diff options
Diffstat (limited to 'polarssl/src/include')
41 files changed, 0 insertions, 8942 deletions
diff --git a/polarssl/src/include/polarssl/aes.h b/polarssl/src/include/polarssl/aes.h deleted file mode 100644 index 80fd6d9..0000000 --- a/polarssl/src/include/polarssl/aes.h +++ /dev/null @@ -1,176 +0,0 @@ -/** - * \file aes.h - * - * \brief AES block cipher - * - * Copyright (C) 2006-2010, Brainspark B.V. - * - * This file is part of PolarSSL (http://www.polarssl.org) - * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> - * - * All rights reserved. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_AES_H -#define POLARSSL_AES_H - -#include <string.h> - -#define AES_ENCRYPT 1 -#define AES_DECRYPT 0 - -#define POLARSSL_ERR_AES_INVALID_KEY_LENGTH -0x0020 /**< Invalid key length. */ -#define POLARSSL_ERR_AES_INVALID_INPUT_LENGTH -0x0022 /**< Invalid data input length. */ - -/** - * \brief AES context structure - */ -typedef struct -{ - int nr; /*!< number of rounds */ - unsigned long *rk; /*!< AES round keys */ - unsigned long buf[68]; /*!< unaligned data */ -} -aes_context; - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief AES key schedule (encryption) - * - * \param ctx AES context to be initialized - * \param key encryption key - * \param keysize must be 128, 192 or 256 - * - * \return 0 if successful, or POLARSSL_ERR_AES_INVALID_KEY_LENGTH - */ -int aes_setkey_enc( aes_context *ctx, const unsigned char *key, unsigned int keysize ); - -/** - * \brief AES key schedule (decryption) - * - * \param ctx AES context to be initialized - * \param key decryption key - * \param keysize must be 128, 192 or 256 - * - * \return 0 if successful, or POLARSSL_ERR_AES_INVALID_KEY_LENGTH - */ -int aes_setkey_dec( aes_context *ctx, const unsigned char *key, unsigned int keysize ); - -/** - * \brief AES-ECB block encryption/decryption - * - * \param ctx AES context - * \param mode AES_ENCRYPT or AES_DECRYPT - * \param input 16-byte input block - * \param output 16-byte output block - * - * \return 0 if successful - */ -int aes_crypt_ecb( aes_context *ctx, - int mode, - const unsigned char input[16], - unsigned char output[16] ); - -/** - * \brief AES-CBC buffer encryption/decryption - * Length should be a multiple of the block - * size (16 bytes) - * - * \param ctx AES context - * \param mode AES_ENCRYPT or AES_DECRYPT - * \param length length of the input data - * \param iv initialization vector (updated after use) - * \param input buffer holding the input data - * \param output buffer holding the output data - * - * \return 0 if successful, or POLARSSL_ERR_AES_INVALID_INPUT_LENGTH - */ -int aes_crypt_cbc( aes_context *ctx, - int mode, - size_t length, - unsigned char iv[16], - const unsigned char *input, - unsigned char *output ); - -/** - * \brief AES-CFB128 buffer encryption/decryption. - * - * Note: Due to the nature of CFB you should use the same key schedule for - * both encryption and decryption. So a context initialized with - * aes_setkey_enc() for both AES_ENCRYPT and AES_DECRYPT. - * - * both - * \param ctx AES context - * \param mode AES_ENCRYPT or AES_DECRYPT - * \param length length of the input data - * \param iv_off offset in IV (updated after use) - * \param iv initialization vector (updated after use) - * \param input buffer holding the input data - * \param output buffer holding the output data - * - * \return 0 if successful - */ -int aes_crypt_cfb128( aes_context *ctx, - int mode, - size_t length, - size_t *iv_off, - unsigned char iv[16], - const unsigned char *input, - unsigned char *output ); - -/* - * \brief AES-CTR buffer encryption/decryption - * - * Warning: You have to keep the maximum use of your counter in mind! - * - * Note: Due to the nature of CTR you should use the same key schedule for - * both encryption and decryption. So a context initialized with - * aes_setkey_enc() for both AES_ENCRYPT and AES_DECRYPT. - * - * \param length The length of the data - * \param nc_off The offset in the current stream_block (for resuming - * within current cipher stream). The offset pointer to - * should be 0 at the start of a stream. - * \param nonce_counter The 128-bit nonce and counter. - * \param stream_block The saved stream-block for resuming. Is overwritten - * by the function. - * \param input The input data stream - * \param output The output data stream - * - * \return 0 if successful - */ -int aes_crypt_ctr( aes_context *ctx, - size_t length, - size_t *nc_off, - unsigned char nonce_counter[16], - unsigned char stream_block[16], - const unsigned char *input, - unsigned char *output ); -/** - * \brief Checkup routine - * - * \return 0 if successful, or 1 if the test failed - */ -int aes_self_test( int verbose ); - -#ifdef __cplusplus -} -#endif - -#endif /* aes.h */ diff --git a/polarssl/src/include/polarssl/arc4.h b/polarssl/src/include/polarssl/arc4.h deleted file mode 100644 index 48ad60b..0000000 --- a/polarssl/src/include/polarssl/arc4.h +++ /dev/null @@ -1,80 +0,0 @@ -/** - * \file arc4.h - * - * \brief The ARCFOUR stream cipher - * - * Copyright (C) 2006-2010, Brainspark B.V. - * - * This file is part of PolarSSL (http://www.polarssl.org) - * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> - * - * All rights reserved. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_ARC4_H -#define POLARSSL_ARC4_H - -#include <string.h> - -/** - * \brief ARC4 context structure - */ -typedef struct -{ - int x; /*!< permutation index */ - int y; /*!< permutation index */ - unsigned char m[256]; /*!< permutation table */ -} -arc4_context; - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief ARC4 key schedule - * - * \param ctx ARC4 context to be initialized - * \param key the secret key - * \param keylen length of the key - */ -void arc4_setup( arc4_context *ctx, const unsigned char *key, unsigned int keylen ); - -/** - * \brief ARC4 cipher function - * - * \param ctx ARC4 context - * \param length length of the input data - * \param input buffer holding the input data - * \param output buffer for the output data - * - * \return 0 if successful - */ -int arc4_crypt( arc4_context *ctx, size_t length, const unsigned char *input, - unsigned char *output ); - -/* - * \brief Checkup routine - * - * \return 0 if successful, or 1 if the test failed - */ -int arc4_self_test( int verbose ); - -#ifdef __cplusplus -} -#endif - -#endif /* arc4.h */ diff --git a/polarssl/src/include/polarssl/asn1.h b/polarssl/src/include/polarssl/asn1.h deleted file mode 100644 index 893292d..0000000 --- a/polarssl/src/include/polarssl/asn1.h +++ /dev/null @@ -1,246 +0,0 @@ -/** - * \file asn1.h - * - * \brief Generic ASN.1 parsing - * - * Copyright (C) 2006-2011, Brainspark B.V. - * - * This file is part of PolarSSL (http://www.polarssl.org) - * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> - * - * All rights reserved. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_ASN1_H -#define POLARSSL_ASN1_H - -#include "config.h" - -#if defined(POLARSSL_BIGNUM_C) -#include "bignum.h" -#endif - -#include <string.h> - -/** - * \addtogroup asn1_module - * \{ - */ - -/** - * \name ASN1 Error codes - * These error codes are OR'ed to X509 error codes for - * higher error granularity. - * ASN1 is a standard to specify data structures. - * \{ - */ -#define POLARSSL_ERR_ASN1_OUT_OF_DATA -0x0060 /**< Out of data when parsing an ASN1 data structure. */ -#define POLARSSL_ERR_ASN1_UNEXPECTED_TAG -0x0062 /**< ASN1 tag was of an unexpected value. */ -#define POLARSSL_ERR_ASN1_INVALID_LENGTH -0x0064 /**< Error when trying to determine the length or invalid length. */ -#define POLARSSL_ERR_ASN1_LENGTH_MISMATCH -0x0066 /**< Actual length differs from expected length. */ -#define POLARSSL_ERR_ASN1_INVALID_DATA -0x0068 /**< Data is invalid. (not used) */ -#define POLARSSL_ERR_ASN1_MALLOC_FAILED -0x006A /**< Memory allocation failed */ -#define POLARSSL_ERR_ASN1_BUF_TOO_SMALL -0x006C /**< Buffer too small when writing ASN.1 data structure. */ - -/* \} name */ - -/** - * \name DER constants - * These constants comply with DER encoded the ANS1 type tags. - * DER encoding uses hexadecimal representation. - * An example DER sequence is:\n - * - 0x02 -- tag indicating INTEGER - * - 0x01 -- length in octets - * - 0x05 -- value - * Such sequences are typically read into \c ::x509_buf. - * \{ - */ -#define ASN1_BOOLEAN 0x01 -#define ASN1_INTEGER 0x02 -#define ASN1_BIT_STRING 0x03 -#define ASN1_OCTET_STRING 0x04 -#define ASN1_NULL 0x05 -#define ASN1_OID 0x06 -#define ASN1_UTF8_STRING 0x0C -#define ASN1_SEQUENCE 0x10 -#define ASN1_SET 0x11 -#define ASN1_PRINTABLE_STRING 0x13 -#define ASN1_T61_STRING 0x14 -#define ASN1_IA5_STRING 0x16 -#define ASN1_UTC_TIME 0x17 -#define ASN1_GENERALIZED_TIME 0x18 -#define ASN1_UNIVERSAL_STRING 0x1C -#define ASN1_BMP_STRING 0x1E -#define ASN1_PRIMITIVE 0x00 -#define ASN1_CONSTRUCTED 0x20 -#define ASN1_CONTEXT_SPECIFIC 0x80 -/* \} name */ -/* \} addtogroup asn1_module */ - -/** Returns the size of the binary string, without the trailing \\0 */ -#define OID_SIZE(x) (sizeof(x) - 1) - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \name Functions to parse ASN.1 data structures - * \{ - */ - -/** - * Type-length-value structure that allows for ASN1 using DER. - */ -typedef struct _asn1_buf -{ - int tag; /**< ASN1 type, e.g. ASN1_UTF8_STRING. */ - size_t len; /**< ASN1 length, e.g. in octets. */ - unsigned char *p; /**< ASN1 data, e.g. in ASCII. */ -} -asn1_buf; - -/** - * Container for ASN1 bit strings. - */ -typedef struct _asn1_bitstring -{ - size_t len; /**< ASN1 length, e.g. in octets. */ - unsigned char unused_bits; /**< Number of unused bits at the end of the string */ - unsigned char *p; /**< Raw ASN1 data for the bit string */ -} -asn1_bitstring; - -/** - * Container for a sequence of ASN.1 items - */ -typedef struct _asn1_sequence -{ - asn1_buf buf; /**< Buffer containing the given ASN.1 item. */ - struct _asn1_sequence *next; /**< The next entry in the sequence. */ -} -asn1_sequence; - -/** - * Get the length of an ASN.1 element. - * Updates the pointer to immediately behind the length. - * - * \param p The position in the ASN.1 data - * \param end End of data - * \param len The variable that will receive the value - * - * \return 0 if successful, POLARSSL_ERR_ASN1_OUT_OF_DATA on reaching - * end of data, POLARSSL_ERR_ASN1_INVALID_LENGTH if length is - * unparseable. - */ -int asn1_get_len( unsigned char **p, - const unsigned char *end, - size_t *len ); - -/** - * Get the tag and length of the tag. Check for the requested tag. - * Updates the pointer to immediately behind the tag and length. - * - * \param p The position in the ASN.1 data - * \param end End of data - * \param len The variable that will receive the length - * \param tag The expected tag - * - * \return 0 if successful, POLARSSL_ERR_ASN1_UNEXPECTED_TAG if tag did - * not match requested tag, or another specific ASN.1 error code. - */ -int asn1_get_tag( unsigned char **p, - const unsigned char *end, - size_t *len, int tag ); - -/** - * Retrieve a boolean ASN.1 tag and its value. - * Updates the pointer to immediately behind the full tag. - * - * \param p The position in the ASN.1 data - * \param end End of data - * \param val The variable that will receive the value - * - * \return 0 if successful or a specific ASN.1 error code. - */ -int asn1_get_bool( unsigned char **p, - const unsigned char *end, - int *val ); - -/** - * Retrieve an integer ASN.1 tag and its value. - * Updates the pointer to immediately behind the full tag. - * - * \param p The position in the ASN.1 data - * \param end End of data - * \param val The variable that will receive the value - * - * \return 0 if successful or a specific ASN.1 error code. - */ -int asn1_get_int( unsigned char **p, - const unsigned char *end, - int *val ); - -/** - * Retrieve a bitstring ASN.1 tag and its value. - * Updates the pointer to immediately behind the full tag. - * - * \param p The position in the ASN.1 data - * \param end End of data - * \param bs The variable that will receive the value - * - * \return 0 if successful or a specific ASN.1 error code. - */ -int asn1_get_bitstring( unsigned char **p, const unsigned char *end, - asn1_bitstring *bs); - -/** - * Parses and splits an ASN.1 "SEQUENCE OF <tag>" - * Updated the pointer to immediately behind the full sequence tag. - * - * \param p The position in the ASN.1 data - * \param end End of data - * \param cur First variable in the chain to fill - * \param tag Type of sequence - * - * \return 0 if successful or a specific ASN.1 error code. - */ -int asn1_get_sequence_of( unsigned char **p, - const unsigned char *end, - asn1_sequence *cur, - int tag); - -#if defined(POLARSSL_BIGNUM_C) -/** - * Retrieve a MPI value from an integer ASN.1 tag. - * Updates the pointer to immediately behind the full tag. - * - * \param p The position in the ASN.1 data - * \param end End of data - * \param X The MPI that will receive the value - * - * \return 0 if successful or a specific ASN.1 or MPI error code. - */ -int asn1_get_mpi( unsigned char **p, - const unsigned char *end, - mpi *X ); -#endif - -#ifdef __cplusplus -} -#endif - -#endif /* asn1.h */ diff --git a/polarssl/src/include/polarssl/asn1write.h b/polarssl/src/include/polarssl/asn1write.h deleted file mode 100644 index 52b9baa..0000000 --- a/polarssl/src/include/polarssl/asn1write.h +++ /dev/null @@ -1,46 +0,0 @@ -/** - * \file asn1write.h - * - * \brief ASN.1 buffer writing functionality - * - * Copyright (C) 2006-2012, Brainspark B.V. - * - * This file is part of PolarSSL (http://www.polarssl.org) - * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> - * - * All rights reserved. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_ASN1_WRITE_H -#define POLARSSL_ASN1_WRITE_H - -#include "asn1.h" - -#define ASN1_CHK_ADD(g, f) if( ( ret = f ) < 0 ) return( ret ); else g += ret - -int asn1_write_len( unsigned char **p, unsigned char *start, size_t len ); -int asn1_write_tag( unsigned char **p, unsigned char *start, unsigned char tag ); -int asn1_write_mpi( unsigned char **p, unsigned char *start, mpi *X ); -int asn1_write_null( unsigned char **p, unsigned char *start ); -int asn1_write_oid( unsigned char **p, unsigned char *start, char *oid ); -int asn1_write_algorithm_identifier( unsigned char **p, unsigned char *start, char *algorithm_oid ); -int asn1_write_int( unsigned char **p, unsigned char *start, int val ); -int asn1_write_printable_string( unsigned char **p, unsigned char *start, - char *text ); -int asn1_write_ia5_string( unsigned char **p, unsigned char *start, - char *text ); - -#endif /* POLARSSL_ASN1_WRITE_H */ diff --git a/polarssl/src/include/polarssl/base64.h b/polarssl/src/include/polarssl/base64.h deleted file mode 100644 index 883215d..0000000 --- a/polarssl/src/include/polarssl/base64.h +++ /dev/null @@ -1,87 +0,0 @@ -/** - * \file base64.h - * - * \brief RFC 1521 base64 encoding/decoding - * - * Copyright (C) 2006-2010, Brainspark B.V. - * - * This file is part of PolarSSL (http://www.polarssl.org) - * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> - * - * All rights reserved. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_BASE64_H -#define POLARSSL_BASE64_H - -#include <string.h> - -#define POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL -0x002A /**< Output buffer too small. */ -#define POLARSSL_ERR_BASE64_INVALID_CHARACTER -0x002C /**< Invalid character in input. */ - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief Encode a buffer into base64 format - * - * \param dst destination buffer - * \param dlen size of the buffer - * \param src source buffer - * \param slen amount of data to be encoded - * - * \return 0 if successful, or POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL. - * *dlen is always updated to reflect the amount - * of data that has (or would have) been written. - * - * \note Call this function with *dlen = 0 to obtain the - * required buffer size in *dlen - */ -int base64_encode( unsigned char *dst, size_t *dlen, - const unsigned char *src, size_t slen ); - -/** - * \brief Decode a base64-formatted buffer - * - * \param dst destination buffer - * \param dlen size of the buffer - * \param src source buffer - * \param slen amount of data to be decoded - * - * \return 0 if successful, POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL, or - * POLARSSL_ERR_BASE64_INVALID_DATA if the input data is not - * correct. *dlen is always updated to reflect the amount - * of data that has (or would have) been written. - * - * \note Call this function with *dlen = 0 to obtain the - * required buffer size in *dlen - */ -int base64_decode( unsigned char *dst, size_t *dlen, - const unsigned char *src, size_t slen ); - -/** - * \brief Checkup routine - * - * \return 0 if successful, or 1 if the test failed - */ -int base64_self_test( int verbose ); - -#ifdef __cplusplus -} -#endif - -#endif /* base64.h */ diff --git a/polarssl/src/include/polarssl/bignum.h b/polarssl/src/include/polarssl/bignum.h deleted file mode 100644 index ad03308..0000000 --- a/polarssl/src/include/polarssl/bignum.h +++ /dev/null @@ -1,632 +0,0 @@ -/** - * \file bignum.h - * - * \brief Multi-precision integer library - * - * Copyright (C) 2006-2010, Brainspark B.V. - * - * This file is part of PolarSSL (http://www.polarssl.org) - * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> - * - * All rights reserved. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_BIGNUM_H -#define POLARSSL_BIGNUM_H - -#include <stdio.h> -#include <string.h> - -#include "config.h" - -#define POLARSSL_ERR_MPI_FILE_IO_ERROR -0x0002 /**< An error occurred while reading from or writing to a file. */ -#define POLARSSL_ERR_MPI_BAD_INPUT_DATA -0x0004 /**< Bad input parameters to function. */ -#define POLARSSL_ERR_MPI_INVALID_CHARACTER -0x0006 /**< There is an invalid character in the digit string. */ -#define POLARSSL_ERR_MPI_BUFFER_TOO_SMALL -0x0008 /**< The buffer is too small to write to. */ -#define POLARSSL_ERR_MPI_NEGATIVE_VALUE -0x000A /**< The input arguments are negative or result in illegal output. */ -#define POLARSSL_ERR_MPI_DIVISION_BY_ZERO -0x000C /**< The input argument for division is zero, which is not allowed. */ -#define POLARSSL_ERR_MPI_NOT_ACCEPTABLE -0x000E /**< The input arguments are not acceptable. */ -#define POLARSSL_ERR_MPI_MALLOC_FAILED -0x0010 /**< Memory allocation failed. */ - -#define MPI_CHK(f) if( ( ret = f ) != 0 ) goto cleanup - -/* - * Maximum size MPIs are allowed to grow to in number of limbs. - */ -#define POLARSSL_MPI_MAX_LIMBS 10000 - -/* - * Maximum window size used for modular exponentiation. Default: 6 - * Minimum value: 1. Maximum value: 6. - * - * Result is an array of ( 2 << POLARSSL_MPI_WINDOW_SIZE ) MPIs used - * for the sliding window calculation. (So 64 by default) - * - * Reduction in size, reduces speed. - */ -#define POLARSSL_MPI_WINDOW_SIZE 6 /**< Maximum windows size used. */ - -/* - * Maximum size of MPIs allowed in bits and bytes for user-MPIs. - * ( Default: 512 bytes => 4096 bits ) - * - * Note: Calculations can results temporarily in larger MPIs. So the number - * of limbs required (POLARSSL_MPI_MAX_LIMBS) is higher. - */ -#define POLARSSL_MPI_MAX_SIZE 512 /**< Maximum number of bytes for usable MPIs. */ -#define POLARSSL_MPI_MAX_BITS ( 8 * POLARSSL_MPI_MAX_SIZE ) /**< Maximum number of bits for usable MPIs. */ - -/* - * When reading from files with mpi_read_file() the buffer should have space - * for a (short) label, the MPI (in the provided radix), the newline - * characters and the '\0'. - * - * By default we assume at least a 10 char label, a minimum radix of 10 - * (decimal) and a maximum of 4096 bit numbers (1234 decimal chars). - */ -#define POLARSSL_MPI_READ_BUFFER_SIZE 1250 - -/* - * Define the base integer type, architecture-wise - */ -#if defined(POLARSSL_HAVE_INT8) -typedef signed char t_sint; -typedef unsigned char t_uint; -typedef unsigned short t_udbl; -#else -#if defined(POLARSSL_HAVE_INT16) -typedef signed short t_sint; -typedef unsigned short t_uint; -typedef unsigned long t_udbl; -#else - typedef signed long t_sint; - typedef unsigned long t_uint; - #if defined(_MSC_VER) && defined(_M_IX86) - typedef unsigned __int64 t_udbl; - #else - #if defined(__GNUC__) && ( \ - defined(__amd64__) || defined(__x86_64__) || \ - defined(__ppc64__) || defined(__powerpc64__) || \ - defined(__ia64__) || defined(__alpha__) || \ - (defined(__sparc__) && defined(__arch64__)) || \ - defined(__s390x__) ) - typedef unsigned int t_udbl __attribute__((mode(TI))); - #define POLARSSL_HAVE_LONGLONG - #else - #if defined(POLARSSL_HAVE_LONGLONG) - typedef unsigned long long t_udbl; - #endif - #endif - #endif -#endif -#endif - -/** - * \brief MPI structure - */ -typedef struct -{ - int s; /*!< integer sign */ - size_t n; /*!< total # of limbs */ - t_uint *p; /*!< pointer to limbs */ -} -mpi; - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief Initialize one MPI - * - * \param X One MPI to initialize. - */ -void mpi_init( mpi *X ); - -/** - * \brief Unallocate one MPI - * - * \param X One MPI to unallocate. - */ -void mpi_free( mpi *X ); - -/** - * \brief Enlarge to the specified number of limbs - * - * \param X MPI to grow - * \param nblimbs The target number of limbs - * - * \return 0 if successful, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed - */ -int mpi_grow( mpi *X, size_t nblimbs ); - -/** - * \brief Copy the contents of Y into X - * - * \param X Destination MPI - * \param Y Source MPI - * - * \return 0 if successful, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed - */ -int mpi_copy( mpi *X, const mpi *Y ); - -/** - * \brief Swap the contents of X and Y - * - * \param X First MPI value - * \param Y Second MPI value - */ -void mpi_swap( mpi *X, mpi *Y ); - -/** - * \brief Set value from integer - * - * \param X MPI to set - * \param z Value to use - * - * \return 0 if successful, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed - */ -int mpi_lset( mpi *X, t_sint z ); - -/* - * \brief Get a specific bit from X - * - * \param X MPI to use - * \param pos Zero-based index of the bit in X - * - * \return Either a 0 or a 1 - */ -int mpi_get_bit( mpi *X, size_t pos ); - -/* - * \brief Set a bit of X to a specific value of 0 or 1 - * - * \note Will grow X if necessary to set a bit to 1 in a not yet - * existing limb. Will not grow if bit should be set to 0 - * - * \param X MPI to use - * \param pos Zero-based index of the bit in X - * \param val The value to set the bit to (0 or 1) - * - * \return 0 if successful, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed, - * POLARSSL_ERR_MPI_BAD_INPUT_DATA if val is not 0 or 1 - */ -int mpi_set_bit( mpi *X, size_t pos, unsigned char val ); - -/** - * \brief Return the number of least significant bits - * - * \param X MPI to use - */ -size_t mpi_lsb( const mpi *X ); - -/** - * \brief Return the number of most significant bits - * - * \param X MPI to use - */ -size_t mpi_msb( const mpi *X ); - -/** - * \brief Return the total size in bytes - * - * \param X MPI to use - */ -size_t mpi_size( const mpi *X ); - -/** - * \brief Import from an ASCII string - * - * \param X Destination MPI - * \param radix Input numeric base - * \param s Null-terminated string buffer - * - * \return 0 if successful, or a POLARSSL_ERR_MPI_XXX error code - */ -int mpi_read_string( mpi *X, int radix, const char *s ); - -/** - * \brief Export into an ASCII string - * - * \param X Source MPI - * \param radix Output numeric base - * \param s String buffer - * \param slen String buffer size - * - * \return 0 if successful, or a POLARSSL_ERR_MPI_XXX error code. - * *slen is always updated to reflect the amount - * of data that has (or would have) been written. - * - * \note Call this function with *slen = 0 to obtain the - * minimum required buffer size in *slen. - */ -int mpi_write_string( const mpi *X, int radix, char *s, size_t *slen ); - -/** - * \brief Read X from an opened file - * - * \param X Destination MPI - * \param radix Input numeric base - * \param fin Input file handle - * - * \return 0 if successful, POLARSSL_ERR_MPI_BUFFER_TOO_SMALL if - * the file read buffer is too small or a - * POLARSSL_ERR_MPI_XXX error code - */ -int mpi_read_file( mpi *X, int radix, FILE *fin ); - -/** - * \brief Write X into an opened file, or stdout if fout is NULL - * - * \param p Prefix, can be NULL - * \param X Source MPI - * \param radix Output numeric base - * \param fout Output file handle (can be NULL) - * - * \return 0 if successful, or a POLARSSL_ERR_MPI_XXX error code - * - * \note Set fout == NULL to print X on the console. - */ -int mpi_write_file( const char *p, const mpi *X, int radix, FILE *fout ); - -/** - * \brief Import X from unsigned binary data, big endian - * - * \param X Destination MPI - * \param buf Input buffer - * \param buflen Input buffer size - * - * \return 0 if successful, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed - */ -int mpi_read_binary( mpi *X, const unsigned char *buf, size_t buflen ); - -/** - * \brief Export X into unsigned binary data, big endian - * - * \param X Source MPI - * \param buf Output buffer - * \param buflen Output buffer size - * - * \return 0 if successful, - * POLARSSL_ERR_MPI_BUFFER_TOO_SMALL if buf isn't large enough - */ -int mpi_write_binary( const mpi *X, unsigned char *buf, size_t buflen ); - -/** - * \brief Left-shift: X <<= count - * - * \param X MPI to shift - * \param count Amount to shift - * - * \return 0 if successful, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed - */ -int mpi_shift_l( mpi *X, size_t count ); - -/** - * \brief Right-shift: X >>= count - * - * \param X MPI to shift - * \param count Amount to shift - * - * \return 0 if successful, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed - */ -int mpi_shift_r( mpi *X, size_t count ); - -/** - * \brief Compare unsigned values - * - * \param X Left-hand MPI - * \param Y Right-hand MPI - * - * \return 1 if |X| is greater than |Y|, - * -1 if |X| is lesser than |Y| or - * 0 if |X| is equal to |Y| - */ -int mpi_cmp_abs( const mpi *X, const mpi *Y ); - -/** - * \brief Compare signed values - * - * \param X Left-hand MPI - * \param Y Right-hand MPI - * - * \return 1 if X is greater than Y, - * -1 if X is lesser than Y or - * 0 if X is equal to Y - */ -int mpi_cmp_mpi( const mpi *X, const mpi *Y ); - -/** - * \brief Compare signed values - * - * \param X Left-hand MPI - * \param z The integer value to compare to - * - * \return 1 if X is greater than z, - * -1 if X is lesser than z or - * 0 if X is equal to z - */ -int mpi_cmp_int( const mpi *X, t_sint z ); - -/** - * \brief Unsigned addition: X = |A| + |B| - * - * \param X Destination MPI - * \param A Left-hand MPI - * \param B Right-hand MPI - * - * \return 0 if successful, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed - */ -int mpi_add_abs( mpi *X, const mpi *A, const mpi *B ); - -/** - * \brief Unsigned substraction: X = |A| - |B| - * - * \param X Destination MPI - * \param A Left-hand MPI - * \param B Right-hand MPI - * - * \return 0 if successful, - * POLARSSL_ERR_MPI_NEGATIVE_VALUE if B is greater than A - */ -int mpi_sub_abs( mpi *X, const mpi *A, const mpi *B ); - -/** - * \brief Signed addition: X = A + B - * - * \param X Destination MPI - * \param A Left-hand MPI - * \param B Right-hand MPI - * - * \return 0 if successful, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed - */ -int mpi_add_mpi( mpi *X, const mpi *A, const mpi *B ); - -/** - * \brief Signed substraction: X = A - B - * - * \param X Destination MPI - * \param A Left-hand MPI - * \param B Right-hand MPI - * - * \return 0 if successful, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed - */ -int mpi_sub_mpi( mpi *X, const mpi *A, const mpi *B ); - -/** - * \brief Signed addition: X = A + b - * - * \param X Destination MPI - * \param A Left-hand MPI - * \param b The integer value to add - * - * \return 0 if successful, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed - */ -int mpi_add_int( mpi *X, const mpi *A, t_sint b ); - -/** - * \brief Signed substraction: X = A - b - * - * \param X Destination MPI - * \param A Left-hand MPI - * \param b The integer value to subtract - * - * \return 0 if successful, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed - */ -int mpi_sub_int( mpi *X, const mpi *A, t_sint b ); - -/** - * \brief Baseline multiplication: X = A * B - * - * \param X Destination MPI - * \param A Left-hand MPI - * \param B Right-hand MPI - * - * \return 0 if successful, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed - */ -int mpi_mul_mpi( mpi *X, const mpi *A, const mpi *B ); - -/** - * \brief Baseline multiplication: X = A * b - * Note: b is an unsigned integer type, thus - * Negative values of b are ignored. - * - * \param X Destination MPI - * \param A Left-hand MPI - * \param b The integer value to multiply with - * - * \return 0 if successful, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed - */ -int mpi_mul_int( mpi *X, const mpi *A, t_sint b ); - -/** - * \brief Division by mpi: A = Q * B + R - * - * \param Q Destination MPI for the quotient - * \param R Destination MPI for the rest value - * \param A Left-hand MPI - * \param B Right-hand MPI - * - * \return 0 if successful, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed, - * POLARSSL_ERR_MPI_DIVISION_BY_ZERO if B == 0 - * - * \note Either Q or R can be NULL. - */ -int mpi_div_mpi( mpi *Q, mpi *R, const mpi *A, const mpi *B ); - -/** - * \brief Division by int: A = Q * b + R - * - * \param Q Destination MPI for the quotient - * \param R Destination MPI for the rest value - * \param A Left-hand MPI - * \param b Integer to divide by - * - * \return 0 if successful, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed, - * POLARSSL_ERR_MPI_DIVISION_BY_ZERO if b == 0 - * - * \note Either Q or R can be NULL. - */ -int mpi_div_int( mpi *Q, mpi *R, const mpi *A, t_sint b ); - -/** - * \brief Modulo: R = A mod B - * - * \param R Destination MPI for the rest value - * \param A Left-hand MPI - * \param B Right-hand MPI - * - * \return 0 if successful, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed, - * POLARSSL_ERR_MPI_DIVISION_BY_ZERO if B == 0, - * POLARSSL_ERR_MPI_NEGATIVE_VALUE if B < 0 - */ -int mpi_mod_mpi( mpi *R, const mpi *A, const mpi *B ); - -/** - * \brief Modulo: r = A mod b - * - * \param r Destination t_uint - * \param A Left-hand MPI - * \param b Integer to divide by - * - * \return 0 if successful, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed, - * POLARSSL_ERR_MPI_DIVISION_BY_ZERO if b == 0, - * POLARSSL_ERR_MPI_NEGATIVE_VALUE if b < 0 - */ -int mpi_mod_int( t_uint *r, const mpi *A, t_sint b ); - -/** - * \brief Sliding-window exponentiation: X = A^E mod N - * - * \param X Destination MPI - * \param A Left-hand MPI - * \param E Exponent MPI - * \param N Modular MPI - * \param _RR Speed-up MPI used for recalculations - * - * \return 0 if successful, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed, - * POLARSSL_ERR_MPI_BAD_INPUT_DATA if N is negative or even - * - * \note _RR is used to avoid re-computing R*R mod N across - * multiple calls, which speeds up things a bit. It can - * be set to NULL if the extra performance is unneeded. - */ -int mpi_exp_mod( mpi *X, const mpi *A, const mpi *E, const mpi *N, mpi *_RR ); - -/** - * \brief Fill an MPI X with size bytes of random - * - * \param X Destination MPI - * \param size Size in bytes - * \param f_rng RNG function - * \param p_rng RNG parameter - * - * \return 0 if successful, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed - */ -int mpi_fill_random( mpi *X, size_t size, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); - -/** - * \brief Greatest common divisor: G = gcd(A, B) - * - * \param G Destination MPI - * \param A Left-hand MPI - * \param B Right-hand MPI - * - * \return 0 if successful, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed - */ -int mpi_gcd( mpi *G, const mpi *A, const mpi *B ); - -/** - * \brief Modular inverse: X = A^-1 mod N - * - * \param X Destination MPI - * \param A Left-hand MPI - * \param N Right-hand MPI - * - * \return 0 if successful, - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed, - * POLARSSL_ERR_MPI_BAD_INPUT_DATA if N is negative or nil - POLARSSL_ERR_MPI_NOT_ACCEPTABLE if A has no inverse mod N - */ -int mpi_inv_mod( mpi *X, const mpi *A, const mpi *N ); - -/** - * \brief Miller-Rabin primality test - * - * \param X MPI to check - * \param f_rng RNG function - * \param p_rng RNG parameter - * - * \return 0 if successful (probably prime), - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed, - * POLARSSL_ERR_MPI_NOT_ACCEPTABLE if X is not prime - */ -int mpi_is_prime( mpi *X, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); - -/** - * \brief Prime number generation - * - * \param X Destination MPI - * \param nbits Required size of X in bits ( 3 <= nbits <= POLARSSL_MPI_MAX_BITS ) - * \param dh_flag If 1, then (X-1)/2 will be prime too - * \param f_rng RNG function - * \param p_rng RNG parameter - * - * \return 0 if successful (probably prime), - * POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed, - * POLARSSL_ERR_MPI_BAD_INPUT_DATA if nbits is < 3 - */ -int mpi_gen_prime( mpi *X, size_t nbits, int dh_flag, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); - -/** - * \brief Checkup routine - * - * \return 0 if successful, or 1 if the test failed - */ -int mpi_self_test( int verbose ); - -#ifdef __cplusplus -} -#endif - -#endif /* bignum.h */ diff --git a/polarssl/src/include/polarssl/bn_mul.h b/polarssl/src/include/polarssl/bn_mul.h deleted file mode 100644 index a6a2c65..0000000 --- a/polarssl/src/include/polarssl/bn_mul.h +++ /dev/null @@ -1,742 +0,0 @@ -/** - * \file bn_mul.h - * - * \brief Multi-precision integer library - * - * Copyright (C) 2006-2010, Brainspark B.V. - * - * This file is part of PolarSSL (http://www.polarssl.org) - * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> - * - * All rights reserved. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -/* - * Multiply source vector [s] with b, add result - * to destination vector [d] and set carry c. - * - * Currently supports: - * - * . IA-32 (386+) . AMD64 / EM64T - * . IA-32 (SSE2) . Motorola 68000 - * . PowerPC, 32-bit . MicroBlaze - * . PowerPC, 64-bit . TriCore - * . SPARC v8 . ARM v3+ - * . Alpha . MIPS32 - * . C, longlong . C, generic - */ -#ifndef POLARSSL_BN_MUL_H -#define POLARSSL_BN_MUL_H - -#include "bignum.h" - -#if defined(POLARSSL_HAVE_ASM) - -#if defined(__GNUC__) -#if defined(__i386__) - -#define MULADDC_INIT \ - asm( " \ - movl %%ebx, %0; \ - movl %5, %%esi; \ - movl %6, %%edi; \ - movl %7, %%ecx; \ - movl %8, %%ebx; \ - " - -#define MULADDC_CORE \ - " \ - lodsl; \ - mull %%ebx; \ - addl %%ecx, %%eax; \ - adcl $0, %%edx; \ - addl (%%edi), %%eax; \ - adcl $0, %%edx; \ - movl %%edx, %%ecx; \ - stosl; \ - " - -#if defined(POLARSSL_HAVE_SSE2) - -#define MULADDC_HUIT \ - " \ - movd %%ecx, %%mm1; \ - movd %%ebx, %%mm0; \ - movd (%%edi), %%mm3; \ - paddq %%mm3, %%mm1; \ - movd (%%esi), %%mm2; \ - pmuludq %%mm0, %%mm2; \ - movd 4(%%esi), %%mm4; \ - pmuludq %%mm0, %%mm4; \ - movd 8(%%esi), %%mm6; \ - pmuludq %%mm0, %%mm6; \ - movd 12(%%esi), %%mm7; \ - pmuludq %%mm0, %%mm7; \ - paddq %%mm2, %%mm1; \ - movd 4(%%edi), %%mm3; \ - paddq %%mm4, %%mm3; \ - movd 8(%%edi), %%mm5; \ - paddq %%mm6, %%mm5; \ - movd 12(%%edi), %%mm4; \ - paddq %%mm4, %%mm7; \ - movd %%mm1, (%%edi); \ - movd 16(%%esi), %%mm2; \ - pmuludq %%mm0, %%mm2; \ - psrlq $32, %%mm1; \ - movd 20(%%esi), %%mm4; \ - pmuludq %%mm0, %%mm4; \ - paddq %%mm3, %%mm1; \ - movd 24(%%esi), %%mm6; \ - pmuludq %%mm0, %%mm6; \ - movd %%mm1, 4(%%edi); \ - psrlq $32, %%mm1; \ - movd 28(%%esi), %%mm3; \ - pmuludq %%mm0, %%mm3; \ - paddq %%mm5, %%mm1; \ - movd 16(%%edi), %%mm5; \ - paddq %%mm5, %%mm2; \ - movd %%mm1, 8(%%edi); \ - psrlq $32, %%mm1; \ - paddq %%mm7, %%mm1; \ - movd 20(%%edi), %%mm5; \ - paddq %%mm5, %%mm4; \ - movd %%mm1, 12(%%edi); \ - psrlq $32, %%mm1; \ - paddq %%mm2, %%mm1; \ - movd 24(%%edi), %%mm5; \ - paddq %%mm5, %%mm6; \ - movd %%mm1, 16(%%edi); \ - psrlq $32, %%mm1; \ - paddq %%mm4, %%mm1; \ - movd 28(%%edi), %%mm5; \ - paddq %%mm5, %%mm3; \ - movd %%mm1, 20(%%edi); \ - psrlq $32, %%mm1; \ - paddq %%mm6, %%mm1; \ - movd %%mm1, 24(%%edi); \ - psrlq $32, %%mm1; \ - paddq %%mm3, %%mm1; \ - movd %%mm1, 28(%%edi); \ - addl $32, %%edi; \ - addl $32, %%esi; \ - psrlq $32, %%mm1; \ - movd %%mm1, %%ecx; \ - " - -#define MULADDC_STOP \ - " \ - emms; \ - movl %4, %%ebx; \ - movl %%ecx, %1; \ - movl %%edi, %2; \ - movl %%esi, %3; \ - " \ - : "=m" (t), "=m" (c), "=m" (d), "=m" (s) \ - : "m" (t), "m" (s), "m" (d), "m" (c), "m" (b) \ - : "eax", "ecx", "edx", "esi", "edi" \ - ); - -#else - -#define MULADDC_STOP \ - " \ - movl %4, %%ebx; \ - movl %%ecx, %1; \ - movl %%edi, %2; \ - movl %%esi, %3; \ - " \ - : "=m" (t), "=m" (c), "=m" (d), "=m" (s) \ - : "m" (t), "m" (s), "m" (d), "m" (c), "m" (b) \ - : "eax", "ecx", "edx", "esi", "edi" \ - ); -#endif /* SSE2 */ -#endif /* i386 */ - -#if defined(__amd64__) || defined (__x86_64__) - -#define MULADDC_INIT \ - asm( "movq %0, %%rsi " :: "m" (s)); \ - asm( "movq %0, %%rdi " :: "m" (d)); \ - asm( "movq %0, %%rcx " :: "m" (c)); \ - asm( "movq %0, %%rbx " :: "m" (b)); \ - asm( "xorq %r8, %r8 " ); - -#define MULADDC_CORE \ - asm( "movq (%rsi),%rax " ); \ - asm( "mulq %rbx " ); \ - asm( "addq $8, %rsi " ); \ - asm( "addq %rcx, %rax " ); \ - asm( "movq %r8, %rcx " ); \ - asm( "adcq $0, %rdx " ); \ - asm( "nop " ); \ - asm( "addq %rax, (%rdi) " ); \ - asm( "adcq %rdx, %rcx " ); \ - asm( "addq $8, %rdi " ); - -#define MULADDC_STOP \ - asm( "movq %%rcx, %0 " : "=m" (c)); \ - asm( "movq %%rdi, %0 " : "=m" (d)); \ - asm( "movq %%rsi, %0 " : "=m" (s) :: \ - "rax", "rcx", "rdx", "rbx", "rsi", "rdi", "r8" ); - -#endif /* AMD64 */ - -#if defined(__mc68020__) || defined(__mcpu32__) - -#define MULADDC_INIT \ - asm( "movl %0, %%a2 " :: "m" (s)); \ - asm( "movl %0, %%a3 " :: "m" (d)); \ - asm( "movl %0, %%d3 " :: "m" (c)); \ - asm( "movl %0, %%d2 " :: "m" (b)); \ - asm( "moveq #0, %d0 " ); - -#define MULADDC_CORE \ - asm( "movel %a2@+, %d1 " ); \ - asm( "mulul %d2, %d4:%d1 " ); \ - asm( "addl %d3, %d1 " ); \ - asm( "addxl %d0, %d4 " ); \ - asm( "moveq #0, %d3 " ); \ - asm( "addl %d1, %a3@+ " ); \ - asm( "addxl %d4, %d3 " ); - -#define MULADDC_STOP \ - asm( "movl %%d3, %0 " : "=m" (c)); \ - asm( "movl %%a3, %0 " : "=m" (d)); \ - asm( "movl %%a2, %0 " : "=m" (s) :: \ - "d0", "d1", "d2", "d3", "d4", "a2", "a3" ); - -#define MULADDC_HUIT \ - asm( "movel %a2@+, %d1 " ); \ - asm( "mulul %d2, %d4:%d1 " ); \ - asm( "addxl %d3, %d1 " ); \ - asm( "addxl %d0, %d4 " ); \ - asm( "addl %d1, %a3@+ " ); \ - asm( "movel %a2@+, %d1 " ); \ - asm( "mulul %d2, %d3:%d1 " ); \ - asm( "addxl %d4, %d1 " ); \ - asm( "addxl %d0, %d3 " ); \ - asm( "addl %d1, %a3@+ " ); \ - asm( "movel %a2@+, %d1 " ); \ - asm( "mulul %d2, %d4:%d1 " ); \ - asm( "addxl %d3, %d1 " ); \ - asm( "addxl %d0, %d4 " ); \ - asm( "addl %d1, %a3@+ " ); \ - asm( "movel %a2@+, %d1 " ); \ - asm( "mulul %d2, %d3:%d1 " ); \ - asm( "addxl %d4, %d1 " ); \ - asm( "addxl %d0, %d3 " ); \ - asm( "addl %d1, %a3@+ " ); \ - asm( "movel %a2@+, %d1 " ); \ - asm( "mulul %d2, %d4:%d1 " ); \ - asm( "addxl %d3, %d1 " ); \ - asm( "addxl %d0, %d4 " ); \ - asm( "addl %d1, %a3@+ " ); \ - asm( "movel %a2@+, %d1 " ); \ - asm( "mulul %d2, %d3:%d1 " ); \ - asm( "addxl %d4, %d1 " ); \ - asm( "addxl %d0, %d3 " ); \ - asm( "addl %d1, %a3@+ " ); \ - asm( "movel %a2@+, %d1 " ); \ - asm( "mulul %d2, %d4:%d1 " ); \ - asm( "addxl %d3, %d1 " ); \ - asm( "addxl %d0, %d4 " ); \ - asm( "addl %d1, %a3@+ " ); \ - asm( "movel %a2@+, %d1 " ); \ - asm( "mulul %d2, %d3:%d1 " ); \ - asm( "addxl %d4, %d1 " ); \ - asm( "addxl %d0, %d3 " ); \ - asm( "addl %d1, %a3@+ " ); \ - asm( "addxl %d0, %d3 " ); - -#endif /* MC68000 */ - -#if defined(__powerpc__) || defined(__ppc__) -#if defined(__powerpc64__) || defined(__ppc64__) - -#if defined(__MACH__) && defined(__APPLE__) - -#define MULADDC_INIT \ - asm( "ld r3, %0 " :: "m" (s)); \ - asm( "ld r4, %0 " :: "m" (d)); \ - asm( "ld r5, %0 " :: "m" (c)); \ - asm( "ld r6, %0 " :: "m" (b)); \ - asm( "addi r3, r3, -8 " ); \ - asm( "addi r4, r4, -8 " ); \ - asm( "addic r5, r5, 0 " ); - -#define MULADDC_CORE \ - asm( "ldu r7, 8(r3) " ); \ - asm( "mulld r8, r7, r6 " ); \ - asm( "mulhdu r9, r7, r6 " ); \ - asm( "adde r8, r8, r5 " ); \ - asm( "ld r7, 8(r4) " ); \ - asm( "addze r5, r9 " ); \ - asm( "addc r8, r8, r7 " ); \ - asm( "stdu r8, 8(r4) " ); - -#define MULADDC_STOP \ - asm( "addze r5, r5 " ); \ - asm( "addi r4, r4, 8 " ); \ - asm( "addi r3, r3, 8 " ); \ - asm( "std r5, %0 " : "=m" (c)); \ - asm( "std r4, %0 " : "=m" (d)); \ - asm( "std r3, %0 " : "=m" (s) :: \ - "r3", "r4", "r5", "r6", "r7", "r8", "r9" ); - -#else - -#define MULADDC_INIT \ - asm( "ld %%r3, %0 " :: "m" (s)); \ - asm( "ld %%r4, %0 " :: "m" (d)); \ - asm( "ld %%r5, %0 " :: "m" (c)); \ - asm( "ld %%r6, %0 " :: "m" (b)); \ - asm( "addi %r3, %r3, -8 " ); \ - asm( "addi %r4, %r4, -8 " ); \ - asm( "addic %r5, %r5, 0 " ); - -#define MULADDC_CORE \ - asm( "ldu %r7, 8(%r3) " ); \ - asm( "mulld %r8, %r7, %r6 " ); \ - asm( "mulhdu %r9, %r7, %r6 " ); \ - asm( "adde %r8, %r8, %r5 " ); \ - asm( "ld %r7, 8(%r4) " ); \ - asm( "addze %r5, %r9 " ); \ - asm( "addc %r8, %r8, %r7 " ); \ - asm( "stdu %r8, 8(%r4) " ); - -#define MULADDC_STOP \ - asm( "addze %r5, %r5 " ); \ - asm( "addi %r4, %r4, 8 " ); \ - asm( "addi %r3, %r3, 8 " ); \ - asm( "std %%r5, %0 " : "=m" (c)); \ - asm( "std %%r4, %0 " : "=m" (d)); \ - asm( "std %%r3, %0 " : "=m" (s) :: \ - "r3", "r4", "r5", "r6", "r7", "r8", "r9" ); - -#endif - -#else /* PPC32 */ - -#if defined(__MACH__) && defined(__APPLE__) - -#define MULADDC_INIT \ - asm( "lwz r3, %0 " :: "m" (s)); \ - asm( "lwz r4, %0 " :: "m" (d)); \ - asm( "lwz r5, %0 " :: "m" (c)); \ - asm( "lwz r6, %0 " :: "m" (b)); \ - asm( "addi r3, r3, -4 " ); \ - asm( "addi r4, r4, -4 " ); \ - asm( "addic r5, r5, 0 " ); - -#define MULADDC_CORE \ - asm( "lwzu r7, 4(r3) " ); \ - asm( "mullw r8, r7, r6 " ); \ - asm( "mulhwu r9, r7, r6 " ); \ - asm( "adde r8, r8, r5 " ); \ - asm( "lwz r7, 4(r4) " ); \ - asm( "addze r5, r9 " ); \ - asm( "addc r8, r8, r7 " ); \ - asm( "stwu r8, 4(r4) " ); - -#define MULADDC_STOP \ - asm( "addze r5, r5 " ); \ - asm( "addi r4, r4, 4 " ); \ - asm( "addi r3, r3, 4 " ); \ - asm( "stw r5, %0 " : "=m" (c)); \ - asm( "stw r4, %0 " : "=m" (d)); \ - asm( "stw r3, %0 " : "=m" (s) :: \ - "r3", "r4", "r5", "r6", "r7", "r8", "r9" ); - -#else - -#define MULADDC_INIT \ - asm( "lwz %%r3, %0 " :: "m" (s)); \ - asm( "lwz %%r4, %0 " :: "m" (d)); \ - asm( "lwz %%r5, %0 " :: "m" (c)); \ - asm( "lwz %%r6, %0 " :: "m" (b)); \ - asm( "addi %r3, %r3, -4 " ); \ - asm( "addi %r4, %r4, -4 " ); \ - asm( "addic %r5, %r5, 0 " ); - -#define MULADDC_CORE \ - asm( "lwzu %r7, 4(%r3) " ); \ - asm( "mullw %r8, %r7, %r6 " ); \ - asm( "mulhwu %r9, %r7, %r6 " ); \ - asm( "adde %r8, %r8, %r5 " ); \ - asm( "lwz %r7, 4(%r4) " ); \ - asm( "addze %r5, %r9 " ); \ - asm( "addc %r8, %r8, %r7 " ); \ - asm( "stwu %r8, 4(%r4) " ); - -#define MULADDC_STOP \ - asm( "addze %r5, %r5 " ); \ - asm( "addi %r4, %r4, 4 " ); \ - asm( "addi %r3, %r3, 4 " ); \ - asm( "stw %%r5, %0 " : "=m" (c)); \ - asm( "stw %%r4, %0 " : "=m" (d)); \ - asm( "stw %%r3, %0 " : "=m" (s) :: \ - "r3", "r4", "r5", "r6", "r7", "r8", "r9" ); - -#endif - -#endif /* PPC32 */ -#endif /* PPC64 */ - -#if defined(__sparc__) - -#define MULADDC_INIT \ - asm( "ld %0, %%o0 " :: "m" (s)); \ - asm( "ld %0, %%o1 " :: "m" (d)); \ - asm( "ld %0, %%o2 " :: "m" (c)); \ - asm( "ld %0, %%o3 " :: "m" (b)); - -#define MULADDC_CORE \ - asm( "ld [%o0], %o4 " ); \ - asm( "inc 4, %o0 " ); \ - asm( "ld [%o1], %o5 " ); \ - asm( "umul %o3, %o4, %o4 " ); \ - asm( "addcc %o4, %o2, %o4 " ); \ - asm( "rd %y, %g1 " ); \ - asm( "addx %g1, 0, %g1 " ); \ - asm( "addcc %o4, %o5, %o4 " ); \ - asm( "st %o4, [%o1] " ); \ - asm( "addx %g1, 0, %o2 " ); \ - asm( "inc 4, %o1 " ); - -#define MULADDC_STOP \ - asm( "st %%o2, %0 " : "=m" (c)); \ - asm( "st %%o1, %0 " : "=m" (d)); \ - asm( "st %%o0, %0 " : "=m" (s) :: \ - "g1", "o0", "o1", "o2", "o3", "o4", "o5" ); - -#endif /* SPARCv8 */ - -#if defined(__microblaze__) || defined(microblaze) - -#define MULADDC_INIT \ - asm( "lwi r3, %0 " :: "m" (s)); \ - asm( "lwi r4, %0 " :: "m" (d)); \ - asm( "lwi r5, %0 " :: "m" (c)); \ - asm( "lwi r6, %0 " :: "m" (b)); \ - asm( "andi r7, r6, 0xffff" ); \ - asm( "bsrli r6, r6, 16 " ); - -#define MULADDC_CORE \ - asm( "lhui r8, r3, 0 " ); \ - asm( "addi r3, r3, 2 " ); \ - asm( "lhui r9, r3, 0 " ); \ - asm( "addi r3, r3, 2 " ); \ - asm( "mul r10, r9, r6 " ); \ - asm( "mul r11, r8, r7 " ); \ - asm( "mul r12, r9, r7 " ); \ - asm( "mul r13, r8, r6 " ); \ - asm( "bsrli r8, r10, 16 " ); \ - asm( "bsrli r9, r11, 16 " ); \ - asm( "add r13, r13, r8 " ); \ - asm( "add r13, r13, r9 " ); \ - asm( "bslli r10, r10, 16 " ); \ - asm( "bslli r11, r11, 16 " ); \ - asm( "add r12, r12, r10 " ); \ - asm( "addc r13, r13, r0 " ); \ - asm( "add r12, r12, r11 " ); \ - asm( "addc r13, r13, r0 " ); \ - asm( "lwi r10, r4, 0 " ); \ - asm( "add r12, r12, r10 " ); \ - asm( "addc r13, r13, r0 " ); \ - asm( "add r12, r12, r5 " ); \ - asm( "addc r5, r13, r0 " ); \ - asm( "swi r12, r4, 0 " ); \ - asm( "addi r4, r4, 4 " ); - -#define MULADDC_STOP \ - asm( "swi r5, %0 " : "=m" (c)); \ - asm( "swi r4, %0 " : "=m" (d)); \ - asm( "swi r3, %0 " : "=m" (s) :: \ - "r3", "r4" , "r5" , "r6" , "r7" , "r8" , \ - "r9", "r10", "r11", "r12", "r13" ); - -#endif /* MicroBlaze */ - -#if defined(__tricore__) - -#define MULADDC_INIT \ - asm( "ld.a %%a2, %0 " :: "m" (s)); \ - asm( "ld.a %%a3, %0 " :: "m" (d)); \ - asm( "ld.w %%d4, %0 " :: "m" (c)); \ - asm( "ld.w %%d1, %0 " :: "m" (b)); \ - asm( "xor %d5, %d5 " ); - -#define MULADDC_CORE \ - asm( "ld.w %d0, [%a2+] " ); \ - asm( "madd.u %e2, %e4, %d0, %d1 " ); \ - asm( "ld.w %d0, [%a3] " ); \ - asm( "addx %d2, %d2, %d0 " ); \ - asm( "addc %d3, %d3, 0 " ); \ - asm( "mov %d4, %d3 " ); \ - asm( "st.w [%a3+], %d2 " ); - -#define MULADDC_STOP \ - asm( "st.w %0, %%d4 " : "=m" (c)); \ - asm( "st.a %0, %%a3 " : "=m" (d)); \ - asm( "st.a %0, %%a2 " : "=m" (s) :: \ - "d0", "d1", "e2", "d4", "a2", "a3" ); - -#endif /* TriCore */ - -#if defined(__arm__) - -#if !defined(__thumb__) - -#define MULADDC_INIT \ - asm( "ldr r0, %0 " :: "m" (s)); \ - asm( "ldr r1, %0 " :: "m" (d)); \ - asm( "ldr r2, %0 " :: "m" (c)); \ - asm( "ldr r3, %0 " :: "m" (b)); - -#define MULADDC_CORE \ - asm( "ldr r4, [r0], #4 " ); \ - asm( "mov r5, #0 " ); \ - asm( "ldr r6, [r1] " ); \ - asm( "umlal r2, r5, r3, r4 " ); \ - asm( "adds r7, r6, r2 " ); \ - asm( "adc r2, r5, #0 " ); \ - asm( "str r7, [r1], #4 " ); - -#define MULADDC_STOP \ - asm( "str r2, %0 " : "=m" (c)); \ - asm( "str r1, %0 " : "=m" (d)); \ - asm( "str r0, %0 " : "=m" (s) :: \ - "r0", "r1", "r2", "r3", "r4", "r5", "r6", "r7" ); - -#endif /* Thumb */ - -#endif /* ARMv3 */ - -#if defined(__alpha__) - -#define MULADDC_INIT \ - asm( "ldq $1, %0 " :: "m" (s)); \ - asm( "ldq $2, %0 " :: "m" (d)); \ - asm( "ldq $3, %0 " :: "m" (c)); \ - asm( "ldq $4, %0 " :: "m" (b)); - -#define MULADDC_CORE \ - asm( "ldq $6, 0($1) " ); \ - asm( "addq $1, 8, $1 " ); \ - asm( "mulq $6, $4, $7 " ); \ - asm( "umulh $6, $4, $6 " ); \ - asm( "addq $7, $3, $7 " ); \ - asm( "cmpult $7, $3, $3 " ); \ - asm( "ldq $5, 0($2) " ); \ - asm( "addq $7, $5, $7 " ); \ - asm( "cmpult $7, $5, $5 " ); \ - asm( "stq $7, 0($2) " ); \ - asm( "addq $2, 8, $2 " ); \ - asm( "addq $6, $3, $3 " ); \ - asm( "addq $5, $3, $3 " ); - -#define MULADDC_STOP \ - asm( "stq $3, %0 " : "=m" (c)); \ - asm( "stq $2, %0 " : "=m" (d)); \ - asm( "stq $1, %0 " : "=m" (s) :: \ - "$1", "$2", "$3", "$4", "$5", "$6", "$7" ); - -#endif /* Alpha */ - -#if defined(__mips__) - -#define MULADDC_INIT \ - asm( "lw $10, %0 " :: "m" (s)); \ - asm( "lw $11, %0 " :: "m" (d)); \ - asm( "lw $12, %0 " :: "m" (c)); \ - asm( "lw $13, %0 " :: "m" (b)); - -#define MULADDC_CORE \ - asm( "lw $14, 0($10) " ); \ - asm( "multu $13, $14 " ); \ - asm( "addi $10, $10, 4 " ); \ - asm( "mflo $14 " ); \ - asm( "mfhi $9 " ); \ - asm( "addu $14, $12, $14 " ); \ - asm( "lw $15, 0($11) " ); \ - asm( "sltu $12, $14, $12 " ); \ - asm( "addu $15, $14, $15 " ); \ - asm( "sltu $14, $15, $14 " ); \ - asm( "addu $12, $12, $9 " ); \ - asm( "sw $15, 0($11) " ); \ - asm( "addu $12, $12, $14 " ); \ - asm( "addi $11, $11, 4 " ); - -#define MULADDC_STOP \ - asm( "sw $12, %0 " : "=m" (c)); \ - asm( "sw $11, %0 " : "=m" (d)); \ - asm( "sw $10, %0 " : "=m" (s) :: \ - "$9", "$10", "$11", "$12", "$13", "$14", "$15" ); - -#endif /* MIPS */ -#endif /* GNUC */ - -#if (defined(_MSC_VER) && defined(_M_IX86)) || defined(__WATCOMC__) - -#define MULADDC_INIT \ - __asm mov esi, s \ - __asm mov edi, d \ - __asm mov ecx, c \ - __asm mov ebx, b - -#define MULADDC_CORE \ - __asm lodsd \ - __asm mul ebx \ - __asm add eax, ecx \ - __asm adc edx, 0 \ - __asm add eax, [edi] \ - __asm adc edx, 0 \ - __asm mov ecx, edx \ - __asm stosd - -#if defined(POLARSSL_HAVE_SSE2) - -#define EMIT __asm _emit - -#define MULADDC_HUIT \ - EMIT 0x0F EMIT 0x6E EMIT 0xC9 \ - EMIT 0x0F EMIT 0x6E EMIT 0xC3 \ - EMIT 0x0F EMIT 0x6E EMIT 0x1F \ - EMIT 0x0F EMIT 0xD4 EMIT 0xCB \ - EMIT 0x0F EMIT 0x6E EMIT 0x16 \ - EMIT 0x0F EMIT 0xF4 EMIT 0xD0 \ - EMIT 0x0F EMIT 0x6E EMIT 0x66 EMIT 0x04 \ - EMIT 0x0F EMIT 0xF4 EMIT 0xE0 \ - EMIT 0x0F EMIT 0x6E EMIT 0x76 EMIT 0x08 \ - EMIT 0x0F EMIT 0xF4 EMIT 0xF0 \ - EMIT 0x0F EMIT 0x6E EMIT 0x7E EMIT 0x0C \ - EMIT 0x0F EMIT 0xF4 EMIT 0xF8 \ - EMIT 0x0F EMIT 0xD4 EMIT 0xCA \ - EMIT 0x0F EMIT 0x6E EMIT 0x5F EMIT 0x04 \ - EMIT 0x0F EMIT 0xD4 EMIT 0xDC \ - EMIT 0x0F EMIT 0x6E EMIT 0x6F EMIT 0x08 \ - EMIT 0x0F EMIT 0xD4 EMIT 0xEE \ - EMIT 0x0F EMIT 0x6E EMIT 0x67 EMIT 0x0C \ - EMIT 0x0F EMIT 0xD4 EMIT 0xFC \ - EMIT 0x0F EMIT 0x7E EMIT 0x0F \ - EMIT 0x0F EMIT 0x6E EMIT 0x56 EMIT 0x10 \ - EMIT 0x0F EMIT 0xF4 EMIT 0xD0 \ - EMIT 0x0F EMIT 0x73 EMIT 0xD1 EMIT 0x20 \ - EMIT 0x0F EMIT 0x6E EMIT 0x66 EMIT 0x14 \ - EMIT 0x0F EMIT 0xF4 EMIT 0xE0 \ - EMIT 0x0F EMIT 0xD4 EMIT 0xCB \ - EMIT 0x0F EMIT 0x6E EMIT 0x76 EMIT 0x18 \ - EMIT 0x0F EMIT 0xF4 EMIT 0xF0 \ - EMIT 0x0F EMIT 0x7E EMIT 0x4F EMIT 0x04 \ - EMIT 0x0F EMIT 0x73 EMIT 0xD1 EMIT 0x20 \ - EMIT 0x0F EMIT 0x6E EMIT 0x5E EMIT 0x1C \ - EMIT 0x0F EMIT 0xF4 EMIT 0xD8 \ - EMIT 0x0F EMIT 0xD4 EMIT 0xCD \ - EMIT 0x0F EMIT 0x6E EMIT 0x6F EMIT 0x10 \ - EMIT 0x0F EMIT 0xD4 EMIT 0xD5 \ - EMIT 0x0F EMIT 0x7E EMIT 0x4F EMIT 0x08 \ - EMIT 0x0F EMIT 0x73 EMIT 0xD1 EMIT 0x20 \ - EMIT 0x0F EMIT 0xD4 EMIT 0xCF \ - EMIT 0x0F EMIT 0x6E EMIT 0x6F EMIT 0x14 \ - EMIT 0x0F EMIT 0xD4 EMIT 0xE5 \ - EMIT 0x0F EMIT 0x7E EMIT 0x4F EMIT 0x0C \ - EMIT 0x0F EMIT 0x73 EMIT 0xD1 EMIT 0x20 \ - EMIT 0x0F EMIT 0xD4 EMIT 0xCA \ - EMIT 0x0F EMIT 0x6E EMIT 0x6F EMIT 0x18 \ - EMIT 0x0F EMIT 0xD4 EMIT 0xF5 \ - EMIT 0x0F EMIT 0x7E EMIT 0x4F EMIT 0x10 \ - EMIT 0x0F EMIT 0x73 EMIT 0xD1 EMIT 0x20 \ - EMIT 0x0F EMIT 0xD4 EMIT 0xCC \ - EMIT 0x0F EMIT 0x6E EMIT 0x6F EMIT 0x1C \ - EMIT 0x0F EMIT 0xD4 EMIT 0xDD \ - EMIT 0x0F EMIT 0x7E EMIT 0x4F EMIT 0x14 \ - EMIT 0x0F EMIT 0x73 EMIT 0xD1 EMIT 0x20 \ - EMIT 0x0F EMIT 0xD4 EMIT 0xCE \ - EMIT 0x0F EMIT 0x7E EMIT 0x4F EMIT 0x18 \ - EMIT 0x0F EMIT 0x73 EMIT 0xD1 EMIT 0x20 \ - EMIT 0x0F EMIT 0xD4 EMIT 0xCB \ - EMIT 0x0F EMIT 0x7E EMIT 0x4F EMIT 0x1C \ - EMIT 0x83 EMIT 0xC7 EMIT 0x20 \ - EMIT 0x83 EMIT 0xC6 EMIT 0x20 \ - EMIT 0x0F EMIT 0x73 EMIT 0xD1 EMIT 0x20 \ - EMIT 0x0F EMIT 0x7E EMIT 0xC9 - -#define MULADDC_STOP \ - EMIT 0x0F EMIT 0x77 \ - __asm mov c, ecx \ - __asm mov d, edi \ - __asm mov s, esi \ - -#else - -#define MULADDC_STOP \ - __asm mov c, ecx \ - __asm mov d, edi \ - __asm mov s, esi \ - -#endif /* SSE2 */ -#endif /* MSVC */ - -#endif /* POLARSSL_HAVE_ASM */ - -#if !defined(MULADDC_CORE) -#if defined(POLARSSL_HAVE_LONGLONG) - -#define MULADDC_INIT \ -{ \ - t_udbl r; \ - t_uint r0, r1; - -#define MULADDC_CORE \ - r = *(s++) * (t_udbl) b; \ - r0 = r; \ - r1 = r >> biL; \ - r0 += c; r1 += (r0 < c); \ - r0 += *d; r1 += (r0 < *d); \ - c = r1; *(d++) = r0; - -#define MULADDC_STOP \ -} - -#else -#define MULADDC_INIT \ -{ \ - t_uint s0, s1, b0, b1; \ - t_uint r0, r1, rx, ry; \ - b0 = ( b << biH ) >> biH; \ - b1 = ( b >> biH ); - -#define MULADDC_CORE \ - s0 = ( *s << biH ) >> biH; \ - s1 = ( *s >> biH ); s++; \ - rx = s0 * b1; r0 = s0 * b0; \ - ry = s1 * b0; r1 = s1 * b1; \ - r1 += ( rx >> biH ); \ - r1 += ( ry >> biH ); \ - rx <<= biH; ry <<= biH; \ - r0 += rx; r1 += (r0 < rx); \ - r0 += ry; r1 += (r0 < ry); \ - r0 += c; r1 += (r0 < c); \ - r0 += *d; r1 += (r0 < *d); \ - c = r1; *(d++) = r0; - -#define MULADDC_STOP \ -} - -#endif /* C (generic) */ -#endif /* C (longlong) */ - -#endif /* bn_mul.h */ diff --git a/polarssl/src/include/polarssl/camellia.h b/polarssl/src/include/polarssl/camellia.h deleted file mode 100644 index b2b1294..0000000 --- a/polarssl/src/include/polarssl/camellia.h +++ /dev/null @@ -1,182 +0,0 @@ -/** - * \file camellia.h - * - * \brief Camellia block cipher - * - * Copyright (C) 2006-2010, Brainspark B.V. - * - * This file is part of PolarSSL (http://www.polarssl.org) - * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> - * - * All rights reserved. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_CAMELLIA_H -#define POLARSSL_CAMELLIA_H - -#include <string.h> - -#ifdef _MSC_VER -#include <basetsd.h> -typedef UINT32 uint32_t; -#else -#include <inttypes.h> -#endif - -#define CAMELLIA_ENCRYPT 1 -#define CAMELLIA_DECRYPT 0 - -#define POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH -0x0024 /**< Invalid key length. */ -#define POLARSSL_ERR_CAMELLIA_INVALID_INPUT_LENGTH -0x0026 /**< Invalid data input length. */ - -/** - * \brief CAMELLIA context structure - */ -typedef struct -{ - int nr; /*!< number of rounds */ - uint32_t rk[68]; /*!< CAMELLIA round keys */ -} -camellia_context; - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief CAMELLIA key schedule (encryption) - * - * \param ctx CAMELLIA context to be initialized - * \param key encryption key - * \param keysize must be 128, 192 or 256 - * - * \return 0 if successful, or POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH - */ -int camellia_setkey_enc( camellia_context *ctx, const unsigned char *key, unsigned int keysize ); - -/** - * \brief CAMELLIA key schedule (decryption) - * - * \param ctx CAMELLIA context to be initialized - * \param key decryption key - * \param keysize must be 128, 192 or 256 - * - * \return 0 if successful, or POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH - */ -int camellia_setkey_dec( camellia_context *ctx, const unsigned char *key, unsigned int keysize ); - -/** - * \brief CAMELLIA-ECB block encryption/decryption - * - * \param ctx CAMELLIA context - * \param mode CAMELLIA_ENCRYPT or CAMELLIA_DECRYPT - * \param input 16-byte input block - * \param output 16-byte output block - * - * \return 0 if successful - */ -int camellia_crypt_ecb( camellia_context *ctx, - int mode, - const unsigned char input[16], - unsigned char output[16] ); - -/** - * \brief CAMELLIA-CBC buffer encryption/decryption - * Length should be a multiple of the block - * size (16 bytes) - * - * \param ctx CAMELLIA context - * \param mode CAMELLIA_ENCRYPT or CAMELLIA_DECRYPT - * \param length length of the input data - * \param iv initialization vector (updated after use) - * \param input buffer holding the input data - * \param output buffer holding the output data - * - * \return 0 if successful, or POLARSSL_ERR_CAMELLIA_INVALID_INPUT_LENGTH - */ -int camellia_crypt_cbc( camellia_context *ctx, - int mode, - size_t length, - unsigned char iv[16], - const unsigned char *input, - unsigned char *output ); - -/** - * \brief CAMELLIA-CFB128 buffer encryption/decryption - * - * Note: Due to the nature of CFB you should use the same key schedule for - * both encryption and decryption. So a context initialized with - * camellia_setkey_enc() for both CAMELLIA_ENCRYPT and CAMELLIE_DECRYPT. - * - * \param ctx CAMELLIA context - * \param mode CAMELLIA_ENCRYPT or CAMELLIA_DECRYPT - * \param length length of the input data - * \param iv_off offset in IV (updated after use) - * \param iv initialization vector (updated after use) - * \param input buffer holding the input data - * \param output buffer holding the output data - * - * \return 0 if successful, or POLARSSL_ERR_CAMELLIA_INVALID_INPUT_LENGTH - */ -int camellia_crypt_cfb128( camellia_context *ctx, - int mode, - size_t length, - size_t *iv_off, - unsigned char iv[16], - const unsigned char *input, - unsigned char *output ); - -/* - * \brief CAMELLIA-CTR buffer encryption/decryption - * - * Warning: You have to keep the maximum use of your counter in mind! - * - * Note: Due to the nature of CTR you should use the same key schedule for - * both encryption and decryption. So a context initialized with - * camellia_setkey_enc() for both CAMELLIA_ENCRYPT and CAMELLIA_DECRYPT. - * - * \param length The length of the data - * \param nc_off The offset in the current stream_block (for resuming - * within current cipher stream). The offset pointer to - * should be 0 at the start of a stream. - * \param nonce_counter The 128-bit nonce and counter. - * \param stream_block The saved stream-block for resuming. Is overwritten - * by the function. - * \param input The input data stream - * \param output The output data stream - * - * \return 0 if successful - */ -int camellia_crypt_ctr( camellia_context *ctx, - size_t length, - size_t *nc_off, - unsigned char nonce_counter[16], - unsigned char stream_block[16], - const unsigned char *input, - unsigned char *output ); - -/** - * \brief Checkup routine - * - * \return 0 if successful, or 1 if the test failed - */ -int camellia_self_test( int verbose ); - -#ifdef __cplusplus -} -#endif - -#endif /* camellia.h */ diff --git a/polarssl/src/include/polarssl/certs.h b/polarssl/src/include/polarssl/certs.h deleted file mode 100644 index 5399e32..0000000 --- a/polarssl/src/include/polarssl/certs.h +++ /dev/null @@ -1,47 +0,0 @@ -/** - * \file certs.h - * - * \brief Sample certificates and DHM parameters for testing - * - * Copyright (C) 2006-2010, Brainspark B.V. - * - * This file is part of PolarSSL (http://www.polarssl.org) - * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> - * - * All rights reserved. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_CERTS_H -#define POLARSSL_CERTS_H - -#ifdef __cplusplus -extern "C" { -#endif - -extern const char test_ca_crt[]; -extern const char test_ca_key[]; -extern const char test_ca_pwd[]; -extern const char test_srv_crt[]; -extern const char test_srv_key[]; -extern const char test_cli_crt[]; -extern const char test_cli_key[]; -extern const char test_dhm_params[]; - -#ifdef __cplusplus -} -#endif - -#endif /* certs.h */ diff --git a/polarssl/src/include/polarssl/cipher.h b/polarssl/src/include/polarssl/cipher.h deleted file mode 100644 index 9605066..0000000 --- a/polarssl/src/include/polarssl/cipher.h +++ /dev/null @@ -1,459 +0,0 @@ -/** - * \file cipher.h - * - * \brief Generic cipher wrapper. - * - * \author Adriaan de Jong <dejong@fox-it.com> - * - * Copyright (C) 2006-2012, Brainspark B.V. - * - * This file is part of PolarSSL (http://www.polarssl.org) - * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> - * - * All rights reserved. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ - -#ifndef POLARSSL_CIPHER_H -#define POLARSSL_CIPHER_H - -#include <string.h> - -#if defined(_MSC_VER) && !defined(inline) -#define inline _inline -#else -#if defined(__ARMCC_VERSION) && !defined(inline) -#define inline __inline -#endif /* __ARMCC_VERSION */ -#endif /*_MSC_VER */ - -#define POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE -0x6080 /**< The selected feature is not available. */ -#define POLARSSL_ERR_CIPHER_BAD_INPUT_DATA -0x6100 /**< Bad input parameters to function. */ -#define POLARSSL_ERR_CIPHER_ALLOC_FAILED -0x6180 /**< Failed to allocate memory. */ -#define POLARSSL_ERR_CIPHER_INVALID_PADDING -0x6200 /**< Input data contains invalid padding and is rejected. */ -#define POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED -0x6280 /**< Decryption of block requires a full block. */ - -typedef enum { - POLARSSL_CIPHER_ID_NONE = 0, - POLARSSL_CIPHER_ID_NULL, - POLARSSL_CIPHER_ID_AES, - POLARSSL_CIPHER_ID_DES, - POLARSSL_CIPHER_ID_3DES, - POLARSSL_CIPHER_ID_CAMELLIA, -} cipher_id_t; - -typedef enum { - POLARSSL_CIPHER_NONE = 0, - POLARSSL_CIPHER_NULL, - POLARSSL_CIPHER_AES_128_CBC, - POLARSSL_CIPHER_AES_192_CBC, - POLARSSL_CIPHER_AES_256_CBC, - POLARSSL_CIPHER_AES_128_CFB128, - POLARSSL_CIPHER_AES_192_CFB128, - POLARSSL_CIPHER_AES_256_CFB128, - POLARSSL_CIPHER_AES_128_CTR, - POLARSSL_CIPHER_AES_192_CTR, - POLARSSL_CIPHER_AES_256_CTR, - POLARSSL_CIPHER_CAMELLIA_128_CBC, - POLARSSL_CIPHER_CAMELLIA_192_CBC, - POLARSSL_CIPHER_CAMELLIA_256_CBC, - POLARSSL_CIPHER_CAMELLIA_128_CFB128, - POLARSSL_CIPHER_CAMELLIA_192_CFB128, - POLARSSL_CIPHER_CAMELLIA_256_CFB128, - POLARSSL_CIPHER_CAMELLIA_128_CTR, - POLARSSL_CIPHER_CAMELLIA_192_CTR, - POLARSSL_CIPHER_CAMELLIA_256_CTR, - POLARSSL_CIPHER_DES_CBC, - POLARSSL_CIPHER_DES_EDE_CBC, - POLARSSL_CIPHER_DES_EDE3_CBC -} cipher_type_t; - -typedef enum { - POLARSSL_MODE_NONE = 0, - POLARSSL_MODE_NULL, - POLARSSL_MODE_CBC, - POLARSSL_MODE_CFB128, - POLARSSL_MODE_OFB, - POLARSSL_MODE_CTR, -} cipher_mode_t; - -typedef enum { - POLARSSL_OPERATION_NONE = -1, - POLARSSL_DECRYPT = 0, - POLARSSL_ENCRYPT, -} operation_t; - -enum { - /** Undefined key length */ - POLARSSL_KEY_LENGTH_NONE = 0, - /** Key length, in bits (including parity), for DES keys */ - POLARSSL_KEY_LENGTH_DES = 64, - /** Key length, in bits (including parity), for DES in two key EDE */ - POLARSSL_KEY_LENGTH_DES_EDE = 128, - /** Key length, in bits (including parity), for DES in three-key EDE */ - POLARSSL_KEY_LENGTH_DES_EDE3 = 192, - /** Maximum length of any IV, in bytes */ - POLARSSL_MAX_IV_LENGTH = 16, -}; - -/** - * Base cipher information. The non-mode specific functions and values. - */ -typedef struct { - - /** Base Cipher type (e.g. POLARSSL_CIPHER_ID_AES) */ - cipher_id_t cipher; - - /** Encrypt using CBC */ - int (*cbc_func)( void *ctx, operation_t mode, size_t length, unsigned char *iv, - const unsigned char *input, unsigned char *output ); - - /** Encrypt using CFB128 */ - int (*cfb128_func)( void *ctx, operation_t mode, size_t length, size_t *iv_off, - unsigned char *iv, const unsigned char *input, unsigned char *output ); - - /** Encrypt using CTR */ - int (*ctr_func)( void *ctx, size_t length, size_t *nc_off, unsigned char *nonce_counter, - unsigned char *stream_block, const unsigned char *input, unsigned char *output ); - - /** Set key for encryption purposes */ - int (*setkey_enc_func)( void *ctx, const unsigned char *key, unsigned int key_length); - - /** Set key for decryption purposes */ - int (*setkey_dec_func)( void *ctx, const unsigned char *key, unsigned int key_length); - - /** Allocate a new context */ - void * (*ctx_alloc_func)( void ); - - /** Free the given context */ - void (*ctx_free_func)( void *ctx ); - -} cipher_base_t; - -/** - * Cipher information. Allows cipher functions to be called in a generic way. - */ -typedef struct { - /** Full cipher identifier (e.g. POLARSSL_CIPHER_AES_256_CBC) */ - cipher_type_t type; - - /** Cipher mode (e.g. POLARSSL_MODE_CBC) */ - cipher_mode_t mode; - - /** Cipher key length, in bits (default length for variable sized ciphers) - * (Includes parity bits for ciphers like DES) */ - unsigned int key_length; - - /** Name of the cipher */ - const char * name; - - /** IV size, in bytes */ - unsigned int iv_size; - - /** block size, in bytes */ - unsigned int block_size; - - /** Base cipher information and functions */ - const cipher_base_t *base; - -} cipher_info_t; - -/** - * Generic cipher context. - */ -typedef struct { - /** Information about the associated cipher */ - const cipher_info_t *cipher_info; - - /** Key length to use */ - int key_length; - - /** Operation that the context's key has been initialised for */ - operation_t operation; - - /** Buffer for data that hasn't been encrypted yet */ - unsigned char unprocessed_data[POLARSSL_MAX_IV_LENGTH]; - - /** Number of bytes that still need processing */ - size_t unprocessed_len; - - /** Current IV or NONCE_COUNTER for CTR-mode */ - unsigned char iv[POLARSSL_MAX_IV_LENGTH]; - - /** Cipher-specific context */ - void *cipher_ctx; -} cipher_context_t; - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief Returns the list of ciphers supported by the generic cipher module. - * - * \return a statically allocated array of ciphers, the last entry - * is 0. - */ -const int *cipher_list( void ); - -/** - * \brief Returns the cipher information structure associated - * with the given cipher name. - * - * \param cipher_name Name of the cipher to search for. - * - * \return the cipher information structure associated with the - * given cipher_name, or NULL if not found. - */ -const cipher_info_t *cipher_info_from_string( const char *cipher_name ); - -/** - * \brief Returns the cipher information structure associated - * with the given cipher type. - * - * \param cipher_type Type of the cipher to search for. - * - * \return the cipher information structure associated with the - * given cipher_type, or NULL if not found. - */ -const cipher_info_t *cipher_info_from_type( const cipher_type_t cipher_type ); - -/** - * \brief Initialises and fills the cipher context structure with - * the appropriate values. - * - * \param ctx context to initialise. May not be NULL. - * \param cipher_info cipher to use. - * - * \return \c 0 on success, - * \c POLARSSL_ERR_CIPHER_BAD_INPUT_DATA on parameter failure, - * \c POLARSSL_ERR_CIPHER_ALLOC_FAILED if allocation of the - * cipher-specific context failed. - */ -int cipher_init_ctx( cipher_context_t *ctx, const cipher_info_t *cipher_info ); - -/** - * \brief Free the cipher-specific context of ctx. Freeing ctx - * itself remains the responsibility of the caller. - * - * \param ctx Free the cipher-specific context - * - * \returns 0 on success, POLARSSL_ERR_CIPHER_BAD_INPUT_DATA if - * parameter verification fails. - */ -int cipher_free_ctx( cipher_context_t *ctx ); - -/** - * \brief Returns the block size of the given cipher. - * - * \param ctx cipher's context. Must have been initialised. - * - * \return size of the cipher's blocks, or 0 if ctx has not been - * initialised. - */ -static inline unsigned int cipher_get_block_size( const cipher_context_t *ctx ) -{ - if( NULL == ctx || NULL == ctx->cipher_info ) - return 0; - - return ctx->cipher_info->block_size; -} - -/** - * \brief Returns the mode of operation for the cipher. - * (e.g. POLARSSL_MODE_CBC) - * - * \param ctx cipher's context. Must have been initialised. - * - * \return mode of operation, or POLARSSL_MODE_NONE if ctx - * has not been initialised. - */ -static inline cipher_mode_t cipher_get_cipher_mode( const cipher_context_t *ctx ) -{ - if( NULL == ctx || NULL == ctx->cipher_info ) - return POLARSSL_MODE_NONE; - - return ctx->cipher_info->mode; -} - -/** - * \brief Returns the size of the cipher's IV. - * - * \param ctx cipher's context. Must have been initialised. - * - * \return size of the cipher's IV, or 0 if ctx has not been - * initialised. - */ -static inline int cipher_get_iv_size( const cipher_context_t *ctx ) -{ - if( NULL == ctx || NULL == ctx->cipher_info ) - return 0; - - return ctx->cipher_info->iv_size; -} - -/** - * \brief Returns the type of the given cipher. - * - * \param ctx cipher's context. Must have been initialised. - * - * \return type of the cipher, or POLARSSL_CIPHER_NONE if ctx has - * not been initialised. - */ -static inline cipher_type_t cipher_get_type( const cipher_context_t *ctx ) -{ - if( NULL == ctx || NULL == ctx->cipher_info ) - return 0; - - return ctx->cipher_info->type; -} - -/** - * \brief Returns the name of the given cipher, as a string. - * - * \param ctx cipher's context. Must have been initialised. - * - * \return name of the cipher, or NULL if ctx was not initialised. - */ -static inline const char *cipher_get_name( const cipher_context_t *ctx ) -{ - if( NULL == ctx || NULL == ctx->cipher_info ) - return 0; - - return ctx->cipher_info->name; -} - -/** - * \brief Returns the key length of the cipher. - * - * \param ctx cipher's context. Must have been initialised. - * - * \return cipher's key length, in bits, or - * POLARSSL_KEY_LENGTH_NONE if ctx has not been - * initialised. - */ -static inline int cipher_get_key_size ( const cipher_context_t *ctx ) -{ - if( NULL == ctx ) - return POLARSSL_KEY_LENGTH_NONE; - - return ctx->key_length; -} - -/** - * \brief Returns the operation of the given cipher. - * - * \param ctx cipher's context. Must have been initialised. - * - * \return operation (POLARSSL_ENCRYPT or POLARSSL_DECRYPT), - * or POLARSSL_OPERATION_NONE if ctx has not been - * initialised. - */ -static inline operation_t cipher_get_operation( const cipher_context_t *ctx ) -{ - if( NULL == ctx || NULL == ctx->cipher_info ) - return POLARSSL_OPERATION_NONE; - - return ctx->operation; -} - -/** - * \brief Set the key to use with the given context. - * - * \param ctx generic cipher context. May not be NULL. Must have been - * initialised using cipher_context_from_type or - * cipher_context_from_string. - * \param key The key to use. - * \param key_length key length to use, in bits. - * \param operation Operation that the key will be used for, either - * POLARSSL_ENCRYPT or POLARSSL_DECRYPT. - * - * \returns 0 on success, POLARSSL_ERR_CIPHER_BAD_INPUT_DATA if - * parameter verification fails or a cipher specific - * error code. - */ -int cipher_setkey( cipher_context_t *ctx, const unsigned char *key, int key_length, - const operation_t operation ); - -/** - * \brief Reset the given context, setting the IV to iv - * - * \param ctx generic cipher context - * \param iv IV to use or NONCE_COUNTER in the case of a CTR-mode cipher - * - * \returns 0 on success, POLARSSL_ERR_CIPHER_BAD_INPUT_DATA - * if parameter verification fails. - */ -int cipher_reset( cipher_context_t *ctx, const unsigned char *iv ); - -/** - * \brief Generic cipher update function. Encrypts/decrypts - * using the given cipher context. Writes as many block - * size'd blocks of data as possible to output. Any data - * that cannot be written immediately will either be added - * to the next block, or flushed when cipher_final is - * called. - * - * \param ctx generic cipher context - * \param input buffer holding the input data - * \param ilen length of the input data - * \param output buffer for the output data. Should be able to hold at - * least ilen + block_size. Cannot be the same buffer as - * input! - * \param olen length of the output data, will be filled with the - * actual number of bytes written. - * - * \returns 0 on success, POLARSSL_ERR_CIPHER_BAD_INPUT_DATA if - * parameter verification fails, - * POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE on an - * unsupported mode for a cipher or a cipher specific - * error code. - */ -int cipher_update( cipher_context_t *ctx, const unsigned char *input, size_t ilen, - unsigned char *output, size_t *olen ); - -/** - * \brief Generic cipher finalisation function. If data still - * needs to be flushed from an incomplete block, data - * contained within it will be padded with the size of - * the last block, and written to the output buffer. - * - * \param ctx Generic cipher context - * \param output buffer to write data to. Needs block_size data available. - * \param olen length of the data written to the output buffer. - * - * \returns 0 on success, POLARSSL_ERR_CIPHER_BAD_INPUT_DATA if - * parameter verification fails, - * POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED if decryption - * expected a full block but was not provided one, - * POLARSSL_ERR_CIPHER_INVALID_PADDING on invalid padding - * while decrypting or a cipher specific error code. - */ -int cipher_finish( cipher_context_t *ctx, unsigned char *output, size_t *olen); - - -/** - * \brief Checkup routine - * - * \return 0 if successful, or 1 if the test failed - */ -int cipher_self_test( int verbose ); - -#ifdef __cplusplus -} -#endif - -#endif /* POLARSSL_MD_H */ diff --git a/polarssl/src/include/polarssl/cipher_wrap.h b/polarssl/src/include/polarssl/cipher_wrap.h deleted file mode 100644 index e81c11d..0000000 --- a/polarssl/src/include/polarssl/cipher_wrap.h +++ /dev/null @@ -1,95 +0,0 @@ -/** - * \file cipher_wrap.h - * - * \brief Cipher wrappers. - * - * \author Adriaan de Jong <dejong@fox-it.com> - * - * Copyright (C) 2006-2012, Brainspark B.V. - * - * This file is part of PolarSSL (http://www.polarssl.org) - * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> - * - * All rights reserved. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_CIPHER_WRAP_H -#define POLARSSL_CIPHER_WRAP_H - -#include "config.h" -#include "cipher.h" - -#ifdef __cplusplus -extern "C" { -#endif - -#if defined(POLARSSL_AES_C) - -extern const cipher_info_t aes_128_cbc_info; -extern const cipher_info_t aes_192_cbc_info; -extern const cipher_info_t aes_256_cbc_info; - -#if defined(POLARSSL_CIPHER_MODE_CFB) -extern const cipher_info_t aes_128_cfb128_info; -extern const cipher_info_t aes_192_cfb128_info; -extern const cipher_info_t aes_256_cfb128_info; -#endif /* POLARSSL_CIPHER_MODE_CFB */ - -#if defined(POLARSSL_CIPHER_MODE_CTR) -extern const cipher_info_t aes_128_ctr_info; -extern const cipher_info_t aes_192_ctr_info; -extern const cipher_info_t aes_256_ctr_info; -#endif /* POLARSSL_CIPHER_MODE_CTR */ - -#endif /* defined(POLARSSL_AES_C) */ - -#if defined(POLARSSL_CAMELLIA_C) - -extern const cipher_info_t camellia_128_cbc_info; -extern const cipher_info_t camellia_192_cbc_info; -extern const cipher_info_t camellia_256_cbc_info; - -#if defined(POLARSSL_CIPHER_MODE_CFB) -extern const cipher_info_t camellia_128_cfb128_info; -extern const cipher_info_t camellia_192_cfb128_info; -extern const cipher_info_t camellia_256_cfb128_info; -#endif /* POLARSSL_CIPHER_MODE_CFB */ - -#if defined(POLARSSL_CIPHER_MODE_CTR) -extern const cipher_info_t camellia_128_ctr_info; -extern const cipher_info_t camellia_192_ctr_info; -extern const cipher_info_t camellia_256_ctr_info; -#endif /* POLARSSL_CIPHER_MODE_CTR */ - -#endif /* defined(POLARSSL_CAMELLIA_C) */ - -#if defined(POLARSSL_DES_C) - -extern const cipher_info_t des_cbc_info; -extern const cipher_info_t des_ede_cbc_info; -extern const cipher_info_t des_ede3_cbc_info; - -#endif /* defined(POLARSSL_DES_C) */ - -#if defined(POLARSSL_CIPHER_NULL_CIPHER) -extern const cipher_info_t null_cipher_info; -#endif /* defined(POLARSSL_CIPHER_NULL_CIPHER) */ - -#ifdef __cplusplus -} -#endif - -#endif /* POLARSSL_CIPHER_WRAP_H */ diff --git a/polarssl/src/include/polarssl/config.h b/polarssl/src/include/polarssl/config.h deleted file mode 100644 index 4e27446..0000000 --- a/polarssl/src/include/polarssl/config.h +++ /dev/null @@ -1,744 +0,0 @@ -/** - * \file config.h - * - * \brief Configuration options (set of defines) - * - * Copyright (C) 2006-2011, Brainspark B.V. - * - * This file is part of PolarSSL (http://www.polarssl.org) - * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> - * - * All rights reserved. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - * - * This set of compile-time options may be used to enable - * or disable features selectively, and reduce the global - * memory footprint. - */ -#ifndef POLARSSL_CONFIG_H -#define POLARSSL_CONFIG_H - -#if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE) -#define _CRT_SECURE_NO_DEPRECATE 1 -#endif - -/** - * \name SECTION: System support - * - * This section sets system specific settings. - * \{ - */ - -/** - * \def POLARSSL_HAVE_INT8 - * - * The system uses 8-bit wide native integers. - * - * Uncomment if native integers are 8-bit wide. -#define POLARSSL_HAVE_INT8 - */ - -/** - * \def POLARSSL_HAVE_INT16 - * - * The system uses 16-bit wide native integers. - * - * Uncomment if native integers are 16-bit wide. -#define POLARSSL_HAVE_INT16 - */ - -/** - * \def POLARSSL_HAVE_LONGLONG - * - * The compiler supports the use of long long. - * - * Uncomment if the compiler supports long long. -#define POLARSSL_HAVE_LONGLONG - */ - -/** - * \def POLARSSL_HAVE_ASM - * - * The compiler has support for asm() - * - * Uncomment to enable the use of assembly code. - * - * Requires support for asm() in compiler. - * - * Used in: - * library/timing.c - * library/padlock.c - * include/polarssl/bn_mul.h - * - */ -#define POLARSSL_HAVE_ASM - -/** - * \def POLARSSL_HAVE_SSE2 - * - * CPI supports SSE2 instruction set. - * - * Uncomment if the CPU supports SSE2 (IA-32 specific). - * -#define POLARSSL_HAVE_SSE2 - */ -/* \} name */ - -/** - * \name SECTION: PolarSSL feature support - * - * This section sets support for features that are or are not needed - * within the modules that are enabled. - * \{ - */ - -/** - * \def POLARSSL_AES_ROM_TABLES - * - * Store the AES tables in ROM. - * - * Uncomment this macro to store the AES tables in ROM. - * -#define POLARSSL_AES_ROM_TABLES - */ - -/** - * \def POLARSSL_CIPHER_MODE_CFB - * - * Enable Cipher Feedback mode (CFB) for symmetric ciphers. - */ -//#define POLARSSL_CIPHER_MODE_CFB - -/** - * \def POLARSSL_CIPHER_MODE_CTR - * - * Enable Counter Block Cipher mode (CTR) for symmetric ciphers. - */ -//#define POLARSSL_CIPHER_MODE_CTR - -/** - * \def POLARSSL_CIPHER_NULL_CIPHER - * - * Enable NULL cipher. - * Warning: Only do so when you know what you are doing. This allows for - * encryption or channels without any security! - * - * Requires POLARSSL_ENABLE_WEAK_CIPHERSUITES as well to enable - * the following ciphersuites: - * SSL_RSA_NULL_MD5 - * SSL_RSA_NULL_SHA - * SSL_RSA_NULL_SHA256 - * - * Uncomment this macro to enable the NULL cipher and ciphersuites -#define POLARSSL_CIPHER_NULL_CIPHER - */ - -/** - * \def POLARSSL_ENABLE_WEAK_CIPHERSUITES - * - * Enable weak ciphersuites in SSL / TLS (like RC4_40) - * Warning: Only do so when you know what you are doing. This allows for - * channels without virtually no security at all! - * - * This enables the following ciphersuites: - * SSL_RSA_DES_SHA - * SSL_EDH_RSA_DES_SHA - * - * Uncomment this macro to enable weak ciphersuites -#define POLARSSL_ENABLE_WEAK_CIPHERSUITES - */ - -/** - * \def POLARSSL_GENPRIME - * - * Requires: POLARSSL_BIGNUM_C, POLARSSL_RSA_C - * - * Enable the RSA prime-number generation code. - */ -//#define POLARSSL_GENPRIME - -/** - * \def POLARSSL_FS_IO - * - * Enable functions that use the filesystem. - */ -//#define POLARSSL_FS_IO - -/** - * \def POLARSSL_NO_DEFAULT_ENTROPY_SOURCES - * - * Do not add default entropy sources. These are the platform specific, - * hardclock and HAVEGE based poll functions. - * - * This is useful to have more control over the added entropy sources in an - * application. - * - * Uncomment this macro to prevent loading of default entropy functions. -#define POLARSSL_NO_DEFAULT_ENTROPY_SOURCES - */ - -/** - * \def POLARSSL_NO_PLATFORM_ENTROPY - * - * Do not use built-in platform entropy functions. - * This is useful if your platform does not support - * standards like the /dev/urandom or Windows CryptoAPI. - * - * Uncomment this macro to disable the built-in platform entropy functions. -#define POLARSSL_NO_PLATFORM_ENTROPY - */ - -/** - * \def POLARSSL_PKCS1_V21 - * - * Requires: POLARSSL_MD_C, POLARSSL_RSA_C - * - * Enable support for PKCS#1 v2.1 encoding. - * This enables support for RSAES-OAEP and RSASSA-PSS operations. - */ -//#define POLARSSL_PKCS1_V21 - -/** - * \def POLARSSL_RSA_NO_CRT - * - * Do not use the Chinese Remainder Theorem for the RSA private operation. - * - * Uncomment this macro to disable the use of CRT in RSA. - * -#define POLARSSL_RSA_NO_CRT - */ - -/** - * \def POLARSSL_SELF_TEST - * - * Enable the checkup functions (*_self_test). - */ -//#define POLARSSL_SELF_TEST - -/** - * \def POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION - * - * If set, the X509 parser will not break-off when parsing an X509 certificate - * and encountering an unknown critical extension. - * - * Uncomment to prevent an error. - * -#define POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION - */ -/* \} name */ - -/** - * \name SECTION: PolarSSL modules - * - * This section enables or disables entire modules in PolarSSL - * \{ - */ - -/** - * \def POLARSSL_AES_C - * - * Enable the AES block cipher. - * - * Module: library/aes.c - * Caller: library/ssl_tls.c - * library/pem.c - * library/ctr_drbg.c - * - * This module enables the following ciphersuites: - * SSL_RSA_AES_128_SHA - * SSL_RSA_AES_256_SHA - * SSL_EDH_RSA_AES_256_SHA - */ -#define POLARSSL_AES_C - -/** - * \def POLARSSL_ARC4_C - * - * Enable the ARCFOUR stream cipher. - * - * Module: library/arc4.c - * Caller: library/ssl_tls.c - * - * This module enables the following ciphersuites: - * SSL_RSA_RC4_128_MD5 - * SSL_RSA_RC4_128_SHA - */ -//#define POLARSSL_ARC4_C - -/** - * \def POLARSSL_ASN1_PARSE_C - * - * Enable the generic ASN1 parser. - * - * Module: library/asn1.c - * Caller: library/x509parse.c - */ -#define POLARSSL_ASN1_PARSE_C - -/** - * \def POLARSSL_ASN1_WRITE_C - * - * Enable the generic ASN1 writer. - * - * Module: library/asn1write.c - */ -#define POLARSSL_ASN1_WRITE_C - -/** - * \def POLARSSL_BASE64_C - * - * Enable the Base64 module. - * - * Module: library/base64.c - * Caller: library/pem.c - * - * This module is required for PEM support (required by X.509). - */ -//#define POLARSSL_BASE64_C - -/** - * \def POLARSSL_BIGNUM_C - * - * Enable the multo-precision integer library. - * - * Module: library/bignum.c - * Caller: library/dhm.c - * library/rsa.c - * library/ssl_tls.c - * library/x509parse.c - * - * This module is required for RSA and DHM support. - */ -#define POLARSSL_BIGNUM_C - -/** - * \def POLARSSL_CAMELLIA_C - * - * Enable the Camellia block cipher. - * - * Module: library/camellia.c - * Caller: library/ssl_tls.c - * - * This module enabled the following cipher suites: - * SSL_RSA_CAMELLIA_128_SHA - * SSL_RSA_CAMELLIA_256_SHA - * SSL_EDH_RSA_CAMELLIA_256_SHA - */ -//#define POLARSSL_CAMELLIA_C - -/** - * \def POLARSSL_CERTS_C - * - * Enable the test certificates. - * - * Module: library/certs.c - * Caller: - * - * This module is used for testing (ssl_client/server). - */ -//#define POLARSSL_CERTS_C - -/** - * \def POLARSSL_CIPHER_C - * - * Enable the generic cipher layer. - * - * Module: library/cipher.c - * Caller: - * - * Uncomment to enable generic cipher wrappers. - */ -//#define POLARSSL_CIPHER_C - -/** - * \def POLARSSL_CTR_DRBG_C - * - * Enable the CTR_DRBG AES-256-based random generator - * - * Module: library/ctr_drbg.c - * Caller: - * - * Requires: POLARSSL_AES_C - * - * This module provides the CTR_DRBG AES-256 random number generator. - */ -#define POLARSSL_CTR_DRBG_C - -/** - * \def POLARSSL_DEBUG_C - * - * Enable the debug functions. - * - * Module: library/debug.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * library/ssl_tls.c - * - * This module provides debugging functions. - */ -//#define POLARSSL_DEBUG_C - -/** - * \def POLARSSL_DES_C - * - * Enable the DES block cipher. - * - * Module: library/des.c - * Caller: library/ssl_tls.c - * - * This module enables the following ciphersuites: - * SSL_RSA_DES_168_SHA - * SSL_EDH_RSA_DES_168_SHA - */ -//#define POLARSSL_DES_C - -/** - * \def POLARSSL_DHM_C - * - * Enable the Diffie-Hellman-Merkle key exchange. - * - * Module: library/dhm.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * - * This module enables the following ciphersuites: - * SSL_EDH_RSA_DES_168_SHA - * SSL_EDH_RSA_AES_256_SHA - * SSL_EDH_RSA_CAMELLIA_256_SHA - */ -//#define POLARSSL_DHM_C - -/** - * \def POLARSSL_ENTROPY_C - * - * Enable the platform-specific entropy code. - * - * Module: library/entropy.c - * Caller: - * - * Requires: POLARSSL_SHA4_C - * - * This module provides a generic entropy pool - */ -#define POLARSSL_ENTROPY_C - -/** - * \def POLARSSL_ERROR_C - * - * Enable error code to error string conversion. - * - * Module: library/error.c - * Caller: - * - * This module enables err_strerror(). - */ -#define POLARSSL_ERROR_C - -/** - * \def POLARSSL_GCM_C - * - * Enable the Galois/Counter Mode (GCM) for AES - * - * Module: library/gcm.c - * - * Requires: POLARSSL_AES_C - */ -//#define POLARSSL_GCM_C - -/** - * \def POLARSSL_HAVEGE_C - * - * Enable the HAVEGE random generator. - * - * Module: library/havege.c - * Caller: - * - * Requires: POLARSSL_TIMING_C - * - * This module enables the HAVEGE random number generator. - */ -//#define POLARSSL_HAVEGE_C - -/** - * \def POLARSSL_MD_C - * - * Enable the generic message digest layer. - * - * Module: library/md.c - * Caller: - * - * Uncomment to enable generic message digest wrappers. - */ -//#define POLARSSL_MD_C - -/** - * \def POLARSSL_MD2_C - * - * Enable the MD2 hash algorithm - * - * Module: library/md2.c - * Caller: library/x509parse.c - * - * Uncomment to enable support for (rare) MD2-signed X.509 certs. - * -#define POLARSSL_MD2_C - */ - -/** - * \def POLARSSL_MD4_C - * - * Enable the MD4 hash algorithm - * - * Module: library/md4.c - * Caller: library/x509parse.c - * - * Uncomment to enable support for (rare) MD4-signed X.509 certs. - * -#define POLARSSL_MD4_C - */ - -/** - * \def POLARSSL_MD5_C - * - * Enable the MD5 hash algorithm - * - * Module: library/md5.c - * Caller: library/ssl_tls.c - * library/x509parse.c - * - * This module is required for SSL/TLS and X.509. - */ -#define POLARSSL_MD5_C - -/** - * \def POLARSSL_NET_C - * - * Enable the TCP/IP networking routines. - * - * Module: library/net.c - * Caller: - * - * This module provides TCP/IP networking routines. - */ -//#define POLARSSL_NET_C - -/** - * \def POLARSSL_PADLOCK_C - * - * Enable VIA Padlock support on x86. - * - * Module: library/padlock.c - * Caller: library/aes.c - * - * This modules adds support for the VIA PadLock on x86. - */ -//#define POLARSSL_PADLOCK_C - -/** - * \def POLARSSL_PEM_C - * - * Enable PEM decoding - * - * Module: library/pem.c - * Caller: library/x509parse.c - * - * Requires: POLARSSL_BASE64_C - * - * This modules adds support for decoding PEM files. - */ -//#define POLARSSL_PEM_C - -/** - * \def POLARSSL_PKCS11_C - * - * Enable support for PKCS#11 smartcard support. - * - * Module: library/ssl_srv.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * - * Requires: POLARSSL_SSL_TLS_C - * - * This module is required for SSL/TLS PKCS #11 smartcard support. - * Requires the presence of the PKCS#11 helper library (libpkcs11-helper) -#define POLARSSL_PKCS11_C - */ - -/** - * \def POLARSSL_RSA_C - * - * Enable the RSA public-key cryptosystem. - * - * Module: library/rsa.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * library/ssl_tls.c - * library/x509.c - * - * Requires: POLARSSL_BIGNUM_C - * - * This module is required for SSL/TLS and MD5-signed certificates. - */ -#define POLARSSL_RSA_C - -/** - * \def POLARSSL_SHA1_C - * - * Enable the SHA1 cryptographic hash algorithm. - * - * Module: library/sha1.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * library/ssl_tls.c - * library/x509parse.c - * - * This module is required for SSL/TLS and SHA1-signed certificates. - */ -#define POLARSSL_SHA1_C - -/** - * \def POLARSSL_SHA2_C - * - * Enable the SHA-224 and SHA-256 cryptographic hash algorithms. - * - * Module: library/sha2.c - * Caller: library/md_wrap.c - * library/x509parse.c - * - * This module adds support for SHA-224 and SHA-256. - */ -#define POLARSSL_SHA2_C - -/** - * \def POLARSSL_SHA4_C - * - * Enable the SHA-384 and SHA-512 cryptographic hash algorithms. - * - * Module: library/sha4.c - * Caller: library/md_wrap.c - * library/x509parse.c - * - * This module adds support for SHA-384 and SHA-512. - */ -#define POLARSSL_SHA4_C - -/** - * \def POLARSSL_SSL_CLI_C - * - * Enable the SSL/TLS client code. - * - * Module: library/ssl_cli.c - * Caller: - * - * Requires: POLARSSL_SSL_TLS_C - * - * This module is required for SSL/TLS client support. - */ -#define POLARSSL_SSL_CLI_C - -/* - * \def POLARSSL_SSL_SRV_C - * - * Enable the SSL/TLS server code. - * - * Module: library/ssl_srv.c - * Caller: - * - * Requires: POLARSSL_SSL_TLS_C - * - * This module is required for SSL/TLS server support. - */ -//#define POLARSSL_SSL_SRV_C - -/** - * \def POLARSSL_SSL_TLS_C - * - * Enable the generic SSL/TLS code. - * - * Module: library/ssl_tls.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * - * Requires: POLARSSL_MD5_C, POLARSSL_SHA1_C, POLARSSL_X509_PARSE_C - * - * This module is required for SSL/TLS. - */ -#define POLARSSL_SSL_TLS_C - -/** - * \def POLARSSL_TIMING_C - * - * Enable the portable timing interface. - * - * Module: library/timing.c - * Caller: library/havege.c - * - * This module is used by the HAVEGE random number generator. - */ -//#define POLARSSL_TIMING_C - -/** - * \def POLARSSL_VERSION_C - * - * Enable run-time version information. - * - * Module: library/version.c - * - * This module provides run-time version information. - */ -#define POLARSSL_VERSION_C - -/** - * \def POLARSSL_X509_PARSE_C - * - * Enable X.509 certificate parsing. - * - * Module: library/x509parse.c - * Caller: library/ssl_cli.c - * library/ssl_srv.c - * library/ssl_tls.c - * - * Requires: POLARSSL_ASN1_PARSE_C, POLARSSL_BIGNUM_C, POLARSSL_RSA_C - * - * This module is required for X.509 certificate parsing. - */ -#define POLARSSL_X509_PARSE_C - -/** - * \def POLARSSL_X509_WRITE_C - * - * Enable X.509 buffer writing. - * - * Module: library/x509write.c - * - * Requires: POLARSSL_BIGNUM_C, POLARSSL_RSA_C - * - * This module is required for X.509 certificate request writing. - */ -//#define POLARSSL_X509_WRITE_C - -/** - * \def POLARSSL_XTEA_C - * - * Enable the XTEA block cipher. - * - * Module: library/xtea.c - * Caller: - */ -//#define POLARSSL_XTEA_C -/* \} name */ - -#endif /* config.h */ diff --git a/polarssl/src/include/polarssl/ctr_drbg.h b/polarssl/src/include/polarssl/ctr_drbg.h deleted file mode 100644 index 83861a9..0000000 --- a/polarssl/src/include/polarssl/ctr_drbg.h +++ /dev/null @@ -1,228 +0,0 @@ -/** - * \file ctr_drbg.h - * - * \brief CTR_DRBG based on AES-256 (NIST SP 800-90) - * - * Copyright (C) 2006-2010, Brainspark B.V. - * - * This file is part of PolarSSL (http://www.polarssl.org) - * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> - * - * All rights reserved. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_CTR_DRBG_H -#define POLARSSL_CTR_DRBG_H - -#include <string.h> - -#include "aes.h" - -#define POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED -0x0034 /**< The entropy source failed. */ -#define POLARSSL_ERR_CTR_DRBG_REQUEST_TOO_BIG -0x0036 /**< Too many random requested in single call. */ -#define POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG -0x0038 /**< Input too large (Entropy + additional). */ -#define POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR -0x003A /**< Read/write error in file. */ - -#define CTR_DRBG_BLOCKSIZE 16 /**< Block size used by the cipher */ -#define CTR_DRBG_KEYSIZE 32 /**< Key size used by the cipher */ -#define CTR_DRBG_KEYBITS ( CTR_DRBG_KEYSIZE * 8 ) -#define CTR_DRBG_SEEDLEN ( CTR_DRBG_KEYSIZE + CTR_DRBG_BLOCKSIZE ) - /**< The seed length (counter + AES key) */ -#define CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default */ -#define CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ -#define CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ -#define CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ -#define CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ - -#define CTR_DRBG_PR_OFF 0 /**< No prediction resistance */ -#define CTR_DRBG_PR_ON 1 /**< Prediction resistance enabled */ - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief CTR_DRBG context structure - */ -typedef struct -{ - unsigned char counter[16]; /*!< counter (V) */ - int reseed_counter; /*!< reseed counter */ - int prediction_resistance; /*!< enable prediction resistance (Automatic - reseed before every random generation) */ - size_t entropy_len; /*!< amount of entropy grabbed on each (re)seed */ - int reseed_interval; /*!< reseed interval */ - - aes_context aes_ctx; /*!< AES context */ - - /* - * Callbacks (Entropy) - */ - int (*f_entropy)(void *, unsigned char *, size_t); - - void *p_entropy; /*!< context for the entropy function */ -} -ctr_drbg_context; - -/** - * \brief CTR_DRBG initialization - * - * Note: Personalization data can be provided in addition to the more generic - * entropy source to make this instantiation as unique as possible. - * - * \param ctx CTR_DRBG context to be initialized - * \param f_entropy Entropy callback (p_entropy, buffer to fill, buffer - * length) - * \param p_entropy Entropy context - * \param custom Personalization data (Device specific identifiers) - * (Can be NULL) - * \param len Length of personalization data - * - * \return 0 if successful, or - * POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED - */ -int ctr_drbg_init( ctr_drbg_context *ctx, - int (*f_entropy)(void *, unsigned char *, size_t), - void *p_entropy, - const unsigned char *custom, - size_t len ); - -/** - * \brief Enable / disable prediction resistance (Default: Off) - * - * Note: If enabled, entropy is used for ctx->entropy_len before each call! - * Only use this if you have ample supply of good entropy! - * - * \param ctx CTR_DRBG context - * \param resistance CTR_DRBG_PR_ON or CTR_DRBG_PR_OFF - */ -void ctr_drbg_set_prediction_resistance( ctr_drbg_context *ctx, - int resistance ); - -/** - * \brief Set the amount of entropy grabbed on each (re)seed - * (Default: CTR_DRBG_ENTROPY_LEN) - * - * \param ctx CTR_DRBG context - * \param len Amount of entropy to grab - */ -void ctr_drbg_set_entropy_len( ctr_drbg_context *ctx, - size_t len ); - -/** - * \brief Set the reseed interval - * (Default: CTR_DRBG_RESEED_INTERVAL) - * - * \param ctx CTR_DRBG context - * \param interval Reseed interval - */ -void ctr_drbg_set_reseed_interval( ctr_drbg_context *ctx, - int interval ); - -/** - * \brief CTR_DRBG reseeding (extracts data from entropy source) - * - * \param ctx CTR_DRBG context - * \param additional Additional data to add to state (Can be NULL) - * \param len Length of additional data - * - * \return 0 if successful, or - * POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED - */ -int ctr_drbg_reseed( ctr_drbg_context *ctx, - const unsigned char *additional, size_t len ); - -/** - * \brief CTR_DRBG update state - * - * \param ctx CTR_DRBG context - * \param additional Additional data to update state with - * \param add_len Length of additional data - */ -void ctr_drbg_update( ctr_drbg_context *ctx, - const unsigned char *additional, size_t add_len ); - -/** - * \brief CTR_DRBG generate random with additional update input - * - * Note: Automatically reseeds if reseed_counter is reached. - * - * \param p_rng CTR_DRBG context - * \param output Buffer to fill - * \param output_len Length of the buffer - * \param additional Additional data to update with (Can be NULL) - * \param add_len Length of additional data - * - * \return 0 if successful, or - * POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED, or - * POLARSSL_ERR_CTR_DRBG_REQUEST_TOO_BIG - */ -int ctr_drbg_random_with_add( void *p_rng, - unsigned char *output, size_t output_len, - const unsigned char *additional, size_t add_len ); - -/** - * \brief CTR_DRBG generate random - * - * Note: Automatically reseeds if reseed_counter is reached. - * - * \param p_rng CTR_DRBG context - * \param output Buffer to fill - * \param output_len Length of the buffer - * - * \return 0 if successful, or - * POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED, or - * POLARSSL_ERR_CTR_DRBG_REQUEST_TOO_BIG - */ -int ctr_drbg_random( void *p_rng, - unsigned char *output, size_t output_len ); - -#if defined(POLARSSL_FS_IO) -/** - * \brief Write a seed file - * - * \param path Name of the file - * - * \return 0 if successful, 1 on file error, or - * POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED - */ -int ctr_drbg_write_seed_file( ctr_drbg_context *ctx, const char *path ); - -/** - * \brief Read and update a seed file. Seed is added to this - * instance - * - * \param path Name of the file - * - * \return 0 if successful, 1 on file error, - * POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED or - * POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG - */ -int ctr_drbg_update_seed_file( ctr_drbg_context *ctx, const char *path ); -#endif - -/** - * \brief Checkup routine - * - * \return 0 if successful, or 1 if the test failed - */ -int ctr_drbg_self_test( int verbose ); - -#ifdef __cplusplus -} -#endif - -#endif /* ctr_drbg.h */ diff --git a/polarssl/src/include/polarssl/debug.h b/polarssl/src/include/polarssl/debug.h deleted file mode 100644 index 511e926..0000000 --- a/polarssl/src/include/polarssl/debug.h +++ /dev/null @@ -1,89 +0,0 @@ -/** - * \file debug.h - * - * \brief Debug functions - * - * Copyright (C) 2006-2011, Brainspark B.V. - * - * This file is part of PolarSSL (http://www.polarssl.org) - * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> - * - * All rights reserved. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_DEBUG_H -#define POLARSSL_DEBUG_H - -#include "config.h" -#include "ssl.h" - -#if defined(POLARSSL_DEBUG_C) - -#define SSL_DEBUG_MSG( level, args ) \ - debug_print_msg( ssl, level, __FILE__, __LINE__, debug_fmt args ); - -#define SSL_DEBUG_RET( level, text, ret ) \ - debug_print_ret( ssl, level, __FILE__, __LINE__, text, ret ); - -#define SSL_DEBUG_BUF( level, text, buf, len ) \ - debug_print_buf( ssl, level, __FILE__, __LINE__, text, buf, len ); - -#define SSL_DEBUG_MPI( level, text, X ) \ - debug_print_mpi( ssl, level, __FILE__, __LINE__, text, X ); - -#define SSL_DEBUG_CRT( level, text, crt ) \ - debug_print_crt( ssl, level, __FILE__, __LINE__, text, crt ); - -#else - -#define SSL_DEBUG_MSG( level, args ) do { } while( 0 ) -#define SSL_DEBUG_RET( level, text, ret ) do { } while( 0 ) -#define SSL_DEBUG_BUF( level, text, buf, len ) do { } while( 0 ) -#define SSL_DEBUG_MPI( level, text, X ) do { } while( 0 ) -#define SSL_DEBUG_CRT( level, text, crt ) do { } while( 0 ) - -#endif - -#ifdef __cplusplus -extern "C" { -#endif - -char *debug_fmt( const char *format, ... ); - -void debug_print_msg( const ssl_context *ssl, int level, - const char *file, int line, const char *text ); - -void debug_print_ret( const ssl_context *ssl, int level, - const char *file, int line, - const char *text, int ret ); - -void debug_print_buf( const ssl_context *ssl, int level, - const char *file, int line, const char *text, - unsigned char *buf, size_t len ); - -void debug_print_mpi( const ssl_context *ssl, int level, - const char *file, int line, - const char *text, const mpi *X ); - -void debug_print_crt( const ssl_context *ssl, int level, - const char *file, int line, - const char *text, const x509_cert *crt ); - -#ifdef __cplusplus -} -#endif - -#endif /* debug.h */ diff --git a/polarssl/src/include/polarssl/des.h b/polarssl/src/include/polarssl/des.h deleted file mode 100644 index 653e68b..0000000 --- a/polarssl/src/include/polarssl/des.h +++ /dev/null @@ -1,227 +0,0 @@ -/** - * \file des.h - * - * \brief DES block cipher - * - * Copyright (C) 2006-2010, Brainspark B.V. - * - * This file is part of PolarSSL (http://www.polarssl.org) - * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> - * - * All rights reserved. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_DES_H -#define POLARSSL_DES_H - -#include <string.h> - -#define DES_ENCRYPT 1 -#define DES_DECRYPT 0 - -#define POLARSSL_ERR_DES_INVALID_INPUT_LENGTH -0x0032 /**< The data input has an invalid length. */ - -#define DES_KEY_SIZE 8 - -/** - * \brief DES context structure - */ -typedef struct -{ - int mode; /*!< encrypt/decrypt */ - unsigned long sk[32]; /*!< DES subkeys */ -} -des_context; - -/** - * \brief Triple-DES context structure - */ -typedef struct -{ - int mode; /*!< encrypt/decrypt */ - unsigned long sk[96]; /*!< 3DES subkeys */ -} -des3_context; - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief Set key parity on the given key to odd. - * - * DES keys are 56 bits long, but each byte is padded with - * a parity bit to allow verification. - * - * \param key 8-byte secret key - */ -void des_key_set_parity( unsigned char key[DES_KEY_SIZE] ); - -/** - * \brief Check that key parity on the given key is odd. - * - * DES keys are 56 bits long, but each byte is padded with - * a parity bit to allow verification. - * - * \param key 8-byte secret key - * - * \return 0 is parity was ok, 1 if parity was not correct. - */ -int des_key_check_key_parity( const unsigned char key[DES_KEY_SIZE] ); - -/** - * \brief Check that key is not a weak or semi-weak DES key - * - * \param key 8-byte secret key - * - * \return 0 if no weak key was found, 1 if a weak key was identified. - */ -int des_key_check_weak( const unsigned char key[DES_KEY_SIZE] ); - -/** - * \brief DES key schedule (56-bit, encryption) - * - * \param ctx DES context to be initialized - * \param key 8-byte secret key - * - * \return 0 - */ -int des_setkey_enc( des_context *ctx, const unsigned char key[DES_KEY_SIZE] ); - -/** - * \brief DES key schedule (56-bit, decryption) - * - * \param ctx DES context to be initialized - * \param key 8-byte secret key - * - * \return 0 - */ -int des_setkey_dec( des_context *ctx, const unsigned char key[DES_KEY_SIZE] ); - -/** - * \brief Triple-DES key schedule (112-bit, encryption) - * - * \param ctx 3DES context to be initialized - * \param key 16-byte secret key - * - * \return 0 - */ -int des3_set2key_enc( des3_context *ctx, const unsigned char key[DES_KEY_SIZE * 2] ); - -/** - * \brief Triple-DES key schedule (112-bit, decryption) - * - * \param ctx 3DES context to be initialized - * \param key 16-byte secret key - * - * \return 0 - */ -int des3_set2key_dec( des3_context *ctx, const unsigned char key[DES_KEY_SIZE * 2] ); - -/** - * \brief Triple-DES key schedule (168-bit, encryption) - * - * \param ctx 3DES context to be initialized - * \param key 24-byte secret key - * - * \return 0 - */ -int des3_set3key_enc( des3_context *ctx, const unsigned char key[DES_KEY_SIZE * 3] ); - -/** - * \brief Triple-DES key schedule (168-bit, decryption) - * - * \param ctx 3DES context to be initialized - * \param key 24-byte secret key - * - * \return 0 - */ -int des3_set3key_dec( des3_context *ctx, const unsigned char key[DES_KEY_SIZE * 3] ); - -/** - * \brief DES-ECB block encryption/decryption - * - * \param ctx DES context - * \param input 64-bit input block - * \param output 64-bit output block - * - * \return 0 if successful - */ -int des_crypt_ecb( des_context *ctx, - const unsigned char input[8], - unsigned char output[8] ); - -/** - * \brief DES-CBC buffer encryption/decryption - * - * \param ctx DES context - * \param mode DES_ENCRYPT or DES_DECRYPT - * \param length length of the input data - * \param iv initialization vector (updated after use) - * \param input buffer holding the input data - * \param output buffer holding the output data - */ -int des_crypt_cbc( des_context *ctx, - int mode, - size_t length, - unsigned char iv[8], - const unsigned char *input, - unsigned char *output ); - -/** - * \brief 3DES-ECB block encryption/decryption - * - * \param ctx 3DES context - * \param input 64-bit input block - * \param output 64-bit output block - * - * \return 0 if successful - */ -int des3_crypt_ecb( des3_context *ctx, - const unsigned char input[8], - unsigned char output[8] ); - -/** - * \brief 3DES-CBC buffer encryption/decryption - * - * \param ctx 3DES context - * \param mode DES_ENCRYPT or DES_DECRYPT - * \param length length of the input data - * \param iv initialization vector (updated after use) - * \param input buffer holding the input data - * \param output buffer holding the output data - * - * \return 0 if successful, or POLARSSL_ERR_DES_INVALID_INPUT_LENGTH - */ -int des3_crypt_cbc( des3_context *ctx, - int mode, - size_t length, - unsigned char iv[8], - const unsigned char *input, - unsigned char *output ); - -/* - * \brief Checkup routine - * - * \return 0 if successful, or 1 if the test failed - */ -int des_self_test( int verbose ); - -#ifdef __cplusplus -} -#endif - -#endif /* des.h */ diff --git a/polarssl/src/include/polarssl/dhm.h b/polarssl/src/include/polarssl/dhm.h deleted file mode 100644 index 0c8dd55..0000000 --- a/polarssl/src/include/polarssl/dhm.h +++ /dev/null @@ -1,153 +0,0 @@ -/** - * \file dhm.h - * - * \brief Diffie-Hellman-Merkle key exchange - * - * Copyright (C) 2006-2010, Brainspark B.V. - * - * This file is part of PolarSSL (http://www.polarssl.org) - * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> - * - * All rights reserved. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_DHM_H -#define POLARSSL_DHM_H - -#include "bignum.h" - -/* - * DHM Error codes - */ -#define POLARSSL_ERR_DHM_BAD_INPUT_DATA -0x3080 /**< Bad input parameters to function. */ -#define POLARSSL_ERR_DHM_READ_PARAMS_FAILED -0x3100 /**< Reading of the DHM parameters failed. */ -#define POLARSSL_ERR_DHM_MAKE_PARAMS_FAILED -0x3180 /**< Making of the DHM parameters failed. */ -#define POLARSSL_ERR_DHM_READ_PUBLIC_FAILED -0x3200 /**< Reading of the public values failed. */ -#define POLARSSL_ERR_DHM_MAKE_PUBLIC_FAILED -0x3280 /**< Making of the public value failed. */ -#define POLARSSL_ERR_DHM_CALC_SECRET_FAILED -0x3300 /**< Calculation of the DHM secret failed. */ - -/** - * \brief DHM context structure - */ -typedef struct -{ - size_t len; /*!< size(P) in chars */ - mpi P; /*!< prime modulus */ - mpi G; /*!< generator */ - mpi X; /*!< secret value */ - mpi GX; /*!< self = G^X mod P */ - mpi GY; /*!< peer = G^Y mod P */ - mpi K; /*!< key = GY^X mod P */ - mpi RP; /*!< cached R^2 mod P */ -} -dhm_context; - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief Parse the ServerKeyExchange parameters - * - * \param ctx DHM context - * \param p &(start of input buffer) - * \param end end of buffer - * - * \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code - */ -int dhm_read_params( dhm_context *ctx, - unsigned char **p, - const unsigned char *end ); - -/** - * \brief Setup and write the ServerKeyExchange parameters - * - * \param ctx DHM context - * \param x_size private value size in bytes - * \param output destination buffer - * \param olen number of chars written - * \param f_rng RNG function - * \param p_rng RNG parameter - * - * \note This function assumes that ctx->P and ctx->G - * have already been properly set (for example - * using mpi_read_string or mpi_read_binary). - * - * \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code - */ -int dhm_make_params( dhm_context *ctx, int x_size, - unsigned char *output, size_t *olen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); - -/** - * \brief Import the peer's public value G^Y - * - * \param ctx DHM context - * \param input input buffer - * \param ilen size of buffer - * - * \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code - */ -int dhm_read_public( dhm_context *ctx, - const unsigned char *input, size_t ilen ); - -/** - * \brief Create own private value X and export G^X - * - * \param ctx DHM context - * \param x_size private value size in bytes - * \param output destination buffer - * \param olen must be equal to ctx->P.len - * \param f_rng RNG function - * \param p_rng RNG parameter - * - * \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code - */ -int dhm_make_public( dhm_context *ctx, int x_size, - unsigned char *output, size_t olen, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); - -/** - * \brief Derive and export the shared secret (G^Y)^X mod P - * - * \param ctx DHM context - * \param output destination buffer - * \param olen number of chars written - * - * \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code - */ -int dhm_calc_secret( dhm_context *ctx, - unsigned char *output, size_t *olen ); - -/* - * \brief Free the components of a DHM key - */ -void dhm_free( dhm_context *ctx ); - -/** - * \brief Checkup routine - * - * \return 0 if successful, or 1 if the test failed - */ -int dhm_self_test( int verbose ); - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/polarssl/src/include/polarssl/entropy.h b/polarssl/src/include/polarssl/entropy.h deleted file mode 100644 index 53bce41..0000000 --- a/polarssl/src/include/polarssl/entropy.h +++ /dev/null @@ -1,150 +0,0 @@ -/** - * \file entropy.h - * - * \brief Entropy accumulator implementation - * - * Copyright (C) 2006-2011, Brainspark B.V. - * - * This file is part of PolarSSL (http://www.polarssl.org) - * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> - * - * All rights reserved. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_ENTROPY_H -#define POLARSSL_ENTROPY_H - -#include <string.h> - -#include "config.h" - -#include "sha4.h" -#if defined(POLARSSL_HAVEGE_C) -#include "havege.h" -#endif - -#define POLARSSL_ERR_ENTROPY_SOURCE_FAILED -0x003C /**< Critical entropy source failure. */ -#define POLARSSL_ERR_ENTROPY_MAX_SOURCES -0x003E /**< No more sources can be added. */ -#define POLARSSL_ERR_ENTROPY_NO_SOURCES_DEFINED -0x0040 /**< No sources have been added to poll. */ - -#define ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */ -#define ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */ -#define ENTROPY_BLOCK_SIZE 64 /**< Block size of entropy accumulator (SHA-512) */ - -#define ENTROPY_SOURCE_MANUAL ENTROPY_MAX_SOURCES - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief Entropy poll callback pointer - * - * \param data Callback-specific data pointer - * \param output Data to fill - * \param len Maximum size to provide - * \param olen The actual amount of bytes put into the buffer (Can be 0) - * - * \return 0 if no critical failures occurred, - * POLARSSL_ERR_ENTROPY_SOURCE_FAILED otherwise - */ -typedef int (*f_source_ptr)(void *, unsigned char *, size_t, size_t *); - -/** - * \brief Entropy source state - */ -typedef struct -{ - f_source_ptr f_source; /**< The entropy source callback */ - void * p_source; /**< The callback data pointer */ - size_t size; /**< Amount received */ - size_t threshold; /**< Minimum level required before release */ -} -source_state; - -/** - * \brief Entropy context structure - */ -typedef struct -{ - sha4_context accumulator; - int source_count; - source_state source[ENTROPY_MAX_SOURCES]; -#if defined(POLARSSL_HAVEGE_C) - havege_state havege_data; -#endif -} -entropy_context; - -/** - * \brief Initialize the context - * - * \param ctx Entropy context to initialize - */ -void entropy_init( entropy_context *ctx ); - -/** - * \brief Adds an entropy source to poll - * - * \param ctx Entropy context - * \param f_source Entropy function - * \param p_source Function data - * \param threshold Minimum required from source before entropy is released - * ( with entropy_func() ) - * - * \return 0 if successful or POLARSSL_ERR_ENTROPY_MAX_SOURCES - */ -int entropy_add_source( entropy_context *ctx, - f_source_ptr f_source, void *p_source, - size_t threshold ); - -/** - * \brief Trigger an extra gather poll for the accumulator - * - * \param ctx Entropy context - * - * \return 0 if successful, or POLARSSL_ERR_ENTROPY_SOURCE_FAILED - */ -int entropy_gather( entropy_context *ctx ); - -/** - * \brief Retrieve entropy from the accumulator (Max ENTROPY_BLOCK_SIZE) - * - * \param data Entropy context - * \param output Buffer to fill - * \param len Length of buffer - * - * \return 0 if successful, or POLARSSL_ERR_ENTROPY_SOURCE_FAILED - */ -int entropy_func( void *data, unsigned char *output, size_t len ); - -/** - * \brief Add data to the accumulator manually - * - * \param ctx Entropy context - * \param data Data to add - * \param len Length of data - * - * \return 0 if successful - */ -int entropy_update_manual( entropy_context *ctx, - const unsigned char *data, size_t len ); - -#ifdef __cplusplus -} -#endif - -#endif /* entropy.h */ diff --git a/polarssl/src/include/polarssl/entropy_poll.h b/polarssl/src/include/polarssl/entropy_poll.h deleted file mode 100644 index 0116598..0000000 --- a/polarssl/src/include/polarssl/entropy_poll.h +++ /dev/null @@ -1,75 +0,0 @@ -/** - * \file entropy_poll.h - * - * \brief Platform-specific and custom entropy polling functions - * - * Copyright (C) 2006-2011, Brainspark B.V. - * - * This file is part of PolarSSL (http://www.polarssl.org) - * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> - * - * All rights reserved. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_ENTROPY_POLL_H -#define POLARSSL_ENTROPY_POLL_H - -#include <string.h> - -#include "config.h" - -#ifdef __cplusplus -extern "C" { -#endif - -/* - * Default thresholds for built-in sources - */ -#define ENTROPY_MIN_PLATFORM 128 /**< Minimum for platform source */ -#define ENTROPY_MIN_HAVEGE 128 /**< Minimum for HAVEGE */ -#define ENTROPY_MIN_HARDCLOCK 32 /**< Minimum for hardclock() */ - -#if !defined(POLARSSL_NO_PLATFORM_ENTROPY) -/** - * \brief Platform-specific entropy poll callback - */ -int platform_entropy_poll( void *data, - unsigned char *output, size_t len, size_t *olen ); -#endif - -#if defined(POLARSSL_HAVEGE_C) -/** - * \brief HAVEGE based entropy poll callback - * - * Requires an HAVEGE state as its data pointer. - */ -int havege_poll( void *data, - unsigned char *output, size_t len, size_t *olen ); -#endif - -#if defined(POLARSSL_TIMING_C) -/** - * \brief hardclock-based entropy poll callback - */ -int hardclock_poll( void *data, - unsigned char *output, size_t len, size_t *olen ); -#endif - -#ifdef __cplusplus -} -#endif - -#endif /* entropy_poll.h */ diff --git a/polarssl/src/include/polarssl/error.h b/polarssl/src/include/polarssl/error.h deleted file mode 100644 index f3514df..0000000 --- a/polarssl/src/include/polarssl/error.h +++ /dev/null @@ -1,102 +0,0 @@ -/** - * \file error.h - * - * \brief Error to string translation - * - * Copyright (C) 2006-2010, Brainspark B.V. - * - * This file is part of PolarSSL (http://www.polarssl.org) - * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> - * - * All rights reserved. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_ERROR_H -#define POLARSSL_ERROR_H - -/** - * Error code layout. - * - * Currently we try to keep all error codes within the negative space of 16 - * bytes signed integers to support all platforms (-0x0000 - -0x8000). In - * addition we'd like to give two layers of information on the error if - * possible. - * - * For that purpose the error codes are segmented in the following manner: - * - * 16 bit error code bit-segmentation - * - * 1 bit - Intentionally not used - * 3 bits - High level module ID - * 5 bits - Module-dependent error code - * 6 bits - Low level module errors - * 1 bit - Intentionally not used - * - * Low-level module errors (0x007E-0x0002) - * - * Module Nr Codes assigned - * MPI 7 0x0002-0x0010 - * GCM 2 0x0012-0x0014 - * AES 2 0x0020-0x0022 - * CAMELLIA 2 0x0024-0x0026 - * XTEA 1 0x0028-0x0028 - * BASE64 2 0x002A-0x002C - * PADLOCK 1 0x0030-0x0030 - * DES 1 0x0032-0x0032 - * CTR_DBRG 3 0x0034-0x003A - * ENTROPY 3 0x003C-0x0040 - * NET 11 0x0042-0x0056 - * ASN1 7 0x0060-0x006C - * MD2 1 0x0070-0x0070 - * MD4 1 0x0072-0x0072 - * MD5 1 0x0074-0x0074 - * SHA1 1 0x0076-0x0076 - * SHA2 1 0x0078-0x0078 - * SHA4 1 0x007A-0x007A - * - * High-level module nr (3 bits - 0x1...-0x8...) - * Name ID Nr of Errors - * PEM 1 8 - * X509 2 21 - * DHM 3 6 - * RSA 4 9 - * MD 5 4 - * CIPHER 6 5 - * SSL 7 30 - * - * Module dependent error code (5 bits 0x.08.-0x.F8.) - */ - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief Translate a PolarSSL error code into a string representation, - * Result is truncated if necessary and always includes a terminating - * null byte. - * - * \param errnum error code - * \param buffer buffer to place representation in - * \param buflen length of the buffer - */ -void error_strerror( int errnum, char *buffer, size_t buflen ); - -#ifdef __cplusplus -} -#endif - -#endif /* error.h */ diff --git a/polarssl/src/include/polarssl/gcm.h b/polarssl/src/include/polarssl/gcm.h deleted file mode 100644 index 2f88c70..0000000 --- a/polarssl/src/include/polarssl/gcm.h +++ /dev/null @@ -1,142 +0,0 @@ -/** - * \file gcm.h - * - * \brief Galois/Counter mode for AES - * - * Copyright (C) 2006-2012, Brainspark B.V. - * - * This file is part of PolarSSL (http://www.polarssl.org) - * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> - * - * All rights reserved. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_GCM_H -#define POLARSSL_GCM_H - -#include "aes.h" - -#include <stdint.h> - -#define GCM_ENCRYPT 1 -#define GCM_DECRYPT 0 - -#define POLARSSL_ERR_GCM_AUTH_FAILED -0x0012 /**< Authenticated decryption failed. */ -#define POLARSSL_ERR_GCM_BAD_INPUT -0x0014 /**< Bad input parameters to function. */ - -/** - * \brief GCM context structure - */ -typedef struct { - aes_context aes_ctx; /*!< AES context used */ - uint64_t HL[16]; /*!< Precalculated HTable */ - uint64_t HH[16]; /*!< Precalculated HTable */ -} -gcm_context; - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief GCM initialization (encryption) - * - * \param ctx GCM context to be initialized - * \param key encryption key - * \param keysize must be 128, 192 or 256 - * - * \return 0 if successful, or POLARSSL_ERR_AES_INVALID_KEY_LENGTH - */ -int gcm_init( gcm_context *ctx, const unsigned char *key, unsigned int keysize ); - -/** - * \brief GCM buffer encryption/decryption using AES - * - * \note On encryption, the output buffer can be the same as the input buffer. - * On decryption, the output buffer cannot be the same as input buffer. - * If buffers overlap, the output buffer must trail at least 8 bytes - * behind the input buffer. - * - * \param ctx GCM context - * \param mode GCM_ENCRYPT or GCM_DECRYPT - * \param length length of the input data - * \param iv initialization vector - * \param iv_len length of IV - * \param add additional data - * \param add_len length of additional data - * \param input buffer holding the input data - * \param output buffer for holding the output data - * \param tag_len length of the tag to generate - * \param tag buffer for holding the tag - * - * \return 0 if successful - */ -int gcm_crypt_and_tag( gcm_context *ctx, - int mode, - size_t length, - const unsigned char *iv, - size_t iv_len, - const unsigned char *add, - size_t add_len, - const unsigned char *input, - unsigned char *output, - size_t tag_len, - unsigned char *tag ); - -/** - * \brief GCM buffer authenticated decryption using AES - * - * \note On decryption, the output buffer cannot be the same as input buffer. - * If buffers overlap, the output buffer must trail at least 8 bytes - * behind the input buffer. - * - * \param ctx GCM context - * \param length length of the input data - * \param iv initialization vector - * \param iv_len length of IV - * \param add additional data - * \param add_len length of additional data - * \param tag buffer holding the tag - * \param tag_len length of the tag - * \param input buffer holding the input data - * \param output buffer for holding the output data - * - * \return 0 if successful and authenticated, - * POLARSSL_ERR_GCM_AUTH_FAILED if tag does not match - */ -int gcm_auth_decrypt( gcm_context *ctx, - size_t length, - const unsigned char *iv, - size_t iv_len, - const unsigned char *add, - size_t add_len, - const unsigned char *tag, - size_t tag_len, - const unsigned char *input, - unsigned char *output ); - -/** - * \brief Checkup routine - * - * \return 0 if successful, or 1 if the test failed - */ -int gcm_self_test( int verbose ); - -#ifdef __cplusplus -} -#endif - -#endif /* gcm.h */ diff --git a/polarssl/src/include/polarssl/havege.h b/polarssl/src/include/polarssl/havege.h deleted file mode 100644 index 53c4f38..0000000 --- a/polarssl/src/include/polarssl/havege.h +++ /dev/null @@ -1,71 +0,0 @@ -/** - * \file havege.h - * - * \brief HAVEGE: HArdware Volatile Entropy Gathering and Expansion - * - * Copyright (C) 2006-2010, Brainspark B.V. - * - * This file is part of PolarSSL (http://www.polarssl.org) - * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> - * - * All rights reserved. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_HAVEGE_H -#define POLARSSL_HAVEGE_H - -#include <string.h> - -#define COLLECT_SIZE 1024 - -/** - * \brief HAVEGE state structure - */ -typedef struct -{ - int PT1, PT2, offset[2]; - int pool[COLLECT_SIZE]; - int WALK[8192]; -} -havege_state; - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief HAVEGE initialization - * - * \param hs HAVEGE state to be initialized - */ -void havege_init( havege_state *hs ); - -/** - * \brief HAVEGE rand function - * - * \param p_rng A HAVEGE state - * \param output Buffer to fill - * \param len Length of buffer - * - * \return 0 - */ -int havege_random( void *p_rng, unsigned char *output, size_t len ); - -#ifdef __cplusplus -} -#endif - -#endif /* havege.h */ diff --git a/polarssl/src/include/polarssl/md.h b/polarssl/src/include/polarssl/md.h deleted file mode 100644 index 88596cb..0000000 --- a/polarssl/src/include/polarssl/md.h +++ /dev/null @@ -1,354 +0,0 @@ -/** - * \file md.h - * - * \brief Generic message digest wrapper - * - * \author Adriaan de Jong <dejong@fox-it.com> - * - * Copyright (C) 2006-2011, Brainspark B.V. - * - * This file is part of PolarSSL (http://www.polarssl.org) - * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> - * - * All rights reserved. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_MD_H -#define POLARSSL_MD_H - -#include <string.h> - -#if defined(_MSC_VER) && !defined(inline) -#define inline _inline -#else -#if defined(__ARMCC_VERSION) && !defined(inline) -#define inline __inline -#endif /* __ARMCC_VERSION */ -#endif /*_MSC_VER */ - -#define POLARSSL_ERR_MD_FEATURE_UNAVAILABLE -0x5080 /**< The selected feature is not available. */ -#define POLARSSL_ERR_MD_BAD_INPUT_DATA -0x5100 /**< Bad input parameters to function. */ -#define POLARSSL_ERR_MD_ALLOC_FAILED -0x5180 /**< Failed to allocate memory. */ -#define POLARSSL_ERR_MD_FILE_IO_ERROR -0x5200 /**< Opening or reading of file failed. */ - -typedef enum { - POLARSSL_MD_NONE=0, - POLARSSL_MD_MD2, - POLARSSL_MD_MD4, - POLARSSL_MD_MD5, - POLARSSL_MD_SHA1, - POLARSSL_MD_SHA224, - POLARSSL_MD_SHA256, - POLARSSL_MD_SHA384, - POLARSSL_MD_SHA512, -} md_type_t; - -#define POLARSSL_MD_MAX_SIZE 64 /* longest known is SHA512 */ - -/** - * Message digest information. Allows message digest functions to be called - * in a generic way. - */ -typedef struct { - /** Digest identifier */ - md_type_t type; - - /** Name of the message digest */ - const char * name; - - /** Output length of the digest function */ - int size; - - /** Digest initialisation function */ - void (*starts_func)( void *ctx ); - - /** Digest update function */ - void (*update_func)( void *ctx, const unsigned char *input, size_t ilen ); - - /** Digest finalisation function */ - void (*finish_func)( void *ctx, unsigned char *output ); - - /** Generic digest function */ - void (*digest_func)( const unsigned char *input, size_t ilen, - unsigned char *output ); - - /** Generic file digest function */ - int (*file_func)( const char *path, unsigned char *output ); - - /** HMAC Initialisation function */ - void (*hmac_starts_func)( void *ctx, const unsigned char *key, size_t keylen ); - - /** HMAC update function */ - void (*hmac_update_func)( void *ctx, const unsigned char *input, size_t ilen ); - - /** HMAC finalisation function */ - void (*hmac_finish_func)( void *ctx, unsigned char *output); - - /** HMAC context reset function */ - void (*hmac_reset_func)( void *ctx ); - - /** Generic HMAC function */ - void (*hmac_func)( const unsigned char *key, size_t keylen, - const unsigned char *input, size_t ilen, - unsigned char *output ); - - /** Allocate a new context */ - void * (*ctx_alloc_func)( void ); - - /** Free the given context */ - void (*ctx_free_func)( void *ctx ); - -} md_info_t; - -/** - * Generic message digest context. - */ -typedef struct { - /** Information about the associated message digest */ - const md_info_t *md_info; - - /** Digest-specific context */ - void *md_ctx; -} md_context_t; - -#define MD_CONTEXT_T_INIT { \ - NULL, /* md_info */ \ - NULL, /* md_ctx */ \ -} - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief Returns the list of digests supported by the generic digest module. - * - * \return a statically allocated array of digests, the last entry - * is 0. - */ -const int *md_list( void ); - -/** - * \brief Returns the message digest information associated with the - * given digest name. - * - * \param md_name Name of the digest to search for. - * - * \return The message digest information associated with md_name or - * NULL if not found. - */ -const md_info_t *md_info_from_string( const char *md_name ); - -/** - * \brief Returns the message digest information associated with the - * given digest type. - * - * \param md_type type of digest to search for. - * - * \return The message digest information associated with md_type or - * NULL if not found. - */ -const md_info_t *md_info_from_type( md_type_t md_type ); - -/** - * \brief Initialises and fills the message digest context structure with - * the appropriate values. - * - * \param ctx context to initialise. May not be NULL. The - * digest-specific context (ctx->md_ctx) must be NULL. It will - * be allocated, and must be freed using md_free_ctx() later. - * \param md_info message digest to use. - * - * \returns \c 0 on success, \c POLARSSL_ERR_MD_BAD_INPUT_DATA on - * parameter failure, \c POLARSSL_ERR_MD_ALLOC_FAILED if - * allocation of the digest-specific context failed. - */ -int md_init_ctx( md_context_t *ctx, const md_info_t *md_info ); - -/** - * \brief Free the message-specific context of ctx. Freeing ctx itself - * remains the responsibility of the caller. - * - * \param ctx Free the message-specific context - * - * \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter - * verification fails. - */ -int md_free_ctx( md_context_t *ctx ); - -/** - * \brief Returns the size of the message digest output. - * - * \param md_info message digest info - * - * \return size of the message digest output. - */ -static inline unsigned char md_get_size( const md_info_t *md_info ) -{ - return md_info->size; -} - -/** - * \brief Returns the type of the message digest output. - * - * \param md_info message digest info - * - * \return type of the message digest output. - */ -static inline md_type_t md_get_type( const md_info_t *md_info ) -{ - return md_info->type; -} - -/** - * \brief Returns the name of the message digest output. - * - * \param md_info message digest info - * - * \return name of the message digest output. - */ -static inline const char *md_get_name( const md_info_t *md_info ) -{ - return md_info->name; -} - -/** - * \brief Set-up the given context for a new message digest - * - * \param ctx generic message digest context. - * - * \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter - * verification fails. - */ -int md_starts( md_context_t *ctx ); - -/** - * \brief Generic message digest process buffer - * - * \param ctx Generic message digest context - * \param input buffer holding the datal - * \param ilen length of the input data - * - * \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter - * verification fails. - */ -int md_update( md_context_t *ctx, const unsigned char *input, size_t ilen ); - -/** - * \brief Generic message digest final digest - * - * \param ctx Generic message digest context - * \param output Generic message digest checksum result - * - * \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter - * verification fails. - */ -int md_finish( md_context_t *ctx, unsigned char *output ); - -/** - * \brief Output = message_digest( input buffer ) - * - * \param md_info message digest info - * \param input buffer holding the data - * \param ilen length of the input data - * \param output Generic message digest checksum result - * - * \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter - * verification fails. - */ -int md( const md_info_t *md_info, const unsigned char *input, size_t ilen, - unsigned char *output ); - -/** - * \brief Output = message_digest( file contents ) - * - * \param md_info message digest info - * \param path input file name - * \param output generic message digest checksum result - * - * \return 0 if successful, POLARSSL_ERR_MD_FILE_OPEN_FAILED if fopen - * failed, POLARSSL_ERR_MD_FILE_READ_FAILED if fread failed, - * POLARSSL_ERR_MD_BAD_INPUT_DATA if md_info was NULL. - */ -int md_file( const md_info_t *md_info, const char *path, unsigned char *output ); - -/** - * \brief Generic HMAC context setup - * - * \param ctx HMAC context to be initialized - * \param key HMAC secret key - * \param keylen length of the HMAC key - * - * \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter - * verification fails. - */ -int md_hmac_starts( md_context_t *ctx, const unsigned char *key, size_t keylen ); - -/** - * \brief Generic HMAC process buffer - * - * \param ctx HMAC context - * \param input buffer holding the data - * \param ilen length of the input data - * - * \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter - * verification fails. - */ -int md_hmac_update( md_context_t *ctx, const unsigned char *input, size_t ilen ); - -/** - * \brief Generic HMAC final digest - * - * \param ctx HMAC context - * \param output Generic HMAC checksum result - * - * \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter - * verification fails. - */ -int md_hmac_finish( md_context_t *ctx, unsigned char *output); - -/** - * \brief Generic HMAC context reset - * - * \param ctx HMAC context to be reset - * - * \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter - * verification fails. - */ -int md_hmac_reset( md_context_t *ctx ); - -/** - * \brief Output = Generic_HMAC( hmac key, input buffer ) - * - * \param md_info message digest info - * \param key HMAC secret key - * \param keylen length of the HMAC key - * \param input buffer holding the data - * \param ilen length of the input data - * \param output Generic HMAC-result - * - * \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter - * verification fails. - */ -int md_hmac( const md_info_t *md_info, const unsigned char *key, size_t keylen, - const unsigned char *input, size_t ilen, - unsigned char *output ); - -#ifdef __cplusplus -} -#endif - -#endif /* POLARSSL_MD_H */ diff --git a/polarssl/src/include/polarssl/md2.h b/polarssl/src/include/polarssl/md2.h deleted file mode 100644 index 1f60470..0000000 --- a/polarssl/src/include/polarssl/md2.h +++ /dev/null @@ -1,153 +0,0 @@ -/** - * \file md2.h - * - * \brief MD2 message digest algorithm (hash function) - * - * Copyright (C) 2006-2010, Brainspark B.V. - * - * This file is part of PolarSSL (http://www.polarssl.org) - * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> - * - * All rights reserved. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_MD2_H -#define POLARSSL_MD2_H - -#include <string.h> - -#define POLARSSL_ERR_MD2_FILE_IO_ERROR -0x0070 /**< Read/write error in file. */ - -/** - * \brief MD2 context structure - */ -typedef struct -{ - unsigned char cksum[16]; /*!< checksum of the data block */ - unsigned char state[48]; /*!< intermediate digest state */ - unsigned char buffer[16]; /*!< data block being processed */ - - unsigned char ipad[16]; /*!< HMAC: inner padding */ - unsigned char opad[16]; /*!< HMAC: outer padding */ - size_t left; /*!< amount of data in buffer */ -} -md2_context; - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief MD2 context setup - * - * \param ctx context to be initialized - */ -void md2_starts( md2_context *ctx ); - -/** - * \brief MD2 process buffer - * - * \param ctx MD2 context - * \param input buffer holding the data - * \param ilen length of the input data - */ -void md2_update( md2_context *ctx, const unsigned char *input, size_t ilen ); - -/** - * \brief MD2 final digest - * - * \param ctx MD2 context - * \param output MD2 checksum result - */ -void md2_finish( md2_context *ctx, unsigned char output[16] ); - -/** - * \brief Output = MD2( input buffer ) - * - * \param input buffer holding the data - * \param ilen length of the input data - * \param output MD2 checksum result - */ -void md2( const unsigned char *input, size_t ilen, unsigned char output[16] ); - -/** - * \brief Output = MD2( file contents ) - * - * \param path input file name - * \param output MD2 checksum result - * - * \return 0 if successful, or POLARSSL_ERR_MD2_FILE_IO_ERROR - */ -int md2_file( const char *path, unsigned char output[16] ); - -/** - * \brief MD2 HMAC context setup - * - * \param ctx HMAC context to be initialized - * \param key HMAC secret key - * \param keylen length of the HMAC key - */ -void md2_hmac_starts( md2_context *ctx, const unsigned char *key, size_t keylen ); - -/** - * \brief MD2 HMAC process buffer - * - * \param ctx HMAC context - * \param input buffer holding the data - * \param ilen length of the input data - */ -void md2_hmac_update( md2_context *ctx, const unsigned char *input, size_t ilen ); - -/** - * \brief MD2 HMAC final digest - * - * \param ctx HMAC context - * \param output MD2 HMAC checksum result - */ -void md2_hmac_finish( md2_context *ctx, unsigned char output[16] ); - -/** - * \brief MD2 HMAC context reset - * - * \param ctx HMAC context to be reset - */ -void md2_hmac_reset( md2_context *ctx ); - -/** - * \brief Output = HMAC-MD2( hmac key, input buffer ) - * - * \param key HMAC secret key - * \param keylen length of the HMAC key - * \param input buffer holding the data - * \param ilen length of the input data - * \param output HMAC-MD2 result - */ -void md2_hmac( const unsigned char *key, size_t keylen, - const unsigned char *input, size_t ilen, - unsigned char output[16] ); - -/** - * \brief Checkup routine - * - * \return 0 if successful, or 1 if the test failed - */ -int md2_self_test( int verbose ); - -#ifdef __cplusplus -} -#endif - -#endif /* md2.h */ diff --git a/polarssl/src/include/polarssl/md4.h b/polarssl/src/include/polarssl/md4.h deleted file mode 100644 index 2bd35ea..0000000 --- a/polarssl/src/include/polarssl/md4.h +++ /dev/null @@ -1,152 +0,0 @@ -/** - * \file md4.h - * - * \brief MD4 message digest algorithm (hash function) - * - * Copyright (C) 2006-2010, Brainspark B.V. - * - * This file is part of PolarSSL (http://www.polarssl.org) - * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> - * - * All rights reserved. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_MD4_H -#define POLARSSL_MD4_H - -#include <string.h> - -#define POLARSSL_ERR_MD4_FILE_IO_ERROR -0x0072 /**< Read/write error in file. */ - -/** - * \brief MD4 context structure - */ -typedef struct -{ - unsigned long total[2]; /*!< number of bytes processed */ - unsigned long state[4]; /*!< intermediate digest state */ - unsigned char buffer[64]; /*!< data block being processed */ - - unsigned char ipad[64]; /*!< HMAC: inner padding */ - unsigned char opad[64]; /*!< HMAC: outer padding */ -} -md4_context; - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief MD4 context setup - * - * \param ctx context to be initialized - */ -void md4_starts( md4_context *ctx ); - -/** - * \brief MD4 process buffer - * - * \param ctx MD4 context - * \param input buffer holding the data - * \param ilen length of the input data - */ -void md4_update( md4_context *ctx, const unsigned char *input, size_t ilen ); - -/** - * \brief MD4 final digest - * - * \param ctx MD4 context - * \param output MD4 checksum result - */ -void md4_finish( md4_context *ctx, unsigned char output[16] ); - -/** - * \brief Output = MD4( input buffer ) - * - * \param input buffer holding the data - * \param ilen length of the input data - * \param output MD4 checksum result - */ -void md4( const unsigned char *input, size_t ilen, unsigned char output[16] ); - -/** - * \brief Output = MD4( file contents ) - * - * \param path input file name - * \param output MD4 checksum result - * - * \return 0 if successful, or POLARSSL_ERR_MD4_FILE_IO_ERROR - */ -int md4_file( const char *path, unsigned char output[16] ); - -/** - * \brief MD4 HMAC context setup - * - * \param ctx HMAC context to be initialized - * \param key HMAC secret key - * \param keylen length of the HMAC key - */ -void md4_hmac_starts( md4_context *ctx, const unsigned char *key, size_t keylen ); - -/** - * \brief MD4 HMAC process buffer - * - * \param ctx HMAC context - * \param input buffer holding the data - * \param ilen length of the input data - */ -void md4_hmac_update( md4_context *ctx, const unsigned char *input, size_t ilen ); - -/** - * \brief MD4 HMAC final digest - * - * \param ctx HMAC context - * \param output MD4 HMAC checksum result - */ -void md4_hmac_finish( md4_context *ctx, unsigned char output[16] ); - -/** - * \brief MD4 HMAC context reset - * - * \param ctx HMAC context to be reset - */ -void md4_hmac_reset( md4_context *ctx ); - -/** - * \brief Output = HMAC-MD4( hmac key, input buffer ) - * - * \param key HMAC secret key - * \param keylen length of the HMAC key - * \param input buffer holding the data - * \param ilen length of the input data - * \param output HMAC-MD4 result - */ -void md4_hmac( const unsigned char *key, size_t keylen, - const unsigned char *input, size_t ilen, - unsigned char output[16] ); - -/** - * \brief Checkup routine - * - * \return 0 if successful, or 1 if the test failed - */ -int md4_self_test( int verbose ); - -#ifdef __cplusplus -} -#endif - -#endif /* md4.h */ diff --git a/polarssl/src/include/polarssl/md5.h b/polarssl/src/include/polarssl/md5.h deleted file mode 100644 index 936e9c9..0000000 --- a/polarssl/src/include/polarssl/md5.h +++ /dev/null @@ -1,154 +0,0 @@ -/** - * \file md5.h - * - * \brief MD5 message digest algorithm (hash function) - * - * Copyright (C) 2006-2010, Brainspark B.V. - * - * This file is part of PolarSSL (http://www.polarssl.org) - * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> - * - * All rights reserved. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_MD5_H -#define POLARSSL_MD5_H - -#include <string.h> - -#define POLARSSL_ERR_MD5_FILE_IO_ERROR -0x0074 /**< Read/write error in file. */ - -/** - * \brief MD5 context structure - */ -typedef struct -{ - unsigned long total[2]; /*!< number of bytes processed */ - unsigned long state[4]; /*!< intermediate digest state */ - unsigned char buffer[64]; /*!< data block being processed */ - - unsigned char ipad[64]; /*!< HMAC: inner padding */ - unsigned char opad[64]; /*!< HMAC: outer padding */ -} -md5_context; - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief MD5 context setup - * - * \param ctx context to be initialized - */ -void md5_starts( md5_context *ctx ); - -/** - * \brief MD5 process buffer - * - * \param ctx MD5 context - * \param input buffer holding the data - * \param ilen length of the input data - */ -void md5_update( md5_context *ctx, const unsigned char *input, size_t ilen ); - -/** - * \brief MD5 final digest - * - * \param ctx MD5 context - * \param output MD5 checksum result - */ -void md5_finish( md5_context *ctx, unsigned char output[16] ); - -/** - * \brief Output = MD5( input buffer ) - * - * \param input buffer holding the data - * \param ilen length of the input data - * \param output MD5 checksum result - */ -void md5( const unsigned char *input, size_t ilen, unsigned char output[16] ); - -/** - * \brief Output = MD5( file contents ) - * - * \param path input file name - * \param output MD5 checksum result - * - * \return 0 if successful, or POLARSSL_ERR_MD5_FILE_IO_ERROR - */ -int md5_file( const char *path, unsigned char output[16] ); - -/** - * \brief MD5 HMAC context setup - * - * \param ctx HMAC context to be initialized - * \param key HMAC secret key - * \param keylen length of the HMAC key - */ -void md5_hmac_starts( md5_context *ctx, - const unsigned char *key, size_t keylen ); - -/** - * \brief MD5 HMAC process buffer - * - * \param ctx HMAC context - * \param input buffer holding the data - * \param ilen length of the input data - */ -void md5_hmac_update( md5_context *ctx, - const unsigned char *input, size_t ilen ); - -/** - * \brief MD5 HMAC final digest - * - * \param ctx HMAC context - * \param output MD5 HMAC checksum result - */ -void md5_hmac_finish( md5_context *ctx, unsigned char output[16] ); - -/** - * \brief MD5 HMAC context reset - * - * \param ctx HMAC context to be reset - */ -void md5_hmac_reset( md5_context *ctx ); - -/** - * \brief Output = HMAC-MD5( hmac key, input buffer ) - * - * \param key HMAC secret key - * \param keylen length of the HMAC key - * \param input buffer holding the data - * \param ilen length of the input data - * \param output HMAC-MD5 result - */ -void md5_hmac( const unsigned char *key, size_t keylen, - const unsigned char *input, size_t ilen, - unsigned char output[16] ); - -/** - * \brief Checkup routine - * - * \return 0 if successful, or 1 if the test failed - */ -int md5_self_test( int verbose ); - -#ifdef __cplusplus -} -#endif - -#endif /* md5.h */ diff --git a/polarssl/src/include/polarssl/md_wrap.h b/polarssl/src/include/polarssl/md_wrap.h deleted file mode 100644 index 46849d0..0000000 --- a/polarssl/src/include/polarssl/md_wrap.h +++ /dev/null @@ -1,64 +0,0 @@ -/** - * \file md_wrap.h - * - * \brief Message digest wrappers. - * - * \author Adriaan de Jong <dejong@fox-it.com> - * - * Copyright (C) 2006-2011, Brainspark B.V. - * - * This file is part of PolarSSL (http://www.polarssl.org) - * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> - * - * All rights reserved. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_MD_WRAP_H -#define POLARSSL_MD_WRAP_H - -#include "config.h" -#include "md.h" - -#ifdef __cplusplus -extern "C" { -#endif - -#if defined(POLARSSL_MD2_C) -extern const md_info_t md2_info; -#endif -#if defined(POLARSSL_MD4_C) -extern const md_info_t md4_info; -#endif -#if defined(POLARSSL_MD5_C) -extern const md_info_t md5_info; -#endif -#if defined(POLARSSL_SHA1_C) -extern const md_info_t sha1_info; -#endif -#if defined(POLARSSL_SHA2_C) -extern const md_info_t sha224_info; -extern const md_info_t sha256_info; -#endif -#if defined(POLARSSL_SHA4_C) -extern const md_info_t sha384_info; -extern const md_info_t sha512_info; -#endif - -#ifdef __cplusplus -} -#endif - -#endif /* POLARSSL_MD_WRAP_H */ diff --git a/polarssl/src/include/polarssl/net.h b/polarssl/src/include/polarssl/net.h deleted file mode 100644 index 88302ac..0000000 --- a/polarssl/src/include/polarssl/net.h +++ /dev/null @@ -1,159 +0,0 @@ -/** - * \file net.h - * - * \brief Network communication functions - * - * Copyright (C) 2006-2011, Brainspark B.V. - * - * This file is part of PolarSSL (http://www.polarssl.org) - * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> - * - * All rights reserved. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_NET_H -#define POLARSSL_NET_H - -#include <string.h> - -#define POLARSSL_ERR_NET_UNKNOWN_HOST -0x0056 /**< Failed to get an IP address for the given hostname. */ -#define POLARSSL_ERR_NET_SOCKET_FAILED -0x0042 /**< Failed to open a socket. */ -#define POLARSSL_ERR_NET_CONNECT_FAILED -0x0044 /**< The connection to the given server / port failed. */ -#define POLARSSL_ERR_NET_BIND_FAILED -0x0046 /**< Binding of the socket failed. */ -#define POLARSSL_ERR_NET_LISTEN_FAILED -0x0048 /**< Could not listen on the socket. */ -#define POLARSSL_ERR_NET_ACCEPT_FAILED -0x004A /**< Could not accept the incoming connection. */ -#define POLARSSL_ERR_NET_RECV_FAILED -0x004C /**< Reading information from the socket failed. */ -#define POLARSSL_ERR_NET_SEND_FAILED -0x004E /**< Sending information through the socket failed. */ -#define POLARSSL_ERR_NET_CONN_RESET -0x0050 /**< Connection was reset by peer. */ -#define POLARSSL_ERR_NET_WANT_READ -0x0052 /**< Connection requires a read call. */ -#define POLARSSL_ERR_NET_WANT_WRITE -0x0054 /**< Connection requires a write call. */ - -#define POLARSSL_NET_LISTEN_BACKLOG 10 /**< The backlog that listen() should use. */ - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief Initiate a TCP connection with host:port - * - * \param fd Socket to use - * \param host Host to connect to - * \param port Port to connect to - * - * \return 0 if successful, or one of: - * POLARSSL_ERR_NET_SOCKET_FAILED, - * POLARSSL_ERR_NET_UNKNOWN_HOST, - * POLARSSL_ERR_NET_CONNECT_FAILED - */ -int net_connect( int *fd, const char *host, int port ); - -/** - * \brief Create a listening socket on bind_ip:port. - * If bind_ip == NULL, all interfaces are binded. - * - * \param fd Socket to use - * \param bind_ip IP to bind to, can be NULL - * \param port Port number to use - * - * \return 0 if successful, or one of: - * POLARSSL_ERR_NET_SOCKET_FAILED, - * POLARSSL_ERR_NET_BIND_FAILED, - * POLARSSL_ERR_NET_LISTEN_FAILED - */ -int net_bind( int *fd, const char *bind_ip, int port ); - -/** - * \brief Accept a connection from a remote client - * - * \param bind_fd Relevant socket - * \param client_fd Will contain the connected client socket - * \param client_ip Will contain the client IP address - * - * \return 0 if successful, POLARSSL_ERR_NET_ACCEPT_FAILED, or - * POLARSSL_ERR_NET_WOULD_BLOCK is bind_fd was set to - * non-blocking and accept() is blocking. - */ -int net_accept( int bind_fd, int *client_fd, void *client_ip ); - -/** - * \brief Set the socket blocking - * - * \param fd Socket to set - * - * \return 0 if successful, or a non-zero error code - */ -int net_set_block( int fd ); - -/** - * \brief Set the socket non-blocking - * - * \param fd Socket to set - * - * \return 0 if successful, or a non-zero error code - */ -int net_set_nonblock( int fd ); - -/** - * \brief Portable usleep helper - * - * \param usec Amount of microseconds to sleep - * - * \note Real amount of time slept will not be less than - * select()'s timeout granularity (typically, 10ms). - */ -void net_usleep( unsigned long usec ); - -/** - * \brief Read at most 'len' characters. If no error occurs, - * the actual amount read is returned. - * - * \param ctx Socket - * \param buf The buffer to write to - * \param len Maximum length of the buffer - * - * \return This function returns the number of bytes received, - * or a non-zero error code; POLARSSL_ERR_NET_WANT_READ - * indicates read() is blocking. - */ -int net_recv( void *ctx, unsigned char *buf, size_t len ); - -/** - * \brief Write at most 'len' characters. If no error occurs, - * the actual amount read is returned. - * - * \param ctx Socket - * \param buf The buffer to read from - * \param len The length of the buffer - * - * \return This function returns the number of bytes sent, - * or a non-zero error code; POLARSSL_ERR_NET_WANT_WRITE - * indicates write() is blocking. - */ -int net_send( void *ctx, const unsigned char *buf, size_t len ); - -/** - * \brief Gracefully shutdown the connection - * - * \param fd The socket to close - */ -void net_close( int fd ); - -#ifdef __cplusplus -} -#endif - -#endif /* net.h */ diff --git a/polarssl/src/include/polarssl/openssl.h b/polarssl/src/include/polarssl/openssl.h deleted file mode 100644 index 62609a2..0000000 --- a/polarssl/src/include/polarssl/openssl.h +++ /dev/null @@ -1,136 +0,0 @@ -/** - * \file openssl.h - * - * \brief OpenSSL wrapper (definitions, inline functions). - * - * Copyright (C) 2006-2010, Brainspark B.V. - * - * This file is part of PolarSSL (http://www.polarssl.org) - * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> - * - * All rights reserved. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -/* - * OpenSSL wrapper contributed by David Barett - */ -#ifndef POLARSSL_OPENSSL_H -#define POLARSSL_OPENSSL_H - -#include "aes.h" -#include "md5.h" -#include "rsa.h" -#include "sha1.h" - -#define AES_SIZE 16 -#define AES_BLOCK_SIZE 16 -#define AES_KEY aes_context -#define MD5_CTX md5_context -#define SHA_CTX sha1_context - -#define SHA1_Init( CTX ) \ - sha1_starts( (CTX) ) -#define SHA1_Update( CTX, BUF, LEN ) \ - sha1_update( (CTX), (unsigned char *)(BUF), (LEN) ) -#define SHA1_Final( OUT, CTX ) \ - sha1_finish( (CTX), (OUT) ) - -#define MD5_Init( CTX ) \ - md5_starts( (CTX) ) -#define MD5_Update( CTX, BUF, LEN ) \ - md5_update( (CTX), (unsigned char *)(BUF), (LEN) ) -#define MD5_Final( OUT, CTX ) \ - md5_finish( (CTX), (OUT) ) - -#define AES_set_encrypt_key( KEY, KEYSIZE, CTX ) \ - aes_setkey_enc( (CTX), (KEY), (KEYSIZE) ) -#define AES_set_decrypt_key( KEY, KEYSIZE, CTX ) \ - aes_setkey_dec( (CTX), (KEY), (KEYSIZE) ) -#define AES_cbc_encrypt( INPUT, OUTPUT, LEN, CTX, IV, MODE ) \ - aes_crypt_cbc( (CTX), (MODE), (LEN), (IV), (INPUT), (OUTPUT) ) - -/* - * RSA stuff follows. TODO: needs cleanup - */ -inline int __RSA_Passthrough( void *output, void *input, int size ) -{ - memcpy( output, input, size ); - return size; -} - -inline rsa_context* d2i_RSA_PUBKEY( void *ignore, unsigned char **bufptr, - int len ) -{ - unsigned char *buffer = *(unsigned char **) bufptr; - rsa_context *rsa; - - /* - * Not a general-purpose parser: only parses public key from *exactly* - * openssl genrsa -out privkey.pem 512 (or 1024) - * openssl rsa -in privkey.pem -out privatekey.der -outform der - * openssl rsa -in privkey.pem -out pubkey.der -outform der -pubout - * - * TODO: make a general-purpose parse - */ - if( ignore != 0 || ( len != 94 && len != 162 ) ) - return( 0 ); - - rsa = (rsa_context *) malloc( sizeof( rsa_rsa ) ); - if( rsa == NULL ) - return( 0 ); - - memset( rsa, 0, sizeof( rsa_context ) ); - - if( ( len == 94 && - mpi_read_binary( &rsa->N, &buffer[ 25], 64 ) == 0 && - mpi_read_binary( &rsa->E, &buffer[ 91], 3 ) == 0 ) || - ( len == 162 && - mpi_read_binary( &rsa->N, &buffer[ 29], 128 ) == 0 ) && - mpi_read_binary( &rsa->E, &buffer[159], 3 ) == 0 ) - { - /* - * key read successfully - */ - rsa->len = ( mpi_msb( &rsa->N ) + 7 ) >> 3; - return( rsa ); - } - else - { - memset( rsa, 0, sizeof( rsa_context ) ); - free( rsa ); - return( 0 ); - } -} - -#define RSA rsa_context -#define RSA_PKCS1_PADDING 1 /* ignored; always encrypt with this */ -#define RSA_size( CTX ) (CTX)->len -#define RSA_free( CTX ) rsa_free( CTX ) -#define ERR_get_error( ) "ERR_get_error() not supported" -#define RSA_blinding_off( IGNORE ) - -#define d2i_RSAPrivateKey( a, b, c ) new rsa_context /* TODO: C++ bleh */ - -inline int RSA_public_decrypt ( int size, unsigned char* input, unsigned char* output, RSA* key, int ignore ) { int outsize=size; if( !rsa_pkcs1_decrypt( key, RSA_PUBLIC, &outsize, input, output ) ) return outsize; else return -1; } -inline int RSA_private_decrypt( int size, unsigned char* input, unsigned char* output, RSA* key, int ignore ) { int outsize=size; if( !rsa_pkcs1_decrypt( key, RSA_PRIVATE, &outsize, input, output ) ) return outsize; else return -1; } -inline int RSA_public_encrypt ( int size, unsigned char* input, unsigned char* output, RSA* key, int ignore ) { if( !rsa_pkcs1_encrypt( key, RSA_PUBLIC, size, input, output ) ) return RSA_size(key); else return -1; } -inline int RSA_private_encrypt( int size, unsigned char* input, unsigned char* output, RSA* key, int ignore ) { if( !rsa_pkcs1_encrypt( key, RSA_PRIVATE, size, input, output ) ) return RSA_size(key); else return -1; } - -#ifdef __cplusplus -} -#endif - -#endif /* openssl.h */ diff --git a/polarssl/src/include/polarssl/padlock.h b/polarssl/src/include/polarssl/padlock.h deleted file mode 100644 index ce13570..0000000 --- a/polarssl/src/include/polarssl/padlock.h +++ /dev/null @@ -1,100 +0,0 @@ -/** - * \file padlock.h - * - * \brief VIA PadLock ACE for HW encryption/decryption supported by some processors - * - * Copyright (C) 2006-2010, Brainspark B.V. - * - * This file is part of PolarSSL (http://www.polarssl.org) - * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> - * - * All rights reserved. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_PADLOCK_H -#define POLARSSL_PADLOCK_H - -#include "aes.h" - -#define POLARSSL_ERR_PADLOCK_DATA_MISALIGNED -0x0030 /**< Input data should be aligned. */ - -#if defined(POLARSSL_HAVE_ASM) && defined(__GNUC__) && defined(__i386__) - -#ifndef POLARSSL_HAVE_X86 -#define POLARSSL_HAVE_X86 -#endif - -#define PADLOCK_RNG 0x000C -#define PADLOCK_ACE 0x00C0 -#define PADLOCK_PHE 0x0C00 -#define PADLOCK_PMM 0x3000 - -#define PADLOCK_ALIGN16(x) (unsigned long *) (16 + ((long) x & ~15)) - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief PadLock detection routine - * - * \param The feature to detect - * - * \return 1 if CPU has support for the feature, 0 otherwise - */ -int padlock_supports( int feature ); - -/** - * \brief PadLock AES-ECB block en(de)cryption - * - * \param ctx AES context - * \param mode AES_ENCRYPT or AES_DECRYPT - * \param input 16-byte input block - * \param output 16-byte output block - * - * \return 0 if success, 1 if operation failed - */ -int padlock_xcryptecb( aes_context *ctx, - int mode, - const unsigned char input[16], - unsigned char output[16] ); - -/** - * \brief PadLock AES-CBC buffer en(de)cryption - * - * \param ctx AES context - * \param mode AES_ENCRYPT or AES_DECRYPT - * \param length length of the input data - * \param iv initialization vector (updated after use) - * \param input buffer holding the input data - * \param output buffer holding the output data - * - * \return 0 if success, 1 if operation failed - */ -int padlock_xcryptcbc( aes_context *ctx, - int mode, - size_t length, - unsigned char iv[16], - const unsigned char *input, - unsigned char *output ); - -#ifdef __cplusplus -} -#endif - -#endif /* HAVE_X86 */ - -#endif /* padlock.h */ diff --git a/polarssl/src/include/polarssl/pem.h b/polarssl/src/include/polarssl/pem.h deleted file mode 100644 index 1505401..0000000 --- a/polarssl/src/include/polarssl/pem.h +++ /dev/null @@ -1,100 +0,0 @@ -/** - * \file pem.h - * - * \brief Privacy Enhanced Mail (PEM) decoding - * - * Copyright (C) 2006-2010, Brainspark B.V. - * - * This file is part of PolarSSL (http://www.polarssl.org) - * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> - * - * All rights reserved. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_PEM_H -#define POLARSSL_PEM_H - -#include <string.h> - -/** - * \name PEM Error codes - * These error codes are returned in case of errors reading the - * PEM data. - * \{ - */ -#define POLARSSL_ERR_PEM_NO_HEADER_PRESENT -0x1080 /**< No PEM header found. */ -#define POLARSSL_ERR_PEM_INVALID_DATA -0x1100 /**< PEM string is not as expected. */ -#define POLARSSL_ERR_PEM_MALLOC_FAILED -0x1180 /**< Failed to allocate memory. */ -#define POLARSSL_ERR_PEM_INVALID_ENC_IV -0x1200 /**< RSA IV is not in hex-format. */ -#define POLARSSL_ERR_PEM_UNKNOWN_ENC_ALG -0x1280 /**< Unsupported key encryption algorithm. */ -#define POLARSSL_ERR_PEM_PASSWORD_REQUIRED -0x1300 /**< Private key password can't be empty. */ -#define POLARSSL_ERR_PEM_PASSWORD_MISMATCH -0x1380 /**< Given private key password does not allow for correct decryption. */ -#define POLARSSL_ERR_PEM_FEATURE_UNAVAILABLE -0x1400 /**< Unavailable feature, e.g. hashing/encryption combination. */ -/* \} name */ - -/** - * \brief PEM context structure - */ -typedef struct -{ - unsigned char *buf; /*!< buffer for decoded data */ - size_t buflen; /*!< length of the buffer */ - unsigned char *info; /*!< buffer for extra header information */ -} -pem_context; - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief PEM context setup - * - * \param ctx context to be initialized - */ -void pem_init( pem_context *ctx ); - -/** - * \brief Read a buffer for PEM information and store the resulting - * data into the specified context buffers. - * - * \param ctx context to use - * \param header header string to seek and expect - * \param footer footer string to seek and expect - * \param data source data to look in - * \param pwd password for decryption (can be NULL) - * \param pwdlen length of password - * \param use_len destination for total length used - * - * \return 0 on success, ior a specific PEM error code - */ -int pem_read_buffer( pem_context *ctx, char *header, char *footer, - const unsigned char *data, - const unsigned char *pwd, - size_t pwdlen, size_t *use_len ); - -/** - * \brief PEM context memory freeing - * - * \param ctx context to be freed - */ -void pem_free( pem_context *ctx ); - -#ifdef __cplusplus -} -#endif - -#endif /* pem.h */ diff --git a/polarssl/src/include/polarssl/pkcs11.h b/polarssl/src/include/polarssl/pkcs11.h deleted file mode 100644 index a65a72e..0000000 --- a/polarssl/src/include/polarssl/pkcs11.h +++ /dev/null @@ -1,126 +0,0 @@ -/** - * \file pkcs11.h - * - * \brief Wrapper for PKCS#11 library libpkcs11-helper - * - * \author Adriaan de Jong <dejong@fox-it.com> - * - * Copyright (C) 2006-2011, Brainspark B.V. - * - * This file is part of PolarSSL (http://www.polarssl.org) - * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> - * - * All rights reserved. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_PKCS11_H -#define POLARSSL_PKCS11_H - -#include "config.h" - -#if defined(POLARSSL_PKCS11_C) - -#include "x509.h" - -#include <pkcs11-helper-1.0/pkcs11h-certificate.h> - -/** - * Context for PKCS #11 private keys. - */ -typedef struct { - pkcs11h_certificate_t pkcs11h_cert; - int len; -} pkcs11_context; - -/** - * Fill in a PolarSSL certificate, based on the given PKCS11 helper certificate. - * - * \param cert X.509 certificate to fill - * \param pkcs11h_cert PKCS #11 helper certificate - * - * \return 0 on success. - */ -int pkcs11_x509_cert_init( x509_cert *cert, pkcs11h_certificate_t pkcs11h_cert ); - -/** - * Initialise a pkcs11_context, storing the given certificate. Note that the - * pkcs11_context will take over control of the certificate, freeing it when - * done. - * - * \param priv_key Private key structure to fill. - * \param pkcs11_cert PKCS #11 helper certificate - * - * \return 0 on success - */ -int pkcs11_priv_key_init( pkcs11_context *priv_key, - pkcs11h_certificate_t pkcs11_cert ); - -/** - * Free the contents of the given private key context. Note that the structure - * itself is not freed. - * - * \param priv_key Private key structure to cleanup - */ -void pkcs11_priv_key_free( pkcs11_context *priv_key ); - -/** - * \brief Do an RSA private key decrypt, then remove the message padding - * - * \param ctx PKCS #11 context - * \param mode must be RSA_PRIVATE, for compatibility with rsa.c's signature - * \param input buffer holding the encrypted data - * \param output buffer that will hold the plaintext - * \param olen will contain the plaintext length - * \param output_max_len maximum length of the output buffer - * - * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code - * - * \note The output buffer must be as large as the size - * of ctx->N (eg. 128 bytes if RSA-1024 is used) otherwise - * an error is thrown. - */ -int pkcs11_decrypt( pkcs11_context *ctx, - int mode, size_t *olen, - const unsigned char *input, - unsigned char *output, - unsigned int output_max_len ); - -/** - * \brief Do a private RSA to sign a message digest - * - * \param ctx PKCS #11 context - * \param mode must be RSA_PRIVATE, for compatibility with rsa.c's signature - * \param hash_id SIG_RSA_RAW, SIG_RSA_MD{2,4,5} or SIG_RSA_SHA{1,224,256,384,512} - * \param hashlen message digest length (for SIG_RSA_RAW only) - * \param hash buffer holding the message digest - * \param sig buffer that will hold the ciphertext - * - * \return 0 if the signing operation was successful, - * or an POLARSSL_ERR_RSA_XXX error code - * - * \note The "sig" buffer must be as large as the size - * of ctx->N (eg. 128 bytes if RSA-1024 is used). - */ -int pkcs11_sign( pkcs11_context *ctx, - int mode, - int hash_id, - unsigned int hashlen, - const unsigned char *hash, - unsigned char *sig ); - -#endif /* POLARSSL_PKCS11_C */ - -#endif /* POLARSSL_PKCS11_H */ diff --git a/polarssl/src/include/polarssl/rsa.h b/polarssl/src/include/polarssl/rsa.h deleted file mode 100644 index 513b037..0000000 --- a/polarssl/src/include/polarssl/rsa.h +++ /dev/null @@ -1,379 +0,0 @@ -/** - * \file rsa.h - * - * \brief The RSA public-key cryptosystem - * - * Copyright (C) 2006-2010, Brainspark B.V. - * - * This file is part of PolarSSL (http://www.polarssl.org) - * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> - * - * All rights reserved. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_RSA_H -#define POLARSSL_RSA_H - -#include "bignum.h" - -/* - * RSA Error codes - */ -#define POLARSSL_ERR_RSA_BAD_INPUT_DATA -0x4080 /**< Bad input parameters to function. */ -#define POLARSSL_ERR_RSA_INVALID_PADDING -0x4100 /**< Input data contains invalid padding and is rejected. */ -#define POLARSSL_ERR_RSA_KEY_GEN_FAILED -0x4180 /**< Something failed during generation of a key. */ -#define POLARSSL_ERR_RSA_KEY_CHECK_FAILED -0x4200 /**< Key failed to pass the libraries validity check. */ -#define POLARSSL_ERR_RSA_PUBLIC_FAILED -0x4280 /**< The public key operation failed. */ -#define POLARSSL_ERR_RSA_PRIVATE_FAILED -0x4300 /**< The private key operation failed. */ -#define POLARSSL_ERR_RSA_VERIFY_FAILED -0x4380 /**< The PKCS#1 verification failed. */ -#define POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE -0x4400 /**< The output buffer for decryption is not large enough. */ -#define POLARSSL_ERR_RSA_RNG_FAILED -0x4480 /**< The random generator failed to generate non-zeros. */ - -/* - * PKCS#1 constants - */ -#define SIG_RSA_RAW 0 -#define SIG_RSA_MD2 2 -#define SIG_RSA_MD4 3 -#define SIG_RSA_MD5 4 -#define SIG_RSA_SHA1 5 -#define SIG_RSA_SHA224 14 -#define SIG_RSA_SHA256 11 -#define SIG_RSA_SHA384 12 -#define SIG_RSA_SHA512 13 - -#define RSA_PUBLIC 0 -#define RSA_PRIVATE 1 - -#define RSA_PKCS_V15 0 -#define RSA_PKCS_V21 1 - -#define RSA_SIGN 1 -#define RSA_CRYPT 2 - -#define ASN1_STR_CONSTRUCTED_SEQUENCE "\x30" -#define ASN1_STR_NULL "\x05" -#define ASN1_STR_OID "\x06" -#define ASN1_STR_OCTET_STRING "\x04" - -#define OID_DIGEST_ALG_MDX "\x2A\x86\x48\x86\xF7\x0D\x02\x00" -#define OID_HASH_ALG_SHA1 "\x2b\x0e\x03\x02\x1a" -#define OID_HASH_ALG_SHA2X "\x60\x86\x48\x01\x65\x03\x04\x02\x00" - -#define OID_ISO_MEMBER_BODIES "\x2a" -#define OID_ISO_IDENTIFIED_ORG "\x2b" - -/* - * ISO Member bodies OID parts - */ -#define OID_COUNTRY_US "\x86\x48" -#define OID_RSA_DATA_SECURITY "\x86\xf7\x0d" - -/* - * ISO Identified organization OID parts - */ -#define OID_OIW_SECSIG_SHA1 "\x0e\x03\x02\x1a" - -/* - * DigestInfo ::= SEQUENCE { - * digestAlgorithm DigestAlgorithmIdentifier, - * digest Digest } - * - * DigestAlgorithmIdentifier ::= AlgorithmIdentifier - * - * Digest ::= OCTET STRING - */ -#define ASN1_HASH_MDX \ -( \ - ASN1_STR_CONSTRUCTED_SEQUENCE "\x20" \ - ASN1_STR_CONSTRUCTED_SEQUENCE "\x0C" \ - ASN1_STR_OID "\x08" \ - OID_DIGEST_ALG_MDX \ - ASN1_STR_NULL "\x00" \ - ASN1_STR_OCTET_STRING "\x10" \ -) - -#define ASN1_HASH_SHA1 \ - ASN1_STR_CONSTRUCTED_SEQUENCE "\x21" \ - ASN1_STR_CONSTRUCTED_SEQUENCE "\x09" \ - ASN1_STR_OID "\x05" \ - OID_HASH_ALG_SHA1 \ - ASN1_STR_NULL "\x00" \ - ASN1_STR_OCTET_STRING "\x14" - -#define ASN1_HASH_SHA1_ALT \ - ASN1_STR_CONSTRUCTED_SEQUENCE "\x1F" \ - ASN1_STR_CONSTRUCTED_SEQUENCE "\x07" \ - ASN1_STR_OID "\x05" \ - OID_HASH_ALG_SHA1 \ - ASN1_STR_OCTET_STRING "\x14" - -#define ASN1_HASH_SHA2X \ - ASN1_STR_CONSTRUCTED_SEQUENCE "\x11" \ - ASN1_STR_CONSTRUCTED_SEQUENCE "\x0d" \ - ASN1_STR_OID "\x09" \ - OID_HASH_ALG_SHA2X \ - ASN1_STR_NULL "\x00" \ - ASN1_STR_OCTET_STRING "\x00" - -/** - * \brief RSA context structure - */ -typedef struct -{ - int ver; /*!< always 0 */ - size_t len; /*!< size(N) in chars */ - - mpi N; /*!< public modulus */ - mpi E; /*!< public exponent */ - - mpi D; /*!< private exponent */ - mpi P; /*!< 1st prime factor */ - mpi Q; /*!< 2nd prime factor */ - mpi DP; /*!< D % (P - 1) */ - mpi DQ; /*!< D % (Q - 1) */ - mpi QP; /*!< 1 / (Q % P) */ - - mpi RN; /*!< cached R^2 mod N */ - mpi RP; /*!< cached R^2 mod P */ - mpi RQ; /*!< cached R^2 mod Q */ - - int padding; /*!< RSA_PKCS_V15 for 1.5 padding and - RSA_PKCS_v21 for OAEP/PSS */ - int hash_id; /*!< Hash identifier of md_type_t as - specified in the md.h header file - for the EME-OAEP and EMSA-PSS - encoding */ -} -rsa_context; - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief Initialize an RSA context - * - * \param ctx RSA context to be initialized - * \param padding RSA_PKCS_V15 or RSA_PKCS_V21 - * \param hash_id RSA_PKCS_V21 hash identifier - * - * \note The hash_id parameter is actually ignored - * when using RSA_PKCS_V15 padding. - */ -void rsa_init( rsa_context *ctx, - int padding, - int hash_id); - -/** - * \brief Generate an RSA keypair - * - * \param ctx RSA context that will hold the key - * \param f_rng RNG function - * \param p_rng RNG parameter - * \param nbits size of the public key in bits - * \param exponent public exponent (e.g., 65537) - * - * \note rsa_init() must be called beforehand to setup - * the RSA context. - * - * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code - */ -int rsa_gen_key( rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - unsigned int nbits, int exponent ); - -/** - * \brief Check a public RSA key - * - * \param ctx RSA context to be checked - * - * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code - */ -int rsa_check_pubkey( const rsa_context *ctx ); - -/** - * \brief Check a private RSA key - * - * \param ctx RSA context to be checked - * - * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code - */ -int rsa_check_privkey( const rsa_context *ctx ); - -/** - * \brief Do an RSA public key operation - * - * \param ctx RSA context - * \param input input buffer - * \param output output buffer - * - * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code - * - * \note This function does NOT take care of message - * padding. Also, be sure to set input[0] = 0 or assure that - * input is smaller than N. - * - * \note The input and output buffers must be large - * enough (eg. 128 bytes if RSA-1024 is used). - */ -int rsa_public( rsa_context *ctx, - const unsigned char *input, - unsigned char *output ); - -/** - * \brief Do an RSA private key operation - * - * \param ctx RSA context - * \param input input buffer - * \param output output buffer - * - * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code - * - * \note The input and output buffers must be large - * enough (eg. 128 bytes if RSA-1024 is used). - */ -int rsa_private( rsa_context *ctx, - const unsigned char *input, - unsigned char *output ); - -/** - * \brief Add the message padding, then do an RSA operation - * - * \param ctx RSA context - * \param f_rng RNG function (Needed for padding and PKCS#1 v2.1 encoding) - * \param p_rng RNG parameter - * \param mode RSA_PUBLIC or RSA_PRIVATE - * \param ilen contains the plaintext length - * \param input buffer holding the data to be encrypted - * \param output buffer that will hold the ciphertext - * - * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code - * - * \note The output buffer must be as large as the size - * of ctx->N (eg. 128 bytes if RSA-1024 is used). - */ -int rsa_pkcs1_encrypt( rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, size_t ilen, - const unsigned char *input, - unsigned char *output ); - -/** - * \brief Do an RSA operation, then remove the message padding - * - * \param ctx RSA context - * \param mode RSA_PUBLIC or RSA_PRIVATE - * \param olen will contain the plaintext length - * \param input buffer holding the encrypted data - * \param output buffer that will hold the plaintext - * \param output_max_len maximum length of the output buffer - * - * \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code - * - * \note The output buffer must be as large as the size - * of ctx->N (eg. 128 bytes if RSA-1024 is used) otherwise - * an error is thrown. - */ -int rsa_pkcs1_decrypt( rsa_context *ctx, - int mode, size_t *olen, - const unsigned char *input, - unsigned char *output, - size_t output_max_len ); - -/** - * \brief Do a private RSA to sign a message digest - * - * \param ctx RSA context - * \param f_rng RNG function (Needed for PKCS#1 v2.1 encoding) - * \param p_rng RNG parameter - * \param mode RSA_PUBLIC or RSA_PRIVATE - * \param hash_id SIG_RSA_RAW, SIG_RSA_MD{2,4,5} or SIG_RSA_SHA{1,224,256,384,512} - * \param hashlen message digest length (for SIG_RSA_RAW only) - * \param hash buffer holding the message digest - * \param sig buffer that will hold the ciphertext - * - * \return 0 if the signing operation was successful, - * or an POLARSSL_ERR_RSA_XXX error code - * - * \note The "sig" buffer must be as large as the size - * of ctx->N (eg. 128 bytes if RSA-1024 is used). - * - * \note In case of PKCS#1 v2.1 encoding keep in mind that - * the hash_id in the RSA context is the one used for the - * encoding. hash_id in the function call is the type of hash - * that is encoded. According to RFC 3447 it is advised to - * keep both hashes the same. - */ -int rsa_pkcs1_sign( rsa_context *ctx, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng, - int mode, - int hash_id, - unsigned int hashlen, - const unsigned char *hash, - unsigned char *sig ); - -/** - * \brief Do a public RSA and check the message digest - * - * \param ctx points to an RSA public key - * \param mode RSA_PUBLIC or RSA_PRIVATE - * \param hash_id SIG_RSA_RAW, SIG_RSA_MD{2,4,5} or SIG_RSA_SHA{1,224,256,384,512} - * \param hashlen message digest length (for SIG_RSA_RAW only) - * \param hash buffer holding the message digest - * \param sig buffer holding the ciphertext - * - * \return 0 if the verify operation was successful, - * or an POLARSSL_ERR_RSA_XXX error code - * - * \note The "sig" buffer must be as large as the size - * of ctx->N (eg. 128 bytes if RSA-1024 is used). - * - * \note In case of PKCS#1 v2.1 encoding keep in mind that - * the hash_id in the RSA context is the one used for the - * verification. hash_id in the function call is the type of hash - * that is verified. According to RFC 3447 it is advised to - * keep both hashes the same. - */ -int rsa_pkcs1_verify( rsa_context *ctx, - int mode, - int hash_id, - unsigned int hashlen, - const unsigned char *hash, - unsigned char *sig ); - -/** - * \brief Free the components of an RSA key - * - * \param ctx RSA Context to free - */ -void rsa_free( rsa_context *ctx ); - -/** - * \brief Checkup routine - * - * \return 0 if successful, or 1 if the test failed - */ -int rsa_self_test( int verbose ); - -#ifdef __cplusplus -} -#endif - -#endif /* rsa.h */ diff --git a/polarssl/src/include/polarssl/sha1.h b/polarssl/src/include/polarssl/sha1.h deleted file mode 100644 index 0d5e67e..0000000 --- a/polarssl/src/include/polarssl/sha1.h +++ /dev/null @@ -1,152 +0,0 @@ -/** - * \file sha1.h - * - * \brief SHA-1 cryptographic hash function - * - * Copyright (C) 2006-2010, Brainspark B.V. - * - * This file is part of PolarSSL (http://www.polarssl.org) - * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> - * - * All rights reserved. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_SHA1_H -#define POLARSSL_SHA1_H - -#include <string.h> - -#define POLARSSL_ERR_SHA1_FILE_IO_ERROR -0x0076 /**< Read/write error in file. */ - -/** - * \brief SHA-1 context structure - */ -typedef struct -{ - unsigned long total[2]; /*!< number of bytes processed */ - unsigned long state[5]; /*!< intermediate digest state */ - unsigned char buffer[64]; /*!< data block being processed */ - - unsigned char ipad[64]; /*!< HMAC: inner padding */ - unsigned char opad[64]; /*!< HMAC: outer padding */ -} -sha1_context; - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief SHA-1 context setup - * - * \param ctx context to be initialized - */ -void sha1_starts( sha1_context *ctx ); - -/** - * \brief SHA-1 process buffer - * - * \param ctx SHA-1 context - * \param input buffer holding the data - * \param ilen length of the input data - */ -void sha1_update( sha1_context *ctx, const unsigned char *input, size_t ilen ); - -/** - * \brief SHA-1 final digest - * - * \param ctx SHA-1 context - * \param output SHA-1 checksum result - */ -void sha1_finish( sha1_context *ctx, unsigned char output[20] ); - -/** - * \brief Output = SHA-1( input buffer ) - * - * \param input buffer holding the data - * \param ilen length of the input data - * \param output SHA-1 checksum result - */ -void sha1( const unsigned char *input, size_t ilen, unsigned char output[20] ); - -/** - * \brief Output = SHA-1( file contents ) - * - * \param path input file name - * \param output SHA-1 checksum result - * - * \return 0 if successful, or POLARSSL_ERR_SHA1_FILE_IO_ERROR - */ -int sha1_file( const char *path, unsigned char output[20] ); - -/** - * \brief SHA-1 HMAC context setup - * - * \param ctx HMAC context to be initialized - * \param key HMAC secret key - * \param keylen length of the HMAC key - */ -void sha1_hmac_starts( sha1_context *ctx, const unsigned char *key, size_t keylen ); - -/** - * \brief SHA-1 HMAC process buffer - * - * \param ctx HMAC context - * \param input buffer holding the data - * \param ilen length of the input data - */ -void sha1_hmac_update( sha1_context *ctx, const unsigned char *input, size_t ilen ); - -/** - * \brief SHA-1 HMAC final digest - * - * \param ctx HMAC context - * \param output SHA-1 HMAC checksum result - */ -void sha1_hmac_finish( sha1_context *ctx, unsigned char output[20] ); - -/** - * \brief SHA-1 HMAC context reset - * - * \param ctx HMAC context to be reset - */ -void sha1_hmac_reset( sha1_context *ctx ); - -/** - * \brief Output = HMAC-SHA-1( hmac key, input buffer ) - * - * \param key HMAC secret key - * \param keylen length of the HMAC key - * \param input buffer holding the data - * \param ilen length of the input data - * \param output HMAC-SHA-1 result - */ -void sha1_hmac( const unsigned char *key, size_t keylen, - const unsigned char *input, size_t ilen, - unsigned char output[20] ); - -/** - * \brief Checkup routine - * - * \return 0 if successful, or 1 if the test failed - */ -int sha1_self_test( int verbose ); - -#ifdef __cplusplus -} -#endif - -#endif /* sha1.h */ diff --git a/polarssl/src/include/polarssl/sha2.h b/polarssl/src/include/polarssl/sha2.h deleted file mode 100644 index 811b0fd..0000000 --- a/polarssl/src/include/polarssl/sha2.h +++ /dev/null @@ -1,160 +0,0 @@ -/** - * \file sha2.h - * - * \brief SHA-224 and SHA-256 cryptographic hash function - * - * Copyright (C) 2006-2010, Brainspark B.V. - * - * This file is part of PolarSSL (http://www.polarssl.org) - * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> - * - * All rights reserved. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_SHA2_H -#define POLARSSL_SHA2_H - -#include <string.h> - -#define POLARSSL_ERR_SHA2_FILE_IO_ERROR -0x0078 /**< Read/write error in file. */ - -/** - * \brief SHA-256 context structure - */ -typedef struct -{ - unsigned long total[2]; /*!< number of bytes processed */ - unsigned long state[8]; /*!< intermediate digest state */ - unsigned char buffer[64]; /*!< data block being processed */ - - unsigned char ipad[64]; /*!< HMAC: inner padding */ - unsigned char opad[64]; /*!< HMAC: outer padding */ - int is224; /*!< 0 => SHA-256, else SHA-224 */ -} -sha2_context; - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief SHA-256 context setup - * - * \param ctx context to be initialized - * \param is224 0 = use SHA256, 1 = use SHA224 - */ -void sha2_starts( sha2_context *ctx, int is224 ); - -/** - * \brief SHA-256 process buffer - * - * \param ctx SHA-256 context - * \param input buffer holding the data - * \param ilen length of the input data - */ -void sha2_update( sha2_context *ctx, const unsigned char *input, size_t ilen ); - -/** - * \brief SHA-256 final digest - * - * \param ctx SHA-256 context - * \param output SHA-224/256 checksum result - */ -void sha2_finish( sha2_context *ctx, unsigned char output[32] ); - -/** - * \brief Output = SHA-256( input buffer ) - * - * \param input buffer holding the data - * \param ilen length of the input data - * \param output SHA-224/256 checksum result - * \param is224 0 = use SHA256, 1 = use SHA224 - */ -void sha2( const unsigned char *input, size_t ilen, - unsigned char output[32], int is224 ); - -/** - * \brief Output = SHA-256( file contents ) - * - * \param path input file name - * \param output SHA-224/256 checksum result - * \param is224 0 = use SHA256, 1 = use SHA224 - * - * \return 0 if successful, or POLARSSL_ERR_SHA2_FILE_IO_ERROR - */ -int sha2_file( const char *path, unsigned char output[32], int is224 ); - -/** - * \brief SHA-256 HMAC context setup - * - * \param ctx HMAC context to be initialized - * \param key HMAC secret key - * \param keylen length of the HMAC key - * \param is224 0 = use SHA256, 1 = use SHA224 - */ -void sha2_hmac_starts( sha2_context *ctx, const unsigned char *key, size_t keylen, - int is224 ); - -/** - * \brief SHA-256 HMAC process buffer - * - * \param ctx HMAC context - * \param input buffer holding the data - * \param ilen length of the input data - */ -void sha2_hmac_update( sha2_context *ctx, const unsigned char *input, size_t ilen ); - -/** - * \brief SHA-256 HMAC final digest - * - * \param ctx HMAC context - * \param output SHA-224/256 HMAC checksum result - */ -void sha2_hmac_finish( sha2_context *ctx, unsigned char output[32] ); - -/** - * \brief SHA-256 HMAC context reset - * - * \param ctx HMAC context to be reset - */ -void sha2_hmac_reset( sha2_context *ctx ); - -/** - * \brief Output = HMAC-SHA-256( hmac key, input buffer ) - * - * \param key HMAC secret key - * \param keylen length of the HMAC key - * \param input buffer holding the data - * \param ilen length of the input data - * \param output HMAC-SHA-224/256 result - * \param is224 0 = use SHA256, 1 = use SHA224 - */ -void sha2_hmac( const unsigned char *key, size_t keylen, - const unsigned char *input, size_t ilen, - unsigned char output[32], int is224 ); - -/** - * \brief Checkup routine - * - * \return 0 if successful, or 1 if the test failed - */ -int sha2_self_test( int verbose ); - -#ifdef __cplusplus -} -#endif - -#endif /* sha2.h */ diff --git a/polarssl/src/include/polarssl/sha4.h b/polarssl/src/include/polarssl/sha4.h deleted file mode 100644 index dafebec..0000000 --- a/polarssl/src/include/polarssl/sha4.h +++ /dev/null @@ -1,168 +0,0 @@ -/** - * \file sha4.h - * - * \brief SHA-384 and SHA-512 cryptographic hash function - * - * Copyright (C) 2006-2010, Brainspark B.V. - * - * This file is part of PolarSSL (http://www.polarssl.org) - * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> - * - * All rights reserved. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_SHA4_H -#define POLARSSL_SHA4_H - -#include <string.h> - -#define POLARSSL_ERR_SHA4_FILE_IO_ERROR -0x007A /**< Read/write error in file. */ - -#if defined(_MSC_VER) || defined(__WATCOMC__) - #define UL64(x) x##ui64 - #define long64 __int64 -#else - #define UL64(x) x##ULL - #define long64 long long -#endif - -/** - * \brief SHA-512 context structure - */ -typedef struct -{ - unsigned long64 total[2]; /*!< number of bytes processed */ - unsigned long64 state[8]; /*!< intermediate digest state */ - unsigned char buffer[128]; /*!< data block being processed */ - - unsigned char ipad[128]; /*!< HMAC: inner padding */ - unsigned char opad[128]; /*!< HMAC: outer padding */ - int is384; /*!< 0 => SHA-512, else SHA-384 */ -} -sha4_context; - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief SHA-512 context setup - * - * \param ctx context to be initialized - * \param is384 0 = use SHA512, 1 = use SHA384 - */ -void sha4_starts( sha4_context *ctx, int is384 ); - -/** - * \brief SHA-512 process buffer - * - * \param ctx SHA-512 context - * \param input buffer holding the data - * \param ilen length of the input data - */ -void sha4_update( sha4_context *ctx, const unsigned char *input, size_t ilen ); - -/** - * \brief SHA-512 final digest - * - * \param ctx SHA-512 context - * \param output SHA-384/512 checksum result - */ -void sha4_finish( sha4_context *ctx, unsigned char output[64] ); - -/** - * \brief Output = SHA-512( input buffer ) - * - * \param input buffer holding the data - * \param ilen length of the input data - * \param output SHA-384/512 checksum result - * \param is384 0 = use SHA512, 1 = use SHA384 - */ -void sha4( const unsigned char *input, size_t ilen, - unsigned char output[64], int is384 ); - -/** - * \brief Output = SHA-512( file contents ) - * - * \param path input file name - * \param output SHA-384/512 checksum result - * \param is384 0 = use SHA512, 1 = use SHA384 - * - * \return 0 if successful, or POLARSSL_ERR_SHA4_FILE_IO_ERROR - */ -int sha4_file( const char *path, unsigned char output[64], int is384 ); - -/** - * \brief SHA-512 HMAC context setup - * - * \param ctx HMAC context to be initialized - * \param is384 0 = use SHA512, 1 = use SHA384 - * \param key HMAC secret key - * \param keylen length of the HMAC key - */ -void sha4_hmac_starts( sha4_context *ctx, const unsigned char *key, size_t keylen, - int is384 ); - -/** - * \brief SHA-512 HMAC process buffer - * - * \param ctx HMAC context - * \param input buffer holding the data - * \param ilen length of the input data - */ -void sha4_hmac_update( sha4_context *ctx, const unsigned char *input, size_t ilen ); - -/** - * \brief SHA-512 HMAC final digest - * - * \param ctx HMAC context - * \param output SHA-384/512 HMAC checksum result - */ -void sha4_hmac_finish( sha4_context *ctx, unsigned char output[64] ); - -/** - * \brief SHA-512 HMAC context reset - * - * \param ctx HMAC context to be reset - */ -void sha4_hmac_reset( sha4_context *ctx ); - -/** - * \brief Output = HMAC-SHA-512( hmac key, input buffer ) - * - * \param key HMAC secret key - * \param keylen length of the HMAC key - * \param input buffer holding the data - * \param ilen length of the input data - * \param output HMAC-SHA-384/512 result - * \param is384 0 = use SHA512, 1 = use SHA384 - */ -void sha4_hmac( const unsigned char *key, size_t keylen, - const unsigned char *input, size_t ilen, - unsigned char output[64], int is384 ); - -/** - * \brief Checkup routine - * - * \return 0 if successful, or 1 if the test failed - */ -int sha4_self_test( int verbose ); - -#ifdef __cplusplus -} -#endif - -#endif /* sha4.h */ diff --git a/polarssl/src/include/polarssl/ssl.h b/polarssl/src/include/polarssl/ssl.h deleted file mode 100644 index 4ac6f86..0000000 --- a/polarssl/src/include/polarssl/ssl.h +++ /dev/null @@ -1,766 +0,0 @@ -/** - * \file ssl.h - * - * \brief SSL/TLS functions. - * - * Copyright (C) 2006-2012, Brainspark B.V. - * - * This file is part of PolarSSL (http://www.polarssl.org) - * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> - * - * All rights reserved. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_SSL_H -#define POLARSSL_SSL_H - -#include <time.h> - -#include "net.h" -#include "dhm.h" -#include "rsa.h" -#include "md5.h" -#include "sha1.h" -#include "sha2.h" -#include "sha4.h" -#include "x509.h" -#include "config.h" - -#if defined(POLARSSL_PKCS11_C) -#include "pkcs11.h" -#endif - -#if defined(_MSC_VER) && !defined(inline) -#define inline _inline -#else -#if defined(__ARMCC_VERSION) && !defined(inline) -#define inline __inline -#endif /* __ARMCC_VERSION */ -#endif /*_MSC_VER */ - -/* - * SSL Error codes - */ -#define POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE -0x7080 /**< The requested feature is not available. */ -#define POLARSSL_ERR_SSL_BAD_INPUT_DATA -0x7100 /**< Bad input parameters to function. */ -#define POLARSSL_ERR_SSL_INVALID_MAC -0x7180 /**< Verification of the message MAC failed. */ -#define POLARSSL_ERR_SSL_INVALID_RECORD -0x7200 /**< An invalid SSL record was received. */ -#define POLARSSL_ERR_SSL_CONN_EOF -0x7280 /**< The connection indicated an EOF. */ -#define POLARSSL_ERR_SSL_UNKNOWN_CIPHER -0x7300 /**< An unknown cipher was received. */ -#define POLARSSL_ERR_SSL_NO_CIPHER_CHOSEN -0x7380 /**< The server has no ciphersuites in common with the client. */ -#define POLARSSL_ERR_SSL_NO_SESSION_FOUND -0x7400 /**< No session to recover was found. */ -#define POLARSSL_ERR_SSL_NO_CLIENT_CERTIFICATE -0x7480 /**< No client certification received from the client, but required by the authentication mode. */ -#define POLARSSL_ERR_SSL_CERTIFICATE_TOO_LARGE -0x7500 /**< Our own certificate(s) is/are too large to send in an SSL message.*/ -#define POLARSSL_ERR_SSL_CERTIFICATE_REQUIRED -0x7580 /**< The own certificate is not set, but needed by the server. */ -#define POLARSSL_ERR_SSL_PRIVATE_KEY_REQUIRED -0x7600 /**< The own private key is not set, but needed. */ -#define POLARSSL_ERR_SSL_CA_CHAIN_REQUIRED -0x7680 /**< No CA Chain is set, but required to operate. */ -#define POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE -0x7700 /**< An unexpected message was received from our peer. */ -#define POLARSSL_ERR_SSL_FATAL_ALERT_MESSAGE -0x7780 /**< A fatal alert message was received from our peer. */ -#define POLARSSL_ERR_SSL_PEER_VERIFY_FAILED -0x7800 /**< Verification of our peer failed. */ -#define POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY -0x7880 /**< The peer notified us that the connection is going to be closed. */ -#define POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO -0x7900 /**< Processing of the ClientHello handshake message failed. */ -#define POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO -0x7980 /**< Processing of the ServerHello handshake message failed. */ -#define POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE -0x7A00 /**< Processing of the Certificate handshake message failed. */ -#define POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST -0x7A80 /**< Processing of the CertificateRequest handshake message failed. */ -#define POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE -0x7B00 /**< Processing of the ServerKeyExchange handshake message failed. */ -#define POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO_DONE -0x7B80 /**< Processing of the ServerHelloDone handshake message failed. */ -#define POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE -0x7C00 /**< Processing of the ClientKeyExchange handshake message failed. */ -#define POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_DHM_RP -0x7C80 /**< Processing of the ClientKeyExchange handshake message failed in DHM Read Public. */ -#define POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_DHM_CS -0x7D00 /**< Processing of the ClientKeyExchange handshake message failed in DHM Calculate Secret. */ -#define POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY -0x7D80 /**< Processing of the CertificateVerify handshake message failed. */ -#define POLARSSL_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC -0x7E00 /**< Processing of the ChangeCipherSpec handshake message failed. */ -#define POLARSSL_ERR_SSL_BAD_HS_FINISHED -0x7E80 /**< Processing of the Finished handshake message failed. */ -#define POLARSSL_ERR_SSL_MALLOC_FAILED -0x7F00 /**< Memory allocation failed */ - -/* - * Various constants - */ -#define SSL_MAJOR_VERSION_3 3 -#define SSL_MINOR_VERSION_0 0 /*!< SSL v3.0 */ -#define SSL_MINOR_VERSION_1 1 /*!< TLS v1.0 */ -#define SSL_MINOR_VERSION_2 2 /*!< TLS v1.1 */ -#define SSL_MINOR_VERSION_3 3 /*!< TLS v1.2 */ - -#define SSL_IS_CLIENT 0 -#define SSL_IS_SERVER 1 -#define SSL_COMPRESS_NULL 0 - -#define SSL_VERIFY_NONE 0 -#define SSL_VERIFY_OPTIONAL 1 -#define SSL_VERIFY_REQUIRED 2 - -#define SSL_MAX_CONTENT_LEN 16384 - -/* - * Allow an extra 512 bytes for the record header - * and encryption overhead (counter + MAC + padding). - */ -#define SSL_BUFFER_LEN (SSL_MAX_CONTENT_LEN + 512) - -/* - * Supported ciphersuites - */ -#define SSL_RSA_NULL_MD5 0x01 /**< Weak! */ -#define SSL_RSA_NULL_SHA 0x02 /**< Weak! */ -#define SSL_RSA_NULL_SHA256 0x3B /**< Weak! */ -#define SSL_RSA_DES_SHA 0x09 /**< Weak! Not in TLS 1.2 */ -#define SSL_EDH_RSA_DES_SHA 0x15 /**< Weak! Not in TLS 1.2 */ - -#define SSL_RSA_RC4_128_MD5 0x04 -#define SSL_RSA_RC4_128_SHA 0x05 - -#define SSL_RSA_DES_168_SHA 0x0A -#define SSL_EDH_RSA_DES_168_SHA 0x16 - -#define SSL_RSA_AES_128_SHA 0x2F -#define SSL_EDH_RSA_AES_128_SHA 0x33 -#define SSL_RSA_AES_256_SHA 0x35 -#define SSL_EDH_RSA_AES_256_SHA 0x39 -#define SSL_RSA_AES_128_SHA256 0x3C /**< TLS 1.2 */ -#define SSL_RSA_AES_256_SHA256 0x3D /**< TLS 1.2 */ -#define SSL_EDH_RSA_AES_128_SHA256 0x67 /**< TLS 1.2 */ -#define SSL_EDH_RSA_AES_256_SHA256 0x6B /**< TLS 1.2 */ - -#define SSL_RSA_CAMELLIA_128_SHA 0x41 -#define SSL_EDH_RSA_CAMELLIA_128_SHA 0x45 -#define SSL_RSA_CAMELLIA_256_SHA 0x84 -#define SSL_EDH_RSA_CAMELLIA_256_SHA 0x88 -#define SSL_RSA_CAMELLIA_128_SHA256 0xBA /**< TLS 1.2 */ -#define SSL_EDH_RSA_CAMELLIA_128_SHA256 0xBE /**< TLS 1.2 */ -#define SSL_RSA_CAMELLIA_256_SHA256 0xC0 /**< TLS 1.2 */ -#define SSL_EDH_RSA_CAMELLIA_256_SHA256 0xC4 /**< TLS 1.2 */ - -#define SSL_RSA_AES_128_GCM_SHA256 0x9C -#define SSL_RSA_AES_256_GCM_SHA384 0x9D -#define SSL_EDH_RSA_AES_128_GCM_SHA256 0x9E -#define SSL_EDH_RSA_AES_256_GCM_SHA384 0x9F - -/* - * Supported Signature and Hash algorithms (For TLS 1.2) - */ -#define SSL_HASH_NONE 0 -#define SSL_HASH_MD5 1 -#define SSL_HASH_SHA1 2 -#define SSL_HASH_SHA224 3 -#define SSL_HASH_SHA256 4 -#define SSL_HASH_SHA384 5 -#define SSL_HASH_SHA512 6 - -#define SSL_SIG_RSA 1 - -/* - * Message, alert and handshake types - */ -#define SSL_MSG_CHANGE_CIPHER_SPEC 20 -#define SSL_MSG_ALERT 21 -#define SSL_MSG_HANDSHAKE 22 -#define SSL_MSG_APPLICATION_DATA 23 - -#define SSL_ALERT_LEVEL_WARNING 1 -#define SSL_ALERT_LEVEL_FATAL 2 - -#define SSL_ALERT_MSG_CLOSE_NOTIFY 0 /* 0x00 */ -#define SSL_ALERT_MSG_UNEXPECTED_MESSAGE 10 /* 0x0A */ -#define SSL_ALERT_MSG_BAD_RECORD_MAC 20 /* 0x14 */ -#define SSL_ALERT_MSG_DECRYPTION_FAILED 21 /* 0x15 */ -#define SSL_ALERT_MSG_RECORD_OVERFLOW 22 /* 0x16 */ -#define SSL_ALERT_MSG_DECOMPRESSION_FAILURE 30 /* 0x1E */ -#define SSL_ALERT_MSG_HANDSHAKE_FAILURE 40 /* 0x28 */ -#define SSL_ALERT_MSG_NO_CERT 41 /* 0x29 */ -#define SSL_ALERT_MSG_BAD_CERT 42 /* 0x2A */ -#define SSL_ALERT_MSG_UNSUPPORTED_CERT 43 /* 0x2B */ -#define SSL_ALERT_MSG_CERT_REVOKED 44 /* 0x2C */ -#define SSL_ALERT_MSG_CERT_EXPIRED 45 /* 0x2D */ -#define SSL_ALERT_MSG_CERT_UNKNOWN 46 /* 0x2E */ -#define SSL_ALERT_MSG_ILLEGAL_PARAMETER 47 /* 0x2F */ -#define SSL_ALERT_MSG_UNKNOWN_CA 48 /* 0x30 */ -#define SSL_ALERT_MSG_ACCESS_DENIED 49 /* 0x31 */ -#define SSL_ALERT_MSG_DECODE_ERROR 50 /* 0x32 */ -#define SSL_ALERT_MSG_DECRYPT_ERROR 51 /* 0x33 */ -#define SSL_ALERT_MSG_EXPORT_RESTRICTION 60 /* 0x3C */ -#define SSL_ALERT_MSG_PROTOCOL_VERSION 70 /* 0x46 */ -#define SSL_ALERT_MSG_INSUFFICIENT_SECURITY 71 /* 0x47 */ -#define SSL_ALERT_MSG_INTERNAL_ERROR 80 /* 0x50 */ -#define SSL_ALERT_MSG_USER_CANCELED 90 /* 0x5A */ -#define SSL_ALERT_MSG_NO_RENEGOTIATION 100 /* 0x64 */ -#define SSL_ALERT_MSG_UNSUPPORTED_EXT 110 /* 0x6E */ - -#define SSL_HS_HELLO_REQUEST 0 -#define SSL_HS_CLIENT_HELLO 1 -#define SSL_HS_SERVER_HELLO 2 -#define SSL_HS_CERTIFICATE 11 -#define SSL_HS_SERVER_KEY_EXCHANGE 12 -#define SSL_HS_CERTIFICATE_REQUEST 13 -#define SSL_HS_SERVER_HELLO_DONE 14 -#define SSL_HS_CERTIFICATE_VERIFY 15 -#define SSL_HS_CLIENT_KEY_EXCHANGE 16 -#define SSL_HS_FINISHED 20 - -/* - * TLS extensions - */ -#define TLS_EXT_SERVERNAME 0 -#define TLS_EXT_SERVERNAME_HOSTNAME 0 - -#define TLS_EXT_SIG_ALG 13 - -/* - * SSL state machine - */ -typedef enum -{ - SSL_HELLO_REQUEST, - SSL_CLIENT_HELLO, - SSL_SERVER_HELLO, - SSL_SERVER_CERTIFICATE, - SSL_SERVER_KEY_EXCHANGE, - SSL_CERTIFICATE_REQUEST, - SSL_SERVER_HELLO_DONE, - SSL_CLIENT_CERTIFICATE, - SSL_CLIENT_KEY_EXCHANGE, - SSL_CERTIFICATE_VERIFY, - SSL_CLIENT_CHANGE_CIPHER_SPEC, - SSL_CLIENT_FINISHED, - SSL_SERVER_CHANGE_CIPHER_SPEC, - SSL_SERVER_FINISHED, - SSL_FLUSH_BUFFERS, - SSL_HANDSHAKE_OVER -} -ssl_states; - -typedef struct _ssl_session ssl_session; -typedef struct _ssl_context ssl_context; - -/* - * This structure is used for session resuming. - */ -struct _ssl_session -{ - time_t start; /*!< starting time */ - int ciphersuite; /*!< chosen ciphersuite */ - size_t length; /*!< session id length */ - unsigned char id[32]; /*!< session identifier */ - unsigned char master[48]; /*!< the master secret */ - ssl_session *next; /*!< next session entry */ -}; - -struct _ssl_context -{ - /* - * Miscellaneous - */ - int state; /*!< SSL handshake: current state */ - - int major_ver; /*!< equal to SSL_MAJOR_VERSION_3 */ - int minor_ver; /*!< either 0 (SSL3) or 1 (TLS1.0) */ - - int max_major_ver; /*!< max. major version from client */ - int max_minor_ver; /*!< max. minor version from client */ - - /* - * Callbacks (RNG, debug, I/O, verification) - */ - int (*f_rng)(void *, unsigned char *, size_t); - void (*f_dbg)(void *, int, const char *); - int (*f_recv)(void *, unsigned char *, size_t); - int (*f_send)(void *, const unsigned char *, size_t); - int (*f_vrfy)(void *, x509_cert *, int, int); - - void *p_rng; /*!< context for the RNG function */ - void *p_dbg; /*!< context for the debug function */ - void *p_recv; /*!< context for reading operations */ - void *p_send; /*!< context for writing operations */ - void *p_vrfy; /*!< context for verification */ - - /* - * Session layer - */ - int resume; /*!< session resuming flag */ - int timeout; /*!< sess. expiration time */ - ssl_session *session; /*!< current session data */ - int (*s_get)(ssl_context *); /*!< (server) get callback */ - int (*s_set)(ssl_context *); /*!< (server) set callback */ - - /* - * Record layer (incoming data) - */ - unsigned char *in_ctr; /*!< 64-bit incoming message counter */ - unsigned char *in_hdr; /*!< 5-byte record header (in_ctr+8) */ - unsigned char *in_msg; /*!< the message contents (in_hdr+5) */ - unsigned char *in_offt; /*!< read offset in application data */ - - int in_msgtype; /*!< record header: message type */ - size_t in_msglen; /*!< record header: message length */ - size_t in_left; /*!< amount of data read so far */ - - size_t in_hslen; /*!< current handshake message length */ - int nb_zero; /*!< # of 0-length encrypted messages */ - - /* - * Record layer (outgoing data) - */ - unsigned char *out_ctr; /*!< 64-bit outgoing message counter */ - unsigned char *out_hdr; /*!< 5-byte record header (out_ctr+8) */ - unsigned char *out_msg; /*!< the message contents (out_hdr+5) */ - - int out_msgtype; /*!< record header: message type */ - size_t out_msglen; /*!< record header: message length */ - size_t out_left; /*!< amount of data not yet written */ - - /* - * PKI layer - */ - rsa_context *rsa_key; /*!< own RSA private key */ -#if defined(POLARSSL_PKCS11_C) - pkcs11_context *pkcs11_key; /*!< own PKCS#11 RSA private key */ -#endif - x509_cert *own_cert; /*!< own X.509 certificate */ - x509_cert *ca_chain; /*!< own trusted CA chain */ - x509_crl *ca_crl; /*!< trusted CA CRLs */ - x509_cert *peer_cert; /*!< peer X.509 cert chain */ - const char *peer_cn; /*!< expected peer CN */ - - int endpoint; /*!< 0: client, 1: server */ - int authmode; /*!< verification mode */ - int client_auth; /*!< flag for client auth. */ - int verify_result; /*!< verification result */ - - /* - * Crypto layer - */ - dhm_context dhm_ctx; /*!< DHM key exchange */ - unsigned char ctx_checksum[500]; /*!< Checksum context(s) */ - - void (*update_checksum)(ssl_context *, unsigned char *, size_t); - void (*calc_verify)(ssl_context *, unsigned char *); - void (*calc_finished)(ssl_context *, unsigned char *, int); - int (*tls_prf)(unsigned char *, size_t, char *, - unsigned char *, size_t, - unsigned char *, size_t); - - int do_crypt; /*!< en(de)cryption flag */ - int *ciphersuites; /*!< allowed ciphersuites */ - size_t pmslen; /*!< premaster length */ - unsigned int keylen; /*!< symmetric key length */ - size_t minlen; /*!< min. ciphertext length */ - size_t ivlen; /*!< IV length */ - size_t fixed_ivlen; /*!< Fixed part of IV (AEAD) */ - size_t maclen; /*!< MAC length */ - - unsigned char randbytes[64]; /*!< random bytes */ - unsigned char premaster[256]; /*!< premaster secret */ - - unsigned char iv_enc[16]; /*!< IV (encryption) */ - unsigned char iv_dec[16]; /*!< IV (decryption) */ - - unsigned char mac_enc[32]; /*!< MAC (encryption) */ - unsigned char mac_dec[32]; /*!< MAC (decryption) */ - - unsigned long ctx_enc[134]; /*!< encryption context */ - unsigned long ctx_dec[134]; /*!< decryption context */ - - /* - * TLS extensions - */ - unsigned char *hostname; - size_t hostname_len; -}; - -#ifdef __cplusplus -extern "C" { -#endif - -extern int ssl_default_ciphersuites[]; - -/** - * \brief Returns the list of ciphersuites supported by the SSL/TLS module. - * - * \return a statically allocated array of ciphersuites, the last - * entry is 0. - */ -static inline const int *ssl_list_ciphersuites( void ) -{ - return ssl_default_ciphersuites; -} - -/** - * \brief Return the name of the ciphersuite associated with the given - * ID - * - * \param ciphersuite_id SSL ciphersuite ID - * - * \return a string containing the ciphersuite name - */ -const char *ssl_get_ciphersuite_name( const int ciphersuite_id ); - -/** - * \brief Return the ID of the ciphersuite associated with the given - * name - * - * \param ciphersuite_name SSL ciphersuite name - * - * \return the ID with the ciphersuite or 0 if not found - */ -int ssl_get_ciphersuite_id( const char *ciphersuite_name ); - -/** - * \brief Initialize an SSL context - * - * \param ssl SSL context - * - * \return 0 if successful, or POLARSSL_ERR_SSL_MALLOC_FAILED if - * memory allocation failed - */ -int ssl_init( ssl_context *ssl ); - -/** - * \brief Reset an already initialized SSL context for re-use - * while retaining application-set variables, function - * pointers and data. - * - * \param ssl SSL context - */ -void ssl_session_reset( ssl_context *ssl ); - -/** - * \brief Set the current endpoint type - * - * \param ssl SSL context - * \param endpoint must be SSL_IS_CLIENT or SSL_IS_SERVER - */ -void ssl_set_endpoint( ssl_context *ssl, int endpoint ); - -/** - * \brief Set the certificate verification mode - * - * \param ssl SSL context - * \param authmode can be: - * - * SSL_VERIFY_NONE: peer certificate is not checked (default), - * this is insecure and SHOULD be avoided. - * - * SSL_VERIFY_OPTIONAL: peer certificate is checked, however the - * handshake continues even if verification failed; - * ssl_get_verify_result() can be called after the - * handshake is complete. - * - * SSL_VERIFY_REQUIRED: peer *must* present a valid certificate, - * handshake is aborted if verification failed. - */ -void ssl_set_authmode( ssl_context *ssl, int authmode ); - -/** - * \brief Set the verification callback (Optional). - * - * If set, the verification callback is called once for every - * certificate in the chain. The verification function has the - * following parameter: (void *parameter, x509_cert certificate, - * int certifcate_depth, int preverify_ok). It should - * return 0 on SUCCESS. - * - * \param ssl SSL context - * \param f_vrfy verification function - * \param p_vrfy verification parameter - */ -void ssl_set_verify( ssl_context *ssl, - int (*f_vrfy)(void *, x509_cert *, int, int), - void *p_vrfy ); - -/** - * \brief Set the random number generator callback - * - * \param ssl SSL context - * \param f_rng RNG function - * \param p_rng RNG parameter - */ -void ssl_set_rng( ssl_context *ssl, - int (*f_rng)(void *, unsigned char *, size_t), - void *p_rng ); - -/** - * \brief Set the debug callback - * - * \param ssl SSL context - * \param f_dbg debug function - * \param p_dbg debug parameter - */ -void ssl_set_dbg( ssl_context *ssl, - void (*f_dbg)(void *, int, const char *), - void *p_dbg ); - -/** - * \brief Set the underlying BIO read and write callbacks - * - * \param ssl SSL context - * \param f_recv read callback - * \param p_recv read parameter - * \param f_send write callback - * \param p_send write parameter - */ -void ssl_set_bio( ssl_context *ssl, - int (*f_recv)(void *, unsigned char *, size_t), void *p_recv, - int (*f_send)(void *, const unsigned char *, size_t), void *p_send ); - -/** - * \brief Set the session callbacks (server-side only) - * - * \param ssl SSL context - * \param s_get session get callback - * \param s_set session set callback - */ -void ssl_set_scb( ssl_context *ssl, - int (*s_get)(ssl_context *), - int (*s_set)(ssl_context *) ); - -/** - * \brief Set the session resuming flag, timeout and data - * - * \param ssl SSL context - * \param resume if 0 (default), the session will not be resumed - * \param timeout session timeout in seconds, or 0 (no timeout) - * \param session session context - */ -void ssl_set_session( ssl_context *ssl, int resume, int timeout, - ssl_session *session ); - -/** - * \brief Set the list of allowed ciphersuites - * - * \param ssl SSL context - * \param ciphersuites 0-terminated list of allowed ciphersuites - */ -void ssl_set_ciphersuites( ssl_context *ssl, int *ciphersuites ); - -/** - * \brief Set the data required to verify peer certificate - * - * \param ssl SSL context - * \param ca_chain trusted CA chain - * \param ca_crl trusted CA CRLs - * \param peer_cn expected peer CommonName (or NULL) - * - * \note TODO: add two more parameters: depth and crl - */ -void ssl_set_ca_chain( ssl_context *ssl, x509_cert *ca_chain, - x509_crl *ca_crl, const char *peer_cn ); - -/** - * \brief Set own certificate and private key - * - * \param ssl SSL context - * \param own_cert own public certificate - * \param rsa_key own private RSA key - */ -void ssl_set_own_cert( ssl_context *ssl, x509_cert *own_cert, - rsa_context *rsa_key ); - -#if defined(POLARSSL_PKCS11_C) -/** - * \brief Set own certificate and PKCS#11 private key - * - * \param ssl SSL context - * \param own_cert own public certificate - * \param pkcs11_key own PKCS#11 RSA key - */ -void ssl_set_own_cert_pkcs11( ssl_context *ssl, x509_cert *own_cert, - pkcs11_context *pkcs11_key ); -#endif - -/** - * \brief Set the Diffie-Hellman public P and G values, - * read as hexadecimal strings (server-side only) - * - * \param ssl SSL context - * \param dhm_P Diffie-Hellman-Merkle modulus - * \param dhm_G Diffie-Hellman-Merkle generator - * - * \return 0 if successful - */ -int ssl_set_dh_param( ssl_context *ssl, const char *dhm_P, const char *dhm_G ); - -/** - * \brief Set the Diffie-Hellman public P and G values, - * read from existing context (server-side only) - * - * \param ssl SSL context - * \param dhm_ctx Diffie-Hellman-Merkle context - * - * \return 0 if successful - */ -int ssl_set_dh_param_ctx( ssl_context *ssl, dhm_context *dhm_ctx ); - -/** - * \brief Set hostname for ServerName TLS Extension - * - * - * \param ssl SSL context - * \param hostname the server hostname - * - * \return 0 if successful or POLARSSL_ERR_SSL_MALLOC_FAILED - */ -int ssl_set_hostname( ssl_context *ssl, const char *hostname ); - -/** - * \brief Set the maximum supported version sent from the client side - * - * \param ssl SSL context - * \param major Major version number (only SSL_MAJOR_VERSION_3 supported) - * \param minor Minor version number (SSL_MINOR_VERSION_0, - * SSL_MINOR_VERSION_1 and SSL_MINOR_VERSION_2, - * SSL_MINOR_VERSION_3 supported) - */ -void ssl_set_max_version( ssl_context *ssl, int major, int minor ); - -/** - * \brief Return the number of data bytes available to read - * - * \param ssl SSL context - * - * \return how many bytes are available in the read buffer - */ -size_t ssl_get_bytes_avail( const ssl_context *ssl ); - -/** - * \brief Return the result of the certificate verification - * - * \param ssl SSL context - * - * \return 0 if successful, or a combination of: - * BADCERT_EXPIRED - * BADCERT_REVOKED - * BADCERT_CN_MISMATCH - * BADCERT_NOT_TRUSTED - */ -int ssl_get_verify_result( const ssl_context *ssl ); - -/** - * \brief Return the name of the current ciphersuite - * - * \param ssl SSL context - * - * \return a string containing the ciphersuite name - */ -const char *ssl_get_ciphersuite( const ssl_context *ssl ); - -/** - * \brief Return the current SSL version (SSLv3/TLSv1/etc) - * - * \param ssl SSL context - * - * \return a string containing the SSL version - */ -const char *ssl_get_version( const ssl_context *ssl ); - -/** - * \brief Perform the SSL handshake - * - * \param ssl SSL context - * - * \return 0 if successful, POLARSSL_ERR_NET_WANT_READ, - * POLARSSL_ERR_NET_WANT_WRITE, or a specific SSL error code. - */ -int ssl_handshake( ssl_context *ssl ); - -/** - * \brief Read at most 'len' application data bytes - * - * \param ssl SSL context - * \param buf buffer that will hold the data - * \param len how many bytes must be read - * - * \return This function returns the number of bytes read, 0 for EOF, - * or a negative error code. - */ -int ssl_read( ssl_context *ssl, unsigned char *buf, size_t len ); - -/** - * \brief Write exactly 'len' application data bytes - * - * \param ssl SSL context - * \param buf buffer holding the data - * \param len how many bytes must be written - * - * \return This function returns the number of bytes written, - * or a negative error code. - * - * \note When this function returns POLARSSL_ERR_NET_WANT_WRITE, - * it must be called later with the *same* arguments, - * until it returns a positive value. - */ -int ssl_write( ssl_context *ssl, const unsigned char *buf, size_t len ); - -/** - * \brief Send an alert message - * - * \param ssl SSL context - * \param level The alert level of the message - * (SSL_ALERT_LEVEL_WARNING or SSL_ALERT_LEVEL_FATAL) - * \param message The alert message (SSL_ALERT_MSG_*) - * - * \return 1 if successful, or a specific SSL error code. - */ -int ssl_send_alert_message( ssl_context *ssl, - unsigned char level, - unsigned char message ); -/** - * \brief Notify the peer that the connection is being closed - * - * \param ssl SSL context - */ -int ssl_close_notify( ssl_context *ssl ); - -/** - * \brief Free an SSL context - * - * \param ssl SSL context - */ -void ssl_free( ssl_context *ssl ); - -/* - * Internal functions (do not call directly) - */ -int ssl_handshake_client( ssl_context *ssl ); -int ssl_handshake_server( ssl_context *ssl ); - -int ssl_derive_keys( ssl_context *ssl ); - -int ssl_read_record( ssl_context *ssl ); -/** - * \return 0 if successful, POLARSSL_ERR_SSL_CONN_EOF on EOF or - * another negative error code. - */ -int ssl_fetch_input( ssl_context *ssl, size_t nb_want ); - -int ssl_write_record( ssl_context *ssl ); -int ssl_flush_output( ssl_context *ssl ); - -int ssl_parse_certificate( ssl_context *ssl ); -int ssl_write_certificate( ssl_context *ssl ); - -int ssl_parse_change_cipher_spec( ssl_context *ssl ); -int ssl_write_change_cipher_spec( ssl_context *ssl ); - -int ssl_parse_finished( ssl_context *ssl ); -int ssl_write_finished( ssl_context *ssl ); - -void ssl_kickstart_checksum( ssl_context *ssl, int ciphersuite, - unsigned char *input_buf, size_t len ); - -#ifdef __cplusplus -} -#endif - -#endif /* ssl.h */ diff --git a/polarssl/src/include/polarssl/timing.h b/polarssl/src/include/polarssl/timing.h deleted file mode 100644 index 355c63c..0000000 --- a/polarssl/src/include/polarssl/timing.h +++ /dev/null @@ -1,75 +0,0 @@ -/** - * \file timing.h - * - * \brief Portable interface to the CPU cycle counter - * - * Copyright (C) 2006-2010, Brainspark B.V. - * - * This file is part of PolarSSL (http://www.polarssl.org) - * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> - * - * All rights reserved. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_TIMING_H -#define POLARSSL_TIMING_H - -/** - * \brief timer structure - */ -struct hr_time -{ - unsigned char opaque[32]; -}; - -#ifdef __cplusplus -extern "C" { -#endif - -extern volatile int alarmed; - -/** - * \brief Return the CPU cycle counter value - */ -unsigned long hardclock( void ); - -/** - * \brief Return the elapsed time in milliseconds - * - * \param val points to a timer structure - * \param reset if set to 1, the timer is restarted - */ -unsigned long get_timer( struct hr_time *val, int reset ); - -/** - * \brief Setup an alarm clock - * - * \param seconds delay before the "alarmed" flag is set - */ -void set_alarm( int seconds ); - -/** - * \brief Sleep for a certain amount of time - * - * \param milliseconds delay in milliseconds - */ -void m_sleep( int milliseconds ); - -#ifdef __cplusplus -} -#endif - -#endif /* timing.h */ diff --git a/polarssl/src/include/polarssl/version.h b/polarssl/src/include/polarssl/version.h deleted file mode 100644 index 98eb0b3..0000000 --- a/polarssl/src/include/polarssl/version.h +++ /dev/null @@ -1,81 +0,0 @@ -/** - * \file version.h - * - * \brief Run-time version information - * - * Copyright (C) 2006-2010, Brainspark B.V. - * - * This file is part of PolarSSL (http://www.polarssl.org) - * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> - * - * All rights reserved. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -/* - * This set of compile-time defines and run-time variables can be used to - * determine the version number of the PolarSSL library used. - */ -#ifndef POLARSSL_VERSION_H -#define POLARSSL_VERSION_H - -#include "config.h" - -/** - * The version number x.y.z is split into three parts. - * Major, Minor, Patchlevel - */ -#define POLARSSL_VERSION_MAJOR 1 -#define POLARSSL_VERSION_MINOR 1 -#define POLARSSL_VERSION_PATCH 1 - -/** - * The single version number has the following structure: - * MMNNPP00 - * Major version | Minor version | Patch version - */ -#define POLARSSL_VERSION_NUMBER 0x01010100 -#define POLARSSL_VERSION_STRING "1.1.1" -#define POLARSSL_VERSION_STRING_FULL "PolarSSL 1.1.1" - -#if defined(POLARSSL_VERSION_C) - -/** - * Get the version number. - * - * \return The constructed version number in the format - * MMNNPP00 (Major, Minor, Patch). - */ -unsigned int version_get_number( void ); - -/** - * Get the version string ("x.y.z"). - * - * \param string The string that will receive the value. - * (Should be at least 9 bytes in size) - */ -void version_get_string( char *string ); - -/** - * Get the full version string ("PolarSSL x.y.z"). - * - * \param string The string that will receive the value. - * (Should be at least 18 bytes in size) - */ -void version_get_string_full( char *string ); - -#endif /* POLARSSL_VERSION_C */ - -#endif /* version.h */ diff --git a/polarssl/src/include/polarssl/x509.h b/polarssl/src/include/polarssl/x509.h deleted file mode 100644 index 2cd883f..0000000 --- a/polarssl/src/include/polarssl/x509.h +++ /dev/null @@ -1,733 +0,0 @@ -/** - * \file x509.h - * - * \brief X.509 certificate and private key decoding - * - * Copyright (C) 2006-2011, Brainspark B.V. - * - * This file is part of PolarSSL (http://www.polarssl.org) - * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> - * - * All rights reserved. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_X509_H -#define POLARSSL_X509_H - -#include "asn1.h" -#include "rsa.h" -#include "dhm.h" - -/** - * \addtogroup x509_module - * \{ - */ - -/** - * \name X509 Error codes - * \{ - */ -#define POLARSSL_ERR_X509_FEATURE_UNAVAILABLE -0x2080 /**< Unavailable feature, e.g. RSA hashing/encryption combination. */ -#define POLARSSL_ERR_X509_CERT_INVALID_PEM -0x2100 /**< The PEM-encoded certificate contains invalid elements, e.g. invalid character. */ -#define POLARSSL_ERR_X509_CERT_INVALID_FORMAT -0x2180 /**< The certificate format is invalid, e.g. different type expected. */ -#define POLARSSL_ERR_X509_CERT_INVALID_VERSION -0x2200 /**< The certificate version element is invalid. */ -#define POLARSSL_ERR_X509_CERT_INVALID_SERIAL -0x2280 /**< The serial tag or value is invalid. */ -#define POLARSSL_ERR_X509_CERT_INVALID_ALG -0x2300 /**< The algorithm tag or value is invalid. */ -#define POLARSSL_ERR_X509_CERT_INVALID_NAME -0x2380 /**< The name tag or value is invalid. */ -#define POLARSSL_ERR_X509_CERT_INVALID_DATE -0x2400 /**< The date tag or value is invalid. */ -#define POLARSSL_ERR_X509_CERT_INVALID_PUBKEY -0x2480 /**< The pubkey tag or value is invalid (only RSA is supported). */ -#define POLARSSL_ERR_X509_CERT_INVALID_SIGNATURE -0x2500 /**< The signature tag or value invalid. */ -#define POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS -0x2580 /**< The extension tag or value is invalid. */ -#define POLARSSL_ERR_X509_CERT_UNKNOWN_VERSION -0x2600 /**< Certificate or CRL has an unsupported version number. */ -#define POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG -0x2680 /**< Signature algorithm (oid) is unsupported. */ -#define POLARSSL_ERR_X509_UNKNOWN_PK_ALG -0x2700 /**< Key algorithm is unsupported (only RSA is supported). */ -#define POLARSSL_ERR_X509_CERT_SIG_MISMATCH -0x2780 /**< Certificate signature algorithms do not match. (see \c ::x509_cert sig_oid) */ -#define POLARSSL_ERR_X509_CERT_VERIFY_FAILED -0x2800 /**< Certificate verification failed, e.g. CRL, CA or signature check failed. */ -#define POLARSSL_ERR_X509_KEY_INVALID_VERSION -0x2880 /**< Unsupported RSA key version */ -#define POLARSSL_ERR_X509_KEY_INVALID_FORMAT -0x2900 /**< Invalid RSA key tag or value. */ -#define POLARSSL_ERR_X509_CERT_UNKNOWN_FORMAT -0x2980 /**< Format not recognized as DER or PEM. */ -#define POLARSSL_ERR_X509_INVALID_INPUT -0x2A00 /**< Input invalid. */ -#define POLARSSL_ERR_X509_MALLOC_FAILED -0x2A80 /**< Allocation of memory failed. */ -#define POLARSSL_ERR_X509_FILE_IO_ERROR -0x2B00 /**< Read/write of file failed. */ -/* \} name */ - - -/** - * \name X509 Verify codes - * \{ - */ -#define BADCERT_EXPIRED 0x01 /**< The certificate validity has expired. */ -#define BADCERT_REVOKED 0x02 /**< The certificate has been revoked (is on a CRL). */ -#define BADCERT_CN_MISMATCH 0x04 /**< The certificate Common Name (CN) does not match with the expected CN. */ -#define BADCERT_NOT_TRUSTED 0x08 /**< The certificate is not correctly signed by the trusted CA. */ -#define BADCRL_NOT_TRUSTED 0x10 /**< CRL is not correctly signed by the trusted CA. */ -#define BADCRL_EXPIRED 0x20 /**< CRL is expired. */ -#define BADCERT_MISSING 0x40 /**< Certificate was missing. */ -#define BADCERT_SKIP_VERIFY 0x80 /**< Certificate verification was skipped. */ -/* \} name */ -/* \} addtogroup x509_module */ - -/* - * various object identifiers - */ -#define X520_COMMON_NAME 3 -#define X520_COUNTRY 6 -#define X520_LOCALITY 7 -#define X520_STATE 8 -#define X520_ORGANIZATION 10 -#define X520_ORG_UNIT 11 -#define PKCS9_EMAIL 1 - -#define X509_OUTPUT_DER 0x01 -#define X509_OUTPUT_PEM 0x02 -#define PEM_LINE_LENGTH 72 -#define X509_ISSUER 0x01 -#define X509_SUBJECT 0x02 - -#define OID_X520 "\x55\x04" -#define OID_CN OID_X520 "\x03" -#define OID_COUNTRY OID_X520 "\x06" -#define OID_LOCALITY OID_X520 "\x07" -#define OID_STATE OID_X520 "\x08" -#define OID_ORGANIZATION OID_X520 "\x0A" -#define OID_ORG_UNIT OID_X520 "\x0B" - -#define OID_PKCS1 "\x2A\x86\x48\x86\xF7\x0D\x01\x01" -#define OID_PKCS1_RSA OID_PKCS1 "\x01" -#define OID_PKCS1_SHA1 OID_PKCS1 "\x05" - -#define OID_RSA_SHA_OBS "\x2B\x0E\x03\x02\x1D" - -#define OID_PKCS9 "\x2A\x86\x48\x86\xF7\x0D\x01\x09" -#define OID_PKCS9_EMAIL OID_PKCS9 "\x01" - -/** ISO arc for standard certificate and CRL extensions */ -#define OID_ID_CE "\x55\x1D" /**< id-ce OBJECT IDENTIFIER ::= {joint-iso-ccitt(2) ds(5) 29} */ - -/** - * Private Internet Extensions - * { iso(1) identified-organization(3) dod(6) internet(1) - * security(5) mechanisms(5) pkix(7) } - */ -#define OID_PKIX "\x2B\x06\x01\x05\x05\x07" - -/* - * OIDs for standard certificate extensions - */ -#define OID_AUTHORITY_KEY_IDENTIFIER OID_ID_CE "\x23" /**< id-ce-authorityKeyIdentifier OBJECT IDENTIFIER ::= { id-ce 35 } */ -#define OID_SUBJECT_KEY_IDENTIFIER OID_ID_CE "\x0E" /**< id-ce-subjectKeyIdentifier OBJECT IDENTIFIER ::= { id-ce 14 } */ -#define OID_KEY_USAGE OID_ID_CE "\x0F" /**< id-ce-keyUsage OBJECT IDENTIFIER ::= { id-ce 15 } */ -#define OID_CERTIFICATE_POLICIES OID_ID_CE "\x20" /**< id-ce-certificatePolicies OBJECT IDENTIFIER ::= { id-ce 32 } */ -#define OID_POLICY_MAPPINGS OID_ID_CE "\x21" /**< id-ce-policyMappings OBJECT IDENTIFIER ::= { id-ce 33 } */ -#define OID_SUBJECT_ALT_NAME OID_ID_CE "\x11" /**< id-ce-subjectAltName OBJECT IDENTIFIER ::= { id-ce 17 } */ -#define OID_ISSUER_ALT_NAME OID_ID_CE "\x12" /**< id-ce-issuerAltName OBJECT IDENTIFIER ::= { id-ce 18 } */ -#define OID_SUBJECT_DIRECTORY_ATTRS OID_ID_CE "\x09" /**< id-ce-subjectDirectoryAttributes OBJECT IDENTIFIER ::= { id-ce 9 } */ -#define OID_BASIC_CONSTRAINTS OID_ID_CE "\x13" /**< id-ce-basicConstraints OBJECT IDENTIFIER ::= { id-ce 19 } */ -#define OID_NAME_CONSTRAINTS OID_ID_CE "\x1E" /**< id-ce-nameConstraints OBJECT IDENTIFIER ::= { id-ce 30 } */ -#define OID_POLICY_CONSTRAINTS OID_ID_CE "\x24" /**< id-ce-policyConstraints OBJECT IDENTIFIER ::= { id-ce 36 } */ -#define OID_EXTENDED_KEY_USAGE OID_ID_CE "\x25" /**< id-ce-extKeyUsage OBJECT IDENTIFIER ::= { id-ce 37 } */ -#define OID_CRL_DISTRIBUTION_POINTS OID_ID_CE "\x1F" /**< id-ce-cRLDistributionPoints OBJECT IDENTIFIER ::= { id-ce 31 } */ -#define OID_INIHIBIT_ANYPOLICY OID_ID_CE "\x36" /**< id-ce-inhibitAnyPolicy OBJECT IDENTIFIER ::= { id-ce 54 } */ -#define OID_FRESHEST_CRL OID_ID_CE "\x2E" /**< id-ce-freshestCRL OBJECT IDENTIFIER ::= { id-ce 46 } */ - -/* - * X.509 v3 Key Usage Extension flags - */ -#define KU_DIGITAL_SIGNATURE (0x80) /* bit 0 */ -#define KU_NON_REPUDIATION (0x40) /* bit 1 */ -#define KU_KEY_ENCIPHERMENT (0x20) /* bit 2 */ -#define KU_DATA_ENCIPHERMENT (0x10) /* bit 3 */ -#define KU_KEY_AGREEMENT (0x08) /* bit 4 */ -#define KU_KEY_CERT_SIGN (0x04) /* bit 5 */ -#define KU_CRL_SIGN (0x02) /* bit 6 */ - -/* - * X.509 v3 Extended key usage OIDs - */ -#define OID_ANY_EXTENDED_KEY_USAGE OID_EXTENDED_KEY_USAGE "\x00" /**< anyExtendedKeyUsage OBJECT IDENTIFIER ::= { id-ce-extKeyUsage 0 } */ - -#define OID_KP OID_PKIX "\x03" /**< id-kp OBJECT IDENTIFIER ::= { id-pkix 3 } */ -#define OID_SERVER_AUTH OID_KP "\x01" /**< id-kp-serverAuth OBJECT IDENTIFIER ::= { id-kp 1 } */ -#define OID_CLIENT_AUTH OID_KP "\x02" /**< id-kp-clientAuth OBJECT IDENTIFIER ::= { id-kp 2 } */ -#define OID_CODE_SIGNING OID_KP "\x03" /**< id-kp-codeSigning OBJECT IDENTIFIER ::= { id-kp 3 } */ -#define OID_EMAIL_PROTECTION OID_KP "\x04" /**< id-kp-emailProtection OBJECT IDENTIFIER ::= { id-kp 4 } */ -#define OID_TIME_STAMPING OID_KP "\x08" /**< id-kp-timeStamping OBJECT IDENTIFIER ::= { id-kp 8 } */ -#define OID_OCSP_SIGNING OID_KP "\x09" /**< id-kp-OCSPSigning OBJECT IDENTIFIER ::= { id-kp 9 } */ - -#define STRING_SERVER_AUTH "TLS Web Server Authentication" -#define STRING_CLIENT_AUTH "TLS Web Client Authentication" -#define STRING_CODE_SIGNING "Code Signing" -#define STRING_EMAIL_PROTECTION "E-mail Protection" -#define STRING_TIME_STAMPING "Time Stamping" -#define STRING_OCSP_SIGNING "OCSP Signing" - -/* - * OIDs for CRL extensions - */ -#define OID_PRIVATE_KEY_USAGE_PERIOD OID_ID_CE "\x10" -#define OID_CRL_NUMBER OID_ID_CE "\x14" /**< id-ce-cRLNumber OBJECT IDENTIFIER ::= { id-ce 20 } */ - -/* - * Netscape certificate extensions - */ -#define OID_NETSCAPE "\x60\x86\x48\x01\x86\xF8\x42" /**< Netscape OID */ -#define OID_NS_CERT OID_NETSCAPE "\x01" -#define OID_NS_CERT_TYPE OID_NS_CERT "\x01" -#define OID_NS_BASE_URL OID_NS_CERT "\x02" -#define OID_NS_REVOCATION_URL OID_NS_CERT "\x03" -#define OID_NS_CA_REVOCATION_URL OID_NS_CERT "\x04" -#define OID_NS_RENEWAL_URL OID_NS_CERT "\x07" -#define OID_NS_CA_POLICY_URL OID_NS_CERT "\x08" -#define OID_NS_SSL_SERVER_NAME OID_NS_CERT "\x0C" -#define OID_NS_COMMENT OID_NS_CERT "\x0D" -#define OID_NS_DATA_TYPE OID_NETSCAPE "\x02" -#define OID_NS_CERT_SEQUENCE OID_NS_DATA_TYPE "\x05" - -/* - * Netscape certificate types - * (http://www.mozilla.org/projects/security/pki/nss/tech-notes/tn3.html) - */ - -#define NS_CERT_TYPE_SSL_CLIENT (0x80) /* bit 0 */ -#define NS_CERT_TYPE_SSL_SERVER (0x40) /* bit 1 */ -#define NS_CERT_TYPE_EMAIL (0x20) /* bit 2 */ -#define NS_CERT_TYPE_OBJECT_SIGNING (0x10) /* bit 3 */ -#define NS_CERT_TYPE_RESERVED (0x08) /* bit 4 */ -#define NS_CERT_TYPE_SSL_CA (0x04) /* bit 5 */ -#define NS_CERT_TYPE_EMAIL_CA (0x02) /* bit 6 */ -#define NS_CERT_TYPE_OBJECT_SIGNING_CA (0x01) /* bit 7 */ - -#define EXT_AUTHORITY_KEY_IDENTIFIER (1 << 0) -#define EXT_SUBJECT_KEY_IDENTIFIER (1 << 1) -#define EXT_KEY_USAGE (1 << 2) -#define EXT_CERTIFICATE_POLICIES (1 << 3) -#define EXT_POLICY_MAPPINGS (1 << 4) -#define EXT_SUBJECT_ALT_NAME (1 << 5) -#define EXT_ISSUER_ALT_NAME (1 << 6) -#define EXT_SUBJECT_DIRECTORY_ATTRS (1 << 7) -#define EXT_BASIC_CONSTRAINTS (1 << 8) -#define EXT_NAME_CONSTRAINTS (1 << 9) -#define EXT_POLICY_CONSTRAINTS (1 << 10) -#define EXT_EXTENDED_KEY_USAGE (1 << 11) -#define EXT_CRL_DISTRIBUTION_POINTS (1 << 12) -#define EXT_INIHIBIT_ANYPOLICY (1 << 13) -#define EXT_FRESHEST_CRL (1 << 14) - -#define EXT_NS_CERT_TYPE (1 << 16) - -/* - * Storage format identifiers - * Recognized formats: PEM and DER - */ -#define X509_FORMAT_DER 1 -#define X509_FORMAT_PEM 2 - -/** - * \addtogroup x509_module - * \{ */ - -/** - * \name Structures for parsing X.509 certificates and CRLs - * \{ - */ - -/** - * Type-length-value structure that allows for ASN1 using DER. - */ -typedef asn1_buf x509_buf; - -/** - * Container for ASN1 bit strings. - */ -typedef asn1_bitstring x509_bitstring; - -/** - * Container for ASN1 named information objects. - * It allows for Relative Distinguished Names (e.g. cn=polarssl,ou=code,etc.). - */ -typedef struct _x509_name -{ - x509_buf oid; /**< The object identifier. */ - x509_buf val; /**< The named value. */ - struct _x509_name *next; /**< The next named information object. */ -} -x509_name; - -/** - * Container for a sequence of ASN.1 items - */ -typedef asn1_sequence x509_sequence; - -/** Container for date and time (precision in seconds). */ -typedef struct _x509_time -{ - int year, mon, day; /**< Date. */ - int hour, min, sec; /**< Time. */ -} -x509_time; - -/** - * Container for an X.509 certificate. The certificate may be chained. - */ -typedef struct _x509_cert -{ - x509_buf raw; /**< The raw certificate data (DER). */ - x509_buf tbs; /**< The raw certificate body (DER). The part that is To Be Signed. */ - - int version; /**< The X.509 version. (0=v1, 1=v2, 2=v3) */ - x509_buf serial; /**< Unique id for certificate issued by a specific CA. */ - x509_buf sig_oid1; /**< Signature algorithm, e.g. sha1RSA */ - - x509_buf issuer_raw; /**< The raw issuer data (DER). Used for quick comparison. */ - x509_buf subject_raw; /**< The raw subject data (DER). Used for quick comparison. */ - - x509_name issuer; /**< The parsed issuer data (named information object). */ - x509_name subject; /**< The parsed subject data (named information object). */ - - x509_time valid_from; /**< Start time of certificate validity. */ - x509_time valid_to; /**< End time of certificate validity. */ - - x509_buf pk_oid; /**< Subject public key info. Includes the public key algorithm and the key itself. */ - rsa_context rsa; /**< Container for the RSA context. Only RSA is supported for public keys at this time. */ - - x509_buf issuer_id; /**< Optional X.509 v2/v3 issuer unique identifier. */ - x509_buf subject_id; /**< Optional X.509 v2/v3 subject unique identifier. */ - x509_buf v3_ext; /**< Optional X.509 v3 extensions. Only Basic Contraints are supported at this time. */ - x509_sequence subject_alt_names; /**< Optional list of Subject Alternative Names (Only dNSName supported). */ - - int ext_types; /**< Bit string containing detected and parsed extensions */ - int ca_istrue; /**< Optional Basic Constraint extension value: 1 if this certificate belongs to a CA, 0 otherwise. */ - int max_pathlen; /**< Optional Basic Constraint extension value: The maximum path length to the root certificate. */ - - unsigned char key_usage; /**< Optional key usage extension value: See the values below */ - - x509_sequence ext_key_usage; /**< Optional list of extended key usage OIDs. */ - - unsigned char ns_cert_type; /**< Optional Netscape certificate type extension value: See the values below */ - - x509_buf sig_oid2; /**< Signature algorithm. Must match sig_oid1. */ - x509_buf sig; /**< Signature: hash of the tbs part signed with the private key. */ - int sig_alg; /**< Internal representation of the signature algorithm, e.g. SIG_RSA_MD2 */ - - struct _x509_cert *next; /**< Next certificate in the CA-chain. */ -} -x509_cert; - -/** - * Certificate revocation list entry. - * Contains the CA-specific serial numbers and revocation dates. - */ -typedef struct _x509_crl_entry -{ - x509_buf raw; - - x509_buf serial; - - x509_time revocation_date; - - x509_buf entry_ext; - - struct _x509_crl_entry *next; -} -x509_crl_entry; - -/** - * Certificate revocation list structure. - * Every CRL may have multiple entries. - */ -typedef struct _x509_crl -{ - x509_buf raw; /**< The raw certificate data (DER). */ - x509_buf tbs; /**< The raw certificate body (DER). The part that is To Be Signed. */ - - int version; - x509_buf sig_oid1; - - x509_buf issuer_raw; /**< The raw issuer data (DER). */ - - x509_name issuer; /**< The parsed issuer data (named information object). */ - - x509_time this_update; - x509_time next_update; - - x509_crl_entry entry; /**< The CRL entries containing the certificate revocation times for this CA. */ - - x509_buf crl_ext; - - x509_buf sig_oid2; - x509_buf sig; - int sig_alg; - - struct _x509_crl *next; -} -x509_crl; -/** \} name Structures for parsing X.509 certificates and CRLs */ -/** \} addtogroup x509_module */ - -/** - * \name Structures for writing X.509 certificates. - * XvP: commented out as they are not used. - * - <tt>typedef struct _x509_node x509_node;</tt> - * - <tt>typedef struct _x509_raw x509_raw;</tt> - */ -/* -typedef struct _x509_node -{ - unsigned char *data; - unsigned char *p; - unsigned char *end; - - size_t len; -} -x509_node; - -typedef struct _x509_raw -{ - x509_node raw; - x509_node tbs; - - x509_node version; - x509_node serial; - x509_node tbs_signalg; - x509_node issuer; - x509_node validity; - x509_node subject; - x509_node subpubkey; - - x509_node signalg; - x509_node sign; -} -x509_raw; -*/ - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \name Functions to read in DHM parameters, a certificate, CRL or private RSA key - * \{ - */ - -/** \ingroup x509_module */ -/** - * \brief Parse one or more certificates and add them - * to the chained list. Parses permissively. If some - * certificates can be parsed, the result is the number - * of failed certificates it encountered. If none complete - * correctly, the first error is returned. - * - * \param chain points to the start of the chain - * \param buf buffer holding the certificate data - * \param buflen size of the buffer - * - * \return 0 if all certificates parsed successfully, a positive number - * if partly successful or a specific X509 or PEM error code - */ -int x509parse_crt( x509_cert *chain, const unsigned char *buf, size_t buflen ); - -/** \ingroup x509_module */ -/** - * \brief Load one or more certificates and add them - * to the chained list. Parses permissively. If some - * certificates can be parsed, the result is the number - * of failed certificates it encountered. If none complete - * correctly, the first error is returned. - * - * \param chain points to the start of the chain - * \param path filename to read the certificates from - * - * \return 0 if all certificates parsed successfully, a positive number - * if partly successful or a specific X509 or PEM error code - */ -int x509parse_crtfile( x509_cert *chain, const char *path ); - -/** \ingroup x509_module */ -/** - * \brief Parse one or more CRLs and add them - * to the chained list - * - * \param chain points to the start of the chain - * \param buf buffer holding the CRL data - * \param buflen size of the buffer - * - * \return 0 if successful, or a specific X509 or PEM error code - */ -int x509parse_crl( x509_crl *chain, const unsigned char *buf, size_t buflen ); - -/** \ingroup x509_module */ -/** - * \brief Load one or more CRLs and add them - * to the chained list - * - * \param chain points to the start of the chain - * \param path filename to read the CRLs from - * - * \return 0 if successful, or a specific X509 or PEM error code - */ -int x509parse_crlfile( x509_crl *chain, const char *path ); - -/** \ingroup x509_module */ -/** - * \brief Parse a private RSA key - * - * \param rsa RSA context to be initialized - * \param key input buffer - * \param keylen size of the buffer - * \param pwd password for decryption (optional) - * \param pwdlen size of the password - * - * \return 0 if successful, or a specific X509 or PEM error code - */ -int x509parse_key( rsa_context *rsa, - const unsigned char *key, size_t keylen, - const unsigned char *pwd, size_t pwdlen ); - -/** \ingroup x509_module */ -/** - * \brief Load and parse a private RSA key - * - * \param rsa RSA context to be initialized - * \param path filename to read the private key from - * \param password password to decrypt the file (can be NULL) - * - * \return 0 if successful, or a specific X509 or PEM error code - */ -int x509parse_keyfile( rsa_context *rsa, const char *path, - const char *password ); - -/** \ingroup x509_module */ -/** - * \brief Parse a public RSA key - * - * \param rsa RSA context to be initialized - * \param key input buffer - * \param keylen size of the buffer - * - * \return 0 if successful, or a specific X509 or PEM error code - */ -int x509parse_public_key( rsa_context *rsa, - const unsigned char *key, size_t keylen ); - -/** \ingroup x509_module */ -/** - * \brief Load and parse a public RSA key - * - * \param rsa RSA context to be initialized - * \param path filename to read the private key from - * - * \return 0 if successful, or a specific X509 or PEM error code - */ -int x509parse_public_keyfile( rsa_context *rsa, const char *path ); - -/** \ingroup x509_module */ -/** - * \brief Parse DHM parameters - * - * \param dhm DHM context to be initialized - * \param dhmin input buffer - * \param dhminlen size of the buffer - * - * \return 0 if successful, or a specific X509 or PEM error code - */ -int x509parse_dhm( dhm_context *dhm, const unsigned char *dhmin, size_t dhminlen ); - -/** \ingroup x509_module */ -/** - * \brief Load and parse DHM parameters - * - * \param dhm DHM context to be initialized - * \param path filename to read the DHM Parameters from - * - * \return 0 if successful, or a specific X509 or PEM error code - */ -int x509parse_dhmfile( dhm_context *dhm, const char *path ); - -/** \} name Functions to read in DHM parameters, a certificate, CRL or private RSA key */ - -/** - * \brief Store the certificate DN in printable form into buf; - * no more than size characters will be written. - * - * \param buf Buffer to write to - * \param size Maximum size of buffer - * \param dn The X509 name to represent - * - * \return The amount of data written to the buffer, or -1 in - * case of an error. - */ -int x509parse_dn_gets( char *buf, size_t size, const x509_name *dn ); - -/** - * \brief Store the certificate serial in printable form into buf; - * no more than size characters will be written. - * - * \param buf Buffer to write to - * \param size Maximum size of buffer - * \param serial The X509 serial to represent - * - * \return The amount of data written to the buffer, or -1 in - * case of an error. - */ -int x509parse_serial_gets( char *buf, size_t size, const x509_buf *serial ); - -/** - * \brief Returns an informational string about the - * certificate. - * - * \param buf Buffer to write to - * \param size Maximum size of buffer - * \param prefix A line prefix - * \param crt The X509 certificate to represent - * - * \return The amount of data written to the buffer, or -1 in - * case of an error. - */ -int x509parse_cert_info( char *buf, size_t size, const char *prefix, - const x509_cert *crt ); - -/** - * \brief Returns an informational string about the - * CRL. - * - * \param buf Buffer to write to - * \param size Maximum size of buffer - * \param prefix A line prefix - * \param crl The X509 CRL to represent - * - * \return The amount of data written to the buffer, or -1 in - * case of an error. - */ -int x509parse_crl_info( char *buf, size_t size, const char *prefix, - const x509_crl *crl ); - -/** - * \brief Give an known OID, return its descriptive string. - * - * \param oid buffer containing the oid - * - * \return Return a string if the OID is known, - * or NULL otherwise. - */ -const char *x509_oid_get_description( x509_buf *oid ); - -/* - * \brief Give an OID, return a string version of its OID number. - * - * \param buf Buffer to write to - * \param size Maximum size of buffer - * \param oid Buffer containing the OID - * - * \return The amount of data written to the buffer, or -1 in - * case of an error. - */ -int x509_oid_get_numeric_string( char *buf, size_t size, x509_buf *oid ); - -/** - * \brief Check a given x509_time against the system time and check - * if it is valid. - * - * \param time x509_time to check - * - * \return Return 0 if the x509_time is still valid, - * or 1 otherwise. - */ -int x509parse_time_expired( const x509_time *time ); - -/** - * \name Functions to verify a certificate - * \{ - */ -/** \ingroup x509_module */ -/** - * \brief Verify the certificate signature - * - * \param crt a certificate to be verified - * \param trust_ca the trusted CA chain - * \param ca_crl the CRL chain for trusted CA's - * \param cn expected Common Name (can be set to - * NULL if the CN must not be verified) - * \param flags result of the verification - * \param f_vrfy verification function - * \param p_vrfy verification parameter - * - * \return 0 if successful or POLARSSL_ERR_X509_SIG_VERIFY_FAILED, - * in which case *flags will have one or more of - * the following values set: - * BADCERT_EXPIRED -- - * BADCERT_REVOKED -- - * BADCERT_CN_MISMATCH -- - * BADCERT_NOT_TRUSTED - * - * \note TODO: add two arguments, depth and crl - */ -int x509parse_verify( x509_cert *crt, - x509_cert *trust_ca, - x509_crl *ca_crl, - const char *cn, int *flags, - int (*f_vrfy)(void *, x509_cert *, int, int), - void *p_vrfy ); - -/** - * \brief Verify the certificate signature - * - * \param crt a certificate to be verified - * \param crl the CRL to verify against - * - * \return 1 if the certificate is revoked, 0 otherwise - * - */ -int x509parse_revoked( const x509_cert *crt, const x509_crl *crl ); - -/** \} name Functions to verify a certificate */ - - - -/** - * \name Functions to clear a certificate, CRL or private RSA key - * \{ - */ -/** \ingroup x509_module */ -/** - * \brief Unallocate all certificate data - * - * \param crt Certificate chain to free - */ -void x509_free( x509_cert *crt ); - -/** \ingroup x509_module */ -/** - * \brief Unallocate all CRL data - * - * \param crl CRL chain to free - */ -void x509_crl_free( x509_crl *crl ); - -/** \} name Functions to clear a certificate, CRL or private RSA key */ - - -/** - * \brief Checkup routine - * - * \return 0 if successful, or 1 if the test failed - */ -int x509_self_test( int verbose ); - -#ifdef __cplusplus -} -#endif - -#endif /* x509.h */ diff --git a/polarssl/src/include/polarssl/x509write.h b/polarssl/src/include/polarssl/x509write.h deleted file mode 100644 index 8ce3d86..0000000 --- a/polarssl/src/include/polarssl/x509write.h +++ /dev/null @@ -1,46 +0,0 @@ -/** - * \file x509write.h - * - * \brief X509 buffer writing functionality - * - * Copyright (C) 2006-2012, Brainspark B.V. - * - * This file is part of PolarSSL (http://www.polarssl.org) - * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> - * - * All rights reserved. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_X509_WRITE_H -#define POLARSSL_X509_WRITE_H - -#include "rsa.h" - -typedef struct _x509_req_name -{ - char oid[128]; - char name[128]; - - struct _x509_req_name *next; -} -x509_req_name; - -int x509_write_pubkey_der( unsigned char *buf, size_t size, rsa_context *rsa ); -int x509_write_key_der( unsigned char *buf, size_t size, rsa_context *rsa ); -int x509_write_cert_req( unsigned char *buf, size_t size, rsa_context *rsa, - x509_req_name *req_name, int hash_id ); - -#endif /* POLARSSL_X509_WRITE_H */ diff --git a/polarssl/src/include/polarssl/xtea.h b/polarssl/src/include/polarssl/xtea.h deleted file mode 100644 index e2adb87..0000000 --- a/polarssl/src/include/polarssl/xtea.h +++ /dev/null @@ -1,111 +0,0 @@ -/** - * \file xtea.h - * - * \brief XTEA block cipher (32-bit) - * - * Copyright (C) 2006-2010, Brainspark B.V. - * - * This file is part of PolarSSL (http://www.polarssl.org) - * Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org> - * - * All rights reserved. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License along - * with this program; if not, write to the Free Software Foundation, Inc., - * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - */ -#ifndef POLARSSL_XTEA_H -#define POLARSSL_XTEA_H - -#include <string.h> - -#ifdef _MSC_VER -#include <basetsd.h> -typedef UINT32 uint32_t; -#else -#include <inttypes.h> -#endif - -#define XTEA_ENCRYPT 1 -#define XTEA_DECRYPT 0 - -#define POLARSSL_ERR_XTEA_INVALID_INPUT_LENGTH -0x0028 /**< The data input has an invalid length. */ - -/** - * \brief XTEA context structure - */ -typedef struct -{ - uint32_t k[4]; /*!< key */ -} -xtea_context; - -#ifdef __cplusplus -extern "C" { -#endif - -/** - * \brief XTEA key schedule - * - * \param ctx XTEA context to be initialized - * \param key the secret key - */ -void xtea_setup( xtea_context *ctx, unsigned char key[16] ); - -/** - * \brief XTEA cipher function - * - * \param ctx XTEA context - * \param mode XTEA_ENCRYPT or XTEA_DECRYPT - * \param input 8-byte input block - * \param output 8-byte output block - * - * \return 0 if successful - */ -int xtea_crypt_ecb( xtea_context *ctx, - int mode, - unsigned char input[8], - unsigned char output[8] ); - -/** - * \brief XTEA CBC cipher function - * - * \param ctx XTEA context - * \param mode XTEA_ENCRYPT or XTEA_DECRYPT - * \param length the length of input, multiple of 8 - * \param iv initialization vector for CBC mode - * \param input input block - * \param output output block - * - * \return 0 if successful, - * POLARSSL_ERR_XTEA_INVALID_INPUT_LENGTH if the length % 8 != 0 - */ -int xtea_crypt_cbc( xtea_context *ctx, - int mode, - size_t length, - unsigned char iv[8], - unsigned char *input, - unsigned char *output); - -/* - * \brief Checkup routine - * - * \return 0 if successful, or 1 if the test failed - */ -int xtea_self_test( int verbose ); - -#ifdef __cplusplus -} -#endif - -#endif /* xtea.h */ |