mirror of
https://github.com/DarkStore-3DS/Project_CTR.git
synced 2026-07-02 16:59:03 +00:00
Cleaned up polarssl.
This commit is contained in:
+1
-138
@@ -189,145 +189,8 @@ int RsaSignVerify(void *data, u64 len, u8 *sign, u8 *mod, u8 *priv_exp, u32 sig_
|
||||
if(rsa_mode == CTR_RSA_VERIFY)
|
||||
rsa_result = rsa_pkcs1_verify(&ctx, RSA_PUBLIC, GetRsaHashType(sig_type), 0, hash, sign);
|
||||
else // CTR_RSA_SIGN
|
||||
rsa_result = ctr_rsa_rsassa_pkcs1_v15_sign(&ctx, RSA_PRIVATE, GetRsaHashType(sig_type), 0, hash, sign);
|
||||
rsa_result = rsa_rsassa_pkcs1_v15_sign(&ctx, RSA_PRIVATE, GetRsaHashType(sig_type), 0, hash, sign);
|
||||
|
||||
rsa_free(&ctx);
|
||||
return rsa_result;
|
||||
}
|
||||
|
||||
/**
|
||||
* Hacked from rsa.c, polarssl doesn't like generating signatures when only D and N are present
|
||||
**/
|
||||
int ctr_rsa_rsassa_pkcs1_v15_sign( rsa_context *ctx,
|
||||
int mode,
|
||||
int hash_id,
|
||||
unsigned int hashlen,
|
||||
const unsigned char *hash,
|
||||
unsigned char *sig )
|
||||
{
|
||||
size_t nb_pad, olen, ret;
|
||||
unsigned char *p = sig;
|
||||
|
||||
if( ctx->padding != RSA_PKCS_V15 )
|
||||
return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
|
||||
|
||||
olen = ctx->len;
|
||||
|
||||
switch( hash_id )
|
||||
{
|
||||
case SIG_RSA_RAW:
|
||||
nb_pad = olen - 3 - hashlen;
|
||||
break;
|
||||
|
||||
case SIG_RSA_MD2:
|
||||
case SIG_RSA_MD4:
|
||||
case SIG_RSA_MD5:
|
||||
nb_pad = olen - 3 - 34;
|
||||
break;
|
||||
|
||||
case SIG_RSA_SHA1:
|
||||
nb_pad = olen - 3 - 35;
|
||||
break;
|
||||
|
||||
case SIG_RSA_SHA224:
|
||||
nb_pad = olen - 3 - 47;
|
||||
break;
|
||||
|
||||
case SIG_RSA_SHA256:
|
||||
nb_pad = olen - 3 - 51;
|
||||
break;
|
||||
|
||||
case SIG_RSA_SHA384:
|
||||
nb_pad = olen - 3 - 67;
|
||||
break;
|
||||
|
||||
case SIG_RSA_SHA512:
|
||||
nb_pad = olen - 3 - 83;
|
||||
break;
|
||||
|
||||
|
||||
default:
|
||||
return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
|
||||
}
|
||||
|
||||
if( ( nb_pad < 8 ) || ( nb_pad > olen ) )
|
||||
return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
|
||||
|
||||
*p++ = 0;
|
||||
*p++ = RSA_SIGN;
|
||||
memset( p, 0xFF, nb_pad );
|
||||
p += nb_pad;
|
||||
*p++ = 0;
|
||||
|
||||
switch( hash_id )
|
||||
{
|
||||
case SIG_RSA_RAW:
|
||||
memcpy( p, hash, hashlen );
|
||||
break;
|
||||
|
||||
case SIG_RSA_MD2:
|
||||
memcpy( p, ASN1_HASH_MDX, 18 );
|
||||
memcpy( p + 18, hash, 16 );
|
||||
p[13] = 2; break;
|
||||
|
||||
case SIG_RSA_MD4:
|
||||
memcpy( p, ASN1_HASH_MDX, 18 );
|
||||
memcpy( p + 18, hash, 16 );
|
||||
p[13] = 4; break;
|
||||
|
||||
case SIG_RSA_MD5:
|
||||
memcpy( p, ASN1_HASH_MDX, 18 );
|
||||
memcpy( p + 18, hash, 16 );
|
||||
p[13] = 5; break;
|
||||
|
||||
case SIG_RSA_SHA1:
|
||||
memcpy( p, ASN1_HASH_SHA1, 15 );
|
||||
memcpy( p + 15, hash, 20 );
|
||||
break;
|
||||
|
||||
case SIG_RSA_SHA224:
|
||||
memcpy( p, ASN1_HASH_SHA2X, 19 );
|
||||
memcpy( p + 19, hash, 28 );
|
||||
p[1] += 28; p[14] = 4; p[18] += 28; break;
|
||||
|
||||
case SIG_RSA_SHA256:
|
||||
memcpy( p, ASN1_HASH_SHA2X, 19 );
|
||||
memcpy( p + 19, hash, 32 );
|
||||
p[1] += 32; p[14] = 1; p[18] += 32; break;
|
||||
|
||||
case SIG_RSA_SHA384:
|
||||
memcpy( p, ASN1_HASH_SHA2X, 19 );
|
||||
memcpy( p + 19, hash, 48 );
|
||||
p[1] += 48; p[14] = 2; p[18] += 48; break;
|
||||
|
||||
case SIG_RSA_SHA512:
|
||||
memcpy( p, ASN1_HASH_SHA2X, 19 );
|
||||
memcpy( p + 19, hash, 64 );
|
||||
p[1] += 64; p[14] = 3; p[18] += 64; break;
|
||||
|
||||
default:
|
||||
return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
|
||||
}
|
||||
|
||||
mpi T, T1, T2;
|
||||
|
||||
mpi_init( &T ); mpi_init( &T1 ); mpi_init( &T2 );
|
||||
|
||||
MPI_CHK( mpi_read_binary( &T, sig, ctx->len ) );
|
||||
|
||||
if( mpi_cmp_mpi( &T, &ctx->N ) >= 0 )
|
||||
{
|
||||
mpi_free( &T );
|
||||
return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
|
||||
}
|
||||
|
||||
MPI_CHK( mpi_exp_mod( &T, &T, &ctx->D, &ctx->N, &ctx->RN ) );
|
||||
|
||||
MPI_CHK( mpi_write_binary( &T, sig, olen ) );
|
||||
|
||||
cleanup:
|
||||
|
||||
mpi_free( &T ); mpi_free( &T1 ); mpi_free( &T2 );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
@@ -1,98 +0,0 @@
|
||||
/**
|
||||
* \file arc4.h
|
||||
*
|
||||
* \brief The ARCFOUR stream cipher
|
||||
*
|
||||
* Copyright (C) 2006-2013, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
#ifndef POLARSSL_ARC4_H
|
||||
#define POLARSSL_ARC4_H
|
||||
|
||||
#include "polarssl/config.h"
|
||||
|
||||
#include <string.h>
|
||||
|
||||
#if !defined(POLARSSL_ARC4_ALT)
|
||||
// Regular implementation
|
||||
//
|
||||
|
||||
/**
|
||||
* \brief ARC4 context structure
|
||||
*/
|
||||
typedef struct
|
||||
{
|
||||
int x; /*!< permutation index */
|
||||
int y; /*!< permutation index */
|
||||
unsigned char m[256]; /*!< permutation table */
|
||||
}
|
||||
arc4_context;
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/**
|
||||
* \brief ARC4 key schedule
|
||||
*
|
||||
* \param ctx ARC4 context to be initialized
|
||||
* \param key the secret key
|
||||
* \param keylen length of the key
|
||||
*/
|
||||
void arc4_setup( arc4_context *ctx, const unsigned char *key, unsigned int keylen );
|
||||
|
||||
/**
|
||||
* \brief ARC4 cipher function
|
||||
*
|
||||
* \param ctx ARC4 context
|
||||
* \param length length of the input data
|
||||
* \param input buffer holding the input data
|
||||
* \param output buffer for the output data
|
||||
*
|
||||
* \return 0 if successful
|
||||
*/
|
||||
int arc4_crypt( arc4_context *ctx, size_t length, const unsigned char *input,
|
||||
unsigned char *output );
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#else /* POLARSSL_ARC4_ALT */
|
||||
#include "polarssl/arc4_alt.h"
|
||||
#endif /* POLARSSL_ARC4_ALT */
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/**
|
||||
* \brief Checkup routine
|
||||
*
|
||||
* \return 0 if successful, or 1 if the test failed
|
||||
*/
|
||||
int arc4_self_test( int verbose );
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* arc4.h */
|
||||
@@ -1,246 +0,0 @@
|
||||
/**
|
||||
* \file asn1.h
|
||||
*
|
||||
* \brief Generic ASN.1 parsing
|
||||
*
|
||||
* Copyright (C) 2006-2011, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
#ifndef POLARSSL_ASN1_H
|
||||
#define POLARSSL_ASN1_H
|
||||
|
||||
#include "polarssl/config.h"
|
||||
|
||||
#if defined(POLARSSL_BIGNUM_C)
|
||||
#include "polarssl/bignum.h"
|
||||
#endif
|
||||
|
||||
#include <string.h>
|
||||
|
||||
/**
|
||||
* \addtogroup asn1_module
|
||||
* \{
|
||||
*/
|
||||
|
||||
/**
|
||||
* \name ASN1 Error codes
|
||||
* These error codes are OR'ed to X509 error codes for
|
||||
* higher error granularity.
|
||||
* ASN1 is a standard to specify data structures.
|
||||
* \{
|
||||
*/
|
||||
#define POLARSSL_ERR_ASN1_OUT_OF_DATA -0x0060 /**< Out of data when parsing an ASN1 data structure. */
|
||||
#define POLARSSL_ERR_ASN1_UNEXPECTED_TAG -0x0062 /**< ASN1 tag was of an unexpected value. */
|
||||
#define POLARSSL_ERR_ASN1_INVALID_LENGTH -0x0064 /**< Error when trying to determine the length or invalid length. */
|
||||
#define POLARSSL_ERR_ASN1_LENGTH_MISMATCH -0x0066 /**< Actual length differs from expected length. */
|
||||
#define POLARSSL_ERR_ASN1_INVALID_DATA -0x0068 /**< Data is invalid. (not used) */
|
||||
#define POLARSSL_ERR_ASN1_MALLOC_FAILED -0x006A /**< Memory allocation failed */
|
||||
#define POLARSSL_ERR_ASN1_BUF_TOO_SMALL -0x006C /**< Buffer too small when writing ASN.1 data structure. */
|
||||
|
||||
/* \} name */
|
||||
|
||||
/**
|
||||
* \name DER constants
|
||||
* These constants comply with DER encoded the ANS1 type tags.
|
||||
* DER encoding uses hexadecimal representation.
|
||||
* An example DER sequence is:\n
|
||||
* - 0x02 -- tag indicating INTEGER
|
||||
* - 0x01 -- length in octets
|
||||
* - 0x05 -- value
|
||||
* Such sequences are typically read into \c ::x509_buf.
|
||||
* \{
|
||||
*/
|
||||
#define ASN1_BOOLEAN 0x01
|
||||
#define ASN1_INTEGER 0x02
|
||||
#define ASN1_BIT_STRING 0x03
|
||||
#define ASN1_OCTET_STRING 0x04
|
||||
#define ASN1_NULL 0x05
|
||||
#define ASN1_OID 0x06
|
||||
#define ASN1_UTF8_STRING 0x0C
|
||||
#define ASN1_SEQUENCE 0x10
|
||||
#define ASN1_SET 0x11
|
||||
#define ASN1_PRINTABLE_STRING 0x13
|
||||
#define ASN1_T61_STRING 0x14
|
||||
#define ASN1_IA5_STRING 0x16
|
||||
#define ASN1_UTC_TIME 0x17
|
||||
#define ASN1_GENERALIZED_TIME 0x18
|
||||
#define ASN1_UNIVERSAL_STRING 0x1C
|
||||
#define ASN1_BMP_STRING 0x1E
|
||||
#define ASN1_PRIMITIVE 0x00
|
||||
#define ASN1_CONSTRUCTED 0x20
|
||||
#define ASN1_CONTEXT_SPECIFIC 0x80
|
||||
/* \} name */
|
||||
/* \} addtogroup asn1_module */
|
||||
|
||||
/** Returns the size of the binary string, without the trailing \\0 */
|
||||
#define OID_SIZE(x) (sizeof(x) - 1)
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/**
|
||||
* \name Functions to parse ASN.1 data structures
|
||||
* \{
|
||||
*/
|
||||
|
||||
/**
|
||||
* Type-length-value structure that allows for ASN1 using DER.
|
||||
*/
|
||||
typedef struct _asn1_buf
|
||||
{
|
||||
int tag; /**< ASN1 type, e.g. ASN1_UTF8_STRING. */
|
||||
size_t len; /**< ASN1 length, e.g. in octets. */
|
||||
unsigned char *p; /**< ASN1 data, e.g. in ASCII. */
|
||||
}
|
||||
asn1_buf;
|
||||
|
||||
/**
|
||||
* Container for ASN1 bit strings.
|
||||
*/
|
||||
typedef struct _asn1_bitstring
|
||||
{
|
||||
size_t len; /**< ASN1 length, e.g. in octets. */
|
||||
unsigned char unused_bits; /**< Number of unused bits at the end of the string */
|
||||
unsigned char *p; /**< Raw ASN1 data for the bit string */
|
||||
}
|
||||
asn1_bitstring;
|
||||
|
||||
/**
|
||||
* Container for a sequence of ASN.1 items
|
||||
*/
|
||||
typedef struct _asn1_sequence
|
||||
{
|
||||
asn1_buf buf; /**< Buffer containing the given ASN.1 item. */
|
||||
struct _asn1_sequence *next; /**< The next entry in the sequence. */
|
||||
}
|
||||
asn1_sequence;
|
||||
|
||||
/**
|
||||
* Get the length of an ASN.1 element.
|
||||
* Updates the pointer to immediately behind the length.
|
||||
*
|
||||
* \param p The position in the ASN.1 data
|
||||
* \param end End of data
|
||||
* \param len The variable that will receive the value
|
||||
*
|
||||
* \return 0 if successful, POLARSSL_ERR_ASN1_OUT_OF_DATA on reaching
|
||||
* end of data, POLARSSL_ERR_ASN1_INVALID_LENGTH if length is
|
||||
* unparseable.
|
||||
*/
|
||||
int asn1_get_len( unsigned char **p,
|
||||
const unsigned char *end,
|
||||
size_t *len );
|
||||
|
||||
/**
|
||||
* Get the tag and length of the tag. Check for the requested tag.
|
||||
* Updates the pointer to immediately behind the tag and length.
|
||||
*
|
||||
* \param p The position in the ASN.1 data
|
||||
* \param end End of data
|
||||
* \param len The variable that will receive the length
|
||||
* \param tag The expected tag
|
||||
*
|
||||
* \return 0 if successful, POLARSSL_ERR_ASN1_UNEXPECTED_TAG if tag did
|
||||
* not match requested tag, or another specific ASN.1 error code.
|
||||
*/
|
||||
int asn1_get_tag( unsigned char **p,
|
||||
const unsigned char *end,
|
||||
size_t *len, int tag );
|
||||
|
||||
/**
|
||||
* Retrieve a boolean ASN.1 tag and its value.
|
||||
* Updates the pointer to immediately behind the full tag.
|
||||
*
|
||||
* \param p The position in the ASN.1 data
|
||||
* \param end End of data
|
||||
* \param val The variable that will receive the value
|
||||
*
|
||||
* \return 0 if successful or a specific ASN.1 error code.
|
||||
*/
|
||||
int asn1_get_bool( unsigned char **p,
|
||||
const unsigned char *end,
|
||||
int *val );
|
||||
|
||||
/**
|
||||
* Retrieve an integer ASN.1 tag and its value.
|
||||
* Updates the pointer to immediately behind the full tag.
|
||||
*
|
||||
* \param p The position in the ASN.1 data
|
||||
* \param end End of data
|
||||
* \param val The variable that will receive the value
|
||||
*
|
||||
* \return 0 if successful or a specific ASN.1 error code.
|
||||
*/
|
||||
int asn1_get_int( unsigned char **p,
|
||||
const unsigned char *end,
|
||||
int *val );
|
||||
|
||||
/**
|
||||
* Retrieve a bitstring ASN.1 tag and its value.
|
||||
* Updates the pointer to immediately behind the full tag.
|
||||
*
|
||||
* \param p The position in the ASN.1 data
|
||||
* \param end End of data
|
||||
* \param bs The variable that will receive the value
|
||||
*
|
||||
* \return 0 if successful or a specific ASN.1 error code.
|
||||
*/
|
||||
int asn1_get_bitstring( unsigned char **p, const unsigned char *end,
|
||||
asn1_bitstring *bs);
|
||||
|
||||
/**
|
||||
* Parses and splits an ASN.1 "SEQUENCE OF <tag>"
|
||||
* Updated the pointer to immediately behind the full sequence tag.
|
||||
*
|
||||
* \param p The position in the ASN.1 data
|
||||
* \param end End of data
|
||||
* \param cur First variable in the chain to fill
|
||||
* \param tag Type of sequence
|
||||
*
|
||||
* \return 0 if successful or a specific ASN.1 error code.
|
||||
*/
|
||||
int asn1_get_sequence_of( unsigned char **p,
|
||||
const unsigned char *end,
|
||||
asn1_sequence *cur,
|
||||
int tag);
|
||||
|
||||
#if defined(POLARSSL_BIGNUM_C)
|
||||
/**
|
||||
* Retrieve a MPI value from an integer ASN.1 tag.
|
||||
* Updates the pointer to immediately behind the full tag.
|
||||
*
|
||||
* \param p The position in the ASN.1 data
|
||||
* \param end End of data
|
||||
* \param X The MPI that will receive the value
|
||||
*
|
||||
* \return 0 if successful or a specific ASN.1 or MPI error code.
|
||||
*/
|
||||
int asn1_get_mpi( unsigned char **p,
|
||||
const unsigned char *end,
|
||||
mpi *X );
|
||||
#endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* asn1.h */
|
||||
@@ -1,46 +0,0 @@
|
||||
/**
|
||||
* \file asn1write.h
|
||||
*
|
||||
* \brief ASN.1 buffer writing functionality
|
||||
*
|
||||
* Copyright (C) 2006-2012, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
#ifndef POLARSSL_ASN1_WRITE_H
|
||||
#define POLARSSL_ASN1_WRITE_H
|
||||
|
||||
#include "polarssl/asn1.h"
|
||||
|
||||
#define ASN1_CHK_ADD(g, f) if( ( ret = f ) < 0 ) return( ret ); else g += ret
|
||||
|
||||
int asn1_write_len( unsigned char **p, unsigned char *start, size_t len );
|
||||
int asn1_write_tag( unsigned char **p, unsigned char *start, unsigned char tag );
|
||||
int asn1_write_mpi( unsigned char **p, unsigned char *start, mpi *X );
|
||||
int asn1_write_null( unsigned char **p, unsigned char *start );
|
||||
int asn1_write_oid( unsigned char **p, unsigned char *start, char *oid );
|
||||
int asn1_write_algorithm_identifier( unsigned char **p, unsigned char *start, char *algorithm_oid );
|
||||
int asn1_write_int( unsigned char **p, unsigned char *start, int val );
|
||||
int asn1_write_printable_string( unsigned char **p, unsigned char *start,
|
||||
char *text );
|
||||
int asn1_write_ia5_string( unsigned char **p, unsigned char *start,
|
||||
char *text );
|
||||
|
||||
#endif /* POLARSSL_ASN1_WRITE_H */
|
||||
@@ -1,171 +0,0 @@
|
||||
/**
|
||||
* \file blowfish.h
|
||||
*
|
||||
* \brief Blowfish block cipher
|
||||
*
|
||||
* Copyright (C) 2012-2013, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
#ifndef POLARSSL_BLOWFISH_H
|
||||
#define POLARSSL_BLOWFISH_H
|
||||
|
||||
#include "polarssl/config.h"
|
||||
|
||||
#include <string.h>
|
||||
|
||||
#ifdef _MSC_VER
|
||||
#include <basetsd.h>
|
||||
typedef UINT32 uint32_t;
|
||||
#else
|
||||
#include <inttypes.h>
|
||||
#endif
|
||||
|
||||
#define BLOWFISH_ENCRYPT 1
|
||||
#define BLOWFISH_DECRYPT 0
|
||||
#define BLOWFISH_MAX_KEY 448
|
||||
#define BLOWFISH_MIN_KEY 32
|
||||
#define BLOWFISH_ROUNDS 16 /* when increasing this value, make sure to extend the initialisation vectors */
|
||||
#define BLOWFISH_BLOCKSIZE 8 /* Blowfish uses 64 bit blocks */
|
||||
|
||||
#define POLARSSL_ERR_BLOWFISH_INVALID_KEY_LENGTH -0x0016 /**< Invalid key length. */
|
||||
#define POLARSSL_ERR_BLOWFISH_INVALID_INPUT_LENGTH -0x0018 /**< Invalid data input length. */
|
||||
|
||||
#if !defined(POLARSSL_BLOWFISH_ALT)
|
||||
// Regular implementation
|
||||
//
|
||||
|
||||
/**
|
||||
* \brief Blowfish context structure
|
||||
*/
|
||||
typedef struct
|
||||
{
|
||||
uint32_t P[BLOWFISH_ROUNDS + 2]; /*!< Blowfish round keys */
|
||||
uint32_t S[4][256]; /*!< key dependent S-boxes */
|
||||
}
|
||||
blowfish_context;
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/**
|
||||
* \brief Blowfish key schedule
|
||||
*
|
||||
* \param ctx Blowfish context to be initialized
|
||||
* \param key encryption key
|
||||
* \param keysize must be between 32 and 448 bits
|
||||
*
|
||||
* \return 0 if successful, or POLARSSL_ERR_BLOWFISH_INVALID_KEY_LENGTH
|
||||
*/
|
||||
int blowfish_setkey( blowfish_context *ctx, const unsigned char *key, unsigned int keysize );
|
||||
|
||||
/**
|
||||
* \brief Blowfish-ECB block encryption/decryption
|
||||
*
|
||||
* \param ctx Blowfish context
|
||||
* \param mode BLOWFISH_ENCRYPT or BLOWFISH_DECRYPT
|
||||
* \param input 8-byte input block
|
||||
* \param output 8-byte output block
|
||||
*
|
||||
* \return 0 if successful
|
||||
*/
|
||||
int blowfish_crypt_ecb( blowfish_context *ctx,
|
||||
int mode,
|
||||
const unsigned char input[BLOWFISH_BLOCKSIZE],
|
||||
unsigned char output[BLOWFISH_BLOCKSIZE] );
|
||||
|
||||
/**
|
||||
* \brief Blowfish-CBC buffer encryption/decryption
|
||||
* Length should be a multiple of the block
|
||||
* size (8 bytes)
|
||||
*
|
||||
* \param ctx Blowfish context
|
||||
* \param mode BLOWFISH_ENCRYPT or BLOWFISH_DECRYPT
|
||||
* \param length length of the input data
|
||||
* \param iv initialization vector (updated after use)
|
||||
* \param input buffer holding the input data
|
||||
* \param output buffer holding the output data
|
||||
*
|
||||
* \return 0 if successful, or POLARSSL_ERR_BLOWFISH_INVALID_INPUT_LENGTH
|
||||
*/
|
||||
int blowfish_crypt_cbc( blowfish_context *ctx,
|
||||
int mode,
|
||||
size_t length,
|
||||
unsigned char iv[BLOWFISH_BLOCKSIZE],
|
||||
const unsigned char *input,
|
||||
unsigned char *output );
|
||||
|
||||
/**
|
||||
* \brief Blowfish CFB buffer encryption/decryption.
|
||||
*
|
||||
* both
|
||||
* \param ctx Blowfish context
|
||||
* \param mode BLOWFISH_ENCRYPT or BLOWFISH_DECRYPT
|
||||
* \param length length of the input data
|
||||
* \param iv_off offset in IV (updated after use)
|
||||
* \param iv initialization vector (updated after use)
|
||||
* \param input buffer holding the input data
|
||||
* \param output buffer holding the output data
|
||||
*
|
||||
* \return 0 if successful
|
||||
*/
|
||||
int blowfish_crypt_cfb64( blowfish_context *ctx,
|
||||
int mode,
|
||||
size_t length,
|
||||
size_t *iv_off,
|
||||
unsigned char iv[BLOWFISH_BLOCKSIZE],
|
||||
const unsigned char *input,
|
||||
unsigned char *output );
|
||||
|
||||
/**
|
||||
* \brief Blowfish-CTR buffer encryption/decryption
|
||||
*
|
||||
* Warning: You have to keep the maximum use of your counter in mind!
|
||||
*
|
||||
* \param length The length of the data
|
||||
* \param nc_off The offset in the current stream_block (for resuming
|
||||
* within current cipher stream). The offset pointer to
|
||||
* should be 0 at the start of a stream.
|
||||
* \param nonce_counter The 64-bit nonce and counter.
|
||||
* \param stream_block The saved stream-block for resuming. Is overwritten
|
||||
* by the function.
|
||||
* \param input The input data stream
|
||||
* \param output The output data stream
|
||||
*
|
||||
* \return 0 if successful
|
||||
*/
|
||||
int blowfish_crypt_ctr( blowfish_context *ctx,
|
||||
size_t length,
|
||||
size_t *nc_off,
|
||||
unsigned char nonce_counter[BLOWFISH_BLOCKSIZE],
|
||||
unsigned char stream_block[BLOWFISH_BLOCKSIZE],
|
||||
const unsigned char *input,
|
||||
unsigned char *output );
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#else /* POLARSSL_BLOWFISH_ALT */
|
||||
#include "polarssl/blowfish_alt.h"
|
||||
#endif /* POLARSSL_BLOWFISH_ALT */
|
||||
|
||||
#endif /* blowfish.h */
|
||||
@@ -1,200 +0,0 @@
|
||||
/**
|
||||
* \file camellia.h
|
||||
*
|
||||
* \brief Camellia block cipher
|
||||
*
|
||||
* Copyright (C) 2006-2013, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
#ifndef POLARSSL_CAMELLIA_H
|
||||
#define POLARSSL_CAMELLIA_H
|
||||
|
||||
#include "polarssl/config.h"
|
||||
|
||||
#include <string.h>
|
||||
|
||||
#ifdef _MSC_VER
|
||||
#include <basetsd.h>
|
||||
typedef UINT32 uint32_t;
|
||||
#else
|
||||
#include <inttypes.h>
|
||||
#endif
|
||||
|
||||
#define CAMELLIA_ENCRYPT 1
|
||||
#define CAMELLIA_DECRYPT 0
|
||||
|
||||
#define POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH -0x0024 /**< Invalid key length. */
|
||||
#define POLARSSL_ERR_CAMELLIA_INVALID_INPUT_LENGTH -0x0026 /**< Invalid data input length. */
|
||||
|
||||
#if !defined(POLARSSL_CAMELLIA_ALT)
|
||||
// Regular implementation
|
||||
//
|
||||
|
||||
/**
|
||||
* \brief CAMELLIA context structure
|
||||
*/
|
||||
typedef struct
|
||||
{
|
||||
int nr; /*!< number of rounds */
|
||||
uint32_t rk[68]; /*!< CAMELLIA round keys */
|
||||
}
|
||||
camellia_context;
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/**
|
||||
* \brief CAMELLIA key schedule (encryption)
|
||||
*
|
||||
* \param ctx CAMELLIA context to be initialized
|
||||
* \param key encryption key
|
||||
* \param keysize must be 128, 192 or 256
|
||||
*
|
||||
* \return 0 if successful, or POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH
|
||||
*/
|
||||
int camellia_setkey_enc( camellia_context *ctx, const unsigned char *key, unsigned int keysize );
|
||||
|
||||
/**
|
||||
* \brief CAMELLIA key schedule (decryption)
|
||||
*
|
||||
* \param ctx CAMELLIA context to be initialized
|
||||
* \param key decryption key
|
||||
* \param keysize must be 128, 192 or 256
|
||||
*
|
||||
* \return 0 if successful, or POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH
|
||||
*/
|
||||
int camellia_setkey_dec( camellia_context *ctx, const unsigned char *key, unsigned int keysize );
|
||||
|
||||
/**
|
||||
* \brief CAMELLIA-ECB block encryption/decryption
|
||||
*
|
||||
* \param ctx CAMELLIA context
|
||||
* \param mode CAMELLIA_ENCRYPT or CAMELLIA_DECRYPT
|
||||
* \param input 16-byte input block
|
||||
* \param output 16-byte output block
|
||||
*
|
||||
* \return 0 if successful
|
||||
*/
|
||||
int camellia_crypt_ecb( camellia_context *ctx,
|
||||
int mode,
|
||||
const unsigned char input[16],
|
||||
unsigned char output[16] );
|
||||
|
||||
/**
|
||||
* \brief CAMELLIA-CBC buffer encryption/decryption
|
||||
* Length should be a multiple of the block
|
||||
* size (16 bytes)
|
||||
*
|
||||
* \param ctx CAMELLIA context
|
||||
* \param mode CAMELLIA_ENCRYPT or CAMELLIA_DECRYPT
|
||||
* \param length length of the input data
|
||||
* \param iv initialization vector (updated after use)
|
||||
* \param input buffer holding the input data
|
||||
* \param output buffer holding the output data
|
||||
*
|
||||
* \return 0 if successful, or POLARSSL_ERR_CAMELLIA_INVALID_INPUT_LENGTH
|
||||
*/
|
||||
int camellia_crypt_cbc( camellia_context *ctx,
|
||||
int mode,
|
||||
size_t length,
|
||||
unsigned char iv[16],
|
||||
const unsigned char *input,
|
||||
unsigned char *output );
|
||||
|
||||
/**
|
||||
* \brief CAMELLIA-CFB128 buffer encryption/decryption
|
||||
*
|
||||
* Note: Due to the nature of CFB you should use the same key schedule for
|
||||
* both encryption and decryption. So a context initialized with
|
||||
* camellia_setkey_enc() for both CAMELLIA_ENCRYPT and CAMELLIE_DECRYPT.
|
||||
*
|
||||
* \param ctx CAMELLIA context
|
||||
* \param mode CAMELLIA_ENCRYPT or CAMELLIA_DECRYPT
|
||||
* \param length length of the input data
|
||||
* \param iv_off offset in IV (updated after use)
|
||||
* \param iv initialization vector (updated after use)
|
||||
* \param input buffer holding the input data
|
||||
* \param output buffer holding the output data
|
||||
*
|
||||
* \return 0 if successful, or POLARSSL_ERR_CAMELLIA_INVALID_INPUT_LENGTH
|
||||
*/
|
||||
int camellia_crypt_cfb128( camellia_context *ctx,
|
||||
int mode,
|
||||
size_t length,
|
||||
size_t *iv_off,
|
||||
unsigned char iv[16],
|
||||
const unsigned char *input,
|
||||
unsigned char *output );
|
||||
|
||||
/**
|
||||
* \brief CAMELLIA-CTR buffer encryption/decryption
|
||||
*
|
||||
* Warning: You have to keep the maximum use of your counter in mind!
|
||||
*
|
||||
* Note: Due to the nature of CTR you should use the same key schedule for
|
||||
* both encryption and decryption. So a context initialized with
|
||||
* camellia_setkey_enc() for both CAMELLIA_ENCRYPT and CAMELLIA_DECRYPT.
|
||||
*
|
||||
* \param length The length of the data
|
||||
* \param nc_off The offset in the current stream_block (for resuming
|
||||
* within current cipher stream). The offset pointer to
|
||||
* should be 0 at the start of a stream.
|
||||
* \param nonce_counter The 128-bit nonce and counter.
|
||||
* \param stream_block The saved stream-block for resuming. Is overwritten
|
||||
* by the function.
|
||||
* \param input The input data stream
|
||||
* \param output The output data stream
|
||||
*
|
||||
* \return 0 if successful
|
||||
*/
|
||||
int camellia_crypt_ctr( camellia_context *ctx,
|
||||
size_t length,
|
||||
size_t *nc_off,
|
||||
unsigned char nonce_counter[16],
|
||||
unsigned char stream_block[16],
|
||||
const unsigned char *input,
|
||||
unsigned char *output );
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#else /* POLARSSL_CAMELLIA_ALT */
|
||||
#include "polarssl/camellia_alt.h"
|
||||
#endif /* POLARSSL_CAMELLIA_ALT */
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/**
|
||||
* \brief Checkup routine
|
||||
*
|
||||
* \return 0 if successful, or 1 if the test failed
|
||||
*/
|
||||
int camellia_self_test( int verbose );
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* camellia.h */
|
||||
@@ -1,47 +0,0 @@
|
||||
/**
|
||||
* \file certs.h
|
||||
*
|
||||
* \brief Sample certificates and DHM parameters for testing
|
||||
*
|
||||
* Copyright (C) 2006-2010, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
#ifndef POLARSSL_CERTS_H
|
||||
#define POLARSSL_CERTS_H
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
extern const char test_ca_crt[];
|
||||
extern const char test_ca_key[];
|
||||
extern const char test_ca_pwd[];
|
||||
extern const char test_srv_crt[];
|
||||
extern const char test_srv_key[];
|
||||
extern const char test_cli_crt[];
|
||||
extern const char test_cli_key[];
|
||||
extern const char test_dhm_params[];
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* certs.h */
|
||||
@@ -1,463 +0,0 @@
|
||||
/**
|
||||
* \file cipher.h
|
||||
*
|
||||
* \brief Generic cipher wrapper.
|
||||
*
|
||||
* \author Adriaan de Jong <dejong@fox-it.com>
|
||||
*
|
||||
* Copyright (C) 2006-2012, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#ifndef POLARSSL_CIPHER_H
|
||||
#define POLARSSL_CIPHER_H
|
||||
|
||||
#include <string.h>
|
||||
|
||||
#if defined(_MSC_VER) && !defined(inline)
|
||||
#define inline _inline
|
||||
#else
|
||||
#if defined(__ARMCC_VERSION) && !defined(inline)
|
||||
#define inline __inline
|
||||
#endif /* __ARMCC_VERSION */
|
||||
#endif /*_MSC_VER */
|
||||
|
||||
#define POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE -0x6080 /**< The selected feature is not available. */
|
||||
#define POLARSSL_ERR_CIPHER_BAD_INPUT_DATA -0x6100 /**< Bad input parameters to function. */
|
||||
#define POLARSSL_ERR_CIPHER_ALLOC_FAILED -0x6180 /**< Failed to allocate memory. */
|
||||
#define POLARSSL_ERR_CIPHER_INVALID_PADDING -0x6200 /**< Input data contains invalid padding and is rejected. */
|
||||
#define POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED -0x6280 /**< Decryption of block requires a full block. */
|
||||
|
||||
typedef enum {
|
||||
POLARSSL_CIPHER_ID_NONE = 0,
|
||||
POLARSSL_CIPHER_ID_NULL,
|
||||
POLARSSL_CIPHER_ID_AES,
|
||||
POLARSSL_CIPHER_ID_DES,
|
||||
POLARSSL_CIPHER_ID_3DES,
|
||||
POLARSSL_CIPHER_ID_CAMELLIA,
|
||||
POLARSSL_CIPHER_ID_BLOWFISH,
|
||||
} cipher_id_t;
|
||||
|
||||
typedef enum {
|
||||
POLARSSL_CIPHER_NONE = 0,
|
||||
POLARSSL_CIPHER_NULL,
|
||||
POLARSSL_CIPHER_AES_128_CBC,
|
||||
POLARSSL_CIPHER_AES_192_CBC,
|
||||
POLARSSL_CIPHER_AES_256_CBC,
|
||||
POLARSSL_CIPHER_AES_128_CFB128,
|
||||
POLARSSL_CIPHER_AES_192_CFB128,
|
||||
POLARSSL_CIPHER_AES_256_CFB128,
|
||||
POLARSSL_CIPHER_AES_128_CTR,
|
||||
POLARSSL_CIPHER_AES_192_CTR,
|
||||
POLARSSL_CIPHER_AES_256_CTR,
|
||||
POLARSSL_CIPHER_CAMELLIA_128_CBC,
|
||||
POLARSSL_CIPHER_CAMELLIA_192_CBC,
|
||||
POLARSSL_CIPHER_CAMELLIA_256_CBC,
|
||||
POLARSSL_CIPHER_CAMELLIA_128_CFB128,
|
||||
POLARSSL_CIPHER_CAMELLIA_192_CFB128,
|
||||
POLARSSL_CIPHER_CAMELLIA_256_CFB128,
|
||||
POLARSSL_CIPHER_CAMELLIA_128_CTR,
|
||||
POLARSSL_CIPHER_CAMELLIA_192_CTR,
|
||||
POLARSSL_CIPHER_CAMELLIA_256_CTR,
|
||||
POLARSSL_CIPHER_DES_CBC,
|
||||
POLARSSL_CIPHER_DES_EDE_CBC,
|
||||
POLARSSL_CIPHER_DES_EDE3_CBC,
|
||||
POLARSSL_CIPHER_BLOWFISH_CBC,
|
||||
POLARSSL_CIPHER_BLOWFISH_CFB64,
|
||||
POLARSSL_CIPHER_BLOWFISH_CTR,
|
||||
} cipher_type_t;
|
||||
|
||||
typedef enum {
|
||||
POLARSSL_MODE_NONE = 0,
|
||||
POLARSSL_MODE_NULL,
|
||||
POLARSSL_MODE_CBC,
|
||||
POLARSSL_MODE_CFB,
|
||||
POLARSSL_MODE_OFB,
|
||||
POLARSSL_MODE_CTR,
|
||||
} cipher_mode_t;
|
||||
|
||||
typedef enum {
|
||||
POLARSSL_OPERATION_NONE = -1,
|
||||
POLARSSL_DECRYPT = 0,
|
||||
POLARSSL_ENCRYPT,
|
||||
} operation_t;
|
||||
|
||||
enum {
|
||||
/** Undefined key length */
|
||||
POLARSSL_KEY_LENGTH_NONE = 0,
|
||||
/** Key length, in bits (including parity), for DES keys */
|
||||
POLARSSL_KEY_LENGTH_DES = 64,
|
||||
/** Key length, in bits (including parity), for DES in two key EDE */
|
||||
POLARSSL_KEY_LENGTH_DES_EDE = 128,
|
||||
/** Key length, in bits (including parity), for DES in three-key EDE */
|
||||
POLARSSL_KEY_LENGTH_DES_EDE3 = 192,
|
||||
/** Maximum length of any IV, in bytes */
|
||||
POLARSSL_MAX_IV_LENGTH = 16,
|
||||
};
|
||||
|
||||
/**
|
||||
* Base cipher information. The non-mode specific functions and values.
|
||||
*/
|
||||
typedef struct {
|
||||
|
||||
/** Base Cipher type (e.g. POLARSSL_CIPHER_ID_AES) */
|
||||
cipher_id_t cipher;
|
||||
|
||||
/** Encrypt using CBC */
|
||||
int (*cbc_func)( void *ctx, operation_t mode, size_t length, unsigned char *iv,
|
||||
const unsigned char *input, unsigned char *output );
|
||||
|
||||
/** Encrypt using CFB (Full length) */
|
||||
int (*cfb_func)( void *ctx, operation_t mode, size_t length, size_t *iv_off,
|
||||
unsigned char *iv, const unsigned char *input, unsigned char *output );
|
||||
|
||||
/** Encrypt using CTR */
|
||||
int (*ctr_func)( void *ctx, size_t length, size_t *nc_off, unsigned char *nonce_counter,
|
||||
unsigned char *stream_block, const unsigned char *input, unsigned char *output );
|
||||
|
||||
/** Set key for encryption purposes */
|
||||
int (*setkey_enc_func)( void *ctx, const unsigned char *key, unsigned int key_length);
|
||||
|
||||
/** Set key for decryption purposes */
|
||||
int (*setkey_dec_func)( void *ctx, const unsigned char *key, unsigned int key_length);
|
||||
|
||||
/** Allocate a new context */
|
||||
void * (*ctx_alloc_func)( void );
|
||||
|
||||
/** Free the given context */
|
||||
void (*ctx_free_func)( void *ctx );
|
||||
|
||||
} cipher_base_t;
|
||||
|
||||
/**
|
||||
* Cipher information. Allows cipher functions to be called in a generic way.
|
||||
*/
|
||||
typedef struct {
|
||||
/** Full cipher identifier (e.g. POLARSSL_CIPHER_AES_256_CBC) */
|
||||
cipher_type_t type;
|
||||
|
||||
/** Cipher mode (e.g. POLARSSL_MODE_CBC) */
|
||||
cipher_mode_t mode;
|
||||
|
||||
/** Cipher key length, in bits (default length for variable sized ciphers)
|
||||
* (Includes parity bits for ciphers like DES) */
|
||||
unsigned int key_length;
|
||||
|
||||
/** Name of the cipher */
|
||||
const char * name;
|
||||
|
||||
/** IV size, in bytes */
|
||||
unsigned int iv_size;
|
||||
|
||||
/** block size, in bytes */
|
||||
unsigned int block_size;
|
||||
|
||||
/** Base cipher information and functions */
|
||||
const cipher_base_t *base;
|
||||
|
||||
} cipher_info_t;
|
||||
|
||||
/**
|
||||
* Generic cipher context.
|
||||
*/
|
||||
typedef struct {
|
||||
/** Information about the associated cipher */
|
||||
const cipher_info_t *cipher_info;
|
||||
|
||||
/** Key length to use */
|
||||
int key_length;
|
||||
|
||||
/** Operation that the context's key has been initialised for */
|
||||
operation_t operation;
|
||||
|
||||
/** Buffer for data that hasn't been encrypted yet */
|
||||
unsigned char unprocessed_data[POLARSSL_MAX_IV_LENGTH];
|
||||
|
||||
/** Number of bytes that still need processing */
|
||||
size_t unprocessed_len;
|
||||
|
||||
/** Current IV or NONCE_COUNTER for CTR-mode */
|
||||
unsigned char iv[POLARSSL_MAX_IV_LENGTH];
|
||||
|
||||
/** Cipher-specific context */
|
||||
void *cipher_ctx;
|
||||
} cipher_context_t;
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/**
|
||||
* \brief Returns the list of ciphers supported by the generic cipher module.
|
||||
*
|
||||
* \return a statically allocated array of ciphers, the last entry
|
||||
* is 0.
|
||||
*/
|
||||
const int *cipher_list( void );
|
||||
|
||||
/**
|
||||
* \brief Returns the cipher information structure associated
|
||||
* with the given cipher name.
|
||||
*
|
||||
* \param cipher_name Name of the cipher to search for.
|
||||
*
|
||||
* \return the cipher information structure associated with the
|
||||
* given cipher_name, or NULL if not found.
|
||||
*/
|
||||
const cipher_info_t *cipher_info_from_string( const char *cipher_name );
|
||||
|
||||
/**
|
||||
* \brief Returns the cipher information structure associated
|
||||
* with the given cipher type.
|
||||
*
|
||||
* \param cipher_type Type of the cipher to search for.
|
||||
*
|
||||
* \return the cipher information structure associated with the
|
||||
* given cipher_type, or NULL if not found.
|
||||
*/
|
||||
const cipher_info_t *cipher_info_from_type( const cipher_type_t cipher_type );
|
||||
|
||||
/**
|
||||
* \brief Initialises and fills the cipher context structure with
|
||||
* the appropriate values.
|
||||
*
|
||||
* \param ctx context to initialise. May not be NULL.
|
||||
* \param cipher_info cipher to use.
|
||||
*
|
||||
* \return \c 0 on success,
|
||||
* \c POLARSSL_ERR_CIPHER_BAD_INPUT_DATA on parameter failure,
|
||||
* \c POLARSSL_ERR_CIPHER_ALLOC_FAILED if allocation of the
|
||||
* cipher-specific context failed.
|
||||
*/
|
||||
int cipher_init_ctx( cipher_context_t *ctx, const cipher_info_t *cipher_info );
|
||||
|
||||
/**
|
||||
* \brief Free the cipher-specific context of ctx. Freeing ctx
|
||||
* itself remains the responsibility of the caller.
|
||||
*
|
||||
* \param ctx Free the cipher-specific context
|
||||
*
|
||||
* \returns 0 on success, POLARSSL_ERR_CIPHER_BAD_INPUT_DATA if
|
||||
* parameter verification fails.
|
||||
*/
|
||||
int cipher_free_ctx( cipher_context_t *ctx );
|
||||
|
||||
/**
|
||||
* \brief Returns the block size of the given cipher.
|
||||
*
|
||||
* \param ctx cipher's context. Must have been initialised.
|
||||
*
|
||||
* \return size of the cipher's blocks, or 0 if ctx has not been
|
||||
* initialised.
|
||||
*/
|
||||
static inline unsigned int cipher_get_block_size( const cipher_context_t *ctx )
|
||||
{
|
||||
if( NULL == ctx || NULL == ctx->cipher_info )
|
||||
return 0;
|
||||
|
||||
return ctx->cipher_info->block_size;
|
||||
}
|
||||
|
||||
/**
|
||||
* \brief Returns the mode of operation for the cipher.
|
||||
* (e.g. POLARSSL_MODE_CBC)
|
||||
*
|
||||
* \param ctx cipher's context. Must have been initialised.
|
||||
*
|
||||
* \return mode of operation, or POLARSSL_MODE_NONE if ctx
|
||||
* has not been initialised.
|
||||
*/
|
||||
static inline cipher_mode_t cipher_get_cipher_mode( const cipher_context_t *ctx )
|
||||
{
|
||||
if( NULL == ctx || NULL == ctx->cipher_info )
|
||||
return POLARSSL_MODE_NONE;
|
||||
|
||||
return ctx->cipher_info->mode;
|
||||
}
|
||||
|
||||
/**
|
||||
* \brief Returns the size of the cipher's IV.
|
||||
*
|
||||
* \param ctx cipher's context. Must have been initialised.
|
||||
*
|
||||
* \return size of the cipher's IV, or 0 if ctx has not been
|
||||
* initialised.
|
||||
*/
|
||||
static inline int cipher_get_iv_size( const cipher_context_t *ctx )
|
||||
{
|
||||
if( NULL == ctx || NULL == ctx->cipher_info )
|
||||
return 0;
|
||||
|
||||
return ctx->cipher_info->iv_size;
|
||||
}
|
||||
|
||||
/**
|
||||
* \brief Returns the type of the given cipher.
|
||||
*
|
||||
* \param ctx cipher's context. Must have been initialised.
|
||||
*
|
||||
* \return type of the cipher, or POLARSSL_CIPHER_NONE if ctx has
|
||||
* not been initialised.
|
||||
*/
|
||||
static inline cipher_type_t cipher_get_type( const cipher_context_t *ctx )
|
||||
{
|
||||
if( NULL == ctx || NULL == ctx->cipher_info )
|
||||
return POLARSSL_CIPHER_NONE;
|
||||
|
||||
return ctx->cipher_info->type;
|
||||
}
|
||||
|
||||
/**
|
||||
* \brief Returns the name of the given cipher, as a string.
|
||||
*
|
||||
* \param ctx cipher's context. Must have been initialised.
|
||||
*
|
||||
* \return name of the cipher, or NULL if ctx was not initialised.
|
||||
*/
|
||||
static inline const char *cipher_get_name( const cipher_context_t *ctx )
|
||||
{
|
||||
if( NULL == ctx || NULL == ctx->cipher_info )
|
||||
return 0;
|
||||
|
||||
return ctx->cipher_info->name;
|
||||
}
|
||||
|
||||
/**
|
||||
* \brief Returns the key length of the cipher.
|
||||
*
|
||||
* \param ctx cipher's context. Must have been initialised.
|
||||
*
|
||||
* \return cipher's key length, in bits, or
|
||||
* POLARSSL_KEY_LENGTH_NONE if ctx has not been
|
||||
* initialised.
|
||||
*/
|
||||
static inline int cipher_get_key_size ( const cipher_context_t *ctx )
|
||||
{
|
||||
if( NULL == ctx )
|
||||
return POLARSSL_KEY_LENGTH_NONE;
|
||||
|
||||
return ctx->key_length;
|
||||
}
|
||||
|
||||
/**
|
||||
* \brief Returns the operation of the given cipher.
|
||||
*
|
||||
* \param ctx cipher's context. Must have been initialised.
|
||||
*
|
||||
* \return operation (POLARSSL_ENCRYPT or POLARSSL_DECRYPT),
|
||||
* or POLARSSL_OPERATION_NONE if ctx has not been
|
||||
* initialised.
|
||||
*/
|
||||
static inline operation_t cipher_get_operation( const cipher_context_t *ctx )
|
||||
{
|
||||
if( NULL == ctx || NULL == ctx->cipher_info )
|
||||
return POLARSSL_OPERATION_NONE;
|
||||
|
||||
return ctx->operation;
|
||||
}
|
||||
|
||||
/**
|
||||
* \brief Set the key to use with the given context.
|
||||
*
|
||||
* \param ctx generic cipher context. May not be NULL. Must have been
|
||||
* initialised using cipher_context_from_type or
|
||||
* cipher_context_from_string.
|
||||
* \param key The key to use.
|
||||
* \param key_length key length to use, in bits.
|
||||
* \param operation Operation that the key will be used for, either
|
||||
* POLARSSL_ENCRYPT or POLARSSL_DECRYPT.
|
||||
*
|
||||
* \returns 0 on success, POLARSSL_ERR_CIPHER_BAD_INPUT_DATA if
|
||||
* parameter verification fails or a cipher specific
|
||||
* error code.
|
||||
*/
|
||||
int cipher_setkey( cipher_context_t *ctx, const unsigned char *key, int key_length,
|
||||
const operation_t operation );
|
||||
|
||||
/**
|
||||
* \brief Reset the given context, setting the IV to iv
|
||||
*
|
||||
* \param ctx generic cipher context
|
||||
* \param iv IV to use or NONCE_COUNTER in the case of a CTR-mode cipher
|
||||
*
|
||||
* \returns 0 on success, POLARSSL_ERR_CIPHER_BAD_INPUT_DATA
|
||||
* if parameter verification fails.
|
||||
*/
|
||||
int cipher_reset( cipher_context_t *ctx, const unsigned char *iv );
|
||||
|
||||
/**
|
||||
* \brief Generic cipher update function. Encrypts/decrypts
|
||||
* using the given cipher context. Writes as many block
|
||||
* size'd blocks of data as possible to output. Any data
|
||||
* that cannot be written immediately will either be added
|
||||
* to the next block, or flushed when cipher_final is
|
||||
* called.
|
||||
*
|
||||
* \param ctx generic cipher context
|
||||
* \param input buffer holding the input data
|
||||
* \param ilen length of the input data
|
||||
* \param output buffer for the output data. Should be able to hold at
|
||||
* least ilen + block_size. Cannot be the same buffer as
|
||||
* input!
|
||||
* \param olen length of the output data, will be filled with the
|
||||
* actual number of bytes written.
|
||||
*
|
||||
* \returns 0 on success, POLARSSL_ERR_CIPHER_BAD_INPUT_DATA if
|
||||
* parameter verification fails,
|
||||
* POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE on an
|
||||
* unsupported mode for a cipher or a cipher specific
|
||||
* error code.
|
||||
*/
|
||||
int cipher_update( cipher_context_t *ctx, const unsigned char *input, size_t ilen,
|
||||
unsigned char *output, size_t *olen );
|
||||
|
||||
/**
|
||||
* \brief Generic cipher finalisation function. If data still
|
||||
* needs to be flushed from an incomplete block, data
|
||||
* contained within it will be padded with the size of
|
||||
* the last block, and written to the output buffer.
|
||||
*
|
||||
* \param ctx Generic cipher context
|
||||
* \param output buffer to write data to. Needs block_size data available.
|
||||
* \param olen length of the data written to the output buffer.
|
||||
*
|
||||
* \returns 0 on success, POLARSSL_ERR_CIPHER_BAD_INPUT_DATA if
|
||||
* parameter verification fails,
|
||||
* POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED if decryption
|
||||
* expected a full block but was not provided one,
|
||||
* POLARSSL_ERR_CIPHER_INVALID_PADDING on invalid padding
|
||||
* while decrypting or a cipher specific error code.
|
||||
*/
|
||||
int cipher_finish( cipher_context_t *ctx, unsigned char *output, size_t *olen);
|
||||
|
||||
|
||||
/**
|
||||
* \brief Checkup routine
|
||||
*
|
||||
* \return 0 if successful, or 1 if the test failed
|
||||
*/
|
||||
int cipher_self_test( int verbose );
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* POLARSSL_MD_H */
|
||||
@@ -1,107 +0,0 @@
|
||||
/**
|
||||
* \file cipher_wrap.h
|
||||
*
|
||||
* \brief Cipher wrappers.
|
||||
*
|
||||
* \author Adriaan de Jong <dejong@fox-it.com>
|
||||
*
|
||||
* Copyright (C) 2006-2012, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
#ifndef POLARSSL_CIPHER_WRAP_H
|
||||
#define POLARSSL_CIPHER_WRAP_H
|
||||
|
||||
#include "polarssl/config.h"
|
||||
#include "polarssl/cipher.h"
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_AES_C)
|
||||
|
||||
extern const cipher_info_t aes_128_cbc_info;
|
||||
extern const cipher_info_t aes_192_cbc_info;
|
||||
extern const cipher_info_t aes_256_cbc_info;
|
||||
|
||||
#if defined(POLARSSL_CIPHER_MODE_CFB)
|
||||
extern const cipher_info_t aes_128_cfb128_info;
|
||||
extern const cipher_info_t aes_192_cfb128_info;
|
||||
extern const cipher_info_t aes_256_cfb128_info;
|
||||
#endif /* POLARSSL_CIPHER_MODE_CFB */
|
||||
|
||||
#if defined(POLARSSL_CIPHER_MODE_CTR)
|
||||
extern const cipher_info_t aes_128_ctr_info;
|
||||
extern const cipher_info_t aes_192_ctr_info;
|
||||
extern const cipher_info_t aes_256_ctr_info;
|
||||
#endif /* POLARSSL_CIPHER_MODE_CTR */
|
||||
|
||||
#endif /* defined(POLARSSL_AES_C) */
|
||||
|
||||
#if defined(POLARSSL_CAMELLIA_C)
|
||||
|
||||
extern const cipher_info_t camellia_128_cbc_info;
|
||||
extern const cipher_info_t camellia_192_cbc_info;
|
||||
extern const cipher_info_t camellia_256_cbc_info;
|
||||
|
||||
#if defined(POLARSSL_CIPHER_MODE_CFB)
|
||||
extern const cipher_info_t camellia_128_cfb128_info;
|
||||
extern const cipher_info_t camellia_192_cfb128_info;
|
||||
extern const cipher_info_t camellia_256_cfb128_info;
|
||||
#endif /* POLARSSL_CIPHER_MODE_CFB */
|
||||
|
||||
#if defined(POLARSSL_CIPHER_MODE_CTR)
|
||||
extern const cipher_info_t camellia_128_ctr_info;
|
||||
extern const cipher_info_t camellia_192_ctr_info;
|
||||
extern const cipher_info_t camellia_256_ctr_info;
|
||||
#endif /* POLARSSL_CIPHER_MODE_CTR */
|
||||
|
||||
#endif /* defined(POLARSSL_CAMELLIA_C) */
|
||||
|
||||
#if defined(POLARSSL_DES_C)
|
||||
|
||||
extern const cipher_info_t des_cbc_info;
|
||||
extern const cipher_info_t des_ede_cbc_info;
|
||||
extern const cipher_info_t des_ede3_cbc_info;
|
||||
|
||||
#endif /* defined(POLARSSL_DES_C) */
|
||||
|
||||
#if defined(POLARSSL_BLOWFISH_C)
|
||||
extern const cipher_info_t blowfish_cbc_info;
|
||||
|
||||
#if defined(POLARSSL_CIPHER_MODE_CFB)
|
||||
extern const cipher_info_t blowfish_cfb64_info;
|
||||
#endif /* POLARSSL_CIPHER_MODE_CFB */
|
||||
|
||||
#if defined(POLARSSL_CIPHER_MODE_CTR)
|
||||
extern const cipher_info_t blowfish_ctr_info;
|
||||
#endif /* POLARSSL_CIPHER_MODE_CTR */
|
||||
#endif /* defined(POLARSSL_BLOWFISH_C) */
|
||||
|
||||
#if defined(POLARSSL_CIPHER_NULL_CIPHER)
|
||||
extern const cipher_info_t null_cipher_info;
|
||||
#endif /* defined(POLARSSL_CIPHER_NULL_CIPHER) */
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* POLARSSL_CIPHER_WRAP_H */
|
||||
+42
-41
@@ -83,7 +83,7 @@
|
||||
* include/polarssl/bn_mul.h
|
||||
*
|
||||
*/
|
||||
#define POLARSSL_HAVE_ASM
|
||||
//#define POLARSSL_HAVE_ASM
|
||||
|
||||
/**
|
||||
* \def POLARSSL_HAVE_SSE2
|
||||
@@ -148,7 +148,7 @@
|
||||
*
|
||||
* Enable Cipher Feedback mode (CFB) for symmetric ciphers.
|
||||
*/
|
||||
#define POLARSSL_CIPHER_MODE_CFB
|
||||
//#define POLARSSL_CIPHER_MODE_CFB
|
||||
|
||||
/**
|
||||
* \def POLARSSL_CIPHER_MODE_CTR
|
||||
@@ -198,7 +198,7 @@
|
||||
* Disable if you run into name conflicts and want to really remove the
|
||||
* error_strerror()
|
||||
*/
|
||||
#define POLARSSL_ERROR_STRERROR_DUMMY
|
||||
//#define POLARSSL_ERROR_STRERROR_DUMMY
|
||||
|
||||
/**
|
||||
* \def POLARSSL_GENPRIME
|
||||
@@ -207,14 +207,14 @@
|
||||
*
|
||||
* Enable the RSA prime-number generation code.
|
||||
*/
|
||||
#define POLARSSL_GENPRIME
|
||||
//#define POLARSSL_GENPRIME
|
||||
|
||||
/**
|
||||
* \def POLARSSL_FS_IO
|
||||
*
|
||||
* Enable functions that use the filesystem.
|
||||
*/
|
||||
#define POLARSSL_FS_IO
|
||||
//#define POLARSSL_FS_IO
|
||||
|
||||
/**
|
||||
* \def POLARSSL_NO_DEFAULT_ENTROPY_SOURCES
|
||||
@@ -248,7 +248,7 @@
|
||||
* Enable support for PKCS#1 v2.1 encoding.
|
||||
* This enables support for RSAES-OAEP and RSASSA-PSS operations.
|
||||
*/
|
||||
#define POLARSSL_PKCS1_V21
|
||||
//#define POLARSSL_PKCS1_V21
|
||||
|
||||
/**
|
||||
* \def POLARSSL_RSA_NO_CRT
|
||||
@@ -257,15 +257,16 @@
|
||||
*
|
||||
* Uncomment this macro to disable the use of CRT in RSA.
|
||||
*
|
||||
#define POLARSSL_RSA_NO_CRT
|
||||
*/
|
||||
#define POLARSSL_RSA_NO_CRT
|
||||
|
||||
|
||||
/**
|
||||
* \def POLARSSL_SELF_TEST
|
||||
*
|
||||
* Enable the checkup functions (*_self_test).
|
||||
*/
|
||||
#define POLARSSL_SELF_TEST
|
||||
//#define POLARSSL_SELF_TEST
|
||||
|
||||
/**
|
||||
* \def POLARSSL_SSL_ALL_ALERT_MESSAGES
|
||||
@@ -279,7 +280,7 @@
|
||||
*
|
||||
* Enable sending of all alert messages
|
||||
*/
|
||||
#define POLARSSL_SSL_ALERT_MESSAGES
|
||||
//#define POLARSSL_SSL_ALERT_MESSAGES
|
||||
|
||||
/**
|
||||
* \def POLARSSL_SSL_DEBUG_ALL
|
||||
@@ -315,7 +316,7 @@
|
||||
*
|
||||
* Comment this macro to disable support for SSLv2 Client Hello messages.
|
||||
*/
|
||||
#define POLARSSL_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
|
||||
//#define POLARSSL_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
|
||||
|
||||
/**
|
||||
* \def POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
|
||||
@@ -391,7 +392,7 @@
|
||||
* TLS_RSA_WITH_RC4_128_MD5
|
||||
* TLS_RSA_WITH_RC4_128_SHA
|
||||
*/
|
||||
#define POLARSSL_ARC4_C
|
||||
//#define POLARSSL_ARC4_C
|
||||
|
||||
/**
|
||||
* \def POLARSSL_ASN1_PARSE_C
|
||||
@@ -401,7 +402,7 @@
|
||||
* Module: library/asn1.c
|
||||
* Caller: library/x509parse.c
|
||||
*/
|
||||
#define POLARSSL_ASN1_PARSE_C
|
||||
//#define POLARSSL_ASN1_PARSE_C
|
||||
|
||||
/**
|
||||
* \def POLARSSL_ASN1_WRITE_C
|
||||
@@ -410,7 +411,7 @@
|
||||
*
|
||||
* Module: library/asn1write.c
|
||||
*/
|
||||
#define POLARSSL_ASN1_WRITE_C
|
||||
//#define POLARSSL_ASN1_WRITE_C
|
||||
|
||||
/**
|
||||
* \def POLARSSL_BASE64_C
|
||||
@@ -446,7 +447,7 @@
|
||||
*
|
||||
* Module: library/blowfish.c
|
||||
*/
|
||||
#define POLARSSL_BLOWFISH_C
|
||||
//#define POLARSSL_BLOWFISH_C
|
||||
|
||||
/**
|
||||
* \def POLARSSL_CAMELLIA_C
|
||||
@@ -467,7 +468,7 @@
|
||||
* TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
|
||||
* TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
|
||||
*/
|
||||
#define POLARSSL_CAMELLIA_C
|
||||
//#define POLARSSL_CAMELLIA_C
|
||||
|
||||
/**
|
||||
* \def POLARSSL_CERTS_C
|
||||
@@ -479,7 +480,7 @@
|
||||
*
|
||||
* This module is used for testing (ssl_client/server).
|
||||
*/
|
||||
#define POLARSSL_CERTS_C
|
||||
//#define POLARSSL_CERTS_C
|
||||
|
||||
/**
|
||||
* \def POLARSSL_CIPHER_C
|
||||
@@ -491,7 +492,7 @@
|
||||
*
|
||||
* Uncomment to enable generic cipher wrappers.
|
||||
*/
|
||||
#define POLARSSL_CIPHER_C
|
||||
//#define POLARSSL_CIPHER_C
|
||||
|
||||
/**
|
||||
* \def POLARSSL_CTR_DRBG_C
|
||||
@@ -505,7 +506,7 @@
|
||||
*
|
||||
* This module provides the CTR_DRBG AES-256 random number generator.
|
||||
*/
|
||||
#define POLARSSL_CTR_DRBG_C
|
||||
//#define POLARSSL_CTR_DRBG_C
|
||||
|
||||
/**
|
||||
* \def POLARSSL_DEBUG_C
|
||||
@@ -519,7 +520,7 @@
|
||||
*
|
||||
* This module provides debugging functions.
|
||||
*/
|
||||
#define POLARSSL_DEBUG_C
|
||||
//#define POLARSSL_DEBUG_C
|
||||
|
||||
/**
|
||||
* \def POLARSSL_DES_C
|
||||
@@ -537,7 +538,7 @@
|
||||
*
|
||||
* PEM uses DES/3DES for decrypting encrypted keys.
|
||||
*/
|
||||
#define POLARSSL_DES_C
|
||||
//#define POLARSSL_DES_C
|
||||
|
||||
/**
|
||||
* \def POLARSSL_DHM_C
|
||||
@@ -563,7 +564,7 @@
|
||||
* TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
|
||||
* TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
|
||||
*/
|
||||
#define POLARSSL_DHM_C
|
||||
//#define POLARSSL_DHM_C
|
||||
|
||||
/**
|
||||
* \def POLARSSL_ENTROPY_C
|
||||
@@ -577,7 +578,7 @@
|
||||
*
|
||||
* This module provides a generic entropy pool
|
||||
*/
|
||||
#define POLARSSL_ENTROPY_C
|
||||
//#define POLARSSL_ENTROPY_C
|
||||
|
||||
/**
|
||||
* \def POLARSSL_ERROR_C
|
||||
@@ -589,7 +590,7 @@
|
||||
*
|
||||
* This module enables err_strerror().
|
||||
*/
|
||||
#define POLARSSL_ERROR_C
|
||||
//#define POLARSSL_ERROR_C
|
||||
|
||||
/**
|
||||
* \def POLARSSL_GCM_C
|
||||
@@ -605,7 +606,7 @@
|
||||
* TLS_RSA_WITH_AES_128_GCM_SHA256
|
||||
* TLS_RSA_WITH_AES_256_GCM_SHA384
|
||||
*/
|
||||
#define POLARSSL_GCM_C
|
||||
//#define POLARSSL_GCM_C
|
||||
|
||||
/**
|
||||
* \def POLARSSL_HAVEGE_C
|
||||
@@ -640,7 +641,7 @@
|
||||
*
|
||||
* Uncomment to enable generic message digest wrappers.
|
||||
*/
|
||||
#define POLARSSL_MD_C
|
||||
//#define POLARSSL_MD_C
|
||||
|
||||
/**
|
||||
* \def POLARSSL_MD2_C
|
||||
@@ -681,7 +682,7 @@
|
||||
* This module is required for SSL/TLS and X.509.
|
||||
* PEM uses MD5 for decrypting encrypted keys.
|
||||
*/
|
||||
#define POLARSSL_MD5_C
|
||||
//#define POLARSSL_MD5_C
|
||||
|
||||
/**
|
||||
* \def POLARSSL_NET_C
|
||||
@@ -693,7 +694,7 @@
|
||||
*
|
||||
* This module provides TCP/IP networking routines.
|
||||
*/
|
||||
#define POLARSSL_NET_C
|
||||
//#define POLARSSL_NET_C
|
||||
|
||||
/**
|
||||
* \def POLARSSL_PADLOCK_C
|
||||
@@ -705,7 +706,7 @@
|
||||
*
|
||||
* This modules adds support for the VIA PadLock on x86.
|
||||
*/
|
||||
#define POLARSSL_PADLOCK_C
|
||||
//#define POLARSSL_PADLOCK_C
|
||||
|
||||
/**
|
||||
* \def POLARSSL_PBKDF2_C
|
||||
@@ -733,7 +734,7 @@
|
||||
*
|
||||
* This modules adds support for decoding PEM files.
|
||||
*/
|
||||
#define POLARSSL_PEM_C
|
||||
//#define POLARSSL_PEM_C
|
||||
|
||||
/**
|
||||
* \def POLARSSL_PKCS5_C
|
||||
@@ -746,7 +747,7 @@
|
||||
*
|
||||
* This module adds support for the PKCS#5 functions.
|
||||
*/
|
||||
#define POLARSSL_PKCS5_C
|
||||
//#define POLARSSL_PKCS5_C
|
||||
|
||||
/**
|
||||
* \def POLARSSL_PKCS11_C
|
||||
@@ -778,7 +779,7 @@
|
||||
*
|
||||
* This module enables PKCS#12 functions.
|
||||
*/
|
||||
#define POLARSSL_PKCS12_C
|
||||
//#define POLARSSL_PKCS12_C
|
||||
|
||||
/**
|
||||
* \def POLARSSL_RSA_C
|
||||
@@ -837,7 +838,7 @@
|
||||
*
|
||||
* This module adds support for SHA-384 and SHA-512.
|
||||
*/
|
||||
#define POLARSSL_SHA4_C
|
||||
//#define POLARSSL_SHA4_C
|
||||
|
||||
/**
|
||||
* \def POLARSSL_SSL_CACHE_C
|
||||
@@ -849,7 +850,7 @@
|
||||
*
|
||||
* Requires: POLARSSL_SSL_CACHE_C
|
||||
*/
|
||||
#define POLARSSL_SSL_CACHE_C
|
||||
//#define POLARSSL_SSL_CACHE_C
|
||||
|
||||
/**
|
||||
* \def POLARSSL_SSL_CLI_C
|
||||
@@ -863,7 +864,7 @@
|
||||
*
|
||||
* This module is required for SSL/TLS client support.
|
||||
*/
|
||||
#define POLARSSL_SSL_CLI_C
|
||||
//#define POLARSSL_SSL_CLI_C
|
||||
|
||||
/**
|
||||
* \def POLARSSL_SSL_SRV_C
|
||||
@@ -877,7 +878,7 @@
|
||||
*
|
||||
* This module is required for SSL/TLS server support.
|
||||
*/
|
||||
#define POLARSSL_SSL_SRV_C
|
||||
//#define POLARSSL_SSL_SRV_C
|
||||
|
||||
/**
|
||||
* \def POLARSSL_SSL_TLS_C
|
||||
@@ -892,7 +893,7 @@
|
||||
*
|
||||
* This module is required for SSL/TLS.
|
||||
*/
|
||||
#define POLARSSL_SSL_TLS_C
|
||||
//#define POLARSSL_SSL_TLS_C
|
||||
|
||||
/**
|
||||
* \def POLARSSL_TIMING_C
|
||||
@@ -904,7 +905,7 @@
|
||||
*
|
||||
* This module is used by the HAVEGE random number generator.
|
||||
*/
|
||||
#define POLARSSL_TIMING_C
|
||||
//#define POLARSSL_TIMING_C
|
||||
|
||||
/**
|
||||
* \def POLARSSL_VERSION_C
|
||||
@@ -915,7 +916,7 @@
|
||||
*
|
||||
* This module provides run-time version information.
|
||||
*/
|
||||
#define POLARSSL_VERSION_C
|
||||
//#define POLARSSL_VERSION_C
|
||||
|
||||
/**
|
||||
* \def POLARSSL_X509_PARSE_C
|
||||
@@ -931,7 +932,7 @@
|
||||
*
|
||||
* This module is required for X.509 certificate parsing.
|
||||
*/
|
||||
#define POLARSSL_X509_PARSE_C
|
||||
//#define POLARSSL_X509_PARSE_C
|
||||
|
||||
/**
|
||||
* \def POLARSSL_X509_WRITE_C
|
||||
@@ -944,7 +945,7 @@
|
||||
*
|
||||
* This module is required for X.509 certificate request writing.
|
||||
*/
|
||||
#define POLARSSL_X509_WRITE_C
|
||||
//#define POLARSSL_X509_WRITE_C
|
||||
|
||||
/**
|
||||
* \def POLARSSL_XTEA_C
|
||||
@@ -954,7 +955,7 @@
|
||||
* Module: library/xtea.c
|
||||
* Caller:
|
||||
*/
|
||||
#define POLARSSL_XTEA_C
|
||||
//#define POLARSSL_XTEA_C
|
||||
/* \} name */
|
||||
|
||||
/**
|
||||
|
||||
@@ -1,231 +0,0 @@
|
||||
/**
|
||||
* \file ctr_drbg.h
|
||||
*
|
||||
* \brief CTR_DRBG based on AES-256 (NIST SP 800-90)
|
||||
*
|
||||
* Copyright (C) 2006-2013, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
#ifndef POLARSSL_CTR_DRBG_H
|
||||
#define POLARSSL_CTR_DRBG_H
|
||||
|
||||
#include <string.h>
|
||||
|
||||
#include "polarssl/aes.h"
|
||||
|
||||
#define POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED -0x0034 /**< The entropy source failed. */
|
||||
#define POLARSSL_ERR_CTR_DRBG_REQUEST_TOO_BIG -0x0036 /**< Too many random requested in single call. */
|
||||
#define POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG -0x0038 /**< Input too large (Entropy + additional). */
|
||||
#define POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR -0x003A /**< Read/write error in file. */
|
||||
|
||||
#define CTR_DRBG_BLOCKSIZE 16 /**< Block size used by the cipher */
|
||||
#define CTR_DRBG_KEYSIZE 32 /**< Key size used by the cipher */
|
||||
#define CTR_DRBG_KEYBITS ( CTR_DRBG_KEYSIZE * 8 )
|
||||
#define CTR_DRBG_SEEDLEN ( CTR_DRBG_KEYSIZE + CTR_DRBG_BLOCKSIZE )
|
||||
/**< The seed length (counter + AES key) */
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_OPTIONS)
|
||||
#define CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default */
|
||||
#define CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
|
||||
#define CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
|
||||
#define CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
|
||||
#define CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
|
||||
#endif /* !POLARSSL_CONFIG_OPTIONS */
|
||||
|
||||
#define CTR_DRBG_PR_OFF 0 /**< No prediction resistance */
|
||||
#define CTR_DRBG_PR_ON 1 /**< Prediction resistance enabled */
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/**
|
||||
* \brief CTR_DRBG context structure
|
||||
*/
|
||||
typedef struct
|
||||
{
|
||||
unsigned char counter[16]; /*!< counter (V) */
|
||||
int reseed_counter; /*!< reseed counter */
|
||||
int prediction_resistance; /*!< enable prediction resistance (Automatic
|
||||
reseed before every random generation) */
|
||||
size_t entropy_len; /*!< amount of entropy grabbed on each (re)seed */
|
||||
int reseed_interval; /*!< reseed interval */
|
||||
|
||||
aes_context aes_ctx; /*!< AES context */
|
||||
|
||||
/*
|
||||
* Callbacks (Entropy)
|
||||
*/
|
||||
int (*f_entropy)(void *, unsigned char *, size_t);
|
||||
|
||||
void *p_entropy; /*!< context for the entropy function */
|
||||
}
|
||||
ctr_drbg_context;
|
||||
|
||||
/**
|
||||
* \brief CTR_DRBG initialization
|
||||
*
|
||||
* Note: Personalization data can be provided in addition to the more generic
|
||||
* entropy source to make this instantiation as unique as possible.
|
||||
*
|
||||
* \param ctx CTR_DRBG context to be initialized
|
||||
* \param f_entropy Entropy callback (p_entropy, buffer to fill, buffer
|
||||
* length)
|
||||
* \param p_entropy Entropy context
|
||||
* \param custom Personalization data (Device specific identifiers)
|
||||
* (Can be NULL)
|
||||
* \param len Length of personalization data
|
||||
*
|
||||
* \return 0 if successful, or
|
||||
* POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED
|
||||
*/
|
||||
int ctr_drbg_init( ctr_drbg_context *ctx,
|
||||
int (*f_entropy)(void *, unsigned char *, size_t),
|
||||
void *p_entropy,
|
||||
const unsigned char *custom,
|
||||
size_t len );
|
||||
|
||||
/**
|
||||
* \brief Enable / disable prediction resistance (Default: Off)
|
||||
*
|
||||
* Note: If enabled, entropy is used for ctx->entropy_len before each call!
|
||||
* Only use this if you have ample supply of good entropy!
|
||||
*
|
||||
* \param ctx CTR_DRBG context
|
||||
* \param resistance CTR_DRBG_PR_ON or CTR_DRBG_PR_OFF
|
||||
*/
|
||||
void ctr_drbg_set_prediction_resistance( ctr_drbg_context *ctx,
|
||||
int resistance );
|
||||
|
||||
/**
|
||||
* \brief Set the amount of entropy grabbed on each (re)seed
|
||||
* (Default: CTR_DRBG_ENTROPY_LEN)
|
||||
*
|
||||
* \param ctx CTR_DRBG context
|
||||
* \param len Amount of entropy to grab
|
||||
*/
|
||||
void ctr_drbg_set_entropy_len( ctr_drbg_context *ctx,
|
||||
size_t len );
|
||||
|
||||
/**
|
||||
* \brief Set the reseed interval
|
||||
* (Default: CTR_DRBG_RESEED_INTERVAL)
|
||||
*
|
||||
* \param ctx CTR_DRBG context
|
||||
* \param interval Reseed interval
|
||||
*/
|
||||
void ctr_drbg_set_reseed_interval( ctr_drbg_context *ctx,
|
||||
int interval );
|
||||
|
||||
/**
|
||||
* \brief CTR_DRBG reseeding (extracts data from entropy source)
|
||||
*
|
||||
* \param ctx CTR_DRBG context
|
||||
* \param additional Additional data to add to state (Can be NULL)
|
||||
* \param len Length of additional data
|
||||
*
|
||||
* \return 0 if successful, or
|
||||
* POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED
|
||||
*/
|
||||
int ctr_drbg_reseed( ctr_drbg_context *ctx,
|
||||
const unsigned char *additional, size_t len );
|
||||
|
||||
/**
|
||||
* \brief CTR_DRBG update state
|
||||
*
|
||||
* \param ctx CTR_DRBG context
|
||||
* \param additional Additional data to update state with
|
||||
* \param add_len Length of additional data
|
||||
*/
|
||||
void ctr_drbg_update( ctr_drbg_context *ctx,
|
||||
const unsigned char *additional, size_t add_len );
|
||||
|
||||
/**
|
||||
* \brief CTR_DRBG generate random with additional update input
|
||||
*
|
||||
* Note: Automatically reseeds if reseed_counter is reached.
|
||||
*
|
||||
* \param p_rng CTR_DRBG context
|
||||
* \param output Buffer to fill
|
||||
* \param output_len Length of the buffer
|
||||
* \param additional Additional data to update with (Can be NULL)
|
||||
* \param add_len Length of additional data
|
||||
*
|
||||
* \return 0 if successful, or
|
||||
* POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED, or
|
||||
* POLARSSL_ERR_CTR_DRBG_REQUEST_TOO_BIG
|
||||
*/
|
||||
int ctr_drbg_random_with_add( void *p_rng,
|
||||
unsigned char *output, size_t output_len,
|
||||
const unsigned char *additional, size_t add_len );
|
||||
|
||||
/**
|
||||
* \brief CTR_DRBG generate random
|
||||
*
|
||||
* Note: Automatically reseeds if reseed_counter is reached.
|
||||
*
|
||||
* \param p_rng CTR_DRBG context
|
||||
* \param output Buffer to fill
|
||||
* \param output_len Length of the buffer
|
||||
*
|
||||
* \return 0 if successful, or
|
||||
* POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED, or
|
||||
* POLARSSL_ERR_CTR_DRBG_REQUEST_TOO_BIG
|
||||
*/
|
||||
int ctr_drbg_random( void *p_rng,
|
||||
unsigned char *output, size_t output_len );
|
||||
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
/**
|
||||
* \brief Write a seed file
|
||||
*
|
||||
* \param path Name of the file
|
||||
*
|
||||
* \return 0 if successful, 1 on file error, or
|
||||
* POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED
|
||||
*/
|
||||
int ctr_drbg_write_seed_file( ctr_drbg_context *ctx, const char *path );
|
||||
|
||||
/**
|
||||
* \brief Read and update a seed file. Seed is added to this
|
||||
* instance
|
||||
*
|
||||
* \param path Name of the file
|
||||
*
|
||||
* \return 0 if successful, 1 on file error,
|
||||
* POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED or
|
||||
* POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG
|
||||
*/
|
||||
int ctr_drbg_update_seed_file( ctr_drbg_context *ctx, const char *path );
|
||||
#endif
|
||||
|
||||
/**
|
||||
* \brief Checkup routine
|
||||
*
|
||||
* \return 0 if successful, or 1 if the test failed
|
||||
*/
|
||||
int ctr_drbg_self_test( int verbose );
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* ctr_drbg.h */
|
||||
@@ -1,89 +0,0 @@
|
||||
/**
|
||||
* \file debug.h
|
||||
*
|
||||
* \brief Debug functions
|
||||
*
|
||||
* Copyright (C) 2006-2011, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
#ifndef POLARSSL_DEBUG_H
|
||||
#define POLARSSL_DEBUG_H
|
||||
|
||||
#include "polarssl/config.h"
|
||||
#include "polarssl/ssl.h"
|
||||
|
||||
#if defined(POLARSSL_DEBUG_C)
|
||||
|
||||
#define SSL_DEBUG_MSG( level, args ) \
|
||||
debug_print_msg( ssl, level, __FILE__, __LINE__, debug_fmt args );
|
||||
|
||||
#define SSL_DEBUG_RET( level, text, ret ) \
|
||||
debug_print_ret( ssl, level, __FILE__, __LINE__, text, ret );
|
||||
|
||||
#define SSL_DEBUG_BUF( level, text, buf, len ) \
|
||||
debug_print_buf( ssl, level, __FILE__, __LINE__, text, buf, len );
|
||||
|
||||
#define SSL_DEBUG_MPI( level, text, X ) \
|
||||
debug_print_mpi( ssl, level, __FILE__, __LINE__, text, X );
|
||||
|
||||
#define SSL_DEBUG_CRT( level, text, crt ) \
|
||||
debug_print_crt( ssl, level, __FILE__, __LINE__, text, crt );
|
||||
|
||||
#else
|
||||
|
||||
#define SSL_DEBUG_MSG( level, args ) do { } while( 0 )
|
||||
#define SSL_DEBUG_RET( level, text, ret ) do { } while( 0 )
|
||||
#define SSL_DEBUG_BUF( level, text, buf, len ) do { } while( 0 )
|
||||
#define SSL_DEBUG_MPI( level, text, X ) do { } while( 0 )
|
||||
#define SSL_DEBUG_CRT( level, text, crt ) do { } while( 0 )
|
||||
|
||||
#endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
char *debug_fmt( const char *format, ... );
|
||||
|
||||
void debug_print_msg( const ssl_context *ssl, int level,
|
||||
const char *file, int line, const char *text );
|
||||
|
||||
void debug_print_ret( const ssl_context *ssl, int level,
|
||||
const char *file, int line,
|
||||
const char *text, int ret );
|
||||
|
||||
void debug_print_buf( const ssl_context *ssl, int level,
|
||||
const char *file, int line, const char *text,
|
||||
unsigned char *buf, size_t len );
|
||||
|
||||
void debug_print_mpi( const ssl_context *ssl, int level,
|
||||
const char *file, int line,
|
||||
const char *text, const mpi *X );
|
||||
|
||||
void debug_print_crt( const ssl_context *ssl, int level,
|
||||
const char *file, int line,
|
||||
const char *text, const x509_cert *crt );
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* debug.h */
|
||||
@@ -1,252 +0,0 @@
|
||||
/**
|
||||
* \file des.h
|
||||
*
|
||||
* \brief DES block cipher
|
||||
*
|
||||
* Copyright (C) 2006-2013, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
#ifndef POLARSSL_DES_H
|
||||
#define POLARSSL_DES_H
|
||||
|
||||
#include "polarssl/config.h"
|
||||
|
||||
#include <string.h>
|
||||
|
||||
#ifdef _MSC_VER
|
||||
#include <basetsd.h>
|
||||
typedef UINT32 uint32_t;
|
||||
#else
|
||||
#include <inttypes.h>
|
||||
#endif
|
||||
|
||||
#define DES_ENCRYPT 1
|
||||
#define DES_DECRYPT 0
|
||||
|
||||
#define POLARSSL_ERR_DES_INVALID_INPUT_LENGTH -0x0032 /**< The data input has an invalid length. */
|
||||
|
||||
#define DES_KEY_SIZE 8
|
||||
|
||||
#if !defined(POLARSSL_DES_ALT)
|
||||
// Regular implementation
|
||||
//
|
||||
|
||||
/**
|
||||
* \brief DES context structure
|
||||
*/
|
||||
typedef struct
|
||||
{
|
||||
int mode; /*!< encrypt/decrypt */
|
||||
uint32_t sk[32]; /*!< DES subkeys */
|
||||
}
|
||||
des_context;
|
||||
|
||||
/**
|
||||
* \brief Triple-DES context structure
|
||||
*/
|
||||
typedef struct
|
||||
{
|
||||
int mode; /*!< encrypt/decrypt */
|
||||
uint32_t sk[96]; /*!< 3DES subkeys */
|
||||
}
|
||||
des3_context;
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/**
|
||||
* \brief Set key parity on the given key to odd.
|
||||
*
|
||||
* DES keys are 56 bits long, but each byte is padded with
|
||||
* a parity bit to allow verification.
|
||||
*
|
||||
* \param key 8-byte secret key
|
||||
*/
|
||||
void des_key_set_parity( unsigned char key[DES_KEY_SIZE] );
|
||||
|
||||
/**
|
||||
* \brief Check that key parity on the given key is odd.
|
||||
*
|
||||
* DES keys are 56 bits long, but each byte is padded with
|
||||
* a parity bit to allow verification.
|
||||
*
|
||||
* \param key 8-byte secret key
|
||||
*
|
||||
* \return 0 is parity was ok, 1 if parity was not correct.
|
||||
*/
|
||||
int des_key_check_key_parity( const unsigned char key[DES_KEY_SIZE] );
|
||||
|
||||
/**
|
||||
* \brief Check that key is not a weak or semi-weak DES key
|
||||
*
|
||||
* \param key 8-byte secret key
|
||||
*
|
||||
* \return 0 if no weak key was found, 1 if a weak key was identified.
|
||||
*/
|
||||
int des_key_check_weak( const unsigned char key[DES_KEY_SIZE] );
|
||||
|
||||
/**
|
||||
* \brief DES key schedule (56-bit, encryption)
|
||||
*
|
||||
* \param ctx DES context to be initialized
|
||||
* \param key 8-byte secret key
|
||||
*
|
||||
* \return 0
|
||||
*/
|
||||
int des_setkey_enc( des_context *ctx, const unsigned char key[DES_KEY_SIZE] );
|
||||
|
||||
/**
|
||||
* \brief DES key schedule (56-bit, decryption)
|
||||
*
|
||||
* \param ctx DES context to be initialized
|
||||
* \param key 8-byte secret key
|
||||
*
|
||||
* \return 0
|
||||
*/
|
||||
int des_setkey_dec( des_context *ctx, const unsigned char key[DES_KEY_SIZE] );
|
||||
|
||||
/**
|
||||
* \brief Triple-DES key schedule (112-bit, encryption)
|
||||
*
|
||||
* \param ctx 3DES context to be initialized
|
||||
* \param key 16-byte secret key
|
||||
*
|
||||
* \return 0
|
||||
*/
|
||||
int des3_set2key_enc( des3_context *ctx, const unsigned char key[DES_KEY_SIZE * 2] );
|
||||
|
||||
/**
|
||||
* \brief Triple-DES key schedule (112-bit, decryption)
|
||||
*
|
||||
* \param ctx 3DES context to be initialized
|
||||
* \param key 16-byte secret key
|
||||
*
|
||||
* \return 0
|
||||
*/
|
||||
int des3_set2key_dec( des3_context *ctx, const unsigned char key[DES_KEY_SIZE * 2] );
|
||||
|
||||
/**
|
||||
* \brief Triple-DES key schedule (168-bit, encryption)
|
||||
*
|
||||
* \param ctx 3DES context to be initialized
|
||||
* \param key 24-byte secret key
|
||||
*
|
||||
* \return 0
|
||||
*/
|
||||
int des3_set3key_enc( des3_context *ctx, const unsigned char key[DES_KEY_SIZE * 3] );
|
||||
|
||||
/**
|
||||
* \brief Triple-DES key schedule (168-bit, decryption)
|
||||
*
|
||||
* \param ctx 3DES context to be initialized
|
||||
* \param key 24-byte secret key
|
||||
*
|
||||
* \return 0
|
||||
*/
|
||||
int des3_set3key_dec( des3_context *ctx, const unsigned char key[DES_KEY_SIZE * 3] );
|
||||
|
||||
/**
|
||||
* \brief DES-ECB block encryption/decryption
|
||||
*
|
||||
* \param ctx DES context
|
||||
* \param input 64-bit input block
|
||||
* \param output 64-bit output block
|
||||
*
|
||||
* \return 0 if successful
|
||||
*/
|
||||
int des_crypt_ecb( des_context *ctx,
|
||||
const unsigned char input[8],
|
||||
unsigned char output[8] );
|
||||
|
||||
/**
|
||||
* \brief DES-CBC buffer encryption/decryption
|
||||
*
|
||||
* \param ctx DES context
|
||||
* \param mode DES_ENCRYPT or DES_DECRYPT
|
||||
* \param length length of the input data
|
||||
* \param iv initialization vector (updated after use)
|
||||
* \param input buffer holding the input data
|
||||
* \param output buffer holding the output data
|
||||
*/
|
||||
int des_crypt_cbc( des_context *ctx,
|
||||
int mode,
|
||||
size_t length,
|
||||
unsigned char iv[8],
|
||||
const unsigned char *input,
|
||||
unsigned char *output );
|
||||
|
||||
/**
|
||||
* \brief 3DES-ECB block encryption/decryption
|
||||
*
|
||||
* \param ctx 3DES context
|
||||
* \param input 64-bit input block
|
||||
* \param output 64-bit output block
|
||||
*
|
||||
* \return 0 if successful
|
||||
*/
|
||||
int des3_crypt_ecb( des3_context *ctx,
|
||||
const unsigned char input[8],
|
||||
unsigned char output[8] );
|
||||
|
||||
/**
|
||||
* \brief 3DES-CBC buffer encryption/decryption
|
||||
*
|
||||
* \param ctx 3DES context
|
||||
* \param mode DES_ENCRYPT or DES_DECRYPT
|
||||
* \param length length of the input data
|
||||
* \param iv initialization vector (updated after use)
|
||||
* \param input buffer holding the input data
|
||||
* \param output buffer holding the output data
|
||||
*
|
||||
* \return 0 if successful, or POLARSSL_ERR_DES_INVALID_INPUT_LENGTH
|
||||
*/
|
||||
int des3_crypt_cbc( des3_context *ctx,
|
||||
int mode,
|
||||
size_t length,
|
||||
unsigned char iv[8],
|
||||
const unsigned char *input,
|
||||
unsigned char *output );
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#else /* POLARSSL_DES_ALT */
|
||||
#include "polarssl/des_alt.h"
|
||||
#endif /* POLARSSL_DES_ALT */
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/**
|
||||
* \brief Checkup routine
|
||||
*
|
||||
* \return 0 if successful, or 1 if the test failed
|
||||
*/
|
||||
int des_self_test( int verbose );
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* des.h */
|
||||
@@ -1,244 +0,0 @@
|
||||
/**
|
||||
* \file dhm.h
|
||||
*
|
||||
* \brief Diffie-Hellman-Merkle key exchange
|
||||
*
|
||||
* Copyright (C) 2006-2010, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
#ifndef POLARSSL_DHM_H
|
||||
#define POLARSSL_DHM_H
|
||||
|
||||
#include "polarssl/bignum.h"
|
||||
|
||||
/*
|
||||
* DHM Error codes
|
||||
*/
|
||||
#define POLARSSL_ERR_DHM_BAD_INPUT_DATA -0x3080 /**< Bad input parameters to function. */
|
||||
#define POLARSSL_ERR_DHM_READ_PARAMS_FAILED -0x3100 /**< Reading of the DHM parameters failed. */
|
||||
#define POLARSSL_ERR_DHM_MAKE_PARAMS_FAILED -0x3180 /**< Making of the DHM parameters failed. */
|
||||
#define POLARSSL_ERR_DHM_READ_PUBLIC_FAILED -0x3200 /**< Reading of the public values failed. */
|
||||
#define POLARSSL_ERR_DHM_MAKE_PUBLIC_FAILED -0x3280 /**< Making of the public value failed. */
|
||||
#define POLARSSL_ERR_DHM_CALC_SECRET_FAILED -0x3300 /**< Calculation of the DHM secret failed. */
|
||||
|
||||
/**
|
||||
* RFC 3526 defines a number of standardized Diffie-Hellman groups
|
||||
* for IKE.
|
||||
* RFC 5114 defines a number of standardized Diffie-Hellman groups
|
||||
* that can be used.
|
||||
*
|
||||
* Some are included here for convenience.
|
||||
*
|
||||
* Included are:
|
||||
* RFC 3526 3. 2048-bit MODP Group
|
||||
* RFC 3526 4. 3072-bit MODP Group
|
||||
* RFC 5114 2.1. 1024-bit MODP Group with 160-bit Prime Order Subgroup
|
||||
* RFC 5114 2.2. 2048-bit MODP Group with 224-bit Prime Order Subgroup
|
||||
*/
|
||||
#define POLARSSL_DHM_RFC3526_MODP_2048_P \
|
||||
"FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \
|
||||
"29024E088A67CC74020BBEA63B139B22514A08798E3404DD" \
|
||||
"EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" \
|
||||
"E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" \
|
||||
"EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" \
|
||||
"C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" \
|
||||
"83655D23DCA3AD961C62F356208552BB9ED529077096966D" \
|
||||
"670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" \
|
||||
"E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9" \
|
||||
"DE2BCBF6955817183995497CEA956AE515D2261898FA0510" \
|
||||
"15728E5A8AACAA68FFFFFFFFFFFFFFFF"
|
||||
|
||||
#define POLARSSL_DHM_RFC3526_MODP_2048_G "02"
|
||||
|
||||
#define POLARSSL_DHM_RFC3526_MODP_3072_P \
|
||||
"FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \
|
||||
"29024E088A67CC74020BBEA63B139B22514A08798E3404DD" \
|
||||
"EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" \
|
||||
"E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" \
|
||||
"EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" \
|
||||
"C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" \
|
||||
"83655D23DCA3AD961C62F356208552BB9ED529077096966D" \
|
||||
"670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" \
|
||||
"E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9" \
|
||||
"DE2BCBF6955817183995497CEA956AE515D2261898FA0510" \
|
||||
"15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64" \
|
||||
"ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7" \
|
||||
"ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B" \
|
||||
"F12FFA06D98A0864D87602733EC86A64521F2B18177B200C" \
|
||||
"BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31" \
|
||||
"43DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF"
|
||||
|
||||
#define POLARSSL_DHM_RFC3526_MODP_3072_G "02"
|
||||
|
||||
#define POLARSSL_DHM_RFC5114_MODP_1024_P \
|
||||
"B10B8F96A080E01DDE92DE5EAE5D54EC52C99FBCFB06A3C6" \
|
||||
"9A6A9DCA52D23B616073E28675A23D189838EF1E2EE652C0" \
|
||||
"13ECB4AEA906112324975C3CD49B83BFACCBDD7D90C4BD70" \
|
||||
"98488E9C219A73724EFFD6FAE5644738FAA31A4FF55BCCC0" \
|
||||
"A151AF5F0DC8B4BD45BF37DF365C1A65E68CFDA76D4DA708" \
|
||||
"DF1FB2BC2E4A4371"
|
||||
|
||||
#define POLARSSL_DHM_RFC5114_MODP_1024_G \
|
||||
"A4D1CBD5C3FD34126765A442EFB99905F8104DD258AC507F" \
|
||||
"D6406CFF14266D31266FEA1E5C41564B777E690F5504F213" \
|
||||
"160217B4B01B886A5E91547F9E2749F4D7FBD7D3B9A92EE1" \
|
||||
"909D0D2263F80A76A6A24C087A091F531DBF0A0169B6A28A" \
|
||||
"D662A4D18E73AFA32D779D5918D08BC8858F4DCEF97C2A24" \
|
||||
"855E6EEB22B3B2E5"
|
||||
|
||||
#define POLARSSL_DHM_RFC5114_MODP_2048_P \
|
||||
"AD107E1E9123A9D0D660FAA79559C51FA20D64E5683B9FD1" \
|
||||
"B54B1597B61D0A75E6FA141DF95A56DBAF9A3C407BA1DF15" \
|
||||
"EB3D688A309C180E1DE6B85A1274A0A66D3F8152AD6AC212" \
|
||||
"9037C9EDEFDA4DF8D91E8FEF55B7394B7AD5B7D0B6C12207" \
|
||||
"C9F98D11ED34DBF6C6BA0B2C8BBC27BE6A00E0A0B9C49708" \
|
||||
"B3BF8A317091883681286130BC8985DB1602E714415D9330" \
|
||||
"278273C7DE31EFDC7310F7121FD5A07415987D9ADC0A486D" \
|
||||
"CDF93ACC44328387315D75E198C641A480CD86A1B9E587E8" \
|
||||
"BE60E69CC928B2B9C52172E413042E9B23F10B0E16E79763" \
|
||||
"C9B53DCF4BA80A29E3FB73C16B8E75B97EF363E2FFA31F71" \
|
||||
"CF9DE5384E71B81C0AC4DFFE0C10E64F"
|
||||
|
||||
#define POLARSSL_DHM_RFC5114_MODP_2048_G \
|
||||
"AC4032EF4F2D9AE39DF30B5C8FFDAC506CDEBE7B89998CAF"\
|
||||
"74866A08CFE4FFE3A6824A4E10B9A6F0DD921F01A70C4AFA"\
|
||||
"AB739D7700C29F52C57DB17C620A8652BE5E9001A8D66AD7"\
|
||||
"C17669101999024AF4D027275AC1348BB8A762D0521BC98A"\
|
||||
"E247150422EA1ED409939D54DA7460CDB5F6C6B250717CBE"\
|
||||
"F180EB34118E98D119529A45D6F834566E3025E316A330EF"\
|
||||
"BB77A86F0C1AB15B051AE3D428C8F8ACB70A8137150B8EEB"\
|
||||
"10E183EDD19963DDD9E263E4770589EF6AA21E7F5F2FF381"\
|
||||
"B539CCE3409D13CD566AFBB48D6C019181E1BCFE94B30269"\
|
||||
"EDFE72FE9B6AA4BD7B5A0F1C71CFFF4C19C418E1F6EC0179"\
|
||||
"81BC087F2A7065B384B890D3191F2BFA"
|
||||
|
||||
/**
|
||||
* \brief DHM context structure
|
||||
*/
|
||||
typedef struct
|
||||
{
|
||||
size_t len; /*!< size(P) in chars */
|
||||
mpi P; /*!< prime modulus */
|
||||
mpi G; /*!< generator */
|
||||
mpi X; /*!< secret value */
|
||||
mpi GX; /*!< self = G^X mod P */
|
||||
mpi GY; /*!< peer = G^Y mod P */
|
||||
mpi K; /*!< key = GY^X mod P */
|
||||
mpi RP; /*!< cached R^2 mod P */
|
||||
}
|
||||
dhm_context;
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/**
|
||||
* \brief Parse the ServerKeyExchange parameters
|
||||
*
|
||||
* \param ctx DHM context
|
||||
* \param p &(start of input buffer)
|
||||
* \param end end of buffer
|
||||
*
|
||||
* \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code
|
||||
*/
|
||||
int dhm_read_params( dhm_context *ctx,
|
||||
unsigned char **p,
|
||||
const unsigned char *end );
|
||||
|
||||
/**
|
||||
* \brief Setup and write the ServerKeyExchange parameters
|
||||
*
|
||||
* \param ctx DHM context
|
||||
* \param x_size private value size in bytes
|
||||
* \param output destination buffer
|
||||
* \param olen number of chars written
|
||||
* \param f_rng RNG function
|
||||
* \param p_rng RNG parameter
|
||||
*
|
||||
* \note This function assumes that ctx->P and ctx->G
|
||||
* have already been properly set (for example
|
||||
* using mpi_read_string or mpi_read_binary).
|
||||
*
|
||||
* \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code
|
||||
*/
|
||||
int dhm_make_params( dhm_context *ctx, int x_size,
|
||||
unsigned char *output, size_t *olen,
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng );
|
||||
|
||||
/**
|
||||
* \brief Import the peer's public value G^Y
|
||||
*
|
||||
* \param ctx DHM context
|
||||
* \param input input buffer
|
||||
* \param ilen size of buffer
|
||||
*
|
||||
* \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code
|
||||
*/
|
||||
int dhm_read_public( dhm_context *ctx,
|
||||
const unsigned char *input, size_t ilen );
|
||||
|
||||
/**
|
||||
* \brief Create own private value X and export G^X
|
||||
*
|
||||
* \param ctx DHM context
|
||||
* \param x_size private value size in bytes
|
||||
* \param output destination buffer
|
||||
* \param olen must be equal to ctx->P.len
|
||||
* \param f_rng RNG function
|
||||
* \param p_rng RNG parameter
|
||||
*
|
||||
* \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code
|
||||
*/
|
||||
int dhm_make_public( dhm_context *ctx, int x_size,
|
||||
unsigned char *output, size_t olen,
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng );
|
||||
|
||||
/**
|
||||
* \brief Derive and export the shared secret (G^Y)^X mod P
|
||||
*
|
||||
* \param ctx DHM context
|
||||
* \param output destination buffer
|
||||
* \param olen number of chars written
|
||||
*
|
||||
* \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code
|
||||
*/
|
||||
int dhm_calc_secret( dhm_context *ctx,
|
||||
unsigned char *output, size_t *olen );
|
||||
|
||||
/**
|
||||
* \brief Free the components of a DHM key
|
||||
*/
|
||||
void dhm_free( dhm_context *ctx );
|
||||
|
||||
/**
|
||||
* \brief Checkup routine
|
||||
*
|
||||
* \return 0 if successful, or 1 if the test failed
|
||||
*/
|
||||
int dhm_self_test( int verbose );
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif
|
||||
@@ -1,153 +0,0 @@
|
||||
/**
|
||||
* \file entropy.h
|
||||
*
|
||||
* \brief Entropy accumulator implementation
|
||||
*
|
||||
* Copyright (C) 2006-2013, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
#ifndef POLARSSL_ENTROPY_H
|
||||
#define POLARSSL_ENTROPY_H
|
||||
|
||||
#include <string.h>
|
||||
|
||||
#include "polarssl/config.h"
|
||||
|
||||
#include "polarssl/sha4.h"
|
||||
#if defined(POLARSSL_HAVEGE_C)
|
||||
#include "polarssl/havege.h"
|
||||
#endif
|
||||
|
||||
#define POLARSSL_ERR_ENTROPY_SOURCE_FAILED -0x003C /**< Critical entropy source failure. */
|
||||
#define POLARSSL_ERR_ENTROPY_MAX_SOURCES -0x003E /**< No more sources can be added. */
|
||||
#define POLARSSL_ERR_ENTROPY_NO_SOURCES_DEFINED -0x0040 /**< No sources have been added to poll. */
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_OPTIONS)
|
||||
#define ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */
|
||||
#define ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */
|
||||
#endif /* !POLARSSL_CONFIG_OPTIONS */
|
||||
|
||||
#define ENTROPY_BLOCK_SIZE 64 /**< Block size of entropy accumulator (SHA-512) */
|
||||
|
||||
#define ENTROPY_SOURCE_MANUAL ENTROPY_MAX_SOURCES
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/**
|
||||
* \brief Entropy poll callback pointer
|
||||
*
|
||||
* \param data Callback-specific data pointer
|
||||
* \param output Data to fill
|
||||
* \param len Maximum size to provide
|
||||
* \param olen The actual amount of bytes put into the buffer (Can be 0)
|
||||
*
|
||||
* \return 0 if no critical failures occurred,
|
||||
* POLARSSL_ERR_ENTROPY_SOURCE_FAILED otherwise
|
||||
*/
|
||||
typedef int (*f_source_ptr)(void *, unsigned char *, size_t, size_t *);
|
||||
|
||||
/**
|
||||
* \brief Entropy source state
|
||||
*/
|
||||
typedef struct
|
||||
{
|
||||
f_source_ptr f_source; /**< The entropy source callback */
|
||||
void * p_source; /**< The callback data pointer */
|
||||
size_t size; /**< Amount received */
|
||||
size_t threshold; /**< Minimum level required before release */
|
||||
}
|
||||
source_state;
|
||||
|
||||
/**
|
||||
* \brief Entropy context structure
|
||||
*/
|
||||
typedef struct
|
||||
{
|
||||
sha4_context accumulator;
|
||||
int source_count;
|
||||
source_state source[ENTROPY_MAX_SOURCES];
|
||||
#if defined(POLARSSL_HAVEGE_C)
|
||||
havege_state havege_data;
|
||||
#endif
|
||||
}
|
||||
entropy_context;
|
||||
|
||||
/**
|
||||
* \brief Initialize the context
|
||||
*
|
||||
* \param ctx Entropy context to initialize
|
||||
*/
|
||||
void entropy_init( entropy_context *ctx );
|
||||
|
||||
/**
|
||||
* \brief Adds an entropy source to poll
|
||||
*
|
||||
* \param ctx Entropy context
|
||||
* \param f_source Entropy function
|
||||
* \param p_source Function data
|
||||
* \param threshold Minimum required from source before entropy is released
|
||||
* ( with entropy_func() )
|
||||
*
|
||||
* \return 0 if successful or POLARSSL_ERR_ENTROPY_MAX_SOURCES
|
||||
*/
|
||||
int entropy_add_source( entropy_context *ctx,
|
||||
f_source_ptr f_source, void *p_source,
|
||||
size_t threshold );
|
||||
|
||||
/**
|
||||
* \brief Trigger an extra gather poll for the accumulator
|
||||
*
|
||||
* \param ctx Entropy context
|
||||
*
|
||||
* \return 0 if successful, or POLARSSL_ERR_ENTROPY_SOURCE_FAILED
|
||||
*/
|
||||
int entropy_gather( entropy_context *ctx );
|
||||
|
||||
/**
|
||||
* \brief Retrieve entropy from the accumulator (Max ENTROPY_BLOCK_SIZE)
|
||||
*
|
||||
* \param data Entropy context
|
||||
* \param output Buffer to fill
|
||||
* \param len Length of buffer
|
||||
*
|
||||
* \return 0 if successful, or POLARSSL_ERR_ENTROPY_SOURCE_FAILED
|
||||
*/
|
||||
int entropy_func( void *data, unsigned char *output, size_t len );
|
||||
|
||||
/**
|
||||
* \brief Add data to the accumulator manually
|
||||
*
|
||||
* \param ctx Entropy context
|
||||
* \param data Data to add
|
||||
* \param len Length of data
|
||||
*
|
||||
* \return 0 if successful
|
||||
*/
|
||||
int entropy_update_manual( entropy_context *ctx,
|
||||
const unsigned char *data, size_t len );
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* entropy.h */
|
||||
@@ -1,75 +0,0 @@
|
||||
/**
|
||||
* \file entropy_poll.h
|
||||
*
|
||||
* \brief Platform-specific and custom entropy polling functions
|
||||
*
|
||||
* Copyright (C) 2006-2011, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
#ifndef POLARSSL_ENTROPY_POLL_H
|
||||
#define POLARSSL_ENTROPY_POLL_H
|
||||
|
||||
#include <string.h>
|
||||
|
||||
#include "polarssl/config.h"
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/*
|
||||
* Default thresholds for built-in sources
|
||||
*/
|
||||
#define ENTROPY_MIN_PLATFORM 128 /**< Minimum for platform source */
|
||||
#define ENTROPY_MIN_HAVEGE 128 /**< Minimum for HAVEGE */
|
||||
#define ENTROPY_MIN_HARDCLOCK 32 /**< Minimum for hardclock() */
|
||||
|
||||
#if !defined(POLARSSL_NO_PLATFORM_ENTROPY)
|
||||
/**
|
||||
* \brief Platform-specific entropy poll callback
|
||||
*/
|
||||
int platform_entropy_poll( void *data,
|
||||
unsigned char *output, size_t len, size_t *olen );
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_HAVEGE_C)
|
||||
/**
|
||||
* \brief HAVEGE based entropy poll callback
|
||||
*
|
||||
* Requires an HAVEGE state as its data pointer.
|
||||
*/
|
||||
int havege_poll( void *data,
|
||||
unsigned char *output, size_t len, size_t *olen );
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_TIMING_C)
|
||||
/**
|
||||
* \brief hardclock-based entropy poll callback
|
||||
*/
|
||||
int hardclock_poll( void *data,
|
||||
unsigned char *output, size_t len, size_t *olen );
|
||||
#endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* entropy_poll.h */
|
||||
@@ -1,108 +0,0 @@
|
||||
/**
|
||||
* \file error.h
|
||||
*
|
||||
* \brief Error to string translation
|
||||
*
|
||||
* Copyright (C) 2006-2010, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
#ifndef POLARSSL_ERROR_H
|
||||
#define POLARSSL_ERROR_H
|
||||
|
||||
#include <string.h>
|
||||
|
||||
/**
|
||||
* Error code layout.
|
||||
*
|
||||
* Currently we try to keep all error codes within the negative space of 16
|
||||
* bytes signed integers to support all platforms (-0x0000 - -0x8000). In
|
||||
* addition we'd like to give two layers of information on the error if
|
||||
* possible.
|
||||
*
|
||||
* For that purpose the error codes are segmented in the following manner:
|
||||
*
|
||||
* 16 bit error code bit-segmentation
|
||||
*
|
||||
* 1 bit - Intentionally not used
|
||||
* 3 bits - High level module ID
|
||||
* 5 bits - Module-dependent error code
|
||||
* 6 bits - Low level module errors
|
||||
* 1 bit - Intentionally not used
|
||||
*
|
||||
* Low-level module errors (0x007E-0x0002)
|
||||
*
|
||||
* Module Nr Codes assigned
|
||||
* MPI 7 0x0002-0x0010
|
||||
* GCM 2 0x0012-0x0014
|
||||
* BLOWFISH 2 0x0016-0x0018
|
||||
* AES 2 0x0020-0x0022
|
||||
* CAMELLIA 2 0x0024-0x0026
|
||||
* XTEA 1 0x0028-0x0028
|
||||
* BASE64 2 0x002A-0x002C
|
||||
* PADLOCK 1 0x0030-0x0030
|
||||
* DES 1 0x0032-0x0032
|
||||
* CTR_DBRG 3 0x0034-0x003A
|
||||
* ENTROPY 3 0x003C-0x0040
|
||||
* NET 11 0x0042-0x0056
|
||||
* ASN1 7 0x0060-0x006C
|
||||
* MD2 1 0x0070-0x0070
|
||||
* MD4 1 0x0072-0x0072
|
||||
* MD5 1 0x0074-0x0074
|
||||
* SHA1 1 0x0076-0x0076
|
||||
* SHA2 1 0x0078-0x0078
|
||||
* SHA4 1 0x007A-0x007A
|
||||
*
|
||||
* High-level module nr (3 bits - 0x1...-0x8...)
|
||||
* Name ID Nr of Errors
|
||||
* PEM 1 9
|
||||
* PKCS#12 1 4 (Started from top)
|
||||
* X509 2 23
|
||||
* DHM 3 6
|
||||
* PKCS5 3 4 (Started from top)
|
||||
* RSA 4 9
|
||||
* MD 5 4
|
||||
* CIPHER 6 5
|
||||
* SSL 6 2 (Started from top)
|
||||
* SSL 7 31
|
||||
*
|
||||
* Module dependent error code (5 bits 0x.08.-0x.F8.)
|
||||
*/
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/**
|
||||
* \brief Translate a PolarSSL error code into a string representation,
|
||||
* Result is truncated if necessary and always includes a terminating
|
||||
* null byte.
|
||||
*
|
||||
* \param errnum error code
|
||||
* \param buffer buffer to place representation in
|
||||
* \param buflen length of the buffer
|
||||
*/
|
||||
void error_strerror( int errnum, char *buffer, size_t buflen );
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* error.h */
|
||||
@@ -1,147 +0,0 @@
|
||||
/**
|
||||
* \file gcm.h
|
||||
*
|
||||
* \brief Galois/Counter mode for AES
|
||||
*
|
||||
* Copyright (C) 2006-2012, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
#ifndef POLARSSL_GCM_H
|
||||
#define POLARSSL_GCM_H
|
||||
|
||||
#include "polarssl/aes.h"
|
||||
|
||||
#ifdef _MSC_VER
|
||||
#include <basetsd.h>
|
||||
typedef UINT64 uint64_t;
|
||||
#else
|
||||
#include <stdint.h>
|
||||
#endif
|
||||
|
||||
#define GCM_ENCRYPT 1
|
||||
#define GCM_DECRYPT 0
|
||||
|
||||
#define POLARSSL_ERR_GCM_AUTH_FAILED -0x0012 /**< Authenticated decryption failed. */
|
||||
#define POLARSSL_ERR_GCM_BAD_INPUT -0x0014 /**< Bad input parameters to function. */
|
||||
|
||||
/**
|
||||
* \brief GCM context structure
|
||||
*/
|
||||
typedef struct {
|
||||
aes_context aes_ctx; /*!< AES context used */
|
||||
uint64_t HL[16]; /*!< Precalculated HTable */
|
||||
uint64_t HH[16]; /*!< Precalculated HTable */
|
||||
}
|
||||
gcm_context;
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/**
|
||||
* \brief GCM initialization (encryption)
|
||||
*
|
||||
* \param ctx GCM context to be initialized
|
||||
* \param key encryption key
|
||||
* \param keysize must be 128, 192 or 256
|
||||
*
|
||||
* \return 0 if successful, or POLARSSL_ERR_AES_INVALID_KEY_LENGTH
|
||||
*/
|
||||
int gcm_init( gcm_context *ctx, const unsigned char *key, unsigned int keysize );
|
||||
|
||||
/**
|
||||
* \brief GCM buffer encryption/decryption using AES
|
||||
*
|
||||
* \note On encryption, the output buffer can be the same as the input buffer.
|
||||
* On decryption, the output buffer cannot be the same as input buffer.
|
||||
* If buffers overlap, the output buffer must trail at least 8 bytes
|
||||
* behind the input buffer.
|
||||
*
|
||||
* \param ctx GCM context
|
||||
* \param mode GCM_ENCRYPT or GCM_DECRYPT
|
||||
* \param length length of the input data
|
||||
* \param iv initialization vector
|
||||
* \param iv_len length of IV
|
||||
* \param add additional data
|
||||
* \param add_len length of additional data
|
||||
* \param input buffer holding the input data
|
||||
* \param output buffer for holding the output data
|
||||
* \param tag_len length of the tag to generate
|
||||
* \param tag buffer for holding the tag
|
||||
*
|
||||
* \return 0 if successful
|
||||
*/
|
||||
int gcm_crypt_and_tag( gcm_context *ctx,
|
||||
int mode,
|
||||
size_t length,
|
||||
const unsigned char *iv,
|
||||
size_t iv_len,
|
||||
const unsigned char *add,
|
||||
size_t add_len,
|
||||
const unsigned char *input,
|
||||
unsigned char *output,
|
||||
size_t tag_len,
|
||||
unsigned char *tag );
|
||||
|
||||
/**
|
||||
* \brief GCM buffer authenticated decryption using AES
|
||||
*
|
||||
* \note On decryption, the output buffer cannot be the same as input buffer.
|
||||
* If buffers overlap, the output buffer must trail at least 8 bytes
|
||||
* behind the input buffer.
|
||||
*
|
||||
* \param ctx GCM context
|
||||
* \param length length of the input data
|
||||
* \param iv initialization vector
|
||||
* \param iv_len length of IV
|
||||
* \param add additional data
|
||||
* \param add_len length of additional data
|
||||
* \param tag buffer holding the tag
|
||||
* \param tag_len length of the tag
|
||||
* \param input buffer holding the input data
|
||||
* \param output buffer for holding the output data
|
||||
*
|
||||
* \return 0 if successful and authenticated,
|
||||
* POLARSSL_ERR_GCM_AUTH_FAILED if tag does not match
|
||||
*/
|
||||
int gcm_auth_decrypt( gcm_context *ctx,
|
||||
size_t length,
|
||||
const unsigned char *iv,
|
||||
size_t iv_len,
|
||||
const unsigned char *add,
|
||||
size_t add_len,
|
||||
const unsigned char *tag,
|
||||
size_t tag_len,
|
||||
const unsigned char *input,
|
||||
unsigned char *output );
|
||||
|
||||
/**
|
||||
* \brief Checkup routine
|
||||
*
|
||||
* \return 0 if successful, or 1 if the test failed
|
||||
*/
|
||||
int gcm_self_test( int verbose );
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* gcm.h */
|
||||
@@ -1,71 +0,0 @@
|
||||
/**
|
||||
* \file havege.h
|
||||
*
|
||||
* \brief HAVEGE: HArdware Volatile Entropy Gathering and Expansion
|
||||
*
|
||||
* Copyright (C) 2006-2010, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
#ifndef POLARSSL_HAVEGE_H
|
||||
#define POLARSSL_HAVEGE_H
|
||||
|
||||
#include <string.h>
|
||||
|
||||
#define COLLECT_SIZE 1024
|
||||
|
||||
/**
|
||||
* \brief HAVEGE state structure
|
||||
*/
|
||||
typedef struct
|
||||
{
|
||||
int PT1, PT2, offset[2];
|
||||
int pool[COLLECT_SIZE];
|
||||
int WALK[8192];
|
||||
}
|
||||
havege_state;
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/**
|
||||
* \brief HAVEGE initialization
|
||||
*
|
||||
* \param hs HAVEGE state to be initialized
|
||||
*/
|
||||
void havege_init( havege_state *hs );
|
||||
|
||||
/**
|
||||
* \brief HAVEGE rand function
|
||||
*
|
||||
* \param p_rng A HAVEGE state
|
||||
* \param output Buffer to fill
|
||||
* \param len Length of buffer
|
||||
*
|
||||
* \return 0
|
||||
*/
|
||||
int havege_random( void *p_rng, unsigned char *output, size_t len );
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* havege.h */
|
||||
@@ -1,298 +0,0 @@
|
||||
/**
|
||||
* \file md.c
|
||||
*
|
||||
* \brief Generic message digest wrapper for PolarSSL
|
||||
*
|
||||
* \author Adriaan de Jong <dejong@fox-it.com>
|
||||
*
|
||||
* Copyright (C) 2006-2010, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#include "polarssl/config.h"
|
||||
|
||||
#if defined(POLARSSL_MD_C)
|
||||
|
||||
#include "polarssl/md.h"
|
||||
#include "polarssl/md_wrap.h"
|
||||
|
||||
#include <stdlib.h>
|
||||
#include <strings.h>
|
||||
|
||||
//#if defined _MSC_VER && !defined strcasecmp
|
||||
//#define strcasecmp _stricmp
|
||||
//#endif
|
||||
|
||||
static const int supported_digests[] = {
|
||||
|
||||
#if defined(POLARSSL_MD2_C)
|
||||
POLARSSL_MD_MD2,
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_MD4_C)
|
||||
POLARSSL_MD_MD4,
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_MD5_C)
|
||||
POLARSSL_MD_MD5,
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_SHA1_C)
|
||||
POLARSSL_MD_SHA1,
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_SHA2_C)
|
||||
POLARSSL_MD_SHA224,
|
||||
POLARSSL_MD_SHA256,
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_SHA4_C)
|
||||
POLARSSL_MD_SHA384,
|
||||
POLARSSL_MD_SHA512,
|
||||
#endif
|
||||
|
||||
0
|
||||
};
|
||||
|
||||
const int *md_list( void )
|
||||
{
|
||||
return supported_digests;
|
||||
}
|
||||
|
||||
const md_info_t *md_info_from_string( const char *md_name )
|
||||
{
|
||||
if( NULL == md_name )
|
||||
return NULL;
|
||||
|
||||
/* Get the appropriate digest information */
|
||||
#if defined(POLARSSL_MD2_C)
|
||||
if( !strcasecmp( "MD2", md_name ) )
|
||||
return md_info_from_type( POLARSSL_MD_MD2 );
|
||||
#endif
|
||||
#if defined(POLARSSL_MD4_C)
|
||||
if( !strcasecmp( "MD4", md_name ) )
|
||||
return md_info_from_type( POLARSSL_MD_MD4 );
|
||||
#endif
|
||||
#if defined(POLARSSL_MD5_C)
|
||||
if( !strcasecmp( "MD5", md_name ) )
|
||||
return md_info_from_type( POLARSSL_MD_MD5 );
|
||||
#endif
|
||||
#if defined(POLARSSL_SHA1_C)
|
||||
if( !strcasecmp( "SHA1", md_name ) || !strcasecmp( "SHA", md_name ) )
|
||||
return md_info_from_type( POLARSSL_MD_SHA1 );
|
||||
#endif
|
||||
#if defined(POLARSSL_SHA2_C)
|
||||
if( !strcasecmp( "SHA224", md_name ) )
|
||||
return md_info_from_type( POLARSSL_MD_SHA224 );
|
||||
if( !strcasecmp( "SHA256", md_name ) )
|
||||
return md_info_from_type( POLARSSL_MD_SHA256 );
|
||||
#endif
|
||||
#if defined(POLARSSL_SHA4_C)
|
||||
if( !strcasecmp( "SHA384", md_name ) )
|
||||
return md_info_from_type( POLARSSL_MD_SHA384 );
|
||||
if( !strcasecmp( "SHA512", md_name ) )
|
||||
return md_info_from_type( POLARSSL_MD_SHA512 );
|
||||
#endif
|
||||
return NULL;
|
||||
}
|
||||
|
||||
const md_info_t *md_info_from_type( md_type_t md_type )
|
||||
{
|
||||
switch( md_type )
|
||||
{
|
||||
#if defined(POLARSSL_MD2_C)
|
||||
case POLARSSL_MD_MD2:
|
||||
return &md2_info;
|
||||
#endif
|
||||
#if defined(POLARSSL_MD4_C)
|
||||
case POLARSSL_MD_MD4:
|
||||
return &md4_info;
|
||||
#endif
|
||||
#if defined(POLARSSL_MD5_C)
|
||||
case POLARSSL_MD_MD5:
|
||||
return &md5_info;
|
||||
#endif
|
||||
#if defined(POLARSSL_SHA1_C)
|
||||
case POLARSSL_MD_SHA1:
|
||||
return &sha1_info;
|
||||
#endif
|
||||
#if defined(POLARSSL_SHA2_C)
|
||||
case POLARSSL_MD_SHA224:
|
||||
return &sha224_info;
|
||||
case POLARSSL_MD_SHA256:
|
||||
return &sha256_info;
|
||||
#endif
|
||||
#if defined(POLARSSL_SHA4_C)
|
||||
case POLARSSL_MD_SHA384:
|
||||
return &sha384_info;
|
||||
case POLARSSL_MD_SHA512:
|
||||
return &sha512_info;
|
||||
#endif
|
||||
default:
|
||||
return NULL;
|
||||
}
|
||||
}
|
||||
|
||||
int md_init_ctx( md_context_t *ctx, const md_info_t *md_info )
|
||||
{
|
||||
if( md_info == NULL || ctx == NULL )
|
||||
return POLARSSL_ERR_MD_BAD_INPUT_DATA;
|
||||
|
||||
memset( ctx, 0, sizeof( md_context_t ) );
|
||||
|
||||
if( ( ctx->md_ctx = md_info->ctx_alloc_func() ) == NULL )
|
||||
return POLARSSL_ERR_MD_ALLOC_FAILED;
|
||||
|
||||
ctx->md_info = md_info;
|
||||
|
||||
md_info->starts_func( ctx->md_ctx );
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int md_free_ctx( md_context_t *ctx )
|
||||
{
|
||||
if( ctx == NULL || ctx->md_info == NULL )
|
||||
return POLARSSL_ERR_MD_BAD_INPUT_DATA;
|
||||
|
||||
ctx->md_info->ctx_free_func( ctx->md_ctx );
|
||||
ctx->md_ctx = NULL;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int md_starts( md_context_t *ctx )
|
||||
{
|
||||
if( ctx == NULL || ctx->md_info == NULL )
|
||||
return POLARSSL_ERR_MD_BAD_INPUT_DATA;
|
||||
|
||||
ctx->md_info->starts_func( ctx->md_ctx );
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int md_update( md_context_t *ctx, const unsigned char *input, size_t ilen )
|
||||
{
|
||||
if( ctx == NULL || ctx->md_info == NULL )
|
||||
return POLARSSL_ERR_MD_BAD_INPUT_DATA;
|
||||
|
||||
ctx->md_info->update_func( ctx->md_ctx, input, ilen );
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int md_finish( md_context_t *ctx, unsigned char *output )
|
||||
{
|
||||
if( ctx == NULL || ctx->md_info == NULL )
|
||||
return POLARSSL_ERR_MD_BAD_INPUT_DATA;
|
||||
|
||||
ctx->md_info->finish_func( ctx->md_ctx, output );
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int md( const md_info_t *md_info, const unsigned char *input, size_t ilen,
|
||||
unsigned char *output )
|
||||
{
|
||||
if ( md_info == NULL )
|
||||
return POLARSSL_ERR_MD_BAD_INPUT_DATA;
|
||||
|
||||
md_info->digest_func( input, ilen, output );
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int md_file( const md_info_t *md_info, const char *path, unsigned char *output )
|
||||
{
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
int ret;
|
||||
#endif
|
||||
|
||||
if( md_info == NULL )
|
||||
return POLARSSL_ERR_MD_BAD_INPUT_DATA;
|
||||
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
ret = md_info->file_func( path, output );
|
||||
if( ret != 0 )
|
||||
return( POLARSSL_ERR_MD_FILE_IO_ERROR + ret );
|
||||
|
||||
return( ret );
|
||||
#else
|
||||
((void) path);
|
||||
((void) output);
|
||||
|
||||
return POLARSSL_ERR_MD_FEATURE_UNAVAILABLE;
|
||||
#endif
|
||||
}
|
||||
|
||||
int md_hmac_starts( md_context_t *ctx, const unsigned char *key, size_t keylen )
|
||||
{
|
||||
if( ctx == NULL || ctx->md_info == NULL )
|
||||
return POLARSSL_ERR_MD_BAD_INPUT_DATA;
|
||||
|
||||
ctx->md_info->hmac_starts_func( ctx->md_ctx, key, keylen);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int md_hmac_update( md_context_t *ctx, const unsigned char *input, size_t ilen )
|
||||
{
|
||||
if( ctx == NULL || ctx->md_info == NULL )
|
||||
return POLARSSL_ERR_MD_BAD_INPUT_DATA;
|
||||
|
||||
ctx->md_info->hmac_update_func( ctx->md_ctx, input, ilen );
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int md_hmac_finish( md_context_t *ctx, unsigned char *output)
|
||||
{
|
||||
if( ctx == NULL || ctx->md_info == NULL )
|
||||
return POLARSSL_ERR_MD_BAD_INPUT_DATA;
|
||||
|
||||
ctx->md_info->hmac_finish_func( ctx->md_ctx, output);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int md_hmac_reset( md_context_t *ctx )
|
||||
{
|
||||
if( ctx == NULL || ctx->md_info == NULL )
|
||||
return POLARSSL_ERR_MD_BAD_INPUT_DATA;
|
||||
|
||||
ctx->md_info->hmac_reset_func( ctx->md_ctx);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int md_hmac( const md_info_t *md_info, const unsigned char *key, size_t keylen,
|
||||
const unsigned char *input, size_t ilen,
|
||||
unsigned char *output )
|
||||
{
|
||||
if( md_info == NULL )
|
||||
return POLARSSL_ERR_MD_BAD_INPUT_DATA;
|
||||
|
||||
md_info->hmac_func( key, keylen, input, ilen, output );
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
#endif
|
||||
@@ -1,363 +0,0 @@
|
||||
/**
|
||||
* \file md.h
|
||||
*
|
||||
* \brief Generic message digest wrapper
|
||||
*
|
||||
* \author Adriaan de Jong <dejong@fox-it.com>
|
||||
*
|
||||
* Copyright (C) 2006-2011, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
#ifndef POLARSSL_MD_H
|
||||
#define POLARSSL_MD_H
|
||||
|
||||
#include <string.h>
|
||||
|
||||
#if defined(_MSC_VER) && !defined(inline)
|
||||
#define inline _inline
|
||||
#else
|
||||
#if defined(__ARMCC_VERSION) && !defined(inline)
|
||||
#define inline __inline
|
||||
#endif /* __ARMCC_VERSION */
|
||||
#endif /*_MSC_VER */
|
||||
|
||||
#define POLARSSL_ERR_MD_FEATURE_UNAVAILABLE -0x5080 /**< The selected feature is not available. */
|
||||
#define POLARSSL_ERR_MD_BAD_INPUT_DATA -0x5100 /**< Bad input parameters to function. */
|
||||
#define POLARSSL_ERR_MD_ALLOC_FAILED -0x5180 /**< Failed to allocate memory. */
|
||||
#define POLARSSL_ERR_MD_FILE_IO_ERROR -0x5200 /**< Opening or reading of file failed. */
|
||||
|
||||
typedef enum {
|
||||
POLARSSL_MD_NONE=0,
|
||||
POLARSSL_MD_MD2,
|
||||
POLARSSL_MD_MD4,
|
||||
POLARSSL_MD_MD5,
|
||||
POLARSSL_MD_SHA1,
|
||||
POLARSSL_MD_SHA224,
|
||||
POLARSSL_MD_SHA256,
|
||||
POLARSSL_MD_SHA384,
|
||||
POLARSSL_MD_SHA512,
|
||||
} md_type_t;
|
||||
|
||||
#define POLARSSL_MD_MAX_SIZE 64 /* longest known is SHA512 */
|
||||
|
||||
/**
|
||||
* Message digest information. Allows message digest functions to be called
|
||||
* in a generic way.
|
||||
*/
|
||||
typedef struct {
|
||||
/** Digest identifier */
|
||||
md_type_t type;
|
||||
|
||||
/** Name of the message digest */
|
||||
const char * name;
|
||||
|
||||
/** Output length of the digest function */
|
||||
int size;
|
||||
|
||||
/** Digest initialisation function */
|
||||
void (*starts_func)( void *ctx );
|
||||
|
||||
/** Digest update function */
|
||||
void (*update_func)( void *ctx, const unsigned char *input, size_t ilen );
|
||||
|
||||
/** Digest finalisation function */
|
||||
void (*finish_func)( void *ctx, unsigned char *output );
|
||||
|
||||
/** Generic digest function */
|
||||
void (*digest_func)( const unsigned char *input, size_t ilen,
|
||||
unsigned char *output );
|
||||
|
||||
/** Generic file digest function */
|
||||
int (*file_func)( const char *path, unsigned char *output );
|
||||
|
||||
/** HMAC Initialisation function */
|
||||
void (*hmac_starts_func)( void *ctx, const unsigned char *key, size_t keylen );
|
||||
|
||||
/** HMAC update function */
|
||||
void (*hmac_update_func)( void *ctx, const unsigned char *input, size_t ilen );
|
||||
|
||||
/** HMAC finalisation function */
|
||||
void (*hmac_finish_func)( void *ctx, unsigned char *output);
|
||||
|
||||
/** HMAC context reset function */
|
||||
void (*hmac_reset_func)( void *ctx );
|
||||
|
||||
/** Generic HMAC function */
|
||||
void (*hmac_func)( const unsigned char *key, size_t keylen,
|
||||
const unsigned char *input, size_t ilen,
|
||||
unsigned char *output );
|
||||
|
||||
/** Allocate a new context */
|
||||
void * (*ctx_alloc_func)( void );
|
||||
|
||||
/** Free the given context */
|
||||
void (*ctx_free_func)( void *ctx );
|
||||
|
||||
} md_info_t;
|
||||
|
||||
/**
|
||||
* Generic message digest context.
|
||||
*/
|
||||
typedef struct {
|
||||
/** Information about the associated message digest */
|
||||
const md_info_t *md_info;
|
||||
|
||||
/** Digest-specific context */
|
||||
void *md_ctx;
|
||||
} md_context_t;
|
||||
|
||||
#define MD_CONTEXT_T_INIT { \
|
||||
NULL, /* md_info */ \
|
||||
NULL, /* md_ctx */ \
|
||||
}
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/**
|
||||
* \brief Returns the list of digests supported by the generic digest module.
|
||||
*
|
||||
* \return a statically allocated array of digests, the last entry
|
||||
* is 0.
|
||||
*/
|
||||
const int *md_list( void );
|
||||
|
||||
/**
|
||||
* \brief Returns the message digest information associated with the
|
||||
* given digest name.
|
||||
*
|
||||
* \param md_name Name of the digest to search for.
|
||||
*
|
||||
* \return The message digest information associated with md_name or
|
||||
* NULL if not found.
|
||||
*/
|
||||
const md_info_t *md_info_from_string( const char *md_name );
|
||||
|
||||
/**
|
||||
* \brief Returns the message digest information associated with the
|
||||
* given digest type.
|
||||
*
|
||||
* \param md_type type of digest to search for.
|
||||
*
|
||||
* \return The message digest information associated with md_type or
|
||||
* NULL if not found.
|
||||
*/
|
||||
const md_info_t *md_info_from_type( md_type_t md_type );
|
||||
|
||||
/**
|
||||
* \brief Initialises and fills the message digest context structure with
|
||||
* the appropriate values.
|
||||
*
|
||||
* \param ctx context to initialise. May not be NULL. The
|
||||
* digest-specific context (ctx->md_ctx) must be NULL. It will
|
||||
* be allocated, and must be freed using md_free_ctx() later.
|
||||
* \param md_info message digest to use.
|
||||
*
|
||||
* \returns \c 0 on success, \c POLARSSL_ERR_MD_BAD_INPUT_DATA on
|
||||
* parameter failure, \c POLARSSL_ERR_MD_ALLOC_FAILED if
|
||||
* allocation of the digest-specific context failed.
|
||||
*/
|
||||
int md_init_ctx( md_context_t *ctx, const md_info_t *md_info );
|
||||
|
||||
/**
|
||||
* \brief Free the message-specific context of ctx. Freeing ctx itself
|
||||
* remains the responsibility of the caller.
|
||||
*
|
||||
* \param ctx Free the message-specific context
|
||||
*
|
||||
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter
|
||||
* verification fails.
|
||||
*/
|
||||
int md_free_ctx( md_context_t *ctx );
|
||||
|
||||
/**
|
||||
* \brief Returns the size of the message digest output.
|
||||
*
|
||||
* \param md_info message digest info
|
||||
*
|
||||
* \return size of the message digest output.
|
||||
*/
|
||||
static inline unsigned char md_get_size( const md_info_t *md_info )
|
||||
{
|
||||
if( md_info == NULL )
|
||||
return( 0 );
|
||||
|
||||
return md_info->size;
|
||||
}
|
||||
|
||||
/**
|
||||
* \brief Returns the type of the message digest output.
|
||||
*
|
||||
* \param md_info message digest info
|
||||
*
|
||||
* \return type of the message digest output.
|
||||
*/
|
||||
static inline md_type_t md_get_type( const md_info_t *md_info )
|
||||
{
|
||||
if( md_info == NULL )
|
||||
return( POLARSSL_MD_NONE );
|
||||
|
||||
return md_info->type;
|
||||
}
|
||||
|
||||
/**
|
||||
* \brief Returns the name of the message digest output.
|
||||
*
|
||||
* \param md_info message digest info
|
||||
*
|
||||
* \return name of the message digest output.
|
||||
*/
|
||||
static inline const char *md_get_name( const md_info_t *md_info )
|
||||
{
|
||||
if( md_info == NULL )
|
||||
return( NULL );
|
||||
|
||||
return md_info->name;
|
||||
}
|
||||
|
||||
/**
|
||||
* \brief Set-up the given context for a new message digest
|
||||
*
|
||||
* \param ctx generic message digest context.
|
||||
*
|
||||
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter
|
||||
* verification fails.
|
||||
*/
|
||||
int md_starts( md_context_t *ctx );
|
||||
|
||||
/**
|
||||
* \brief Generic message digest process buffer
|
||||
*
|
||||
* \param ctx Generic message digest context
|
||||
* \param input buffer holding the datal
|
||||
* \param ilen length of the input data
|
||||
*
|
||||
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter
|
||||
* verification fails.
|
||||
*/
|
||||
int md_update( md_context_t *ctx, const unsigned char *input, size_t ilen );
|
||||
|
||||
/**
|
||||
* \brief Generic message digest final digest
|
||||
*
|
||||
* \param ctx Generic message digest context
|
||||
* \param output Generic message digest checksum result
|
||||
*
|
||||
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter
|
||||
* verification fails.
|
||||
*/
|
||||
int md_finish( md_context_t *ctx, unsigned char *output );
|
||||
|
||||
/**
|
||||
* \brief Output = message_digest( input buffer )
|
||||
*
|
||||
* \param md_info message digest info
|
||||
* \param input buffer holding the data
|
||||
* \param ilen length of the input data
|
||||
* \param output Generic message digest checksum result
|
||||
*
|
||||
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter
|
||||
* verification fails.
|
||||
*/
|
||||
int md( const md_info_t *md_info, const unsigned char *input, size_t ilen,
|
||||
unsigned char *output );
|
||||
|
||||
/**
|
||||
* \brief Output = message_digest( file contents )
|
||||
*
|
||||
* \param md_info message digest info
|
||||
* \param path input file name
|
||||
* \param output generic message digest checksum result
|
||||
*
|
||||
* \return 0 if successful, POLARSSL_ERR_MD_FILE_OPEN_FAILED if fopen
|
||||
* failed, POLARSSL_ERR_MD_FILE_READ_FAILED if fread failed,
|
||||
* POLARSSL_ERR_MD_BAD_INPUT_DATA if md_info was NULL.
|
||||
*/
|
||||
int md_file( const md_info_t *md_info, const char *path, unsigned char *output );
|
||||
|
||||
/**
|
||||
* \brief Generic HMAC context setup
|
||||
*
|
||||
* \param ctx HMAC context to be initialized
|
||||
* \param key HMAC secret key
|
||||
* \param keylen length of the HMAC key
|
||||
*
|
||||
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter
|
||||
* verification fails.
|
||||
*/
|
||||
int md_hmac_starts( md_context_t *ctx, const unsigned char *key, size_t keylen );
|
||||
|
||||
/**
|
||||
* \brief Generic HMAC process buffer
|
||||
*
|
||||
* \param ctx HMAC context
|
||||
* \param input buffer holding the data
|
||||
* \param ilen length of the input data
|
||||
*
|
||||
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter
|
||||
* verification fails.
|
||||
*/
|
||||
int md_hmac_update( md_context_t *ctx, const unsigned char *input, size_t ilen );
|
||||
|
||||
/**
|
||||
* \brief Generic HMAC final digest
|
||||
*
|
||||
* \param ctx HMAC context
|
||||
* \param output Generic HMAC checksum result
|
||||
*
|
||||
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter
|
||||
* verification fails.
|
||||
*/
|
||||
int md_hmac_finish( md_context_t *ctx, unsigned char *output);
|
||||
|
||||
/**
|
||||
* \brief Generic HMAC context reset
|
||||
*
|
||||
* \param ctx HMAC context to be reset
|
||||
*
|
||||
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter
|
||||
* verification fails.
|
||||
*/
|
||||
int md_hmac_reset( md_context_t *ctx );
|
||||
|
||||
/**
|
||||
* \brief Output = Generic_HMAC( hmac key, input buffer )
|
||||
*
|
||||
* \param md_info message digest info
|
||||
* \param key HMAC secret key
|
||||
* \param keylen length of the HMAC key
|
||||
* \param input buffer holding the data
|
||||
* \param ilen length of the input data
|
||||
* \param output Generic HMAC-result
|
||||
*
|
||||
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter
|
||||
* verification fails.
|
||||
*/
|
||||
int md_hmac( const md_info_t *md_info, const unsigned char *key, size_t keylen,
|
||||
const unsigned char *input, size_t ilen,
|
||||
unsigned char *output );
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* POLARSSL_MD_H */
|
||||
@@ -1,171 +0,0 @@
|
||||
/**
|
||||
* \file md2.h
|
||||
*
|
||||
* \brief MD2 message digest algorithm (hash function)
|
||||
*
|
||||
* Copyright (C) 2006-2013, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
#ifndef POLARSSL_MD2_H
|
||||
#define POLARSSL_MD2_H
|
||||
|
||||
#include "polarssl/config.h"
|
||||
|
||||
#include <string.h>
|
||||
|
||||
#define POLARSSL_ERR_MD2_FILE_IO_ERROR -0x0070 /**< Read/write error in file. */
|
||||
|
||||
#if !defined(POLARSSL_MD2_ALT)
|
||||
// Regular implementation
|
||||
//
|
||||
|
||||
/**
|
||||
* \brief MD2 context structure
|
||||
*/
|
||||
typedef struct
|
||||
{
|
||||
unsigned char cksum[16]; /*!< checksum of the data block */
|
||||
unsigned char state[48]; /*!< intermediate digest state */
|
||||
unsigned char buffer[16]; /*!< data block being processed */
|
||||
|
||||
unsigned char ipad[16]; /*!< HMAC: inner padding */
|
||||
unsigned char opad[16]; /*!< HMAC: outer padding */
|
||||
size_t left; /*!< amount of data in buffer */
|
||||
}
|
||||
md2_context;
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/**
|
||||
* \brief MD2 context setup
|
||||
*
|
||||
* \param ctx context to be initialized
|
||||
*/
|
||||
void md2_starts( md2_context *ctx );
|
||||
|
||||
/**
|
||||
* \brief MD2 process buffer
|
||||
*
|
||||
* \param ctx MD2 context
|
||||
* \param input buffer holding the data
|
||||
* \param ilen length of the input data
|
||||
*/
|
||||
void md2_update( md2_context *ctx, const unsigned char *input, size_t ilen );
|
||||
|
||||
/**
|
||||
* \brief MD2 final digest
|
||||
*
|
||||
* \param ctx MD2 context
|
||||
* \param output MD2 checksum result
|
||||
*/
|
||||
void md2_finish( md2_context *ctx, unsigned char output[16] );
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#else /* POLARSSL_MD2_ALT */
|
||||
#include "polarssl/md2_alt.h"
|
||||
#endif /* POLARSSL_MD2_ALT */
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/**
|
||||
* \brief Output = MD2( input buffer )
|
||||
*
|
||||
* \param input buffer holding the data
|
||||
* \param ilen length of the input data
|
||||
* \param output MD2 checksum result
|
||||
*/
|
||||
void md2( const unsigned char *input, size_t ilen, unsigned char output[16] );
|
||||
|
||||
/**
|
||||
* \brief Output = MD2( file contents )
|
||||
*
|
||||
* \param path input file name
|
||||
* \param output MD2 checksum result
|
||||
*
|
||||
* \return 0 if successful, or POLARSSL_ERR_MD2_FILE_IO_ERROR
|
||||
*/
|
||||
int md2_file( const char *path, unsigned char output[16] );
|
||||
|
||||
/**
|
||||
* \brief MD2 HMAC context setup
|
||||
*
|
||||
* \param ctx HMAC context to be initialized
|
||||
* \param key HMAC secret key
|
||||
* \param keylen length of the HMAC key
|
||||
*/
|
||||
void md2_hmac_starts( md2_context *ctx, const unsigned char *key, size_t keylen );
|
||||
|
||||
/**
|
||||
* \brief MD2 HMAC process buffer
|
||||
*
|
||||
* \param ctx HMAC context
|
||||
* \param input buffer holding the data
|
||||
* \param ilen length of the input data
|
||||
*/
|
||||
void md2_hmac_update( md2_context *ctx, const unsigned char *input, size_t ilen );
|
||||
|
||||
/**
|
||||
* \brief MD2 HMAC final digest
|
||||
*
|
||||
* \param ctx HMAC context
|
||||
* \param output MD2 HMAC checksum result
|
||||
*/
|
||||
void md2_hmac_finish( md2_context *ctx, unsigned char output[16] );
|
||||
|
||||
/**
|
||||
* \brief MD2 HMAC context reset
|
||||
*
|
||||
* \param ctx HMAC context to be reset
|
||||
*/
|
||||
void md2_hmac_reset( md2_context *ctx );
|
||||
|
||||
/**
|
||||
* \brief Output = HMAC-MD2( hmac key, input buffer )
|
||||
*
|
||||
* \param key HMAC secret key
|
||||
* \param keylen length of the HMAC key
|
||||
* \param input buffer holding the data
|
||||
* \param ilen length of the input data
|
||||
* \param output HMAC-MD2 result
|
||||
*/
|
||||
void md2_hmac( const unsigned char *key, size_t keylen,
|
||||
const unsigned char *input, size_t ilen,
|
||||
unsigned char output[16] );
|
||||
|
||||
/**
|
||||
* \brief Checkup routine
|
||||
*
|
||||
* \return 0 if successful, or 1 if the test failed
|
||||
*/
|
||||
int md2_self_test( int verbose );
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* md2.h */
|
||||
@@ -1,177 +0,0 @@
|
||||
/**
|
||||
* \file md4.h
|
||||
*
|
||||
* \brief MD4 message digest algorithm (hash function)
|
||||
*
|
||||
* Copyright (C) 2006-2013, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
#ifndef POLARSSL_MD4_H
|
||||
#define POLARSSL_MD4_H
|
||||
|
||||
#include "polarssl/config.h"
|
||||
|
||||
#include <string.h>
|
||||
|
||||
#ifdef _MSC_VER
|
||||
#include <basetsd.h>
|
||||
typedef UINT32 uint32_t;
|
||||
#else
|
||||
#include <inttypes.h>
|
||||
#endif
|
||||
|
||||
#define POLARSSL_ERR_MD4_FILE_IO_ERROR -0x0072 /**< Read/write error in file. */
|
||||
|
||||
#if !defined(POLARSSL_MD4_ALT)
|
||||
// Regular implementation
|
||||
//
|
||||
|
||||
/**
|
||||
* \brief MD4 context structure
|
||||
*/
|
||||
typedef struct
|
||||
{
|
||||
uint32_t total[2]; /*!< number of bytes processed */
|
||||
uint32_t state[4]; /*!< intermediate digest state */
|
||||
unsigned char buffer[64]; /*!< data block being processed */
|
||||
|
||||
unsigned char ipad[64]; /*!< HMAC: inner padding */
|
||||
unsigned char opad[64]; /*!< HMAC: outer padding */
|
||||
}
|
||||
md4_context;
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/**
|
||||
* \brief MD4 context setup
|
||||
*
|
||||
* \param ctx context to be initialized
|
||||
*/
|
||||
void md4_starts( md4_context *ctx );
|
||||
|
||||
/**
|
||||
* \brief MD4 process buffer
|
||||
*
|
||||
* \param ctx MD4 context
|
||||
* \param input buffer holding the data
|
||||
* \param ilen length of the input data
|
||||
*/
|
||||
void md4_update( md4_context *ctx, const unsigned char *input, size_t ilen );
|
||||
|
||||
/**
|
||||
* \brief MD4 final digest
|
||||
*
|
||||
* \param ctx MD4 context
|
||||
* \param output MD4 checksum result
|
||||
*/
|
||||
void md4_finish( md4_context *ctx, unsigned char output[16] );
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#else /* POLARSSL_MD4_ALT */
|
||||
#include "polarssl/md4_alt.h"
|
||||
#endif /* POLARSSL_MD4_ALT */
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/**
|
||||
* \brief Output = MD4( input buffer )
|
||||
*
|
||||
* \param input buffer holding the data
|
||||
* \param ilen length of the input data
|
||||
* \param output MD4 checksum result
|
||||
*/
|
||||
void md4( const unsigned char *input, size_t ilen, unsigned char output[16] );
|
||||
|
||||
/**
|
||||
* \brief Output = MD4( file contents )
|
||||
*
|
||||
* \param path input file name
|
||||
* \param output MD4 checksum result
|
||||
*
|
||||
* \return 0 if successful, or POLARSSL_ERR_MD4_FILE_IO_ERROR
|
||||
*/
|
||||
int md4_file( const char *path, unsigned char output[16] );
|
||||
|
||||
/**
|
||||
* \brief MD4 HMAC context setup
|
||||
*
|
||||
* \param ctx HMAC context to be initialized
|
||||
* \param key HMAC secret key
|
||||
* \param keylen length of the HMAC key
|
||||
*/
|
||||
void md4_hmac_starts( md4_context *ctx, const unsigned char *key, size_t keylen );
|
||||
|
||||
/**
|
||||
* \brief MD4 HMAC process buffer
|
||||
*
|
||||
* \param ctx HMAC context
|
||||
* \param input buffer holding the data
|
||||
* \param ilen length of the input data
|
||||
*/
|
||||
void md4_hmac_update( md4_context *ctx, const unsigned char *input, size_t ilen );
|
||||
|
||||
/**
|
||||
* \brief MD4 HMAC final digest
|
||||
*
|
||||
* \param ctx HMAC context
|
||||
* \param output MD4 HMAC checksum result
|
||||
*/
|
||||
void md4_hmac_finish( md4_context *ctx, unsigned char output[16] );
|
||||
|
||||
/**
|
||||
* \brief MD4 HMAC context reset
|
||||
*
|
||||
* \param ctx HMAC context to be reset
|
||||
*/
|
||||
void md4_hmac_reset( md4_context *ctx );
|
||||
|
||||
/**
|
||||
* \brief Output = HMAC-MD4( hmac key, input buffer )
|
||||
*
|
||||
* \param key HMAC secret key
|
||||
* \param keylen length of the HMAC key
|
||||
* \param input buffer holding the data
|
||||
* \param ilen length of the input data
|
||||
* \param output HMAC-MD4 result
|
||||
*/
|
||||
void md4_hmac( const unsigned char *key, size_t keylen,
|
||||
const unsigned char *input, size_t ilen,
|
||||
unsigned char output[16] );
|
||||
|
||||
/**
|
||||
* \brief Checkup routine
|
||||
*
|
||||
* \return 0 if successful, or 1 if the test failed
|
||||
*/
|
||||
int md4_self_test( int verbose );
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* md4.h */
|
||||
@@ -1,585 +0,0 @@
|
||||
/*
|
||||
* RFC 1321 compliant MD5 implementation
|
||||
*
|
||||
* Copyright (C) 2006-2013, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
/*
|
||||
* The MD5 algorithm was designed by Ron Rivest in 1991.
|
||||
*
|
||||
* http://www.ietf.org/rfc/rfc1321.txt
|
||||
*/
|
||||
|
||||
#include "polarssl/config.h"
|
||||
|
||||
#if defined(POLARSSL_MD5_C)
|
||||
|
||||
#include "polarssl/md5.h"
|
||||
|
||||
#if defined(POLARSSL_FS_IO) || defined(POLARSSL_SELF_TEST)
|
||||
#include <stdio.h>
|
||||
#endif
|
||||
|
||||
#if !defined(POLARSSL_MD5_ALT)
|
||||
|
||||
/*
|
||||
* 32-bit integer manipulation macros (little endian)
|
||||
*/
|
||||
#ifndef GET_UINT32_LE
|
||||
#define GET_UINT32_LE(n,b,i) \
|
||||
{ \
|
||||
(n) = ( (uint32_t) (b)[(i) ] ) \
|
||||
| ( (uint32_t) (b)[(i) + 1] << 8 ) \
|
||||
| ( (uint32_t) (b)[(i) + 2] << 16 ) \
|
||||
| ( (uint32_t) (b)[(i) + 3] << 24 ); \
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifndef PUT_UINT32_LE
|
||||
#define PUT_UINT32_LE(n,b,i) \
|
||||
{ \
|
||||
(b)[(i) ] = (unsigned char) ( (n) ); \
|
||||
(b)[(i) + 1] = (unsigned char) ( (n) >> 8 ); \
|
||||
(b)[(i) + 2] = (unsigned char) ( (n) >> 16 ); \
|
||||
(b)[(i) + 3] = (unsigned char) ( (n) >> 24 ); \
|
||||
}
|
||||
#endif
|
||||
|
||||
/*
|
||||
* MD5 context setup
|
||||
*/
|
||||
void md5_starts( md5_context *ctx )
|
||||
{
|
||||
ctx->total[0] = 0;
|
||||
ctx->total[1] = 0;
|
||||
|
||||
ctx->state[0] = 0x67452301;
|
||||
ctx->state[1] = 0xEFCDAB89;
|
||||
ctx->state[2] = 0x98BADCFE;
|
||||
ctx->state[3] = 0x10325476;
|
||||
}
|
||||
|
||||
void md5_process( md5_context *ctx, const unsigned char data[64] )
|
||||
{
|
||||
uint32_t X[16], A, B, C, D;
|
||||
|
||||
GET_UINT32_LE( X[ 0], data, 0 );
|
||||
GET_UINT32_LE( X[ 1], data, 4 );
|
||||
GET_UINT32_LE( X[ 2], data, 8 );
|
||||
GET_UINT32_LE( X[ 3], data, 12 );
|
||||
GET_UINT32_LE( X[ 4], data, 16 );
|
||||
GET_UINT32_LE( X[ 5], data, 20 );
|
||||
GET_UINT32_LE( X[ 6], data, 24 );
|
||||
GET_UINT32_LE( X[ 7], data, 28 );
|
||||
GET_UINT32_LE( X[ 8], data, 32 );
|
||||
GET_UINT32_LE( X[ 9], data, 36 );
|
||||
GET_UINT32_LE( X[10], data, 40 );
|
||||
GET_UINT32_LE( X[11], data, 44 );
|
||||
GET_UINT32_LE( X[12], data, 48 );
|
||||
GET_UINT32_LE( X[13], data, 52 );
|
||||
GET_UINT32_LE( X[14], data, 56 );
|
||||
GET_UINT32_LE( X[15], data, 60 );
|
||||
|
||||
#define S(x,n) ((x << n) | ((x & 0xFFFFFFFF) >> (32 - n)))
|
||||
|
||||
#define P(a,b,c,d,k,s,t) \
|
||||
{ \
|
||||
a += F(b,c,d) + X[k] + t; a = S(a,s) + b; \
|
||||
}
|
||||
|
||||
A = ctx->state[0];
|
||||
B = ctx->state[1];
|
||||
C = ctx->state[2];
|
||||
D = ctx->state[3];
|
||||
|
||||
#define F(x,y,z) (z ^ (x & (y ^ z)))
|
||||
|
||||
P( A, B, C, D, 0, 7, 0xD76AA478 );
|
||||
P( D, A, B, C, 1, 12, 0xE8C7B756 );
|
||||
P( C, D, A, B, 2, 17, 0x242070DB );
|
||||
P( B, C, D, A, 3, 22, 0xC1BDCEEE );
|
||||
P( A, B, C, D, 4, 7, 0xF57C0FAF );
|
||||
P( D, A, B, C, 5, 12, 0x4787C62A );
|
||||
P( C, D, A, B, 6, 17, 0xA8304613 );
|
||||
P( B, C, D, A, 7, 22, 0xFD469501 );
|
||||
P( A, B, C, D, 8, 7, 0x698098D8 );
|
||||
P( D, A, B, C, 9, 12, 0x8B44F7AF );
|
||||
P( C, D, A, B, 10, 17, 0xFFFF5BB1 );
|
||||
P( B, C, D, A, 11, 22, 0x895CD7BE );
|
||||
P( A, B, C, D, 12, 7, 0x6B901122 );
|
||||
P( D, A, B, C, 13, 12, 0xFD987193 );
|
||||
P( C, D, A, B, 14, 17, 0xA679438E );
|
||||
P( B, C, D, A, 15, 22, 0x49B40821 );
|
||||
|
||||
#undef F
|
||||
|
||||
#define F(x,y,z) (y ^ (z & (x ^ y)))
|
||||
|
||||
P( A, B, C, D, 1, 5, 0xF61E2562 );
|
||||
P( D, A, B, C, 6, 9, 0xC040B340 );
|
||||
P( C, D, A, B, 11, 14, 0x265E5A51 );
|
||||
P( B, C, D, A, 0, 20, 0xE9B6C7AA );
|
||||
P( A, B, C, D, 5, 5, 0xD62F105D );
|
||||
P( D, A, B, C, 10, 9, 0x02441453 );
|
||||
P( C, D, A, B, 15, 14, 0xD8A1E681 );
|
||||
P( B, C, D, A, 4, 20, 0xE7D3FBC8 );
|
||||
P( A, B, C, D, 9, 5, 0x21E1CDE6 );
|
||||
P( D, A, B, C, 14, 9, 0xC33707D6 );
|
||||
P( C, D, A, B, 3, 14, 0xF4D50D87 );
|
||||
P( B, C, D, A, 8, 20, 0x455A14ED );
|
||||
P( A, B, C, D, 13, 5, 0xA9E3E905 );
|
||||
P( D, A, B, C, 2, 9, 0xFCEFA3F8 );
|
||||
P( C, D, A, B, 7, 14, 0x676F02D9 );
|
||||
P( B, C, D, A, 12, 20, 0x8D2A4C8A );
|
||||
|
||||
#undef F
|
||||
|
||||
#define F(x,y,z) (x ^ y ^ z)
|
||||
|
||||
P( A, B, C, D, 5, 4, 0xFFFA3942 );
|
||||
P( D, A, B, C, 8, 11, 0x8771F681 );
|
||||
P( C, D, A, B, 11, 16, 0x6D9D6122 );
|
||||
P( B, C, D, A, 14, 23, 0xFDE5380C );
|
||||
P( A, B, C, D, 1, 4, 0xA4BEEA44 );
|
||||
P( D, A, B, C, 4, 11, 0x4BDECFA9 );
|
||||
P( C, D, A, B, 7, 16, 0xF6BB4B60 );
|
||||
P( B, C, D, A, 10, 23, 0xBEBFBC70 );
|
||||
P( A, B, C, D, 13, 4, 0x289B7EC6 );
|
||||
P( D, A, B, C, 0, 11, 0xEAA127FA );
|
||||
P( C, D, A, B, 3, 16, 0xD4EF3085 );
|
||||
P( B, C, D, A, 6, 23, 0x04881D05 );
|
||||
P( A, B, C, D, 9, 4, 0xD9D4D039 );
|
||||
P( D, A, B, C, 12, 11, 0xE6DB99E5 );
|
||||
P( C, D, A, B, 15, 16, 0x1FA27CF8 );
|
||||
P( B, C, D, A, 2, 23, 0xC4AC5665 );
|
||||
|
||||
#undef F
|
||||
|
||||
#define F(x,y,z) (y ^ (x | ~z))
|
||||
|
||||
P( A, B, C, D, 0, 6, 0xF4292244 );
|
||||
P( D, A, B, C, 7, 10, 0x432AFF97 );
|
||||
P( C, D, A, B, 14, 15, 0xAB9423A7 );
|
||||
P( B, C, D, A, 5, 21, 0xFC93A039 );
|
||||
P( A, B, C, D, 12, 6, 0x655B59C3 );
|
||||
P( D, A, B, C, 3, 10, 0x8F0CCC92 );
|
||||
P( C, D, A, B, 10, 15, 0xFFEFF47D );
|
||||
P( B, C, D, A, 1, 21, 0x85845DD1 );
|
||||
P( A, B, C, D, 8, 6, 0x6FA87E4F );
|
||||
P( D, A, B, C, 15, 10, 0xFE2CE6E0 );
|
||||
P( C, D, A, B, 6, 15, 0xA3014314 );
|
||||
P( B, C, D, A, 13, 21, 0x4E0811A1 );
|
||||
P( A, B, C, D, 4, 6, 0xF7537E82 );
|
||||
P( D, A, B, C, 11, 10, 0xBD3AF235 );
|
||||
P( C, D, A, B, 2, 15, 0x2AD7D2BB );
|
||||
P( B, C, D, A, 9, 21, 0xEB86D391 );
|
||||
|
||||
#undef F
|
||||
|
||||
ctx->state[0] += A;
|
||||
ctx->state[1] += B;
|
||||
ctx->state[2] += C;
|
||||
ctx->state[3] += D;
|
||||
}
|
||||
|
||||
/*
|
||||
* MD5 process buffer
|
||||
*/
|
||||
void md5_update( md5_context *ctx, const unsigned char *input, size_t ilen )
|
||||
{
|
||||
size_t fill;
|
||||
uint32_t left;
|
||||
|
||||
if( ilen <= 0 )
|
||||
return;
|
||||
|
||||
left = ctx->total[0] & 0x3F;
|
||||
fill = 64 - left;
|
||||
|
||||
ctx->total[0] += (uint32_t) ilen;
|
||||
ctx->total[0] &= 0xFFFFFFFF;
|
||||
|
||||
if( ctx->total[0] < (uint32_t) ilen )
|
||||
ctx->total[1]++;
|
||||
|
||||
if( left && ilen >= fill )
|
||||
{
|
||||
memcpy( (void *) (ctx->buffer + left), input, fill );
|
||||
md5_process( ctx, ctx->buffer );
|
||||
input += fill;
|
||||
ilen -= fill;
|
||||
left = 0;
|
||||
}
|
||||
|
||||
while( ilen >= 64 )
|
||||
{
|
||||
md5_process( ctx, input );
|
||||
input += 64;
|
||||
ilen -= 64;
|
||||
}
|
||||
|
||||
if( ilen > 0 )
|
||||
{
|
||||
memcpy( (void *) (ctx->buffer + left), input, ilen );
|
||||
}
|
||||
}
|
||||
|
||||
static const unsigned char md5_padding[64] =
|
||||
{
|
||||
0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
|
||||
};
|
||||
|
||||
/*
|
||||
* MD5 final digest
|
||||
*/
|
||||
void md5_finish( md5_context *ctx, unsigned char output[16] )
|
||||
{
|
||||
uint32_t last, padn;
|
||||
uint32_t high, low;
|
||||
unsigned char msglen[8];
|
||||
|
||||
high = ( ctx->total[0] >> 29 )
|
||||
| ( ctx->total[1] << 3 );
|
||||
low = ( ctx->total[0] << 3 );
|
||||
|
||||
PUT_UINT32_LE( low, msglen, 0 );
|
||||
PUT_UINT32_LE( high, msglen, 4 );
|
||||
|
||||
last = ctx->total[0] & 0x3F;
|
||||
padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
|
||||
|
||||
md5_update( ctx, md5_padding, padn );
|
||||
md5_update( ctx, msglen, 8 );
|
||||
|
||||
PUT_UINT32_LE( ctx->state[0], output, 0 );
|
||||
PUT_UINT32_LE( ctx->state[1], output, 4 );
|
||||
PUT_UINT32_LE( ctx->state[2], output, 8 );
|
||||
PUT_UINT32_LE( ctx->state[3], output, 12 );
|
||||
}
|
||||
|
||||
#endif /* !POLARSSL_MD5_ALT */
|
||||
|
||||
/*
|
||||
* output = MD5( input buffer )
|
||||
*/
|
||||
void md5( const unsigned char *input, size_t ilen, unsigned char output[16] )
|
||||
{
|
||||
md5_context ctx;
|
||||
|
||||
md5_starts( &ctx );
|
||||
md5_update( &ctx, input, ilen );
|
||||
md5_finish( &ctx, output );
|
||||
|
||||
memset( &ctx, 0, sizeof( md5_context ) );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
/*
|
||||
* output = MD5( file contents )
|
||||
*/
|
||||
int md5_file( const char *path, unsigned char output[16] )
|
||||
{
|
||||
FILE *f;
|
||||
size_t n;
|
||||
md5_context ctx;
|
||||
unsigned char buf[1024];
|
||||
|
||||
if( ( f = fopen( path, "rb" ) ) == NULL )
|
||||
return( POLARSSL_ERR_MD5_FILE_IO_ERROR );
|
||||
|
||||
md5_starts( &ctx );
|
||||
|
||||
while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
|
||||
md5_update( &ctx, buf, n );
|
||||
|
||||
md5_finish( &ctx, output );
|
||||
|
||||
memset( &ctx, 0, sizeof( md5_context ) );
|
||||
|
||||
if( ferror( f ) != 0 )
|
||||
{
|
||||
fclose( f );
|
||||
return( POLARSSL_ERR_MD5_FILE_IO_ERROR );
|
||||
}
|
||||
|
||||
fclose( f );
|
||||
return( 0 );
|
||||
}
|
||||
#endif /* POLARSSL_FS_IO */
|
||||
|
||||
/*
|
||||
* MD5 HMAC context setup
|
||||
*/
|
||||
void md5_hmac_starts( md5_context *ctx, const unsigned char *key, size_t keylen )
|
||||
{
|
||||
size_t i;
|
||||
unsigned char sum[16];
|
||||
|
||||
if( keylen > 64 )
|
||||
{
|
||||
md5( key, keylen, sum );
|
||||
keylen = 16;
|
||||
key = sum;
|
||||
}
|
||||
|
||||
memset( ctx->ipad, 0x36, 64 );
|
||||
memset( ctx->opad, 0x5C, 64 );
|
||||
|
||||
for( i = 0; i < keylen; i++ )
|
||||
{
|
||||
ctx->ipad[i] = (unsigned char)( ctx->ipad[i] ^ key[i] );
|
||||
ctx->opad[i] = (unsigned char)( ctx->opad[i] ^ key[i] );
|
||||
}
|
||||
|
||||
md5_starts( ctx );
|
||||
md5_update( ctx, ctx->ipad, 64 );
|
||||
|
||||
memset( sum, 0, sizeof( sum ) );
|
||||
}
|
||||
|
||||
/*
|
||||
* MD5 HMAC process buffer
|
||||
*/
|
||||
void md5_hmac_update( md5_context *ctx, const unsigned char *input, size_t ilen )
|
||||
{
|
||||
md5_update( ctx, input, ilen );
|
||||
}
|
||||
|
||||
/*
|
||||
* MD5 HMAC final digest
|
||||
*/
|
||||
void md5_hmac_finish( md5_context *ctx, unsigned char output[16] )
|
||||
{
|
||||
unsigned char tmpbuf[16];
|
||||
|
||||
md5_finish( ctx, tmpbuf );
|
||||
md5_starts( ctx );
|
||||
md5_update( ctx, ctx->opad, 64 );
|
||||
md5_update( ctx, tmpbuf, 16 );
|
||||
md5_finish( ctx, output );
|
||||
|
||||
memset( tmpbuf, 0, sizeof( tmpbuf ) );
|
||||
}
|
||||
|
||||
/*
|
||||
* MD5 HMAC context reset
|
||||
*/
|
||||
void md5_hmac_reset( md5_context *ctx )
|
||||
{
|
||||
md5_starts( ctx );
|
||||
md5_update( ctx, ctx->ipad, 64 );
|
||||
}
|
||||
|
||||
/*
|
||||
* output = HMAC-MD5( hmac key, input buffer )
|
||||
*/
|
||||
void md5_hmac( const unsigned char *key, size_t keylen,
|
||||
const unsigned char *input, size_t ilen,
|
||||
unsigned char output[16] )
|
||||
{
|
||||
md5_context ctx;
|
||||
|
||||
md5_hmac_starts( &ctx, key, keylen );
|
||||
md5_hmac_update( &ctx, input, ilen );
|
||||
md5_hmac_finish( &ctx, output );
|
||||
|
||||
memset( &ctx, 0, sizeof( md5_context ) );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_SELF_TEST)
|
||||
/*
|
||||
* RFC 1321 test vectors
|
||||
*/
|
||||
static unsigned char md5_test_buf[7][81] =
|
||||
{
|
||||
{ "" },
|
||||
{ "a" },
|
||||
{ "abc" },
|
||||
{ "message digest" },
|
||||
{ "abcdefghijklmnopqrstuvwxyz" },
|
||||
{ "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789" },
|
||||
{ "12345678901234567890123456789012345678901234567890123456789012" \
|
||||
"345678901234567890" }
|
||||
};
|
||||
|
||||
static const int md5_test_buflen[7] =
|
||||
{
|
||||
0, 1, 3, 14, 26, 62, 80
|
||||
};
|
||||
|
||||
static const unsigned char md5_test_sum[7][16] =
|
||||
{
|
||||
{ 0xD4, 0x1D, 0x8C, 0xD9, 0x8F, 0x00, 0xB2, 0x04,
|
||||
0xE9, 0x80, 0x09, 0x98, 0xEC, 0xF8, 0x42, 0x7E },
|
||||
{ 0x0C, 0xC1, 0x75, 0xB9, 0xC0, 0xF1, 0xB6, 0xA8,
|
||||
0x31, 0xC3, 0x99, 0xE2, 0x69, 0x77, 0x26, 0x61 },
|
||||
{ 0x90, 0x01, 0x50, 0x98, 0x3C, 0xD2, 0x4F, 0xB0,
|
||||
0xD6, 0x96, 0x3F, 0x7D, 0x28, 0xE1, 0x7F, 0x72 },
|
||||
{ 0xF9, 0x6B, 0x69, 0x7D, 0x7C, 0xB7, 0x93, 0x8D,
|
||||
0x52, 0x5A, 0x2F, 0x31, 0xAA, 0xF1, 0x61, 0xD0 },
|
||||
{ 0xC3, 0xFC, 0xD3, 0xD7, 0x61, 0x92, 0xE4, 0x00,
|
||||
0x7D, 0xFB, 0x49, 0x6C, 0xCA, 0x67, 0xE1, 0x3B },
|
||||
{ 0xD1, 0x74, 0xAB, 0x98, 0xD2, 0x77, 0xD9, 0xF5,
|
||||
0xA5, 0x61, 0x1C, 0x2C, 0x9F, 0x41, 0x9D, 0x9F },
|
||||
{ 0x57, 0xED, 0xF4, 0xA2, 0x2B, 0xE3, 0xC9, 0x55,
|
||||
0xAC, 0x49, 0xDA, 0x2E, 0x21, 0x07, 0xB6, 0x7A }
|
||||
};
|
||||
|
||||
/*
|
||||
* RFC 2202 test vectors
|
||||
*/
|
||||
static unsigned char md5_hmac_test_key[7][26] =
|
||||
{
|
||||
{ "\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B" },
|
||||
{ "Jefe" },
|
||||
{ "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" },
|
||||
{ "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10"
|
||||
"\x11\x12\x13\x14\x15\x16\x17\x18\x19" },
|
||||
{ "\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C" },
|
||||
{ "" }, /* 0xAA 80 times */
|
||||
{ "" }
|
||||
};
|
||||
|
||||
static const int md5_hmac_test_keylen[7] =
|
||||
{
|
||||
16, 4, 16, 25, 16, 80, 80
|
||||
};
|
||||
|
||||
static unsigned char md5_hmac_test_buf[7][74] =
|
||||
{
|
||||
{ "Hi There" },
|
||||
{ "what do ya want for nothing?" },
|
||||
{ "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
|
||||
"\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
|
||||
"\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
|
||||
"\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
|
||||
"\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" },
|
||||
{ "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
|
||||
"\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
|
||||
"\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
|
||||
"\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
|
||||
"\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" },
|
||||
{ "Test With Truncation" },
|
||||
{ "Test Using Larger Than Block-Size Key - Hash Key First" },
|
||||
{ "Test Using Larger Than Block-Size Key and Larger"
|
||||
" Than One Block-Size Data" }
|
||||
};
|
||||
|
||||
static const int md5_hmac_test_buflen[7] =
|
||||
{
|
||||
8, 28, 50, 50, 20, 54, 73
|
||||
};
|
||||
|
||||
static const unsigned char md5_hmac_test_sum[7][16] =
|
||||
{
|
||||
{ 0x92, 0x94, 0x72, 0x7A, 0x36, 0x38, 0xBB, 0x1C,
|
||||
0x13, 0xF4, 0x8E, 0xF8, 0x15, 0x8B, 0xFC, 0x9D },
|
||||
{ 0x75, 0x0C, 0x78, 0x3E, 0x6A, 0xB0, 0xB5, 0x03,
|
||||
0xEA, 0xA8, 0x6E, 0x31, 0x0A, 0x5D, 0xB7, 0x38 },
|
||||
{ 0x56, 0xBE, 0x34, 0x52, 0x1D, 0x14, 0x4C, 0x88,
|
||||
0xDB, 0xB8, 0xC7, 0x33, 0xF0, 0xE8, 0xB3, 0xF6 },
|
||||
{ 0x69, 0x7E, 0xAF, 0x0A, 0xCA, 0x3A, 0x3A, 0xEA,
|
||||
0x3A, 0x75, 0x16, 0x47, 0x46, 0xFF, 0xAA, 0x79 },
|
||||
{ 0x56, 0x46, 0x1E, 0xF2, 0x34, 0x2E, 0xDC, 0x00,
|
||||
0xF9, 0xBA, 0xB9, 0x95 },
|
||||
{ 0x6B, 0x1A, 0xB7, 0xFE, 0x4B, 0xD7, 0xBF, 0x8F,
|
||||
0x0B, 0x62, 0xE6, 0xCE, 0x61, 0xB9, 0xD0, 0xCD },
|
||||
{ 0x6F, 0x63, 0x0F, 0xAD, 0x67, 0xCD, 0xA0, 0xEE,
|
||||
0x1F, 0xB1, 0xF5, 0x62, 0xDB, 0x3A, 0xA5, 0x3E }
|
||||
};
|
||||
|
||||
/*
|
||||
* Checkup routine
|
||||
*/
|
||||
int md5_self_test( int verbose )
|
||||
{
|
||||
int i, buflen;
|
||||
unsigned char buf[1024];
|
||||
unsigned char md5sum[16];
|
||||
md5_context ctx;
|
||||
|
||||
for( i = 0; i < 7; i++ )
|
||||
{
|
||||
if( verbose != 0 )
|
||||
printf( " MD5 test #%d: ", i + 1 );
|
||||
|
||||
md5( md5_test_buf[i], md5_test_buflen[i], md5sum );
|
||||
|
||||
if( memcmp( md5sum, md5_test_sum[i], 16 ) != 0 )
|
||||
{
|
||||
if( verbose != 0 )
|
||||
printf( "failed\n" );
|
||||
|
||||
return( 1 );
|
||||
}
|
||||
|
||||
if( verbose != 0 )
|
||||
printf( "passed\n" );
|
||||
}
|
||||
|
||||
if( verbose != 0 )
|
||||
printf( "\n" );
|
||||
|
||||
for( i = 0; i < 7; i++ )
|
||||
{
|
||||
if( verbose != 0 )
|
||||
printf( " HMAC-MD5 test #%d: ", i + 1 );
|
||||
|
||||
if( i == 5 || i == 6 )
|
||||
{
|
||||
memset( buf, '\xAA', buflen = 80 );
|
||||
md5_hmac_starts( &ctx, buf, buflen );
|
||||
}
|
||||
else
|
||||
md5_hmac_starts( &ctx, md5_hmac_test_key[i],
|
||||
md5_hmac_test_keylen[i] );
|
||||
|
||||
md5_hmac_update( &ctx, md5_hmac_test_buf[i],
|
||||
md5_hmac_test_buflen[i] );
|
||||
|
||||
md5_hmac_finish( &ctx, md5sum );
|
||||
|
||||
buflen = ( i == 4 ) ? 12 : 16;
|
||||
|
||||
if( memcmp( md5sum, md5_hmac_test_sum[i], buflen ) != 0 )
|
||||
{
|
||||
if( verbose != 0 )
|
||||
printf( "failed\n" );
|
||||
|
||||
return( 1 );
|
||||
}
|
||||
|
||||
if( verbose != 0 )
|
||||
printf( "passed\n" );
|
||||
}
|
||||
|
||||
if( verbose != 0 )
|
||||
printf( "\n" );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
#endif
|
||||
|
||||
#endif
|
||||
@@ -1,182 +0,0 @@
|
||||
/**
|
||||
* \file md5.h
|
||||
*
|
||||
* \brief MD5 message digest algorithm (hash function)
|
||||
*
|
||||
* Copyright (C) 2006-2013, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
#ifndef POLARSSL_MD5_H
|
||||
#define POLARSSL_MD5_H
|
||||
|
||||
#include "polarssl/config.h"
|
||||
|
||||
#include <string.h>
|
||||
|
||||
#ifdef _MSC_VER
|
||||
#include <basetsd.h>
|
||||
typedef UINT32 uint32_t;
|
||||
#else
|
||||
#include <inttypes.h>
|
||||
#endif
|
||||
|
||||
#define POLARSSL_ERR_MD5_FILE_IO_ERROR -0x0074 /**< Read/write error in file. */
|
||||
|
||||
#if !defined(POLARSSL_MD5_ALT)
|
||||
// Regular implementation
|
||||
//
|
||||
|
||||
/**
|
||||
* \brief MD5 context structure
|
||||
*/
|
||||
typedef struct
|
||||
{
|
||||
uint32_t total[2]; /*!< number of bytes processed */
|
||||
uint32_t state[4]; /*!< intermediate digest state */
|
||||
unsigned char buffer[64]; /*!< data block being processed */
|
||||
|
||||
unsigned char ipad[64]; /*!< HMAC: inner padding */
|
||||
unsigned char opad[64]; /*!< HMAC: outer padding */
|
||||
}
|
||||
md5_context;
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/**
|
||||
* \brief MD5 context setup
|
||||
*
|
||||
* \param ctx context to be initialized
|
||||
*/
|
||||
void md5_starts( md5_context *ctx );
|
||||
|
||||
/**
|
||||
* \brief MD5 process buffer
|
||||
*
|
||||
* \param ctx MD5 context
|
||||
* \param input buffer holding the data
|
||||
* \param ilen length of the input data
|
||||
*/
|
||||
void md5_update( md5_context *ctx, const unsigned char *input, size_t ilen );
|
||||
|
||||
/**
|
||||
* \brief MD5 final digest
|
||||
*
|
||||
* \param ctx MD5 context
|
||||
* \param output MD5 checksum result
|
||||
*/
|
||||
void md5_finish( md5_context *ctx, unsigned char output[16] );
|
||||
|
||||
/* Internal use */
|
||||
void md5_process( md5_context *ctx, const unsigned char data[64] );
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#else /* POLARSSL_MD5_ALT */
|
||||
#include "polarssl/md5_alt.h"
|
||||
#endif /* POLARSSL_MD5_ALT */
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/**
|
||||
* \brief Output = MD5( input buffer )
|
||||
*
|
||||
* \param input buffer holding the data
|
||||
* \param ilen length of the input data
|
||||
* \param output MD5 checksum result
|
||||
*/
|
||||
void md5( const unsigned char *input, size_t ilen, unsigned char output[16] );
|
||||
|
||||
/**
|
||||
* \brief Output = MD5( file contents )
|
||||
*
|
||||
* \param path input file name
|
||||
* \param output MD5 checksum result
|
||||
*
|
||||
* \return 0 if successful, or POLARSSL_ERR_MD5_FILE_IO_ERROR
|
||||
*/
|
||||
int md5_file( const char *path, unsigned char output[16] );
|
||||
|
||||
/**
|
||||
* \brief MD5 HMAC context setup
|
||||
*
|
||||
* \param ctx HMAC context to be initialized
|
||||
* \param key HMAC secret key
|
||||
* \param keylen length of the HMAC key
|
||||
*/
|
||||
void md5_hmac_starts( md5_context *ctx,
|
||||
const unsigned char *key, size_t keylen );
|
||||
|
||||
/**
|
||||
* \brief MD5 HMAC process buffer
|
||||
*
|
||||
* \param ctx HMAC context
|
||||
* \param input buffer holding the data
|
||||
* \param ilen length of the input data
|
||||
*/
|
||||
void md5_hmac_update( md5_context *ctx,
|
||||
const unsigned char *input, size_t ilen );
|
||||
|
||||
/**
|
||||
* \brief MD5 HMAC final digest
|
||||
*
|
||||
* \param ctx HMAC context
|
||||
* \param output MD5 HMAC checksum result
|
||||
*/
|
||||
void md5_hmac_finish( md5_context *ctx, unsigned char output[16] );
|
||||
|
||||
/**
|
||||
* \brief MD5 HMAC context reset
|
||||
*
|
||||
* \param ctx HMAC context to be reset
|
||||
*/
|
||||
void md5_hmac_reset( md5_context *ctx );
|
||||
|
||||
/**
|
||||
* \brief Output = HMAC-MD5( hmac key, input buffer )
|
||||
*
|
||||
* \param key HMAC secret key
|
||||
* \param keylen length of the HMAC key
|
||||
* \param input buffer holding the data
|
||||
* \param ilen length of the input data
|
||||
* \param output HMAC-MD5 result
|
||||
*/
|
||||
void md5_hmac( const unsigned char *key, size_t keylen,
|
||||
const unsigned char *input, size_t ilen,
|
||||
unsigned char output[16] );
|
||||
|
||||
/**
|
||||
* \brief Checkup routine
|
||||
*
|
||||
* \return 0 if successful, or 1 if the test failed
|
||||
*/
|
||||
int md5_self_test( int verbose );
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* md5.h */
|
||||
@@ -1,733 +0,0 @@
|
||||
/**
|
||||
* \file md_wrap.c
|
||||
|
||||
* \brief Generic message digest wrapper for PolarSSL
|
||||
*
|
||||
* \author Adriaan de Jong <dejong@fox-it.com>
|
||||
*
|
||||
* Copyright (C) 2006-2010, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#include "polarssl/config.h"
|
||||
|
||||
#if defined(POLARSSL_MD_C)
|
||||
|
||||
#include "polarssl/md_wrap.h"
|
||||
|
||||
#if defined(POLARSSL_MD2_C)
|
||||
#include "polarssl/md2.h"
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_MD4_C)
|
||||
#include "polarssl/md4.h"
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_MD5_C)
|
||||
#include "polarssl/md5.h"
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_SHA1_C)
|
||||
#include "polarssl/sha1.h"
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_SHA2_C)
|
||||
#include "polarssl/sha2.h"
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_SHA4_C)
|
||||
#include "polarssl/sha4.h"
|
||||
#endif
|
||||
|
||||
#include <stdlib.h>
|
||||
|
||||
#if defined(POLARSSL_MD2_C)
|
||||
|
||||
static void md2_starts_wrap( void *ctx )
|
||||
{
|
||||
md2_starts( (md2_context *) ctx );
|
||||
}
|
||||
|
||||
static void md2_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
|
||||
{
|
||||
md2_update( (md2_context *) ctx, input, ilen );
|
||||
}
|
||||
|
||||
static void md2_finish_wrap( void *ctx, unsigned char *output )
|
||||
{
|
||||
md2_finish( (md2_context *) ctx, output );
|
||||
}
|
||||
|
||||
int md2_file_wrap( const char *path, unsigned char *output )
|
||||
{
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
return md2_file( path, output );
|
||||
#else
|
||||
((void) path);
|
||||
((void) output);
|
||||
return POLARSSL_ERR_MD_FEATURE_UNAVAILABLE;
|
||||
#endif
|
||||
}
|
||||
|
||||
static void md2_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )
|
||||
{
|
||||
md2_hmac_starts( (md2_context *) ctx, key, keylen );
|
||||
}
|
||||
|
||||
static void md2_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
|
||||
{
|
||||
md2_hmac_update( (md2_context *) ctx, input, ilen );
|
||||
}
|
||||
|
||||
static void md2_hmac_finish_wrap( void *ctx, unsigned char *output )
|
||||
{
|
||||
md2_hmac_finish( (md2_context *) ctx, output );
|
||||
}
|
||||
|
||||
static void md2_hmac_reset_wrap( void *ctx )
|
||||
{
|
||||
md2_hmac_reset( (md2_context *) ctx );
|
||||
}
|
||||
|
||||
static void * md2_ctx_alloc( void )
|
||||
{
|
||||
return malloc( sizeof( md2_context ) );
|
||||
}
|
||||
|
||||
static void md2_ctx_free( void *ctx )
|
||||
{
|
||||
free( ctx );
|
||||
}
|
||||
|
||||
const md_info_t md2_info = {
|
||||
POLARSSL_MD_MD2,
|
||||
"MD2",
|
||||
16,
|
||||
md2_starts_wrap,
|
||||
md2_update_wrap,
|
||||
md2_finish_wrap,
|
||||
md2,
|
||||
md2_file_wrap,
|
||||
md2_hmac_starts_wrap,
|
||||
md2_hmac_update_wrap,
|
||||
md2_hmac_finish_wrap,
|
||||
md2_hmac_reset_wrap,
|
||||
md2_hmac,
|
||||
md2_ctx_alloc,
|
||||
md2_ctx_free,
|
||||
};
|
||||
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_MD4_C)
|
||||
|
||||
void md4_starts_wrap( void *ctx )
|
||||
{
|
||||
md4_starts( (md4_context *) ctx );
|
||||
}
|
||||
|
||||
void md4_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
|
||||
{
|
||||
md4_update( (md4_context *) ctx, input, ilen );
|
||||
}
|
||||
|
||||
void md4_finish_wrap( void *ctx, unsigned char *output )
|
||||
{
|
||||
md4_finish( (md4_context *) ctx, output );
|
||||
}
|
||||
|
||||
int md4_file_wrap( const char *path, unsigned char *output )
|
||||
{
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
return md4_file( path, output );
|
||||
#else
|
||||
((void) path);
|
||||
((void) output);
|
||||
return POLARSSL_ERR_MD_FEATURE_UNAVAILABLE;
|
||||
#endif
|
||||
}
|
||||
|
||||
void md4_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )
|
||||
{
|
||||
md4_hmac_starts( (md4_context *) ctx, key, keylen );
|
||||
}
|
||||
|
||||
void md4_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
|
||||
{
|
||||
md4_hmac_update( (md4_context *) ctx, input, ilen );
|
||||
}
|
||||
|
||||
void md4_hmac_finish_wrap( void *ctx, unsigned char *output )
|
||||
{
|
||||
md4_hmac_finish( (md4_context *) ctx, output );
|
||||
}
|
||||
|
||||
void md4_hmac_reset_wrap( void *ctx )
|
||||
{
|
||||
md4_hmac_reset( (md4_context *) ctx );
|
||||
}
|
||||
|
||||
void *md4_ctx_alloc( void )
|
||||
{
|
||||
return malloc( sizeof( md4_context ) );
|
||||
}
|
||||
|
||||
void md4_ctx_free( void *ctx )
|
||||
{
|
||||
free( ctx );
|
||||
}
|
||||
|
||||
const md_info_t md4_info = {
|
||||
POLARSSL_MD_MD4,
|
||||
"MD4",
|
||||
16,
|
||||
md4_starts_wrap,
|
||||
md4_update_wrap,
|
||||
md4_finish_wrap,
|
||||
md4,
|
||||
md4_file_wrap,
|
||||
md4_hmac_starts_wrap,
|
||||
md4_hmac_update_wrap,
|
||||
md4_hmac_finish_wrap,
|
||||
md4_hmac_reset_wrap,
|
||||
md4_hmac,
|
||||
md4_ctx_alloc,
|
||||
md4_ctx_free,
|
||||
};
|
||||
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_MD5_C)
|
||||
|
||||
static void md5_starts_wrap( void *ctx )
|
||||
{
|
||||
md5_starts( (md5_context *) ctx );
|
||||
}
|
||||
|
||||
static void md5_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
|
||||
{
|
||||
md5_update( (md5_context *) ctx, input, ilen );
|
||||
}
|
||||
|
||||
static void md5_finish_wrap( void *ctx, unsigned char *output )
|
||||
{
|
||||
md5_finish( (md5_context *) ctx, output );
|
||||
}
|
||||
|
||||
int md5_file_wrap( const char *path, unsigned char *output )
|
||||
{
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
return md5_file( path, output );
|
||||
#else
|
||||
((void) path);
|
||||
((void) output);
|
||||
return POLARSSL_ERR_MD_FEATURE_UNAVAILABLE;
|
||||
#endif
|
||||
}
|
||||
|
||||
static void md5_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )
|
||||
{
|
||||
md5_hmac_starts( (md5_context *) ctx, key, keylen );
|
||||
}
|
||||
|
||||
static void md5_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
|
||||
{
|
||||
md5_hmac_update( (md5_context *) ctx, input, ilen );
|
||||
}
|
||||
|
||||
static void md5_hmac_finish_wrap( void *ctx, unsigned char *output )
|
||||
{
|
||||
md5_hmac_finish( (md5_context *) ctx, output );
|
||||
}
|
||||
|
||||
static void md5_hmac_reset_wrap( void *ctx )
|
||||
{
|
||||
md5_hmac_reset( (md5_context *) ctx );
|
||||
}
|
||||
|
||||
static void * md5_ctx_alloc( void )
|
||||
{
|
||||
return malloc( sizeof( md5_context ) );
|
||||
}
|
||||
|
||||
static void md5_ctx_free( void *ctx )
|
||||
{
|
||||
free( ctx );
|
||||
}
|
||||
|
||||
const md_info_t md5_info = {
|
||||
POLARSSL_MD_MD5,
|
||||
"MD5",
|
||||
16,
|
||||
md5_starts_wrap,
|
||||
md5_update_wrap,
|
||||
md5_finish_wrap,
|
||||
md5,
|
||||
md5_file_wrap,
|
||||
md5_hmac_starts_wrap,
|
||||
md5_hmac_update_wrap,
|
||||
md5_hmac_finish_wrap,
|
||||
md5_hmac_reset_wrap,
|
||||
md5_hmac,
|
||||
md5_ctx_alloc,
|
||||
md5_ctx_free,
|
||||
};
|
||||
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_SHA1_C)
|
||||
|
||||
void sha1_starts_wrap( void *ctx )
|
||||
{
|
||||
sha1_starts( (sha1_context *) ctx );
|
||||
}
|
||||
|
||||
void sha1_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
|
||||
{
|
||||
sha1_update( (sha1_context *) ctx, input, ilen );
|
||||
}
|
||||
|
||||
void sha1_finish_wrap( void *ctx, unsigned char *output )
|
||||
{
|
||||
sha1_finish( (sha1_context *) ctx, output );
|
||||
}
|
||||
|
||||
int sha1_file_wrap( const char *path, unsigned char *output )
|
||||
{
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
return sha1_file( path, output );
|
||||
#else
|
||||
((void) path);
|
||||
((void) output);
|
||||
return POLARSSL_ERR_MD_FEATURE_UNAVAILABLE;
|
||||
#endif
|
||||
}
|
||||
|
||||
void sha1_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )
|
||||
{
|
||||
sha1_hmac_starts( (sha1_context *) ctx, key, keylen );
|
||||
}
|
||||
|
||||
void sha1_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
|
||||
{
|
||||
sha1_hmac_update( (sha1_context *) ctx, input, ilen );
|
||||
}
|
||||
|
||||
void sha1_hmac_finish_wrap( void *ctx, unsigned char *output )
|
||||
{
|
||||
sha1_hmac_finish( (sha1_context *) ctx, output );
|
||||
}
|
||||
|
||||
void sha1_hmac_reset_wrap( void *ctx )
|
||||
{
|
||||
sha1_hmac_reset( (sha1_context *) ctx );
|
||||
}
|
||||
|
||||
void * sha1_ctx_alloc( void )
|
||||
{
|
||||
return malloc( sizeof( sha1_context ) );
|
||||
}
|
||||
|
||||
void sha1_ctx_free( void *ctx )
|
||||
{
|
||||
free( ctx );
|
||||
}
|
||||
|
||||
const md_info_t sha1_info = {
|
||||
POLARSSL_MD_SHA1,
|
||||
"SHA1",
|
||||
20,
|
||||
sha1_starts_wrap,
|
||||
sha1_update_wrap,
|
||||
sha1_finish_wrap,
|
||||
sha1,
|
||||
sha1_file_wrap,
|
||||
sha1_hmac_starts_wrap,
|
||||
sha1_hmac_update_wrap,
|
||||
sha1_hmac_finish_wrap,
|
||||
sha1_hmac_reset_wrap,
|
||||
sha1_hmac,
|
||||
sha1_ctx_alloc,
|
||||
sha1_ctx_free,
|
||||
};
|
||||
|
||||
#endif
|
||||
|
||||
/*
|
||||
* Wrappers for generic message digests
|
||||
*/
|
||||
#if defined(POLARSSL_SHA2_C)
|
||||
|
||||
void sha224_starts_wrap( void *ctx )
|
||||
{
|
||||
sha2_starts( (sha2_context *) ctx, 1 );
|
||||
}
|
||||
|
||||
void sha224_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
|
||||
{
|
||||
sha2_update( (sha2_context *) ctx, input, ilen );
|
||||
}
|
||||
|
||||
void sha224_finish_wrap( void *ctx, unsigned char *output )
|
||||
{
|
||||
sha2_finish( (sha2_context *) ctx, output );
|
||||
}
|
||||
|
||||
void sha224_wrap( const unsigned char *input, size_t ilen,
|
||||
unsigned char *output )
|
||||
{
|
||||
sha2( input, ilen, output, 1 );
|
||||
}
|
||||
|
||||
int sha224_file_wrap( const char *path, unsigned char *output )
|
||||
{
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
return sha2_file( path, output, 1 );
|
||||
#else
|
||||
((void) path);
|
||||
((void) output);
|
||||
return POLARSSL_ERR_MD_FEATURE_UNAVAILABLE;
|
||||
#endif
|
||||
}
|
||||
|
||||
void sha224_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )
|
||||
{
|
||||
sha2_hmac_starts( (sha2_context *) ctx, key, keylen, 1 );
|
||||
}
|
||||
|
||||
void sha224_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
|
||||
{
|
||||
sha2_hmac_update( (sha2_context *) ctx, input, ilen );
|
||||
}
|
||||
|
||||
void sha224_hmac_finish_wrap( void *ctx, unsigned char *output )
|
||||
{
|
||||
sha2_hmac_finish( (sha2_context *) ctx, output );
|
||||
}
|
||||
|
||||
void sha224_hmac_reset_wrap( void *ctx )
|
||||
{
|
||||
sha2_hmac_reset( (sha2_context *) ctx );
|
||||
}
|
||||
|
||||
void sha224_hmac_wrap( const unsigned char *key, size_t keylen,
|
||||
const unsigned char *input, size_t ilen,
|
||||
unsigned char *output )
|
||||
{
|
||||
sha2_hmac( key, keylen, input, ilen, output, 1 );
|
||||
}
|
||||
|
||||
void * sha224_ctx_alloc( void )
|
||||
{
|
||||
return malloc( sizeof( sha2_context ) );
|
||||
}
|
||||
|
||||
void sha224_ctx_free( void *ctx )
|
||||
{
|
||||
free( ctx );
|
||||
}
|
||||
|
||||
const md_info_t sha224_info = {
|
||||
POLARSSL_MD_SHA224,
|
||||
"SHA224",
|
||||
28,
|
||||
sha224_starts_wrap,
|
||||
sha224_update_wrap,
|
||||
sha224_finish_wrap,
|
||||
sha224_wrap,
|
||||
sha224_file_wrap,
|
||||
sha224_hmac_starts_wrap,
|
||||
sha224_hmac_update_wrap,
|
||||
sha224_hmac_finish_wrap,
|
||||
sha224_hmac_reset_wrap,
|
||||
sha224_hmac_wrap,
|
||||
sha224_ctx_alloc,
|
||||
sha224_ctx_free,
|
||||
};
|
||||
|
||||
void sha256_starts_wrap( void *ctx )
|
||||
{
|
||||
sha2_starts( (sha2_context *) ctx, 0 );
|
||||
}
|
||||
|
||||
void sha256_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
|
||||
{
|
||||
sha2_update( (sha2_context *) ctx, input, ilen );
|
||||
}
|
||||
|
||||
void sha256_finish_wrap( void *ctx, unsigned char *output )
|
||||
{
|
||||
sha2_finish( (sha2_context *) ctx, output );
|
||||
}
|
||||
|
||||
void sha256_wrap( const unsigned char *input, size_t ilen,
|
||||
unsigned char *output )
|
||||
{
|
||||
sha2( input, ilen, output, 0 );
|
||||
}
|
||||
|
||||
int sha256_file_wrap( const char *path, unsigned char *output )
|
||||
{
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
return sha2_file( path, output, 0 );
|
||||
#else
|
||||
((void) path);
|
||||
((void) output);
|
||||
return POLARSSL_ERR_MD_FEATURE_UNAVAILABLE;
|
||||
#endif
|
||||
}
|
||||
|
||||
void sha256_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )
|
||||
{
|
||||
sha2_hmac_starts( (sha2_context *) ctx, key, keylen, 0 );
|
||||
}
|
||||
|
||||
void sha256_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
|
||||
{
|
||||
sha2_hmac_update( (sha2_context *) ctx, input, ilen );
|
||||
}
|
||||
|
||||
void sha256_hmac_finish_wrap( void *ctx, unsigned char *output )
|
||||
{
|
||||
sha2_hmac_finish( (sha2_context *) ctx, output );
|
||||
}
|
||||
|
||||
void sha256_hmac_reset_wrap( void *ctx )
|
||||
{
|
||||
sha2_hmac_reset( (sha2_context *) ctx );
|
||||
}
|
||||
|
||||
void sha256_hmac_wrap( const unsigned char *key, size_t keylen,
|
||||
const unsigned char *input, size_t ilen,
|
||||
unsigned char *output )
|
||||
{
|
||||
sha2_hmac( key, keylen, input, ilen, output, 0 );
|
||||
}
|
||||
|
||||
void * sha256_ctx_alloc( void )
|
||||
{
|
||||
return malloc( sizeof( sha2_context ) );
|
||||
}
|
||||
|
||||
void sha256_ctx_free( void *ctx )
|
||||
{
|
||||
free( ctx );
|
||||
}
|
||||
|
||||
const md_info_t sha256_info = {
|
||||
POLARSSL_MD_SHA256,
|
||||
"SHA256",
|
||||
32,
|
||||
sha256_starts_wrap,
|
||||
sha256_update_wrap,
|
||||
sha256_finish_wrap,
|
||||
sha256_wrap,
|
||||
sha256_file_wrap,
|
||||
sha256_hmac_starts_wrap,
|
||||
sha256_hmac_update_wrap,
|
||||
sha256_hmac_finish_wrap,
|
||||
sha256_hmac_reset_wrap,
|
||||
sha256_hmac_wrap,
|
||||
sha256_ctx_alloc,
|
||||
sha256_ctx_free,
|
||||
};
|
||||
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_SHA4_C)
|
||||
|
||||
void sha384_starts_wrap( void *ctx )
|
||||
{
|
||||
sha4_starts( (sha4_context *) ctx, 1 );
|
||||
}
|
||||
|
||||
void sha384_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
|
||||
{
|
||||
sha4_update( (sha4_context *) ctx, input, ilen );
|
||||
}
|
||||
|
||||
void sha384_finish_wrap( void *ctx, unsigned char *output )
|
||||
{
|
||||
sha4_finish( (sha4_context *) ctx, output );
|
||||
}
|
||||
|
||||
void sha384_wrap( const unsigned char *input, size_t ilen,
|
||||
unsigned char *output )
|
||||
{
|
||||
sha4( input, ilen, output, 1 );
|
||||
}
|
||||
|
||||
int sha384_file_wrap( const char *path, unsigned char *output )
|
||||
{
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
return sha4_file( path, output, 1 );
|
||||
#else
|
||||
((void) path);
|
||||
((void) output);
|
||||
return POLARSSL_ERR_MD_FEATURE_UNAVAILABLE;
|
||||
#endif
|
||||
}
|
||||
|
||||
void sha384_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )
|
||||
{
|
||||
sha4_hmac_starts( (sha4_context *) ctx, key, keylen, 1 );
|
||||
}
|
||||
|
||||
void sha384_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
|
||||
{
|
||||
sha4_hmac_update( (sha4_context *) ctx, input, ilen );
|
||||
}
|
||||
|
||||
void sha384_hmac_finish_wrap( void *ctx, unsigned char *output )
|
||||
{
|
||||
sha4_hmac_finish( (sha4_context *) ctx, output );
|
||||
}
|
||||
|
||||
void sha384_hmac_reset_wrap( void *ctx )
|
||||
{
|
||||
sha4_hmac_reset( (sha4_context *) ctx );
|
||||
}
|
||||
|
||||
void sha384_hmac_wrap( const unsigned char *key, size_t keylen,
|
||||
const unsigned char *input, size_t ilen,
|
||||
unsigned char *output )
|
||||
{
|
||||
sha4_hmac( key, keylen, input, ilen, output, 1 );
|
||||
}
|
||||
|
||||
void * sha384_ctx_alloc( void )
|
||||
{
|
||||
return malloc( sizeof( sha4_context ) );
|
||||
}
|
||||
|
||||
void sha384_ctx_free( void *ctx )
|
||||
{
|
||||
free( ctx );
|
||||
}
|
||||
|
||||
const md_info_t sha384_info = {
|
||||
POLARSSL_MD_SHA384,
|
||||
"SHA384",
|
||||
48,
|
||||
sha384_starts_wrap,
|
||||
sha384_update_wrap,
|
||||
sha384_finish_wrap,
|
||||
sha384_wrap,
|
||||
sha384_file_wrap,
|
||||
sha384_hmac_starts_wrap,
|
||||
sha384_hmac_update_wrap,
|
||||
sha384_hmac_finish_wrap,
|
||||
sha384_hmac_reset_wrap,
|
||||
sha384_hmac_wrap,
|
||||
sha384_ctx_alloc,
|
||||
sha384_ctx_free,
|
||||
};
|
||||
|
||||
void sha512_starts_wrap( void *ctx )
|
||||
{
|
||||
sha4_starts( (sha4_context *) ctx, 0 );
|
||||
}
|
||||
|
||||
void sha512_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
|
||||
{
|
||||
sha4_update( (sha4_context *) ctx, input, ilen );
|
||||
}
|
||||
|
||||
void sha512_finish_wrap( void *ctx, unsigned char *output )
|
||||
{
|
||||
sha4_finish( (sha4_context *) ctx, output );
|
||||
}
|
||||
|
||||
void sha512_wrap( const unsigned char *input, size_t ilen,
|
||||
unsigned char *output )
|
||||
{
|
||||
sha4( input, ilen, output, 0 );
|
||||
}
|
||||
|
||||
int sha512_file_wrap( const char *path, unsigned char *output )
|
||||
{
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
return sha4_file( path, output, 0 );
|
||||
#else
|
||||
((void) path);
|
||||
((void) output);
|
||||
return POLARSSL_ERR_MD_FEATURE_UNAVAILABLE;
|
||||
#endif
|
||||
}
|
||||
|
||||
void sha512_hmac_starts_wrap( void *ctx, const unsigned char *key, size_t keylen )
|
||||
{
|
||||
sha4_hmac_starts( (sha4_context *) ctx, key, keylen, 0 );
|
||||
}
|
||||
|
||||
void sha512_hmac_update_wrap( void *ctx, const unsigned char *input, size_t ilen )
|
||||
{
|
||||
sha4_hmac_update( (sha4_context *) ctx, input, ilen );
|
||||
}
|
||||
|
||||
void sha512_hmac_finish_wrap( void *ctx, unsigned char *output )
|
||||
{
|
||||
sha4_hmac_finish( (sha4_context *) ctx, output );
|
||||
}
|
||||
|
||||
void sha512_hmac_reset_wrap( void *ctx )
|
||||
{
|
||||
sha4_hmac_reset( (sha4_context *) ctx );
|
||||
}
|
||||
|
||||
void sha512_hmac_wrap( const unsigned char *key, size_t keylen,
|
||||
const unsigned char *input, size_t ilen,
|
||||
unsigned char *output )
|
||||
{
|
||||
sha4_hmac( key, keylen, input, ilen, output, 0 );
|
||||
}
|
||||
|
||||
void * sha512_ctx_alloc( void )
|
||||
{
|
||||
return malloc( sizeof( sha4_context ) );
|
||||
}
|
||||
|
||||
void sha512_ctx_free( void *ctx )
|
||||
{
|
||||
free( ctx );
|
||||
}
|
||||
|
||||
const md_info_t sha512_info = {
|
||||
POLARSSL_MD_SHA512,
|
||||
"SHA512",
|
||||
64,
|
||||
sha512_starts_wrap,
|
||||
sha512_update_wrap,
|
||||
sha512_finish_wrap,
|
||||
sha512_wrap,
|
||||
sha512_file_wrap,
|
||||
sha512_hmac_starts_wrap,
|
||||
sha512_hmac_update_wrap,
|
||||
sha512_hmac_finish_wrap,
|
||||
sha512_hmac_reset_wrap,
|
||||
sha512_hmac_wrap,
|
||||
sha512_ctx_alloc,
|
||||
sha512_ctx_free,
|
||||
};
|
||||
|
||||
#endif
|
||||
|
||||
#endif
|
||||
@@ -1,64 +0,0 @@
|
||||
/**
|
||||
* \file md_wrap.h
|
||||
*
|
||||
* \brief Message digest wrappers.
|
||||
*
|
||||
* \author Adriaan de Jong <dejong@fox-it.com>
|
||||
*
|
||||
* Copyright (C) 2006-2011, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
#ifndef POLARSSL_MD_WRAP_H
|
||||
#define POLARSSL_MD_WRAP_H
|
||||
|
||||
#include "polarssl/config.h"
|
||||
#include "polarssl/md.h"
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_MD2_C)
|
||||
extern const md_info_t md2_info;
|
||||
#endif
|
||||
#if defined(POLARSSL_MD4_C)
|
||||
extern const md_info_t md4_info;
|
||||
#endif
|
||||
#if defined(POLARSSL_MD5_C)
|
||||
extern const md_info_t md5_info;
|
||||
#endif
|
||||
#if defined(POLARSSL_SHA1_C)
|
||||
extern const md_info_t sha1_info;
|
||||
#endif
|
||||
#if defined(POLARSSL_SHA2_C)
|
||||
extern const md_info_t sha224_info;
|
||||
extern const md_info_t sha256_info;
|
||||
#endif
|
||||
#if defined(POLARSSL_SHA4_C)
|
||||
extern const md_info_t sha384_info;
|
||||
extern const md_info_t sha512_info;
|
||||
#endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* POLARSSL_MD_WRAP_H */
|
||||
@@ -1,159 +0,0 @@
|
||||
/**
|
||||
* \file net.h
|
||||
*
|
||||
* \brief Network communication functions
|
||||
*
|
||||
* Copyright (C) 2006-2011, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
#ifndef POLARSSL_NET_H
|
||||
#define POLARSSL_NET_H
|
||||
|
||||
#include <string.h>
|
||||
|
||||
#define POLARSSL_ERR_NET_UNKNOWN_HOST -0x0056 /**< Failed to get an IP address for the given hostname. */
|
||||
#define POLARSSL_ERR_NET_SOCKET_FAILED -0x0042 /**< Failed to open a socket. */
|
||||
#define POLARSSL_ERR_NET_CONNECT_FAILED -0x0044 /**< The connection to the given server / port failed. */
|
||||
#define POLARSSL_ERR_NET_BIND_FAILED -0x0046 /**< Binding of the socket failed. */
|
||||
#define POLARSSL_ERR_NET_LISTEN_FAILED -0x0048 /**< Could not listen on the socket. */
|
||||
#define POLARSSL_ERR_NET_ACCEPT_FAILED -0x004A /**< Could not accept the incoming connection. */
|
||||
#define POLARSSL_ERR_NET_RECV_FAILED -0x004C /**< Reading information from the socket failed. */
|
||||
#define POLARSSL_ERR_NET_SEND_FAILED -0x004E /**< Sending information through the socket failed. */
|
||||
#define POLARSSL_ERR_NET_CONN_RESET -0x0050 /**< Connection was reset by peer. */
|
||||
#define POLARSSL_ERR_NET_WANT_READ -0x0052 /**< Connection requires a read call. */
|
||||
#define POLARSSL_ERR_NET_WANT_WRITE -0x0054 /**< Connection requires a write call. */
|
||||
|
||||
#define POLARSSL_NET_LISTEN_BACKLOG 10 /**< The backlog that listen() should use. */
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/**
|
||||
* \brief Initiate a TCP connection with host:port
|
||||
*
|
||||
* \param fd Socket to use
|
||||
* \param host Host to connect to
|
||||
* \param port Port to connect to
|
||||
*
|
||||
* \return 0 if successful, or one of:
|
||||
* POLARSSL_ERR_NET_SOCKET_FAILED,
|
||||
* POLARSSL_ERR_NET_UNKNOWN_HOST,
|
||||
* POLARSSL_ERR_NET_CONNECT_FAILED
|
||||
*/
|
||||
int net_connect( int *fd, const char *host, int port );
|
||||
|
||||
/**
|
||||
* \brief Create a listening socket on bind_ip:port.
|
||||
* If bind_ip == NULL, all interfaces are binded.
|
||||
*
|
||||
* \param fd Socket to use
|
||||
* \param bind_ip IP to bind to, can be NULL
|
||||
* \param port Port number to use
|
||||
*
|
||||
* \return 0 if successful, or one of:
|
||||
* POLARSSL_ERR_NET_SOCKET_FAILED,
|
||||
* POLARSSL_ERR_NET_BIND_FAILED,
|
||||
* POLARSSL_ERR_NET_LISTEN_FAILED
|
||||
*/
|
||||
int net_bind( int *fd, const char *bind_ip, int port );
|
||||
|
||||
/**
|
||||
* \brief Accept a connection from a remote client
|
||||
*
|
||||
* \param bind_fd Relevant socket
|
||||
* \param client_fd Will contain the connected client socket
|
||||
* \param client_ip Will contain the client IP address
|
||||
*
|
||||
* \return 0 if successful, POLARSSL_ERR_NET_ACCEPT_FAILED, or
|
||||
* POLARSSL_ERR_NET_WOULD_BLOCK is bind_fd was set to
|
||||
* non-blocking and accept() is blocking.
|
||||
*/
|
||||
int net_accept( int bind_fd, int *client_fd, void *client_ip );
|
||||
|
||||
/**
|
||||
* \brief Set the socket blocking
|
||||
*
|
||||
* \param fd Socket to set
|
||||
*
|
||||
* \return 0 if successful, or a non-zero error code
|
||||
*/
|
||||
int net_set_block( int fd );
|
||||
|
||||
/**
|
||||
* \brief Set the socket non-blocking
|
||||
*
|
||||
* \param fd Socket to set
|
||||
*
|
||||
* \return 0 if successful, or a non-zero error code
|
||||
*/
|
||||
int net_set_nonblock( int fd );
|
||||
|
||||
/**
|
||||
* \brief Portable usleep helper
|
||||
*
|
||||
* \param usec Amount of microseconds to sleep
|
||||
*
|
||||
* \note Real amount of time slept will not be less than
|
||||
* select()'s timeout granularity (typically, 10ms).
|
||||
*/
|
||||
void net_usleep( unsigned long usec );
|
||||
|
||||
/**
|
||||
* \brief Read at most 'len' characters. If no error occurs,
|
||||
* the actual amount read is returned.
|
||||
*
|
||||
* \param ctx Socket
|
||||
* \param buf The buffer to write to
|
||||
* \param len Maximum length of the buffer
|
||||
*
|
||||
* \return This function returns the number of bytes received,
|
||||
* or a non-zero error code; POLARSSL_ERR_NET_WANT_READ
|
||||
* indicates read() is blocking.
|
||||
*/
|
||||
int net_recv( void *ctx, unsigned char *buf, size_t len );
|
||||
|
||||
/**
|
||||
* \brief Write at most 'len' characters. If no error occurs,
|
||||
* the actual amount read is returned.
|
||||
*
|
||||
* \param ctx Socket
|
||||
* \param buf The buffer to read from
|
||||
* \param len The length of the buffer
|
||||
*
|
||||
* \return This function returns the number of bytes sent,
|
||||
* or a non-zero error code; POLARSSL_ERR_NET_WANT_WRITE
|
||||
* indicates write() is blocking.
|
||||
*/
|
||||
int net_send( void *ctx, const unsigned char *buf, size_t len );
|
||||
|
||||
/**
|
||||
* \brief Gracefully shutdown the connection
|
||||
*
|
||||
* \param fd The socket to close
|
||||
*/
|
||||
void net_close( int fd );
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* net.h */
|
||||
@@ -1,136 +0,0 @@
|
||||
/**
|
||||
* \file openssl.h
|
||||
*
|
||||
* \brief OpenSSL wrapper (definitions, inline functions).
|
||||
*
|
||||
* Copyright (C) 2006-2010, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
/*
|
||||
* OpenSSL wrapper contributed by David Barett
|
||||
*/
|
||||
#ifndef POLARSSL_OPENSSL_H
|
||||
#define POLARSSL_OPENSSL_H
|
||||
|
||||
#include "polarssl/aes.h"
|
||||
#include "polarssl/md5.h"
|
||||
#include "polarssl/rsa.h"
|
||||
#include "polarssl/sha1.h"
|
||||
|
||||
#define AES_SIZE 16
|
||||
#define AES_BLOCK_SIZE 16
|
||||
#define AES_KEY aes_context
|
||||
#define MD5_CTX md5_context
|
||||
#define SHA_CTX sha1_context
|
||||
|
||||
#define SHA1_Init( CTX ) \
|
||||
sha1_starts( (CTX) )
|
||||
#define SHA1_Update( CTX, BUF, LEN ) \
|
||||
sha1_update( (CTX), (unsigned char *)(BUF), (LEN) )
|
||||
#define SHA1_Final( OUT, CTX ) \
|
||||
sha1_finish( (CTX), (OUT) )
|
||||
|
||||
#define MD5_Init( CTX ) \
|
||||
md5_starts( (CTX) )
|
||||
#define MD5_Update( CTX, BUF, LEN ) \
|
||||
md5_update( (CTX), (unsigned char *)(BUF), (LEN) )
|
||||
#define MD5_Final( OUT, CTX ) \
|
||||
md5_finish( (CTX), (OUT) )
|
||||
|
||||
#define AES_set_encrypt_key( KEY, KEYSIZE, CTX ) \
|
||||
aes_setkey_enc( (CTX), (KEY), (KEYSIZE) )
|
||||
#define AES_set_decrypt_key( KEY, KEYSIZE, CTX ) \
|
||||
aes_setkey_dec( (CTX), (KEY), (KEYSIZE) )
|
||||
#define AES_cbc_encrypt( INPUT, OUTPUT, LEN, CTX, IV, MODE ) \
|
||||
aes_crypt_cbc( (CTX), (MODE), (LEN), (IV), (INPUT), (OUTPUT) )
|
||||
|
||||
/*
|
||||
* RSA stuff follows. TODO: needs cleanup
|
||||
*/
|
||||
inline int __RSA_Passthrough( void *output, void *input, int size )
|
||||
{
|
||||
memcpy( output, input, size );
|
||||
return size;
|
||||
}
|
||||
|
||||
inline rsa_context* d2i_RSA_PUBKEY( void *ignore, unsigned char **bufptr,
|
||||
int len )
|
||||
{
|
||||
unsigned char *buffer = *(unsigned char **) bufptr;
|
||||
rsa_context *rsa;
|
||||
|
||||
/*
|
||||
* Not a general-purpose parser: only parses public key from *exactly*
|
||||
* openssl genrsa -out privkey.pem 512 (or 1024)
|
||||
* openssl rsa -in privkey.pem -out privatekey.der -outform der
|
||||
* openssl rsa -in privkey.pem -out pubkey.der -outform der -pubout
|
||||
*
|
||||
* TODO: make a general-purpose parse
|
||||
*/
|
||||
if( ignore != 0 || ( len != 94 && len != 162 ) )
|
||||
return( 0 );
|
||||
|
||||
rsa = (rsa_context *) malloc( sizeof( rsa_rsa ) );
|
||||
if( rsa == NULL )
|
||||
return( 0 );
|
||||
|
||||
memset( rsa, 0, sizeof( rsa_context ) );
|
||||
|
||||
if( ( len == 94 &&
|
||||
mpi_read_binary( &rsa->N, &buffer[ 25], 64 ) == 0 &&
|
||||
mpi_read_binary( &rsa->E, &buffer[ 91], 3 ) == 0 ) ||
|
||||
( len == 162 &&
|
||||
mpi_read_binary( &rsa->N, &buffer[ 29], 128 ) == 0 ) &&
|
||||
mpi_read_binary( &rsa->E, &buffer[159], 3 ) == 0 )
|
||||
{
|
||||
/*
|
||||
* key read successfully
|
||||
*/
|
||||
rsa->len = ( mpi_msb( &rsa->N ) + 7 ) >> 3;
|
||||
return( rsa );
|
||||
}
|
||||
else
|
||||
{
|
||||
memset( rsa, 0, sizeof( rsa_context ) );
|
||||
free( rsa );
|
||||
return( 0 );
|
||||
}
|
||||
}
|
||||
|
||||
#define RSA rsa_context
|
||||
#define RSA_PKCS1_PADDING 1 /* ignored; always encrypt with this */
|
||||
#define RSA_size( CTX ) (CTX)->len
|
||||
#define RSA_free( CTX ) rsa_free( CTX )
|
||||
#define ERR_get_error( ) "ERR_get_error() not supported"
|
||||
#define RSA_blinding_off( IGNORE )
|
||||
|
||||
#define d2i_RSAPrivateKey( a, b, c ) new rsa_context /* TODO: C++ bleh */
|
||||
|
||||
inline int RSA_public_decrypt ( int size, unsigned char* input, unsigned char* output, RSA* key, int ignore ) { int outsize=size; if( !rsa_pkcs1_decrypt( key, RSA_PUBLIC, &outsize, input, output ) ) return outsize; else return -1; }
|
||||
inline int RSA_private_decrypt( int size, unsigned char* input, unsigned char* output, RSA* key, int ignore ) { int outsize=size; if( !rsa_pkcs1_decrypt( key, RSA_PRIVATE, &outsize, input, output ) ) return outsize; else return -1; }
|
||||
inline int RSA_public_encrypt ( int size, unsigned char* input, unsigned char* output, RSA* key, int ignore ) { if( !rsa_pkcs1_encrypt( key, RSA_PUBLIC, size, input, output ) ) return RSA_size(key); else return -1; }
|
||||
inline int RSA_private_encrypt( int size, unsigned char* input, unsigned char* output, RSA* key, int ignore ) { if( !rsa_pkcs1_encrypt( key, RSA_PRIVATE, size, input, output ) ) return RSA_size(key); else return -1; }
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* openssl.h */
|
||||
@@ -1,162 +0,0 @@
|
||||
/*
|
||||
* VIA PadLock support functions
|
||||
*
|
||||
* Copyright (C) 2006-2010, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
/*
|
||||
* This implementation is based on the VIA PadLock Programming Guide:
|
||||
*
|
||||
* http://www.via.com.tw/en/downloads/whitepapers/initiatives/padlock/
|
||||
* programming_guide.pdf
|
||||
*/
|
||||
|
||||
#include "polarssl/config.h"
|
||||
|
||||
#if defined(POLARSSL_PADLOCK_C)
|
||||
|
||||
#include "polarssl/padlock.h"
|
||||
|
||||
#if defined(POLARSSL_HAVE_X86)
|
||||
|
||||
/*
|
||||
* PadLock detection routine
|
||||
*/
|
||||
int padlock_supports( int feature )
|
||||
{
|
||||
static int flags = -1;
|
||||
int ebx, edx;
|
||||
|
||||
if( flags == -1 )
|
||||
{
|
||||
__asm__( "movl %%ebx, %0 \n" \
|
||||
"movl $0xC0000000, %%eax \n" \
|
||||
"cpuid \n" \
|
||||
"cmpl $0xC0000001, %%eax \n" \
|
||||
"movl $0, %%edx \n" \
|
||||
"jb unsupported \n" \
|
||||
"movl $0xC0000001, %%eax \n" \
|
||||
"cpuid \n" \
|
||||
"unsupported: \n" \
|
||||
"movl %%edx, %1 \n" \
|
||||
"movl %2, %%ebx \n"
|
||||
: "=m" (ebx), "=m" (edx)
|
||||
: "m" (ebx)
|
||||
: "eax", "ecx", "edx" );
|
||||
|
||||
flags = edx;
|
||||
}
|
||||
|
||||
return( flags & feature );
|
||||
}
|
||||
|
||||
/*
|
||||
* PadLock AES-ECB block en(de)cryption
|
||||
*/
|
||||
int padlock_xcryptecb( aes_context *ctx,
|
||||
int mode,
|
||||
const unsigned char input[16],
|
||||
unsigned char output[16] )
|
||||
{
|
||||
int ebx;
|
||||
uint32_t *rk;
|
||||
uint32_t *blk;
|
||||
uint32_t *ctrl;
|
||||
unsigned char buf[256];
|
||||
|
||||
rk = ctx->rk;
|
||||
blk = PADLOCK_ALIGN16( buf );
|
||||
memcpy( blk, input, 16 );
|
||||
|
||||
ctrl = blk + 4;
|
||||
*ctrl = 0x80 | ctx->nr | ( ( ctx->nr + ( mode^1 ) - 10 ) << 9 );
|
||||
|
||||
__asm__( "pushfl; popfl \n" \
|
||||
"movl %%ebx, %0 \n" \
|
||||
"movl $1, %%ecx \n" \
|
||||
"movl %2, %%edx \n" \
|
||||
"movl %3, %%ebx \n" \
|
||||
"movl %4, %%esi \n" \
|
||||
"movl %4, %%edi \n" \
|
||||
".byte 0xf3,0x0f,0xa7,0xc8\n" \
|
||||
"movl %1, %%ebx \n"
|
||||
: "=m" (ebx)
|
||||
: "m" (ebx), "m" (ctrl), "m" (rk), "m" (blk)
|
||||
: "ecx", "edx", "esi", "edi" );
|
||||
|
||||
memcpy( output, blk, 16 );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
/*
|
||||
* PadLock AES-CBC buffer en(de)cryption
|
||||
*/
|
||||
int padlock_xcryptcbc( aes_context *ctx,
|
||||
int mode,
|
||||
size_t length,
|
||||
unsigned char iv[16],
|
||||
const unsigned char *input,
|
||||
unsigned char *output )
|
||||
{
|
||||
int ebx;
|
||||
size_t count;
|
||||
uint32_t *rk;
|
||||
uint32_t *iw;
|
||||
uint32_t *ctrl;
|
||||
unsigned char buf[256];
|
||||
|
||||
if( ( (long) input & 15 ) != 0 ||
|
||||
( (long) output & 15 ) != 0 )
|
||||
return( POLARSSL_ERR_PADLOCK_DATA_MISALIGNED );
|
||||
|
||||
rk = ctx->rk;
|
||||
iw = PADLOCK_ALIGN16( buf );
|
||||
memcpy( iw, iv, 16 );
|
||||
|
||||
ctrl = iw + 4;
|
||||
*ctrl = 0x80 | ctx->nr | ( ( ctx->nr + (mode^1) - 10 ) << 9 );
|
||||
|
||||
count = (length + 15) >> 4;
|
||||
|
||||
__asm__( "pushfl; popfl \n" \
|
||||
"movl %%ebx, %0 \n" \
|
||||
"movl %2, %%ecx \n" \
|
||||
"movl %3, %%edx \n" \
|
||||
"movl %4, %%ebx \n" \
|
||||
"movl %5, %%esi \n" \
|
||||
"movl %6, %%edi \n" \
|
||||
"movl %7, %%eax \n" \
|
||||
".byte 0xf3,0x0f,0xa7,0xd0\n" \
|
||||
"movl %1, %%ebx \n"
|
||||
: "=m" (ebx)
|
||||
: "m" (ebx), "m" (count), "m" (ctrl),
|
||||
"m" (rk), "m" (input), "m" (output), "m" (iw)
|
||||
: "eax", "ecx", "edx", "esi", "edi" );
|
||||
|
||||
memcpy( iv, iw, 16 );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
#endif
|
||||
|
||||
#endif
|
||||
@@ -1,108 +0,0 @@
|
||||
/**
|
||||
* \file padlock.h
|
||||
*
|
||||
* \brief VIA PadLock ACE for HW encryption/decryption supported by some processors
|
||||
*
|
||||
* Copyright (C) 2006-2010, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
#ifndef POLARSSL_PADLOCK_H
|
||||
#define POLARSSL_PADLOCK_H
|
||||
|
||||
#include "polarssl/aes.h"
|
||||
|
||||
#define POLARSSL_ERR_PADLOCK_DATA_MISALIGNED -0x0030 /**< Input data should be aligned. */
|
||||
|
||||
#if defined(POLARSSL_HAVE_ASM) && defined(__GNUC__) && defined(__i386__)
|
||||
|
||||
#ifndef POLARSSL_HAVE_X86
|
||||
#define POLARSSL_HAVE_X86
|
||||
#endif
|
||||
|
||||
#ifdef _MSC_VER
|
||||
#include <basetsd.h>
|
||||
typedef INT32 int32_t;
|
||||
#else
|
||||
#include <inttypes.h>
|
||||
#endif
|
||||
|
||||
|
||||
#define PADLOCK_RNG 0x000C
|
||||
#define PADLOCK_ACE 0x00C0
|
||||
#define PADLOCK_PHE 0x0C00
|
||||
#define PADLOCK_PMM 0x3000
|
||||
|
||||
#define PADLOCK_ALIGN16(x) (uint32_t *) (16 + ((int32_t) x & ~15))
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/**
|
||||
* \brief PadLock detection routine
|
||||
*
|
||||
* \param The feature to detect
|
||||
*
|
||||
* \return 1 if CPU has support for the feature, 0 otherwise
|
||||
*/
|
||||
int padlock_supports( int feature );
|
||||
|
||||
/**
|
||||
* \brief PadLock AES-ECB block en(de)cryption
|
||||
*
|
||||
* \param ctx AES context
|
||||
* \param mode AES_ENCRYPT or AES_DECRYPT
|
||||
* \param input 16-byte input block
|
||||
* \param output 16-byte output block
|
||||
*
|
||||
* \return 0 if success, 1 if operation failed
|
||||
*/
|
||||
int padlock_xcryptecb( aes_context *ctx,
|
||||
int mode,
|
||||
const unsigned char input[16],
|
||||
unsigned char output[16] );
|
||||
|
||||
/**
|
||||
* \brief PadLock AES-CBC buffer en(de)cryption
|
||||
*
|
||||
* \param ctx AES context
|
||||
* \param mode AES_ENCRYPT or AES_DECRYPT
|
||||
* \param length length of the input data
|
||||
* \param iv initialization vector (updated after use)
|
||||
* \param input buffer holding the input data
|
||||
* \param output buffer holding the output data
|
||||
*
|
||||
* \return 0 if success, 1 if operation failed
|
||||
*/
|
||||
int padlock_xcryptcbc( aes_context *ctx,
|
||||
int mode,
|
||||
size_t length,
|
||||
unsigned char iv[16],
|
||||
const unsigned char *input,
|
||||
unsigned char *output );
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* HAVE_X86 */
|
||||
|
||||
#endif /* padlock.h */
|
||||
@@ -1,82 +0,0 @@
|
||||
/**
|
||||
* \file pbkdf2.h
|
||||
*
|
||||
* \brief Password-Based Key Derivation Function 2 (from PKCS#5)
|
||||
* DEPRECATED: use pkcs5.h instead.
|
||||
*
|
||||
* \author Mathias Olsson <mathias@kompetensum.com>
|
||||
*
|
||||
* Copyright (C) 2006-2012, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
#ifndef POLARSSL_PBKDF2_H
|
||||
#define POLARSSL_PBKDF2_H
|
||||
|
||||
#include <string.h>
|
||||
|
||||
#include "polarssl/md.h"
|
||||
|
||||
#ifdef _MSC_VER
|
||||
#include <basetsd.h>
|
||||
typedef UINT32 uint32_t;
|
||||
#else
|
||||
#include <inttypes.h>
|
||||
#endif
|
||||
|
||||
#define POLARSSL_ERR_PBKDF2_BAD_INPUT_DATA -0x007C /**< Bad input parameters to function. */
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/**
|
||||
* \brief PKCS#5 PBKDF2 using HMAC
|
||||
* DEPRECATED: Use pkcs5_pbkdf2_hmac() instead!
|
||||
*
|
||||
* \param ctx Generic HMAC context
|
||||
* \param password Password to use when generating key
|
||||
* \param plen Length of password
|
||||
* \param salt Salt to use when generating key
|
||||
* \param slen Length of salt
|
||||
* \param iteration_count Iteration count
|
||||
* \param key_length Length of generated key
|
||||
* \param output Generated key. Must be at least as big as key_length
|
||||
*
|
||||
* \returns 0 on success, or a PolarSSL error code if verification fails.
|
||||
*/
|
||||
int pbkdf2_hmac( md_context_t *ctx, const unsigned char *password,
|
||||
size_t plen, const unsigned char *salt, size_t slen,
|
||||
unsigned int iteration_count,
|
||||
uint32_t key_length, unsigned char *output );
|
||||
|
||||
/**
|
||||
* \brief Checkup routine
|
||||
* DEPRECATED: Use pkcs5_self_test() instead!
|
||||
*
|
||||
* \return 0 if successful, or 1 if the test failed
|
||||
*/
|
||||
int pbkdf2_self_test( int verbose );
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* pbkdf2.h */
|
||||
@@ -1,105 +0,0 @@
|
||||
/**
|
||||
* \file pem.h
|
||||
*
|
||||
* \brief Privacy Enhanced Mail (PEM) decoding
|
||||
*
|
||||
* Copyright (C) 2006-2013, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
#ifndef POLARSSL_PEM_H
|
||||
#define POLARSSL_PEM_H
|
||||
|
||||
#include <string.h>
|
||||
|
||||
/**
|
||||
* \name PEM Error codes
|
||||
* These error codes are returned in case of errors reading the
|
||||
* PEM data.
|
||||
* \{
|
||||
*/
|
||||
#define POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT -0x1080 /**< No PEM header or footer found. */
|
||||
#define POLARSSL_ERR_PEM_INVALID_DATA -0x1100 /**< PEM string is not as expected. */
|
||||
#define POLARSSL_ERR_PEM_MALLOC_FAILED -0x1180 /**< Failed to allocate memory. */
|
||||
#define POLARSSL_ERR_PEM_INVALID_ENC_IV -0x1200 /**< RSA IV is not in hex-format. */
|
||||
#define POLARSSL_ERR_PEM_UNKNOWN_ENC_ALG -0x1280 /**< Unsupported key encryption algorithm. */
|
||||
#define POLARSSL_ERR_PEM_PASSWORD_REQUIRED -0x1300 /**< Private key password can't be empty. */
|
||||
#define POLARSSL_ERR_PEM_PASSWORD_MISMATCH -0x1380 /**< Given private key password does not allow for correct decryption. */
|
||||
#define POLARSSL_ERR_PEM_FEATURE_UNAVAILABLE -0x1400 /**< Unavailable feature, e.g. hashing/encryption combination. */
|
||||
#define POLARSSL_ERR_PEM_BAD_INPUT_DATA -0x1480 /**< Bad input parameters to function. */
|
||||
/* \} name */
|
||||
|
||||
/**
|
||||
* \brief PEM context structure
|
||||
*/
|
||||
typedef struct
|
||||
{
|
||||
unsigned char *buf; /*!< buffer for decoded data */
|
||||
size_t buflen; /*!< length of the buffer */
|
||||
unsigned char *info; /*!< buffer for extra header information */
|
||||
}
|
||||
pem_context;
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/**
|
||||
* \brief PEM context setup
|
||||
*
|
||||
* \param ctx context to be initialized
|
||||
*/
|
||||
void pem_init( pem_context *ctx );
|
||||
|
||||
/**
|
||||
* \brief Read a buffer for PEM information and store the resulting
|
||||
* data into the specified context buffers.
|
||||
*
|
||||
* \param ctx context to use
|
||||
* \param header header string to seek and expect
|
||||
* \param footer footer string to seek and expect
|
||||
* \param data source data to look in
|
||||
* \param pwd password for decryption (can be NULL)
|
||||
* \param pwdlen length of password
|
||||
* \param use_len destination for total length used (set after header is
|
||||
* correctly read, so unless you get
|
||||
* POLARSSL_ERR_PEM_BAD_INPUT_DATA or
|
||||
* POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT, use_len is
|
||||
* the length to skip)
|
||||
*
|
||||
* \return 0 on success, ior a specific PEM error code
|
||||
*/
|
||||
int pem_read_buffer( pem_context *ctx, char *header, char *footer,
|
||||
const unsigned char *data,
|
||||
const unsigned char *pwd,
|
||||
size_t pwdlen, size_t *use_len );
|
||||
|
||||
/**
|
||||
* \brief PEM context memory freeing
|
||||
*
|
||||
* \param ctx context to be freed
|
||||
*/
|
||||
void pem_free( pem_context *ctx );
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* pem.h */
|
||||
@@ -1,161 +0,0 @@
|
||||
/**
|
||||
* \file pkcs11.h
|
||||
*
|
||||
* \brief Wrapper for PKCS#11 library libpkcs11-helper
|
||||
*
|
||||
* \author Adriaan de Jong <dejong@fox-it.com>
|
||||
*
|
||||
* Copyright (C) 2006-2011, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
#ifndef POLARSSL_PKCS11_H
|
||||
#define POLARSSL_PKCS11_H
|
||||
|
||||
#include "polarssl/config.h"
|
||||
|
||||
#if defined(POLARSSL_PKCS11_C)
|
||||
|
||||
#include "polarssl/x509.h"
|
||||
|
||||
#include <pkcs11-helper-1.0/pkcs11h-certificate.h>
|
||||
|
||||
#if defined(_MSC_VER) && !defined(inline)
|
||||
#define inline _inline
|
||||
#else
|
||||
#if defined(__ARMCC_VERSION) && !defined(inline)
|
||||
#define inline __inline
|
||||
#endif /* __ARMCC_VERSION */
|
||||
#endif /*_MSC_VER */
|
||||
|
||||
/**
|
||||
* Context for PKCS #11 private keys.
|
||||
*/
|
||||
typedef struct {
|
||||
pkcs11h_certificate_t pkcs11h_cert;
|
||||
int len;
|
||||
} pkcs11_context;
|
||||
|
||||
/**
|
||||
* Fill in a PolarSSL certificate, based on the given PKCS11 helper certificate.
|
||||
*
|
||||
* \param cert X.509 certificate to fill
|
||||
* \param pkcs11h_cert PKCS #11 helper certificate
|
||||
*
|
||||
* \return 0 on success.
|
||||
*/
|
||||
int pkcs11_x509_cert_init( x509_cert *cert, pkcs11h_certificate_t pkcs11h_cert );
|
||||
|
||||
/**
|
||||
* Initialise a pkcs11_context, storing the given certificate. Note that the
|
||||
* pkcs11_context will take over control of the certificate, freeing it when
|
||||
* done.
|
||||
*
|
||||
* \param priv_key Private key structure to fill.
|
||||
* \param pkcs11_cert PKCS #11 helper certificate
|
||||
*
|
||||
* \return 0 on success
|
||||
*/
|
||||
int pkcs11_priv_key_init( pkcs11_context *priv_key,
|
||||
pkcs11h_certificate_t pkcs11_cert );
|
||||
|
||||
/**
|
||||
* Free the contents of the given private key context. Note that the structure
|
||||
* itself is not freed.
|
||||
*
|
||||
* \param priv_key Private key structure to cleanup
|
||||
*/
|
||||
void pkcs11_priv_key_free( pkcs11_context *priv_key );
|
||||
|
||||
/**
|
||||
* \brief Do an RSA private key decrypt, then remove the message padding
|
||||
*
|
||||
* \param ctx PKCS #11 context
|
||||
* \param mode must be RSA_PRIVATE, for compatibility with rsa.c's signature
|
||||
* \param input buffer holding the encrypted data
|
||||
* \param output buffer that will hold the plaintext
|
||||
* \param olen will contain the plaintext length
|
||||
* \param output_max_len maximum length of the output buffer
|
||||
*
|
||||
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
|
||||
*
|
||||
* \note The output buffer must be as large as the size
|
||||
* of ctx->N (eg. 128 bytes if RSA-1024 is used) otherwise
|
||||
* an error is thrown.
|
||||
*/
|
||||
int pkcs11_decrypt( pkcs11_context *ctx,
|
||||
int mode, size_t *olen,
|
||||
const unsigned char *input,
|
||||
unsigned char *output,
|
||||
size_t output_max_len );
|
||||
|
||||
/**
|
||||
* \brief Do a private RSA to sign a message digest
|
||||
*
|
||||
* \param ctx PKCS #11 context
|
||||
* \param mode must be RSA_PRIVATE, for compatibility with rsa.c's signature
|
||||
* \param hash_id SIG_RSA_RAW, SIG_RSA_MD{2,4,5} or SIG_RSA_SHA{1,224,256,384,512}
|
||||
* \param hashlen message digest length (for SIG_RSA_RAW only)
|
||||
* \param hash buffer holding the message digest
|
||||
* \param sig buffer that will hold the ciphertext
|
||||
*
|
||||
* \return 0 if the signing operation was successful,
|
||||
* or an POLARSSL_ERR_RSA_XXX error code
|
||||
*
|
||||
* \note The "sig" buffer must be as large as the size
|
||||
* of ctx->N (eg. 128 bytes if RSA-1024 is used).
|
||||
*/
|
||||
int pkcs11_sign( pkcs11_context *ctx,
|
||||
int mode,
|
||||
int hash_id,
|
||||
unsigned int hashlen,
|
||||
const unsigned char *hash,
|
||||
unsigned char *sig );
|
||||
|
||||
/**
|
||||
* SSL/TLS wrappers for PKCS#11 functions
|
||||
*/
|
||||
static inline int ssl_pkcs11_decrypt( void *ctx, int mode, size_t *olen,
|
||||
const unsigned char *input, unsigned char *output,
|
||||
size_t output_max_len )
|
||||
{
|
||||
return pkcs11_decrypt( (pkcs11_context *) ctx, mode, olen, input, output,
|
||||
output_max_len );
|
||||
}
|
||||
|
||||
static inline int ssl_pkcs11_sign( void *ctx,
|
||||
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
|
||||
int mode, int hash_id, unsigned int hashlen,
|
||||
const unsigned char *hash, unsigned char *sig )
|
||||
{
|
||||
((void) f_rng);
|
||||
((void) p_rng);
|
||||
return pkcs11_sign( (pkcs11_context *) ctx, mode, hash_id,
|
||||
hashlen, hash, sig );
|
||||
}
|
||||
|
||||
static inline size_t ssl_pkcs11_key_len( void *ctx )
|
||||
{
|
||||
return ( (pkcs11_context *) ctx )->len;
|
||||
}
|
||||
|
||||
#endif /* POLARSSL_PKCS11_C */
|
||||
|
||||
#endif /* POLARSSL_PKCS11_H */
|
||||
@@ -1,131 +0,0 @@
|
||||
/**
|
||||
* \file pkcs12.h
|
||||
*
|
||||
* \brief PKCS#12 Personal Information Exchange Syntax
|
||||
*
|
||||
* Copyright (C) 2006-2013, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
#ifndef POLARSSL_PKCS12_H
|
||||
#define POLARSSL_PKCS12_H
|
||||
|
||||
#include <string.h>
|
||||
|
||||
#include "polarssl/md.h"
|
||||
#include "polarssl/cipher.h"
|
||||
#include "polarssl/asn1.h"
|
||||
|
||||
#define POLARSSL_ERR_PKCS12_BAD_INPUT_DATA -0x1F80 /**< Bad input parameters to function. */
|
||||
#define POLARSSL_ERR_PKCS12_FEATURE_UNAVAILABLE -0x1F00 /**< Feature not available, e.g. unsupported encryption scheme. */
|
||||
#define POLARSSL_ERR_PKCS12_PBE_INVALID_FORMAT -0x1E80 /**< PBE ASN.1 data not as expected. */
|
||||
#define POLARSSL_ERR_PKCS12_PASSWORD_MISMATCH -0x1E00 /**< Given private key password does not allow for correct decryption. */
|
||||
|
||||
#define PKCS12_DERIVE_KEY 1 /*< encryption/decryption key */
|
||||
#define PKCS12_DERIVE_IV 2 /*< initialization vector */
|
||||
#define PKCS12_DERIVE_MAC_KEY 3 /*< integrity / MAC key */
|
||||
|
||||
#define PKCS12_PBE_DECRYPT 0
|
||||
#define PKCS12_PBE_ENCRYPT 1
|
||||
|
||||
/*
|
||||
* PKCS#12 PBE types
|
||||
*/
|
||||
#define OID_PKCS12 "\x2a\x86\x48\x86\xf7\x0d\x01\x0c"
|
||||
#define OID_PKCS12_PBE_SHA1_RC4_128 OID_PKCS12 "\x01\x01"
|
||||
#define OID_PKCS12_PBE_SHA1_DES3_EDE_CBC OID_PKCS12 "\x01\x03"
|
||||
#define OID_PKCS12_PBE_SHA1_DES2_EDE_CBC OID_PKCS12 "\x01\x04"
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/**
|
||||
* \brief PKCS12 Password Based function (encryption / decryption)
|
||||
* for pbeWithSHAAnd128BitRC4
|
||||
*
|
||||
* \param pbe_params an ASN1 buffer containing the pkcs-12PbeParams structure
|
||||
* \param mode either PKCS12_PBE_ENCRYPT or PKCS12_PBE_DECRYPT
|
||||
* \param pwd the password used (may be NULL if no password is used)
|
||||
* \param pwdlen length of the password (may be 0)
|
||||
* \param input the input data
|
||||
* \param len data length
|
||||
* \param output the output buffer
|
||||
*
|
||||
* \return 0 if successful, or a PolarSSL error code
|
||||
*/
|
||||
int pkcs12_pbe_sha1_rc4_128( asn1_buf *pbe_params, int mode,
|
||||
const unsigned char *pwd, size_t pwdlen,
|
||||
const unsigned char *input, size_t len,
|
||||
unsigned char *output );
|
||||
|
||||
/**
|
||||
* \brief PKCS12 Password Based function (encryption / decryption)
|
||||
* for cipher-based and md-based PBE's
|
||||
*
|
||||
* \param pbe_params an ASN1 buffer containing the pkcs-12PbeParams structure
|
||||
* \param mode either PKCS12_PBE_ENCRYPT or PKCS12_PBE_DECRYPT
|
||||
* \param cipher_type the cipher used
|
||||
* \param md_type the md used
|
||||
* \param pwd the password used (may be NULL if no password is used)
|
||||
* \param pwdlen length of the password (may be 0)
|
||||
* \param input the input data
|
||||
* \param len data length
|
||||
* \param output the output buffer
|
||||
*
|
||||
* \return 0 if successful, or a PolarSSL error code
|
||||
*/
|
||||
int pkcs12_pbe( asn1_buf *pbe_params, int mode,
|
||||
cipher_type_t cipher_type, md_type_t md_type,
|
||||
const unsigned char *pwd, size_t pwdlen,
|
||||
const unsigned char *input, size_t len,
|
||||
unsigned char *output );
|
||||
|
||||
/**
|
||||
* \brief The PKCS#12 derivation function uses a password and a salt
|
||||
* to produce pseudo-random bits for a particular "purpose".
|
||||
*
|
||||
* Depending on the given id, this function can produce an
|
||||
* encryption/decryption key, an nitialization vector or an
|
||||
* integrity key.
|
||||
*
|
||||
* \param data buffer to store the derived data in
|
||||
* \param datalen length to fill
|
||||
* \param pwd password to use (may be NULL if no password is used)
|
||||
* \param pwdlen length of the password (may be 0)
|
||||
* \param salt salt buffer to use
|
||||
* \param saltlen length of the salt
|
||||
* \param md md type to use during the derivation
|
||||
* \param id id that describes the purpose (can be PKCS12_DERIVE_KEY,
|
||||
* PKCS12_DERIVE_IV or PKCS12_DERIVE_MAC_KEY)
|
||||
* \param iterations number of iterations
|
||||
*
|
||||
* \return 0 if successful, or a MD, BIGNUM type error.
|
||||
*/
|
||||
int pkcs12_derivation( unsigned char *data, size_t datalen,
|
||||
const unsigned char *pwd, size_t pwdlen,
|
||||
const unsigned char *salt, size_t saltlen,
|
||||
md_type_t md, int id, int iterations );
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* pkcs12.h */
|
||||
@@ -1,122 +0,0 @@
|
||||
/**
|
||||
* \file pkcs#5.h
|
||||
*
|
||||
* \brief PKCS#5 functions
|
||||
*
|
||||
* \author Mathias Olsson <mathias@kompetensum.com>
|
||||
*
|
||||
* Copyright (C) 2006-2013, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
#ifndef POLARSSL_PKCS5_H
|
||||
#define POLARSSL_PKCS5_H
|
||||
|
||||
#include <string.h>
|
||||
|
||||
#include "polarssl/asn1.h"
|
||||
#include "polarssl/md.h"
|
||||
|
||||
#ifdef _MSC_VER
|
||||
#include <basetsd.h>
|
||||
typedef UINT32 uint32_t;
|
||||
#else
|
||||
#include <inttypes.h>
|
||||
#endif
|
||||
|
||||
#define POLARSSL_ERR_PKCS5_BAD_INPUT_DATA -0x3f80 /**< Bad input parameters to function. */
|
||||
#define POLARSSL_ERR_PKCS5_INVALID_FORMAT -0x3f00 /**< Unexpected ASN.1 data. */
|
||||
#define POLARSSL_ERR_PKCS5_FEATURE_UNAVAILABLE -0x3e80 /**< Requested encryption or digest alg not available. */
|
||||
#define POLARSSL_ERR_PKCS5_PASSWORD_MISMATCH -0x3e00 /**< Given private key password does not allow for correct decryption. */
|
||||
|
||||
#define PKCS5_DECRYPT 0
|
||||
#define PKCS5_ENCRYPT 1
|
||||
|
||||
/*
|
||||
* PKCS#5 OIDs
|
||||
*/
|
||||
#define OID_PKCS5 "\x2a\x86\x48\x86\xf7\x0d\x01\x05"
|
||||
#define OID_PKCS5_PBES2 OID_PKCS5 "\x0d"
|
||||
#define OID_PKCS5_PBKDF2 OID_PKCS5 "\x0c"
|
||||
|
||||
/*
|
||||
* Encryption Algorithm OIDs
|
||||
*/
|
||||
#define OID_DES_CBC "\x2b\x0e\x03\x02\x07"
|
||||
#define OID_DES_EDE3_CBC "\x2a\x86\x48\x86\xf7\x0d\x03\x07"
|
||||
|
||||
/*
|
||||
* Digest Algorithm OIDs
|
||||
*/
|
||||
#define OID_HMAC_SHA1 "\x2a\x86\x48\x86\xf7\x0d\x02\x07"
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/**
|
||||
* \brief PKCS#5 PBES2 function
|
||||
*
|
||||
* \param pbe_params the ASN.1 algorithm parameters
|
||||
* \param mode either PKCS5_DECRYPT or PKCS5_ENCRYPT
|
||||
* \param pwd password to use when generating key
|
||||
* \param plen length of password
|
||||
* \param data data to process
|
||||
* \param datalen length of data
|
||||
* \param output output buffer
|
||||
*
|
||||
* \returns 0 on success, or a PolarSSL error code if verification fails.
|
||||
*/
|
||||
int pkcs5_pbes2( asn1_buf *pbe_params, int mode,
|
||||
const unsigned char *pwd, size_t pwdlen,
|
||||
const unsigned char *data, size_t datalen,
|
||||
unsigned char *output );
|
||||
|
||||
/**
|
||||
* \brief PKCS#5 PBKDF2 using HMAC
|
||||
*
|
||||
* \param ctx Generic HMAC context
|
||||
* \param password Password to use when generating key
|
||||
* \param plen Length of password
|
||||
* \param salt Salt to use when generating key
|
||||
* \param slen Length of salt
|
||||
* \param iteration_count Iteration count
|
||||
* \param key_length Length of generated key
|
||||
* \param output Generated key. Must be at least as big as key_length
|
||||
*
|
||||
* \returns 0 on success, or a PolarSSL error code if verification fails.
|
||||
*/
|
||||
int pkcs5_pbkdf2_hmac( md_context_t *ctx, const unsigned char *password,
|
||||
size_t plen, const unsigned char *salt, size_t slen,
|
||||
unsigned int iteration_count,
|
||||
uint32_t key_length, unsigned char *output );
|
||||
|
||||
/**
|
||||
* \brief Checkup routine
|
||||
*
|
||||
* \return 0 if successful, or 1 if the test failed
|
||||
*/
|
||||
int pkcs5_self_test( int verbose );
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* pkcs5.h */
|
||||
@@ -1012,7 +1012,7 @@ int rsa_rsassa_pss_verify( rsa_context *ctx,
|
||||
int hash_id,
|
||||
unsigned int hashlen,
|
||||
const unsigned char *hash,
|
||||
unsigned char *sig )
|
||||
const unsigned char *sig )
|
||||
{
|
||||
int ret;
|
||||
size_t siglen;
|
||||
@@ -1143,7 +1143,7 @@ int rsa_rsassa_pkcs1_v15_verify( rsa_context *ctx,
|
||||
int hash_id,
|
||||
unsigned int hashlen,
|
||||
const unsigned char *hash,
|
||||
unsigned char *sig )
|
||||
const unsigned char *sig )
|
||||
{
|
||||
int ret;
|
||||
size_t len, siglen;
|
||||
@@ -1251,7 +1251,7 @@ int rsa_pkcs1_verify( rsa_context *ctx,
|
||||
int hash_id,
|
||||
unsigned int hashlen,
|
||||
const unsigned char *hash,
|
||||
unsigned char *sig )
|
||||
const unsigned char *sig )
|
||||
{
|
||||
switch( ctx->padding )
|
||||
{
|
||||
|
||||
@@ -521,7 +521,7 @@ int rsa_pkcs1_verify( rsa_context *ctx,
|
||||
int hash_id,
|
||||
unsigned int hashlen,
|
||||
const unsigned char *hash,
|
||||
unsigned char *sig );
|
||||
const unsigned char *sig );
|
||||
|
||||
/**
|
||||
* \brief Perform a PKCS#1 v1.5 verification (RSASSA-PKCS1-v1_5-VERIFY)
|
||||
@@ -544,7 +544,7 @@ int rsa_rsassa_pkcs1_v15_verify( rsa_context *ctx,
|
||||
int hash_id,
|
||||
unsigned int hashlen,
|
||||
const unsigned char *hash,
|
||||
unsigned char *sig );
|
||||
const unsigned char *sig );
|
||||
|
||||
/**
|
||||
* \brief Perform a PKCS#1 v2.1 PSS verification (RSASSA-PSS-VERIFY)
|
||||
@@ -574,7 +574,7 @@ int rsa_rsassa_pss_verify( rsa_context *ctx,
|
||||
int hash_id,
|
||||
unsigned int hashlen,
|
||||
const unsigned char *hash,
|
||||
unsigned char *sig );
|
||||
const unsigned char *sig );
|
||||
|
||||
/**
|
||||
* \brief Free the components of an RSA key
|
||||
|
||||
@@ -40,7 +40,6 @@ typedef UINT32 uint32_t;
|
||||
|
||||
#define POLARSSL_ERR_SHA2_FILE_IO_ERROR -0x0078 /**< Read/write error in file. */
|
||||
|
||||
#if !defined(POLARSSL_SHA2_ALT)
|
||||
// Regular implementation
|
||||
//
|
||||
|
||||
@@ -95,10 +94,6 @@ void sha2_process( sha2_context *ctx, const unsigned char data[64] );
|
||||
}
|
||||
#endif
|
||||
|
||||
#else /* POLARSSL_SHA2_ALT */
|
||||
#include "polarssl/sha2_alt.h"
|
||||
#endif /* POLARSSL_SHA2_ALT */
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
@@ -1,760 +0,0 @@
|
||||
/*
|
||||
* FIPS-180-2 compliant SHA-384/512 implementation
|
||||
*
|
||||
* Copyright (C) 2006-2013, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
/*
|
||||
* The SHA-512 Secure Hash Standard was published by NIST in 2002.
|
||||
*
|
||||
* http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf
|
||||
*/
|
||||
|
||||
#include "polarssl/config.h"
|
||||
|
||||
#if defined(POLARSSL_SHA4_C)
|
||||
|
||||
#include "polarssl/sha4.h"
|
||||
|
||||
#if defined(POLARSSL_FS_IO) || defined(POLARSSL_SELF_TEST)
|
||||
#include <stdio.h>
|
||||
#endif
|
||||
|
||||
#if !defined(POLARSSL_SHA4_ALT)
|
||||
|
||||
/*
|
||||
* 64-bit integer manipulation macros (big endian)
|
||||
*/
|
||||
#ifndef GET_UINT64_BE
|
||||
#define GET_UINT64_BE(n,b,i) \
|
||||
{ \
|
||||
(n) = ( (uint64_t) (b)[(i) ] << 56 ) \
|
||||
| ( (uint64_t) (b)[(i) + 1] << 48 ) \
|
||||
| ( (uint64_t) (b)[(i) + 2] << 40 ) \
|
||||
| ( (uint64_t) (b)[(i) + 3] << 32 ) \
|
||||
| ( (uint64_t) (b)[(i) + 4] << 24 ) \
|
||||
| ( (uint64_t) (b)[(i) + 5] << 16 ) \
|
||||
| ( (uint64_t) (b)[(i) + 6] << 8 ) \
|
||||
| ( (uint64_t) (b)[(i) + 7] ); \
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifndef PUT_UINT64_BE
|
||||
#define PUT_UINT64_BE(n,b,i) \
|
||||
{ \
|
||||
(b)[(i) ] = (unsigned char) ( (n) >> 56 ); \
|
||||
(b)[(i) + 1] = (unsigned char) ( (n) >> 48 ); \
|
||||
(b)[(i) + 2] = (unsigned char) ( (n) >> 40 ); \
|
||||
(b)[(i) + 3] = (unsigned char) ( (n) >> 32 ); \
|
||||
(b)[(i) + 4] = (unsigned char) ( (n) >> 24 ); \
|
||||
(b)[(i) + 5] = (unsigned char) ( (n) >> 16 ); \
|
||||
(b)[(i) + 6] = (unsigned char) ( (n) >> 8 ); \
|
||||
(b)[(i) + 7] = (unsigned char) ( (n) ); \
|
||||
}
|
||||
#endif
|
||||
|
||||
/*
|
||||
* Round constants
|
||||
*/
|
||||
static const uint64_t K[80] =
|
||||
{
|
||||
UL64(0x428A2F98D728AE22), UL64(0x7137449123EF65CD),
|
||||
UL64(0xB5C0FBCFEC4D3B2F), UL64(0xE9B5DBA58189DBBC),
|
||||
UL64(0x3956C25BF348B538), UL64(0x59F111F1B605D019),
|
||||
UL64(0x923F82A4AF194F9B), UL64(0xAB1C5ED5DA6D8118),
|
||||
UL64(0xD807AA98A3030242), UL64(0x12835B0145706FBE),
|
||||
UL64(0x243185BE4EE4B28C), UL64(0x550C7DC3D5FFB4E2),
|
||||
UL64(0x72BE5D74F27B896F), UL64(0x80DEB1FE3B1696B1),
|
||||
UL64(0x9BDC06A725C71235), UL64(0xC19BF174CF692694),
|
||||
UL64(0xE49B69C19EF14AD2), UL64(0xEFBE4786384F25E3),
|
||||
UL64(0x0FC19DC68B8CD5B5), UL64(0x240CA1CC77AC9C65),
|
||||
UL64(0x2DE92C6F592B0275), UL64(0x4A7484AA6EA6E483),
|
||||
UL64(0x5CB0A9DCBD41FBD4), UL64(0x76F988DA831153B5),
|
||||
UL64(0x983E5152EE66DFAB), UL64(0xA831C66D2DB43210),
|
||||
UL64(0xB00327C898FB213F), UL64(0xBF597FC7BEEF0EE4),
|
||||
UL64(0xC6E00BF33DA88FC2), UL64(0xD5A79147930AA725),
|
||||
UL64(0x06CA6351E003826F), UL64(0x142929670A0E6E70),
|
||||
UL64(0x27B70A8546D22FFC), UL64(0x2E1B21385C26C926),
|
||||
UL64(0x4D2C6DFC5AC42AED), UL64(0x53380D139D95B3DF),
|
||||
UL64(0x650A73548BAF63DE), UL64(0x766A0ABB3C77B2A8),
|
||||
UL64(0x81C2C92E47EDAEE6), UL64(0x92722C851482353B),
|
||||
UL64(0xA2BFE8A14CF10364), UL64(0xA81A664BBC423001),
|
||||
UL64(0xC24B8B70D0F89791), UL64(0xC76C51A30654BE30),
|
||||
UL64(0xD192E819D6EF5218), UL64(0xD69906245565A910),
|
||||
UL64(0xF40E35855771202A), UL64(0x106AA07032BBD1B8),
|
||||
UL64(0x19A4C116B8D2D0C8), UL64(0x1E376C085141AB53),
|
||||
UL64(0x2748774CDF8EEB99), UL64(0x34B0BCB5E19B48A8),
|
||||
UL64(0x391C0CB3C5C95A63), UL64(0x4ED8AA4AE3418ACB),
|
||||
UL64(0x5B9CCA4F7763E373), UL64(0x682E6FF3D6B2B8A3),
|
||||
UL64(0x748F82EE5DEFB2FC), UL64(0x78A5636F43172F60),
|
||||
UL64(0x84C87814A1F0AB72), UL64(0x8CC702081A6439EC),
|
||||
UL64(0x90BEFFFA23631E28), UL64(0xA4506CEBDE82BDE9),
|
||||
UL64(0xBEF9A3F7B2C67915), UL64(0xC67178F2E372532B),
|
||||
UL64(0xCA273ECEEA26619C), UL64(0xD186B8C721C0C207),
|
||||
UL64(0xEADA7DD6CDE0EB1E), UL64(0xF57D4F7FEE6ED178),
|
||||
UL64(0x06F067AA72176FBA), UL64(0x0A637DC5A2C898A6),
|
||||
UL64(0x113F9804BEF90DAE), UL64(0x1B710B35131C471B),
|
||||
UL64(0x28DB77F523047D84), UL64(0x32CAAB7B40C72493),
|
||||
UL64(0x3C9EBE0A15C9BEBC), UL64(0x431D67C49C100D4C),
|
||||
UL64(0x4CC5D4BECB3E42B6), UL64(0x597F299CFC657E2A),
|
||||
UL64(0x5FCB6FAB3AD6FAEC), UL64(0x6C44198C4A475817)
|
||||
};
|
||||
|
||||
/*
|
||||
* SHA-512 context setup
|
||||
*/
|
||||
void sha4_starts( sha4_context *ctx, int is384 )
|
||||
{
|
||||
ctx->total[0] = 0;
|
||||
ctx->total[1] = 0;
|
||||
|
||||
if( is384 == 0 )
|
||||
{
|
||||
/* SHA-512 */
|
||||
ctx->state[0] = UL64(0x6A09E667F3BCC908);
|
||||
ctx->state[1] = UL64(0xBB67AE8584CAA73B);
|
||||
ctx->state[2] = UL64(0x3C6EF372FE94F82B);
|
||||
ctx->state[3] = UL64(0xA54FF53A5F1D36F1);
|
||||
ctx->state[4] = UL64(0x510E527FADE682D1);
|
||||
ctx->state[5] = UL64(0x9B05688C2B3E6C1F);
|
||||
ctx->state[6] = UL64(0x1F83D9ABFB41BD6B);
|
||||
ctx->state[7] = UL64(0x5BE0CD19137E2179);
|
||||
}
|
||||
else
|
||||
{
|
||||
/* SHA-384 */
|
||||
ctx->state[0] = UL64(0xCBBB9D5DC1059ED8);
|
||||
ctx->state[1] = UL64(0x629A292A367CD507);
|
||||
ctx->state[2] = UL64(0x9159015A3070DD17);
|
||||
ctx->state[3] = UL64(0x152FECD8F70E5939);
|
||||
ctx->state[4] = UL64(0x67332667FFC00B31);
|
||||
ctx->state[5] = UL64(0x8EB44A8768581511);
|
||||
ctx->state[6] = UL64(0xDB0C2E0D64F98FA7);
|
||||
ctx->state[7] = UL64(0x47B5481DBEFA4FA4);
|
||||
}
|
||||
|
||||
ctx->is384 = is384;
|
||||
}
|
||||
|
||||
static void sha4_process( sha4_context *ctx, const unsigned char data[128] )
|
||||
{
|
||||
int i;
|
||||
uint64_t temp1, temp2, W[80];
|
||||
uint64_t A, B, C, D, E, F, G, H;
|
||||
|
||||
#define SHR(x,n) (x >> n)
|
||||
#define ROTR(x,n) (SHR(x,n) | (x << (64 - n)))
|
||||
|
||||
#define S0(x) (ROTR(x, 1) ^ ROTR(x, 8) ^ SHR(x, 7))
|
||||
#define S1(x) (ROTR(x,19) ^ ROTR(x,61) ^ SHR(x, 6))
|
||||
|
||||
#define S2(x) (ROTR(x,28) ^ ROTR(x,34) ^ ROTR(x,39))
|
||||
#define S3(x) (ROTR(x,14) ^ ROTR(x,18) ^ ROTR(x,41))
|
||||
|
||||
#define F0(x,y,z) ((x & y) | (z & (x | y)))
|
||||
#define F1(x,y,z) (z ^ (x & (y ^ z)))
|
||||
|
||||
#define P(a,b,c,d,e,f,g,h,x,K) \
|
||||
{ \
|
||||
temp1 = h + S3(e) + F1(e,f,g) + K + x; \
|
||||
temp2 = S2(a) + F0(a,b,c); \
|
||||
d += temp1; h = temp1 + temp2; \
|
||||
}
|
||||
|
||||
for( i = 0; i < 16; i++ )
|
||||
{
|
||||
GET_UINT64_BE( W[i], data, i << 3 );
|
||||
}
|
||||
|
||||
for( ; i < 80; i++ )
|
||||
{
|
||||
W[i] = S1(W[i - 2]) + W[i - 7] +
|
||||
S0(W[i - 15]) + W[i - 16];
|
||||
}
|
||||
|
||||
A = ctx->state[0];
|
||||
B = ctx->state[1];
|
||||
C = ctx->state[2];
|
||||
D = ctx->state[3];
|
||||
E = ctx->state[4];
|
||||
F = ctx->state[5];
|
||||
G = ctx->state[6];
|
||||
H = ctx->state[7];
|
||||
i = 0;
|
||||
|
||||
do
|
||||
{
|
||||
P( A, B, C, D, E, F, G, H, W[i], K[i] ); i++;
|
||||
P( H, A, B, C, D, E, F, G, W[i], K[i] ); i++;
|
||||
P( G, H, A, B, C, D, E, F, W[i], K[i] ); i++;
|
||||
P( F, G, H, A, B, C, D, E, W[i], K[i] ); i++;
|
||||
P( E, F, G, H, A, B, C, D, W[i], K[i] ); i++;
|
||||
P( D, E, F, G, H, A, B, C, W[i], K[i] ); i++;
|
||||
P( C, D, E, F, G, H, A, B, W[i], K[i] ); i++;
|
||||
P( B, C, D, E, F, G, H, A, W[i], K[i] ); i++;
|
||||
}
|
||||
while( i < 80 );
|
||||
|
||||
ctx->state[0] += A;
|
||||
ctx->state[1] += B;
|
||||
ctx->state[2] += C;
|
||||
ctx->state[3] += D;
|
||||
ctx->state[4] += E;
|
||||
ctx->state[5] += F;
|
||||
ctx->state[6] += G;
|
||||
ctx->state[7] += H;
|
||||
}
|
||||
|
||||
/*
|
||||
* SHA-512 process buffer
|
||||
*/
|
||||
void sha4_update( sha4_context *ctx, const unsigned char *input, size_t ilen )
|
||||
{
|
||||
size_t fill;
|
||||
unsigned int left;
|
||||
|
||||
if( ilen <= 0 )
|
||||
return;
|
||||
|
||||
left = (unsigned int) (ctx->total[0] & 0x7F);
|
||||
fill = 128 - left;
|
||||
|
||||
ctx->total[0] += (uint64_t) ilen;
|
||||
|
||||
if( ctx->total[0] < (uint64_t) ilen )
|
||||
ctx->total[1]++;
|
||||
|
||||
if( left && ilen >= fill )
|
||||
{
|
||||
memcpy( (void *) (ctx->buffer + left), input, fill );
|
||||
sha4_process( ctx, ctx->buffer );
|
||||
input += fill;
|
||||
ilen -= fill;
|
||||
left = 0;
|
||||
}
|
||||
|
||||
while( ilen >= 128 )
|
||||
{
|
||||
sha4_process( ctx, input );
|
||||
input += 128;
|
||||
ilen -= 128;
|
||||
}
|
||||
|
||||
if( ilen > 0 )
|
||||
memcpy( (void *) (ctx->buffer + left), input, ilen );
|
||||
}
|
||||
|
||||
static const unsigned char sha4_padding[128] =
|
||||
{
|
||||
0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
|
||||
};
|
||||
|
||||
/*
|
||||
* SHA-512 final digest
|
||||
*/
|
||||
void sha4_finish( sha4_context *ctx, unsigned char output[64] )
|
||||
{
|
||||
size_t last, padn;
|
||||
uint64_t high, low;
|
||||
unsigned char msglen[16];
|
||||
|
||||
high = ( ctx->total[0] >> 61 )
|
||||
| ( ctx->total[1] << 3 );
|
||||
low = ( ctx->total[0] << 3 );
|
||||
|
||||
PUT_UINT64_BE( high, msglen, 0 );
|
||||
PUT_UINT64_BE( low, msglen, 8 );
|
||||
|
||||
last = (size_t)( ctx->total[0] & 0x7F );
|
||||
padn = ( last < 112 ) ? ( 112 - last ) : ( 240 - last );
|
||||
|
||||
sha4_update( ctx, sha4_padding, padn );
|
||||
sha4_update( ctx, msglen, 16 );
|
||||
|
||||
PUT_UINT64_BE( ctx->state[0], output, 0 );
|
||||
PUT_UINT64_BE( ctx->state[1], output, 8 );
|
||||
PUT_UINT64_BE( ctx->state[2], output, 16 );
|
||||
PUT_UINT64_BE( ctx->state[3], output, 24 );
|
||||
PUT_UINT64_BE( ctx->state[4], output, 32 );
|
||||
PUT_UINT64_BE( ctx->state[5], output, 40 );
|
||||
|
||||
if( ctx->is384 == 0 )
|
||||
{
|
||||
PUT_UINT64_BE( ctx->state[6], output, 48 );
|
||||
PUT_UINT64_BE( ctx->state[7], output, 56 );
|
||||
}
|
||||
}
|
||||
|
||||
#endif /* !POLARSSL_SHA4_ALT */
|
||||
|
||||
/*
|
||||
* output = SHA-512( input buffer )
|
||||
*/
|
||||
void sha4( const unsigned char *input, size_t ilen,
|
||||
unsigned char output[64], int is384 )
|
||||
{
|
||||
sha4_context ctx;
|
||||
|
||||
sha4_starts( &ctx, is384 );
|
||||
sha4_update( &ctx, input, ilen );
|
||||
sha4_finish( &ctx, output );
|
||||
|
||||
memset( &ctx, 0, sizeof( sha4_context ) );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
/*
|
||||
* output = SHA-512( file contents )
|
||||
*/
|
||||
int sha4_file( const char *path, unsigned char output[64], int is384 )
|
||||
{
|
||||
FILE *f;
|
||||
size_t n;
|
||||
sha4_context ctx;
|
||||
unsigned char buf[1024];
|
||||
|
||||
if( ( f = fopen( path, "rb" ) ) == NULL )
|
||||
return( POLARSSL_ERR_SHA4_FILE_IO_ERROR );
|
||||
|
||||
sha4_starts( &ctx, is384 );
|
||||
|
||||
while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
|
||||
sha4_update( &ctx, buf, n );
|
||||
|
||||
sha4_finish( &ctx, output );
|
||||
|
||||
memset( &ctx, 0, sizeof( sha4_context ) );
|
||||
|
||||
if( ferror( f ) != 0 )
|
||||
{
|
||||
fclose( f );
|
||||
return( POLARSSL_ERR_SHA4_FILE_IO_ERROR );
|
||||
}
|
||||
|
||||
fclose( f );
|
||||
return( 0 );
|
||||
}
|
||||
#endif /* POLARSSL_FS_IO */
|
||||
|
||||
/*
|
||||
* SHA-512 HMAC context setup
|
||||
*/
|
||||
void sha4_hmac_starts( sha4_context *ctx, const unsigned char *key, size_t keylen,
|
||||
int is384 )
|
||||
{
|
||||
size_t i;
|
||||
unsigned char sum[64];
|
||||
|
||||
if( keylen > 128 )
|
||||
{
|
||||
sha4( key, keylen, sum, is384 );
|
||||
keylen = ( is384 ) ? 48 : 64;
|
||||
key = sum;
|
||||
}
|
||||
|
||||
memset( ctx->ipad, 0x36, 128 );
|
||||
memset( ctx->opad, 0x5C, 128 );
|
||||
|
||||
for( i = 0; i < keylen; i++ )
|
||||
{
|
||||
ctx->ipad[i] = (unsigned char)( ctx->ipad[i] ^ key[i] );
|
||||
ctx->opad[i] = (unsigned char)( ctx->opad[i] ^ key[i] );
|
||||
}
|
||||
|
||||
sha4_starts( ctx, is384 );
|
||||
sha4_update( ctx, ctx->ipad, 128 );
|
||||
|
||||
memset( sum, 0, sizeof( sum ) );
|
||||
}
|
||||
|
||||
/*
|
||||
* SHA-512 HMAC process buffer
|
||||
*/
|
||||
void sha4_hmac_update( sha4_context *ctx,
|
||||
const unsigned char *input, size_t ilen )
|
||||
{
|
||||
sha4_update( ctx, input, ilen );
|
||||
}
|
||||
|
||||
/*
|
||||
* SHA-512 HMAC final digest
|
||||
*/
|
||||
void sha4_hmac_finish( sha4_context *ctx, unsigned char output[64] )
|
||||
{
|
||||
int is384, hlen;
|
||||
unsigned char tmpbuf[64];
|
||||
|
||||
is384 = ctx->is384;
|
||||
hlen = ( is384 == 0 ) ? 64 : 48;
|
||||
|
||||
sha4_finish( ctx, tmpbuf );
|
||||
sha4_starts( ctx, is384 );
|
||||
sha4_update( ctx, ctx->opad, 128 );
|
||||
sha4_update( ctx, tmpbuf, hlen );
|
||||
sha4_finish( ctx, output );
|
||||
|
||||
memset( tmpbuf, 0, sizeof( tmpbuf ) );
|
||||
}
|
||||
|
||||
/*
|
||||
* SHA-512 HMAC context reset
|
||||
*/
|
||||
void sha4_hmac_reset( sha4_context *ctx )
|
||||
{
|
||||
sha4_starts( ctx, ctx->is384 );
|
||||
sha4_update( ctx, ctx->ipad, 128 );
|
||||
}
|
||||
|
||||
/*
|
||||
* output = HMAC-SHA-512( hmac key, input buffer )
|
||||
*/
|
||||
void sha4_hmac( const unsigned char *key, size_t keylen,
|
||||
const unsigned char *input, size_t ilen,
|
||||
unsigned char output[64], int is384 )
|
||||
{
|
||||
sha4_context ctx;
|
||||
|
||||
sha4_hmac_starts( &ctx, key, keylen, is384 );
|
||||
sha4_hmac_update( &ctx, input, ilen );
|
||||
sha4_hmac_finish( &ctx, output );
|
||||
|
||||
memset( &ctx, 0, sizeof( sha4_context ) );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_SELF_TEST)
|
||||
|
||||
/*
|
||||
* FIPS-180-2 test vectors
|
||||
*/
|
||||
static unsigned char sha4_test_buf[3][113] =
|
||||
{
|
||||
{ "abc" },
|
||||
{ "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmn"
|
||||
"hijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" },
|
||||
{ "" }
|
||||
};
|
||||
|
||||
static const int sha4_test_buflen[3] =
|
||||
{
|
||||
3, 112, 1000
|
||||
};
|
||||
|
||||
static const unsigned char sha4_test_sum[6][64] =
|
||||
{
|
||||
/*
|
||||
* SHA-384 test vectors
|
||||
*/
|
||||
{ 0xCB, 0x00, 0x75, 0x3F, 0x45, 0xA3, 0x5E, 0x8B,
|
||||
0xB5, 0xA0, 0x3D, 0x69, 0x9A, 0xC6, 0x50, 0x07,
|
||||
0x27, 0x2C, 0x32, 0xAB, 0x0E, 0xDE, 0xD1, 0x63,
|
||||
0x1A, 0x8B, 0x60, 0x5A, 0x43, 0xFF, 0x5B, 0xED,
|
||||
0x80, 0x86, 0x07, 0x2B, 0xA1, 0xE7, 0xCC, 0x23,
|
||||
0x58, 0xBA, 0xEC, 0xA1, 0x34, 0xC8, 0x25, 0xA7 },
|
||||
{ 0x09, 0x33, 0x0C, 0x33, 0xF7, 0x11, 0x47, 0xE8,
|
||||
0x3D, 0x19, 0x2F, 0xC7, 0x82, 0xCD, 0x1B, 0x47,
|
||||
0x53, 0x11, 0x1B, 0x17, 0x3B, 0x3B, 0x05, 0xD2,
|
||||
0x2F, 0xA0, 0x80, 0x86, 0xE3, 0xB0, 0xF7, 0x12,
|
||||
0xFC, 0xC7, 0xC7, 0x1A, 0x55, 0x7E, 0x2D, 0xB9,
|
||||
0x66, 0xC3, 0xE9, 0xFA, 0x91, 0x74, 0x60, 0x39 },
|
||||
{ 0x9D, 0x0E, 0x18, 0x09, 0x71, 0x64, 0x74, 0xCB,
|
||||
0x08, 0x6E, 0x83, 0x4E, 0x31, 0x0A, 0x4A, 0x1C,
|
||||
0xED, 0x14, 0x9E, 0x9C, 0x00, 0xF2, 0x48, 0x52,
|
||||
0x79, 0x72, 0xCE, 0xC5, 0x70, 0x4C, 0x2A, 0x5B,
|
||||
0x07, 0xB8, 0xB3, 0xDC, 0x38, 0xEC, 0xC4, 0xEB,
|
||||
0xAE, 0x97, 0xDD, 0xD8, 0x7F, 0x3D, 0x89, 0x85 },
|
||||
|
||||
/*
|
||||
* SHA-512 test vectors
|
||||
*/
|
||||
{ 0xDD, 0xAF, 0x35, 0xA1, 0x93, 0x61, 0x7A, 0xBA,
|
||||
0xCC, 0x41, 0x73, 0x49, 0xAE, 0x20, 0x41, 0x31,
|
||||
0x12, 0xE6, 0xFA, 0x4E, 0x89, 0xA9, 0x7E, 0xA2,
|
||||
0x0A, 0x9E, 0xEE, 0xE6, 0x4B, 0x55, 0xD3, 0x9A,
|
||||
0x21, 0x92, 0x99, 0x2A, 0x27, 0x4F, 0xC1, 0xA8,
|
||||
0x36, 0xBA, 0x3C, 0x23, 0xA3, 0xFE, 0xEB, 0xBD,
|
||||
0x45, 0x4D, 0x44, 0x23, 0x64, 0x3C, 0xE8, 0x0E,
|
||||
0x2A, 0x9A, 0xC9, 0x4F, 0xA5, 0x4C, 0xA4, 0x9F },
|
||||
{ 0x8E, 0x95, 0x9B, 0x75, 0xDA, 0xE3, 0x13, 0xDA,
|
||||
0x8C, 0xF4, 0xF7, 0x28, 0x14, 0xFC, 0x14, 0x3F,
|
||||
0x8F, 0x77, 0x79, 0xC6, 0xEB, 0x9F, 0x7F, 0xA1,
|
||||
0x72, 0x99, 0xAE, 0xAD, 0xB6, 0x88, 0x90, 0x18,
|
||||
0x50, 0x1D, 0x28, 0x9E, 0x49, 0x00, 0xF7, 0xE4,
|
||||
0x33, 0x1B, 0x99, 0xDE, 0xC4, 0xB5, 0x43, 0x3A,
|
||||
0xC7, 0xD3, 0x29, 0xEE, 0xB6, 0xDD, 0x26, 0x54,
|
||||
0x5E, 0x96, 0xE5, 0x5B, 0x87, 0x4B, 0xE9, 0x09 },
|
||||
{ 0xE7, 0x18, 0x48, 0x3D, 0x0C, 0xE7, 0x69, 0x64,
|
||||
0x4E, 0x2E, 0x42, 0xC7, 0xBC, 0x15, 0xB4, 0x63,
|
||||
0x8E, 0x1F, 0x98, 0xB1, 0x3B, 0x20, 0x44, 0x28,
|
||||
0x56, 0x32, 0xA8, 0x03, 0xAF, 0xA9, 0x73, 0xEB,
|
||||
0xDE, 0x0F, 0xF2, 0x44, 0x87, 0x7E, 0xA6, 0x0A,
|
||||
0x4C, 0xB0, 0x43, 0x2C, 0xE5, 0x77, 0xC3, 0x1B,
|
||||
0xEB, 0x00, 0x9C, 0x5C, 0x2C, 0x49, 0xAA, 0x2E,
|
||||
0x4E, 0xAD, 0xB2, 0x17, 0xAD, 0x8C, 0xC0, 0x9B }
|
||||
};
|
||||
|
||||
/*
|
||||
* RFC 4231 test vectors
|
||||
*/
|
||||
static unsigned char sha4_hmac_test_key[7][26] =
|
||||
{
|
||||
{ "\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B"
|
||||
"\x0B\x0B\x0B\x0B" },
|
||||
{ "Jefe" },
|
||||
{ "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
|
||||
"\xAA\xAA\xAA\xAA" },
|
||||
{ "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10"
|
||||
"\x11\x12\x13\x14\x15\x16\x17\x18\x19" },
|
||||
{ "\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C"
|
||||
"\x0C\x0C\x0C\x0C" },
|
||||
{ "" }, /* 0xAA 131 times */
|
||||
{ "" }
|
||||
};
|
||||
|
||||
static const int sha4_hmac_test_keylen[7] =
|
||||
{
|
||||
20, 4, 20, 25, 20, 131, 131
|
||||
};
|
||||
|
||||
static unsigned char sha4_hmac_test_buf[7][153] =
|
||||
{
|
||||
{ "Hi There" },
|
||||
{ "what do ya want for nothing?" },
|
||||
{ "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
|
||||
"\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
|
||||
"\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
|
||||
"\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
|
||||
"\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" },
|
||||
{ "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
|
||||
"\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
|
||||
"\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
|
||||
"\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
|
||||
"\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" },
|
||||
{ "Test With Truncation" },
|
||||
{ "Test Using Larger Than Block-Size Key - Hash Key First" },
|
||||
{ "This is a test using a larger than block-size key "
|
||||
"and a larger than block-size data. The key needs to "
|
||||
"be hashed before being used by the HMAC algorithm." }
|
||||
};
|
||||
|
||||
static const int sha4_hmac_test_buflen[7] =
|
||||
{
|
||||
8, 28, 50, 50, 20, 54, 152
|
||||
};
|
||||
|
||||
static const unsigned char sha4_hmac_test_sum[14][64] =
|
||||
{
|
||||
/*
|
||||
* HMAC-SHA-384 test vectors
|
||||
*/
|
||||
{ 0xAF, 0xD0, 0x39, 0x44, 0xD8, 0x48, 0x95, 0x62,
|
||||
0x6B, 0x08, 0x25, 0xF4, 0xAB, 0x46, 0x90, 0x7F,
|
||||
0x15, 0xF9, 0xDA, 0xDB, 0xE4, 0x10, 0x1E, 0xC6,
|
||||
0x82, 0xAA, 0x03, 0x4C, 0x7C, 0xEB, 0xC5, 0x9C,
|
||||
0xFA, 0xEA, 0x9E, 0xA9, 0x07, 0x6E, 0xDE, 0x7F,
|
||||
0x4A, 0xF1, 0x52, 0xE8, 0xB2, 0xFA, 0x9C, 0xB6 },
|
||||
{ 0xAF, 0x45, 0xD2, 0xE3, 0x76, 0x48, 0x40, 0x31,
|
||||
0x61, 0x7F, 0x78, 0xD2, 0xB5, 0x8A, 0x6B, 0x1B,
|
||||
0x9C, 0x7E, 0xF4, 0x64, 0xF5, 0xA0, 0x1B, 0x47,
|
||||
0xE4, 0x2E, 0xC3, 0x73, 0x63, 0x22, 0x44, 0x5E,
|
||||
0x8E, 0x22, 0x40, 0xCA, 0x5E, 0x69, 0xE2, 0xC7,
|
||||
0x8B, 0x32, 0x39, 0xEC, 0xFA, 0xB2, 0x16, 0x49 },
|
||||
{ 0x88, 0x06, 0x26, 0x08, 0xD3, 0xE6, 0xAD, 0x8A,
|
||||
0x0A, 0xA2, 0xAC, 0xE0, 0x14, 0xC8, 0xA8, 0x6F,
|
||||
0x0A, 0xA6, 0x35, 0xD9, 0x47, 0xAC, 0x9F, 0xEB,
|
||||
0xE8, 0x3E, 0xF4, 0xE5, 0x59, 0x66, 0x14, 0x4B,
|
||||
0x2A, 0x5A, 0xB3, 0x9D, 0xC1, 0x38, 0x14, 0xB9,
|
||||
0x4E, 0x3A, 0xB6, 0xE1, 0x01, 0xA3, 0x4F, 0x27 },
|
||||
{ 0x3E, 0x8A, 0x69, 0xB7, 0x78, 0x3C, 0x25, 0x85,
|
||||
0x19, 0x33, 0xAB, 0x62, 0x90, 0xAF, 0x6C, 0xA7,
|
||||
0x7A, 0x99, 0x81, 0x48, 0x08, 0x50, 0x00, 0x9C,
|
||||
0xC5, 0x57, 0x7C, 0x6E, 0x1F, 0x57, 0x3B, 0x4E,
|
||||
0x68, 0x01, 0xDD, 0x23, 0xC4, 0xA7, 0xD6, 0x79,
|
||||
0xCC, 0xF8, 0xA3, 0x86, 0xC6, 0x74, 0xCF, 0xFB },
|
||||
{ 0x3A, 0xBF, 0x34, 0xC3, 0x50, 0x3B, 0x2A, 0x23,
|
||||
0xA4, 0x6E, 0xFC, 0x61, 0x9B, 0xAE, 0xF8, 0x97 },
|
||||
{ 0x4E, 0xCE, 0x08, 0x44, 0x85, 0x81, 0x3E, 0x90,
|
||||
0x88, 0xD2, 0xC6, 0x3A, 0x04, 0x1B, 0xC5, 0xB4,
|
||||
0x4F, 0x9E, 0xF1, 0x01, 0x2A, 0x2B, 0x58, 0x8F,
|
||||
0x3C, 0xD1, 0x1F, 0x05, 0x03, 0x3A, 0xC4, 0xC6,
|
||||
0x0C, 0x2E, 0xF6, 0xAB, 0x40, 0x30, 0xFE, 0x82,
|
||||
0x96, 0x24, 0x8D, 0xF1, 0x63, 0xF4, 0x49, 0x52 },
|
||||
{ 0x66, 0x17, 0x17, 0x8E, 0x94, 0x1F, 0x02, 0x0D,
|
||||
0x35, 0x1E, 0x2F, 0x25, 0x4E, 0x8F, 0xD3, 0x2C,
|
||||
0x60, 0x24, 0x20, 0xFE, 0xB0, 0xB8, 0xFB, 0x9A,
|
||||
0xDC, 0xCE, 0xBB, 0x82, 0x46, 0x1E, 0x99, 0xC5,
|
||||
0xA6, 0x78, 0xCC, 0x31, 0xE7, 0x99, 0x17, 0x6D,
|
||||
0x38, 0x60, 0xE6, 0x11, 0x0C, 0x46, 0x52, 0x3E },
|
||||
|
||||
/*
|
||||
* HMAC-SHA-512 test vectors
|
||||
*/
|
||||
{ 0x87, 0xAA, 0x7C, 0xDE, 0xA5, 0xEF, 0x61, 0x9D,
|
||||
0x4F, 0xF0, 0xB4, 0x24, 0x1A, 0x1D, 0x6C, 0xB0,
|
||||
0x23, 0x79, 0xF4, 0xE2, 0xCE, 0x4E, 0xC2, 0x78,
|
||||
0x7A, 0xD0, 0xB3, 0x05, 0x45, 0xE1, 0x7C, 0xDE,
|
||||
0xDA, 0xA8, 0x33, 0xB7, 0xD6, 0xB8, 0xA7, 0x02,
|
||||
0x03, 0x8B, 0x27, 0x4E, 0xAE, 0xA3, 0xF4, 0xE4,
|
||||
0xBE, 0x9D, 0x91, 0x4E, 0xEB, 0x61, 0xF1, 0x70,
|
||||
0x2E, 0x69, 0x6C, 0x20, 0x3A, 0x12, 0x68, 0x54 },
|
||||
{ 0x16, 0x4B, 0x7A, 0x7B, 0xFC, 0xF8, 0x19, 0xE2,
|
||||
0xE3, 0x95, 0xFB, 0xE7, 0x3B, 0x56, 0xE0, 0xA3,
|
||||
0x87, 0xBD, 0x64, 0x22, 0x2E, 0x83, 0x1F, 0xD6,
|
||||
0x10, 0x27, 0x0C, 0xD7, 0xEA, 0x25, 0x05, 0x54,
|
||||
0x97, 0x58, 0xBF, 0x75, 0xC0, 0x5A, 0x99, 0x4A,
|
||||
0x6D, 0x03, 0x4F, 0x65, 0xF8, 0xF0, 0xE6, 0xFD,
|
||||
0xCA, 0xEA, 0xB1, 0xA3, 0x4D, 0x4A, 0x6B, 0x4B,
|
||||
0x63, 0x6E, 0x07, 0x0A, 0x38, 0xBC, 0xE7, 0x37 },
|
||||
{ 0xFA, 0x73, 0xB0, 0x08, 0x9D, 0x56, 0xA2, 0x84,
|
||||
0xEF, 0xB0, 0xF0, 0x75, 0x6C, 0x89, 0x0B, 0xE9,
|
||||
0xB1, 0xB5, 0xDB, 0xDD, 0x8E, 0xE8, 0x1A, 0x36,
|
||||
0x55, 0xF8, 0x3E, 0x33, 0xB2, 0x27, 0x9D, 0x39,
|
||||
0xBF, 0x3E, 0x84, 0x82, 0x79, 0xA7, 0x22, 0xC8,
|
||||
0x06, 0xB4, 0x85, 0xA4, 0x7E, 0x67, 0xC8, 0x07,
|
||||
0xB9, 0x46, 0xA3, 0x37, 0xBE, 0xE8, 0x94, 0x26,
|
||||
0x74, 0x27, 0x88, 0x59, 0xE1, 0x32, 0x92, 0xFB },
|
||||
{ 0xB0, 0xBA, 0x46, 0x56, 0x37, 0x45, 0x8C, 0x69,
|
||||
0x90, 0xE5, 0xA8, 0xC5, 0xF6, 0x1D, 0x4A, 0xF7,
|
||||
0xE5, 0x76, 0xD9, 0x7F, 0xF9, 0x4B, 0x87, 0x2D,
|
||||
0xE7, 0x6F, 0x80, 0x50, 0x36, 0x1E, 0xE3, 0xDB,
|
||||
0xA9, 0x1C, 0xA5, 0xC1, 0x1A, 0xA2, 0x5E, 0xB4,
|
||||
0xD6, 0x79, 0x27, 0x5C, 0xC5, 0x78, 0x80, 0x63,
|
||||
0xA5, 0xF1, 0x97, 0x41, 0x12, 0x0C, 0x4F, 0x2D,
|
||||
0xE2, 0xAD, 0xEB, 0xEB, 0x10, 0xA2, 0x98, 0xDD },
|
||||
{ 0x41, 0x5F, 0xAD, 0x62, 0x71, 0x58, 0x0A, 0x53,
|
||||
0x1D, 0x41, 0x79, 0xBC, 0x89, 0x1D, 0x87, 0xA6 },
|
||||
{ 0x80, 0xB2, 0x42, 0x63, 0xC7, 0xC1, 0xA3, 0xEB,
|
||||
0xB7, 0x14, 0x93, 0xC1, 0xDD, 0x7B, 0xE8, 0xB4,
|
||||
0x9B, 0x46, 0xD1, 0xF4, 0x1B, 0x4A, 0xEE, 0xC1,
|
||||
0x12, 0x1B, 0x01, 0x37, 0x83, 0xF8, 0xF3, 0x52,
|
||||
0x6B, 0x56, 0xD0, 0x37, 0xE0, 0x5F, 0x25, 0x98,
|
||||
0xBD, 0x0F, 0xD2, 0x21, 0x5D, 0x6A, 0x1E, 0x52,
|
||||
0x95, 0xE6, 0x4F, 0x73, 0xF6, 0x3F, 0x0A, 0xEC,
|
||||
0x8B, 0x91, 0x5A, 0x98, 0x5D, 0x78, 0x65, 0x98 },
|
||||
{ 0xE3, 0x7B, 0x6A, 0x77, 0x5D, 0xC8, 0x7D, 0xBA,
|
||||
0xA4, 0xDF, 0xA9, 0xF9, 0x6E, 0x5E, 0x3F, 0xFD,
|
||||
0xDE, 0xBD, 0x71, 0xF8, 0x86, 0x72, 0x89, 0x86,
|
||||
0x5D, 0xF5, 0xA3, 0x2D, 0x20, 0xCD, 0xC9, 0x44,
|
||||
0xB6, 0x02, 0x2C, 0xAC, 0x3C, 0x49, 0x82, 0xB1,
|
||||
0x0D, 0x5E, 0xEB, 0x55, 0xC3, 0xE4, 0xDE, 0x15,
|
||||
0x13, 0x46, 0x76, 0xFB, 0x6D, 0xE0, 0x44, 0x60,
|
||||
0x65, 0xC9, 0x74, 0x40, 0xFA, 0x8C, 0x6A, 0x58 }
|
||||
};
|
||||
|
||||
/*
|
||||
* Checkup routine
|
||||
*/
|
||||
int sha4_self_test( int verbose )
|
||||
{
|
||||
int i, j, k, buflen;
|
||||
unsigned char buf[1024];
|
||||
unsigned char sha4sum[64];
|
||||
sha4_context ctx;
|
||||
|
||||
for( i = 0; i < 6; i++ )
|
||||
{
|
||||
j = i % 3;
|
||||
k = i < 3;
|
||||
|
||||
if( verbose != 0 )
|
||||
printf( " SHA-%d test #%d: ", 512 - k * 128, j + 1 );
|
||||
|
||||
sha4_starts( &ctx, k );
|
||||
|
||||
if( j == 2 )
|
||||
{
|
||||
memset( buf, 'a', buflen = 1000 );
|
||||
|
||||
for( j = 0; j < 1000; j++ )
|
||||
sha4_update( &ctx, buf, buflen );
|
||||
}
|
||||
else
|
||||
sha4_update( &ctx, sha4_test_buf[j],
|
||||
sha4_test_buflen[j] );
|
||||
|
||||
sha4_finish( &ctx, sha4sum );
|
||||
|
||||
if( memcmp( sha4sum, sha4_test_sum[i], 64 - k * 16 ) != 0 )
|
||||
{
|
||||
if( verbose != 0 )
|
||||
printf( "failed\n" );
|
||||
|
||||
return( 1 );
|
||||
}
|
||||
|
||||
if( verbose != 0 )
|
||||
printf( "passed\n" );
|
||||
}
|
||||
|
||||
if( verbose != 0 )
|
||||
printf( "\n" );
|
||||
|
||||
for( i = 0; i < 14; i++ )
|
||||
{
|
||||
j = i % 7;
|
||||
k = i < 7;
|
||||
|
||||
if( verbose != 0 )
|
||||
printf( " HMAC-SHA-%d test #%d: ", 512 - k * 128, j + 1 );
|
||||
|
||||
if( j == 5 || j == 6 )
|
||||
{
|
||||
memset( buf, '\xAA', buflen = 131 );
|
||||
sha4_hmac_starts( &ctx, buf, buflen, k );
|
||||
}
|
||||
else
|
||||
sha4_hmac_starts( &ctx, sha4_hmac_test_key[j],
|
||||
sha4_hmac_test_keylen[j], k );
|
||||
|
||||
sha4_hmac_update( &ctx, sha4_hmac_test_buf[j],
|
||||
sha4_hmac_test_buflen[j] );
|
||||
|
||||
sha4_hmac_finish( &ctx, sha4sum );
|
||||
|
||||
buflen = ( j == 4 ) ? 16 : 64 - k * 16;
|
||||
|
||||
if( memcmp( sha4sum, sha4_hmac_test_sum[i], buflen ) != 0 )
|
||||
{
|
||||
if( verbose != 0 )
|
||||
printf( "failed\n" );
|
||||
|
||||
return( 1 );
|
||||
}
|
||||
|
||||
if( verbose != 0 )
|
||||
printf( "passed\n" );
|
||||
}
|
||||
|
||||
if( verbose != 0 )
|
||||
printf( "\n" );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
#endif
|
||||
|
||||
#endif
|
||||
@@ -1,186 +0,0 @@
|
||||
/**
|
||||
* \file sha4.h
|
||||
*
|
||||
* \brief SHA-384 and SHA-512 cryptographic hash function
|
||||
*
|
||||
* Copyright (C) 2006-2013, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
#ifndef POLARSSL_SHA4_H
|
||||
#define POLARSSL_SHA4_H
|
||||
|
||||
#include "polarssl/config.h"
|
||||
|
||||
#include <string.h>
|
||||
|
||||
#if defined(_MSC_VER) || defined(__WATCOMC__)
|
||||
#define UL64(x) x##ui64
|
||||
typedef unsigned __int64 uint64_t;
|
||||
#else
|
||||
#include <inttypes.h>
|
||||
#define UL64(x) x##ULL
|
||||
#endif
|
||||
|
||||
#define POLARSSL_ERR_SHA4_FILE_IO_ERROR -0x007A /**< Read/write error in file. */
|
||||
|
||||
#if !defined(POLARSSL_SHA1_ALT)
|
||||
// Regular implementation
|
||||
//
|
||||
|
||||
/**
|
||||
* \brief SHA-512 context structure
|
||||
*/
|
||||
typedef struct
|
||||
{
|
||||
uint64_t total[2]; /*!< number of bytes processed */
|
||||
uint64_t state[8]; /*!< intermediate digest state */
|
||||
unsigned char buffer[128]; /*!< data block being processed */
|
||||
|
||||
unsigned char ipad[128]; /*!< HMAC: inner padding */
|
||||
unsigned char opad[128]; /*!< HMAC: outer padding */
|
||||
int is384; /*!< 0 => SHA-512, else SHA-384 */
|
||||
}
|
||||
sha4_context;
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/**
|
||||
* \brief SHA-512 context setup
|
||||
*
|
||||
* \param ctx context to be initialized
|
||||
* \param is384 0 = use SHA512, 1 = use SHA384
|
||||
*/
|
||||
void sha4_starts( sha4_context *ctx, int is384 );
|
||||
|
||||
/**
|
||||
* \brief SHA-512 process buffer
|
||||
*
|
||||
* \param ctx SHA-512 context
|
||||
* \param input buffer holding the data
|
||||
* \param ilen length of the input data
|
||||
*/
|
||||
void sha4_update( sha4_context *ctx, const unsigned char *input, size_t ilen );
|
||||
|
||||
/**
|
||||
* \brief SHA-512 final digest
|
||||
*
|
||||
* \param ctx SHA-512 context
|
||||
* \param output SHA-384/512 checksum result
|
||||
*/
|
||||
void sha4_finish( sha4_context *ctx, unsigned char output[64] );
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#else /* POLARSSL_SHA4_ALT */
|
||||
#include "polarssl/sha4_alt.h"
|
||||
#endif /* POLARSSL_SHA4_ALT */
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/**
|
||||
* \brief Output = SHA-512( input buffer )
|
||||
*
|
||||
* \param input buffer holding the data
|
||||
* \param ilen length of the input data
|
||||
* \param output SHA-384/512 checksum result
|
||||
* \param is384 0 = use SHA512, 1 = use SHA384
|
||||
*/
|
||||
void sha4( const unsigned char *input, size_t ilen,
|
||||
unsigned char output[64], int is384 );
|
||||
|
||||
/**
|
||||
* \brief Output = SHA-512( file contents )
|
||||
*
|
||||
* \param path input file name
|
||||
* \param output SHA-384/512 checksum result
|
||||
* \param is384 0 = use SHA512, 1 = use SHA384
|
||||
*
|
||||
* \return 0 if successful, or POLARSSL_ERR_SHA4_FILE_IO_ERROR
|
||||
*/
|
||||
int sha4_file( const char *path, unsigned char output[64], int is384 );
|
||||
|
||||
/**
|
||||
* \brief SHA-512 HMAC context setup
|
||||
*
|
||||
* \param ctx HMAC context to be initialized
|
||||
* \param is384 0 = use SHA512, 1 = use SHA384
|
||||
* \param key HMAC secret key
|
||||
* \param keylen length of the HMAC key
|
||||
*/
|
||||
void sha4_hmac_starts( sha4_context *ctx, const unsigned char *key, size_t keylen,
|
||||
int is384 );
|
||||
|
||||
/**
|
||||
* \brief SHA-512 HMAC process buffer
|
||||
*
|
||||
* \param ctx HMAC context
|
||||
* \param input buffer holding the data
|
||||
* \param ilen length of the input data
|
||||
*/
|
||||
void sha4_hmac_update( sha4_context *ctx, const unsigned char *input, size_t ilen );
|
||||
|
||||
/**
|
||||
* \brief SHA-512 HMAC final digest
|
||||
*
|
||||
* \param ctx HMAC context
|
||||
* \param output SHA-384/512 HMAC checksum result
|
||||
*/
|
||||
void sha4_hmac_finish( sha4_context *ctx, unsigned char output[64] );
|
||||
|
||||
/**
|
||||
* \brief SHA-512 HMAC context reset
|
||||
*
|
||||
* \param ctx HMAC context to be reset
|
||||
*/
|
||||
void sha4_hmac_reset( sha4_context *ctx );
|
||||
|
||||
/**
|
||||
* \brief Output = HMAC-SHA-512( hmac key, input buffer )
|
||||
*
|
||||
* \param key HMAC secret key
|
||||
* \param keylen length of the HMAC key
|
||||
* \param input buffer holding the data
|
||||
* \param ilen length of the input data
|
||||
* \param output HMAC-SHA-384/512 result
|
||||
* \param is384 0 = use SHA512, 1 = use SHA384
|
||||
*/
|
||||
void sha4_hmac( const unsigned char *key, size_t keylen,
|
||||
const unsigned char *input, size_t ilen,
|
||||
unsigned char output[64], int is384 );
|
||||
|
||||
/**
|
||||
* \brief Checkup routine
|
||||
*
|
||||
* \return 0 if successful, or 1 if the test failed
|
||||
*/
|
||||
int sha4_self_test( int verbose );
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* sha4.h */
|
||||
File diff suppressed because it is too large
Load Diff
@@ -1,119 +0,0 @@
|
||||
/**
|
||||
* \file ssl_cache.h
|
||||
*
|
||||
* \brief SSL session cache implementation
|
||||
*
|
||||
* Copyright (C) 2006-2013, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
#ifndef POLARSSL_SSL_CACHE_H
|
||||
#define POLARSSL_SSL_CACHE_H
|
||||
|
||||
#include "polarssl/ssl.h"
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_OPTIONS)
|
||||
#define SSL_CACHE_DEFAULT_TIMEOUT 86400 /*!< 1 day */
|
||||
#define SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /*!< Maximum entries in cache */
|
||||
#endif /* !POLARSSL_CONFIG_OPTIONS */
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
typedef struct _ssl_cache_context ssl_cache_context;
|
||||
typedef struct _ssl_cache_entry ssl_cache_entry;
|
||||
|
||||
/**
|
||||
* \brief This structure is used for storing cache entries
|
||||
*/
|
||||
struct _ssl_cache_entry
|
||||
{
|
||||
time_t timestamp; /*!< entry timestamp */
|
||||
ssl_session session; /*!< entry session */
|
||||
x509_buf peer_cert; /*!< entry peer_cert */
|
||||
ssl_cache_entry *next; /*!< chain pointer */
|
||||
};
|
||||
|
||||
/**
|
||||
* \brief Cache context
|
||||
*/
|
||||
struct _ssl_cache_context
|
||||
{
|
||||
ssl_cache_entry *chain; /*!< start of the chain */
|
||||
int timeout; /*!< cache entry timeout */
|
||||
int max_entries; /*!< maximum entries */
|
||||
};
|
||||
|
||||
/**
|
||||
* \brief Initialize an SSL cache context
|
||||
*
|
||||
* \param cache SSL cache context
|
||||
*/
|
||||
void ssl_cache_init( ssl_cache_context *cache );
|
||||
|
||||
/**
|
||||
* \brief Cache get callback implementation
|
||||
*
|
||||
* \param data SSL cache context
|
||||
* \param session session to retrieve entry for
|
||||
*/
|
||||
int ssl_cache_get( void *data, ssl_session *session );
|
||||
|
||||
/**
|
||||
* \brief Cache set callback implementation
|
||||
*
|
||||
* \param data SSL cache context
|
||||
* \param session session to store entry for
|
||||
*/
|
||||
int ssl_cache_set( void *data, const ssl_session *session );
|
||||
|
||||
/**
|
||||
* \brief Set the cache timeout
|
||||
* (Default: SSL_CACHE_DEFAULT_TIMEOUT (1 day))
|
||||
*
|
||||
* A timeout of 0 indicates no timeout.
|
||||
*
|
||||
* \param cache SSL cache context
|
||||
* \param timeout cache entry timeout
|
||||
*/
|
||||
void ssl_cache_set_timeout( ssl_cache_context *cache, int timeout );
|
||||
|
||||
/**
|
||||
* \brief Set the cache timeout
|
||||
* (Default: SSL_CACHE_DEFAULT_MAX_ENTRIES (50))
|
||||
*
|
||||
* \param cache SSL cache context
|
||||
* \param max cache entry maximum
|
||||
*/
|
||||
void ssl_cache_set_max_entries( ssl_cache_context *cache, int max );
|
||||
|
||||
/**
|
||||
* \brief Free referenced items in a cache context and clear memory
|
||||
*
|
||||
* \param cache SSL cache context
|
||||
*/
|
||||
void ssl_cache_free( ssl_cache_context *cache );
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* ssl_cache.h */
|
||||
@@ -1,75 +0,0 @@
|
||||
/**
|
||||
* \file timing.h
|
||||
*
|
||||
* \brief Portable interface to the CPU cycle counter
|
||||
*
|
||||
* Copyright (C) 2006-2010, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
#ifndef POLARSSL_TIMING_H
|
||||
#define POLARSSL_TIMING_H
|
||||
|
||||
/**
|
||||
* \brief timer structure
|
||||
*/
|
||||
struct hr_time
|
||||
{
|
||||
unsigned char opaque[32];
|
||||
};
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
extern volatile int alarmed;
|
||||
|
||||
/**
|
||||
* \brief Return the CPU cycle counter value
|
||||
*/
|
||||
unsigned long hardclock( void );
|
||||
|
||||
/**
|
||||
* \brief Return the elapsed time in milliseconds
|
||||
*
|
||||
* \param val points to a timer structure
|
||||
* \param reset if set to 1, the timer is restarted
|
||||
*/
|
||||
unsigned long get_timer( struct hr_time *val, int reset );
|
||||
|
||||
/**
|
||||
* \brief Setup an alarm clock
|
||||
*
|
||||
* \param seconds delay before the "alarmed" flag is set
|
||||
*/
|
||||
void set_alarm( int seconds );
|
||||
|
||||
/**
|
||||
* \brief Sleep for a certain amount of time
|
||||
*
|
||||
* \param milliseconds delay in milliseconds
|
||||
*/
|
||||
void m_sleep( int milliseconds );
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* timing.h */
|
||||
@@ -1,81 +0,0 @@
|
||||
/**
|
||||
* \file version.h
|
||||
*
|
||||
* \brief Run-time version information
|
||||
*
|
||||
* Copyright (C) 2006-2012, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
/*
|
||||
* This set of compile-time defines and run-time variables can be used to
|
||||
* determine the version number of the PolarSSL library used.
|
||||
*/
|
||||
#ifndef POLARSSL_VERSION_H
|
||||
#define POLARSSL_VERSION_H
|
||||
|
||||
#include "polarssl/config.h"
|
||||
|
||||
/**
|
||||
* The version number x.y.z is split into three parts.
|
||||
* Major, Minor, Patchlevel
|
||||
*/
|
||||
#define POLARSSL_VERSION_MAJOR 1
|
||||
#define POLARSSL_VERSION_MINOR 2
|
||||
#define POLARSSL_VERSION_PATCH 8
|
||||
|
||||
/**
|
||||
* The single version number has the following structure:
|
||||
* MMNNPP00
|
||||
* Major version | Minor version | Patch version
|
||||
*/
|
||||
#define POLARSSL_VERSION_NUMBER 0x01020800
|
||||
#define POLARSSL_VERSION_STRING "1.2.8"
|
||||
#define POLARSSL_VERSION_STRING_FULL "PolarSSL 1.2.8"
|
||||
|
||||
#if defined(POLARSSL_VERSION_C)
|
||||
|
||||
/**
|
||||
* Get the version number.
|
||||
*
|
||||
* \return The constructed version number in the format
|
||||
* MMNNPP00 (Major, Minor, Patch).
|
||||
*/
|
||||
unsigned int version_get_number( void );
|
||||
|
||||
/**
|
||||
* Get the version string ("x.y.z").
|
||||
*
|
||||
* \param string The string that will receive the value.
|
||||
* (Should be at least 9 bytes in size)
|
||||
*/
|
||||
void version_get_string( char *string );
|
||||
|
||||
/**
|
||||
* Get the full version string ("PolarSSL x.y.z").
|
||||
*
|
||||
* \param string The string that will receive the value.
|
||||
* (Should be at least 18 bytes in size)
|
||||
*/
|
||||
void version_get_string_full( char *string );
|
||||
|
||||
#endif /* POLARSSL_VERSION_C */
|
||||
|
||||
#endif /* version.h */
|
||||
@@ -1,778 +0,0 @@
|
||||
/**
|
||||
* \file x509.h
|
||||
*
|
||||
* \brief X.509 certificate and private key decoding
|
||||
*
|
||||
* Copyright (C) 2006-2011, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
#ifndef POLARSSL_X509_H
|
||||
#define POLARSSL_X509_H
|
||||
|
||||
#include "polarssl/asn1.h"
|
||||
#include "polarssl/rsa.h"
|
||||
#include "polarssl/dhm.h"
|
||||
|
||||
/**
|
||||
* \addtogroup x509_module
|
||||
* \{
|
||||
*/
|
||||
|
||||
/**
|
||||
* \name X509 Error codes
|
||||
* \{
|
||||
*/
|
||||
#define POLARSSL_ERR_X509_FEATURE_UNAVAILABLE -0x2080 /**< Unavailable feature, e.g. RSA hashing/encryption combination. */
|
||||
#define POLARSSL_ERR_X509_CERT_INVALID_PEM -0x2100 /**< The PEM-encoded certificate contains invalid elements, e.g. invalid character. */
|
||||
#define POLARSSL_ERR_X509_CERT_INVALID_FORMAT -0x2180 /**< The certificate format is invalid, e.g. different type expected. */
|
||||
#define POLARSSL_ERR_X509_CERT_INVALID_VERSION -0x2200 /**< The certificate version element is invalid. */
|
||||
#define POLARSSL_ERR_X509_CERT_INVALID_SERIAL -0x2280 /**< The serial tag or value is invalid. */
|
||||
#define POLARSSL_ERR_X509_CERT_INVALID_ALG -0x2300 /**< The algorithm tag or value is invalid. */
|
||||
#define POLARSSL_ERR_X509_CERT_INVALID_NAME -0x2380 /**< The name tag or value is invalid. */
|
||||
#define POLARSSL_ERR_X509_CERT_INVALID_DATE -0x2400 /**< The date tag or value is invalid. */
|
||||
#define POLARSSL_ERR_X509_CERT_INVALID_PUBKEY -0x2480 /**< The pubkey tag or value is invalid (only RSA is supported). */
|
||||
#define POLARSSL_ERR_X509_CERT_INVALID_SIGNATURE -0x2500 /**< The signature tag or value invalid. */
|
||||
#define POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS -0x2580 /**< The extension tag or value is invalid. */
|
||||
#define POLARSSL_ERR_X509_CERT_UNKNOWN_VERSION -0x2600 /**< Certificate or CRL has an unsupported version number. */
|
||||
#define POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG -0x2680 /**< Signature algorithm (oid) is unsupported. */
|
||||
#define POLARSSL_ERR_X509_UNKNOWN_PK_ALG -0x2700 /**< Key algorithm is unsupported (only RSA is supported). */
|
||||
#define POLARSSL_ERR_X509_CERT_SIG_MISMATCH -0x2780 /**< Certificate signature algorithms do not match. (see \c ::x509_cert sig_oid) */
|
||||
#define POLARSSL_ERR_X509_CERT_VERIFY_FAILED -0x2800 /**< Certificate verification failed, e.g. CRL, CA or signature check failed. */
|
||||
#define POLARSSL_ERR_X509_KEY_INVALID_VERSION -0x2880 /**< Unsupported RSA key version */
|
||||
#define POLARSSL_ERR_X509_KEY_INVALID_FORMAT -0x2900 /**< Invalid RSA key tag or value. */
|
||||
#define POLARSSL_ERR_X509_CERT_UNKNOWN_FORMAT -0x2980 /**< Format not recognized as DER or PEM. */
|
||||
#define POLARSSL_ERR_X509_INVALID_INPUT -0x2A00 /**< Input invalid. */
|
||||
#define POLARSSL_ERR_X509_MALLOC_FAILED -0x2A80 /**< Allocation of memory failed. */
|
||||
#define POLARSSL_ERR_X509_FILE_IO_ERROR -0x2B00 /**< Read/write of file failed. */
|
||||
#define POLARSSL_ERR_X509_PASSWORD_REQUIRED -0x2B80 /**< Private key password can't be empty. */
|
||||
#define POLARSSL_ERR_X509_PASSWORD_MISMATCH -0x2C00 /**< Given private key password does not allow for correct decryption. */
|
||||
/* \} name */
|
||||
|
||||
|
||||
/**
|
||||
* \name X509 Verify codes
|
||||
* \{
|
||||
*/
|
||||
#define BADCERT_EXPIRED 0x01 /**< The certificate validity has expired. */
|
||||
#define BADCERT_REVOKED 0x02 /**< The certificate has been revoked (is on a CRL). */
|
||||
#define BADCERT_CN_MISMATCH 0x04 /**< The certificate Common Name (CN) does not match with the expected CN. */
|
||||
#define BADCERT_NOT_TRUSTED 0x08 /**< The certificate is not correctly signed by the trusted CA. */
|
||||
#define BADCRL_NOT_TRUSTED 0x10 /**< CRL is not correctly signed by the trusted CA. */
|
||||
#define BADCRL_EXPIRED 0x20 /**< CRL is expired. */
|
||||
#define BADCERT_MISSING 0x40 /**< Certificate was missing. */
|
||||
#define BADCERT_SKIP_VERIFY 0x80 /**< Certificate verification was skipped. */
|
||||
#define BADCERT_OTHER 0x0100 /**< Other reason (can be used by verify callback) */
|
||||
/* \} name */
|
||||
/* \} addtogroup x509_module */
|
||||
|
||||
/*
|
||||
* various object identifiers
|
||||
*/
|
||||
#define X520_COMMON_NAME 3
|
||||
#define X520_COUNTRY 6
|
||||
#define X520_LOCALITY 7
|
||||
#define X520_STATE 8
|
||||
#define X520_ORGANIZATION 10
|
||||
#define X520_ORG_UNIT 11
|
||||
#define PKCS9_EMAIL 1
|
||||
|
||||
#define X509_OUTPUT_DER 0x01
|
||||
#define X509_OUTPUT_PEM 0x02
|
||||
#define PEM_LINE_LENGTH 72
|
||||
#define X509_ISSUER 0x01
|
||||
#define X509_SUBJECT 0x02
|
||||
|
||||
#define OID_X520 "\x55\x04"
|
||||
#define OID_CN OID_X520 "\x03"
|
||||
#define OID_COUNTRY OID_X520 "\x06"
|
||||
#define OID_LOCALITY OID_X520 "\x07"
|
||||
#define OID_STATE OID_X520 "\x08"
|
||||
#define OID_ORGANIZATION OID_X520 "\x0A"
|
||||
#define OID_ORG_UNIT OID_X520 "\x0B"
|
||||
|
||||
#define OID_PKCS1 "\x2A\x86\x48\x86\xF7\x0D\x01\x01"
|
||||
#define OID_PKCS1_RSA OID_PKCS1 "\x01"
|
||||
#define OID_PKCS1_SHA1 OID_PKCS1 "\x05"
|
||||
|
||||
#define OID_RSA_SHA_OBS "\x2B\x0E\x03\x02\x1D"
|
||||
|
||||
#define OID_PKCS9 "\x2A\x86\x48\x86\xF7\x0D\x01\x09"
|
||||
#define OID_PKCS9_EMAIL OID_PKCS9 "\x01"
|
||||
|
||||
/** ISO arc for standard certificate and CRL extensions */
|
||||
#define OID_ID_CE "\x55\x1D" /**< id-ce OBJECT IDENTIFIER ::= {joint-iso-ccitt(2) ds(5) 29} */
|
||||
|
||||
/**
|
||||
* Private Internet Extensions
|
||||
* { iso(1) identified-organization(3) dod(6) internet(1)
|
||||
* security(5) mechanisms(5) pkix(7) }
|
||||
*/
|
||||
#define OID_PKIX "\x2B\x06\x01\x05\x05\x07"
|
||||
|
||||
/*
|
||||
* OIDs for standard certificate extensions
|
||||
*/
|
||||
#define OID_AUTHORITY_KEY_IDENTIFIER OID_ID_CE "\x23" /**< id-ce-authorityKeyIdentifier OBJECT IDENTIFIER ::= { id-ce 35 } */
|
||||
#define OID_SUBJECT_KEY_IDENTIFIER OID_ID_CE "\x0E" /**< id-ce-subjectKeyIdentifier OBJECT IDENTIFIER ::= { id-ce 14 } */
|
||||
#define OID_KEY_USAGE OID_ID_CE "\x0F" /**< id-ce-keyUsage OBJECT IDENTIFIER ::= { id-ce 15 } */
|
||||
#define OID_CERTIFICATE_POLICIES OID_ID_CE "\x20" /**< id-ce-certificatePolicies OBJECT IDENTIFIER ::= { id-ce 32 } */
|
||||
#define OID_POLICY_MAPPINGS OID_ID_CE "\x21" /**< id-ce-policyMappings OBJECT IDENTIFIER ::= { id-ce 33 } */
|
||||
#define OID_SUBJECT_ALT_NAME OID_ID_CE "\x11" /**< id-ce-subjectAltName OBJECT IDENTIFIER ::= { id-ce 17 } */
|
||||
#define OID_ISSUER_ALT_NAME OID_ID_CE "\x12" /**< id-ce-issuerAltName OBJECT IDENTIFIER ::= { id-ce 18 } */
|
||||
#define OID_SUBJECT_DIRECTORY_ATTRS OID_ID_CE "\x09" /**< id-ce-subjectDirectoryAttributes OBJECT IDENTIFIER ::= { id-ce 9 } */
|
||||
#define OID_BASIC_CONSTRAINTS OID_ID_CE "\x13" /**< id-ce-basicConstraints OBJECT IDENTIFIER ::= { id-ce 19 } */
|
||||
#define OID_NAME_CONSTRAINTS OID_ID_CE "\x1E" /**< id-ce-nameConstraints OBJECT IDENTIFIER ::= { id-ce 30 } */
|
||||
#define OID_POLICY_CONSTRAINTS OID_ID_CE "\x24" /**< id-ce-policyConstraints OBJECT IDENTIFIER ::= { id-ce 36 } */
|
||||
#define OID_EXTENDED_KEY_USAGE OID_ID_CE "\x25" /**< id-ce-extKeyUsage OBJECT IDENTIFIER ::= { id-ce 37 } */
|
||||
#define OID_CRL_DISTRIBUTION_POINTS OID_ID_CE "\x1F" /**< id-ce-cRLDistributionPoints OBJECT IDENTIFIER ::= { id-ce 31 } */
|
||||
#define OID_INIHIBIT_ANYPOLICY OID_ID_CE "\x36" /**< id-ce-inhibitAnyPolicy OBJECT IDENTIFIER ::= { id-ce 54 } */
|
||||
#define OID_FRESHEST_CRL OID_ID_CE "\x2E" /**< id-ce-freshestCRL OBJECT IDENTIFIER ::= { id-ce 46 } */
|
||||
|
||||
/*
|
||||
* X.509 v3 Key Usage Extension flags
|
||||
*/
|
||||
#define KU_DIGITAL_SIGNATURE (0x80) /* bit 0 */
|
||||
#define KU_NON_REPUDIATION (0x40) /* bit 1 */
|
||||
#define KU_KEY_ENCIPHERMENT (0x20) /* bit 2 */
|
||||
#define KU_DATA_ENCIPHERMENT (0x10) /* bit 3 */
|
||||
#define KU_KEY_AGREEMENT (0x08) /* bit 4 */
|
||||
#define KU_KEY_CERT_SIGN (0x04) /* bit 5 */
|
||||
#define KU_CRL_SIGN (0x02) /* bit 6 */
|
||||
|
||||
/*
|
||||
* X.509 v3 Extended key usage OIDs
|
||||
*/
|
||||
#define OID_ANY_EXTENDED_KEY_USAGE OID_EXTENDED_KEY_USAGE "\x00" /**< anyExtendedKeyUsage OBJECT IDENTIFIER ::= { id-ce-extKeyUsage 0 } */
|
||||
|
||||
#define OID_KP OID_PKIX "\x03" /**< id-kp OBJECT IDENTIFIER ::= { id-pkix 3 } */
|
||||
#define OID_SERVER_AUTH OID_KP "\x01" /**< id-kp-serverAuth OBJECT IDENTIFIER ::= { id-kp 1 } */
|
||||
#define OID_CLIENT_AUTH OID_KP "\x02" /**< id-kp-clientAuth OBJECT IDENTIFIER ::= { id-kp 2 } */
|
||||
#define OID_CODE_SIGNING OID_KP "\x03" /**< id-kp-codeSigning OBJECT IDENTIFIER ::= { id-kp 3 } */
|
||||
#define OID_EMAIL_PROTECTION OID_KP "\x04" /**< id-kp-emailProtection OBJECT IDENTIFIER ::= { id-kp 4 } */
|
||||
#define OID_TIME_STAMPING OID_KP "\x08" /**< id-kp-timeStamping OBJECT IDENTIFIER ::= { id-kp 8 } */
|
||||
#define OID_OCSP_SIGNING OID_KP "\x09" /**< id-kp-OCSPSigning OBJECT IDENTIFIER ::= { id-kp 9 } */
|
||||
|
||||
#define STRING_SERVER_AUTH "TLS Web Server Authentication"
|
||||
#define STRING_CLIENT_AUTH "TLS Web Client Authentication"
|
||||
#define STRING_CODE_SIGNING "Code Signing"
|
||||
#define STRING_EMAIL_PROTECTION "E-mail Protection"
|
||||
#define STRING_TIME_STAMPING "Time Stamping"
|
||||
#define STRING_OCSP_SIGNING "OCSP Signing"
|
||||
|
||||
/*
|
||||
* OIDs for CRL extensions
|
||||
*/
|
||||
#define OID_PRIVATE_KEY_USAGE_PERIOD OID_ID_CE "\x10"
|
||||
#define OID_CRL_NUMBER OID_ID_CE "\x14" /**< id-ce-cRLNumber OBJECT IDENTIFIER ::= { id-ce 20 } */
|
||||
|
||||
/*
|
||||
* Netscape certificate extensions
|
||||
*/
|
||||
#define OID_NETSCAPE "\x60\x86\x48\x01\x86\xF8\x42" /**< Netscape OID */
|
||||
#define OID_NS_CERT OID_NETSCAPE "\x01"
|
||||
#define OID_NS_CERT_TYPE OID_NS_CERT "\x01"
|
||||
#define OID_NS_BASE_URL OID_NS_CERT "\x02"
|
||||
#define OID_NS_REVOCATION_URL OID_NS_CERT "\x03"
|
||||
#define OID_NS_CA_REVOCATION_URL OID_NS_CERT "\x04"
|
||||
#define OID_NS_RENEWAL_URL OID_NS_CERT "\x07"
|
||||
#define OID_NS_CA_POLICY_URL OID_NS_CERT "\x08"
|
||||
#define OID_NS_SSL_SERVER_NAME OID_NS_CERT "\x0C"
|
||||
#define OID_NS_COMMENT OID_NS_CERT "\x0D"
|
||||
#define OID_NS_DATA_TYPE OID_NETSCAPE "\x02"
|
||||
#define OID_NS_CERT_SEQUENCE OID_NS_DATA_TYPE "\x05"
|
||||
|
||||
/*
|
||||
* Netscape certificate types
|
||||
* (http://www.mozilla.org/projects/security/pki/nss/tech-notes/tn3.html)
|
||||
*/
|
||||
|
||||
#define NS_CERT_TYPE_SSL_CLIENT (0x80) /* bit 0 */
|
||||
#define NS_CERT_TYPE_SSL_SERVER (0x40) /* bit 1 */
|
||||
#define NS_CERT_TYPE_EMAIL (0x20) /* bit 2 */
|
||||
#define NS_CERT_TYPE_OBJECT_SIGNING (0x10) /* bit 3 */
|
||||
#define NS_CERT_TYPE_RESERVED (0x08) /* bit 4 */
|
||||
#define NS_CERT_TYPE_SSL_CA (0x04) /* bit 5 */
|
||||
#define NS_CERT_TYPE_EMAIL_CA (0x02) /* bit 6 */
|
||||
#define NS_CERT_TYPE_OBJECT_SIGNING_CA (0x01) /* bit 7 */
|
||||
|
||||
#define EXT_AUTHORITY_KEY_IDENTIFIER (1 << 0)
|
||||
#define EXT_SUBJECT_KEY_IDENTIFIER (1 << 1)
|
||||
#define EXT_KEY_USAGE (1 << 2)
|
||||
#define EXT_CERTIFICATE_POLICIES (1 << 3)
|
||||
#define EXT_POLICY_MAPPINGS (1 << 4)
|
||||
#define EXT_SUBJECT_ALT_NAME (1 << 5)
|
||||
#define EXT_ISSUER_ALT_NAME (1 << 6)
|
||||
#define EXT_SUBJECT_DIRECTORY_ATTRS (1 << 7)
|
||||
#define EXT_BASIC_CONSTRAINTS (1 << 8)
|
||||
#define EXT_NAME_CONSTRAINTS (1 << 9)
|
||||
#define EXT_POLICY_CONSTRAINTS (1 << 10)
|
||||
#define EXT_EXTENDED_KEY_USAGE (1 << 11)
|
||||
#define EXT_CRL_DISTRIBUTION_POINTS (1 << 12)
|
||||
#define EXT_INIHIBIT_ANYPOLICY (1 << 13)
|
||||
#define EXT_FRESHEST_CRL (1 << 14)
|
||||
|
||||
#define EXT_NS_CERT_TYPE (1 << 16)
|
||||
|
||||
/*
|
||||
* Storage format identifiers
|
||||
* Recognized formats: PEM and DER
|
||||
*/
|
||||
#define X509_FORMAT_DER 1
|
||||
#define X509_FORMAT_PEM 2
|
||||
|
||||
/**
|
||||
* \addtogroup x509_module
|
||||
* \{ */
|
||||
|
||||
/**
|
||||
* \name Structures for parsing X.509 certificates and CRLs
|
||||
* \{
|
||||
*/
|
||||
|
||||
/**
|
||||
* Type-length-value structure that allows for ASN1 using DER.
|
||||
*/
|
||||
typedef asn1_buf x509_buf;
|
||||
|
||||
/**
|
||||
* Container for ASN1 bit strings.
|
||||
*/
|
||||
typedef asn1_bitstring x509_bitstring;
|
||||
|
||||
/**
|
||||
* Container for ASN1 named information objects.
|
||||
* It allows for Relative Distinguished Names (e.g. cn=polarssl,ou=code,etc.).
|
||||
*/
|
||||
typedef struct _x509_name
|
||||
{
|
||||
x509_buf oid; /**< The object identifier. */
|
||||
x509_buf val; /**< The named value. */
|
||||
struct _x509_name *next; /**< The next named information object. */
|
||||
}
|
||||
x509_name;
|
||||
|
||||
/**
|
||||
* Container for a sequence of ASN.1 items
|
||||
*/
|
||||
typedef asn1_sequence x509_sequence;
|
||||
|
||||
/** Container for date and time (precision in seconds). */
|
||||
typedef struct _x509_time
|
||||
{
|
||||
int year, mon, day; /**< Date. */
|
||||
int hour, min, sec; /**< Time. */
|
||||
}
|
||||
x509_time;
|
||||
|
||||
/**
|
||||
* Container for an X.509 certificate. The certificate may be chained.
|
||||
*/
|
||||
typedef struct _x509_cert
|
||||
{
|
||||
x509_buf raw; /**< The raw certificate data (DER). */
|
||||
x509_buf tbs; /**< The raw certificate body (DER). The part that is To Be Signed. */
|
||||
|
||||
int version; /**< The X.509 version. (0=v1, 1=v2, 2=v3) */
|
||||
x509_buf serial; /**< Unique id for certificate issued by a specific CA. */
|
||||
x509_buf sig_oid1; /**< Signature algorithm, e.g. sha1RSA */
|
||||
|
||||
x509_buf issuer_raw; /**< The raw issuer data (DER). Used for quick comparison. */
|
||||
x509_buf subject_raw; /**< The raw subject data (DER). Used for quick comparison. */
|
||||
|
||||
x509_name issuer; /**< The parsed issuer data (named information object). */
|
||||
x509_name subject; /**< The parsed subject data (named information object). */
|
||||
|
||||
x509_time valid_from; /**< Start time of certificate validity. */
|
||||
x509_time valid_to; /**< End time of certificate validity. */
|
||||
|
||||
x509_buf pk_oid; /**< Subject public key info. Includes the public key algorithm and the key itself. */
|
||||
rsa_context rsa; /**< Container for the RSA context. Only RSA is supported for public keys at this time. */
|
||||
|
||||
x509_buf issuer_id; /**< Optional X.509 v2/v3 issuer unique identifier. */
|
||||
x509_buf subject_id; /**< Optional X.509 v2/v3 subject unique identifier. */
|
||||
x509_buf v3_ext; /**< Optional X.509 v3 extensions. Only Basic Contraints are supported at this time. */
|
||||
x509_sequence subject_alt_names; /**< Optional list of Subject Alternative Names (Only dNSName supported). */
|
||||
|
||||
int ext_types; /**< Bit string containing detected and parsed extensions */
|
||||
int ca_istrue; /**< Optional Basic Constraint extension value: 1 if this certificate belongs to a CA, 0 otherwise. */
|
||||
int max_pathlen; /**< Optional Basic Constraint extension value: The maximum path length to the root certificate. Path length is 1 higher than RFC 5280 'meaning', so 1+ */
|
||||
|
||||
unsigned char key_usage; /**< Optional key usage extension value: See the values below */
|
||||
|
||||
x509_sequence ext_key_usage; /**< Optional list of extended key usage OIDs. */
|
||||
|
||||
unsigned char ns_cert_type; /**< Optional Netscape certificate type extension value: See the values below */
|
||||
|
||||
x509_buf sig_oid2; /**< Signature algorithm. Must match sig_oid1. */
|
||||
x509_buf sig; /**< Signature: hash of the tbs part signed with the private key. */
|
||||
int sig_alg; /**< Internal representation of the signature algorithm, e.g. SIG_RSA_MD2 */
|
||||
|
||||
struct _x509_cert *next; /**< Next certificate in the CA-chain. */
|
||||
}
|
||||
x509_cert;
|
||||
|
||||
/**
|
||||
* Certificate revocation list entry.
|
||||
* Contains the CA-specific serial numbers and revocation dates.
|
||||
*/
|
||||
typedef struct _x509_crl_entry
|
||||
{
|
||||
x509_buf raw;
|
||||
|
||||
x509_buf serial;
|
||||
|
||||
x509_time revocation_date;
|
||||
|
||||
x509_buf entry_ext;
|
||||
|
||||
struct _x509_crl_entry *next;
|
||||
}
|
||||
x509_crl_entry;
|
||||
|
||||
/**
|
||||
* Certificate revocation list structure.
|
||||
* Every CRL may have multiple entries.
|
||||
*/
|
||||
typedef struct _x509_crl
|
||||
{
|
||||
x509_buf raw; /**< The raw certificate data (DER). */
|
||||
x509_buf tbs; /**< The raw certificate body (DER). The part that is To Be Signed. */
|
||||
|
||||
int version;
|
||||
x509_buf sig_oid1;
|
||||
|
||||
x509_buf issuer_raw; /**< The raw issuer data (DER). */
|
||||
|
||||
x509_name issuer; /**< The parsed issuer data (named information object). */
|
||||
|
||||
x509_time this_update;
|
||||
x509_time next_update;
|
||||
|
||||
x509_crl_entry entry; /**< The CRL entries containing the certificate revocation times for this CA. */
|
||||
|
||||
x509_buf crl_ext;
|
||||
|
||||
x509_buf sig_oid2;
|
||||
x509_buf sig;
|
||||
int sig_alg;
|
||||
|
||||
struct _x509_crl *next;
|
||||
}
|
||||
x509_crl;
|
||||
/** \} name Structures for parsing X.509 certificates and CRLs */
|
||||
/** \} addtogroup x509_module */
|
||||
|
||||
/**
|
||||
* \name Structures for writing X.509 certificates.
|
||||
* XvP: commented out as they are not used.
|
||||
* - <tt>typedef struct _x509_node x509_node;</tt>
|
||||
* - <tt>typedef struct _x509_raw x509_raw;</tt>
|
||||
*/
|
||||
/*
|
||||
typedef struct _x509_node
|
||||
{
|
||||
unsigned char *data;
|
||||
unsigned char *p;
|
||||
unsigned char *end;
|
||||
|
||||
size_t len;
|
||||
}
|
||||
x509_node;
|
||||
|
||||
typedef struct _x509_raw
|
||||
{
|
||||
x509_node raw;
|
||||
x509_node tbs;
|
||||
|
||||
x509_node version;
|
||||
x509_node serial;
|
||||
x509_node tbs_signalg;
|
||||
x509_node issuer;
|
||||
x509_node validity;
|
||||
x509_node subject;
|
||||
x509_node subpubkey;
|
||||
|
||||
x509_node signalg;
|
||||
x509_node sign;
|
||||
}
|
||||
x509_raw;
|
||||
*/
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/**
|
||||
* \name Functions to read in DHM parameters, a certificate, CRL or private RSA key
|
||||
* \{
|
||||
*/
|
||||
|
||||
/** \ingroup x509_module */
|
||||
/**
|
||||
* \brief Parse a single DER formatted certificate and add it
|
||||
* to the chained list.
|
||||
*
|
||||
* \param chain points to the start of the chain
|
||||
* \param buf buffer holding the certificate DER data
|
||||
* \param buflen size of the buffer
|
||||
*
|
||||
* \return 0 if successful, or a specific X509 or PEM error code
|
||||
*/
|
||||
int x509parse_crt_der( x509_cert *chain, const unsigned char *buf, size_t buflen );
|
||||
|
||||
/**
|
||||
* \brief Parse one or more certificates and add them
|
||||
* to the chained list. Parses permissively. If some
|
||||
* certificates can be parsed, the result is the number
|
||||
* of failed certificates it encountered. If none complete
|
||||
* correctly, the first error is returned.
|
||||
*
|
||||
* \param chain points to the start of the chain
|
||||
* \param buf buffer holding the certificate data
|
||||
* \param buflen size of the buffer
|
||||
*
|
||||
* \return 0 if all certificates parsed successfully, a positive number
|
||||
* if partly successful or a specific X509 or PEM error code
|
||||
*/
|
||||
int x509parse_crt( x509_cert *chain, const unsigned char *buf, size_t buflen );
|
||||
|
||||
/** \ingroup x509_module */
|
||||
/**
|
||||
* \brief Load one or more certificates and add them
|
||||
* to the chained list. Parses permissively. If some
|
||||
* certificates can be parsed, the result is the number
|
||||
* of failed certificates it encountered. If none complete
|
||||
* correctly, the first error is returned.
|
||||
*
|
||||
* \param chain points to the start of the chain
|
||||
* \param path filename to read the certificates from
|
||||
*
|
||||
* \return 0 if all certificates parsed successfully, a positive number
|
||||
* if partly successful or a specific X509 or PEM error code
|
||||
*/
|
||||
int x509parse_crtfile( x509_cert *chain, const char *path );
|
||||
|
||||
/** \ingroup x509_module */
|
||||
/**
|
||||
* \brief Load one or more certificate files from a path and add them
|
||||
* to the chained list. Parses permissively. If some
|
||||
* certificates can be parsed, the result is the number
|
||||
* of failed certificates it encountered. If none complete
|
||||
* correctly, the first error is returned.
|
||||
*
|
||||
* \param chain points to the start of the chain
|
||||
* \param path directory / folder to read the certificate files from
|
||||
*
|
||||
* \return 0 if all certificates parsed successfully, a positive number
|
||||
* if partly successful or a specific X509 or PEM error code
|
||||
*/
|
||||
int x509parse_crtpath( x509_cert *chain, const char *path );
|
||||
|
||||
/** \ingroup x509_module */
|
||||
/**
|
||||
* \brief Parse one or more CRLs and add them
|
||||
* to the chained list
|
||||
*
|
||||
* \param chain points to the start of the chain
|
||||
* \param buf buffer holding the CRL data
|
||||
* \param buflen size of the buffer
|
||||
*
|
||||
* \return 0 if successful, or a specific X509 or PEM error code
|
||||
*/
|
||||
int x509parse_crl( x509_crl *chain, const unsigned char *buf, size_t buflen );
|
||||
|
||||
/** \ingroup x509_module */
|
||||
/**
|
||||
* \brief Load one or more CRLs and add them
|
||||
* to the chained list
|
||||
*
|
||||
* \param chain points to the start of the chain
|
||||
* \param path filename to read the CRLs from
|
||||
*
|
||||
* \return 0 if successful, or a specific X509 or PEM error code
|
||||
*/
|
||||
int x509parse_crlfile( x509_crl *chain, const char *path );
|
||||
|
||||
/** \ingroup x509_module */
|
||||
/**
|
||||
* \brief Parse a private RSA key
|
||||
*
|
||||
* \param rsa RSA context to be initialized
|
||||
* \param key input buffer
|
||||
* \param keylen size of the buffer
|
||||
* \param pwd password for decryption (optional)
|
||||
* \param pwdlen size of the password
|
||||
*
|
||||
* \return 0 if successful, or a specific X509 or PEM error code
|
||||
*/
|
||||
int x509parse_key( rsa_context *rsa,
|
||||
const unsigned char *key, size_t keylen,
|
||||
const unsigned char *pwd, size_t pwdlen );
|
||||
|
||||
/** \ingroup x509_module */
|
||||
/**
|
||||
* \brief Load and parse a private RSA key
|
||||
*
|
||||
* \param rsa RSA context to be initialized
|
||||
* \param path filename to read the private key from
|
||||
* \param password password to decrypt the file (can be NULL)
|
||||
*
|
||||
* \return 0 if successful, or a specific X509 or PEM error code
|
||||
*/
|
||||
int x509parse_keyfile( rsa_context *rsa, const char *path,
|
||||
const char *password );
|
||||
|
||||
/** \ingroup x509_module */
|
||||
/**
|
||||
* \brief Parse a public RSA key
|
||||
*
|
||||
* \param rsa RSA context to be initialized
|
||||
* \param key input buffer
|
||||
* \param keylen size of the buffer
|
||||
*
|
||||
* \return 0 if successful, or a specific X509 or PEM error code
|
||||
*/
|
||||
int x509parse_public_key( rsa_context *rsa,
|
||||
const unsigned char *key, size_t keylen );
|
||||
|
||||
/** \ingroup x509_module */
|
||||
/**
|
||||
* \brief Load and parse a public RSA key
|
||||
*
|
||||
* \param rsa RSA context to be initialized
|
||||
* \param path filename to read the private key from
|
||||
*
|
||||
* \return 0 if successful, or a specific X509 or PEM error code
|
||||
*/
|
||||
int x509parse_public_keyfile( rsa_context *rsa, const char *path );
|
||||
|
||||
/** \ingroup x509_module */
|
||||
/**
|
||||
* \brief Parse DHM parameters
|
||||
*
|
||||
* \param dhm DHM context to be initialized
|
||||
* \param dhmin input buffer
|
||||
* \param dhminlen size of the buffer
|
||||
*
|
||||
* \return 0 if successful, or a specific X509 or PEM error code
|
||||
*/
|
||||
int x509parse_dhm( dhm_context *dhm, const unsigned char *dhmin, size_t dhminlen );
|
||||
|
||||
/** \ingroup x509_module */
|
||||
/**
|
||||
* \brief Load and parse DHM parameters
|
||||
*
|
||||
* \param dhm DHM context to be initialized
|
||||
* \param path filename to read the DHM Parameters from
|
||||
*
|
||||
* \return 0 if successful, or a specific X509 or PEM error code
|
||||
*/
|
||||
int x509parse_dhmfile( dhm_context *dhm, const char *path );
|
||||
|
||||
/** \} name Functions to read in DHM parameters, a certificate, CRL or private RSA key */
|
||||
|
||||
/**
|
||||
* \brief Store the certificate DN in printable form into buf;
|
||||
* no more than size characters will be written.
|
||||
*
|
||||
* \param buf Buffer to write to
|
||||
* \param size Maximum size of buffer
|
||||
* \param dn The X509 name to represent
|
||||
*
|
||||
* \return The amount of data written to the buffer, or -1 in
|
||||
* case of an error.
|
||||
*/
|
||||
int x509parse_dn_gets( char *buf, size_t size, const x509_name *dn );
|
||||
|
||||
/**
|
||||
* \brief Store the certificate serial in printable form into buf;
|
||||
* no more than size characters will be written.
|
||||
*
|
||||
* \param buf Buffer to write to
|
||||
* \param size Maximum size of buffer
|
||||
* \param serial The X509 serial to represent
|
||||
*
|
||||
* \return The amount of data written to the buffer, or -1 in
|
||||
* case of an error.
|
||||
*/
|
||||
int x509parse_serial_gets( char *buf, size_t size, const x509_buf *serial );
|
||||
|
||||
/**
|
||||
* \brief Returns an informational string about the
|
||||
* certificate.
|
||||
*
|
||||
* \param buf Buffer to write to
|
||||
* \param size Maximum size of buffer
|
||||
* \param prefix A line prefix
|
||||
* \param crt The X509 certificate to represent
|
||||
*
|
||||
* \return The amount of data written to the buffer, or -1 in
|
||||
* case of an error.
|
||||
*/
|
||||
int x509parse_cert_info( char *buf, size_t size, const char *prefix,
|
||||
const x509_cert *crt );
|
||||
|
||||
/**
|
||||
* \brief Returns an informational string about the
|
||||
* CRL.
|
||||
*
|
||||
* \param buf Buffer to write to
|
||||
* \param size Maximum size of buffer
|
||||
* \param prefix A line prefix
|
||||
* \param crl The X509 CRL to represent
|
||||
*
|
||||
* \return The amount of data written to the buffer, or -1 in
|
||||
* case of an error.
|
||||
*/
|
||||
int x509parse_crl_info( char *buf, size_t size, const char *prefix,
|
||||
const x509_crl *crl );
|
||||
|
||||
/**
|
||||
* \brief Give an known OID, return its descriptive string.
|
||||
*
|
||||
* \param oid buffer containing the oid
|
||||
*
|
||||
* \return Return a string if the OID is known,
|
||||
* or NULL otherwise.
|
||||
*/
|
||||
const char *x509_oid_get_description( x509_buf *oid );
|
||||
|
||||
/**
|
||||
* \brief Give an OID, return a string version of its OID number.
|
||||
*
|
||||
* \param buf Buffer to write to
|
||||
* \param size Maximum size of buffer
|
||||
* \param oid Buffer containing the OID
|
||||
*
|
||||
* \return The amount of data written to the buffer, or -1 in
|
||||
* case of an error.
|
||||
*/
|
||||
int x509_oid_get_numeric_string( char *buf, size_t size, x509_buf *oid );
|
||||
|
||||
/**
|
||||
* \brief Check a given x509_time against the system time and check
|
||||
* if it is valid.
|
||||
*
|
||||
* \param time x509_time to check
|
||||
*
|
||||
* \return Return 0 if the x509_time is still valid,
|
||||
* or 1 otherwise.
|
||||
*/
|
||||
int x509parse_time_expired( const x509_time *time );
|
||||
|
||||
/**
|
||||
* \name Functions to verify a certificate
|
||||
* \{
|
||||
*/
|
||||
/** \ingroup x509_module */
|
||||
/**
|
||||
* \brief Verify the certificate signature
|
||||
*
|
||||
* The verify callback is a user-supplied callback that
|
||||
* can clear / modify / add flags for a certificate. If set,
|
||||
* the verification callback is called for each
|
||||
* certificate in the chain (from the trust-ca down to the
|
||||
* presented crt). The parameters for the callback are:
|
||||
* (void *parameter, x509_cert *crt, int certificate_depth,
|
||||
* int *flags). With the flags representing current flags for
|
||||
* that specific certificate and the certificate depth from
|
||||
* the bottom (Peer cert depth = 0).
|
||||
*
|
||||
* All flags left after returning from the callback
|
||||
* are also returned to the application. The function should
|
||||
* return 0 for anything but a fatal error.
|
||||
*
|
||||
* \param crt a certificate to be verified
|
||||
* \param trust_ca the trusted CA chain
|
||||
* \param ca_crl the CRL chain for trusted CA's
|
||||
* \param cn expected Common Name (can be set to
|
||||
* NULL if the CN must not be verified)
|
||||
* \param flags result of the verification
|
||||
* \param f_vrfy verification function
|
||||
* \param p_vrfy verification parameter
|
||||
*
|
||||
* \return 0 if successful or POLARSSL_ERR_X509_SIG_VERIFY_FAILED,
|
||||
* in which case *flags will have one or more of
|
||||
* the following values set:
|
||||
* BADCERT_EXPIRED --
|
||||
* BADCERT_REVOKED --
|
||||
* BADCERT_CN_MISMATCH --
|
||||
* BADCERT_NOT_TRUSTED
|
||||
* or another error in case of a fatal error encountered
|
||||
* during the verification process.
|
||||
*/
|
||||
int x509parse_verify( x509_cert *crt,
|
||||
x509_cert *trust_ca,
|
||||
x509_crl *ca_crl,
|
||||
const char *cn, int *flags,
|
||||
int (*f_vrfy)(void *, x509_cert *, int, int *),
|
||||
void *p_vrfy );
|
||||
|
||||
/**
|
||||
* \brief Verify the certificate signature
|
||||
*
|
||||
* \param crt a certificate to be verified
|
||||
* \param crl the CRL to verify against
|
||||
*
|
||||
* \return 1 if the certificate is revoked, 0 otherwise
|
||||
*
|
||||
*/
|
||||
int x509parse_revoked( const x509_cert *crt, const x509_crl *crl );
|
||||
|
||||
/** \} name Functions to verify a certificate */
|
||||
|
||||
|
||||
|
||||
/**
|
||||
* \name Functions to clear a certificate, CRL or private RSA key
|
||||
* \{
|
||||
*/
|
||||
/** \ingroup x509_module */
|
||||
/**
|
||||
* \brief Unallocate all certificate data
|
||||
*
|
||||
* \param crt Certificate chain to free
|
||||
*/
|
||||
void x509_free( x509_cert *crt );
|
||||
|
||||
/** \ingroup x509_module */
|
||||
/**
|
||||
* \brief Unallocate all CRL data
|
||||
*
|
||||
* \param crl CRL chain to free
|
||||
*/
|
||||
void x509_crl_free( x509_crl *crl );
|
||||
|
||||
/** \} name Functions to clear a certificate, CRL or private RSA key */
|
||||
|
||||
|
||||
/**
|
||||
* \brief Checkup routine
|
||||
*
|
||||
* \return 0 if successful, or 1 if the test failed
|
||||
*/
|
||||
int x509_self_test( int verbose );
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* x509.h */
|
||||
@@ -1,46 +0,0 @@
|
||||
/**
|
||||
* \file x509write.h
|
||||
*
|
||||
* \brief X509 buffer writing functionality
|
||||
*
|
||||
* Copyright (C) 2006-2012, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
#ifndef POLARSSL_X509_WRITE_H
|
||||
#define POLARSSL_X509_WRITE_H
|
||||
|
||||
#include "polarssl/rsa.h"
|
||||
|
||||
typedef struct _x509_req_name
|
||||
{
|
||||
char oid[128];
|
||||
char name[128];
|
||||
|
||||
struct _x509_req_name *next;
|
||||
}
|
||||
x509_req_name;
|
||||
|
||||
int x509_write_pubkey_der( unsigned char *buf, size_t size, rsa_context *rsa );
|
||||
int x509_write_key_der( unsigned char *buf, size_t size, rsa_context *rsa );
|
||||
int x509_write_cert_req( unsigned char *buf, size_t size, rsa_context *rsa,
|
||||
x509_req_name *req_name, int hash_id );
|
||||
|
||||
#endif /* POLARSSL_X509_WRITE_H */
|
||||
@@ -1,129 +0,0 @@
|
||||
/**
|
||||
* \file xtea.h
|
||||
*
|
||||
* \brief XTEA block cipher (32-bit)
|
||||
*
|
||||
* Copyright (C) 2006-2013, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
#ifndef POLARSSL_XTEA_H
|
||||
#define POLARSSL_XTEA_H
|
||||
|
||||
#include "polarssl/config.h"
|
||||
|
||||
#include <string.h>
|
||||
|
||||
#ifdef _MSC_VER
|
||||
#include <basetsd.h>
|
||||
typedef UINT32 uint32_t;
|
||||
#else
|
||||
#include <inttypes.h>
|
||||
#endif
|
||||
|
||||
#define XTEA_ENCRYPT 1
|
||||
#define XTEA_DECRYPT 0
|
||||
|
||||
#define POLARSSL_ERR_XTEA_INVALID_INPUT_LENGTH -0x0028 /**< The data input has an invalid length. */
|
||||
|
||||
#if !defined(POLARSSL_XTEA_ALT)
|
||||
// Regular implementation
|
||||
//
|
||||
|
||||
/**
|
||||
* \brief XTEA context structure
|
||||
*/
|
||||
typedef struct
|
||||
{
|
||||
uint32_t k[4]; /*!< key */
|
||||
}
|
||||
xtea_context;
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/**
|
||||
* \brief XTEA key schedule
|
||||
*
|
||||
* \param ctx XTEA context to be initialized
|
||||
* \param key the secret key
|
||||
*/
|
||||
void xtea_setup( xtea_context *ctx, unsigned char key[16] );
|
||||
|
||||
/**
|
||||
* \brief XTEA cipher function
|
||||
*
|
||||
* \param ctx XTEA context
|
||||
* \param mode XTEA_ENCRYPT or XTEA_DECRYPT
|
||||
* \param input 8-byte input block
|
||||
* \param output 8-byte output block
|
||||
*
|
||||
* \return 0 if successful
|
||||
*/
|
||||
int xtea_crypt_ecb( xtea_context *ctx,
|
||||
int mode,
|
||||
unsigned char input[8],
|
||||
unsigned char output[8] );
|
||||
|
||||
/**
|
||||
* \brief XTEA CBC cipher function
|
||||
*
|
||||
* \param ctx XTEA context
|
||||
* \param mode XTEA_ENCRYPT or XTEA_DECRYPT
|
||||
* \param length the length of input, multiple of 8
|
||||
* \param iv initialization vector for CBC mode
|
||||
* \param input input block
|
||||
* \param output output block
|
||||
*
|
||||
* \return 0 if successful,
|
||||
* POLARSSL_ERR_XTEA_INVALID_INPUT_LENGTH if the length % 8 != 0
|
||||
*/
|
||||
int xtea_crypt_cbc( xtea_context *ctx,
|
||||
int mode,
|
||||
size_t length,
|
||||
unsigned char iv[8],
|
||||
unsigned char *input,
|
||||
unsigned char *output);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#else /* POLARSSL_XTEA_ALT */
|
||||
#include "polarssl/xtea_alt.h"
|
||||
#endif /* POLARSSL_XTEA_ALT */
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/**
|
||||
* \brief Checkup routine
|
||||
*
|
||||
* \return 0 if successful, or 1 if the test failed
|
||||
*/
|
||||
int xtea_self_test( int verbose );
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* xtea.h */
|
||||
Reference in New Issue
Block a user