA_2048_SHA256,CTR_RSA_SIGN); +} + +int SetupTMDInfoRecord(TMD_CONTENT_INFO_RECORD *info_record, u8 *content_record, u16 ContentCount) +{ + memset(info_record,0x0,sizeof(TMD_CONTENT_INFO_RECORD)*0x40); + u16_to_u8(info_record->content_index_offset,0x0,BE); + u16_to_u8(info_record->content_command_count,ContentCount,BE); + ctr_sha(content_record,sizeof(TMD_CONTENT_CHUNK_STRUCT)*ContentCount,info_record->sha_256_hash,CTR_SHA_256); + return 0; +} + +int SetupTMDContentRecord(u8 *content_record, cia_settings *ciaset) +{ + for(int i = 0; i < ciaset->content.ContentCount; i++){ + TMD_CONTENT_CHUNK_STRUCT *ptr = (TMD_CONTENT_CHUNK_STRUCT*)(content_record+sizeof(TMD_CONTENT_CHUNK_STRUCT)*i); + u32_to_u8(ptr->content_id,ciaset->content.ContentId[i],BE); + u16_to_u8(ptr->content_index,ciaset->content.ContentIndex[i],BE); + u16_to_u8(ptr->content_type,ciaset->content.ContentType[i],BE); + u64_to_u8(ptr->content_size,ciaset->content.ContentSize[i],BE); + memcpy(ptr->sha_256_hash,ciaset->content.ContentHash[i],0x20); + } + return 0; +} \ No newline at end of file diff --git a/tmd.h b/tmd.h new file mode 100644 index 0000000..4394c68 --- /dev/null +++ b/tmd.h @@ -0,0 +1,68 @@ +#ifndef _TMD_H_ +#define _TMD_H_ + +typedef enum +{ + TYPE_CTR = 0x40, + TYPE_DATA = 0x8 +} title_type; + +typedef enum +{ + Encrypted = 0x0001, + Optional = 0x4000, + Shared = 0x8000 +} content_types; + +typedef struct +{ + u8 content_id[4]; + u8 content_index[2]; + u8 content_type[2]; + u8 content_size[8]; + u8 sha_256_hash[0x20]; +} TMD_CONTENT_CHUNK_STRUCT; + +typedef struct +{ + u8 content_index_offset[2]; + u8 content_command_count[2]; + u8 sha_256_hash[0x20]; +} TMD_CONTENT_INFO_RECORD; + +typedef struct +{ + u8 sig_type[4]; + u8 data[0x100]; + u8 padding[0x3C]; +} TMD_SignatureStruct; + +typedef struct +{ + u8 Issuer[0x40]; + u8 TMDFormatVersion; + u8 ca_crl_version; + u8 signer_crl_version; + u8 padding_1; + u8 SystemVersion[8]; + u8 TitleID[8]; + u8 TitleType[4]; + u8 GroupID[2]; + u8 SaveDataSize[4]; + u8 PrivSaveDataSize[4]; // Zero for CXI Content0 + u8 Reserved_0[4]; + u8 TWL_Flag; // Zero for CXI Content0 + u8 Reserved_1[0x31]; + u8 AccessRights[4]; + u8 TitleVersion[2]; + u8 ContentCount[2]; + u8 BootContent[2]; + u8 Padding[2]; + u8 sha_256_hash[0x20]; +} TMD_Struct; + +#endif + +// Prototypes +u32 PredictTMDSize(u16 ContentCount); +int BuildTMD(cia_settings *ciaset); \ No newline at end of file diff --git a/types.h b/types.h new file mode 100644 index 0000000..8c4123d --- /dev/null +++ b/types.h @@ -0,0 +1,39 @@ +#include +#include +//Bools +typedef enum +{ + Good, + Fail +} return_basic; + +typedef enum +{ + MEM_ERROR = -1, + FAILED_TO_OPEN_FILE = -2, + FAILED_TO_IMPORT_FILE = -3, + FAILED_TO_CREATE_OUTFILE = -4, +} global_errors; + +typedef enum +{ + BE = 0, + LE = 1 +} endianness_flag; + +typedef enum +{ + KB = 1024, + MB = 1048576, + GB = 1073741824 +} file_unit_size; + +typedef unsigned char u8; +typedef unsigned short u16; +typedef unsigned int u32; +typedef unsigned long long u64; + +typedef signed char s8; +typedef signed short s16; +typedef signed int s32; +typedef signed long long s64; diff --git a/usersettings.c b/usersettings.c new file mode 100644 index 0000000..6a3110d --- /dev/null +++ b/usersettings.c @@ -0,0 +1,908 @@ +#include "lib.h" + +// Private Prototypes +void DisplayHelp(char *app_name); +void SetDefaults(user_settings *set); +int SetArgument(int argc, int i, char *argv[], user_settings *set); +int CheckArgumentCombination(user_settings *set); +void PrintNeedsArgument(char *arg); +void PrintArgumentInvalid(char *arg); +void PrintNeedsParam(char *arg); +void PrintNoNeedParam(char *arg); + +int ParseArgs(int argc, char *argv[], user_settings *usr_settings) +{ + if(argv == NULL || usr_settings == NULL) + return USR_PTR_PASS_FAIL; + + if(argc < 2){ + DisplayHelp(argv[0]); + return USR_HELP; + } + + // Detecting Help Requried + for(int i = 1; i < argc; i++){ + if(strcmp(argv[i],"-help") == 0){ + DisplayHelp(argv[0]); + return USR_HELP; + } + } + + // Allocating Memory for Content Path Ptrs + usr_settings->ContentPath = malloc(CIA_MAX_CONTENT*sizeof(char*)); + if(usr_settings->ContentPath == NULL){ + fprintf(stderr,"[ERROR] MEM ERROR\n"); + return USR_MEM_ERROR; + } + memset(usr_settings->ContentPath,0,CIA_MAX_CONTENT*sizeof(char*)); + + // Setting Defaults + SetDefaults(usr_settings); + + // Initialise Keys + InitKeys(&usr_settings->keys); + + // Reading Arguments + int set_result; + int i = 1; + while(i < argc){ + set_result = SetArgument(argc,i,argv,usr_settings); + if(set_result < 1){ + fprintf(stderr,"[RESULT] Invalid arguments, see '%s -help'\n",argv[0]); + return set_result; + } + i += set_result; + } + + set_result = CheckArgumentCombination(usr_settings); + if(set_result) return set_result; + + if(!usr_settings->outfile){ + char *source_path = NULL; + if(usr_settings->IsBuildingNCCH0) source_path = usr_settings->rsf_path; + else if(usr_settings->Content0IsCci) source_path = usr_settings->CciPath; + else if(usr_settings->Content0IsSrl) source_path = usr_settings->SrlPath; + else source_path = usr_settings->ContentPath[0]; + u16 outfile_len = strlen(source_path) + 3; + usr_settings->outfile = malloc(outfile_len); + if(!usr_settings->outfile){ + fprintf(stderr,"[ERROR] MEM ERROR\n"); + return USR_MEM_ERROR; + } + usr_settings->outfile_mallocd = true; + append_filextention(usr_settings->outfile,outfile_len,source_path,(char*)&output_extention[usr_settings->out_format-1]); + } + return 0; +} + +void SetDefaults(user_settings *set) +{ + // Build NCCH Info + set->IsBuildingNCCH0 = true; + #ifdef RETAIL_FSIGN + set->accessdesc = auto_gen; + #else + set->accessdesc = use_desc_file; + #endif + set->include_exefs_logo = false; + set->out_format = CXI; + set->build_ncch_type = format_not_set; + + // Content0 Info + set->Content0IsNcch = true; + set->Content0IsCci = false; + set->Content0IsSrl = false; + + set->Version[0] = 0xffff; + + // CCI Info + set->GenSDKCardInfoHeader = false; + set->OmitImportedNcchHdr = false; + + // CIA Info + set->EncryptContents = false; + set->RandomTitleKey = false; + for(int i = 0; i < CIA_MAX_CONTENT; i++){ + set->ContentID[i] = 0x100000000; + } +} + +int SetArgument(int argc, int i, char *argv[], user_settings *set) +{ + bool IsLastArg = (i >= (argc -1)); + bool HasParam = false; + if(!IsLastArg){ + if(argv[i+1][0] != '-') HasParam = true; + } + + if(strcmp(argv[i],"-elf") == 0){ + if(!HasParam){ + PrintNeedsParam("-elf"); + return USR_ARG_REQ_PARAM; + } + set->elf_path = argv[i+1]; + return 2; + } + else if(strcmp(argv[i],"-rsf") == 0){ + if(!HasParam){ + PrintNeedsParam("-rsf"); + return USR_ARG_REQ_PARAM; + } + set->rsf_path = argv[i+1]; + return 2; + } + else if(strcmp(argv[i],"-desc") == 0){ + if(!HasParam){ + PrintNeedsParam("-desc"); + return USR_ARG_REQ_PARAM; + } + set->desc_path = argv[i+1]; + return 2; + } + else if(strcmp(argv[i],"-icon") == 0){ + if(!HasParam){ + PrintNeedsParam("-icon"); + return USR_ARG_REQ_PARAM; + } + set->icon_path = argv[i+1]; + return 2; + } + else if(strcmp(argv[i],"-banner") == 0){ + if(!HasParam){ + PrintNeedsParam("-banner"); + return USR_ARG_REQ_PARAM; + } + set->banner_path = argv[i+1]; + return 2; + } + else if(strcmp(argv[i],"-logo") == 0){ + if(!HasParam){ + PrintNeedsParam("-logo"); + return USR_ARG_REQ_PARAM; + } + set->logo_path = argv[i+1]; + return 2; + } + else if(strcmp(argv[i],"-o") == 0){ + if(!HasParam){ + PrintNeedsParam("-o"); + return USR_ARG_REQ_PARAM; + } + set->outfile = argv[i+1]; + set->outfile_mallocd = false; + return 2; + } + #ifdef PRIVATE_BUILD + else if(strcmp(argv[i],"-exheader") == 0){ + if(!HasParam){ + PrintNeedsParam("-exheader"); + return USR_ARG_REQ_PARAM; + } + set->exheader_path = argv[i+1]; + return 2; + } + else if(strcmp(argv[i],"-code") == 0){ + if(!HasParam){ + PrintNeedsParam("-code"); + return USR_ARG_REQ_PARAM; + } + set->exefs_code_path = argv[i+1]; + return 2; + } + else if(strcmp(argv[i],"-romfs") == 0){ + if(!HasParam){ + PrintNeedsParam("-romfs"); + return USR_ARG_REQ_PARAM; + } + set->romfs_path = argv[i+1]; + return 2; + } + else if(strcmp(argv[i],"-plain-region") == 0){ + if(!HasParam){ + PrintNeedsParam("-plain-region"); + return USR_ARG_REQ_PARAM; + } + set->plain_region_path = argv[i+1]; + return 2; + } + else if(strcmp(argv[i],"-cci") == 0){ + if(!HasParam){ + PrintNeedsParam("-cci"); + return USR_ARG_REQ_PARAM; + } + set->Content0IsCci = true; + set->Content0IsSrl = false; + set->Content0IsNcch = false; + set->IsBuildingNCCH0 = false; + set->out_format = CIA; + set->CciPath = argv[i+1]; + return 2; + } + else if(strcmp(argv[i],"-srl") == 0){ + if(!HasParam){ + PrintNeedsParam("-srl"); + return USR_ARG_REQ_PARAM; + } + set->Content0IsCci = false; + set->Content0IsSrl = true; + set->Content0IsNcch = false; + set->IsBuildingNCCH0 = false; + set->out_format = CIA; + set->SrlPath = argv[i+1]; + return 2; + + } + else if(strcmp(argv[i],"-devcardcci") == 0){ + if(HasParam){ + PrintNoNeedParam("-devcardcci"); + return USR_BAD_ARG; + } + set->GenSDKCardInfoHeader = true; + return 1; + } + else if(strcmp(argv[i],"-omitncchhdr") == 0){ + if(HasParam){ + PrintNoNeedParam("-omitncchhdr"); + return USR_BAD_ARG; + } + set->OmitImportedNcchHdr = true; + return 1; + } + #endif + else if(strcmp(argv[i],"-f") == 0){ + if(!HasParam){ + PrintNeedsParam("-f"); + return USR_ARG_REQ_PARAM; + } + if(strcasecmp(argv[i+1],"cxi") == 0 || strcasecmp(argv[i+1],"exec") == 0 ) set->out_format = CXI; + else if(strcasecmp(argv[i+1],"cfa") == 0 || strcasecmp(argv[i+1],"data") == 0 ) set->out_format = CFA; + else if(strcasecmp(argv[i+1],"cci") == 0 || strcasecmp(argv[i+1],"card") == 0 ) set->out_format = CCI; + else if(strcasecmp(argv[i+1],"cia") == 0) set->out_format = CIA; + else { + fprintf(stderr,"[-] Invalid output format '%s'\n",argv[i+1]); + return USR_BAD_ARG; + } + return 2; + } + else if(strcmp(argv[i],"-ncch") == 0){ + if(!HasParam){ + PrintNeedsParam("-ncch"); + return USR_ARG_REQ_PARAM; + } + if(strcasecmp(argv[i+1],"cxi") == 0) set->build_ncch_type = CXI; + else if(strcasecmp(argv[i+1],"cfa") == 0) set->build_ncch_type = CFA; + else { + fprintf(stderr,"[-] Invalid ncch type '%s'\n",argv[i+1]); + return USR_BAD_ARG; + } + return 2; + } + #ifdef RETAIL_FSIGN + else if(strcmp(argv[i],"-sysfixedkey") == 0){ + if(!HasParam){ + PrintNeedsParam("-sysfixedkey"); + return USR_ARG_REQ_PARAM; + } + if(strlen(argv[i+1]) != 32) { + fprintf(stderr,"[ERROR] Invalid SystemFixedKey '%s'\n",argv[i+1]); + return USR_BAD_ARG; + } + u8 *key = malloc(16); + if(!key){ + fprintf(stderr,"[ERROR] MEM ERROR\n"); + return USR_MEM_ERROR; + } + char_to_u8_array(key,argv[i+1],16,BE,16); + SetSystemFixedKey(&set->keys,key); + free(key); + return 2; + } + else if(strcmp(argv[i],"-commonkey") == 0){ + if(!HasParam){ + PrintNeedsParam("-commonkey"); + return USR_ARG_REQ_PARAM; + } + if(strlen(argv[i+1]) != 32) { + fprintf(stderr,"[ERROR] Invalid CommonKey '%s'\n",argv[i+1]); + return USR_BAD_ARG; + } + u8 *key = malloc(16); + if(!key){ + fprintf(stderr,"[ERROR] MEM ERROR\n"); + return USR_MEM_ERROR; + } + char_to_u8_array(key,argv[i+1],16,BE,16); + + if(i+2 < argc){ + u8 id = strtol(argv[i+2],NULL,10); + SetCommonKey(&set->keys,key,id); + SetCurrentCommonKey(&set->keys,id); + } + else SetCommonKey(&set->keys,key,0); + SetCurrentCommonKey(&set->keys,0); + free(key); + return 2; + } + #else + else if(strcmp(argv[i],"-accessdesc") == 0){ + if(!HasParam){ + PrintNeedsParam("-accessdesc"); + return USR_ARG_REQ_PARAM; + } + + if(strcasecmp(argv[i+1],"usedesc") == 0) set->accessdesc = use_desc_file; + else if(strcasecmp(argv[i+1],"autogen") == 0 || strcasecmp(argv[i+1],"auto") == 0) set->accessdesc = auto_gen; + else if(strcasecmp(argv[i+1],"app") == 0) set->accessdesc = app; + else if(strcasecmp(argv[i+1],"demo") == 0) set->accessdesc = demo; + else if(strcasecmp(argv[i+1],"dlpchild") == 0 || strcasecmp(argv[i+1],"dlp") == 0) set->accessdesc = dlp; + else{ + fprintf(stderr,"[-] Accessdesc pre-set '%s' not recognised\n",argv[i+1]); + return USR_BAD_ARG; + } + return 2; + } + #endif + else if(strcmp(argv[i],"-exefslogo") == 0){ + if(HasParam){ + PrintNoNeedParam("-exefslogo"); + return USR_BAD_ARG; + } + set->include_exefs_logo = true; + return 1; + } + else if(strcmp(argv[i],"-rand") == 0){ + if(HasParam){ + PrintNoNeedParam("-rand"); + return USR_BAD_ARG; + } + set->RandomTitleKey = true; + return 1; + } + else if(strcmp(argv[i],"-encryptcia") == 0){ + if(HasParam){ + PrintNoNeedParam("-encryptcia"); + return USR_BAD_ARG; + } + set->EncryptContents = true; + return 1; + } + else if(strcmp(argv[i],"-major") == 0){ + if(!HasParam){ + PrintNeedsParam("-major"); + return USR_ARG_REQ_PARAM; + } + u32 tmp = strtoul(argv[i+1],NULL,10); + set->Version[0] = tmp > 63 ? 63 : tmp; + return 2; + } + else if(strcmp(argv[i],"-minor") == 0){ + if(!HasParam){ + PrintNeedsParam("-minor"); + return USR_ARG_REQ_PARAM; + } + u32 tmp = strtoul(argv[i+1],NULL,10); + set->Version[1] = tmp > 63 ? 63 : tmp; + return 2; + } + else if(strcmp(argv[i],"-micro") == 0){ + if(!HasParam){ + PrintNeedsParam("-micro"); + return USR_ARG_REQ_PARAM; + } + u32 tmp = strtoul(argv[i+1],NULL,10); + set->Version[2] = tmp > 15 ? 15 : tmp; + return 2; + } + + else if(strcmp(argv[i],"-content") == 0){ + if(!HasParam){ + PrintNeedsParam("-content"); + return USR_ARG_REQ_PARAM; + } + char *pos = strstr(argv[i+1],":"); + if(!pos){ + fprintf(stderr,"[ERROR] Bad argument '%s %s', correct format:\n",argv[i],argv[i+1]); + fprintf(stderr," -content :\n"); + fprintf(stderr," If generating a CIA, then use the format:\n"); + fprintf(stderr," -content ::\n"); + return USR_BAD_ARG; + } + if(strlen(pos) < 2){ + fprintf(stderr,"[ERROR] Bad argument '%s %s', correct format:\n",argv[i],argv[i+1]); + fprintf(stderr," -content :\n"); + fprintf(stderr," If generating a CIA, then use the format:\n"); + fprintf(stderr," -content ::\n"); + return USR_BAD_ARG; + } + + /* Getting Content Index */ + u16 content_index = strtol((char*)(pos+1),NULL,10); + + /* Storing Content Filepath */ + u32 path_len = (u32)(pos-argv[i+1])+1; + + if(content_index == 0) set->IsBuildingNCCH0 = false; + if(set->ContentPath[content_index] != NULL){ + fprintf(stderr,"[-] Content %d is already specified\n",content_index); + return USR_BAD_ARG; + } + set->ContentPath[content_index] = malloc(path_len); + if(set->ContentPath[content_index] == NULL){ + fprintf(stderr,"[-] MEM ERROR\n"); + return USR_MEM_ERROR; + } + memset(set->ContentPath[content_index],0,path_len); + strncpy(set->ContentPath[content_index],argv[i+1],path_len-1); + + /* Get ContentID for CIA gen */ + char *pos2 = strstr(pos+1,":"); + if(pos2) { + set->ContentID[content_index] = strtoul((pos2+1),NULL,16); + } + + /* Return Next Arg Pos*/ + return 2; + } + else if(strncmp(argv[i],"-D",2) == 0){ + fprintf(stderr,"[WARNING] -DNAME=VALUE not implemented yet\n"); + } + + // If not a valid argument + fprintf(stderr,"[ERROR] Unrecognised argument '%s'\n",argv[i]); + return USR_UNK_ARG; +} + +int CheckArgumentCombination(user_settings *set) +{ + for(int i = 0; i < CIA_MAX_CONTENT; i++){ + if( i > CCI_MAX_CONTENT-1 && set->ContentPath[i] && set->out_format == CCI){ + fprintf(stderr,"[ERROR] Content indexes > 7 are invalid for CCI\n"); + return USR_BAD_ARG; + } + if(set->ContentPath[i] && (set->out_format == CXI || set->out_format == CFA)){ + fprintf(stderr,"[ERROR] You cannot specify content while outputting CXI/CFA files\n"); + return USR_BAD_ARG; + } + } + if((set->out_format == CXI || set->out_format == CFA) && set->build_ncch_type > 0){ + fprintf(stderr,"[ERROR] Arguments '-f cxi|cfa' and '-ncch cxi|cfa' are invalid\n"); + return USR_BAD_ARG; + } + if(set->build_ncch_type > 0 && !set->IsBuildingNCCH0){ + fprintf(stderr,"[ERROR] Arguments '-content %s:0' and '-ncch cxi|cfa' cannot be used together\n",set->ContentPath[0]); + return USR_BAD_ARG; + } + + if(set->elf_path && set->exefs_code_path){ + fprintf(stderr,"[ERROR] Arguments '-elf' and '-code' cannot be used together\n"); + return USR_BAD_ARG; + } + + // Setting set->build_ncch_type if it isn't already set + if(set->IsBuildingNCCH0 && set->build_ncch_type == 0){ + if(set->out_format == CCI || set->out_format == CIA) set->build_ncch_type = CXI; + else set->build_ncch_type = set->out_format; + } + + bool buildCXI = (set->out_format == CXI || set->build_ncch_type == CXI) && set->IsBuildingNCCH0; + bool buildCFA = (set->out_format == CFA || set->build_ncch_type == CFA) && set->IsBuildingNCCH0; + // Detecting Required Arguments + if(buildCXI && !set->elf_path && !set->exefs_code_path){ + PrintNeedsArgument("-elf"); + return USR_BAD_ARG; + } + if((buildCXI || buildCFA) && !set->rsf_path){ + PrintNeedsArgument("-rsf"); + return USR_BAD_ARG; + } + if((buildCXI && !set->desc_path) && !(set->exefs_code_path && (set->accessdesc != use_desc_file))){ + PrintNeedsArgument("-desc"); + return USR_BAD_ARG; + } + if(buildCXI && !set->exheader_path && set->exefs_code_path){ + PrintNeedsArgument("-exheader"); + return USR_BAD_ARG; + } + + // Reporting bad arguments + if(!buildCXI && set->elf_path){ + PrintArgumentInvalid("-elf"); + return USR_BAD_ARG; + } + if(!buildCXI && set->desc_path){ + PrintArgumentInvalid("-desc"); + return USR_BAD_ARG; + } + if(!buildCXI && set->exefs_code_path){ + PrintArgumentInvalid("-code"); + return USR_BAD_ARG; + } + if(!buildCXI && set->exheader_path){ + PrintArgumentInvalid("-exheader"); + return USR_BAD_ARG; + } + if(!buildCXI && set->plain_region_path){ + PrintArgumentInvalid("-plain-region"); + return USR_BAD_ARG; + } + if(!buildCXI && set->include_exefs_logo){ + PrintArgumentInvalid("-exefslogo"); + return USR_BAD_ARG; + } + if(!set->IsBuildingNCCH0 && set->romfs_path){ + PrintArgumentInvalid("-romfs"); + return USR_BAD_ARG; + } + + return 0; +} + +void InvalidateRSFBooleans(rsf_settings *rsf_set) +{ + rsf_set->Option.NoPadding = -1; + rsf_set->Option.AllowUnalignedSection = -1; + rsf_set->Option.EnableCrypt = -1; + rsf_set->Option.EnableCompress = -1; + rsf_set->Option.FreeProductCode = -1; + rsf_set->Option.UseOnSD = -1; + + rsf_set->AccessControlInfo.DisableDebug = -1; + rsf_set->AccessControlInfo.EnableForceDebug = -1; + rsf_set->AccessControlInfo.CanWriteSharedPage = -1; + rsf_set->AccessControlInfo.CanUsePrivilegedPriority = -1; + rsf_set->AccessControlInfo.CanUseNonAlphabetAndNumber = -1; + rsf_set->AccessControlInfo.PermitMainFunctionArgument = -1; + rsf_set->AccessControlInfo.CanShareDeviceMemory = -1; + rsf_set->AccessControlInfo.UseOtherVariationSaveData = -1; + rsf_set->AccessControlInfo.UseExtSaveData = -1; + rsf_set->AccessControlInfo.RunnableOnSleep = -1; + rsf_set->AccessControlInfo.SpecialMemoryArrange = -1; + + rsf_set->BasicInfo.MediaFootPadding = -1; +} + +void InvalidateDESCBooleans(desc_settings *desc_set) +{ + desc_set->AccessControlDescriptor.RunnableOnSleep = -1; + desc_set->AccessControlDescriptor.SpecialMemoryArrange = -1; + desc_set->AccessControlDescriptor.AutoGen = -1; +} + +void init_UserSettings(user_settings *usr_settings) +{ + memset(usr_settings,0,sizeof(user_settings)); +} + + +void free_RsfSettings(rsf_settings *set) +{ + //Option + free(set->Option.PageSize); + for(u32 i = 0; i < set->Option.AppendSystemCallNum; i++){ + free(set->Option.AppendSystemCall[i]); + } + free(set->Option.AppendSystemCall); + + //AccessControlInfo + free(set->AccessControlInfo.ProgramId); + free(set->AccessControlInfo.IdealProcessor); + free(set->AccessControlInfo.Priority); + free(set->AccessControlInfo.MemoryType); + free(set->AccessControlInfo.SystemMode); + free(set->AccessControlInfo.FirmwareVersion); + free(set->AccessControlInfo.CoreVersion); + free(set->AccessControlInfo.HandleTableSize); + free(set->AccessControlInfo.SystemSaveDataId1); + free(set->AccessControlInfo.SystemSaveDataId2); + free(set->AccessControlInfo.OtherUserSaveDataId1); + free(set->AccessControlInfo.OtherUserSaveDataId2); + free(set->AccessControlInfo.OtherUserSaveDataId3); + free(set->AccessControlInfo.ExtSaveDataId); + free(set->AccessControlInfo.ExtSaveDataNumber); + free(set->AccessControlInfo.SystemMode); + free(set->AccessControlInfo.AffinityMask); + + for(u32 i = 0; i < set->AccessControlInfo.MemoryMappingNum; i++){ + free(set->AccessControlInfo.MemoryMapping[i]); + } + free(set->AccessControlInfo.MemoryMapping); + + for(u32 i = 0; i < set->AccessControlInfo.IORegisterMappingNum; i++){ + free(set->AccessControlInfo.IORegisterMapping[i]); + } + free(set->AccessControlInfo.IORegisterMapping); + + for(u32 i = 0; i < set->AccessControlInfo.FileSystemAccessNum; i++){ + free(set->AccessControlInfo.FileSystemAccess[i]); + } + free(set->AccessControlInfo.FileSystemAccess); + + for(u32 i = 0; i < set->AccessControlInfo.IoAccessControlNum; i++){ + free(set->AccessControlInfo.IoAccessControl[i]); + } + free(set->AccessControlInfo.IoAccessControl); + + for(u32 i = 0; i < set->AccessControlInfo.InterruptNumbersNum; i++){ + free(set->AccessControlInfo.InterruptNumbers[i]); + } + free(set->AccessControlInfo.InterruptNumbers); + + for(u32 i = 0; i < set->AccessControlInfo.SystemCallAccessNum; i++){ + free(set->AccessControlInfo.SystemCallAccess[i]); + } + free(set->AccessControlInfo.SystemCallAccess); + + for(u32 i = 0; i < set->AccessControlInfo.ServiceAccessControlNum; i++){ + free(set->AccessControlInfo.ServiceAccessControl[i]); + } + free(set->AccessControlInfo.ServiceAccessControl); + + for(u32 i = 0; i < set->AccessControlInfo.StorageIdNum; i++){ + free(set->AccessControlInfo.StorageId[i]); + } + free(set->AccessControlInfo.StorageId); + + //SystemControlInfo + free(set->SystemControlInfo.AppType); + free(set->SystemControlInfo.StackSize); + free(set->SystemControlInfo.RemasterVersion); + free(set->SystemControlInfo.JumpId); + + for(u32 i = 0; i < set->SystemControlInfo.DependencyNum; i++){ + free(set->SystemControlInfo.Dependency[i]); + } + free(set->SystemControlInfo.Dependency); + + //BasicInfo + free(set->BasicInfo.Title); + free(set->BasicInfo.CompanyCode); + free(set->BasicInfo.ProductCode); + free(set->BasicInfo.MediaSize); + free(set->BasicInfo.ContentType); + free(set->BasicInfo.Logo); + free(set->BasicInfo.BackupMemoryType); + free(set->BasicInfo.InitialCode); + + //Rom + free(set->Rom.HostRoot); + free(set->Rom.Padding); + free(set->Rom.SaveDataSize); + + for(u32 i = 0; i < set->Rom.DefaultRejectNum; i++){ + free(set->Rom.DefaultReject[i]); + } + free(set->Rom.DefaultReject); + + for(u32 i = 0; i < set->Rom.RejectNum; i++){ + free(set->Rom.Reject[i]); + } + free(set->Rom.Reject); + + for(u32 i = 0; i < set->Rom.IncludeNum; i++){ + free(set->Rom.Include[i]); + } + free(set->Rom.Include); + + for(u32 i = 0; i < set->Rom.FileNum; i++){ + free(set->Rom.File[i]); + } + free(set->Rom.File); + + //ExeFs + for(u32 i = 0; i < set->ExeFs.TextNum; i++){ + free(set->ExeFs.Text[i]); + } + free(set->ExeFs.Text); + + for(u32 i = 0; i < set->ExeFs.ReadOnlyNum; i++){ + free(set->ExeFs.ReadOnly[i]); + } + free(set->ExeFs.ReadOnly); + + for(u32 i = 0; i < set->ExeFs.ReadWriteNum; i++){ + free(set->ExeFs.ReadWrite[i]); + } + free(set->ExeFs.ReadWrite); + + //PlainRegion + for(u32 i = 0; i < set->PlainRegionNum; i++){ + free(set->PlainRegion[i]); + } + free(set->PlainRegion); + + //TitleInfo + free(set->TitleInfo.Platform); + free(set->TitleInfo.Category); + free(set->TitleInfo.UniqueId); + free(set->TitleInfo.Version); + free(set->TitleInfo.ContentsIndex); + free(set->TitleInfo.Variation); + free(set->TitleInfo.Use); + free(set->TitleInfo.ChildIndex); + free(set->TitleInfo.DemoIndex); + free(set->TitleInfo.TargetCategory); + + for(u32 i = 0; i < set->TitleInfo.CategoryFlagsNum; i++){ + free(set->TitleInfo.CategoryFlags[i]); + } + free(set->TitleInfo.CategoryFlags); + + //CardInfo + free(set->CardInfo.WritableAddress); + free(set->CardInfo.CardType); + free(set->CardInfo.CryptoType); + free(set->CardInfo.CardDevice); + free(set->CardInfo.MediaType); +} + +void free_DescSettings(desc_settings *set) +{ + //AccessControlDescriptor + free(set->AccessControlDescriptor.ProgramIdDesc); + free(set->AccessControlDescriptor.PriorityDesc); + free(set->AccessControlDescriptor.AffinityMaskDesc); + free(set->AccessControlDescriptor.IdealProcessorDesc); + free(set->AccessControlDescriptor.FirmwareVersionDesc); + free(set->AccessControlDescriptor.HandleTableSizeDesc); + free(set->AccessControlDescriptor.MemoryTypeDesc); + free(set->AccessControlDescriptor.DescVersionDesc); + free(set->AccessControlDescriptor.SystemModeDesc); + free(set->AccessControlDescriptor.AccCtlDescSign); + free(set->AccessControlDescriptor.AccCtlDescBin); + free(set->AccessControlDescriptor.CryptoKey); + free(set->AccessControlDescriptor.ResourceLimitCategory); + free(set->AccessControlDescriptor.ReleaseKernelMajor); + free(set->AccessControlDescriptor.ReleaseKernelMinor); + + for(u32 i = 0; i < set->AccessControlDescriptor.ServiceAccessControlDescNum; i++){ + free(set->AccessControlDescriptor.ServiceAccessControlDesc[i]); + } + free(set->AccessControlDescriptor.ServiceAccessControlDesc); + + for(u32 i = 0; i < set->AccessControlDescriptor.MemoryMappingDescNum; i++){ + free(set->AccessControlDescriptor.MemoryMappingDesc[i]); + } + free(set->AccessControlDescriptor.MemoryMappingDesc); + + for(u32 i = 0; i < set->AccessControlDescriptor.IORegisterMappingDescNum; i++){ + free(set->AccessControlDescriptor.IORegisterMappingDesc[i]); + } + free(set->AccessControlDescriptor.IORegisterMappingDesc); + + for(u32 i = 0; i < set->AccessControlDescriptor.Arm9AccessControlDescNum; i++){ + free(set->AccessControlDescriptor.Arm9AccessControlDesc[i]); + } + free(set->AccessControlDescriptor.Arm9AccessControlDesc); + + for(u32 i = 0; i < set->AccessControlDescriptor.EnableInterruptNumbersNum; i++){ + free(set->AccessControlDescriptor.EnableInterruptNumbers[i]); + } + free(set->AccessControlDescriptor.EnableInterruptNumbers); + + for(u32 i = 0; i < set->AccessControlDescriptor.EnableSystemCallsNum; i++){ + free(set->AccessControlDescriptor.EnableSystemCalls[i]); + } + free(set->AccessControlDescriptor.EnableSystemCalls); + + for(u32 i = 0; i < set->AccessControlDescriptor.StorageIdDescNum; i++){ + free(set->AccessControlDescriptor.StorageIdDesc[i]); + } + free(set->AccessControlDescriptor.StorageIdDesc); + + //CommonHeaderKey + free(set->CommonHeaderKey.D); + free(set->CommonHeaderKey.P); + free(set->CommonHeaderKey.Q); + free(set->CommonHeaderKey.DP); + free(set->CommonHeaderKey.DQ); + free(set->CommonHeaderKey.InverseQ); + free(set->CommonHeaderKey.Modulus); + free(set->CommonHeaderKey.Exponent); + + free_RsfSettings(&set->DefaultSpec); +} + +void free_UserSettings(user_settings *usr_settings) +{ + // Free Content Paths + if(usr_settings->ContentPath){ + for(int i = 0; i < CIA_MAX_CONTENT; i++){ + free(usr_settings->ContentPath[i]); + } + free(usr_settings->ContentPath); + } + + // Free Spec File Setting + free_DescSettings(&usr_settings->yaml_set); + + // Free Key Data + FreeKeys(&usr_settings->keys); + + // Free Content0 + free(usr_settings->Content0.buffer); + + // Free outfile path, if malloc'd + if(usr_settings->outfile_mallocd) free(usr_settings->outfile); + + // Clear settings + init_UserSettings(usr_settings); + + // Free + free(usr_settings); +} + +void PrintNeedsArgument(char *arg) +{ + fprintf(stderr,"[ERROR] Argument '%s' is required\n",arg); +} + +void PrintArgumentInvalid(char *arg) +{ + fprintf(stderr,"[ERROR] Argument '%s' is invalid\n",arg); +} + +void PrintNeedsParam(char *arg) +{ + fprintf(stderr,"[ERROR] '%s' requires a parameter\n",arg); +} + +void PrintNoNeedParam(char *arg) +{ + fprintf(stderr,"[ERROR] '%s' does not take a parameter\n",arg); +} + +void DisplayHelp(char *app_name) +{ + printf("CTR MAKEROM %d.%d",MAKEROM_VER_MAJOR,MAKEROM_VER_MINOR); +#ifdef PRIVATE_BUILD + printf(" PRIVATE BUILD"); +#endif + printf("\n(C) 3DSGuy 2014\n"); + printf("Usage: %s [options... ]\n",app_name); + printf("Option Parameter Explanation\n"); + printf("Global Options:\n"); + printf(" -help Display this text\n"); + printf(" -rsf RSF File\n"); + printf(" -f Output Format (cxi|cfa|cci|cia)\n"); + printf(" -o Output File\n"); + //printf(" -DNAME=VALUE Substitute values in Spec files\n"); + printf("NCCH Options:\n"); + printf(" -ncch0 NCCH Format (cxi|cfa)\n"); + printf(" -elf ELF File\n"); + printf(" -desc Desc File\n"); + printf(" -icon Icon File\n"); + printf(" -banner Banner File\n"); + printf(" -logo Logo File\n"); + printf(" -exefslogo Include Logo in ExeFs\n"); +#ifdef RETAIL_FSIGN + printf(" -sysfixedkey <32 hex chars> Specify SystemFixed Key\n"); +#else + printf(" -accessdesc (AutoGen|UseDesc|App|Demo|Dlp)\n"); +#endif +#ifdef PRIVATE_BUILD + printf(" -code Specify ExeFs code File\n"); + printf(" -exheader ExHeader Template File\n"); + printf(" -plain-region PlainRegion File\n"); + printf(" -romfs RomFS File\n"); +#endif + printf("CCI Options:\n"); +#ifdef PRIVATE_BUILD + printf(" -devcardcci Use SDK CardInfo Method\n"); + printf(" -omitncchhdr Omit NCCH Hdr for imported NCCH0\n"); +#endif + printf(" -content : Specify content files\n"); + printf("CIA Options:\n"); +#ifdef PRIVATE_BUILD + printf(" -cci Convert CCI to CIA\n"); + printf(" -srl Use TWL SRL as Content0\n"); +#endif + printf(" -content :: Specify content files\n"); + printf(" -major Specify Title Version Major\n"); + printf(" -minor Specify Title Version Minor\n"); + printf(" -micro Specify Title Version Micro\n"); + printf(" -rand Use a random title key\n"); + printf(" -encryptcia Encrypt CIA Contents\n"); +#ifdef RETAIL_FSIGN + printf(" -commonkey <32 hex chars> Specify commonkey and index\n"); +#endif +} diff --git a/usersettings.h b/usersettings.h new file mode 100644 index 0000000..6ef1b4b --- /dev/null +++ b/usersettings.h @@ -0,0 +1,318 @@ +#ifndef _USERSETTINGS_H_ +#define _USERSETTINGS_H_ + +#define CCI_MAX_CONTENT 8 +#define CIA_MAX_CONTENT 65536 + + +typedef enum +{ + USR_PTR_PASS_FAIL = -1, + USR_HELP = -2, + USR_ARG_REQ_PARAM = -3, + USR_UNK_ARG = -4, + USR_BAD_ARG = -5, + USR_MEM_ERROR = -6, +} user_settings_errors; + +typedef enum +{ + auto_gen, + use_desc_file, + app, + demo, + dlp, +} fixed_accessdesc_type; + +typedef enum +{ + format_not_set, + CXI, + CFA, + CCI, + CIA +} output_format; + +static const char output_extention[4][5] = {".cxi",".cfa",".cci",".cia"}; + + +typedef struct +{ + // Based on SDK 5.x makerom + struct{ + // Booleans + int NoPadding; + int AllowUnalignedSection; + int EnableCrypt; + int EnableCompress; + int FreeProductCode; + int UseOnSD; + + // Strings + char *PageSize; + + // String Collections + u32 AppendSystemCallNum; + char **AppendSystemCall; + } Option; + + struct{ + // Booleans + int DisableDebug; + int EnableForceDebug; + int CanWriteSharedPage; + int CanUsePrivilegedPriority; + int CanUseNonAlphabetAndNumber; + int PermitMainFunctionArgument; + int CanShareDeviceMemory; + int UseOtherVariationSaveData; + int UseExtSaveData; + int RunnableOnSleep; + int SpecialMemoryArrange; + + // Strings + char *ProgramId; + char *IdealProcessor; + char *Priority; + char *MemoryType; + char *SystemMode; + char *FirmwareVersion; + char *CoreVersion; + char *HandleTableSize; + char *SystemSaveDataId1; + char *SystemSaveDataId2; + char *OtherUserSaveDataId1; + char *OtherUserSaveDataId2; + char *OtherUserSaveDataId3; + char *ExtSaveDataId; + char *ExtSaveDataNumber; + char *AffinityMask; + + // String Collections + u32 MemoryMappingNum; + char **MemoryMapping; + u32 IORegisterMappingNum; + char **IORegisterMapping; + u32 FileSystemAccessNum; + char **FileSystemAccess; + u32 IoAccessControlNum; + char **IoAccessControl; + u32 InterruptNumbersNum; + char **InterruptNumbers; + u32 SystemCallAccessNum; + char **SystemCallAccess; + u32 ServiceAccessControlNum; + char **ServiceAccessControl; + u32 StorageIdNum; + char **StorageId; + } AccessControlInfo; + + struct{ + // Strings + char *AppType; + char *StackSize; + char *RemasterVersion; + char *JumpId; + + // String Collections + u32 DependencyNum; + char **Dependency; + } SystemControlInfo; + + struct{ + // Booleans + int MediaFootPadding; + + // Strings + char *Title; + char *CompanyCode; + char *ProductCode; + char *MediaSize; + char *ContentType; + char *Logo; + char *BackupMemoryType; + char *InitialCode; + } BasicInfo; + + struct{ + // Strings + char *HostRoot; + char *Padding; + char *SaveDataSize; + + // String Collections + u32 DefaultRejectNum; + char **DefaultReject; + u32 RejectNum; + char **Reject; + u32 IncludeNum; + char **Include; + u32 FileNum; + char **File; + } Rom; + + struct{ + u32 TextNum; + char **Text; + u32 ReadOnlyNum; + char **ReadOnly; + u32 ReadWriteNum; + char **ReadWrite; + } ExeFs; + + u32 PlainRegionNum; + char **PlainRegion; + + struct{ + // Strings + char *Platform; + char *Category; + char *UniqueId; + char *Version; + char *ContentsIndex; + char *Variation; + char *Use; + char *ChildIndex; + char *DemoIndex; + char *TargetCategory; + + // String Collections + u32 CategoryFlagsNum; + char **CategoryFlags; + } TitleInfo; + + struct{ + char *WritableAddress; + char *CardType; + char *CryptoType; + char *CardDevice; + char *MediaType; + } CardInfo; + +} rsf_settings; + +typedef struct +{ + struct{ + bool Found; + + // Booleans + int RunnableOnSleep; + int SpecialMemoryArrange; + int AutoGen; + + // String + char *ProgramIdDesc; + char *PriorityDesc; + char *AffinityMaskDesc; + char *IdealProcessorDesc; + char *FirmwareVersionDesc; + char *HandleTableSizeDesc; + char *MemoryTypeDesc; + char *DescVersionDesc; + char *SystemModeDesc; + char *AccCtlDescSign; + char *AccCtlDescBin; + char *CryptoKey; + char *ResourceLimitCategory; + char *ReleaseKernelMajor; + char *ReleaseKernelMinor; + + // String Collections + u32 ServiceAccessControlDescNum; + char **ServiceAccessControlDesc; + u32 MemoryMappingDescNum; + char **MemoryMappingDesc; + u32 IORegisterMappingDescNum; + char **IORegisterMappingDesc; + u32 Arm9AccessControlDescNum; + char **Arm9AccessControlDesc; //Equiv to IoAccessControl + u32 EnableInterruptNumbersNum; + char **EnableInterruptNumbers; + u32 EnableSystemCallsNum; + char **EnableSystemCalls; + u32 StorageIdDescNum; + char **StorageIdDesc; + } AccessControlDescriptor; + + struct{ + bool Found; + + char *D; + char *P; + char *Q; + char *DP; + char *DQ; + char *InverseQ; + char *Modulus; + char *Exponent; + } CommonHeaderKey; + + rsf_settings DefaultSpec; +} desc_settings; + +typedef struct +{ + // General Settings + char *rsf_path; + bool outfile_mallocd; + char *outfile; + output_format out_format; + + // Content0 + bool Content0IsCci; + char *CciPath; + bool Content0IsSrl; + char *SrlPath; + + bool Content0IsNcch; + COMPONENT_STRUCT Content0; + char **ContentPath; + u64 ContentID[CIA_MAX_CONTENT]; // For CIA + + // Ncch0 Build + bool IsBuildingNCCH0; + output_format build_ncch_type; + char *desc_path; + char *elf_path; + char *icon_path; + char *banner_path; + char *logo_path; + + fixed_accessdesc_type accessdesc; + bool include_exefs_logo; + + char *exefs_code_path; + char *exheader_path; + char *plain_region_path; + char *romfs_path; + + // CCI Settings + bool GenSDKCardInfoHeader; + bool OmitImportedNcchHdr; + + // CIA Settings + bool RandomTitleKey; + bool EncryptContents; + u16 Version[3]; + + // Keys + keys_struct keys; + + // RSF/DESC Imported Settings + desc_settings yaml_set; +} user_settings; +#endif + +// Prototypes + +void init_UserSettings(user_settings *usr_settings); +void free_UserSettings(user_settings *usr_settings); +int ParseArgs(int argc, char *argv[], user_settings *usr_settings); +void ReadYAMLtest(char *filepath); + +void InvalidateRSFBooleans(rsf_settings *rsf_set); +void InvalidateDESCBooleans(desc_settings *desc_set); + +void free_RsfSettings(rsf_settings *set); +void free_DescSettings(desc_settings *set); \ No newline at end of file diff --git a/utils.c b/utils.c new file mode 100644 index 0000000..6c78ea2 --- /dev/null +++ b/utils.c @@ -0,0 +1,373 @@ +#include "lib.h" + +//MISC +void char_to_u8_array(unsigned char destination[], char source[], int size, int endianness, int base) +{ + char tmp[size][2]; + unsigned char *byte_array = malloc(size*sizeof(unsigned char)); + memset(byte_array, 0, size); + memset(destination, 0, size); + memset(tmp, 0, size*2); + + for (int i = 0; i < size; i ++){ + tmp[i][0] = source[(i*2)]; + tmp[i][1] = source[((i*2)+1)]; + tmp[i][2] = '\0'; + byte_array[i] = (unsigned char)strtol(tmp[i], NULL, base); + } + endian_memcpy(destination,byte_array,size,endianness); + free(byte_array); +} + +void endian_memcpy(u8 *destination, u8 *source, u32 size, int endianness) +{ + for (u32 i = 0; i < size; i++){ + switch (endianness){ + case(BE): + destination[i] = source[i]; + break; + case(LE): + destination[i] = source[((size-1)-i)]; + break; + } + } +} + +void u8_hex_print_be(u8 *array, int len) +{ + for(int i = 0; i < len; i++) + printf("%02x",array[i]); +} + +void u8_hex_print_le(u8 *array, int len) +{ + for(int i = 0; i < len; i++) + printf("%02x",array[len - i - 1]); +} + +u64 align_value(u64 value, u64 alignment) +{ + u64 tmp = value; + while(tmp > alignment) + tmp -= alignment; + return (value + (alignment - tmp)); +} + +void resolve_flag(unsigned char flag, unsigned char *flag_bool) +{ + unsigned char bit_mask[8] = {0x80,0x40,0x20,0x10,0x8,0x4,0x2,0x1}; + for(int i = 0; i < 8; i++){ + if (flag >= bit_mask[i]){ + flag_bool[7-i] = true; + flag -= bit_mask[i]; + } + else + flag_bool[7-i] = false; + } +} + +void resolve_flag_u16(u16 flag, unsigned char *flag_bool) +{ + u16 bit_mask[16] = {0x8000,0x4000,0x2000,0x1000,0x800,0x400,0x200,0x100,0x80,0x40,0x20,0x10,0x8,0x4,0x2,0x1}; + for(int i = 0; i < 16; i++){ + if (flag >= bit_mask[i]){ + flag_bool[15-i] = true; + flag -= bit_mask[i]; + } + else + flag_bool[15-i] = false; + } +} + +int append_filextention(char *output, u16 max_outlen, char *input, char extention[]) +{ + if(output == NULL || input == NULL){ + printf("[!] Memory Error\n"); + return Fail; + } + memset(output,0,max_outlen); + u16 extention_point = strlen(input)+1; + for(int i = strlen(input)-1; i > 0; i--){ + if(input[i] == '.'){ + extention_point = i; + break; + } + } + if(extention_point+strlen(extention) >= max_outlen){ + printf("[!] Input File Name Too Large for Output buffer\n"); + return Fail; + } + memcpy(output,input,extention_point); + sprintf(output,"%s%s",output,extention); + return 0; +} + +int CopyData(u8 **dest, u8 *source, u64 size) +{ + if(!*dest){ + *dest = malloc(size); + if(!*dest) return -1; + } + memcpy(*dest,source,size); + return 0; +} + +u64 min_u64(u64 a, u64 b) +{ + if(a < b) return a; + return b; +} + +u64 max_u64(u64 a, u64 b) +{ + if(a > b) return a; + return b; +} + +//IO Related +void WriteBuffer(void *buffer, u64 size, u64 offset, FILE *output) +{ + fseek_64(output,offset,SEEK_SET); + fwrite(buffer,size,1,output); +} + +void ReadFile_64(void *outbuff, u64 size, u64 offset, FILE *file) +{ + fseek_64(file,offset,SEEK_SET); + fread(outbuff,size,1,file); +} + +u64 GetFileSize_u64(char *filename) +{ + u64 size; +#ifdef _WIN32 + /* Making sure file exists */ + FILE *tmp = fopen(filename,"rb"); + if(!tmp) return 0; + fclose(tmp); + + int fh; + u64 n; + fh = _open( filename, 0 ); + n = _lseeki64(fh, 0, SEEK_END); + _close(fh); + size = (n / sizeof(short))*2; +#else + FILE *file = fopen(filename,"rb"); + fseeko(file, 0L, SEEK_END); + size = ftello(file); + fclose(file); +#endif + return size; +} + +u32 GetFileSize_u32(FILE *file) +{ + u32 size = 0; + fseek(file, 0L, SEEK_END); + size = ftell(file); + fseek(file, 0L, SEEK_SET); + return size; +} + +int TruncateFile_u64(char *filename, u64 filelen) +{ +#ifdef _WIN32 + HANDLE fh; + + LARGE_INTEGER fp; + fp.QuadPart = filelen; + + fh = CreateFile(filename, GENERIC_WRITE, 0, NULL, OPEN_EXISTING, 0, NULL); + if (fh == INVALID_HANDLE_VALUE) { + printf("[!] Invalid File handle\n"); + return 1; + } + + if (SetFilePointerEx(fh, fp, NULL, FILE_BEGIN) == 0 || + SetEndOfFile(fh) == 0) { + printf("[!] truncate failed\n"); + CloseHandle(fh); + return 1; + } + + CloseHandle(fh); + return 0; +#else + return truncate(filename,filelen); +#endif +} + +int fseek_64(FILE *fp, u64 file_pos, int whence) +{ +#ifdef _WIN32 + if(whence != SEEK_SET) + printf("[!] fseek_64, whence has been overided to SEEK_SET\n"); + fpos_t pos = file_pos; + return fsetpos(fp,&pos); //I can't believe the 2gb problem with Windows & MINGW, maybe I have a bad installation :/ +#else + return fseeko(fp,file_pos,whence); +#endif +} + +int makedir(const char* dir) +{ +#ifdef _WIN32 + return _mkdir(dir); +#else + return mkdir(dir, 0777); +#endif +} + +char *getcwdir(char *buffer,int maxlen) +{ +#ifdef _WIN32 + return _getcwd(buffer,maxlen); +#else + return getcwd(buffer,maxlen); +#endif +} + +//Data Size conversion +u16 u8_to_u16(u8 *value, u8 endianness) +{ + u16 new_value; + switch(endianness){ + case(BE): new_value = (value[1]<<0) | (value[0]<<8); break; + case(LE): new_value = (value[0]<<0) | (value[1]<<8); break; + } + return new_value; +} + +u32 u8_to_u32(u8 *value, u8 endianness) +{ + u32 new_value; + switch(endianness){ + case(BE): new_value = (value[3]<<0) | (value[2]<<8) | (value[1]<<16) | (value[0]<<24); break; + case(LE): new_value = (value[0]<<0) | (value[1]<<8) | (value[2]<<16) | (value[3]<<24); break; + } + return new_value; +} + + +u64 u8_to_u64(u8 *value, u8 endianness) +{ + u64 u64_return = 0; + switch(endianness){ + case(BE): + u64_return |= (u64)value[7]<<0; + u64_return |= (u64)value[6]<<8; + u64_return |= (u64)value[5]<<16; + u64_return |= (u64)value[4]<<24; + u64_return |= (u64)value[3]<<32; + u64_return |= (u64)value[2]<<40; + u64_return |= (u64)value[1]<<48; + u64_return |= (u64)value[0]<<56; + break; + //return (value[7]<<0) | (value[6]<<8) | (value[5]<<16) | (value[4]<<24) | (value[3]<<32) | (value[2]<<40) | (value[1]<<48) | (value[0]<<56); + case(LE): + u64_return |= (u64)value[0]<<0; + u64_return |= (u64)value[1]<<8; + u64_return |= (u64)value[2]<<16; + u64_return |= (u64)value[3]<<24; + u64_return |= (u64)value[4]<<32; + u64_return |= (u64)value[5]<<40; + u64_return |= (u64)value[6]<<48; + u64_return |= (u64)value[7]<<56; + break; + //return (value[0]<<0) | (value[1]<<8) | (value[2]<<16) | (value[3]<<24) | (value[4]<<32) | (value[5]<<40) | (value[6]<<48) | (value[7]<<56); + } + return u64_return; +} + +int u16_to_u8(u8 *out_value, u16 in_value, u8 endianness) +{ + switch(endianness){ + case(BE): + out_value[0]=(in_value >> 8); + out_value[1]=(in_value >> 0); + break; + case(LE): + out_value[0]=(in_value >> 0); + out_value[1]=(in_value >> 8); + break; + } + return 0; +} + +int u32_to_u8(u8 *out_value, u32 in_value, u8 endianness) +{ + switch(endianness){ + case(BE): + out_value[0]=(in_value >> 24); + out_value[1]=(in_value >> 16); + out_value[2]=(in_value >> 8); + out_value[3]=(in_value >> 0); + break; + case(LE): + out_value[0]=(in_value >> 0); + out_value[1]=(in_value >> 8); + out_value[2]=(in_value >> 16); + out_value[3]=(in_value >> 24); + break; + } + return 0; +} + +int u64_to_u8(u8 *out_value, u64 in_value, u8 endianness) +{ + switch(endianness){ + case(BE): + out_value[0]=(in_value >> 56); + out_value[1]=(in_value >> 48); + out_value[2]=(in_value >> 40); + out_value[3]=(in_value >> 32); + out_value[4]=(in_value >> 24); + out_value[5]=(in_value >> 16); + out_value[6]=(in_value >> 8); + out_value[7]=(in_value >> 0); + break; + case(LE): + out_value[0]=(in_value >> 0); + out_value[1]=(in_value >> 8); + out_value[2]=(in_value >> 16); + out_value[3]=(in_value >> 24); + out_value[4]=(in_value >> 32); + out_value[5]=(in_value >> 40); + out_value[6]=(in_value >> 48); + out_value[7]=(in_value >> 56); + break; + } + return 0; +} + +//Copied from ctrtool +void memdump(FILE* fout, const char* prefix, const u8* data, u32 size) +{ + u32 i; + u32 prefixlen = strlen(prefix); + u32 offs = 0; + u32 line = 0; + while(size) + { + u32 max = 32; + + if (max > size) + max = size; + + if (line==0) + fprintf(fout, "%s", prefix); + else + fprintf(fout, "%*s", prefixlen, ""); + + + for(i=0; irsf_path){ + int res = ParseSpecFile(&rsf_set,set->rsf_path,type_rsf); + if(res) return res; + } + if(set->desc_path){ + int res = ParseSpecFile(&desc_set,set->desc_path,type_desc); + if(res) return res; + } + return MergeSpecData(&set->yaml_set,&desc_set,&rsf_set); +} + +int ParseSpecFile(void *set, char *path, specfile_type type) +{ + ctr_yaml_context *ctx = malloc(sizeof(ctr_yaml_context)); + InitYamlContext(ctx); + + + + /* Set Specfile Type */ + ctx->type = type; + + /* Create the Parser object. */ + yaml_parser_initialize(&ctx->parser); + + /* Set a file input. */ + FILE *input = fopen(path,"rb"); + yaml_parser_set_input_file(&ctx->parser, input); + + + ctx->IsSequence = false; + ctx->IsKey = true; + ctx->prev_event = 0; + ctx->Level = 0; + + + /* Read the event sequence. */ + while (!ctx->done) { + /* Get the next event. */ + GetEvent(ctx); + if(ctx->error) goto error; + + /* Proccess Event */ + + + if(EventIsScalar(ctx)){ + if(ctx->type == type_rsf) EvaluateRSF((rsf_settings*)set,ctx); + else EvaluateDESC((desc_settings*)set,ctx); + if(ctx->error) goto error; + break; + } + /* + if((ctx->event.type == YAML_SEQUENCE_START_EVENT|| ctx->event.type == YAML_MAPPING_START_EVENT) && ctx->prev_event == YAML_SCALAR_EVENT) printf(":\n"); + if(ctx->event.type == YAML_SCALAR_EVENT){ + if(ctx->IsSequence){ + printf(" - %s\n",ctx->event.data.scalar.value); + } + else{ + if(!ctx->IsKey) printf(": %s\n",ctx->event.data.scalar.value); + else printf("%s",ctx->event.data.scalar.value); + } + } + */ + + /* Finish Event */ + FinishEvent(ctx); + if(ctx->error) goto error; + } + + /* Destroy the Parser object. */ + yaml_parser_delete(&ctx->parser); + fclose(input); + return 0; + + /* On error. */ + error: + fprintf(stderr,"[-] Error Proccessing %s file\n",ctx->type? "DESC" : "RSF"); + + /* Destroy the Parser object. */ + yaml_parser_delete(&ctx->parser); + fclose(input); + return ctx->error; +} + +void InitYamlContext(ctr_yaml_context *ctx) +{ + memset(ctx,0,sizeof(ctr_yaml_context)); +} + +char *GetYamlString(ctr_yaml_context *ctx) +{ + /* + if(EventIsScalar(ctx)){ + if(!GetYamlStringSize(ctx) && !ctx->event.data.scalar.value) + return ctx->event.data.scalar.value; + } + + return NULL; + */ + return (char*)ctx->event.data.scalar.value; +} + + +u32 GetYamlStringSize(ctr_yaml_context *ctx) +{ + return ctx->event.data.scalar.length; +} + +void GetEvent(ctr_yaml_context *ctx) +{ + if (!yaml_parser_parse(&ctx->parser, &ctx->event)){ + ctx->error = YAML_API_ERROR; + return; + } + CheckEvent(ctx); +} + +void CheckEvent(ctr_yaml_context *ctx) +{ + switch(ctx->event.type){ + case YAML_SEQUENCE_START_EVENT: + ctx->IsSequence = true; + ctx->IsKey = true; + ctx->Level++; + //printf("[LEVEL] %d\n",ctx->Level); + break; + case YAML_SEQUENCE_END_EVENT: + ctx->IsSequence = false; + ctx->IsKey = true; + ctx->Level--; + //printf("[LEVEL] %d\n",ctx->Level); + break; + case YAML_MAPPING_START_EVENT: + ctx->IsKey = true; + ctx->Level++; + //printf("[LEVEL] %d\n",ctx->Level); + break; + case YAML_MAPPING_END_EVENT: + ctx->IsKey = true; + ctx->Level--; + //printf("[LEVEL] %d\n",ctx->Level); + break; + case YAML_DOCUMENT_END_EVENT: + case YAML_STREAM_END_EVENT: + ctx->done = true; + break; + default: break; + } +} + +void FinishEvent(ctr_yaml_context *ctx) +{ + if(ctx->event.type == YAML_SCALAR_EVENT) { + if(!ctx->IsSequence){ + if(!ctx->IsKey)ctx->IsKey = true; + else ctx->IsKey = false; + } + } + ctx->prev_event = ctx->event.type; + yaml_event_delete(&ctx->event); +} + +bool EventIsScalar(ctr_yaml_context *ctx) +{ + return (ctx->event.type == YAML_SCALAR_EVENT); +} + +bool EventIsMappingStart(ctr_yaml_context *ctx) +{ + return (ctx->event.type == YAML_MAPPING_START_EVENT); +} + +bool EventIsMappingEnd(ctr_yaml_context *ctx) +{ + return (ctx->event.type == YAML_MAPPING_END_EVENT); +} + +bool EventIsSequenceStart(ctr_yaml_context *ctx) +{ + return (ctx->event.type == YAML_SEQUENCE_START_EVENT); +} + +bool EventIsSequenceEnd(ctr_yaml_context *ctx) +{ + return (ctx->event.type == YAML_SEQUENCE_END_EVENT); +} + +bool CheckSequenceEvent(ctr_yaml_context *ctx) +{ + GetEvent(ctx); + if(!EventIsSequenceStart(ctx)){ + FinishEvent(ctx); + //fprintf(stderr,"[-] Bad formatting in Spec file (Expected Sequence)\n"); + //ctx->error = YAML_BAD_FORMATTING; + return false; + } + FinishEvent(ctx); + return true; +} + +bool CheckMappingEvent(ctr_yaml_context *ctx) +{ + GetEvent(ctx); + if(!EventIsMappingStart(ctx)){ + FinishEvent(ctx); + //fprintf(stderr,"[-] Bad formatting in Spec file (Expected Mapping)\n"); + //ctx->error = YAML_BAD_FORMATTING; + return false; + } + FinishEvent(ctx); + return true; +} + +void BadYamlFormatting(void) +{ + fprintf(stderr,"[-] Bad formatting in Spec file\n"); +} + + +bool cmpYamlValue(char *string,ctr_yaml_context *ctx) +{ + return (strcmp(GetYamlString(ctx),string) == 0); +} + +bool casecmpYamlValue(char *string,ctr_yaml_context *ctx) +{ + return (strcasecmp(GetYamlString(ctx),string) == 0); +} + +void SetSimpleYAMLValue(char **dest, char *key, ctr_yaml_context *ctx, u32 size_limit) +{ + if(*dest){ + fprintf(stderr,"[-] Item '%s' is already set\n",key); + ctx->error = YAML_MEM_ERROR; + return; + } + + GetEvent(ctx); + if(ctx->error || ctx->done) return; + if(!EventIsScalar(ctx)){ + fprintf(stderr,"[-] '%s' requires a value\n",key); + ctx->error = YAML_BAD_FORMATTING; + return; + } + if(!GetYamlStringSize(ctx)) return; + + u32 size = GetYamlStringSize(ctx); + if(size > size_limit && size_limit) size = size_limit; + + + char *tmp = *dest; + tmp = malloc(size+2); + if(!tmp) { + ctx->error = YAML_MEM_ERROR; + return; + } + memset(tmp,0,size+2); + memcpy(tmp,GetYamlString(ctx),size); + + //printf("Setting %s to %s (size of %d)\n",key,GetYamlString(ctx),size); + //printf("Check: %s & %x\n",tmp,tmp); + *dest = tmp; + +} + +bool SetBoolYAMLValue(char *key, ctr_yaml_context *ctx) +{ + GetEvent(ctx); + if(ctx->error || ctx->done) return false; + if(!EventIsScalar(ctx)){ + fprintf(stderr,"[-] '%s' requires a value\n",key); + ctx->error = YAML_BAD_FORMATTING; + return false; + } + if(!GetYamlStringSize(ctx)){ + fprintf(stderr,"[-] '%s' requires a value\n",key); + ctx->error = YAML_BAD_FORMATTING; + return false; + } + + if(casecmpYamlValue("true",ctx)) return true; + if(casecmpYamlValue("false",ctx)) return false; + + fprintf(stderr,"[-] Invalid '%s'\n",key); + ctx->error = YAML_BAD_FORMATTING; + return false; + +} + +u32 SetYAMLSequence(char ***dest, char *key, ctr_yaml_context *ctx) +{ + if(*dest){ + fprintf(stderr,"[-] %s already set\n",key); + ctx->error = YAML_MEM_ERROR; + return 0; + } + + u32 ActualCount = 0; + u32 SlotCount = 0; + char **tmp = *dest; + if(!CheckSequenceEvent(ctx)) return 0; + SlotCount = 10; + tmp = malloc((SlotCount+1)*sizeof(char*)); + if(!tmp){ + ctx->error = YAML_MEM_ERROR; + return 0; + } + memset(tmp,0,(SlotCount+1)*sizeof(char*)); + GetEvent(ctx); + if(ctx->error || ctx->done) return 0; + if(!EventIsScalar(ctx)){ + fprintf(stderr,"[-] '%s' requires a value\n",key); + ctx->error = YAML_BAD_FORMATTING; + return 0; + } + + + if(!GetYamlStringSize(ctx)) return 0; + u32 InitLevel = ctx->Level; + while(ctx->Level == InitLevel){ + if(ctx->error || ctx->done) return 0; + tmp[ActualCount] = malloc(GetYamlStringSize(ctx)+1); + memset(tmp[ActualCount],0,GetYamlStringSize(ctx)+1); + memcpy(tmp[ActualCount],GetYamlString(ctx),GetYamlStringSize(ctx)); + ActualCount++; + if(ActualCount >= SlotCount){ // if Exceeding Ptr capacity, expand buffer + SlotCount = SlotCount*2; + char **tmp1 = malloc((SlotCount+1)*sizeof(char*)); // allocate new buffer + if(!tmp1){ + ctx->error = YAML_MEM_ERROR; + return 0; + } + memset(tmp1,0,(SlotCount+1)*sizeof(char*)); + for(u32 i = 0; i < ActualCount; i++) tmp1[i] = tmp[i]; // Transfer ptrs + free(tmp); // free original buffer + tmp = tmp1; // transfer main ptr + } + FinishEvent(ctx); + GetEvent(ctx); + } + FinishEvent(ctx); + *dest = tmp; // Give main ptr to location + return ActualCount++; // return number of strings +} + +u32 SetYAMLSequenceFromMapping(char ***dest, char *key, ctr_yaml_context *ctx, bool StoreKey) +{ + if(*dest){ + fprintf(stderr,"[-] %s already set\n",key); + ctx->error = YAML_MEM_ERROR; + return 0; + } + + u32 ActualCount = 0; + u32 SlotCount = 0; + char **tmp = *dest; + if(!CheckMappingEvent(ctx)) return 0; + SlotCount = 10; + tmp = malloc((SlotCount+1)*sizeof(char*)); + if(!tmp){ + ctx->error = YAML_MEM_ERROR; + return 0; + } + memset(tmp,0,(SlotCount+1)*sizeof(char*)); + GetEvent(ctx); + if(ctx->error || ctx->done) return 0; + if(!EventIsScalar(ctx)){ + fprintf(stderr,"[-] '%s' requires a value\n",key); + ctx->error = YAML_BAD_FORMATTING; + return 0; + } + + + if(!GetYamlStringSize(ctx)) return 0; + u32 InitLevel = ctx->Level; + while(ctx->Level == InitLevel){ + if(ctx->error || ctx->done) return 0; + if(ctx->IsKey == StoreKey){ + tmp[ActualCount] = malloc(GetYamlStringSize(ctx)+1); + memset(tmp[ActualCount],0,GetYamlStringSize(ctx)+1); + memcpy(tmp[ActualCount],GetYamlString(ctx),GetYamlStringSize(ctx)); + ActualCount++; + if(ActualCount >= SlotCount){ // if Exceeding Ptr capacity, expand buffer + SlotCount = SlotCount*2; + char **tmp1 = malloc((SlotCount+1)*sizeof(char*)); // allocate new buffer + if(!tmp1){ + ctx->error = YAML_MEM_ERROR; + return 0; + } + memset(tmp1,0,(SlotCount+1)*sizeof(char*)); + for(u32 i = 0; i < ActualCount; i++) tmp1[i] = tmp[i]; // Transfer ptrs + free(tmp); // free original buffer + tmp = tmp1; // transfer main ptr + } + } + FinishEvent(ctx); + GetEvent(ctx); + } + FinishEvent(ctx); + *dest = tmp; // Give main ptr to location + return ActualCount++; // return number of strings +} + +void SkipYAMLGroup(ctr_yaml_context *ctx) // Why Nintendo? Why is this necessary? Why can't you just create valid .desc files? +{ + FinishEvent(ctx); + GetEvent(ctx); + if(!EventIsMappingStart(ctx) && !EventIsSequenceStart(ctx) && EventIsScalar(ctx)) return; + FinishEvent(ctx); + GetEvent(ctx); + + if(ctx->error || ctx->done) return; + if(!EventIsScalar(ctx)){ + fprintf(stderr,"[-] 'Format error\n"); + ctx->error = YAML_BAD_FORMATTING; + return; + } + if(!GetYamlStringSize(ctx)) return; + u32 InitLevel = ctx->Level; + while(ctx->Level == InitLevel){ + if(ctx->error || ctx->done) return; + FinishEvent(ctx); + GetEvent(ctx); + } + FinishEvent(ctx); +} \ No newline at end of file diff --git a/yaml_ctr.h b/yaml_ctr.h new file mode 100644 index 0000000..dd1a232 --- /dev/null +++ b/yaml_ctr.h @@ -0,0 +1,68 @@ +#ifndef _YAML_H_ +#define _YAML_H_ + +typedef enum +{ + YAML_API_ERROR = -1, + YAML_BAD_GROUP_HEADER = -2, + YAML_BAD_FORMATTING = -3, + YAML_MEM_ERROR = -4, + YAML_UNKNOWN_KEY = -5, +} ctr_yaml_error; + +typedef enum +{ + type_rsf, + type_desc, +} specfile_type; + +typedef struct +{ + // For Continued Parsing of file + yaml_parser_t parser; + yaml_event_t event; + bool done; + int error; + + // Important Details + bool IsSequence; + bool IsKey; + yaml_event_type_t prev_event; + u32 Level; + + // Spec File Type + specfile_type type; +} ctr_yaml_context; + +#endif + +// Public Prototypes +int GetYamlSettings(user_settings *set); + +// For scalar events +char *GetYamlString(ctr_yaml_context *ctx); +u32 GetYamlStringSize(ctr_yaml_context *ctx); +bool cmpYamlValue(char *string,ctr_yaml_context *ctx); // Compares a string to the current scalar event +bool casecmpYamlValue(char *string,ctr_yaml_context *ctx); // same as above but ignores case + +// Event Handlers +void GetEvent(ctr_yaml_context *ctx); +void FinishEvent(ctr_yaml_context *ctx); + + +// Event Type Checks +bool EventIsScalar(ctr_yaml_context *ctx); +bool EventIsMappingStart(ctr_yaml_context *ctx); +bool EventIsMappingEnd(ctr_yaml_context *ctx); +bool EventIsSequenceStart(ctr_yaml_context *ctx); +bool EventIsSequenceEnd(ctr_yaml_context *ctx); +bool CheckMappingEvent(ctr_yaml_context *ctx); // With extra implement, use if lazy +bool CheckSequenceEvent(ctr_yaml_context *ctx); // With extra implement, use if lazy + + +// Functions which store values +void SetSimpleYAMLValue(char **dest, char *key, ctr_yaml_context *ctx, u32 size_limit); +bool SetBoolYAMLValue(char *key, ctr_yaml_context *ctx); +u32 SetYAMLSequence(char ***dest, char *key, ctr_yaml_context *ctx); +u32 SetYAMLSequenceFromMapping(char ***dest, char *key, ctr_yaml_context *ctx, bool StoreKey); +void SkipYAMLGroup(ctr_yaml_context *ctx); \ No newline at end of file diff --git a/yamlsettings.c b/yamlsettings.c new file mode 100644 index 0000000..0764048 --- /dev/null +++ b/yamlsettings.c @@ -0,0 +1,636 @@ +#include "lib.h" +#include "yamlsettings.h" + +void RsfSettingTransferSingle(char **src, char **dst, char **dmp); +void RsfSettingTransferMultiple(char ***src, u32 *src_num, char ***dst, u32 *dst_num, char ***dmp, u32 *dmp_num); + +int MergeSpecData(desc_settings *out, desc_settings *desc, rsf_settings *rsf) +{ + // Setup + memcpy(out,desc,sizeof(desc_settings)); // Using desc as base, then adding rsf settings + rsf_settings *rsf_dst = &out->DefaultSpec; + rsf_settings *rsf_src = rsf; + rsf_settings *rsf_dmp = &desc->DefaultSpec; // for unneeded ptrs which need freeing + memset(rsf_dmp,0,sizeof(rsf_settings)); + + // Booleans + if(rsf_src->Option.NoPadding != -1) rsf_dst->Option.NoPadding = rsf_src->Option.NoPadding; + if(rsf_src->Option.AllowUnalignedSection != -1) rsf_dst->Option.AllowUnalignedSection = rsf_src->Option.AllowUnalignedSection; + if(rsf_src->Option.EnableCrypt != -1) rsf_dst->Option.EnableCrypt = rsf_src->Option.EnableCrypt; + if(rsf_src->Option.EnableCompress != -1) rsf_dst->Option.EnableCompress = rsf_src->Option.EnableCompress; + if(rsf_src->Option.FreeProductCode != -1) rsf_dst->Option.FreeProductCode = rsf_src->Option.FreeProductCode; + if(rsf_src->Option.UseOnSD != -1) rsf_dst->Option.UseOnSD = rsf_src->Option.UseOnSD; + + if(rsf_src->AccessControlInfo.DisableDebug != -1) rsf_dst->AccessControlInfo.DisableDebug = rsf_src->AccessControlInfo.DisableDebug; + if(rsf_src->AccessControlInfo.EnableForceDebug != -1) rsf_dst->AccessControlInfo.EnableForceDebug = rsf_src->AccessControlInfo.EnableForceDebug; + if(rsf_src->AccessControlInfo.CanWriteSharedPage != -1) rsf_dst->AccessControlInfo.CanWriteSharedPage = rsf_src->AccessControlInfo.CanWriteSharedPage; + if(rsf_src->AccessControlInfo.CanUsePrivilegedPriority != -1) rsf_dst->AccessControlInfo.CanUsePrivilegedPriority = rsf_src->AccessControlInfo.CanUsePrivilegedPriority; + if(rsf_src->AccessControlInfo.CanUseNonAlphabetAndNumber != -1) rsf_dst->AccessControlInfo.CanUseNonAlphabetAndNumber = rsf_src->AccessControlInfo.CanUseNonAlphabetAndNumber; + if(rsf_src->AccessControlInfo.PermitMainFunctionArgument != -1) rsf_dst->AccessControlInfo.PermitMainFunctionArgument = rsf_src->AccessControlInfo.PermitMainFunctionArgument; + if(rsf_src->AccessControlInfo.CanShareDeviceMemory != -1) rsf_dst->AccessControlInfo.CanShareDeviceMemory = rsf_src->AccessControlInfo.CanShareDeviceMemory; + if(rsf_src->AccessControlInfo.UseOtherVariationSaveData != -1) rsf_dst->AccessControlInfo.UseOtherVariationSaveData = rsf_src->AccessControlInfo.UseOtherVariationSaveData; + if(rsf_src->AccessControlInfo.UseExtSaveData != -1) rsf_dst->AccessControlInfo.UseExtSaveData = rsf_src->AccessControlInfo.UseExtSaveData; + if(rsf_src->AccessControlInfo.RunnableOnSleep != -1) rsf_dst->AccessControlInfo.RunnableOnSleep = rsf_src->AccessControlInfo.RunnableOnSleep; + if(rsf_src->AccessControlInfo.SpecialMemoryArrange != -1) rsf_dst->AccessControlInfo.SpecialMemoryArrange = rsf_src->AccessControlInfo.SpecialMemoryArrange; + + if(rsf_src->BasicInfo.MediaFootPadding != -1) rsf_dst->BasicInfo.MediaFootPadding = rsf_src->BasicInfo.MediaFootPadding; + + // Strings + //Option + RsfSettingTransferSingle(&rsf_src->Option.PageSize,&rsf_dst->Option.PageSize,&rsf_dmp->Option.PageSize); + RsfSettingTransferMultiple(&rsf_src->Option.AppendSystemCall,&rsf_src->Option.AppendSystemCallNum,&rsf_dst->Option.AppendSystemCall,&rsf_dst->Option.AppendSystemCallNum,&rsf_dmp->Option.AppendSystemCall,&rsf_dmp->Option.AppendSystemCallNum); + + //AccessControlInfo + RsfSettingTransferSingle(&rsf_src->AccessControlInfo.ProgramId,&rsf_dst->AccessControlInfo.ProgramId,&rsf_dmp->AccessControlInfo.ProgramId); + RsfSettingTransferSingle(&rsf_src->AccessControlInfo.IdealProcessor,&rsf_dst->AccessControlInfo.IdealProcessor,&rsf_dmp->AccessControlInfo.IdealProcessor); + RsfSettingTransferSingle(&rsf_src->AccessControlInfo.Priority,&rsf_dst->AccessControlInfo.Priority,&rsf_dmp->AccessControlInfo.Priority); + RsfSettingTransferSingle(&rsf_src->AccessControlInfo.MemoryType,&rsf_dst->AccessControlInfo.MemoryType,&rsf_dmp->AccessControlInfo.MemoryType); + RsfSettingTransferSingle(&rsf_src->AccessControlInfo.SystemMode,&rsf_dst->AccessControlInfo.SystemMode,&rsf_dmp->AccessControlInfo.SystemMode); + RsfSettingTransferSingle(&rsf_src->AccessControlInfo.FirmwareVersion,&rsf_dst->AccessControlInfo.FirmwareVersion,&rsf_dmp->AccessControlInfo.FirmwareVersion); + RsfSettingTransferSingle(&rsf_src->AccessControlInfo.CoreVersion,&rsf_dst->AccessControlInfo.CoreVersion,&rsf_dmp->AccessControlInfo.CoreVersion); + RsfSettingTransferSingle(&rsf_src->AccessControlInfo.HandleTableSize,&rsf_dst->AccessControlInfo.HandleTableSize,&rsf_dmp->AccessControlInfo.HandleTableSize); + RsfSettingTransferSingle(&rsf_src->AccessControlInfo.SystemSaveDataId1,&rsf_dst->AccessControlInfo.SystemSaveDataId1,&rsf_dmp->AccessControlInfo.SystemSaveDataId1); + RsfSettingTransferSingle(&rsf_src->AccessControlInfo.SystemSaveDataId2,&rsf_dst->AccessControlInfo.SystemSaveDataId2,&rsf_dmp->AccessControlInfo.SystemSaveDataId2); + RsfSettingTransferSingle(&rsf_src->AccessControlInfo.OtherUserSaveDataId1,&rsf_dst->AccessControlInfo.OtherUserSaveDataId1,&rsf_dmp->AccessControlInfo.OtherUserSaveDataId1); + RsfSettingTransferSingle(&rsf_src->AccessControlInfo.OtherUserSaveDataId2,&rsf_dst->AccessControlInfo.OtherUserSaveDataId2,&rsf_dmp->AccessControlInfo.OtherUserSaveDataId2); + RsfSettingTransferSingle(&rsf_src->AccessControlInfo.OtherUserSaveDataId3,&rsf_dst->AccessControlInfo.OtherUserSaveDataId3,&rsf_dmp->AccessControlInfo.OtherUserSaveDataId3); + RsfSettingTransferSingle(&rsf_src->AccessControlInfo.ExtSaveDataId,&rsf_dst->AccessControlInfo.ExtSaveDataId,&rsf_dmp->AccessControlInfo.ExtSaveDataId); + RsfSettingTransferSingle(&rsf_src->AccessControlInfo.ExtSaveDataNumber,&rsf_dst->AccessControlInfo.ExtSaveDataNumber,&rsf_dmp->AccessControlInfo.ExtSaveDataNumber); + RsfSettingTransferSingle(&rsf_src->AccessControlInfo.SystemMode,&rsf_dst->AccessControlInfo.SystemMode,&rsf_dmp->AccessControlInfo.SystemMode); + RsfSettingTransferSingle(&rsf_src->AccessControlInfo.AffinityMask,&rsf_dst->AccessControlInfo.AffinityMask,&rsf_dmp->AccessControlInfo.AffinityMask); + RsfSettingTransferMultiple(&rsf_src->AccessControlInfo.MemoryMapping,&rsf_src->AccessControlInfo.MemoryMappingNum,&rsf_dst->AccessControlInfo.MemoryMapping,&rsf_dst->AccessControlInfo.MemoryMappingNum,&rsf_dmp->AccessControlInfo.MemoryMapping,&rsf_dmp->AccessControlInfo.MemoryMappingNum); + RsfSettingTransferMultiple(&rsf_src->AccessControlInfo.IORegisterMapping,&rsf_src->AccessControlInfo.IORegisterMappingNum,&rsf_dst->AccessControlInfo.IORegisterMapping,&rsf_dst->AccessControlInfo.IORegisterMappingNum,&rsf_dmp->AccessControlInfo.IORegisterMapping,&rsf_dmp->AccessControlInfo.IORegisterMappingNum); + RsfSettingTransferMultiple(&rsf_src->AccessControlInfo.FileSystemAccess,&rsf_src->AccessControlInfo.FileSystemAccessNum,&rsf_dst->AccessControlInfo.FileSystemAccess,&rsf_dst->AccessControlInfo.FileSystemAccessNum,&rsf_dmp->AccessControlInfo.FileSystemAccess,&rsf_dmp->AccessControlInfo.FileSystemAccessNum); + RsfSettingTransferMultiple(&rsf_src->AccessControlInfo.IoAccessControl,&rsf_src->AccessControlInfo.IoAccessControlNum,&rsf_dst->AccessControlInfo.IoAccessControl,&rsf_dst->AccessControlInfo.IoAccessControlNum,&rsf_dmp->AccessControlInfo.IoAccessControl,&rsf_dmp->AccessControlInfo.IoAccessControlNum); + RsfSettingTransferMultiple(&rsf_src->AccessControlInfo.InterruptNumbers,&rsf_src->AccessControlInfo.InterruptNumbersNum,&rsf_dst->AccessControlInfo.InterruptNumbers,&rsf_dst->AccessControlInfo.InterruptNumbersNum,&rsf_dmp->AccessControlInfo.InterruptNumbers,&rsf_dmp->AccessControlInfo.InterruptNumbersNum); + RsfSettingTransferMultiple(&rsf_src->AccessControlInfo.SystemCallAccess,&rsf_src->AccessControlInfo.SystemCallAccessNum,&rsf_dst->AccessControlInfo.SystemCallAccess,&rsf_dst->AccessControlInfo.SystemCallAccessNum,&rsf_dmp->AccessControlInfo.SystemCallAccess,&rsf_dmp->AccessControlInfo.SystemCallAccessNum); + RsfSettingTransferMultiple(&rsf_src->AccessControlInfo.ServiceAccessControl,&rsf_src->AccessControlInfo.ServiceAccessControlNum,&rsf_dst->AccessControlInfo.ServiceAccessControl,&rsf_dst->AccessControlInfo.ServiceAccessControlNum,&rsf_dmp->AccessControlInfo.ServiceAccessControl,&rsf_dmp->AccessControlInfo.ServiceAccessControlNum); + RsfSettingTransferMultiple(&rsf_src->AccessControlInfo.StorageId,&rsf_src->AccessControlInfo.StorageIdNum,&rsf_dst->AccessControlInfo.StorageId,&rsf_dst->AccessControlInfo.StorageIdNum,&rsf_dmp->AccessControlInfo.StorageId,&rsf_dmp->AccessControlInfo.StorageIdNum); + + + //SystemControlInfo + RsfSettingTransferSingle(&rsf_src->SystemControlInfo.StackSize,&rsf_dst->SystemControlInfo.StackSize,&rsf_dmp->SystemControlInfo.StackSize); + RsfSettingTransferSingle(&rsf_src->SystemControlInfo.AppType,&rsf_dst->SystemControlInfo.AppType,&rsf_dmp->SystemControlInfo.AppType); + RsfSettingTransferSingle(&rsf_src->SystemControlInfo.RemasterVersion,&rsf_dst->SystemControlInfo.RemasterVersion,&rsf_dmp->SystemControlInfo.RemasterVersion); + RsfSettingTransferSingle(&rsf_src->SystemControlInfo.JumpId,&rsf_dst->SystemControlInfo.JumpId,&rsf_dmp->SystemControlInfo.JumpId); + RsfSettingTransferMultiple(&rsf_src->SystemControlInfo.Dependency,&rsf_src->SystemControlInfo.DependencyNum,&rsf_dst->SystemControlInfo.Dependency,&rsf_dst->SystemControlInfo.DependencyNum,&rsf_dmp->SystemControlInfo.Dependency,&rsf_dmp->SystemControlInfo.DependencyNum); + + //BasicInfo + RsfSettingTransferSingle(&rsf_src->BasicInfo.Title,&rsf_dst->BasicInfo.Title,&rsf_dmp->BasicInfo.Title); + RsfSettingTransferSingle(&rsf_src->BasicInfo.CompanyCode,&rsf_dst->BasicInfo.CompanyCode,&rsf_dmp->BasicInfo.CompanyCode); + RsfSettingTransferSingle(&rsf_src->BasicInfo.ProductCode,&rsf_dst->BasicInfo.ProductCode,&rsf_dmp->BasicInfo.ProductCode); + RsfSettingTransferSingle(&rsf_src->BasicInfo.MediaSize,&rsf_dst->BasicInfo.MediaSize,&rsf_dmp->BasicInfo.MediaSize); + RsfSettingTransferSingle(&rsf_src->BasicInfo.ContentType,&rsf_dst->BasicInfo.ContentType,&rsf_dmp->BasicInfo.ContentType); + RsfSettingTransferSingle(&rsf_src->BasicInfo.Logo,&rsf_dst->BasicInfo.Logo,&rsf_dmp->BasicInfo.Logo); + RsfSettingTransferSingle(&rsf_src->BasicInfo.BackupMemoryType,&rsf_dst->BasicInfo.BackupMemoryType,&rsf_dmp->BasicInfo.BackupMemoryType); + RsfSettingTransferSingle(&rsf_src->BasicInfo.InitialCode,&rsf_dst->BasicInfo.InitialCode,&rsf_dmp->BasicInfo.InitialCode); + + //Rom + RsfSettingTransferSingle(&rsf_src->Rom.HostRoot,&rsf_dst->Rom.HostRoot,&rsf_dmp->Rom.HostRoot); + RsfSettingTransferSingle(&rsf_src->Rom.Padding,&rsf_dst->Rom.Padding,&rsf_dmp->Rom.Padding); + RsfSettingTransferSingle(&rsf_src->Rom.SaveDataSize,&rsf_dst->Rom.SaveDataSize,&rsf_dmp->Rom.SaveDataSize); + RsfSettingTransferMultiple(&rsf_src->Rom.DefaultReject,&rsf_src->Rom.DefaultRejectNum,&rsf_dst->Rom.DefaultReject,&rsf_dst->Rom.DefaultRejectNum,&rsf_dmp->Rom.DefaultReject,&rsf_dmp->Rom.DefaultRejectNum); + RsfSettingTransferMultiple(&rsf_src->Rom.Reject,&rsf_src->Rom.RejectNum,&rsf_dst->Rom.Reject,&rsf_dst->Rom.RejectNum,&rsf_dmp->Rom.Reject,&rsf_dmp->Rom.RejectNum); + RsfSettingTransferMultiple(&rsf_src->Rom.Include,&rsf_src->Rom.IncludeNum,&rsf_dst->Rom.Include,&rsf_dst->Rom.IncludeNum,&rsf_dmp->Rom.Include,&rsf_dmp->Rom.IncludeNum); + RsfSettingTransferMultiple(&rsf_src->Rom.File,&rsf_src->Rom.FileNum,&rsf_dst->Rom.File,&rsf_dst->Rom.FileNum,&rsf_dmp->Rom.File,&rsf_dmp->Rom.FileNum); + + //ExeFs + RsfSettingTransferMultiple(&rsf_src->ExeFs.Text,&rsf_src->ExeFs.TextNum,&rsf_dst->ExeFs.Text,&rsf_dst->ExeFs.TextNum,&rsf_dmp->ExeFs.Text,&rsf_dmp->ExeFs.TextNum); + RsfSettingTransferMultiple(&rsf_src->ExeFs.ReadOnly,&rsf_src->ExeFs.ReadOnlyNum,&rsf_dst->ExeFs.ReadOnly,&rsf_dst->ExeFs.ReadOnlyNum,&rsf_dmp->ExeFs.ReadOnly,&rsf_dmp->ExeFs.ReadOnlyNum); + RsfSettingTransferMultiple(&rsf_src->ExeFs.ReadWrite,&rsf_src->ExeFs.ReadWriteNum,&rsf_dst->ExeFs.ReadWrite,&rsf_dst->ExeFs.ReadWriteNum,&rsf_dmp->ExeFs.ReadWrite,&rsf_dmp->ExeFs.ReadWriteNum); + + //PlainRegion + RsfSettingTransferMultiple(&rsf_src->PlainRegion,&rsf_src->PlainRegionNum,&rsf_dst->PlainRegion,&rsf_dst->PlainRegionNum,&rsf_dmp->PlainRegion,&rsf_dmp->PlainRegionNum); + + //TitleInfo + RsfSettingTransferSingle(&rsf_src->TitleInfo.Platform,&rsf_dst->TitleInfo.Platform,&rsf_dmp->TitleInfo.Platform); + RsfSettingTransferSingle(&rsf_src->TitleInfo.Category,&rsf_dst->TitleInfo.Category,&rsf_dmp->TitleInfo.Category); + RsfSettingTransferSingle(&rsf_src->TitleInfo.UniqueId,&rsf_dst->TitleInfo.UniqueId,&rsf_dmp->TitleInfo.UniqueId); + RsfSettingTransferSingle(&rsf_src->TitleInfo.Version,&rsf_dst->TitleInfo.Version,&rsf_dmp->TitleInfo.Version); + RsfSettingTransferSingle(&rsf_src->TitleInfo.ContentsIndex,&rsf_dst->TitleInfo.ContentsIndex,&rsf_dmp->TitleInfo.ContentsIndex); + RsfSettingTransferSingle(&rsf_src->TitleInfo.Variation,&rsf_dst->TitleInfo.Variation,&rsf_dmp->TitleInfo.Variation); + RsfSettingTransferSingle(&rsf_src->TitleInfo.Use,&rsf_dst->TitleInfo.Use,&rsf_dmp->TitleInfo.Use); + RsfSettingTransferSingle(&rsf_src->TitleInfo.ChildIndex,&rsf_dst->TitleInfo.ChildIndex,&rsf_dmp->TitleInfo.ChildIndex); + RsfSettingTransferSingle(&rsf_src->TitleInfo.DemoIndex,&rsf_dst->TitleInfo.DemoIndex,&rsf_dmp->TitleInfo.DemoIndex); + RsfSettingTransferSingle(&rsf_src->TitleInfo.TargetCategory,&rsf_dst->TitleInfo.TargetCategory,&rsf_dmp->TitleInfo.TargetCategory); + RsfSettingTransferMultiple(&rsf_src->TitleInfo.CategoryFlags,&rsf_src->TitleInfo.CategoryFlagsNum,&rsf_dst->TitleInfo.CategoryFlags,&rsf_dst->TitleInfo.CategoryFlagsNum,&rsf_dmp->TitleInfo.CategoryFlags,&rsf_dmp->TitleInfo.CategoryFlagsNum); + + //CardInfo + RsfSettingTransferSingle(&rsf_src->CardInfo.WritableAddress,&rsf_dst->CardInfo.WritableAddress,&rsf_dmp->CardInfo.WritableAddress); + RsfSettingTransferSingle(&rsf_src->CardInfo.CardType,&rsf_dst->CardInfo.CardType,&rsf_dmp->CardInfo.CardType); + RsfSettingTransferSingle(&rsf_src->CardInfo.CryptoType,&rsf_dst->CardInfo.CryptoType,&rsf_dmp->CardInfo.CryptoType); + RsfSettingTransferSingle(&rsf_src->CardInfo.CardDevice,&rsf_dst->CardInfo.CardDevice,&rsf_dmp->CardInfo.CardDevice); + RsfSettingTransferSingle(&rsf_src->CardInfo.MediaType,&rsf_dst->CardInfo.MediaType,&rsf_dmp->CardInfo.MediaType); + + free_RsfSettings(rsf_dmp); + + memset(desc,0,sizeof(desc_settings)); + memset(rsf,0,sizeof(rsf_settings)); + + return 0; +} + +void RsfSettingTransferSingle(char **src, char **dst, char **dmp) +{ + if(*src){ // RSF Setting was set + if(*dst) *dmp = *dst; // DESC was also set, so send ptr to dump + else *dmp = NULL; + *dst = *src; // Set DESC Ptr to RSF's ptr + *src = NULL; // Setting to NULL Just in case + } + else{ + *dmp = NULL; + } +} + +void RsfSettingTransferMultiple(char ***src, u32 *src_num, char ***dst, u32 *dst_num, char ***dmp, u32 *dmp_num) +{ + if(*src){ + if(*dst){ + *dmp = *dst; + *dmp_num = *dst_num; + } + else{ + *dmp = NULL; + *dmp_num = 0; + } + *dst = *src; + *dst_num = *src_num; + *src = NULL; + *src_num = 0; + } + else{ + *dmp = NULL; + *dmp_num = 0; + } +} + +void EvaluateRSF(rsf_settings *rsf, ctr_yaml_context *ctx) +{ + u32 start_level = ctx->Level-1; + + /* Check Group Key for Validity */ + CHECK_Group: + //printf("RSF Found: %s\n",GetYamlString(ctx)); + if(cmpYamlValue("Option",ctx)) {FinishEvent(ctx); GET_Option(ctx,rsf); goto GET_NextGroup;} + else if(cmpYamlValue("AccessControlInfo",ctx)) {FinishEvent(ctx); GET_AccessControlInfo(ctx,rsf); goto GET_NextGroup;} + else if(cmpYamlValue("SystemControlInfo",ctx)) {FinishEvent(ctx); GET_SystemControlInfo(ctx,rsf); goto GET_NextGroup;} + else if(cmpYamlValue("BasicInfo",ctx)) {FinishEvent(ctx); GET_BasicInfo(ctx,rsf); goto GET_NextGroup;} + else if(cmpYamlValue("Rom",ctx)) {FinishEvent(ctx); GET_Rom(ctx,rsf); goto GET_NextGroup;} + else if(cmpYamlValue("ExeFs",ctx)) {FinishEvent(ctx); GET_ExeFs(ctx,rsf); goto GET_NextGroup;} + else if(cmpYamlValue("PlainRegion",ctx)) {FinishEvent(ctx); GET_PlainRegion(ctx,rsf); goto GET_NextGroup;} + else if(cmpYamlValue("TitleInfo",ctx)) {FinishEvent(ctx); GET_TitleInfo(ctx,rsf); goto GET_NextGroup;} + else if(cmpYamlValue("CardInfo",ctx)) {FinishEvent(ctx); GET_CardInfo(ctx,rsf); goto GET_NextGroup;} + + // If not recognised escape: + fprintf(stderr,"[-] Unrecognised Key: '%s'\n",GetYamlString(ctx)); + FinishEvent(ctx); + ctx->error = YAML_BAD_GROUP_HEADER; + return; + + /* Get Next Group and call check */ + GET_NextGroup: + // If done return + if(ctx->done || ctx->error) return; + + // Recursively getting events until done or has value + if(!ctx->event.type) GetEvent(ctx); + if(ctx->Level <= start_level) return; // No longer in RSF Domain + while(!EventIsScalar(ctx)){ + if(ctx->done || ctx->error) return; + if(ctx->Level <= start_level) return; // No longer in RSF Domain + FinishEvent(ctx); + GetEvent(ctx); + } + goto CHECK_Group; +} + +void EvaluateDESC(desc_settings *desc, ctr_yaml_context *ctx) +{ + /* Check Group Key for Validity */ + CHECK_Group: + //printf("%s\n",GetYamlString(ctx)); + if(cmpYamlValue("AccessControlDescriptor",ctx)) {FinishEvent(ctx); GET_AccessControlDescriptor(ctx,desc); goto GET_NextGroup;} + else if(cmpYamlValue("CommonHeaderKey",ctx)) {FinishEvent(ctx); GET_CommonHeaderKey(ctx,desc); goto GET_NextGroup;} + else if(cmpYamlValue("DefaultSpec",ctx)) { + FinishEvent(ctx); + if(!CheckMappingEvent(ctx)) return; + GetEvent(ctx); + EvaluateRSF(&desc->DefaultSpec,ctx); + goto GET_NextGroup; + } + + // If not recognised escape: + fprintf(stderr,"[-] Unrecognised Key: '%s' (DESC)\n",GetYamlString(ctx)); + FinishEvent(ctx); + ctx->error = YAML_BAD_GROUP_HEADER; + return; + + /* Get Next Group and call check */ + GET_NextGroup: + // If done return + if(ctx->done || ctx->error) return; + + // Recursively getting events until done or has value + if(!ctx->event.type) GetEvent(ctx); + while(!EventIsScalar(ctx)){ + if(ctx->done || ctx->error) return; + FinishEvent(ctx); + GetEvent(ctx); + } + goto CHECK_Group; +} + +void GET_Option(ctr_yaml_context *ctx, rsf_settings *rsf) +{ + /* Checking That Group is in a map */ + if(!CheckMappingEvent(ctx)) return; + u32 InitLevel = ctx->Level; + /* Checking each child */ + GetEvent(ctx); + while(ctx->Level == InitLevel){ + if(ctx->error || ctx->done) return; + // Handle childs + if(cmpYamlValue("NoPadding",ctx)) rsf->Option.NoPadding = SetBoolYAMLValue("NoPadding",ctx); + else if(cmpYamlValue("AllowUnalignedSection",ctx)) rsf->Option.AllowUnalignedSection = SetBoolYAMLValue("AllowUnalignedSection",ctx); + else if(cmpYamlValue("EnableCrypt",ctx)) rsf->Option.EnableCrypt = SetBoolYAMLValue("EnableCrypt",ctx); + else if(cmpYamlValue("EnableCompress",ctx)) rsf->Option.EnableCompress = SetBoolYAMLValue("EnableCompress",ctx); + else if(cmpYamlValue("FreeProductCode",ctx)) rsf->Option.FreeProductCode = SetBoolYAMLValue("FreeProductCode",ctx); + else if(cmpYamlValue("UseOnSD",ctx)) rsf->Option.UseOnSD = SetBoolYAMLValue("UseOnSD",ctx); + else if(cmpYamlValue("PageSize",ctx)) SetSimpleYAMLValue(&rsf->Option.PageSize,"PageSize",ctx,0); + else if(cmpYamlValue("AppendSystemCall",ctx)) rsf->Option.AppendSystemCallNum = SetYAMLSequence(&rsf->Option.AppendSystemCall,"AppendSystemCall",ctx); + else{ + fprintf(stderr,"[-] Unrecognised key '%s'\n",GetYamlString(ctx)); + ctx->error = YAML_UNKNOWN_KEY; + FinishEvent(ctx); + return; + } + // Finish event start next + FinishEvent(ctx); + GetEvent(ctx); + } + FinishEvent(ctx); +} + +void GET_AccessControlInfo(ctr_yaml_context *ctx, rsf_settings *rsf) +{ + /* Checking That Group is in a map */ + if(!CheckMappingEvent(ctx)) return; + u32 InitLevel = ctx->Level; + /* Checking each child */ + GetEvent(ctx); + while(ctx->Level == InitLevel){ + if(ctx->error || ctx->done) return; + // Handle childs + if(cmpYamlValue("DisableDebug",ctx)) rsf->AccessControlInfo.DisableDebug = SetBoolYAMLValue("DisableDebug",ctx); + else if(cmpYamlValue("EnableForceDebug",ctx)) rsf->AccessControlInfo.EnableForceDebug = SetBoolYAMLValue("EnableForceDebug",ctx); + else if(cmpYamlValue("CanWriteSharedPage",ctx)) rsf->AccessControlInfo.CanWriteSharedPage = SetBoolYAMLValue("CanWriteSharedPage",ctx); + else if(cmpYamlValue("CanUsePrivilegedPriority",ctx)) rsf->AccessControlInfo.CanUsePrivilegedPriority = SetBoolYAMLValue("CanUsePrivilegedPriority",ctx); + else if(cmpYamlValue("CanUseNonAlphabetAndNumber",ctx)) rsf->AccessControlInfo.CanUseNonAlphabetAndNumber = SetBoolYAMLValue("CanUseNonAlphabetAndNumber",ctx); + else if(cmpYamlValue("PermitMainFunctionArgument",ctx)) rsf->AccessControlInfo.PermitMainFunctionArgument = SetBoolYAMLValue("PermitMainFunctionArgument",ctx); + else if(cmpYamlValue("CanShareDeviceMemory",ctx)) rsf->AccessControlInfo.CanShareDeviceMemory = SetBoolYAMLValue("CanShareDeviceMemory",ctx); + else if(cmpYamlValue("UseOtherVariationSaveData",ctx)) rsf->AccessControlInfo.UseOtherVariationSaveData = SetBoolYAMLValue("UseOtherVariationSaveData",ctx); + else if(cmpYamlValue("UseExtSaveData",ctx)) rsf->AccessControlInfo.UseExtSaveData = SetBoolYAMLValue("UseExtSaveData",ctx); + else if(cmpYamlValue("RunnableOnSleep",ctx)) rsf->AccessControlInfo.RunnableOnSleep = SetBoolYAMLValue("RunnableOnSleep",ctx); + else if(cmpYamlValue("SpecialMemoryArrange",ctx)) rsf->AccessControlInfo.SpecialMemoryArrange = SetBoolYAMLValue("SpecialMemoryArrange",ctx); + + + else if(cmpYamlValue("ProgramId",ctx)) SetSimpleYAMLValue(&rsf->AccessControlInfo.ProgramId,"ProgramId",ctx,0); + else if(cmpYamlValue("IdealProcessor",ctx)) SetSimpleYAMLValue(&rsf->AccessControlInfo.IdealProcessor,"IdealProcessor",ctx,0); + else if(cmpYamlValue("Priority",ctx)) SetSimpleYAMLValue(&rsf->AccessControlInfo.Priority,"Priority",ctx,0); + else if(cmpYamlValue("MemoryType",ctx)) SetSimpleYAMLValue(&rsf->AccessControlInfo.MemoryType,"MemoryType",ctx,0); + else if(cmpYamlValue("SystemMode",ctx)) SetSimpleYAMLValue(&rsf->AccessControlInfo.SystemMode,"SystemMode",ctx,0); + else if(cmpYamlValue("FirmwareVersion",ctx)) SetSimpleYAMLValue(&rsf->AccessControlInfo.FirmwareVersion,"FirmwareVersion",ctx,0); + else if(cmpYamlValue("CoreVersion",ctx)) SetSimpleYAMLValue(&rsf->AccessControlInfo.CoreVersion,"CoreVersion",ctx,0); + else if(cmpYamlValue("HandleTableSize",ctx)) SetSimpleYAMLValue(&rsf->AccessControlInfo.HandleTableSize,"HandleTableSize",ctx,0); + else if(cmpYamlValue("SystemSaveDataId1",ctx)) SetSimpleYAMLValue(&rsf->AccessControlInfo.SystemSaveDataId1,"SystemSaveDataId1",ctx,0); + else if(cmpYamlValue("SystemSaveDataId2",ctx)) SetSimpleYAMLValue(&rsf->AccessControlInfo.SystemSaveDataId2,"SystemSaveDataId2",ctx,0); + else if(cmpYamlValue("OtherUserSaveDataId1",ctx)) SetSimpleYAMLValue(&rsf->AccessControlInfo.OtherUserSaveDataId1,"OtherUserSaveDataId1",ctx,0); + else if(cmpYamlValue("OtherUserSaveDataId2",ctx)) SetSimpleYAMLValue(&rsf->AccessControlInfo.OtherUserSaveDataId2,"OtherUserSaveDataId2",ctx,0); + else if(cmpYamlValue("OtherUserSaveDataId3",ctx)) SetSimpleYAMLValue(&rsf->AccessControlInfo.OtherUserSaveDataId3,"OtherUserSaveDataId3",ctx,0); + else if(cmpYamlValue("ExtSaveDataId",ctx)) SetSimpleYAMLValue(&rsf->AccessControlInfo.ExtSaveDataId,"ExtSaveDataId",ctx,0); + else if(cmpYamlValue("ExtSaveDataNumber",ctx)) SetSimpleYAMLValue(&rsf->AccessControlInfo.ExtSaveDataNumber,"ExtSaveDataNumber",ctx,0); + else if(cmpYamlValue("AffinityMask",ctx)) SetSimpleYAMLValue(&rsf->AccessControlInfo.AffinityMask,"AffinityMask",ctx,0); + + + else if(cmpYamlValue("MemoryMapping",ctx)) rsf->AccessControlInfo.MemoryMappingNum = SetYAMLSequence(&rsf->AccessControlInfo.MemoryMapping,"MemoryMapping",ctx); + else if(cmpYamlValue("IORegisterMapping",ctx)) rsf->AccessControlInfo.IORegisterMappingNum = SetYAMLSequence(&rsf->AccessControlInfo.IORegisterMapping,"IORegisterMapping",ctx); + else if(cmpYamlValue("FileSystemAccess",ctx)) rsf->AccessControlInfo.FileSystemAccessNum = SetYAMLSequence(&rsf->AccessControlInfo.FileSystemAccess,"FileSystemAccess",ctx); + else if(cmpYamlValue("IoAccessControl",ctx)) rsf->AccessControlInfo.IoAccessControlNum = SetYAMLSequence(&rsf->AccessControlInfo.IoAccessControl,"IoAccessControl",ctx); + else if(cmpYamlValue("InterruptNumbers",ctx)) rsf->AccessControlInfo.InterruptNumbersNum = SetYAMLSequence(&rsf->AccessControlInfo.InterruptNumbers,"InterruptNumbers",ctx); + else if(cmpYamlValue("SystemCallAccess",ctx)) rsf->AccessControlInfo.SystemCallAccessNum = SetYAMLSequenceFromMapping(&rsf->AccessControlInfo.SystemCallAccess,"SystemCallAccess",ctx,false); + else if(cmpYamlValue("ServiceAccessControl",ctx)) rsf->AccessControlInfo.ServiceAccessControlNum = SetYAMLSequence(&rsf->AccessControlInfo.ServiceAccessControl,"ServiceAccessControl",ctx); + else if(cmpYamlValue("StorageId",ctx)) rsf->AccessControlInfo.StorageIdNum = SetYAMLSequence(&rsf->AccessControlInfo.StorageId,"StorageId",ctx); + + else{ + fprintf(stderr,"[-] Unrecognised key '%s'\n",GetYamlString(ctx)); + ctx->error = YAML_UNKNOWN_KEY; + FinishEvent(ctx); + return; + } + // Finish event start next + FinishEvent(ctx); + GetEvent(ctx); + } + FinishEvent(ctx); +} + +void GET_SystemControlInfo(ctr_yaml_context *ctx, rsf_settings *rsf) +{ + /* Checking That Group is in a map */ + if(!CheckMappingEvent(ctx)) return; + u32 InitLevel = ctx->Level; + /* Checking each child */ + GetEvent(ctx); + while(ctx->Level == InitLevel){ + if(ctx->error || ctx->done) return; + // Handle childs + + if(cmpYamlValue("AppType",ctx)) SetSimpleYAMLValue(&rsf->SystemControlInfo.AppType,"AppType",ctx,0); + else if(cmpYamlValue("StackSize",ctx)) SetSimpleYAMLValue(&rsf->SystemControlInfo.StackSize,"StackSize",ctx,0); + else if(cmpYamlValue("RemasterVersion",ctx)) SetSimpleYAMLValue(&rsf->SystemControlInfo.RemasterVersion,"RemasterVersion",ctx,0); + else if(cmpYamlValue("JumpId",ctx)) SetSimpleYAMLValue(&rsf->SystemControlInfo.JumpId,"JumpId",ctx,0); + else if(cmpYamlValue("Dependency",ctx)) rsf->SystemControlInfo.DependencyNum = SetYAMLSequenceFromMapping(&rsf->SystemControlInfo.Dependency,"Dependency",ctx,false); + else{ + fprintf(stderr,"[-] Unrecognised key '%s'\n",GetYamlString(ctx)); + ctx->error = YAML_UNKNOWN_KEY; + FinishEvent(ctx); + return; + } + // Finish event start next + FinishEvent(ctx); + GetEvent(ctx); + } + FinishEvent(ctx); +} + +void GET_BasicInfo(ctr_yaml_context *ctx, rsf_settings *rsf) +{ + /* Checking That Group is in a map */ + if(!CheckMappingEvent(ctx)) return; + u32 InitLevel = ctx->Level; + /* Checking each child */ + GetEvent(ctx); + while(ctx->Level == InitLevel){ + if(ctx->error || ctx->done) return; + // Handle childs + if(cmpYamlValue("MediaFootPadding",ctx)) rsf->BasicInfo.MediaFootPadding = SetBoolYAMLValue("MediaFootPadding",ctx); + else if(cmpYamlValue("Title",ctx)) SetSimpleYAMLValue(&rsf->BasicInfo.Title,"Title",ctx,0); + else if(cmpYamlValue("CompanyCode",ctx)) SetSimpleYAMLValue(&rsf->BasicInfo.CompanyCode,"CompanyCode",ctx,0); + else if(cmpYamlValue("ProductCode",ctx)) SetSimpleYAMLValue(&rsf->BasicInfo.ProductCode,"ProductCode",ctx,0); + else if(cmpYamlValue("MediaSize",ctx)) SetSimpleYAMLValue(&rsf->BasicInfo.MediaSize,"MediaSize",ctx,0); + else if(cmpYamlValue("ContentType",ctx)) SetSimpleYAMLValue(&rsf->BasicInfo.ContentType,"ContentType",ctx,0); + else if(cmpYamlValue("Logo",ctx)) SetSimpleYAMLValue(&rsf->BasicInfo.Logo,"Logo",ctx,0); + else if(cmpYamlValue("BackupMemoryType",ctx)) SetSimpleYAMLValue(&rsf->BasicInfo.BackupMemoryType,"BackupMemoryType",ctx,0); + else if(cmpYamlValue("InitialCode",ctx)) SetSimpleYAMLValue(&rsf->BasicInfo.InitialCode,"InitialCode",ctx,0); + else{ + fprintf(stderr,"[-] Unrecognised key '%s'\n",GetYamlString(ctx)); + ctx->error = YAML_UNKNOWN_KEY; + FinishEvent(ctx); + return; + } + // Finish event start next + FinishEvent(ctx); + GetEvent(ctx); + } + FinishEvent(ctx); +} + +void GET_Rom(ctr_yaml_context *ctx, rsf_settings *rsf) +{ + /* Checking That Group is in a map */ + if(!CheckMappingEvent(ctx)) return; + u32 InitLevel = ctx->Level; + /* Checking each child */ + GetEvent(ctx); + while(ctx->Level == InitLevel){ + if(ctx->error || ctx->done) return; + // Handle childs + + if(cmpYamlValue("HostRoot",ctx)) SetSimpleYAMLValue(&rsf->Rom.HostRoot,"HostRoot",ctx,0); + else if(cmpYamlValue("Padding",ctx)) SetSimpleYAMLValue(&rsf->Rom.Padding,"Padding",ctx,0); + else if(cmpYamlValue("SaveDataSize",ctx)) SetSimpleYAMLValue(&rsf->Rom.SaveDataSize,"SaveDataSize",ctx,0); + + else if(cmpYamlValue("DefaultReject",ctx)) rsf->Rom.DefaultRejectNum = SetYAMLSequence(&rsf->Rom.DefaultReject,"DefaultReject",ctx); + else if(cmpYamlValue("Reject",ctx)) rsf->Rom.RejectNum = SetYAMLSequence(&rsf->Rom.Reject,"Reject",ctx); + else if(cmpYamlValue("Include",ctx)) rsf->Rom.IncludeNum = SetYAMLSequence(&rsf->Rom.Include,"Include",ctx); + else if(cmpYamlValue("File",ctx)) rsf->Rom.FileNum = SetYAMLSequence(&rsf->Rom.File,"File",ctx); + + else{ + fprintf(stderr,"[-] Unrecognised key '%s'\n",GetYamlString(ctx)); + ctx->error = YAML_UNKNOWN_KEY; + FinishEvent(ctx); + return; + } + // Finish event start next + FinishEvent(ctx); + GetEvent(ctx); + } + FinishEvent(ctx); +} + +void GET_ExeFs(ctr_yaml_context *ctx, rsf_settings *rsf) +{ + /* Checking That Group is in a map */ + if(!CheckMappingEvent(ctx)) return; + u32 InitLevel = ctx->Level; + /* Checking each child */ + GetEvent(ctx); + while(ctx->Level == InitLevel){ + if(ctx->error || ctx->done) return; + // Handle childs + + if(cmpYamlValue("Text",ctx)) rsf->ExeFs.TextNum = SetYAMLSequence(&rsf->ExeFs.Text,"Text",ctx); + else if(cmpYamlValue("ReadOnly",ctx)) rsf->ExeFs.ReadOnlyNum = SetYAMLSequence(&rsf->ExeFs.ReadOnly,"ReadOnly",ctx); + else if(cmpYamlValue("ReadWrite",ctx)) rsf->ExeFs.ReadWriteNum = SetYAMLSequence(&rsf->ExeFs.ReadWrite,"ReadWrite",ctx); + + else{ + fprintf(stderr,"[-] Unrecognised key '%s'\n",GetYamlString(ctx)); + ctx->error = YAML_UNKNOWN_KEY; + FinishEvent(ctx); + return; + } + // Finish event start next + FinishEvent(ctx); + GetEvent(ctx); + } + FinishEvent(ctx); +} + +void GET_PlainRegion(ctr_yaml_context *ctx, rsf_settings *rsf) +{ + rsf->PlainRegionNum = SetYAMLSequence(&rsf->PlainRegion,"PlainRegion",ctx); +} + +void GET_TitleInfo(ctr_yaml_context *ctx, rsf_settings *rsf) +{ + /* Checking That Group is in a map */ + if(!CheckMappingEvent(ctx)) return; + u32 InitLevel = ctx->Level; + /* Checking each child */ + GetEvent(ctx); + while(ctx->Level == InitLevel){ + if(ctx->error || ctx->done) return; + // Handle childs + + if(cmpYamlValue("Platform",ctx)) SetSimpleYAMLValue(&rsf->TitleInfo.Platform,"Platform",ctx,0); + else if(cmpYamlValue("Category",ctx)) SetSimpleYAMLValue(&rsf->TitleInfo.Category,"Category",ctx,0); + else if(cmpYamlValue("UniqueId",ctx)) SetSimpleYAMLValue(&rsf->TitleInfo.UniqueId,"UniqueId",ctx,0); + else if(cmpYamlValue("Version",ctx)) SetSimpleYAMLValue(&rsf->TitleInfo.Version,"Version",ctx,0); + else if(cmpYamlValue("ContentsIndex",ctx)) SetSimpleYAMLValue(&rsf->TitleInfo.ContentsIndex,"ContentsIndex",ctx,0); + else if(cmpYamlValue("Variation",ctx)) SetSimpleYAMLValue(&rsf->TitleInfo.Variation,"Variation",ctx,0); + else if(cmpYamlValue("Use",ctx)) SetSimpleYAMLValue(&rsf->TitleInfo.Use,"Use",ctx,0); + else if(cmpYamlValue("ChildIndex",ctx)) SetSimpleYAMLValue(&rsf->TitleInfo.ChildIndex,"ChildIndex",ctx,0); + else if(cmpYamlValue("DemoIndex",ctx)) SetSimpleYAMLValue(&rsf->TitleInfo.DemoIndex,"DemoIndex",ctx,0); + else if(cmpYamlValue("TargetCategory",ctx)) SetSimpleYAMLValue(&rsf->TitleInfo.TargetCategory,"TargetCategory",ctx,0); + + else if(cmpYamlValue("CategoryFlags",ctx)) rsf->TitleInfo.CategoryFlagsNum = SetYAMLSequence(&rsf->TitleInfo.CategoryFlags,"CategoryFlags",ctx); + + else{ + fprintf(stderr,"[-] Unrecognised key '%s'\n",GetYamlString(ctx)); + ctx->error = YAML_UNKNOWN_KEY; + FinishEvent(ctx); + return; + } + // Finish event start next + FinishEvent(ctx); + GetEvent(ctx); + } + FinishEvent(ctx); +} + +void GET_CardInfo(ctr_yaml_context *ctx, rsf_settings *rsf) +{ + /* Checking That Group is in a map */ + if(!CheckMappingEvent(ctx)) return; + u32 InitLevel = ctx->Level; + /* Checking each child */ + GetEvent(ctx); + while(ctx->Level == InitLevel){ + if(ctx->error || ctx->done) return; + // Handle childs + + if(cmpYamlValue("WritableAddress",ctx)) SetSimpleYAMLValue(&rsf->CardInfo.WritableAddress,"WritableAddress",ctx,0); + else if(cmpYamlValue("CardType",ctx)) SetSimpleYAMLValue(&rsf->CardInfo.CardType,"CardType",ctx,0); + else if(cmpYamlValue("CryptoType",ctx)) SetSimpleYAMLValue(&rsf->CardInfo.CryptoType,"CryptoType",ctx,0); + else if(cmpYamlValue("CardDevice",ctx)) SetSimpleYAMLValue(&rsf->CardInfo.CardDevice,"CardDevice",ctx,0); + else if(cmpYamlValue("MediaType",ctx)) SetSimpleYAMLValue(&rsf->CardInfo.MediaType,"MediaType",ctx,0); + + else{ + fprintf(stderr,"[-] Unrecognised key '%s'\n",GetYamlString(ctx)); + ctx->error = YAML_UNKNOWN_KEY; + FinishEvent(ctx); + return; + } + // Finish event start next + FinishEvent(ctx); + GetEvent(ctx); + } + FinishEvent(ctx); +} + +void GET_AccessControlDescriptor(ctr_yaml_context *ctx, desc_settings *desc) +{ + /* Checking That Group is in a map */ + if(!CheckMappingEvent(ctx)) return; + + u32 InitLevel = ctx->Level; + + /* Checking each child */ + GetEvent(ctx); + desc->AccessControlDescriptor.Found = true; + while(ctx->Level == InitLevel){ + if(ctx->error || ctx->done) return; + // Handle childs + else if(cmpYamlValue("RunnableOnSleep",ctx)) desc->AccessControlDescriptor.RunnableOnSleep = SetBoolYAMLValue("RunnableOnSleep",ctx); + else if(cmpYamlValue("SpecialMemoryArrange",ctx)) desc->AccessControlDescriptor.SpecialMemoryArrange = SetBoolYAMLValue("SpecialMemoryArrange",ctx); + else if(cmpYamlValue("AutoGen",ctx)) desc->AccessControlDescriptor.AutoGen = SetBoolYAMLValue("AutoGen",ctx); + + else if(cmpYamlValue("ProgramId",ctx)) SetSimpleYAMLValue(&desc->AccessControlDescriptor.ProgramIdDesc,"ProgramId",ctx,0); + else if(cmpYamlValue("Priority",ctx)) SetSimpleYAMLValue(&desc->AccessControlDescriptor.PriorityDesc,"Priority",ctx,0); + else if(cmpYamlValue("AffinityMask",ctx)) SetSimpleYAMLValue(&desc->AccessControlDescriptor.AffinityMaskDesc,"AffinityMask",ctx,0); + else if(cmpYamlValue("IdealProcessor",ctx)) SetSimpleYAMLValue(&desc->AccessControlDescriptor.IdealProcessorDesc,"IdealProcessor",ctx,0); + else if(cmpYamlValue("FirmwareVersion",ctx)) SetSimpleYAMLValue(&desc->AccessControlDescriptor.FirmwareVersionDesc,"FirmwareVersion",ctx,0); + else if(cmpYamlValue("HandleTableSize",ctx)) SetSimpleYAMLValue(&desc->AccessControlDescriptor.HandleTableSizeDesc,"HandleTableSize",ctx,0); + else if(cmpYamlValue("MemoryType",ctx)) SetSimpleYAMLValue(&desc->AccessControlDescriptor.MemoryTypeDesc,"MemoryType",ctx,0); + else if(cmpYamlValue("SystemMode",ctx)) SetSimpleYAMLValue(&desc->AccessControlDescriptor.SystemModeDesc,"SystemMode",ctx,0); + else if(cmpYamlValue("DescVersion",ctx)) SetSimpleYAMLValue(&desc->AccessControlDescriptor.DescVersionDesc,"DescVersion",ctx,0); + else if(cmpYamlValue("Signature",ctx)) SetSimpleYAMLValue(&desc->AccessControlDescriptor.AccCtlDescSign,"Signature",ctx,0); + else if(cmpYamlValue("Descriptor",ctx)) SetSimpleYAMLValue(&desc->AccessControlDescriptor.AccCtlDescBin,"Descriptor",ctx,0); + else if(cmpYamlValue("CryptoKey",ctx)) SetSimpleYAMLValue(&desc->AccessControlDescriptor.CryptoKey,"CryptoKey",ctx,0); + else if(cmpYamlValue("ResourceLimitCategory",ctx)) SetSimpleYAMLValue(&desc->AccessControlDescriptor.ResourceLimitCategory,"ResourceLimitCategory",ctx,0); + else if(cmpYamlValue("ReleaseKernelMajor",ctx)) SetSimpleYAMLValue(&desc->AccessControlDescriptor.ReleaseKernelMajor,"ReleaseKernelMajor",ctx,0); + else if(cmpYamlValue("ReleaseKernelMinor",ctx)) SetSimpleYAMLValue(&desc->AccessControlDescriptor.ReleaseKernelMinor,"ReleaseKernelMinor",ctx,0); + + + else if(cmpYamlValue("ServiceAccessControl",ctx)) desc->AccessControlDescriptor.ServiceAccessControlDescNum = SetYAMLSequence(&desc->AccessControlDescriptor.ServiceAccessControlDesc,"ServiceAccessControl",ctx); + else if(cmpYamlValue("MemoryMapping",ctx)) desc->AccessControlDescriptor.MemoryMappingDescNum = SetYAMLSequence(&desc->AccessControlDescriptor.MemoryMappingDesc,"MemoryMapping",ctx); + else if(cmpYamlValue("IORegisterMapping",ctx)) desc->AccessControlDescriptor.IORegisterMappingDescNum = SetYAMLSequence(&desc->AccessControlDescriptor.IORegisterMappingDesc,"IORegisterMapping",ctx); + else if(cmpYamlValue("Arm9AccessControl",ctx)) desc->AccessControlDescriptor.Arm9AccessControlDescNum = SetYAMLSequence(&desc->AccessControlDescriptor.Arm9AccessControlDesc,"Arm9AccessControl",ctx); + else if(cmpYamlValue("EnableInterruptNumbers",ctx)) desc->AccessControlDescriptor.EnableInterruptNumbersNum = SetYAMLSequence(&desc->AccessControlDescriptor.EnableInterruptNumbers,"EnableInterruptNumbers",ctx); + else if(cmpYamlValue("EnableSystemCalls",ctx)) desc->AccessControlDescriptor.EnableSystemCallsNum = SetYAMLSequenceFromMapping(&desc->AccessControlDescriptor.EnableSystemCalls,"EnableSystemCalls",ctx,false); + else if(cmpYamlValue("StorageId",ctx)) desc->AccessControlDescriptor.StorageIdDescNum = SetYAMLSequence(&desc->AccessControlDescriptor.StorageIdDesc,"StorageId",ctx); + + + // These keys while not caught by makerom, are ignored + else if(cmpYamlValue("DisableDebug",ctx)) SkipYAMLGroup(ctx); + else if(cmpYamlValue("EnableForceDebug",ctx)) SkipYAMLGroup(ctx); + else if(cmpYamlValue("CanWriteSharedPage",ctx)) SkipYAMLGroup(ctx); + else if(cmpYamlValue("CanUsePrivilegedPriority",ctx)) SkipYAMLGroup(ctx); + else if(cmpYamlValue("CanUseNonAlphabetAndNumber",ctx)) SkipYAMLGroup(ctx); + else if(cmpYamlValue("PermitMainFunctionArgument",ctx)) SkipYAMLGroup(ctx); + else if(cmpYamlValue("CanShareDeviceMemory",ctx)) SkipYAMLGroup(ctx); + else if(cmpYamlValue("CoreVersion",ctx)) SkipYAMLGroup(ctx); + else if(cmpYamlValue("FileSystemAccess",ctx)) SkipYAMLGroup(ctx); + else if(cmpYamlValue("IoAccessControl",ctx)) SkipYAMLGroup(ctx); + else if(cmpYamlValue("SystemSaveDataId1",ctx)) SkipYAMLGroup(ctx); + else if(cmpYamlValue("SystemSaveDataId2",ctx)) SkipYAMLGroup(ctx); + // Ignored Values End + + else{ + fprintf(stderr,"[-] Unrecognised key '%s'\n",GetYamlString(ctx)); + ctx->error = YAML_UNKNOWN_KEY; + FinishEvent(ctx); + return; + } + // Finish event start next + FinishEvent(ctx); + GetEvent(ctx); + } + + FinishEvent(ctx); +} + +void GET_CommonHeaderKey(ctr_yaml_context *ctx, desc_settings *desc) +{ + /* Checking That Group is in a map */ + if(!CheckMappingEvent(ctx)) return; + u32 InitLevel = ctx->Level; + /* Checking each child */ + GetEvent(ctx); + desc->CommonHeaderKey.Found = true; + while(ctx->Level == InitLevel){ + if(ctx->error || ctx->done) return; + // Handle childs + + if(cmpYamlValue("D",ctx)) SetSimpleYAMLValue(&desc->CommonHeaderKey.D,"D",ctx,0); + else if(cmpYamlValue("P",ctx)) SetSimpleYAMLValue(&desc->CommonHeaderKey.P,"P",ctx,0); + else if(cmpYamlValue("Q",ctx)) SetSimpleYAMLValue(&desc->CommonHeaderKey.Q,"Q",ctx,0); + else if(cmpYamlValue("DP",ctx)) SetSimpleYAMLValue(&desc->CommonHeaderKey.DP,"DP",ctx,0); + else if(cmpYamlValue("DQ",ctx)) SetSimpleYAMLValue(&desc->CommonHeaderKey.DQ,"DQ",ctx,0); + else if(cmpYamlValue("InverseQ",ctx)) SetSimpleYAMLValue(&desc->CommonHeaderKey.InverseQ,"InverseQ",ctx,0); + else if(cmpYamlValue("Modulus",ctx)) SetSimpleYAMLValue(&desc->CommonHeaderKey.Modulus,"Modulus",ctx,0); + else if(cmpYamlValue("Exponent",ctx)) SetSimpleYAMLValue(&desc->CommonHeaderKey.Exponent,"Exponent",ctx,0); + + else{ + fprintf(stderr,"[-] Unrecognised key '%s'\n",GetYamlString(ctx)); + ctx->error = YAML_UNKNOWN_KEY; + FinishEvent(ctx); + return; + } + // Finish event start next + FinishEvent(ctx); + GetEvent(ctx); + } + FinishEvent(ctx); +} \ No newline at end of file diff --git a/yamlsettings.h b/yamlsettings.h new file mode 100644 index 0000000..bd602ab --- /dev/null +++ b/yamlsettings.h @@ -0,0 +1,17 @@ + +int MergeSpecData(desc_settings *out, desc_settings *desc, rsf_settings *rsf); +void EvaluateRSF(rsf_settings *rsf, ctr_yaml_context *ctx); +void EvaluateDESC(desc_settings *desc, ctr_yaml_context *ctx); + +void GET_Option(ctr_yaml_context *ctx, rsf_settings *rsf); +void GET_AccessControlInfo(ctr_yaml_context *ctx, rsf_settings *rsf); +void GET_SystemControlInfo(ctr_yaml_context *ctx, rsf_settings *rsf); +void GET_BasicInfo(ctr_yaml_context *ctx, rsf_settings *rsf); +void GET_Rom(ctr_yaml_context *ctx, rsf_settings *rsf); +void GET_ExeFs(ctr_yaml_context *ctx, rsf_settings *rsf); +void GET_PlainRegion(ctr_yaml_context *ctx, rsf_settings *rsf); +void GET_TitleInfo(ctr_yaml_context *ctx, rsf_settings *rsf); +void GET_CardInfo(ctr_yaml_context *ctx, rsf_settings *rsf); + +void GET_AccessControlDescriptor(ctr_yaml_context *ctx, desc_settings *desc); +void GET_CommonHeaderKey(ctr_yaml_context *ctx, desc_settings *desc); \ No newline at end of file