diff options
| author | Michael Brown <mcb30@etherboot.org> | 2009-02-10 15:47:44 +0000 |
|---|---|---|
| committer | Michael Brown <mcb30@etherboot.org> | 2009-02-10 15:47:44 +0000 |
| commit | 5a99c586cfff4c01b5b2bb2da6637b4913ebbc75 (patch) | |
| tree | dea5580be630e53c30d01a71ce092f455f5b6be2 /src/crypto | |
| parent | 750c19466a018f089316bccdeb50a55a7b8f0866 (diff) | |
| download | ipxe-5a99c586cfff4c01b5b2bb2da6637b4913ebbc75.zip ipxe-5a99c586cfff4c01b5b2bb2da6637b4913ebbc75.tar.gz ipxe-5a99c586cfff4c01b5b2bb2da6637b4913ebbc75.tar.bz2 | |
[crypto] Remove unused files
Diffstat (limited to 'src/crypto')
| -rw-r--r-- | src/crypto/cryptoLayer.h | 120 | ||||
| -rw-r--r-- | src/crypto/framework.c | 86 | ||||
| -rw-r--r-- | src/crypto/matrixssl/mpi.h | 487 | ||||
| -rw-r--r-- | src/crypto/matrixssl/pscrypto.h | 661 | ||||
| -rw-r--r-- | src/crypto/ssl.c | 136 | ||||
| -rw-r--r-- | src/crypto/ssl.h | 19 | ||||
| -rw-r--r-- | src/crypto/ssl_constructs.h | 342 |
7 files changed, 0 insertions, 1851 deletions
diff --git a/src/crypto/cryptoLayer.h b/src/crypto/cryptoLayer.h deleted file mode 100644 index d2e10f2..0000000 --- a/src/crypto/cryptoLayer.h +++ /dev/null @@ -1,120 +0,0 @@ -#ifndef _MATRIXSSL_CRYPTOLAYER_H -#define _MATRIXSSL_CRYPTOLAYER_H - -/** @file - * - * Compatibility layer for MatrixSSL - * - */ - -#include <stdint.h> -#include <stddef.h> -#include <stdlib.h> -#include <string.h> -#include <ctype.h> -#include <assert.h> -#include <byteswap.h> -#include <gpxe/rotate.h> -#include <gpxe/crypto.h> - -/* Drag in pscrypto.h */ -typedef uint64_t ulong64; -typedef void psPool_t; -#define SMALL_CODE -#define USE_INT64 -#define USE_RSA -#define USE_RSA_PUBLIC_ENCRYPT -#define CRYPT -#include "matrixssl/pscrypto.h" -#define SMALL_CODE -#undef CLEAN_STACK - -#define sslAssert( ... ) assert ( __VA_ARGS__ ) - -static inline __attribute__ (( always_inline )) void * __malloc -psMalloc ( psPool_t *pool __unused, size_t len ) { - return malloc ( len ); -} - -static inline __attribute__ (( always_inline )) void * -psRealloc ( void *ptr, size_t len ) { - return realloc ( ptr, len ); -} - -static inline __attribute__ (( always_inline )) void psFree ( void *ptr ) { - free ( ptr ); -} - -#define matrixStrDebugMsg( ... ) DBG ( __VA_ARGS__ ) -#define matrixIntDebugMsg( ... ) DBG ( __VA_ARGS__ ) - -/* Use our standard cpu_to_leXX etc. macros */ - -#undef LOAD32L -#define LOAD32L( cpu32, ptr ) do { \ - uint32_t *le32 = ( ( uint32_t * ) ptr ); \ - cpu32 = le32_to_cpu ( *le32 ); \ - } while ( 0 ) - -#undef LOAD32H -#define LOAD32H( cpu32, ptr ) do { \ - uint32_t *be32 = ( ( uint32_t * ) ptr ); \ - cpu32 = be32_to_cpu ( *be32 ); \ - } while ( 0 ) - -#undef LOAD64L -#define LOAD64L( cpu64, ptr ) do { \ - uint64_t *le64 = ( ( uint64_t * ) ptr ); \ - cpu64 = le64_to_cpu ( *le64 ); \ - } while ( 0 ) - -#undef LOAD64H -#define LOAD64H( cpu64, ptr ) do { \ - uint64_t *be64 = ( ( uint64_t * ) ptr ); \ - cpu64 = be64_to_cpu ( *be64 ); \ - } while ( 0 ) - -#undef STORE32L -#define STORE32L( cpu32, ptr ) do { \ - uint32_t *le32 = ( ( uint32_t * ) ptr ); \ - *le32 = cpu_to_le32 ( cpu32 ); \ - } while ( 0 ) - -#undef STORE32H -#define STORE32H( cpu32, ptr ) do { \ - uint32_t *be32 = ( ( uint32_t * ) ptr ); \ - *be32 = cpu_to_be32 ( cpu32 ); \ - } while ( 0 ) - -#undef STORE64L -#define STORE64L( cpu64, ptr ) do { \ - uint64_t *le64 = ( ( uint64_t * ) ptr ); \ - *le64 = cpu_to_le64 ( cpu64 ); \ - } while ( 0 ) - -#undef STORE64H -#define STORE64H( cpu64, ptr ) do { \ - uint64_t *be64 = ( ( uint64_t * ) ptr ); \ - *be64 = cpu_to_be64 ( cpu64 ); \ - } while ( 0 ) - -/* Use rolXX etc. from bitops.h */ - -#undef ROL -#define ROL( data, rotation ) rol32 ( (data), (rotation) ) -#undef ROLc -#define ROLc( data, rotation ) rol32 ( (data), (rotation) ) -#undef ROR -#define ROR( data, rotation ) ror32 ( (data), (rotation) ) -#undef RORc -#define RORc( data, rotation ) ror32 ( (data), (rotation) ) -#undef ROL64 -#define ROL64( data, rotation ) rol64 ( (data), (rotation) ) -#undef ROL64c -#define ROL64c( data, rotation ) rol64 ( (data), (rotation) ) -#undef ROR64 -#define ROR64( data, rotation ) ror64 ( (data), (rotation) ) -#undef ROR64c -#define ROR64c( data, rotation ) ror64 ( (data), (rotation) ) - -#endif /* _MATRIXSSL_CRYPTOLAYER_H */ diff --git a/src/crypto/framework.c b/src/crypto/framework.c deleted file mode 100644 index 0da2cbe..0000000 --- a/src/crypto/framework.c +++ /dev/null @@ -1,86 +0,0 @@ -/* mcb - this file breaks the build process; temporarily deactivating */ -#if 0 - -#include <stdlib.h> -#include <sys/types.h> -#include <sys/socket.h> -#include <netinet/in.h> -#include <netdb.h> -#include "ssl.h" - -int main(int argc, char *argv[]) -{ - SSL_t ssl; - int sockfd, portno, rc; - struct sockaddr_in serv_addr; - struct hostent *server; - - portno = 443; - sockfd = socket(AF_INET,SOCK_STREAM,0); - if(sockfd<0){ - fprintf(stderr,"Error creating socket\n"); - exit(sockfd); - } - - server = gethostbyname(argv[1]); - if(server==NULL){ - fprintf(stderr,"Error looking up host %s\n",argv[1]); - exit(1); - } - - /** - *matrixSslOpen() - *matrixSslReadKeys() - **/ - printf("Calling CreateSSLHello()\n"); - rc = CreateSSLHello(&ssl); - printf("Finished calling CreateSSLHello()\n"); - - bzero((char *) &serv_addr, sizeof(serv_addr)); - serv_addr.sin_family = AF_INET; - bcopy((char *)server->h_addr,(char *)&serv_addr.sin_addr.s_addr,server->h_length); - serv_addr.sin_port = htons(portno); - if(connect(sockfd,(struct sockaddr *) &serv_addr, sizeof(serv_addr)) < 0){ - fprintf(stderr,"ERROR connecting to server\n"); - exit(1); - } - - PrintSSLPacket(&ssl); - - printf("Write ssl.buffer\n"); - write(sockfd,ssl.buffer,ssl.length); - printf("Finished writing\n"); - ssl.length = read(sockfd,ssl.buffer,ssl.max_size); - ReadSSLHello(&ssl); - - /** - *matrixSslNewSession() - *matrixSslSetCetValidator() - *encodeSslHandshake() - - *write handshake buffer - - *readSslResponse() <-+ - | - *read return code |-- similar/same function?? - | - *sslEncode() | - *sslDecode() <-------+ - - *encodeSslCloseAlert() - - *write close alert buffer - **/ - close(sockfd); - - /** - *sslClose() - * -free connection - * -free keys - * -close pki interface - **/ - - return 0; -} - -#endif diff --git a/src/crypto/matrixssl/mpi.h b/src/crypto/matrixssl/mpi.h deleted file mode 100644 index bb2c9c5..0000000 --- a/src/crypto/matrixssl/mpi.h +++ /dev/null @@ -1,487 +0,0 @@ -/*
- * mpi.h
- * Release $Name$
- *
- * multiple-precision integer library
- */
-/*
- * Copyright (c) PeerSec Networks, 2002-2006. All Rights Reserved.
- * The latest version of this code is available at http://www.matrixssl.org
- *
- * This software is open source; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This General Public License does NOT permit incorporating this software
- * into proprietary programs. If you are unable to comply with the GPL, a
- * commercial license for this software may be purchased from PeerSec Networks
- * at http://www.peersec.com
- *
- * This program is distributed in WITHOUT ANY WARRANTY; without even the
- * implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
- * See the GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
- * http://www.gnu.org/copyleft/gpl.html
- */
-/******************************************************************************/
-
-#ifndef _h_MPI
-#define _h_MPI
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-#include <ctype.h>
-#include <limits.h>
-
-#undef MIN
-#define MIN(x,y) ((x)<(y)?(x):(y))
-#undef MAX
-#define MAX(x,y) ((x)>(y)?(x):(y))
-
-#ifdef __cplusplus
-extern "C" {
-
-
-/*
- C++ compilers don't like assigning void * to mp_digit *
- */
-#define OPT_CAST(x) (x *)
-
-#else
-
-/*
- C on the other hand doesn't care
- */
-#define OPT_CAST(x)
-
-#endif /* __cplusplus */
-
-/******************************************************************************/
-/*
- some default configurations.
-
- A "mp_digit" must be able to hold DIGIT_BIT + 1 bits
- A "mp_word" must be able to hold 2*DIGIT_BIT + 1 bits
-
- At the very least a mp_digit must be able to hold 7 bits
- [any size beyond that is ok provided it doesn't overflow the data type]
- */
-#ifdef MP_8BIT
- typedef unsigned char mp_digit;
- typedef unsigned short mp_word;
-#elif defined(MP_16BIT)
- typedef unsigned short mp_digit;
- typedef unsigned long mp_word;
-#elif defined(MP_64BIT)
-/*
- for GCC only on supported platforms
- */
- #ifndef CRYPT
- typedef unsigned long long ulong64;
- typedef signed long long long64;
- #endif /* CRYPT */
-
- typedef ulong64 mp_digit;
- typedef unsigned long mp_word __attribute__ ((mode(TI)));
-
- #define DIGIT_BIT 60
-#else /* MP_8BIT */
-/*
- this is the default case, 28-bit digits
- */
- #ifndef CRYPT
- #if defined(_MSC_VER) || defined(__BORLANDC__)
- typedef unsigned __int64 ulong64;
- typedef signed __int64 long64;
- #else
- typedef unsigned long long ulong64;
- typedef signed long long long64;
- #endif
- #endif /* CRYPT */
-
- typedef unsigned long mp_digit;
- typedef ulong64 mp_word;
-
- #ifdef MP_31BIT
-/*
- this is an extension that uses 31-bit digits
- */
- #define DIGIT_BIT 31
- #else /* MP_31BIT */
-/*
- default case is 28-bit digits, defines MP_28BIT as a handy macro to test
- */
- #define DIGIT_BIT 28
- #define MP_28BIT
- #endif /* MP_31BIT */
-#endif /* MP_8BIT */
-
-/*
- otherwise the bits per digit is calculated automatically from the size of
- a mp_digit
- */
-#ifndef DIGIT_BIT
- #define DIGIT_BIT ((int32)((CHAR_BIT * sizeof(mp_digit) - 1))) /* bits per digit */
-#endif /* DIGIT_BIT */
-
-#define MP_DIGIT_BIT DIGIT_BIT
-#define MP_MASK ((((mp_digit)1)<<((mp_digit)DIGIT_BIT))-((mp_digit)1))
-#define MP_DIGIT_MAX MP_MASK
-
-/******************************************************************************/
-/*
- equalities
- */
-#define MP_LT -1 /* less than */
-#define MP_EQ 0 /* equal to */
-#define MP_GT 1 /* greater than */
-
-#define MP_ZPOS 0 /* positive integer */
-#define MP_NEG 1 /* negative */
-
-#define MP_OKAY 0 /* ok result */
-#define MP_MEM -2 /* out of mem */
-#define MP_VAL -3 /* invalid input */
-#define MP_RANGE MP_VAL
-
-#define MP_YES 1 /* yes response */
-#define MP_NO 0 /* no response */
-
-typedef int32 mp_err;
-
-/******************************************************************************/
-/*
- various build options
- */
-#define MP_PREC 64 /* default digits of precision */
-
-/*
- define this to use lower memory usage routines (exptmods mostly)
- */
-#define MP_LOW_MEM
-
-/*
- size of comba arrays, should be at least
- 2 * 2**(BITS_PER_WORD - BITS_PER_DIGIT*2)
- */
-#define MP_WARRAY (1 << (sizeof(mp_word) * CHAR_BIT - 2 * DIGIT_BIT + 1))
-
-typedef struct {
- int32 used, alloc, sign;
- mp_digit *dp;
-} mp_int;
-
-#define USED(m) ((m)->used)
-#define DIGIT(m,k) ((m)->dp[(k)])
-#define SIGN(m) ((m)->sign)
-
-/******************************************************************************/
-/*
- init and deinit bignum functions
- */
-
-/*
- init a bignum
- */
-extern int32 mp_init(psPool_t *pool, mp_int *a);
-
-/*
- free a bignum
- */
-extern void mp_clear(mp_int *a);
-
-/*
- init a series of arguments
- */
-extern int32 _mp_init_multi(psPool_t *pool, mp_int *mp0, mp_int *mp1, mp_int *mp2,
- mp_int *mp3, mp_int *mp4, mp_int *mp5, mp_int *mp6,
- mp_int *mp7);
-
-/*
- clear a series of arguments
- */
-extern void _mp_clear_multi(mp_int *mp0, mp_int *mp1, mp_int *mp2, mp_int *mp3,
- mp_int *mp4, mp_int *mp5, mp_int *mp6, mp_int *mp7);
-
-/*
- exchange two ints
- */
-extern void mp_exch(mp_int *a, mp_int *b);
-
-/*
- shrink ram required for a bignum
- */
-extern int32 mp_shrink(mp_int *a);
-
-/*
- grow an int32 to a given size
- */
-extern int32 mp_grow(mp_int *a, int32 size);
-
-/*
- init to a given number of digits
- */
-extern int32 mp_init_size(psPool_t *pool, mp_int *a, int32 size);
-
-/******************************************************************************/
-/*
- Basic Manipulations
- */
-#define mp_iszero(a) (((a)->used == 0) ? MP_YES : MP_NO)
-#define mp_iseven(a) (((a)->used > 0 && (((a)->dp[0] & 1) == 0)) ? MP_YES : MP_NO)
-#define mp_isodd(a) (((a)->used > 0 && (((a)->dp[0] & 1) == 1)) ? MP_YES : MP_NO)
-
-extern int32 mp_add_d (mp_int * a, mp_digit b, mp_int * c);
-extern int32 mp_sub_d (mp_int * a, mp_digit b, mp_int * c);
-/*
- set to zero
- */
-extern void mp_zero(mp_int *a);
-
-/*
- set to a digit
- */
-extern void mp_set(mp_int *a, mp_digit b);
-
-/*
- copy, b = a
- */
-extern int32 mp_copy(mp_int *a, mp_int *b);
-
-/*
- inits and copies, a = b
- */
-extern int32 mp_init_copy(psPool_t *pool, mp_int *a, mp_int *b);
-
-/*
- trim unused digits
- */
-extern void mp_clamp(mp_int *a);
-
-/******************************************************************************/
-/*
- digit manipulation
-*/
-
-/*
- right shift by "b" digits
- */
-extern void mp_rshd(mp_int *a, int32 b);
-
-/*
- left shift by "b" digits
- */
-extern int32 mp_lshd(mp_int *a, int32 b);
-
-/*
- c = a / 2**b
- */
-extern int32 mp_div_2d(psPool_t *pool, mp_int *a, int32 b, mp_int *c, mp_int *d);
-
-/*
- b = a/2
- */
-extern int32 mp_div_2(mp_int *a, mp_int *b);
-
-/*
- c = a * 2**b
- */
-extern int32 mp_mul_2d(mp_int *a, int32 b, mp_int *c);
-
-/*
- c = a mod 2**d
- */
-extern int32 mp_mod_2d(mp_int *a, int32 b, mp_int *c);
-
-/*
- computes a = 2**b
- */
-extern int32 mp_2expt(mp_int *a, int32 b);
-
-/******************************************************************************/
-/*
- Basic arithmetic
- */
-
-/*
- b = |a|
- */
-extern int32 mp_abs(mp_int *a, mp_int *b);
-
-/*
- compare a to b
- */
-extern int32 mp_cmp(mp_int *a, mp_int *b);
-
-/*
- compare |a| to |b|
- */
-extern int32 mp_cmp_mag(mp_int *a, mp_int *b);
-
-/*
- c = a + b
- */
-extern int32 mp_add(mp_int *a, mp_int *b, mp_int *c);
-
-/*
- c = a - b
- */
-extern int32 mp_sub(mp_int *a, mp_int *b, mp_int *c);
-
-/*
- c = a * b
- b = a*a
- */
-/* STEVE - moved mp_mul out of SLOW case */
-extern int32 mp_mul(psPool_t *pool, mp_int *a, mp_int *b, mp_int *c);
-#ifdef USE_SMALL_WORD
-extern int32 mp_sqr(psPool_t *pool, mp_int *a, mp_int *b);
-#endif
-
-/*
- a/b => cb + d == a
- */
-extern int32 mp_div(psPool_t *pool, mp_int *a, mp_int *b, mp_int *c, mp_int *d);
-
-/*
- c = a mod b, 0 <= c < b
- */
-extern int32 mp_mod(psPool_t *pool, mp_int *a, mp_int *b, mp_int *c);
-
-/******************************************************************************/
-/*
- single digit functions
- */
-
-/*
- compare against a single digit
- */
-extern int32 mp_cmp_d(mp_int *a, mp_digit b);
-
-/*
- c = a * b
- */
-extern int32 mp_mul_d(mp_int *a, mp_digit b, mp_int *c);
-
-/******************************************************************************/
-/*
- number theory
- */
-
-/*
- d = a + b (mod c)
- */
-extern int32 mp_addmod(psPool_t *pool, mp_int *a, mp_int *b, mp_int *c, mp_int *d);
-
-/*
- d = a * b (mod c)
- */
-extern int32 mp_mulmod(psPool_t *pool, mp_int *a, mp_int *b, mp_int *c, mp_int *d);
-
-/*
- c = 1/a (mod b)
- */
-#ifdef USE_SMALL_WORD
-extern int32 mp_invmod(psPool_t *pool, mp_int *a, mp_int *b, mp_int *c);
-#endif
-
-/*
- setups the montgomery reduction
- */
-extern int32 mp_montgomery_setup(mp_int *a, mp_digit *mp);
-
-/*
- computes a = B**n mod b without division or multiplication useful for
- normalizing numbers in a Montgomery system.
- */
-extern int32 mp_montgomery_calc_normalization(mp_int *a, mp_int *b);
-
-/*
- computes x/R == x (mod N) via Montgomery Reduction
- */
-#ifdef USE_SMALL_WORD
-extern int32 mp_montgomery_reduce(mp_int *a, mp_int *m, mp_digit mp);
-#endif
-
-/*
- d = a**b (mod c)
- */
-/* TODO - we never define this */
-extern int32 mp_exptmod(psPool_t *pool, mp_int *a, mp_int *b, mp_int *c, mp_int *d);
-
-/******************************************************************************/
-/*
- If we're using 1024 or 2048 bit keys and 28 bit digits, we only need the
- fast_ versions of these functions, removing the others to save space.
- Otherwise, we include the slow versions as well and which version to use
- is done at runtime.
-*/
-#ifdef USE_SMALL_WORD
-extern int32 s_mp_mul_digs(psPool_t *pool, mp_int *a, mp_int *b, mp_int *c,
- int32 digs);
-extern int32 s_mp_sqr(psPool_t *pool, mp_int *a, mp_int *b);
-#else
-#define mp_montgomery_reduce fast_mp_montgomery_reduce
-#define mp_sqr fast_s_mp_sqr
-#if STEVE
-#define mp_mul(P, A, B, C) fast_s_mp_mul_digs(P, A, B, C, (A)->used + (B)->used + 1)
-#endif
-#define s_mp_mul_digs fast_s_mp_mul_digs
-#define mp_invmod fast_mp_invmod
-#endif
-
-/******************************************************************************/
-/*
- radix conversion
- */
-extern int32 mp_count_bits(mp_int *a);
-
-extern int32 mp_unsigned_bin_size(mp_int *a);
-extern int32 mp_read_unsigned_bin(mp_int *a, unsigned char *b, int32 c);
-extern int32 mp_to_unsigned_bin(psPool_t *pool, mp_int *a, unsigned char *b);
-
-extern int32 mp_signed_bin_size(mp_int *a);
-
-/*
- lowlevel functions, do not call!
- */
-#if STEVE
-#ifdef USE_SMALL_WORD
-#define s_mp_mul(P, A, B, C) s_mp_mul_digs(P, A, B, C, (A)->used + (B)->used + 1)
-#else
-#define s_mp_mul(P, A, B, C) sslAssert();
-#endif
-#endif /* STEVE */
-/* define this in all cases for now STEVE */
-#define s_mp_mul(P, A, B, C) s_mp_mul_digs(P, A, B, C, (A)->used + (B)->used + 1)
-
-
-/*
- b = a*2
- */
-extern int32 mp_mul_2(mp_int *a, mp_int *b);
-
-extern int32 s_mp_add(mp_int *a, mp_int *b, mp_int *c);
-extern int32 s_mp_sub(mp_int *a, mp_int *b, mp_int *c);
-
-extern int32 fast_s_mp_mul_digs(psPool_t *pool, mp_int *a, mp_int *b, mp_int *c,
- int32 digs);
-extern int32 fast_s_mp_sqr(psPool_t *pool, mp_int *a, mp_int *b);
-
-extern int32 fast_mp_invmod(psPool_t *pool, mp_int *a, mp_int *b, mp_int *c);
-extern int32 fast_mp_montgomery_reduce(mp_int *a, mp_int *m, mp_digit mp);
-
-extern void bn_reverse(unsigned char *s, int32 len);
-
-
-#ifdef __cplusplus
- }
-#endif /* __cplusplus */
-
-#endif /* _h_MPI */
-
diff --git a/src/crypto/matrixssl/pscrypto.h b/src/crypto/matrixssl/pscrypto.h deleted file mode 100644 index 4d68432..0000000 --- a/src/crypto/matrixssl/pscrypto.h +++ /dev/null @@ -1,661 +0,0 @@ -/*
- * pscrypto.h
- * Release $Name$
- *
- * Internal definitions for PeerSec Networks MatrixSSL cryptography provider
- */
-/*
- * Copyright (c) PeerSec Networks, 2002-2006. All Rights Reserved.
- * The latest version of this code is available at http://www.matrixssl.org
- *
- * This software is open source; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This General Public License does NOT permit incorporating this software
- * into proprietary programs. If you are unable to comply with the GPL, a
- * commercial license for this software may be purchased from PeerSec Networks
- * at http://www.peersec.com
- *
- * This program is distributed in WITHOUT ANY WARRANTY; without even the
- * implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
- * See the GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
- * http://www.gnu.org/copyleft/gpl.html
- */
-/******************************************************************************/
-
-#ifndef _h_PSCRYPTO
-#define _h_PSCRYPTO
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-/*
- PeerSec crypto-specific defines.
- */
-#define SMALL_CODE
-#define CLEAN_STACK
-/*
- If Native 64 bit integers are not supported, we must set the 16 bit flag
- to produce 32 bit mp_words in mpi.h
- We must also include the slow MPI functions because the fast ones only
- work with larger (28 bit) digit sizes.
-*/
-#ifndef USE_INT64
-#define MP_16BIT
-#define USE_SMALL_WORD
-#endif /* USE_INT64 */
-
-/******************************************************************************/
-
-#ifdef USE_RSA
-
-#include "mpi.h"
-
-#if LINUX
- #define _stat stat
-#endif
-
-/* this is the "32-bit at least" data type
- * Re-define it to suit your platform but it must be at least 32-bits
- */
-typedef unsigned long ulong32;
-
-/*
- Primary RSA Key struct. Define here for crypto
-*/
-typedef struct {
- mp_int e, d, N, qP, dP, dQ, p, q;
- int32 size; /* Size of the key in bytes */
- int32 optimized; /* 1 for optimized */
-} sslRsaKey_t;
-
-#endif /* USE_RSA */
-
-
-/*
- * Private
- */
-extern int32 ps_base64_decode(const unsigned char *in, uint32 len,
- unsigned char *out, uint32 *outlen);
-
-/*
- * Memory routines
- */
-extern void psZeromem(void *dst, size_t len);
-extern void psBurnStack(unsigned long len);
-
-
-/* max size of either a cipher/hash block or symmetric key [largest of the two] */
-#define MAXBLOCKSIZE 24
-
-/* ch1-01-1 */
-/* error codes [will be expanded in future releases] */
-enum {
- CRYPT_OK=0, /* Result OK */
- CRYPT_ERROR, /* Generic Error */
- CRYPT_NOP, /* Not a failure but no operation was performed */
-
- CRYPT_INVALID_KEYSIZE, /* Invalid key size given */
- CRYPT_INVALID_ROUNDS, /* Invalid number of rounds */
- CRYPT_FAIL_TESTVECTOR, /* Algorithm failed test vectors */
-
- CRYPT_BUFFER_OVERFLOW, /* Not enough space for output */
- CRYPT_INVALID_PACKET, /* Invalid input packet given */
-
- CRYPT_INVALID_PRNGSIZE, /* Invalid number of bits for a PRNG */
- CRYPT_ERROR_READPRNG, /* Could not read enough from PRNG */
-
- CRYPT_INVALID_CIPHER, /* Invalid cipher specified */
- CRYPT_INVALID_HASH, /* Invalid hash specified */
- CRYPT_INVALID_PRNG, /* Invalid PRNG specified */
-
- CRYPT_MEM, /* Out of memory */
-
- CRYPT_PK_TYPE_MISMATCH, /* Not equivalent types of PK keys */
- CRYPT_PK_NOT_PRIVATE, /* Requires a private PK key */
-
- CRYPT_INVALID_ARG, /* Generic invalid argument */
- CRYPT_FILE_NOTFOUND, /* File Not Found */
-
- CRYPT_PK_INVALID_TYPE, /* Invalid type of PK key */
- CRYPT_PK_INVALID_SYSTEM, /* Invalid PK system specified */
- CRYPT_PK_DUP, /* Duplicate key already in key ring */
- CRYPT_PK_NOT_FOUND, /* Key not found in keyring */
- CRYPT_PK_INVALID_SIZE, /* Invalid size input for PK parameters */
-
- CRYPT_INVALID_PRIME_SIZE /* Invalid size of prime requested */
-};
-
-/******************************************************************************/
-/*
- hash defines
- */
-struct sha1_state {
-#ifdef USE_INT64
- ulong64 length;
-#else
- ulong32 lengthHi;
- ulong32 lengthLo;
-#endif /* USE_INT64 */
- ulong32 state[5], curlen;
- unsigned char buf[64];
-};
-
-struct md5_state {
-#ifdef USE_INT64
- ulong64 length;
-#else
- ulong32 lengthHi;
- ulong32 lengthLo;
-#endif /* USE_INT64 */
- ulong32 state[4], curlen;
- unsigned char buf[64];
-};
-
-#ifdef USE_MD2
-struct md2_state {
- unsigned char chksum[16], X[48], buf[16];
- unsigned long curlen;
-};
-#endif /* USE_MD2 */
-
-#ifdef USE_SHA256
-struct sha256_state {
- ulong64 length;
- ulong32 state[8], curlen;
- unsigned char buf[64];
-};
-#endif /* USE_SHA256 */
-
-typedef union {
- struct sha1_state sha1;
- struct md5_state md5;
-#ifdef USE_MD2
- struct md2_state md2;
-#endif /* USE_MD2 */
-#ifdef USE_SHA256
- struct sha256_state sha256;
-#endif
-} hash_state;
-
-typedef hash_state sslSha1Context_t;
-typedef hash_state sslMd5Context_t;
-#ifdef USE_MD2
-typedef hash_state sslMd2Context_t;
-#endif /* USE_MD2 */
-#ifdef USE_SHA256
-typedef hash_state sslSha256Context_t;
-#endif /* USE_SHA256 */
-
-typedef struct {
- unsigned char pad[64];
- union {
- sslMd5Context_t md5;
- sslSha1Context_t sha1;
- } u;
-} sslHmacContext_t;
-
-/******************************************************************************/
-/*
- RC4
- */
-#ifdef USE_ARC4
-typedef struct {
- unsigned char state[256];
- uint32 byteCount;
- unsigned char x;
- unsigned char y;
-} rc4_key;
-#endif /* USE_ARC4 */
-
-#define SSL_DES3_KEY_LEN 24
-#define SSL_DES3_IV_LEN 8
-#ifdef USE_3DES
-
-typedef struct {
- ulong32 ek[3][32], dk[3][32];
-} des3_key;
-
-/*
- A block cipher CBC structure
- */
-typedef struct {
- int32 blocklen;
- unsigned char IV[8];
- des3_key key;
- int32 explicitIV; /* 1 if yes */
-} des3_CBC;
-
-extern int32 des3_setup(const unsigned char *key, int32 keylen, int32 num_rounds,
- des3_CBC *skey);
-extern void des3_ecb_encrypt(const unsigned char *pt, unsigned char *ct,
- des3_CBC *key);
-extern void des3_ecb_decrypt(const unsigned char *ct, unsigned char *pt,
- des3_CBC *key);
-extern int32 des3_keysize(int32 *desired_keysize);
-
-extern int32 des_setup(const unsigned char *key, int32 keylen, int32 num_rounds,
- des3_CBC *skey);
-extern void des_ecb_encrypt(const unsigned char *pt, unsigned char *ct,
- des3_CBC *key);
-extern void des_ecb_decrypt(const unsigned char *ct, unsigned char *pt,
- des3_CBC *key);
-
-#endif /* USE_3DES */
-
-
-typedef union {
-#ifdef USE_ARC4
- rc4_key arc4;
-#endif
-#ifdef USE_3DES
- des3_CBC des3;
-#endif
-} sslCipherContext_t;
-
-
-/*
- Controls endianess and size of registers. Leave uncommented to get
- platform neutral [slower] code detect x86-32 machines somewhat
- */
-#if (defined(_MSC_VER) && defined(WIN32)) || (defined(__GNUC__) && (defined(__DJGPP__) || defined(__CYGWIN__) || defined(__MINGW32__) || defined(__i386__)))
- #define ENDIAN_LITTLE
- #define ENDIAN_32BITWORD
-#endif
-
-
-/* #define ENDIAN_LITTLE */
-/* #define ENDIAN_BIG */
-
-/* #define ENDIAN_32BITWORD */
-/* #define ENDIAN_64BITWORD */
-
-#if (defined(ENDIAN_BIG) || defined(ENDIAN_LITTLE)) && !(defined(ENDIAN_32BITWORD) || defined(ENDIAN_64BITWORD))
- #error You must specify a word size as well as endianess
-#endif
-
-#if !(defined(ENDIAN_BIG) || defined(ENDIAN_LITTLE))
- #define ENDIAN_NEUTRAL
-#endif
-
-/*
- helper macros
- */
-#if defined (ENDIAN_NEUTRAL)
-
-#define STORE32L(x, y) \
- { (y)[3] = (unsigned char)(((x)>>24)&255); (y)[2] = (unsigned char)(((x)>>16)&255); \
- (y)[1] = (unsigned char)(((x)>>8)&255); (y)[0] = (unsigned char)((x)&255); }
-
-#define LOAD32L(x, y) \
- { x = ((unsigned long)((y)[3] & 255)<<24) | \
- ((unsigned long)((y)[2] & 255)<<16) | \
- ((unsigned long)((y)[1] & 255)<<8) | \
- ((unsigned long)((y)[0] & 255)); }
-
-#define STORE64L(x, y) \
- { (y)[7] = (unsigned char)(((x)>>56)&255); (y)[6] = (unsigned char)(((x)>>48)&255); \
- (y)[5] = (unsigned char)(((x)>>40)&255); (y)[4] = (unsigned char)(((x)>>32)&255); \
- (y)[3] = (unsigned char)(((x)>>24)&255); (y)[2] = (unsigned char)(((x)>>16)&255); \
- (y)[1] = (unsigned char)(((x)>>8)&255); (y)[0] = (unsigned char)((x)&255); }
-
-#define LOAD64L(x, y) \
- { x = (((ulong64)((y)[7] & 255))<<56)|(((ulong64)((y)[6] & 255))<<48)| \
- (((ulong64)((y)[5] & 255))<<40)|(((ulong64)((y)[4] & 255))<<32)| \
- (((ulong64)((y)[3] & 255))<<24)|(((ulong64)((y)[2] & 255))<<16)| \
- (((ulong64)((y)[1] & 255))<<8)|(((ulong64)((y)[0] & 255))); }
-
-#define STORE32H(x, y) \
- { (y)[0] = (unsigned char)(((x)>>24)&255); (y)[1] = (unsigned char)(((x)>>16)&255); \
- (y)[2] = (unsigned char)(((x)>>8)&255); (y)[3] = (unsigned char)((x)&255); }
-
-#define LOAD32H(x, y) \
- { x = ((unsigned long)((y)[0] & 255)<<24) | \
- ((unsigned long)((y)[1] & 255)<<16) | \
- ((unsigned long)((y)[2] & 255)<<8) | \
- ((unsigned long)((y)[3] & 255)); }
-
-#define STORE64H(x, y) \
- { (y)[0] = (unsigned char)(((x)>>56)&255); (y)[1] = (unsigned char)(((x)>>48)&255); \
- (y)[2] = (unsigned char)(((x)>>40)&255); (y)[3] = (unsigned char)(((x)>>32)&255); \
- (y)[4] = (unsigned char)(((x)>>24)&255); (y)[5] = (unsigned char)(((x)>>16)&255); \
- (y)[6] = (unsigned char)(((x)>>8)&255); (y)[7] = (unsigned char)((x)&255); }
-
-#define LOAD64H(x, y) \
- { x = (((ulong64)((y)[0] & 255))<<56)|(((ulong64)((y)[1] & 255))<<48) | \
- (((ulong64)((y)[2] & 255))<<40)|(((ulong64)((y)[3] & 255))<<32) | \
- (((ulong64)((y)[4] & 255))<<24)|(((ulong64)((y)[5] & 255))<<16) | \
- (((ulong64)((y)[6] & 255))<<8)|(((ulong64)((y)[7] & 255))); }
-
-#endif /* ENDIAN_NEUTRAL */
-
-#ifdef ENDIAN_LITTLE
-
-#define STORE32H(x, y) \
- { (y)[0] = (unsigned char)(((x)>>24)&255); (y)[1] = (unsigned char)(((x)>>16)&255); \
- (y)[2] = (unsigned char)(((x)>>8)&255); (y)[3] = (unsigned char)((x)&255); }
-
-#define LOAD32H(x, y) \
- { x = ((unsigned long)((y)[0] & 255)<<24) | \
- ((unsigned long)((y)[1] & 255)<<16) | \
- ((unsigned long)((y)[2] & 255)<<8) | \
- ((unsigned long)((y)[3] & 255)); }
-
-#define STORE64H(x, y) \
- { (y)[0] = (unsigned char)(((x)>>56)&255); (y)[1] = (unsigned char)(((x)>>48)&255); \
- (y)[2] = (unsigned char)(((x)>>40)&255); (y)[3] = (unsigned char)(((x)>>32)&255); \
- (y)[4] = (unsigned char)(((x)>>24)&255); (y)[5] = (unsigned char)(((x)>>16)&255); \
- (y)[6] = (unsigned char)(((x)>>8)&255); (y)[7] = (unsigned char)((x)&255); }
-
-#define LOAD64H(x, y) \
- { x = (((ulong64)((y)[0] & 255))<<56)|(((ulong64)((y)[1] & 255))<<48) | \
- (((ulong64)((y)[2] & 255))<<40)|(((ulong64)((y)[3] & 255))<<32) | \
- (((ulong64)((y)[4] & 255))<<24)|(((ulong64)((y)[5] & 255))<<16) | \
- (((ulong64)((y)[6] & 255))<<8)|(((ulong64)((y)[7] & 255))); }
-
-#ifdef ENDIAN_32BITWORD
-
-#define STORE32L(x, y) \
- { unsigned long __t = (x); memcpy(y, &__t, 4); }
-
-#define LOAD32L(x, y) \
- memcpy(&(x), y, 4);
-
-#define STORE64L(x, y) \
- { (y)[7] = (unsigned char)(((x)>>56)&255); (y)[6] = (unsigned char)(((x)>>48)&255); \
- (y)[5] = (unsigned char)(((x)>>40)&255); (y)[4] = (unsigned char)(((x)>>32)&255); \
- (y)[3] = (unsigned char)(((x)>>24)&255); (y)[2] = (unsigned char)(((x)>>16)&255); \
- (y)[1] = (unsigned char)(((x)>>8)&255); (y)[0] = (unsigned char)((x)&255); }
-
-#define LOAD64L(x, y) \
- { x = (((ulong64)((y)[7] & 255))<<56)|(((ulong64)((y)[6] & 255))<<48)| \
- (((ulong64)((y)[5] & 255))<<40)|(((ulong64)((y)[4] & 255))<<32)| \
- (((ulong64)((y)[3] & 255))<<24)|(((ulong64)((y)[2] & 255))<<16)| \
- (((ulong64)((y)[1] & 255))<<8)|(((ulong64)((y)[0] & 255))); }
-
-#else /* 64-bit words then */
-
-#define STORE32L(x, y) \
- { unsigned long __t = (x); memcpy(y, &__t, 4); }
-
-#define LOAD32L(x, y) \
- { memcpy(&(x), y, 4); x &= 0xFFFFFFFF; }
-
-#define STORE64L(x, y) \
- { ulong64 __t = (x); memcpy(y, &__t, 8); }
-
-#define LOAD64L(x, y) \
- { memcpy(&(x), y, 8); }
-
-#endif /* ENDIAN_64BITWORD */
-#endif /* ENDIAN_LITTLE */
-
-#ifdef ENDIAN_BIG
-#define STORE32L(x, y) \
- { (y)[3] = (unsigned char)(((x)>>24)&255); (y)[2] = (unsigned char)(((x)>>16)&255); \
- (y)[1] = (unsigned char)(((x)>>8)&255); (y)[0] = (unsigned char)((x)&255); }
-
-#define LOAD32L(x, y) \
- { x = ((unsigned long)((y)[3] & 255)<<24) | \
- ((unsigned long)((y)[2] & 255)<<16) | \
- ((unsigned long)((y)[1] & 255)<<8) | \
- ((unsigned long)((y)[0] & 255)); }
-
-#define STORE64L(x, y) \
- { (y)[7] = (unsigned char)(((x)>>56)&255); (y)[6] = (unsigned char)(((x)>>48)&255); \
- (y)[5] = (unsigned char)(((x)>>40)&255); (y)[4] = (unsigned char)(((x)>>32)&255); \
- (y)[3] = (unsigned char)(((x)>>24)&255); (y)[2] = (unsigned char)(((x)>>16)&255); \
- (y)[1] = (unsigned char)(((x)>>8)&255); (y)[0] = (unsigned char)((x)&255); }
-
-#define LOAD64L(x, y) \
- { x = (((ulong64)((y)[7] & 255))<<56)|(((ulong64)((y)[6] & 255))<<48) | \
- (((ulong64)((y)[5] & 255))<<40)|(((ulong64)((y)[4] & 255))<<32) | \
- (((ulong64)((y)[3] & 255))<<24)|(((ulong64)((y)[2] & 255))<<16) | \
- (((ulong64)((y)[1] & 255))<<8)|(((ulong64)((y)[0] & 255))); }
-
-#ifdef ENDIAN_32BITWORD
-
-#define STORE32H(x, y) \
- { unsigned long __t = (x); memcpy(y, &__t, 4); }
-
-#define LOAD32H(x, y) \
- memcpy(&(x), y, 4);
-
-#define STORE64H(x, y) \
- { (y)[0] = (unsigned char)(((x)>>56)&255); (y)[1] = (unsigned char)(((x)>>48)&255); \
- (y)[2] = (unsigned char)(((x)>>40)&255); (y)[3] = (unsigned char)(((x)>>32)&255); \
- (y)[4] = (unsigned char)(((x)>>24)&255); (y)[5] = (unsigned char)(((x)>>16)&255); \
- (y)[6] = (unsigned char)(((x)>>8)&255); (y)[7] = (unsigned char)((x)&255); }
-
-#define LOAD64H(x, y) \
- { x = (((ulong64)((y)[0] & 255))<<56)|(((ulong64)((y)[1] & 255))<<48)| \
- (((ulong64)((y)[2] & 255))<<40)|(((ulong64)((y)[3] & 255))<<32)| \
- (((ulong64)((y)[4] & 255))<<24)|(((ulong64)((y)[5] & 255))<<16)| \
- (((ulong64)((y)[6] & 255))<<8)| (((ulong64)((y)[7] & 255))); }
-
-#else /* 64-bit words then */
-
-#define STORE32H(x, y) \
- { unsigned long __t = (x); memcpy(y, &__t, 4); }
-
-#define LOAD32H(x, y) \
- { memcpy(&(x), y, 4); x &= 0xFFFFFFFF; }
-
-#define STORE64H(x, y) \
- { ulong64 __t = (x); memcpy(y, &__t, 8); }
-
-#define LOAD64H(x, y) \
- { memcpy(&(x), y, 8); }
-
-#endif /* ENDIAN_64BITWORD */
-#endif /* ENDIAN_BIG */
-
-/*
- packet code */
-#if defined(USE_RSA) || defined(MDH) || defined(MECC)
- #define PACKET
-
-/*
- size of a packet header in bytes */
- #define PACKET_SIZE 4
-
-/*
- Section tags
- */
- #define PACKET_SECT_RSA 0
- #define PACKET_SECT_DH 1
- #define PACKET_SECT_ECC 2
- #define PACKET_SECT_DSA 3
-
-/*
- Subsection Tags for the first three sections
- */
- #define PACKET_SUB_KEY 0
- #define PACKET_SUB_ENCRYPTED 1
- #define PACKET_SUB_SIGNED 2
- #define PACKET_SUB_ENC_KEY 3
-#endif
-
-/*
- fix for MSVC ...evil!
- */
-#ifdef WIN32
-#ifdef _MSC_VER
- #define CONST64(n) n ## ui64
- typedef unsigned __int64 ulong64;
-#else
- #define CONST64(n) n ## ULL
- typedef unsigned long long ulong64;
-#endif
-#endif /* WIN32 */
-
-
-#define BSWAP(x) ( ((x>>24)&0x000000FFUL) | ((x<<24)&0xFF000000UL) | \
- ((x>>8)&0x0000FF00UL) | ((x<<8)&0x00FF0000UL) )
-
-#ifdef _MSC_VER
-
-/*
- instrinsic rotate
- */
-#include <stdlib.h>
-#pragma intrinsic(_lrotr,_lrotl)
-#define ROR(x,n) _lrotr(x,n)
-#define ROL(x,n) _lrotl(x,n)
-#define RORc(x,n) _lrotr(x,n)
-#define ROLc(x,n) _lrotl(x,n)
-
-/*
-#elif defined(__GNUC__) && (defined(__i386__) || defined(__x86_64__)) && !defined(INTEL_CC) && !defined(PS_NO_ASM)
-
-static inline unsigned ROL(unsigned word, int32 i)
-{
- asm ("roll %%cl,%0"
- :"0" (word),"c" (i));
- return word;
-}
-
-static inline unsigned ROR(unsigned word, int32 i)
-{
- asm ("rorl %%cl,%0"
- :"=r" (word)
- :"0" (word),"c" (i));
- return word;
-}
-*/
-/*
-#ifndef PS_NO_ROLC
-
-static inline unsigned ROLc(unsigned word, const int32 i)
-{
- asm ("roll %2,%0"
- :"=r" (word)
- :"0" (word),"I" (i));
- return word;
-}
-
-static inline unsigned RORc(unsigned word, const int32 i)
-{
- asm ("rorl %2,%0"
- :"=r" (word)
- :"0" (word),"I" (i));
- return word;
-}
-
-#else
-
-#define ROLc ROL
-#define RORc ROR
-
-#endif
-*/
-
-#else /* _MSC_VER */
-
-/*
- rotates the hard way
- */
-#define ROL(x, y) ( (((unsigned long)(x)<<(unsigned long)((y)&31)) | (((unsigned long)(x)&0xFFFFFFFFUL)>>(unsigned long)(32-((y)&31)))) & 0xFFFFFFFFUL)
-#define ROR(x, y) ( ((((unsigned long)(x)&0xFFFFFFFFUL)>>(unsigned long)((y)&31)) | ((unsigned long)(x)<<(unsigned long)(32-((y)&31)))) & 0xFFFFFFFFUL)
-#define ROLc(x, y) ( (((unsigned long)(x)<<(unsigned long)((y)&31)) | (((unsigned long)(x)&0xFFFFFFFFUL)>>(unsigned long)(32-((y)&31)))) & 0xFFFFFFFFUL)
-#define RORc(x, y) ( ((((unsigned long)(x)&0xFFFFFFFFUL)>>(unsigned long)((y)&31)) | ((unsigned long)(x)<<(unsigned long)(32-((y)&31)))) & 0xFFFFFFFFUL)
-
-#endif /* _MSC_VER */
-
-/* 64-bit Rotates */
-#if 0
-
-#if defined(__GNUC__) && defined(__x86_64__) && !defined(PS_NO_ASM)
-
-static inline unsigned long ROL64(unsigned long word, int32 i)
-{
- asm("rolq %%cl,%0"
- :"=r" (word)
- :"0" (word),"c" (i));
- return word;
-}
-
-static inline unsigned long ROR64(unsigned long word, int32 i)
-{
- asm("rorq %%cl,%0"
- :"=r" (word)
- :"0" (word),"c" (i));
- return word;
-}
-
-#ifndef PS_NO_ROLC
-
-static inline unsigned long ROL64c(unsigned long word, const int32 i)
-{
- asm("rolq %2,%0"
- :"=r" (word)
- :"0" (word),"J" (i));
- return word;
-}
-
-static inline unsigned long ROR64c(unsigned long word, const int32 i)
-{
- asm("rorq %2,%0"
- :"=r" (word)
- :"0" (word),"J" (i));
- return word;
-}
-
-#else /* PS_NO_ROLC */
-
-#define ROL64c ROL
-#define ROR64c ROR
-
-#endif /* PS_NO_ROLC */
-#endif
-#endif /* commented out */
-
-#define ROL64(x, y) \
- ( (((x)<<((ulong64)(y)&63)) | \
- (((x)&CONST64(0xFFFFFFFFFFFFFFFF))>>((ulong64)64-((y)&63)))) & CONST64(0xFFFFFFFFFFFFFFFF))
-
-#define ROR64(x, y) \
- ( ((((x)&CONST64(0xFFFFFFFFFFFFFFFF))>>((ulong64)(y)&CONST64(63))) | \
- ((x)<<((ulong64)(64-((y)&CONST64(63)))))) & CONST64(0xFFFFFFFFFFFFFFFF))
-
-#define ROL64c(x, y) \
- ( (((x)<<((ulong64)(y)&63)) | \
- (((x)&CONST64(0xFFFFFFFFFFFFFFFF))>>((ulong64)64-((y)&63)))) & CONST64(0xFFFFFFFFFFFFFFFF))
-
-#define ROR64c(x, y) \
- ( ((((x)&CONST64(0xFFFFFFFFFFFFFFFF))>>((ulong64)(y)&CONST64(63))) | \
- ((x)<<((ulong64)(64-((y)&CONST64(63)))))) & CONST64(0xFFFFFFFFFFFFFFFF))
-
-#undef MAX
-#undef MIN
-#define MAX(x, y) ( ((x)>(y))?(x):(y) )
-#define MIN(x, y) ( ((x)<(y))?(x):(y) )
-
-/*
- extract a byte portably This MSC code causes runtime errors in VS.NET,
- always use the other
- */
-/*
-#ifdef _MSC_VER
- #define byte(x, n) ((unsigned char)((x) >> (8 * (n))))
-#else
-*/
- #define byte(x, n) (((x) >> (8 * (n))) & 255)
-/*
-#endif
-*/
-#ifdef __cplusplus
- }
-#endif /* __cplusplus */
-
-#endif /* _h_PSCRYPTO */
-
-/******************************************************************************/
-
diff --git a/src/crypto/ssl.c b/src/crypto/ssl.c deleted file mode 100644 index 8abd7af..0000000 --- a/src/crypto/ssl.c +++ /dev/null @@ -1,136 +0,0 @@ -#if 0 - -#include "ssl.h" -#include "ssl_constructs.h" -#include <string.h> // for bcopy() -#include <time.h> // for time() -#include <stdlib.h> // for rand(), htons?, htonl? -// note net byte order is big-endian -// Need to set error codes - -int CreateSSLHello(SSL_t *ssl) -{ - printf("In CreateSSLHello()\n",ssl); - - // Initalize the structure - bzero(ssl,sizeof(SSL_t)); - //ssl->max_size = sizeof(ssl->buffer); - ssl->max_size = 18456; - - // Declare variables - int i; void *ptr; - - // Set pointers into buffer - SSLPlaintext *record = (SSLPlaintext *)ssl->buffer; - Handshake *handshake = (Handshake *)record->fragment; - // the body starts right after the handshake - printf("sizeof(Handshake) = %d\n",sizeof(Handshake)); - ClientHello *hello = (ClientHello *)(handshake + 1); - - printf("record->%#x, handshake->%#x, hello->%#x\n",record,handshake,hello); - - // Construct ClientHello Message - hello->client_version = version; - i = htonl(time(NULL)); - bcopy(&i,hello->random.gmt_unix_time,4); - for(i=0;i<28;i++){ hello->random.random_bytes[i] = (uint8)rand(); } - hello->session_id_length = 0; - hello->session_id = &hello->session_id_length; - hello->session_id_end = hello->session_id; - hello->cipher_suites_length = (CipherSuiteLength *)(hello->session_id_end + 1); - hello->cipher_suites = (hello->cipher_suites_length + 1); - hello->cipher_suites_end = hello->cipher_suites; - i = htons(2*5); // 2 bytes per Suite * 5 Suites - bcopy(&i,hello->cipher_suites_length,2); - bcopy(SSL_NULL_WITH_NULL_NULL,hello->cipher_suites_end,sizeof(CipherSuite)); - *hello->cipher_suites_end++; - bcopy(SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA,hello->cipher_suites_end,sizeof(CipherSuite)); - *hello->cipher_suites_end++; - bcopy(SSL_DH_DSS_WITH_DES_CBC_SHA,hello->cipher_suites_end,sizeof(CipherSuite)); - *hello->cipher_suites_end++; - bcopy(SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA,hello->cipher_suites_end,sizeof(CipherSuite)); - *hello->cipher_suites_end++; - bcopy(SSL_DH_anon_WITH_RC4_128_MD5,hello->cipher_suites_end,sizeof(CipherSuite)); - hello->compression_methods_length = (CompressionMethodLength *)(hello->cipher_suites_end + 1); - hello->compression_methods = (hello->compression_methods_length + 1); - hello->compression_methods_end = hello->compression_methods; - *hello->compression_methods_length = 1; - *hello->compression_methods_end = compression_method_null; - - // Construct Handshake Message - handshake->msg_type = handshake_type_client_hello; - i = (void *)(hello->compression_methods_end + 1) - (void *)hello; - printf("Handshake.length = %d\n", i); - handshake->length[0] = (char)*(&i+8); - handshake->length[1] = (char)*(&i+8); - handshake->length[2] = (char)i; - //bcopy((&i+1),handshake->length,3); // +1 so we copy 3 bytes - - // Construct SSL Record - printf("sizeof(ContentType)=%d\n",sizeof(ContentType)); - printf("sizeof(uint8)=%d\n",sizeof(uint8)); - record->type = content_type_handshake; - record->version = version; - i += sizeof(Handshake); - printf("SSLPlaintext.length = %d\n",i); - record->length[0] = (char)*(&i+8); - record->length[1] = (char)i; - //bcopy(&i,record->length,4); // length of handshake - - // Set total size of message - i += sizeof(ContentType) + sizeof(ProtocolVersion) + sizeof(uint16); - ssl->length = i; - printf("End of CreateSSLHello\n"); - return 0; -} - -void PrintSSLPacket(SSL_t *ssl) -{ - printf("Printing packet with length:%d\n", ssl->length); - char *ptr = ssl->buffer; - char *begin = ptr; - char *tmp; - char *end = ssl->buffer + ssl->length; - printf("Record Layer:\n"); - printf("\tContentType: %2hhX\n",(char)*ptr++); - printf("\tVersion: %2hhX %2hhX\n", (char)*ptr++, (char)*ptr++); - printf("\tLength: %2hhX %2hhX\n", (char)*ptr++, (char)*ptr++); - - printf("Handshake:\n"); - printf("\tType: %2hhX\n", (char)*ptr++); - printf("\tLength: %2hhX %2hhX %2hhX\n", (char)*ptr++, (char)*ptr++, (char)*ptr++); - printf("\tVersion: %2hhX %2hhX\n", (char)*ptr++, (char)*ptr++); - printf("\tgmt_unix_time: %2hhX %2hhX %2hhX %2hhX\n", (char)*ptr++, (char)*ptr++, (char)*ptr++, (char)*ptr++); - printf("\trandom: "); - tmp = ptr + 28; - for(;ptr<tmp;ptr++){printf("%2hhX ", (char)*ptr);} - - printf("\n\nHexDump:\n"); - - int ctr = 0; - for(;begin<end;begin++){printf("%2hhX ",(char)*begin);if(++ctr%10==0){printf("\n");}} - printf("\n\n"); -} - -int ReadSSLHello(SSL_t *ssl) -{ - SSLCiphertext *ct = (SSLCiphertext *)ssl->buffer; - - if(ct->type == content_type_alert){ - // assuming text is still plaintext - Alert *a = (Alert *)&ct->fragment; - if(a->level == alert_level_fatal){ - printf("Fatal Alert %d, connection terminated\n",a->description); - return (1); - }else if(a->level == alert_level_warning){ - printf("Warning Alert %d\n", a->description); - }else{ - printf("Unknown alert level %d\n", a->level); - } - }else{ - printf("SSL type %d\n",ct->type); - } - return (0); -} - -#endif diff --git a/src/crypto/ssl.h b/src/crypto/ssl.h deleted file mode 100644 index 06d4300..0000000 --- a/src/crypto/ssl.h +++ /dev/null @@ -1,19 +0,0 @@ -// At the moment I have hard coded one buffer. The size -// is the max size of SSLCiphertext.length (so, actually it should -// be increased to include the other information in the struct) -// I might need to make a new, or split the current, buffer because -// I have to have space to read in and write out, as well as keep -// any data that has not been translated. -// It works for now. -typedef struct _ssl_t{ - char buffer[18456]; - int length; - int max_size; // can't define const here - // Current CipherSuite - // Client random / Server random ??? - // pointers to different crypto functions -} SSL_t; - -int CreateSSLHello(SSL_t *ssl); -int ReadSSLHello(SSL_t *ssl); -void PrintSSLPacket(SSL_t *ssl); diff --git a/src/crypto/ssl_constructs.h b/src/crypto/ssl_constructs.h deleted file mode 100644 index ab3aa70..0000000 --- a/src/crypto/ssl_constructs.h +++ /dev/null @@ -1,342 +0,0 @@ -// Note: This file still needs some work. -// Note: I had to redefine the enums to a set of const values, -// so that the size of the variable would be correct. - -// Typedefs -// (As defined by the SSL v3.0 RFC Draft) -// URL: http://wp.netscape.com/eng/ssl3/draft302.txt -typedef unsigned char uint8; -typedef uint8 uint16[2]; -typedef uint8 uint24[3]; -typedef uint8 uint32[4]; -typedef uint8 uint64[8]; - -// Record layers -typedef struct _ProtocolVersion{ - uint8 major, minor; -} ProtocolVersion; - -const ProtocolVersion version = { 3, 0 }; - -typedef uint8 ContentType; -const ContentType content_type_change_cipher_spec_type = 20; -const ContentType content_type_alert = 21; -const ContentType content_type_handshake = 22; -const ContentType content_type_application_data = 23; - -typedef struct _SSLPlaintext{ - ContentType type; - ProtocolVersion version; - uint16 length; // can not exceed 2^14 bytes - uint8 fragment[16384]; // 2^14 = 16,384 bytes -} SSLPlaintext; - -typedef struct _SSLCompressed{ - ContentType type; - ProtocolVersion version; - uint16 length; // can not exceed 2^14 + 1024 - uint8 fragment[17408]; // SSLCompressed.length -} SSLCompressed; - -typedef struct _SSLCiphertext{ - ContentType type; - ProtocolVersion version; - uint16 length; - uint8 fragment; // so we have a pointer to the data, and don't have to do math - // fragment; type GenericStreamCipher or GenericBlockCipher -} SSLCiphertext; // recast to get fragment - -typedef struct _GenericStreamCipher{ - uint8 content[17408]; // SSLCompressed.length - uint8 MAC[]; // CipherSpec.hash_size -} GenericStreamCipher; - -typedef struct _SSLStreamCiphertext{ - ContentType type; - ProtocolVersion version; - uint16 length; // can not exceed 2^14 + 2048 = 18,456 - GenericStreamCipher fragment; -} SSLStreamCiphertext; - -typedef struct _GenericBlockCipher{ - uint8 content[17408]; // SSLConpressed.length - uint8 MAC[0]; // CipherSpec.hash_size - // padding is used to bring the plaintext to - // a multiple of the block cipher's block length. - uint8 padding[0]; // GenericBlockCipher.padding_length - uint8 padding_length; -} GenericBlockCipher; - -typedef struct _SSLBlockCiphertext{ - ContentType type; - ProtocolVersion version; - uint16 length; // can not exceed 2^14 + 2048 = 18,456 - GenericBlockCipher fragment; -} SSLBlockCiphertext; - -// Change cipher specs message -typedef struct _ChangeCipherSpec{ - enum { type_change_cipher_spec=1, type_size=255 } type; -} ChangeCipherSpec; - -// Alert messages -typedef uint8 AlertLevel; -const AlertLevel alert_level_warning = 1; -const AlertLevel alert_level_fatal=2; - -typedef uint8 AlertDescription; -const AlertDescription alert_description_close_notify = 0; -const AlertDescription alert_description_unexpected_message = 10; -const AlertDescription alert_description_bad_record_mac = 20; -const AlertDescription alert_description_decompression_failure = 30; -const AlertDescription alert_description_handshake_failure = 40; -const AlertDescription alert_description_no_certificate = 41; -const AlertDescription alert_description_bad_certificate = 42; -const AlertDescription alert_description_unsupported_certificate = 43; -const AlertDescription alert_description_certificate_revoked = 44; -const AlertDescription alert_description_certificate_expired = 45; -const AlertDescription alert_description_certificate_unknown = 46; -const AlertDescription alert_description_illegal_parameter = 47; - -typedef struct _Alert{ - AlertLevel level; - AlertDescription description; -} Alert; - -// Handshake protocol -// What is the best way to have a generic pointer to the body struct?? -typedef uint8 HandshakeType; -const HandshakeType handshake_type_hello_request = 0; -const HandshakeType handshake_type_client_hello = 1; -const HandshakeType handshake_type_server_hello = 2; -const HandshakeType handshake_type_certificate = 11; -const HandshakeType handshake_type_server_key_exchange = 12; -const HandshakeType handshake_type_certificate_request = 13; -const HandshakeType handshake_type_server_done = 14; -const HandshakeType handshake_type_certificate_verify = 15; -const HandshakeType handshake_type_client_key_exchange = 16; -const HandshakeType handshake_type_finished = 20; - -typedef struct _Handshake{ - HandshakeType msg_type; - uint24 length; - // body; // one of HandshakeType structs -} Handshake; // generic Handshake, need to recast to get body - -// Hello messages -typedef struct _HelloRequest{} HelloRequest; - -typedef struct _HelloRequestHandshake{ - HandshakeType msg_type; - uint24 length; - HelloRequest body; -} HelloRequestHandshake; - -typedef struct _Random{ - uint32 gmt_unix_time; - uint8 random_bytes[28]; -} Random; - -//typedef uint8 SessionID[32]; // <0..32> -typedef uint8 SessionIDLength; -typedef uint8 SessionID; - -typedef uint16 CipherSuiteLength; -typedef uint8 CipherSuite[2]; - -typedef uint8 CompressionMethodLength; -typedef uint8 CompressionMethod; -const CompressionMethod compression_method_null = 0; - - -typedef struct _ClientHello{ - ProtocolVersion client_version; - Random random; - SessionIDLength session_id_length; - SessionID *session_id; - SessionID *session_id_end; - CipherSuiteLength *cipher_suites_length; - CipherSuite *cipher_suites; // min size is one entry - CipherSuite *cipher_suites_end; - //CipherSuite cipher_suites[32768]; // <2..2^16-1> = 65,536 bytes and CipherSuite is 2 bytes - CompressionMethodLength *compression_methods_length; - CompressionMethod *compression_methods; - CompressionMethod *compression_methods_end; - //CompressionMethod *compression_methods; // min size is zero - //CompressionMethod compression_methods[256]; // <0..2^8-1> = 256 bytes and CompressionMethod is 1 byte -} ClientHello; - -typedef struct _ClientHelloHandshake{ - //HandshakeType msg_type; - uint8 msg_type; - uint24 length; - ClientHello body; -} ClientHelloHandshake; - -typedef struct _ServerHello{ - ProtocolVersion server_version; - Random random; - SessionID session_id; - CipherSuite cipher_suite; - CompressionMethod compression_method; -} ServerHello; - -typedef struct _ServerHelloHandshake{ - HandshakeType msg_type; - uint24 length; - ServerHello body; -} ServerHelloHandshake; - -// Server authentication and key exchange messages -typedef uint8 ASN1Cert[16777216]; // <1..2^24-1> = 16,777,216 bytes - -typedef struct _Certificate{ - ASN1Cert certificate_list[1]; // <1..2^24-1> / ANS1Cert = 1 - // for some reason the size of certificate_list and ASN1Cert is the same, so only one certificate in the list -} Certificate; - -typedef uint8 KeyExchangeAlgorithm; -const KeyExchangeAlgorithm key_exchange_algorithm_rsa = 0; -const KeyExchangeAlgorithm key_exchange_algorithm_diffie_hellman = 1; -const KeyExchangeAlgorithm key_exchange_algorithm_fortezza_kea = 2; - -typedef struct _AnonSignature{ - struct {}; -} AnonSignature; - -typedef struct _RSASignature{ - uint8 md5_hash[16]; - uint8 sha_hash[20]; -} RSASignature; - -typedef struct _DSASignature{ - uint8 sha_hash[20]; -} DSASignature; - -// use union??, make a mess to reference, but easy to make Signature type. -typedef union _Signature{ AnonSignature anon; RSASignature rsa; DSASignature dsa; } Signature; - -typedef struct _ServerRSAParams{ - uint8 RSA_modulus[65536]; // <1..2^16-1> = 65,536 - uint8 RSA_exponent[65536]; // <1..2^16-1> = 65,536 -} ServerRSAParams; - -typedef struct _ServerDHParams{ - uint8 DH_p[65536]; // <1..2^16-1> - uint8 DH_g[65536]; // <1..2^16-1> - uint8 DH_Ys[65536]; // <1..2^16-1> -} ServerDHParams; - -typedef struct _ServerDHKeyExchange{ - ServerDHParams params; - Signature signed_params; -} ServerDHKeyExchange; - -typedef struct _ServerRSAKeyExchange{ - ServerRSAParams params; - Signature signed_params; -} ServerRSAKeyExchange; - -typedef uint8 SignatureAlgorithm; -const SignatureAlgorithm signature_algorithm_anonymous = 0; -const SignatureAlgorithm signature_algorithm_rsa = 1; -const SignatureAlgorithm signature_algorithm_dsa = 2; - -typedef uint8 CertificateType; -const CertificateType certificate_type_RSA_sign = 1; -const CertificateType certificate_type_DSS_sign = 2; -const CertificateType certificate_type_RSA_fixed_DH = 3; -const CertificateType certificate_type_DSS_fixed_DH = 4; -const CertificateType certificate_type_RSA_ephemeral_DH = 5; -const CertificateType certificate_type_DSS_ephemeral_DH = 6; -const CertificateType certificate_type_FORTEZZA_MISSI = 20; - -typedef uint8 DistinguishedName[65536]; // <1..2^16-1> = 65,536 - -typedef struct _CertificateRequest{ - CertificateType certificate_types[256]; // <1..2^8-1> - DistinguishedName certificate_authorities[1]; // <3...2^16-1> / DistinguishedName - // this is another one that is odd with a list size of 1 -} CertificateRequest; - -typedef struct _ServerHelloDone{} ServerHelloDone; - -// Client authentication and key exchange messages -typedef struct _PreMasterSecret{ - ProtocolVersion client_version; - uint8 random[46]; -} PreMasterSecret; - -typedef struct _EncryptedPreMasterSecret{ - PreMasterSecret pre_master_secret; -} EncryptedPreMasterSecret; - -typedef struct _RSAClientKeyExchange{ - EncryptedPreMasterSecret exchange_keys; -} RSAClientKeyExchange; - -typedef uint8 PublicValueEncoding; -const PublicValueEncoding public_value_encoding_implicit = 0; -const PublicValueEncoding public_value_encoding_explicit = 1; - -typedef struct _ClientDiffieHellmanPublic{ - // This is a select on PublicValueEncoding, and I chose the larger size - uint8 dh_public[65536]; // DH_Yc<1..2^16-1>, the dh public value -} ClientDiffieHellmanPublic; - -typedef struct _DHClientKeyExhange{ - ClientDiffieHellmanPublic exchange_keys; -} DHClientKeyExchange; - -typedef struct _CertificateVerify{ - Signature signature; -} CertificateVerify; - -// Handshake finalization message -typedef struct _Finished{ - uint8 md5_hash[16]; - uint8 sha_hash[20]; -} Finished; - -// The CipherSuite -CipherSuite SSL_NULL_WITH_NULL_NULL = { 0x00, 0x13 }; -CipherSuite SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA = { 0x00, 0x0B }; -CipherSuite SSL_DH_DSS_WITH_DES_CBC_SHA = { 0x00, 0x0C }; -CipherSuite SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA = { 0x00, 0x11 }; -CipherSuite SSL_DH_anon_EXPORT_WITH_RC4_40_MD5 = { 0x00, 0x17 }; -CipherSuite SSL_DH_anon_WITH_RC4_128_MD5 = { 0x00, 0x18 }; - -// The CipherSpec -typedef uint8 CipherType; -const CipherType cipher_type_stream = 0; -const CipherType cipher_type_block = 1; - -typedef uint8 IsExportable; -const IsExportable is_exportable_true = 0; -const IsExportable is_exportable_false = 1; - -typedef uint8 BulkCipherAlgorithm; -const BulkCipherAlgorithm bulk_cipher_algorithm_null = 0; -const BulkCipherAlgorithm bulk_cipher_algorithm_rc4 = 1; -const BulkCipherAlgorithm bulk_cipher_algorithm_rc2 = 2; -const BulkCipherAlgorithm bulk_cipher_algorithm_des = 3; -const BulkCipherAlgorithm bulk_cipher_algorithm_3des = 4; -const BulkCipherAlgorithm bulk_cipher_algorithm_des40 = 5; -const BulkCipherAlgorithm bulk_cipher_algorithm_fortezza = 6; - -typedef uint8 MACAlgorithm; -const MACAlgorithm mac_algorithm_null = 0; -const MACAlgorithm mac_algorithm_md5 = 1; -const MACAlgorithm mac_algorithm_sha = 2; - -typedef struct _CipherSpec{ - BulkCipherAlgorithm bulk_cipher_algorithm; - MACAlgorithm mac_algorithm; - CipherType cipher_type; - IsExportable is_exportable; - uint8 hash_size; - uint8 key_material; - uint8 IV_size; -} CipherSpec; - - |