lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-29 11:41:15 +03:00
Code Activity

The Great Renaming

Browse Source 
A simple execution of tmp/invoke-rename.pl
This commit is contained in:
Manuel Pégourié-Gonnard
2015-04-08 12:49:31 +02:00
parent b5904d25ef
commit 2cf5a7c98e
291 changed files with 36012 additions and 36012 deletions
Download Patch File Download Diff File Expand all files Collapse all files

274
library/aes.c
View File

@ -26,37 +26,37 @@
* http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_AES_C)
#if defined(MBEDTLS_AES_C)
#include <string.h>
#include "mbedtls/aes.h"
#if defined(POLARSSL_PADLOCK_C)
#if defined(MBEDTLS_PADLOCK_C)
#include "mbedtls/padlock.h"
#endif
#if defined(POLARSSL_AESNI_C)
#if defined(MBEDTLS_AESNI_C)
#include "mbedtls/aesni.h"
#endif
#if defined(POLARSSL_SELF_TEST)
#if defined(POLARSSL_PLATFORM_C)
#if defined(MBEDTLS_SELF_TEST)
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#include <stdio.h>
#define polarssl_printf printf
#endif /* POLARSSL_PLATFORM_C */
#endif /* POLARSSL_SELF_TEST */
#define mbedtls_printf printf
#endif /* MBEDTLS_PLATFORM_C */
#endif /* MBEDTLS_SELF_TEST */
#if !defined(POLARSSL_AES_ALT)
#if !defined(MBEDTLS_AES_ALT)
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
@ -83,12 +83,12 @@ static void polarssl_zeroize( void *v, size_t n ) {
}
#endif
#if defined(POLARSSL_PADLOCK_C) && \
( defined(POLARSSL_HAVE_X86) || defined(PADLOCK_ALIGN16) )
#if defined(MBEDTLS_PADLOCK_C) && \
( defined(MBEDTLS_HAVE_X86) || defined(MBEDTLS_PADLOCK_ALIGN16) )
static int aes_padlock_ace = -1;
#endif
#if defined(POLARSSL_AES_ROM_TABLES)
#if defined(MBEDTLS_AES_ROM_TABLES)
/*
* Forward S-box
*/
@ -353,7 +353,7 @@ static const uint32_t RCON[10] =
0x0000001B, 0x00000036
};
#else /* POLARSSL_AES_ROM_TABLES */
#else /* MBEDTLS_AES_ROM_TABLES */
/*
* Forward S-box & tables
@ -463,31 +463,31 @@ static void aes_gen_tables( void )
}
}
#endif /* POLARSSL_AES_ROM_TABLES */
#endif /* MBEDTLS_AES_ROM_TABLES */
void aes_init( aes_context *ctx )
void mbedtls_aes_init( mbedtls_aes_context *ctx )
{
memset( ctx, 0, sizeof( aes_context ) );
memset( ctx, 0, sizeof( mbedtls_aes_context ) );
}
void aes_free( aes_context *ctx )
void mbedtls_aes_free( mbedtls_aes_context *ctx )
{
if( ctx == NULL )
return;
polarssl_zeroize( ctx, sizeof( aes_context ) );
mbedtls_zeroize( ctx, sizeof( mbedtls_aes_context ) );
}
/*
* AES key schedule (encryption)
*/
int aes_setkey_enc( aes_context *ctx, const unsigned char *key,
int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key,
unsigned int keysize )
{
unsigned int i;
uint32_t *RK;
#if !defined(POLARSSL_AES_ROM_TABLES)
#if !defined(MBEDTLS_AES_ROM_TABLES)
if( aes_init_done == 0 )
{
aes_gen_tables();
@ -501,22 +501,22 @@ int aes_setkey_enc( aes_context *ctx, const unsigned char *key,
case 128: ctx->nr = 10; break;
case 192: ctx->nr = 12; break;
case 256: ctx->nr = 14; break;
default : return( POLARSSL_ERR_AES_INVALID_KEY_LENGTH );
default : return( MBEDTLS_ERR_AES_INVALID_KEY_LENGTH );
}
#if defined(POLARSSL_PADLOCK_C) && defined(PADLOCK_ALIGN16)
#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_PADLOCK_ALIGN16)
if( aes_padlock_ace == -1 )
aes_padlock_ace = padlock_supports( PADLOCK_ACE );
aes_padlock_ace = mbedtls_padlock_supports( MBEDTLS_PADLOCK_ACE );
if( aes_padlock_ace )
ctx->rk = RK = PADLOCK_ALIGN16( ctx->buf );
ctx->rk = RK = MBEDTLS_PADLOCK_ALIGN16( ctx->buf );
else
#endif
ctx->rk = RK = ctx->buf;
#if defined(POLARSSL_AESNI_C) && defined(POLARSSL_HAVE_X86_64)
if( aesni_supports( POLARSSL_AESNI_AES ) )
return( aesni_setkey_enc( (unsigned char *) ctx->rk, key, keysize ) );
#if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64)
if( mbedtls_aesni_supports( MBEDTLS_AESNI_AES ) )
return( mbedtls_aesni_setkey_enc( (unsigned char *) ctx->rk, key, keysize ) );
#endif
for( i = 0; i < ( keysize >> 5 ); i++ )
@ -593,36 +593,36 @@ int aes_setkey_enc( aes_context *ctx, const unsigned char *key,
/*
* AES key schedule (decryption)
*/
int aes_setkey_dec( aes_context *ctx, const unsigned char *key,
int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key,
unsigned int keysize )
{
int i, j, ret;
aes_context cty;
mbedtls_aes_context cty;
uint32_t *RK;
uint32_t *SK;
aes_init( &cty );
mbedtls_aes_init( &cty );
#if defined(POLARSSL_PADLOCK_C) && defined(PADLOCK_ALIGN16)
#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_PADLOCK_ALIGN16)
if( aes_padlock_ace == -1 )
aes_padlock_ace = padlock_supports( PADLOCK_ACE );
aes_padlock_ace = mbedtls_padlock_supports( MBEDTLS_PADLOCK_ACE );
if( aes_padlock_ace )
ctx->rk = RK = PADLOCK_ALIGN16( ctx->buf );
ctx->rk = RK = MBEDTLS_PADLOCK_ALIGN16( ctx->buf );
else
#endif
ctx->rk = RK = ctx->buf;
/* Also checks keysize */
if( ( ret = aes_setkey_enc( &cty, key, keysize ) ) != 0 )
if( ( ret = mbedtls_aes_setkey_enc( &cty, key, keysize ) ) != 0 )
goto exit;
ctx->nr = cty.nr;
#if defined(POLARSSL_AESNI_C) && defined(POLARSSL_HAVE_X86_64)
if( aesni_supports( POLARSSL_AESNI_AES ) )
#if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64)
if( mbedtls_aesni_supports( MBEDTLS_AESNI_AES ) )
{
aesni_inverse_key( (unsigned char *) ctx->rk,
mbedtls_aesni_inverse_key( (unsigned char *) ctx->rk,
(const unsigned char *) cty.rk, ctx->nr );
goto exit;
}
@ -652,7 +652,7 @@ int aes_setkey_dec( aes_context *ctx, const unsigned char *key,
*RK++ = *SK++;
exit:
aes_free( &cty );
mbedtls_aes_free( &cty );
return( ret );
}
@ -706,7 +706,7 @@ exit:
/*
* AES-ECB block encryption/decryption
*/
int aes_crypt_ecb( aes_context *ctx,
int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx,
int mode,
const unsigned char input[16],
unsigned char output[16] )
@ -714,15 +714,15 @@ int aes_crypt_ecb( aes_context *ctx,
int i;
uint32_t *RK, X0, X1, X2, X3, Y0, Y1, Y2, Y3;
#if defined(POLARSSL_AESNI_C) && defined(POLARSSL_HAVE_X86_64)
if( aesni_supports( POLARSSL_AESNI_AES ) )
return( aesni_crypt_ecb( ctx, mode, input, output ) );
#if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64)
if( mbedtls_aesni_supports( MBEDTLS_AESNI_AES ) )
return( mbedtls_aesni_crypt_ecb( ctx, mode, input, output ) );
#endif
#if defined(POLARSSL_PADLOCK_C) && defined(POLARSSL_HAVE_X86)
#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86)
if( aes_padlock_ace )
{
if( padlock_xcryptecb( ctx, mode, input, output ) == 0 )
if( mbedtls_padlock_xcryptecb( ctx, mode, input, output ) == 0 )
return( 0 );
// If padlock data misaligned, we just fall back to
@ -738,7 +738,7 @@ int aes_crypt_ecb( aes_context *ctx,
GET_UINT32_LE( X2, input, 8 ); X2 ^= *RK++;
GET_UINT32_LE( X3, input, 12 ); X3 ^= *RK++;
if( mode == AES_DECRYPT )
if( mode == MBEDTLS_AES_DECRYPT )
{
for( i = ( ctx->nr >> 1 ) - 1; i > 0; i-- )
{
@ -772,7 +772,7 @@ int aes_crypt_ecb( aes_context *ctx,
( (uint32_t) RSb[ ( Y1 >> 16 ) & 0xFF ] << 16 ) ^
( (uint32_t) RSb[ ( Y0 >> 24 ) & 0xFF ] << 24 );
}
else /* AES_ENCRYPT */
else /* MBEDTLS_AES_ENCRYPT */
{
for( i = ( ctx->nr >> 1 ) - 1; i > 0; i-- )
{
@ -815,11 +815,11 @@ int aes_crypt_ecb( aes_context *ctx,
return( 0 );
}
#if defined(POLARSSL_CIPHER_MODE_CBC)
#if defined(MBEDTLS_CIPHER_MODE_CBC)
/*
* AES-CBC buffer encryption/decryption
*/
int aes_crypt_cbc( aes_context *ctx,
int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
int mode,
size_t length,
unsigned char iv[16],
@ -830,12 +830,12 @@ int aes_crypt_cbc( aes_context *ctx,
unsigned char temp[16];
if( length % 16 )
return( POLARSSL_ERR_AES_INVALID_INPUT_LENGTH );
return( MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH );
#if defined(POLARSSL_PADLOCK_C) && defined(POLARSSL_HAVE_X86)
#if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86)
if( aes_padlock_ace )
{
if( padlock_xcryptcbc( ctx, mode, length, iv, input, output ) == 0 )
if( mbedtls_padlock_xcryptcbc( ctx, mode, length, iv, input, output ) == 0 )
return( 0 );
// If padlock data misaligned, we just fall back to
@ -844,12 +844,12 @@ int aes_crypt_cbc( aes_context *ctx,
}
#endif
if( mode == AES_DECRYPT )
if( mode == MBEDTLS_AES_DECRYPT )
{
while( length > 0 )
{
memcpy( temp, input, 16 );
aes_crypt_ecb( ctx, mode, input, output );
mbedtls_aes_crypt_ecb( ctx, mode, input, output );
for( i = 0; i < 16; i++ )
output[i] = (unsigned char)( output[i] ^ iv[i] );
@ -868,7 +868,7 @@ int aes_crypt_cbc( aes_context *ctx,
for( i = 0; i < 16; i++ )
output[i] = (unsigned char)( input[i] ^ iv[i] );
aes_crypt_ecb( ctx, mode, output, output );
mbedtls_aes_crypt_ecb( ctx, mode, output, output );
memcpy( iv, output, 16 );
input += 16;
@ -879,13 +879,13 @@ int aes_crypt_cbc( aes_context *ctx,
return( 0 );
}
#endif /* POLARSSL_CIPHER_MODE_CBC */
#endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(POLARSSL_CIPHER_MODE_CFB)
#if defined(MBEDTLS_CIPHER_MODE_CFB)
/*
* AES-CFB128 buffer encryption/decryption
*/
int aes_crypt_cfb128( aes_context *ctx,
int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx,
int mode,
size_t length,
size_t *iv_off,
@ -896,12 +896,12 @@ int aes_crypt_cfb128( aes_context *ctx,
int c;
size_t n = *iv_off;
if( mode == AES_DECRYPT )
if( mode == MBEDTLS_AES_DECRYPT )
{
while( length-- )
{
if( n == 0 )
aes_crypt_ecb( ctx, AES_ENCRYPT, iv, iv );
mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, iv, iv );
c = *input++;
*output++ = (unsigned char)( c ^ iv[n] );
@ -915,7 +915,7 @@ int aes_crypt_cfb128( aes_context *ctx,
while( length-- )
{
if( n == 0 )
aes_crypt_ecb( ctx, AES_ENCRYPT, iv, iv );
mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, iv, iv );
iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ );
@ -931,7 +931,7 @@ int aes_crypt_cfb128( aes_context *ctx,
/*
* AES-CFB8 buffer encryption/decryption
*/
int aes_crypt_cfb8( aes_context *ctx,
int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx,
int mode,
size_t length,
unsigned char iv[16],
@ -944,14 +944,14 @@ int aes_crypt_cfb8( aes_context *ctx,
while( length-- )
{
memcpy( ov, iv, 16 );
aes_crypt_ecb( ctx, AES_ENCRYPT, iv, iv );
mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, iv, iv );
if( mode == AES_DECRYPT )
if( mode == MBEDTLS_AES_DECRYPT )
ov[16] = *input;
c = *output++ = (unsigned char)( iv[0] ^ *input++ );
if( mode == AES_ENCRYPT )
if( mode == MBEDTLS_AES_ENCRYPT )
ov[16] = c;
memcpy( iv, ov + 1, 16 );
@ -959,13 +959,13 @@ int aes_crypt_cfb8( aes_context *ctx,
return( 0 );
}
#endif /*POLARSSL_CIPHER_MODE_CFB */
#endif /*MBEDTLS_CIPHER_MODE_CFB */
#if defined(POLARSSL_CIPHER_MODE_CTR)
#if defined(MBEDTLS_CIPHER_MODE_CTR)
/*
* AES-CTR buffer encryption/decryption
*/
int aes_crypt_ctr( aes_context *ctx,
int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx,
size_t length,
size_t *nc_off,
unsigned char nonce_counter[16],
@ -979,7 +979,7 @@ int aes_crypt_ctr( aes_context *ctx,
while( length-- )
{
if( n == 0 ) {
aes_crypt_ecb( ctx, AES_ENCRYPT, nonce_counter, stream_block );
mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, nonce_counter, stream_block );
for( i = 16; i > 0; i-- )
if( ++nonce_counter[i - 1] != 0 )
@ -995,11 +995,11 @@ int aes_crypt_ctr( aes_context *ctx,
return( 0 );
}
#endif /* POLARSSL_CIPHER_MODE_CTR */
#endif /* MBEDTLS_CIPHER_MODE_CTR */
#endif /* !POLARSSL_AES_ALT */
#endif /* !MBEDTLS_AES_ALT */
#if defined(POLARSSL_SELF_TEST)
#if defined(MBEDTLS_SELF_TEST)
/*
* AES test vectors from:
*
@ -1025,7 +1025,7 @@ static const unsigned char aes_test_ecb_enc[3][16] =
0xFF, 0x30, 0xB4, 0xEA, 0x21, 0x63, 0x6D, 0xA4 }
};
#if defined(POLARSSL_CIPHER_MODE_CBC)
#if defined(MBEDTLS_CIPHER_MODE_CBC)
static const unsigned char aes_test_cbc_dec[3][16] =
{
{ 0xFA, 0xCA, 0x37, 0xE0, 0xB0, 0xC8, 0x53, 0x73,
@ -1045,9 +1045,9 @@ static const unsigned char aes_test_cbc_enc[3][16] =
{ 0xFE, 0x3C, 0x53, 0x65, 0x3E, 0x2F, 0x45, 0xB5,
0x6F, 0xCD, 0x88, 0xB2, 0xCC, 0x89, 0x8F, 0xF0 }
};
#endif /* POLARSSL_CIPHER_MODE_CBC */
#endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(POLARSSL_CIPHER_MODE_CFB)
#if defined(MBEDTLS_CIPHER_MODE_CFB)
/*
* AES-CFB128 test vectors from:
*
@ -1111,9 +1111,9 @@ static const unsigned char aes_test_cfb128_ct[3][64] =
0x75, 0xA3, 0x85, 0x74, 0x1A, 0xB9, 0xCE, 0xF8,
0x20, 0x31, 0x62, 0x3D, 0x55, 0xB1, 0xE4, 0x71 }
};
#endif /* POLARSSL_CIPHER_MODE_CFB */
#endif /* MBEDTLS_CIPHER_MODE_CFB */
#if defined(POLARSSL_CIPHER_MODE_CTR)
#if defined(MBEDTLS_CIPHER_MODE_CTR)
/*
* AES-CTR test vectors from:
*
@ -1174,32 +1174,32 @@ static const unsigned char aes_test_ctr_ct[3][48] =
static const int aes_test_ctr_len[3] =
{ 16, 32, 36 };
#endif /* POLARSSL_CIPHER_MODE_CTR */
#endif /* MBEDTLS_CIPHER_MODE_CTR */
/*
* Checkup routine
*/
int aes_self_test( int verbose )
int mbedtls_aes_self_test( int verbose )
{
int ret = 0, i, j, u, v;
unsigned char key[32];
unsigned char buf[64];
unsigned char iv[16];
#if defined(POLARSSL_CIPHER_MODE_CBC)
#if defined(MBEDTLS_CIPHER_MODE_CBC)
unsigned char prv[16];
#endif
#if defined(POLARSSL_CIPHER_MODE_CTR) || defined(POLARSSL_CIPHER_MODE_CFB)
#if defined(MBEDTLS_CIPHER_MODE_CTR) || defined(MBEDTLS_CIPHER_MODE_CFB)
size_t offset;
#endif
#if defined(POLARSSL_CIPHER_MODE_CTR)
#if defined(MBEDTLS_CIPHER_MODE_CTR)
int len;
unsigned char nonce_counter[16];
unsigned char stream_block[16];
#endif
aes_context ctx;
mbedtls_aes_context ctx;
memset( key, 0, 32 );
aes_init( &ctx );
mbedtls_aes_init( &ctx );
/*
* ECB mode
@ -1210,22 +1210,22 @@ int aes_self_test( int verbose )
v = i & 1;
if( verbose != 0 )
polarssl_printf( " AES-ECB-%3d (%s): ", 128 + u * 64,
( v == AES_DECRYPT ) ? "dec" : "enc" );
mbedtls_printf( " AES-ECB-%3d (%s): ", 128 + u * 64,
( v == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" );
memset( buf, 0, 16 );
if( v == AES_DECRYPT )
if( v == MBEDTLS_AES_DECRYPT )
{
aes_setkey_dec( &ctx, key, 128 + u * 64 );
mbedtls_aes_setkey_dec( &ctx, key, 128 + u * 64 );
for( j = 0; j < 10000; j++ )
aes_crypt_ecb( &ctx, v, buf, buf );
mbedtls_aes_crypt_ecb( &ctx, v, buf, buf );
if( memcmp( buf, aes_test_ecb_dec[u], 16 ) != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
mbedtls_printf( "failed\n" );
ret = 1;
goto exit;
@ -1233,15 +1233,15 @@ int aes_self_test( int verbose )
}
else
{
aes_setkey_enc( &ctx, key, 128 + u * 64 );
mbedtls_aes_setkey_enc( &ctx, key, 128 + u * 64 );
for( j = 0; j < 10000; j++ )
aes_crypt_ecb( &ctx, v, buf, buf );
mbedtls_aes_crypt_ecb( &ctx, v, buf, buf );
if( memcmp( buf, aes_test_ecb_enc[u], 16 ) != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
mbedtls_printf( "failed\n" );
ret = 1;
goto exit;
@ -1249,13 +1249,13 @@ int aes_self_test( int verbose )
}
if( verbose != 0 )
polarssl_printf( "passed\n" );
mbedtls_printf( "passed\n" );
}
if( verbose != 0 )
polarssl_printf( "\n" );
mbedtls_printf( "\n" );
#if defined(POLARSSL_CIPHER_MODE_CBC)
#if defined(MBEDTLS_CIPHER_MODE_CBC)
/*
* CBC mode
*/
@ -1265,24 +1265,24 @@ int aes_self_test( int verbose )
v = i & 1;
if( verbose != 0 )
polarssl_printf( " AES-CBC-%3d (%s): ", 128 + u * 64,
( v == AES_DECRYPT ) ? "dec" : "enc" );
mbedtls_printf( " AES-CBC-%3d (%s): ", 128 + u * 64,
( v == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" );
memset( iv , 0, 16 );
memset( prv, 0, 16 );
memset( buf, 0, 16 );
if( v == AES_DECRYPT )
if( v == MBEDTLS_AES_DECRYPT )
{
aes_setkey_dec( &ctx, key, 128 + u * 64 );
mbedtls_aes_setkey_dec( &ctx, key, 128 + u * 64 );
for( j = 0; j < 10000; j++ )
aes_crypt_cbc( &ctx, v, 16, iv, buf, buf );
mbedtls_aes_crypt_cbc( &ctx, v, 16, iv, buf, buf );
if( memcmp( buf, aes_test_cbc_dec[u], 16 ) != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
mbedtls_printf( "failed\n" );
ret = 1;
goto exit;
@ -1290,13 +1290,13 @@ int aes_self_test( int verbose )
}
else
{
aes_setkey_enc( &ctx, key, 128 + u * 64 );
mbedtls_aes_setkey_enc( &ctx, key, 128 + u * 64 );
for( j = 0; j < 10000; j++ )
{
unsigned char tmp[16];
aes_crypt_cbc( &ctx, v, 16, iv, buf, buf );
mbedtls_aes_crypt_cbc( &ctx, v, 16, iv, buf, buf );
memcpy( tmp, prv, 16 );
memcpy( prv, buf, 16 );
@ -1306,7 +1306,7 @@ int aes_self_test( int verbose )
if( memcmp( prv, aes_test_cbc_enc[u], 16 ) != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
mbedtls_printf( "failed\n" );
ret = 1;
goto exit;
@ -1314,14 +1314,14 @@ int aes_self_test( int verbose )
}
if( verbose != 0 )
polarssl_printf( "passed\n" );
mbedtls_printf( "passed\n" );
}
if( verbose != 0 )
polarssl_printf( "\n" );
#endif /* POLARSSL_CIPHER_MODE_CBC */
mbedtls_printf( "\n" );
#endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(POLARSSL_CIPHER_MODE_CFB)
#if defined(MBEDTLS_CIPHER_MODE_CFB)
/*
* CFB128 mode
*/
@ -1331,24 +1331,24 @@ int aes_self_test( int verbose )
v = i & 1;
if( verbose != 0 )
polarssl_printf( " AES-CFB128-%3d (%s): ", 128 + u * 64,
( v == AES_DECRYPT ) ? "dec" : "enc" );
mbedtls_printf( " AES-CFB128-%3d (%s): ", 128 + u * 64,
( v == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" );
memcpy( iv, aes_test_cfb128_iv, 16 );
memcpy( key, aes_test_cfb128_key[u], 16 + u * 8 );
offset = 0;
aes_setkey_enc( &ctx, key, 128 + u * 64 );
mbedtls_aes_setkey_enc( &ctx, key, 128 + u * 64 );
if( v == AES_DECRYPT )
if( v == MBEDTLS_AES_DECRYPT )
{
memcpy( buf, aes_test_cfb128_ct[u], 64 );
aes_crypt_cfb128( &ctx, v, 64, &offset, iv, buf, buf );
mbedtls_aes_crypt_cfb128( &ctx, v, 64, &offset, iv, buf, buf );
if( memcmp( buf, aes_test_cfb128_pt, 64 ) != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
mbedtls_printf( "failed\n" );
ret = 1;
goto exit;
@ -1357,12 +1357,12 @@ int aes_self_test( int verbose )
else
{
memcpy( buf, aes_test_cfb128_pt, 64 );
aes_crypt_cfb128( &ctx, v, 64, &offset, iv, buf, buf );
mbedtls_aes_crypt_cfb128( &ctx, v, 64, &offset, iv, buf, buf );
if( memcmp( buf, aes_test_cfb128_ct[u], 64 ) != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
mbedtls_printf( "failed\n" );
ret = 1;
goto exit;
@ -1370,14 +1370,14 @@ int aes_self_test( int verbose )
}
if( verbose != 0 )
polarssl_printf( "passed\n" );
mbedtls_printf( "passed\n" );
}
if( verbose != 0 )
polarssl_printf( "\n" );
#endif /* POLARSSL_CIPHER_MODE_CFB */
mbedtls_printf( "\n" );
#endif /* MBEDTLS_CIPHER_MODE_CFB */
#if defined(POLARSSL_CIPHER_MODE_CTR)
#if defined(MBEDTLS_CIPHER_MODE_CTR)
/*
* CTR mode
*/
@ -1387,27 +1387,27 @@ int aes_self_test( int verbose )
v = i & 1;
if( verbose != 0 )
polarssl_printf( " AES-CTR-128 (%s): ",
( v == AES_DECRYPT ) ? "dec" : "enc" );
mbedtls_printf( " AES-CTR-128 (%s): ",
( v == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" );
memcpy( nonce_counter, aes_test_ctr_nonce_counter[u], 16 );
memcpy( key, aes_test_ctr_key[u], 16 );
offset = 0;
aes_setkey_enc( &ctx, key, 128 );
mbedtls_aes_setkey_enc( &ctx, key, 128 );
if( v == AES_DECRYPT )
if( v == MBEDTLS_AES_DECRYPT )
{
len = aes_test_ctr_len[u];
memcpy( buf, aes_test_ctr_ct[u], len );
aes_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block,
mbedtls_aes_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block,
buf, buf );
if( memcmp( buf, aes_test_ctr_pt[u], len ) != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
mbedtls_printf( "failed\n" );
ret = 1;
goto exit;
@ -1418,13 +1418,13 @@ int aes_self_test( int verbose )
len = aes_test_ctr_len[u];
memcpy( buf, aes_test_ctr_pt[u], len );
aes_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block,
mbedtls_aes_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block,
buf, buf );
if( memcmp( buf, aes_test_ctr_ct[u], len ) != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
mbedtls_printf( "failed\n" );
ret = 1;
goto exit;
@ -1432,21 +1432,21 @@ int aes_self_test( int verbose )
}
if( verbose != 0 )
polarssl_printf( "passed\n" );
mbedtls_printf( "passed\n" );
}
if( verbose != 0 )
polarssl_printf( "\n" );
#endif /* POLARSSL_CIPHER_MODE_CTR */
mbedtls_printf( "\n" );
#endif /* MBEDTLS_CIPHER_MODE_CTR */
ret = 0;
exit:
aes_free( &ctx );
mbedtls_aes_free( &ctx );
return( ret );
}
#endif /* POLARSSL_SELF_TEST */
#endif /* MBEDTLS_SELF_TEST */
#endif /* POLARSSL_AES_C */
#endif /* MBEDTLS_AES_C */

26
library/aesni.c
View File

@ -25,24 +25,24 @@
* [CLMUL-WP] http://software.intel.com/en-us/articles/intel-carry-less-multiplication-instruction-and-its-usage-for-computing-the-gcm-mode/
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_AESNI_C)
#if defined(MBEDTLS_AESNI_C)
#include "mbedtls/aesni.h"
#include <string.h>
#if defined(POLARSSL_HAVE_X86_64)
#if defined(MBEDTLS_HAVE_X86_64)
/*
* AES-NI support detection routine
*/
int aesni_supports( unsigned int what )
int mbedtls_aesni_supports( unsigned int what )
{
static int done = 0;
static unsigned int c = 0;
@ -89,7 +89,7 @@ int aesni_supports( unsigned int what )
/*
* AES-NI AES-ECB block en(de)cryption
*/
int aesni_crypt_ecb( aes_context *ctx,
int mbedtls_aesni_crypt_ecb( mbedtls_aes_context *ctx,
int mode,
const unsigned char input[16],
unsigned char output[16] )
@ -135,7 +135,7 @@ int aesni_crypt_ecb( aes_context *ctx,
* GCM multiplication: c = a times b in GF(2^128)
* Based on [CLMUL-WP] algorithms 1 (with equation 27) and 5.
*/
void aesni_gcm_mult( unsigned char c[16],
void mbedtls_aesni_gcm_mult( unsigned char c[16],
const unsigned char a[16],
const unsigned char b[16] )
{
@ -246,7 +246,7 @@ void aesni_gcm_mult( unsigned char c[16],
/*
* Compute decryption round keys from encryption round keys
*/
void aesni_inverse_key( unsigned char *invkey,
void mbedtls_aesni_inverse_key( unsigned char *invkey,
const unsigned char *fwdkey, int nr )
{
unsigned char *ik = invkey;
@ -423,7 +423,7 @@ static void aesni_setkey_enc_256( unsigned char *rk,
/*
* Main "loop" - Generating one more key than necessary,
* see definition of aes_context.buf
* see definition of mbedtls_aes_context.buf
*/
"2: \n\t"
AESKEYGENA xmm1_xmm2 ",0x01 \n\tcall 1b \n\t"
@ -441,7 +441,7 @@ static void aesni_setkey_enc_256( unsigned char *rk,
/*
* Key expansion, wrapper
*/
int aesni_setkey_enc( unsigned char *rk,
int mbedtls_aesni_setkey_enc( unsigned char *rk,
const unsigned char *key,
size_t bits )
{
@ -450,12 +450,12 @@ int aesni_setkey_enc( unsigned char *rk,
case 128: aesni_setkey_enc_128( rk, key ); break;
case 192: aesni_setkey_enc_192( rk, key ); break;
case 256: aesni_setkey_enc_256( rk, key ); break;
default : return( POLARSSL_ERR_AES_INVALID_KEY_LENGTH );
default : return( MBEDTLS_ERR_AES_INVALID_KEY_LENGTH );
}
return( 0 );
}
#endif /* POLARSSL_HAVE_X86_64 */
#endif /* MBEDTLS_HAVE_X86_64 */
#endif /* POLARSSL_AESNI_C */
#endif /* MBEDTLS_AESNI_C */

60
library/arc4.c
View File

@ -25,51 +25,51 @@
* http://groups.google.com/group/sci.crypt/msg/10a300c9d21afca0
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_ARC4_C)
#if defined(MBEDTLS_ARC4_C)
#include "mbedtls/arc4.h"
#include <string.h>
#if defined(POLARSSL_SELF_TEST)
#if defined(POLARSSL_PLATFORM_C)
#if defined(MBEDTLS_SELF_TEST)
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#include <stdio.h>
#define polarssl_printf printf
#endif /* POLARSSL_PLATFORM_C */
#endif /* POLARSSL_SELF_TEST */
#define mbedtls_printf printf
#endif /* MBEDTLS_PLATFORM_C */
#endif /* MBEDTLS_SELF_TEST */
#if !defined(POLARSSL_ARC4_ALT)
#if !defined(MBEDTLS_ARC4_ALT)
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
void arc4_init( arc4_context *ctx )
void mbedtls_arc4_init( mbedtls_arc4_context *ctx )
{
memset( ctx, 0, sizeof( arc4_context ) );
memset( ctx, 0, sizeof( mbedtls_arc4_context ) );
}
void arc4_free( arc4_context *ctx )
void mbedtls_arc4_free( mbedtls_arc4_context *ctx )
{
if( ctx == NULL )
return;
polarssl_zeroize( ctx, sizeof( arc4_context ) );
mbedtls_zeroize( ctx, sizeof( mbedtls_arc4_context ) );
}
/*
* ARC4 key schedule
*/
void arc4_setup( arc4_context *ctx, const unsigned char *key,
void mbedtls_arc4_setup( mbedtls_arc4_context *ctx, const unsigned char *key,
unsigned int keylen )
{
int i, j, a;
@ -99,7 +99,7 @@ void arc4_setup( arc4_context *ctx, const unsigned char *key,
/*
* ARC4 cipher function
*/
int arc4_crypt( arc4_context *ctx, size_t length, const unsigned char *input,
int mbedtls_arc4_crypt( mbedtls_arc4_context *ctx, size_t length, const unsigned char *input,
unsigned char *output )
{
int x, y, a, b;
@ -128,9 +128,9 @@ int arc4_crypt( arc4_context *ctx, size_t length, const unsigned char *input,
return( 0 );
}
#endif /* !POLARSSL_ARC4_ALT */
#endif /* !MBEDTLS_ARC4_ALT */
#if defined(POLARSSL_SELF_TEST)
#if defined(MBEDTLS_SELF_TEST)
/*
* ARC4 tests vectors as posted by Eric Rescorla in sep. 1994:
*
@ -160,47 +160,47 @@ static const unsigned char arc4_test_ct[3][8] =
/*
* Checkup routine
*/
int arc4_self_test( int verbose )
int mbedtls_arc4_self_test( int verbose )
{
int i, ret = 0;
unsigned char ibuf[8];
unsigned char obuf[8];
arc4_context ctx;
mbedtls_arc4_context ctx;
arc4_init( &ctx );
mbedtls_arc4_init( &ctx );
for( i = 0; i < 3; i++ )
{
if( verbose != 0 )
polarssl_printf( " ARC4 test #%d: ", i + 1 );
mbedtls_printf( " ARC4 test #%d: ", i + 1 );
memcpy( ibuf, arc4_test_pt[i], 8 );
arc4_setup( &ctx, arc4_test_key[i], 8 );
arc4_crypt( &ctx, 8, ibuf, obuf );
mbedtls_arc4_setup( &ctx, arc4_test_key[i], 8 );
mbedtls_arc4_crypt( &ctx, 8, ibuf, obuf );
if( memcmp( obuf, arc4_test_ct[i], 8 ) != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
mbedtls_printf( "failed\n" );
ret = 1;
goto exit;
}
if( verbose != 0 )
polarssl_printf( "passed\n" );
mbedtls_printf( "passed\n" );
}
if( verbose != 0 )
polarssl_printf( "\n" );
mbedtls_printf( "\n" );
exit:
arc4_free( &ctx );
mbedtls_arc4_free( &ctx );
return( ret );
}
#endif /* POLARSSL_SELF_TEST */
#endif /* MBEDTLS_SELF_TEST */
#endif /* POLARSSL_ARC4_C */
#endif /* MBEDTLS_ARC4_C */

156
library/asn1parse.c
View File

@ -20,44 +20,44 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_ASN1_PARSE_C)
#if defined(MBEDTLS_ASN1_PARSE_C)
#include "mbedtls/asn1.h"
#include <string.h>
#if defined(POLARSSL_BIGNUM_C)
#if defined(MBEDTLS_BIGNUM_C)
#include "mbedtls/bignum.h"
#endif
#if defined(POLARSSL_PLATFORM_C)
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#include <stdlib.h>
#define polarssl_malloc malloc
#define polarssl_free free
#define mbedtls_malloc malloc
#define mbedtls_free free
#endif
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
/*
* ASN.1 DER decoding routines
*/
int asn1_get_len( unsigned char **p,
int mbedtls_asn1_get_len( unsigned char **p,
const unsigned char *end,
size_t *len )
{
if( ( end - *p ) < 1 )
return( POLARSSL_ERR_ASN1_OUT_OF_DATA );
return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
if( ( **p & 0x80 ) == 0 )
*len = *(*p)++;
@ -67,7 +67,7 @@ int asn1_get_len( unsigned char **p,
{
case 1:
if( ( end - *p ) < 2 )
return( POLARSSL_ERR_ASN1_OUT_OF_DATA );
return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
*len = (*p)[1];
(*p) += 2;
@ -75,7 +75,7 @@ int asn1_get_len( unsigned char **p,
case 2:
if( ( end - *p ) < 3 )
return( POLARSSL_ERR_ASN1_OUT_OF_DATA );
return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
*len = ( (size_t)(*p)[1] << 8 ) | (*p)[2];
(*p) += 3;
@ -83,7 +83,7 @@ int asn1_get_len( unsigned char **p,
case 3:
if( ( end - *p ) < 4 )
return( POLARSSL_ERR_ASN1_OUT_OF_DATA );
return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
*len = ( (size_t)(*p)[1] << 16 ) |
( (size_t)(*p)[2] << 8 ) | (*p)[3];
@ -92,7 +92,7 @@ int asn1_get_len( unsigned char **p,
case 4:
if( ( end - *p ) < 5 )
return( POLARSSL_ERR_ASN1_OUT_OF_DATA );
return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
*len = ( (size_t)(*p)[1] << 24 ) | ( (size_t)(*p)[2] << 16 ) |
( (size_t)(*p)[3] << 8 ) | (*p)[4];
@ -100,43 +100,43 @@ int asn1_get_len( unsigned char **p,
break;
default:
return( POLARSSL_ERR_ASN1_INVALID_LENGTH );
return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
}
}
if( *len > (size_t) ( end - *p ) )
return( POLARSSL_ERR_ASN1_OUT_OF_DATA );
return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
return( 0 );
}
int asn1_get_tag( unsigned char **p,
int mbedtls_asn1_get_tag( unsigned char **p,
const unsigned char *end,
size_t *len, int tag )
{
if( ( end - *p ) < 1 )
return( POLARSSL_ERR_ASN1_OUT_OF_DATA );
return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
if( **p != tag )
return( POLARSSL_ERR_ASN1_UNEXPECTED_TAG );
return( MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
(*p)++;
return( asn1_get_len( p, end, len ) );
return( mbedtls_asn1_get_len( p, end, len ) );
}
int asn1_get_bool( unsigned char **p,
int mbedtls_asn1_get_bool( unsigned char **p,
const unsigned char *end,
int *val )
{
int ret;
size_t len;
if( ( ret = asn1_get_tag( p, end, &len, ASN1_BOOLEAN ) ) != 0 )
if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_BOOLEAN ) ) != 0 )
return( ret );
if( len != 1 )
return( POLARSSL_ERR_ASN1_INVALID_LENGTH );
return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
*val = ( **p != 0 ) ? 1 : 0;
(*p)++;
@ -144,18 +144,18 @@ int asn1_get_bool( unsigned char **p,
return( 0 );
}
int asn1_get_int( unsigned char **p,
int mbedtls_asn1_get_int( unsigned char **p,
const unsigned char *end,
int *val )
{
int ret;
size_t len;
if( ( ret = asn1_get_tag( p, end, &len, ASN1_INTEGER ) ) != 0 )
if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_INTEGER ) ) != 0 )
return( ret );
if( len > sizeof( int ) || ( **p & 0x80 ) != 0 )
return( POLARSSL_ERR_ASN1_INVALID_LENGTH );
return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
*val = 0;
@ -168,43 +168,43 @@ int asn1_get_int( unsigned char **p,
return( 0 );
}
#if defined(POLARSSL_BIGNUM_C)
int asn1_get_mpi( unsigned char **p,
#if defined(MBEDTLS_BIGNUM_C)
int mbedtls_asn1_get_mpi( unsigned char **p,
const unsigned char *end,
mpi *X )
mbedtls_mpi *X )
{
int ret;
size_t len;
if( ( ret = asn1_get_tag( p, end, &len, ASN1_INTEGER ) ) != 0 )
if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_INTEGER ) ) != 0 )
return( ret );
ret = mpi_read_binary( X, *p, len );
ret = mbedtls_mpi_read_binary( X, *p, len );
*p += len;
return( ret );
}
#endif /* POLARSSL_BIGNUM_C */
#endif /* MBEDTLS_BIGNUM_C */
int asn1_get_bitstring( unsigned char **p, const unsigned char *end,
asn1_bitstring *bs)
int mbedtls_asn1_get_bitstring( unsigned char **p, const unsigned char *end,
mbedtls_asn1_bitstring *bs)
{
int ret;
/* Certificate type is a single byte bitstring */
if( ( ret = asn1_get_tag( p, end, &bs->len, ASN1_BIT_STRING ) ) != 0 )
if( ( ret = mbedtls_asn1_get_tag( p, end, &bs->len, MBEDTLS_ASN1_BIT_STRING ) ) != 0 )
return( ret );
/* Check length, subtract one for actual bit string length */
if( bs->len < 1 )
return( POLARSSL_ERR_ASN1_OUT_OF_DATA );
return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
bs->len -= 1;
/* Get number of unused bits, ensure unused bits <= 7 */
bs->unused_bits = **p;
if( bs->unused_bits > 7 )
return( POLARSSL_ERR_ASN1_INVALID_LENGTH );
return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
(*p)++;
/* Get actual bitstring */
@ -212,7 +212,7 @@ int asn1_get_bitstring( unsigned char **p, const unsigned char *end,
*p += bs->len;
if( *p != end )
return( POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
return( 0 );
}
@ -220,16 +220,16 @@ int asn1_get_bitstring( unsigned char **p, const unsigned char *end,
/*
* Get a bit string without unused bits
*/
int asn1_get_bitstring_null( unsigned char **p, const unsigned char *end,
int mbedtls_asn1_get_bitstring_null( unsigned char **p, const unsigned char *end,
size_t *len )
{
int ret;
if( ( ret = asn1_get_tag( p, end, len, ASN1_BIT_STRING ) ) != 0 )
if( ( ret = mbedtls_asn1_get_tag( p, end, len, MBEDTLS_ASN1_BIT_STRING ) ) != 0 )
return( ret );
if( (*len)-- < 2 || *(*p)++ != 0 )
return( POLARSSL_ERR_ASN1_INVALID_DATA );
return( MBEDTLS_ERR_ASN1_INVALID_DATA );
return( 0 );
}
@ -239,29 +239,29 @@ int asn1_get_bitstring_null( unsigned char **p, const unsigned char *end,
/*
* Parses and splits an ASN.1 "SEQUENCE OF <tag>"
*/
int asn1_get_sequence_of( unsigned char **p,
int mbedtls_asn1_get_sequence_of( unsigned char **p,
const unsigned char *end,
asn1_sequence *cur,
mbedtls_asn1_sequence *cur,
int tag)
{
int ret;
size_t len;
asn1_buf *buf;
mbedtls_asn1_buf *buf;
/* Get main sequence tag */
if( ( ret = asn1_get_tag( p, end, &len,
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
return( ret );
if( *p + len != end )
return( POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
while( *p < end )
{
buf = &(cur->buf);
buf->tag = **p;
if( ( ret = asn1_get_tag( p, end, &buf->len, tag ) ) != 0 )
if( ( ret = mbedtls_asn1_get_tag( p, end, &buf->len, tag ) ) != 0 )
return( ret );
buf->p = *p;
@ -270,12 +270,12 @@ int asn1_get_sequence_of( unsigned char **p,
/* Allocate and assign next pointer */
if( *p < end )
{
cur->next = polarssl_malloc( sizeof( asn1_sequence ) );
cur->next = mbedtls_malloc( sizeof( mbedtls_asn1_sequence ) );
if( cur->next == NULL )
return( POLARSSL_ERR_ASN1_MALLOC_FAILED );
return( MBEDTLS_ERR_ASN1_MALLOC_FAILED );
memset( cur->next, 0, sizeof( asn1_sequence ) );
memset( cur->next, 0, sizeof( mbedtls_asn1_sequence ) );
cur = cur->next;
}
@ -285,29 +285,29 @@ int asn1_get_sequence_of( unsigned char **p,
cur->next = NULL;
if( *p != end )
return( POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
return( 0 );
}
int asn1_get_alg( unsigned char **p,
int mbedtls_asn1_get_alg( unsigned char **p,
const unsigned char *end,
asn1_buf *alg, asn1_buf *params )
mbedtls_asn1_buf *alg, mbedtls_asn1_buf *params )
{
int ret;
size_t len;
if( ( ret = asn1_get_tag( p, end, &len,
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
return( ret );
if( ( end - *p ) < 1 )
return( POLARSSL_ERR_ASN1_OUT_OF_DATA );
return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
alg->tag = **p;
end = *p + len;
if( ( ret = asn1_get_tag( p, end, &alg->len, ASN1_OID ) ) != 0 )
if( ( ret = mbedtls_asn1_get_tag( p, end, &alg->len, MBEDTLS_ASN1_OID ) ) != 0 )
return( ret );
alg->p = *p;
@ -315,67 +315,67 @@ int asn1_get_alg( unsigned char **p,
if( *p == end )
{
polarssl_zeroize( params, sizeof(asn1_buf) );
mbedtls_zeroize( params, sizeof(mbedtls_asn1_buf) );
return( 0 );
}
params->tag = **p;
(*p)++;
if( ( ret = asn1_get_len( p, end, &params->len ) ) != 0 )
if( ( ret = mbedtls_asn1_get_len( p, end, &params->len ) ) != 0 )
return( ret );
params->p = *p;
*p += params->len;
if( *p != end )
return( POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
return( 0 );
}
int asn1_get_alg_null( unsigned char **p,
int mbedtls_asn1_get_alg_null( unsigned char **p,
const unsigned char *end,
asn1_buf *alg )
mbedtls_asn1_buf *alg )
{
int ret;
asn1_buf params;
mbedtls_asn1_buf params;
memset( &params, 0, sizeof(asn1_buf) );
memset( &params, 0, sizeof(mbedtls_asn1_buf) );
if( ( ret = asn1_get_alg( p, end, alg, &params ) ) != 0 )
if( ( ret = mbedtls_asn1_get_alg( p, end, alg, &params ) ) != 0 )
return( ret );
if( ( params.tag != ASN1_NULL && params.tag != 0 ) || params.len != 0 )
return( POLARSSL_ERR_ASN1_INVALID_DATA );
if( ( params.tag != MBEDTLS_ASN1_NULL && params.tag != 0 ) || params.len != 0 )
return( MBEDTLS_ERR_ASN1_INVALID_DATA );
return( 0 );
}
void asn1_free_named_data( asn1_named_data *cur )
void mbedtls_asn1_free_named_data( mbedtls_asn1_named_data *cur )
{
if( cur == NULL )
return;
polarssl_free( cur->oid.p );
polarssl_free( cur->val.p );
mbedtls_free( cur->oid.p );
mbedtls_free( cur->val.p );
polarssl_zeroize( cur, sizeof( asn1_named_data ) );
mbedtls_zeroize( cur, sizeof( mbedtls_asn1_named_data ) );
}
void asn1_free_named_data_list( asn1_named_data **head )
void mbedtls_asn1_free_named_data_list( mbedtls_asn1_named_data **head )
{
asn1_named_data *cur;
mbedtls_asn1_named_data *cur;
while( ( cur = *head ) != NULL )
{
*head = cur->next;
asn1_free_named_data( cur );
polarssl_free( cur );
mbedtls_asn1_free_named_data( cur );
mbedtls_free( cur );
}
}
asn1_named_data *asn1_find_named_data( asn1_named_data *list,
mbedtls_asn1_named_data *mbedtls_asn1_find_named_data( mbedtls_asn1_named_data *list,
const char *oid, size_t len )
{
while( list != NULL )
@ -392,4 +392,4 @@ asn1_named_data *asn1_find_named_data( asn1_named_data *list,
return( list );
}
#endif /* POLARSSL_ASN1_PARSE_C */
#endif /* MBEDTLS_ASN1_PARSE_C */

152
library/asn1write.c
View File

@ -20,32 +20,32 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_ASN1_WRITE_C)
#if defined(MBEDTLS_ASN1_WRITE_C)
#include "mbedtls/asn1write.h"
#include <string.h>
#if defined(POLARSSL_PLATFORM_C)
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#include <stdlib.h>
#define polarssl_malloc malloc
#define polarssl_free free
#define mbedtls_malloc malloc
#define mbedtls_free free
#endif
int asn1_write_len( unsigned char **p, unsigned char *start, size_t len )
int mbedtls_asn1_write_len( unsigned char **p, unsigned char *start, size_t len )
{
if( len < 0x80 )
{
if( *p - start < 1 )
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
*--(*p) = (unsigned char) len;
return( 1 );
@ -54,7 +54,7 @@ int asn1_write_len( unsigned char **p, unsigned char *start, size_t len )
if( len <= 0xFF )
{
if( *p - start < 2 )
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
*--(*p) = (unsigned char) len;
*--(*p) = 0x81;
@ -62,7 +62,7 @@ int asn1_write_len( unsigned char **p, unsigned char *start, size_t len )
}
if( *p - start < 3 )
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
// We assume we never have lengths larger than 65535 bytes
//
@ -73,23 +73,23 @@ int asn1_write_len( unsigned char **p, unsigned char *start, size_t len )
return( 3 );
}
int asn1_write_tag( unsigned char **p, unsigned char *start, unsigned char tag )
int mbedtls_asn1_write_tag( unsigned char **p, unsigned char *start, unsigned char tag )
{
if( *p - start < 1 )
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
*--(*p) = tag;
return( 1 );
}
int asn1_write_raw_buffer( unsigned char **p, unsigned char *start,
int mbedtls_asn1_write_raw_buffer( unsigned char **p, unsigned char *start,
const unsigned char *buf, size_t size )
{
size_t len = 0;
if( *p - start < (int) size )
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
len = size;
(*p) -= len;
@ -98,21 +98,21 @@ int asn1_write_raw_buffer( unsigned char **p, unsigned char *start,
return( (int) len );
}
#if defined(POLARSSL_BIGNUM_C)
int asn1_write_mpi( unsigned char **p, unsigned char *start, const mpi *X )
#if defined(MBEDTLS_BIGNUM_C)
int mbedtls_asn1_write_mpi( unsigned char **p, unsigned char *start, const mbedtls_mpi *X )
{
int ret;
size_t len = 0;
// Write the MPI
//
len = mpi_size( X );
len = mbedtls_mpi_size( X );
if( *p - start < (int) len )
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
(*p) -= len;
MPI_CHK( mpi_write_binary( X, *p, len ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( X, *p, len ) );
// DER format assumes 2s complement for numbers, so the leftmost bit
// should be 0 for positive numbers and 1 for negative numbers.
@ -120,50 +120,50 @@ int asn1_write_mpi( unsigned char **p, unsigned char *start, const mpi *X )
if( X->s ==1 && **p & 0x80 )
{
if( *p - start < 1 )
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
*--(*p) = 0x00;
len += 1;
}
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_INTEGER ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_INTEGER ) );
ret = (int) len;
cleanup:
return( ret );
}
#endif /* POLARSSL_BIGNUM_C */
#endif /* MBEDTLS_BIGNUM_C */
int asn1_write_null( unsigned char **p, unsigned char *start )
int mbedtls_asn1_write_null( unsigned char **p, unsigned char *start )
{
int ret;
size_t len = 0;
// Write NULL
//
ASN1_CHK_ADD( len, asn1_write_len( p, start, 0) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_NULL ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, 0) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_NULL ) );
return( (int) len );
}
int asn1_write_oid( unsigned char **p, unsigned char *start,
int mbedtls_asn1_write_oid( unsigned char **p, unsigned char *start,
const char *oid, size_t oid_len )
{
int ret;
size_t len = 0;
ASN1_CHK_ADD( len, asn1_write_raw_buffer( p, start,
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start,
(const unsigned char *) oid, oid_len ) );
ASN1_CHK_ADD( len , asn1_write_len( p, start, len ) );
ASN1_CHK_ADD( len , asn1_write_tag( p, start, ASN1_OID ) );
MBEDTLS_ASN1_CHK_ADD( len , mbedtls_asn1_write_len( p, start, len ) );
MBEDTLS_ASN1_CHK_ADD( len , mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_OID ) );
return( (int) len );
}
int asn1_write_algorithm_identifier( unsigned char **p, unsigned char *start,
int mbedtls_asn1_write_algorithm_identifier( unsigned char **p, unsigned char *start,
const char *oid, size_t oid_len,
size_t par_len )
{
@ -171,37 +171,37 @@ int asn1_write_algorithm_identifier( unsigned char **p, unsigned char *start,
size_t len = 0;
if( par_len == 0 )
ASN1_CHK_ADD( len, asn1_write_null( p, start ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_null( p, start ) );
else
len += par_len;
ASN1_CHK_ADD( len, asn1_write_oid( p, start, oid, oid_len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_oid( p, start, oid, oid_len ) );
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start,
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) );
return( (int) len );
}
int asn1_write_bool( unsigned char **p, unsigned char *start, int boolean )
int mbedtls_asn1_write_bool( unsigned char **p, unsigned char *start, int boolean )
{
int ret;
size_t len = 0;
if( *p - start < 1 )
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
*--(*p) = (boolean) ? 1 : 0;
len++;
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_BOOLEAN ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_BOOLEAN ) );
return( (int) len );
}
int asn1_write_int( unsigned char **p, unsigned char *start, int val )
int mbedtls_asn1_write_int( unsigned char **p, unsigned char *start, int val )
{
int ret;
size_t len = 0;
@ -211,7 +211,7 @@ int asn1_write_int( unsigned char **p, unsigned char *start, int val )
// should be 0 for positive numbers and 1 for negative numbers.
//
if( *p - start < 1 )
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
len += 1;
*--(*p) = val;
@ -219,49 +219,49 @@ int asn1_write_int( unsigned char **p, unsigned char *start, int val )
if( val > 0 && **p & 0x80 )
{
if( *p - start < 1 )
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
*--(*p) = 0x00;
len += 1;
}
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_INTEGER ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_INTEGER ) );
return( (int) len );
}
int asn1_write_printable_string( unsigned char **p, unsigned char *start,
int mbedtls_asn1_write_printable_string( unsigned char **p, unsigned char *start,
const char *text, size_t text_len )
{
int ret;
size_t len = 0;
ASN1_CHK_ADD( len, asn1_write_raw_buffer( p, start,
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start,
(const unsigned char *) text, text_len ) );
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_PRINTABLE_STRING ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_PRINTABLE_STRING ) );
return( (int) len );
}
int asn1_write_ia5_string( unsigned char **p, unsigned char *start,
int mbedtls_asn1_write_ia5_string( unsigned char **p, unsigned char *start,
const char *text, size_t text_len )
{
int ret;
size_t len = 0;
ASN1_CHK_ADD( len, asn1_write_raw_buffer( p, start,
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start,
(const unsigned char *) text, text_len ) );
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_IA5_STRING ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_IA5_STRING ) );
return( (int) len );
}
int asn1_write_bitstring( unsigned char **p, unsigned char *start,
int mbedtls_asn1_write_bitstring( unsigned char **p, unsigned char *start,
const unsigned char *buf, size_t bits )
{
int ret;
@ -272,7 +272,7 @@ int asn1_write_bitstring( unsigned char **p, unsigned char *start,
// Calculate byte length
//
if( *p - start < (int) size + 1 )
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
len = size + 1;
(*p) -= size;
@ -282,58 +282,58 @@ int asn1_write_bitstring( unsigned char **p, unsigned char *start,
//
*--(*p) = (unsigned char) (size * 8 - bits);
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_BIT_STRING ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_BIT_STRING ) );
return( (int) len );
}
int asn1_write_octet_string( unsigned char **p, unsigned char *start,
int mbedtls_asn1_write_octet_string( unsigned char **p, unsigned char *start,
const unsigned char *buf, size_t size )
{
int ret;
size_t len = 0;
ASN1_CHK_ADD( len, asn1_write_raw_buffer( p, start, buf, size ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, buf, size ) );
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_OCTET_STRING ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_OCTET_STRING ) );
return( (int) len );
}
asn1_named_data *asn1_store_named_data( asn1_named_data **head,
mbedtls_asn1_named_data *mbedtls_asn1_store_named_data( mbedtls_asn1_named_data **head,
const char *oid, size_t oid_len,
const unsigned char *val,
size_t val_len )
{
asn1_named_data *cur;
mbedtls_asn1_named_data *cur;
if( ( cur = asn1_find_named_data( *head, oid, oid_len ) ) == NULL )
if( ( cur = mbedtls_asn1_find_named_data( *head, oid, oid_len ) ) == NULL )
{
// Add new entry if not present yet based on OID
//
if( ( cur = polarssl_malloc( sizeof(asn1_named_data) ) ) == NULL )
if( ( cur = mbedtls_malloc( sizeof(mbedtls_asn1_named_data) ) ) == NULL )
return( NULL );
memset( cur, 0, sizeof(asn1_named_data) );
memset( cur, 0, sizeof(mbedtls_asn1_named_data) );
cur->oid.len = oid_len;
cur->oid.p = polarssl_malloc( oid_len );
cur->oid.p = mbedtls_malloc( oid_len );
if( cur->oid.p == NULL )
{
polarssl_free( cur );
mbedtls_free( cur );
return( NULL );
}
memcpy( cur->oid.p, oid, oid_len );
cur->val.len = val_len;
cur->val.p = polarssl_malloc( val_len );
cur->val.p = mbedtls_malloc( val_len );
if( cur->val.p == NULL )
{
polarssl_free( cur->oid.p );
polarssl_free( cur );
mbedtls_free( cur->oid.p );
mbedtls_free( cur );
return( NULL );
}
@ -344,15 +344,15 @@ asn1_named_data *asn1_store_named_data( asn1_named_data **head,
{
// Enlarge existing value buffer if needed
//
polarssl_free( cur->val.p );
mbedtls_free( cur->val.p );
cur->val.p = NULL;
cur->val.len = val_len;
cur->val.p = polarssl_malloc( val_len );
cur->val.p = mbedtls_malloc( val_len );
if( cur->val.p == NULL )
{
polarssl_free( cur->oid.p );
polarssl_free( cur );
mbedtls_free( cur->oid.p );
mbedtls_free( cur );
return( NULL );
}
}
@ -362,4 +362,4 @@ asn1_named_data *asn1_store_named_data( asn1_named_data **head,
return( cur );
}
#endif /* POLARSSL_ASN1_WRITE_C */
#endif /* MBEDTLS_ASN1_WRITE_C */

54
library/base64.c
View File

@ -20,13 +20,13 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_BASE64_C)
#if defined(MBEDTLS_BASE64_C)
#include "mbedtls/base64.h"
@ -37,15 +37,15 @@ typedef UINT32 uint32_t;
#include <inttypes.h>
#endif
#if defined(POLARSSL_SELF_TEST)
#if defined(MBEDTLS_SELF_TEST)
#include <string.h>
#if defined(POLARSSL_PLATFORM_C)
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#include <stdio.h>
#define polarssl_printf printf
#endif /* POLARSSL_PLATFORM_C */
#endif /* POLARSSL_SELF_TEST */
#define mbedtls_printf printf
#endif /* MBEDTLS_PLATFORM_C */
#endif /* MBEDTLS_SELF_TEST */
static const unsigned char base64_enc_map[64] =
{
@ -78,7 +78,7 @@ static const unsigned char base64_dec_map[128] =
/*
* Encode a buffer into base64 format
*/
int base64_encode( unsigned char *dst, size_t *dlen,
int mbedtls_base64_encode( unsigned char *dst, size_t *dlen,
const unsigned char *src, size_t slen )
{
size_t i, n;
@ -103,7 +103,7 @@ int base64_encode( unsigned char *dst, size_t *dlen,
if( *dlen < n + 1 )
{
*dlen = n + 1;
return( POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL );
return( MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL );
}
n = ( slen / 3 ) * 3;
@ -144,7 +144,7 @@ int base64_encode( unsigned char *dst, size_t *dlen,
/*
* Decode a base64-formatted buffer
*/
int base64_decode( unsigned char *dst, size_t *dlen,
int mbedtls_base64_decode( unsigned char *dst, size_t *dlen,
const unsigned char *src, size_t slen )
{
size_t i, n;
@ -175,16 +175,16 @@ int base64_decode( unsigned char *dst, size_t *dlen,
/* Space inside a line is an error */
if( x != 0 )
return( POLARSSL_ERR_BASE64_INVALID_CHARACTER );
return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER );
if( src[i] == '=' && ++j > 2 )
return( POLARSSL_ERR_BASE64_INVALID_CHARACTER );
return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER );
if( src[i] > 127 || base64_dec_map[src[i]] == 127 )
return( POLARSSL_ERR_BASE64_INVALID_CHARACTER );
return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER );
if( base64_dec_map[src[i]] < 64 && j != 0 )
return( POLARSSL_ERR_BASE64_INVALID_CHARACTER );
return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER );
n++;
}
@ -198,7 +198,7 @@ int base64_decode( unsigned char *dst, size_t *dlen,
if( dst == NULL || *dlen < n )
{
*dlen = n;
return( POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL );
return( MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL );
}
for( j = 3, n = x = 0, p = dst; i > 0; i--, src++ )
@ -223,7 +223,7 @@ int base64_decode( unsigned char *dst, size_t *dlen,
return( 0 );
}
#if defined(POLARSSL_SELF_TEST)
#if defined(MBEDTLS_SELF_TEST)
static const unsigned char base64_test_dec[64] =
{
@ -244,48 +244,48 @@ static const unsigned char base64_test_enc[] =
/*
* Checkup routine
*/
int base64_self_test( int verbose )
int mbedtls_base64_self_test( int verbose )
{
size_t len;
const unsigned char *src;
unsigned char buffer[128];
if( verbose != 0 )
polarssl_printf( " Base64 encoding test: " );
mbedtls_printf( " Base64 encoding test: " );
len = sizeof( buffer );
src = base64_test_dec;
if( base64_encode( buffer, &len, src, 64 ) != 0 ||
if( mbedtls_base64_encode( buffer, &len, src, 64 ) != 0 ||
memcmp( base64_test_enc, buffer, 88 ) != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
mbedtls_printf( "failed\n" );
return( 1 );
}
if( verbose != 0 )
polarssl_printf( "passed\n Base64 decoding test: " );
mbedtls_printf( "passed\n Base64 decoding test: " );
len = sizeof( buffer );
src = base64_test_enc;
if( base64_decode( buffer, &len, src, 88 ) != 0 ||
if( mbedtls_base64_decode( buffer, &len, src, 88 ) != 0 ||
memcmp( base64_test_dec, buffer, 64 ) != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
mbedtls_printf( "failed\n" );
return( 1 );
}
if( verbose != 0 )
polarssl_printf( "passed\n\n" );
mbedtls_printf( "passed\n\n" );
return( 0 );
}
#endif /* POLARSSL_SELF_TEST */
#endif /* MBEDTLS_SELF_TEST */
#endif /* POLARSSL_BASE64_C */
#endif /* MBEDTLS_BASE64_C */

918
library/bignum.c
View File

File diff suppressed because it is too large Load Diff

134
library/blowfish.c
View File

@ -26,22 +26,22 @@
*
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_BLOWFISH_C)
#if defined(MBEDTLS_BLOWFISH_C)
#include "mbedtls/blowfish.h"
#include <string.h>
#if !defined(POLARSSL_BLOWFISH_ALT)
#if !defined(MBEDTLS_BLOWFISH_ALT)
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
@ -68,7 +68,7 @@ static void polarssl_zeroize( void *v, size_t n ) {
}
#endif
static const uint32_t P[BLOWFISH_ROUNDS + 2] = {
static const uint32_t P[MBEDTLS_BLOWFISH_ROUNDS + 2] = {
0x243F6A88L, 0x85A308D3L, 0x13198A2EL, 0x03707344L,
0xA4093822L, 0x299F31D0L, 0x082EFA98L, 0xEC4E6C89L,
0x452821E6L, 0x38D01377L, 0xBE5466CFL, 0x34E90C6CL,
@ -79,7 +79,7 @@ static const uint32_t P[BLOWFISH_ROUNDS + 2] = {
/* declarations of data at the end of this file */
static const uint32_t S[4][256];
static uint32_t F( blowfish_context *ctx, uint32_t x )
static uint32_t F( mbedtls_blowfish_context *ctx, uint32_t x )
{
unsigned short a, b, c, d;
uint32_t y;
@ -98,7 +98,7 @@ static uint32_t F( blowfish_context *ctx, uint32_t x )
return( y );
}
static void blowfish_enc( blowfish_context *ctx, uint32_t *xl, uint32_t *xr )
static void blowfish_enc( mbedtls_blowfish_context *ctx, uint32_t *xl, uint32_t *xr )
{
uint32_t Xl, Xr, temp;
short i;
@ -106,7 +106,7 @@ static void blowfish_enc( blowfish_context *ctx, uint32_t *xl, uint32_t *xr )
Xl = *xl;
Xr = *xr;
for( i = 0; i < BLOWFISH_ROUNDS; ++i )
for( i = 0; i < MBEDTLS_BLOWFISH_ROUNDS; ++i )
{
Xl = Xl ^ ctx->P[i];
Xr = F( ctx, Xl ) ^ Xr;
@ -120,14 +120,14 @@ static void blowfish_enc( blowfish_context *ctx, uint32_t *xl, uint32_t *xr )
Xl = Xr;
Xr = temp;
Xr = Xr ^ ctx->P[BLOWFISH_ROUNDS];
Xl = Xl ^ ctx->P[BLOWFISH_ROUNDS + 1];
Xr = Xr ^ ctx->P[MBEDTLS_BLOWFISH_ROUNDS];
Xl = Xl ^ ctx->P[MBEDTLS_BLOWFISH_ROUNDS + 1];
*xl = Xl;
*xr = Xr;
}
static void blowfish_dec( blowfish_context *ctx, uint32_t *xl, uint32_t *xr )
static void blowfish_dec( mbedtls_blowfish_context *ctx, uint32_t *xl, uint32_t *xr )
{
uint32_t Xl, Xr, temp;
short i;
@ -135,7 +135,7 @@ static void blowfish_dec( blowfish_context *ctx, uint32_t *xl, uint32_t *xr )
Xl = *xl;
Xr = *xr;
for( i = BLOWFISH_ROUNDS + 1; i > 1; --i )
for( i = MBEDTLS_BLOWFISH_ROUNDS + 1; i > 1; --i )
{
Xl = Xl ^ ctx->P[i];
Xr = F( ctx, Xl ) ^ Xr;
@ -156,32 +156,32 @@ static void blowfish_dec( blowfish_context *ctx, uint32_t *xl, uint32_t *xr )
*xr = Xr;
}
void blowfish_init( blowfish_context *ctx )
void mbedtls_blowfish_init( mbedtls_blowfish_context *ctx )
{
memset( ctx, 0, sizeof( blowfish_context ) );
memset( ctx, 0, sizeof( mbedtls_blowfish_context ) );
}
void blowfish_free( blowfish_context *ctx )
void mbedtls_blowfish_free( mbedtls_blowfish_context *ctx )
{
if( ctx == NULL )
return;
polarssl_zeroize( ctx, sizeof( blowfish_context ) );
mbedtls_zeroize( ctx, sizeof( mbedtls_blowfish_context ) );
}
/*
* Blowfish key schedule
*/
int blowfish_setkey( blowfish_context *ctx, const unsigned char *key,
int mbedtls_blowfish_setkey( mbedtls_blowfish_context *ctx, const unsigned char *key,
unsigned int keysize )
{
unsigned int i, j, k;
uint32_t data, datal, datar;
if( keysize < BLOWFISH_MIN_KEY || keysize > BLOWFISH_MAX_KEY ||
if( keysize < MBEDTLS_BLOWFISH_MIN_KEY || keysize > MBEDTLS_BLOWFISH_MAX_KEY ||
( keysize % 8 ) )
{
return( POLARSSL_ERR_BLOWFISH_INVALID_KEY_LENGTH );
return( MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH );
}
keysize >>= 3;
@ -193,7 +193,7 @@ int blowfish_setkey( blowfish_context *ctx, const unsigned char *key,
}
j = 0;
for( i = 0; i < BLOWFISH_ROUNDS + 2; ++i )
for( i = 0; i < MBEDTLS_BLOWFISH_ROUNDS + 2; ++i )
{
data = 0x00000000;
for( k = 0; k < 4; ++k )
@ -208,7 +208,7 @@ int blowfish_setkey( blowfish_context *ctx, const unsigned char *key,
datal = 0x00000000;
datar = 0x00000000;
for( i = 0; i < BLOWFISH_ROUNDS + 2; i += 2 )
for( i = 0; i < MBEDTLS_BLOWFISH_ROUNDS + 2; i += 2 )
{
blowfish_enc( ctx, &datal, &datar );
ctx->P[i] = datal;
@ -230,21 +230,21 @@ int blowfish_setkey( blowfish_context *ctx, const unsigned char *key,
/*
* Blowfish-ECB block encryption/decryption
*/
int blowfish_crypt_ecb( blowfish_context *ctx,
int mbedtls_blowfish_crypt_ecb( mbedtls_blowfish_context *ctx,
int mode,
const unsigned char input[BLOWFISH_BLOCKSIZE],
unsigned char output[BLOWFISH_BLOCKSIZE] )
const unsigned char input[MBEDTLS_BLOWFISH_BLOCKSIZE],
unsigned char output[MBEDTLS_BLOWFISH_BLOCKSIZE] )
{
uint32_t X0, X1;
GET_UINT32_BE( X0, input, 0 );
GET_UINT32_BE( X1, input, 4 );
if( mode == BLOWFISH_DECRYPT )
if( mode == MBEDTLS_BLOWFISH_DECRYPT )
{
blowfish_dec( ctx, &X0, &X1 );
}
else /* BLOWFISH_ENCRYPT */
else /* MBEDTLS_BLOWFISH_ENCRYPT */
{
blowfish_enc( ctx, &X0, &X1 );
}
@ -255,87 +255,87 @@ int blowfish_crypt_ecb( blowfish_context *ctx,
return( 0 );
}
#if defined(POLARSSL_CIPHER_MODE_CBC)
#if defined(MBEDTLS_CIPHER_MODE_CBC)
/*
* Blowfish-CBC buffer encryption/decryption
*/
int blowfish_crypt_cbc( blowfish_context *ctx,
int mbedtls_blowfish_crypt_cbc( mbedtls_blowfish_context *ctx,
int mode,
size_t length,
unsigned char iv[BLOWFISH_BLOCKSIZE],
unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE],
const unsigned char *input,
unsigned char *output )
{
int i;
unsigned char temp[BLOWFISH_BLOCKSIZE];
unsigned char temp[MBEDTLS_BLOWFISH_BLOCKSIZE];
if( length % BLOWFISH_BLOCKSIZE )
return( POLARSSL_ERR_BLOWFISH_INVALID_INPUT_LENGTH );
if( length % MBEDTLS_BLOWFISH_BLOCKSIZE )
return( MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH );
if( mode == BLOWFISH_DECRYPT )
if( mode == MBEDTLS_BLOWFISH_DECRYPT )
{
while( length > 0 )
{
memcpy( temp, input, BLOWFISH_BLOCKSIZE );
blowfish_crypt_ecb( ctx, mode, input, output );
memcpy( temp, input, MBEDTLS_BLOWFISH_BLOCKSIZE );
mbedtls_blowfish_crypt_ecb( ctx, mode, input, output );
for( i = 0; i < BLOWFISH_BLOCKSIZE;i++ )
for( i = 0; i < MBEDTLS_BLOWFISH_BLOCKSIZE;i++ )
output[i] = (unsigned char)( output[i] ^ iv[i] );
memcpy( iv, temp, BLOWFISH_BLOCKSIZE );
memcpy( iv, temp, MBEDTLS_BLOWFISH_BLOCKSIZE );
input += BLOWFISH_BLOCKSIZE;
output += BLOWFISH_BLOCKSIZE;
length -= BLOWFISH_BLOCKSIZE;
input += MBEDTLS_BLOWFISH_BLOCKSIZE;
output += MBEDTLS_BLOWFISH_BLOCKSIZE;
length -= MBEDTLS_BLOWFISH_BLOCKSIZE;
}
}
else
{
while( length > 0 )
{
for( i = 0; i < BLOWFISH_BLOCKSIZE; i++ )
for( i = 0; i < MBEDTLS_BLOWFISH_BLOCKSIZE; i++ )
output[i] = (unsigned char)( input[i] ^ iv[i] );
blowfish_crypt_ecb( ctx, mode, output, output );
memcpy( iv, output, BLOWFISH_BLOCKSIZE );
mbedtls_blowfish_crypt_ecb( ctx, mode, output, output );
memcpy( iv, output, MBEDTLS_BLOWFISH_BLOCKSIZE );
input += BLOWFISH_BLOCKSIZE;
output += BLOWFISH_BLOCKSIZE;
length -= BLOWFISH_BLOCKSIZE;
input += MBEDTLS_BLOWFISH_BLOCKSIZE;
output += MBEDTLS_BLOWFISH_BLOCKSIZE;
length -= MBEDTLS_BLOWFISH_BLOCKSIZE;
}
}
return( 0 );
}
#endif /* POLARSSL_CIPHER_MODE_CBC */
#endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(POLARSSL_CIPHER_MODE_CFB)
#if defined(MBEDTLS_CIPHER_MODE_CFB)
/*
* Blowfish CFB buffer encryption/decryption
*/
int blowfish_crypt_cfb64( blowfish_context *ctx,
int mbedtls_blowfish_crypt_cfb64( mbedtls_blowfish_context *ctx,
int mode,
size_t length,
size_t *iv_off,
unsigned char iv[BLOWFISH_BLOCKSIZE],
unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE],
const unsigned char *input,
unsigned char *output )
{
int c;
size_t n = *iv_off;
if( mode == BLOWFISH_DECRYPT )
if( mode == MBEDTLS_BLOWFISH_DECRYPT )
{
while( length-- )
{
if( n == 0 )
blowfish_crypt_ecb( ctx, BLOWFISH_ENCRYPT, iv, iv );
mbedtls_blowfish_crypt_ecb( ctx, MBEDTLS_BLOWFISH_ENCRYPT, iv, iv );
c = *input++;
*output++ = (unsigned char)( c ^ iv[n] );
iv[n] = (unsigned char) c;
n = ( n + 1 ) % BLOWFISH_BLOCKSIZE;
n = ( n + 1 ) % MBEDTLS_BLOWFISH_BLOCKSIZE;
}
}
else
@ -343,11 +343,11 @@ int blowfish_crypt_cfb64( blowfish_context *ctx,
while( length-- )
{
if( n == 0 )
blowfish_crypt_ecb( ctx, BLOWFISH_ENCRYPT, iv, iv );
mbedtls_blowfish_crypt_ecb( ctx, MBEDTLS_BLOWFISH_ENCRYPT, iv, iv );
iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ );
n = ( n + 1 ) % BLOWFISH_BLOCKSIZE;
n = ( n + 1 ) % MBEDTLS_BLOWFISH_BLOCKSIZE;
}
}
@ -355,17 +355,17 @@ int blowfish_crypt_cfb64( blowfish_context *ctx,
return( 0 );
}
#endif /*POLARSSL_CIPHER_MODE_CFB */
#endif /*MBEDTLS_CIPHER_MODE_CFB */
#if defined(POLARSSL_CIPHER_MODE_CTR)
#if defined(MBEDTLS_CIPHER_MODE_CTR)
/*
* Blowfish CTR buffer encryption/decryption
*/
int blowfish_crypt_ctr( blowfish_context *ctx,
int mbedtls_blowfish_crypt_ctr( mbedtls_blowfish_context *ctx,
size_t length,
size_t *nc_off,
unsigned char nonce_counter[BLOWFISH_BLOCKSIZE],
unsigned char stream_block[BLOWFISH_BLOCKSIZE],
unsigned char nonce_counter[MBEDTLS_BLOWFISH_BLOCKSIZE],
unsigned char stream_block[MBEDTLS_BLOWFISH_BLOCKSIZE],
const unsigned char *input,
unsigned char *output )
{
@ -375,24 +375,24 @@ int blowfish_crypt_ctr( blowfish_context *ctx,
while( length-- )
{
if( n == 0 ) {
blowfish_crypt_ecb( ctx, BLOWFISH_ENCRYPT, nonce_counter,
mbedtls_blowfish_crypt_ecb( ctx, MBEDTLS_BLOWFISH_ENCRYPT, nonce_counter,
stream_block );
for( i = BLOWFISH_BLOCKSIZE; i > 0; i-- )
for( i = MBEDTLS_BLOWFISH_BLOCKSIZE; i > 0; i-- )
if( ++nonce_counter[i - 1] != 0 )
break;
}
c = *input++;
*output++ = (unsigned char)( c ^ stream_block[n] );
n = ( n + 1 ) % BLOWFISH_BLOCKSIZE;
n = ( n + 1 ) % MBEDTLS_BLOWFISH_BLOCKSIZE;
}
*nc_off = n;
return( 0 );
}
#endif /* POLARSSL_CIPHER_MODE_CTR */
#endif /* MBEDTLS_CIPHER_MODE_CTR */
static const uint32_t S[4][256] = {
{ 0xD1310BA6L, 0x98DFB5ACL, 0x2FFD72DBL, 0xD01ADFB7L,
@ -653,5 +653,5 @@ static const uint32_t S[4][256] = {
0xB74E6132L, 0xCE77E25BL, 0x578FDFE3L, 0x3AC372E6L }
};
#endif /* !POLARSSL_BLOWFISH_ALT */
#endif /* POLARSSL_BLOWFISH_C */
#endif /* !MBEDTLS_BLOWFISH_ALT */
#endif /* MBEDTLS_BLOWFISH_C */

178
library/camellia.c
View File

@ -26,31 +26,31 @@
* http://info.isl.ntt.co.jp/crypt/eng/camellia/dl/01espec.pdf
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_CAMELLIA_C)
#if defined(MBEDTLS_CAMELLIA_C)
#include "mbedtls/camellia.h"
#include <string.h>
#if defined(POLARSSL_SELF_TEST)
#if defined(POLARSSL_PLATFORM_C)
#if defined(MBEDTLS_SELF_TEST)
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#include <stdio.h>
#define polarssl_printf printf
#endif /* POLARSSL_PLATFORM_C */
#endif /* POLARSSL_SELF_TEST */
#define mbedtls_printf printf
#endif /* MBEDTLS_PLATFORM_C */
#endif /* MBEDTLS_SELF_TEST */
#if !defined(POLARSSL_CAMELLIA_ALT)
#if !defined(MBEDTLS_CAMELLIA_ALT)
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
@ -87,7 +87,7 @@ static const unsigned char SIGMA_CHARS[6][8] =
{ 0xb0, 0x56, 0x88, 0xc2, 0xb3, 0xe6, 0xc1, 0xfd }
};
#if defined(POLARSSL_CAMELLIA_SMALL_MEMORY)
#if defined(MBEDTLS_CAMELLIA_SMALL_MEMORY)
static const unsigned char FSb[256] =
{
@ -114,7 +114,7 @@ static const unsigned char FSb[256] =
#define SBOX3(n) (unsigned char)((FSb[(n)] >> 1 ^ FSb[(n)] << 7) & 0xff)
#define SBOX4(n) FSb[((n) << 1 ^ (n) >> 7) &0xff]
#else /* POLARSSL_CAMELLIA_SMALL_MEMORY */
#else /* MBEDTLS_CAMELLIA_SMALL_MEMORY */
static const unsigned char FSb[256] =
{
@ -201,7 +201,7 @@ static const unsigned char FSb4[256] =
#define SBOX3(n) FSb3[(n)]
#define SBOX4(n) FSb4[(n)]
#endif /* POLARSSL_CAMELLIA_SMALL_MEMORY */
#endif /* MBEDTLS_CAMELLIA_SMALL_MEMORY */
static const unsigned char shifts[2][4][4] =
{
@ -324,23 +324,23 @@ static void camellia_feistel( const uint32_t x[2], const uint32_t k[2],
z[1] ^= I0;
}
void camellia_init( camellia_context *ctx )
void mbedtls_camellia_init( mbedtls_camellia_context *ctx )
{
memset( ctx, 0, sizeof( camellia_context ) );
memset( ctx, 0, sizeof( mbedtls_camellia_context ) );
}
void camellia_free( camellia_context *ctx )
void mbedtls_camellia_free( mbedtls_camellia_context *ctx )
{
if( ctx == NULL )
return;
polarssl_zeroize( ctx, sizeof( camellia_context ) );
mbedtls_zeroize( ctx, sizeof( mbedtls_camellia_context ) );
}
/*
* Camellia key schedule (encryption)
*/
int camellia_setkey_enc( camellia_context *ctx, const unsigned char *key,
int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx, const unsigned char *key,
unsigned int keysize )
{
int idx;
@ -361,7 +361,7 @@ int camellia_setkey_enc( camellia_context *ctx, const unsigned char *key,
case 128: ctx->nr = 3; idx = 0; break;
case 192:
case 256: ctx->nr = 4; idx = 1; break;
default : return( POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH );
default : return( MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH );
}
for( i = 0; i < keysize / 8; ++i )
@ -445,19 +445,19 @@ int camellia_setkey_enc( camellia_context *ctx, const unsigned char *key,
/*
* Camellia key schedule (decryption)
*/
int camellia_setkey_dec( camellia_context *ctx, const unsigned char *key,
int mbedtls_camellia_setkey_dec( mbedtls_camellia_context *ctx, const unsigned char *key,
unsigned int keysize )
{
int idx, ret;
size_t i;
camellia_context cty;
mbedtls_camellia_context cty;
uint32_t *RK;
uint32_t *SK;
camellia_init( &cty );
mbedtls_camellia_init( &cty );
/* Also checks keysize */
if( ( ret = camellia_setkey_enc( &cty, key, keysize ) ) != 0 )
if( ( ret = mbedtls_camellia_setkey_enc( &cty, key, keysize ) ) != 0 )
goto exit;
ctx->nr = cty.nr;
@ -485,7 +485,7 @@ int camellia_setkey_dec( camellia_context *ctx, const unsigned char *key,
*RK++ = *SK++;
exit:
camellia_free( &cty );
mbedtls_camellia_free( &cty );
return( ret );
}
@ -493,7 +493,7 @@ exit:
/*
* Camellia-ECB block encryption/decryption
*/
int camellia_crypt_ecb( camellia_context *ctx,
int mbedtls_camellia_crypt_ecb( mbedtls_camellia_context *ctx,
int mode,
const unsigned char input[16],
unsigned char output[16] )
@ -552,11 +552,11 @@ int camellia_crypt_ecb( camellia_context *ctx,
return( 0 );
}
#if defined(POLARSSL_CIPHER_MODE_CBC)
#if defined(MBEDTLS_CIPHER_MODE_CBC)
/*
* Camellia-CBC buffer encryption/decryption
*/
int camellia_crypt_cbc( camellia_context *ctx,
int mbedtls_camellia_crypt_cbc( mbedtls_camellia_context *ctx,
int mode,
size_t length,
unsigned char iv[16],
@ -567,14 +567,14 @@ int camellia_crypt_cbc( camellia_context *ctx,
unsigned char temp[16];
if( length % 16 )
return( POLARSSL_ERR_CAMELLIA_INVALID_INPUT_LENGTH );
return( MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH );
if( mode == CAMELLIA_DECRYPT )
if( mode == MBEDTLS_CAMELLIA_DECRYPT )
{
while( length > 0 )
{
memcpy( temp, input, 16 );
camellia_crypt_ecb( ctx, mode, input, output );
mbedtls_camellia_crypt_ecb( ctx, mode, input, output );
for( i = 0; i < 16; i++ )
output[i] = (unsigned char)( output[i] ^ iv[i] );
@ -593,7 +593,7 @@ int camellia_crypt_cbc( camellia_context *ctx,
for( i = 0; i < 16; i++ )
output[i] = (unsigned char)( input[i] ^ iv[i] );
camellia_crypt_ecb( ctx, mode, output, output );
mbedtls_camellia_crypt_ecb( ctx, mode, output, output );
memcpy( iv, output, 16 );
input += 16;
@ -604,13 +604,13 @@ int camellia_crypt_cbc( camellia_context *ctx,
return( 0 );
}
#endif /* POLARSSL_CIPHER_MODE_CBC */
#endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(POLARSSL_CIPHER_MODE_CFB)
#if defined(MBEDTLS_CIPHER_MODE_CFB)
/*
* Camellia-CFB128 buffer encryption/decryption
*/
int camellia_crypt_cfb128( camellia_context *ctx,
int mbedtls_camellia_crypt_cfb128( mbedtls_camellia_context *ctx,
int mode,
size_t length,
size_t *iv_off,
@ -621,12 +621,12 @@ int camellia_crypt_cfb128( camellia_context *ctx,
int c;
size_t n = *iv_off;
if( mode == CAMELLIA_DECRYPT )
if( mode == MBEDTLS_CAMELLIA_DECRYPT )
{
while( length-- )
{
if( n == 0 )
camellia_crypt_ecb( ctx, CAMELLIA_ENCRYPT, iv, iv );
mbedtls_camellia_crypt_ecb( ctx, MBEDTLS_CAMELLIA_ENCRYPT, iv, iv );
c = *input++;
*output++ = (unsigned char)( c ^ iv[n] );
@ -640,7 +640,7 @@ int camellia_crypt_cfb128( camellia_context *ctx,
while( length-- )
{
if( n == 0 )
camellia_crypt_ecb( ctx, CAMELLIA_ENCRYPT, iv, iv );
mbedtls_camellia_crypt_ecb( ctx, MBEDTLS_CAMELLIA_ENCRYPT, iv, iv );
iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ );
@ -652,13 +652,13 @@ int camellia_crypt_cfb128( camellia_context *ctx,
return( 0 );
}
#endif /* POLARSSL_CIPHER_MODE_CFB */
#endif /* MBEDTLS_CIPHER_MODE_CFB */
#if defined(POLARSSL_CIPHER_MODE_CTR)
#if defined(MBEDTLS_CIPHER_MODE_CTR)
/*
* Camellia-CTR buffer encryption/decryption
*/
int camellia_crypt_ctr( camellia_context *ctx,
int mbedtls_camellia_crypt_ctr( mbedtls_camellia_context *ctx,
size_t length,
size_t *nc_off,
unsigned char nonce_counter[16],
@ -672,7 +672,7 @@ int camellia_crypt_ctr( camellia_context *ctx,
while( length-- )
{
if( n == 0 ) {
camellia_crypt_ecb( ctx, CAMELLIA_ENCRYPT, nonce_counter,
mbedtls_camellia_crypt_ecb( ctx, MBEDTLS_CAMELLIA_ENCRYPT, nonce_counter,
stream_block );
for( i = 16; i > 0; i-- )
@ -689,10 +689,10 @@ int camellia_crypt_ctr( camellia_context *ctx,
return( 0 );
}
#endif /* POLARSSL_CIPHER_MODE_CTR */
#endif /* !POLARSSL_CAMELLIA_ALT */
#endif /* MBEDTLS_CIPHER_MODE_CTR */
#endif /* !MBEDTLS_CAMELLIA_ALT */
#if defined(POLARSSL_SELF_TEST)
#if defined(MBEDTLS_SELF_TEST)
/*
* Camellia test vectors from:
@ -762,7 +762,7 @@ static const unsigned char camellia_test_ecb_cipher[3][CAMELLIA_TESTS_ECB][16] =
}
};
#if defined(POLARSSL_CIPHER_MODE_CBC)
#if defined(MBEDTLS_CIPHER_MODE_CBC)
#define CAMELLIA_TESTS_CBC 3
static const unsigned char camellia_test_cbc_key[3][32] =
@ -824,9 +824,9 @@ static const unsigned char camellia_test_cbc_cipher[3][CAMELLIA_TESTS_CBC][16] =
0x33, 0x30, 0xCD, 0xF1, 0xB1, 0x86, 0x0A, 0x83 }
}
};
#endif /* POLARSSL_CIPHER_MODE_CBC */
#endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(POLARSSL_CIPHER_MODE_CTR)
#if defined(MBEDTLS_CIPHER_MODE_CTR)
/*
* Camellia-CTR test vectors from:
*
@ -887,28 +887,28 @@ static const unsigned char camellia_test_ctr_ct[3][48] =
static const int camellia_test_ctr_len[3] =
{ 16, 32, 36 };
#endif /* POLARSSL_CIPHER_MODE_CTR */
#endif /* MBEDTLS_CIPHER_MODE_CTR */
/*
* Checkup routine
*/
int camellia_self_test( int verbose )
int mbedtls_camellia_self_test( int verbose )
{
int i, j, u, v;
unsigned char key[32];
unsigned char buf[64];
unsigned char src[16];
unsigned char dst[16];
#if defined(POLARSSL_CIPHER_MODE_CBC)
#if defined(MBEDTLS_CIPHER_MODE_CBC)
unsigned char iv[16];
#endif
#if defined(POLARSSL_CIPHER_MODE_CTR)
#if defined(MBEDTLS_CIPHER_MODE_CTR)
size_t offset, len;
unsigned char nonce_counter[16];
unsigned char stream_block[16];
#endif
camellia_context ctx;
mbedtls_camellia_context ctx;
memset( key, 0, 32 );
@ -917,41 +917,41 @@ int camellia_self_test( int verbose )
v = j & 1;
if( verbose != 0 )
polarssl_printf( " CAMELLIA-ECB-%3d (%s): ", 128 + u * 64,
(v == CAMELLIA_DECRYPT) ? "dec" : "enc");
mbedtls_printf( " CAMELLIA-ECB-%3d (%s): ", 128 + u * 64,
(v == MBEDTLS_CAMELLIA_DECRYPT) ? "dec" : "enc");
for( i = 0; i < CAMELLIA_TESTS_ECB; i++ ) {
memcpy( key, camellia_test_ecb_key[u][i], 16 + 8 * u );
if( v == CAMELLIA_DECRYPT ) {
camellia_setkey_dec( &ctx, key, 128 + u * 64 );
if( v == MBEDTLS_CAMELLIA_DECRYPT ) {
mbedtls_camellia_setkey_dec( &ctx, key, 128 + u * 64 );
memcpy( src, camellia_test_ecb_cipher[u][i], 16 );
memcpy( dst, camellia_test_ecb_plain[i], 16 );
} else { /* CAMELLIA_ENCRYPT */
camellia_setkey_enc( &ctx, key, 128 + u * 64 );
} else { /* MBEDTLS_CAMELLIA_ENCRYPT */
mbedtls_camellia_setkey_enc( &ctx, key, 128 + u * 64 );
memcpy( src, camellia_test_ecb_plain[i], 16 );
memcpy( dst, camellia_test_ecb_cipher[u][i], 16 );
}
camellia_crypt_ecb( &ctx, v, src, buf );
mbedtls_camellia_crypt_ecb( &ctx, v, src, buf );
if( memcmp( buf, dst, 16 ) != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
mbedtls_printf( "failed\n" );
return( 1 );
}
}
if( verbose != 0 )
polarssl_printf( "passed\n" );
mbedtls_printf( "passed\n" );
}
if( verbose != 0 )
polarssl_printf( "\n" );
mbedtls_printf( "\n" );
#if defined(POLARSSL_CIPHER_MODE_CBC)
#if defined(MBEDTLS_CIPHER_MODE_CBC)
/*
* CBC mode
*/
@ -961,51 +961,51 @@ int camellia_self_test( int verbose )
v = j & 1;
if( verbose != 0 )
polarssl_printf( " CAMELLIA-CBC-%3d (%s): ", 128 + u * 64,
( v == CAMELLIA_DECRYPT ) ? "dec" : "enc" );
mbedtls_printf( " CAMELLIA-CBC-%3d (%s): ", 128 + u * 64,
( v == MBEDTLS_CAMELLIA_DECRYPT ) ? "dec" : "enc" );
memcpy( src, camellia_test_cbc_iv, 16 );
memcpy( dst, camellia_test_cbc_iv, 16 );
memcpy( key, camellia_test_cbc_key[u], 16 + 8 * u );
if( v == CAMELLIA_DECRYPT ) {
camellia_setkey_dec( &ctx, key, 128 + u * 64 );
if( v == MBEDTLS_CAMELLIA_DECRYPT ) {
mbedtls_camellia_setkey_dec( &ctx, key, 128 + u * 64 );
} else {
camellia_setkey_enc( &ctx, key, 128 + u * 64 );
mbedtls_camellia_setkey_enc( &ctx, key, 128 + u * 64 );
}
for( i = 0; i < CAMELLIA_TESTS_CBC; i++ ) {
if( v == CAMELLIA_DECRYPT ) {
if( v == MBEDTLS_CAMELLIA_DECRYPT ) {
memcpy( iv , src, 16 );
memcpy( src, camellia_test_cbc_cipher[u][i], 16 );
memcpy( dst, camellia_test_cbc_plain[i], 16 );
} else { /* CAMELLIA_ENCRYPT */
} else { /* MBEDTLS_CAMELLIA_ENCRYPT */
memcpy( iv , dst, 16 );
memcpy( src, camellia_test_cbc_plain[i], 16 );
memcpy( dst, camellia_test_cbc_cipher[u][i], 16 );
}
camellia_crypt_cbc( &ctx, v, 16, iv, src, buf );
mbedtls_camellia_crypt_cbc( &ctx, v, 16, iv, src, buf );
if( memcmp( buf, dst, 16 ) != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
mbedtls_printf( "failed\n" );
return( 1 );
}
}
if( verbose != 0 )
polarssl_printf( "passed\n" );
mbedtls_printf( "passed\n" );
}
#endif /* POLARSSL_CIPHER_MODE_CBC */
#endif /* MBEDTLS_CIPHER_MODE_CBC */
if( verbose != 0 )
polarssl_printf( "\n" );
mbedtls_printf( "\n" );
#if defined(POLARSSL_CIPHER_MODE_CTR)
#if defined(MBEDTLS_CIPHER_MODE_CTR)
/*
* CTR mode
*/
@ -1015,27 +1015,27 @@ int camellia_self_test( int verbose )
v = i & 1;
if( verbose != 0 )
polarssl_printf( " CAMELLIA-CTR-128 (%s): ",
( v == CAMELLIA_DECRYPT ) ? "dec" : "enc" );
mbedtls_printf( " CAMELLIA-CTR-128 (%s): ",
( v == MBEDTLS_CAMELLIA_DECRYPT ) ? "dec" : "enc" );
memcpy( nonce_counter, camellia_test_ctr_nonce_counter[u], 16 );
memcpy( key, camellia_test_ctr_key[u], 16 );
offset = 0;
camellia_setkey_enc( &ctx, key, 128 );
mbedtls_camellia_setkey_enc( &ctx, key, 128 );
if( v == CAMELLIA_DECRYPT )
if( v == MBEDTLS_CAMELLIA_DECRYPT )
{
len = camellia_test_ctr_len[u];
memcpy( buf, camellia_test_ctr_ct[u], len );
camellia_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block,
mbedtls_camellia_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block,
buf, buf );
if( memcmp( buf, camellia_test_ctr_pt[u], len ) != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
mbedtls_printf( "failed\n" );
return( 1 );
}
@ -1045,29 +1045,29 @@ int camellia_self_test( int verbose )
len = camellia_test_ctr_len[u];
memcpy( buf, camellia_test_ctr_pt[u], len );
camellia_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block,
mbedtls_camellia_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block,
buf, buf );
if( memcmp( buf, camellia_test_ctr_ct[u], len ) != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
mbedtls_printf( "failed\n" );
return( 1 );
}
}
if( verbose != 0 )
polarssl_printf( "passed\n" );
mbedtls_printf( "passed\n" );
}
if( verbose != 0 )
polarssl_printf( "\n" );
#endif /* POLARSSL_CIPHER_MODE_CTR */
mbedtls_printf( "\n" );
#endif /* MBEDTLS_CIPHER_MODE_CTR */
return( 0 );
}
#endif /* POLARSSL_SELF_TEST */
#endif /* MBEDTLS_SELF_TEST */
#endif /* POLARSSL_CAMELLIA_C */
#endif /* MBEDTLS_CAMELLIA_C */

96
library/ccm.c
View File

@ -29,29 +29,29 @@
* RFC 5116 "An Interface and Algorithms for Authenticated Encryption"
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_CCM_C)
#if defined(MBEDTLS_CCM_C)
#include "mbedtls/ccm.h"
#include <string.h>
#if defined(POLARSSL_SELF_TEST) && defined(POLARSSL_AES_C)
#if defined(POLARSSL_PLATFORM_C)
#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#include <stdio.h>
#define polarssl_printf printf
#endif /* POLARSSL_PLATFORM_C */
#endif /* POLARSSL_SELF_TEST && POLARSSL_AES_C */
#define mbedtls_printf printf
#endif /* MBEDTLS_PLATFORM_C */
#endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
@ -61,28 +61,28 @@ static void polarssl_zeroize( void *v, size_t n ) {
/*
* Initialize context
*/
int ccm_init( ccm_context *ctx, cipher_id_t cipher,
int mbedtls_ccm_init( mbedtls_ccm_context *ctx, mbedtls_cipher_id_t cipher,
const unsigned char *key, unsigned int keysize )
{
int ret;
const cipher_info_t *cipher_info;
const mbedtls_cipher_info_t *cipher_info;
memset( ctx, 0, sizeof( ccm_context ) );
memset( ctx, 0, sizeof( mbedtls_ccm_context ) );
cipher_init( &ctx->cipher_ctx );
mbedtls_cipher_init( &ctx->cipher_ctx );
cipher_info = cipher_info_from_values( cipher, keysize, POLARSSL_MODE_ECB );
cipher_info = mbedtls_cipher_info_from_values( cipher, keysize, MBEDTLS_MODE_ECB );
if( cipher_info == NULL )
return( POLARSSL_ERR_CCM_BAD_INPUT );
return( MBEDTLS_ERR_CCM_BAD_INPUT );
if( cipher_info->block_size != 16 )
return( POLARSSL_ERR_CCM_BAD_INPUT );
return( MBEDTLS_ERR_CCM_BAD_INPUT );
if( ( ret = cipher_init_ctx( &ctx->cipher_ctx, cipher_info ) ) != 0 )
if( ( ret = mbedtls_cipher_init_ctx( &ctx->cipher_ctx, cipher_info ) ) != 0 )
return( ret );
if( ( ret = cipher_setkey( &ctx->cipher_ctx, key, keysize,
POLARSSL_ENCRYPT ) ) != 0 )
if( ( ret = mbedtls_cipher_setkey( &ctx->cipher_ctx, key, keysize,
MBEDTLS_ENCRYPT ) ) != 0 )
{
return( ret );
}
@ -93,10 +93,10 @@ int ccm_init( ccm_context *ctx, cipher_id_t cipher,
/*
* Free context
*/
void ccm_free( ccm_context *ctx )
void mbedtls_ccm_free( mbedtls_ccm_context *ctx )
{
cipher_free( &ctx->cipher_ctx );
polarssl_zeroize( ctx, sizeof( ccm_context ) );
mbedtls_cipher_free( &ctx->cipher_ctx );
mbedtls_zeroize( ctx, sizeof( mbedtls_ccm_context ) );
}
/*
@ -112,7 +112,7 @@ void ccm_free( ccm_context *ctx )
for( i = 0; i < 16; i++ ) \
y[i] ^= b[i]; \
\
if( ( ret = cipher_update( &ctx->cipher_ctx, y, 16, y, &olen ) ) != 0 ) \
if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, y, 16, y, &olen ) ) != 0 ) \
return( ret );
/*
@ -121,7 +121,7 @@ void ccm_free( ccm_context *ctx )
* This avoids allocating one more 16 bytes buffer while allowing src == dst.
*/
#define CTR_CRYPT( dst, src, len ) \
if( ( ret = cipher_update( &ctx->cipher_ctx, ctr, 16, b, &olen ) ) != 0 ) \
if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctr, 16, b, &olen ) ) != 0 ) \
return( ret ); \
\
for( i = 0; i < len; i++ ) \
@ -130,7 +130,7 @@ void ccm_free( ccm_context *ctx )
/*
* Authenticated encryption or decryption
*/
static int ccm_auth_crypt( ccm_context *ctx, int mode, size_t length,
static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length,
const unsigned char *iv, size_t iv_len,
const unsigned char *add, size_t add_len,
const unsigned char *input, unsigned char *output,
@ -152,14 +152,14 @@ static int ccm_auth_crypt( ccm_context *ctx, int mode, size_t length,
* 'length' checked later (when writing it to the first block)
*/
if( tag_len < 4 || tag_len > 16 || tag_len % 2 != 0 )
return( POLARSSL_ERR_CCM_BAD_INPUT );
return( MBEDTLS_ERR_CCM_BAD_INPUT );
/* Also implies q is within bounds */
if( iv_len < 7 || iv_len > 13 )
return( POLARSSL_ERR_CCM_BAD_INPUT );
return( MBEDTLS_ERR_CCM_BAD_INPUT );
if( add_len > 0xFF00 )
return( POLARSSL_ERR_CCM_BAD_INPUT );
return( MBEDTLS_ERR_CCM_BAD_INPUT );
/*
* First block B_0:
@ -184,7 +184,7 @@ static int ccm_auth_crypt( ccm_context *ctx, int mode, size_t length,
b[15-i] = (unsigned char)( len_left & 0xFF );
if( len_left > 0 )
return( POLARSSL_ERR_CCM_BAD_INPUT );
return( MBEDTLS_ERR_CCM_BAD_INPUT );
/* Start CBC-MAC with first block */
@ -298,7 +298,7 @@ static int ccm_auth_crypt( ccm_context *ctx, int mode, size_t length,
/*
* Authenticated encryption
*/
int ccm_encrypt_and_tag( ccm_context *ctx, size_t length,
int mbedtls_ccm_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length,
const unsigned char *iv, size_t iv_len,
const unsigned char *add, size_t add_len,
const unsigned char *input, unsigned char *output,
@ -311,7 +311,7 @@ int ccm_encrypt_and_tag( ccm_context *ctx, size_t length,
/*
* Authenticated decryption
*/
int ccm_auth_decrypt( ccm_context *ctx, size_t length,
int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length,
const unsigned char *iv, size_t iv_len,
const unsigned char *add, size_t add_len,
const unsigned char *input, unsigned char *output,
@ -335,15 +335,15 @@ int ccm_auth_decrypt( ccm_context *ctx, size_t length,
if( diff != 0 )
{
polarssl_zeroize( output, length );
return( POLARSSL_ERR_CCM_AUTH_FAILED );
mbedtls_zeroize( output, length );
return( MBEDTLS_ERR_CCM_AUTH_FAILED );
}
return( 0 );
}
#if defined(POLARSSL_SELF_TEST) && defined(POLARSSL_AES_C)
#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
/*
* Examples 1 to 3 from SP800-38C Appendix C
*/
@ -391,17 +391,17 @@ static const unsigned char res[NB_TESTS][32] = {
0x48, 0x43, 0x92, 0xfb, 0xc1, 0xb0, 0x99, 0x51 }
};
int ccm_self_test( int verbose )
int mbedtls_ccm_self_test( int verbose )
{
ccm_context ctx;
mbedtls_ccm_context ctx;
unsigned char out[32];
size_t i;
int ret;
if( ccm_init( &ctx, POLARSSL_CIPHER_ID_AES, key, 8 * sizeof key ) != 0 )
if( mbedtls_ccm_init( &ctx, MBEDTLS_CIPHER_ID_AES, key, 8 * sizeof key ) != 0 )
{
if( verbose != 0 )
polarssl_printf( " CCM: setup failed" );
mbedtls_printf( " CCM: setup failed" );
return( 1 );
}
@ -409,9 +409,9 @@ int ccm_self_test( int verbose )
for( i = 0; i < NB_TESTS; i++ )
{
if( verbose != 0 )
polarssl_printf( " CCM-AES #%u: ", (unsigned int) i + 1 );
mbedtls_printf( " CCM-AES #%u: ", (unsigned int) i + 1 );
ret = ccm_encrypt_and_tag( &ctx, msg_len[i],
ret = mbedtls_ccm_encrypt_and_tag( &ctx, msg_len[i],
iv, iv_len[i], ad, add_len[i],
msg, out,
out + msg_len[i], tag_len[i] );
@ -420,12 +420,12 @@ int ccm_self_test( int verbose )
memcmp( out, res[i], msg_len[i] + tag_len[i] ) != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
mbedtls_printf( "failed\n" );
return( 1 );
}
ret = ccm_auth_decrypt( &ctx, msg_len[i],
ret = mbedtls_ccm_auth_decrypt( &ctx, msg_len[i],
iv, iv_len[i], ad, add_len[i],
res[i], out,
res[i] + msg_len[i], tag_len[i] );
@ -434,23 +434,23 @@ int ccm_self_test( int verbose )
memcmp( out, msg, msg_len[i] ) != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
mbedtls_printf( "failed\n" );
return( 1 );
}
if( verbose != 0 )
polarssl_printf( "passed\n" );
mbedtls_printf( "passed\n" );
}
ccm_free( &ctx );
mbedtls_ccm_free( &ctx );
if( verbose != 0 )
polarssl_printf( "\n" );
mbedtls_printf( "\n" );
return( 0 );
}
#endif /* POLARSSL_SELF_TEST && POLARSSL_AES_C */
#endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */
#endif /* POLARSSL_CCM_C */
#endif /* MBEDTLS_CCM_C */

166
library/certs.c
View File

@ -20,17 +20,17 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#include "mbedtls/certs.h"
#if defined(POLARSSL_CERTS_C)
#if defined(MBEDTLS_CERTS_C)
#if defined(POLARSSL_ECDSA_C)
#if defined(MBEDTLS_ECDSA_C)
#define TEST_CA_CRT_EC \
"-----BEGIN CERTIFICATE-----\r\n" \
"MIICUjCCAdegAwIBAgIJAMFD4n5iQ8zoMAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT\r\n" \
@ -47,9 +47,9 @@
"t4d0PCu412mUC6Nnd7izvtE2MgIxAP1nnJQjZ8BWukszFQDG48wxCCyci9qpdSMv\r\n" \
"uCjn8pwUOkABXK8Mss90fzCfCEOtIA==\r\n" \
"-----END CERTIFICATE-----\r\n"
const char test_ca_crt_ec[] = TEST_CA_CRT_EC;
const char mbedtls_test_ca_crt_ec[] = TEST_CA_CRT_EC;
const char test_ca_key_ec[] =
const char mbedtls_test_ca_key_ec[] =
"-----BEGIN EC PRIVATE KEY-----\r\n"
"Proc-Type: 4,ENCRYPTED\r\n"
"DEK-Info: DES-EDE3-CBC,307EAB469933D64E\r\n"
@ -60,9 +60,9 @@ const char test_ca_key_ec[] =
"a77x/sY1Bvii8S9/XhDTb6pTMx06wzrm\r\n"
"-----END EC PRIVATE KEY-----\r\n";
const char test_ca_pwd_ec[] = "PolarSSLTest";
const char mbedtls_test_ca_pwd_ec[] = "PolarSSLTest";
const char test_srv_crt_ec[] =
const char mbedtls_test_srv_crt_ec[] =
"-----BEGIN CERTIFICATE-----\r\n"
"MIICHzCCAaWgAwIBAgIBCTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G\r\n"
"A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN\r\n"
@ -78,14 +78,14 @@ const char test_srv_crt_ec[] =
"fGa5kHvHARBPc8YAIVIqDvHH1Q==\r\n"
"-----END CERTIFICATE-----\r\n";
const char test_srv_key_ec[] =
const char mbedtls_test_srv_key_ec[] =
"-----BEGIN EC PRIVATE KEY-----\r\n"
"MHcCAQEEIPEqEyB2AnCoPL/9U/YDHvdqXYbIogTywwyp6/UfDw6noAoGCCqGSM49\r\n"
"AwEHoUQDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO5QDYIxH/\r\n"
"6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/w==\r\n"
"-----END EC PRIVATE KEY-----\r\n";
const char test_cli_crt_ec[] =
const char mbedtls_test_cli_crt_ec[] =
"-----BEGIN CERTIFICATE-----\r\n"
"MIICLDCCAbKgAwIBAgIBDTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G\r\n"
"A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN\r\n"
@ -101,25 +101,25 @@ const char test_cli_crt_ec[] =
"LwjQje5PDGHfd3h9tP38Qknu5bJqws0md2KOKHyeV0U=\r\n"
"-----END CERTIFICATE-----\r\n";
const char test_cli_key_ec[] =
const char mbedtls_test_cli_key_ec[] =
"-----BEGIN EC PRIVATE KEY-----\r\n"
"MHcCAQEEIPb3hmTxZ3/mZI3vyk7p3U3wBf+WIop6hDhkFzJhmLcqoAoGCCqGSM49\r\n"
"AwEHoUQDQgAEV+WusXPf06y7k7iB/xKu7uZTrM5VU/Y0Dswu42MlC9+Y4vNcYDaW\r\n"
"wNUYFHDlf5/VS0UY5bBs1Vz4lo+HcKPkxw==\r\n"
"-----END EC PRIVATE KEY-----\r\n";
const size_t test_ca_crt_ec_len = sizeof( test_ca_crt_ec );
const size_t test_ca_key_ec_len = sizeof( test_ca_key_ec );
const size_t test_ca_pwd_ec_len = sizeof( test_ca_pwd_ec ) - 1;
const size_t test_srv_crt_ec_len = sizeof( test_srv_crt_ec );
const size_t test_srv_key_ec_len = sizeof( test_srv_key_ec );
const size_t test_cli_crt_ec_len = sizeof( test_cli_crt_ec );
const size_t test_cli_key_ec_len = sizeof( test_cli_key_ec );
const size_t mbedtls_test_ca_crt_ec_len = sizeof( mbedtls_test_ca_crt_ec );
const size_t mbedtls_test_ca_key_ec_len = sizeof( mbedtls_test_ca_key_ec );
const size_t mbedtls_test_ca_pwd_ec_len = sizeof( mbedtls_test_ca_pwd_ec ) - 1;
const size_t mbedtls_test_srv_crt_ec_len = sizeof( mbedtls_test_srv_crt_ec );
const size_t mbedtls_test_srv_key_ec_len = sizeof( mbedtls_test_srv_key_ec );
const size_t mbedtls_test_cli_crt_ec_len = sizeof( mbedtls_test_cli_crt_ec );
const size_t mbedtls_test_cli_key_ec_len = sizeof( mbedtls_test_cli_key_ec );
#else
#define TEST_CA_CRT_EC
#endif /* POLARSSL_ECDSA_C */
#endif /* MBEDTLS_ECDSA_C */
#if defined(POLARSSL_RSA_C)
#if defined(MBEDTLS_RSA_C)
#define TEST_CA_CRT_RSA \
"-----BEGIN CERTIFICATE-----\r\n" \
"MIIDhzCCAm+gAwIBAgIBADANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER\r\n" \
@ -142,9 +142,9 @@ const size_t test_cli_key_ec_len = sizeof( test_cli_key_ec );
"m/UTSLBNFNHesiTZeH31NcxYGdHSme9Nc/gfidRa0FLOCfWxRlFqAI47zG9jAQCZ\r\n" \
"7Z2mCGDNMhjQc+BYcdnl0lPXjdDK6V0qCg1dVewhUBcW5gZKzV7e9+DpVA==\r\n" \
"-----END CERTIFICATE-----\r\n"
const char test_ca_crt_rsa[] = TEST_CA_CRT_RSA;
const char mbedtls_test_ca_crt_rsa[] = TEST_CA_CRT_RSA;
const char test_ca_key_rsa[] =
const char mbedtls_test_ca_key_rsa[] =
"-----BEGIN RSA PRIVATE KEY-----\r\n"
"Proc-Type: 4,ENCRYPTED\r\n"
"DEK-Info: DES-EDE3-CBC,A8A95B05D5B7206B\r\n"
@ -176,9 +176,9 @@ const char test_ca_key_rsa[] =
"P/eQiddSf0brnpiLJRh7qZrl9XuqYdpUqnoEdMAfotDOID8OtV7gt8a48ad8VPW2\r\n"
"-----END RSA PRIVATE KEY-----\r\n";
const char test_ca_pwd_rsa[] = "PolarSSLTest";
const char mbedtls_test_ca_pwd_rsa[] = "PolarSSLTest";
const char test_srv_crt_rsa[] =
const char mbedtls_test_srv_crt_rsa[] =
"-----BEGIN CERTIFICATE-----\r\n"
"MIIDNzCCAh+gAwIBAgIBAjANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER\r\n"
"MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n"
@ -200,7 +200,7 @@ const char test_srv_crt_rsa[] =
"zhuYwjVuX6JHG0c=\r\n"
"-----END CERTIFICATE-----\r\n";
const char test_srv_key_rsa[] =
const char mbedtls_test_srv_key_rsa[] =
"-----BEGIN RSA PRIVATE KEY-----\r\n"
"MIIEpAIBAAKCAQEAwU2j3efNHdEE10lyuJmsDnjkOjxKzzoTFtBa5M2jAIin7h5r\r\n"
"lqdStJDvLXJ6PiSa/LY0rCT1d+AmZIycsCh9odrqjObJHJa8/sEEUrM21KP64bF2\r\n"
@ -229,7 +229,7 @@ const char test_srv_key_rsa[] =
"TB6l9VGoxJL4fyHnZb8L5gGvnB1bbD8cL6YPaDiOhcRseC9vBiEuVg==\r\n"
"-----END RSA PRIVATE KEY-----\r\n";
const char test_cli_crt_rsa[] =
const char mbedtls_test_cli_crt_rsa[] =
"-----BEGIN CERTIFICATE-----\r\n"
"MIIDPzCCAiegAwIBAgIBBDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER\r\n"
"MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n"
@ -251,7 +251,7 @@ const char test_cli_crt_rsa[] =
"D+stpAKiQLAWaAusIWKYEyw9MQ==\r\n"
"-----END CERTIFICATE-----\r\n";
const char test_cli_key_rsa[] =
const char mbedtls_test_cli_key_rsa[] =
"-----BEGIN RSA PRIVATE KEY-----\r\n"
"MIIEpAIBAAKCAQEAyHTEzLn5tXnpRdkUYLB9u5Pyax6fM60Nj4o8VmXl3ETZzGaF\r\n"
"B9X4J7BKNdBjngpuG7fa8H6r7gwQk4ZJGDTzqCrSV/Uu1C93KYRhTYJQj6eVSHD1\r\n"
@ -280,83 +280,83 @@ const char test_cli_key_rsa[] =
"8u4ytY0F+Vlanj5lm3TaoHSVF1+NWPyOTiwevIECGKwSxvlki4fDAA==\r\n"
"-----END RSA PRIVATE KEY-----\r\n";
const size_t test_ca_crt_rsa_len = sizeof( test_ca_crt_rsa );
const size_t test_ca_key_rsa_len = sizeof( test_ca_key_rsa );
const size_t test_ca_pwd_rsa_len = sizeof( test_ca_pwd_rsa ) - 1;
const size_t test_srv_crt_rsa_len = sizeof( test_srv_crt_rsa );
const size_t test_srv_key_rsa_len = sizeof( test_srv_key_rsa );
const size_t test_cli_crt_rsa_len = sizeof( test_cli_crt_rsa );
const size_t test_cli_key_rsa_len = sizeof( test_cli_key_rsa );
const size_t mbedtls_test_ca_crt_rsa_len = sizeof( mbedtls_test_ca_crt_rsa );
const size_t mbedtls_test_ca_key_rsa_len = sizeof( mbedtls_test_ca_key_rsa );
const size_t mbedtls_test_ca_pwd_rsa_len = sizeof( mbedtls_test_ca_pwd_rsa ) - 1;
const size_t mbedtls_test_srv_crt_rsa_len = sizeof( mbedtls_test_srv_crt_rsa );
const size_t mbedtls_test_srv_key_rsa_len = sizeof( mbedtls_test_srv_key_rsa );
const size_t mbedtls_test_cli_crt_rsa_len = sizeof( mbedtls_test_cli_crt_rsa );
const size_t mbedtls_test_cli_key_rsa_len = sizeof( mbedtls_test_cli_key_rsa );
#else
#define TEST_CA_CRT_RSA
#endif /* POLARSSL_RSA_C */
#endif /* MBEDTLS_RSA_C */
#if defined(POLARSSL_DHM_C)
const char test_dhm_params[] =
#if defined(MBEDTLS_DHM_C)
const char mbedtls_test_dhm_params[] =
"-----BEGIN DH PARAMETERS-----\r\n"
"MIGHAoGBAJ419DBEOgmQTzo5qXl5fQcN9TN455wkOL7052HzxxRVMyhYmwQcgJvh\r\n"
"1sa18fyfR9OiVEMYglOpkqVoGLN7qd5aQNNi5W7/C+VBdHTBJcGZJyyP5B3qcz32\r\n"
"9mLJKudlVudV0Qxk5qUJaPZ/xupz0NyoVpviuiBOI1gNi8ovSXWzAgEC\r\n"
"-----END DH PARAMETERS-----\r\n";
const size_t test_dhm_params_len = sizeof( test_dhm_params );
const size_t mbedtls_test_dhm_params_len = sizeof( mbedtls_test_dhm_params );
#endif
#if defined(POLARSSL_PEM_PARSE_C)
#if defined(MBEDTLS_PEM_PARSE_C)
/* Concatenation of all available CA certificates */
const char test_cas_pem[] = TEST_CA_CRT_RSA TEST_CA_CRT_EC;
const size_t test_cas_pem_len = sizeof( test_cas_pem );
const char mbedtls_test_cas_pem[] = TEST_CA_CRT_RSA TEST_CA_CRT_EC;
const size_t mbedtls_test_cas_pem_len = sizeof( mbedtls_test_cas_pem );
#endif
/* List of all available CA certificates */
const char * test_cas[] = {
#if defined(POLARSSL_RSA_C)
test_ca_crt_rsa,
const char * mbedtls_test_cas[] = {
#if defined(MBEDTLS_RSA_C)
mbedtls_test_ca_crt_rsa,
#endif
#if defined(POLARSSL_ECDSA_C)
test_ca_crt_ec,
#if defined(MBEDTLS_ECDSA_C)
mbedtls_test_ca_crt_ec,
#endif
NULL
};
const size_t test_cas_len[] = {
#if defined(POLARSSL_RSA_C)
sizeof( test_ca_crt_rsa_len ),
const size_t mbedtls_test_cas_len[] = {
#if defined(MBEDTLS_RSA_C)
sizeof( mbedtls_test_ca_crt_rsa_len ),
#endif
#if defined(POLARSSL_ECDSA_C)
sizeof( test_ca_crt_ec_len ),
#if defined(MBEDTLS_ECDSA_C)
sizeof( mbedtls_test_ca_crt_ec_len ),
#endif
0
};
#if defined(POLARSSL_RSA_C)
const char *test_ca_crt = test_ca_crt_rsa;
const char *test_ca_key = test_ca_key_rsa;
const char *test_ca_pwd = test_ca_pwd_rsa;
const char *test_srv_crt = test_srv_crt_rsa;
const char *test_srv_key = test_srv_key_rsa;
const char *test_cli_crt = test_cli_crt_rsa;
const char *test_cli_key = test_cli_key_rsa;
const size_t test_ca_crt_len = sizeof( test_ca_crt_rsa );
const size_t test_ca_key_len = sizeof( test_ca_key_rsa );
const size_t test_ca_pwd_len = sizeof( test_ca_pwd_rsa ) - 1;
const size_t test_srv_crt_len = sizeof( test_srv_crt_rsa );
const size_t test_srv_key_len = sizeof( test_srv_key_rsa );
const size_t test_cli_crt_len = sizeof( test_cli_crt_rsa );
const size_t test_cli_key_len = sizeof( test_cli_key_rsa );
#else /* ! POLARSSL_RSA_C, so POLARSSL_ECDSA_C */
const char *test_ca_crt = test_ca_crt_ec;
const char *test_ca_key = test_ca_key_ec;
const char *test_ca_pwd = test_ca_pwd_ec;
const char *test_srv_crt = test_srv_crt_ec;
const char *test_srv_key = test_srv_key_ec;
const char *test_cli_crt = test_cli_crt_ec;
const char *test_cli_key = test_cli_key_ec;
const size_t test_ca_crt_len = sizeof( test_ca_crt_ec );
const size_t test_ca_key_len = sizeof( test_ca_key_ec );
const size_t test_ca_pwd_len = sizeof( test_ca_pwd_ec ) - 1;
const size_t test_srv_crt_len = sizeof( test_srv_crt_ec );
const size_t test_srv_key_len = sizeof( test_srv_key_ec );
const size_t test_cli_crt_len = sizeof( test_cli_crt_ec );
const size_t test_cli_key_len = sizeof( test_cli_key_ec );
#endif /* POLARSSL_RSA_C */
#if defined(MBEDTLS_RSA_C)
const char *mbedtls_test_ca_crt = mbedtls_test_ca_crt_rsa;
const char *mbedtls_test_ca_key = mbedtls_test_ca_key_rsa;
const char *mbedtls_test_ca_pwd = mbedtls_test_ca_pwd_rsa;
const char *mbedtls_test_srv_crt = mbedtls_test_srv_crt_rsa;
const char *mbedtls_test_srv_key = mbedtls_test_srv_key_rsa;
const char *mbedtls_test_cli_crt = mbedtls_test_cli_crt_rsa;
const char *mbedtls_test_cli_key = mbedtls_test_cli_key_rsa;
const size_t mbedtls_test_ca_crt_len = sizeof( mbedtls_test_ca_crt_rsa );
const size_t mbedtls_test_ca_key_len = sizeof( mbedtls_test_ca_key_rsa );
const size_t mbedtls_test_ca_pwd_len = sizeof( mbedtls_test_ca_pwd_rsa ) - 1;
const size_t mbedtls_test_srv_crt_len = sizeof( mbedtls_test_srv_crt_rsa );
const size_t mbedtls_test_srv_key_len = sizeof( mbedtls_test_srv_key_rsa );
const size_t mbedtls_test_cli_crt_len = sizeof( mbedtls_test_cli_crt_rsa );
const size_t mbedtls_test_cli_key_len = sizeof( mbedtls_test_cli_key_rsa );
#else /* ! MBEDTLS_RSA_C, so MBEDTLS_ECDSA_C */
const char *mbedtls_test_ca_crt = mbedtls_test_ca_crt_ec;
const char *mbedtls_test_ca_key = mbedtls_test_ca_key_ec;
const char *mbedtls_test_ca_pwd = mbedtls_test_ca_pwd_ec;
const char *mbedtls_test_srv_crt = mbedtls_test_srv_crt_ec;
const char *mbedtls_test_srv_key = mbedtls_test_srv_key_ec;
const char *mbedtls_test_cli_crt = mbedtls_test_cli_crt_ec;
const char *mbedtls_test_cli_key = mbedtls_test_cli_key_ec;
const size_t mbedtls_test_ca_crt_len = sizeof( mbedtls_test_ca_crt_ec );
const size_t mbedtls_test_ca_key_len = sizeof( mbedtls_test_ca_key_ec );
const size_t mbedtls_test_ca_pwd_len = sizeof( mbedtls_test_ca_pwd_ec ) - 1;
const size_t mbedtls_test_srv_crt_len = sizeof( mbedtls_test_srv_crt_ec );
const size_t mbedtls_test_srv_key_len = sizeof( mbedtls_test_srv_key_ec );
const size_t mbedtls_test_cli_crt_len = sizeof( mbedtls_test_cli_crt_ec );
const size_t mbedtls_test_cli_key_len = sizeof( mbedtls_test_cli_key_ec );
#endif /* MBEDTLS_RSA_C */
#endif /* POLARSSL_CERTS_C */
#endif /* MBEDTLS_CERTS_C */

392
library/cipher.c
View File

@ -24,13 +24,13 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_CIPHER_C)
#if defined(MBEDTLS_CIPHER_C)
#include "mbedtls/cipher.h"
#include "mbedtls/cipher_wrap.h"
@ -38,16 +38,16 @@
#include <stdlib.h>
#include <string.h>
#if defined(POLARSSL_GCM_C)
#if defined(MBEDTLS_GCM_C)
#include "mbedtls/gcm.h"
#endif
#if defined(POLARSSL_CCM_C)
#if defined(MBEDTLS_CCM_C)
#include "mbedtls/ccm.h"
#endif
#if defined(POLARSSL_ARC4_C) || defined(POLARSSL_CIPHER_NULL_CIPHER)
#define POLARSSL_CIPHER_MODE_STREAM
#if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER)
#define MBEDTLS_CIPHER_MODE_STREAM
#endif
#if defined(_MSC_VER) && !defined strcasecmp && !defined(EFIX64) && \
@ -56,21 +56,21 @@
#endif
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
static int supported_init = 0;
const int *cipher_list( void )
const int *mbedtls_cipher_list( void )
{
const cipher_definition_t *def;
const mbedtls_cipher_definition_t *def;
int *type;
if( ! supported_init )
{
def = cipher_definitions;
type = supported_ciphers;
def = mbedtls_cipher_definitions;
type = mbedtls_cipher_supported;
while( def->type != 0 )
*type++ = (*def++).type;
@ -80,41 +80,41 @@ const int *cipher_list( void )
supported_init = 1;
}
return( supported_ciphers );
return( mbedtls_cipher_supported );
}
const cipher_info_t *cipher_info_from_type( const cipher_type_t cipher_type )
const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type( const mbedtls_cipher_type_t cipher_type )
{
const cipher_definition_t *def;
const mbedtls_cipher_definition_t *def;
for( def = cipher_definitions; def->info != NULL; def++ )
for( def = mbedtls_cipher_definitions; def->info != NULL; def++ )
if( def->type == cipher_type )
return( def->info );
return( NULL );
}
const cipher_info_t *cipher_info_from_string( const char *cipher_name )
const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string( const char *cipher_name )
{
const cipher_definition_t *def;
const mbedtls_cipher_definition_t *def;
if( NULL == cipher_name )
return( NULL );
for( def = cipher_definitions; def->info != NULL; def++ )
for( def = mbedtls_cipher_definitions; def->info != NULL; def++ )
if( ! strcasecmp( def->info->name, cipher_name ) )
return( def->info );
return( NULL );
}
const cipher_info_t *cipher_info_from_values( const cipher_id_t cipher_id,
const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values( const mbedtls_cipher_id_t cipher_id,
int key_length,
const cipher_mode_t mode )
const mbedtls_cipher_mode_t mode )
{
const cipher_definition_t *def;
const mbedtls_cipher_definition_t *def;
for( def = cipher_definitions; def->info != NULL; def++ )
for( def = mbedtls_cipher_definitions; def->info != NULL; def++ )
if( def->info->base->cipher == cipher_id &&
def->info->key_length == (unsigned) key_length &&
def->info->mode == mode )
@ -123,12 +123,12 @@ const cipher_info_t *cipher_info_from_values( const cipher_id_t cipher_id,
return( NULL );
}
void cipher_init( cipher_context_t *ctx )
void mbedtls_cipher_init( mbedtls_cipher_context_t *ctx )
{
memset( ctx, 0, sizeof( cipher_context_t ) );
memset( ctx, 0, sizeof( mbedtls_cipher_context_t ) );
}
void cipher_free( cipher_context_t *ctx )
void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx )
{
if( ctx == NULL )
return;
@ -136,45 +136,45 @@ void cipher_free( cipher_context_t *ctx )
if( ctx->cipher_ctx )
ctx->cipher_info->base->ctx_free_func( ctx->cipher_ctx );
polarssl_zeroize( ctx, sizeof(cipher_context_t) );
mbedtls_zeroize( ctx, sizeof(mbedtls_cipher_context_t) );
}
int cipher_init_ctx( cipher_context_t *ctx, const cipher_info_t *cipher_info )
int mbedtls_cipher_init_ctx( mbedtls_cipher_context_t *ctx, const mbedtls_cipher_info_t *cipher_info )
{
if( NULL == cipher_info || NULL == ctx )
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
memset( ctx, 0, sizeof( cipher_context_t ) );
memset( ctx, 0, sizeof( mbedtls_cipher_context_t ) );
if( NULL == ( ctx->cipher_ctx = cipher_info->base->ctx_alloc_func() ) )
return( POLARSSL_ERR_CIPHER_ALLOC_FAILED );
return( MBEDTLS_ERR_CIPHER_ALLOC_FAILED );
ctx->cipher_info = cipher_info;
#if defined(POLARSSL_CIPHER_MODE_WITH_PADDING)
#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
/*
* Ignore possible errors caused by a cipher mode that doesn't use padding
*/
#if defined(POLARSSL_CIPHER_PADDING_PKCS7)
(void) cipher_set_padding_mode( ctx, POLARSSL_PADDING_PKCS7 );
#if defined(MBEDTLS_CIPHER_PADDING_PKCS7)
(void) mbedtls_cipher_set_padding_mode( ctx, MBEDTLS_PADDING_PKCS7 );
#else
(void) cipher_set_padding_mode( ctx, POLARSSL_PADDING_NONE );
(void) mbedtls_cipher_set_padding_mode( ctx, MBEDTLS_PADDING_NONE );
#endif
#endif /* POLARSSL_CIPHER_MODE_WITH_PADDING */
#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
return( 0 );
}
int cipher_setkey( cipher_context_t *ctx, const unsigned char *key,
int key_length, const operation_t operation )
int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, const unsigned char *key,
int key_length, const mbedtls_operation_t operation )
{
if( NULL == ctx || NULL == ctx->cipher_info )
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
if( ( ctx->cipher_info->flags & POLARSSL_CIPHER_VARIABLE_KEY_LEN ) == 0 &&
if( ( ctx->cipher_info->flags & MBEDTLS_CIPHER_VARIABLE_KEY_LEN ) == 0 &&
(int) ctx->cipher_info->key_length != key_length )
{
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
}
ctx->key_length = key_length;
@ -183,34 +183,34 @@ int cipher_setkey( cipher_context_t *ctx, const unsigned char *key,
/*
* For CFB and CTR mode always use the encryption key schedule
*/
if( POLARSSL_ENCRYPT == operation ||
POLARSSL_MODE_CFB == ctx->cipher_info->mode ||
POLARSSL_MODE_CTR == ctx->cipher_info->mode )
if( MBEDTLS_ENCRYPT == operation ||
MBEDTLS_MODE_CFB == ctx->cipher_info->mode ||
MBEDTLS_MODE_CTR == ctx->cipher_info->mode )
{
return ctx->cipher_info->base->setkey_enc_func( ctx->cipher_ctx, key,
ctx->key_length );
}
if( POLARSSL_DECRYPT == operation )
if( MBEDTLS_DECRYPT == operation )
return ctx->cipher_info->base->setkey_dec_func( ctx->cipher_ctx, key,
ctx->key_length );
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
}
int cipher_set_iv( cipher_context_t *ctx,
int mbedtls_cipher_set_iv( mbedtls_cipher_context_t *ctx,
const unsigned char *iv, size_t iv_len )
{
size_t actual_iv_size;
if( NULL == ctx || NULL == ctx->cipher_info || NULL == iv )
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
/* avoid buffer overflow in ctx->iv */
if( iv_len > POLARSSL_MAX_IV_LENGTH )
return( POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE );
if( iv_len > MBEDTLS_MAX_IV_LENGTH )
return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
if( ( ctx->cipher_info->flags & POLARSSL_CIPHER_VARIABLE_IV_LEN ) != 0 )
if( ( ctx->cipher_info->flags & MBEDTLS_CIPHER_VARIABLE_IV_LEN ) != 0 )
actual_iv_size = iv_len;
else
{
@ -218,7 +218,7 @@ int cipher_set_iv( cipher_context_t *ctx,
/* avoid reading past the end of input buffer */
if( actual_iv_size > iv_len )
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
}
memcpy( ctx->iv, iv, actual_iv_size );
@ -227,49 +227,49 @@ int cipher_set_iv( cipher_context_t *ctx,
return( 0 );
}
int cipher_reset( cipher_context_t *ctx )
int mbedtls_cipher_reset( mbedtls_cipher_context_t *ctx )
{
if( NULL == ctx || NULL == ctx->cipher_info )
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
ctx->unprocessed_len = 0;
return( 0 );
}
#if defined(POLARSSL_GCM_C)
int cipher_update_ad( cipher_context_t *ctx,
#if defined(MBEDTLS_GCM_C)
int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx,
const unsigned char *ad, size_t ad_len )
{
if( NULL == ctx || NULL == ctx->cipher_info )
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
if( POLARSSL_MODE_GCM == ctx->cipher_info->mode )
if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode )
{
return gcm_starts( (gcm_context *) ctx->cipher_ctx, ctx->operation,
return mbedtls_gcm_starts( (mbedtls_gcm_context *) ctx->cipher_ctx, ctx->operation,
ctx->iv, ctx->iv_size, ad, ad_len );
}
return( 0 );
}
#endif /* POLARSSL_GCM_C */
#endif /* MBEDTLS_GCM_C */
int cipher_update( cipher_context_t *ctx, const unsigned char *input,
int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *input,
size_t ilen, unsigned char *output, size_t *olen )
{
int ret;
if( NULL == ctx || NULL == ctx->cipher_info || NULL == olen )
{
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
}
*olen = 0;
if( ctx->cipher_info->mode == POLARSSL_MODE_ECB )
if( ctx->cipher_info->mode == MBEDTLS_MODE_ECB )
{
if( ilen != cipher_get_block_size( ctx ) )
return( POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED );
if( ilen != mbedtls_cipher_get_block_size( ctx ) )
return( MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED );
*olen = ilen;
@ -282,33 +282,33 @@ int cipher_update( cipher_context_t *ctx, const unsigned char *input,
return( 0 );
}
#if defined(POLARSSL_GCM_C)
if( ctx->cipher_info->mode == POLARSSL_MODE_GCM )
#if defined(MBEDTLS_GCM_C)
if( ctx->cipher_info->mode == MBEDTLS_MODE_GCM )
{
*olen = ilen;
return gcm_update( (gcm_context *) ctx->cipher_ctx, ilen, input,
return mbedtls_gcm_update( (mbedtls_gcm_context *) ctx->cipher_ctx, ilen, input,
output );
}
#endif
if( input == output &&
( ctx->unprocessed_len != 0 || ilen % cipher_get_block_size( ctx ) ) )
( ctx->unprocessed_len != 0 || ilen % mbedtls_cipher_get_block_size( ctx ) ) )
{
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
}
#if defined(POLARSSL_CIPHER_MODE_CBC)
if( ctx->cipher_info->mode == POLARSSL_MODE_CBC )
#if defined(MBEDTLS_CIPHER_MODE_CBC)
if( ctx->cipher_info->mode == MBEDTLS_MODE_CBC )
{
size_t copy_len = 0;
/*
* If there is not enough data for a full block, cache it.
*/
if( ( ctx->operation == POLARSSL_DECRYPT &&
ilen + ctx->unprocessed_len <= cipher_get_block_size( ctx ) ) ||
( ctx->operation == POLARSSL_ENCRYPT &&
ilen + ctx->unprocessed_len < cipher_get_block_size( ctx ) ) )
if( ( ctx->operation == MBEDTLS_DECRYPT &&
ilen + ctx->unprocessed_len <= mbedtls_cipher_get_block_size( ctx ) ) ||
( ctx->operation == MBEDTLS_ENCRYPT &&
ilen + ctx->unprocessed_len < mbedtls_cipher_get_block_size( ctx ) ) )
{
memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ), input,
ilen );
@ -322,20 +322,20 @@ int cipher_update( cipher_context_t *ctx, const unsigned char *input,
*/
if( ctx->unprocessed_len != 0 )
{
copy_len = cipher_get_block_size( ctx ) - ctx->unprocessed_len;
copy_len = mbedtls_cipher_get_block_size( ctx ) - ctx->unprocessed_len;
memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ), input,
copy_len );
if( 0 != ( ret = ctx->cipher_info->base->cbc_func( ctx->cipher_ctx,
ctx->operation, cipher_get_block_size( ctx ), ctx->iv,
ctx->operation, mbedtls_cipher_get_block_size( ctx ), ctx->iv,
ctx->unprocessed_data, output ) ) )
{
return( ret );
}
*olen += cipher_get_block_size( ctx );
output += cipher_get_block_size( ctx );
*olen += mbedtls_cipher_get_block_size( ctx );
output += mbedtls_cipher_get_block_size( ctx );
ctx->unprocessed_len = 0;
input += copy_len;
@ -347,9 +347,9 @@ int cipher_update( cipher_context_t *ctx, const unsigned char *input,
*/
if( 0 != ilen )
{
copy_len = ilen % cipher_get_block_size( ctx );
if( copy_len == 0 && ctx->operation == POLARSSL_DECRYPT )
copy_len = cipher_get_block_size( ctx );
copy_len = ilen % mbedtls_cipher_get_block_size( ctx );
if( copy_len == 0 && ctx->operation == MBEDTLS_DECRYPT )
copy_len = mbedtls_cipher_get_block_size( ctx );
memcpy( ctx->unprocessed_data, &( input[ilen - copy_len] ),
copy_len );
@ -374,10 +374,10 @@ int cipher_update( cipher_context_t *ctx, const unsigned char *input,
return( 0 );
}
#endif /* POLARSSL_CIPHER_MODE_CBC */
#endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(POLARSSL_CIPHER_MODE_CFB)
if( ctx->cipher_info->mode == POLARSSL_MODE_CFB )
#if defined(MBEDTLS_CIPHER_MODE_CFB)
if( ctx->cipher_info->mode == MBEDTLS_MODE_CFB )
{
if( 0 != ( ret = ctx->cipher_info->base->cfb_func( ctx->cipher_ctx,
ctx->operation, ilen, &ctx->unprocessed_len, ctx->iv,
@ -390,10 +390,10 @@ int cipher_update( cipher_context_t *ctx, const unsigned char *input,
return( 0 );
}
#endif /* POLARSSL_CIPHER_MODE_CFB */
#endif /* MBEDTLS_CIPHER_MODE_CFB */
#if defined(POLARSSL_CIPHER_MODE_CTR)
if( ctx->cipher_info->mode == POLARSSL_MODE_CTR )
#if defined(MBEDTLS_CIPHER_MODE_CTR)
if( ctx->cipher_info->mode == MBEDTLS_MODE_CTR )
{
if( 0 != ( ret = ctx->cipher_info->base->ctr_func( ctx->cipher_ctx,
ilen, &ctx->unprocessed_len, ctx->iv,
@ -406,10 +406,10 @@ int cipher_update( cipher_context_t *ctx, const unsigned char *input,
return( 0 );
}
#endif /* POLARSSL_CIPHER_MODE_CTR */
#endif /* MBEDTLS_CIPHER_MODE_CTR */
#if defined(POLARSSL_CIPHER_MODE_STREAM)
if( ctx->cipher_info->mode == POLARSSL_MODE_STREAM )
#if defined(MBEDTLS_CIPHER_MODE_STREAM)
if( ctx->cipher_info->mode == MBEDTLS_MODE_STREAM )
{
if( 0 != ( ret = ctx->cipher_info->base->stream_func( ctx->cipher_ctx,
ilen, input, output ) ) )
@ -421,13 +421,13 @@ int cipher_update( cipher_context_t *ctx, const unsigned char *input,
return( 0 );
}
#endif /* POLARSSL_CIPHER_MODE_STREAM */
#endif /* MBEDTLS_CIPHER_MODE_STREAM */
return( POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE );
return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
}
#if defined(POLARSSL_CIPHER_MODE_WITH_PADDING)
#if defined(POLARSSL_CIPHER_PADDING_PKCS7)
#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
#if defined(MBEDTLS_CIPHER_PADDING_PKCS7)
/*
* PKCS7 (and PKCS5) padding: fill with ll bytes, with ll = padding_len
*/
@ -448,7 +448,7 @@ static int get_pkcs_padding( unsigned char *input, size_t input_len,
unsigned char padding_len, bad = 0;
if( NULL == input || NULL == data_len )
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
padding_len = input[input_len - 1];
*data_len = input_len - padding_len;
@ -463,11 +463,11 @@ static int get_pkcs_padding( unsigned char *input, size_t input_len,
for( i = 0; i < input_len; i++ )
bad |= ( input[i] ^ padding_len ) * ( i >= pad_idx );
return( POLARSSL_ERR_CIPHER_INVALID_PADDING * ( bad != 0 ) );
return( MBEDTLS_ERR_CIPHER_INVALID_PADDING * ( bad != 0 ) );
}
#endif /* POLARSSL_CIPHER_PADDING_PKCS7 */
#endif /* MBEDTLS_CIPHER_PADDING_PKCS7 */
#if defined(POLARSSL_CIPHER_PADDING_ONE_AND_ZEROS)
#if defined(MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS)
/*
* One and zeros padding: fill with 80 00 ... 00
*/
@ -489,7 +489,7 @@ static int get_one_and_zeros_padding( unsigned char *input, size_t input_len,
unsigned char done = 0, prev_done, bad;
if( NULL == input || NULL == data_len )
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
bad = 0xFF;
*data_len = 0;
@ -501,12 +501,12 @@ static int get_one_and_zeros_padding( unsigned char *input, size_t input_len,
bad &= ( input[i-1] ^ 0x80 ) | ( done == prev_done );
}
return( POLARSSL_ERR_CIPHER_INVALID_PADDING * ( bad != 0 ) );
return( MBEDTLS_ERR_CIPHER_INVALID_PADDING * ( bad != 0 ) );
}
#endif /* POLARSSL_CIPHER_PADDING_ONE_AND_ZEROS */
#endif /* MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS */
#if defined(POLARSSL_CIPHER_PADDING_ZEROS_AND_LEN)
#if defined(MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN)
/*
* Zeros and len padding: fill with 00 ... 00 ll, where ll is padding length
*/
@ -528,7 +528,7 @@ static int get_zeros_and_len_padding( unsigned char *input, size_t input_len,
unsigned char padding_len, bad = 0;
if( NULL == input || NULL == data_len )
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
padding_len = input[input_len - 1];
*data_len = input_len - padding_len;
@ -542,11 +542,11 @@ static int get_zeros_and_len_padding( unsigned char *input, size_t input_len,
for( i = 0; i < input_len - 1; i++ )
bad |= input[i] * ( i >= pad_idx );
return( POLARSSL_ERR_CIPHER_INVALID_PADDING * ( bad != 0 ) );
return( MBEDTLS_ERR_CIPHER_INVALID_PADDING * ( bad != 0 ) );
}
#endif /* POLARSSL_CIPHER_PADDING_ZEROS_AND_LEN */
#endif /* MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN */
#if defined(POLARSSL_CIPHER_PADDING_ZEROS)
#if defined(MBEDTLS_CIPHER_PADDING_ZEROS)
/*
* Zero padding: fill with 00 ... 00
*/
@ -566,7 +566,7 @@ static int get_zeros_padding( unsigned char *input, size_t input_len,
unsigned char done = 0, prev_done;
if( NULL == input || NULL == data_len )
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
*data_len = 0;
for( i = input_len; i > 0; i-- )
@ -578,70 +578,70 @@ static int get_zeros_padding( unsigned char *input, size_t input_len,
return( 0 );
}
#endif /* POLARSSL_CIPHER_PADDING_ZEROS */
#endif /* MBEDTLS_CIPHER_PADDING_ZEROS */
/*
* No padding: don't pad :)
*
* There is no add_padding function (check for NULL in cipher_finish)
* There is no add_padding function (check for NULL in mbedtls_cipher_finish)
* but a trivial get_padding function
*/
static int get_no_padding( unsigned char *input, size_t input_len,
size_t *data_len )
{
if( NULL == input || NULL == data_len )
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
*data_len = input_len;
return( 0 );
}
#endif /* POLARSSL_CIPHER_MODE_WITH_PADDING */
#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
int cipher_finish( cipher_context_t *ctx,
int mbedtls_cipher_finish( mbedtls_cipher_context_t *ctx,
unsigned char *output, size_t *olen )
{
if( NULL == ctx || NULL == ctx->cipher_info || NULL == olen )
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
*olen = 0;
if( POLARSSL_MODE_CFB == ctx->cipher_info->mode ||
POLARSSL_MODE_CTR == ctx->cipher_info->mode ||
POLARSSL_MODE_GCM == ctx->cipher_info->mode ||
POLARSSL_MODE_STREAM == ctx->cipher_info->mode )
if( MBEDTLS_MODE_CFB == ctx->cipher_info->mode ||
MBEDTLS_MODE_CTR == ctx->cipher_info->mode ||
MBEDTLS_MODE_GCM == ctx->cipher_info->mode ||
MBEDTLS_MODE_STREAM == ctx->cipher_info->mode )
{
return( 0 );
}
if( POLARSSL_MODE_ECB == ctx->cipher_info->mode )
if( MBEDTLS_MODE_ECB == ctx->cipher_info->mode )
{
if( ctx->unprocessed_len != 0 )
return( POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED );
return( MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED );
return( 0 );
}
#if defined(POLARSSL_CIPHER_MODE_CBC)
if( POLARSSL_MODE_CBC == ctx->cipher_info->mode )
#if defined(MBEDTLS_CIPHER_MODE_CBC)
if( MBEDTLS_MODE_CBC == ctx->cipher_info->mode )
{
int ret = 0;
if( POLARSSL_ENCRYPT == ctx->operation )
if( MBEDTLS_ENCRYPT == ctx->operation )
{
/* check for 'no padding' mode */
if( NULL == ctx->add_padding )
{
if( 0 != ctx->unprocessed_len )
return( POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED );
return( MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED );
return( 0 );
}
ctx->add_padding( ctx->unprocessed_data, cipher_get_iv_size( ctx ),
ctx->add_padding( ctx->unprocessed_data, mbedtls_cipher_get_iv_size( ctx ),
ctx->unprocessed_len );
}
else if( cipher_get_block_size( ctx ) != ctx->unprocessed_len )
else if( mbedtls_cipher_get_block_size( ctx ) != ctx->unprocessed_len )
{
/*
* For decrypt operations, expect a full block,
@ -650,118 +650,118 @@ int cipher_finish( cipher_context_t *ctx,
if( NULL == ctx->add_padding && 0 == ctx->unprocessed_len )
return( 0 );
return( POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED );
return( MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED );
}
/* cipher block */
if( 0 != ( ret = ctx->cipher_info->base->cbc_func( ctx->cipher_ctx,
ctx->operation, cipher_get_block_size( ctx ), ctx->iv,
ctx->operation, mbedtls_cipher_get_block_size( ctx ), ctx->iv,
ctx->unprocessed_data, output ) ) )
{
return( ret );
}
/* Set output size for decryption */
if( POLARSSL_DECRYPT == ctx->operation )
return ctx->get_padding( output, cipher_get_block_size( ctx ),
if( MBEDTLS_DECRYPT == ctx->operation )
return ctx->get_padding( output, mbedtls_cipher_get_block_size( ctx ),
olen );
/* Set output size for encryption */
*olen = cipher_get_block_size( ctx );
*olen = mbedtls_cipher_get_block_size( ctx );
return( 0 );
}
#else
((void) output);
#endif /* POLARSSL_CIPHER_MODE_CBC */
#endif /* MBEDTLS_CIPHER_MODE_CBC */
return( POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE );
return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
}
#if defined(POLARSSL_CIPHER_MODE_WITH_PADDING)
int cipher_set_padding_mode( cipher_context_t *ctx, cipher_padding_t mode )
#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx, mbedtls_cipher_padding_t mode )
{
if( NULL == ctx ||
POLARSSL_MODE_CBC != ctx->cipher_info->mode )
MBEDTLS_MODE_CBC != ctx->cipher_info->mode )
{
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
}
switch( mode )
{
#if defined(POLARSSL_CIPHER_PADDING_PKCS7)
case POLARSSL_PADDING_PKCS7:
#if defined(MBEDTLS_CIPHER_PADDING_PKCS7)
case MBEDTLS_PADDING_PKCS7:
ctx->add_padding = add_pkcs_padding;
ctx->get_padding = get_pkcs_padding;
break;
#endif
#if defined(POLARSSL_CIPHER_PADDING_ONE_AND_ZEROS)
case POLARSSL_PADDING_ONE_AND_ZEROS:
#if defined(MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS)
case MBEDTLS_PADDING_ONE_AND_ZEROS:
ctx->add_padding = add_one_and_zeros_padding;
ctx->get_padding = get_one_and_zeros_padding;
break;
#endif
#if defined(POLARSSL_CIPHER_PADDING_ZEROS_AND_LEN)
case POLARSSL_PADDING_ZEROS_AND_LEN:
#if defined(MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN)
case MBEDTLS_PADDING_ZEROS_AND_LEN:
ctx->add_padding = add_zeros_and_len_padding;
ctx->get_padding = get_zeros_and_len_padding;
break;
#endif
#if defined(POLARSSL_CIPHER_PADDING_ZEROS)
case POLARSSL_PADDING_ZEROS:
#if defined(MBEDTLS_CIPHER_PADDING_ZEROS)
case MBEDTLS_PADDING_ZEROS:
ctx->add_padding = add_zeros_padding;
ctx->get_padding = get_zeros_padding;
break;
#endif
case POLARSSL_PADDING_NONE:
case MBEDTLS_PADDING_NONE:
ctx->add_padding = NULL;
ctx->get_padding = get_no_padding;
break;
default:
return( POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE );
return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
}
return( 0 );
}
#endif /* POLARSSL_CIPHER_MODE_WITH_PADDING */
#endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
#if defined(POLARSSL_GCM_C)
int cipher_write_tag( cipher_context_t *ctx,
#if defined(MBEDTLS_GCM_C)
int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx,
unsigned char *tag, size_t tag_len )
{
if( NULL == ctx || NULL == ctx->cipher_info || NULL == tag )
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
if( POLARSSL_ENCRYPT != ctx->operation )
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
if( MBEDTLS_ENCRYPT != ctx->operation )
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
if( POLARSSL_MODE_GCM == ctx->cipher_info->mode )
return gcm_finish( (gcm_context *) ctx->cipher_ctx, tag, tag_len );
if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode )
return mbedtls_gcm_finish( (mbedtls_gcm_context *) ctx->cipher_ctx, tag, tag_len );
return( 0 );
}
int cipher_check_tag( cipher_context_t *ctx,
int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx,
const unsigned char *tag, size_t tag_len )
{
int ret;
if( NULL == ctx || NULL == ctx->cipher_info ||
POLARSSL_DECRYPT != ctx->operation )
MBEDTLS_DECRYPT != ctx->operation )
{
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
}
if( POLARSSL_MODE_GCM == ctx->cipher_info->mode )
if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode )
{
unsigned char check_tag[16];
size_t i;
int diff;
if( tag_len > sizeof( check_tag ) )
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA );
return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
if( 0 != ( ret = gcm_finish( (gcm_context *) ctx->cipher_ctx,
if( 0 != ( ret = mbedtls_gcm_finish( (mbedtls_gcm_context *) ctx->cipher_ctx,
check_tag, tag_len ) ) )
{
return( ret );
@ -772,19 +772,19 @@ int cipher_check_tag( cipher_context_t *ctx,
diff |= tag[i] ^ check_tag[i];
if( diff != 0 )
return( POLARSSL_ERR_CIPHER_AUTH_FAILED );
return( MBEDTLS_ERR_CIPHER_AUTH_FAILED );
return( 0 );
}
return( 0 );
}
#endif /* POLARSSL_GCM_C */
#endif /* MBEDTLS_GCM_C */
/*
* Packet-oriented wrapper for non-AEAD modes
*/
int cipher_crypt( cipher_context_t *ctx,
int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx,
const unsigned char *iv, size_t iv_len,
const unsigned char *input, size_t ilen,
unsigned char *output, size_t *olen )
@ -792,16 +792,16 @@ int cipher_crypt( cipher_context_t *ctx,
int ret;
size_t finish_olen;
if( ( ret = cipher_set_iv( ctx, iv, iv_len ) ) != 0 )
if( ( ret = mbedtls_cipher_set_iv( ctx, iv, iv_len ) ) != 0 )
return( ret );
if( ( ret = cipher_reset( ctx ) ) != 0 )
if( ( ret = mbedtls_cipher_reset( ctx ) ) != 0 )
return( ret );
if( ( ret = cipher_update( ctx, input, ilen, output, olen ) ) != 0 )
if( ( ret = mbedtls_cipher_update( ctx, input, ilen, output, olen ) ) != 0 )
return( ret );
if( ( ret = cipher_finish( ctx, output + *olen, &finish_olen ) ) != 0 )
if( ( ret = mbedtls_cipher_finish( ctx, output + *olen, &finish_olen ) ) != 0 )
return( ret );
*olen += finish_olen;
@ -809,84 +809,84 @@ int cipher_crypt( cipher_context_t *ctx,
return( 0 );
}
#if defined(POLARSSL_CIPHER_MODE_AEAD)
#if defined(MBEDTLS_CIPHER_MODE_AEAD)
/*
* Packet-oriented encryption for AEAD modes
*/
int cipher_auth_encrypt( cipher_context_t *ctx,
int mbedtls_cipher_auth_encrypt( mbedtls_cipher_context_t *ctx,
const unsigned char *iv, size_t iv_len,
const unsigned char *ad, size_t ad_len,
const unsigned char *input, size_t ilen,
unsigned char *output, size_t *olen,
unsigned char *tag, size_t tag_len )
{
#if defined(POLARSSL_GCM_C)
if( POLARSSL_MODE_GCM == ctx->cipher_info->mode )
#if defined(MBEDTLS_GCM_C)
if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode )
{
*olen = ilen;
return( gcm_crypt_and_tag( ctx->cipher_ctx, GCM_ENCRYPT, ilen,
return( mbedtls_gcm_crypt_and_tag( ctx->cipher_ctx, MBEDTLS_GCM_ENCRYPT, ilen,
iv, iv_len, ad, ad_len, input, output,
tag_len, tag ) );
}
#endif /* POLARSSL_GCM_C */
#if defined(POLARSSL_CCM_C)
if( POLARSSL_MODE_CCM == ctx->cipher_info->mode )
#endif /* MBEDTLS_GCM_C */
#if defined(MBEDTLS_CCM_C)
if( MBEDTLS_MODE_CCM == ctx->cipher_info->mode )
{
*olen = ilen;
return( ccm_encrypt_and_tag( ctx->cipher_ctx, ilen,
return( mbedtls_ccm_encrypt_and_tag( ctx->cipher_ctx, ilen,
iv, iv_len, ad, ad_len, input, output,
tag, tag_len ) );
}
#endif /* POLARSSL_CCM_C */
#endif /* MBEDTLS_CCM_C */
return( POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE );
return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
}
/*
* Packet-oriented decryption for AEAD modes
*/
int cipher_auth_decrypt( cipher_context_t *ctx,
int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx,
const unsigned char *iv, size_t iv_len,
const unsigned char *ad, size_t ad_len,
const unsigned char *input, size_t ilen,
unsigned char *output, size_t *olen,
const unsigned char *tag, size_t tag_len )
{
#if defined(POLARSSL_GCM_C)
if( POLARSSL_MODE_GCM == ctx->cipher_info->mode )
#if defined(MBEDTLS_GCM_C)
if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode )
{
int ret;
*olen = ilen;
ret = gcm_auth_decrypt( ctx->cipher_ctx, ilen,
ret = mbedtls_gcm_auth_decrypt( ctx->cipher_ctx, ilen,
iv, iv_len, ad, ad_len,
tag, tag_len, input, output );
if( ret == POLARSSL_ERR_GCM_AUTH_FAILED )
ret = POLARSSL_ERR_CIPHER_AUTH_FAILED;
if( ret == MBEDTLS_ERR_GCM_AUTH_FAILED )
ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED;
return( ret );
}
#endif /* POLARSSL_GCM_C */
#if defined(POLARSSL_CCM_C)
if( POLARSSL_MODE_CCM == ctx->cipher_info->mode )
#endif /* MBEDTLS_GCM_C */
#if defined(MBEDTLS_CCM_C)
if( MBEDTLS_MODE_CCM == ctx->cipher_info->mode )
{
int ret;
*olen = ilen;
ret = ccm_auth_decrypt( ctx->cipher_ctx, ilen,
ret = mbedtls_ccm_auth_decrypt( ctx->cipher_ctx, ilen,
iv, iv_len, ad, ad_len,
input, output, tag, tag_len );
if( ret == POLARSSL_ERR_CCM_AUTH_FAILED )
ret = POLARSSL_ERR_CIPHER_AUTH_FAILED;
if( ret == MBEDTLS_ERR_CCM_AUTH_FAILED )
ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED;
return( ret );
}
#endif /* POLARSSL_CCM_C */
#endif /* MBEDTLS_CCM_C */
return( POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE );
return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
}
#endif /* POLARSSL_CIPHER_MODE_AEAD */
#endif /* MBEDTLS_CIPHER_MODE_AEAD */
#endif /* POLARSSL_CIPHER_C */
#endif /* MBEDTLS_CIPHER_C */

962
library/cipher_wrap.c
View File

File diff suppressed because it is too large Load Diff

262
library/ctr_drbg.c
View File

@ -25,33 +25,33 @@
* http://csrc.nist.gov/publications/nistpubs/800-90/SP800-90revised_March2007.pdf
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_CTR_DRBG_C)
#if defined(MBEDTLS_CTR_DRBG_C)
#include "mbedtls/ctr_drbg.h"
#include <string.h>
#if defined(POLARSSL_FS_IO)
#if defined(MBEDTLS_FS_IO)
#include <stdio.h>
#endif
#if defined(POLARSSL_SELF_TEST)
#if defined(POLARSSL_PLATFORM_C)
#if defined(MBEDTLS_SELF_TEST)
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#include <stdio.h>
#define polarssl_printf printf
#endif /* POLARSSL_PLATFORM_C */
#endif /* POLARSSL_SELF_TEST */
#define mbedtls_printf printf
#endif /* MBEDTLS_PLATFORM_C */
#endif /* MBEDTLS_SELF_TEST */
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
@ -59,8 +59,8 @@ static void polarssl_zeroize( void *v, size_t n ) {
* Non-public function wrapped by ctr_crbg_init(). Necessary to allow NIST
* tests to succeed (which require known length fixed entropy)
*/
int ctr_drbg_init_entropy_len(
ctr_drbg_context *ctx,
int mbedtls_ctr_drbg_init_entropy_len(
mbedtls_ctr_drbg_context *ctx,
int (*f_entropy)(void *, unsigned char *, size_t),
void *p_entropy,
const unsigned char *custom,
@ -68,60 +68,60 @@ int ctr_drbg_init_entropy_len(
size_t entropy_len )
{
int ret;
unsigned char key[CTR_DRBG_KEYSIZE];
unsigned char key[MBEDTLS_CTR_DRBG_KEYSIZE];
memset( ctx, 0, sizeof(ctr_drbg_context) );
memset( key, 0, CTR_DRBG_KEYSIZE );
memset( ctx, 0, sizeof(mbedtls_ctr_drbg_context) );
memset( key, 0, MBEDTLS_CTR_DRBG_KEYSIZE );
aes_init( &ctx->aes_ctx );
mbedtls_aes_init( &ctx->aes_ctx );
ctx->f_entropy = f_entropy;
ctx->p_entropy = p_entropy;
ctx->entropy_len = entropy_len;
ctx->reseed_interval = CTR_DRBG_RESEED_INTERVAL;
ctx->reseed_interval = MBEDTLS_CTR_DRBG_RESEED_INTERVAL;
/*
* Initialize with an empty key
*/
aes_setkey_enc( &ctx->aes_ctx, key, CTR_DRBG_KEYBITS );
mbedtls_aes_setkey_enc( &ctx->aes_ctx, key, MBEDTLS_CTR_DRBG_KEYBITS );
if( ( ret = ctr_drbg_reseed( ctx, custom, len ) ) != 0 )
if( ( ret = mbedtls_ctr_drbg_reseed( ctx, custom, len ) ) != 0 )
return( ret );
return( 0 );
}
int ctr_drbg_init( ctr_drbg_context *ctx,
int mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx,
int (*f_entropy)(void *, unsigned char *, size_t),
void *p_entropy,
const unsigned char *custom,
size_t len )
{
return( ctr_drbg_init_entropy_len( ctx, f_entropy, p_entropy, custom, len,
CTR_DRBG_ENTROPY_LEN ) );
return( mbedtls_ctr_drbg_init_entropy_len( ctx, f_entropy, p_entropy, custom, len,
MBEDTLS_CTR_DRBG_ENTROPY_LEN ) );
}
void ctr_drbg_free( ctr_drbg_context *ctx )
void mbedtls_ctr_drbg_free( mbedtls_ctr_drbg_context *ctx )
{
if( ctx == NULL )
return;
aes_free( &ctx->aes_ctx );
polarssl_zeroize( ctx, sizeof( ctr_drbg_context ) );
mbedtls_aes_free( &ctx->aes_ctx );
mbedtls_zeroize( ctx, sizeof( mbedtls_ctr_drbg_context ) );
}
void ctr_drbg_set_prediction_resistance( ctr_drbg_context *ctx, int resistance )
void mbedtls_ctr_drbg_set_prediction_resistance( mbedtls_ctr_drbg_context *ctx, int resistance )
{
ctx->prediction_resistance = resistance;
}
void ctr_drbg_set_entropy_len( ctr_drbg_context *ctx, size_t len )
void mbedtls_ctr_drbg_set_entropy_len( mbedtls_ctr_drbg_context *ctx, size_t len )
{
ctx->entropy_len = len;
}
void ctr_drbg_set_reseed_interval( ctr_drbg_context *ctx, int interval )
void mbedtls_ctr_drbg_set_reseed_interval( mbedtls_ctr_drbg_context *ctx, int interval )
{
ctx->reseed_interval = interval;
}
@ -129,21 +129,21 @@ void ctr_drbg_set_reseed_interval( ctr_drbg_context *ctx, int interval )
static int block_cipher_df( unsigned char *output,
const unsigned char *data, size_t data_len )
{
unsigned char buf[CTR_DRBG_MAX_SEED_INPUT + CTR_DRBG_BLOCKSIZE + 16];
unsigned char tmp[CTR_DRBG_SEEDLEN];
unsigned char key[CTR_DRBG_KEYSIZE];
unsigned char chain[CTR_DRBG_BLOCKSIZE];
unsigned char buf[MBEDTLS_CTR_DRBG_MAX_SEED_INPUT + MBEDTLS_CTR_DRBG_BLOCKSIZE + 16];
unsigned char tmp[MBEDTLS_CTR_DRBG_SEEDLEN];
unsigned char key[MBEDTLS_CTR_DRBG_KEYSIZE];
unsigned char chain[MBEDTLS_CTR_DRBG_BLOCKSIZE];
unsigned char *p, *iv;
aes_context aes_ctx;
mbedtls_aes_context aes_ctx;
int i, j;
size_t buf_len, use_len;
if( data_len > CTR_DRBG_MAX_SEED_INPUT )
return( POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG );
if( data_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT )
return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG );
memset( buf, 0, CTR_DRBG_MAX_SEED_INPUT + CTR_DRBG_BLOCKSIZE + 16 );
aes_init( &aes_ctx );
memset( buf, 0, MBEDTLS_CTR_DRBG_MAX_SEED_INPUT + MBEDTLS_CTR_DRBG_BLOCKSIZE + 16 );
mbedtls_aes_init( &aes_ctx );
/*
* Construct IV (16 bytes) and S in buffer
@ -152,44 +152,44 @@ static int block_cipher_df( unsigned char *output,
* data || 0x80
* (Total is padded to a multiple of 16-bytes with zeroes)
*/
p = buf + CTR_DRBG_BLOCKSIZE;
p = buf + MBEDTLS_CTR_DRBG_BLOCKSIZE;
*p++ = ( data_len >> 24 ) & 0xff;
*p++ = ( data_len >> 16 ) & 0xff;
*p++ = ( data_len >> 8 ) & 0xff;
*p++ = ( data_len ) & 0xff;
p += 3;
*p++ = CTR_DRBG_SEEDLEN;
*p++ = MBEDTLS_CTR_DRBG_SEEDLEN;
memcpy( p, data, data_len );
p[data_len] = 0x80;
buf_len = CTR_DRBG_BLOCKSIZE + 8 + data_len + 1;
buf_len = MBEDTLS_CTR_DRBG_BLOCKSIZE + 8 + data_len + 1;
for( i = 0; i < CTR_DRBG_KEYSIZE; i++ )
for( i = 0; i < MBEDTLS_CTR_DRBG_KEYSIZE; i++ )
key[i] = i;
aes_setkey_enc( &aes_ctx, key, CTR_DRBG_KEYBITS );
mbedtls_aes_setkey_enc( &aes_ctx, key, MBEDTLS_CTR_DRBG_KEYBITS );
/*
* Reduce data to CTR_DRBG_SEEDLEN bytes of data
* Reduce data to MBEDTLS_CTR_DRBG_SEEDLEN bytes of data
*/
for( j = 0; j < CTR_DRBG_SEEDLEN; j += CTR_DRBG_BLOCKSIZE )
for( j = 0; j < MBEDTLS_CTR_DRBG_SEEDLEN; j += MBEDTLS_CTR_DRBG_BLOCKSIZE )
{
p = buf;
memset( chain, 0, CTR_DRBG_BLOCKSIZE );
memset( chain, 0, MBEDTLS_CTR_DRBG_BLOCKSIZE );
use_len = buf_len;
while( use_len > 0 )
{
for( i = 0; i < CTR_DRBG_BLOCKSIZE; i++ )
for( i = 0; i < MBEDTLS_CTR_DRBG_BLOCKSIZE; i++ )
chain[i] ^= p[i];
p += CTR_DRBG_BLOCKSIZE;
use_len -= ( use_len >= CTR_DRBG_BLOCKSIZE ) ?
CTR_DRBG_BLOCKSIZE : use_len;
p += MBEDTLS_CTR_DRBG_BLOCKSIZE;
use_len -= ( use_len >= MBEDTLS_CTR_DRBG_BLOCKSIZE ) ?
MBEDTLS_CTR_DRBG_BLOCKSIZE : use_len;
aes_crypt_ecb( &aes_ctx, AES_ENCRYPT, chain, chain );
mbedtls_aes_crypt_ecb( &aes_ctx, MBEDTLS_AES_ENCRYPT, chain, chain );
}
memcpy( tmp + j, chain, CTR_DRBG_BLOCKSIZE );
memcpy( tmp + j, chain, MBEDTLS_CTR_DRBG_BLOCKSIZE );
/*
* Update IV
@ -200,87 +200,87 @@ static int block_cipher_df( unsigned char *output,
/*
* Do final encryption with reduced data
*/
aes_setkey_enc( &aes_ctx, tmp, CTR_DRBG_KEYBITS );
iv = tmp + CTR_DRBG_KEYSIZE;
mbedtls_aes_setkey_enc( &aes_ctx, tmp, MBEDTLS_CTR_DRBG_KEYBITS );
iv = tmp + MBEDTLS_CTR_DRBG_KEYSIZE;
p = output;
for( j = 0; j < CTR_DRBG_SEEDLEN; j += CTR_DRBG_BLOCKSIZE )
for( j = 0; j < MBEDTLS_CTR_DRBG_SEEDLEN; j += MBEDTLS_CTR_DRBG_BLOCKSIZE )
{
aes_crypt_ecb( &aes_ctx, AES_ENCRYPT, iv, iv );
memcpy( p, iv, CTR_DRBG_BLOCKSIZE );
p += CTR_DRBG_BLOCKSIZE;
mbedtls_aes_crypt_ecb( &aes_ctx, MBEDTLS_AES_ENCRYPT, iv, iv );
memcpy( p, iv, MBEDTLS_CTR_DRBG_BLOCKSIZE );
p += MBEDTLS_CTR_DRBG_BLOCKSIZE;
}
aes_free( &aes_ctx );
mbedtls_aes_free( &aes_ctx );
return( 0 );
}
static int ctr_drbg_update_internal( ctr_drbg_context *ctx,
const unsigned char data[CTR_DRBG_SEEDLEN] )
static int ctr_drbg_update_internal( mbedtls_ctr_drbg_context *ctx,
const unsigned char data[MBEDTLS_CTR_DRBG_SEEDLEN] )
{
unsigned char tmp[CTR_DRBG_SEEDLEN];
unsigned char tmp[MBEDTLS_CTR_DRBG_SEEDLEN];
unsigned char *p = tmp;
int i, j;
memset( tmp, 0, CTR_DRBG_SEEDLEN );
memset( tmp, 0, MBEDTLS_CTR_DRBG_SEEDLEN );
for( j = 0; j < CTR_DRBG_SEEDLEN; j += CTR_DRBG_BLOCKSIZE )
for( j = 0; j < MBEDTLS_CTR_DRBG_SEEDLEN; j += MBEDTLS_CTR_DRBG_BLOCKSIZE )
{
/*
* Increase counter
*/
for( i = CTR_DRBG_BLOCKSIZE; i > 0; i-- )
for( i = MBEDTLS_CTR_DRBG_BLOCKSIZE; i > 0; i-- )
if( ++ctx->counter[i - 1] != 0 )
break;
/*
* Crypt counter block
*/
aes_crypt_ecb( &ctx->aes_ctx, AES_ENCRYPT, ctx->counter, p );
mbedtls_aes_crypt_ecb( &ctx->aes_ctx, MBEDTLS_AES_ENCRYPT, ctx->counter, p );
p += CTR_DRBG_BLOCKSIZE;
p += MBEDTLS_CTR_DRBG_BLOCKSIZE;
}
for( i = 0; i < CTR_DRBG_SEEDLEN; i++ )
for( i = 0; i < MBEDTLS_CTR_DRBG_SEEDLEN; i++ )
tmp[i] ^= data[i];
/*
* Update key and counter
*/
aes_setkey_enc( &ctx->aes_ctx, tmp, CTR_DRBG_KEYBITS );
memcpy( ctx->counter, tmp + CTR_DRBG_KEYSIZE, CTR_DRBG_BLOCKSIZE );
mbedtls_aes_setkey_enc( &ctx->aes_ctx, tmp, MBEDTLS_CTR_DRBG_KEYBITS );
memcpy( ctx->counter, tmp + MBEDTLS_CTR_DRBG_KEYSIZE, MBEDTLS_CTR_DRBG_BLOCKSIZE );
return( 0 );
}
void ctr_drbg_update( ctr_drbg_context *ctx,
void mbedtls_ctr_drbg_update( mbedtls_ctr_drbg_context *ctx,
const unsigned char *additional, size_t add_len )
{
unsigned char add_input[CTR_DRBG_SEEDLEN];
unsigned char add_input[MBEDTLS_CTR_DRBG_SEEDLEN];
if( add_len > 0 )
{
/* MAX_INPUT would be more logical here, but we have to match
* block_cipher_df()'s limits since we can't propagate errors */
if( add_len > CTR_DRBG_MAX_SEED_INPUT )
add_len = CTR_DRBG_MAX_SEED_INPUT;
if( add_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT )
add_len = MBEDTLS_CTR_DRBG_MAX_SEED_INPUT;
block_cipher_df( add_input, additional, add_len );
ctr_drbg_update_internal( ctx, add_input );
}
}
int ctr_drbg_reseed( ctr_drbg_context *ctx,
int mbedtls_ctr_drbg_reseed( mbedtls_ctr_drbg_context *ctx,
const unsigned char *additional, size_t len )
{
unsigned char seed[CTR_DRBG_MAX_SEED_INPUT];
unsigned char seed[MBEDTLS_CTR_DRBG_MAX_SEED_INPUT];
size_t seedlen = 0;
if( ctx->entropy_len + len > CTR_DRBG_MAX_SEED_INPUT )
return( POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG );
if( ctx->entropy_len + len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT )
return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG );
memset( seed, 0, CTR_DRBG_MAX_SEED_INPUT );
memset( seed, 0, MBEDTLS_CTR_DRBG_MAX_SEED_INPUT );
/*
* Gather entropy_len bytes of entropy to seed state
@ -288,7 +288,7 @@ int ctr_drbg_reseed( ctr_drbg_context *ctx,
if( 0 != ctx->f_entropy( ctx->p_entropy, seed,
ctx->entropy_len ) )
{
return( POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED );
return( MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED );
}
seedlen += ctx->entropy_len;
@ -316,30 +316,30 @@ int ctr_drbg_reseed( ctr_drbg_context *ctx,
return( 0 );
}
int ctr_drbg_random_with_add( void *p_rng,
int mbedtls_ctr_drbg_random_with_add( void *p_rng,
unsigned char *output, size_t output_len,
const unsigned char *additional, size_t add_len )
{
int ret = 0;
ctr_drbg_context *ctx = (ctr_drbg_context *) p_rng;
unsigned char add_input[CTR_DRBG_SEEDLEN];
mbedtls_ctr_drbg_context *ctx = (mbedtls_ctr_drbg_context *) p_rng;
unsigned char add_input[MBEDTLS_CTR_DRBG_SEEDLEN];
unsigned char *p = output;
unsigned char tmp[CTR_DRBG_BLOCKSIZE];
unsigned char tmp[MBEDTLS_CTR_DRBG_BLOCKSIZE];
int i;
size_t use_len;
if( output_len > CTR_DRBG_MAX_REQUEST )
return( POLARSSL_ERR_CTR_DRBG_REQUEST_TOO_BIG );
if( output_len > MBEDTLS_CTR_DRBG_MAX_REQUEST )
return( MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG );
if( add_len > CTR_DRBG_MAX_INPUT )
return( POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG );
if( add_len > MBEDTLS_CTR_DRBG_MAX_INPUT )
return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG );
memset( add_input, 0, CTR_DRBG_SEEDLEN );
memset( add_input, 0, MBEDTLS_CTR_DRBG_SEEDLEN );
if( ctx->reseed_counter > ctx->reseed_interval ||
ctx->prediction_resistance )
{
if( ( ret = ctr_drbg_reseed( ctx, additional, add_len ) ) != 0 )
if( ( ret = mbedtls_ctr_drbg_reseed( ctx, additional, add_len ) ) != 0 )
return( ret );
add_len = 0;
@ -356,16 +356,16 @@ int ctr_drbg_random_with_add( void *p_rng,
/*
* Increase counter
*/
for( i = CTR_DRBG_BLOCKSIZE; i > 0; i-- )
for( i = MBEDTLS_CTR_DRBG_BLOCKSIZE; i > 0; i-- )
if( ++ctx->counter[i - 1] != 0 )
break;
/*
* Crypt counter block
*/
aes_crypt_ecb( &ctx->aes_ctx, AES_ENCRYPT, ctx->counter, tmp );
mbedtls_aes_crypt_ecb( &ctx->aes_ctx, MBEDTLS_AES_ENCRYPT, ctx->counter, tmp );
use_len = ( output_len > CTR_DRBG_BLOCKSIZE ) ? CTR_DRBG_BLOCKSIZE :
use_len = ( output_len > MBEDTLS_CTR_DRBG_BLOCKSIZE ) ? MBEDTLS_CTR_DRBG_BLOCKSIZE :
output_len;
/*
* Copy random block to destination
@ -382,27 +382,27 @@ int ctr_drbg_random_with_add( void *p_rng,
return( 0 );
}
int ctr_drbg_random( void *p_rng, unsigned char *output, size_t output_len )
int mbedtls_ctr_drbg_random( void *p_rng, unsigned char *output, size_t output_len )
{
return ctr_drbg_random_with_add( p_rng, output, output_len, NULL, 0 );
return mbedtls_ctr_drbg_random_with_add( p_rng, output, output_len, NULL, 0 );
}
#if defined(POLARSSL_FS_IO)
int ctr_drbg_write_seed_file( ctr_drbg_context *ctx, const char *path )
#if defined(MBEDTLS_FS_IO)
int mbedtls_ctr_drbg_write_seed_file( mbedtls_ctr_drbg_context *ctx, const char *path )
{
int ret = POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR;
int ret = MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR;
FILE *f;
unsigned char buf[ CTR_DRBG_MAX_INPUT ];
unsigned char buf[ MBEDTLS_CTR_DRBG_MAX_INPUT ];
if( ( f = fopen( path, "wb" ) ) == NULL )
return( POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR );
return( MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR );
if( ( ret = ctr_drbg_random( ctx, buf, CTR_DRBG_MAX_INPUT ) ) != 0 )
if( ( ret = mbedtls_ctr_drbg_random( ctx, buf, MBEDTLS_CTR_DRBG_MAX_INPUT ) ) != 0 )
goto exit;
if( fwrite( buf, 1, CTR_DRBG_MAX_INPUT, f ) != CTR_DRBG_MAX_INPUT )
if( fwrite( buf, 1, MBEDTLS_CTR_DRBG_MAX_INPUT, f ) != MBEDTLS_CTR_DRBG_MAX_INPUT )
{
ret = POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR;
ret = MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR;
goto exit;
}
@ -413,40 +413,40 @@ exit:
return( ret );
}
int ctr_drbg_update_seed_file( ctr_drbg_context *ctx, const char *path )
int mbedtls_ctr_drbg_update_seed_file( mbedtls_ctr_drbg_context *ctx, const char *path )
{
FILE *f;
size_t n;
unsigned char buf[ CTR_DRBG_MAX_INPUT ];
unsigned char buf[ MBEDTLS_CTR_DRBG_MAX_INPUT ];
if( ( f = fopen( path, "rb" ) ) == NULL )
return( POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR );
return( MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR );
fseek( f, 0, SEEK_END );
n = (size_t) ftell( f );
fseek( f, 0, SEEK_SET );
if( n > CTR_DRBG_MAX_INPUT )
if( n > MBEDTLS_CTR_DRBG_MAX_INPUT )
{
fclose( f );
return( POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG );
return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG );
}
if( fread( buf, 1, n, f ) != n )
{
fclose( f );
return( POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR );
return( MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR );
}
fclose( f );
ctr_drbg_update( ctx, buf, n );
mbedtls_ctr_drbg_update( ctx, buf, n );
return( ctr_drbg_write_seed_file( ctx, path ) );
return( mbedtls_ctr_drbg_write_seed_file( ctx, path ) );
}
#endif /* POLARSSL_FS_IO */
#endif /* MBEDTLS_FS_IO */
#if defined(POLARSSL_SELF_TEST)
#if defined(MBEDTLS_SELF_TEST)
static const unsigned char entropy_source_pr[96] =
{ 0xc1, 0x80, 0x81, 0xa6, 0x5d, 0x44, 0x02, 0x16,
@ -501,57 +501,57 @@ static int ctr_drbg_self_test_entropy( void *data, unsigned char *buf,
#define CHK( c ) if( (c) != 0 ) \
{ \
if( verbose != 0 ) \
polarssl_printf( "failed\n" ); \
mbedtls_printf( "failed\n" ); \
return( 1 ); \
}
/*
* Checkup routine
*/
int ctr_drbg_self_test( int verbose )
int mbedtls_ctr_drbg_self_test( int verbose )
{
ctr_drbg_context ctx;
mbedtls_ctr_drbg_context ctx;
unsigned char buf[16];
/*
* Based on a NIST CTR_DRBG test vector (PR = True)
*/
if( verbose != 0 )
polarssl_printf( " CTR_DRBG (PR = TRUE) : " );
mbedtls_printf( " CTR_DRBG (PR = TRUE) : " );
test_offset = 0;
CHK( ctr_drbg_init_entropy_len( &ctx, ctr_drbg_self_test_entropy,
CHK( mbedtls_ctr_drbg_init_entropy_len( &ctx, ctr_drbg_self_test_entropy,
(void *) entropy_source_pr, nonce_pers_pr, 16, 32 ) );
ctr_drbg_set_prediction_resistance( &ctx, CTR_DRBG_PR_ON );
CHK( ctr_drbg_random( &ctx, buf, CTR_DRBG_BLOCKSIZE ) );
CHK( ctr_drbg_random( &ctx, buf, CTR_DRBG_BLOCKSIZE ) );
CHK( memcmp( buf, result_pr, CTR_DRBG_BLOCKSIZE ) );
mbedtls_ctr_drbg_set_prediction_resistance( &ctx, MBEDTLS_CTR_DRBG_PR_ON );
CHK( mbedtls_ctr_drbg_random( &ctx, buf, MBEDTLS_CTR_DRBG_BLOCKSIZE ) );
CHK( mbedtls_ctr_drbg_random( &ctx, buf, MBEDTLS_CTR_DRBG_BLOCKSIZE ) );
CHK( memcmp( buf, result_pr, MBEDTLS_CTR_DRBG_BLOCKSIZE ) );
if( verbose != 0 )
polarssl_printf( "passed\n" );
mbedtls_printf( "passed\n" );
/*
* Based on a NIST CTR_DRBG test vector (PR = FALSE)
*/
if( verbose != 0 )
polarssl_printf( " CTR_DRBG (PR = FALSE): " );
mbedtls_printf( " CTR_DRBG (PR = FALSE): " );
test_offset = 0;
CHK( ctr_drbg_init_entropy_len( &ctx, ctr_drbg_self_test_entropy,
CHK( mbedtls_ctr_drbg_init_entropy_len( &ctx, ctr_drbg_self_test_entropy,
(void *) entropy_source_nopr, nonce_pers_nopr, 16, 32 ) );
CHK( ctr_drbg_random( &ctx, buf, 16 ) );
CHK( ctr_drbg_reseed( &ctx, NULL, 0 ) );
CHK( ctr_drbg_random( &ctx, buf, 16 ) );
CHK( mbedtls_ctr_drbg_random( &ctx, buf, 16 ) );
CHK( mbedtls_ctr_drbg_reseed( &ctx, NULL, 0 ) );
CHK( mbedtls_ctr_drbg_random( &ctx, buf, 16 ) );
CHK( memcmp( buf, result_nopr, 16 ) );
if( verbose != 0 )
polarssl_printf( "passed\n" );
mbedtls_printf( "passed\n" );
if( verbose != 0 )
polarssl_printf( "\n" );
mbedtls_printf( "\n" );
return( 0 );
}
#endif /* POLARSSL_SELF_TEST */
#endif /* MBEDTLS_SELF_TEST */
#endif /* POLARSSL_CTR_DRBG_C */
#endif /* MBEDTLS_CTR_DRBG_C */

156
library/debug.c
View File

@ -20,13 +20,13 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_DEBUG_C)
#if defined(MBEDTLS_DEBUG_C)
#include "mbedtls/debug.h"
@ -44,26 +44,26 @@
#endif
#endif /* _MSC_VER */
#if defined(POLARSSL_PLATFORM_C)
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#define polarssl_snprintf snprintf
#define mbedtls_snprintf snprintf
#endif
static int debug_log_mode = POLARSSL_DEBUG_DFL_MODE;
static int debug_log_mode = MBEDTLS_DEBUG_DFL_MODE;
static int debug_threshold = 0;
void debug_set_log_mode( int log_mode )
void mbedtls_debug_set_log_mode( int log_mode )
{
debug_log_mode = log_mode;
}
void debug_set_threshold( int threshold )
void mbedtls_debug_set_threshold( int threshold )
{
debug_threshold = threshold;
}
char *debug_fmt( const char *format, ... )
char *mbedtls_debug_fmt( const char *format, ... )
{
va_list argp;
static char str[512];
@ -77,7 +77,7 @@ char *debug_fmt( const char *format, ... )
return( str );
}
void debug_print_msg( const ssl_context *ssl, int level,
void mbedtls_debug_print_msg( const mbedtls_ssl_context *ssl, int level,
const char *file, int line, const char *text )
{
char str[512];
@ -86,18 +86,18 @@ void debug_print_msg( const ssl_context *ssl, int level,
if( ssl->f_dbg == NULL || level > debug_threshold )
return;
if( debug_log_mode == POLARSSL_DEBUG_LOG_RAW )
if( debug_log_mode == MBEDTLS_DEBUG_LOG_RAW )
{
ssl->f_dbg( ssl->p_dbg, level, text );
return;
}
polarssl_snprintf( str, maxlen, "%s(%04d): %s\n", file, line, text );
mbedtls_snprintf( str, maxlen, "%s(%04d): %s\n", file, line, text );
str[maxlen] = '\0';
ssl->f_dbg( ssl->p_dbg, level, str );
}
void debug_print_ret( const ssl_context *ssl, int level,
void mbedtls_debug_print_ret( const mbedtls_ssl_context *ssl, int level,
const char *file, int line,
const char *text, int ret )
{
@ -108,17 +108,17 @@ void debug_print_ret( const ssl_context *ssl, int level,
if( ssl->f_dbg == NULL || level > debug_threshold )
return;
if( debug_log_mode == POLARSSL_DEBUG_LOG_FULL )
idx = polarssl_snprintf( str, maxlen, "%s(%04d): ", file, line );
if( debug_log_mode == MBEDTLS_DEBUG_LOG_FULL )
idx = mbedtls_snprintf( str, maxlen, "%s(%04d): ", file, line );
polarssl_snprintf( str + idx, maxlen - idx, "%s() returned %d (-0x%04x)\n",
mbedtls_snprintf( str + idx, maxlen - idx, "%s() returned %d (-0x%04x)\n",
text, ret, -ret );
str[maxlen] = '\0';
ssl->f_dbg( ssl->p_dbg, level, str );
}
void debug_print_buf( const ssl_context *ssl, int level,
void mbedtls_debug_print_buf( const mbedtls_ssl_context *ssl, int level,
const char *file, int line, const char *text,
const unsigned char *buf, size_t len )
{
@ -129,10 +129,10 @@ void debug_print_buf( const ssl_context *ssl, int level,
if( ssl->f_dbg == NULL || level > debug_threshold )
return;
if( debug_log_mode == POLARSSL_DEBUG_LOG_FULL )
idx = polarssl_snprintf( str, maxlen, "%s(%04d): ", file, line );
if( debug_log_mode == MBEDTLS_DEBUG_LOG_FULL )
idx = mbedtls_snprintf( str, maxlen, "%s(%04d): ", file, line );
polarssl_snprintf( str + idx, maxlen - idx, "dumping '%s' (%u bytes)\n",
mbedtls_snprintf( str + idx, maxlen - idx, "dumping '%s' (%u bytes)\n",
text, (unsigned int) len );
str[maxlen] = '\0';
@ -149,22 +149,22 @@ void debug_print_buf( const ssl_context *ssl, int level,
{
if( i > 0 )
{
polarssl_snprintf( str + idx, maxlen - idx, " %s\n", txt );
mbedtls_snprintf( str + idx, maxlen - idx, " %s\n", txt );
ssl->f_dbg( ssl->p_dbg, level, str );
idx = 0;
memset( txt, 0, sizeof( txt ) );
}
if( debug_log_mode == POLARSSL_DEBUG_LOG_FULL )
idx = polarssl_snprintf( str, maxlen, "%s(%04d): ", file, line );
if( debug_log_mode == MBEDTLS_DEBUG_LOG_FULL )
idx = mbedtls_snprintf( str, maxlen, "%s(%04d): ", file, line );
idx += polarssl_snprintf( str + idx, maxlen - idx, "%04x: ",
idx += mbedtls_snprintf( str + idx, maxlen - idx, "%04x: ",
(unsigned int) i );
}
idx += polarssl_snprintf( str + idx, maxlen - idx, " %02x",
idx += mbedtls_snprintf( str + idx, maxlen - idx, " %02x",
(unsigned int) buf[i] );
txt[i % 16] = ( buf[i] > 31 && buf[i] < 127 ) ? buf[i] : '.' ;
}
@ -172,17 +172,17 @@ void debug_print_buf( const ssl_context *ssl, int level,
if( len > 0 )
{
for( /* i = i */; i % 16 != 0; i++ )
idx += polarssl_snprintf( str + idx, maxlen - idx, " " );
idx += mbedtls_snprintf( str + idx, maxlen - idx, " " );
polarssl_snprintf( str + idx, maxlen - idx, " %s\n", txt );
mbedtls_snprintf( str + idx, maxlen - idx, " %s\n", txt );
ssl->f_dbg( ssl->p_dbg, level, str );
}
}
#if defined(POLARSSL_ECP_C)
void debug_print_ecp( const ssl_context *ssl, int level,
#if defined(MBEDTLS_ECP_C)
void mbedtls_debug_print_ecp( const mbedtls_ssl_context *ssl, int level,
const char *file, int line,
const char *text, const ecp_point *X )
const char *text, const mbedtls_ecp_point *X )
{
char str[512];
int maxlen = sizeof( str ) - 1;
@ -190,20 +190,20 @@ void debug_print_ecp( const ssl_context *ssl, int level,
if( ssl->f_dbg == NULL || level > debug_threshold )
return;
polarssl_snprintf( str, maxlen, "%s(X)", text );
mbedtls_snprintf( str, maxlen, "%s(X)", text );
str[maxlen] = '\0';
debug_print_mpi( ssl, level, file, line, str, &X->X );
mbedtls_debug_print_mpi( ssl, level, file, line, str, &X->X );
polarssl_snprintf( str, maxlen, "%s(Y)", text );
mbedtls_snprintf( str, maxlen, "%s(Y)", text );
str[maxlen] = '\0';
debug_print_mpi( ssl, level, file, line, str, &X->Y );
mbedtls_debug_print_mpi( ssl, level, file, line, str, &X->Y );
}
#endif /* POLARSSL_ECP_C */
#endif /* MBEDTLS_ECP_C */
#if defined(POLARSSL_BIGNUM_C)
void debug_print_mpi( const ssl_context *ssl, int level,
#if defined(MBEDTLS_BIGNUM_C)
void mbedtls_debug_print_mpi( const mbedtls_ssl_context *ssl, int level,
const char *file, int line,
const char *text, const mpi *X )
const char *text, const mbedtls_mpi *X )
{
char str[512];
int j, k, maxlen = sizeof( str ) - 1, zeros = 1;
@ -216,15 +216,15 @@ void debug_print_mpi( const ssl_context *ssl, int level,
if( X->p[n] != 0 )
break;
for( j = ( sizeof(t_uint) << 3 ) - 1; j >= 0; j-- )
for( j = ( sizeof(mbedtls_mpi_uint) << 3 ) - 1; j >= 0; j-- )
if( ( ( X->p[n] >> j ) & 1 ) != 0 )
break;
if( debug_log_mode == POLARSSL_DEBUG_LOG_FULL )
idx = polarssl_snprintf( str, maxlen, "%s(%04d): ", file, line );
if( debug_log_mode == MBEDTLS_DEBUG_LOG_FULL )
idx = mbedtls_snprintf( str, maxlen, "%s(%04d): ", file, line );
polarssl_snprintf( str + idx, maxlen - idx, "value of '%s' (%d bits) is:\n",
text, (int) ( ( n * ( sizeof(t_uint) << 3 ) ) + j + 1 ) );
mbedtls_snprintf( str + idx, maxlen - idx, "value of '%s' (%d bits) is:\n",
text, (int) ( ( n * ( sizeof(mbedtls_mpi_uint) << 3 ) ) + j + 1 ) );
str[maxlen] = '\0';
ssl->f_dbg( ssl->p_dbg, level, str );
@ -235,7 +235,7 @@ void debug_print_mpi( const ssl_context *ssl, int level,
if( zeros && X->p[i - 1] == 0 )
continue;
for( k = sizeof( t_uint ) - 1; k >= 0; k-- )
for( k = sizeof( mbedtls_mpi_uint ) - 1; k >= 0; k-- )
{
if( zeros && ( ( X->p[i - 1] >> ( k << 3 ) ) & 0xFF ) == 0 )
continue;
@ -246,16 +246,16 @@ void debug_print_mpi( const ssl_context *ssl, int level,
{
if( j > 0 )
{
polarssl_snprintf( str + idx, maxlen - idx, "\n" );
mbedtls_snprintf( str + idx, maxlen - idx, "\n" );
ssl->f_dbg( ssl->p_dbg, level, str );
idx = 0;
}
if( debug_log_mode == POLARSSL_DEBUG_LOG_FULL )
idx = polarssl_snprintf( str, maxlen, "%s(%04d): ", file, line );
if( debug_log_mode == MBEDTLS_DEBUG_LOG_FULL )
idx = mbedtls_snprintf( str, maxlen, "%s(%04d): ", file, line );
}
idx += polarssl_snprintf( str + idx, maxlen - idx, " %02x", (unsigned int)
idx += mbedtls_snprintf( str + idx, maxlen - idx, " %02x", (unsigned int)
( X->p[i - 1] >> ( k << 3 ) ) & 0xFF );
j++;
@ -265,59 +265,59 @@ void debug_print_mpi( const ssl_context *ssl, int level,
if( zeros == 1 )
{
if( debug_log_mode == POLARSSL_DEBUG_LOG_FULL )
if( debug_log_mode == MBEDTLS_DEBUG_LOG_FULL )
{
idx = polarssl_snprintf( str, maxlen, "%s(%04d): ", file, line );
idx = mbedtls_snprintf( str, maxlen, "%s(%04d): ", file, line );
}
idx += polarssl_snprintf( str + idx, maxlen - idx, " 00" );
idx += mbedtls_snprintf( str + idx, maxlen - idx, " 00" );
}
polarssl_snprintf( str + idx, maxlen - idx, "\n" );
mbedtls_snprintf( str + idx, maxlen - idx, "\n" );
ssl->f_dbg( ssl->p_dbg, level, str );
}
#endif /* POLARSSL_BIGNUM_C */
#endif /* MBEDTLS_BIGNUM_C */
#if defined(POLARSSL_X509_CRT_PARSE_C)
static void debug_print_pk( const ssl_context *ssl, int level,
#if defined(MBEDTLS_X509_CRT_PARSE_C)
static void debug_print_pk( const mbedtls_ssl_context *ssl, int level,
const char *file, int line,
const char *text, const pk_context *pk )
const char *text, const mbedtls_pk_context *pk )
{
size_t i;
pk_debug_item items[POLARSSL_PK_DEBUG_MAX_ITEMS];
mbedtls_pk_debug_item items[MBEDTLS_PK_DEBUG_MAX_ITEMS];
char name[16];
memset( items, 0, sizeof( items ) );
if( pk_debug( pk, items ) != 0 )
if( mbedtls_pk_debug( pk, items ) != 0 )
{
debug_print_msg( ssl, level, file, line, "invalid PK context" );
mbedtls_debug_print_msg( ssl, level, file, line, "invalid PK context" );
return;
}
for( i = 0; i < POLARSSL_PK_DEBUG_MAX_ITEMS; i++ )
for( i = 0; i < MBEDTLS_PK_DEBUG_MAX_ITEMS; i++ )
{
if( items[i].type == POLARSSL_PK_DEBUG_NONE )
if( items[i].type == MBEDTLS_PK_DEBUG_NONE )
return;
polarssl_snprintf( name, sizeof( name ), "%s%s", text, items[i].name );
mbedtls_snprintf( name, sizeof( name ), "%s%s", text, items[i].name );
name[sizeof( name ) - 1] = '\0';
if( items[i].type == POLARSSL_PK_DEBUG_MPI )
debug_print_mpi( ssl, level, file, line, name, items[i].value );
if( items[i].type == MBEDTLS_PK_DEBUG_MPI )
mbedtls_debug_print_mpi( ssl, level, file, line, name, items[i].value );
else
#if defined(POLARSSL_ECP_C)
if( items[i].type == POLARSSL_PK_DEBUG_ECP )
debug_print_ecp( ssl, level, file, line, name, items[i].value );
#if defined(MBEDTLS_ECP_C)
if( items[i].type == MBEDTLS_PK_DEBUG_ECP )
mbedtls_debug_print_ecp( ssl, level, file, line, name, items[i].value );
else
#endif
debug_print_msg( ssl, level, file, line, "should not happen" );
mbedtls_debug_print_msg( ssl, level, file, line, "should not happen" );
}
}
void debug_print_crt( const ssl_context *ssl, int level,
void mbedtls_debug_print_crt( const mbedtls_ssl_context *ssl, int level,
const char *file, int line,
const char *text, const x509_crt *crt )
const char *text, const mbedtls_x509_crt *crt )
{
char str[1024], prefix[64];
int i = 0, maxlen = sizeof( prefix ) - 1, idx = 0;
@ -325,9 +325,9 @@ void debug_print_crt( const ssl_context *ssl, int level,
if( ssl->f_dbg == NULL || crt == NULL || level > debug_threshold )
return;
if( debug_log_mode == POLARSSL_DEBUG_LOG_FULL )
if( debug_log_mode == MBEDTLS_DEBUG_LOG_FULL )
{
polarssl_snprintf( prefix, maxlen, "%s(%04d): ", file, line );
mbedtls_snprintf( prefix, maxlen, "%s(%04d): ", file, line );
prefix[maxlen] = '\0';
}
else
@ -338,12 +338,12 @@ void debug_print_crt( const ssl_context *ssl, int level,
while( crt != NULL )
{
char buf[1024];
x509_crt_info( buf, sizeof( buf ) - 1, prefix, crt );
mbedtls_x509_crt_info( buf, sizeof( buf ) - 1, prefix, crt );
if( debug_log_mode == POLARSSL_DEBUG_LOG_FULL )
idx = polarssl_snprintf( str, maxlen, "%s(%04d): ", file, line );
if( debug_log_mode == MBEDTLS_DEBUG_LOG_FULL )
idx = mbedtls_snprintf( str, maxlen, "%s(%04d): ", file, line );
polarssl_snprintf( str + idx, maxlen - idx, "%s #%d:\n%s",
mbedtls_snprintf( str + idx, maxlen - idx, "%s #%d:\n%s",
text, ++i, buf );
str[maxlen] = '\0';
@ -354,6 +354,6 @@ void debug_print_crt( const ssl_context *ssl, int level,
crt = crt->next;
}
}
#endif /* POLARSSL_X509_CRT_PARSE_C */
#endif /* MBEDTLS_X509_CRT_PARSE_C */
#endif /* POLARSSL_DEBUG_C */
#endif /* MBEDTLS_DEBUG_C */

216
library/des.c
View File

@ -26,31 +26,31 @@
* http://csrc.nist.gov/publications/fips/fips46-3/fips46-3.pdf
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_DES_C)
#if defined(MBEDTLS_DES_C)
#include "mbedtls/des.h"
#include <string.h>
#if defined(POLARSSL_SELF_TEST)
#if defined(POLARSSL_PLATFORM_C)
#if defined(MBEDTLS_SELF_TEST)
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#include <stdio.h>
#define polarssl_printf printf
#endif /* POLARSSL_PLATFORM_C */
#endif /* POLARSSL_SELF_TEST */
#define mbedtls_printf printf
#endif /* MBEDTLS_PLATFORM_C */
#endif /* MBEDTLS_SELF_TEST */
#if !defined(POLARSSL_DES_ALT)
#if !defined(MBEDTLS_DES_ALT)
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
@ -307,30 +307,30 @@ static const uint32_t RHs[16] =
#define SWAP(a,b) { uint32_t t = a; a = b; b = t; t = 0; }
void des_init( des_context *ctx )
void mbedtls_des_init( mbedtls_des_context *ctx )
{
memset( ctx, 0, sizeof( des_context ) );
memset( ctx, 0, sizeof( mbedtls_des_context ) );
}
void des_free( des_context *ctx )
void mbedtls_des_free( mbedtls_des_context *ctx )
{
if( ctx == NULL )
return;
polarssl_zeroize( ctx, sizeof( des_context ) );
mbedtls_zeroize( ctx, sizeof( mbedtls_des_context ) );
}
void des3_init( des3_context *ctx )
void mbedtls_des3_init( mbedtls_des3_context *ctx )
{
memset( ctx, 0, sizeof( des3_context ) );
memset( ctx, 0, sizeof( mbedtls_des3_context ) );
}
void des3_free( des3_context *ctx )
void mbedtls_des3_free( mbedtls_des3_context *ctx )
{
if( ctx == NULL )
return;
polarssl_zeroize( ctx, sizeof( des3_context ) );
mbedtls_zeroize( ctx, sizeof( mbedtls_des3_context ) );
}
static const unsigned char odd_parity_table[128] = { 1, 2, 4, 7, 8,
@ -344,22 +344,22 @@ static const unsigned char odd_parity_table[128] = { 1, 2, 4, 7, 8,
227, 229, 230, 233, 234, 236, 239, 241, 242, 244, 247, 248, 251, 253,
254 };
void des_key_set_parity( unsigned char key[DES_KEY_SIZE] )
void mbedtls_des_key_set_parity( unsigned char key[MBEDTLS_DES_KEY_SIZE] )
{
int i;
for( i = 0; i < DES_KEY_SIZE; i++ )
for( i = 0; i < MBEDTLS_DES_KEY_SIZE; i++ )
key[i] = odd_parity_table[key[i] / 2];
}
/*
* Check the given key's parity, returns 1 on failure, 0 on SUCCESS
*/
int des_key_check_key_parity( const unsigned char key[DES_KEY_SIZE] )
int mbedtls_des_key_check_key_parity( const unsigned char key[MBEDTLS_DES_KEY_SIZE] )
{
int i;
for( i = 0; i < DES_KEY_SIZE; i++ )
for( i = 0; i < MBEDTLS_DES_KEY_SIZE; i++ )
if( key[i] != odd_parity_table[key[i] / 2] )
return( 1 );
@ -389,7 +389,7 @@ int des_key_check_key_parity( const unsigned char key[DES_KEY_SIZE] )
#define WEAK_KEY_COUNT 16
static const unsigned char weak_key_table[WEAK_KEY_COUNT][DES_KEY_SIZE] =
static const unsigned char weak_key_table[WEAK_KEY_COUNT][MBEDTLS_DES_KEY_SIZE] =
{
{ 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
{ 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE },
@ -410,18 +410,18 @@ static const unsigned char weak_key_table[WEAK_KEY_COUNT][DES_KEY_SIZE] =
{ 0xFE, 0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1 }
};
int des_key_check_weak( const unsigned char key[DES_KEY_SIZE] )
int mbedtls_des_key_check_weak( const unsigned char key[MBEDTLS_DES_KEY_SIZE] )
{
int i;
for( i = 0; i < WEAK_KEY_COUNT; i++ )
if( memcmp( weak_key_table[i], key, DES_KEY_SIZE) == 0 )
if( memcmp( weak_key_table[i], key, MBEDTLS_DES_KEY_SIZE) == 0 )
return( 1 );
return( 0 );
}
static void des_setkey( uint32_t SK[32], const unsigned char key[DES_KEY_SIZE] )
static void des_setkey( uint32_t SK[32], const unsigned char key[MBEDTLS_DES_KEY_SIZE] )
{
int i;
uint32_t X, Y, T;
@ -493,7 +493,7 @@ static void des_setkey( uint32_t SK[32], const unsigned char key[DES_KEY_SIZE] )
/*
* DES key schedule (56-bit, encryption)
*/
int des_setkey_enc( des_context *ctx, const unsigned char key[DES_KEY_SIZE] )
int mbedtls_des_setkey_enc( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] )
{
des_setkey( ctx->sk, key );
@ -503,7 +503,7 @@ int des_setkey_enc( des_context *ctx, const unsigned char key[DES_KEY_SIZE] )
/*
* DES key schedule (56-bit, decryption)
*/
int des_setkey_dec( des_context *ctx, const unsigned char key[DES_KEY_SIZE] )
int mbedtls_des_setkey_dec( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] )
{
int i;
@ -520,7 +520,7 @@ int des_setkey_dec( des_context *ctx, const unsigned char key[DES_KEY_SIZE] )
static void des3_set2key( uint32_t esk[96],
uint32_t dsk[96],
const unsigned char key[DES_KEY_SIZE*2] )
const unsigned char key[MBEDTLS_DES_KEY_SIZE*2] )
{
int i;
@ -546,13 +546,13 @@ static void des3_set2key( uint32_t esk[96],
/*
* Triple-DES key schedule (112-bit, encryption)
*/
int des3_set2key_enc( des3_context *ctx,
const unsigned char key[DES_KEY_SIZE * 2] )
int mbedtls_des3_set2key_enc( mbedtls_des3_context *ctx,
const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2] )
{
uint32_t sk[96];
des3_set2key( ctx->sk, sk, key );
polarssl_zeroize( sk, sizeof( sk ) );
mbedtls_zeroize( sk, sizeof( sk ) );
return( 0 );
}
@ -560,13 +560,13 @@ int des3_set2key_enc( des3_context *ctx,
/*
* Triple-DES key schedule (112-bit, decryption)
*/
int des3_set2key_dec( des3_context *ctx,
const unsigned char key[DES_KEY_SIZE * 2] )
int mbedtls_des3_set2key_dec( mbedtls_des3_context *ctx,
const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2] )
{
uint32_t sk[96];
des3_set2key( sk, ctx->sk, key );
polarssl_zeroize( sk, sizeof( sk ) );
mbedtls_zeroize( sk, sizeof( sk ) );
return( 0 );
}
@ -597,13 +597,13 @@ static void des3_set3key( uint32_t esk[96],
/*
* Triple-DES key schedule (168-bit, encryption)
*/
int des3_set3key_enc( des3_context *ctx,
const unsigned char key[DES_KEY_SIZE * 3] )
int mbedtls_des3_set3key_enc( mbedtls_des3_context *ctx,
const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3] )
{
uint32_t sk[96];
des3_set3key( ctx->sk, sk, key );
polarssl_zeroize( sk, sizeof( sk ) );
mbedtls_zeroize( sk, sizeof( sk ) );
return( 0 );
}
@ -611,13 +611,13 @@ int des3_set3key_enc( des3_context *ctx,
/*
* Triple-DES key schedule (168-bit, decryption)
*/
int des3_set3key_dec( des3_context *ctx,
const unsigned char key[DES_KEY_SIZE * 3] )
int mbedtls_des3_set3key_dec( mbedtls_des3_context *ctx,
const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3] )
{
uint32_t sk[96];
des3_set3key( sk, ctx->sk, key );
polarssl_zeroize( sk, sizeof( sk ) );
mbedtls_zeroize( sk, sizeof( sk ) );
return( 0 );
}
@ -625,7 +625,7 @@ int des3_set3key_dec( des3_context *ctx,
/*
* DES-ECB block encryption/decryption
*/
int des_crypt_ecb( des_context *ctx,
int mbedtls_des_crypt_ecb( mbedtls_des_context *ctx,
const unsigned char input[8],
unsigned char output[8] )
{
@ -653,11 +653,11 @@ int des_crypt_ecb( des_context *ctx,
return( 0 );
}
#if defined(POLARSSL_CIPHER_MODE_CBC)
#if defined(MBEDTLS_CIPHER_MODE_CBC)
/*
* DES-CBC buffer encryption/decryption
*/
int des_crypt_cbc( des_context *ctx,
int mbedtls_des_crypt_cbc( mbedtls_des_context *ctx,
int mode,
size_t length,
unsigned char iv[8],
@ -668,16 +668,16 @@ int des_crypt_cbc( des_context *ctx,
unsigned char temp[8];
if( length % 8 )
return( POLARSSL_ERR_DES_INVALID_INPUT_LENGTH );
return( MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH );
if( mode == DES_ENCRYPT )
if( mode == MBEDTLS_DES_ENCRYPT )
{
while( length > 0 )
{
for( i = 0; i < 8; i++ )
output[i] = (unsigned char)( input[i] ^ iv[i] );
des_crypt_ecb( ctx, output, output );
mbedtls_des_crypt_ecb( ctx, output, output );
memcpy( iv, output, 8 );
input += 8;
@ -685,12 +685,12 @@ int des_crypt_cbc( des_context *ctx,
length -= 8;
}
}
else /* DES_DECRYPT */
else /* MBEDTLS_DES_DECRYPT */
{
while( length > 0 )
{
memcpy( temp, input, 8 );
des_crypt_ecb( ctx, input, output );
mbedtls_des_crypt_ecb( ctx, input, output );
for( i = 0; i < 8; i++ )
output[i] = (unsigned char)( output[i] ^ iv[i] );
@ -705,12 +705,12 @@ int des_crypt_cbc( des_context *ctx,
return( 0 );
}
#endif /* POLARSSL_CIPHER_MODE_CBC */
#endif /* MBEDTLS_CIPHER_MODE_CBC */
/*
* 3DES-ECB block encryption/decryption
*/
int des3_crypt_ecb( des3_context *ctx,
int mbedtls_des3_crypt_ecb( mbedtls_des3_context *ctx,
const unsigned char input[8],
unsigned char output[8] )
{
@ -750,11 +750,11 @@ int des3_crypt_ecb( des3_context *ctx,
return( 0 );
}
#if defined(POLARSSL_CIPHER_MODE_CBC)
#if defined(MBEDTLS_CIPHER_MODE_CBC)
/*
* 3DES-CBC buffer encryption/decryption
*/
int des3_crypt_cbc( des3_context *ctx,
int mbedtls_des3_crypt_cbc( mbedtls_des3_context *ctx,
int mode,
size_t length,
unsigned char iv[8],
@ -765,16 +765,16 @@ int des3_crypt_cbc( des3_context *ctx,
unsigned char temp[8];
if( length % 8 )
return( POLARSSL_ERR_DES_INVALID_INPUT_LENGTH );
return( MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH );
if( mode == DES_ENCRYPT )
if( mode == MBEDTLS_DES_ENCRYPT )
{
while( length > 0 )
{
for( i = 0; i < 8; i++ )
output[i] = (unsigned char)( input[i] ^ iv[i] );
des3_crypt_ecb( ctx, output, output );
mbedtls_des3_crypt_ecb( ctx, output, output );
memcpy( iv, output, 8 );
input += 8;
@ -782,12 +782,12 @@ int des3_crypt_cbc( des3_context *ctx,
length -= 8;
}
}
else /* DES_DECRYPT */
else /* MBEDTLS_DES_DECRYPT */
{
while( length > 0 )
{
memcpy( temp, input, 8 );
des3_crypt_ecb( ctx, input, output );
mbedtls_des3_crypt_ecb( ctx, input, output );
for( i = 0; i < 8; i++ )
output[i] = (unsigned char)( output[i] ^ iv[i] );
@ -802,11 +802,11 @@ int des3_crypt_cbc( des3_context *ctx,
return( 0 );
}
#endif /* POLARSSL_CIPHER_MODE_CBC */
#endif /* MBEDTLS_CIPHER_MODE_CBC */
#endif /* !POLARSSL_DES_ALT */
#endif /* !MBEDTLS_DES_ALT */
#if defined(POLARSSL_SELF_TEST)
#if defined(MBEDTLS_SELF_TEST)
/*
* DES and 3DES test vectors from:
*
@ -838,7 +838,7 @@ static const unsigned char des3_test_ecb_enc[3][8] =
{ 0xDD, 0x17, 0xE8, 0xB8, 0xB4, 0x37, 0xD2, 0x32 }
};
#if defined(POLARSSL_CIPHER_MODE_CBC)
#if defined(MBEDTLS_CIPHER_MODE_CBC)
static const unsigned char des3_test_iv[8] =
{
0x12, 0x34, 0x56, 0x78, 0x90, 0xAB, 0xCD, 0xEF,
@ -857,24 +857,24 @@ static const unsigned char des3_test_cbc_enc[3][8] =
{ 0x35, 0x76, 0x11, 0x56, 0x5F, 0xA1, 0x8E, 0x4D },
{ 0xCB, 0x19, 0x1F, 0x85, 0xD1, 0xED, 0x84, 0x39 }
};
#endif /* POLARSSL_CIPHER_MODE_CBC */
#endif /* MBEDTLS_CIPHER_MODE_CBC */
/*
* Checkup routine
*/
int des_self_test( int verbose )
int mbedtls_des_self_test( int verbose )
{
int i, j, u, v, ret = 0;
des_context ctx;
des3_context ctx3;
mbedtls_des_context ctx;
mbedtls_des3_context ctx3;
unsigned char buf[8];
#if defined(POLARSSL_CIPHER_MODE_CBC)
#if defined(MBEDTLS_CIPHER_MODE_CBC)
unsigned char prv[8];
unsigned char iv[8];
#endif
des_init( &ctx );
des3_init( &ctx3 );
mbedtls_des_init( &ctx );
mbedtls_des3_init( &ctx3 );
/*
* ECB mode
*/
@ -884,36 +884,36 @@ int des_self_test( int verbose )
v = i & 1;
if( verbose != 0 )
polarssl_printf( " DES%c-ECB-%3d (%s): ",
mbedtls_printf( " DES%c-ECB-%3d (%s): ",
( u == 0 ) ? ' ' : '3', 56 + u * 56,
( v == DES_DECRYPT ) ? "dec" : "enc" );
( v == MBEDTLS_DES_DECRYPT ) ? "dec" : "enc" );
memcpy( buf, des3_test_buf, 8 );
switch( i )
{
case 0:
des_setkey_dec( &ctx, des3_test_keys );
mbedtls_des_setkey_dec( &ctx, des3_test_keys );
break;
case 1:
des_setkey_enc( &ctx, des3_test_keys );
mbedtls_des_setkey_enc( &ctx, des3_test_keys );
break;
case 2:
des3_set2key_dec( &ctx3, des3_test_keys );
mbedtls_des3_set2key_dec( &ctx3, des3_test_keys );
break;
case 3:
des3_set2key_enc( &ctx3, des3_test_keys );
mbedtls_des3_set2key_enc( &ctx3, des3_test_keys );
break;
case 4:
des3_set3key_dec( &ctx3, des3_test_keys );
mbedtls_des3_set3key_dec( &ctx3, des3_test_keys );
break;
case 5:
des3_set3key_enc( &ctx3, des3_test_keys );
mbedtls_des3_set3key_enc( &ctx3, des3_test_keys );
break;
default:
@ -923,31 +923,31 @@ int des_self_test( int verbose )
for( j = 0; j < 10000; j++ )
{
if( u == 0 )
des_crypt_ecb( &ctx, buf, buf );
mbedtls_des_crypt_ecb( &ctx, buf, buf );
else
des3_crypt_ecb( &ctx3, buf, buf );
mbedtls_des3_crypt_ecb( &ctx3, buf, buf );
}
if( ( v == DES_DECRYPT &&
if( ( v == MBEDTLS_DES_DECRYPT &&
memcmp( buf, des3_test_ecb_dec[u], 8 ) != 0 ) ||
( v != DES_DECRYPT &&
( v != MBEDTLS_DES_DECRYPT &&
memcmp( buf, des3_test_ecb_enc[u], 8 ) != 0 ) )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
mbedtls_printf( "failed\n" );
ret = 1;
goto exit;
}
if( verbose != 0 )
polarssl_printf( "passed\n" );
mbedtls_printf( "passed\n" );
}
if( verbose != 0 )
polarssl_printf( "\n" );
mbedtls_printf( "\n" );
#if defined(POLARSSL_CIPHER_MODE_CBC)
#if defined(MBEDTLS_CIPHER_MODE_CBC)
/*
* CBC mode
*/
@ -957,9 +957,9 @@ int des_self_test( int verbose )
v = i & 1;
if( verbose != 0 )
polarssl_printf( " DES%c-CBC-%3d (%s): ",
mbedtls_printf( " DES%c-CBC-%3d (%s): ",
( u == 0 ) ? ' ' : '3', 56 + u * 56,
( v == DES_DECRYPT ) ? "dec" : "enc" );
( v == MBEDTLS_DES_DECRYPT ) ? "dec" : "enc" );
memcpy( iv, des3_test_iv, 8 );
memcpy( prv, des3_test_iv, 8 );
@ -968,41 +968,41 @@ int des_self_test( int verbose )
switch( i )
{
case 0:
des_setkey_dec( &ctx, des3_test_keys );
mbedtls_des_setkey_dec( &ctx, des3_test_keys );
break;
case 1:
des_setkey_enc( &ctx, des3_test_keys );
mbedtls_des_setkey_enc( &ctx, des3_test_keys );
break;
case 2:
des3_set2key_dec( &ctx3, des3_test_keys );
mbedtls_des3_set2key_dec( &ctx3, des3_test_keys );
break;
case 3:
des3_set2key_enc( &ctx3, des3_test_keys );
mbedtls_des3_set2key_enc( &ctx3, des3_test_keys );
break;
case 4:
des3_set3key_dec( &ctx3, des3_test_keys );
mbedtls_des3_set3key_dec( &ctx3, des3_test_keys );
break;
case 5:
des3_set3key_enc( &ctx3, des3_test_keys );
mbedtls_des3_set3key_enc( &ctx3, des3_test_keys );
break;
default:
return( 1 );
}
if( v == DES_DECRYPT )
if( v == MBEDTLS_DES_DECRYPT )
{
for( j = 0; j < 10000; j++ )
{
if( u == 0 )
des_crypt_cbc( &ctx, v, 8, iv, buf, buf );
mbedtls_des_crypt_cbc( &ctx, v, 8, iv, buf, buf );
else
des3_crypt_cbc( &ctx3, v, 8, iv, buf, buf );
mbedtls_des3_crypt_cbc( &ctx3, v, 8, iv, buf, buf );
}
}
else
@ -1012,9 +1012,9 @@ int des_self_test( int verbose )
unsigned char tmp[8];
if( u == 0 )
des_crypt_cbc( &ctx, v, 8, iv, buf, buf );
mbedtls_des_crypt_cbc( &ctx, v, 8, iv, buf, buf );
else
des3_crypt_cbc( &ctx3, v, 8, iv, buf, buf );
mbedtls_des3_crypt_cbc( &ctx3, v, 8, iv, buf, buf );
memcpy( tmp, prv, 8 );
memcpy( prv, buf, 8 );
@ -1024,33 +1024,33 @@ int des_self_test( int verbose )
memcpy( buf, prv, 8 );
}
if( ( v == DES_DECRYPT &&
if( ( v == MBEDTLS_DES_DECRYPT &&
memcmp( buf, des3_test_cbc_dec[u], 8 ) != 0 ) ||
( v != DES_DECRYPT &&
( v != MBEDTLS_DES_DECRYPT &&
memcmp( buf, des3_test_cbc_enc[u], 8 ) != 0 ) )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
mbedtls_printf( "failed\n" );
ret = 1;
goto exit;
}
if( verbose != 0 )
polarssl_printf( "passed\n" );
mbedtls_printf( "passed\n" );
}
#endif /* POLARSSL_CIPHER_MODE_CBC */
#endif /* MBEDTLS_CIPHER_MODE_CBC */
if( verbose != 0 )
polarssl_printf( "\n" );
mbedtls_printf( "\n" );
exit:
des_free( &ctx );
des3_free( &ctx3 );
mbedtls_des_free( &ctx );
mbedtls_des3_free( &ctx3 );
return( ret );
}
#endif /* POLARSSL_SELF_TEST */
#endif /* MBEDTLS_SELF_TEST */
#endif /* POLARSSL_DES_C */
#endif /* MBEDTLS_DES_C */

286
library/dhm.c
View File

@ -25,61 +25,61 @@
* http://www.cacr.math.uwaterloo.ca/hac/ (chapter 12)
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_DHM_C)
#if defined(MBEDTLS_DHM_C)
#include "mbedtls/dhm.h"
#include <string.h>
#if defined(POLARSSL_PEM_PARSE_C)
#if defined(MBEDTLS_PEM_PARSE_C)
#include "mbedtls/pem.h"
#endif
#if defined(POLARSSL_ASN1_PARSE_C)
#if defined(MBEDTLS_ASN1_PARSE_C)
#include "mbedtls/asn1.h"
#endif
#if defined(POLARSSL_PLATFORM_C)
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#include <stdlib.h>
#include <stdio.h>
#define polarssl_printf printf
#define polarssl_malloc malloc
#define polarssl_free free
#define mbedtls_printf printf
#define mbedtls_malloc malloc
#define mbedtls_free free
#endif
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
/*
* helper to validate the mpi size and import it
* helper to validate the mbedtls_mpi size and import it
*/
static int dhm_read_bignum( mpi *X,
static int dhm_read_bignum( mbedtls_mpi *X,
unsigned char **p,
const unsigned char *end )
{
int ret, n;
if( end - *p < 2 )
return( POLARSSL_ERR_DHM_BAD_INPUT_DATA );
return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA );
n = ( (*p)[0] << 8 ) | (*p)[1];
(*p) += 2;
if( (int)( end - *p ) < n )
return( POLARSSL_ERR_DHM_BAD_INPUT_DATA );
return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA );
if( ( ret = mpi_read_binary( X, *p, n ) ) != 0 )
return( POLARSSL_ERR_DHM_READ_PARAMS_FAILED + ret );
if( ( ret = mbedtls_mpi_read_binary( X, *p, n ) ) != 0 )
return( MBEDTLS_ERR_DHM_READ_PARAMS_FAILED + ret );
(*p) += n;
@ -95,36 +95,36 @@ static int dhm_read_bignum( mpi *X,
* http://www.cl.cam.ac.uk/~rja14/Papers/psandqs.pdf
* http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2643
*/
static int dhm_check_range( const mpi *param, const mpi *P )
static int dhm_check_range( const mbedtls_mpi *param, const mbedtls_mpi *P )
{
mpi L, U;
int ret = POLARSSL_ERR_DHM_BAD_INPUT_DATA;
mbedtls_mpi L, U;
int ret = MBEDTLS_ERR_DHM_BAD_INPUT_DATA;
mpi_init( &L ); mpi_init( &U );
mbedtls_mpi_init( &L ); mbedtls_mpi_init( &U );
MPI_CHK( mpi_lset( &L, 2 ) );
MPI_CHK( mpi_sub_int( &U, P, 2 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &L, 2 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &U, P, 2 ) );
if( mpi_cmp_mpi( param, &L ) >= 0 &&
mpi_cmp_mpi( param, &U ) <= 0 )
if( mbedtls_mpi_cmp_mpi( param, &L ) >= 0 &&
mbedtls_mpi_cmp_mpi( param, &U ) <= 0 )
{
ret = 0;
}
cleanup:
mpi_free( &L ); mpi_free( &U );
mbedtls_mpi_free( &L ); mbedtls_mpi_free( &U );
return( ret );
}
void dhm_init( dhm_context *ctx )
void mbedtls_dhm_init( mbedtls_dhm_context *ctx )
{
memset( ctx, 0, sizeof( dhm_context ) );
memset( ctx, 0, sizeof( mbedtls_dhm_context ) );
}
/*
* Parse the ServerKeyExchange parameters
*/
int dhm_read_params( dhm_context *ctx,
int mbedtls_dhm_read_params( mbedtls_dhm_context *ctx,
unsigned char **p,
const unsigned char *end )
{
@ -138,7 +138,7 @@ int dhm_read_params( dhm_context *ctx,
if( ( ret = dhm_check_range( &ctx->GY, &ctx->P ) ) != 0 )
return( ret );
ctx->len = mpi_size( &ctx->P );
ctx->len = mbedtls_mpi_size( &ctx->P );
return( 0 );
}
@ -146,7 +146,7 @@ int dhm_read_params( dhm_context *ctx,
/*
* Setup and write the ServerKeyExchange parameters
*/
int dhm_make_params( dhm_context *ctx, int x_size,
int mbedtls_dhm_make_params( mbedtls_dhm_context *ctx, int x_size,
unsigned char *output, size_t *olen,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng )
@ -155,28 +155,28 @@ int dhm_make_params( dhm_context *ctx, int x_size,
size_t n1, n2, n3;
unsigned char *p;
if( mpi_cmp_int( &ctx->P, 0 ) == 0 )
return( POLARSSL_ERR_DHM_BAD_INPUT_DATA );
if( mbedtls_mpi_cmp_int( &ctx->P, 0 ) == 0 )
return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA );
/*
* Generate X as large as possible ( < P )
*/
do
{
mpi_fill_random( &ctx->X, x_size, f_rng, p_rng );
mbedtls_mpi_fill_random( &ctx->X, x_size, f_rng, p_rng );
while( mpi_cmp_mpi( &ctx->X, &ctx->P ) >= 0 )
MPI_CHK( mpi_shift_r( &ctx->X, 1 ) );
while( mbedtls_mpi_cmp_mpi( &ctx->X, &ctx->P ) >= 0 )
MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &ctx->X, 1 ) );
if( count++ > 10 )
return( POLARSSL_ERR_DHM_MAKE_PARAMS_FAILED );
return( MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED );
}
while( dhm_check_range( &ctx->X, &ctx->P ) != 0 );
/*
* Calculate GX = G^X mod P
*/
MPI_CHK( mpi_exp_mod( &ctx->GX, &ctx->G, &ctx->X,
MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &ctx->GX, &ctx->G, &ctx->X,
&ctx->P , &ctx->RP ) );
if( ( ret = dhm_check_range( &ctx->GX, &ctx->P ) ) != 0 )
@ -186,13 +186,13 @@ int dhm_make_params( dhm_context *ctx, int x_size,
* export P, G, GX
*/
#define DHM_MPI_EXPORT(X,n) \
MPI_CHK( mpi_write_binary( X, p + 2, n ) ); \
MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( X, p + 2, n ) ); \
*p++ = (unsigned char)( n >> 8 ); \
*p++ = (unsigned char)( n ); p += n;
n1 = mpi_size( &ctx->P );
n2 = mpi_size( &ctx->G );
n3 = mpi_size( &ctx->GX );
n1 = mbedtls_mpi_size( &ctx->P );
n2 = mbedtls_mpi_size( &ctx->G );
n3 = mbedtls_mpi_size( &ctx->GX );
p = output;
DHM_MPI_EXPORT( &ctx->P , n1 );
@ -206,7 +206,7 @@ int dhm_make_params( dhm_context *ctx, int x_size,
cleanup:
if( ret != 0 )
return( POLARSSL_ERR_DHM_MAKE_PARAMS_FAILED + ret );
return( MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED + ret );
return( 0 );
}
@ -214,16 +214,16 @@ cleanup:
/*
* Import the peer's public value G^Y
*/
int dhm_read_public( dhm_context *ctx,
int mbedtls_dhm_read_public( mbedtls_dhm_context *ctx,
const unsigned char *input, size_t ilen )
{
int ret;
if( ctx == NULL || ilen < 1 || ilen > ctx->len )
return( POLARSSL_ERR_DHM_BAD_INPUT_DATA );
return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA );
if( ( ret = mpi_read_binary( &ctx->GY, input, ilen ) ) != 0 )
return( POLARSSL_ERR_DHM_READ_PUBLIC_FAILED + ret );
if( ( ret = mbedtls_mpi_read_binary( &ctx->GY, input, ilen ) ) != 0 )
return( MBEDTLS_ERR_DHM_READ_PUBLIC_FAILED + ret );
return( 0 );
}
@ -231,7 +231,7 @@ int dhm_read_public( dhm_context *ctx,
/*
* Create own private value X and export G^X
*/
int dhm_make_public( dhm_context *ctx, int x_size,
int mbedtls_dhm_make_public( mbedtls_dhm_context *ctx, int x_size,
unsigned char *output, size_t olen,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng )
@ -239,38 +239,38 @@ int dhm_make_public( dhm_context *ctx, int x_size,
int ret, count = 0;
if( ctx == NULL || olen < 1 || olen > ctx->len )
return( POLARSSL_ERR_DHM_BAD_INPUT_DATA );
return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA );
if( mpi_cmp_int( &ctx->P, 0 ) == 0 )
return( POLARSSL_ERR_DHM_BAD_INPUT_DATA );
if( mbedtls_mpi_cmp_int( &ctx->P, 0 ) == 0 )
return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA );
/*
* generate X and calculate GX = G^X mod P
*/
do
{
mpi_fill_random( &ctx->X, x_size, f_rng, p_rng );
mbedtls_mpi_fill_random( &ctx->X, x_size, f_rng, p_rng );
while( mpi_cmp_mpi( &ctx->X, &ctx->P ) >= 0 )
MPI_CHK( mpi_shift_r( &ctx->X, 1 ) );
while( mbedtls_mpi_cmp_mpi( &ctx->X, &ctx->P ) >= 0 )
MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &ctx->X, 1 ) );
if( count++ > 10 )
return( POLARSSL_ERR_DHM_MAKE_PUBLIC_FAILED );
return( MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED );
}
while( dhm_check_range( &ctx->X, &ctx->P ) != 0 );
MPI_CHK( mpi_exp_mod( &ctx->GX, &ctx->G, &ctx->X,
MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &ctx->GX, &ctx->G, &ctx->X,
&ctx->P , &ctx->RP ) );
if( ( ret = dhm_check_range( &ctx->GX, &ctx->P ) ) != 0 )
return( ret );
MPI_CHK( mpi_write_binary( &ctx->GX, output, olen ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &ctx->GX, output, olen ) );
cleanup:
if( ret != 0 )
return( POLARSSL_ERR_DHM_MAKE_PUBLIC_FAILED + ret );
return( MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED + ret );
return( 0 );
}
@ -281,7 +281,7 @@ cleanup:
* DSS, and other systems. In : Advances in Cryptology-CRYPTO'96. Springer
* Berlin Heidelberg, 1996. p. 104-113.
*/
static int dhm_update_blinding( dhm_context *ctx,
static int dhm_update_blinding( mbedtls_dhm_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
{
int ret, count;
@ -290,11 +290,11 @@ static int dhm_update_blinding( dhm_context *ctx,
* Don't use any blinding the first time a particular X is used,
* but remember it to use blinding next time.
*/
if( mpi_cmp_mpi( &ctx->X, &ctx->pX ) != 0 )
if( mbedtls_mpi_cmp_mpi( &ctx->X, &ctx->pX ) != 0 )
{
MPI_CHK( mpi_copy( &ctx->pX, &ctx->X ) );
MPI_CHK( mpi_lset( &ctx->Vi, 1 ) );
MPI_CHK( mpi_lset( &ctx->Vf, 1 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &ctx->pX, &ctx->X ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &ctx->Vi, 1 ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &ctx->Vf, 1 ) );
return( 0 );
}
@ -303,13 +303,13 @@ static int dhm_update_blinding( dhm_context *ctx,
* Ok, we need blinding. Can we re-use existing values?
* If yes, just update them by squaring them.
*/
if( mpi_cmp_int( &ctx->Vi, 1 ) != 0 )
if( mbedtls_mpi_cmp_int( &ctx->Vi, 1 ) != 0 )
{
MPI_CHK( mpi_mul_mpi( &ctx->Vi, &ctx->Vi, &ctx->Vi ) );
MPI_CHK( mpi_mod_mpi( &ctx->Vi, &ctx->Vi, &ctx->P ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->Vi, &ctx->Vi, &ctx->Vi ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->Vi, &ctx->Vi, &ctx->P ) );
MPI_CHK( mpi_mul_mpi( &ctx->Vf, &ctx->Vf, &ctx->Vf ) );
MPI_CHK( mpi_mod_mpi( &ctx->Vf, &ctx->Vf, &ctx->P ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->Vf, &ctx->Vf, &ctx->Vf ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->Vf, &ctx->Vf, &ctx->P ) );
return( 0 );
}
@ -322,19 +322,19 @@ static int dhm_update_blinding( dhm_context *ctx,
count = 0;
do
{
mpi_fill_random( &ctx->Vi, mpi_size( &ctx->P ), f_rng, p_rng );
mbedtls_mpi_fill_random( &ctx->Vi, mbedtls_mpi_size( &ctx->P ), f_rng, p_rng );
while( mpi_cmp_mpi( &ctx->Vi, &ctx->P ) >= 0 )
MPI_CHK( mpi_shift_r( &ctx->Vi, 1 ) );
while( mbedtls_mpi_cmp_mpi( &ctx->Vi, &ctx->P ) >= 0 )
MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &ctx->Vi, 1 ) );
if( count++ > 10 )
return( POLARSSL_ERR_MPI_NOT_ACCEPTABLE );
return( MBEDTLS_ERR_MPI_NOT_ACCEPTABLE );
}
while( mpi_cmp_int( &ctx->Vi, 1 ) <= 0 );
while( mbedtls_mpi_cmp_int( &ctx->Vi, 1 ) <= 0 );
/* Vf = Vi^-X mod P */
MPI_CHK( mpi_inv_mod( &ctx->Vf, &ctx->Vi, &ctx->P ) );
MPI_CHK( mpi_exp_mod( &ctx->Vf, &ctx->Vf, &ctx->X, &ctx->P, &ctx->RP ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &ctx->Vf, &ctx->Vi, &ctx->P ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &ctx->Vf, &ctx->Vf, &ctx->X, &ctx->P, &ctx->RP ) );
cleanup:
return( ret );
@ -343,52 +343,52 @@ cleanup:
/*
* Derive and export the shared secret (G^Y)^X mod P
*/
int dhm_calc_secret( dhm_context *ctx,
int mbedtls_dhm_calc_secret( mbedtls_dhm_context *ctx,
unsigned char *output, size_t *olen,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng )
{
int ret;
mpi GYb;
mbedtls_mpi GYb;
if( ctx == NULL || *olen < ctx->len )
return( POLARSSL_ERR_DHM_BAD_INPUT_DATA );
return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA );
if( ( ret = dhm_check_range( &ctx->GY, &ctx->P ) ) != 0 )
return( ret );
mpi_init( &GYb );
mbedtls_mpi_init( &GYb );
/* Blind peer's value */
if( f_rng != NULL )
{
MPI_CHK( dhm_update_blinding( ctx, f_rng, p_rng ) );
MPI_CHK( mpi_mul_mpi( &GYb, &ctx->GY, &ctx->Vi ) );
MPI_CHK( mpi_mod_mpi( &GYb, &GYb, &ctx->P ) );
MBEDTLS_MPI_CHK( dhm_update_blinding( ctx, f_rng, p_rng ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &GYb, &ctx->GY, &ctx->Vi ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &GYb, &GYb, &ctx->P ) );
}
else
MPI_CHK( mpi_copy( &GYb, &ctx->GY ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &GYb, &ctx->GY ) );
/* Do modular exponentiation */
MPI_CHK( mpi_exp_mod( &ctx->K, &GYb, &ctx->X,
MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &ctx->K, &GYb, &ctx->X,
&ctx->P, &ctx->RP ) );
/* Unblind secret value */
if( f_rng != NULL )
{
MPI_CHK( mpi_mul_mpi( &ctx->K, &ctx->K, &ctx->Vf ) );
MPI_CHK( mpi_mod_mpi( &ctx->K, &ctx->K, &ctx->P ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->K, &ctx->K, &ctx->Vf ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->K, &ctx->K, &ctx->P ) );
}
*olen = mpi_size( &ctx->K );
*olen = mbedtls_mpi_size( &ctx->K );
MPI_CHK( mpi_write_binary( &ctx->K, output, *olen ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &ctx->K, output, *olen ) );
cleanup:
mpi_free( &GYb );
mbedtls_mpi_free( &GYb );
if( ret != 0 )
return( POLARSSL_ERR_DHM_CALC_SECRET_FAILED + ret );
return( MBEDTLS_ERR_DHM_CALC_SECRET_FAILED + ret );
return( 0 );
}
@ -396,32 +396,32 @@ cleanup:
/*
* Free the components of a DHM key
*/
void dhm_free( dhm_context *ctx )
void mbedtls_dhm_free( mbedtls_dhm_context *ctx )
{
mpi_free( &ctx->pX); mpi_free( &ctx->Vf ); mpi_free( &ctx->Vi );
mpi_free( &ctx->RP ); mpi_free( &ctx->K ); mpi_free( &ctx->GY );
mpi_free( &ctx->GX ); mpi_free( &ctx->X ); mpi_free( &ctx->G );
mpi_free( &ctx->P );
mbedtls_mpi_free( &ctx->pX); mbedtls_mpi_free( &ctx->Vf ); mbedtls_mpi_free( &ctx->Vi );
mbedtls_mpi_free( &ctx->RP ); mbedtls_mpi_free( &ctx->K ); mbedtls_mpi_free( &ctx->GY );
mbedtls_mpi_free( &ctx->GX ); mbedtls_mpi_free( &ctx->X ); mbedtls_mpi_free( &ctx->G );
mbedtls_mpi_free( &ctx->P );
polarssl_zeroize( ctx, sizeof( dhm_context ) );
mbedtls_zeroize( ctx, sizeof( mbedtls_dhm_context ) );
}
#if defined(POLARSSL_ASN1_PARSE_C)
#if defined(MBEDTLS_ASN1_PARSE_C)
/*
* Parse DHM parameters
*/
int dhm_parse_dhm( dhm_context *dhm, const unsigned char *dhmin,
int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin,
size_t dhminlen )
{
int ret;
size_t len;
unsigned char *p, *end;
#if defined(POLARSSL_PEM_PARSE_C)
pem_context pem;
#if defined(MBEDTLS_PEM_PARSE_C)
mbedtls_pem_context pem;
pem_init( &pem );
mbedtls_pem_init( &pem );
ret = pem_read_buffer( &pem,
ret = mbedtls_pem_read_buffer( &pem,
"-----BEGIN DH PARAMETERS-----",
"-----END DH PARAMETERS-----",
dhmin, NULL, 0, &dhminlen );
@ -433,13 +433,13 @@ int dhm_parse_dhm( dhm_context *dhm, const unsigned char *dhmin,
*/
dhminlen = pem.buflen;
}
else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
goto exit;
p = ( ret == 0 ) ? pem.buf : (unsigned char *) dhmin;
#else
p = (unsigned char *) dhmin;
#endif /* POLARSSL_PEM_PARSE_C */
#endif /* MBEDTLS_PEM_PARSE_C */
end = p + dhminlen;
/*
@ -448,44 +448,44 @@ int dhm_parse_dhm( dhm_context *dhm, const unsigned char *dhmin,
* generator INTEGER, -- g
* }
*/
if( ( ret = asn1_get_tag( &p, end, &len,
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
{
ret = POLARSSL_ERR_DHM_INVALID_FORMAT + ret;
ret = MBEDTLS_ERR_DHM_INVALID_FORMAT + ret;
goto exit;
}
end = p + len;
if( ( ret = asn1_get_mpi( &p, end, &dhm->P ) ) != 0 ||
( ret = asn1_get_mpi( &p, end, &dhm->G ) ) != 0 )
if( ( ret = mbedtls_asn1_get_mpi( &p, end, &dhm->P ) ) != 0 ||
( ret = mbedtls_asn1_get_mpi( &p, end, &dhm->G ) ) != 0 )
{
ret = POLARSSL_ERR_DHM_INVALID_FORMAT + ret;
ret = MBEDTLS_ERR_DHM_INVALID_FORMAT + ret;
goto exit;
}
if( p != end )
{
ret = POLARSSL_ERR_DHM_INVALID_FORMAT +
POLARSSL_ERR_ASN1_LENGTH_MISMATCH;
ret = MBEDTLS_ERR_DHM_INVALID_FORMAT +
MBEDTLS_ERR_ASN1_LENGTH_MISMATCH;
goto exit;
}
ret = 0;
dhm->len = mpi_size( &dhm->P );
dhm->len = mbedtls_mpi_size( &dhm->P );
exit:
#if defined(POLARSSL_PEM_PARSE_C)
pem_free( &pem );
#if defined(MBEDTLS_PEM_PARSE_C)
mbedtls_pem_free( &pem );
#endif
if( ret != 0 )
dhm_free( dhm );
mbedtls_dhm_free( dhm );
return( ret );
}
#if defined(POLARSSL_FS_IO)
#if defined(MBEDTLS_FS_IO)
/*
* Load all data from a file into a given buffer.
*/
@ -495,30 +495,30 @@ static int load_file( const char *path, unsigned char **buf, size_t *n )
long size;
if( ( f = fopen( path, "rb" ) ) == NULL )
return( POLARSSL_ERR_DHM_FILE_IO_ERROR );
return( MBEDTLS_ERR_DHM_FILE_IO_ERROR );
fseek( f, 0, SEEK_END );
if( ( size = ftell( f ) ) == -1 )
{
fclose( f );
return( POLARSSL_ERR_DHM_FILE_IO_ERROR );
return( MBEDTLS_ERR_DHM_FILE_IO_ERROR );
}
fseek( f, 0, SEEK_SET );
*n = (size_t) size;
if( *n + 1 == 0 ||
( *buf = polarssl_malloc( *n + 1 ) ) == NULL )
( *buf = mbedtls_malloc( *n + 1 ) ) == NULL )
{
fclose( f );
return( POLARSSL_ERR_DHM_MALLOC_FAILED );
return( MBEDTLS_ERR_DHM_MALLOC_FAILED );
}
if( fread( *buf, 1, *n, f ) != *n )
{
fclose( f );
polarssl_free( *buf );
return( POLARSSL_ERR_DHM_FILE_IO_ERROR );
mbedtls_free( *buf );
return( MBEDTLS_ERR_DHM_FILE_IO_ERROR );
}
fclose( f );
@ -531,7 +531,7 @@ static int load_file( const char *path, unsigned char **buf, size_t *n )
/*
* Load and parse DHM parameters
*/
int dhm_parse_dhmfile( dhm_context *dhm, const char *path )
int mbedtls_dhm_parse_dhmfile( mbedtls_dhm_context *dhm, const char *path )
{
int ret;
size_t n;
@ -540,59 +540,59 @@ int dhm_parse_dhmfile( dhm_context *dhm, const char *path )
if( ( ret = load_file( path, &buf, &n ) ) != 0 )
return( ret );
ret = dhm_parse_dhm( dhm, buf, n );
ret = mbedtls_dhm_parse_dhm( dhm, buf, n );
polarssl_zeroize( buf, n + 1 );
polarssl_free( buf );
mbedtls_zeroize( buf, n + 1 );
mbedtls_free( buf );
return( ret );
}
#endif /* POLARSSL_FS_IO */
#endif /* POLARSSL_ASN1_PARSE_C */
#endif /* MBEDTLS_FS_IO */
#endif /* MBEDTLS_ASN1_PARSE_C */
#if defined(POLARSSL_SELF_TEST)
#if defined(MBEDTLS_SELF_TEST)
#include "mbedtls/certs.h"
/*
* Checkup routine
*/
int dhm_self_test( int verbose )
int mbedtls_dhm_self_test( int verbose )
{
#if defined(POLARSSL_CERTS_C)
#if defined(MBEDTLS_CERTS_C)
int ret;
dhm_context dhm;
mbedtls_dhm_context dhm;
dhm_init( &dhm );
mbedtls_dhm_init( &dhm );
if( verbose != 0 )
polarssl_printf( " DHM parameter load: " );
mbedtls_printf( " DHM parameter load: " );
if( ( ret = dhm_parse_dhm( &dhm, (const unsigned char *) test_dhm_params,
strlen( test_dhm_params ) ) ) != 0 )
if( ( ret = mbedtls_dhm_parse_dhm( &dhm, (const unsigned char *) mbedtls_test_dhm_params,
strlen( mbedtls_test_dhm_params ) ) ) != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
mbedtls_printf( "failed\n" );
ret = 1;
goto exit;
}
if( verbose != 0 )
polarssl_printf( "passed\n\n" );
mbedtls_printf( "passed\n\n" );
exit:
dhm_free( &dhm );
mbedtls_dhm_free( &dhm );
return( ret );
#else
if( verbose != 0 )
polarssl_printf( " DHM parameter load: skipped\n" );
mbedtls_printf( " DHM parameter load: skipped\n" );
return( 0 );
#endif /* POLARSSL_CERTS_C */
#endif /* MBEDTLS_CERTS_C */
}
#endif /* POLARSSL_SELF_TEST */
#endif /* MBEDTLS_SELF_TEST */
#endif /* POLARSSL_DHM_C */
#endif /* MBEDTLS_DHM_C */

118
library/ecdh.c
View File

@ -27,58 +27,58 @@
* RFC 4492
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_ECDH_C)
#if defined(MBEDTLS_ECDH_C)
#include "mbedtls/ecdh.h"
#include <string.h>
/*
* Generate public key: simple wrapper around ecp_gen_keypair
* Generate public key: simple wrapper around mbedtls_ecp_gen_keypair
*/
int ecdh_gen_public( ecp_group *grp, mpi *d, ecp_point *Q,
int mbedtls_ecdh_gen_public( mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng )
{
return ecp_gen_keypair( grp, d, Q, f_rng, p_rng );
return mbedtls_ecp_gen_keypair( grp, d, Q, f_rng, p_rng );
}
/*
* Compute shared secret (SEC1 3.3.1)
*/
int ecdh_compute_shared( ecp_group *grp, mpi *z,
const ecp_point *Q, const mpi *d,
int mbedtls_ecdh_compute_shared( mbedtls_ecp_group *grp, mbedtls_mpi *z,
const mbedtls_ecp_point *Q, const mbedtls_mpi *d,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng )
{
int ret;
ecp_point P;
mbedtls_ecp_point P;
ecp_point_init( &P );
mbedtls_ecp_point_init( &P );
/*
* Make sure Q is a valid pubkey before using it
*/
MPI_CHK( ecp_check_pubkey( grp, Q ) );
MBEDTLS_MPI_CHK( mbedtls_ecp_check_pubkey( grp, Q ) );
MPI_CHK( ecp_mul( grp, &P, d, Q, f_rng, p_rng ) );
MBEDTLS_MPI_CHK( mbedtls_ecp_mul( grp, &P, d, Q, f_rng, p_rng ) );
if( ecp_is_zero( &P ) )
if( mbedtls_ecp_is_zero( &P ) )
{
ret = POLARSSL_ERR_ECP_BAD_INPUT_DATA;
ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
goto cleanup;
}
MPI_CHK( mpi_copy( z, &P.X ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_copy( z, &P.X ) );
cleanup:
ecp_point_free( &P );
mbedtls_ecp_point_free( &P );
return( ret );
}
@ -86,27 +86,27 @@ cleanup:
/*
* Initialize context
*/
void ecdh_init( ecdh_context *ctx )
void mbedtls_ecdh_init( mbedtls_ecdh_context *ctx )
{
memset( ctx, 0, sizeof( ecdh_context ) );
memset( ctx, 0, sizeof( mbedtls_ecdh_context ) );
}
/*
* Free context
*/
void ecdh_free( ecdh_context *ctx )
void mbedtls_ecdh_free( mbedtls_ecdh_context *ctx )
{
if( ctx == NULL )
return;
ecp_group_free( &ctx->grp );
ecp_point_free( &ctx->Q );
ecp_point_free( &ctx->Qp );
ecp_point_free( &ctx->Vi );
ecp_point_free( &ctx->Vf );
mpi_free( &ctx->d );
mpi_free( &ctx->z );
mpi_free( &ctx->_d );
mbedtls_ecp_group_free( &ctx->grp );
mbedtls_ecp_point_free( &ctx->Q );
mbedtls_ecp_point_free( &ctx->Qp );
mbedtls_ecp_point_free( &ctx->Vi );
mbedtls_ecp_point_free( &ctx->Vf );
mbedtls_mpi_free( &ctx->d );
mbedtls_mpi_free( &ctx->z );
mbedtls_mpi_free( &ctx->_d );
}
/*
@ -116,7 +116,7 @@ void ecdh_free( ecdh_context *ctx )
* ECPoint public;
* } ServerECDHParams;
*/
int ecdh_make_params( ecdh_context *ctx, size_t *olen,
int mbedtls_ecdh_make_params( mbedtls_ecdh_context *ctx, size_t *olen,
unsigned char *buf, size_t blen,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng )
@ -125,20 +125,20 @@ int ecdh_make_params( ecdh_context *ctx, size_t *olen,
size_t grp_len, pt_len;
if( ctx == NULL || ctx->grp.pbits == 0 )
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA );
return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
if( ( ret = ecdh_gen_public( &ctx->grp, &ctx->d, &ctx->Q, f_rng, p_rng ) )
if( ( ret = mbedtls_ecdh_gen_public( &ctx->grp, &ctx->d, &ctx->Q, f_rng, p_rng ) )
!= 0 )
return( ret );
if( ( ret = ecp_tls_write_group( &ctx->grp, &grp_len, buf, blen ) )
if( ( ret = mbedtls_ecp_tls_write_group( &ctx->grp, &grp_len, buf, blen ) )
!= 0 )
return( ret );
buf += grp_len;
blen -= grp_len;
if( ( ret = ecp_tls_write_point( &ctx->grp, &ctx->Q, ctx->point_format,
if( ( ret = mbedtls_ecp_tls_write_point( &ctx->grp, &ctx->Q, ctx->point_format,
&pt_len, buf, blen ) ) != 0 )
return( ret );
@ -153,15 +153,15 @@ int ecdh_make_params( ecdh_context *ctx, size_t *olen,
* ECPoint public;
* } ServerECDHParams;
*/
int ecdh_read_params( ecdh_context *ctx,
int mbedtls_ecdh_read_params( mbedtls_ecdh_context *ctx,
const unsigned char **buf, const unsigned char *end )
{
int ret;
if( ( ret = ecp_tls_read_group( &ctx->grp, buf, end - *buf ) ) != 0 )
if( ( ret = mbedtls_ecp_tls_read_group( &ctx->grp, buf, end - *buf ) ) != 0 )
return( ret );
if( ( ret = ecp_tls_read_point( &ctx->grp, &ctx->Qp, buf, end - *buf ) )
if( ( ret = mbedtls_ecp_tls_read_point( &ctx->grp, &ctx->Qp, buf, end - *buf ) )
!= 0 )
return( ret );
@ -171,24 +171,24 @@ int ecdh_read_params( ecdh_context *ctx,
/*
* Get parameters from a keypair
*/
int ecdh_get_params( ecdh_context *ctx, const ecp_keypair *key,
ecdh_side side )
int mbedtls_ecdh_get_params( mbedtls_ecdh_context *ctx, const mbedtls_ecp_keypair *key,
mbedtls_ecdh_side side )
{
int ret;
if( ( ret = ecp_group_copy( &ctx->grp, &key->grp ) ) != 0 )
if( ( ret = mbedtls_ecp_group_copy( &ctx->grp, &key->grp ) ) != 0 )
return( ret );
/* If it's not our key, just import the public part as Qp */
if( side == POLARSSL_ECDH_THEIRS )
return( ecp_copy( &ctx->Qp, &key->Q ) );
if( side == MBEDTLS_ECDH_THEIRS )
return( mbedtls_ecp_copy( &ctx->Qp, &key->Q ) );
/* Our key: import public (as Q) and private parts */
if( side != POLARSSL_ECDH_OURS )
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA );
if( side != MBEDTLS_ECDH_OURS )
return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
if( ( ret = ecp_copy( &ctx->Q, &key->Q ) ) != 0 ||
( ret = mpi_copy( &ctx->d, &key->d ) ) != 0 )
if( ( ret = mbedtls_ecp_copy( &ctx->Q, &key->Q ) ) != 0 ||
( ret = mbedtls_mpi_copy( &ctx->d, &key->d ) ) != 0 )
return( ret );
return( 0 );
@ -197,7 +197,7 @@ int ecdh_get_params( ecdh_context *ctx, const ecp_keypair *key,
/*
* Setup and export the client public value
*/
int ecdh_make_public( ecdh_context *ctx, size_t *olen,
int mbedtls_ecdh_make_public( mbedtls_ecdh_context *ctx, size_t *olen,
unsigned char *buf, size_t blen,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng )
@ -205,33 +205,33 @@ int ecdh_make_public( ecdh_context *ctx, size_t *olen,
int ret;
if( ctx == NULL || ctx->grp.pbits == 0 )
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA );
return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
if( ( ret = ecdh_gen_public( &ctx->grp, &ctx->d, &ctx->Q, f_rng, p_rng ) )
if( ( ret = mbedtls_ecdh_gen_public( &ctx->grp, &ctx->d, &ctx->Q, f_rng, p_rng ) )
!= 0 )
return( ret );
return ecp_tls_write_point( &ctx->grp, &ctx->Q, ctx->point_format,
return mbedtls_ecp_tls_write_point( &ctx->grp, &ctx->Q, ctx->point_format,
olen, buf, blen );
}
/*
* Parse and import the client's public value
*/
int ecdh_read_public( ecdh_context *ctx,
int mbedtls_ecdh_read_public( mbedtls_ecdh_context *ctx,
const unsigned char *buf, size_t blen )
{
int ret;
const unsigned char *p = buf;
if( ctx == NULL )
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA );
return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
if( ( ret = ecp_tls_read_point( &ctx->grp, &ctx->Qp, &p, blen ) ) != 0 )
if( ( ret = mbedtls_ecp_tls_read_point( &ctx->grp, &ctx->Qp, &p, blen ) ) != 0 )
return( ret );
if( (size_t)( p - buf ) != blen )
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA );
return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
return( 0 );
}
@ -239,7 +239,7 @@ int ecdh_read_public( ecdh_context *ctx,
/*
* Derive and export the shared secret
*/
int ecdh_calc_secret( ecdh_context *ctx, size_t *olen,
int mbedtls_ecdh_calc_secret( mbedtls_ecdh_context *ctx, size_t *olen,
unsigned char *buf, size_t blen,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng )
@ -247,19 +247,19 @@ int ecdh_calc_secret( ecdh_context *ctx, size_t *olen,
int ret;
if( ctx == NULL )
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA );
return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
if( ( ret = ecdh_compute_shared( &ctx->grp, &ctx->z, &ctx->Qp, &ctx->d,
if( ( ret = mbedtls_ecdh_compute_shared( &ctx->grp, &ctx->z, &ctx->Qp, &ctx->d,
f_rng, p_rng ) ) != 0 )
{
return( ret );
}
if( mpi_size( &ctx->z ) > blen )
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA );
if( mbedtls_mpi_size( &ctx->z ) > blen )
return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
*olen = ctx->grp.pbits / 8 + ( ( ctx->grp.pbits % 8 ) != 0 );
return mpi_write_binary( &ctx->z, buf, *olen );
return mbedtls_mpi_write_binary( &ctx->z, buf, *olen );
}
#endif /* POLARSSL_ECDH_C */
#endif /* MBEDTLS_ECDH_C */

278
library/ecdsa.c
View File

@ -26,20 +26,20 @@
* SEC1 http://www.secg.org/index.php?action=secg,docs_secg
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_ECDSA_C)
#if defined(MBEDTLS_ECDSA_C)
#include "mbedtls/ecdsa.h"
#include "mbedtls/asn1write.h"
#include <string.h>
#if defined(POLARSSL_ECDSA_DETERMINISTIC)
#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
#include "mbedtls/hmac_drbg.h"
#endif
@ -47,20 +47,20 @@
* Derive a suitable integer for group grp from a buffer of length len
* SEC1 4.1.3 step 5 aka SEC1 4.1.4 step 3
*/
static int derive_mpi( const ecp_group *grp, mpi *x,
static int derive_mpi( const mbedtls_ecp_group *grp, mbedtls_mpi *x,
const unsigned char *buf, size_t blen )
{
int ret;
size_t n_size = ( grp->nbits + 7 ) / 8;
size_t use_size = blen > n_size ? n_size : blen;
MPI_CHK( mpi_read_binary( x, buf, use_size ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( x, buf, use_size ) );
if( use_size * 8 > grp->nbits )
MPI_CHK( mpi_shift_r( x, use_size * 8 - grp->nbits ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( x, use_size * 8 - grp->nbits ) );
/* While at it, reduce modulo N */
if( mpi_cmp_mpi( x, &grp->N ) >= 0 )
MPI_CHK( mpi_sub_mpi( x, x, &grp->N ) );
if( mbedtls_mpi_cmp_mpi( x, &grp->N ) >= 0 )
MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( x, x, &grp->N ) );
cleanup:
return( ret );
@ -70,20 +70,20 @@ cleanup:
* Compute ECDSA signature of a hashed message (SEC1 4.1.3)
* Obviously, compared to SEC1 4.1.3, we skip step 4 (hash message)
*/
int ecdsa_sign( ecp_group *grp, mpi *r, mpi *s,
const mpi *d, const unsigned char *buf, size_t blen,
int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s,
const mbedtls_mpi *d, const unsigned char *buf, size_t blen,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
{
int ret, key_tries, sign_tries, blind_tries;
ecp_point R;
mpi k, e, t;
mbedtls_ecp_point R;
mbedtls_mpi k, e, t;
/* Fail cleanly on curves such as Curve25519 that can't be used for ECDSA */
if( grp->N.p == NULL )
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA );
return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
ecp_point_init( &R );
mpi_init( &k ); mpi_init( &e ); mpi_init( &t );
mbedtls_ecp_point_init( &R );
mbedtls_mpi_init( &k ); mbedtls_mpi_init( &e ); mbedtls_mpi_init( &t );
sign_tries = 0;
do
@ -95,21 +95,21 @@ int ecdsa_sign( ecp_group *grp, mpi *r, mpi *s,
key_tries = 0;
do
{
MPI_CHK( ecp_gen_keypair( grp, &k, &R, f_rng, p_rng ) );
MPI_CHK( mpi_mod_mpi( r, &R.X, &grp->N ) );
MBEDTLS_MPI_CHK( mbedtls_ecp_gen_keypair( grp, &k, &R, f_rng, p_rng ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( r, &R.X, &grp->N ) );
if( key_tries++ > 10 )
{
ret = POLARSSL_ERR_ECP_RANDOM_FAILED;
ret = MBEDTLS_ERR_ECP_RANDOM_FAILED;
goto cleanup;
}
}
while( mpi_cmp_int( r, 0 ) == 0 );
while( mbedtls_mpi_cmp_int( r, 0 ) == 0 );
/*
* Step 5: derive MPI from hashed message
*/
MPI_CHK( derive_mpi( grp, &e, buf, blen ) );
MBEDTLS_MPI_CHK( derive_mpi( grp, &e, buf, blen ) );
/*
* Generate a random value to blind inv_mod in next step,
@ -119,143 +119,143 @@ int ecdsa_sign( ecp_group *grp, mpi *r, mpi *s,
do
{
size_t n_size = ( grp->nbits + 7 ) / 8;
MPI_CHK( mpi_fill_random( &t, n_size, f_rng, p_rng ) );
MPI_CHK( mpi_shift_r( &t, 8 * n_size - grp->nbits ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &t, n_size, f_rng, p_rng ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &t, 8 * n_size - grp->nbits ) );
/* See ecp_gen_keypair() */
/* See mbedtls_ecp_gen_keypair() */
if( ++blind_tries > 30 )
return( POLARSSL_ERR_ECP_RANDOM_FAILED );
return( MBEDTLS_ERR_ECP_RANDOM_FAILED );
}
while( mpi_cmp_int( &t, 1 ) < 0 ||
mpi_cmp_mpi( &t, &grp->N ) >= 0 );
while( mbedtls_mpi_cmp_int( &t, 1 ) < 0 ||
mbedtls_mpi_cmp_mpi( &t, &grp->N ) >= 0 );
/*
* Step 6: compute s = (e + r * d) / k = t (e + rd) / (kt) mod n
*/
MPI_CHK( mpi_mul_mpi( s, r, d ) );
MPI_CHK( mpi_add_mpi( &e, &e, s ) );
MPI_CHK( mpi_mul_mpi( &e, &e, &t ) );
MPI_CHK( mpi_mul_mpi( &k, &k, &t ) );
MPI_CHK( mpi_inv_mod( s, &k, &grp->N ) );
MPI_CHK( mpi_mul_mpi( s, s, &e ) );
MPI_CHK( mpi_mod_mpi( s, s, &grp->N ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( s, r, d ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &e, &e, s ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &e, &e, &t ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &k, &k, &t ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( s, &k, &grp->N ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( s, s, &e ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( s, s, &grp->N ) );
if( sign_tries++ > 10 )
{
ret = POLARSSL_ERR_ECP_RANDOM_FAILED;
ret = MBEDTLS_ERR_ECP_RANDOM_FAILED;
goto cleanup;
}
}
while( mpi_cmp_int( s, 0 ) == 0 );
while( mbedtls_mpi_cmp_int( s, 0 ) == 0 );
cleanup:
ecp_point_free( &R );
mpi_free( &k ); mpi_free( &e ); mpi_free( &t );
mbedtls_ecp_point_free( &R );
mbedtls_mpi_free( &k ); mbedtls_mpi_free( &e ); mbedtls_mpi_free( &t );
return( ret );
}
#if defined(POLARSSL_ECDSA_DETERMINISTIC)
#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
/*
* Deterministic signature wrapper
*/
int ecdsa_sign_det( ecp_group *grp, mpi *r, mpi *s,
const mpi *d, const unsigned char *buf, size_t blen,
md_type_t md_alg )
int mbedtls_ecdsa_sign_det( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s,
const mbedtls_mpi *d, const unsigned char *buf, size_t blen,
mbedtls_md_type_t md_alg )
{
int ret;
hmac_drbg_context rng_ctx;
unsigned char data[2 * POLARSSL_ECP_MAX_BYTES];
mbedtls_hmac_drbg_context rng_ctx;
unsigned char data[2 * MBEDTLS_ECP_MAX_BYTES];
size_t grp_len = ( grp->nbits + 7 ) / 8;
const md_info_t *md_info;
mpi h;
const mbedtls_md_info_t *md_info;
mbedtls_mpi h;
if( ( md_info = md_info_from_type( md_alg ) ) == NULL )
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA );
if( ( md_info = mbedtls_md_info_from_type( md_alg ) ) == NULL )
return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
mpi_init( &h );
memset( &rng_ctx, 0, sizeof( hmac_drbg_context ) );
mbedtls_mpi_init( &h );
memset( &rng_ctx, 0, sizeof( mbedtls_hmac_drbg_context ) );
/* Use private key and message hash (reduced) to initialize HMAC_DRBG */
MPI_CHK( mpi_write_binary( d, data, grp_len ) );
MPI_CHK( derive_mpi( grp, &h, buf, blen ) );
MPI_CHK( mpi_write_binary( &h, data + grp_len, grp_len ) );
hmac_drbg_init_buf( &rng_ctx, md_info, data, 2 * grp_len );
MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( d, data, grp_len ) );
MBEDTLS_MPI_CHK( derive_mpi( grp, &h, buf, blen ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &h, data + grp_len, grp_len ) );
mbedtls_hmac_drbg_init_buf( &rng_ctx, md_info, data, 2 * grp_len );
ret = ecdsa_sign( grp, r, s, d, buf, blen,
hmac_drbg_random, &rng_ctx );
ret = mbedtls_ecdsa_sign( grp, r, s, d, buf, blen,
mbedtls_hmac_drbg_random, &rng_ctx );
cleanup:
hmac_drbg_free( &rng_ctx );
mpi_free( &h );
mbedtls_hmac_drbg_free( &rng_ctx );
mbedtls_mpi_free( &h );
return( ret );
}
#endif /* POLARSSL_ECDSA_DETERMINISTIC */
#endif /* MBEDTLS_ECDSA_DETERMINISTIC */
/*
* Verify ECDSA signature of hashed message (SEC1 4.1.4)
* Obviously, compared to SEC1 4.1.3, we skip step 2 (hash message)
*/
int ecdsa_verify( ecp_group *grp,
int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp,
const unsigned char *buf, size_t blen,
const ecp_point *Q, const mpi *r, const mpi *s)
const mbedtls_ecp_point *Q, const mbedtls_mpi *r, const mbedtls_mpi *s)
{
int ret;
mpi e, s_inv, u1, u2;
ecp_point R, P;
mbedtls_mpi e, s_inv, u1, u2;
mbedtls_ecp_point R, P;
ecp_point_init( &R ); ecp_point_init( &P );
mpi_init( &e ); mpi_init( &s_inv ); mpi_init( &u1 ); mpi_init( &u2 );
mbedtls_ecp_point_init( &R ); mbedtls_ecp_point_init( &P );
mbedtls_mpi_init( &e ); mbedtls_mpi_init( &s_inv ); mbedtls_mpi_init( &u1 ); mbedtls_mpi_init( &u2 );
/* Fail cleanly on curves such as Curve25519 that can't be used for ECDSA */
if( grp->N.p == NULL )
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA );
return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
/*
* Step 1: make sure r and s are in range 1..n-1
*/
if( mpi_cmp_int( r, 1 ) < 0 || mpi_cmp_mpi( r, &grp->N ) >= 0 ||
mpi_cmp_int( s, 1 ) < 0 || mpi_cmp_mpi( s, &grp->N ) >= 0 )
if( mbedtls_mpi_cmp_int( r, 1 ) < 0 || mbedtls_mpi_cmp_mpi( r, &grp->N ) >= 0 ||
mbedtls_mpi_cmp_int( s, 1 ) < 0 || mbedtls_mpi_cmp_mpi( s, &grp->N ) >= 0 )
{
ret = POLARSSL_ERR_ECP_VERIFY_FAILED;
ret = MBEDTLS_ERR_ECP_VERIFY_FAILED;
goto cleanup;
}
/*
* Additional precaution: make sure Q is valid
*/
MPI_CHK( ecp_check_pubkey( grp, Q ) );
MBEDTLS_MPI_CHK( mbedtls_ecp_check_pubkey( grp, Q ) );
/*
* Step 3: derive MPI from hashed message
*/
MPI_CHK( derive_mpi( grp, &e, buf, blen ) );
MBEDTLS_MPI_CHK( derive_mpi( grp, &e, buf, blen ) );
/*
* Step 4: u1 = e / s mod n, u2 = r / s mod n
*/
MPI_CHK( mpi_inv_mod( &s_inv, s, &grp->N ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &s_inv, s, &grp->N ) );
MPI_CHK( mpi_mul_mpi( &u1, &e, &s_inv ) );
MPI_CHK( mpi_mod_mpi( &u1, &u1, &grp->N ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &u1, &e, &s_inv ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &u1, &u1, &grp->N ) );
MPI_CHK( mpi_mul_mpi( &u2, r, &s_inv ) );
MPI_CHK( mpi_mod_mpi( &u2, &u2, &grp->N ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &u2, r, &s_inv ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &u2, &u2, &grp->N ) );
/*
* Step 5: R = u1 G + u2 Q
*
* Since we're not using any secret data, no need to pass a RNG to
* ecp_mul() for countermesures.
* mbedtls_ecp_mul() for countermesures.
*/
MPI_CHK( ecp_mul( grp, &R, &u1, &grp->G, NULL, NULL ) );
MPI_CHK( ecp_mul( grp, &P, &u2, Q, NULL, NULL ) );
MPI_CHK( ecp_add( grp, &R, &R, &P ) );
MBEDTLS_MPI_CHK( mbedtls_ecp_mul( grp, &R, &u1, &grp->G, NULL, NULL ) );
MBEDTLS_MPI_CHK( mbedtls_ecp_mul( grp, &P, &u2, Q, NULL, NULL ) );
MBEDTLS_MPI_CHK( mbedtls_ecp_add( grp, &R, &R, &P ) );
if( ecp_is_zero( &R ) )
if( mbedtls_ecp_is_zero( &R ) )
{
ret = POLARSSL_ERR_ECP_VERIFY_FAILED;
ret = MBEDTLS_ERR_ECP_VERIFY_FAILED;
goto cleanup;
}
@ -263,20 +263,20 @@ int ecdsa_verify( ecp_group *grp,
* Step 6: convert xR to an integer (no-op)
* Step 7: reduce xR mod n (gives v)
*/
MPI_CHK( mpi_mod_mpi( &R.X, &R.X, &grp->N ) );
MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &R.X, &R.X, &grp->N ) );
/*
* Step 8: check if v (that is, R.X) is equal to r
*/
if( mpi_cmp_mpi( &R.X, r ) != 0 )
if( mbedtls_mpi_cmp_mpi( &R.X, r ) != 0 )
{
ret = POLARSSL_ERR_ECP_VERIFY_FAILED;
ret = MBEDTLS_ERR_ECP_VERIFY_FAILED;
goto cleanup;
}
cleanup:
ecp_point_free( &R ); ecp_point_free( &P );
mpi_free( &e ); mpi_free( &s_inv ); mpi_free( &u1 ); mpi_free( &u2 );
mbedtls_ecp_point_free( &R ); mbedtls_ecp_point_free( &P );
mbedtls_mpi_free( &e ); mbedtls_mpi_free( &s_inv ); mbedtls_mpi_free( &u1 ); mbedtls_mpi_free( &u2 );
return( ret );
}
@ -284,20 +284,20 @@ cleanup:
/*
* Convert a signature (given by context) to ASN.1
*/
static int ecdsa_signature_to_asn1( const mpi *r, const mpi *s,
static int ecdsa_signature_to_asn1( const mbedtls_mpi *r, const mbedtls_mpi *s,
unsigned char *sig, size_t *slen )
{
int ret;
unsigned char buf[POLARSSL_ECDSA_MAX_LEN];
unsigned char buf[MBEDTLS_ECDSA_MAX_LEN];
unsigned char *p = buf + sizeof( buf );
size_t len = 0;
ASN1_CHK_ADD( len, asn1_write_mpi( &p, buf, s ) );
ASN1_CHK_ADD( len, asn1_write_mpi( &p, buf, r ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &p, buf, s ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &p, buf, r ) );
ASN1_CHK_ADD( len, asn1_write_len( &p, buf, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( &p, buf,
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &p, buf, len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &p, buf,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) );
memcpy( sig, p, len );
*slen = len;
@ -308,48 +308,48 @@ static int ecdsa_signature_to_asn1( const mpi *r, const mpi *s,
/*
* Compute and write signature
*/
int ecdsa_write_signature( ecdsa_context *ctx, md_type_t md_alg,
int mbedtls_ecdsa_write_signature( mbedtls_ecdsa_context *ctx, mbedtls_md_type_t md_alg,
const unsigned char *hash, size_t hlen,
unsigned char *sig, size_t *slen,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng )
{
int ret;
mpi r, s;
mbedtls_mpi r, s;
mpi_init( &r );
mpi_init( &s );
mbedtls_mpi_init( &r );
mbedtls_mpi_init( &s );
#if defined(POLARSSL_ECDSA_DETERMINISTIC)
#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
(void) f_rng;
(void) p_rng;
MPI_CHK( ecdsa_sign_det( &ctx->grp, &r, &s, &ctx->d,
MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign_det( &ctx->grp, &r, &s, &ctx->d,
hash, hlen, md_alg ) );
#else
(void) md_alg;
MPI_CHK( ecdsa_sign( &ctx->grp, &r, &s, &ctx->d,
MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign( &ctx->grp, &r, &s, &ctx->d,
hash, hlen, f_rng, p_rng ) );
#endif
MPI_CHK( ecdsa_signature_to_asn1( &r, &s, sig, slen ) );
MBEDTLS_MPI_CHK( ecdsa_signature_to_asn1( &r, &s, sig, slen ) );
cleanup:
mpi_free( &r );
mpi_free( &s );
mbedtls_mpi_free( &r );
mbedtls_mpi_free( &s );
return( ret );
}
#if ! defined(POLARSSL_DEPRECATED_REMOVED) && \
defined(POLARSSL_ECDSA_DETERMINISTIC)
int ecdsa_write_signature_det( ecdsa_context *ctx,
#if ! defined(MBEDTLS_DEPRECATED_REMOVED) && \
defined(MBEDTLS_ECDSA_DETERMINISTIC)
int mbedtls_ecdsa_write_signature_det( mbedtls_ecdsa_context *ctx,
const unsigned char *hash, size_t hlen,
unsigned char *sig, size_t *slen,
md_type_t md_alg )
mbedtls_md_type_t md_alg )
{
return( ecdsa_write_signature( ctx, md_alg, hash, hlen, sig, slen,
return( mbedtls_ecdsa_write_signature( ctx, md_alg, hash, hlen, sig, slen,
NULL, NULL ) );
}
#endif
@ -357,7 +357,7 @@ int ecdsa_write_signature_det( ecdsa_context *ctx,
/*
* Read and check signature
*/
int ecdsa_read_signature( ecdsa_context *ctx,
int mbedtls_ecdsa_read_signature( mbedtls_ecdsa_context *ctx,
const unsigned char *hash, size_t hlen,
const unsigned char *sig, size_t slen )
{
@ -365,42 +365,42 @@ int ecdsa_read_signature( ecdsa_context *ctx,
unsigned char *p = (unsigned char *) sig;
const unsigned char *end = sig + slen;
size_t len;
mpi r, s;
mbedtls_mpi r, s;
mpi_init( &r );
mpi_init( &s );
mbedtls_mpi_init( &r );
mbedtls_mpi_init( &s );
if( ( ret = asn1_get_tag( &p, end, &len,
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
{
ret += POLARSSL_ERR_ECP_BAD_INPUT_DATA;
ret += MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
goto cleanup;
}
if( p + len != end )
{
ret = POLARSSL_ERR_ECP_BAD_INPUT_DATA +
POLARSSL_ERR_ASN1_LENGTH_MISMATCH;
ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA +
MBEDTLS_ERR_ASN1_LENGTH_MISMATCH;
goto cleanup;
}
if( ( ret = asn1_get_mpi( &p, end, &r ) ) != 0 ||
( ret = asn1_get_mpi( &p, end, &s ) ) != 0 )
if( ( ret = mbedtls_asn1_get_mpi( &p, end, &r ) ) != 0 ||
( ret = mbedtls_asn1_get_mpi( &p, end, &s ) ) != 0 )
{
ret += POLARSSL_ERR_ECP_BAD_INPUT_DATA;
ret += MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
goto cleanup;
}
if( ( ret = ecdsa_verify( &ctx->grp, hash, hlen,
if( ( ret = mbedtls_ecdsa_verify( &ctx->grp, hash, hlen,
&ctx->Q, &r, &s ) ) != 0 )
goto cleanup;
if( p != end )
ret = POLARSSL_ERR_ECP_SIG_LEN_MISMATCH;
ret = MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH;
cleanup:
mpi_free( &r );
mpi_free( &s );
mbedtls_mpi_free( &r );
mbedtls_mpi_free( &s );
return( ret );
}
@ -408,25 +408,25 @@ cleanup:
/*
* Generate key pair
*/
int ecdsa_genkey( ecdsa_context *ctx, ecp_group_id gid,
int mbedtls_ecdsa_genkey( mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
{
return( ecp_use_known_dp( &ctx->grp, gid ) ||
ecp_gen_keypair( &ctx->grp, &ctx->d, &ctx->Q, f_rng, p_rng ) );
return( mbedtls_ecp_use_known_dp( &ctx->grp, gid ) ||
mbedtls_ecp_gen_keypair( &ctx->grp, &ctx->d, &ctx->Q, f_rng, p_rng ) );
}
/*
* Set context from an ecp_keypair
* Set context from an mbedtls_ecp_keypair
*/
int ecdsa_from_keypair( ecdsa_context *ctx, const ecp_keypair *key )
int mbedtls_ecdsa_from_keypair( mbedtls_ecdsa_context *ctx, const mbedtls_ecp_keypair *key )
{
int ret;
if( ( ret = ecp_group_copy( &ctx->grp, &key->grp ) ) != 0 ||
( ret = mpi_copy( &ctx->d, &key->d ) ) != 0 ||
( ret = ecp_copy( &ctx->Q, &key->Q ) ) != 0 )
if( ( ret = mbedtls_ecp_group_copy( &ctx->grp, &key->grp ) ) != 0 ||
( ret = mbedtls_mpi_copy( &ctx->d, &key->d ) ) != 0 ||
( ret = mbedtls_ecp_copy( &ctx->Q, &key->Q ) ) != 0 )
{
ecdsa_free( ctx );
mbedtls_ecdsa_free( ctx );
}
return( ret );
@ -435,17 +435,17 @@ int ecdsa_from_keypair( ecdsa_context *ctx, const ecp_keypair *key )
/*
* Initialize context
*/
void ecdsa_init( ecdsa_context *ctx )
void mbedtls_ecdsa_init( mbedtls_ecdsa_context *ctx )
{
ecp_keypair_init( ctx );
mbedtls_ecp_keypair_init( ctx );
}
/*
* Free context
*/
void ecdsa_free( ecdsa_context *ctx )
void mbedtls_ecdsa_free( mbedtls_ecdsa_context *ctx )
{
ecp_keypair_free( ctx );
mbedtls_ecp_keypair_free( ctx );
}
#endif /* POLARSSL_ECDSA_C */
#endif /* MBEDTLS_ECDSA_C */

1230
library/ecp.c
View File

File diff suppressed because it is too large Load Diff

614
library/ecp_curves.c
View File

File diff suppressed because it is too large Load Diff

268
library/entropy.c
View File

@ -20,101 +20,101 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_ENTROPY_C)
#if defined(MBEDTLS_ENTROPY_C)
#include "mbedtls/entropy.h"
#include "mbedtls/entropy_poll.h"
#include <string.h>
#if defined(POLARSSL_FS_IO)
#if defined(MBEDTLS_FS_IO)
#include <stdio.h>
#endif
#if defined(POLARSSL_SELF_TEST)
#if defined(POLARSSL_PLATFORM_C)
#if defined(MBEDTLS_SELF_TEST)
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#include <stdio.h>
#define polarssl_printf printf
#endif /* POLARSSL_PLATFORM_C */
#endif /* POLARSSL_SELF_TEST */
#define mbedtls_printf printf
#endif /* MBEDTLS_PLATFORM_C */
#endif /* MBEDTLS_SELF_TEST */
#if defined(POLARSSL_HAVEGE_C)
#if defined(MBEDTLS_HAVEGE_C)
#include "mbedtls/havege.h"
#endif
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
#define ENTROPY_MAX_LOOP 256 /**< Maximum amount to loop before error */
void entropy_init( entropy_context *ctx )
void mbedtls_entropy_init( mbedtls_entropy_context *ctx )
{
memset( ctx, 0, sizeof(entropy_context) );
memset( ctx, 0, sizeof(mbedtls_entropy_context) );
#if defined(POLARSSL_THREADING_C)
polarssl_mutex_init( &ctx->mutex );
#if defined(MBEDTLS_THREADING_C)
mbedtls_mutex_init( &ctx->mutex );
#endif
#if defined(POLARSSL_ENTROPY_SHA512_ACCUMULATOR)
sha512_starts( &ctx->accumulator, 0 );
#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
mbedtls_sha512_starts( &ctx->accumulator, 0 );
#else
sha256_starts( &ctx->accumulator, 0 );
mbedtls_sha256_starts( &ctx->accumulator, 0 );
#endif
#if defined(POLARSSL_HAVEGE_C)
havege_init( &ctx->havege_data );
#if defined(MBEDTLS_HAVEGE_C)
mbedtls_havege_init( &ctx->havege_data );
#endif
#if !defined(POLARSSL_NO_DEFAULT_ENTROPY_SOURCES)
#if !defined(POLARSSL_NO_PLATFORM_ENTROPY)
entropy_add_source( ctx, platform_entropy_poll, NULL,
ENTROPY_MIN_PLATFORM );
#if !defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES)
#if !defined(MBEDTLS_NO_PLATFORM_ENTROPY)
mbedtls_entropy_add_source( ctx, mbedtls_platform_entropy_poll, NULL,
MBEDTLS_ENTROPY_MIN_PLATFORM );
#endif
#if defined(POLARSSL_TIMING_C)
entropy_add_source( ctx, hardclock_poll, NULL, ENTROPY_MIN_HARDCLOCK );
#if defined(MBEDTLS_TIMING_C)
mbedtls_entropy_add_source( ctx, mbedtls_hardclock_poll, NULL, MBEDTLS_ENTROPY_MIN_HARDCLOCK );
#endif
#if defined(POLARSSL_HAVEGE_C)
entropy_add_source( ctx, havege_poll, &ctx->havege_data,
ENTROPY_MIN_HAVEGE );
#if defined(MBEDTLS_HAVEGE_C)
mbedtls_entropy_add_source( ctx, mbedtls_havege_poll, &ctx->havege_data,
MBEDTLS_ENTROPY_MIN_HAVEGE );
#endif
#endif /* POLARSSL_NO_DEFAULT_ENTROPY_SOURCES */
#endif /* MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES */
}
void entropy_free( entropy_context *ctx )
void mbedtls_entropy_free( mbedtls_entropy_context *ctx )
{
#if defined(POLARSSL_HAVEGE_C)
havege_free( &ctx->havege_data );
#if defined(MBEDTLS_HAVEGE_C)
mbedtls_havege_free( &ctx->havege_data );
#endif
polarssl_zeroize( ctx, sizeof( entropy_context ) );
#if defined(POLARSSL_THREADING_C)
polarssl_mutex_free( &ctx->mutex );
mbedtls_zeroize( ctx, sizeof( mbedtls_entropy_context ) );
#if defined(MBEDTLS_THREADING_C)
mbedtls_mutex_free( &ctx->mutex );
#endif
}
int entropy_add_source( entropy_context *ctx,
f_source_ptr f_source, void *p_source,
int mbedtls_entropy_add_source( mbedtls_entropy_context *ctx,
mbedtls_entropy_f_source_ptr f_source, void *p_source,
size_t threshold )
{
int index, ret = 0;
#if defined(POLARSSL_THREADING_C)
if( ( ret = polarssl_mutex_lock( &ctx->mutex ) ) != 0 )
#if defined(MBEDTLS_THREADING_C)
if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 )
return( ret );
#endif
index = ctx->source_count;
if( index >= ENTROPY_MAX_SOURCES )
if( index >= MBEDTLS_ENTROPY_MAX_SOURCES )
{
ret = POLARSSL_ERR_ENTROPY_MAX_SOURCES;
ret = MBEDTLS_ERR_ENTROPY_MAX_SOURCES;
goto exit;
}
@ -125,9 +125,9 @@ int entropy_add_source( entropy_context *ctx,
ctx->source_count++;
exit:
#if defined(POLARSSL_THREADING_C)
if( polarssl_mutex_unlock( &ctx->mutex ) != 0 )
return( POLARSSL_ERR_THREADING_MUTEX_ERROR );
#if defined(MBEDTLS_THREADING_C)
if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 )
return( MBEDTLS_ERR_THREADING_MUTEX_ERROR );
#endif
return( ret );
@ -136,54 +136,54 @@ exit:
/*
* Entropy accumulator update
*/
static int entropy_update( entropy_context *ctx, unsigned char source_id,
static int entropy_update( mbedtls_entropy_context *ctx, unsigned char source_id,
const unsigned char *data, size_t len )
{
unsigned char header[2];
unsigned char tmp[ENTROPY_BLOCK_SIZE];
unsigned char tmp[MBEDTLS_ENTROPY_BLOCK_SIZE];
size_t use_len = len;
const unsigned char *p = data;
if( use_len > ENTROPY_BLOCK_SIZE )
if( use_len > MBEDTLS_ENTROPY_BLOCK_SIZE )
{
#if defined(POLARSSL_ENTROPY_SHA512_ACCUMULATOR)
sha512( data, len, tmp, 0 );
#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
mbedtls_sha512( data, len, tmp, 0 );
#else
sha256( data, len, tmp, 0 );
mbedtls_sha256( data, len, tmp, 0 );
#endif
p = tmp;
use_len = ENTROPY_BLOCK_SIZE;
use_len = MBEDTLS_ENTROPY_BLOCK_SIZE;
}
header[0] = source_id;
header[1] = use_len & 0xFF;
#if defined(POLARSSL_ENTROPY_SHA512_ACCUMULATOR)
sha512_update( &ctx->accumulator, header, 2 );
sha512_update( &ctx->accumulator, p, use_len );
#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
mbedtls_sha512_update( &ctx->accumulator, header, 2 );
mbedtls_sha512_update( &ctx->accumulator, p, use_len );
#else
sha256_update( &ctx->accumulator, header, 2 );
sha256_update( &ctx->accumulator, p, use_len );
mbedtls_sha256_update( &ctx->accumulator, header, 2 );
mbedtls_sha256_update( &ctx->accumulator, p, use_len );
#endif
return( 0 );
}
int entropy_update_manual( entropy_context *ctx,
int mbedtls_entropy_update_manual( mbedtls_entropy_context *ctx,
const unsigned char *data, size_t len )
{
int ret;
#if defined(POLARSSL_THREADING_C)
if( ( ret = polarssl_mutex_lock( &ctx->mutex ) ) != 0 )
#if defined(MBEDTLS_THREADING_C)
if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 )
return( ret );
#endif
ret = entropy_update( ctx, ENTROPY_SOURCE_MANUAL, data, len );
ret = entropy_update( ctx, MBEDTLS_ENTROPY_SOURCE_MANUAL, data, len );
#if defined(POLARSSL_THREADING_C)
if( polarssl_mutex_unlock( &ctx->mutex ) != 0 )
return( POLARSSL_ERR_THREADING_MUTEX_ERROR );
#if defined(MBEDTLS_THREADING_C)
if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 )
return( MBEDTLS_ERR_THREADING_MUTEX_ERROR );
#endif
return( ret );
@ -192,14 +192,14 @@ int entropy_update_manual( entropy_context *ctx,
/*
* Run through the different sources to add entropy to our accumulator
*/
static int entropy_gather_internal( entropy_context *ctx )
static int entropy_gather_internal( mbedtls_entropy_context *ctx )
{
int ret, i;
unsigned char buf[ENTROPY_MAX_GATHER];
unsigned char buf[MBEDTLS_ENTROPY_MAX_GATHER];
size_t olen;
if( ctx->source_count == 0 )
return( POLARSSL_ERR_ENTROPY_NO_SOURCES_DEFINED );
return( MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED );
/*
* Run through our entropy sources
@ -208,7 +208,7 @@ static int entropy_gather_internal( entropy_context *ctx )
{
olen = 0;
if( ( ret = ctx->source[i].f_source( ctx->source[i].p_source,
buf, ENTROPY_MAX_GATHER, &olen ) ) != 0 )
buf, MBEDTLS_ENTROPY_MAX_GATHER, &olen ) ) != 0 )
{
return( ret );
}
@ -229,36 +229,36 @@ static int entropy_gather_internal( entropy_context *ctx )
/*
* Thread-safe wrapper for entropy_gather_internal()
*/
int entropy_gather( entropy_context *ctx )
int mbedtls_entropy_gather( mbedtls_entropy_context *ctx )
{
int ret;
#if defined(POLARSSL_THREADING_C)
if( ( ret = polarssl_mutex_lock( &ctx->mutex ) ) != 0 )
#if defined(MBEDTLS_THREADING_C)
if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 )
return( ret );
#endif
ret = entropy_gather_internal( ctx );
#if defined(POLARSSL_THREADING_C)
if( polarssl_mutex_unlock( &ctx->mutex ) != 0 )
return( POLARSSL_ERR_THREADING_MUTEX_ERROR );
#if defined(MBEDTLS_THREADING_C)
if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 )
return( MBEDTLS_ERR_THREADING_MUTEX_ERROR );
#endif
return( ret );
}
int entropy_func( void *data, unsigned char *output, size_t len )
int mbedtls_entropy_func( void *data, unsigned char *output, size_t len )
{
int ret, count = 0, i, reached;
entropy_context *ctx = (entropy_context *) data;
unsigned char buf[ENTROPY_BLOCK_SIZE];
mbedtls_entropy_context *ctx = (mbedtls_entropy_context *) data;
unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE];
if( len > ENTROPY_BLOCK_SIZE )
return( POLARSSL_ERR_ENTROPY_SOURCE_FAILED );
if( len > MBEDTLS_ENTROPY_BLOCK_SIZE )
return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
#if defined(POLARSSL_THREADING_C)
if( ( ret = polarssl_mutex_lock( &ctx->mutex ) ) != 0 )
#if defined(MBEDTLS_THREADING_C)
if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 )
return( ret );
#endif
@ -269,7 +269,7 @@ int entropy_func( void *data, unsigned char *output, size_t len )
{
if( count++ > ENTROPY_MAX_LOOP )
{
ret = POLARSSL_ERR_ENTROPY_SOURCE_FAILED;
ret = MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
goto exit;
}
@ -284,37 +284,37 @@ int entropy_func( void *data, unsigned char *output, size_t len )
}
while( reached != ctx->source_count );
memset( buf, 0, ENTROPY_BLOCK_SIZE );
memset( buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE );
#if defined(POLARSSL_ENTROPY_SHA512_ACCUMULATOR)
sha512_finish( &ctx->accumulator, buf );
#if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
mbedtls_sha512_finish( &ctx->accumulator, buf );
/*
* Reset accumulator and counters and recycle existing entropy
*/
memset( &ctx->accumulator, 0, sizeof( sha512_context ) );
sha512_starts( &ctx->accumulator, 0 );
sha512_update( &ctx->accumulator, buf, ENTROPY_BLOCK_SIZE );
memset( &ctx->accumulator, 0, sizeof( mbedtls_sha512_context ) );
mbedtls_sha512_starts( &ctx->accumulator, 0 );
mbedtls_sha512_update( &ctx->accumulator, buf, MBEDTLS_ENTROPY_BLOCK_SIZE );
/*
* Perform second SHA-512 on entropy
*/
sha512( buf, ENTROPY_BLOCK_SIZE, buf, 0 );
#else /* POLARSSL_ENTROPY_SHA512_ACCUMULATOR */
sha256_finish( &ctx->accumulator, buf );
mbedtls_sha512( buf, MBEDTLS_ENTROPY_BLOCK_SIZE, buf, 0 );
#else /* MBEDTLS_ENTROPY_SHA512_ACCUMULATOR */
mbedtls_sha256_finish( &ctx->accumulator, buf );
/*
* Reset accumulator and counters and recycle existing entropy
*/
memset( &ctx->accumulator, 0, sizeof( sha256_context ) );
sha256_starts( &ctx->accumulator, 0 );
sha256_update( &ctx->accumulator, buf, ENTROPY_BLOCK_SIZE );
memset( &ctx->accumulator, 0, sizeof( mbedtls_sha256_context ) );
mbedtls_sha256_starts( &ctx->accumulator, 0 );
mbedtls_sha256_update( &ctx->accumulator, buf, MBEDTLS_ENTROPY_BLOCK_SIZE );
/*
* Perform second SHA-256 on entropy
*/
sha256( buf, ENTROPY_BLOCK_SIZE, buf, 0 );
#endif /* POLARSSL_ENTROPY_SHA512_ACCUMULATOR */
mbedtls_sha256( buf, MBEDTLS_ENTROPY_BLOCK_SIZE, buf, 0 );
#endif /* MBEDTLS_ENTROPY_SHA512_ACCUMULATOR */
for( i = 0; i < ctx->source_count; i++ )
ctx->source[i].size = 0;
@ -324,30 +324,30 @@ int entropy_func( void *data, unsigned char *output, size_t len )
ret = 0;
exit:
#if defined(POLARSSL_THREADING_C)
if( polarssl_mutex_unlock( &ctx->mutex ) != 0 )
return( POLARSSL_ERR_THREADING_MUTEX_ERROR );
#if defined(MBEDTLS_THREADING_C)
if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 )
return( MBEDTLS_ERR_THREADING_MUTEX_ERROR );
#endif
return( ret );
}
#if defined(POLARSSL_FS_IO)
int entropy_write_seed_file( entropy_context *ctx, const char *path )
#if defined(MBEDTLS_FS_IO)
int mbedtls_entropy_write_seed_file( mbedtls_entropy_context *ctx, const char *path )
{
int ret = POLARSSL_ERR_ENTROPY_FILE_IO_ERROR;
int ret = MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR;
FILE *f;
unsigned char buf[ENTROPY_BLOCK_SIZE];
unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE];
if( ( f = fopen( path, "wb" ) ) == NULL )
return( POLARSSL_ERR_ENTROPY_FILE_IO_ERROR );
return( MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR );
if( ( ret = entropy_func( ctx, buf, ENTROPY_BLOCK_SIZE ) ) != 0 )
if( ( ret = mbedtls_entropy_func( ctx, buf, MBEDTLS_ENTROPY_BLOCK_SIZE ) ) != 0 )
goto exit;
if( fwrite( buf, 1, ENTROPY_BLOCK_SIZE, f ) != ENTROPY_BLOCK_SIZE )
if( fwrite( buf, 1, MBEDTLS_ENTROPY_BLOCK_SIZE, f ) != MBEDTLS_ENTROPY_BLOCK_SIZE )
{
ret = POLARSSL_ERR_ENTROPY_FILE_IO_ERROR;
ret = MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR;
goto exit;
}
@ -358,37 +358,37 @@ exit:
return( ret );
}
int entropy_update_seed_file( entropy_context *ctx, const char *path )
int mbedtls_entropy_update_seed_file( mbedtls_entropy_context *ctx, const char *path )
{
FILE *f;
size_t n;
unsigned char buf[ ENTROPY_MAX_SEED_SIZE ];
unsigned char buf[ MBEDTLS_ENTROPY_MAX_SEED_SIZE ];
if( ( f = fopen( path, "rb" ) ) == NULL )
return( POLARSSL_ERR_ENTROPY_FILE_IO_ERROR );
return( MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR );
fseek( f, 0, SEEK_END );
n = (size_t) ftell( f );
fseek( f, 0, SEEK_SET );
if( n > ENTROPY_MAX_SEED_SIZE )
n = ENTROPY_MAX_SEED_SIZE;
if( n > MBEDTLS_ENTROPY_MAX_SEED_SIZE )
n = MBEDTLS_ENTROPY_MAX_SEED_SIZE;
if( fread( buf, 1, n, f ) != n )
{
fclose( f );
return( POLARSSL_ERR_ENTROPY_FILE_IO_ERROR );
return( MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR );
}
fclose( f );
entropy_update_manual( ctx, buf, n );
mbedtls_entropy_update_manual( ctx, buf, n );
return( entropy_write_seed_file( ctx, path ) );
return( mbedtls_entropy_write_seed_file( ctx, path ) );
}
#endif /* POLARSSL_FS_IO */
#endif /* MBEDTLS_FS_IO */
#if defined(POLARSSL_SELF_TEST)
#if defined(MBEDTLS_SELF_TEST)
/*
* Dummy source function
*/
@ -408,31 +408,31 @@ static int entropy_dummy_source( void *data, unsigned char *output,
* test that the functions don't cause errors and write the correct
* amount of data to buffers.
*/
int entropy_self_test( int verbose )
int mbedtls_entropy_self_test( int verbose )
{
int ret = 0;
entropy_context ctx;
unsigned char buf[ENTROPY_BLOCK_SIZE] = { 0 };
unsigned char acc[ENTROPY_BLOCK_SIZE] = { 0 };
mbedtls_entropy_context ctx;
unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE] = { 0 };
unsigned char acc[MBEDTLS_ENTROPY_BLOCK_SIZE] = { 0 };
size_t i, j;
if( verbose != 0 )
polarssl_printf( " ENTROPY test: " );
mbedtls_printf( " ENTROPY test: " );
entropy_init( &ctx );
mbedtls_entropy_init( &ctx );
ret = entropy_add_source( &ctx, entropy_dummy_source, NULL, 16 );
ret = mbedtls_entropy_add_source( &ctx, entropy_dummy_source, NULL, 16 );
if( ret != 0 )
goto cleanup;
if( ( ret = entropy_gather( &ctx ) ) != 0 )
if( ( ret = mbedtls_entropy_gather( &ctx ) ) != 0 )
goto cleanup;
if( ( ret = entropy_update_manual( &ctx, buf, sizeof buf ) ) != 0 )
if( ( ret = mbedtls_entropy_update_manual( &ctx, buf, sizeof buf ) ) != 0 )
goto cleanup;
/*
* To test that entropy_func writes correct number of bytes:
* To test that mbedtls_entropy_func writes correct number of bytes:
* - use the whole buffer and rely on ASan to detect overruns
* - collect entropy 8 times and OR the result in an accumulator:
* any byte should then be 0 with probably 2^(-64), so requiring
@ -441,7 +441,7 @@ int entropy_self_test( int verbose )
*/
for( i = 0; i < 8; i++ )
{
if( ( ret = entropy_func( &ctx, buf, sizeof( buf ) ) ) != 0 )
if( ( ret = mbedtls_entropy_func( &ctx, buf, sizeof( buf ) ) ) != 0 )
goto cleanup;
for( j = 0; j < sizeof( buf ); j++ )
@ -458,20 +458,20 @@ int entropy_self_test( int verbose )
}
cleanup:
entropy_free( &ctx );
mbedtls_entropy_free( &ctx );
if( verbose != 0 )
{
if( ret != 0 )
polarssl_printf( "failed\n" );
mbedtls_printf( "failed\n" );
else
polarssl_printf( "passed\n" );
mbedtls_printf( "passed\n" );
polarssl_printf( "\n" );
mbedtls_printf( "\n" );
}
return( ret != 0 );
}
#endif /* POLARSSL_SELF_TEST */
#endif /* MBEDTLS_SELF_TEST */
#endif /* POLARSSL_ENTROPY_C */
#endif /* MBEDTLS_ENTROPY_C */

52
library/entropy_poll.c
View File

@ -20,26 +20,26 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_ENTROPY_C)
#if defined(MBEDTLS_ENTROPY_C)
#include "mbedtls/entropy.h"
#include "mbedtls/entropy_poll.h"
#if defined(POLARSSL_TIMING_C)
#if defined(MBEDTLS_TIMING_C)
#include <string.h>
#include "mbedtls/timing.h"
#endif
#if defined(POLARSSL_HAVEGE_C)
#if defined(MBEDTLS_HAVEGE_C)
#include "mbedtls/havege.h"
#endif
#if !defined(POLARSSL_NO_PLATFORM_ENTROPY)
#if !defined(MBEDTLS_NO_PLATFORM_ENTROPY)
#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
#if !defined(_WIN32_WINNT)
@ -48,7 +48,7 @@
#include <windows.h>
#include <wincrypt.h>
int platform_entropy_poll( void *data, unsigned char *output, size_t len,
int mbedtls_platform_entropy_poll( void *data, unsigned char *output, size_t len,
size_t *olen )
{
HCRYPTPROV provider;
@ -58,11 +58,11 @@ int platform_entropy_poll( void *data, unsigned char *output, size_t len,
if( CryptAcquireContext( &provider, NULL, NULL,
PROV_RSA_FULL, CRYPT_VERIFYCONTEXT ) == FALSE )
{
return( POLARSSL_ERR_ENTROPY_SOURCE_FAILED );
return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
}
if( CryptGenRandom( provider, (DWORD) len, output ) == FALSE )
return( POLARSSL_ERR_ENTROPY_SOURCE_FAILED );
return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
CryptReleaseContext( provider, 0 );
*olen = len;
@ -93,14 +93,14 @@ static int getrandom_wrapper( void *buf, size_t buflen, unsigned int flags )
#include <errno.h>
int platform_entropy_poll( void *data,
int mbedtls_platform_entropy_poll( void *data,
unsigned char *output, size_t len, size_t *olen )
{
int ret;
((void) data);
if( ( ret = getrandom_wrapper( output, len, 0 ) ) < 0 )
return( POLARSSL_ERR_ENTROPY_SOURCE_FAILED );
return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
*olen = ret;
return( 0 );
@ -110,7 +110,7 @@ int platform_entropy_poll( void *data,
#include <stdio.h>
int platform_entropy_poll( void *data,
int mbedtls_platform_entropy_poll( void *data,
unsigned char *output, size_t len, size_t *olen )
{
FILE *file;
@ -121,13 +121,13 @@ int platform_entropy_poll( void *data,
file = fopen( "/dev/urandom", "rb" );
if( file == NULL )
return( POLARSSL_ERR_ENTROPY_SOURCE_FAILED );
return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
ret = fread( output, 1, len, file );
if( ret != len )
{
fclose( file );
return( POLARSSL_ERR_ENTROPY_SOURCE_FAILED );
return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
}
fclose( file );
@ -137,13 +137,13 @@ int platform_entropy_poll( void *data,
}
#endif /* HAVE_GETRANDOM */
#endif /* _WIN32 && !EFIX64 && !EFI32 */
#endif /* !POLARSSL_NO_PLATFORM_ENTROPY */
#endif /* !MBEDTLS_NO_PLATFORM_ENTROPY */
#if defined(POLARSSL_TIMING_C)
int hardclock_poll( void *data,
#if defined(MBEDTLS_TIMING_C)
int mbedtls_hardclock_poll( void *data,
unsigned char *output, size_t len, size_t *olen )
{
unsigned long timer = hardclock();
unsigned long timer = mbedtls_timing_hardclock();
((void) data);
*olen = 0;
@ -155,22 +155,22 @@ int hardclock_poll( void *data,
return( 0 );
}
#endif /* POLARSSL_TIMING_C */
#endif /* MBEDTLS_TIMING_C */
#if defined(POLARSSL_HAVEGE_C)
int havege_poll( void *data,
#if defined(MBEDTLS_HAVEGE_C)
int mbedtls_havege_poll( void *data,
unsigned char *output, size_t len, size_t *olen )
{
havege_state *hs = (havege_state *) data;
mbedtls_havege_state *hs = (mbedtls_havege_state *) data;
*olen = 0;
if( havege_random( hs, output, len ) != 0 )
return( POLARSSL_ERR_ENTROPY_SOURCE_FAILED );
if( mbedtls_havege_random( hs, output, len ) != 0 )
return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
*olen = len;
return( 0 );
}
#endif /* POLARSSL_HAVEGE_C */
#endif /* MBEDTLS_HAVEGE_C */
#endif /* POLARSSL_ENTROPY_C */
#endif /* MBEDTLS_ENTROPY_C */

1020
library/error.c
View File

File diff suppressed because it is too large Load Diff

196
library/gcm.c
View File

@ -30,30 +30,30 @@
* [MGV] 4.1, pp. 12-13, to enhance speed without using too much memory.
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_GCM_C)
#if defined(MBEDTLS_GCM_C)
#include "mbedtls/gcm.h"
#include <string.h>
#if defined(POLARSSL_AESNI_C)
#if defined(MBEDTLS_AESNI_C)
#include "mbedtls/aesni.h"
#endif
#if defined(POLARSSL_SELF_TEST) && defined(POLARSSL_AES_C)
#if defined(POLARSSL_PLATFORM_C)
#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#include <stdio.h>
#define polarssl_printf printf
#endif /* POLARSSL_PLATFORM_C */
#endif /* POLARSSL_SELF_TEST && POLARSSL_AES_C */
#define mbedtls_printf printf
#endif /* MBEDTLS_PLATFORM_C */
#endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */
/*
* 32-bit integer manipulation macros (big endian)
@ -79,7 +79,7 @@
#endif
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
@ -91,7 +91,7 @@ static void polarssl_zeroize( void *v, size_t n ) {
* is the high-order bit of HH corresponds to P^0 and the low-order bit of HL
* corresponds to P^127.
*/
static int gcm_gen_table( gcm_context *ctx )
static int gcm_gen_table( mbedtls_gcm_context *ctx )
{
int ret, i, j;
uint64_t hi, lo;
@ -100,7 +100,7 @@ static int gcm_gen_table( gcm_context *ctx )
size_t olen = 0;
memset( h, 0, 16 );
if( ( ret = cipher_update( &ctx->cipher_ctx, h, 16, h, &olen ) ) != 0 )
if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, h, 16, h, &olen ) ) != 0 )
return( ret );
/* pack h as two 64-bits ints, big-endian */
@ -116,9 +116,9 @@ static int gcm_gen_table( gcm_context *ctx )
ctx->HL[8] = vl;
ctx->HH[8] = vh;
#if defined(POLARSSL_AESNI_C) && defined(POLARSSL_HAVE_X86_64)
#if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64)
/* With CLMUL support, we need only h, not the rest of the table */
if( aesni_supports( POLARSSL_AESNI_CLMUL ) )
if( mbedtls_aesni_supports( MBEDTLS_AESNI_CLMUL ) )
return( 0 );
#endif
@ -151,28 +151,28 @@ static int gcm_gen_table( gcm_context *ctx )
return( 0 );
}
int gcm_init( gcm_context *ctx, cipher_id_t cipher, const unsigned char *key,
int mbedtls_gcm_init( mbedtls_gcm_context *ctx, mbedtls_cipher_id_t cipher, const unsigned char *key,
unsigned int keysize )
{
int ret;
const cipher_info_t *cipher_info;
const mbedtls_cipher_info_t *cipher_info;
memset( ctx, 0, sizeof(gcm_context) );
memset( ctx, 0, sizeof(mbedtls_gcm_context) );
cipher_init( &ctx->cipher_ctx );
mbedtls_cipher_init( &ctx->cipher_ctx );
cipher_info = cipher_info_from_values( cipher, keysize, POLARSSL_MODE_ECB );
cipher_info = mbedtls_cipher_info_from_values( cipher, keysize, MBEDTLS_MODE_ECB );
if( cipher_info == NULL )
return( POLARSSL_ERR_GCM_BAD_INPUT );
return( MBEDTLS_ERR_GCM_BAD_INPUT );
if( cipher_info->block_size != 16 )
return( POLARSSL_ERR_GCM_BAD_INPUT );
return( MBEDTLS_ERR_GCM_BAD_INPUT );
if( ( ret = cipher_init_ctx( &ctx->cipher_ctx, cipher_info ) ) != 0 )
if( ( ret = mbedtls_cipher_init_ctx( &ctx->cipher_ctx, cipher_info ) ) != 0 )
return( ret );
if( ( ret = cipher_setkey( &ctx->cipher_ctx, key, keysize,
POLARSSL_ENCRYPT ) ) != 0 )
if( ( ret = mbedtls_cipher_setkey( &ctx->cipher_ctx, key, keysize,
MBEDTLS_ENCRYPT ) ) != 0 )
{
return( ret );
}
@ -200,15 +200,15 @@ static const uint64_t last4[16] =
* Sets output to x times H using the precomputed tables.
* x and output are seen as elements of GF(2^128) as in [MGV].
*/
static void gcm_mult( gcm_context *ctx, const unsigned char x[16],
static void gcm_mult( mbedtls_gcm_context *ctx, const unsigned char x[16],
unsigned char output[16] )
{
int i = 0;
unsigned char lo, hi, rem;
uint64_t zh, zl;
#if defined(POLARSSL_AESNI_C) && defined(POLARSSL_HAVE_X86_64)
if( aesni_supports( POLARSSL_AESNI_CLMUL ) ) {
#if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64)
if( mbedtls_aesni_supports( MBEDTLS_AESNI_CLMUL ) ) {
unsigned char h[16];
PUT_UINT32_BE( ctx->HH[8] >> 32, h, 0 );
@ -216,10 +216,10 @@ static void gcm_mult( gcm_context *ctx, const unsigned char x[16],
PUT_UINT32_BE( ctx->HL[8] >> 32, h, 8 );
PUT_UINT32_BE( ctx->HL[8], h, 12 );
aesni_gcm_mult( output, x, h );
mbedtls_aesni_gcm_mult( output, x, h );
return;
}
#endif /* POLARSSL_AESNI_C && POLARSSL_HAVE_X86_64 */
#endif /* MBEDTLS_AESNI_C && MBEDTLS_HAVE_X86_64 */
lo = x[15] & 0xf;
@ -256,7 +256,7 @@ static void gcm_mult( gcm_context *ctx, const unsigned char x[16],
PUT_UINT32_BE( zl, output, 12 );
}
int gcm_starts( gcm_context *ctx,
int mbedtls_gcm_starts( mbedtls_gcm_context *ctx,
int mode,
const unsigned char *iv,
size_t iv_len,
@ -273,7 +273,7 @@ int gcm_starts( gcm_context *ctx,
if( ( (uint64_t) iv_len ) >> 61 != 0 ||
( (uint64_t) add_len ) >> 61 != 0 )
{
return( POLARSSL_ERR_GCM_BAD_INPUT );
return( MBEDTLS_ERR_GCM_BAD_INPUT );
}
memset( ctx->y, 0x00, sizeof(ctx->y) );
@ -313,7 +313,7 @@ int gcm_starts( gcm_context *ctx,
gcm_mult( ctx, ctx->y, ctx->y );
}
if( ( ret = cipher_update( &ctx->cipher_ctx, ctx->y, 16, ctx->base_ectr,
if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctx->y, 16, ctx->base_ectr,
&olen ) ) != 0 )
{
return( ret );
@ -337,7 +337,7 @@ int gcm_starts( gcm_context *ctx,
return( 0 );
}
int gcm_update( gcm_context *ctx,
int mbedtls_gcm_update( mbedtls_gcm_context *ctx,
size_t length,
const unsigned char *input,
unsigned char *output )
@ -350,14 +350,14 @@ int gcm_update( gcm_context *ctx,
size_t use_len, olen = 0;
if( output > input && (size_t) ( output - input ) < length )
return( POLARSSL_ERR_GCM_BAD_INPUT );
return( MBEDTLS_ERR_GCM_BAD_INPUT );
/* Total length is restricted to 2^39 - 256 bits, ie 2^36 - 2^5 bytes
* Also check for possible overflow */
if( ctx->len + length < ctx->len ||
(uint64_t) ctx->len + length > 0x03FFFFE0ull )
{
return( POLARSSL_ERR_GCM_BAD_INPUT );
return( MBEDTLS_ERR_GCM_BAD_INPUT );
}
ctx->len += length;
@ -371,7 +371,7 @@ int gcm_update( gcm_context *ctx,
if( ++ctx->y[i - 1] != 0 )
break;
if( ( ret = cipher_update( &ctx->cipher_ctx, ctx->y, 16, ectr,
if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctx->y, 16, ectr,
&olen ) ) != 0 )
{
return( ret );
@ -379,10 +379,10 @@ int gcm_update( gcm_context *ctx,
for( i = 0; i < use_len; i++ )
{
if( ctx->mode == GCM_DECRYPT )
if( ctx->mode == MBEDTLS_GCM_DECRYPT )
ctx->buf[i] ^= p[i];
out_p[i] = ectr[i] ^ p[i];
if( ctx->mode == GCM_ENCRYPT )
if( ctx->mode == MBEDTLS_GCM_ENCRYPT )
ctx->buf[i] ^= out_p[i];
}
@ -396,7 +396,7 @@ int gcm_update( gcm_context *ctx,
return( 0 );
}
int gcm_finish( gcm_context *ctx,
int mbedtls_gcm_finish( mbedtls_gcm_context *ctx,
unsigned char *tag,
size_t tag_len )
{
@ -406,7 +406,7 @@ int gcm_finish( gcm_context *ctx,
uint64_t orig_add_len = ctx->add_len * 8;
if( tag_len > 16 || tag_len < 4 )
return( POLARSSL_ERR_GCM_BAD_INPUT );
return( MBEDTLS_ERR_GCM_BAD_INPUT );
if( tag_len != 0 )
memcpy( tag, ctx->base_ectr, tag_len );
@ -432,7 +432,7 @@ int gcm_finish( gcm_context *ctx,
return( 0 );
}
int gcm_crypt_and_tag( gcm_context *ctx,
int mbedtls_gcm_crypt_and_tag( mbedtls_gcm_context *ctx,
int mode,
size_t length,
const unsigned char *iv,
@ -446,19 +446,19 @@ int gcm_crypt_and_tag( gcm_context *ctx,
{
int ret;
if( ( ret = gcm_starts( ctx, mode, iv, iv_len, add, add_len ) ) != 0 )
if( ( ret = mbedtls_gcm_starts( ctx, mode, iv, iv_len, add, add_len ) ) != 0 )
return( ret );
if( ( ret = gcm_update( ctx, length, input, output ) ) != 0 )
if( ( ret = mbedtls_gcm_update( ctx, length, input, output ) ) != 0 )
return( ret );
if( ( ret = gcm_finish( ctx, tag, tag_len ) ) != 0 )
if( ( ret = mbedtls_gcm_finish( ctx, tag, tag_len ) ) != 0 )
return( ret );
return( 0 );
}
int gcm_auth_decrypt( gcm_context *ctx,
int mbedtls_gcm_auth_decrypt( mbedtls_gcm_context *ctx,
size_t length,
const unsigned char *iv,
size_t iv_len,
@ -474,7 +474,7 @@ int gcm_auth_decrypt( gcm_context *ctx,
size_t i;
int diff;
if( ( ret = gcm_crypt_and_tag( ctx, GCM_DECRYPT, length,
if( ( ret = mbedtls_gcm_crypt_and_tag( ctx, MBEDTLS_GCM_DECRYPT, length,
iv, iv_len, add, add_len,
input, output, tag_len, check_tag ) ) != 0 )
{
@ -487,20 +487,20 @@ int gcm_auth_decrypt( gcm_context *ctx,
if( diff != 0 )
{
polarssl_zeroize( output, length );
return( POLARSSL_ERR_GCM_AUTH_FAILED );
mbedtls_zeroize( output, length );
return( MBEDTLS_ERR_GCM_AUTH_FAILED );
}
return( 0 );
}
void gcm_free( gcm_context *ctx )
void mbedtls_gcm_free( mbedtls_gcm_context *ctx )
{
cipher_free( &ctx->cipher_ctx );
polarssl_zeroize( ctx, sizeof( gcm_context ) );
mbedtls_cipher_free( &ctx->cipher_ctx );
mbedtls_zeroize( ctx, sizeof( mbedtls_gcm_context ) );
}
#if defined(POLARSSL_SELF_TEST) && defined(POLARSSL_AES_C)
#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
/*
* AES-GCM test vectors from:
*
@ -728,13 +728,13 @@ static const unsigned char tag[MAX_TESTS * 3][16] =
0xc8, 0xb5, 0xd4, 0xcf, 0x5a, 0xe9, 0xf1, 0x9a },
};
int gcm_self_test( int verbose )
int mbedtls_gcm_self_test( int verbose )
{
gcm_context ctx;
mbedtls_gcm_context ctx;
unsigned char buf[64];
unsigned char tag_buf[16];
int i, j, ret;
cipher_id_t cipher = POLARSSL_CIPHER_ID_AES;
mbedtls_cipher_id_t cipher = MBEDTLS_CIPHER_ID_AES;
for( j = 0; j < 3; j++ )
{
@ -743,12 +743,12 @@ int gcm_self_test( int verbose )
for( i = 0; i < MAX_TESTS; i++ )
{
if( verbose != 0 )
polarssl_printf( " AES-GCM-%3d #%d (%s): ",
mbedtls_printf( " AES-GCM-%3d #%d (%s): ",
key_len, i, "enc" );
gcm_init( &ctx, cipher, key[key_index[i]], key_len );
mbedtls_gcm_init( &ctx, cipher, key[key_index[i]], key_len );
ret = gcm_crypt_and_tag( &ctx, GCM_ENCRYPT,
ret = mbedtls_gcm_crypt_and_tag( &ctx, MBEDTLS_GCM_ENCRYPT,
pt_len[i],
iv[iv_index[i]], iv_len[i],
additional[add_index[i]], add_len[i],
@ -759,23 +759,23 @@ int gcm_self_test( int verbose )
memcmp( tag_buf, tag[j * 6 + i], 16 ) != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
mbedtls_printf( "failed\n" );
return( 1 );
}
gcm_free( &ctx );
mbedtls_gcm_free( &ctx );
if( verbose != 0 )
polarssl_printf( "passed\n" );
mbedtls_printf( "passed\n" );
if( verbose != 0 )
polarssl_printf( " AES-GCM-%3d #%d (%s): ",
mbedtls_printf( " AES-GCM-%3d #%d (%s): ",
key_len, i, "dec" );
gcm_init( &ctx, cipher, key[key_index[i]], key_len );
mbedtls_gcm_init( &ctx, cipher, key[key_index[i]], key_len );
ret = gcm_crypt_and_tag( &ctx, GCM_DECRYPT,
ret = mbedtls_gcm_crypt_and_tag( &ctx, MBEDTLS_GCM_DECRYPT,
pt_len[i],
iv[iv_index[i]], iv_len[i],
additional[add_index[i]], add_len[i],
@ -786,29 +786,29 @@ int gcm_self_test( int verbose )
memcmp( tag_buf, tag[j * 6 + i], 16 ) != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
mbedtls_printf( "failed\n" );
return( 1 );
}
gcm_free( &ctx );
mbedtls_gcm_free( &ctx );
if( verbose != 0 )
polarssl_printf( "passed\n" );
mbedtls_printf( "passed\n" );
if( verbose != 0 )
polarssl_printf( " AES-GCM-%3d #%d split (%s): ",
mbedtls_printf( " AES-GCM-%3d #%d split (%s): ",
key_len, i, "enc" );
gcm_init( &ctx, cipher, key[key_index[i]], key_len );
mbedtls_gcm_init( &ctx, cipher, key[key_index[i]], key_len );
ret = gcm_starts( &ctx, GCM_ENCRYPT,
ret = mbedtls_gcm_starts( &ctx, MBEDTLS_GCM_ENCRYPT,
iv[iv_index[i]], iv_len[i],
additional[add_index[i]], add_len[i] );
if( ret != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
mbedtls_printf( "failed\n" );
return( 1 );
}
@ -816,66 +816,66 @@ int gcm_self_test( int verbose )
if( pt_len[i] > 32 )
{
size_t rest_len = pt_len[i] - 32;
ret = gcm_update( &ctx, 32, pt[pt_index[i]], buf );
ret = mbedtls_gcm_update( &ctx, 32, pt[pt_index[i]], buf );
if( ret != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
mbedtls_printf( "failed\n" );
return( 1 );
}
ret = gcm_update( &ctx, rest_len, pt[pt_index[i]] + 32,
ret = mbedtls_gcm_update( &ctx, rest_len, pt[pt_index[i]] + 32,
buf + 32 );
if( ret != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
mbedtls_printf( "failed\n" );
return( 1 );
}
}
else
{
ret = gcm_update( &ctx, pt_len[i], pt[pt_index[i]], buf );
ret = mbedtls_gcm_update( &ctx, pt_len[i], pt[pt_index[i]], buf );
if( ret != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
mbedtls_printf( "failed\n" );
return( 1 );
}
}
ret = gcm_finish( &ctx, tag_buf, 16 );
ret = mbedtls_gcm_finish( &ctx, tag_buf, 16 );
if( ret != 0 ||
memcmp( buf, ct[j * 6 + i], pt_len[i] ) != 0 ||
memcmp( tag_buf, tag[j * 6 + i], 16 ) != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
mbedtls_printf( "failed\n" );
return( 1 );
}
gcm_free( &ctx );
mbedtls_gcm_free( &ctx );
if( verbose != 0 )
polarssl_printf( "passed\n" );
mbedtls_printf( "passed\n" );
if( verbose != 0 )
polarssl_printf( " AES-GCM-%3d #%d split (%s): ",
mbedtls_printf( " AES-GCM-%3d #%d split (%s): ",
key_len, i, "dec" );
gcm_init( &ctx, cipher, key[key_index[i]], key_len );
mbedtls_gcm_init( &ctx, cipher, key[key_index[i]], key_len );
ret = gcm_starts( &ctx, GCM_DECRYPT,
ret = mbedtls_gcm_starts( &ctx, MBEDTLS_GCM_DECRYPT,
iv[iv_index[i]], iv_len[i],
additional[add_index[i]], add_len[i] );
if( ret != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
mbedtls_printf( "failed\n" );
return( 1 );
}
@ -883,62 +883,62 @@ int gcm_self_test( int verbose )
if( pt_len[i] > 32 )
{
size_t rest_len = pt_len[i] - 32;
ret = gcm_update( &ctx, 32, ct[j * 6 + i], buf );
ret = mbedtls_gcm_update( &ctx, 32, ct[j * 6 + i], buf );
if( ret != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
mbedtls_printf( "failed\n" );
return( 1 );
}
ret = gcm_update( &ctx, rest_len, ct[j * 6 + i] + 32,
ret = mbedtls_gcm_update( &ctx, rest_len, ct[j * 6 + i] + 32,
buf + 32 );
if( ret != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
mbedtls_printf( "failed\n" );
return( 1 );
}
}
else
{
ret = gcm_update( &ctx, pt_len[i], ct[j * 6 + i], buf );
ret = mbedtls_gcm_update( &ctx, pt_len[i], ct[j * 6 + i], buf );
if( ret != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
mbedtls_printf( "failed\n" );
return( 1 );
}
}
ret = gcm_finish( &ctx, tag_buf, 16 );
ret = mbedtls_gcm_finish( &ctx, tag_buf, 16 );
if( ret != 0 ||
memcmp( buf, pt[pt_index[i]], pt_len[i] ) != 0 ||
memcmp( tag_buf, tag[j * 6 + i], 16 ) != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
mbedtls_printf( "failed\n" );
return( 1 );
}
gcm_free( &ctx );
mbedtls_gcm_free( &ctx );
if( verbose != 0 )
polarssl_printf( "passed\n" );
mbedtls_printf( "passed\n" );
}
}
if( verbose != 0 )
polarssl_printf( "\n" );
mbedtls_printf( "\n" );
return( 0 );
}
#endif /* POLARSSL_SELF_TEST && POLARSSL_AES_C */
#endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */
#endif /* POLARSSL_GCM_C */
#endif /* MBEDTLS_GCM_C */

36
library/havege.c
View File

@ -27,13 +27,13 @@
* Contact: seznec(at)irisa_dot_fr - orocheco(at)irisa_dot_fr
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_HAVEGE_C)
#if defined(MBEDTLS_HAVEGE_C)
#include "mbedtls/havege.h"
#include "mbedtls/timing.h"
@ -41,7 +41,7 @@
#include <string.h>
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
@ -82,7 +82,7 @@ static void polarssl_zeroize( void *v, size_t n ) {
PTX = (PT1 >> 18) & 7; \
PT1 &= 0x1FFF; \
PT2 &= 0x1FFF; \
CLK = (int) hardclock(); \
CLK = (int) mbedtls_timing_hardclock(); \
\
i = 0; \
A = &WALK[PT1 ]; RES[i++] ^= *A; \
@ -105,7 +105,7 @@ static void polarssl_zeroize( void *v, size_t n ) {
\
IN = (*A >> (5)) ^ (*A << (27)) ^ CLK; \
*A = (*B >> (6)) ^ (*B << (26)) ^ CLK; \
*B = IN; CLK = (int) hardclock(); \
*B = IN; CLK = (int) mbedtls_timing_hardclock(); \
*C = (*C >> (7)) ^ (*C << (25)) ^ CLK; \
*D = (*D >> (8)) ^ (*D << (24)) ^ CLK; \
\
@ -156,12 +156,12 @@ static void polarssl_zeroize( void *v, size_t n ) {
PT1 ^= (PT2 ^ 0x10) & 0x10; \
\
for( n++, i = 0; i < 16; i++ ) \
hs->pool[n % COLLECT_SIZE] ^= RES[i];
hs->pool[n % MBEDTLS_HAVEGE_COLLECT_SIZE] ^= RES[i];
/*
* Entropy gathering function
*/
static void havege_fill( havege_state *hs )
static void havege_fill( mbedtls_havege_state *hs )
{
int i, n = 0;
int U1, U2, *A, *B, *C, *D;
@ -177,7 +177,7 @@ static void havege_fill( havege_state *hs )
memset( RES, 0, sizeof( RES ) );
while( n < COLLECT_SIZE * 4 )
while( n < MBEDTLS_HAVEGE_COLLECT_SIZE * 4 )
{
ONE_ITERATION
ONE_ITERATION
@ -189,35 +189,35 @@ static void havege_fill( havege_state *hs )
hs->PT2 = PT2;
hs->offset[0] = 0;
hs->offset[1] = COLLECT_SIZE / 2;
hs->offset[1] = MBEDTLS_HAVEGE_COLLECT_SIZE / 2;
}
/*
* HAVEGE initialization
*/
void havege_init( havege_state *hs )
void mbedtls_havege_init( mbedtls_havege_state *hs )
{
memset( hs, 0, sizeof( havege_state ) );
memset( hs, 0, sizeof( mbedtls_havege_state ) );
havege_fill( hs );
}
void havege_free( havege_state *hs )
void mbedtls_havege_free( mbedtls_havege_state *hs )
{
if( hs == NULL )
return;
polarssl_zeroize( hs, sizeof( havege_state ) );
mbedtls_zeroize( hs, sizeof( mbedtls_havege_state ) );
}
/*
* HAVEGE rand function
*/
int havege_random( void *p_rng, unsigned char *buf, size_t len )
int mbedtls_havege_random( void *p_rng, unsigned char *buf, size_t len )
{
int val;
size_t use_len;
havege_state *hs = (havege_state *) p_rng;
mbedtls_havege_state *hs = (mbedtls_havege_state *) p_rng;
unsigned char *p = buf;
while( len > 0 )
@ -226,7 +226,7 @@ int havege_random( void *p_rng, unsigned char *buf, size_t len )
if( use_len > sizeof(int) )
use_len = sizeof(int);
if( hs->offset[1] >= COLLECT_SIZE )
if( hs->offset[1] >= MBEDTLS_HAVEGE_COLLECT_SIZE )
havege_fill( hs );
val = hs->pool[hs->offset[0]++];
@ -241,4 +241,4 @@ int havege_random( void *p_rng, unsigned char *buf, size_t len )
return( 0 );
}
#endif /* POLARSSL_HAVEGE_C */
#endif /* MBEDTLS_HAVEGE_C */

218
library/hmac_drbg.c
View File

@ -26,78 +26,78 @@
* References below are based on rev. 1 (January 2012).
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_HMAC_DRBG_C)
#if defined(MBEDTLS_HMAC_DRBG_C)
#include "mbedtls/hmac_drbg.h"
#include <string.h>
#if defined(POLARSSL_FS_IO)
#if defined(MBEDTLS_FS_IO)
#include <stdio.h>
#endif
#if defined(POLARSSL_SELF_TEST)
#if defined(POLARSSL_PLATFORM_C)
#if defined(MBEDTLS_SELF_TEST)
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#include <stdio.h>
#define polarssl_printf printf
#endif /* POLARSSL_SELF_TEST */
#endif /* POLARSSL_PLATFORM_C */
#define mbedtls_printf printf
#endif /* MBEDTLS_SELF_TEST */
#endif /* MBEDTLS_PLATFORM_C */
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
/*
* HMAC_DRBG update, using optional additional data (10.1.2.2)
*/
void hmac_drbg_update( hmac_drbg_context *ctx,
void mbedtls_hmac_drbg_update( mbedtls_hmac_drbg_context *ctx,
const unsigned char *additional, size_t add_len )
{
size_t md_len = md_get_size( ctx->md_ctx.md_info );
size_t md_len = mbedtls_md_get_size( ctx->md_ctx.md_info );
unsigned char rounds = ( additional != NULL && add_len != 0 ) ? 2 : 1;
unsigned char sep[1];
unsigned char K[POLARSSL_MD_MAX_SIZE];
unsigned char K[MBEDTLS_MD_MAX_SIZE];
for( sep[0] = 0; sep[0] < rounds; sep[0]++ )
{
/* Step 1 or 4 */
md_hmac_reset( &ctx->md_ctx );
md_hmac_update( &ctx->md_ctx, ctx->V, md_len );
md_hmac_update( &ctx->md_ctx, sep, 1 );
mbedtls_md_hmac_reset( &ctx->md_ctx );
mbedtls_md_hmac_update( &ctx->md_ctx, ctx->V, md_len );
mbedtls_md_hmac_update( &ctx->md_ctx, sep, 1 );
if( rounds == 2 )
md_hmac_update( &ctx->md_ctx, additional, add_len );
md_hmac_finish( &ctx->md_ctx, K );
mbedtls_md_hmac_update( &ctx->md_ctx, additional, add_len );
mbedtls_md_hmac_finish( &ctx->md_ctx, K );
/* Step 2 or 5 */
md_hmac_starts( &ctx->md_ctx, K, md_len );
md_hmac_update( &ctx->md_ctx, ctx->V, md_len );
md_hmac_finish( &ctx->md_ctx, ctx->V );
mbedtls_md_hmac_starts( &ctx->md_ctx, K, md_len );
mbedtls_md_hmac_update( &ctx->md_ctx, ctx->V, md_len );
mbedtls_md_hmac_finish( &ctx->md_ctx, ctx->V );
}
}
/*
* Simplified HMAC_DRBG initialisation (for use with deterministic ECDSA)
*/
int hmac_drbg_init_buf( hmac_drbg_context *ctx,
const md_info_t * md_info,
int mbedtls_hmac_drbg_init_buf( mbedtls_hmac_drbg_context *ctx,
const mbedtls_md_info_t * md_info,
const unsigned char *data, size_t data_len )
{
int ret;
memset( ctx, 0, sizeof( hmac_drbg_context ) );
memset( ctx, 0, sizeof( mbedtls_hmac_drbg_context ) );
md_init( &ctx->md_ctx );
mbedtls_md_init( &ctx->md_ctx );
if( ( ret = md_setup( &ctx->md_ctx, md_info, 1 ) ) != 0 )
if( ( ret = mbedtls_md_setup( &ctx->md_ctx, md_info, 1 ) ) != 0 )
return( ret );
/*
@ -105,10 +105,10 @@ int hmac_drbg_init_buf( hmac_drbg_context *ctx,
* Use the V memory location, which is currently all 0, to initialize the
* MD context with an all-zero key. Then set V to its initial value.
*/
md_hmac_starts( &ctx->md_ctx, ctx->V, md_get_size( md_info ) );
memset( ctx->V, 0x01, md_get_size( md_info ) );
mbedtls_md_hmac_starts( &ctx->md_ctx, ctx->V, mbedtls_md_get_size( md_info ) );
memset( ctx->V, 0x01, mbedtls_md_get_size( md_info ) );
hmac_drbg_update( ctx, data, data_len );
mbedtls_hmac_drbg_update( ctx, data, data_len );
return( 0 );
}
@ -116,24 +116,24 @@ int hmac_drbg_init_buf( hmac_drbg_context *ctx,
/*
* HMAC_DRBG reseeding: 10.1.2.4 (arabic) + 9.2 (Roman)
*/
int hmac_drbg_reseed( hmac_drbg_context *ctx,
int mbedtls_hmac_drbg_reseed( mbedtls_hmac_drbg_context *ctx,
const unsigned char *additional, size_t len )
{
unsigned char seed[POLARSSL_HMAC_DRBG_MAX_SEED_INPUT];
unsigned char seed[MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT];
size_t seedlen;
/* III. Check input length */
if( len > POLARSSL_HMAC_DRBG_MAX_INPUT ||
ctx->entropy_len + len > POLARSSL_HMAC_DRBG_MAX_SEED_INPUT )
if( len > MBEDTLS_HMAC_DRBG_MAX_INPUT ||
ctx->entropy_len + len > MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT )
{
return( POLARSSL_ERR_HMAC_DRBG_INPUT_TOO_BIG );
return( MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG );
}
memset( seed, 0, POLARSSL_HMAC_DRBG_MAX_SEED_INPUT );
memset( seed, 0, MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT );
/* IV. Gather entropy_len bytes of entropy for the seed */
if( ctx->f_entropy( ctx->p_entropy, seed, ctx->entropy_len ) != 0 )
return( POLARSSL_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED );
return( MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED );
seedlen = ctx->entropy_len;
@ -145,7 +145,7 @@ int hmac_drbg_reseed( hmac_drbg_context *ctx,
}
/* 2. Update state */
hmac_drbg_update( ctx, seed, seedlen );
mbedtls_hmac_drbg_update( ctx, seed, seedlen );
/* 3. Reset reseed_counter */
ctx->reseed_counter = 1;
@ -157,8 +157,8 @@ int hmac_drbg_reseed( hmac_drbg_context *ctx,
/*
* HMAC_DRBG initialisation (10.1.2.3 + 9.1)
*/
int hmac_drbg_init( hmac_drbg_context *ctx,
const md_info_t * md_info,
int mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx,
const mbedtls_md_info_t * md_info,
int (*f_entropy)(void *, unsigned char *, size_t),
void *p_entropy,
const unsigned char *custom,
@ -167,27 +167,27 @@ int hmac_drbg_init( hmac_drbg_context *ctx,
int ret;
size_t entropy_len, md_size;
memset( ctx, 0, sizeof( hmac_drbg_context ) );
memset( ctx, 0, sizeof( mbedtls_hmac_drbg_context ) );
md_init( &ctx->md_ctx );
mbedtls_md_init( &ctx->md_ctx );
if( ( ret = md_setup( &ctx->md_ctx, md_info, 1 ) ) != 0 )
if( ( ret = mbedtls_md_setup( &ctx->md_ctx, md_info, 1 ) ) != 0 )
return( ret );
md_size = md_get_size( md_info );
md_size = mbedtls_md_get_size( md_info );
/*
* Set initial working state.
* Use the V memory location, which is currently all 0, to initialize the
* MD context with an all-zero key. Then set V to its initial value.
*/
md_hmac_starts( &ctx->md_ctx, ctx->V, md_size );
mbedtls_md_hmac_starts( &ctx->md_ctx, ctx->V, md_size );
memset( ctx->V, 0x01, md_size );
ctx->f_entropy = f_entropy;
ctx->p_entropy = p_entropy;
ctx->reseed_interval = POLARSSL_HMAC_DRBG_RESEED_INTERVAL;
ctx->reseed_interval = MBEDTLS_HMAC_DRBG_RESEED_INTERVAL;
/*
* See SP800-57 5.6.1 (p. 65-66) for the security strength provided by
@ -206,7 +206,7 @@ int hmac_drbg_init( hmac_drbg_context *ctx,
*/
ctx->entropy_len = entropy_len * 3 / 2;
if( ( ret = hmac_drbg_reseed( ctx, custom, len ) ) != 0 )
if( ( ret = mbedtls_hmac_drbg_reseed( ctx, custom, len ) ) != 0 )
return( ret );
ctx->entropy_len = entropy_len;
@ -217,7 +217,7 @@ int hmac_drbg_init( hmac_drbg_context *ctx,
/*
* Set prediction resistance
*/
void hmac_drbg_set_prediction_resistance( hmac_drbg_context *ctx,
void mbedtls_hmac_drbg_set_prediction_resistance( mbedtls_hmac_drbg_context *ctx,
int resistance )
{
ctx->prediction_resistance = resistance;
@ -226,7 +226,7 @@ void hmac_drbg_set_prediction_resistance( hmac_drbg_context *ctx,
/*
* Set entropy length grabbed for reseeds
*/
void hmac_drbg_set_entropy_len( hmac_drbg_context *ctx, size_t len )
void mbedtls_hmac_drbg_set_entropy_len( mbedtls_hmac_drbg_context *ctx, size_t len )
{
ctx->entropy_len = len;
}
@ -234,7 +234,7 @@ void hmac_drbg_set_entropy_len( hmac_drbg_context *ctx, size_t len )
/*
* Set reseed interval
*/
void hmac_drbg_set_reseed_interval( hmac_drbg_context *ctx, int interval )
void mbedtls_hmac_drbg_set_reseed_interval( mbedtls_hmac_drbg_context *ctx, int interval )
{
ctx->reseed_interval = interval;
}
@ -243,30 +243,30 @@ void hmac_drbg_set_reseed_interval( hmac_drbg_context *ctx, int interval )
* HMAC_DRBG random function with optional additional data:
* 10.1.2.5 (arabic) + 9.3 (Roman)
*/
int hmac_drbg_random_with_add( void *p_rng,
int mbedtls_hmac_drbg_random_with_add( void *p_rng,
unsigned char *output, size_t out_len,
const unsigned char *additional, size_t add_len )
{
int ret;
hmac_drbg_context *ctx = (hmac_drbg_context *) p_rng;
size_t md_len = md_get_size( ctx->md_ctx.md_info );
mbedtls_hmac_drbg_context *ctx = (mbedtls_hmac_drbg_context *) p_rng;
size_t md_len = mbedtls_md_get_size( ctx->md_ctx.md_info );
size_t left = out_len;
unsigned char *out = output;
/* II. Check request length */
if( out_len > POLARSSL_HMAC_DRBG_MAX_REQUEST )
return( POLARSSL_ERR_HMAC_DRBG_REQUEST_TOO_BIG );
if( out_len > MBEDTLS_HMAC_DRBG_MAX_REQUEST )
return( MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG );
/* III. Check input length */
if( add_len > POLARSSL_HMAC_DRBG_MAX_INPUT )
return( POLARSSL_ERR_HMAC_DRBG_INPUT_TOO_BIG );
if( add_len > MBEDTLS_HMAC_DRBG_MAX_INPUT )
return( MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG );
/* 1. (aka VII and IX) Check reseed counter and PR */
if( ctx->f_entropy != NULL && /* For no-reseeding instances */
( ctx->prediction_resistance == POLARSSL_HMAC_DRBG_PR_ON ||
( ctx->prediction_resistance == MBEDTLS_HMAC_DRBG_PR_ON ||
ctx->reseed_counter > ctx->reseed_interval ) )
{
if( ( ret = hmac_drbg_reseed( ctx, additional, add_len ) ) != 0 )
if( ( ret = mbedtls_hmac_drbg_reseed( ctx, additional, add_len ) ) != 0 )
return( ret );
add_len = 0; /* VII.4 */
@ -274,16 +274,16 @@ int hmac_drbg_random_with_add( void *p_rng,
/* 2. Use additional data if any */
if( additional != NULL && add_len != 0 )
hmac_drbg_update( ctx, additional, add_len );
mbedtls_hmac_drbg_update( ctx, additional, add_len );
/* 3, 4, 5. Generate bytes */
while( left != 0 )
{
size_t use_len = left > md_len ? md_len : left;
md_hmac_reset( &ctx->md_ctx );
md_hmac_update( &ctx->md_ctx, ctx->V, md_len );
md_hmac_finish( &ctx->md_ctx, ctx->V );
mbedtls_md_hmac_reset( &ctx->md_ctx );
mbedtls_md_hmac_update( &ctx->md_ctx, ctx->V, md_len );
mbedtls_md_hmac_finish( &ctx->md_ctx, ctx->V );
memcpy( out, ctx->V, use_len );
out += use_len;
@ -291,7 +291,7 @@ int hmac_drbg_random_with_add( void *p_rng,
}
/* 6. Update */
hmac_drbg_update( ctx, additional, add_len );
mbedtls_hmac_drbg_update( ctx, additional, add_len );
/* 7. Update reseed counter */
ctx->reseed_counter++;
@ -303,40 +303,40 @@ int hmac_drbg_random_with_add( void *p_rng,
/*
* HMAC_DRBG random function
*/
int hmac_drbg_random( void *p_rng, unsigned char *output, size_t out_len )
int mbedtls_hmac_drbg_random( void *p_rng, unsigned char *output, size_t out_len )
{
return( hmac_drbg_random_with_add( p_rng, output, out_len, NULL, 0 ) );
return( mbedtls_hmac_drbg_random_with_add( p_rng, output, out_len, NULL, 0 ) );
}
/*
* Free an HMAC_DRBG context
*/
void hmac_drbg_free( hmac_drbg_context *ctx )
void mbedtls_hmac_drbg_free( mbedtls_hmac_drbg_context *ctx )
{
if( ctx == NULL )
return;
md_free( &ctx->md_ctx );
mbedtls_md_free( &ctx->md_ctx );
polarssl_zeroize( ctx, sizeof( hmac_drbg_context ) );
mbedtls_zeroize( ctx, sizeof( mbedtls_hmac_drbg_context ) );
}
#if defined(POLARSSL_FS_IO)
int hmac_drbg_write_seed_file( hmac_drbg_context *ctx, const char *path )
#if defined(MBEDTLS_FS_IO)
int mbedtls_hmac_drbg_write_seed_file( mbedtls_hmac_drbg_context *ctx, const char *path )
{
int ret;
FILE *f;
unsigned char buf[ POLARSSL_HMAC_DRBG_MAX_INPUT ];
unsigned char buf[ MBEDTLS_HMAC_DRBG_MAX_INPUT ];
if( ( f = fopen( path, "wb" ) ) == NULL )
return( POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR );
return( MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR );
if( ( ret = hmac_drbg_random( ctx, buf, sizeof( buf ) ) ) != 0 )
if( ( ret = mbedtls_hmac_drbg_random( ctx, buf, sizeof( buf ) ) ) != 0 )
goto exit;
if( fwrite( buf, 1, sizeof( buf ), f ) != sizeof( buf ) )
{
ret = POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR;
ret = MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR;
goto exit;
}
@ -347,49 +347,49 @@ exit:
return( ret );
}
int hmac_drbg_update_seed_file( hmac_drbg_context *ctx, const char *path )
int mbedtls_hmac_drbg_update_seed_file( mbedtls_hmac_drbg_context *ctx, const char *path )
{
FILE *f;
size_t n;
unsigned char buf[ POLARSSL_HMAC_DRBG_MAX_INPUT ];
unsigned char buf[ MBEDTLS_HMAC_DRBG_MAX_INPUT ];
if( ( f = fopen( path, "rb" ) ) == NULL )
return( POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR );
return( MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR );
fseek( f, 0, SEEK_END );
n = (size_t) ftell( f );
fseek( f, 0, SEEK_SET );
if( n > POLARSSL_HMAC_DRBG_MAX_INPUT )
if( n > MBEDTLS_HMAC_DRBG_MAX_INPUT )
{
fclose( f );
return( POLARSSL_ERR_HMAC_DRBG_INPUT_TOO_BIG );
return( MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG );
}
if( fread( buf, 1, n, f ) != n )
{
fclose( f );
return( POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR );
return( MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR );
}
fclose( f );
hmac_drbg_update( ctx, buf, n );
mbedtls_hmac_drbg_update( ctx, buf, n );
return( hmac_drbg_write_seed_file( ctx, path ) );
return( mbedtls_hmac_drbg_write_seed_file( ctx, path ) );
}
#endif /* POLARSSL_FS_IO */
#endif /* MBEDTLS_FS_IO */
#if defined(POLARSSL_SELF_TEST)
#if defined(MBEDTLS_SELF_TEST)
#if !defined(POLARSSL_SHA1_C)
#if !defined(MBEDTLS_SHA1_C)
/* Dummy checkup routine */
int hmac_drbg_self_test( int verbose )
int mbedtls_hmac_drbg_self_test( int verbose )
{
if( verbose != 0 )
polarssl_printf( "\n" );
mbedtls_printf( "\n" );
return( 0 );
}
@ -442,63 +442,63 @@ static int hmac_drbg_self_test_entropy( void *data,
#define CHK( c ) if( (c) != 0 ) \
{ \
if( verbose != 0 ) \
polarssl_printf( "failed\n" ); \
mbedtls_printf( "failed\n" ); \
return( 1 ); \
}
/*
* Checkup routine for HMAC_DRBG with SHA-1
*/
int hmac_drbg_self_test( int verbose )
int mbedtls_hmac_drbg_self_test( int verbose )
{
hmac_drbg_context ctx;
mbedtls_hmac_drbg_context ctx;
unsigned char buf[OUTPUT_LEN];
const md_info_t *md_info = md_info_from_type( POLARSSL_MD_SHA1 );
const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 );
/*
* PR = True
*/
if( verbose != 0 )
polarssl_printf( " HMAC_DRBG (PR = True) : " );
mbedtls_printf( " HMAC_DRBG (PR = True) : " );
test_offset = 0;
CHK( hmac_drbg_init( &ctx, md_info,
CHK( mbedtls_hmac_drbg_init( &ctx, md_info,
hmac_drbg_self_test_entropy, (void *) entropy_pr,
NULL, 0 ) );
hmac_drbg_set_prediction_resistance( &ctx, POLARSSL_HMAC_DRBG_PR_ON );
CHK( hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) );
CHK( hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) );
mbedtls_hmac_drbg_set_prediction_resistance( &ctx, MBEDTLS_HMAC_DRBG_PR_ON );
CHK( mbedtls_hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) );
CHK( mbedtls_hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) );
CHK( memcmp( buf, result_pr, OUTPUT_LEN ) );
hmac_drbg_free( &ctx );
mbedtls_hmac_drbg_free( &ctx );
if( verbose != 0 )
polarssl_printf( "passed\n" );
mbedtls_printf( "passed\n" );
/*
* PR = False
*/
if( verbose != 0 )
polarssl_printf( " HMAC_DRBG (PR = False) : " );
mbedtls_printf( " HMAC_DRBG (PR = False) : " );
test_offset = 0;
CHK( hmac_drbg_init( &ctx, md_info,
CHK( mbedtls_hmac_drbg_init( &ctx, md_info,
hmac_drbg_self_test_entropy, (void *) entropy_nopr,
NULL, 0 ) );
CHK( hmac_drbg_reseed( &ctx, NULL, 0 ) );
CHK( hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) );
CHK( hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) );
CHK( mbedtls_hmac_drbg_reseed( &ctx, NULL, 0 ) );
CHK( mbedtls_hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) );
CHK( mbedtls_hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) );
CHK( memcmp( buf, result_nopr, OUTPUT_LEN ) );
hmac_drbg_free( &ctx );
mbedtls_hmac_drbg_free( &ctx );
if( verbose != 0 )
polarssl_printf( "passed\n" );
mbedtls_printf( "passed\n" );
if( verbose != 0 )
polarssl_printf( "\n" );
mbedtls_printf( "\n" );
return( 0 );
}
#endif /* POLARSSL_SHA1_C */
#endif /* POLARSSL_SELF_TEST */
#endif /* MBEDTLS_SHA1_C */
#endif /* MBEDTLS_SELF_TEST */
#endif /* POLARSSL_HMAC_DRBG_C */
#endif /* MBEDTLS_HMAC_DRBG_C */

250
library/md.c
View File

@ -1,5 +1,5 @@
/**
* \file md.c
* \file mbedtls_md.c
*
* \brief Generic message digest wrapper for mbed TLS
*
@ -24,23 +24,23 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_MD_C)
#if defined(MBEDTLS_MD_C)
#include "mbedtls/md.h"
#include "mbedtls/md_wrap.h"
#if defined(POLARSSL_PLATFORM_C)
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#include <stdlib.h>
#define polarssl_malloc malloc
#define polarssl_free free
#define mbedtls_malloc malloc
#define mbedtls_free free
#endif
#include <string.h>
@ -51,138 +51,138 @@
#endif
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
static const int supported_digests[] = {
#if defined(POLARSSL_SHA512_C)
POLARSSL_MD_SHA512,
POLARSSL_MD_SHA384,
#if defined(MBEDTLS_SHA512_C)
MBEDTLS_MD_SHA512,
MBEDTLS_MD_SHA384,
#endif
#if defined(POLARSSL_SHA256_C)
POLARSSL_MD_SHA256,
POLARSSL_MD_SHA224,
#if defined(MBEDTLS_SHA256_C)
MBEDTLS_MD_SHA256,
MBEDTLS_MD_SHA224,
#endif
#if defined(POLARSSL_SHA1_C)
POLARSSL_MD_SHA1,
#if defined(MBEDTLS_SHA1_C)
MBEDTLS_MD_SHA1,
#endif
#if defined(POLARSSL_RIPEMD160_C)
POLARSSL_MD_RIPEMD160,
#if defined(MBEDTLS_RIPEMD160_C)
MBEDTLS_MD_RIPEMD160,
#endif
#if defined(POLARSSL_MD5_C)
POLARSSL_MD_MD5,
#if defined(MBEDTLS_MD5_C)
MBEDTLS_MD_MD5,
#endif
#if defined(POLARSSL_MD4_C)
POLARSSL_MD_MD4,
#if defined(MBEDTLS_MD4_C)
MBEDTLS_MD_MD4,
#endif
#if defined(POLARSSL_MD2_C)
POLARSSL_MD_MD2,
#if defined(MBEDTLS_MD2_C)
MBEDTLS_MD_MD2,
#endif
POLARSSL_MD_NONE
MBEDTLS_MD_NONE
};
const int *md_list( void )
const int *mbedtls_md_list( void )
{
return( supported_digests );
}
const md_info_t *md_info_from_string( const char *md_name )
const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name )
{
if( NULL == md_name )
return( NULL );
/* Get the appropriate digest information */
#if defined(POLARSSL_MD2_C)
#if defined(MBEDTLS_MD2_C)
if( !strcasecmp( "MD2", md_name ) )
return md_info_from_type( POLARSSL_MD_MD2 );
return mbedtls_md_info_from_type( MBEDTLS_MD_MD2 );
#endif
#if defined(POLARSSL_MD4_C)
#if defined(MBEDTLS_MD4_C)
if( !strcasecmp( "MD4", md_name ) )
return md_info_from_type( POLARSSL_MD_MD4 );
return mbedtls_md_info_from_type( MBEDTLS_MD_MD4 );
#endif
#if defined(POLARSSL_MD5_C)
#if defined(MBEDTLS_MD5_C)
if( !strcasecmp( "MD5", md_name ) )
return md_info_from_type( POLARSSL_MD_MD5 );
return mbedtls_md_info_from_type( MBEDTLS_MD_MD5 );
#endif
#if defined(POLARSSL_RIPEMD160_C)
#if defined(MBEDTLS_RIPEMD160_C)
if( !strcasecmp( "RIPEMD160", md_name ) )
return md_info_from_type( POLARSSL_MD_RIPEMD160 );
return mbedtls_md_info_from_type( MBEDTLS_MD_RIPEMD160 );
#endif
#if defined(POLARSSL_SHA1_C)
#if defined(MBEDTLS_SHA1_C)
if( !strcasecmp( "SHA1", md_name ) || !strcasecmp( "SHA", md_name ) )
return md_info_from_type( POLARSSL_MD_SHA1 );
return mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 );
#endif
#if defined(POLARSSL_SHA256_C)
#if defined(MBEDTLS_SHA256_C)
if( !strcasecmp( "SHA224", md_name ) )
return md_info_from_type( POLARSSL_MD_SHA224 );
return mbedtls_md_info_from_type( MBEDTLS_MD_SHA224 );
if( !strcasecmp( "SHA256", md_name ) )
return md_info_from_type( POLARSSL_MD_SHA256 );
return mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 );
#endif
#if defined(POLARSSL_SHA512_C)
#if defined(MBEDTLS_SHA512_C)
if( !strcasecmp( "SHA384", md_name ) )
return md_info_from_type( POLARSSL_MD_SHA384 );
return mbedtls_md_info_from_type( MBEDTLS_MD_SHA384 );
if( !strcasecmp( "SHA512", md_name ) )
return md_info_from_type( POLARSSL_MD_SHA512 );
return mbedtls_md_info_from_type( MBEDTLS_MD_SHA512 );
#endif
return( NULL );
}
const md_info_t *md_info_from_type( md_type_t md_type )
const mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type )
{
switch( md_type )
{
#if defined(POLARSSL_MD2_C)
case POLARSSL_MD_MD2:
return( &md2_info );
#if defined(MBEDTLS_MD2_C)
case MBEDTLS_MD_MD2:
return( &mbedtls_md2_info );
#endif
#if defined(POLARSSL_MD4_C)
case POLARSSL_MD_MD4:
return( &md4_info );
#if defined(MBEDTLS_MD4_C)
case MBEDTLS_MD_MD4:
return( &mbedtls_md4_info );
#endif
#if defined(POLARSSL_MD5_C)
case POLARSSL_MD_MD5:
return( &md5_info );
#if defined(MBEDTLS_MD5_C)
case MBEDTLS_MD_MD5:
return( &mbedtls_md5_info );
#endif
#if defined(POLARSSL_RIPEMD160_C)
case POLARSSL_MD_RIPEMD160:
return( &ripemd160_info );
#if defined(MBEDTLS_RIPEMD160_C)
case MBEDTLS_MD_RIPEMD160:
return( &mbedtls_ripemd160_info );
#endif
#if defined(POLARSSL_SHA1_C)
case POLARSSL_MD_SHA1:
return( &sha1_info );
#if defined(MBEDTLS_SHA1_C)
case MBEDTLS_MD_SHA1:
return( &mbedtls_sha1_info );
#endif
#if defined(POLARSSL_SHA256_C)
case POLARSSL_MD_SHA224:
return( &sha224_info );
case POLARSSL_MD_SHA256:
return( &sha256_info );
#if defined(MBEDTLS_SHA256_C)
case MBEDTLS_MD_SHA224:
return( &mbedtls_sha224_info );
case MBEDTLS_MD_SHA256:
return( &mbedtls_sha256_info );
#endif
#if defined(POLARSSL_SHA512_C)
case POLARSSL_MD_SHA384:
return( &sha384_info );
case POLARSSL_MD_SHA512:
return( &sha512_info );
#if defined(MBEDTLS_SHA512_C)
case MBEDTLS_MD_SHA384:
return( &mbedtls_sha384_info );
case MBEDTLS_MD_SHA512:
return( &mbedtls_sha512_info );
#endif
default:
return( NULL );
}
}
void md_init( md_context_t *ctx )
void mbedtls_md_init( mbedtls_md_context_t *ctx )
{
memset( ctx, 0, sizeof( md_context_t ) );
memset( ctx, 0, sizeof( mbedtls_md_context_t ) );
}
void md_free( md_context_t *ctx )
void mbedtls_md_free( mbedtls_md_context_t *ctx )
{
if( ctx == NULL || ctx->md_info == NULL )
return;
@ -192,35 +192,35 @@ void md_free( md_context_t *ctx )
if( ctx->hmac_ctx != NULL )
{
polarssl_zeroize( ctx->hmac_ctx, 2 * ctx->md_info->block_size );
polarssl_free( ctx->hmac_ctx );
mbedtls_zeroize( ctx->hmac_ctx, 2 * ctx->md_info->block_size );
mbedtls_free( ctx->hmac_ctx );
}
polarssl_zeroize( ctx, sizeof( md_context_t ) );
mbedtls_zeroize( ctx, sizeof( mbedtls_md_context_t ) );
}
#if ! defined(POLARSSL_DEPRECATED_REMOVED)
int md_init_ctx( md_context_t *ctx, const md_info_t *md_info )
#if ! defined(MBEDTLS_DEPRECATED_REMOVED)
int mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info )
{
return md_setup( ctx, md_info, 1 );
return mbedtls_md_setup( ctx, md_info, 1 );
}
#endif
int md_setup( md_context_t *ctx, const md_info_t *md_info, int hmac )
int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac )
{
if( md_info == NULL || ctx == NULL )
return( POLARSSL_ERR_MD_BAD_INPUT_DATA );
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
if( ( ctx->md_ctx = md_info->ctx_alloc_func() ) == NULL )
return( POLARSSL_ERR_MD_ALLOC_FAILED );
return( MBEDTLS_ERR_MD_ALLOC_FAILED );
if( hmac != 0 )
{
ctx->hmac_ctx = polarssl_malloc( 2 * md_info->block_size );
ctx->hmac_ctx = mbedtls_malloc( 2 * md_info->block_size );
if( ctx->hmac_ctx == NULL )
{
md_info->ctx_free_func( ctx->md_ctx );
return( POLARSSL_ERR_MD_ALLOC_FAILED );
return( MBEDTLS_ERR_MD_ALLOC_FAILED );
}
}
@ -229,78 +229,78 @@ int md_setup( md_context_t *ctx, const md_info_t *md_info, int hmac )
return( 0 );
}
int md_starts( md_context_t *ctx )
int mbedtls_md_starts( mbedtls_md_context_t *ctx )
{
if( ctx == NULL || ctx->md_info == NULL )
return( POLARSSL_ERR_MD_BAD_INPUT_DATA );
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
ctx->md_info->starts_func( ctx->md_ctx );
return( 0 );
}
int md_update( md_context_t *ctx, const unsigned char *input, size_t ilen )
int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen )
{
if( ctx == NULL || ctx->md_info == NULL )
return( POLARSSL_ERR_MD_BAD_INPUT_DATA );
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
ctx->md_info->update_func( ctx->md_ctx, input, ilen );
return( 0 );
}
int md_finish( md_context_t *ctx, unsigned char *output )
int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output )
{
if( ctx == NULL || ctx->md_info == NULL )
return( POLARSSL_ERR_MD_BAD_INPUT_DATA );
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
ctx->md_info->finish_func( ctx->md_ctx, output );
return( 0 );
}
int md( const md_info_t *md_info, const unsigned char *input, size_t ilen,
int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen,
unsigned char *output )
{
if( md_info == NULL )
return( POLARSSL_ERR_MD_BAD_INPUT_DATA );
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
md_info->digest_func( input, ilen, output );
return( 0 );
}
int md_file( const md_info_t *md_info, const char *path, unsigned char *output )
int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path, unsigned char *output )
{
#if defined(POLARSSL_FS_IO)
#if defined(MBEDTLS_FS_IO)
int ret;
#endif
if( md_info == NULL )
return( POLARSSL_ERR_MD_BAD_INPUT_DATA );
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
#if defined(POLARSSL_FS_IO)
#if defined(MBEDTLS_FS_IO)
ret = md_info->file_func( path, output );
if( ret != 0 )
return( POLARSSL_ERR_MD_FILE_IO_ERROR + ret );
return( MBEDTLS_ERR_MD_FILE_IO_ERROR + ret );
return( ret );
#else
((void) path);
((void) output);
return( POLARSSL_ERR_MD_FEATURE_UNAVAILABLE );
#endif /* POLARSSL_FS_IO */
return( MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE );
#endif /* MBEDTLS_FS_IO */
}
int md_hmac_starts( md_context_t *ctx, const unsigned char *key, size_t keylen )
int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key, size_t keylen )
{
unsigned char sum[POLARSSL_MD_MAX_SIZE];
unsigned char sum[MBEDTLS_MD_MAX_SIZE];
unsigned char *ipad, *opad;
size_t i;
if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
return( POLARSSL_ERR_MD_BAD_INPUT_DATA );
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
if( keylen > (size_t) ctx->md_info->block_size )
{
@ -324,7 +324,7 @@ int md_hmac_starts( md_context_t *ctx, const unsigned char *key, size_t keylen )
opad[i] = (unsigned char)( opad[i] ^ key[i] );
}
polarssl_zeroize( sum, sizeof( sum ) );
mbedtls_zeroize( sum, sizeof( sum ) );
ctx->md_info->starts_func( ctx->md_ctx );
ctx->md_info->update_func( ctx->md_ctx, ipad, ctx->md_info->block_size );
@ -332,23 +332,23 @@ int md_hmac_starts( md_context_t *ctx, const unsigned char *key, size_t keylen )
return( 0 );
}
int md_hmac_update( md_context_t *ctx, const unsigned char *input, size_t ilen )
int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen )
{
if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
return( POLARSSL_ERR_MD_BAD_INPUT_DATA );
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
ctx->md_info->update_func( ctx->md_ctx, input, ilen );
return( 0 );
}
int md_hmac_finish( md_context_t *ctx, unsigned char *output )
int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output )
{
unsigned char tmp[POLARSSL_MD_MAX_SIZE];
unsigned char tmp[MBEDTLS_MD_MAX_SIZE];
unsigned char *opad;
if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
return( POLARSSL_ERR_MD_BAD_INPUT_DATA );
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
opad = (unsigned char *) ctx->hmac_ctx + ctx->md_info->block_size;
@ -361,12 +361,12 @@ int md_hmac_finish( md_context_t *ctx, unsigned char *output )
return( 0 );
}
int md_hmac_reset( md_context_t *ctx )
int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx )
{
unsigned char *ipad;
if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
return( POLARSSL_ERR_MD_BAD_INPUT_DATA );
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
ipad = (unsigned char *) ctx->hmac_ctx;
@ -376,41 +376,41 @@ int md_hmac_reset( md_context_t *ctx )
return( 0 );
}
int md_hmac( const md_info_t *md_info, const unsigned char *key, size_t keylen,
int mbedtls_md_hmac( const mbedtls_md_info_t *md_info, const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen,
unsigned char *output )
{
md_context_t ctx;
mbedtls_md_context_t ctx;
int ret;
if( md_info == NULL )
return( POLARSSL_ERR_MD_BAD_INPUT_DATA );
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
md_init( &ctx );
mbedtls_md_init( &ctx );
if( ( ret = md_setup( &ctx, md_info, 1 ) ) != 0 )
if( ( ret = mbedtls_md_setup( &ctx, md_info, 1 ) ) != 0 )
return( ret );
md_hmac_starts( &ctx, key, keylen );
md_hmac_update( &ctx, input, ilen );
md_hmac_finish( &ctx, output );
mbedtls_md_hmac_starts( &ctx, key, keylen );
mbedtls_md_hmac_update( &ctx, input, ilen );
mbedtls_md_hmac_finish( &ctx, output );
md_free( &ctx );
mbedtls_md_free( &ctx );
return( 0 );
}
int md_process( md_context_t *ctx, const unsigned char *data )
int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data )
{
if( ctx == NULL || ctx->md_info == NULL )
return( POLARSSL_ERR_MD_BAD_INPUT_DATA );
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
ctx->md_info->process_func( ctx->md_ctx, data );
return( 0 );
}
unsigned char md_get_size( const md_info_t *md_info )
unsigned char mbedtls_md_get_size( const mbedtls_md_info_t *md_info )
{
if( md_info == NULL )
return( 0 );
@ -418,15 +418,15 @@ unsigned char md_get_size( const md_info_t *md_info )
return md_info->size;
}
md_type_t md_get_type( const md_info_t *md_info )
mbedtls_md_type_t mbedtls_md_get_type( const mbedtls_md_info_t *md_info )
{
if( md_info == NULL )
return( POLARSSL_MD_NONE );
return( MBEDTLS_MD_NONE );
return md_info->type;
}
const char *md_get_name( const md_info_t *md_info )
const char *mbedtls_md_get_name( const mbedtls_md_info_t *md_info )
{
if( md_info == NULL )
return( NULL );
@ -434,4 +434,4 @@ const char *md_get_name( const md_info_t *md_info )
return md_info->name;
}
#endif /* POLARSSL_MD_C */
#endif /* MBEDTLS_MD_C */

104
library/md2.c
View File

@ -26,37 +26,37 @@
* http://www.ietf.org/rfc/rfc1319.txt
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_MD2_C)
#if defined(MBEDTLS_MD2_C)
#include "mbedtls/md2.h"
#include <string.h>
#if defined(POLARSSL_FS_IO)
#if defined(MBEDTLS_FS_IO)
#include <stdio.h>
#endif
#if defined(POLARSSL_SELF_TEST)
#if defined(POLARSSL_PLATFORM_C)
#if defined(MBEDTLS_SELF_TEST)
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#include <stdio.h>
#define polarssl_printf printf
#endif /* POLARSSL_PLATFORM_C */
#endif /* POLARSSL_SELF_TEST */
#define mbedtls_printf printf
#endif /* MBEDTLS_PLATFORM_C */
#endif /* MBEDTLS_SELF_TEST */
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
#if !defined(POLARSSL_MD2_ALT)
#if !defined(MBEDTLS_MD2_ALT)
static const unsigned char PI_SUBST[256] =
{
@ -88,23 +88,23 @@ static const unsigned char PI_SUBST[256] =
0x8D, 0x33, 0x9F, 0x11, 0x83, 0x14
};
void md2_init( md2_context *ctx )
void mbedtls_md2_init( mbedtls_md2_context *ctx )
{
memset( ctx, 0, sizeof( md2_context ) );
memset( ctx, 0, sizeof( mbedtls_md2_context ) );
}
void md2_free( md2_context *ctx )
void mbedtls_md2_free( mbedtls_md2_context *ctx )
{
if( ctx == NULL )
return;
polarssl_zeroize( ctx, sizeof( md2_context ) );
mbedtls_zeroize( ctx, sizeof( mbedtls_md2_context ) );
}
/*
* MD2 context setup
*/
void md2_starts( md2_context *ctx )
void mbedtls_md2_starts( mbedtls_md2_context *ctx )
{
memset( ctx->cksum, 0, 16 );
memset( ctx->state, 0, 46 );
@ -112,8 +112,8 @@ void md2_starts( md2_context *ctx )
ctx->left = 0;
}
#if !defined(POLARSSL_MD2_PROCESS_ALT)
void md2_process( md2_context *ctx )
#if !defined(MBEDTLS_MD2_PROCESS_ALT)
void mbedtls_md2_process( mbedtls_md2_context *ctx )
{
int i, j;
unsigned char t = 0;
@ -146,12 +146,12 @@ void md2_process( md2_context *ctx )
t = ctx->cksum[i];
}
}
#endif /* !POLARSSL_MD2_PROCESS_ALT */
#endif /* !MBEDTLS_MD2_PROCESS_ALT */
/*
* MD2 process buffer
*/
void md2_update( md2_context *ctx, const unsigned char *input, size_t ilen )
void mbedtls_md2_update( mbedtls_md2_context *ctx, const unsigned char *input, size_t ilen )
{
size_t fill;
@ -171,7 +171,7 @@ void md2_update( md2_context *ctx, const unsigned char *input, size_t ilen )
if( ctx->left == 16 )
{
ctx->left = 0;
md2_process( ctx );
mbedtls_md2_process( ctx );
}
}
}
@ -179,7 +179,7 @@ void md2_update( md2_context *ctx, const unsigned char *input, size_t ilen )
/*
* MD2 final digest
*/
void md2_finish( md2_context *ctx, unsigned char output[16] )
void mbedtls_md2_finish( mbedtls_md2_context *ctx, unsigned char output[16] )
{
size_t i;
unsigned char x;
@ -189,65 +189,65 @@ void md2_finish( md2_context *ctx, unsigned char output[16] )
for( i = ctx->left; i < 16; i++ )
ctx->buffer[i] = x;
md2_process( ctx );
mbedtls_md2_process( ctx );
memcpy( ctx->buffer, ctx->cksum, 16 );
md2_process( ctx );
mbedtls_md2_process( ctx );
memcpy( output, ctx->state, 16 );
}
#endif /* !POLARSSL_MD2_ALT */
#endif /* !MBEDTLS_MD2_ALT */
/*
* output = MD2( input buffer )
*/
void md2( const unsigned char *input, size_t ilen, unsigned char output[16] )
void mbedtls_md2( const unsigned char *input, size_t ilen, unsigned char output[16] )
{
md2_context ctx;
mbedtls_md2_context ctx;
md2_init( &ctx );
md2_starts( &ctx );
md2_update( &ctx, input, ilen );
md2_finish( &ctx, output );
md2_free( &ctx );
mbedtls_md2_init( &ctx );
mbedtls_md2_starts( &ctx );
mbedtls_md2_update( &ctx, input, ilen );
mbedtls_md2_finish( &ctx, output );
mbedtls_md2_free( &ctx );
}
#if defined(POLARSSL_FS_IO)
#if defined(MBEDTLS_FS_IO)
/*
* output = MD2( file contents )
*/
int md2_file( const char *path, unsigned char output[16] )
int mbedtls_md2_file( const char *path, unsigned char output[16] )
{
FILE *f;
size_t n;
md2_context ctx;
mbedtls_md2_context ctx;
unsigned char buf[1024];
if( ( f = fopen( path, "rb" ) ) == NULL )
return( POLARSSL_ERR_MD2_FILE_IO_ERROR );
return( MBEDTLS_ERR_MD2_FILE_IO_ERROR );
md2_init( &ctx );
md2_starts( &ctx );
mbedtls_md2_init( &ctx );
mbedtls_md2_starts( &ctx );
while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
md2_update( &ctx, buf, n );
mbedtls_md2_update( &ctx, buf, n );
md2_finish( &ctx, output );
md2_free( &ctx );
mbedtls_md2_finish( &ctx, output );
mbedtls_md2_free( &ctx );
if( ferror( f ) != 0 )
{
fclose( f );
return( POLARSSL_ERR_MD2_FILE_IO_ERROR );
return( MBEDTLS_ERR_MD2_FILE_IO_ERROR );
}
fclose( f );
return( 0 );
}
#endif /* POLARSSL_FS_IO */
#endif /* MBEDTLS_FS_IO */
#if defined(POLARSSL_SELF_TEST)
#if defined(MBEDTLS_SELF_TEST)
/*
* RFC 1319 test vectors
@ -285,7 +285,7 @@ static const unsigned char md2_test_sum[7][16] =
/*
* Checkup routine
*/
int md2_self_test( int verbose )
int mbedtls_md2_self_test( int verbose )
{
int i;
unsigned char md2sum[16];
@ -293,29 +293,29 @@ int md2_self_test( int verbose )
for( i = 0; i < 7; i++ )
{
if( verbose != 0 )
polarssl_printf( " MD2 test #%d: ", i + 1 );
mbedtls_printf( " MD2 test #%d: ", i + 1 );
md2( (unsigned char *) md2_test_str[i],
mbedtls_md2( (unsigned char *) md2_test_str[i],
strlen( md2_test_str[i] ), md2sum );
if( memcmp( md2sum, md2_test_sum[i], 16 ) != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
mbedtls_printf( "failed\n" );
return( 1 );
}
if( verbose != 0 )
polarssl_printf( "passed\n" );
mbedtls_printf( "passed\n" );
}
if( verbose != 0 )
polarssl_printf( "\n" );
mbedtls_printf( "\n" );
return( 0 );
}
#endif /* POLARSSL_SELF_TEST */
#endif /* MBEDTLS_SELF_TEST */
#endif /* POLARSSL_MD2_C */
#endif /* MBEDTLS_MD2_C */

106
library/md4.c
View File

@ -26,37 +26,37 @@
* http://www.ietf.org/rfc/rfc1320.txt
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_MD4_C)
#if defined(MBEDTLS_MD4_C)
#include "mbedtls/md4.h"
#include <string.h>
#if defined(POLARSSL_FS_IO)
#if defined(MBEDTLS_FS_IO)
#include <stdio.h>
#endif
#if defined(POLARSSL_SELF_TEST)
#if defined(POLARSSL_PLATFORM_C)
#if defined(MBEDTLS_SELF_TEST)
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#include <stdio.h>
#define polarssl_printf printf
#endif /* POLARSSL_PLATFORM_C */
#endif /* POLARSSL_SELF_TEST */
#define mbedtls_printf printf
#endif /* MBEDTLS_PLATFORM_C */
#endif /* MBEDTLS_SELF_TEST */
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
#if !defined(POLARSSL_MD4_ALT)
#if !defined(MBEDTLS_MD4_ALT)
/*
* 32-bit integer manipulation macros (little endian)
@ -81,23 +81,23 @@ static void polarssl_zeroize( void *v, size_t n ) {
}
#endif
void md4_init( md4_context *ctx )
void mbedtls_md4_init( mbedtls_md4_context *ctx )
{
memset( ctx, 0, sizeof( md4_context ) );
memset( ctx, 0, sizeof( mbedtls_md4_context ) );
}
void md4_free( md4_context *ctx )
void mbedtls_md4_free( mbedtls_md4_context *ctx )
{
if( ctx == NULL )
return;
polarssl_zeroize( ctx, sizeof( md4_context ) );
mbedtls_zeroize( ctx, sizeof( mbedtls_md4_context ) );
}
/*
* MD4 context setup
*/
void md4_starts( md4_context *ctx )
void mbedtls_md4_starts( mbedtls_md4_context *ctx )
{
ctx->total[0] = 0;
ctx->total[1] = 0;
@ -108,8 +108,8 @@ void md4_starts( md4_context *ctx )
ctx->state[3] = 0x10325476;
}
#if !defined(POLARSSL_MD4_PROCESS_ALT)
void md4_process( md4_context *ctx, const unsigned char data[64] )
#if !defined(MBEDTLS_MD4_PROCESS_ALT)
void mbedtls_md4_process( mbedtls_md4_context *ctx, const unsigned char data[64] )
{
uint32_t X[16], A, B, C, D;
@ -211,12 +211,12 @@ void md4_process( md4_context *ctx, const unsigned char data[64] )
ctx->state[2] += C;
ctx->state[3] += D;
}
#endif /* !POLARSSL_MD4_PROCESS_ALT */
#endif /* !MBEDTLS_MD4_PROCESS_ALT */
/*
* MD4 process buffer
*/
void md4_update( md4_context *ctx, const unsigned char *input, size_t ilen )
void mbedtls_md4_update( mbedtls_md4_context *ctx, const unsigned char *input, size_t ilen )
{
size_t fill;
uint32_t left;
@ -237,7 +237,7 @@ void md4_update( md4_context *ctx, const unsigned char *input, size_t ilen )
{
memcpy( (void *) (ctx->buffer + left),
(void *) input, fill );
md4_process( ctx, ctx->buffer );
mbedtls_md4_process( ctx, ctx->buffer );
input += fill;
ilen -= fill;
left = 0;
@ -245,7 +245,7 @@ void md4_update( md4_context *ctx, const unsigned char *input, size_t ilen )
while( ilen >= 64 )
{
md4_process( ctx, input );
mbedtls_md4_process( ctx, input );
input += 64;
ilen -= 64;
}
@ -268,7 +268,7 @@ static const unsigned char md4_padding[64] =
/*
* MD4 final digest
*/
void md4_finish( md4_context *ctx, unsigned char output[16] )
void mbedtls_md4_finish( mbedtls_md4_context *ctx, unsigned char output[16] )
{
uint32_t last, padn;
uint32_t high, low;
@ -284,8 +284,8 @@ void md4_finish( md4_context *ctx, unsigned char output[16] )
last = ctx->total[0] & 0x3F;
padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
md4_update( ctx, (unsigned char *) md4_padding, padn );
md4_update( ctx, msglen, 8 );
mbedtls_md4_update( ctx, (unsigned char *) md4_padding, padn );
mbedtls_md4_update( ctx, msglen, 8 );
PUT_UINT32_LE( ctx->state[0], output, 0 );
PUT_UINT32_LE( ctx->state[1], output, 4 );
@ -293,57 +293,57 @@ void md4_finish( md4_context *ctx, unsigned char output[16] )
PUT_UINT32_LE( ctx->state[3], output, 12 );
}
#endif /* !POLARSSL_MD4_ALT */
#endif /* !MBEDTLS_MD4_ALT */
/*
* output = MD4( input buffer )
*/
void md4( const unsigned char *input, size_t ilen, unsigned char output[16] )
void mbedtls_md4( const unsigned char *input, size_t ilen, unsigned char output[16] )
{
md4_context ctx;
mbedtls_md4_context ctx;
md4_init( &ctx );
md4_starts( &ctx );
md4_update( &ctx, input, ilen );
md4_finish( &ctx, output );
md4_free( &ctx );
mbedtls_md4_init( &ctx );
mbedtls_md4_starts( &ctx );
mbedtls_md4_update( &ctx, input, ilen );
mbedtls_md4_finish( &ctx, output );
mbedtls_md4_free( &ctx );
}
#if defined(POLARSSL_FS_IO)
#if defined(MBEDTLS_FS_IO)
/*
* output = MD4( file contents )
*/
int md4_file( const char *path, unsigned char output[16] )
int mbedtls_md4_file( const char *path, unsigned char output[16] )
{
FILE *f;
size_t n;
md4_context ctx;
mbedtls_md4_context ctx;
unsigned char buf[1024];
if( ( f = fopen( path, "rb" ) ) == NULL )
return( POLARSSL_ERR_MD4_FILE_IO_ERROR );
return( MBEDTLS_ERR_MD4_FILE_IO_ERROR );
md4_init( &ctx );
md4_starts( &ctx );
mbedtls_md4_init( &ctx );
mbedtls_md4_starts( &ctx );
while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
md4_update( &ctx, buf, n );
mbedtls_md4_update( &ctx, buf, n );
md4_finish( &ctx, output );
md4_free( &ctx );
mbedtls_md4_finish( &ctx, output );
mbedtls_md4_free( &ctx );
if( ferror( f ) != 0 )
{
fclose( f );
return( POLARSSL_ERR_MD4_FILE_IO_ERROR );
return( MBEDTLS_ERR_MD4_FILE_IO_ERROR );
}
fclose( f );
return( 0 );
}
#endif /* POLARSSL_FS_IO */
#endif /* MBEDTLS_FS_IO */
#if defined(POLARSSL_SELF_TEST)
#if defined(MBEDTLS_SELF_TEST)
/*
* RFC 1320 test vectors
@ -381,7 +381,7 @@ static const unsigned char md4_test_sum[7][16] =
/*
* Checkup routine
*/
int md4_self_test( int verbose )
int mbedtls_md4_self_test( int verbose )
{
int i;
unsigned char md4sum[16];
@ -389,29 +389,29 @@ int md4_self_test( int verbose )
for( i = 0; i < 7; i++ )
{
if( verbose != 0 )
polarssl_printf( " MD4 test #%d: ", i + 1 );
mbedtls_printf( " MD4 test #%d: ", i + 1 );
md4( (unsigned char *) md4_test_str[i],
mbedtls_md4( (unsigned char *) md4_test_str[i],
strlen( md4_test_str[i] ), md4sum );
if( memcmp( md4sum, md4_test_sum[i], 16 ) != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
mbedtls_printf( "failed\n" );
return( 1 );
}
if( verbose != 0 )
polarssl_printf( "passed\n" );
mbedtls_printf( "passed\n" );
}
if( verbose != 0 )
polarssl_printf( "\n" );
mbedtls_printf( "\n" );
return( 0 );
}
#endif /* POLARSSL_SELF_TEST */
#endif /* MBEDTLS_SELF_TEST */
#endif /* POLARSSL_MD4_C */
#endif /* MBEDTLS_MD4_C */

106
library/md5.c
View File

@ -25,37 +25,37 @@
* http://www.ietf.org/rfc/rfc1321.txt
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_MD5_C)
#if defined(MBEDTLS_MD5_C)
#include "mbedtls/md5.h"
#include <string.h>
#if defined(POLARSSL_FS_IO)
#if defined(MBEDTLS_FS_IO)
#include <stdio.h>
#endif
#if defined(POLARSSL_SELF_TEST)
#if defined(POLARSSL_PLATFORM_C)
#if defined(MBEDTLS_SELF_TEST)
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#include <stdio.h>
#define polarssl_printf printf
#endif /* POLARSSL_PLATFORM_C */
#endif /* POLARSSL_SELF_TEST */
#define mbedtls_printf printf
#endif /* MBEDTLS_PLATFORM_C */
#endif /* MBEDTLS_SELF_TEST */
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
#if !defined(POLARSSL_MD5_ALT)
#if !defined(MBEDTLS_MD5_ALT)
/*
* 32-bit integer manipulation macros (little endian)
@ -80,23 +80,23 @@ static void polarssl_zeroize( void *v, size_t n ) {
}
#endif
void md5_init( md5_context *ctx )
void mbedtls_md5_init( mbedtls_md5_context *ctx )
{
memset( ctx, 0, sizeof( md5_context ) );
memset( ctx, 0, sizeof( mbedtls_md5_context ) );
}
void md5_free( md5_context *ctx )
void mbedtls_md5_free( mbedtls_md5_context *ctx )
{
if( ctx == NULL )
return;
polarssl_zeroize( ctx, sizeof( md5_context ) );
mbedtls_zeroize( ctx, sizeof( mbedtls_md5_context ) );
}
/*
* MD5 context setup
*/
void md5_starts( md5_context *ctx )
void mbedtls_md5_starts( mbedtls_md5_context *ctx )
{
ctx->total[0] = 0;
ctx->total[1] = 0;
@ -107,8 +107,8 @@ void md5_starts( md5_context *ctx )
ctx->state[3] = 0x10325476;
}
#if !defined(POLARSSL_MD5_PROCESS_ALT)
void md5_process( md5_context *ctx, const unsigned char data[64] )
#if !defined(MBEDTLS_MD5_PROCESS_ALT)
void mbedtls_md5_process( mbedtls_md5_context *ctx, const unsigned char data[64] )
{
uint32_t X[16], A, B, C, D;
@ -230,12 +230,12 @@ void md5_process( md5_context *ctx, const unsigned char data[64] )
ctx->state[2] += C;
ctx->state[3] += D;
}
#endif /* !POLARSSL_MD5_PROCESS_ALT */
#endif /* !MBEDTLS_MD5_PROCESS_ALT */
/*
* MD5 process buffer
*/
void md5_update( md5_context *ctx, const unsigned char *input, size_t ilen )
void mbedtls_md5_update( mbedtls_md5_context *ctx, const unsigned char *input, size_t ilen )
{
size_t fill;
uint32_t left;
@ -255,7 +255,7 @@ void md5_update( md5_context *ctx, const unsigned char *input, size_t ilen )
if( left && ilen >= fill )
{
memcpy( (void *) (ctx->buffer + left), input, fill );
md5_process( ctx, ctx->buffer );
mbedtls_md5_process( ctx, ctx->buffer );
input += fill;
ilen -= fill;
left = 0;
@ -263,7 +263,7 @@ void md5_update( md5_context *ctx, const unsigned char *input, size_t ilen )
while( ilen >= 64 )
{
md5_process( ctx, input );
mbedtls_md5_process( ctx, input );
input += 64;
ilen -= 64;
}
@ -285,7 +285,7 @@ static const unsigned char md5_padding[64] =
/*
* MD5 final digest
*/
void md5_finish( md5_context *ctx, unsigned char output[16] )
void mbedtls_md5_finish( mbedtls_md5_context *ctx, unsigned char output[16] )
{
uint32_t last, padn;
uint32_t high, low;
@ -301,8 +301,8 @@ void md5_finish( md5_context *ctx, unsigned char output[16] )
last = ctx->total[0] & 0x3F;
padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
md5_update( ctx, md5_padding, padn );
md5_update( ctx, msglen, 8 );
mbedtls_md5_update( ctx, md5_padding, padn );
mbedtls_md5_update( ctx, msglen, 8 );
PUT_UINT32_LE( ctx->state[0], output, 0 );
PUT_UINT32_LE( ctx->state[1], output, 4 );
@ -310,57 +310,57 @@ void md5_finish( md5_context *ctx, unsigned char output[16] )
PUT_UINT32_LE( ctx->state[3], output, 12 );
}
#endif /* !POLARSSL_MD5_ALT */
#endif /* !MBEDTLS_MD5_ALT */
/*
* output = MD5( input buffer )
*/
void md5( const unsigned char *input, size_t ilen, unsigned char output[16] )
void mbedtls_md5( const unsigned char *input, size_t ilen, unsigned char output[16] )
{
md5_context ctx;
mbedtls_md5_context ctx;
md5_init( &ctx );
md5_starts( &ctx );
md5_update( &ctx, input, ilen );
md5_finish( &ctx, output );
md5_free( &ctx );
mbedtls_md5_init( &ctx );
mbedtls_md5_starts( &ctx );
mbedtls_md5_update( &ctx, input, ilen );
mbedtls_md5_finish( &ctx, output );
mbedtls_md5_free( &ctx );
}
#if defined(POLARSSL_FS_IO)
#if defined(MBEDTLS_FS_IO)
/*
* output = MD5( file contents )
*/
int md5_file( const char *path, unsigned char output[16] )
int mbedtls_md5_file( const char *path, unsigned char output[16] )
{
FILE *f;
size_t n;
md5_context ctx;
mbedtls_md5_context ctx;
unsigned char buf[1024];
if( ( f = fopen( path, "rb" ) ) == NULL )
return( POLARSSL_ERR_MD5_FILE_IO_ERROR );
return( MBEDTLS_ERR_MD5_FILE_IO_ERROR );
md5_init( &ctx );
md5_starts( &ctx );
mbedtls_md5_init( &ctx );
mbedtls_md5_starts( &ctx );
while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
md5_update( &ctx, buf, n );
mbedtls_md5_update( &ctx, buf, n );
md5_finish( &ctx, output );
md5_free( &ctx );
mbedtls_md5_finish( &ctx, output );
mbedtls_md5_free( &ctx );
if( ferror( f ) != 0 )
{
fclose( f );
return( POLARSSL_ERR_MD5_FILE_IO_ERROR );
return( MBEDTLS_ERR_MD5_FILE_IO_ERROR );
}
fclose( f );
return( 0 );
}
#endif /* POLARSSL_FS_IO */
#endif /* MBEDTLS_FS_IO */
#if defined(POLARSSL_SELF_TEST)
#if defined(MBEDTLS_SELF_TEST)
/*
* RFC 1321 test vectors
*/
@ -402,7 +402,7 @@ static const unsigned char md5_test_sum[7][16] =
/*
* Checkup routine
*/
int md5_self_test( int verbose )
int mbedtls_md5_self_test( int verbose )
{
int i;
unsigned char md5sum[16];
@ -410,28 +410,28 @@ int md5_self_test( int verbose )
for( i = 0; i < 7; i++ )
{
if( verbose != 0 )
polarssl_printf( " MD5 test #%d: ", i + 1 );
mbedtls_printf( " MD5 test #%d: ", i + 1 );
md5( md5_test_buf[i], md5_test_buflen[i], md5sum );
mbedtls_md5( md5_test_buf[i], md5_test_buflen[i], md5sum );
if( memcmp( md5sum, md5_test_sum[i], 16 ) != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
mbedtls_printf( "failed\n" );
return( 1 );
}
if( verbose != 0 )
polarssl_printf( "passed\n" );
mbedtls_printf( "passed\n" );
}
if( verbose != 0 )
polarssl_printf( "\n" );
mbedtls_printf( "\n" );
return( 0 );
}
#endif /* POLARSSL_SELF_TEST */
#endif /* MBEDTLS_SELF_TEST */
#endif /* POLARSSL_MD5_C */
#endif /* MBEDTLS_MD5_C */

308
library/md_wrap.c
View File

@ -24,441 +24,441 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_MD_C)
#if defined(MBEDTLS_MD_C)
#include "mbedtls/md_wrap.h"
#if defined(POLARSSL_MD2_C)
#if defined(MBEDTLS_MD2_C)
#include "mbedtls/md2.h"
#endif
#if defined(POLARSSL_MD4_C)
#if defined(MBEDTLS_MD4_C)
#include "mbedtls/md4.h"
#endif
#if defined(POLARSSL_MD5_C)
#if defined(MBEDTLS_MD5_C)
#include "mbedtls/md5.h"
#endif
#if defined(POLARSSL_RIPEMD160_C)
#if defined(MBEDTLS_RIPEMD160_C)
#include "mbedtls/ripemd160.h"
#endif
#if defined(POLARSSL_SHA1_C)
#if defined(MBEDTLS_SHA1_C)
#include "mbedtls/sha1.h"
#endif
#if defined(POLARSSL_SHA256_C)
#if defined(MBEDTLS_SHA256_C)
#include "mbedtls/sha256.h"
#endif
#if defined(POLARSSL_SHA512_C)
#if defined(MBEDTLS_SHA512_C)
#include "mbedtls/sha512.h"
#endif
#if defined(POLARSSL_PLATFORM_C)
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#include <stdlib.h>
#define polarssl_malloc malloc
#define polarssl_free free
#define mbedtls_malloc malloc
#define mbedtls_free free
#endif
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
#if defined(POLARSSL_MD2_C)
#if defined(MBEDTLS_MD2_C)
static void md2_starts_wrap( void *ctx )
{
md2_starts( (md2_context *) ctx );
mbedtls_md2_starts( (mbedtls_md2_context *) ctx );
}
static void md2_update_wrap( void *ctx, const unsigned char *input,
size_t ilen )
{
md2_update( (md2_context *) ctx, input, ilen );
mbedtls_md2_update( (mbedtls_md2_context *) ctx, input, ilen );
}
static void md2_finish_wrap( void *ctx, unsigned char *output )
{
md2_finish( (md2_context *) ctx, output );
mbedtls_md2_finish( (mbedtls_md2_context *) ctx, output );
}
static int md2_file_wrap( const char *path, unsigned char *output )
{
#if defined(POLARSSL_FS_IO)
return md2_file( path, output );
#if defined(MBEDTLS_FS_IO)
return mbedtls_md2_file( path, output );
#else
((void) path);
((void) output);
return( POLARSSL_ERR_MD_FEATURE_UNAVAILABLE );
return( MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE );
#endif
}
static void * md2_ctx_alloc( void )
{
return polarssl_malloc( sizeof( md2_context ) );
return mbedtls_malloc( sizeof( mbedtls_md2_context ) );
}
static void md2_ctx_free( void *ctx )
{
polarssl_zeroize( ctx, sizeof( md2_context ) );
polarssl_free( ctx );
mbedtls_zeroize( ctx, sizeof( mbedtls_md2_context ) );
mbedtls_free( ctx );
}
static void md2_process_wrap( void *ctx, const unsigned char *data )
{
((void) data);
md2_process( (md2_context *) ctx );
mbedtls_md2_process( (mbedtls_md2_context *) ctx );
}
const md_info_t md2_info = {
POLARSSL_MD_MD2,
const mbedtls_md_info_t mbedtls_md2_info = {
MBEDTLS_MD_MD2,
"MD2",
16,
16,
md2_starts_wrap,
md2_update_wrap,
md2_finish_wrap,
md2,
mbedtls_md2,
md2_file_wrap,
md2_ctx_alloc,
md2_ctx_free,
md2_process_wrap,
};
#endif /* POLARSSL_MD2_C */
#endif /* MBEDTLS_MD2_C */
#if defined(POLARSSL_MD4_C)
#if defined(MBEDTLS_MD4_C)
static void md4_starts_wrap( void *ctx )
{
md4_starts( (md4_context *) ctx );
mbedtls_md4_starts( (mbedtls_md4_context *) ctx );
}
static void md4_update_wrap( void *ctx, const unsigned char *input,
size_t ilen )
{
md4_update( (md4_context *) ctx, input, ilen );
mbedtls_md4_update( (mbedtls_md4_context *) ctx, input, ilen );
}
static void md4_finish_wrap( void *ctx, unsigned char *output )
{
md4_finish( (md4_context *) ctx, output );
mbedtls_md4_finish( (mbedtls_md4_context *) ctx, output );
}
static int md4_file_wrap( const char *path, unsigned char *output )
{
#if defined(POLARSSL_FS_IO)
return md4_file( path, output );
#if defined(MBEDTLS_FS_IO)
return mbedtls_md4_file( path, output );
#else
((void) path);
((void) output);
return( POLARSSL_ERR_MD_FEATURE_UNAVAILABLE );
return( MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE );
#endif
}
static void *md4_ctx_alloc( void )
{
return polarssl_malloc( sizeof( md4_context ) );
return mbedtls_malloc( sizeof( mbedtls_md4_context ) );
}
static void md4_ctx_free( void *ctx )
{
polarssl_zeroize( ctx, sizeof( md4_context ) );
polarssl_free( ctx );
mbedtls_zeroize( ctx, sizeof( mbedtls_md4_context ) );
mbedtls_free( ctx );
}
static void md4_process_wrap( void *ctx, const unsigned char *data )
{
md4_process( (md4_context *) ctx, data );
mbedtls_md4_process( (mbedtls_md4_context *) ctx, data );
}
const md_info_t md4_info = {
POLARSSL_MD_MD4,
const mbedtls_md_info_t mbedtls_md4_info = {
MBEDTLS_MD_MD4,
"MD4",
16,
64,
md4_starts_wrap,
md4_update_wrap,
md4_finish_wrap,
md4,
mbedtls_md4,
md4_file_wrap,
md4_ctx_alloc,
md4_ctx_free,
md4_process_wrap,
};
#endif /* POLARSSL_MD4_C */
#endif /* MBEDTLS_MD4_C */
#if defined(POLARSSL_MD5_C)
#if defined(MBEDTLS_MD5_C)
static void md5_starts_wrap( void *ctx )
{
md5_starts( (md5_context *) ctx );
mbedtls_md5_starts( (mbedtls_md5_context *) ctx );
}
static void md5_update_wrap( void *ctx, const unsigned char *input,
size_t ilen )
{
md5_update( (md5_context *) ctx, input, ilen );
mbedtls_md5_update( (mbedtls_md5_context *) ctx, input, ilen );
}
static void md5_finish_wrap( void *ctx, unsigned char *output )
{
md5_finish( (md5_context *) ctx, output );
mbedtls_md5_finish( (mbedtls_md5_context *) ctx, output );
}
static int md5_file_wrap( const char *path, unsigned char *output )
{
#if defined(POLARSSL_FS_IO)
return md5_file( path, output );
#if defined(MBEDTLS_FS_IO)
return mbedtls_md5_file( path, output );
#else
((void) path);
((void) output);
return( POLARSSL_ERR_MD_FEATURE_UNAVAILABLE );
return( MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE );
#endif
}
static void * md5_ctx_alloc( void )
{
return polarssl_malloc( sizeof( md5_context ) );
return mbedtls_malloc( sizeof( mbedtls_md5_context ) );
}
static void md5_ctx_free( void *ctx )
{
polarssl_zeroize( ctx, sizeof( md5_context ) );
polarssl_free( ctx );
mbedtls_zeroize( ctx, sizeof( mbedtls_md5_context ) );
mbedtls_free( ctx );
}
static void md5_process_wrap( void *ctx, const unsigned char *data )
{
md5_process( (md5_context *) ctx, data );
mbedtls_md5_process( (mbedtls_md5_context *) ctx, data );
}
const md_info_t md5_info = {
POLARSSL_MD_MD5,
const mbedtls_md_info_t mbedtls_md5_info = {
MBEDTLS_MD_MD5,
"MD5",
16,
64,
md5_starts_wrap,
md5_update_wrap,
md5_finish_wrap,
md5,
mbedtls_md5,
md5_file_wrap,
md5_ctx_alloc,
md5_ctx_free,
md5_process_wrap,
};
#endif /* POLARSSL_MD5_C */
#endif /* MBEDTLS_MD5_C */
#if defined(POLARSSL_RIPEMD160_C)
#if defined(MBEDTLS_RIPEMD160_C)
static void ripemd160_starts_wrap( void *ctx )
{
ripemd160_starts( (ripemd160_context *) ctx );
mbedtls_ripemd160_starts( (mbedtls_ripemd160_context *) ctx );
}
static void ripemd160_update_wrap( void *ctx, const unsigned char *input,
size_t ilen )
{
ripemd160_update( (ripemd160_context *) ctx, input, ilen );
mbedtls_ripemd160_update( (mbedtls_ripemd160_context *) ctx, input, ilen );
}
static void ripemd160_finish_wrap( void *ctx, unsigned char *output )
{
ripemd160_finish( (ripemd160_context *) ctx, output );
mbedtls_ripemd160_finish( (mbedtls_ripemd160_context *) ctx, output );
}
static int ripemd160_file_wrap( const char *path, unsigned char *output )
{
#if defined(POLARSSL_FS_IO)
return ripemd160_file( path, output );
#if defined(MBEDTLS_FS_IO)
return mbedtls_ripemd160_file( path, output );
#else
((void) path);
((void) output);
return( POLARSSL_ERR_MD_FEATURE_UNAVAILABLE );
return( MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE );
#endif
}
static void * ripemd160_ctx_alloc( void )
{
ripemd160_context *ctx;
ctx = polarssl_malloc( sizeof( ripemd160_context ) );
mbedtls_ripemd160_context *ctx;
ctx = mbedtls_malloc( sizeof( mbedtls_ripemd160_context ) );
if( ctx == NULL )
return( NULL );
ripemd160_init( ctx );
mbedtls_ripemd160_init( ctx );
return( ctx );
}
static void ripemd160_ctx_free( void *ctx )
{
ripemd160_free( (ripemd160_context *) ctx );
polarssl_free( ctx );
mbedtls_ripemd160_free( (mbedtls_ripemd160_context *) ctx );
mbedtls_free( ctx );
}
static void ripemd160_process_wrap( void *ctx, const unsigned char *data )
{
ripemd160_process( (ripemd160_context *) ctx, data );
mbedtls_ripemd160_process( (mbedtls_ripemd160_context *) ctx, data );
}
const md_info_t ripemd160_info = {
POLARSSL_MD_RIPEMD160,
const mbedtls_md_info_t mbedtls_ripemd160_info = {
MBEDTLS_MD_RIPEMD160,
"RIPEMD160",
20,
64,
ripemd160_starts_wrap,
ripemd160_update_wrap,
ripemd160_finish_wrap,
ripemd160,
mbedtls_ripemd160,
ripemd160_file_wrap,
ripemd160_ctx_alloc,
ripemd160_ctx_free,
ripemd160_process_wrap,
};
#endif /* POLARSSL_RIPEMD160_C */
#endif /* MBEDTLS_RIPEMD160_C */
#if defined(POLARSSL_SHA1_C)
#if defined(MBEDTLS_SHA1_C)
static void sha1_starts_wrap( void *ctx )
{
sha1_starts( (sha1_context *) ctx );
mbedtls_sha1_starts( (mbedtls_sha1_context *) ctx );
}
static void sha1_update_wrap( void *ctx, const unsigned char *input,
size_t ilen )
{
sha1_update( (sha1_context *) ctx, input, ilen );
mbedtls_sha1_update( (mbedtls_sha1_context *) ctx, input, ilen );
}
static void sha1_finish_wrap( void *ctx, unsigned char *output )
{
sha1_finish( (sha1_context *) ctx, output );
mbedtls_sha1_finish( (mbedtls_sha1_context *) ctx, output );
}
static int sha1_file_wrap( const char *path, unsigned char *output )
{
#if defined(POLARSSL_FS_IO)
return sha1_file( path, output );
#if defined(MBEDTLS_FS_IO)
return mbedtls_sha1_file( path, output );
#else
((void) path);
((void) output);
return( POLARSSL_ERR_MD_FEATURE_UNAVAILABLE );
return( MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE );
#endif
}
static void * sha1_ctx_alloc( void )
{
sha1_context *ctx;
ctx = polarssl_malloc( sizeof( sha1_context ) );
mbedtls_sha1_context *ctx;
ctx = mbedtls_malloc( sizeof( mbedtls_sha1_context ) );
if( ctx == NULL )
return( NULL );
sha1_init( ctx );
mbedtls_sha1_init( ctx );
return( ctx );
}
static void sha1_ctx_free( void *ctx )
{
sha1_free( (sha1_context *) ctx );
polarssl_free( ctx );
mbedtls_sha1_free( (mbedtls_sha1_context *) ctx );
mbedtls_free( ctx );
}
static void sha1_process_wrap( void *ctx, const unsigned char *data )
{
sha1_process( (sha1_context *) ctx, data );
mbedtls_sha1_process( (mbedtls_sha1_context *) ctx, data );
}
const md_info_t sha1_info = {
POLARSSL_MD_SHA1,
const mbedtls_md_info_t mbedtls_sha1_info = {
MBEDTLS_MD_SHA1,
"SHA1",
20,
64,
sha1_starts_wrap,
sha1_update_wrap,
sha1_finish_wrap,
sha1,
mbedtls_sha1,
sha1_file_wrap,
sha1_ctx_alloc,
sha1_ctx_free,
sha1_process_wrap,
};
#endif /* POLARSSL_SHA1_C */
#endif /* MBEDTLS_SHA1_C */
/*
* Wrappers for generic message digests
*/
#if defined(POLARSSL_SHA256_C)
#if defined(MBEDTLS_SHA256_C)
static void sha224_starts_wrap( void *ctx )
{
sha256_starts( (sha256_context *) ctx, 1 );
mbedtls_sha256_starts( (mbedtls_sha256_context *) ctx, 1 );
}
static void sha224_update_wrap( void *ctx, const unsigned char *input,
size_t ilen )
{
sha256_update( (sha256_context *) ctx, input, ilen );
mbedtls_sha256_update( (mbedtls_sha256_context *) ctx, input, ilen );
}
static void sha224_finish_wrap( void *ctx, unsigned char *output )
{
sha256_finish( (sha256_context *) ctx, output );
mbedtls_sha256_finish( (mbedtls_sha256_context *) ctx, output );
}
static void sha224_wrap( const unsigned char *input, size_t ilen,
unsigned char *output )
{
sha256( input, ilen, output, 1 );
mbedtls_sha256( input, ilen, output, 1 );
}
static int sha224_file_wrap( const char *path, unsigned char *output )
{
#if defined(POLARSSL_FS_IO)
return sha256_file( path, output, 1 );
#if defined(MBEDTLS_FS_IO)
return mbedtls_sha256_file( path, output, 1 );
#else
((void) path);
((void) output);
return( POLARSSL_ERR_MD_FEATURE_UNAVAILABLE );
return( MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE );
#endif
}
static void * sha224_ctx_alloc( void )
{
return polarssl_malloc( sizeof( sha256_context ) );
return mbedtls_malloc( sizeof( mbedtls_sha256_context ) );
}
static void sha224_ctx_free( void *ctx )
{
polarssl_zeroize( ctx, sizeof( sha256_context ) );
polarssl_free( ctx );
mbedtls_zeroize( ctx, sizeof( mbedtls_sha256_context ) );
mbedtls_free( ctx );
}
static void sha224_process_wrap( void *ctx, const unsigned char *data )
{
sha256_process( (sha256_context *) ctx, data );
mbedtls_sha256_process( (mbedtls_sha256_context *) ctx, data );
}
const md_info_t sha224_info = {
POLARSSL_MD_SHA224,
const mbedtls_md_info_t mbedtls_sha224_info = {
MBEDTLS_MD_SHA224,
"SHA224",
28,
64,
@ -474,63 +474,63 @@ const md_info_t sha224_info = {
static void sha256_starts_wrap( void *ctx )
{
sha256_starts( (sha256_context *) ctx, 0 );
mbedtls_sha256_starts( (mbedtls_sha256_context *) ctx, 0 );
}
static void sha256_update_wrap( void *ctx, const unsigned char *input,
size_t ilen )
{
sha256_update( (sha256_context *) ctx, input, ilen );
mbedtls_sha256_update( (mbedtls_sha256_context *) ctx, input, ilen );
}
static void sha256_finish_wrap( void *ctx, unsigned char *output )
{
sha256_finish( (sha256_context *) ctx, output );
mbedtls_sha256_finish( (mbedtls_sha256_context *) ctx, output );
}
static void sha256_wrap( const unsigned char *input, size_t ilen,
unsigned char *output )
{
sha256( input, ilen, output, 0 );
mbedtls_sha256( input, ilen, output, 0 );
}
static int sha256_file_wrap( const char *path, unsigned char *output )
{
#if defined(POLARSSL_FS_IO)
return sha256_file( path, output, 0 );
#if defined(MBEDTLS_FS_IO)
return mbedtls_sha256_file( path, output, 0 );
#else
((void) path);
((void) output);
return( POLARSSL_ERR_MD_FEATURE_UNAVAILABLE );
return( MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE );
#endif
}
static void * sha256_ctx_alloc( void )
{
sha256_context *ctx;
ctx = polarssl_malloc( sizeof( sha256_context ) );
mbedtls_sha256_context *ctx;
ctx = mbedtls_malloc( sizeof( mbedtls_sha256_context ) );
if( ctx == NULL )
return( NULL );
sha256_init( ctx );
mbedtls_sha256_init( ctx );
return( ctx );
}
static void sha256_ctx_free( void *ctx )
{
sha256_free( (sha256_context *) ctx );
polarssl_free( ctx );
mbedtls_sha256_free( (mbedtls_sha256_context *) ctx );
mbedtls_free( ctx );
}
static void sha256_process_wrap( void *ctx, const unsigned char *data )
{
sha256_process( (sha256_context *) ctx, data );
mbedtls_sha256_process( (mbedtls_sha256_context *) ctx, data );
}
const md_info_t sha256_info = {
POLARSSL_MD_SHA256,
const mbedtls_md_info_t mbedtls_sha256_info = {
MBEDTLS_MD_SHA256,
"SHA256",
32,
64,
@ -544,61 +544,61 @@ const md_info_t sha256_info = {
sha256_process_wrap,
};
#endif /* POLARSSL_SHA256_C */
#endif /* MBEDTLS_SHA256_C */
#if defined(POLARSSL_SHA512_C)
#if defined(MBEDTLS_SHA512_C)
static void sha384_starts_wrap( void *ctx )
{
sha512_starts( (sha512_context *) ctx, 1 );
mbedtls_sha512_starts( (mbedtls_sha512_context *) ctx, 1 );
}
static void sha384_update_wrap( void *ctx, const unsigned char *input,
size_t ilen )
{
sha512_update( (sha512_context *) ctx, input, ilen );
mbedtls_sha512_update( (mbedtls_sha512_context *) ctx, input, ilen );
}
static void sha384_finish_wrap( void *ctx, unsigned char *output )
{
sha512_finish( (sha512_context *) ctx, output );
mbedtls_sha512_finish( (mbedtls_sha512_context *) ctx, output );
}
static void sha384_wrap( const unsigned char *input, size_t ilen,
unsigned char *output )
{
sha512( input, ilen, output, 1 );
mbedtls_sha512( input, ilen, output, 1 );
}
static int sha384_file_wrap( const char *path, unsigned char *output )
{
#if defined(POLARSSL_FS_IO)
return sha512_file( path, output, 1 );
#if defined(MBEDTLS_FS_IO)
return mbedtls_sha512_file( path, output, 1 );
#else
((void) path);
((void) output);
return( POLARSSL_ERR_MD_FEATURE_UNAVAILABLE );
return( MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE );
#endif
}
static void * sha384_ctx_alloc( void )
{
return polarssl_malloc( sizeof( sha512_context ) );
return mbedtls_malloc( sizeof( mbedtls_sha512_context ) );
}
static void sha384_ctx_free( void *ctx )
{
polarssl_zeroize( ctx, sizeof( sha512_context ) );
polarssl_free( ctx );
mbedtls_zeroize( ctx, sizeof( mbedtls_sha512_context ) );
mbedtls_free( ctx );
}
static void sha384_process_wrap( void *ctx, const unsigned char *data )
{
sha512_process( (sha512_context *) ctx, data );
mbedtls_sha512_process( (mbedtls_sha512_context *) ctx, data );
}
const md_info_t sha384_info = {
POLARSSL_MD_SHA384,
const mbedtls_md_info_t mbedtls_sha384_info = {
MBEDTLS_MD_SHA384,
"SHA384",
48,
128,
@ -614,63 +614,63 @@ const md_info_t sha384_info = {
static void sha512_starts_wrap( void *ctx )
{
sha512_starts( (sha512_context *) ctx, 0 );
mbedtls_sha512_starts( (mbedtls_sha512_context *) ctx, 0 );
}
static void sha512_update_wrap( void *ctx, const unsigned char *input,
size_t ilen )
{
sha512_update( (sha512_context *) ctx, input, ilen );
mbedtls_sha512_update( (mbedtls_sha512_context *) ctx, input, ilen );
}
static void sha512_finish_wrap( void *ctx, unsigned char *output )
{
sha512_finish( (sha512_context *) ctx, output );
mbedtls_sha512_finish( (mbedtls_sha512_context *) ctx, output );
}
static void sha512_wrap( const unsigned char *input, size_t ilen,
unsigned char *output )
{
sha512( input, ilen, output, 0 );
mbedtls_sha512( input, ilen, output, 0 );
}
static int sha512_file_wrap( const char *path, unsigned char *output )
{
#if defined(POLARSSL_FS_IO)
return sha512_file( path, output, 0 );
#if defined(MBEDTLS_FS_IO)
return mbedtls_sha512_file( path, output, 0 );
#else
((void) path);
((void) output);
return( POLARSSL_ERR_MD_FEATURE_UNAVAILABLE );
return( MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE );
#endif
}
static void * sha512_ctx_alloc( void )
{
sha512_context *ctx;
ctx = polarssl_malloc( sizeof( sha512_context ) );
mbedtls_sha512_context *ctx;
ctx = mbedtls_malloc( sizeof( mbedtls_sha512_context ) );
if( ctx == NULL )
return( NULL );
sha512_init( ctx );
mbedtls_sha512_init( ctx );
return( ctx );
}
static void sha512_ctx_free( void *ctx )
{
sha512_free( (sha512_context *) ctx );
polarssl_free( ctx );
mbedtls_sha512_free( (mbedtls_sha512_context *) ctx );
mbedtls_free( ctx );
}
static void sha512_process_wrap( void *ctx, const unsigned char *data )
{
sha512_process( (sha512_context *) ctx, data );
mbedtls_sha512_process( (mbedtls_sha512_context *) ctx, data );
}
const md_info_t sha512_info = {
POLARSSL_MD_SHA512,
const mbedtls_md_info_t mbedtls_sha512_info = {
MBEDTLS_MD_SHA512,
"SHA512",
64,
128,
@ -684,6 +684,6 @@ const md_info_t sha512_info = {
sha512_process_wrap,
};
#endif /* POLARSSL_SHA512_C */
#endif /* MBEDTLS_SHA512_C */
#endif /* POLARSSL_MD_C */
#endif /* MBEDTLS_MD_C */

292
library/memory_buffer_alloc.c
View File

@ -20,31 +20,31 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
#if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
#include "mbedtls/memory_buffer_alloc.h"
/* No need for the header guard as POLARSSL_MEMORY_BUFFER_ALLOC_C
is dependent upon POLARSSL_PLATFORM_C */
/* No need for the header guard as MBEDTLS_MEMORY_BUFFER_ALLOC_C
is dependent upon MBEDTLS_PLATFORM_C */
#include "mbedtls/platform.h"
#include <string.h>
#if defined(POLARSSL_MEMORY_BACKTRACE)
#if defined(MBEDTLS_MEMORY_BACKTRACE)
#include <execinfo.h>
#endif
#if defined(POLARSSL_THREADING_C)
#if defined(MBEDTLS_THREADING_C)
#include "mbedtls/threading.h"
#endif
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
@ -62,7 +62,7 @@ struct _memory_header
memory_header *next;
memory_header *prev_free;
memory_header *next_free;
#if defined(POLARSSL_MEMORY_BACKTRACE)
#if defined(MBEDTLS_MEMORY_BACKTRACE)
char **trace;
size_t trace_count;
#endif
@ -76,7 +76,7 @@ typedef struct
memory_header *first;
memory_header *first_free;
int verify;
#if defined(POLARSSL_MEMORY_DEBUG)
#if defined(MBEDTLS_MEMORY_DEBUG)
size_t malloc_count;
size_t free_count;
size_t total_used;
@ -84,33 +84,33 @@ typedef struct
size_t header_count;
size_t maximum_header_count;
#endif
#if defined(POLARSSL_THREADING_C)
threading_mutex_t mutex;
#if defined(MBEDTLS_THREADING_C)
mbedtls_threading_mutex_t mutex;
#endif
}
buffer_alloc_ctx;
static buffer_alloc_ctx heap;
#if defined(POLARSSL_MEMORY_DEBUG)
#if defined(MBEDTLS_MEMORY_DEBUG)
static void debug_header( memory_header *hdr )
{
#if defined(POLARSSL_MEMORY_BACKTRACE)
#if defined(MBEDTLS_MEMORY_BACKTRACE)
size_t i;
#endif
polarssl_fprintf( stderr, "HDR: PTR(%10zu), PREV(%10zu), NEXT(%10zu), "
mbedtls_fprintf( stderr, "HDR: PTR(%10zu), PREV(%10zu), NEXT(%10zu), "
"ALLOC(%zu), SIZE(%10zu)\n",
(size_t) hdr, (size_t) hdr->prev, (size_t) hdr->next,
hdr->alloc, hdr->size );
polarssl_fprintf( stderr, " FPREV(%10zu), FNEXT(%10zu)\n",
mbedtls_fprintf( stderr, " FPREV(%10zu), FNEXT(%10zu)\n",
(size_t) hdr->prev_free, (size_t) hdr->next_free );
#if defined(POLARSSL_MEMORY_BACKTRACE)
polarssl_fprintf( stderr, "TRACE: \n" );
#if defined(MBEDTLS_MEMORY_BACKTRACE)
mbedtls_fprintf( stderr, "TRACE: \n" );
for( i = 0; i < hdr->trace_count; i++ )
polarssl_fprintf( stderr, "%s\n", hdr->trace[i] );
polarssl_fprintf( stderr, "\n" );
mbedtls_fprintf( stderr, "%s\n", hdr->trace[i] );
mbedtls_fprintf( stderr, "\n" );
#endif
}
@ -118,14 +118,14 @@ static void debug_chain()
{
memory_header *cur = heap.first;
polarssl_fprintf( stderr, "\nBlock list\n" );
mbedtls_fprintf( stderr, "\nBlock list\n" );
while( cur != NULL )
{
debug_header( cur );
cur = cur->next;
}
polarssl_fprintf( stderr, "Free list\n" );
mbedtls_fprintf( stderr, "Free list\n" );
cur = heap.first_free;
while( cur != NULL )
@ -134,46 +134,46 @@ static void debug_chain()
cur = cur->next_free;
}
}
#endif /* POLARSSL_MEMORY_DEBUG */
#endif /* MBEDTLS_MEMORY_DEBUG */
static int verify_header( memory_header *hdr )
{
if( hdr->magic1 != MAGIC1 )
{
#if defined(POLARSSL_MEMORY_DEBUG)
polarssl_fprintf( stderr, "FATAL: MAGIC1 mismatch\n" );
#if defined(MBEDTLS_MEMORY_DEBUG)
mbedtls_fprintf( stderr, "FATAL: MAGIC1 mismatch\n" );
#endif
return( 1 );
}
if( hdr->magic2 != MAGIC2 )
{
#if defined(POLARSSL_MEMORY_DEBUG)
polarssl_fprintf( stderr, "FATAL: MAGIC2 mismatch\n" );
#if defined(MBEDTLS_MEMORY_DEBUG)
mbedtls_fprintf( stderr, "FATAL: MAGIC2 mismatch\n" );
#endif
return( 1 );
}
if( hdr->alloc > 1 )
{
#if defined(POLARSSL_MEMORY_DEBUG)
polarssl_fprintf( stderr, "FATAL: alloc has illegal value\n" );
#if defined(MBEDTLS_MEMORY_DEBUG)
mbedtls_fprintf( stderr, "FATAL: alloc has illegal value\n" );
#endif
return( 1 );
}
if( hdr->prev != NULL && hdr->prev == hdr->next )
{
#if defined(POLARSSL_MEMORY_DEBUG)
polarssl_fprintf( stderr, "FATAL: prev == next\n" );
#if defined(MBEDTLS_MEMORY_DEBUG)
mbedtls_fprintf( stderr, "FATAL: prev == next\n" );
#endif
return( 1 );
}
if( hdr->prev_free != NULL && hdr->prev_free == hdr->next_free )
{
#if defined(POLARSSL_MEMORY_DEBUG)
polarssl_fprintf( stderr, "FATAL: prev_free == next_free\n" );
#if defined(MBEDTLS_MEMORY_DEBUG)
mbedtls_fprintf( stderr, "FATAL: prev_free == next_free\n" );
#endif
return( 1 );
}
@ -187,8 +187,8 @@ static int verify_chain()
if( verify_header( heap.first ) != 0 )
{
#if defined(POLARSSL_MEMORY_DEBUG)
polarssl_fprintf( stderr, "FATAL: verification of first header "
#if defined(MBEDTLS_MEMORY_DEBUG)
mbedtls_fprintf( stderr, "FATAL: verification of first header "
"failed\n" );
#endif
return( 1 );
@ -196,8 +196,8 @@ static int verify_chain()
if( heap.first->prev != NULL )
{
#if defined(POLARSSL_MEMORY_DEBUG)
polarssl_fprintf( stderr, "FATAL: verification failed: "
#if defined(MBEDTLS_MEMORY_DEBUG)
mbedtls_fprintf( stderr, "FATAL: verification failed: "
"first->prev != NULL\n" );
#endif
return( 1 );
@ -207,8 +207,8 @@ static int verify_chain()
{
if( verify_header( cur ) != 0 )
{
#if defined(POLARSSL_MEMORY_DEBUG)
polarssl_fprintf( stderr, "FATAL: verification of header "
#if defined(MBEDTLS_MEMORY_DEBUG)
mbedtls_fprintf( stderr, "FATAL: verification of header "
"failed\n" );
#endif
return( 1 );
@ -216,8 +216,8 @@ static int verify_chain()
if( cur->prev != prv )
{
#if defined(POLARSSL_MEMORY_DEBUG)
polarssl_fprintf( stderr, "FATAL: verification failed: "
#if defined(MBEDTLS_MEMORY_DEBUG)
mbedtls_fprintf( stderr, "FATAL: verification failed: "
"cur->prev != prv\n" );
#endif
return( 1 );
@ -234,7 +234,7 @@ static void *buffer_alloc_malloc( size_t len )
{
memory_header *new, *cur = heap.first_free;
unsigned char *p;
#if defined(POLARSSL_MEMORY_BACKTRACE)
#if defined(MBEDTLS_MEMORY_BACKTRACE)
void *trace_buffer[MAX_BT];
size_t trace_cnt;
#endif
@ -242,10 +242,10 @@ static void *buffer_alloc_malloc( size_t len )
if( heap.buf == NULL || heap.first == NULL )
return( NULL );
if( len % POLARSSL_MEMORY_ALIGN_MULTIPLE )
if( len % MBEDTLS_MEMORY_ALIGN_MULTIPLE )
{
len -= len % POLARSSL_MEMORY_ALIGN_MULTIPLE;
len += POLARSSL_MEMORY_ALIGN_MULTIPLE;
len -= len % MBEDTLS_MEMORY_ALIGN_MULTIPLE;
len += MBEDTLS_MEMORY_ALIGN_MULTIPLE;
}
// Find block that fits
@ -263,21 +263,21 @@ static void *buffer_alloc_malloc( size_t len )
if( cur->alloc != 0 )
{
#if defined(POLARSSL_MEMORY_DEBUG)
polarssl_fprintf( stderr, "FATAL: block in free_list but allocated "
#if defined(MBEDTLS_MEMORY_DEBUG)
mbedtls_fprintf( stderr, "FATAL: block in free_list but allocated "
"data\n" );
#endif
polarssl_exit( 1 );
mbedtls_exit( 1 );
}
#if defined(POLARSSL_MEMORY_DEBUG)
#if defined(MBEDTLS_MEMORY_DEBUG)
heap.malloc_count++;
#endif
// Found location, split block if > memory_header + 4 room left
//
if( cur->size - len < sizeof(memory_header) +
POLARSSL_MEMORY_ALIGN_MULTIPLE )
MBEDTLS_MEMORY_ALIGN_MULTIPLE )
{
cur->alloc = 1;
@ -294,19 +294,19 @@ static void *buffer_alloc_malloc( size_t len )
cur->prev_free = NULL;
cur->next_free = NULL;
#if defined(POLARSSL_MEMORY_DEBUG)
#if defined(MBEDTLS_MEMORY_DEBUG)
heap.total_used += cur->size;
if( heap.total_used > heap.maximum_used )
heap.maximum_used = heap.total_used;
#endif
#if defined(POLARSSL_MEMORY_BACKTRACE)
#if defined(MBEDTLS_MEMORY_BACKTRACE)
trace_cnt = backtrace( trace_buffer, MAX_BT );
cur->trace = backtrace_symbols( trace_buffer, trace_cnt );
cur->trace_count = trace_cnt;
#endif
if( ( heap.verify & MEMORY_VERIFY_ALLOC ) && verify_chain() != 0 )
polarssl_exit( 1 );
if( ( heap.verify & MBEDTLS_MEMORY_VERIFY_ALLOC ) && verify_chain() != 0 )
mbedtls_exit( 1 );
return( ( (unsigned char *) cur ) + sizeof(memory_header) );
}
@ -318,7 +318,7 @@ static void *buffer_alloc_malloc( size_t len )
new->alloc = 0;
new->prev = cur;
new->next = cur->next;
#if defined(POLARSSL_MEMORY_BACKTRACE)
#if defined(MBEDTLS_MEMORY_BACKTRACE)
new->trace = NULL;
new->trace_count = 0;
#endif
@ -346,7 +346,7 @@ static void *buffer_alloc_malloc( size_t len )
cur->prev_free = NULL;
cur->next_free = NULL;
#if defined(POLARSSL_MEMORY_DEBUG)
#if defined(MBEDTLS_MEMORY_DEBUG)
heap.header_count++;
if( heap.header_count > heap.maximum_header_count )
heap.maximum_header_count = heap.header_count;
@ -354,14 +354,14 @@ static void *buffer_alloc_malloc( size_t len )
if( heap.total_used > heap.maximum_used )
heap.maximum_used = heap.total_used;
#endif
#if defined(POLARSSL_MEMORY_BACKTRACE)
#if defined(MBEDTLS_MEMORY_BACKTRACE)
trace_cnt = backtrace( trace_buffer, MAX_BT );
cur->trace = backtrace_symbols( trace_buffer, trace_cnt );
cur->trace_count = trace_cnt;
#endif
if( ( heap.verify & MEMORY_VERIFY_ALLOC ) && verify_chain() != 0 )
polarssl_exit( 1 );
if( ( heap.verify & MBEDTLS_MEMORY_VERIFY_ALLOC ) && verify_chain() != 0 )
mbedtls_exit( 1 );
return( ( (unsigned char *) cur ) + sizeof(memory_header) );
}
@ -376,31 +376,31 @@ static void buffer_alloc_free( void *ptr )
if( p < heap.buf || p > heap.buf + heap.len )
{
#if defined(POLARSSL_MEMORY_DEBUG)
polarssl_fprintf( stderr, "FATAL: polarssl_free() outside of managed "
#if defined(MBEDTLS_MEMORY_DEBUG)
mbedtls_fprintf( stderr, "FATAL: mbedtls_free() outside of managed "
"space\n" );
#endif
polarssl_exit( 1 );
mbedtls_exit( 1 );
}
p -= sizeof(memory_header);
hdr = (memory_header *) p;
if( verify_header( hdr ) != 0 )
polarssl_exit( 1 );
mbedtls_exit( 1 );
if( hdr->alloc != 1 )
{
#if defined(POLARSSL_MEMORY_DEBUG)
polarssl_fprintf( stderr, "FATAL: polarssl_free() on unallocated "
#if defined(MBEDTLS_MEMORY_DEBUG)
mbedtls_fprintf( stderr, "FATAL: mbedtls_free() on unallocated "
"data\n" );
#endif
polarssl_exit( 1 );
mbedtls_exit( 1 );
}
hdr->alloc = 0;
#if defined(POLARSSL_MEMORY_DEBUG)
#if defined(MBEDTLS_MEMORY_DEBUG)
heap.free_count++;
heap.total_used -= hdr->size;
#endif
@ -409,7 +409,7 @@ static void buffer_alloc_free( void *ptr )
//
if( hdr->prev != NULL && hdr->prev->alloc == 0 )
{
#if defined(POLARSSL_MEMORY_DEBUG)
#if defined(MBEDTLS_MEMORY_DEBUG)
heap.header_count--;
#endif
hdr->prev->size += sizeof(memory_header) + hdr->size;
@ -420,7 +420,7 @@ static void buffer_alloc_free( void *ptr )
if( hdr->next != NULL )
hdr->next->prev = hdr;
#if defined(POLARSSL_MEMORY_BACKTRACE)
#if defined(MBEDTLS_MEMORY_BACKTRACE)
free( old->trace );
#endif
memset( old, 0, sizeof(memory_header) );
@ -430,7 +430,7 @@ static void buffer_alloc_free( void *ptr )
//
if( hdr->next != NULL && hdr->next->alloc == 0 )
{
#if defined(POLARSSL_MEMORY_DEBUG)
#if defined(MBEDTLS_MEMORY_DEBUG)
heap.header_count--;
#endif
hdr->size += sizeof(memory_header) + hdr->next->size;
@ -462,7 +462,7 @@ static void buffer_alloc_free( void *ptr )
if( hdr->next != NULL )
hdr->next->prev = hdr;
#if defined(POLARSSL_MEMORY_BACKTRACE)
#if defined(MBEDTLS_MEMORY_BACKTRACE)
free( old->trace );
#endif
memset( old, 0, sizeof(memory_header) );
@ -479,29 +479,29 @@ static void buffer_alloc_free( void *ptr )
heap.first_free = hdr;
}
#if defined(POLARSSL_MEMORY_BACKTRACE)
#if defined(MBEDTLS_MEMORY_BACKTRACE)
hdr->trace = NULL;
hdr->trace_count = 0;
#endif
if( ( heap.verify & MEMORY_VERIFY_FREE ) && verify_chain() != 0 )
polarssl_exit( 1 );
if( ( heap.verify & MBEDTLS_MEMORY_VERIFY_FREE ) && verify_chain() != 0 )
mbedtls_exit( 1 );
}
void memory_buffer_set_verify( int verify )
void mbedtls_memory_buffer_set_verify( int verify )
{
heap.verify = verify;
}
int memory_buffer_alloc_verify()
int mbedtls_memory_buffer_alloc_verify()
{
return verify_chain();
}
#if defined(POLARSSL_MEMORY_DEBUG)
void memory_buffer_alloc_status()
#if defined(MBEDTLS_MEMORY_DEBUG)
void mbedtls_memory_buffer_alloc_status()
{
polarssl_fprintf( stderr,
mbedtls_fprintf( stderr,
"Current use: %zu blocks / %zu bytes, max: %zu blocks / "
"%zu bytes (total %zu bytes), malloc / free: %zu / %zu\n",
heap.header_count, heap.total_used,
@ -511,71 +511,71 @@ void memory_buffer_alloc_status()
heap.malloc_count, heap.free_count );
if( heap.first->next == NULL )
polarssl_fprintf( stderr, "All memory de-allocated in stack buffer\n" );
mbedtls_fprintf( stderr, "All memory de-allocated in stack buffer\n" );
else
{
polarssl_fprintf( stderr, "Memory currently allocated:\n" );
mbedtls_fprintf( stderr, "Memory currently allocated:\n" );
debug_chain();
}
}
void memory_buffer_alloc_max_get( size_t *max_used, size_t *max_blocks )
void mbedtls_memory_buffer_alloc_max_get( size_t *max_used, size_t *max_blocks )
{
*max_used = heap.maximum_used;
*max_blocks = heap.maximum_header_count;
}
void memory_buffer_alloc_max_reset( void )
void mbedtls_memory_buffer_alloc_max_reset( void )
{
heap.maximum_used = 0;
heap.maximum_header_count = 0;
}
void memory_buffer_alloc_cur_get( size_t *cur_used, size_t *cur_blocks )
void mbedtls_memory_buffer_alloc_cur_get( size_t *cur_used, size_t *cur_blocks )
{
*cur_used = heap.total_used;
*cur_blocks = heap.header_count;
}
#endif /* POLARSSL_MEMORY_DEBUG */
#endif /* MBEDTLS_MEMORY_DEBUG */
#if defined(POLARSSL_THREADING_C)
#if defined(MBEDTLS_THREADING_C)
static void *buffer_alloc_malloc_mutexed( size_t len )
{
void *buf;
polarssl_mutex_lock( &heap.mutex );
mbedtls_mutex_lock( &heap.mutex );
buf = buffer_alloc_malloc( len );
polarssl_mutex_unlock( &heap.mutex );
mbedtls_mutex_unlock( &heap.mutex );
return( buf );
}
static void buffer_alloc_free_mutexed( void *ptr )
{
polarssl_mutex_lock( &heap.mutex );
mbedtls_mutex_lock( &heap.mutex );
buffer_alloc_free( ptr );
polarssl_mutex_unlock( &heap.mutex );
mbedtls_mutex_unlock( &heap.mutex );
}
#endif /* POLARSSL_THREADING_C */
#endif /* MBEDTLS_THREADING_C */
int memory_buffer_alloc_init( unsigned char *buf, size_t len )
int mbedtls_memory_buffer_alloc_init( unsigned char *buf, size_t len )
{
memset( &heap, 0, sizeof(buffer_alloc_ctx) );
memset( buf, 0, len );
#if defined(POLARSSL_THREADING_C)
polarssl_mutex_init( &heap.mutex );
platform_set_malloc_free( buffer_alloc_malloc_mutexed,
#if defined(MBEDTLS_THREADING_C)
mbedtls_mutex_init( &heap.mutex );
mbedtls_platform_set_malloc_free( buffer_alloc_malloc_mutexed,
buffer_alloc_free_mutexed );
#else
platform_set_malloc_free( buffer_alloc_malloc, buffer_alloc_free );
mbedtls_platform_set_malloc_free( buffer_alloc_malloc, buffer_alloc_free );
#endif
if( (size_t) buf % POLARSSL_MEMORY_ALIGN_MULTIPLE )
if( (size_t) buf % MBEDTLS_MEMORY_ALIGN_MULTIPLE )
{
/* Adjust len first since buf is used in the computation */
len -= POLARSSL_MEMORY_ALIGN_MULTIPLE
- (size_t) buf % POLARSSL_MEMORY_ALIGN_MULTIPLE;
buf += POLARSSL_MEMORY_ALIGN_MULTIPLE
- (size_t) buf % POLARSSL_MEMORY_ALIGN_MULTIPLE;
len -= MBEDTLS_MEMORY_ALIGN_MULTIPLE
- (size_t) buf % MBEDTLS_MEMORY_ALIGN_MULTIPLE;
buf += MBEDTLS_MEMORY_ALIGN_MULTIPLE
- (size_t) buf % MBEDTLS_MEMORY_ALIGN_MULTIPLE;
}
heap.buf = buf;
@ -589,21 +589,21 @@ int memory_buffer_alloc_init( unsigned char *buf, size_t len )
return( 0 );
}
void memory_buffer_alloc_free()
void mbedtls_memory_buffer_alloc_free()
{
#if defined(POLARSSL_THREADING_C)
polarssl_mutex_free( &heap.mutex );
#if defined(MBEDTLS_THREADING_C)
mbedtls_mutex_free( &heap.mutex );
#endif
polarssl_zeroize( &heap, sizeof(buffer_alloc_ctx) );
mbedtls_zeroize( &heap, sizeof(buffer_alloc_ctx) );
}
#if defined(POLARSSL_SELF_TEST)
#if defined(MBEDTLS_SELF_TEST)
static int check_pointer( void *p )
{
if( p == NULL )
return( -1 );
if( (size_t) p % POLARSSL_MEMORY_ALIGN_MULTIPLE != 0 )
if( (size_t) p % MBEDTLS_MEMORY_ALIGN_MULTIPLE != 0 )
return( -1 );
return( 0 );
@ -612,7 +612,7 @@ static int check_pointer( void *p )
static int check_all_free( )
{
if(
#if defined(POLARSSL_MEMORY_DEBUG)
#if defined(MBEDTLS_MEMORY_DEBUG)
heap.total_used != 0 ||
#endif
heap.first != heap.first_free ||
@ -628,107 +628,107 @@ static int check_all_free( )
if( ! (condition) ) \
{ \
if( verbose != 0 ) \
polarssl_printf( "failed\n" ); \
mbedtls_printf( "failed\n" ); \
\
ret = 1; \
goto cleanup; \
}
int memory_buffer_alloc_self_test( int verbose )
int mbedtls_memory_buffer_alloc_self_test( int verbose )
{
unsigned char buf[1024];
unsigned char *p, *q, *r, *end;
int ret = 0;
if( verbose != 0 )
polarssl_printf( " MBA test #1 (basic alloc-free cycle): " );
mbedtls_printf( " MBA test #1 (basic alloc-free cycle): " );
memory_buffer_alloc_init( buf, sizeof( buf ) );
mbedtls_memory_buffer_alloc_init( buf, sizeof( buf ) );
p = polarssl_malloc( 1 );
q = polarssl_malloc( 128 );
r = polarssl_malloc( 16 );
p = mbedtls_malloc( 1 );
q = mbedtls_malloc( 128 );
r = mbedtls_malloc( 16 );
TEST_ASSERT( check_pointer( p ) == 0 &&
check_pointer( q ) == 0 &&
check_pointer( r ) == 0 );
polarssl_free( r );
polarssl_free( q );
polarssl_free( p );
mbedtls_free( r );
mbedtls_free( q );
mbedtls_free( p );
TEST_ASSERT( check_all_free( ) == 0 );
/* Memorize end to compare with the next test */
end = heap.buf + heap.len;
memory_buffer_alloc_free( );
mbedtls_memory_buffer_alloc_free( );
if( verbose != 0 )
polarssl_printf( "passed\n" );
mbedtls_printf( "passed\n" );
if( verbose != 0 )
polarssl_printf( " MBA test #2 (buf not aligned): " );
mbedtls_printf( " MBA test #2 (buf not aligned): " );
memory_buffer_alloc_init( buf + 1, sizeof( buf ) - 1 );
mbedtls_memory_buffer_alloc_init( buf + 1, sizeof( buf ) - 1 );
TEST_ASSERT( heap.buf + heap.len == end );
p = polarssl_malloc( 1 );
q = polarssl_malloc( 128 );
r = polarssl_malloc( 16 );
p = mbedtls_malloc( 1 );
q = mbedtls_malloc( 128 );
r = mbedtls_malloc( 16 );
TEST_ASSERT( check_pointer( p ) == 0 &&
check_pointer( q ) == 0 &&
check_pointer( r ) == 0 );
polarssl_free( r );
polarssl_free( q );
polarssl_free( p );
mbedtls_free( r );
mbedtls_free( q );
mbedtls_free( p );
TEST_ASSERT( check_all_free( ) == 0 );
memory_buffer_alloc_free( );
mbedtls_memory_buffer_alloc_free( );
if( verbose != 0 )
polarssl_printf( "passed\n" );
mbedtls_printf( "passed\n" );
if( verbose != 0 )
polarssl_printf( " MBA test #3 (full): " );
mbedtls_printf( " MBA test #3 (full): " );
memory_buffer_alloc_init( buf, sizeof( buf ) );
mbedtls_memory_buffer_alloc_init( buf, sizeof( buf ) );
p = polarssl_malloc( sizeof( buf ) - sizeof( memory_header ) );
p = mbedtls_malloc( sizeof( buf ) - sizeof( memory_header ) );
TEST_ASSERT( check_pointer( p ) == 0 );
TEST_ASSERT( polarssl_malloc( 1 ) == NULL );
TEST_ASSERT( mbedtls_malloc( 1 ) == NULL );
polarssl_free( p );
mbedtls_free( p );
p = polarssl_malloc( sizeof( buf ) - 2 * sizeof( memory_header ) - 16 );
q = polarssl_malloc( 16 );
p = mbedtls_malloc( sizeof( buf ) - 2 * sizeof( memory_header ) - 16 );
q = mbedtls_malloc( 16 );
TEST_ASSERT( check_pointer( p ) == 0 && check_pointer( q ) == 0 );
TEST_ASSERT( polarssl_malloc( 1 ) == NULL );
TEST_ASSERT( mbedtls_malloc( 1 ) == NULL );
polarssl_free( q );
mbedtls_free( q );
TEST_ASSERT( polarssl_malloc( 17 ) == NULL );
TEST_ASSERT( mbedtls_malloc( 17 ) == NULL );
polarssl_free( p );
mbedtls_free( p );
TEST_ASSERT( check_all_free( ) == 0 );
memory_buffer_alloc_free( );
mbedtls_memory_buffer_alloc_free( );
if( verbose != 0 )
polarssl_printf( "passed\n" );
mbedtls_printf( "passed\n" );
cleanup:
memory_buffer_alloc_free( );
mbedtls_memory_buffer_alloc_free( );
return( ret );
}
#endif /* POLARSSL_SELF_TEST */
#endif /* MBEDTLS_SELF_TEST */
#endif /* POLARSSL_MEMORY_BUFFER_ALLOC_C */
#endif /* MBEDTLS_MEMORY_BUFFER_ALLOC_C */

164
library/net.c
View File

@ -20,13 +20,13 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_NET_C)
#if defined(MBEDTLS_NET_C)
#include "mbedtls/net.h"
@ -35,7 +35,7 @@
#if (defined(_WIN32) || defined(_WIN32_WCE)) && !defined(EFIX64) && \
!defined(EFI32)
#if defined(POLARSSL_HAVE_IPV6)
#if defined(MBEDTLS_HAVE_IPV6)
#ifdef _WIN32_WINNT
#undef _WIN32_WINNT
#endif
@ -67,7 +67,7 @@ static int wsa_init_done = 0;
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#if defined(POLARSSL_HAVE_TIME)
#if defined(MBEDTLS_HAVE_TIME)
#include <sys/time.h>
#endif
#include <unistd.h>
@ -86,7 +86,7 @@ static int wsa_init_done = 0;
#define snprintf _snprintf
#endif
#if defined(POLARSSL_HAVE_TIME)
#if defined(MBEDTLS_HAVE_TIME)
#include <time.h>
#endif
@ -97,7 +97,7 @@ typedef UINT32 uint32_t;
#include <inttypes.h>
#endif
#if !defined(POLARSSL_HAVE_IPV6)
#if !defined(MBEDTLS_HAVE_IPV6)
#if defined(__FreeBSD__) || defined(__OpenBSD__) || defined(__NetBSD__) || \
defined(__DragonFly__)
#include <sys/endian.h>
@ -135,12 +135,12 @@ static unsigned long net_htonl( unsigned long n )
(((unsigned long ) n & 0xFF000000) >> 24) );
}
#endif
#endif /* !POLARSSL_HAVE_IPV6 */
#endif /* !MBEDTLS_HAVE_IPV6 */
#if defined(POLARSSL_PLATFORM_C)
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#define polarssl_snprintf snprintf
#define mbedtls_snprintf snprintf
#endif
/*
@ -155,7 +155,7 @@ static int net_prepare( void )
if( wsa_init_done == 0 )
{
if( WSAStartup( MAKEWORD(2,0), &wsaData ) != 0 )
return( POLARSSL_ERR_NET_SOCKET_FAILED );
return( MBEDTLS_ERR_NET_SOCKET_FAILED );
wsa_init_done = 1;
}
@ -170,9 +170,9 @@ static int net_prepare( void )
/*
* Initiate a TCP connection with host:port and the given protocol
*/
int net_connect( int *fd, const char *host, int port, int proto )
int mbedtls_net_connect( int *fd, const char *host, int port, int proto )
{
#if defined(POLARSSL_HAVE_IPV6)
#if defined(MBEDTLS_HAVE_IPV6)
int ret;
struct addrinfo hints, *addr_list, *cur;
char port_str[6];
@ -182,26 +182,26 @@ int net_connect( int *fd, const char *host, int port, int proto )
/* getaddrinfo expects port as a string */
memset( port_str, 0, sizeof( port_str ) );
polarssl_snprintf( port_str, sizeof( port_str ), "%d", port );
mbedtls_snprintf( port_str, sizeof( port_str ), "%d", port );
/* Do name resolution with both IPv6 and IPv4 */
memset( &hints, 0, sizeof( hints ) );
hints.ai_family = AF_UNSPEC;
hints.ai_socktype = proto == NET_PROTO_UDP ? SOCK_DGRAM : SOCK_STREAM;
hints.ai_protocol = proto == NET_PROTO_UDP ? IPPROTO_UDP : IPPROTO_TCP;
hints.ai_socktype = proto == MBEDTLS_NET_PROTO_UDP ? SOCK_DGRAM : SOCK_STREAM;
hints.ai_protocol = proto == MBEDTLS_NET_PROTO_UDP ? IPPROTO_UDP : IPPROTO_TCP;
if( getaddrinfo( host, port_str, &hints, &addr_list ) != 0 )
return( POLARSSL_ERR_NET_UNKNOWN_HOST );
return( MBEDTLS_ERR_NET_UNKNOWN_HOST );
/* Try the sockaddrs until a connection succeeds */
ret = POLARSSL_ERR_NET_UNKNOWN_HOST;
ret = MBEDTLS_ERR_NET_UNKNOWN_HOST;
for( cur = addr_list; cur != NULL; cur = cur->ai_next )
{
*fd = (int) socket( cur->ai_family, cur->ai_socktype,
cur->ai_protocol );
if( *fd < 0 )
{
ret = POLARSSL_ERR_NET_SOCKET_FAILED;
ret = MBEDTLS_ERR_NET_SOCKET_FAILED;
continue;
}
@ -212,7 +212,7 @@ int net_connect( int *fd, const char *host, int port, int proto )
}
close( *fd );
ret = POLARSSL_ERR_NET_CONNECT_FAILED;
ret = MBEDTLS_ERR_NET_CONNECT_FAILED;
}
freeaddrinfo( addr_list );
@ -230,12 +230,12 @@ int net_connect( int *fd, const char *host, int port, int proto )
return( ret );
if( ( server_host = gethostbyname( host ) ) == NULL )
return( POLARSSL_ERR_NET_UNKNOWN_HOST );
return( MBEDTLS_ERR_NET_UNKNOWN_HOST );
if( ( *fd = (int) socket( AF_INET,
proto == NET_PROTO_UDP ? SOCK_DGRAM : SOCK_STREAM,
proto == NET_PROTO_UDP ? IPPROTO_UDP : IPPROTO_TCP ) ) < 0 )
return( POLARSSL_ERR_NET_SOCKET_FAILED );
proto == MBEDTLS_NET_PROTO_UDP ? SOCK_DGRAM : SOCK_STREAM,
proto == MBEDTLS_NET_PROTO_UDP ? IPPROTO_UDP : IPPROTO_TCP ) ) < 0 )
return( MBEDTLS_ERR_NET_SOCKET_FAILED );
memcpy( (void *) &server_addr.sin_addr,
(void *) server_host->h_addr,
@ -248,19 +248,19 @@ int net_connect( int *fd, const char *host, int port, int proto )
sizeof( server_addr ) ) < 0 )
{
close( *fd );
return( POLARSSL_ERR_NET_CONNECT_FAILED );
return( MBEDTLS_ERR_NET_CONNECT_FAILED );
}
return( 0 );
#endif /* POLARSSL_HAVE_IPV6 */
#endif /* MBEDTLS_HAVE_IPV6 */
}
/*
* Create a listening socket on bind_ip:port
*/
int net_bind( int *fd, const char *bind_ip, int port, int proto )
int mbedtls_net_bind( int *fd, const char *bind_ip, int port, int proto )
{
#if defined(POLARSSL_HAVE_IPV6)
#if defined(MBEDTLS_HAVE_IPV6)
int n, ret;
struct addrinfo hints, *addr_list, *cur;
char port_str[6];
@ -270,28 +270,28 @@ int net_bind( int *fd, const char *bind_ip, int port, int proto )
/* getaddrinfo expects port as a string */
memset( port_str, 0, sizeof( port_str ) );
polarssl_snprintf( port_str, sizeof( port_str ), "%d", port );
mbedtls_snprintf( port_str, sizeof( port_str ), "%d", port );
/* Bind to IPv6 and/or IPv4, but only in TCP */
memset( &hints, 0, sizeof( hints ) );
hints.ai_family = AF_UNSPEC;
hints.ai_socktype = proto == NET_PROTO_UDP ? SOCK_DGRAM : SOCK_STREAM;
hints.ai_protocol = proto == NET_PROTO_UDP ? IPPROTO_UDP : IPPROTO_TCP;
hints.ai_socktype = proto == MBEDTLS_NET_PROTO_UDP ? SOCK_DGRAM : SOCK_STREAM;
hints.ai_protocol = proto == MBEDTLS_NET_PROTO_UDP ? IPPROTO_UDP : IPPROTO_TCP;
if( bind_ip == NULL )
hints.ai_flags = AI_PASSIVE;
if( getaddrinfo( bind_ip, port_str, &hints, &addr_list ) != 0 )
return( POLARSSL_ERR_NET_UNKNOWN_HOST );
return( MBEDTLS_ERR_NET_UNKNOWN_HOST );
/* Try the sockaddrs until a binding succeeds */
ret = POLARSSL_ERR_NET_UNKNOWN_HOST;
ret = MBEDTLS_ERR_NET_UNKNOWN_HOST;
for( cur = addr_list; cur != NULL; cur = cur->ai_next )
{
*fd = (int) socket( cur->ai_family, cur->ai_socktype,
cur->ai_protocol );
if( *fd < 0 )
{
ret = POLARSSL_ERR_NET_SOCKET_FAILED;
ret = MBEDTLS_ERR_NET_SOCKET_FAILED;
continue;
}
@ -300,24 +300,24 @@ int net_bind( int *fd, const char *bind_ip, int port, int proto )
(const char *) &n, sizeof( n ) ) != 0 )
{
close( *fd );
ret = POLARSSL_ERR_NET_SOCKET_FAILED;
ret = MBEDTLS_ERR_NET_SOCKET_FAILED;
continue;
}
if( bind( *fd, cur->ai_addr, cur->ai_addrlen ) != 0 )
{
close( *fd );
ret = POLARSSL_ERR_NET_BIND_FAILED;
ret = MBEDTLS_ERR_NET_BIND_FAILED;
continue;
}
/* Listen only makes sense for TCP */
if( proto == NET_PROTO_TCP )
if( proto == MBEDTLS_NET_PROTO_TCP )
{
if( listen( *fd, POLARSSL_NET_LISTEN_BACKLOG ) != 0 )
if( listen( *fd, MBEDTLS_NET_LISTEN_BACKLOG ) != 0 )
{
close( *fd );
ret = POLARSSL_ERR_NET_LISTEN_FAILED;
ret = MBEDTLS_ERR_NET_LISTEN_FAILED;
continue;
}
}
@ -341,9 +341,9 @@ int net_bind( int *fd, const char *bind_ip, int port, int proto )
return( ret );
if( ( *fd = (int) socket( AF_INET,
proto == NET_PROTO_UDP ? SOCK_DGRAM : SOCK_STREAM,
proto == NET_PROTO_UDP ? IPPROTO_UDP : IPPROTO_TCP ) ) < 0 )
return( POLARSSL_ERR_NET_SOCKET_FAILED );
proto == MBEDTLS_NET_PROTO_UDP ? SOCK_DGRAM : SOCK_STREAM,
proto == MBEDTLS_NET_PROTO_UDP ? IPPROTO_UDP : IPPROTO_TCP ) ) < 0 )
return( MBEDTLS_ERR_NET_SOCKET_FAILED );
n = 1;
setsockopt( *fd, SOL_SOCKET, SO_REUSEADDR,
@ -374,21 +374,21 @@ int net_bind( int *fd, const char *bind_ip, int port, int proto )
sizeof( server_addr ) ) < 0 )
{
close( *fd );
return( POLARSSL_ERR_NET_BIND_FAILED );
return( MBEDTLS_ERR_NET_BIND_FAILED );
}
/* Listen only makes sense for TCP */
if( proto == NET_PROTO_TCP )
if( proto == MBEDTLS_NET_PROTO_TCP )
{
if( listen( *fd, POLARSSL_NET_LISTEN_BACKLOG ) != 0 )
if( listen( *fd, MBEDTLS_NET_LISTEN_BACKLOG ) != 0 )
{
close( *fd );
return( POLARSSL_ERR_NET_LISTEN_FAILED );
return( MBEDTLS_ERR_NET_LISTEN_FAILED );
}
}
return( 0 );
#endif /* POLARSSL_HAVE_IPV6 */
#endif /* MBEDTLS_HAVE_IPV6 */
}
#if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \
@ -434,12 +434,12 @@ static int net_would_block( int fd )
/*
* Accept a connection from a remote client
*/
int net_accept( int bind_fd, int *client_fd, void *client_ip )
int mbedtls_net_accept( int bind_fd, int *client_fd, void *client_ip )
{
int ret;
int type;
#if defined(POLARSSL_HAVE_IPV6)
#if defined(MBEDTLS_HAVE_IPV6)
struct sockaddr_storage client_addr;
#else
struct sockaddr_in client_addr;
@ -458,7 +458,7 @@ int net_accept( int bind_fd, int *client_fd, void *client_ip )
if( getsockopt( bind_fd, SOL_SOCKET, SO_TYPE, (void *) &type, &type_len ) != 0 ||
( type != SOCK_STREAM && type != SOCK_DGRAM ) )
{
return( POLARSSL_ERR_NET_ACCEPT_FAILED );
return( MBEDTLS_ERR_NET_ACCEPT_FAILED );
}
if( type == SOCK_STREAM )
@ -479,23 +479,23 @@ int net_accept( int bind_fd, int *client_fd, void *client_ip )
if( ret < 0 )
{
if( net_would_block( bind_fd ) != 0 )
return( POLARSSL_ERR_NET_WANT_READ );
return( MBEDTLS_ERR_NET_WANT_READ );
return( POLARSSL_ERR_NET_ACCEPT_FAILED );
return( MBEDTLS_ERR_NET_ACCEPT_FAILED );
}
/* UDP: hijack the listening socket for communicating with the client */
if( type != SOCK_STREAM )
{
if( connect( bind_fd, (struct sockaddr *) &client_addr, n ) != 0 )
return( POLARSSL_ERR_NET_ACCEPT_FAILED );
return( MBEDTLS_ERR_NET_ACCEPT_FAILED );
*client_fd = bind_fd;
}
if( client_ip != NULL )
{
#if defined(POLARSSL_HAVE_IPV6)
#if defined(MBEDTLS_HAVE_IPV6)
if( client_addr.ss_family == AF_INET )
{
struct sockaddr_in *addr4 = (struct sockaddr_in *) &client_addr;
@ -511,7 +511,7 @@ int net_accept( int bind_fd, int *client_fd, void *client_ip )
#else
memcpy( client_ip, &client_addr.sin_addr.s_addr,
sizeof( client_addr.sin_addr.s_addr ) );
#endif /* POLARSSL_HAVE_IPV6 */
#endif /* MBEDTLS_HAVE_IPV6 */
}
return( 0 );
@ -520,7 +520,7 @@ int net_accept( int bind_fd, int *client_fd, void *client_ip )
/*
* Set the socket blocking or non-blocking
*/
int net_set_block( int fd )
int mbedtls_net_set_block( int fd )
{
#if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \
!defined(EFI32)
@ -531,7 +531,7 @@ int net_set_block( int fd )
#endif
}
int net_set_nonblock( int fd )
int mbedtls_net_set_nonblock( int fd )
{
#if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \
!defined(EFI32)
@ -542,11 +542,11 @@ int net_set_nonblock( int fd )
#endif
}
#if defined(POLARSSL_HAVE_TIME)
#if defined(MBEDTLS_HAVE_TIME)
/*
* Portable usleep helper
*/
void net_usleep( unsigned long usec )
void mbedtls_net_usleep( unsigned long usec )
{
struct timeval tv;
tv.tv_sec = usec / 1000000;
@ -558,12 +558,12 @@ void net_usleep( unsigned long usec )
#endif
select( 0, NULL, NULL, NULL, &tv );
}
#endif /* POLARSSL_HAVE_TIME */
#endif /* MBEDTLS_HAVE_TIME */
/*
* Read at most 'len' characters
*/
int net_recv( void *ctx, unsigned char *buf, size_t len )
int mbedtls_net_recv( void *ctx, unsigned char *buf, size_t len )
{
int fd = *((int *) ctx);
int ret = (int) read( fd, buf, len );
@ -571,31 +571,31 @@ int net_recv( void *ctx, unsigned char *buf, size_t len )
if( ret < 0 )
{
if( net_would_block( fd ) != 0 )
return( POLARSSL_ERR_NET_WANT_READ );
return( MBEDTLS_ERR_NET_WANT_READ );
#if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \
!defined(EFI32)
if( WSAGetLastError() == WSAECONNRESET )
return( POLARSSL_ERR_NET_CONN_RESET );
return( MBEDTLS_ERR_NET_CONN_RESET );
#else
if( errno == EPIPE || errno == ECONNRESET )
return( POLARSSL_ERR_NET_CONN_RESET );
return( MBEDTLS_ERR_NET_CONN_RESET );
if( errno == EINTR )
return( POLARSSL_ERR_NET_WANT_READ );
return( MBEDTLS_ERR_NET_WANT_READ );
#endif
return( POLARSSL_ERR_NET_RECV_FAILED );
return( MBEDTLS_ERR_NET_RECV_FAILED );
}
return( ret );
}
#if defined(POLARSSL_HAVE_TIME)
#if defined(MBEDTLS_HAVE_TIME)
/*
* Read at most 'len' characters, blocking for at most 'timeout' ms
*/
int net_recv_timeout( void *ctx, unsigned char *buf, size_t len,
int mbedtls_net_recv_timeout( void *ctx, unsigned char *buf, size_t len,
uint32_t timeout )
{
int ret;
@ -613,31 +613,31 @@ int net_recv_timeout( void *ctx, unsigned char *buf, size_t len,
/* Zero fds ready means we timed out */
if( ret == 0 )
return( POLARSSL_ERR_NET_TIMEOUT );
return( MBEDTLS_ERR_NET_TIMEOUT );
if( ret < 0 )
{
#if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \
!defined(EFI32)
if( WSAGetLastError() == WSAEINTR )
return( POLARSSL_ERR_NET_WANT_READ );
return( MBEDTLS_ERR_NET_WANT_READ );
#else
if( errno == EINTR )
return( POLARSSL_ERR_NET_WANT_READ );
return( MBEDTLS_ERR_NET_WANT_READ );
#endif
return( POLARSSL_ERR_NET_RECV_FAILED );
return( MBEDTLS_ERR_NET_RECV_FAILED );
}
/* This call will not block */
return( net_recv( ctx, buf, len ) );
return( mbedtls_net_recv( ctx, buf, len ) );
}
#endif /* POLARSSL_HAVE_TIME */
#endif /* MBEDTLS_HAVE_TIME */
/*
* Write at most 'len' characters
*/
int net_send( void *ctx, const unsigned char *buf, size_t len )
int mbedtls_net_send( void *ctx, const unsigned char *buf, size_t len )
{
int fd = *((int *) ctx);
int ret = (int) write( fd, buf, len );
@ -645,21 +645,21 @@ int net_send( void *ctx, const unsigned char *buf, size_t len )
if( ret < 0 )
{
if( net_would_block( fd ) != 0 )
return( POLARSSL_ERR_NET_WANT_WRITE );
return( MBEDTLS_ERR_NET_WANT_WRITE );
#if ( defined(_WIN32) || defined(_WIN32_WCE) ) && !defined(EFIX64) && \
!defined(EFI32)
if( WSAGetLastError() == WSAECONNRESET )
return( POLARSSL_ERR_NET_CONN_RESET );
return( MBEDTLS_ERR_NET_CONN_RESET );
#else
if( errno == EPIPE || errno == ECONNRESET )
return( POLARSSL_ERR_NET_CONN_RESET );
return( MBEDTLS_ERR_NET_CONN_RESET );
if( errno == EINTR )
return( POLARSSL_ERR_NET_WANT_WRITE );
return( MBEDTLS_ERR_NET_WANT_WRITE );
#endif
return( POLARSSL_ERR_NET_SEND_FAILED );
return( MBEDTLS_ERR_NET_SEND_FAILED );
}
return( ret );
@ -668,10 +668,10 @@ int net_send( void *ctx, const unsigned char *buf, size_t len )
/*
* Gracefully close the connection
*/
void net_close( int fd )
void mbedtls_net_close( int fd )
{
shutdown( fd, 2 );
close( fd );
}
#endif /* POLARSSL_NET_C */
#endif /* MBEDTLS_NET_C */

396
library/oid.c
View File

@ -22,13 +22,13 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_OID_C)
#if defined(MBEDTLS_OID_C)
#include "mbedtls/oid.h"
#include "mbedtls/rsa.h"
@ -36,30 +36,30 @@
#include <stdio.h>
#include <string.h>
#if defined(POLARSSL_PLATFORM_C)
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#define polarssl_snprintf snprintf
#define mbedtls_snprintf snprintf
#endif
#if defined(POLARSSL_X509_USE_C) || defined(POLARSSL_X509_CREATE_C)
#if defined(MBEDTLS_X509_USE_C) || defined(MBEDTLS_X509_CREATE_C)
#include "mbedtls/x509.h"
#endif
/*
* Macro to automatically add the size of #define'd OIDs
*/
#define ADD_LEN(s) s, OID_SIZE(s)
#define ADD_LEN(s) s, MBEDTLS_OID_SIZE(s)
/*
* Macro to generate an internal function for oid_XXX_from_asn1() (used by
* the other functions)
*/
#define FN_OID_TYPED_FROM_ASN1( TYPE_T, NAME, LIST ) \
static const TYPE_T * oid_ ## NAME ## _from_asn1( const asn1_buf *oid ) \
static const TYPE_T * oid_ ## NAME ## _from_asn1( const mbedtls_asn1_buf *oid ) \
{ \
const TYPE_T *p = LIST; \
const oid_descriptor_t *cur = (const oid_descriptor_t *) p; \
const mbedtls_oid_descriptor_t *cur = (const mbedtls_oid_descriptor_t *) p; \
if( p == NULL || oid == NULL ) return( NULL ); \
while( cur->asn1 != NULL ) { \
if( cur->asn1_len == oid->len && \
@ -67,47 +67,47 @@ static const TYPE_T * oid_ ## NAME ## _from_asn1( const asn1_buf *oid ) \
return( p ); \
} \
p++; \
cur = (const oid_descriptor_t *) p; \
cur = (const mbedtls_oid_descriptor_t *) p; \
} \
return( NULL ); \
}
/*
* Macro to generate a function for retrieving a single attribute from the
* descriptor of an oid_descriptor_t wrapper.
* descriptor of an mbedtls_oid_descriptor_t wrapper.
*/
#define FN_OID_GET_DESCRIPTOR_ATTR1(FN_NAME, TYPE_T, TYPE_NAME, ATTR1_TYPE, ATTR1) \
int FN_NAME( const asn1_buf *oid, ATTR1_TYPE * ATTR1 ) \
int FN_NAME( const mbedtls_asn1_buf *oid, ATTR1_TYPE * ATTR1 ) \
{ \
const TYPE_T *data = oid_ ## TYPE_NAME ## _from_asn1( oid ); \
if( data == NULL ) return( POLARSSL_ERR_OID_NOT_FOUND ); \
if( data == NULL ) return( MBEDTLS_ERR_OID_NOT_FOUND ); \
*ATTR1 = data->descriptor.ATTR1; \
return( 0 ); \
}
/*
* Macro to generate a function for retrieving a single attribute from an
* oid_descriptor_t wrapper.
* mbedtls_oid_descriptor_t wrapper.
*/
#define FN_OID_GET_ATTR1(FN_NAME, TYPE_T, TYPE_NAME, ATTR1_TYPE, ATTR1) \
int FN_NAME( const asn1_buf *oid, ATTR1_TYPE * ATTR1 ) \
int FN_NAME( const mbedtls_asn1_buf *oid, ATTR1_TYPE * ATTR1 ) \
{ \
const TYPE_T *data = oid_ ## TYPE_NAME ## _from_asn1( oid ); \
if( data == NULL ) return( POLARSSL_ERR_OID_NOT_FOUND ); \
if( data == NULL ) return( MBEDTLS_ERR_OID_NOT_FOUND ); \
*ATTR1 = data->ATTR1; \
return( 0 ); \
}
/*
* Macro to generate a function for retrieving two attributes from an
* oid_descriptor_t wrapper.
* mbedtls_oid_descriptor_t wrapper.
*/
#define FN_OID_GET_ATTR2(FN_NAME, TYPE_T, TYPE_NAME, ATTR1_TYPE, ATTR1, \
ATTR2_TYPE, ATTR2) \
int FN_NAME( const asn1_buf *oid, ATTR1_TYPE * ATTR1, ATTR2_TYPE * ATTR2 ) \
int FN_NAME( const mbedtls_asn1_buf *oid, ATTR1_TYPE * ATTR1, ATTR2_TYPE * ATTR2 ) \
{ \
const TYPE_T *data = oid_ ## TYPE_NAME ## _from_asn1( oid ); \
if( data == NULL ) return( POLARSSL_ERR_OID_NOT_FOUND ); \
if( data == NULL ) return( MBEDTLS_ERR_OID_NOT_FOUND ); \
*ATTR1 = data->ATTR1; \
*ATTR2 = data->ATTR2; \
return( 0 ); \
@ -115,7 +115,7 @@ int FN_NAME( const asn1_buf *oid, ATTR1_TYPE * ATTR1, ATTR2_TYPE * ATTR2 ) \
/*
* Macro to generate a function for retrieving the OID based on a single
* attribute from a oid_descriptor_t wrapper.
* attribute from a mbedtls_oid_descriptor_t wrapper.
*/
#define FN_OID_GET_OID_BY_ATTR1(FN_NAME, TYPE_T, LIST, ATTR1_TYPE, ATTR1) \
int FN_NAME( ATTR1_TYPE ATTR1, const char **oid, size_t *olen ) \
@ -129,12 +129,12 @@ int FN_NAME( ATTR1_TYPE ATTR1, const char **oid, size_t *olen ) \
} \
cur++; \
} \
return( POLARSSL_ERR_OID_NOT_FOUND ); \
return( MBEDTLS_ERR_OID_NOT_FOUND ); \
}
/*
* Macro to generate a function for retrieving the OID based on two
* attributes from a oid_descriptor_t wrapper.
* attributes from a mbedtls_oid_descriptor_t wrapper.
*/
#define FN_OID_GET_OID_BY_ATTR2(FN_NAME, TYPE_T, LIST, ATTR1_TYPE, ATTR1, \
ATTR2_TYPE, ATTR2) \
@ -150,93 +150,93 @@ int FN_NAME( ATTR1_TYPE ATTR1, ATTR2_TYPE ATTR2, const char **oid , \
} \
cur++; \
} \
return( POLARSSL_ERR_OID_NOT_FOUND ); \
return( MBEDTLS_ERR_OID_NOT_FOUND ); \
}
/*
* For X520 attribute types
*/
typedef struct {
oid_descriptor_t descriptor;
mbedtls_oid_descriptor_t descriptor;
const char *short_name;
} oid_x520_attr_t;
static const oid_x520_attr_t oid_x520_attr_type[] =
{
{
{ ADD_LEN( OID_AT_CN ), "id-at-commonName", "Common Name" },
{ ADD_LEN( MBEDTLS_OID_AT_CN ), "id-at-commonName", "Common Name" },
"CN",
},
{
{ ADD_LEN( OID_AT_COUNTRY ), "id-at-countryName", "Country" },
{ ADD_LEN( MBEDTLS_OID_AT_COUNTRY ), "id-at-countryName", "Country" },
"C",
},
{
{ ADD_LEN( OID_AT_LOCALITY ), "id-at-locality", "Locality" },
{ ADD_LEN( MBEDTLS_OID_AT_LOCALITY ), "id-at-locality", "Locality" },
"L",
},
{
{ ADD_LEN( OID_AT_STATE ), "id-at-state", "State" },
{ ADD_LEN( MBEDTLS_OID_AT_STATE ), "id-at-state", "State" },
"ST",
},
{
{ ADD_LEN( OID_AT_ORGANIZATION ),"id-at-organizationName", "Organization" },
{ ADD_LEN( MBEDTLS_OID_AT_ORGANIZATION ),"id-at-organizationName", "Organization" },
"O",
},
{
{ ADD_LEN( OID_AT_ORG_UNIT ), "id-at-organizationalUnitName", "Org Unit" },
{ ADD_LEN( MBEDTLS_OID_AT_ORG_UNIT ), "id-at-organizationalUnitName", "Org Unit" },
"OU",
},
{
{ ADD_LEN( OID_PKCS9_EMAIL ), "emailAddress", "E-mail address" },
{ ADD_LEN( MBEDTLS_OID_PKCS9_EMAIL ), "emailAddress", "E-mail address" },
"emailAddress",
},
{
{ ADD_LEN( OID_AT_SERIAL_NUMBER ),"id-at-serialNumber", "Serial number" },
{ ADD_LEN( MBEDTLS_OID_AT_SERIAL_NUMBER ),"id-at-serialNumber", "Serial number" },
"serialNumber",
},
{
{ ADD_LEN( OID_AT_POSTAL_ADDRESS ),"id-at-postalAddress", "Postal address" },
{ ADD_LEN( MBEDTLS_OID_AT_POSTAL_ADDRESS ),"id-at-postalAddress", "Postal address" },
"postalAddress",
},
{
{ ADD_LEN( OID_AT_POSTAL_CODE ), "id-at-postalCode", "Postal code" },
{ ADD_LEN( MBEDTLS_OID_AT_POSTAL_CODE ), "id-at-postalCode", "Postal code" },
"postalCode",
},
{
{ ADD_LEN( OID_AT_SUR_NAME ), "id-at-surName", "Surname" },
{ ADD_LEN( MBEDTLS_OID_AT_SUR_NAME ), "id-at-surName", "Surname" },
"SN",
},
{
{ ADD_LEN( OID_AT_GIVEN_NAME ), "id-at-givenName", "Given name" },
{ ADD_LEN( MBEDTLS_OID_AT_GIVEN_NAME ), "id-at-givenName", "Given name" },
"GN",
},
{
{ ADD_LEN( OID_AT_INITIALS ), "id-at-initials", "Initials" },
{ ADD_LEN( MBEDTLS_OID_AT_INITIALS ), "id-at-initials", "Initials" },
"initials",
},
{
{ ADD_LEN( OID_AT_GENERATION_QUALIFIER ), "id-at-generationQualifier", "Generation qualifier" },
{ ADD_LEN( MBEDTLS_OID_AT_GENERATION_QUALIFIER ), "id-at-generationQualifier", "Generation qualifier" },
"generationQualifier",
},
{
{ ADD_LEN( OID_AT_TITLE ), "id-at-title", "Title" },
{ ADD_LEN( MBEDTLS_OID_AT_TITLE ), "id-at-title", "Title" },
"title",
},
{
{ ADD_LEN( OID_AT_DN_QUALIFIER ),"id-at-dnQualifier", "Distinguished Name qualifier" },
{ ADD_LEN( MBEDTLS_OID_AT_DN_QUALIFIER ),"id-at-dnQualifier", "Distinguished Name qualifier" },
"dnQualifier",
},
{
{ ADD_LEN( OID_AT_PSEUDONYM ), "id-at-pseudonym", "Pseudonym" },
{ ADD_LEN( MBEDTLS_OID_AT_PSEUDONYM ), "id-at-pseudonym", "Pseudonym" },
"pseudonym",
},
{
{ ADD_LEN( OID_DOMAIN_COMPONENT ), "id-domainComponent", "Domain component" },
{ ADD_LEN( MBEDTLS_OID_DOMAIN_COMPONENT ), "id-domainComponent", "Domain component" },
"DC",
},
{
{ ADD_LEN( OID_AT_UNIQUE_IDENTIFIER ), "id-at-uniqueIdentifier", "Unique Identifier" },
{ ADD_LEN( MBEDTLS_OID_AT_UNIQUE_IDENTIFIER ), "id-at-uniqueIdentifier", "Unique Identifier" },
"uniqueIdentifier",
},
{
@ -246,38 +246,38 @@ static const oid_x520_attr_t oid_x520_attr_type[] =
};
FN_OID_TYPED_FROM_ASN1(oid_x520_attr_t, x520_attr, oid_x520_attr_type);
FN_OID_GET_ATTR1(oid_get_attr_short_name, oid_x520_attr_t, x520_attr, const char *, short_name);
FN_OID_GET_ATTR1(mbedtls_oid_get_attr_short_name, oid_x520_attr_t, x520_attr, const char *, short_name);
#if defined(POLARSSL_X509_USE_C) || defined(POLARSSL_X509_CREATE_C)
#if defined(MBEDTLS_X509_USE_C) || defined(MBEDTLS_X509_CREATE_C)
/*
* For X509 extensions
*/
typedef struct {
oid_descriptor_t descriptor;
mbedtls_oid_descriptor_t descriptor;
int ext_type;
} oid_x509_ext_t;
static const oid_x509_ext_t oid_x509_ext[] =
{
{
{ ADD_LEN( OID_BASIC_CONSTRAINTS ), "id-ce-basicConstraints", "Basic Constraints" },
EXT_BASIC_CONSTRAINTS,
{ ADD_LEN( MBEDTLS_OID_BASIC_CONSTRAINTS ), "id-ce-basicConstraints", "Basic Constraints" },
MBEDTLS_EXT_BASIC_CONSTRAINTS,
},
{
{ ADD_LEN( OID_KEY_USAGE ), "id-ce-keyUsage", "Key Usage" },
EXT_KEY_USAGE,
{ ADD_LEN( MBEDTLS_OID_KEY_USAGE ), "id-ce-keyUsage", "Key Usage" },
MBEDTLS_X509_EXT_KEY_USAGE,
},
{
{ ADD_LEN( OID_EXTENDED_KEY_USAGE ), "id-ce-keyUsage", "Extended Key Usage" },
EXT_EXTENDED_KEY_USAGE,
{ ADD_LEN( MBEDTLS_OID_EXTENDED_KEY_USAGE ), "id-ce-keyUsage", "Extended Key Usage" },
MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE,
},
{
{ ADD_LEN( OID_SUBJECT_ALT_NAME ), "id-ce-subjectAltName", "Subject Alt Name" },
EXT_SUBJECT_ALT_NAME,
{ ADD_LEN( MBEDTLS_OID_SUBJECT_ALT_NAME ), "id-ce-subjectAltName", "Subject Alt Name" },
MBEDTLS_EXT_SUBJECT_ALT_NAME,
},
{
{ ADD_LEN( OID_NS_CERT_TYPE ), "id-netscape-certtype", "Netscape Certificate Type" },
EXT_NS_CERT_TYPE,
{ ADD_LEN( MBEDTLS_OID_NS_CERT_TYPE ), "id-netscape-certtype", "Netscape Certificate Type" },
MBEDTLS_X509_EXT_NS_CERT_TYPE,
},
{
{ NULL, 0, NULL, NULL },
@ -286,317 +286,317 @@ static const oid_x509_ext_t oid_x509_ext[] =
};
FN_OID_TYPED_FROM_ASN1(oid_x509_ext_t, x509_ext, oid_x509_ext);
FN_OID_GET_ATTR1(oid_get_x509_ext_type, oid_x509_ext_t, x509_ext, int, ext_type);
FN_OID_GET_ATTR1(mbedtls_oid_get_x509_ext_type, oid_x509_ext_t, x509_ext, int, ext_type);
static const oid_descriptor_t oid_ext_key_usage[] =
static const mbedtls_oid_descriptor_t oid_ext_key_usage[] =
{
{ ADD_LEN( OID_SERVER_AUTH ), "id-kp-serverAuth", "TLS Web Server Authentication" },
{ ADD_LEN( OID_CLIENT_AUTH ), "id-kp-clientAuth", "TLS Web Client Authentication" },
{ ADD_LEN( OID_CODE_SIGNING ), "id-kp-codeSigning", "Code Signing" },
{ ADD_LEN( OID_EMAIL_PROTECTION ), "id-kp-emailProtection", "E-mail Protection" },
{ ADD_LEN( OID_TIME_STAMPING ), "id-kp-timeStamping", "Time Stamping" },
{ ADD_LEN( OID_OCSP_SIGNING ), "id-kp-OCSPSigning", "OCSP Signing" },
{ ADD_LEN( MBEDTLS_OID_SERVER_AUTH ), "id-kp-serverAuth", "TLS Web Server Authentication" },
{ ADD_LEN( MBEDTLS_OID_CLIENT_AUTH ), "id-kp-clientAuth", "TLS Web Client Authentication" },
{ ADD_LEN( MBEDTLS_OID_CODE_SIGNING ), "id-kp-codeSigning", "Code Signing" },
{ ADD_LEN( MBEDTLS_OID_EMAIL_PROTECTION ), "id-kp-emailProtection", "E-mail Protection" },
{ ADD_LEN( MBEDTLS_OID_TIME_STAMPING ), "id-kp-timeStamping", "Time Stamping" },
{ ADD_LEN( MBEDTLS_OID_OCSP_SIGNING ), "id-kp-OCSPSigning", "OCSP Signing" },
{ NULL, 0, NULL, NULL },
};
FN_OID_TYPED_FROM_ASN1(oid_descriptor_t, ext_key_usage, oid_ext_key_usage);
FN_OID_GET_ATTR1(oid_get_extended_key_usage, oid_descriptor_t, ext_key_usage, const char *, description);
#endif /* POLARSSL_X509_USE_C || POLARSSL_X509_CREATE_C */
FN_OID_TYPED_FROM_ASN1(mbedtls_oid_descriptor_t, ext_key_usage, oid_ext_key_usage);
FN_OID_GET_ATTR1(mbedtls_oid_get_extended_key_usage, mbedtls_oid_descriptor_t, ext_key_usage, const char *, description);
#endif /* MBEDTLS_X509_USE_C || MBEDTLS_X509_CREATE_C */
#if defined(POLARSSL_MD_C)
#if defined(MBEDTLS_MD_C)
/*
* For SignatureAlgorithmIdentifier
*/
typedef struct {
oid_descriptor_t descriptor;
md_type_t md_alg;
pk_type_t pk_alg;
mbedtls_oid_descriptor_t descriptor;
mbedtls_md_type_t md_alg;
mbedtls_pk_type_t pk_alg;
} oid_sig_alg_t;
static const oid_sig_alg_t oid_sig_alg[] =
{
{
{ ADD_LEN( OID_PKCS1_MD2 ), "md2WithRSAEncryption", "RSA with MD2" },
POLARSSL_MD_MD2, POLARSSL_PK_RSA,
{ ADD_LEN( MBEDTLS_OID_PKCS1_MD2 ), "md2WithRSAEncryption", "RSA with MD2" },
MBEDTLS_MD_MD2, MBEDTLS_PK_RSA,
},
{
{ ADD_LEN( OID_PKCS1_MD4 ), "md4WithRSAEncryption", "RSA with MD4" },
POLARSSL_MD_MD4, POLARSSL_PK_RSA,
{ ADD_LEN( MBEDTLS_OID_PKCS1_MD4 ), "md4WithRSAEncryption", "RSA with MD4" },
MBEDTLS_MD_MD4, MBEDTLS_PK_RSA,
},
{
{ ADD_LEN( OID_PKCS1_MD5 ), "md5WithRSAEncryption", "RSA with MD5" },
POLARSSL_MD_MD5, POLARSSL_PK_RSA,
{ ADD_LEN( MBEDTLS_OID_PKCS1_MD5 ), "md5WithRSAEncryption", "RSA with MD5" },
MBEDTLS_MD_MD5, MBEDTLS_PK_RSA,
},
{
{ ADD_LEN( OID_PKCS1_SHA1 ), "sha-1WithRSAEncryption", "RSA with SHA1" },
POLARSSL_MD_SHA1, POLARSSL_PK_RSA,
{ ADD_LEN( MBEDTLS_OID_PKCS1_SHA1 ), "sha-1WithRSAEncryption", "RSA with SHA1" },
MBEDTLS_MD_SHA1, MBEDTLS_PK_RSA,
},
{
{ ADD_LEN( OID_PKCS1_SHA224 ), "sha224WithRSAEncryption", "RSA with SHA-224" },
POLARSSL_MD_SHA224, POLARSSL_PK_RSA,
{ ADD_LEN( MBEDTLS_OID_PKCS1_SHA224 ), "sha224WithRSAEncryption", "RSA with SHA-224" },
MBEDTLS_MD_SHA224, MBEDTLS_PK_RSA,
},
{
{ ADD_LEN( OID_PKCS1_SHA256 ), "sha256WithRSAEncryption", "RSA with SHA-256" },
POLARSSL_MD_SHA256, POLARSSL_PK_RSA,
{ ADD_LEN( MBEDTLS_OID_PKCS1_SHA256 ), "sha256WithRSAEncryption", "RSA with SHA-256" },
MBEDTLS_MD_SHA256, MBEDTLS_PK_RSA,
},
{
{ ADD_LEN( OID_PKCS1_SHA384 ), "sha384WithRSAEncryption", "RSA with SHA-384" },
POLARSSL_MD_SHA384, POLARSSL_PK_RSA,
{ ADD_LEN( MBEDTLS_OID_PKCS1_SHA384 ), "sha384WithRSAEncryption", "RSA with SHA-384" },
MBEDTLS_MD_SHA384, MBEDTLS_PK_RSA,
},
{
{ ADD_LEN( OID_PKCS1_SHA512 ), "sha512WithRSAEncryption", "RSA with SHA-512" },
POLARSSL_MD_SHA512, POLARSSL_PK_RSA,
{ ADD_LEN( MBEDTLS_OID_PKCS1_SHA512 ), "sha512WithRSAEncryption", "RSA with SHA-512" },
MBEDTLS_MD_SHA512, MBEDTLS_PK_RSA,
},
{
{ ADD_LEN( OID_RSA_SHA_OBS ), "sha-1WithRSAEncryption", "RSA with SHA1" },
POLARSSL_MD_SHA1, POLARSSL_PK_RSA,
{ ADD_LEN( MBEDTLS_OID_RSA_SHA_OBS ), "sha-1WithRSAEncryption", "RSA with SHA1" },
MBEDTLS_MD_SHA1, MBEDTLS_PK_RSA,
},
{
{ ADD_LEN( OID_ECDSA_SHA1 ), "ecdsa-with-SHA1", "ECDSA with SHA1" },
POLARSSL_MD_SHA1, POLARSSL_PK_ECDSA,
{ ADD_LEN( MBEDTLS_OID_ECDSA_SHA1 ), "ecdsa-with-SHA1", "ECDSA with SHA1" },
MBEDTLS_MD_SHA1, MBEDTLS_PK_ECDSA,
},
{
{ ADD_LEN( OID_ECDSA_SHA224 ), "ecdsa-with-SHA224", "ECDSA with SHA224" },
POLARSSL_MD_SHA224, POLARSSL_PK_ECDSA,
{ ADD_LEN( MBEDTLS_OID_ECDSA_SHA224 ), "ecdsa-with-SHA224", "ECDSA with SHA224" },
MBEDTLS_MD_SHA224, MBEDTLS_PK_ECDSA,
},
{
{ ADD_LEN( OID_ECDSA_SHA256 ), "ecdsa-with-SHA256", "ECDSA with SHA256" },
POLARSSL_MD_SHA256, POLARSSL_PK_ECDSA,
{ ADD_LEN( MBEDTLS_OID_ECDSA_SHA256 ), "ecdsa-with-SHA256", "ECDSA with SHA256" },
MBEDTLS_MD_SHA256, MBEDTLS_PK_ECDSA,
},
{
{ ADD_LEN( OID_ECDSA_SHA384 ), "ecdsa-with-SHA384", "ECDSA with SHA384" },
POLARSSL_MD_SHA384, POLARSSL_PK_ECDSA,
{ ADD_LEN( MBEDTLS_OID_ECDSA_SHA384 ), "ecdsa-with-SHA384", "ECDSA with SHA384" },
MBEDTLS_MD_SHA384, MBEDTLS_PK_ECDSA,
},
{
{ ADD_LEN( OID_ECDSA_SHA512 ), "ecdsa-with-SHA512", "ECDSA with SHA512" },
POLARSSL_MD_SHA512, POLARSSL_PK_ECDSA,
{ ADD_LEN( MBEDTLS_OID_ECDSA_SHA512 ), "ecdsa-with-SHA512", "ECDSA with SHA512" },
MBEDTLS_MD_SHA512, MBEDTLS_PK_ECDSA,
},
{
{ ADD_LEN( OID_RSASSA_PSS ), "RSASSA-PSS", "RSASSA-PSS" },
POLARSSL_MD_NONE, POLARSSL_PK_RSASSA_PSS,
{ ADD_LEN( MBEDTLS_OID_RSASSA_PSS ), "RSASSA-PSS", "RSASSA-PSS" },
MBEDTLS_MD_NONE, MBEDTLS_PK_RSASSA_PSS,
},
{
{ NULL, 0, NULL, NULL },
POLARSSL_MD_NONE, POLARSSL_PK_NONE,
MBEDTLS_MD_NONE, MBEDTLS_PK_NONE,
},
};
FN_OID_TYPED_FROM_ASN1(oid_sig_alg_t, sig_alg, oid_sig_alg);
FN_OID_GET_DESCRIPTOR_ATTR1(oid_get_sig_alg_desc, oid_sig_alg_t, sig_alg, const char *, description);
FN_OID_GET_ATTR2(oid_get_sig_alg, oid_sig_alg_t, sig_alg, md_type_t, md_alg, pk_type_t, pk_alg);
FN_OID_GET_OID_BY_ATTR2(oid_get_oid_by_sig_alg, oid_sig_alg_t, oid_sig_alg, pk_type_t, pk_alg, md_type_t, md_alg);
#endif /* POLARSSL_MD_C */
FN_OID_GET_DESCRIPTOR_ATTR1(mbedtls_oid_get_sig_alg_desc, oid_sig_alg_t, sig_alg, const char *, description);
FN_OID_GET_ATTR2(mbedtls_oid_get_sig_alg, oid_sig_alg_t, sig_alg, mbedtls_md_type_t, md_alg, mbedtls_pk_type_t, pk_alg);
FN_OID_GET_OID_BY_ATTR2(mbedtls_oid_get_oid_by_sig_alg, oid_sig_alg_t, oid_sig_alg, mbedtls_pk_type_t, pk_alg, mbedtls_md_type_t, md_alg);
#endif /* MBEDTLS_MD_C */
/*
* For PublicKeyInfo (PKCS1, RFC 5480)
*/
typedef struct {
oid_descriptor_t descriptor;
pk_type_t pk_alg;
mbedtls_oid_descriptor_t descriptor;
mbedtls_pk_type_t pk_alg;
} oid_pk_alg_t;
static const oid_pk_alg_t oid_pk_alg[] =
{
{
{ ADD_LEN( OID_PKCS1_RSA ), "rsaEncryption", "RSA" },
POLARSSL_PK_RSA,
{ ADD_LEN( MBEDTLS_OID_PKCS1_RSA ), "rsaEncryption", "RSA" },
MBEDTLS_PK_RSA,
},
{
{ ADD_LEN( OID_EC_ALG_UNRESTRICTED ), "id-ecPublicKey", "Generic EC key" },
POLARSSL_PK_ECKEY,
{ ADD_LEN( MBEDTLS_OID_EC_ALG_UNRESTRICTED ), "id-ecPublicKey", "Generic EC key" },
MBEDTLS_PK_ECKEY,
},
{
{ ADD_LEN( OID_EC_ALG_ECDH ), "id-ecDH", "EC key for ECDH" },
POLARSSL_PK_ECKEY_DH,
{ ADD_LEN( MBEDTLS_OID_EC_ALG_ECDH ), "id-ecDH", "EC key for ECDH" },
MBEDTLS_PK_ECKEY_DH,
},
{
{ NULL, 0, NULL, NULL },
POLARSSL_PK_NONE,
MBEDTLS_PK_NONE,
},
};
FN_OID_TYPED_FROM_ASN1(oid_pk_alg_t, pk_alg, oid_pk_alg);
FN_OID_GET_ATTR1(oid_get_pk_alg, oid_pk_alg_t, pk_alg, pk_type_t, pk_alg);
FN_OID_GET_OID_BY_ATTR1(oid_get_oid_by_pk_alg, oid_pk_alg_t, oid_pk_alg, pk_type_t, pk_alg);
FN_OID_GET_ATTR1(mbedtls_oid_get_pk_alg, oid_pk_alg_t, pk_alg, mbedtls_pk_type_t, pk_alg);
FN_OID_GET_OID_BY_ATTR1(mbedtls_oid_get_oid_by_pk_alg, oid_pk_alg_t, oid_pk_alg, mbedtls_pk_type_t, pk_alg);
#if defined(POLARSSL_ECP_C)
#if defined(MBEDTLS_ECP_C)
/*
* For namedCurve (RFC 5480)
*/
typedef struct {
oid_descriptor_t descriptor;
ecp_group_id grp_id;
mbedtls_oid_descriptor_t descriptor;
mbedtls_ecp_group_id grp_id;
} oid_ecp_grp_t;
static const oid_ecp_grp_t oid_ecp_grp[] =
{
{
{ ADD_LEN( OID_EC_GRP_SECP192R1 ), "secp192r1", "secp192r1" },
POLARSSL_ECP_DP_SECP192R1,
{ ADD_LEN( MBEDTLS_OID_EC_GRP_SECP192R1 ), "secp192r1", "secp192r1" },
MBEDTLS_ECP_DP_SECP192R1,
},
{
{ ADD_LEN( OID_EC_GRP_SECP224R1 ), "secp224r1", "secp224r1" },
POLARSSL_ECP_DP_SECP224R1,
{ ADD_LEN( MBEDTLS_OID_EC_GRP_SECP224R1 ), "secp224r1", "secp224r1" },
MBEDTLS_ECP_DP_SECP224R1,
},
{
{ ADD_LEN( OID_EC_GRP_SECP256R1 ), "secp256r1", "secp256r1" },
POLARSSL_ECP_DP_SECP256R1,
{ ADD_LEN( MBEDTLS_OID_EC_GRP_SECP256R1 ), "secp256r1", "secp256r1" },
MBEDTLS_ECP_DP_SECP256R1,
},
{
{ ADD_LEN( OID_EC_GRP_SECP384R1 ), "secp384r1", "secp384r1" },
POLARSSL_ECP_DP_SECP384R1,
{ ADD_LEN( MBEDTLS_OID_EC_GRP_SECP384R1 ), "secp384r1", "secp384r1" },
MBEDTLS_ECP_DP_SECP384R1,
},
{
{ ADD_LEN( OID_EC_GRP_SECP521R1 ), "secp521r1", "secp521r1" },
POLARSSL_ECP_DP_SECP521R1,
{ ADD_LEN( MBEDTLS_OID_EC_GRP_SECP521R1 ), "secp521r1", "secp521r1" },
MBEDTLS_ECP_DP_SECP521R1,
},
{
{ ADD_LEN( OID_EC_GRP_SECP192K1 ), "secp192k1", "secp192k1" },
POLARSSL_ECP_DP_SECP192K1,
{ ADD_LEN( MBEDTLS_OID_EC_GRP_SECP192K1 ), "secp192k1", "secp192k1" },
MBEDTLS_ECP_DP_SECP192K1,
},
{
{ ADD_LEN( OID_EC_GRP_SECP224K1 ), "secp224k1", "secp224k1" },
POLARSSL_ECP_DP_SECP224K1,
{ ADD_LEN( MBEDTLS_OID_EC_GRP_SECP224K1 ), "secp224k1", "secp224k1" },
MBEDTLS_ECP_DP_SECP224K1,
},
{
{ ADD_LEN( OID_EC_GRP_SECP256K1 ), "secp256k1", "secp256k1" },
POLARSSL_ECP_DP_SECP256K1,
{ ADD_LEN( MBEDTLS_OID_EC_GRP_SECP256K1 ), "secp256k1", "secp256k1" },
MBEDTLS_ECP_DP_SECP256K1,
},
{
{ ADD_LEN( OID_EC_GRP_BP256R1 ), "brainpoolP256r1","brainpool256r1" },
POLARSSL_ECP_DP_BP256R1,
{ ADD_LEN( MBEDTLS_OID_EC_GRP_BP256R1 ), "brainpoolP256r1","brainpool256r1" },
MBEDTLS_ECP_DP_BP256R1,
},
{
{ ADD_LEN( OID_EC_GRP_BP384R1 ), "brainpoolP384r1","brainpool384r1" },
POLARSSL_ECP_DP_BP384R1,
{ ADD_LEN( MBEDTLS_OID_EC_GRP_BP384R1 ), "brainpoolP384r1","brainpool384r1" },
MBEDTLS_ECP_DP_BP384R1,
},
{
{ ADD_LEN( OID_EC_GRP_BP512R1 ), "brainpoolP512r1","brainpool512r1" },
POLARSSL_ECP_DP_BP512R1,
{ ADD_LEN( MBEDTLS_OID_EC_GRP_BP512R1 ), "brainpoolP512r1","brainpool512r1" },
MBEDTLS_ECP_DP_BP512R1,
},
{
{ NULL, 0, NULL, NULL },
POLARSSL_ECP_DP_NONE,
MBEDTLS_ECP_DP_NONE,
},
};
FN_OID_TYPED_FROM_ASN1(oid_ecp_grp_t, grp_id, oid_ecp_grp);
FN_OID_GET_ATTR1(oid_get_ec_grp, oid_ecp_grp_t, grp_id, ecp_group_id, grp_id);
FN_OID_GET_OID_BY_ATTR1(oid_get_oid_by_ec_grp, oid_ecp_grp_t, oid_ecp_grp, ecp_group_id, grp_id);
#endif /* POLARSSL_ECP_C */
FN_OID_GET_ATTR1(mbedtls_oid_get_ec_grp, oid_ecp_grp_t, grp_id, mbedtls_ecp_group_id, grp_id);
FN_OID_GET_OID_BY_ATTR1(mbedtls_oid_get_oid_by_ec_grp, oid_ecp_grp_t, oid_ecp_grp, mbedtls_ecp_group_id, grp_id);
#endif /* MBEDTLS_ECP_C */
#if defined(POLARSSL_CIPHER_C)
#if defined(MBEDTLS_CIPHER_C)
/*
* For PKCS#5 PBES2 encryption algorithm
*/
typedef struct {
oid_descriptor_t descriptor;
cipher_type_t cipher_alg;
mbedtls_oid_descriptor_t descriptor;
mbedtls_cipher_type_t cipher_alg;
} oid_cipher_alg_t;
static const oid_cipher_alg_t oid_cipher_alg[] =
{
{
{ ADD_LEN( OID_DES_CBC ), "desCBC", "DES-CBC" },
POLARSSL_CIPHER_DES_CBC,
{ ADD_LEN( MBEDTLS_OID_DES_CBC ), "desCBC", "DES-CBC" },
MBEDTLS_CIPHER_DES_CBC,
},
{
{ ADD_LEN( OID_DES_EDE3_CBC ), "des-ede3-cbc", "DES-EDE3-CBC" },
POLARSSL_CIPHER_DES_EDE3_CBC,
{ ADD_LEN( MBEDTLS_OID_DES_EDE3_CBC ), "des-ede3-cbc", "DES-EDE3-CBC" },
MBEDTLS_CIPHER_DES_EDE3_CBC,
},
{
{ NULL, 0, NULL, NULL },
POLARSSL_CIPHER_NONE,
MBEDTLS_CIPHER_NONE,
},
};
FN_OID_TYPED_FROM_ASN1(oid_cipher_alg_t, cipher_alg, oid_cipher_alg);
FN_OID_GET_ATTR1(oid_get_cipher_alg, oid_cipher_alg_t, cipher_alg, cipher_type_t, cipher_alg);
#endif /* POLARSSL_CIPHER_C */
FN_OID_GET_ATTR1(mbedtls_oid_get_cipher_alg, oid_cipher_alg_t, cipher_alg, mbedtls_cipher_type_t, cipher_alg);
#endif /* MBEDTLS_CIPHER_C */
#if defined(POLARSSL_MD_C)
#if defined(MBEDTLS_MD_C)
/*
* For digestAlgorithm
*/
typedef struct {
oid_descriptor_t descriptor;
md_type_t md_alg;
mbedtls_oid_descriptor_t descriptor;
mbedtls_md_type_t md_alg;
} oid_md_alg_t;
static const oid_md_alg_t oid_md_alg[] =
{
{
{ ADD_LEN( OID_DIGEST_ALG_MD2 ), "id-md2", "MD2" },
POLARSSL_MD_MD2,
{ ADD_LEN( MBEDTLS_OID_DIGEST_ALG_MD2 ), "id-md2", "MD2" },
MBEDTLS_MD_MD2,
},
{
{ ADD_LEN( OID_DIGEST_ALG_MD4 ), "id-md4", "MD4" },
POLARSSL_MD_MD4,
{ ADD_LEN( MBEDTLS_OID_DIGEST_ALG_MD4 ), "id-md4", "MD4" },
MBEDTLS_MD_MD4,
},
{
{ ADD_LEN( OID_DIGEST_ALG_MD5 ), "id-md5", "MD5" },
POLARSSL_MD_MD5,
{ ADD_LEN( MBEDTLS_OID_DIGEST_ALG_MD5 ), "id-md5", "MD5" },
MBEDTLS_MD_MD5,
},
{
{ ADD_LEN( OID_DIGEST_ALG_SHA1 ), "id-sha1", "SHA-1" },
POLARSSL_MD_SHA1,
{ ADD_LEN( MBEDTLS_OID_DIGEST_ALG_SHA1 ), "id-sha1", "SHA-1" },
MBEDTLS_MD_SHA1,
},
{
{ ADD_LEN( OID_DIGEST_ALG_SHA224 ), "id-sha224", "SHA-224" },
POLARSSL_MD_SHA224,
{ ADD_LEN( MBEDTLS_OID_DIGEST_ALG_SHA224 ), "id-sha224", "SHA-224" },
MBEDTLS_MD_SHA224,
},
{
{ ADD_LEN( OID_DIGEST_ALG_SHA256 ), "id-sha256", "SHA-256" },
POLARSSL_MD_SHA256,
{ ADD_LEN( MBEDTLS_OID_DIGEST_ALG_SHA256 ), "id-sha256", "SHA-256" },
MBEDTLS_MD_SHA256,
},
{
{ ADD_LEN( OID_DIGEST_ALG_SHA384 ), "id-sha384", "SHA-384" },
POLARSSL_MD_SHA384,
{ ADD_LEN( MBEDTLS_OID_DIGEST_ALG_SHA384 ), "id-sha384", "SHA-384" },
MBEDTLS_MD_SHA384,
},
{
{ ADD_LEN( OID_DIGEST_ALG_SHA512 ), "id-sha512", "SHA-512" },
POLARSSL_MD_SHA512,
{ ADD_LEN( MBEDTLS_OID_DIGEST_ALG_SHA512 ), "id-sha512", "SHA-512" },
MBEDTLS_MD_SHA512,
},
{
{ NULL, 0, NULL, NULL },
POLARSSL_MD_NONE,
MBEDTLS_MD_NONE,
},
};
FN_OID_TYPED_FROM_ASN1(oid_md_alg_t, md_alg, oid_md_alg);
FN_OID_GET_ATTR1(oid_get_md_alg, oid_md_alg_t, md_alg, md_type_t, md_alg);
FN_OID_GET_OID_BY_ATTR1(oid_get_oid_by_md, oid_md_alg_t, oid_md_alg, md_type_t, md_alg);
#endif /* POLARSSL_MD_C */
FN_OID_GET_ATTR1(mbedtls_oid_get_md_alg, oid_md_alg_t, md_alg, mbedtls_md_type_t, md_alg);
FN_OID_GET_OID_BY_ATTR1(mbedtls_oid_get_oid_by_md, oid_md_alg_t, oid_md_alg, mbedtls_md_type_t, md_alg);
#endif /* MBEDTLS_MD_C */
#if defined(POLARSSL_PKCS12_C)
#if defined(MBEDTLS_PKCS12_C)
/*
* For PKCS#12 PBEs
*/
typedef struct {
oid_descriptor_t descriptor;
md_type_t md_alg;
cipher_type_t cipher_alg;
mbedtls_oid_descriptor_t descriptor;
mbedtls_md_type_t md_alg;
mbedtls_cipher_type_t cipher_alg;
} oid_pkcs12_pbe_alg_t;
static const oid_pkcs12_pbe_alg_t oid_pkcs12_pbe_alg[] =
{
{
{ ADD_LEN( OID_PKCS12_PBE_SHA1_DES3_EDE_CBC ), "pbeWithSHAAnd3-KeyTripleDES-CBC", "PBE with SHA1 and 3-Key 3DES" },
POLARSSL_MD_SHA1, POLARSSL_CIPHER_DES_EDE3_CBC,
{ ADD_LEN( MBEDTLS_OID_PKCS12_PBE_SHA1_DES3_EDE_CBC ), "pbeWithSHAAnd3-KeyTripleDES-CBC", "PBE with SHA1 and 3-Key 3DES" },
MBEDTLS_MD_SHA1, MBEDTLS_CIPHER_DES_EDE3_CBC,
},
{
{ ADD_LEN( OID_PKCS12_PBE_SHA1_DES2_EDE_CBC ), "pbeWithSHAAnd2-KeyTripleDES-CBC", "PBE with SHA1 and 2-Key 3DES" },
POLARSSL_MD_SHA1, POLARSSL_CIPHER_DES_EDE_CBC,
{ ADD_LEN( MBEDTLS_OID_PKCS12_PBE_SHA1_DES2_EDE_CBC ), "pbeWithSHAAnd2-KeyTripleDES-CBC", "PBE with SHA1 and 2-Key 3DES" },
MBEDTLS_MD_SHA1, MBEDTLS_CIPHER_DES_EDE_CBC,
},
{
{ NULL, 0, NULL, NULL },
POLARSSL_MD_NONE, POLARSSL_CIPHER_NONE,
MBEDTLS_MD_NONE, MBEDTLS_CIPHER_NONE,
},
};
FN_OID_TYPED_FROM_ASN1(oid_pkcs12_pbe_alg_t, pkcs12_pbe_alg, oid_pkcs12_pbe_alg);
FN_OID_GET_ATTR2(oid_get_pkcs12_pbe_alg, oid_pkcs12_pbe_alg_t, pkcs12_pbe_alg, md_type_t, md_alg, cipher_type_t, cipher_alg);
#endif /* POLARSSL_PKCS12_C */
FN_OID_GET_ATTR2(mbedtls_oid_get_pkcs12_pbe_alg, oid_pkcs12_pbe_alg_t, pkcs12_pbe_alg, mbedtls_md_type_t, md_alg, mbedtls_cipher_type_t, cipher_alg);
#endif /* MBEDTLS_PKCS12_C */
#if defined(_MSC_VER) && !defined snprintf && !defined(EFIX64) && \
!defined(EFI32)
@ -637,11 +637,11 @@ static int compat_snprintf( char *str, size_t size, const char *format, ... )
#define SAFE_SNPRINTF() \
{ \
if( ret == -1 ) \
return( POLARSSL_ERR_OID_BUF_TOO_SMALL ); \
return( MBEDTLS_ERR_OID_BUF_TOO_SMALL ); \
\
if( (unsigned int) ret >= n ) { \
p[n - 1] = '\0'; \
return( POLARSSL_ERR_OID_BUF_TOO_SMALL ); \
return( MBEDTLS_ERR_OID_BUF_TOO_SMALL ); \
} \
\
n -= (unsigned int) ret; \
@ -649,8 +649,8 @@ static int compat_snprintf( char *str, size_t size, const char *format, ... )
}
/* Return the x.y.z.... style numeric string for the given OID */
int oid_get_numeric_string( char *buf, size_t size,
const asn1_buf *oid )
int mbedtls_oid_get_numeric_string( char *buf, size_t size,
const mbedtls_asn1_buf *oid )
{
int ret;
size_t i, n;
@ -663,7 +663,7 @@ int oid_get_numeric_string( char *buf, size_t size,
/* First byte contains first two dots */
if( oid->len > 0 )
{
ret = polarssl_snprintf( p, n, "%d.%d", oid->p[0] / 40, oid->p[0] % 40 );
ret = mbedtls_snprintf( p, n, "%d.%d", oid->p[0] / 40, oid->p[0] % 40 );
SAFE_SNPRINTF();
}
@ -672,7 +672,7 @@ int oid_get_numeric_string( char *buf, size_t size,
{
/* Prevent overflow in value. */
if( ( ( value << 7 ) >> 7 ) != value )
return( POLARSSL_ERR_OID_BUF_TOO_SMALL );
return( MBEDTLS_ERR_OID_BUF_TOO_SMALL );
value <<= 7;
value += oid->p[i] & 0x7F;
@ -680,7 +680,7 @@ int oid_get_numeric_string( char *buf, size_t size,
if( !( oid->p[i] & 0x80 ) )
{
/* Last byte */
ret = polarssl_snprintf( p, n, ".%d", value );
ret = mbedtls_snprintf( p, n, ".%d", value );
SAFE_SNPRINTF();
value = 0;
}
@ -689,4 +689,4 @@ int oid_get_numeric_string( char *buf, size_t size,
return( (int) ( size - n ) );
}
#endif /* POLARSSL_OID_C */
#endif /* MBEDTLS_OID_C */

24
library/padlock.c
View File

@ -26,24 +26,24 @@
* programming_guide.pdf
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_PADLOCK_C)
#if defined(MBEDTLS_PADLOCK_C)
#include "mbedtls/padlock.h"
#include <string.h>
#if defined(POLARSSL_HAVE_X86)
#if defined(MBEDTLS_HAVE_X86)
/*
* PadLock detection routine
*/
int padlock_supports( int feature )
int mbedtls_padlock_supports( int feature )
{
static int flags = -1;
int ebx = 0, edx = 0;
@ -74,7 +74,7 @@ int padlock_supports( int feature )
/*
* PadLock AES-ECB block en(de)cryption
*/
int padlock_xcryptecb( aes_context *ctx,
int mbedtls_padlock_xcryptecb( mbedtls_aes_context *ctx,
int mode,
const unsigned char input[16],
unsigned char output[16] )
@ -86,7 +86,7 @@ int padlock_xcryptecb( aes_context *ctx,
unsigned char buf[256];
rk = ctx->rk;
blk = PADLOCK_ALIGN16( buf );
blk = MBEDTLS_PADLOCK_ALIGN16( buf );
memcpy( blk, input, 16 );
ctrl = blk + 4;
@ -114,7 +114,7 @@ int padlock_xcryptecb( aes_context *ctx,
/*
* PadLock AES-CBC buffer en(de)cryption
*/
int padlock_xcryptcbc( aes_context *ctx,
int mbedtls_padlock_xcryptcbc( mbedtls_aes_context *ctx,
int mode,
size_t length,
unsigned char iv[16],
@ -130,10 +130,10 @@ int padlock_xcryptcbc( aes_context *ctx,
if( ( (long) input & 15 ) != 0 ||
( (long) output & 15 ) != 0 )
return( POLARSSL_ERR_PADLOCK_DATA_MISALIGNED );
return( MBEDTLS_ERR_PADLOCK_DATA_MISALIGNED );
rk = ctx->rk;
iw = PADLOCK_ALIGN16( buf );
iw = MBEDTLS_PADLOCK_ALIGN16( buf );
memcpy( iw, iv, 16 );
ctrl = iw + 4;
@ -162,6 +162,6 @@ int padlock_xcryptcbc( aes_context *ctx,
return( 0 );
}
#endif /* POLARSSL_HAVE_X86 */
#endif /* MBEDTLS_HAVE_X86 */
#endif /* POLARSSL_PADLOCK_C */
#endif /* MBEDTLS_PADLOCK_C */

254
library/pem.c
View File

@ -20,13 +20,13 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_PEM_PARSE_C) || defined(POLARSSL_PEM_WRITE_C)
#if defined(MBEDTLS_PEM_PARSE_C) || defined(MBEDTLS_PEM_WRITE_C)
#include "mbedtls/pem.h"
#include "mbedtls/base64.h"
@ -37,27 +37,27 @@
#include <string.h>
#if defined(POLARSSL_PLATFORM_C)
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#include <stdlib.h>
#define polarssl_malloc malloc
#define polarssl_free free
#define mbedtls_malloc malloc
#define mbedtls_free free
#endif
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
#if defined(POLARSSL_PEM_PARSE_C)
void pem_init( pem_context *ctx )
#if defined(MBEDTLS_PEM_PARSE_C)
void mbedtls_pem_init( mbedtls_pem_context *ctx )
{
memset( ctx, 0, sizeof( pem_context ) );
memset( ctx, 0, sizeof( mbedtls_pem_context ) );
}
#if defined(POLARSSL_MD5_C) && defined(POLARSSL_CIPHER_MODE_CBC) && \
( defined(POLARSSL_DES_C) || defined(POLARSSL_AES_C) )
#if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) && \
( defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C) )
/*
* Read a 16-byte hex string and convert it to binary
*/
@ -73,7 +73,7 @@ static int pem_get_iv( const unsigned char *s, unsigned char *iv,
if( *s >= '0' && *s <= '9' ) j = *s - '0'; else
if( *s >= 'A' && *s <= 'F' ) j = *s - '7'; else
if( *s >= 'a' && *s <= 'f' ) j = *s - 'W'; else
return( POLARSSL_ERR_PEM_INVALID_ENC_IV );
return( MBEDTLS_ERR_PEM_INVALID_ENC_IV );
k = ( ( i & 1 ) != 0 ) ? j : j << 4;
@ -87,26 +87,26 @@ static void pem_pbkdf1( unsigned char *key, size_t keylen,
unsigned char *iv,
const unsigned char *pwd, size_t pwdlen )
{
md5_context md5_ctx;
mbedtls_md5_context md5_ctx;
unsigned char md5sum[16];
size_t use_len;
md5_init( &md5_ctx );
mbedtls_md5_init( &md5_ctx );
/*
* key[ 0..15] = MD5(pwd || IV)
*/
md5_starts( &md5_ctx );
md5_update( &md5_ctx, pwd, pwdlen );
md5_update( &md5_ctx, iv, 8 );
md5_finish( &md5_ctx, md5sum );
mbedtls_md5_starts( &md5_ctx );
mbedtls_md5_update( &md5_ctx, pwd, pwdlen );
mbedtls_md5_update( &md5_ctx, iv, 8 );
mbedtls_md5_finish( &md5_ctx, md5sum );
if( keylen <= 16 )
{
memcpy( key, md5sum, keylen );
md5_free( &md5_ctx );
polarssl_zeroize( md5sum, 16 );
mbedtls_md5_free( &md5_ctx );
mbedtls_zeroize( md5sum, 16 );
return;
}
@ -115,11 +115,11 @@ static void pem_pbkdf1( unsigned char *key, size_t keylen,
/*
* key[16..23] = MD5(key[ 0..15] || pwd || IV])
*/
md5_starts( &md5_ctx );
md5_update( &md5_ctx, md5sum, 16 );
md5_update( &md5_ctx, pwd, pwdlen );
md5_update( &md5_ctx, iv, 8 );
md5_finish( &md5_ctx, md5sum );
mbedtls_md5_starts( &md5_ctx );
mbedtls_md5_update( &md5_ctx, md5sum, 16 );
mbedtls_md5_update( &md5_ctx, pwd, pwdlen );
mbedtls_md5_update( &md5_ctx, iv, 8 );
mbedtls_md5_finish( &md5_ctx, md5sum );
use_len = 16;
if( keylen < 32 )
@ -127,11 +127,11 @@ static void pem_pbkdf1( unsigned char *key, size_t keylen,
memcpy( key + 16, md5sum, use_len );
md5_free( &md5_ctx );
polarssl_zeroize( md5sum, 16 );
mbedtls_md5_free( &md5_ctx );
mbedtls_zeroize( md5sum, 16 );
}
#if defined(POLARSSL_DES_C)
#if defined(MBEDTLS_DES_C)
/*
* Decrypt with DES-CBC, using PBKDF1 for key derivation
*/
@ -139,19 +139,19 @@ static void pem_des_decrypt( unsigned char des_iv[8],
unsigned char *buf, size_t buflen,
const unsigned char *pwd, size_t pwdlen )
{
des_context des_ctx;
mbedtls_des_context des_ctx;
unsigned char des_key[8];
des_init( &des_ctx );
mbedtls_des_init( &des_ctx );
pem_pbkdf1( des_key, 8, des_iv, pwd, pwdlen );
des_setkey_dec( &des_ctx, des_key );
des_crypt_cbc( &des_ctx, DES_DECRYPT, buflen,
mbedtls_des_setkey_dec( &des_ctx, des_key );
mbedtls_des_crypt_cbc( &des_ctx, MBEDTLS_DES_DECRYPT, buflen,
des_iv, buf, buf );
des_free( &des_ctx );
polarssl_zeroize( des_key, 8 );
mbedtls_des_free( &des_ctx );
mbedtls_zeroize( des_key, 8 );
}
/*
@ -161,23 +161,23 @@ static void pem_des3_decrypt( unsigned char des3_iv[8],
unsigned char *buf, size_t buflen,
const unsigned char *pwd, size_t pwdlen )
{
des3_context des3_ctx;
mbedtls_des3_context des3_ctx;
unsigned char des3_key[24];
des3_init( &des3_ctx );
mbedtls_des3_init( &des3_ctx );
pem_pbkdf1( des3_key, 24, des3_iv, pwd, pwdlen );
des3_set3key_dec( &des3_ctx, des3_key );
des3_crypt_cbc( &des3_ctx, DES_DECRYPT, buflen,
mbedtls_des3_set3key_dec( &des3_ctx, des3_key );
mbedtls_des3_crypt_cbc( &des3_ctx, MBEDTLS_DES_DECRYPT, buflen,
des3_iv, buf, buf );
des3_free( &des3_ctx );
polarssl_zeroize( des3_key, 24 );
mbedtls_des3_free( &des3_ctx );
mbedtls_zeroize( des3_key, 24 );
}
#endif /* POLARSSL_DES_C */
#endif /* MBEDTLS_DES_C */
#if defined(POLARSSL_AES_C)
#if defined(MBEDTLS_AES_C)
/*
* Decrypt with AES-XXX-CBC, using PBKDF1 for key derivation
*/
@ -185,26 +185,26 @@ static void pem_aes_decrypt( unsigned char aes_iv[16], unsigned int keylen,
unsigned char *buf, size_t buflen,
const unsigned char *pwd, size_t pwdlen )
{
aes_context aes_ctx;
mbedtls_aes_context aes_ctx;
unsigned char aes_key[32];
aes_init( &aes_ctx );
mbedtls_aes_init( &aes_ctx );
pem_pbkdf1( aes_key, keylen, aes_iv, pwd, pwdlen );
aes_setkey_dec( &aes_ctx, aes_key, keylen * 8 );
aes_crypt_cbc( &aes_ctx, AES_DECRYPT, buflen,
mbedtls_aes_setkey_dec( &aes_ctx, aes_key, keylen * 8 );
mbedtls_aes_crypt_cbc( &aes_ctx, MBEDTLS_AES_DECRYPT, buflen,
aes_iv, buf, buf );
aes_free( &aes_ctx );
polarssl_zeroize( aes_key, keylen );
mbedtls_aes_free( &aes_ctx );
mbedtls_zeroize( aes_key, keylen );
}
#endif /* POLARSSL_AES_C */
#endif /* MBEDTLS_AES_C */
#endif /* POLARSSL_MD5_C && POLARSSL_CIPHER_MODE_CBC &&
( POLARSSL_AES_C || POLARSSL_DES_C ) */
#endif /* MBEDTLS_MD5_C && MBEDTLS_CIPHER_MODE_CBC &&
( MBEDTLS_AES_C || MBEDTLS_DES_C ) */
int pem_read_buffer( pem_context *ctx, const char *header, const char *footer,
int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const char *footer,
const unsigned char *data, const unsigned char *pwd,
size_t pwdlen, size_t *use_len )
{
@ -212,33 +212,33 @@ int pem_read_buffer( pem_context *ctx, const char *header, const char *footer,
size_t len;
unsigned char *buf;
const unsigned char *s1, *s2, *end;
#if defined(POLARSSL_MD5_C) && defined(POLARSSL_CIPHER_MODE_CBC) && \
( defined(POLARSSL_DES_C) || defined(POLARSSL_AES_C) )
#if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) && \
( defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C) )
unsigned char pem_iv[16];
cipher_type_t enc_alg = POLARSSL_CIPHER_NONE;
mbedtls_cipher_type_t enc_alg = MBEDTLS_CIPHER_NONE;
#else
((void) pwd);
((void) pwdlen);
#endif /* POLARSSL_MD5_C && POLARSSL_CIPHER_MODE_CBC &&
( POLARSSL_AES_C || POLARSSL_DES_C ) */
#endif /* MBEDTLS_MD5_C && MBEDTLS_CIPHER_MODE_CBC &&
( MBEDTLS_AES_C || MBEDTLS_DES_C ) */
if( ctx == NULL )
return( POLARSSL_ERR_PEM_BAD_INPUT_DATA );
return( MBEDTLS_ERR_PEM_BAD_INPUT_DATA );
s1 = (unsigned char *) strstr( (const char *) data, header );
if( s1 == NULL )
return( POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT );
return( MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT );
s2 = (unsigned char *) strstr( (const char *) data, footer );
if( s2 == NULL || s2 <= s1 )
return( POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT );
return( MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT );
s1 += strlen( header );
if( *s1 == '\r' ) s1++;
if( *s1 == '\n' ) s1++;
else return( POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT );
else return( MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT );
end = s2;
end += strlen( footer );
@ -250,111 +250,111 @@ int pem_read_buffer( pem_context *ctx, const char *header, const char *footer,
if( memcmp( s1, "Proc-Type: 4,ENCRYPTED", 22 ) == 0 )
{
#if defined(POLARSSL_MD5_C) && defined(POLARSSL_CIPHER_MODE_CBC) && \
( defined(POLARSSL_DES_C) || defined(POLARSSL_AES_C) )
#if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) && \
( defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C) )
enc++;
s1 += 22;
if( *s1 == '\r' ) s1++;
if( *s1 == '\n' ) s1++;
else return( POLARSSL_ERR_PEM_INVALID_DATA );
else return( MBEDTLS_ERR_PEM_INVALID_DATA );
#if defined(POLARSSL_DES_C)
#if defined(MBEDTLS_DES_C)
if( memcmp( s1, "DEK-Info: DES-EDE3-CBC,", 23 ) == 0 )
{
enc_alg = POLARSSL_CIPHER_DES_EDE3_CBC;
enc_alg = MBEDTLS_CIPHER_DES_EDE3_CBC;
s1 += 23;
if( pem_get_iv( s1, pem_iv, 8 ) != 0 )
return( POLARSSL_ERR_PEM_INVALID_ENC_IV );
return( MBEDTLS_ERR_PEM_INVALID_ENC_IV );
s1 += 16;
}
else if( memcmp( s1, "DEK-Info: DES-CBC,", 18 ) == 0 )
{
enc_alg = POLARSSL_CIPHER_DES_CBC;
enc_alg = MBEDTLS_CIPHER_DES_CBC;
s1 += 18;
if( pem_get_iv( s1, pem_iv, 8) != 0 )
return( POLARSSL_ERR_PEM_INVALID_ENC_IV );
return( MBEDTLS_ERR_PEM_INVALID_ENC_IV );
s1 += 16;
}
#endif /* POLARSSL_DES_C */
#endif /* MBEDTLS_DES_C */
#if defined(POLARSSL_AES_C)
#if defined(MBEDTLS_AES_C)
if( memcmp( s1, "DEK-Info: AES-", 14 ) == 0 )
{
if( memcmp( s1, "DEK-Info: AES-128-CBC,", 22 ) == 0 )
enc_alg = POLARSSL_CIPHER_AES_128_CBC;
enc_alg = MBEDTLS_CIPHER_AES_128_CBC;
else if( memcmp( s1, "DEK-Info: AES-192-CBC,", 22 ) == 0 )
enc_alg = POLARSSL_CIPHER_AES_192_CBC;
enc_alg = MBEDTLS_CIPHER_AES_192_CBC;
else if( memcmp( s1, "DEK-Info: AES-256-CBC,", 22 ) == 0 )
enc_alg = POLARSSL_CIPHER_AES_256_CBC;
enc_alg = MBEDTLS_CIPHER_AES_256_CBC;
else
return( POLARSSL_ERR_PEM_UNKNOWN_ENC_ALG );
return( MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG );
s1 += 22;
if( pem_get_iv( s1, pem_iv, 16 ) != 0 )
return( POLARSSL_ERR_PEM_INVALID_ENC_IV );
return( MBEDTLS_ERR_PEM_INVALID_ENC_IV );
s1 += 32;
}
#endif /* POLARSSL_AES_C */
#endif /* MBEDTLS_AES_C */
if( enc_alg == POLARSSL_CIPHER_NONE )
return( POLARSSL_ERR_PEM_UNKNOWN_ENC_ALG );
if( enc_alg == MBEDTLS_CIPHER_NONE )
return( MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG );
if( *s1 == '\r' ) s1++;
if( *s1 == '\n' ) s1++;
else return( POLARSSL_ERR_PEM_INVALID_DATA );
else return( MBEDTLS_ERR_PEM_INVALID_DATA );
#else
return( POLARSSL_ERR_PEM_FEATURE_UNAVAILABLE );
#endif /* POLARSSL_MD5_C && POLARSSL_CIPHER_MODE_CBC &&
( POLARSSL_AES_C || POLARSSL_DES_C ) */
return( MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE );
#endif /* MBEDTLS_MD5_C && MBEDTLS_CIPHER_MODE_CBC &&
( MBEDTLS_AES_C || MBEDTLS_DES_C ) */
}
len = 0;
ret = base64_decode( NULL, &len, s1, s2 - s1 );
ret = mbedtls_base64_decode( NULL, &len, s1, s2 - s1 );
if( ret == POLARSSL_ERR_BASE64_INVALID_CHARACTER )
return( POLARSSL_ERR_PEM_INVALID_DATA + ret );
if( ret == MBEDTLS_ERR_BASE64_INVALID_CHARACTER )
return( MBEDTLS_ERR_PEM_INVALID_DATA + ret );
if( ( buf = polarssl_malloc( len ) ) == NULL )
return( POLARSSL_ERR_PEM_MALLOC_FAILED );
if( ( buf = mbedtls_malloc( len ) ) == NULL )
return( MBEDTLS_ERR_PEM_MALLOC_FAILED );
if( ( ret = base64_decode( buf, &len, s1, s2 - s1 ) ) != 0 )
if( ( ret = mbedtls_base64_decode( buf, &len, s1, s2 - s1 ) ) != 0 )
{
polarssl_free( buf );
return( POLARSSL_ERR_PEM_INVALID_DATA + ret );
mbedtls_free( buf );
return( MBEDTLS_ERR_PEM_INVALID_DATA + ret );
}
if( enc != 0 )
{
#if defined(POLARSSL_MD5_C) && defined(POLARSSL_CIPHER_MODE_CBC) && \
( defined(POLARSSL_DES_C) || defined(POLARSSL_AES_C) )
#if defined(MBEDTLS_MD5_C) && defined(MBEDTLS_CIPHER_MODE_CBC) && \
( defined(MBEDTLS_DES_C) || defined(MBEDTLS_AES_C) )
if( pwd == NULL )
{
polarssl_free( buf );
return( POLARSSL_ERR_PEM_PASSWORD_REQUIRED );
mbedtls_free( buf );
return( MBEDTLS_ERR_PEM_PASSWORD_REQUIRED );
}
#if defined(POLARSSL_DES_C)
if( enc_alg == POLARSSL_CIPHER_DES_EDE3_CBC )
#if defined(MBEDTLS_DES_C)
if( enc_alg == MBEDTLS_CIPHER_DES_EDE3_CBC )
pem_des3_decrypt( pem_iv, buf, len, pwd, pwdlen );
else if( enc_alg == POLARSSL_CIPHER_DES_CBC )
else if( enc_alg == MBEDTLS_CIPHER_DES_CBC )
pem_des_decrypt( pem_iv, buf, len, pwd, pwdlen );
#endif /* POLARSSL_DES_C */
#endif /* MBEDTLS_DES_C */
#if defined(POLARSSL_AES_C)
if( enc_alg == POLARSSL_CIPHER_AES_128_CBC )
#if defined(MBEDTLS_AES_C)
if( enc_alg == MBEDTLS_CIPHER_AES_128_CBC )
pem_aes_decrypt( pem_iv, 16, buf, len, pwd, pwdlen );
else if( enc_alg == POLARSSL_CIPHER_AES_192_CBC )
else if( enc_alg == MBEDTLS_CIPHER_AES_192_CBC )
pem_aes_decrypt( pem_iv, 24, buf, len, pwd, pwdlen );
else if( enc_alg == POLARSSL_CIPHER_AES_256_CBC )
else if( enc_alg == MBEDTLS_CIPHER_AES_256_CBC )
pem_aes_decrypt( pem_iv, 32, buf, len, pwd, pwdlen );
#endif /* POLARSSL_AES_C */
#endif /* MBEDTLS_AES_C */
/*
* The result will be ASN.1 starting with a SEQUENCE tag, with 1 to 3
@ -364,14 +364,14 @@ int pem_read_buffer( pem_context *ctx, const char *header, const char *footer,
*/
if( len <= 2 || buf[0] != 0x30 || buf[1] > 0x83 )
{
polarssl_free( buf );
return( POLARSSL_ERR_PEM_PASSWORD_MISMATCH );
mbedtls_free( buf );
return( MBEDTLS_ERR_PEM_PASSWORD_MISMATCH );
}
#else
polarssl_free( buf );
return( POLARSSL_ERR_PEM_FEATURE_UNAVAILABLE );
#endif /* POLARSSL_MD5_C && POLARSSL_CIPHER_MODE_CBC &&
( POLARSSL_AES_C || POLARSSL_DES_C ) */
mbedtls_free( buf );
return( MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE );
#endif /* MBEDTLS_MD5_C && MBEDTLS_CIPHER_MODE_CBC &&
( MBEDTLS_AES_C || MBEDTLS_DES_C ) */
}
ctx->buf = buf;
@ -380,17 +380,17 @@ int pem_read_buffer( pem_context *ctx, const char *header, const char *footer,
return( 0 );
}
void pem_free( pem_context *ctx )
void mbedtls_pem_free( mbedtls_pem_context *ctx )
{
polarssl_free( ctx->buf );
polarssl_free( ctx->info );
mbedtls_free( ctx->buf );
mbedtls_free( ctx->info );
polarssl_zeroize( ctx, sizeof( pem_context ) );
mbedtls_zeroize( ctx, sizeof( mbedtls_pem_context ) );
}
#endif /* POLARSSL_PEM_PARSE_C */
#endif /* MBEDTLS_PEM_PARSE_C */
#if defined(POLARSSL_PEM_WRITE_C)
int pem_write_buffer( const char *header, const char *footer,
#if defined(MBEDTLS_PEM_WRITE_C)
int mbedtls_pem_write_buffer( const char *header, const char *footer,
const unsigned char *der_data, size_t der_len,
unsigned char *buf, size_t buf_len, size_t *olen )
{
@ -398,22 +398,22 @@ int pem_write_buffer( const char *header, const char *footer,
unsigned char *encode_buf, *c, *p = buf;
size_t len = 0, use_len = 0, add_len = 0;
base64_encode( NULL, &use_len, der_data, der_len );
mbedtls_base64_encode( NULL, &use_len, der_data, der_len );
add_len = strlen( header ) + strlen( footer ) + ( use_len / 64 ) + 1;
if( use_len + add_len > buf_len )
{
*olen = use_len + add_len;
return( POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL );
return( MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL );
}
if( ( encode_buf = polarssl_malloc( use_len ) ) == NULL )
return( POLARSSL_ERR_PEM_MALLOC_FAILED );
if( ( encode_buf = mbedtls_malloc( use_len ) ) == NULL )
return( MBEDTLS_ERR_PEM_MALLOC_FAILED );
if( ( ret = base64_encode( encode_buf, &use_len, der_data,
if( ( ret = mbedtls_base64_encode( encode_buf, &use_len, der_data,
der_len ) ) != 0 )
{
polarssl_free( encode_buf );
mbedtls_free( encode_buf );
return( ret );
}
@ -437,8 +437,8 @@ int pem_write_buffer( const char *header, const char *footer,
*p++ = '\0';
*olen = p - buf;
polarssl_free( encode_buf );
mbedtls_free( encode_buf );
return( 0 );
}
#endif /* POLARSSL_PEM_WRITE_C */
#endif /* POLARSSL_PEM_PARSE_C || POLARSSL_PEM_WRITE_C */
#endif /* MBEDTLS_PEM_WRITE_C */
#endif /* MBEDTLS_PEM_PARSE_C || MBEDTLS_PEM_WRITE_C */

180
library/pk.c
View File

@ -20,35 +20,35 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_PK_C)
#if defined(MBEDTLS_PK_C)
#include "mbedtls/pk.h"
#include "mbedtls/pk_wrap.h"
#if defined(POLARSSL_RSA_C)
#if defined(MBEDTLS_RSA_C)
#include "mbedtls/rsa.h"
#endif
#if defined(POLARSSL_ECP_C)
#if defined(MBEDTLS_ECP_C)
#include "mbedtls/ecp.h"
#endif
#if defined(POLARSSL_ECDSA_C)
#if defined(MBEDTLS_ECDSA_C)
#include "mbedtls/ecdsa.h"
#endif
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
/*
* Initialise a pk_context
* Initialise a mbedtls_pk_context
*/
void pk_init( pk_context *ctx )
void mbedtls_pk_init( mbedtls_pk_context *ctx )
{
if( ctx == NULL )
return;
@ -58,39 +58,39 @@ void pk_init( pk_context *ctx )
}
/*
* Free (the components of) a pk_context
* Free (the components of) a mbedtls_pk_context
*/
void pk_free( pk_context *ctx )
void mbedtls_pk_free( mbedtls_pk_context *ctx )
{
if( ctx == NULL || ctx->pk_info == NULL )
return;
ctx->pk_info->ctx_free_func( ctx->pk_ctx );
polarssl_zeroize( ctx, sizeof( pk_context ) );
mbedtls_zeroize( ctx, sizeof( mbedtls_pk_context ) );
}
/*
* Get pk_info structure from type
*/
const pk_info_t * pk_info_from_type( pk_type_t pk_type )
const mbedtls_pk_info_t * mbedtls_pk_info_from_type( mbedtls_pk_type_t pk_type )
{
switch( pk_type ) {
#if defined(POLARSSL_RSA_C)
case POLARSSL_PK_RSA:
return( &rsa_info );
#if defined(MBEDTLS_RSA_C)
case MBEDTLS_PK_RSA:
return( &mbedtls_rsa_info );
#endif
#if defined(POLARSSL_ECP_C)
case POLARSSL_PK_ECKEY:
return( &eckey_info );
case POLARSSL_PK_ECKEY_DH:
return( &eckeydh_info );
#if defined(MBEDTLS_ECP_C)
case MBEDTLS_PK_ECKEY:
return( &mbedtls_eckey_info );
case MBEDTLS_PK_ECKEY_DH:
return( &mbedtls_eckeydh_info );
#endif
#if defined(POLARSSL_ECDSA_C)
case POLARSSL_PK_ECDSA:
return( &ecdsa_info );
#if defined(MBEDTLS_ECDSA_C)
case MBEDTLS_PK_ECDSA:
return( &mbedtls_ecdsa_info );
#endif
/* POLARSSL_PK_RSA_ALT omitted on purpose */
/* MBEDTLS_PK_RSA_ALT omitted on purpose */
default:
return( NULL );
}
@ -99,40 +99,40 @@ const pk_info_t * pk_info_from_type( pk_type_t pk_type )
/*
* Initialise context
*/
int pk_init_ctx( pk_context *ctx, const pk_info_t *info )
int mbedtls_pk_init_ctx( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info )
{
if( ctx == NULL || info == NULL || ctx->pk_info != NULL )
return( POLARSSL_ERR_PK_BAD_INPUT_DATA );
return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
if( ( ctx->pk_ctx = info->ctx_alloc_func() ) == NULL )
return( POLARSSL_ERR_PK_MALLOC_FAILED );
return( MBEDTLS_ERR_PK_MALLOC_FAILED );
ctx->pk_info = info;
return( 0 );
}
#if defined(POLARSSL_PK_RSA_ALT_SUPPORT)
#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
/*
* Initialize an RSA-alt context
*/
int pk_init_ctx_rsa_alt( pk_context *ctx, void * key,
pk_rsa_alt_decrypt_func decrypt_func,
pk_rsa_alt_sign_func sign_func,
pk_rsa_alt_key_len_func key_len_func )
int mbedtls_pk_init_ctx_rsa_alt( mbedtls_pk_context *ctx, void * key,
mbedtls_pk_rsa_alt_decrypt_func decrypt_func,
mbedtls_pk_rsa_alt_sign_func sign_func,
mbedtls_pk_rsa_alt_key_len_func key_len_func )
{
rsa_alt_context *rsa_alt;
const pk_info_t *info = &rsa_alt_info;
mbedtls_rsa_alt_context *rsa_alt;
const mbedtls_pk_info_t *info = &mbedtls_rsa_alt_info;
if( ctx == NULL || ctx->pk_info != NULL )
return( POLARSSL_ERR_PK_BAD_INPUT_DATA );
return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
if( ( ctx->pk_ctx = info->ctx_alloc_func() ) == NULL )
return( POLARSSL_ERR_PK_MALLOC_FAILED );
return( MBEDTLS_ERR_PK_MALLOC_FAILED );
ctx->pk_info = info;
rsa_alt = (rsa_alt_context *) ctx->pk_ctx;
rsa_alt = (mbedtls_rsa_alt_context *) ctx->pk_ctx;
rsa_alt->key = key;
rsa_alt->decrypt_func = decrypt_func;
@ -141,12 +141,12 @@ int pk_init_ctx_rsa_alt( pk_context *ctx, void * key,
return( 0 );
}
#endif /* POLARSSL_PK_RSA_ALT_SUPPORT */
#endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */
/*
* Tell if a PK can do the operations of the given type
*/
int pk_can_do( const pk_context *ctx, pk_type_t type )
int mbedtls_pk_can_do( const mbedtls_pk_context *ctx, mbedtls_pk_type_t type )
{
/* null or NONE context can't do anything */
if( ctx == NULL || ctx->pk_info == NULL )
@ -156,35 +156,35 @@ int pk_can_do( const pk_context *ctx, pk_type_t type )
}
/*
* Helper for pk_sign and pk_verify
* Helper for mbedtls_pk_sign and mbedtls_pk_verify
*/
static inline int pk_hashlen_helper( md_type_t md_alg, size_t *hash_len )
static inline int pk_hashlen_helper( mbedtls_md_type_t md_alg, size_t *hash_len )
{
const md_info_t *md_info;
const mbedtls_md_info_t *md_info;
if( *hash_len != 0 )
return( 0 );
if( ( md_info = md_info_from_type( md_alg ) ) == NULL )
if( ( md_info = mbedtls_md_info_from_type( md_alg ) ) == NULL )
return( -1 );
*hash_len = md_get_size( md_info );
*hash_len = mbedtls_md_get_size( md_info );
return( 0 );
}
/*
* Verify a signature
*/
int pk_verify( pk_context *ctx, md_type_t md_alg,
int mbedtls_pk_verify( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
const unsigned char *hash, size_t hash_len,
const unsigned char *sig, size_t sig_len )
{
if( ctx == NULL || ctx->pk_info == NULL ||
pk_hashlen_helper( md_alg, &hash_len ) != 0 )
return( POLARSSL_ERR_PK_BAD_INPUT_DATA );
return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
if( ctx->pk_info->verify_func == NULL )
return( POLARSSL_ERR_PK_TYPE_MISMATCH );
return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
return( ctx->pk_info->verify_func( ctx->pk_ctx, md_alg, hash, hash_len,
sig, sig_len ) );
@ -193,33 +193,33 @@ int pk_verify( pk_context *ctx, md_type_t md_alg,
/*
* Verify a signature with options
*/
int pk_verify_ext( pk_type_t type, const void *options,
pk_context *ctx, md_type_t md_alg,
int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options,
mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
const unsigned char *hash, size_t hash_len,
const unsigned char *sig, size_t sig_len )
{
if( ctx == NULL || ctx->pk_info == NULL )
return( POLARSSL_ERR_PK_BAD_INPUT_DATA );
return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
if( ! pk_can_do( ctx, type ) )
return( POLARSSL_ERR_PK_TYPE_MISMATCH );
if( ! mbedtls_pk_can_do( ctx, type ) )
return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
if( type == POLARSSL_PK_RSASSA_PSS )
if( type == MBEDTLS_PK_RSASSA_PSS )
{
#if defined(POLARSSL_RSA_C) && defined(POLARSSL_PKCS1_V21)
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V21)
int ret;
const pk_rsassa_pss_options *pss_opts;
const mbedtls_pk_rsassa_pss_options *pss_opts;
if( options == NULL )
return( POLARSSL_ERR_PK_BAD_INPUT_DATA );
return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
pss_opts = (const pk_rsassa_pss_options *) options;
pss_opts = (const mbedtls_pk_rsassa_pss_options *) options;
if( sig_len < pk_get_len( ctx ) )
return( POLARSSL_ERR_RSA_VERIFY_FAILED );
if( sig_len < mbedtls_pk_get_len( ctx ) )
return( MBEDTLS_ERR_RSA_VERIFY_FAILED );
ret = rsa_rsassa_pss_verify_ext( pk_rsa( *ctx ),
NULL, NULL, RSA_PUBLIC,
ret = mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_pk_rsa( *ctx ),
NULL, NULL, MBEDTLS_RSA_PUBLIC,
md_alg, (unsigned int) hash_len, hash,
pss_opts->mgf1_hash_id,
pss_opts->expected_salt_len,
@ -227,36 +227,36 @@ int pk_verify_ext( pk_type_t type, const void *options,
if( ret != 0 )
return( ret );
if( sig_len > pk_get_len( ctx ) )
return( POLARSSL_ERR_PK_SIG_LEN_MISMATCH );
if( sig_len > mbedtls_pk_get_len( ctx ) )
return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH );
return( 0 );
#else
return( POLARSSL_ERR_PK_FEATURE_UNAVAILABLE );
return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
#endif
}
/* General case: no options */
if( options != NULL )
return( POLARSSL_ERR_PK_BAD_INPUT_DATA );
return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
return( pk_verify( ctx, md_alg, hash, hash_len, sig, sig_len ) );
return( mbedtls_pk_verify( ctx, md_alg, hash, hash_len, sig, sig_len ) );
}
/*
* Make a signature
*/
int pk_sign( pk_context *ctx, md_type_t md_alg,
int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
const unsigned char *hash, size_t hash_len,
unsigned char *sig, size_t *sig_len,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
{
if( ctx == NULL || ctx->pk_info == NULL ||
pk_hashlen_helper( md_alg, &hash_len ) != 0 )
return( POLARSSL_ERR_PK_BAD_INPUT_DATA );
return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
if( ctx->pk_info->sign_func == NULL )
return( POLARSSL_ERR_PK_TYPE_MISMATCH );
return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
return( ctx->pk_info->sign_func( ctx->pk_ctx, md_alg, hash, hash_len,
sig, sig_len, f_rng, p_rng ) );
@ -265,16 +265,16 @@ int pk_sign( pk_context *ctx, md_type_t md_alg,
/*
* Decrypt message
*/
int pk_decrypt( pk_context *ctx,
int mbedtls_pk_decrypt( mbedtls_pk_context *ctx,
const unsigned char *input, size_t ilen,
unsigned char *output, size_t *olen, size_t osize,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
{
if( ctx == NULL || ctx->pk_info == NULL )
return( POLARSSL_ERR_PK_BAD_INPUT_DATA );
return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
if( ctx->pk_info->decrypt_func == NULL )
return( POLARSSL_ERR_PK_TYPE_MISMATCH );
return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
return( ctx->pk_info->decrypt_func( ctx->pk_ctx, input, ilen,
output, olen, osize, f_rng, p_rng ) );
@ -283,16 +283,16 @@ int pk_decrypt( pk_context *ctx,
/*
* Encrypt message
*/
int pk_encrypt( pk_context *ctx,
int mbedtls_pk_encrypt( mbedtls_pk_context *ctx,
const unsigned char *input, size_t ilen,
unsigned char *output, size_t *olen, size_t osize,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
{
if( ctx == NULL || ctx->pk_info == NULL )
return( POLARSSL_ERR_PK_BAD_INPUT_DATA );
return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
if( ctx->pk_info->encrypt_func == NULL )
return( POLARSSL_ERR_PK_TYPE_MISMATCH );
return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
return( ctx->pk_info->encrypt_func( ctx->pk_ctx, input, ilen,
output, olen, osize, f_rng, p_rng ) );
@ -301,24 +301,24 @@ int pk_encrypt( pk_context *ctx,
/*
* Check public-private key pair
*/
int pk_check_pair( const pk_context *pub, const pk_context *prv )
int mbedtls_pk_check_pair( const mbedtls_pk_context *pub, const mbedtls_pk_context *prv )
{
if( pub == NULL || pub->pk_info == NULL ||
prv == NULL || prv->pk_info == NULL ||
prv->pk_info->check_pair_func == NULL )
{
return( POLARSSL_ERR_PK_BAD_INPUT_DATA );
return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
}
if( prv->pk_info->type == POLARSSL_PK_RSA_ALT )
if( prv->pk_info->type == MBEDTLS_PK_RSA_ALT )
{
if( pub->pk_info->type != POLARSSL_PK_RSA )
return( POLARSSL_ERR_PK_TYPE_MISMATCH );
if( pub->pk_info->type != MBEDTLS_PK_RSA )
return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
}
else
{
if( pub->pk_info != prv->pk_info )
return( POLARSSL_ERR_PK_TYPE_MISMATCH );
return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
}
return( prv->pk_info->check_pair_func( pub->pk_ctx, prv->pk_ctx ) );
@ -327,7 +327,7 @@ int pk_check_pair( const pk_context *pub, const pk_context *prv )
/*
* Get key size in bits
*/
size_t pk_get_size( const pk_context *ctx )
size_t mbedtls_pk_get_size( const mbedtls_pk_context *ctx )
{
if( ctx == NULL || ctx->pk_info == NULL )
return( 0 );
@ -338,13 +338,13 @@ size_t pk_get_size( const pk_context *ctx )
/*
* Export debug information
*/
int pk_debug( const pk_context *ctx, pk_debug_item *items )
int mbedtls_pk_debug( const mbedtls_pk_context *ctx, mbedtls_pk_debug_item *items )
{
if( ctx == NULL || ctx->pk_info == NULL )
return( POLARSSL_ERR_PK_BAD_INPUT_DATA );
return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
if( ctx->pk_info->debug_func == NULL )
return( POLARSSL_ERR_PK_TYPE_MISMATCH );
return( MBEDTLS_ERR_PK_TYPE_MISMATCH );
ctx->pk_info->debug_func( ctx->pk_ctx, items );
return( 0 );
@ -353,7 +353,7 @@ int pk_debug( const pk_context *ctx, pk_debug_item *items )
/*
* Access the PK type name
*/
const char *pk_get_name( const pk_context *ctx )
const char *mbedtls_pk_get_name( const mbedtls_pk_context *ctx )
{
if( ctx == NULL || ctx->pk_info == NULL )
return( "invalid PK" );
@ -364,12 +364,12 @@ const char *pk_get_name( const pk_context *ctx )
/*
* Access the PK type
*/
pk_type_t pk_get_type( const pk_context *ctx )
mbedtls_pk_type_t mbedtls_pk_get_type( const mbedtls_pk_context *ctx )
{
if( ctx == NULL || ctx->pk_info == NULL )
return( POLARSSL_PK_NONE );
return( MBEDTLS_PK_NONE );
return( ctx->pk_info->type );
}
#endif /* POLARSSL_PK_C */
#endif /* MBEDTLS_PK_C */

254
library/pk_wrap.c
View File

@ -20,13 +20,13 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_PK_C)
#if defined(MBEDTLS_PK_C)
#include "mbedtls/pk_wrap.h"
/* Even if RSA not activated, for the sake of RSA-alt */
@ -34,69 +34,69 @@
#include <string.h>
#if defined(POLARSSL_ECP_C)
#if defined(MBEDTLS_ECP_C)
#include "mbedtls/ecp.h"
#endif
#if defined(POLARSSL_ECDSA_C)
#if defined(MBEDTLS_ECDSA_C)
#include "mbedtls/ecdsa.h"
#endif
#if defined(POLARSSL_PLATFORM_C)
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#include <stdlib.h>
#define polarssl_malloc malloc
#define polarssl_free free
#define mbedtls_malloc malloc
#define mbedtls_free free
#endif
#if defined(POLARSSL_PK_RSA_ALT_SUPPORT)
#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
#endif
#if defined(POLARSSL_RSA_C)
static int rsa_can_do( pk_type_t type )
#if defined(MBEDTLS_RSA_C)
static int rsa_can_do( mbedtls_pk_type_t type )
{
return( type == POLARSSL_PK_RSA ||
type == POLARSSL_PK_RSASSA_PSS );
return( type == MBEDTLS_PK_RSA ||
type == MBEDTLS_PK_RSASSA_PSS );
}
static size_t rsa_get_size( const void *ctx )
{
return( 8 * ((const rsa_context *) ctx)->len );
return( 8 * ((const mbedtls_rsa_context *) ctx)->len );
}
static int rsa_verify_wrap( void *ctx, md_type_t md_alg,
static int rsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
const unsigned char *hash, size_t hash_len,
const unsigned char *sig, size_t sig_len )
{
int ret;
if( sig_len < ((rsa_context *) ctx)->len )
return( POLARSSL_ERR_RSA_VERIFY_FAILED );
if( sig_len < ((mbedtls_rsa_context *) ctx)->len )
return( MBEDTLS_ERR_RSA_VERIFY_FAILED );
if( ( ret = rsa_pkcs1_verify( (rsa_context *) ctx, NULL, NULL,
RSA_PUBLIC, md_alg,
if( ( ret = mbedtls_rsa_pkcs1_verify( (mbedtls_rsa_context *) ctx, NULL, NULL,
MBEDTLS_RSA_PUBLIC, md_alg,
(unsigned int) hash_len, hash, sig ) ) != 0 )
return( ret );
if( sig_len > ((rsa_context *) ctx)->len )
return( POLARSSL_ERR_PK_SIG_LEN_MISMATCH );
if( sig_len > ((mbedtls_rsa_context *) ctx)->len )
return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH );
return( 0 );
}
static int rsa_sign_wrap( void *ctx, md_type_t md_alg,
static int rsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
const unsigned char *hash, size_t hash_len,
unsigned char *sig, size_t *sig_len,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
{
*sig_len = ((rsa_context *) ctx)->len;
*sig_len = ((mbedtls_rsa_context *) ctx)->len;
return( rsa_pkcs1_sign( (rsa_context *) ctx, f_rng, p_rng, RSA_PRIVATE,
return( mbedtls_rsa_pkcs1_sign( (mbedtls_rsa_context *) ctx, f_rng, p_rng, MBEDTLS_RSA_PRIVATE,
md_alg, (unsigned int) hash_len, hash, sig ) );
}
@ -105,11 +105,11 @@ static int rsa_decrypt_wrap( void *ctx,
unsigned char *output, size_t *olen, size_t osize,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
{
if( ilen != ((rsa_context *) ctx)->len )
return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
if( ilen != ((mbedtls_rsa_context *) ctx)->len )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
return( rsa_pkcs1_decrypt( (rsa_context *) ctx, f_rng, p_rng,
RSA_PRIVATE, olen, input, output, osize ) );
return( mbedtls_rsa_pkcs1_decrypt( (mbedtls_rsa_context *) ctx, f_rng, p_rng,
MBEDTLS_RSA_PRIVATE, olen, input, output, osize ) );
}
static int rsa_encrypt_wrap( void *ctx,
@ -117,52 +117,52 @@ static int rsa_encrypt_wrap( void *ctx,
unsigned char *output, size_t *olen, size_t osize,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
{
*olen = ((rsa_context *) ctx)->len;
*olen = ((mbedtls_rsa_context *) ctx)->len;
if( *olen > osize )
return( POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE );
return( MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE );
return( rsa_pkcs1_encrypt( (rsa_context *) ctx,
f_rng, p_rng, RSA_PUBLIC, ilen, input, output ) );
return( mbedtls_rsa_pkcs1_encrypt( (mbedtls_rsa_context *) ctx,
f_rng, p_rng, MBEDTLS_RSA_PUBLIC, ilen, input, output ) );
}
static int rsa_check_pair_wrap( const void *pub, const void *prv )
{
return( rsa_check_pub_priv( (const rsa_context *) pub,
(const rsa_context *) prv ) );
return( mbedtls_rsa_check_pub_priv( (const mbedtls_rsa_context *) pub,
(const mbedtls_rsa_context *) prv ) );
}
static void *rsa_alloc_wrap( void )
{
void *ctx = polarssl_malloc( sizeof( rsa_context ) );
void *ctx = mbedtls_malloc( sizeof( mbedtls_rsa_context ) );
if( ctx != NULL )
rsa_init( (rsa_context *) ctx, 0, 0 );
mbedtls_rsa_init( (mbedtls_rsa_context *) ctx, 0, 0 );
return( ctx );
}
static void rsa_free_wrap( void *ctx )
{
rsa_free( (rsa_context *) ctx );
polarssl_free( ctx );
mbedtls_rsa_free( (mbedtls_rsa_context *) ctx );
mbedtls_free( ctx );
}
static void rsa_debug( const void *ctx, pk_debug_item *items )
static void rsa_debug( const void *ctx, mbedtls_pk_debug_item *items )
{
items->type = POLARSSL_PK_DEBUG_MPI;
items->type = MBEDTLS_PK_DEBUG_MPI;
items->name = "rsa.N";
items->value = &( ((rsa_context *) ctx)->N );
items->value = &( ((mbedtls_rsa_context *) ctx)->N );
items++;
items->type = POLARSSL_PK_DEBUG_MPI;
items->type = MBEDTLS_PK_DEBUG_MPI;
items->name = "rsa.E";
items->value = &( ((rsa_context *) ctx)->E );
items->value = &( ((mbedtls_rsa_context *) ctx)->E );
}
const pk_info_t rsa_info = {
POLARSSL_PK_RSA,
const mbedtls_pk_info_t mbedtls_rsa_info = {
MBEDTLS_PK_RSA,
"RSA",
rsa_get_size,
rsa_can_do,
@ -175,108 +175,108 @@ const pk_info_t rsa_info = {
rsa_free_wrap,
rsa_debug,
};
#endif /* POLARSSL_RSA_C */
#endif /* MBEDTLS_RSA_C */
#if defined(POLARSSL_ECP_C)
#if defined(MBEDTLS_ECP_C)
/*
* Generic EC key
*/
static int eckey_can_do( pk_type_t type )
static int eckey_can_do( mbedtls_pk_type_t type )
{
return( type == POLARSSL_PK_ECKEY ||
type == POLARSSL_PK_ECKEY_DH ||
type == POLARSSL_PK_ECDSA );
return( type == MBEDTLS_PK_ECKEY ||
type == MBEDTLS_PK_ECKEY_DH ||
type == MBEDTLS_PK_ECDSA );
}
static size_t eckey_get_size( const void *ctx )
{
return( ((ecp_keypair *) ctx)->grp.pbits );
return( ((mbedtls_ecp_keypair *) ctx)->grp.pbits );
}
#if defined(POLARSSL_ECDSA_C)
#if defined(MBEDTLS_ECDSA_C)
/* Forward declarations */
static int ecdsa_verify_wrap( void *ctx, md_type_t md_alg,
static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
const unsigned char *hash, size_t hash_len,
const unsigned char *sig, size_t sig_len );
static int ecdsa_sign_wrap( void *ctx, md_type_t md_alg,
static int ecdsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
const unsigned char *hash, size_t hash_len,
unsigned char *sig, size_t *sig_len,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
static int eckey_verify_wrap( void *ctx, md_type_t md_alg,
static int eckey_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
const unsigned char *hash, size_t hash_len,
const unsigned char *sig, size_t sig_len )
{
int ret;
ecdsa_context ecdsa;
mbedtls_ecdsa_context ecdsa;
ecdsa_init( &ecdsa );
mbedtls_ecdsa_init( &ecdsa );
if( ( ret = ecdsa_from_keypair( &ecdsa, ctx ) ) == 0 )
if( ( ret = mbedtls_ecdsa_from_keypair( &ecdsa, ctx ) ) == 0 )
ret = ecdsa_verify_wrap( &ecdsa, md_alg, hash, hash_len, sig, sig_len );
ecdsa_free( &ecdsa );
mbedtls_ecdsa_free( &ecdsa );
return( ret );
}
static int eckey_sign_wrap( void *ctx, md_type_t md_alg,
static int eckey_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
const unsigned char *hash, size_t hash_len,
unsigned char *sig, size_t *sig_len,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
{
int ret;
ecdsa_context ecdsa;
mbedtls_ecdsa_context ecdsa;
ecdsa_init( &ecdsa );
mbedtls_ecdsa_init( &ecdsa );
if( ( ret = ecdsa_from_keypair( &ecdsa, ctx ) ) == 0 )
if( ( ret = mbedtls_ecdsa_from_keypair( &ecdsa, ctx ) ) == 0 )
ret = ecdsa_sign_wrap( &ecdsa, md_alg, hash, hash_len, sig, sig_len,
f_rng, p_rng );
ecdsa_free( &ecdsa );
mbedtls_ecdsa_free( &ecdsa );
return( ret );
}
#endif /* POLARSSL_ECDSA_C */
#endif /* MBEDTLS_ECDSA_C */
static int eckey_check_pair( const void *pub, const void *prv )
{
return( ecp_check_pub_priv( (const ecp_keypair *) pub,
(const ecp_keypair *) prv ) );
return( mbedtls_ecp_check_pub_priv( (const mbedtls_ecp_keypair *) pub,
(const mbedtls_ecp_keypair *) prv ) );
}
static void *eckey_alloc_wrap( void )
{
void *ctx = polarssl_malloc( sizeof( ecp_keypair ) );
void *ctx = mbedtls_malloc( sizeof( mbedtls_ecp_keypair ) );
if( ctx != NULL )
ecp_keypair_init( ctx );
mbedtls_ecp_keypair_init( ctx );
return( ctx );
}
static void eckey_free_wrap( void *ctx )
{
ecp_keypair_free( (ecp_keypair *) ctx );
polarssl_free( ctx );
mbedtls_ecp_keypair_free( (mbedtls_ecp_keypair *) ctx );
mbedtls_free( ctx );
}
static void eckey_debug( const void *ctx, pk_debug_item *items )
static void eckey_debug( const void *ctx, mbedtls_pk_debug_item *items )
{
items->type = POLARSSL_PK_DEBUG_ECP;
items->type = MBEDTLS_PK_DEBUG_ECP;
items->name = "eckey.Q";
items->value = &( ((ecp_keypair *) ctx)->Q );
items->value = &( ((mbedtls_ecp_keypair *) ctx)->Q );
}
const pk_info_t eckey_info = {
POLARSSL_PK_ECKEY,
const mbedtls_pk_info_t mbedtls_eckey_info = {
MBEDTLS_PK_ECKEY,
"EC",
eckey_get_size,
eckey_can_do,
#if defined(POLARSSL_ECDSA_C)
#if defined(MBEDTLS_ECDSA_C)
eckey_verify_wrap,
eckey_sign_wrap,
#else
@ -294,14 +294,14 @@ const pk_info_t eckey_info = {
/*
* EC key restricted to ECDH
*/
static int eckeydh_can_do( pk_type_t type )
static int eckeydh_can_do( mbedtls_pk_type_t type )
{
return( type == POLARSSL_PK_ECKEY ||
type == POLARSSL_PK_ECKEY_DH );
return( type == MBEDTLS_PK_ECKEY ||
type == MBEDTLS_PK_ECKEY_DH );
}
const pk_info_t eckeydh_info = {
POLARSSL_PK_ECKEY_DH,
const mbedtls_pk_info_t mbedtls_eckeydh_info = {
MBEDTLS_PK_ECKEY_DH,
"EC_DH",
eckey_get_size, /* Same underlying key structure */
eckeydh_can_do,
@ -314,57 +314,57 @@ const pk_info_t eckeydh_info = {
eckey_free_wrap, /* Same underlying key structure */
eckey_debug, /* Same underlying key structure */
};
#endif /* POLARSSL_ECP_C */
#endif /* MBEDTLS_ECP_C */
#if defined(POLARSSL_ECDSA_C)
static int ecdsa_can_do( pk_type_t type )
#if defined(MBEDTLS_ECDSA_C)
static int ecdsa_can_do( mbedtls_pk_type_t type )
{
return( type == POLARSSL_PK_ECDSA );
return( type == MBEDTLS_PK_ECDSA );
}
static int ecdsa_verify_wrap( void *ctx, md_type_t md_alg,
static int ecdsa_verify_wrap( void *ctx, mbedtls_md_type_t md_alg,
const unsigned char *hash, size_t hash_len,
const unsigned char *sig, size_t sig_len )
{
int ret;
((void) md_alg);
ret = ecdsa_read_signature( (ecdsa_context *) ctx,
ret = mbedtls_ecdsa_read_signature( (mbedtls_ecdsa_context *) ctx,
hash, hash_len, sig, sig_len );
if( ret == POLARSSL_ERR_ECP_SIG_LEN_MISMATCH )
return( POLARSSL_ERR_PK_SIG_LEN_MISMATCH );
if( ret == MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH )
return( MBEDTLS_ERR_PK_SIG_LEN_MISMATCH );
return( ret );
}
static int ecdsa_sign_wrap( void *ctx, md_type_t md_alg,
static int ecdsa_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
const unsigned char *hash, size_t hash_len,
unsigned char *sig, size_t *sig_len,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
{
return( ecdsa_write_signature( (ecdsa_context *) ctx,
return( mbedtls_ecdsa_write_signature( (mbedtls_ecdsa_context *) ctx,
md_alg, hash, hash_len, sig, sig_len, f_rng, p_rng ) );
}
static void *ecdsa_alloc_wrap( void )
{
void *ctx = polarssl_malloc( sizeof( ecdsa_context ) );
void *ctx = mbedtls_malloc( sizeof( mbedtls_ecdsa_context ) );
if( ctx != NULL )
ecdsa_init( (ecdsa_context *) ctx );
mbedtls_ecdsa_init( (mbedtls_ecdsa_context *) ctx );
return( ctx );
}
static void ecdsa_free_wrap( void *ctx )
{
ecdsa_free( (ecdsa_context *) ctx );
polarssl_free( ctx );
mbedtls_ecdsa_free( (mbedtls_ecdsa_context *) ctx );
mbedtls_free( ctx );
}
const pk_info_t ecdsa_info = {
POLARSSL_PK_ECDSA,
const mbedtls_pk_info_t mbedtls_ecdsa_info = {
MBEDTLS_PK_ECDSA,
"ECDSA",
eckey_get_size, /* Compatible key structures */
ecdsa_can_do,
@ -377,35 +377,35 @@ const pk_info_t ecdsa_info = {
ecdsa_free_wrap,
eckey_debug, /* Compatible key structures */
};
#endif /* POLARSSL_ECDSA_C */
#endif /* MBEDTLS_ECDSA_C */
#if defined(POLARSSL_PK_RSA_ALT_SUPPORT)
#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
/*
* Support for alternative RSA-private implementations
*/
static int rsa_alt_can_do( pk_type_t type )
static int rsa_alt_can_do( mbedtls_pk_type_t type )
{
return( type == POLARSSL_PK_RSA );
return( type == MBEDTLS_PK_RSA );
}
static size_t rsa_alt_get_size( const void *ctx )
{
const rsa_alt_context *rsa_alt = (const rsa_alt_context *) ctx;
const mbedtls_rsa_alt_context *rsa_alt = (const mbedtls_rsa_alt_context *) ctx;
return( 8 * rsa_alt->key_len_func( rsa_alt->key ) );
}
static int rsa_alt_sign_wrap( void *ctx, md_type_t md_alg,
static int rsa_alt_sign_wrap( void *ctx, mbedtls_md_type_t md_alg,
const unsigned char *hash, size_t hash_len,
unsigned char *sig, size_t *sig_len,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
{
rsa_alt_context *rsa_alt = (rsa_alt_context *) ctx;
mbedtls_rsa_alt_context *rsa_alt = (mbedtls_rsa_alt_context *) ctx;
*sig_len = rsa_alt->key_len_func( rsa_alt->key );
return( rsa_alt->sign_func( rsa_alt->key, f_rng, p_rng, RSA_PRIVATE,
return( rsa_alt->sign_func( rsa_alt->key, f_rng, p_rng, MBEDTLS_RSA_PRIVATE,
md_alg, (unsigned int) hash_len, hash, sig ) );
}
@ -414,66 +414,66 @@ static int rsa_alt_decrypt_wrap( void *ctx,
unsigned char *output, size_t *olen, size_t osize,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
{
rsa_alt_context *rsa_alt = (rsa_alt_context *) ctx;
mbedtls_rsa_alt_context *rsa_alt = (mbedtls_rsa_alt_context *) ctx;
((void) f_rng);
((void) p_rng);
if( ilen != rsa_alt->key_len_func( rsa_alt->key ) )
return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
return( rsa_alt->decrypt_func( rsa_alt->key,
RSA_PRIVATE, olen, input, output, osize ) );
MBEDTLS_RSA_PRIVATE, olen, input, output, osize ) );
}
#if defined(POLARSSL_RSA_C)
#if defined(MBEDTLS_RSA_C)
static int rsa_alt_check_pair( const void *pub, const void *prv )
{
unsigned char sig[POLARSSL_MPI_MAX_SIZE];
unsigned char sig[MBEDTLS_MPI_MAX_SIZE];
unsigned char hash[32];
size_t sig_len = 0;
int ret;
if( rsa_alt_get_size( prv ) != rsa_get_size( pub ) )
return( POLARSSL_ERR_RSA_KEY_CHECK_FAILED );
return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
memset( hash, 0x2a, sizeof( hash ) );
if( ( ret = rsa_alt_sign_wrap( (void *) prv, POLARSSL_MD_NONE,
if( ( ret = rsa_alt_sign_wrap( (void *) prv, MBEDTLS_MD_NONE,
hash, sizeof( hash ),
sig, &sig_len, NULL, NULL ) ) != 0 )
{
return( ret );
}
if( rsa_verify_wrap( (void *) pub, POLARSSL_MD_NONE,
if( rsa_verify_wrap( (void *) pub, MBEDTLS_MD_NONE,
hash, sizeof( hash ), sig, sig_len ) != 0 )
{
return( POLARSSL_ERR_RSA_KEY_CHECK_FAILED );
return( MBEDTLS_ERR_RSA_KEY_CHECK_FAILED );
}
return( 0 );
}
#endif /* POLARSSL_RSA_C */
#endif /* MBEDTLS_RSA_C */
static void *rsa_alt_alloc_wrap( void )
{
void *ctx = polarssl_malloc( sizeof( rsa_alt_context ) );
void *ctx = mbedtls_malloc( sizeof( mbedtls_rsa_alt_context ) );
if( ctx != NULL )
memset( ctx, 0, sizeof( rsa_alt_context ) );
memset( ctx, 0, sizeof( mbedtls_rsa_alt_context ) );
return( ctx );
}
static void rsa_alt_free_wrap( void *ctx )
{
polarssl_zeroize( ctx, sizeof( rsa_alt_context ) );
polarssl_free( ctx );
mbedtls_zeroize( ctx, sizeof( mbedtls_rsa_alt_context ) );
mbedtls_free( ctx );
}
const pk_info_t rsa_alt_info = {
POLARSSL_PK_RSA_ALT,
const mbedtls_pk_info_t mbedtls_rsa_alt_info = {
MBEDTLS_PK_RSA_ALT,
"RSA-alt",
rsa_alt_get_size,
rsa_alt_can_do,
@ -481,7 +481,7 @@ const pk_info_t rsa_alt_info = {
rsa_alt_sign_wrap,
rsa_alt_decrypt_wrap,
NULL,
#if defined(POLARSSL_RSA_C)
#if defined(MBEDTLS_RSA_C)
rsa_alt_check_pair,
#else
NULL,
@ -491,6 +491,6 @@ const pk_info_t rsa_alt_info = {
NULL,
};
#endif /* POLARSSL_PK_RSA_ALT_SUPPORT */
#endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */
#endif /* POLARSSL_PK_C */
#endif /* MBEDTLS_PK_C */

86
library/pkcs11.c
View File

@ -26,21 +26,21 @@
#include "mbedtls/pkcs11.h"
#if defined(POLARSSL_PKCS11_C)
#if defined(MBEDTLS_PKCS11_C)
#include "mbedtls/md.h"
#include "mbedtls/oid.h"
#include "mbedtls/x509_crt.h"
#if defined(POLARSSL_PLATFORM_C)
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#include <stdlib.h>
#define polarssl_malloc malloc
#define polarssl_free free
#define mbedtls_malloc malloc
#define mbedtls_free free
#endif
int pkcs11_x509_cert_init( x509_crt *cert, pkcs11h_certificate_t pkcs11_cert )
int mbedtls_pkcs11_x509_cert_init( mbedtls_x509_crt *cert, pkcs11h_certificate_t pkcs11_cert )
{
int ret = 1;
unsigned char *cert_blob = NULL;
@ -59,7 +59,7 @@ int pkcs11_x509_cert_init( x509_crt *cert, pkcs11h_certificate_t pkcs11_cert )
goto cleanup;
}
cert_blob = polarssl_malloc( cert_blob_size );
cert_blob = mbedtls_malloc( cert_blob_size );
if( NULL == cert_blob )
{
ret = 4;
@ -73,7 +73,7 @@ int pkcs11_x509_cert_init( x509_crt *cert, pkcs11h_certificate_t pkcs11_cert )
goto cleanup;
}
if( 0 != x509_crt_parse( cert, cert_blob, cert_blob_size ) )
if( 0 != mbedtls_x509_crt_parse( cert, cert_blob, cert_blob_size ) )
{
ret = 6;
goto cleanup;
@ -83,44 +83,44 @@ int pkcs11_x509_cert_init( x509_crt *cert, pkcs11h_certificate_t pkcs11_cert )
cleanup:
if( NULL != cert_blob )
polarssl_free( cert_blob );
mbedtls_free( cert_blob );
return( ret );
}
int pkcs11_priv_key_init( pkcs11_context *priv_key,
int mbedtls_pkcs11_priv_key_init( mbedtls_pkcs11_context *priv_key,
pkcs11h_certificate_t pkcs11_cert )
{
int ret = 1;
x509_crt cert;
mbedtls_x509_crt cert;
x509_crt_init( &cert );
mbedtls_x509_crt_init( &cert );
if( priv_key == NULL )
goto cleanup;
if( 0 != pkcs11_x509_cert_init( &cert, pkcs11_cert ) )
if( 0 != mbedtls_pkcs11_x509_cert_init( &cert, pkcs11_cert ) )
goto cleanup;
priv_key->len = pk_get_len( &cert.pk );
priv_key->len = mbedtls_pk_get_len( &cert.pk );
priv_key->pkcs11h_cert = pkcs11_cert;
ret = 0;
cleanup:
x509_crt_free( &cert );
mbedtls_x509_crt_free( &cert );
return( ret );
}
void pkcs11_priv_key_free( pkcs11_context *priv_key )
void mbedtls_pkcs11_priv_key_free( mbedtls_pkcs11_context *priv_key )
{
if( NULL != priv_key )
pkcs11h_certificate_freeCertificate( priv_key->pkcs11h_cert );
}
int pkcs11_decrypt( pkcs11_context *ctx,
int mbedtls_pkcs11_decrypt( mbedtls_pkcs11_context *ctx,
int mode, size_t *olen,
const unsigned char *input,
unsigned char *output,
@ -129,38 +129,38 @@ int pkcs11_decrypt( pkcs11_context *ctx,
size_t input_len, output_len;
if( NULL == ctx )
return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
if( RSA_PRIVATE != mode )
return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
if( MBEDTLS_RSA_PRIVATE != mode )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
output_len = input_len = ctx->len;
if( input_len < 16 || input_len > output_max_len )
return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
/* Determine size of output buffer */
if( pkcs11h_certificate_decryptAny( ctx->pkcs11h_cert, CKM_RSA_PKCS, input,
input_len, NULL, &output_len ) != CKR_OK )
{
return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
}
if( output_len > output_max_len )
return( POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE );
return( MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE );
if( pkcs11h_certificate_decryptAny( ctx->pkcs11h_cert, CKM_RSA_PKCS, input,
input_len, output, &output_len ) != CKR_OK )
{
return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
}
*olen = output_len;
return( 0 );
}
int pkcs11_sign( pkcs11_context *ctx,
int mbedtls_pkcs11_sign( mbedtls_pkcs11_context *ctx,
int mode,
md_type_t md_alg,
mbedtls_md_type_t md_alg,
unsigned int hashlen,
const unsigned char *hash,
unsigned char *sig )
@ -170,21 +170,21 @@ int pkcs11_sign( pkcs11_context *ctx,
const char *oid;
if( NULL == ctx )
return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
if( RSA_PRIVATE != mode )
return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
if( MBEDTLS_RSA_PRIVATE != mode )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
if( md_alg != POLARSSL_MD_NONE )
if( md_alg != MBEDTLS_MD_NONE )
{
const md_info_t *md_info = md_info_from_type( md_alg );
const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( md_alg );
if( md_info == NULL )
return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
if( oid_get_oid_by_md( md_alg, &oid, &oid_size ) != 0 )
return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
if( mbedtls_oid_get_oid_by_md( md_alg, &oid, &oid_size ) != 0 )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
hashlen = md_get_size( md_info );
hashlen = mbedtls_md_get_size( md_info );
asn_len = 10 + oid_size;
}
@ -192,10 +192,10 @@ int pkcs11_sign( pkcs11_context *ctx,
if( hashlen > sig_len || asn_len > sig_len ||
hashlen + asn_len > sig_len )
{
return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
}
if( md_alg != POLARSSL_MD_NONE )
if( md_alg != MBEDTLS_MD_NONE )
{
/*
* DigestInfo ::= SEQUENCE {
@ -206,17 +206,17 @@ int pkcs11_sign( pkcs11_context *ctx,
*
* Digest ::= OCTET STRING
*/
*p++ = ASN1_SEQUENCE | ASN1_CONSTRUCTED;
*p++ = MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED;
*p++ = (unsigned char) ( 0x08 + oid_size + hashlen );
*p++ = ASN1_SEQUENCE | ASN1_CONSTRUCTED;
*p++ = MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED;
*p++ = (unsigned char) ( 0x04 + oid_size );
*p++ = ASN1_OID;
*p++ = MBEDTLS_ASN1_OID;
*p++ = oid_size & 0xFF;
memcpy( p, oid, oid_size );
p += oid_size;
*p++ = ASN1_NULL;
*p++ = MBEDTLS_ASN1_NULL;
*p++ = 0x00;
*p++ = ASN1_OCTET_STRING;
*p++ = MBEDTLS_ASN1_OCTET_STRING;
*p++ = hashlen;
}
@ -225,10 +225,10 @@ int pkcs11_sign( pkcs11_context *ctx,
if( pkcs11h_certificate_signAny( ctx->pkcs11h_cert, CKM_RSA_PKCS, sig,
asn_len + hashlen, sig, &sig_len ) != CKR_OK )
{
return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
}
return( 0 );
}
#endif /* defined(POLARSSL_PKCS11_C) */
#endif /* defined(MBEDTLS_PKCS11_C) */

150
library/pkcs12.c
View File

@ -26,13 +26,13 @@
* ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-12/pkcs-12v1-1.asn
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_PKCS12_C)
#if defined(MBEDTLS_PKCS12_C)
#include "mbedtls/pkcs12.h"
#include "mbedtls/asn1.h"
@ -40,21 +40,21 @@
#include <string.h>
#if defined(POLARSSL_ARC4_C)
#if defined(MBEDTLS_ARC4_C)
#include "mbedtls/arc4.h"
#endif
#if defined(POLARSSL_DES_C)
#if defined(MBEDTLS_DES_C)
#include "mbedtls/des.h"
#endif
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
static int pkcs12_parse_pbe_params( asn1_buf *params,
asn1_buf *salt, int *iterations )
static int pkcs12_parse_pbe_params( mbedtls_asn1_buf *params,
mbedtls_asn1_buf *salt, int *iterations )
{
int ret;
unsigned char **p = &params->p;
@ -67,37 +67,37 @@ static int pkcs12_parse_pbe_params( asn1_buf *params,
* }
*
*/
if( params->tag != ( ASN1_CONSTRUCTED | ASN1_SEQUENCE ) )
return( POLARSSL_ERR_PKCS12_PBE_INVALID_FORMAT +
POLARSSL_ERR_ASN1_UNEXPECTED_TAG );
if( params->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) )
return( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT +
MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
if( ( ret = asn1_get_tag( p, end, &salt->len, ASN1_OCTET_STRING ) ) != 0 )
return( POLARSSL_ERR_PKCS12_PBE_INVALID_FORMAT + ret );
if( ( ret = mbedtls_asn1_get_tag( p, end, &salt->len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 )
return( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT + ret );
salt->p = *p;
*p += salt->len;
if( ( ret = asn1_get_int( p, end, iterations ) ) != 0 )
return( POLARSSL_ERR_PKCS12_PBE_INVALID_FORMAT + ret );
if( ( ret = mbedtls_asn1_get_int( p, end, iterations ) ) != 0 )
return( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT + ret );
if( *p != end )
return( POLARSSL_ERR_PKCS12_PBE_INVALID_FORMAT +
POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
return( MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT +
MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
return( 0 );
}
static int pkcs12_pbe_derive_key_iv( asn1_buf *pbe_params, md_type_t md_type,
static int pkcs12_pbe_derive_key_iv( mbedtls_asn1_buf *pbe_params, mbedtls_md_type_t md_type,
const unsigned char *pwd, size_t pwdlen,
unsigned char *key, size_t keylen,
unsigned char *iv, size_t ivlen )
{
int ret, iterations;
asn1_buf salt;
mbedtls_asn1_buf salt;
size_t i;
unsigned char unipwd[258];
memset( &salt, 0, sizeof(asn1_buf) );
memset( &salt, 0, sizeof(mbedtls_asn1_buf) );
memset( &unipwd, 0, sizeof(unipwd) );
if( ( ret = pkcs12_parse_pbe_params( pbe_params, &salt,
@ -107,9 +107,9 @@ static int pkcs12_pbe_derive_key_iv( asn1_buf *pbe_params, md_type_t md_type,
for( i = 0; i < pwdlen; i++ )
unipwd[i * 2 + 1] = pwd[i];
if( ( ret = pkcs12_derivation( key, keylen, unipwd, pwdlen * 2 + 2,
if( ( ret = mbedtls_pkcs12_derivation( key, keylen, unipwd, pwdlen * 2 + 2,
salt.p, salt.len, md_type,
PKCS12_DERIVE_KEY, iterations ) ) != 0 )
MBEDTLS_PKCS12_DERIVE_KEY, iterations ) ) != 0 )
{
return( ret );
}
@ -117,21 +117,21 @@ static int pkcs12_pbe_derive_key_iv( asn1_buf *pbe_params, md_type_t md_type,
if( iv == NULL || ivlen == 0 )
return( 0 );
if( ( ret = pkcs12_derivation( iv, ivlen, unipwd, pwdlen * 2 + 2,
if( ( ret = mbedtls_pkcs12_derivation( iv, ivlen, unipwd, pwdlen * 2 + 2,
salt.p, salt.len, md_type,
PKCS12_DERIVE_IV, iterations ) ) != 0 )
MBEDTLS_PKCS12_DERIVE_IV, iterations ) ) != 0 )
{
return( ret );
}
return( 0 );
}
int pkcs12_pbe_sha1_rc4_128( asn1_buf *pbe_params, int mode,
int mbedtls_pkcs12_pbe_sha1_rc4_128( mbedtls_asn1_buf *pbe_params, int mode,
const unsigned char *pwd, size_t pwdlen,
const unsigned char *data, size_t len,
unsigned char *output )
{
#if !defined(POLARSSL_ARC4_C)
#if !defined(MBEDTLS_ARC4_C)
((void) pbe_params);
((void) mode);
((void) pwd);
@ -139,36 +139,36 @@ int pkcs12_pbe_sha1_rc4_128( asn1_buf *pbe_params, int mode,
((void) data);
((void) len);
((void) output);
return( POLARSSL_ERR_PKCS12_FEATURE_UNAVAILABLE );
return( MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE );
#else
int ret;
unsigned char key[16];
arc4_context ctx;
mbedtls_arc4_context ctx;
((void) mode);
arc4_init( &ctx );
mbedtls_arc4_init( &ctx );
if( ( ret = pkcs12_pbe_derive_key_iv( pbe_params, POLARSSL_MD_SHA1,
if( ( ret = pkcs12_pbe_derive_key_iv( pbe_params, MBEDTLS_MD_SHA1,
pwd, pwdlen,
key, 16, NULL, 0 ) ) != 0 )
{
return( ret );
}
arc4_setup( &ctx, key, 16 );
if( ( ret = arc4_crypt( &ctx, len, data, output ) ) != 0 )
mbedtls_arc4_setup( &ctx, key, 16 );
if( ( ret = mbedtls_arc4_crypt( &ctx, len, data, output ) ) != 0 )
goto exit;
exit:
polarssl_zeroize( key, sizeof( key ) );
arc4_free( &ctx );
mbedtls_zeroize( key, sizeof( key ) );
mbedtls_arc4_free( &ctx );
return( ret );
#endif /* POLARSSL_ARC4_C */
#endif /* MBEDTLS_ARC4_C */
}
int pkcs12_pbe( asn1_buf *pbe_params, int mode,
cipher_type_t cipher_type, md_type_t md_type,
int mbedtls_pkcs12_pbe( mbedtls_asn1_buf *pbe_params, int mode,
mbedtls_cipher_type_t cipher_type, mbedtls_md_type_t md_type,
const unsigned char *pwd, size_t pwdlen,
const unsigned char *data, size_t len,
unsigned char *output )
@ -176,13 +176,13 @@ int pkcs12_pbe( asn1_buf *pbe_params, int mode,
int ret, keylen = 0;
unsigned char key[32];
unsigned char iv[16];
const cipher_info_t *cipher_info;
cipher_context_t cipher_ctx;
const mbedtls_cipher_info_t *cipher_info;
mbedtls_cipher_context_t cipher_ctx;
size_t olen = 0;
cipher_info = cipher_info_from_type( cipher_type );
cipher_info = mbedtls_cipher_info_from_type( cipher_type );
if( cipher_info == NULL )
return( POLARSSL_ERR_PKCS12_FEATURE_UNAVAILABLE );
return( MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE );
keylen = cipher_info->key_length / 8;
@ -193,33 +193,33 @@ int pkcs12_pbe( asn1_buf *pbe_params, int mode,
return( ret );
}
cipher_init( &cipher_ctx );
mbedtls_cipher_init( &cipher_ctx );
if( ( ret = cipher_init_ctx( &cipher_ctx, cipher_info ) ) != 0 )
if( ( ret = mbedtls_cipher_init_ctx( &cipher_ctx, cipher_info ) ) != 0 )
goto exit;
if( ( ret = cipher_setkey( &cipher_ctx, key, 8 * keylen, (operation_t) mode ) ) != 0 )
if( ( ret = mbedtls_cipher_setkey( &cipher_ctx, key, 8 * keylen, (mbedtls_operation_t) mode ) ) != 0 )
goto exit;
if( ( ret = cipher_set_iv( &cipher_ctx, iv, cipher_info->iv_size ) ) != 0 )
if( ( ret = mbedtls_cipher_set_iv( &cipher_ctx, iv, cipher_info->iv_size ) ) != 0 )
goto exit;
if( ( ret = cipher_reset( &cipher_ctx ) ) != 0 )
if( ( ret = mbedtls_cipher_reset( &cipher_ctx ) ) != 0 )
goto exit;
if( ( ret = cipher_update( &cipher_ctx, data, len,
if( ( ret = mbedtls_cipher_update( &cipher_ctx, data, len,
output, &olen ) ) != 0 )
{
goto exit;
}
if( ( ret = cipher_finish( &cipher_ctx, output + olen, &olen ) ) != 0 )
ret = POLARSSL_ERR_PKCS12_PASSWORD_MISMATCH;
if( ( ret = mbedtls_cipher_finish( &cipher_ctx, output + olen, &olen ) ) != 0 )
ret = MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH;
exit:
polarssl_zeroize( key, sizeof( key ) );
polarssl_zeroize( iv, sizeof( iv ) );
cipher_free( &cipher_ctx );
mbedtls_zeroize( key, sizeof( key ) );
mbedtls_zeroize( iv, sizeof( iv ) );
mbedtls_cipher_free( &cipher_ctx );
return( ret );
}
@ -239,38 +239,38 @@ static void pkcs12_fill_buffer( unsigned char *data, size_t data_len,
}
}
int pkcs12_derivation( unsigned char *data, size_t datalen,
int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen,
const unsigned char *pwd, size_t pwdlen,
const unsigned char *salt, size_t saltlen,
md_type_t md_type, int id, int iterations )
mbedtls_md_type_t md_type, int id, int iterations )
{
int ret;
unsigned int j;
unsigned char diversifier[128];
unsigned char salt_block[128], pwd_block[128], hash_block[128];
unsigned char hash_output[POLARSSL_MD_MAX_SIZE];
unsigned char hash_output[MBEDTLS_MD_MAX_SIZE];
unsigned char *p;
unsigned char c;
size_t hlen, use_len, v, i;
const md_info_t *md_info;
md_context_t md_ctx;
const mbedtls_md_info_t *md_info;
mbedtls_md_context_t md_ctx;
// This version only allows max of 64 bytes of password or salt
if( datalen > 128 || pwdlen > 64 || saltlen > 64 )
return( POLARSSL_ERR_PKCS12_BAD_INPUT_DATA );
return( MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA );
md_info = md_info_from_type( md_type );
md_info = mbedtls_md_info_from_type( md_type );
if( md_info == NULL )
return( POLARSSL_ERR_PKCS12_FEATURE_UNAVAILABLE );
return( MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE );
md_init( &md_ctx );
mbedtls_md_init( &md_ctx );
if( ( ret = md_setup( &md_ctx, md_info, 0 ) ) != 0 )
if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 0 ) ) != 0 )
return( ret );
hlen = md_get_size( md_info );
hlen = mbedtls_md_get_size( md_info );
if( hlen <= 32 )
v = 64;
@ -286,25 +286,25 @@ int pkcs12_derivation( unsigned char *data, size_t datalen,
while( datalen > 0 )
{
// Calculate hash( diversifier || salt_block || pwd_block )
if( ( ret = md_starts( &md_ctx ) ) != 0 )
if( ( ret = mbedtls_md_starts( &md_ctx ) ) != 0 )
goto exit;
if( ( ret = md_update( &md_ctx, diversifier, v ) ) != 0 )
if( ( ret = mbedtls_md_update( &md_ctx, diversifier, v ) ) != 0 )
goto exit;
if( ( ret = md_update( &md_ctx, salt_block, v ) ) != 0 )
if( ( ret = mbedtls_md_update( &md_ctx, salt_block, v ) ) != 0 )
goto exit;
if( ( ret = md_update( &md_ctx, pwd_block, v ) ) != 0 )
if( ( ret = mbedtls_md_update( &md_ctx, pwd_block, v ) ) != 0 )
goto exit;
if( ( ret = md_finish( &md_ctx, hash_output ) ) != 0 )
if( ( ret = mbedtls_md_finish( &md_ctx, hash_output ) ) != 0 )
goto exit;
// Perform remaining ( iterations - 1 ) recursive hash calculations
for( i = 1; i < (size_t) iterations; i++ )
{
if( ( ret = md( md_info, hash_output, hlen, hash_output ) ) != 0 )
if( ( ret = mbedtls_md( md_info, hash_output, hlen, hash_output ) ) != 0 )
goto exit;
}
@ -346,14 +346,14 @@ int pkcs12_derivation( unsigned char *data, size_t datalen,
ret = 0;
exit:
polarssl_zeroize( salt_block, sizeof( salt_block ) );
polarssl_zeroize( pwd_block, sizeof( pwd_block ) );
polarssl_zeroize( hash_block, sizeof( hash_block ) );
polarssl_zeroize( hash_output, sizeof( hash_output ) );
mbedtls_zeroize( salt_block, sizeof( salt_block ) );
mbedtls_zeroize( pwd_block, sizeof( pwd_block ) );
mbedtls_zeroize( hash_block, sizeof( hash_block ) );
mbedtls_zeroize( hash_output, sizeof( hash_output ) );
md_free( &md_ctx );
mbedtls_md_free( &md_ctx );
return( ret );
}
#endif /* POLARSSL_PKCS12_C */
#endif /* MBEDTLS_PKCS12_C */

186
library/pkcs5.c
View File

@ -30,13 +30,13 @@
* http://tools.ietf.org/html/rfc6070 (Test vectors)
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_PKCS5_C)
#if defined(MBEDTLS_PKCS5_C)
#include "mbedtls/pkcs5.h"
#include "mbedtls/asn1.h"
@ -45,25 +45,25 @@
#include <string.h>
#if defined(POLARSSL_PLATFORM_C)
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#include <stdio.h>
#define polarssl_printf printf
#define mbedtls_printf printf
#endif
static int pkcs5_parse_pbkdf2_params( const asn1_buf *params,
asn1_buf *salt, int *iterations,
int *keylen, md_type_t *md_type )
static int pkcs5_parse_pbkdf2_params( const mbedtls_asn1_buf *params,
mbedtls_asn1_buf *salt, int *iterations,
int *keylen, mbedtls_md_type_t *md_type )
{
int ret;
asn1_buf prf_alg_oid;
mbedtls_asn1_buf prf_alg_oid;
unsigned char *p = params->p;
const unsigned char *end = params->p + params->len;
if( params->tag != ( ASN1_CONSTRUCTED | ASN1_SEQUENCE ) )
return( POLARSSL_ERR_PKCS5_INVALID_FORMAT +
POLARSSL_ERR_ASN1_UNEXPECTED_TAG );
if( params->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) )
return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT +
MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
/*
* PBKDF2-params ::= SEQUENCE {
* salt OCTET STRING,
@ -73,59 +73,59 @@ static int pkcs5_parse_pbkdf2_params( const asn1_buf *params,
* }
*
*/
if( ( ret = asn1_get_tag( &p, end, &salt->len, ASN1_OCTET_STRING ) ) != 0 )
return( POLARSSL_ERR_PKCS5_INVALID_FORMAT + ret );
if( ( ret = mbedtls_asn1_get_tag( &p, end, &salt->len, MBEDTLS_ASN1_OCTET_STRING ) ) != 0 )
return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret );
salt->p = p;
p += salt->len;
if( ( ret = asn1_get_int( &p, end, iterations ) ) != 0 )
return( POLARSSL_ERR_PKCS5_INVALID_FORMAT + ret );
if( ( ret = mbedtls_asn1_get_int( &p, end, iterations ) ) != 0 )
return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret );
if( p == end )
return( 0 );
if( ( ret = asn1_get_int( &p, end, keylen ) ) != 0 )
if( ( ret = mbedtls_asn1_get_int( &p, end, keylen ) ) != 0 )
{
if( ret != POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
return( POLARSSL_ERR_PKCS5_INVALID_FORMAT + ret );
if( ret != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret );
}
if( p == end )
return( 0 );
if( ( ret = asn1_get_alg_null( &p, end, &prf_alg_oid ) ) != 0 )
return( POLARSSL_ERR_PKCS5_INVALID_FORMAT + ret );
if( ( ret = mbedtls_asn1_get_alg_null( &p, end, &prf_alg_oid ) ) != 0 )
return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret );
if( OID_CMP( OID_HMAC_SHA1, &prf_alg_oid ) != 0 )
return( POLARSSL_ERR_PKCS5_FEATURE_UNAVAILABLE );
if( MBEDTLS_OID_CMP( MBEDTLS_OID_HMAC_SHA1, &prf_alg_oid ) != 0 )
return( MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE );
*md_type = POLARSSL_MD_SHA1;
*md_type = MBEDTLS_MD_SHA1;
if( p != end )
return( POLARSSL_ERR_PKCS5_INVALID_FORMAT +
POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT +
MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
return( 0 );
}
int pkcs5_pbes2( const asn1_buf *pbe_params, int mode,
int mbedtls_pkcs5_pbes2( const mbedtls_asn1_buf *pbe_params, int mode,
const unsigned char *pwd, size_t pwdlen,
const unsigned char *data, size_t datalen,
unsigned char *output )
{
int ret, iterations = 0, keylen = 0;
unsigned char *p, *end;
asn1_buf kdf_alg_oid, enc_scheme_oid, kdf_alg_params, enc_scheme_params;
asn1_buf salt;
md_type_t md_type = POLARSSL_MD_SHA1;
mbedtls_asn1_buf kdf_alg_oid, enc_scheme_oid, kdf_alg_params, enc_scheme_params;
mbedtls_asn1_buf salt;
mbedtls_md_type_t md_type = MBEDTLS_MD_SHA1;
unsigned char key[32], iv[32];
size_t olen = 0;
const md_info_t *md_info;
const cipher_info_t *cipher_info;
md_context_t md_ctx;
cipher_type_t cipher_alg;
cipher_context_t cipher_ctx;
const mbedtls_md_info_t *md_info;
const mbedtls_cipher_info_t *cipher_info;
mbedtls_md_context_t md_ctx;
mbedtls_cipher_type_t cipher_alg;
mbedtls_cipher_context_t cipher_ctx;
p = pbe_params->p;
end = p + pbe_params->len;
@ -136,17 +136,17 @@ int pkcs5_pbes2( const asn1_buf *pbe_params, int mode,
* encryptionScheme AlgorithmIdentifier {{PBES2-Encs}}
* }
*/
if( pbe_params->tag != ( ASN1_CONSTRUCTED | ASN1_SEQUENCE ) )
return( POLARSSL_ERR_PKCS5_INVALID_FORMAT +
POLARSSL_ERR_ASN1_UNEXPECTED_TAG );
if( pbe_params->tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) )
return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT +
MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
if( ( ret = asn1_get_alg( &p, end, &kdf_alg_oid, &kdf_alg_params ) ) != 0 )
return( POLARSSL_ERR_PKCS5_INVALID_FORMAT + ret );
if( ( ret = mbedtls_asn1_get_alg( &p, end, &kdf_alg_oid, &kdf_alg_params ) ) != 0 )
return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret );
// Only PBKDF2 supported at the moment
//
if( OID_CMP( OID_PKCS5_PBKDF2, &kdf_alg_oid ) != 0 )
return( POLARSSL_ERR_PKCS5_FEATURE_UNAVAILABLE );
if( MBEDTLS_OID_CMP( MBEDTLS_OID_PKCS5_PBKDF2, &kdf_alg_oid ) != 0 )
return( MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE );
if( ( ret = pkcs5_parse_pbkdf2_params( &kdf_alg_params,
&salt, &iterations, &keylen,
@ -155,22 +155,22 @@ int pkcs5_pbes2( const asn1_buf *pbe_params, int mode,
return( ret );
}
md_info = md_info_from_type( md_type );
md_info = mbedtls_md_info_from_type( md_type );
if( md_info == NULL )
return( POLARSSL_ERR_PKCS5_FEATURE_UNAVAILABLE );
return( MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE );
if( ( ret = asn1_get_alg( &p, end, &enc_scheme_oid,
if( ( ret = mbedtls_asn1_get_alg( &p, end, &enc_scheme_oid,
&enc_scheme_params ) ) != 0 )
{
return( POLARSSL_ERR_PKCS5_INVALID_FORMAT + ret );
return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT + ret );
}
if( oid_get_cipher_alg( &enc_scheme_oid, &cipher_alg ) != 0 )
return( POLARSSL_ERR_PKCS5_FEATURE_UNAVAILABLE );
if( mbedtls_oid_get_cipher_alg( &enc_scheme_oid, &cipher_alg ) != 0 )
return( MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE );
cipher_info = cipher_info_from_type( cipher_alg );
cipher_info = mbedtls_cipher_info_from_type( cipher_alg );
if( cipher_info == NULL )
return( POLARSSL_ERR_PKCS5_FEATURE_UNAVAILABLE );
return( MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE );
/*
* The value of keylen from pkcs5_parse_pbkdf2_params() is ignored
@ -178,53 +178,53 @@ int pkcs5_pbes2( const asn1_buf *pbe_params, int mode,
*/
keylen = cipher_info->key_length / 8;
if( enc_scheme_params.tag != ASN1_OCTET_STRING ||
if( enc_scheme_params.tag != MBEDTLS_ASN1_OCTET_STRING ||
enc_scheme_params.len != cipher_info->iv_size )
{
return( POLARSSL_ERR_PKCS5_INVALID_FORMAT );
return( MBEDTLS_ERR_PKCS5_INVALID_FORMAT );
}
md_init( &md_ctx );
cipher_init( &cipher_ctx );
mbedtls_md_init( &md_ctx );
mbedtls_cipher_init( &cipher_ctx );
memcpy( iv, enc_scheme_params.p, enc_scheme_params.len );
if( ( ret = md_setup( &md_ctx, md_info, 1 ) ) != 0 )
if( ( ret = mbedtls_md_setup( &md_ctx, md_info, 1 ) ) != 0 )
goto exit;
if( ( ret = pkcs5_pbkdf2_hmac( &md_ctx, pwd, pwdlen, salt.p, salt.len,
if( ( ret = mbedtls_pkcs5_pbkdf2_hmac( &md_ctx, pwd, pwdlen, salt.p, salt.len,
iterations, keylen, key ) ) != 0 )
{
goto exit;
}
if( ( ret = cipher_init_ctx( &cipher_ctx, cipher_info ) ) != 0 )
if( ( ret = mbedtls_cipher_init_ctx( &cipher_ctx, cipher_info ) ) != 0 )
goto exit;
if( ( ret = cipher_setkey( &cipher_ctx, key, 8 * keylen, (operation_t) mode ) ) != 0 )
if( ( ret = mbedtls_cipher_setkey( &cipher_ctx, key, 8 * keylen, (mbedtls_operation_t) mode ) ) != 0 )
goto exit;
if( ( ret = cipher_crypt( &cipher_ctx, iv, enc_scheme_params.len,
if( ( ret = mbedtls_cipher_crypt( &cipher_ctx, iv, enc_scheme_params.len,
data, datalen, output, &olen ) ) != 0 )
ret = POLARSSL_ERR_PKCS5_PASSWORD_MISMATCH;
ret = MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH;
exit:
md_free( &md_ctx );
cipher_free( &cipher_ctx );
mbedtls_md_free( &md_ctx );
mbedtls_cipher_free( &cipher_ctx );
return( ret );
}
int pkcs5_pbkdf2_hmac( md_context_t *ctx, const unsigned char *password,
int mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx, const unsigned char *password,
size_t plen, const unsigned char *salt, size_t slen,
unsigned int iteration_count,
uint32_t key_length, unsigned char *output )
{
int ret, j;
unsigned int i;
unsigned char md1[POLARSSL_MD_MAX_SIZE];
unsigned char work[POLARSSL_MD_MAX_SIZE];
unsigned char md_size = md_get_size( ctx->md_info );
unsigned char md1[MBEDTLS_MD_MAX_SIZE];
unsigned char work[MBEDTLS_MD_MAX_SIZE];
unsigned char md_size = mbedtls_md_get_size( ctx->md_info );
size_t use_len;
unsigned char *out_p = output;
unsigned char counter[4];
@ -233,22 +233,22 @@ int pkcs5_pbkdf2_hmac( md_context_t *ctx, const unsigned char *password,
counter[3] = 1;
if( iteration_count > 0xFFFFFFFF )
return( POLARSSL_ERR_PKCS5_BAD_INPUT_DATA );
return( MBEDTLS_ERR_PKCS5_BAD_INPUT_DATA );
while( key_length )
{
// U1 ends up in work
//
if( ( ret = md_hmac_starts( ctx, password, plen ) ) != 0 )
if( ( ret = mbedtls_md_hmac_starts( ctx, password, plen ) ) != 0 )
return( ret );
if( ( ret = md_hmac_update( ctx, salt, slen ) ) != 0 )
if( ( ret = mbedtls_md_hmac_update( ctx, salt, slen ) ) != 0 )
return( ret );
if( ( ret = md_hmac_update( ctx, counter, 4 ) ) != 0 )
if( ( ret = mbedtls_md_hmac_update( ctx, counter, 4 ) ) != 0 )
return( ret );
if( ( ret = md_hmac_finish( ctx, work ) ) != 0 )
if( ( ret = mbedtls_md_hmac_finish( ctx, work ) ) != 0 )
return( ret );
memcpy( md1, work, md_size );
@ -257,13 +257,13 @@ int pkcs5_pbkdf2_hmac( md_context_t *ctx, const unsigned char *password,
{
// U2 ends up in md1
//
if( ( ret = md_hmac_starts( ctx, password, plen ) ) != 0 )
if( ( ret = mbedtls_md_hmac_starts( ctx, password, plen ) ) != 0 )
return( ret );
if( ( ret = md_hmac_update( ctx, md1, md_size ) ) != 0 )
if( ( ret = mbedtls_md_hmac_update( ctx, md1, md_size ) ) != 0 )
return( ret );
if( ( ret = md_hmac_finish( ctx, md1 ) ) != 0 )
if( ( ret = mbedtls_md_hmac_finish( ctx, md1 ) ) != 0 )
return( ret );
// U1 xor U2
@ -286,13 +286,13 @@ int pkcs5_pbkdf2_hmac( md_context_t *ctx, const unsigned char *password,
return( 0 );
}
#if defined(POLARSSL_SELF_TEST)
#if defined(MBEDTLS_SELF_TEST)
#if !defined(POLARSSL_SHA1_C)
int pkcs5_self_test( int verbose )
#if !defined(MBEDTLS_SHA1_C)
int mbedtls_pkcs5_self_test( int verbose )
{
if( verbose != 0 )
polarssl_printf( " PBKDF2 (SHA1): skipped\n\n" );
mbedtls_printf( " PBKDF2 (SHA1): skipped\n\n" );
return( 0 );
}
@ -349,23 +349,23 @@ static const unsigned char result_key[MAX_TESTS][32] =
0xcc, 0x37, 0xd7, 0xf0, 0x34, 0x25, 0xe0, 0xc3 },
};
int pkcs5_self_test( int verbose )
int mbedtls_pkcs5_self_test( int verbose )
{
md_context_t sha1_ctx;
const md_info_t *info_sha1;
mbedtls_md_context_t sha1_ctx;
const mbedtls_md_info_t *info_sha1;
int ret, i;
unsigned char key[64];
md_init( &sha1_ctx );
mbedtls_md_init( &sha1_ctx );
info_sha1 = md_info_from_type( POLARSSL_MD_SHA1 );
info_sha1 = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 );
if( info_sha1 == NULL )
{
ret = 1;
goto exit;
}
if( ( ret = md_setup( &sha1_ctx, info_sha1, 1 ) ) != 0 )
if( ( ret = mbedtls_md_setup( &sha1_ctx, info_sha1, 1 ) ) != 0 )
{
ret = 1;
goto exit;
@ -374,33 +374,33 @@ int pkcs5_self_test( int verbose )
for( i = 0; i < MAX_TESTS; i++ )
{
if( verbose != 0 )
polarssl_printf( " PBKDF2 (SHA1) #%d: ", i );
mbedtls_printf( " PBKDF2 (SHA1) #%d: ", i );
ret = pkcs5_pbkdf2_hmac( &sha1_ctx, password[i], plen[i], salt[i],
ret = mbedtls_pkcs5_pbkdf2_hmac( &sha1_ctx, password[i], plen[i], salt[i],
slen[i], it_cnt[i], key_len[i], key );
if( ret != 0 ||
memcmp( result_key[i], key, key_len[i] ) != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
mbedtls_printf( "failed\n" );
ret = 1;
goto exit;
}
if( verbose != 0 )
polarssl_printf( "passed\n" );
mbedtls_printf( "passed\n" );
}
polarssl_printf( "\n" );
mbedtls_printf( "\n" );
exit:
md_free( &sha1_ctx );
mbedtls_md_free( &sha1_ctx );
return( ret );
}
#endif /* POLARSSL_SHA1_C */
#endif /* MBEDTLS_SHA1_C */
#endif /* POLARSSL_SELF_TEST */
#endif /* MBEDTLS_SELF_TEST */
#endif /* POLARSSL_PKCS5_C */
#endif /* MBEDTLS_PKCS5_C */

760
library/pkparse.c
View File

File diff suppressed because it is too large Load Diff

230
library/pkwrite.c
View File

@ -20,13 +20,13 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_PK_WRITE_C)
#if defined(MBEDTLS_PK_WRITE_C)
#include "mbedtls/pk.h"
#include "mbedtls/asn1write.h"
@ -34,28 +34,28 @@
#include <string.h>
#if defined(POLARSSL_RSA_C)
#if defined(MBEDTLS_RSA_C)
#include "mbedtls/rsa.h"
#endif
#if defined(POLARSSL_ECP_C)
#if defined(MBEDTLS_ECP_C)
#include "mbedtls/ecp.h"
#endif
#if defined(POLARSSL_ECDSA_C)
#if defined(MBEDTLS_ECDSA_C)
#include "mbedtls/ecdsa.h"
#endif
#if defined(POLARSSL_PEM_WRITE_C)
#if defined(MBEDTLS_PEM_WRITE_C)
#include "mbedtls/pem.h"
#endif
#if defined(POLARSSL_PLATFORM_C)
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#include <stdlib.h>
#define polarssl_malloc malloc
#define polarssl_free free
#define mbedtls_malloc malloc
#define mbedtls_free free
#endif
#if defined(POLARSSL_RSA_C)
#if defined(MBEDTLS_RSA_C)
/*
* RSAPublicKey ::= SEQUENCE {
* modulus INTEGER, -- n
@ -63,42 +63,42 @@
* }
*/
static int pk_write_rsa_pubkey( unsigned char **p, unsigned char *start,
rsa_context *rsa )
mbedtls_rsa_context *rsa )
{
int ret;
size_t len = 0;
ASN1_CHK_ADD( len, asn1_write_mpi( p, start, &rsa->E ) );
ASN1_CHK_ADD( len, asn1_write_mpi( p, start, &rsa->N ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( p, start, &rsa->E ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( p, start, &rsa->N ) );
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_CONSTRUCTED |
ASN1_SEQUENCE ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_CONSTRUCTED |
MBEDTLS_ASN1_SEQUENCE ) );
return( (int) len );
}
#endif /* POLARSSL_RSA_C */
#endif /* MBEDTLS_RSA_C */
#if defined(POLARSSL_ECP_C)
#if defined(MBEDTLS_ECP_C)
/*
* EC public key is an EC point
*/
static int pk_write_ec_pubkey( unsigned char **p, unsigned char *start,
ecp_keypair *ec )
mbedtls_ecp_keypair *ec )
{
int ret;
size_t len = 0;
unsigned char buf[POLARSSL_ECP_MAX_PT_LEN];
unsigned char buf[MBEDTLS_ECP_MAX_PT_LEN];
if( ( ret = ecp_point_write_binary( &ec->grp, &ec->Q,
POLARSSL_ECP_PF_UNCOMPRESSED,
if( ( ret = mbedtls_ecp_point_write_binary( &ec->grp, &ec->Q,
MBEDTLS_ECP_PF_UNCOMPRESSED,
&len, buf, sizeof( buf ) ) ) != 0 )
{
return( ret );
}
if( *p - start < (int) len )
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
*p -= len;
memcpy( *p, buf, len );
@ -112,44 +112,44 @@ static int pk_write_ec_pubkey( unsigned char **p, unsigned char *start,
* }
*/
static int pk_write_ec_param( unsigned char **p, unsigned char *start,
ecp_keypair *ec )
mbedtls_ecp_keypair *ec )
{
int ret;
size_t len = 0;
const char *oid;
size_t oid_len;
if( ( ret = oid_get_oid_by_ec_grp( ec->grp.id, &oid, &oid_len ) ) != 0 )
if( ( ret = mbedtls_oid_get_oid_by_ec_grp( ec->grp.id, &oid, &oid_len ) ) != 0 )
return( ret );
ASN1_CHK_ADD( len, asn1_write_oid( p, start, oid, oid_len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_oid( p, start, oid, oid_len ) );
return( (int) len );
}
#endif /* POLARSSL_ECP_C */
#endif /* MBEDTLS_ECP_C */
int pk_write_pubkey( unsigned char **p, unsigned char *start,
const pk_context *key )
int mbedtls_pk_write_pubkey( unsigned char **p, unsigned char *start,
const mbedtls_pk_context *key )
{
int ret;
size_t len = 0;
#if defined(POLARSSL_RSA_C)
if( pk_get_type( key ) == POLARSSL_PK_RSA )
ASN1_CHK_ADD( len, pk_write_rsa_pubkey( p, start, pk_rsa( *key ) ) );
#if defined(MBEDTLS_RSA_C)
if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_RSA )
MBEDTLS_ASN1_CHK_ADD( len, pk_write_rsa_pubkey( p, start, mbedtls_pk_rsa( *key ) ) );
else
#endif
#if defined(POLARSSL_ECP_C)
if( pk_get_type( key ) == POLARSSL_PK_ECKEY )
ASN1_CHK_ADD( len, pk_write_ec_pubkey( p, start, pk_ec( *key ) ) );
#if defined(MBEDTLS_ECP_C)
if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_ECKEY )
MBEDTLS_ASN1_CHK_ADD( len, pk_write_ec_pubkey( p, start, mbedtls_pk_ec( *key ) ) );
else
#endif
return( POLARSSL_ERR_PK_FEATURE_UNAVAILABLE );
return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
return( (int) len );
}
int pk_write_pubkey_der( pk_context *key, unsigned char *buf, size_t size )
int mbedtls_pk_write_pubkey_der( mbedtls_pk_context *key, unsigned char *buf, size_t size )
{
int ret;
unsigned char *c;
@ -158,10 +158,10 @@ int pk_write_pubkey_der( pk_context *key, unsigned char *buf, size_t size )
c = buf + size;
ASN1_CHK_ADD( len, pk_write_pubkey( &c, buf, key ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_pk_write_pubkey( &c, buf, key ) );
if( c - buf < 1 )
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
/*
* SubjectPublicKeyInfo ::= SEQUENCE {
@ -171,63 +171,63 @@ int pk_write_pubkey_der( pk_context *key, unsigned char *buf, size_t size )
*--c = 0;
len += 1;
ASN1_CHK_ADD( len, asn1_write_len( &c, buf, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( &c, buf, ASN1_BIT_STRING ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_BIT_STRING ) );
if( ( ret = oid_get_oid_by_pk_alg( pk_get_type( key ),
if( ( ret = mbedtls_oid_get_oid_by_pk_alg( mbedtls_pk_get_type( key ),
&oid, &oid_len ) ) != 0 )
{
return( ret );
}
#if defined(POLARSSL_ECP_C)
if( pk_get_type( key ) == POLARSSL_PK_ECKEY )
#if defined(MBEDTLS_ECP_C)
if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_ECKEY )
{
ASN1_CHK_ADD( par_len, pk_write_ec_param( &c, buf, pk_ec( *key ) ) );
MBEDTLS_ASN1_CHK_ADD( par_len, pk_write_ec_param( &c, buf, mbedtls_pk_ec( *key ) ) );
}
#endif
ASN1_CHK_ADD( len, asn1_write_algorithm_identifier( &c, buf, oid, oid_len,
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_algorithm_identifier( &c, buf, oid, oid_len,
par_len ) );
ASN1_CHK_ADD( len, asn1_write_len( &c, buf, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( &c, buf, ASN1_CONSTRUCTED |
ASN1_SEQUENCE ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_CONSTRUCTED |
MBEDTLS_ASN1_SEQUENCE ) );
return( (int) len );
}
int pk_write_key_der( pk_context *key, unsigned char *buf, size_t size )
int mbedtls_pk_write_key_der( mbedtls_pk_context *key, unsigned char *buf, size_t size )
{
int ret;
unsigned char *c = buf + size;
size_t len = 0;
#if defined(POLARSSL_RSA_C)
if( pk_get_type( key ) == POLARSSL_PK_RSA )
#if defined(MBEDTLS_RSA_C)
if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_RSA )
{
rsa_context *rsa = pk_rsa( *key );
mbedtls_rsa_context *rsa = mbedtls_pk_rsa( *key );
ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->QP ) );
ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->DQ ) );
ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->DP ) );
ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->Q ) );
ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->P ) );
ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->D ) );
ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->E ) );
ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->N ) );
ASN1_CHK_ADD( len, asn1_write_int( &c, buf, 0 ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &c, buf, &rsa->QP ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &c, buf, &rsa->DQ ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &c, buf, &rsa->DP ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &c, buf, &rsa->Q ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &c, buf, &rsa->P ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &c, buf, &rsa->D ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &c, buf, &rsa->E ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &c, buf, &rsa->N ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_int( &c, buf, 0 ) );
ASN1_CHK_ADD( len, asn1_write_len( &c, buf, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( &c, buf, ASN1_CONSTRUCTED |
ASN1_SEQUENCE ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_CONSTRUCTED |
MBEDTLS_ASN1_SEQUENCE ) );
}
else
#endif /* POLARSSL_RSA_C */
#if defined(POLARSSL_ECP_C)
if( pk_get_type( key ) == POLARSSL_PK_ECKEY )
#endif /* MBEDTLS_RSA_C */
#if defined(MBEDTLS_ECP_C)
if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_ECKEY )
{
ecp_keypair *ec = pk_ec( *key );
mbedtls_ecp_keypair *ec = mbedtls_pk_ec( *key );
size_t pub_len = 0, par_len = 0;
/*
@ -242,48 +242,48 @@ int pk_write_key_der( pk_context *key, unsigned char *buf, size_t size )
*/
/* publicKey */
ASN1_CHK_ADD( pub_len, pk_write_ec_pubkey( &c, buf, ec ) );
MBEDTLS_ASN1_CHK_ADD( pub_len, pk_write_ec_pubkey( &c, buf, ec ) );
if( c - buf < 1 )
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
*--c = 0;
pub_len += 1;
ASN1_CHK_ADD( pub_len, asn1_write_len( &c, buf, pub_len ) );
ASN1_CHK_ADD( pub_len, asn1_write_tag( &c, buf, ASN1_BIT_STRING ) );
MBEDTLS_ASN1_CHK_ADD( pub_len, mbedtls_asn1_write_len( &c, buf, pub_len ) );
MBEDTLS_ASN1_CHK_ADD( pub_len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_BIT_STRING ) );
ASN1_CHK_ADD( pub_len, asn1_write_len( &c, buf, pub_len ) );
ASN1_CHK_ADD( pub_len, asn1_write_tag( &c, buf,
ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 1 ) );
MBEDTLS_ASN1_CHK_ADD( pub_len, mbedtls_asn1_write_len( &c, buf, pub_len ) );
MBEDTLS_ASN1_CHK_ADD( pub_len, mbedtls_asn1_write_tag( &c, buf,
MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 1 ) );
len += pub_len;
/* parameters */
ASN1_CHK_ADD( par_len, pk_write_ec_param( &c, buf, ec ) );
MBEDTLS_ASN1_CHK_ADD( par_len, pk_write_ec_param( &c, buf, ec ) );
ASN1_CHK_ADD( par_len, asn1_write_len( &c, buf, par_len ) );
ASN1_CHK_ADD( par_len, asn1_write_tag( &c, buf,
ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 0 ) );
MBEDTLS_ASN1_CHK_ADD( par_len, mbedtls_asn1_write_len( &c, buf, par_len ) );
MBEDTLS_ASN1_CHK_ADD( par_len, mbedtls_asn1_write_tag( &c, buf,
MBEDTLS_ASN1_CONTEXT_SPECIFIC | MBEDTLS_ASN1_CONSTRUCTED | 0 ) );
len += par_len;
/* privateKey: write as MPI then fix tag */
ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &ec->d ) );
*c = ASN1_OCTET_STRING;
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &c, buf, &ec->d ) );
*c = MBEDTLS_ASN1_OCTET_STRING;
/* version */
ASN1_CHK_ADD( len, asn1_write_int( &c, buf, 1 ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_int( &c, buf, 1 ) );
ASN1_CHK_ADD( len, asn1_write_len( &c, buf, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( &c, buf, ASN1_CONSTRUCTED |
ASN1_SEQUENCE ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_CONSTRUCTED |
MBEDTLS_ASN1_SEQUENCE ) );
}
else
#endif /* POLARSSL_ECP_C */
return( POLARSSL_ERR_PK_FEATURE_UNAVAILABLE );
#endif /* MBEDTLS_ECP_C */
return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
return( (int) len );
}
#if defined(POLARSSL_PEM_WRITE_C)
#if defined(MBEDTLS_PEM_WRITE_C)
#define PEM_BEGIN_PUBLIC_KEY "-----BEGIN PUBLIC KEY-----\n"
#define PEM_END_PUBLIC_KEY "-----END PUBLIC KEY-----\n"
@ -297,7 +297,7 @@ int pk_write_key_der( pk_context *key, unsigned char *buf, size_t size )
* Max sizes of key per types. Shown as tag + len (+ content).
*/
#if defined(POLARSSL_RSA_C)
#if defined(MBEDTLS_RSA_C)
/*
* RSA public keys:
* SubjectPublicKeyInfo ::= SEQUENCE { 1 + 3
@ -310,7 +310,7 @@ int pk_write_key_der( pk_context *key, unsigned char *buf, size_t size )
* publicExponent INTEGER -- e 1 + 3 + MPI_MAX + 1
* }
*/
#define RSA_PUB_DER_MAX_BYTES 38 + 2 * POLARSSL_MPI_MAX_SIZE
#define RSA_PUB_DER_MAX_BYTES 38 + 2 * MBEDTLS_MPI_MAX_SIZE
/*
* RSA private keys:
@ -327,19 +327,19 @@ int pk_write_key_der( pk_context *key, unsigned char *buf, size_t size )
* otherPrimeInfos OtherPrimeInfos OPTIONAL 0 (not supported)
* }
*/
#define MPI_MAX_SIZE_2 POLARSSL_MPI_MAX_SIZE / 2 + \
POLARSSL_MPI_MAX_SIZE % 2
#define RSA_PRV_DER_MAX_BYTES 47 + 3 * POLARSSL_MPI_MAX_SIZE \
#define MPI_MAX_SIZE_2 MBEDTLS_MPI_MAX_SIZE / 2 + \
MBEDTLS_MPI_MAX_SIZE % 2
#define RSA_PRV_DER_MAX_BYTES 47 + 3 * MBEDTLS_MPI_MAX_SIZE \
+ 5 * MPI_MAX_SIZE_2
#else /* POLARSSL_RSA_C */
#else /* MBEDTLS_RSA_C */
#define RSA_PUB_DER_MAX_BYTES 0
#define RSA_PRV_DER_MAX_BYTES 0
#endif /* POLARSSL_RSA_C */
#endif /* MBEDTLS_RSA_C */
#if defined(POLARSSL_ECP_C)
#if defined(MBEDTLS_ECP_C)
/*
* EC public keys:
* SubjectPublicKeyInfo ::= SEQUENCE { 1 + 2
@ -351,7 +351,7 @@ int pk_write_key_der( pk_context *key, unsigned char *buf, size_t size )
* + 2 * ECP_MAX (coords) [1]
* }
*/
#define ECP_PUB_DER_MAX_BYTES 30 + 2 * POLARSSL_ECP_MAX_BYTES
#define ECP_PUB_DER_MAX_BYTES 30 + 2 * MBEDTLS_ECP_MAX_BYTES
/*
* EC private keys:
@ -362,33 +362,33 @@ int pk_write_key_der( pk_context *key, unsigned char *buf, size_t size )
* publicKey [1] BIT STRING OPTIONAL 1 + 2 + [1] above
* }
*/
#define ECP_PRV_DER_MAX_BYTES 29 + 3 * POLARSSL_ECP_MAX_BYTES
#define ECP_PRV_DER_MAX_BYTES 29 + 3 * MBEDTLS_ECP_MAX_BYTES
#else /* POLARSSL_ECP_C */
#else /* MBEDTLS_ECP_C */
#define ECP_PUB_DER_MAX_BYTES 0
#define ECP_PRV_DER_MAX_BYTES 0
#endif /* POLARSSL_ECP_C */
#endif /* MBEDTLS_ECP_C */
#define PUB_DER_MAX_BYTES RSA_PUB_DER_MAX_BYTES > ECP_PUB_DER_MAX_BYTES ? \
RSA_PUB_DER_MAX_BYTES : ECP_PUB_DER_MAX_BYTES
#define PRV_DER_MAX_BYTES RSA_PRV_DER_MAX_BYTES > ECP_PRV_DER_MAX_BYTES ? \
RSA_PRV_DER_MAX_BYTES : ECP_PRV_DER_MAX_BYTES
int pk_write_pubkey_pem( pk_context *key, unsigned char *buf, size_t size )
int mbedtls_pk_write_pubkey_pem( mbedtls_pk_context *key, unsigned char *buf, size_t size )
{
int ret;
unsigned char output_buf[PUB_DER_MAX_BYTES];
size_t olen = 0;
if( ( ret = pk_write_pubkey_der( key, output_buf,
if( ( ret = mbedtls_pk_write_pubkey_der( key, output_buf,
sizeof(output_buf) ) ) < 0 )
{
return( ret );
}
if( ( ret = pem_write_buffer( PEM_BEGIN_PUBLIC_KEY, PEM_END_PUBLIC_KEY,
if( ( ret = mbedtls_pem_write_buffer( PEM_BEGIN_PUBLIC_KEY, PEM_END_PUBLIC_KEY,
output_buf + sizeof(output_buf) - ret,
ret, buf, size, &olen ) ) != 0 )
{
@ -398,35 +398,35 @@ int pk_write_pubkey_pem( pk_context *key, unsigned char *buf, size_t size )
return( 0 );
}
int pk_write_key_pem( pk_context *key, unsigned char *buf, size_t size )
int mbedtls_pk_write_key_pem( mbedtls_pk_context *key, unsigned char *buf, size_t size )
{
int ret;
unsigned char output_buf[PRV_DER_MAX_BYTES];
const char *begin, *end;
size_t olen = 0;
if( ( ret = pk_write_key_der( key, output_buf, sizeof(output_buf) ) ) < 0 )
if( ( ret = mbedtls_pk_write_key_der( key, output_buf, sizeof(output_buf) ) ) < 0 )
return( ret );
#if defined(POLARSSL_RSA_C)
if( pk_get_type( key ) == POLARSSL_PK_RSA )
#if defined(MBEDTLS_RSA_C)
if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_RSA )
{
begin = PEM_BEGIN_PRIVATE_KEY_RSA;
end = PEM_END_PRIVATE_KEY_RSA;
}
else
#endif
#if defined(POLARSSL_ECP_C)
if( pk_get_type( key ) == POLARSSL_PK_ECKEY )
#if defined(MBEDTLS_ECP_C)
if( mbedtls_pk_get_type( key ) == MBEDTLS_PK_ECKEY )
{
begin = PEM_BEGIN_PRIVATE_KEY_EC;
end = PEM_END_PRIVATE_KEY_EC;
}
else
#endif
return( POLARSSL_ERR_PK_FEATURE_UNAVAILABLE );
return( MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE );
if( ( ret = pem_write_buffer( begin, end,
if( ( ret = mbedtls_pem_write_buffer( begin, end,
output_buf + sizeof(output_buf) - ret,
ret, buf, size, &olen ) ) != 0 )
{
@ -435,6 +435,6 @@ int pk_write_key_pem( pk_context *key, unsigned char *buf, size_t size )
return( 0 );
}
#endif /* POLARSSL_PEM_WRITE_C */
#endif /* MBEDTLS_PEM_WRITE_C */
#endif /* POLARSSL_PK_WRITE_C */
#endif /* MBEDTLS_PK_WRITE_C */

102
library/platform.c
View File

@ -20,50 +20,50 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_PLATFORM_C)
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#if defined(POLARSSL_PLATFORM_MEMORY)
#if !defined(POLARSSL_PLATFORM_STD_MALLOC)
#if defined(MBEDTLS_PLATFORM_MEMORY)
#if !defined(MBEDTLS_PLATFORM_STD_MALLOC)
static void *platform_malloc_uninit( size_t len )
{
((void) len);
return( NULL );
}
#define POLARSSL_PLATFORM_STD_MALLOC platform_malloc_uninit
#endif /* !POLARSSL_PLATFORM_STD_MALLOC */
#define MBEDTLS_PLATFORM_STD_MALLOC platform_malloc_uninit
#endif /* !MBEDTLS_PLATFORM_STD_MALLOC */
#if !defined(POLARSSL_PLATFORM_STD_FREE)
#if !defined(MBEDTLS_PLATFORM_STD_FREE)
static void platform_free_uninit( void *ptr )
{
((void) ptr);
}
#define POLARSSL_PLATFORM_STD_FREE platform_free_uninit
#endif /* !POLARSSL_PLATFORM_STD_FREE */
#define MBEDTLS_PLATFORM_STD_FREE platform_free_uninit
#endif /* !MBEDTLS_PLATFORM_STD_FREE */
void * (*polarssl_malloc)( size_t ) = POLARSSL_PLATFORM_STD_MALLOC;
void (*polarssl_free)( void * ) = POLARSSL_PLATFORM_STD_FREE;
void * (*mbedtls_malloc)( size_t ) = MBEDTLS_PLATFORM_STD_MALLOC;
void (*mbedtls_free)( void * ) = MBEDTLS_PLATFORM_STD_FREE;
int platform_set_malloc_free( void * (*malloc_func)( size_t ),
int mbedtls_platform_set_malloc_free( void * (*malloc_func)( size_t ),
void (*free_func)( void * ) )
{
polarssl_malloc = malloc_func;
polarssl_free = free_func;
mbedtls_malloc = malloc_func;
mbedtls_free = free_func;
return( 0 );
}
#endif /* POLARSSL_PLATFORM_MEMORY */
#endif /* MBEDTLS_PLATFORM_MEMORY */
#if defined(POLARSSL_PLATFORM_SNPRINTF_ALT)
#if !defined(POLARSSL_PLATFORM_STD_SNPRINTF)
#if defined(MBEDTLS_PLATFORM_SNPRINTF_ALT)
#if !defined(MBEDTLS_PLATFORM_STD_SNPRINTF)
/*
* Make dummy function to prevent NULL pointer dereferences
*/
@ -76,24 +76,24 @@ static int platform_snprintf_uninit( char * s, size_t n,
return( 0 );
}
#define POLARSSL_PLATFORM_STD_SNPRINTF platform_snprintf_uninit
#endif /* !POLARSSL_PLATFORM_STD_SNPRINTF */
#define MBEDTLS_PLATFORM_STD_SNPRINTF platform_snprintf_uninit
#endif /* !MBEDTLS_PLATFORM_STD_SNPRINTF */
int (*polarssl_snprintf)( char * s, size_t n,
int (*mbedtls_snprintf)( char * s, size_t n,
const char * format,
... ) = POLARSSL_PLATFORM_STD_SNPRINTF;
... ) = MBEDTLS_PLATFORM_STD_SNPRINTF;
int platform_set_snprintf( int (*snprintf_func)( char * s, size_t n,
int mbedtls_platform_set_snprintf( int (*snprintf_func)( char * s, size_t n,
const char * format,
... ) )
{
polarssl_snprintf = snprintf_func;
mbedtls_snprintf = snprintf_func;
return( 0 );
}
#endif /* POLARSSL_PLATFORM_SNPRINTF_ALT */
#endif /* MBEDTLS_PLATFORM_SNPRINTF_ALT */
#if defined(POLARSSL_PLATFORM_PRINTF_ALT)
#if !defined(POLARSSL_PLATFORM_STD_PRINTF)
#if defined(MBEDTLS_PLATFORM_PRINTF_ALT)
#if !defined(MBEDTLS_PLATFORM_STD_PRINTF)
/*
* Make dummy function to prevent NULL pointer dereferences
*/
@ -103,20 +103,20 @@ static int platform_printf_uninit( const char *format, ... )
return( 0 );
}
#define POLARSSL_PLATFORM_STD_PRINTF platform_printf_uninit
#endif /* !POLARSSL_PLATFORM_STD_PRINTF */
#define MBEDTLS_PLATFORM_STD_PRINTF platform_printf_uninit
#endif /* !MBEDTLS_PLATFORM_STD_PRINTF */
int (*polarssl_printf)( const char *, ... ) = POLARSSL_PLATFORM_STD_PRINTF;
int (*mbedtls_printf)( const char *, ... ) = MBEDTLS_PLATFORM_STD_PRINTF;
int platform_set_printf( int (*printf_func)( const char *, ... ) )
int mbedtls_platform_set_printf( int (*printf_func)( const char *, ... ) )
{
polarssl_printf = printf_func;
mbedtls_printf = printf_func;
return( 0 );
}
#endif /* POLARSSL_PLATFORM_PRINTF_ALT */
#endif /* MBEDTLS_PLATFORM_PRINTF_ALT */
#if defined(POLARSSL_PLATFORM_FPRINTF_ALT)
#if !defined(POLARSSL_PLATFORM_STD_FPRINTF)
#if defined(MBEDTLS_PLATFORM_FPRINTF_ALT)
#if !defined(MBEDTLS_PLATFORM_STD_FPRINTF)
/*
* Make dummy function to prevent NULL pointer dereferences
*/
@ -127,21 +127,21 @@ static int platform_fprintf_uninit( FILE *stream, const char *format, ... )
return( 0 );
}
#define POLARSSL_PLATFORM_STD_FPRINTF platform_fprintf_uninit
#endif /* !POLARSSL_PLATFORM_STD_FPRINTF */
#define MBEDTLS_PLATFORM_STD_FPRINTF platform_fprintf_uninit
#endif /* !MBEDTLS_PLATFORM_STD_FPRINTF */
int (*polarssl_fprintf)( FILE *, const char *, ... ) =
POLARSSL_PLATFORM_STD_FPRINTF;
int (*mbedtls_fprintf)( FILE *, const char *, ... ) =
MBEDTLS_PLATFORM_STD_FPRINTF;
int platform_set_fprintf( int (*fprintf_func)( FILE *, const char *, ... ) )
int mbedtls_platform_set_fprintf( int (*fprintf_func)( FILE *, const char *, ... ) )
{
polarssl_fprintf = fprintf_func;
mbedtls_fprintf = fprintf_func;
return( 0 );
}
#endif /* POLARSSL_PLATFORM_FPRINTF_ALT */
#endif /* MBEDTLS_PLATFORM_FPRINTF_ALT */
#if defined(POLARSSL_PLATFORM_EXIT_ALT)
#if !defined(POLARSSL_PLATFORM_STD_EXIT)
#if defined(MBEDTLS_PLATFORM_EXIT_ALT)
#if !defined(MBEDTLS_PLATFORM_STD_EXIT)
/*
* Make dummy function to prevent NULL pointer dereferences
*/
@ -151,16 +151,16 @@ static void platform_exit_uninit( int status )
return( 0 );
}
#define POLARSSL_PLATFORM_STD_EXIT platform_exit_uninit
#endif /* !POLARSSL_PLATFORM_STD_EXIT */
#define MBEDTLS_PLATFORM_STD_EXIT platform_exit_uninit
#endif /* !MBEDTLS_PLATFORM_STD_EXIT */
int (*polarssl_exit)( int status ) = POLARSSL_PLATFORM_STD_EXIT;
int (*mbedtls_exit)( int status ) = MBEDTLS_PLATFORM_STD_EXIT;
int platform_set_exit( void (*exit_func)( int status ) )
int mbedtls_platform_set_exit( void (*exit_func)( int status ) )
{
polarssl_exit = exit_func;
mbedtls_exit = exit_func;
return( 0 );
}
#endif /* POLARSSL_PLATFORM_EXIT_ALT */
#endif /* MBEDTLS_PLATFORM_EXIT_ALT */
#endif /* POLARSSL_PLATFORM_C */
#endif /* MBEDTLS_PLATFORM_C */

104
library/ripemd160.c
View File

@ -22,34 +22,34 @@
/*
* The RIPEMD-160 algorithm was designed by RIPE in 1996
* http://homes.esat.kuleuven.be/~bosselae/ripemd160.html
* http://homes.esat.kuleuven.be/~bosselae/mbedtls_ripemd160.html
* http://ehash.iaik.tugraz.at/wiki/RIPEMD-160
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_RIPEMD160_C)
#if defined(MBEDTLS_RIPEMD160_C)
#include "mbedtls/ripemd160.h"
#include <string.h>
#if defined(POLARSSL_FS_IO)
#if defined(MBEDTLS_FS_IO)
#include <stdio.h>
#endif
#if defined(POLARSSL_SELF_TEST)
#if defined(POLARSSL_PLATFORM_C)
#if defined(MBEDTLS_SELF_TEST)
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#include <stdio.h>
#define polarssl_printf printf
#endif /* POLARSSL_PLATFORM_C */
#endif /* POLARSSL_SELF_TEST */
#define mbedtls_printf printf
#endif /* MBEDTLS_PLATFORM_C */
#endif /* MBEDTLS_SELF_TEST */
/*
* 32-bit integer manipulation macros (little endian)
@ -75,27 +75,27 @@
#endif
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
void ripemd160_init( ripemd160_context *ctx )
void mbedtls_ripemd160_init( mbedtls_ripemd160_context *ctx )
{
memset( ctx, 0, sizeof( ripemd160_context ) );
memset( ctx, 0, sizeof( mbedtls_ripemd160_context ) );
}
void ripemd160_free( ripemd160_context *ctx )
void mbedtls_ripemd160_free( mbedtls_ripemd160_context *ctx )
{
if( ctx == NULL )
return;
polarssl_zeroize( ctx, sizeof( ripemd160_context ) );
mbedtls_zeroize( ctx, sizeof( mbedtls_ripemd160_context ) );
}
/*
* RIPEMD-160 context setup
*/
void ripemd160_starts( ripemd160_context *ctx )
void mbedtls_ripemd160_starts( mbedtls_ripemd160_context *ctx )
{
ctx->total[0] = 0;
ctx->total[1] = 0;
@ -107,11 +107,11 @@ void ripemd160_starts( ripemd160_context *ctx )
ctx->state[4] = 0xC3D2E1F0;
}
#if !defined(POLARSSL_RIPEMD160_PROCESS_ALT)
#if !defined(MBEDTLS_RIPEMD160_PROCESS_ALT)
/*
* Process one block
*/
void ripemd160_process( ripemd160_context *ctx, const unsigned char data[64] )
void mbedtls_ripemd160_process( mbedtls_ripemd160_context *ctx, const unsigned char data[64] )
{
uint32_t A, B, C, D, E, Ap, Bp, Cp, Dp, Ep, X[16];
@ -287,12 +287,12 @@ void ripemd160_process( ripemd160_context *ctx, const unsigned char data[64] )
ctx->state[4] = ctx->state[0] + B + Cp;
ctx->state[0] = C;
}
#endif /* !POLARSSL_RIPEMD160_PROCESS_ALT */
#endif /* !MBEDTLS_RIPEMD160_PROCESS_ALT */
/*
* RIPEMD-160 process buffer
*/
void ripemd160_update( ripemd160_context *ctx,
void mbedtls_ripemd160_update( mbedtls_ripemd160_context *ctx,
const unsigned char *input, size_t ilen )
{
size_t fill;
@ -313,7 +313,7 @@ void ripemd160_update( ripemd160_context *ctx,
if( left && ilen >= fill )
{
memcpy( (void *) (ctx->buffer + left), input, fill );
ripemd160_process( ctx, ctx->buffer );
mbedtls_ripemd160_process( ctx, ctx->buffer );
input += fill;
ilen -= fill;
left = 0;
@ -321,7 +321,7 @@ void ripemd160_update( ripemd160_context *ctx,
while( ilen >= 64 )
{
ripemd160_process( ctx, input );
mbedtls_ripemd160_process( ctx, input );
input += 64;
ilen -= 64;
}
@ -343,7 +343,7 @@ static const unsigned char ripemd160_padding[64] =
/*
* RIPEMD-160 final digest
*/
void ripemd160_finish( ripemd160_context *ctx, unsigned char output[20] )
void mbedtls_ripemd160_finish( mbedtls_ripemd160_context *ctx, unsigned char output[20] )
{
uint32_t last, padn;
uint32_t high, low;
@ -359,8 +359,8 @@ void ripemd160_finish( ripemd160_context *ctx, unsigned char output[20] )
last = ctx->total[0] & 0x3F;
padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
ripemd160_update( ctx, ripemd160_padding, padn );
ripemd160_update( ctx, msglen, 8 );
mbedtls_ripemd160_update( ctx, ripemd160_padding, padn );
mbedtls_ripemd160_update( ctx, msglen, 8 );
PUT_UINT32_LE( ctx->state[0], output, 0 );
PUT_UINT32_LE( ctx->state[1], output, 4 );
@ -372,56 +372,56 @@ void ripemd160_finish( ripemd160_context *ctx, unsigned char output[20] )
/*
* output = RIPEMD-160( input buffer )
*/
void ripemd160( const unsigned char *input, size_t ilen,
void mbedtls_ripemd160( const unsigned char *input, size_t ilen,
unsigned char output[20] )
{
ripemd160_context ctx;
mbedtls_ripemd160_context ctx;
ripemd160_init( &ctx );
ripemd160_starts( &ctx );
ripemd160_update( &ctx, input, ilen );
ripemd160_finish( &ctx, output );
ripemd160_free( &ctx );
mbedtls_ripemd160_init( &ctx );
mbedtls_ripemd160_starts( &ctx );
mbedtls_ripemd160_update( &ctx, input, ilen );
mbedtls_ripemd160_finish( &ctx, output );
mbedtls_ripemd160_free( &ctx );
}
#if defined(POLARSSL_FS_IO)
#if defined(MBEDTLS_FS_IO)
/*
* output = RIPEMD-160( file contents )
*/
int ripemd160_file( const char *path, unsigned char output[20] )
int mbedtls_ripemd160_file( const char *path, unsigned char output[20] )
{
FILE *f;
size_t n;
ripemd160_context ctx;
mbedtls_ripemd160_context ctx;
unsigned char buf[1024];
if( ( f = fopen( path, "rb" ) ) == NULL )
return( POLARSSL_ERR_RIPEMD160_FILE_IO_ERROR );
return( MBEDTLS_ERR_RIPEMD160_FILE_IO_ERROR );
ripemd160_init( &ctx );
ripemd160_starts( &ctx );
mbedtls_ripemd160_init( &ctx );
mbedtls_ripemd160_starts( &ctx );
while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
ripemd160_update( &ctx, buf, n );
mbedtls_ripemd160_update( &ctx, buf, n );
ripemd160_finish( &ctx, output );
ripemd160_free( &ctx );
mbedtls_ripemd160_finish( &ctx, output );
mbedtls_ripemd160_free( &ctx );
if( ferror( f ) != 0 )
{
fclose( f );
return( POLARSSL_ERR_RIPEMD160_FILE_IO_ERROR );
return( MBEDTLS_ERR_RIPEMD160_FILE_IO_ERROR );
}
fclose( f );
return( 0 );
}
#endif /* POLARSSL_FS_IO */
#endif /* MBEDTLS_FS_IO */
#if defined(POLARSSL_SELF_TEST)
#if defined(MBEDTLS_SELF_TEST)
/*
* Test vectors from the RIPEMD-160 paper and
* http://homes.esat.kuleuven.be/~bosselae/ripemd160.html#HMAC
* http://homes.esat.kuleuven.be/~bosselae/mbedtls_ripemd160.html#HMAC
*/
#define TESTS 8
#define KEYS 2
@ -461,7 +461,7 @@ static const unsigned char ripemd160_test_md[TESTS][20] =
/*
* Checkup routine
*/
int ripemd160_self_test( int verbose )
int mbedtls_ripemd160_self_test( int verbose )
{
int i;
unsigned char output[20];
@ -471,27 +471,27 @@ int ripemd160_self_test( int verbose )
for( i = 0; i < TESTS; i++ )
{
if( verbose != 0 )
polarssl_printf( " RIPEMD-160 test #%d: ", i + 1 );
mbedtls_printf( " RIPEMD-160 test #%d: ", i + 1 );
ripemd160( (const unsigned char *) ripemd160_test_input[i],
mbedtls_ripemd160( (const unsigned char *) ripemd160_test_input[i],
strlen( ripemd160_test_input[i] ),
output );
if( memcmp( output, ripemd160_test_md[i], 20 ) != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
mbedtls_printf( "failed\n" );
return( 1 );
}
if( verbose != 0 )
polarssl_printf( "passed\n" );
mbedtls_printf( "passed\n" );
}
return( 0 );
}
#endif /* POLARSSL_SELF_TEST */
#endif /* MBEDTLS_SELF_TEST */
#endif /* POLARSSL_RIPEMD160_C */
#endif /* MBEDTLS_RIPEMD160_C */

956
library/rsa.c
View File

File diff suppressed because it is too large Load Diff

118
library/sha1.c
View File

@ -25,37 +25,37 @@
* http://www.itl.nist.gov/fipspubs/fip180-1.htm
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_SHA1_C)
#if defined(MBEDTLS_SHA1_C)
#include "mbedtls/sha1.h"
#include <string.h>
#if defined(POLARSSL_FS_IO)
#if defined(MBEDTLS_FS_IO)
#include <stdio.h>
#endif
#if defined(POLARSSL_SELF_TEST)
#if defined(POLARSSL_PLATFORM_C)
#if defined(MBEDTLS_SELF_TEST)
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#include <stdio.h>
#define polarssl_printf printf
#endif /* POLARSSL_PLATFORM_C */
#endif /* POLARSSL_SELF_TEST */
#define mbedtls_printf printf
#endif /* MBEDTLS_PLATFORM_C */
#endif /* MBEDTLS_SELF_TEST */
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
#if !defined(POLARSSL_SHA1_ALT)
#if !defined(MBEDTLS_SHA1_ALT)
/*
* 32-bit integer manipulation macros (big endian)
@ -80,23 +80,23 @@ static void polarssl_zeroize( void *v, size_t n ) {
}
#endif
void sha1_init( sha1_context *ctx )
void mbedtls_sha1_init( mbedtls_sha1_context *ctx )
{
memset( ctx, 0, sizeof( sha1_context ) );
memset( ctx, 0, sizeof( mbedtls_sha1_context ) );
}
void sha1_free( sha1_context *ctx )
void mbedtls_sha1_free( mbedtls_sha1_context *ctx )
{
if( ctx == NULL )
return;
polarssl_zeroize( ctx, sizeof( sha1_context ) );
mbedtls_zeroize( ctx, sizeof( mbedtls_sha1_context ) );
}
/*
* SHA-1 context setup
*/
void sha1_starts( sha1_context *ctx )
void mbedtls_sha1_starts( mbedtls_sha1_context *ctx )
{
ctx->total[0] = 0;
ctx->total[1] = 0;
@ -108,8 +108,8 @@ void sha1_starts( sha1_context *ctx )
ctx->state[4] = 0xC3D2E1F0;
}
#if !defined(POLARSSL_SHA1_PROCESS_ALT)
void sha1_process( sha1_context *ctx, const unsigned char data[64] )
#if !defined(MBEDTLS_SHA1_PROCESS_ALT)
void mbedtls_sha1_process( mbedtls_sha1_context *ctx, const unsigned char data[64] )
{
uint32_t temp, W[16], A, B, C, D, E;
@ -264,12 +264,12 @@ void sha1_process( sha1_context *ctx, const unsigned char data[64] )
ctx->state[3] += D;
ctx->state[4] += E;
}
#endif /* !POLARSSL_SHA1_PROCESS_ALT */
#endif /* !MBEDTLS_SHA1_PROCESS_ALT */
/*
* SHA-1 process buffer
*/
void sha1_update( sha1_context *ctx, const unsigned char *input, size_t ilen )
void mbedtls_sha1_update( mbedtls_sha1_context *ctx, const unsigned char *input, size_t ilen )
{
size_t fill;
uint32_t left;
@ -289,7 +289,7 @@ void sha1_update( sha1_context *ctx, const unsigned char *input, size_t ilen )
if( left && ilen >= fill )
{
memcpy( (void *) (ctx->buffer + left), input, fill );
sha1_process( ctx, ctx->buffer );
mbedtls_sha1_process( ctx, ctx->buffer );
input += fill;
ilen -= fill;
left = 0;
@ -297,7 +297,7 @@ void sha1_update( sha1_context *ctx, const unsigned char *input, size_t ilen )
while( ilen >= 64 )
{
sha1_process( ctx, input );
mbedtls_sha1_process( ctx, input );
input += 64;
ilen -= 64;
}
@ -317,7 +317,7 @@ static const unsigned char sha1_padding[64] =
/*
* SHA-1 final digest
*/
void sha1_finish( sha1_context *ctx, unsigned char output[20] )
void mbedtls_sha1_finish( mbedtls_sha1_context *ctx, unsigned char output[20] )
{
uint32_t last, padn;
uint32_t high, low;
@ -333,8 +333,8 @@ void sha1_finish( sha1_context *ctx, unsigned char output[20] )
last = ctx->total[0] & 0x3F;
padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
sha1_update( ctx, sha1_padding, padn );
sha1_update( ctx, msglen, 8 );
mbedtls_sha1_update( ctx, sha1_padding, padn );
mbedtls_sha1_update( ctx, msglen, 8 );
PUT_UINT32_BE( ctx->state[0], output, 0 );
PUT_UINT32_BE( ctx->state[1], output, 4 );
@ -343,57 +343,57 @@ void sha1_finish( sha1_context *ctx, unsigned char output[20] )
PUT_UINT32_BE( ctx->state[4], output, 16 );
}
#endif /* !POLARSSL_SHA1_ALT */
#endif /* !MBEDTLS_SHA1_ALT */
/*
* output = SHA-1( input buffer )
*/
void sha1( const unsigned char *input, size_t ilen, unsigned char output[20] )
void mbedtls_sha1( const unsigned char *input, size_t ilen, unsigned char output[20] )
{
sha1_context ctx;
mbedtls_sha1_context ctx;
sha1_init( &ctx );
sha1_starts( &ctx );
sha1_update( &ctx, input, ilen );
sha1_finish( &ctx, output );
sha1_free( &ctx );
mbedtls_sha1_init( &ctx );
mbedtls_sha1_starts( &ctx );
mbedtls_sha1_update( &ctx, input, ilen );
mbedtls_sha1_finish( &ctx, output );
mbedtls_sha1_free( &ctx );
}
#if defined(POLARSSL_FS_IO)
#if defined(MBEDTLS_FS_IO)
/*
* output = SHA-1( file contents )
*/
int sha1_file( const char *path, unsigned char output[20] )
int mbedtls_sha1_file( const char *path, unsigned char output[20] )
{
FILE *f;
size_t n;
sha1_context ctx;
mbedtls_sha1_context ctx;
unsigned char buf[1024];
if( ( f = fopen( path, "rb" ) ) == NULL )
return( POLARSSL_ERR_SHA1_FILE_IO_ERROR );
return( MBEDTLS_ERR_SHA1_FILE_IO_ERROR );
sha1_init( &ctx );
sha1_starts( &ctx );
mbedtls_sha1_init( &ctx );
mbedtls_sha1_starts( &ctx );
while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
sha1_update( &ctx, buf, n );
mbedtls_sha1_update( &ctx, buf, n );
sha1_finish( &ctx, output );
sha1_free( &ctx );
mbedtls_sha1_finish( &ctx, output );
mbedtls_sha1_free( &ctx );
if( ferror( f ) != 0 )
{
fclose( f );
return( POLARSSL_ERR_SHA1_FILE_IO_ERROR );
return( MBEDTLS_ERR_SHA1_FILE_IO_ERROR );
}
fclose( f );
return( 0 );
}
#endif /* POLARSSL_FS_IO */
#endif /* MBEDTLS_FS_IO */
#if defined(POLARSSL_SELF_TEST)
#if defined(MBEDTLS_SELF_TEST)
/*
* FIPS-180-1 test vectors
*/
@ -422,14 +422,14 @@ static const unsigned char sha1_test_sum[3][20] =
/*
* Checkup routine
*/
int sha1_self_test( int verbose )
int mbedtls_sha1_self_test( int verbose )
{
int i, j, buflen, ret = 0;
unsigned char buf[1024];
unsigned char sha1sum[20];
sha1_context ctx;
mbedtls_sha1_context ctx;
sha1_init( &ctx );
mbedtls_sha1_init( &ctx );
/*
* SHA-1
@ -437,45 +437,45 @@ int sha1_self_test( int verbose )
for( i = 0; i < 3; i++ )
{
if( verbose != 0 )
polarssl_printf( " SHA-1 test #%d: ", i + 1 );
mbedtls_printf( " SHA-1 test #%d: ", i + 1 );
sha1_starts( &ctx );
mbedtls_sha1_starts( &ctx );
if( i == 2 )
{
memset( buf, 'a', buflen = 1000 );
for( j = 0; j < 1000; j++ )
sha1_update( &ctx, buf, buflen );
mbedtls_sha1_update( &ctx, buf, buflen );
}
else
sha1_update( &ctx, sha1_test_buf[i],
mbedtls_sha1_update( &ctx, sha1_test_buf[i],
sha1_test_buflen[i] );
sha1_finish( &ctx, sha1sum );
mbedtls_sha1_finish( &ctx, sha1sum );
if( memcmp( sha1sum, sha1_test_sum[i], 20 ) != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
mbedtls_printf( "failed\n" );
ret = 1;
goto exit;
}
if( verbose != 0 )
polarssl_printf( "passed\n" );
mbedtls_printf( "passed\n" );
}
if( verbose != 0 )
polarssl_printf( "\n" );
mbedtls_printf( "\n" );
exit:
sha1_free( &ctx );
mbedtls_sha1_free( &ctx );
return( ret );
}
#endif /* POLARSSL_SELF_TEST */
#endif /* MBEDTLS_SELF_TEST */
#endif /* POLARSSL_SHA1_C */
#endif /* MBEDTLS_SHA1_C */

118
library/sha256.c
View File

@ -25,37 +25,37 @@
* http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_SHA256_C)
#if defined(MBEDTLS_SHA256_C)
#include "mbedtls/sha256.h"
#include <string.h>
#if defined(POLARSSL_FS_IO)
#if defined(MBEDTLS_FS_IO)
#include <stdio.h>
#endif
#if defined(POLARSSL_SELF_TEST)
#if defined(POLARSSL_PLATFORM_C)
#if defined(MBEDTLS_SELF_TEST)
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#include <stdio.h>
#define polarssl_printf printf
#endif /* POLARSSL_PLATFORM_C */
#endif /* POLARSSL_SELF_TEST */
#define mbedtls_printf printf
#endif /* MBEDTLS_PLATFORM_C */
#endif /* MBEDTLS_SELF_TEST */
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
#if !defined(POLARSSL_SHA256_ALT)
#if !defined(MBEDTLS_SHA256_ALT)
/*
* 32-bit integer manipulation macros (big endian)
@ -80,23 +80,23 @@ static void polarssl_zeroize( void *v, size_t n ) {
}
#endif
void sha256_init( sha256_context *ctx )
void mbedtls_sha256_init( mbedtls_sha256_context *ctx )
{
memset( ctx, 0, sizeof( sha256_context ) );
memset( ctx, 0, sizeof( mbedtls_sha256_context ) );
}
void sha256_free( sha256_context *ctx )
void mbedtls_sha256_free( mbedtls_sha256_context *ctx )
{
if( ctx == NULL )
return;
polarssl_zeroize( ctx, sizeof( sha256_context ) );
mbedtls_zeroize( ctx, sizeof( mbedtls_sha256_context ) );
}
/*
* SHA-256 context setup
*/
void sha256_starts( sha256_context *ctx, int is224 )
void mbedtls_sha256_starts( mbedtls_sha256_context *ctx, int is224 )
{
ctx->total[0] = 0;
ctx->total[1] = 0;
@ -129,8 +129,8 @@ void sha256_starts( sha256_context *ctx, int is224 )
ctx->is224 = is224;
}
#if !defined(POLARSSL_SHA256_PROCESS_ALT)
void sha256_process( sha256_context *ctx, const unsigned char data[64] )
#if !defined(MBEDTLS_SHA256_PROCESS_ALT)
void mbedtls_sha256_process( mbedtls_sha256_context *ctx, const unsigned char data[64] )
{
uint32_t temp1, temp2, W[64];
uint32_t A, B, C, D, E, F, G, H;
@ -260,12 +260,12 @@ void sha256_process( sha256_context *ctx, const unsigned char data[64] )
ctx->state[6] += G;
ctx->state[7] += H;
}
#endif /* !POLARSSL_SHA256_PROCESS_ALT */
#endif /* !MBEDTLS_SHA256_PROCESS_ALT */
/*
* SHA-256 process buffer
*/
void sha256_update( sha256_context *ctx, const unsigned char *input,
void mbedtls_sha256_update( mbedtls_sha256_context *ctx, const unsigned char *input,
size_t ilen )
{
size_t fill;
@ -286,7 +286,7 @@ void sha256_update( sha256_context *ctx, const unsigned char *input,
if( left && ilen >= fill )
{
memcpy( (void *) (ctx->buffer + left), input, fill );
sha256_process( ctx, ctx->buffer );
mbedtls_sha256_process( ctx, ctx->buffer );
input += fill;
ilen -= fill;
left = 0;
@ -294,7 +294,7 @@ void sha256_update( sha256_context *ctx, const unsigned char *input,
while( ilen >= 64 )
{
sha256_process( ctx, input );
mbedtls_sha256_process( ctx, input );
input += 64;
ilen -= 64;
}
@ -314,7 +314,7 @@ static const unsigned char sha256_padding[64] =
/*
* SHA-256 final digest
*/
void sha256_finish( sha256_context *ctx, unsigned char output[32] )
void mbedtls_sha256_finish( mbedtls_sha256_context *ctx, unsigned char output[32] )
{
uint32_t last, padn;
uint32_t high, low;
@ -330,8 +330,8 @@ void sha256_finish( sha256_context *ctx, unsigned char output[32] )
last = ctx->total[0] & 0x3F;
padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
sha256_update( ctx, sha256_padding, padn );
sha256_update( ctx, msglen, 8 );
mbedtls_sha256_update( ctx, sha256_padding, padn );
mbedtls_sha256_update( ctx, msglen, 8 );
PUT_UINT32_BE( ctx->state[0], output, 0 );
PUT_UINT32_BE( ctx->state[1], output, 4 );
@ -345,58 +345,58 @@ void sha256_finish( sha256_context *ctx, unsigned char output[32] )
PUT_UINT32_BE( ctx->state[7], output, 28 );
}
#endif /* !POLARSSL_SHA256_ALT */
#endif /* !MBEDTLS_SHA256_ALT */
/*
* output = SHA-256( input buffer )
*/
void sha256( const unsigned char *input, size_t ilen,
void mbedtls_sha256( const unsigned char *input, size_t ilen,
unsigned char output[32], int is224 )
{
sha256_context ctx;
mbedtls_sha256_context ctx;
sha256_init( &ctx );
sha256_starts( &ctx, is224 );
sha256_update( &ctx, input, ilen );
sha256_finish( &ctx, output );
sha256_free( &ctx );
mbedtls_sha256_init( &ctx );
mbedtls_sha256_starts( &ctx, is224 );
mbedtls_sha256_update( &ctx, input, ilen );
mbedtls_sha256_finish( &ctx, output );
mbedtls_sha256_free( &ctx );
}
#if defined(POLARSSL_FS_IO)
#if defined(MBEDTLS_FS_IO)
/*
* output = SHA-256( file contents )
*/
int sha256_file( const char *path, unsigned char output[32], int is224 )
int mbedtls_sha256_file( const char *path, unsigned char output[32], int is224 )
{
FILE *f;
size_t n;
sha256_context ctx;
mbedtls_sha256_context ctx;
unsigned char buf[1024];
if( ( f = fopen( path, "rb" ) ) == NULL )
return( POLARSSL_ERR_SHA256_FILE_IO_ERROR );
return( MBEDTLS_ERR_SHA256_FILE_IO_ERROR );
sha256_init( &ctx );
sha256_starts( &ctx, is224 );
mbedtls_sha256_init( &ctx );
mbedtls_sha256_starts( &ctx, is224 );
while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
sha256_update( &ctx, buf, n );
mbedtls_sha256_update( &ctx, buf, n );
sha256_finish( &ctx, output );
sha256_free( &ctx );
mbedtls_sha256_finish( &ctx, output );
mbedtls_sha256_free( &ctx );
if( ferror( f ) != 0 )
{
fclose( f );
return( POLARSSL_ERR_SHA256_FILE_IO_ERROR );
return( MBEDTLS_ERR_SHA256_FILE_IO_ERROR );
}
fclose( f );
return( 0 );
}
#endif /* POLARSSL_FS_IO */
#endif /* MBEDTLS_FS_IO */
#if defined(POLARSSL_SELF_TEST)
#if defined(MBEDTLS_SELF_TEST)
/*
* FIPS-180-2 test vectors
*/
@ -450,14 +450,14 @@ static const unsigned char sha256_test_sum[6][32] =
/*
* Checkup routine
*/
int sha256_self_test( int verbose )
int mbedtls_sha256_self_test( int verbose )
{
int i, j, k, buflen, ret = 0;
unsigned char buf[1024];
unsigned char sha256sum[32];
sha256_context ctx;
mbedtls_sha256_context ctx;
sha256_init( &ctx );
mbedtls_sha256_init( &ctx );
for( i = 0; i < 6; i++ )
{
@ -465,45 +465,45 @@ int sha256_self_test( int verbose )
k = i < 3;
if( verbose != 0 )
polarssl_printf( " SHA-%d test #%d: ", 256 - k * 32, j + 1 );
mbedtls_printf( " SHA-%d test #%d: ", 256 - k * 32, j + 1 );
sha256_starts( &ctx, k );
mbedtls_sha256_starts( &ctx, k );
if( j == 2 )
{
memset( buf, 'a', buflen = 1000 );
for( j = 0; j < 1000; j++ )
sha256_update( &ctx, buf, buflen );
mbedtls_sha256_update( &ctx, buf, buflen );
}
else
sha256_update( &ctx, sha256_test_buf[j],
mbedtls_sha256_update( &ctx, sha256_test_buf[j],
sha256_test_buflen[j] );
sha256_finish( &ctx, sha256sum );
mbedtls_sha256_finish( &ctx, sha256sum );
if( memcmp( sha256sum, sha256_test_sum[i], 32 - k * 4 ) != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
mbedtls_printf( "failed\n" );
ret = 1;
goto exit;
}
if( verbose != 0 )
polarssl_printf( "passed\n" );
mbedtls_printf( "passed\n" );
}
if( verbose != 0 )
polarssl_printf( "\n" );
mbedtls_printf( "\n" );
exit:
sha256_free( &ctx );
mbedtls_sha256_free( &ctx );
return( ret );
}
#endif /* POLARSSL_SELF_TEST */
#endif /* MBEDTLS_SELF_TEST */
#endif /* POLARSSL_SHA256_C */
#endif /* MBEDTLS_SHA256_C */

118
library/sha512.c
View File

@ -25,13 +25,13 @@
* http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_SHA512_C)
#if defined(MBEDTLS_SHA512_C)
#include "mbedtls/sha512.h"
@ -43,25 +43,25 @@
#include <string.h>
#if defined(POLARSSL_FS_IO)
#if defined(MBEDTLS_FS_IO)
#include <stdio.h>
#endif
#if defined(POLARSSL_SELF_TEST)
#if defined(POLARSSL_PLATFORM_C)
#if defined(MBEDTLS_SELF_TEST)
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#include <stdio.h>
#define polarssl_printf printf
#endif /* POLARSSL_PLATFORM_C */
#endif /* POLARSSL_SELF_TEST */
#define mbedtls_printf printf
#endif /* MBEDTLS_PLATFORM_C */
#endif /* MBEDTLS_SELF_TEST */
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
#if !defined(POLARSSL_SHA512_ALT)
#if !defined(MBEDTLS_SHA512_ALT)
/*
* 64-bit integer manipulation macros (big endian)
@ -141,23 +141,23 @@ static const uint64_t K[80] =
UL64(0x5FCB6FAB3AD6FAEC), UL64(0x6C44198C4A475817)
};
void sha512_init( sha512_context *ctx )
void mbedtls_sha512_init( mbedtls_sha512_context *ctx )
{
memset( ctx, 0, sizeof( sha512_context ) );
memset( ctx, 0, sizeof( mbedtls_sha512_context ) );
}
void sha512_free( sha512_context *ctx )
void mbedtls_sha512_free( mbedtls_sha512_context *ctx )
{
if( ctx == NULL )
return;
polarssl_zeroize( ctx, sizeof( sha512_context ) );
mbedtls_zeroize( ctx, sizeof( mbedtls_sha512_context ) );
}
/*
* SHA-512 context setup
*/
void sha512_starts( sha512_context *ctx, int is384 )
void mbedtls_sha512_starts( mbedtls_sha512_context *ctx, int is384 )
{
ctx->total[0] = 0;
ctx->total[1] = 0;
@ -190,8 +190,8 @@ void sha512_starts( sha512_context *ctx, int is384 )
ctx->is384 = is384;
}
#if !defined(POLARSSL_SHA512_PROCESS_ALT)
void sha512_process( sha512_context *ctx, const unsigned char data[128] )
#if !defined(MBEDTLS_SHA512_PROCESS_ALT)
void mbedtls_sha512_process( mbedtls_sha512_context *ctx, const unsigned char data[128] )
{
int i;
uint64_t temp1, temp2, W[80];
@ -259,12 +259,12 @@ void sha512_process( sha512_context *ctx, const unsigned char data[128] )
ctx->state[6] += G;
ctx->state[7] += H;
}
#endif /* !POLARSSL_SHA512_PROCESS_ALT */
#endif /* !MBEDTLS_SHA512_PROCESS_ALT */
/*
* SHA-512 process buffer
*/
void sha512_update( sha512_context *ctx, const unsigned char *input,
void mbedtls_sha512_update( mbedtls_sha512_context *ctx, const unsigned char *input,
size_t ilen )
{
size_t fill;
@ -284,7 +284,7 @@ void sha512_update( sha512_context *ctx, const unsigned char *input,
if( left && ilen >= fill )
{
memcpy( (void *) (ctx->buffer + left), input, fill );
sha512_process( ctx, ctx->buffer );
mbedtls_sha512_process( ctx, ctx->buffer );
input += fill;
ilen -= fill;
left = 0;
@ -292,7 +292,7 @@ void sha512_update( sha512_context *ctx, const unsigned char *input,
while( ilen >= 128 )
{
sha512_process( ctx, input );
mbedtls_sha512_process( ctx, input );
input += 128;
ilen -= 128;
}
@ -316,7 +316,7 @@ static const unsigned char sha512_padding[128] =
/*
* SHA-512 final digest
*/
void sha512_finish( sha512_context *ctx, unsigned char output[64] )
void mbedtls_sha512_finish( mbedtls_sha512_context *ctx, unsigned char output[64] )
{
size_t last, padn;
uint64_t high, low;
@ -332,8 +332,8 @@ void sha512_finish( sha512_context *ctx, unsigned char output[64] )
last = (size_t)( ctx->total[0] & 0x7F );
padn = ( last < 112 ) ? ( 112 - last ) : ( 240 - last );
sha512_update( ctx, sha512_padding, padn );
sha512_update( ctx, msglen, 16 );
mbedtls_sha512_update( ctx, sha512_padding, padn );
mbedtls_sha512_update( ctx, msglen, 16 );
PUT_UINT64_BE( ctx->state[0], output, 0 );
PUT_UINT64_BE( ctx->state[1], output, 8 );
@ -349,58 +349,58 @@ void sha512_finish( sha512_context *ctx, unsigned char output[64] )
}
}
#endif /* !POLARSSL_SHA512_ALT */
#endif /* !MBEDTLS_SHA512_ALT */
/*
* output = SHA-512( input buffer )
*/
void sha512( const unsigned char *input, size_t ilen,
void mbedtls_sha512( const unsigned char *input, size_t ilen,
unsigned char output[64], int is384 )
{
sha512_context ctx;
mbedtls_sha512_context ctx;
sha512_init( &ctx );
sha512_starts( &ctx, is384 );
sha512_update( &ctx, input, ilen );
sha512_finish( &ctx, output );
sha512_free( &ctx );
mbedtls_sha512_init( &ctx );
mbedtls_sha512_starts( &ctx, is384 );
mbedtls_sha512_update( &ctx, input, ilen );
mbedtls_sha512_finish( &ctx, output );
mbedtls_sha512_free( &ctx );
}
#if defined(POLARSSL_FS_IO)
#if defined(MBEDTLS_FS_IO)
/*
* output = SHA-512( file contents )
*/
int sha512_file( const char *path, unsigned char output[64], int is384 )
int mbedtls_sha512_file( const char *path, unsigned char output[64], int is384 )
{
FILE *f;
size_t n;
sha512_context ctx;
mbedtls_sha512_context ctx;
unsigned char buf[1024];
if( ( f = fopen( path, "rb" ) ) == NULL )
return( POLARSSL_ERR_SHA512_FILE_IO_ERROR );
return( MBEDTLS_ERR_SHA512_FILE_IO_ERROR );
sha512_init( &ctx );
sha512_starts( &ctx, is384 );
mbedtls_sha512_init( &ctx );
mbedtls_sha512_starts( &ctx, is384 );
while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
sha512_update( &ctx, buf, n );
mbedtls_sha512_update( &ctx, buf, n );
sha512_finish( &ctx, output );
sha512_free( &ctx );
mbedtls_sha512_finish( &ctx, output );
mbedtls_sha512_free( &ctx );
if( ferror( f ) != 0 )
{
fclose( f );
return( POLARSSL_ERR_SHA512_FILE_IO_ERROR );
return( MBEDTLS_ERR_SHA512_FILE_IO_ERROR );
}
fclose( f );
return( 0 );
}
#endif /* POLARSSL_FS_IO */
#endif /* MBEDTLS_FS_IO */
#if defined(POLARSSL_SELF_TEST)
#if defined(MBEDTLS_SELF_TEST)
/*
* FIPS-180-2 test vectors
@ -474,14 +474,14 @@ static const unsigned char sha512_test_sum[6][64] =
/*
* Checkup routine
*/
int sha512_self_test( int verbose )
int mbedtls_sha512_self_test( int verbose )
{
int i, j, k, buflen, ret = 0;
unsigned char buf[1024];
unsigned char sha512sum[64];
sha512_context ctx;
mbedtls_sha512_context ctx;
sha512_init( &ctx );
mbedtls_sha512_init( &ctx );
for( i = 0; i < 6; i++ )
{
@ -489,45 +489,45 @@ int sha512_self_test( int verbose )
k = i < 3;
if( verbose != 0 )
polarssl_printf( " SHA-%d test #%d: ", 512 - k * 128, j + 1 );
mbedtls_printf( " SHA-%d test #%d: ", 512 - k * 128, j + 1 );
sha512_starts( &ctx, k );
mbedtls_sha512_starts( &ctx, k );
if( j == 2 )
{
memset( buf, 'a', buflen = 1000 );
for( j = 0; j < 1000; j++ )
sha512_update( &ctx, buf, buflen );
mbedtls_sha512_update( &ctx, buf, buflen );
}
else
sha512_update( &ctx, sha512_test_buf[j],
mbedtls_sha512_update( &ctx, sha512_test_buf[j],
sha512_test_buflen[j] );
sha512_finish( &ctx, sha512sum );
mbedtls_sha512_finish( &ctx, sha512sum );
if( memcmp( sha512sum, sha512_test_sum[i], 64 - k * 16 ) != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
mbedtls_printf( "failed\n" );
ret = 1;
goto exit;
}
if( verbose != 0 )
polarssl_printf( "passed\n" );
mbedtls_printf( "passed\n" );
}
if( verbose != 0 )
polarssl_printf( "\n" );
mbedtls_printf( "\n" );
exit:
sha512_free( &ctx );
mbedtls_sha512_free( &ctx );
return( ret );
}
#endif /* POLARSSL_SELF_TEST */
#endif /* MBEDTLS_SELF_TEST */
#endif /* POLARSSL_SHA512_C */
#endif /* MBEDTLS_SHA512_C */

130
library/ssl_cache.c
View File

@ -24,49 +24,49 @@
* to store and retrieve the session information.
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_SSL_CACHE_C)
#if defined(MBEDTLS_SSL_CACHE_C)
#include "mbedtls/ssl_cache.h"
#include <string.h>
#if defined(POLARSSL_PLATFORM_C)
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#include <stdlib.h>
#define polarssl_malloc malloc
#define polarssl_free free
#define mbedtls_malloc malloc
#define mbedtls_free free
#endif
void ssl_cache_init( ssl_cache_context *cache )
void mbedtls_ssl_cache_init( mbedtls_ssl_cache_context *cache )
{
memset( cache, 0, sizeof( ssl_cache_context ) );
memset( cache, 0, sizeof( mbedtls_ssl_cache_context ) );
cache->timeout = SSL_CACHE_DEFAULT_TIMEOUT;
cache->max_entries = SSL_CACHE_DEFAULT_MAX_ENTRIES;
cache->timeout = MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT;
cache->max_entries = MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES;
#if defined(POLARSSL_THREADING_C)
polarssl_mutex_init( &cache->mutex );
#if defined(MBEDTLS_THREADING_C)
mbedtls_mutex_init( &cache->mutex );
#endif
}
int ssl_cache_get( void *data, ssl_session *session )
int mbedtls_ssl_cache_get( void *data, mbedtls_ssl_session *session )
{
int ret = 1;
#if defined(POLARSSL_HAVE_TIME)
#if defined(MBEDTLS_HAVE_TIME)
time_t t = time( NULL );
#endif
ssl_cache_context *cache = (ssl_cache_context *) data;
ssl_cache_entry *cur, *entry;
mbedtls_ssl_cache_context *cache = (mbedtls_ssl_cache_context *) data;
mbedtls_ssl_cache_entry *cur, *entry;
#if defined(POLARSSL_THREADING_C)
if( polarssl_mutex_lock( &cache->mutex ) != 0 )
#if defined(MBEDTLS_THREADING_C)
if( mbedtls_mutex_lock( &cache->mutex ) != 0 )
return( 1 );
#endif
@ -78,7 +78,7 @@ int ssl_cache_get( void *data, ssl_session *session )
entry = cur;
cur = cur->next;
#if defined(POLARSSL_HAVE_TIME)
#if defined(MBEDTLS_HAVE_TIME)
if( cache->timeout != 0 &&
(int) ( t - entry->timestamp ) > cache->timeout )
continue;
@ -97,57 +97,57 @@ int ssl_cache_get( void *data, ssl_session *session )
session->verify_result = entry->session.verify_result;
#if defined(POLARSSL_X509_CRT_PARSE_C)
#if defined(MBEDTLS_X509_CRT_PARSE_C)
/*
* Restore peer certificate (without rest of the original chain)
*/
if( entry->peer_cert.p != NULL )
{
if( ( session->peer_cert = polarssl_malloc(
sizeof(x509_crt) ) ) == NULL )
if( ( session->peer_cert = mbedtls_malloc(
sizeof(mbedtls_x509_crt) ) ) == NULL )
{
ret = 1;
goto exit;
}
x509_crt_init( session->peer_cert );
if( x509_crt_parse( session->peer_cert, entry->peer_cert.p,
mbedtls_x509_crt_init( session->peer_cert );
if( mbedtls_x509_crt_parse( session->peer_cert, entry->peer_cert.p,
entry->peer_cert.len ) != 0 )
{
polarssl_free( session->peer_cert );
mbedtls_free( session->peer_cert );
session->peer_cert = NULL;
ret = 1;
goto exit;
}
}
#endif /* POLARSSL_X509_CRT_PARSE_C */
#endif /* MBEDTLS_X509_CRT_PARSE_C */
ret = 0;
goto exit;
}
exit:
#if defined(POLARSSL_THREADING_C)
if( polarssl_mutex_unlock( &cache->mutex ) != 0 )
#if defined(MBEDTLS_THREADING_C)
if( mbedtls_mutex_unlock( &cache->mutex ) != 0 )
ret = 1;
#endif
return( ret );
}
int ssl_cache_set( void *data, const ssl_session *session )
int mbedtls_ssl_cache_set( void *data, const mbedtls_ssl_session *session )
{
int ret = 1;
#if defined(POLARSSL_HAVE_TIME)
#if defined(MBEDTLS_HAVE_TIME)
time_t t = time( NULL ), oldest = 0;
ssl_cache_entry *old = NULL;
mbedtls_ssl_cache_entry *old = NULL;
#endif
ssl_cache_context *cache = (ssl_cache_context *) data;
ssl_cache_entry *cur, *prv;
mbedtls_ssl_cache_context *cache = (mbedtls_ssl_cache_context *) data;
mbedtls_ssl_cache_entry *cur, *prv;
int count = 0;
#if defined(POLARSSL_THREADING_C)
if( ( ret = polarssl_mutex_lock( &cache->mutex ) ) != 0 )
#if defined(MBEDTLS_THREADING_C)
if( ( ret = mbedtls_mutex_lock( &cache->mutex ) ) != 0 )
return( ret );
#endif
@ -158,7 +158,7 @@ int ssl_cache_set( void *data, const ssl_session *session )
{
count++;
#if defined(POLARSSL_HAVE_TIME)
#if defined(MBEDTLS_HAVE_TIME)
if( cache->timeout != 0 &&
(int) ( t - cur->timestamp ) > cache->timeout )
{
@ -170,7 +170,7 @@ int ssl_cache_set( void *data, const ssl_session *session )
if( memcmp( session->id, cur->session.id, cur->session.length ) == 0 )
break; /* client reconnected, keep timestamp for session id */
#if defined(POLARSSL_HAVE_TIME)
#if defined(MBEDTLS_HAVE_TIME)
if( oldest == 0 || cur->timestamp < oldest )
{
oldest = cur->timestamp;
@ -184,7 +184,7 @@ int ssl_cache_set( void *data, const ssl_session *session )
if( cur == NULL )
{
#if defined(POLARSSL_HAVE_TIME)
#if defined(MBEDTLS_HAVE_TIME)
/*
* Reuse oldest entry if max_entries reached
*/
@ -198,7 +198,7 @@ int ssl_cache_set( void *data, const ssl_session *session )
cur = old;
}
#else /* POLARSSL_HAVE_TIME */
#else /* MBEDTLS_HAVE_TIME */
/*
* Reuse first entry in chain if max_entries reached,
* but move to last place
@ -216,20 +216,20 @@ int ssl_cache_set( void *data, const ssl_session *session )
cur->next = NULL;
prv->next = cur;
}
#endif /* POLARSSL_HAVE_TIME */
#endif /* MBEDTLS_HAVE_TIME */
else
{
/*
* max_entries not reached, create new entry
*/
cur = polarssl_malloc( sizeof(ssl_cache_entry) );
cur = mbedtls_malloc( sizeof(mbedtls_ssl_cache_entry) );
if( cur == NULL )
{
ret = 1;
goto exit;
}
memset( cur, 0, sizeof(ssl_cache_entry) );
memset( cur, 0, sizeof(mbedtls_ssl_cache_entry) );
if( prv == NULL )
cache->chain = cur;
@ -237,21 +237,21 @@ int ssl_cache_set( void *data, const ssl_session *session )
prv->next = cur;
}
#if defined(POLARSSL_HAVE_TIME)
#if defined(MBEDTLS_HAVE_TIME)
cur->timestamp = t;
#endif
}
memcpy( &cur->session, session, sizeof( ssl_session ) );
memcpy( &cur->session, session, sizeof( mbedtls_ssl_session ) );
#if defined(POLARSSL_X509_CRT_PARSE_C)
#if defined(MBEDTLS_X509_CRT_PARSE_C)
/*
* If we're reusing an entry, free its certificate first
*/
if( cur->peer_cert.p != NULL )
{
polarssl_free( cur->peer_cert.p );
memset( &cur->peer_cert, 0, sizeof(x509_buf) );
mbedtls_free( cur->peer_cert.p );
memset( &cur->peer_cert, 0, sizeof(mbedtls_x509_buf) );
}
/*
@ -259,7 +259,7 @@ int ssl_cache_set( void *data, const ssl_session *session )
*/
if( session->peer_cert != NULL )
{
cur->peer_cert.p = polarssl_malloc( session->peer_cert->raw.len );
cur->peer_cert.p = mbedtls_malloc( session->peer_cert->raw.len );
if( cur->peer_cert.p == NULL )
{
ret = 1;
@ -272,38 +272,38 @@ int ssl_cache_set( void *data, const ssl_session *session )
cur->session.peer_cert = NULL;
}
#endif /* POLARSSL_X509_CRT_PARSE_C */
#endif /* MBEDTLS_X509_CRT_PARSE_C */
ret = 0;
exit:
#if defined(POLARSSL_THREADING_C)
if( polarssl_mutex_unlock( &cache->mutex ) != 0 )
#if defined(MBEDTLS_THREADING_C)
if( mbedtls_mutex_unlock( &cache->mutex ) != 0 )
ret = 1;
#endif
return( ret );
}
#if defined(POLARSSL_HAVE_TIME)
void ssl_cache_set_timeout( ssl_cache_context *cache, int timeout )
#if defined(MBEDTLS_HAVE_TIME)
void mbedtls_ssl_cache_set_timeout( mbedtls_ssl_cache_context *cache, int timeout )
{
if( timeout < 0 ) timeout = 0;
cache->timeout = timeout;
}
#endif /* POLARSSL_HAVE_TIME */
#endif /* MBEDTLS_HAVE_TIME */
void ssl_cache_set_max_entries( ssl_cache_context *cache, int max )
void mbedtls_ssl_cache_set_max_entries( mbedtls_ssl_cache_context *cache, int max )
{
if( max < 0 ) max = 0;
cache->max_entries = max;
}
void ssl_cache_free( ssl_cache_context *cache )
void mbedtls_ssl_cache_free( mbedtls_ssl_cache_context *cache )
{
ssl_cache_entry *cur, *prv;
mbedtls_ssl_cache_entry *cur, *prv;
cur = cache->chain;
@ -312,18 +312,18 @@ void ssl_cache_free( ssl_cache_context *cache )
prv = cur;
cur = cur->next;
ssl_session_free( &prv->session );
mbedtls_ssl_session_free( &prv->session );
#if defined(POLARSSL_X509_CRT_PARSE_C)
polarssl_free( prv->peer_cert.p );
#endif /* POLARSSL_X509_CRT_PARSE_C */
#if defined(MBEDTLS_X509_CRT_PARSE_C)
mbedtls_free( prv->peer_cert.p );
#endif /* MBEDTLS_X509_CRT_PARSE_C */
polarssl_free( prv );
mbedtls_free( prv );
}
#if defined(POLARSSL_THREADING_C)
polarssl_mutex_free( &cache->mutex );
#if defined(MBEDTLS_THREADING_C)
mbedtls_mutex_free( &cache->mutex );
#endif
}
#endif /* POLARSSL_SSL_CACHE_C */
#endif /* MBEDTLS_SSL_CACHE_C */

2764
library/ssl_ciphersuites.c
View File

File diff suppressed because it is too large Load Diff

1904
library/ssl_cli.c
View File

File diff suppressed because it is too large Load Diff

84
library/ssl_cookie.c
View File

@ -24,27 +24,27 @@
* to store and retrieve the session information.
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_SSL_COOKIE_C)
#if defined(MBEDTLS_SSL_COOKIE_C)
#include "mbedtls/ssl_cookie.h"
#if defined(POLARSSL_PLATFORM_C)
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#define polarssl_malloc malloc
#define polarssl_free free
#define mbedtls_malloc malloc
#define mbedtls_free free
#endif
#include <string.h>
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
@ -53,16 +53,16 @@ static void polarssl_zeroize( void *v, size_t n ) {
* available. Try SHA-256 first, 512 wastes resources since we need to stay
* with max 32 bytes of cookie for DTLS 1.0
*/
#if defined(POLARSSL_SHA256_C)
#define COOKIE_MD POLARSSL_MD_SHA224
#if defined(MBEDTLS_SHA256_C)
#define COOKIE_MD MBEDTLS_MD_SHA224
#define COOKIE_MD_OUTLEN 32
#define COOKIE_HMAC_LEN 28
#elif defined(POLARSSL_SHA512_C)
#define COOKIE_MD POLARSSL_MD_SHA384
#elif defined(MBEDTLS_SHA512_C)
#define COOKIE_MD MBEDTLS_MD_SHA384
#define COOKIE_MD_OUTLEN 48
#define COOKIE_HMAC_LEN 28
#elif defined(POLARSSL_SHA1_C)
#define COOKIE_MD POLARSSL_MD_SHA1
#elif defined(MBEDTLS_SHA1_C)
#define COOKIE_MD MBEDTLS_MD_SHA1
#define COOKIE_MD_OUTLEN 20
#define COOKIE_HMAC_LEN 20
#else
@ -75,26 +75,26 @@ static void polarssl_zeroize( void *v, size_t n ) {
*/
#define COOKIE_LEN ( 4 + COOKIE_HMAC_LEN )
void ssl_cookie_init( ssl_cookie_ctx *ctx )
void mbedtls_ssl_cookie_init( mbedtls_ssl_cookie_ctx *ctx )
{
md_init( &ctx->hmac_ctx );
#if !defined(POLARSSL_HAVE_TIME)
mbedtls_md_init( &ctx->hmac_ctx );
#if !defined(MBEDTLS_HAVE_TIME)
ctx->serial = 0;
#endif
ctx->timeout = POLARSSL_SSL_COOKIE_TIMEOUT;
ctx->timeout = MBEDTLS_SSL_COOKIE_TIMEOUT;
}
void ssl_cookie_set_timeout( ssl_cookie_ctx *ctx, unsigned long delay )
void mbedtls_ssl_cookie_set_timeout( mbedtls_ssl_cookie_ctx *ctx, unsigned long delay )
{
ctx->timeout = delay;
}
void ssl_cookie_free( ssl_cookie_ctx *ctx )
void mbedtls_ssl_cookie_free( mbedtls_ssl_cookie_ctx *ctx )
{
md_free( &ctx->hmac_ctx );
mbedtls_md_free( &ctx->hmac_ctx );
}
int ssl_cookie_setup( ssl_cookie_ctx *ctx,
int mbedtls_ssl_cookie_setup( mbedtls_ssl_cookie_ctx *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng )
{
@ -104,15 +104,15 @@ int ssl_cookie_setup( ssl_cookie_ctx *ctx,
if( ( ret = f_rng( p_rng, key, sizeof( key ) ) ) != 0 )
return( ret );
ret = md_setup( &ctx->hmac_ctx, md_info_from_type( COOKIE_MD ), 1 );
ret = mbedtls_md_setup( &ctx->hmac_ctx, mbedtls_md_info_from_type( COOKIE_MD ), 1 );
if( ret != 0 )
return( ret );
ret = md_hmac_starts( &ctx->hmac_ctx, key, sizeof( key ) );
ret = mbedtls_md_hmac_starts( &ctx->hmac_ctx, key, sizeof( key ) );
if( ret != 0 )
return( ret );
polarssl_zeroize( key, sizeof( key ) );
mbedtls_zeroize( key, sizeof( key ) );
return( 0 );
}
@ -120,7 +120,7 @@ int ssl_cookie_setup( ssl_cookie_ctx *ctx,
/*
* Generate the HMAC part of a cookie
*/
static int ssl_cookie_hmac( md_context_t *hmac_ctx,
static int ssl_cookie_hmac( mbedtls_md_context_t *hmac_ctx,
const unsigned char time[4],
unsigned char **p, unsigned char *end,
const unsigned char *cli_id, size_t cli_id_len )
@ -129,14 +129,14 @@ static int ssl_cookie_hmac( md_context_t *hmac_ctx,
unsigned char hmac_out[COOKIE_MD_OUTLEN];
if( (size_t)( end - *p ) < COOKIE_HMAC_LEN )
return( POLARSSL_ERR_SSL_BUFFER_TOO_SMALL );
return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
if( ( ret = md_hmac_reset( hmac_ctx ) ) != 0 ||
( ret = md_hmac_update( hmac_ctx, time, 4 ) ) != 0 ||
( ret = md_hmac_update( hmac_ctx, cli_id, cli_id_len ) ) != 0 ||
( ret = md_hmac_finish( hmac_ctx, hmac_out ) ) != 0 )
if( ( ret = mbedtls_md_hmac_reset( hmac_ctx ) ) != 0 ||
( ret = mbedtls_md_hmac_update( hmac_ctx, time, 4 ) ) != 0 ||
( ret = mbedtls_md_hmac_update( hmac_ctx, cli_id, cli_id_len ) ) != 0 ||
( ret = mbedtls_md_hmac_finish( hmac_ctx, hmac_out ) ) != 0 )
{
return( POLARSSL_ERR_SSL_INTERNAL_ERROR );
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
}
memcpy( *p, hmac_out, COOKIE_HMAC_LEN );
@ -148,20 +148,20 @@ static int ssl_cookie_hmac( md_context_t *hmac_ctx,
/*
* Generate cookie for DTLS ClientHello verification
*/
int ssl_cookie_write( void *p_ctx,
int mbedtls_ssl_cookie_write( void *p_ctx,
unsigned char **p, unsigned char *end,
const unsigned char *cli_id, size_t cli_id_len )
{
ssl_cookie_ctx *ctx = (ssl_cookie_ctx *) p_ctx;
mbedtls_ssl_cookie_ctx *ctx = (mbedtls_ssl_cookie_ctx *) p_ctx;
unsigned long t;
if( ctx == NULL || cli_id == NULL )
return( POLARSSL_ERR_SSL_BAD_INPUT_DATA );
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
if( (size_t)( end - *p ) < COOKIE_LEN )
return( POLARSSL_ERR_SSL_BUFFER_TOO_SMALL );
return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
#if defined(POLARSSL_HAVE_TIME)
#if defined(MBEDTLS_HAVE_TIME)
t = (unsigned long) time( NULL );
#else
t = ctx->serial++;
@ -180,17 +180,17 @@ int ssl_cookie_write( void *p_ctx,
/*
* Check a cookie
*/
int ssl_cookie_check( void *p_ctx,
int mbedtls_ssl_cookie_check( void *p_ctx,
const unsigned char *cookie, size_t cookie_len,
const unsigned char *cli_id, size_t cli_id_len )
{
unsigned char ref_hmac[COOKIE_HMAC_LEN];
unsigned char *p = ref_hmac;
ssl_cookie_ctx *ctx = (ssl_cookie_ctx *) p_ctx;
mbedtls_ssl_cookie_ctx *ctx = (mbedtls_ssl_cookie_ctx *) p_ctx;
unsigned long cur_time, cookie_time;
if( ctx == NULL || cli_id == NULL )
return( POLARSSL_ERR_SSL_BAD_INPUT_DATA );
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
if( cookie_len != COOKIE_LEN )
return( -1 );
@ -200,10 +200,10 @@ int ssl_cookie_check( void *p_ctx,
cli_id, cli_id_len ) != 0 )
return( -1 );
if( safer_memcmp( cookie + 4, ref_hmac, sizeof( ref_hmac ) ) != 0 )
if( mbedtls_ssl_safer_memcmp( cookie + 4, ref_hmac, sizeof( ref_hmac ) ) != 0 )
return( -1 );
#if defined(POLARSSL_HAVE_TIME)
#if defined(MBEDTLS_HAVE_TIME)
cur_time = (unsigned long) time( NULL );
#else
cur_time = ctx->serial;
@ -219,4 +219,4 @@ int ssl_cookie_check( void *p_ctx,
return( 0 );
}
#endif /* POLARSSL_SSL_COOKIE_C */
#endif /* MBEDTLS_SSL_COOKIE_C */

2224
library/ssl_srv.c
View File

File diff suppressed because it is too large Load Diff

4124
library/ssl_tls.c
View File

File diff suppressed because it is too large Load Diff

76
library/threading.c
View File

@ -20,91 +20,91 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_THREADING_C)
#if defined(MBEDTLS_THREADING_C)
#include "mbedtls/threading.h"
#if defined(POLARSSL_THREADING_PTHREAD)
static int threading_mutex_init_pthread( threading_mutex_t *mutex )
#if defined(MBEDTLS_THREADING_PTHREAD)
static int threading_mutex_init_pthread( mbedtls_threading_mutex_t *mutex )
{
if( mutex == NULL )
return( POLARSSL_ERR_THREADING_BAD_INPUT_DATA );
return( MBEDTLS_ERR_THREADING_BAD_INPUT_DATA );
if( pthread_mutex_init( mutex, NULL ) != 0 )
return( POLARSSL_ERR_THREADING_MUTEX_ERROR );
return( MBEDTLS_ERR_THREADING_MUTEX_ERROR );
return( 0 );
}
static int threading_mutex_free_pthread( threading_mutex_t *mutex )
static int threading_mutex_free_pthread( mbedtls_threading_mutex_t *mutex )
{
if( mutex == NULL )
return( POLARSSL_ERR_THREADING_BAD_INPUT_DATA );
return( MBEDTLS_ERR_THREADING_BAD_INPUT_DATA );
if( pthread_mutex_destroy( mutex ) != 0 )
return( POLARSSL_ERR_THREADING_MUTEX_ERROR );
return( MBEDTLS_ERR_THREADING_MUTEX_ERROR );
return( 0 );
}
static int threading_mutex_lock_pthread( threading_mutex_t *mutex )
static int threading_mutex_lock_pthread( mbedtls_threading_mutex_t *mutex )
{
if( mutex == NULL )
return( POLARSSL_ERR_THREADING_BAD_INPUT_DATA );
return( MBEDTLS_ERR_THREADING_BAD_INPUT_DATA );
if( pthread_mutex_lock( mutex ) != 0 )
return( POLARSSL_ERR_THREADING_MUTEX_ERROR );
return( MBEDTLS_ERR_THREADING_MUTEX_ERROR );
return( 0 );
}
static int threading_mutex_unlock_pthread( threading_mutex_t *mutex )
static int threading_mutex_unlock_pthread( mbedtls_threading_mutex_t *mutex )
{
if( mutex == NULL )
return( POLARSSL_ERR_THREADING_BAD_INPUT_DATA );
return( MBEDTLS_ERR_THREADING_BAD_INPUT_DATA );
if( pthread_mutex_unlock( mutex ) != 0 )
return( POLARSSL_ERR_THREADING_MUTEX_ERROR );
return( MBEDTLS_ERR_THREADING_MUTEX_ERROR );
return( 0 );
}
int (*polarssl_mutex_init)( threading_mutex_t * ) = threading_mutex_init_pthread;
int (*polarssl_mutex_free)( threading_mutex_t * ) = threading_mutex_free_pthread;
int (*polarssl_mutex_lock)( threading_mutex_t * ) = threading_mutex_lock_pthread;
int (*polarssl_mutex_unlock)( threading_mutex_t * ) = threading_mutex_unlock_pthread;
#endif /* POLARSSL_THREADING_PTHREAD */
int (*mbedtls_mutex_init)( mbedtls_threading_mutex_t * ) = threading_mutex_init_pthread;
int (*mbedtls_mutex_free)( mbedtls_threading_mutex_t * ) = threading_mutex_free_pthread;
int (*mbedtls_mutex_lock)( mbedtls_threading_mutex_t * ) = threading_mutex_lock_pthread;
int (*mbedtls_mutex_unlock)( mbedtls_threading_mutex_t * ) = threading_mutex_unlock_pthread;
#endif /* MBEDTLS_THREADING_PTHREAD */
#if defined(POLARSSL_THREADING_ALT)
static int threading_mutex_fail( threading_mutex_t *mutex )
#if defined(MBEDTLS_THREADING_ALT)
static int threading_mutex_fail( mbedtls_threading_mutex_t *mutex )
{
((void) mutex );
return( POLARSSL_ERR_THREADING_BAD_INPUT_DATA );
return( MBEDTLS_ERR_THREADING_BAD_INPUT_DATA );
}
int (*polarssl_mutex_init)( threading_mutex_t * ) = threading_mutex_fail;
int (*polarssl_mutex_free)( threading_mutex_t * ) = threading_mutex_fail;
int (*polarssl_mutex_lock)( threading_mutex_t * ) = threading_mutex_fail;
int (*polarssl_mutex_unlock)( threading_mutex_t * ) = threading_mutex_fail;
int (*mbedtls_mutex_init)( mbedtls_threading_mutex_t * ) = threading_mutex_fail;
int (*mbedtls_mutex_free)( mbedtls_threading_mutex_t * ) = threading_mutex_fail;
int (*mbedtls_mutex_lock)( mbedtls_threading_mutex_t * ) = threading_mutex_fail;
int (*mbedtls_mutex_unlock)( mbedtls_threading_mutex_t * ) = threading_mutex_fail;
int threading_set_alt( int (*mutex_init)( threading_mutex_t * ),
int (*mutex_free)( threading_mutex_t * ),
int (*mutex_lock)( threading_mutex_t * ),
int (*mutex_unlock)( threading_mutex_t * ) )
int mbedtls_threading_set_alt( int (*mutex_init)( mbedtls_threading_mutex_t * ),
int (*mutex_free)( mbedtls_threading_mutex_t * ),
int (*mutex_lock)( mbedtls_threading_mutex_t * ),
int (*mutex_unlock)( mbedtls_threading_mutex_t * ) )
{
polarssl_mutex_init = mutex_init;
polarssl_mutex_free = mutex_free;
polarssl_mutex_lock = mutex_lock;
polarssl_mutex_unlock = mutex_unlock;
mbedtls_mutex_init = mutex_init;
mbedtls_mutex_free = mutex_free;
mbedtls_mutex_lock = mutex_lock;
mbedtls_mutex_unlock = mutex_unlock;
return( 0 );
}
#endif /* POLARSSL_THREADING_ALT */
#endif /* MBEDTLS_THREADING_ALT */
#endif /* POLARSSL_THREADING_C */
#endif /* MBEDTLS_THREADING_C */

196
library/timing.c
View File

@ -20,20 +20,20 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_SELF_TEST) && defined(POLARSSL_PLATFORM_C)
#if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#include <stdio.h>
#define polarssl_printf printf
#define mbedtls_printf printf
#endif
#if defined(POLARSSL_TIMING_C) && !defined(POLARSSL_TIMING_ALT)
#if defined(MBEDTLS_TIMING_C) && !defined(MBEDTLS_TIMING_ALT)
#include "mbedtls/timing.h"
@ -62,57 +62,57 @@ struct _hr_time
#endif /* _WIN32 && !EFIX64 && !EFI32 */
#if !defined(POLARSSL_HAVE_HARDCLOCK) && defined(POLARSSL_HAVE_ASM) && \
#if !defined(MBEDTLS_HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \
( defined(_MSC_VER) && defined(_M_IX86) ) || defined(__WATCOMC__)
#define POLARSSL_HAVE_HARDCLOCK
#define MBEDTLS_HAVE_HARDCLOCK
unsigned long hardclock( void )
unsigned long mbedtls_timing_hardclock( void )
{
unsigned long tsc;
__asm rdtsc
__asm mov [tsc], eax
return( tsc );
}
#endif /* !POLARSSL_HAVE_HARDCLOCK && POLARSSL_HAVE_ASM &&
#endif /* !MBEDTLS_HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
( _MSC_VER && _M_IX86 ) || __WATCOMC__ */
/* some versions of mingw-64 have 32-bit longs even on x84_64 */
#if !defined(POLARSSL_HAVE_HARDCLOCK) && defined(POLARSSL_HAVE_ASM) && \
#if !defined(MBEDTLS_HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \
defined(__GNUC__) && ( defined(__i386__) || ( \
( defined(__amd64__) || defined( __x86_64__) ) && __SIZEOF_LONG__ == 4 ) )
#define POLARSSL_HAVE_HARDCLOCK
#define MBEDTLS_HAVE_HARDCLOCK
unsigned long hardclock( void )
unsigned long mbedtls_timing_hardclock( void )
{
unsigned long lo, hi;
asm volatile( "rdtsc" : "=a" (lo), "=d" (hi) );
return( lo );
}
#endif /* !POLARSSL_HAVE_HARDCLOCK && POLARSSL_HAVE_ASM &&
#endif /* !MBEDTLS_HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
__GNUC__ && __i386__ */
#if !defined(POLARSSL_HAVE_HARDCLOCK) && defined(POLARSSL_HAVE_ASM) && \
#if !defined(MBEDTLS_HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \
defined(__GNUC__) && ( defined(__amd64__) || defined(__x86_64__) )
#define POLARSSL_HAVE_HARDCLOCK
#define MBEDTLS_HAVE_HARDCLOCK
unsigned long hardclock( void )
unsigned long mbedtls_timing_hardclock( void )
{
unsigned long lo, hi;
asm volatile( "rdtsc" : "=a" (lo), "=d" (hi) );
return( lo | ( hi << 32 ) );
}
#endif /* !POLARSSL_HAVE_HARDCLOCK && POLARSSL_HAVE_ASM &&
#endif /* !MBEDTLS_HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
__GNUC__ && ( __amd64__ || __x86_64__ ) */
#if !defined(POLARSSL_HAVE_HARDCLOCK) && defined(POLARSSL_HAVE_ASM) && \
#if !defined(MBEDTLS_HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \
defined(__GNUC__) && ( defined(__powerpc__) || defined(__ppc__) )
#define POLARSSL_HAVE_HARDCLOCK
#define MBEDTLS_HAVE_HARDCLOCK
unsigned long hardclock( void )
unsigned long mbedtls_timing_hardclock( void )
{
unsigned long tbl, tbu0, tbu1;
@ -126,76 +126,76 @@ unsigned long hardclock( void )
return( tbl );
}
#endif /* !POLARSSL_HAVE_HARDCLOCK && POLARSSL_HAVE_ASM &&
#endif /* !MBEDTLS_HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
__GNUC__ && ( __powerpc__ || __ppc__ ) */
#if !defined(POLARSSL_HAVE_HARDCLOCK) && defined(POLARSSL_HAVE_ASM) && \
#if !defined(MBEDTLS_HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \
defined(__GNUC__) && defined(__sparc64__)
#if defined(__OpenBSD__)
#warning OpenBSD does not allow access to tick register using software version instead
#else
#define POLARSSL_HAVE_HARDCLOCK
#define MBEDTLS_HAVE_HARDCLOCK
unsigned long hardclock( void )
unsigned long mbedtls_timing_hardclock( void )
{
unsigned long tick;
asm volatile( "rdpr %%tick, %0;" : "=&r" (tick) );
return( tick );
}
#endif /* __OpenBSD__ */
#endif /* !POLARSSL_HAVE_HARDCLOCK && POLARSSL_HAVE_ASM &&
#endif /* !MBEDTLS_HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
__GNUC__ && __sparc64__ */
#if !defined(POLARSSL_HAVE_HARDCLOCK) && defined(POLARSSL_HAVE_ASM) && \
#if !defined(MBEDTLS_HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \
defined(__GNUC__) && defined(__sparc__) && !defined(__sparc64__)
#define POLARSSL_HAVE_HARDCLOCK
#define MBEDTLS_HAVE_HARDCLOCK
unsigned long hardclock( void )
unsigned long mbedtls_timing_hardclock( void )
{
unsigned long tick;
asm volatile( ".byte 0x83, 0x41, 0x00, 0x00" );
asm volatile( "mov %%g1, %0" : "=r" (tick) );
return( tick );
}
#endif /* !POLARSSL_HAVE_HARDCLOCK && POLARSSL_HAVE_ASM &&
#endif /* !MBEDTLS_HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
__GNUC__ && __sparc__ && !__sparc64__ */
#if !defined(POLARSSL_HAVE_HARDCLOCK) && defined(POLARSSL_HAVE_ASM) && \
#if !defined(MBEDTLS_HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \
defined(__GNUC__) && defined(__alpha__)
#define POLARSSL_HAVE_HARDCLOCK
#define MBEDTLS_HAVE_HARDCLOCK
unsigned long hardclock( void )
unsigned long mbedtls_timing_hardclock( void )
{
unsigned long cc;
asm volatile( "rpcc %0" : "=r" (cc) );
return( cc & 0xFFFFFFFF );
}
#endif /* !POLARSSL_HAVE_HARDCLOCK && POLARSSL_HAVE_ASM &&
#endif /* !MBEDTLS_HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
__GNUC__ && __alpha__ */
#if !defined(POLARSSL_HAVE_HARDCLOCK) && defined(POLARSSL_HAVE_ASM) && \
#if !defined(MBEDTLS_HAVE_HARDCLOCK) && defined(MBEDTLS_HAVE_ASM) && \
defined(__GNUC__) && defined(__ia64__)
#define POLARSSL_HAVE_HARDCLOCK
#define MBEDTLS_HAVE_HARDCLOCK
unsigned long hardclock( void )
unsigned long mbedtls_timing_hardclock( void )
{
unsigned long itc;
asm volatile( "mov %0 = ar.itc" : "=r" (itc) );
return( itc );
}
#endif /* !POLARSSL_HAVE_HARDCLOCK && POLARSSL_HAVE_ASM &&
#endif /* !MBEDTLS_HAVE_HARDCLOCK && MBEDTLS_HAVE_ASM &&
__GNUC__ && __ia64__ */
#if !defined(POLARSSL_HAVE_HARDCLOCK) && defined(_MSC_VER) && \
#if !defined(MBEDTLS_HAVE_HARDCLOCK) && defined(_MSC_VER) && \
!defined(EFIX64) && !defined(EFI32)
#define POLARSSL_HAVE_HARDCLOCK
#define MBEDTLS_HAVE_HARDCLOCK
unsigned long hardclock( void )
unsigned long mbedtls_timing_hardclock( void )
{
LARGE_INTEGER offset;
@ -203,16 +203,16 @@ unsigned long hardclock( void )
return( (unsigned long)( offset.QuadPart ) );
}
#endif /* !POLARSSL_HAVE_HARDCLOCK && _MSC_VER && !EFIX64 && !EFI32 */
#endif /* !MBEDTLS_HAVE_HARDCLOCK && _MSC_VER && !EFIX64 && !EFI32 */
#if !defined(POLARSSL_HAVE_HARDCLOCK)
#if !defined(MBEDTLS_HAVE_HARDCLOCK)
#define POLARSSL_HAVE_HARDCLOCK
#define MBEDTLS_HAVE_HARDCLOCK
static int hardclock_init = 0;
static struct timeval tv_init;
unsigned long hardclock( void )
unsigned long mbedtls_timing_hardclock( void )
{
struct timeval tv_cur;
@ -226,13 +226,13 @@ unsigned long hardclock( void )
return( ( tv_cur.tv_sec - tv_init.tv_sec ) * 1000000
+ ( tv_cur.tv_usec - tv_init.tv_usec ) );
}
#endif /* !POLARSSL_HAVE_HARDCLOCK */
#endif /* !MBEDTLS_HAVE_HARDCLOCK */
volatile int alarmed = 0;
volatile int mbedtls_timing_alarmed = 0;
#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
unsigned long get_timer( struct hr_time *val, int reset )
unsigned long mbedtls_timing_get_timer( struct mbedtls_timing_hr_time *val, int reset )
{
unsigned long delta;
LARGE_INTEGER offset, hfreq;
@ -258,27 +258,27 @@ static DWORD WINAPI TimerProc( LPVOID TimerContext )
{
((void) TimerContext);
Sleep( alarmMs );
alarmed = 1;
mbedtls_timing_alarmed = 1;
return( TRUE );
}
void set_alarm( int seconds )
void mbedtls_set_alarm( int seconds )
{
DWORD ThreadId;
alarmed = 0;
mbedtls_timing_alarmed = 0;
alarmMs = seconds * 1000;
CloseHandle( CreateThread( NULL, 0, TimerProc, NULL, 0, &ThreadId ) );
}
void m_sleep( int milliseconds )
void mbedtls_timing_m_sleep( int milliseconds )
{
Sleep( milliseconds );
}
#else /* _WIN32 && !EFIX64 && !EFI32 */
unsigned long get_timer( struct hr_time *val, int reset )
unsigned long mbedtls_timing_get_timer( struct mbedtls_timing_hr_time *val, int reset )
{
unsigned long delta;
struct timeval offset;
@ -300,7 +300,7 @@ unsigned long get_timer( struct hr_time *val, int reset )
}
#if defined(INTEGRITY)
void m_sleep( int milliseconds )
void mbedtls_timing_m_sleep( int milliseconds )
{
usleep( milliseconds * 1000 );
}
@ -309,18 +309,18 @@ void m_sleep( int milliseconds )
static void sighandler( int signum )
{
alarmed = 1;
mbedtls_timing_alarmed = 1;
signal( signum, sighandler );
}
void set_alarm( int seconds )
void mbedtls_set_alarm( int seconds )
{
alarmed = 0;
mbedtls_timing_alarmed = 0;
signal( SIGALRM, sighandler );
alarm( seconds );
}
void m_sleep( int milliseconds )
void mbedtls_timing_m_sleep( int milliseconds )
{
struct timeval tv;
@ -333,26 +333,26 @@ void m_sleep( int milliseconds )
#endif /* _WIN32 && !EFIX64 && !EFI32 */
#if defined(POLARSSL_SELF_TEST)
#if defined(MBEDTLS_SELF_TEST)
/* To test net_usleep against our functions */
#if defined(POLARSSL_NET_C) && defined(POLARSSL_HAVE_TIME)
/* To test mbedtls_net_usleep against our functions */
#if defined(MBEDTLS_NET_C) && defined(MBEDTLS_HAVE_TIME)
#include "mbedtls/net.h"
#endif
/*
* Busy-waits for the given number of milliseconds.
* Used for testing hardclock.
* Used for testing mbedtls_timing_hardclock.
*/
static void busy_msleep( unsigned long msec )
{
struct hr_time hires;
struct mbedtls_timing_hr_time hires;
unsigned long i = 0; /* for busy-waiting */
volatile unsigned long j; /* to prevent optimisation */
(void) get_timer( &hires, 1 );
(void) mbedtls_timing_get_timer( &hires, 1 );
while( get_timer( &hires, 0 ) < msec )
while( mbedtls_timing_get_timer( &hires, 0 ) < msec )
i++;
j = i;
@ -365,66 +365,66 @@ static void busy_msleep( unsigned long msec )
* Warning: this is work in progress, some tests may not be reliable enough
* yet! False positives may happen.
*/
int timing_self_test( int verbose )
int mbedtls_timing_self_test( int verbose )
{
unsigned long cycles, ratio;
unsigned long millisecs, secs;
int hardfail;
struct hr_time hires;
struct mbedtls_timing_hr_time hires;
if( verbose != 0 )
polarssl_printf( " TIMING tests note: will take some time!\n" );
mbedtls_printf( " TIMING tests note: will take some time!\n" );
if( verbose != 0 )
polarssl_printf( " TIMING test #1 (m_sleep / get_timer): " );
mbedtls_printf( " TIMING test #1 (m_sleep / get_timer): " );
for( secs = 1; secs <= 3; secs++ )
{
(void) get_timer( &hires, 1 );
(void) mbedtls_timing_get_timer( &hires, 1 );
m_sleep( (int)( 500 * secs ) );
mbedtls_timing_m_sleep( (int)( 500 * secs ) );
millisecs = get_timer( &hires, 0 );
millisecs = mbedtls_timing_get_timer( &hires, 0 );
if( millisecs < 450 * secs || millisecs > 550 * secs )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
mbedtls_printf( "failed\n" );
return( 1 );
}
}
if( verbose != 0 )
polarssl_printf( "passed\n" );
mbedtls_printf( "passed\n" );
if( verbose != 0 )
polarssl_printf( " TIMING test #2 (set_alarm / get_timer): " );
mbedtls_printf( " TIMING test #2 (set_alarm / get_timer): " );
for( secs = 1; secs <= 3; secs++ )
{
(void) get_timer( &hires, 1 );
(void) mbedtls_timing_get_timer( &hires, 1 );
set_alarm( (int) secs );
while( !alarmed )
mbedtls_set_alarm( (int) secs );
while( !mbedtls_timing_alarmed )
;
millisecs = get_timer( &hires, 0 );
millisecs = mbedtls_timing_get_timer( &hires, 0 );
if( millisecs < 900 * secs || millisecs > 1100 * secs )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
mbedtls_printf( "failed\n" );
return( 1 );
}
}
if( verbose != 0 )
polarssl_printf( "passed\n" );
mbedtls_printf( "passed\n" );
if( verbose != 0 )
polarssl_printf( " TIMING test #3 (hardclock / get_timer): " );
mbedtls_printf( " TIMING test #3 (hardclock / get_timer): " );
/*
* Allow one failure for possible counter wrapping.
@ -437,24 +437,24 @@ hard_test:
if( hardfail > 1 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
mbedtls_printf( "failed\n" );
return( 1 );
}
/* Get a reference ratio cycles/ms */
millisecs = 1;
cycles = hardclock();
cycles = mbedtls_timing_hardclock();
busy_msleep( millisecs );
cycles = hardclock() - cycles;
cycles = mbedtls_timing_hardclock() - cycles;
ratio = cycles / millisecs;
/* Check that the ratio is mostly constant */
for( millisecs = 2; millisecs <= 4; millisecs++ )
{
cycles = hardclock();
cycles = mbedtls_timing_hardclock();
busy_msleep( millisecs );
cycles = hardclock() - cycles;
cycles = mbedtls_timing_hardclock() - cycles;
/* Allow variation up to 20% */
if( cycles / millisecs < ratio - ratio / 5 ||
@ -466,39 +466,39 @@ hard_test:
}
if( verbose != 0 )
polarssl_printf( "passed\n" );
mbedtls_printf( "passed\n" );
#if defined(POLARSSL_NET_C) && defined(POLARSSL_HAVE_TIME)
#if defined(MBEDTLS_NET_C) && defined(MBEDTLS_HAVE_TIME)
if( verbose != 0 )
polarssl_printf( " TIMING test #4 (net_usleep/ get_timer): " );
mbedtls_printf( " TIMING test #4 (net_usleep/ get_timer): " );
for( secs = 1; secs <= 3; secs++ )
{
(void) get_timer( &hires, 1 );
(void) mbedtls_timing_get_timer( &hires, 1 );
net_usleep( 500000 * secs );
mbedtls_net_usleep( 500000 * secs );
millisecs = get_timer( &hires, 0 );
millisecs = mbedtls_timing_get_timer( &hires, 0 );
if( millisecs < 450 * secs || millisecs > 550 * secs )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
mbedtls_printf( "failed\n" );
return( 1 );
}
}
if( verbose != 0 )
polarssl_printf( "passed\n" );
#endif /* POLARSSL_NET_C */
mbedtls_printf( "passed\n" );
#endif /* MBEDTLS_NET_C */
if( verbose != 0 )
polarssl_printf( "\n" );
mbedtls_printf( "\n" );
return( 0 );
}
#endif /* POLARSSL_SELF_TEST */
#endif /* MBEDTLS_SELF_TEST */
#endif /* POLARSSL_TIMING_C && !POLARSSL_TIMING_ALT */
#endif /* MBEDTLS_TIMING_C && !MBEDTLS_TIMING_ALT */

24
library/version.c
View File

@ -20,32 +20,32 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_VERSION_C)
#if defined(MBEDTLS_VERSION_C)
#include "mbedtls/version.h"
#include <string.h>
unsigned int version_get_number()
unsigned int mbedtls_version_get_number()
{
return( POLARSSL_VERSION_NUMBER );
return( MBEDTLS_VERSION_NUMBER );
}
void version_get_string( char *string )
void mbedtls_version_get_string( char *string )
{
memcpy( string, POLARSSL_VERSION_STRING,
sizeof( POLARSSL_VERSION_STRING ) );
memcpy( string, MBEDTLS_VERSION_STRING,
sizeof( MBEDTLS_VERSION_STRING ) );
}
void version_get_string_full( char *string )
void mbedtls_version_get_string_full( char *string )
{
memcpy( string, POLARSSL_VERSION_STRING_FULL,
sizeof( POLARSSL_VERSION_STRING_FULL ) );
memcpy( string, MBEDTLS_VERSION_STRING_FULL,
sizeof( MBEDTLS_VERSION_STRING_FULL ) );
}
#endif /* POLARSSL_VERSION_C */
#endif /* MBEDTLS_VERSION_C */

1124
library/version_features.c
View File

File diff suppressed because it is too large Load Diff

472
library/x509.c
View File

File diff suppressed because it is too large Load Diff

170
library/x509_create.c
View File

@ -20,13 +20,13 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_X509_CREATE_C)
#if defined(MBEDTLS_X509_CREATE_C)
#include "mbedtls/x509.h"
#include "mbedtls/asn1write.h"
@ -49,34 +49,34 @@ typedef struct {
static const x509_attr_descriptor_t x509_attrs[] =
{
{ ADD_STRLEN( "CN" ), OID_AT_CN },
{ ADD_STRLEN( "commonName" ), OID_AT_CN },
{ ADD_STRLEN( "C" ), OID_AT_COUNTRY },
{ ADD_STRLEN( "countryName" ), OID_AT_COUNTRY },
{ ADD_STRLEN( "O" ), OID_AT_ORGANIZATION },
{ ADD_STRLEN( "organizationName" ), OID_AT_ORGANIZATION },
{ ADD_STRLEN( "L" ), OID_AT_LOCALITY },
{ ADD_STRLEN( "locality" ), OID_AT_LOCALITY },
{ ADD_STRLEN( "R" ), OID_PKCS9_EMAIL },
{ ADD_STRLEN( "OU" ), OID_AT_ORG_UNIT },
{ ADD_STRLEN( "organizationalUnitName" ), OID_AT_ORG_UNIT },
{ ADD_STRLEN( "ST" ), OID_AT_STATE },
{ ADD_STRLEN( "stateOrProvinceName" ), OID_AT_STATE },
{ ADD_STRLEN( "emailAddress" ), OID_PKCS9_EMAIL },
{ ADD_STRLEN( "serialNumber" ), OID_AT_SERIAL_NUMBER },
{ ADD_STRLEN( "postalAddress" ), OID_AT_POSTAL_ADDRESS },
{ ADD_STRLEN( "postalCode" ), OID_AT_POSTAL_CODE },
{ ADD_STRLEN( "dnQualifier" ), OID_AT_DN_QUALIFIER },
{ ADD_STRLEN( "title" ), OID_AT_TITLE },
{ ADD_STRLEN( "surName" ), OID_AT_SUR_NAME },
{ ADD_STRLEN( "SN" ), OID_AT_SUR_NAME },
{ ADD_STRLEN( "givenName" ), OID_AT_GIVEN_NAME },
{ ADD_STRLEN( "GN" ), OID_AT_GIVEN_NAME },
{ ADD_STRLEN( "initials" ), OID_AT_INITIALS },
{ ADD_STRLEN( "pseudonym" ), OID_AT_PSEUDONYM },
{ ADD_STRLEN( "generationQualifier" ), OID_AT_GENERATION_QUALIFIER },
{ ADD_STRLEN( "domainComponent" ), OID_DOMAIN_COMPONENT },
{ ADD_STRLEN( "DC" ), OID_DOMAIN_COMPONENT },
{ ADD_STRLEN( "CN" ), MBEDTLS_OID_AT_CN },
{ ADD_STRLEN( "commonName" ), MBEDTLS_OID_AT_CN },
{ ADD_STRLEN( "C" ), MBEDTLS_OID_AT_COUNTRY },
{ ADD_STRLEN( "countryName" ), MBEDTLS_OID_AT_COUNTRY },
{ ADD_STRLEN( "O" ), MBEDTLS_OID_AT_ORGANIZATION },
{ ADD_STRLEN( "organizationName" ), MBEDTLS_OID_AT_ORGANIZATION },
{ ADD_STRLEN( "L" ), MBEDTLS_OID_AT_LOCALITY },
{ ADD_STRLEN( "locality" ), MBEDTLS_OID_AT_LOCALITY },
{ ADD_STRLEN( "R" ), MBEDTLS_OID_PKCS9_EMAIL },
{ ADD_STRLEN( "OU" ), MBEDTLS_OID_AT_ORG_UNIT },
{ ADD_STRLEN( "organizationalUnitName" ), MBEDTLS_OID_AT_ORG_UNIT },
{ ADD_STRLEN( "ST" ), MBEDTLS_OID_AT_STATE },
{ ADD_STRLEN( "stateOrProvinceName" ), MBEDTLS_OID_AT_STATE },
{ ADD_STRLEN( "emailAddress" ), MBEDTLS_OID_PKCS9_EMAIL },
{ ADD_STRLEN( "serialNumber" ), MBEDTLS_OID_AT_SERIAL_NUMBER },
{ ADD_STRLEN( "postalAddress" ), MBEDTLS_OID_AT_POSTAL_ADDRESS },
{ ADD_STRLEN( "postalCode" ), MBEDTLS_OID_AT_POSTAL_CODE },
{ ADD_STRLEN( "dnQualifier" ), MBEDTLS_OID_AT_DN_QUALIFIER },
{ ADD_STRLEN( "title" ), MBEDTLS_OID_AT_TITLE },
{ ADD_STRLEN( "surName" ), MBEDTLS_OID_AT_SUR_NAME },
{ ADD_STRLEN( "SN" ), MBEDTLS_OID_AT_SUR_NAME },
{ ADD_STRLEN( "givenName" ), MBEDTLS_OID_AT_GIVEN_NAME },
{ ADD_STRLEN( "GN" ), MBEDTLS_OID_AT_GIVEN_NAME },
{ ADD_STRLEN( "initials" ), MBEDTLS_OID_AT_INITIALS },
{ ADD_STRLEN( "pseudonym" ), MBEDTLS_OID_AT_PSEUDONYM },
{ ADD_STRLEN( "generationQualifier" ), MBEDTLS_OID_AT_GENERATION_QUALIFIER },
{ ADD_STRLEN( "domainComponent" ), MBEDTLS_OID_DOMAIN_COMPONENT },
{ ADD_STRLEN( "DC" ), MBEDTLS_OID_DOMAIN_COMPONENT },
{ NULL, 0, NULL }
};
@ -92,18 +92,18 @@ static const char *x509_at_oid_from_name( const char *name, size_t name_len )
return( cur->oid );
}
int x509_string_to_names( asn1_named_data **head, const char *name )
int mbedtls_x509_string_to_names( mbedtls_asn1_named_data **head, const char *name )
{
int ret = 0;
const char *s = name, *c = s;
const char *end = s + strlen( s );
const char *oid = NULL;
int in_tag = 1;
char data[X509_MAX_DN_NAME_SIZE];
char data[MBEDTLS_X509_MAX_DN_NAME_SIZE];
char *d = data;
/* Clear existing chain if present */
asn1_free_named_data_list( head );
mbedtls_asn1_free_named_data_list( head );
while( c <= end )
{
@ -111,7 +111,7 @@ int x509_string_to_names( asn1_named_data **head, const char *name )
{
if( ( oid = x509_at_oid_from_name( s, c - s ) ) == NULL )
{
ret = POLARSSL_ERR_X509_UNKNOWN_OID;
ret = MBEDTLS_ERR_X509_UNKNOWN_OID;
goto exit;
}
@ -127,17 +127,17 @@ int x509_string_to_names( asn1_named_data **head, const char *name )
/* Check for valid escaped characters */
if( c == end || *c != ',' )
{
ret = POLARSSL_ERR_X509_INVALID_NAME;
ret = MBEDTLS_ERR_X509_INVALID_NAME;
goto exit;
}
}
else if( !in_tag && ( *c == ',' || c == end ) )
{
if( asn1_store_named_data( head, oid, strlen( oid ),
if( mbedtls_asn1_store_named_data( head, oid, strlen( oid ),
(unsigned char *) data,
d - data ) == NULL )
{
return( POLARSSL_ERR_X509_MALLOC_FAILED );
return( MBEDTLS_ERR_X509_MALLOC_FAILED );
}
while( c < end && *(c + 1) == ' ' )
@ -151,9 +151,9 @@ int x509_string_to_names( asn1_named_data **head, const char *name )
{
*(d++) = *c;
if( d - data == X509_MAX_DN_NAME_SIZE )
if( d - data == MBEDTLS_X509_MAX_DN_NAME_SIZE )
{
ret = POLARSSL_ERR_X509_INVALID_NAME;
ret = MBEDTLS_ERR_X509_INVALID_NAME;
goto exit;
}
}
@ -166,18 +166,18 @@ exit:
return( ret );
}
/* The first byte of the value in the asn1_named_data structure is reserved
/* The first byte of the value in the mbedtls_asn1_named_data structure is reserved
* to store the critical boolean for us
*/
int x509_set_extension( asn1_named_data **head, const char *oid, size_t oid_len,
int mbedtls_x509_set_extension( mbedtls_asn1_named_data **head, const char *oid, size_t oid_len,
int critical, const unsigned char *val, size_t val_len )
{
asn1_named_data *cur;
mbedtls_asn1_named_data *cur;
if( ( cur = asn1_store_named_data( head, oid, oid_len,
if( ( cur = mbedtls_asn1_store_named_data( head, oid, oid_len,
NULL, val_len + 1 ) ) == NULL )
{
return( POLARSSL_ERR_X509_MALLOC_FAILED );
return( MBEDTLS_ERR_X509_MALLOC_FAILED );
}
cur->val.p[0] = critical;
@ -205,60 +205,60 @@ static int x509_write_name( unsigned char **p, unsigned char *start,
int ret;
size_t len = 0;
// Write PrintableString for all except OID_PKCS9_EMAIL
// Write PrintableString for all except MBEDTLS_OID_PKCS9_EMAIL
//
if( OID_SIZE( OID_PKCS9_EMAIL ) == oid_len &&
memcmp( oid, OID_PKCS9_EMAIL, oid_len ) == 0 )
if( MBEDTLS_OID_SIZE( MBEDTLS_OID_PKCS9_EMAIL ) == oid_len &&
memcmp( oid, MBEDTLS_OID_PKCS9_EMAIL, oid_len ) == 0 )
{
ASN1_CHK_ADD( len, asn1_write_ia5_string( p, start,
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_ia5_string( p, start,
(const char *) name,
name_len ) );
}
else
{
ASN1_CHK_ADD( len, asn1_write_printable_string( p, start,
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_printable_string( p, start,
(const char *) name,
name_len ) );
}
// Write OID
//
ASN1_CHK_ADD( len, asn1_write_oid( p, start, oid, oid_len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_oid( p, start, oid, oid_len ) );
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_CONSTRUCTED |
ASN1_SEQUENCE ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_CONSTRUCTED |
MBEDTLS_ASN1_SEQUENCE ) );
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_CONSTRUCTED |
ASN1_SET ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_CONSTRUCTED |
MBEDTLS_ASN1_SET ) );
return( (int) len );
}
int x509_write_names( unsigned char **p, unsigned char *start,
asn1_named_data *first )
int mbedtls_x509_write_names( unsigned char **p, unsigned char *start,
mbedtls_asn1_named_data *first )
{
int ret;
size_t len = 0;
asn1_named_data *cur = first;
mbedtls_asn1_named_data *cur = first;
while( cur != NULL )
{
ASN1_CHK_ADD( len, x509_write_name( p, start, (char *) cur->oid.p,
MBEDTLS_ASN1_CHK_ADD( len, x509_write_name( p, start, (char *) cur->oid.p,
cur->oid.len,
cur->val.p, cur->val.len ) );
cur = cur->next;
}
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_CONSTRUCTED |
ASN1_SEQUENCE ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_CONSTRUCTED |
MBEDTLS_ASN1_SEQUENCE ) );
return( (int) len );
}
int x509_write_sig( unsigned char **p, unsigned char *start,
int mbedtls_x509_write_sig( unsigned char **p, unsigned char *start,
const char *oid, size_t oid_len,
unsigned char *sig, size_t size )
{
@ -266,7 +266,7 @@ int x509_write_sig( unsigned char **p, unsigned char *start,
size_t len = 0;
if( *p - start < (int) size + 1 )
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
len = size;
(*p) -= len;
@ -275,41 +275,41 @@ int x509_write_sig( unsigned char **p, unsigned char *start,
*--(*p) = 0;
len += 1;
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_BIT_STRING ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_BIT_STRING ) );
// Write OID
//
ASN1_CHK_ADD( len, asn1_write_algorithm_identifier( p, start, oid,
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_algorithm_identifier( p, start, oid,
oid_len, 0 ) );
return( (int) len );
}
static int x509_write_extension( unsigned char **p, unsigned char *start,
asn1_named_data *ext )
mbedtls_asn1_named_data *ext )
{
int ret;
size_t len = 0;
ASN1_CHK_ADD( len, asn1_write_raw_buffer( p, start, ext->val.p + 1,
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, ext->val.p + 1,
ext->val.len - 1 ) );
ASN1_CHK_ADD( len, asn1_write_len( p, start, ext->val.len - 1 ) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_OCTET_STRING ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, ext->val.len - 1 ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_OCTET_STRING ) );
if( ext->val.p[0] != 0 )
{
ASN1_CHK_ADD( len, asn1_write_bool( p, start, 1 ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_bool( p, start, 1 ) );
}
ASN1_CHK_ADD( len, asn1_write_raw_buffer( p, start, ext->oid.p,
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, ext->oid.p,
ext->oid.len ) );
ASN1_CHK_ADD( len, asn1_write_len( p, start, ext->oid.len ) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_OID ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, ext->oid.len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_OID ) );
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_CONSTRUCTED |
ASN1_SEQUENCE ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_CONSTRUCTED |
MBEDTLS_ASN1_SEQUENCE ) );
return( (int) len );
}
@ -324,20 +324,20 @@ static int x509_write_extension( unsigned char **p, unsigned char *start,
* -- by extnID
* }
*/
int x509_write_extensions( unsigned char **p, unsigned char *start,
asn1_named_data *first )
int mbedtls_x509_write_extensions( unsigned char **p, unsigned char *start,
mbedtls_asn1_named_data *first )
{
int ret;
size_t len = 0;
asn1_named_data *cur_ext = first;
mbedtls_asn1_named_data *cur_ext = first;
while( cur_ext != NULL )
{
ASN1_CHK_ADD( len, x509_write_extension( p, start, cur_ext ) );
MBEDTLS_ASN1_CHK_ADD( len, x509_write_extension( p, start, cur_ext ) );
cur_ext = cur_ext->next;
}
return( (int) len );
}
#endif /* POLARSSL_X509_CREATE_C */
#endif /* MBEDTLS_X509_CREATE_C */

320
library/x509_crl.c
View File

@ -30,31 +30,31 @@
* http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_X509_CRL_PARSE_C)
#if defined(MBEDTLS_X509_CRL_PARSE_C)
#include "mbedtls/x509_crl.h"
#include "mbedtls/oid.h"
#include <string.h>
#if defined(POLARSSL_PEM_PARSE_C)
#if defined(MBEDTLS_PEM_PARSE_C)
#include "mbedtls/pem.h"
#endif
#if defined(POLARSSL_PLATFORM_C)
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#include <stdlib.h>
#include <stdio.h>
#define polarssl_free free
#define polarssl_malloc malloc
#define polarssl_snprintf snprintf
#define mbedtls_free free
#define mbedtls_malloc malloc
#define mbedtls_snprintf snprintf
#endif
#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
@ -63,12 +63,12 @@
#include <time.h>
#endif
#if defined(POLARSSL_FS_IO) || defined(EFIX64) || defined(EFI32)
#if defined(MBEDTLS_FS_IO) || defined(EFIX64) || defined(EFI32)
#include <stdio.h>
#endif
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
@ -81,15 +81,15 @@ static int x509_crl_get_version( unsigned char **p,
{
int ret;
if( ( ret = asn1_get_int( p, end, ver ) ) != 0 )
if( ( ret = mbedtls_asn1_get_int( p, end, ver ) ) != 0 )
{
if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
{
*ver = 0;
return( 0 );
}
return( POLARSSL_ERR_X509_INVALID_VERSION + ret );
return( MBEDTLS_ERR_X509_INVALID_VERSION + ret );
}
return( 0 );
@ -100,15 +100,15 @@ static int x509_crl_get_version( unsigned char **p,
*/
static int x509_get_crl_ext( unsigned char **p,
const unsigned char *end,
x509_buf *ext )
mbedtls_x509_buf *ext )
{
int ret;
size_t len = 0;
/* Get explicit tag */
if( ( ret = x509_get_ext( p, end, ext, 0) ) != 0 )
if( ( ret = mbedtls_x509_get_ext( p, end, ext, 0) ) != 0 )
{
if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
return( 0 );
return( ret );
@ -116,16 +116,16 @@ static int x509_get_crl_ext( unsigned char **p,
while( *p < end )
{
if( ( ret = asn1_get_tag( p, end, &len,
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + ret );
if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
*p += len;
}
if( *p != end )
return( POLARSSL_ERR_X509_INVALID_EXTENSIONS +
POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
return( 0 );
}
@ -135,7 +135,7 @@ static int x509_get_crl_ext( unsigned char **p,
*/
static int x509_get_crl_entry_ext( unsigned char **p,
const unsigned char *end,
x509_buf *ext )
mbedtls_x509_buf *ext )
{
int ret;
size_t len = 0;
@ -151,35 +151,35 @@ static int x509_get_crl_entry_ext( unsigned char **p,
* Get CRL-entry extension sequence header
* crlEntryExtensions Extensions OPTIONAL -- if present, MUST be v2
*/
if( ( ret = asn1_get_tag( p, end, &ext->len,
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
if( ( ret = mbedtls_asn1_get_tag( p, end, &ext->len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
{
if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
{
ext->p = NULL;
return( 0 );
}
return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + ret );
return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
}
end = *p + ext->len;
if( end != *p + ext->len )
return( POLARSSL_ERR_X509_INVALID_EXTENSIONS +
POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
while( *p < end )
{
if( ( ret = asn1_get_tag( p, end, &len,
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
return( POLARSSL_ERR_X509_INVALID_EXTENSIONS + ret );
if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS + ret );
*p += len;
}
if( *p != end )
return( POLARSSL_ERR_X509_INVALID_EXTENSIONS +
POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS +
MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
return( 0 );
}
@ -189,19 +189,19 @@ static int x509_get_crl_entry_ext( unsigned char **p,
*/
static int x509_get_entries( unsigned char **p,
const unsigned char *end,
x509_crl_entry *entry )
mbedtls_x509_crl_entry *entry )
{
int ret;
size_t entry_len;
x509_crl_entry *cur_entry = entry;
mbedtls_x509_crl_entry *cur_entry = entry;
if( *p == end )
return( 0 );
if( ( ret = asn1_get_tag( p, end, &entry_len,
ASN1_SEQUENCE | ASN1_CONSTRUCTED ) ) != 0 )
if( ( ret = mbedtls_asn1_get_tag( p, end, &entry_len,
MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED ) ) != 0 )
{
if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
return( 0 );
return( ret );
@ -214,8 +214,8 @@ static int x509_get_entries( unsigned char **p,
size_t len2;
const unsigned char *end2;
if( ( ret = asn1_get_tag( p, end, &len2,
ASN1_SEQUENCE | ASN1_CONSTRUCTED ) ) != 0 )
if( ( ret = mbedtls_asn1_get_tag( p, end, &len2,
MBEDTLS_ASN1_SEQUENCE | MBEDTLS_ASN1_CONSTRUCTED ) ) != 0 )
{
return( ret );
}
@ -225,10 +225,10 @@ static int x509_get_entries( unsigned char **p,
cur_entry->raw.len = len2;
end2 = *p + len2;
if( ( ret = x509_get_serial( p, end2, &cur_entry->serial ) ) != 0 )
if( ( ret = mbedtls_x509_get_serial( p, end2, &cur_entry->serial ) ) != 0 )
return( ret );
if( ( ret = x509_get_time( p, end2,
if( ( ret = mbedtls_x509_get_time( p, end2,
&cur_entry->revocation_date ) ) != 0 )
return( ret );
@ -238,12 +238,12 @@ static int x509_get_entries( unsigned char **p,
if( *p < end )
{
cur_entry->next = polarssl_malloc( sizeof( x509_crl_entry ) );
cur_entry->next = mbedtls_malloc( sizeof( mbedtls_x509_crl_entry ) );
if( cur_entry->next == NULL )
return( POLARSSL_ERR_X509_MALLOC_FAILED );
return( MBEDTLS_ERR_X509_MALLOC_FAILED );
memset( cur_entry->next, 0, sizeof( x509_crl_entry ) );
memset( cur_entry->next, 0, sizeof( mbedtls_x509_crl_entry ) );
cur_entry = cur_entry->next;
}
}
@ -254,24 +254,24 @@ static int x509_get_entries( unsigned char **p,
/*
* Parse one CRLs in DER format and append it to the chained list
*/
int x509_crl_parse_der( x509_crl *chain,
int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain,
const unsigned char *buf, size_t buflen )
{
int ret;
size_t len;
unsigned char *p, *end;
x509_buf sig_params1, sig_params2, sig_oid2;
x509_crl *crl = chain;
mbedtls_x509_buf sig_params1, sig_params2, sig_oid2;
mbedtls_x509_crl *crl = chain;
/*
* Check for valid input
*/
if( crl == NULL || buf == NULL )
return( POLARSSL_ERR_X509_BAD_INPUT_DATA );
return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
memset( &sig_params1, 0, sizeof( x509_buf ) );
memset( &sig_params2, 0, sizeof( x509_buf ) );
memset( &sig_oid2, 0, sizeof( x509_buf ) );
memset( &sig_params1, 0, sizeof( mbedtls_x509_buf ) );
memset( &sig_params2, 0, sizeof( mbedtls_x509_buf ) );
memset( &sig_oid2, 0, sizeof( mbedtls_x509_buf ) );
/*
* Add new CRL on the end of the chain if needed.
@ -281,23 +281,23 @@ int x509_crl_parse_der( x509_crl *chain,
if( crl->version != 0 && crl->next == NULL )
{
crl->next = polarssl_malloc( sizeof( x509_crl ) );
crl->next = mbedtls_malloc( sizeof( mbedtls_x509_crl ) );
if( crl->next == NULL )
{
x509_crl_free( crl );
return( POLARSSL_ERR_X509_MALLOC_FAILED );
mbedtls_x509_crl_free( crl );
return( MBEDTLS_ERR_X509_MALLOC_FAILED );
}
x509_crl_init( crl->next );
mbedtls_x509_crl_init( crl->next );
crl = crl->next;
}
/*
* Copy raw DER-encoded CRL
*/
if( ( p = polarssl_malloc( buflen ) ) == NULL )
return( POLARSSL_ERR_X509_MALLOC_FAILED );
if( ( p = mbedtls_malloc( buflen ) ) == NULL )
return( MBEDTLS_ERR_X509_MALLOC_FAILED );
memcpy( p, buf, buflen );
@ -312,18 +312,18 @@ int x509_crl_parse_der( x509_crl *chain,
* signatureAlgorithm AlgorithmIdentifier,
* signatureValue BIT STRING }
*/
if( ( ret = asn1_get_tag( &p, end, &len,
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
{
x509_crl_free( crl );
return( POLARSSL_ERR_X509_INVALID_FORMAT );
mbedtls_x509_crl_free( crl );
return( MBEDTLS_ERR_X509_INVALID_FORMAT );
}
if( len != (size_t) ( end - p ) )
{
x509_crl_free( crl );
return( POLARSSL_ERR_X509_INVALID_FORMAT +
POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
mbedtls_x509_crl_free( crl );
return( MBEDTLS_ERR_X509_INVALID_FORMAT +
MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
}
/*
@ -331,11 +331,11 @@ int x509_crl_parse_der( x509_crl *chain,
*/
crl->tbs.p = p;
if( ( ret = asn1_get_tag( &p, end, &len,
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
{
x509_crl_free( crl );
return( POLARSSL_ERR_X509_INVALID_FORMAT + ret );
mbedtls_x509_crl_free( crl );
return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret );
}
end = p + len;
@ -348,9 +348,9 @@ int x509_crl_parse_der( x509_crl *chain,
* signature AlgorithmIdentifier
*/
if( ( ret = x509_crl_get_version( &p, end, &crl->version ) ) != 0 ||
( ret = x509_get_alg( &p, end, &crl->sig_oid, &sig_params1 ) ) != 0 )
( ret = mbedtls_x509_get_alg( &p, end, &crl->sig_oid, &sig_params1 ) ) != 0 )
{
x509_crl_free( crl );
mbedtls_x509_crl_free( crl );
return( ret );
}
@ -358,16 +358,16 @@ int x509_crl_parse_der( x509_crl *chain,
if( crl->version > 2 )
{
x509_crl_free( crl );
return( POLARSSL_ERR_X509_UNKNOWN_VERSION );
mbedtls_x509_crl_free( crl );
return( MBEDTLS_ERR_X509_UNKNOWN_VERSION );
}
if( ( ret = x509_get_sig_alg( &crl->sig_oid, &sig_params1,
if( ( ret = mbedtls_x509_get_sig_alg( &crl->sig_oid, &sig_params1,
&crl->sig_md, &crl->sig_pk,
&crl->sig_opts ) ) != 0 )
{
x509_crl_free( crl );
return( POLARSSL_ERR_X509_UNKNOWN_SIG_ALG );
mbedtls_x509_crl_free( crl );
return( MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG );
}
/*
@ -375,16 +375,16 @@ int x509_crl_parse_der( x509_crl *chain,
*/
crl->issuer_raw.p = p;
if( ( ret = asn1_get_tag( &p, end, &len,
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
{
x509_crl_free( crl );
return( POLARSSL_ERR_X509_INVALID_FORMAT + ret );
mbedtls_x509_crl_free( crl );
return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret );
}
if( ( ret = x509_get_name( &p, p + len, &crl->issuer ) ) != 0 )
if( ( ret = mbedtls_x509_get_name( &p, p + len, &crl->issuer ) ) != 0 )
{
x509_crl_free( crl );
mbedtls_x509_crl_free( crl );
return( ret );
}
@ -394,20 +394,20 @@ int x509_crl_parse_der( x509_crl *chain,
* thisUpdate Time
* nextUpdate Time OPTIONAL
*/
if( ( ret = x509_get_time( &p, end, &crl->this_update ) ) != 0 )
if( ( ret = mbedtls_x509_get_time( &p, end, &crl->this_update ) ) != 0 )
{
x509_crl_free( crl );
mbedtls_x509_crl_free( crl );
return( ret );
}
if( ( ret = x509_get_time( &p, end, &crl->next_update ) ) != 0 )
if( ( ret = mbedtls_x509_get_time( &p, end, &crl->next_update ) ) != 0 )
{
if( ret != ( POLARSSL_ERR_X509_INVALID_DATE +
POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) &&
ret != ( POLARSSL_ERR_X509_INVALID_DATE +
POLARSSL_ERR_ASN1_OUT_OF_DATA ) )
if( ret != ( MBEDTLS_ERR_X509_INVALID_DATE +
MBEDTLS_ERR_ASN1_UNEXPECTED_TAG ) &&
ret != ( MBEDTLS_ERR_X509_INVALID_DATE +
MBEDTLS_ERR_ASN1_OUT_OF_DATA ) )
{
x509_crl_free( crl );
mbedtls_x509_crl_free( crl );
return( ret );
}
}
@ -422,7 +422,7 @@ int x509_crl_parse_der( x509_crl *chain,
*/
if( ( ret = x509_get_entries( &p, end, &crl->entry ) ) != 0 )
{
x509_crl_free( crl );
mbedtls_x509_crl_free( crl );
return( ret );
}
@ -436,16 +436,16 @@ int x509_crl_parse_der( x509_crl *chain,
if( ret != 0 )
{
x509_crl_free( crl );
mbedtls_x509_crl_free( crl );
return( ret );
}
}
if( p != end )
{
x509_crl_free( crl );
return( POLARSSL_ERR_X509_INVALID_FORMAT +
POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
mbedtls_x509_crl_free( crl );
return( MBEDTLS_ERR_X509_INVALID_FORMAT +
MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
}
end = crl->raw.p + crl->raw.len;
@ -454,9 +454,9 @@ int x509_crl_parse_der( x509_crl *chain,
* signatureAlgorithm AlgorithmIdentifier,
* signatureValue BIT STRING
*/
if( ( ret = x509_get_alg( &p, end, &sig_oid2, &sig_params2 ) ) != 0 )
if( ( ret = mbedtls_x509_get_alg( &p, end, &sig_oid2, &sig_params2 ) ) != 0 )
{
x509_crl_free( crl );
mbedtls_x509_crl_free( crl );
return( ret );
}
@ -465,21 +465,21 @@ int x509_crl_parse_der( x509_crl *chain,
sig_params1.len != sig_params2.len ||
memcmp( sig_params1.p, sig_params2.p, sig_params1.len ) != 0 )
{
x509_crl_free( crl );
return( POLARSSL_ERR_X509_SIG_MISMATCH );
mbedtls_x509_crl_free( crl );
return( MBEDTLS_ERR_X509_SIG_MISMATCH );
}
if( ( ret = x509_get_sig( &p, end, &crl->sig ) ) != 0 )
if( ( ret = mbedtls_x509_get_sig( &p, end, &crl->sig ) ) != 0 )
{
x509_crl_free( crl );
mbedtls_x509_crl_free( crl );
return( ret );
}
if( p != end )
{
x509_crl_free( crl );
return( POLARSSL_ERR_X509_INVALID_FORMAT +
POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
mbedtls_x509_crl_free( crl );
return( MBEDTLS_ERR_X509_INVALID_FORMAT +
MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
}
return( 0 );
@ -488,21 +488,21 @@ int x509_crl_parse_der( x509_crl *chain,
/*
* Parse one or more CRLs and add them to the chained list
*/
int x509_crl_parse( x509_crl *chain, const unsigned char *buf, size_t buflen )
int mbedtls_x509_crl_parse( mbedtls_x509_crl *chain, const unsigned char *buf, size_t buflen )
{
#if defined(POLARSSL_PEM_PARSE_C)
#if defined(MBEDTLS_PEM_PARSE_C)
int ret;
size_t use_len;
pem_context pem;
mbedtls_pem_context pem;
int is_pem = 0;
if( chain == NULL || buf == NULL )
return( POLARSSL_ERR_X509_BAD_INPUT_DATA );
return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
do
{
pem_init( &pem );
ret = pem_read_buffer( &pem,
mbedtls_pem_init( &pem );
ret = mbedtls_pem_read_buffer( &pem,
"-----BEGIN X509 CRL-----",
"-----END X509 CRL-----",
buf, NULL, 0, &use_len );
@ -517,17 +517,17 @@ int x509_crl_parse( x509_crl *chain, const unsigned char *buf, size_t buflen )
buflen -= use_len;
buf += use_len;
if( ( ret = x509_crl_parse_der( chain,
if( ( ret = mbedtls_x509_crl_parse_der( chain,
pem.buf, pem.buflen ) ) != 0 )
{
return( ret );
}
pem_free( &pem );
mbedtls_pem_free( &pem );
}
else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
{
pem_free( &pem );
mbedtls_pem_free( &pem );
return( ret );
}
}
@ -536,31 +536,31 @@ int x509_crl_parse( x509_crl *chain, const unsigned char *buf, size_t buflen )
if( is_pem )
return( 0 );
else
#endif /* POLARSSL_PEM_PARSE_C */
return( x509_crl_parse_der( chain, buf, buflen ) );
#endif /* MBEDTLS_PEM_PARSE_C */
return( mbedtls_x509_crl_parse_der( chain, buf, buflen ) );
}
#if defined(POLARSSL_FS_IO)
#if defined(MBEDTLS_FS_IO)
/*
* Load one or more CRLs and add them to the chained list
*/
int x509_crl_parse_file( x509_crl *chain, const char *path )
int mbedtls_x509_crl_parse_file( mbedtls_x509_crl *chain, const char *path )
{
int ret;
size_t n;
unsigned char *buf;
if( ( ret = pk_load_file( path, &buf, &n ) ) != 0 )
if( ( ret = mbedtls_pk_load_file( path, &buf, &n ) ) != 0 )
return( ret );
ret = x509_crl_parse( chain, buf, n );
ret = mbedtls_x509_crl_parse( chain, buf, n );
polarssl_zeroize( buf, n + 1 );
polarssl_free( buf );
mbedtls_zeroize( buf, n + 1 );
mbedtls_free( buf );
return( ret );
}
#endif /* POLARSSL_FS_IO */
#endif /* MBEDTLS_FS_IO */
#if defined(_MSC_VER) && !defined snprintf && !defined(EFIX64) && \
!defined(EFI32)
@ -598,7 +598,7 @@ static int compat_snprintf( char *str, size_t size, const char *format, ... )
#define snprintf compat_snprintf
#endif /* _MSC_VER && !snprintf && !EFIX64 && !EFI32 */
#define POLARSSL_ERR_DEBUG_BUF_TOO_SMALL -2
#define MBEDTLS_ERR_DEBUG_BUF_TOO_SMALL -2
#define SAFE_SNPRINTF() \
{ \
@ -607,7 +607,7 @@ static int compat_snprintf( char *str, size_t size, const char *format, ... )
\
if( (unsigned int) ret > n ) { \
p[n - 1] = '\0'; \
return( POLARSSL_ERR_DEBUG_BUF_TOO_SMALL ); \
return( MBEDTLS_ERR_DEBUG_BUF_TOO_SMALL ); \
} \
\
n -= (unsigned int) ret; \
@ -622,34 +622,34 @@ static int compat_snprintf( char *str, size_t size, const char *format, ... )
/*
* Return an informational string about the CRL.
*/
int x509_crl_info( char *buf, size_t size, const char *prefix,
const x509_crl *crl )
int mbedtls_x509_crl_info( char *buf, size_t size, const char *prefix,
const mbedtls_x509_crl *crl )
{
int ret;
size_t n;
char *p;
const x509_crl_entry *entry;
const mbedtls_x509_crl_entry *entry;
p = buf;
n = size;
ret = polarssl_snprintf( p, n, "%sCRL version : %d",
ret = mbedtls_snprintf( p, n, "%sCRL version : %d",
prefix, crl->version );
SAFE_SNPRINTF();
ret = polarssl_snprintf( p, n, "\n%sissuer name : ", prefix );
ret = mbedtls_snprintf( p, n, "\n%sissuer name : ", prefix );
SAFE_SNPRINTF();
ret = x509_dn_gets( p, n, &crl->issuer );
ret = mbedtls_x509_dn_gets( p, n, &crl->issuer );
SAFE_SNPRINTF();
ret = polarssl_snprintf( p, n, "\n%sthis update : " \
ret = mbedtls_snprintf( p, n, "\n%sthis update : " \
"%04d-%02d-%02d %02d:%02d:%02d", prefix,
crl->this_update.year, crl->this_update.mon,
crl->this_update.day, crl->this_update.hour,
crl->this_update.min, crl->this_update.sec );
SAFE_SNPRINTF();
ret = polarssl_snprintf( p, n, "\n%snext update : " \
ret = mbedtls_snprintf( p, n, "\n%snext update : " \
"%04d-%02d-%02d %02d:%02d:%02d", prefix,
crl->next_update.year, crl->next_update.mon,
crl->next_update.day, crl->next_update.hour,
@ -658,20 +658,20 @@ int x509_crl_info( char *buf, size_t size, const char *prefix,
entry = &crl->entry;
ret = polarssl_snprintf( p, n, "\n%sRevoked certificates:",
ret = mbedtls_snprintf( p, n, "\n%sRevoked certificates:",
prefix );
SAFE_SNPRINTF();
while( entry != NULL && entry->raw.len != 0 )
{
ret = polarssl_snprintf( p, n, "\n%sserial number: ",
ret = mbedtls_snprintf( p, n, "\n%sserial number: ",
prefix );
SAFE_SNPRINTF();
ret = x509_serial_gets( p, n, &entry->serial );
ret = mbedtls_x509_serial_gets( p, n, &entry->serial );
SAFE_SNPRINTF();
ret = polarssl_snprintf( p, n, " revocation date: " \
ret = mbedtls_snprintf( p, n, " revocation date: " \
"%04d-%02d-%02d %02d:%02d:%02d",
entry->revocation_date.year, entry->revocation_date.mon,
entry->revocation_date.day, entry->revocation_date.hour,
@ -681,14 +681,14 @@ int x509_crl_info( char *buf, size_t size, const char *prefix,
entry = entry->next;
}
ret = polarssl_snprintf( p, n, "\n%ssigned using : ", prefix );
ret = mbedtls_snprintf( p, n, "\n%ssigned using : ", prefix );
SAFE_SNPRINTF();
ret = x509_sig_alg_gets( p, n, &crl->sig_oid, crl->sig_pk, crl->sig_md,
ret = mbedtls_x509_sig_alg_gets( p, n, &crl->sig_oid, crl->sig_pk, crl->sig_md,
crl->sig_opts );
SAFE_SNPRINTF();
ret = polarssl_snprintf( p, n, "\n" );
ret = mbedtls_snprintf( p, n, "\n" );
SAFE_SNPRINTF();
return( (int) ( size - n ) );
@ -697,30 +697,30 @@ int x509_crl_info( char *buf, size_t size, const char *prefix,
/*
* Initialize a CRL chain
*/
void x509_crl_init( x509_crl *crl )
void mbedtls_x509_crl_init( mbedtls_x509_crl *crl )
{
memset( crl, 0, sizeof(x509_crl) );
memset( crl, 0, sizeof(mbedtls_x509_crl) );
}
/*
* Unallocate all CRL data
*/
void x509_crl_free( x509_crl *crl )
void mbedtls_x509_crl_free( mbedtls_x509_crl *crl )
{
x509_crl *crl_cur = crl;
x509_crl *crl_prv;
x509_name *name_cur;
x509_name *name_prv;
x509_crl_entry *entry_cur;
x509_crl_entry *entry_prv;
mbedtls_x509_crl *crl_cur = crl;
mbedtls_x509_crl *crl_prv;
mbedtls_x509_name *name_cur;
mbedtls_x509_name *name_prv;
mbedtls_x509_crl_entry *entry_cur;
mbedtls_x509_crl_entry *entry_prv;
if( crl == NULL )
return;
do
{
#if defined(POLARSSL_X509_RSASSA_PSS_SUPPORT)
polarssl_free( crl_cur->sig_opts );
#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
mbedtls_free( crl_cur->sig_opts );
#endif
name_cur = crl_cur->issuer.next;
@ -728,8 +728,8 @@ void x509_crl_free( x509_crl *crl )
{
name_prv = name_cur;
name_cur = name_cur->next;
polarssl_zeroize( name_prv, sizeof( x509_name ) );
polarssl_free( name_prv );
mbedtls_zeroize( name_prv, sizeof( mbedtls_x509_name ) );
mbedtls_free( name_prv );
}
entry_cur = crl_cur->entry.next;
@ -737,14 +737,14 @@ void x509_crl_free( x509_crl *crl )
{
entry_prv = entry_cur;
entry_cur = entry_cur->next;
polarssl_zeroize( entry_prv, sizeof( x509_crl_entry ) );
polarssl_free( entry_prv );
mbedtls_zeroize( entry_prv, sizeof( mbedtls_x509_crl_entry ) );
mbedtls_free( entry_prv );
}
if( crl_cur->raw.p != NULL )
{
polarssl_zeroize( crl_cur->raw.p, crl_cur->raw.len );
polarssl_free( crl_cur->raw.p );
mbedtls_zeroize( crl_cur->raw.p, crl_cur->raw.len );
mbedtls_free( crl_cur->raw.p );
}
crl_cur = crl_cur->next;
@ -757,11 +757,11 @@ void x509_crl_free( x509_crl *crl )
crl_prv = crl_cur;
crl_cur = crl_cur->next;
polarssl_zeroize( crl_prv, sizeof( x509_crl ) );
mbedtls_zeroize( crl_prv, sizeof( mbedtls_x509_crl ) );
if( crl_prv != crl )
polarssl_free( crl_prv );
mbedtls_free( crl_prv );
}
while( crl_cur != NULL );
}
#endif /* POLARSSL_X509_CRL_PARSE_C */
#endif /* MBEDTLS_X509_CRL_PARSE_C */

794
library/x509_crt.c
View File

File diff suppressed because it is too large Load Diff

206
library/x509_csr.c
View File

@ -30,39 +30,39 @@
* http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_X509_CSR_PARSE_C)
#if defined(MBEDTLS_X509_CSR_PARSE_C)
#include "mbedtls/x509_csr.h"
#include "mbedtls/oid.h"
#include <string.h>
#if defined(POLARSSL_PEM_PARSE_C)
#if defined(MBEDTLS_PEM_PARSE_C)
#include "mbedtls/pem.h"
#endif
#if defined(POLARSSL_PLATFORM_C)
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#include <stdlib.h>
#include <stdio.h>
#define polarssl_free free
#define polarssl_malloc malloc
#define polarssl_snprintf snprintf
#define mbedtls_free free
#define mbedtls_malloc malloc
#define mbedtls_snprintf snprintf
#endif
#if defined(POLARSSL_FS_IO) || defined(EFIX64) || defined(EFI32)
#if defined(MBEDTLS_FS_IO) || defined(EFIX64) || defined(EFI32)
#include <stdio.h>
#endif
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
@ -75,15 +75,15 @@ static int x509_csr_get_version( unsigned char **p,
{
int ret;
if( ( ret = asn1_get_int( p, end, ver ) ) != 0 )
if( ( ret = mbedtls_asn1_get_int( p, end, ver ) ) != 0 )
{
if( ret == POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
if( ret == MBEDTLS_ERR_ASN1_UNEXPECTED_TAG )
{
*ver = 0;
return( 0 );
}
return( POLARSSL_ERR_X509_INVALID_VERSION + ret );
return( MBEDTLS_ERR_X509_INVALID_VERSION + ret );
}
return( 0 );
@ -92,31 +92,31 @@ static int x509_csr_get_version( unsigned char **p,
/*
* Parse a CSR in DER format
*/
int x509_csr_parse_der( x509_csr *csr,
int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr,
const unsigned char *buf, size_t buflen )
{
int ret;
size_t len;
unsigned char *p, *end;
x509_buf sig_params;
mbedtls_x509_buf sig_params;
memset( &sig_params, 0, sizeof( x509_buf ) );
memset( &sig_params, 0, sizeof( mbedtls_x509_buf ) );
/*
* Check for valid input
*/
if( csr == NULL || buf == NULL )
return( POLARSSL_ERR_X509_BAD_INPUT_DATA );
return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
x509_csr_init( csr );
mbedtls_x509_csr_init( csr );
/*
* first copy the raw DER data
*/
p = polarssl_malloc( len = buflen );
p = mbedtls_malloc( len = buflen );
if( p == NULL )
return( POLARSSL_ERR_X509_MALLOC_FAILED );
return( MBEDTLS_ERR_X509_MALLOC_FAILED );
memcpy( p, buf, buflen );
@ -131,18 +131,18 @@ int x509_csr_parse_der( x509_csr *csr,
* signature BIT STRING
* }
*/
if( ( ret = asn1_get_tag( &p, end, &len,
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
{
x509_csr_free( csr );
return( POLARSSL_ERR_X509_INVALID_FORMAT );
mbedtls_x509_csr_free( csr );
return( MBEDTLS_ERR_X509_INVALID_FORMAT );
}
if( len != (size_t) ( end - p ) )
{
x509_csr_free( csr );
return( POLARSSL_ERR_X509_INVALID_FORMAT +
POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
mbedtls_x509_csr_free( csr );
return( MBEDTLS_ERR_X509_INVALID_FORMAT +
MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
}
/*
@ -150,11 +150,11 @@ int x509_csr_parse_der( x509_csr *csr,
*/
csr->cri.p = p;
if( ( ret = asn1_get_tag( &p, end, &len,
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
{
x509_csr_free( csr );
return( POLARSSL_ERR_X509_INVALID_FORMAT + ret );
mbedtls_x509_csr_free( csr );
return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret );
}
end = p + len;
@ -165,7 +165,7 @@ int x509_csr_parse_der( x509_csr *csr,
*/
if( ( ret = x509_csr_get_version( &p, end, &csr->version ) ) != 0 )
{
x509_csr_free( csr );
mbedtls_x509_csr_free( csr );
return( ret );
}
@ -173,8 +173,8 @@ int x509_csr_parse_der( x509_csr *csr,
if( csr->version != 1 )
{
x509_csr_free( csr );
return( POLARSSL_ERR_X509_UNKNOWN_VERSION );
mbedtls_x509_csr_free( csr );
return( MBEDTLS_ERR_X509_UNKNOWN_VERSION );
}
/*
@ -182,16 +182,16 @@ int x509_csr_parse_der( x509_csr *csr,
*/
csr->subject_raw.p = p;
if( ( ret = asn1_get_tag( &p, end, &len,
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
{
x509_csr_free( csr );
return( POLARSSL_ERR_X509_INVALID_FORMAT + ret );
mbedtls_x509_csr_free( csr );
return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret );
}
if( ( ret = x509_get_name( &p, p + len, &csr->subject ) ) != 0 )
if( ( ret = mbedtls_x509_get_name( &p, p + len, &csr->subject ) ) != 0 )
{
x509_csr_free( csr );
mbedtls_x509_csr_free( csr );
return( ret );
}
@ -200,20 +200,20 @@ int x509_csr_parse_der( x509_csr *csr,
/*
* subjectPKInfo SubjectPublicKeyInfo
*/
if( ( ret = pk_parse_subpubkey( &p, end, &csr->pk ) ) != 0 )
if( ( ret = mbedtls_pk_parse_subpubkey( &p, end, &csr->pk ) ) != 0 )
{
x509_csr_free( csr );
mbedtls_x509_csr_free( csr );
return( ret );
}
/*
* attributes [0] Attributes
*/
if( ( ret = asn1_get_tag( &p, end, &len,
ASN1_CONSTRUCTED | ASN1_CONTEXT_SPECIFIC ) ) != 0 )
if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_CONTEXT_SPECIFIC ) ) != 0 )
{
x509_csr_free( csr );
return( POLARSSL_ERR_X509_INVALID_FORMAT + ret );
mbedtls_x509_csr_free( csr );
return( MBEDTLS_ERR_X509_INVALID_FORMAT + ret );
}
// TODO Parse Attributes / extension requests
@ -225,31 +225,31 @@ int x509_csr_parse_der( x509_csr *csr,
* signatureAlgorithm AlgorithmIdentifier,
* signature BIT STRING
*/
if( ( ret = x509_get_alg( &p, end, &csr->sig_oid, &sig_params ) ) != 0 )
if( ( ret = mbedtls_x509_get_alg( &p, end, &csr->sig_oid, &sig_params ) ) != 0 )
{
x509_csr_free( csr );
mbedtls_x509_csr_free( csr );
return( ret );
}
if( ( ret = x509_get_sig_alg( &csr->sig_oid, &sig_params,
if( ( ret = mbedtls_x509_get_sig_alg( &csr->sig_oid, &sig_params,
&csr->sig_md, &csr->sig_pk,
&csr->sig_opts ) ) != 0 )
{
x509_csr_free( csr );
return( POLARSSL_ERR_X509_UNKNOWN_SIG_ALG );
mbedtls_x509_csr_free( csr );
return( MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG );
}
if( ( ret = x509_get_sig( &p, end, &csr->sig ) ) != 0 )
if( ( ret = mbedtls_x509_get_sig( &p, end, &csr->sig ) ) != 0 )
{
x509_csr_free( csr );
mbedtls_x509_csr_free( csr );
return( ret );
}
if( p != end )
{
x509_csr_free( csr );
return( POLARSSL_ERR_X509_INVALID_FORMAT +
POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
mbedtls_x509_csr_free( csr );
return( MBEDTLS_ERR_X509_INVALID_FORMAT +
MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
}
return( 0 );
@ -258,23 +258,23 @@ int x509_csr_parse_der( x509_csr *csr,
/*
* Parse a CSR, allowing for PEM or raw DER encoding
*/
int x509_csr_parse( x509_csr *csr, const unsigned char *buf, size_t buflen )
int mbedtls_x509_csr_parse( mbedtls_x509_csr *csr, const unsigned char *buf, size_t buflen )
{
int ret;
#if defined(POLARSSL_PEM_PARSE_C)
#if defined(MBEDTLS_PEM_PARSE_C)
size_t use_len;
pem_context pem;
mbedtls_pem_context pem;
#endif
/*
* Check for valid input
*/
if( csr == NULL || buf == NULL )
return( POLARSSL_ERR_X509_BAD_INPUT_DATA );
return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
#if defined(POLARSSL_PEM_PARSE_C)
pem_init( &pem );
ret = pem_read_buffer( &pem,
#if defined(MBEDTLS_PEM_PARSE_C)
mbedtls_pem_init( &pem );
ret = mbedtls_pem_read_buffer( &pem,
"-----BEGIN CERTIFICATE REQUEST-----",
"-----END CERTIFICATE REQUEST-----",
buf, NULL, 0, &use_len );
@ -284,43 +284,43 @@ int x509_csr_parse( x509_csr *csr, const unsigned char *buf, size_t buflen )
/*
* Was PEM encoded, parse the result
*/
if( ( ret = x509_csr_parse_der( csr, pem.buf, pem.buflen ) ) != 0 )
if( ( ret = mbedtls_x509_csr_parse_der( csr, pem.buf, pem.buflen ) ) != 0 )
return( ret );
pem_free( &pem );
mbedtls_pem_free( &pem );
return( 0 );
}
else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
{
pem_free( &pem );
mbedtls_pem_free( &pem );
return( ret );
}
else
#endif /* POLARSSL_PEM_PARSE_C */
return( x509_csr_parse_der( csr, buf, buflen ) );
#endif /* MBEDTLS_PEM_PARSE_C */
return( mbedtls_x509_csr_parse_der( csr, buf, buflen ) );
}
#if defined(POLARSSL_FS_IO)
#if defined(MBEDTLS_FS_IO)
/*
* Load a CSR into the structure
*/
int x509_csr_parse_file( x509_csr *csr, const char *path )
int mbedtls_x509_csr_parse_file( mbedtls_x509_csr *csr, const char *path )
{
int ret;
size_t n;
unsigned char *buf;
if( ( ret = pk_load_file( path, &buf, &n ) ) != 0 )
if( ( ret = mbedtls_pk_load_file( path, &buf, &n ) ) != 0 )
return( ret );
ret = x509_csr_parse( csr, buf, n );
ret = mbedtls_x509_csr_parse( csr, buf, n );
polarssl_zeroize( buf, n + 1 );
polarssl_free( buf );
mbedtls_zeroize( buf, n + 1 );
mbedtls_free( buf );
return( ret );
}
#endif /* POLARSSL_FS_IO */
#endif /* MBEDTLS_FS_IO */
#if defined(_MSC_VER) && !defined snprintf && !defined(EFIX64) && \
!defined(EFI32)
@ -358,7 +358,7 @@ static int compat_snprintf( char *str, size_t size, const char *format, ... )
#define snprintf compat_snprintf
#endif /* _MSC_VER && !snprintf && !EFIX64 && !EFI32 */
#define POLARSSL_ERR_DEBUG_BUF_TOO_SMALL -2
#define MBEDTLS_ERR_DEBUG_BUF_TOO_SMALL -2
#define SAFE_SNPRINTF() \
{ \
@ -367,7 +367,7 @@ static int compat_snprintf( char *str, size_t size, const char *format, ... )
\
if( (unsigned int) ret > n ) { \
p[n - 1] = '\0'; \
return( POLARSSL_ERR_DEBUG_BUF_TOO_SMALL ); \
return( MBEDTLS_ERR_DEBUG_BUF_TOO_SMALL ); \
} \
\
n -= (unsigned int) ret; \
@ -379,8 +379,8 @@ static int compat_snprintf( char *str, size_t size, const char *format, ... )
/*
* Return an informational string about the CSR.
*/
int x509_csr_info( char *buf, size_t size, const char *prefix,
const x509_csr *csr )
int mbedtls_x509_csr_info( char *buf, size_t size, const char *prefix,
const mbedtls_x509_csr *csr )
{
int ret;
size_t n;
@ -390,30 +390,30 @@ int x509_csr_info( char *buf, size_t size, const char *prefix,
p = buf;
n = size;
ret = polarssl_snprintf( p, n, "%sCSR version : %d",
ret = mbedtls_snprintf( p, n, "%sCSR version : %d",
prefix, csr->version );
SAFE_SNPRINTF();
ret = polarssl_snprintf( p, n, "\n%ssubject name : ", prefix );
ret = mbedtls_snprintf( p, n, "\n%ssubject name : ", prefix );
SAFE_SNPRINTF();
ret = x509_dn_gets( p, n, &csr->subject );
ret = mbedtls_x509_dn_gets( p, n, &csr->subject );
SAFE_SNPRINTF();
ret = polarssl_snprintf( p, n, "\n%ssigned using : ", prefix );
ret = mbedtls_snprintf( p, n, "\n%ssigned using : ", prefix );
SAFE_SNPRINTF();
ret = x509_sig_alg_gets( p, n, &csr->sig_oid, csr->sig_pk, csr->sig_md,
ret = mbedtls_x509_sig_alg_gets( p, n, &csr->sig_oid, csr->sig_pk, csr->sig_md,
csr->sig_opts );
SAFE_SNPRINTF();
if( ( ret = x509_key_size_helper( key_size_str, BEFORE_COLON,
pk_get_name( &csr->pk ) ) ) != 0 )
if( ( ret = mbedtls_x509_key_size_helper( key_size_str, BEFORE_COLON,
mbedtls_pk_get_name( &csr->pk ) ) ) != 0 )
{
return( ret );
}
ret = polarssl_snprintf( p, n, "\n%s%-" BC "s: %d bits\n", prefix, key_size_str,
(int) pk_get_size( &csr->pk ) );
ret = mbedtls_snprintf( p, n, "\n%s%-" BC "s: %d bits\n", prefix, key_size_str,
(int) mbedtls_pk_get_size( &csr->pk ) );
SAFE_SNPRINTF();
return( (int) ( size - n ) );
@ -422,26 +422,26 @@ int x509_csr_info( char *buf, size_t size, const char *prefix,
/*
* Initialize a CSR
*/
void x509_csr_init( x509_csr *csr )
void mbedtls_x509_csr_init( mbedtls_x509_csr *csr )
{
memset( csr, 0, sizeof(x509_csr) );
memset( csr, 0, sizeof(mbedtls_x509_csr) );
}
/*
* Unallocate all CSR data
*/
void x509_csr_free( x509_csr *csr )
void mbedtls_x509_csr_free( mbedtls_x509_csr *csr )
{
x509_name *name_cur;
x509_name *name_prv;
mbedtls_x509_name *name_cur;
mbedtls_x509_name *name_prv;
if( csr == NULL )
return;
pk_free( &csr->pk );
mbedtls_pk_free( &csr->pk );
#if defined(POLARSSL_X509_RSASSA_PSS_SUPPORT)
polarssl_free( csr->sig_opts );
#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
mbedtls_free( csr->sig_opts );
#endif
name_cur = csr->subject.next;
@ -449,17 +449,17 @@ void x509_csr_free( x509_csr *csr )
{
name_prv = name_cur;
name_cur = name_cur->next;
polarssl_zeroize( name_prv, sizeof( x509_name ) );
polarssl_free( name_prv );
mbedtls_zeroize( name_prv, sizeof( mbedtls_x509_name ) );
mbedtls_free( name_prv );
}
if( csr->raw.p != NULL )
{
polarssl_zeroize( csr->raw.p, csr->raw.len );
polarssl_free( csr->raw.p );
mbedtls_zeroize( csr->raw.p, csr->raw.len );
mbedtls_free( csr->raw.p );
}
polarssl_zeroize( csr, sizeof( x509_csr ) );
mbedtls_zeroize( csr, sizeof( mbedtls_x509_csr ) );
}
#endif /* POLARSSL_X509_CSR_PARSE_C */
#endif /* MBEDTLS_X509_CSR_PARSE_C */

252
library/x509write_crt.c
View File

@ -26,13 +26,13 @@
* - attributes: PKCS#9 v2.0 aka RFC 2985
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_X509_CRT_WRITE_C)
#if defined(MBEDTLS_X509_CRT_WRITE_C)
#include "mbedtls/x509_crt.h"
#include "mbedtls/oid.h"
@ -41,102 +41,102 @@
#include <string.h>
#if defined(POLARSSL_PEM_WRITE_C)
#if defined(MBEDTLS_PEM_WRITE_C)
#include "mbedtls/pem.h"
#endif /* POLARSSL_PEM_WRITE_C */
#endif /* MBEDTLS_PEM_WRITE_C */
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
void x509write_crt_init( x509write_cert *ctx )
void mbedtls_x509write_crt_init( mbedtls_x509write_cert *ctx )
{
memset( ctx, 0, sizeof(x509write_cert) );
memset( ctx, 0, sizeof(mbedtls_x509write_cert) );
mpi_init( &ctx->serial );
ctx->version = X509_CRT_VERSION_3;
mbedtls_mpi_init( &ctx->serial );
ctx->version = MBEDTLS_X509_CRT_VERSION_3;
}
void x509write_crt_free( x509write_cert *ctx )
void mbedtls_x509write_crt_free( mbedtls_x509write_cert *ctx )
{
mpi_free( &ctx->serial );
mbedtls_mpi_free( &ctx->serial );
asn1_free_named_data_list( &ctx->subject );
asn1_free_named_data_list( &ctx->issuer );
asn1_free_named_data_list( &ctx->extensions );
mbedtls_asn1_free_named_data_list( &ctx->subject );
mbedtls_asn1_free_named_data_list( &ctx->issuer );
mbedtls_asn1_free_named_data_list( &ctx->extensions );
polarssl_zeroize( ctx, sizeof(x509write_cert) );
mbedtls_zeroize( ctx, sizeof(mbedtls_x509write_cert) );
}
void x509write_crt_set_version( x509write_cert *ctx, int version )
void mbedtls_x509write_crt_set_version( mbedtls_x509write_cert *ctx, int version )
{
ctx->version = version;
}
void x509write_crt_set_md_alg( x509write_cert *ctx, md_type_t md_alg )
void mbedtls_x509write_crt_set_md_alg( mbedtls_x509write_cert *ctx, mbedtls_md_type_t md_alg )
{
ctx->md_alg = md_alg;
}
void x509write_crt_set_subject_key( x509write_cert *ctx, pk_context *key )
void mbedtls_x509write_crt_set_subject_key( mbedtls_x509write_cert *ctx, mbedtls_pk_context *key )
{
ctx->subject_key = key;
}
void x509write_crt_set_issuer_key( x509write_cert *ctx, pk_context *key )
void mbedtls_x509write_crt_set_issuer_key( mbedtls_x509write_cert *ctx, mbedtls_pk_context *key )
{
ctx->issuer_key = key;
}
int x509write_crt_set_subject_name( x509write_cert *ctx,
int mbedtls_x509write_crt_set_subject_name( mbedtls_x509write_cert *ctx,
const char *subject_name )
{
return x509_string_to_names( &ctx->subject, subject_name );
return mbedtls_x509_string_to_names( &ctx->subject, subject_name );
}
int x509write_crt_set_issuer_name( x509write_cert *ctx,
int mbedtls_x509write_crt_set_issuer_name( mbedtls_x509write_cert *ctx,
const char *issuer_name )
{
return x509_string_to_names( &ctx->issuer, issuer_name );
return mbedtls_x509_string_to_names( &ctx->issuer, issuer_name );
}
int x509write_crt_set_serial( x509write_cert *ctx, const mpi *serial )
int mbedtls_x509write_crt_set_serial( mbedtls_x509write_cert *ctx, const mbedtls_mpi *serial )
{
int ret;
if( ( ret = mpi_copy( &ctx->serial, serial ) ) != 0 )
if( ( ret = mbedtls_mpi_copy( &ctx->serial, serial ) ) != 0 )
return( ret );
return( 0 );
}
int x509write_crt_set_validity( x509write_cert *ctx, const char *not_before,
int mbedtls_x509write_crt_set_validity( mbedtls_x509write_cert *ctx, const char *not_before,
const char *not_after )
{
if( strlen( not_before ) != X509_RFC5280_UTC_TIME_LEN - 1 ||
strlen( not_after ) != X509_RFC5280_UTC_TIME_LEN - 1 )
if( strlen( not_before ) != MBEDTLS_X509_RFC5280_UTC_TIME_LEN - 1 ||
strlen( not_after ) != MBEDTLS_X509_RFC5280_UTC_TIME_LEN - 1 )
{
return( POLARSSL_ERR_X509_BAD_INPUT_DATA );
return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
}
strncpy( ctx->not_before, not_before, X509_RFC5280_UTC_TIME_LEN );
strncpy( ctx->not_after , not_after , X509_RFC5280_UTC_TIME_LEN );
ctx->not_before[X509_RFC5280_UTC_TIME_LEN - 1] = 'Z';
ctx->not_after[X509_RFC5280_UTC_TIME_LEN - 1] = 'Z';
strncpy( ctx->not_before, not_before, MBEDTLS_X509_RFC5280_UTC_TIME_LEN );
strncpy( ctx->not_after , not_after , MBEDTLS_X509_RFC5280_UTC_TIME_LEN );
ctx->not_before[MBEDTLS_X509_RFC5280_UTC_TIME_LEN - 1] = 'Z';
ctx->not_after[MBEDTLS_X509_RFC5280_UTC_TIME_LEN - 1] = 'Z';
return( 0 );
}
int x509write_crt_set_extension( x509write_cert *ctx,
int mbedtls_x509write_crt_set_extension( mbedtls_x509write_cert *ctx,
const char *oid, size_t oid_len,
int critical,
const unsigned char *val, size_t val_len )
{
return x509_set_extension( &ctx->extensions, oid, oid_len,
return mbedtls_x509_set_extension( &ctx->extensions, oid, oid_len,
critical, val, val_len );
}
int x509write_crt_set_basic_constraints( x509write_cert *ctx,
int mbedtls_x509write_crt_set_basic_constraints( mbedtls_x509write_cert *ctx,
int is_ca, int max_pathlen )
{
int ret;
@ -147,77 +147,77 @@ int x509write_crt_set_basic_constraints( x509write_cert *ctx,
memset( buf, 0, sizeof(buf) );
if( is_ca && max_pathlen > 127 )
return( POLARSSL_ERR_X509_BAD_INPUT_DATA );
return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
if( is_ca )
{
if( max_pathlen >= 0 )
{
ASN1_CHK_ADD( len, asn1_write_int( &c, buf, max_pathlen ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_int( &c, buf, max_pathlen ) );
}
ASN1_CHK_ADD( len, asn1_write_bool( &c, buf, 1 ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_bool( &c, buf, 1 ) );
}
ASN1_CHK_ADD( len, asn1_write_len( &c, buf, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( &c, buf, ASN1_CONSTRUCTED |
ASN1_SEQUENCE ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_CONSTRUCTED |
MBEDTLS_ASN1_SEQUENCE ) );
return x509write_crt_set_extension( ctx, OID_BASIC_CONSTRAINTS,
OID_SIZE( OID_BASIC_CONSTRAINTS ),
return mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_BASIC_CONSTRAINTS,
MBEDTLS_OID_SIZE( MBEDTLS_OID_BASIC_CONSTRAINTS ),
0, buf + sizeof(buf) - len, len );
}
#if defined(POLARSSL_SHA1_C)
int x509write_crt_set_subject_key_identifier( x509write_cert *ctx )
#if defined(MBEDTLS_SHA1_C)
int mbedtls_x509write_crt_set_subject_key_identifier( mbedtls_x509write_cert *ctx )
{
int ret;
unsigned char buf[POLARSSL_MPI_MAX_SIZE * 2 + 20]; /* tag, length + 2xMPI */
unsigned char buf[MBEDTLS_MPI_MAX_SIZE * 2 + 20]; /* tag, length + 2xMPI */
unsigned char *c = buf + sizeof(buf);
size_t len = 0;
memset( buf, 0, sizeof(buf) );
ASN1_CHK_ADD( len, pk_write_pubkey( &c, buf, ctx->subject_key ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_pk_write_pubkey( &c, buf, ctx->subject_key ) );
sha1( buf + sizeof(buf) - len, len, buf + sizeof(buf) - 20 );
mbedtls_sha1( buf + sizeof(buf) - len, len, buf + sizeof(buf) - 20 );
c = buf + sizeof(buf) - 20;
len = 20;
ASN1_CHK_ADD( len, asn1_write_len( &c, buf, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( &c, buf, ASN1_OCTET_STRING ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_OCTET_STRING ) );
return x509write_crt_set_extension( ctx, OID_SUBJECT_KEY_IDENTIFIER,
OID_SIZE( OID_SUBJECT_KEY_IDENTIFIER ),
return mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_SUBJECT_KEY_IDENTIFIER,
MBEDTLS_OID_SIZE( MBEDTLS_OID_SUBJECT_KEY_IDENTIFIER ),
0, buf + sizeof(buf) - len, len );
}
int x509write_crt_set_authority_key_identifier( x509write_cert *ctx )
int mbedtls_x509write_crt_set_authority_key_identifier( mbedtls_x509write_cert *ctx )
{
int ret;
unsigned char buf[POLARSSL_MPI_MAX_SIZE * 2 + 20]; /* tag, length + 2xMPI */
unsigned char buf[MBEDTLS_MPI_MAX_SIZE * 2 + 20]; /* tag, length + 2xMPI */
unsigned char *c = buf + sizeof(buf);
size_t len = 0;
memset( buf, 0, sizeof(buf) );
ASN1_CHK_ADD( len, pk_write_pubkey( &c, buf, ctx->issuer_key ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_pk_write_pubkey( &c, buf, ctx->issuer_key ) );
sha1( buf + sizeof(buf) - len, len, buf + sizeof(buf) - 20 );
mbedtls_sha1( buf + sizeof(buf) - len, len, buf + sizeof(buf) - 20 );
c = buf + sizeof(buf) - 20;
len = 20;
ASN1_CHK_ADD( len, asn1_write_len( &c, buf, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( &c, buf, ASN1_CONTEXT_SPECIFIC | 0 ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_CONTEXT_SPECIFIC | 0 ) );
ASN1_CHK_ADD( len, asn1_write_len( &c, buf, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( &c, buf, ASN1_CONSTRUCTED |
ASN1_SEQUENCE ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, buf, len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, buf, MBEDTLS_ASN1_CONSTRUCTED |
MBEDTLS_ASN1_SEQUENCE ) );
return x509write_crt_set_extension( ctx, OID_AUTHORITY_KEY_IDENTIFIER,
OID_SIZE( OID_AUTHORITY_KEY_IDENTIFIER ),
return mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_AUTHORITY_KEY_IDENTIFIER,
MBEDTLS_OID_SIZE( MBEDTLS_OID_AUTHORITY_KEY_IDENTIFIER ),
0, buf + sizeof(buf) - len, len );
}
#endif /* POLARSSL_SHA1_C */
#endif /* MBEDTLS_SHA1_C */
int x509write_crt_set_key_usage( x509write_cert *ctx, unsigned char key_usage )
int mbedtls_x509write_crt_set_key_usage( mbedtls_x509write_cert *ctx, unsigned char key_usage )
{
unsigned char buf[4];
unsigned char *c;
@ -225,11 +225,11 @@ int x509write_crt_set_key_usage( x509write_cert *ctx, unsigned char key_usage )
c = buf + 4;
if( ( ret = asn1_write_bitstring( &c, buf, &key_usage, 7 ) ) != 4 )
if( ( ret = mbedtls_asn1_write_bitstring( &c, buf, &key_usage, 7 ) ) != 4 )
return( ret );
ret = x509write_crt_set_extension( ctx, OID_KEY_USAGE,
OID_SIZE( OID_KEY_USAGE ),
ret = mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_KEY_USAGE,
MBEDTLS_OID_SIZE( MBEDTLS_OID_KEY_USAGE ),
1, buf, 4 );
if( ret != 0 )
return( ret );
@ -237,7 +237,7 @@ int x509write_crt_set_key_usage( x509write_cert *ctx, unsigned char key_usage )
return( 0 );
}
int x509write_crt_set_ns_cert_type( x509write_cert *ctx,
int mbedtls_x509write_crt_set_ns_cert_type( mbedtls_x509write_cert *ctx,
unsigned char ns_cert_type )
{
unsigned char buf[4];
@ -246,11 +246,11 @@ int x509write_crt_set_ns_cert_type( x509write_cert *ctx,
c = buf + 4;
if( ( ret = asn1_write_bitstring( &c, buf, &ns_cert_type, 8 ) ) != 4 )
if( ( ret = mbedtls_asn1_write_bitstring( &c, buf, &ns_cert_type, 8 ) ) != 4 )
return( ret );
ret = x509write_crt_set_extension( ctx, OID_NS_CERT_TYPE,
OID_SIZE( OID_NS_CERT_TYPE ),
ret = mbedtls_x509write_crt_set_extension( ctx, MBEDTLS_OID_NS_CERT_TYPE,
MBEDTLS_OID_SIZE( MBEDTLS_OID_NS_CERT_TYPE ),
0, buf, 4 );
if( ret != 0 )
return( ret );
@ -265,29 +265,29 @@ static int x509_write_time( unsigned char **p, unsigned char *start,
size_t len = 0;
/*
* write ASN1_UTC_TIME if year < 2050 (2 bytes shorter)
* write MBEDTLS_ASN1_UTC_TIME if year < 2050 (2 bytes shorter)
*/
if( time[0] == '2' && time[1] == '0' && time [2] < '5' )
{
ASN1_CHK_ADD( len, asn1_write_raw_buffer( p, start,
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start,
(const unsigned char *) time + 2,
size - 2 ) );
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_UTC_TIME ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_UTC_TIME ) );
}
else
{
ASN1_CHK_ADD( len, asn1_write_raw_buffer( p, start,
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start,
(const unsigned char *) time,
size ) );
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_GENERALIZED_TIME ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_GENERALIZED_TIME ) );
}
return( (int) len );
}
int x509write_crt_der( x509write_cert *ctx, unsigned char *buf, size_t size,
int mbedtls_x509write_crt_der( mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng )
{
@ -296,11 +296,11 @@ int x509write_crt_der( x509write_cert *ctx, unsigned char *buf, size_t size,
size_t sig_oid_len = 0;
unsigned char *c, *c2;
unsigned char hash[64];
unsigned char sig[POLARSSL_MPI_MAX_SIZE];
unsigned char sig[MBEDTLS_MPI_MAX_SIZE];
unsigned char tmp_buf[2048];
size_t sub_len = 0, pub_len = 0, sig_and_oid_len = 0, sig_len;
size_t len = 0;
pk_type_t pk_alg;
mbedtls_pk_type_t pk_alg;
/*
* Prepare data to be signed in tmp_buf
@ -308,11 +308,11 @@ int x509write_crt_der( x509write_cert *ctx, unsigned char *buf, size_t size,
c = tmp_buf + sizeof( tmp_buf );
/* Signature algorithm needed in TBS, and later for actual signature */
pk_alg = pk_get_type( ctx->issuer_key );
if( pk_alg == POLARSSL_PK_ECKEY )
pk_alg = POLARSSL_PK_ECDSA;
pk_alg = mbedtls_pk_get_type( ctx->issuer_key );
if( pk_alg == MBEDTLS_PK_ECKEY )
pk_alg = MBEDTLS_PK_ECDSA;
if( ( ret = oid_get_oid_by_sig_alg( pk_alg, ctx->md_alg,
if( ( ret = mbedtls_oid_get_oid_by_sig_alg( pk_alg, ctx->md_alg,
&sig_oid, &sig_oid_len ) ) != 0 )
{
return( ret );
@ -321,18 +321,18 @@ int x509write_crt_der( x509write_cert *ctx, unsigned char *buf, size_t size,
/*
* Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension
*/
ASN1_CHK_ADD( len, x509_write_extensions( &c, tmp_buf, ctx->extensions ) );
ASN1_CHK_ADD( len, asn1_write_len( &c, tmp_buf, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( &c, tmp_buf, ASN1_CONSTRUCTED |
ASN1_SEQUENCE ) );
ASN1_CHK_ADD( len, asn1_write_len( &c, tmp_buf, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( &c, tmp_buf, ASN1_CONTEXT_SPECIFIC |
ASN1_CONSTRUCTED | 3 ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_x509_write_extensions( &c, tmp_buf, ctx->extensions ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONSTRUCTED |
MBEDTLS_ASN1_SEQUENCE ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONTEXT_SPECIFIC |
MBEDTLS_ASN1_CONSTRUCTED | 3 ) );
/*
* SubjectPublicKeyInfo
*/
ASN1_CHK_ADD( pub_len, pk_write_pubkey_der( ctx->subject_key,
MBEDTLS_ASN1_CHK_ADD( pub_len, mbedtls_pk_write_pubkey_der( ctx->subject_key,
tmp_buf, c - tmp_buf ) );
c -= pub_len;
len += pub_len;
@ -340,7 +340,7 @@ int x509write_crt_der( x509write_cert *ctx, unsigned char *buf, size_t size,
/*
* Subject ::= Name
*/
ASN1_CHK_ADD( len, x509_write_names( &c, tmp_buf, ctx->subject ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_x509_write_names( &c, tmp_buf, ctx->subject ) );
/*
* Validity ::= SEQUENCE {
@ -349,53 +349,53 @@ int x509write_crt_der( x509write_cert *ctx, unsigned char *buf, size_t size,
*/
sub_len = 0;
ASN1_CHK_ADD( sub_len, x509_write_time( &c, tmp_buf, ctx->not_after,
X509_RFC5280_UTC_TIME_LEN ) );
MBEDTLS_ASN1_CHK_ADD( sub_len, x509_write_time( &c, tmp_buf, ctx->not_after,
MBEDTLS_X509_RFC5280_UTC_TIME_LEN ) );
ASN1_CHK_ADD( sub_len, x509_write_time( &c, tmp_buf, ctx->not_before,
X509_RFC5280_UTC_TIME_LEN ) );
MBEDTLS_ASN1_CHK_ADD( sub_len, x509_write_time( &c, tmp_buf, ctx->not_before,
MBEDTLS_X509_RFC5280_UTC_TIME_LEN ) );
len += sub_len;
ASN1_CHK_ADD( len, asn1_write_len( &c, tmp_buf, sub_len ) );
ASN1_CHK_ADD( len, asn1_write_tag( &c, tmp_buf, ASN1_CONSTRUCTED |
ASN1_SEQUENCE ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, sub_len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONSTRUCTED |
MBEDTLS_ASN1_SEQUENCE ) );
/*
* Issuer ::= Name
*/
ASN1_CHK_ADD( len, x509_write_names( &c, tmp_buf, ctx->issuer ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_x509_write_names( &c, tmp_buf, ctx->issuer ) );
/*
* Signature ::= AlgorithmIdentifier
*/
ASN1_CHK_ADD( len, asn1_write_algorithm_identifier( &c, tmp_buf,
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_algorithm_identifier( &c, tmp_buf,
sig_oid, strlen( sig_oid ), 0 ) );
/*
* Serial ::= INTEGER
*/
ASN1_CHK_ADD( len, asn1_write_mpi( &c, tmp_buf, &ctx->serial ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &c, tmp_buf, &ctx->serial ) );
/*
* Version ::= INTEGER { v1(0), v2(1), v3(2) }
*/
sub_len = 0;
ASN1_CHK_ADD( sub_len, asn1_write_int( &c, tmp_buf, ctx->version ) );
MBEDTLS_ASN1_CHK_ADD( sub_len, mbedtls_asn1_write_int( &c, tmp_buf, ctx->version ) );
len += sub_len;
ASN1_CHK_ADD( len, asn1_write_len( &c, tmp_buf, sub_len ) );
ASN1_CHK_ADD( len, asn1_write_tag( &c, tmp_buf, ASN1_CONTEXT_SPECIFIC |
ASN1_CONSTRUCTED | 0 ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, sub_len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONTEXT_SPECIFIC |
MBEDTLS_ASN1_CONSTRUCTED | 0 ) );
ASN1_CHK_ADD( len, asn1_write_len( &c, tmp_buf, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( &c, tmp_buf, ASN1_CONSTRUCTED |
ASN1_SEQUENCE ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONSTRUCTED |
MBEDTLS_ASN1_SEQUENCE ) );
/*
* Make signature
*/
md( md_info_from_type( ctx->md_alg ), c, len, hash );
mbedtls_md( mbedtls_md_info_from_type( ctx->md_alg ), c, len, hash );
if( ( ret = pk_sign( ctx->issuer_key, ctx->md_alg, hash, 0, sig, &sig_len,
if( ( ret = mbedtls_pk_sign( ctx->issuer_key, ctx->md_alg, hash, 0, sig, &sig_len,
f_rng, p_rng ) ) != 0 )
{
return( ret );
@ -405,16 +405,16 @@ int x509write_crt_der( x509write_cert *ctx, unsigned char *buf, size_t size,
* Write data to output buffer
*/
c2 = buf + size;
ASN1_CHK_ADD( sig_and_oid_len, x509_write_sig( &c2, buf,
MBEDTLS_ASN1_CHK_ADD( sig_and_oid_len, mbedtls_x509_write_sig( &c2, buf,
sig_oid, sig_oid_len, sig, sig_len ) );
c2 -= len;
memcpy( c2, c, len );
len += sig_and_oid_len;
ASN1_CHK_ADD( len, asn1_write_len( &c2, buf, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( &c2, buf, ASN1_CONSTRUCTED |
ASN1_SEQUENCE ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c2, buf, len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c2, buf, MBEDTLS_ASN1_CONSTRUCTED |
MBEDTLS_ASN1_SEQUENCE ) );
return( (int) len );
}
@ -422,8 +422,8 @@ int x509write_crt_der( x509write_cert *ctx, unsigned char *buf, size_t size,
#define PEM_BEGIN_CRT "-----BEGIN CERTIFICATE-----\n"
#define PEM_END_CRT "-----END CERTIFICATE-----\n"
#if defined(POLARSSL_PEM_WRITE_C)
int x509write_crt_pem( x509write_cert *crt, unsigned char *buf, size_t size,
#if defined(MBEDTLS_PEM_WRITE_C)
int mbedtls_x509write_crt_pem( mbedtls_x509write_cert *crt, unsigned char *buf, size_t size,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng )
{
@ -431,13 +431,13 @@ int x509write_crt_pem( x509write_cert *crt, unsigned char *buf, size_t size,
unsigned char output_buf[4096];
size_t olen = 0;
if( ( ret = x509write_crt_der( crt, output_buf, sizeof(output_buf),
if( ( ret = mbedtls_x509write_crt_der( crt, output_buf, sizeof(output_buf),
f_rng, p_rng ) ) < 0 )
{
return( ret );
}
if( ( ret = pem_write_buffer( PEM_BEGIN_CRT, PEM_END_CRT,
if( ( ret = mbedtls_pem_write_buffer( PEM_BEGIN_CRT, PEM_END_CRT,
output_buf + sizeof(output_buf) - ret,
ret, buf, size, &olen ) ) != 0 )
{
@ -446,6 +446,6 @@ int x509write_crt_pem( x509write_cert *crt, unsigned char *buf, size_t size,
return( 0 );
}
#endif /* POLARSSL_PEM_WRITE_C */
#endif /* MBEDTLS_PEM_WRITE_C */
#endif /* POLARSSL_X509_CRT_WRITE_C */
#endif /* MBEDTLS_X509_CRT_WRITE_C */

130
library/x509write_csr.c
View File

@ -25,13 +25,13 @@
* - attributes: PKCS#9 v2.0 aka RFC 2985
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_X509_CSR_WRITE_C)
#if defined(MBEDTLS_X509_CSR_WRITE_C)
#include "mbedtls/x509_csr.h"
#include "mbedtls/oid.h"
@ -40,53 +40,53 @@
#include <string.h>
#include <stdlib.h>
#if defined(POLARSSL_PEM_WRITE_C)
#if defined(MBEDTLS_PEM_WRITE_C)
#include "mbedtls/pem.h"
#endif
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
void x509write_csr_init( x509write_csr *ctx )
void mbedtls_x509write_csr_init( mbedtls_x509write_csr *ctx )
{
memset( ctx, 0, sizeof(x509write_csr) );
memset( ctx, 0, sizeof(mbedtls_x509write_csr) );
}
void x509write_csr_free( x509write_csr *ctx )
void mbedtls_x509write_csr_free( mbedtls_x509write_csr *ctx )
{
asn1_free_named_data_list( &ctx->subject );
asn1_free_named_data_list( &ctx->extensions );
mbedtls_asn1_free_named_data_list( &ctx->subject );
mbedtls_asn1_free_named_data_list( &ctx->extensions );
polarssl_zeroize( ctx, sizeof(x509write_csr) );
mbedtls_zeroize( ctx, sizeof(mbedtls_x509write_csr) );
}
void x509write_csr_set_md_alg( x509write_csr *ctx, md_type_t md_alg )
void mbedtls_x509write_csr_set_md_alg( mbedtls_x509write_csr *ctx, mbedtls_md_type_t md_alg )
{
ctx->md_alg = md_alg;
}
void x509write_csr_set_key( x509write_csr *ctx, pk_context *key )
void mbedtls_x509write_csr_set_key( mbedtls_x509write_csr *ctx, mbedtls_pk_context *key )
{
ctx->key = key;
}
int x509write_csr_set_subject_name( x509write_csr *ctx,
int mbedtls_x509write_csr_set_subject_name( mbedtls_x509write_csr *ctx,
const char *subject_name )
{
return x509_string_to_names( &ctx->subject, subject_name );
return mbedtls_x509_string_to_names( &ctx->subject, subject_name );
}
int x509write_csr_set_extension( x509write_csr *ctx,
int mbedtls_x509write_csr_set_extension( mbedtls_x509write_csr *ctx,
const char *oid, size_t oid_len,
const unsigned char *val, size_t val_len )
{
return x509_set_extension( &ctx->extensions, oid, oid_len,
return mbedtls_x509_set_extension( &ctx->extensions, oid, oid_len,
0, val, val_len );
}
int x509write_csr_set_key_usage( x509write_csr *ctx, unsigned char key_usage )
int mbedtls_x509write_csr_set_key_usage( mbedtls_x509write_csr *ctx, unsigned char key_usage )
{
unsigned char buf[4];
unsigned char *c;
@ -94,11 +94,11 @@ int x509write_csr_set_key_usage( x509write_csr *ctx, unsigned char key_usage )
c = buf + 4;
if( ( ret = asn1_write_bitstring( &c, buf, &key_usage, 7 ) ) != 4 )
if( ( ret = mbedtls_asn1_write_bitstring( &c, buf, &key_usage, 7 ) ) != 4 )
return( ret );
ret = x509write_csr_set_extension( ctx, OID_KEY_USAGE,
OID_SIZE( OID_KEY_USAGE ),
ret = mbedtls_x509write_csr_set_extension( ctx, MBEDTLS_OID_KEY_USAGE,
MBEDTLS_OID_SIZE( MBEDTLS_OID_KEY_USAGE ),
buf, 4 );
if( ret != 0 )
return( ret );
@ -106,7 +106,7 @@ int x509write_csr_set_key_usage( x509write_csr *ctx, unsigned char key_usage )
return( 0 );
}
int x509write_csr_set_ns_cert_type( x509write_csr *ctx,
int mbedtls_x509write_csr_set_ns_cert_type( mbedtls_x509write_csr *ctx,
unsigned char ns_cert_type )
{
unsigned char buf[4];
@ -115,11 +115,11 @@ int x509write_csr_set_ns_cert_type( x509write_csr *ctx,
c = buf + 4;
if( ( ret = asn1_write_bitstring( &c, buf, &ns_cert_type, 8 ) ) != 4 )
if( ( ret = mbedtls_asn1_write_bitstring( &c, buf, &ns_cert_type, 8 ) ) != 4 )
return( ret );
ret = x509write_csr_set_extension( ctx, OID_NS_CERT_TYPE,
OID_SIZE( OID_NS_CERT_TYPE ),
ret = mbedtls_x509write_csr_set_extension( ctx, MBEDTLS_OID_NS_CERT_TYPE,
MBEDTLS_OID_SIZE( MBEDTLS_OID_NS_CERT_TYPE ),
buf, 4 );
if( ret != 0 )
return( ret );
@ -127,7 +127,7 @@ int x509write_csr_set_ns_cert_type( x509write_csr *ctx,
return( 0 );
}
int x509write_csr_der( x509write_csr *ctx, unsigned char *buf, size_t size,
int mbedtls_x509write_csr_der( mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng )
{
@ -136,42 +136,42 @@ int x509write_csr_der( x509write_csr *ctx, unsigned char *buf, size_t size,
size_t sig_oid_len = 0;
unsigned char *c, *c2;
unsigned char hash[64];
unsigned char sig[POLARSSL_MPI_MAX_SIZE];
unsigned char sig[MBEDTLS_MPI_MAX_SIZE];
unsigned char tmp_buf[2048];
size_t pub_len = 0, sig_and_oid_len = 0, sig_len;
size_t len = 0;
pk_type_t pk_alg;
mbedtls_pk_type_t pk_alg;
/*
* Prepare data to be signed in tmp_buf
*/
c = tmp_buf + sizeof( tmp_buf );
ASN1_CHK_ADD( len, x509_write_extensions( &c, tmp_buf, ctx->extensions ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_x509_write_extensions( &c, tmp_buf, ctx->extensions ) );
if( len )
{
ASN1_CHK_ADD( len, asn1_write_len( &c, tmp_buf, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( &c, tmp_buf, ASN1_CONSTRUCTED |
ASN1_SEQUENCE ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONSTRUCTED |
MBEDTLS_ASN1_SEQUENCE ) );
ASN1_CHK_ADD( len, asn1_write_len( &c, tmp_buf, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( &c, tmp_buf, ASN1_CONSTRUCTED |
ASN1_SET ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONSTRUCTED |
MBEDTLS_ASN1_SET ) );
ASN1_CHK_ADD( len, asn1_write_oid( &c, tmp_buf, OID_PKCS9_CSR_EXT_REQ,
OID_SIZE( OID_PKCS9_CSR_EXT_REQ ) ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_oid( &c, tmp_buf, MBEDTLS_OID_PKCS9_CSR_EXT_REQ,
MBEDTLS_OID_SIZE( MBEDTLS_OID_PKCS9_CSR_EXT_REQ ) ) );
ASN1_CHK_ADD( len, asn1_write_len( &c, tmp_buf, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( &c, tmp_buf, ASN1_CONSTRUCTED |
ASN1_SEQUENCE ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONSTRUCTED |
MBEDTLS_ASN1_SEQUENCE ) );
}
ASN1_CHK_ADD( len, asn1_write_len( &c, tmp_buf, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( &c, tmp_buf, ASN1_CONSTRUCTED |
ASN1_CONTEXT_SPECIFIC ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONSTRUCTED |
MBEDTLS_ASN1_CONTEXT_SPECIFIC ) );
ASN1_CHK_ADD( pub_len, pk_write_pubkey_der( ctx->key,
MBEDTLS_ASN1_CHK_ADD( pub_len, mbedtls_pk_write_pubkey_der( ctx->key,
tmp_buf, c - tmp_buf ) );
c -= pub_len;
len += pub_len;
@ -179,29 +179,29 @@ int x509write_csr_der( x509write_csr *ctx, unsigned char *buf, size_t size,
/*
* Subject ::= Name
*/
ASN1_CHK_ADD( len, x509_write_names( &c, tmp_buf, ctx->subject ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_x509_write_names( &c, tmp_buf, ctx->subject ) );
/*
* Version ::= INTEGER { v1(0), v2(1), v3(2) }
*/
ASN1_CHK_ADD( len, asn1_write_int( &c, tmp_buf, 0 ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_int( &c, tmp_buf, 0 ) );
ASN1_CHK_ADD( len, asn1_write_len( &c, tmp_buf, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( &c, tmp_buf, ASN1_CONSTRUCTED |
ASN1_SEQUENCE ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c, tmp_buf, len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c, tmp_buf, MBEDTLS_ASN1_CONSTRUCTED |
MBEDTLS_ASN1_SEQUENCE ) );
/*
* Prepare signature
*/
md( md_info_from_type( ctx->md_alg ), c, len, hash );
mbedtls_md( mbedtls_md_info_from_type( ctx->md_alg ), c, len, hash );
pk_alg = pk_get_type( ctx->key );
if( pk_alg == POLARSSL_PK_ECKEY )
pk_alg = POLARSSL_PK_ECDSA;
pk_alg = mbedtls_pk_get_type( ctx->key );
if( pk_alg == MBEDTLS_PK_ECKEY )
pk_alg = MBEDTLS_PK_ECDSA;
if( ( ret = pk_sign( ctx->key, ctx->md_alg, hash, 0, sig, &sig_len,
if( ( ret = mbedtls_pk_sign( ctx->key, ctx->md_alg, hash, 0, sig, &sig_len,
f_rng, p_rng ) ) != 0 ||
( ret = oid_get_oid_by_sig_alg( pk_alg, ctx->md_alg,
( ret = mbedtls_oid_get_oid_by_sig_alg( pk_alg, ctx->md_alg,
&sig_oid, &sig_oid_len ) ) != 0 )
{
return( ret );
@ -211,16 +211,16 @@ int x509write_csr_der( x509write_csr *ctx, unsigned char *buf, size_t size,
* Write data to output buffer
*/
c2 = buf + size;
ASN1_CHK_ADD( sig_and_oid_len, x509_write_sig( &c2, buf,
MBEDTLS_ASN1_CHK_ADD( sig_and_oid_len, mbedtls_x509_write_sig( &c2, buf,
sig_oid, sig_oid_len, sig, sig_len ) );
c2 -= len;
memcpy( c2, c, len );
len += sig_and_oid_len;
ASN1_CHK_ADD( len, asn1_write_len( &c2, buf, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( &c2, buf, ASN1_CONSTRUCTED |
ASN1_SEQUENCE ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &c2, buf, len ) );
MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &c2, buf, MBEDTLS_ASN1_CONSTRUCTED |
MBEDTLS_ASN1_SEQUENCE ) );
return( (int) len );
}
@ -228,8 +228,8 @@ int x509write_csr_der( x509write_csr *ctx, unsigned char *buf, size_t size,
#define PEM_BEGIN_CSR "-----BEGIN CERTIFICATE REQUEST-----\n"
#define PEM_END_CSR "-----END CERTIFICATE REQUEST-----\n"
#if defined(POLARSSL_PEM_WRITE_C)
int x509write_csr_pem( x509write_csr *ctx, unsigned char *buf, size_t size,
#if defined(MBEDTLS_PEM_WRITE_C)
int mbedtls_x509write_csr_pem( mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng )
{
@ -237,13 +237,13 @@ int x509write_csr_pem( x509write_csr *ctx, unsigned char *buf, size_t size,
unsigned char output_buf[4096];
size_t olen = 0;
if( ( ret = x509write_csr_der( ctx, output_buf, sizeof(output_buf),
if( ( ret = mbedtls_x509write_csr_der( ctx, output_buf, sizeof(output_buf),
f_rng, p_rng ) ) < 0 )
{
return( ret );
}
if( ( ret = pem_write_buffer( PEM_BEGIN_CSR, PEM_END_CSR,
if( ( ret = mbedtls_pem_write_buffer( PEM_BEGIN_CSR, PEM_END_CSR,
output_buf + sizeof(output_buf) - ret,
ret, buf, size, &olen ) ) != 0 )
{
@ -252,6 +252,6 @@ int x509write_csr_pem( x509write_csr *ctx, unsigned char *buf, size_t size,
return( 0 );
}
#endif /* POLARSSL_PEM_WRITE_C */
#endif /* MBEDTLS_PEM_WRITE_C */
#endif /* POLARSSL_X509_CSR_WRITE_C */
#endif /* MBEDTLS_X509_CSR_WRITE_C */

80
library/xtea.c
View File

@ -20,31 +20,31 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#if !defined(POLARSSL_CONFIG_FILE)
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include POLARSSL_CONFIG_FILE
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(POLARSSL_XTEA_C)
#if defined(MBEDTLS_XTEA_C)
#include "mbedtls/xtea.h"
#include <string.h>
#if defined(POLARSSL_SELF_TEST)
#if defined(POLARSSL_PLATFORM_C)
#if defined(MBEDTLS_SELF_TEST)
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#include <stdio.h>
#define polarssl_printf printf
#endif /* POLARSSL_PLATFORM_C */
#endif /* POLARSSL_SELF_TEST */
#define mbedtls_printf printf
#endif /* MBEDTLS_PLATFORM_C */
#endif /* MBEDTLS_SELF_TEST */
#if !defined(POLARSSL_XTEA_ALT)
#if !defined(MBEDTLS_XTEA_ALT)
/* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) {
static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
@ -71,27 +71,27 @@ static void polarssl_zeroize( void *v, size_t n ) {
}
#endif
void xtea_init( xtea_context *ctx )
void mbedtls_xtea_init( mbedtls_xtea_context *ctx )
{
memset( ctx, 0, sizeof( xtea_context ) );
memset( ctx, 0, sizeof( mbedtls_xtea_context ) );
}
void xtea_free( xtea_context *ctx )
void mbedtls_xtea_free( mbedtls_xtea_context *ctx )
{
if( ctx == NULL )
return;
polarssl_zeroize( ctx, sizeof( xtea_context ) );
mbedtls_zeroize( ctx, sizeof( mbedtls_xtea_context ) );
}
/*
* XTEA key schedule
*/
void xtea_setup( xtea_context *ctx, const unsigned char key[16] )
void mbedtls_xtea_setup( mbedtls_xtea_context *ctx, const unsigned char key[16] )
{
int i;
memset( ctx, 0, sizeof(xtea_context) );
memset( ctx, 0, sizeof(mbedtls_xtea_context) );
for( i = 0; i < 4; i++ )
{
@ -102,7 +102,7 @@ void xtea_setup( xtea_context *ctx, const unsigned char key[16] )
/*
* XTEA encrypt function
*/
int xtea_crypt_ecb( xtea_context *ctx, int mode,
int mbedtls_xtea_crypt_ecb( mbedtls_xtea_context *ctx, int mode,
const unsigned char input[8], unsigned char output[8])
{
uint32_t *k, v0, v1, i;
@ -112,7 +112,7 @@ int xtea_crypt_ecb( xtea_context *ctx, int mode,
GET_UINT32_BE( v0, input, 0 );
GET_UINT32_BE( v1, input, 4 );
if( mode == XTEA_ENCRYPT )
if( mode == MBEDTLS_XTEA_ENCRYPT )
{
uint32_t sum = 0, delta = 0x9E3779B9;
@ -123,7 +123,7 @@ int xtea_crypt_ecb( xtea_context *ctx, int mode,
v1 += (((v0 << 4) ^ (v0 >> 5)) + v0) ^ (sum + k[(sum>>11) & 3]);
}
}
else /* XTEA_DECRYPT */
else /* MBEDTLS_XTEA_DECRYPT */
{
uint32_t delta = 0x9E3779B9, sum = delta * 32;
@ -141,11 +141,11 @@ int xtea_crypt_ecb( xtea_context *ctx, int mode,
return( 0 );
}
#if defined(POLARSSL_CIPHER_MODE_CBC)
#if defined(MBEDTLS_CIPHER_MODE_CBC)
/*
* XTEA-CBC buffer encryption/decryption
*/
int xtea_crypt_cbc( xtea_context *ctx, int mode, size_t length,
int mbedtls_xtea_crypt_cbc( mbedtls_xtea_context *ctx, int mode, size_t length,
unsigned char iv[8], const unsigned char *input,
unsigned char *output)
{
@ -153,14 +153,14 @@ int xtea_crypt_cbc( xtea_context *ctx, int mode, size_t length,
unsigned char temp[8];
if( length % 8 )
return( POLARSSL_ERR_XTEA_INVALID_INPUT_LENGTH );
return( MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH );
if( mode == XTEA_DECRYPT )
if( mode == MBEDTLS_XTEA_DECRYPT )
{
while( length > 0 )
{
memcpy( temp, input, 8 );
xtea_crypt_ecb( ctx, mode, input, output );
mbedtls_xtea_crypt_ecb( ctx, mode, input, output );
for( i = 0; i < 8; i++ )
output[i] = (unsigned char)( output[i] ^ iv[i] );
@ -179,7 +179,7 @@ int xtea_crypt_cbc( xtea_context *ctx, int mode, size_t length,
for( i = 0; i < 8; i++ )
output[i] = (unsigned char)( input[i] ^ iv[i] );
xtea_crypt_ecb( ctx, mode, output, output );
mbedtls_xtea_crypt_ecb( ctx, mode, output, output );
memcpy( iv, output, 8 );
input += 8;
@ -190,10 +190,10 @@ int xtea_crypt_cbc( xtea_context *ctx, int mode, size_t length,
return( 0 );
}
#endif /* POLARSSL_CIPHER_MODE_CBC */
#endif /* !POLARSSL_XTEA_ALT */
#endif /* MBEDTLS_CIPHER_MODE_CBC */
#endif /* !MBEDTLS_XTEA_ALT */
#if defined(POLARSSL_SELF_TEST)
#if defined(MBEDTLS_SELF_TEST)
/*
* XTEA tests vectors (non-official)
@ -238,45 +238,45 @@ static const unsigned char xtea_test_ct[6][8] =
/*
* Checkup routine
*/
int xtea_self_test( int verbose )
int mbedtls_xtea_self_test( int verbose )
{
int i, ret = 0;
unsigned char buf[8];
xtea_context ctx;
mbedtls_xtea_context ctx;
xtea_init( &ctx );
mbedtls_xtea_init( &ctx );
for( i = 0; i < 6; i++ )
{
if( verbose != 0 )
polarssl_printf( " XTEA test #%d: ", i + 1 );
mbedtls_printf( " XTEA test #%d: ", i + 1 );
memcpy( buf, xtea_test_pt[i], 8 );
xtea_setup( &ctx, xtea_test_key[i] );
xtea_crypt_ecb( &ctx, XTEA_ENCRYPT, buf, buf );
mbedtls_xtea_setup( &ctx, xtea_test_key[i] );
mbedtls_xtea_crypt_ecb( &ctx, MBEDTLS_XTEA_ENCRYPT, buf, buf );
if( memcmp( buf, xtea_test_ct[i], 8 ) != 0 )
{
if( verbose != 0 )
polarssl_printf( "failed\n" );
mbedtls_printf( "failed\n" );
ret = 1;
goto exit;
}
if( verbose != 0 )
polarssl_printf( "passed\n" );
mbedtls_printf( "passed\n" );
}
if( verbose != 0 )
polarssl_printf( "\n" );
mbedtls_printf( "\n" );
exit:
xtea_free( &ctx );
mbedtls_xtea_free( &ctx );
return( ret );
}
#endif /* POLARSSL_SELF_TEST */
#endif /* MBEDTLS_SELF_TEST */
#endif /* POLARSSL_XTEA_C */
#endif /* MBEDTLS_XTEA_C */