ShuriZma
/
dolphin
mirror of https://github.com/dolphin-emu/dolphin.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

mbedTLS: delete PolarSSL 1.3

This commit is contained in:
Tillmann Karras 2015-09-24 00:26:29 +02:00
parent ce75f55f25
commit 3ae092a086
141 changed files with 0 additions and 74733 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
Externals/polarssl/.gitignore vendored
View File

@ -1,5 +0,0 @@
CMakeCache.txt
CMakeFiles
CTestTestfile.cmake
cmake_install.cmake
Testing

2
Externals/polarssl/CMakeLists.txt vendored
View File

@ -1,2 +0,0 @@
include_directories(include/)
add_subdirectory(library)

1265
Externals/polarssl/ChangeLog vendored
View File

File diff suppressed because it is too large Load Diff

339
Externals/polarssl/LICENSE vendored
View File

@ -1,339 +0,0 @@
GNU GENERAL PUBLIC LICENSE
Version 2, June 1991
Copyright (C) 1989, 1991 Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
Preamble
The licenses for most software are designed to take away your
freedom to share and change it. By contrast, the GNU General Public
License is intended to guarantee your freedom to share and change free
software--to make sure the software is free for all its users. This
General Public License applies to most of the Free Software
Foundation's software and to any other program whose authors commit to
using it. (Some other Free Software Foundation software is covered by
the GNU Lesser General Public License instead.) You can apply it to
your programs, too.
When we speak of free software, we are referring to freedom, not
price. Our General Public Licenses are designed to make sure that you
have the freedom to distribute copies of free software (and charge for
this service if you wish), that you receive source code or can get it
if you want it, that you can change the software or use pieces of it
in new free programs; and that you know you can do these things.
To protect your rights, we need to make restrictions that forbid
anyone to deny you these rights or to ask you to surrender the rights.
These restrictions translate to certain responsibilities for you if you
distribute copies of the software, or if you modify it.
For example, if you distribute copies of such a program, whether
gratis or for a fee, you must give the recipients all the rights that
you have. You must make sure that they, too, receive or can get the
source code. And you must show them these terms so they know their
rights.
We protect your rights with two steps: (1) copyright the software, and
(2) offer you this license which gives you legal permission to copy,
distribute and/or modify the software.
Also, for each author's protection and ours, we want to make certain
that everyone understands that there is no warranty for this free
software. If the software is modified by someone else and passed on, we
want its recipients to know that what they have is not the original, so
that any problems introduced by others will not reflect on the original
authors' reputations.
Finally, any free program is threatened constantly by software
patents. We wish to avoid the danger that redistributors of a free
program will individually obtain patent licenses, in effect making the
program proprietary. To prevent this, we have made it clear that any
patent must be licensed for everyone's free use or not licensed at all.
The precise terms and conditions for copying, distribution and
modification follow.
GNU GENERAL PUBLIC LICENSE
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
0. This License applies to any program or other work which contains
a notice placed by the copyright holder saying it may be distributed
under the terms of this General Public License. The "Program", below,
refers to any such program or work, and a "work based on the Program"
means either the Program or any derivative work under copyright law:
that is to say, a work containing the Program or a portion of it,
either verbatim or with modifications and/or translated into another
language. (Hereinafter, translation is included without limitation in
the term "modification".) Each licensee is addressed as "you".
Activities other than copying, distribution and modification are not
covered by this License; they are outside its scope. The act of
running the Program is not restricted, and the output from the Program
is covered only if its contents constitute a work based on the
Program (independent of having been made by running the Program).
Whether that is true depends on what the Program does.
1. You may copy and distribute verbatim copies of the Program's
source code as you receive it, in any medium, provided that you
conspicuously and appropriately publish on each copy an appropriate
copyright notice and disclaimer of warranty; keep intact all the
notices that refer to this License and to the absence of any warranty;
and give any other recipients of the Program a copy of this License
along with the Program.
You may charge a fee for the physical act of transferring a copy, and
you may at your option offer warranty protection in exchange for a fee.
2. You may modify your copy or copies of the Program or any portion
of it, thus forming a work based on the Program, and copy and
distribute such modifications or work under the terms of Section 1
above, provided that you also meet all of these conditions:
a) You must cause the modified files to carry prominent notices
stating that you changed the files and the date of any change.
b) You must cause any work that you distribute or publish, that in
whole or in part contains or is derived from the Program or any
part thereof, to be licensed as a whole at no charge to all third
parties under the terms of this License.
c) If the modified program normally reads commands interactively
when run, you must cause it, when started running for such
interactive use in the most ordinary way, to print or display an
announcement including an appropriate copyright notice and a
notice that there is no warranty (or else, saying that you provide
a warranty) and that users may redistribute the program under
these conditions, and telling the user how to view a copy of this
License. (Exception: if the Program itself is interactive but
does not normally print such an announcement, your work based on
the Program is not required to print an announcement.)
These requirements apply to the modified work as a whole. If
identifiable sections of that work are not derived from the Program,
and can be reasonably considered independent and separate works in
themselves, then this License, and its terms, do not apply to those
sections when you distribute them as separate works. But when you
distribute the same sections as part of a whole which is a work based
on the Program, the distribution of the whole must be on the terms of
this License, whose permissions for other licensees extend to the
entire whole, and thus to each and every part regardless of who wrote it.
Thus, it is not the intent of this section to claim rights or contest
your rights to work written entirely by you; rather, the intent is to
exercise the right to control the distribution of derivative or
collective works based on the Program.
In addition, mere aggregation of another work not based on the Program
with the Program (or with a work based on the Program) on a volume of
a storage or distribution medium does not bring the other work under
the scope of this License.
3. You may copy and distribute the Program (or a work based on it,
under Section 2) in object code or executable form under the terms of
Sections 1 and 2 above provided that you also do one of the following:
a) Accompany it with the complete corresponding machine-readable
source code, which must be distributed under the terms of Sections
1 and 2 above on a medium customarily used for software interchange; or,
b) Accompany it with a written offer, valid for at least three
years, to give any third party, for a charge no more than your
cost of physically performing source distribution, a complete
machine-readable copy of the corresponding source code, to be
distributed under the terms of Sections 1 and 2 above on a medium
customarily used for software interchange; or,
c) Accompany it with the information you received as to the offer
to distribute corresponding source code. (This alternative is
allowed only for noncommercial distribution and only if you
received the program in object code or executable form with such
an offer, in accord with Subsection b above.)
The source code for a work means the preferred form of the work for
making modifications to it. For an executable work, complete source
code means all the source code for all modules it contains, plus any
associated interface definition files, plus the scripts used to
control compilation and installation of the executable. However, as a
special exception, the source code distributed need not include
anything that is normally distributed (in either source or binary
form) with the major components (compiler, kernel, and so on) of the
operating system on which the executable runs, unless that component
itself accompanies the executable.
If distribution of executable or object code is made by offering
access to copy from a designated place, then offering equivalent
access to copy the source code from the same place counts as
distribution of the source code, even though third parties are not
compelled to copy the source along with the object code.
4. You may not copy, modify, sublicense, or distribute the Program
except as expressly provided under this License. Any attempt
otherwise to copy, modify, sublicense or distribute the Program is
void, and will automatically terminate your rights under this License.
However, parties who have received copies, or rights, from you under
this License will not have their licenses terminated so long as such
parties remain in full compliance.
5. You are not required to accept this License, since you have not
signed it. However, nothing else grants you permission to modify or
distribute the Program or its derivative works. These actions are
prohibited by law if you do not accept this License. Therefore, by
modifying or distributing the Program (or any work based on the
Program), you indicate your acceptance of this License to do so, and
all its terms and conditions for copying, distributing or modifying
the Program or works based on it.
6. Each time you redistribute the Program (or any work based on the
Program), the recipient automatically receives a license from the
original licensor to copy, distribute or modify the Program subject to
these terms and conditions. You may not impose any further
restrictions on the recipients' exercise of the rights granted herein.
You are not responsible for enforcing compliance by third parties to
this License.
7. If, as a consequence of a court judgment or allegation of patent
infringement or for any other reason (not limited to patent issues),
conditions are imposed on you (whether by court order, agreement or
otherwise) that contradict the conditions of this License, they do not
excuse you from the conditions of this License. If you cannot
distribute so as to satisfy simultaneously your obligations under this
License and any other pertinent obligations, then as a consequence you
may not distribute the Program at all. For example, if a patent
license would not permit royalty-free redistribution of the Program by
all those who receive copies directly or indirectly through you, then
the only way you could satisfy both it and this License would be to
refrain entirely from distribution of the Program.
If any portion of this section is held invalid or unenforceable under
any particular circumstance, the balance of the section is intended to
apply and the section as a whole is intended to apply in other
circumstances.
It is not the purpose of this section to induce you to infringe any
patents or other property right claims or to contest validity of any
such claims; this section has the sole purpose of protecting the
integrity of the free software distribution system, which is
implemented by public license practices. Many people have made
generous contributions to the wide range of software distributed
through that system in reliance on consistent application of that
system; it is up to the author/donor to decide if he or she is willing
to distribute software through any other system and a licensee cannot
impose that choice.
This section is intended to make thoroughly clear what is believed to
be a consequence of the rest of this License.
8. If the distribution and/or use of the Program is restricted in
certain countries either by patents or by copyrighted interfaces, the
original copyright holder who places the Program under this License
may add an explicit geographical distribution limitation excluding
those countries, so that distribution is permitted only in or among
countries not thus excluded. In such case, this License incorporates
the limitation as if written in the body of this License.
9. The Free Software Foundation may publish revised and/or new versions
of the General Public License from time to time. Such new versions will
be similar in spirit to the present version, but may differ in detail to
address new problems or concerns.
Each version is given a distinguishing version number. If the Program
specifies a version number of this License which applies to it and "any
later version", you have the option of following the terms and conditions
either of that version or of any later version published by the Free
Software Foundation. If the Program does not specify a version number of
this License, you may choose any version ever published by the Free Software
Foundation.
10. If you wish to incorporate parts of the Program into other free
programs whose distribution conditions are different, write to the author
to ask for permission. For software which is copyrighted by the Free
Software Foundation, write to the Free Software Foundation; we sometimes
make exceptions for this. Our decision will be guided by the two goals
of preserving the free status of all derivatives of our free software and
of promoting the sharing and reuse of software generally.
NO WARRANTY
11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS
TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
REPAIR OR CORRECTION.
12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES.
END OF TERMS AND CONDITIONS
How to Apply These Terms to Your New Programs
If you develop a new program, and you want it to be of the greatest
possible use to the public, the best way to achieve this is to make it
free software which everyone can redistribute and change under these terms.
To do so, attach the following notices to the program. It is safest
to attach them to the start of each source file to most effectively
convey the exclusion of warranty; and each file should have at least
the "copyright" line and a pointer to where the full notice is found.
<one line to give the program's name and a brief idea of what it does.>
Copyright (C) <year> <name of author>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
Also add information on how to contact you by electronic and paper mail.
If the program is interactive, make it output a short notice like this
when it starts in an interactive mode:
Gnomovision version 69, Copyright (C) year name of author
Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
This is free software, and you are welcome to redistribute it
under certain conditions; type `show c' for details.
The hypothetical commands `show w' and `show c' should show the appropriate
parts of the General Public License. Of course, the commands you use may
be called something other than `show w' and `show c'; they could even be
mouse-clicks or menu items--whatever suits your program.
You should also get your employer (if you work as a programmer) or your
school, if any, to sign a "copyright disclaimer" for the program, if
necessary. Here is a sample; alter the names:
Yoyodyne, Inc., hereby disclaims all copyright interest in the program
`Gnomovision' (which makes passes at compilers) written by James Hacker.
<signature of Ty Coon>, 1 April 1989
Ty Coon, President of Vice
This General Public License does not permit incorporating your program into
proprietary programs. If your program is a subroutine library, you may
consider it more useful to permit linking proprietary applications with the
library. If this is what you want to do, use the GNU Lesser General
Public License instead of this License.

1
Externals/polarssl/include/.gitignore vendored
View File

@ -1 +0,0 @@
Makefile

257
Externals/polarssl/include/polarssl/aes.h vendored
View File

@ -1,257 +0,0 @@
/**
* \file aes.h
*
* \brief AES block cipher
*
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_AES_H
#define POLARSSL_AES_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include <string.h>
#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32)
#include <basetsd.h>
typedef UINT32 uint32_t;
#else
#include <inttypes.h>
#endif
/* padlock.c and aesni.c rely on these values! */
#define AES_ENCRYPT 1
#define AES_DECRYPT 0
#define POLARSSL_ERR_AES_INVALID_KEY_LENGTH -0x0020 /**< Invalid key length. */
#define POLARSSL_ERR_AES_INVALID_INPUT_LENGTH -0x0022 /**< Invalid data input length. */
#if !defined(POLARSSL_AES_ALT)
// Regular implementation
//
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief AES context structure
*
* \note buf is able to hold 32 extra bytes, which can be used:
* - for alignment purposes if VIA padlock is used, and/or
* - to simplify key expansion in the 256-bit case by
* generating an extra round key
*/
typedef struct
{
int nr; /*!< number of rounds */
uint32_t *rk; /*!< AES round keys */
uint32_t buf[68]; /*!< unaligned data */
}
aes_context;
/**
* \brief Initialize AES context
*
* \param ctx AES context to be initialized
*/
void aes_init( aes_context *ctx );
/**
* \brief Clear AES context
*
* \param ctx AES context to be cleared
*/
void aes_free( aes_context *ctx );
/**
* \brief AES key schedule (encryption)
*
* \param ctx AES context to be initialized
* \param key encryption key
* \param keysize must be 128, 192 or 256
*
* \return 0 if successful, or POLARSSL_ERR_AES_INVALID_KEY_LENGTH
*/
int aes_setkey_enc( aes_context *ctx, const unsigned char *key,
unsigned int keysize );
/**
* \brief AES key schedule (decryption)
*
* \param ctx AES context to be initialized
* \param key decryption key
* \param keysize must be 128, 192 or 256
*
* \return 0 if successful, or POLARSSL_ERR_AES_INVALID_KEY_LENGTH
*/
int aes_setkey_dec( aes_context *ctx, const unsigned char *key,
unsigned int keysize );
/**
* \brief AES-ECB block encryption/decryption
*
* \param ctx AES context
* \param mode AES_ENCRYPT or AES_DECRYPT
* \param input 16-byte input block
* \param output 16-byte output block
*
* \return 0 if successful
*/
int aes_crypt_ecb( aes_context *ctx,
int mode,
const unsigned char input[16],
unsigned char output[16] );
#if defined(POLARSSL_CIPHER_MODE_CBC)
/**
* \brief AES-CBC buffer encryption/decryption
* Length should be a multiple of the block
* size (16 bytes)
*
* \param ctx AES context
* \param mode AES_ENCRYPT or AES_DECRYPT
* \param length length of the input data
* \param iv initialization vector (updated after use)
* \param input buffer holding the input data
* \param output buffer holding the output data
*
* \return 0 if successful, or POLARSSL_ERR_AES_INVALID_INPUT_LENGTH
*/
int aes_crypt_cbc( aes_context *ctx,
int mode,
size_t length,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output );
#endif /* POLARSSL_CIPHER_MODE_CBC */
#if defined(POLARSSL_CIPHER_MODE_CFB)
/**
* \brief AES-CFB128 buffer encryption/decryption.
*
* Note: Due to the nature of CFB you should use the same key schedule for
* both encryption and decryption. So a context initialized with
* aes_setkey_enc() for both AES_ENCRYPT and AES_DECRYPT.
*
* \param ctx AES context
* \param mode AES_ENCRYPT or AES_DECRYPT
* \param length length of the input data
* \param iv_off offset in IV (updated after use)
* \param iv initialization vector (updated after use)
* \param input buffer holding the input data
* \param output buffer holding the output data
*
* \return 0 if successful
*/
int aes_crypt_cfb128( aes_context *ctx,
int mode,
size_t length,
size_t *iv_off,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output );
/**
* \brief AES-CFB8 buffer encryption/decryption.
*
* Note: Due to the nature of CFB you should use the same key schedule for
* both encryption and decryption. So a context initialized with
* aes_setkey_enc() for both AES_ENCRYPT and AES_DECRYPT.
*
* \param ctx AES context
* \param mode AES_ENCRYPT or AES_DECRYPT
* \param length length of the input data
* \param iv initialization vector (updated after use)
* \param input buffer holding the input data
* \param output buffer holding the output data
*
* \return 0 if successful
*/
int aes_crypt_cfb8( aes_context *ctx,
int mode,
size_t length,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output );
#endif /*POLARSSL_CIPHER_MODE_CFB */
#if defined(POLARSSL_CIPHER_MODE_CTR)
/**
* \brief AES-CTR buffer encryption/decryption
*
* Warning: You have to keep the maximum use of your counter in mind!
*
* Note: Due to the nature of CTR you should use the same key schedule for
* both encryption and decryption. So a context initialized with
* aes_setkey_enc() for both AES_ENCRYPT and AES_DECRYPT.
*
* \param ctx AES context
* \param length The length of the data
* \param nc_off The offset in the current stream_block (for resuming
* within current cipher stream). The offset pointer to
* should be 0 at the start of a stream.
* \param nonce_counter The 128-bit nonce and counter.
* \param stream_block The saved stream-block for resuming. Is overwritten
* by the function.
* \param input The input data stream
* \param output The output data stream
*
* \return 0 if successful
*/
int aes_crypt_ctr( aes_context *ctx,
size_t length,
size_t *nc_off,
unsigned char nonce_counter[16],
unsigned char stream_block[16],
const unsigned char *input,
unsigned char *output );
#endif /* POLARSSL_CIPHER_MODE_CTR */
#ifdef __cplusplus
}
#endif
#else /* POLARSSL_AES_ALT */
#include "aes_alt.h"
#endif /* POLARSSL_AES_ALT */
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
*/
int aes_self_test( int verbose );
#ifdef __cplusplus
}
#endif
#endif /* aes.h */

107
Externals/polarssl/include/polarssl/aesni.h vendored
View File

@ -1,107 +0,0 @@
/**
* \file aesni.h
*
* \brief AES-NI for hardware AES acceleration on some Intel processors
*
* Copyright (C) 2013, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_AESNI_H
#define POLARSSL_AESNI_H
#include "aes.h"
#define POLARSSL_AESNI_AES 0x02000000u
#define POLARSSL_AESNI_CLMUL 0x00000002u
#if defined(POLARSSL_HAVE_ASM) && defined(__GNUC__) && \
( defined(__amd64__) || defined(__x86_64__) ) && \
! defined(POLARSSL_HAVE_X86_64)
#define POLARSSL_HAVE_X86_64
#endif
#if defined(POLARSSL_HAVE_X86_64)
/**
* \brief AES-NI features detection routine
*
* \param what The feature to detect
* (POLARSSL_AESNI_AES or POLARSSL_AESNI_CLMUL)
*
* \return 1 if CPU has support for the feature, 0 otherwise
*/
int aesni_supports( unsigned int what );
/**
* \brief AES-NI AES-ECB block en(de)cryption
*
* \param ctx AES context
* \param mode AES_ENCRYPT or AES_DECRYPT
* \param input 16-byte input block
* \param output 16-byte output block
*
* \return 0 on success (cannot fail)
*/
int aesni_crypt_ecb( aes_context *ctx,
int mode,
const unsigned char input[16],
unsigned char output[16] );
/**
* \brief GCM multiplication: c = a * b in GF(2^128)
*
* \param c Result
* \param a First operand
* \param b Second operand
*
* \note Both operands and result are bit strings interpreted as
* elements of GF(2^128) as per the GCM spec.
*/
void aesni_gcm_mult( unsigned char c[16],
const unsigned char a[16],
const unsigned char b[16] );
/**
* \brief Compute decryption round keys from encryption round keys
*
* \param invkey Round keys for the equivalent inverse cipher
* \param fwdkey Original round keys (for encryption)
* \param nr Number of rounds (that is, number of round keys minus one)
*/
void aesni_inverse_key( unsigned char *invkey,
const unsigned char *fwdkey, int nr );
/**
* \brief Perform key expansion (for encryption)
*
* \param rk Destination buffer where the round keys are written
* \param key Encryption key
* \param bits Key size in bits (must be 128, 192 or 256)
*
* \return 0 if successful, or POLARSSL_ERR_AES_INVALID_KEY_LENGTH
*/
int aesni_setkey_enc( unsigned char *rk,
const unsigned char *key,
size_t bits );
#endif /* POLARSSL_HAVE_X86_64 */
#endif /* POLARSSL_AESNI_H */

117
Externals/polarssl/include/polarssl/arc4.h vendored
View File

@ -1,117 +0,0 @@
/**
* \file arc4.h
*
* \brief The ARCFOUR stream cipher
*
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_ARC4_H
#define POLARSSL_ARC4_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include <string.h>
#if !defined(POLARSSL_ARC4_ALT)
// Regular implementation
//
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief ARC4 context structure
*/
typedef struct
{
int x; /*!< permutation index */
int y; /*!< permutation index */
unsigned char m[256]; /*!< permutation table */
}
arc4_context;
/**
* \brief Initialize ARC4 context
*
* \param ctx ARC4 context to be initialized
*/
void arc4_init( arc4_context *ctx );
/**
* \brief Clear ARC4 context
*
* \param ctx ARC4 context to be cleared
*/
void arc4_free( arc4_context *ctx );
/**
* \brief ARC4 key schedule
*
* \param ctx ARC4 context to be setup
* \param key the secret key
* \param keylen length of the key, in bytes
*/
void arc4_setup( arc4_context *ctx, const unsigned char *key,
unsigned int keylen );
/**
* \brief ARC4 cipher function
*
* \param ctx ARC4 context
* \param length length of the input data
* \param input buffer holding the input data
* \param output buffer for the output data
*
* \return 0 if successful
*/
int arc4_crypt( arc4_context *ctx, size_t length, const unsigned char *input,
unsigned char *output );
#ifdef __cplusplus
}
#endif
#else /* POLARSSL_ARC4_ALT */
#include "arc4_alt.h"
#endif /* POLARSSL_ARC4_ALT */
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
*/
int arc4_self_test( int verbose );
#ifdef __cplusplus
}
#endif
#endif /* arc4.h */

347
Externals/polarssl/include/polarssl/asn1.h vendored
View File

@ -1,347 +0,0 @@
/**
* \file asn1.h
*
* \brief Generic ASN.1 parsing
*
* Copyright (C) 2006-2013, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_ASN1_H
#define POLARSSL_ASN1_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#if defined(POLARSSL_BIGNUM_C)
#include "bignum.h"
#endif
#include <string.h>
/**
* \addtogroup asn1_module
* \{
*/
/**
* \name ASN1 Error codes
* These error codes are OR'ed to X509 error codes for
* higher error granularity.
* ASN1 is a standard to specify data structures.
* \{
*/
#define POLARSSL_ERR_ASN1_OUT_OF_DATA -0x0060 /**< Out of data when parsing an ASN1 data structure. */
#define POLARSSL_ERR_ASN1_UNEXPECTED_TAG -0x0062 /**< ASN1 tag was of an unexpected value. */
#define POLARSSL_ERR_ASN1_INVALID_LENGTH -0x0064 /**< Error when trying to determine the length or invalid length. */
#define POLARSSL_ERR_ASN1_LENGTH_MISMATCH -0x0066 /**< Actual length differs from expected length. */
#define POLARSSL_ERR_ASN1_INVALID_DATA -0x0068 /**< Data is invalid. (not used) */
#define POLARSSL_ERR_ASN1_MALLOC_FAILED -0x006A /**< Memory allocation failed */
#define POLARSSL_ERR_ASN1_BUF_TOO_SMALL -0x006C /**< Buffer too small when writing ASN.1 data structure. */
/* \} name */
/**
* \name DER constants
* These constants comply with DER encoded the ANS1 type tags.
* DER encoding uses hexadecimal representation.
* An example DER sequence is:\n
* - 0x02 -- tag indicating INTEGER
* - 0x01 -- length in octets
* - 0x05 -- value
* Such sequences are typically read into \c ::x509_buf.
* \{
*/
#define ASN1_BOOLEAN 0x01
#define ASN1_INTEGER 0x02
#define ASN1_BIT_STRING 0x03
#define ASN1_OCTET_STRING 0x04
#define ASN1_NULL 0x05
#define ASN1_OID 0x06
#define ASN1_UTF8_STRING 0x0C
#define ASN1_SEQUENCE 0x10
#define ASN1_SET 0x11
#define ASN1_PRINTABLE_STRING 0x13
#define ASN1_T61_STRING 0x14
#define ASN1_IA5_STRING 0x16
#define ASN1_UTC_TIME 0x17
#define ASN1_GENERALIZED_TIME 0x18
#define ASN1_UNIVERSAL_STRING 0x1C
#define ASN1_BMP_STRING 0x1E
#define ASN1_PRIMITIVE 0x00
#define ASN1_CONSTRUCTED 0x20
#define ASN1_CONTEXT_SPECIFIC 0x80
/* \} name */
/* \} addtogroup asn1_module */
/** Returns the size of the binary string, without the trailing \\0 */
#define OID_SIZE(x) (sizeof(x) - 1)
/**
* Compares an asn1_buf structure to a reference OID.
*
* Only works for 'defined' oid_str values (OID_HMAC_SHA1), you cannot use a
* 'unsigned char *oid' here!
*
* Warning: returns true when the OIDs are equal (unlike memcmp)!
*/
#define OID_CMP(oid_str, oid_buf) \
( ( OID_SIZE(oid_str) == (oid_buf)->len ) && \
memcmp( (oid_str), (oid_buf)->p, (oid_buf)->len) == 0 )
#ifdef __cplusplus
extern "C" {
#endif
/**
* \name Functions to parse ASN.1 data structures
* \{
*/
/**
* Type-length-value structure that allows for ASN1 using DER.
*/
typedef struct _asn1_buf
{
int tag; /**< ASN1 type, e.g. ASN1_UTF8_STRING. */
size_t len; /**< ASN1 length, e.g. in octets. */
unsigned char *p; /**< ASN1 data, e.g. in ASCII. */
}
asn1_buf;
/**
* Container for ASN1 bit strings.
*/
typedef struct _asn1_bitstring
{
size_t len; /**< ASN1 length, e.g. in octets. */
unsigned char unused_bits; /**< Number of unused bits at the end of the string */
unsigned char *p; /**< Raw ASN1 data for the bit string */
}
asn1_bitstring;
/**
* Container for a sequence of ASN.1 items
*/
typedef struct _asn1_sequence
{
asn1_buf buf; /**< Buffer containing the given ASN.1 item. */
struct _asn1_sequence *next; /**< The next entry in the sequence. */
}
asn1_sequence;
/**
* Container for a sequence or list of 'named' ASN.1 data items
*/
typedef struct _asn1_named_data
{
asn1_buf oid; /**< The object identifier. */
asn1_buf val; /**< The named value. */
struct _asn1_named_data *next; /**< The next entry in the sequence. */
}
asn1_named_data;
/**
* \brief Get the length of an ASN.1 element.
* Updates the pointer to immediately behind the length.
*
* \param p The position in the ASN.1 data
* \param end End of data
* \param len The variable that will receive the value
*
* \return 0 if successful, POLARSSL_ERR_ASN1_OUT_OF_DATA on reaching
* end of data, POLARSSL_ERR_ASN1_INVALID_LENGTH if length is
* unparseable.
*/
int asn1_get_len( unsigned char **p,
const unsigned char *end,
size_t *len );
/**
* \brief Get the tag and length of the tag. Check for the requested tag.
* Updates the pointer to immediately behind the tag and length.
*
* \param p The position in the ASN.1 data
* \param end End of data
* \param len The variable that will receive the length
* \param tag The expected tag
*
* \return 0 if successful, POLARSSL_ERR_ASN1_UNEXPECTED_TAG if tag did
* not match requested tag, or another specific ASN.1 error code.
*/
int asn1_get_tag( unsigned char **p,
const unsigned char *end,
size_t *len, int tag );
/**
* \brief Retrieve a boolean ASN.1 tag and its value.
* Updates the pointer to immediately behind the full tag.
*
* \param p The position in the ASN.1 data
* \param end End of data
* \param val The variable that will receive the value
*
* \return 0 if successful or a specific ASN.1 error code.
*/
int asn1_get_bool( unsigned char **p,
const unsigned char *end,
int *val );
/**
* \brief Retrieve an integer ASN.1 tag and its value.
* Updates the pointer to immediately behind the full tag.
*
* \param p The position in the ASN.1 data
* \param end End of data
* \param val The variable that will receive the value
*
* \return 0 if successful or a specific ASN.1 error code.
*/
int asn1_get_int( unsigned char **p,
const unsigned char *end,
int *val );
/**
* \brief Retrieve a bitstring ASN.1 tag and its value.
* Updates the pointer to immediately behind the full tag.
*
* \param p The position in the ASN.1 data
* \param end End of data
* \param bs The variable that will receive the value
*
* \return 0 if successful or a specific ASN.1 error code.
*/
int asn1_get_bitstring( unsigned char **p, const unsigned char *end,
asn1_bitstring *bs);
/**
* \brief Retrieve a bitstring ASN.1 tag without unused bits and its
* value.
* Updates the pointer to the beginning of the bit/octet string.
*
* \param p The position in the ASN.1 data
* \param end End of data
* \param len Length of the actual bit/octect string in bytes
*
* \return 0 if successful or a specific ASN.1 error code.
*/
int asn1_get_bitstring_null( unsigned char **p, const unsigned char *end,
size_t *len );
/**
* \brief Parses and splits an ASN.1 "SEQUENCE OF <tag>"
* Updated the pointer to immediately behind the full sequence tag.
*
* \param p The position in the ASN.1 data
* \param end End of data
* \param cur First variable in the chain to fill
* \param tag Type of sequence
*
* \return 0 if successful or a specific ASN.1 error code.
*/
int asn1_get_sequence_of( unsigned char **p,
const unsigned char *end,
asn1_sequence *cur,
int tag);
#if defined(POLARSSL_BIGNUM_C)
/**
* \brief Retrieve a MPI value from an integer ASN.1 tag.
* Updates the pointer to immediately behind the full tag.
*
* \param p The position in the ASN.1 data
* \param end End of data
* \param X The MPI that will receive the value
*
* \return 0 if successful or a specific ASN.1 or MPI error code.
*/
int asn1_get_mpi( unsigned char **p,
const unsigned char *end,
mpi *X );
#endif /* POLARSSL_BIGNUM_C */
/**
* \brief Retrieve an AlgorithmIdentifier ASN.1 sequence.
* Updates the pointer to immediately behind the full
* AlgorithmIdentifier.
*
* \param p The position in the ASN.1 data
* \param end End of data
* \param alg The buffer to receive the OID
* \param params The buffer to receive the params (if any)
*
* \return 0 if successful or a specific ASN.1 or MPI error code.
*/
int asn1_get_alg( unsigned char **p,
const unsigned char *end,
asn1_buf *alg, asn1_buf *params );
/**
* \brief Retrieve an AlgorithmIdentifier ASN.1 sequence with NULL or no
* params.
* Updates the pointer to immediately behind the full
* AlgorithmIdentifier.
*
* \param p The position in the ASN.1 data
* \param end End of data
* \param alg The buffer to receive the OID
*
* \return 0 if successful or a specific ASN.1 or MPI error code.
*/
int asn1_get_alg_null( unsigned char **p,
const unsigned char *end,
asn1_buf *alg );
/**
* \brief Find a specific named_data entry in a sequence or list based on
* the OID.
*
* \param list The list to seek through
* \param oid The OID to look for
* \param len Size of the OID
*
* \return NULL if not found, or a pointer to the existing entry.
*/
asn1_named_data *asn1_find_named_data( asn1_named_data *list,
const char *oid, size_t len );
/**
* \brief Free a asn1_named_data entry
*
* \param entry The named data entry to free
*/
void asn1_free_named_data( asn1_named_data *entry );
/**
* \brief Free all entries in a asn1_named_data list
* Head will be set to NULL
*
* \param head Pointer to the head of the list of named data entries to free
*/
void asn1_free_named_data_list( asn1_named_data **head );
#ifdef __cplusplus
}
#endif
#endif /* asn1.h */

243
Externals/polarssl/include/polarssl/asn1write.h vendored
View File

@ -1,243 +0,0 @@
/**
* \file asn1write.h
*
* \brief ASN.1 buffer writing functionality
*
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_ASN1_WRITE_H
#define POLARSSL_ASN1_WRITE_H
#include "asn1.h"
#define ASN1_CHK_ADD(g, f) do { if( ( ret = f ) < 0 ) return( ret ); else \
g += ret; } while( 0 )
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief Write a length field in ASN.1 format
* Note: function works backwards in data buffer
*
* \param p reference to current position pointer
* \param start start of the buffer (for bounds-checking)
* \param len the length to write
*
* \return the length written or a negative error code
*/
int asn1_write_len( unsigned char **p, unsigned char *start, size_t len );
/**
* \brief Write a ASN.1 tag in ASN.1 format
* Note: function works backwards in data buffer
*
* \param p reference to current position pointer
* \param start start of the buffer (for bounds-checking)
* \param tag the tag to write
*
* \return the length written or a negative error code
*/
int asn1_write_tag( unsigned char **p, unsigned char *start,
unsigned char tag );
/**
* \brief Write raw buffer data
* Note: function works backwards in data buffer
*
* \param p reference to current position pointer
* \param start start of the buffer (for bounds-checking)
* \param buf data buffer to write
* \param size length of the data buffer
*
* \return the length written or a negative error code
*/
int asn1_write_raw_buffer( unsigned char **p, unsigned char *start,
const unsigned char *buf, size_t size );
#if defined(POLARSSL_BIGNUM_C)
/**
* \brief Write a big number (ASN1_INTEGER) in ASN.1 format
* Note: function works backwards in data buffer
*
* \param p reference to current position pointer
* \param start start of the buffer (for bounds-checking)
* \param X the MPI to write
*
* \return the length written or a negative error code
*/
int asn1_write_mpi( unsigned char **p, unsigned char *start, mpi *X );
#endif /* POLARSSL_BIGNUM_C */
/**
* \brief Write a NULL tag (ASN1_NULL) with zero data in ASN.1 format
* Note: function works backwards in data buffer
*
* \param p reference to current position pointer
* \param start start of the buffer (for bounds-checking)
*
* \return the length written or a negative error code
*/
int asn1_write_null( unsigned char **p, unsigned char *start );
/**
* \brief Write an OID tag (ASN1_OID) and data in ASN.1 format
* Note: function works backwards in data buffer
*
* \param p reference to current position pointer
* \param start start of the buffer (for bounds-checking)
* \param oid the OID to write
* \param oid_len length of the OID
*
* \return the length written or a negative error code
*/
int asn1_write_oid( unsigned char **p, unsigned char *start,
const char *oid, size_t oid_len );
/**
* \brief Write an AlgorithmIdentifier sequence in ASN.1 format
* Note: function works backwards in data buffer
*
* \param p reference to current position pointer
* \param start start of the buffer (for bounds-checking)
* \param oid the OID of the algorithm
* \param oid_len length of the OID
* \param par_len length of parameters, which must be already written.
* If 0, NULL parameters are added
*
* \return the length written or a negative error code
*/
int asn1_write_algorithm_identifier( unsigned char **p, unsigned char *start,
const char *oid, size_t oid_len,
size_t par_len );
/**
* \brief Write a boolean tag (ASN1_BOOLEAN) and value in ASN.1 format
* Note: function works backwards in data buffer
*
* \param p reference to current position pointer
* \param start start of the buffer (for bounds-checking)
* \param boolean 0 or 1
*
* \return the length written or a negative error code
*/
int asn1_write_bool( unsigned char **p, unsigned char *start, int boolean );
/**
* \brief Write an int tag (ASN1_INTEGER) and value in ASN.1 format
* Note: function works backwards in data buffer
*
* \param p reference to current position pointer
* \param start start of the buffer (for bounds-checking)
* \param val the integer value
*
* \return the length written or a negative error code
*/
int asn1_write_int( unsigned char **p, unsigned char *start, int val );
/**
* \brief Write a printable string tag (ASN1_PRINTABLE_STRING) and
* value in ASN.1 format
* Note: function works backwards in data buffer
*
* \param p reference to current position pointer
* \param start start of the buffer (for bounds-checking)
* \param text the text to write
* \param text_len length of the text
*
* \return the length written or a negative error code
*/
int asn1_write_printable_string( unsigned char **p, unsigned char *start,
const char *text, size_t text_len );
/**
* \brief Write an IA5 string tag (ASN1_IA5_STRING) and
* value in ASN.1 format
* Note: function works backwards in data buffer
*
* \param p reference to current position pointer
* \param start start of the buffer (for bounds-checking)
* \param text the text to write
* \param text_len length of the text
*
* \return the length written or a negative error code
*/
int asn1_write_ia5_string( unsigned char **p, unsigned char *start,
const char *text, size_t text_len );
/**
* \brief Write a bitstring tag (ASN1_BIT_STRING) and
* value in ASN.1 format
* Note: function works backwards in data buffer
*
* \param p reference to current position pointer
* \param start start of the buffer (for bounds-checking)
* \param buf the bitstring
* \param bits the total number of bits in the bitstring
*
* \return the length written or a negative error code
*/
int asn1_write_bitstring( unsigned char **p, unsigned char *start,
const unsigned char *buf, size_t bits );
/**
* \brief Write an octet string tag (ASN1_OCTET_STRING) and
* value in ASN.1 format
* Note: function works backwards in data buffer
*
* \param p reference to current position pointer
* \param start start of the buffer (for bounds-checking)
* \param buf data buffer to write
* \param size length of the data buffer
*
* \return the length written or a negative error code
*/
int asn1_write_octet_string( unsigned char **p, unsigned char *start,
const unsigned char *buf, size_t size );
/**
* \brief Create or find a specific named_data entry for writing in a
* sequence or list based on the OID. If not already in there,
* a new entry is added to the head of the list.
* Warning: Destructive behaviour for the val data!
*
* \param list Pointer to the location of the head of the list to seek
* through (will be updated in case of a new entry)
* \param oid The OID to look for
* \param oid_len Size of the OID
* \param val Data to store (can be NULL if you want to fill it by hand)
* \param val_len Minimum length of the data buffer needed
*
* \return NULL if if there was a memory allocation error, or a pointer
* to the new / existing entry.
*/
asn1_named_data *asn1_store_named_data( asn1_named_data **list,
const char *oid, size_t oid_len,
const unsigned char *val,
size_t val_len );
#ifdef __cplusplus
}
#endif
#endif /* POLARSSL_ASN1_WRITE_H */

87
Externals/polarssl/include/polarssl/base64.h vendored
View File

@ -1,87 +0,0 @@
/**
* \file base64.h
*
* \brief RFC 1521 base64 encoding/decoding
*
* Copyright (C) 2006-2013, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_BASE64_H
#define POLARSSL_BASE64_H
#include <string.h>
#define POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL -0x002A /**< Output buffer too small. */
#define POLARSSL_ERR_BASE64_INVALID_CHARACTER -0x002C /**< Invalid character in input. */
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief Encode a buffer into base64 format
*
* \param dst destination buffer
* \param dlen size of the buffer
* \param src source buffer
* \param slen amount of data to be encoded
*
* \return 0 if successful, or POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL.
* *dlen is always updated to reflect the amount
* of data that has (or would have) been written.
*
* \note Call this function with *dlen = 0 to obtain the
* required buffer size in *dlen
*/
int base64_encode( unsigned char *dst, size_t *dlen,
const unsigned char *src, size_t slen );
/**
* \brief Decode a base64-formatted buffer
*
* \param dst destination buffer (can be NULL for checking size)
* \param dlen size of the buffer
* \param src source buffer
* \param slen amount of data to be decoded
*
* \return 0 if successful, POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL, or
* POLARSSL_ERR_BASE64_INVALID_CHARACTER if the input data is
* not correct. *dlen is always updated to reflect the amount
* of data that has (or would have) been written.
*
* \note Call this function with *dst = NULL or *dlen = 0 to obtain
* the required buffer size in *dlen
*/
int base64_decode( unsigned char *dst, size_t *dlen,
const unsigned char *src, size_t slen );
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
*/
int base64_self_test( int verbose );
#ifdef __cplusplus
}
#endif
#endif /* base64.h */

752
Externals/polarssl/include/polarssl/bignum.h vendored
View File

@ -1,752 +0,0 @@
/**
* \file bignum.h
*
* \brief Multi-precision integer library
*
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_BIGNUM_H
#define POLARSSL_BIGNUM_H
#include <stdio.h>
#include <string.h>
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32)
#include <basetsd.h>
#if (_MSC_VER <= 1200)
typedef signed short int16_t;
typedef unsigned short uint16_t;
#else
typedef INT16 int16_t;
typedef UINT16 uint16_t;
#endif
typedef INT32 int32_t;
typedef INT64 int64_t;
typedef UINT32 uint32_t;
typedef UINT64 uint64_t;
#else
#include <inttypes.h>
#endif /* _MSC_VER && !EFIX64 && !EFI32 */
#define POLARSSL_ERR_MPI_FILE_IO_ERROR -0x0002 /**< An error occurred while reading from or writing to a file. */
#define POLARSSL_ERR_MPI_BAD_INPUT_DATA -0x0004 /**< Bad input parameters to function. */
#define POLARSSL_ERR_MPI_INVALID_CHARACTER -0x0006 /**< There is an invalid character in the digit string. */
#define POLARSSL_ERR_MPI_BUFFER_TOO_SMALL -0x0008 /**< The buffer is too small to write to. */
#define POLARSSL_ERR_MPI_NEGATIVE_VALUE -0x000A /**< The input arguments are negative or result in illegal output. */
#define POLARSSL_ERR_MPI_DIVISION_BY_ZERO -0x000C /**< The input argument for division is zero, which is not allowed. */
#define POLARSSL_ERR_MPI_NOT_ACCEPTABLE -0x000E /**< The input arguments are not acceptable. */
#define POLARSSL_ERR_MPI_MALLOC_FAILED -0x0010 /**< Memory allocation failed. */
#define MPI_CHK(f) do { if( ( ret = f ) != 0 ) goto cleanup; } while( 0 )
/*
* Maximum size MPIs are allowed to grow to in number of limbs.
*/
#define POLARSSL_MPI_MAX_LIMBS 10000
#if !defined(POLARSSL_MPI_WINDOW_SIZE)
/*
* Maximum window size used for modular exponentiation. Default: 6
* Minimum value: 1. Maximum value: 6.
*
* Result is an array of ( 2 << POLARSSL_MPI_WINDOW_SIZE ) MPIs used
* for the sliding window calculation. (So 64 by default)
*
* Reduction in size, reduces speed.
*/
#define POLARSSL_MPI_WINDOW_SIZE 6 /**< Maximum windows size used. */
#endif /* !POLARSSL_MPI_WINDOW_SIZE */
#if !defined(POLARSSL_MPI_MAX_SIZE)
/*
* Maximum size of MPIs allowed in bits and bytes for user-MPIs.
* ( Default: 512 bytes => 4096 bits, Maximum tested: 2048 bytes => 16384 bits )
*
* Note: Calculations can results temporarily in larger MPIs. So the number
* of limbs required (POLARSSL_MPI_MAX_LIMBS) is higher.
*/
#define POLARSSL_MPI_MAX_SIZE 512 /**< Maximum number of bytes for usable MPIs. */
#endif /* !POLARSSL_MPI_MAX_SIZE */
#define POLARSSL_MPI_MAX_BITS ( 8 * POLARSSL_MPI_MAX_SIZE ) /**< Maximum number of bits for usable MPIs. */
/*
* When reading from files with mpi_read_file() and writing to files with
* mpi_write_file() the buffer should have space
* for a (short) label, the MPI (in the provided radix), the newline
* characters and the '\0'.
*
* By default we assume at least a 10 char label, a minimum radix of 10
* (decimal) and a maximum of 4096 bit numbers (1234 decimal chars).
* Autosized at compile time for at least a 10 char label, a minimum radix
* of 10 (decimal) for a number of POLARSSL_MPI_MAX_BITS size.
*
* This used to be statically sized to 1250 for a maximum of 4096 bit
* numbers (1234 decimal chars).
*
* Calculate using the formula:
* POLARSSL_MPI_RW_BUFFER_SIZE = ceil(POLARSSL_MPI_MAX_BITS / ln(10) * ln(2)) +
* LabelSize + 6
*/
#define POLARSSL_MPI_MAX_BITS_SCALE100 ( 100 * POLARSSL_MPI_MAX_BITS )
#define LN_2_DIV_LN_10_SCALE100 332
#define POLARSSL_MPI_RW_BUFFER_SIZE ( ((POLARSSL_MPI_MAX_BITS_SCALE100 + LN_2_DIV_LN_10_SCALE100 - 1) / LN_2_DIV_LN_10_SCALE100) + 10 + 6 )
/*
* Define the base integer type, architecture-wise
*/
#if defined(POLARSSL_HAVE_INT8)
typedef signed char t_sint;
typedef unsigned char t_uint;
typedef uint16_t t_udbl;
#define POLARSSL_HAVE_UDBL
#else
#if defined(POLARSSL_HAVE_INT16)
typedef int16_t t_sint;
typedef uint16_t t_uint;
typedef uint32_t t_udbl;
#define POLARSSL_HAVE_UDBL
#else
/*
* 32-bit integers can be forced on 64-bit arches (eg. for testing purposes)
* by defining POLARSSL_HAVE_INT32 and undefining POLARSSL_HAVE_ASM
*/
#if ( ! defined(POLARSSL_HAVE_INT32) && \
defined(_MSC_VER) && defined(_M_AMD64) )
#define POLARSSL_HAVE_INT64
typedef int64_t t_sint;
typedef uint64_t t_uint;
#else
#if ( ! defined(POLARSSL_HAVE_INT32) && \
defined(__GNUC__) && ( \
defined(__amd64__) || defined(__x86_64__) || \
defined(__ppc64__) || defined(__powerpc64__) || \
defined(__ia64__) || defined(__alpha__) || \
(defined(__sparc__) && defined(__arch64__)) || \
defined(__s390x__) ) )
#define POLARSSL_HAVE_INT64
typedef int64_t t_sint;
typedef uint64_t t_uint;
typedef unsigned int t_udbl __attribute__((mode(TI)));
#define POLARSSL_HAVE_UDBL
#else
#define POLARSSL_HAVE_INT32
typedef int32_t t_sint;
typedef uint32_t t_uint;
#if ( defined(_MSC_VER) && defined(_M_IX86) )
typedef uint64_t t_udbl;
#define POLARSSL_HAVE_UDBL
#else
#if defined( POLARSSL_HAVE_LONGLONG )
typedef unsigned long long t_udbl;
#define POLARSSL_HAVE_UDBL
#endif
#endif
#endif /* !POLARSSL_HAVE_INT32 && __GNUC__ && 64-bit platform */
#endif /* !POLARSSL_HAVE_INT32 && _MSC_VER && _M_AMD64 */
#endif /* POLARSSL_HAVE_INT16 */
#endif /* POLARSSL_HAVE_INT8 */
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief MPI structure
*/
typedef struct
{
int s; /*!< integer sign */
size_t n; /*!< total # of limbs */
t_uint *p; /*!< pointer to limbs */
}
mpi;
/**
* \brief Initialize one MPI
*
* \param X One MPI to initialize.
*/
void mpi_init( mpi *X );
/**
* \brief Unallocate one MPI
*
* \param X One MPI to unallocate.
*/
void mpi_free( mpi *X );
/**
* \brief Enlarge to the specified number of limbs
*
* \param X MPI to grow
* \param nblimbs The target number of limbs
*
* \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed
*/
int mpi_grow( mpi *X, size_t nblimbs );
/**
* \brief Resize down, keeping at least the specified number of limbs
*
* \param X MPI to shrink
* \param nblimbs The minimum number of limbs to keep
*
* \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed
*/
int mpi_shrink( mpi *X, size_t nblimbs );
/**
* \brief Copy the contents of Y into X
*
* \param X Destination MPI
* \param Y Source MPI
*
* \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed
*/
int mpi_copy( mpi *X, const mpi *Y );
/**
* \brief Swap the contents of X and Y
*
* \param X First MPI value
* \param Y Second MPI value
*/
void mpi_swap( mpi *X, mpi *Y );
/**
* \brief Safe conditional assignement X = Y if assign is 1
*
* \param X MPI to conditionally assign to
* \param Y Value to be assigned
* \param assign 1: perform the assignment, 0: keep X's original value
*
* \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed,
*
* \note This function is equivalent to
* if( assign ) mpi_copy( X, Y );
* except that it avoids leaking any information about whether
* the assignment was done or not (the above code may leak
* information through branch prediction and/or memory access
* patterns analysis).
*/
int mpi_safe_cond_assign( mpi *X, const mpi *Y, unsigned char assign );
/**
* \brief Safe conditional swap X <-> Y if swap is 1
*
* \param X First mpi value
* \param Y Second mpi value
* \param assign 1: perform the swap, 0: keep X and Y's original values
*
* \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed,
*
* \note This function is equivalent to
* if( assign ) mpi_swap( X, Y );
* except that it avoids leaking any information about whether
* the assignment was done or not (the above code may leak
* information through branch prediction and/or memory access
* patterns analysis).
*/
int mpi_safe_cond_swap( mpi *X, mpi *Y, unsigned char assign );
/**
* \brief Set value from integer
*
* \param X MPI to set
* \param z Value to use
*
* \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed
*/
int mpi_lset( mpi *X, t_sint z );
/**
* \brief Get a specific bit from X
*
* \param X MPI to use
* \param pos Zero-based index of the bit in X
*
* \return Either a 0 or a 1
*/
int mpi_get_bit( const mpi *X, size_t pos );
/**
* \brief Set a bit of X to a specific value of 0 or 1
*
* \note Will grow X if necessary to set a bit to 1 in a not yet
* existing limb. Will not grow if bit should be set to 0
*
* \param X MPI to use
* \param pos Zero-based index of the bit in X
* \param val The value to set the bit to (0 or 1)
*
* \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed,
* POLARSSL_ERR_MPI_BAD_INPUT_DATA if val is not 0 or 1
*/
int mpi_set_bit( mpi *X, size_t pos, unsigned char val );
/**
* \brief Return the number of zero-bits before the least significant
* '1' bit
*
* Note: Thus also the zero-based index of the least significant '1' bit
*
* \param X MPI to use
*/
size_t mpi_lsb( const mpi *X );
/**
* \brief Return the number of bits up to and including the most
* significant '1' bit'
*
* Note: Thus also the one-based index of the most significant '1' bit
*
* \param X MPI to use
*/
size_t mpi_msb( const mpi *X );
/**
* \brief Return the total size in bytes
*
* \param X MPI to use
*/
size_t mpi_size( const mpi *X );
/**
* \brief Import from an ASCII string
*
* \param X Destination MPI
* \param radix Input numeric base
* \param s Null-terminated string buffer
*
* \return 0 if successful, or a POLARSSL_ERR_MPI_XXX error code
*/
int mpi_read_string( mpi *X, int radix, const char *s );
/**
* \brief Export into an ASCII string
*
* \param X Source MPI
* \param radix Output numeric base
* \param s String buffer
* \param slen String buffer size
*
* \return 0 if successful, or a POLARSSL_ERR_MPI_XXX error code.
* *slen is always updated to reflect the amount
* of data that has (or would have) been written.
*
* \note Call this function with *slen = 0 to obtain the
* minimum required buffer size in *slen.
*/
int mpi_write_string( const mpi *X, int radix, char *s, size_t *slen );
#if defined(POLARSSL_FS_IO)
/**
* \brief Read X from an opened file
*
* \param X Destination MPI
* \param radix Input numeric base
* \param fin Input file handle
*
* \return 0 if successful, POLARSSL_ERR_MPI_BUFFER_TOO_SMALL if
* the file read buffer is too small or a
* POLARSSL_ERR_MPI_XXX error code
*/
int mpi_read_file( mpi *X, int radix, FILE *fin );
/**
* \brief Write X into an opened file, or stdout if fout is NULL
*
* \param p Prefix, can be NULL
* \param X Source MPI
* \param radix Output numeric base
* \param fout Output file handle (can be NULL)
*
* \return 0 if successful, or a POLARSSL_ERR_MPI_XXX error code
*
* \note Set fout == NULL to print X on the console.
*/
int mpi_write_file( const char *p, const mpi *X, int radix, FILE *fout );
#endif /* POLARSSL_FS_IO */
/**
* \brief Import X from unsigned binary data, big endian
*
* \param X Destination MPI
* \param buf Input buffer
* \param buflen Input buffer size
*
* \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed
*/
int mpi_read_binary( mpi *X, const unsigned char *buf, size_t buflen );
/**
* \brief Export X into unsigned binary data, big endian.
* Always fills the whole buffer, which will start with zeros
* if the number is smaller.
*
* \param X Source MPI
* \param buf Output buffer
* \param buflen Output buffer size
*
* \return 0 if successful,
* POLARSSL_ERR_MPI_BUFFER_TOO_SMALL if buf isn't large enough
*/
int mpi_write_binary( const mpi *X, unsigned char *buf, size_t buflen );
/**
* \brief Left-shift: X <<= count
*
* \param X MPI to shift
* \param count Amount to shift
*
* \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed
*/
int mpi_shift_l( mpi *X, size_t count );
/**
* \brief Right-shift: X >>= count
*
* \param X MPI to shift
* \param count Amount to shift
*
* \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed
*/
int mpi_shift_r( mpi *X, size_t count );
/**
* \brief Compare unsigned values
*
* \param X Left-hand MPI
* \param Y Right-hand MPI
*
* \return 1 if |X| is greater than |Y|,
* -1 if |X| is lesser than |Y| or
* 0 if |X| is equal to |Y|
*/
int mpi_cmp_abs( const mpi *X, const mpi *Y );
/**
* \brief Compare signed values
*
* \param X Left-hand MPI
* \param Y Right-hand MPI
*
* \return 1 if X is greater than Y,
* -1 if X is lesser than Y or
* 0 if X is equal to Y
*/
int mpi_cmp_mpi( const mpi *X, const mpi *Y );
/**
* \brief Compare signed values
*
* \param X Left-hand MPI
* \param z The integer value to compare to
*
* \return 1 if X is greater than z,
* -1 if X is lesser than z or
* 0 if X is equal to z
*/
int mpi_cmp_int( const mpi *X, t_sint z );
/**
* \brief Unsigned addition: X = |A| + |B|
*
* \param X Destination MPI
* \param A Left-hand MPI
* \param B Right-hand MPI
*
* \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed
*/
int mpi_add_abs( mpi *X, const mpi *A, const mpi *B );
/**
* \brief Unsigned subtraction: X = |A| - |B|
*
* \param X Destination MPI
* \param A Left-hand MPI
* \param B Right-hand MPI
*
* \return 0 if successful,
* POLARSSL_ERR_MPI_NEGATIVE_VALUE if B is greater than A
*/
int mpi_sub_abs( mpi *X, const mpi *A, const mpi *B );
/**
* \brief Signed addition: X = A + B
*
* \param X Destination MPI
* \param A Left-hand MPI
* \param B Right-hand MPI
*
* \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed
*/
int mpi_add_mpi( mpi *X, const mpi *A, const mpi *B );
/**
* \brief Signed subtraction: X = A - B
*
* \param X Destination MPI
* \param A Left-hand MPI
* \param B Right-hand MPI
*
* \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed
*/
int mpi_sub_mpi( mpi *X, const mpi *A, const mpi *B );
/**
* \brief Signed addition: X = A + b
*
* \param X Destination MPI
* \param A Left-hand MPI
* \param b The integer value to add
*
* \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed
*/
int mpi_add_int( mpi *X, const mpi *A, t_sint b );
/**
* \brief Signed subtraction: X = A - b
*
* \param X Destination MPI
* \param A Left-hand MPI
* \param b The integer value to subtract
*
* \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed
*/
int mpi_sub_int( mpi *X, const mpi *A, t_sint b );
/**
* \brief Baseline multiplication: X = A * B
*
* \param X Destination MPI
* \param A Left-hand MPI
* \param B Right-hand MPI
*
* \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed
*/
int mpi_mul_mpi( mpi *X, const mpi *A, const mpi *B );
/**
* \brief Baseline multiplication: X = A * b
* Note: despite the functon signature, b is treated as a
* t_uint. Negative values of b are treated as large positive
* values.
*
* \param X Destination MPI
* \param A Left-hand MPI
* \param b The integer value to multiply with
*
* \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed
*/
int mpi_mul_int( mpi *X, const mpi *A, t_sint b );
/**
* \brief Division by mpi: A = Q * B + R
*
* \param Q Destination MPI for the quotient
* \param R Destination MPI for the rest value
* \param A Left-hand MPI
* \param B Right-hand MPI
*
* \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed,
* POLARSSL_ERR_MPI_DIVISION_BY_ZERO if B == 0
*
* \note Either Q or R can be NULL.
*/
int mpi_div_mpi( mpi *Q, mpi *R, const mpi *A, const mpi *B );
/**
* \brief Division by int: A = Q * b + R
*
* \param Q Destination MPI for the quotient
* \param R Destination MPI for the rest value
* \param A Left-hand MPI
* \param b Integer to divide by
*
* \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed,
* POLARSSL_ERR_MPI_DIVISION_BY_ZERO if b == 0
*
* \note Either Q or R can be NULL.
*/
int mpi_div_int( mpi *Q, mpi *R, const mpi *A, t_sint b );
/**
* \brief Modulo: R = A mod B
*
* \param R Destination MPI for the rest value
* \param A Left-hand MPI
* \param B Right-hand MPI
*
* \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed,
* POLARSSL_ERR_MPI_DIVISION_BY_ZERO if B == 0,
* POLARSSL_ERR_MPI_NEGATIVE_VALUE if B < 0
*/
int mpi_mod_mpi( mpi *R, const mpi *A, const mpi *B );
/**
* \brief Modulo: r = A mod b
*
* \param r Destination t_uint
* \param A Left-hand MPI
* \param b Integer to divide by
*
* \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed,
* POLARSSL_ERR_MPI_DIVISION_BY_ZERO if b == 0,
* POLARSSL_ERR_MPI_NEGATIVE_VALUE if b < 0
*/
int mpi_mod_int( t_uint *r, const mpi *A, t_sint b );
/**
* \brief Sliding-window exponentiation: X = A^E mod N
*
* \param X Destination MPI
* \param A Left-hand MPI
* \param E Exponent MPI
* \param N Modular MPI
* \param _RR Speed-up MPI used for recalculations
*
* \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed,
* POLARSSL_ERR_MPI_BAD_INPUT_DATA if N is negative or even or
* if E is negative
*
* \note _RR is used to avoid re-computing R*R mod N across
* multiple calls, which speeds up things a bit. It can
* be set to NULL if the extra performance is unneeded.
*/
int mpi_exp_mod( mpi *X, const mpi *A, const mpi *E, const mpi *N, mpi *_RR );
/**
* \brief Fill an MPI X with size bytes of random
*
* \param X Destination MPI
* \param size Size in bytes
* \param f_rng RNG function
* \param p_rng RNG parameter
*
* \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed
*/
int mpi_fill_random( mpi *X, size_t size,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );
/**
* \brief Greatest common divisor: G = gcd(A, B)
*
* \param G Destination MPI
* \param A Left-hand MPI
* \param B Right-hand MPI
*
* \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed
*/
int mpi_gcd( mpi *G, const mpi *A, const mpi *B );
/**
* \brief Modular inverse: X = A^-1 mod N
*
* \param X Destination MPI
* \param A Left-hand MPI
* \param N Right-hand MPI
*
* \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed,
* POLARSSL_ERR_MPI_BAD_INPUT_DATA if N is negative or nil
POLARSSL_ERR_MPI_NOT_ACCEPTABLE if A has no inverse mod N
*/
int mpi_inv_mod( mpi *X, const mpi *A, const mpi *N );
/**
* \brief Miller-Rabin primality test
*
* \param X MPI to check
* \param f_rng RNG function
* \param p_rng RNG parameter
*
* \return 0 if successful (probably prime),
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed,
* POLARSSL_ERR_MPI_NOT_ACCEPTABLE if X is not prime
*/
int mpi_is_prime( mpi *X,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );
/**
* \brief Prime number generation
*
* \param X Destination MPI
* \param nbits Required size of X in bits
* ( 3 <= nbits <= POLARSSL_MPI_MAX_BITS )
* \param dh_flag If 1, then (X-1)/2 will be prime too
* \param f_rng RNG function
* \param p_rng RNG parameter
*
* \return 0 if successful (probably prime),
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed,
* POLARSSL_ERR_MPI_BAD_INPUT_DATA if nbits is < 3
*/
int mpi_gen_prime( mpi *X, size_t nbits, int dh_flag,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
*/
int mpi_self_test( int verbose );
#ifdef __cplusplus
}
#endif
#endif /* bignum.h */

197
Externals/polarssl/include/polarssl/blowfish.h vendored
View File

@ -1,197 +0,0 @@
/**
* \file blowfish.h
*
* \brief Blowfish block cipher
*
* Copyright (C) 2012-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_BLOWFISH_H
#define POLARSSL_BLOWFISH_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include <string.h>
#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32)
#include <basetsd.h>
typedef UINT32 uint32_t;
#else
#include <inttypes.h>
#endif
#define BLOWFISH_ENCRYPT 1
#define BLOWFISH_DECRYPT 0
#define BLOWFISH_MAX_KEY 448
#define BLOWFISH_MIN_KEY 32
#define BLOWFISH_ROUNDS 16 /**< Rounds to use. When increasing this value, make sure to extend the initialisation vectors */
#define BLOWFISH_BLOCKSIZE 8 /* Blowfish uses 64 bit blocks */
#define POLARSSL_ERR_BLOWFISH_INVALID_KEY_LENGTH -0x0016 /**< Invalid key length. */
#define POLARSSL_ERR_BLOWFISH_INVALID_INPUT_LENGTH -0x0018 /**< Invalid data input length. */
#if !defined(POLARSSL_BLOWFISH_ALT)
// Regular implementation
//
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief Blowfish context structure
*/
typedef struct
{
uint32_t P[BLOWFISH_ROUNDS + 2]; /*!< Blowfish round keys */
uint32_t S[4][256]; /*!< key dependent S-boxes */
}
blowfish_context;
/**
* \brief Initialize Blowfish context
*
* \param ctx Blowfish context to be initialized
*/
void blowfish_init( blowfish_context *ctx );
/**
* \brief Clear Blowfish context
*
* \param ctx Blowfish context to be cleared
*/
void blowfish_free( blowfish_context *ctx );
/**
* \brief Blowfish key schedule
*
* \param ctx Blowfish context to be initialized
* \param key encryption key
* \param keysize must be between 32 and 448 bits
*
* \return 0 if successful, or POLARSSL_ERR_BLOWFISH_INVALID_KEY_LENGTH
*/
int blowfish_setkey( blowfish_context *ctx, const unsigned char *key,
unsigned int keysize );
/**
* \brief Blowfish-ECB block encryption/decryption
*
* \param ctx Blowfish context
* \param mode BLOWFISH_ENCRYPT or BLOWFISH_DECRYPT
* \param input 8-byte input block
* \param output 8-byte output block
*
* \return 0 if successful
*/
int blowfish_crypt_ecb( blowfish_context *ctx,
int mode,
const unsigned char input[BLOWFISH_BLOCKSIZE],
unsigned char output[BLOWFISH_BLOCKSIZE] );
#if defined(POLARSSL_CIPHER_MODE_CBC)
/**
* \brief Blowfish-CBC buffer encryption/decryption
* Length should be a multiple of the block
* size (8 bytes)
*
* \param ctx Blowfish context
* \param mode BLOWFISH_ENCRYPT or BLOWFISH_DECRYPT
* \param length length of the input data
* \param iv initialization vector (updated after use)
* \param input buffer holding the input data
* \param output buffer holding the output data
*
* \return 0 if successful, or
* POLARSSL_ERR_BLOWFISH_INVALID_INPUT_LENGTH
*/
int blowfish_crypt_cbc( blowfish_context *ctx,
int mode,
size_t length,
unsigned char iv[BLOWFISH_BLOCKSIZE],
const unsigned char *input,
unsigned char *output );
#endif /* POLARSSL_CIPHER_MODE_CBC */
#if defined(POLARSSL_CIPHER_MODE_CFB)
/**
* \brief Blowfish CFB buffer encryption/decryption.
*
* \param ctx Blowfish context
* \param mode BLOWFISH_ENCRYPT or BLOWFISH_DECRYPT
* \param length length of the input data
* \param iv_off offset in IV (updated after use)
* \param iv initialization vector (updated after use)
* \param input buffer holding the input data
* \param output buffer holding the output data
*
* \return 0 if successful
*/
int blowfish_crypt_cfb64( blowfish_context *ctx,
int mode,
size_t length,
size_t *iv_off,
unsigned char iv[BLOWFISH_BLOCKSIZE],
const unsigned char *input,
unsigned char *output );
#endif /*POLARSSL_CIPHER_MODE_CFB */
#if defined(POLARSSL_CIPHER_MODE_CTR)
/**
* \brief Blowfish-CTR buffer encryption/decryption
*
* Warning: You have to keep the maximum use of your counter in mind!
*
* \param ctx Blowfish context
* \param length The length of the data
* \param nc_off The offset in the current stream_block (for resuming
* within current cipher stream). The offset pointer to
* should be 0 at the start of a stream.
* \param nonce_counter The 64-bit nonce and counter.
* \param stream_block The saved stream-block for resuming. Is overwritten
* by the function.
* \param input The input data stream
* \param output The output data stream
*
* \return 0 if successful
*/
int blowfish_crypt_ctr( blowfish_context *ctx,
size_t length,
size_t *nc_off,
unsigned char nonce_counter[BLOWFISH_BLOCKSIZE],
unsigned char stream_block[BLOWFISH_BLOCKSIZE],
const unsigned char *input,
unsigned char *output );
#endif /* POLARSSL_CIPHER_MODE_CTR */
#ifdef __cplusplus
}
#endif
#else /* POLARSSL_BLOWFISH_ALT */
#include "blowfish_alt.h"
#endif /* POLARSSL_BLOWFISH_ALT */
#endif /* blowfish.h */

873
Externals/polarssl/include/polarssl/bn_mul.h vendored
View File

@ -1,873 +0,0 @@
/**
* \file bn_mul.h
*
* \brief Multi-precision integer library
*
* Copyright (C) 2006-2010, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
/*
* Multiply source vector [s] with b, add result
* to destination vector [d] and set carry c.
*
* Currently supports:
*
* . IA-32 (386+) . AMD64 / EM64T
* . IA-32 (SSE2) . Motorola 68000
* . PowerPC, 32-bit . MicroBlaze
* . PowerPC, 64-bit . TriCore
* . SPARC v8 . ARM v3+
* . Alpha . MIPS32
* . C, longlong . C, generic
*/
#ifndef POLARSSL_BN_MUL_H
#define POLARSSL_BN_MUL_H
#include "bignum.h"
#if defined(POLARSSL_HAVE_ASM)
#if defined(__GNUC__)
#if defined(__i386__)
#define MULADDC_INIT \
asm( \
"movl %%ebx, %0 \n\t" \
"movl %5, %%esi \n\t" \
"movl %6, %%edi \n\t" \
"movl %7, %%ecx \n\t" \
"movl %8, %%ebx \n\t"
#define MULADDC_CORE \
"lodsl \n\t" \
"mull %%ebx \n\t" \
"addl %%ecx, %%eax \n\t" \
"adcl $0, %%edx \n\t" \
"addl (%%edi), %%eax \n\t" \
"adcl $0, %%edx \n\t" \
"movl %%edx, %%ecx \n\t" \
"stosl \n\t"
#if defined(POLARSSL_HAVE_SSE2)
#define MULADDC_HUIT \
"movd %%ecx, %%mm1 \n\t" \
"movd %%ebx, %%mm0 \n\t" \
"movd (%%edi), %%mm3 \n\t" \
"paddq %%mm3, %%mm1 \n\t" \
"movd (%%esi), %%mm2 \n\t" \
"pmuludq %%mm0, %%mm2 \n\t" \
"movd 4(%%esi), %%mm4 \n\t" \
"pmuludq %%mm0, %%mm4 \n\t" \
"movd 8(%%esi), %%mm6 \n\t" \
"pmuludq %%mm0, %%mm6 \n\t" \
"movd 12(%%esi), %%mm7 \n\t" \
"pmuludq %%mm0, %%mm7 \n\t" \
"paddq %%mm2, %%mm1 \n\t" \
"movd 4(%%edi), %%mm3 \n\t" \
"paddq %%mm4, %%mm3 \n\t" \
"movd 8(%%edi), %%mm5 \n\t" \
"paddq %%mm6, %%mm5 \n\t" \
"movd 12(%%edi), %%mm4 \n\t" \
"paddq %%mm4, %%mm7 \n\t" \
"movd %%mm1, (%%edi) \n\t" \
"movd 16(%%esi), %%mm2 \n\t" \
"pmuludq %%mm0, %%mm2 \n\t" \
"psrlq $32, %%mm1 \n\t" \
"movd 20(%%esi), %%mm4 \n\t" \
"pmuludq %%mm0, %%mm4 \n\t" \
"paddq %%mm3, %%mm1 \n\t" \
"movd 24(%%esi), %%mm6 \n\t" \
"pmuludq %%mm0, %%mm6 \n\t" \
"movd %%mm1, 4(%%edi) \n\t" \
"psrlq $32, %%mm1 \n\t" \
"movd 28(%%esi), %%mm3 \n\t" \
"pmuludq %%mm0, %%mm3 \n\t" \
"paddq %%mm5, %%mm1 \n\t" \
"movd 16(%%edi), %%mm5 \n\t" \
"paddq %%mm5, %%mm2 \n\t" \
"movd %%mm1, 8(%%edi) \n\t" \
"psrlq $32, %%mm1 \n\t" \
"paddq %%mm7, %%mm1 \n\t" \
"movd 20(%%edi), %%mm5 \n\t" \
"paddq %%mm5, %%mm4 \n\t" \
"movd %%mm1, 12(%%edi) \n\t" \
"psrlq $32, %%mm1 \n\t" \
"paddq %%mm2, %%mm1 \n\t" \
"movd 24(%%edi), %%mm5 \n\t" \
"paddq %%mm5, %%mm6 \n\t" \
"movd %%mm1, 16(%%edi) \n\t" \
"psrlq $32, %%mm1 \n\t" \
"paddq %%mm4, %%mm1 \n\t" \
"movd 28(%%edi), %%mm5 \n\t" \
"paddq %%mm5, %%mm3 \n\t" \
"movd %%mm1, 20(%%edi) \n\t" \
"psrlq $32, %%mm1 \n\t" \
"paddq %%mm6, %%mm1 \n\t" \
"movd %%mm1, 24(%%edi) \n\t" \
"psrlq $32, %%mm1 \n\t" \
"paddq %%mm3, %%mm1 \n\t" \
"movd %%mm1, 28(%%edi) \n\t" \
"addl $32, %%edi \n\t" \
"addl $32, %%esi \n\t" \
"psrlq $32, %%mm1 \n\t" \
"movd %%mm1, %%ecx \n\t"
#define MULADDC_STOP \
"emms \n\t" \
"movl %4, %%ebx \n\t" \
"movl %%ecx, %1 \n\t" \
"movl %%edi, %2 \n\t" \
"movl %%esi, %3 \n\t" \
: "=m" (t), "=m" (c), "=m" (d), "=m" (s) \
: "m" (t), "m" (s), "m" (d), "m" (c), "m" (b) \
: "eax", "ecx", "edx", "esi", "edi" \
);
#else
#define MULADDC_STOP \
"movl %4, %%ebx \n\t" \
"movl %%ecx, %1 \n\t" \
"movl %%edi, %2 \n\t" \
"movl %%esi, %3 \n\t" \
: "=m" (t), "=m" (c), "=m" (d), "=m" (s) \
: "m" (t), "m" (s), "m" (d), "m" (c), "m" (b) \
: "eax", "ecx", "edx", "esi", "edi" \
);
#endif /* SSE2 */
#endif /* i386 */
#if defined(__amd64__) || defined (__x86_64__)
#define MULADDC_INIT \
asm( \
"movq %3, %%rsi \n\t" \
"movq %4, %%rdi \n\t" \
"movq %5, %%rcx \n\t" \
"movq %6, %%rbx \n\t" \
"xorq %%r8, %%r8 \n\t"
#define MULADDC_CORE \
"movq (%%rsi), %%rax \n\t" \
"mulq %%rbx \n\t" \
"addq $8, %%rsi \n\t" \
"addq %%rcx, %%rax \n\t" \
"movq %%r8, %%rcx \n\t" \
"adcq $0, %%rdx \n\t" \
"nop \n\t" \
"addq %%rax, (%%rdi) \n\t" \
"adcq %%rdx, %%rcx \n\t" \
"addq $8, %%rdi \n\t"
#define MULADDC_STOP \
"movq %%rcx, %0 \n\t" \
"movq %%rdi, %1 \n\t" \
"movq %%rsi, %2 \n\t" \
: "=m" (c), "=m" (d), "=m" (s) \
: "m" (s), "m" (d), "m" (c), "m" (b) \
: "rax", "rcx", "rdx", "rbx", "rsi", "rdi", "r8" \
);
#endif /* AMD64 */
#if defined(__mc68020__) || defined(__mcpu32__)
#define MULADDC_INIT \
asm( \
"movl %3, %%a2 \n\t" \
"movl %4, %%a3 \n\t" \
"movl %5, %%d3 \n\t" \
"movl %6, %%d2 \n\t" \
"moveq #0, %%d0 \n\t"
#define MULADDC_CORE \
"movel %%a2@+, %%d1 \n\t" \
"mulul %%d2, %%d4:%%d1 \n\t" \
"addl %%d3, %%d1 \n\t" \
"addxl %%d0, %%d4 \n\t" \
"moveq #0, %%d3 \n\t" \
"addl %%d1, %%a3@+ \n\t" \
"addxl %%d4, %%d3 \n\t"
#define MULADDC_STOP \
"movl %%d3, %0 \n\t" \
"movl %%a3, %1 \n\t" \
"movl %%a2, %2 \n\t" \
: "=m" (c), "=m" (d), "=m" (s) \
: "m" (s), "m" (d), "m" (c), "m" (b) \
: "d0", "d1", "d2", "d3", "d4", "a2", "a3" \
);
#define MULADDC_HUIT \
"movel %%a2@+, %%d1 \n\t" \
"mulul %%d2, %%d4:%%d1 \n\t" \
"addxl %%d3, %%d1 \n\t" \
"addxl %%d0, %%d4 \n\t" \
"addl %%d1, %%a3@+ \n\t" \
"movel %%a2@+, %%d1 \n\t" \
"mulul %%d2, %%d3:%%d1 \n\t" \
"addxl %%d4, %%d1 \n\t" \
"addxl %%d0, %%d3 \n\t" \
"addl %%d1, %%a3@+ \n\t" \
"movel %%a2@+, %%d1 \n\t" \
"mulul %%d2, %%d4:%%d1 \n\t" \
"addxl %%d3, %%d1 \n\t" \
"addxl %%d0, %%d4 \n\t" \
"addl %%d1, %%a3@+ \n\t" \
"movel %%a2@+, %%d1 \n\t" \
"mulul %%d2, %%d3:%%d1 \n\t" \
"addxl %%d4, %%d1 \n\t" \
"addxl %%d0, %%d3 \n\t" \
"addl %%d1, %%a3@+ \n\t" \
"movel %%a2@+, %%d1 \n\t" \
"mulul %%d2, %%d4:%%d1 \n\t" \
"addxl %%d3, %%d1 \n\t" \
"addxl %%d0, %%d4 \n\t" \
"addl %%d1, %%a3@+ \n\t" \
"movel %%a2@+, %%d1 \n\t" \
"mulul %%d2, %%d3:%%d1 \n\t" \
"addxl %%d4, %%d1 \n\t" \
"addxl %%d0, %%d3 \n\t" \
"addl %%d1, %%a3@+ \n\t" \
"movel %%a2@+, %%d1 \n\t" \
"mulul %%d2, %%d4:%%d1 \n\t" \
"addxl %%d3, %%d1 \n\t" \
"addxl %%d0, %%d4 \n\t" \
"addl %%d1, %%a3@+ \n\t" \
"movel %%a2@+, %%d1 \n\t" \
"mulul %%d2, %%d3:%%d1 \n\t" \
"addxl %%d4, %%d1 \n\t" \
"addxl %%d0, %%d3 \n\t" \
"addl %%d1, %%a3@+ \n\t" \
"addxl %%d0, %%d3 \n\t"
#endif /* MC68000 */
#if defined(__powerpc64__) || defined(__ppc64__)
#if defined(__MACH__) && defined(__APPLE__)
#define MULADDC_INIT \
asm( \
"ld r3, %3 \n\t" \
"ld r4, %4 \n\t" \
"ld r5, %5 \n\t" \
"ld r6, %6 \n\t" \
"addi r3, r3, -8 \n\t" \
"addi r4, r4, -8 \n\t" \
"addic r5, r5, 0 \n\t"
#define MULADDC_CORE \
"ldu r7, 8(r3) \n\t" \
"mulld r8, r7, r6 \n\t" \
"mulhdu r9, r7, r6 \n\t" \
"adde r8, r8, r5 \n\t" \
"ld r7, 8(r4) \n\t" \
"addze r5, r9 \n\t" \
"addc r8, r8, r7 \n\t" \
"stdu r8, 8(r4) \n\t"
#define MULADDC_STOP \
"addze r5, r5 \n\t" \
"addi r4, r4, 8 \n\t" \
"addi r3, r3, 8 \n\t" \
"std r5, %0 \n\t" \
"std r4, %1 \n\t" \
"std r3, %2 \n\t" \
: "=m" (c), "=m" (d), "=m" (s) \
: "m" (s), "m" (d), "m" (c), "m" (b) \
: "r3", "r4", "r5", "r6", "r7", "r8", "r9" \
);
#else /* __MACH__ && __APPLE__ */
#define MULADDC_INIT \
asm( \
"ld %%r3, %3 \n\t" \
"ld %%r4, %4 \n\t" \
"ld %%r5, %5 \n\t" \
"ld %%r6, %6 \n\t" \
"addi %%r3, %%r3, -8 \n\t" \
"addi %%r4, %%r4, -8 \n\t" \
"addic %%r5, %%r5, 0 \n\t"
#define MULADDC_CORE \
"ldu %%r7, 8(%%r3) \n\t" \
"mulld %%r8, %%r7, %%r6 \n\t" \
"mulhdu %%r9, %%r7, %%r6 \n\t" \
"adde %%r8, %%r8, %%r5 \n\t" \
"ld %%r7, 8(%%r4) \n\t" \
"addze %%r5, %%r9 \n\t" \
"addc %%r8, %%r8, %%r7 \n\t" \
"stdu %%r8, 8(%%r4) \n\t"
#define MULADDC_STOP \
"addze %%r5, %%r5 \n\t" \
"addi %%r4, %%r4, 8 \n\t" \
"addi %%r3, %%r3, 8 \n\t" \
"std %%r5, %0 \n\t" \
"std %%r4, %1 \n\t" \
"std %%r3, %2 \n\t" \
: "=m" (c), "=m" (d), "=m" (s) \
: "m" (s), "m" (d), "m" (c), "m" (b) \
: "r3", "r4", "r5", "r6", "r7", "r8", "r9" \
);
#endif /* __MACH__ && __APPLE__ */
#elif defined(__powerpc__) || defined(__ppc__) /* end PPC64/begin PPC32 */
#if defined(__MACH__) && defined(__APPLE__)
#define MULADDC_INIT \
asm( \
"lwz r3, %3 \n\t" \
"lwz r4, %4 \n\t" \
"lwz r5, %5 \n\t" \
"lwz r6, %6 \n\t" \
"addi r3, r3, -4 \n\t" \
"addi r4, r4, -4 \n\t" \
"addic r5, r5, 0 \n\t"
#define MULADDC_CORE \
"lwzu r7, 4(r3) \n\t" \
"mullw r8, r7, r6 \n\t" \
"mulhwu r9, r7, r6 \n\t" \
"adde r8, r8, r5 \n\t" \
"lwz r7, 4(r4) \n\t" \
"addze r5, r9 \n\t" \
"addc r8, r8, r7 \n\t" \
"stwu r8, 4(r4) \n\t"
#define MULADDC_STOP \
"addze r5, r5 \n\t" \
"addi r4, r4, 4 \n\t" \
"addi r3, r3, 4 \n\t" \
"stw r5, %0 \n\t" \
"stw r4, %1 \n\t" \
"stw r3, %2 \n\t" \
: "=m" (c), "=m" (d), "=m" (s) \
: "m" (s), "m" (d), "m" (c), "m" (b) \
: "r3", "r4", "r5", "r6", "r7", "r8", "r9" \
);
#else /* __MACH__ && __APPLE__ */
#define MULADDC_INIT \
asm( \
"lwz %%r3, %3 \n\t" \
"lwz %%r4, %4 \n\t" \
"lwz %%r5, %5 \n\t" \
"lwz %%r6, %6 \n\t" \
"addi %%r3, %%r3, -4 \n\t" \
"addi %%r4, %%r4, -4 \n\t" \
"addic %%r5, %%r5, 0 \n\t"
#define MULADDC_CORE \
"lwzu %%r7, 4(%%r3) \n\t" \
"mullw %%r8, %%r7, %%r6 \n\t" \
"mulhwu %%r9, %%r7, %%r6 \n\t" \
"adde %%r8, %%r8, %%r5 \n\t" \
"lwz %%r7, 4(%%r4) \n\t" \
"addze %%r5, %%r9 \n\t" \
"addc %%r8, %%r8, %%r7 \n\t" \
"stwu %%r8, 4(%%r4) \n\t"
#define MULADDC_STOP \
"addze %%r5, %%r5 \n\t" \
"addi %%r4, %%r4, 4 \n\t" \
"addi %%r3, %%r3, 4 \n\t" \
"stw %%r5, %0 \n\t" \
"stw %%r4, %1 \n\t" \
"stw %%r3, %2 \n\t" \
: "=m" (c), "=m" (d), "=m" (s) \
: "m" (s), "m" (d), "m" (c), "m" (b) \
: "r3", "r4", "r5", "r6", "r7", "r8", "r9" \
);
#endif /* __MACH__ && __APPLE__ */
#endif /* PPC32 */
/*
* The Sparc64 assembly is reported to be broken.
* Disable it for now, until we're able to fix it.
*/
#if 0 && defined(__sparc__) && defined(__sparc64__)
#define MULADDC_INIT \
asm( \
"ldx %3, %%o0 \n\t" \
"ldx %4, %%o1 \n\t" \
"ld %5, %%o2 \n\t" \
"ld %6, %%o3 \n\t"
#define MULADDC_CORE \
"ld [%%o0], %%o4 \n\t" \
"inc 4, %%o0 \n\t" \
"ld [%%o1], %%o5 \n\t" \
"umul %%o3, %%o4, %%o4 \n\t" \
"addcc %%o4, %%o2, %%o4 \n\t" \
"rd %%y, %%g1 \n\t" \
"addx %%g1, 0, %%g1 \n\t" \
"addcc %%o4, %%o5, %%o4 \n\t" \
"st %%o4, [%%o1] \n\t" \
"addx %%g1, 0, %%o2 \n\t" \
"inc 4, %%o1 \n\t"
#define MULADDC_STOP \
"st %%o2, %0 \n\t" \
"stx %%o1, %1 \n\t" \
"stx %%o0, %2 \n\t" \
: "=m" (c), "=m" (d), "=m" (s) \
: "m" (s), "m" (d), "m" (c), "m" (b) \
: "g1", "o0", "o1", "o2", "o3", "o4", \
"o5" \
);
#endif /* SPARCv9 */
#if defined(__sparc__) && !defined(__sparc64__)
#define MULADDC_INIT \
asm( \
"ld %3, %%o0 \n\t" \
"ld %4, %%o1 \n\t" \
"ld %5, %%o2 \n\t" \
"ld %6, %%o3 \n\t"
#define MULADDC_CORE \
"ld [%%o0], %%o4 \n\t" \
"inc 4, %%o0 \n\t" \
"ld [%%o1], %%o5 \n\t" \
"umul %%o3, %%o4, %%o4 \n\t" \
"addcc %%o4, %%o2, %%o4 \n\t" \
"rd %%y, %%g1 \n\t" \
"addx %%g1, 0, %%g1 \n\t" \
"addcc %%o4, %%o5, %%o4 \n\t" \
"st %%o4, [%%o1] \n\t" \
"addx %%g1, 0, %%o2 \n\t" \
"inc 4, %%o1 \n\t"
#define MULADDC_STOP \
"st %%o2, %0 \n\t" \
"st %%o1, %1 \n\t" \
"st %%o0, %2 \n\t" \
: "=m" (c), "=m" (d), "=m" (s) \
: "m" (s), "m" (d), "m" (c), "m" (b) \
: "g1", "o0", "o1", "o2", "o3", "o4", \
"o5" \
);
#endif /* SPARCv8 */
#if defined(__microblaze__) || defined(microblaze)
#define MULADDC_INIT \
asm( \
"lwi r3, %3 \n\t" \
"lwi r4, %4 \n\t" \
"lwi r5, %5 \n\t" \
"lwi r6, %6 \n\t" \
"andi r7, r6, 0xffff \n\t" \
"bsrli r6, r6, 16 \n\t"
#define MULADDC_CORE \
"lhui r8, r3, 0 \n\t" \
"addi r3, r3, 2 \n\t" \
"lhui r9, r3, 0 \n\t" \
"addi r3, r3, 2 \n\t" \
"mul r10, r9, r6 \n\t" \
"mul r11, r8, r7 \n\t" \
"mul r12, r9, r7 \n\t" \
"mul r13, r8, r6 \n\t" \
"bsrli r8, r10, 16 \n\t" \
"bsrli r9, r11, 16 \n\t" \
"add r13, r13, r8 \n\t" \
"add r13, r13, r9 \n\t" \
"bslli r10, r10, 16 \n\t" \
"bslli r11, r11, 16 \n\t" \
"add r12, r12, r10 \n\t" \
"addc r13, r13, r0 \n\t" \
"add r12, r12, r11 \n\t" \
"addc r13, r13, r0 \n\t" \
"lwi r10, r4, 0 \n\t" \
"add r12, r12, r10 \n\t" \
"addc r13, r13, r0 \n\t" \
"add r12, r12, r5 \n\t" \
"addc r5, r13, r0 \n\t" \
"swi r12, r4, 0 \n\t" \
"addi r4, r4, 4 \n\t"
#define MULADDC_STOP \
"swi r5, %0 \n\t" \
"swi r4, %1 \n\t" \
"swi r3, %2 \n\t" \
: "=m" (c), "=m" (d), "=m" (s) \
: "m" (s), "m" (d), "m" (c), "m" (b) \
: "r3", "r4" "r5", "r6", "r7", "r8", \
"r9", "r10", "r11", "r12", "r13" \
);
#endif /* MicroBlaze */
#if defined(__tricore__)
#define MULADDC_INIT \
asm( \
"ld.a %%a2, %3 \n\t" \
"ld.a %%a3, %4 \n\t" \
"ld.w %%d4, %5 \n\t" \
"ld.w %%d1, %6 \n\t" \
"xor %%d5, %%d5 \n\t"
#define MULADDC_CORE \
"ld.w %%d0, [%%a2+] \n\t" \
"madd.u %%e2, %%e4, %%d0, %%d1 \n\t" \
"ld.w %%d0, [%%a3] \n\t" \
"addx %%d2, %%d2, %%d0 \n\t" \
"addc %%d3, %%d3, 0 \n\t" \
"mov %%d4, %%d3 \n\t" \
"st.w [%%a3+], %%d2 \n\t"
#define MULADDC_STOP \
"st.w %0, %%d4 \n\t" \
"st.a %1, %%a3 \n\t" \
"st.a %2, %%a2 \n\t" \
: "=m" (c), "=m" (d), "=m" (s) \
: "m" (s), "m" (d), "m" (c), "m" (b) \
: "d0", "d1", "e2", "d4", "a2", "a3" \
);
#endif /* TriCore */
#if defined(__arm__)
#if defined(__thumb__) && !defined(__thumb2__)
#define MULADDC_INIT \
asm( \
"ldr r0, %3 \n\t" \
"ldr r1, %4 \n\t" \
"ldr r2, %5 \n\t" \
"ldr r3, %6 \n\t" \
"lsr r7, r3, #16 \n\t" \
"mov r9, r7 \n\t" \
"lsl r7, r3, #16 \n\t" \
"lsr r7, r7, #16 \n\t" \
"mov r8, r7 \n\t"
#define MULADDC_CORE \
"ldmia r0!, {r6} \n\t" \
"lsr r7, r6, #16 \n\t" \
"lsl r6, r6, #16 \n\t" \
"lsr r6, r6, #16 \n\t" \
"mov r4, r8 \n\t" \
"mul r4, r6 \n\t" \
"mov r3, r9 \n\t" \
"mul r6, r3 \n\t" \
"mov r5, r9 \n\t" \
"mul r5, r7 \n\t" \
"mov r3, r8 \n\t" \
"mul r7, r3 \n\t" \
"lsr r3, r6, #16 \n\t" \
"add r5, r5, r3 \n\t" \
"lsr r3, r7, #16 \n\t" \
"add r5, r5, r3 \n\t" \
"add r4, r4, r2 \n\t" \
"mov r2, #0 \n\t" \
"adc r5, r2 \n\t" \
"lsl r3, r6, #16 \n\t" \
"add r4, r4, r3 \n\t" \
"adc r5, r2 \n\t" \
"lsl r3, r7, #16 \n\t" \
"add r4, r4, r3 \n\t" \
"adc r5, r2 \n\t" \
"ldr r3, [r1] \n\t" \
"add r4, r4, r3 \n\t" \
"adc r2, r5 \n\t" \
"stmia r1!, {r4} \n\t"
#define MULADDC_STOP \
"str r2, %0 \n\t" \
"str r1, %1 \n\t" \
"str r0, %2 \n\t" \
: "=m" (c), "=m" (d), "=m" (s) \
: "m" (s), "m" (d), "m" (c), "m" (b) \
: "r0", "r1", "r2", "r3", "r4", "r5", \
"r6", "r7", "r8", "r9", "cc" \
);
#else
#define MULADDC_INIT \
asm( \
"ldr r0, %3 \n\t" \
"ldr r1, %4 \n\t" \
"ldr r2, %5 \n\t" \
"ldr r3, %6 \n\t"
#define MULADDC_CORE \
"ldr r4, [r0], #4 \n\t" \
"mov r5, #0 \n\t" \
"ldr r6, [r1] \n\t" \
"umlal r2, r5, r3, r4 \n\t" \
"adds r7, r6, r2 \n\t" \
"adc r2, r5, #0 \n\t" \
"str r7, [r1], #4 \n\t"
#define MULADDC_STOP \
"str r2, %0 \n\t" \
"str r1, %1 \n\t" \
"str r0, %2 \n\t" \
: "=m" (c), "=m" (d), "=m" (s) \
: "m" (s), "m" (d), "m" (c), "m" (b) \
: "r0", "r1", "r2", "r3", "r4", "r5", \
"r6", "r7", "cc" \
);
#endif /* Thumb */
#endif /* ARMv3 */
#if defined(__alpha__)
#define MULADDC_INIT \
asm( \
"ldq $1, %3 \n\t" \
"ldq $2, %4 \n\t" \
"ldq $3, %5 \n\t" \
"ldq $4, %6 \n\t"
#define MULADDC_CORE \
"ldq $6, 0($1) \n\t" \
"addq $1, 8, $1 \n\t" \
"mulq $6, $4, $7 \n\t" \
"umulh $6, $4, $6 \n\t" \
"addq $7, $3, $7 \n\t" \
"cmpult $7, $3, $3 \n\t" \
"ldq $5, 0($2) \n\t" \
"addq $7, $5, $7 \n\t" \
"cmpult $7, $5, $5 \n\t" \
"stq $7, 0($2) \n\t" \
"addq $2, 8, $2 \n\t" \
"addq $6, $3, $3 \n\t" \
"addq $5, $3, $3 \n\t"
#define MULADDC_STOP \
"stq $3, %0 \n\t" \
"stq $2, %1 \n\t" \
"stq $1, %2 \n\t" \
: "=m" (c), "=m" (d), "=m" (s) \
: "m" (s), "m" (d), "m" (c), "m" (b) \
: "$1", "$2", "$3", "$4", "$5", "$6", "$7" \
);
#endif /* Alpha */
#if defined(__mips__) && !defined(__mips64__)
#define MULADDC_INIT \
asm( \
"lw $10, %3 \n\t" \
"lw $11, %4 \n\t" \
"lw $12, %5 \n\t" \
"lw $13, %6 \n\t"
#define MULADDC_CORE \
"lw $14, 0($10) \n\t" \
"multu $13, $14 \n\t" \
"addi $10, $10, 4 \n\t" \
"mflo $14 \n\t" \
"mfhi $9 \n\t" \
"addu $14, $12, $14 \n\t" \
"lw $15, 0($11) \n\t" \
"sltu $12, $14, $12 \n\t" \
"addu $15, $14, $15 \n\t" \
"sltu $14, $15, $14 \n\t" \
"addu $12, $12, $9 \n\t" \
"sw $15, 0($11) \n\t" \
"addu $12, $12, $14 \n\t" \
"addi $11, $11, 4 \n\t"
#define MULADDC_STOP \
"sw $12, %0 \n\t" \
"sw $11, %1 \n\t" \
"sw $10, %2 \n\t" \
: "=m" (c), "=m" (d), "=m" (s) \
: "m" (s), "m" (d), "m" (c), "m" (b) \
: "$9", "$10", "$11", "$12", "$13", "$14", "$15" \
);
#endif /* MIPS */
#endif /* GNUC */
#if (defined(_MSC_VER) && defined(_M_IX86)) || defined(__WATCOMC__)
#define MULADDC_INIT \
__asm mov esi, s \
__asm mov edi, d \
__asm mov ecx, c \
__asm mov ebx, b
#define MULADDC_CORE \
__asm lodsd \
__asm mul ebx \
__asm add eax, ecx \
__asm adc edx, 0 \
__asm add eax, [edi] \
__asm adc edx, 0 \
__asm mov ecx, edx \
__asm stosd
#if defined(POLARSSL_HAVE_SSE2)
#define EMIT __asm _emit
#define MULADDC_HUIT \
EMIT 0x0F EMIT 0x6E EMIT 0xC9 \
EMIT 0x0F EMIT 0x6E EMIT 0xC3 \
EMIT 0x0F EMIT 0x6E EMIT 0x1F \
EMIT 0x0F EMIT 0xD4 EMIT 0xCB \
EMIT 0x0F EMIT 0x6E EMIT 0x16 \
EMIT 0x0F EMIT 0xF4 EMIT 0xD0 \
EMIT 0x0F EMIT 0x6E EMIT 0x66 EMIT 0x04 \
EMIT 0x0F EMIT 0xF4 EMIT 0xE0 \
EMIT 0x0F EMIT 0x6E EMIT 0x76 EMIT 0x08 \
EMIT 0x0F EMIT 0xF4 EMIT 0xF0 \
EMIT 0x0F EMIT 0x6E EMIT 0x7E EMIT 0x0C \
EMIT 0x0F EMIT 0xF4 EMIT 0xF8 \
EMIT 0x0F EMIT 0xD4 EMIT 0xCA \
EMIT 0x0F EMIT 0x6E EMIT 0x5F EMIT 0x04 \
EMIT 0x0F EMIT 0xD4 EMIT 0xDC \
EMIT 0x0F EMIT 0x6E EMIT 0x6F EMIT 0x08 \
EMIT 0x0F EMIT 0xD4 EMIT 0xEE \
EMIT 0x0F EMIT 0x6E EMIT 0x67 EMIT 0x0C \
EMIT 0x0F EMIT 0xD4 EMIT 0xFC \
EMIT 0x0F EMIT 0x7E EMIT 0x0F \
EMIT 0x0F EMIT 0x6E EMIT 0x56 EMIT 0x10 \
EMIT 0x0F EMIT 0xF4 EMIT 0xD0 \
EMIT 0x0F EMIT 0x73 EMIT 0xD1 EMIT 0x20 \
EMIT 0x0F EMIT 0x6E EMIT 0x66 EMIT 0x14 \
EMIT 0x0F EMIT 0xF4 EMIT 0xE0 \
EMIT 0x0F EMIT 0xD4 EMIT 0xCB \
EMIT 0x0F EMIT 0x6E EMIT 0x76 EMIT 0x18 \
EMIT 0x0F EMIT 0xF4 EMIT 0xF0 \
EMIT 0x0F EMIT 0x7E EMIT 0x4F EMIT 0x04 \
EMIT 0x0F EMIT 0x73 EMIT 0xD1 EMIT 0x20 \
EMIT 0x0F EMIT 0x6E EMIT 0x5E EMIT 0x1C \
EMIT 0x0F EMIT 0xF4 EMIT 0xD8 \
EMIT 0x0F EMIT 0xD4 EMIT 0xCD \
EMIT 0x0F EMIT 0x6E EMIT 0x6F EMIT 0x10 \
EMIT 0x0F EMIT 0xD4 EMIT 0xD5 \
EMIT 0x0F EMIT 0x7E EMIT 0x4F EMIT 0x08 \
EMIT 0x0F EMIT 0x73 EMIT 0xD1 EMIT 0x20 \
EMIT 0x0F EMIT 0xD4 EMIT 0xCF \
EMIT 0x0F EMIT 0x6E EMIT 0x6F EMIT 0x14 \
EMIT 0x0F EMIT 0xD4 EMIT 0xE5 \
EMIT 0x0F EMIT 0x7E EMIT 0x4F EMIT 0x0C \
EMIT 0x0F EMIT 0x73 EMIT 0xD1 EMIT 0x20 \
EMIT 0x0F EMIT 0xD4 EMIT 0xCA \
EMIT 0x0F EMIT 0x6E EMIT 0x6F EMIT 0x18 \
EMIT 0x0F EMIT 0xD4 EMIT 0xF5 \
EMIT 0x0F EMIT 0x7E EMIT 0x4F EMIT 0x10 \
EMIT 0x0F EMIT 0x73 EMIT 0xD1 EMIT 0x20 \
EMIT 0x0F EMIT 0xD4 EMIT 0xCC \
EMIT 0x0F EMIT 0x6E EMIT 0x6F EMIT 0x1C \
EMIT 0x0F EMIT 0xD4 EMIT 0xDD \
EMIT 0x0F EMIT 0x7E EMIT 0x4F EMIT 0x14 \
EMIT 0x0F EMIT 0x73 EMIT 0xD1 EMIT 0x20 \
EMIT 0x0F EMIT 0xD4 EMIT 0xCE \
EMIT 0x0F EMIT 0x7E EMIT 0x4F EMIT 0x18 \
EMIT 0x0F EMIT 0x73 EMIT 0xD1 EMIT 0x20 \
EMIT 0x0F EMIT 0xD4 EMIT 0xCB \
EMIT 0x0F EMIT 0x7E EMIT 0x4F EMIT 0x1C \
EMIT 0x83 EMIT 0xC7 EMIT 0x20 \
EMIT 0x83 EMIT 0xC6 EMIT 0x20 \
EMIT 0x0F EMIT 0x73 EMIT 0xD1 EMIT 0x20 \
EMIT 0x0F EMIT 0x7E EMIT 0xC9
#define MULADDC_STOP \
EMIT 0x0F EMIT 0x77 \
__asm mov c, ecx \
__asm mov d, edi \
__asm mov s, esi \
#else
#define MULADDC_STOP \
__asm mov c, ecx \
__asm mov d, edi \
__asm mov s, esi \
#endif /* SSE2 */
#endif /* MSVC */
#endif /* POLARSSL_HAVE_ASM */
#if !defined(MULADDC_CORE)
#if defined(POLARSSL_HAVE_UDBL)
#define MULADDC_INIT \
{ \
t_udbl r; \
t_uint r0, r1;
#define MULADDC_CORE \
r = *(s++) * (t_udbl) b; \
r0 = r; \
r1 = r >> biL; \
r0 += c; r1 += (r0 < c); \
r0 += *d; r1 += (r0 < *d); \
c = r1; *(d++) = r0;
#define MULADDC_STOP \
}
#else
#define MULADDC_INIT \
{ \
t_uint s0, s1, b0, b1; \
t_uint r0, r1, rx, ry; \
b0 = ( b << biH ) >> biH; \
b1 = ( b >> biH );
#define MULADDC_CORE \
s0 = ( *s << biH ) >> biH; \
s1 = ( *s >> biH ); s++; \
rx = s0 * b1; r0 = s0 * b0; \
ry = s1 * b0; r1 = s1 * b1; \
r1 += ( rx >> biH ); \
r1 += ( ry >> biH ); \
rx <<= biH; ry <<= biH; \
r0 += rx; r1 += (r0 < rx); \
r0 += ry; r1 += (r0 < ry); \
r0 += c; r1 += (r0 < c); \
r0 += *d; r1 += (r0 < *d); \
c = r1; *(d++) = r0;
#define MULADDC_STOP \
}
#endif /* C (generic) */
#endif /* C (longlong) */
#endif /* bn_mul.h */

229
Externals/polarssl/include/polarssl/camellia.h vendored
View File

@ -1,229 +0,0 @@
/**
* \file camellia.h
*
* \brief Camellia block cipher
*
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_CAMELLIA_H
#define POLARSSL_CAMELLIA_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include <string.h>
#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32)
#include <basetsd.h>
typedef UINT32 uint32_t;
#else
#include <inttypes.h>
#endif
#define CAMELLIA_ENCRYPT 1
#define CAMELLIA_DECRYPT 0
#define POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH -0x0024 /**< Invalid key length. */
#define POLARSSL_ERR_CAMELLIA_INVALID_INPUT_LENGTH -0x0026 /**< Invalid data input length. */
#if !defined(POLARSSL_CAMELLIA_ALT)
// Regular implementation
//
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief CAMELLIA context structure
*/
typedef struct
{
int nr; /*!< number of rounds */
uint32_t rk[68]; /*!< CAMELLIA round keys */
}
camellia_context;
/**
* \brief Initialize CAMELLIA context
*
* \param ctx CAMELLIA context to be initialized
*/
void camellia_init( camellia_context *ctx );
/**
* \brief Clear CAMELLIA context
*
* \param ctx CAMELLIA context to be cleared
*/
void camellia_free( camellia_context *ctx );
/**
* \brief CAMELLIA key schedule (encryption)
*
* \param ctx CAMELLIA context to be initialized
* \param key encryption key
* \param keysize must be 128, 192 or 256
*
* \return 0 if successful, or POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH
*/
int camellia_setkey_enc( camellia_context *ctx, const unsigned char *key,
unsigned int keysize );
/**
* \brief CAMELLIA key schedule (decryption)
*
* \param ctx CAMELLIA context to be initialized
* \param key decryption key
* \param keysize must be 128, 192 or 256
*
* \return 0 if successful, or POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH
*/
int camellia_setkey_dec( camellia_context *ctx, const unsigned char *key,
unsigned int keysize );
/**
* \brief CAMELLIA-ECB block encryption/decryption
*
* \param ctx CAMELLIA context
* \param mode CAMELLIA_ENCRYPT or CAMELLIA_DECRYPT
* \param input 16-byte input block
* \param output 16-byte output block
*
* \return 0 if successful
*/
int camellia_crypt_ecb( camellia_context *ctx,
int mode,
const unsigned char input[16],
unsigned char output[16] );
#if defined(POLARSSL_CIPHER_MODE_CBC)
/**
* \brief CAMELLIA-CBC buffer encryption/decryption
* Length should be a multiple of the block
* size (16 bytes)
*
* \param ctx CAMELLIA context
* \param mode CAMELLIA_ENCRYPT or CAMELLIA_DECRYPT
* \param length length of the input data
* \param iv initialization vector (updated after use)
* \param input buffer holding the input data
* \param output buffer holding the output data
*
* \return 0 if successful, or
* POLARSSL_ERR_CAMELLIA_INVALID_INPUT_LENGTH
*/
int camellia_crypt_cbc( camellia_context *ctx,
int mode,
size_t length,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output );
#endif /* POLARSSL_CIPHER_MODE_CBC */
#if defined(POLARSSL_CIPHER_MODE_CFB)
/**
* \brief CAMELLIA-CFB128 buffer encryption/decryption
*
* Note: Due to the nature of CFB you should use the same key schedule for
* both encryption and decryption. So a context initialized with
* camellia_setkey_enc() for both CAMELLIA_ENCRYPT and CAMELLIE_DECRYPT.
*
* \param ctx CAMELLIA context
* \param mode CAMELLIA_ENCRYPT or CAMELLIA_DECRYPT
* \param length length of the input data
* \param iv_off offset in IV (updated after use)
* \param iv initialization vector (updated after use)
* \param input buffer holding the input data
* \param output buffer holding the output data
*
* \return 0 if successful, or
* POLARSSL_ERR_CAMELLIA_INVALID_INPUT_LENGTH
*/
int camellia_crypt_cfb128( camellia_context *ctx,
int mode,
size_t length,
size_t *iv_off,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output );
#endif /* POLARSSL_CIPHER_MODE_CFB */
#if defined(POLARSSL_CIPHER_MODE_CTR)
/**
* \brief CAMELLIA-CTR buffer encryption/decryption
*
* Warning: You have to keep the maximum use of your counter in mind!
*
* Note: Due to the nature of CTR you should use the same key schedule for
* both encryption and decryption. So a context initialized with
* camellia_setkey_enc() for both CAMELLIA_ENCRYPT and CAMELLIA_DECRYPT.
*
* \param ctx CAMELLIA context
* \param length The length of the data
* \param nc_off The offset in the current stream_block (for resuming
* within current cipher stream). The offset pointer to
* should be 0 at the start of a stream.
* \param nonce_counter The 128-bit nonce and counter.
* \param stream_block The saved stream-block for resuming. Is overwritten
* by the function.
* \param input The input data stream
* \param output The output data stream
*
* \return 0 if successful
*/
int camellia_crypt_ctr( camellia_context *ctx,
size_t length,
size_t *nc_off,
unsigned char nonce_counter[16],
unsigned char stream_block[16],
const unsigned char *input,
unsigned char *output );
#endif /* POLARSSL_CIPHER_MODE_CTR */
#ifdef __cplusplus
}
#endif
#else /* POLARSSL_CAMELLIA_ALT */
#include "camellia_alt.h"
#endif /* POLARSSL_CAMELLIA_ALT */
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
*/
int camellia_self_test( int verbose );
#ifdef __cplusplus
}
#endif
#endif /* camellia.h */

134
Externals/polarssl/include/polarssl/ccm.h vendored
View File

@ -1,134 +0,0 @@
/**
* \file ccm.h
*
* \brief Counter with CBC-MAC (CCM) for 128-bit block ciphers
*
* Copyright (C) 2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_CCM_H
#define POLARSSL_CCM_H
#include "cipher.h"
#define POLARSSL_ERR_CCM_BAD_INPUT -0x000D /**< Bad input parameters to function. */
#define POLARSSL_ERR_CCM_AUTH_FAILED -0x000F /**< Authenticated decryption failed. */
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief CCM context structure
*/
typedef struct {
cipher_context_t cipher_ctx; /*!< cipher context used */
}
ccm_context;
/**
* \brief CCM initialization (encryption and decryption)
*
* \param ctx CCM context to be initialized
* \param cipher cipher to use (a 128-bit block cipher)
* \param key encryption key
* \param keysize key size in bits (must be acceptable by the cipher)
*
* \return 0 if successful, or a cipher specific error code
*/
int ccm_init( ccm_context *ctx, cipher_id_t cipher,
const unsigned char *key, unsigned int keysize );
/**
* \brief Free a CCM context and underlying cipher sub-context
*
* \param ctx CCM context to free
*/
void ccm_free( ccm_context *ctx );
/**
* \brief CCM buffer encryption
*
* \param ctx CCM context
* \param length length of the input data in bytes
* \param iv nonce (initialization vector)
* \param iv_len length of IV in bytes
* must be 2, 3, 4, 5, 6, 7 or 8
* \param add additional data
* \param add_len length of additional data in bytes
* must be less than 2^16 - 2^8
* \param input buffer holding the input data
* \param output buffer for holding the output data
* must be at least 'length' bytes wide
* \param tag buffer for holding the tag
* \param tag_len length of the tag to generate in bytes
* must be 4, 6, 8, 10, 14 or 16
*
* \note The tag is written to a separate buffer. To get the tag
* concatenated with the output as in the CCM spec, use
* tag = output + length and make sure the output buffer is
* at least length + tag_len wide.
*
* \return 0 if successful
*/
int ccm_encrypt_and_tag( ccm_context *ctx, size_t length,
const unsigned char *iv, size_t iv_len,
const unsigned char *add, size_t add_len,
const unsigned char *input, unsigned char *output,
unsigned char *tag, size_t tag_len );
/**
* \brief CCM buffer authenticated decryption
*
* \param ctx CCM context
* \param length length of the input data
* \param iv initialization vector
* \param iv_len length of IV
* \param add additional data
* \param add_len length of additional data
* \param input buffer holding the input data
* \param output buffer for holding the output data
* \param tag buffer holding the tag
* \param tag_len length of the tag
*
* \return 0 if successful and authenticated,
* POLARSSL_ERR_CCM_AUTH_FAILED if tag does not match
*/
int ccm_auth_decrypt( ccm_context *ctx, size_t length,
const unsigned char *iv, size_t iv_len,
const unsigned char *add, size_t add_len,
const unsigned char *input, unsigned char *output,
const unsigned char *tag, size_t tag_len );
#if defined(POLARSSL_SELF_TEST) && defined(POLARSSL_AES_C)
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
*/
int ccm_self_test( int verbose );
#endif /* POLARSSL_SELF_TEST && POLARSSL_AES_C */
#ifdef __cplusplus
}
#endif
#endif /* POLARSSL_CGM_H */

77
Externals/polarssl/include/polarssl/certs.h vendored
View File

@ -1,77 +0,0 @@
/**
* \file certs.h
*
* \brief Sample certificates and DHM parameters for testing
*
* Copyright (C) 2006-2010, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_CERTS_H
#define POLARSSL_CERTS_H
#ifdef __cplusplus
extern "C" {
#endif
/* Concatenation of all available CA certificates */
extern const char test_ca_list[];
/*
* Convenience for users who just want a certificate:
* RSA by default, or ECDSA if RSA i not available
*/
extern const char *test_ca_crt;
extern const char *test_ca_key;
extern const char *test_ca_pwd;
extern const char *test_srv_crt;
extern const char *test_srv_key;
extern const char *test_cli_crt;
extern const char *test_cli_key;
#if defined(POLARSSL_ECDSA_C)
extern const char test_ca_crt_ec[];
extern const char test_ca_key_ec[];
extern const char test_ca_pwd_ec[];
extern const char test_srv_crt_ec[];
extern const char test_srv_key_ec[];
extern const char test_cli_crt_ec[];
extern const char test_cli_key_ec[];
#endif
#if defined(POLARSSL_RSA_C)
extern const char test_ca_crt_rsa[];
extern const char test_ca_key_rsa[];
extern const char test_ca_pwd_rsa[];
extern const char test_srv_crt_rsa[];
extern const char test_srv_key_rsa[];
extern const char test_cli_crt_rsa[];
extern const char test_cli_key_rsa[];
#endif
#if defined(POLARSSL_DHM_C)
extern const char test_dhm_params[];
#endif
#ifdef __cplusplus
}
#endif
#endif /* certs.h */

326
Externals/polarssl/include/polarssl/check_config.h vendored
View File

@ -1,326 +0,0 @@
/**
* \file check_config.h
*
* \brief Consistency checks for configuration options
*
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
/*
* It is recommended to include this file from your config.h
* in order to catch dependency issues early.
*/
#ifndef POLARSSL_CHECK_CONFIG_H
#define POLARSSL_CHECK_CONFIG_H
#if defined(POLARSSL_AESNI_C) && !defined(POLARSSL_HAVE_ASM)
#error "POLARSSL_AESNI_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_CERTS_C) && !defined(POLARSSL_PEM_PARSE_C)
#error "POLARSSL_CERTS_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_CTR_DRBG_C) && !defined(POLARSSL_AES_C)
#error "POLARSSL_CTR_DRBG_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_DHM_C) && !defined(POLARSSL_BIGNUM_C)
#error "POLARSSL_DHM_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_ECDH_C) && !defined(POLARSSL_ECP_C)
#error "POLARSSL_ECDH_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_ECDSA_C) && \
( !defined(POLARSSL_ECP_C) || \
!defined(POLARSSL_ASN1_PARSE_C) || \
!defined(POLARSSL_ASN1_WRITE_C) )
#error "POLARSSL_ECDSA_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_ECDSA_DETERMINISTIC) && !defined(POLARSSL_HMAC_DRBG_C)
#error "POLARSSL_ECDSA_DETERMINISTIC defined, but not all prerequisites"
#endif
#if defined(POLARSSL_ECP_C) && ( !defined(POLARSSL_BIGNUM_C) || ( \
!defined(POLARSSL_ECP_DP_SECP192R1_ENABLED) && \
!defined(POLARSSL_ECP_DP_SECP224R1_ENABLED) && \
!defined(POLARSSL_ECP_DP_SECP256R1_ENABLED) && \
!defined(POLARSSL_ECP_DP_SECP384R1_ENABLED) && \
!defined(POLARSSL_ECP_DP_SECP521R1_ENABLED) && \
!defined(POLARSSL_ECP_DP_BP256R1_ENABLED) && \
!defined(POLARSSL_ECP_DP_BP384R1_ENABLED) && \
!defined(POLARSSL_ECP_DP_BP512R1_ENABLED) && \
!defined(POLARSSL_ECP_DP_SECP192K1_ENABLED) && \
!defined(POLARSSL_ECP_DP_SECP224K1_ENABLED) && \
!defined(POLARSSL_ECP_DP_SECP256K1_ENABLED) ) )
#error "POLARSSL_ECP_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_ENTROPY_C) && (!defined(POLARSSL_SHA512_C) && \
!defined(POLARSSL_SHA256_C))
#error "POLARSSL_ENTROPY_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_SHA512_C) && \
defined(CTR_DRBG_ENTROPY_LEN) && (CTR_DRBG_ENTROPY_LEN > 64)
#error "CTR_DRBG_ENTROPY_LEN value too high"
#endif
#if defined(POLARSSL_ENTROPY_C) && \
( !defined(POLARSSL_SHA512_C) || defined(POLARSSL_ENTROPY_FORCE_SHA256) ) \
&& defined(CTR_DRBG_ENTROPY_LEN) && (CTR_DRBG_ENTROPY_LEN > 32)
#error "CTR_DRBG_ENTROPY_LEN value too high"
#endif
#if defined(POLARSSL_ENTROPY_C) && \
defined(POLARSSL_ENTROPY_FORCE_SHA256) && !defined(POLARSSL_SHA256_C)
#error "POLARSSL_ENTROPY_FORCE_SHA256 defined, but not all prerequisites"
#endif
#if defined(POLARSSL_GCM_C) && ( \
!defined(POLARSSL_AES_C) && !defined(POLARSSL_CAMELLIA_C) )
#error "POLARSSL_GCM_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_HAVEGE_C) && !defined(POLARSSL_TIMING_C)
#error "POLARSSL_HAVEGE_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_HMAC_DRBG) && !defined(POLARSSL_MD_C)
#error "POLARSSL_HMAC_DRBG_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) && \
( !defined(POLARSSL_ECDH_C) || !defined(POLARSSL_X509_CRT_PARSE_C) )
#error "POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED defined, but not all prerequisites"
#endif
#if defined(POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED) && \
( !defined(POLARSSL_ECDH_C) || !defined(POLARSSL_X509_CRT_PARSE_C) )
#error "POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED defined, but not all prerequisites"
#endif
#if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) && !defined(POLARSSL_DHM_C)
#error "POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED defined, but not all prerequisites"
#endif
#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) && \
!defined(POLARSSL_ECDH_C)
#error "POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED defined, but not all prerequisites"
#endif
#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) && \
( !defined(POLARSSL_DHM_C) || !defined(POLARSSL_RSA_C) || \
!defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_PKCS1_V15) )
#error "POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED defined, but not all prerequisites"
#endif
#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) && \
( !defined(POLARSSL_ECDH_C) || !defined(POLARSSL_RSA_C) || \
!defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_PKCS1_V15) )
#error "POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED defined, but not all prerequisites"
#endif
#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) && \
( !defined(POLARSSL_ECDH_C) || !defined(POLARSSL_ECDSA_C) || \
!defined(POLARSSL_X509_CRT_PARSE_C) )
#error "POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED defined, but not all prerequisites"
#endif
#if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED) && \
( !defined(POLARSSL_RSA_C) || !defined(POLARSSL_X509_CRT_PARSE_C) ||\
!defined(POLARSSL_PKCS1_V15) )
#error "POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED defined, but not all prerequisites"
#endif
#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED) && \
( !defined(POLARSSL_RSA_C) || !defined(POLARSSL_X509_CRT_PARSE_C) ||\
!defined(POLARSSL_PKCS1_V15) )
#error "POLARSSL_KEY_EXCHANGE_RSA_ENABLED defined, but not all prerequisites"
#endif
#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C) && \
( !defined(POLARSSL_PLATFORM_C) || !defined(POLARSSL_PLATFORM_MEMORY) )
#error "POLARSSL_MEMORY_BUFFER_ALLOC_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_PADLOCK_C) && !defined(POLARSSL_HAVE_ASM)
#error "POLARSSL_PADLOCK_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_PBKDF2_C) && !defined(POLARSSL_MD_C)
#error "POLARSSL_PBKDF2_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_PEM_PARSE_C) && !defined(POLARSSL_BASE64_C)
#error "POLARSSL_PEM_PARSE_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_PEM_WRITE_C) && !defined(POLARSSL_BASE64_C)
#error "POLARSSL_PEM_WRITE_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_PK_PARSE_C) && !defined(POLARSSL_PK_C)
#error "POLARSSL_PK_PARSE_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_PK_WRITE_C) && !defined(POLARSSL_PK_C)
#error "POLARSSL_PK_WRITE_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_PKCS11_C) && !defined(POLARSSL_PK_C)
#error "POLARSSL_PKCS11_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_RSA_C) && ( !defined(POLARSSL_BIGNUM_C) || \
!defined(POLARSSL_OID_C) )
#error "POLARSSL_RSA_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_X509_RSASSA_PSS_SUPPORT) && \
( !defined(POLARSSL_RSA_C) || !defined(POLARSSL_PKCS1_V21) )
#error "POLARSSL_X509_RSASSA_PSS_SUPPORT defined, but not all prerequisites"
#endif
#if defined(POLARSSL_SSL_PROTO_SSL3) && ( !defined(POLARSSL_MD5_C) || \
!defined(POLARSSL_SHA1_C) )
#error "POLARSSL_SSL_PROTO_SSL3 defined, but not all prerequisites"
#endif
#if defined(POLARSSL_SSL_PROTO_TLS1) && ( !defined(POLARSSL_MD5_C) || \
!defined(POLARSSL_SHA1_C) )
#error "POLARSSL_SSL_PROTO_TLS1 defined, but not all prerequisites"
#endif
#if defined(POLARSSL_SSL_PROTO_TLS1_1) && ( !defined(POLARSSL_MD5_C) || \
!defined(POLARSSL_SHA1_C) )
#error "POLARSSL_SSL_PROTO_TLS1_1 defined, but not all prerequisites"
#endif
#if defined(POLARSSL_SSL_PROTO_TLS1_2) && ( !defined(POLARSSL_SHA1_C) && \
!defined(POLARSSL_SHA256_C) && !defined(POLARSSL_SHA512_C) )
#error "POLARSSL_SSL_PROTO_TLS1_2 defined, but not all prerequisites"
#endif
#if defined(POLARSSL_SSL_CLI_C) && !defined(POLARSSL_SSL_TLS_C)
#error "POLARSSL_SSL_CLI_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_SSL_TLS_C) && ( !defined(POLARSSL_CIPHER_C) || \
!defined(POLARSSL_MD_C) )
#error "POLARSSL_SSL_TLS_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_SSL_SRV_C) && !defined(POLARSSL_SSL_TLS_C)
#error "POLARSSL_SSL_SRV_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_SSL_TLS_C) && (!defined(POLARSSL_SSL_PROTO_SSL3) && \
!defined(POLARSSL_SSL_PROTO_TLS1) && !defined(POLARSSL_SSL_PROTO_TLS1_1) && \
!defined(POLARSSL_SSL_PROTO_TLS1_2))
#error "POLARSSL_SSL_TLS_C defined, but no protocols are active"
#endif
#if defined(POLARSSL_SSL_TLS_C) && (defined(POLARSSL_SSL_PROTO_SSL3) && \
defined(POLARSSL_SSL_PROTO_TLS1_1) && !defined(POLARSSL_SSL_PROTO_TLS1))
#error "Illegal protocol selection"
#endif
#if defined(POLARSSL_SSL_TLS_C) && (defined(POLARSSL_SSL_PROTO_TLS1) && \
defined(POLARSSL_SSL_PROTO_TLS1_2) && !defined(POLARSSL_SSL_PROTO_TLS1_1))
#error "Illegal protocol selection"
#endif
#if defined(POLARSSL_SSL_TLS_C) && (defined(POLARSSL_SSL_PROTO_SSL3) && \
defined(POLARSSL_SSL_PROTO_TLS1_2) && (!defined(POLARSSL_SSL_PROTO_TLS1) || \
!defined(POLARSSL_SSL_PROTO_TLS1_1)))
#error "Illegal protocol selection"
#endif
#if defined(POLARSSL_SSL_SESSION_TICKETS) && defined(POLARSSL_SSL_TLS_C) && \
( !defined(POLARSSL_AES_C) || !defined(POLARSSL_SHA256_C) || \
!defined(POLARSSL_CIPHER_MODE_CBC) )
#error "POLARSSL_SSL_SESSION_TICKETS_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_SSL_SERVER_NAME_INDICATION) && \
!defined(POLARSSL_X509_CRT_PARSE_C)
#error "POLARSSL_SSL_SERVER_NAME_INDICATION defined, but not all prerequisites"
#endif
#if defined(POLARSSL_THREADING_PTHREAD)
#if !defined(POLARSSL_THREADING_C) || defined(POLARSSL_THREADING_IMPL)
#error "POLARSSL_THREADING_PTHREAD defined, but not all prerequisites"
#endif
#define POLARSSL_THREADING_IMPL
#endif
#if defined(POLARSSL_THREADING_ALT)
#if !defined(POLARSSL_THREADING_C) || defined(POLARSSL_THREADING_IMPL)
#error "POLARSSL_THREADING_ALT defined, but not all prerequisites"
#endif
#define POLARSSL_THREADING_IMPL
#endif
#if defined(POLARSSL_THREADING_C) && !defined(POLARSSL_THREADING_IMPL)
#error "POLARSSL_THREADING_C defined, single threading implementation required"
#endif
#undef POLARSSL_THREADING_IMPL
#if defined(POLARSSL_VERSION_FEATURES) && !defined(POLARSSL_VERSION_C)
#error "POLARSSL_VERSION_FEATURES defined, but not all prerequisites"
#endif
#if defined(POLARSSL_X509_USE_C) && ( !defined(POLARSSL_BIGNUM_C) || \
!defined(POLARSSL_OID_C) || !defined(POLARSSL_ASN1_PARSE_C) || \
!defined(POLARSSL_PK_PARSE_C) )
#error "POLARSSL_X509_USE_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_X509_CREATE_C) && ( !defined(POLARSSL_BIGNUM_C) || \
!defined(POLARSSL_OID_C) || !defined(POLARSSL_ASN1_WRITE_C) || \
!defined(POLARSSL_PK_WRITE_C) )
#error "POLARSSL_X509_CREATE_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_X509_CRT_PARSE_C) && ( !defined(POLARSSL_X509_USE_C) )
#error "POLARSSL_X509_CRT_PARSE_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_X509_CRL_PARSE_C) && ( !defined(POLARSSL_X509_USE_C) )
#error "POLARSSL_X509_CRL_PARSE_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_X509_CSR_PARSE_C) && ( !defined(POLARSSL_X509_USE_C) )
#error "POLARSSL_X509_CSR_PARSE_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_X509_CRT_WRITE_C) && ( !defined(POLARSSL_X509_CREATE_C) )
#error "POLARSSL_X509_CRT_WRITE_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_X509_CSR_WRITE_C) && ( !defined(POLARSSL_X509_CREATE_C) )
#error "POLARSSL_X509_CSR_WRITE_C defined, but not all prerequisites"
#endif
#endif /* POLARSSL_CHECK_CONFIG_H */

760
Externals/polarssl/include/polarssl/cipher.h vendored
View File

@ -1,760 +0,0 @@
/**
* \file cipher.h
*
* \brief Generic cipher wrapper.
*
* \author Adriaan de Jong <dejong@fox-it.com>
*
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_CIPHER_H
#define POLARSSL_CIPHER_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#if defined(POLARSSL_GCM_C) || defined(POLARSSL_CCM_C)
#define POLARSSL_CIPHER_MODE_AEAD
#endif
#if defined(POLARSSL_CIPHER_MODE_CBC)
#define POLARSSL_CIPHER_MODE_WITH_PADDING
#endif
#include <string.h>
#if defined(_MSC_VER) && !defined(inline)
#define inline _inline
#else
#if defined(__ARMCC_VERSION) && !defined(inline)
#define inline __inline
#endif /* __ARMCC_VERSION */
#endif /*_MSC_VER */
#define POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE -0x6080 /**< The selected feature is not available. */
#define POLARSSL_ERR_CIPHER_BAD_INPUT_DATA -0x6100 /**< Bad input parameters to function. */
#define POLARSSL_ERR_CIPHER_ALLOC_FAILED -0x6180 /**< Failed to allocate memory. */
#define POLARSSL_ERR_CIPHER_INVALID_PADDING -0x6200 /**< Input data contains invalid padding and is rejected. */
#define POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED -0x6280 /**< Decryption of block requires a full block. */
#define POLARSSL_ERR_CIPHER_AUTH_FAILED -0x6300 /**< Authentication failed (for AEAD modes). */
#define POLARSSL_CIPHER_VARIABLE_IV_LEN 0x01 /**< Cipher accepts IVs of variable length */
#define POLARSSL_CIPHER_VARIABLE_KEY_LEN 0x02 /**< Cipher accepts keys of variable length */
#ifdef __cplusplus
extern "C" {
#endif
typedef enum {
POLARSSL_CIPHER_ID_NONE = 0,
POLARSSL_CIPHER_ID_NULL,
POLARSSL_CIPHER_ID_AES,
POLARSSL_CIPHER_ID_DES,
POLARSSL_CIPHER_ID_3DES,
POLARSSL_CIPHER_ID_CAMELLIA,
POLARSSL_CIPHER_ID_BLOWFISH,
POLARSSL_CIPHER_ID_ARC4,
} cipher_id_t;
typedef enum {
POLARSSL_CIPHER_NONE = 0,
POLARSSL_CIPHER_NULL,
POLARSSL_CIPHER_AES_128_ECB,
POLARSSL_CIPHER_AES_192_ECB,
POLARSSL_CIPHER_AES_256_ECB,
POLARSSL_CIPHER_AES_128_CBC,
POLARSSL_CIPHER_AES_192_CBC,
POLARSSL_CIPHER_AES_256_CBC,
POLARSSL_CIPHER_AES_128_CFB128,
POLARSSL_CIPHER_AES_192_CFB128,
POLARSSL_CIPHER_AES_256_CFB128,
POLARSSL_CIPHER_AES_128_CTR,
POLARSSL_CIPHER_AES_192_CTR,
POLARSSL_CIPHER_AES_256_CTR,
POLARSSL_CIPHER_AES_128_GCM,
POLARSSL_CIPHER_AES_192_GCM,
POLARSSL_CIPHER_AES_256_GCM,
POLARSSL_CIPHER_CAMELLIA_128_ECB,
POLARSSL_CIPHER_CAMELLIA_192_ECB,
POLARSSL_CIPHER_CAMELLIA_256_ECB,
POLARSSL_CIPHER_CAMELLIA_128_CBC,
POLARSSL_CIPHER_CAMELLIA_192_CBC,
POLARSSL_CIPHER_CAMELLIA_256_CBC,
POLARSSL_CIPHER_CAMELLIA_128_CFB128,
POLARSSL_CIPHER_CAMELLIA_192_CFB128,
POLARSSL_CIPHER_CAMELLIA_256_CFB128,
POLARSSL_CIPHER_CAMELLIA_128_CTR,
POLARSSL_CIPHER_CAMELLIA_192_CTR,
POLARSSL_CIPHER_CAMELLIA_256_CTR,
POLARSSL_CIPHER_CAMELLIA_128_GCM,
POLARSSL_CIPHER_CAMELLIA_192_GCM,
POLARSSL_CIPHER_CAMELLIA_256_GCM,
POLARSSL_CIPHER_DES_ECB,
POLARSSL_CIPHER_DES_CBC,
POLARSSL_CIPHER_DES_EDE_ECB,
POLARSSL_CIPHER_DES_EDE_CBC,
POLARSSL_CIPHER_DES_EDE3_ECB,
POLARSSL_CIPHER_DES_EDE3_CBC,
POLARSSL_CIPHER_BLOWFISH_ECB,
POLARSSL_CIPHER_BLOWFISH_CBC,
POLARSSL_CIPHER_BLOWFISH_CFB64,
POLARSSL_CIPHER_BLOWFISH_CTR,
POLARSSL_CIPHER_ARC4_128,
POLARSSL_CIPHER_AES_128_CCM,
POLARSSL_CIPHER_AES_192_CCM,
POLARSSL_CIPHER_AES_256_CCM,
POLARSSL_CIPHER_CAMELLIA_128_CCM,
POLARSSL_CIPHER_CAMELLIA_192_CCM,
POLARSSL_CIPHER_CAMELLIA_256_CCM,
} cipher_type_t;
typedef enum {
POLARSSL_MODE_NONE = 0,
POLARSSL_MODE_ECB,
POLARSSL_MODE_CBC,
POLARSSL_MODE_CFB,
POLARSSL_MODE_OFB, /* Unused! */
POLARSSL_MODE_CTR,
POLARSSL_MODE_GCM,
POLARSSL_MODE_STREAM,
POLARSSL_MODE_CCM,
} cipher_mode_t;
typedef enum {
POLARSSL_PADDING_PKCS7 = 0, /**< PKCS7 padding (default) */
POLARSSL_PADDING_ONE_AND_ZEROS, /**< ISO/IEC 7816-4 padding */
POLARSSL_PADDING_ZEROS_AND_LEN, /**< ANSI X.923 padding */
POLARSSL_PADDING_ZEROS, /**< zero padding (not reversible!) */
POLARSSL_PADDING_NONE, /**< never pad (full blocks only) */
} cipher_padding_t;
typedef enum {
POLARSSL_OPERATION_NONE = -1,
POLARSSL_DECRYPT = 0,
POLARSSL_ENCRYPT,
} operation_t;
enum {
/** Undefined key length */
POLARSSL_KEY_LENGTH_NONE = 0,
/** Key length, in bits (including parity), for DES keys */
POLARSSL_KEY_LENGTH_DES = 64,
/** Key length, in bits (including parity), for DES in two key EDE */
POLARSSL_KEY_LENGTH_DES_EDE = 128,
/** Key length, in bits (including parity), for DES in three-key EDE */
POLARSSL_KEY_LENGTH_DES_EDE3 = 192,
};
/** Maximum length of any IV, in bytes */
#define POLARSSL_MAX_IV_LENGTH 16
/** Maximum block size of any cipher, in bytes */
#define POLARSSL_MAX_BLOCK_LENGTH 16
/**
* Base cipher information. The non-mode specific functions and values.
*/
typedef struct {
/** Base Cipher type (e.g. POLARSSL_CIPHER_ID_AES) */
cipher_id_t cipher;
/** Encrypt using ECB */
int (*ecb_func)( void *ctx, operation_t mode,
const unsigned char *input, unsigned char *output );
/** Encrypt using CBC */
int (*cbc_func)( void *ctx, operation_t mode, size_t length,
unsigned char *iv, const unsigned char *input,
unsigned char *output );
/** Encrypt using CFB (Full length) */
int (*cfb_func)( void *ctx, operation_t mode, size_t length, size_t *iv_off,
unsigned char *iv, const unsigned char *input,
unsigned char *output );
/** Encrypt using CTR */
int (*ctr_func)( void *ctx, size_t length, size_t *nc_off,
unsigned char *nonce_counter, unsigned char *stream_block,
const unsigned char *input, unsigned char *output );
/** Encrypt using STREAM */
int (*stream_func)( void *ctx, size_t length,
const unsigned char *input, unsigned char *output );
/** Set key for encryption purposes */
int (*setkey_enc_func)( void *ctx, const unsigned char *key,
unsigned int key_length );
/** Set key for decryption purposes */
int (*setkey_dec_func)( void *ctx, const unsigned char *key,
unsigned int key_length);
/** Allocate a new context */
void * (*ctx_alloc_func)( void );
/** Free the given context */
void (*ctx_free_func)( void *ctx );
} cipher_base_t;
/**
* Cipher information. Allows cipher functions to be called in a generic way.
*/
typedef struct {
/** Full cipher identifier (e.g. POLARSSL_CIPHER_AES_256_CBC) */
cipher_type_t type;
/** Cipher mode (e.g. POLARSSL_MODE_CBC) */
cipher_mode_t mode;
/** Cipher key length, in bits (default length for variable sized ciphers)
* (Includes parity bits for ciphers like DES) */
unsigned int key_length;
/** Name of the cipher */
const char * name;
/** IV/NONCE size, in bytes.
* For cipher that accept many sizes: recommended size */
unsigned int iv_size;
/** Flags for variable IV size, variable key size, etc. */
int flags;
/** block size, in bytes */
unsigned int block_size;
/** Base cipher information and functions */
const cipher_base_t *base;
} cipher_info_t;
/**
* Generic cipher context.
*/
typedef struct {
/** Information about the associated cipher */
const cipher_info_t *cipher_info;
/** Key length to use */
int key_length;
/** Operation that the context's key has been initialised for */
operation_t operation;
/** Padding functions to use, if relevant for cipher mode */
void (*add_padding)( unsigned char *output, size_t olen, size_t data_len );
int (*get_padding)( unsigned char *input, size_t ilen, size_t *data_len );
/** Buffer for data that hasn't been encrypted yet */
unsigned char unprocessed_data[POLARSSL_MAX_BLOCK_LENGTH];
/** Number of bytes that still need processing */
size_t unprocessed_len;
/** Current IV or NONCE_COUNTER for CTR-mode */
unsigned char iv[POLARSSL_MAX_IV_LENGTH];
/** IV size in bytes (for ciphers with variable-length IVs) */
size_t iv_size;
/** Cipher-specific context */
void *cipher_ctx;
} cipher_context_t;
/**
* \brief Returns the list of ciphers supported by the generic cipher module.
*
* \return a statically allocated array of ciphers, the last entry
* is 0.
*/
const int *cipher_list( void );
/**
* \brief Returns the cipher information structure associated
* with the given cipher name.
*
* \param cipher_name Name of the cipher to search for.
*
* \return the cipher information structure associated with the
* given cipher_name, or NULL if not found.
*/
const cipher_info_t *cipher_info_from_string( const char *cipher_name );
/**
* \brief Returns the cipher information structure associated
* with the given cipher type.
*
* \param cipher_type Type of the cipher to search for.
*
* \return the cipher information structure associated with the
* given cipher_type, or NULL if not found.
*/
const cipher_info_t *cipher_info_from_type( const cipher_type_t cipher_type );
/**
* \brief Returns the cipher information structure associated
* with the given cipher id, key size and mode.
*
* \param cipher_id Id of the cipher to search for
* (e.g. POLARSSL_CIPHER_ID_AES)
* \param key_length Length of the key in bits
* \param mode Cipher mode (e.g. POLARSSL_MODE_CBC)
*
* \return the cipher information structure associated with the
* given cipher_type, or NULL if not found.
*/
const cipher_info_t *cipher_info_from_values( const cipher_id_t cipher_id,
int key_length,
const cipher_mode_t mode );
/**
* \brief Initialize a cipher_context (as NONE)
*/
void cipher_init( cipher_context_t *ctx );
/**
* \brief Free and clear the cipher-specific context of ctx.
* Freeing ctx itself remains the responsibility of the
* caller.
*/
void cipher_free( cipher_context_t *ctx );
/**
* \brief Initialises and fills the cipher context structure with
* the appropriate values.
*
* \note Currently also clears structure. In future versions you
* will be required to call cipher_init() on the structure
* first.
*
* \param ctx context to initialise. May not be NULL.
* \param cipher_info cipher to use.
*
* \return 0 on success,
* POLARSSL_ERR_CIPHER_BAD_INPUT_DATA on parameter failure,
* POLARSSL_ERR_CIPHER_ALLOC_FAILED if allocation of the
* cipher-specific context failed.
*/
int cipher_init_ctx( cipher_context_t *ctx, const cipher_info_t *cipher_info );
/**
* \brief Free the cipher-specific context of ctx. Freeing ctx
* itself remains the responsibility of the caller.
*
* \note Deprecated: Redirects to cipher_free()
*
* \param ctx Free the cipher-specific context
*
* \returns 0
*/
int cipher_free_ctx( cipher_context_t *ctx );
/**
* \brief Returns the block size of the given cipher.
*
* \param ctx cipher's context. Must have been initialised.
*
* \return size of the cipher's blocks, or 0 if ctx has not been
* initialised.
*/
static inline unsigned int cipher_get_block_size( const cipher_context_t *ctx )
{
if( NULL == ctx || NULL == ctx->cipher_info )
return 0;
return ctx->cipher_info->block_size;
}
/**
* \brief Returns the mode of operation for the cipher.
* (e.g. POLARSSL_MODE_CBC)
*
* \param ctx cipher's context. Must have been initialised.
*
* \return mode of operation, or POLARSSL_MODE_NONE if ctx
* has not been initialised.
*/
static inline cipher_mode_t cipher_get_cipher_mode( const cipher_context_t *ctx )
{
if( NULL == ctx || NULL == ctx->cipher_info )
return POLARSSL_MODE_NONE;
return ctx->cipher_info->mode;
}
/**
* \brief Returns the size of the cipher's IV/NONCE in bytes.
*
* \param ctx cipher's context. Must have been initialised.
*
* \return If IV has not been set yet: (recommended) IV size
* (0 for ciphers not using IV/NONCE).
* If IV has already been set: actual size.
*/
static inline int cipher_get_iv_size( const cipher_context_t *ctx )
{
if( NULL == ctx || NULL == ctx->cipher_info )
return 0;
if( ctx->iv_size != 0 )
return (int) ctx->iv_size;
return ctx->cipher_info->iv_size;
}
/**
* \brief Returns the type of the given cipher.
*
* \param ctx cipher's context. Must have been initialised.
*
* \return type of the cipher, or POLARSSL_CIPHER_NONE if ctx has
* not been initialised.
*/
static inline cipher_type_t cipher_get_type( const cipher_context_t *ctx )
{
if( NULL == ctx || NULL == ctx->cipher_info )
return POLARSSL_CIPHER_NONE;
return ctx->cipher_info->type;
}
/**
* \brief Returns the name of the given cipher, as a string.
*
* \param ctx cipher's context. Must have been initialised.
*
* \return name of the cipher, or NULL if ctx was not initialised.
*/
static inline const char *cipher_get_name( const cipher_context_t *ctx )
{
if( NULL == ctx || NULL == ctx->cipher_info )
return 0;
return ctx->cipher_info->name;
}
/**
* \brief Returns the key length of the cipher.
*
* \param ctx cipher's context. Must have been initialised.
*
* \return cipher's key length, in bits, or
* POLARSSL_KEY_LENGTH_NONE if ctx has not been
* initialised.
*/
static inline int cipher_get_key_size ( const cipher_context_t *ctx )
{
if( NULL == ctx || NULL == ctx->cipher_info )
return POLARSSL_KEY_LENGTH_NONE;
return ctx->cipher_info->key_length;
}
/**
* \brief Returns the operation of the given cipher.
*
* \param ctx cipher's context. Must have been initialised.
*
* \return operation (POLARSSL_ENCRYPT or POLARSSL_DECRYPT),
* or POLARSSL_OPERATION_NONE if ctx has not been
* initialised.
*/
static inline operation_t cipher_get_operation( const cipher_context_t *ctx )
{
if( NULL == ctx || NULL == ctx->cipher_info )
return POLARSSL_OPERATION_NONE;
return ctx->operation;
}
/**
* \brief Set the key to use with the given context.
*
* \param ctx generic cipher context. May not be NULL. Must have been
* initialised using cipher_context_from_type or
* cipher_context_from_string.
* \param key The key to use.
* \param key_length key length to use, in bits.
* \param operation Operation that the key will be used for, either
* POLARSSL_ENCRYPT or POLARSSL_DECRYPT.
*
* \returns 0 on success, POLARSSL_ERR_CIPHER_BAD_INPUT_DATA if
* parameter verification fails or a cipher specific
* error code.
*/
int cipher_setkey( cipher_context_t *ctx, const unsigned char *key,
int key_length, const operation_t operation );
#if defined(POLARSSL_CIPHER_MODE_WITH_PADDING)
/**
* \brief Set padding mode, for cipher modes that use padding.
* (Default: PKCS7 padding.)
*
* \param ctx generic cipher context
* \param mode padding mode
*
* \returns 0 on success, POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE
* if selected padding mode is not supported, or
* POLARSSL_ERR_CIPHER_BAD_INPUT_DATA if the cipher mode
* does not support padding.
*/
int cipher_set_padding_mode( cipher_context_t *ctx, cipher_padding_t mode );
#endif /* POLARSSL_CIPHER_MODE_WITH_PADDING */
/**
* \brief Set the initialization vector (IV) or nonce
*
* \param ctx generic cipher context
* \param iv IV to use (or NONCE_COUNTER for CTR-mode ciphers)
* \param iv_len IV length for ciphers with variable-size IV;
* discarded by ciphers with fixed-size IV.
*
* \returns 0 on success, or POLARSSL_ERR_CIPHER_BAD_INPUT_DATA
*
* \note Some ciphers don't use IVs nor NONCE. For these
* ciphers, this function has no effect.
*/
int cipher_set_iv( cipher_context_t *ctx,
const unsigned char *iv, size_t iv_len );
/**
* \brief Finish preparation of the given context
*
* \param ctx generic cipher context
*
* \returns 0 on success, POLARSSL_ERR_CIPHER_BAD_INPUT_DATA
* if parameter verification fails.
*/
int cipher_reset( cipher_context_t *ctx );
#if defined(POLARSSL_GCM_C)
/**
* \brief Add additional data (for AEAD ciphers).
* Currently only supported with GCM.
* Must be called exactly once, after cipher_reset().
*
* \param ctx generic cipher context
* \param ad Additional data to use.
* \param ad_len Length of ad.
*
* \return 0 on success, or a specific error code.
*/
int cipher_update_ad( cipher_context_t *ctx,
const unsigned char *ad, size_t ad_len );
#endif /* POLARSSL_GCM_C */
/**
* \brief Generic cipher update function. Encrypts/decrypts
* using the given cipher context. Writes as many block
* size'd blocks of data as possible to output. Any data
* that cannot be written immediately will either be added
* to the next block, or flushed when cipher_final is
* called.
* Exception: for POLARSSL_MODE_ECB, expects single block
* in size (e.g. 16 bytes for AES)
*
* \param ctx generic cipher context
* \param input buffer holding the input data
* \param ilen length of the input data
* \param output buffer for the output data. Should be able to hold at
* least ilen + block_size. Cannot be the same buffer as
* input!
* \param olen length of the output data, will be filled with the
* actual number of bytes written.
*
* \returns 0 on success, POLARSSL_ERR_CIPHER_BAD_INPUT_DATA if
* parameter verification fails,
* POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE on an
* unsupported mode for a cipher or a cipher specific
* error code.
*
* \note If the underlying cipher is GCM, all calls to this
* function, except the last one before cipher_finish(),
* must have ilen a multiple of the block size.
*/
int cipher_update( cipher_context_t *ctx, const unsigned char *input,
size_t ilen, unsigned char *output, size_t *olen );
/**
* \brief Generic cipher finalisation function. If data still
* needs to be flushed from an incomplete block, data
* contained within it will be padded with the size of
* the last block, and written to the output buffer.
*
* \param ctx Generic cipher context
* \param output buffer to write data to. Needs block_size available.
* \param olen length of the data written to the output buffer.
*
* \returns 0 on success, POLARSSL_ERR_CIPHER_BAD_INPUT_DATA if
* parameter verification fails,
* POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED if decryption
* expected a full block but was not provided one,
* POLARSSL_ERR_CIPHER_INVALID_PADDING on invalid padding
* while decrypting or a cipher specific error code.
*/
int cipher_finish( cipher_context_t *ctx,
unsigned char *output, size_t *olen );
#if defined(POLARSSL_GCM_C)
/**
* \brief Write tag for AEAD ciphers.
* Currently only supported with GCM.
* Must be called after cipher_finish().
*
* \param ctx Generic cipher context
* \param tag buffer to write the tag
* \param tag_len Length of the tag to write
*
* \return 0 on success, or a specific error code.
*/
int cipher_write_tag( cipher_context_t *ctx,
unsigned char *tag, size_t tag_len );
/**
* \brief Check tag for AEAD ciphers.
* Currently only supported with GCM.
* Must be called after cipher_finish().
*
* \param ctx Generic cipher context
* \param tag Buffer holding the tag
* \param tag_len Length of the tag to check
*
* \return 0 on success, or a specific error code.
*/
int cipher_check_tag( cipher_context_t *ctx,
const unsigned char *tag, size_t tag_len );
#endif /* POLARSSL_GCM_C */
/**
* \brief Generic all-in-one encryption/decryption
* (for all ciphers except AEAD constructs).
*
* \param ctx generic cipher context
* \param iv IV to use (or NONCE_COUNTER for CTR-mode ciphers)
* \param iv_len IV length for ciphers with variable-size IV;
* discarded by ciphers with fixed-size IV.
* \param input buffer holding the input data
* \param ilen length of the input data
* \param output buffer for the output data. Should be able to hold at
* least ilen + block_size. Cannot be the same buffer as
* input!
* \param olen length of the output data, will be filled with the
* actual number of bytes written.
*
* \note Some ciphers don't use IVs nor NONCE. For these
* ciphers, use iv = NULL and iv_len = 0.
*
* \returns 0 on success, or
* POLARSSL_ERR_CIPHER_BAD_INPUT_DATA, or
* POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED if decryption
* expected a full block but was not provided one, or
* POLARSSL_ERR_CIPHER_INVALID_PADDING on invalid padding
* while decrypting, or
* a cipher specific error code.
*/
int cipher_crypt( cipher_context_t *ctx,
const unsigned char *iv, size_t iv_len,
const unsigned char *input, size_t ilen,
unsigned char *output, size_t *olen );
#if defined(POLARSSL_CIPHER_MODE_AEAD)
/**
* \brief Generic autenticated encryption (AEAD ciphers).
*
* \param ctx generic cipher context
* \param iv IV to use (or NONCE_COUNTER for CTR-mode ciphers)
* \param iv_len IV length for ciphers with variable-size IV;
* discarded by ciphers with fixed-size IV.
* \param ad Additional data to authenticate.
* \param ad_len Length of ad.
* \param input buffer holding the input data
* \param ilen length of the input data
* \param output buffer for the output data.
* Should be able to hold at least ilen.
* \param olen length of the output data, will be filled with the
* actual number of bytes written.
* \param tag buffer for the authentication tag
* \param tag_len desired tag length
*
* \returns 0 on success, or
* POLARSSL_ERR_CIPHER_BAD_INPUT_DATA, or
* a cipher specific error code.
*/
int cipher_auth_encrypt( cipher_context_t *ctx,
const unsigned char *iv, size_t iv_len,
const unsigned char *ad, size_t ad_len,
const unsigned char *input, size_t ilen,
unsigned char *output, size_t *olen,
unsigned char *tag, size_t tag_len );
/**
* \brief Generic autenticated decryption (AEAD ciphers).
*
* \param ctx generic cipher context
* \param iv IV to use (or NONCE_COUNTER for CTR-mode ciphers)
* \param iv_len IV length for ciphers with variable-size IV;
* discarded by ciphers with fixed-size IV.
* \param ad Additional data to be authenticated.
* \param ad_len Length of ad.
* \param input buffer holding the input data
* \param ilen length of the input data
* \param output buffer for the output data.
* Should be able to hold at least ilen.
* \param olen length of the output data, will be filled with the
* actual number of bytes written.
* \param tag buffer holding the authentication tag
* \param tag_len length of the authentication tag
*
* \returns 0 on success, or
* POLARSSL_ERR_CIPHER_BAD_INPUT_DATA, or
* POLARSSL_ERR_CIPHER_AUTH_FAILED if data isn't authentic,
* or a cipher specific error code.
*
* \note If the data is not authentic, then the output buffer
* is zeroed out to prevent the unauthentic plaintext to
* be used by mistake, making this interface safer.
*/
int cipher_auth_decrypt( cipher_context_t *ctx,
const unsigned char *iv, size_t iv_len,
const unsigned char *ad, size_t ad_len,
const unsigned char *input, size_t ilen,
unsigned char *output, size_t *olen,
const unsigned char *tag, size_t tag_len );
#endif /* POLARSSL_CIPHER_MODE_AEAD */
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
*/
int cipher_self_test( int verbose );
#ifdef __cplusplus
}
#endif
#endif /* POLARSSL_CIPHER_H */

57
Externals/polarssl/include/polarssl/cipher_wrap.h vendored
View File

@ -1,57 +0,0 @@
/**
* \file cipher_wrap.h
*
* \brief Cipher wrappers.
*
* \author Adriaan de Jong <dejong@fox-it.com>
*
* Copyright (C) 2006-2013, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_CIPHER_WRAP_H
#define POLARSSL_CIPHER_WRAP_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include "cipher.h"
#ifdef __cplusplus
extern "C" {
#endif
typedef struct
{
cipher_type_t type;
const cipher_info_t *info;
} cipher_definition_t;
extern const cipher_definition_t cipher_definitions[];
extern int supported_ciphers[];
#ifdef __cplusplus
}
#endif
#endif /* POLARSSL_CIPHER_WRAP_H */

389
Externals/polarssl/include/polarssl/compat-1.2.h vendored
View File

@ -1,389 +0,0 @@
/**
* \file compat-1.2.h
*
* \brief Backwards compatibility header for PolarSSL-1.2 from PolarSSL-1.3
*
* Copyright (C) 2006-2013, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_COMPAT_1_2_H
#define POLARSSL_COMPAT_1_2_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
// Comment out to disable prototype change warnings
#define SHOW_PROTOTYPE_CHANGE_WARNINGS
#if defined(_MSC_VER) && !defined(inline)
#define inline _inline
#else
#if defined(__ARMCC_VERSION) && !defined(inline)
#define inline __inline
#endif /* __ARMCC_VERSION */
#endif /* _MSC_VER */
#if defined(_MSC_VER)
// MSVC does not support #warning
#undef SHOW_PROTOTYPE_CHANGE_WARNINGS
#endif
#if defined(SHOW_PROTOTYPE_CHANGE_WARNINGS)
#warning "You can disable these warnings by commenting SHOW_PROTOTYPE_CHANGE_WARNINGS in compat-1.2.h"
#endif
#if defined(POLARSSL_SHA256_C)
#define POLARSSL_SHA2_C
#include "sha256.h"
/*
* SHA-2 -> SHA-256
*/
typedef sha256_context sha2_context;
static inline void sha2_starts( sha256_context *ctx, int is224 ) {
sha256_starts( ctx, is224 );
}
static inline void sha2_update( sha256_context *ctx, const unsigned char *input,
size_t ilen ) {
sha256_update( ctx, input, ilen );
}
static inline void sha2_finish( sha256_context *ctx, unsigned char output[32] ) {
sha256_finish( ctx, output );
}
static inline int sha2_file( const char *path, unsigned char output[32], int is224 ) {
return sha256_file( path, output, is224 );
}
static inline void sha2( const unsigned char *input, size_t ilen,
unsigned char output[32], int is224 ) {
sha256( input, ilen, output, is224 );
}
static inline void sha2_hmac_starts( sha256_context *ctx, const unsigned char *key,
size_t keylen, int is224 ) {
sha256_hmac_starts( ctx, key, keylen, is224 );
}
static inline void sha2_hmac_update( sha256_context *ctx, const unsigned char *input, size_t ilen ) {
sha256_hmac_update( ctx, input, ilen );
}
static inline void sha2_hmac_finish( sha256_context *ctx, unsigned char output[32] ) {
sha256_hmac_finish( ctx, output );
}
static inline void sha2_hmac_reset( sha256_context *ctx ) {
sha256_hmac_reset( ctx );
}
static inline void sha2_hmac( const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen,
unsigned char output[32], int is224 ) {
sha256_hmac( key, keylen, input, ilen, output, is224 );
}
static inline int sha2_self_test( int verbose ) {
return sha256_self_test( verbose );
}
#endif /* POLARSSL_SHA256_C */
#if defined(POLARSSL_SHA512_C)
#define POLARSSL_SHA4_C
#include "sha512.h"
/*
* SHA-4 -> SHA-512
*/
typedef sha512_context sha4_context;
static inline void sha4_starts( sha512_context *ctx, int is384 ) {
sha512_starts( ctx, is384 );
}
static inline void sha4_update( sha512_context *ctx, const unsigned char *input,
size_t ilen ) {
sha512_update( ctx, input, ilen );
}
static inline void sha4_finish( sha512_context *ctx, unsigned char output[64] ) {
sha512_finish( ctx, output );
}
static inline int sha4_file( const char *path, unsigned char output[64], int is384 ) {
return sha512_file( path, output, is384 );
}
static inline void sha4( const unsigned char *input, size_t ilen,
unsigned char output[32], int is384 ) {
sha512( input, ilen, output, is384 );
}
static inline void sha4_hmac_starts( sha512_context *ctx, const unsigned char *key,
size_t keylen, int is384 ) {
sha512_hmac_starts( ctx, key, keylen, is384 );
}
static inline void sha4_hmac_update( sha512_context *ctx, const unsigned char *input, size_t ilen ) {
sha512_hmac_update( ctx, input, ilen );
}
static inline void sha4_hmac_finish( sha512_context *ctx, unsigned char output[64] ) {
sha512_hmac_finish( ctx, output );
}
static inline void sha4_hmac_reset( sha512_context *ctx ) {
sha512_hmac_reset( ctx );
}
static inline void sha4_hmac( const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen,
unsigned char output[64], int is384 ) {
sha512_hmac( key, keylen, input, ilen, output, is384 );
}
static inline int sha4_self_test( int verbose ) {
return sha512_self_test( verbose );
}
#endif /* POLARSSL_SHA512_C */
#if defined(POLARSSL_CIPHER_C)
#if defined(SHOW_PROTOTYPE_CHANGE_WARNINGS)
#warning "cipher_reset() prototype changed. Manual change required if used"
#endif
#endif
#if defined(POLARSSL_RSA_C)
#define SIG_RSA_RAW POLARSSL_MD_NONE
#define SIG_RSA_MD2 POLARSSL_MD_MD2
#define SIG_RSA_MD4 POLARSSL_MD_MD4
#define SIG_RSA_MD5 POLARSSL_MD_MD5
#define SIG_RSA_SHA1 POLARSSL_MD_SHA1
#define SIG_RSA_SHA224 POLARSSL_MD_SHA224
#define SIG_RSA_SHA256 POLARSSL_MD_SHA256
#define SIG_RSA_SHA384 POLARSSL_MD_SHA384
#define SIG_RSA_SHA512 POLARSSL_MD_SHA512
#if defined(SHOW_PROTOTYPE_CHANGE_WARNINGS)
#warning "rsa_pkcs1_verify() prototype changed. Manual change required if used"
#warning "rsa_pkcs1_decrypt() prototype changed. Manual change required if used"
#endif
#endif /* POLARSSL_RSA_C */
#if defined(POLARSSL_DHM_C)
#if defined(SHOW_PROTOTYPE_CHANGE_WARNINGS)
#warning "dhm_calc_secret() prototype changed. Manual change required if used"
#endif
#endif
#if defined(POLARSSL_GCM_C)
#if defined(SHOW_PROTOTYPE_CHANGE_WARNINGS)
#warning "gcm_init() prototype changed. Manual change required if used"
#endif
#endif
#if defined(POLARSSL_SSL_CLI_C)
#if defined(SHOW_PROTOTYPE_CHANGE_WARNINGS)
#warning "ssl_set_own_cert() prototype changed. Change to ssl_set_own_cert_rsa(). Manual change required if used"
#endif
#endif
#if defined(POLARSSL_X509_USE_C) || defined(POLARSSL_X509_CREATE_C)
#include "x509.h"
#define POLARSSL_ERR_X509_CERT_INVALID_FORMAT POLARSSL_ERR_X509_INVALID_FORMAT
#define POLARSSL_ERR_X509_CERT_INVALID_VERSION POLARSSL_ERR_X509_INVALID_VERSION
#define POLARSSL_ERR_X509_CERT_INVALID_ALG POLARSSL_ERR_X509_INVALID_ALG
#define POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG POLARSSL_ERR_X509_UNKNOWN_SIG_ALG
#define POLARSSL_ERR_X509_CERT_INVALID_NAME POLARSSL_ERR_X509_INVALID_NAME
#define POLARSSL_ERR_X509_CERT_INVALID_DATE POLARSSL_ERR_X509_INVALID_DATE
#define POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS POLARSSL_ERR_X509_INVALID_EXTENSIONS
#define POLARSSL_ERR_X509_CERT_SIG_MISMATCH POLARSSL_ERR_X509_SIG_MISMATCH
#define POLARSSL_ERR_X509_CERT_INVALID_SIGNATURE POLARSSL_ERR_X509_INVALID_SIGNATURE
#define POLARSSL_ERR_X509_CERT_INVALID_SERIAL POLARSSL_ERR_X509_INVALID_SERIAL
#define POLARSSL_ERR_X509_CERT_UNKNOWN_VERSION POLARSSL_ERR_X509_UNKNOWN_VERSION
static inline int x509parse_serial_gets( char *buf, size_t size, const x509_buf *serial ) {
return x509_serial_gets( buf, size, serial );
}
static inline int x509parse_dn_gets( char *buf, size_t size, const x509_name *dn ) {
return x509_dn_gets( buf, size, dn );
}
static inline int x509parse_time_expired( const x509_time *time ) {
return x509_time_expired( time );
}
#endif /* POLARSSL_X509_USE_C || POLARSSL_X509_CREATE_C */
#if defined(POLARSSL_X509_CRT_PARSE_C)
#define POLARSSL_X509_PARSE_C
#include "x509_crt.h"
typedef x509_crt x509_cert;
static inline int x509parse_crt_der( x509_cert *chain, const unsigned char *buf,
size_t buflen ) {
return x509_crt_parse_der( chain, buf, buflen );
}
static inline int x509parse_crt( x509_cert *chain, const unsigned char *buf, size_t buflen ) {
return x509_crt_parse( chain, buf, buflen );
}
static inline int x509parse_crtfile( x509_cert *chain, const char *path ) {
return x509_crt_parse_file( chain, path );
}
static inline int x509parse_crtpath( x509_cert *chain, const char *path ) {
return x509_crt_parse_path( chain, path );
}
static inline int x509parse_cert_info( char *buf, size_t size, const char *prefix,
const x509_cert *crt ) {
return x509_crt_info( buf, size, prefix, crt );
}
static inline int x509parse_verify( x509_cert *crt, x509_cert *trust_ca,
x509_crl *ca_crl, const char *cn, int *flags,
int (*f_vrfy)(void *, x509_cert *, int, int *),
void *p_vrfy ) {
return x509_crt_verify( crt, trust_ca, ca_crl, cn, flags, f_vrfy, p_vrfy );
}
static inline int x509parse_revoked( const x509_cert *crt, const x509_crl *crl ) {
return x509_crt_revoked( crt, crl );
}
static inline void x509_free( x509_cert *crt ) {
x509_crt_free( crt );
}
#endif /* POLARSSL_X509_CRT_PARSE_C */
#if defined(POLARSSL_X509_CRL_PARSE_C)
#define POLARSSL_X509_PARSE_C
#include "x509_crl.h"
static inline int x509parse_crl( x509_crl *chain, const unsigned char *buf, size_t buflen ) {
return x509_crl_parse( chain, buf, buflen );
}
static inline int x509parse_crlfile( x509_crl *chain, const char *path ) {
return x509_crl_parse_file( chain, path );
}
static inline int x509parse_crl_info( char *buf, size_t size, const char *prefix,
const x509_crl *crl ) {
return x509_crl_info( buf, size, prefix, crl );
}
#endif /* POLARSSL_X509_CRL_PARSE_C */
#if defined(POLARSSL_X509_CSR_PARSE_C)
#define POLARSSL_X509_PARSE_C
#include "x509_csr.h"
static inline int x509parse_csr( x509_csr *csr, const unsigned char *buf, size_t buflen ) {
return x509_csr_parse( csr, buf, buflen );
}
static inline int x509parse_csrfile( x509_csr *csr, const char *path ) {
return x509_csr_parse_file( csr, path );
}
static inline int x509parse_csr_info( char *buf, size_t size, const char *prefix,
const x509_csr *csr ) {
return x509_csr_info( buf, size, prefix, csr );
}
#endif /* POLARSSL_X509_CSR_PARSE_C */
#if defined(POLARSSL_SSL_TLS_C)
#include "ssl_ciphersuites.h"
#define ssl_default_ciphersuites ssl_list_ciphersuites()
#endif
#if defined(POLARSSL_PK_PARSE_C) && defined(POLARSSL_RSA_C)
#include "rsa.h"
#include "pk.h"
#define POLARSSL_ERR_X509_PASSWORD_MISMATCH POLARSSL_ERR_PK_PASSWORD_MISMATCH
#define POLARSSL_ERR_X509_KEY_INVALID_FORMAT POLARSSL_ERR_PK_KEY_INVALID_FORMAT
#define POLARSSL_ERR_X509_UNKNOWN_PK_ALG POLARSSL_ERR_PK_UNKNOWN_PK_ALG
#define POLARSSL_ERR_X509_CERT_INVALID_PUBKEY POLARSSL_ERR_PK_INVALID_PUBKEY
#if defined(POLARSSL_FS_IO)
static inline int x509parse_keyfile( rsa_context *rsa, const char *path,
const char *pwd ) {
int ret;
pk_context pk;
pk_init( &pk );
ret = pk_parse_keyfile( &pk, path, pwd );
if( ret == 0 && ! pk_can_do( &pk, POLARSSL_PK_RSA ) )
ret = POLARSSL_ERR_PK_TYPE_MISMATCH;
if( ret == 0 )
rsa_copy( rsa, pk_rsa( pk ) );
else
rsa_free( rsa );
pk_free( &pk );
return( ret );
}
static inline int x509parse_public_keyfile( rsa_context *rsa, const char *path ) {
int ret;
pk_context pk;
pk_init( &pk );
ret = pk_parse_public_keyfile( &pk, path );
if( ret == 0 && ! pk_can_do( &pk, POLARSSL_PK_RSA ) )
ret = POLARSSL_ERR_PK_TYPE_MISMATCH;
if( ret == 0 )
rsa_copy( rsa, pk_rsa( pk ) );
else
rsa_free( rsa );
pk_free( &pk );
return( ret );
}
#endif /* POLARSSL_FS_IO */
static inline int x509parse_key( rsa_context *rsa, const unsigned char *key,
size_t keylen,
const unsigned char *pwd, size_t pwdlen ) {
int ret;
pk_context pk;
pk_init( &pk );
ret = pk_parse_key( &pk, key, keylen, pwd, pwdlen );
if( ret == 0 && ! pk_can_do( &pk, POLARSSL_PK_RSA ) )
ret = POLARSSL_ERR_PK_TYPE_MISMATCH;
if( ret == 0 )
rsa_copy( rsa, pk_rsa( pk ) );
else
rsa_free( rsa );
pk_free( &pk );
return( ret );
}
static inline int x509parse_public_key( rsa_context *rsa,
const unsigned char *key, size_t keylen )
{
int ret;
pk_context pk;
pk_init( &pk );
ret = pk_parse_public_key( &pk, key, keylen );
if( ret == 0 && ! pk_can_do( &pk, POLARSSL_PK_RSA ) )
ret = POLARSSL_ERR_PK_TYPE_MISMATCH;
if( ret == 0 )
rsa_copy( rsa, pk_rsa( pk ) );
else
rsa_free( rsa );
pk_free( &pk );
return( ret );
}
#endif /* POLARSSL_PK_PARSE_C && POLARSSL_RSA_C */
#if defined(POLARSSL_PK_WRITE_C) && defined(POLARSSL_RSA_C)
#include "pk.h"
static inline int x509_write_pubkey_der( unsigned char *buf, size_t len, rsa_context *rsa ) {
int ret;
pk_context ctx;
if( ( ret = pk_init_ctx( &ctx, pk_info_from_type( POLARSSL_PK_RSA ) ) ) != 0 ) return( ret );
if( ( ret = rsa_copy( pk_rsa( ctx ), rsa ) ) != 0 ) return( ret );
ret = pk_write_pubkey_der( &ctx, buf, len );
pk_free( &ctx );
return( ret );
}
static inline int x509_write_key_der( unsigned char *buf, size_t len, rsa_context *rsa ) {
int ret;
pk_context ctx;
if( ( ret = pk_init_ctx( &ctx, pk_info_from_type( POLARSSL_PK_RSA ) ) ) != 0 ) return( ret );
if( ( ret = rsa_copy( pk_rsa( ctx ), rsa ) ) != 0 ) return( ret );
ret = pk_write_key_der( &ctx, buf, len );
pk_free( &ctx );
return( ret );
}
#endif /* POLARSSL_PK_WRITE_C && POLARSSL_RSA_C */
#endif /* compat-1.2.h */

2180
Externals/polarssl/include/polarssl/config.h vendored
View File

File diff suppressed because it is too large Load Diff

274
Externals/polarssl/include/polarssl/ctr_drbg.h vendored
View File

@ -1,274 +0,0 @@
/**
* \file ctr_drbg.h
*
* \brief CTR_DRBG based on AES-256 (NIST SP 800-90)
*
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_CTR_DRBG_H
#define POLARSSL_CTR_DRBG_H
#include <string.h>
#include "aes.h"
#define POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED -0x0034 /**< The entropy source failed. */
#define POLARSSL_ERR_CTR_DRBG_REQUEST_TOO_BIG -0x0036 /**< Too many random requested in single call. */
#define POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG -0x0038 /**< Input too large (Entropy + additional). */
#define POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR -0x003A /**< Read/write error in file. */
#define CTR_DRBG_BLOCKSIZE 16 /**< Block size used by the cipher */
#define CTR_DRBG_KEYSIZE 32 /**< Key size used by the cipher */
#define CTR_DRBG_KEYBITS ( CTR_DRBG_KEYSIZE * 8 )
#define CTR_DRBG_SEEDLEN ( CTR_DRBG_KEYSIZE + CTR_DRBG_BLOCKSIZE )
/**< The seed length (counter + AES key) */
/**
* \name SECTION: Module settings
*
* The configuration options you can set for this module are in this section.
* Either change them in config.h or define them on the compiler command line.
* \{
*/
#if !defined(CTR_DRBG_ENTROPY_LEN)
#if defined(POLARSSL_SHA512_C) && !defined(POLARSSL_ENTROPY_FORCE_SHA256)
#define CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */
#else
#define CTR_DRBG_ENTROPY_LEN 32 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */
#endif
#endif
#if !defined(CTR_DRBG_RESEED_INTERVAL)
#define CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
#endif
#if !defined(CTR_DRBG_MAX_INPUT)
#define CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
#endif
#if !defined(CTR_DRBG_MAX_REQUEST)
#define CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
#endif
#if !defined(CTR_DRBG_MAX_SEED_INPUT)
#define CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
#endif
/* \} name SECTION: Module settings */
#define CTR_DRBG_PR_OFF 0 /**< No prediction resistance */
#define CTR_DRBG_PR_ON 1 /**< Prediction resistance enabled */
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief CTR_DRBG context structure
*/
typedef struct
{
unsigned char counter[16]; /*!< counter (V) */
int reseed_counter; /*!< reseed counter */
int prediction_resistance; /*!< enable prediction resistance (Automatic
reseed before every random generation) */
size_t entropy_len; /*!< amount of entropy grabbed on each
(re)seed */
int reseed_interval; /*!< reseed interval */
aes_context aes_ctx; /*!< AES context */
/*
* Callbacks (Entropy)
*/
int (*f_entropy)(void *, unsigned char *, size_t);
void *p_entropy; /*!< context for the entropy function */
}
ctr_drbg_context;
/**
* \brief CTR_DRBG initialization
*
* Note: Personalization data can be provided in addition to the more generic
* entropy source to make this instantiation as unique as possible.
*
* \param ctx CTR_DRBG context to be initialized
* \param f_entropy Entropy callback (p_entropy, buffer to fill, buffer
* length)
* \param p_entropy Entropy context
* \param custom Personalization data (Device specific identifiers)
* (Can be NULL)
* \param len Length of personalization data
*
* \return 0 if successful, or
* POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED
*/
int ctr_drbg_init( ctr_drbg_context *ctx,
int (*f_entropy)(void *, unsigned char *, size_t),
void *p_entropy,
const unsigned char *custom,
size_t len );
/**
* \brief Clear CTR_CRBG context data
*
* \param ctx CTR_DRBG context to clear
*/
void ctr_drbg_free( ctr_drbg_context *ctx );
/**
* \brief Enable / disable prediction resistance (Default: Off)
*
* Note: If enabled, entropy is used for ctx->entropy_len before each call!
* Only use this if you have ample supply of good entropy!
*
* \param ctx CTR_DRBG context
* \param resistance CTR_DRBG_PR_ON or CTR_DRBG_PR_OFF
*/
void ctr_drbg_set_prediction_resistance( ctr_drbg_context *ctx,
int resistance );
/**
* \brief Set the amount of entropy grabbed on each (re)seed
* (Default: CTR_DRBG_ENTROPY_LEN)
*
* \param ctx CTR_DRBG context
* \param len Amount of entropy to grab
*/
void ctr_drbg_set_entropy_len( ctr_drbg_context *ctx,
size_t len );
/**
* \brief Set the reseed interval
* (Default: CTR_DRBG_RESEED_INTERVAL)
*
* \param ctx CTR_DRBG context
* \param interval Reseed interval
*/
void ctr_drbg_set_reseed_interval( ctr_drbg_context *ctx,
int interval );
/**
* \brief CTR_DRBG reseeding (extracts data from entropy source)
*
* \param ctx CTR_DRBG context
* \param additional Additional data to add to state (Can be NULL)
* \param len Length of additional data
*
* \return 0 if successful, or
* POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED
*/
int ctr_drbg_reseed( ctr_drbg_context *ctx,
const unsigned char *additional, size_t len );
/**
* \brief CTR_DRBG update state
*
* \param ctx CTR_DRBG context
* \param additional Additional data to update state with
* \param add_len Length of additional data
*/
void ctr_drbg_update( ctr_drbg_context *ctx,
const unsigned char *additional, size_t add_len );
/**
* \brief CTR_DRBG generate random with additional update input
*
* Note: Automatically reseeds if reseed_counter is reached.
*
* \param p_rng CTR_DRBG context
* \param output Buffer to fill
* \param output_len Length of the buffer
* \param additional Additional data to update with (Can be NULL)
* \param add_len Length of additional data
*
* \return 0 if successful, or
* POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED, or
* POLARSSL_ERR_CTR_DRBG_REQUEST_TOO_BIG
*/
int ctr_drbg_random_with_add( void *p_rng,
unsigned char *output, size_t output_len,
const unsigned char *additional, size_t add_len );
/**
* \brief CTR_DRBG generate random
*
* Note: Automatically reseeds if reseed_counter is reached.
*
* \param p_rng CTR_DRBG context
* \param output Buffer to fill
* \param output_len Length of the buffer
*
* \return 0 if successful, or
* POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED, or
* POLARSSL_ERR_CTR_DRBG_REQUEST_TOO_BIG
*/
int ctr_drbg_random( void *p_rng,
unsigned char *output, size_t output_len );
#if defined(POLARSSL_FS_IO)
/**
* \brief Write a seed file
*
* \param ctx CTR_DRBG context
* \param path Name of the file
*
* \return 0 if successful,
* POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR on file error, or
* POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED
*/
int ctr_drbg_write_seed_file( ctr_drbg_context *ctx, const char *path );
/**
* \brief Read and update a seed file. Seed is added to this
* instance
*
* \param ctx CTR_DRBG context
* \param path Name of the file
*
* \return 0 if successful,
* POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR on file error,
* POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED or
* POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG
*/
int ctr_drbg_update_seed_file( ctr_drbg_context *ctx, const char *path );
#endif /* POLARSSL_FS_IO */
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
*/
int ctr_drbg_self_test( int verbose );
/* Internal functions (do not call directly) */
int ctr_drbg_init_entropy_len( ctr_drbg_context *,
int (*)(void *, unsigned char *, size_t), void *,
const unsigned char *, size_t, size_t );
#ifdef __cplusplus
}
#endif
#endif /* ctr_drbg.h */

152
Externals/polarssl/include/polarssl/debug.h vendored
View File

@ -1,152 +0,0 @@
/**
* \file debug.h
*
* \brief Debug functions
*
* Copyright (C) 2006-2011, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_DEBUG_H
#define POLARSSL_DEBUG_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include "ssl.h"
#if defined(POLARSSL_ECP_C)
#include "ecp.h"
#endif
#if defined(POLARSSL_DEBUG_C)
#define POLARSSL_DEBUG_LOG_FULL 0 /**< Include file:line in log lines */
#define POLARSSL_DEBUG_LOG_RAW 1 /**< Only log raw debug lines */
/**
* \name SECTION: Module settings
*
* The configuration options you can set for this module are in this section.
* Either change them in config.h or define them on the compiler command line.
* \{
*/
#if !defined(POLARSSL_DEBUG_DFL_MODE)
#define POLARSSL_DEBUG_DFL_MODE POLARSSL_DEBUG_LOG_FULL /**< Default log: Full or Raw */
#endif
/* \} name SECTION: Module settings */
#define SSL_DEBUG_MSG( level, args ) \
debug_print_msg( ssl, level, __FILE__, __LINE__, debug_fmt args );
#define SSL_DEBUG_RET( level, text, ret ) \
debug_print_ret( ssl, level, __FILE__, __LINE__, text, ret );
#define SSL_DEBUG_BUF( level, text, buf, len ) \
debug_print_buf( ssl, level, __FILE__, __LINE__, text, buf, len );
#if defined(POLARSSL_BIGNUM_C)
#define SSL_DEBUG_MPI( level, text, X ) \
debug_print_mpi( ssl, level, __FILE__, __LINE__, text, X );
#endif
#if defined(POLARSSL_ECP_C)
#define SSL_DEBUG_ECP( level, text, X ) \
debug_print_ecp( ssl, level, __FILE__, __LINE__, text, X );
#endif
#if defined(POLARSSL_X509_CRT_PARSE_C)
#define SSL_DEBUG_CRT( level, text, crt ) \
debug_print_crt( ssl, level, __FILE__, __LINE__, text, crt );
#endif
#else /* POLARSSL_DEBUG_C */
#define SSL_DEBUG_MSG( level, args ) do { } while( 0 )
#define SSL_DEBUG_RET( level, text, ret ) do { } while( 0 )
#define SSL_DEBUG_BUF( level, text, buf, len ) do { } while( 0 )
#define SSL_DEBUG_MPI( level, text, X ) do { } while( 0 )
#define SSL_DEBUG_ECP( level, text, X ) do { } while( 0 )
#define SSL_DEBUG_CRT( level, text, crt ) do { } while( 0 )
#endif /* POLARSSL_DEBUG_C */
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief Set the log mode for the debug functions globally
* (Default value: POLARSSL_DEBUG_DFL_MODE)
*
* \param log_mode The log mode to use (POLARSSL_DEBUG_LOG_FULL or
* POLARSSL_DEBUG_LOG_RAW)
*/
void debug_set_log_mode( int log_mode );
/**
* \brief Set the level threshold to handle globally. Messages that have a
* level over the threshold value are ignored.
* (Default value: 0 (No debug))
*
* \param threshold maximum level of messages to pass on
*/
void debug_set_threshold( int threshold );
char *debug_fmt( const char *format, ... );
void debug_print_msg( const ssl_context *ssl, int level,
const char *file, int line, const char *text );
void debug_print_ret( const ssl_context *ssl, int level,
const char *file, int line,
const char *text, int ret );
void debug_print_buf( const ssl_context *ssl, int level,
const char *file, int line, const char *text,
unsigned char *buf, size_t len );
#if defined(POLARSSL_BIGNUM_C)
void debug_print_mpi( const ssl_context *ssl, int level,
const char *file, int line,
const char *text, const mpi *X );
#endif
#if defined(POLARSSL_ECP_C)
void debug_print_ecp( const ssl_context *ssl, int level,
const char *file, int line,
const char *text, const ecp_point *X );
#endif
#if defined(POLARSSL_X509_CRT_PARSE_C)
void debug_print_crt( const ssl_context *ssl, int level,
const char *file, int line,
const char *text, const x509_crt *crt );
#endif
#ifdef __cplusplus
}
#endif
#endif /* debug.h */

292
Externals/polarssl/include/polarssl/des.h vendored
View File

@ -1,292 +0,0 @@
/**
* \file des.h
*
* \brief DES block cipher
*
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_DES_H
#define POLARSSL_DES_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include <string.h>
#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32)
#include <basetsd.h>
typedef UINT32 uint32_t;
#else
#include <inttypes.h>
#endif
#define DES_ENCRYPT 1
#define DES_DECRYPT 0
#define POLARSSL_ERR_DES_INVALID_INPUT_LENGTH -0x0032 /**< The data input has an invalid length. */
#define DES_KEY_SIZE 8
#if !defined(POLARSSL_DES_ALT)
// Regular implementation
//
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief DES context structure
*/
typedef struct
{
int mode; /*!< encrypt/decrypt */
uint32_t sk[32]; /*!< DES subkeys */
}
des_context;
/**
* \brief Triple-DES context structure
*/
typedef struct
{
int mode; /*!< encrypt/decrypt */
uint32_t sk[96]; /*!< 3DES subkeys */
}
des3_context;
/**
* \brief Initialize DES context
*
* \param ctx DES context to be initialized
*/
void des_init( des_context *ctx );
/**
* \brief Clear DES context
*
* \param ctx DES context to be cleared
*/
void des_free( des_context *ctx );
/**
* \brief Initialize Triple-DES context
*
* \param ctx DES3 context to be initialized
*/
void des3_init( des3_context *ctx );
/**
* \brief Clear Triple-DES context
*
* \param ctx DES3 context to be cleared
*/
void des3_free( des3_context *ctx );
/**
* \brief Set key parity on the given key to odd.
*
* DES keys are 56 bits long, but each byte is padded with
* a parity bit to allow verification.
*
* \param key 8-byte secret key
*/
void des_key_set_parity( unsigned char key[DES_KEY_SIZE] );
/**
* \brief Check that key parity on the given key is odd.
*
* DES keys are 56 bits long, but each byte is padded with
* a parity bit to allow verification.
*
* \param key 8-byte secret key
*
* \return 0 is parity was ok, 1 if parity was not correct.
*/
int des_key_check_key_parity( const unsigned char key[DES_KEY_SIZE] );
/**
* \brief Check that key is not a weak or semi-weak DES key
*
* \param key 8-byte secret key
*
* \return 0 if no weak key was found, 1 if a weak key was identified.
*/
int des_key_check_weak( const unsigned char key[DES_KEY_SIZE] );
/**
* \brief DES key schedule (56-bit, encryption)
*
* \param ctx DES context to be initialized
* \param key 8-byte secret key
*
* \return 0
*/
int des_setkey_enc( des_context *ctx, const unsigned char key[DES_KEY_SIZE] );
/**
* \brief DES key schedule (56-bit, decryption)
*
* \param ctx DES context to be initialized
* \param key 8-byte secret key
*
* \return 0
*/
int des_setkey_dec( des_context *ctx, const unsigned char key[DES_KEY_SIZE] );
/**
* \brief Triple-DES key schedule (112-bit, encryption)
*
* \param ctx 3DES context to be initialized
* \param key 16-byte secret key
*
* \return 0
*/
int des3_set2key_enc( des3_context *ctx,
const unsigned char key[DES_KEY_SIZE * 2] );
/**
* \brief Triple-DES key schedule (112-bit, decryption)
*
* \param ctx 3DES context to be initialized
* \param key 16-byte secret key
*
* \return 0
*/
int des3_set2key_dec( des3_context *ctx,
const unsigned char key[DES_KEY_SIZE * 2] );
/**
* \brief Triple-DES key schedule (168-bit, encryption)
*
* \param ctx 3DES context to be initialized
* \param key 24-byte secret key
*
* \return 0
*/
int des3_set3key_enc( des3_context *ctx,
const unsigned char key[DES_KEY_SIZE * 3] );
/**
* \brief Triple-DES key schedule (168-bit, decryption)
*
* \param ctx 3DES context to be initialized
* \param key 24-byte secret key
*
* \return 0
*/
int des3_set3key_dec( des3_context *ctx,
const unsigned char key[DES_KEY_SIZE * 3] );
/**
* \brief DES-ECB block encryption/decryption
*
* \param ctx DES context
* \param input 64-bit input block
* \param output 64-bit output block
*
* \return 0 if successful
*/
int des_crypt_ecb( des_context *ctx,
const unsigned char input[8],
unsigned char output[8] );
#if defined(POLARSSL_CIPHER_MODE_CBC)
/**
* \brief DES-CBC buffer encryption/decryption
*
* \param ctx DES context
* \param mode DES_ENCRYPT or DES_DECRYPT
* \param length length of the input data
* \param iv initialization vector (updated after use)
* \param input buffer holding the input data
* \param output buffer holding the output data
*/
int des_crypt_cbc( des_context *ctx,
int mode,
size_t length,
unsigned char iv[8],
const unsigned char *input,
unsigned char *output );
#endif /* POLARSSL_CIPHER_MODE_CBC */
/**
* \brief 3DES-ECB block encryption/decryption
*
* \param ctx 3DES context
* \param input 64-bit input block
* \param output 64-bit output block
*
* \return 0 if successful
*/
int des3_crypt_ecb( des3_context *ctx,
const unsigned char input[8],
unsigned char output[8] );
#if defined(POLARSSL_CIPHER_MODE_CBC)
/**
* \brief 3DES-CBC buffer encryption/decryption
*
* \param ctx 3DES context
* \param mode DES_ENCRYPT or DES_DECRYPT
* \param length length of the input data
* \param iv initialization vector (updated after use)
* \param input buffer holding the input data
* \param output buffer holding the output data
*
* \return 0 if successful, or POLARSSL_ERR_DES_INVALID_INPUT_LENGTH
*/
int des3_crypt_cbc( des3_context *ctx,
int mode,
size_t length,
unsigned char iv[8],
const unsigned char *input,
unsigned char *output );
#endif /* POLARSSL_CIPHER_MODE_CBC */
#ifdef __cplusplus
}
#endif
#else /* POLARSSL_DES_ALT */
#include "des_alt.h"
#endif /* POLARSSL_DES_ALT */
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
*/
int des_self_test( int verbose );
#ifdef __cplusplus
}
#endif
#endif /* des.h */

311
Externals/polarssl/include/polarssl/dhm.h vendored
View File

@ -1,311 +0,0 @@
/**
* \file dhm.h
*
* \brief Diffie-Hellman-Merkle key exchange
*
* Copyright (C) 2006-2013, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_DHM_H
#define POLARSSL_DHM_H
#include "bignum.h"
/*
* DHM Error codes
*/
#define POLARSSL_ERR_DHM_BAD_INPUT_DATA -0x3080 /**< Bad input parameters to function. */
#define POLARSSL_ERR_DHM_READ_PARAMS_FAILED -0x3100 /**< Reading of the DHM parameters failed. */
#define POLARSSL_ERR_DHM_MAKE_PARAMS_FAILED -0x3180 /**< Making of the DHM parameters failed. */
#define POLARSSL_ERR_DHM_READ_PUBLIC_FAILED -0x3200 /**< Reading of the public values failed. */
#define POLARSSL_ERR_DHM_MAKE_PUBLIC_FAILED -0x3280 /**< Making of the public value failed. */
#define POLARSSL_ERR_DHM_CALC_SECRET_FAILED -0x3300 /**< Calculation of the DHM secret failed. */
#define POLARSSL_ERR_DHM_INVALID_FORMAT -0x3380 /**< The ASN.1 data is not formatted correctly. */
#define POLARSSL_ERR_DHM_MALLOC_FAILED -0x3400 /**< Allocation of memory failed. */
#define POLARSSL_ERR_DHM_FILE_IO_ERROR -0x3480 /**< Read/write of file failed. */
/**
* RFC 2409 defines a number of standardized Diffie-Hellman groups
* that can be used.
* RFC 3526 defines a number of standardized Diffie-Hellman groups
* for IKE.
* RFC 5114 defines a number of standardized Diffie-Hellman groups
* that can be used.
*
* Some are included here for convenience.
*
* Included are:
* RFC 2409 6.2. 1024-bit MODP Group (Second Oakley Group)
* RFC 3526 3. 2048-bit MODP Group
* RFC 3526 4. 3072-bit MODP Group
* RFC 5114 2.1. 1024-bit MODP Group with 160-bit Prime Order Subgroup
* RFC 5114 2.2. 2048-bit MODP Group with 224-bit Prime Order Subgroup
*/
#define POLARSSL_DHM_RFC2409_MODP_1024_P \
"FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \
"29024E088A67CC74020BBEA63B139B22514A08798E3404DD" \
"EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" \
"E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" \
"EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381" \
"FFFFFFFFFFFFFFFF"
#define POLARSSL_DHM_RFC2409_MODP_1024_G "02"
#define POLARSSL_DHM_RFC3526_MODP_2048_P \
"FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \
"29024E088A67CC74020BBEA63B139B22514A08798E3404DD" \
"EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" \
"E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" \
"EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" \
"C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" \
"83655D23DCA3AD961C62F356208552BB9ED529077096966D" \
"670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" \
"E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9" \
"DE2BCBF6955817183995497CEA956AE515D2261898FA0510" \
"15728E5A8AACAA68FFFFFFFFFFFFFFFF"
#define POLARSSL_DHM_RFC3526_MODP_2048_G "02"
#define POLARSSL_DHM_RFC3526_MODP_3072_P \
"FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \
"29024E088A67CC74020BBEA63B139B22514A08798E3404DD" \
"EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" \
"E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" \
"EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D" \
"C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" \
"83655D23DCA3AD961C62F356208552BB9ED529077096966D" \
"670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" \
"E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9" \
"DE2BCBF6955817183995497CEA956AE515D2261898FA0510" \
"15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64" \
"ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7" \
"ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B" \
"F12FFA06D98A0864D87602733EC86A64521F2B18177B200C" \
"BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31" \
"43DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF"
#define POLARSSL_DHM_RFC3526_MODP_3072_G "02"
#define POLARSSL_DHM_RFC5114_MODP_1024_P \
"B10B8F96A080E01DDE92DE5EAE5D54EC52C99FBCFB06A3C6" \
"9A6A9DCA52D23B616073E28675A23D189838EF1E2EE652C0" \
"13ECB4AEA906112324975C3CD49B83BFACCBDD7D90C4BD70" \
"98488E9C219A73724EFFD6FAE5644738FAA31A4FF55BCCC0" \
"A151AF5F0DC8B4BD45BF37DF365C1A65E68CFDA76D4DA708" \
"DF1FB2BC2E4A4371"
#define POLARSSL_DHM_RFC5114_MODP_1024_G \
"A4D1CBD5C3FD34126765A442EFB99905F8104DD258AC507F" \
"D6406CFF14266D31266FEA1E5C41564B777E690F5504F213" \
"160217B4B01B886A5E91547F9E2749F4D7FBD7D3B9A92EE1" \
"909D0D2263F80A76A6A24C087A091F531DBF0A0169B6A28A" \
"D662A4D18E73AFA32D779D5918D08BC8858F4DCEF97C2A24" \
"855E6EEB22B3B2E5"
#define POLARSSL_DHM_RFC5114_MODP_2048_P \
"AD107E1E9123A9D0D660FAA79559C51FA20D64E5683B9FD1" \
"B54B1597B61D0A75E6FA141DF95A56DBAF9A3C407BA1DF15" \
"EB3D688A309C180E1DE6B85A1274A0A66D3F8152AD6AC212" \
"9037C9EDEFDA4DF8D91E8FEF55B7394B7AD5B7D0B6C12207" \
"C9F98D11ED34DBF6C6BA0B2C8BBC27BE6A00E0A0B9C49708" \
"B3BF8A317091883681286130BC8985DB1602E714415D9330" \
"278273C7DE31EFDC7310F7121FD5A07415987D9ADC0A486D" \
"CDF93ACC44328387315D75E198C641A480CD86A1B9E587E8" \
"BE60E69CC928B2B9C52172E413042E9B23F10B0E16E79763" \
"C9B53DCF4BA80A29E3FB73C16B8E75B97EF363E2FFA31F71" \
"CF9DE5384E71B81C0AC4DFFE0C10E64F"
#define POLARSSL_DHM_RFC5114_MODP_2048_G \
"AC4032EF4F2D9AE39DF30B5C8FFDAC506CDEBE7B89998CAF"\
"74866A08CFE4FFE3A6824A4E10B9A6F0DD921F01A70C4AFA"\
"AB739D7700C29F52C57DB17C620A8652BE5E9001A8D66AD7"\
"C17669101999024AF4D027275AC1348BB8A762D0521BC98A"\
"E247150422EA1ED409939D54DA7460CDB5F6C6B250717CBE"\
"F180EB34118E98D119529A45D6F834566E3025E316A330EF"\
"BB77A86F0C1AB15B051AE3D428C8F8ACB70A8137150B8EEB"\
"10E183EDD19963DDD9E263E4770589EF6AA21E7F5F2FF381"\
"B539CCE3409D13CD566AFBB48D6C019181E1BCFE94B30269"\
"EDFE72FE9B6AA4BD7B5A0F1C71CFFF4C19C418E1F6EC0179"\
"81BC087F2A7065B384B890D3191F2BFA"
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief DHM context structure
*/
typedef struct
{
size_t len; /*!< size(P) in chars */
mpi P; /*!< prime modulus */
mpi G; /*!< generator */
mpi X; /*!< secret value */
mpi GX; /*!< self = G^X mod P */
mpi GY; /*!< peer = G^Y mod P */
mpi K; /*!< key = GY^X mod P */
mpi RP; /*!< cached R^2 mod P */
mpi Vi; /*!< blinding value */
mpi Vf; /*!< un-blinding value */
mpi pX; /*!< previous X */
}
dhm_context;
/**
* \brief Initialize DHM context
*
* \param ctx DHM context to be initialized
*/
void dhm_init( dhm_context *ctx );
/**
* \brief Parse the ServerKeyExchange parameters
*
* \param ctx DHM context
* \param p &(start of input buffer)
* \param end end of buffer
*
* \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code
*/
int dhm_read_params( dhm_context *ctx,
unsigned char **p,
const unsigned char *end );
/**
* \brief Setup and write the ServerKeyExchange parameters
*
* \param ctx DHM context
* \param x_size private value size in bytes
* \param output destination buffer
* \param olen number of chars written
* \param f_rng RNG function
* \param p_rng RNG parameter
*
* \note This function assumes that ctx->P and ctx->G
* have already been properly set (for example
* using mpi_read_string or mpi_read_binary).
*
* \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code
*/
int dhm_make_params( dhm_context *ctx, int x_size,
unsigned char *output, size_t *olen,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );
/**
* \brief Import the peer's public value G^Y
*
* \param ctx DHM context
* \param input input buffer
* \param ilen size of buffer
*
* \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code
*/
int dhm_read_public( dhm_context *ctx,
const unsigned char *input, size_t ilen );
/**
* \brief Create own private value X and export G^X
*
* \param ctx DHM context
* \param x_size private value size in bytes
* \param output destination buffer
* \param olen must be equal to ctx->P.len
* \param f_rng RNG function
* \param p_rng RNG parameter
*
* \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code
*/
int dhm_make_public( dhm_context *ctx, int x_size,
unsigned char *output, size_t olen,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );
/**
* \brief Derive and export the shared secret (G^Y)^X mod P
*
* \param ctx DHM context
* \param output destination buffer
* \param olen on entry, must hold the size of the destination buffer
* on exit, holds the actual number of bytes written
* \param f_rng RNG function, for blinding purposes
* \param p_rng RNG parameter
*
* \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code
*
* \note If non-NULL, f_rng is used to blind the input as
* countermeasure against timing attacks. Blinding is
* automatically used if and only if our secret value X is
* re-used and costs nothing otherwise, so it is recommended
* to always pass a non-NULL f_rng argument.
*/
int dhm_calc_secret( dhm_context *ctx,
unsigned char *output, size_t *olen,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );
/**
* \brief Free and clear the components of a DHM key
*
* \param ctx DHM context to free and clear
*/
void dhm_free( dhm_context *ctx );
#if defined(POLARSSL_ASN1_PARSE_C)
/** \ingroup x509_module */
/**
* \brief Parse DHM parameters
*
* \param dhm DHM context to be initialized
* \param dhmin input buffer
* \param dhminlen size of the buffer
*
* \return 0 if successful, or a specific DHM or PEM error code
*/
int dhm_parse_dhm( dhm_context *dhm, const unsigned char *dhmin,
size_t dhminlen );
#if defined(POLARSSL_FS_IO)
/** \ingroup x509_module */
/**
* \brief Load and parse DHM parameters
*
* \param dhm DHM context to be initialized
* \param path filename to read the DHM Parameters from
*
* \return 0 if successful, or a specific DHM or PEM error code
*/
int dhm_parse_dhmfile( dhm_context *dhm, const char *path );
#endif /* POLARSSL_FS_IO */
#endif /* POLARSSL_ASN1_PARSE_C */
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
*/
int dhm_self_test( int verbose );
#ifdef __cplusplus
}
#endif
#endif /* dhm.h */

225
Externals/polarssl/include/polarssl/ecdh.h vendored
View File

@ -1,225 +0,0 @@
/**
* \file ecdh.h
*
* \brief Elliptic curve Diffie-Hellman
*
* Copyright (C) 2006-2013, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_ECDH_H
#define POLARSSL_ECDH_H
#include "ecp.h"
#ifdef __cplusplus
extern "C" {
#endif
/**
* When importing from an EC key, select if it is our key or the peer's key
*/
typedef enum
{
POLARSSL_ECDH_OURS,
POLARSSL_ECDH_THEIRS,
} ecdh_side;
/**
* \brief ECDH context structure
*/
typedef struct
{
ecp_group grp; /*!< elliptic curve used */
mpi d; /*!< our secret value (private key) */
ecp_point Q; /*!< our public value (public key) */
ecp_point Qp; /*!< peer's public value (public key) */
mpi z; /*!< shared secret */
int point_format; /*!< format for point export in TLS messages */
ecp_point Vi; /*!< blinding value (for later) */
ecp_point Vf; /*!< un-blinding value (for later) */
mpi _d; /*!< previous d (for later) */
}
ecdh_context;
/**
* \brief Generate a public key.
* Raw function that only does the core computation.
*
* \param grp ECP group
* \param d Destination MPI (secret exponent, aka private key)
* \param Q Destination point (public key)
* \param f_rng RNG function
* \param p_rng RNG parameter
*
* \return 0 if successful,
* or a POLARSSL_ERR_ECP_XXX or POLARSSL_MPI_XXX error code
*/
int ecdh_gen_public( ecp_group *grp, mpi *d, ecp_point *Q,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );
/**
* \brief Compute shared secret
* Raw function that only does the core computation.
*
* \param grp ECP group
* \param z Destination MPI (shared secret)
* \param Q Public key from other party
* \param d Our secret exponent (private key)
* \param f_rng RNG function (see notes)
* \param p_rng RNG parameter
*
* \return 0 if successful,
* or a POLARSSL_ERR_ECP_XXX or POLARSSL_MPI_XXX error code
*
* \note If f_rng is not NULL, it is used to implement
* countermeasures against potential elaborate timing
* attacks, see \c ecp_mul() for details.
*/
int ecdh_compute_shared( ecp_group *grp, mpi *z,
const ecp_point *Q, const mpi *d,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );
/**
* \brief Initialize context
*
* \param ctx Context to initialize
*/
void ecdh_init( ecdh_context *ctx );
/**
* \brief Free context
*
* \param ctx Context to free
*/
void ecdh_free( ecdh_context *ctx );
/**
* \brief Generate a public key and a TLS ServerKeyExchange payload.
* (First function used by a TLS server for ECDHE.)
*
* \param ctx ECDH context
* \param olen number of chars written
* \param buf destination buffer
* \param blen length of buffer
* \param f_rng RNG function
* \param p_rng RNG parameter
*
* \note This function assumes that ctx->grp has already been
* properly set (for example using ecp_use_known_dp).
*
* \return 0 if successful, or an POLARSSL_ERR_ECP_XXX error code
*/
int ecdh_make_params( ecdh_context *ctx, size_t *olen,
unsigned char *buf, size_t blen,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );
/**
* \brief Parse and procress a TLS ServerKeyExhange payload.
* (First function used by a TLS client for ECDHE.)
*
* \param ctx ECDH context
* \param buf pointer to start of input buffer
* \param end one past end of buffer
*
* \return 0 if successful, or an POLARSSL_ERR_ECP_XXX error code
*/
int ecdh_read_params( ecdh_context *ctx,
const unsigned char **buf, const unsigned char *end );
/**
* \brief Setup an ECDH context from an EC key.
* (Used by clients and servers in place of the
* ServerKeyEchange for static ECDH: import ECDH parameters
* from a certificate's EC key information.)
*
* \param ctx ECDH constext to set
* \param key EC key to use
* \param side Is it our key (1) or the peer's key (0) ?
*
* \return 0 if successful, or an POLARSSL_ERR_ECP_XXX error code
*/
int ecdh_get_params( ecdh_context *ctx, const ecp_keypair *key,
ecdh_side side );
/**
* \brief Generate a public key and a TLS ClientKeyExchange payload.
* (Second function used by a TLS client for ECDH(E).)
*
* \param ctx ECDH context
* \param olen number of bytes actually written
* \param buf destination buffer
* \param blen size of destination buffer
* \param f_rng RNG function
* \param p_rng RNG parameter
*
* \return 0 if successful, or an POLARSSL_ERR_ECP_XXX error code
*/
int ecdh_make_public( ecdh_context *ctx, size_t *olen,
unsigned char *buf, size_t blen,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );
/**
* \brief Parse and process a TLS ClientKeyExchange payload.
* (Second function used by a TLS server for ECDH(E).)
*
* \param ctx ECDH context
* \param buf start of input buffer
* \param blen length of input buffer
*
* \return 0 if successful, or an POLARSSL_ERR_ECP_XXX error code
*/
int ecdh_read_public( ecdh_context *ctx,
const unsigned char *buf, size_t blen );
/**
* \brief Derive and export the shared secret.
* (Last function used by both TLS client en servers.)
*
* \param ctx ECDH context
* \param olen number of bytes written
* \param buf destination buffer
* \param blen buffer length
* \param f_rng RNG function, see notes for \c ecdh_compute_shared()
* \param p_rng RNG parameter
*
* \return 0 if successful, or an POLARSSL_ERR_ECP_XXX error code
*/
int ecdh_calc_secret( ecdh_context *ctx, size_t *olen,
unsigned char *buf, size_t blen,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
*/
int ecdh_self_test( int verbose );
#ifdef __cplusplus
}
#endif
#endif /* ecdh.h */

236
Externals/polarssl/include/polarssl/ecdsa.h vendored
View File

@ -1,236 +0,0 @@
/**
* \file ecdsa.h
*
* \brief Elliptic curve DSA
*
* Copyright (C) 2006-2013, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_ECDSA_H
#define POLARSSL_ECDSA_H
#include "ecp.h"
#if defined(POLARSSL_ECDSA_DETERMINISTIC)
#include "md.h"
#endif
/**
* \brief ECDSA context structure
*
* \note Purposefully begins with the same members as struct ecp_keypair.
*/
typedef struct
{
ecp_group grp; /*!< elliptic curve used */
mpi d; /*!< secret signature key */
ecp_point Q; /*!< public signature key */
mpi r; /*!< first integer from signature */
mpi s; /*!< second integer from signature */
}
ecdsa_context;
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief Compute ECDSA signature of a previously hashed message
*
* \param grp ECP group
* \param r First output integer
* \param s Second output integer
* \param d Private signing key
* \param buf Message hash
* \param blen Length of buf
* \param f_rng RNG function
* \param p_rng RNG parameter
*
* \return 0 if successful,
* or a POLARSSL_ERR_ECP_XXX or POLARSSL_MPI_XXX error code
*/
int ecdsa_sign( ecp_group *grp, mpi *r, mpi *s,
const mpi *d, const unsigned char *buf, size_t blen,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
#if defined(POLARSSL_ECDSA_DETERMINISTIC)
/**
* \brief Compute ECDSA signature of a previously hashed message
* (deterministic version)
*
* \param grp ECP group
* \param r First output integer
* \param s Second output integer
* \param d Private signing key
* \param buf Message hash
* \param blen Length of buf
* \param md_alg MD algorithm used to hash the message
*
* \return 0 if successful,
* or a POLARSSL_ERR_ECP_XXX or POLARSSL_MPI_XXX error code
*/
int ecdsa_sign_det( ecp_group *grp, mpi *r, mpi *s,
const mpi *d, const unsigned char *buf, size_t blen,
md_type_t md_alg );
#endif /* POLARSSL_ECDSA_DETERMINISTIC */
/**
* \brief Verify ECDSA signature of a previously hashed message
*
* \param grp ECP group
* \param buf Message hash
* \param blen Length of buf
* \param Q Public key to use for verification
* \param r First integer of the signature
* \param s Second integer of the signature
*
* \return 0 if successful,
* POLARSSL_ERR_ECP_BAD_INPUT_DATA if signature is invalid
* or a POLARSSL_ERR_ECP_XXX or POLARSSL_MPI_XXX error code
*/
int ecdsa_verify( ecp_group *grp,
const unsigned char *buf, size_t blen,
const ecp_point *Q, const mpi *r, const mpi *s);
/**
* \brief Compute ECDSA signature and write it to buffer,
* serialized as defined in RFC 4492 page 20.
* (Not thread-safe to use same context in multiple threads)
*
* \param ctx ECDSA context
* \param hash Message hash
* \param hlen Length of hash
* \param sig Buffer that will hold the signature
* \param slen Length of the signature written
* \param f_rng RNG function
* \param p_rng RNG parameter
*
* \note The "sig" buffer must be at least as large as twice the
* size of the curve used, plus 7 (eg. 71 bytes if a 256-bit
* curve is used).
*
* \return 0 if successful,
* or a POLARSSL_ERR_ECP, POLARSSL_ERR_MPI or
* POLARSSL_ERR_ASN1 error code
*/
int ecdsa_write_signature( ecdsa_context *ctx,
const unsigned char *hash, size_t hlen,
unsigned char *sig, size_t *slen,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );
#if defined(POLARSSL_ECDSA_DETERMINISTIC)
/**
* \brief Compute ECDSA signature and write it to buffer,
* serialized as defined in RFC 4492 page 20.
* Deterministic version, RFC 6979.
* (Not thread-safe to use same context in multiple threads)
*
* \param ctx ECDSA context
* \param hash Message hash
* \param hlen Length of hash
* \param sig Buffer that will hold the signature
* \param slen Length of the signature written
* \param md_alg MD algorithm used to hash the message
*
* \note The "sig" buffer must be at least as large as twice the
* size of the curve used, plus 7 (eg. 71 bytes if a 256-bit
* curve is used).
*
* \return 0 if successful,
* or a POLARSSL_ERR_ECP, POLARSSL_ERR_MPI or
* POLARSSL_ERR_ASN1 error code
*/
int ecdsa_write_signature_det( ecdsa_context *ctx,
const unsigned char *hash, size_t hlen,
unsigned char *sig, size_t *slen,
md_type_t md_alg );
#endif /* POLARSSL_ECDSA_DETERMINISTIC */
/**
* \brief Read and verify an ECDSA signature
*
* \param ctx ECDSA context
* \param hash Message hash
* \param hlen Size of hash
* \param sig Signature to read and verify
* \param slen Size of sig
*
* \return 0 if successful,
* POLARSSL_ERR_ECP_BAD_INPUT_DATA if signature is invalid,
* POLARSSL_ERR_ECP_SIG_LEN_MISTMATCH if the signature is
* valid but its actual length is less than siglen,
* or a POLARSSL_ERR_ECP or POLARSSL_ERR_MPI error code
*/
int ecdsa_read_signature( ecdsa_context *ctx,
const unsigned char *hash, size_t hlen,
const unsigned char *sig, size_t slen );
/**
* \brief Generate an ECDSA keypair on the given curve
*
* \param ctx ECDSA context in which the keypair should be stored
* \param gid Group (elliptic curve) to use. One of the various
* POLARSSL_ECP_DP_XXX macros depending on configuration.
* \param f_rng RNG function
* \param p_rng RNG parameter
*
* \return 0 on success, or a POLARSSL_ERR_ECP code.
*/
int ecdsa_genkey( ecdsa_context *ctx, ecp_group_id gid,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
/**
* \brief Set an ECDSA context from an EC key pair
*
* \param ctx ECDSA context to set
* \param key EC key to use
*
* \return 0 on success, or a POLARSSL_ERR_ECP code.
*/
int ecdsa_from_keypair( ecdsa_context *ctx, const ecp_keypair *key );
/**
* \brief Initialize context
*
* \param ctx Context to initialize
*/
void ecdsa_init( ecdsa_context *ctx );
/**
* \brief Free context
*
* \param ctx Context to free
*/
void ecdsa_free( ecdsa_context *ctx );
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
*/
int ecdsa_self_test( int verbose );
#ifdef __cplusplus
}
#endif
#endif /* ecdsa.h */

651
Externals/polarssl/include/polarssl/ecp.h vendored
View File

@ -1,651 +0,0 @@
/**
* \file ecp.h
*
* \brief Elliptic curves over GF(p)
*
* Copyright (C) 2006-2013, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_ECP_H
#define POLARSSL_ECP_H
#include "bignum.h"
/*
* ECP error codes
*/
#define POLARSSL_ERR_ECP_BAD_INPUT_DATA -0x4F80 /**< Bad input parameters to function. */
#define POLARSSL_ERR_ECP_BUFFER_TOO_SMALL -0x4F00 /**< The buffer is too small to write to. */
#define POLARSSL_ERR_ECP_FEATURE_UNAVAILABLE -0x4E80 /**< Requested curve not available. */
#define POLARSSL_ERR_ECP_VERIFY_FAILED -0x4E00 /**< The signature is not valid. */
#define POLARSSL_ERR_ECP_MALLOC_FAILED -0x4D80 /**< Memory allocation failed. */
#define POLARSSL_ERR_ECP_RANDOM_FAILED -0x4D00 /**< Generation of random value, such as (ephemeral) key, failed. */
#define POLARSSL_ERR_ECP_INVALID_KEY -0x4C80 /**< Invalid private or public key. */
#define POLARSSL_ERR_ECP_SIG_LEN_MISMATCH -0x4C00 /**< Signature is valid but shorter than the user-supplied length. */
#ifdef __cplusplus
extern "C" {
#endif
/**
* Domain parameters (curve, subgroup and generator) identifiers.
*
* Only curves over prime fields are supported.
*
* \warning This library does not support validation of arbitrary domain
* parameters. Therefore, only well-known domain parameters from trusted
* sources should be used. See ecp_use_known_dp().
*/
typedef enum
{
POLARSSL_ECP_DP_NONE = 0,
POLARSSL_ECP_DP_SECP192R1, /*!< 192-bits NIST curve */
POLARSSL_ECP_DP_SECP224R1, /*!< 224-bits NIST curve */
POLARSSL_ECP_DP_SECP256R1, /*!< 256-bits NIST curve */
POLARSSL_ECP_DP_SECP384R1, /*!< 384-bits NIST curve */
POLARSSL_ECP_DP_SECP521R1, /*!< 521-bits NIST curve */
POLARSSL_ECP_DP_BP256R1, /*!< 256-bits Brainpool curve */
POLARSSL_ECP_DP_BP384R1, /*!< 384-bits Brainpool curve */
POLARSSL_ECP_DP_BP512R1, /*!< 512-bits Brainpool curve */
POLARSSL_ECP_DP_M221, /*!< (not implemented yet) */
POLARSSL_ECP_DP_M255, /*!< Curve25519 */
POLARSSL_ECP_DP_M383, /*!< (not implemented yet) */
POLARSSL_ECP_DP_M511, /*!< (not implemented yet) */
POLARSSL_ECP_DP_SECP192K1, /*!< 192-bits "Koblitz" curve */
POLARSSL_ECP_DP_SECP224K1, /*!< 224-bits "Koblitz" curve */
POLARSSL_ECP_DP_SECP256K1, /*!< 256-bits "Koblitz" curve */
} ecp_group_id;
/**
* Number of supported curves (plus one for NONE).
*
* (Montgomery curves excluded for now.)
*/
#define POLARSSL_ECP_DP_MAX 12
/**
* Curve information for use by other modules
*/
typedef struct
{
ecp_group_id grp_id; /*!< Internal identifier */
uint16_t tls_id; /*!< TLS NamedCurve identifier */
uint16_t size; /*!< Curve size in bits */
const char *name; /*!< Human-friendly name */
} ecp_curve_info;
/**
* \brief ECP point structure (jacobian coordinates)
*
* \note All functions expect and return points satisfying
* the following condition: Z == 0 or Z == 1. (Other
* values of Z are used by internal functions only.)
* The point is zero, or "at infinity", if Z == 0.
* Otherwise, X and Y are its standard (affine) coordinates.
*/
typedef struct
{
mpi X; /*!< the point's X coordinate */
mpi Y; /*!< the point's Y coordinate */
mpi Z; /*!< the point's Z coordinate */
}
ecp_point;
/**
* \brief ECP group structure
*
* We consider two types of curves equations:
* 1. Short Weierstrass y^2 = x^3 + A x + B mod P (SEC1 + RFC 4492)
* 2. Montgomery, y^2 = x^3 + A x^2 + x mod P (M255 + draft)
* In both cases, a generator G for a prime-order subgroup is fixed. In the
* short weierstrass, this subgroup is actually the whole curve, and its
* cardinal is denoted by N.
*
* In the case of Short Weierstrass curves, our code requires that N is an odd
* prime. (Use odd in ecp_mul() and prime in ecdsa_sign() for blinding.)
*
* In the case of Montgomery curves, we don't store A but (A + 2) / 4 which is
* the quantity actually used in the formulas. Also, nbits is not the size of N
* but the required size for private keys.
*
* If modp is NULL, reduction modulo P is done using a generic algorithm.
* Otherwise, it must point to a function that takes an mpi in the range
* 0..2^(2*pbits)-1 and transforms it in-place in an integer of little more
* than pbits, so that the integer may be efficiently brought in the 0..P-1
* range by a few additions or substractions. It must return 0 on success and
* non-zero on failure.
*/
typedef struct
{
ecp_group_id id; /*!< internal group identifier */
mpi P; /*!< prime modulus of the base field */
mpi A; /*!< 1. A in the equation, or 2. (A + 2) / 4 */
mpi B; /*!< 1. B in the equation, or 2. unused */
ecp_point G; /*!< generator of the (sub)group used */
mpi N; /*!< 1. the order of G, or 2. unused */
size_t pbits; /*!< number of bits in P */
size_t nbits; /*!< number of bits in 1. P, or 2. private keys */
unsigned int h; /*!< internal: 1 if the constants are static */
int (*modp)(mpi *); /*!< function for fast reduction mod P */
int (*t_pre)(ecp_point *, void *); /*!< unused */
int (*t_post)(ecp_point *, void *); /*!< unused */
void *t_data; /*!< unused */
ecp_point *T; /*!< pre-computed points for ecp_mul_comb() */
size_t T_size; /*!< number for pre-computed points */
}
ecp_group;
/**
* \brief ECP key pair structure
*
* A generic key pair that could be used for ECDSA, fixed ECDH, etc.
*
* \note Members purposefully in the same order as struc ecdsa_context.
*/
typedef struct
{
ecp_group grp; /*!< Elliptic curve and base point */
mpi d; /*!< our secret value */
ecp_point Q; /*!< our public value */
}
ecp_keypair;
/**
* \name SECTION: Module settings
*
* The configuration options you can set for this module are in this section.
* Either change them in config.h or define them on the compiler command line.
* \{
*/
#if !defined(POLARSSL_ECP_MAX_BITS)
/**
* Maximum size of the groups (that is, of N and P)
*/
#define POLARSSL_ECP_MAX_BITS 521 /**< Maximum bit size of groups */
#endif
#define POLARSSL_ECP_MAX_BYTES ( ( POLARSSL_ECP_MAX_BITS + 7 ) / 8 )
#define POLARSSL_ECP_MAX_PT_LEN ( 2 * POLARSSL_ECP_MAX_BYTES + 1 )
#if !defined(POLARSSL_ECP_WINDOW_SIZE)
/*
* Maximum "window" size used for point multiplication.
* Default: 6.
* Minimum value: 2. Maximum value: 7.
*
* Result is an array of at most ( 1 << ( POLARSSL_ECP_WINDOW_SIZE - 1 ) )
* points used for point multiplication. This value is directly tied to EC
* peak memory usage, so decreasing it by one should roughly cut memory usage
* by two (if large curves are in use).
*
* Reduction in size may reduce speed, but larger curves are impacted first.
* Sample performances (in ECDHE handshakes/s, with FIXED_POINT_OPTIM = 1):
* w-size: 6 5 4 3 2
* 521 145 141 135 120 97
* 384 214 209 198 177 146
* 256 320 320 303 262 226
* 224 475 475 453 398 342
* 192 640 640 633 587 476
*/
#define POLARSSL_ECP_WINDOW_SIZE 6 /**< Maximum window size used */
#endif /* POLARSSL_ECP_WINDOW_SIZE */
#if !defined(POLARSSL_ECP_FIXED_POINT_OPTIM)
/*
* Trade memory for speed on fixed-point multiplication.
*
* This speeds up repeated multiplication of the generator (that is, the
* multiplication in ECDSA signatures, and half of the multiplications in
* ECDSA verification and ECDHE) by a factor roughly 3 to 4.
*
* The cost is increasing EC peak memory usage by a factor roughly 2.
*
* Change this value to 0 to reduce peak memory usage.
*/
#define POLARSSL_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */
#endif /* POLARSSL_ECP_FIXED_POINT_OPTIM */
/* \} name SECTION: Module settings */
/*
* Point formats, from RFC 4492's enum ECPointFormat
*/
#define POLARSSL_ECP_PF_UNCOMPRESSED 0 /**< Uncompressed point format */
#define POLARSSL_ECP_PF_COMPRESSED 1 /**< Compressed point format */
/*
* Some other constants from RFC 4492
*/
#define POLARSSL_ECP_TLS_NAMED_CURVE 3 /**< ECCurveType's named_curve */
/**
* \brief Get the list of supported curves in order of preferrence
* (full information)
*
* \return A statically allocated array, the last entry is 0.
*/
const ecp_curve_info *ecp_curve_list( void );
/**
* \brief Get the list of supported curves in order of preferrence
* (grp_id only)
*
* \return A statically allocated array,
* terminated with POLARSSL_ECP_DP_NONE.
*/
const ecp_group_id *ecp_grp_id_list( void );
/**
* \brief Get curve information from an internal group identifier
*
* \param grp_id A POLARSSL_ECP_DP_XXX value
*
* \return The associated curve information or NULL
*/
const ecp_curve_info *ecp_curve_info_from_grp_id( ecp_group_id grp_id );
/**
* \brief Get curve information from a TLS NamedCurve value
*
* \param tls_id A POLARSSL_ECP_DP_XXX value
*
* \return The associated curve information or NULL
*/
const ecp_curve_info *ecp_curve_info_from_tls_id( uint16_t tls_id );
/**
* \brief Get curve information from a human-readable name
*
* \param name The name
*
* \return The associated curve information or NULL
*/
const ecp_curve_info *ecp_curve_info_from_name( const char *name );
/**
* \brief Initialize a point (as zero)
*/
void ecp_point_init( ecp_point *pt );
/**
* \brief Initialize a group (to something meaningless)
*/
void ecp_group_init( ecp_group *grp );
/**
* \brief Initialize a key pair (as an invalid one)
*/
void ecp_keypair_init( ecp_keypair *key );
/**
* \brief Free the components of a point
*/
void ecp_point_free( ecp_point *pt );
/**
* \brief Free the components of an ECP group
*/
void ecp_group_free( ecp_group *grp );
/**
* \brief Free the components of a key pair
*/
void ecp_keypair_free( ecp_keypair *key );
/**
* \brief Copy the contents of point Q into P
*
* \param P Destination point
* \param Q Source point
*
* \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed
*/
int ecp_copy( ecp_point *P, const ecp_point *Q );
/**
* \brief Copy the contents of a group object
*
* \param dst Destination group
* \param src Source group
*
* \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed
*/
int ecp_group_copy( ecp_group *dst, const ecp_group *src );
/**
* \brief Set a point to zero
*
* \param pt Destination point
*
* \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed
*/
int ecp_set_zero( ecp_point *pt );
/**
* \brief Tell if a point is zero
*
* \param pt Point to test
*
* \return 1 if point is zero, 0 otherwise
*/
int ecp_is_zero( ecp_point *pt );
/**
* \brief Import a non-zero point from two ASCII strings
*
* \param P Destination point
* \param radix Input numeric base
* \param x First affine coordinate as a null-terminated string
* \param y Second affine coordinate as a null-terminated string
*
* \return 0 if successful, or a POLARSSL_ERR_MPI_XXX error code
*/
int ecp_point_read_string( ecp_point *P, int radix,
const char *x, const char *y );
/**
* \brief Export a point into unsigned binary data
*
* \param grp Group to which the point should belong
* \param P Point to export
* \param format Point format, should be a POLARSSL_ECP_PF_XXX macro
* \param olen Length of the actual output
* \param buf Output buffer
* \param buflen Length of the output buffer
*
* \return 0 if successful,
* or POLARSSL_ERR_ECP_BAD_INPUT_DATA
* or POLARSSL_ERR_ECP_BUFFER_TOO_SMALL
*/
int ecp_point_write_binary( const ecp_group *grp, const ecp_point *P,
int format, size_t *olen,
unsigned char *buf, size_t buflen );
/**
* \brief Import a point from unsigned binary data
*
* \param grp Group to which the point should belong
* \param P Point to import
* \param buf Input buffer
* \param ilen Actual length of input
*
* \return 0 if successful,
* POLARSSL_ERR_ECP_BAD_INPUT_DATA if input is invalid,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed,
* POLARSSL_ERR_ECP_FEATURE_UNAVAILABLE if the point format
* is not implemented.
*
* \note This function does NOT check that the point actually
* belongs to the given group, see ecp_check_pubkey() for
* that.
*/
int ecp_point_read_binary( const ecp_group *grp, ecp_point *P,
const unsigned char *buf, size_t ilen );
/**
* \brief Import a point from a TLS ECPoint record
*
* \param grp ECP group used
* \param pt Destination point
* \param buf $(Start of input buffer)
* \param len Buffer length
*
* \return O if successful,
* POLARSSL_ERR_MPI_XXX if initialization failed
* POLARSSL_ERR_ECP_BAD_INPUT_DATA if input is invalid
*/
int ecp_tls_read_point( const ecp_group *grp, ecp_point *pt,
const unsigned char **buf, size_t len );
/**
* \brief Export a point as a TLS ECPoint record
*
* \param grp ECP group used
* \param pt Point to export
* \param format Export format
* \param olen length of data written
* \param buf Buffer to write to
* \param blen Buffer length
*
* \return 0 if successful,
* or POLARSSL_ERR_ECP_BAD_INPUT_DATA
* or POLARSSL_ERR_ECP_BUFFER_TOO_SMALL
*/
int ecp_tls_write_point( const ecp_group *grp, const ecp_point *pt,
int format, size_t *olen,
unsigned char *buf, size_t blen );
/**
* \brief Import an ECP group from null-terminated ASCII strings
*
* \param grp Destination group
* \param radix Input numeric base
* \param p Prime modulus of the base field
* \param b Constant term in the equation
* \param gx The generator's X coordinate
* \param gy The generator's Y coordinate
* \param n The generator's order
*
* \return 0 if successful, or a POLARSSL_ERR_MPI_XXX error code
*
* \note Sets all fields except modp.
*/
int ecp_group_read_string( ecp_group *grp, int radix,
const char *p, const char *b,
const char *gx, const char *gy, const char *n);
/**
* \brief Set a group using well-known domain parameters
*
* \param grp Destination group
* \param index Index in the list of well-known domain parameters
*
* \return O if successful,
* POLARSSL_ERR_MPI_XXX if initialization failed
* POLARSSL_ERR_ECP_FEATURE_UNAVAILABLE for unkownn groups
*
* \note Index should be a value of RFC 4492's enum NamdeCurve,
* possibly in the form of a POLARSSL_ECP_DP_XXX macro.
*/
int ecp_use_known_dp( ecp_group *grp, ecp_group_id index );
/**
* \brief Set a group from a TLS ECParameters record
*
* \param grp Destination group
* \param buf &(Start of input buffer)
* \param len Buffer length
*
* \return O if successful,
* POLARSSL_ERR_MPI_XXX if initialization failed
* POLARSSL_ERR_ECP_BAD_INPUT_DATA if input is invalid
*/
int ecp_tls_read_group( ecp_group *grp, const unsigned char **buf, size_t len );
/**
* \brief Write the TLS ECParameters record for a group
*
* \param grp ECP group used
* \param olen Number of bytes actually written
* \param buf Buffer to write to
* \param blen Buffer length
*
* \return 0 if successful,
* or POLARSSL_ERR_ECP_BUFFER_TOO_SMALL
*/
int ecp_tls_write_group( const ecp_group *grp, size_t *olen,
unsigned char *buf, size_t blen );
/**
* \brief Addition: R = P + Q
*
* \param grp ECP group
* \param R Destination point
* \param P Left-hand point
* \param Q Right-hand point
*
* \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed
*
* \note This function does not support Montgomery curves, such as
* Curve25519.
*/
int ecp_add( const ecp_group *grp, ecp_point *R,
const ecp_point *P, const ecp_point *Q );
/**
* \brief Subtraction: R = P - Q
*
* \param grp ECP group
* \param R Destination point
* \param P Left-hand point
* \param Q Right-hand point
*
* \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed
*
* \note This function does not support Montgomery curves, such as
* Curve25519.
*/
int ecp_sub( const ecp_group *grp, ecp_point *R,
const ecp_point *P, const ecp_point *Q );
/**
* \brief Multiplication by an integer: R = m * P
* (Not thread-safe to use same group in multiple threads)
*
* \param grp ECP group
* \param R Destination point
* \param m Integer by which to multiply
* \param P Point to multiply
* \param f_rng RNG function (see notes)
* \param p_rng RNG parameter
*
* \return 0 if successful,
* POLARSSL_ERR_ECP_INVALID_KEY if m is not a valid privkey
* or P is not a valid pubkey,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed
*
* \note In order to prevent timing attacks, this function
* executes the exact same sequence of (base field)
* operations for any valid m. It avoids any if-branch or
* array index depending on the value of m.
*
* \note If f_rng is not NULL, it is used to randomize intermediate
* results in order to prevent potential timing attacks
* targeting these results. It is recommended to always
* provide a non-NULL f_rng (the overhead is negligible).
*/
int ecp_mul( ecp_group *grp, ecp_point *R,
const mpi *m, const ecp_point *P,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
/**
* \brief Check that a point is a valid public key on this curve
*
* \param grp Curve/group the point should belong to
* \param pt Point to check
*
* \return 0 if point is a valid public key,
* POLARSSL_ERR_ECP_INVALID_KEY otherwise.
*
* \note This function only checks the point is non-zero, has valid
* coordinates and lies on the curve, but not that it is
* indeed a multiple of G. This is additional check is more
* expensive, isn't required by standards, and shouldn't be
* necessary if the group used has a small cofactor. In
* particular, it is useless for the NIST groups which all
* have a cofactor of 1.
*
* \note Uses bare components rather than an ecp_keypair structure
* in order to ease use with other structures such as
* ecdh_context of ecdsa_context.
*/
int ecp_check_pubkey( const ecp_group *grp, const ecp_point *pt );
/**
* \brief Check that an mpi is a valid private key for this curve
*
* \param grp Group used
* \param d Integer to check
*
* \return 0 if point is a valid private key,
* POLARSSL_ERR_ECP_INVALID_KEY otherwise.
*
* \note Uses bare components rather than an ecp_keypair structure
* in order to ease use with other structures such as
* ecdh_context of ecdsa_context.
*/
int ecp_check_privkey( const ecp_group *grp, const mpi *d );
/**
* \brief Generate a keypair
*
* \param grp ECP group
* \param d Destination MPI (secret part)
* \param Q Destination point (public part)
* \param f_rng RNG function
* \param p_rng RNG parameter
*
* \return 0 if successful,
* or a POLARSSL_ERR_ECP_XXX or POLARSSL_MPI_XXX error code
*
* \note Uses bare components rather than an ecp_keypair structure
* in order to ease use with other structures such as
* ecdh_context of ecdsa_context.
*/
int ecp_gen_keypair( ecp_group *grp, mpi *d, ecp_point *Q,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );
/**
* \brief Generate a keypair
*
* \param grp_id ECP group identifier
* \param key Destination keypair
* \param f_rng RNG function
* \param p_rng RNG parameter
*
* \return 0 if successful,
* or a POLARSSL_ERR_ECP_XXX or POLARSSL_MPI_XXX error code
*/
int ecp_gen_key( ecp_group_id grp_id, ecp_keypair *key,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
#if defined(POLARSSL_SELF_TEST)
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if a test failed
*/
int ecp_self_test( int verbose );
#endif
#ifdef __cplusplus
}
#endif
#endif /* ecp.h */

246
Externals/polarssl/include/polarssl/entropy.h vendored
View File

@ -1,246 +0,0 @@
/**
* \file entropy.h
*
* \brief Entropy accumulator implementation
*
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_ENTROPY_H
#define POLARSSL_ENTROPY_H
#include <string.h>
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#if defined(POLARSSL_SHA512_C) && !defined(POLARSSL_ENTROPY_FORCE_SHA256)
#include "sha512.h"
#define POLARSSL_ENTROPY_SHA512_ACCUMULATOR
#else
#if defined(POLARSSL_SHA256_C)
#define POLARSSL_ENTROPY_SHA256_ACCUMULATOR
#include "sha256.h"
#endif
#endif
#if defined(POLARSSL_THREADING_C)
#include "threading.h"
#endif
#if defined(POLARSSL_HAVEGE_C)
#include "havege.h"
#endif
#define POLARSSL_ERR_ENTROPY_SOURCE_FAILED -0x003C /**< Critical entropy source failure. */
#define POLARSSL_ERR_ENTROPY_MAX_SOURCES -0x003E /**< No more sources can be added. */
#define POLARSSL_ERR_ENTROPY_NO_SOURCES_DEFINED -0x0040 /**< No sources have been added to poll. */
#define POLARSSL_ERR_ENTROPY_FILE_IO_ERROR -0x0058 /**< Read/write error in file. */
/**
* \name SECTION: Module settings
*
* The configuration options you can set for this module are in this section.
* Either change them in config.h or define them on the compiler command line.
* \{
*/
#if !defined(ENTROPY_MAX_SOURCES)
#define ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */
#endif
#if !defined(ENTROPY_MAX_GATHER)
#define ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */
#endif
/* \} name SECTION: Module settings */
#if defined(POLARSSL_ENTROPY_SHA512_ACCUMULATOR)
#define ENTROPY_BLOCK_SIZE 64 /**< Block size of entropy accumulator (SHA-512) */
#else
#define ENTROPY_BLOCK_SIZE 32 /**< Block size of entropy accumulator (SHA-256) */
#endif
#define ENTROPY_MAX_SEED_SIZE 1024 /**< Maximum size of seed we read from seed file */
#define ENTROPY_SOURCE_MANUAL ENTROPY_MAX_SOURCES
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief Entropy poll callback pointer
*
* \param data Callback-specific data pointer
* \param output Data to fill
* \param len Maximum size to provide
* \param olen The actual amount of bytes put into the buffer (Can be 0)
*
* \return 0 if no critical failures occurred,
* POLARSSL_ERR_ENTROPY_SOURCE_FAILED otherwise
*/
typedef int (*f_source_ptr)(void *data, unsigned char *output, size_t len,
size_t *olen);
/**
* \brief Entropy source state
*/
typedef struct
{
f_source_ptr f_source; /**< The entropy source callback */
void * p_source; /**< The callback data pointer */
size_t size; /**< Amount received */
size_t threshold; /**< Minimum level required before release */
}
source_state;
/**
* \brief Entropy context structure
*/
typedef struct
{
#if defined(POLARSSL_ENTROPY_SHA512_ACCUMULATOR)
sha512_context accumulator;
#else
sha256_context accumulator;
#endif
int source_count;
source_state source[ENTROPY_MAX_SOURCES];
#if defined(POLARSSL_HAVEGE_C)
havege_state havege_data;
#endif
#if defined(POLARSSL_THREADING_C)
threading_mutex_t mutex; /*!< mutex */
#endif
}
entropy_context;
/**
* \brief Initialize the context
*
* \param ctx Entropy context to initialize
*/
void entropy_init( entropy_context *ctx );
/**
* \brief Free the data in the context
*
* \param ctx Entropy context to free
*/
void entropy_free( entropy_context *ctx );
/**
* \brief Adds an entropy source to poll
* (Thread-safe if POLARSSL_THREADING_C is enabled)
*
* \param ctx Entropy context
* \param f_source Entropy function
* \param p_source Function data
* \param threshold Minimum required from source before entropy is released
* ( with entropy_func() )
*
* \return 0 if successful or POLARSSL_ERR_ENTROPY_MAX_SOURCES
*/
int entropy_add_source( entropy_context *ctx,
f_source_ptr f_source, void *p_source,
size_t threshold );
/**
* \brief Trigger an extra gather poll for the accumulator
* (Thread-safe if POLARSSL_THREADING_C is enabled)
*
* \param ctx Entropy context
*
* \return 0 if successful, or POLARSSL_ERR_ENTROPY_SOURCE_FAILED
*/
int entropy_gather( entropy_context *ctx );
/**
* \brief Retrieve entropy from the accumulator
* (Maximum length: ENTROPY_BLOCK_SIZE)
* (Thread-safe if POLARSSL_THREADING_C is enabled)
*
* \param data Entropy context
* \param output Buffer to fill
* \param len Number of bytes desired, must be at most ENTROPY_BLOCK_SIZE
*
* \return 0 if successful, or POLARSSL_ERR_ENTROPY_SOURCE_FAILED
*/
int entropy_func( void *data, unsigned char *output, size_t len );
/**
* \brief Add data to the accumulator manually
* (Thread-safe if POLARSSL_THREADING_C is enabled)
*
* \param ctx Entropy context
* \param data Data to add
* \param len Length of data
*
* \return 0 if successful
*/
int entropy_update_manual( entropy_context *ctx,
const unsigned char *data, size_t len );
#if defined(POLARSSL_FS_IO)
/**
* \brief Write a seed file
*
* \param ctx Entropy context
* \param path Name of the file
*
* \return 0 if successful,
* POLARSSL_ERR_ENTROPY_FILE_IO_ERROR on file error, or
* POLARSSL_ERR_ENTROPY_SOURCE_FAILED
*/
int entropy_write_seed_file( entropy_context *ctx, const char *path );
/**
* \brief Read and update a seed file. Seed is added to this
* instance. No more than ENTROPY_MAX_SEED_SIZE bytes are
* read from the seed file. The rest is ignored.
*
* \param ctx Entropy context
* \param path Name of the file
*
* \return 0 if successful,
* POLARSSL_ERR_ENTROPY_FILE_IO_ERROR on file error,
* POLARSSL_ERR_ENTROPY_SOURCE_FAILED
*/
int entropy_update_seed_file( entropy_context *ctx, const char *path );
#endif /* POLARSSL_FS_IO */
#if defined(POLARSSL_SELF_TEST)
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if a test failed
*/
int entropy_self_test( int verbose );
#endif /* POLARSSL_SELF_TEST */
#ifdef __cplusplus
}
#endif
#endif /* entropy.h */

79
Externals/polarssl/include/polarssl/entropy_poll.h vendored
View File

@ -1,79 +0,0 @@
/**
* \file entropy_poll.h
*
* \brief Platform-specific and custom entropy polling functions
*
* Copyright (C) 2006-2011, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_ENTROPY_POLL_H
#define POLARSSL_ENTROPY_POLL_H
#include <string.h>
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#ifdef __cplusplus
extern "C" {
#endif
/*
* Default thresholds for built-in sources
*/
#define ENTROPY_MIN_PLATFORM 128 /**< Minimum for platform source */
#define ENTROPY_MIN_HAVEGE 128 /**< Minimum for HAVEGE */
#define ENTROPY_MIN_HARDCLOCK 32 /**< Minimum for hardclock() */
#if !defined(POLARSSL_NO_PLATFORM_ENTROPY)
/**
* \brief Platform-specific entropy poll callback
*/
int platform_entropy_poll( void *data,
unsigned char *output, size_t len, size_t *olen );
#endif
#if defined(POLARSSL_HAVEGE_C)
/**
* \brief HAVEGE based entropy poll callback
*
* Requires an HAVEGE state as its data pointer.
*/
int havege_poll( void *data,
unsigned char *output, size_t len, size_t *olen );
#endif
#if defined(POLARSSL_TIMING_C)
/**
* \brief hardclock-based entropy poll callback
*/
int hardclock_poll( void *data,
unsigned char *output, size_t len, size_t *olen );
#endif
#ifdef __cplusplus
}
#endif
#endif /* entropy_poll.h */

123
Externals/polarssl/include/polarssl/error.h vendored
View File

@ -1,123 +0,0 @@
/**
* \file error.h
*
* \brief Error to string translation
*
* Copyright (C) 2006-2013, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_ERROR_H
#define POLARSSL_ERROR_H
#include <string.h>
/**
* Error code layout.
*
* Currently we try to keep all error codes within the negative space of 16
* bytes signed integers to support all platforms (-0x0000 - -0x8000). In
* addition we'd like to give two layers of information on the error if
* possible.
*
* For that purpose the error codes are segmented in the following manner:
*
* 16 bit error code bit-segmentation
*
* 1 bit - Sign bit
* 3 bits - High level module ID
* 5 bits - Module-dependent error code
* 7 bits - Low level module errors
*
* For historical reasons, low-level error codes are divided in even and odd,
* even codes were assigned first, and -1 is reserved for other errors.
*
* Low-level module errors (0x0002-0x007E, 0x0003-0x007F)
*
* Module Nr Codes assigned
* MPI 7 0x0002-0x0010
* GCM 2 0x0012-0x0014
* BLOWFISH 2 0x0016-0x0018
* THREADING 3 0x001A-0x001E
* AES 2 0x0020-0x0022
* CAMELLIA 2 0x0024-0x0026
* XTEA 1 0x0028-0x0028
* BASE64 2 0x002A-0x002C
* OID 1 0x002E-0x002E 0x000B-0x000B
* PADLOCK 1 0x0030-0x0030
* DES 1 0x0032-0x0032
* CTR_DBRG 4 0x0034-0x003A
* ENTROPY 3 0x003C-0x0040
* NET 11 0x0042-0x0056
* ENTROPY 1 0x0058-0x0058
* ASN1 7 0x0060-0x006C
* MD2 1 0x0070-0x0070
* MD4 1 0x0072-0x0072
* MD5 1 0x0074-0x0074
* SHA1 1 0x0076-0x0076
* SHA256 1 0x0078-0x0078
* SHA512 1 0x007A-0x007A
* PBKDF2 1 0x007C-0x007C
* RIPEMD160 1 0x007E-0x007E
* HMAC_DRBG 4 0x0003-0x0009
* CCM 2 0x000D-0x000F
*
* High-level module nr (3 bits - 0x0...-0x7...)
* Name ID Nr of Errors
* PEM 1 9
* PKCS#12 1 4 (Started from top)
* X509 2 18
* PK 2 14 (Started from top, plus 0x2000)
* DHM 3 9
* PKCS5 3 4 (Started from top)
* RSA 4 9
* ECP 4 8 (Started from top)
* MD 5 4
* CIPHER 6 6
* SSL 6 9 (Started from top)
* SSL 7 31
*
* Module dependent error code (5 bits 0x.00.-0x.F8.)
*/
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief Translate a PolarSSL error code into a string representation,
* Result is truncated if necessary and always includes a terminating
* null byte.
*
* \param errnum error code
* \param buffer buffer to place representation in
* \param buflen length of the buffer
*/
void polarssl_strerror( int errnum, char *buffer, size_t buflen );
#if defined(POLARSSL_ERROR_STRERROR_BC)
void error_strerror( int errnum, char *buffer, size_t buflen );
#endif
#ifdef __cplusplus
}
#endif
#endif /* error.h */

219
Externals/polarssl/include/polarssl/gcm.h vendored
View File

@ -1,219 +0,0 @@
/**
* \file gcm.h
*
* \brief Galois/Counter mode for 128-bit block ciphers
*
* Copyright (C) 2006-2013, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_GCM_H
#define POLARSSL_GCM_H
#include "cipher.h"
#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32)
#include <basetsd.h>
typedef UINT32 uint32_t;
typedef UINT64 uint64_t;
#else
#include <stdint.h>
#endif
#define GCM_ENCRYPT 1
#define GCM_DECRYPT 0
#define POLARSSL_ERR_GCM_AUTH_FAILED -0x0012 /**< Authenticated decryption failed. */
#define POLARSSL_ERR_GCM_BAD_INPUT -0x0014 /**< Bad input parameters to function. */
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief GCM context structure
*/
typedef struct {
cipher_context_t cipher_ctx;/*!< cipher context used */
uint64_t HL[16]; /*!< Precalculated HTable */
uint64_t HH[16]; /*!< Precalculated HTable */
uint64_t len; /*!< Total data length */
uint64_t add_len; /*!< Total add length */
unsigned char base_ectr[16];/*!< First ECTR for tag */
unsigned char y[16]; /*!< Y working value */
unsigned char buf[16]; /*!< buf working value */
int mode; /*!< Encrypt or Decrypt */
}
gcm_context;
/**
* \brief GCM initialization (encryption)
*
* \param ctx GCM context to be initialized
* \param cipher cipher to use (a 128-bit block cipher)
* \param key encryption key
* \param keysize must be 128, 192 or 256
*
* \return 0 if successful, or a cipher specific error code
*/
int gcm_init( gcm_context *ctx, cipher_id_t cipher, const unsigned char *key,
unsigned int keysize );
/**
* \brief GCM buffer encryption/decryption using a block cipher
*
* \note On encryption, the output buffer can be the same as the input buffer.
* On decryption, the output buffer cannot be the same as input buffer.
* If buffers overlap, the output buffer must trail at least 8 bytes
* behind the input buffer.
*
* \param ctx GCM context
* \param mode GCM_ENCRYPT or GCM_DECRYPT
* \param length length of the input data
* \param iv initialization vector
* \param iv_len length of IV
* \param add additional data
* \param add_len length of additional data
* \param input buffer holding the input data
* \param output buffer for holding the output data
* \param tag_len length of the tag to generate
* \param tag buffer for holding the tag
*
* \return 0 if successful
*/
int gcm_crypt_and_tag( gcm_context *ctx,
int mode,
size_t length,
const unsigned char *iv,
size_t iv_len,
const unsigned char *add,
size_t add_len,
const unsigned char *input,
unsigned char *output,
size_t tag_len,
unsigned char *tag );
/**
* \brief GCM buffer authenticated decryption using a block cipher
*
* \note On decryption, the output buffer cannot be the same as input buffer.
* If buffers overlap, the output buffer must trail at least 8 bytes
* behind the input buffer.
*
* \param ctx GCM context
* \param length length of the input data
* \param iv initialization vector
* \param iv_len length of IV
* \param add additional data
* \param add_len length of additional data
* \param tag buffer holding the tag
* \param tag_len length of the tag
* \param input buffer holding the input data
* \param output buffer for holding the output data
*
* \return 0 if successful and authenticated,
* POLARSSL_ERR_GCM_AUTH_FAILED if tag does not match
*/
int gcm_auth_decrypt( gcm_context *ctx,
size_t length,
const unsigned char *iv,
size_t iv_len,
const unsigned char *add,
size_t add_len,
const unsigned char *tag,
size_t tag_len,
const unsigned char *input,
unsigned char *output );
/**
* \brief Generic GCM stream start function
*
* \param ctx GCM context
* \param mode GCM_ENCRYPT or GCM_DECRYPT
* \param iv initialization vector
* \param iv_len length of IV
* \param add additional data (or NULL if length is 0)
* \param add_len length of additional data
*
* \return 0 if successful
*/
int gcm_starts( gcm_context *ctx,
int mode,
const unsigned char *iv,
size_t iv_len,
const unsigned char *add,
size_t add_len );
/**
* \brief Generic GCM update function. Encrypts/decrypts using the
* given GCM context. Expects input to be a multiple of 16
* bytes! Only the last call before gcm_finish() can be less
* than 16 bytes!
*
* \note On decryption, the output buffer cannot be the same as input buffer.
* If buffers overlap, the output buffer must trail at least 8 bytes
* behind the input buffer.
*
* \param ctx GCM context
* \param length length of the input data
* \param input buffer holding the input data
* \param output buffer for holding the output data
*
* \return 0 if successful or POLARSSL_ERR_GCM_BAD_INPUT
*/
int gcm_update( gcm_context *ctx,
size_t length,
const unsigned char *input,
unsigned char *output );
/**
* \brief Generic GCM finalisation function. Wraps up the GCM stream
* and generates the tag. The tag can have a maximum length of
* 16 bytes.
*
* \param ctx GCM context
* \param tag buffer for holding the tag (may be NULL if tag_len is 0)
* \param tag_len length of the tag to generate
*
* \return 0 if successful or POLARSSL_ERR_GCM_BAD_INPUT
*/
int gcm_finish( gcm_context *ctx,
unsigned char *tag,
size_t tag_len );
/**
* \brief Free a GCM context and underlying cipher sub-context
*
* \param ctx GCM context to free
*/
void gcm_free( gcm_context *ctx );
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
*/
int gcm_self_test( int verbose );
#ifdef __cplusplus
}
#endif
#endif /* gcm.h */

78
Externals/polarssl/include/polarssl/havege.h vendored
View File

@ -1,78 +0,0 @@
/**
* \file havege.h
*
* \brief HAVEGE: HArdware Volatile Entropy Gathering and Expansion
*
* Copyright (C) 2006-2013, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_HAVEGE_H
#define POLARSSL_HAVEGE_H
#include <string.h>
#define COLLECT_SIZE 1024
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief HAVEGE state structure
*/
typedef struct
{
int PT1, PT2, offset[2];
int pool[COLLECT_SIZE];
int WALK[8192];
}
havege_state;
/**
* \brief HAVEGE initialization
*
* \param hs HAVEGE state to be initialized
*/
void havege_init( havege_state *hs );
/**
* \brief Clear HAVEGE state
*
* \param hs HAVEGE state to be cleared
*/
void havege_free( havege_state *hs );
/**
* \brief HAVEGE rand function
*
* \param p_rng A HAVEGE state
* \param output Buffer to fill
* \param len Length of buffer
*
* \return 0
*/
int havege_random( void *p_rng, unsigned char *output, size_t len );
#ifdef __cplusplus
}
#endif
#endif /* havege.h */

284
Externals/polarssl/include/polarssl/hmac_drbg.h vendored
View File

@ -1,284 +0,0 @@
/**
* \file hmac_drbg.h
*
* \brief HMAC_DRBG (NIST SP 800-90A)
*
* Copyright (C) 2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_HMAC_DRBG_H
#define POLARSSL_HMAC_DRBG_H
#include "md.h"
/*
* Error codes
*/
#define POLARSSL_ERR_HMAC_DRBG_REQUEST_TOO_BIG -0x0003 /**< Too many random requested in single call. */
#define POLARSSL_ERR_HMAC_DRBG_INPUT_TOO_BIG -0x0005 /**< Input too large (Entropy + additional). */
#define POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR -0x0007 /**< Read/write error in file. */
#define POLARSSL_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED -0x0009 /**< The entropy source failed. */
/**
* \name SECTION: Module settings
*
* The configuration options you can set for this module are in this section.
* Either change them in config.h or define them on the compiler command line.
* \{
*/
#if !defined(POLARSSL_HMAC_DRBG_RESEED_INTERVAL)
#define POLARSSL_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
#endif
#if !defined(POLARSSL_HMAC_DRBG_MAX_INPUT)
#define POLARSSL_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
#endif
#if !defined(POLARSSL_HMAC_DRBG_MAX_REQUEST)
#define POLARSSL_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
#endif
#if !defined(POLARSSL_HMAC_DRBG_MAX_SEED_INPUT)
#define POLARSSL_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
#endif
/* \} name SECTION: Module settings */
#define POLARSSL_HMAC_DRBG_PR_OFF 0 /**< No prediction resistance */
#define POLARSSL_HMAC_DRBG_PR_ON 1 /**< Prediction resistance enabled */
#ifdef __cplusplus
extern "C" {
#endif
/**
* HMAC_DRBG context.
*/
typedef struct
{
/* Working state: the key K is not stored explicitely,
* but is implied by the HMAC context */
md_context_t md_ctx; /*!< HMAC context (inc. K) */
unsigned char V[POLARSSL_MD_MAX_SIZE]; /*!< V in the spec */
int reseed_counter; /*!< reseed counter */
/* Administrative state */
size_t entropy_len; /*!< entropy bytes grabbed on each (re)seed */
int prediction_resistance; /*!< enable prediction resistance (Automatic
reseed before every random generation) */
int reseed_interval; /*!< reseed interval */
/* Callbacks */
int (*f_entropy)(void *, unsigned char *, size_t); /*!< entropy function */
void *p_entropy; /*!< context for the entropy function */
} hmac_drbg_context;
/**
* \brief HMAC_DRBG initialisation
*
* \param ctx HMAC_DRBG context to be initialised
* \param md_info MD algorithm to use for HMAC_DRBG
* \param f_entropy Entropy callback (p_entropy, buffer to fill, buffer
* length)
* \param p_entropy Entropy context
* \param custom Personalization data (Device specific identifiers)
* (Can be NULL)
* \param len Length of personalization data
*
* \note The "security strength" as defined by NIST is set to:
* 128 bits if md_alg is SHA-1,
* 192 bits if md_alg is SHA-224,
* 256 bits if md_alg is SHA-256 or higher.
* Note that SHA-256 is just as efficient as SHA-224.
*
* \return 0 if successful, or
* POLARSSL_ERR_MD_BAD_INPUT_DATA, or
* POLARSSL_ERR_MD_ALLOC_FAILED, or
* POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED.
*/
int hmac_drbg_init( hmac_drbg_context *ctx,
const md_info_t * md_info,
int (*f_entropy)(void *, unsigned char *, size_t),
void *p_entropy,
const unsigned char *custom,
size_t len );
/**
* \brief Initilisation of simpified HMAC_DRBG (never reseeds).
* (For use with deterministic ECDSA.)
*
* \param ctx HMAC_DRBG context to be initialised
* \param md_info MD algorithm to use for HMAC_DRBG
* \param data Concatenation of entropy string and additional data
* \param data_len Length of data in bytes
*
* \return 0 if successful, or
* POLARSSL_ERR_MD_BAD_INPUT_DATA, or
* POLARSSL_ERR_MD_ALLOC_FAILED.
*/
int hmac_drbg_init_buf( hmac_drbg_context *ctx,
const md_info_t * md_info,
const unsigned char *data, size_t data_len );
/**
* \brief Enable / disable prediction resistance (Default: Off)
*
* Note: If enabled, entropy is used for ctx->entropy_len before each call!
* Only use this if you have ample supply of good entropy!
*
* \param ctx HMAC_DRBG context
* \param resistance POLARSSL_HMAC_DRBG_PR_ON or POLARSSL_HMAC_DRBG_PR_OFF
*/
void hmac_drbg_set_prediction_resistance( hmac_drbg_context *ctx,
int resistance );
/**
* \brief Set the amount of entropy grabbed on each reseed
* (Default: given by the security strength, which
* depends on the hash used, see \c hmac_drbg_init() )
*
* \param ctx HMAC_DRBG context
* \param len Amount of entropy to grab, in bytes
*/
void hmac_drbg_set_entropy_len( hmac_drbg_context *ctx,
size_t len );
/**
* \brief Set the reseed interval
* (Default: POLARSSL_HMAC_DRBG_RESEED_INTERVAL)
*
* \param ctx HMAC_DRBG context
* \param interval Reseed interval
*/
void hmac_drbg_set_reseed_interval( hmac_drbg_context *ctx,
int interval );
/**
* \brief HMAC_DRBG update state
*
* \param ctx HMAC_DRBG context
* \param additional Additional data to update state with, or NULL
* \param add_len Length of additional data, or 0
*
* \note Additional data is optional, pass NULL and 0 as second
* third argument if no additional data is being used.
*/
void hmac_drbg_update( hmac_drbg_context *ctx,
const unsigned char *additional, size_t add_len );
/**
* \brief HMAC_DRBG reseeding (extracts data from entropy source)
*
* \param ctx HMAC_DRBG context
* \param additional Additional data to add to state (Can be NULL)
* \param len Length of additional data
*
* \return 0 if successful, or
* POLARSSL_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED
*/
int hmac_drbg_reseed( hmac_drbg_context *ctx,
const unsigned char *additional, size_t len );
/**
* \brief HMAC_DRBG generate random with additional update input
*
* Note: Automatically reseeds if reseed_counter is reached or PR is enabled.
*
* \param p_rng HMAC_DRBG context
* \param output Buffer to fill
* \param output_len Length of the buffer
* \param additional Additional data to update with (can be NULL)
* \param add_len Length of additional data (can be 0)
*
* \return 0 if successful, or
* POLARSSL_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED, or
* POLARSSL_ERR_HMAC_DRBG_REQUEST_TOO_BIG, or
* POLARSSL_ERR_HMAC_DRBG_INPUT_TOO_BIG.
*/
int hmac_drbg_random_with_add( void *p_rng,
unsigned char *output, size_t output_len,
const unsigned char *additional,
size_t add_len );
/**
* \brief HMAC_DRBG generate random
*
* Note: Automatically reseeds if reseed_counter is reached or PR is enabled.
*
* \param p_rng HMAC_DRBG context
* \param output Buffer to fill
* \param out_len Length of the buffer
*
* \return 0 if successful, or
* POLARSSL_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED, or
* POLARSSL_ERR_HMAC_DRBG_REQUEST_TOO_BIG
*/
int hmac_drbg_random( void *p_rng, unsigned char *output, size_t out_len );
/**
* \brief Free an HMAC_DRBG context
*
* \param ctx HMAC_DRBG context to free.
*/
void hmac_drbg_free( hmac_drbg_context *ctx );
#if defined(POLARSSL_FS_IO)
/**
* \brief Write a seed file
*
* \param ctx HMAC_DRBG context
* \param path Name of the file
*
* \return 0 if successful, 1 on file error, or
* POLARSSL_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED
*/
int hmac_drbg_write_seed_file( hmac_drbg_context *ctx, const char *path );
/**
* \brief Read and update a seed file. Seed is added to this
* instance
*
* \param ctx HMAC_DRBG context
* \param path Name of the file
*
* \return 0 if successful, 1 on file error,
* POLARSSL_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED or
* POLARSSL_ERR_HMAC_DRBG_INPUT_TOO_BIG
*/
int hmac_drbg_update_seed_file( hmac_drbg_context *ctx, const char *path );
#endif /* POLARSSL_FS_IO */
#if defined(POLARSSL_SELF_TEST)
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
*/
int hmac_drbg_self_test( int verbose );
#endif
#ifdef __cplusplus
}
#endif
#endif /* hmac_drbg.h */

395
Externals/polarssl/include/polarssl/md.h vendored
View File

@ -1,395 +0,0 @@
/**
* \file md.h
*
* \brief Generic message digest wrapper
*
* \author Adriaan de Jong <dejong@fox-it.com>
*
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_MD_H
#define POLARSSL_MD_H
#include <string.h>
#if defined(_MSC_VER) && !defined(inline)
#define inline _inline
#else
#if defined(__ARMCC_VERSION) && !defined(inline)
#define inline __inline
#endif /* __ARMCC_VERSION */
#endif /*_MSC_VER */
#define POLARSSL_ERR_MD_FEATURE_UNAVAILABLE -0x5080 /**< The selected feature is not available. */
#define POLARSSL_ERR_MD_BAD_INPUT_DATA -0x5100 /**< Bad input parameters to function. */
#define POLARSSL_ERR_MD_ALLOC_FAILED -0x5180 /**< Failed to allocate memory. */
#define POLARSSL_ERR_MD_FILE_IO_ERROR -0x5200 /**< Opening or reading of file failed. */
#ifdef __cplusplus
extern "C" {
#endif
typedef enum {
POLARSSL_MD_NONE=0,
POLARSSL_MD_MD2,
POLARSSL_MD_MD4,
POLARSSL_MD_MD5,
POLARSSL_MD_SHA1,
POLARSSL_MD_SHA224,
POLARSSL_MD_SHA256,
POLARSSL_MD_SHA384,
POLARSSL_MD_SHA512,
POLARSSL_MD_RIPEMD160,
} md_type_t;
#if defined(POLARSSL_SHA512_C)
#define POLARSSL_MD_MAX_SIZE 64 /* longest known is SHA512 */
#else
#define POLARSSL_MD_MAX_SIZE 32 /* longest known is SHA256 or less */
#endif
/**
* Message digest information. Allows message digest functions to be called
* in a generic way.
*/
typedef struct {
/** Digest identifier */
md_type_t type;
/** Name of the message digest */
const char * name;
/** Output length of the digest function */
int size;
/** Digest initialisation function */
void (*starts_func)( void *ctx );
/** Digest update function */
void (*update_func)( void *ctx, const unsigned char *input, size_t ilen );
/** Digest finalisation function */
void (*finish_func)( void *ctx, unsigned char *output );
/** Generic digest function */
void (*digest_func)( const unsigned char *input, size_t ilen,
unsigned char *output );
/** Generic file digest function */
int (*file_func)( const char *path, unsigned char *output );
/** HMAC Initialisation function */
void (*hmac_starts_func)( void *ctx, const unsigned char *key,
size_t keylen );
/** HMAC update function */
void (*hmac_update_func)( void *ctx, const unsigned char *input,
size_t ilen );
/** HMAC finalisation function */
void (*hmac_finish_func)( void *ctx, unsigned char *output);
/** HMAC context reset function */
void (*hmac_reset_func)( void *ctx );
/** Generic HMAC function */
void (*hmac_func)( const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen,
unsigned char *output );
/** Allocate a new context */
void * (*ctx_alloc_func)( void );
/** Free the given context */
void (*ctx_free_func)( void *ctx );
/** Internal use only */
void (*process_func)( void *ctx, const unsigned char *input );
} md_info_t;
/**
* Generic message digest context.
*/
typedef struct {
/** Information about the associated message digest */
const md_info_t *md_info;
/** Digest-specific context */
void *md_ctx;
} md_context_t;
#define MD_CONTEXT_T_INIT { \
NULL, /* md_info */ \
NULL, /* md_ctx */ \
}
/**
* \brief Returns the list of digests supported by the generic digest module.
*
* \return a statically allocated array of digests, the last entry
* is 0.
*/
const int *md_list( void );
/**
* \brief Returns the message digest information associated with the
* given digest name.
*
* \param md_name Name of the digest to search for.
*
* \return The message digest information associated with md_name or
* NULL if not found.
*/
const md_info_t *md_info_from_string( const char *md_name );
/**
* \brief Returns the message digest information associated with the
* given digest type.
*
* \param md_type type of digest to search for.
*
* \return The message digest information associated with md_type or
* NULL if not found.
*/
const md_info_t *md_info_from_type( md_type_t md_type );
/**
* \brief Initialize a md_context (as NONE)
*/
void md_init( md_context_t *ctx );
/**
* \brief Free and clear the message-specific context of ctx.
* Freeing ctx itself remains the responsibility of the
* caller.
*/
void md_free( md_context_t *ctx );
/**
* \brief Initialises and fills the message digest context structure
* with the appropriate values.
*
* \note Currently also clears structure. In future versions you
* will be required to call md_init() on the structure
* first.
*
* \param ctx context to initialise. May not be NULL. The
* digest-specific context (ctx->md_ctx) must be NULL. It will
* be allocated, and must be freed using md_free_ctx() later.
* \param md_info message digest to use.
*
* \returns \c 0 on success, \c POLARSSL_ERR_MD_BAD_INPUT_DATA on
* parameter failure, \c POLARSSL_ERR_MD_ALLOC_FAILED if
* allocation of the digest-specific context failed.
*/
int md_init_ctx( md_context_t *ctx, const md_info_t *md_info );
/**
* \brief Free the message-specific context of ctx. Freeing ctx itself
* remains the responsibility of the caller.
*
* \note Deprecated: Redirects to md_free()
*
* \param ctx Free the message-specific context
*
* \returns 0
*/
int md_free_ctx( md_context_t *ctx );
/**
* \brief Returns the size of the message digest output.
*
* \param md_info message digest info
*
* \return size of the message digest output.
*/
static inline unsigned char md_get_size( const md_info_t *md_info )
{
if( md_info == NULL )
return( 0 );
return md_info->size;
}
/**
* \brief Returns the type of the message digest output.
*
* \param md_info message digest info
*
* \return type of the message digest output.
*/
static inline md_type_t md_get_type( const md_info_t *md_info )
{
if( md_info == NULL )
return( POLARSSL_MD_NONE );
return md_info->type;
}
/**
* \brief Returns the name of the message digest output.
*
* \param md_info message digest info
*
* \return name of the message digest output.
*/
static inline const char *md_get_name( const md_info_t *md_info )
{
if( md_info == NULL )
return( NULL );
return md_info->name;
}
/**
* \brief Set-up the given context for a new message digest
*
* \param ctx generic message digest context.
*
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter
* verification fails.
*/
int md_starts( md_context_t *ctx );
/**
* \brief Generic message digest process buffer
*
* \param ctx Generic message digest context
* \param input buffer holding the datal
* \param ilen length of the input data
*
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter
* verification fails.
*/
int md_update( md_context_t *ctx, const unsigned char *input, size_t ilen );
/**
* \brief Generic message digest final digest
*
* \param ctx Generic message digest context
* \param output Generic message digest checksum result
*
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter
* verification fails.
*/
int md_finish( md_context_t *ctx, unsigned char *output );
/**
* \brief Output = message_digest( input buffer )
*
* \param md_info message digest info
* \param input buffer holding the data
* \param ilen length of the input data
* \param output Generic message digest checksum result
*
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter
* verification fails.
*/
int md( const md_info_t *md_info, const unsigned char *input, size_t ilen,
unsigned char *output );
/**
* \brief Output = message_digest( file contents )
*
* \param md_info message digest info
* \param path input file name
* \param output generic message digest checksum result
*
* \return 0 if successful, POLARSSL_ERR_MD_FILE_OPEN_FAILED if fopen
* failed, POLARSSL_ERR_MD_FILE_READ_FAILED if fread failed,
* POLARSSL_ERR_MD_BAD_INPUT_DATA if md_info was NULL.
*/
int md_file( const md_info_t *md_info, const char *path,
unsigned char *output );
/**
* \brief Generic HMAC context setup
*
* \param ctx HMAC context to be initialized
* \param key HMAC secret key
* \param keylen length of the HMAC key
*
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter
* verification fails.
*/
int md_hmac_starts( md_context_t *ctx, const unsigned char *key,
size_t keylen );
/**
* \brief Generic HMAC process buffer
*
* \param ctx HMAC context
* \param input buffer holding the data
* \param ilen length of the input data
*
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter
* verification fails.
*/
int md_hmac_update( md_context_t *ctx, const unsigned char *input,
size_t ilen );
/**
* \brief Generic HMAC final digest
*
* \param ctx HMAC context
* \param output Generic HMAC checksum result
*
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter
* verification fails.
*/
int md_hmac_finish( md_context_t *ctx, unsigned char *output);
/**
* \brief Generic HMAC context reset
*
* \param ctx HMAC context to be reset
*
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter
* verification fails.
*/
int md_hmac_reset( md_context_t *ctx );
/**
* \brief Output = Generic_HMAC( hmac key, input buffer )
*
* \param md_info message digest info
* \param key HMAC secret key
* \param keylen length of the HMAC key
* \param input buffer holding the data
* \param ilen length of the input data
* \param output Generic HMAC-result
*
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter
* verification fails.
*/
int md_hmac( const md_info_t *md_info, const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen,
unsigned char *output );
/* Internal use */
int md_process( md_context_t *ctx, const unsigned char *data );
#ifdef __cplusplus
}
#endif
#endif /* POLARSSL_MD_H */

194
Externals/polarssl/include/polarssl/md2.h vendored
View File

@ -1,194 +0,0 @@
/**
* \file md2.h
*
* \brief MD2 message digest algorithm (hash function)
*
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_MD2_H
#define POLARSSL_MD2_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include <string.h>
#define POLARSSL_ERR_MD2_FILE_IO_ERROR -0x0070 /**< Read/write error in file. */
#if !defined(POLARSSL_MD2_ALT)
// Regular implementation
//
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief MD2 context structure
*/
typedef struct
{
unsigned char cksum[16]; /*!< checksum of the data block */
unsigned char state[48]; /*!< intermediate digest state */
unsigned char buffer[16]; /*!< data block being processed */
unsigned char ipad[16]; /*!< HMAC: inner padding */
unsigned char opad[16]; /*!< HMAC: outer padding */
size_t left; /*!< amount of data in buffer */
}
md2_context;
/**
* \brief Initialize MD2 context
*
* \param ctx MD2 context to be initialized
*/
void md2_init( md2_context *ctx );
/**
* \brief Clear MD2 context
*
* \param ctx MD2 context to be cleared
*/
void md2_free( md2_context *ctx );
/**
* \brief MD2 context setup
*
* \param ctx context to be initialized
*/
void md2_starts( md2_context *ctx );
/**
* \brief MD2 process buffer
*
* \param ctx MD2 context
* \param input buffer holding the data
* \param ilen length of the input data
*/
void md2_update( md2_context *ctx, const unsigned char *input, size_t ilen );
/**
* \brief MD2 final digest
*
* \param ctx MD2 context
* \param output MD2 checksum result
*/
void md2_finish( md2_context *ctx, unsigned char output[16] );
#ifdef __cplusplus
}
#endif
#else /* POLARSSL_MD2_ALT */
#include "md2_alt.h"
#endif /* POLARSSL_MD2_ALT */
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief Output = MD2( input buffer )
*
* \param input buffer holding the data
* \param ilen length of the input data
* \param output MD2 checksum result
*/
void md2( const unsigned char *input, size_t ilen, unsigned char output[16] );
/**
* \brief Output = MD2( file contents )
*
* \param path input file name
* \param output MD2 checksum result
*
* \return 0 if successful, or POLARSSL_ERR_MD2_FILE_IO_ERROR
*/
int md2_file( const char *path, unsigned char output[16] );
/**
* \brief MD2 HMAC context setup
*
* \param ctx HMAC context to be initialized
* \param key HMAC secret key
* \param keylen length of the HMAC key
*/
void md2_hmac_starts( md2_context *ctx, const unsigned char *key,
size_t keylen );
/**
* \brief MD2 HMAC process buffer
*
* \param ctx HMAC context
* \param input buffer holding the data
* \param ilen length of the input data
*/
void md2_hmac_update( md2_context *ctx, const unsigned char *input,
size_t ilen );
/**
* \brief MD2 HMAC final digest
*
* \param ctx HMAC context
* \param output MD2 HMAC checksum result
*/
void md2_hmac_finish( md2_context *ctx, unsigned char output[16] );
/**
* \brief MD2 HMAC context reset
*
* \param ctx HMAC context to be reset
*/
void md2_hmac_reset( md2_context *ctx );
/**
* \brief Output = HMAC-MD2( hmac key, input buffer )
*
* \param key HMAC secret key
* \param keylen length of the HMAC key
* \param input buffer holding the data
* \param ilen length of the input data
* \param output HMAC-MD2 result
*/
void md2_hmac( const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen,
unsigned char output[16] );
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
*/
int md2_self_test( int verbose );
/* Internal use */
void md2_process( md2_context *ctx );
#ifdef __cplusplus
}
#endif
#endif /* md2.h */

200
Externals/polarssl/include/polarssl/md4.h vendored
View File

@ -1,200 +0,0 @@
/**
* \file md4.h
*
* \brief MD4 message digest algorithm (hash function)
*
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_MD4_H
#define POLARSSL_MD4_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include <string.h>
#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32)
#include <basetsd.h>
typedef UINT32 uint32_t;
#else
#include <inttypes.h>
#endif
#define POLARSSL_ERR_MD4_FILE_IO_ERROR -0x0072 /**< Read/write error in file. */
#if !defined(POLARSSL_MD4_ALT)
// Regular implementation
//
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief MD4 context structure
*/
typedef struct
{
uint32_t total[2]; /*!< number of bytes processed */
uint32_t state[4]; /*!< intermediate digest state */
unsigned char buffer[64]; /*!< data block being processed */
unsigned char ipad[64]; /*!< HMAC: inner padding */
unsigned char opad[64]; /*!< HMAC: outer padding */
}
md4_context;
/**
* \brief Initialize MD4 context
*
* \param ctx MD4 context to be initialized
*/
void md4_init( md4_context *ctx );
/**
* \brief Clear MD4 context
*
* \param ctx MD4 context to be cleared
*/
void md4_free( md4_context *ctx );
/**
* \brief MD4 context setup
*
* \param ctx context to be initialized
*/
void md4_starts( md4_context *ctx );
/**
* \brief MD4 process buffer
*
* \param ctx MD4 context
* \param input buffer holding the data
* \param ilen length of the input data
*/
void md4_update( md4_context *ctx, const unsigned char *input, size_t ilen );
/**
* \brief MD4 final digest
*
* \param ctx MD4 context
* \param output MD4 checksum result
*/
void md4_finish( md4_context *ctx, unsigned char output[16] );
#ifdef __cplusplus
}
#endif
#else /* POLARSSL_MD4_ALT */
#include "md4_alt.h"
#endif /* POLARSSL_MD4_ALT */
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief Output = MD4( input buffer )
*
* \param input buffer holding the data
* \param ilen length of the input data
* \param output MD4 checksum result
*/
void md4( const unsigned char *input, size_t ilen, unsigned char output[16] );
/**
* \brief Output = MD4( file contents )
*
* \param path input file name
* \param output MD4 checksum result
*
* \return 0 if successful, or POLARSSL_ERR_MD4_FILE_IO_ERROR
*/
int md4_file( const char *path, unsigned char output[16] );
/**
* \brief MD4 HMAC context setup
*
* \param ctx HMAC context to be initialized
* \param key HMAC secret key
* \param keylen length of the HMAC key
*/
void md4_hmac_starts( md4_context *ctx, const unsigned char *key,
size_t keylen );
/**
* \brief MD4 HMAC process buffer
*
* \param ctx HMAC context
* \param input buffer holding the data
* \param ilen length of the input data
*/
void md4_hmac_update( md4_context *ctx, const unsigned char *input,
size_t ilen );
/**
* \brief MD4 HMAC final digest
*
* \param ctx HMAC context
* \param output MD4 HMAC checksum result
*/
void md4_hmac_finish( md4_context *ctx, unsigned char output[16] );
/**
* \brief MD4 HMAC context reset
*
* \param ctx HMAC context to be reset
*/
void md4_hmac_reset( md4_context *ctx );
/**
* \brief Output = HMAC-MD4( hmac key, input buffer )
*
* \param key HMAC secret key
* \param keylen length of the HMAC key
* \param input buffer holding the data
* \param ilen length of the input data
* \param output HMAC-MD4 result
*/
void md4_hmac( const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen,
unsigned char output[16] );
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
*/
int md4_self_test( int verbose );
/* Internal use */
void md4_process( md4_context *ctx, const unsigned char data[64] );
#ifdef __cplusplus
}
#endif
#endif /* md4.h */

200
Externals/polarssl/include/polarssl/md5.h vendored
View File

@ -1,200 +0,0 @@
/**
* \file md5.h
*
* \brief MD5 message digest algorithm (hash function)
*
* Copyright (C) 2006-2013, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_MD5_H
#define POLARSSL_MD5_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include <string.h>
#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32)
#include <basetsd.h>
typedef UINT32 uint32_t;
#else
#include <inttypes.h>
#endif
#define POLARSSL_ERR_MD5_FILE_IO_ERROR -0x0074 /**< Read/write error in file. */
#if !defined(POLARSSL_MD5_ALT)
// Regular implementation
//
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief MD5 context structure
*/
typedef struct
{
uint32_t total[2]; /*!< number of bytes processed */
uint32_t state[4]; /*!< intermediate digest state */
unsigned char buffer[64]; /*!< data block being processed */
unsigned char ipad[64]; /*!< HMAC: inner padding */
unsigned char opad[64]; /*!< HMAC: outer padding */
}
md5_context;
/**
* \brief Initialize MD5 context
*
* \param ctx MD5 context to be initialized
*/
void md5_init( md5_context *ctx );
/**
* \brief Clear MD5 context
*
* \param ctx MD5 context to be cleared
*/
void md5_free( md5_context *ctx );
/**
* \brief MD5 context setup
*
* \param ctx context to be initialized
*/
void md5_starts( md5_context *ctx );
/**
* \brief MD5 process buffer
*
* \param ctx MD5 context
* \param input buffer holding the data
* \param ilen length of the input data
*/
void md5_update( md5_context *ctx, const unsigned char *input, size_t ilen );
/**
* \brief MD5 final digest
*
* \param ctx MD5 context
* \param output MD5 checksum result
*/
void md5_finish( md5_context *ctx, unsigned char output[16] );
/* Internal use */
void md5_process( md5_context *ctx, const unsigned char data[64] );
#ifdef __cplusplus
}
#endif
#else /* POLARSSL_MD5_ALT */
#include "md5_alt.h"
#endif /* POLARSSL_MD5_ALT */
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief Output = MD5( input buffer )
*
* \param input buffer holding the data
* \param ilen length of the input data
* \param output MD5 checksum result
*/
void md5( const unsigned char *input, size_t ilen, unsigned char output[16] );
/**
* \brief Output = MD5( file contents )
*
* \param path input file name
* \param output MD5 checksum result
*
* \return 0 if successful, or POLARSSL_ERR_MD5_FILE_IO_ERROR
*/
int md5_file( const char *path, unsigned char output[16] );
/**
* \brief MD5 HMAC context setup
*
* \param ctx HMAC context to be initialized
* \param key HMAC secret key
* \param keylen length of the HMAC key
*/
void md5_hmac_starts( md5_context *ctx,
const unsigned char *key, size_t keylen );
/**
* \brief MD5 HMAC process buffer
*
* \param ctx HMAC context
* \param input buffer holding the data
* \param ilen length of the input data
*/
void md5_hmac_update( md5_context *ctx,
const unsigned char *input, size_t ilen );
/**
* \brief MD5 HMAC final digest
*
* \param ctx HMAC context
* \param output MD5 HMAC checksum result
*/
void md5_hmac_finish( md5_context *ctx, unsigned char output[16] );
/**
* \brief MD5 HMAC context reset
*
* \param ctx HMAC context to be reset
*/
void md5_hmac_reset( md5_context *ctx );
/**
* \brief Output = HMAC-MD5( hmac key, input buffer )
*
* \param key HMAC secret key
* \param keylen length of the HMAC key
* \param input buffer holding the data
* \param ilen length of the input data
* \param output HMAC-MD5 result
*/
void md5_hmac( const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen,
unsigned char output[16] );
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
*/
int md5_self_test( int verbose );
#ifdef __cplusplus
}
#endif
#endif /* md5.h */

71
Externals/polarssl/include/polarssl/md_wrap.h vendored
View File

@ -1,71 +0,0 @@
/**
* \file md_wrap.h
*
* \brief Message digest wrappers.
*
* \author Adriaan de Jong <dejong@fox-it.com>
*
* Copyright (C) 2006-2011, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_MD_WRAP_H
#define POLARSSL_MD_WRAP_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include "md.h"
#ifdef __cplusplus
extern "C" {
#endif
#if defined(POLARSSL_MD2_C)
extern const md_info_t md2_info;
#endif
#if defined(POLARSSL_MD4_C)
extern const md_info_t md4_info;
#endif
#if defined(POLARSSL_MD5_C)
extern const md_info_t md5_info;
#endif
#if defined(POLARSSL_RIPEMD160_C)
extern const md_info_t ripemd160_info;
#endif
#if defined(POLARSSL_SHA1_C)
extern const md_info_t sha1_info;
#endif
#if defined(POLARSSL_SHA256_C)
extern const md_info_t sha224_info;
extern const md_info_t sha256_info;
#endif
#if defined(POLARSSL_SHA512_C)
extern const md_info_t sha384_info;
extern const md_info_t sha512_info;
#endif
#ifdef __cplusplus
}
#endif
#endif /* POLARSSL_MD_WRAP_H */

52
Externals/polarssl/include/polarssl/memory.h vendored
View File

@ -1,52 +0,0 @@
/**
* \file memory.h
*
* \brief Memory allocation layer (Deprecated to platform layer)
*
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_MEMORY_H
#define POLARSSL_MEMORY_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include <stdlib.h>
#if defined(POLARSSL_MEMORY_C) && !defined(POLARSSL_PLATFORM_MEMORY)
#define POLARSSL_PLATFORM_MEMORY
#endif
#include "platform.h"
#include "memory_buffer_alloc.h"
int memory_set_own( void * (*malloc_func)( size_t ),
void (*free_func)( void * ) )
{
return platform_set_malloc_free( malloc_func, free_func );
}
#endif /* memory.h */

122
Externals/polarssl/include/polarssl/memory_buffer_alloc.h vendored
View File

@ -1,122 +0,0 @@
/**
* \file memory_buffer_alloc.h
*
* \brief Buffer-based memory allocator
*
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_MEMORY_BUFFER_ALLOC_H
#define POLARSSL_MEMORY_BUFFER_ALLOC_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include <stdlib.h>
/**
* \name SECTION: Module settings
*
* The configuration options you can set for this module are in this section.
* Either change them in config.h or define them on the compiler command line.
* \{
*/
#if !defined(POLARSSL_MEMORY_ALIGN_MULTIPLE)
#define POLARSSL_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */
#endif
/* \} name SECTION: Module settings */
#define MEMORY_VERIFY_NONE 0
#define MEMORY_VERIFY_ALLOC (1 << 0)
#define MEMORY_VERIFY_FREE (1 << 1)
#define MEMORY_VERIFY_ALWAYS (MEMORY_VERIFY_ALLOC | MEMORY_VERIFY_FREE)
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief Initialize use of stack-based memory allocator.
* The stack-based allocator does memory management inside the
* presented buffer and does not call malloc() and free().
* It sets the global polarssl_malloc() and polarssl_free() pointers
* to its own functions.
* (Provided polarssl_malloc() and polarssl_free() are thread-safe if
* POLARSSL_THREADING_C is defined)
*
* \note This code is not optimized and provides a straight-forward
* implementation of a stack-based memory allocator.
*
* \param buf buffer to use as heap
* \param len size of the buffer
*
* \return 0 if successful
*/
int memory_buffer_alloc_init( unsigned char *buf, size_t len );
/**
* \brief Free the mutex for thread-safety and clear remaining memory
*/
void memory_buffer_alloc_free( void );
/**
* \brief Determine when the allocator should automatically verify the state
* of the entire chain of headers / meta-data.
* (Default: MEMORY_VERIFY_NONE)
*
* \param verify One of MEMORY_VERIFY_NONE, MEMORY_VERIFY_ALLOC,
* MEMORY_VERIFY_FREE or MEMORY_VERIFY_ALWAYS
*/
void memory_buffer_set_verify( int verify );
#if defined(POLARSSL_MEMORY_DEBUG)
/**
* \brief Print out the status of the allocated memory (primarily for use
* after a program should have de-allocated all memory)
* Prints out a list of 'still allocated' blocks and their stack
* trace if POLARSSL_MEMORY_BACKTRACE is defined.
*/
void memory_buffer_alloc_status( void );
#endif /* POLARSSL_MEMORY_DEBUG */
/**
* \brief Verifies that all headers in the memory buffer are correct
* and contain sane values. Helps debug buffer-overflow errors.
*
* Prints out first failure if POLARSSL_MEMORY_DEBUG is defined.
* Prints out full header information if POLARSSL_MEMORY_DEBUG_HEADERS
* is defined. (Includes stack trace information for each block if
* POLARSSL_MEMORY_BACKTRACE is defined as well).
*
* \returns 0 if verified, 1 otherwise
*/
int memory_buffer_alloc_verify( void );
#ifdef __cplusplus
}
#endif
#endif /* memory_buffer_alloc.h */

160
Externals/polarssl/include/polarssl/net.h vendored
View File

@ -1,160 +0,0 @@
/**
* \file net.h
*
* \brief Network communication functions
*
* Copyright (C) 2006-2011, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_NET_H
#define POLARSSL_NET_H
#include <string.h>
#define POLARSSL_ERR_NET_UNKNOWN_HOST -0x0056 /**< Failed to get an IP address for the given hostname. */
#define POLARSSL_ERR_NET_SOCKET_FAILED -0x0042 /**< Failed to open a socket. */
#define POLARSSL_ERR_NET_CONNECT_FAILED -0x0044 /**< The connection to the given server / port failed. */
#define POLARSSL_ERR_NET_BIND_FAILED -0x0046 /**< Binding of the socket failed. */
#define POLARSSL_ERR_NET_LISTEN_FAILED -0x0048 /**< Could not listen on the socket. */
#define POLARSSL_ERR_NET_ACCEPT_FAILED -0x004A /**< Could not accept the incoming connection. */
#define POLARSSL_ERR_NET_RECV_FAILED -0x004C /**< Reading information from the socket failed. */
#define POLARSSL_ERR_NET_SEND_FAILED -0x004E /**< Sending information through the socket failed. */
#define POLARSSL_ERR_NET_CONN_RESET -0x0050 /**< Connection was reset by peer. */
#define POLARSSL_ERR_NET_WANT_READ -0x0052 /**< Connection requires a read call. */
#define POLARSSL_ERR_NET_WANT_WRITE -0x0054 /**< Connection requires a write call. */
#define POLARSSL_NET_LISTEN_BACKLOG 10 /**< The backlog that listen() should use. */
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief Initiate a TCP connection with host:port
*
* \param fd Socket to use
* \param host Host to connect to
* \param port Port to connect to
*
* \return 0 if successful, or one of:
* POLARSSL_ERR_NET_SOCKET_FAILED,
* POLARSSL_ERR_NET_UNKNOWN_HOST,
* POLARSSL_ERR_NET_CONNECT_FAILED
*/
int net_connect( int *fd, const char *host, int port );
/**
* \brief Create a listening socket on bind_ip:port.
* If bind_ip == NULL, all interfaces are binded.
*
* \param fd Socket to use
* \param bind_ip IP to bind to, can be NULL
* \param port Port number to use
*
* \return 0 if successful, or one of:
* POLARSSL_ERR_NET_SOCKET_FAILED,
* POLARSSL_ERR_NET_BIND_FAILED,
* POLARSSL_ERR_NET_LISTEN_FAILED
*/
int net_bind( int *fd, const char *bind_ip, int port );
/**
* \brief Accept a connection from a remote client
*
* \param bind_fd Relevant socket
* \param client_fd Will contain the connected client socket
* \param client_ip Will contain the client IP address
* Must be at least 4 bytes, or 16 if IPv6 is supported
*
* \return 0 if successful, POLARSSL_ERR_NET_ACCEPT_FAILED, or
* POLARSSL_ERR_NET_WANT_READ is bind_fd was set to
* non-blocking and accept() is blocking.
*/
int net_accept( int bind_fd, int *client_fd, void *client_ip );
/**
* \brief Set the socket blocking
*
* \param fd Socket to set
*
* \return 0 if successful, or a non-zero error code
*/
int net_set_block( int fd );
/**
* \brief Set the socket non-blocking
*
* \param fd Socket to set
*
* \return 0 if successful, or a non-zero error code
*/
int net_set_nonblock( int fd );
/**
* \brief Portable usleep helper
*
* \param usec Amount of microseconds to sleep
*
* \note Real amount of time slept will not be less than
* select()'s timeout granularity (typically, 10ms).
*/
void net_usleep( unsigned long usec );
/**
* \brief Read at most 'len' characters. If no error occurs,
* the actual amount read is returned.
*
* \param ctx Socket
* \param buf The buffer to write to
* \param len Maximum length of the buffer
*
* \return This function returns the number of bytes received,
* or a non-zero error code; POLARSSL_ERR_NET_WANT_READ
* indicates read() is blocking.
*/
int net_recv( void *ctx, unsigned char *buf, size_t len );
/**
* \brief Write at most 'len' characters. If no error occurs,
* the actual amount read is returned.
*
* \param ctx Socket
* \param buf The buffer to read from
* \param len The length of the buffer
*
* \return This function returns the number of bytes sent,
* or a non-zero error code; POLARSSL_ERR_NET_WANT_WRITE
* indicates write() is blocking.
*/
int net_send( void *ctx, const unsigned char *buf, size_t len );
/**
* \brief Gracefully shutdown the connection
*
* \param fd The socket to close
*/
void net_close( int fd );
#ifdef __cplusplus
}
#endif
#endif /* net.h */

570
Externals/polarssl/include/polarssl/oid.h vendored
View File

@ -1,570 +0,0 @@
/**
* \file oid.h
*
* \brief Object Identifier (OID) database
*
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_OID_H
#define POLARSSL_OID_H
#include <string.h>
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include "asn1.h"
#include "pk.h"
#if defined(POLARSSL_CIPHER_C)
#include "cipher.h"
#endif
#if defined(POLARSSL_MD_C)
#include "md.h"
#endif
#if defined(POLARSSL_X509_USE_C) || defined(POLARSSL_X509_CREATE_C)
#include "x509.h"
#endif
#define POLARSSL_ERR_OID_NOT_FOUND -0x002E /**< OID is not found. */
#define POLARSSL_ERR_OID_BUF_TOO_SMALL -0x000B /**< output buffer is too small */
/*
* Top level OID tuples
*/
#define OID_ISO_MEMBER_BODIES "\x2a" /* {iso(1) member-body(2)} */
#define OID_ISO_IDENTIFIED_ORG "\x2b" /* {iso(1) identified-organization(3)} */
#define OID_ISO_CCITT_DS "\x55" /* {joint-iso-ccitt(2) ds(5)} */
#define OID_ISO_ITU_COUNTRY "\x60" /* {joint-iso-itu-t(2) country(16)} */
/*
* ISO Member bodies OID parts
*/
#define OID_COUNTRY_US "\x86\x48" /* {us(840)} */
#define OID_ORG_RSA_DATA_SECURITY "\x86\xf7\x0d" /* {rsadsi(113549)} */
#define OID_RSA_COMPANY OID_ISO_MEMBER_BODIES OID_COUNTRY_US \
OID_ORG_RSA_DATA_SECURITY /* {iso(1) member-body(2) us(840) rsadsi(113549)} */
#define OID_ORG_ANSI_X9_62 "\xce\x3d" /* ansi-X9-62(10045) */
#define OID_ANSI_X9_62 OID_ISO_MEMBER_BODIES OID_COUNTRY_US \
OID_ORG_ANSI_X9_62
/*
* ISO Identified organization OID parts
*/
#define OID_ORG_DOD "\x06" /* {dod(6)} */
#define OID_ORG_OIW "\x0e"
#define OID_OIW_SECSIG OID_ORG_OIW "\x03"
#define OID_OIW_SECSIG_ALG OID_OIW_SECSIG "\x02"
#define OID_OIW_SECSIG_SHA1 OID_OIW_SECSIG_ALG "\x1a"
#define OID_ORG_CERTICOM "\x81\x04" /* certicom(132) */
#define OID_CERTICOM OID_ISO_IDENTIFIED_ORG OID_ORG_CERTICOM
#define OID_ORG_TELETRUST "\x24" /* teletrust(36) */
#define OID_TELETRUST OID_ISO_IDENTIFIED_ORG OID_ORG_TELETRUST
/*
* ISO ITU OID parts
*/
#define OID_ORGANIZATION "\x01" /* {organization(1)} */
#define OID_ISO_ITU_US_ORG OID_ISO_ITU_COUNTRY OID_COUNTRY_US OID_ORGANIZATION /* {joint-iso-itu-t(2) country(16) us(840) organization(1)} */
#define OID_ORG_GOV "\x65" /* {gov(101)} */
#define OID_GOV OID_ISO_ITU_US_ORG OID_ORG_GOV /* {joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101)} */
#define OID_ORG_NETSCAPE "\x86\xF8\x42" /* {netscape(113730)} */
#define OID_NETSCAPE OID_ISO_ITU_US_ORG OID_ORG_NETSCAPE /* Netscape OID {joint-iso-itu-t(2) country(16) us(840) organization(1) netscape(113730)} */
/* ISO arc for standard certificate and CRL extensions */
#define OID_ID_CE OID_ISO_CCITT_DS "\x1D" /**< id-ce OBJECT IDENTIFIER ::= {joint-iso-ccitt(2) ds(5) 29} */
/**
* Private Internet Extensions
* { iso(1) identified-organization(3) dod(6) internet(1)
* security(5) mechanisms(5) pkix(7) }
*/
#define OID_PKIX OID_ISO_IDENTIFIED_ORG OID_ORG_DOD "\x01\x05\x05\x07"
/*
* Arc for standard naming attributes
*/
#define OID_AT OID_ISO_CCITT_DS "\x04" /**< id-at OBJECT IDENTIFIER ::= {joint-iso-ccitt(2) ds(5) 4} */
#define OID_AT_CN OID_AT "\x03" /**< id-at-commonName AttributeType:= {id-at 3} */
#define OID_AT_SUR_NAME OID_AT "\x04" /**< id-at-surName AttributeType:= {id-at 4} */
#define OID_AT_SERIAL_NUMBER OID_AT "\x05" /**< id-at-serialNumber AttributeType:= {id-at 5} */
#define OID_AT_COUNTRY OID_AT "\x06" /**< id-at-countryName AttributeType:= {id-at 6} */
#define OID_AT_LOCALITY OID_AT "\x07" /**< id-at-locality AttributeType:= {id-at 7} */
#define OID_AT_STATE OID_AT "\x08" /**< id-at-state AttributeType:= {id-at 8} */
#define OID_AT_ORGANIZATION OID_AT "\x0A" /**< id-at-organizationName AttributeType:= {id-at 10} */
#define OID_AT_ORG_UNIT OID_AT "\x0B" /**< id-at-organizationalUnitName AttributeType:= {id-at 11} */
#define OID_AT_TITLE OID_AT "\x0C" /**< id-at-title AttributeType:= {id-at 12} */
#define OID_AT_POSTAL_ADDRESS OID_AT "\x10" /**< id-at-postalAddress AttributeType:= {id-at 16} */
#define OID_AT_POSTAL_CODE OID_AT "\x11" /**< id-at-postalCode AttributeType:= {id-at 17} */
#define OID_AT_GIVEN_NAME OID_AT "\x2A" /**< id-at-givenName AttributeType:= {id-at 42} */
#define OID_AT_INITIALS OID_AT "\x2B" /**< id-at-initials AttributeType:= {id-at 43} */
#define OID_AT_GENERATION_QUALIFIER OID_AT "\x2C" /**< id-at-generationQualifier AttributeType:= {id-at 44} */
#define OID_AT_DN_QUALIFIER OID_AT "\x2E" /**< id-at-dnQualifier AttributeType:= {id-at 46} */
#define OID_AT_PSEUDONYM OID_AT "\x41" /**< id-at-pseudonym AttributeType:= {id-at 65} */
#define OID_DOMAIN_COMPONENT "\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x19" /** id-domainComponent AttributeType:= {itu-t(0) data(9) pss(2342) ucl(19200300) pilot(100) pilotAttributeType(1) domainComponent(25)} */
/*
* OIDs for standard certificate extensions
*/
#define OID_AUTHORITY_KEY_IDENTIFIER OID_ID_CE "\x23" /**< id-ce-authorityKeyIdentifier OBJECT IDENTIFIER ::= { id-ce 35 } */
#define OID_SUBJECT_KEY_IDENTIFIER OID_ID_CE "\x0E" /**< id-ce-subjectKeyIdentifier OBJECT IDENTIFIER ::= { id-ce 14 } */
#define OID_KEY_USAGE OID_ID_CE "\x0F" /**< id-ce-keyUsage OBJECT IDENTIFIER ::= { id-ce 15 } */
#define OID_CERTIFICATE_POLICIES OID_ID_CE "\x20" /**< id-ce-certificatePolicies OBJECT IDENTIFIER ::= { id-ce 32 } */
#define OID_POLICY_MAPPINGS OID_ID_CE "\x21" /**< id-ce-policyMappings OBJECT IDENTIFIER ::= { id-ce 33 } */
#define OID_SUBJECT_ALT_NAME OID_ID_CE "\x11" /**< id-ce-subjectAltName OBJECT IDENTIFIER ::= { id-ce 17 } */
#define OID_ISSUER_ALT_NAME OID_ID_CE "\x12" /**< id-ce-issuerAltName OBJECT IDENTIFIER ::= { id-ce 18 } */
#define OID_SUBJECT_DIRECTORY_ATTRS OID_ID_CE "\x09" /**< id-ce-subjectDirectoryAttributes OBJECT IDENTIFIER ::= { id-ce 9 } */
#define OID_BASIC_CONSTRAINTS OID_ID_CE "\x13" /**< id-ce-basicConstraints OBJECT IDENTIFIER ::= { id-ce 19 } */
#define OID_NAME_CONSTRAINTS OID_ID_CE "\x1E" /**< id-ce-nameConstraints OBJECT IDENTIFIER ::= { id-ce 30 } */
#define OID_POLICY_CONSTRAINTS OID_ID_CE "\x24" /**< id-ce-policyConstraints OBJECT IDENTIFIER ::= { id-ce 36 } */
#define OID_EXTENDED_KEY_USAGE OID_ID_CE "\x25" /**< id-ce-extKeyUsage OBJECT IDENTIFIER ::= { id-ce 37 } */
#define OID_CRL_DISTRIBUTION_POINTS OID_ID_CE "\x1F" /**< id-ce-cRLDistributionPoints OBJECT IDENTIFIER ::= { id-ce 31 } */
#define OID_INIHIBIT_ANYPOLICY OID_ID_CE "\x36" /**< id-ce-inhibitAnyPolicy OBJECT IDENTIFIER ::= { id-ce 54 } */
#define OID_FRESHEST_CRL OID_ID_CE "\x2E" /**< id-ce-freshestCRL OBJECT IDENTIFIER ::= { id-ce 46 } */
/*
* Netscape certificate extensions
*/
#define OID_NS_CERT OID_NETSCAPE "\x01"
#define OID_NS_CERT_TYPE OID_NS_CERT "\x01"
#define OID_NS_BASE_URL OID_NS_CERT "\x02"
#define OID_NS_REVOCATION_URL OID_NS_CERT "\x03"
#define OID_NS_CA_REVOCATION_URL OID_NS_CERT "\x04"
#define OID_NS_RENEWAL_URL OID_NS_CERT "\x07"
#define OID_NS_CA_POLICY_URL OID_NS_CERT "\x08"
#define OID_NS_SSL_SERVER_NAME OID_NS_CERT "\x0C"
#define OID_NS_COMMENT OID_NS_CERT "\x0D"
#define OID_NS_DATA_TYPE OID_NETSCAPE "\x02"
#define OID_NS_CERT_SEQUENCE OID_NS_DATA_TYPE "\x05"
/*
* OIDs for CRL extensions
*/
#define OID_PRIVATE_KEY_USAGE_PERIOD OID_ID_CE "\x10"
#define OID_CRL_NUMBER OID_ID_CE "\x14" /**< id-ce-cRLNumber OBJECT IDENTIFIER ::= { id-ce 20 } */
/*
* X.509 v3 Extended key usage OIDs
*/
#define OID_ANY_EXTENDED_KEY_USAGE OID_EXTENDED_KEY_USAGE "\x00" /**< anyExtendedKeyUsage OBJECT IDENTIFIER ::= { id-ce-extKeyUsage 0 } */
#define OID_KP OID_PKIX "\x03" /**< id-kp OBJECT IDENTIFIER ::= { id-pkix 3 } */
#define OID_SERVER_AUTH OID_KP "\x01" /**< id-kp-serverAuth OBJECT IDENTIFIER ::= { id-kp 1 } */
#define OID_CLIENT_AUTH OID_KP "\x02" /**< id-kp-clientAuth OBJECT IDENTIFIER ::= { id-kp 2 } */
#define OID_CODE_SIGNING OID_KP "\x03" /**< id-kp-codeSigning OBJECT IDENTIFIER ::= { id-kp 3 } */
#define OID_EMAIL_PROTECTION OID_KP "\x04" /**< id-kp-emailProtection OBJECT IDENTIFIER ::= { id-kp 4 } */
#define OID_TIME_STAMPING OID_KP "\x08" /**< id-kp-timeStamping OBJECT IDENTIFIER ::= { id-kp 8 } */
#define OID_OCSP_SIGNING OID_KP "\x09" /**< id-kp-OCSPSigning OBJECT IDENTIFIER ::= { id-kp 9 } */
/*
* PKCS definition OIDs
*/
#define OID_PKCS OID_RSA_COMPANY "\x01" /**< pkcs OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) 1 } */
#define OID_PKCS1 OID_PKCS "\x01" /**< pkcs-1 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 1 } */
#define OID_PKCS5 OID_PKCS "\x05" /**< pkcs-5 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 5 } */
#define OID_PKCS9 OID_PKCS "\x09" /**< pkcs-9 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 9 } */
#define OID_PKCS12 OID_PKCS "\x0c" /**< pkcs-12 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 12 } */
/*
* PKCS#1 OIDs
*/
#define OID_PKCS1_RSA OID_PKCS1 "\x01" /**< rsaEncryption OBJECT IDENTIFIER ::= { pkcs-1 1 } */
#define OID_PKCS1_MD2 OID_PKCS1 "\x02" /**< md2WithRSAEncryption ::= { pkcs-1 2 } */
#define OID_PKCS1_MD4 OID_PKCS1 "\x03" /**< md4WithRSAEncryption ::= { pkcs-1 3 } */
#define OID_PKCS1_MD5 OID_PKCS1 "\x04" /**< md5WithRSAEncryption ::= { pkcs-1 4 } */
#define OID_PKCS1_SHA1 OID_PKCS1 "\x05" /**< sha1WithRSAEncryption ::= { pkcs-1 5 } */
#define OID_PKCS1_SHA224 OID_PKCS1 "\x0e" /**< sha224WithRSAEncryption ::= { pkcs-1 14 } */
#define OID_PKCS1_SHA256 OID_PKCS1 "\x0b" /**< sha256WithRSAEncryption ::= { pkcs-1 11 } */
#define OID_PKCS1_SHA384 OID_PKCS1 "\x0c" /**< sha384WithRSAEncryption ::= { pkcs-1 12 } */
#define OID_PKCS1_SHA512 OID_PKCS1 "\x0d" /**< sha512WithRSAEncryption ::= { pkcs-1 13 } */
#define OID_RSA_SHA_OBS "\x2B\x0E\x03\x02\x1D"
#define OID_PKCS9_EMAIL OID_PKCS9 "\x01" /**< emailAddress AttributeType ::= { pkcs-9 1 } */
/* RFC 4055 */
#define OID_RSASSA_PSS OID_PKCS1 "\x0a" /**< id-RSASSA-PSS ::= { pkcs-1 10 } */
#define OID_MGF1 OID_PKCS1 "\x08" /**< id-mgf1 ::= { pkcs-1 8 } */
/*
* Digest algorithms
*/
#define OID_DIGEST_ALG_MD2 OID_RSA_COMPANY "\x02\x02" /**< id-md2 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 2 } */
#define OID_DIGEST_ALG_MD4 OID_RSA_COMPANY "\x02\x04" /**< id-md4 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 4 } */
#define OID_DIGEST_ALG_MD5 OID_RSA_COMPANY "\x02\x05" /**< id-md5 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 5 } */
#define OID_DIGEST_ALG_SHA1 OID_ISO_IDENTIFIED_ORG OID_OIW_SECSIG_SHA1 /**< id-sha1 OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 26 } */
#define OID_DIGEST_ALG_SHA224 OID_GOV "\x03\x04\x02\x04" /**< id-sha224 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 4 } */
#define OID_DIGEST_ALG_SHA256 OID_GOV "\x03\x04\x02\x01" /**< id-sha256 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 1 } */
#define OID_DIGEST_ALG_SHA384 OID_GOV "\x03\x04\x02\x02" /**< id-sha384 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 2 } */
#define OID_DIGEST_ALG_SHA512 OID_GOV "\x03\x04\x02\x03" /**< id-sha512 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 3 } */
#define OID_HMAC_SHA1 OID_RSA_COMPANY "\x02\x07" /**< id-hmacWithSHA1 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 7 } */
/*
* Encryption algorithms
*/
#define OID_DES_CBC OID_ISO_IDENTIFIED_ORG OID_OIW_SECSIG_ALG "\x07" /**< desCBC OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 7 } */
#define OID_DES_EDE3_CBC OID_RSA_COMPANY "\x03\x07" /**< des-ede3-cbc OBJECT IDENTIFIER ::= { iso(1) member-body(2) -- us(840) rsadsi(113549) encryptionAlgorithm(3) 7 } */
/*
* PKCS#5 OIDs
*/
#define OID_PKCS5_PBKDF2 OID_PKCS5 "\x0c" /**< id-PBKDF2 OBJECT IDENTIFIER ::= {pkcs-5 12} */
#define OID_PKCS5_PBES2 OID_PKCS5 "\x0d" /**< id-PBES2 OBJECT IDENTIFIER ::= {pkcs-5 13} */
#define OID_PKCS5_PBMAC1 OID_PKCS5 "\x0e" /**< id-PBMAC1 OBJECT IDENTIFIER ::= {pkcs-5 14} */
/*
* PKCS#5 PBES1 algorithms
*/
#define OID_PKCS5_PBE_MD2_DES_CBC OID_PKCS5 "\x01" /**< pbeWithMD2AndDES-CBC OBJECT IDENTIFIER ::= {pkcs-5 1} */
#define OID_PKCS5_PBE_MD2_RC2_CBC OID_PKCS5 "\x04" /**< pbeWithMD2AndRC2-CBC OBJECT IDENTIFIER ::= {pkcs-5 4} */
#define OID_PKCS5_PBE_MD5_DES_CBC OID_PKCS5 "\x03" /**< pbeWithMD5AndDES-CBC OBJECT IDENTIFIER ::= {pkcs-5 3} */
#define OID_PKCS5_PBE_MD5_RC2_CBC OID_PKCS5 "\x06" /**< pbeWithMD5AndRC2-CBC OBJECT IDENTIFIER ::= {pkcs-5 6} */
#define OID_PKCS5_PBE_SHA1_DES_CBC OID_PKCS5 "\x0a" /**< pbeWithSHA1AndDES-CBC OBJECT IDENTIFIER ::= {pkcs-5 10} */
#define OID_PKCS5_PBE_SHA1_RC2_CBC OID_PKCS5 "\x0b" /**< pbeWithSHA1AndRC2-CBC OBJECT IDENTIFIER ::= {pkcs-5 11} */
/*
* PKCS#8 OIDs
*/
#define OID_PKCS9_CSR_EXT_REQ OID_PKCS9 "\x0e" /**< extensionRequest OBJECT IDENTIFIER ::= {pkcs-9 14} */
/*
* PKCS#12 PBE OIDs
*/
#define OID_PKCS12_PBE OID_PKCS12 "\x01" /**< pkcs-12PbeIds OBJECT IDENTIFIER ::= {pkcs-12 1} */
#define OID_PKCS12_PBE_SHA1_RC4_128 OID_PKCS12_PBE "\x01" /**< pbeWithSHAAnd128BitRC4 OBJECT IDENTIFIER ::= {pkcs-12PbeIds 1} */
#define OID_PKCS12_PBE_SHA1_RC4_40 OID_PKCS12_PBE "\x02" /**< pbeWithSHAAnd40BitRC4 OBJECT IDENTIFIER ::= {pkcs-12PbeIds 2} */
#define OID_PKCS12_PBE_SHA1_DES3_EDE_CBC OID_PKCS12_PBE "\x03" /**< pbeWithSHAAnd3-KeyTripleDES-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 3} */
#define OID_PKCS12_PBE_SHA1_DES2_EDE_CBC OID_PKCS12_PBE "\x04" /**< pbeWithSHAAnd2-KeyTripleDES-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 4} */
#define OID_PKCS12_PBE_SHA1_RC2_128_CBC OID_PKCS12_PBE "\x05" /**< pbeWithSHAAnd128BitRC2-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 5} */
#define OID_PKCS12_PBE_SHA1_RC2_40_CBC OID_PKCS12_PBE "\x06" /**< pbeWithSHAAnd40BitRC2-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 6} */
/*
* EC key algorithms from RFC 5480
*/
/* id-ecPublicKey OBJECT IDENTIFIER ::= {
* iso(1) member-body(2) us(840) ansi-X9-62(10045) keyType(2) 1 } */
#define OID_EC_ALG_UNRESTRICTED OID_ANSI_X9_62 "\x02\01"
/* id-ecDH OBJECT IDENTIFIER ::= {
* iso(1) identified-organization(3) certicom(132)
* schemes(1) ecdh(12) } */
#define OID_EC_ALG_ECDH OID_CERTICOM "\x01\x0c"
/*
* ECParameters namedCurve identifiers, from RFC 5480, RFC 5639, and SEC2
*/
/* secp192r1 OBJECT IDENTIFIER ::= {
* iso(1) member-body(2) us(840) ansi-X9-62(10045) curves(3) prime(1) 1 } */
#define OID_EC_GRP_SECP192R1 OID_ANSI_X9_62 "\x03\x01\x01"
/* secp224r1 OBJECT IDENTIFIER ::= {
* iso(1) identified-organization(3) certicom(132) curve(0) 33 } */
#define OID_EC_GRP_SECP224R1 OID_CERTICOM "\x00\x21"
/* secp256r1 OBJECT IDENTIFIER ::= {
* iso(1) member-body(2) us(840) ansi-X9-62(10045) curves(3) prime(1) 7 } */
#define OID_EC_GRP_SECP256R1 OID_ANSI_X9_62 "\x03\x01\x07"
/* secp384r1 OBJECT IDENTIFIER ::= {
* iso(1) identified-organization(3) certicom(132) curve(0) 34 } */
#define OID_EC_GRP_SECP384R1 OID_CERTICOM "\x00\x22"
/* secp521r1 OBJECT IDENTIFIER ::= {
* iso(1) identified-organization(3) certicom(132) curve(0) 35 } */
#define OID_EC_GRP_SECP521R1 OID_CERTICOM "\x00\x23"
/* secp192k1 OBJECT IDENTIFIER ::= {
* iso(1) identified-organization(3) certicom(132) curve(0) 31 } */
#define OID_EC_GRP_SECP192K1 OID_CERTICOM "\x00\x1f"
/* secp224k1 OBJECT IDENTIFIER ::= {
* iso(1) identified-organization(3) certicom(132) curve(0) 32 } */
#define OID_EC_GRP_SECP224K1 OID_CERTICOM "\x00\x20"
/* secp256k1 OBJECT IDENTIFIER ::= {
* iso(1) identified-organization(3) certicom(132) curve(0) 10 } */
#define OID_EC_GRP_SECP256K1 OID_CERTICOM "\x00\x0a"
/* RFC 5639 4.1
* ecStdCurvesAndGeneration OBJECT IDENTIFIER::= {iso(1)
* identified-organization(3) teletrust(36) algorithm(3) signature-
* algorithm(3) ecSign(2) 8}
* ellipticCurve OBJECT IDENTIFIER ::= {ecStdCurvesAndGeneration 1}
* versionOne OBJECT IDENTIFIER ::= {ellipticCurve 1} */
#define OID_EC_BRAINPOOL_V1 OID_TELETRUST "\x03\x03\x02\x08\x01\x01"
/* brainpoolP256r1 OBJECT IDENTIFIER ::= {versionOne 7} */
#define OID_EC_GRP_BP256R1 OID_EC_BRAINPOOL_V1 "\x07"
/* brainpoolP384r1 OBJECT IDENTIFIER ::= {versionOne 11} */
#define OID_EC_GRP_BP384R1 OID_EC_BRAINPOOL_V1 "\x0B"
/* brainpoolP512r1 OBJECT IDENTIFIER ::= {versionOne 13} */
#define OID_EC_GRP_BP512R1 OID_EC_BRAINPOOL_V1 "\x0D"
/*
* SEC1 C.1
*
* prime-field OBJECT IDENTIFIER ::= { id-fieldType 1 }
* id-fieldType OBJECT IDENTIFIER ::= { ansi-X9-62 fieldType(1)}
*/
#define OID_ANSI_X9_62_FIELD_TYPE OID_ANSI_X9_62 "\x01"
#define OID_ANSI_X9_62_PRIME_FIELD OID_ANSI_X9_62_FIELD_TYPE "\x01"
/*
* ECDSA signature identifiers, from RFC 5480
*/
#define OID_ANSI_X9_62_SIG OID_ANSI_X9_62 "\x04" /* signatures(4) */
#define OID_ANSI_X9_62_SIG_SHA2 OID_ANSI_X9_62_SIG "\x03" /* ecdsa-with-SHA2(3) */
/* ecdsa-with-SHA1 OBJECT IDENTIFIER ::= {
* iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4) 1 } */
#define OID_ECDSA_SHA1 OID_ANSI_X9_62_SIG "\x01"
/* ecdsa-with-SHA224 OBJECT IDENTIFIER ::= {
* iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4)
* ecdsa-with-SHA2(3) 1 } */
#define OID_ECDSA_SHA224 OID_ANSI_X9_62_SIG_SHA2 "\x01"
/* ecdsa-with-SHA256 OBJECT IDENTIFIER ::= {
* iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4)
* ecdsa-with-SHA2(3) 2 } */
#define OID_ECDSA_SHA256 OID_ANSI_X9_62_SIG_SHA2 "\x02"
/* ecdsa-with-SHA384 OBJECT IDENTIFIER ::= {
* iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4)
* ecdsa-with-SHA2(3) 3 } */
#define OID_ECDSA_SHA384 OID_ANSI_X9_62_SIG_SHA2 "\x03"
/* ecdsa-with-SHA512 OBJECT IDENTIFIER ::= {
* iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4)
* ecdsa-with-SHA2(3) 4 } */
#define OID_ECDSA_SHA512 OID_ANSI_X9_62_SIG_SHA2 "\x04"
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief Base OID descriptor structure
*/
typedef struct {
const char *asn1; /*!< OID ASN.1 representation */
size_t asn1_len; /*!< length of asn1 */
const char *name; /*!< official name (e.g. from RFC) */
const char *description; /*!< human friendly description */
} oid_descriptor_t;
/**
* \brief Translate an ASN.1 OID into its numeric representation
* (e.g. "\x2A\x86\x48\x86\xF7\x0D" into "1.2.840.113549")
*
* \param buf buffer to put representation in
* \param size size of the buffer
* \param oid OID to translate
*
* \return Length of the string written (excluding final NULL) or
* POLARSSL_ERR_OID_BUF_TO_SMALL in case of error
*/
int oid_get_numeric_string( char *buf, size_t size, const asn1_buf *oid );
#if defined(POLARSSL_X509_USE_C) || defined(POLARSSL_X509_CREATE_C)
/**
* \brief Translate an X.509 extension OID into local values
*
* \param oid OID to use
* \param ext_type place to store the extension type
*
* \return 0 if successful, or POLARSSL_ERR_OID_NOT_FOUND
*/
int oid_get_x509_ext_type( const asn1_buf *oid, int *ext_type );
#endif
/**
* \brief Translate an X.509 attribute type OID into the short name
* (e.g. the OID for an X520 Common Name into "CN")
*
* \param oid OID to use
* \param short_name place to store the string pointer
*
* \return 0 if successful, or POLARSSL_ERR_OID_NOT_FOUND
*/
int oid_get_attr_short_name( const asn1_buf *oid, const char **short_name );
/**
* \brief Translate PublicKeyAlgorithm OID into pk_type
*
* \param oid OID to use
* \param pk_alg place to store public key algorithm
*
* \return 0 if successful, or POLARSSL_ERR_OID_NOT_FOUND
*/
int oid_get_pk_alg( const asn1_buf *oid, pk_type_t *pk_alg );
/**
* \brief Translate pk_type into PublicKeyAlgorithm OID
*
* \param pk_alg Public key type to look for
* \param oid place to store ASN.1 OID string pointer
* \param olen length of the OID
*
* \return 0 if successful, or POLARSSL_ERR_OID_NOT_FOUND
*/
int oid_get_oid_by_pk_alg( pk_type_t pk_alg,
const char **oid, size_t *olen );
#if defined(POLARSSL_ECP_C)
/**
* \brief Translate NamedCurve OID into an EC group identifier
*
* \param oid OID to use
* \param grp_id place to store group id
*
* \return 0 if successful, or POLARSSL_ERR_OID_NOT_FOUND
*/
int oid_get_ec_grp( const asn1_buf *oid, ecp_group_id *grp_id );
/**
* \brief Translate EC group identifier into NamedCurve OID
*
* \param grp_id EC group identifier
* \param oid place to store ASN.1 OID string pointer
* \param olen length of the OID
*
* \return 0 if successful, or POLARSSL_ERR_OID_NOT_FOUND
*/
int oid_get_oid_by_ec_grp( ecp_group_id grp_id,
const char **oid, size_t *olen );
#endif /* POLARSSL_ECP_C */
#if defined(POLARSSL_MD_C)
/**
* \brief Translate SignatureAlgorithm OID into md_type and pk_type
*
* \param oid OID to use
* \param md_alg place to store message digest algorithm
* \param pk_alg place to store public key algorithm
*
* \return 0 if successful, or POLARSSL_ERR_OID_NOT_FOUND
*/
int oid_get_sig_alg( const asn1_buf *oid,
md_type_t *md_alg, pk_type_t *pk_alg );
/**
* \brief Translate SignatureAlgorithm OID into description
*
* \param oid OID to use
* \param desc place to store string pointer
*
* \return 0 if successful, or POLARSSL_ERR_OID_NOT_FOUND
*/
int oid_get_sig_alg_desc( const asn1_buf *oid, const char **desc );
/**
* \brief Translate md_type and pk_type into SignatureAlgorithm OID
*
* \param md_alg message digest algorithm
* \param pk_alg public key algorithm
* \param oid place to store ASN.1 OID string pointer
* \param olen length of the OID
*
* \return 0 if successful, or POLARSSL_ERR_OID_NOT_FOUND
*/
int oid_get_oid_by_sig_alg( pk_type_t pk_alg, md_type_t md_alg,
const char **oid, size_t *olen );
/**
* \brief Translate hash algorithm OID into md_type
*
* \param oid OID to use
* \param md_alg place to store message digest algorithm
*
* \return 0 if successful, or POLARSSL_ERR_OID_NOT_FOUND
*/
int oid_get_md_alg( const asn1_buf *oid, md_type_t *md_alg );
#endif /* POLARSSL_MD_C */
/**
* \brief Translate Extended Key Usage OID into description
*
* \param oid OID to use
* \param desc place to store string pointer
*
* \return 0 if successful, or POLARSSL_ERR_OID_NOT_FOUND
*/
int oid_get_extended_key_usage( const asn1_buf *oid, const char **desc );
/**
* \brief Translate md_type into hash algorithm OID
*
* \param md_alg message digest algorithm
* \param oid place to store ASN.1 OID string pointer
* \param olen length of the OID
*
* \return 0 if successful, or POLARSSL_ERR_OID_NOT_FOUND
*/
int oid_get_oid_by_md( md_type_t md_alg, const char **oid, size_t *olen );
#if defined(POLARSSL_CIPHER_C)
/**
* \brief Translate encryption algorithm OID into cipher_type
*
* \param oid OID to use
* \param cipher_alg place to store cipher algorithm
*
* \return 0 if successful, or POLARSSL_ERR_OID_NOT_FOUND
*/
int oid_get_cipher_alg( const asn1_buf *oid, cipher_type_t *cipher_alg );
#endif /* POLARSSL_CIPHER_C */
#if defined(POLARSSL_PKCS12_C)
/**
* \brief Translate PKCS#12 PBE algorithm OID into md_type and
* cipher_type
*
* \param oid OID to use
* \param md_alg place to store message digest algorithm
* \param cipher_alg place to store cipher algorithm
*
* \return 0 if successful, or POLARSSL_ERR_OID_NOT_FOUND
*/
int oid_get_pkcs12_pbe_alg( const asn1_buf *oid, md_type_t *md_alg,
cipher_type_t *cipher_alg );
#endif /* POLARSSL_PKCS12_C */
#ifdef __cplusplus
}
#endif
#endif /* oid.h */

140
Externals/polarssl/include/polarssl/openssl.h vendored
View File

@ -1,140 +0,0 @@
/**
* \file openssl.h
*
* \brief OpenSSL wrapper (definitions, inline functions).
*
* Copyright (C) 2006-2010, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
/*
* OpenSSL wrapper contributed by David Barett
*/
#ifndef POLARSSL_OPENSSL_H
#define POLARSSL_OPENSSL_H
#include "aes.h"
#include "md5.h"
#include "rsa.h"
#include "sha1.h"
#define AES_SIZE 16
#define AES_BLOCK_SIZE 16
#define AES_KEY aes_context
#define MD5_CTX md5_context
#define SHA_CTX sha1_context
#define SHA1_Init( CTX ) \
sha1_starts( (CTX) )
#define SHA1_Update( CTX, BUF, LEN ) \
sha1_update( (CTX), (unsigned char *)(BUF), (LEN) )
#define SHA1_Final( OUT, CTX ) \
sha1_finish( (CTX), (OUT) )
#define MD5_Init( CTX ) \
md5_starts( (CTX) )
#define MD5_Update( CTX, BUF, LEN ) \
md5_update( (CTX), (unsigned char *)(BUF), (LEN) )
#define MD5_Final( OUT, CTX ) \
md5_finish( (CTX), (OUT) )
#define AES_set_encrypt_key( KEY, KEYSIZE, CTX ) \
aes_setkey_enc( (CTX), (KEY), (KEYSIZE) )
#define AES_set_decrypt_key( KEY, KEYSIZE, CTX ) \
aes_setkey_dec( (CTX), (KEY), (KEYSIZE) )
#define AES_cbc_encrypt( INPUT, OUTPUT, LEN, CTX, IV, MODE ) \
aes_crypt_cbc( (CTX), (MODE), (LEN), (IV), (INPUT), (OUTPUT) )
#ifdef __cplusplus
extern "C" {
#endif
/*
* RSA stuff follows. TODO: needs cleanup
*/
inline int __RSA_Passthrough( void *output, void *input, int size )
{
memcpy( output, input, size );
return size;
}
inline rsa_context* d2i_RSA_PUBKEY( void *ignore, unsigned char **bufptr,
int len )
{
unsigned char *buffer = *(unsigned char **) bufptr;
rsa_context *rsa;
/*
* Not a general-purpose parser: only parses public key from *exactly*
* openssl genrsa -out privkey.pem 512 (or 1024)
* openssl rsa -in privkey.pem -out privatekey.der -outform der
* openssl rsa -in privkey.pem -out pubkey.der -outform der -pubout
*
* TODO: make a general-purpose parse
*/
if( ignore != 0 || ( len != 94 && len != 162 ) )
return( 0 );
rsa = (rsa_context *) malloc( sizeof( rsa_rsa ) );
if( rsa == NULL )
return( 0 );
memset( rsa, 0, sizeof( rsa_context ) );
if( ( len == 94 &&
mpi_read_binary( &rsa->N, &buffer[ 25], 64 ) == 0 &&
mpi_read_binary( &rsa->E, &buffer[ 91], 3 ) == 0 ) ||
( len == 162 &&
mpi_read_binary( &rsa->N, &buffer[ 29], 128 ) == 0 ) &&
mpi_read_binary( &rsa->E, &buffer[159], 3 ) == 0 )
{
/*
* key read successfully
*/
rsa->len = ( mpi_msb( &rsa->N ) + 7 ) >> 3;
return( rsa );
}
else
{
memset( rsa, 0, sizeof( rsa_context ) );
free( rsa );
return( 0 );
}
}
#define RSA rsa_context
#define RSA_PKCS1_PADDING 1 /* ignored; always encrypt with this */
#define RSA_size( CTX ) (CTX)->len
#define RSA_free( CTX ) rsa_free( CTX )
#define ERR_get_error( ) "ERR_get_error() not supported"
#define RSA_blinding_off( IGNORE )
#define d2i_RSAPrivateKey( a, b, c ) new rsa_context /* TODO: C++ bleh */
inline int RSA_public_decrypt ( int size, unsigned char* input, unsigned char* output, RSA* key, int ignore ) { int outsize=size; if( !rsa_pkcs1_decrypt( key, RSA_PUBLIC, &outsize, input, output ) ) return outsize; else return -1; }
inline int RSA_private_decrypt( int size, unsigned char* input, unsigned char* output, RSA* key, int ignore ) { int outsize=size; if( !rsa_pkcs1_decrypt( key, RSA_PRIVATE, &outsize, input, output ) ) return outsize; else return -1; }
inline int RSA_public_encrypt ( int size, unsigned char* input, unsigned char* output, RSA* key, int ignore ) { if( !rsa_pkcs1_encrypt( key, RSA_PUBLIC, size, input, output ) ) return RSA_size(key); else return -1; }
inline int RSA_private_encrypt( int size, unsigned char* input, unsigned char* output, RSA* key, int ignore ) { if( !rsa_pkcs1_encrypt( key, RSA_PRIVATE, size, input, output ) ) return RSA_size(key); else return -1; }
#ifdef __cplusplus
}
#endif
#endif /* openssl.h */

109
Externals/polarssl/include/polarssl/padlock.h vendored
View File

@ -1,109 +0,0 @@
/**
* \file padlock.h
*
* \brief VIA PadLock ACE for HW encryption/decryption supported by some
* processors
*
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_PADLOCK_H
#define POLARSSL_PADLOCK_H
#include "aes.h"
#define POLARSSL_ERR_PADLOCK_DATA_MISALIGNED -0x0030 /**< Input data should be aligned. */
#if defined(POLARSSL_HAVE_ASM) && defined(__GNUC__) && defined(__i386__)
#ifndef POLARSSL_HAVE_X86
#define POLARSSL_HAVE_X86
#endif
#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32)
#include <basetsd.h>
typedef INT32 int32_t;
#else
#include <inttypes.h>
#endif
#define PADLOCK_RNG 0x000C
#define PADLOCK_ACE 0x00C0
#define PADLOCK_PHE 0x0C00
#define PADLOCK_PMM 0x3000
#define PADLOCK_ALIGN16(x) (uint32_t *) (16 + ((int32_t) x & ~15))
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief PadLock detection routine
*
* \param feature The feature to detect
*
* \return 1 if CPU has support for the feature, 0 otherwise
*/
int padlock_supports( int feature );
/**
* \brief PadLock AES-ECB block en(de)cryption
*
* \param ctx AES context
* \param mode AES_ENCRYPT or AES_DECRYPT
* \param input 16-byte input block
* \param output 16-byte output block
*
* \return 0 if success, 1 if operation failed
*/
int padlock_xcryptecb( aes_context *ctx,
int mode,
const unsigned char input[16],
unsigned char output[16] );
/**
* \brief PadLock AES-CBC buffer en(de)cryption
*
* \param ctx AES context
* \param mode AES_ENCRYPT or AES_DECRYPT
* \param length length of the input data
* \param iv initialization vector (updated after use)
* \param input buffer holding the input data
* \param output buffer holding the output data
*
* \return 0 if success, 1 if operation failed
*/
int padlock_xcryptcbc( aes_context *ctx,
int mode,
size_t length,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output );
#ifdef __cplusplus
}
#endif
#endif /* HAVE_X86 */
#endif /* padlock.h */

82
Externals/polarssl/include/polarssl/pbkdf2.h vendored
View File

@ -1,82 +0,0 @@
/**
* \file pbkdf2.h
*
* \brief Password-Based Key Derivation Function 2 (from PKCS#5)
* DEPRECATED: use pkcs5.h instead.
*
* \author Mathias Olsson <mathias@kompetensum.com>
*
* Copyright (C) 2006-2012, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_PBKDF2_H
#define POLARSSL_PBKDF2_H
#include <string.h>
#include "md.h"
#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32)
#include <basetsd.h>
typedef UINT32 uint32_t;
#else
#include <inttypes.h>
#endif
#define POLARSSL_ERR_PBKDF2_BAD_INPUT_DATA -0x007C /**< Bad input parameters to function. */
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief PKCS#5 PBKDF2 using HMAC
* DEPRECATED: Use pkcs5_pbkdf2_hmac() instead!
*
* \param ctx Generic HMAC context
* \param password Password to use when generating key
* \param plen Length of password
* \param salt Salt to use when generating key
* \param slen Length of salt
* \param iteration_count Iteration count
* \param key_length Length of generated key
* \param output Generated key. Must be at least as big as key_length
*
* \returns 0 on success, or a PolarSSL error code if verification fails.
*/
int pbkdf2_hmac( md_context_t *ctx, const unsigned char *password,
size_t plen, const unsigned char *salt, size_t slen,
unsigned int iteration_count,
uint32_t key_length, unsigned char *output );
/**
* \brief Checkup routine
* DEPRECATED: Use pkcs5_self_test() instead!
*
* \return 0 if successful, or 1 if the test failed
*/
int pbkdf2_self_test( int verbose );
#ifdef __cplusplus
}
#endif
#endif /* pbkdf2.h */

133
Externals/polarssl/include/polarssl/pem.h vendored
View File

@ -1,133 +0,0 @@
/**
* \file pem.h
*
* \brief Privacy Enhanced Mail (PEM) decoding
*
* Copyright (C) 2006-2013, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_PEM_H
#define POLARSSL_PEM_H
#include <string.h>
/**
* \name PEM Error codes
* These error codes are returned in case of errors reading the
* PEM data.
* \{
*/
#define POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT -0x1080 /**< No PEM header or footer found. */
#define POLARSSL_ERR_PEM_INVALID_DATA -0x1100 /**< PEM string is not as expected. */
#define POLARSSL_ERR_PEM_MALLOC_FAILED -0x1180 /**< Failed to allocate memory. */
#define POLARSSL_ERR_PEM_INVALID_ENC_IV -0x1200 /**< RSA IV is not in hex-format. */
#define POLARSSL_ERR_PEM_UNKNOWN_ENC_ALG -0x1280 /**< Unsupported key encryption algorithm. */
#define POLARSSL_ERR_PEM_PASSWORD_REQUIRED -0x1300 /**< Private key password can't be empty. */
#define POLARSSL_ERR_PEM_PASSWORD_MISMATCH -0x1380 /**< Given private key password does not allow for correct decryption. */
#define POLARSSL_ERR_PEM_FEATURE_UNAVAILABLE -0x1400 /**< Unavailable feature, e.g. hashing/encryption combination. */
#define POLARSSL_ERR_PEM_BAD_INPUT_DATA -0x1480 /**< Bad input parameters to function. */
/* \} name */
#ifdef __cplusplus
extern "C" {
#endif
#if defined(POLARSSL_PEM_PARSE_C)
/**
* \brief PEM context structure
*/
typedef struct
{
unsigned char *buf; /*!< buffer for decoded data */
size_t buflen; /*!< length of the buffer */
unsigned char *info; /*!< buffer for extra header information */
}
pem_context;
/**
* \brief PEM context setup
*
* \param ctx context to be initialized
*/
void pem_init( pem_context *ctx );
/**
* \brief Read a buffer for PEM information and store the resulting
* data into the specified context buffers.
*
* \param ctx context to use
* \param header header string to seek and expect
* \param footer footer string to seek and expect
* \param data source data to look in
* \param pwd password for decryption (can be NULL)
* \param pwdlen length of password
* \param use_len destination for total length used (set after header is
* correctly read, so unless you get
* POLARSSL_ERR_PEM_BAD_INPUT_DATA or
* POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT, use_len is
* the length to skip)
*
* \note Attempts to check password correctness by verifying if
* the decrypted text starts with an ASN.1 sequence of
* appropriate length
*
* \return 0 on success, or a specific PEM error code
*/
int pem_read_buffer( pem_context *ctx, const char *header, const char *footer,
const unsigned char *data,
const unsigned char *pwd,
size_t pwdlen, size_t *use_len );
/**
* \brief PEM context memory freeing
*
* \param ctx context to be freed
*/
void pem_free( pem_context *ctx );
#endif /* POLARSSL_PEM_PARSE_C */
#if defined(POLARSSL_PEM_WRITE_C)
/**
* \brief Write a buffer of PEM information from a DER encoded
* buffer.
*
* \param header header string to write
* \param footer footer string to write
* \param der_data DER data to write
* \param der_len length of the DER data
* \param buf buffer to write to
* \param buf_len length of output buffer
* \param olen total length written / required (if buf_len is not enough)
*
* \return 0 on success, or a specific PEM or BASE64 error code. On
* POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL olen is the required
* size.
*/
int pem_write_buffer( const char *header, const char *footer,
const unsigned char *der_data, size_t der_len,
unsigned char *buf, size_t buf_len, size_t *olen );
#endif /* POLARSSL_PEM_WRITE_C */
#ifdef __cplusplus
}
#endif
#endif /* pem.h */

632
Externals/polarssl/include/polarssl/pk.h vendored
View File

@ -1,632 +0,0 @@
/**
* \file pk.h
*
* \brief Public Key abstraction layer
*
* Copyright (C) 2006-2013, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_PK_H
#define POLARSSL_PK_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include "md.h"
#if defined(POLARSSL_RSA_C)
#include "rsa.h"
#endif
#if defined(POLARSSL_ECP_C)
#include "ecp.h"
#endif
#if defined(POLARSSL_ECDSA_C)
#include "ecdsa.h"
#endif
#define POLARSSL_ERR_PK_MALLOC_FAILED -0x2F80 /**< Memory alloation failed. */
#define POLARSSL_ERR_PK_TYPE_MISMATCH -0x2F00 /**< Type mismatch, eg attempt to encrypt with an ECDSA key */
#define POLARSSL_ERR_PK_BAD_INPUT_DATA -0x2E80 /**< Bad input parameters to function. */
#define POLARSSL_ERR_PK_FILE_IO_ERROR -0x2E00 /**< Read/write of file failed. */
#define POLARSSL_ERR_PK_KEY_INVALID_VERSION -0x2D80 /**< Unsupported key version */
#define POLARSSL_ERR_PK_KEY_INVALID_FORMAT -0x2D00 /**< Invalid key tag or value. */
#define POLARSSL_ERR_PK_UNKNOWN_PK_ALG -0x2C80 /**< Key algorithm is unsupported (only RSA and EC are supported). */
#define POLARSSL_ERR_PK_PASSWORD_REQUIRED -0x2C00 /**< Private key password can't be empty. */
#define POLARSSL_ERR_PK_PASSWORD_MISMATCH -0x2B80 /**< Given private key password does not allow for correct decryption. */
#define POLARSSL_ERR_PK_INVALID_PUBKEY -0x2B00 /**< The pubkey tag or value is invalid (only RSA and EC are supported). */
#define POLARSSL_ERR_PK_INVALID_ALG -0x2A80 /**< The algorithm tag or value is invalid. */
#define POLARSSL_ERR_PK_UNKNOWN_NAMED_CURVE -0x2A00 /**< Elliptic curve is unsupported (only NIST curves are supported). */
#define POLARSSL_ERR_PK_FEATURE_UNAVAILABLE -0x2980 /**< Unavailable feature, e.g. RSA disabled for RSA key. */
#define POLARSSL_ERR_PK_SIG_LEN_MISMATCH -0x2000 /**< The signature is valid but its length is less than expected. */
#if defined(POLARSSL_RSA_C)
/**
* Quick access to an RSA context inside a PK context.
*
* \warning You must make sure the PK context actually holds an RSA context
* before using this macro!
*/
#define pk_rsa( pk ) ( (rsa_context *) (pk).pk_ctx )
#endif /* POLARSSL_RSA_C */
#if defined(POLARSSL_ECP_C)
/**
* Quick access to an EC context inside a PK context.
*
* \warning You must make sure the PK context actually holds an EC context
* before using this macro!
*/
#define pk_ec( pk ) ( (ecp_keypair *) (pk).pk_ctx )
#endif /* POLARSSL_ECP_C */
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief Public key types
*/
typedef enum {
POLARSSL_PK_NONE=0,
POLARSSL_PK_RSA,
POLARSSL_PK_ECKEY,
POLARSSL_PK_ECKEY_DH,
POLARSSL_PK_ECDSA,
POLARSSL_PK_RSA_ALT,
POLARSSL_PK_RSASSA_PSS,
} pk_type_t;
/**
* \brief Options for RSASSA-PSS signature verification.
* See \c rsa_rsassa_pss_verify_ext()
*/
typedef struct
{
md_type_t mgf1_hash_id;
int expected_salt_len;
} pk_rsassa_pss_options;
/**
* \brief Types for interfacing with the debug module
*/
typedef enum
{
POLARSSL_PK_DEBUG_NONE = 0,
POLARSSL_PK_DEBUG_MPI,
POLARSSL_PK_DEBUG_ECP,
} pk_debug_type;
/**
* \brief Item to send to the debug module
*/
typedef struct
{
pk_debug_type type;
const char *name;
void *value;
} pk_debug_item;
/** Maximum number of item send for debugging, plus 1 */
#define POLARSSL_PK_DEBUG_MAX_ITEMS 3
/**
* \brief Public key information and operations
*/
typedef struct
{
/** Public key type */
pk_type_t type;
/** Type name */
const char *name;
/** Get key size in bits */
size_t (*get_size)( const void * );
/** Tell if the context implements this type (e.g. ECKEY can do ECDSA) */
int (*can_do)( pk_type_t type );
/** Verify signature */
int (*verify_func)( void *ctx, md_type_t md_alg,
const unsigned char *hash, size_t hash_len,
const unsigned char *sig, size_t sig_len );
/** Make signature */
int (*sign_func)( void *ctx, md_type_t md_alg,
const unsigned char *hash, size_t hash_len,
unsigned char *sig, size_t *sig_len,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );
/** Decrypt message */
int (*decrypt_func)( void *ctx, const unsigned char *input, size_t ilen,
unsigned char *output, size_t *olen, size_t osize,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );
/** Encrypt message */
int (*encrypt_func)( void *ctx, const unsigned char *input, size_t ilen,
unsigned char *output, size_t *olen, size_t osize,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );
/** Allocate a new context */
void * (*ctx_alloc_func)( void );
/** Free the given context */
void (*ctx_free_func)( void *ctx );
/** Interface with the debug module */
void (*debug_func)( const void *ctx, pk_debug_item *items );
} pk_info_t;
/**
* \brief Public key container
*/
typedef struct
{
const pk_info_t * pk_info; /**< Public key informations */
void * pk_ctx; /**< Underlying public key context */
} pk_context;
/**
* \brief Types for RSA-alt abstraction
*/
typedef int (*pk_rsa_alt_decrypt_func)( void *ctx, int mode, size_t *olen,
const unsigned char *input, unsigned char *output,
size_t output_max_len );
typedef int (*pk_rsa_alt_sign_func)( void *ctx,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
int mode, md_type_t md_alg, unsigned int hashlen,
const unsigned char *hash, unsigned char *sig );
typedef size_t (*pk_rsa_alt_key_len_func)( void *ctx );
/**
* \brief Return information associated with the given PK type
*
* \param pk_type PK type to search for.
*
* \return The PK info associated with the type or NULL if not found.
*/
const pk_info_t *pk_info_from_type( pk_type_t pk_type );
/**
* \brief Initialize a pk_context (as NONE)
*/
void pk_init( pk_context *ctx );
/**
* \brief Free a pk_context
*/
void pk_free( pk_context *ctx );
/**
* \brief Initialize a PK context with the information given
* and allocates the type-specific PK subcontext.
*
* \param ctx Context to initialize. Must be empty (type NONE).
* \param info Information to use
*
* \return 0 on success,
* POLARSSL_ERR_PK_BAD_INPUT_DATA on invalid input,
* POLARSSL_ERR_PK_MALLOC_FAILED on allocation failure.
*
* \note For contexts holding an RSA-alt key, use
* \c pk_init_ctx_rsa_alt() instead.
*/
int pk_init_ctx( pk_context *ctx, const pk_info_t *info );
/**
* \brief Initialize an RSA-alt context
*
* \param ctx Context to initialize. Must be empty (type NONE).
* \param key RSA key pointer
* \param decrypt_func Decryption function
* \param sign_func Signing function
* \param key_len_func Function returning key length in bytes
*
* \return 0 on success, or POLARSSL_ERR_PK_BAD_INPUT_DATA if the
* context wasn't already initialized as RSA_ALT.
*
* \note This function replaces \c pk_init_ctx() for RSA-alt.
*/
int pk_init_ctx_rsa_alt( pk_context *ctx, void * key,
pk_rsa_alt_decrypt_func decrypt_func,
pk_rsa_alt_sign_func sign_func,
pk_rsa_alt_key_len_func key_len_func );
/**
* \brief Get the size in bits of the underlying key
*
* \param ctx Context to use
*
* \return Key size in bits, or 0 on error
*/
size_t pk_get_size( const pk_context *ctx );
/**
* \brief Get the length in bytes of the underlying key
* \param ctx Context to use
*
* \return Key length in bytes, or 0 on error
*/
static inline size_t pk_get_len( const pk_context *ctx )
{
return( ( pk_get_size( ctx ) + 7 ) / 8 );
}
/**
* \brief Tell if a context can do the operation given by type
*
* \param ctx Context to test
* \param type Target type
*
* \return 0 if context can't do the operations,
* 1 otherwise.
*/
int pk_can_do( pk_context *ctx, pk_type_t type );
/**
* \brief Verify signature (including padding if relevant).
*
* \param ctx PK context to use
* \param md_alg Hash algorithm used (see notes)
* \param hash Hash of the message to sign
* \param hash_len Hash length or 0 (see notes)
* \param sig Signature to verify
* \param sig_len Signature length
*
* \return 0 on success (signature is valid),
* POLARSSL_ERR_PK_SIG_LEN_MISMATCH if the signature is
* valid but its actual length is less than sig_len,
* or a specific error code.
*
* \note For RSA keys, the default padding type is PKCS#1 v1.5.
* Use \c pk_verify_ext( POLARSSL_PK_RSASSA_PSS, ... )
* to verify RSASSA_PSS signatures.
*
* \note If hash_len is 0, then the length associated with md_alg
* is used instead, or an error returned if it is invalid.
*
* \note md_alg may be POLARSSL_MD_NONE, only if hash_len != 0
*/
int pk_verify( pk_context *ctx, md_type_t md_alg,
const unsigned char *hash, size_t hash_len,
const unsigned char *sig, size_t sig_len );
/**
* \brief Verify signature, with options.
* (Includes verification of the padding depending on type.)
*
* \param type Signature type (inc. possible padding type) to verify
* \param options Pointer to type-specific options, or NULL
* \param ctx PK context to use
* \param md_alg Hash algorithm used (see notes)
* \param hash Hash of the message to sign
* \param hash_len Hash length or 0 (see notes)
* \param sig Signature to verify
* \param sig_len Signature length
*
* \return 0 on success (signature is valid),
* POLARSSL_ERR_PK_TYPE_MISMATCH if the PK context can't be
* used for this type of signatures,
* POLARSSL_ERR_PK_SIG_LEN_MISMATCH if the signature is
* valid but its actual length is less than sig_len,
* or a specific error code.
*
* \note If hash_len is 0, then the length associated with md_alg
* is used instead, or an error returned if it is invalid.
*
* \note md_alg may be POLARSSL_MD_NONE, only if hash_len != 0
*
* \note If type is POLARSSL_PK_RSASSA_PSS, then options must point
* to a pk_rsassa_pss_options structure,
* otherwise it must be NULL.
*/
int pk_verify_ext( pk_type_t type, const void *options,
pk_context *ctx, md_type_t md_alg,
const unsigned char *hash, size_t hash_len,
const unsigned char *sig, size_t sig_len );
/**
* \brief Make signature, including padding if relevant.
*
* \param ctx PK context to use
* \param md_alg Hash algorithm used (see notes)
* \param hash Hash of the message to sign
* \param hash_len Hash length or 0 (see notes)
* \param sig Place to write the signature
* \param sig_len Number of bytes written
* \param f_rng RNG function
* \param p_rng RNG parameter
*
* \return 0 on success, or a specific error code.
*
* \note For RSA keys, the default padding type is PKCS#1 v1.5.
* There is no interface in the PK module to make RSASSA-PSS
* signatures yet.
*
* \note If hash_len is 0, then the length associated with md_alg
* is used instead, or an error returned if it is invalid.
*
* \note md_alg may be POLARSSL_MD_NONE, only if hash_len != 0
*/
int pk_sign( pk_context *ctx, md_type_t md_alg,
const unsigned char *hash, size_t hash_len,
unsigned char *sig, size_t *sig_len,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
/**
* \brief Decrypt message (including padding if relevant).
*
* \param ctx PK context to use
* \param input Input to decrypt
* \param ilen Input size
* \param output Decrypted output
* \param olen Decrypted message length
* \param osize Size of the output buffer
* \param f_rng RNG function
* \param p_rng RNG parameter
*
* \note For RSA keys, the default padding type is PKCS#1 v1.5.
*
* \return 0 on success, or a specific error code.
*/
int pk_decrypt( pk_context *ctx,
const unsigned char *input, size_t ilen,
unsigned char *output, size_t *olen, size_t osize,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
/**
* \brief Encrypt message (including padding if relevant).
*
* \param ctx PK context to use
* \param input Message to encrypt
* \param ilen Message size
* \param output Encrypted output
* \param olen Encrypted output length
* \param osize Size of the output buffer
* \param f_rng RNG function
* \param p_rng RNG parameter
*
* \note For RSA keys, the default padding type is PKCS#1 v1.5.
*
* \return 0 on success, or a specific error code.
*/
int pk_encrypt( pk_context *ctx,
const unsigned char *input, size_t ilen,
unsigned char *output, size_t *olen, size_t osize,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
/**
* \brief Export debug information
*
* \param ctx Context to use
* \param items Place to write debug items
*
* \return 0 on success or POLARSSL_ERR_PK_BAD_INPUT_DATA
*/
int pk_debug( const pk_context *ctx, pk_debug_item *items );
/**
* \brief Access the type name
*
* \param ctx Context to use
*
* \return Type name on success, or "invalid PK"
*/
const char * pk_get_name( const pk_context *ctx );
/**
* \brief Get the key type
*
* \param ctx Context to use
*
* \return Type on success, or POLARSSL_PK_NONE
*/
pk_type_t pk_get_type( const pk_context *ctx );
#if defined(POLARSSL_PK_PARSE_C)
/** \ingroup pk_module */
/**
* \brief Parse a private key
*
* \param ctx key to be initialized
* \param key input buffer
* \param keylen size of the buffer
* \param pwd password for decryption (optional)
* \param pwdlen size of the password
*
* \note On entry, ctx must be empty, either freshly initialised
* with pk_init() or reset with pk_free(). If you need a
* specific key type, check the result with pk_can_do().
*
* \note The key is also checked for correctness.
*
* \return 0 if successful, or a specific PK or PEM error code
*/
int pk_parse_key( pk_context *ctx,
const unsigned char *key, size_t keylen,
const unsigned char *pwd, size_t pwdlen );
/** \ingroup pk_module */
/**
* \brief Parse a public key
*
* \param ctx key to be initialized
* \param key input buffer
* \param keylen size of the buffer
*
* \note On entry, ctx must be empty, either freshly initialised
* with pk_init() or reset with pk_free(). If you need a
* specific key type, check the result with pk_can_do().
*
* \note The key is also checked for correctness.
*
* \return 0 if successful, or a specific PK or PEM error code
*/
int pk_parse_public_key( pk_context *ctx,
const unsigned char *key, size_t keylen );
#if defined(POLARSSL_FS_IO)
/** \ingroup pk_module */
/**
* \brief Load and parse a private key
*
* \param ctx key to be initialized
* \param path filename to read the private key from
* \param password password to decrypt the file (can be NULL)
*
* \note On entry, ctx must be empty, either freshly initialised
* with pk_init() or reset with pk_free(). If you need a
* specific key type, check the result with pk_can_do().
*
* \note The key is also checked for correctness.
*
* \return 0 if successful, or a specific PK or PEM error code
*/
int pk_parse_keyfile( pk_context *ctx,
const char *path, const char *password );
/** \ingroup pk_module */
/**
* \brief Load and parse a public key
*
* \param ctx key to be initialized
* \param path filename to read the private key from
*
* \note On entry, ctx must be empty, either freshly initialised
* with pk_init() or reset with pk_free(). If you need a
* specific key type, check the result with pk_can_do().
*
* \note The key is also checked for correctness.
*
* \return 0 if successful, or a specific PK or PEM error code
*/
int pk_parse_public_keyfile( pk_context *ctx, const char *path );
#endif /* POLARSSL_FS_IO */
#endif /* POLARSSL_PK_PARSE_C */
#if defined(POLARSSL_PK_WRITE_C)
/**
* \brief Write a private key to a PKCS#1 or SEC1 DER structure
* Note: data is written at the end of the buffer! Use the
* return value to determine where you should start
* using the buffer
*
* \param ctx private to write away
* \param buf buffer to write to
* \param size size of the buffer
*
* \return length of data written if successful, or a specific
* error code
*/
int pk_write_key_der( pk_context *ctx, unsigned char *buf, size_t size );
/**
* \brief Write a public key to a SubjectPublicKeyInfo DER structure
* Note: data is written at the end of the buffer! Use the
* return value to determine where you should start
* using the buffer
*
* \param ctx public key to write away
* \param buf buffer to write to
* \param size size of the buffer
*
* \return length of data written if successful, or a specific
* error code
*/
int pk_write_pubkey_der( pk_context *ctx, unsigned char *buf, size_t size );
#if defined(POLARSSL_PEM_WRITE_C)
/**
* \brief Write a public key to a PEM string
*
* \param ctx public key to write away
* \param buf buffer to write to
* \param size size of the buffer
*
* \return 0 successful, or a specific error code
*/
int pk_write_pubkey_pem( pk_context *ctx, unsigned char *buf, size_t size );
/**
* \brief Write a private key to a PKCS#1 or SEC1 PEM string
*
* \param ctx private to write away
* \param buf buffer to write to
* \param size size of the buffer
*
* \return 0 successful, or a specific error code
*/
int pk_write_key_pem( pk_context *ctx, unsigned char *buf, size_t size );
#endif /* POLARSSL_PEM_WRITE_C */
#endif /* POLARSSL_PK_WRITE_C */
/*
* WARNING: Low-level functions. You probably do not want to use these unless
* you are certain you do ;)
*/
#if defined(POLARSSL_PK_PARSE_C)
/**
* \brief Parse a SubjectPublicKeyInfo DER structure
*
* \param p the position in the ASN.1 data
* \param end end of the buffer
* \param pk the key to fill
*
* \return 0 if successful, or a specific PK error code
*/
int pk_parse_subpubkey( unsigned char **p, const unsigned char *end,
pk_context *pk );
#endif /* POLARSSL_PK_PARSE_C */
#if defined(POLARSSL_PK_WRITE_C)
/**
* \brief Write a subjectPublicKey to ASN.1 data
* Note: function works backwards in data buffer
*
* \param p reference to current position pointer
* \param start start of the buffer (for bounds-checking)
* \param key public key to write away
*
* \return the length written or a negative error code
*/
int pk_write_pubkey( unsigned char **p, unsigned char *start,
const pk_context *key );
#endif /* POLARSSL_PK_WRITE_C */
#ifdef __cplusplus
}
#endif
#endif /* POLARSSL_PK_H */

63
Externals/polarssl/include/polarssl/pk_wrap.h vendored
View File

@ -1,63 +0,0 @@
/**
* \file pk.h
*
* \brief Public Key abstraction layer: wrapper functions
*
* Copyright (C) 2006-2013, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_PK_WRAP_H
#define POLARSSL_PK_WRAP_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include "pk.h"
/* Container for RSA-alt */
typedef struct
{
void *key;
pk_rsa_alt_decrypt_func decrypt_func;
pk_rsa_alt_sign_func sign_func;
pk_rsa_alt_key_len_func key_len_func;
} rsa_alt_context;
#if defined(POLARSSL_RSA_C)
extern const pk_info_t rsa_info;
#endif
#if defined(POLARSSL_ECP_C)
extern const pk_info_t eckey_info;
extern const pk_info_t eckeydh_info;
#endif
#if defined(POLARSSL_ECDSA_C)
extern const pk_info_t ecdsa_info;
#endif
extern const pk_info_t rsa_alt_info;
#endif /* POLARSSL_PK_WRAP_H */

174
Externals/polarssl/include/polarssl/pkcs11.h vendored
View File

@ -1,174 +0,0 @@
/**
* \file pkcs11.h
*
* \brief Wrapper for PKCS#11 library libpkcs11-helper
*
* \author Adriaan de Jong <dejong@fox-it.com>
*
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_PKCS11_H
#define POLARSSL_PKCS11_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#if defined(POLARSSL_PKCS11_C)
#include "x509_crt.h"
#include <pkcs11-helper-1.0/pkcs11h-certificate.h>
#if defined(_MSC_VER) && !defined(inline)
#define inline _inline
#else
#if defined(__ARMCC_VERSION) && !defined(inline)
#define inline __inline
#endif /* __ARMCC_VERSION */
#endif /*_MSC_VER */
#ifdef __cplusplus
extern "C" {
#endif
/**
* Context for PKCS #11 private keys.
*/
typedef struct {
pkcs11h_certificate_t pkcs11h_cert;
int len;
} pkcs11_context;
/**
* Fill in a PolarSSL certificate, based on the given PKCS11 helper certificate.
*
* \param cert X.509 certificate to fill
* \param pkcs11h_cert PKCS #11 helper certificate
*
* \return 0 on success.
*/
int pkcs11_x509_cert_init( x509_crt *cert, pkcs11h_certificate_t pkcs11h_cert );
/**
* Initialise a pkcs11_context, storing the given certificate. Note that the
* pkcs11_context will take over control of the certificate, freeing it when
* done.
*
* \param priv_key Private key structure to fill.
* \param pkcs11_cert PKCS #11 helper certificate
*
* \return 0 on success
*/
int pkcs11_priv_key_init( pkcs11_context *priv_key,
pkcs11h_certificate_t pkcs11_cert );
/**
* Free the contents of the given private key context. Note that the structure
* itself is not freed.
*
* \param priv_key Private key structure to cleanup
*/
void pkcs11_priv_key_free( pkcs11_context *priv_key );
/**
* \brief Do an RSA private key decrypt, then remove the message
* padding
*
* \param ctx PKCS #11 context
* \param mode must be RSA_PRIVATE, for compatibility with rsa.c's signature
* \param input buffer holding the encrypted data
* \param output buffer that will hold the plaintext
* \param olen will contain the plaintext length
* \param output_max_len maximum length of the output buffer
*
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
*
* \note The output buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used) otherwise
* an error is thrown.
*/
int pkcs11_decrypt( pkcs11_context *ctx,
int mode, size_t *olen,
const unsigned char *input,
unsigned char *output,
size_t output_max_len );
/**
* \brief Do a private RSA to sign a message digest
*
* \param ctx PKCS #11 context
* \param mode must be RSA_PRIVATE, for compatibility with rsa.c's signature
* \param md_alg a POLARSSL_MD_* (use POLARSSL_MD_NONE for signing raw data)
* \param hashlen message digest length (for POLARSSL_MD_NONE only)
* \param hash buffer holding the message digest
* \param sig buffer that will hold the ciphertext
*
* \return 0 if the signing operation was successful,
* or an POLARSSL_ERR_RSA_XXX error code
*
* \note The "sig" buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used).
*/
int pkcs11_sign( pkcs11_context *ctx,
int mode,
md_type_t md_alg,
unsigned int hashlen,
const unsigned char *hash,
unsigned char *sig );
/**
* SSL/TLS wrappers for PKCS#11 functions
*/
static inline int ssl_pkcs11_decrypt( void *ctx, int mode, size_t *olen,
const unsigned char *input, unsigned char *output,
size_t output_max_len )
{
return pkcs11_decrypt( (pkcs11_context *) ctx, mode, olen, input, output,
output_max_len );
}
static inline int ssl_pkcs11_sign( void *ctx,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
int mode, md_type_t md_alg, unsigned int hashlen,
const unsigned char *hash, unsigned char *sig )
{
((void) f_rng);
((void) p_rng);
return pkcs11_sign( (pkcs11_context *) ctx, mode, md_alg,
hashlen, hash, sig );
}
static inline size_t ssl_pkcs11_key_len( void *ctx )
{
return ( (pkcs11_context *) ctx )->len;
}
#ifdef __cplusplus
}
#endif
#endif /* POLARSSL_PKCS11_C */
#endif /* POLARSSL_PKCS11_H */

123
Externals/polarssl/include/polarssl/pkcs12.h vendored
View File

@ -1,123 +0,0 @@
/**
* \file pkcs12.h
*
* \brief PKCS#12 Personal Information Exchange Syntax
*
* Copyright (C) 2006-2013, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_PKCS12_H
#define POLARSSL_PKCS12_H
#include <string.h>
#include "md.h"
#include "cipher.h"
#include "asn1.h"
#define POLARSSL_ERR_PKCS12_BAD_INPUT_DATA -0x1F80 /**< Bad input parameters to function. */
#define POLARSSL_ERR_PKCS12_FEATURE_UNAVAILABLE -0x1F00 /**< Feature not available, e.g. unsupported encryption scheme. */
#define POLARSSL_ERR_PKCS12_PBE_INVALID_FORMAT -0x1E80 /**< PBE ASN.1 data not as expected. */
#define POLARSSL_ERR_PKCS12_PASSWORD_MISMATCH -0x1E00 /**< Given private key password does not allow for correct decryption. */
#define PKCS12_DERIVE_KEY 1 /**< encryption/decryption key */
#define PKCS12_DERIVE_IV 2 /**< initialization vector */
#define PKCS12_DERIVE_MAC_KEY 3 /**< integrity / MAC key */
#define PKCS12_PBE_DECRYPT 0
#define PKCS12_PBE_ENCRYPT 1
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief PKCS12 Password Based function (encryption / decryption)
* for pbeWithSHAAnd128BitRC4
*
* \param pbe_params an ASN1 buffer containing the pkcs-12PbeParams structure
* \param mode either PKCS12_PBE_ENCRYPT or PKCS12_PBE_DECRYPT
* \param pwd the password used (may be NULL if no password is used)
* \param pwdlen length of the password (may be 0)
* \param input the input data
* \param len data length
* \param output the output buffer
*
* \return 0 if successful, or a PolarSSL error code
*/
int pkcs12_pbe_sha1_rc4_128( asn1_buf *pbe_params, int mode,
const unsigned char *pwd, size_t pwdlen,
const unsigned char *input, size_t len,
unsigned char *output );
/**
* \brief PKCS12 Password Based function (encryption / decryption)
* for cipher-based and md-based PBE's
*
* \param pbe_params an ASN1 buffer containing the pkcs-12PbeParams structure
* \param mode either PKCS12_PBE_ENCRYPT or PKCS12_PBE_DECRYPT
* \param cipher_type the cipher used
* \param md_type the md used
* \param pwd the password used (may be NULL if no password is used)
* \param pwdlen length of the password (may be 0)
* \param input the input data
* \param len data length
* \param output the output buffer
*
* \return 0 if successful, or a PolarSSL error code
*/
int pkcs12_pbe( asn1_buf *pbe_params, int mode,
cipher_type_t cipher_type, md_type_t md_type,
const unsigned char *pwd, size_t pwdlen,
const unsigned char *input, size_t len,
unsigned char *output );
/**
* \brief The PKCS#12 derivation function uses a password and a salt
* to produce pseudo-random bits for a particular "purpose".
*
* Depending on the given id, this function can produce an
* encryption/decryption key, an nitialization vector or an
* integrity key.
*
* \param data buffer to store the derived data in
* \param datalen length to fill
* \param pwd password to use (may be NULL if no password is used)
* \param pwdlen length of the password (may be 0)
* \param salt salt buffer to use
* \param saltlen length of the salt
* \param md md type to use during the derivation
* \param id id that describes the purpose (can be PKCS12_DERIVE_KEY,
* PKCS12_DERIVE_IV or PKCS12_DERIVE_MAC_KEY)
* \param iterations number of iterations
*
* \return 0 if successful, or a MD, BIGNUM type error.
*/
int pkcs12_derivation( unsigned char *data, size_t datalen,
const unsigned char *pwd, size_t pwdlen,
const unsigned char *salt, size_t saltlen,
md_type_t md, int id, int iterations );
#ifdef __cplusplus
}
#endif
#endif /* pkcs12.h */

104
Externals/polarssl/include/polarssl/pkcs5.h vendored
View File

@ -1,104 +0,0 @@
/**
* \file pkcs5.h
*
* \brief PKCS#5 functions
*
* \author Mathias Olsson <mathias@kompetensum.com>
*
* Copyright (C) 2006-2013, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_PKCS5_H
#define POLARSSL_PKCS5_H
#include <string.h>
#include "asn1.h"
#include "md.h"
#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32)
#include <basetsd.h>
typedef UINT32 uint32_t;
#else
#include <inttypes.h>
#endif
#define POLARSSL_ERR_PKCS5_BAD_INPUT_DATA -0x3f80 /**< Bad input parameters to function. */
#define POLARSSL_ERR_PKCS5_INVALID_FORMAT -0x3f00 /**< Unexpected ASN.1 data. */
#define POLARSSL_ERR_PKCS5_FEATURE_UNAVAILABLE -0x3e80 /**< Requested encryption or digest alg not available. */
#define POLARSSL_ERR_PKCS5_PASSWORD_MISMATCH -0x3e00 /**< Given private key password does not allow for correct decryption. */
#define PKCS5_DECRYPT 0
#define PKCS5_ENCRYPT 1
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief PKCS#5 PBES2 function
*
* \param pbe_params the ASN.1 algorithm parameters
* \param mode either PKCS5_DECRYPT or PKCS5_ENCRYPT
* \param pwd password to use when generating key
* \param pwdlen length of password
* \param data data to process
* \param datalen length of data
* \param output output buffer
*
* \returns 0 on success, or a PolarSSL error code if verification fails.
*/
int pkcs5_pbes2( asn1_buf *pbe_params, int mode,
const unsigned char *pwd, size_t pwdlen,
const unsigned char *data, size_t datalen,
unsigned char *output );
/**
* \brief PKCS#5 PBKDF2 using HMAC
*
* \param ctx Generic HMAC context
* \param password Password to use when generating key
* \param plen Length of password
* \param salt Salt to use when generating key
* \param slen Length of salt
* \param iteration_count Iteration count
* \param key_length Length of generated key
* \param output Generated key. Must be at least as big as key_length
*
* \returns 0 on success, or a PolarSSL error code if verification fails.
*/
int pkcs5_pbkdf2_hmac( md_context_t *ctx, const unsigned char *password,
size_t plen, const unsigned char *salt, size_t slen,
unsigned int iteration_count,
uint32_t key_length, unsigned char *output );
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
*/
int pkcs5_self_test( int verbose );
#ifdef __cplusplus
}
#endif
#endif /* pkcs5.h */

128
Externals/polarssl/include/polarssl/platform.h vendored
View File

@ -1,128 +0,0 @@
/**
* \file platform.h
*
* \brief PolarSSL Platform abstraction layer
*
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_PLATFORM_H
#define POLARSSL_PLATFORM_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include <stdio.h>
#ifdef __cplusplus
extern "C" {
#endif
/**
* \name SECTION: Module settings
*
* The configuration options you can set for this module are in this section.
* Either change them in config.h or define them on the compiler command line.
* \{
*/
#if !defined(POLARSSL_PLATFORM_NO_STD_FUNCTIONS)
#include <stdlib.h>
#if !defined(POLARSSL_PLATFORM_STD_PRINTF)
#define POLARSSL_PLATFORM_STD_PRINTF printf /**< Default printf to use */
#endif
#if !defined(POLARSSL_PLATFORM_STD_FPRINTF)
#define POLARSSL_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use */
#endif
#if !defined(POLARSSL_PLATFORM_STD_MALLOC)
#define POLARSSL_PLATFORM_STD_MALLOC malloc /**< Default allocator to use */
#endif
#if !defined(POLARSSL_PLATFORM_STD_FREE)
#define POLARSSL_PLATFORM_STD_FREE free /**< Default free to use */
#endif
#else /* POLARSSL_PLATFORM_NO_STD_FUNCTIONS */
#if defined(POLARSSL_PLATFORM_STD_MEM_HDR)
#include POLARSSL_PLATFORM_STD_MEM_HDR
#endif
#endif /* POLARSSL_PLATFORM_NO_STD_FUNCTIONS */
/* \} name SECTION: Module settings */
/*
* The function pointers for malloc and free
*/
#if defined(POLARSSL_PLATFORM_MEMORY)
extern void * (*polarssl_malloc)( size_t len );
extern void (*polarssl_free)( void *ptr );
/**
* \brief Set your own memory implementation function pointers
*
* \param malloc_func the malloc function implementation
* \param free_func the free function implementation
*
* \return 0 if successful
*/
int platform_set_malloc_free( void * (*malloc_func)( size_t ),
void (*free_func)( void * ) );
#else /* POLARSSL_PLATFORM_ENTROPY */
#define polarssl_malloc malloc
#define polarssl_free free
#endif /* POLARSSL_PLATFORM_ENTROPY */
/*
* The function pointers for printf
*/
#if defined(POLARSSL_PLATFORM_PRINTF_ALT)
extern int (*polarssl_printf)( const char *format, ... );
/**
* \brief Set your own printf function pointer
*
* \param printf_func the printf function implementation
*
* \return 0
*/
int platform_set_printf( int (*printf_func)( const char *, ... ) );
#else /* POLARSSL_PLATFORM_PRINTF_ALT */
#define polarssl_printf printf
#endif /* POLARSSL_PLATFORM_PRINTF_ALT */
/*
* The function pointers for fprintf
*/
#if defined(POLARSSL_PLATFORM_FPRINTF_ALT)
extern int (*polarssl_fprintf)( FILE *stream, const char *format, ... );
int platform_set_fprintf( int (*fprintf_func)( FILE *stream, const char *,
... ) );
#else
#define polarssl_fprintf fprintf
#endif
#ifdef __cplusplus
}
#endif
#endif /* platform.h */

204
Externals/polarssl/include/polarssl/ripemd160.h vendored
View File

@ -1,204 +0,0 @@
/**
* \file ripemd160.h
*
* \brief RIPE MD-160 message digest
*
* Copyright (C) 2014-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_RIPEMD160_H
#define POLARSSL_RIPEMD160_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include <string.h>
#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32)
#include <basetsd.h>
typedef UINT32 uint32_t;
#else
#include <inttypes.h>
#endif
#define POLARSSL_ERR_RIPEMD160_FILE_IO_ERROR -0x007E /**< Read/write error in file. */
#if !defined(POLARSSL_RIPEMD160_ALT)
// Regular implementation
//
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief RIPEMD-160 context structure
*/
typedef struct
{
uint32_t total[2]; /*!< number of bytes processed */
uint32_t state[5]; /*!< intermediate digest state */
unsigned char buffer[64]; /*!< data block being processed */
unsigned char ipad[64]; /*!< HMAC: inner padding */
unsigned char opad[64]; /*!< HMAC: outer padding */
}
ripemd160_context;
/**
* \brief Initialize RIPEMD-160 context
*
* \param ctx RIPEMD-160 context to be initialized
*/
void ripemd160_init( ripemd160_context *ctx );
/**
* \brief Clear RIPEMD-160 context
*
* \param ctx RIPEMD-160 context to be cleared
*/
void ripemd160_free( ripemd160_context *ctx );
/**
* \brief RIPEMD-160 context setup
*
* \param ctx context to be initialized
*/
void ripemd160_starts( ripemd160_context *ctx );
/**
* \brief RIPEMD-160 process buffer
*
* \param ctx RIPEMD-160 context
* \param input buffer holding the data
* \param ilen length of the input data
*/
void ripemd160_update( ripemd160_context *ctx,
const unsigned char *input, size_t ilen );
/**
* \brief RIPEMD-160 final digest
*
* \param ctx RIPEMD-160 context
* \param output RIPEMD-160 checksum result
*/
void ripemd160_finish( ripemd160_context *ctx, unsigned char output[20] );
/* Internal use */
void ripemd160_process( ripemd160_context *ctx, const unsigned char data[64] );
#ifdef __cplusplus
}
#endif
#else /* POLARSSL_RIPEMD160_ALT */
#include "ripemd160.h"
#endif /* POLARSSL_RIPEMD160_ALT */
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief Output = RIPEMD-160( input buffer )
*
* \param input buffer holding the data
* \param ilen length of the input data
* \param output RIPEMD-160 checksum result
*/
void ripemd160( const unsigned char *input, size_t ilen,
unsigned char output[20] );
#if defined(POLARSSL_FS_IO)
/**
* \brief Output = RIPEMD-160( file contents )
*
* \param path input file name
* \param output RIPEMD-160 checksum result
*
* \return 0 if successful, or POLARSSL_ERR_RIPEMD160_FILE_IO_ERROR
*/
int ripemd160_file( const char *path, unsigned char output[20] );
#endif /* POLARSSL_FS_IO */
/**
* \brief RIPEMD-160 HMAC context setup
*
* \param ctx HMAC context to be initialized
* \param key HMAC secret key
* \param keylen length of the HMAC key
*/
void ripemd160_hmac_starts( ripemd160_context *ctx,
const unsigned char *key, size_t keylen );
/**
* \brief RIPEMD-160 HMAC process buffer
*
* \param ctx HMAC context
* \param input buffer holding the data
* \param ilen length of the input data
*/
void ripemd160_hmac_update( ripemd160_context *ctx,
const unsigned char *input, size_t ilen );
/**
* \brief RIPEMD-160 HMAC final digest
*
* \param ctx HMAC context
* \param output RIPEMD-160 HMAC checksum result
*/
void ripemd160_hmac_finish( ripemd160_context *ctx, unsigned char output[20] );
/**
* \brief RIPEMD-160 HMAC context reset
*
* \param ctx HMAC context to be reset
*/
void ripemd160_hmac_reset( ripemd160_context *ctx );
/**
* \brief Output = HMAC-RIPEMD-160( hmac key, input buffer )
*
* \param key HMAC secret key
* \param keylen length of the HMAC key
* \param input buffer holding the data
* \param ilen length of the input data
* \param output HMAC-RIPEMD-160 result
*/
void ripemd160_hmac( const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen,
unsigned char output[20] );
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
*/
int ripemd160_self_test( int verbose );
#ifdef __cplusplus
}
#endif
#endif /* ripemd160.h */

647
Externals/polarssl/include/polarssl/rsa.h vendored
View File

@ -1,647 +0,0 @@
/**
* \file rsa.h
*
* \brief The RSA public-key cryptosystem
*
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_RSA_H
#define POLARSSL_RSA_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include "bignum.h"
#include "md.h"
#if defined(POLARSSL_THREADING_C)
#include "threading.h"
#endif
/*
* RSA Error codes
*/
#define POLARSSL_ERR_RSA_BAD_INPUT_DATA -0x4080 /**< Bad input parameters to function. */
#define POLARSSL_ERR_RSA_INVALID_PADDING -0x4100 /**< Input data contains invalid padding and is rejected. */
#define POLARSSL_ERR_RSA_KEY_GEN_FAILED -0x4180 /**< Something failed during generation of a key. */
#define POLARSSL_ERR_RSA_KEY_CHECK_FAILED -0x4200 /**< Key failed to pass the libraries validity check. */
#define POLARSSL_ERR_RSA_PUBLIC_FAILED -0x4280 /**< The public key operation failed. */
#define POLARSSL_ERR_RSA_PRIVATE_FAILED -0x4300 /**< The private key operation failed. */
#define POLARSSL_ERR_RSA_VERIFY_FAILED -0x4380 /**< The PKCS#1 verification failed. */
#define POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE -0x4400 /**< The output buffer for decryption is not large enough. */
#define POLARSSL_ERR_RSA_RNG_FAILED -0x4480 /**< The random generator failed to generate non-zeros. */
/*
* RSA constants
*/
#define RSA_PUBLIC 0
#define RSA_PRIVATE 1
#define RSA_PKCS_V15 0
#define RSA_PKCS_V21 1
#define RSA_SIGN 1
#define RSA_CRYPT 2
#define RSA_SALT_LEN_ANY -1
/*
* The above constants may be used even if the RSA module is compile out,
* eg for alternative (PKCS#11) RSA implemenations in the PK layers.
*/
#if defined(POLARSSL_RSA_C)
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief RSA context structure
*/
typedef struct
{
int ver; /*!< always 0 */
size_t len; /*!< size(N) in chars */
mpi N; /*!< public modulus */
mpi E; /*!< public exponent */
mpi D; /*!< private exponent */
mpi P; /*!< 1st prime factor */
mpi Q; /*!< 2nd prime factor */
mpi DP; /*!< D % (P - 1) */
mpi DQ; /*!< D % (Q - 1) */
mpi QP; /*!< 1 / (Q % P) */
mpi RN; /*!< cached R^2 mod N */
mpi RP; /*!< cached R^2 mod P */
mpi RQ; /*!< cached R^2 mod Q */
#if !defined(POLARSSL_RSA_NO_CRT)
mpi Vi; /*!< cached blinding value */
mpi Vf; /*!< cached un-blinding value */
#endif
int padding; /*!< RSA_PKCS_V15 for 1.5 padding and
RSA_PKCS_v21 for OAEP/PSS */
int hash_id; /*!< Hash identifier of md_type_t as
specified in the md.h header file
for the EME-OAEP and EMSA-PSS
encoding */
#if defined(POLARSSL_THREADING_C)
threading_mutex_t mutex; /*!< Thread-safety mutex */
#endif
}
rsa_context;
/**
* \brief Initialize an RSA context
*
* Note: Set padding to RSA_PKCS_V21 for the RSAES-OAEP
* encryption scheme and the RSASSA-PSS signature scheme.
*
* \param ctx RSA context to be initialized
* \param padding RSA_PKCS_V15 or RSA_PKCS_V21
* \param hash_id RSA_PKCS_V21 hash identifier
*
* \note The hash_id parameter is actually ignored
* when using RSA_PKCS_V15 padding.
*
* \note Choice of padding mode is strictly enforced for private key
* operations, since there might be security concerns in
* mixing padding modes. For public key operations it's merely
* a default value, which can be overriden by calling specific
* rsa_rsaes_xxx or rsa_rsassa_xxx functions.
*
* \note The chosen hash is always used for OEAP encryption.
* For PSS signatures, it's always used for making signatures,
* but can be overriden (and always is, if set to
* POLARSSL_MD_NONE) for verifying them.
*/
void rsa_init( rsa_context *ctx,
int padding,
int hash_id);
/**
* \brief Set padding for an already initialized RSA context
* See \c rsa_init() for details.
*
* \param ctx RSA context to be set
* \param padding RSA_PKCS_V15 or RSA_PKCS_V21
* \param hash_id RSA_PKCS_V21 hash identifier
*/
void rsa_set_padding( rsa_context *ctx, int padding, int hash_id);
/**
* \brief Generate an RSA keypair
*
* \param ctx RSA context that will hold the key
* \param f_rng RNG function
* \param p_rng RNG parameter
* \param nbits size of the public key in bits
* \param exponent public exponent (e.g., 65537)
*
* \note rsa_init() must be called beforehand to setup
* the RSA context.
*
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
*/
int rsa_gen_key( rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
unsigned int nbits, int exponent );
/**
* \brief Check a public RSA key
*
* \param ctx RSA context to be checked
*
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
*/
int rsa_check_pubkey( const rsa_context *ctx );
/**
* \brief Check a private RSA key
*
* \param ctx RSA context to be checked
*
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
*/
int rsa_check_privkey( const rsa_context *ctx );
/**
* \brief Do an RSA public key operation
*
* \param ctx RSA context
* \param input input buffer
* \param output output buffer
*
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
*
* \note This function does NOT take care of message
* padding. Also, be sure to set input[0] = 0 or assure that
* input is smaller than N.
*
* \note The input and output buffers must be large
* enough (eg. 128 bytes if RSA-1024 is used).
*/
int rsa_public( rsa_context *ctx,
const unsigned char *input,
unsigned char *output );
/**
* \brief Do an RSA private key operation
*
* \param ctx RSA context
* \param f_rng RNG function (Needed for blinding)
* \param p_rng RNG parameter
* \param input input buffer
* \param output output buffer
*
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
*
* \note The input and output buffers must be large
* enough (eg. 128 bytes if RSA-1024 is used).
*/
int rsa_private( rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
const unsigned char *input,
unsigned char *output );
/**
* \brief Generic wrapper to perform a PKCS#1 encryption using the
* mode from the context. Add the message padding, then do an
* RSA operation.
*
* \param ctx RSA context
* \param f_rng RNG function (Needed for padding and PKCS#1 v2.1 encoding
* and RSA_PRIVATE)
* \param p_rng RNG parameter
* \param mode RSA_PUBLIC or RSA_PRIVATE
* \param ilen contains the plaintext length
* \param input buffer holding the data to be encrypted
* \param output buffer that will hold the ciphertext
*
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
*
* \note The output buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used).
*/
int rsa_pkcs1_encrypt( rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
int mode, size_t ilen,
const unsigned char *input,
unsigned char *output );
/**
* \brief Perform a PKCS#1 v1.5 encryption (RSAES-PKCS1-v1_5-ENCRYPT)
*
* \param ctx RSA context
* \param f_rng RNG function (Needed for padding and RSA_PRIVATE)
* \param p_rng RNG parameter
* \param mode RSA_PUBLIC or RSA_PRIVATE
* \param ilen contains the plaintext length
* \param input buffer holding the data to be encrypted
* \param output buffer that will hold the ciphertext
*
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
*
* \note The output buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used).
*/
int rsa_rsaes_pkcs1_v15_encrypt( rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
int mode, size_t ilen,
const unsigned char *input,
unsigned char *output );
/**
* \brief Perform a PKCS#1 v2.1 OAEP encryption (RSAES-OAEP-ENCRYPT)
*
* \param ctx RSA context
* \param f_rng RNG function (Needed for padding and PKCS#1 v2.1 encoding
* and RSA_PRIVATE)
* \param p_rng RNG parameter
* \param mode RSA_PUBLIC or RSA_PRIVATE
* \param label buffer holding the custom label to use
* \param label_len contains the label length
* \param ilen contains the plaintext length
* \param input buffer holding the data to be encrypted
* \param output buffer that will hold the ciphertext
*
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
*
* \note The output buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used).
*/
int rsa_rsaes_oaep_encrypt( rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
int mode,
const unsigned char *label, size_t label_len,
size_t ilen,
const unsigned char *input,
unsigned char *output );
/**
* \brief Generic wrapper to perform a PKCS#1 decryption using the
* mode from the context. Do an RSA operation, then remove
* the message padding
*
* \param ctx RSA context
* \param f_rng RNG function (Only needed for RSA_PRIVATE)
* \param p_rng RNG parameter
* \param mode RSA_PUBLIC or RSA_PRIVATE
* \param olen will contain the plaintext length
* \param input buffer holding the encrypted data
* \param output buffer that will hold the plaintext
* \param output_max_len maximum length of the output buffer
*
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
*
* \note The output buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used) otherwise
* an error is thrown.
*/
int rsa_pkcs1_decrypt( rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
int mode, size_t *olen,
const unsigned char *input,
unsigned char *output,
size_t output_max_len );
/**
* \brief Perform a PKCS#1 v1.5 decryption (RSAES-PKCS1-v1_5-DECRYPT)
*
* \param ctx RSA context
* \param f_rng RNG function (Only needed for RSA_PRIVATE)
* \param p_rng RNG parameter
* \param mode RSA_PUBLIC or RSA_PRIVATE
* \param olen will contain the plaintext length
* \param input buffer holding the encrypted data
* \param output buffer that will hold the plaintext
* \param output_max_len maximum length of the output buffer
*
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
*
* \note The output buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used) otherwise
* an error is thrown.
*/
int rsa_rsaes_pkcs1_v15_decrypt( rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
int mode, size_t *olen,
const unsigned char *input,
unsigned char *output,
size_t output_max_len );
/**
* \brief Perform a PKCS#1 v2.1 OAEP decryption (RSAES-OAEP-DECRYPT)
*
* \param ctx RSA context
* \param f_rng RNG function (Only needed for RSA_PRIVATE)
* \param p_rng RNG parameter
* \param mode RSA_PUBLIC or RSA_PRIVATE
* \param label buffer holding the custom label to use
* \param label_len contains the label length
* \param olen will contain the plaintext length
* \param input buffer holding the encrypted data
* \param output buffer that will hold the plaintext
* \param output_max_len maximum length of the output buffer
*
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code
*
* \note The output buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used) otherwise
* an error is thrown.
*/
int rsa_rsaes_oaep_decrypt( rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
int mode,
const unsigned char *label, size_t label_len,
size_t *olen,
const unsigned char *input,
unsigned char *output,
size_t output_max_len );
/**
* \brief Generic wrapper to perform a PKCS#1 signature using the
* mode from the context. Do a private RSA operation to sign
* a message digest
*
* \param ctx RSA context
* \param f_rng RNG function (Needed for PKCS#1 v2.1 encoding and for
* RSA_PRIVATE)
* \param p_rng RNG parameter
* \param mode RSA_PUBLIC or RSA_PRIVATE
* \param md_alg a POLARSSL_MD_* (use POLARSSL_MD_NONE for signing raw data)
* \param hashlen message digest length (for POLARSSL_MD_NONE only)
* \param hash buffer holding the message digest
* \param sig buffer that will hold the ciphertext
*
* \return 0 if the signing operation was successful,
* or an POLARSSL_ERR_RSA_XXX error code
*
* \note The "sig" buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used).
*
* \note In case of PKCS#1 v2.1 encoding, see comments on
* \note \c rsa_rsassa_pss_sign() for details on md_alg and hash_id.
*/
int rsa_pkcs1_sign( rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
int mode,
md_type_t md_alg,
unsigned int hashlen,
const unsigned char *hash,
unsigned char *sig );
/**
* \brief Perform a PKCS#1 v1.5 signature (RSASSA-PKCS1-v1_5-SIGN)
*
* \param ctx RSA context
* \param f_rng RNG function (Only needed for RSA_PRIVATE)
* \param p_rng RNG parameter
* \param mode RSA_PUBLIC or RSA_PRIVATE
* \param md_alg a POLARSSL_MD_* (use POLARSSL_MD_NONE for signing raw data)
* \param hashlen message digest length (for POLARSSL_MD_NONE only)
* \param hash buffer holding the message digest
* \param sig buffer that will hold the ciphertext
*
* \return 0 if the signing operation was successful,
* or an POLARSSL_ERR_RSA_XXX error code
*
* \note The "sig" buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used).
*/
int rsa_rsassa_pkcs1_v15_sign( rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
int mode,
md_type_t md_alg,
unsigned int hashlen,
const unsigned char *hash,
unsigned char *sig );
/**
* \brief Perform a PKCS#1 v2.1 PSS signature (RSASSA-PSS-SIGN)
*
* \param ctx RSA context
* \param f_rng RNG function (Needed for PKCS#1 v2.1 encoding and for
* RSA_PRIVATE)
* \param p_rng RNG parameter
* \param mode RSA_PUBLIC or RSA_PRIVATE
* \param md_alg a POLARSSL_MD_* (use POLARSSL_MD_NONE for signing raw data)
* \param hashlen message digest length (for POLARSSL_MD_NONE only)
* \param hash buffer holding the message digest
* \param sig buffer that will hold the ciphertext
*
* \return 0 if the signing operation was successful,
* or an POLARSSL_ERR_RSA_XXX error code
*
* \note The "sig" buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used).
*
* \note The hash_id in the RSA context is the one used for the
* encoding. md_alg in the function call is the type of hash
* that is encoded. According to RFC 3447 it is advised to
* keep both hashes the same.
*/
int rsa_rsassa_pss_sign( rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
int mode,
md_type_t md_alg,
unsigned int hashlen,
const unsigned char *hash,
unsigned char *sig );
/**
* \brief Generic wrapper to perform a PKCS#1 verification using the
* mode from the context. Do a public RSA operation and check
* the message digest
*
* \param ctx points to an RSA public key
* \param f_rng RNG function (Only needed for RSA_PRIVATE)
* \param p_rng RNG parameter
* \param mode RSA_PUBLIC or RSA_PRIVATE
* \param md_alg a POLARSSL_MD_* (use POLARSSL_MD_NONE for signing raw data)
* \param hashlen message digest length (for POLARSSL_MD_NONE only)
* \param hash buffer holding the message digest
* \param sig buffer holding the ciphertext
*
* \return 0 if the verify operation was successful,
* or an POLARSSL_ERR_RSA_XXX error code
*
* \note The "sig" buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used).
*
* \note In case of PKCS#1 v2.1 encoding, see comments on
* \c rsa_rsassa_pss_verify() about md_alg and hash_id.
*/
int rsa_pkcs1_verify( rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
int mode,
md_type_t md_alg,
unsigned int hashlen,
const unsigned char *hash,
const unsigned char *sig );
/**
* \brief Perform a PKCS#1 v1.5 verification (RSASSA-PKCS1-v1_5-VERIFY)
*
* \param ctx points to an RSA public key
* \param f_rng RNG function (Only needed for RSA_PRIVATE)
* \param p_rng RNG parameter
* \param mode RSA_PUBLIC or RSA_PRIVATE
* \param md_alg a POLARSSL_MD_* (use POLARSSL_MD_NONE for signing raw data)
* \param hashlen message digest length (for POLARSSL_MD_NONE only)
* \param hash buffer holding the message digest
* \param sig buffer holding the ciphertext
*
* \return 0 if the verify operation was successful,
* or an POLARSSL_ERR_RSA_XXX error code
*
* \note The "sig" buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used).
*/
int rsa_rsassa_pkcs1_v15_verify( rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
int mode,
md_type_t md_alg,
unsigned int hashlen,
const unsigned char *hash,
const unsigned char *sig );
/**
* \brief Perform a PKCS#1 v2.1 PSS verification (RSASSA-PSS-VERIFY)
* (This is the "simple" version.)
*
* \param ctx points to an RSA public key
* \param f_rng RNG function (Only needed for RSA_PRIVATE)
* \param p_rng RNG parameter
* \param mode RSA_PUBLIC or RSA_PRIVATE
* \param md_alg a POLARSSL_MD_* (use POLARSSL_MD_NONE for signing raw data)
* \param hashlen message digest length (for POLARSSL_MD_NONE only)
* \param hash buffer holding the message digest
* \param sig buffer holding the ciphertext
*
* \return 0 if the verify operation was successful,
* or an POLARSSL_ERR_RSA_XXX error code
*
* \note The "sig" buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used).
*
* \note The hash_id in the RSA context is the one used for the
* verification. md_alg in the function call is the type of
* hash that is verified. According to RFC 3447 it is advised to
* keep both hashes the same. If hash_id in the RSA context is
* unset, the md_alg from the function call is used.
*/
int rsa_rsassa_pss_verify( rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
int mode,
md_type_t md_alg,
unsigned int hashlen,
const unsigned char *hash,
const unsigned char *sig );
/**
* \brief Perform a PKCS#1 v2.1 PSS verification (RSASSA-PSS-VERIFY)
* (This is the version with "full" options.)
*
* \param ctx points to an RSA public key
* \param f_rng RNG function (Only needed for RSA_PRIVATE)
* \param p_rng RNG parameter
* \param mode RSA_PUBLIC or RSA_PRIVATE
* \param md_alg a POLARSSL_MD_* (use POLARSSL_MD_NONE for signing raw data)
* \param hashlen message digest length (for POLARSSL_MD_NONE only)
* \param hash buffer holding the message digest
* \param mgf1_hash_id message digest used for mask generation
* \param expected_salt_len Length of the salt used in padding, use
* RSA_SALT_LEN_ANY to accept any salt length
* \param sig buffer holding the ciphertext
*
* \return 0 if the verify operation was successful,
* or an POLARSSL_ERR_RSA_XXX error code
*
* \note The "sig" buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used).
*
* \note The hash_id in the RSA context is ignored.
*/
int rsa_rsassa_pss_verify_ext( rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
int mode,
md_type_t md_alg,
unsigned int hashlen,
const unsigned char *hash,
md_type_t mgf1_hash_id,
int expected_salt_len,
const unsigned char *sig );
/**
* \brief Copy the components of an RSA context
*
* \param dst Destination context
* \param src Source context
*
* \return O on success,
* POLARSSL_ERR_MPI_MALLOC_FAILED on memory allocation failure
*/
int rsa_copy( rsa_context *dst, const rsa_context *src );
/**
* \brief Free the components of an RSA key
*
* \param ctx RSA Context to free
*/
void rsa_free( rsa_context *ctx );
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
*/
int rsa_self_test( int verbose );
#ifdef __cplusplus
}
#endif
#endif /* POLARSSL_RSA_C */
#endif /* rsa.h */

200
Externals/polarssl/include/polarssl/sha1.h vendored
View File

@ -1,200 +0,0 @@
/**
* \file sha1.h
*
* \brief SHA-1 cryptographic hash function
*
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_SHA1_H
#define POLARSSL_SHA1_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include <string.h>
#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32)
#include <basetsd.h>
typedef UINT32 uint32_t;
#else
#include <inttypes.h>
#endif
#define POLARSSL_ERR_SHA1_FILE_IO_ERROR -0x0076 /**< Read/write error in file. */
#if !defined(POLARSSL_SHA1_ALT)
// Regular implementation
//
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief SHA-1 context structure
*/
typedef struct
{
uint32_t total[2]; /*!< number of bytes processed */
uint32_t state[5]; /*!< intermediate digest state */
unsigned char buffer[64]; /*!< data block being processed */
unsigned char ipad[64]; /*!< HMAC: inner padding */
unsigned char opad[64]; /*!< HMAC: outer padding */
}
sha1_context;
/**
* \brief Initialize SHA-1 context
*
* \param ctx SHA-1 context to be initialized
*/
void sha1_init( sha1_context *ctx );
/**
* \brief Clear SHA-1 context
*
* \param ctx SHA-1 context to be cleared
*/
void sha1_free( sha1_context *ctx );
/**
* \brief SHA-1 context setup
*
* \param ctx context to be initialized
*/
void sha1_starts( sha1_context *ctx );
/**
* \brief SHA-1 process buffer
*
* \param ctx SHA-1 context
* \param input buffer holding the data
* \param ilen length of the input data
*/
void sha1_update( sha1_context *ctx, const unsigned char *input, size_t ilen );
/**
* \brief SHA-1 final digest
*
* \param ctx SHA-1 context
* \param output SHA-1 checksum result
*/
void sha1_finish( sha1_context *ctx, unsigned char output[20] );
/* Internal use */
void sha1_process( sha1_context *ctx, const unsigned char data[64] );
#ifdef __cplusplus
}
#endif
#else /* POLARSSL_SHA1_ALT */
#include "sha1_alt.h"
#endif /* POLARSSL_SHA1_ALT */
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief Output = SHA-1( input buffer )
*
* \param input buffer holding the data
* \param ilen length of the input data
* \param output SHA-1 checksum result
*/
void sha1( const unsigned char *input, size_t ilen, unsigned char output[20] );
/**
* \brief Output = SHA-1( file contents )
*
* \param path input file name
* \param output SHA-1 checksum result
*
* \return 0 if successful, or POLARSSL_ERR_SHA1_FILE_IO_ERROR
*/
int sha1_file( const char *path, unsigned char output[20] );
/**
* \brief SHA-1 HMAC context setup
*
* \param ctx HMAC context to be initialized
* \param key HMAC secret key
* \param keylen length of the HMAC key
*/
void sha1_hmac_starts( sha1_context *ctx, const unsigned char *key,
size_t keylen );
/**
* \brief SHA-1 HMAC process buffer
*
* \param ctx HMAC context
* \param input buffer holding the data
* \param ilen length of the input data
*/
void sha1_hmac_update( sha1_context *ctx, const unsigned char *input,
size_t ilen );
/**
* \brief SHA-1 HMAC final digest
*
* \param ctx HMAC context
* \param output SHA-1 HMAC checksum result
*/
void sha1_hmac_finish( sha1_context *ctx, unsigned char output[20] );
/**
* \brief SHA-1 HMAC context reset
*
* \param ctx HMAC context to be reset
*/
void sha1_hmac_reset( sha1_context *ctx );
/**
* \brief Output = HMAC-SHA-1( hmac key, input buffer )
*
* \param key HMAC secret key
* \param keylen length of the HMAC key
* \param input buffer holding the data
* \param ilen length of the input data
* \param output HMAC-SHA-1 result
*/
void sha1_hmac( const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen,
unsigned char output[20] );
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
*/
int sha1_self_test( int verbose );
#ifdef __cplusplus
}
#endif
#endif /* sha1.h */

208
Externals/polarssl/include/polarssl/sha256.h vendored
View File

@ -1,208 +0,0 @@
/**
* \file sha256.h
*
* \brief SHA-224 and SHA-256 cryptographic hash function
*
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_SHA256_H
#define POLARSSL_SHA256_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include <string.h>
#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32)
#include <basetsd.h>
typedef UINT32 uint32_t;
#else
#include <inttypes.h>
#endif
#define POLARSSL_ERR_SHA256_FILE_IO_ERROR -0x0078 /**< Read/write error in file. */
#if !defined(POLARSSL_SHA256_ALT)
// Regular implementation
//
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief SHA-256 context structure
*/
typedef struct
{
uint32_t total[2]; /*!< number of bytes processed */
uint32_t state[8]; /*!< intermediate digest state */
unsigned char buffer[64]; /*!< data block being processed */
unsigned char ipad[64]; /*!< HMAC: inner padding */
unsigned char opad[64]; /*!< HMAC: outer padding */
int is224; /*!< 0 => SHA-256, else SHA-224 */
}
sha256_context;
/**
* \brief Initialize SHA-256 context
*
* \param ctx SHA-256 context to be initialized
*/
void sha256_init( sha256_context *ctx );
/**
* \brief Clear SHA-256 context
*
* \param ctx SHA-256 context to be cleared
*/
void sha256_free( sha256_context *ctx );
/**
* \brief SHA-256 context setup
*
* \param ctx context to be initialized
* \param is224 0 = use SHA256, 1 = use SHA224
*/
void sha256_starts( sha256_context *ctx, int is224 );
/**
* \brief SHA-256 process buffer
*
* \param ctx SHA-256 context
* \param input buffer holding the data
* \param ilen length of the input data
*/
void sha256_update( sha256_context *ctx, const unsigned char *input,
size_t ilen );
/**
* \brief SHA-256 final digest
*
* \param ctx SHA-256 context
* \param output SHA-224/256 checksum result
*/
void sha256_finish( sha256_context *ctx, unsigned char output[32] );
/* Internal use */
void sha256_process( sha256_context *ctx, const unsigned char data[64] );
#ifdef __cplusplus
}
#endif
#else /* POLARSSL_SHA256_ALT */
#include "sha256_alt.h"
#endif /* POLARSSL_SHA256_ALT */
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief Output = SHA-256( input buffer )
*
* \param input buffer holding the data
* \param ilen length of the input data
* \param output SHA-224/256 checksum result
* \param is224 0 = use SHA256, 1 = use SHA224
*/
void sha256( const unsigned char *input, size_t ilen,
unsigned char output[32], int is224 );
/**
* \brief Output = SHA-256( file contents )
*
* \param path input file name
* \param output SHA-224/256 checksum result
* \param is224 0 = use SHA256, 1 = use SHA224
*
* \return 0 if successful, or POLARSSL_ERR_SHA256_FILE_IO_ERROR
*/
int sha256_file( const char *path, unsigned char output[32], int is224 );
/**
* \brief SHA-256 HMAC context setup
*
* \param ctx HMAC context to be initialized
* \param key HMAC secret key
* \param keylen length of the HMAC key
* \param is224 0 = use SHA256, 1 = use SHA224
*/
void sha256_hmac_starts( sha256_context *ctx, const unsigned char *key,
size_t keylen, int is224 );
/**
* \brief SHA-256 HMAC process buffer
*
* \param ctx HMAC context
* \param input buffer holding the data
* \param ilen length of the input data
*/
void sha256_hmac_update( sha256_context *ctx, const unsigned char *input,
size_t ilen );
/**
* \brief SHA-256 HMAC final digest
*
* \param ctx HMAC context
* \param output SHA-224/256 HMAC checksum result
*/
void sha256_hmac_finish( sha256_context *ctx, unsigned char output[32] );
/**
* \brief SHA-256 HMAC context reset
*
* \param ctx HMAC context to be reset
*/
void sha256_hmac_reset( sha256_context *ctx );
/**
* \brief Output = HMAC-SHA-256( hmac key, input buffer )
*
* \param key HMAC secret key
* \param keylen length of the HMAC key
* \param input buffer holding the data
* \param ilen length of the input data
* \param output HMAC-SHA-224/256 result
* \param is224 0 = use SHA256, 1 = use SHA224
*/
void sha256_hmac( const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen,
unsigned char output[32], int is224 );
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
*/
int sha256_self_test( int verbose );
#ifdef __cplusplus
}
#endif
#endif /* sha256.h */

209
Externals/polarssl/include/polarssl/sha512.h vendored
View File

@ -1,209 +0,0 @@
/**
* \file sha512.h
*
* \brief SHA-384 and SHA-512 cryptographic hash function
*
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_SHA512_H
#define POLARSSL_SHA512_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include <string.h>
#if defined(_MSC_VER) || defined(__WATCOMC__)
#define UL64(x) x##ui64
typedef unsigned __int64 uint64_t;
#else
#include <inttypes.h>
#define UL64(x) x##ULL
#endif
#define POLARSSL_ERR_SHA512_FILE_IO_ERROR -0x007A /**< Read/write error in file. */
#if !defined(POLARSSL_SHA512_ALT)
// Regular implementation
//
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief SHA-512 context structure
*/
typedef struct
{
uint64_t total[2]; /*!< number of bytes processed */
uint64_t state[8]; /*!< intermediate digest state */
unsigned char buffer[128]; /*!< data block being processed */
unsigned char ipad[128]; /*!< HMAC: inner padding */
unsigned char opad[128]; /*!< HMAC: outer padding */
int is384; /*!< 0 => SHA-512, else SHA-384 */
}
sha512_context;
/**
* \brief Initialize SHA-512 context
*
* \param ctx SHA-512 context to be initialized
*/
void sha512_init( sha512_context *ctx );
/**
* \brief Clear SHA-512 context
*
* \param ctx SHA-512 context to be cleared
*/
void sha512_free( sha512_context *ctx );
/**
* \brief SHA-512 context setup
*
* \param ctx context to be initialized
* \param is384 0 = use SHA512, 1 = use SHA384
*/
void sha512_starts( sha512_context *ctx, int is384 );
/**
* \brief SHA-512 process buffer
*
* \param ctx SHA-512 context
* \param input buffer holding the data
* \param ilen length of the input data
*/
void sha512_update( sha512_context *ctx, const unsigned char *input,
size_t ilen );
/**
* \brief SHA-512 final digest
*
* \param ctx SHA-512 context
* \param output SHA-384/512 checksum result
*/
void sha512_finish( sha512_context *ctx, unsigned char output[64] );
#ifdef __cplusplus
}
#endif
#else /* POLARSSL_SHA512_ALT */
#include "sha512_alt.h"
#endif /* POLARSSL_SHA512_ALT */
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief Output = SHA-512( input buffer )
*
* \param input buffer holding the data
* \param ilen length of the input data
* \param output SHA-384/512 checksum result
* \param is384 0 = use SHA512, 1 = use SHA384
*/
void sha512( const unsigned char *input, size_t ilen,
unsigned char output[64], int is384 );
/**
* \brief Output = SHA-512( file contents )
*
* \param path input file name
* \param output SHA-384/512 checksum result
* \param is384 0 = use SHA512, 1 = use SHA384
*
* \return 0 if successful, or POLARSSL_ERR_SHA512_FILE_IO_ERROR
*/
int sha512_file( const char *path, unsigned char output[64], int is384 );
/**
* \brief SHA-512 HMAC context setup
*
* \param ctx HMAC context to be initialized
* \param is384 0 = use SHA512, 1 = use SHA384
* \param key HMAC secret key
* \param keylen length of the HMAC key
*/
void sha512_hmac_starts( sha512_context *ctx, const unsigned char *key,
size_t keylen, int is384 );
/**
* \brief SHA-512 HMAC process buffer
*
* \param ctx HMAC context
* \param input buffer holding the data
* \param ilen length of the input data
*/
void sha512_hmac_update( sha512_context *ctx, const unsigned char *input,
size_t ilen );
/**
* \brief SHA-512 HMAC final digest
*
* \param ctx HMAC context
* \param output SHA-384/512 HMAC checksum result
*/
void sha512_hmac_finish( sha512_context *ctx, unsigned char output[64] );
/**
* \brief SHA-512 HMAC context reset
*
* \param ctx HMAC context to be reset
*/
void sha512_hmac_reset( sha512_context *ctx );
/**
* \brief Output = HMAC-SHA-512( hmac key, input buffer )
*
* \param key HMAC secret key
* \param keylen length of the HMAC key
* \param input buffer holding the data
* \param ilen length of the input data
* \param output HMAC-SHA-384/512 result
* \param is384 0 = use SHA512, 1 = use SHA384
*/
void sha512_hmac( const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen,
unsigned char output[64], int is384 );
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
*/
int sha512_self_test( int verbose );
/* Internal use */
void sha512_process( sha512_context *ctx, const unsigned char data[128] );
#ifdef __cplusplus
}
#endif
#endif /* sha512.h */

1809
Externals/polarssl/include/polarssl/ssl.h vendored
View File

File diff suppressed because it is too large Load Diff

147
Externals/polarssl/include/polarssl/ssl_cache.h vendored
View File

@ -1,147 +0,0 @@
/**
* \file ssl_cache.h
*
* \brief SSL session cache implementation
*
* Copyright (C) 2006-2013, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_SSL_CACHE_H
#define POLARSSL_SSL_CACHE_H
#include "ssl.h"
#if defined(POLARSSL_THREADING_C)
#include "threading.h"
#endif
/**
* \name SECTION: Module settings
*
* The configuration options you can set for this module are in this section.
* Either change them in config.h or define them on the compiler command line.
* \{
*/
#if !defined(SSL_CACHE_DEFAULT_TIMEOUT)
#define SSL_CACHE_DEFAULT_TIMEOUT 86400 /*!< 1 day */
#endif
#if !defined(SSL_CACHE_DEFAULT_MAX_ENTRIES)
#define SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /*!< Maximum entries in cache */
#endif
/* \} name SECTION: Module settings */
#ifdef __cplusplus
extern "C" {
#endif
typedef struct _ssl_cache_context ssl_cache_context;
typedef struct _ssl_cache_entry ssl_cache_entry;
/**
* \brief This structure is used for storing cache entries
*/
struct _ssl_cache_entry
{
#if defined(POLARSSL_HAVE_TIME)
time_t timestamp; /*!< entry timestamp */
#endif
ssl_session session; /*!< entry session */
#if defined(POLARSSL_X509_CRT_PARSE_C)
x509_buf peer_cert; /*!< entry peer_cert */
#endif
ssl_cache_entry *next; /*!< chain pointer */
};
/**
* \brief Cache context
*/
struct _ssl_cache_context
{
ssl_cache_entry *chain; /*!< start of the chain */
int timeout; /*!< cache entry timeout */
int max_entries; /*!< maximum entries */
#if defined(POLARSSL_THREADING_C)
threading_mutex_t mutex; /*!< mutex */
#endif
};
/**
* \brief Initialize an SSL cache context
*
* \param cache SSL cache context
*/
void ssl_cache_init( ssl_cache_context *cache );
/**
* \brief Cache get callback implementation
* (Thread-safe if POLARSSL_THREADING_C is enabled)
*
* \param data SSL cache context
* \param session session to retrieve entry for
*/
int ssl_cache_get( void *data, ssl_session *session );
/**
* \brief Cache set callback implementation
* (Thread-safe if POLARSSL_THREADING_C is enabled)
*
* \param data SSL cache context
* \param session session to store entry for
*/
int ssl_cache_set( void *data, const ssl_session *session );
#if defined(POLARSSL_HAVE_TIME)
/**
* \brief Set the cache timeout
* (Default: SSL_CACHE_DEFAULT_TIMEOUT (1 day))
*
* A timeout of 0 indicates no timeout.
*
* \param cache SSL cache context
* \param timeout cache entry timeout in seconds
*/
void ssl_cache_set_timeout( ssl_cache_context *cache, int timeout );
#endif /* POLARSSL_HAVE_TIME */
/**
* \brief Set the cache timeout
* (Default: SSL_CACHE_DEFAULT_MAX_ENTRIES (50))
*
* \param cache SSL cache context
* \param max cache entry maximum
*/
void ssl_cache_set_max_entries( ssl_cache_context *cache, int max );
/**
* \brief Free referenced items in a cache context and clear memory
*
* \param cache SSL cache context
*/
void ssl_cache_free( ssl_cache_context *cache );
#ifdef __cplusplus
}
#endif
#endif /* ssl_cache.h */

293
Externals/polarssl/include/polarssl/ssl_ciphersuites.h vendored
View File

@ -1,293 +0,0 @@
/**
* \file ssl_ciphersuites.h
*
* \brief SSL Ciphersuites for PolarSSL
*
* Copyright (C) 2006-2013, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_SSL_CIPHERSUITES_H
#define POLARSSL_SSL_CIPHERSUITES_H
#include "pk.h"
#include "cipher.h"
#include "md.h"
#ifdef __cplusplus
extern "C" {
#endif
/*
* Supported ciphersuites (Official IANA names)
*/
#define TLS_RSA_WITH_NULL_MD5 0x01 /**< Weak! */
#define TLS_RSA_WITH_NULL_SHA 0x02 /**< Weak! */
#define TLS_RSA_WITH_RC4_128_MD5 0x04
#define TLS_RSA_WITH_RC4_128_SHA 0x05
#define TLS_RSA_WITH_DES_CBC_SHA 0x09 /**< Weak! Not in TLS 1.2 */
#define TLS_RSA_WITH_3DES_EDE_CBC_SHA 0x0A
#define TLS_DHE_RSA_WITH_DES_CBC_SHA 0x15 /**< Weak! Not in TLS 1.2 */
#define TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA 0x16
#define TLS_PSK_WITH_NULL_SHA 0x2C /**< Weak! */
#define TLS_DHE_PSK_WITH_NULL_SHA 0x2D /**< Weak! */
#define TLS_RSA_PSK_WITH_NULL_SHA 0x2E /**< Weak! */
#define TLS_RSA_WITH_AES_128_CBC_SHA 0x2F
#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA 0x33
#define TLS_RSA_WITH_AES_256_CBC_SHA 0x35
#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA 0x39
#define TLS_RSA_WITH_NULL_SHA256 0x3B /**< Weak! */
#define TLS_RSA_WITH_AES_128_CBC_SHA256 0x3C /**< TLS 1.2 */
#define TLS_RSA_WITH_AES_256_CBC_SHA256 0x3D /**< TLS 1.2 */
#define TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 0x41
#define TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 0x45
#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 0x67 /**< TLS 1.2 */
#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 0x6B /**< TLS 1.2 */
#define TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 0x84
#define TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 0x88
#define TLS_PSK_WITH_RC4_128_SHA 0x8A
#define TLS_PSK_WITH_3DES_EDE_CBC_SHA 0x8B
#define TLS_PSK_WITH_AES_128_CBC_SHA 0x8C
#define TLS_PSK_WITH_AES_256_CBC_SHA 0x8D
#define TLS_DHE_PSK_WITH_RC4_128_SHA 0x8E
#define TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA 0x8F
#define TLS_DHE_PSK_WITH_AES_128_CBC_SHA 0x90
#define TLS_DHE_PSK_WITH_AES_256_CBC_SHA 0x91
#define TLS_RSA_PSK_WITH_RC4_128_SHA 0x92
#define TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA 0x93
#define TLS_RSA_PSK_WITH_AES_128_CBC_SHA 0x94
#define TLS_RSA_PSK_WITH_AES_256_CBC_SHA 0x95
#define TLS_RSA_WITH_AES_128_GCM_SHA256 0x9C /**< TLS 1.2 */
#define TLS_RSA_WITH_AES_256_GCM_SHA384 0x9D /**< TLS 1.2 */
#define TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 0x9E /**< TLS 1.2 */
#define TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 0x9F /**< TLS 1.2 */
#define TLS_PSK_WITH_AES_128_GCM_SHA256 0xA8 /**< TLS 1.2 */
#define TLS_PSK_WITH_AES_256_GCM_SHA384 0xA9 /**< TLS 1.2 */
#define TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 0xAA /**< TLS 1.2 */
#define TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 0xAB /**< TLS 1.2 */
#define TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 0xAC /**< TLS 1.2 */
#define TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 0xAD /**< TLS 1.2 */
#define TLS_PSK_WITH_AES_128_CBC_SHA256 0xAE
#define TLS_PSK_WITH_AES_256_CBC_SHA384 0xAF
#define TLS_PSK_WITH_NULL_SHA256 0xB0 /**< Weak! */
#define TLS_PSK_WITH_NULL_SHA384 0xB1 /**< Weak! */
#define TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 0xB2
#define TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 0xB3
#define TLS_DHE_PSK_WITH_NULL_SHA256 0xB4 /**< Weak! */
#define TLS_DHE_PSK_WITH_NULL_SHA384 0xB5 /**< Weak! */
#define TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 0xB6
#define TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 0xB7
#define TLS_RSA_PSK_WITH_NULL_SHA256 0xB8 /**< Weak! */
#define TLS_RSA_PSK_WITH_NULL_SHA384 0xB9 /**< Weak! */
#define TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBA /**< TLS 1.2 */
#define TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBE /**< TLS 1.2 */
#define TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC0 /**< TLS 1.2 */
#define TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC4 /**< TLS 1.2 */
#define TLS_ECDH_ECDSA_WITH_NULL_SHA 0xC001 /**< Weak! */
#define TLS_ECDH_ECDSA_WITH_RC4_128_SHA 0xC002 /**< Not in SSL3! */
#define TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA 0xC003 /**< Not in SSL3! */
#define TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA 0xC004 /**< Not in SSL3! */
#define TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 0xC005 /**< Not in SSL3! */
#define TLS_ECDHE_ECDSA_WITH_NULL_SHA 0xC006 /**< Weak! */
#define TLS_ECDHE_ECDSA_WITH_RC4_128_SHA 0xC007 /**< Not in SSL3! */
#define TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA 0xC008 /**< Not in SSL3! */
#define TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 0xC009 /**< Not in SSL3! */
#define TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 0xC00A /**< Not in SSL3! */
#define TLS_ECDH_RSA_WITH_NULL_SHA 0xC00B /**< Weak! */
#define TLS_ECDH_RSA_WITH_RC4_128_SHA 0xC00C /**< Not in SSL3! */
#define TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA 0xC00D /**< Not in SSL3! */
#define TLS_ECDH_RSA_WITH_AES_128_CBC_SHA 0xC00E /**< Not in SSL3! */
#define TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 0xC00F /**< Not in SSL3! */
#define TLS_ECDHE_RSA_WITH_NULL_SHA 0xC010 /**< Weak! */
#define TLS_ECDHE_RSA_WITH_RC4_128_SHA 0xC011 /**< Not in SSL3! */
#define TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 0xC012 /**< Not in SSL3! */
#define TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 0xC013 /**< Not in SSL3! */
#define TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 0xC014 /**< Not in SSL3! */
#define TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 0xC023 /**< TLS 1.2 */
#define TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 0xC024 /**< TLS 1.2 */
#define TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 0xC025 /**< TLS 1.2 */
#define TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 0xC026 /**< TLS 1.2 */
#define TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 0xC027 /**< TLS 1.2 */
#define TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 0xC028 /**< TLS 1.2 */
#define TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 0xC029 /**< TLS 1.2 */
#define TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 0xC02A /**< TLS 1.2 */
#define TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 0xC02B /**< TLS 1.2 */
#define TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 0xC02C /**< TLS 1.2 */
#define TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 0xC02D /**< TLS 1.2 */
#define TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 0xC02E /**< TLS 1.2 */
#define TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 0xC02F /**< TLS 1.2 */
#define TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 0xC030 /**< TLS 1.2 */
#define TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 0xC031 /**< TLS 1.2 */
#define TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 0xC032 /**< TLS 1.2 */
#define TLS_ECDHE_PSK_WITH_RC4_128_SHA 0xC033 /**< Not in SSL3! */
#define TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA 0xC034 /**< Not in SSL3! */
#define TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA 0xC035 /**< Not in SSL3! */
#define TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA 0xC036 /**< Not in SSL3! */
#define TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 0xC037 /**< Not in SSL3! */
#define TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 0xC038 /**< Not in SSL3! */
#define TLS_ECDHE_PSK_WITH_NULL_SHA 0xC039 /**< Weak! No SSL3! */
#define TLS_ECDHE_PSK_WITH_NULL_SHA256 0xC03A /**< Weak! No SSL3! */
#define TLS_ECDHE_PSK_WITH_NULL_SHA384 0xC03B /**< Weak! No SSL3! */
#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0xC072 /**< Not in SSL3! */
#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0xC073 /**< Not in SSL3! */
#define TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0xC074 /**< Not in SSL3! */
#define TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0xC075 /**< Not in SSL3! */
#define TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xC076 /**< Not in SSL3! */
#define TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 0xC077 /**< Not in SSL3! */
#define TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xC078 /**< Not in SSL3! */
#define TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 0xC079 /**< Not in SSL3! */
#define TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC07A /**< TLS 1.2 */
#define TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC07B /**< TLS 1.2 */
#define TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC07C /**< TLS 1.2 */
#define TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC07D /**< TLS 1.2 */
#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 0xC086 /**< TLS 1.2 */
#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 0xC087 /**< TLS 1.2 */
#define TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 0xC088 /**< TLS 1.2 */
#define TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 0xC089 /**< TLS 1.2 */
#define TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC08A /**< TLS 1.2 */
#define TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC08B /**< TLS 1.2 */
#define TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC08C /**< TLS 1.2 */
#define TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC08D /**< TLS 1.2 */
#define TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC08E /**< TLS 1.2 */
#define TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC08F /**< TLS 1.2 */
#define TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC090 /**< TLS 1.2 */
#define TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC091 /**< TLS 1.2 */
#define TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC092 /**< TLS 1.2 */
#define TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC093 /**< TLS 1.2 */
#define TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC094
#define TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC095
#define TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC096
#define TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC097
#define TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC098
#define TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC099
#define TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC09A /**< Not in SSL3! */
#define TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC09B /**< Not in SSL3! */
#define TLS_RSA_WITH_AES_128_CCM 0xC09C /**< TLS 1.2 */
#define TLS_RSA_WITH_AES_256_CCM 0xC09D /**< TLS 1.2 */
#define TLS_DHE_RSA_WITH_AES_128_CCM 0xC09E /**< TLS 1.2 */
#define TLS_DHE_RSA_WITH_AES_256_CCM 0xC09F /**< TLS 1.2 */
#define TLS_RSA_WITH_AES_128_CCM_8 0xC0A0 /**< TLS 1.2 */
#define TLS_RSA_WITH_AES_256_CCM_8 0xC0A1 /**< TLS 1.2 */
#define TLS_DHE_RSA_WITH_AES_128_CCM_8 0xC0A2 /**< TLS 1.2 */
#define TLS_DHE_RSA_WITH_AES_256_CCM_8 0xC0A3 /**< TLS 1.2 */
#define TLS_PSK_WITH_AES_128_CCM 0xC0A4 /**< TLS 1.2 */
#define TLS_PSK_WITH_AES_256_CCM 0xC0A5 /**< TLS 1.2 */
#define TLS_DHE_PSK_WITH_AES_128_CCM 0xC0A6 /**< TLS 1.2 */
#define TLS_DHE_PSK_WITH_AES_256_CCM 0xC0A7 /**< TLS 1.2 */
#define TLS_PSK_WITH_AES_128_CCM_8 0xC0A8 /**< TLS 1.2 */
#define TLS_PSK_WITH_AES_256_CCM_8 0xC0A9 /**< TLS 1.2 */
#define TLS_DHE_PSK_WITH_AES_128_CCM_8 0xC0AA /**< TLS 1.2 */
#define TLS_DHE_PSK_WITH_AES_256_CCM_8 0xC0AB /**< TLS 1.2 */
/* The last two are named with PSK_DHE in the RFC, which looks like a typo */
#define TLS_ECDHE_ECDSA_WITH_AES_128_CCM 0xC0AC /**< TLS 1.2 */
#define TLS_ECDHE_ECDSA_WITH_AES_256_CCM 0xC0AD /**< TLS 1.2 */
#define TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 0xC0AE /**< TLS 1.2 */
#define TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 0xC0AF /**< TLS 1.2 */
/* Reminder: update _ssl_premaster_secret when adding a new key exchange */
typedef enum {
POLARSSL_KEY_EXCHANGE_NONE = 0,
POLARSSL_KEY_EXCHANGE_RSA,
POLARSSL_KEY_EXCHANGE_DHE_RSA,
POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
POLARSSL_KEY_EXCHANGE_PSK,
POLARSSL_KEY_EXCHANGE_DHE_PSK,
POLARSSL_KEY_EXCHANGE_RSA_PSK,
POLARSSL_KEY_EXCHANGE_ECDHE_PSK,
POLARSSL_KEY_EXCHANGE_ECDH_RSA,
POLARSSL_KEY_EXCHANGE_ECDH_ECDSA,
} key_exchange_type_t;
typedef struct _ssl_ciphersuite_t ssl_ciphersuite_t;
#define POLARSSL_CIPHERSUITE_WEAK 0x01 /**< Weak ciphersuite flag */
#define POLARSSL_CIPHERSUITE_SHORT_TAG 0x02 /**< Short authentication tag,
eg for CCM_8 */
/**
* \brief This structure is used for storing ciphersuite information
*/
struct _ssl_ciphersuite_t
{
int id;
const char * name;
cipher_type_t cipher;
md_type_t mac;
key_exchange_type_t key_exchange;
int min_major_ver;
int min_minor_ver;
int max_major_ver;
int max_minor_ver;
unsigned char flags;
};
const int *ssl_list_ciphersuites( void );
const ssl_ciphersuite_t *ssl_ciphersuite_from_string( const char *ciphersuite_name );
const ssl_ciphersuite_t *ssl_ciphersuite_from_id( int ciphersuite_id );
#if defined(POLARSSL_PK_C)
pk_type_t ssl_get_ciphersuite_sig_pk_alg( const ssl_ciphersuite_t *info );
#endif
int ssl_ciphersuite_uses_ec( const ssl_ciphersuite_t *info );
int ssl_ciphersuite_uses_psk( const ssl_ciphersuite_t *info );
#ifdef __cplusplus
}
#endif
#endif /* ssl_ciphersuites.h */

86
Externals/polarssl/include/polarssl/threading.h vendored
View File

@ -1,86 +0,0 @@
/**
* \file threading.h
*
* \brief Threading abstraction layer
*
* Copyright (C) 2006-2013, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_THREADING_H
#define POLARSSL_THREADING_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include <stdlib.h>
#ifdef __cplusplus
extern "C" {
#endif
#define POLARSSL_ERR_THREADING_FEATURE_UNAVAILABLE -0x001A /**< The selected feature is not available. */
#define POLARSSL_ERR_THREADING_BAD_INPUT_DATA -0x001C /**< Bad input parameters to function. */
#define POLARSSL_ERR_THREADING_MUTEX_ERROR -0x001E /**< Locking / unlocking / free failed with error code. */
#if defined(POLARSSL_THREADING_PTHREAD)
#include <pthread.h>
typedef pthread_mutex_t threading_mutex_t;
#endif
#if defined(POLARSSL_THREADING_ALT)
/* You should define the threading_mutex_t type in your header */
#include "threading_alt.h"
/**
* \brief Set your alternate threading implementation function
* pointers
*
* \param mutex_init the init function implementation
* \param mutex_free the free function implementation
* \param mutex_lock the lock function implementation
* \param mutex_unlock the unlock function implementation
*
* \return 0 if successful
*/
int threading_set_alt( int (*mutex_init)( threading_mutex_t * ),
int (*mutex_free)( threading_mutex_t * ),
int (*mutex_lock)( threading_mutex_t * ),
int (*mutex_unlock)( threading_mutex_t * ) );
#endif /* POLARSSL_THREADING_ALT_C */
/*
* The function pointers for mutex_init, mutex_free, mutex_ and mutex_unlock
*
* All these functions are expected to work or the result will be undefined.
*/
extern int (*polarssl_mutex_init)( threading_mutex_t *mutex );
extern int (*polarssl_mutex_free)( threading_mutex_t *mutex );
extern int (*polarssl_mutex_lock)( threading_mutex_t *mutex );
extern int (*polarssl_mutex_unlock)( threading_mutex_t *mutex );
#ifdef __cplusplus
}
#endif
#endif /* threading.h */

98
Externals/polarssl/include/polarssl/timing.h vendored
View File

@ -1,98 +0,0 @@
/**
* \file timing.h
*
* \brief Portable interface to the CPU cycle counter
*
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_TIMING_H
#define POLARSSL_TIMING_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#if !defined(POLARSSL_TIMING_ALT)
// Regular implementation
//
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief timer structure
*/
struct hr_time
{
unsigned char opaque[32];
};
extern volatile int alarmed;
/**
* \brief Return the CPU cycle counter value
*/
unsigned long hardclock( void );
/**
* \brief Return the elapsed time in milliseconds
*
* \param val points to a timer structure
* \param reset if set to 1, the timer is restarted
*/
unsigned long get_timer( struct hr_time *val, int reset );
/**
* \brief Setup an alarm clock
*
* \param seconds delay before the "alarmed" flag is set
*/
void set_alarm( int seconds );
/**
* \brief Sleep for a certain amount of time
*
* \param milliseconds delay in milliseconds
*/
void m_sleep( int milliseconds );
#if defined(POLARSSL_SELF_TEST)
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if a test failed
*/
int timing_self_test( int verbose );
#endif
#ifdef __cplusplus
}
#endif
#else /* POLARSSL_TIMING_ALT */
#include "timing_alt.h"
#endif /* POLARSSL_TIMING_ALT */
#endif /* timing.h */

114
Externals/polarssl/include/polarssl/version.h vendored
View File

@ -1,114 +0,0 @@
/**
* \file version.h
*
* \brief Run-time version information
*
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
/*
* This set of compile-time defines and run-time variables can be used to
* determine the version number of the PolarSSL library used.
*/
#ifndef POLARSSL_VERSION_H
#define POLARSSL_VERSION_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
/**
* The version number x.y.z is split into three parts.
* Major, Minor, Patchlevel
*/
#define POLARSSL_VERSION_MAJOR 1
#define POLARSSL_VERSION_MINOR 3
#define POLARSSL_VERSION_PATCH 8
/**
* The single version number has the following structure:
* MMNNPP00
* Major version | Minor version | Patch version
*/
#define POLARSSL_VERSION_NUMBER 0x01030800
#define POLARSSL_VERSION_STRING "1.3.8"
#define POLARSSL_VERSION_STRING_FULL "PolarSSL 1.3.8"
#if defined(POLARSSL_VERSION_C)
#ifdef __cplusplus
extern "C" {
#endif
/**
* Get the version number.
*
* \return The constructed version number in the format
* MMNNPP00 (Major, Minor, Patch).
*/
unsigned int version_get_number( void );
/**
* Get the version string ("x.y.z").
*
* \param string The string that will receive the value.
* (Should be at least 9 bytes in size)
*/
void version_get_string( char *string );
/**
* Get the full version string ("PolarSSL x.y.z").
*
* \param string The string that will receive the value. The PolarSSL version
* string will use 18 bytes AT MOST including a terminating
* null byte.
* (So the buffer should be at least 18 bytes to receive this
* version string).
*/
void version_get_string_full( char *string );
/**
* \brief Check if support for a feature was compiled into this
* PolarSSL binary. This allows you to see at runtime if the
* library was for instance compiled with or without
* Multi-threading support.
*
* Note: only checks against defines in the sections "System
* support", "PolarSSL modules" and "PolarSSL feature
* support" in config.h
*
* \param feature The string for the define to check (e.g. "POLARSSL_AES_C")
*
* \return 0 if the feature is present, -1 if the feature is not
* present and -2 if support for feature checking as a whole
* was not compiled in.
*/
int version_check_feature( const char *feature );
#ifdef __cplusplus
}
#endif
#endif /* POLARSSL_VERSION_C */
#endif /* version.h */

317
Externals/polarssl/include/polarssl/x509.h vendored
View File

@ -1,317 +0,0 @@
/**
* \file x509.h
*
* \brief X.509 generic defines and structures
*
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_X509_H
#define POLARSSL_X509_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include "asn1.h"
#include "pk.h"
#if defined(POLARSSL_RSA_C)
#include "rsa.h"
#endif
/**
* \addtogroup x509_module
* \{
*/
/**
* \name X509 Error codes
* \{
*/
#define POLARSSL_ERR_X509_FEATURE_UNAVAILABLE -0x2080 /**< Unavailable feature, e.g. RSA hashing/encryption combination. */
#define POLARSSL_ERR_X509_UNKNOWN_OID -0x2100 /**< Requested OID is unknown. */
#define POLARSSL_ERR_X509_INVALID_FORMAT -0x2180 /**< The CRT/CRL/CSR format is invalid, e.g. different type expected. */
#define POLARSSL_ERR_X509_INVALID_VERSION -0x2200 /**< The CRT/CRL/CSR version element is invalid. */
#define POLARSSL_ERR_X509_INVALID_SERIAL -0x2280 /**< The serial tag or value is invalid. */
#define POLARSSL_ERR_X509_INVALID_ALG -0x2300 /**< The algorithm tag or value is invalid. */
#define POLARSSL_ERR_X509_INVALID_NAME -0x2380 /**< The name tag or value is invalid. */
#define POLARSSL_ERR_X509_INVALID_DATE -0x2400 /**< The date tag or value is invalid. */
#define POLARSSL_ERR_X509_INVALID_SIGNATURE -0x2480 /**< The signature tag or value invalid. */
#define POLARSSL_ERR_X509_INVALID_EXTENSIONS -0x2500 /**< The extension tag or value is invalid. */
#define POLARSSL_ERR_X509_UNKNOWN_VERSION -0x2580 /**< CRT/CRL/CSR has an unsupported version number. */
#define POLARSSL_ERR_X509_UNKNOWN_SIG_ALG -0x2600 /**< Signature algorithm (oid) is unsupported. */
#define POLARSSL_ERR_X509_SIG_MISMATCH -0x2680 /**< Signature algorithms do not match. (see \c ::x509_crt sig_oid) */
#define POLARSSL_ERR_X509_CERT_VERIFY_FAILED -0x2700 /**< Certificate verification failed, e.g. CRL, CA or signature check failed. */
#define POLARSSL_ERR_X509_CERT_UNKNOWN_FORMAT -0x2780 /**< Format not recognized as DER or PEM. */
#define POLARSSL_ERR_X509_BAD_INPUT_DATA -0x2800 /**< Input invalid. */
#define POLARSSL_ERR_X509_MALLOC_FAILED -0x2880 /**< Allocation of memory failed. */
#define POLARSSL_ERR_X509_FILE_IO_ERROR -0x2900 /**< Read/write of file failed. */
/* \} name */
/**
* \name X509 Verify codes
* \{
*/
#define BADCERT_EXPIRED 0x01 /**< The certificate validity has expired. */
#define BADCERT_REVOKED 0x02 /**< The certificate has been revoked (is on a CRL). */
#define BADCERT_CN_MISMATCH 0x04 /**< The certificate Common Name (CN) does not match with the expected CN. */
#define BADCERT_NOT_TRUSTED 0x08 /**< The certificate is not correctly signed by the trusted CA. */
#define BADCRL_NOT_TRUSTED 0x10 /**< CRL is not correctly signed by the trusted CA. */
#define BADCRL_EXPIRED 0x20 /**< CRL is expired. */
#define BADCERT_MISSING 0x40 /**< Certificate was missing. */
#define BADCERT_SKIP_VERIFY 0x80 /**< Certificate verification was skipped. */
#define BADCERT_OTHER 0x0100 /**< Other reason (can be used by verify callback) */
#define BADCERT_FUTURE 0x0200 /**< The certificate validity starts in the future. */
#define BADCRL_FUTURE 0x0400 /**< The CRL is from the future */
/* \} name */
/* \} addtogroup x509_module */
/*
* X.509 v3 Key Usage Extension flags
*/
#define KU_DIGITAL_SIGNATURE (0x80) /* bit 0 */
#define KU_NON_REPUDIATION (0x40) /* bit 1 */
#define KU_KEY_ENCIPHERMENT (0x20) /* bit 2 */
#define KU_DATA_ENCIPHERMENT (0x10) /* bit 3 */
#define KU_KEY_AGREEMENT (0x08) /* bit 4 */
#define KU_KEY_CERT_SIGN (0x04) /* bit 5 */
#define KU_CRL_SIGN (0x02) /* bit 6 */
/*
* Netscape certificate types
* (http://www.mozilla.org/projects/security/pki/nss/tech-notes/tn3.html)
*/
#define NS_CERT_TYPE_SSL_CLIENT (0x80) /* bit 0 */
#define NS_CERT_TYPE_SSL_SERVER (0x40) /* bit 1 */
#define NS_CERT_TYPE_EMAIL (0x20) /* bit 2 */
#define NS_CERT_TYPE_OBJECT_SIGNING (0x10) /* bit 3 */
#define NS_CERT_TYPE_RESERVED (0x08) /* bit 4 */
#define NS_CERT_TYPE_SSL_CA (0x04) /* bit 5 */
#define NS_CERT_TYPE_EMAIL_CA (0x02) /* bit 6 */
#define NS_CERT_TYPE_OBJECT_SIGNING_CA (0x01) /* bit 7 */
/*
* X.509 extension types
*
* Comments refer to the status for using certificates. Status can be
* different for writing certificates or reading CRLs or CSRs.
*/
#define EXT_AUTHORITY_KEY_IDENTIFIER (1 << 0)
#define EXT_SUBJECT_KEY_IDENTIFIER (1 << 1)
#define EXT_KEY_USAGE (1 << 2) /* Parsed but not used */
#define EXT_CERTIFICATE_POLICIES (1 << 3)
#define EXT_POLICY_MAPPINGS (1 << 4)
#define EXT_SUBJECT_ALT_NAME (1 << 5) /* Supported (DNS) */
#define EXT_ISSUER_ALT_NAME (1 << 6)
#define EXT_SUBJECT_DIRECTORY_ATTRS (1 << 7)
#define EXT_BASIC_CONSTRAINTS (1 << 8) /* Supported */
#define EXT_NAME_CONSTRAINTS (1 << 9)
#define EXT_POLICY_CONSTRAINTS (1 << 10)
#define EXT_EXTENDED_KEY_USAGE (1 << 11) /* Parsed but not used */
#define EXT_CRL_DISTRIBUTION_POINTS (1 << 12)
#define EXT_INIHIBIT_ANYPOLICY (1 << 13)
#define EXT_FRESHEST_CRL (1 << 14)
#define EXT_NS_CERT_TYPE (1 << 16) /* Parsed (and then ?) */
/*
* Storage format identifiers
* Recognized formats: PEM and DER
*/
#define X509_FORMAT_DER 1
#define X509_FORMAT_PEM 2
#ifdef __cplusplus
extern "C" {
#endif
/**
* \addtogroup x509_module
* \{ */
/**
* \name Structures for parsing X.509 certificates, CRLs and CSRs
* \{
*/
/**
* Type-length-value structure that allows for ASN1 using DER.
*/
typedef asn1_buf x509_buf;
/**
* Container for ASN1 bit strings.
*/
typedef asn1_bitstring x509_bitstring;
/**
* Container for ASN1 named information objects.
* It allows for Relative Distinguished Names (e.g. cn=polarssl,ou=code,etc.).
*/
typedef asn1_named_data x509_name;
/**
* Container for a sequence of ASN.1 items
*/
typedef asn1_sequence x509_sequence;
/** Container for date and time (precision in seconds). */
typedef struct _x509_time
{
int year, mon, day; /**< Date. */
int hour, min, sec; /**< Time. */
}
x509_time;
/** \} name Structures for parsing X.509 certificates, CRLs and CSRs */
/** \} addtogroup x509_module */
/**
* \brief Store the certificate DN in printable form into buf;
* no more than size characters will be written.
*
* \param buf Buffer to write to
* \param size Maximum size of buffer
* \param dn The X509 name to represent
*
* \return The amount of data written to the buffer, or -1 in
* case of an error.
*/
int x509_dn_gets( char *buf, size_t size, const x509_name *dn );
/**
* \brief Store the certificate serial in printable form into buf;
* no more than size characters will be written.
*
* \param buf Buffer to write to
* \param size Maximum size of buffer
* \param serial The X509 serial to represent
*
* \return The amount of data written to the buffer, or -1 in
* case of an error.
*/
int x509_serial_gets( char *buf, size_t size, const x509_buf *serial );
/**
* \brief Give an known OID, return its descriptive string.
* (Deprecated. Use oid_get_extended_key_usage() instead.)
* Warning: only works for extended_key_usage OIDs!
*
* \param oid buffer containing the oid
*
* \return Return a string if the OID is known,
* or NULL otherwise.
*/
const char *x509_oid_get_description( x509_buf *oid );
/**
* \brief Give an OID, return a string version of its OID number.
* (Deprecated. Use oid_get_numeric_string() instead)
*
* \param buf Buffer to write to
* \param size Maximum size of buffer
* \param oid Buffer containing the OID
*
* \return Length of the string written (excluding final NULL) or
* POLARSSL_ERR_OID_BUF_TO_SMALL in case of error
*/
int x509_oid_get_numeric_string( char *buf, size_t size, x509_buf *oid );
/**
* \brief Check a given x509_time against the system time and check
* if it is not expired.
*
* \param time x509_time to check
*
* \return 0 if the x509_time is still valid,
* 1 otherwise.
*/
int x509_time_expired( const x509_time *time );
/**
* \brief Check a given x509_time against the system time and check
* if it is not from the future.
*
* \param time x509_time to check
*
* \return 0 if the x509_time is already valid,
* 1 otherwise.
*/
int x509_time_future( const x509_time *time );
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
*/
int x509_self_test( int verbose );
/*
* Internal module functions. You probably do not want to use these unless you
* know you do.
*/
int x509_get_name( unsigned char **p, const unsigned char *end,
x509_name *cur );
int x509_get_alg_null( unsigned char **p, const unsigned char *end,
x509_buf *alg );
int x509_get_alg( unsigned char **p, const unsigned char *end,
x509_buf *alg, x509_buf *params );
#if defined(POLARSSL_X509_RSASSA_PSS_SUPPORT)
int x509_get_rsassa_pss_params( const x509_buf *params,
md_type_t *md_alg, md_type_t *mgf_md,
int *salt_len );
#endif
int x509_get_sig( unsigned char **p, const unsigned char *end, x509_buf *sig );
int x509_get_sig_alg( const x509_buf *sig_oid, const x509_buf *sig_params,
md_type_t *md_alg, pk_type_t *pk_alg,
void **sig_opts );
int x509_get_time( unsigned char **p, const unsigned char *end,
x509_time *time );
int x509_get_serial( unsigned char **p, const unsigned char *end,
x509_buf *serial );
int x509_get_ext( unsigned char **p, const unsigned char *end,
x509_buf *ext, int tag );
int x509_load_file( const char *path, unsigned char **buf, size_t *n );
int x509_sig_alg_gets( char *buf, size_t size, const x509_buf *sig_oid,
pk_type_t pk_alg, md_type_t md_alg,
const void *sig_opts );
int x509_key_size_helper( char *buf, size_t size, const char *name );
int x509_string_to_names( asn1_named_data **head, const char *name );
int x509_set_extension( asn1_named_data **head, const char *oid, size_t oid_len,
int critical, const unsigned char *val,
size_t val_len );
int x509_write_extensions( unsigned char **p, unsigned char *start,
asn1_named_data *first );
int x509_write_names( unsigned char **p, unsigned char *start,
asn1_named_data *first );
int x509_write_sig( unsigned char **p, unsigned char *start,
const char *oid, size_t oid_len,
unsigned char *sig, size_t size );
#ifdef __cplusplus
}
#endif
#endif /* x509.h */

162
Externals/polarssl/include/polarssl/x509_crl.h vendored
View File

@ -1,162 +0,0 @@
/**
* \file x509_crl.h
*
* \brief X.509 certificate revocation list parsing
*
* Copyright (C) 2006-2013, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_X509_CRL_H
#define POLARSSL_X509_CRL_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include "x509.h"
#ifdef __cplusplus
extern "C" {
#endif
/**
* \addtogroup x509_module
* \{ */
/**
* \name Structures and functions for parsing CRLs
* \{
*/
/**
* Certificate revocation list entry.
* Contains the CA-specific serial numbers and revocation dates.
*/
typedef struct _x509_crl_entry
{
x509_buf raw;
x509_buf serial;
x509_time revocation_date;
x509_buf entry_ext;
struct _x509_crl_entry *next;
}
x509_crl_entry;
/**
* Certificate revocation list structure.
* Every CRL may have multiple entries.
*/
typedef struct _x509_crl
{
x509_buf raw; /**< The raw certificate data (DER). */
x509_buf tbs; /**< The raw certificate body (DER). The part that is To Be Signed. */
int version; /**< CRL version (1=v1, 2=v2) */
x509_buf sig_oid1;
x509_buf issuer_raw; /**< The raw issuer data (DER). */
x509_name issuer; /**< The parsed issuer data (named information object). */
x509_time this_update;
x509_time next_update;
x509_crl_entry entry; /**< The CRL entries containing the certificate revocation times for this CA. */
x509_buf crl_ext;
x509_buf sig_oid2;
x509_buf sig;
md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. POLARSSL_MD_SHA256 */
pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */
void *sig_opts; /**< Signature options to be passed to pk_verify_ext(), e.g. for RSASSA-PSS */
struct _x509_crl *next;
}
x509_crl;
/**
* \brief Parse one or more CRLs and add them
* to the chained list
*
* \param chain points to the start of the chain
* \param buf buffer holding the CRL data
* \param buflen size of the buffer
*
* \return 0 if successful, or a specific X509 or PEM error code
*/
int x509_crl_parse( x509_crl *chain, const unsigned char *buf, size_t buflen );
#if defined(POLARSSL_FS_IO)
/**
* \brief Load one or more CRLs and add them
* to the chained list
*
* \param chain points to the start of the chain
* \param path filename to read the CRLs from
*
* \return 0 if successful, or a specific X509 or PEM error code
*/
int x509_crl_parse_file( x509_crl *chain, const char *path );
#endif /* POLARSSL_FS_IO */
/**
* \brief Returns an informational string about the CRL.
*
* \param buf Buffer to write to
* \param size Maximum size of buffer
* \param prefix A line prefix
* \param crl The X509 CRL to represent
*
* \return The amount of data written to the buffer, or -1 in
* case of an error.
*/
int x509_crl_info( char *buf, size_t size, const char *prefix,
const x509_crl *crl );
/**
* \brief Initialize a CRL (chain)
*
* \param crl CRL chain to initialize
*/
void x509_crl_init( x509_crl *crl );
/**
* \brief Unallocate all CRL data
*
* \param crl CRL chain to free
*/
void x509_crl_free( x509_crl *crl );
/* \} name */
/* \} addtogroup x509_module */
#ifdef __cplusplus
}
#endif
#endif /* x509_crl.h */

558
Externals/polarssl/include/polarssl/x509_crt.h vendored
View File

@ -1,558 +0,0 @@
/**
* \file x509_crt.h
*
* \brief X.509 certificate parsing and writing
*
* Copyright (C) 2006-2013, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_X509_CRT_H
#define POLARSSL_X509_CRT_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include "x509.h"
#include "x509_crl.h"
/**
* \addtogroup x509_module
* \{
*/
#ifdef __cplusplus
extern "C" {
#endif
/**
* \name Structures and functions for parsing and writing X.509 certificates
* \{
*/
/**
* Container for an X.509 certificate. The certificate may be chained.
*/
typedef struct _x509_crt
{
x509_buf raw; /**< The raw certificate data (DER). */
x509_buf tbs; /**< The raw certificate body (DER). The part that is To Be Signed. */
int version; /**< The X.509 version. (1=v1, 2=v2, 3=v3) */
x509_buf serial; /**< Unique id for certificate issued by a specific CA. */
x509_buf sig_oid1; /**< Signature algorithm, e.g. sha1RSA */
x509_buf issuer_raw; /**< The raw issuer data (DER). Used for quick comparison. */
x509_buf subject_raw; /**< The raw subject data (DER). Used for quick comparison. */
x509_name issuer; /**< The parsed issuer data (named information object). */
x509_name subject; /**< The parsed subject data (named information object). */
x509_time valid_from; /**< Start time of certificate validity. */
x509_time valid_to; /**< End time of certificate validity. */
pk_context pk; /**< Container for the public key context. */
x509_buf issuer_id; /**< Optional X.509 v2/v3 issuer unique identifier. */
x509_buf subject_id; /**< Optional X.509 v2/v3 subject unique identifier. */
x509_buf v3_ext; /**< Optional X.509 v3 extensions. */
x509_sequence subject_alt_names; /**< Optional list of Subject Alternative Names (Only dNSName supported). */
int ext_types; /**< Bit string containing detected and parsed extensions */
int ca_istrue; /**< Optional Basic Constraint extension value: 1 if this certificate belongs to a CA, 0 otherwise. */
int max_pathlen; /**< Optional Basic Constraint extension value: The maximum path length to the root certificate. Path length is 1 higher than RFC 5280 'meaning', so 1+ */
unsigned char key_usage; /**< Optional key usage extension value: See the values in x509.h */
x509_sequence ext_key_usage; /**< Optional list of extended key usage OIDs. */
unsigned char ns_cert_type; /**< Optional Netscape certificate type extension value: See the values in x509.h */
x509_buf sig_oid2; /**< Signature algorithm. Must match sig_oid1. */
x509_buf sig; /**< Signature: hash of the tbs part signed with the private key. */
md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. POLARSSL_MD_SHA256 */
pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */
void *sig_opts; /**< Signature options to be passed to pk_verify_ext(), e.g. for RSASSA-PSS */
struct _x509_crt *next; /**< Next certificate in the CA-chain. */
}
x509_crt;
#define X509_CRT_VERSION_1 0
#define X509_CRT_VERSION_2 1
#define X509_CRT_VERSION_3 2
#define X509_RFC5280_MAX_SERIAL_LEN 32
#define X509_RFC5280_UTC_TIME_LEN 15
/**
* Container for writing a certificate (CRT)
*/
typedef struct _x509write_cert
{
int version;
mpi serial;
pk_context *subject_key;
pk_context *issuer_key;
asn1_named_data *subject;
asn1_named_data *issuer;
md_type_t md_alg;
char not_before[X509_RFC5280_UTC_TIME_LEN + 1];
char not_after[X509_RFC5280_UTC_TIME_LEN + 1];
asn1_named_data *extensions;
}
x509write_cert;
#if defined(POLARSSL_X509_CRT_PARSE_C)
/**
* \brief Parse a single DER formatted certificate and add it
* to the chained list.
*
* \param chain points to the start of the chain
* \param buf buffer holding the certificate DER data
* \param buflen size of the buffer
*
* \return 0 if successful, or a specific X509 or PEM error code
*/
int x509_crt_parse_der( x509_crt *chain, const unsigned char *buf,
size_t buflen );
/**
* \brief Parse one or more certificates and add them
* to the chained list. Parses permissively. If some
* certificates can be parsed, the result is the number
* of failed certificates it encountered. If none complete
* correctly, the first error is returned.
*
* \param chain points to the start of the chain
* \param buf buffer holding the certificate data
* \param buflen size of the buffer
*
* \return 0 if all certificates parsed successfully, a positive number
* if partly successful or a specific X509 or PEM error code
*/
int x509_crt_parse( x509_crt *chain, const unsigned char *buf, size_t buflen );
#if defined(POLARSSL_FS_IO)
/**
* \brief Load one or more certificates and add them
* to the chained list. Parses permissively. If some
* certificates can be parsed, the result is the number
* of failed certificates it encountered. If none complete
* correctly, the first error is returned.
*
* \param chain points to the start of the chain
* \param path filename to read the certificates from
*
* \return 0 if all certificates parsed successfully, a positive number
* if partly successful or a specific X509 or PEM error code
*/
int x509_crt_parse_file( x509_crt *chain, const char *path );
/**
* \brief Load one or more certificate files from a path and add them
* to the chained list. Parses permissively. If some
* certificates can be parsed, the result is the number
* of failed certificates it encountered. If none complete
* correctly, the first error is returned.
*
* \warning This function is NOT thread-safe unless
* POLARSSL_THREADING_PTHREADS is defined. If you're using an
* alternative threading implementation, you should either use
* this function only in the main thread, or mutex it.
*
* \param chain points to the start of the chain
* \param path directory / folder to read the certificate files from
*
* \return 0 if all certificates parsed successfully, a positive number
* if partly successful or a specific X509 or PEM error code
*/
int x509_crt_parse_path( x509_crt *chain, const char *path );
#endif /* POLARSSL_FS_IO */
/**
* \brief Returns an informational string about the
* certificate.
*
* \param buf Buffer to write to
* \param size Maximum size of buffer
* \param prefix A line prefix
* \param crt The X509 certificate to represent
*
* \return The amount of data written to the buffer, or -1 in
* case of an error.
*/
int x509_crt_info( char *buf, size_t size, const char *prefix,
const x509_crt *crt );
/**
* \brief Verify the certificate signature
*
* The verify callback is a user-supplied callback that
* can clear / modify / add flags for a certificate. If set,
* the verification callback is called for each
* certificate in the chain (from the trust-ca down to the
* presented crt). The parameters for the callback are:
* (void *parameter, x509_crt *crt, int certificate_depth,
* int *flags). With the flags representing current flags for
* that specific certificate and the certificate depth from
* the bottom (Peer cert depth = 0).
*
* All flags left after returning from the callback
* are also returned to the application. The function should
* return 0 for anything but a fatal error.
*
* \param crt a certificate to be verified
* \param trust_ca the trusted CA chain
* \param ca_crl the CRL chain for trusted CA's
* \param cn expected Common Name (can be set to
* NULL if the CN must not be verified)
* \param flags result of the verification
* \param f_vrfy verification function
* \param p_vrfy verification parameter
*
* \return 0 if successful or POLARSSL_ERR_X509_SIG_VERIFY_FAILED,
* in which case *flags will have one or more of
* the following values set:
* BADCERT_EXPIRED --
* BADCERT_REVOKED --
* BADCERT_CN_MISMATCH --
* BADCERT_NOT_TRUSTED
* or another error in case of a fatal error encountered
* during the verification process.
*/
int x509_crt_verify( x509_crt *crt,
x509_crt *trust_ca,
x509_crl *ca_crl,
const char *cn, int *flags,
int (*f_vrfy)(void *, x509_crt *, int, int *),
void *p_vrfy );
#if defined(POLARSSL_X509_CHECK_KEY_USAGE)
/**
* \brief Check usage of certificate against keyUsage extension.
*
* \param crt Leaf certificate used.
* \param usage Intended usage(s) (eg KU_KEY_ENCIPHERMENT before using the
* certificate to perform an RSA key exchange).
*
* \return 0 is these uses of the certificate are allowed,
* POLARSSL_ERR_X509_BAD_INPUT_DATA if the keyUsage extension
* is present but does not contain all the bits set in the
* usage argument.
*
* \note You should only call this function on leaf certificates, on
* (intermediate) CAs the keyUsage extension is automatically
* checked by \c x509_crt_verify().
*/
int x509_crt_check_key_usage( const x509_crt *crt, int usage );
#endif /* POLARSSL_X509_CHECK_KEY_USAGE) */
#if defined(POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE)
/**
* \brief Check usage of certificate against extentedJeyUsage.
*
* \param crt Leaf certificate used.
* \param usage_oid Intended usage (eg OID_SERVER_AUTH or OID_CLIENT_AUTH).
* \param usage_len Length of usage_oid (eg given by OID_SIZE()).
*
* \return 0 is this use of the certificate is allowed,
* POLARSSL_ERR_X509_BAD_INPUT_DATA if not.
*
* \note Usually only makes sense on leaf certificates.
*/
int x509_crt_check_extended_key_usage( const x509_crt *crt,
const char *usage_oid,
size_t usage_len );
#endif /* POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE) */
#if defined(POLARSSL_X509_CRL_PARSE_C)
/**
* \brief Verify the certificate revocation status
*
* \param crt a certificate to be verified
* \param crl the CRL to verify against
*
* \return 1 if the certificate is revoked, 0 otherwise
*
*/
int x509_crt_revoked( const x509_crt *crt, const x509_crl *crl );
#endif /* POLARSSL_X509_CRL_PARSE_C */
/**
* \brief Initialize a certificate (chain)
*
* \param crt Certificate chain to initialize
*/
void x509_crt_init( x509_crt *crt );
/**
* \brief Unallocate all certificate data
*
* \param crt Certificate chain to free
*/
void x509_crt_free( x509_crt *crt );
#endif /* POLARSSL_X509_CRT_PARSE_C */
/* \} name */
/* \} addtogroup x509_module */
#if defined(POLARSSL_X509_CRT_WRITE_C)
/**
* \brief Initialize a CRT writing context
*
* \param ctx CRT context to initialize
*/
void x509write_crt_init( x509write_cert *ctx );
/**
* \brief Set the verion for a Certificate
* Default: X509_CRT_VERSION_3
*
* \param ctx CRT context to use
* \param version version to set (X509_CRT_VERSION_1, X509_CRT_VERSION_2 or
* X509_CRT_VERSION_3)
*/
void x509write_crt_set_version( x509write_cert *ctx, int version );
/**
* \brief Set the serial number for a Certificate.
*
* \param ctx CRT context to use
* \param serial serial number to set
*
* \return 0 if successful
*/
int x509write_crt_set_serial( x509write_cert *ctx, const mpi *serial );
/**
* \brief Set the validity period for a Certificate
* Timestamps should be in string format for UTC timezone
* i.e. "YYYYMMDDhhmmss"
* e.g. "20131231235959" for December 31st 2013
* at 23:59:59
*
* \param ctx CRT context to use
* \param not_before not_before timestamp
* \param not_after not_after timestamp
*
* \return 0 if timestamp was parsed successfully, or
* a specific error code
*/
int x509write_crt_set_validity( x509write_cert *ctx, const char *not_before,
const char *not_after );
/**
* \brief Set the issuer name for a Certificate
* Issuer names should contain a comma-separated list
* of OID types and values:
* e.g. "C=NL,O=Offspark,CN=PolarSSL CA"
*
* \param ctx CRT context to use
* \param issuer_name issuer name to set
*
* \return 0 if issuer name was parsed successfully, or
* a specific error code
*/
int x509write_crt_set_issuer_name( x509write_cert *ctx,
const char *issuer_name );
/**
* \brief Set the subject name for a Certificate
* Subject names should contain a comma-separated list
* of OID types and values:
* e.g. "C=NL,O=Offspark,CN=PolarSSL Server 1"
*
* \param ctx CRT context to use
* \param subject_name subject name to set
*
* \return 0 if subject name was parsed successfully, or
* a specific error code
*/
int x509write_crt_set_subject_name( x509write_cert *ctx,
const char *subject_name );
/**
* \brief Set the subject public key for the certificate
*
* \param ctx CRT context to use
* \param key public key to include
*/
void x509write_crt_set_subject_key( x509write_cert *ctx, pk_context *key );
/**
* \brief Set the issuer key used for signing the certificate
*
* \param ctx CRT context to use
* \param key private key to sign with
*/
void x509write_crt_set_issuer_key( x509write_cert *ctx, pk_context *key );
/**
* \brief Set the MD algorithm to use for the signature
* (e.g. POLARSSL_MD_SHA1)
*
* \param ctx CRT context to use
* \param md_alg MD algorithm to use
*/
void x509write_crt_set_md_alg( x509write_cert *ctx, md_type_t md_alg );
/**
* \brief Generic function to add to or replace an extension in the
* CRT
*
* \param ctx CRT context to use
* \param oid OID of the extension
* \param oid_len length of the OID
* \param critical if the extension is critical (per the RFC's definition)
* \param val value of the extension OCTET STRING
* \param val_len length of the value data
*
* \return 0 if successful, or a POLARSSL_ERR_X509WRITE_MALLOC_FAILED
*/
int x509write_crt_set_extension( x509write_cert *ctx,
const char *oid, size_t oid_len,
int critical,
const unsigned char *val, size_t val_len );
/**
* \brief Set the basicConstraints extension for a CRT
*
* \param ctx CRT context to use
* \param is_ca is this a CA certificate
* \param max_pathlen maximum length of certificate chains below this
* certificate (only for CA certificates, -1 is
* inlimited)
*
* \return 0 if successful, or a POLARSSL_ERR_X509WRITE_MALLOC_FAILED
*/
int x509write_crt_set_basic_constraints( x509write_cert *ctx,
int is_ca, int max_pathlen );
#if defined(POLARSSL_SHA1_C)
/**
* \brief Set the subjectKeyIdentifier extension for a CRT
* Requires that x509write_crt_set_subject_key() has been
* called before
*
* \param ctx CRT context to use
*
* \return 0 if successful, or a POLARSSL_ERR_X509WRITE_MALLOC_FAILED
*/
int x509write_crt_set_subject_key_identifier( x509write_cert *ctx );
/**
* \brief Set the authorityKeyIdentifier extension for a CRT
* Requires that x509write_crt_set_issuer_key() has been
* called before
*
* \param ctx CRT context to use
*
* \return 0 if successful, or a POLARSSL_ERR_X509WRITE_MALLOC_FAILED
*/
int x509write_crt_set_authority_key_identifier( x509write_cert *ctx );
#endif /* POLARSSL_SHA1_C */
/**
* \brief Set the Key Usage Extension flags
* (e.g. KU_DIGITAL_SIGNATURE | KU_KEY_CERT_SIGN)
*
* \param ctx CRT context to use
* \param key_usage key usage flags to set
*
* \return 0 if successful, or POLARSSL_ERR_X509WRITE_MALLOC_FAILED
*/
int x509write_crt_set_key_usage( x509write_cert *ctx, unsigned char key_usage );
/**
* \brief Set the Netscape Cert Type flags
* (e.g. NS_CERT_TYPE_SSL_CLIENT | NS_CERT_TYPE_EMAIL)
*
* \param ctx CRT context to use
* \param ns_cert_type Netscape Cert Type flags to set
*
* \return 0 if successful, or POLARSSL_ERR_X509WRITE_MALLOC_FAILED
*/
int x509write_crt_set_ns_cert_type( x509write_cert *ctx,
unsigned char ns_cert_type );
/**
* \brief Free the contents of a CRT write context
*
* \param ctx CRT context to free
*/
void x509write_crt_free( x509write_cert *ctx );
/**
* \brief Write a built up certificate to a X509 DER structure
* Note: data is written at the end of the buffer! Use the
* return value to determine where you should start
* using the buffer
*
* \param ctx certificate to write away
* \param buf buffer to write to
* \param size size of the buffer
* \param f_rng RNG function (for signature, see note)
* \param p_rng RNG parameter
*
* \return length of data written if successful, or a specific
* error code
*
* \note f_rng may be NULL if RSA is used for signature and the
* signature is made offline (otherwise f_rng is desirable
* for countermeasures against timing attacks).
* ECDSA signatures always require a non-NULL f_rng.
*/
int x509write_crt_der( x509write_cert *ctx, unsigned char *buf, size_t size,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );
#if defined(POLARSSL_PEM_WRITE_C)
/**
* \brief Write a built up certificate to a X509 PEM string
*
* \param ctx certificate to write away
* \param buf buffer to write to
* \param size size of the buffer
* \param f_rng RNG function (for signature, see note)
* \param p_rng RNG parameter
*
* \return 0 successful, or a specific error code
*
* \note f_rng may be NULL if RSA is used for signature and the
* signature is made offline (otherwise f_rng is desirable
* for countermeasures against timing attacks).
* ECDSA signatures always require a non-NULL f_rng.
*/
int x509write_crt_pem( x509write_cert *ctx, unsigned char *buf, size_t size,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );
#endif /* POLARSSL_PEM_WRITE_C */
#endif /* POLARSSL_X509_CRT_WRITE_C */
#ifdef __cplusplus
}
#endif
#endif /* x509_crt.h */

295
Externals/polarssl/include/polarssl/x509_csr.h vendored
View File

@ -1,295 +0,0 @@
/**
* \file x509_csr.h
*
* \brief X.509 certificate signing request parsing and writing
*
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_X509_CSR_H
#define POLARSSL_X509_CSR_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include "x509.h"
#ifdef __cplusplus
extern "C" {
#endif
/**
* \addtogroup x509_module
* \{ */
/**
* \name Structures and functions for X.509 Certificate Signing Requests (CSR)
* \{
*/
/**
* Certificate Signing Request (CSR) structure.
*/
typedef struct _x509_csr
{
x509_buf raw; /**< The raw CSR data (DER). */
x509_buf cri; /**< The raw CertificateRequestInfo body (DER). */
int version; /**< CSR version (1=v1). */
x509_buf subject_raw; /**< The raw subject data (DER). */
x509_name subject; /**< The parsed subject data (named information object). */
pk_context pk; /**< Container for the public key context. */
x509_buf sig_oid;
x509_buf sig;
md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. POLARSSL_MD_SHA256 */
pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */
void *sig_opts; /**< Signature options to be passed to pk_verify_ext(), e.g. for RSASSA-PSS */
}
x509_csr;
/**
* Container for writing a CSR
*/
typedef struct _x509write_csr
{
pk_context *key;
asn1_named_data *subject;
md_type_t md_alg;
asn1_named_data *extensions;
}
x509write_csr;
#if defined(POLARSSL_X509_CSR_PARSE_C)
/**
* \brief Load a Certificate Signing Request (CSR) in DER format
*
* \param csr CSR context to fill
* \param buf buffer holding the CRL data
* \param buflen size of the buffer
*
* \return 0 if successful, or a specific X509 error code
*/
int x509_csr_parse_der( x509_csr *csr,
const unsigned char *buf, size_t buflen );
/**
* \brief Load a Certificate Signing Request (CSR), DER or PEM format
*
* \param csr CSR context to fill
* \param buf buffer holding the CRL data
* \param buflen size of the buffer
*
* \return 0 if successful, or a specific X509 or PEM error code
*/
int x509_csr_parse( x509_csr *csr, const unsigned char *buf, size_t buflen );
#if defined(POLARSSL_FS_IO)
/**
* \brief Load a Certificate Signing Request (CSR)
*
* \param csr CSR context to fill
* \param path filename to read the CSR from
*
* \return 0 if successful, or a specific X509 or PEM error code
*/
int x509_csr_parse_file( x509_csr *csr, const char *path );
#endif /* POLARSSL_FS_IO */
/**
* \brief Returns an informational string about the
* CSR.
*
* \param buf Buffer to write to
* \param size Maximum size of buffer
* \param prefix A line prefix
* \param csr The X509 CSR to represent
*
* \return The length of the string written (exluding the terminating
* null byte), or a negative value in case of an error.
*/
int x509_csr_info( char *buf, size_t size, const char *prefix,
const x509_csr *csr );
/**
* \brief Initialize a CSR
*
* \param csr CSR to initialize
*/
void x509_csr_init( x509_csr *csr );
/**
* \brief Unallocate all CSR data
*
* \param csr CSR to free
*/
void x509_csr_free( x509_csr *csr );
#endif /* POLARSSL_X509_CSR_PARSE_C */
/* \} name */
/* \} addtogroup x509_module */
#if defined(POLARSSL_X509_CSR_WRITE_C)
/**
* \brief Initialize a CSR context
*
* \param ctx CSR context to initialize
*/
void x509write_csr_init( x509write_csr *ctx );
/**
* \brief Set the subject name for a CSR
* Subject names should contain a comma-separated list
* of OID types and values:
* e.g. "C=NL,O=Offspark,CN=PolarSSL Server 1"
*
* \param ctx CSR context to use
* \param subject_name subject name to set
*
* \return 0 if subject name was parsed successfully, or
* a specific error code
*/
int x509write_csr_set_subject_name( x509write_csr *ctx,
const char *subject_name );
/**
* \brief Set the key for a CSR (public key will be included,
* private key used to sign the CSR when writing it)
*
* \param ctx CSR context to use
* \param key Asymetric key to include
*/
void x509write_csr_set_key( x509write_csr *ctx, pk_context *key );
/**
* \brief Set the MD algorithm to use for the signature
* (e.g. POLARSSL_MD_SHA1)
*
* \param ctx CSR context to use
* \param md_alg MD algorithm to use
*/
void x509write_csr_set_md_alg( x509write_csr *ctx, md_type_t md_alg );
/**
* \brief Set the Key Usage Extension flags
* (e.g. KU_DIGITAL_SIGNATURE | KU_KEY_CERT_SIGN)
*
* \param ctx CSR context to use
* \param key_usage key usage flags to set
*
* \return 0 if successful, or POLARSSL_ERR_X509WRITE_MALLOC_FAILED
*/
int x509write_csr_set_key_usage( x509write_csr *ctx, unsigned char key_usage );
/**
* \brief Set the Netscape Cert Type flags
* (e.g. NS_CERT_TYPE_SSL_CLIENT | NS_CERT_TYPE_EMAIL)
*
* \param ctx CSR context to use
* \param ns_cert_type Netscape Cert Type flags to set
*
* \return 0 if successful, or POLARSSL_ERR_X509WRITE_MALLOC_FAILED
*/
int x509write_csr_set_ns_cert_type( x509write_csr *ctx,
unsigned char ns_cert_type );
/**
* \brief Generic function to add to or replace an extension in the
* CSR
*
* \param ctx CSR context to use
* \param oid OID of the extension
* \param oid_len length of the OID
* \param val value of the extension OCTET STRING
* \param val_len length of the value data
*
* \return 0 if successful, or a POLARSSL_ERR_X509WRITE_MALLOC_FAILED
*/
int x509write_csr_set_extension( x509write_csr *ctx,
const char *oid, size_t oid_len,
const unsigned char *val, size_t val_len );
/**
* \brief Free the contents of a CSR context
*
* \param ctx CSR context to free
*/
void x509write_csr_free( x509write_csr *ctx );
/**
* \brief Write a CSR (Certificate Signing Request) to a
* DER structure
* Note: data is written at the end of the buffer! Use the
* return value to determine where you should start
* using the buffer
*
* \param ctx CSR to write away
* \param buf buffer to write to
* \param size size of the buffer
* \param f_rng RNG function (for signature, see note)
* \param p_rng RNG parameter
*
* \return length of data written if successful, or a specific
* error code
*
* \note f_rng may be NULL if RSA is used for signature and the
* signature is made offline (otherwise f_rng is desirable
* for countermeasures against timing attacks).
* ECDSA signatures always require a non-NULL f_rng.
*/
int x509write_csr_der( x509write_csr *ctx, unsigned char *buf, size_t size,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );
#if defined(POLARSSL_PEM_WRITE_C)
/**
* \brief Write a CSR (Certificate Signing Request) to a
* PEM string
*
* \param ctx CSR to write away
* \param buf buffer to write to
* \param size size of the buffer
* \param f_rng RNG function (for signature, see note)
* \param p_rng RNG parameter
*
* \return 0 successful, or a specific error code
*
* \note f_rng may be NULL if RSA is used for signature and the
* signature is made offline (otherwise f_rng is desirable
* for couermeasures against timing attacks).
* ECDSA signatures always require a non-NULL f_rng.
*/
int x509write_csr_pem( x509write_csr *ctx, unsigned char *buf, size_t size,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );
#endif /* POLARSSL_PEM_WRITE_C */
#endif /* POLARSSL_X509_CSR_WRITE_C */
#ifdef __cplusplus
}
#endif
#endif /* x509_csr.h */

149
Externals/polarssl/include/polarssl/xtea.h vendored
View File

@ -1,149 +0,0 @@
/**
* \file xtea.h
*
* \brief XTEA block cipher (32-bit)
*
* Copyright (C) 2006-2013, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_XTEA_H
#define POLARSSL_XTEA_H
#if !defined(POLARSSL_CONFIG_FILE)
#include "config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#include <string.h>
#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32)
#include <basetsd.h>
typedef UINT32 uint32_t;
#else
#include <inttypes.h>
#endif
#define XTEA_ENCRYPT 1
#define XTEA_DECRYPT 0
#define POLARSSL_ERR_XTEA_INVALID_INPUT_LENGTH -0x0028 /**< The data input has an invalid length. */
#if !defined(POLARSSL_XTEA_ALT)
// Regular implementation
//
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief XTEA context structure
*/
typedef struct
{
uint32_t k[4]; /*!< key */
}
xtea_context;
/**
* \brief Initialize XTEA context
*
* \param ctx XTEA context to be initialized
*/
void xtea_init( xtea_context *ctx );
/**
* \brief Clear XTEA context
*
* \param ctx XTEA context to be cleared
*/
void xtea_free( xtea_context *ctx );
/**
* \brief XTEA key schedule
*
* \param ctx XTEA context to be initialized
* \param key the secret key
*/
void xtea_setup( xtea_context *ctx, const unsigned char key[16] );
/**
* \brief XTEA cipher function
*
* \param ctx XTEA context
* \param mode XTEA_ENCRYPT or XTEA_DECRYPT
* \param input 8-byte input block
* \param output 8-byte output block
*
* \return 0 if successful
*/
int xtea_crypt_ecb( xtea_context *ctx,
int mode,
const unsigned char input[8],
unsigned char output[8] );
#if defined(POLARSSL_CIPHER_MODE_CBC)
/**
* \brief XTEA CBC cipher function
*
* \param ctx XTEA context
* \param mode XTEA_ENCRYPT or XTEA_DECRYPT
* \param length the length of input, multiple of 8
* \param iv initialization vector for CBC mode
* \param input input block
* \param output output block
*
* \return 0 if successful,
* POLARSSL_ERR_XTEA_INVALID_INPUT_LENGTH if the length % 8 != 0
*/
int xtea_crypt_cbc( xtea_context *ctx,
int mode,
size_t length,
unsigned char iv[8],
const unsigned char *input,
unsigned char *output);
#endif /* POLARSSL_CIPHER_MODE_CBC */
#ifdef __cplusplus
}
#endif
#else /* POLARSSL_XTEA_ALT */
#include "xtea_alt.h"
#endif /* POLARSSL_XTEA_ALT */
#ifdef __cplusplus
extern "C" {
#endif
/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
*/
int xtea_self_test( int verbose );
#ifdef __cplusplus
}
#endif
#endif /* xtea.h */

2
Externals/polarssl/library/.gitignore vendored
View File

@ -1,2 +0,0 @@
*.o
libpolarssl*

128
Externals/polarssl/library/CMakeLists.txt vendored
View File

@ -1,128 +0,0 @@
option(USE_STATIC_POLARSSL_LIBRARY "Build PolarSSL static library." ON)
option(USE_SHARED_POLARSSL_LIBRARY "Build PolarSSL shared library." OFF)
option(LINK_WITH_PTHREAD "Explicitly link PolarSSL library to pthread." OFF)
set(src
aes.c
aesni.c
arc4.c
asn1parse.c
asn1write.c
base64.c
bignum.c
blowfish.c
camellia.c
ccm.c
certs.c
cipher.c
cipher_wrap.c
ctr_drbg.c
debug.c
des.c
dhm.c
ecp.c
ecp_curves.c
ecdh.c
ecdsa.c
entropy.c
entropy_poll.c
error.c
gcm.c
havege.c
hmac_drbg.c
md.c
md_wrap.c
md2.c
md4.c
md5.c
memory_buffer_alloc.c
net.c
oid.c
padlock.c
pbkdf2.c
pem.c
pkcs5.c
pkcs11.c
pkcs12.c
pk.c
pk_wrap.c
pkparse.c
pkwrite.c
platform.c
ripemd160.c
rsa.c
sha1.c
sha256.c
sha512.c
ssl_cache.c
ssl_ciphersuites.c
ssl_cli.c
ssl_srv.c
ssl_tls.c
threading.c
timing.c
version.c
version_features.c
x509.c
x509_crt.c
x509_crl.c
x509_csr.c
x509_create.c
x509write_crt.c
x509write_csr.c
xtea.c
)
if(WIN32)
set(libs ws2_32)
endif(WIN32)
if(CMAKE_COMPILER_IS_GNUCC)
set(CMAKE_C_FLAGS_CHECK "${CMAKE_C_FLAGS_CHECK} -Wmissing-declarations -Wmissing-prototypes")
set(CMAKE_C_FLAGS_CHECKFULL "${CMAKE_C_FLAGS_CHECK} -Wcast-qual")
endif(CMAKE_COMPILER_IS_GNUCC)
if(CMAKE_COMPILER_IS_CLANG)
set(CMAKE_C_FLAGS_CHECK "${CMAKE_C_FLAGS_CHECK} -Wmissing-declarations -Wmissing-prototypes")
endif(CMAKE_COMPILER_IS_CLANG)
if (NOT USE_STATIC_POLARSSL_LIBRARY AND NOT USE_SHARED_POLARSSL_LIBRARY)
message(FATAL_ERROR "Need to choose static or shared polarssl build!")
endif(NOT USE_STATIC_POLARSSL_LIBRARY AND NOT USE_SHARED_POLARSSL_LIBRARY)
if(USE_STATIC_POLARSSL_LIBRARY AND USE_SHARED_POLARSSL_LIBRARY)
# if we build both static an shared, then let
# tests and programs link to the shared lib target
set(polarssl_static_target "polarssl_static")
elseif(USE_STATIC_POLARSSL_LIBRARY)
set(polarssl_static_target "polarssl")
endif()
if(USE_STATIC_POLARSSL_LIBRARY)
add_library(${polarssl_static_target} STATIC ${src})
set_target_properties(${polarssl_static_target} PROPERTIES OUTPUT_NAME polarssl)
target_link_libraries(${polarssl_static_target} ${libs})
if(ZLIB_FOUND)
target_link_libraries(${polarssl_static_target} ${ZLIB_LIBRARIES})
endif(ZLIB_FOUND)
if(LINK_WITH_PTHREAD)
target_link_libraries(${polarssl_static_target} pthread)
endif()
endif()
if(USE_SHARED_POLARSSL_LIBRARY)
add_library(polarssl SHARED ${src})
set_target_properties(polarssl PROPERTIES VERSION 1.3.8 SOVERSION 7)
target_link_libraries(polarssl ${libs})
if(ZLIB_FOUND)
target_link_libraries(polarssl ${ZLIB_LIBRARIES})
endif(ZLIB_FOUND)
if(LINK_WITH_PTHREAD)
target_link_libraries(polarssl pthread)
endif()
endif(USE_SHARED_POLARSSL_LIBRARY)

1454
Externals/polarssl/library/aes.c vendored
View File

File diff suppressed because it is too large Load Diff

463
Externals/polarssl/library/aesni.c vendored
View File

@ -1,463 +0,0 @@
/*
* AES-NI support functions
*
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
/*
* [AES-WP] http://software.intel.com/en-us/articles/intel-advanced-encryption-standard-aes-instructions-set
* [CLMUL-WP] http://software.intel.com/en-us/articles/intel-carry-less-multiplication-instruction-and-its-usage-for-computing-the-gcm-mode/
*/
#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#if defined(POLARSSL_AESNI_C)
#include "polarssl/aesni.h"
#include <stdio.h>
#if defined(POLARSSL_HAVE_X86_64)
/*
* AES-NI support detection routine
*/
int aesni_supports( unsigned int what )
{
static int done = 0;
static unsigned int c = 0;
if( ! done )
{
asm( "movl $1, %%eax \n\t"
"cpuid \n\t"
: "=c" (c)
:
: "eax", "ebx", "edx" );
done = 1;
}
return( ( c & what ) != 0 );
}
/*
* Binutils needs to be at least 2.19 to support AES-NI instructions.
* Unfortunately, a lot of users have a lower version now (2014-04).
* Emit bytecode directly in order to support "old" version of gas.
*
* Opcodes from the Intel architecture reference manual, vol. 3.
* We always use registers, so we don't need prefixes for memory operands.
* Operand macros are in gas order (src, dst) as opposed to Intel order
* (dst, src) in order to blend better into the surrounding assembly code.
*/
#define AESDEC ".byte 0x66,0x0F,0x38,0xDE,"
#define AESDECLAST ".byte 0x66,0x0F,0x38,0xDF,"
#define AESENC ".byte 0x66,0x0F,0x38,0xDC,"
#define AESENCLAST ".byte 0x66,0x0F,0x38,0xDD,"
#define AESIMC ".byte 0x66,0x0F,0x38,0xDB,"
#define AESKEYGENA ".byte 0x66,0x0F,0x3A,0xDF,"
#define PCLMULQDQ ".byte 0x66,0x0F,0x3A,0x44,"
#define xmm0_xmm0 "0xC0"
#define xmm0_xmm1 "0xC8"
#define xmm0_xmm2 "0xD0"
#define xmm0_xmm3 "0xD8"
#define xmm0_xmm4 "0xE0"
#define xmm1_xmm0 "0xC1"
#define xmm1_xmm2 "0xD1"
/*
* AES-NI AES-ECB block en(de)cryption
*/
int aesni_crypt_ecb( aes_context *ctx,
int mode,
const unsigned char input[16],
unsigned char output[16] )
{
asm( "movdqu (%3), %%xmm0 \n\t" // load input
"movdqu (%1), %%xmm1 \n\t" // load round key 0
"pxor %%xmm1, %%xmm0 \n\t" // round 0
"addq $16, %1 \n\t" // point to next round key
"subl $1, %0 \n\t" // normal rounds = nr - 1
"test %2, %2 \n\t" // mode?
"jz 2f \n\t" // 0 = decrypt
"1: \n\t" // encryption loop
"movdqu (%1), %%xmm1 \n\t" // load round key
AESENC xmm1_xmm0 "\n\t" // do round
"addq $16, %1 \n\t" // point to next round key
"subl $1, %0 \n\t" // loop
"jnz 1b \n\t"
"movdqu (%1), %%xmm1 \n\t" // load round key
AESENCLAST xmm1_xmm0 "\n\t" // last round
"jmp 3f \n\t"
"2: \n\t" // decryption loop
"movdqu (%1), %%xmm1 \n\t"
AESDEC xmm1_xmm0 "\n\t" // do round
"addq $16, %1 \n\t"
"subl $1, %0 \n\t"
"jnz 2b \n\t"
"movdqu (%1), %%xmm1 \n\t" // load round key
AESDECLAST xmm1_xmm0 "\n\t" // last round
"3: \n\t"
"movdqu %%xmm0, (%4) \n\t" // export output
:
: "r" (ctx->nr), "r" (ctx->rk), "r" (mode), "r" (input), "r" (output)
: "memory", "cc", "xmm0", "xmm1" );
return( 0 );
}
/*
* GCM multiplication: c = a times b in GF(2^128)
* Based on [CLMUL-WP] algorithms 1 (with equation 27) and 5.
*/
void aesni_gcm_mult( unsigned char c[16],
const unsigned char a[16],
const unsigned char b[16] )
{
unsigned char aa[16], bb[16], cc[16];
size_t i;
/* The inputs are in big-endian order, so byte-reverse them */
for( i = 0; i < 16; i++ )
{
aa[i] = a[15 - i];
bb[i] = b[15 - i];
}
asm( "movdqu (%0), %%xmm0 \n\t" // a1:a0
"movdqu (%1), %%xmm1 \n\t" // b1:b0
/*
* Caryless multiplication xmm2:xmm1 = xmm0 * xmm1
* using [CLMUL-WP] algorithm 1 (p. 13).
*/
"movdqa %%xmm1, %%xmm2 \n\t" // copy of b1:b0
"movdqa %%xmm1, %%xmm3 \n\t" // same
"movdqa %%xmm1, %%xmm4 \n\t" // same
PCLMULQDQ xmm0_xmm1 ",0x00 \n\t" // a0*b0 = c1:c0
PCLMULQDQ xmm0_xmm2 ",0x11 \n\t" // a1*b1 = d1:d0
PCLMULQDQ xmm0_xmm3 ",0x10 \n\t" // a0*b1 = e1:e0
PCLMULQDQ xmm0_xmm4 ",0x01 \n\t" // a1*b0 = f1:f0
"pxor %%xmm3, %%xmm4 \n\t" // e1+f1:e0+f0
"movdqa %%xmm4, %%xmm3 \n\t" // same
"psrldq $8, %%xmm4 \n\t" // 0:e1+f1
"pslldq $8, %%xmm3 \n\t" // e0+f0:0
"pxor %%xmm4, %%xmm2 \n\t" // d1:d0+e1+f1
"pxor %%xmm3, %%xmm1 \n\t" // c1+e0+f1:c0
/*
* Now shift the result one bit to the left,
* taking advantage of [CLMUL-WP] eq 27 (p. 20)
*/
"movdqa %%xmm1, %%xmm3 \n\t" // r1:r0
"movdqa %%xmm2, %%xmm4 \n\t" // r3:r2
"psllq $1, %%xmm1 \n\t" // r1<<1:r0<<1
"psllq $1, %%xmm2 \n\t" // r3<<1:r2<<1
"psrlq $63, %%xmm3 \n\t" // r1>>63:r0>>63
"psrlq $63, %%xmm4 \n\t" // r3>>63:r2>>63
"movdqa %%xmm3, %%xmm5 \n\t" // r1>>63:r0>>63
"pslldq $8, %%xmm3 \n\t" // r0>>63:0
"pslldq $8, %%xmm4 \n\t" // r2>>63:0
"psrldq $8, %%xmm5 \n\t" // 0:r1>>63
"por %%xmm3, %%xmm1 \n\t" // r1<<1|r0>>63:r0<<1
"por %%xmm4, %%xmm2 \n\t" // r3<<1|r2>>62:r2<<1
"por %%xmm5, %%xmm2 \n\t" // r3<<1|r2>>62:r2<<1|r1>>63
/*
* Now reduce modulo the GCM polynomial x^128 + x^7 + x^2 + x + 1
* using [CLMUL-WP] algorithm 5 (p. 20).
* Currently xmm2:xmm1 holds x3:x2:x1:x0 (already shifted).
*/
/* Step 2 (1) */
"movdqa %%xmm1, %%xmm3 \n\t" // x1:x0
"movdqa %%xmm1, %%xmm4 \n\t" // same
"movdqa %%xmm1, %%xmm5 \n\t" // same
"psllq $63, %%xmm3 \n\t" // x1<<63:x0<<63 = stuff:a
"psllq $62, %%xmm4 \n\t" // x1<<62:x0<<62 = stuff:b
"psllq $57, %%xmm5 \n\t" // x1<<57:x0<<57 = stuff:c
/* Step 2 (2) */
"pxor %%xmm4, %%xmm3 \n\t" // stuff:a+b
"pxor %%xmm5, %%xmm3 \n\t" // stuff:a+b+c
"pslldq $8, %%xmm3 \n\t" // a+b+c:0
"pxor %%xmm3, %%xmm1 \n\t" // x1+a+b+c:x0 = d:x0
/* Steps 3 and 4 */
"movdqa %%xmm1,%%xmm0 \n\t" // d:x0
"movdqa %%xmm1,%%xmm4 \n\t" // same
"movdqa %%xmm1,%%xmm5 \n\t" // same
"psrlq $1, %%xmm0 \n\t" // e1:x0>>1 = e1:e0'
"psrlq $2, %%xmm4 \n\t" // f1:x0>>2 = f1:f0'
"psrlq $7, %%xmm5 \n\t" // g1:x0>>7 = g1:g0'
"pxor %%xmm4, %%xmm0 \n\t" // e1+f1:e0'+f0'
"pxor %%xmm5, %%xmm0 \n\t" // e1+f1+g1:e0'+f0'+g0'
// e0'+f0'+g0' is almost e0+f0+g0, ex\tcept for some missing
// bits carried from d. Now get those\t bits back in.
"movdqa %%xmm1,%%xmm3 \n\t" // d:x0
"movdqa %%xmm1,%%xmm4 \n\t" // same
"movdqa %%xmm1,%%xmm5 \n\t" // same
"psllq $63, %%xmm3 \n\t" // d<<63:stuff
"psllq $62, %%xmm4 \n\t" // d<<62:stuff
"psllq $57, %%xmm5 \n\t" // d<<57:stuff
"pxor %%xmm4, %%xmm3 \n\t" // d<<63+d<<62:stuff
"pxor %%xmm5, %%xmm3 \n\t" // missing bits of d:stuff
"psrldq $8, %%xmm3 \n\t" // 0:missing bits of d
"pxor %%xmm3, %%xmm0 \n\t" // e1+f1+g1:e0+f0+g0
"pxor %%xmm1, %%xmm0 \n\t" // h1:h0
"pxor %%xmm2, %%xmm0 \n\t" // x3+h1:x2+h0
"movdqu %%xmm0, (%2) \n\t" // done
:
: "r" (aa), "r" (bb), "r" (cc)
: "memory", "cc", "xmm0", "xmm1", "xmm2", "xmm3", "xmm4", "xmm5" );
/* Now byte-reverse the outputs */
for( i = 0; i < 16; i++ )
c[i] = cc[15 - i];
return;
}
/*
* Compute decryption round keys from encryption round keys
*/
void aesni_inverse_key( unsigned char *invkey,
const unsigned char *fwdkey, int nr )
{
unsigned char *ik = invkey;
const unsigned char *fk = fwdkey + 16 * nr;
memcpy( ik, fk, 16 );
for( fk -= 16, ik += 16; fk > fwdkey; fk -= 16, ik += 16 )
asm( "movdqu (%0), %%xmm0 \n\t"
AESIMC xmm0_xmm0 "\n\t"
"movdqu %%xmm0, (%1) \n\t"
:
: "r" (fk), "r" (ik)
: "memory", "xmm0" );
memcpy( ik, fk, 16 );
}
/*
* Key expansion, 128-bit case
*/
static void aesni_setkey_enc_128( unsigned char *rk,
const unsigned char *key )
{
asm( "movdqu (%1), %%xmm0 \n\t" // copy the original key
"movdqu %%xmm0, (%0) \n\t" // as round key 0
"jmp 2f \n\t" // skip auxiliary routine
/*
* Finish generating the next round key.
*
* On entry xmm0 is r3:r2:r1:r0 and xmm1 is X:stuff:stuff:stuff
* with X = rot( sub( r3 ) ) ^ RCON.
*
* On exit, xmm0 is r7:r6:r5:r4
* with r4 = X + r0, r5 = r4 + r1, r6 = r5 + r2, r7 = r6 + r3
* and those are written to the round key buffer.
*/
"1: \n\t"
"pshufd $0xff, %%xmm1, %%xmm1 \n\t" // X:X:X:X
"pxor %%xmm0, %%xmm1 \n\t" // X+r3:X+r2:X+r1:r4
"pslldq $4, %%xmm0 \n\t" // r2:r1:r0:0
"pxor %%xmm0, %%xmm1 \n\t" // X+r3+r2:X+r2+r1:r5:r4
"pslldq $4, %%xmm0 \n\t" // etc
"pxor %%xmm0, %%xmm1 \n\t"
"pslldq $4, %%xmm0 \n\t"
"pxor %%xmm1, %%xmm0 \n\t" // update xmm0 for next time!
"add $16, %0 \n\t" // point to next round key
"movdqu %%xmm0, (%0) \n\t" // write it
"ret \n\t"
/* Main "loop" */
"2: \n\t"
AESKEYGENA xmm0_xmm1 ",0x01 \n\tcall 1b \n\t"
AESKEYGENA xmm0_xmm1 ",0x02 \n\tcall 1b \n\t"
AESKEYGENA xmm0_xmm1 ",0x04 \n\tcall 1b \n\t"
AESKEYGENA xmm0_xmm1 ",0x08 \n\tcall 1b \n\t"
AESKEYGENA xmm0_xmm1 ",0x10 \n\tcall 1b \n\t"
AESKEYGENA xmm0_xmm1 ",0x20 \n\tcall 1b \n\t"
AESKEYGENA xmm0_xmm1 ",0x40 \n\tcall 1b \n\t"
AESKEYGENA xmm0_xmm1 ",0x80 \n\tcall 1b \n\t"
AESKEYGENA xmm0_xmm1 ",0x1B \n\tcall 1b \n\t"
AESKEYGENA xmm0_xmm1 ",0x36 \n\tcall 1b \n\t"
:
: "r" (rk), "r" (key)
: "memory", "cc", "0" );
}
/*
* Key expansion, 192-bit case
*/
static void aesni_setkey_enc_192( unsigned char *rk,
const unsigned char *key )
{
asm( "movdqu (%1), %%xmm0 \n\t" // copy original round key
"movdqu %%xmm0, (%0) \n\t"
"add $16, %0 \n\t"
"movq 16(%1), %%xmm1 \n\t"
"movq %%xmm1, (%0) \n\t"
"add $8, %0 \n\t"
"jmp 2f \n\t" // skip auxiliary routine
/*
* Finish generating the next 6 quarter-keys.
*
* On entry xmm0 is r3:r2:r1:r0, xmm1 is stuff:stuff:r5:r4
* and xmm2 is stuff:stuff:X:stuff with X = rot( sub( r3 ) ) ^ RCON.
*
* On exit, xmm0 is r9:r8:r7:r6 and xmm1 is stuff:stuff:r11:r10
* and those are written to the round key buffer.
*/
"1: \n\t"
"pshufd $0x55, %%xmm2, %%xmm2 \n\t" // X:X:X:X
"pxor %%xmm0, %%xmm2 \n\t" // X+r3:X+r2:X+r1:r4
"pslldq $4, %%xmm0 \n\t" // etc
"pxor %%xmm0, %%xmm2 \n\t"
"pslldq $4, %%xmm0 \n\t"
"pxor %%xmm0, %%xmm2 \n\t"
"pslldq $4, %%xmm0 \n\t"
"pxor %%xmm2, %%xmm0 \n\t" // update xmm0 = r9:r8:r7:r6
"movdqu %%xmm0, (%0) \n\t"
"add $16, %0 \n\t"
"pshufd $0xff, %%xmm0, %%xmm2 \n\t" // r9:r9:r9:r9
"pxor %%xmm1, %%xmm2 \n\t" // stuff:stuff:r9+r5:r10
"pslldq $4, %%xmm1 \n\t" // r2:r1:r0:0
"pxor %%xmm2, %%xmm1 \n\t" // xmm1 = stuff:stuff:r11:r10
"movq %%xmm1, (%0) \n\t"
"add $8, %0 \n\t"
"ret \n\t"
"2: \n\t"
AESKEYGENA xmm1_xmm2 ",0x01 \n\tcall 1b \n\t"
AESKEYGENA xmm1_xmm2 ",0x02 \n\tcall 1b \n\t"
AESKEYGENA xmm1_xmm2 ",0x04 \n\tcall 1b \n\t"
AESKEYGENA xmm1_xmm2 ",0x08 \n\tcall 1b \n\t"
AESKEYGENA xmm1_xmm2 ",0x10 \n\tcall 1b \n\t"
AESKEYGENA xmm1_xmm2 ",0x20 \n\tcall 1b \n\t"
AESKEYGENA xmm1_xmm2 ",0x40 \n\tcall 1b \n\t"
AESKEYGENA xmm1_xmm2 ",0x80 \n\tcall 1b \n\t"
:
: "r" (rk), "r" (key)
: "memory", "cc", "0" );
}
/*
* Key expansion, 256-bit case
*/
static void aesni_setkey_enc_256( unsigned char *rk,
const unsigned char *key )
{
asm( "movdqu (%1), %%xmm0 \n\t"
"movdqu %%xmm0, (%0) \n\t"
"add $16, %0 \n\t"
"movdqu 16(%1), %%xmm1 \n\t"
"movdqu %%xmm1, (%0) \n\t"
"jmp 2f \n\t" // skip auxiliary routine
/*
* Finish generating the next two round keys.
*
* On entry xmm0 is r3:r2:r1:r0, xmm1 is r7:r6:r5:r4 and
* xmm2 is X:stuff:stuff:stuff with X = rot( sub( r7 )) ^ RCON
*
* On exit, xmm0 is r11:r10:r9:r8 and xmm1 is r15:r14:r13:r12
* and those have been written to the output buffer.
*/
"1: \n\t"
"pshufd $0xff, %%xmm2, %%xmm2 \n\t"
"pxor %%xmm0, %%xmm2 \n\t"
"pslldq $4, %%xmm0 \n\t"
"pxor %%xmm0, %%xmm2 \n\t"
"pslldq $4, %%xmm0 \n\t"
"pxor %%xmm0, %%xmm2 \n\t"
"pslldq $4, %%xmm0 \n\t"
"pxor %%xmm2, %%xmm0 \n\t"
"add $16, %0 \n\t"
"movdqu %%xmm0, (%0) \n\t"
/* Set xmm2 to stuff:Y:stuff:stuff with Y = subword( r11 )
* and proceed to generate next round key from there */
AESKEYGENA xmm0_xmm2 ",0x00 \n\t"
"pshufd $0xaa, %%xmm2, %%xmm2 \n\t"
"pxor %%xmm1, %%xmm2 \n\t"
"pslldq $4, %%xmm1 \n\t"
"pxor %%xmm1, %%xmm2 \n\t"
"pslldq $4, %%xmm1 \n\t"
"pxor %%xmm1, %%xmm2 \n\t"
"pslldq $4, %%xmm1 \n\t"
"pxor %%xmm2, %%xmm1 \n\t"
"add $16, %0 \n\t"
"movdqu %%xmm1, (%0) \n\t"
"ret \n\t"
/*
* Main "loop" - Generating one more key than necessary,
* see definition of aes_context.buf
*/
"2: \n\t"
AESKEYGENA xmm1_xmm2 ",0x01 \n\tcall 1b \n\t"
AESKEYGENA xmm1_xmm2 ",0x02 \n\tcall 1b \n\t"
AESKEYGENA xmm1_xmm2 ",0x04 \n\tcall 1b \n\t"
AESKEYGENA xmm1_xmm2 ",0x08 \n\tcall 1b \n\t"
AESKEYGENA xmm1_xmm2 ",0x10 \n\tcall 1b \n\t"
AESKEYGENA xmm1_xmm2 ",0x20 \n\tcall 1b \n\t"
AESKEYGENA xmm1_xmm2 ",0x40 \n\tcall 1b \n\t"
:
: "r" (rk), "r" (key)
: "memory", "cc", "0" );
}
/*
* Key expansion, wrapper
*/
int aesni_setkey_enc( unsigned char *rk,
const unsigned char *key,
size_t bits )
{
switch( bits )
{
case 128: aesni_setkey_enc_128( rk, key ); break;
case 192: aesni_setkey_enc_192( rk, key ); break;
case 256: aesni_setkey_enc_256( rk, key ); break;
default : return( POLARSSL_ERR_AES_INVALID_KEY_LENGTH );
}
return( 0 );
}
#endif /* POLARSSL_HAVE_X86_64 */
#endif /* POLARSSL_AESNI_C */

208
Externals/polarssl/library/arc4.c vendored
View File

@ -1,208 +0,0 @@
/*
* An implementation of the ARCFOUR algorithm
*
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
/*
* The ARCFOUR algorithm was publicly disclosed on 94/09.
*
* http://groups.google.com/group/sci.crypt/msg/10a300c9d21afca0
*/
#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#if defined(POLARSSL_ARC4_C)
#include "polarssl/arc4.h"
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#define polarssl_printf printf
#endif
#if !defined(POLARSSL_ARC4_ALT)
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
void arc4_init( arc4_context *ctx )
{
memset( ctx, 0, sizeof( arc4_context ) );
}
void arc4_free( arc4_context *ctx )
{
if( ctx == NULL )
return;
polarssl_zeroize( ctx, sizeof( arc4_context ) );
}
/*
* ARC4 key schedule
*/
void arc4_setup( arc4_context *ctx, const unsigned char *key,
unsigned int keylen )
{
int i, j, a;
unsigned int k;
unsigned char *m;
ctx->x = 0;
ctx->y = 0;
m = ctx->m;
for( i = 0; i < 256; i++ )
m[i] = (unsigned char) i;
j = k = 0;
for( i = 0; i < 256; i++, k++ )
{
if( k >= keylen ) k = 0;
a = m[i];
j = ( j + a + key[k] ) & 0xFF;
m[i] = m[j];
m[j] = (unsigned char) a;
}
}
/*
* ARC4 cipher function
*/
int arc4_crypt( arc4_context *ctx, size_t length, const unsigned char *input,
unsigned char *output )
{
int x, y, a, b;
size_t i;
unsigned char *m;
x = ctx->x;
y = ctx->y;
m = ctx->m;
for( i = 0; i < length; i++ )
{
x = ( x + 1 ) & 0xFF; a = m[x];
y = ( y + a ) & 0xFF; b = m[y];
m[x] = (unsigned char) b;
m[y] = (unsigned char) a;
output[i] = (unsigned char)
( input[i] ^ m[(unsigned char)( a + b )] );
}
ctx->x = x;
ctx->y = y;
return( 0 );
}
#endif /* !POLARSSL_ARC4_ALT */
#if defined(POLARSSL_SELF_TEST)
#include <string.h>
#include <stdio.h>
/*
* ARC4 tests vectors as posted by Eric Rescorla in sep. 1994:
*
* http://groups.google.com/group/comp.security.misc/msg/10a300c9d21afca0
*/
static const unsigned char arc4_test_key[3][8] =
{
{ 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF },
{ 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF },
{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }
};
static const unsigned char arc4_test_pt[3][8] =
{
{ 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF },
{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }
};
static const unsigned char arc4_test_ct[3][8] =
{
{ 0x75, 0xB7, 0x87, 0x80, 0x99, 0xE0, 0xC5, 0x96 },
{ 0x74, 0x94, 0xC2, 0xE7, 0x10, 0x4B, 0x08, 0x79 },
{ 0xDE, 0x18, 0x89, 0x41, 0xA3, 0x37, 0x5D, 0x3A }
};
/*
* Checkup routine
*/
int arc4_self_test( int verbose )
{
int i, ret = 0;
unsigned char ibuf[8];
unsigned char obuf[8];
arc4_context ctx;
arc4_init( &ctx );
for( i = 0; i < 3; i++ )
{
if( verbose != 0 )
polarssl_printf( " ARC4 test #%d: ", i + 1 );
memcpy( ibuf, arc4_test_pt[i], 8 );
arc4_setup( &ctx, arc4_test_key[i], 8 );
arc4_crypt( &ctx, 8, ibuf, obuf );
if( memcmp( obuf, arc4_test_ct[i], 8 ) != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
ret = 1;
goto exit;
}
if( verbose != 0 )
polarssl_printf( "passed\n" );
}
if( verbose != 0 )
polarssl_printf( "\n" );
exit:
arc4_free( &ctx );
return( ret );
}
#endif /* POLARSSL_SELF_TEST */
#endif /* POLARSSL_ARC4_C */

391
Externals/polarssl/library/asn1parse.c vendored
View File

@ -1,391 +0,0 @@
/*
* Generic ASN.1 parsing
*
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#if defined(POLARSSL_ASN1_PARSE_C)
#include "polarssl/asn1.h"
#if defined(POLARSSL_BIGNUM_C)
#include "polarssl/bignum.h"
#endif
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#define polarssl_malloc malloc
#define polarssl_free free
#endif
#include <string.h>
#include <stdlib.h>
/*
* ASN.1 DER decoding routines
*/
int asn1_get_len( unsigned char **p,
const unsigned char *end,
size_t *len )
{
if( ( end - *p ) < 1 )
return( POLARSSL_ERR_ASN1_OUT_OF_DATA );
if( ( **p & 0x80 ) == 0 )
*len = *(*p)++;
else
{
switch( **p & 0x7F )
{
case 1:
if( ( end - *p ) < 2 )
return( POLARSSL_ERR_ASN1_OUT_OF_DATA );
*len = (*p)[1];
(*p) += 2;
break;
case 2:
if( ( end - *p ) < 3 )
return( POLARSSL_ERR_ASN1_OUT_OF_DATA );
*len = ( (*p)[1] << 8 ) | (*p)[2];
(*p) += 3;
break;
case 3:
if( ( end - *p ) < 4 )
return( POLARSSL_ERR_ASN1_OUT_OF_DATA );
*len = ( (*p)[1] << 16 ) | ( (*p)[2] << 8 ) | (*p)[3];
(*p) += 4;
break;
case 4:
if( ( end - *p ) < 5 )
return( POLARSSL_ERR_ASN1_OUT_OF_DATA );
*len = ( (*p)[1] << 24 ) | ( (*p)[2] << 16 ) | ( (*p)[3] << 8 ) |
(*p)[4];
(*p) += 5;
break;
default:
return( POLARSSL_ERR_ASN1_INVALID_LENGTH );
}
}
if( *len > (size_t) ( end - *p ) )
return( POLARSSL_ERR_ASN1_OUT_OF_DATA );
return( 0 );
}
int asn1_get_tag( unsigned char **p,
const unsigned char *end,
size_t *len, int tag )
{
if( ( end - *p ) < 1 )
return( POLARSSL_ERR_ASN1_OUT_OF_DATA );
if( **p != tag )
return( POLARSSL_ERR_ASN1_UNEXPECTED_TAG );
(*p)++;
return( asn1_get_len( p, end, len ) );
}
int asn1_get_bool( unsigned char **p,
const unsigned char *end,
int *val )
{
int ret;
size_t len;
if( ( ret = asn1_get_tag( p, end, &len, ASN1_BOOLEAN ) ) != 0 )
return( ret );
if( len != 1 )
return( POLARSSL_ERR_ASN1_INVALID_LENGTH );
*val = ( **p != 0 ) ? 1 : 0;
(*p)++;
return( 0 );
}
int asn1_get_int( unsigned char **p,
const unsigned char *end,
int *val )
{
int ret;
size_t len;
if( ( ret = asn1_get_tag( p, end, &len, ASN1_INTEGER ) ) != 0 )
return( ret );
if( len > sizeof( int ) || ( **p & 0x80 ) != 0 )
return( POLARSSL_ERR_ASN1_INVALID_LENGTH );
*val = 0;
while( len-- > 0 )
{
*val = ( *val << 8 ) | **p;
(*p)++;
}
return( 0 );
}
#if defined(POLARSSL_BIGNUM_C)
int asn1_get_mpi( unsigned char **p,
const unsigned char *end,
mpi *X )
{
int ret;
size_t len;
if( ( ret = asn1_get_tag( p, end, &len, ASN1_INTEGER ) ) != 0 )
return( ret );
ret = mpi_read_binary( X, *p, len );
*p += len;
return( ret );
}
#endif /* POLARSSL_BIGNUM_C */
int asn1_get_bitstring( unsigned char **p, const unsigned char *end,
asn1_bitstring *bs)
{
int ret;
/* Certificate type is a single byte bitstring */
if( ( ret = asn1_get_tag( p, end, &bs->len, ASN1_BIT_STRING ) ) != 0 )
return( ret );
/* Check length, subtract one for actual bit string length */
if( bs->len < 1 )
return( POLARSSL_ERR_ASN1_OUT_OF_DATA );
bs->len -= 1;
/* Get number of unused bits, ensure unused bits <= 7 */
bs->unused_bits = **p;
if( bs->unused_bits > 7 )
return( POLARSSL_ERR_ASN1_INVALID_LENGTH );
(*p)++;
/* Get actual bitstring */
bs->p = *p;
*p += bs->len;
if( *p != end )
return( POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
return( 0 );
}
/*
* Get a bit string without unused bits
*/
int asn1_get_bitstring_null( unsigned char **p, const unsigned char *end,
size_t *len )
{
int ret;
if( ( ret = asn1_get_tag( p, end, len, ASN1_BIT_STRING ) ) != 0 )
return( ret );
if( (*len)-- < 2 || *(*p)++ != 0 )
return( POLARSSL_ERR_ASN1_INVALID_DATA );
return( 0 );
}
/*
* Parses and splits an ASN.1 "SEQUENCE OF <tag>"
*/
int asn1_get_sequence_of( unsigned char **p,
const unsigned char *end,
asn1_sequence *cur,
int tag)
{
int ret;
size_t len;
asn1_buf *buf;
/* Get main sequence tag */
if( ( ret = asn1_get_tag( p, end, &len,
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
return( ret );
if( *p + len != end )
return( POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
while( *p < end )
{
buf = &(cur->buf);
buf->tag = **p;
if( ( ret = asn1_get_tag( p, end, &buf->len, tag ) ) != 0 )
return( ret );
buf->p = *p;
*p += buf->len;
/* Allocate and assign next pointer */
if( *p < end )
{
cur->next = (asn1_sequence *) polarssl_malloc(
sizeof( asn1_sequence ) );
if( cur->next == NULL )
return( POLARSSL_ERR_ASN1_MALLOC_FAILED );
cur = cur->next;
}
}
/* Set final sequence entry's next pointer to NULL */
cur->next = NULL;
if( *p != end )
return( POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
return( 0 );
}
int asn1_get_alg( unsigned char **p,
const unsigned char *end,
asn1_buf *alg, asn1_buf *params )
{
int ret;
size_t len;
if( ( ret = asn1_get_tag( p, end, &len,
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
return( ret );
if( ( end - *p ) < 1 )
return( POLARSSL_ERR_ASN1_OUT_OF_DATA );
alg->tag = **p;
end = *p + len;
if( ( ret = asn1_get_tag( p, end, &alg->len, ASN1_OID ) ) != 0 )
return( ret );
alg->p = *p;
*p += alg->len;
if( *p == end )
{
memset( params, 0, sizeof(asn1_buf) );
return( 0 );
}
params->tag = **p;
(*p)++;
if( ( ret = asn1_get_len( p, end, &params->len ) ) != 0 )
return( ret );
params->p = *p;
*p += params->len;
if( *p != end )
return( POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
return( 0 );
}
int asn1_get_alg_null( unsigned char **p,
const unsigned char *end,
asn1_buf *alg )
{
int ret;
asn1_buf params;
memset( &params, 0, sizeof(asn1_buf) );
if( ( ret = asn1_get_alg( p, end, alg, &params ) ) != 0 )
return( ret );
if( ( params.tag != ASN1_NULL && params.tag != 0 ) || params.len != 0 )
return( POLARSSL_ERR_ASN1_INVALID_DATA );
return( 0 );
}
void asn1_free_named_data( asn1_named_data *cur )
{
if( cur == NULL )
return;
polarssl_free( cur->oid.p );
polarssl_free( cur->val.p );
memset( cur, 0, sizeof( asn1_named_data ) );
}
void asn1_free_named_data_list( asn1_named_data **head )
{
asn1_named_data *cur;
while( ( cur = *head ) != NULL )
{
*head = cur->next;
asn1_free_named_data( cur );
polarssl_free( cur );
}
}
asn1_named_data *asn1_find_named_data( asn1_named_data *list,
const char *oid, size_t len )
{
while( list != NULL )
{
if( list->oid.len == len &&
memcmp( list->oid.p, oid, len ) == 0 )
{
break;
}
list = list->next;
}
return( list );
}
#endif /* POLARSSL_ASN1_PARSE_C */

366
Externals/polarssl/library/asn1write.c vendored
View File

@ -1,366 +0,0 @@
/*
* ASN.1 buffer writing functionality
*
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#if defined(POLARSSL_ASN1_WRITE_C)
#include "polarssl/asn1write.h"
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#include <stdlib.h>
#define polarssl_malloc malloc
#define polarssl_free free
#endif
int asn1_write_len( unsigned char **p, unsigned char *start, size_t len )
{
if( len < 0x80 )
{
if( *p - start < 1 )
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
*--(*p) = (unsigned char) len;
return( 1 );
}
if( len <= 0xFF )
{
if( *p - start < 2 )
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
*--(*p) = (unsigned char) len;
*--(*p) = 0x81;
return( 2 );
}
if( *p - start < 3 )
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
// We assume we never have lengths larger than 65535 bytes
//
*--(*p) = len % 256;
*--(*p) = ( len / 256 ) % 256;
*--(*p) = 0x82;
return( 3 );
}
int asn1_write_tag( unsigned char **p, unsigned char *start, unsigned char tag )
{
if( *p - start < 1 )
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
*--(*p) = tag;
return( 1 );
}
int asn1_write_raw_buffer( unsigned char **p, unsigned char *start,
const unsigned char *buf, size_t size )
{
size_t len = 0;
if( *p - start < (int) size )
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
len = size;
(*p) -= len;
memcpy( *p, buf, len );
return( (int) len );
}
#if defined(POLARSSL_BIGNUM_C)
int asn1_write_mpi( unsigned char **p, unsigned char *start, mpi *X )
{
int ret;
size_t len = 0;
// Write the MPI
//
len = mpi_size( X );
if( *p - start < (int) len )
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
(*p) -= len;
MPI_CHK( mpi_write_binary( X, *p, len ) );
// DER format assumes 2s complement for numbers, so the leftmost bit
// should be 0 for positive numbers and 1 for negative numbers.
//
if( X->s ==1 && **p & 0x80 )
{
if( *p - start < 1 )
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
*--(*p) = 0x00;
len += 1;
}
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_INTEGER ) );
ret = (int) len;
cleanup:
return( ret );
}
#endif /* POLARSSL_BIGNUM_C */
int asn1_write_null( unsigned char **p, unsigned char *start )
{
int ret;
size_t len = 0;
// Write NULL
//
ASN1_CHK_ADD( len, asn1_write_len( p, start, 0) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_NULL ) );
return( (int) len );
}
int asn1_write_oid( unsigned char **p, unsigned char *start,
const char *oid, size_t oid_len )
{
int ret;
size_t len = 0;
ASN1_CHK_ADD( len, asn1_write_raw_buffer( p, start,
(const unsigned char *) oid, oid_len ) );
ASN1_CHK_ADD( len , asn1_write_len( p, start, len ) );
ASN1_CHK_ADD( len , asn1_write_tag( p, start, ASN1_OID ) );
return( (int) len );
}
int asn1_write_algorithm_identifier( unsigned char **p, unsigned char *start,
const char *oid, size_t oid_len,
size_t par_len )
{
int ret;
size_t len = 0;
if( par_len == 0 )
ASN1_CHK_ADD( len, asn1_write_null( p, start ) );
else
len += par_len;
ASN1_CHK_ADD( len, asn1_write_oid( p, start, oid, oid_len ) );
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start,
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) );
return( (int) len );
}
int asn1_write_bool( unsigned char **p, unsigned char *start, int boolean )
{
int ret;
size_t len = 0;
if( *p - start < 1 )
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
*--(*p) = (boolean) ? 1 : 0;
len++;
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_BOOLEAN ) );
return( (int) len );
}
int asn1_write_int( unsigned char **p, unsigned char *start, int val )
{
int ret;
size_t len = 0;
// TODO negative values and values larger than 128
// DER format assumes 2s complement for numbers, so the leftmost bit
// should be 0 for positive numbers and 1 for negative numbers.
//
if( *p - start < 1 )
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
len += 1;
*--(*p) = val;
if( val > 0 && **p & 0x80 )
{
if( *p - start < 1 )
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
*--(*p) = 0x00;
len += 1;
}
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_INTEGER ) );
return( (int) len );
}
int asn1_write_printable_string( unsigned char **p, unsigned char *start,
const char *text, size_t text_len )
{
int ret;
size_t len = 0;
ASN1_CHK_ADD( len, asn1_write_raw_buffer( p, start,
(const unsigned char *) text, text_len ) );
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_PRINTABLE_STRING ) );
return( (int) len );
}
int asn1_write_ia5_string( unsigned char **p, unsigned char *start,
const char *text, size_t text_len )
{
int ret;
size_t len = 0;
ASN1_CHK_ADD( len, asn1_write_raw_buffer( p, start,
(const unsigned char *) text, text_len ) );
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_IA5_STRING ) );
return( (int) len );
}
int asn1_write_bitstring( unsigned char **p, unsigned char *start,
const unsigned char *buf, size_t bits )
{
int ret;
size_t len = 0, size;
size = ( bits / 8 ) + ( ( bits % 8 ) ? 1 : 0 );
// Calculate byte length
//
if( *p - start < (int) size + 1 )
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
len = size + 1;
(*p) -= size;
memcpy( *p, buf, size );
// Write unused bits
//
*--(*p) = (unsigned char) (size * 8 - bits);
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_BIT_STRING ) );
return( (int) len );
}
int asn1_write_octet_string( unsigned char **p, unsigned char *start,
const unsigned char *buf, size_t size )
{
int ret;
size_t len = 0;
ASN1_CHK_ADD( len, asn1_write_raw_buffer( p, start, buf, size ) );
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_OCTET_STRING ) );
return( (int) len );
}
asn1_named_data *asn1_store_named_data( asn1_named_data **head,
const char *oid, size_t oid_len,
const unsigned char *val,
size_t val_len )
{
asn1_named_data *cur;
if( ( cur = asn1_find_named_data( *head, oid, oid_len ) ) == NULL )
{
// Add new entry if not present yet based on OID
//
if( ( cur = polarssl_malloc( sizeof(asn1_named_data) ) ) == NULL )
return( NULL );
memset( cur, 0, sizeof(asn1_named_data) );
cur->oid.len = oid_len;
cur->oid.p = polarssl_malloc( oid_len );
if( cur->oid.p == NULL )
{
polarssl_free( cur );
return( NULL );
}
cur->val.len = val_len;
cur->val.p = polarssl_malloc( val_len );
if( cur->val.p == NULL )
{
polarssl_free( cur->oid.p );
polarssl_free( cur );
return( NULL );
}
memcpy( cur->oid.p, oid, oid_len );
cur->next = *head;
*head = cur;
}
else if( cur->val.len < val_len )
{
// Enlarge existing value buffer if needed
//
polarssl_free( cur->val.p );
cur->val.p = NULL;
cur->val.len = val_len;
cur->val.p = polarssl_malloc( val_len );
if( cur->val.p == NULL )
{
polarssl_free( cur->oid.p );
polarssl_free( cur );
return( NULL );
}
}
if( val != NULL )
memcpy( cur->val.p, val, val_len );
return( cur );
}
#endif /* POLARSSL_ASN1_WRITE_C */

273
Externals/polarssl/library/base64.c vendored
View File

@ -1,273 +0,0 @@
/*
* RFC 1521 base64 encoding/decoding
*
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#if defined(POLARSSL_BASE64_C)
#include "polarssl/base64.h"
#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32)
#include <basetsd.h>
typedef UINT32 uint32_t;
#else
#include <inttypes.h>
#endif
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#define polarssl_printf printf
#endif
static const unsigned char base64_enc_map[64] =
{
'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J',
'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T',
'U', 'V', 'W', 'X', 'Y', 'Z', 'a', 'b', 'c', 'd',
'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n',
'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x',
'y', 'z', '0', '1', '2', '3', '4', '5', '6', '7',
'8', '9', '+', '/'
};
static const unsigned char base64_dec_map[128] =
{
127, 127, 127, 127, 127, 127, 127, 127, 127, 127,
127, 127, 127, 127, 127, 127, 127, 127, 127, 127,
127, 127, 127, 127, 127, 127, 127, 127, 127, 127,
127, 127, 127, 127, 127, 127, 127, 127, 127, 127,
127, 127, 127, 62, 127, 127, 127, 63, 52, 53,
54, 55, 56, 57, 58, 59, 60, 61, 127, 127,
127, 64, 127, 127, 127, 0, 1, 2, 3, 4,
5, 6, 7, 8, 9, 10, 11, 12, 13, 14,
15, 16, 17, 18, 19, 20, 21, 22, 23, 24,
25, 127, 127, 127, 127, 127, 127, 26, 27, 28,
29, 30, 31, 32, 33, 34, 35, 36, 37, 38,
39, 40, 41, 42, 43, 44, 45, 46, 47, 48,
49, 50, 51, 127, 127, 127, 127, 127
};
/*
* Encode a buffer into base64 format
*/
int base64_encode( unsigned char *dst, size_t *dlen,
const unsigned char *src, size_t slen )
{
size_t i, n;
int C1, C2, C3;
unsigned char *p;
if( slen == 0 )
return( 0 );
n = ( slen << 3 ) / 6;
switch( ( slen << 3 ) - ( n * 6 ) )
{
case 2: n += 3; break;
case 4: n += 2; break;
default: break;
}
if( *dlen < n + 1 )
{
*dlen = n + 1;
return( POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL );
}
n = ( slen / 3 ) * 3;
for( i = 0, p = dst; i < n; i += 3 )
{
C1 = *src++;
C2 = *src++;
C3 = *src++;
*p++ = base64_enc_map[(C1 >> 2) & 0x3F];
*p++ = base64_enc_map[(((C1 & 3) << 4) + (C2 >> 4)) & 0x3F];
*p++ = base64_enc_map[(((C2 & 15) << 2) + (C3 >> 6)) & 0x3F];
*p++ = base64_enc_map[C3 & 0x3F];
}
if( i < slen )
{
C1 = *src++;
C2 = ( ( i + 1 ) < slen ) ? *src++ : 0;
*p++ = base64_enc_map[(C1 >> 2) & 0x3F];
*p++ = base64_enc_map[(((C1 & 3) << 4) + (C2 >> 4)) & 0x3F];
if( ( i + 1 ) < slen )
*p++ = base64_enc_map[((C2 & 15) << 2) & 0x3F];
else *p++ = '=';
*p++ = '=';
}
*dlen = p - dst;
*p = 0;
return( 0 );
}
/*
* Decode a base64-formatted buffer
*/
int base64_decode( unsigned char *dst, size_t *dlen,
const unsigned char *src, size_t slen )
{
size_t i, n;
uint32_t j, x;
unsigned char *p;
for( i = n = j = 0; i < slen; i++ )
{
if( ( slen - i ) >= 2 &&
src[i] == '\r' && src[i + 1] == '\n' )
continue;
if( src[i] == '\n' )
continue;
if( src[i] == '=' && ++j > 2 )
return( POLARSSL_ERR_BASE64_INVALID_CHARACTER );
if( src[i] > 127 || base64_dec_map[src[i]] == 127 )
return( POLARSSL_ERR_BASE64_INVALID_CHARACTER );
if( base64_dec_map[src[i]] < 64 && j != 0 )
return( POLARSSL_ERR_BASE64_INVALID_CHARACTER );
n++;
}
if( n == 0 )
return( 0 );
n = ( ( n * 6 ) + 7 ) >> 3;
n -= j;
if( dst == NULL || *dlen < n )
{
*dlen = n;
return( POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL );
}
for( j = 3, n = x = 0, p = dst; i > 0; i--, src++ )
{
if( *src == '\r' || *src == '\n' )
continue;
j -= ( base64_dec_map[*src] == 64 );
x = ( x << 6 ) | ( base64_dec_map[*src] & 0x3F );
if( ++n == 4 )
{
n = 0;
if( j > 0 ) *p++ = (unsigned char)( x >> 16 );
if( j > 1 ) *p++ = (unsigned char)( x >> 8 );
if( j > 2 ) *p++ = (unsigned char)( x );
}
}
*dlen = p - dst;
return( 0 );
}
#if defined(POLARSSL_SELF_TEST)
#include <string.h>
#include <stdio.h>
static const unsigned char base64_test_dec[64] =
{
0x24, 0x48, 0x6E, 0x56, 0x87, 0x62, 0x5A, 0xBD,
0xBF, 0x17, 0xD9, 0xA2, 0xC4, 0x17, 0x1A, 0x01,
0x94, 0xED, 0x8F, 0x1E, 0x11, 0xB3, 0xD7, 0x09,
0x0C, 0xB6, 0xE9, 0x10, 0x6F, 0x22, 0xEE, 0x13,
0xCA, 0xB3, 0x07, 0x05, 0x76, 0xC9, 0xFA, 0x31,
0x6C, 0x08, 0x34, 0xFF, 0x8D, 0xC2, 0x6C, 0x38,
0x00, 0x43, 0xE9, 0x54, 0x97, 0xAF, 0x50, 0x4B,
0xD1, 0x41, 0xBA, 0x95, 0x31, 0x5A, 0x0B, 0x97
};
static const unsigned char base64_test_enc[] =
"JEhuVodiWr2/F9mixBcaAZTtjx4Rs9cJDLbpEG8i7hPK"
"swcFdsn6MWwINP+Nwmw4AEPpVJevUEvRQbqVMVoLlw==";
/*
* Checkup routine
*/
int base64_self_test( int verbose )
{
size_t len;
const unsigned char *src;
unsigned char buffer[128];
if( verbose != 0 )
polarssl_printf( " Base64 encoding test: " );
len = sizeof( buffer );
src = base64_test_dec;
if( base64_encode( buffer, &len, src, 64 ) != 0 ||
memcmp( base64_test_enc, buffer, 88 ) != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
return( 1 );
}
if( verbose != 0 )
polarssl_printf( "passed\n Base64 decoding test: " );
len = sizeof( buffer );
src = base64_test_enc;
if( base64_decode( buffer, &len, src, 88 ) != 0 ||
memcmp( base64_test_dec, buffer, 64 ) != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
return( 1 );
}
if( verbose != 0 )
polarssl_printf( "passed\n\n" );
return( 0 );
}
#endif /* POLARSSL_SELF_TEST */
#endif /* POLARSSL_BASE64_C */

2344
Externals/polarssl/library/bignum.c vendored
View File

File diff suppressed because it is too large Load Diff

658
Externals/polarssl/library/blowfish.c vendored
View File

@ -1,658 +0,0 @@
/*
* Blowfish implementation
*
* Copyright (C) 2012-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
/*
* The Blowfish block cipher was designed by Bruce Schneier in 1993.
* http://www.schneier.com/blowfish.html
* http://en.wikipedia.org/wiki/Blowfish_%28cipher%29
*
*/
#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#if defined(POLARSSL_BLOWFISH_C)
#include "polarssl/blowfish.h"
#if !defined(POLARSSL_BLOWFISH_ALT)
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
/*
* 32-bit integer manipulation macros (big endian)
*/
#ifndef GET_UINT32_BE
#define GET_UINT32_BE(n,b,i) \
{ \
(n) = ( (uint32_t) (b)[(i) ] << 24 ) \
| ( (uint32_t) (b)[(i) + 1] << 16 ) \
| ( (uint32_t) (b)[(i) + 2] << 8 ) \
| ( (uint32_t) (b)[(i) + 3] ); \
}
#endif
#ifndef PUT_UINT32_BE
#define PUT_UINT32_BE(n,b,i) \
{ \
(b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
(b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
(b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
(b)[(i) + 3] = (unsigned char) ( (n) ); \
}
#endif
static const uint32_t P[BLOWFISH_ROUNDS + 2] = {
0x243F6A88L, 0x85A308D3L, 0x13198A2EL, 0x03707344L,
0xA4093822L, 0x299F31D0L, 0x082EFA98L, 0xEC4E6C89L,
0x452821E6L, 0x38D01377L, 0xBE5466CFL, 0x34E90C6CL,
0xC0AC29B7L, 0xC97C50DDL, 0x3F84D5B5L, 0xB5470917L,
0x9216D5D9L, 0x8979FB1BL
};
/* declarations of data at the end of this file */
static const uint32_t S[4][256];
static uint32_t F( blowfish_context *ctx, uint32_t x )
{
unsigned short a, b, c, d;
uint32_t y;
d = (unsigned short)(x & 0xFF);
x >>= 8;
c = (unsigned short)(x & 0xFF);
x >>= 8;
b = (unsigned short)(x & 0xFF);
x >>= 8;
a = (unsigned short)(x & 0xFF);
y = ctx->S[0][a] + ctx->S[1][b];
y = y ^ ctx->S[2][c];
y = y + ctx->S[3][d];
return( y );
}
static void blowfish_enc( blowfish_context *ctx, uint32_t *xl, uint32_t *xr )
{
uint32_t Xl, Xr, temp;
short i;
Xl = *xl;
Xr = *xr;
for( i = 0; i < BLOWFISH_ROUNDS; ++i )
{
Xl = Xl ^ ctx->P[i];
Xr = F( ctx, Xl ) ^ Xr;
temp = Xl;
Xl = Xr;
Xr = temp;
}
temp = Xl;
Xl = Xr;
Xr = temp;
Xr = Xr ^ ctx->P[BLOWFISH_ROUNDS];
Xl = Xl ^ ctx->P[BLOWFISH_ROUNDS + 1];
*xl = Xl;
*xr = Xr;
}
static void blowfish_dec( blowfish_context *ctx, uint32_t *xl, uint32_t *xr )
{
uint32_t Xl, Xr, temp;
short i;
Xl = *xl;
Xr = *xr;
for( i = BLOWFISH_ROUNDS + 1; i > 1; --i )
{
Xl = Xl ^ ctx->P[i];
Xr = F( ctx, Xl ) ^ Xr;
temp = Xl;
Xl = Xr;
Xr = temp;
}
temp = Xl;
Xl = Xr;
Xr = temp;
Xr = Xr ^ ctx->P[1];
Xl = Xl ^ ctx->P[0];
*xl = Xl;
*xr = Xr;
}
void blowfish_init( blowfish_context *ctx )
{
memset( ctx, 0, sizeof( blowfish_context ) );
}
void blowfish_free( blowfish_context *ctx )
{
if( ctx == NULL )
return;
polarssl_zeroize( ctx, sizeof( blowfish_context ) );
}
/*
* Blowfish key schedule
*/
int blowfish_setkey( blowfish_context *ctx, const unsigned char *key,
unsigned int keysize )
{
unsigned int i, j, k;
uint32_t data, datal, datar;
if( keysize < BLOWFISH_MIN_KEY || keysize > BLOWFISH_MAX_KEY ||
( keysize % 8 ) )
{
return( POLARSSL_ERR_BLOWFISH_INVALID_KEY_LENGTH );
}
keysize >>= 3;
for( i = 0; i < 4; i++ )
{
for( j = 0; j < 256; j++ )
ctx->S[i][j] = S[i][j];
}
j = 0;
for( i = 0; i < BLOWFISH_ROUNDS + 2; ++i )
{
data = 0x00000000;
for( k = 0; k < 4; ++k )
{
data = ( data << 8 ) | key[j++];
if( j >= keysize )
j = 0;
}
ctx->P[i] = P[i] ^ data;
}
datal = 0x00000000;
datar = 0x00000000;
for( i = 0; i < BLOWFISH_ROUNDS + 2; i += 2 )
{
blowfish_enc( ctx, &datal, &datar );
ctx->P[i] = datal;
ctx->P[i + 1] = datar;
}
for( i = 0; i < 4; i++ )
{
for( j = 0; j < 256; j += 2 )
{
blowfish_enc( ctx, &datal, &datar );
ctx->S[i][j] = datal;
ctx->S[i][j + 1] = datar;
}
}
return( 0 );
}
/*
* Blowfish-ECB block encryption/decryption
*/
int blowfish_crypt_ecb( blowfish_context *ctx,
int mode,
const unsigned char input[BLOWFISH_BLOCKSIZE],
unsigned char output[BLOWFISH_BLOCKSIZE] )
{
uint32_t X0, X1;
GET_UINT32_BE( X0, input, 0 );
GET_UINT32_BE( X1, input, 4 );
if( mode == BLOWFISH_DECRYPT )
{
blowfish_dec( ctx, &X0, &X1 );
}
else /* BLOWFISH_ENCRYPT */
{
blowfish_enc( ctx, &X0, &X1 );
}
PUT_UINT32_BE( X0, output, 0 );
PUT_UINT32_BE( X1, output, 4 );
return( 0 );
}
#if defined(POLARSSL_CIPHER_MODE_CBC)
/*
* Blowfish-CBC buffer encryption/decryption
*/
int blowfish_crypt_cbc( blowfish_context *ctx,
int mode,
size_t length,
unsigned char iv[BLOWFISH_BLOCKSIZE],
const unsigned char *input,
unsigned char *output )
{
int i;
unsigned char temp[BLOWFISH_BLOCKSIZE];
if( length % BLOWFISH_BLOCKSIZE )
return( POLARSSL_ERR_BLOWFISH_INVALID_INPUT_LENGTH );
if( mode == BLOWFISH_DECRYPT )
{
while( length > 0 )
{
memcpy( temp, input, BLOWFISH_BLOCKSIZE );
blowfish_crypt_ecb( ctx, mode, input, output );
for( i = 0; i < BLOWFISH_BLOCKSIZE;i++ )
output[i] = (unsigned char)( output[i] ^ iv[i] );
memcpy( iv, temp, BLOWFISH_BLOCKSIZE );
input += BLOWFISH_BLOCKSIZE;
output += BLOWFISH_BLOCKSIZE;
length -= BLOWFISH_BLOCKSIZE;
}
}
else
{
while( length > 0 )
{
for( i = 0; i < BLOWFISH_BLOCKSIZE; i++ )
output[i] = (unsigned char)( input[i] ^ iv[i] );
blowfish_crypt_ecb( ctx, mode, output, output );
memcpy( iv, output, BLOWFISH_BLOCKSIZE );
input += BLOWFISH_BLOCKSIZE;
output += BLOWFISH_BLOCKSIZE;
length -= BLOWFISH_BLOCKSIZE;
}
}
return( 0 );
}
#endif /* POLARSSL_CIPHER_MODE_CBC */
#if defined(POLARSSL_CIPHER_MODE_CFB)
/*
* Blowfish CFB buffer encryption/decryption
*/
int blowfish_crypt_cfb64( blowfish_context *ctx,
int mode,
size_t length,
size_t *iv_off,
unsigned char iv[BLOWFISH_BLOCKSIZE],
const unsigned char *input,
unsigned char *output )
{
int c;
size_t n = *iv_off;
if( mode == BLOWFISH_DECRYPT )
{
while( length-- )
{
if( n == 0 )
blowfish_crypt_ecb( ctx, BLOWFISH_ENCRYPT, iv, iv );
c = *input++;
*output++ = (unsigned char)( c ^ iv[n] );
iv[n] = (unsigned char) c;
n = ( n + 1 ) % BLOWFISH_BLOCKSIZE;
}
}
else
{
while( length-- )
{
if( n == 0 )
blowfish_crypt_ecb( ctx, BLOWFISH_ENCRYPT, iv, iv );
iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ );
n = ( n + 1 ) % BLOWFISH_BLOCKSIZE;
}
}
*iv_off = n;
return( 0 );
}
#endif /*POLARSSL_CIPHER_MODE_CFB */
#if defined(POLARSSL_CIPHER_MODE_CTR)
/*
* Blowfish CTR buffer encryption/decryption
*/
int blowfish_crypt_ctr( blowfish_context *ctx,
size_t length,
size_t *nc_off,
unsigned char nonce_counter[BLOWFISH_BLOCKSIZE],
unsigned char stream_block[BLOWFISH_BLOCKSIZE],
const unsigned char *input,
unsigned char *output )
{
int c, i;
size_t n = *nc_off;
while( length-- )
{
if( n == 0 ) {
blowfish_crypt_ecb( ctx, BLOWFISH_ENCRYPT, nonce_counter,
stream_block );
for( i = BLOWFISH_BLOCKSIZE; i > 0; i-- )
if( ++nonce_counter[i - 1] != 0 )
break;
}
c = *input++;
*output++ = (unsigned char)( c ^ stream_block[n] );
n = ( n + 1 ) % BLOWFISH_BLOCKSIZE;
}
*nc_off = n;
return( 0 );
}
#endif /* POLARSSL_CIPHER_MODE_CTR */
static const uint32_t S[4][256] = {
{ 0xD1310BA6L, 0x98DFB5ACL, 0x2FFD72DBL, 0xD01ADFB7L,
0xB8E1AFEDL, 0x6A267E96L, 0xBA7C9045L, 0xF12C7F99L,
0x24A19947L, 0xB3916CF7L, 0x0801F2E2L, 0x858EFC16L,
0x636920D8L, 0x71574E69L, 0xA458FEA3L, 0xF4933D7EL,
0x0D95748FL, 0x728EB658L, 0x718BCD58L, 0x82154AEEL,
0x7B54A41DL, 0xC25A59B5L, 0x9C30D539L, 0x2AF26013L,
0xC5D1B023L, 0x286085F0L, 0xCA417918L, 0xB8DB38EFL,
0x8E79DCB0L, 0x603A180EL, 0x6C9E0E8BL, 0xB01E8A3EL,
0xD71577C1L, 0xBD314B27L, 0x78AF2FDAL, 0x55605C60L,
0xE65525F3L, 0xAA55AB94L, 0x57489862L, 0x63E81440L,
0x55CA396AL, 0x2AAB10B6L, 0xB4CC5C34L, 0x1141E8CEL,
0xA15486AFL, 0x7C72E993L, 0xB3EE1411L, 0x636FBC2AL,
0x2BA9C55DL, 0x741831F6L, 0xCE5C3E16L, 0x9B87931EL,
0xAFD6BA33L, 0x6C24CF5CL, 0x7A325381L, 0x28958677L,
0x3B8F4898L, 0x6B4BB9AFL, 0xC4BFE81BL, 0x66282193L,
0x61D809CCL, 0xFB21A991L, 0x487CAC60L, 0x5DEC8032L,
0xEF845D5DL, 0xE98575B1L, 0xDC262302L, 0xEB651B88L,
0x23893E81L, 0xD396ACC5L, 0x0F6D6FF3L, 0x83F44239L,
0x2E0B4482L, 0xA4842004L, 0x69C8F04AL, 0x9E1F9B5EL,
0x21C66842L, 0xF6E96C9AL, 0x670C9C61L, 0xABD388F0L,
0x6A51A0D2L, 0xD8542F68L, 0x960FA728L, 0xAB5133A3L,
0x6EEF0B6CL, 0x137A3BE4L, 0xBA3BF050L, 0x7EFB2A98L,
0xA1F1651DL, 0x39AF0176L, 0x66CA593EL, 0x82430E88L,
0x8CEE8619L, 0x456F9FB4L, 0x7D84A5C3L, 0x3B8B5EBEL,
0xE06F75D8L, 0x85C12073L, 0x401A449FL, 0x56C16AA6L,
0x4ED3AA62L, 0x363F7706L, 0x1BFEDF72L, 0x429B023DL,
0x37D0D724L, 0xD00A1248L, 0xDB0FEAD3L, 0x49F1C09BL,
0x075372C9L, 0x80991B7BL, 0x25D479D8L, 0xF6E8DEF7L,
0xE3FE501AL, 0xB6794C3BL, 0x976CE0BDL, 0x04C006BAL,
0xC1A94FB6L, 0x409F60C4L, 0x5E5C9EC2L, 0x196A2463L,
0x68FB6FAFL, 0x3E6C53B5L, 0x1339B2EBL, 0x3B52EC6FL,
0x6DFC511FL, 0x9B30952CL, 0xCC814544L, 0xAF5EBD09L,
0xBEE3D004L, 0xDE334AFDL, 0x660F2807L, 0x192E4BB3L,
0xC0CBA857L, 0x45C8740FL, 0xD20B5F39L, 0xB9D3FBDBL,
0x5579C0BDL, 0x1A60320AL, 0xD6A100C6L, 0x402C7279L,
0x679F25FEL, 0xFB1FA3CCL, 0x8EA5E9F8L, 0xDB3222F8L,
0x3C7516DFL, 0xFD616B15L, 0x2F501EC8L, 0xAD0552ABL,
0x323DB5FAL, 0xFD238760L, 0x53317B48L, 0x3E00DF82L,
0x9E5C57BBL, 0xCA6F8CA0L, 0x1A87562EL, 0xDF1769DBL,
0xD542A8F6L, 0x287EFFC3L, 0xAC6732C6L, 0x8C4F5573L,
0x695B27B0L, 0xBBCA58C8L, 0xE1FFA35DL, 0xB8F011A0L,
0x10FA3D98L, 0xFD2183B8L, 0x4AFCB56CL, 0x2DD1D35BL,
0x9A53E479L, 0xB6F84565L, 0xD28E49BCL, 0x4BFB9790L,
0xE1DDF2DAL, 0xA4CB7E33L, 0x62FB1341L, 0xCEE4C6E8L,
0xEF20CADAL, 0x36774C01L, 0xD07E9EFEL, 0x2BF11FB4L,
0x95DBDA4DL, 0xAE909198L, 0xEAAD8E71L, 0x6B93D5A0L,
0xD08ED1D0L, 0xAFC725E0L, 0x8E3C5B2FL, 0x8E7594B7L,
0x8FF6E2FBL, 0xF2122B64L, 0x8888B812L, 0x900DF01CL,
0x4FAD5EA0L, 0x688FC31CL, 0xD1CFF191L, 0xB3A8C1ADL,
0x2F2F2218L, 0xBE0E1777L, 0xEA752DFEL, 0x8B021FA1L,
0xE5A0CC0FL, 0xB56F74E8L, 0x18ACF3D6L, 0xCE89E299L,
0xB4A84FE0L, 0xFD13E0B7L, 0x7CC43B81L, 0xD2ADA8D9L,
0x165FA266L, 0x80957705L, 0x93CC7314L, 0x211A1477L,
0xE6AD2065L, 0x77B5FA86L, 0xC75442F5L, 0xFB9D35CFL,
0xEBCDAF0CL, 0x7B3E89A0L, 0xD6411BD3L, 0xAE1E7E49L,
0x00250E2DL, 0x2071B35EL, 0x226800BBL, 0x57B8E0AFL,
0x2464369BL, 0xF009B91EL, 0x5563911DL, 0x59DFA6AAL,
0x78C14389L, 0xD95A537FL, 0x207D5BA2L, 0x02E5B9C5L,
0x83260376L, 0x6295CFA9L, 0x11C81968L, 0x4E734A41L,
0xB3472DCAL, 0x7B14A94AL, 0x1B510052L, 0x9A532915L,
0xD60F573FL, 0xBC9BC6E4L, 0x2B60A476L, 0x81E67400L,
0x08BA6FB5L, 0x571BE91FL, 0xF296EC6BL, 0x2A0DD915L,
0xB6636521L, 0xE7B9F9B6L, 0xFF34052EL, 0xC5855664L,
0x53B02D5DL, 0xA99F8FA1L, 0x08BA4799L, 0x6E85076AL },
{ 0x4B7A70E9L, 0xB5B32944L, 0xDB75092EL, 0xC4192623L,
0xAD6EA6B0L, 0x49A7DF7DL, 0x9CEE60B8L, 0x8FEDB266L,
0xECAA8C71L, 0x699A17FFL, 0x5664526CL, 0xC2B19EE1L,
0x193602A5L, 0x75094C29L, 0xA0591340L, 0xE4183A3EL,
0x3F54989AL, 0x5B429D65L, 0x6B8FE4D6L, 0x99F73FD6L,
0xA1D29C07L, 0xEFE830F5L, 0x4D2D38E6L, 0xF0255DC1L,
0x4CDD2086L, 0x8470EB26L, 0x6382E9C6L, 0x021ECC5EL,
0x09686B3FL, 0x3EBAEFC9L, 0x3C971814L, 0x6B6A70A1L,
0x687F3584L, 0x52A0E286L, 0xB79C5305L, 0xAA500737L,
0x3E07841CL, 0x7FDEAE5CL, 0x8E7D44ECL, 0x5716F2B8L,
0xB03ADA37L, 0xF0500C0DL, 0xF01C1F04L, 0x0200B3FFL,
0xAE0CF51AL, 0x3CB574B2L, 0x25837A58L, 0xDC0921BDL,
0xD19113F9L, 0x7CA92FF6L, 0x94324773L, 0x22F54701L,
0x3AE5E581L, 0x37C2DADCL, 0xC8B57634L, 0x9AF3DDA7L,
0xA9446146L, 0x0FD0030EL, 0xECC8C73EL, 0xA4751E41L,
0xE238CD99L, 0x3BEA0E2FL, 0x3280BBA1L, 0x183EB331L,
0x4E548B38L, 0x4F6DB908L, 0x6F420D03L, 0xF60A04BFL,
0x2CB81290L, 0x24977C79L, 0x5679B072L, 0xBCAF89AFL,
0xDE9A771FL, 0xD9930810L, 0xB38BAE12L, 0xDCCF3F2EL,
0x5512721FL, 0x2E6B7124L, 0x501ADDE6L, 0x9F84CD87L,
0x7A584718L, 0x7408DA17L, 0xBC9F9ABCL, 0xE94B7D8CL,
0xEC7AEC3AL, 0xDB851DFAL, 0x63094366L, 0xC464C3D2L,
0xEF1C1847L, 0x3215D908L, 0xDD433B37L, 0x24C2BA16L,
0x12A14D43L, 0x2A65C451L, 0x50940002L, 0x133AE4DDL,
0x71DFF89EL, 0x10314E55L, 0x81AC77D6L, 0x5F11199BL,
0x043556F1L, 0xD7A3C76BL, 0x3C11183BL, 0x5924A509L,
0xF28FE6EDL, 0x97F1FBFAL, 0x9EBABF2CL, 0x1E153C6EL,
0x86E34570L, 0xEAE96FB1L, 0x860E5E0AL, 0x5A3E2AB3L,
0x771FE71CL, 0x4E3D06FAL, 0x2965DCB9L, 0x99E71D0FL,
0x803E89D6L, 0x5266C825L, 0x2E4CC978L, 0x9C10B36AL,
0xC6150EBAL, 0x94E2EA78L, 0xA5FC3C53L, 0x1E0A2DF4L,
0xF2F74EA7L, 0x361D2B3DL, 0x1939260FL, 0x19C27960L,
0x5223A708L, 0xF71312B6L, 0xEBADFE6EL, 0xEAC31F66L,
0xE3BC4595L, 0xA67BC883L, 0xB17F37D1L, 0x018CFF28L,
0xC332DDEFL, 0xBE6C5AA5L, 0x65582185L, 0x68AB9802L,
0xEECEA50FL, 0xDB2F953BL, 0x2AEF7DADL, 0x5B6E2F84L,
0x1521B628L, 0x29076170L, 0xECDD4775L, 0x619F1510L,
0x13CCA830L, 0xEB61BD96L, 0x0334FE1EL, 0xAA0363CFL,
0xB5735C90L, 0x4C70A239L, 0xD59E9E0BL, 0xCBAADE14L,
0xEECC86BCL, 0x60622CA7L, 0x9CAB5CABL, 0xB2F3846EL,
0x648B1EAFL, 0x19BDF0CAL, 0xA02369B9L, 0x655ABB50L,
0x40685A32L, 0x3C2AB4B3L, 0x319EE9D5L, 0xC021B8F7L,
0x9B540B19L, 0x875FA099L, 0x95F7997EL, 0x623D7DA8L,
0xF837889AL, 0x97E32D77L, 0x11ED935FL, 0x16681281L,
0x0E358829L, 0xC7E61FD6L, 0x96DEDFA1L, 0x7858BA99L,
0x57F584A5L, 0x1B227263L, 0x9B83C3FFL, 0x1AC24696L,
0xCDB30AEBL, 0x532E3054L, 0x8FD948E4L, 0x6DBC3128L,
0x58EBF2EFL, 0x34C6FFEAL, 0xFE28ED61L, 0xEE7C3C73L,
0x5D4A14D9L, 0xE864B7E3L, 0x42105D14L, 0x203E13E0L,
0x45EEE2B6L, 0xA3AAABEAL, 0xDB6C4F15L, 0xFACB4FD0L,
0xC742F442L, 0xEF6ABBB5L, 0x654F3B1DL, 0x41CD2105L,
0xD81E799EL, 0x86854DC7L, 0xE44B476AL, 0x3D816250L,
0xCF62A1F2L, 0x5B8D2646L, 0xFC8883A0L, 0xC1C7B6A3L,
0x7F1524C3L, 0x69CB7492L, 0x47848A0BL, 0x5692B285L,
0x095BBF00L, 0xAD19489DL, 0x1462B174L, 0x23820E00L,
0x58428D2AL, 0x0C55F5EAL, 0x1DADF43EL, 0x233F7061L,
0x3372F092L, 0x8D937E41L, 0xD65FECF1L, 0x6C223BDBL,
0x7CDE3759L, 0xCBEE7460L, 0x4085F2A7L, 0xCE77326EL,
0xA6078084L, 0x19F8509EL, 0xE8EFD855L, 0x61D99735L,
0xA969A7AAL, 0xC50C06C2L, 0x5A04ABFCL, 0x800BCADCL,
0x9E447A2EL, 0xC3453484L, 0xFDD56705L, 0x0E1E9EC9L,
0xDB73DBD3L, 0x105588CDL, 0x675FDA79L, 0xE3674340L,
0xC5C43465L, 0x713E38D8L, 0x3D28F89EL, 0xF16DFF20L,
0x153E21E7L, 0x8FB03D4AL, 0xE6E39F2BL, 0xDB83ADF7L },
{ 0xE93D5A68L, 0x948140F7L, 0xF64C261CL, 0x94692934L,
0x411520F7L, 0x7602D4F7L, 0xBCF46B2EL, 0xD4A20068L,
0xD4082471L, 0x3320F46AL, 0x43B7D4B7L, 0x500061AFL,
0x1E39F62EL, 0x97244546L, 0x14214F74L, 0xBF8B8840L,
0x4D95FC1DL, 0x96B591AFL, 0x70F4DDD3L, 0x66A02F45L,
0xBFBC09ECL, 0x03BD9785L, 0x7FAC6DD0L, 0x31CB8504L,
0x96EB27B3L, 0x55FD3941L, 0xDA2547E6L, 0xABCA0A9AL,
0x28507825L, 0x530429F4L, 0x0A2C86DAL, 0xE9B66DFBL,
0x68DC1462L, 0xD7486900L, 0x680EC0A4L, 0x27A18DEEL,
0x4F3FFEA2L, 0xE887AD8CL, 0xB58CE006L, 0x7AF4D6B6L,
0xAACE1E7CL, 0xD3375FECL, 0xCE78A399L, 0x406B2A42L,
0x20FE9E35L, 0xD9F385B9L, 0xEE39D7ABL, 0x3B124E8BL,
0x1DC9FAF7L, 0x4B6D1856L, 0x26A36631L, 0xEAE397B2L,
0x3A6EFA74L, 0xDD5B4332L, 0x6841E7F7L, 0xCA7820FBL,
0xFB0AF54EL, 0xD8FEB397L, 0x454056ACL, 0xBA489527L,
0x55533A3AL, 0x20838D87L, 0xFE6BA9B7L, 0xD096954BL,
0x55A867BCL, 0xA1159A58L, 0xCCA92963L, 0x99E1DB33L,
0xA62A4A56L, 0x3F3125F9L, 0x5EF47E1CL, 0x9029317CL,
0xFDF8E802L, 0x04272F70L, 0x80BB155CL, 0x05282CE3L,
0x95C11548L, 0xE4C66D22L, 0x48C1133FL, 0xC70F86DCL,
0x07F9C9EEL, 0x41041F0FL, 0x404779A4L, 0x5D886E17L,
0x325F51EBL, 0xD59BC0D1L, 0xF2BCC18FL, 0x41113564L,
0x257B7834L, 0x602A9C60L, 0xDFF8E8A3L, 0x1F636C1BL,
0x0E12B4C2L, 0x02E1329EL, 0xAF664FD1L, 0xCAD18115L,
0x6B2395E0L, 0x333E92E1L, 0x3B240B62L, 0xEEBEB922L,
0x85B2A20EL, 0xE6BA0D99L, 0xDE720C8CL, 0x2DA2F728L,
0xD0127845L, 0x95B794FDL, 0x647D0862L, 0xE7CCF5F0L,
0x5449A36FL, 0x877D48FAL, 0xC39DFD27L, 0xF33E8D1EL,
0x0A476341L, 0x992EFF74L, 0x3A6F6EABL, 0xF4F8FD37L,
0xA812DC60L, 0xA1EBDDF8L, 0x991BE14CL, 0xDB6E6B0DL,
0xC67B5510L, 0x6D672C37L, 0x2765D43BL, 0xDCD0E804L,
0xF1290DC7L, 0xCC00FFA3L, 0xB5390F92L, 0x690FED0BL,
0x667B9FFBL, 0xCEDB7D9CL, 0xA091CF0BL, 0xD9155EA3L,
0xBB132F88L, 0x515BAD24L, 0x7B9479BFL, 0x763BD6EBL,
0x37392EB3L, 0xCC115979L, 0x8026E297L, 0xF42E312DL,
0x6842ADA7L, 0xC66A2B3BL, 0x12754CCCL, 0x782EF11CL,
0x6A124237L, 0xB79251E7L, 0x06A1BBE6L, 0x4BFB6350L,
0x1A6B1018L, 0x11CAEDFAL, 0x3D25BDD8L, 0xE2E1C3C9L,
0x44421659L, 0x0A121386L, 0xD90CEC6EL, 0xD5ABEA2AL,
0x64AF674EL, 0xDA86A85FL, 0xBEBFE988L, 0x64E4C3FEL,
0x9DBC8057L, 0xF0F7C086L, 0x60787BF8L, 0x6003604DL,
0xD1FD8346L, 0xF6381FB0L, 0x7745AE04L, 0xD736FCCCL,
0x83426B33L, 0xF01EAB71L, 0xB0804187L, 0x3C005E5FL,
0x77A057BEL, 0xBDE8AE24L, 0x55464299L, 0xBF582E61L,
0x4E58F48FL, 0xF2DDFDA2L, 0xF474EF38L, 0x8789BDC2L,
0x5366F9C3L, 0xC8B38E74L, 0xB475F255L, 0x46FCD9B9L,
0x7AEB2661L, 0x8B1DDF84L, 0x846A0E79L, 0x915F95E2L,
0x466E598EL, 0x20B45770L, 0x8CD55591L, 0xC902DE4CL,
0xB90BACE1L, 0xBB8205D0L, 0x11A86248L, 0x7574A99EL,
0xB77F19B6L, 0xE0A9DC09L, 0x662D09A1L, 0xC4324633L,
0xE85A1F02L, 0x09F0BE8CL, 0x4A99A025L, 0x1D6EFE10L,
0x1AB93D1DL, 0x0BA5A4DFL, 0xA186F20FL, 0x2868F169L,
0xDCB7DA83L, 0x573906FEL, 0xA1E2CE9BL, 0x4FCD7F52L,
0x50115E01L, 0xA70683FAL, 0xA002B5C4L, 0x0DE6D027L,
0x9AF88C27L, 0x773F8641L, 0xC3604C06L, 0x61A806B5L,
0xF0177A28L, 0xC0F586E0L, 0x006058AAL, 0x30DC7D62L,
0x11E69ED7L, 0x2338EA63L, 0x53C2DD94L, 0xC2C21634L,
0xBBCBEE56L, 0x90BCB6DEL, 0xEBFC7DA1L, 0xCE591D76L,
0x6F05E409L, 0x4B7C0188L, 0x39720A3DL, 0x7C927C24L,
0x86E3725FL, 0x724D9DB9L, 0x1AC15BB4L, 0xD39EB8FCL,
0xED545578L, 0x08FCA5B5L, 0xD83D7CD3L, 0x4DAD0FC4L,
0x1E50EF5EL, 0xB161E6F8L, 0xA28514D9L, 0x6C51133CL,
0x6FD5C7E7L, 0x56E14EC4L, 0x362ABFCEL, 0xDDC6C837L,
0xD79A3234L, 0x92638212L, 0x670EFA8EL, 0x406000E0L },
{ 0x3A39CE37L, 0xD3FAF5CFL, 0xABC27737L, 0x5AC52D1BL,
0x5CB0679EL, 0x4FA33742L, 0xD3822740L, 0x99BC9BBEL,
0xD5118E9DL, 0xBF0F7315L, 0xD62D1C7EL, 0xC700C47BL,
0xB78C1B6BL, 0x21A19045L, 0xB26EB1BEL, 0x6A366EB4L,
0x5748AB2FL, 0xBC946E79L, 0xC6A376D2L, 0x6549C2C8L,
0x530FF8EEL, 0x468DDE7DL, 0xD5730A1DL, 0x4CD04DC6L,
0x2939BBDBL, 0xA9BA4650L, 0xAC9526E8L, 0xBE5EE304L,
0xA1FAD5F0L, 0x6A2D519AL, 0x63EF8CE2L, 0x9A86EE22L,
0xC089C2B8L, 0x43242EF6L, 0xA51E03AAL, 0x9CF2D0A4L,
0x83C061BAL, 0x9BE96A4DL, 0x8FE51550L, 0xBA645BD6L,
0x2826A2F9L, 0xA73A3AE1L, 0x4BA99586L, 0xEF5562E9L,
0xC72FEFD3L, 0xF752F7DAL, 0x3F046F69L, 0x77FA0A59L,
0x80E4A915L, 0x87B08601L, 0x9B09E6ADL, 0x3B3EE593L,
0xE990FD5AL, 0x9E34D797L, 0x2CF0B7D9L, 0x022B8B51L,
0x96D5AC3AL, 0x017DA67DL, 0xD1CF3ED6L, 0x7C7D2D28L,
0x1F9F25CFL, 0xADF2B89BL, 0x5AD6B472L, 0x5A88F54CL,
0xE029AC71L, 0xE019A5E6L, 0x47B0ACFDL, 0xED93FA9BL,
0xE8D3C48DL, 0x283B57CCL, 0xF8D56629L, 0x79132E28L,
0x785F0191L, 0xED756055L, 0xF7960E44L, 0xE3D35E8CL,
0x15056DD4L, 0x88F46DBAL, 0x03A16125L, 0x0564F0BDL,
0xC3EB9E15L, 0x3C9057A2L, 0x97271AECL, 0xA93A072AL,
0x1B3F6D9BL, 0x1E6321F5L, 0xF59C66FBL, 0x26DCF319L,
0x7533D928L, 0xB155FDF5L, 0x03563482L, 0x8ABA3CBBL,
0x28517711L, 0xC20AD9F8L, 0xABCC5167L, 0xCCAD925FL,
0x4DE81751L, 0x3830DC8EL, 0x379D5862L, 0x9320F991L,
0xEA7A90C2L, 0xFB3E7BCEL, 0x5121CE64L, 0x774FBE32L,
0xA8B6E37EL, 0xC3293D46L, 0x48DE5369L, 0x6413E680L,
0xA2AE0810L, 0xDD6DB224L, 0x69852DFDL, 0x09072166L,
0xB39A460AL, 0x6445C0DDL, 0x586CDECFL, 0x1C20C8AEL,
0x5BBEF7DDL, 0x1B588D40L, 0xCCD2017FL, 0x6BB4E3BBL,
0xDDA26A7EL, 0x3A59FF45L, 0x3E350A44L, 0xBCB4CDD5L,
0x72EACEA8L, 0xFA6484BBL, 0x8D6612AEL, 0xBF3C6F47L,
0xD29BE463L, 0x542F5D9EL, 0xAEC2771BL, 0xF64E6370L,
0x740E0D8DL, 0xE75B1357L, 0xF8721671L, 0xAF537D5DL,
0x4040CB08L, 0x4EB4E2CCL, 0x34D2466AL, 0x0115AF84L,
0xE1B00428L, 0x95983A1DL, 0x06B89FB4L, 0xCE6EA048L,
0x6F3F3B82L, 0x3520AB82L, 0x011A1D4BL, 0x277227F8L,
0x611560B1L, 0xE7933FDCL, 0xBB3A792BL, 0x344525BDL,
0xA08839E1L, 0x51CE794BL, 0x2F32C9B7L, 0xA01FBAC9L,
0xE01CC87EL, 0xBCC7D1F6L, 0xCF0111C3L, 0xA1E8AAC7L,
0x1A908749L, 0xD44FBD9AL, 0xD0DADECBL, 0xD50ADA38L,
0x0339C32AL, 0xC6913667L, 0x8DF9317CL, 0xE0B12B4FL,
0xF79E59B7L, 0x43F5BB3AL, 0xF2D519FFL, 0x27D9459CL,
0xBF97222CL, 0x15E6FC2AL, 0x0F91FC71L, 0x9B941525L,
0xFAE59361L, 0xCEB69CEBL, 0xC2A86459L, 0x12BAA8D1L,
0xB6C1075EL, 0xE3056A0CL, 0x10D25065L, 0xCB03A442L,
0xE0EC6E0EL, 0x1698DB3BL, 0x4C98A0BEL, 0x3278E964L,
0x9F1F9532L, 0xE0D392DFL, 0xD3A0342BL, 0x8971F21EL,
0x1B0A7441L, 0x4BA3348CL, 0xC5BE7120L, 0xC37632D8L,
0xDF359F8DL, 0x9B992F2EL, 0xE60B6F47L, 0x0FE3F11DL,
0xE54CDA54L, 0x1EDAD891L, 0xCE6279CFL, 0xCD3E7E6FL,
0x1618B166L, 0xFD2C1D05L, 0x848FD2C5L, 0xF6FB2299L,
0xF523F357L, 0xA6327623L, 0x93A83531L, 0x56CCCD02L,
0xACF08162L, 0x5A75EBB5L, 0x6E163697L, 0x88D273CCL,
0xDE966292L, 0x81B949D0L, 0x4C50901BL, 0x71C65614L,
0xE6C6C7BDL, 0x327A140AL, 0x45E1D006L, 0xC3F27B9AL,
0xC9AA53FDL, 0x62A80F00L, 0xBB25BFE2L, 0x35BDD2F6L,
0x71126905L, 0xB2040222L, 0xB6CBCF7CL, 0xCD769C2BL,
0x53113EC0L, 0x1640E3D3L, 0x38ABBD60L, 0x2547ADF0L,
0xBA38209CL, 0xF746CE76L, 0x77AFA1C5L, 0x20756060L,
0x85CBFE4EL, 0x8AE88DD8L, 0x7AAAF9B0L, 0x4CF9AA7EL,
0x1948C25CL, 0x02FB8A8CL, 0x01C36AE4L, 0xD6EBE1F9L,
0x90D4F869L, 0xA65CDEA0L, 0x3F09252DL, 0xC208E69FL,
0xB74E6132L, 0xCE77E25BL, 0x578FDFE3L, 0x3AC372E6L }
};
#endif /* !POLARSSL_BLOWFISH_ALT */
#endif /* POLARSSL_BLOWFISH_C */

1073
Externals/polarssl/library/camellia.c vendored
View File

File diff suppressed because it is too large Load Diff

456
Externals/polarssl/library/ccm.c vendored
View File

@ -1,456 +0,0 @@
/*
* NIST SP800-38C compliant CCM implementation
*
* Copyright (C) 2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
/*
* Definition of CCM:
* http://csrc.nist.gov/publications/nistpubs/800-38C/SP800-38C_updated-July20_2007.pdf
* RFC 3610 "Counter with CBC-MAC (CCM)"
*
* Related:
* RFC 5116 "An Interface and Algorithms for Authenticated Encryption"
*/
#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#if defined(POLARSSL_CCM_C)
#include "polarssl/ccm.h"
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
#define CCM_ENCRYPT 0
#define CCM_DECRYPT 1
/*
* Initialize context
*/
int ccm_init( ccm_context *ctx, cipher_id_t cipher,
const unsigned char *key, unsigned int keysize )
{
int ret;
const cipher_info_t *cipher_info;
memset( ctx, 0, sizeof( ccm_context ) );
cipher_init( &ctx->cipher_ctx );
cipher_info = cipher_info_from_values( cipher, keysize, POLARSSL_MODE_ECB );
if( cipher_info == NULL )
return( POLARSSL_ERR_CCM_BAD_INPUT );
if( cipher_info->block_size != 16 )
return( POLARSSL_ERR_CCM_BAD_INPUT );
if( ( ret = cipher_init_ctx( &ctx->cipher_ctx, cipher_info ) ) != 0 )
return( ret );
if( ( ret = cipher_setkey( &ctx->cipher_ctx, key, keysize,
POLARSSL_ENCRYPT ) ) != 0 )
{
return( ret );
}
return( 0 );
}
/*
* Free context
*/
void ccm_free( ccm_context *ctx )
{
cipher_free( &ctx->cipher_ctx );
polarssl_zeroize( ctx, sizeof( ccm_context ) );
}
/*
* Macros for common operations.
* Results in smaller compiled code than static inline functions.
*/
/*
* Update the CBC-MAC state in y using a block in b
* (Always using b as the source helps the compiler optimise a bit better.)
*/
#define UPDATE_CBC_MAC \
for( i = 0; i < 16; i++ ) \
y[i] ^= b[i]; \
\
if( ( ret = cipher_update( &ctx->cipher_ctx, y, 16, y, &olen ) ) != 0 ) \
return( ret );
/*
* Encrypt or decrypt a partial block with CTR
* Warning: using b for temporary storage! src and dst must not be b!
* This avoids allocating one more 16 bytes buffer while allowing src == dst.
*/
#define CTR_CRYPT( dst, src, len ) \
if( ( ret = cipher_update( &ctx->cipher_ctx, ctr, 16, b, &olen ) ) != 0 ) \
return( ret ); \
\
for( i = 0; i < len; i++ ) \
dst[i] = src[i] ^ b[i];
/*
* Authenticated encryption or decryption
*/
static int ccm_auth_crypt( ccm_context *ctx, int mode, size_t length,
const unsigned char *iv, size_t iv_len,
const unsigned char *add, size_t add_len,
const unsigned char *input, unsigned char *output,
unsigned char *tag, size_t tag_len )
{
int ret;
unsigned char i;
unsigned char q = 16 - 1 - iv_len;
size_t len_left, olen;
unsigned char b[16];
unsigned char y[16];
unsigned char ctr[16];
const unsigned char *src;
unsigned char *dst;
/*
* Check length requirements: SP800-38C A.1
* Additional requirement: a < 2^16 - 2^8 to simplify the code.
* 'length' checked later (when writing it to the first block)
*/
if( tag_len < 4 || tag_len > 16 || tag_len % 2 != 0 )
return( POLARSSL_ERR_CCM_BAD_INPUT );
/* Also implies q is within bounds */
if( iv_len < 7 || iv_len > 13 )
return( POLARSSL_ERR_CCM_BAD_INPUT );
if( add_len > 0xFF00 )
return( POLARSSL_ERR_CCM_BAD_INPUT );
/*
* First block B_0:
* 0 .. 0 flags
* 1 .. iv_len nonce (aka iv)
* iv_len+1 .. 15 length
*
* With flags as (bits):
* 7 0
* 6 add present?
* 5 .. 3 (t - 2) / 2
* 2 .. 0 q - 1
*/
b[0] = 0;
b[0] |= ( add_len > 0 ) << 6;
b[0] |= ( ( tag_len - 2 ) / 2 ) << 3;
b[0] |= q - 1;
memcpy( b + 1, iv, iv_len );
for( i = 0, len_left = length; i < q; i++, len_left >>= 8 )
b[15-i] = (unsigned char)( len_left & 0xFF );
if( len_left > 0 )
return( POLARSSL_ERR_CCM_BAD_INPUT );
/* Start CBC-MAC with first block */
memset( y, 0, 16 );
UPDATE_CBC_MAC;
/*
* If there is additional data, update CBC-MAC with
* add_len, add, 0 (padding to a block boundary)
*/
if( add_len > 0 )
{
size_t use_len;
len_left = add_len;
src = add;
memset( b, 0, 16 );
b[0] = (unsigned char)( ( add_len >> 8 ) & 0xFF );
b[1] = (unsigned char)( ( add_len ) & 0xFF );
use_len = len_left < 16 - 2 ? len_left : 16 - 2;
memcpy( b + 2, src, use_len );
len_left -= use_len;
src += use_len;
UPDATE_CBC_MAC;
while( len_left > 0 )
{
use_len = len_left > 16 ? 16 : len_left;
memset( b, 0, 16 );
memcpy( b, src, use_len );
UPDATE_CBC_MAC;
len_left -= use_len;
src += use_len;
}
}
/*
* Prepare counter block for encryption:
* 0 .. 0 flags
* 1 .. iv_len nonce (aka iv)
* iv_len+1 .. 15 counter (initially 1)
*
* With flags as (bits):
* 7 .. 3 0
* 2 .. 0 q - 1
*/
ctr[0] = q - 1;
memcpy( ctr + 1, iv, iv_len );
memset( ctr + 1 + iv_len, 0, q );
ctr[15] = 1;
/*
* Authenticate and {en,de}crypt the message.
*
* The only difference between encryption and decryption is
* the respective order of authentication and {en,de}cryption.
*/
len_left = length;
src = input;
dst = output;
while( len_left > 0 )
{
unsigned char use_len = len_left > 16 ? 16 : len_left;
if( mode == CCM_ENCRYPT )
{
memset( b, 0, 16 );
memcpy( b, src, use_len );
UPDATE_CBC_MAC;
}
CTR_CRYPT( dst, src, use_len );
if( mode == CCM_DECRYPT )
{
memset( b, 0, 16 );
memcpy( b, dst, use_len );
UPDATE_CBC_MAC;
}
dst += use_len;
src += use_len;
len_left -= use_len;
/*
* Increment counter.
* No need to check for overflow thanks to the length check above.
*/
for( i = 0; i < q; i++ )
if( ++ctr[15-i] != 0 )
break;
}
/*
* Authentication: reset counter and crypt/mask internal tag
*/
for( i = 0; i < q; i++ )
ctr[15-i] = 0;
CTR_CRYPT( y, y, 16 );
memcpy( tag, y, tag_len );
return( 0 );
}
/*
* Authenticated encryption
*/
int ccm_encrypt_and_tag( ccm_context *ctx, size_t length,
const unsigned char *iv, size_t iv_len,
const unsigned char *add, size_t add_len,
const unsigned char *input, unsigned char *output,
unsigned char *tag, size_t tag_len )
{
return( ccm_auth_crypt( ctx, CCM_ENCRYPT, length, iv, iv_len,
add, add_len, input, output, tag, tag_len ) );
}
/*
* Authenticated decryption
*/
int ccm_auth_decrypt( ccm_context *ctx, size_t length,
const unsigned char *iv, size_t iv_len,
const unsigned char *add, size_t add_len,
const unsigned char *input, unsigned char *output,
const unsigned char *tag, size_t tag_len )
{
int ret;
unsigned char check_tag[16];
unsigned char i;
int diff;
if( ( ret = ccm_auth_crypt( ctx, CCM_DECRYPT, length,
iv, iv_len, add, add_len,
input, output, check_tag, tag_len ) ) != 0 )
{
return( ret );
}
/* Check tag in "constant-time" */
for( diff = 0, i = 0; i < tag_len; i++ )
diff |= tag[i] ^ check_tag[i];
if( diff != 0 )
{
polarssl_zeroize( output, length );
return( POLARSSL_ERR_CCM_AUTH_FAILED );
}
return( 0 );
}
#if defined(POLARSSL_SELF_TEST) && defined(POLARSSL_AES_C)
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#include <stdio.h>
#define polarssl_printf printf
#endif
/*
* Examples 1 to 3 from SP800-38C Appendix C
*/
#define NB_TESTS 3
/*
* The data is the same for all tests, only the used length changes
*/
static const unsigned char key[] = {
0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47,
0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f
};
static const unsigned char iv[] = {
0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
0x18, 0x19, 0x1a, 0x1b
};
static const unsigned char ad[] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
0x10, 0x11, 0x12, 0x13
};
static const unsigned char msg[] = {
0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
};
static const size_t iv_len [NB_TESTS] = { 7, 8, 12 };
static const size_t add_len[NB_TESTS] = { 8, 16, 20 };
static const size_t msg_len[NB_TESTS] = { 4, 16, 24 };
static const size_t tag_len[NB_TESTS] = { 4, 6, 8 };
static const unsigned char res[NB_TESTS][32] = {
{ 0x71, 0x62, 0x01, 0x5b, 0x4d, 0xac, 0x25, 0x5d },
{ 0xd2, 0xa1, 0xf0, 0xe0, 0x51, 0xea, 0x5f, 0x62,
0x08, 0x1a, 0x77, 0x92, 0x07, 0x3d, 0x59, 0x3d,
0x1f, 0xc6, 0x4f, 0xbf, 0xac, 0xcd },
{ 0xe3, 0xb2, 0x01, 0xa9, 0xf5, 0xb7, 0x1a, 0x7a,
0x9b, 0x1c, 0xea, 0xec, 0xcd, 0x97, 0xe7, 0x0b,
0x61, 0x76, 0xaa, 0xd9, 0xa4, 0x42, 0x8a, 0xa5,
0x48, 0x43, 0x92, 0xfb, 0xc1, 0xb0, 0x99, 0x51 }
};
int ccm_self_test( int verbose )
{
ccm_context ctx;
unsigned char out[32];
size_t i;
int ret;
if( ccm_init( &ctx, POLARSSL_CIPHER_ID_AES, key, 8 * sizeof key ) != 0 )
{
if( verbose != 0 )
polarssl_printf( " CCM: setup failed" );
return( 1 );
}
for( i = 0; i < NB_TESTS; i++ )
{
if( verbose != 0 )
polarssl_printf( " CCM-AES #%u: ", (unsigned int) i + 1 );
ret = ccm_encrypt_and_tag( &ctx, msg_len[i],
iv, iv_len[i], ad, add_len[i],
msg, out,
out + msg_len[i], tag_len[i] );
if( ret != 0 ||
memcmp( out, res[i], msg_len[i] + tag_len[i] ) != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
return( 1 );
}
ret = ccm_auth_decrypt( &ctx, msg_len[i],
iv, iv_len[i], ad, add_len[i],
res[i], out,
res[i] + msg_len[i], tag_len[i] );
if( ret != 0 ||
memcmp( out, msg, msg_len[i] ) != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
return( 1 );
}
if( verbose != 0 )
polarssl_printf( "passed\n" );
}
ccm_free( &ctx );
if( verbose != 0 )
polarssl_printf( "\n" );
return( 0 );
}
#endif /* POLARSSL_SELF_TEST && POLARSSL_AES_C */
#endif /* POLARSSL_CCM_C */

310
Externals/polarssl/library/certs.c vendored
View File

@ -1,310 +0,0 @@
/*
* X.509 test certificates
*
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#if defined(POLARSSL_CERTS_C)
#if defined(POLARSSL_ECDSA_C)
#define TEST_CA_CRT_EC \
"-----BEGIN CERTIFICATE-----\r\n" \
"MIICUjCCAdegAwIBAgIJAMFD4n5iQ8zoMAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT\r\n" \
"Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF\r\n" \
"QyBDQTAeFw0xMzA5MjQxNTQ5NDhaFw0yMzA5MjIxNTQ5NDhaMD4xCzAJBgNVBAYT\r\n" \
"Ak5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBF\r\n" \
"QyBDQTB2MBAGByqGSM49AgEGBSuBBAAiA2IABMPaKzRBN1gvh1b+/Im6KUNLTuBu\r\n" \
"ww5XUzM5WNRStJGVOQsj318XJGJI/BqVKc4sLYfCiFKAr9ZqqyHduNMcbli4yuiy\r\n" \
"aY7zQa0pw7RfdadHb9UZKVVpmlM7ILRmFmAzHqOBoDCBnTAdBgNVHQ4EFgQUnW0g\r\n" \
"JEkBPyvLeLUZvH4kydv7NnwwbgYDVR0jBGcwZYAUnW0gJEkBPyvLeLUZvH4kydv7\r\n" \
"NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEcMBoGA1UE\r\n" \
"AxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAwGA1UdEwQFMAMBAf8w\r\n" \
"CgYIKoZIzj0EAwIDaQAwZgIxAMO0YnNWKJUAfXgSJtJxexn4ipg+kv4znuR50v56\r\n" \
"t4d0PCu412mUC6Nnd7izvtE2MgIxAP1nnJQjZ8BWukszFQDG48wxCCyci9qpdSMv\r\n" \
"uCjn8pwUOkABXK8Mss90fzCfCEOtIA==\r\n" \
"-----END CERTIFICATE-----\r\n"
const char test_ca_crt_ec[] = TEST_CA_CRT_EC;
const char test_ca_key_ec[] =
"-----BEGIN EC PRIVATE KEY-----\r\n"
"Proc-Type: 4,ENCRYPTED\r\n"
"DEK-Info: DES-EDE3-CBC,307EAB469933D64E\r\n"
"\r\n"
"IxbrRmKcAzctJqPdTQLA4SWyBYYGYJVkYEna+F7Pa5t5Yg/gKADrFKcm6B72e7DG\r\n"
"ihExtZI648s0zdYw6qSJ74vrPSuWDe5qm93BqsfVH9svtCzWHW0pm1p0KTBCFfUq\r\n"
"UsuWTITwJImcnlAs1gaRZ3sAWm7cOUidL0fo2G0fYUFNcYoCSLffCFTEHBuPnagb\r\n"
"a77x/sY1Bvii8S9/XhDTb6pTMx06wzrm\r\n"
"-----END EC PRIVATE KEY-----\r\n";
const char test_ca_pwd_ec[] = "PolarSSLTest";
const char test_srv_crt_ec[] =
"-----BEGIN CERTIFICATE-----\r\n"
"MIICHzCCAaWgAwIBAgIBCTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G\r\n"
"A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN\r\n"
"MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjA0MQswCQYDVQQGEwJOTDERMA8G\r\n"
"A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG\r\n"
"CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA\r\n"
"2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd\r\n"
"BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB\r\n"
"PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh\r\n"
"clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG\r\n"
"CCqGSM49BAMCA2gAMGUCMQCaLFzXptui5WQN8LlO3ddh1hMxx6tzgLvT03MTVK2S\r\n"
"C12r0Lz3ri/moSEpNZWqPjkCMCE2f53GXcYLqyfyJR078c/xNSUU5+Xxl7VZ414V\r\n"
"fGa5kHvHARBPc8YAIVIqDvHH1Q==\r\n"
"-----END CERTIFICATE-----\r\n";
const char test_srv_key_ec[] =
"-----BEGIN EC PRIVATE KEY-----\r\n"
"MHcCAQEEIPEqEyB2AnCoPL/9U/YDHvdqXYbIogTywwyp6/UfDw6noAoGCCqGSM49\r\n"
"AwEHoUQDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO5QDYIxH/\r\n"
"6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/w==\r\n"
"-----END EC PRIVATE KEY-----\r\n";
const char test_cli_crt_ec[] =
"-----BEGIN CERTIFICATE-----\r\n"
"MIICLDCCAbKgAwIBAgIBDTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G\r\n"
"A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN\r\n"
"MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjBBMQswCQYDVQQGEwJOTDERMA8G\r\n"
"A1UEChMIUG9sYXJTU0wxHzAdBgNVBAMTFlBvbGFyU1NMIFRlc3QgQ2xpZW50IDIw\r\n"
"WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARX5a6xc9/TrLuTuIH/Eq7u5lOszlVT\r\n"
"9jQOzC7jYyUL35ji81xgNpbA1RgUcOV/n9VLRRjlsGzVXPiWj4dwo+THo4GdMIGa\r\n"
"MAkGA1UdEwQCMAAwHQYDVR0OBBYEFHoAX4Zk/OBd5REQO7LmO8QmP8/iMG4GA1Ud\r\n"
"IwRnMGWAFJ1tICRJAT8ry3i1Gbx+JMnb+zZ8oUKkQDA+MQswCQYDVQQGEwJOTDER\r\n"
"MA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0GC\r\n"
"CQDBQ+J+YkPM6DAKBggqhkjOPQQDAgNoADBlAjBKZQ17IIOimbmoD/yN7o89u3BM\r\n"
"lgOsjnhw3fIOoLIWy2WOGsk/LGF++DzvrRzuNiACMQCd8iem1XS4JK7haj8xocpU\r\n"
"LwjQje5PDGHfd3h9tP38Qknu5bJqws0md2KOKHyeV0U=\r\n"
"-----END CERTIFICATE-----\r\n";
const char test_cli_key_ec[] =
"-----BEGIN EC PRIVATE KEY-----\r\n"
"MHcCAQEEIPb3hmTxZ3/mZI3vyk7p3U3wBf+WIop6hDhkFzJhmLcqoAoGCCqGSM49\r\n"
"AwEHoUQDQgAEV+WusXPf06y7k7iB/xKu7uZTrM5VU/Y0Dswu42MlC9+Y4vNcYDaW\r\n"
"wNUYFHDlf5/VS0UY5bBs1Vz4lo+HcKPkxw==\r\n"
"-----END EC PRIVATE KEY-----\r\n";
#else
#define TEST_CA_CRT_EC
#endif /* POLARSSL_ECDSA_C */
#if defined(POLARSSL_RSA_C)
#define TEST_CA_CRT_RSA \
"-----BEGIN CERTIFICATE-----\r\n" \
"MIIDhzCCAm+gAwIBAgIBADANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER\r\n" \
"MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n" \
"MTEwMjEyMTQ0NDAwWhcNMjEwMjEyMTQ0NDAwWjA7MQswCQYDVQQGEwJOTDERMA8G\r\n" \
"A1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwggEiMA0G\r\n" \
"CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA3zf8F7vglp0/ht6WMn1EpRagzSHx\r\n" \
"mdTs6st8GFgIlKXsm8WL3xoemTiZhx57wI053zhdcHgH057Zk+i5clHFzqMwUqny\r\n" \
"50BwFMtEonILwuVA+T7lpg6z+exKY8C4KQB0nFc7qKUEkHHxvYPZP9al4jwqj+8n\r\n" \
"YMPGn8u67GB9t+aEMr5P+1gmIgNb1LTV+/Xjli5wwOQuvfwu7uJBVcA0Ln0kcmnL\r\n" \
"R7EUQIN9Z/SG9jGr8XmksrUuEvmEF/Bibyc+E1ixVA0hmnM3oTDPb5Lc9un8rNsu\r\n" \
"KNF+AksjoBXyOGVkCeoMbo4bF6BxyLObyavpw/LPh5aPgAIynplYb6LVAgMBAAGj\r\n" \
"gZUwgZIwDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUtFrkpbPe0lL2udWmlQ/rPrzH\r\n" \
"/f8wYwYDVR0jBFwwWoAUtFrkpbPe0lL2udWmlQ/rPrzH/f+hP6Q9MDsxCzAJBgNV\r\n" \
"BAYTAk5MMREwDwYDVQQKEwhQb2xhclNTTDEZMBcGA1UEAxMQUG9sYXJTU0wgVGVz\r\n" \
"dCBDQYIBADANBgkqhkiG9w0BAQUFAAOCAQEAuP1U2ABUkIslsCfdlc2i94QHHYeJ\r\n" \
"SsR4EdgHtdciUI5I62J6Mom+Y0dT/7a+8S6MVMCZP6C5NyNyXw1GWY/YR82XTJ8H\r\n" \
"DBJiCTok5DbZ6SzaONBzdWHXwWwmi5vg1dxn7YxrM9d0IjxM27WNKs4sDQhZBQkF\r\n" \
"pjmfs2cb4oPl4Y9T9meTx/lvdkRYEug61Jfn6cA+qHpyPYdTH+UshITnmp5/Ztkf\r\n" \
"m/UTSLBNFNHesiTZeH31NcxYGdHSme9Nc/gfidRa0FLOCfWxRlFqAI47zG9jAQCZ\r\n" \
"7Z2mCGDNMhjQc+BYcdnl0lPXjdDK6V0qCg1dVewhUBcW5gZKzV7e9+DpVA==\r\n" \
"-----END CERTIFICATE-----\r\n"
const char test_ca_crt_rsa[] = TEST_CA_CRT_RSA;
const char test_ca_key_rsa[] =
"-----BEGIN RSA PRIVATE KEY-----\r\n"
"Proc-Type: 4,ENCRYPTED\r\n"
"DEK-Info: DES-EDE3-CBC,A8A95B05D5B7206B\r\n"
"\r\n"
"9Qd9GeArejl1GDVh2lLV1bHt0cPtfbh5h/5zVpAVaFpqtSPMrElp50Rntn9et+JA\r\n"
"7VOyboR+Iy2t/HU4WvA687k3Bppe9GwKHjHhtl//8xFKwZr3Xb5yO5JUP8AUctQq\r\n"
"Nb8CLlZyuUC+52REAAthdWgsX+7dJO4yabzUcQ22Tp9JSD0hiL43BlkWYUNK3dAo\r\n"
"PZlmiptjnzVTjg1MxsBSydZinWOLBV8/JQgxSPo2yD4uEfig28qbvQ2wNIn0pnAb\r\n"
"GxnSAOazkongEGfvcjIIs+LZN9gXFhxcOh6kc4Q/c99B7QWETwLLkYgZ+z1a9VY9\r\n"
"gEU7CwCxYCD+h9hY6FPmsK0/lC4O7aeRKpYq00rPPxs6i7phiexg6ax6yTMmArQq\r\n"
"QmK3TAsJm8V/J5AWpLEV6jAFgRGymGGHnof0DXzVWZidrcZJWTNuGEX90nB3ee2w\r\n"
"PXJEFWKoD3K3aFcSLdHYr3mLGxP7H9ThQai9VsycxZKS5kwvBKQ//YMrmFfwPk8x\r\n"
"vTeY4KZMaUrveEel5tWZC94RSMKgxR6cyE1nBXyTQnDOGbfpNNgBKxyKbINWoOJU\r\n"
"WJZAwlsQn+QzCDwpri7+sV1mS3gBE6UY7aQmnmiiaC2V3Hbphxct/en5QsfDOt1X\r\n"
"JczSfpRWLlbPznZg8OQh/VgCMA58N5DjOzTIK7sJJ5r+94ZBTCpgAMbF588f0NTR\r\n"
"KCe4yrxGJR7X02M4nvD4IwOlpsQ8xQxZtOSgXv4LkxvdU9XJJKWZ/XNKJeWztxSe\r\n"
"Z1vdTc2YfsDBA2SEv33vxHx2g1vqtw8SjDRT2RaQSS0QuSaMJimdOX6mTOCBKk1J\r\n"
"9Q5mXTrER+/LnK0jEmXsBXWA5bqqVZIyahXSx4VYZ7l7w/PHiUDtDgyRhMMKi4n2\r\n"
"iQvQcWSQTjrpnlJbca1/DkpRt3YwrvJwdqb8asZU2VrNETh5x0QVefDRLFiVpif/\r\n"
"tUaeAe/P1F8OkS7OIZDs1SUbv/sD2vMbhNkUoCms3/PvNtdnvgL4F0zhaDpKCmlT\r\n"
"P8vx49E7v5CyRNmED9zZg4o3wmMqrQO93PtTug3Eu9oVx1zPQM1NVMyBa2+f29DL\r\n"
"1nuTCeXdo9+ni45xx+jAI4DCwrRdhJ9uzZyC6962H37H6D+5naNvClFR1s6li1Gb\r\n"
"nqPoiy/OBsEx9CaDGcqQBp5Wme/3XW+6z1ISOx+igwNTVCT14mHdBMbya0eIKft5\r\n"
"X+GnwtgEMyCYyyWuUct8g4RzErcY9+yW9Om5Hzpx4zOuW4NPZgPDTgK+t2RSL/Yq\r\n"
"rE1njrgeGYcVeG3f+OftH4s6fPbq7t1A5ZgUscbLMBqr9tK+OqygR4EgKBPsH6Cz\r\n"
"L6zlv/2RV0qAHvVuDJcIDIgwY5rJtINEm32rhOeFNJwZS5MNIC1czXZx5//ugX7l\r\n"
"I4sy5nbVhwSjtAk8Xg5dZbdTZ6mIrb7xqH+fdakZor1khG7bC2uIwibD3cSl2XkR\r\n"
"wN48lslbHnqqagr6Xm1nNOSVl8C/6kbJEsMpLhAezfRtGwvOucoaE+WbeUNolGde\r\n"
"P/eQiddSf0brnpiLJRh7qZrl9XuqYdpUqnoEdMAfotDOID8OtV7gt8a48ad8VPW2\r\n"
"-----END RSA PRIVATE KEY-----\r\n";
const char test_ca_pwd_rsa[] = "PolarSSLTest";
const char test_srv_crt_rsa[] =
"-----BEGIN CERTIFICATE-----\r\n"
"MIIDNzCCAh+gAwIBAgIBAjANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER\r\n"
"MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n"
"MTEwMjEyMTQ0NDA2WhcNMjEwMjEyMTQ0NDA2WjA0MQswCQYDVQQGEwJOTDERMA8G\r\n"
"A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN\r\n"
"AQEBBQADggEPADCCAQoCggEBAMFNo93nzR3RBNdJcriZrA545Do8Ss86ExbQWuTN\r\n"
"owCIp+4ea5anUrSQ7y1yej4kmvy2NKwk9XfgJmSMnLAofaHa6ozmyRyWvP7BBFKz\r\n"
"NtSj+uGxdtiQwWG0ZlI2oiZTqqt0Xgd9GYLbKtgfoNkNHC1JZvdbJXNG6AuKT2kM\r\n"
"tQCQ4dqCEGZ9rlQri2V5kaHiYcPNQEkI7mgM8YuG0ka/0LiqEQMef1aoGh5EGA8P\r\n"
"hYvai0Re4hjGYi/HZo36Xdh98yeJKQHFkA4/J/EwyEoO79bex8cna8cFPXrEAjya\r\n"
"HT4P6DSYW8tzS1KW2BGiLICIaTla0w+w3lkvEcf36hIBMJcCAwEAAaNNMEswCQYD\r\n"
"VR0TBAIwADAdBgNVHQ4EFgQUpQXoZLjc32APUBJNYKhkr02LQ5MwHwYDVR0jBBgw\r\n"
"FoAUtFrkpbPe0lL2udWmlQ/rPrzH/f8wDQYJKoZIhvcNAQEFBQADggEBAJxnXClY\r\n"
"oHkbp70cqBrsGXLybA74czbO5RdLEgFs7rHVS9r+c293luS/KdliLScZqAzYVylw\r\n"
"UfRWvKMoWhHYKp3dEIS4xTXk6/5zXxhv9Rw8SGc8qn6vITHk1S1mPevtekgasY5Y\r\n"
"iWQuM3h4YVlRH3HHEMAD1TnAexfXHHDFQGe+Bd1iAbz1/sH9H8l4StwX6egvTK3M\r\n"
"wXRwkKkvjKaEDA9ATbZx0mI8LGsxSuCqe9r9dyjmttd47J1p1Rulz3CLzaRcVIuS\r\n"
"RRQfaD8neM9c1S/iJ/amTVqJxA1KOdOS5780WhPfSArA+g4qAmSjelc3p4wWpha8\r\n"
"zhuYwjVuX6JHG0c=\r\n"
"-----END CERTIFICATE-----\r\n";
const char test_srv_key_rsa[] =
"-----BEGIN RSA PRIVATE KEY-----\r\n"
"MIIEpAIBAAKCAQEAwU2j3efNHdEE10lyuJmsDnjkOjxKzzoTFtBa5M2jAIin7h5r\r\n"
"lqdStJDvLXJ6PiSa/LY0rCT1d+AmZIycsCh9odrqjObJHJa8/sEEUrM21KP64bF2\r\n"
"2JDBYbRmUjaiJlOqq3ReB30Zgtsq2B+g2Q0cLUlm91slc0boC4pPaQy1AJDh2oIQ\r\n"
"Zn2uVCuLZXmRoeJhw81ASQjuaAzxi4bSRr/QuKoRAx5/VqgaHkQYDw+Fi9qLRF7i\r\n"
"GMZiL8dmjfpd2H3zJ4kpAcWQDj8n8TDISg7v1t7HxydrxwU9esQCPJodPg/oNJhb\r\n"
"y3NLUpbYEaIsgIhpOVrTD7DeWS8Rx/fqEgEwlwIDAQABAoIBAQCXR0S8EIHFGORZ\r\n"
"++AtOg6eENxD+xVs0f1IeGz57Tjo3QnXX7VBZNdj+p1ECvhCE/G7XnkgU5hLZX+G\r\n"
"Z0jkz/tqJOI0vRSdLBbipHnWouyBQ4e/A1yIJdlBtqXxJ1KE/ituHRbNc4j4kL8Z\r\n"
"/r6pvwnTI0PSx2Eqs048YdS92LT6qAv4flbNDxMn2uY7s4ycS4Q8w1JXnCeaAnYm\r\n"
"WYI5wxO+bvRELR2Mcz5DmVnL8jRyml6l6582bSv5oufReFIbyPZbQWlXgYnpu6He\r\n"
"GTc7E1zKYQGG/9+DQUl/1vQuCPqQwny0tQoX2w5tdYpdMdVm+zkLtbajzdTviJJa\r\n"
"TWzL6lt5AoGBAN86+SVeJDcmQJcv4Eq6UhtRr4QGMiQMz0Sod6ettYxYzMgxtw28\r\n"
"CIrgpozCc+UaZJLo7UxvC6an85r1b2nKPCLQFaggJ0H4Q0J/sZOhBIXaoBzWxveK\r\n"
"nupceKdVxGsFi8CDy86DBfiyFivfBj+47BbaQzPBj7C4rK7UlLjab2rDAoGBAN2u\r\n"
"AM2gchoFiu4v1HFL8D7lweEpi6ZnMJjnEu/dEgGQJFjwdpLnPbsj4c75odQ4Gz8g\r\n"
"sw9lao9VVzbusoRE/JGI4aTdO0pATXyG7eG1Qu+5Yc1YGXcCrliA2xM9xx+d7f+s\r\n"
"mPzN+WIEg5GJDYZDjAzHG5BNvi/FfM1C9dOtjv2dAoGAF0t5KmwbjWHBhcVqO4Ic\r\n"
"BVvN3BIlc1ue2YRXEDlxY5b0r8N4XceMgKmW18OHApZxfl8uPDauWZLXOgl4uepv\r\n"
"whZC3EuWrSyyICNhLY21Ah7hbIEBPF3L3ZsOwC+UErL+dXWLdB56Jgy3gZaBeW7b\r\n"
"vDrEnocJbqCm7IukhXHOBK8CgYEAwqdHB0hqyNSzIOGY7v9abzB6pUdA3BZiQvEs\r\n"
"3LjHVd4HPJ2x0N8CgrBIWOE0q8+0hSMmeE96WW/7jD3fPWwCR5zlXknxBQsfv0gP\r\n"
"3BC5PR0Qdypz+d+9zfMf625kyit4T/hzwhDveZUzHnk1Cf+IG7Q+TOEnLnWAWBED\r\n"
"ISOWmrUCgYAFEmRxgwAc/u+D6t0syCwAYh6POtscq9Y0i9GyWk89NzgC4NdwwbBH\r\n"
"4AgahOxIxXx2gxJnq3yfkJfIjwf0s2DyP0kY2y6Ua1OeomPeY9mrIS4tCuDQ6LrE\r\n"
"TB6l9VGoxJL4fyHnZb8L5gGvnB1bbD8cL6YPaDiOhcRseC9vBiEuVg==\r\n"
"-----END RSA PRIVATE KEY-----\r\n";
const char test_cli_crt_rsa[] =
"-----BEGIN CERTIFICATE-----\r\n"
"MIIDPzCCAiegAwIBAgIBBDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER\r\n"
"MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n"
"MTEwMjEyMTQ0NDA3WhcNMjEwMjEyMTQ0NDA3WjA8MQswCQYDVQQGEwJOTDERMA8G\r\n"
"A1UEChMIUG9sYXJTU0wxGjAYBgNVBAMTEVBvbGFyU1NMIENsaWVudCAyMIIBIjAN\r\n"
"BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHTEzLn5tXnpRdkUYLB9u5Pyax6f\r\n"
"M60Nj4o8VmXl3ETZzGaFB9X4J7BKNdBjngpuG7fa8H6r7gwQk4ZJGDTzqCrSV/Uu\r\n"
"1C93KYRhTYJQj6eVSHD1bk2y1RPD0hrt5kPqQhTrdOrA7R/UV06p86jt0uDBMHEw\r\n"
"MjDV0/YI0FZPRo7yX/k9Z5GIMC5Cst99++UMd//sMcB4j7/Cf8qtbCHWjdmLao5v\r\n"
"4Jv4EFbMs44TFeY0BGbH7vk2DmqV9gmaBmf0ZXH4yqSxJeD+PIs1BGe64E92hfx/\r\n"
"/DZrtenNLQNiTrM9AM+vdqBpVoNq0qjU51Bx5rU2BXcFbXvI5MT9TNUhXwIDAQAB\r\n"
"o00wSzAJBgNVHRMEAjAAMB0GA1UdDgQWBBRxoQBzckAvVHZeM/xSj7zx3WtGITAf\r\n"
"BgNVHSMEGDAWgBS0WuSls97SUva51aaVD+s+vMf9/zANBgkqhkiG9w0BAQUFAAOC\r\n"
"AQEAAn86isAM8X+mVwJqeItt6E9slhEQbAofyk+diH1Lh8Y9iLlWQSKbw/UXYjx5\r\n"
"LLPZcniovxIcARC/BjyZR9g3UwTHNGNm+rwrqa15viuNOFBchykX/Orsk02EH7NR\r\n"
"Alw5WLPorYjED6cdVQgBl9ot93HdJogRiXCxErM7NC8/eP511mjq+uLDjLKH8ZPQ\r\n"
"8I4ekHJnroLsDkIwXKGIsvIBHQy2ac/NwHLCQOK6mfum1pRx52V4Utu5dLLjD5bM\r\n"
"xOBC7KU4xZKuMXXZM6/93Yb51K/J4ahf1TxJlTWXtnzDr9saEYdNy2SKY/6ZiDNH\r\n"
"D+stpAKiQLAWaAusIWKYEyw9MQ==\r\n"
"-----END CERTIFICATE-----\r\n";
const char test_cli_key_rsa[] =
"-----BEGIN RSA PRIVATE KEY-----\r\n"
"MIIEpAIBAAKCAQEAyHTEzLn5tXnpRdkUYLB9u5Pyax6fM60Nj4o8VmXl3ETZzGaF\r\n"
"B9X4J7BKNdBjngpuG7fa8H6r7gwQk4ZJGDTzqCrSV/Uu1C93KYRhTYJQj6eVSHD1\r\n"
"bk2y1RPD0hrt5kPqQhTrdOrA7R/UV06p86jt0uDBMHEwMjDV0/YI0FZPRo7yX/k9\r\n"
"Z5GIMC5Cst99++UMd//sMcB4j7/Cf8qtbCHWjdmLao5v4Jv4EFbMs44TFeY0BGbH\r\n"
"7vk2DmqV9gmaBmf0ZXH4yqSxJeD+PIs1BGe64E92hfx//DZrtenNLQNiTrM9AM+v\r\n"
"dqBpVoNq0qjU51Bx5rU2BXcFbXvI5MT9TNUhXwIDAQABAoIBAGdNtfYDiap6bzst\r\n"
"yhCiI8m9TtrhZw4MisaEaN/ll3XSjaOG2dvV6xMZCMV+5TeXDHOAZnY18Yi18vzz\r\n"
"4Ut2TnNFzizCECYNaA2fST3WgInnxUkV3YXAyP6CNxJaCmv2aA0yFr2kFVSeaKGt\r\n"
"ymvljNp2NVkvm7Th8fBQBO7I7AXhz43k0mR7XmPgewe8ApZOG3hstkOaMvbWAvWA\r\n"
"zCZupdDjZYjOJqlA4eEA4H8/w7F83r5CugeBE8LgEREjLPiyejrU5H1fubEY+h0d\r\n"
"l5HZBJ68ybTXfQ5U9o/QKA3dd0toBEhhdRUDGzWtjvwkEQfqF1reGWj/tod/gCpf\r\n"
"DFi6X0ECgYEA4wOv/pjSC3ty6TuOvKX2rOUiBrLXXv2JSxZnMoMiWI5ipLQt+RYT\r\n"
"VPafL/m7Dn6MbwjayOkcZhBwk5CNz5A6Q4lJ64Mq/lqHznRCQQ2Mc1G8eyDF/fYL\r\n"
"Ze2pLvwP9VD5jTc2miDfw+MnvJhywRRLcemDFP8k4hQVtm8PMp3ZmNECgYEA4gz7\r\n"
"wzObR4gn8ibe617uQPZjWzUj9dUHYd+in1gwBCIrtNnaRn9I9U/Q6tegRYpii4ys\r\n"
"c176NmU+umy6XmuSKV5qD9bSpZWG2nLFnslrN15Lm3fhZxoeMNhBaEDTnLT26yoi\r\n"
"33gp0mSSWy94ZEqipms+ULF6sY1ZtFW6tpGFoy8CgYAQHhnnvJflIs2ky4q10B60\r\n"
"ZcxFp3rtDpkp0JxhFLhiizFrujMtZSjYNm5U7KkgPVHhLELEUvCmOnKTt4ap/vZ0\r\n"
"BxJNe1GZH3pW6SAvGDQpl9sG7uu/vTFP+lCxukmzxB0DrrDcvorEkKMom7ZCCRvW\r\n"
"KZsZ6YeH2Z81BauRj218kQKBgQCUV/DgKP2985xDTT79N08jUo3hTP5MVYCCuj/+\r\n"
"UeEw1TvZcx3LJby7P6Xad6a1/BqveaGyFKIfEFIaBUBItk801sDDpDaYc4gL00Xc\r\n"
"7lFuBHOZkxJYlss5QrGpuOEl9ZwUt5IrFLBdYaKqNHzNVC1pCPfb/JyH6Dr2HUxq\r\n"
"gxUwAQKBgQCcU6G2L8AG9d9c0UpOyL1tMvFe5Ttw0KjlQVdsh1MP6yigYo9DYuwu\r\n"
"bHFVW2r0dBTqegP2/KTOxKzaHfC1qf0RGDsUoJCNJrd1cwoCLG8P2EF4w3OBrKqv\r\n"
"8u4ytY0F+Vlanj5lm3TaoHSVF1+NWPyOTiwevIECGKwSxvlki4fDAA==\r\n"
"-----END RSA PRIVATE KEY-----\r\n";
#else
#define TEST_CA_CRT_RSA
#endif /* POLARSSL_RSA_C */
#if defined(POLARSSL_DHM_C)
const char test_dhm_params[] =
"-----BEGIN DH PARAMETERS-----\r\n"
"MIGHAoGBAJ419DBEOgmQTzo5qXl5fQcN9TN455wkOL7052HzxxRVMyhYmwQcgJvh\r\n"
"1sa18fyfR9OiVEMYglOpkqVoGLN7qd5aQNNi5W7/C+VBdHTBJcGZJyyP5B3qcz32\r\n"
"9mLJKudlVudV0Qxk5qUJaPZ/xupz0NyoVpviuiBOI1gNi8ovSXWzAgEC\r\n"
"-----END DH PARAMETERS-----\r\n";
#endif
/* Concatenation of all available CA certificates */
const char test_ca_list[] = TEST_CA_CRT_RSA TEST_CA_CRT_EC;
#if defined(POLARSSL_RSA_C)
const char *test_ca_crt = test_ca_crt_rsa;
const char *test_ca_key = test_ca_key_rsa;
const char *test_ca_pwd = test_ca_pwd_rsa;
const char *test_srv_crt = test_srv_crt_rsa;
const char *test_srv_key = test_srv_key_rsa;
const char *test_cli_crt = test_cli_crt_rsa;
const char *test_cli_key = test_cli_key_rsa;
#else /* ! POLARSSL_RSA_C, so POLARSSL_ECDSA_C */
const char *test_ca_crt = test_ca_crt_ec;
const char *test_ca_key = test_ca_key_ec;
const char *test_ca_pwd = test_ca_pwd_ec;
const char *test_srv_crt = test_srv_crt_ec;
const char *test_srv_key = test_srv_key_ec;
const char *test_cli_crt = test_cli_crt_ec;
const char *test_cli_key = test_cli_key_ec;
#endif /* POLARSSL_RSA_C */
#endif /* POLARSSL_CERTS_C */

917
Externals/polarssl/library/cipher.c vendored
View File

@ -1,917 +0,0 @@
/**
* \file cipher.c
*
* \brief Generic cipher wrapper for PolarSSL
*
* \author Adriaan de Jong <dejong@fox-it.com>
*
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#if defined(POLARSSL_CIPHER_C)
#include "polarssl/cipher.h"
#include "polarssl/cipher_wrap.h"
#if defined(POLARSSL_GCM_C)
#include "polarssl/gcm.h"
#endif
#if defined(POLARSSL_CCM_C)
#include "polarssl/ccm.h"
#endif
#include <stdlib.h>
#if defined(POLARSSL_ARC4_C) || defined(POLARSSL_CIPHER_NULL_CIPHER)
#define POLARSSL_CIPHER_MODE_STREAM
#endif
#if defined(_MSC_VER) && !defined strcasecmp && !defined(EFIX64) && \
!defined(EFI32)
#define strcasecmp _stricmp
#endif
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
static int supported_init = 0;
const int *cipher_list( void )
{
const cipher_definition_t *def;
int *type;
if( ! supported_init )
{
def = cipher_definitions;
type = supported_ciphers;
while( def->type != 0 )
*type++ = (*def++).type;
*type = 0;
supported_init = 1;
}
return( supported_ciphers );
}
const cipher_info_t *cipher_info_from_type( const cipher_type_t cipher_type )
{
const cipher_definition_t *def;
for( def = cipher_definitions; def->info != NULL; def++ )
if( def->type == cipher_type )
return( def->info );
return( NULL );
}
const cipher_info_t *cipher_info_from_string( const char *cipher_name )
{
const cipher_definition_t *def;
if( NULL == cipher_name )
return( NULL );
for( def = cipher_definitions; def->info != NULL; def++ )
if( ! strcasecmp( def->info->name, cipher_name ) )
return( def->info );
return( NULL );
}
const cipher_info_t *cipher_info_from_values( const cipher_id_t cipher_id,
int key_length,
const cipher_mode_t mode )
{
const cipher_definition_t *def;
for( def = cipher_definitions; def->info != NULL; def++ )
if( def->info->base->cipher == cipher_id &&
def->info->key_length == (unsigned) key_length &&
def->info->mode == mode )
return( def->info );
return( NULL );
}
void cipher_init( cipher_context_t *ctx )
{
memset( ctx, 0, sizeof( cipher_context_t ) );
}
void cipher_free( cipher_context_t *ctx )
{
if( ctx == NULL )
return;
if( ctx->cipher_ctx )
ctx->cipher_info->base->ctx_free_func( ctx->cipher_ctx );
polarssl_zeroize( ctx, sizeof(cipher_context_t) );
}
int cipher_init_ctx( cipher_context_t *ctx, const cipher_info_t *cipher_info )
{
if( NULL == cipher_info || NULL == ctx )
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
memset( ctx, 0, sizeof( cipher_context_t ) );
if( NULL == ( ctx->cipher_ctx = cipher_info->base->ctx_alloc_func() ) )
return( POLARSSL_ERR_CIPHER_ALLOC_FAILED );
ctx->cipher_info = cipher_info;
#if defined(POLARSSL_CIPHER_MODE_WITH_PADDING)
/*
* Ignore possible errors caused by a cipher mode that doesn't use padding
*/
#if defined(POLARSSL_CIPHER_PADDING_PKCS7)
(void) cipher_set_padding_mode( ctx, POLARSSL_PADDING_PKCS7 );
#else
(void) cipher_set_padding_mode( ctx, POLARSSL_PADDING_NONE );
#endif
#endif /* POLARSSL_CIPHER_MODE_WITH_PADDING */
return( 0 );
}
/* Deprecated, redirects to cipher_free() */
int cipher_free_ctx( cipher_context_t *ctx )
{
cipher_free( ctx );
return( 0 );
}
int cipher_setkey( cipher_context_t *ctx, const unsigned char *key,
int key_length, const operation_t operation )
{
if( NULL == ctx || NULL == ctx->cipher_info )
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
if( ( ctx->cipher_info->flags & POLARSSL_CIPHER_VARIABLE_KEY_LEN ) == 0 &&
(int) ctx->cipher_info->key_length != key_length )
{
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
}
ctx->key_length = key_length;
ctx->operation = operation;
/*
* For CFB and CTR mode always use the encryption key schedule
*/
if( POLARSSL_ENCRYPT == operation ||
POLARSSL_MODE_CFB == ctx->cipher_info->mode ||
POLARSSL_MODE_CTR == ctx->cipher_info->mode )
{
return ctx->cipher_info->base->setkey_enc_func( ctx->cipher_ctx, key,
ctx->key_length );
}
if( POLARSSL_DECRYPT == operation )
return ctx->cipher_info->base->setkey_dec_func( ctx->cipher_ctx, key,
ctx->key_length );
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
}
int cipher_set_iv( cipher_context_t *ctx,
const unsigned char *iv, size_t iv_len )
{
size_t actual_iv_size;
if( NULL == ctx || NULL == ctx->cipher_info || NULL == iv )
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
/* avoid buffer overflow in ctx->iv */
if( iv_len > POLARSSL_MAX_IV_LENGTH )
return( POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE );
if( ( ctx->cipher_info->flags & POLARSSL_CIPHER_VARIABLE_IV_LEN ) != 0 )
actual_iv_size = iv_len;
else
{
actual_iv_size = ctx->cipher_info->iv_size;
/* avoid reading past the end of input buffer */
if( actual_iv_size > iv_len )
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
}
memcpy( ctx->iv, iv, actual_iv_size );
ctx->iv_size = actual_iv_size;
return( 0 );
}
int cipher_reset( cipher_context_t *ctx )
{
if( NULL == ctx || NULL == ctx->cipher_info )
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
ctx->unprocessed_len = 0;
return( 0 );
}
#if defined(POLARSSL_GCM_C)
int cipher_update_ad( cipher_context_t *ctx,
const unsigned char *ad, size_t ad_len )
{
if( NULL == ctx || NULL == ctx->cipher_info )
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
if( POLARSSL_MODE_GCM == ctx->cipher_info->mode )
{
return gcm_starts( (gcm_context *) ctx->cipher_ctx, ctx->operation,
ctx->iv, ctx->iv_size, ad, ad_len );
}
return( 0 );
}
#endif /* POLARSSL_GCM_C */
int cipher_update( cipher_context_t *ctx, const unsigned char *input,
size_t ilen, unsigned char *output, size_t *olen )
{
int ret;
if( NULL == ctx || NULL == ctx->cipher_info || NULL == olen )
{
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
}
*olen = 0;
if( ctx->cipher_info->mode == POLARSSL_MODE_ECB )
{
if( ilen != cipher_get_block_size( ctx ) )
return( POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED );
*olen = ilen;
if( 0 != ( ret = ctx->cipher_info->base->ecb_func( ctx->cipher_ctx,
ctx->operation, input, output ) ) )
{
return( ret );
}
return( 0 );
}
#if defined(POLARSSL_GCM_C)
if( ctx->cipher_info->mode == POLARSSL_MODE_GCM )
{
*olen = ilen;
return gcm_update( (gcm_context *) ctx->cipher_ctx, ilen, input,
output );
}
#endif
if( input == output &&
( ctx->unprocessed_len != 0 || ilen % cipher_get_block_size( ctx ) ) )
{
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
}
#if defined(POLARSSL_CIPHER_MODE_CBC)
if( ctx->cipher_info->mode == POLARSSL_MODE_CBC )
{
size_t copy_len = 0;
/*
* If there is not enough data for a full block, cache it.
*/
if( ( ctx->operation == POLARSSL_DECRYPT &&
ilen + ctx->unprocessed_len <= cipher_get_block_size( ctx ) ) ||
( ctx->operation == POLARSSL_ENCRYPT &&
ilen + ctx->unprocessed_len < cipher_get_block_size( ctx ) ) )
{
memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ), input,
ilen );
ctx->unprocessed_len += ilen;
return( 0 );
}
/*
* Process cached data first
*/
if( ctx->unprocessed_len != 0 )
{
copy_len = cipher_get_block_size( ctx ) - ctx->unprocessed_len;
memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ), input,
copy_len );
if( 0 != ( ret = ctx->cipher_info->base->cbc_func( ctx->cipher_ctx,
ctx->operation, cipher_get_block_size( ctx ), ctx->iv,
ctx->unprocessed_data, output ) ) )
{
return( ret );
}
*olen += cipher_get_block_size( ctx );
output += cipher_get_block_size( ctx );
ctx->unprocessed_len = 0;
input += copy_len;
ilen -= copy_len;
}
/*
* Cache final, incomplete block
*/
if( 0 != ilen )
{
copy_len = ilen % cipher_get_block_size( ctx );
if( copy_len == 0 && ctx->operation == POLARSSL_DECRYPT )
copy_len = cipher_get_block_size( ctx );
memcpy( ctx->unprocessed_data, &( input[ilen - copy_len] ),
copy_len );
ctx->unprocessed_len += copy_len;
ilen -= copy_len;
}
/*
* Process remaining full blocks
*/
if( ilen )
{
if( 0 != ( ret = ctx->cipher_info->base->cbc_func( ctx->cipher_ctx,
ctx->operation, ilen, ctx->iv, input, output ) ) )
{
return( ret );
}
*olen += ilen;
}
return( 0 );
}
#endif /* POLARSSL_CIPHER_MODE_CBC */
#if defined(POLARSSL_CIPHER_MODE_CFB)
if( ctx->cipher_info->mode == POLARSSL_MODE_CFB )
{
if( 0 != ( ret = ctx->cipher_info->base->cfb_func( ctx->cipher_ctx,
ctx->operation, ilen, &ctx->unprocessed_len, ctx->iv,
input, output ) ) )
{
return( ret );
}
*olen = ilen;
return( 0 );
}
#endif /* POLARSSL_CIPHER_MODE_CFB */
#if defined(POLARSSL_CIPHER_MODE_CTR)
if( ctx->cipher_info->mode == POLARSSL_MODE_CTR )
{
if( 0 != ( ret = ctx->cipher_info->base->ctr_func( ctx->cipher_ctx,
ilen, &ctx->unprocessed_len, ctx->iv,
ctx->unprocessed_data, input, output ) ) )
{
return( ret );
}
*olen = ilen;
return( 0 );
}
#endif /* POLARSSL_CIPHER_MODE_CTR */
#if defined(POLARSSL_CIPHER_MODE_STREAM)
if( ctx->cipher_info->mode == POLARSSL_MODE_STREAM )
{
if( 0 != ( ret = ctx->cipher_info->base->stream_func( ctx->cipher_ctx,
ilen, input, output ) ) )
{
return( ret );
}
*olen = ilen;
return( 0 );
}
#endif /* POLARSSL_CIPHER_MODE_STREAM */
return( POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE );
}
#if defined(POLARSSL_CIPHER_MODE_WITH_PADDING)
#if defined(POLARSSL_CIPHER_PADDING_PKCS7)
/*
* PKCS7 (and PKCS5) padding: fill with ll bytes, with ll = padding_len
*/
static void add_pkcs_padding( unsigned char *output, size_t output_len,
size_t data_len )
{
size_t padding_len = output_len - data_len;
unsigned char i;
for( i = 0; i < padding_len; i++ )
output[data_len + i] = (unsigned char) padding_len;
}
static int get_pkcs_padding( unsigned char *input, size_t input_len,
size_t *data_len )
{
size_t i, pad_idx;
unsigned char padding_len, bad = 0;
if( NULL == input || NULL == data_len )
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
padding_len = input[input_len - 1];
*data_len = input_len - padding_len;
/* Avoid logical || since it results in a branch */
bad |= padding_len > input_len;
bad |= padding_len == 0;
/* The number of bytes checked must be independent of padding_len,
* so pick input_len, which is usually 8 or 16 (one block) */
pad_idx = input_len - padding_len;
for( i = 0; i < input_len; i++ )
bad |= ( input[i] ^ padding_len ) * ( i >= pad_idx );
return( POLARSSL_ERR_CIPHER_INVALID_PADDING * ( bad != 0 ) );
}
#endif /* POLARSSL_CIPHER_PADDING_PKCS7 */
#if defined(POLARSSL_CIPHER_PADDING_ONE_AND_ZEROS)
/*
* One and zeros padding: fill with 80 00 ... 00
*/
static void add_one_and_zeros_padding( unsigned char *output,
size_t output_len, size_t data_len )
{
size_t padding_len = output_len - data_len;
unsigned char i = 0;
output[data_len] = 0x80;
for( i = 1; i < padding_len; i++ )
output[data_len + i] = 0x00;
}
static int get_one_and_zeros_padding( unsigned char *input, size_t input_len,
size_t *data_len )
{
size_t i;
unsigned char done = 0, prev_done, bad;
if( NULL == input || NULL == data_len )
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
bad = 0xFF;
*data_len = 0;
for( i = input_len; i > 0; i-- )
{
prev_done = done;
done |= ( input[i-1] != 0 );
*data_len |= ( i - 1 ) * ( done != prev_done );
bad &= ( input[i-1] ^ 0x80 ) | ( done == prev_done );
}
return( POLARSSL_ERR_CIPHER_INVALID_PADDING * ( bad != 0 ) );
}
#endif /* POLARSSL_CIPHER_PADDING_ONE_AND_ZEROS */
#if defined(POLARSSL_CIPHER_PADDING_ZEROS_AND_LEN)
/*
* Zeros and len padding: fill with 00 ... 00 ll, where ll is padding length
*/
static void add_zeros_and_len_padding( unsigned char *output,
size_t output_len, size_t data_len )
{
size_t padding_len = output_len - data_len;
unsigned char i = 0;
for( i = 1; i < padding_len; i++ )
output[data_len + i - 1] = 0x00;
output[output_len - 1] = (unsigned char) padding_len;
}
static int get_zeros_and_len_padding( unsigned char *input, size_t input_len,
size_t *data_len )
{
size_t i, pad_idx;
unsigned char padding_len, bad = 0;
if( NULL == input || NULL == data_len )
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
padding_len = input[input_len - 1];
*data_len = input_len - padding_len;
/* Avoid logical || since it results in a branch */
bad |= padding_len > input_len;
bad |= padding_len == 0;
/* The number of bytes checked must be independent of padding_len */
pad_idx = input_len - padding_len;
for( i = 0; i < input_len - 1; i++ )
bad |= input[i] * ( i >= pad_idx );
return( POLARSSL_ERR_CIPHER_INVALID_PADDING * ( bad != 0 ) );
}
#endif /* POLARSSL_CIPHER_PADDING_ZEROS_AND_LEN */
#if defined(POLARSSL_CIPHER_PADDING_ZEROS)
/*
* Zero padding: fill with 00 ... 00
*/
static void add_zeros_padding( unsigned char *output,
size_t output_len, size_t data_len )
{
size_t i;
for( i = data_len; i < output_len; i++ )
output[i] = 0x00;
}
static int get_zeros_padding( unsigned char *input, size_t input_len,
size_t *data_len )
{
size_t i;
unsigned char done = 0, prev_done;
if( NULL == input || NULL == data_len )
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
*data_len = 0;
for( i = input_len; i > 0; i-- )
{
prev_done = done;
done |= ( input[i-1] != 0 );
*data_len |= i * ( done != prev_done );
}
return( 0 );
}
#endif /* POLARSSL_CIPHER_PADDING_ZEROS */
/*
* No padding: don't pad :)
*
* There is no add_padding function (check for NULL in cipher_finish)
* but a trivial get_padding function
*/
static int get_no_padding( unsigned char *input, size_t input_len,
size_t *data_len )
{
if( NULL == input || NULL == data_len )
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
*data_len = input_len;
return( 0 );
}
#endif /* POLARSSL_CIPHER_MODE_WITH_PADDING */
int cipher_finish( cipher_context_t *ctx,
unsigned char *output, size_t *olen )
{
if( NULL == ctx || NULL == ctx->cipher_info || NULL == olen )
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
*olen = 0;
if( POLARSSL_MODE_CFB == ctx->cipher_info->mode ||
POLARSSL_MODE_CTR == ctx->cipher_info->mode ||
POLARSSL_MODE_GCM == ctx->cipher_info->mode ||
POLARSSL_MODE_STREAM == ctx->cipher_info->mode )
{
return( 0 );
}
if( POLARSSL_MODE_ECB == ctx->cipher_info->mode )
{
if( ctx->unprocessed_len != 0 )
return( POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED );
return( 0 );
}
#if defined(POLARSSL_CIPHER_MODE_CBC)
if( POLARSSL_MODE_CBC == ctx->cipher_info->mode )
{
int ret = 0;
if( POLARSSL_ENCRYPT == ctx->operation )
{
/* check for 'no padding' mode */
if( NULL == ctx->add_padding )
{
if( 0 != ctx->unprocessed_len )
return( POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED );
return( 0 );
}
ctx->add_padding( ctx->unprocessed_data, cipher_get_iv_size( ctx ),
ctx->unprocessed_len );
}
else if( cipher_get_block_size( ctx ) != ctx->unprocessed_len )
{
/*
* For decrypt operations, expect a full block,
* or an empty block if no padding
*/
if( NULL == ctx->add_padding && 0 == ctx->unprocessed_len )
return( 0 );
return( POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED );
}
/* cipher block */
if( 0 != ( ret = ctx->cipher_info->base->cbc_func( ctx->cipher_ctx,
ctx->operation, cipher_get_block_size( ctx ), ctx->iv,
ctx->unprocessed_data, output ) ) )
{
return( ret );
}
/* Set output size for decryption */
if( POLARSSL_DECRYPT == ctx->operation )
return ctx->get_padding( output, cipher_get_block_size( ctx ),
olen );
/* Set output size for encryption */
*olen = cipher_get_block_size( ctx );
return( 0 );
}
#else
((void) output);
#endif /* POLARSSL_CIPHER_MODE_CBC */
return( POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE );
}
#if defined(POLARSSL_CIPHER_MODE_WITH_PADDING)
int cipher_set_padding_mode( cipher_context_t *ctx, cipher_padding_t mode )
{
if( NULL == ctx ||
POLARSSL_MODE_CBC != ctx->cipher_info->mode )
{
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
}
switch( mode )
{
#if defined(POLARSSL_CIPHER_PADDING_PKCS7)
case POLARSSL_PADDING_PKCS7:
ctx->add_padding = add_pkcs_padding;
ctx->get_padding = get_pkcs_padding;
break;
#endif
#if defined(POLARSSL_CIPHER_PADDING_ONE_AND_ZEROS)
case POLARSSL_PADDING_ONE_AND_ZEROS:
ctx->add_padding = add_one_and_zeros_padding;
ctx->get_padding = get_one_and_zeros_padding;
break;
#endif
#if defined(POLARSSL_CIPHER_PADDING_ZEROS_AND_LEN)
case POLARSSL_PADDING_ZEROS_AND_LEN:
ctx->add_padding = add_zeros_and_len_padding;
ctx->get_padding = get_zeros_and_len_padding;
break;
#endif
#if defined(POLARSSL_CIPHER_PADDING_ZEROS)
case POLARSSL_PADDING_ZEROS:
ctx->add_padding = add_zeros_padding;
ctx->get_padding = get_zeros_padding;
break;
#endif
case POLARSSL_PADDING_NONE:
ctx->add_padding = NULL;
ctx->get_padding = get_no_padding;
break;
default:
return( POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE );
}
return( 0 );
}
#endif /* POLARSSL_CIPHER_MODE_WITH_PADDING */
#if defined(POLARSSL_GCM_C)
int cipher_write_tag( cipher_context_t *ctx,
unsigned char *tag, size_t tag_len )
{
if( NULL == ctx || NULL == ctx->cipher_info || NULL == tag )
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
if( POLARSSL_ENCRYPT != ctx->operation )
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
if( POLARSSL_MODE_GCM == ctx->cipher_info->mode )
return gcm_finish( (gcm_context *) ctx->cipher_ctx, tag, tag_len );
return( 0 );
}
int cipher_check_tag( cipher_context_t *ctx,
const unsigned char *tag, size_t tag_len )
{
int ret;
if( NULL == ctx || NULL == ctx->cipher_info ||
POLARSSL_DECRYPT != ctx->operation )
{
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
}
if( POLARSSL_MODE_GCM == ctx->cipher_info->mode )
{
unsigned char check_tag[16];
size_t i;
int diff;
if( tag_len > sizeof( check_tag ) )
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
if( 0 != ( ret = gcm_finish( (gcm_context *) ctx->cipher_ctx,
check_tag, tag_len ) ) )
{
return( ret );
}
/* Check the tag in "constant-time" */
for( diff = 0, i = 0; i < tag_len; i++ )
diff |= tag[i] ^ check_tag[i];
if( diff != 0 )
return( POLARSSL_ERR_CIPHER_AUTH_FAILED );
return( 0 );
}
return( 0 );
}
#endif /* POLARSSL_GCM_C */
/*
* Packet-oriented wrapper for non-AEAD modes
*/
int cipher_crypt( cipher_context_t *ctx,
const unsigned char *iv, size_t iv_len,
const unsigned char *input, size_t ilen,
unsigned char *output, size_t *olen )
{
int ret;
size_t finish_olen;
if( ( ret = cipher_set_iv( ctx, iv, iv_len ) ) != 0 )
return( ret );
if( ( ret = cipher_reset( ctx ) ) != 0 )
return( ret );
if( ( ret = cipher_update( ctx, input, ilen, output, olen ) ) != 0 )
return( ret );
if( ( ret = cipher_finish( ctx, output + *olen, &finish_olen ) ) != 0 )
return( ret );
*olen += finish_olen;
return( 0 );
}
#if defined(POLARSSL_CIPHER_MODE_AEAD)
/*
* Packet-oriented encryption for AEAD modes
*/
int cipher_auth_encrypt( cipher_context_t *ctx,
const unsigned char *iv, size_t iv_len,
const unsigned char *ad, size_t ad_len,
const unsigned char *input, size_t ilen,
unsigned char *output, size_t *olen,
unsigned char *tag, size_t tag_len )
{
#if defined(POLARSSL_GCM_C)
if( POLARSSL_MODE_GCM == ctx->cipher_info->mode )
{
*olen = ilen;
return( gcm_crypt_and_tag( ctx->cipher_ctx, GCM_ENCRYPT, ilen,
iv, iv_len, ad, ad_len, input, output,
tag_len, tag ) );
}
#endif /* POLARSSL_GCM_C */
#if defined(POLARSSL_CCM_C)
if( POLARSSL_MODE_CCM == ctx->cipher_info->mode )
{
*olen = ilen;
return( ccm_encrypt_and_tag( ctx->cipher_ctx, ilen,
iv, iv_len, ad, ad_len, input, output,
tag, tag_len ) );
}
#endif /* POLARSSL_CCM_C */
return( POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE );
}
/*
* Packet-oriented decryption for AEAD modes
*/
int cipher_auth_decrypt( cipher_context_t *ctx,
const unsigned char *iv, size_t iv_len,
const unsigned char *ad, size_t ad_len,
const unsigned char *input, size_t ilen,
unsigned char *output, size_t *olen,
const unsigned char *tag, size_t tag_len )
{
#if defined(POLARSSL_GCM_C)
if( POLARSSL_MODE_GCM == ctx->cipher_info->mode )
{
int ret;
*olen = ilen;
ret = gcm_auth_decrypt( ctx->cipher_ctx, ilen,
iv, iv_len, ad, ad_len,
tag, tag_len, input, output );
if( ret == POLARSSL_ERR_GCM_AUTH_FAILED )
ret = POLARSSL_ERR_CIPHER_AUTH_FAILED;
return( ret );
}
#endif /* POLARSSL_GCM_C */
#if defined(POLARSSL_CCM_C)
if( POLARSSL_MODE_CCM == ctx->cipher_info->mode )
{
int ret;
*olen = ilen;
ret = ccm_auth_decrypt( ctx->cipher_ctx, ilen,
iv, iv_len, ad, ad_len,
input, output, tag, tag_len );
if( ret == POLARSSL_ERR_CCM_AUTH_FAILED )
ret = POLARSSL_ERR_CIPHER_AUTH_FAILED;
return( ret );
}
#endif /* POLARSSL_CCM_C */
return( POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE );
}
#endif /* POLARSSL_CIPHER_MODE_AEAD */
#if defined(POLARSSL_SELF_TEST)
/*
* Checkup routine
*/
int cipher_self_test( int verbose )
{
((void) verbose);
return( 0 );
}
#endif /* POLARSSL_SELF_TEST */
#endif /* POLARSSL_CIPHER_C */

1451
Externals/polarssl/library/cipher_wrap.c vendored
View File

File diff suppressed because it is too large Load Diff

549
Externals/polarssl/library/ctr_drbg.c vendored
View File

@ -1,549 +0,0 @@
/*
* CTR_DRBG implementation based on AES-256 (NIST SP 800-90)
*
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
/*
* The NIST SP 800-90 DRBGs are described in the following publucation.
*
* http://csrc.nist.gov/publications/nistpubs/800-90/SP800-90revised_March2007.pdf
*/
#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#if defined(POLARSSL_CTR_DRBG_C)
#include "polarssl/ctr_drbg.h"
#if defined(POLARSSL_FS_IO)
#include <stdio.h>
#endif
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#define polarssl_printf printf
#endif
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
/*
* Non-public function wrapped by ctr_crbg_init(). Necessary to allow NIST
* tests to succeed (which require known length fixed entropy)
*/
int ctr_drbg_init_entropy_len(
ctr_drbg_context *ctx,
int (*f_entropy)(void *, unsigned char *, size_t),
void *p_entropy,
const unsigned char *custom,
size_t len,
size_t entropy_len )
{
int ret;
unsigned char key[CTR_DRBG_KEYSIZE];
memset( ctx, 0, sizeof(ctr_drbg_context) );
memset( key, 0, CTR_DRBG_KEYSIZE );
aes_init( &ctx->aes_ctx );
ctx->f_entropy = f_entropy;
ctx->p_entropy = p_entropy;
ctx->entropy_len = entropy_len;
ctx->reseed_interval = CTR_DRBG_RESEED_INTERVAL;
/*
* Initialize with an empty key
*/
aes_setkey_enc( &ctx->aes_ctx, key, CTR_DRBG_KEYBITS );
if( ( ret = ctr_drbg_reseed( ctx, custom, len ) ) != 0 )
return( ret );
return( 0 );
}
int ctr_drbg_init( ctr_drbg_context *ctx,
int (*f_entropy)(void *, unsigned char *, size_t),
void *p_entropy,
const unsigned char *custom,
size_t len )
{
return( ctr_drbg_init_entropy_len( ctx, f_entropy, p_entropy, custom, len,
CTR_DRBG_ENTROPY_LEN ) );
}
void ctr_drbg_free( ctr_drbg_context *ctx )
{
if( ctx == NULL )
return;
aes_free( &ctx->aes_ctx );
polarssl_zeroize( ctx, sizeof( ctr_drbg_context ) );
}
void ctr_drbg_set_prediction_resistance( ctr_drbg_context *ctx, int resistance )
{
ctx->prediction_resistance = resistance;
}
void ctr_drbg_set_entropy_len( ctr_drbg_context *ctx, size_t len )
{
ctx->entropy_len = len;
}
void ctr_drbg_set_reseed_interval( ctr_drbg_context *ctx, int interval )
{
ctx->reseed_interval = interval;
}
static int block_cipher_df( unsigned char *output,
const unsigned char *data, size_t data_len )
{
unsigned char buf[CTR_DRBG_MAX_SEED_INPUT + CTR_DRBG_BLOCKSIZE + 16];
unsigned char tmp[CTR_DRBG_SEEDLEN];
unsigned char key[CTR_DRBG_KEYSIZE];
unsigned char chain[CTR_DRBG_BLOCKSIZE];
unsigned char *p, *iv;
aes_context aes_ctx;
int i, j;
size_t buf_len, use_len;
memset( buf, 0, CTR_DRBG_MAX_SEED_INPUT + CTR_DRBG_BLOCKSIZE + 16 );
aes_init( &aes_ctx );
/*
* Construct IV (16 bytes) and S in buffer
* IV = Counter (in 32-bits) padded to 16 with zeroes
* S = Length input string (in 32-bits) || Length of output (in 32-bits) ||
* data || 0x80
* (Total is padded to a multiple of 16-bytes with zeroes)
*/
p = buf + CTR_DRBG_BLOCKSIZE;
*p++ = ( data_len >> 24 ) & 0xff;
*p++ = ( data_len >> 16 ) & 0xff;
*p++ = ( data_len >> 8 ) & 0xff;
*p++ = ( data_len ) & 0xff;
p += 3;
*p++ = CTR_DRBG_SEEDLEN;
memcpy( p, data, data_len );
p[data_len] = 0x80;
buf_len = CTR_DRBG_BLOCKSIZE + 8 + data_len + 1;
for( i = 0; i < CTR_DRBG_KEYSIZE; i++ )
key[i] = i;
aes_setkey_enc( &aes_ctx, key, CTR_DRBG_KEYBITS );
/*
* Reduce data to POLARSSL_CTR_DRBG_SEEDLEN bytes of data
*/
for( j = 0; j < CTR_DRBG_SEEDLEN; j += CTR_DRBG_BLOCKSIZE )
{
p = buf;
memset( chain, 0, CTR_DRBG_BLOCKSIZE );
use_len = buf_len;
while( use_len > 0 )
{
for( i = 0; i < CTR_DRBG_BLOCKSIZE; i++ )
chain[i] ^= p[i];
p += CTR_DRBG_BLOCKSIZE;
use_len -= ( use_len >= CTR_DRBG_BLOCKSIZE ) ?
CTR_DRBG_BLOCKSIZE : use_len;
aes_crypt_ecb( &aes_ctx, AES_ENCRYPT, chain, chain );
}
memcpy( tmp + j, chain, CTR_DRBG_BLOCKSIZE );
/*
* Update IV
*/
buf[3]++;
}
/*
* Do final encryption with reduced data
*/
aes_setkey_enc( &aes_ctx, tmp, CTR_DRBG_KEYBITS );
iv = tmp + CTR_DRBG_KEYSIZE;
p = output;
for( j = 0; j < CTR_DRBG_SEEDLEN; j += CTR_DRBG_BLOCKSIZE )
{
aes_crypt_ecb( &aes_ctx, AES_ENCRYPT, iv, iv );
memcpy( p, iv, CTR_DRBG_BLOCKSIZE );
p += CTR_DRBG_BLOCKSIZE;
}
aes_free( &aes_ctx );
return( 0 );
}
static int ctr_drbg_update_internal( ctr_drbg_context *ctx,
const unsigned char data[CTR_DRBG_SEEDLEN] )
{
unsigned char tmp[CTR_DRBG_SEEDLEN];
unsigned char *p = tmp;
int i, j;
memset( tmp, 0, CTR_DRBG_SEEDLEN );
for( j = 0; j < CTR_DRBG_SEEDLEN; j += CTR_DRBG_BLOCKSIZE )
{
/*
* Increase counter
*/
for( i = CTR_DRBG_BLOCKSIZE; i > 0; i-- )
if( ++ctx->counter[i - 1] != 0 )
break;
/*
* Crypt counter block
*/
aes_crypt_ecb( &ctx->aes_ctx, AES_ENCRYPT, ctx->counter, p );
p += CTR_DRBG_BLOCKSIZE;
}
for( i = 0; i < CTR_DRBG_SEEDLEN; i++ )
tmp[i] ^= data[i];
/*
* Update key and counter
*/
aes_setkey_enc( &ctx->aes_ctx, tmp, CTR_DRBG_KEYBITS );
memcpy( ctx->counter, tmp + CTR_DRBG_KEYSIZE, CTR_DRBG_BLOCKSIZE );
return( 0 );
}
void ctr_drbg_update( ctr_drbg_context *ctx,
const unsigned char *additional, size_t add_len )
{
unsigned char add_input[CTR_DRBG_SEEDLEN];
if( add_len > 0 )
{
block_cipher_df( add_input, additional, add_len );
ctr_drbg_update_internal( ctx, add_input );
}
}
int ctr_drbg_reseed( ctr_drbg_context *ctx,
const unsigned char *additional, size_t len )
{
unsigned char seed[CTR_DRBG_MAX_SEED_INPUT];
size_t seedlen = 0;
if( ctx->entropy_len + len > CTR_DRBG_MAX_SEED_INPUT )
return( POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG );
memset( seed, 0, CTR_DRBG_MAX_SEED_INPUT );
/*
* Gather entropy_len bytes of entropy to seed state
*/
if( 0 != ctx->f_entropy( ctx->p_entropy, seed,
ctx->entropy_len ) )
{
return( POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED );
}
seedlen += ctx->entropy_len;
/*
* Add additional data
*/
if( additional && len )
{
memcpy( seed + seedlen, additional, len );
seedlen += len;
}
/*
* Reduce to 384 bits
*/
block_cipher_df( seed, seed, seedlen );
/*
* Update state
*/
ctr_drbg_update_internal( ctx, seed );
ctx->reseed_counter = 1;
return( 0 );
}
int ctr_drbg_random_with_add( void *p_rng,
unsigned char *output, size_t output_len,
const unsigned char *additional, size_t add_len )
{
int ret = 0;
ctr_drbg_context *ctx = (ctr_drbg_context *) p_rng;
unsigned char add_input[CTR_DRBG_SEEDLEN];
unsigned char *p = output;
unsigned char tmp[CTR_DRBG_BLOCKSIZE];
int i;
size_t use_len;
if( output_len > CTR_DRBG_MAX_REQUEST )
return( POLARSSL_ERR_CTR_DRBG_REQUEST_TOO_BIG );
if( add_len > CTR_DRBG_MAX_INPUT )
return( POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG );
memset( add_input, 0, CTR_DRBG_SEEDLEN );
if( ctx->reseed_counter > ctx->reseed_interval ||
ctx->prediction_resistance )
{
if( ( ret = ctr_drbg_reseed( ctx, additional, add_len ) ) != 0 )
return( ret );
add_len = 0;
}
if( add_len > 0 )
{
block_cipher_df( add_input, additional, add_len );
ctr_drbg_update_internal( ctx, add_input );
}
while( output_len > 0 )
{
/*
* Increase counter
*/
for( i = CTR_DRBG_BLOCKSIZE; i > 0; i-- )
if( ++ctx->counter[i - 1] != 0 )
break;
/*
* Crypt counter block
*/
aes_crypt_ecb( &ctx->aes_ctx, AES_ENCRYPT, ctx->counter, tmp );
use_len = ( output_len > CTR_DRBG_BLOCKSIZE ) ? CTR_DRBG_BLOCKSIZE :
output_len;
/*
* Copy random block to destination
*/
memcpy( p, tmp, use_len );
p += use_len;
output_len -= use_len;
}
ctr_drbg_update_internal( ctx, add_input );
ctx->reseed_counter++;
return( 0 );
}
int ctr_drbg_random( void *p_rng, unsigned char *output, size_t output_len )
{
return ctr_drbg_random_with_add( p_rng, output, output_len, NULL, 0 );
}
#if defined(POLARSSL_FS_IO)
int ctr_drbg_write_seed_file( ctr_drbg_context *ctx, const char *path )
{
int ret = POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR;
FILE *f;
unsigned char buf[ CTR_DRBG_MAX_INPUT ];
if( ( f = fopen( path, "wb" ) ) == NULL )
return( POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR );
if( ( ret = ctr_drbg_random( ctx, buf, CTR_DRBG_MAX_INPUT ) ) != 0 )
goto exit;
if( fwrite( buf, 1, CTR_DRBG_MAX_INPUT, f ) != CTR_DRBG_MAX_INPUT )
{
ret = POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR;
goto exit;
}
ret = 0;
exit:
fclose( f );
return( ret );
}
int ctr_drbg_update_seed_file( ctr_drbg_context *ctx, const char *path )
{
FILE *f;
size_t n;
unsigned char buf[ CTR_DRBG_MAX_INPUT ];
if( ( f = fopen( path, "rb" ) ) == NULL )
return( POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR );
fseek( f, 0, SEEK_END );
n = (size_t) ftell( f );
fseek( f, 0, SEEK_SET );
if( n > CTR_DRBG_MAX_INPUT )
{
fclose( f );
return( POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG );
}
if( fread( buf, 1, n, f ) != n )
{
fclose( f );
return( POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR );
}
fclose( f );
ctr_drbg_update( ctx, buf, n );
return( ctr_drbg_write_seed_file( ctx, path ) );
}
#endif /* POLARSSL_FS_IO */
#if defined(POLARSSL_SELF_TEST)
#include <stdio.h>
static unsigned char entropy_source_pr[96] =
{ 0xc1, 0x80, 0x81, 0xa6, 0x5d, 0x44, 0x02, 0x16,
0x19, 0xb3, 0xf1, 0x80, 0xb1, 0xc9, 0x20, 0x02,
0x6a, 0x54, 0x6f, 0x0c, 0x70, 0x81, 0x49, 0x8b,
0x6e, 0xa6, 0x62, 0x52, 0x6d, 0x51, 0xb1, 0xcb,
0x58, 0x3b, 0xfa, 0xd5, 0x37, 0x5f, 0xfb, 0xc9,
0xff, 0x46, 0xd2, 0x19, 0xc7, 0x22, 0x3e, 0x95,
0x45, 0x9d, 0x82, 0xe1, 0xe7, 0x22, 0x9f, 0x63,
0x31, 0x69, 0xd2, 0x6b, 0x57, 0x47, 0x4f, 0xa3,
0x37, 0xc9, 0x98, 0x1c, 0x0b, 0xfb, 0x91, 0x31,
0x4d, 0x55, 0xb9, 0xe9, 0x1c, 0x5a, 0x5e, 0xe4,
0x93, 0x92, 0xcf, 0xc5, 0x23, 0x12, 0xd5, 0x56,
0x2c, 0x4a, 0x6e, 0xff, 0xdc, 0x10, 0xd0, 0x68 };
static unsigned char entropy_source_nopr[64] =
{ 0x5a, 0x19, 0x4d, 0x5e, 0x2b, 0x31, 0x58, 0x14,
0x54, 0xde, 0xf6, 0x75, 0xfb, 0x79, 0x58, 0xfe,
0xc7, 0xdb, 0x87, 0x3e, 0x56, 0x89, 0xfc, 0x9d,
0x03, 0x21, 0x7c, 0x68, 0xd8, 0x03, 0x38, 0x20,
0xf9, 0xe6, 0x5e, 0x04, 0xd8, 0x56, 0xf3, 0xa9,
0xc4, 0x4a, 0x4c, 0xbd, 0xc1, 0xd0, 0x08, 0x46,
0xf5, 0x98, 0x3d, 0x77, 0x1c, 0x1b, 0x13, 0x7e,
0x4e, 0x0f, 0x9d, 0x8e, 0xf4, 0x09, 0xf9, 0x2e };
static const unsigned char nonce_pers_pr[16] =
{ 0xd2, 0x54, 0xfc, 0xff, 0x02, 0x1e, 0x69, 0xd2,
0x29, 0xc9, 0xcf, 0xad, 0x85, 0xfa, 0x48, 0x6c };
static const unsigned char nonce_pers_nopr[16] =
{ 0x1b, 0x54, 0xb8, 0xff, 0x06, 0x42, 0xbf, 0xf5,
0x21, 0xf1, 0x5c, 0x1c, 0x0b, 0x66, 0x5f, 0x3f };
static const unsigned char result_pr[16] =
{ 0x34, 0x01, 0x16, 0x56, 0xb4, 0x29, 0x00, 0x8f,
0x35, 0x63, 0xec, 0xb5, 0xf2, 0x59, 0x07, 0x23 };
static const unsigned char result_nopr[16] =
{ 0xa0, 0x54, 0x30, 0x3d, 0x8a, 0x7e, 0xa9, 0x88,
0x9d, 0x90, 0x3e, 0x07, 0x7c, 0x6f, 0x21, 0x8f };
static size_t test_offset;
static int ctr_drbg_self_test_entropy( void *data, unsigned char *buf,
size_t len )
{
const unsigned char *p = data;
memcpy( buf, p + test_offset, len );
test_offset += len;
return( 0 );
}
#define CHK( c ) if( (c) != 0 ) \
{ \
if( verbose != 0 ) \
polarssl_printf( "failed\n" ); \
return( 1 ); \
}
/*
* Checkup routine
*/
int ctr_drbg_self_test( int verbose )
{
ctr_drbg_context ctx;
unsigned char buf[16];
/*
* Based on a NIST CTR_DRBG test vector (PR = True)
*/
if( verbose != 0 )
polarssl_printf( " CTR_DRBG (PR = TRUE) : " );
test_offset = 0;
CHK( ctr_drbg_init_entropy_len( &ctx, ctr_drbg_self_test_entropy,
entropy_source_pr, nonce_pers_pr, 16, 32 ) );
ctr_drbg_set_prediction_resistance( &ctx, CTR_DRBG_PR_ON );
CHK( ctr_drbg_random( &ctx, buf, CTR_DRBG_BLOCKSIZE ) );
CHK( ctr_drbg_random( &ctx, buf, CTR_DRBG_BLOCKSIZE ) );
CHK( memcmp( buf, result_pr, CTR_DRBG_BLOCKSIZE ) );
if( verbose != 0 )
polarssl_printf( "passed\n" );
/*
* Based on a NIST CTR_DRBG test vector (PR = FALSE)
*/
if( verbose != 0 )
polarssl_printf( " CTR_DRBG (PR = FALSE): " );
test_offset = 0;
CHK( ctr_drbg_init_entropy_len( &ctx, ctr_drbg_self_test_entropy,
entropy_source_nopr, nonce_pers_nopr, 16, 32 ) );
CHK( ctr_drbg_random( &ctx, buf, 16 ) );
CHK( ctr_drbg_reseed( &ctx, NULL, 0 ) );
CHK( ctr_drbg_random( &ctx, buf, 16 ) );
CHK( memcmp( buf, result_nopr, 16 ) );
if( verbose != 0 )
polarssl_printf( "passed\n" );
if( verbose != 0 )
polarssl_printf( "\n" );
return( 0 );
}
#endif /* POLARSSL_SELF_TEST */
#endif /* POLARSSL_CTR_DRBG_C */

351
Externals/polarssl/library/debug.c vendored
View File

@ -1,351 +0,0 @@
/*
* Debugging routines
*
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#if defined(POLARSSL_DEBUG_C)
#include "polarssl/debug.h"
#include <stdarg.h>
#include <stdlib.h>
#if defined(EFIX64) || defined(EFI32)
#include <stdio.h>
#endif
#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32)
#if !defined snprintf
#define snprintf _snprintf
#endif
#if !defined vsnprintf
#define vsnprintf _vsnprintf
#endif
#endif /* _MSC_VER */
static int debug_log_mode = POLARSSL_DEBUG_DFL_MODE;
static int debug_threshold = 0;
void debug_set_log_mode( int log_mode )
{
debug_log_mode = log_mode;
}
void debug_set_threshold( int threshold )
{
debug_threshold = threshold;
}
char *debug_fmt( const char *format, ... )
{
va_list argp;
static char str[512];
int maxlen = sizeof( str ) - 1;
va_start( argp, format );
vsnprintf( str, maxlen, format, argp );
va_end( argp );
str[maxlen] = '\0';
return( str );
}
void debug_print_msg( const ssl_context *ssl, int level,
const char *file, int line, const char *text )
{
char str[512];
int maxlen = sizeof( str ) - 1;
if( ssl->f_dbg == NULL || level > debug_threshold )
return;
if( debug_log_mode == POLARSSL_DEBUG_LOG_RAW )
{
ssl->f_dbg( ssl->p_dbg, level, text );
return;
}
snprintf( str, maxlen, "%s(%04d): %s\n", file, line, text );
str[maxlen] = '\0';
ssl->f_dbg( ssl->p_dbg, level, str );
}
void debug_print_ret( const ssl_context *ssl, int level,
const char *file, int line,
const char *text, int ret )
{
char str[512];
int maxlen = sizeof( str ) - 1;
size_t idx = 0;
if( ssl->f_dbg == NULL || level > debug_threshold )
return;
if( debug_log_mode == POLARSSL_DEBUG_LOG_FULL )
idx = snprintf( str, maxlen, "%s(%04d): ", file, line );
snprintf( str + idx, maxlen - idx, "%s() returned %d (-0x%04x)\n",
text, ret, -ret );
str[maxlen] = '\0';
ssl->f_dbg( ssl->p_dbg, level, str );
}
void debug_print_buf( const ssl_context *ssl, int level,
const char *file, int line, const char *text,
unsigned char *buf, size_t len )
{
char str[512];
size_t i, maxlen = sizeof( str ) - 1, idx = 0;
if( ssl->f_dbg == NULL || level > debug_threshold )
return;
if( debug_log_mode == POLARSSL_DEBUG_LOG_FULL )
idx = snprintf( str, maxlen, "%s(%04d): ", file, line );
snprintf( str + idx, maxlen - idx, "dumping '%s' (%u bytes)\n",
text, (unsigned int) len );
str[maxlen] = '\0';
ssl->f_dbg( ssl->p_dbg, level, str );
idx = 0;
for( i = 0; i < len; i++ )
{
if( i >= 4096 )
break;
if( i % 16 == 0 )
{
if( i > 0 )
{
snprintf( str + idx, maxlen - idx, "\n" );
ssl->f_dbg( ssl->p_dbg, level, str );
idx = 0;
}
if( debug_log_mode == POLARSSL_DEBUG_LOG_FULL )
idx = snprintf( str, maxlen, "%s(%04d): ", file, line );
idx += snprintf( str + idx, maxlen - idx, "%04x: ",
(unsigned int) i );
}
idx += snprintf( str + idx, maxlen - idx, " %02x",
(unsigned int) buf[i] );
}
if( len > 0 )
{
snprintf( str + idx, maxlen - idx, "\n" );
ssl->f_dbg( ssl->p_dbg, level, str );
}
}
#if defined(POLARSSL_ECP_C)
void debug_print_ecp( const ssl_context *ssl, int level,
const char *file, int line,
const char *text, const ecp_point *X )
{
char str[512];
int maxlen = sizeof( str ) - 1;
if( ssl->f_dbg == NULL || level > debug_threshold )
return;
snprintf( str, maxlen, "%s(X)", text );
str[maxlen] = '\0';
debug_print_mpi( ssl, level, file, line, str, &X->X );
snprintf( str, maxlen, "%s(Y)", text );
str[maxlen] = '\0';
debug_print_mpi( ssl, level, file, line, str, &X->Y );
}
#endif /* POLARSSL_ECP_C */
#if defined(POLARSSL_BIGNUM_C)
void debug_print_mpi( const ssl_context *ssl, int level,
const char *file, int line,
const char *text, const mpi *X )
{
char str[512];
int j, k, maxlen = sizeof( str ) - 1, zeros = 1;
size_t i, n, idx = 0;
if( ssl->f_dbg == NULL || X == NULL || level > debug_threshold )
return;
for( n = X->n - 1; n > 0; n-- )
if( X->p[n] != 0 )
break;
for( j = ( sizeof(t_uint) << 3 ) - 1; j >= 0; j-- )
if( ( ( X->p[n] >> j ) & 1 ) != 0 )
break;
if( debug_log_mode == POLARSSL_DEBUG_LOG_FULL )
idx = snprintf( str, maxlen, "%s(%04d): ", file, line );
snprintf( str + idx, maxlen - idx, "value of '%s' (%d bits) is:\n",
text, (int) ( ( n * ( sizeof(t_uint) << 3 ) ) + j + 1 ) );
str[maxlen] = '\0';
ssl->f_dbg( ssl->p_dbg, level, str );
idx = 0;
for( i = n + 1, j = 0; i > 0; i-- )
{
if( zeros && X->p[i - 1] == 0 )
continue;
for( k = sizeof( t_uint ) - 1; k >= 0; k-- )
{
if( zeros && ( ( X->p[i - 1] >> ( k << 3 ) ) & 0xFF ) == 0 )
continue;
else
zeros = 0;
if( j % 16 == 0 )
{
if( j > 0 )
{
snprintf( str + idx, maxlen - idx, "\n" );
ssl->f_dbg( ssl->p_dbg, level, str );
idx = 0;
}
if( debug_log_mode == POLARSSL_DEBUG_LOG_FULL )
idx = snprintf( str, maxlen, "%s(%04d): ", file, line );
}
idx += snprintf( str + idx, maxlen - idx, " %02x", (unsigned int)
( X->p[i - 1] >> ( k << 3 ) ) & 0xFF );
j++;
}
}
if( zeros == 1 )
{
if( debug_log_mode == POLARSSL_DEBUG_LOG_FULL )
{
idx = snprintf( str, maxlen, "%s(%04d): ", file, line );
}
idx += snprintf( str + idx, maxlen - idx, " 00" );
}
snprintf( str + idx, maxlen - idx, "\n" );
ssl->f_dbg( ssl->p_dbg, level, str );
}
#endif /* POLARSSL_BIGNUM_C */
#if defined(POLARSSL_X509_CRT_PARSE_C)
static void debug_print_pk( const ssl_context *ssl, int level,
const char *file, int line,
const char *text, const pk_context *pk )
{
size_t i;
pk_debug_item items[POLARSSL_PK_DEBUG_MAX_ITEMS];
char name[16];
memset( items, 0, sizeof( items ) );
if( pk_debug( pk, items ) != 0 )
{
debug_print_msg( ssl, level, file, line, "invalid PK context" );
return;
}
for( i = 0; i < POLARSSL_PK_DEBUG_MAX_ITEMS; i++ )
{
if( items[i].type == POLARSSL_PK_DEBUG_NONE )
return;
snprintf( name, sizeof( name ), "%s%s", text, items[i].name );
name[sizeof( name ) - 1] = '\0';
if( items[i].type == POLARSSL_PK_DEBUG_MPI )
debug_print_mpi( ssl, level, file, line, name, items[i].value );
else
#if defined(POLARSSL_ECP_C)
if( items[i].type == POLARSSL_PK_DEBUG_ECP )
debug_print_ecp( ssl, level, file, line, name, items[i].value );
else
#endif
debug_print_msg( ssl, level, file, line, "should not happen" );
}
}
void debug_print_crt( const ssl_context *ssl, int level,
const char *file, int line,
const char *text, const x509_crt *crt )
{
char str[1024], prefix[64];
int i = 0, maxlen = sizeof( prefix ) - 1, idx = 0;
if( ssl->f_dbg == NULL || crt == NULL || level > debug_threshold )
return;
if( debug_log_mode == POLARSSL_DEBUG_LOG_FULL )
{
snprintf( prefix, maxlen, "%s(%04d): ", file, line );
prefix[maxlen] = '\0';
}
else
prefix[0] = '\0';
maxlen = sizeof( str ) - 1;
while( crt != NULL )
{
char buf[1024];
x509_crt_info( buf, sizeof( buf ) - 1, prefix, crt );
if( debug_log_mode == POLARSSL_DEBUG_LOG_FULL )
idx = snprintf( str, maxlen, "%s(%04d): ", file, line );
snprintf( str + idx, maxlen - idx, "%s #%d:\n%s",
text, ++i, buf );
str[maxlen] = '\0';
ssl->f_dbg( ssl->p_dbg, level, str );
debug_print_pk( ssl, level, file, line, "crt->", &crt->pk );
crt = crt->next;
}
}
#endif /* POLARSSL_X509_CRT_PARSE_C */
#endif /* POLARSSL_DEBUG_C */

1057
Externals/polarssl/library/des.c vendored
View File

File diff suppressed because it is too large Load Diff

598
Externals/polarssl/library/dhm.c vendored
View File

@ -1,598 +0,0 @@
/*
* Diffie-Hellman-Merkle key exchange
*
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
/*
* Reference:
*
* http://www.cacr.math.uwaterloo.ca/hac/ (chapter 12)
*/
#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#if defined(POLARSSL_DHM_C)
#include "polarssl/dhm.h"
#if defined(POLARSSL_PEM_PARSE_C)
#include "polarssl/pem.h"
#endif
#if defined(POLARSSL_ASN1_PARSE_C)
#include "polarssl/asn1.h"
#endif
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#include <stdlib.h>
#define polarssl_printf printf
#define polarssl_malloc malloc
#define polarssl_free free
#endif
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
/*
* helper to validate the mpi size and import it
*/
static int dhm_read_bignum( mpi *X,
unsigned char **p,
const unsigned char *end )
{
int ret, n;
if( end - *p < 2 )
return( POLARSSL_ERR_DHM_BAD_INPUT_DATA );
n = ( (*p)[0] << 8 ) | (*p)[1];
(*p) += 2;
if( (int)( end - *p ) < n )
return( POLARSSL_ERR_DHM_BAD_INPUT_DATA );
if( ( ret = mpi_read_binary( X, *p, n ) ) != 0 )
return( POLARSSL_ERR_DHM_READ_PARAMS_FAILED + ret );
(*p) += n;
return( 0 );
}
/*
* Verify sanity of parameter with regards to P
*
* Parameter should be: 2 <= public_param <= P - 2
*
* For more information on the attack, see:
* http://www.cl.cam.ac.uk/~rja14/Papers/psandqs.pdf
* http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2643
*/
static int dhm_check_range( const mpi *param, const mpi *P )
{
mpi L, U;
int ret = POLARSSL_ERR_DHM_BAD_INPUT_DATA;
mpi_init( &L ); mpi_init( &U );
MPI_CHK( mpi_lset( &L, 2 ) );
MPI_CHK( mpi_sub_int( &U, P, 2 ) );
if( mpi_cmp_mpi( param, &L ) >= 0 &&
mpi_cmp_mpi( param, &U ) <= 0 )
{
ret = 0;
}
cleanup:
mpi_free( &L ); mpi_free( &U );
return( ret );
}
void dhm_init( dhm_context *ctx )
{
memset( ctx, 0, sizeof( dhm_context ) );
}
/*
* Parse the ServerKeyExchange parameters
*/
int dhm_read_params( dhm_context *ctx,
unsigned char **p,
const unsigned char *end )
{
int ret;
if( ( ret = dhm_read_bignum( &ctx->P, p, end ) ) != 0 ||
( ret = dhm_read_bignum( &ctx->G, p, end ) ) != 0 ||
( ret = dhm_read_bignum( &ctx->GY, p, end ) ) != 0 )
return( ret );
if( ( ret = dhm_check_range( &ctx->GY, &ctx->P ) ) != 0 )
return( ret );
ctx->len = mpi_size( &ctx->P );
return( 0 );
}
/*
* Setup and write the ServerKeyExchange parameters
*/
int dhm_make_params( dhm_context *ctx, int x_size,
unsigned char *output, size_t *olen,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng )
{
int ret, count = 0;
size_t n1, n2, n3;
unsigned char *p;
if( mpi_cmp_int( &ctx->P, 0 ) == 0 )
return( POLARSSL_ERR_DHM_BAD_INPUT_DATA );
/*
* Generate X as large as possible ( < P )
*/
do
{
mpi_fill_random( &ctx->X, x_size, f_rng, p_rng );
while( mpi_cmp_mpi( &ctx->X, &ctx->P ) >= 0 )
MPI_CHK( mpi_shift_r( &ctx->X, 1 ) );
if( count++ > 10 )
return( POLARSSL_ERR_DHM_MAKE_PARAMS_FAILED );
}
while( dhm_check_range( &ctx->X, &ctx->P ) != 0 );
/*
* Calculate GX = G^X mod P
*/
MPI_CHK( mpi_exp_mod( &ctx->GX, &ctx->G, &ctx->X,
&ctx->P , &ctx->RP ) );
if( ( ret = dhm_check_range( &ctx->GX, &ctx->P ) ) != 0 )
return( ret );
/*
* export P, G, GX
*/
#define DHM_MPI_EXPORT(X,n) \
MPI_CHK( mpi_write_binary( X, p + 2, n ) ); \
*p++ = (unsigned char)( n >> 8 ); \
*p++ = (unsigned char)( n ); p += n;
n1 = mpi_size( &ctx->P );
n2 = mpi_size( &ctx->G );
n3 = mpi_size( &ctx->GX );
p = output;
DHM_MPI_EXPORT( &ctx->P , n1 );
DHM_MPI_EXPORT( &ctx->G , n2 );
DHM_MPI_EXPORT( &ctx->GX, n3 );
*olen = p - output;
ctx->len = n1;
cleanup:
if( ret != 0 )
return( POLARSSL_ERR_DHM_MAKE_PARAMS_FAILED + ret );
return( 0 );
}
/*
* Import the peer's public value G^Y
*/
int dhm_read_public( dhm_context *ctx,
const unsigned char *input, size_t ilen )
{
int ret;
if( ctx == NULL || ilen < 1 || ilen > ctx->len )
return( POLARSSL_ERR_DHM_BAD_INPUT_DATA );
if( ( ret = mpi_read_binary( &ctx->GY, input, ilen ) ) != 0 )
return( POLARSSL_ERR_DHM_READ_PUBLIC_FAILED + ret );
return( 0 );
}
/*
* Create own private value X and export G^X
*/
int dhm_make_public( dhm_context *ctx, int x_size,
unsigned char *output, size_t olen,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng )
{
int ret, count = 0;
if( ctx == NULL || olen < 1 || olen > ctx->len )
return( POLARSSL_ERR_DHM_BAD_INPUT_DATA );
if( mpi_cmp_int( &ctx->P, 0 ) == 0 )
return( POLARSSL_ERR_DHM_BAD_INPUT_DATA );
/*
* generate X and calculate GX = G^X mod P
*/
do
{
mpi_fill_random( &ctx->X, x_size, f_rng, p_rng );
while( mpi_cmp_mpi( &ctx->X, &ctx->P ) >= 0 )
MPI_CHK( mpi_shift_r( &ctx->X, 1 ) );
if( count++ > 10 )
return( POLARSSL_ERR_DHM_MAKE_PUBLIC_FAILED );
}
while( dhm_check_range( &ctx->X, &ctx->P ) != 0 );
MPI_CHK( mpi_exp_mod( &ctx->GX, &ctx->G, &ctx->X,
&ctx->P , &ctx->RP ) );
if( ( ret = dhm_check_range( &ctx->GX, &ctx->P ) ) != 0 )
return( ret );
MPI_CHK( mpi_write_binary( &ctx->GX, output, olen ) );
cleanup:
if( ret != 0 )
return( POLARSSL_ERR_DHM_MAKE_PUBLIC_FAILED + ret );
return( 0 );
}
/*
* Use the blinding method and optimisation suggested in section 10 of:
* KOCHER, Paul C. Timing attacks on implementations of Diffie-Hellman, RSA,
* DSS, and other systems. In : Advances in CryptologyCRYPTO96. Springer
* Berlin Heidelberg, 1996. p. 104-113.
*/
static int dhm_update_blinding( dhm_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
{
int ret, count;
/*
* Don't use any blinding the first time a particular X is used,
* but remember it to use blinding next time.
*/
if( mpi_cmp_mpi( &ctx->X, &ctx->pX ) != 0 )
{
MPI_CHK( mpi_copy( &ctx->pX, &ctx->X ) );
MPI_CHK( mpi_lset( &ctx->Vi, 1 ) );
MPI_CHK( mpi_lset( &ctx->Vf, 1 ) );
return( 0 );
}
/*
* Ok, we need blinding. Can we re-use existing values?
* If yes, just update them by squaring them.
*/
if( mpi_cmp_int( &ctx->Vi, 1 ) != 0 )
{
MPI_CHK( mpi_mul_mpi( &ctx->Vi, &ctx->Vi, &ctx->Vi ) );
MPI_CHK( mpi_mod_mpi( &ctx->Vi, &ctx->Vi, &ctx->P ) );
MPI_CHK( mpi_mul_mpi( &ctx->Vf, &ctx->Vf, &ctx->Vf ) );
MPI_CHK( mpi_mod_mpi( &ctx->Vf, &ctx->Vf, &ctx->P ) );
return( 0 );
}
/*
* We need to generate blinding values from scratch
*/
/* Vi = random( 2, P-1 ) */
count = 0;
do
{
mpi_fill_random( &ctx->Vi, mpi_size( &ctx->P ), f_rng, p_rng );
while( mpi_cmp_mpi( &ctx->Vi, &ctx->P ) >= 0 )
MPI_CHK( mpi_shift_r( &ctx->Vi, 1 ) );
if( count++ > 10 )
return( POLARSSL_ERR_MPI_NOT_ACCEPTABLE );
}
while( mpi_cmp_int( &ctx->Vi, 1 ) <= 0 );
/* Vf = Vi^-X mod P */
MPI_CHK( mpi_inv_mod( &ctx->Vf, &ctx->Vi, &ctx->P ) );
MPI_CHK( mpi_exp_mod( &ctx->Vf, &ctx->Vf, &ctx->X, &ctx->P, &ctx->RP ) );
cleanup:
return( ret );
}
/*
* Derive and export the shared secret (G^Y)^X mod P
*/
int dhm_calc_secret( dhm_context *ctx,
unsigned char *output, size_t *olen,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng )
{
int ret;
mpi GYb;
if( ctx == NULL || *olen < ctx->len )
return( POLARSSL_ERR_DHM_BAD_INPUT_DATA );
if( ( ret = dhm_check_range( &ctx->GY, &ctx->P ) ) != 0 )
return( ret );
mpi_init( &GYb );
/* Blind peer's value */
if( f_rng != NULL )
{
MPI_CHK( dhm_update_blinding( ctx, f_rng, p_rng ) );
MPI_CHK( mpi_mul_mpi( &GYb, &ctx->GY, &ctx->Vi ) );
MPI_CHK( mpi_mod_mpi( &GYb, &GYb, &ctx->P ) );
}
else
MPI_CHK( mpi_copy( &GYb, &ctx->GY ) );
/* Do modular exponentiation */
MPI_CHK( mpi_exp_mod( &ctx->K, &GYb, &ctx->X,
&ctx->P, &ctx->RP ) );
/* Unblind secret value */
if( f_rng != NULL )
{
MPI_CHK( mpi_mul_mpi( &ctx->K, &ctx->K, &ctx->Vf ) );
MPI_CHK( mpi_mod_mpi( &ctx->K, &ctx->K, &ctx->P ) );
}
*olen = mpi_size( &ctx->K );
MPI_CHK( mpi_write_binary( &ctx->K, output, *olen ) );
cleanup:
mpi_free( &GYb );
if( ret != 0 )
return( POLARSSL_ERR_DHM_CALC_SECRET_FAILED + ret );
return( 0 );
}
/*
* Free the components of a DHM key
*/
void dhm_free( dhm_context *ctx )
{
mpi_free( &ctx->pX); mpi_free( &ctx->Vf ); mpi_free( &ctx->Vi );
mpi_free( &ctx->RP ); mpi_free( &ctx->K ); mpi_free( &ctx->GY );
mpi_free( &ctx->GX ); mpi_free( &ctx->X ); mpi_free( &ctx->G );
mpi_free( &ctx->P );
polarssl_zeroize( ctx, sizeof( dhm_context ) );
}
#if defined(POLARSSL_ASN1_PARSE_C)
/*
* Parse DHM parameters
*/
int dhm_parse_dhm( dhm_context *dhm, const unsigned char *dhmin,
size_t dhminlen )
{
int ret;
size_t len;
unsigned char *p, *end;
#if defined(POLARSSL_PEM_PARSE_C)
pem_context pem;
pem_init( &pem );
ret = pem_read_buffer( &pem,
"-----BEGIN DH PARAMETERS-----",
"-----END DH PARAMETERS-----",
dhmin, NULL, 0, &dhminlen );
if( ret == 0 )
{
/*
* Was PEM encoded
*/
dhminlen = pem.buflen;
}
else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
goto exit;
p = ( ret == 0 ) ? pem.buf : (unsigned char *) dhmin;
#else
p = (unsigned char *) dhmin;
#endif /* POLARSSL_PEM_PARSE_C */
end = p + dhminlen;
/*
* DHParams ::= SEQUENCE {
* prime INTEGER, -- P
* generator INTEGER, -- g
* }
*/
if( ( ret = asn1_get_tag( &p, end, &len,
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
{
ret = POLARSSL_ERR_DHM_INVALID_FORMAT + ret;
goto exit;
}
end = p + len;
if( ( ret = asn1_get_mpi( &p, end, &dhm->P ) ) != 0 ||
( ret = asn1_get_mpi( &p, end, &dhm->G ) ) != 0 )
{
ret = POLARSSL_ERR_DHM_INVALID_FORMAT + ret;
goto exit;
}
if( p != end )
{
ret = POLARSSL_ERR_DHM_INVALID_FORMAT +
POLARSSL_ERR_ASN1_LENGTH_MISMATCH;
goto exit;
}
ret = 0;
dhm->len = mpi_size( &dhm->P );
exit:
#if defined(POLARSSL_PEM_PARSE_C)
pem_free( &pem );
#endif
if( ret != 0 )
dhm_free( dhm );
return( ret );
}
#if defined(POLARSSL_FS_IO)
/*
* Load all data from a file into a given buffer.
*/
static int load_file( const char *path, unsigned char **buf, size_t *n )
{
FILE *f;
long size;
if( ( f = fopen( path, "rb" ) ) == NULL )
return( POLARSSL_ERR_DHM_FILE_IO_ERROR );
fseek( f, 0, SEEK_END );
if( ( size = ftell( f ) ) == -1 )
{
fclose( f );
return( POLARSSL_ERR_DHM_FILE_IO_ERROR );
}
fseek( f, 0, SEEK_SET );
*n = (size_t) size;
if( *n + 1 == 0 ||
( *buf = (unsigned char *) polarssl_malloc( *n + 1 ) ) == NULL )
{
fclose( f );
return( POLARSSL_ERR_DHM_MALLOC_FAILED );
}
if( fread( *buf, 1, *n, f ) != *n )
{
fclose( f );
polarssl_free( *buf );
return( POLARSSL_ERR_DHM_FILE_IO_ERROR );
}
fclose( f );
(*buf)[*n] = '\0';
return( 0 );
}
/*
* Load and parse DHM parameters
*/
int dhm_parse_dhmfile( dhm_context *dhm, const char *path )
{
int ret;
size_t n;
unsigned char *buf;
if( ( ret = load_file( path, &buf, &n ) ) != 0 )
return( ret );
ret = dhm_parse_dhm( dhm, buf, n );
polarssl_zeroize( buf, n + 1 );
polarssl_free( buf );
return( ret );
}
#endif /* POLARSSL_FS_IO */
#endif /* POLARSSL_ASN1_PARSE_C */
#if defined(POLARSSL_SELF_TEST)
#include "polarssl/certs.h"
/*
* Checkup routine
*/
int dhm_self_test( int verbose )
{
#if defined(POLARSSL_CERTS_C)
int ret;
dhm_context dhm;
dhm_init( &dhm );
if( verbose != 0 )
polarssl_printf( " DHM parameter load: " );
if( ( ret = dhm_parse_dhm( &dhm, (const unsigned char *) test_dhm_params,
strlen( test_dhm_params ) ) ) != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
ret = 1;
goto exit;
}
if( verbose != 0 )
polarssl_printf( "passed\n\n" );
exit:
dhm_free( &dhm );
return( ret );
#else
if( verbose != 0 )
polarssl_printf( " DHM parameter load: skipped\n" );
return( 0 );
#endif /* POLARSSL_CERTS_C */
}
#endif /* POLARSSL_SELF_TEST */
#endif /* POLARSSL_DHM_C */

280
Externals/polarssl/library/ecdh.c vendored
View File

@ -1,280 +0,0 @@
/*
* Elliptic curve Diffie-Hellman
*
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
/*
* References:
*
* SEC1 http://www.secg.org/index.php?action=secg,docs_secg
* RFC 4492
*/
#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#if defined(POLARSSL_ECDH_C)
#include "polarssl/ecdh.h"
/*
* Generate public key: simple wrapper around ecp_gen_keypair
*/
int ecdh_gen_public( ecp_group *grp, mpi *d, ecp_point *Q,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng )
{
return ecp_gen_keypair( grp, d, Q, f_rng, p_rng );
}
/*
* Compute shared secret (SEC1 3.3.1)
*/
int ecdh_compute_shared( ecp_group *grp, mpi *z,
const ecp_point *Q, const mpi *d,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng )
{
int ret;
ecp_point P;
ecp_point_init( &P );
/*
* Make sure Q is a valid pubkey before using it
*/
MPI_CHK( ecp_check_pubkey( grp, Q ) );
MPI_CHK( ecp_mul( grp, &P, d, Q, f_rng, p_rng ) );
if( ecp_is_zero( &P ) )
{
ret = POLARSSL_ERR_ECP_BAD_INPUT_DATA;
goto cleanup;
}
MPI_CHK( mpi_copy( z, &P.X ) );
cleanup:
ecp_point_free( &P );
return( ret );
}
/*
* Initialize context
*/
void ecdh_init( ecdh_context *ctx )
{
memset( ctx, 0, sizeof( ecdh_context ) );
}
/*
* Free context
*/
void ecdh_free( ecdh_context *ctx )
{
if( ctx == NULL )
return;
ecp_group_free( &ctx->grp );
ecp_point_free( &ctx->Q );
ecp_point_free( &ctx->Qp );
ecp_point_free( &ctx->Vi );
ecp_point_free( &ctx->Vf );
mpi_free( &ctx->d );
mpi_free( &ctx->z );
mpi_free( &ctx->_d );
}
/*
* Setup and write the ServerKeyExhange parameters (RFC 4492)
* struct {
* ECParameters curve_params;
* ECPoint public;
* } ServerECDHParams;
*/
int ecdh_make_params( ecdh_context *ctx, size_t *olen,
unsigned char *buf, size_t blen,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng )
{
int ret;
size_t grp_len, pt_len;
if( ctx == NULL || ctx->grp.pbits == 0 )
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA );
if( ( ret = ecdh_gen_public( &ctx->grp, &ctx->d, &ctx->Q, f_rng, p_rng ) )
!= 0 )
return( ret );
if( ( ret = ecp_tls_write_group( &ctx->grp, &grp_len, buf, blen ) )
!= 0 )
return( ret );
buf += grp_len;
blen -= grp_len;
if( ( ret = ecp_tls_write_point( &ctx->grp, &ctx->Q, ctx->point_format,
&pt_len, buf, blen ) ) != 0 )
return( ret );
*olen = grp_len + pt_len;
return( 0 );
}
/*
* Read the ServerKeyExhange parameters (RFC 4492)
* struct {
* ECParameters curve_params;
* ECPoint public;
* } ServerECDHParams;
*/
int ecdh_read_params( ecdh_context *ctx,
const unsigned char **buf, const unsigned char *end )
{
int ret;
if( ( ret = ecp_tls_read_group( &ctx->grp, buf, end - *buf ) ) != 0 )
return( ret );
if( ( ret = ecp_tls_read_point( &ctx->grp, &ctx->Qp, buf, end - *buf ) )
!= 0 )
return( ret );
return( 0 );
}
/*
* Get parameters from a keypair
*/
int ecdh_get_params( ecdh_context *ctx, const ecp_keypair *key,
ecdh_side side )
{
int ret;
if( ( ret = ecp_group_copy( &ctx->grp, &key->grp ) ) != 0 )
return( ret );
/* If it's not our key, just import the public part as Qp */
if( side == POLARSSL_ECDH_THEIRS )
return( ecp_copy( &ctx->Qp, &key->Q ) );
/* Our key: import public (as Q) and private parts */
if( side != POLARSSL_ECDH_OURS )
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA );
if( ( ret = ecp_copy( &ctx->Q, &key->Q ) ) != 0 ||
( ret = mpi_copy( &ctx->d, &key->d ) ) != 0 )
return( ret );
return( 0 );
}
/*
* Setup and export the client public value
*/
int ecdh_make_public( ecdh_context *ctx, size_t *olen,
unsigned char *buf, size_t blen,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng )
{
int ret;
if( ctx == NULL || ctx->grp.pbits == 0 )
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA );
if( ( ret = ecdh_gen_public( &ctx->grp, &ctx->d, &ctx->Q, f_rng, p_rng ) )
!= 0 )
return( ret );
return ecp_tls_write_point( &ctx->grp, &ctx->Q, ctx->point_format,
olen, buf, blen );
}
/*
* Parse and import the client's public value
*/
int ecdh_read_public( ecdh_context *ctx,
const unsigned char *buf, size_t blen )
{
int ret;
const unsigned char *p = buf;
if( ctx == NULL )
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA );
if( ( ret = ecp_tls_read_point( &ctx->grp, &ctx->Qp, &p, blen ) ) != 0 )
return( ret );
if( (size_t)( p - buf ) != blen )
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA );
return( 0 );
}
/*
* Derive and export the shared secret
*/
int ecdh_calc_secret( ecdh_context *ctx, size_t *olen,
unsigned char *buf, size_t blen,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng )
{
int ret;
if( ctx == NULL )
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA );
if( ( ret = ecdh_compute_shared( &ctx->grp, &ctx->z, &ctx->Qp, &ctx->d,
f_rng, p_rng ) ) != 0 )
{
return( ret );
}
if( mpi_size( &ctx->z ) > blen )
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA );
*olen = ctx->grp.pbits / 8 + ( ( ctx->grp.pbits % 8 ) != 0 );
return mpi_write_binary( &ctx->z, buf, *olen );
}
#if defined(POLARSSL_SELF_TEST)
/*
* Checkup routine
*/
int ecdh_self_test( int verbose )
{
((void) verbose );
return( 0 );
}
#endif /* POLARSSL_SELF_TEST */
#endif /* POLARSSL_ECDH_C */

503
Externals/polarssl/library/ecdsa.c vendored
View File

@ -1,503 +0,0 @@
/*
* Elliptic curve DSA
*
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
/*
* References:
*
* SEC1 http://www.secg.org/index.php?action=secg,docs_secg
*/
#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#if defined(POLARSSL_ECDSA_C)
#include "polarssl/ecdsa.h"
#include "polarssl/asn1write.h"
#if defined(POLARSSL_ECDSA_DETERMINISTIC)
#include "polarssl/hmac_drbg.h"
#endif
#if defined(POLARSSL_ECDSA_DETERMINISTIC)
/*
* This a hopefully temporary compatibility function.
*
* Since we can't ensure the caller will pass a valid md_alg before the next
* interface change, try to pick up a decent md by size.
*
* Argument is the minimum size in bytes of the MD output.
*/
static const md_info_t *md_info_by_size( size_t min_size )
{
const md_info_t *md_cur, *md_picked = NULL;
const int *md_alg;
for( md_alg = md_list(); *md_alg != 0; md_alg++ )
{
if( ( md_cur = md_info_from_type( *md_alg ) ) == NULL ||
(size_t) md_cur->size < min_size ||
( md_picked != NULL && md_cur->size > md_picked->size ) )
continue;
md_picked = md_cur;
}
return( md_picked );
}
#endif /* POLARSSL_ECDSA_DETERMINISTIC */
/*
* Derive a suitable integer for group grp from a buffer of length len
* SEC1 4.1.3 step 5 aka SEC1 4.1.4 step 3
*/
static int derive_mpi( const ecp_group *grp, mpi *x,
const unsigned char *buf, size_t blen )
{
int ret;
size_t n_size = ( grp->nbits + 7 ) / 8;
size_t use_size = blen > n_size ? n_size : blen;
MPI_CHK( mpi_read_binary( x, buf, use_size ) );
if( use_size * 8 > grp->nbits )
MPI_CHK( mpi_shift_r( x, use_size * 8 - grp->nbits ) );
/* While at it, reduce modulo N */
if( mpi_cmp_mpi( x, &grp->N ) >= 0 )
MPI_CHK( mpi_sub_mpi( x, x, &grp->N ) );
cleanup:
return( ret );
}
/*
* Compute ECDSA signature of a hashed message (SEC1 4.1.3)
* Obviously, compared to SEC1 4.1.3, we skip step 4 (hash message)
*/
int ecdsa_sign( ecp_group *grp, mpi *r, mpi *s,
const mpi *d, const unsigned char *buf, size_t blen,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
{
int ret, key_tries, sign_tries, blind_tries;
ecp_point R;
mpi k, e, t;
/* Fail cleanly on curves such as Curve25519 that can't be used for ECDSA */
if( grp->N.p == NULL )
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA );
ecp_point_init( &R );
mpi_init( &k ); mpi_init( &e ); mpi_init( &t );
sign_tries = 0;
do
{
/*
* Steps 1-3: generate a suitable ephemeral keypair
* and set r = xR mod n
*/
key_tries = 0;
do
{
MPI_CHK( ecp_gen_keypair( grp, &k, &R, f_rng, p_rng ) );
MPI_CHK( mpi_mod_mpi( r, &R.X, &grp->N ) );
if( key_tries++ > 10 )
{
ret = POLARSSL_ERR_ECP_RANDOM_FAILED;
goto cleanup;
}
}
while( mpi_cmp_int( r, 0 ) == 0 );
/*
* Step 5: derive MPI from hashed message
*/
MPI_CHK( derive_mpi( grp, &e, buf, blen ) );
/*
* Generate a random value to blind inv_mod in next step,
* avoiding a potential timing leak.
*/
blind_tries = 0;
do
{
size_t n_size = ( grp->nbits + 7 ) / 8;
MPI_CHK( mpi_fill_random( &t, n_size, f_rng, p_rng ) );
MPI_CHK( mpi_shift_r( &t, 8 * n_size - grp->nbits ) );
/* See ecp_gen_keypair() */
if( ++blind_tries > 30 )
return( POLARSSL_ERR_ECP_RANDOM_FAILED );
}
while( mpi_cmp_int( &t, 1 ) < 0 ||
mpi_cmp_mpi( &t, &grp->N ) >= 0 );
/*
* Step 6: compute s = (e + r * d) / k = t (e + rd) / (kt) mod n
*/
MPI_CHK( mpi_mul_mpi( s, r, d ) );
MPI_CHK( mpi_add_mpi( &e, &e, s ) );
MPI_CHK( mpi_mul_mpi( &e, &e, &t ) );
MPI_CHK( mpi_mul_mpi( &k, &k, &t ) );
MPI_CHK( mpi_inv_mod( s, &k, &grp->N ) );
MPI_CHK( mpi_mul_mpi( s, s, &e ) );
MPI_CHK( mpi_mod_mpi( s, s, &grp->N ) );
if( sign_tries++ > 10 )
{
ret = POLARSSL_ERR_ECP_RANDOM_FAILED;
goto cleanup;
}
}
while( mpi_cmp_int( s, 0 ) == 0 );
cleanup:
ecp_point_free( &R );
mpi_free( &k ); mpi_free( &e ); mpi_free( &t );
return( ret );
}
#if defined(POLARSSL_ECDSA_DETERMINISTIC)
/*
* Deterministic signature wrapper
*/
int ecdsa_sign_det( ecp_group *grp, mpi *r, mpi *s,
const mpi *d, const unsigned char *buf, size_t blen,
md_type_t md_alg )
{
int ret;
hmac_drbg_context rng_ctx;
unsigned char data[2 * POLARSSL_ECP_MAX_BYTES];
size_t grp_len = ( grp->nbits + 7 ) / 8;
const md_info_t *md_info;
mpi h;
/* Temporary fallback */
if( md_alg == POLARSSL_MD_NONE )
md_info = md_info_by_size( blen );
else
md_info = md_info_from_type( md_alg );
if( md_info == NULL )
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA );
mpi_init( &h );
memset( &rng_ctx, 0, sizeof( hmac_drbg_context ) );
/* Use private key and message hash (reduced) to initialize HMAC_DRBG */
MPI_CHK( mpi_write_binary( d, data, grp_len ) );
MPI_CHK( derive_mpi( grp, &h, buf, blen ) );
MPI_CHK( mpi_write_binary( &h, data + grp_len, grp_len ) );
hmac_drbg_init_buf( &rng_ctx, md_info, data, 2 * grp_len );
ret = ecdsa_sign( grp, r, s, d, buf, blen,
hmac_drbg_random, &rng_ctx );
cleanup:
hmac_drbg_free( &rng_ctx );
mpi_free( &h );
return( ret );
}
#endif /* POLARSSL_ECDSA_DETERMINISTIC */
/*
* Verify ECDSA signature of hashed message (SEC1 4.1.4)
* Obviously, compared to SEC1 4.1.3, we skip step 2 (hash message)
*/
int ecdsa_verify( ecp_group *grp,
const unsigned char *buf, size_t blen,
const ecp_point *Q, const mpi *r, const mpi *s)
{
int ret;
mpi e, s_inv, u1, u2;
ecp_point R, P;
ecp_point_init( &R ); ecp_point_init( &P );
mpi_init( &e ); mpi_init( &s_inv ); mpi_init( &u1 ); mpi_init( &u2 );
/* Fail cleanly on curves such as Curve25519 that can't be used for ECDSA */
if( grp->N.p == NULL )
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA );
/*
* Step 1: make sure r and s are in range 1..n-1
*/
if( mpi_cmp_int( r, 1 ) < 0 || mpi_cmp_mpi( r, &grp->N ) >= 0 ||
mpi_cmp_int( s, 1 ) < 0 || mpi_cmp_mpi( s, &grp->N ) >= 0 )
{
ret = POLARSSL_ERR_ECP_VERIFY_FAILED;
goto cleanup;
}
/*
* Additional precaution: make sure Q is valid
*/
MPI_CHK( ecp_check_pubkey( grp, Q ) );
/*
* Step 3: derive MPI from hashed message
*/
MPI_CHK( derive_mpi( grp, &e, buf, blen ) );
/*
* Step 4: u1 = e / s mod n, u2 = r / s mod n
*/
MPI_CHK( mpi_inv_mod( &s_inv, s, &grp->N ) );
MPI_CHK( mpi_mul_mpi( &u1, &e, &s_inv ) );
MPI_CHK( mpi_mod_mpi( &u1, &u1, &grp->N ) );
MPI_CHK( mpi_mul_mpi( &u2, r, &s_inv ) );
MPI_CHK( mpi_mod_mpi( &u2, &u2, &grp->N ) );
/*
* Step 5: R = u1 G + u2 Q
*
* Since we're not using any secret data, no need to pass a RNG to
* ecp_mul() for countermesures.
*/
MPI_CHK( ecp_mul( grp, &R, &u1, &grp->G, NULL, NULL ) );
MPI_CHK( ecp_mul( grp, &P, &u2, Q, NULL, NULL ) );
MPI_CHK( ecp_add( grp, &R, &R, &P ) );
if( ecp_is_zero( &R ) )
{
ret = POLARSSL_ERR_ECP_VERIFY_FAILED;
goto cleanup;
}
/*
* Step 6: convert xR to an integer (no-op)
* Step 7: reduce xR mod n (gives v)
*/
MPI_CHK( mpi_mod_mpi( &R.X, &R.X, &grp->N ) );
/*
* Step 8: check if v (that is, R.X) is equal to r
*/
if( mpi_cmp_mpi( &R.X, r ) != 0 )
{
ret = POLARSSL_ERR_ECP_VERIFY_FAILED;
goto cleanup;
}
cleanup:
ecp_point_free( &R ); ecp_point_free( &P );
mpi_free( &e ); mpi_free( &s_inv ); mpi_free( &u1 ); mpi_free( &u2 );
return( ret );
}
/*
* RFC 4492 page 20:
*
* Ecdsa-Sig-Value ::= SEQUENCE {
* r INTEGER,
* s INTEGER
* }
*
* Size is at most
* 1 (tag) + 1 (len) + 1 (initial 0) + ECP_MAX_BYTES for each of r and s,
* twice that + 1 (tag) + 2 (len) for the sequence
* (assuming ECP_MAX_BYTES is less than 126 for r and s,
* and less than 124 (total len <= 255) for the sequence)
*/
#if POLARSSL_ECP_MAX_BYTES > 124
#error "POLARSSL_ECP_MAX_BYTES bigger than expected, please fix MAX_SIG_LEN"
#endif
#define MAX_SIG_LEN ( 3 + 2 * ( 2 + POLARSSL_ECP_MAX_BYTES ) )
/*
* Convert a signature (given by context) to ASN.1
*/
static int ecdsa_signature_to_asn1( ecdsa_context *ctx,
unsigned char *sig, size_t *slen )
{
int ret;
unsigned char buf[MAX_SIG_LEN];
unsigned char *p = buf + sizeof( buf );
size_t len = 0;
ASN1_CHK_ADD( len, asn1_write_mpi( &p, buf, &ctx->s ) );
ASN1_CHK_ADD( len, asn1_write_mpi( &p, buf, &ctx->r ) );
ASN1_CHK_ADD( len, asn1_write_len( &p, buf, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( &p, buf,
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) );
memcpy( sig, p, len );
*slen = len;
return( 0 );
}
/*
* Compute and write signature
*/
int ecdsa_write_signature( ecdsa_context *ctx,
const unsigned char *hash, size_t hlen,
unsigned char *sig, size_t *slen,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng )
{
int ret;
if( ( ret = ecdsa_sign( &ctx->grp, &ctx->r, &ctx->s, &ctx->d,
hash, hlen, f_rng, p_rng ) ) != 0 )
{
return( ret );
}
return( ecdsa_signature_to_asn1( ctx, sig, slen ) );
}
#if defined(POLARSSL_ECDSA_DETERMINISTIC)
/*
* Compute and write signature deterministically
*/
int ecdsa_write_signature_det( ecdsa_context *ctx,
const unsigned char *hash, size_t hlen,
unsigned char *sig, size_t *slen,
md_type_t md_alg )
{
int ret;
if( ( ret = ecdsa_sign_det( &ctx->grp, &ctx->r, &ctx->s, &ctx->d,
hash, hlen, md_alg ) ) != 0 )
{
return( ret );
}
return( ecdsa_signature_to_asn1( ctx, sig, slen ) );
}
#endif /* POLARSSL_ECDSA_DETERMINISTIC */
/*
* Read and check signature
*/
int ecdsa_read_signature( ecdsa_context *ctx,
const unsigned char *hash, size_t hlen,
const unsigned char *sig, size_t slen )
{
int ret;
unsigned char *p = (unsigned char *) sig;
const unsigned char *end = sig + slen;
size_t len;
if( ( ret = asn1_get_tag( &p, end, &len,
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
{
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA + ret );
}
if( p + len != end )
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA +
POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
if( ( ret = asn1_get_mpi( &p, end, &ctx->r ) ) != 0 ||
( ret = asn1_get_mpi( &p, end, &ctx->s ) ) != 0 )
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA + ret );
if( ( ret = ecdsa_verify( &ctx->grp, hash, hlen,
&ctx->Q, &ctx->r, &ctx->s ) ) != 0 )
return( ret );
if( p != end )
return( POLARSSL_ERR_ECP_SIG_LEN_MISMATCH );
return( 0 );
}
/*
* Generate key pair
*/
int ecdsa_genkey( ecdsa_context *ctx, ecp_group_id gid,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
{
return( ecp_use_known_dp( &ctx->grp, gid ) ||
ecp_gen_keypair( &ctx->grp, &ctx->d, &ctx->Q, f_rng, p_rng ) );
}
/*
* Set context from an ecp_keypair
*/
int ecdsa_from_keypair( ecdsa_context *ctx, const ecp_keypair *key )
{
int ret;
if( ( ret = ecp_group_copy( &ctx->grp, &key->grp ) ) != 0 ||
( ret = mpi_copy( &ctx->d, &key->d ) ) != 0 ||
( ret = ecp_copy( &ctx->Q, &key->Q ) ) != 0 )
{
ecdsa_free( ctx );
}
return( ret );
}
/*
* Initialize context
*/
void ecdsa_init( ecdsa_context *ctx )
{
ecp_group_init( &ctx->grp );
mpi_init( &ctx->d );
ecp_point_init( &ctx->Q );
mpi_init( &ctx->r );
mpi_init( &ctx->s );
}
/*
* Free context
*/
void ecdsa_free( ecdsa_context *ctx )
{
ecp_group_free( &ctx->grp );
mpi_free( &ctx->d );
ecp_point_free( &ctx->Q );
mpi_free( &ctx->r );
mpi_free( &ctx->s );
}
#if defined(POLARSSL_SELF_TEST)
/*
* Checkup routine
*/
int ecdsa_self_test( int verbose )
{
((void) verbose );
return( 0 );
}
#endif /* POLARSSL_SELF_TEST */
#endif /* POLARSSL_ECDSA_C */

2029
Externals/polarssl/library/ecp.c vendored
View File

File diff suppressed because it is too large Load Diff

1380
Externals/polarssl/library/ecp_curves.c vendored
View File

File diff suppressed because it is too large Load Diff

477
Externals/polarssl/library/entropy.c vendored
View File

@ -1,477 +0,0 @@
/*
* Entropy accumulator implementation
*
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#if defined(POLARSSL_ENTROPY_C)
#include "polarssl/entropy.h"
#include "polarssl/entropy_poll.h"
#if defined(POLARSSL_FS_IO)
#include <stdio.h>
#endif
#if defined(POLARSSL_HAVEGE_C)
#include "polarssl/havege.h"
#endif
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
#define ENTROPY_MAX_LOOP 256 /**< Maximum amount to loop before error */
void entropy_init( entropy_context *ctx )
{
memset( ctx, 0, sizeof(entropy_context) );
#if defined(POLARSSL_THREADING_C)
polarssl_mutex_init( &ctx->mutex );
#endif
#if defined(POLARSSL_ENTROPY_SHA512_ACCUMULATOR)
sha512_starts( &ctx->accumulator, 0 );
#else
sha256_starts( &ctx->accumulator, 0 );
#endif
#if defined(POLARSSL_HAVEGE_C)
havege_init( &ctx->havege_data );
#endif
#if !defined(POLARSSL_NO_DEFAULT_ENTROPY_SOURCES)
#if !defined(POLARSSL_NO_PLATFORM_ENTROPY)
entropy_add_source( ctx, platform_entropy_poll, NULL,
ENTROPY_MIN_PLATFORM );
#endif
#if defined(POLARSSL_TIMING_C)
entropy_add_source( ctx, hardclock_poll, NULL, ENTROPY_MIN_HARDCLOCK );
#endif
#if defined(POLARSSL_HAVEGE_C)
entropy_add_source( ctx, havege_poll, &ctx->havege_data,
ENTROPY_MIN_HAVEGE );
#endif
#endif /* POLARSSL_NO_DEFAULT_ENTROPY_SOURCES */
}
void entropy_free( entropy_context *ctx )
{
#if defined(POLARSSL_HAVEGE_C)
havege_free( &ctx->havege_data );
#endif
polarssl_zeroize( ctx, sizeof( entropy_context ) );
#if defined(POLARSSL_THREADING_C)
polarssl_mutex_free( &ctx->mutex );
#endif
}
int entropy_add_source( entropy_context *ctx,
f_source_ptr f_source, void *p_source,
size_t threshold )
{
int index, ret = 0;
#if defined(POLARSSL_THREADING_C)
if( ( ret = polarssl_mutex_lock( &ctx->mutex ) ) != 0 )
return( ret );
#endif
index = ctx->source_count;
if( index >= ENTROPY_MAX_SOURCES )
{
ret = POLARSSL_ERR_ENTROPY_MAX_SOURCES;
goto exit;
}
ctx->source[index].f_source = f_source;
ctx->source[index].p_source = p_source;
ctx->source[index].threshold = threshold;
ctx->source_count++;
exit:
#if defined(POLARSSL_THREADING_C)
if( polarssl_mutex_unlock( &ctx->mutex ) != 0 )
return( POLARSSL_ERR_THREADING_MUTEX_ERROR );
#endif
return( ret );
}
/*
* Entropy accumulator update
*/
static int entropy_update( entropy_context *ctx, unsigned char source_id,
const unsigned char *data, size_t len )
{
unsigned char header[2];
unsigned char tmp[ENTROPY_BLOCK_SIZE];
size_t use_len = len;
const unsigned char *p = data;
if( use_len > ENTROPY_BLOCK_SIZE )
{
#if defined(POLARSSL_ENTROPY_SHA512_ACCUMULATOR)
sha512( data, len, tmp, 0 );
#else
sha256( data, len, tmp, 0 );
#endif
p = tmp;
use_len = ENTROPY_BLOCK_SIZE;
}
header[0] = source_id;
header[1] = use_len & 0xFF;
#if defined(POLARSSL_ENTROPY_SHA512_ACCUMULATOR)
sha512_update( &ctx->accumulator, header, 2 );
sha512_update( &ctx->accumulator, p, use_len );
#else
sha256_update( &ctx->accumulator, header, 2 );
sha256_update( &ctx->accumulator, p, use_len );
#endif
return( 0 );
}
int entropy_update_manual( entropy_context *ctx,
const unsigned char *data, size_t len )
{
int ret;
#if defined(POLARSSL_THREADING_C)
if( ( ret = polarssl_mutex_lock( &ctx->mutex ) ) != 0 )
return( ret );
#endif
ret = entropy_update( ctx, ENTROPY_SOURCE_MANUAL, data, len );
#if defined(POLARSSL_THREADING_C)
if( polarssl_mutex_unlock( &ctx->mutex ) != 0 )
return( POLARSSL_ERR_THREADING_MUTEX_ERROR );
#endif
return( ret );
}
/*
* Run through the different sources to add entropy to our accumulator
*/
static int entropy_gather_internal( entropy_context *ctx )
{
int ret, i;
unsigned char buf[ENTROPY_MAX_GATHER];
size_t olen;
if( ctx->source_count == 0 )
return( POLARSSL_ERR_ENTROPY_NO_SOURCES_DEFINED );
/*
* Run through our entropy sources
*/
for( i = 0; i < ctx->source_count; i++ )
{
olen = 0;
if( ( ret = ctx->source[i].f_source( ctx->source[i].p_source,
buf, ENTROPY_MAX_GATHER, &olen ) ) != 0 )
{
return( ret );
}
/*
* Add if we actually gathered something
*/
if( olen > 0 )
{
entropy_update( ctx, (unsigned char) i, buf, olen );
ctx->source[i].size += olen;
}
}
return( 0 );
}
/*
* Thread-safe wrapper for entropy_gather_internal()
*/
int entropy_gather( entropy_context *ctx )
{
int ret;
#if defined(POLARSSL_THREADING_C)
if( ( ret = polarssl_mutex_lock( &ctx->mutex ) ) != 0 )
return( ret );
#endif
ret = entropy_gather_internal( ctx );
#if defined(POLARSSL_THREADING_C)
if( polarssl_mutex_unlock( &ctx->mutex ) != 0 )
return( POLARSSL_ERR_THREADING_MUTEX_ERROR );
#endif
return( ret );
}
int entropy_func( void *data, unsigned char *output, size_t len )
{
int ret, count = 0, i, reached;
entropy_context *ctx = (entropy_context *) data;
unsigned char buf[ENTROPY_BLOCK_SIZE];
if( len > ENTROPY_BLOCK_SIZE )
return( POLARSSL_ERR_ENTROPY_SOURCE_FAILED );
#if defined(POLARSSL_THREADING_C)
if( ( ret = polarssl_mutex_lock( &ctx->mutex ) ) != 0 )
return( ret );
#endif
/*
* Always gather extra entropy before a call
*/
do
{
if( count++ > ENTROPY_MAX_LOOP )
{
ret = POLARSSL_ERR_ENTROPY_SOURCE_FAILED;
goto exit;
}
if( ( ret = entropy_gather_internal( ctx ) ) != 0 )
goto exit;
reached = 0;
for( i = 0; i < ctx->source_count; i++ )
if( ctx->source[i].size >= ctx->source[i].threshold )
reached++;
}
while( reached != ctx->source_count );
memset( buf, 0, ENTROPY_BLOCK_SIZE );
#if defined(POLARSSL_ENTROPY_SHA512_ACCUMULATOR)
sha512_finish( &ctx->accumulator, buf );
/*
* Reset accumulator and counters and recycle existing entropy
*/
memset( &ctx->accumulator, 0, sizeof( sha512_context ) );
sha512_starts( &ctx->accumulator, 0 );
sha512_update( &ctx->accumulator, buf, ENTROPY_BLOCK_SIZE );
/*
* Perform second SHA-512 on entropy
*/
sha512( buf, ENTROPY_BLOCK_SIZE, buf, 0 );
#else /* POLARSSL_ENTROPY_SHA512_ACCUMULATOR */
sha256_finish( &ctx->accumulator, buf );
/*
* Reset accumulator and counters and recycle existing entropy
*/
memset( &ctx->accumulator, 0, sizeof( sha256_context ) );
sha256_starts( &ctx->accumulator, 0 );
sha256_update( &ctx->accumulator, buf, ENTROPY_BLOCK_SIZE );
/*
* Perform second SHA-256 on entropy
*/
sha256( buf, ENTROPY_BLOCK_SIZE, buf, 0 );
#endif /* POLARSSL_ENTROPY_SHA512_ACCUMULATOR */
for( i = 0; i < ctx->source_count; i++ )
ctx->source[i].size = 0;
memcpy( output, buf, len );
ret = 0;
exit:
#if defined(POLARSSL_THREADING_C)
if( polarssl_mutex_unlock( &ctx->mutex ) != 0 )
return( POLARSSL_ERR_THREADING_MUTEX_ERROR );
#endif
return( ret );
}
#if defined(POLARSSL_FS_IO)
int entropy_write_seed_file( entropy_context *ctx, const char *path )
{
int ret = POLARSSL_ERR_ENTROPY_FILE_IO_ERROR;
FILE *f;
unsigned char buf[ENTROPY_BLOCK_SIZE];
if( ( f = fopen( path, "wb" ) ) == NULL )
return( POLARSSL_ERR_ENTROPY_FILE_IO_ERROR );
if( ( ret = entropy_func( ctx, buf, ENTROPY_BLOCK_SIZE ) ) != 0 )
goto exit;
if( fwrite( buf, 1, ENTROPY_BLOCK_SIZE, f ) != ENTROPY_BLOCK_SIZE )
{
ret = POLARSSL_ERR_ENTROPY_FILE_IO_ERROR;
goto exit;
}
ret = 0;
exit:
fclose( f );
return( ret );
}
int entropy_update_seed_file( entropy_context *ctx, const char *path )
{
FILE *f;
size_t n;
unsigned char buf[ ENTROPY_MAX_SEED_SIZE ];
if( ( f = fopen( path, "rb" ) ) == NULL )
return( POLARSSL_ERR_ENTROPY_FILE_IO_ERROR );
fseek( f, 0, SEEK_END );
n = (size_t) ftell( f );
fseek( f, 0, SEEK_SET );
if( n > ENTROPY_MAX_SEED_SIZE )
n = ENTROPY_MAX_SEED_SIZE;
if( fread( buf, 1, n, f ) != n )
{
fclose( f );
return( POLARSSL_ERR_ENTROPY_FILE_IO_ERROR );
}
fclose( f );
entropy_update_manual( ctx, buf, n );
return( entropy_write_seed_file( ctx, path ) );
}
#endif /* POLARSSL_FS_IO */
#if defined(POLARSSL_SELF_TEST)
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#include <stdio.h>
#define polarssl_printf printf
#endif
/*
* Dummy source function
*/
static int entropy_dummy_source( void *data, unsigned char *output,
size_t len, size_t *olen )
{
((void) data);
memset( output, 0x2a, len );
*olen = len;
return( 0 );
}
/*
* The actual entropy quality is hard to test, but we can at least
* test that the functions don't cause errors and write the correct
* amount of data to buffers.
*/
int entropy_self_test( int verbose )
{
int ret = 0;
entropy_context ctx;
unsigned char buf[ENTROPY_BLOCK_SIZE] = { 0 };
unsigned char acc[ENTROPY_BLOCK_SIZE] = { 0 };
size_t i, j;
if( verbose != 0 )
polarssl_printf( " ENTROPY test: " );
entropy_init( &ctx );
ret = entropy_add_source( &ctx, entropy_dummy_source, NULL, 16 );
if( ret != 0 )
goto cleanup;
if( ( ret = entropy_gather( &ctx ) ) != 0 )
goto cleanup;
if( ( ret = entropy_update_manual( &ctx, buf, sizeof buf ) ) != 0 )
goto cleanup;
/*
* To test that entropy_func writes correct number of bytes:
* - use the whole buffer and rely on ASan to detect overruns
* - collect entropy 8 times and OR the result in an accumulator:
* any byte should then be 0 with probably 2^(-64), so requiring
* each of the 32 or 64 bytes to be non-zero has a false failure rate
* of at most 2^(-58) which is acceptable.
*/
for( i = 0; i < 8; i++ )
{
if( ( ret = entropy_func( &ctx, buf, sizeof( buf ) ) ) != 0 )
goto cleanup;
for( j = 0; j < sizeof( buf ); j++ )
acc[j] |= buf[j];
}
for( j = 0; j < sizeof( buf ); j++ )
{
if( acc[j] == 0 )
{
ret = 1;
goto cleanup;
}
}
cleanup:
entropy_free( &ctx );
if( verbose != 0 )
{
if( ret != 0 )
polarssl_printf( "failed\n" );
else
polarssl_printf( "passed\n" );
polarssl_printf( "\n" );
}
return( ret != 0 );
}
#endif /* POLARSSL_SELF_TEST */
#endif /* POLARSSL_ENTROPY_C */

140
Externals/polarssl/library/entropy_poll.c vendored
View File

@ -1,140 +0,0 @@
/*
* Platform-specific and custom entropy polling functions
*
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#if defined(POLARSSL_ENTROPY_C)
#include "polarssl/entropy.h"
#include "polarssl/entropy_poll.h"
#if defined(POLARSSL_TIMING_C)
#include "polarssl/timing.h"
#endif
#if defined(POLARSSL_HAVEGE_C)
#include "polarssl/havege.h"
#endif
#if !defined(POLARSSL_NO_PLATFORM_ENTROPY)
#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
#if !defined(_WIN32_WINNT)
#define _WIN32_WINNT 0x0400
#endif
#include <windows.h>
#include <wincrypt.h>
int platform_entropy_poll( void *data, unsigned char *output, size_t len,
size_t *olen )
{
HCRYPTPROV provider;
((void) data);
*olen = 0;
if( CryptAcquireContext( &provider, NULL, NULL,
PROV_RSA_FULL, CRYPT_VERIFYCONTEXT ) == FALSE )
{
return( POLARSSL_ERR_ENTROPY_SOURCE_FAILED );
}
if( CryptGenRandom( provider, (DWORD) len, output ) == FALSE )
return( POLARSSL_ERR_ENTROPY_SOURCE_FAILED );
CryptReleaseContext( provider, 0 );
*olen = len;
return( 0 );
}
#else /* _WIN32 && !EFIX64 && !EFI32 */
#include <stdio.h>
int platform_entropy_poll( void *data,
unsigned char *output, size_t len, size_t *olen )
{
FILE *file;
size_t ret;
((void) data);
*olen = 0;
file = fopen( "/dev/urandom", "rb" );
if( file == NULL )
return( POLARSSL_ERR_ENTROPY_SOURCE_FAILED );
ret = fread( output, 1, len, file );
if( ret != len )
{
fclose( file );
return( POLARSSL_ERR_ENTROPY_SOURCE_FAILED );
}
fclose( file );
*olen = len;
return( 0 );
}
#endif /* _WIN32 && !EFIX64 && !EFI32 */
#endif /* !POLARSSL_NO_PLATFORM_ENTROPY */
#if defined(POLARSSL_TIMING_C)
int hardclock_poll( void *data,
unsigned char *output, size_t len, size_t *olen )
{
unsigned long timer = hardclock();
((void) data);
*olen = 0;
if( len < sizeof(unsigned long) )
return( 0 );
memcpy( output, &timer, sizeof(unsigned long) );
*olen = sizeof(unsigned long);
return( 0 );
}
#endif /* POLARSSL_TIMING_C */
#if defined(POLARSSL_HAVEGE_C)
int havege_poll( void *data,
unsigned char *output, size_t len, size_t *olen )
{
havege_state *hs = (havege_state *) data;
*olen = 0;
if( havege_random( hs, output, len ) != 0 )
return( POLARSSL_ERR_ENTROPY_SOURCE_FAILED );
*olen = len;
return( 0 );
}
#endif /* POLARSSL_HAVEGE_C */
#endif /* POLARSSL_ENTROPY_C */

769
Externals/polarssl/library/error.c vendored
View File

@ -1,769 +0,0 @@
/*
* Error message information
*
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#if defined(POLARSSL_ERROR_C) || defined(POLARSSL_ERROR_STRERROR_DUMMY)
#include "polarssl/error.h"
#endif
#if defined(POLARSSL_ERROR_C)
#if defined(POLARSSL_AES_C)
#include "polarssl/aes.h"
#endif
#if defined(POLARSSL_BASE64_C)
#include "polarssl/base64.h"
#endif
#if defined(POLARSSL_BIGNUM_C)
#include "polarssl/bignum.h"
#endif
#if defined(POLARSSL_BLOWFISH_C)
#include "polarssl/blowfish.h"
#endif
#if defined(POLARSSL_CAMELLIA_C)
#include "polarssl/camellia.h"
#endif
#if defined(POLARSSL_CCM_C)
#include "polarssl/ccm.h"
#endif
#if defined(POLARSSL_CIPHER_C)
#include "polarssl/cipher.h"
#endif
#if defined(POLARSSL_CTR_DRBG_C)
#include "polarssl/ctr_drbg.h"
#endif
#if defined(POLARSSL_DES_C)
#include "polarssl/des.h"
#endif
#if defined(POLARSSL_DHM_C)
#include "polarssl/dhm.h"
#endif
#if defined(POLARSSL_ECP_C)
#include "polarssl/ecp.h"
#endif
#if defined(POLARSSL_ENTROPY_C)
#include "polarssl/entropy.h"
#endif
#if defined(POLARSSL_GCM_C)
#include "polarssl/gcm.h"
#endif
#if defined(POLARSSL_HMAC_DRBG_C)
#include "polarssl/hmac_drbg.h"
#endif
#if defined(POLARSSL_MD_C)
#include "polarssl/md.h"
#endif
#if defined(POLARSSL_MD2_C)
#include "polarssl/md2.h"
#endif
#if defined(POLARSSL_MD4_C)
#include "polarssl/md4.h"
#endif
#if defined(POLARSSL_MD5_C)
#include "polarssl/md5.h"
#endif
#if defined(POLARSSL_NET_C)
#include "polarssl/net.h"
#endif
#if defined(POLARSSL_OID_C)
#include "polarssl/oid.h"
#endif
#if defined(POLARSSL_PADLOCK_C)
#include "polarssl/padlock.h"
#endif
#if defined(POLARSSL_PBKDF2_C)
#include "polarssl/pbkdf2.h"
#endif
#if defined(POLARSSL_PEM_PARSE_C) || defined(POLARSSL_PEM_WRITE_C)
#include "polarssl/pem.h"
#endif
#if defined(POLARSSL_PK_C)
#include "polarssl/pk.h"
#endif
#if defined(POLARSSL_PKCS12_C)
#include "polarssl/pkcs12.h"
#endif
#if defined(POLARSSL_PKCS5_C)
#include "polarssl/pkcs5.h"
#endif
#if defined(POLARSSL_RIPEMD160_C)
#include "polarssl/ripemd160.h"
#endif
#if defined(POLARSSL_RSA_C)
#include "polarssl/rsa.h"
#endif
#if defined(POLARSSL_SHA1_C)
#include "polarssl/sha1.h"
#endif
#if defined(POLARSSL_SHA256_C)
#include "polarssl/sha256.h"
#endif
#if defined(POLARSSL_SHA512_C)
#include "polarssl/sha512.h"
#endif
#if defined(POLARSSL_SSL_TLS_C)
#include "polarssl/ssl.h"
#endif
#if defined(POLARSSL_THREADING_C)
#include "polarssl/threading.h"
#endif
#if defined(POLARSSL_X509_USE_C) || defined(POLARSSL_X509_CREATE_C)
#include "polarssl/x509.h"
#endif
#if defined(POLARSSL_XTEA_C)
#include "polarssl/xtea.h"
#endif
#include <string.h>
#if defined(_MSC_VER) && !defined snprintf && !defined(EFIX64) && \
!defined(EFI32)
#define snprintf _snprintf
#endif
void polarssl_strerror( int ret, char *buf, size_t buflen )
{
size_t len;
int use_ret;
if( buflen == 0 )
return;
memset( buf, 0x00, buflen );
/* Reduce buflen to make sure MSVC _snprintf() ends with \0 as well */
buflen -= 1;
if( ret < 0 )
ret = -ret;
if( ret & 0xFF80 )
{
use_ret = ret & 0xFF80;
// High level error codes
//
// BEGIN generated code
#if defined(POLARSSL_CIPHER_C)
if( use_ret == -(POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE) )
snprintf( buf, buflen, "CIPHER - The selected feature is not available" );
if( use_ret == -(POLARSSL_ERR_CIPHER_BAD_INPUT_DATA) )
snprintf( buf, buflen, "CIPHER - Bad input parameters to function" );
if( use_ret == -(POLARSSL_ERR_CIPHER_ALLOC_FAILED) )
snprintf( buf, buflen, "CIPHER - Failed to allocate memory" );
if( use_ret == -(POLARSSL_ERR_CIPHER_INVALID_PADDING) )
snprintf( buf, buflen, "CIPHER - Input data contains invalid padding and is rejected" );
if( use_ret == -(POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED) )
snprintf( buf, buflen, "CIPHER - Decryption of block requires a full block" );
if( use_ret == -(POLARSSL_ERR_CIPHER_AUTH_FAILED) )
snprintf( buf, buflen, "CIPHER - Authentication failed (for AEAD modes)" );
#endif /* POLARSSL_CIPHER_C */
#if defined(POLARSSL_DHM_C)
if( use_ret == -(POLARSSL_ERR_DHM_BAD_INPUT_DATA) )
snprintf( buf, buflen, "DHM - Bad input parameters to function" );
if( use_ret == -(POLARSSL_ERR_DHM_READ_PARAMS_FAILED) )
snprintf( buf, buflen, "DHM - Reading of the DHM parameters failed" );
if( use_ret == -(POLARSSL_ERR_DHM_MAKE_PARAMS_FAILED) )
snprintf( buf, buflen, "DHM - Making of the DHM parameters failed" );
if( use_ret == -(POLARSSL_ERR_DHM_READ_PUBLIC_FAILED) )
snprintf( buf, buflen, "DHM - Reading of the public values failed" );
if( use_ret == -(POLARSSL_ERR_DHM_MAKE_PUBLIC_FAILED) )
snprintf( buf, buflen, "DHM - Making of the public value failed" );
if( use_ret == -(POLARSSL_ERR_DHM_CALC_SECRET_FAILED) )
snprintf( buf, buflen, "DHM - Calculation of the DHM secret failed" );
if( use_ret == -(POLARSSL_ERR_DHM_INVALID_FORMAT) )
snprintf( buf, buflen, "DHM - The ASN.1 data is not formatted correctly" );
if( use_ret == -(POLARSSL_ERR_DHM_MALLOC_FAILED) )
snprintf( buf, buflen, "DHM - Allocation of memory failed" );
if( use_ret == -(POLARSSL_ERR_DHM_FILE_IO_ERROR) )
snprintf( buf, buflen, "DHM - Read/write of file failed" );
#endif /* POLARSSL_DHM_C */
#if defined(POLARSSL_ECP_C)
if( use_ret == -(POLARSSL_ERR_ECP_BAD_INPUT_DATA) )
snprintf( buf, buflen, "ECP - Bad input parameters to function" );
if( use_ret == -(POLARSSL_ERR_ECP_BUFFER_TOO_SMALL) )
snprintf( buf, buflen, "ECP - The buffer is too small to write to" );
if( use_ret == -(POLARSSL_ERR_ECP_FEATURE_UNAVAILABLE) )
snprintf( buf, buflen, "ECP - Requested curve not available" );
if( use_ret == -(POLARSSL_ERR_ECP_VERIFY_FAILED) )
snprintf( buf, buflen, "ECP - The signature is not valid" );
if( use_ret == -(POLARSSL_ERR_ECP_MALLOC_FAILED) )
snprintf( buf, buflen, "ECP - Memory allocation failed" );
if( use_ret == -(POLARSSL_ERR_ECP_RANDOM_FAILED) )
snprintf( buf, buflen, "ECP - Generation of random value, such as (ephemeral) key, failed" );
if( use_ret == -(POLARSSL_ERR_ECP_INVALID_KEY) )
snprintf( buf, buflen, "ECP - Invalid private or public key" );
if( use_ret == -(POLARSSL_ERR_ECP_SIG_LEN_MISMATCH) )
snprintf( buf, buflen, "ECP - Signature is valid but shorter than the user-supplied length" );
#endif /* POLARSSL_ECP_C */
#if defined(POLARSSL_MD_C)
if( use_ret == -(POLARSSL_ERR_MD_FEATURE_UNAVAILABLE) )
snprintf( buf, buflen, "MD - The selected feature is not available" );
if( use_ret == -(POLARSSL_ERR_MD_BAD_INPUT_DATA) )
snprintf( buf, buflen, "MD - Bad input parameters to function" );
if( use_ret == -(POLARSSL_ERR_MD_ALLOC_FAILED) )
snprintf( buf, buflen, "MD - Failed to allocate memory" );
if( use_ret == -(POLARSSL_ERR_MD_FILE_IO_ERROR) )
snprintf( buf, buflen, "MD - Opening or reading of file failed" );
#endif /* POLARSSL_MD_C */
#if defined(POLARSSL_PEM_PARSE_C) || defined(POLARSSL_PEM_WRITE_C)
if( use_ret == -(POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT) )
snprintf( buf, buflen, "PEM - No PEM header or footer found" );
if( use_ret == -(POLARSSL_ERR_PEM_INVALID_DATA) )
snprintf( buf, buflen, "PEM - PEM string is not as expected" );
if( use_ret == -(POLARSSL_ERR_PEM_MALLOC_FAILED) )
snprintf( buf, buflen, "PEM - Failed to allocate memory" );
if( use_ret == -(POLARSSL_ERR_PEM_INVALID_ENC_IV) )
snprintf( buf, buflen, "PEM - RSA IV is not in hex-format" );
if( use_ret == -(POLARSSL_ERR_PEM_UNKNOWN_ENC_ALG) )
snprintf( buf, buflen, "PEM - Unsupported key encryption algorithm" );
if( use_ret == -(POLARSSL_ERR_PEM_PASSWORD_REQUIRED) )
snprintf( buf, buflen, "PEM - Private key password can't be empty" );
if( use_ret == -(POLARSSL_ERR_PEM_PASSWORD_MISMATCH) )
snprintf( buf, buflen, "PEM - Given private key password does not allow for correct decryption" );
if( use_ret == -(POLARSSL_ERR_PEM_FEATURE_UNAVAILABLE) )
snprintf( buf, buflen, "PEM - Unavailable feature, e.g. hashing/encryption combination" );
if( use_ret == -(POLARSSL_ERR_PEM_BAD_INPUT_DATA) )
snprintf( buf, buflen, "PEM - Bad input parameters to function" );
#endif /* POLARSSL_PEM_PARSE_C || POLARSSL_PEM_WRITE_C */
#if defined(POLARSSL_PK_C)
if( use_ret == -(POLARSSL_ERR_PK_MALLOC_FAILED) )
snprintf( buf, buflen, "PK - Memory alloation failed" );
if( use_ret == -(POLARSSL_ERR_PK_TYPE_MISMATCH) )
snprintf( buf, buflen, "PK - Type mismatch, eg attempt to encrypt with an ECDSA key" );
if( use_ret == -(POLARSSL_ERR_PK_BAD_INPUT_DATA) )
snprintf( buf, buflen, "PK - Bad input parameters to function" );
if( use_ret == -(POLARSSL_ERR_PK_FILE_IO_ERROR) )
snprintf( buf, buflen, "PK - Read/write of file failed" );
if( use_ret == -(POLARSSL_ERR_PK_KEY_INVALID_VERSION) )
snprintf( buf, buflen, "PK - Unsupported key version" );
if( use_ret == -(POLARSSL_ERR_PK_KEY_INVALID_FORMAT) )
snprintf( buf, buflen, "PK - Invalid key tag or value" );
if( use_ret == -(POLARSSL_ERR_PK_UNKNOWN_PK_ALG) )
snprintf( buf, buflen, "PK - Key algorithm is unsupported (only RSA and EC are supported)" );
if( use_ret == -(POLARSSL_ERR_PK_PASSWORD_REQUIRED) )
snprintf( buf, buflen, "PK - Private key password can't be empty" );
if( use_ret == -(POLARSSL_ERR_PK_PASSWORD_MISMATCH) )
snprintf( buf, buflen, "PK - Given private key password does not allow for correct decryption" );
if( use_ret == -(POLARSSL_ERR_PK_INVALID_PUBKEY) )
snprintf( buf, buflen, "PK - The pubkey tag or value is invalid (only RSA and EC are supported)" );
if( use_ret == -(POLARSSL_ERR_PK_INVALID_ALG) )
snprintf( buf, buflen, "PK - The algorithm tag or value is invalid" );
if( use_ret == -(POLARSSL_ERR_PK_UNKNOWN_NAMED_CURVE) )
snprintf( buf, buflen, "PK - Elliptic curve is unsupported (only NIST curves are supported)" );
if( use_ret == -(POLARSSL_ERR_PK_FEATURE_UNAVAILABLE) )
snprintf( buf, buflen, "PK - Unavailable feature, e.g. RSA disabled for RSA key" );
if( use_ret == -(POLARSSL_ERR_PK_SIG_LEN_MISMATCH) )
snprintf( buf, buflen, "PK - The signature is valid but its length is less than expected" );
#endif /* POLARSSL_PK_C */
#if defined(POLARSSL_PKCS12_C)
if( use_ret == -(POLARSSL_ERR_PKCS12_BAD_INPUT_DATA) )
snprintf( buf, buflen, "PKCS12 - Bad input parameters to function" );
if( use_ret == -(POLARSSL_ERR_PKCS12_FEATURE_UNAVAILABLE) )
snprintf( buf, buflen, "PKCS12 - Feature not available, e.g. unsupported encryption scheme" );
if( use_ret == -(POLARSSL_ERR_PKCS12_PBE_INVALID_FORMAT) )
snprintf( buf, buflen, "PKCS12 - PBE ASN.1 data not as expected" );
if( use_ret == -(POLARSSL_ERR_PKCS12_PASSWORD_MISMATCH) )
snprintf( buf, buflen, "PKCS12 - Given private key password does not allow for correct decryption" );
#endif /* POLARSSL_PKCS12_C */
#if defined(POLARSSL_PKCS5_C)
if( use_ret == -(POLARSSL_ERR_PKCS5_BAD_INPUT_DATA) )
snprintf( buf, buflen, "PKCS5 - Bad input parameters to function" );
if( use_ret == -(POLARSSL_ERR_PKCS5_INVALID_FORMAT) )
snprintf( buf, buflen, "PKCS5 - Unexpected ASN.1 data" );
if( use_ret == -(POLARSSL_ERR_PKCS5_FEATURE_UNAVAILABLE) )
snprintf( buf, buflen, "PKCS5 - Requested encryption or digest alg not available" );
if( use_ret == -(POLARSSL_ERR_PKCS5_PASSWORD_MISMATCH) )
snprintf( buf, buflen, "PKCS5 - Given private key password does not allow for correct decryption" );
#endif /* POLARSSL_PKCS5_C */
#if defined(POLARSSL_RSA_C)
if( use_ret == -(POLARSSL_ERR_RSA_BAD_INPUT_DATA) )
snprintf( buf, buflen, "RSA - Bad input parameters to function" );
if( use_ret == -(POLARSSL_ERR_RSA_INVALID_PADDING) )
snprintf( buf, buflen, "RSA - Input data contains invalid padding and is rejected" );
if( use_ret == -(POLARSSL_ERR_RSA_KEY_GEN_FAILED) )
snprintf( buf, buflen, "RSA - Something failed during generation of a key" );
if( use_ret == -(POLARSSL_ERR_RSA_KEY_CHECK_FAILED) )
snprintf( buf, buflen, "RSA - Key failed to pass the libraries validity check" );
if( use_ret == -(POLARSSL_ERR_RSA_PUBLIC_FAILED) )
snprintf( buf, buflen, "RSA - The public key operation failed" );
if( use_ret == -(POLARSSL_ERR_RSA_PRIVATE_FAILED) )
snprintf( buf, buflen, "RSA - The private key operation failed" );
if( use_ret == -(POLARSSL_ERR_RSA_VERIFY_FAILED) )
snprintf( buf, buflen, "RSA - The PKCS#1 verification failed" );
if( use_ret == -(POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE) )
snprintf( buf, buflen, "RSA - The output buffer for decryption is not large enough" );
if( use_ret == -(POLARSSL_ERR_RSA_RNG_FAILED) )
snprintf( buf, buflen, "RSA - The random generator failed to generate non-zeros" );
#endif /* POLARSSL_RSA_C */
#if defined(POLARSSL_SSL_TLS_C)
if( use_ret == -(POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE) )
snprintf( buf, buflen, "SSL - The requested feature is not available" );
if( use_ret == -(POLARSSL_ERR_SSL_BAD_INPUT_DATA) )
snprintf( buf, buflen, "SSL - Bad input parameters to function" );
if( use_ret == -(POLARSSL_ERR_SSL_INVALID_MAC) )
snprintf( buf, buflen, "SSL - Verification of the message MAC failed" );
if( use_ret == -(POLARSSL_ERR_SSL_INVALID_RECORD) )
snprintf( buf, buflen, "SSL - An invalid SSL record was received" );
if( use_ret == -(POLARSSL_ERR_SSL_CONN_EOF) )
snprintf( buf, buflen, "SSL - The connection indicated an EOF" );
if( use_ret == -(POLARSSL_ERR_SSL_UNKNOWN_CIPHER) )
snprintf( buf, buflen, "SSL - An unknown cipher was received" );
if( use_ret == -(POLARSSL_ERR_SSL_NO_CIPHER_CHOSEN) )
snprintf( buf, buflen, "SSL - The server has no ciphersuites in common with the client" );
if( use_ret == -(POLARSSL_ERR_SSL_NO_RNG) )
snprintf( buf, buflen, "SSL - No RNG was provided to the SSL module" );
if( use_ret == -(POLARSSL_ERR_SSL_NO_CLIENT_CERTIFICATE) )
snprintf( buf, buflen, "SSL - No client certification received from the client, but required by the authentication mode" );
if( use_ret == -(POLARSSL_ERR_SSL_CERTIFICATE_TOO_LARGE) )
snprintf( buf, buflen, "SSL - DESCRIPTION MISSING" );
if( use_ret == -(POLARSSL_ERR_SSL_CERTIFICATE_REQUIRED) )
snprintf( buf, buflen, "SSL - The own certificate is not set, but needed by the server" );
if( use_ret == -(POLARSSL_ERR_SSL_PRIVATE_KEY_REQUIRED) )
snprintf( buf, buflen, "SSL - The own private key or pre-shared key is not set, but needed" );
if( use_ret == -(POLARSSL_ERR_SSL_CA_CHAIN_REQUIRED) )
snprintf( buf, buflen, "SSL - No CA Chain is set, but required to operate" );
if( use_ret == -(POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE) )
snprintf( buf, buflen, "SSL - An unexpected message was received from our peer" );
if( use_ret == -(POLARSSL_ERR_SSL_FATAL_ALERT_MESSAGE) )
{
snprintf( buf, buflen, "SSL - A fatal alert message was received from our peer" );
return;
}
if( use_ret == -(POLARSSL_ERR_SSL_PEER_VERIFY_FAILED) )
snprintf( buf, buflen, "SSL - Verification of our peer failed" );
if( use_ret == -(POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY) )
snprintf( buf, buflen, "SSL - The peer notified us that the connection is going to be closed" );
if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_CLIENT_HELLO) )
snprintf( buf, buflen, "SSL - Processing of the ClientHello handshake message failed" );
if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO) )
snprintf( buf, buflen, "SSL - Processing of the ServerHello handshake message failed" );
if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE) )
snprintf( buf, buflen, "SSL - Processing of the Certificate handshake message failed" );
if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST) )
snprintf( buf, buflen, "SSL - Processing of the CertificateRequest handshake message failed" );
if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE) )
snprintf( buf, buflen, "SSL - Processing of the ServerKeyExchange handshake message failed" );
if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO_DONE) )
snprintf( buf, buflen, "SSL - Processing of the ServerHelloDone handshake message failed" );
if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE) )
snprintf( buf, buflen, "SSL - Processing of the ClientKeyExchange handshake message failed" );
if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP) )
snprintf( buf, buflen, "SSL - Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Read Public" );
if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS) )
snprintf( buf, buflen, "SSL - Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Calculate Secret" );
if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY) )
snprintf( buf, buflen, "SSL - Processing of the CertificateVerify handshake message failed" );
if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC) )
snprintf( buf, buflen, "SSL - Processing of the ChangeCipherSpec handshake message failed" );
if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_FINISHED) )
snprintf( buf, buflen, "SSL - Processing of the Finished handshake message failed" );
if( use_ret == -(POLARSSL_ERR_SSL_MALLOC_FAILED) )
snprintf( buf, buflen, "SSL - Memory allocation failed" );
if( use_ret == -(POLARSSL_ERR_SSL_HW_ACCEL_FAILED) )
snprintf( buf, buflen, "SSL - Hardware acceleration function returned with error" );
if( use_ret == -(POLARSSL_ERR_SSL_HW_ACCEL_FALLTHROUGH) )
snprintf( buf, buflen, "SSL - Hardware acceleration function skipped / left alone data" );
if( use_ret == -(POLARSSL_ERR_SSL_COMPRESSION_FAILED) )
snprintf( buf, buflen, "SSL - Processing of the compression / decompression failed" );
if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_PROTOCOL_VERSION) )
snprintf( buf, buflen, "SSL - Handshake protocol not within min/max boundaries" );
if( use_ret == -(POLARSSL_ERR_SSL_BAD_HS_NEW_SESSION_TICKET) )
snprintf( buf, buflen, "SSL - Processing of the NewSessionTicket handshake message failed" );
if( use_ret == -(POLARSSL_ERR_SSL_SESSION_TICKET_EXPIRED) )
snprintf( buf, buflen, "SSL - Session ticket has expired" );
if( use_ret == -(POLARSSL_ERR_SSL_PK_TYPE_MISMATCH) )
snprintf( buf, buflen, "SSL - Public key type mismatch (eg, asked for RSA key exchange and presented EC key)" );
if( use_ret == -(POLARSSL_ERR_SSL_UNKNOWN_IDENTITY) )
snprintf( buf, buflen, "SSL - Unknown identity received (eg, PSK identity)" );
if( use_ret == -(POLARSSL_ERR_SSL_INTERNAL_ERROR) )
snprintf( buf, buflen, "SSL - Internal error (eg, unexpected failure in lower-level module)" );
if( use_ret == -(POLARSSL_ERR_SSL_COUNTER_WRAPPING) )
snprintf( buf, buflen, "SSL - A counter would wrap (eg, too many messages exchanged)" );
#endif /* POLARSSL_SSL_TLS_C */
#if defined(POLARSSL_X509_USE_C) || defined(POLARSSL_X509_CREATE_C)
if( use_ret == -(POLARSSL_ERR_X509_FEATURE_UNAVAILABLE) )
snprintf( buf, buflen, "X509 - Unavailable feature, e.g. RSA hashing/encryption combination" );
if( use_ret == -(POLARSSL_ERR_X509_UNKNOWN_OID) )
snprintf( buf, buflen, "X509 - Requested OID is unknown" );
if( use_ret == -(POLARSSL_ERR_X509_INVALID_FORMAT) )
snprintf( buf, buflen, "X509 - The CRT/CRL/CSR format is invalid, e.g. different type expected" );
if( use_ret == -(POLARSSL_ERR_X509_INVALID_VERSION) )
snprintf( buf, buflen, "X509 - The CRT/CRL/CSR version element is invalid" );
if( use_ret == -(POLARSSL_ERR_X509_INVALID_SERIAL) )
snprintf( buf, buflen, "X509 - The serial tag or value is invalid" );
if( use_ret == -(POLARSSL_ERR_X509_INVALID_ALG) )
snprintf( buf, buflen, "X509 - The algorithm tag or value is invalid" );
if( use_ret == -(POLARSSL_ERR_X509_INVALID_NAME) )
snprintf( buf, buflen, "X509 - The name tag or value is invalid" );
if( use_ret == -(POLARSSL_ERR_X509_INVALID_DATE) )
snprintf( buf, buflen, "X509 - The date tag or value is invalid" );
if( use_ret == -(POLARSSL_ERR_X509_INVALID_SIGNATURE) )
snprintf( buf, buflen, "X509 - The signature tag or value invalid" );
if( use_ret == -(POLARSSL_ERR_X509_INVALID_EXTENSIONS) )
snprintf( buf, buflen, "X509 - The extension tag or value is invalid" );
if( use_ret == -(POLARSSL_ERR_X509_UNKNOWN_VERSION) )
snprintf( buf, buflen, "X509 - CRT/CRL/CSR has an unsupported version number" );
if( use_ret == -(POLARSSL_ERR_X509_UNKNOWN_SIG_ALG) )
snprintf( buf, buflen, "X509 - Signature algorithm (oid) is unsupported" );
if( use_ret == -(POLARSSL_ERR_X509_SIG_MISMATCH) )
snprintf( buf, buflen, "X509 - Signature algorithms do not match. (see \\c ::x509_crt sig_oid)" );
if( use_ret == -(POLARSSL_ERR_X509_CERT_VERIFY_FAILED) )
snprintf( buf, buflen, "X509 - Certificate verification failed, e.g. CRL, CA or signature check failed" );
if( use_ret == -(POLARSSL_ERR_X509_CERT_UNKNOWN_FORMAT) )
snprintf( buf, buflen, "X509 - Format not recognized as DER or PEM" );
if( use_ret == -(POLARSSL_ERR_X509_BAD_INPUT_DATA) )
snprintf( buf, buflen, "X509 - Input invalid" );
if( use_ret == -(POLARSSL_ERR_X509_MALLOC_FAILED) )
snprintf( buf, buflen, "X509 - Allocation of memory failed" );
if( use_ret == -(POLARSSL_ERR_X509_FILE_IO_ERROR) )
snprintf( buf, buflen, "X509 - Read/write of file failed" );
#endif /* POLARSSL_X509_USE,X509_CREATE_C */
// END generated code
if( strlen( buf ) == 0 )
snprintf( buf, buflen, "UNKNOWN ERROR CODE (%04X)", use_ret );
}
use_ret = ret & ~0xFF80;
if( use_ret == 0 )
return;
// If high level code is present, make a concatenation between both
// error strings.
//
len = strlen( buf );
if( len > 0 )
{
if( buflen - len < 5 )
return;
snprintf( buf + len, buflen - len, " : " );
buf += len + 3;
buflen -= len + 3;
}
// Low level error codes
//
// BEGIN generated code
#if defined(POLARSSL_AES_C)
if( use_ret == -(POLARSSL_ERR_AES_INVALID_KEY_LENGTH) )
snprintf( buf, buflen, "AES - Invalid key length" );
if( use_ret == -(POLARSSL_ERR_AES_INVALID_INPUT_LENGTH) )
snprintf( buf, buflen, "AES - Invalid data input length" );
#endif /* POLARSSL_AES_C */
#if defined(POLARSSL_ASN1_PARSE_C)
if( use_ret == -(POLARSSL_ERR_ASN1_OUT_OF_DATA) )
snprintf( buf, buflen, "ASN1 - Out of data when parsing an ASN1 data structure" );
if( use_ret == -(POLARSSL_ERR_ASN1_UNEXPECTED_TAG) )
snprintf( buf, buflen, "ASN1 - ASN1 tag was of an unexpected value" );
if( use_ret == -(POLARSSL_ERR_ASN1_INVALID_LENGTH) )
snprintf( buf, buflen, "ASN1 - Error when trying to determine the length or invalid length" );
if( use_ret == -(POLARSSL_ERR_ASN1_LENGTH_MISMATCH) )
snprintf( buf, buflen, "ASN1 - Actual length differs from expected length" );
if( use_ret == -(POLARSSL_ERR_ASN1_INVALID_DATA) )
snprintf( buf, buflen, "ASN1 - Data is invalid. (not used)" );
if( use_ret == -(POLARSSL_ERR_ASN1_MALLOC_FAILED) )
snprintf( buf, buflen, "ASN1 - Memory allocation failed" );
if( use_ret == -(POLARSSL_ERR_ASN1_BUF_TOO_SMALL) )
snprintf( buf, buflen, "ASN1 - Buffer too small when writing ASN.1 data structure" );
#endif /* POLARSSL_ASN1_PARSE_C */
#if defined(POLARSSL_BASE64_C)
if( use_ret == -(POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL) )
snprintf( buf, buflen, "BASE64 - Output buffer too small" );
if( use_ret == -(POLARSSL_ERR_BASE64_INVALID_CHARACTER) )
snprintf( buf, buflen, "BASE64 - Invalid character in input" );
#endif /* POLARSSL_BASE64_C */
#if defined(POLARSSL_BIGNUM_C)
if( use_ret == -(POLARSSL_ERR_MPI_FILE_IO_ERROR) )
snprintf( buf, buflen, "BIGNUM - An error occurred while reading from or writing to a file" );
if( use_ret == -(POLARSSL_ERR_MPI_BAD_INPUT_DATA) )
snprintf( buf, buflen, "BIGNUM - Bad input parameters to function" );
if( use_ret == -(POLARSSL_ERR_MPI_INVALID_CHARACTER) )
snprintf( buf, buflen, "BIGNUM - There is an invalid character in the digit string" );
if( use_ret == -(POLARSSL_ERR_MPI_BUFFER_TOO_SMALL) )
snprintf( buf, buflen, "BIGNUM - The buffer is too small to write to" );
if( use_ret == -(POLARSSL_ERR_MPI_NEGATIVE_VALUE) )
snprintf( buf, buflen, "BIGNUM - The input arguments are negative or result in illegal output" );
if( use_ret == -(POLARSSL_ERR_MPI_DIVISION_BY_ZERO) )
snprintf( buf, buflen, "BIGNUM - The input argument for division is zero, which is not allowed" );
if( use_ret == -(POLARSSL_ERR_MPI_NOT_ACCEPTABLE) )
snprintf( buf, buflen, "BIGNUM - The input arguments are not acceptable" );
if( use_ret == -(POLARSSL_ERR_MPI_MALLOC_FAILED) )
snprintf( buf, buflen, "BIGNUM - Memory allocation failed" );
#endif /* POLARSSL_BIGNUM_C */
#if defined(POLARSSL_BLOWFISH_C)
if( use_ret == -(POLARSSL_ERR_BLOWFISH_INVALID_KEY_LENGTH) )
snprintf( buf, buflen, "BLOWFISH - Invalid key length" );
if( use_ret == -(POLARSSL_ERR_BLOWFISH_INVALID_INPUT_LENGTH) )
snprintf( buf, buflen, "BLOWFISH - Invalid data input length" );
#endif /* POLARSSL_BLOWFISH_C */
#if defined(POLARSSL_CAMELLIA_C)
if( use_ret == -(POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH) )
snprintf( buf, buflen, "CAMELLIA - Invalid key length" );
if( use_ret == -(POLARSSL_ERR_CAMELLIA_INVALID_INPUT_LENGTH) )
snprintf( buf, buflen, "CAMELLIA - Invalid data input length" );
#endif /* POLARSSL_CAMELLIA_C */
#if defined(POLARSSL_CCM_C)
if( use_ret == -(POLARSSL_ERR_CCM_BAD_INPUT) )
snprintf( buf, buflen, "CCM - Bad input parameters to function" );
if( use_ret == -(POLARSSL_ERR_CCM_AUTH_FAILED) )
snprintf( buf, buflen, "CCM - Authenticated decryption failed" );
#endif /* POLARSSL_CCM_C */
#if defined(POLARSSL_CTR_DRBG_C)
if( use_ret == -(POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED) )
snprintf( buf, buflen, "CTR_DRBG - The entropy source failed" );
if( use_ret == -(POLARSSL_ERR_CTR_DRBG_REQUEST_TOO_BIG) )
snprintf( buf, buflen, "CTR_DRBG - Too many random requested in single call" );
if( use_ret == -(POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG) )
snprintf( buf, buflen, "CTR_DRBG - Input too large (Entropy + additional)" );
if( use_ret == -(POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR) )
snprintf( buf, buflen, "CTR_DRBG - Read/write error in file" );
#endif /* POLARSSL_CTR_DRBG_C */
#if defined(POLARSSL_DES_C)
if( use_ret == -(POLARSSL_ERR_DES_INVALID_INPUT_LENGTH) )
snprintf( buf, buflen, "DES - The data input has an invalid length" );
#endif /* POLARSSL_DES_C */
#if defined(POLARSSL_ENTROPY_C)
if( use_ret == -(POLARSSL_ERR_ENTROPY_SOURCE_FAILED) )
snprintf( buf, buflen, "ENTROPY - Critical entropy source failure" );
if( use_ret == -(POLARSSL_ERR_ENTROPY_MAX_SOURCES) )
snprintf( buf, buflen, "ENTROPY - No more sources can be added" );
if( use_ret == -(POLARSSL_ERR_ENTROPY_NO_SOURCES_DEFINED) )
snprintf( buf, buflen, "ENTROPY - No sources have been added to poll" );
if( use_ret == -(POLARSSL_ERR_ENTROPY_FILE_IO_ERROR) )
snprintf( buf, buflen, "ENTROPY - Read/write error in file" );
#endif /* POLARSSL_ENTROPY_C */
#if defined(POLARSSL_GCM_C)
if( use_ret == -(POLARSSL_ERR_GCM_AUTH_FAILED) )
snprintf( buf, buflen, "GCM - Authenticated decryption failed" );
if( use_ret == -(POLARSSL_ERR_GCM_BAD_INPUT) )
snprintf( buf, buflen, "GCM - Bad input parameters to function" );
#endif /* POLARSSL_GCM_C */
#if defined(POLARSSL_HMAC_DRBG_C)
if( use_ret == -(POLARSSL_ERR_HMAC_DRBG_REQUEST_TOO_BIG) )
snprintf( buf, buflen, "HMAC_DRBG - Too many random requested in single call" );
if( use_ret == -(POLARSSL_ERR_HMAC_DRBG_INPUT_TOO_BIG) )
snprintf( buf, buflen, "HMAC_DRBG - Input too large (Entropy + additional)" );
if( use_ret == -(POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR) )
snprintf( buf, buflen, "HMAC_DRBG - Read/write error in file" );
if( use_ret == -(POLARSSL_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED) )
snprintf( buf, buflen, "HMAC_DRBG - The entropy source failed" );
#endif /* POLARSSL_HMAC_DRBG_C */
#if defined(POLARSSL_MD2_C)
if( use_ret == -(POLARSSL_ERR_MD2_FILE_IO_ERROR) )
snprintf( buf, buflen, "MD2 - Read/write error in file" );
#endif /* POLARSSL_MD2_C */
#if defined(POLARSSL_MD4_C)
if( use_ret == -(POLARSSL_ERR_MD4_FILE_IO_ERROR) )
snprintf( buf, buflen, "MD4 - Read/write error in file" );
#endif /* POLARSSL_MD4_C */
#if defined(POLARSSL_MD5_C)
if( use_ret == -(POLARSSL_ERR_MD5_FILE_IO_ERROR) )
snprintf( buf, buflen, "MD5 - Read/write error in file" );
#endif /* POLARSSL_MD5_C */
#if defined(POLARSSL_NET_C)
if( use_ret == -(POLARSSL_ERR_NET_UNKNOWN_HOST) )
snprintf( buf, buflen, "NET - Failed to get an IP address for the given hostname" );
if( use_ret == -(POLARSSL_ERR_NET_SOCKET_FAILED) )
snprintf( buf, buflen, "NET - Failed to open a socket" );
if( use_ret == -(POLARSSL_ERR_NET_CONNECT_FAILED) )
snprintf( buf, buflen, "NET - The connection to the given server / port failed" );
if( use_ret == -(POLARSSL_ERR_NET_BIND_FAILED) )
snprintf( buf, buflen, "NET - Binding of the socket failed" );
if( use_ret == -(POLARSSL_ERR_NET_LISTEN_FAILED) )
snprintf( buf, buflen, "NET - Could not listen on the socket" );
if( use_ret == -(POLARSSL_ERR_NET_ACCEPT_FAILED) )
snprintf( buf, buflen, "NET - Could not accept the incoming connection" );
if( use_ret == -(POLARSSL_ERR_NET_RECV_FAILED) )
snprintf( buf, buflen, "NET - Reading information from the socket failed" );
if( use_ret == -(POLARSSL_ERR_NET_SEND_FAILED) )
snprintf( buf, buflen, "NET - Sending information through the socket failed" );
if( use_ret == -(POLARSSL_ERR_NET_CONN_RESET) )
snprintf( buf, buflen, "NET - Connection was reset by peer" );
if( use_ret == -(POLARSSL_ERR_NET_WANT_READ) )
snprintf( buf, buflen, "NET - Connection requires a read call" );
if( use_ret == -(POLARSSL_ERR_NET_WANT_WRITE) )
snprintf( buf, buflen, "NET - Connection requires a write call" );
#endif /* POLARSSL_NET_C */
#if defined(POLARSSL_OID_C)
if( use_ret == -(POLARSSL_ERR_OID_NOT_FOUND) )
snprintf( buf, buflen, "OID - OID is not found" );
if( use_ret == -(POLARSSL_ERR_OID_BUF_TOO_SMALL) )
snprintf( buf, buflen, "OID - output buffer is too small" );
#endif /* POLARSSL_OID_C */
#if defined(POLARSSL_PADLOCK_C)
if( use_ret == -(POLARSSL_ERR_PADLOCK_DATA_MISALIGNED) )
snprintf( buf, buflen, "PADLOCK - Input data should be aligned" );
#endif /* POLARSSL_PADLOCK_C */
#if defined(POLARSSL_PBKDF2_C)
if( use_ret == -(POLARSSL_ERR_PBKDF2_BAD_INPUT_DATA) )
snprintf( buf, buflen, "PBKDF2 - Bad input parameters to function" );
#endif /* POLARSSL_PBKDF2_C */
#if defined(POLARSSL_RIPEMD160_C)
if( use_ret == -(POLARSSL_ERR_RIPEMD160_FILE_IO_ERROR) )
snprintf( buf, buflen, "RIPEMD160 - Read/write error in file" );
#endif /* POLARSSL_RIPEMD160_C */
#if defined(POLARSSL_SHA1_C)
if( use_ret == -(POLARSSL_ERR_SHA1_FILE_IO_ERROR) )
snprintf( buf, buflen, "SHA1 - Read/write error in file" );
#endif /* POLARSSL_SHA1_C */
#if defined(POLARSSL_SHA256_C)
if( use_ret == -(POLARSSL_ERR_SHA256_FILE_IO_ERROR) )
snprintf( buf, buflen, "SHA256 - Read/write error in file" );
#endif /* POLARSSL_SHA256_C */
#if defined(POLARSSL_SHA512_C)
if( use_ret == -(POLARSSL_ERR_SHA512_FILE_IO_ERROR) )
snprintf( buf, buflen, "SHA512 - Read/write error in file" );
#endif /* POLARSSL_SHA512_C */
#if defined(POLARSSL_THREADING_C)
if( use_ret == -(POLARSSL_ERR_THREADING_FEATURE_UNAVAILABLE) )
snprintf( buf, buflen, "THREADING - The selected feature is not available" );
if( use_ret == -(POLARSSL_ERR_THREADING_BAD_INPUT_DATA) )
snprintf( buf, buflen, "THREADING - Bad input parameters to function" );
if( use_ret == -(POLARSSL_ERR_THREADING_MUTEX_ERROR) )
snprintf( buf, buflen, "THREADING - Locking / unlocking / free failed with error code" );
#endif /* POLARSSL_THREADING_C */
#if defined(POLARSSL_XTEA_C)
if( use_ret == -(POLARSSL_ERR_XTEA_INVALID_INPUT_LENGTH) )
snprintf( buf, buflen, "XTEA - The data input has an invalid length" );
#endif /* POLARSSL_XTEA_C */
// END generated code
if( strlen( buf ) != 0 )
return;
snprintf( buf, buflen, "UNKNOWN ERROR CODE (%04X)", use_ret );
}
#if defined(POLARSSL_ERROR_STRERROR_BC)
void error_strerror( int ret, char *buf, size_t buflen )
{
polarssl_strerror( ret, buf, buflen );
}
#endif /* POLARSSL_ERROR_STRERROR_BC */
#else /* POLARSSL_ERROR_C */
#if defined(POLARSSL_ERROR_STRERROR_DUMMY)
#include <string.h>
/*
* Provide an non-function in case POLARSSL_ERROR_C is not defined
*/
void polarssl_strerror( int ret, char *buf, size_t buflen )
{
((void) ret);
if( buflen > 0 )
buf[0] = '\0';
}
#if defined(POLARSSL_ERROR_STRERROR_BC)
void error_strerror( int ret, char *buf, size_t buflen )
{
polarssl_strerror( ret, buf, buflen );
}
#endif /* POLARSSL_ERROR_STRERROR_BC */
#endif /* POLARSSL_ERROR_STRERROR_DUMMY */
#endif /* POLARSSL_ERROR_C */

948
Externals/polarssl/library/gcm.c vendored
View File

@ -1,948 +0,0 @@
/*
* NIST SP800-38D compliant GCM implementation
*
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
/*
* http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf
*
* See also:
* [MGV] http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/gcm/gcm-revised-spec.pdf
*
* We use the algorithm described as Shoup's method with 4-bit tables in
* [MGV] 4.1, pp. 12-13, to enhance speed without using too much memory.
*/
#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#if defined(POLARSSL_GCM_C)
#include "polarssl/gcm.h"
#if defined(POLARSSL_AESNI_C)
#include "polarssl/aesni.h"
#endif
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#define polarssl_printf printf
#endif
/*
* 32-bit integer manipulation macros (big endian)
*/
#ifndef GET_UINT32_BE
#define GET_UINT32_BE(n,b,i) \
{ \
(n) = ( (uint32_t) (b)[(i) ] << 24 ) \
| ( (uint32_t) (b)[(i) + 1] << 16 ) \
| ( (uint32_t) (b)[(i) + 2] << 8 ) \
| ( (uint32_t) (b)[(i) + 3] ); \
}
#endif
#ifndef PUT_UINT32_BE
#define PUT_UINT32_BE(n,b,i) \
{ \
(b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
(b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
(b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
(b)[(i) + 3] = (unsigned char) ( (n) ); \
}
#endif
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
/*
* Precompute small multiples of H, that is set
* HH[i] || HL[i] = H times i,
* where i is seen as a field element as in [MGV], ie high-order bits
* correspond to low powers of P. The result is stored in the same way, that
* is the high-order bit of HH corresponds to P^0 and the low-order bit of HL
* corresponds to P^127.
*/
static int gcm_gen_table( gcm_context *ctx )
{
int ret, i, j;
uint64_t hi, lo;
uint64_t vl, vh;
unsigned char h[16];
size_t olen = 0;
memset( h, 0, 16 );
if( ( ret = cipher_update( &ctx->cipher_ctx, h, 16, h, &olen ) ) != 0 )
return( ret );
/* pack h as two 64-bits ints, big-endian */
GET_UINT32_BE( hi, h, 0 );
GET_UINT32_BE( lo, h, 4 );
vh = (uint64_t) hi << 32 | lo;
GET_UINT32_BE( hi, h, 8 );
GET_UINT32_BE( lo, h, 12 );
vl = (uint64_t) hi << 32 | lo;
/* 8 = 1000 corresponds to 1 in GF(2^128) */
ctx->HL[8] = vl;
ctx->HH[8] = vh;
#if defined(POLARSSL_AESNI_C) && defined(POLARSSL_HAVE_X86_64)
/* With CLMUL support, we need only h, not the rest of the table */
if( aesni_supports( POLARSSL_AESNI_CLMUL ) )
return( 0 );
#endif
/* 0 corresponds to 0 in GF(2^128) */
ctx->HH[0] = 0;
ctx->HL[0] = 0;
for( i = 4; i > 0; i >>= 1 )
{
uint32_t T = ( vl & 1 ) * 0xe1000000U;
vl = ( vh << 63 ) | ( vl >> 1 );
vh = ( vh >> 1 ) ^ ( (uint64_t) T << 32);
ctx->HL[i] = vl;
ctx->HH[i] = vh;
}
for( i = 2; i < 16; i <<= 1 )
{
uint64_t *HiL = ctx->HL + i, *HiH = ctx->HH + i;
vh = *HiH;
vl = *HiL;
for( j = 1; j < i; j++ )
{
HiH[j] = vh ^ ctx->HH[j];
HiL[j] = vl ^ ctx->HL[j];
}
}
return( 0 );
}
int gcm_init( gcm_context *ctx, cipher_id_t cipher, const unsigned char *key,
unsigned int keysize )
{
int ret;
const cipher_info_t *cipher_info;
memset( ctx, 0, sizeof(gcm_context) );
cipher_init( &ctx->cipher_ctx );
cipher_info = cipher_info_from_values( cipher, keysize, POLARSSL_MODE_ECB );
if( cipher_info == NULL )
return( POLARSSL_ERR_GCM_BAD_INPUT );
if( cipher_info->block_size != 16 )
return( POLARSSL_ERR_GCM_BAD_INPUT );
if( ( ret = cipher_init_ctx( &ctx->cipher_ctx, cipher_info ) ) != 0 )
return( ret );
if( ( ret = cipher_setkey( &ctx->cipher_ctx, key, keysize,
POLARSSL_ENCRYPT ) ) != 0 )
{
return( ret );
}
if( ( ret = gcm_gen_table( ctx ) ) != 0 )
return( ret );
return( 0 );
}
/*
* Shoup's method for multiplication use this table with
* last4[x] = x times P^128
* where x and last4[x] are seen as elements of GF(2^128) as in [MGV]
*/
static const uint64_t last4[16] =
{
0x0000, 0x1c20, 0x3840, 0x2460,
0x7080, 0x6ca0, 0x48c0, 0x54e0,
0xe100, 0xfd20, 0xd940, 0xc560,
0x9180, 0x8da0, 0xa9c0, 0xb5e0
};
/*
* Sets output to x times H using the precomputed tables.
* x and output are seen as elements of GF(2^128) as in [MGV].
*/
static void gcm_mult( gcm_context *ctx, const unsigned char x[16],
unsigned char output[16] )
{
int i = 0;
unsigned char lo, hi, rem;
uint64_t zh, zl;
#if defined(POLARSSL_AESNI_C) && defined(POLARSSL_HAVE_X86_64)
if( aesni_supports( POLARSSL_AESNI_CLMUL ) ) {
unsigned char h[16];
PUT_UINT32_BE( ctx->HH[8] >> 32, h, 0 );
PUT_UINT32_BE( ctx->HH[8], h, 4 );
PUT_UINT32_BE( ctx->HL[8] >> 32, h, 8 );
PUT_UINT32_BE( ctx->HL[8], h, 12 );
aesni_gcm_mult( output, x, h );
return;
}
#endif /* POLARSSL_AESNI_C && POLARSSL_HAVE_X86_64 */
lo = x[15] & 0xf;
hi = x[15] >> 4;
zh = ctx->HH[lo];
zl = ctx->HL[lo];
for( i = 15; i >= 0; i-- )
{
lo = x[i] & 0xf;
hi = x[i] >> 4;
if( i != 15 )
{
rem = (unsigned char) zl & 0xf;
zl = ( zh << 60 ) | ( zl >> 4 );
zh = ( zh >> 4 );
zh ^= (uint64_t) last4[rem] << 48;
zh ^= ctx->HH[lo];
zl ^= ctx->HL[lo];
}
rem = (unsigned char) zl & 0xf;
zl = ( zh << 60 ) | ( zl >> 4 );
zh = ( zh >> 4 );
zh ^= (uint64_t) last4[rem] << 48;
zh ^= ctx->HH[hi];
zl ^= ctx->HL[hi];
}
PUT_UINT32_BE( zh >> 32, output, 0 );
PUT_UINT32_BE( zh, output, 4 );
PUT_UINT32_BE( zl >> 32, output, 8 );
PUT_UINT32_BE( zl, output, 12 );
}
int gcm_starts( gcm_context *ctx,
int mode,
const unsigned char *iv,
size_t iv_len,
const unsigned char *add,
size_t add_len )
{
int ret;
unsigned char work_buf[16];
size_t i;
const unsigned char *p;
size_t use_len, olen = 0;
/* IV and AD are limited to 2^64 bits, so 2^61 bytes */
if( ( (uint64_t) iv_len ) >> 61 != 0 ||
( (uint64_t) add_len ) >> 61 != 0 )
{
return( POLARSSL_ERR_GCM_BAD_INPUT );
}
memset( ctx->y, 0x00, sizeof(ctx->y) );
memset( ctx->buf, 0x00, sizeof(ctx->buf) );
ctx->mode = mode;
ctx->len = 0;
ctx->add_len = 0;
if( iv_len == 12 )
{
memcpy( ctx->y, iv, iv_len );
ctx->y[15] = 1;
}
else
{
memset( work_buf, 0x00, 16 );
PUT_UINT32_BE( iv_len * 8, work_buf, 12 );
p = iv;
while( iv_len > 0 )
{
use_len = ( iv_len < 16 ) ? iv_len : 16;
for( i = 0; i < use_len; i++ )
ctx->y[i] ^= p[i];
gcm_mult( ctx, ctx->y, ctx->y );
iv_len -= use_len;
p += use_len;
}
for( i = 0; i < 16; i++ )
ctx->y[i] ^= work_buf[i];
gcm_mult( ctx, ctx->y, ctx->y );
}
if( ( ret = cipher_update( &ctx->cipher_ctx, ctx->y, 16, ctx->base_ectr,
&olen ) ) != 0 )
{
return( ret );
}
ctx->add_len = add_len;
p = add;
while( add_len > 0 )
{
use_len = ( add_len < 16 ) ? add_len : 16;
for( i = 0; i < use_len; i++ )
ctx->buf[i] ^= p[i];
gcm_mult( ctx, ctx->buf, ctx->buf );
add_len -= use_len;
p += use_len;
}
return( 0 );
}
int gcm_update( gcm_context *ctx,
size_t length,
const unsigned char *input,
unsigned char *output )
{
int ret;
unsigned char ectr[16];
size_t i;
const unsigned char *p;
unsigned char *out_p = output;
size_t use_len, olen = 0;
if( output > input && (size_t) ( output - input ) < length )
return( POLARSSL_ERR_GCM_BAD_INPUT );
/* Total length is restricted to 2^39 - 256 bits, ie 2^36 - 2^5 bytes
* Also check for possible overflow */
if( ctx->len + length < ctx->len ||
(uint64_t) ctx->len + length > 0x03FFFFE0llu )
{
return( POLARSSL_ERR_GCM_BAD_INPUT );
}
ctx->len += length;
p = input;
while( length > 0 )
{
use_len = ( length < 16 ) ? length : 16;
for( i = 16; i > 12; i-- )
if( ++ctx->y[i - 1] != 0 )
break;
if( ( ret = cipher_update( &ctx->cipher_ctx, ctx->y, 16, ectr,
&olen ) ) != 0 )
{
return( ret );
}
for( i = 0; i < use_len; i++ )
{
if( ctx->mode == GCM_DECRYPT )
ctx->buf[i] ^= p[i];
out_p[i] = ectr[i] ^ p[i];
if( ctx->mode == GCM_ENCRYPT )
ctx->buf[i] ^= out_p[i];
}
gcm_mult( ctx, ctx->buf, ctx->buf );
length -= use_len;
p += use_len;
out_p += use_len;
}
return( 0 );
}
int gcm_finish( gcm_context *ctx,
unsigned char *tag,
size_t tag_len )
{
unsigned char work_buf[16];
size_t i;
uint64_t orig_len = ctx->len * 8;
uint64_t orig_add_len = ctx->add_len * 8;
if( tag_len > 16 || tag_len < 4 )
return( POLARSSL_ERR_GCM_BAD_INPUT );
if( tag_len != 0 )
memcpy( tag, ctx->base_ectr, tag_len );
if( orig_len || orig_add_len )
{
memset( work_buf, 0x00, 16 );
PUT_UINT32_BE( ( orig_add_len >> 32 ), work_buf, 0 );
PUT_UINT32_BE( ( orig_add_len ), work_buf, 4 );
PUT_UINT32_BE( ( orig_len >> 32 ), work_buf, 8 );
PUT_UINT32_BE( ( orig_len ), work_buf, 12 );
for( i = 0; i < 16; i++ )
ctx->buf[i] ^= work_buf[i];
gcm_mult( ctx, ctx->buf, ctx->buf );
for( i = 0; i < tag_len; i++ )
tag[i] ^= ctx->buf[i];
}
return( 0 );
}
int gcm_crypt_and_tag( gcm_context *ctx,
int mode,
size_t length,
const unsigned char *iv,
size_t iv_len,
const unsigned char *add,
size_t add_len,
const unsigned char *input,
unsigned char *output,
size_t tag_len,
unsigned char *tag )
{
int ret;
if( ( ret = gcm_starts( ctx, mode, iv, iv_len, add, add_len ) ) != 0 )
return( ret );
if( ( ret = gcm_update( ctx, length, input, output ) ) != 0 )
return( ret );
if( ( ret = gcm_finish( ctx, tag, tag_len ) ) != 0 )
return( ret );
return( 0 );
}
int gcm_auth_decrypt( gcm_context *ctx,
size_t length,
const unsigned char *iv,
size_t iv_len,
const unsigned char *add,
size_t add_len,
const unsigned char *tag,
size_t tag_len,
const unsigned char *input,
unsigned char *output )
{
int ret;
unsigned char check_tag[16];
size_t i;
int diff;
if( ( ret = gcm_crypt_and_tag( ctx, GCM_DECRYPT, length,
iv, iv_len, add, add_len,
input, output, tag_len, check_tag ) ) != 0 )
{
return( ret );
}
/* Check tag in "constant-time" */
for( diff = 0, i = 0; i < tag_len; i++ )
diff |= tag[i] ^ check_tag[i];
if( diff != 0 )
{
polarssl_zeroize( output, length );
return( POLARSSL_ERR_GCM_AUTH_FAILED );
}
return( 0 );
}
void gcm_free( gcm_context *ctx )
{
cipher_free( &ctx->cipher_ctx );
polarssl_zeroize( ctx, sizeof( gcm_context ) );
}
#if defined(POLARSSL_SELF_TEST) && defined(POLARSSL_AES_C)
#include <stdio.h>
/*
* AES-GCM test vectors from:
*
* http://csrc.nist.gov/groups/STM/cavp/documents/mac/gcmtestvectors.zip
*/
#define MAX_TESTS 6
int key_index[MAX_TESTS] =
{ 0, 0, 1, 1, 1, 1 };
unsigned char key[MAX_TESTS][32] =
{
{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
{ 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08,
0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08 },
};
size_t iv_len[MAX_TESTS] =
{ 12, 12, 12, 12, 8, 60 };
int iv_index[MAX_TESTS] =
{ 0, 0, 1, 1, 1, 2 };
unsigned char iv[MAX_TESTS][64] =
{
{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00 },
{ 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
0xde, 0xca, 0xf8, 0x88 },
{ 0x93, 0x13, 0x22, 0x5d, 0xf8, 0x84, 0x06, 0xe5,
0x55, 0x90, 0x9c, 0x5a, 0xff, 0x52, 0x69, 0xaa,
0x6a, 0x7a, 0x95, 0x38, 0x53, 0x4f, 0x7d, 0xa1,
0xe4, 0xc3, 0x03, 0xd2, 0xa3, 0x18, 0xa7, 0x28,
0xc3, 0xc0, 0xc9, 0x51, 0x56, 0x80, 0x95, 0x39,
0xfc, 0xf0, 0xe2, 0x42, 0x9a, 0x6b, 0x52, 0x54,
0x16, 0xae, 0xdb, 0xf5, 0xa0, 0xde, 0x6a, 0x57,
0xa6, 0x37, 0xb3, 0x9b },
};
size_t add_len[MAX_TESTS] =
{ 0, 0, 0, 20, 20, 20 };
int add_index[MAX_TESTS] =
{ 0, 0, 0, 1, 1, 1 };
unsigned char additional[MAX_TESTS][64] =
{
{ 0x00 },
{ 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
0xab, 0xad, 0xda, 0xd2 },
};
size_t pt_len[MAX_TESTS] =
{ 0, 16, 64, 60, 60, 60 };
int pt_index[MAX_TESTS] =
{ 0, 0, 1, 1, 1, 1 };
unsigned char pt[MAX_TESTS][64] =
{
{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
{ 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
0xba, 0x63, 0x7b, 0x39, 0x1a, 0xaf, 0xd2, 0x55 },
};
unsigned char ct[MAX_TESTS * 3][64] =
{
{ 0x00 },
{ 0x03, 0x88, 0xda, 0xce, 0x60, 0xb6, 0xa3, 0x92,
0xf3, 0x28, 0xc2, 0xb9, 0x71, 0xb2, 0xfe, 0x78 },
{ 0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24,
0x4b, 0x72, 0x21, 0xb7, 0x84, 0xd0, 0xd4, 0x9c,
0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, 0xa4, 0xe0,
0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e,
0x21, 0xd5, 0x14, 0xb2, 0x54, 0x66, 0x93, 0x1c,
0x7d, 0x8f, 0x6a, 0x5a, 0xac, 0x84, 0xaa, 0x05,
0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, 0x97,
0x3d, 0x58, 0xe0, 0x91, 0x47, 0x3f, 0x59, 0x85 },
{ 0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24,
0x4b, 0x72, 0x21, 0xb7, 0x84, 0xd0, 0xd4, 0x9c,
0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, 0xa4, 0xe0,
0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e,
0x21, 0xd5, 0x14, 0xb2, 0x54, 0x66, 0x93, 0x1c,
0x7d, 0x8f, 0x6a, 0x5a, 0xac, 0x84, 0xaa, 0x05,
0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, 0x97,
0x3d, 0x58, 0xe0, 0x91 },
{ 0x61, 0x35, 0x3b, 0x4c, 0x28, 0x06, 0x93, 0x4a,
0x77, 0x7f, 0xf5, 0x1f, 0xa2, 0x2a, 0x47, 0x55,
0x69, 0x9b, 0x2a, 0x71, 0x4f, 0xcd, 0xc6, 0xf8,
0x37, 0x66, 0xe5, 0xf9, 0x7b, 0x6c, 0x74, 0x23,
0x73, 0x80, 0x69, 0x00, 0xe4, 0x9f, 0x24, 0xb2,
0x2b, 0x09, 0x75, 0x44, 0xd4, 0x89, 0x6b, 0x42,
0x49, 0x89, 0xb5, 0xe1, 0xeb, 0xac, 0x0f, 0x07,
0xc2, 0x3f, 0x45, 0x98 },
{ 0x8c, 0xe2, 0x49, 0x98, 0x62, 0x56, 0x15, 0xb6,
0x03, 0xa0, 0x33, 0xac, 0xa1, 0x3f, 0xb8, 0x94,
0xbe, 0x91, 0x12, 0xa5, 0xc3, 0xa2, 0x11, 0xa8,
0xba, 0x26, 0x2a, 0x3c, 0xca, 0x7e, 0x2c, 0xa7,
0x01, 0xe4, 0xa9, 0xa4, 0xfb, 0xa4, 0x3c, 0x90,
0xcc, 0xdc, 0xb2, 0x81, 0xd4, 0x8c, 0x7c, 0x6f,
0xd6, 0x28, 0x75, 0xd2, 0xac, 0xa4, 0x17, 0x03,
0x4c, 0x34, 0xae, 0xe5 },
{ 0x00 },
{ 0x98, 0xe7, 0x24, 0x7c, 0x07, 0xf0, 0xfe, 0x41,
0x1c, 0x26, 0x7e, 0x43, 0x84, 0xb0, 0xf6, 0x00 },
{ 0x39, 0x80, 0xca, 0x0b, 0x3c, 0x00, 0xe8, 0x41,
0xeb, 0x06, 0xfa, 0xc4, 0x87, 0x2a, 0x27, 0x57,
0x85, 0x9e, 0x1c, 0xea, 0xa6, 0xef, 0xd9, 0x84,
0x62, 0x85, 0x93, 0xb4, 0x0c, 0xa1, 0xe1, 0x9c,
0x7d, 0x77, 0x3d, 0x00, 0xc1, 0x44, 0xc5, 0x25,
0xac, 0x61, 0x9d, 0x18, 0xc8, 0x4a, 0x3f, 0x47,
0x18, 0xe2, 0x44, 0x8b, 0x2f, 0xe3, 0x24, 0xd9,
0xcc, 0xda, 0x27, 0x10, 0xac, 0xad, 0xe2, 0x56 },
{ 0x39, 0x80, 0xca, 0x0b, 0x3c, 0x00, 0xe8, 0x41,
0xeb, 0x06, 0xfa, 0xc4, 0x87, 0x2a, 0x27, 0x57,
0x85, 0x9e, 0x1c, 0xea, 0xa6, 0xef, 0xd9, 0x84,
0x62, 0x85, 0x93, 0xb4, 0x0c, 0xa1, 0xe1, 0x9c,
0x7d, 0x77, 0x3d, 0x00, 0xc1, 0x44, 0xc5, 0x25,
0xac, 0x61, 0x9d, 0x18, 0xc8, 0x4a, 0x3f, 0x47,
0x18, 0xe2, 0x44, 0x8b, 0x2f, 0xe3, 0x24, 0xd9,
0xcc, 0xda, 0x27, 0x10 },
{ 0x0f, 0x10, 0xf5, 0x99, 0xae, 0x14, 0xa1, 0x54,
0xed, 0x24, 0xb3, 0x6e, 0x25, 0x32, 0x4d, 0xb8,
0xc5, 0x66, 0x63, 0x2e, 0xf2, 0xbb, 0xb3, 0x4f,
0x83, 0x47, 0x28, 0x0f, 0xc4, 0x50, 0x70, 0x57,
0xfd, 0xdc, 0x29, 0xdf, 0x9a, 0x47, 0x1f, 0x75,
0xc6, 0x65, 0x41, 0xd4, 0xd4, 0xda, 0xd1, 0xc9,
0xe9, 0x3a, 0x19, 0xa5, 0x8e, 0x8b, 0x47, 0x3f,
0xa0, 0xf0, 0x62, 0xf7 },
{ 0xd2, 0x7e, 0x88, 0x68, 0x1c, 0xe3, 0x24, 0x3c,
0x48, 0x30, 0x16, 0x5a, 0x8f, 0xdc, 0xf9, 0xff,
0x1d, 0xe9, 0xa1, 0xd8, 0xe6, 0xb4, 0x47, 0xef,
0x6e, 0xf7, 0xb7, 0x98, 0x28, 0x66, 0x6e, 0x45,
0x81, 0xe7, 0x90, 0x12, 0xaf, 0x34, 0xdd, 0xd9,
0xe2, 0xf0, 0x37, 0x58, 0x9b, 0x29, 0x2d, 0xb3,
0xe6, 0x7c, 0x03, 0x67, 0x45, 0xfa, 0x22, 0xe7,
0xe9, 0xb7, 0x37, 0x3b },
{ 0x00 },
{ 0xce, 0xa7, 0x40, 0x3d, 0x4d, 0x60, 0x6b, 0x6e,
0x07, 0x4e, 0xc5, 0xd3, 0xba, 0xf3, 0x9d, 0x18 },
{ 0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07,
0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d,
0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9,
0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa,
0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d,
0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38,
0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a,
0xbc, 0xc9, 0xf6, 0x62, 0x89, 0x80, 0x15, 0xad },
{ 0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07,
0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d,
0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9,
0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa,
0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d,
0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38,
0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a,
0xbc, 0xc9, 0xf6, 0x62 },
{ 0xc3, 0x76, 0x2d, 0xf1, 0xca, 0x78, 0x7d, 0x32,
0xae, 0x47, 0xc1, 0x3b, 0xf1, 0x98, 0x44, 0xcb,
0xaf, 0x1a, 0xe1, 0x4d, 0x0b, 0x97, 0x6a, 0xfa,
0xc5, 0x2f, 0xf7, 0xd7, 0x9b, 0xba, 0x9d, 0xe0,
0xfe, 0xb5, 0x82, 0xd3, 0x39, 0x34, 0xa4, 0xf0,
0x95, 0x4c, 0xc2, 0x36, 0x3b, 0xc7, 0x3f, 0x78,
0x62, 0xac, 0x43, 0x0e, 0x64, 0xab, 0xe4, 0x99,
0xf4, 0x7c, 0x9b, 0x1f },
{ 0x5a, 0x8d, 0xef, 0x2f, 0x0c, 0x9e, 0x53, 0xf1,
0xf7, 0x5d, 0x78, 0x53, 0x65, 0x9e, 0x2a, 0x20,
0xee, 0xb2, 0xb2, 0x2a, 0xaf, 0xde, 0x64, 0x19,
0xa0, 0x58, 0xab, 0x4f, 0x6f, 0x74, 0x6b, 0xf4,
0x0f, 0xc0, 0xc3, 0xb7, 0x80, 0xf2, 0x44, 0x45,
0x2d, 0xa3, 0xeb, 0xf1, 0xc5, 0xd8, 0x2c, 0xde,
0xa2, 0x41, 0x89, 0x97, 0x20, 0x0e, 0xf8, 0x2e,
0x44, 0xae, 0x7e, 0x3f },
};
unsigned char tag[MAX_TESTS * 3][16] =
{
{ 0x58, 0xe2, 0xfc, 0xce, 0xfa, 0x7e, 0x30, 0x61,
0x36, 0x7f, 0x1d, 0x57, 0xa4, 0xe7, 0x45, 0x5a },
{ 0xab, 0x6e, 0x47, 0xd4, 0x2c, 0xec, 0x13, 0xbd,
0xf5, 0x3a, 0x67, 0xb2, 0x12, 0x57, 0xbd, 0xdf },
{ 0x4d, 0x5c, 0x2a, 0xf3, 0x27, 0xcd, 0x64, 0xa6,
0x2c, 0xf3, 0x5a, 0xbd, 0x2b, 0xa6, 0xfa, 0xb4 },
{ 0x5b, 0xc9, 0x4f, 0xbc, 0x32, 0x21, 0xa5, 0xdb,
0x94, 0xfa, 0xe9, 0x5a, 0xe7, 0x12, 0x1a, 0x47 },
{ 0x36, 0x12, 0xd2, 0xe7, 0x9e, 0x3b, 0x07, 0x85,
0x56, 0x1b, 0xe1, 0x4a, 0xac, 0xa2, 0xfc, 0xcb },
{ 0x61, 0x9c, 0xc5, 0xae, 0xff, 0xfe, 0x0b, 0xfa,
0x46, 0x2a, 0xf4, 0x3c, 0x16, 0x99, 0xd0, 0x50 },
{ 0xcd, 0x33, 0xb2, 0x8a, 0xc7, 0x73, 0xf7, 0x4b,
0xa0, 0x0e, 0xd1, 0xf3, 0x12, 0x57, 0x24, 0x35 },
{ 0x2f, 0xf5, 0x8d, 0x80, 0x03, 0x39, 0x27, 0xab,
0x8e, 0xf4, 0xd4, 0x58, 0x75, 0x14, 0xf0, 0xfb },
{ 0x99, 0x24, 0xa7, 0xc8, 0x58, 0x73, 0x36, 0xbf,
0xb1, 0x18, 0x02, 0x4d, 0xb8, 0x67, 0x4a, 0x14 },
{ 0x25, 0x19, 0x49, 0x8e, 0x80, 0xf1, 0x47, 0x8f,
0x37, 0xba, 0x55, 0xbd, 0x6d, 0x27, 0x61, 0x8c },
{ 0x65, 0xdc, 0xc5, 0x7f, 0xcf, 0x62, 0x3a, 0x24,
0x09, 0x4f, 0xcc, 0xa4, 0x0d, 0x35, 0x33, 0xf8 },
{ 0xdc, 0xf5, 0x66, 0xff, 0x29, 0x1c, 0x25, 0xbb,
0xb8, 0x56, 0x8f, 0xc3, 0xd3, 0x76, 0xa6, 0xd9 },
{ 0x53, 0x0f, 0x8a, 0xfb, 0xc7, 0x45, 0x36, 0xb9,
0xa9, 0x63, 0xb4, 0xf1, 0xc4, 0xcb, 0x73, 0x8b },
{ 0xd0, 0xd1, 0xc8, 0xa7, 0x99, 0x99, 0x6b, 0xf0,
0x26, 0x5b, 0x98, 0xb5, 0xd4, 0x8a, 0xb9, 0x19 },
{ 0xb0, 0x94, 0xda, 0xc5, 0xd9, 0x34, 0x71, 0xbd,
0xec, 0x1a, 0x50, 0x22, 0x70, 0xe3, 0xcc, 0x6c },
{ 0x76, 0xfc, 0x6e, 0xce, 0x0f, 0x4e, 0x17, 0x68,
0xcd, 0xdf, 0x88, 0x53, 0xbb, 0x2d, 0x55, 0x1b },
{ 0x3a, 0x33, 0x7d, 0xbf, 0x46, 0xa7, 0x92, 0xc4,
0x5e, 0x45, 0x49, 0x13, 0xfe, 0x2e, 0xa8, 0xf2 },
{ 0xa4, 0x4a, 0x82, 0x66, 0xee, 0x1c, 0x8e, 0xb0,
0xc8, 0xb5, 0xd4, 0xcf, 0x5a, 0xe9, 0xf1, 0x9a },
};
int gcm_self_test( int verbose )
{
gcm_context ctx;
unsigned char buf[64];
unsigned char tag_buf[16];
int i, j, ret;
cipher_id_t cipher = POLARSSL_CIPHER_ID_AES;
for( j = 0; j < 3; j++ )
{
int key_len = 128 + 64 * j;
for( i = 0; i < MAX_TESTS; i++ )
{
if( verbose != 0 )
polarssl_printf( " AES-GCM-%3d #%d (%s): ",
key_len, i, "enc" );
gcm_init( &ctx, cipher, key[key_index[i]], key_len );
ret = gcm_crypt_and_tag( &ctx, GCM_ENCRYPT,
pt_len[i],
iv[iv_index[i]], iv_len[i],
additional[add_index[i]], add_len[i],
pt[pt_index[i]], buf, 16, tag_buf );
if( ret != 0 ||
memcmp( buf, ct[j * 6 + i], pt_len[i] ) != 0 ||
memcmp( tag_buf, tag[j * 6 + i], 16 ) != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
return( 1 );
}
gcm_free( &ctx );
if( verbose != 0 )
polarssl_printf( "passed\n" );
if( verbose != 0 )
polarssl_printf( " AES-GCM-%3d #%d (%s): ",
key_len, i, "dec" );
gcm_init( &ctx, cipher, key[key_index[i]], key_len );
ret = gcm_crypt_and_tag( &ctx, GCM_DECRYPT,
pt_len[i],
iv[iv_index[i]], iv_len[i],
additional[add_index[i]], add_len[i],
ct[j * 6 + i], buf, 16, tag_buf );
if( ret != 0 ||
memcmp( buf, pt[pt_index[i]], pt_len[i] ) != 0 ||
memcmp( tag_buf, tag[j * 6 + i], 16 ) != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
return( 1 );
}
gcm_free( &ctx );
if( verbose != 0 )
polarssl_printf( "passed\n" );
if( verbose != 0 )
polarssl_printf( " AES-GCM-%3d #%d split (%s): ",
key_len, i, "enc" );
gcm_init( &ctx, cipher, key[key_index[i]], key_len );
ret = gcm_starts( &ctx, GCM_ENCRYPT,
iv[iv_index[i]], iv_len[i],
additional[add_index[i]], add_len[i] );
if( ret != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
return( 1 );
}
if( pt_len[i] > 32 )
{
size_t rest_len = pt_len[i] - 32;
ret = gcm_update( &ctx, 32, pt[pt_index[i]], buf );
if( ret != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
return( 1 );
}
ret = gcm_update( &ctx, rest_len, pt[pt_index[i]] + 32,
buf + 32 );
if( ret != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
return( 1 );
}
}
else
{
ret = gcm_update( &ctx, pt_len[i], pt[pt_index[i]], buf );
if( ret != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
return( 1 );
}
}
ret = gcm_finish( &ctx, tag_buf, 16 );
if( ret != 0 ||
memcmp( buf, ct[j * 6 + i], pt_len[i] ) != 0 ||
memcmp( tag_buf, tag[j * 6 + i], 16 ) != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
return( 1 );
}
gcm_free( &ctx );
if( verbose != 0 )
polarssl_printf( "passed\n" );
if( verbose != 0 )
polarssl_printf( " AES-GCM-%3d #%d split (%s): ",
key_len, i, "dec" );
gcm_init( &ctx, cipher, key[key_index[i]], key_len );
ret = gcm_starts( &ctx, GCM_DECRYPT,
iv[iv_index[i]], iv_len[i],
additional[add_index[i]], add_len[i] );
if( ret != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
return( 1 );
}
if( pt_len[i] > 32 )
{
size_t rest_len = pt_len[i] - 32;
ret = gcm_update( &ctx, 32, ct[j * 6 + i], buf );
if( ret != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
return( 1 );
}
ret = gcm_update( &ctx, rest_len, ct[j * 6 + i] + 32,
buf + 32 );
if( ret != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
return( 1 );
}
}
else
{
ret = gcm_update( &ctx, pt_len[i], ct[j * 6 + i], buf );
if( ret != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
return( 1 );
}
}
ret = gcm_finish( &ctx, tag_buf, 16 );
if( ret != 0 ||
memcmp( buf, pt[pt_index[i]], pt_len[i] ) != 0 ||
memcmp( tag_buf, tag[j * 6 + i], 16 ) != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
return( 1 );
}
gcm_free( &ctx );
if( verbose != 0 )
polarssl_printf( "passed\n" );
}
}
if( verbose != 0 )
polarssl_printf( "\n" );
return( 0 );
}
#endif /* POLARSSL_SELF_TEST && POLARSSL_AES_C */
#endif /* POLARSSL_GCM_C */

247
Externals/polarssl/library/havege.c vendored
View File

@ -1,247 +0,0 @@
/**
* \brief HAVEGE: HArdware Volatile Entropy Gathering and Expansion
*
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
/*
* The HAVEGE RNG was designed by Andre Seznec in 2002.
*
* http://www.irisa.fr/caps/projects/hipsor/publi.php
*
* Contact: seznec(at)irisa_dot_fr - orocheco(at)irisa_dot_fr
*/
#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#if defined(POLARSSL_HAVEGE_C)
#include "polarssl/havege.h"
#include "polarssl/timing.h"
#include <string.h>
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
/* ------------------------------------------------------------------------
* On average, one iteration accesses two 8-word blocks in the havege WALK
* table, and generates 16 words in the RES array.
*
* The data read in the WALK table is updated and permuted after each use.
* The result of the hardware clock counter read is used for this update.
*
* 25 conditional tests are present. The conditional tests are grouped in
* two nested groups of 12 conditional tests and 1 test that controls the
* permutation; on average, there should be 6 tests executed and 3 of them
* should be mispredicted.
* ------------------------------------------------------------------------
*/
#define SWAP(X,Y) { int *T = X; X = Y; Y = T; }
#define TST1_ENTER if( PTEST & 1 ) { PTEST ^= 3; PTEST >>= 1;
#define TST2_ENTER if( PTEST & 1 ) { PTEST ^= 3; PTEST >>= 1;
#define TST1_LEAVE U1++; }
#define TST2_LEAVE U2++; }
#define ONE_ITERATION \
\
PTEST = PT1 >> 20; \
\
TST1_ENTER TST1_ENTER TST1_ENTER TST1_ENTER \
TST1_ENTER TST1_ENTER TST1_ENTER TST1_ENTER \
TST1_ENTER TST1_ENTER TST1_ENTER TST1_ENTER \
\
TST1_LEAVE TST1_LEAVE TST1_LEAVE TST1_LEAVE \
TST1_LEAVE TST1_LEAVE TST1_LEAVE TST1_LEAVE \
TST1_LEAVE TST1_LEAVE TST1_LEAVE TST1_LEAVE \
\
PTX = (PT1 >> 18) & 7; \
PT1 &= 0x1FFF; \
PT2 &= 0x1FFF; \
CLK = (int) hardclock(); \
\
i = 0; \
A = &WALK[PT1 ]; RES[i++] ^= *A; \
B = &WALK[PT2 ]; RES[i++] ^= *B; \
C = &WALK[PT1 ^ 1]; RES[i++] ^= *C; \
D = &WALK[PT2 ^ 4]; RES[i++] ^= *D; \
\
IN = (*A >> (1)) ^ (*A << (31)) ^ CLK; \
*A = (*B >> (2)) ^ (*B << (30)) ^ CLK; \
*B = IN ^ U1; \
*C = (*C >> (3)) ^ (*C << (29)) ^ CLK; \
*D = (*D >> (4)) ^ (*D << (28)) ^ CLK; \
\
A = &WALK[PT1 ^ 2]; RES[i++] ^= *A; \
B = &WALK[PT2 ^ 2]; RES[i++] ^= *B; \
C = &WALK[PT1 ^ 3]; RES[i++] ^= *C; \
D = &WALK[PT2 ^ 6]; RES[i++] ^= *D; \
\
if( PTEST & 1 ) SWAP( A, C ); \
\
IN = (*A >> (5)) ^ (*A << (27)) ^ CLK; \
*A = (*B >> (6)) ^ (*B << (26)) ^ CLK; \
*B = IN; CLK = (int) hardclock(); \
*C = (*C >> (7)) ^ (*C << (25)) ^ CLK; \
*D = (*D >> (8)) ^ (*D << (24)) ^ CLK; \
\
A = &WALK[PT1 ^ 4]; \
B = &WALK[PT2 ^ 1]; \
\
PTEST = PT2 >> 1; \
\
PT2 = (RES[(i - 8) ^ PTY] ^ WALK[PT2 ^ PTY ^ 7]); \
PT2 = ((PT2 & 0x1FFF) & (~8)) ^ ((PT1 ^ 8) & 0x8); \
PTY = (PT2 >> 10) & 7; \
\
TST2_ENTER TST2_ENTER TST2_ENTER TST2_ENTER \
TST2_ENTER TST2_ENTER TST2_ENTER TST2_ENTER \
TST2_ENTER TST2_ENTER TST2_ENTER TST2_ENTER \
\
TST2_LEAVE TST2_LEAVE TST2_LEAVE TST2_LEAVE \
TST2_LEAVE TST2_LEAVE TST2_LEAVE TST2_LEAVE \
TST2_LEAVE TST2_LEAVE TST2_LEAVE TST2_LEAVE \
\
C = &WALK[PT1 ^ 5]; \
D = &WALK[PT2 ^ 5]; \
\
RES[i++] ^= *A; \
RES[i++] ^= *B; \
RES[i++] ^= *C; \
RES[i++] ^= *D; \
\
IN = (*A >> ( 9)) ^ (*A << (23)) ^ CLK; \
*A = (*B >> (10)) ^ (*B << (22)) ^ CLK; \
*B = IN ^ U2; \
*C = (*C >> (11)) ^ (*C << (21)) ^ CLK; \
*D = (*D >> (12)) ^ (*D << (20)) ^ CLK; \
\
A = &WALK[PT1 ^ 6]; RES[i++] ^= *A; \
B = &WALK[PT2 ^ 3]; RES[i++] ^= *B; \
C = &WALK[PT1 ^ 7]; RES[i++] ^= *C; \
D = &WALK[PT2 ^ 7]; RES[i++] ^= *D; \
\
IN = (*A >> (13)) ^ (*A << (19)) ^ CLK; \
*A = (*B >> (14)) ^ (*B << (18)) ^ CLK; \
*B = IN; \
*C = (*C >> (15)) ^ (*C << (17)) ^ CLK; \
*D = (*D >> (16)) ^ (*D << (16)) ^ CLK; \
\
PT1 = ( RES[( i - 8 ) ^ PTX] ^ \
WALK[PT1 ^ PTX ^ 7] ) & (~1); \
PT1 ^= (PT2 ^ 0x10) & 0x10; \
\
for( n++, i = 0; i < 16; i++ ) \
hs->pool[n % COLLECT_SIZE] ^= RES[i];
/*
* Entropy gathering function
*/
static void havege_fill( havege_state *hs )
{
int i, n = 0;
int U1, U2, *A, *B, *C, *D;
int PT1, PT2, *WALK, RES[16];
int PTX, PTY, CLK, PTEST, IN;
WALK = hs->WALK;
PT1 = hs->PT1;
PT2 = hs->PT2;
PTX = U1 = 0;
PTY = U2 = 0;
memset( RES, 0, sizeof( RES ) );
while( n < COLLECT_SIZE * 4 )
{
ONE_ITERATION
ONE_ITERATION
ONE_ITERATION
ONE_ITERATION
}
hs->PT1 = PT1;
hs->PT2 = PT2;
hs->offset[0] = 0;
hs->offset[1] = COLLECT_SIZE / 2;
}
/*
* HAVEGE initialization
*/
void havege_init( havege_state *hs )
{
memset( hs, 0, sizeof( havege_state ) );
havege_fill( hs );
}
void havege_free( havege_state *hs )
{
if( hs == NULL )
return;
polarssl_zeroize( hs, sizeof( havege_state ) );
}
/*
* HAVEGE rand function
*/
int havege_random( void *p_rng, unsigned char *buf, size_t len )
{
int val;
size_t use_len;
havege_state *hs = (havege_state *) p_rng;
unsigned char *p = buf;
while( len > 0 )
{
use_len = len;
if( use_len > sizeof(int) )
use_len = sizeof(int);
if( hs->offset[1] >= COLLECT_SIZE )
havege_fill( hs );
val = hs->pool[hs->offset[0]++];
val ^= hs->pool[hs->offset[1]++];
memcpy( p, &val, use_len );
len -= use_len;
p += use_len;
}
return( 0 );
}
#endif /* POLARSSL_HAVEGE_C */

502
Externals/polarssl/library/hmac_drbg.c vendored
View File

@ -1,502 +0,0 @@
/*
* HMAC_DRBG implementation (NIST SP 800-90)
*
* Copyright (C) 2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
/*
* The NIST SP 800-90A DRBGs are described in the following publication.
* http://csrc.nist.gov/publications/nistpubs/800-90A/SP800-90A.pdf
* References below are based on rev. 1 (January 2012).
*/
#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#if defined(POLARSSL_HMAC_DRBG_C)
#include "polarssl/hmac_drbg.h"
#if defined(POLARSSL_FS_IO)
#include <stdio.h>
#endif
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#define polarssl_printf printf
#endif
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
/*
* HMAC_DRBG update, using optional additional data (10.1.2.2)
*/
void hmac_drbg_update( hmac_drbg_context *ctx,
const unsigned char *additional, size_t add_len )
{
size_t md_len = ctx->md_ctx.md_info->size;
unsigned char rounds = ( additional != NULL && add_len != 0 ) ? 2 : 1;
unsigned char sep[1];
unsigned char K[POLARSSL_MD_MAX_SIZE];
for( sep[0] = 0; sep[0] < rounds; sep[0]++ )
{
/* Step 1 or 4 */
md_hmac_reset( &ctx->md_ctx );
md_hmac_update( &ctx->md_ctx, ctx->V, md_len );
md_hmac_update( &ctx->md_ctx, sep, 1 );
if( rounds == 2 )
md_hmac_update( &ctx->md_ctx, additional, add_len );
md_hmac_finish( &ctx->md_ctx, K );
/* Step 2 or 5 */
md_hmac_starts( &ctx->md_ctx, K, md_len );
md_hmac_update( &ctx->md_ctx, ctx->V, md_len );
md_hmac_finish( &ctx->md_ctx, ctx->V );
}
}
/*
* Simplified HMAC_DRBG initialisation (for use with deterministic ECDSA)
*/
int hmac_drbg_init_buf( hmac_drbg_context *ctx,
const md_info_t * md_info,
const unsigned char *data, size_t data_len )
{
int ret;
memset( ctx, 0, sizeof( hmac_drbg_context ) );
md_init( &ctx->md_ctx );
if( ( ret = md_init_ctx( &ctx->md_ctx, md_info ) ) != 0 )
return( ret );
/*
* Set initial working state.
* Use the V memory location, which is currently all 0, to initialize the
* MD context with an all-zero key. Then set V to its initial value.
*/
md_hmac_starts( &ctx->md_ctx, ctx->V, md_info->size );
memset( ctx->V, 0x01, md_info->size );
hmac_drbg_update( ctx, data, data_len );
return( 0 );
}
/*
* HMAC_DRBG reseeding: 10.1.2.4 (arabic) + 9.2 (Roman)
*/
int hmac_drbg_reseed( hmac_drbg_context *ctx,
const unsigned char *additional, size_t len )
{
unsigned char seed[POLARSSL_HMAC_DRBG_MAX_SEED_INPUT];
size_t seedlen;
/* III. Check input length */
if( len > POLARSSL_HMAC_DRBG_MAX_INPUT ||
ctx->entropy_len + len > POLARSSL_HMAC_DRBG_MAX_SEED_INPUT )
{
return( POLARSSL_ERR_HMAC_DRBG_INPUT_TOO_BIG );
}
memset( seed, 0, POLARSSL_HMAC_DRBG_MAX_SEED_INPUT );
/* IV. Gather entropy_len bytes of entropy for the seed */
if( ctx->f_entropy( ctx->p_entropy, seed, ctx->entropy_len ) != 0 )
return( POLARSSL_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED );
seedlen = ctx->entropy_len;
/* 1. Concatenate entropy and additional data if any */
if( additional != NULL && len != 0 )
{
memcpy( seed + seedlen, additional, len );
seedlen += len;
}
/* 2. Update state */
hmac_drbg_update( ctx, seed, seedlen );
/* 3. Reset reseed_counter */
ctx->reseed_counter = 1;
/* 4. Done */
return( 0 );
}
/*
* HMAC_DRBG initialisation (10.1.2.3 + 9.1)
*/
int hmac_drbg_init( hmac_drbg_context *ctx,
const md_info_t * md_info,
int (*f_entropy)(void *, unsigned char *, size_t),
void *p_entropy,
const unsigned char *custom,
size_t len )
{
int ret;
size_t entropy_len;
memset( ctx, 0, sizeof( hmac_drbg_context ) );
md_init( &ctx->md_ctx );
if( ( ret = md_init_ctx( &ctx->md_ctx, md_info ) ) != 0 )
return( ret );
/*
* Set initial working state.
* Use the V memory location, which is currently all 0, to initialize the
* MD context with an all-zero key. Then set V to its initial value.
*/
md_hmac_starts( &ctx->md_ctx, ctx->V, md_info->size );
memset( ctx->V, 0x01, md_info->size );
ctx->f_entropy = f_entropy;
ctx->p_entropy = p_entropy;
ctx->reseed_interval = POLARSSL_HMAC_DRBG_RESEED_INTERVAL;
/*
* See SP800-57 5.6.1 (p. 65-66) for the security strength provided by
* each hash function, then according to SP800-90A rev1 10.1 table 2,
* min_entropy_len (in bits) is security_strength.
*
* (This also matches the sizes used in the NIST test vectors.)
*/
entropy_len = md_info->size <= 20 ? 16 : /* 160-bits hash -> 128 bits */
md_info->size <= 28 ? 24 : /* 224-bits hash -> 192 bits */
32; /* better (256+) -> 256 bits */
/*
* For initialisation, use more entropy to emulate a nonce
* (Again, matches test vectors.)
*/
ctx->entropy_len = entropy_len * 3 / 2;
if( ( ret = hmac_drbg_reseed( ctx, custom, len ) ) != 0 )
return( ret );
ctx->entropy_len = entropy_len;
return( 0 );
}
/*
* Set prediction resistance
*/
void hmac_drbg_set_prediction_resistance( hmac_drbg_context *ctx,
int resistance )
{
ctx->prediction_resistance = resistance;
}
/*
* Set entropy length grabbed for reseeds
*/
void hmac_drbg_set_entropy_len( hmac_drbg_context *ctx, size_t len )
{
ctx->entropy_len = len;
}
/*
* Set reseed interval
*/
void hmac_drbg_set_reseed_interval( hmac_drbg_context *ctx, int interval )
{
ctx->reseed_interval = interval;
}
/*
* HMAC_DRBG random function with optional additional data:
* 10.1.2.5 (arabic) + 9.3 (Roman)
*/
int hmac_drbg_random_with_add( void *p_rng,
unsigned char *output, size_t out_len,
const unsigned char *additional, size_t add_len )
{
int ret;
hmac_drbg_context *ctx = (hmac_drbg_context *) p_rng;
size_t md_len = md_get_size( ctx->md_ctx.md_info );
size_t left = out_len;
unsigned char *out = output;
/* II. Check request length */
if( out_len > POLARSSL_HMAC_DRBG_MAX_REQUEST )
return( POLARSSL_ERR_HMAC_DRBG_REQUEST_TOO_BIG );
/* III. Check input length */
if( add_len > POLARSSL_HMAC_DRBG_MAX_INPUT )
return( POLARSSL_ERR_HMAC_DRBG_INPUT_TOO_BIG );
/* 1. (aka VII and IX) Check reseed counter and PR */
if( ctx->f_entropy != NULL && /* For no-reseeding instances */
( ctx->prediction_resistance == POLARSSL_HMAC_DRBG_PR_ON ||
ctx->reseed_counter > ctx->reseed_interval ) )
{
if( ( ret = hmac_drbg_reseed( ctx, additional, add_len ) ) != 0 )
return( ret );
add_len = 0; /* VII.4 */
}
/* 2. Use additional data if any */
if( additional != NULL && add_len != 0 )
hmac_drbg_update( ctx, additional, add_len );
/* 3, 4, 5. Generate bytes */
while( left != 0 )
{
size_t use_len = left > md_len ? md_len : left;
md_hmac_reset( &ctx->md_ctx );
md_hmac_update( &ctx->md_ctx, ctx->V, md_len );
md_hmac_finish( &ctx->md_ctx, ctx->V );
memcpy( out, ctx->V, use_len );
out += use_len;
left -= use_len;
}
/* 6. Update */
hmac_drbg_update( ctx, additional, add_len );
/* 7. Update reseed counter */
ctx->reseed_counter++;
/* 8. Done */
return( 0 );
}
/*
* HMAC_DRBG random function
*/
int hmac_drbg_random( void *p_rng, unsigned char *output, size_t out_len )
{
return( hmac_drbg_random_with_add( p_rng, output, out_len, NULL, 0 ) );
}
/*
* Free an HMAC_DRBG context
*/
void hmac_drbg_free( hmac_drbg_context *ctx )
{
if( ctx == NULL )
return;
md_free_ctx( &ctx->md_ctx );
polarssl_zeroize( ctx, sizeof( hmac_drbg_context ) );
}
#if defined(POLARSSL_FS_IO)
int hmac_drbg_write_seed_file( hmac_drbg_context *ctx, const char *path )
{
int ret;
FILE *f;
unsigned char buf[ POLARSSL_HMAC_DRBG_MAX_INPUT ];
if( ( f = fopen( path, "wb" ) ) == NULL )
return( POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR );
if( ( ret = hmac_drbg_random( ctx, buf, sizeof( buf ) ) ) != 0 )
goto exit;
if( fwrite( buf, 1, sizeof( buf ), f ) != sizeof( buf ) )
{
ret = POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR;
goto exit;
}
ret = 0;
exit:
fclose( f );
return( ret );
}
int hmac_drbg_update_seed_file( hmac_drbg_context *ctx, const char *path )
{
FILE *f;
size_t n;
unsigned char buf[ POLARSSL_HMAC_DRBG_MAX_INPUT ];
if( ( f = fopen( path, "rb" ) ) == NULL )
return( POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR );
fseek( f, 0, SEEK_END );
n = (size_t) ftell( f );
fseek( f, 0, SEEK_SET );
if( n > POLARSSL_HMAC_DRBG_MAX_INPUT )
{
fclose( f );
return( POLARSSL_ERR_HMAC_DRBG_INPUT_TOO_BIG );
}
if( fread( buf, 1, n, f ) != n )
{
fclose( f );
return( POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR );
}
fclose( f );
hmac_drbg_update( ctx, buf, n );
return( hmac_drbg_write_seed_file( ctx, path ) );
}
#endif /* POLARSSL_FS_IO */
#if defined(POLARSSL_SELF_TEST)
#include <stdio.h>
#if !defined(POLARSSL_SHA1_C)
/* Dummy checkup routine */
int hmac_drbg_self_test( int verbose )
{
if( verbose != 0 )
polarssl_printf( "\n" );
return( 0 );
}
#else
#define OUTPUT_LEN 80
/* From a NIST PR=true test vector */
static unsigned char entropy_pr[] = {
0xa0, 0xc9, 0xab, 0x58, 0xf1, 0xe2, 0xe5, 0xa4, 0xde, 0x3e, 0xbd, 0x4f,
0xf7, 0x3e, 0x9c, 0x5b, 0x64, 0xef, 0xd8, 0xca, 0x02, 0x8c, 0xf8, 0x11,
0x48, 0xa5, 0x84, 0xfe, 0x69, 0xab, 0x5a, 0xee, 0x42, 0xaa, 0x4d, 0x42,
0x17, 0x60, 0x99, 0xd4, 0x5e, 0x13, 0x97, 0xdc, 0x40, 0x4d, 0x86, 0xa3,
0x7b, 0xf5, 0x59, 0x54, 0x75, 0x69, 0x51, 0xe4 };
static const unsigned char result_pr[OUTPUT_LEN] = {
0x9a, 0x00, 0xa2, 0xd0, 0x0e, 0xd5, 0x9b, 0xfe, 0x31, 0xec, 0xb1, 0x39,
0x9b, 0x60, 0x81, 0x48, 0xd1, 0x96, 0x9d, 0x25, 0x0d, 0x3c, 0x1e, 0x94,
0x10, 0x10, 0x98, 0x12, 0x93, 0x25, 0xca, 0xb8, 0xfc, 0xcc, 0x2d, 0x54,
0x73, 0x19, 0x70, 0xc0, 0x10, 0x7a, 0xa4, 0x89, 0x25, 0x19, 0x95, 0x5e,
0x4b, 0xc6, 0x00, 0x1d, 0x7f, 0x4e, 0x6a, 0x2b, 0xf8, 0xa3, 0x01, 0xab,
0x46, 0x05, 0x5c, 0x09, 0xa6, 0x71, 0x88, 0xf1, 0xa7, 0x40, 0xee, 0xf3,
0xe1, 0x5c, 0x02, 0x9b, 0x44, 0xaf, 0x03, 0x44 };
/* From a NIST PR=false test vector */
static unsigned char entropy_nopr[] = {
0x79, 0x34, 0x9b, 0xbf, 0x7c, 0xdd, 0xa5, 0x79, 0x95, 0x57, 0x86, 0x66,
0x21, 0xc9, 0x13, 0x83, 0x11, 0x46, 0x73, 0x3a, 0xbf, 0x8c, 0x35, 0xc8,
0xc7, 0x21, 0x5b, 0x5b, 0x96, 0xc4, 0x8e, 0x9b, 0x33, 0x8c, 0x74, 0xe3,
0xe9, 0x9d, 0xfe, 0xdf };
static const unsigned char result_nopr[OUTPUT_LEN] = {
0xc6, 0xa1, 0x6a, 0xb8, 0xd4, 0x20, 0x70, 0x6f, 0x0f, 0x34, 0xab, 0x7f,
0xec, 0x5a, 0xdc, 0xa9, 0xd8, 0xca, 0x3a, 0x13, 0x3e, 0x15, 0x9c, 0xa6,
0xac, 0x43, 0xc6, 0xf8, 0xa2, 0xbe, 0x22, 0x83, 0x4a, 0x4c, 0x0a, 0x0a,
0xff, 0xb1, 0x0d, 0x71, 0x94, 0xf1, 0xc1, 0xa5, 0xcf, 0x73, 0x22, 0xec,
0x1a, 0xe0, 0x96, 0x4e, 0xd4, 0xbf, 0x12, 0x27, 0x46, 0xe0, 0x87, 0xfd,
0xb5, 0xb3, 0xe9, 0x1b, 0x34, 0x93, 0xd5, 0xbb, 0x98, 0xfa, 0xed, 0x49,
0xe8, 0x5f, 0x13, 0x0f, 0xc8, 0xa4, 0x59, 0xb7 };
/* "Entropy" from buffer */
static size_t test_offset;
static int hmac_drbg_self_test_entropy( void *data,
unsigned char *buf, size_t len )
{
const unsigned char *p = data;
memcpy( buf, p + test_offset, len );
test_offset += len;
return( 0 );
}
#define CHK( c ) if( (c) != 0 ) \
{ \
if( verbose != 0 ) \
polarssl_printf( "failed\n" ); \
return( 1 ); \
}
/*
* Checkup routine for HMAC_DRBG with SHA-1
*/
int hmac_drbg_self_test( int verbose )
{
hmac_drbg_context ctx;
unsigned char buf[OUTPUT_LEN];
const md_info_t *md_info = md_info_from_type( POLARSSL_MD_SHA1 );
/*
* PR = True
*/
if( verbose != 0 )
polarssl_printf( " HMAC_DRBG (PR = True) : " );
test_offset = 0;
CHK( hmac_drbg_init( &ctx, md_info,
hmac_drbg_self_test_entropy, entropy_pr,
NULL, 0 ) );
hmac_drbg_set_prediction_resistance( &ctx, POLARSSL_HMAC_DRBG_PR_ON );
CHK( hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) );
CHK( hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) );
CHK( memcmp( buf, result_pr, OUTPUT_LEN ) );
hmac_drbg_free( &ctx );
if( verbose != 0 )
polarssl_printf( "passed\n" );
/*
* PR = False
*/
if( verbose != 0 )
polarssl_printf( " HMAC_DRBG (PR = False) : " );
test_offset = 0;
CHK( hmac_drbg_init( &ctx, md_info,
hmac_drbg_self_test_entropy, entropy_nopr,
NULL, 0 ) );
CHK( hmac_drbg_reseed( &ctx, NULL, 0 ) );
CHK( hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) );
CHK( hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) );
CHK( memcmp( buf, result_nopr, OUTPUT_LEN ) );
hmac_drbg_free( &ctx );
if( verbose != 0 )
polarssl_printf( "passed\n" );
if( verbose != 0 )
polarssl_printf( "\n" );
return( 0 );
}
#endif /* POLARSSL_SHA1_C */
#endif /* POLARSSL_SELF_TEST */
#endif /* POLARSSL_HMAC_DRBG_C */

341
Externals/polarssl/library/md.c vendored
View File

@ -1,341 +0,0 @@
/**
* \file md.c
*
* \brief Generic message digest wrapper for PolarSSL
*
* \author Adriaan de Jong <dejong@fox-it.com>
*
* Copyright (C) 2006-2014, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#if !defined(POLARSSL_CONFIG_FILE)
#include "polarssl/config.h"
#else
#include POLARSSL_CONFIG_FILE
#endif
#if defined(POLARSSL_MD_C)
#include "polarssl/md.h"
#include "polarssl/md_wrap.h"
#include <stdlib.h>
#if defined(_MSC_VER) && !defined strcasecmp && !defined(EFIX64) && \
!defined(EFI32)
#define strcasecmp _stricmp
#endif
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
static const int supported_digests[] = {
#if defined(POLARSSL_SHA512_C)
POLARSSL_MD_SHA384,
POLARSSL_MD_SHA512,
#endif
#if defined(POLARSSL_SHA256_C)
POLARSSL_MD_SHA224,
POLARSSL_MD_SHA256,
#endif
#if defined(POLARSSL_SHA1_C)
POLARSSL_MD_SHA1,
#endif
#if defined(POLARSSL_RIPEMD160_C)
POLARSSL_MD_RIPEMD160,
#endif
#if defined(POLARSSL_MD5_C)
POLARSSL_MD_MD5,
#endif
#if defined(POLARSSL_MD4_C)
POLARSSL_MD_MD4,
#endif
#if defined(POLARSSL_MD2_C)
POLARSSL_MD_MD2,
#endif
POLARSSL_MD_NONE
};
const int *md_list( void )
{
return( supported_digests );
}
const md_info_t *md_info_from_string( const char *md_name )
{
if( NULL == md_name )
return( NULL );
/* Get the appropriate digest information */
#if defined(POLARSSL_MD2_C)
if( !strcasecmp( "MD2", md_name ) )
return md_info_from_type( POLARSSL_MD_MD2 );
#endif
#if defined(POLARSSL_MD4_C)
if( !strcasecmp( "MD4", md_name ) )
return md_info_from_type( POLARSSL_MD_MD4 );
#endif
#if defined(POLARSSL_MD5_C)
if( !strcasecmp( "MD5", md_name ) )
return md_info_from_type( POLARSSL_MD_MD5 );
#endif
#if defined(POLARSSL_RIPEMD160_C)
if( !strcasecmp( "RIPEMD160", md_name ) )
return md_info_from_type( POLARSSL_MD_RIPEMD160 );
#endif
#if defined(POLARSSL_SHA1_C)
if( !strcasecmp( "SHA1", md_name ) || !strcasecmp( "SHA", md_name ) )
return md_info_from_type( POLARSSL_MD_SHA1 );
#endif
#if defined(POLARSSL_SHA256_C)
if( !strcasecmp( "SHA224", md_name ) )
return md_info_from_type( POLARSSL_MD_SHA224 );
if( !strcasecmp( "SHA256", md_name ) )
return md_info_from_type( POLARSSL_MD_SHA256 );
#endif
#if defined(POLARSSL_SHA512_C)
if( !strcasecmp( "SHA384", md_name ) )
return md_info_from_type( POLARSSL_MD_SHA384 );
if( !strcasecmp( "SHA512", md_name ) )
return md_info_from_type( POLARSSL_MD_SHA512 );
#endif
return( NULL );
}
const md_info_t *md_info_from_type( md_type_t md_type )
{
switch( md_type )
{
#if defined(POLARSSL_MD2_C)
case POLARSSL_MD_MD2:
return( &md2_info );
#endif
#if defined(POLARSSL_MD4_C)
case POLARSSL_MD_MD4:
return( &md4_info );
#endif
#if defined(POLARSSL_MD5_C)
case POLARSSL_MD_MD5:
return( &md5_info );
#endif
#if defined(POLARSSL_RIPEMD160_C)
case POLARSSL_MD_RIPEMD160:
return( &ripemd160_info );
#endif
#if defined(POLARSSL_SHA1_C)
case POLARSSL_MD_SHA1:
return( &sha1_info );
#endif
#if defined(POLARSSL_SHA256_C)
case POLARSSL_MD_SHA224:
return( &sha224_info );
case POLARSSL_MD_SHA256:
return( &sha256_info );
#endif
#if defined(POLARSSL_SHA512_C)
case POLARSSL_MD_SHA384:
return( &sha384_info );
case POLARSSL_MD_SHA512:
return( &sha512_info );
#endif
default:
return( NULL );
}
}
void md_init( md_context_t *ctx )
{
memset( ctx, 0, sizeof( md_context_t ) );
}
void md_free( md_context_t *ctx )
{
if( ctx == NULL )
return;
if( ctx->md_ctx )
ctx->md_info->ctx_free_func( ctx->md_ctx );
polarssl_zeroize( ctx, sizeof( md_context_t ) );
}
int md_init_ctx( md_context_t *ctx, const md_info_t *md_info )
{
if( md_info == NULL || ctx == NULL )
return( POLARSSL_ERR_MD_BAD_INPUT_DATA );
memset( ctx, 0, sizeof( md_context_t ) );
if( ( ctx->md_ctx = md_info->ctx_alloc_func() ) == NULL )
return( POLARSSL_ERR_MD_ALLOC_FAILED );
ctx->md_info = md_info;
md_info->starts_func( ctx->md_ctx );
return( 0 );
}
int md_free_ctx( md_context_t *ctx )
{
md_free( ctx );
return( 0 );
}
int md_starts( md_context_t *ctx )
{
if( ctx == NULL || ctx->md_info == NULL )
return( POLARSSL_ERR_MD_BAD_INPUT_DATA );
ctx->md_info->starts_func( ctx->md_ctx );
return( 0 );
}
int md_update( md_context_t *ctx, const unsigned char *input, size_t ilen )
{
if( ctx == NULL || ctx->md_info == NULL )
return( POLARSSL_ERR_MD_BAD_INPUT_DATA );
ctx->md_info->update_func( ctx->md_ctx, input, ilen );
return( 0 );
}
int md_finish( md_context_t *ctx, unsigned char *output )
{
if( ctx == NULL || ctx->md_info == NULL )
return( POLARSSL_ERR_MD_BAD_INPUT_DATA );
ctx->md_info->finish_func( ctx->md_ctx, output );
return( 0 );
}
int md( const md_info_t *md_info, const unsigned char *input, size_t ilen,
unsigned char *output )
{
if( md_info == NULL )
return( POLARSSL_ERR_MD_BAD_INPUT_DATA );
md_info->digest_func( input, ilen, output );
return( 0 );
}
int md_file( const md_info_t *md_info, const char *path, unsigned char *output )
{
#if defined(POLARSSL_FS_IO)
int ret;
#endif
if( md_info == NULL )
return( POLARSSL_ERR_MD_BAD_INPUT_DATA );
#if defined(POLARSSL_FS_IO)
ret = md_info->file_func( path, output );
if( ret != 0 )
return( POLARSSL_ERR_MD_FILE_IO_ERROR + ret );
return( ret );
#else
((void) path);
((void) output);
return( POLARSSL_ERR_MD_FEATURE_UNAVAILABLE );
#endif /* POLARSSL_FS_IO */
}
int md_hmac_starts( md_context_t *ctx, const unsigned char *key, size_t keylen )
{
if( ctx == NULL || ctx->md_info == NULL )
return( POLARSSL_ERR_MD_BAD_INPUT_DATA );
ctx->md_info->hmac_starts_func( ctx->md_ctx, key, keylen );
return( 0 );
}
int md_hmac_update( md_context_t *ctx, const unsigned char *input, size_t ilen )
{
if( ctx == NULL || ctx->md_info == NULL )
return( POLARSSL_ERR_MD_BAD_INPUT_DATA );
ctx->md_info->hmac_update_func( ctx->md_ctx, input, ilen );
return( 0 );
}
int md_hmac_finish( md_context_t *ctx, unsigned char *output )
{
if( ctx == NULL || ctx->md_info == NULL )
return( POLARSSL_ERR_MD_BAD_INPUT_DATA );
ctx->md_info->hmac_finish_func( ctx->md_ctx, output );
return( 0 );
}
int md_hmac_reset( md_context_t *ctx )
{
if( ctx == NULL || ctx->md_info == NULL )
return( POLARSSL_ERR_MD_BAD_INPUT_DATA );
ctx->md_info->hmac_reset_func( ctx->md_ctx );
return( 0 );
}
int md_hmac( const md_info_t *md_info, const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen,
unsigned char *output )
{
if( md_info == NULL )
return( POLARSSL_ERR_MD_BAD_INPUT_DATA );
md_info->hmac_func( key, keylen, input, ilen, output );
return( 0 );
}
int md_process( md_context_t *ctx, const unsigned char *data )
{
if( ctx == NULL || ctx->md_info == NULL )
return( POLARSSL_ERR_MD_BAD_INPUT_DATA );
ctx->md_info->process_func( ctx->md_ctx, data );
return( 0 );
}
#endif /* POLARSSL_MD_C */

Some files were not shown because too many files have changed in this diff Show More