lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-29 11:41:15 +03:00
Code Activity

The Great Renaming

Browse Source 
A simple execution of tmp/invoke-rename.pl
This commit is contained in:
Manuel Pégourié-Gonnard
2015-04-08 12:49:31 +02:00
parent b5904d25ef
commit 2cf5a7c98e
291 changed files with 36012 additions and 36012 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
configs/README.txt
View File

@ -11,15 +11,15 @@ them, you can pick one of the following methods:
(Depending on your compiler, you may need to ajust the line with (Depending on your compiler, you may need to ajust the line with
#include "mbedtls/check_config.h" then.) #include "mbedtls/check_config.h" then.)
2. Define POLARSSL_CONFIG_FILE and adjust the include path accordingly. 2. Define MBEDTLS_CONFIG_FILE and adjust the include path accordingly.
For example, using make: For example, using make:
CFLAGS="-I$PWD/configs -DPOLARSSL_CONFIG_FILE='<foo.h>'" make CFLAGS="-I$PWD/configs -DMBEDTLS_CONFIG_FILE='<foo.h>'" make
Or, using cmake: Or, using cmake:
find . -iname '*cmake*' -not -name CMakeLists.txt -exec rm -rf {} + find . -iname '*cmake*' -not -name CMakeLists.txt -exec rm -rf {} +
CFLAGS="-I$PWD/configs -DPOLARSSL_CONFIG_FILE='<foo.h>'" cmake . CFLAGS="-I$PWD/configs -DMBEDTLS_CONFIG_FILE='<foo.h>'" cmake .
make make
Note that the second method also works if you want to keep your custom Note that the second method also works if you want to keep your custom

52
configs/config-ccm-psk-tls1_2.h
View File

@ -8,59 +8,59 @@
* *
* See README.txt for usage instructions. * See README.txt for usage instructions.
*/ */
#ifndef POLARSSL_CONFIG_H #ifndef MBEDTLS_CONFIG_H
#define POLARSSL_CONFIG_H #define MBEDTLS_CONFIG_H
/* System support */ /* System support */
//#define POLARSSL_HAVE_IPV6 /* Optional */ //#define MBEDTLS_HAVE_IPV6 /* Optional */
//#define POLARSSL_HAVE_TIME /* Optionally used in Hello messages */ //#define MBEDTLS_HAVE_TIME /* Optionally used in Hello messages */
/* Other POLARSSL_HAVE_XXX flags irrelevant for this configuration */ /* Other MBEDTLS_HAVE_XXX flags irrelevant for this configuration */
/* mbed TLS feature support */ /* mbed TLS feature support */
#define POLARSSL_KEY_EXCHANGE_PSK_ENABLED #define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
#define POLARSSL_SSL_PROTO_TLS1_2 #define MBEDTLS_SSL_PROTO_TLS1_2
/* mbed TLS modules */ /* mbed TLS modules */
#define POLARSSL_AES_C #define MBEDTLS_AES_C
#define POLARSSL_CCM_C #define MBEDTLS_CCM_C
#define POLARSSL_CIPHER_C #define MBEDTLS_CIPHER_C
#define POLARSSL_CTR_DRBG_C #define MBEDTLS_CTR_DRBG_C
#define POLARSSL_ENTROPY_C #define MBEDTLS_ENTROPY_C
#define POLARSSL_MD_C #define MBEDTLS_MD_C
#define POLARSSL_NET_C #define MBEDTLS_NET_C
#define POLARSSL_SHA256_C #define MBEDTLS_SHA256_C
#define POLARSSL_SSL_CLI_C #define MBEDTLS_SSL_CLI_C
#define POLARSSL_SSL_SRV_C #define MBEDTLS_SSL_SRV_C
#define POLARSSL_SSL_TLS_C #define MBEDTLS_SSL_TLS_C
/* Save RAM at the expense of ROM */ /* Save RAM at the expense of ROM */
#define POLARSSL_AES_ROM_TABLES #define MBEDTLS_AES_ROM_TABLES
/* Save some RAM by adjusting to your exact needs */ /* Save some RAM by adjusting to your exact needs */
#define POLARSSL_PSK_MAX_LEN 16 /* 128-bits keys are generally enough */ #define MBEDTLS_PSK_MAX_LEN 16 /* 128-bits keys are generally enough */
/* /*
* You should adjust this to the exact number of sources you're using: default * You should adjust this to the exact number of sources you're using: default
* is the "platform_entropy_poll" source, but you may want to add other ones * is the "platform_entropy_poll" source, but you may want to add other ones
* Minimum is 2 for the entropy test suite. * Minimum is 2 for the entropy test suite.
*/ */
#define ENTROPY_MAX_SOURCES 2 #define MBEDTLS_ENTROPY_MAX_SOURCES 2
/* /*
* Use only CCM_8 ciphersuites, and * Use only CCM_8 ciphersuites, and
* save ROM and a few bytes of RAM by specifying our own ciphersuite list * save ROM and a few bytes of RAM by specifying our own ciphersuite list
*/ */
#define SSL_CIPHERSUITES \ #define MBEDTLS_SSL_CIPHERSUITES \
TLS_PSK_WITH_AES_256_CCM_8, \ MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, \
TLS_PSK_WITH_AES_128_CCM_8 MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8
/* /*
* Save RAM at the expense of interoperability: do this only if you control * Save RAM at the expense of interoperability: do this only if you control
* both ends of the connection! (See comments in "mbedtls/ssl.h".) * both ends of the connection! (See comments in "mbedtls/ssl.h".)
* The optimal size here depends on the typical size of records. * The optimal size here depends on the typical size of records.
*/ */
#define SSL_MAX_CONTENT_LEN 512 #define MBEDTLS_SSL_MAX_CONTENT_LEN 512
#include "check_config.h" #include "check_config.h"
#endif /* POLARSSL_CONFIG_H */ #endif /* MBEDTLS_CONFIG_H */

74
configs/config-mini-tls1_1.h
View File

@ -1,56 +1,56 @@
/* /*
* Minimal configuration for TLS 1.1 (RFC 4346), implementing only the * Minimal configuration for TLS 1.1 (RFC 4346), implementing only the
* required ciphersuite: TLS_RSA_WITH_3DES_EDE_CBC_SHA * required ciphersuite: MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA
* *
* See README.txt for usage instructions. * See README.txt for usage instructions.
*/ */
#ifndef POLARSSL_CONFIG_H #ifndef MBEDTLS_CONFIG_H
#define POLARSSL_CONFIG_H #define MBEDTLS_CONFIG_H
/* System support */ /* System support */
#define POLARSSL_HAVE_ASM #define MBEDTLS_HAVE_ASM
#define POLARSSL_HAVE_TIME #define MBEDTLS_HAVE_TIME
#define POLARSSL_HAVE_IPV6 #define MBEDTLS_HAVE_IPV6
/* mbed TLS feature support */ /* mbed TLS feature support */
#define POLARSSL_CIPHER_MODE_CBC #define MBEDTLS_CIPHER_MODE_CBC
#define POLARSSL_PKCS1_V15 #define MBEDTLS_PKCS1_V15
#define POLARSSL_KEY_EXCHANGE_RSA_ENABLED #define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
#define POLARSSL_SSL_PROTO_TLS1_1 #define MBEDTLS_SSL_PROTO_TLS1_1
/* mbed TLS modules */ /* mbed TLS modules */
#define POLARSSL_AES_C #define MBEDTLS_AES_C
#define POLARSSL_ASN1_PARSE_C #define MBEDTLS_ASN1_PARSE_C
#define POLARSSL_ASN1_WRITE_C #define MBEDTLS_ASN1_WRITE_C
#define POLARSSL_BIGNUM_C #define MBEDTLS_BIGNUM_C
#define POLARSSL_CIPHER_C #define MBEDTLS_CIPHER_C
#define POLARSSL_CTR_DRBG_C #define MBEDTLS_CTR_DRBG_C
#define POLARSSL_DES_C #define MBEDTLS_DES_C
#define POLARSSL_ENTROPY_C #define MBEDTLS_ENTROPY_C
#define POLARSSL_MD_C #define MBEDTLS_MD_C
#define POLARSSL_MD5_C #define MBEDTLS_MD5_C
#define POLARSSL_NET_C #define MBEDTLS_NET_C
#define POLARSSL_OID_C #define MBEDTLS_OID_C
#define POLARSSL_PK_C #define MBEDTLS_PK_C
#define POLARSSL_PK_PARSE_C #define MBEDTLS_PK_PARSE_C
#define POLARSSL_RSA_C #define MBEDTLS_RSA_C
#define POLARSSL_SHA1_C #define MBEDTLS_SHA1_C
#define POLARSSL_SHA256_C #define MBEDTLS_SHA256_C
#define POLARSSL_SSL_CLI_C #define MBEDTLS_SSL_CLI_C
#define POLARSSL_SSL_SRV_C #define MBEDTLS_SSL_SRV_C
#define POLARSSL_SSL_TLS_C #define MBEDTLS_SSL_TLS_C
#define POLARSSL_X509_CRT_PARSE_C #define MBEDTLS_X509_CRT_PARSE_C
#define POLARSSL_X509_USE_C #define MBEDTLS_X509_USE_C
/* For test certificates */ /* For test certificates */
#define POLARSSL_BASE64_C #define MBEDTLS_BASE64_C
#define POLARSSL_CERTS_C #define MBEDTLS_CERTS_C
#define POLARSSL_PEM_PARSE_C #define MBEDTLS_PEM_PARSE_C
/* For testing with compat.sh */ /* For testing with compat.sh */
#define POLARSSL_FS_IO #define MBEDTLS_FS_IO
#include "mbedtls/check_config.h" #include "mbedtls/check_config.h"
#endif /* POLARSSL_CONFIG_H */ #endif /* MBEDTLS_CONFIG_H */

66
configs/config-picocoin.h
View File

@ -9,45 +9,45 @@
* - ECDSA/PK and some other chosen crypto bits. * - ECDSA/PK and some other chosen crypto bits.
*/ */
#ifndef POLARSSL_CONFIG_H #ifndef MBEDTLS_CONFIG_H
#define POLARSSL_CONFIG_H #define MBEDTLS_CONFIG_H
/* System support */ /* System support */
#define POLARSSL_HAVE_LONGLONG #define MBEDTLS_HAVE_LONGLONG
#define POLARSSL_HAVE_ASM #define MBEDTLS_HAVE_ASM
#define POLARSSL_HAVE_TIME #define MBEDTLS_HAVE_TIME
#define POLARSSL_HAVE_IPV6 #define MBEDTLS_HAVE_IPV6
/* mbed TLS feature support */ /* mbed TLS feature support */
#define POLARSSL_CIPHER_MODE_CBC #define MBEDTLS_CIPHER_MODE_CBC
#define POLARSSL_CIPHER_PADDING_PKCS7 #define MBEDTLS_CIPHER_PADDING_PKCS7
#define POLARSSL_ECP_DP_SECP256K1_ENABLED #define MBEDTLS_ECP_DP_SECP256K1_ENABLED
#define POLARSSL_ECDSA_DETERMINISTIC #define MBEDTLS_ECDSA_DETERMINISTIC
#define POLARSSL_PK_PARSE_EC_EXTENDED #define MBEDTLS_PK_PARSE_EC_EXTENDED
#define POLARSSL_ERROR_STRERROR_DUMMY #define MBEDTLS_ERROR_STRERROR_DUMMY
#define POLARSSL_FS_IO #define MBEDTLS_FS_IO
/* mbed TLS modules */ /* mbed TLS modules */
#define POLARSSL_AESNI_C #define MBEDTLS_AESNI_C
#define POLARSSL_AES_C #define MBEDTLS_AES_C
#define POLARSSL_ASN1_PARSE_C #define MBEDTLS_ASN1_PARSE_C
#define POLARSSL_ASN1_WRITE_C #define MBEDTLS_ASN1_WRITE_C
#define POLARSSL_BASE64_C #define MBEDTLS_BASE64_C
#define POLARSSL_BIGNUM_C #define MBEDTLS_BIGNUM_C
#define POLARSSL_ECDSA_C #define MBEDTLS_ECDSA_C
#define POLARSSL_ECP_C #define MBEDTLS_ECP_C
#define POLARSSL_ENTROPY_C #define MBEDTLS_ENTROPY_C
#define POLARSSL_HMAC_DRBG_C #define MBEDTLS_HMAC_DRBG_C
#define POLARSSL_MD_C #define MBEDTLS_MD_C
#define POLARSSL_OID_C #define MBEDTLS_OID_C
#define POLARSSL_PADLOCK_C #define MBEDTLS_PADLOCK_C
#define POLARSSL_PK_C #define MBEDTLS_PK_C
#define POLARSSL_PK_PARSE_C #define MBEDTLS_PK_PARSE_C
#define POLARSSL_PK_WRITE_C #define MBEDTLS_PK_WRITE_C
#define POLARSSL_RIPEMD160_C #define MBEDTLS_RIPEMD160_C
#define POLARSSL_SHA1_C #define MBEDTLS_SHA1_C
#define POLARSSL_SHA256_C #define MBEDTLS_SHA256_C
#include "check_config.h" #include "check_config.h"
#endif /* POLARSSL_CONFIG_H */ #endif /* MBEDTLS_CONFIG_H */

94
configs/config-suite-b.h
View File

@ -12,75 +12,75 @@
* See README.txt for usage instructions. * See README.txt for usage instructions.
*/ */
#ifndef POLARSSL_CONFIG_H #ifndef MBEDTLS_CONFIG_H
#define POLARSSL_CONFIG_H #define MBEDTLS_CONFIG_H
/* System support */ /* System support */
#define POLARSSL_HAVE_ASM #define MBEDTLS_HAVE_ASM
#define POLARSSL_HAVE_TIME #define MBEDTLS_HAVE_TIME
#define POLARSSL_HAVE_IPV6 #define MBEDTLS_HAVE_IPV6
/* mbed TLS feature support */ /* mbed TLS feature support */
#define POLARSSL_ECP_DP_SECP256R1_ENABLED #define MBEDTLS_ECP_DP_SECP256R1_ENABLED
#define POLARSSL_ECP_DP_SECP384R1_ENABLED #define MBEDTLS_ECP_DP_SECP384R1_ENABLED
#define POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED #define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
#define POLARSSL_SSL_PROTO_TLS1_2 #define MBEDTLS_SSL_PROTO_TLS1_2
/* mbed TLS modules */ /* mbed TLS modules */
#define POLARSSL_AES_C #define MBEDTLS_AES_C
#define POLARSSL_ASN1_PARSE_C #define MBEDTLS_ASN1_PARSE_C
#define POLARSSL_ASN1_WRITE_C #define MBEDTLS_ASN1_WRITE_C
#define POLARSSL_BIGNUM_C #define MBEDTLS_BIGNUM_C
#define POLARSSL_CIPHER_C #define MBEDTLS_CIPHER_C
#define POLARSSL_CTR_DRBG_C #define MBEDTLS_CTR_DRBG_C
#define POLARSSL_ECDH_C #define MBEDTLS_ECDH_C
#define POLARSSL_ECDSA_C #define MBEDTLS_ECDSA_C
#define POLARSSL_ECP_C #define MBEDTLS_ECP_C
#define POLARSSL_ENTROPY_C #define MBEDTLS_ENTROPY_C
#define POLARSSL_GCM_C #define MBEDTLS_GCM_C
#define POLARSSL_MD_C #define MBEDTLS_MD_C
#define POLARSSL_NET_C #define MBEDTLS_NET_C
#define POLARSSL_OID_C #define MBEDTLS_OID_C
#define POLARSSL_PK_C #define MBEDTLS_PK_C
#define POLARSSL_PK_PARSE_C #define MBEDTLS_PK_PARSE_C
#define POLARSSL_SHA256_C #define MBEDTLS_SHA256_C
#define POLARSSL_SHA512_C #define MBEDTLS_SHA512_C
#define POLARSSL_SSL_CLI_C #define MBEDTLS_SSL_CLI_C
#define POLARSSL_SSL_SRV_C #define MBEDTLS_SSL_SRV_C
#define POLARSSL_SSL_TLS_C #define MBEDTLS_SSL_TLS_C
#define POLARSSL_X509_CRT_PARSE_C #define MBEDTLS_X509_CRT_PARSE_C
#define POLARSSL_X509_USE_C #define MBEDTLS_X509_USE_C
/* For test certificates */ /* For test certificates */
#define POLARSSL_BASE64_C #define MBEDTLS_BASE64_C
#define POLARSSL_CERTS_C #define MBEDTLS_CERTS_C
#define POLARSSL_PEM_PARSE_C #define MBEDTLS_PEM_PARSE_C
/* Save RAM at the expense of ROM */ /* Save RAM at the expense of ROM */
#define POLARSSL_AES_ROM_TABLES #define MBEDTLS_AES_ROM_TABLES
/* Save RAM by adjusting to our exact needs */ /* Save RAM by adjusting to our exact needs */
#define POLARSSL_ECP_MAX_BITS 384 #define MBEDTLS_ECP_MAX_BITS 384
#define POLARSSL_MPI_MAX_SIZE 48 // 384 bits is 48 bytes #define MBEDTLS_MPI_MAX_SIZE 48 // 384 bits is 48 bytes
/* Save RAM at the expense of speed, see ecp.h */ /* Save RAM at the expense of speed, see ecp.h */
#define POLARSSL_ECP_WINDOW_SIZE 2 #define MBEDTLS_ECP_WINDOW_SIZE 2
#define POLARSSL_ECP_FIXED_POINT_OPTIM 0 #define MBEDTLS_ECP_FIXED_POINT_OPTIM 0
/* Significant speed benefit at the expense of some ROM */ /* Significant speed benefit at the expense of some ROM */
#define POLARSSL_ECP_NIST_OPTIM #define MBEDTLS_ECP_NIST_OPTIM
/* /*
* You should adjust this to the exact number of sources you're using: default * You should adjust this to the exact number of sources you're using: default
* is the "platform_entropy_poll" source, but you may want to add other ones. * is the "platform_entropy_poll" source, but you may want to add other ones.
* Minimum is 2 for the entropy test suite. * Minimum is 2 for the entropy test suite.
*/ */
#define ENTROPY_MAX_SOURCES 2 #define MBEDTLS_ENTROPY_MAX_SOURCES 2
/* Save ROM and a few bytes of RAM by specifying our own ciphersuite list */ /* Save ROM and a few bytes of RAM by specifying our own ciphersuite list */
#define SSL_CIPHERSUITES \ #define MBEDTLS_SSL_CIPHERSUITES \
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, \ MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, \
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
/* /*
* Save RAM at the expense of interoperability: do this only if you control * Save RAM at the expense of interoperability: do this only if you control
@ -88,8 +88,8 @@
* The minimum size here depends on the certificate chain used as well as the * The minimum size here depends on the certificate chain used as well as the
* typical size of records. * typical size of records.
*/ */
#define SSL_MAX_CONTENT_LEN 1024 #define MBEDTLS_SSL_MAX_CONTENT_LEN 1024
#include "mbedtls/check_config.h" #include "mbedtls/check_config.h"
#endif /* POLARSSL_CONFIG_H */ #endif /* MBEDTLS_CONFIG_H */

76
include/mbedtls/aes.h
View File

@ -21,13 +21,13 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_AES_H #ifndef MBEDTLS_AES_H
#define POLARSSL_AES_H #define MBEDTLS_AES_H
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h" #include "config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#include <stddef.h> #include <stddef.h>
@ -40,13 +40,13 @@ typedef UINT32 uint32_t;
#endif #endif
/* padlock.c and aesni.c rely on these values! */ /* padlock.c and aesni.c rely on these values! */
#define AES_ENCRYPT 1 #define MBEDTLS_AES_ENCRYPT 1
#define AES_DECRYPT 0 #define MBEDTLS_AES_DECRYPT 0
#define POLARSSL_ERR_AES_INVALID_KEY_LENGTH -0x0020 /**< Invalid key length. */ #define MBEDTLS_ERR_AES_INVALID_KEY_LENGTH -0x0020 /**< Invalid key length. */
#define POLARSSL_ERR_AES_INVALID_INPUT_LENGTH -0x0022 /**< Invalid data input length. */ #define MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH -0x0022 /**< Invalid data input length. */
#if !defined(POLARSSL_AES_ALT) #if !defined(MBEDTLS_AES_ALT)
// Regular implementation // Regular implementation
// //
@ -68,21 +68,21 @@ typedef struct
uint32_t *rk; /*!< AES round keys */ uint32_t *rk; /*!< AES round keys */
uint32_t buf[68]; /*!< unaligned data */ uint32_t buf[68]; /*!< unaligned data */
} }
aes_context; mbedtls_aes_context;
/** /**
* \brief Initialize AES context * \brief Initialize AES context
* *
* \param ctx AES context to be initialized * \param ctx AES context to be initialized
*/ */
void aes_init( aes_context *ctx ); void mbedtls_aes_init( mbedtls_aes_context *ctx );
/** /**
* \brief Clear AES context * \brief Clear AES context
* *
* \param ctx AES context to be cleared * \param ctx AES context to be cleared
*/ */
void aes_free( aes_context *ctx ); void mbedtls_aes_free( mbedtls_aes_context *ctx );
/** /**
* \brief AES key schedule (encryption) * \brief AES key schedule (encryption)
@ -91,9 +91,9 @@ void aes_free( aes_context *ctx );
* \param key encryption key * \param key encryption key
* \param keysize must be 128, 192 or 256 * \param keysize must be 128, 192 or 256
* *
* \return 0 if successful, or POLARSSL_ERR_AES_INVALID_KEY_LENGTH * \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_KEY_LENGTH
*/ */
int aes_setkey_enc( aes_context *ctx, const unsigned char *key, int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key,
unsigned int keysize ); unsigned int keysize );
/** /**
@ -103,27 +103,27 @@ int aes_setkey_enc( aes_context *ctx, const unsigned char *key,
* \param key decryption key * \param key decryption key
* \param keysize must be 128, 192 or 256 * \param keysize must be 128, 192 or 256
* *
* \return 0 if successful, or POLARSSL_ERR_AES_INVALID_KEY_LENGTH * \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_KEY_LENGTH
*/ */
int aes_setkey_dec( aes_context *ctx, const unsigned char *key, int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key,
unsigned int keysize ); unsigned int keysize );
/** /**
* \brief AES-ECB block encryption/decryption * \brief AES-ECB block encryption/decryption
* *
* \param ctx AES context * \param ctx AES context
* \param mode AES_ENCRYPT or AES_DECRYPT * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT
* \param input 16-byte input block * \param input 16-byte input block
* \param output 16-byte output block * \param output 16-byte output block
* *
* \return 0 if successful * \return 0 if successful
*/ */
int aes_crypt_ecb( aes_context *ctx, int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx,
int mode, int mode,
const unsigned char input[16], const unsigned char input[16],
unsigned char output[16] ); unsigned char output[16] );
#if defined(POLARSSL_CIPHER_MODE_CBC) #if defined(MBEDTLS_CIPHER_MODE_CBC)
/** /**
* \brief AES-CBC buffer encryption/decryption * \brief AES-CBC buffer encryption/decryption
* Length should be a multiple of the block * Length should be a multiple of the block
@ -138,29 +138,29 @@ int aes_crypt_ecb( aes_context *ctx,
* module instead. * module instead.
* *
* \param ctx AES context * \param ctx AES context
* \param mode AES_ENCRYPT or AES_DECRYPT * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT
* \param length length of the input data * \param length length of the input data
* \param iv initialization vector (updated after use) * \param iv initialization vector (updated after use)
* \param input buffer holding the input data * \param input buffer holding the input data
* \param output buffer holding the output data * \param output buffer holding the output data
* *
* \return 0 if successful, or POLARSSL_ERR_AES_INVALID_INPUT_LENGTH * \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH
*/ */
int aes_crypt_cbc( aes_context *ctx, int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
int mode, int mode,
size_t length, size_t length,
unsigned char iv[16], unsigned char iv[16],
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output );
#endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(POLARSSL_CIPHER_MODE_CFB) #if defined(MBEDTLS_CIPHER_MODE_CFB)
/** /**
* \brief AES-CFB128 buffer encryption/decryption. * \brief AES-CFB128 buffer encryption/decryption.
* *
* Note: Due to the nature of CFB you should use the same key schedule for * Note: Due to the nature of CFB you should use the same key schedule for
* both encryption and decryption. So a context initialized with * both encryption and decryption. So a context initialized with
* aes_setkey_enc() for both AES_ENCRYPT and AES_DECRYPT. * mbedtls_aes_setkey_enc() for both MBEDTLS_AES_ENCRYPT and MBEDTLS_AES_DECRYPT.
* *
* \note Upon exit, the content of the IV is updated so that you can * \note Upon exit, the content of the IV is updated so that you can
* call the function same function again on the following * call the function same function again on the following
@ -171,7 +171,7 @@ int aes_crypt_cbc( aes_context *ctx,
* module instead. * module instead.
* *
* \param ctx AES context * \param ctx AES context
* \param mode AES_ENCRYPT or AES_DECRYPT * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT
* \param length length of the input data * \param length length of the input data
* \param iv_off offset in IV (updated after use) * \param iv_off offset in IV (updated after use)
* \param iv initialization vector (updated after use) * \param iv initialization vector (updated after use)
@ -180,7 +180,7 @@ int aes_crypt_cbc( aes_context *ctx,
* *
* \return 0 if successful * \return 0 if successful
*/ */
int aes_crypt_cfb128( aes_context *ctx, int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx,
int mode, int mode,
size_t length, size_t length,
size_t *iv_off, size_t *iv_off,
@ -193,7 +193,7 @@ int aes_crypt_cfb128( aes_context *ctx,
* *
* Note: Due to the nature of CFB you should use the same key schedule for * Note: Due to the nature of CFB you should use the same key schedule for
* both encryption and decryption. So a context initialized with * both encryption and decryption. So a context initialized with
* aes_setkey_enc() for both AES_ENCRYPT and AES_DECRYPT. * mbedtls_aes_setkey_enc() for both MBEDTLS_AES_ENCRYPT and MBEDTLS_AES_DECRYPT.
* *
* \note Upon exit, the content of the IV is updated so that you can * \note Upon exit, the content of the IV is updated so that you can
* call the function same function again on the following * call the function same function again on the following
@ -204,7 +204,7 @@ int aes_crypt_cfb128( aes_context *ctx,
* module instead. * module instead.
* *
* \param ctx AES context * \param ctx AES context
* \param mode AES_ENCRYPT or AES_DECRYPT * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT
* \param length length of the input data * \param length length of the input data
* \param iv initialization vector (updated after use) * \param iv initialization vector (updated after use)
* \param input buffer holding the input data * \param input buffer holding the input data
@ -212,15 +212,15 @@ int aes_crypt_cfb128( aes_context *ctx,
* *
* \return 0 if successful * \return 0 if successful
*/ */
int aes_crypt_cfb8( aes_context *ctx, int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx,
int mode, int mode,
size_t length, size_t length,
unsigned char iv[16], unsigned char iv[16],
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output );
#endif /*POLARSSL_CIPHER_MODE_CFB */ #endif /*MBEDTLS_CIPHER_MODE_CFB */
#if defined(POLARSSL_CIPHER_MODE_CTR) #if defined(MBEDTLS_CIPHER_MODE_CTR)
/** /**
* \brief AES-CTR buffer encryption/decryption * \brief AES-CTR buffer encryption/decryption
* *
@ -228,7 +228,7 @@ int aes_crypt_cfb8( aes_context *ctx,
* *
* Note: Due to the nature of CTR you should use the same key schedule for * Note: Due to the nature of CTR you should use the same key schedule for
* both encryption and decryption. So a context initialized with * both encryption and decryption. So a context initialized with
* aes_setkey_enc() for both AES_ENCRYPT and AES_DECRYPT. * mbedtls_aes_setkey_enc() for both MBEDTLS_AES_ENCRYPT and MBEDTLS_AES_DECRYPT.
* *
* \param ctx AES context * \param ctx AES context
* \param length The length of the data * \param length The length of the data
@ -243,22 +243,22 @@ int aes_crypt_cfb8( aes_context *ctx,
* *
* \return 0 if successful * \return 0 if successful
*/ */
int aes_crypt_ctr( aes_context *ctx, int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx,
size_t length, size_t length,
size_t *nc_off, size_t *nc_off,
unsigned char nonce_counter[16], unsigned char nonce_counter[16],
unsigned char stream_block[16], unsigned char stream_block[16],
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output );
#endif /* POLARSSL_CIPHER_MODE_CTR */ #endif /* MBEDTLS_CIPHER_MODE_CTR */
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#else /* POLARSSL_AES_ALT */ #else /* MBEDTLS_AES_ALT */
#include "aes_alt.h" #include "aes_alt.h"
#endif /* POLARSSL_AES_ALT */ #endif /* MBEDTLS_AES_ALT */
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
@ -269,7 +269,7 @@ extern "C" {
* *
* \return 0 if successful, or 1 if the test failed * \return 0 if successful, or 1 if the test failed
*/ */
int aes_self_test( int verbose ); int mbedtls_aes_self_test( int verbose );
#ifdef __cplusplus #ifdef __cplusplus
} }

36
include/mbedtls/aesni.h
View File

@ -21,21 +21,21 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_AESNI_H #ifndef MBEDTLS_AESNI_H
#define POLARSSL_AESNI_H #define MBEDTLS_AESNI_H
#include "aes.h" #include "aes.h"
#define POLARSSL_AESNI_AES 0x02000000u #define MBEDTLS_AESNI_AES 0x02000000u
#define POLARSSL_AESNI_CLMUL 0x00000002u #define MBEDTLS_AESNI_CLMUL 0x00000002u
#if defined(POLARSSL_HAVE_ASM) && defined(__GNUC__) && \ #if defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__) && \
( defined(__amd64__) || defined(__x86_64__) ) && \ ( defined(__amd64__) || defined(__x86_64__) ) && \
! defined(POLARSSL_HAVE_X86_64) ! defined(MBEDTLS_HAVE_X86_64)
#define POLARSSL_HAVE_X86_64 #define MBEDTLS_HAVE_X86_64
#endif #endif
#if defined(POLARSSL_HAVE_X86_64) #if defined(MBEDTLS_HAVE_X86_64)
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
@ -45,23 +45,23 @@ extern "C" {
* \brief AES-NI features detection routine * \brief AES-NI features detection routine
* *
* \param what The feature to detect * \param what The feature to detect
* (POLARSSL_AESNI_AES or POLARSSL_AESNI_CLMUL) * (MBEDTLS_AESNI_AES or MBEDTLS_AESNI_CLMUL)
* *
* \return 1 if CPU has support for the feature, 0 otherwise * \return 1 if CPU has support for the feature, 0 otherwise
*/ */
int aesni_supports( unsigned int what ); int mbedtls_aesni_supports( unsigned int what );
/** /**
* \brief AES-NI AES-ECB block en(de)cryption * \brief AES-NI AES-ECB block en(de)cryption
* *
* \param ctx AES context * \param ctx AES context
* \param mode AES_ENCRYPT or AES_DECRYPT * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT
* \param input 16-byte input block * \param input 16-byte input block
* \param output 16-byte output block * \param output 16-byte output block
* *
* \return 0 on success (cannot fail) * \return 0 on success (cannot fail)
*/ */
int aesni_crypt_ecb( aes_context *ctx, int mbedtls_aesni_crypt_ecb( mbedtls_aes_context *ctx,
int mode, int mode,
const unsigned char input[16], const unsigned char input[16],
unsigned char output[16] ); unsigned char output[16] );
@ -76,7 +76,7 @@ int aesni_crypt_ecb( aes_context *ctx,
* \note Both operands and result are bit strings interpreted as * \note Both operands and result are bit strings interpreted as
* elements of GF(2^128) as per the GCM spec. * elements of GF(2^128) as per the GCM spec.
*/ */
void aesni_gcm_mult( unsigned char c[16], void mbedtls_aesni_gcm_mult( unsigned char c[16],
const unsigned char a[16], const unsigned char a[16],
const unsigned char b[16] ); const unsigned char b[16] );
@ -87,7 +87,7 @@ void aesni_gcm_mult( unsigned char c[16],
* \param fwdkey Original round keys (for encryption) * \param fwdkey Original round keys (for encryption)
* \param nr Number of rounds (that is, number of round keys minus one) * \param nr Number of rounds (that is, number of round keys minus one)
*/ */
void aesni_inverse_key( unsigned char *invkey, void mbedtls_aesni_inverse_key( unsigned char *invkey,
const unsigned char *fwdkey, int nr ); const unsigned char *fwdkey, int nr );
/** /**
@ -97,9 +97,9 @@ void aesni_inverse_key( unsigned char *invkey,
* \param key Encryption key * \param key Encryption key
* \param bits Key size in bits (must be 128, 192 or 256) * \param bits Key size in bits (must be 128, 192 or 256)
* *
* \return 0 if successful, or POLARSSL_ERR_AES_INVALID_KEY_LENGTH * \return 0 if successful, or MBEDTLS_ERR_AES_INVALID_KEY_LENGTH
*/ */
int aesni_setkey_enc( unsigned char *rk, int mbedtls_aesni_setkey_enc( unsigned char *rk,
const unsigned char *key, const unsigned char *key,
size_t bits ); size_t bits );
@ -107,6 +107,6 @@ int aesni_setkey_enc( unsigned char *rk,
} }
#endif #endif
#endif /* POLARSSL_HAVE_X86_64 */ #endif /* MBEDTLS_HAVE_X86_64 */
#endif /* POLARSSL_AESNI_H */ #endif /* MBEDTLS_AESNI_H */

26
include/mbedtls/arc4.h
View File

@ -21,18 +21,18 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_ARC4_H #ifndef MBEDTLS_ARC4_H
#define POLARSSL_ARC4_H #define MBEDTLS_ARC4_H
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h" #include "config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#include <stddef.h> #include <stddef.h>
#if !defined(POLARSSL_ARC4_ALT) #if !defined(MBEDTLS_ARC4_ALT)
// Regular implementation // Regular implementation
// //
@ -49,21 +49,21 @@ typedef struct
int y; /*!< permutation index */ int y; /*!< permutation index */
unsigned char m[256]; /*!< permutation table */ unsigned char m[256]; /*!< permutation table */
} }
arc4_context; mbedtls_arc4_context;
/** /**
* \brief Initialize ARC4 context * \brief Initialize ARC4 context
* *
* \param ctx ARC4 context to be initialized * \param ctx ARC4 context to be initialized
*/ */
void arc4_init( arc4_context *ctx ); void mbedtls_arc4_init( mbedtls_arc4_context *ctx );
/** /**
* \brief Clear ARC4 context * \brief Clear ARC4 context
* *
* \param ctx ARC4 context to be cleared * \param ctx ARC4 context to be cleared
*/ */
void arc4_free( arc4_context *ctx ); void mbedtls_arc4_free( mbedtls_arc4_context *ctx );
/** /**
* \brief ARC4 key schedule * \brief ARC4 key schedule
@ -72,7 +72,7 @@ void arc4_free( arc4_context *ctx );
* \param key the secret key * \param key the secret key
* \param keylen length of the key, in bytes * \param keylen length of the key, in bytes
*/ */
void arc4_setup( arc4_context *ctx, const unsigned char *key, void mbedtls_arc4_setup( mbedtls_arc4_context *ctx, const unsigned char *key,
unsigned int keylen ); unsigned int keylen );
/** /**
@ -85,16 +85,16 @@ void arc4_setup( arc4_context *ctx, const unsigned char *key,
* *
* \return 0 if successful * \return 0 if successful
*/ */
int arc4_crypt( arc4_context *ctx, size_t length, const unsigned char *input, int mbedtls_arc4_crypt( mbedtls_arc4_context *ctx, size_t length, const unsigned char *input,
unsigned char *output ); unsigned char *output );
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#else /* POLARSSL_ARC4_ALT */ #else /* MBEDTLS_ARC4_ALT */
#include "arc4_alt.h" #include "arc4_alt.h"
#endif /* POLARSSL_ARC4_ALT */ #endif /* MBEDTLS_ARC4_ALT */
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
@ -105,7 +105,7 @@ extern "C" {
* *
* \return 0 if successful, or 1 if the test failed * \return 0 if successful, or 1 if the test failed
*/ */
int arc4_self_test( int verbose ); int mbedtls_arc4_self_test( int verbose );
#ifdef __cplusplus #ifdef __cplusplus
} }

152
include/mbedtls/asn1.h
View File

@ -21,18 +21,18 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_ASN1_H #ifndef MBEDTLS_ASN1_H
#define POLARSSL_ASN1_H #define MBEDTLS_ASN1_H
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h" #include "config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#include <stddef.h> #include <stddef.h>
#if defined(POLARSSL_BIGNUM_C) #if defined(MBEDTLS_BIGNUM_C)
#include "bignum.h" #include "bignum.h"
#endif #endif
@ -48,13 +48,13 @@
* ASN1 is a standard to specify data structures. * ASN1 is a standard to specify data structures.
* \{ * \{
*/ */
#define POLARSSL_ERR_ASN1_OUT_OF_DATA -0x0060 /**< Out of data when parsing an ASN1 data structure. */ #define MBEDTLS_ERR_ASN1_OUT_OF_DATA -0x0060 /**< Out of data when parsing an ASN1 data structure. */
#define POLARSSL_ERR_ASN1_UNEXPECTED_TAG -0x0062 /**< ASN1 tag was of an unexpected value. */ #define MBEDTLS_ERR_ASN1_UNEXPECTED_TAG -0x0062 /**< ASN1 tag was of an unexpected value. */
#define POLARSSL_ERR_ASN1_INVALID_LENGTH -0x0064 /**< Error when trying to determine the length or invalid length. */ #define MBEDTLS_ERR_ASN1_INVALID_LENGTH -0x0064 /**< Error when trying to determine the length or invalid length. */
#define POLARSSL_ERR_ASN1_LENGTH_MISMATCH -0x0066 /**< Actual length differs from expected length. */ #define MBEDTLS_ERR_ASN1_LENGTH_MISMATCH -0x0066 /**< Actual length differs from expected length. */
#define POLARSSL_ERR_ASN1_INVALID_DATA -0x0068 /**< Data is invalid. (not used) */ #define MBEDTLS_ERR_ASN1_INVALID_DATA -0x0068 /**< Data is invalid. (not used) */
#define POLARSSL_ERR_ASN1_MALLOC_FAILED -0x006A /**< Memory allocation failed */ #define MBEDTLS_ERR_ASN1_MALLOC_FAILED -0x006A /**< Memory allocation failed */
#define POLARSSL_ERR_ASN1_BUF_TOO_SMALL -0x006C /**< Buffer too small when writing ASN.1 data structure. */ #define MBEDTLS_ERR_ASN1_BUF_TOO_SMALL -0x006C /**< Buffer too small when writing ASN.1 data structure. */
/* \} name */ /* \} name */
@ -66,42 +66,42 @@
* - 0x02 -- tag indicating INTEGER * - 0x02 -- tag indicating INTEGER
* - 0x01 -- length in octets * - 0x01 -- length in octets
* - 0x05 -- value * - 0x05 -- value
* Such sequences are typically read into \c ::x509_buf. * Such sequences are typically read into \c ::mbedtls_x509_buf.
* \{ * \{
*/ */
#define ASN1_BOOLEAN 0x01 #define MBEDTLS_ASN1_BOOLEAN 0x01
#define ASN1_INTEGER 0x02 #define MBEDTLS_ASN1_INTEGER 0x02
#define ASN1_BIT_STRING 0x03 #define MBEDTLS_ASN1_BIT_STRING 0x03
#define ASN1_OCTET_STRING 0x04 #define MBEDTLS_ASN1_OCTET_STRING 0x04
#define ASN1_NULL 0x05 #define MBEDTLS_ASN1_NULL 0x05
#define ASN1_OID 0x06 #define MBEDTLS_ASN1_OID 0x06
#define ASN1_UTF8_STRING 0x0C #define MBEDTLS_ASN1_UTF8_STRING 0x0C
#define ASN1_SEQUENCE 0x10 #define MBEDTLS_ASN1_SEQUENCE 0x10
#define ASN1_SET 0x11 #define MBEDTLS_ASN1_SET 0x11
#define ASN1_PRINTABLE_STRING 0x13 #define MBEDTLS_ASN1_PRINTABLE_STRING 0x13
#define ASN1_T61_STRING 0x14 #define MBEDTLS_ASN1_T61_STRING 0x14
#define ASN1_IA5_STRING 0x16 #define MBEDTLS_ASN1_IA5_STRING 0x16
#define ASN1_UTC_TIME 0x17 #define MBEDTLS_ASN1_UTC_TIME 0x17
#define ASN1_GENERALIZED_TIME 0x18 #define MBEDTLS_ASN1_GENERALIZED_TIME 0x18
#define ASN1_UNIVERSAL_STRING 0x1C #define MBEDTLS_ASN1_UNIVERSAL_STRING 0x1C
#define ASN1_BMP_STRING 0x1E #define MBEDTLS_ASN1_BMP_STRING 0x1E
#define ASN1_PRIMITIVE 0x00 #define MBEDTLS_ASN1_PRIMITIVE 0x00
#define ASN1_CONSTRUCTED 0x20 #define MBEDTLS_ASN1_CONSTRUCTED 0x20
#define ASN1_CONTEXT_SPECIFIC 0x80 #define MBEDTLS_ASN1_CONTEXT_SPECIFIC 0x80
/* \} name */ /* \} name */
/* \} addtogroup asn1_module */ /* \} addtogroup asn1_module */
/** Returns the size of the binary string, without the trailing \\0 */ /** Returns the size of the binary string, without the trailing \\0 */
#define OID_SIZE(x) (sizeof(x) - 1) #define MBEDTLS_OID_SIZE(x) (sizeof(x) - 1)
/** /**
* Compares an asn1_buf structure to a reference OID. * Compares an mbedtls_asn1_buf structure to a reference OID.
* *
* Only works for 'defined' oid_str values (OID_HMAC_SHA1), you cannot use a * Only works for 'defined' oid_str values (MBEDTLS_OID_HMAC_SHA1), you cannot use a
* 'unsigned char *oid' here! * 'unsigned char *oid' here!
*/ */
#define OID_CMP(oid_str, oid_buf) \ #define MBEDTLS_OID_CMP(oid_str, oid_buf) \
( ( OID_SIZE(oid_str) != (oid_buf)->len ) || \ ( ( MBEDTLS_OID_SIZE(oid_str) != (oid_buf)->len ) || \
memcmp( (oid_str), (oid_buf)->p, (oid_buf)->len) != 0 ) memcmp( (oid_str), (oid_buf)->p, (oid_buf)->len) != 0 )
#ifdef __cplusplus #ifdef __cplusplus
@ -116,46 +116,46 @@ extern "C" {
/** /**
* Type-length-value structure that allows for ASN1 using DER. * Type-length-value structure that allows for ASN1 using DER.
*/ */
typedef struct _asn1_buf typedef struct mbedtls_asn1_buf
{ {
int tag; /**< ASN1 type, e.g. ASN1_UTF8_STRING. */ int tag; /**< ASN1 type, e.g. MBEDTLS_ASN1_UTF8_STRING. */
size_t len; /**< ASN1 length, e.g. in octets. */ size_t len; /**< ASN1 length, e.g. in octets. */
unsigned char *p; /**< ASN1 data, e.g. in ASCII. */ unsigned char *p; /**< ASN1 data, e.g. in ASCII. */
} }
asn1_buf; mbedtls_asn1_buf;
/** /**
* Container for ASN1 bit strings. * Container for ASN1 bit strings.
*/ */
typedef struct _asn1_bitstring typedef struct mbedtls_asn1_bitstring
{ {
size_t len; /**< ASN1 length, e.g. in octets. */ size_t len; /**< ASN1 length, e.g. in octets. */
unsigned char unused_bits; /**< Number of unused bits at the end of the string */ unsigned char unused_bits; /**< Number of unused bits at the end of the string */
unsigned char *p; /**< Raw ASN1 data for the bit string */ unsigned char *p; /**< Raw ASN1 data for the bit string */
} }
asn1_bitstring; mbedtls_asn1_bitstring;
/** /**
* Container for a sequence of ASN.1 items * Container for a sequence of ASN.1 items
*/ */
typedef struct _asn1_sequence typedef struct mbedtls_asn1_sequence
{ {
asn1_buf buf; /**< Buffer containing the given ASN.1 item. */ mbedtls_asn1_buf buf; /**< Buffer containing the given ASN.1 item. */
struct _asn1_sequence *next; /**< The next entry in the sequence. */ struct mbedtls_asn1_sequence *next; /**< The next entry in the sequence. */
} }
asn1_sequence; mbedtls_asn1_sequence;
/** /**
* Container for a sequence or list of 'named' ASN.1 data items * Container for a sequence or list of 'named' ASN.1 data items
*/ */
typedef struct _asn1_named_data typedef struct mbedtls_asn1_named_data
{ {
asn1_buf oid; /**< The object identifier. */ mbedtls_asn1_buf oid; /**< The object identifier. */
asn1_buf val; /**< The named value. */ mbedtls_asn1_buf val; /**< The named value. */
struct _asn1_named_data *next; /**< The next entry in the sequence. */ struct mbedtls_asn1_named_data *next; /**< The next entry in the sequence. */
unsigned char next_merged; /**< Merge next item into the current one? */ unsigned char next_merged; /**< Merge next item into the current one? */
} }
asn1_named_data; mbedtls_asn1_named_data;
/** /**
* \brief Get the length of an ASN.1 element. * \brief Get the length of an ASN.1 element.
@ -165,11 +165,11 @@ asn1_named_data;
* \param end End of data * \param end End of data
* \param len The variable that will receive the value * \param len The variable that will receive the value
* *
* \return 0 if successful, POLARSSL_ERR_ASN1_OUT_OF_DATA on reaching * \return 0 if successful, MBEDTLS_ERR_ASN1_OUT_OF_DATA on reaching
* end of data, POLARSSL_ERR_ASN1_INVALID_LENGTH if length is * end of data, MBEDTLS_ERR_ASN1_INVALID_LENGTH if length is
* unparseable. * unparseable.
*/ */
int asn1_get_len( unsigned char **p, int mbedtls_asn1_get_len( unsigned char **p,
const unsigned char *end, const unsigned char *end,
size_t *len ); size_t *len );
@ -182,10 +182,10 @@ int asn1_get_len( unsigned char **p,
* \param len The variable that will receive the length * \param len The variable that will receive the length
* \param tag The expected tag * \param tag The expected tag
* *
* \return 0 if successful, POLARSSL_ERR_ASN1_UNEXPECTED_TAG if tag did * \return 0 if successful, MBEDTLS_ERR_ASN1_UNEXPECTED_TAG if tag did
* not match requested tag, or another specific ASN.1 error code. * not match requested tag, or another specific ASN.1 error code.
*/ */
int asn1_get_tag( unsigned char **p, int mbedtls_asn1_get_tag( unsigned char **p,
const unsigned char *end, const unsigned char *end,
size_t *len, int tag ); size_t *len, int tag );
@ -199,7 +199,7 @@ int asn1_get_tag( unsigned char **p,
* *
* \return 0 if successful or a specific ASN.1 error code. * \return 0 if successful or a specific ASN.1 error code.
*/ */
int asn1_get_bool( unsigned char **p, int mbedtls_asn1_get_bool( unsigned char **p,
const unsigned char *end, const unsigned char *end,
int *val ); int *val );
@ -213,7 +213,7 @@ int asn1_get_bool( unsigned char **p,
* *
* \return 0 if successful or a specific ASN.1 error code. * \return 0 if successful or a specific ASN.1 error code.
*/ */
int asn1_get_int( unsigned char **p, int mbedtls_asn1_get_int( unsigned char **p,
const unsigned char *end, const unsigned char *end,
int *val ); int *val );
@ -227,8 +227,8 @@ int asn1_get_int( unsigned char **p,
* *
* \return 0 if successful or a specific ASN.1 error code. * \return 0 if successful or a specific ASN.1 error code.
*/ */
int asn1_get_bitstring( unsigned char **p, const unsigned char *end, int mbedtls_asn1_get_bitstring( unsigned char **p, const unsigned char *end,
asn1_bitstring *bs); mbedtls_asn1_bitstring *bs);
/** /**
* \brief Retrieve a bitstring ASN.1 tag without unused bits and its * \brief Retrieve a bitstring ASN.1 tag without unused bits and its
@ -241,7 +241,7 @@ int asn1_get_bitstring( unsigned char **p, const unsigned char *end,
* *
* \return 0 if successful or a specific ASN.1 error code. * \return 0 if successful or a specific ASN.1 error code.
*/ */
int asn1_get_bitstring_null( unsigned char **p, const unsigned char *end, int mbedtls_asn1_get_bitstring_null( unsigned char **p, const unsigned char *end,
size_t *len ); size_t *len );
/** /**
@ -255,12 +255,12 @@ int asn1_get_bitstring_null( unsigned char **p, const unsigned char *end,
* *
* \return 0 if successful or a specific ASN.1 error code. * \return 0 if successful or a specific ASN.1 error code.
*/ */
int asn1_get_sequence_of( unsigned char **p, int mbedtls_asn1_get_sequence_of( unsigned char **p,
const unsigned char *end, const unsigned char *end,
asn1_sequence *cur, mbedtls_asn1_sequence *cur,
int tag); int tag);
#if defined(POLARSSL_BIGNUM_C) #if defined(MBEDTLS_BIGNUM_C)
/** /**
* \brief Retrieve a MPI value from an integer ASN.1 tag. * \brief Retrieve a MPI value from an integer ASN.1 tag.
* Updates the pointer to immediately behind the full tag. * Updates the pointer to immediately behind the full tag.
@ -271,10 +271,10 @@ int asn1_get_sequence_of( unsigned char **p,
* *
* \return 0 if successful or a specific ASN.1 or MPI error code. * \return 0 if successful or a specific ASN.1 or MPI error code.
*/ */
int asn1_get_mpi( unsigned char **p, int mbedtls_asn1_get_mpi( unsigned char **p,
const unsigned char *end, const unsigned char *end,
mpi *X ); mbedtls_mpi *X );
#endif /* POLARSSL_BIGNUM_C */ #endif /* MBEDTLS_BIGNUM_C */
/** /**
* \brief Retrieve an AlgorithmIdentifier ASN.1 sequence. * \brief Retrieve an AlgorithmIdentifier ASN.1 sequence.
@ -288,9 +288,9 @@ int asn1_get_mpi( unsigned char **p,
* *
* \return 0 if successful or a specific ASN.1 or MPI error code. * \return 0 if successful or a specific ASN.1 or MPI error code.
*/ */
int asn1_get_alg( unsigned char **p, int mbedtls_asn1_get_alg( unsigned char **p,
const unsigned char *end, const unsigned char *end,
asn1_buf *alg, asn1_buf *params ); mbedtls_asn1_buf *alg, mbedtls_asn1_buf *params );
/** /**
* \brief Retrieve an AlgorithmIdentifier ASN.1 sequence with NULL or no * \brief Retrieve an AlgorithmIdentifier ASN.1 sequence with NULL or no
@ -304,9 +304,9 @@ int asn1_get_alg( unsigned char **p,
* *
* \return 0 if successful or a specific ASN.1 or MPI error code. * \return 0 if successful or a specific ASN.1 or MPI error code.
*/ */
int asn1_get_alg_null( unsigned char **p, int mbedtls_asn1_get_alg_null( unsigned char **p,
const unsigned char *end, const unsigned char *end,
asn1_buf *alg ); mbedtls_asn1_buf *alg );
/** /**
* \brief Find a specific named_data entry in a sequence or list based on * \brief Find a specific named_data entry in a sequence or list based on
@ -318,23 +318,23 @@ int asn1_get_alg_null( unsigned char **p,
* *
* \return NULL if not found, or a pointer to the existing entry. * \return NULL if not found, or a pointer to the existing entry.
*/ */
asn1_named_data *asn1_find_named_data( asn1_named_data *list, mbedtls_asn1_named_data *mbedtls_asn1_find_named_data( mbedtls_asn1_named_data *list,
const char *oid, size_t len ); const char *oid, size_t len );
/** /**
* \brief Free a asn1_named_data entry * \brief Free a mbedtls_asn1_named_data entry
* *
* \param entry The named data entry to free * \param entry The named data entry to free
*/ */
void asn1_free_named_data( asn1_named_data *entry ); void mbedtls_asn1_free_named_data( mbedtls_asn1_named_data *entry );
/** /**
* \brief Free all entries in a asn1_named_data list * \brief Free all entries in a mbedtls_asn1_named_data list
* Head will be set to NULL * Head will be set to NULL
* *
* \param head Pointer to the head of the list of named data entries to free * \param head Pointer to the head of the list of named data entries to free
*/ */
void asn1_free_named_data_list( asn1_named_data **head ); void mbedtls_asn1_free_named_data_list( mbedtls_asn1_named_data **head );
#ifdef __cplusplus #ifdef __cplusplus
} }

58
include/mbedtls/asn1write.h
View File

@ -21,12 +21,12 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_ASN1_WRITE_H #ifndef MBEDTLS_ASN1_WRITE_H
#define POLARSSL_ASN1_WRITE_H #define MBEDTLS_ASN1_WRITE_H
#include "asn1.h" #include "asn1.h"
#define ASN1_CHK_ADD(g, f) do { if( ( ret = f ) < 0 ) return( ret ); else \ #define MBEDTLS_ASN1_CHK_ADD(g, f) do { if( ( ret = f ) < 0 ) return( ret ); else \
g += ret; } while( 0 ) g += ret; } while( 0 )
#ifdef __cplusplus #ifdef __cplusplus
@ -43,7 +43,7 @@ extern "C" {
* *
* \return the length written or a negative error code * \return the length written or a negative error code
*/ */
int asn1_write_len( unsigned char **p, unsigned char *start, size_t len ); int mbedtls_asn1_write_len( unsigned char **p, unsigned char *start, size_t len );
/** /**
* \brief Write a ASN.1 tag in ASN.1 format * \brief Write a ASN.1 tag in ASN.1 format
@ -55,7 +55,7 @@ int asn1_write_len( unsigned char **p, unsigned char *start, size_t len );
* *
* \return the length written or a negative error code * \return the length written or a negative error code
*/ */
int asn1_write_tag( unsigned char **p, unsigned char *start, int mbedtls_asn1_write_tag( unsigned char **p, unsigned char *start,
unsigned char tag ); unsigned char tag );
/** /**
@ -69,12 +69,12 @@ int asn1_write_tag( unsigned char **p, unsigned char *start,
* *
* \return the length written or a negative error code * \return the length written or a negative error code
*/ */
int asn1_write_raw_buffer( unsigned char **p, unsigned char *start, int mbedtls_asn1_write_raw_buffer( unsigned char **p, unsigned char *start,
const unsigned char *buf, size_t size ); const unsigned char *buf, size_t size );
#if defined(POLARSSL_BIGNUM_C) #if defined(MBEDTLS_BIGNUM_C)
/** /**
* \brief Write a big number (ASN1_INTEGER) in ASN.1 format * \brief Write a big number (MBEDTLS_ASN1_INTEGER) in ASN.1 format
* Note: function works backwards in data buffer * Note: function works backwards in data buffer
* *
* \param p reference to current position pointer * \param p reference to current position pointer
@ -83,11 +83,11 @@ int asn1_write_raw_buffer( unsigned char **p, unsigned char *start,
* *
* \return the length written or a negative error code * \return the length written or a negative error code
*/ */
int asn1_write_mpi( unsigned char **p, unsigned char *start, const mpi *X ); int mbedtls_asn1_write_mpi( unsigned char **p, unsigned char *start, const mbedtls_mpi *X );
#endif /* POLARSSL_BIGNUM_C */ #endif /* MBEDTLS_BIGNUM_C */
/** /**
* \brief Write a NULL tag (ASN1_NULL) with zero data in ASN.1 format * \brief Write a NULL tag (MBEDTLS_ASN1_NULL) with zero data in ASN.1 format
* Note: function works backwards in data buffer * Note: function works backwards in data buffer
* *
* \param p reference to current position pointer * \param p reference to current position pointer
@ -95,10 +95,10 @@ int asn1_write_mpi( unsigned char **p, unsigned char *start, const mpi *X );
* *
* \return the length written or a negative error code * \return the length written or a negative error code
*/ */
int asn1_write_null( unsigned char **p, unsigned char *start ); int mbedtls_asn1_write_null( unsigned char **p, unsigned char *start );
/** /**
* \brief Write an OID tag (ASN1_OID) and data in ASN.1 format * \brief Write an OID tag (MBEDTLS_ASN1_OID) and data in ASN.1 format
* Note: function works backwards in data buffer * Note: function works backwards in data buffer
* *
* \param p reference to current position pointer * \param p reference to current position pointer
@ -108,7 +108,7 @@ int asn1_write_null( unsigned char **p, unsigned char *start );
* *
* \return the length written or a negative error code * \return the length written or a negative error code
*/ */
int asn1_write_oid( unsigned char **p, unsigned char *start, int mbedtls_asn1_write_oid( unsigned char **p, unsigned char *start,
const char *oid, size_t oid_len ); const char *oid, size_t oid_len );
/** /**
@ -124,12 +124,12 @@ int asn1_write_oid( unsigned char **p, unsigned char *start,
* *
* \return the length written or a negative error code * \return the length written or a negative error code
*/ */
int asn1_write_algorithm_identifier( unsigned char **p, unsigned char *start, int mbedtls_asn1_write_algorithm_identifier( unsigned char **p, unsigned char *start,
const char *oid, size_t oid_len, const char *oid, size_t oid_len,
size_t par_len ); size_t par_len );
/** /**
* \brief Write a boolean tag (ASN1_BOOLEAN) and value in ASN.1 format * \brief Write a boolean tag (MBEDTLS_ASN1_BOOLEAN) and value in ASN.1 format
* Note: function works backwards in data buffer * Note: function works backwards in data buffer
* *
* \param p reference to current position pointer * \param p reference to current position pointer
@ -138,10 +138,10 @@ int asn1_write_algorithm_identifier( unsigned char **p, unsigned char *start,
* *
* \return the length written or a negative error code * \return the length written or a negative error code
*/ */
int asn1_write_bool( unsigned char **p, unsigned char *start, int boolean ); int mbedtls_asn1_write_bool( unsigned char **p, unsigned char *start, int boolean );
/** /**
* \brief Write an int tag (ASN1_INTEGER) and value in ASN.1 format * \brief Write an int tag (MBEDTLS_ASN1_INTEGER) and value in ASN.1 format
* Note: function works backwards in data buffer * Note: function works backwards in data buffer
* *
* \param p reference to current position pointer * \param p reference to current position pointer
@ -150,10 +150,10 @@ int asn1_write_bool( unsigned char **p, unsigned char *start, int boolean );
* *
* \return the length written or a negative error code * \return the length written or a negative error code
*/ */
int asn1_write_int( unsigned char **p, unsigned char *start, int val ); int mbedtls_asn1_write_int( unsigned char **p, unsigned char *start, int val );
/** /**
* \brief Write a printable string tag (ASN1_PRINTABLE_STRING) and * \brief Write a printable string tag (MBEDTLS_ASN1_PRINTABLE_STRING) and
* value in ASN.1 format * value in ASN.1 format
* Note: function works backwards in data buffer * Note: function works backwards in data buffer
* *
@ -164,11 +164,11 @@ int asn1_write_int( unsigned char **p, unsigned char *start, int val );
* *
* \return the length written or a negative error code * \return the length written or a negative error code
*/ */
int asn1_write_printable_string( unsigned char **p, unsigned char *start, int mbedtls_asn1_write_printable_string( unsigned char **p, unsigned char *start,
const char *text, size_t text_len ); const char *text, size_t text_len );
/** /**
* \brief Write an IA5 string tag (ASN1_IA5_STRING) and * \brief Write an IA5 string tag (MBEDTLS_ASN1_IA5_STRING) and
* value in ASN.1 format * value in ASN.1 format
* Note: function works backwards in data buffer * Note: function works backwards in data buffer
* *
@ -179,11 +179,11 @@ int asn1_write_printable_string( unsigned char **p, unsigned char *start,
* *
* \return the length written or a negative error code * \return the length written or a negative error code
*/ */
int asn1_write_ia5_string( unsigned char **p, unsigned char *start, int mbedtls_asn1_write_ia5_string( unsigned char **p, unsigned char *start,
const char *text, size_t text_len ); const char *text, size_t text_len );
/** /**
* \brief Write a bitstring tag (ASN1_BIT_STRING) and * \brief Write a bitstring tag (MBEDTLS_ASN1_BIT_STRING) and
* value in ASN.1 format * value in ASN.1 format
* Note: function works backwards in data buffer * Note: function works backwards in data buffer
* *
@ -194,11 +194,11 @@ int asn1_write_ia5_string( unsigned char **p, unsigned char *start,
* *
* \return the length written or a negative error code * \return the length written or a negative error code
*/ */
int asn1_write_bitstring( unsigned char **p, unsigned char *start, int mbedtls_asn1_write_bitstring( unsigned char **p, unsigned char *start,
const unsigned char *buf, size_t bits ); const unsigned char *buf, size_t bits );
/** /**
* \brief Write an octet string tag (ASN1_OCTET_STRING) and * \brief Write an octet string tag (MBEDTLS_ASN1_OCTET_STRING) and
* value in ASN.1 format * value in ASN.1 format
* Note: function works backwards in data buffer * Note: function works backwards in data buffer
* *
@ -209,7 +209,7 @@ int asn1_write_bitstring( unsigned char **p, unsigned char *start,
* *
* \return the length written or a negative error code * \return the length written or a negative error code
*/ */
int asn1_write_octet_string( unsigned char **p, unsigned char *start, int mbedtls_asn1_write_octet_string( unsigned char **p, unsigned char *start,
const unsigned char *buf, size_t size ); const unsigned char *buf, size_t size );
/** /**
@ -228,7 +228,7 @@ int asn1_write_octet_string( unsigned char **p, unsigned char *start,
* \return NULL if if there was a memory allocation error, or a pointer * \return NULL if if there was a memory allocation error, or a pointer
* to the new / existing entry. * to the new / existing entry.
*/ */
asn1_named_data *asn1_store_named_data( asn1_named_data **list, mbedtls_asn1_named_data *mbedtls_asn1_store_named_data( mbedtls_asn1_named_data **list,
const char *oid, size_t oid_len, const char *oid, size_t oid_len,
const unsigned char *val, const unsigned char *val,
size_t val_len ); size_t val_len );
@ -237,4 +237,4 @@ asn1_named_data *asn1_store_named_data( asn1_named_data **list,
} }
#endif #endif
#endif /* POLARSSL_ASN1_WRITE_H */ #endif /* MBEDTLS_ASN1_WRITE_H */

20
include/mbedtls/base64.h
View File

@ -21,13 +21,13 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_BASE64_H #ifndef MBEDTLS_BASE64_H
#define POLARSSL_BASE64_H #define MBEDTLS_BASE64_H
#include <stddef.h> #include <stddef.h>
#define POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL -0x002A /**< Output buffer too small. */ #define MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL -0x002A /**< Output buffer too small. */
#define POLARSSL_ERR_BASE64_INVALID_CHARACTER -0x002C /**< Invalid character in input. */ #define MBEDTLS_ERR_BASE64_INVALID_CHARACTER -0x002C /**< Invalid character in input. */
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
@ -41,14 +41,14 @@ extern "C" {
* \param src source buffer * \param src source buffer
* \param slen amount of data to be encoded * \param slen amount of data to be encoded
* *
* \return 0 if successful, or POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL. * \return 0 if successful, or MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL.
* *dlen is always updated to reflect the amount * *dlen is always updated to reflect the amount
* of data that has (or would have) been written. * of data that has (or would have) been written.
* *
* \note Call this function with *dlen = 0 to obtain the * \note Call this function with *dlen = 0 to obtain the
* required buffer size in *dlen * required buffer size in *dlen
*/ */
int base64_encode( unsigned char *dst, size_t *dlen, int mbedtls_base64_encode( unsigned char *dst, size_t *dlen,
const unsigned char *src, size_t slen ); const unsigned char *src, size_t slen );
/** /**
@ -59,15 +59,15 @@ int base64_encode( unsigned char *dst, size_t *dlen,
* \param src source buffer * \param src source buffer
* \param slen amount of data to be decoded * \param slen amount of data to be decoded
* *
* \return 0 if successful, POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL, or * \return 0 if successful, MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL, or
* POLARSSL_ERR_BASE64_INVALID_CHARACTER if the input data is * MBEDTLS_ERR_BASE64_INVALID_CHARACTER if the input data is
* not correct. *dlen is always updated to reflect the amount * not correct. *dlen is always updated to reflect the amount
* of data that has (or would have) been written. * of data that has (or would have) been written.
* *
* \note Call this function with *dst = NULL or *dlen = 0 to obtain * \note Call this function with *dst = NULL or *dlen = 0 to obtain
* the required buffer size in *dlen * the required buffer size in *dlen
*/ */
int base64_decode( unsigned char *dst, size_t *dlen, int mbedtls_base64_decode( unsigned char *dst, size_t *dlen,
const unsigned char *src, size_t slen ); const unsigned char *src, size_t slen );
/** /**
@ -75,7 +75,7 @@ int base64_decode( unsigned char *dst, size_t *dlen,
* *
* \return 0 if successful, or 1 if the test failed * \return 0 if successful, or 1 if the test failed
*/ */
int base64_self_test( int verbose ); int mbedtls_base64_self_test( int verbose );
#ifdef __cplusplus #ifdef __cplusplus
} }

330
include/mbedtls/bignum.h
View File

@ -21,18 +21,18 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_BIGNUM_H #ifndef MBEDTLS_BIGNUM_H
#define POLARSSL_BIGNUM_H #define MBEDTLS_BIGNUM_H
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h" #include "config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#include <stddef.h> #include <stddef.h>
#if defined(POLARSSL_FS_IO) #if defined(MBEDTLS_FS_IO)
#include <stdio.h> #include <stdio.h>
#endif #endif
@ -53,124 +53,124 @@ typedef UINT64 uint64_t;
#include <inttypes.h> #include <inttypes.h>
#endif /* _MSC_VER && !EFIX64 && !EFI32 */ #endif /* _MSC_VER && !EFIX64 && !EFI32 */
#define POLARSSL_ERR_MPI_FILE_IO_ERROR -0x0002 /**< An error occurred while reading from or writing to a file. */ #define MBEDTLS_ERR_MPI_FILE_IO_ERROR -0x0002 /**< An error occurred while reading from or writing to a file. */
#define POLARSSL_ERR_MPI_BAD_INPUT_DATA -0x0004 /**< Bad input parameters to function. */ #define MBEDTLS_ERR_MPI_BAD_INPUT_DATA -0x0004 /**< Bad input parameters to function. */
#define POLARSSL_ERR_MPI_INVALID_CHARACTER -0x0006 /**< There is an invalid character in the digit string. */ #define MBEDTLS_ERR_MPI_INVALID_CHARACTER -0x0006 /**< There is an invalid character in the digit string. */
#define POLARSSL_ERR_MPI_BUFFER_TOO_SMALL -0x0008 /**< The buffer is too small to write to. */ #define MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL -0x0008 /**< The buffer is too small to write to. */
#define POLARSSL_ERR_MPI_NEGATIVE_VALUE -0x000A /**< The input arguments are negative or result in illegal output. */ #define MBEDTLS_ERR_MPI_NEGATIVE_VALUE -0x000A /**< The input arguments are negative or result in illegal output. */
#define POLARSSL_ERR_MPI_DIVISION_BY_ZERO -0x000C /**< The input argument for division is zero, which is not allowed. */ #define MBEDTLS_ERR_MPI_DIVISION_BY_ZERO -0x000C /**< The input argument for division is zero, which is not allowed. */
#define POLARSSL_ERR_MPI_NOT_ACCEPTABLE -0x000E /**< The input arguments are not acceptable. */ #define MBEDTLS_ERR_MPI_NOT_ACCEPTABLE -0x000E /**< The input arguments are not acceptable. */
#define POLARSSL_ERR_MPI_MALLOC_FAILED -0x0010 /**< Memory allocation failed. */ #define MBEDTLS_ERR_MPI_MALLOC_FAILED -0x0010 /**< Memory allocation failed. */
#define MPI_CHK(f) do { if( ( ret = f ) != 0 ) goto cleanup; } while( 0 ) #define MBEDTLS_MPI_CHK(f) do { if( ( ret = f ) != 0 ) goto cleanup; } while( 0 )
/* /*
* Maximum size MPIs are allowed to grow to in number of limbs. * Maximum size MPIs are allowed to grow to in number of limbs.
*/ */
#define POLARSSL_MPI_MAX_LIMBS 10000 #define MBEDTLS_MPI_MAX_LIMBS 10000
#if !defined(POLARSSL_MPI_WINDOW_SIZE) #if !defined(MBEDTLS_MPI_WINDOW_SIZE)
/* /*
* Maximum window size used for modular exponentiation. Default: 6 * Maximum window size used for modular exponentiation. Default: 6
* Minimum value: 1. Maximum value: 6. * Minimum value: 1. Maximum value: 6.
* *
* Result is an array of ( 2 << POLARSSL_MPI_WINDOW_SIZE ) MPIs used * Result is an array of ( 2 << MBEDTLS_MPI_WINDOW_SIZE ) MPIs used
* for the sliding window calculation. (So 64 by default) * for the sliding window calculation. (So 64 by default)
* *
* Reduction in size, reduces speed. * Reduction in size, reduces speed.
*/ */
#define POLARSSL_MPI_WINDOW_SIZE 6 /**< Maximum windows size used. */ #define MBEDTLS_MPI_WINDOW_SIZE 6 /**< Maximum windows size used. */
#endif /* !POLARSSL_MPI_WINDOW_SIZE */ #endif /* !MBEDTLS_MPI_WINDOW_SIZE */
#if !defined(POLARSSL_MPI_MAX_SIZE) #if !defined(MBEDTLS_MPI_MAX_SIZE)
/* /*
* Maximum size of MPIs allowed in bits and bytes for user-MPIs. * Maximum size of MPIs allowed in bits and bytes for user-MPIs.
* ( Default: 512 bytes => 4096 bits, Maximum tested: 2048 bytes => 16384 bits ) * ( Default: 512 bytes => 4096 bits, Maximum tested: 2048 bytes => 16384 bits )
* *
* Note: Calculations can results temporarily in larger MPIs. So the number * Note: Calculations can results temporarily in larger MPIs. So the number
* of limbs required (POLARSSL_MPI_MAX_LIMBS) is higher. * of limbs required (MBEDTLS_MPI_MAX_LIMBS) is higher.
*/ */
#define POLARSSL_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */ #define MBEDTLS_MPI_MAX_SIZE 1024 /**< Maximum number of bytes for usable MPIs. */
#endif /* !POLARSSL_MPI_MAX_SIZE */ #endif /* !MBEDTLS_MPI_MAX_SIZE */
#define POLARSSL_MPI_MAX_BITS ( 8 * POLARSSL_MPI_MAX_SIZE ) /**< Maximum number of bits for usable MPIs. */ #define MBEDTLS_MPI_MAX_BITS ( 8 * MBEDTLS_MPI_MAX_SIZE ) /**< Maximum number of bits for usable MPIs. */
/* /*
* When reading from files with mpi_read_file() and writing to files with * When reading from files with mbedtls_mpi_read_file() and writing to files with
* mpi_write_file() the buffer should have space * mbedtls_mpi_write_file() the buffer should have space
* for a (short) label, the MPI (in the provided radix), the newline * for a (short) label, the MPI (in the provided radix), the newline
* characters and the '\0'. * characters and the '\0'.
* *
* By default we assume at least a 10 char label, a minimum radix of 10 * By default we assume at least a 10 char label, a minimum radix of 10
* (decimal) and a maximum of 4096 bit numbers (1234 decimal chars). * (decimal) and a maximum of 4096 bit numbers (1234 decimal chars).
* Autosized at compile time for at least a 10 char label, a minimum radix * Autosized at compile time for at least a 10 char label, a minimum radix
* of 10 (decimal) for a number of POLARSSL_MPI_MAX_BITS size. * of 10 (decimal) for a number of MBEDTLS_MPI_MAX_BITS size.
* *
* This used to be statically sized to 1250 for a maximum of 4096 bit * This used to be statically sized to 1250 for a maximum of 4096 bit
* numbers (1234 decimal chars). * numbers (1234 decimal chars).
* *
* Calculate using the formula: * Calculate using the formula:
* POLARSSL_MPI_RW_BUFFER_SIZE = ceil(POLARSSL_MPI_MAX_BITS / ln(10) * ln(2)) + * MBEDTLS_MPI_RW_BUFFER_SIZE = ceil(MBEDTLS_MPI_MAX_BITS / ln(10) * ln(2)) +
* LabelSize + 6 * LabelSize + 6
*/ */
#define POLARSSL_MPI_MAX_BITS_SCALE100 ( 100 * POLARSSL_MPI_MAX_BITS ) #define MBEDTLS_MPI_MAX_BITS_SCALE100 ( 100 * MBEDTLS_MPI_MAX_BITS )
#define LN_2_DIV_LN_10_SCALE100 332 #define MBEDTLS_LN_2_DIV_LN_10_SCALE100 332
#define POLARSSL_MPI_RW_BUFFER_SIZE ( ((POLARSSL_MPI_MAX_BITS_SCALE100 + LN_2_DIV_LN_10_SCALE100 - 1) / LN_2_DIV_LN_10_SCALE100) + 10 + 6 ) #define MBEDTLS_MPI_RW_BUFFER_SIZE ( ((MBEDTLS_MPI_MAX_BITS_SCALE100 + MBEDTLS_LN_2_DIV_LN_10_SCALE100 - 1) / MBEDTLS_LN_2_DIV_LN_10_SCALE100) + 10 + 6 )
/* /*
* Define the base integer type, architecture-wise * Define the base integer type, architecture-wise
*/ */
#if defined(POLARSSL_HAVE_INT8) #if defined(MBEDTLS_HAVE_INT8)
typedef signed char t_sint; typedef signed char mbedtls_mpi_sint;
typedef unsigned char t_uint; typedef unsigned char mbedtls_mpi_uint;
typedef uint16_t t_udbl; typedef uint16_t mbedtls_t_udbl;
#define POLARSSL_HAVE_UDBL #define MBEDTLS_HAVE_UDBL
#else #else
#if defined(POLARSSL_HAVE_INT16) #if defined(MBEDTLS_HAVE_INT16)
typedef int16_t t_sint; typedef int16_t mbedtls_mpi_sint;
typedef uint16_t t_uint; typedef uint16_t mbedtls_mpi_uint;
typedef uint32_t t_udbl; typedef uint32_t mbedtls_t_udbl;
#define POLARSSL_HAVE_UDBL #define MBEDTLS_HAVE_UDBL
#else #else
/* /*
* 32-bit integers can be forced on 64-bit arches (eg. for testing purposes) * 32-bit integers can be forced on 64-bit arches (eg. for testing purposes)
* by defining POLARSSL_HAVE_INT32 and undefining POLARSSL_HAVE_ASM * by defining MBEDTLS_HAVE_INT32 and undefining MBEDTLS_HAVE_ASM
*/ */
#if ( ! defined(POLARSSL_HAVE_INT32) && \ #if ( ! defined(MBEDTLS_HAVE_INT32) && \
defined(_MSC_VER) && defined(_M_AMD64) ) defined(_MSC_VER) && defined(_M_AMD64) )
#define POLARSSL_HAVE_INT64 #define MBEDTLS_HAVE_INT64
typedef int64_t t_sint; typedef int64_t mbedtls_mpi_sint;
typedef uint64_t t_uint; typedef uint64_t mbedtls_mpi_uint;
#else #else
#if ( ! defined(POLARSSL_HAVE_INT32) && \ #if ( ! defined(MBEDTLS_HAVE_INT32) && \
defined(__GNUC__) && ( \ defined(__GNUC__) && ( \
defined(__amd64__) || defined(__x86_64__) || \ defined(__amd64__) || defined(__x86_64__) || \
defined(__ppc64__) || defined(__powerpc64__) || \ defined(__ppc64__) || defined(__powerpc64__) || \
defined(__ia64__) || defined(__alpha__) || \ defined(__ia64__) || defined(__alpha__) || \
(defined(__sparc__) && defined(__arch64__)) || \ (defined(__sparc__) && defined(__arch64__)) || \
defined(__s390x__) || defined(__mips64) ) ) defined(__s390x__) || defined(__mips64) ) )
#define POLARSSL_HAVE_INT64 #define MBEDTLS_HAVE_INT64
typedef int64_t t_sint; typedef int64_t mbedtls_mpi_sint;
typedef uint64_t t_uint; typedef uint64_t mbedtls_mpi_uint;
typedef unsigned int t_udbl __attribute__((mode(TI))); typedef unsigned int mbedtls_t_udbl __attribute__((mode(TI)));
#define POLARSSL_HAVE_UDBL #define MBEDTLS_HAVE_UDBL
#else #else
#define POLARSSL_HAVE_INT32 #define MBEDTLS_HAVE_INT32
typedef int32_t t_sint; typedef int32_t mbedtls_mpi_sint;
typedef uint32_t t_uint; typedef uint32_t mbedtls_mpi_uint;
#if ( defined(_MSC_VER) && defined(_M_IX86) ) #if ( defined(_MSC_VER) && defined(_M_IX86) )
typedef uint64_t t_udbl; typedef uint64_t mbedtls_t_udbl;
#define POLARSSL_HAVE_UDBL #define MBEDTLS_HAVE_UDBL
#else #else
#if defined( POLARSSL_HAVE_LONGLONG ) #if defined( MBEDTLS_HAVE_LONGLONG )
typedef unsigned long long t_udbl; typedef unsigned long long mbedtls_t_udbl;
#define POLARSSL_HAVE_UDBL #define MBEDTLS_HAVE_UDBL
#endif #endif
#endif #endif
#endif /* !POLARSSL_HAVE_INT32 && __GNUC__ && 64-bit platform */ #endif /* !MBEDTLS_HAVE_INT32 && __GNUC__ && 64-bit platform */
#endif /* !POLARSSL_HAVE_INT32 && _MSC_VER && _M_AMD64 */ #endif /* !MBEDTLS_HAVE_INT32 && _MSC_VER && _M_AMD64 */
#endif /* POLARSSL_HAVE_INT16 */ #endif /* MBEDTLS_HAVE_INT16 */
#endif /* POLARSSL_HAVE_INT8 */ #endif /* MBEDTLS_HAVE_INT8 */
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
@ -183,23 +183,23 @@ typedef struct
{ {
int s; /*!< integer sign */ int s; /*!< integer sign */
size_t n; /*!< total # of limbs */ size_t n; /*!< total # of limbs */
t_uint *p; /*!< pointer to limbs */ mbedtls_mpi_uint *p; /*!< pointer to limbs */
} }
mpi; mbedtls_mpi;
/** /**
* \brief Initialize one MPI * \brief Initialize one MPI
* *
* \param X One MPI to initialize. * \param X One MPI to initialize.
*/ */
void mpi_init( mpi *X ); void mbedtls_mpi_init( mbedtls_mpi *X );
/** /**
* \brief Unallocate one MPI * \brief Unallocate one MPI
* *
* \param X One MPI to unallocate. * \param X One MPI to unallocate.
*/ */
void mpi_free( mpi *X ); void mbedtls_mpi_free( mbedtls_mpi *X );
/** /**
* \brief Enlarge to the specified number of limbs * \brief Enlarge to the specified number of limbs
@ -208,9 +208,9 @@ void mpi_free( mpi *X );
* \param nblimbs The target number of limbs * \param nblimbs The target number of limbs
* *
* \return 0 if successful, * \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed * MBEDTLS_ERR_MPI_MALLOC_FAILED if memory allocation failed
*/ */
int mpi_grow( mpi *X, size_t nblimbs ); int mbedtls_mpi_grow( mbedtls_mpi *X, size_t nblimbs );
/** /**
* \brief Resize down, keeping at least the specified number of limbs * \brief Resize down, keeping at least the specified number of limbs
@ -219,9 +219,9 @@ int mpi_grow( mpi *X, size_t nblimbs );
* \param nblimbs The minimum number of limbs to keep * \param nblimbs The minimum number of limbs to keep
* *
* \return 0 if successful, * \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed * MBEDTLS_ERR_MPI_MALLOC_FAILED if memory allocation failed
*/ */
int mpi_shrink( mpi *X, size_t nblimbs ); int mbedtls_mpi_shrink( mbedtls_mpi *X, size_t nblimbs );
/** /**
* \brief Copy the contents of Y into X * \brief Copy the contents of Y into X
@ -230,9 +230,9 @@ int mpi_shrink( mpi *X, size_t nblimbs );
* \param Y Source MPI * \param Y Source MPI
* *
* \return 0 if successful, * \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed * MBEDTLS_ERR_MPI_MALLOC_FAILED if memory allocation failed
*/ */
int mpi_copy( mpi *X, const mpi *Y ); int mbedtls_mpi_copy( mbedtls_mpi *X, const mbedtls_mpi *Y );
/** /**
* \brief Swap the contents of X and Y * \brief Swap the contents of X and Y
@ -240,7 +240,7 @@ int mpi_copy( mpi *X, const mpi *Y );
* \param X First MPI value * \param X First MPI value
* \param Y Second MPI value * \param Y Second MPI value
*/ */
void mpi_swap( mpi *X, mpi *Y ); void mbedtls_mpi_swap( mbedtls_mpi *X, mbedtls_mpi *Y );
/** /**
* \brief Safe conditional assignement X = Y if assign is 1 * \brief Safe conditional assignement X = Y if assign is 1
@ -250,35 +250,35 @@ void mpi_swap( mpi *X, mpi *Y );
* \param assign 1: perform the assignment, 0: keep X's original value * \param assign 1: perform the assignment, 0: keep X's original value
* *
* \return 0 if successful, * \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed, * MBEDTLS_ERR_MPI_MALLOC_FAILED if memory allocation failed,
* *
* \note This function is equivalent to * \note This function is equivalent to
* if( assign ) mpi_copy( X, Y ); * if( assign ) mbedtls_mpi_copy( X, Y );
* except that it avoids leaking any information about whether * except that it avoids leaking any information about whether
* the assignment was done or not (the above code may leak * the assignment was done or not (the above code may leak
* information through branch prediction and/or memory access * information through branch prediction and/or memory access
* patterns analysis). * patterns analysis).
*/ */
int mpi_safe_cond_assign( mpi *X, const mpi *Y, unsigned char assign ); int mbedtls_mpi_safe_cond_assign( mbedtls_mpi *X, const mbedtls_mpi *Y, unsigned char assign );
/** /**
* \brief Safe conditional swap X <-> Y if swap is 1 * \brief Safe conditional swap X <-> Y if swap is 1
* *
* \param X First mpi value * \param X First mbedtls_mpi value
* \param Y Second mpi value * \param Y Second mbedtls_mpi value
* \param assign 1: perform the swap, 0: keep X and Y's original values * \param assign 1: perform the swap, 0: keep X and Y's original values
* *
* \return 0 if successful, * \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed, * MBEDTLS_ERR_MPI_MALLOC_FAILED if memory allocation failed,
* *
* \note This function is equivalent to * \note This function is equivalent to
* if( assign ) mpi_swap( X, Y ); * if( assign ) mbedtls_mpi_swap( X, Y );
* except that it avoids leaking any information about whether * except that it avoids leaking any information about whether
* the assignment was done or not (the above code may leak * the assignment was done or not (the above code may leak
* information through branch prediction and/or memory access * information through branch prediction and/or memory access
* patterns analysis). * patterns analysis).
*/ */
int mpi_safe_cond_swap( mpi *X, mpi *Y, unsigned char assign ); int mbedtls_mpi_safe_cond_swap( mbedtls_mpi *X, mbedtls_mpi *Y, unsigned char assign );
/** /**
* \brief Set value from integer * \brief Set value from integer
@ -287,9 +287,9 @@ int mpi_safe_cond_swap( mpi *X, mpi *Y, unsigned char assign );
* \param z Value to use * \param z Value to use
* *
* \return 0 if successful, * \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed * MBEDTLS_ERR_MPI_MALLOC_FAILED if memory allocation failed
*/ */
int mpi_lset( mpi *X, t_sint z ); int mbedtls_mpi_lset( mbedtls_mpi *X, mbedtls_mpi_sint z );
/** /**
* \brief Get a specific bit from X * \brief Get a specific bit from X
@ -299,7 +299,7 @@ int mpi_lset( mpi *X, t_sint z );
* *
* \return Either a 0 or a 1 * \return Either a 0 or a 1
*/ */
int mpi_get_bit( const mpi *X, size_t pos ); int mbedtls_mpi_get_bit( const mbedtls_mpi *X, size_t pos );
/** /**
* \brief Set a bit of X to a specific value of 0 or 1 * \brief Set a bit of X to a specific value of 0 or 1
@ -312,10 +312,10 @@ int mpi_get_bit( const mpi *X, size_t pos );
* \param val The value to set the bit to (0 or 1) * \param val The value to set the bit to (0 or 1)
* *
* \return 0 if successful, * \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed, * MBEDTLS_ERR_MPI_MALLOC_FAILED if memory allocation failed,
* POLARSSL_ERR_MPI_BAD_INPUT_DATA if val is not 0 or 1 * MBEDTLS_ERR_MPI_BAD_INPUT_DATA if val is not 0 or 1
*/ */
int mpi_set_bit( mpi *X, size_t pos, unsigned char val ); int mbedtls_mpi_set_bit( mbedtls_mpi *X, size_t pos, unsigned char val );
/** /**
* \brief Return the number of zero-bits before the least significant * \brief Return the number of zero-bits before the least significant
@ -325,7 +325,7 @@ int mpi_set_bit( mpi *X, size_t pos, unsigned char val );
* *
* \param X MPI to use * \param X MPI to use
*/ */
size_t mpi_lsb( const mpi *X ); size_t mbedtls_mpi_lsb( const mbedtls_mpi *X );
/** /**
* \brief Return the number of bits up to and including the most * \brief Return the number of bits up to and including the most
@ -335,14 +335,14 @@ size_t mpi_lsb( const mpi *X );
* *
* \param X MPI to use * \param X MPI to use
*/ */
size_t mpi_msb( const mpi *X ); size_t mbedtls_mpi_msb( const mbedtls_mpi *X );
/** /**
* \brief Return the total size in bytes * \brief Return the total size in bytes
* *
* \param X MPI to use * \param X MPI to use
*/ */
size_t mpi_size( const mpi *X ); size_t mbedtls_mpi_size( const mbedtls_mpi *X );
/** /**
* \brief Import from an ASCII string * \brief Import from an ASCII string
@ -351,9 +351,9 @@ size_t mpi_size( const mpi *X );
* \param radix Input numeric base * \param radix Input numeric base
* \param s Null-terminated string buffer * \param s Null-terminated string buffer
* *
* \return 0 if successful, or a POLARSSL_ERR_MPI_XXX error code * \return 0 if successful, or a MBEDTLS_ERR_MPI_XXX error code
*/ */
int mpi_read_string( mpi *X, int radix, const char *s ); int mbedtls_mpi_read_string( mbedtls_mpi *X, int radix, const char *s );
/** /**
* \brief Export into an ASCII string * \brief Export into an ASCII string
@ -363,16 +363,16 @@ int mpi_read_string( mpi *X, int radix, const char *s );
* \param s String buffer * \param s String buffer
* \param slen String buffer size * \param slen String buffer size
* *
* \return 0 if successful, or a POLARSSL_ERR_MPI_XXX error code. * \return 0 if successful, or a MBEDTLS_ERR_MPI_XXX error code.
* *slen is always updated to reflect the amount * *slen is always updated to reflect the amount
* of data that has (or would have) been written. * of data that has (or would have) been written.
* *
* \note Call this function with *slen = 0 to obtain the * \note Call this function with *slen = 0 to obtain the
* minimum required buffer size in *slen. * minimum required buffer size in *slen.
*/ */
int mpi_write_string( const mpi *X, int radix, char *s, size_t *slen ); int mbedtls_mpi_write_string( const mbedtls_mpi *X, int radix, char *s, size_t *slen );
#if defined(POLARSSL_FS_IO) #if defined(MBEDTLS_FS_IO)
/** /**
* \brief Read X from an opened file * \brief Read X from an opened file
* *
@ -380,11 +380,11 @@ int mpi_write_string( const mpi *X, int radix, char *s, size_t *slen );
* \param radix Input numeric base * \param radix Input numeric base
* \param fin Input file handle * \param fin Input file handle
* *
* \return 0 if successful, POLARSSL_ERR_MPI_BUFFER_TOO_SMALL if * \return 0 if successful, MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL if
* the file read buffer is too small or a * the file read buffer is too small or a
* POLARSSL_ERR_MPI_XXX error code * MBEDTLS_ERR_MPI_XXX error code
*/ */
int mpi_read_file( mpi *X, int radix, FILE *fin ); int mbedtls_mpi_read_file( mbedtls_mpi *X, int radix, FILE *fin );
/** /**
* \brief Write X into an opened file, or stdout if fout is NULL * \brief Write X into an opened file, or stdout if fout is NULL
@ -394,12 +394,12 @@ int mpi_read_file( mpi *X, int radix, FILE *fin );
* \param radix Output numeric base * \param radix Output numeric base
* \param fout Output file handle (can be NULL) * \param fout Output file handle (can be NULL)
* *
* \return 0 if successful, or a POLARSSL_ERR_MPI_XXX error code * \return 0 if successful, or a MBEDTLS_ERR_MPI_XXX error code
* *
* \note Set fout == NULL to print X on the console. * \note Set fout == NULL to print X on the console.
*/ */
int mpi_write_file( const char *p, const mpi *X, int radix, FILE *fout ); int mbedtls_mpi_write_file( const char *p, const mbedtls_mpi *X, int radix, FILE *fout );
#endif /* POLARSSL_FS_IO */ #endif /* MBEDTLS_FS_IO */
/** /**
* \brief Import X from unsigned binary data, big endian * \brief Import X from unsigned binary data, big endian
@ -409,9 +409,9 @@ int mpi_write_file( const char *p, const mpi *X, int radix, FILE *fout );
* \param buflen Input buffer size * \param buflen Input buffer size
* *
* \return 0 if successful, * \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed * MBEDTLS_ERR_MPI_MALLOC_FAILED if memory allocation failed
*/ */
int mpi_read_binary( mpi *X, const unsigned char *buf, size_t buflen ); int mbedtls_mpi_read_binary( mbedtls_mpi *X, const unsigned char *buf, size_t buflen );
/** /**
* \brief Export X into unsigned binary data, big endian. * \brief Export X into unsigned binary data, big endian.
@ -423,9 +423,9 @@ int mpi_read_binary( mpi *X, const unsigned char *buf, size_t buflen );
* \param buflen Output buffer size * \param buflen Output buffer size
* *
* \return 0 if successful, * \return 0 if successful,
* POLARSSL_ERR_MPI_BUFFER_TOO_SMALL if buf isn't large enough * MBEDTLS_ERR_MPI_BUFFER_TOO_SMALL if buf isn't large enough
*/ */
int mpi_write_binary( const mpi *X, unsigned char *buf, size_t buflen ); int mbedtls_mpi_write_binary( const mbedtls_mpi *X, unsigned char *buf, size_t buflen );
/** /**
* \brief Left-shift: X <<= count * \brief Left-shift: X <<= count
@ -434,9 +434,9 @@ int mpi_write_binary( const mpi *X, unsigned char *buf, size_t buflen );
* \param count Amount to shift * \param count Amount to shift
* *
* \return 0 if successful, * \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed * MBEDTLS_ERR_MPI_MALLOC_FAILED if memory allocation failed
*/ */
int mpi_shift_l( mpi *X, size_t count ); int mbedtls_mpi_shift_l( mbedtls_mpi *X, size_t count );
/** /**
* \brief Right-shift: X >>= count * \brief Right-shift: X >>= count
@ -445,9 +445,9 @@ int mpi_shift_l( mpi *X, size_t count );
* \param count Amount to shift * \param count Amount to shift
* *
* \return 0 if successful, * \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed * MBEDTLS_ERR_MPI_MALLOC_FAILED if memory allocation failed
*/ */
int mpi_shift_r( mpi *X, size_t count ); int mbedtls_mpi_shift_r( mbedtls_mpi *X, size_t count );
/** /**
* \brief Compare unsigned values * \brief Compare unsigned values
@ -459,7 +459,7 @@ int mpi_shift_r( mpi *X, size_t count );
* -1 if |X| is lesser than |Y| or * -1 if |X| is lesser than |Y| or
* 0 if |X| is equal to |Y| * 0 if |X| is equal to |Y|
*/ */
int mpi_cmp_abs( const mpi *X, const mpi *Y ); int mbedtls_mpi_cmp_abs( const mbedtls_mpi *X, const mbedtls_mpi *Y );
/** /**
* \brief Compare signed values * \brief Compare signed values
@ -471,7 +471,7 @@ int mpi_cmp_abs( const mpi *X, const mpi *Y );
* -1 if X is lesser than Y or * -1 if X is lesser than Y or
* 0 if X is equal to Y * 0 if X is equal to Y
*/ */
int mpi_cmp_mpi( const mpi *X, const mpi *Y ); int mbedtls_mpi_cmp_mpi( const mbedtls_mpi *X, const mbedtls_mpi *Y );
/** /**
* \brief Compare signed values * \brief Compare signed values
@ -483,7 +483,7 @@ int mpi_cmp_mpi( const mpi *X, const mpi *Y );
* -1 if X is lesser than z or * -1 if X is lesser than z or
* 0 if X is equal to z * 0 if X is equal to z
*/ */
int mpi_cmp_int( const mpi *X, t_sint z ); int mbedtls_mpi_cmp_int( const mbedtls_mpi *X, mbedtls_mpi_sint z );
/** /**
* \brief Unsigned addition: X = |A| + |B| * \brief Unsigned addition: X = |A| + |B|
@ -493,9 +493,9 @@ int mpi_cmp_int( const mpi *X, t_sint z );
* \param B Right-hand MPI * \param B Right-hand MPI
* *
* \return 0 if successful, * \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed * MBEDTLS_ERR_MPI_MALLOC_FAILED if memory allocation failed
*/ */
int mpi_add_abs( mpi *X, const mpi *A, const mpi *B ); int mbedtls_mpi_add_abs( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B );
/** /**
* \brief Unsigned subtraction: X = |A| - |B| * \brief Unsigned subtraction: X = |A| - |B|
@ -505,9 +505,9 @@ int mpi_add_abs( mpi *X, const mpi *A, const mpi *B );
* \param B Right-hand MPI * \param B Right-hand MPI
* *
* \return 0 if successful, * \return 0 if successful,
* POLARSSL_ERR_MPI_NEGATIVE_VALUE if B is greater than A * MBEDTLS_ERR_MPI_NEGATIVE_VALUE if B is greater than A
*/ */
int mpi_sub_abs( mpi *X, const mpi *A, const mpi *B ); int mbedtls_mpi_sub_abs( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B );
/** /**
* \brief Signed addition: X = A + B * \brief Signed addition: X = A + B
@ -517,9 +517,9 @@ int mpi_sub_abs( mpi *X, const mpi *A, const mpi *B );
* \param B Right-hand MPI * \param B Right-hand MPI
* *
* \return 0 if successful, * \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed * MBEDTLS_ERR_MPI_MALLOC_FAILED if memory allocation failed
*/ */
int mpi_add_mpi( mpi *X, const mpi *A, const mpi *B ); int mbedtls_mpi_add_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B );
/** /**
* \brief Signed subtraction: X = A - B * \brief Signed subtraction: X = A - B
@ -529,9 +529,9 @@ int mpi_add_mpi( mpi *X, const mpi *A, const mpi *B );
* \param B Right-hand MPI * \param B Right-hand MPI
* *
* \return 0 if successful, * \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed * MBEDTLS_ERR_MPI_MALLOC_FAILED if memory allocation failed
*/ */
int mpi_sub_mpi( mpi *X, const mpi *A, const mpi *B ); int mbedtls_mpi_sub_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B );
/** /**
* \brief Signed addition: X = A + b * \brief Signed addition: X = A + b
@ -541,9 +541,9 @@ int mpi_sub_mpi( mpi *X, const mpi *A, const mpi *B );
* \param b The integer value to add * \param b The integer value to add
* *
* \return 0 if successful, * \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed * MBEDTLS_ERR_MPI_MALLOC_FAILED if memory allocation failed
*/ */
int mpi_add_int( mpi *X, const mpi *A, t_sint b ); int mbedtls_mpi_add_int( mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_sint b );
/** /**
* \brief Signed subtraction: X = A - b * \brief Signed subtraction: X = A - b
@ -553,9 +553,9 @@ int mpi_add_int( mpi *X, const mpi *A, t_sint b );
* \param b The integer value to subtract * \param b The integer value to subtract
* *
* \return 0 if successful, * \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed * MBEDTLS_ERR_MPI_MALLOC_FAILED if memory allocation failed
*/ */
int mpi_sub_int( mpi *X, const mpi *A, t_sint b ); int mbedtls_mpi_sub_int( mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_sint b );
/** /**
* \brief Baseline multiplication: X = A * B * \brief Baseline multiplication: X = A * B
@ -565,9 +565,9 @@ int mpi_sub_int( mpi *X, const mpi *A, t_sint b );
* \param B Right-hand MPI * \param B Right-hand MPI
* *
* \return 0 if successful, * \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed * MBEDTLS_ERR_MPI_MALLOC_FAILED if memory allocation failed
*/ */
int mpi_mul_mpi( mpi *X, const mpi *A, const mpi *B ); int mbedtls_mpi_mul_mpi( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *B );
/** /**
* \brief Baseline multiplication: X = A * b * \brief Baseline multiplication: X = A * b
@ -579,12 +579,12 @@ int mpi_mul_mpi( mpi *X, const mpi *A, const mpi *B );
* \note b is unsigned * \note b is unsigned
* *
* \return 0 if successful, * \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed * MBEDTLS_ERR_MPI_MALLOC_FAILED if memory allocation failed
*/ */
int mpi_mul_int( mpi *X, const mpi *A, t_uint b ); int mbedtls_mpi_mul_int( mbedtls_mpi *X, const mbedtls_mpi *A, mbedtls_mpi_uint b );
/** /**
* \brief Division by mpi: A = Q * B + R * \brief Division by mbedtls_mpi: A = Q * B + R
* *
* \param Q Destination MPI for the quotient * \param Q Destination MPI for the quotient
* \param R Destination MPI for the rest value * \param R Destination MPI for the rest value
@ -592,12 +592,12 @@ int mpi_mul_int( mpi *X, const mpi *A, t_uint b );
* \param B Right-hand MPI * \param B Right-hand MPI
* *
* \return 0 if successful, * \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed, * MBEDTLS_ERR_MPI_MALLOC_FAILED if memory allocation failed,
* POLARSSL_ERR_MPI_DIVISION_BY_ZERO if B == 0 * MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if B == 0
* *
* \note Either Q or R can be NULL. * \note Either Q or R can be NULL.
*/ */
int mpi_div_mpi( mpi *Q, mpi *R, const mpi *A, const mpi *B ); int mbedtls_mpi_div_mpi( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, const mbedtls_mpi *B );
/** /**
* \brief Division by int: A = Q * b + R * \brief Division by int: A = Q * b + R
@ -608,12 +608,12 @@ int mpi_div_mpi( mpi *Q, mpi *R, const mpi *A, const mpi *B );
* \param b Integer to divide by * \param b Integer to divide by
* *
* \return 0 if successful, * \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed, * MBEDTLS_ERR_MPI_MALLOC_FAILED if memory allocation failed,
* POLARSSL_ERR_MPI_DIVISION_BY_ZERO if b == 0 * MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if b == 0
* *
* \note Either Q or R can be NULL. * \note Either Q or R can be NULL.
*/ */
int mpi_div_int( mpi *Q, mpi *R, const mpi *A, t_sint b ); int mbedtls_mpi_div_int( mbedtls_mpi *Q, mbedtls_mpi *R, const mbedtls_mpi *A, mbedtls_mpi_sint b );
/** /**
* \brief Modulo: R = A mod B * \brief Modulo: R = A mod B
@ -623,25 +623,25 @@ int mpi_div_int( mpi *Q, mpi *R, const mpi *A, t_sint b );
* \param B Right-hand MPI * \param B Right-hand MPI
* *
* \return 0 if successful, * \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed, * MBEDTLS_ERR_MPI_MALLOC_FAILED if memory allocation failed,
* POLARSSL_ERR_MPI_DIVISION_BY_ZERO if B == 0, * MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if B == 0,
* POLARSSL_ERR_MPI_NEGATIVE_VALUE if B < 0 * MBEDTLS_ERR_MPI_NEGATIVE_VALUE if B < 0
*/ */
int mpi_mod_mpi( mpi *R, const mpi *A, const mpi *B ); int mbedtls_mpi_mod_mpi( mbedtls_mpi *R, const mbedtls_mpi *A, const mbedtls_mpi *B );
/** /**
* \brief Modulo: r = A mod b * \brief Modulo: r = A mod b
* *
* \param r Destination t_uint * \param r Destination mbedtls_mpi_uint
* \param A Left-hand MPI * \param A Left-hand MPI
* \param b Integer to divide by * \param b Integer to divide by
* *
* \return 0 if successful, * \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed, * MBEDTLS_ERR_MPI_MALLOC_FAILED if memory allocation failed,
* POLARSSL_ERR_MPI_DIVISION_BY_ZERO if b == 0, * MBEDTLS_ERR_MPI_DIVISION_BY_ZERO if b == 0,
* POLARSSL_ERR_MPI_NEGATIVE_VALUE if b < 0 * MBEDTLS_ERR_MPI_NEGATIVE_VALUE if b < 0
*/ */
int mpi_mod_int( t_uint *r, const mpi *A, t_sint b ); int mbedtls_mpi_mod_int( mbedtls_mpi_uint *r, const mbedtls_mpi *A, mbedtls_mpi_sint b );
/** /**
* \brief Sliding-window exponentiation: X = A^E mod N * \brief Sliding-window exponentiation: X = A^E mod N
@ -653,15 +653,15 @@ int mpi_mod_int( t_uint *r, const mpi *A, t_sint b );
* \param _RR Speed-up MPI used for recalculations * \param _RR Speed-up MPI used for recalculations
* *
* \return 0 if successful, * \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed, * MBEDTLS_ERR_MPI_MALLOC_FAILED if memory allocation failed,
* POLARSSL_ERR_MPI_BAD_INPUT_DATA if N is negative or even or * MBEDTLS_ERR_MPI_BAD_INPUT_DATA if N is negative or even or
* if E is negative * if E is negative
* *
* \note _RR is used to avoid re-computing R*R mod N across * \note _RR is used to avoid re-computing R*R mod N across
* multiple calls, which speeds up things a bit. It can * multiple calls, which speeds up things a bit. It can
* be set to NULL if the extra performance is unneeded. * be set to NULL if the extra performance is unneeded.
*/ */
int mpi_exp_mod( mpi *X, const mpi *A, const mpi *E, const mpi *N, mpi *_RR ); int mbedtls_mpi_exp_mod( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *E, const mbedtls_mpi *N, mbedtls_mpi *_RR );
/** /**
* \brief Fill an MPI X with size bytes of random * \brief Fill an MPI X with size bytes of random
@ -672,9 +672,9 @@ int mpi_exp_mod( mpi *X, const mpi *A, const mpi *E, const mpi *N, mpi *_RR );
* \param p_rng RNG parameter * \param p_rng RNG parameter
* *
* \return 0 if successful, * \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed * MBEDTLS_ERR_MPI_MALLOC_FAILED if memory allocation failed
*/ */
int mpi_fill_random( mpi *X, size_t size, int mbedtls_mpi_fill_random( mbedtls_mpi *X, size_t size,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng );
@ -686,9 +686,9 @@ int mpi_fill_random( mpi *X, size_t size,
* \param B Right-hand MPI * \param B Right-hand MPI
* *
* \return 0 if successful, * \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed * MBEDTLS_ERR_MPI_MALLOC_FAILED if memory allocation failed
*/ */
int mpi_gcd( mpi *G, const mpi *A, const mpi *B ); int mbedtls_mpi_gcd( mbedtls_mpi *G, const mbedtls_mpi *A, const mbedtls_mpi *B );
/** /**
* \brief Modular inverse: X = A^-1 mod N * \brief Modular inverse: X = A^-1 mod N
@ -698,11 +698,11 @@ int mpi_gcd( mpi *G, const mpi *A, const mpi *B );
* \param N Right-hand MPI * \param N Right-hand MPI
* *
* \return 0 if successful, * \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed, * MBEDTLS_ERR_MPI_MALLOC_FAILED if memory allocation failed,
* POLARSSL_ERR_MPI_BAD_INPUT_DATA if N is negative or nil * MBEDTLS_ERR_MPI_BAD_INPUT_DATA if N is negative or nil
POLARSSL_ERR_MPI_NOT_ACCEPTABLE if A has no inverse mod N MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if A has no inverse mod N
*/ */
int mpi_inv_mod( mpi *X, const mpi *A, const mpi *N ); int mbedtls_mpi_inv_mod( mbedtls_mpi *X, const mbedtls_mpi *A, const mbedtls_mpi *N );
/** /**
* \brief Miller-Rabin primality test * \brief Miller-Rabin primality test
@ -712,10 +712,10 @@ int mpi_inv_mod( mpi *X, const mpi *A, const mpi *N );
* \param p_rng RNG parameter * \param p_rng RNG parameter
* *
* \return 0 if successful (probably prime), * \return 0 if successful (probably prime),
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed, * MBEDTLS_ERR_MPI_MALLOC_FAILED if memory allocation failed,
* POLARSSL_ERR_MPI_NOT_ACCEPTABLE if X is not prime * MBEDTLS_ERR_MPI_NOT_ACCEPTABLE if X is not prime
*/ */
int mpi_is_prime( const mpi *X, int mbedtls_mpi_is_prime( const mbedtls_mpi *X,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng );
@ -724,16 +724,16 @@ int mpi_is_prime( const mpi *X,
* *
* \param X Destination MPI * \param X Destination MPI
* \param nbits Required size of X in bits * \param nbits Required size of X in bits
* ( 3 <= nbits <= POLARSSL_MPI_MAX_BITS ) * ( 3 <= nbits <= MBEDTLS_MPI_MAX_BITS )
* \param dh_flag If 1, then (X-1)/2 will be prime too * \param dh_flag If 1, then (X-1)/2 will be prime too
* \param f_rng RNG function * \param f_rng RNG function
* \param p_rng RNG parameter * \param p_rng RNG parameter
* *
* \return 0 if successful (probably prime), * \return 0 if successful (probably prime),
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed, * MBEDTLS_ERR_MPI_MALLOC_FAILED if memory allocation failed,
* POLARSSL_ERR_MPI_BAD_INPUT_DATA if nbits is < 3 * MBEDTLS_ERR_MPI_BAD_INPUT_DATA if nbits is < 3
*/ */
int mpi_gen_prime( mpi *X, size_t nbits, int dh_flag, int mbedtls_mpi_gen_prime( mbedtls_mpi *X, size_t nbits, int dh_flag,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng );
@ -742,7 +742,7 @@ int mpi_gen_prime( mpi *X, size_t nbits, int dh_flag,
* *
* \return 0 if successful, or 1 if the test failed * \return 0 if successful, or 1 if the test failed
*/ */
int mpi_self_test( int verbose ); int mbedtls_mpi_self_test( int verbose );
#ifdef __cplusplus #ifdef __cplusplus
} }

82
include/mbedtls/blowfish.h
View File

@ -21,13 +21,13 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_BLOWFISH_H #ifndef MBEDTLS_BLOWFISH_H
#define POLARSSL_BLOWFISH_H #define MBEDTLS_BLOWFISH_H
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h" #include "config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#include <stddef.h> #include <stddef.h>
@ -39,17 +39,17 @@ typedef UINT32 uint32_t;
#include <inttypes.h> #include <inttypes.h>
#endif #endif
#define BLOWFISH_ENCRYPT 1 #define MBEDTLS_BLOWFISH_ENCRYPT 1
#define BLOWFISH_DECRYPT 0 #define MBEDTLS_BLOWFISH_DECRYPT 0
#define BLOWFISH_MAX_KEY 448 #define MBEDTLS_BLOWFISH_MAX_KEY 448
#define BLOWFISH_MIN_KEY 32 #define MBEDTLS_BLOWFISH_MIN_KEY 32
#define BLOWFISH_ROUNDS 16 /**< Rounds to use. When increasing this value, make sure to extend the initialisation vectors */ #define MBEDTLS_BLOWFISH_ROUNDS 16 /**< Rounds to use. When increasing this value, make sure to extend the initialisation vectors */
#define BLOWFISH_BLOCKSIZE 8 /* Blowfish uses 64 bit blocks */ #define MBEDTLS_BLOWFISH_BLOCKSIZE 8 /* Blowfish uses 64 bit blocks */
#define POLARSSL_ERR_BLOWFISH_INVALID_KEY_LENGTH -0x0016 /**< Invalid key length. */ #define MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH -0x0016 /**< Invalid key length. */
#define POLARSSL_ERR_BLOWFISH_INVALID_INPUT_LENGTH -0x0018 /**< Invalid data input length. */ #define MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH -0x0018 /**< Invalid data input length. */
#if !defined(POLARSSL_BLOWFISH_ALT) #if !defined(MBEDTLS_BLOWFISH_ALT)
// Regular implementation // Regular implementation
// //
@ -62,24 +62,24 @@ extern "C" {
*/ */
typedef struct typedef struct
{ {
uint32_t P[BLOWFISH_ROUNDS + 2]; /*!< Blowfish round keys */ uint32_t P[MBEDTLS_BLOWFISH_ROUNDS + 2]; /*!< Blowfish round keys */
uint32_t S[4][256]; /*!< key dependent S-boxes */ uint32_t S[4][256]; /*!< key dependent S-boxes */
} }
blowfish_context; mbedtls_blowfish_context;
/** /**
* \brief Initialize Blowfish context * \brief Initialize Blowfish context
* *
* \param ctx Blowfish context to be initialized * \param ctx Blowfish context to be initialized
*/ */
void blowfish_init( blowfish_context *ctx ); void mbedtls_blowfish_init( mbedtls_blowfish_context *ctx );
/** /**
* \brief Clear Blowfish context * \brief Clear Blowfish context
* *
* \param ctx Blowfish context to be cleared * \param ctx Blowfish context to be cleared
*/ */
void blowfish_free( blowfish_context *ctx ); void mbedtls_blowfish_free( mbedtls_blowfish_context *ctx );
/** /**
* \brief Blowfish key schedule * \brief Blowfish key schedule
@ -88,27 +88,27 @@ void blowfish_free( blowfish_context *ctx );
* \param key encryption key * \param key encryption key
* \param keysize must be between 32 and 448 bits * \param keysize must be between 32 and 448 bits
* *
* \return 0 if successful, or POLARSSL_ERR_BLOWFISH_INVALID_KEY_LENGTH * \return 0 if successful, or MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH
*/ */
int blowfish_setkey( blowfish_context *ctx, const unsigned char *key, int mbedtls_blowfish_setkey( mbedtls_blowfish_context *ctx, const unsigned char *key,
unsigned int keysize ); unsigned int keysize );
/** /**
* \brief Blowfish-ECB block encryption/decryption * \brief Blowfish-ECB block encryption/decryption
* *
* \param ctx Blowfish context * \param ctx Blowfish context
* \param mode BLOWFISH_ENCRYPT or BLOWFISH_DECRYPT * \param mode MBEDTLS_BLOWFISH_ENCRYPT or MBEDTLS_BLOWFISH_DECRYPT
* \param input 8-byte input block * \param input 8-byte input block
* \param output 8-byte output block * \param output 8-byte output block
* *
* \return 0 if successful * \return 0 if successful
*/ */
int blowfish_crypt_ecb( blowfish_context *ctx, int mbedtls_blowfish_crypt_ecb( mbedtls_blowfish_context *ctx,
int mode, int mode,
const unsigned char input[BLOWFISH_BLOCKSIZE], const unsigned char input[MBEDTLS_BLOWFISH_BLOCKSIZE],
unsigned char output[BLOWFISH_BLOCKSIZE] ); unsigned char output[MBEDTLS_BLOWFISH_BLOCKSIZE] );
#if defined(POLARSSL_CIPHER_MODE_CBC) #if defined(MBEDTLS_CIPHER_MODE_CBC)
/** /**
* \brief Blowfish-CBC buffer encryption/decryption * \brief Blowfish-CBC buffer encryption/decryption
* Length should be a multiple of the block * Length should be a multiple of the block
@ -123,24 +123,24 @@ int blowfish_crypt_ecb( blowfish_context *ctx,
* module instead. * module instead.
* *
* \param ctx Blowfish context * \param ctx Blowfish context
* \param mode BLOWFISH_ENCRYPT or BLOWFISH_DECRYPT * \param mode MBEDTLS_BLOWFISH_ENCRYPT or MBEDTLS_BLOWFISH_DECRYPT
* \param length length of the input data * \param length length of the input data
* \param iv initialization vector (updated after use) * \param iv initialization vector (updated after use)
* \param input buffer holding the input data * \param input buffer holding the input data
* \param output buffer holding the output data * \param output buffer holding the output data
* *
* \return 0 if successful, or * \return 0 if successful, or
* POLARSSL_ERR_BLOWFISH_INVALID_INPUT_LENGTH * MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH
*/ */
int blowfish_crypt_cbc( blowfish_context *ctx, int mbedtls_blowfish_crypt_cbc( mbedtls_blowfish_context *ctx,
int mode, int mode,
size_t length, size_t length,
unsigned char iv[BLOWFISH_BLOCKSIZE], unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE],
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output );
#endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(POLARSSL_CIPHER_MODE_CFB) #if defined(MBEDTLS_CIPHER_MODE_CFB)
/** /**
* \brief Blowfish CFB buffer encryption/decryption. * \brief Blowfish CFB buffer encryption/decryption.
* *
@ -153,7 +153,7 @@ int blowfish_crypt_cbc( blowfish_context *ctx,
* module instead. * module instead.
* *
* \param ctx Blowfish context * \param ctx Blowfish context
* \param mode BLOWFISH_ENCRYPT or BLOWFISH_DECRYPT * \param mode MBEDTLS_BLOWFISH_ENCRYPT or MBEDTLS_BLOWFISH_DECRYPT
* \param length length of the input data * \param length length of the input data
* \param iv_off offset in IV (updated after use) * \param iv_off offset in IV (updated after use)
* \param iv initialization vector (updated after use) * \param iv initialization vector (updated after use)
@ -162,16 +162,16 @@ int blowfish_crypt_cbc( blowfish_context *ctx,
* *
* \return 0 if successful * \return 0 if successful
*/ */
int blowfish_crypt_cfb64( blowfish_context *ctx, int mbedtls_blowfish_crypt_cfb64( mbedtls_blowfish_context *ctx,
int mode, int mode,
size_t length, size_t length,
size_t *iv_off, size_t *iv_off,
unsigned char iv[BLOWFISH_BLOCKSIZE], unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE],
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output );
#endif /*POLARSSL_CIPHER_MODE_CFB */ #endif /*MBEDTLS_CIPHER_MODE_CFB */
#if defined(POLARSSL_CIPHER_MODE_CTR) #if defined(MBEDTLS_CIPHER_MODE_CTR)
/** /**
* \brief Blowfish-CTR buffer encryption/decryption * \brief Blowfish-CTR buffer encryption/decryption
* *
@ -190,21 +190,21 @@ int blowfish_crypt_cfb64( blowfish_context *ctx,
* *
* \return 0 if successful * \return 0 if successful
*/ */
int blowfish_crypt_ctr( blowfish_context *ctx, int mbedtls_blowfish_crypt_ctr( mbedtls_blowfish_context *ctx,
size_t length, size_t length,
size_t *nc_off, size_t *nc_off,
unsigned char nonce_counter[BLOWFISH_BLOCKSIZE], unsigned char nonce_counter[MBEDTLS_BLOWFISH_BLOCKSIZE],
unsigned char stream_block[BLOWFISH_BLOCKSIZE], unsigned char stream_block[MBEDTLS_BLOWFISH_BLOCKSIZE],
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output );
#endif /* POLARSSL_CIPHER_MODE_CTR */ #endif /* MBEDTLS_CIPHER_MODE_CTR */
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#else /* POLARSSL_BLOWFISH_ALT */ #else /* MBEDTLS_BLOWFISH_ALT */
#include "blowfish_alt.h" #include "blowfish_alt.h"
#endif /* POLARSSL_BLOWFISH_ALT */ #endif /* MBEDTLS_BLOWFISH_ALT */
#endif /* blowfish.h */ #endif /* blowfish.h */

28
include/mbedtls/bn_mul.h
View File

@ -35,12 +35,12 @@
* . Alpha . MIPS32 * . Alpha . MIPS32
* . C, longlong . C, generic * . C, longlong . C, generic
*/ */
#ifndef POLARSSL_BN_MUL_H #ifndef MBEDTLS_BN_MUL_H
#define POLARSSL_BN_MUL_H #define MBEDTLS_BN_MUL_H
#include "bignum.h" #include "bignum.h"
#if defined(POLARSSL_HAVE_ASM) #if defined(MBEDTLS_HAVE_ASM)
#if defined(__GNUC__) #if defined(__GNUC__)
#if defined(__i386__) #if defined(__i386__)
@ -63,7 +63,7 @@
"movl %%edx, %%ecx \n\t" \ "movl %%edx, %%ecx \n\t" \
"stosl \n\t" "stosl \n\t"
#if defined(POLARSSL_HAVE_SSE2) #if defined(MBEDTLS_HAVE_SSE2)
#define MULADDC_HUIT \ #define MULADDC_HUIT \
"movd %%ecx, %%mm1 \n\t" \ "movd %%ecx, %%mm1 \n\t" \
@ -735,7 +735,7 @@
__asm mov ecx, edx \ __asm mov ecx, edx \
__asm stosd __asm stosd
#if defined(POLARSSL_HAVE_SSE2) #if defined(MBEDTLS_HAVE_SSE2)
#define EMIT __asm _emit #define EMIT __asm _emit
@ -818,20 +818,20 @@
#endif /* SSE2 */ #endif /* SSE2 */
#endif /* MSVC */ #endif /* MSVC */
#endif /* POLARSSL_HAVE_ASM */ #endif /* MBEDTLS_HAVE_ASM */
#if !defined(MULADDC_CORE) #if !defined(MULADDC_CORE)
#if defined(POLARSSL_HAVE_UDBL) #if defined(MBEDTLS_HAVE_UDBL)
#define MULADDC_INIT \ #define MULADDC_INIT \
{ \ { \
t_udbl r; \ mbedtls_t_udbl r; \
t_uint r0, r1; mbedtls_mpi_uint r0, r1;
#define MULADDC_CORE \ #define MULADDC_CORE \
r = *(s++) * (t_udbl) b; \ r = *(s++) * (mbedtls_t_udbl) b; \
r0 = (t_uint) r; \ r0 = (mbedtls_mpi_uint) r; \
r1 = (t_uint)( r >> biL ); \ r1 = (mbedtls_mpi_uint)( r >> biL ); \
r0 += c; r1 += (r0 < c); \ r0 += c; r1 += (r0 < c); \
r0 += *d; r1 += (r0 < *d); \ r0 += *d; r1 += (r0 < *d); \
c = r1; *(d++) = r0; c = r1; *(d++) = r0;
@ -842,8 +842,8 @@
#else #else
#define MULADDC_INIT \ #define MULADDC_INIT \
{ \ { \
t_uint s0, s1, b0, b1; \ mbedtls_mpi_uint s0, s1, b0, b1; \
t_uint r0, r1, rx, ry; \ mbedtls_mpi_uint r0, r1, rx, ry; \
b0 = ( b << biH ) >> biH; \ b0 = ( b << biH ) >> biH; \
b1 = ( b >> biH ); b1 = ( b >> biH );

72
include/mbedtls/camellia.h
View File

@ -21,13 +21,13 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_CAMELLIA_H #ifndef MBEDTLS_CAMELLIA_H
#define POLARSSL_CAMELLIA_H #define MBEDTLS_CAMELLIA_H
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h" #include "config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#include <stddef.h> #include <stddef.h>
@ -39,13 +39,13 @@ typedef UINT32 uint32_t;
#include <inttypes.h> #include <inttypes.h>
#endif #endif
#define CAMELLIA_ENCRYPT 1 #define MBEDTLS_CAMELLIA_ENCRYPT 1
#define CAMELLIA_DECRYPT 0 #define MBEDTLS_CAMELLIA_DECRYPT 0
#define POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH -0x0024 /**< Invalid key length. */ #define MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH -0x0024 /**< Invalid key length. */
#define POLARSSL_ERR_CAMELLIA_INVALID_INPUT_LENGTH -0x0026 /**< Invalid data input length. */ #define MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH -0x0026 /**< Invalid data input length. */
#if !defined(POLARSSL_CAMELLIA_ALT) #if !defined(MBEDTLS_CAMELLIA_ALT)
// Regular implementation // Regular implementation
// //
@ -61,21 +61,21 @@ typedef struct
int nr; /*!< number of rounds */ int nr; /*!< number of rounds */
uint32_t rk[68]; /*!< CAMELLIA round keys */ uint32_t rk[68]; /*!< CAMELLIA round keys */
} }
camellia_context; mbedtls_camellia_context;
/** /**
* \brief Initialize CAMELLIA context * \brief Initialize CAMELLIA context
* *
* \param ctx CAMELLIA context to be initialized * \param ctx CAMELLIA context to be initialized
*/ */
void camellia_init( camellia_context *ctx ); void mbedtls_camellia_init( mbedtls_camellia_context *ctx );
/** /**
* \brief Clear CAMELLIA context * \brief Clear CAMELLIA context
* *
* \param ctx CAMELLIA context to be cleared * \param ctx CAMELLIA context to be cleared
*/ */
void camellia_free( camellia_context *ctx ); void mbedtls_camellia_free( mbedtls_camellia_context *ctx );
/** /**
* \brief CAMELLIA key schedule (encryption) * \brief CAMELLIA key schedule (encryption)
@ -84,9 +84,9 @@ void camellia_free( camellia_context *ctx );
* \param key encryption key * \param key encryption key
* \param keysize must be 128, 192 or 256 * \param keysize must be 128, 192 or 256
* *
* \return 0 if successful, or POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH * \return 0 if successful, or MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH
*/ */
int camellia_setkey_enc( camellia_context *ctx, const unsigned char *key, int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx, const unsigned char *key,
unsigned int keysize ); unsigned int keysize );
/** /**
@ -96,27 +96,27 @@ int camellia_setkey_enc( camellia_context *ctx, const unsigned char *key,
* \param key decryption key * \param key decryption key
* \param keysize must be 128, 192 or 256 * \param keysize must be 128, 192 or 256
* *
* \return 0 if successful, or POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH * \return 0 if successful, or MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH
*/ */
int camellia_setkey_dec( camellia_context *ctx, const unsigned char *key, int mbedtls_camellia_setkey_dec( mbedtls_camellia_context *ctx, const unsigned char *key,
unsigned int keysize ); unsigned int keysize );
/** /**
* \brief CAMELLIA-ECB block encryption/decryption * \brief CAMELLIA-ECB block encryption/decryption
* *
* \param ctx CAMELLIA context * \param ctx CAMELLIA context
* \param mode CAMELLIA_ENCRYPT or CAMELLIA_DECRYPT * \param mode MBEDTLS_CAMELLIA_ENCRYPT or MBEDTLS_CAMELLIA_DECRYPT
* \param input 16-byte input block * \param input 16-byte input block
* \param output 16-byte output block * \param output 16-byte output block
* *
* \return 0 if successful * \return 0 if successful
*/ */
int camellia_crypt_ecb( camellia_context *ctx, int mbedtls_camellia_crypt_ecb( mbedtls_camellia_context *ctx,
int mode, int mode,
const unsigned char input[16], const unsigned char input[16],
unsigned char output[16] ); unsigned char output[16] );
#if defined(POLARSSL_CIPHER_MODE_CBC) #if defined(MBEDTLS_CIPHER_MODE_CBC)
/** /**
* \brief CAMELLIA-CBC buffer encryption/decryption * \brief CAMELLIA-CBC buffer encryption/decryption
* Length should be a multiple of the block * Length should be a multiple of the block
@ -131,30 +131,30 @@ int camellia_crypt_ecb( camellia_context *ctx,
* module instead. * module instead.
* *
* \param ctx CAMELLIA context * \param ctx CAMELLIA context
* \param mode CAMELLIA_ENCRYPT or CAMELLIA_DECRYPT * \param mode MBEDTLS_CAMELLIA_ENCRYPT or MBEDTLS_CAMELLIA_DECRYPT
* \param length length of the input data * \param length length of the input data
* \param iv initialization vector (updated after use) * \param iv initialization vector (updated after use)
* \param input buffer holding the input data * \param input buffer holding the input data
* \param output buffer holding the output data * \param output buffer holding the output data
* *
* \return 0 if successful, or * \return 0 if successful, or
* POLARSSL_ERR_CAMELLIA_INVALID_INPUT_LENGTH * MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH
*/ */
int camellia_crypt_cbc( camellia_context *ctx, int mbedtls_camellia_crypt_cbc( mbedtls_camellia_context *ctx,
int mode, int mode,
size_t length, size_t length,
unsigned char iv[16], unsigned char iv[16],
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output );
#endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(POLARSSL_CIPHER_MODE_CFB) #if defined(MBEDTLS_CIPHER_MODE_CFB)
/** /**
* \brief CAMELLIA-CFB128 buffer encryption/decryption * \brief CAMELLIA-CFB128 buffer encryption/decryption
* *
* Note: Due to the nature of CFB you should use the same key schedule for * Note: Due to the nature of CFB you should use the same key schedule for
* both encryption and decryption. So a context initialized with * both encryption and decryption. So a context initialized with
* camellia_setkey_enc() for both CAMELLIA_ENCRYPT and CAMELLIE_DECRYPT. * mbedtls_camellia_setkey_enc() for both MBEDTLS_CAMELLIA_ENCRYPT and CAMELLIE_DECRYPT.
* *
* \note Upon exit, the content of the IV is updated so that you can * \note Upon exit, the content of the IV is updated so that you can
* call the function same function again on the following * call the function same function again on the following
@ -165,7 +165,7 @@ int camellia_crypt_cbc( camellia_context *ctx,
* module instead. * module instead.
* *
* \param ctx CAMELLIA context * \param ctx CAMELLIA context
* \param mode CAMELLIA_ENCRYPT or CAMELLIA_DECRYPT * \param mode MBEDTLS_CAMELLIA_ENCRYPT or MBEDTLS_CAMELLIA_DECRYPT
* \param length length of the input data * \param length length of the input data
* \param iv_off offset in IV (updated after use) * \param iv_off offset in IV (updated after use)
* \param iv initialization vector (updated after use) * \param iv initialization vector (updated after use)
@ -173,18 +173,18 @@ int camellia_crypt_cbc( camellia_context *ctx,
* \param output buffer holding the output data * \param output buffer holding the output data
* *
* \return 0 if successful, or * \return 0 if successful, or
* POLARSSL_ERR_CAMELLIA_INVALID_INPUT_LENGTH * MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH
*/ */
int camellia_crypt_cfb128( camellia_context *ctx, int mbedtls_camellia_crypt_cfb128( mbedtls_camellia_context *ctx,
int mode, int mode,
size_t length, size_t length,
size_t *iv_off, size_t *iv_off,
unsigned char iv[16], unsigned char iv[16],
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output );
#endif /* POLARSSL_CIPHER_MODE_CFB */ #endif /* MBEDTLS_CIPHER_MODE_CFB */
#if defined(POLARSSL_CIPHER_MODE_CTR) #if defined(MBEDTLS_CIPHER_MODE_CTR)
/** /**
* \brief CAMELLIA-CTR buffer encryption/decryption * \brief CAMELLIA-CTR buffer encryption/decryption
* *
@ -192,7 +192,7 @@ int camellia_crypt_cfb128( camellia_context *ctx,
* *
* Note: Due to the nature of CTR you should use the same key schedule for * Note: Due to the nature of CTR you should use the same key schedule for
* both encryption and decryption. So a context initialized with * both encryption and decryption. So a context initialized with
* camellia_setkey_enc() for both CAMELLIA_ENCRYPT and CAMELLIA_DECRYPT. * mbedtls_camellia_setkey_enc() for both MBEDTLS_CAMELLIA_ENCRYPT and MBEDTLS_CAMELLIA_DECRYPT.
* *
* \param ctx CAMELLIA context * \param ctx CAMELLIA context
* \param length The length of the data * \param length The length of the data
@ -207,22 +207,22 @@ int camellia_crypt_cfb128( camellia_context *ctx,
* *
* \return 0 if successful * \return 0 if successful
*/ */
int camellia_crypt_ctr( camellia_context *ctx, int mbedtls_camellia_crypt_ctr( mbedtls_camellia_context *ctx,
size_t length, size_t length,
size_t *nc_off, size_t *nc_off,
unsigned char nonce_counter[16], unsigned char nonce_counter[16],
unsigned char stream_block[16], unsigned char stream_block[16],
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output );
#endif /* POLARSSL_CIPHER_MODE_CTR */ #endif /* MBEDTLS_CIPHER_MODE_CTR */
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#else /* POLARSSL_CAMELLIA_ALT */ #else /* MBEDTLS_CAMELLIA_ALT */
#include "camellia_alt.h" #include "camellia_alt.h"
#endif /* POLARSSL_CAMELLIA_ALT */ #endif /* MBEDTLS_CAMELLIA_ALT */
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
@ -233,7 +233,7 @@ extern "C" {
* *
* \return 0 if successful, or 1 if the test failed * \return 0 if successful, or 1 if the test failed
*/ */
int camellia_self_test( int verbose ); int mbedtls_camellia_self_test( int verbose );
#ifdef __cplusplus #ifdef __cplusplus
} }

30
include/mbedtls/ccm.h
View File

@ -21,13 +21,13 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_CCM_H #ifndef MBEDTLS_CCM_H
#define POLARSSL_CCM_H #define MBEDTLS_CCM_H
#include "cipher.h" #include "cipher.h"
#define POLARSSL_ERR_CCM_BAD_INPUT -0x000D /**< Bad input parameters to function. */ #define MBEDTLS_ERR_CCM_BAD_INPUT -0x000D /**< Bad input parameters to function. */
#define POLARSSL_ERR_CCM_AUTH_FAILED -0x000F /**< Authenticated decryption failed. */ #define MBEDTLS_ERR_CCM_AUTH_FAILED -0x000F /**< Authenticated decryption failed. */
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
@ -37,9 +37,9 @@ extern "C" {
* \brief CCM context structure * \brief CCM context structure
*/ */
typedef struct { typedef struct {
cipher_context_t cipher_ctx; /*!< cipher context used */ mbedtls_cipher_context_t cipher_ctx; /*!< cipher context used */
} }
ccm_context; mbedtls_ccm_context;
/** /**
* \brief CCM initialization (encryption and decryption) * \brief CCM initialization (encryption and decryption)
@ -51,7 +51,7 @@ ccm_context;
* *
* \return 0 if successful, or a cipher specific error code * \return 0 if successful, or a cipher specific error code
*/ */
int ccm_init( ccm_context *ctx, cipher_id_t cipher, int mbedtls_ccm_init( mbedtls_ccm_context *ctx, mbedtls_cipher_id_t cipher,
const unsigned char *key, unsigned int keysize ); const unsigned char *key, unsigned int keysize );
/** /**
@ -59,7 +59,7 @@ int ccm_init( ccm_context *ctx, cipher_id_t cipher,
* *
* \param ctx CCM context to free * \param ctx CCM context to free
*/ */
void ccm_free( ccm_context *ctx ); void mbedtls_ccm_free( mbedtls_ccm_context *ctx );
/** /**
* \brief CCM buffer encryption * \brief CCM buffer encryption
@ -86,7 +86,7 @@ void ccm_free( ccm_context *ctx );
* *
* \return 0 if successful * \return 0 if successful
*/ */
int ccm_encrypt_and_tag( ccm_context *ctx, size_t length, int mbedtls_ccm_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length,
const unsigned char *iv, size_t iv_len, const unsigned char *iv, size_t iv_len,
const unsigned char *add, size_t add_len, const unsigned char *add, size_t add_len,
const unsigned char *input, unsigned char *output, const unsigned char *input, unsigned char *output,
@ -107,25 +107,25 @@ int ccm_encrypt_and_tag( ccm_context *ctx, size_t length,
* \param tag_len length of the tag * \param tag_len length of the tag
* *
* \return 0 if successful and authenticated, * \return 0 if successful and authenticated,
* POLARSSL_ERR_CCM_AUTH_FAILED if tag does not match * MBEDTLS_ERR_CCM_AUTH_FAILED if tag does not match
*/ */
int ccm_auth_decrypt( ccm_context *ctx, size_t length, int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length,
const unsigned char *iv, size_t iv_len, const unsigned char *iv, size_t iv_len,
const unsigned char *add, size_t add_len, const unsigned char *add, size_t add_len,
const unsigned char *input, unsigned char *output, const unsigned char *input, unsigned char *output,
const unsigned char *tag, size_t tag_len ); const unsigned char *tag, size_t tag_len );
#if defined(POLARSSL_SELF_TEST) && defined(POLARSSL_AES_C) #if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
/** /**
* \brief Checkup routine * \brief Checkup routine
* *
* \return 0 if successful, or 1 if the test failed * \return 0 if successful, or 1 if the test failed
*/ */
int ccm_self_test( int verbose ); int mbedtls_ccm_self_test( int verbose );
#endif /* POLARSSL_SELF_TEST && POLARSSL_AES_C */ #endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#endif /* POLARSSL_CCM_H */ #endif /* MBEDTLS_CCM_H */

108
include/mbedtls/certs.h
View File

@ -21,8 +21,8 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_CERTS_H #ifndef MBEDTLS_CERTS_H
#define POLARSSL_CERTS_H #define MBEDTLS_CERTS_H
#include <stddef.h> #include <stddef.h>
@ -30,72 +30,72 @@
extern "C" { extern "C" {
#endif #endif
#if defined(POLARSSL_PEM_PARSE_C) #if defined(MBEDTLS_PEM_PARSE_C)
/* Concatenation of all CA certificates in PEM format if available */ /* Concatenation of all CA certificates in PEM format if available */
extern const char test_cas_pem[]; extern const char mbedtls_test_cas_pem[];
extern const size_t test_cas_pem_len; extern const size_t mbedtls_test_cas_pem_len;
#endif #endif
/* List of all CA certificates, terminated by NULL */ /* List of all CA certificates, terminated by NULL */
extern const char * test_cas[]; extern const char * mbedtls_test_cas[];
extern const size_t test_cas_len[]; extern const size_t mbedtls_test_cas_len[];
/* /*
* Convenience for users who just want a certificate: * Convenience for users who just want a certificate:
* RSA by default, or ECDSA if RSA is not available * RSA by default, or ECDSA if RSA is not available
*/ */
extern const char * test_ca_crt; extern const char * mbedtls_test_ca_crt;
extern const size_t test_ca_crt_len; extern const size_t mbedtls_test_ca_crt_len;
extern const char * test_ca_key; extern const char * mbedtls_test_ca_key;
extern const size_t test_ca_key_len; extern const size_t mbedtls_test_ca_key_len;
extern const char * test_ca_pwd; extern const char * mbedtls_test_ca_pwd;
extern const size_t test_ca_pwd_len; extern const size_t mbedtls_test_ca_pwd_len;
extern const char * test_srv_crt; extern const char * mbedtls_test_srv_crt;
extern const size_t test_srv_crt_len; extern const size_t mbedtls_test_srv_crt_len;
extern const char * test_srv_key; extern const char * mbedtls_test_srv_key;
extern const size_t test_srv_key_len; extern const size_t mbedtls_test_srv_key_len;
extern const char * test_cli_crt; extern const char * mbedtls_test_cli_crt;
extern const size_t test_cli_crt_len; extern const size_t mbedtls_test_cli_crt_len;
extern const char * test_cli_key; extern const char * mbedtls_test_cli_key;
extern const size_t test_cli_key_len; extern const size_t mbedtls_test_cli_key_len;
#if defined(POLARSSL_ECDSA_C) #if defined(MBEDTLS_ECDSA_C)
extern const char test_ca_crt_ec[]; extern const char mbedtls_test_ca_crt_ec[];
extern const size_t test_ca_crt_ec_len; extern const size_t mbedtls_test_ca_crt_ec_len;
extern const char test_ca_key_ec[]; extern const char mbedtls_test_ca_key_ec[];
extern const size_t test_ca_key_ec_len; extern const size_t mbedtls_test_ca_key_ec_len;
extern const char test_ca_pwd_ec[]; extern const char mbedtls_test_ca_pwd_ec[];
extern const size_t test_ca_pwd_ec_len; extern const size_t mbedtls_test_ca_pwd_ec_len;
extern const char test_srv_crt_ec[]; extern const char mbedtls_test_srv_crt_ec[];
extern const size_t test_srv_crt_ec_len; extern const size_t mbedtls_test_srv_crt_ec_len;
extern const char test_srv_key_ec[]; extern const char mbedtls_test_srv_key_ec[];
extern const size_t test_srv_key_ec_len; extern const size_t mbedtls_test_srv_key_ec_len;
extern const char test_cli_crt_ec[]; extern const char mbedtls_test_cli_crt_ec[];
extern const size_t test_cli_crt_ec_len; extern const size_t mbedtls_test_cli_crt_ec_len;
extern const char test_cli_key_ec[]; extern const char mbedtls_test_cli_key_ec[];
extern const size_t test_cli_key_ec_len; extern const size_t mbedtls_test_cli_key_ec_len;
#endif #endif
#if defined(POLARSSL_RSA_C) #if defined(MBEDTLS_RSA_C)
extern const char test_ca_crt_rsa[]; extern const char mbedtls_test_ca_crt_rsa[];
extern const size_t test_ca_crt_rsa_len; extern const size_t mbedtls_test_ca_crt_rsa_len;
extern const char test_ca_key_rsa[]; extern const char mbedtls_test_ca_key_rsa[];
extern const size_t test_ca_key_rsa_len; extern const size_t mbedtls_test_ca_key_rsa_len;
extern const char test_ca_pwd_rsa[]; extern const char mbedtls_test_ca_pwd_rsa[];
extern const size_t test_ca_pwd_rsa_len; extern const size_t mbedtls_test_ca_pwd_rsa_len;
extern const char test_srv_crt_rsa[]; extern const char mbedtls_test_srv_crt_rsa[];
extern const size_t test_srv_crt_rsa_len; extern const size_t mbedtls_test_srv_crt_rsa_len;
extern const char test_srv_key_rsa[]; extern const char mbedtls_test_srv_key_rsa[];
extern const size_t test_srv_key_rsa_len; extern const size_t mbedtls_test_srv_key_rsa_len;
extern const char test_cli_crt_rsa[]; extern const char mbedtls_test_cli_crt_rsa[];
extern const size_t test_cli_crt_rsa_len; extern const size_t mbedtls_test_cli_crt_rsa_len;
extern const char test_cli_key_rsa[]; extern const char mbedtls_test_cli_key_rsa[];
extern const size_t test_cli_key_rsa_len; extern const size_t mbedtls_test_cli_key_rsa_len;
#endif #endif
#if defined(POLARSSL_DHM_C) #if defined(MBEDTLS_DHM_C)
extern const char test_dhm_params[]; extern const char mbedtls_test_dhm_params[];
extern const size_t test_dhm_params_len; extern const size_t mbedtls_test_dhm_params_len;
#endif #endif
#ifdef __cplusplus #ifdef __cplusplus

556
include/mbedtls/check_config.h
View File

@ -27,474 +27,474 @@
* in order to catch dependency issues early. * in order to catch dependency issues early.
*/ */
#ifndef POLARSSL_CHECK_CONFIG_H #ifndef MBEDTLS_CHECK_CONFIG_H
#define POLARSSL_CHECK_CONFIG_H #define MBEDTLS_CHECK_CONFIG_H
#if defined(POLARSSL_DEPRECATED_WARNING) && \ #if defined(MBEDTLS_DEPRECATED_WARNING) && \
!defined(__GNUC__) && !defined(__clang__) !defined(__GNUC__) && !defined(__clang__)
#error "POLARSSL_DEPRECATED_WARNING only works with GCC and Clang" #error "MBEDTLS_DEPRECATED_WARNING only works with GCC and Clang"
#endif #endif
#if defined(POLARSSL_AESNI_C) && !defined(POLARSSL_HAVE_ASM) #if defined(MBEDTLS_AESNI_C) && !defined(MBEDTLS_HAVE_ASM)
#error "POLARSSL_AESNI_C defined, but not all prerequisites" #error "MBEDTLS_AESNI_C defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_CTR_DRBG_C) && !defined(POLARSSL_AES_C) #if defined(MBEDTLS_CTR_DRBG_C) && !defined(MBEDTLS_AES_C)
#error "POLARSSL_CTR_DRBG_C defined, but not all prerequisites" #error "MBEDTLS_CTR_DRBG_C defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_DHM_C) && !defined(POLARSSL_BIGNUM_C) #if defined(MBEDTLS_DHM_C) && !defined(MBEDTLS_BIGNUM_C)
#error "POLARSSL_DHM_C defined, but not all prerequisites" #error "MBEDTLS_DHM_C defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_ECDH_C) && !defined(POLARSSL_ECP_C) #if defined(MBEDTLS_ECDH_C) && !defined(MBEDTLS_ECP_C)
#error "POLARSSL_ECDH_C defined, but not all prerequisites" #error "MBEDTLS_ECDH_C defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_ECDSA_C) && \ #if defined(MBEDTLS_ECDSA_C) && \
( !defined(POLARSSL_ECP_C) || \ ( !defined(MBEDTLS_ECP_C) || \
!defined(POLARSSL_ASN1_PARSE_C) || \ !defined(MBEDTLS_ASN1_PARSE_C) || \
!defined(POLARSSL_ASN1_WRITE_C) ) !defined(MBEDTLS_ASN1_WRITE_C) )
#error "POLARSSL_ECDSA_C defined, but not all prerequisites" #error "MBEDTLS_ECDSA_C defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_ECDSA_DETERMINISTIC) && !defined(POLARSSL_HMAC_DRBG_C) #if defined(MBEDTLS_ECDSA_DETERMINISTIC) && !defined(MBEDTLS_HMAC_DRBG_C)
#error "POLARSSL_ECDSA_DETERMINISTIC defined, but not all prerequisites" #error "MBEDTLS_ECDSA_DETERMINISTIC defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_ECP_C) && ( !defined(POLARSSL_BIGNUM_C) || ( \ #if defined(MBEDTLS_ECP_C) && ( !defined(MBEDTLS_BIGNUM_C) || ( \
!defined(POLARSSL_ECP_DP_SECP192R1_ENABLED) && \ !defined(MBEDTLS_ECP_DP_SECP192R1_ENABLED) && \
!defined(POLARSSL_ECP_DP_SECP224R1_ENABLED) && \ !defined(MBEDTLS_ECP_DP_SECP224R1_ENABLED) && \
!defined(POLARSSL_ECP_DP_SECP256R1_ENABLED) && \ !defined(MBEDTLS_ECP_DP_SECP256R1_ENABLED) && \
!defined(POLARSSL_ECP_DP_SECP384R1_ENABLED) && \ !defined(MBEDTLS_ECP_DP_SECP384R1_ENABLED) && \
!defined(POLARSSL_ECP_DP_SECP521R1_ENABLED) && \ !defined(MBEDTLS_ECP_DP_SECP521R1_ENABLED) && \
!defined(POLARSSL_ECP_DP_BP256R1_ENABLED) && \ !defined(MBEDTLS_ECP_DP_BP256R1_ENABLED) && \
!defined(POLARSSL_ECP_DP_BP384R1_ENABLED) && \ !defined(MBEDTLS_ECP_DP_BP384R1_ENABLED) && \
!defined(POLARSSL_ECP_DP_BP512R1_ENABLED) && \ !defined(MBEDTLS_ECP_DP_BP512R1_ENABLED) && \
!defined(POLARSSL_ECP_DP_SECP192K1_ENABLED) && \ !defined(MBEDTLS_ECP_DP_SECP192K1_ENABLED) && \
!defined(POLARSSL_ECP_DP_SECP224K1_ENABLED) && \ !defined(MBEDTLS_ECP_DP_SECP224K1_ENABLED) && \
!defined(POLARSSL_ECP_DP_SECP256K1_ENABLED) ) ) !defined(MBEDTLS_ECP_DP_SECP256K1_ENABLED) ) )
#error "POLARSSL_ECP_C defined, but not all prerequisites" #error "MBEDTLS_ECP_C defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_ENTROPY_C) && (!defined(POLARSSL_SHA512_C) && \ #if defined(MBEDTLS_ENTROPY_C) && (!defined(MBEDTLS_SHA512_C) && \
!defined(POLARSSL_SHA256_C)) !defined(MBEDTLS_SHA256_C))
#error "POLARSSL_ENTROPY_C defined, but not all prerequisites" #error "MBEDTLS_ENTROPY_C defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_ENTROPY_C) && defined(POLARSSL_SHA512_C) && \ #if defined(MBEDTLS_ENTROPY_C) && defined(MBEDTLS_SHA512_C) && \
defined(CTR_DRBG_ENTROPY_LEN) && (CTR_DRBG_ENTROPY_LEN > 64) defined(MBEDTLS_CTR_DRBG_ENTROPY_LEN) && (MBEDTLS_CTR_DRBG_ENTROPY_LEN > 64)
#error "CTR_DRBG_ENTROPY_LEN value too high" #error "MBEDTLS_CTR_DRBG_ENTROPY_LEN value too high"
#endif #endif
#if defined(POLARSSL_ENTROPY_C) && \ #if defined(MBEDTLS_ENTROPY_C) && \
( !defined(POLARSSL_SHA512_C) || defined(POLARSSL_ENTROPY_FORCE_SHA256) ) \ ( !defined(MBEDTLS_SHA512_C) || defined(MBEDTLS_ENTROPY_FORCE_SHA256) ) \
&& defined(CTR_DRBG_ENTROPY_LEN) && (CTR_DRBG_ENTROPY_LEN > 32) && defined(MBEDTLS_CTR_DRBG_ENTROPY_LEN) && (MBEDTLS_CTR_DRBG_ENTROPY_LEN > 32)
#error "CTR_DRBG_ENTROPY_LEN value too high" #error "MBEDTLS_CTR_DRBG_ENTROPY_LEN value too high"
#endif #endif
#if defined(POLARSSL_ENTROPY_C) && \ #if defined(MBEDTLS_ENTROPY_C) && \
defined(POLARSSL_ENTROPY_FORCE_SHA256) && !defined(POLARSSL_SHA256_C) defined(MBEDTLS_ENTROPY_FORCE_SHA256) && !defined(MBEDTLS_SHA256_C)
#error "POLARSSL_ENTROPY_FORCE_SHA256 defined, but not all prerequisites" #error "MBEDTLS_ENTROPY_FORCE_SHA256 defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_GCM_C) && ( \ #if defined(MBEDTLS_GCM_C) && ( \
!defined(POLARSSL_AES_C) && !defined(POLARSSL_CAMELLIA_C) ) !defined(MBEDTLS_AES_C) && !defined(MBEDTLS_CAMELLIA_C) )
#error "POLARSSL_GCM_C defined, but not all prerequisites" #error "MBEDTLS_GCM_C defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_HAVEGE_C) && !defined(POLARSSL_TIMING_C) #if defined(MBEDTLS_HAVEGE_C) && !defined(MBEDTLS_TIMING_C)
#error "POLARSSL_HAVEGE_C defined, but not all prerequisites" #error "MBEDTLS_HAVEGE_C defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_HMAC_DRBG_C) && !defined(POLARSSL_MD_C) #if defined(MBEDTLS_HMAC_DRBG_C) && !defined(MBEDTLS_MD_C)
#error "POLARSSL_HMAC_DRBG_C defined, but not all prerequisites" #error "MBEDTLS_HMAC_DRBG_C defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) && \ #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) && \
( !defined(POLARSSL_ECDH_C) || !defined(POLARSSL_X509_CRT_PARSE_C) ) ( !defined(MBEDTLS_ECDH_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) )
#error "POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED defined, but not all prerequisites" #error "MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED) && \ #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) && \
( !defined(POLARSSL_ECDH_C) || !defined(POLARSSL_X509_CRT_PARSE_C) ) ( !defined(MBEDTLS_ECDH_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) )
#error "POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED defined, but not all prerequisites" #error "MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) && !defined(POLARSSL_DHM_C) #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) && !defined(MBEDTLS_DHM_C)
#error "POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED defined, but not all prerequisites" #error "MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) && \ #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) && \
!defined(POLARSSL_ECDH_C) !defined(MBEDTLS_ECDH_C)
#error "POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED defined, but not all prerequisites" #error "MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) && \ #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) && \
( !defined(POLARSSL_DHM_C) || !defined(POLARSSL_RSA_C) || \ ( !defined(MBEDTLS_DHM_C) || !defined(MBEDTLS_RSA_C) || \
!defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_PKCS1_V15) ) !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_PKCS1_V15) )
#error "POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED defined, but not all prerequisites" #error "MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) && \ #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) && \
( !defined(POLARSSL_ECDH_C) || !defined(POLARSSL_RSA_C) || \ ( !defined(MBEDTLS_ECDH_C) || !defined(MBEDTLS_RSA_C) || \
!defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_PKCS1_V15) ) !defined(MBEDTLS_X509_CRT_PARSE_C) || !defined(MBEDTLS_PKCS1_V15) )
#error "POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED defined, but not all prerequisites" #error "MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) && \ #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) && \
( !defined(POLARSSL_ECDH_C) || !defined(POLARSSL_ECDSA_C) || \ ( !defined(MBEDTLS_ECDH_C) || !defined(MBEDTLS_ECDSA_C) || \
!defined(POLARSSL_X509_CRT_PARSE_C) ) !defined(MBEDTLS_X509_CRT_PARSE_C) )
#error "POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED defined, but not all prerequisites" #error "MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED) && \ #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) && \
( !defined(POLARSSL_RSA_C) || !defined(POLARSSL_X509_CRT_PARSE_C) || \ ( !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) || \
!defined(POLARSSL_PKCS1_V15) ) !defined(MBEDTLS_PKCS1_V15) )
#error "POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED defined, but not all prerequisites" #error "MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED) && \ #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) && \
( !defined(POLARSSL_RSA_C) || !defined(POLARSSL_X509_CRT_PARSE_C) || \ ( !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_X509_CRT_PARSE_C) || \
!defined(POLARSSL_PKCS1_V15) ) !defined(MBEDTLS_PKCS1_V15) )
#error "POLARSSL_KEY_EXCHANGE_RSA_ENABLED defined, but not all prerequisites" #error "MBEDTLS_KEY_EXCHANGE_RSA_ENABLED defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C) && \ #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) && \
( !defined(POLARSSL_PLATFORM_C) || !defined(POLARSSL_PLATFORM_MEMORY) ) ( !defined(MBEDTLS_PLATFORM_C) || !defined(MBEDTLS_PLATFORM_MEMORY) )
#error "POLARSSL_MEMORY_BUFFER_ALLOC_C defined, but not all prerequisites" #error "MBEDTLS_MEMORY_BUFFER_ALLOC_C defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_PADLOCK_C) && !defined(POLARSSL_HAVE_ASM) #if defined(MBEDTLS_PADLOCK_C) && !defined(MBEDTLS_HAVE_ASM)
#error "POLARSSL_PADLOCK_C defined, but not all prerequisites" #error "MBEDTLS_PADLOCK_C defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_PEM_PARSE_C) && !defined(POLARSSL_BASE64_C) #if defined(MBEDTLS_PEM_PARSE_C) && !defined(MBEDTLS_BASE64_C)
#error "POLARSSL_PEM_PARSE_C defined, but not all prerequisites" #error "MBEDTLS_PEM_PARSE_C defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_PEM_WRITE_C) && !defined(POLARSSL_BASE64_C) #if defined(MBEDTLS_PEM_WRITE_C) && !defined(MBEDTLS_BASE64_C)
#error "POLARSSL_PEM_WRITE_C defined, but not all prerequisites" #error "MBEDTLS_PEM_WRITE_C defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_PK_C) && \ #if defined(MBEDTLS_PK_C) && \
( !defined(POLARSSL_RSA_C) && !defined(POLARSSL_ECP_C) ) ( !defined(MBEDTLS_RSA_C) && !defined(MBEDTLS_ECP_C) )
#error "POLARSSL_PK_C defined, but not all prerequisites" #error "MBEDTLS_PK_C defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_PK_PARSE_C) && !defined(POLARSSL_PK_C) #if defined(MBEDTLS_PK_PARSE_C) && !defined(MBEDTLS_PK_C)
#error "POLARSSL_PK_PARSE_C defined, but not all prerequisites" #error "MBEDTLS_PK_PARSE_C defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_PK_WRITE_C) && !defined(POLARSSL_PK_C) #if defined(MBEDTLS_PK_WRITE_C) && !defined(MBEDTLS_PK_C)
#error "POLARSSL_PK_WRITE_C defined, but not all prerequisites" #error "MBEDTLS_PK_WRITE_C defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_PKCS11_C) && !defined(POLARSSL_PK_C) #if defined(MBEDTLS_PKCS11_C) && !defined(MBEDTLS_PK_C)
#error "POLARSSL_PKCS11_C defined, but not all prerequisites" #error "MBEDTLS_PKCS11_C defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_PLATFORM_EXIT_ALT) && !defined(POLARSSL_PLATFORM_C) #if defined(MBEDTLS_PLATFORM_EXIT_ALT) && !defined(MBEDTLS_PLATFORM_C)
#error "POLARSSL_PLATFORM_EXIT_ALT defined, but not all prerequisites" #error "MBEDTLS_PLATFORM_EXIT_ALT defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_PLATFORM_EXIT_MACRO) && !defined(POLARSSL_PLATFORM_C) #if defined(MBEDTLS_PLATFORM_EXIT_MACRO) && !defined(MBEDTLS_PLATFORM_C)
#error "POLARSSL_PLATFORM_EXIT_MACRO defined, but not all prerequisites" #error "MBEDTLS_PLATFORM_EXIT_MACRO defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_PLATFORM_EXIT_MACRO) &&\ #if defined(MBEDTLS_PLATFORM_EXIT_MACRO) &&\
( defined(POLARSSL_PLATFORM_STD_EXIT) ||\ ( defined(MBEDTLS_PLATFORM_STD_EXIT) ||\
defined(POLARSSL_PLATFORM_EXIT_ALT) ) defined(MBEDTLS_PLATFORM_EXIT_ALT) )
#error "POLARSSL_PLATFORM_EXIT_MACRO and POLARSSL_PLATFORM_STD_EXIT/POLARSSL_PLATFORM_EXIT_ALT cannot be defined simultaneously" #error "MBEDTLS_PLATFORM_EXIT_MACRO and MBEDTLS_PLATFORM_STD_EXIT/MBEDTLS_PLATFORM_EXIT_ALT cannot be defined simultaneously"
#endif #endif
#if defined(POLARSSL_PLATFORM_FPRINTF_ALT) && !defined(POLARSSL_PLATFORM_C) #if defined(MBEDTLS_PLATFORM_FPRINTF_ALT) && !defined(MBEDTLS_PLATFORM_C)
#error "POLARSSL_PLATFORM_FPRINTF_ALT defined, but not all prerequisites" #error "MBEDTLS_PLATFORM_FPRINTF_ALT defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_PLATFORM_FPRINTF_MACRO) && !defined(POLARSSL_PLATFORM_C) #if defined(MBEDTLS_PLATFORM_FPRINTF_MACRO) && !defined(MBEDTLS_PLATFORM_C)
#error "POLARSSL_PLATFORM_FPRINTF_MACRO defined, but not all prerequisites" #error "MBEDTLS_PLATFORM_FPRINTF_MACRO defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_PLATFORM_FPRINTF_MACRO) &&\ #if defined(MBEDTLS_PLATFORM_FPRINTF_MACRO) &&\
( defined(POLARSSL_PLATFORM_STD_FPRINTF) ||\ ( defined(MBEDTLS_PLATFORM_STD_FPRINTF) ||\
defined(POLARSSL_PLATFORM_FPRINTF_ALT) ) defined(MBEDTLS_PLATFORM_FPRINTF_ALT) )
#error "POLARSSL_PLATFORM_FPRINTF_MACRO and POLARSSL_PLATFORM_STD_FPRINTF/POLARSSL_PLATFORM_FPRINTF_ALT cannot be defined simultaneously" #error "MBEDTLS_PLATFORM_FPRINTF_MACRO and MBEDTLS_PLATFORM_STD_FPRINTF/MBEDTLS_PLATFORM_FPRINTF_ALT cannot be defined simultaneously"
#endif #endif
#if defined(POLARSSL_PLATFORM_FREE_MACRO) &&\ #if defined(MBEDTLS_PLATFORM_FREE_MACRO) &&\
( !defined(POLARSSL_PLATFORM_C) || !defined(POLARSSL_PLATFORM_MEMORY) ) ( !defined(MBEDTLS_PLATFORM_C) || !defined(MBEDTLS_PLATFORM_MEMORY) )
#error "POLARSSL_PLATFORM_FREE_MACRO defined, but not all prerequisites" #error "MBEDTLS_PLATFORM_FREE_MACRO defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_PLATFORM_FREE_MACRO) &&\ #if defined(MBEDTLS_PLATFORM_FREE_MACRO) &&\
defined(POLARSSL_PLATFORM_STD_FREE) defined(MBEDTLS_PLATFORM_STD_FREE)
#error "POLARSSL_PLATFORM_FREE_MACRO and POLARSSL_PLATFORM_STD_FREE cannot be defined simultaneously" #error "MBEDTLS_PLATFORM_FREE_MACRO and MBEDTLS_PLATFORM_STD_FREE cannot be defined simultaneously"
#endif #endif
#if defined(POLARSSL_PLATFORM_FREE_MACRO) && !defined(POLARSSL_PLATFORM_MALLOC_MACRO) #if defined(MBEDTLS_PLATFORM_FREE_MACRO) && !defined(MBEDTLS_PLATFORM_MALLOC_MACRO)
#error "POLARSSL_PLATFORM_MALLOC_MACRO must be defined if POLARSSL_PLATFORM_FREE_MACRO is" #error "MBEDTLS_PLATFORM_MALLOC_MACRO must be defined if MBEDTLS_PLATFORM_FREE_MACRO is"
#endif #endif
#if defined(POLARSSL_PLATFORM_MALLOC_MACRO) &&\ #if defined(MBEDTLS_PLATFORM_MALLOC_MACRO) &&\
( !defined(POLARSSL_PLATFORM_C) || !defined(POLARSSL_PLATFORM_MEMORY) ) ( !defined(MBEDTLS_PLATFORM_C) || !defined(MBEDTLS_PLATFORM_MEMORY) )
#error "POLARSSL_PLATFORM_MALLOC_MACRO defined, but not all prerequisites" #error "MBEDTLS_PLATFORM_MALLOC_MACRO defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_PLATFORM_MALLOC_MACRO) &&\ #if defined(MBEDTLS_PLATFORM_MALLOC_MACRO) &&\
defined(POLARSSL_PLATFORM_STD_MALLOC) defined(MBEDTLS_PLATFORM_STD_MALLOC)
#error "POLARSSL_PLATFORM_MALLOC_MACRO and POLARSSL_PLATFORM_STD_MALLOC cannot be defined simultaneously" #error "MBEDTLS_PLATFORM_MALLOC_MACRO and MBEDTLS_PLATFORM_STD_MALLOC cannot be defined simultaneously"
#endif #endif
#if defined(POLARSSL_PLATFORM_MALLOC_MACRO) && !defined(POLARSSL_PLATFORM_FREE_MACRO) #if defined(MBEDTLS_PLATFORM_MALLOC_MACRO) && !defined(MBEDTLS_PLATFORM_FREE_MACRO)
#error "POLARSSL_PLATFORM_FREE_MACRO must be defined if POLARSSL_PLATFORM_MALLOC_MACRO is" #error "MBEDTLS_PLATFORM_FREE_MACRO must be defined if MBEDTLS_PLATFORM_MALLOC_MACRO is"
#endif #endif
#if defined(POLARSSL_PLATFORM_MEMORY) && !defined(POLARSSL_PLATFORM_C) #if defined(MBEDTLS_PLATFORM_MEMORY) && !defined(MBEDTLS_PLATFORM_C)
#error "POLARSSL_PLATFORM_MEMORY defined, but not all prerequisites" #error "MBEDTLS_PLATFORM_MEMORY defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_PLATFORM_PRINTF_ALT) && !defined(POLARSSL_PLATFORM_C) #if defined(MBEDTLS_PLATFORM_PRINTF_ALT) && !defined(MBEDTLS_PLATFORM_C)
#error "POLARSSL_PLATFORM_PRINTF_ALT defined, but not all prerequisites" #error "MBEDTLS_PLATFORM_PRINTF_ALT defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_PLATFORM_PRINTF_MACRO) && !defined(POLARSSL_PLATFORM_C) #if defined(MBEDTLS_PLATFORM_PRINTF_MACRO) && !defined(MBEDTLS_PLATFORM_C)
#error "POLARSSL_PLATFORM_PRINTF_MACRO defined, but not all prerequisites" #error "MBEDTLS_PLATFORM_PRINTF_MACRO defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_PLATFORM_PRINTF_MACRO) &&\ #if defined(MBEDTLS_PLATFORM_PRINTF_MACRO) &&\
( defined(POLARSSL_PLATFORM_STD_PRINTF) ||\ ( defined(MBEDTLS_PLATFORM_STD_PRINTF) ||\
defined(POLARSSL_PLATFORM_PRINTF_ALT) ) defined(MBEDTLS_PLATFORM_PRINTF_ALT) )
#error "POLARSSL_PLATFORM_PRINTF_MACRO and POLARSSL_PLATFORM_STD_PRINTF/POLARSSL_PLATFORM_PRINTF_ALT cannot be defined simultaneously" #error "MBEDTLS_PLATFORM_PRINTF_MACRO and MBEDTLS_PLATFORM_STD_PRINTF/MBEDTLS_PLATFORM_PRINTF_ALT cannot be defined simultaneously"
#endif #endif
#if defined(POLARSSL_PLATFORM_SNPRINTF_ALT) && !defined(POLARSSL_PLATFORM_C) #if defined(MBEDTLS_PLATFORM_SNPRINTF_ALT) && !defined(MBEDTLS_PLATFORM_C)
#error "POLARSSL_PLATFORM_SNPRINTF_ALT defined, but not all prerequisites" #error "MBEDTLS_PLATFORM_SNPRINTF_ALT defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_PLATFORM_SNPRINTF_ALT) && ( defined(_WIN32)\ #if defined(MBEDTLS_PLATFORM_SNPRINTF_ALT) && ( defined(_WIN32)\
&& !defined(EFIX64) && !defined(EFI32) ) && !defined(EFIX64) && !defined(EFI32) )
#error "POLARSSL_PLATFORM_SNPRINTF_ALT defined but not available on Windows" #error "MBEDTLS_PLATFORM_SNPRINTF_ALT defined but not available on Windows"
#endif #endif
#if defined(POLARSSL_PLATFORM_SNPRINTF_MACRO) && !defined(POLARSSL_PLATFORM_C) #if defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO) && !defined(MBEDTLS_PLATFORM_C)
#error "POLARSSL_PLATFORM_SNPRINTF_MACRO defined, but not all prerequisites" #error "MBEDTLS_PLATFORM_SNPRINTF_MACRO defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_PLATFORM_SNPRINTF_MACRO) &&\ #if defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO) &&\
( defined(POLARSSL_PLATFORM_STD_SNPRINTF) ||\ ( defined(MBEDTLS_PLATFORM_STD_SNPRINTF) ||\
defined(POLARSSL_PLATFORM_SNPRINTF_ALT) ) defined(MBEDTLS_PLATFORM_SNPRINTF_ALT) )
#error "POLARSSL_PLATFORM_SNPRINTF_MACRO and POLARSSL_PLATFORM_STD_SNPRINTF/POLARSSL_PLATFORM_SNPRINTF_ALT cannot be defined simultaneously" #error "MBEDTLS_PLATFORM_SNPRINTF_MACRO and MBEDTLS_PLATFORM_STD_SNPRINTF/MBEDTLS_PLATFORM_SNPRINTF_ALT cannot be defined simultaneously"
#endif #endif
#if defined(POLARSSL_PLATFORM_STD_MEM_HDR) &&\ #if defined(MBEDTLS_PLATFORM_STD_MEM_HDR) &&\
!defined(POLARSSL_PLATFORM_NO_STD_FUNCTIONS) !defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS)
#error "POLARSSL_PLATFORM_STD_MEM_HDR defined, but not all prerequisites" #error "MBEDTLS_PLATFORM_STD_MEM_HDR defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_PLATFORM_STD_MALLOC) && !defined(POLARSSL_PLATFORM_MEMORY) #if defined(MBEDTLS_PLATFORM_STD_MALLOC) && !defined(MBEDTLS_PLATFORM_MEMORY)
#error "POLARSSL_PLATFORM_STD_MALLOC defined, but not all prerequisites" #error "MBEDTLS_PLATFORM_STD_MALLOC defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_PLATFORM_STD_MALLOC) && !defined(POLARSSL_PLATFORM_MEMORY) #if defined(MBEDTLS_PLATFORM_STD_MALLOC) && !defined(MBEDTLS_PLATFORM_MEMORY)
#error "POLARSSL_PLATFORM_STD_MALLOC defined, but not all prerequisites" #error "MBEDTLS_PLATFORM_STD_MALLOC defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_PLATFORM_STD_FREE) && !defined(POLARSSL_PLATFORM_MEMORY) #if defined(MBEDTLS_PLATFORM_STD_FREE) && !defined(MBEDTLS_PLATFORM_MEMORY)
#error "POLARSSL_PLATFORM_STD_FREE defined, but not all prerequisites" #error "MBEDTLS_PLATFORM_STD_FREE defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_PLATFORM_STD_EXIT) &&\ #if defined(MBEDTLS_PLATFORM_STD_EXIT) &&\
!defined(POLARSSL_PLATFORM_EXIT_ALT) !defined(MBEDTLS_PLATFORM_EXIT_ALT)
#error "POLARSSL_PLATFORM_STD_EXIT defined, but not all prerequisites" #error "MBEDTLS_PLATFORM_STD_EXIT defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_PLATFORM_STD_FPRINTF) &&\ #if defined(MBEDTLS_PLATFORM_STD_FPRINTF) &&\
!defined(POLARSSL_PLATFORM_FPRINTF_ALT) !defined(MBEDTLS_PLATFORM_FPRINTF_ALT)
#error "POLARSSL_PLATFORM_STD_FPRINTF defined, but not all prerequisites" #error "MBEDTLS_PLATFORM_STD_FPRINTF defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_PLATFORM_STD_PRINTF) &&\ #if defined(MBEDTLS_PLATFORM_STD_PRINTF) &&\
!defined(POLARSSL_PLATFORM_PRINTF_ALT) !defined(MBEDTLS_PLATFORM_PRINTF_ALT)
#error "POLARSSL_PLATFORM_STD_PRINTF defined, but not all prerequisites" #error "MBEDTLS_PLATFORM_STD_PRINTF defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_PLATFORM_STD_SNPRINTF) &&\ #if defined(MBEDTLS_PLATFORM_STD_SNPRINTF) &&\
!defined(POLARSSL_PLATFORM_SNPRINTF_ALT) !defined(MBEDTLS_PLATFORM_SNPRINTF_ALT)
#error "POLARSSL_PLATFORM_STD_SNPRINTF defined, but not all prerequisites" #error "MBEDTLS_PLATFORM_STD_SNPRINTF defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_RSA_C) && ( !defined(POLARSSL_BIGNUM_C) || \ #if defined(MBEDTLS_RSA_C) && ( !defined(MBEDTLS_BIGNUM_C) || \
!defined(POLARSSL_OID_C) ) !defined(MBEDTLS_OID_C) )
#error "POLARSSL_RSA_C defined, but not all prerequisites" #error "MBEDTLS_RSA_C defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_X509_RSASSA_PSS_SUPPORT) && \ #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) && \
( !defined(POLARSSL_RSA_C) || !defined(POLARSSL_PKCS1_V21) ) ( !defined(MBEDTLS_RSA_C) || !defined(MBEDTLS_PKCS1_V21) )
#error "POLARSSL_X509_RSASSA_PSS_SUPPORT defined, but not all prerequisites" #error "MBEDTLS_X509_RSASSA_PSS_SUPPORT defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_SSL_PROTO_SSL3) && ( !defined(POLARSSL_MD5_C) || \ #if defined(MBEDTLS_SSL_PROTO_SSL3) && ( !defined(MBEDTLS_MD5_C) || \
!defined(POLARSSL_SHA1_C) ) !defined(MBEDTLS_SHA1_C) )
#error "POLARSSL_SSL_PROTO_SSL3 defined, but not all prerequisites" #error "MBEDTLS_SSL_PROTO_SSL3 defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_SSL_PROTO_TLS1) && ( !defined(POLARSSL_MD5_C) || \ #if defined(MBEDTLS_SSL_PROTO_TLS1) && ( !defined(MBEDTLS_MD5_C) || \
!defined(POLARSSL_SHA1_C) ) !defined(MBEDTLS_SHA1_C) )
#error "POLARSSL_SSL_PROTO_TLS1 defined, but not all prerequisites" #error "MBEDTLS_SSL_PROTO_TLS1 defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_SSL_PROTO_TLS1_1) && ( !defined(POLARSSL_MD5_C) || \ #if defined(MBEDTLS_SSL_PROTO_TLS1_1) && ( !defined(MBEDTLS_MD5_C) || \
!defined(POLARSSL_SHA1_C) ) !defined(MBEDTLS_SHA1_C) )
#error "POLARSSL_SSL_PROTO_TLS1_1 defined, but not all prerequisites" #error "MBEDTLS_SSL_PROTO_TLS1_1 defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_SSL_PROTO_TLS1_2) && ( !defined(POLARSSL_SHA1_C) && \ #if defined(MBEDTLS_SSL_PROTO_TLS1_2) && ( !defined(MBEDTLS_SHA1_C) && \
!defined(POLARSSL_SHA256_C) && !defined(POLARSSL_SHA512_C) ) !defined(MBEDTLS_SHA256_C) && !defined(MBEDTLS_SHA512_C) )
#error "POLARSSL_SSL_PROTO_TLS1_2 defined, but not all prerequisites" #error "MBEDTLS_SSL_PROTO_TLS1_2 defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_SSL_PROTO_DTLS) && ( \ #if defined(MBEDTLS_SSL_PROTO_DTLS) && ( \
( !defined(POLARSSL_SSL_PROTO_TLS1_1) && \ ( !defined(MBEDTLS_SSL_PROTO_TLS1_1) && \
!defined(POLARSSL_SSL_PROTO_TLS1_2) ) || \ !defined(MBEDTLS_SSL_PROTO_TLS1_2) ) || \
!defined(POLARSSL_TIMING_C) ) !defined(MBEDTLS_TIMING_C) )
#error "POLARSSL_SSL_PROTO_DTLS defined, but not all prerequisites" #error "MBEDTLS_SSL_PROTO_DTLS defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_SSL_CLI_C) && !defined(POLARSSL_SSL_TLS_C) #if defined(MBEDTLS_SSL_CLI_C) && !defined(MBEDTLS_SSL_TLS_C)
#error "POLARSSL_SSL_CLI_C defined, but not all prerequisites" #error "MBEDTLS_SSL_CLI_C defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_SSL_TLS_C) && ( !defined(POLARSSL_CIPHER_C) || \ #if defined(MBEDTLS_SSL_TLS_C) && ( !defined(MBEDTLS_CIPHER_C) || \
!defined(POLARSSL_MD_C) ) !defined(MBEDTLS_MD_C) )
#error "POLARSSL_SSL_TLS_C defined, but not all prerequisites" #error "MBEDTLS_SSL_TLS_C defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_SSL_SRV_C) && !defined(POLARSSL_SSL_TLS_C) #if defined(MBEDTLS_SSL_SRV_C) && !defined(MBEDTLS_SSL_TLS_C)
#error "POLARSSL_SSL_SRV_C defined, but not all prerequisites" #error "MBEDTLS_SSL_SRV_C defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_SSL_TLS_C) && (!defined(POLARSSL_SSL_PROTO_SSL3) && \ #if defined(MBEDTLS_SSL_TLS_C) && (!defined(MBEDTLS_SSL_PROTO_SSL3) && \
!defined(POLARSSL_SSL_PROTO_TLS1) && !defined(POLARSSL_SSL_PROTO_TLS1_1) && \ !defined(MBEDTLS_SSL_PROTO_TLS1) && !defined(MBEDTLS_SSL_PROTO_TLS1_1) && \
!defined(POLARSSL_SSL_PROTO_TLS1_2)) !defined(MBEDTLS_SSL_PROTO_TLS1_2))
#error "POLARSSL_SSL_TLS_C defined, but no protocols are active" #error "MBEDTLS_SSL_TLS_C defined, but no protocols are active"
#endif #endif
#if defined(POLARSSL_SSL_TLS_C) && (defined(POLARSSL_SSL_PROTO_SSL3) && \ #if defined(MBEDTLS_SSL_TLS_C) && (defined(MBEDTLS_SSL_PROTO_SSL3) && \
defined(POLARSSL_SSL_PROTO_TLS1_1) && !defined(POLARSSL_SSL_PROTO_TLS1)) defined(MBEDTLS_SSL_PROTO_TLS1_1) && !defined(MBEDTLS_SSL_PROTO_TLS1))
#error "Illegal protocol selection" #error "Illegal protocol selection"
#endif #endif
#if defined(POLARSSL_SSL_TLS_C) && (defined(POLARSSL_SSL_PROTO_TLS1) && \ #if defined(MBEDTLS_SSL_TLS_C) && (defined(MBEDTLS_SSL_PROTO_TLS1) && \
defined(POLARSSL_SSL_PROTO_TLS1_2) && !defined(POLARSSL_SSL_PROTO_TLS1_1)) defined(MBEDTLS_SSL_PROTO_TLS1_2) && !defined(MBEDTLS_SSL_PROTO_TLS1_1))
#error "Illegal protocol selection" #error "Illegal protocol selection"
#endif #endif
#if defined(POLARSSL_SSL_TLS_C) && (defined(POLARSSL_SSL_PROTO_SSL3) && \ #if defined(MBEDTLS_SSL_TLS_C) && (defined(MBEDTLS_SSL_PROTO_SSL3) && \
defined(POLARSSL_SSL_PROTO_TLS1_2) && (!defined(POLARSSL_SSL_PROTO_TLS1) || \ defined(MBEDTLS_SSL_PROTO_TLS1_2) && (!defined(MBEDTLS_SSL_PROTO_TLS1) || \
!defined(POLARSSL_SSL_PROTO_TLS1_1))) !defined(MBEDTLS_SSL_PROTO_TLS1_1)))
#error "Illegal protocol selection" #error "Illegal protocol selection"
#endif #endif
#if defined(POLARSSL_SSL_COOKIE_C) && !defined(POLARSSL_SSL_DTLS_HELLO_VERIFY) #if defined(MBEDTLS_SSL_COOKIE_C) && !defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY)
#error "POLARSSL_SSL_COOKIE_C defined, but not all prerequisites" #error "MBEDTLS_SSL_COOKIE_C defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_SSL_DTLS_HELLO_VERIFY) && \ #if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && \
( !defined(POLARSSL_SSL_SRV_C) || !defined(POLARSSL_SSL_PROTO_DTLS) ) ( !defined(MBEDTLS_SSL_SRV_C) || !defined(MBEDTLS_SSL_PROTO_DTLS) )
#error "POLARSSL_SSL_DTLS_HELLO_VERIFY defined, but not all prerequisites" #error "MBEDTLS_SSL_DTLS_HELLO_VERIFY defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_SSL_DTLS_ANTI_REPLAY) && \ #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY) && \
( !defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_PROTO_DTLS) ) ( !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_PROTO_DTLS) )
#error "POLARSSL_SSL_DTLS_ANTI_REPLAY defined, but not all prerequisites" #error "MBEDTLS_SSL_DTLS_ANTI_REPLAY defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_SSL_DTLS_BADMAC_LIMIT) && \ #if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) && \
( !defined(POLARSSL_SSL_TLS_C) || !defined(POLARSSL_SSL_PROTO_DTLS) ) ( !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_PROTO_DTLS) )
#error "POLARSSL_SSL_DTLS_BADMAC_LIMIT defined, but not all prerequisites" #error "MBEDTLS_SSL_DTLS_BADMAC_LIMIT defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_SSL_ENCRYPT_THEN_MAC) && \ #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) && \
!defined(POLARSSL_SSL_PROTO_TLS1) && \ !defined(MBEDTLS_SSL_PROTO_TLS1) && \
!defined(POLARSSL_SSL_PROTO_TLS1_1) && \ !defined(MBEDTLS_SSL_PROTO_TLS1_1) && \
!defined(POLARSSL_SSL_PROTO_TLS1_2) !defined(MBEDTLS_SSL_PROTO_TLS1_2)
#error "POLARSSL_SSL_ENCRYPT_THEN_MAC defined, but not all prerequsites" #error "MBEDTLS_SSL_ENCRYPT_THEN_MAC defined, but not all prerequsites"
#endif #endif
#if defined(POLARSSL_SSL_EXTENDED_MASTER_SECRET) && \ #if defined(MBEDTLS_SSL_EXTENDED_MASTER_SECRET) && \
!defined(POLARSSL_SSL_PROTO_TLS1) && \ !defined(MBEDTLS_SSL_PROTO_TLS1) && \
!defined(POLARSSL_SSL_PROTO_TLS1_1) && \ !defined(MBEDTLS_SSL_PROTO_TLS1_1) && \
!defined(POLARSSL_SSL_PROTO_TLS1_2) !defined(MBEDTLS_SSL_PROTO_TLS1_2)
#error "POLARSSL_SSL_EXTENDED_MASTER_SECRET defined, but not all prerequsites" #error "MBEDTLS_SSL_EXTENDED_MASTER_SECRET defined, but not all prerequsites"
#endif #endif
#if defined(POLARSSL_SSL_SESSION_TICKETS) && defined(POLARSSL_SSL_TLS_C) && \ #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_TLS_C) && \
( !defined(POLARSSL_AES_C) || !defined(POLARSSL_SHA256_C) || \ ( !defined(MBEDTLS_AES_C) || !defined(MBEDTLS_SHA256_C) || \
!defined(POLARSSL_CIPHER_MODE_CBC) ) !defined(MBEDTLS_CIPHER_MODE_CBC) )
#error "POLARSSL_SSL_SESSION_TICKETS defined, but not all prerequisites" #error "MBEDTLS_SSL_SESSION_TICKETS defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_SSL_CBC_RECORD_SPLITTING) && \ #if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) && \
!defined(POLARSSL_SSL_PROTO_SSL3) && !defined(POLARSSL_SSL_PROTO_TLS1) !defined(MBEDTLS_SSL_PROTO_SSL3) && !defined(MBEDTLS_SSL_PROTO_TLS1)
#error "POLARSSL_SSL_CBC_RECORD_SPLITTING defined, but not all prerequisites" #error "MBEDTLS_SSL_CBC_RECORD_SPLITTING defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_SSL_SERVER_NAME_INDICATION) && \ #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) && \
!defined(POLARSSL_X509_CRT_PARSE_C) !defined(MBEDTLS_X509_CRT_PARSE_C)
#error "POLARSSL_SSL_SERVER_NAME_INDICATION defined, but not all prerequisites" #error "MBEDTLS_SSL_SERVER_NAME_INDICATION defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_THREADING_PTHREAD) #if defined(MBEDTLS_THREADING_PTHREAD)
#if !defined(POLARSSL_THREADING_C) || defined(POLARSSL_THREADING_IMPL) #if !defined(MBEDTLS_THREADING_C) || defined(MBEDTLS_THREADING_IMPL)
#error "POLARSSL_THREADING_PTHREAD defined, but not all prerequisites" #error "MBEDTLS_THREADING_PTHREAD defined, but not all prerequisites"
#endif #endif
#define POLARSSL_THREADING_IMPL #define MBEDTLS_THREADING_IMPL
#endif #endif
#if defined(POLARSSL_THREADING_ALT) #if defined(MBEDTLS_THREADING_ALT)
#if !defined(POLARSSL_THREADING_C) || defined(POLARSSL_THREADING_IMPL) #if !defined(MBEDTLS_THREADING_C) || defined(MBEDTLS_THREADING_IMPL)
#error "POLARSSL_THREADING_ALT defined, but not all prerequisites" #error "MBEDTLS_THREADING_ALT defined, but not all prerequisites"
#endif #endif
#define POLARSSL_THREADING_IMPL #define MBEDTLS_THREADING_IMPL
#endif #endif
#if defined(POLARSSL_THREADING_C) && !defined(POLARSSL_THREADING_IMPL) #if defined(MBEDTLS_THREADING_C) && !defined(MBEDTLS_THREADING_IMPL)
#error "POLARSSL_THREADING_C defined, single threading implementation required" #error "MBEDTLS_THREADING_C defined, single threading implementation required"
#endif #endif
#undef POLARSSL_THREADING_IMPL #undef MBEDTLS_THREADING_IMPL
#if defined(POLARSSL_VERSION_FEATURES) && !defined(POLARSSL_VERSION_C) #if defined(MBEDTLS_VERSION_FEATURES) && !defined(MBEDTLS_VERSION_C)
#error "POLARSSL_VERSION_FEATURES defined, but not all prerequisites" #error "MBEDTLS_VERSION_FEATURES defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_X509_USE_C) && ( !defined(POLARSSL_BIGNUM_C) || \ #if defined(MBEDTLS_X509_USE_C) && ( !defined(MBEDTLS_BIGNUM_C) || \
!defined(POLARSSL_OID_C) || !defined(POLARSSL_ASN1_PARSE_C) || \ !defined(MBEDTLS_OID_C) || !defined(MBEDTLS_ASN1_PARSE_C) || \
!defined(POLARSSL_PK_PARSE_C) ) !defined(MBEDTLS_PK_PARSE_C) )
#error "POLARSSL_X509_USE_C defined, but not all prerequisites" #error "MBEDTLS_X509_USE_C defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_X509_CREATE_C) && ( !defined(POLARSSL_BIGNUM_C) || \ #if defined(MBEDTLS_X509_CREATE_C) && ( !defined(MBEDTLS_BIGNUM_C) || \
!defined(POLARSSL_OID_C) || !defined(POLARSSL_ASN1_WRITE_C) || \ !defined(MBEDTLS_OID_C) || !defined(MBEDTLS_ASN1_WRITE_C) || \
!defined(POLARSSL_PK_WRITE_C) ) !defined(MBEDTLS_PK_WRITE_C) )
#error "POLARSSL_X509_CREATE_C defined, but not all prerequisites" #error "MBEDTLS_X509_CREATE_C defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_X509_CRT_PARSE_C) && ( !defined(POLARSSL_X509_USE_C) ) #if defined(MBEDTLS_X509_CRT_PARSE_C) && ( !defined(MBEDTLS_X509_USE_C) )
#error "POLARSSL_X509_CRT_PARSE_C defined, but not all prerequisites" #error "MBEDTLS_X509_CRT_PARSE_C defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_X509_CRL_PARSE_C) && ( !defined(POLARSSL_X509_USE_C) ) #if defined(MBEDTLS_X509_CRL_PARSE_C) && ( !defined(MBEDTLS_X509_USE_C) )
#error "POLARSSL_X509_CRL_PARSE_C defined, but not all prerequisites" #error "MBEDTLS_X509_CRL_PARSE_C defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_X509_CSR_PARSE_C) && ( !defined(POLARSSL_X509_USE_C) ) #if defined(MBEDTLS_X509_CSR_PARSE_C) && ( !defined(MBEDTLS_X509_USE_C) )
#error "POLARSSL_X509_CSR_PARSE_C defined, but not all prerequisites" #error "MBEDTLS_X509_CSR_PARSE_C defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_X509_CRT_WRITE_C) && ( !defined(POLARSSL_X509_CREATE_C) ) #if defined(MBEDTLS_X509_CRT_WRITE_C) && ( !defined(MBEDTLS_X509_CREATE_C) )
#error "POLARSSL_X509_CRT_WRITE_C defined, but not all prerequisites" #error "MBEDTLS_X509_CRT_WRITE_C defined, but not all prerequisites"
#endif #endif
#if defined(POLARSSL_X509_CSR_WRITE_C) && ( !defined(POLARSSL_X509_CREATE_C) ) #if defined(MBEDTLS_X509_CSR_WRITE_C) && ( !defined(MBEDTLS_X509_CREATE_C) )
#error "POLARSSL_X509_CSR_WRITE_C defined, but not all prerequisites" #error "MBEDTLS_X509_CSR_WRITE_C defined, but not all prerequisites"
#endif #endif
#endif /* POLARSSL_CHECK_CONFIG_H */ #endif /* MBEDTLS_CHECK_CONFIG_H */

398
include/mbedtls/cipher.h
View File

@ -24,27 +24,27 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_CIPHER_H #ifndef MBEDTLS_CIPHER_H
#define POLARSSL_CIPHER_H #define MBEDTLS_CIPHER_H
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h" #include "config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#include <stddef.h> #include <stddef.h>
#if defined(POLARSSL_GCM_C) || defined(POLARSSL_CCM_C) #if defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C)
#define POLARSSL_CIPHER_MODE_AEAD #define MBEDTLS_CIPHER_MODE_AEAD
#endif #endif
#if defined(POLARSSL_CIPHER_MODE_CBC) #if defined(MBEDTLS_CIPHER_MODE_CBC)
#define POLARSSL_CIPHER_MODE_WITH_PADDING #define MBEDTLS_CIPHER_MODE_WITH_PADDING
#endif #endif
#if defined(POLARSSL_ARC4_C) #if defined(MBEDTLS_ARC4_C)
#define POLARSSL_CIPHER_MODE_STREAM #define MBEDTLS_CIPHER_MODE_STREAM
#endif #endif
#if defined(_MSC_VER) && !defined(inline) #if defined(_MSC_VER) && !defined(inline)
@ -55,159 +55,159 @@
#endif /* __ARMCC_VERSION */ #endif /* __ARMCC_VERSION */
#endif /*_MSC_VER */ #endif /*_MSC_VER */
#define POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE -0x6080 /**< The selected feature is not available. */ #define MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE -0x6080 /**< The selected feature is not available. */
#define POLARSSL_ERR_CIPHER_BAD_INPUT_DATA -0x6100 /**< Bad input parameters to function. */ #define MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA -0x6100 /**< Bad input parameters to function. */
#define POLARSSL_ERR_CIPHER_ALLOC_FAILED -0x6180 /**< Failed to allocate memory. */ #define MBEDTLS_ERR_CIPHER_ALLOC_FAILED -0x6180 /**< Failed to allocate memory. */
#define POLARSSL_ERR_CIPHER_INVALID_PADDING -0x6200 /**< Input data contains invalid padding and is rejected. */ #define MBEDTLS_ERR_CIPHER_INVALID_PADDING -0x6200 /**< Input data contains invalid padding and is rejected. */
#define POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED -0x6280 /**< Decryption of block requires a full block. */ #define MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED -0x6280 /**< Decryption of block requires a full block. */
#define POLARSSL_ERR_CIPHER_AUTH_FAILED -0x6300 /**< Authentication failed (for AEAD modes). */ #define MBEDTLS_ERR_CIPHER_AUTH_FAILED -0x6300 /**< Authentication failed (for AEAD modes). */
#define POLARSSL_CIPHER_VARIABLE_IV_LEN 0x01 /**< Cipher accepts IVs of variable length */ #define MBEDTLS_CIPHER_VARIABLE_IV_LEN 0x01 /**< Cipher accepts IVs of variable length */
#define POLARSSL_CIPHER_VARIABLE_KEY_LEN 0x02 /**< Cipher accepts keys of variable length */ #define MBEDTLS_CIPHER_VARIABLE_KEY_LEN 0x02 /**< Cipher accepts keys of variable length */
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
#endif #endif
typedef enum { typedef enum {
POLARSSL_CIPHER_ID_NONE = 0, MBEDTLS_CIPHER_ID_NONE = 0,
POLARSSL_CIPHER_ID_NULL, MBEDTLS_CIPHER_ID_NULL,
POLARSSL_CIPHER_ID_AES, MBEDTLS_CIPHER_ID_AES,
POLARSSL_CIPHER_ID_DES, MBEDTLS_CIPHER_ID_DES,
POLARSSL_CIPHER_ID_3DES, MBEDTLS_CIPHER_ID_3DES,
POLARSSL_CIPHER_ID_CAMELLIA, MBEDTLS_CIPHER_ID_CAMELLIA,
POLARSSL_CIPHER_ID_BLOWFISH, MBEDTLS_CIPHER_ID_BLOWFISH,
POLARSSL_CIPHER_ID_ARC4, MBEDTLS_CIPHER_ID_ARC4,
} cipher_id_t; } mbedtls_cipher_id_t;
typedef enum { typedef enum {
POLARSSL_CIPHER_NONE = 0, MBEDTLS_CIPHER_NONE = 0,
POLARSSL_CIPHER_NULL, MBEDTLS_CIPHER_NULL,
POLARSSL_CIPHER_AES_128_ECB, MBEDTLS_CIPHER_AES_128_ECB,
POLARSSL_CIPHER_AES_192_ECB, MBEDTLS_CIPHER_AES_192_ECB,
POLARSSL_CIPHER_AES_256_ECB, MBEDTLS_CIPHER_AES_256_ECB,
POLARSSL_CIPHER_AES_128_CBC, MBEDTLS_CIPHER_AES_128_CBC,
POLARSSL_CIPHER_AES_192_CBC, MBEDTLS_CIPHER_AES_192_CBC,
POLARSSL_CIPHER_AES_256_CBC, MBEDTLS_CIPHER_AES_256_CBC,
POLARSSL_CIPHER_AES_128_CFB128, MBEDTLS_CIPHER_AES_128_CFB128,
POLARSSL_CIPHER_AES_192_CFB128, MBEDTLS_CIPHER_AES_192_CFB128,
POLARSSL_CIPHER_AES_256_CFB128, MBEDTLS_CIPHER_AES_256_CFB128,
POLARSSL_CIPHER_AES_128_CTR, MBEDTLS_CIPHER_AES_128_CTR,
POLARSSL_CIPHER_AES_192_CTR, MBEDTLS_CIPHER_AES_192_CTR,
POLARSSL_CIPHER_AES_256_CTR, MBEDTLS_CIPHER_AES_256_CTR,
POLARSSL_CIPHER_AES_128_GCM, MBEDTLS_CIPHER_AES_128_GCM,
POLARSSL_CIPHER_AES_192_GCM, MBEDTLS_CIPHER_AES_192_GCM,
POLARSSL_CIPHER_AES_256_GCM, MBEDTLS_CIPHER_AES_256_GCM,
POLARSSL_CIPHER_CAMELLIA_128_ECB, MBEDTLS_CIPHER_CAMELLIA_128_ECB,
POLARSSL_CIPHER_CAMELLIA_192_ECB, MBEDTLS_CIPHER_CAMELLIA_192_ECB,
POLARSSL_CIPHER_CAMELLIA_256_ECB, MBEDTLS_CIPHER_CAMELLIA_256_ECB,
POLARSSL_CIPHER_CAMELLIA_128_CBC, MBEDTLS_CIPHER_CAMELLIA_128_CBC,
POLARSSL_CIPHER_CAMELLIA_192_CBC, MBEDTLS_CIPHER_CAMELLIA_192_CBC,
POLARSSL_CIPHER_CAMELLIA_256_CBC, MBEDTLS_CIPHER_CAMELLIA_256_CBC,
POLARSSL_CIPHER_CAMELLIA_128_CFB128, MBEDTLS_CIPHER_CAMELLIA_128_CFB128,
POLARSSL_CIPHER_CAMELLIA_192_CFB128, MBEDTLS_CIPHER_CAMELLIA_192_CFB128,
POLARSSL_CIPHER_CAMELLIA_256_CFB128, MBEDTLS_CIPHER_CAMELLIA_256_CFB128,
POLARSSL_CIPHER_CAMELLIA_128_CTR, MBEDTLS_CIPHER_CAMELLIA_128_CTR,
POLARSSL_CIPHER_CAMELLIA_192_CTR, MBEDTLS_CIPHER_CAMELLIA_192_CTR,
POLARSSL_CIPHER_CAMELLIA_256_CTR, MBEDTLS_CIPHER_CAMELLIA_256_CTR,
POLARSSL_CIPHER_CAMELLIA_128_GCM, MBEDTLS_CIPHER_CAMELLIA_128_GCM,
POLARSSL_CIPHER_CAMELLIA_192_GCM, MBEDTLS_CIPHER_CAMELLIA_192_GCM,
POLARSSL_CIPHER_CAMELLIA_256_GCM, MBEDTLS_CIPHER_CAMELLIA_256_GCM,
POLARSSL_CIPHER_DES_ECB, MBEDTLS_CIPHER_DES_ECB,
POLARSSL_CIPHER_DES_CBC, MBEDTLS_CIPHER_DES_CBC,
POLARSSL_CIPHER_DES_EDE_ECB, MBEDTLS_CIPHER_DES_EDE_ECB,
POLARSSL_CIPHER_DES_EDE_CBC, MBEDTLS_CIPHER_DES_EDE_CBC,
POLARSSL_CIPHER_DES_EDE3_ECB, MBEDTLS_CIPHER_DES_EDE3_ECB,
POLARSSL_CIPHER_DES_EDE3_CBC, MBEDTLS_CIPHER_DES_EDE3_CBC,
POLARSSL_CIPHER_BLOWFISH_ECB, MBEDTLS_CIPHER_BLOWFISH_ECB,
POLARSSL_CIPHER_BLOWFISH_CBC, MBEDTLS_CIPHER_BLOWFISH_CBC,
POLARSSL_CIPHER_BLOWFISH_CFB64, MBEDTLS_CIPHER_BLOWFISH_CFB64,
POLARSSL_CIPHER_BLOWFISH_CTR, MBEDTLS_CIPHER_BLOWFISH_CTR,
POLARSSL_CIPHER_ARC4_128, MBEDTLS_CIPHER_ARC4_128,
POLARSSL_CIPHER_AES_128_CCM, MBEDTLS_CIPHER_AES_128_CCM,
POLARSSL_CIPHER_AES_192_CCM, MBEDTLS_CIPHER_AES_192_CCM,
POLARSSL_CIPHER_AES_256_CCM, MBEDTLS_CIPHER_AES_256_CCM,
POLARSSL_CIPHER_CAMELLIA_128_CCM, MBEDTLS_CIPHER_CAMELLIA_128_CCM,
POLARSSL_CIPHER_CAMELLIA_192_CCM, MBEDTLS_CIPHER_CAMELLIA_192_CCM,
POLARSSL_CIPHER_CAMELLIA_256_CCM, MBEDTLS_CIPHER_CAMELLIA_256_CCM,
} cipher_type_t; } mbedtls_cipher_type_t;
typedef enum { typedef enum {
POLARSSL_MODE_NONE = 0, MBEDTLS_MODE_NONE = 0,
POLARSSL_MODE_ECB, MBEDTLS_MODE_ECB,
POLARSSL_MODE_CBC, MBEDTLS_MODE_CBC,
POLARSSL_MODE_CFB, MBEDTLS_MODE_CFB,
POLARSSL_MODE_OFB, /* Unused! */ MBEDTLS_MODE_OFB, /* Unused! */
POLARSSL_MODE_CTR, MBEDTLS_MODE_CTR,
POLARSSL_MODE_GCM, MBEDTLS_MODE_GCM,
POLARSSL_MODE_STREAM, MBEDTLS_MODE_STREAM,
POLARSSL_MODE_CCM, MBEDTLS_MODE_CCM,
} cipher_mode_t; } mbedtls_cipher_mode_t;
typedef enum { typedef enum {
POLARSSL_PADDING_PKCS7 = 0, /**< PKCS7 padding (default) */ MBEDTLS_PADDING_PKCS7 = 0, /**< PKCS7 padding (default) */
POLARSSL_PADDING_ONE_AND_ZEROS, /**< ISO/IEC 7816-4 padding */ MBEDTLS_PADDING_ONE_AND_ZEROS, /**< ISO/IEC 7816-4 padding */
POLARSSL_PADDING_ZEROS_AND_LEN, /**< ANSI X.923 padding */ MBEDTLS_PADDING_ZEROS_AND_LEN, /**< ANSI X.923 padding */
POLARSSL_PADDING_ZEROS, /**< zero padding (not reversible!) */ MBEDTLS_PADDING_ZEROS, /**< zero padding (not reversible!) */
POLARSSL_PADDING_NONE, /**< never pad (full blocks only) */ MBEDTLS_PADDING_NONE, /**< never pad (full blocks only) */
} cipher_padding_t; } mbedtls_cipher_padding_t;
typedef enum { typedef enum {
POLARSSL_OPERATION_NONE = -1, MBEDTLS_OPERATION_NONE = -1,
POLARSSL_DECRYPT = 0, MBEDTLS_DECRYPT = 0,
POLARSSL_ENCRYPT, MBEDTLS_ENCRYPT,
} operation_t; } mbedtls_operation_t;
enum { enum {
/** Undefined key length */ /** Undefined key length */
POLARSSL_KEY_LENGTH_NONE = 0, MBEDTLS_KEY_LENGTH_NONE = 0,
/** Key length, in bits (including parity), for DES keys */ /** Key length, in bits (including parity), for DES keys */
POLARSSL_KEY_LENGTH_DES = 64, MBEDTLS_KEY_LENGTH_DES = 64,
/** Key length, in bits (including parity), for DES in two key EDE */ /** Key length, in bits (including parity), for DES in two key EDE */
POLARSSL_KEY_LENGTH_DES_EDE = 128, MBEDTLS_KEY_LENGTH_DES_EDE = 128,
/** Key length, in bits (including parity), for DES in three-key EDE */ /** Key length, in bits (including parity), for DES in three-key EDE */
POLARSSL_KEY_LENGTH_DES_EDE3 = 192, MBEDTLS_KEY_LENGTH_DES_EDE3 = 192,
}; };
/** Maximum length of any IV, in bytes */ /** Maximum length of any IV, in bytes */
#define POLARSSL_MAX_IV_LENGTH 16 #define MBEDTLS_MAX_IV_LENGTH 16
/** Maximum block size of any cipher, in bytes */ /** Maximum block size of any cipher, in bytes */
#define POLARSSL_MAX_BLOCK_LENGTH 16 #define MBEDTLS_MAX_BLOCK_LENGTH 16
/** /**
* Base cipher information. The non-mode specific functions and values. * Base cipher information. The non-mode specific functions and values.
*/ */
typedef struct { typedef struct {
/** Base Cipher type (e.g. POLARSSL_CIPHER_ID_AES) */ /** Base Cipher type (e.g. MBEDTLS_CIPHER_ID_AES) */
cipher_id_t cipher; mbedtls_cipher_id_t cipher;
/** Encrypt using ECB */ /** Encrypt using ECB */
int (*ecb_func)( void *ctx, operation_t mode, int (*ecb_func)( void *ctx, mbedtls_operation_t mode,
const unsigned char *input, unsigned char *output ); const unsigned char *input, unsigned char *output );
#if defined(POLARSSL_CIPHER_MODE_CBC) #if defined(MBEDTLS_CIPHER_MODE_CBC)
/** Encrypt using CBC */ /** Encrypt using CBC */
int (*cbc_func)( void *ctx, operation_t mode, size_t length, int (*cbc_func)( void *ctx, mbedtls_operation_t mode, size_t length,
unsigned char *iv, const unsigned char *input, unsigned char *iv, const unsigned char *input,
unsigned char *output ); unsigned char *output );
#endif #endif
#if defined(POLARSSL_CIPHER_MODE_CFB) #if defined(MBEDTLS_CIPHER_MODE_CFB)
/** Encrypt using CFB (Full length) */ /** Encrypt using CFB (Full length) */
int (*cfb_func)( void *ctx, operation_t mode, size_t length, size_t *iv_off, int (*cfb_func)( void *ctx, mbedtls_operation_t mode, size_t length, size_t *iv_off,
unsigned char *iv, const unsigned char *input, unsigned char *iv, const unsigned char *input,
unsigned char *output ); unsigned char *output );
#endif #endif
#if defined(POLARSSL_CIPHER_MODE_CTR) #if defined(MBEDTLS_CIPHER_MODE_CTR)
/** Encrypt using CTR */ /** Encrypt using CTR */
int (*ctr_func)( void *ctx, size_t length, size_t *nc_off, int (*ctr_func)( void *ctx, size_t length, size_t *nc_off,
unsigned char *nonce_counter, unsigned char *stream_block, unsigned char *nonce_counter, unsigned char *stream_block,
const unsigned char *input, unsigned char *output ); const unsigned char *input, unsigned char *output );
#endif #endif
#if defined(POLARSSL_CIPHER_MODE_STREAM) #if defined(MBEDTLS_CIPHER_MODE_STREAM)
/** Encrypt using STREAM */ /** Encrypt using STREAM */
int (*stream_func)( void *ctx, size_t length, int (*stream_func)( void *ctx, size_t length,
const unsigned char *input, unsigned char *output ); const unsigned char *input, unsigned char *output );
@ -227,17 +227,17 @@ typedef struct {
/** Free the given context */ /** Free the given context */
void (*ctx_free_func)( void *ctx ); void (*ctx_free_func)( void *ctx );
} cipher_base_t; } mbedtls_cipher_base_t;
/** /**
* Cipher information. Allows cipher functions to be called in a generic way. * Cipher information. Allows cipher functions to be called in a generic way.
*/ */
typedef struct { typedef struct {
/** Full cipher identifier (e.g. POLARSSL_CIPHER_AES_256_CBC) */ /** Full cipher identifier (e.g. MBEDTLS_CIPHER_AES_256_CBC) */
cipher_type_t type; mbedtls_cipher_type_t type;
/** Cipher mode (e.g. POLARSSL_MODE_CBC) */ /** Cipher mode (e.g. MBEDTLS_MODE_CBC) */
cipher_mode_t mode; mbedtls_cipher_mode_t mode;
/** Cipher key length, in bits (default length for variable sized ciphers) /** Cipher key length, in bits (default length for variable sized ciphers)
* (Includes parity bits for ciphers like DES) */ * (Includes parity bits for ciphers like DES) */
@ -257,44 +257,44 @@ typedef struct {
unsigned int block_size; unsigned int block_size;
/** Base cipher information and functions */ /** Base cipher information and functions */
const cipher_base_t *base; const mbedtls_cipher_base_t *base;
} cipher_info_t; } mbedtls_cipher_info_t;
/** /**
* Generic cipher context. * Generic cipher context.
*/ */
typedef struct { typedef struct {
/** Information about the associated cipher */ /** Information about the associated cipher */
const cipher_info_t *cipher_info; const mbedtls_cipher_info_t *cipher_info;
/** Key length to use */ /** Key length to use */
int key_length; int key_length;
/** Operation that the context's key has been initialised for */ /** Operation that the context's key has been initialised for */
operation_t operation; mbedtls_operation_t operation;
#if defined(POLARSSL_CIPHER_MODE_WITH_PADDING) #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
/** Padding functions to use, if relevant for cipher mode */ /** Padding functions to use, if relevant for cipher mode */
void (*add_padding)( unsigned char *output, size_t olen, size_t data_len ); void (*add_padding)( unsigned char *output, size_t olen, size_t data_len );
int (*get_padding)( unsigned char *input, size_t ilen, size_t *data_len ); int (*get_padding)( unsigned char *input, size_t ilen, size_t *data_len );
#endif #endif
/** Buffer for data that hasn't been encrypted yet */ /** Buffer for data that hasn't been encrypted yet */
unsigned char unprocessed_data[POLARSSL_MAX_BLOCK_LENGTH]; unsigned char unprocessed_data[MBEDTLS_MAX_BLOCK_LENGTH];
/** Number of bytes that still need processing */ /** Number of bytes that still need processing */
size_t unprocessed_len; size_t unprocessed_len;
/** Current IV or NONCE_COUNTER for CTR-mode */ /** Current IV or NONCE_COUNTER for CTR-mode */
unsigned char iv[POLARSSL_MAX_IV_LENGTH]; unsigned char iv[MBEDTLS_MAX_IV_LENGTH];
/** IV size in bytes (for ciphers with variable-length IVs) */ /** IV size in bytes (for ciphers with variable-length IVs) */
size_t iv_size; size_t iv_size;
/** Cipher-specific context */ /** Cipher-specific context */
void *cipher_ctx; void *cipher_ctx;
} cipher_context_t; } mbedtls_cipher_context_t;
/** /**
* \brief Returns the list of ciphers supported by the generic cipher module. * \brief Returns the list of ciphers supported by the generic cipher module.
@ -302,7 +302,7 @@ typedef struct {
* \return a statically allocated array of ciphers, the last entry * \return a statically allocated array of ciphers, the last entry
* is 0. * is 0.
*/ */
const int *cipher_list( void ); const int *mbedtls_cipher_list( void );
/** /**
* \brief Returns the cipher information structure associated * \brief Returns the cipher information structure associated
@ -313,7 +313,7 @@ const int *cipher_list( void );
* \return the cipher information structure associated with the * \return the cipher information structure associated with the
* given cipher_name, or NULL if not found. * given cipher_name, or NULL if not found.
*/ */
const cipher_info_t *cipher_info_from_string( const char *cipher_name ); const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string( const char *cipher_name );
/** /**
* \brief Returns the cipher information structure associated * \brief Returns the cipher information structure associated
@ -324,53 +324,53 @@ const cipher_info_t *cipher_info_from_string( const char *cipher_name );
* \return the cipher information structure associated with the * \return the cipher information structure associated with the
* given cipher_type, or NULL if not found. * given cipher_type, or NULL if not found.
*/ */
const cipher_info_t *cipher_info_from_type( const cipher_type_t cipher_type ); const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type( const mbedtls_cipher_type_t cipher_type );
/** /**
* \brief Returns the cipher information structure associated * \brief Returns the cipher information structure associated
* with the given cipher id, key size and mode. * with the given cipher id, key size and mode.
* *
* \param cipher_id Id of the cipher to search for * \param cipher_id Id of the cipher to search for
* (e.g. POLARSSL_CIPHER_ID_AES) * (e.g. MBEDTLS_CIPHER_ID_AES)
* \param key_length Length of the key in bits * \param key_length Length of the key in bits
* \param mode Cipher mode (e.g. POLARSSL_MODE_CBC) * \param mode Cipher mode (e.g. MBEDTLS_MODE_CBC)
* *
* \return the cipher information structure associated with the * \return the cipher information structure associated with the
* given cipher_type, or NULL if not found. * given cipher_type, or NULL if not found.
*/ */
const cipher_info_t *cipher_info_from_values( const cipher_id_t cipher_id, const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values( const mbedtls_cipher_id_t cipher_id,
int key_length, int key_length,
const cipher_mode_t mode ); const mbedtls_cipher_mode_t mode );
/** /**
* \brief Initialize a cipher_context (as NONE) * \brief Initialize a cipher_context (as NONE)
*/ */
void cipher_init( cipher_context_t *ctx ); void mbedtls_cipher_init( mbedtls_cipher_context_t *ctx );
/** /**
* \brief Free and clear the cipher-specific context of ctx. * \brief Free and clear the cipher-specific context of ctx.
* Freeing ctx itself remains the responsibility of the * Freeing ctx itself remains the responsibility of the
* caller. * caller.
*/ */
void cipher_free( cipher_context_t *ctx ); void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx );
/** /**
* \brief Initialises and fills the cipher context structure with * \brief Initialises and fills the cipher context structure with
* the appropriate values. * the appropriate values.
* *
* \note Currently also clears structure. In future versions you * \note Currently also clears structure. In future versions you
* will be required to call cipher_init() on the structure * will be required to call mbedtls_cipher_init() on the structure
* first. * first.
* *
* \param ctx context to initialise. May not be NULL. * \param ctx context to initialise. May not be NULL.
* \param cipher_info cipher to use. * \param cipher_info cipher to use.
* *
* \return 0 on success, * \return 0 on success,
* POLARSSL_ERR_CIPHER_BAD_INPUT_DATA on parameter failure, * MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA on parameter failure,
* POLARSSL_ERR_CIPHER_ALLOC_FAILED if allocation of the * MBEDTLS_ERR_CIPHER_ALLOC_FAILED if allocation of the
* cipher-specific context failed. * cipher-specific context failed.
*/ */
int cipher_init_ctx( cipher_context_t *ctx, const cipher_info_t *cipher_info ); int mbedtls_cipher_init_ctx( mbedtls_cipher_context_t *ctx, const mbedtls_cipher_info_t *cipher_info );
/** /**
* \brief Returns the block size of the given cipher. * \brief Returns the block size of the given cipher.
@ -380,7 +380,7 @@ int cipher_init_ctx( cipher_context_t *ctx, const cipher_info_t *cipher_info );
* \return size of the cipher's blocks, or 0 if ctx has not been * \return size of the cipher's blocks, or 0 if ctx has not been
* initialised. * initialised.
*/ */
static inline unsigned int cipher_get_block_size( const cipher_context_t *ctx ) static inline unsigned int mbedtls_cipher_get_block_size( const mbedtls_cipher_context_t *ctx )
{ {
if( NULL == ctx || NULL == ctx->cipher_info ) if( NULL == ctx || NULL == ctx->cipher_info )
return 0; return 0;
@ -390,17 +390,17 @@ static inline unsigned int cipher_get_block_size( const cipher_context_t *ctx )
/** /**
* \brief Returns the mode of operation for the cipher. * \brief Returns the mode of operation for the cipher.
* (e.g. POLARSSL_MODE_CBC) * (e.g. MBEDTLS_MODE_CBC)
* *
* \param ctx cipher's context. Must have been initialised. * \param ctx cipher's context. Must have been initialised.
* *
* \return mode of operation, or POLARSSL_MODE_NONE if ctx * \return mode of operation, or MBEDTLS_MODE_NONE if ctx
* has not been initialised. * has not been initialised.
*/ */
static inline cipher_mode_t cipher_get_cipher_mode( const cipher_context_t *ctx ) static inline mbedtls_cipher_mode_t mbedtls_cipher_get_cipher_mode( const mbedtls_cipher_context_t *ctx )
{ {
if( NULL == ctx || NULL == ctx->cipher_info ) if( NULL == ctx || NULL == ctx->cipher_info )
return POLARSSL_MODE_NONE; return MBEDTLS_MODE_NONE;
return ctx->cipher_info->mode; return ctx->cipher_info->mode;
} }
@ -414,7 +414,7 @@ static inline cipher_mode_t cipher_get_cipher_mode( const cipher_context_t *ctx
* (0 for ciphers not using IV/NONCE). * (0 for ciphers not using IV/NONCE).
* If IV has already been set: actual size. * If IV has already been set: actual size.
*/ */
static inline int cipher_get_iv_size( const cipher_context_t *ctx ) static inline int mbedtls_cipher_get_iv_size( const mbedtls_cipher_context_t *ctx )
{ {
if( NULL == ctx || NULL == ctx->cipher_info ) if( NULL == ctx || NULL == ctx->cipher_info )
return 0; return 0;
@ -430,13 +430,13 @@ static inline int cipher_get_iv_size( const cipher_context_t *ctx )
* *
* \param ctx cipher's context. Must have been initialised. * \param ctx cipher's context. Must have been initialised.
* *
* \return type of the cipher, or POLARSSL_CIPHER_NONE if ctx has * \return type of the cipher, or MBEDTLS_CIPHER_NONE if ctx has
* not been initialised. * not been initialised.
*/ */
static inline cipher_type_t cipher_get_type( const cipher_context_t *ctx ) static inline mbedtls_cipher_type_t mbedtls_cipher_get_type( const mbedtls_cipher_context_t *ctx )
{ {
if( NULL == ctx || NULL == ctx->cipher_info ) if( NULL == ctx || NULL == ctx->cipher_info )
return POLARSSL_CIPHER_NONE; return MBEDTLS_CIPHER_NONE;
return ctx->cipher_info->type; return ctx->cipher_info->type;
} }
@ -448,7 +448,7 @@ static inline cipher_type_t cipher_get_type( const cipher_context_t *ctx )
* *
* \return name of the cipher, or NULL if ctx was not initialised. * \return name of the cipher, or NULL if ctx was not initialised.
*/ */
static inline const char *cipher_get_name( const cipher_context_t *ctx ) static inline const char *mbedtls_cipher_get_name( const mbedtls_cipher_context_t *ctx )
{ {
if( NULL == ctx || NULL == ctx->cipher_info ) if( NULL == ctx || NULL == ctx->cipher_info )
return 0; return 0;
@ -462,13 +462,13 @@ static inline const char *cipher_get_name( const cipher_context_t *ctx )
* \param ctx cipher's context. Must have been initialised. * \param ctx cipher's context. Must have been initialised.
* *
* \return cipher's key length, in bits, or * \return cipher's key length, in bits, or
* POLARSSL_KEY_LENGTH_NONE if ctx has not been * MBEDTLS_KEY_LENGTH_NONE if ctx has not been
* initialised. * initialised.
*/ */
static inline int cipher_get_key_size( const cipher_context_t *ctx ) static inline int mbedtls_cipher_get_key_size( const mbedtls_cipher_context_t *ctx )
{ {
if( NULL == ctx || NULL == ctx->cipher_info ) if( NULL == ctx || NULL == ctx->cipher_info )
return POLARSSL_KEY_LENGTH_NONE; return MBEDTLS_KEY_LENGTH_NONE;
return ctx->cipher_info->key_length; return ctx->cipher_info->key_length;
} }
@ -478,14 +478,14 @@ static inline int cipher_get_key_size( const cipher_context_t *ctx )
* *
* \param ctx cipher's context. Must have been initialised. * \param ctx cipher's context. Must have been initialised.
* *
* \return operation (POLARSSL_ENCRYPT or POLARSSL_DECRYPT), * \return operation (MBEDTLS_ENCRYPT or MBEDTLS_DECRYPT),
* or POLARSSL_OPERATION_NONE if ctx has not been * or MBEDTLS_OPERATION_NONE if ctx has not been
* initialised. * initialised.
*/ */
static inline operation_t cipher_get_operation( const cipher_context_t *ctx ) static inline mbedtls_operation_t mbedtls_cipher_get_operation( const mbedtls_cipher_context_t *ctx )
{ {
if( NULL == ctx || NULL == ctx->cipher_info ) if( NULL == ctx || NULL == ctx->cipher_info )
return POLARSSL_OPERATION_NONE; return MBEDTLS_OPERATION_NONE;
return ctx->operation; return ctx->operation;
} }
@ -499,16 +499,16 @@ static inline operation_t cipher_get_operation( const cipher_context_t *ctx )
* \param key The key to use. * \param key The key to use.
* \param key_length key length to use, in bits. * \param key_length key length to use, in bits.
* \param operation Operation that the key will be used for, either * \param operation Operation that the key will be used for, either
* POLARSSL_ENCRYPT or POLARSSL_DECRYPT. * MBEDTLS_ENCRYPT or MBEDTLS_DECRYPT.
* *
* \returns 0 on success, POLARSSL_ERR_CIPHER_BAD_INPUT_DATA if * \returns 0 on success, MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA if
* parameter verification fails or a cipher specific * parameter verification fails or a cipher specific
* error code. * error code.
*/ */
int cipher_setkey( cipher_context_t *ctx, const unsigned char *key, int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, const unsigned char *key,
int key_length, const operation_t operation ); int key_length, const mbedtls_operation_t operation );
#if defined(POLARSSL_CIPHER_MODE_WITH_PADDING) #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
/** /**
* \brief Set padding mode, for cipher modes that use padding. * \brief Set padding mode, for cipher modes that use padding.
* (Default: PKCS7 padding.) * (Default: PKCS7 padding.)
@ -516,13 +516,13 @@ int cipher_setkey( cipher_context_t *ctx, const unsigned char *key,
* \param ctx generic cipher context * \param ctx generic cipher context
* \param mode padding mode * \param mode padding mode
* *
* \returns 0 on success, POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE * \returns 0 on success, MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE
* if selected padding mode is not supported, or * if selected padding mode is not supported, or
* POLARSSL_ERR_CIPHER_BAD_INPUT_DATA if the cipher mode * MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA if the cipher mode
* does not support padding. * does not support padding.
*/ */
int cipher_set_padding_mode( cipher_context_t *ctx, cipher_padding_t mode ); int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx, mbedtls_cipher_padding_t mode );
#endif /* POLARSSL_CIPHER_MODE_WITH_PADDING */ #endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
/** /**
* \brief Set the initialization vector (IV) or nonce * \brief Set the initialization vector (IV) or nonce
@ -532,12 +532,12 @@ int cipher_set_padding_mode( cipher_context_t *ctx, cipher_padding_t mode );
* \param iv_len IV length for ciphers with variable-size IV; * \param iv_len IV length for ciphers with variable-size IV;
* discarded by ciphers with fixed-size IV. * discarded by ciphers with fixed-size IV.
* *
* \returns 0 on success, or POLARSSL_ERR_CIPHER_BAD_INPUT_DATA * \returns 0 on success, or MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
* *
* \note Some ciphers don't use IVs nor NONCE. For these * \note Some ciphers don't use IVs nor NONCE. For these
* ciphers, this function has no effect. * ciphers, this function has no effect.
*/ */
int cipher_set_iv( cipher_context_t *ctx, int mbedtls_cipher_set_iv( mbedtls_cipher_context_t *ctx,
const unsigned char *iv, size_t iv_len ); const unsigned char *iv, size_t iv_len );
/** /**
@ -545,16 +545,16 @@ int cipher_set_iv( cipher_context_t *ctx,
* *
* \param ctx generic cipher context * \param ctx generic cipher context
* *
* \returns 0 on success, POLARSSL_ERR_CIPHER_BAD_INPUT_DATA * \returns 0 on success, MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA
* if parameter verification fails. * if parameter verification fails.
*/ */
int cipher_reset( cipher_context_t *ctx ); int mbedtls_cipher_reset( mbedtls_cipher_context_t *ctx );
#if defined(POLARSSL_GCM_C) #if defined(MBEDTLS_GCM_C)
/** /**
* \brief Add additional data (for AEAD ciphers). * \brief Add additional data (for AEAD ciphers).
* Currently only supported with GCM. * Currently only supported with GCM.
* Must be called exactly once, after cipher_reset(). * Must be called exactly once, after mbedtls_cipher_reset().
* *
* \param ctx generic cipher context * \param ctx generic cipher context
* \param ad Additional data to use. * \param ad Additional data to use.
@ -562,9 +562,9 @@ int cipher_reset( cipher_context_t *ctx );
* *
* \return 0 on success, or a specific error code. * \return 0 on success, or a specific error code.
*/ */
int cipher_update_ad( cipher_context_t *ctx, int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx,
const unsigned char *ad, size_t ad_len ); const unsigned char *ad, size_t ad_len );
#endif /* POLARSSL_GCM_C */ #endif /* MBEDTLS_GCM_C */
/** /**
* \brief Generic cipher update function. Encrypts/decrypts * \brief Generic cipher update function. Encrypts/decrypts
@ -573,7 +573,7 @@ int cipher_update_ad( cipher_context_t *ctx,
* that cannot be written immediately will either be added * that cannot be written immediately will either be added
* to the next block, or flushed when cipher_final is * to the next block, or flushed when cipher_final is
* called. * called.
* Exception: for POLARSSL_MODE_ECB, expects single block * Exception: for MBEDTLS_MODE_ECB, expects single block
* in size (e.g. 16 bytes for AES) * in size (e.g. 16 bytes for AES)
* *
* \param ctx generic cipher context * \param ctx generic cipher context
@ -585,17 +585,17 @@ int cipher_update_ad( cipher_context_t *ctx,
* \param olen length of the output data, will be filled with the * \param olen length of the output data, will be filled with the
* actual number of bytes written. * actual number of bytes written.
* *
* \returns 0 on success, POLARSSL_ERR_CIPHER_BAD_INPUT_DATA if * \returns 0 on success, MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA if
* parameter verification fails, * parameter verification fails,
* POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE on an * MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE on an
* unsupported mode for a cipher or a cipher specific * unsupported mode for a cipher or a cipher specific
* error code. * error code.
* *
* \note If the underlying cipher is GCM, all calls to this * \note If the underlying cipher is GCM, all calls to this
* function, except the last one before cipher_finish(), * function, except the last one before mbedtls_cipher_finish(),
* must have ilen a multiple of the block size. * must have ilen a multiple of the block size.
*/ */
int cipher_update( cipher_context_t *ctx, const unsigned char *input, int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *input,
size_t ilen, unsigned char *output, size_t *olen ); size_t ilen, unsigned char *output, size_t *olen );
/** /**
@ -608,21 +608,21 @@ int cipher_update( cipher_context_t *ctx, const unsigned char *input,
* \param output buffer to write data to. Needs block_size available. * \param output buffer to write data to. Needs block_size available.
* \param olen length of the data written to the output buffer. * \param olen length of the data written to the output buffer.
* *
* \returns 0 on success, POLARSSL_ERR_CIPHER_BAD_INPUT_DATA if * \returns 0 on success, MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA if
* parameter verification fails, * parameter verification fails,
* POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED if decryption * MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED if decryption
* expected a full block but was not provided one, * expected a full block but was not provided one,
* POLARSSL_ERR_CIPHER_INVALID_PADDING on invalid padding * MBEDTLS_ERR_CIPHER_INVALID_PADDING on invalid padding
* while decrypting or a cipher specific error code. * while decrypting or a cipher specific error code.
*/ */
int cipher_finish( cipher_context_t *ctx, int mbedtls_cipher_finish( mbedtls_cipher_context_t *ctx,
unsigned char *output, size_t *olen ); unsigned char *output, size_t *olen );
#if defined(POLARSSL_GCM_C) #if defined(MBEDTLS_GCM_C)
/** /**
* \brief Write tag for AEAD ciphers. * \brief Write tag for AEAD ciphers.
* Currently only supported with GCM. * Currently only supported with GCM.
* Must be called after cipher_finish(). * Must be called after mbedtls_cipher_finish().
* *
* \param ctx Generic cipher context * \param ctx Generic cipher context
* \param tag buffer to write the tag * \param tag buffer to write the tag
@ -630,13 +630,13 @@ int cipher_finish( cipher_context_t *ctx,
* *
* \return 0 on success, or a specific error code. * \return 0 on success, or a specific error code.
*/ */
int cipher_write_tag( cipher_context_t *ctx, int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx,
unsigned char *tag, size_t tag_len ); unsigned char *tag, size_t tag_len );
/** /**
* \brief Check tag for AEAD ciphers. * \brief Check tag for AEAD ciphers.
* Currently only supported with GCM. * Currently only supported with GCM.
* Must be called after cipher_finish(). * Must be called after mbedtls_cipher_finish().
* *
* \param ctx Generic cipher context * \param ctx Generic cipher context
* \param tag Buffer holding the tag * \param tag Buffer holding the tag
@ -644,9 +644,9 @@ int cipher_write_tag( cipher_context_t *ctx,
* *
* \return 0 on success, or a specific error code. * \return 0 on success, or a specific error code.
*/ */
int cipher_check_tag( cipher_context_t *ctx, int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx,
const unsigned char *tag, size_t tag_len ); const unsigned char *tag, size_t tag_len );
#endif /* POLARSSL_GCM_C */ #endif /* MBEDTLS_GCM_C */
/** /**
* \brief Generic all-in-one encryption/decryption * \brief Generic all-in-one encryption/decryption
@ -668,19 +668,19 @@ int cipher_check_tag( cipher_context_t *ctx,
* ciphers, use iv = NULL and iv_len = 0. * ciphers, use iv = NULL and iv_len = 0.
* *
* \returns 0 on success, or * \returns 0 on success, or
* POLARSSL_ERR_CIPHER_BAD_INPUT_DATA, or * MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, or
* POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED if decryption * MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED if decryption
* expected a full block but was not provided one, or * expected a full block but was not provided one, or
* POLARSSL_ERR_CIPHER_INVALID_PADDING on invalid padding * MBEDTLS_ERR_CIPHER_INVALID_PADDING on invalid padding
* while decrypting, or * while decrypting, or
* a cipher specific error code. * a cipher specific error code.
*/ */
int cipher_crypt( cipher_context_t *ctx, int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx,
const unsigned char *iv, size_t iv_len, const unsigned char *iv, size_t iv_len,
const unsigned char *input, size_t ilen, const unsigned char *input, size_t ilen,
unsigned char *output, size_t *olen ); unsigned char *output, size_t *olen );
#if defined(POLARSSL_CIPHER_MODE_AEAD) #if defined(MBEDTLS_CIPHER_MODE_AEAD)
/** /**
* \brief Generic autenticated encryption (AEAD ciphers). * \brief Generic autenticated encryption (AEAD ciphers).
* *
@ -700,10 +700,10 @@ int cipher_crypt( cipher_context_t *ctx,
* \param tag_len desired tag length * \param tag_len desired tag length
* *
* \returns 0 on success, or * \returns 0 on success, or
* POLARSSL_ERR_CIPHER_BAD_INPUT_DATA, or * MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, or
* a cipher specific error code. * a cipher specific error code.
*/ */
int cipher_auth_encrypt( cipher_context_t *ctx, int mbedtls_cipher_auth_encrypt( mbedtls_cipher_context_t *ctx,
const unsigned char *iv, size_t iv_len, const unsigned char *iv, size_t iv_len,
const unsigned char *ad, size_t ad_len, const unsigned char *ad, size_t ad_len,
const unsigned char *input, size_t ilen, const unsigned char *input, size_t ilen,
@ -729,24 +729,24 @@ int cipher_auth_encrypt( cipher_context_t *ctx,
* \param tag_len length of the authentication tag * \param tag_len length of the authentication tag
* *
* \returns 0 on success, or * \returns 0 on success, or
* POLARSSL_ERR_CIPHER_BAD_INPUT_DATA, or * MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA, or
* POLARSSL_ERR_CIPHER_AUTH_FAILED if data isn't authentic, * MBEDTLS_ERR_CIPHER_AUTH_FAILED if data isn't authentic,
* or a cipher specific error code. * or a cipher specific error code.
* *
* \note If the data is not authentic, then the output buffer * \note If the data is not authentic, then the output buffer
* is zeroed out to prevent the unauthentic plaintext to * is zeroed out to prevent the unauthentic plaintext to
* be used by mistake, making this interface safer. * be used by mistake, making this interface safer.
*/ */
int cipher_auth_decrypt( cipher_context_t *ctx, int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx,
const unsigned char *iv, size_t iv_len, const unsigned char *iv, size_t iv_len,
const unsigned char *ad, size_t ad_len, const unsigned char *ad, size_t ad_len,
const unsigned char *input, size_t ilen, const unsigned char *input, size_t ilen,
unsigned char *output, size_t *olen, unsigned char *output, size_t *olen,
const unsigned char *tag, size_t tag_len ); const unsigned char *tag, size_t tag_len );
#endif /* POLARSSL_CIPHER_MODE_AEAD */ #endif /* MBEDTLS_CIPHER_MODE_AEAD */
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#endif /* POLARSSL_CIPHER_H */ #endif /* MBEDTLS_CIPHER_H */

20
include/mbedtls/cipher_wrap.h
View File

@ -23,13 +23,13 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_CIPHER_WRAP_H #ifndef MBEDTLS_CIPHER_WRAP_H
#define POLARSSL_CIPHER_WRAP_H #define MBEDTLS_CIPHER_WRAP_H
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h" #include "config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#include "cipher.h" #include "cipher.h"
@ -40,16 +40,16 @@ extern "C" {
typedef struct typedef struct
{ {
cipher_type_t type; mbedtls_cipher_type_t type;
const cipher_info_t *info; const mbedtls_cipher_info_t *info;
} cipher_definition_t; } mbedtls_cipher_definition_t;
extern const cipher_definition_t cipher_definitions[]; extern const mbedtls_cipher_definition_t mbedtls_cipher_definitions[];
extern int supported_ciphers[]; extern int mbedtls_cipher_supported[];
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#endif /* POLARSSL_CIPHER_WRAP_H */ #endif /* MBEDTLS_CIPHER_WRAP_H */

1614
include/mbedtls/config.h
View File

File diff suppressed because it is too large Load Diff

114
include/mbedtls/ctr_drbg.h
View File

@ -21,20 +21,20 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_CTR_DRBG_H #ifndef MBEDTLS_CTR_DRBG_H
#define POLARSSL_CTR_DRBG_H #define MBEDTLS_CTR_DRBG_H
#include "aes.h" #include "aes.h"
#define POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED -0x0034 /**< The entropy source failed. */ #define MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED -0x0034 /**< The entropy source failed. */
#define POLARSSL_ERR_CTR_DRBG_REQUEST_TOO_BIG -0x0036 /**< Too many random requested in single call. */ #define MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG -0x0036 /**< Too many random requested in single call. */
#define POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG -0x0038 /**< Input too large (Entropy + additional). */ #define MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG -0x0038 /**< Input too large (Entropy + additional). */
#define POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR -0x003A /**< Read/write error in file. */ #define MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR -0x003A /**< Read/write error in file. */
#define CTR_DRBG_BLOCKSIZE 16 /**< Block size used by the cipher */ #define MBEDTLS_CTR_DRBG_BLOCKSIZE 16 /**< Block size used by the cipher */
#define CTR_DRBG_KEYSIZE 32 /**< Key size used by the cipher */ #define MBEDTLS_CTR_DRBG_KEYSIZE 32 /**< Key size used by the cipher */
#define CTR_DRBG_KEYBITS ( CTR_DRBG_KEYSIZE * 8 ) #define MBEDTLS_CTR_DRBG_KEYBITS ( MBEDTLS_CTR_DRBG_KEYSIZE * 8 )
#define CTR_DRBG_SEEDLEN ( CTR_DRBG_KEYSIZE + CTR_DRBG_BLOCKSIZE ) #define MBEDTLS_CTR_DRBG_SEEDLEN ( MBEDTLS_CTR_DRBG_KEYSIZE + MBEDTLS_CTR_DRBG_BLOCKSIZE )
/**< The seed length (counter + AES key) */ /**< The seed length (counter + AES key) */
/** /**
@ -45,34 +45,34 @@
* \{ * \{
*/ */
#if !defined(CTR_DRBG_ENTROPY_LEN) #if !defined(MBEDTLS_CTR_DRBG_ENTROPY_LEN)
#if defined(POLARSSL_SHA512_C) && !defined(POLARSSL_ENTROPY_FORCE_SHA256) #if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_ENTROPY_FORCE_SHA256)
#define CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */ #define MBEDTLS_CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */
#else #else
#define CTR_DRBG_ENTROPY_LEN 32 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */ #define MBEDTLS_CTR_DRBG_ENTROPY_LEN 32 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */
#endif #endif
#endif #endif
#if !defined(CTR_DRBG_RESEED_INTERVAL) #if !defined(MBEDTLS_CTR_DRBG_RESEED_INTERVAL)
#define CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ #define MBEDTLS_CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
#endif #endif
#if !defined(CTR_DRBG_MAX_INPUT) #if !defined(MBEDTLS_CTR_DRBG_MAX_INPUT)
#define CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ #define MBEDTLS_CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
#endif #endif
#if !defined(CTR_DRBG_MAX_REQUEST) #if !defined(MBEDTLS_CTR_DRBG_MAX_REQUEST)
#define CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ #define MBEDTLS_CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
#endif #endif
#if !defined(CTR_DRBG_MAX_SEED_INPUT) #if !defined(MBEDTLS_CTR_DRBG_MAX_SEED_INPUT)
#define CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ #define MBEDTLS_CTR_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
#endif #endif
/* \} name SECTION: Module settings */ /* \} name SECTION: Module settings */
#define CTR_DRBG_PR_OFF 0 /**< No prediction resistance */ #define MBEDTLS_CTR_DRBG_PR_OFF 0 /**< No prediction resistance */
#define CTR_DRBG_PR_ON 1 /**< Prediction resistance enabled */ #define MBEDTLS_CTR_DRBG_PR_ON 1 /**< Prediction resistance enabled */
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
@ -91,7 +91,7 @@ typedef struct
(re)seed */ (re)seed */
int reseed_interval; /*!< reseed interval */ int reseed_interval; /*!< reseed interval */
aes_context aes_ctx; /*!< AES context */ mbedtls_aes_context aes_ctx; /*!< AES context */
/* /*
* Callbacks (Entropy) * Callbacks (Entropy)
@ -100,7 +100,7 @@ typedef struct
void *p_entropy; /*!< context for the entropy function */ void *p_entropy; /*!< context for the entropy function */
} }
ctr_drbg_context; mbedtls_ctr_drbg_context;
/** /**
* \brief CTR_DRBG initialization * \brief CTR_DRBG initialization
@ -117,9 +117,9 @@ ctr_drbg_context;
* \param len Length of personalization data * \param len Length of personalization data
* *
* \return 0 if successful, or * \return 0 if successful, or
* POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED * MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED
*/ */
int ctr_drbg_init( ctr_drbg_context *ctx, int mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx,
int (*f_entropy)(void *, unsigned char *, size_t), int (*f_entropy)(void *, unsigned char *, size_t),
void *p_entropy, void *p_entropy,
const unsigned char *custom, const unsigned char *custom,
@ -130,7 +130,7 @@ int ctr_drbg_init( ctr_drbg_context *ctx,
* *
* \param ctx CTR_DRBG context to clear * \param ctx CTR_DRBG context to clear
*/ */
void ctr_drbg_free( ctr_drbg_context *ctx ); void mbedtls_ctr_drbg_free( mbedtls_ctr_drbg_context *ctx );
/** /**
* \brief Enable / disable prediction resistance (Default: Off) * \brief Enable / disable prediction resistance (Default: Off)
@ -139,29 +139,29 @@ void ctr_drbg_free( ctr_drbg_context *ctx );
* Only use this if you have ample supply of good entropy! * Only use this if you have ample supply of good entropy!
* *
* \param ctx CTR_DRBG context * \param ctx CTR_DRBG context
* \param resistance CTR_DRBG_PR_ON or CTR_DRBG_PR_OFF * \param resistance MBEDTLS_CTR_DRBG_PR_ON or MBEDTLS_CTR_DRBG_PR_OFF
*/ */
void ctr_drbg_set_prediction_resistance( ctr_drbg_context *ctx, void mbedtls_ctr_drbg_set_prediction_resistance( mbedtls_ctr_drbg_context *ctx,
int resistance ); int resistance );
/** /**
* \brief Set the amount of entropy grabbed on each (re)seed * \brief Set the amount of entropy grabbed on each (re)seed
* (Default: CTR_DRBG_ENTROPY_LEN) * (Default: MBEDTLS_CTR_DRBG_ENTROPY_LEN)
* *
* \param ctx CTR_DRBG context * \param ctx CTR_DRBG context
* \param len Amount of entropy to grab * \param len Amount of entropy to grab
*/ */
void ctr_drbg_set_entropy_len( ctr_drbg_context *ctx, void mbedtls_ctr_drbg_set_entropy_len( mbedtls_ctr_drbg_context *ctx,
size_t len ); size_t len );
/** /**
* \brief Set the reseed interval * \brief Set the reseed interval
* (Default: CTR_DRBG_RESEED_INTERVAL) * (Default: MBEDTLS_CTR_DRBG_RESEED_INTERVAL)
* *
* \param ctx CTR_DRBG context * \param ctx CTR_DRBG context
* \param interval Reseed interval * \param interval Reseed interval
*/ */
void ctr_drbg_set_reseed_interval( ctr_drbg_context *ctx, void mbedtls_ctr_drbg_set_reseed_interval( mbedtls_ctr_drbg_context *ctx,
int interval ); int interval );
/** /**
@ -172,9 +172,9 @@ void ctr_drbg_set_reseed_interval( ctr_drbg_context *ctx,
* \param len Length of additional data * \param len Length of additional data
* *
* \return 0 if successful, or * \return 0 if successful, or
* POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED * MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED
*/ */
int ctr_drbg_reseed( ctr_drbg_context *ctx, int mbedtls_ctr_drbg_reseed( mbedtls_ctr_drbg_context *ctx,
const unsigned char *additional, size_t len ); const unsigned char *additional, size_t len );
/** /**
@ -184,11 +184,11 @@ int ctr_drbg_reseed( ctr_drbg_context *ctx,
* \param additional Additional data to update state with * \param additional Additional data to update state with
* \param add_len Length of additional data * \param add_len Length of additional data
* *
* \note If add_len is greater than CTR_DRBG_MAX_SEED_INPUT, * \note If add_len is greater than MBEDTLS_CTR_DRBG_MAX_SEED_INPUT,
* only the first CTR_DRBG_MAX_SEED_INPUT bytes are used, * only the first MBEDTLS_CTR_DRBG_MAX_SEED_INPUT bytes are used,
* the remaining ones are silently discarded. * the remaining ones are silently discarded.
*/ */
void ctr_drbg_update( ctr_drbg_context *ctx, void mbedtls_ctr_drbg_update( mbedtls_ctr_drbg_context *ctx,
const unsigned char *additional, size_t add_len ); const unsigned char *additional, size_t add_len );
/** /**
@ -203,10 +203,10 @@ void ctr_drbg_update( ctr_drbg_context *ctx,
* \param add_len Length of additional data * \param add_len Length of additional data
* *
* \return 0 if successful, or * \return 0 if successful, or
* POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED, or * MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED, or
* POLARSSL_ERR_CTR_DRBG_REQUEST_TOO_BIG * MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG
*/ */
int ctr_drbg_random_with_add( void *p_rng, int mbedtls_ctr_drbg_random_with_add( void *p_rng,
unsigned char *output, size_t output_len, unsigned char *output, size_t output_len,
const unsigned char *additional, size_t add_len ); const unsigned char *additional, size_t add_len );
@ -220,13 +220,13 @@ int ctr_drbg_random_with_add( void *p_rng,
* \param output_len Length of the buffer * \param output_len Length of the buffer
* *
* \return 0 if successful, or * \return 0 if successful, or
* POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED, or * MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED, or
* POLARSSL_ERR_CTR_DRBG_REQUEST_TOO_BIG * MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG
*/ */
int ctr_drbg_random( void *p_rng, int mbedtls_ctr_drbg_random( void *p_rng,
unsigned char *output, size_t output_len ); unsigned char *output, size_t output_len );
#if defined(POLARSSL_FS_IO) #if defined(MBEDTLS_FS_IO)
/** /**
* \brief Write a seed file * \brief Write a seed file
* *
@ -234,10 +234,10 @@ int ctr_drbg_random( void *p_rng,
* \param path Name of the file * \param path Name of the file
* *
* \return 0 if successful, * \return 0 if successful,
* POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR on file error, or * MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR on file error, or
* POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED * MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED
*/ */
int ctr_drbg_write_seed_file( ctr_drbg_context *ctx, const char *path ); int mbedtls_ctr_drbg_write_seed_file( mbedtls_ctr_drbg_context *ctx, const char *path );
/** /**
* \brief Read and update a seed file. Seed is added to this * \brief Read and update a seed file. Seed is added to this
@ -247,22 +247,22 @@ int ctr_drbg_write_seed_file( ctr_drbg_context *ctx, const char *path );
* \param path Name of the file * \param path Name of the file
* *
* \return 0 if successful, * \return 0 if successful,
* POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR on file error, * MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR on file error,
* POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED or * MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED or
* POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG * MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG
*/ */
int ctr_drbg_update_seed_file( ctr_drbg_context *ctx, const char *path ); int mbedtls_ctr_drbg_update_seed_file( mbedtls_ctr_drbg_context *ctx, const char *path );
#endif /* POLARSSL_FS_IO */ #endif /* MBEDTLS_FS_IO */
/** /**
* \brief Checkup routine * \brief Checkup routine
* *
* \return 0 if successful, or 1 if the test failed * \return 0 if successful, or 1 if the test failed
*/ */
int ctr_drbg_self_test( int verbose ); int mbedtls_ctr_drbg_self_test( int verbose );
/* Internal functions (do not call directly) */ /* Internal functions (do not call directly) */
int ctr_drbg_init_entropy_len( ctr_drbg_context *, int mbedtls_ctr_drbg_init_entropy_len( mbedtls_ctr_drbg_context *,
int (*)(void *, unsigned char *, size_t), void *, int (*)(void *, unsigned char *, size_t), void *,
const unsigned char *, size_t, size_t ); const unsigned char *, size_t, size_t );

102
include/mbedtls/debug.h
View File

@ -21,25 +21,25 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_DEBUG_H #ifndef MBEDTLS_DEBUG_H
#define POLARSSL_DEBUG_H #define MBEDTLS_DEBUG_H
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h" #include "config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#include "ssl.h" #include "ssl.h"
#if defined(POLARSSL_ECP_C) #if defined(MBEDTLS_ECP_C)
#include "ecp.h" #include "ecp.h"
#endif #endif
#if defined(POLARSSL_DEBUG_C) #if defined(MBEDTLS_DEBUG_C)
#define POLARSSL_DEBUG_LOG_FULL 0 /**< Include file:line in log lines */ #define MBEDTLS_DEBUG_LOG_FULL 0 /**< Include file:line in log lines */
#define POLARSSL_DEBUG_LOG_RAW 1 /**< Only log raw debug lines */ #define MBEDTLS_DEBUG_LOG_RAW 1 /**< Only log raw debug lines */
/** /**
* \name SECTION: Module settings * \name SECTION: Module settings
@ -49,47 +49,47 @@
* \{ * \{
*/ */
#if !defined(POLARSSL_DEBUG_DFL_MODE) #if !defined(MBEDTLS_DEBUG_DFL_MODE)
#define POLARSSL_DEBUG_DFL_MODE POLARSSL_DEBUG_LOG_FULL /**< Default log: Full or Raw */ #define MBEDTLS_DEBUG_DFL_MODE MBEDTLS_DEBUG_LOG_FULL /**< Default log: Full or Raw */
#endif #endif
/* \} name SECTION: Module settings */ /* \} name SECTION: Module settings */
#define SSL_DEBUG_MSG( level, args ) \ #define MBEDTLS_SSL_DEBUG_MSG( level, args ) \
debug_print_msg( ssl, level, __FILE__, __LINE__, debug_fmt args ); mbedtls_debug_print_msg( ssl, level, __FILE__, __LINE__, mbedtls_debug_fmt args );
#define SSL_DEBUG_RET( level, text, ret ) \ #define MBEDTLS_SSL_DEBUG_RET( level, text, ret ) \
debug_print_ret( ssl, level, __FILE__, __LINE__, text, ret ); mbedtls_debug_print_ret( ssl, level, __FILE__, __LINE__, text, ret );
#define SSL_DEBUG_BUF( level, text, buf, len ) \ #define MBEDTLS_SSL_DEBUG_BUF( level, text, buf, len ) \
debug_print_buf( ssl, level, __FILE__, __LINE__, text, buf, len ); mbedtls_debug_print_buf( ssl, level, __FILE__, __LINE__, text, buf, len );
#if defined(POLARSSL_BIGNUM_C) #if defined(MBEDTLS_BIGNUM_C)
#define SSL_DEBUG_MPI( level, text, X ) \ #define MBEDTLS_SSL_DEBUG_MPI( level, text, X ) \
debug_print_mpi( ssl, level, __FILE__, __LINE__, text, X ); mbedtls_debug_print_mpi( ssl, level, __FILE__, __LINE__, text, X );
#endif #endif
#if defined(POLARSSL_ECP_C) #if defined(MBEDTLS_ECP_C)
#define SSL_DEBUG_ECP( level, text, X ) \ #define MBEDTLS_SSL_DEBUG_ECP( level, text, X ) \
debug_print_ecp( ssl, level, __FILE__, __LINE__, text, X ); mbedtls_debug_print_ecp( ssl, level, __FILE__, __LINE__, text, X );
#endif #endif
#if defined(POLARSSL_X509_CRT_PARSE_C) #if defined(MBEDTLS_X509_CRT_PARSE_C)
#define SSL_DEBUG_CRT( level, text, crt ) \ #define MBEDTLS_SSL_DEBUG_CRT( level, text, crt ) \
debug_print_crt( ssl, level, __FILE__, __LINE__, text, crt ); mbedtls_debug_print_crt( ssl, level, __FILE__, __LINE__, text, crt );
#endif #endif
#else /* POLARSSL_DEBUG_C */ #else /* MBEDTLS_DEBUG_C */
#define SSL_DEBUG_MSG( level, args ) do { } while( 0 ) #define MBEDTLS_SSL_DEBUG_MSG( level, args ) do { } while( 0 )
#define SSL_DEBUG_RET( level, text, ret ) do { } while( 0 ) #define MBEDTLS_SSL_DEBUG_RET( level, text, ret ) do { } while( 0 )
#define SSL_DEBUG_BUF( level, text, buf, len ) do { } while( 0 ) #define MBEDTLS_SSL_DEBUG_BUF( level, text, buf, len ) do { } while( 0 )
#define SSL_DEBUG_MPI( level, text, X ) do { } while( 0 ) #define MBEDTLS_SSL_DEBUG_MPI( level, text, X ) do { } while( 0 )
#define SSL_DEBUG_ECP( level, text, X ) do { } while( 0 ) #define MBEDTLS_SSL_DEBUG_ECP( level, text, X ) do { } while( 0 )
#define SSL_DEBUG_CRT( level, text, crt ) do { } while( 0 ) #define MBEDTLS_SSL_DEBUG_CRT( level, text, crt ) do { } while( 0 )
#endif /* POLARSSL_DEBUG_C */ #endif /* MBEDTLS_DEBUG_C */
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
@ -97,12 +97,12 @@ extern "C" {
/** /**
* \brief Set the log mode for the debug functions globally * \brief Set the log mode for the debug functions globally
* (Default value: POLARSSL_DEBUG_DFL_MODE) * (Default value: MBEDTLS_DEBUG_DFL_MODE)
* *
* \param log_mode The log mode to use (POLARSSL_DEBUG_LOG_FULL or * \param log_mode The log mode to use (MBEDTLS_DEBUG_LOG_FULL or
* POLARSSL_DEBUG_LOG_RAW) * MBEDTLS_DEBUG_LOG_RAW)
*/ */
void debug_set_log_mode( int log_mode ); void mbedtls_debug_set_log_mode( int log_mode );
/** /**
* \brief Set the level threshold to handle globally. Messages that have a * \brief Set the level threshold to handle globally. Messages that have a
@ -111,37 +111,37 @@ void debug_set_log_mode( int log_mode );
* *
* \param threshold maximum level of messages to pass on * \param threshold maximum level of messages to pass on
*/ */
void debug_set_threshold( int threshold ); void mbedtls_debug_set_threshold( int threshold );
char *debug_fmt( const char *format, ... ); char *mbedtls_debug_fmt( const char *format, ... );
void debug_print_msg( const ssl_context *ssl, int level, void mbedtls_debug_print_msg( const mbedtls_ssl_context *ssl, int level,
const char *file, int line, const char *text ); const char *file, int line, const char *text );
void debug_print_ret( const ssl_context *ssl, int level, void mbedtls_debug_print_ret( const mbedtls_ssl_context *ssl, int level,
const char *file, int line, const char *file, int line,
const char *text, int ret ); const char *text, int ret );
void debug_print_buf( const ssl_context *ssl, int level, void mbedtls_debug_print_buf( const mbedtls_ssl_context *ssl, int level,
const char *file, int line, const char *text, const char *file, int line, const char *text,
const unsigned char *buf, size_t len ); const unsigned char *buf, size_t len );
#if defined(POLARSSL_BIGNUM_C) #if defined(MBEDTLS_BIGNUM_C)
void debug_print_mpi( const ssl_context *ssl, int level, void mbedtls_debug_print_mpi( const mbedtls_ssl_context *ssl, int level,
const char *file, int line, const char *file, int line,
const char *text, const mpi *X ); const char *text, const mbedtls_mpi *X );
#endif #endif
#if defined(POLARSSL_ECP_C) #if defined(MBEDTLS_ECP_C)
void debug_print_ecp( const ssl_context *ssl, int level, void mbedtls_debug_print_ecp( const mbedtls_ssl_context *ssl, int level,
const char *file, int line, const char *file, int line,
const char *text, const ecp_point *X ); const char *text, const mbedtls_ecp_point *X );
#endif #endif
#if defined(POLARSSL_X509_CRT_PARSE_C) #if defined(MBEDTLS_X509_CRT_PARSE_C)
void debug_print_crt( const ssl_context *ssl, int level, void mbedtls_debug_print_crt( const mbedtls_ssl_context *ssl, int level,
const char *file, int line, const char *file, int line,
const char *text, const x509_crt *crt ); const char *text, const mbedtls_x509_crt *crt );
#endif #endif
#ifdef __cplusplus #ifdef __cplusplus

84
include/mbedtls/des.h
View File

@ -21,13 +21,13 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_DES_H #ifndef MBEDTLS_DES_H
#define POLARSSL_DES_H #define MBEDTLS_DES_H
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h" #include "config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#include <stddef.h> #include <stddef.h>
@ -39,14 +39,14 @@ typedef UINT32 uint32_t;
#include <inttypes.h> #include <inttypes.h>
#endif #endif
#define DES_ENCRYPT 1 #define MBEDTLS_DES_ENCRYPT 1
#define DES_DECRYPT 0 #define MBEDTLS_DES_DECRYPT 0
#define POLARSSL_ERR_DES_INVALID_INPUT_LENGTH -0x0032 /**< The data input has an invalid length. */ #define MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH -0x0032 /**< The data input has an invalid length. */
#define DES_KEY_SIZE 8 #define MBEDTLS_DES_KEY_SIZE 8
#if !defined(POLARSSL_DES_ALT) #if !defined(MBEDTLS_DES_ALT)
// Regular implementation // Regular implementation
// //
@ -62,7 +62,7 @@ typedef struct
int mode; /*!< encrypt/decrypt */ int mode; /*!< encrypt/decrypt */
uint32_t sk[32]; /*!< DES subkeys */ uint32_t sk[32]; /*!< DES subkeys */
} }
des_context; mbedtls_des_context;
/** /**
* \brief Triple-DES context structure * \brief Triple-DES context structure
@ -72,35 +72,35 @@ typedef struct
int mode; /*!< encrypt/decrypt */ int mode; /*!< encrypt/decrypt */
uint32_t sk[96]; /*!< 3DES subkeys */ uint32_t sk[96]; /*!< 3DES subkeys */
} }
des3_context; mbedtls_des3_context;
/** /**
* \brief Initialize DES context * \brief Initialize DES context
* *
* \param ctx DES context to be initialized * \param ctx DES context to be initialized
*/ */
void des_init( des_context *ctx ); void mbedtls_des_init( mbedtls_des_context *ctx );
/** /**
* \brief Clear DES context * \brief Clear DES context
* *
* \param ctx DES context to be cleared * \param ctx DES context to be cleared
*/ */
void des_free( des_context *ctx ); void mbedtls_des_free( mbedtls_des_context *ctx );
/** /**
* \brief Initialize Triple-DES context * \brief Initialize Triple-DES context
* *
* \param ctx DES3 context to be initialized * \param ctx DES3 context to be initialized
*/ */
void des3_init( des3_context *ctx ); void mbedtls_des3_init( mbedtls_des3_context *ctx );
/** /**
* \brief Clear Triple-DES context * \brief Clear Triple-DES context
* *
* \param ctx DES3 context to be cleared * \param ctx DES3 context to be cleared
*/ */
void des3_free( des3_context *ctx ); void mbedtls_des3_free( mbedtls_des3_context *ctx );
/** /**
* \brief Set key parity on the given key to odd. * \brief Set key parity on the given key to odd.
@ -110,7 +110,7 @@ void des3_free( des3_context *ctx );
* *
* \param key 8-byte secret key * \param key 8-byte secret key
*/ */
void des_key_set_parity( unsigned char key[DES_KEY_SIZE] ); void mbedtls_des_key_set_parity( unsigned char key[MBEDTLS_DES_KEY_SIZE] );
/** /**
* \brief Check that key parity on the given key is odd. * \brief Check that key parity on the given key is odd.
@ -122,7 +122,7 @@ void des_key_set_parity( unsigned char key[DES_KEY_SIZE] );
* *
* \return 0 is parity was ok, 1 if parity was not correct. * \return 0 is parity was ok, 1 if parity was not correct.
*/ */
int des_key_check_key_parity( const unsigned char key[DES_KEY_SIZE] ); int mbedtls_des_key_check_key_parity( const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
/** /**
* \brief Check that key is not a weak or semi-weak DES key * \brief Check that key is not a weak or semi-weak DES key
@ -131,7 +131,7 @@ int des_key_check_key_parity( const unsigned char key[DES_KEY_SIZE] );
* *
* \return 0 if no weak key was found, 1 if a weak key was identified. * \return 0 if no weak key was found, 1 if a weak key was identified.
*/ */
int des_key_check_weak( const unsigned char key[DES_KEY_SIZE] ); int mbedtls_des_key_check_weak( const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
/** /**
* \brief DES key schedule (56-bit, encryption) * \brief DES key schedule (56-bit, encryption)
@ -141,7 +141,7 @@ int des_key_check_weak( const unsigned char key[DES_KEY_SIZE] );
* *
* \return 0 * \return 0
*/ */
int des_setkey_enc( des_context *ctx, const unsigned char key[DES_KEY_SIZE] ); int mbedtls_des_setkey_enc( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
/** /**
* \brief DES key schedule (56-bit, decryption) * \brief DES key schedule (56-bit, decryption)
@ -151,7 +151,7 @@ int des_setkey_enc( des_context *ctx, const unsigned char key[DES_KEY_SIZE] );
* *
* \return 0 * \return 0
*/ */
int des_setkey_dec( des_context *ctx, const unsigned char key[DES_KEY_SIZE] ); int mbedtls_des_setkey_dec( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] );
/** /**
* \brief Triple-DES key schedule (112-bit, encryption) * \brief Triple-DES key schedule (112-bit, encryption)
@ -161,8 +161,8 @@ int des_setkey_dec( des_context *ctx, const unsigned char key[DES_KEY_SIZE] );
* *
* \return 0 * \return 0
*/ */
int des3_set2key_enc( des3_context *ctx, int mbedtls_des3_set2key_enc( mbedtls_des3_context *ctx,
const unsigned char key[DES_KEY_SIZE * 2] ); const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2] );
/** /**
* \brief Triple-DES key schedule (112-bit, decryption) * \brief Triple-DES key schedule (112-bit, decryption)
@ -172,8 +172,8 @@ int des3_set2key_enc( des3_context *ctx,
* *
* \return 0 * \return 0
*/ */
int des3_set2key_dec( des3_context *ctx, int mbedtls_des3_set2key_dec( mbedtls_des3_context *ctx,
const unsigned char key[DES_KEY_SIZE * 2] ); const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2] );
/** /**
* \brief Triple-DES key schedule (168-bit, encryption) * \brief Triple-DES key schedule (168-bit, encryption)
@ -183,8 +183,8 @@ int des3_set2key_dec( des3_context *ctx,
* *
* \return 0 * \return 0
*/ */
int des3_set3key_enc( des3_context *ctx, int mbedtls_des3_set3key_enc( mbedtls_des3_context *ctx,
const unsigned char key[DES_KEY_SIZE * 3] ); const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3] );
/** /**
* \brief Triple-DES key schedule (168-bit, decryption) * \brief Triple-DES key schedule (168-bit, decryption)
@ -194,8 +194,8 @@ int des3_set3key_enc( des3_context *ctx,
* *
* \return 0 * \return 0
*/ */
int des3_set3key_dec( des3_context *ctx, int mbedtls_des3_set3key_dec( mbedtls_des3_context *ctx,
const unsigned char key[DES_KEY_SIZE * 3] ); const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3] );
/** /**
* \brief DES-ECB block encryption/decryption * \brief DES-ECB block encryption/decryption
@ -206,11 +206,11 @@ int des3_set3key_dec( des3_context *ctx,
* *
* \return 0 if successful * \return 0 if successful
*/ */
int des_crypt_ecb( des_context *ctx, int mbedtls_des_crypt_ecb( mbedtls_des_context *ctx,
const unsigned char input[8], const unsigned char input[8],
unsigned char output[8] ); unsigned char output[8] );
#if defined(POLARSSL_CIPHER_MODE_CBC) #if defined(MBEDTLS_CIPHER_MODE_CBC)
/** /**
* \brief DES-CBC buffer encryption/decryption * \brief DES-CBC buffer encryption/decryption
* *
@ -223,19 +223,19 @@ int des_crypt_ecb( des_context *ctx,
* module instead. * module instead.
* *
* \param ctx DES context * \param ctx DES context
* \param mode DES_ENCRYPT or DES_DECRYPT * \param mode MBEDTLS_DES_ENCRYPT or MBEDTLS_DES_DECRYPT
* \param length length of the input data * \param length length of the input data
* \param iv initialization vector (updated after use) * \param iv initialization vector (updated after use)
* \param input buffer holding the input data * \param input buffer holding the input data
* \param output buffer holding the output data * \param output buffer holding the output data
*/ */
int des_crypt_cbc( des_context *ctx, int mbedtls_des_crypt_cbc( mbedtls_des_context *ctx,
int mode, int mode,
size_t length, size_t length,
unsigned char iv[8], unsigned char iv[8],
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output );
#endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* MBEDTLS_CIPHER_MODE_CBC */
/** /**
* \brief 3DES-ECB block encryption/decryption * \brief 3DES-ECB block encryption/decryption
@ -246,11 +246,11 @@ int des_crypt_cbc( des_context *ctx,
* *
* \return 0 if successful * \return 0 if successful
*/ */
int des3_crypt_ecb( des3_context *ctx, int mbedtls_des3_crypt_ecb( mbedtls_des3_context *ctx,
const unsigned char input[8], const unsigned char input[8],
unsigned char output[8] ); unsigned char output[8] );
#if defined(POLARSSL_CIPHER_MODE_CBC) #if defined(MBEDTLS_CIPHER_MODE_CBC)
/** /**
* \brief 3DES-CBC buffer encryption/decryption * \brief 3DES-CBC buffer encryption/decryption
* *
@ -263,29 +263,29 @@ int des3_crypt_ecb( des3_context *ctx,
* module instead. * module instead.
* *
* \param ctx 3DES context * \param ctx 3DES context
* \param mode DES_ENCRYPT or DES_DECRYPT * \param mode MBEDTLS_DES_ENCRYPT or MBEDTLS_DES_DECRYPT
* \param length length of the input data * \param length length of the input data
* \param iv initialization vector (updated after use) * \param iv initialization vector (updated after use)
* \param input buffer holding the input data * \param input buffer holding the input data
* \param output buffer holding the output data * \param output buffer holding the output data
* *
* \return 0 if successful, or POLARSSL_ERR_DES_INVALID_INPUT_LENGTH * \return 0 if successful, or MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH
*/ */
int des3_crypt_cbc( des3_context *ctx, int mbedtls_des3_crypt_cbc( mbedtls_des3_context *ctx,
int mode, int mode,
size_t length, size_t length,
unsigned char iv[8], unsigned char iv[8],
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output );
#endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* MBEDTLS_CIPHER_MODE_CBC */
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#else /* POLARSSL_DES_ALT */ #else /* MBEDTLS_DES_ALT */
#include "des_alt.h" #include "des_alt.h"
#endif /* POLARSSL_DES_ALT */ #endif /* MBEDTLS_DES_ALT */
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
@ -296,7 +296,7 @@ extern "C" {
* *
* \return 0 if successful, or 1 if the test failed * \return 0 if successful, or 1 if the test failed
*/ */
int des_self_test( int verbose ); int mbedtls_des_self_test( int verbose );
#ifdef __cplusplus #ifdef __cplusplus
} }

104
include/mbedtls/dhm.h
View File

@ -21,23 +21,23 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_DHM_H #ifndef MBEDTLS_DHM_H
#define POLARSSL_DHM_H #define MBEDTLS_DHM_H
#include "bignum.h" #include "bignum.h"
/* /*
* DHM Error codes * DHM Error codes
*/ */
#define POLARSSL_ERR_DHM_BAD_INPUT_DATA -0x3080 /**< Bad input parameters to function. */ #define MBEDTLS_ERR_DHM_BAD_INPUT_DATA -0x3080 /**< Bad input parameters to function. */
#define POLARSSL_ERR_DHM_READ_PARAMS_FAILED -0x3100 /**< Reading of the DHM parameters failed. */ #define MBEDTLS_ERR_DHM_READ_PARAMS_FAILED -0x3100 /**< Reading of the DHM parameters failed. */
#define POLARSSL_ERR_DHM_MAKE_PARAMS_FAILED -0x3180 /**< Making of the DHM parameters failed. */ #define MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED -0x3180 /**< Making of the DHM parameters failed. */
#define POLARSSL_ERR_DHM_READ_PUBLIC_FAILED -0x3200 /**< Reading of the public values failed. */ #define MBEDTLS_ERR_DHM_READ_PUBLIC_FAILED -0x3200 /**< Reading of the public values failed. */
#define POLARSSL_ERR_DHM_MAKE_PUBLIC_FAILED -0x3280 /**< Making of the public value failed. */ #define MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED -0x3280 /**< Making of the public value failed. */
#define POLARSSL_ERR_DHM_CALC_SECRET_FAILED -0x3300 /**< Calculation of the DHM secret failed. */ #define MBEDTLS_ERR_DHM_CALC_SECRET_FAILED -0x3300 /**< Calculation of the DHM secret failed. */
#define POLARSSL_ERR_DHM_INVALID_FORMAT -0x3380 /**< The ASN.1 data is not formatted correctly. */ #define MBEDTLS_ERR_DHM_INVALID_FORMAT -0x3380 /**< The ASN.1 data is not formatted correctly. */
#define POLARSSL_ERR_DHM_MALLOC_FAILED -0x3400 /**< Allocation of memory failed. */ #define MBEDTLS_ERR_DHM_MALLOC_FAILED -0x3400 /**< Allocation of memory failed. */
#define POLARSSL_ERR_DHM_FILE_IO_ERROR -0x3480 /**< Read/write of file failed. */ #define MBEDTLS_ERR_DHM_FILE_IO_ERROR -0x3480 /**< Read/write of file failed. */
/** /**
* RFC 2409 defines a number of standardized Diffie-Hellman groups * RFC 2409 defines a number of standardized Diffie-Hellman groups
@ -56,7 +56,7 @@
* RFC 5114 2.1. 1024-bit MODP Group with 160-bit Prime Order Subgroup * RFC 5114 2.1. 1024-bit MODP Group with 160-bit Prime Order Subgroup
* RFC 5114 2.2. 2048-bit MODP Group with 224-bit Prime Order Subgroup * RFC 5114 2.2. 2048-bit MODP Group with 224-bit Prime Order Subgroup
*/ */
#define POLARSSL_DHM_RFC2409_MODP_1024_P \ #define MBEDTLS_DHM_RFC2409_MODP_1024_P \
"FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \ "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \
"29024E088A67CC74020BBEA63B139B22514A08798E3404DD" \ "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" \
"EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" \ "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" \
@ -64,9 +64,9 @@
"EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381" \ "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381" \
"FFFFFFFFFFFFFFFF" "FFFFFFFFFFFFFFFF"
#define POLARSSL_DHM_RFC2409_MODP_1024_G "02" #define MBEDTLS_DHM_RFC2409_MODP_1024_G "02"
#define POLARSSL_DHM_RFC3526_MODP_2048_P \ #define MBEDTLS_DHM_RFC3526_MODP_2048_P \
"FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \ "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \
"29024E088A67CC74020BBEA63B139B22514A08798E3404DD" \ "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" \
"EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" \ "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" \
@ -79,9 +79,9 @@
"DE2BCBF6955817183995497CEA956AE515D2261898FA0510" \ "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" \
"15728E5A8AACAA68FFFFFFFFFFFFFFFF" "15728E5A8AACAA68FFFFFFFFFFFFFFFF"
#define POLARSSL_DHM_RFC3526_MODP_2048_G "02" #define MBEDTLS_DHM_RFC3526_MODP_2048_G "02"
#define POLARSSL_DHM_RFC3526_MODP_3072_P \ #define MBEDTLS_DHM_RFC3526_MODP_3072_P \
"FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \ "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \
"29024E088A67CC74020BBEA63B139B22514A08798E3404DD" \ "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" \
"EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" \ "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" \
@ -99,9 +99,9 @@
"BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31" \ "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31" \
"43DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF" "43DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF"
#define POLARSSL_DHM_RFC3526_MODP_3072_G "02" #define MBEDTLS_DHM_RFC3526_MODP_3072_G "02"
#define POLARSSL_DHM_RFC5114_MODP_1024_P \ #define MBEDTLS_DHM_RFC5114_MODP_1024_P \
"B10B8F96A080E01DDE92DE5EAE5D54EC52C99FBCFB06A3C6" \ "B10B8F96A080E01DDE92DE5EAE5D54EC52C99FBCFB06A3C6" \
"9A6A9DCA52D23B616073E28675A23D189838EF1E2EE652C0" \ "9A6A9DCA52D23B616073E28675A23D189838EF1E2EE652C0" \
"13ECB4AEA906112324975C3CD49B83BFACCBDD7D90C4BD70" \ "13ECB4AEA906112324975C3CD49B83BFACCBDD7D90C4BD70" \
@ -109,7 +109,7 @@
"A151AF5F0DC8B4BD45BF37DF365C1A65E68CFDA76D4DA708" \ "A151AF5F0DC8B4BD45BF37DF365C1A65E68CFDA76D4DA708" \
"DF1FB2BC2E4A4371" "DF1FB2BC2E4A4371"
#define POLARSSL_DHM_RFC5114_MODP_1024_G \ #define MBEDTLS_DHM_RFC5114_MODP_1024_G \
"A4D1CBD5C3FD34126765A442EFB99905F8104DD258AC507F" \ "A4D1CBD5C3FD34126765A442EFB99905F8104DD258AC507F" \
"D6406CFF14266D31266FEA1E5C41564B777E690F5504F213" \ "D6406CFF14266D31266FEA1E5C41564B777E690F5504F213" \
"160217B4B01B886A5E91547F9E2749F4D7FBD7D3B9A92EE1" \ "160217B4B01B886A5E91547F9E2749F4D7FBD7D3B9A92EE1" \
@ -117,7 +117,7 @@
"D662A4D18E73AFA32D779D5918D08BC8858F4DCEF97C2A24" \ "D662A4D18E73AFA32D779D5918D08BC8858F4DCEF97C2A24" \
"855E6EEB22B3B2E5" "855E6EEB22B3B2E5"
#define POLARSSL_DHM_RFC5114_MODP_2048_P \ #define MBEDTLS_DHM_RFC5114_MODP_2048_P \
"AD107E1E9123A9D0D660FAA79559C51FA20D64E5683B9FD1" \ "AD107E1E9123A9D0D660FAA79559C51FA20D64E5683B9FD1" \
"B54B1597B61D0A75E6FA141DF95A56DBAF9A3C407BA1DF15" \ "B54B1597B61D0A75E6FA141DF95A56DBAF9A3C407BA1DF15" \
"EB3D688A309C180E1DE6B85A1274A0A66D3F8152AD6AC212" \ "EB3D688A309C180E1DE6B85A1274A0A66D3F8152AD6AC212" \
@ -130,7 +130,7 @@
"C9B53DCF4BA80A29E3FB73C16B8E75B97EF363E2FFA31F71" \ "C9B53DCF4BA80A29E3FB73C16B8E75B97EF363E2FFA31F71" \
"CF9DE5384E71B81C0AC4DFFE0C10E64F" "CF9DE5384E71B81C0AC4DFFE0C10E64F"
#define POLARSSL_DHM_RFC5114_MODP_2048_G \ #define MBEDTLS_DHM_RFC5114_MODP_2048_G \
"AC4032EF4F2D9AE39DF30B5C8FFDAC506CDEBE7B89998CAF"\ "AC4032EF4F2D9AE39DF30B5C8FFDAC506CDEBE7B89998CAF"\
"74866A08CFE4FFE3A6824A4E10B9A6F0DD921F01A70C4AFA"\ "74866A08CFE4FFE3A6824A4E10B9A6F0DD921F01A70C4AFA"\
"AB739D7700C29F52C57DB17C620A8652BE5E9001A8D66AD7"\ "AB739D7700C29F52C57DB17C620A8652BE5E9001A8D66AD7"\
@ -153,25 +153,25 @@ extern "C" {
typedef struct typedef struct
{ {
size_t len; /*!< size(P) in chars */ size_t len; /*!< size(P) in chars */
mpi P; /*!< prime modulus */ mbedtls_mpi P; /*!< prime modulus */
mpi G; /*!< generator */ mbedtls_mpi G; /*!< generator */
mpi X; /*!< secret value */ mbedtls_mpi X; /*!< secret value */
mpi GX; /*!< self = G^X mod P */ mbedtls_mpi GX; /*!< self = G^X mod P */
mpi GY; /*!< peer = G^Y mod P */ mbedtls_mpi GY; /*!< peer = G^Y mod P */
mpi K; /*!< key = GY^X mod P */ mbedtls_mpi K; /*!< key = GY^X mod P */
mpi RP; /*!< cached R^2 mod P */ mbedtls_mpi RP; /*!< cached R^2 mod P */
mpi Vi; /*!< blinding value */ mbedtls_mpi Vi; /*!< blinding value */
mpi Vf; /*!< un-blinding value */ mbedtls_mpi Vf; /*!< un-blinding value */
mpi pX; /*!< previous X */ mbedtls_mpi pX; /*!< previous X */
} }
dhm_context; mbedtls_dhm_context;
/** /**
* \brief Initialize DHM context * \brief Initialize DHM context
* *
* \param ctx DHM context to be initialized * \param ctx DHM context to be initialized
*/ */
void dhm_init( dhm_context *ctx ); void mbedtls_dhm_init( mbedtls_dhm_context *ctx );
/** /**
* \brief Parse the ServerKeyExchange parameters * \brief Parse the ServerKeyExchange parameters
@ -180,9 +180,9 @@ void dhm_init( dhm_context *ctx );
* \param p &(start of input buffer) * \param p &(start of input buffer)
* \param end end of buffer * \param end end of buffer
* *
* \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code * \return 0 if successful, or an MBEDTLS_ERR_DHM_XXX error code
*/ */
int dhm_read_params( dhm_context *ctx, int mbedtls_dhm_read_params( mbedtls_dhm_context *ctx,
unsigned char **p, unsigned char **p,
const unsigned char *end ); const unsigned char *end );
@ -198,11 +198,11 @@ int dhm_read_params( dhm_context *ctx,
* *
* \note This function assumes that ctx->P and ctx->G * \note This function assumes that ctx->P and ctx->G
* have already been properly set (for example * have already been properly set (for example
* using mpi_read_string or mpi_read_binary). * using mbedtls_mpi_read_string or mbedtls_mpi_read_binary).
* *
* \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code * \return 0 if successful, or an MBEDTLS_ERR_DHM_XXX error code
*/ */
int dhm_make_params( dhm_context *ctx, int x_size, int mbedtls_dhm_make_params( mbedtls_dhm_context *ctx, int x_size,
unsigned char *output, size_t *olen, unsigned char *output, size_t *olen,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng );
@ -214,9 +214,9 @@ int dhm_make_params( dhm_context *ctx, int x_size,
* \param input input buffer * \param input input buffer
* \param ilen size of buffer * \param ilen size of buffer
* *
* \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code * \return 0 if successful, or an MBEDTLS_ERR_DHM_XXX error code
*/ */
int dhm_read_public( dhm_context *ctx, int mbedtls_dhm_read_public( mbedtls_dhm_context *ctx,
const unsigned char *input, size_t ilen ); const unsigned char *input, size_t ilen );
/** /**
@ -229,9 +229,9 @@ int dhm_read_public( dhm_context *ctx,
* \param f_rng RNG function * \param f_rng RNG function
* \param p_rng RNG parameter * \param p_rng RNG parameter
* *
* \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code * \return 0 if successful, or an MBEDTLS_ERR_DHM_XXX error code
*/ */
int dhm_make_public( dhm_context *ctx, int x_size, int mbedtls_dhm_make_public( mbedtls_dhm_context *ctx, int x_size,
unsigned char *output, size_t olen, unsigned char *output, size_t olen,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng );
@ -246,7 +246,7 @@ int dhm_make_public( dhm_context *ctx, int x_size,
* \param f_rng RNG function, for blinding purposes * \param f_rng RNG function, for blinding purposes
* \param p_rng RNG parameter * \param p_rng RNG parameter
* *
* \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code * \return 0 if successful, or an MBEDTLS_ERR_DHM_XXX error code
* *
* \note If non-NULL, f_rng is used to blind the input as * \note If non-NULL, f_rng is used to blind the input as
* countermeasure against timing attacks. Blinding is * countermeasure against timing attacks. Blinding is
@ -254,7 +254,7 @@ int dhm_make_public( dhm_context *ctx, int x_size,
* re-used and costs nothing otherwise, so it is recommended * re-used and costs nothing otherwise, so it is recommended
* to always pass a non-NULL f_rng argument. * to always pass a non-NULL f_rng argument.
*/ */
int dhm_calc_secret( dhm_context *ctx, int mbedtls_dhm_calc_secret( mbedtls_dhm_context *ctx,
unsigned char *output, size_t *olen, unsigned char *output, size_t *olen,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng );
@ -264,9 +264,9 @@ int dhm_calc_secret( dhm_context *ctx,
* *
* \param ctx DHM context to free and clear * \param ctx DHM context to free and clear
*/ */
void dhm_free( dhm_context *ctx ); void mbedtls_dhm_free( mbedtls_dhm_context *ctx );
#if defined(POLARSSL_ASN1_PARSE_C) #if defined(MBEDTLS_ASN1_PARSE_C)
/** \ingroup x509_module */ /** \ingroup x509_module */
/** /**
* \brief Parse DHM parameters * \brief Parse DHM parameters
@ -277,10 +277,10 @@ void dhm_free( dhm_context *ctx );
* *
* \return 0 if successful, or a specific DHM or PEM error code * \return 0 if successful, or a specific DHM or PEM error code
*/ */
int dhm_parse_dhm( dhm_context *dhm, const unsigned char *dhmin, int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin,
size_t dhminlen ); size_t dhminlen );
#if defined(POLARSSL_FS_IO) #if defined(MBEDTLS_FS_IO)
/** \ingroup x509_module */ /** \ingroup x509_module */
/** /**
* \brief Load and parse DHM parameters * \brief Load and parse DHM parameters
@ -290,16 +290,16 @@ int dhm_parse_dhm( dhm_context *dhm, const unsigned char *dhmin,
* *
* \return 0 if successful, or a specific DHM or PEM error code * \return 0 if successful, or a specific DHM or PEM error code
*/ */
int dhm_parse_dhmfile( dhm_context *dhm, const char *path ); int mbedtls_dhm_parse_dhmfile( mbedtls_dhm_context *dhm, const char *path );
#endif /* POLARSSL_FS_IO */ #endif /* MBEDTLS_FS_IO */
#endif /* POLARSSL_ASN1_PARSE_C */ #endif /* MBEDTLS_ASN1_PARSE_C */
/** /**
* \brief Checkup routine * \brief Checkup routine
* *
* \return 0 if successful, or 1 if the test failed * \return 0 if successful, or 1 if the test failed
*/ */
int dhm_self_test( int verbose ); int mbedtls_dhm_self_test( int verbose );
#ifdef __cplusplus #ifdef __cplusplus
} }

74
include/mbedtls/ecdh.h
View File

@ -21,8 +21,8 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_ECDH_H #ifndef MBEDTLS_ECDH_H
#define POLARSSL_ECDH_H #define MBEDTLS_ECDH_H
#include "ecp.h" #include "ecp.h"
@ -35,26 +35,26 @@ extern "C" {
*/ */
typedef enum typedef enum
{ {
POLARSSL_ECDH_OURS, MBEDTLS_ECDH_OURS,
POLARSSL_ECDH_THEIRS, MBEDTLS_ECDH_THEIRS,
} ecdh_side; } mbedtls_ecdh_side;
/** /**
* \brief ECDH context structure * \brief ECDH context structure
*/ */
typedef struct typedef struct
{ {
ecp_group grp; /*!< elliptic curve used */ mbedtls_ecp_group grp; /*!< elliptic curve used */
mpi d; /*!< our secret value (private key) */ mbedtls_mpi d; /*!< our secret value (private key) */
ecp_point Q; /*!< our public value (public key) */ mbedtls_ecp_point Q; /*!< our public value (public key) */
ecp_point Qp; /*!< peer's public value (public key) */ mbedtls_ecp_point Qp; /*!< peer's public value (public key) */
mpi z; /*!< shared secret */ mbedtls_mpi z; /*!< shared secret */
int point_format; /*!< format for point export in TLS messages */ int point_format; /*!< format for point export in TLS messages */
ecp_point Vi; /*!< blinding value (for later) */ mbedtls_ecp_point Vi; /*!< blinding value (for later) */
ecp_point Vf; /*!< un-blinding value (for later) */ mbedtls_ecp_point Vf; /*!< un-blinding value (for later) */
mpi _d; /*!< previous d (for later) */ mbedtls_mpi _d; /*!< previous d (for later) */
} }
ecdh_context; mbedtls_ecdh_context;
/** /**
* \brief Generate a public key. * \brief Generate a public key.
@ -67,9 +67,9 @@ ecdh_context;
* \param p_rng RNG parameter * \param p_rng RNG parameter
* *
* \return 0 if successful, * \return 0 if successful,
* or a POLARSSL_ERR_ECP_XXX or POLARSSL_MPI_XXX error code * or a MBEDTLS_ERR_ECP_XXX or MBEDTLS_MPI_XXX error code
*/ */
int ecdh_gen_public( ecp_group *grp, mpi *d, ecp_point *Q, int mbedtls_ecdh_gen_public( mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng );
@ -85,14 +85,14 @@ int ecdh_gen_public( ecp_group *grp, mpi *d, ecp_point *Q,
* \param p_rng RNG parameter * \param p_rng RNG parameter
* *
* \return 0 if successful, * \return 0 if successful,
* or a POLARSSL_ERR_ECP_XXX or POLARSSL_MPI_XXX error code * or a MBEDTLS_ERR_ECP_XXX or MBEDTLS_MPI_XXX error code
* *
* \note If f_rng is not NULL, it is used to implement * \note If f_rng is not NULL, it is used to implement
* countermeasures against potential elaborate timing * countermeasures against potential elaborate timing
* attacks, see \c ecp_mul() for details. * attacks, see \c mbedtls_ecp_mul() for details.
*/ */
int ecdh_compute_shared( ecp_group *grp, mpi *z, int mbedtls_ecdh_compute_shared( mbedtls_ecp_group *grp, mbedtls_mpi *z,
const ecp_point *Q, const mpi *d, const mbedtls_ecp_point *Q, const mbedtls_mpi *d,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng );
@ -101,14 +101,14 @@ int ecdh_compute_shared( ecp_group *grp, mpi *z,
* *
* \param ctx Context to initialize * \param ctx Context to initialize
*/ */
void ecdh_init( ecdh_context *ctx ); void mbedtls_ecdh_init( mbedtls_ecdh_context *ctx );
/** /**
* \brief Free context * \brief Free context
* *
* \param ctx Context to free * \param ctx Context to free
*/ */
void ecdh_free( ecdh_context *ctx ); void mbedtls_ecdh_free( mbedtls_ecdh_context *ctx );
/** /**
* \brief Generate a public key and a TLS ServerKeyExchange payload. * \brief Generate a public key and a TLS ServerKeyExchange payload.
@ -122,11 +122,11 @@ void ecdh_free( ecdh_context *ctx );
* \param p_rng RNG parameter * \param p_rng RNG parameter
* *
* \note This function assumes that ctx->grp has already been * \note This function assumes that ctx->grp has already been
* properly set (for example using ecp_use_known_dp). * properly set (for example using mbedtls_ecp_use_known_dp).
* *
* \return 0 if successful, or an POLARSSL_ERR_ECP_XXX error code * \return 0 if successful, or an MBEDTLS_ERR_ECP_XXX error code
*/ */
int ecdh_make_params( ecdh_context *ctx, size_t *olen, int mbedtls_ecdh_make_params( mbedtls_ecdh_context *ctx, size_t *olen,
unsigned char *buf, size_t blen, unsigned char *buf, size_t blen,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng );
@ -139,9 +139,9 @@ int ecdh_make_params( ecdh_context *ctx, size_t *olen,
* \param buf pointer to start of input buffer * \param buf pointer to start of input buffer
* \param end one past end of buffer * \param end one past end of buffer
* *
* \return 0 if successful, or an POLARSSL_ERR_ECP_XXX error code * \return 0 if successful, or an MBEDTLS_ERR_ECP_XXX error code
*/ */
int ecdh_read_params( ecdh_context *ctx, int mbedtls_ecdh_read_params( mbedtls_ecdh_context *ctx,
const unsigned char **buf, const unsigned char *end ); const unsigned char **buf, const unsigned char *end );
/** /**
@ -154,10 +154,10 @@ int ecdh_read_params( ecdh_context *ctx,
* \param key EC key to use * \param key EC key to use
* \param side Is it our key (1) or the peer's key (0) ? * \param side Is it our key (1) or the peer's key (0) ?
* *
* \return 0 if successful, or an POLARSSL_ERR_ECP_XXX error code * \return 0 if successful, or an MBEDTLS_ERR_ECP_XXX error code
*/ */
int ecdh_get_params( ecdh_context *ctx, const ecp_keypair *key, int mbedtls_ecdh_get_params( mbedtls_ecdh_context *ctx, const mbedtls_ecp_keypair *key,
ecdh_side side ); mbedtls_ecdh_side side );
/** /**
* \brief Generate a public key and a TLS ClientKeyExchange payload. * \brief Generate a public key and a TLS ClientKeyExchange payload.
@ -170,9 +170,9 @@ int ecdh_get_params( ecdh_context *ctx, const ecp_keypair *key,
* \param f_rng RNG function * \param f_rng RNG function
* \param p_rng RNG parameter * \param p_rng RNG parameter
* *
* \return 0 if successful, or an POLARSSL_ERR_ECP_XXX error code * \return 0 if successful, or an MBEDTLS_ERR_ECP_XXX error code
*/ */
int ecdh_make_public( ecdh_context *ctx, size_t *olen, int mbedtls_ecdh_make_public( mbedtls_ecdh_context *ctx, size_t *olen,
unsigned char *buf, size_t blen, unsigned char *buf, size_t blen,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng );
@ -185,9 +185,9 @@ int ecdh_make_public( ecdh_context *ctx, size_t *olen,
* \param buf start of input buffer * \param buf start of input buffer
* \param blen length of input buffer * \param blen length of input buffer
* *
* \return 0 if successful, or an POLARSSL_ERR_ECP_XXX error code * \return 0 if successful, or an MBEDTLS_ERR_ECP_XXX error code
*/ */
int ecdh_read_public( ecdh_context *ctx, int mbedtls_ecdh_read_public( mbedtls_ecdh_context *ctx,
const unsigned char *buf, size_t blen ); const unsigned char *buf, size_t blen );
/** /**
@ -198,12 +198,12 @@ int ecdh_read_public( ecdh_context *ctx,
* \param olen number of bytes written * \param olen number of bytes written
* \param buf destination buffer * \param buf destination buffer
* \param blen buffer length * \param blen buffer length
* \param f_rng RNG function, see notes for \c ecdh_compute_shared() * \param f_rng RNG function, see notes for \c mbedtls_ecdh_compute_shared()
* \param p_rng RNG parameter * \param p_rng RNG parameter
* *
* \return 0 if successful, or an POLARSSL_ERR_ECP_XXX error code * \return 0 if successful, or an MBEDTLS_ERR_ECP_XXX error code
*/ */
int ecdh_calc_secret( ecdh_context *ctx, size_t *olen, int mbedtls_ecdh_calc_secret( mbedtls_ecdh_context *ctx, size_t *olen,
unsigned char *buf, size_t blen, unsigned char *buf, size_t blen,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng );

98
include/mbedtls/ecdsa.h
View File

@ -21,8 +21,8 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_ECDSA_H #ifndef MBEDTLS_ECDSA_H
#define POLARSSL_ECDSA_H #define MBEDTLS_ECDSA_H
#include "ecp.h" #include "ecp.h"
#include "md.h" #include "md.h"
@ -41,16 +41,16 @@
* (assuming ECP_MAX_BYTES is less than 126 for r and s, * (assuming ECP_MAX_BYTES is less than 126 for r and s,
* and less than 124 (total len <= 255) for the sequence) * and less than 124 (total len <= 255) for the sequence)
*/ */
#if POLARSSL_ECP_MAX_BYTES > 124 #if MBEDTLS_ECP_MAX_BYTES > 124
#error "POLARSSL_ECP_MAX_BYTES bigger than expected, please fix POLARSSL_ECDSA_MAX_LEN" #error "MBEDTLS_ECP_MAX_BYTES bigger than expected, please fix MBEDTLS_ECDSA_MAX_LEN"
#endif #endif
/** Maximum size of an ECDSA signature in bytes */ /** Maximum size of an ECDSA signature in bytes */
#define POLARSSL_ECDSA_MAX_LEN ( 3 + 2 * ( 3 + POLARSSL_ECP_MAX_BYTES ) ) #define MBEDTLS_ECDSA_MAX_LEN ( 3 + 2 * ( 3 + MBEDTLS_ECP_MAX_BYTES ) )
/** /**
* \brief ECDSA context structure * \brief ECDSA context structure
*/ */
typedef ecp_keypair ecdsa_context; typedef mbedtls_ecp_keypair mbedtls_ecdsa_context;
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
@ -71,13 +71,13 @@ extern "C" {
* \param p_rng RNG parameter * \param p_rng RNG parameter
* *
* \return 0 if successful, * \return 0 if successful,
* or a POLARSSL_ERR_ECP_XXX or POLARSSL_MPI_XXX error code * or a MBEDTLS_ERR_ECP_XXX or MBEDTLS_MPI_XXX error code
*/ */
int ecdsa_sign( ecp_group *grp, mpi *r, mpi *s, int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s,
const mpi *d, const unsigned char *buf, size_t blen, const mbedtls_mpi *d, const unsigned char *buf, size_t blen,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
#if defined(POLARSSL_ECDSA_DETERMINISTIC) #if defined(MBEDTLS_ECDSA_DETERMINISTIC)
/** /**
* \brief Compute ECDSA signature of a previously hashed message, * \brief Compute ECDSA signature of a previously hashed message,
* deterministic version (RFC 6979). * deterministic version (RFC 6979).
@ -91,12 +91,12 @@ int ecdsa_sign( ecp_group *grp, mpi *r, mpi *s,
* \param md_alg MD algorithm used to hash the message * \param md_alg MD algorithm used to hash the message
* *
* \return 0 if successful, * \return 0 if successful,
* or a POLARSSL_ERR_ECP_XXX or POLARSSL_MPI_XXX error code * or a MBEDTLS_ERR_ECP_XXX or MBEDTLS_MPI_XXX error code
*/ */
int ecdsa_sign_det( ecp_group *grp, mpi *r, mpi *s, int mbedtls_ecdsa_sign_det( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s,
const mpi *d, const unsigned char *buf, size_t blen, const mbedtls_mpi *d, const unsigned char *buf, size_t blen,
md_type_t md_alg ); mbedtls_md_type_t md_alg );
#endif /* POLARSSL_ECDSA_DETERMINISTIC */ #endif /* MBEDTLS_ECDSA_DETERMINISTIC */
/** /**
* \brief Verify ECDSA signature of a previously hashed message * \brief Verify ECDSA signature of a previously hashed message
@ -109,12 +109,12 @@ int ecdsa_sign_det( ecp_group *grp, mpi *r, mpi *s,
* \param s Second integer of the signature * \param s Second integer of the signature
* *
* \return 0 if successful, * \return 0 if successful,
* POLARSSL_ERR_ECP_BAD_INPUT_DATA if signature is invalid * MBEDTLS_ERR_ECP_BAD_INPUT_DATA if signature is invalid
* or a POLARSSL_ERR_ECP_XXX or POLARSSL_MPI_XXX error code * or a MBEDTLS_ERR_ECP_XXX or MBEDTLS_MPI_XXX error code
*/ */
int ecdsa_verify( ecp_group *grp, int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp,
const unsigned char *buf, size_t blen, const unsigned char *buf, size_t blen,
const ecp_point *Q, const mpi *r, const mpi *s); const mbedtls_ecp_point *Q, const mbedtls_mpi *r, const mbedtls_mpi *s);
/** /**
* \brief Compute ECDSA signature and write it to buffer, * \brief Compute ECDSA signature and write it to buffer,
@ -122,7 +122,7 @@ int ecdsa_verify( ecp_group *grp,
* (Not thread-safe to use same context in multiple threads) * (Not thread-safe to use same context in multiple threads)
* *
* \note The deterministice version (RFC 6979) is used if * \note The deterministice version (RFC 6979) is used if
* POLARSSL_ECDSA_DETERMINISTIC is defined. * MBEDTLS_ECDSA_DETERMINISTIC is defined.
* *
* \param ctx ECDSA context * \param ctx ECDSA context
* \param md_alg Algorithm that was used to hash the message * \param md_alg Algorithm that was used to hash the message
@ -135,24 +135,24 @@ int ecdsa_verify( ecp_group *grp,
* *
* \note The "sig" buffer must be at least as large as twice the * \note The "sig" buffer must be at least as large as twice the
* size of the curve used, plus 9 (eg. 73 bytes if a 256-bit * size of the curve used, plus 9 (eg. 73 bytes if a 256-bit
* curve is used). POLARSSL_ECDSA_MAX_LEN is always safe. * curve is used). MBEDTLS_ECDSA_MAX_LEN is always safe.
* *
* \return 0 if successful, * \return 0 if successful,
* or a POLARSSL_ERR_ECP_XXX, POLARSSL_ERR_MPI_XXX or * or a MBEDTLS_ERR_ECP_XXX, MBEDTLS_ERR_MPI_XXX or
* POLARSSL_ERR_ASN1_XXX error code * MBEDTLS_ERR_ASN1_XXX error code
*/ */
int ecdsa_write_signature( ecdsa_context *ctx, md_type_t md_alg, int mbedtls_ecdsa_write_signature( mbedtls_ecdsa_context *ctx, mbedtls_md_type_t md_alg,
const unsigned char *hash, size_t hlen, const unsigned char *hash, size_t hlen,
unsigned char *sig, size_t *slen, unsigned char *sig, size_t *slen,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng );
#if defined(POLARSSL_ECDSA_DETERMINISTIC) #if defined(MBEDTLS_ECDSA_DETERMINISTIC)
#if ! defined(POLARSSL_DEPRECATED_REMOVED) #if ! defined(MBEDTLS_DEPRECATED_REMOVED)
#if defined(POLARSSL_DEPRECATED_WARNING) #if defined(MBEDTLS_DEPRECATED_WARNING)
#define DEPRECATED __attribute__((deprecated)) #define MBEDTLS_DEPRECATED __attribute__((deprecated))
#else #else
#define DEPRECATED #define MBEDTLS_DEPRECATED
#endif #endif
/** /**
* \brief Compute ECDSA signature and write it to buffer, * \brief Compute ECDSA signature and write it to buffer,
@ -160,7 +160,7 @@ int ecdsa_write_signature( ecdsa_context *ctx, md_type_t md_alg,
* Deterministic version, RFC 6979. * Deterministic version, RFC 6979.
* (Not thread-safe to use same context in multiple threads) * (Not thread-safe to use same context in multiple threads)
* *
* \deprecated Superseded by ecdsa_write_signature() in 2.0.0 * \deprecated Superseded by mbedtls_ecdsa_write_signature() in 2.0.0
* *
* \param ctx ECDSA context * \param ctx ECDSA context
* \param hash Message hash * \param hash Message hash
@ -171,19 +171,19 @@ int ecdsa_write_signature( ecdsa_context *ctx, md_type_t md_alg,
* *
* \note The "sig" buffer must be at least as large as twice the * \note The "sig" buffer must be at least as large as twice the
* size of the curve used, plus 9 (eg. 73 bytes if a 256-bit * size of the curve used, plus 9 (eg. 73 bytes if a 256-bit
* curve is used). POLARSSL_ECDSA_MAX_LEN is always safe. * curve is used). MBEDTLS_ECDSA_MAX_LEN is always safe.
* *
* \return 0 if successful, * \return 0 if successful,
* or a POLARSSL_ERR_ECP_XXX, POLARSSL_ERR_MPI_XXX or * or a MBEDTLS_ERR_ECP_XXX, MBEDTLS_ERR_MPI_XXX or
* POLARSSL_ERR_ASN1_XXX error code * MBEDTLS_ERR_ASN1_XXX error code
*/ */
int ecdsa_write_signature_det( ecdsa_context *ctx, int mbedtls_ecdsa_write_signature_det( mbedtls_ecdsa_context *ctx,
const unsigned char *hash, size_t hlen, const unsigned char *hash, size_t hlen,
unsigned char *sig, size_t *slen, unsigned char *sig, size_t *slen,
md_type_t md_alg ) DEPRECATED; mbedtls_md_type_t md_alg ) MBEDTLS_DEPRECATED;
#undef DEPRECATED #undef MBEDTLS_DEPRECATED
#endif /* POLARSSL_DEPRECATED_REMOVED */ #endif /* MBEDTLS_DEPRECATED_REMOVED */
#endif /* POLARSSL_ECDSA_DETERMINISTIC */ #endif /* MBEDTLS_ECDSA_DETERMINISTIC */
/** /**
* \brief Read and verify an ECDSA signature * \brief Read and verify an ECDSA signature
@ -195,12 +195,12 @@ int ecdsa_write_signature_det( ecdsa_context *ctx,
* \param slen Size of sig * \param slen Size of sig
* *
* \return 0 if successful, * \return 0 if successful,
* POLARSSL_ERR_ECP_BAD_INPUT_DATA if signature is invalid, * MBEDTLS_ERR_ECP_BAD_INPUT_DATA if signature is invalid,
* POLARSSL_ERR_ECP_SIG_LEN_MISMATCH if the signature is * MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH if the signature is
* valid but its actual length is less than siglen, * valid but its actual length is less than siglen,
* or a POLARSSL_ERR_ECP_XXX or POLARSSL_ERR_MPI_XXX error code * or a MBEDTLS_ERR_ECP_XXX or MBEDTLS_ERR_MPI_XXX error code
*/ */
int ecdsa_read_signature( ecdsa_context *ctx, int mbedtls_ecdsa_read_signature( mbedtls_ecdsa_context *ctx,
const unsigned char *hash, size_t hlen, const unsigned char *hash, size_t hlen,
const unsigned char *sig, size_t slen ); const unsigned char *sig, size_t slen );
@ -209,13 +209,13 @@ int ecdsa_read_signature( ecdsa_context *ctx,
* *
* \param ctx ECDSA context in which the keypair should be stored * \param ctx ECDSA context in which the keypair should be stored
* \param gid Group (elliptic curve) to use. One of the various * \param gid Group (elliptic curve) to use. One of the various
* POLARSSL_ECP_DP_XXX macros depending on configuration. * MBEDTLS_ECP_DP_XXX macros depending on configuration.
* \param f_rng RNG function * \param f_rng RNG function
* \param p_rng RNG parameter * \param p_rng RNG parameter
* *
* \return 0 on success, or a POLARSSL_ERR_ECP_XXX code. * \return 0 on success, or a MBEDTLS_ERR_ECP_XXX code.
*/ */
int ecdsa_genkey( ecdsa_context *ctx, ecp_group_id gid, int mbedtls_ecdsa_genkey( mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
/** /**
@ -224,23 +224,23 @@ int ecdsa_genkey( ecdsa_context *ctx, ecp_group_id gid,
* \param ctx ECDSA context to set * \param ctx ECDSA context to set
* \param key EC key to use * \param key EC key to use
* *
* \return 0 on success, or a POLARSSL_ERR_ECP_XXX code. * \return 0 on success, or a MBEDTLS_ERR_ECP_XXX code.
*/ */
int ecdsa_from_keypair( ecdsa_context *ctx, const ecp_keypair *key ); int mbedtls_ecdsa_from_keypair( mbedtls_ecdsa_context *ctx, const mbedtls_ecp_keypair *key );
/** /**
* \brief Initialize context * \brief Initialize context
* *
* \param ctx Context to initialize * \param ctx Context to initialize
*/ */
void ecdsa_init( ecdsa_context *ctx ); void mbedtls_ecdsa_init( mbedtls_ecdsa_context *ctx );
/** /**
* \brief Free context * \brief Free context
* *
* \param ctx Context to free * \param ctx Context to free
*/ */
void ecdsa_free( ecdsa_context *ctx ); void mbedtls_ecdsa_free( mbedtls_ecdsa_context *ctx );
#ifdef __cplusplus #ifdef __cplusplus
} }

292
include/mbedtls/ecp.h
View File

@ -21,22 +21,22 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_ECP_H #ifndef MBEDTLS_ECP_H
#define POLARSSL_ECP_H #define MBEDTLS_ECP_H
#include "bignum.h" #include "bignum.h"
/* /*
* ECP error codes * ECP error codes
*/ */
#define POLARSSL_ERR_ECP_BAD_INPUT_DATA -0x4F80 /**< Bad input parameters to function. */ #define MBEDTLS_ERR_ECP_BAD_INPUT_DATA -0x4F80 /**< Bad input parameters to function. */
#define POLARSSL_ERR_ECP_BUFFER_TOO_SMALL -0x4F00 /**< The buffer is too small to write to. */ #define MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL -0x4F00 /**< The buffer is too small to write to. */
#define POLARSSL_ERR_ECP_FEATURE_UNAVAILABLE -0x4E80 /**< Requested curve not available. */ #define MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE -0x4E80 /**< Requested curve not available. */
#define POLARSSL_ERR_ECP_VERIFY_FAILED -0x4E00 /**< The signature is not valid. */ #define MBEDTLS_ERR_ECP_VERIFY_FAILED -0x4E00 /**< The signature is not valid. */
#define POLARSSL_ERR_ECP_MALLOC_FAILED -0x4D80 /**< Memory allocation failed. */ #define MBEDTLS_ERR_ECP_MALLOC_FAILED -0x4D80 /**< Memory allocation failed. */
#define POLARSSL_ERR_ECP_RANDOM_FAILED -0x4D00 /**< Generation of random value, such as (ephemeral) key, failed. */ #define MBEDTLS_ERR_ECP_RANDOM_FAILED -0x4D00 /**< Generation of random value, such as (ephemeral) key, failed. */
#define POLARSSL_ERR_ECP_INVALID_KEY -0x4C80 /**< Invalid private or public key. */ #define MBEDTLS_ERR_ECP_INVALID_KEY -0x4C80 /**< Invalid private or public key. */
#define POLARSSL_ERR_ECP_SIG_LEN_MISMATCH -0x4C00 /**< Signature is valid but shorter than the user-supplied length. */ #define MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH -0x4C00 /**< Signature is valid but shorter than the user-supplied length. */
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
@ -49,45 +49,45 @@ extern "C" {
* *
* \warning This library does not support validation of arbitrary domain * \warning This library does not support validation of arbitrary domain
* parameters. Therefore, only well-known domain parameters from trusted * parameters. Therefore, only well-known domain parameters from trusted
* sources should be used. See ecp_use_known_dp(). * sources should be used. See mbedtls_ecp_use_known_dp().
*/ */
typedef enum typedef enum
{ {
POLARSSL_ECP_DP_NONE = 0, MBEDTLS_ECP_DP_NONE = 0,
POLARSSL_ECP_DP_SECP192R1, /*!< 192-bits NIST curve */ MBEDTLS_ECP_DP_SECP192R1, /*!< 192-bits NIST curve */
POLARSSL_ECP_DP_SECP224R1, /*!< 224-bits NIST curve */ MBEDTLS_ECP_DP_SECP224R1, /*!< 224-bits NIST curve */
POLARSSL_ECP_DP_SECP256R1, /*!< 256-bits NIST curve */ MBEDTLS_ECP_DP_SECP256R1, /*!< 256-bits NIST curve */
POLARSSL_ECP_DP_SECP384R1, /*!< 384-bits NIST curve */ MBEDTLS_ECP_DP_SECP384R1, /*!< 384-bits NIST curve */
POLARSSL_ECP_DP_SECP521R1, /*!< 521-bits NIST curve */ MBEDTLS_ECP_DP_SECP521R1, /*!< 521-bits NIST curve */
POLARSSL_ECP_DP_BP256R1, /*!< 256-bits Brainpool curve */ MBEDTLS_ECP_DP_BP256R1, /*!< 256-bits Brainpool curve */
POLARSSL_ECP_DP_BP384R1, /*!< 384-bits Brainpool curve */ MBEDTLS_ECP_DP_BP384R1, /*!< 384-bits Brainpool curve */
POLARSSL_ECP_DP_BP512R1, /*!< 512-bits Brainpool curve */ MBEDTLS_ECP_DP_BP512R1, /*!< 512-bits Brainpool curve */
POLARSSL_ECP_DP_M221, /*!< (not implemented yet) */ MBEDTLS_ECP_DP_M221, /*!< (not implemented yet) */
POLARSSL_ECP_DP_M255, /*!< Curve25519 */ MBEDTLS_ECP_DP_M255, /*!< Curve25519 */
POLARSSL_ECP_DP_M383, /*!< (not implemented yet) */ MBEDTLS_ECP_DP_M383, /*!< (not implemented yet) */
POLARSSL_ECP_DP_M511, /*!< (not implemented yet) */ MBEDTLS_ECP_DP_M511, /*!< (not implemented yet) */
POLARSSL_ECP_DP_SECP192K1, /*!< 192-bits "Koblitz" curve */ MBEDTLS_ECP_DP_SECP192K1, /*!< 192-bits "Koblitz" curve */
POLARSSL_ECP_DP_SECP224K1, /*!< 224-bits "Koblitz" curve */ MBEDTLS_ECP_DP_SECP224K1, /*!< 224-bits "Koblitz" curve */
POLARSSL_ECP_DP_SECP256K1, /*!< 256-bits "Koblitz" curve */ MBEDTLS_ECP_DP_SECP256K1, /*!< 256-bits "Koblitz" curve */
} ecp_group_id; } mbedtls_ecp_group_id;
/** /**
* Number of supported curves (plus one for NONE). * Number of supported curves (plus one for NONE).
* *
* (Montgomery curves excluded for now.) * (Montgomery curves excluded for now.)
*/ */
#define POLARSSL_ECP_DP_MAX 12 #define MBEDTLS_ECP_DP_MAX 12
/** /**
* Curve information for use by other modules * Curve information for use by other modules
*/ */
typedef struct typedef struct
{ {
ecp_group_id grp_id; /*!< Internal identifier */ mbedtls_ecp_group_id grp_id; /*!< Internal identifier */
uint16_t tls_id; /*!< TLS NamedCurve identifier */ uint16_t tls_id; /*!< TLS NamedCurve identifier */
uint16_t size; /*!< Curve size in bits */ uint16_t size; /*!< Curve size in bits */
const char *name; /*!< Human-friendly name */ const char *name; /*!< Human-friendly name */
} ecp_curve_info; } mbedtls_ecp_curve_info;
/** /**
* \brief ECP point structure (jacobian coordinates) * \brief ECP point structure (jacobian coordinates)
@ -100,11 +100,11 @@ typedef struct
*/ */
typedef struct typedef struct
{ {
mpi X; /*!< the point's X coordinate */ mbedtls_mpi X; /*!< the point's X coordinate */
mpi Y; /*!< the point's Y coordinate */ mbedtls_mpi Y; /*!< the point's Y coordinate */
mpi Z; /*!< the point's Z coordinate */ mbedtls_mpi Z; /*!< the point's Z coordinate */
} }
ecp_point; mbedtls_ecp_point;
/** /**
* \brief ECP group structure * \brief ECP group structure
@ -117,14 +117,14 @@ ecp_point;
* cardinal is denoted by N. * cardinal is denoted by N.
* *
* In the case of Short Weierstrass curves, our code requires that N is an odd * In the case of Short Weierstrass curves, our code requires that N is an odd
* prime. (Use odd in ecp_mul() and prime in ecdsa_sign() for blinding.) * prime. (Use odd in mbedtls_ecp_mul() and prime in mbedtls_ecdsa_sign() for blinding.)
* *
* In the case of Montgomery curves, we don't store A but (A + 2) / 4 which is * In the case of Montgomery curves, we don't store A but (A + 2) / 4 which is
* the quantity actually used in the formulas. Also, nbits is not the size of N * the quantity actually used in the formulas. Also, nbits is not the size of N
* but the required size for private keys. * but the required size for private keys.
* *
* If modp is NULL, reduction modulo P is done using a generic algorithm. * If modp is NULL, reduction modulo P is done using a generic algorithm.
* Otherwise, it must point to a function that takes an mpi in the range * Otherwise, it must point to a function that takes an mbedtls_mpi in the range
* 0..2^(2*pbits)-1 and transforms it in-place in an integer of little more * 0..2^(2*pbits)-1 and transforms it in-place in an integer of little more
* than pbits, so that the integer may be efficiently brought in the 0..P-1 * than pbits, so that the integer may be efficiently brought in the 0..P-1
* range by a few additions or substractions. It must return 0 on success and * range by a few additions or substractions. It must return 0 on success and
@ -132,38 +132,38 @@ ecp_point;
*/ */
typedef struct typedef struct
{ {
ecp_group_id id; /*!< internal group identifier */ mbedtls_ecp_group_id id; /*!< internal group identifier */
mpi P; /*!< prime modulus of the base field */ mbedtls_mpi P; /*!< prime modulus of the base field */
mpi A; /*!< 1. A in the equation, or 2. (A + 2) / 4 */ mbedtls_mpi A; /*!< 1. A in the equation, or 2. (A + 2) / 4 */
mpi B; /*!< 1. B in the equation, or 2. unused */ mbedtls_mpi B; /*!< 1. B in the equation, or 2. unused */
ecp_point G; /*!< generator of the (sub)group used */ mbedtls_ecp_point G; /*!< generator of the (sub)group used */
mpi N; /*!< 1. the order of G, or 2. unused */ mbedtls_mpi N; /*!< 1. the order of G, or 2. unused */
size_t pbits; /*!< number of bits in P */ size_t pbits; /*!< number of bits in P */
size_t nbits; /*!< number of bits in 1. P, or 2. private keys */ size_t nbits; /*!< number of bits in 1. P, or 2. private keys */
unsigned int h; /*!< internal: 1 if the constants are static */ unsigned int h; /*!< internal: 1 if the constants are static */
int (*modp)(mpi *); /*!< function for fast reduction mod P */ int (*modp)(mbedtls_mpi *); /*!< function for fast reduction mod P */
int (*t_pre)(ecp_point *, void *); /*!< unused */ int (*t_pre)(mbedtls_ecp_point *, void *); /*!< unused */
int (*t_post)(ecp_point *, void *); /*!< unused */ int (*t_post)(mbedtls_ecp_point *, void *); /*!< unused */
void *t_data; /*!< unused */ void *t_data; /*!< unused */
ecp_point *T; /*!< pre-computed points for ecp_mul_comb() */ mbedtls_ecp_point *T; /*!< pre-computed points for ecp_mul_comb() */
size_t T_size; /*!< number for pre-computed points */ size_t T_size; /*!< number for pre-computed points */
} }
ecp_group; mbedtls_ecp_group;
/** /**
* \brief ECP key pair structure * \brief ECP key pair structure
* *
* A generic key pair that could be used for ECDSA, fixed ECDH, etc. * A generic key pair that could be used for ECDSA, fixed ECDH, etc.
* *
* \note Members purposefully in the same order as struc ecdsa_context. * \note Members purposefully in the same order as struc mbedtls_ecdsa_context.
*/ */
typedef struct typedef struct
{ {
ecp_group grp; /*!< Elliptic curve and base point */ mbedtls_ecp_group grp; /*!< Elliptic curve and base point */
mpi d; /*!< our secret value */ mbedtls_mpi d; /*!< our secret value */
ecp_point Q; /*!< our public value */ mbedtls_ecp_point Q; /*!< our public value */
} }
ecp_keypair; mbedtls_ecp_keypair;
/** /**
* \name SECTION: Module settings * \name SECTION: Module settings
@ -173,23 +173,23 @@ ecp_keypair;
* \{ * \{
*/ */
#if !defined(POLARSSL_ECP_MAX_BITS) #if !defined(MBEDTLS_ECP_MAX_BITS)
/** /**
* Maximum size of the groups (that is, of N and P) * Maximum size of the groups (that is, of N and P)
*/ */
#define POLARSSL_ECP_MAX_BITS 521 /**< Maximum bit size of groups */ #define MBEDTLS_ECP_MAX_BITS 521 /**< Maximum bit size of groups */
#endif #endif
#define POLARSSL_ECP_MAX_BYTES ( ( POLARSSL_ECP_MAX_BITS + 7 ) / 8 ) #define MBEDTLS_ECP_MAX_BYTES ( ( MBEDTLS_ECP_MAX_BITS + 7 ) / 8 )
#define POLARSSL_ECP_MAX_PT_LEN ( 2 * POLARSSL_ECP_MAX_BYTES + 1 ) #define MBEDTLS_ECP_MAX_PT_LEN ( 2 * MBEDTLS_ECP_MAX_BYTES + 1 )
#if !defined(POLARSSL_ECP_WINDOW_SIZE) #if !defined(MBEDTLS_ECP_WINDOW_SIZE)
/* /*
* Maximum "window" size used for point multiplication. * Maximum "window" size used for point multiplication.
* Default: 6. * Default: 6.
* Minimum value: 2. Maximum value: 7. * Minimum value: 2. Maximum value: 7.
* *
* Result is an array of at most ( 1 << ( POLARSSL_ECP_WINDOW_SIZE - 1 ) ) * Result is an array of at most ( 1 << ( MBEDTLS_ECP_WINDOW_SIZE - 1 ) )
* points used for point multiplication. This value is directly tied to EC * points used for point multiplication. This value is directly tied to EC
* peak memory usage, so decreasing it by one should roughly cut memory usage * peak memory usage, so decreasing it by one should roughly cut memory usage
* by two (if large curves are in use). * by two (if large curves are in use).
@ -204,10 +204,10 @@ ecp_keypair;
* 224 475 475 453 398 342 * 224 475 475 453 398 342
* 192 640 640 633 587 476 * 192 640 640 633 587 476
*/ */
#define POLARSSL_ECP_WINDOW_SIZE 6 /**< Maximum window size used */ #define MBEDTLS_ECP_WINDOW_SIZE 6 /**< Maximum window size used */
#endif /* POLARSSL_ECP_WINDOW_SIZE */ #endif /* MBEDTLS_ECP_WINDOW_SIZE */
#if !defined(POLARSSL_ECP_FIXED_POINT_OPTIM) #if !defined(MBEDTLS_ECP_FIXED_POINT_OPTIM)
/* /*
* Trade memory for speed on fixed-point multiplication. * Trade memory for speed on fixed-point multiplication.
* *
@ -219,21 +219,21 @@ ecp_keypair;
* *
* Change this value to 0 to reduce peak memory usage. * Change this value to 0 to reduce peak memory usage.
*/ */
#define POLARSSL_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */ #define MBEDTLS_ECP_FIXED_POINT_OPTIM 1 /**< Enable fixed-point speed-up */
#endif /* POLARSSL_ECP_FIXED_POINT_OPTIM */ #endif /* MBEDTLS_ECP_FIXED_POINT_OPTIM */
/* \} name SECTION: Module settings */ /* \} name SECTION: Module settings */
/* /*
* Point formats, from RFC 4492's enum ECPointFormat * Point formats, from RFC 4492's enum ECPointFormat
*/ */
#define POLARSSL_ECP_PF_UNCOMPRESSED 0 /**< Uncompressed point format */ #define MBEDTLS_ECP_PF_UNCOMPRESSED 0 /**< Uncompressed point format */
#define POLARSSL_ECP_PF_COMPRESSED 1 /**< Compressed point format */ #define MBEDTLS_ECP_PF_COMPRESSED 1 /**< Compressed point format */
/* /*
* Some other constants from RFC 4492 * Some other constants from RFC 4492
*/ */
#define POLARSSL_ECP_TLS_NAMED_CURVE 3 /**< ECCurveType's named_curve */ #define MBEDTLS_ECP_TLS_NAMED_CURVE 3 /**< ECCurveType's named_curve */
/** /**
* \brief Get the list of supported curves in order of preferrence * \brief Get the list of supported curves in order of preferrence
@ -241,34 +241,34 @@ ecp_keypair;
* *
* \return A statically allocated array, the last entry is 0. * \return A statically allocated array, the last entry is 0.
*/ */
const ecp_curve_info *ecp_curve_list( void ); const mbedtls_ecp_curve_info *mbedtls_ecp_curve_list( void );
/** /**
* \brief Get the list of supported curves in order of preferrence * \brief Get the list of supported curves in order of preferrence
* (grp_id only) * (grp_id only)
* *
* \return A statically allocated array, * \return A statically allocated array,
* terminated with POLARSSL_ECP_DP_NONE. * terminated with MBEDTLS_ECP_DP_NONE.
*/ */
const ecp_group_id *ecp_grp_id_list( void ); const mbedtls_ecp_group_id *mbedtls_ecp_grp_id_list( void );
/** /**
* \brief Get curve information from an internal group identifier * \brief Get curve information from an internal group identifier
* *
* \param grp_id A POLARSSL_ECP_DP_XXX value * \param grp_id A MBEDTLS_ECP_DP_XXX value
* *
* \return The associated curve information or NULL * \return The associated curve information or NULL
*/ */
const ecp_curve_info *ecp_curve_info_from_grp_id( ecp_group_id grp_id ); const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_grp_id( mbedtls_ecp_group_id grp_id );
/** /**
* \brief Get curve information from a TLS NamedCurve value * \brief Get curve information from a TLS NamedCurve value
* *
* \param tls_id A POLARSSL_ECP_DP_XXX value * \param tls_id A MBEDTLS_ECP_DP_XXX value
* *
* \return The associated curve information or NULL * \return The associated curve information or NULL
*/ */
const ecp_curve_info *ecp_curve_info_from_tls_id( uint16_t tls_id ); const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_tls_id( uint16_t tls_id );
/** /**
* \brief Get curve information from a human-readable name * \brief Get curve information from a human-readable name
@ -277,37 +277,37 @@ const ecp_curve_info *ecp_curve_info_from_tls_id( uint16_t tls_id );
* *
* \return The associated curve information or NULL * \return The associated curve information or NULL
*/ */
const ecp_curve_info *ecp_curve_info_from_name( const char *name ); const mbedtls_ecp_curve_info *mbedtls_ecp_curve_info_from_name( const char *name );
/** /**
* \brief Initialize a point (as zero) * \brief Initialize a point (as zero)
*/ */
void ecp_point_init( ecp_point *pt ); void mbedtls_ecp_point_init( mbedtls_ecp_point *pt );
/** /**
* \brief Initialize a group (to something meaningless) * \brief Initialize a group (to something meaningless)
*/ */
void ecp_group_init( ecp_group *grp ); void mbedtls_ecp_group_init( mbedtls_ecp_group *grp );
/** /**
* \brief Initialize a key pair (as an invalid one) * \brief Initialize a key pair (as an invalid one)
*/ */
void ecp_keypair_init( ecp_keypair *key ); void mbedtls_ecp_keypair_init( mbedtls_ecp_keypair *key );
/** /**
* \brief Free the components of a point * \brief Free the components of a point
*/ */
void ecp_point_free( ecp_point *pt ); void mbedtls_ecp_point_free( mbedtls_ecp_point *pt );
/** /**
* \brief Free the components of an ECP group * \brief Free the components of an ECP group
*/ */
void ecp_group_free( ecp_group *grp ); void mbedtls_ecp_group_free( mbedtls_ecp_group *grp );
/** /**
* \brief Free the components of a key pair * \brief Free the components of a key pair
*/ */
void ecp_keypair_free( ecp_keypair *key ); void mbedtls_ecp_keypair_free( mbedtls_ecp_keypair *key );
/** /**
* \brief Copy the contents of point Q into P * \brief Copy the contents of point Q into P
@ -316,9 +316,9 @@ void ecp_keypair_free( ecp_keypair *key );
* \param Q Source point * \param Q Source point
* *
* \return 0 if successful, * \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed * MBEDTLS_ERR_MPI_MALLOC_FAILED if memory allocation failed
*/ */
int ecp_copy( ecp_point *P, const ecp_point *Q ); int mbedtls_ecp_copy( mbedtls_ecp_point *P, const mbedtls_ecp_point *Q );
/** /**
* \brief Copy the contents of a group object * \brief Copy the contents of a group object
@ -327,9 +327,9 @@ int ecp_copy( ecp_point *P, const ecp_point *Q );
* \param src Source group * \param src Source group
* *
* \return 0 if successful, * \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed * MBEDTLS_ERR_MPI_MALLOC_FAILED if memory allocation failed
*/ */
int ecp_group_copy( ecp_group *dst, const ecp_group *src ); int mbedtls_ecp_group_copy( mbedtls_ecp_group *dst, const mbedtls_ecp_group *src );
/** /**
* \brief Set a point to zero * \brief Set a point to zero
@ -337,9 +337,9 @@ int ecp_group_copy( ecp_group *dst, const ecp_group *src );
* \param pt Destination point * \param pt Destination point
* *
* \return 0 if successful, * \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed * MBEDTLS_ERR_MPI_MALLOC_FAILED if memory allocation failed
*/ */
int ecp_set_zero( ecp_point *pt ); int mbedtls_ecp_set_zero( mbedtls_ecp_point *pt );
/** /**
* \brief Tell if a point is zero * \brief Tell if a point is zero
@ -348,7 +348,7 @@ int ecp_set_zero( ecp_point *pt );
* *
* \return 1 if point is zero, 0 otherwise * \return 1 if point is zero, 0 otherwise
*/ */
int ecp_is_zero( ecp_point *pt ); int mbedtls_ecp_is_zero( mbedtls_ecp_point *pt );
/** /**
* \brief Import a non-zero point from two ASCII strings * \brief Import a non-zero point from two ASCII strings
@ -358,9 +358,9 @@ int ecp_is_zero( ecp_point *pt );
* \param x First affine coordinate as a null-terminated string * \param x First affine coordinate as a null-terminated string
* \param y Second affine coordinate as a null-terminated string * \param y Second affine coordinate as a null-terminated string
* *
* \return 0 if successful, or a POLARSSL_ERR_MPI_XXX error code * \return 0 if successful, or a MBEDTLS_ERR_MPI_XXX error code
*/ */
int ecp_point_read_string( ecp_point *P, int radix, int mbedtls_ecp_point_read_string( mbedtls_ecp_point *P, int radix,
const char *x, const char *y ); const char *x, const char *y );
/** /**
@ -368,16 +368,16 @@ int ecp_point_read_string( ecp_point *P, int radix,
* *
* \param grp Group to which the point should belong * \param grp Group to which the point should belong
* \param P Point to export * \param P Point to export
* \param format Point format, should be a POLARSSL_ECP_PF_XXX macro * \param format Point format, should be a MBEDTLS_ECP_PF_XXX macro
* \param olen Length of the actual output * \param olen Length of the actual output
* \param buf Output buffer * \param buf Output buffer
* \param buflen Length of the output buffer * \param buflen Length of the output buffer
* *
* \return 0 if successful, * \return 0 if successful,
* or POLARSSL_ERR_ECP_BAD_INPUT_DATA * or MBEDTLS_ERR_ECP_BAD_INPUT_DATA
* or POLARSSL_ERR_ECP_BUFFER_TOO_SMALL * or MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL
*/ */
int ecp_point_write_binary( const ecp_group *grp, const ecp_point *P, int mbedtls_ecp_point_write_binary( const mbedtls_ecp_group *grp, const mbedtls_ecp_point *P,
int format, size_t *olen, int format, size_t *olen,
unsigned char *buf, size_t buflen ); unsigned char *buf, size_t buflen );
@ -390,16 +390,16 @@ int ecp_point_write_binary( const ecp_group *grp, const ecp_point *P,
* \param ilen Actual length of input * \param ilen Actual length of input
* *
* \return 0 if successful, * \return 0 if successful,
* POLARSSL_ERR_ECP_BAD_INPUT_DATA if input is invalid, * MBEDTLS_ERR_ECP_BAD_INPUT_DATA if input is invalid,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed, * MBEDTLS_ERR_MPI_MALLOC_FAILED if memory allocation failed,
* POLARSSL_ERR_ECP_FEATURE_UNAVAILABLE if the point format * MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE if the point format
* is not implemented. * is not implemented.
* *
* \note This function does NOT check that the point actually * \note This function does NOT check that the point actually
* belongs to the given group, see ecp_check_pubkey() for * belongs to the given group, see mbedtls_ecp_check_pubkey() for
* that. * that.
*/ */
int ecp_point_read_binary( const ecp_group *grp, ecp_point *P, int mbedtls_ecp_point_read_binary( const mbedtls_ecp_group *grp, mbedtls_ecp_point *P,
const unsigned char *buf, size_t ilen ); const unsigned char *buf, size_t ilen );
/** /**
@ -413,10 +413,10 @@ int ecp_point_read_binary( const ecp_group *grp, ecp_point *P,
* \note buf is updated to point right after the ECPoint on exit * \note buf is updated to point right after the ECPoint on exit
* *
* \return O if successful, * \return O if successful,
* POLARSSL_ERR_MPI_XXX if initialization failed * MBEDTLS_ERR_MPI_XXX if initialization failed
* POLARSSL_ERR_ECP_BAD_INPUT_DATA if input is invalid * MBEDTLS_ERR_ECP_BAD_INPUT_DATA if input is invalid
*/ */
int ecp_tls_read_point( const ecp_group *grp, ecp_point *pt, int mbedtls_ecp_tls_read_point( const mbedtls_ecp_group *grp, mbedtls_ecp_point *pt,
const unsigned char **buf, size_t len ); const unsigned char **buf, size_t len );
/** /**
@ -430,10 +430,10 @@ int ecp_tls_read_point( const ecp_group *grp, ecp_point *pt,
* \param blen Buffer length * \param blen Buffer length
* *
* \return 0 if successful, * \return 0 if successful,
* or POLARSSL_ERR_ECP_BAD_INPUT_DATA * or MBEDTLS_ERR_ECP_BAD_INPUT_DATA
* or POLARSSL_ERR_ECP_BUFFER_TOO_SMALL * or MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL
*/ */
int ecp_tls_write_point( const ecp_group *grp, const ecp_point *pt, int mbedtls_ecp_tls_write_point( const mbedtls_ecp_group *grp, const mbedtls_ecp_point *pt,
int format, size_t *olen, int format, size_t *olen,
unsigned char *buf, size_t blen ); unsigned char *buf, size_t blen );
@ -448,11 +448,11 @@ int ecp_tls_write_point( const ecp_group *grp, const ecp_point *pt,
* \param gy The generator's Y coordinate * \param gy The generator's Y coordinate
* \param n The generator's order * \param n The generator's order
* *
* \return 0 if successful, or a POLARSSL_ERR_MPI_XXX error code * \return 0 if successful, or a MBEDTLS_ERR_MPI_XXX error code
* *
* \note Sets all fields except modp. * \note Sets all fields except modp.
*/ */
int ecp_group_read_string( ecp_group *grp, int radix, int mbedtls_ecp_group_read_string( mbedtls_ecp_group *grp, int radix,
const char *p, const char *b, const char *p, const char *b,
const char *gx, const char *gy, const char *n); const char *gx, const char *gy, const char *n);
@ -463,13 +463,13 @@ int ecp_group_read_string( ecp_group *grp, int radix,
* \param index Index in the list of well-known domain parameters * \param index Index in the list of well-known domain parameters
* *
* \return O if successful, * \return O if successful,
* POLARSSL_ERR_MPI_XXX if initialization failed * MBEDTLS_ERR_MPI_XXX if initialization failed
* POLARSSL_ERR_ECP_FEATURE_UNAVAILABLE for unkownn groups * MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE for unkownn groups
* *
* \note Index should be a value of RFC 4492's enum NamdeCurve, * \note Index should be a value of RFC 4492's enum NamdeCurve,
* possibly in the form of a POLARSSL_ECP_DP_XXX macro. * possibly in the form of a MBEDTLS_ECP_DP_XXX macro.
*/ */
int ecp_use_known_dp( ecp_group *grp, ecp_group_id index ); int mbedtls_ecp_use_known_dp( mbedtls_ecp_group *grp, mbedtls_ecp_group_id index );
/** /**
* \brief Set a group from a TLS ECParameters record * \brief Set a group from a TLS ECParameters record
@ -481,10 +481,10 @@ int ecp_use_known_dp( ecp_group *grp, ecp_group_id index );
* \note buf is updated to point right after ECParameters on exit * \note buf is updated to point right after ECParameters on exit
* *
* \return O if successful, * \return O if successful,
* POLARSSL_ERR_MPI_XXX if initialization failed * MBEDTLS_ERR_MPI_XXX if initialization failed
* POLARSSL_ERR_ECP_BAD_INPUT_DATA if input is invalid * MBEDTLS_ERR_ECP_BAD_INPUT_DATA if input is invalid
*/ */
int ecp_tls_read_group( ecp_group *grp, const unsigned char **buf, size_t len ); int mbedtls_ecp_tls_read_group( mbedtls_ecp_group *grp, const unsigned char **buf, size_t len );
/** /**
* \brief Write the TLS ECParameters record for a group * \brief Write the TLS ECParameters record for a group
@ -495,9 +495,9 @@ int ecp_tls_read_group( ecp_group *grp, const unsigned char **buf, size_t len );
* \param blen Buffer length * \param blen Buffer length
* *
* \return 0 if successful, * \return 0 if successful,
* or POLARSSL_ERR_ECP_BUFFER_TOO_SMALL * or MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL
*/ */
int ecp_tls_write_group( const ecp_group *grp, size_t *olen, int mbedtls_ecp_tls_write_group( const mbedtls_ecp_group *grp, size_t *olen,
unsigned char *buf, size_t blen ); unsigned char *buf, size_t blen );
/** /**
@ -509,13 +509,13 @@ int ecp_tls_write_group( const ecp_group *grp, size_t *olen,
* \param Q Right-hand point * \param Q Right-hand point
* *
* \return 0 if successful, * \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed * MBEDTLS_ERR_MPI_MALLOC_FAILED if memory allocation failed
* *
* \note This function does not support Montgomery curves, such as * \note This function does not support Montgomery curves, such as
* Curve25519. * Curve25519.
*/ */
int ecp_add( const ecp_group *grp, ecp_point *R, int mbedtls_ecp_add( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
const ecp_point *P, const ecp_point *Q ); const mbedtls_ecp_point *P, const mbedtls_ecp_point *Q );
/** /**
* \brief Subtraction: R = P - Q * \brief Subtraction: R = P - Q
@ -526,13 +526,13 @@ int ecp_add( const ecp_group *grp, ecp_point *R,
* \param Q Right-hand point * \param Q Right-hand point
* *
* \return 0 if successful, * \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed * MBEDTLS_ERR_MPI_MALLOC_FAILED if memory allocation failed
* *
* \note This function does not support Montgomery curves, such as * \note This function does not support Montgomery curves, such as
* Curve25519. * Curve25519.
*/ */
int ecp_sub( const ecp_group *grp, ecp_point *R, int mbedtls_ecp_sub( const mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
const ecp_point *P, const ecp_point *Q ); const mbedtls_ecp_point *P, const mbedtls_ecp_point *Q );
/** /**
* \brief Multiplication by an integer: R = m * P * \brief Multiplication by an integer: R = m * P
@ -546,9 +546,9 @@ int ecp_sub( const ecp_group *grp, ecp_point *R,
* \param p_rng RNG parameter * \param p_rng RNG parameter
* *
* \return 0 if successful, * \return 0 if successful,
* POLARSSL_ERR_ECP_INVALID_KEY if m is not a valid privkey * MBEDTLS_ERR_ECP_INVALID_KEY if m is not a valid privkey
* or P is not a valid pubkey, * or P is not a valid pubkey,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed * MBEDTLS_ERR_MPI_MALLOC_FAILED if memory allocation failed
* *
* \note In order to prevent timing attacks, this function * \note In order to prevent timing attacks, this function
* executes the exact same sequence of (base field) * executes the exact same sequence of (base field)
@ -560,8 +560,8 @@ int ecp_sub( const ecp_group *grp, ecp_point *R,
* targeting these results. It is recommended to always * targeting these results. It is recommended to always
* provide a non-NULL f_rng (the overhead is negligible). * provide a non-NULL f_rng (the overhead is negligible).
*/ */
int ecp_mul( ecp_group *grp, ecp_point *R, int mbedtls_ecp_mul( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
const mpi *m, const ecp_point *P, const mbedtls_mpi *m, const mbedtls_ecp_point *P,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
/** /**
@ -571,7 +571,7 @@ int ecp_mul( ecp_group *grp, ecp_point *R,
* \param pt Point to check * \param pt Point to check
* *
* \return 0 if point is a valid public key, * \return 0 if point is a valid public key,
* POLARSSL_ERR_ECP_INVALID_KEY otherwise. * MBEDTLS_ERR_ECP_INVALID_KEY otherwise.
* *
* \note This function only checks the point is non-zero, has valid * \note This function only checks the point is non-zero, has valid
* coordinates and lies on the curve, but not that it is * coordinates and lies on the curve, but not that it is
@ -581,26 +581,26 @@ int ecp_mul( ecp_group *grp, ecp_point *R,
* particular, it is useless for the NIST groups which all * particular, it is useless for the NIST groups which all
* have a cofactor of 1. * have a cofactor of 1.
* *
* \note Uses bare components rather than an ecp_keypair structure * \note Uses bare components rather than an mbedtls_ecp_keypair structure
* in order to ease use with other structures such as * in order to ease use with other structures such as
* ecdh_context of ecdsa_context. * mbedtls_ecdh_context of mbedtls_ecdsa_context.
*/ */
int ecp_check_pubkey( const ecp_group *grp, const ecp_point *pt ); int mbedtls_ecp_check_pubkey( const mbedtls_ecp_group *grp, const mbedtls_ecp_point *pt );
/** /**
* \brief Check that an mpi is a valid private key for this curve * \brief Check that an mbedtls_mpi is a valid private key for this curve
* *
* \param grp Group used * \param grp Group used
* \param d Integer to check * \param d Integer to check
* *
* \return 0 if point is a valid private key, * \return 0 if point is a valid private key,
* POLARSSL_ERR_ECP_INVALID_KEY otherwise. * MBEDTLS_ERR_ECP_INVALID_KEY otherwise.
* *
* \note Uses bare components rather than an ecp_keypair structure * \note Uses bare components rather than an mbedtls_ecp_keypair structure
* in order to ease use with other structures such as * in order to ease use with other structures such as
* ecdh_context of ecdsa_context. * mbedtls_ecdh_context of mbedtls_ecdsa_context.
*/ */
int ecp_check_privkey( const ecp_group *grp, const mpi *d ); int mbedtls_ecp_check_privkey( const mbedtls_ecp_group *grp, const mbedtls_mpi *d );
/** /**
* \brief Generate a keypair * \brief Generate a keypair
@ -612,13 +612,13 @@ int ecp_check_privkey( const ecp_group *grp, const mpi *d );
* \param p_rng RNG parameter * \param p_rng RNG parameter
* *
* \return 0 if successful, * \return 0 if successful,
* or a POLARSSL_ERR_ECP_XXX or POLARSSL_MPI_XXX error code * or a MBEDTLS_ERR_ECP_XXX or MBEDTLS_MPI_XXX error code
* *
* \note Uses bare components rather than an ecp_keypair structure * \note Uses bare components rather than an mbedtls_ecp_keypair structure
* in order to ease use with other structures such as * in order to ease use with other structures such as
* ecdh_context of ecdsa_context. * mbedtls_ecdh_context of mbedtls_ecdsa_context.
*/ */
int ecp_gen_keypair( ecp_group *grp, mpi *d, ecp_point *Q, int mbedtls_ecp_gen_keypair( mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng );
@ -631,9 +631,9 @@ int ecp_gen_keypair( ecp_group *grp, mpi *d, ecp_point *Q,
* \param p_rng RNG parameter * \param p_rng RNG parameter
* *
* \return 0 if successful, * \return 0 if successful,
* or a POLARSSL_ERR_ECP_XXX or POLARSSL_MPI_XXX error code * or a MBEDTLS_ERR_ECP_XXX or MBEDTLS_MPI_XXX error code
*/ */
int ecp_gen_key( ecp_group_id grp_id, ecp_keypair *key, int mbedtls_ecp_gen_key( mbedtls_ecp_group_id grp_id, mbedtls_ecp_keypair *key,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
/** /**
@ -643,18 +643,18 @@ int ecp_gen_key( ecp_group_id grp_id, ecp_keypair *key,
* \param prv Keypair structure holding a private (plus public) key * \param prv Keypair structure holding a private (plus public) key
* *
* \return 0 if successfull (keys are valid and match), or * \return 0 if successfull (keys are valid and match), or
* POLARSSL_ERR_ECP_BAD_INPUT_DATA, or * MBEDTLS_ERR_ECP_BAD_INPUT_DATA, or
* a POLARSSL_ERR_ECP_XXX or POLARSSL_ERR_MPI_XXX code. * a MBEDTLS_ERR_ECP_XXX or MBEDTLS_ERR_MPI_XXX code.
*/ */
int ecp_check_pub_priv( const ecp_keypair *pub, const ecp_keypair *prv ); int mbedtls_ecp_check_pub_priv( const mbedtls_ecp_keypair *pub, const mbedtls_ecp_keypair *prv );
#if defined(POLARSSL_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
/** /**
* \brief Checkup routine * \brief Checkup routine
* *
* \return 0 if successful, or 1 if a test failed * \return 0 if successful, or 1 if a test failed
*/ */
int ecp_self_test( int verbose ); int mbedtls_ecp_self_test( int verbose );
#endif #endif
#ifdef __cplusplus #ifdef __cplusplus

130
include/mbedtls/entropy.h
View File

@ -21,39 +21,39 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_ENTROPY_H #ifndef MBEDTLS_ENTROPY_H
#define POLARSSL_ENTROPY_H #define MBEDTLS_ENTROPY_H
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h" #include "config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#include <stddef.h> #include <stddef.h>
#if defined(POLARSSL_SHA512_C) && !defined(POLARSSL_ENTROPY_FORCE_SHA256) #if defined(MBEDTLS_SHA512_C) && !defined(MBEDTLS_ENTROPY_FORCE_SHA256)
#include "sha512.h" #include "sha512.h"
#define POLARSSL_ENTROPY_SHA512_ACCUMULATOR #define MBEDTLS_ENTROPY_SHA512_ACCUMULATOR
#else #else
#if defined(POLARSSL_SHA256_C) #if defined(MBEDTLS_SHA256_C)
#define POLARSSL_ENTROPY_SHA256_ACCUMULATOR #define MBEDTLS_ENTROPY_SHA256_ACCUMULATOR
#include "sha256.h" #include "sha256.h"
#endif #endif
#endif #endif
#if defined(POLARSSL_THREADING_C) #if defined(MBEDTLS_THREADING_C)
#include "threading.h" #include "threading.h"
#endif #endif
#if defined(POLARSSL_HAVEGE_C) #if defined(MBEDTLS_HAVEGE_C)
#include "havege.h" #include "havege.h"
#endif #endif
#define POLARSSL_ERR_ENTROPY_SOURCE_FAILED -0x003C /**< Critical entropy source failure. */ #define MBEDTLS_ERR_ENTROPY_SOURCE_FAILED -0x003C /**< Critical entropy source failure. */
#define POLARSSL_ERR_ENTROPY_MAX_SOURCES -0x003E /**< No more sources can be added. */ #define MBEDTLS_ERR_ENTROPY_MAX_SOURCES -0x003E /**< No more sources can be added. */
#define POLARSSL_ERR_ENTROPY_NO_SOURCES_DEFINED -0x0040 /**< No sources have been added to poll. */ #define MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED -0x0040 /**< No sources have been added to poll. */
#define POLARSSL_ERR_ENTROPY_FILE_IO_ERROR -0x0058 /**< Read/write error in file. */ #define MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR -0x0058 /**< Read/write error in file. */
/** /**
* \name SECTION: Module settings * \name SECTION: Module settings
@ -63,24 +63,24 @@
* \{ * \{
*/ */
#if !defined(ENTROPY_MAX_SOURCES) #if !defined(MBEDTLS_ENTROPY_MAX_SOURCES)
#define ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */ #define MBEDTLS_ENTROPY_MAX_SOURCES 20 /**< Maximum number of sources supported */
#endif #endif
#if !defined(ENTROPY_MAX_GATHER) #if !defined(MBEDTLS_ENTROPY_MAX_GATHER)
#define ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */ #define MBEDTLS_ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */
#endif #endif
/* \} name SECTION: Module settings */ /* \} name SECTION: Module settings */
#if defined(POLARSSL_ENTROPY_SHA512_ACCUMULATOR) #if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
#define ENTROPY_BLOCK_SIZE 64 /**< Block size of entropy accumulator (SHA-512) */ #define MBEDTLS_ENTROPY_BLOCK_SIZE 64 /**< Block size of entropy accumulator (SHA-512) */
#else #else
#define ENTROPY_BLOCK_SIZE 32 /**< Block size of entropy accumulator (SHA-256) */ #define MBEDTLS_ENTROPY_BLOCK_SIZE 32 /**< Block size of entropy accumulator (SHA-256) */
#endif #endif
#define ENTROPY_MAX_SEED_SIZE 1024 /**< Maximum size of seed we read from seed file */ #define MBEDTLS_ENTROPY_MAX_SEED_SIZE 1024 /**< Maximum size of seed we read from seed file */
#define ENTROPY_SOURCE_MANUAL ENTROPY_MAX_SOURCES #define MBEDTLS_ENTROPY_SOURCE_MANUAL MBEDTLS_ENTROPY_MAX_SOURCES
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
@ -95,9 +95,9 @@ extern "C" {
* \param olen The actual amount of bytes put into the buffer (Can be 0) * \param olen The actual amount of bytes put into the buffer (Can be 0)
* *
* \return 0 if no critical failures occurred, * \return 0 if no critical failures occurred,
* POLARSSL_ERR_ENTROPY_SOURCE_FAILED otherwise * MBEDTLS_ERR_ENTROPY_SOURCE_FAILED otherwise
*/ */
typedef int (*f_source_ptr)(void *data, unsigned char *output, size_t len, typedef int (*mbedtls_entropy_f_source_ptr)(void *data, unsigned char *output, size_t len,
size_t *olen); size_t *olen);
/** /**
@ -105,90 +105,90 @@ typedef int (*f_source_ptr)(void *data, unsigned char *output, size_t len,
*/ */
typedef struct typedef struct
{ {
f_source_ptr f_source; /**< The entropy source callback */ mbedtls_entropy_f_source_ptr f_source; /**< The entropy source callback */
void * p_source; /**< The callback data pointer */ void * p_source; /**< The callback data pointer */
size_t size; /**< Amount received */ size_t size; /**< Amount received */
size_t threshold; /**< Minimum level required before release */ size_t threshold; /**< Minimum level required before release */
} }
source_state; mbedtls_entropy_source_state;
/** /**
* \brief Entropy context structure * \brief Entropy context structure
*/ */
typedef struct typedef struct
{ {
#if defined(POLARSSL_ENTROPY_SHA512_ACCUMULATOR) #if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
sha512_context accumulator; mbedtls_sha512_context accumulator;
#else #else
sha256_context accumulator; mbedtls_sha256_context accumulator;
#endif #endif
int source_count; int source_count;
source_state source[ENTROPY_MAX_SOURCES]; mbedtls_entropy_source_state source[MBEDTLS_ENTROPY_MAX_SOURCES];
#if defined(POLARSSL_HAVEGE_C) #if defined(MBEDTLS_HAVEGE_C)
havege_state havege_data; mbedtls_havege_state havege_data;
#endif #endif
#if defined(POLARSSL_THREADING_C) #if defined(MBEDTLS_THREADING_C)
threading_mutex_t mutex; /*!< mutex */ mbedtls_threading_mutex_t mutex; /*!< mutex */
#endif #endif
} }
entropy_context; mbedtls_entropy_context;
/** /**
* \brief Initialize the context * \brief Initialize the context
* *
* \param ctx Entropy context to initialize * \param ctx Entropy context to initialize
*/ */
void entropy_init( entropy_context *ctx ); void mbedtls_entropy_init( mbedtls_entropy_context *ctx );
/** /**
* \brief Free the data in the context * \brief Free the data in the context
* *
* \param ctx Entropy context to free * \param ctx Entropy context to free
*/ */
void entropy_free( entropy_context *ctx ); void mbedtls_entropy_free( mbedtls_entropy_context *ctx );
/** /**
* \brief Adds an entropy source to poll * \brief Adds an entropy source to poll
* (Thread-safe if POLARSSL_THREADING_C is enabled) * (Thread-safe if MBEDTLS_THREADING_C is enabled)
* *
* \param ctx Entropy context * \param ctx Entropy context
* \param f_source Entropy function * \param f_source Entropy function
* \param p_source Function data * \param p_source Function data
* \param threshold Minimum required from source before entropy is released * \param threshold Minimum required from source before entropy is released
* ( with entropy_func() ) * ( with mbedtls_entropy_func() )
* *
* \return 0 if successful or POLARSSL_ERR_ENTROPY_MAX_SOURCES * \return 0 if successful or MBEDTLS_ERR_ENTROPY_MAX_SOURCES
*/ */
int entropy_add_source( entropy_context *ctx, int mbedtls_entropy_add_source( mbedtls_entropy_context *ctx,
f_source_ptr f_source, void *p_source, mbedtls_entropy_f_source_ptr f_source, void *p_source,
size_t threshold ); size_t threshold );
/** /**
* \brief Trigger an extra gather poll for the accumulator * \brief Trigger an extra gather poll for the accumulator
* (Thread-safe if POLARSSL_THREADING_C is enabled) * (Thread-safe if MBEDTLS_THREADING_C is enabled)
* *
* \param ctx Entropy context * \param ctx Entropy context
* *
* \return 0 if successful, or POLARSSL_ERR_ENTROPY_SOURCE_FAILED * \return 0 if successful, or MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
*/ */
int entropy_gather( entropy_context *ctx ); int mbedtls_entropy_gather( mbedtls_entropy_context *ctx );
/** /**
* \brief Retrieve entropy from the accumulator * \brief Retrieve entropy from the accumulator
* (Maximum length: ENTROPY_BLOCK_SIZE) * (Maximum length: MBEDTLS_ENTROPY_BLOCK_SIZE)
* (Thread-safe if POLARSSL_THREADING_C is enabled) * (Thread-safe if MBEDTLS_THREADING_C is enabled)
* *
* \param data Entropy context * \param data Entropy context
* \param output Buffer to fill * \param output Buffer to fill
* \param len Number of bytes desired, must be at most ENTROPY_BLOCK_SIZE * \param len Number of bytes desired, must be at most MBEDTLS_ENTROPY_BLOCK_SIZE
* *
* \return 0 if successful, or POLARSSL_ERR_ENTROPY_SOURCE_FAILED * \return 0 if successful, or MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
*/ */
int entropy_func( void *data, unsigned char *output, size_t len ); int mbedtls_entropy_func( void *data, unsigned char *output, size_t len );
/** /**
* \brief Add data to the accumulator manually * \brief Add data to the accumulator manually
* (Thread-safe if POLARSSL_THREADING_C is enabled) * (Thread-safe if MBEDTLS_THREADING_C is enabled)
* *
* \param ctx Entropy context * \param ctx Entropy context
* \param data Data to add * \param data Data to add
@ -196,10 +196,10 @@ int entropy_func( void *data, unsigned char *output, size_t len );
* *
* \return 0 if successful * \return 0 if successful
*/ */
int entropy_update_manual( entropy_context *ctx, int mbedtls_entropy_update_manual( mbedtls_entropy_context *ctx,
const unsigned char *data, size_t len ); const unsigned char *data, size_t len );
#if defined(POLARSSL_FS_IO) #if defined(MBEDTLS_FS_IO)
/** /**
* \brief Write a seed file * \brief Write a seed file
* *
@ -207,34 +207,34 @@ int entropy_update_manual( entropy_context *ctx,
* \param path Name of the file * \param path Name of the file
* *
* \return 0 if successful, * \return 0 if successful,
* POLARSSL_ERR_ENTROPY_FILE_IO_ERROR on file error, or * MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR on file error, or
* POLARSSL_ERR_ENTROPY_SOURCE_FAILED * MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
*/ */
int entropy_write_seed_file( entropy_context *ctx, const char *path ); int mbedtls_entropy_write_seed_file( mbedtls_entropy_context *ctx, const char *path );
/** /**
* \brief Read and update a seed file. Seed is added to this * \brief Read and update a seed file. Seed is added to this
* instance. No more than ENTROPY_MAX_SEED_SIZE bytes are * instance. No more than MBEDTLS_ENTROPY_MAX_SEED_SIZE bytes are
* read from the seed file. The rest is ignored. * read from the seed file. The rest is ignored.
* *
* \param ctx Entropy context * \param ctx Entropy context
* \param path Name of the file * \param path Name of the file
* *
* \return 0 if successful, * \return 0 if successful,
* POLARSSL_ERR_ENTROPY_FILE_IO_ERROR on file error, * MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR on file error,
* POLARSSL_ERR_ENTROPY_SOURCE_FAILED * MBEDTLS_ERR_ENTROPY_SOURCE_FAILED
*/ */
int entropy_update_seed_file( entropy_context *ctx, const char *path ); int mbedtls_entropy_update_seed_file( mbedtls_entropy_context *ctx, const char *path );
#endif /* POLARSSL_FS_IO */ #endif /* MBEDTLS_FS_IO */
#if defined(POLARSSL_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
/** /**
* \brief Checkup routine * \brief Checkup routine
* *
* \return 0 if successful, or 1 if a test failed * \return 0 if successful, or 1 if a test failed
*/ */
int entropy_self_test( int verbose ); int mbedtls_entropy_self_test( int verbose );
#endif /* POLARSSL_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */
#ifdef __cplusplus #ifdef __cplusplus
} }

28
include/mbedtls/entropy_poll.h
View File

@ -21,13 +21,13 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_ENTROPY_POLL_H #ifndef MBEDTLS_ENTROPY_POLL_H
#define POLARSSL_ENTROPY_POLL_H #define MBEDTLS_ENTROPY_POLL_H
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h" #include "config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#include <stddef.h> #include <stddef.h>
@ -39,33 +39,33 @@ extern "C" {
/* /*
* Default thresholds for built-in sources * Default thresholds for built-in sources
*/ */
#define ENTROPY_MIN_PLATFORM 128 /**< Minimum for platform source */ #define MBEDTLS_ENTROPY_MIN_PLATFORM 128 /**< Minimum for platform source */
#define ENTROPY_MIN_HAVEGE 128 /**< Minimum for HAVEGE */ #define MBEDTLS_ENTROPY_MIN_HAVEGE 128 /**< Minimum for HAVEGE */
#define ENTROPY_MIN_HARDCLOCK 32 /**< Minimum for hardclock() */ #define MBEDTLS_ENTROPY_MIN_HARDCLOCK 32 /**< Minimum for mbedtls_timing_hardclock() */
#if !defined(POLARSSL_NO_PLATFORM_ENTROPY) #if !defined(MBEDTLS_NO_PLATFORM_ENTROPY)
/** /**
* \brief Platform-specific entropy poll callback * \brief Platform-specific entropy poll callback
*/ */
int platform_entropy_poll( void *data, int mbedtls_platform_entropy_poll( void *data,
unsigned char *output, size_t len, size_t *olen ); unsigned char *output, size_t len, size_t *olen );
#endif #endif
#if defined(POLARSSL_HAVEGE_C) #if defined(MBEDTLS_HAVEGE_C)
/** /**
* \brief HAVEGE based entropy poll callback * \brief HAVEGE based entropy poll callback
* *
* Requires an HAVEGE state as its data pointer. * Requires an HAVEGE state as its data pointer.
*/ */
int havege_poll( void *data, int mbedtls_havege_poll( void *data,
unsigned char *output, size_t len, size_t *olen ); unsigned char *output, size_t len, size_t *olen );
#endif #endif
#if defined(POLARSSL_TIMING_C) #if defined(MBEDTLS_TIMING_C)
/** /**
* \brief hardclock-based entropy poll callback * \brief mbedtls_timing_hardclock-based entropy poll callback
*/ */
int hardclock_poll( void *data, int mbedtls_hardclock_poll( void *data,
unsigned char *output, size_t len, size_t *olen ); unsigned char *output, size_t len, size_t *olen );
#endif #endif

6
include/mbedtls/error.h
View File

@ -21,8 +21,8 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_ERROR_H #ifndef MBEDTLS_ERROR_H
#define POLARSSL_ERROR_H #define MBEDTLS_ERROR_H
#include <stddef.h> #include <stddef.h>
@ -107,7 +107,7 @@ extern "C" {
* \param buffer buffer to place representation in * \param buffer buffer to place representation in
* \param buflen length of the buffer * \param buflen length of the buffer
*/ */
void polarssl_strerror( int errnum, char *buffer, size_t buflen ); void mbedtls_strerror( int errnum, char *buffer, size_t buflen );
#ifdef __cplusplus #ifdef __cplusplus
} }

44
include/mbedtls/gcm.h
View File

@ -21,8 +21,8 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_GCM_H #ifndef MBEDTLS_GCM_H
#define POLARSSL_GCM_H #define MBEDTLS_GCM_H
#include "cipher.h" #include "cipher.h"
@ -34,11 +34,11 @@ typedef UINT64 uint64_t;
#include <stdint.h> #include <stdint.h>
#endif #endif
#define GCM_ENCRYPT 1 #define MBEDTLS_GCM_ENCRYPT 1
#define GCM_DECRYPT 0 #define MBEDTLS_GCM_DECRYPT 0
#define POLARSSL_ERR_GCM_AUTH_FAILED -0x0012 /**< Authenticated decryption failed. */ #define MBEDTLS_ERR_GCM_AUTH_FAILED -0x0012 /**< Authenticated decryption failed. */
#define POLARSSL_ERR_GCM_BAD_INPUT -0x0014 /**< Bad input parameters to function. */ #define MBEDTLS_ERR_GCM_BAD_INPUT -0x0014 /**< Bad input parameters to function. */
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
@ -48,7 +48,7 @@ extern "C" {
* \brief GCM context structure * \brief GCM context structure
*/ */
typedef struct { typedef struct {
cipher_context_t cipher_ctx;/*!< cipher context used */ mbedtls_cipher_context_t cipher_ctx;/*!< cipher context used */
uint64_t HL[16]; /*!< Precalculated HTable */ uint64_t HL[16]; /*!< Precalculated HTable */
uint64_t HH[16]; /*!< Precalculated HTable */ uint64_t HH[16]; /*!< Precalculated HTable */
uint64_t len; /*!< Total data length */ uint64_t len; /*!< Total data length */
@ -58,7 +58,7 @@ typedef struct {
unsigned char buf[16]; /*!< buf working value */ unsigned char buf[16]; /*!< buf working value */
int mode; /*!< Encrypt or Decrypt */ int mode; /*!< Encrypt or Decrypt */
} }
gcm_context; mbedtls_gcm_context;
/** /**
* \brief GCM initialization (encryption) * \brief GCM initialization (encryption)
@ -70,7 +70,7 @@ gcm_context;
* *
* \return 0 if successful, or a cipher specific error code * \return 0 if successful, or a cipher specific error code
*/ */
int gcm_init( gcm_context *ctx, cipher_id_t cipher, const unsigned char *key, int mbedtls_gcm_init( mbedtls_gcm_context *ctx, mbedtls_cipher_id_t cipher, const unsigned char *key,
unsigned int keysize ); unsigned int keysize );
/** /**
@ -82,7 +82,7 @@ int gcm_init( gcm_context *ctx, cipher_id_t cipher, const unsigned char *key,
* behind the input buffer. * behind the input buffer.
* *
* \param ctx GCM context * \param ctx GCM context
* \param mode GCM_ENCRYPT or GCM_DECRYPT * \param mode MBEDTLS_GCM_ENCRYPT or MBEDTLS_GCM_DECRYPT
* \param length length of the input data * \param length length of the input data
* \param iv initialization vector * \param iv initialization vector
* \param iv_len length of IV * \param iv_len length of IV
@ -95,7 +95,7 @@ int gcm_init( gcm_context *ctx, cipher_id_t cipher, const unsigned char *key,
* *
* \return 0 if successful * \return 0 if successful
*/ */
int gcm_crypt_and_tag( gcm_context *ctx, int mbedtls_gcm_crypt_and_tag( mbedtls_gcm_context *ctx,
int mode, int mode,
size_t length, size_t length,
const unsigned char *iv, const unsigned char *iv,
@ -126,9 +126,9 @@ int gcm_crypt_and_tag( gcm_context *ctx,
* \param output buffer for holding the output data * \param output buffer for holding the output data
* *
* \return 0 if successful and authenticated, * \return 0 if successful and authenticated,
* POLARSSL_ERR_GCM_AUTH_FAILED if tag does not match * MBEDTLS_ERR_GCM_AUTH_FAILED if tag does not match
*/ */
int gcm_auth_decrypt( gcm_context *ctx, int mbedtls_gcm_auth_decrypt( mbedtls_gcm_context *ctx,
size_t length, size_t length,
const unsigned char *iv, const unsigned char *iv,
size_t iv_len, size_t iv_len,
@ -143,7 +143,7 @@ int gcm_auth_decrypt( gcm_context *ctx,
* \brief Generic GCM stream start function * \brief Generic GCM stream start function
* *
* \param ctx GCM context * \param ctx GCM context
* \param mode GCM_ENCRYPT or GCM_DECRYPT * \param mode MBEDTLS_GCM_ENCRYPT or MBEDTLS_GCM_DECRYPT
* \param iv initialization vector * \param iv initialization vector
* \param iv_len length of IV * \param iv_len length of IV
* \param add additional data (or NULL if length is 0) * \param add additional data (or NULL if length is 0)
@ -151,7 +151,7 @@ int gcm_auth_decrypt( gcm_context *ctx,
* *
* \return 0 if successful * \return 0 if successful
*/ */
int gcm_starts( gcm_context *ctx, int mbedtls_gcm_starts( mbedtls_gcm_context *ctx,
int mode, int mode,
const unsigned char *iv, const unsigned char *iv,
size_t iv_len, size_t iv_len,
@ -161,7 +161,7 @@ int gcm_starts( gcm_context *ctx,
/** /**
* \brief Generic GCM update function. Encrypts/decrypts using the * \brief Generic GCM update function. Encrypts/decrypts using the
* given GCM context. Expects input to be a multiple of 16 * given GCM context. Expects input to be a multiple of 16
* bytes! Only the last call before gcm_finish() can be less * bytes! Only the last call before mbedtls_gcm_finish() can be less
* than 16 bytes! * than 16 bytes!
* *
* \note On decryption, the output buffer cannot be the same as input buffer. * \note On decryption, the output buffer cannot be the same as input buffer.
@ -173,9 +173,9 @@ int gcm_starts( gcm_context *ctx,
* \param input buffer holding the input data * \param input buffer holding the input data
* \param output buffer for holding the output data * \param output buffer for holding the output data
* *
* \return 0 if successful or POLARSSL_ERR_GCM_BAD_INPUT * \return 0 if successful or MBEDTLS_ERR_GCM_BAD_INPUT
*/ */
int gcm_update( gcm_context *ctx, int mbedtls_gcm_update( mbedtls_gcm_context *ctx,
size_t length, size_t length,
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output );
@ -189,9 +189,9 @@ int gcm_update( gcm_context *ctx,
* \param tag buffer for holding the tag (may be NULL if tag_len is 0) * \param tag buffer for holding the tag (may be NULL if tag_len is 0)
* \param tag_len length of the tag to generate * \param tag_len length of the tag to generate
* *
* \return 0 if successful or POLARSSL_ERR_GCM_BAD_INPUT * \return 0 if successful or MBEDTLS_ERR_GCM_BAD_INPUT
*/ */
int gcm_finish( gcm_context *ctx, int mbedtls_gcm_finish( mbedtls_gcm_context *ctx,
unsigned char *tag, unsigned char *tag,
size_t tag_len ); size_t tag_len );
@ -200,14 +200,14 @@ int gcm_finish( gcm_context *ctx,
* *
* \param ctx GCM context to free * \param ctx GCM context to free
*/ */
void gcm_free( gcm_context *ctx ); void mbedtls_gcm_free( mbedtls_gcm_context *ctx );
/** /**
* \brief Checkup routine * \brief Checkup routine
* *
* \return 0 if successful, or 1 if the test failed * \return 0 if successful, or 1 if the test failed
*/ */
int gcm_self_test( int verbose ); int mbedtls_gcm_self_test( int verbose );
#ifdef __cplusplus #ifdef __cplusplus
} }

16
include/mbedtls/havege.h
View File

@ -21,12 +21,12 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_HAVEGE_H #ifndef MBEDTLS_HAVEGE_H
#define POLARSSL_HAVEGE_H #define MBEDTLS_HAVEGE_H
#include <stddef.h> #include <stddef.h>
#define COLLECT_SIZE 1024 #define MBEDTLS_HAVEGE_COLLECT_SIZE 1024
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
@ -38,24 +38,24 @@ extern "C" {
typedef struct typedef struct
{ {
int PT1, PT2, offset[2]; int PT1, PT2, offset[2];
int pool[COLLECT_SIZE]; int pool[MBEDTLS_HAVEGE_COLLECT_SIZE];
int WALK[8192]; int WALK[8192];
} }
havege_state; mbedtls_havege_state;
/** /**
* \brief HAVEGE initialization * \brief HAVEGE initialization
* *
* \param hs HAVEGE state to be initialized * \param hs HAVEGE state to be initialized
*/ */
void havege_init( havege_state *hs ); void mbedtls_havege_init( mbedtls_havege_state *hs );
/** /**
* \brief Clear HAVEGE state * \brief Clear HAVEGE state
* *
* \param hs HAVEGE state to be cleared * \param hs HAVEGE state to be cleared
*/ */
void havege_free( havege_state *hs ); void mbedtls_havege_free( mbedtls_havege_state *hs );
/** /**
* \brief HAVEGE rand function * \brief HAVEGE rand function
@ -66,7 +66,7 @@ void havege_free( havege_state *hs );
* *
* \return 0 * \return 0
*/ */
int havege_random( void *p_rng, unsigned char *output, size_t len ); int mbedtls_havege_random( void *p_rng, unsigned char *output, size_t len );
#ifdef __cplusplus #ifdef __cplusplus
} }

108
include/mbedtls/hmac_drbg.h
View File

@ -21,18 +21,18 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_HMAC_DRBG_H #ifndef MBEDTLS_HMAC_DRBG_H
#define POLARSSL_HMAC_DRBG_H #define MBEDTLS_HMAC_DRBG_H
#include "md.h" #include "md.h"
/* /*
* Error codes * Error codes
*/ */
#define POLARSSL_ERR_HMAC_DRBG_REQUEST_TOO_BIG -0x0003 /**< Too many random requested in single call. */ #define MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG -0x0003 /**< Too many random requested in single call. */
#define POLARSSL_ERR_HMAC_DRBG_INPUT_TOO_BIG -0x0005 /**< Input too large (Entropy + additional). */ #define MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG -0x0005 /**< Input too large (Entropy + additional). */
#define POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR -0x0007 /**< Read/write error in file. */ #define MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR -0x0007 /**< Read/write error in file. */
#define POLARSSL_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED -0x0009 /**< The entropy source failed. */ #define MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED -0x0009 /**< The entropy source failed. */
/** /**
* \name SECTION: Module settings * \name SECTION: Module settings
@ -42,26 +42,26 @@
* \{ * \{
*/ */
#if !defined(POLARSSL_HMAC_DRBG_RESEED_INTERVAL) #if !defined(MBEDTLS_HMAC_DRBG_RESEED_INTERVAL)
#define POLARSSL_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */ #define MBEDTLS_HMAC_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
#endif #endif
#if !defined(POLARSSL_HMAC_DRBG_MAX_INPUT) #if !defined(MBEDTLS_HMAC_DRBG_MAX_INPUT)
#define POLARSSL_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */ #define MBEDTLS_HMAC_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
#endif #endif
#if !defined(POLARSSL_HMAC_DRBG_MAX_REQUEST) #if !defined(MBEDTLS_HMAC_DRBG_MAX_REQUEST)
#define POLARSSL_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */ #define MBEDTLS_HMAC_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
#endif #endif
#if !defined(POLARSSL_HMAC_DRBG_MAX_SEED_INPUT) #if !defined(MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT)
#define POLARSSL_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */ #define MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT 384 /**< Maximum size of (re)seed buffer */
#endif #endif
/* \} name SECTION: Module settings */ /* \} name SECTION: Module settings */
#define POLARSSL_HMAC_DRBG_PR_OFF 0 /**< No prediction resistance */ #define MBEDTLS_HMAC_DRBG_PR_OFF 0 /**< No prediction resistance */
#define POLARSSL_HMAC_DRBG_PR_ON 1 /**< Prediction resistance enabled */ #define MBEDTLS_HMAC_DRBG_PR_ON 1 /**< Prediction resistance enabled */
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
@ -74,8 +74,8 @@ typedef struct
{ {
/* Working state: the key K is not stored explicitely, /* Working state: the key K is not stored explicitely,
* but is implied by the HMAC context */ * but is implied by the HMAC context */
md_context_t md_ctx; /*!< HMAC context (inc. K) */ mbedtls_md_context_t md_ctx; /*!< HMAC context (inc. K) */
unsigned char V[POLARSSL_MD_MAX_SIZE]; /*!< V in the spec */ unsigned char V[MBEDTLS_MD_MAX_SIZE]; /*!< V in the spec */
int reseed_counter; /*!< reseed counter */ int reseed_counter; /*!< reseed counter */
/* Administrative state */ /* Administrative state */
@ -87,7 +87,7 @@ typedef struct
/* Callbacks */ /* Callbacks */
int (*f_entropy)(void *, unsigned char *, size_t); /*!< entropy function */ int (*f_entropy)(void *, unsigned char *, size_t); /*!< entropy function */
void *p_entropy; /*!< context for the entropy function */ void *p_entropy; /*!< context for the entropy function */
} hmac_drbg_context; } mbedtls_hmac_drbg_context;
/** /**
* \brief HMAC_DRBG initialisation * \brief HMAC_DRBG initialisation
@ -108,12 +108,12 @@ typedef struct
* Note that SHA-256 is just as efficient as SHA-224. * Note that SHA-256 is just as efficient as SHA-224.
* *
* \return 0 if successful, or * \return 0 if successful, or
* POLARSSL_ERR_MD_BAD_INPUT_DATA, or * MBEDTLS_ERR_MD_BAD_INPUT_DATA, or
* POLARSSL_ERR_MD_ALLOC_FAILED, or * MBEDTLS_ERR_MD_ALLOC_FAILED, or
* POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED. * MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED.
*/ */
int hmac_drbg_init( hmac_drbg_context *ctx, int mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx,
const md_info_t * md_info, const mbedtls_md_info_t * md_info,
int (*f_entropy)(void *, unsigned char *, size_t), int (*f_entropy)(void *, unsigned char *, size_t),
void *p_entropy, void *p_entropy,
const unsigned char *custom, const unsigned char *custom,
@ -129,11 +129,11 @@ int hmac_drbg_init( hmac_drbg_context *ctx,
* \param data_len Length of data in bytes * \param data_len Length of data in bytes
* *
* \return 0 if successful, or * \return 0 if successful, or
* POLARSSL_ERR_MD_BAD_INPUT_DATA, or * MBEDTLS_ERR_MD_BAD_INPUT_DATA, or
* POLARSSL_ERR_MD_ALLOC_FAILED. * MBEDTLS_ERR_MD_ALLOC_FAILED.
*/ */
int hmac_drbg_init_buf( hmac_drbg_context *ctx, int mbedtls_hmac_drbg_init_buf( mbedtls_hmac_drbg_context *ctx,
const md_info_t * md_info, const mbedtls_md_info_t * md_info,
const unsigned char *data, size_t data_len ); const unsigned char *data, size_t data_len );
/** /**
@ -143,30 +143,30 @@ int hmac_drbg_init_buf( hmac_drbg_context *ctx,
* Only use this if you have ample supply of good entropy! * Only use this if you have ample supply of good entropy!
* *
* \param ctx HMAC_DRBG context * \param ctx HMAC_DRBG context
* \param resistance POLARSSL_HMAC_DRBG_PR_ON or POLARSSL_HMAC_DRBG_PR_OFF * \param resistance MBEDTLS_HMAC_DRBG_PR_ON or MBEDTLS_HMAC_DRBG_PR_OFF
*/ */
void hmac_drbg_set_prediction_resistance( hmac_drbg_context *ctx, void mbedtls_hmac_drbg_set_prediction_resistance( mbedtls_hmac_drbg_context *ctx,
int resistance ); int resistance );
/** /**
* \brief Set the amount of entropy grabbed on each reseed * \brief Set the amount of entropy grabbed on each reseed
* (Default: given by the security strength, which * (Default: given by the security strength, which
* depends on the hash used, see \c hmac_drbg_init() ) * depends on the hash used, see \c mbedtls_hmac_drbg_init() )
* *
* \param ctx HMAC_DRBG context * \param ctx HMAC_DRBG context
* \param len Amount of entropy to grab, in bytes * \param len Amount of entropy to grab, in bytes
*/ */
void hmac_drbg_set_entropy_len( hmac_drbg_context *ctx, void mbedtls_hmac_drbg_set_entropy_len( mbedtls_hmac_drbg_context *ctx,
size_t len ); size_t len );
/** /**
* \brief Set the reseed interval * \brief Set the reseed interval
* (Default: POLARSSL_HMAC_DRBG_RESEED_INTERVAL) * (Default: MBEDTLS_HMAC_DRBG_RESEED_INTERVAL)
* *
* \param ctx HMAC_DRBG context * \param ctx HMAC_DRBG context
* \param interval Reseed interval * \param interval Reseed interval
*/ */
void hmac_drbg_set_reseed_interval( hmac_drbg_context *ctx, void mbedtls_hmac_drbg_set_reseed_interval( mbedtls_hmac_drbg_context *ctx,
int interval ); int interval );
/** /**
@ -179,7 +179,7 @@ void hmac_drbg_set_reseed_interval( hmac_drbg_context *ctx,
* \note Additional data is optional, pass NULL and 0 as second * \note Additional data is optional, pass NULL and 0 as second
* third argument if no additional data is being used. * third argument if no additional data is being used.
*/ */
void hmac_drbg_update( hmac_drbg_context *ctx, void mbedtls_hmac_drbg_update( mbedtls_hmac_drbg_context *ctx,
const unsigned char *additional, size_t add_len ); const unsigned char *additional, size_t add_len );
/** /**
@ -190,9 +190,9 @@ void hmac_drbg_update( hmac_drbg_context *ctx,
* \param len Length of additional data * \param len Length of additional data
* *
* \return 0 if successful, or * \return 0 if successful, or
* POLARSSL_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED * MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED
*/ */
int hmac_drbg_reseed( hmac_drbg_context *ctx, int mbedtls_hmac_drbg_reseed( mbedtls_hmac_drbg_context *ctx,
const unsigned char *additional, size_t len ); const unsigned char *additional, size_t len );
/** /**
@ -207,11 +207,11 @@ int hmac_drbg_reseed( hmac_drbg_context *ctx,
* \param add_len Length of additional data (can be 0) * \param add_len Length of additional data (can be 0)
* *
* \return 0 if successful, or * \return 0 if successful, or
* POLARSSL_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED, or * MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED, or
* POLARSSL_ERR_HMAC_DRBG_REQUEST_TOO_BIG, or * MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG, or
* POLARSSL_ERR_HMAC_DRBG_INPUT_TOO_BIG. * MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG.
*/ */
int hmac_drbg_random_with_add( void *p_rng, int mbedtls_hmac_drbg_random_with_add( void *p_rng,
unsigned char *output, size_t output_len, unsigned char *output, size_t output_len,
const unsigned char *additional, const unsigned char *additional,
size_t add_len ); size_t add_len );
@ -226,19 +226,19 @@ int hmac_drbg_random_with_add( void *p_rng,
* \param out_len Length of the buffer * \param out_len Length of the buffer
* *
* \return 0 if successful, or * \return 0 if successful, or
* POLARSSL_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED, or * MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED, or
* POLARSSL_ERR_HMAC_DRBG_REQUEST_TOO_BIG * MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG
*/ */
int hmac_drbg_random( void *p_rng, unsigned char *output, size_t out_len ); int mbedtls_hmac_drbg_random( void *p_rng, unsigned char *output, size_t out_len );
/** /**
* \brief Free an HMAC_DRBG context * \brief Free an HMAC_DRBG context
* *
* \param ctx HMAC_DRBG context to free. * \param ctx HMAC_DRBG context to free.
*/ */
void hmac_drbg_free( hmac_drbg_context *ctx ); void mbedtls_hmac_drbg_free( mbedtls_hmac_drbg_context *ctx );
#if defined(POLARSSL_FS_IO) #if defined(MBEDTLS_FS_IO)
/** /**
* \brief Write a seed file * \brief Write a seed file
* *
@ -246,9 +246,9 @@ void hmac_drbg_free( hmac_drbg_context *ctx );
* \param path Name of the file * \param path Name of the file
* *
* \return 0 if successful, 1 on file error, or * \return 0 if successful, 1 on file error, or
* POLARSSL_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED * MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED
*/ */
int hmac_drbg_write_seed_file( hmac_drbg_context *ctx, const char *path ); int mbedtls_hmac_drbg_write_seed_file( mbedtls_hmac_drbg_context *ctx, const char *path );
/** /**
* \brief Read and update a seed file. Seed is added to this * \brief Read and update a seed file. Seed is added to this
@ -258,20 +258,20 @@ int hmac_drbg_write_seed_file( hmac_drbg_context *ctx, const char *path );
* \param path Name of the file * \param path Name of the file
* *
* \return 0 if successful, 1 on file error, * \return 0 if successful, 1 on file error,
* POLARSSL_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED or * MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED or
* POLARSSL_ERR_HMAC_DRBG_INPUT_TOO_BIG * MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG
*/ */
int hmac_drbg_update_seed_file( hmac_drbg_context *ctx, const char *path ); int mbedtls_hmac_drbg_update_seed_file( mbedtls_hmac_drbg_context *ctx, const char *path );
#endif /* POLARSSL_FS_IO */ #endif /* MBEDTLS_FS_IO */
#if defined(POLARSSL_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
/** /**
* \brief Checkup routine * \brief Checkup routine
* *
* \return 0 if successful, or 1 if the test failed * \return 0 if successful, or 1 if the test failed
*/ */
int hmac_drbg_self_test( int verbose ); int mbedtls_hmac_drbg_self_test( int verbose );
#endif #endif
#ifdef __cplusplus #ifdef __cplusplus

174
include/mbedtls/md.h
View File

@ -1,5 +1,5 @@
/** /**
* \file md.h * \file mbedtls_md.h
* *
* \brief Generic message digest wrapper * \brief Generic message digest wrapper
* *
@ -23,8 +23,8 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_MD_H #ifndef MBEDTLS_MD_H
#define POLARSSL_MD_H #define MBEDTLS_MD_H
#include <stddef.h> #include <stddef.h>
@ -36,52 +36,52 @@
#endif /* __ARMCC_VERSION */ #endif /* __ARMCC_VERSION */
#endif /*_MSC_VER */ #endif /*_MSC_VER */
#define POLARSSL_ERR_MD_FEATURE_UNAVAILABLE -0x5080 /**< The selected feature is not available. */ #define MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE -0x5080 /**< The selected feature is not available. */
#define POLARSSL_ERR_MD_BAD_INPUT_DATA -0x5100 /**< Bad input parameters to function. */ #define MBEDTLS_ERR_MD_BAD_INPUT_DATA -0x5100 /**< Bad input parameters to function. */
#define POLARSSL_ERR_MD_ALLOC_FAILED -0x5180 /**< Failed to allocate memory. */ #define MBEDTLS_ERR_MD_ALLOC_FAILED -0x5180 /**< Failed to allocate memory. */
#define POLARSSL_ERR_MD_FILE_IO_ERROR -0x5200 /**< Opening or reading of file failed. */ #define MBEDTLS_ERR_MD_FILE_IO_ERROR -0x5200 /**< Opening or reading of file failed. */
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
#endif #endif
typedef enum { typedef enum {
POLARSSL_MD_NONE=0, MBEDTLS_MD_NONE=0,
POLARSSL_MD_MD2, MBEDTLS_MD_MD2,
POLARSSL_MD_MD4, MBEDTLS_MD_MD4,
POLARSSL_MD_MD5, MBEDTLS_MD_MD5,
POLARSSL_MD_SHA1, MBEDTLS_MD_SHA1,
POLARSSL_MD_SHA224, MBEDTLS_MD_SHA224,
POLARSSL_MD_SHA256, MBEDTLS_MD_SHA256,
POLARSSL_MD_SHA384, MBEDTLS_MD_SHA384,
POLARSSL_MD_SHA512, MBEDTLS_MD_SHA512,
POLARSSL_MD_RIPEMD160, MBEDTLS_MD_RIPEMD160,
} md_type_t; } mbedtls_md_type_t;
#if defined(POLARSSL_SHA512_C) #if defined(MBEDTLS_SHA512_C)
#define POLARSSL_MD_MAX_SIZE 64 /* longest known is SHA512 */ #define MBEDTLS_MD_MAX_SIZE 64 /* longest known is SHA512 */
#else #else
#define POLARSSL_MD_MAX_SIZE 32 /* longest known is SHA256 or less */ #define MBEDTLS_MD_MAX_SIZE 32 /* longest known is SHA256 or less */
#endif #endif
/** /**
* Opaque struct defined in md_wrap.h * Opaque struct defined in md_wrap.h
*/ */
typedef struct _md_info_t md_info_t; typedef struct mbedtls_md_info_t mbedtls_md_info_t;
/** /**
* Generic message digest context. * Generic message digest context.
*/ */
typedef struct { typedef struct {
/** Information about the associated message digest */ /** Information about the associated message digest */
const md_info_t *md_info; const mbedtls_md_info_t *md_info;
/** Digest-specific context */ /** Digest-specific context */
void *md_ctx; void *md_ctx;
/** HMAC part of the context */ /** HMAC part of the context */
void *hmac_ctx; void *hmac_ctx;
} md_context_t; } mbedtls_md_context_t;
/** /**
* \brief Returns the list of digests supported by the generic digest module. * \brief Returns the list of digests supported by the generic digest module.
@ -89,7 +89,7 @@ typedef struct {
* \return a statically allocated array of digests, the last entry * \return a statically allocated array of digests, the last entry
* is 0. * is 0.
*/ */
const int *md_list( void ); const int *mbedtls_md_list( void );
/** /**
* \brief Returns the message digest information associated with the * \brief Returns the message digest information associated with the
@ -100,7 +100,7 @@ const int *md_list( void );
* \return The message digest information associated with md_name or * \return The message digest information associated with md_name or
* NULL if not found. * NULL if not found.
*/ */
const md_info_t *md_info_from_string( const char *md_name ); const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name );
/** /**
* \brief Returns the message digest information associated with the * \brief Returns the message digest information associated with the
@ -111,50 +111,50 @@ const md_info_t *md_info_from_string( const char *md_name );
* \return The message digest information associated with md_type or * \return The message digest information associated with md_type or
* NULL if not found. * NULL if not found.
*/ */
const md_info_t *md_info_from_type( md_type_t md_type ); const mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type );
/** /**
* \brief Initialize a md_context (as NONE) * \brief Initialize a md_context (as NONE)
* This should always be called first. * This should always be called first.
* Prepares the context for md_setup() or md_free(). * Prepares the context for mbedtls_md_setup() or mbedtls_md_free().
*/ */
void md_init( md_context_t *ctx ); void mbedtls_md_init( mbedtls_md_context_t *ctx );
/** /**
* \brief Free and clear the internal structures of ctx. * \brief Free and clear the internal structures of ctx.
* Can be called at any time after md_init(). * Can be called at any time after mbedtls_md_init().
* Mandatory once md_setup() has been called. * Mandatory once mbedtls_md_setup() has been called.
*/ */
void md_free( md_context_t *ctx ); void mbedtls_md_free( mbedtls_md_context_t *ctx );
#if ! defined(POLARSSL_DEPRECATED_REMOVED) #if ! defined(MBEDTLS_DEPRECATED_REMOVED)
#if defined(POLARSSL_DEPRECATED_WARNING) #if defined(MBEDTLS_DEPRECATED_WARNING)
#define DEPRECATED __attribute__((deprecated)) #define MBEDTLS_DEPRECATED __attribute__((deprecated))
#else #else
#define DEPRECATED #define MBEDTLS_DEPRECATED
#endif #endif
/** /**
* \brief Select MD to use and allocate internal structures. * \brief Select MD to use and allocate internal structures.
* Should be called after md_init() or md_free(). * Should be called after mbedtls_md_init() or mbedtls_md_free().
* Makes it necessary to call md_free() later. * Makes it necessary to call mbedtls_md_free() later.
* *
* \deprecated Superseded by md_setup() in 2.0.0 * \deprecated Superseded by mbedtls_md_setup() in 2.0.0
* *
* \param ctx Context to set up. * \param ctx Context to set up.
* \param md_info Message digest to use. * \param md_info Message digest to use.
* *
* \returns \c 0 on success, * \returns \c 0 on success,
* \c POLARSSL_ERR_MD_BAD_INPUT_DATA on parameter failure, * \c MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter failure,
* \c POLARSSL_ERR_MD_ALLOC_FAILED memory allocation failure. * \c MBEDTLS_ERR_MD_ALLOC_FAILED memory allocation failure.
*/ */
int md_init_ctx( md_context_t *ctx, const md_info_t *md_info ) DEPRECATED; int mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info ) MBEDTLS_DEPRECATED;
#undef DEPRECATED #undef MBEDTLS_DEPRECATED
#endif /* POLARSSL_DEPRECATED_REMOVED */ #endif /* MBEDTLS_DEPRECATED_REMOVED */
/** /**
* \brief Select MD to use and allocate internal structures. * \brief Select MD to use and allocate internal structures.
* Should be called after md_init() or md_free(). * Should be called after mbedtls_md_init() or mbedtls_md_free().
* Makes it necessary to call md_free() later. * Makes it necessary to call mbedtls_md_free() later.
* *
* \param ctx Context to set up. * \param ctx Context to set up.
* \param md_info Message digest to use. * \param md_info Message digest to use.
@ -162,10 +162,10 @@ int md_init_ctx( md_context_t *ctx, const md_info_t *md_info ) DEPRECATED;
* non-zero is HMAC is going to be used with this context. * non-zero is HMAC is going to be used with this context.
* *
* \returns \c 0 on success, * \returns \c 0 on success,
* \c POLARSSL_ERR_MD_BAD_INPUT_DATA on parameter failure, * \c MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter failure,
* \c POLARSSL_ERR_MD_ALLOC_FAILED memory allocation failure. * \c MBEDTLS_ERR_MD_ALLOC_FAILED memory allocation failure.
*/ */
int md_setup( md_context_t *ctx, const md_info_t *md_info, int hmac ); int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac );
/** /**
* \brief Returns the size of the message digest output. * \brief Returns the size of the message digest output.
@ -174,7 +174,7 @@ int md_setup( md_context_t *ctx, const md_info_t *md_info, int hmac );
* *
* \return size of the message digest output. * \return size of the message digest output.
*/ */
unsigned char md_get_size( const md_info_t *md_info ); unsigned char mbedtls_md_get_size( const mbedtls_md_info_t *md_info );
/** /**
* \brief Returns the type of the message digest output. * \brief Returns the type of the message digest output.
@ -183,7 +183,7 @@ unsigned char md_get_size( const md_info_t *md_info );
* *
* \return type of the message digest output. * \return type of the message digest output.
*/ */
md_type_t md_get_type( const md_info_t *md_info ); mbedtls_md_type_t mbedtls_md_get_type( const mbedtls_md_info_t *md_info );
/** /**
* \brief Returns the name of the message digest output. * \brief Returns the name of the message digest output.
@ -192,46 +192,46 @@ md_type_t md_get_type( const md_info_t *md_info );
* *
* \return name of the message digest output. * \return name of the message digest output.
*/ */
const char *md_get_name( const md_info_t *md_info ); const char *mbedtls_md_get_name( const mbedtls_md_info_t *md_info );
/** /**
* \brief Prepare the context to digest a new message. * \brief Prepare the context to digest a new message.
* Generally called after md_setup() or md_finish(). * Generally called after mbedtls_md_setup() or mbedtls_md_finish().
* Followed by md_update(). * Followed by mbedtls_md_update().
* *
* \param ctx generic message digest context. * \param ctx generic message digest context.
* *
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter * \returns 0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
* verification fails. * verification fails.
*/ */
int md_starts( md_context_t *ctx ); int mbedtls_md_starts( mbedtls_md_context_t *ctx );
/** /**
* \brief Generic message digest process buffer * \brief Generic message digest process buffer
* Called between md_starts() and md_finish(). * Called between mbedtls_md_starts() and mbedtls_md_finish().
* May be called repeatedly. * May be called repeatedly.
* *
* \param ctx Generic message digest context * \param ctx Generic message digest context
* \param input buffer holding the datal * \param input buffer holding the datal
* \param ilen length of the input data * \param ilen length of the input data
* *
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter * \returns 0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
* verification fails. * verification fails.
*/ */
int md_update( md_context_t *ctx, const unsigned char *input, size_t ilen ); int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen );
/** /**
* \brief Generic message digest final digest * \brief Generic message digest final digest
* Called after md_update(). * Called after mbedtls_md_update().
* Usually followed by md_free() or md_starts(). * Usually followed by mbedtls_md_free() or mbedtls_md_starts().
* *
* \param ctx Generic message digest context * \param ctx Generic message digest context
* \param output Generic message digest checksum result * \param output Generic message digest checksum result
* *
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter * \returns 0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
* verification fails. * verification fails.
*/ */
int md_finish( md_context_t *ctx, unsigned char *output ); int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output );
/** /**
* \brief Output = message_digest( input buffer ) * \brief Output = message_digest( input buffer )
@ -241,10 +241,10 @@ int md_finish( md_context_t *ctx, unsigned char *output );
* \param ilen length of the input data * \param ilen length of the input data
* \param output Generic message digest checksum result * \param output Generic message digest checksum result
* *
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter * \returns 0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
* verification fails. * verification fails.
*/ */
int md( const md_info_t *md_info, const unsigned char *input, size_t ilen, int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen,
unsigned char *output ); unsigned char *output );
/** /**
@ -255,66 +255,66 @@ int md( const md_info_t *md_info, const unsigned char *input, size_t ilen,
* \param output generic message digest checksum result * \param output generic message digest checksum result
* *
* \return 0 if successful, * \return 0 if successful,
* POLARSSL_ERR_MD_FILE_IO_ERROR if file input failed, * MBEDTLS_ERR_MD_FILE_IO_ERROR if file input failed,
* POLARSSL_ERR_MD_BAD_INPUT_DATA if md_info was NULL. * MBEDTLS_ERR_MD_BAD_INPUT_DATA if md_info was NULL.
*/ */
int md_file( const md_info_t *md_info, const char *path, int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path,
unsigned char *output ); unsigned char *output );
/** /**
* \brief Set HMAC key and prepare to authenticate a new message. * \brief Set HMAC key and prepare to authenticate a new message.
* Usually called after md_setup() or md_hmac_finish(). * Usually called after mbedtls_md_setup() or mbedtls_md_hmac_finish().
* *
* \param ctx HMAC context * \param ctx HMAC context
* \param key HMAC secret key * \param key HMAC secret key
* \param keylen length of the HMAC key * \param keylen length of the HMAC key
* *
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter * \returns 0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
* verification fails. * verification fails.
*/ */
int md_hmac_starts( md_context_t *ctx, const unsigned char *key, int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key,
size_t keylen ); size_t keylen );
/** /**
* \brief Generic HMAC process buffer. * \brief Generic HMAC process buffer.
* Called between md_hmac_starts() or md_hmac_reset() * Called between mbedtls_md_hmac_starts() or mbedtls_md_hmac_reset()
* and md_hmac_finish(). * and mbedtls_md_hmac_finish().
* May be called repeatedly. * May be called repeatedly.
* *
* \param ctx HMAC context * \param ctx HMAC context
* \param input buffer holding the data * \param input buffer holding the data
* \param ilen length of the input data * \param ilen length of the input data
* *
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter * \returns 0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
* verification fails. * verification fails.
*/ */
int md_hmac_update( md_context_t *ctx, const unsigned char *input, int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const unsigned char *input,
size_t ilen ); size_t ilen );
/** /**
* \brief Output HMAC. * \brief Output HMAC.
* Called after md_hmac_update(). * Called after mbedtls_md_hmac_update().
* Usually followed my md_hmac_reset(), md_hmac_starts(), * Usually followed my mbedtls_md_hmac_reset(), mbedtls_md_hmac_starts(),
* or md_free(). * or mbedtls_md_free().
* *
* \param ctx HMAC context * \param ctx HMAC context
* \param output Generic HMAC checksum result * \param output Generic HMAC checksum result
* *
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter * \returns 0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
* verification fails. * verification fails.
*/ */
int md_hmac_finish( md_context_t *ctx, unsigned char *output); int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output);
/** /**
* \brief Prepare to authenticate a new message with the same key. * \brief Prepare to authenticate a new message with the same key.
* Called after md_hmac_finish() and before md_hmac_update(). * Called after mbedtls_md_hmac_finish() and before mbedtls_md_hmac_update().
* *
* \param ctx HMAC context to be reset * \param ctx HMAC context to be reset
* *
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter * \returns 0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
* verification fails. * verification fails.
*/ */
int md_hmac_reset( md_context_t *ctx ); int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx );
/** /**
* \brief Output = Generic_HMAC( hmac key, input buffer ) * \brief Output = Generic_HMAC( hmac key, input buffer )
@ -326,18 +326,18 @@ int md_hmac_reset( md_context_t *ctx );
* \param ilen length of the input data * \param ilen length of the input data
* \param output Generic HMAC-result * \param output Generic HMAC-result
* *
* \returns 0 on success, POLARSSL_ERR_MD_BAD_INPUT_DATA if parameter * \returns 0 on success, MBEDTLS_ERR_MD_BAD_INPUT_DATA if parameter
* verification fails. * verification fails.
*/ */
int md_hmac( const md_info_t *md_info, const unsigned char *key, size_t keylen, int mbedtls_md_hmac( const mbedtls_md_info_t *md_info, const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen, const unsigned char *input, size_t ilen,
unsigned char *output ); unsigned char *output );
/* Internal use */ /* Internal use */
int md_process( md_context_t *ctx, const unsigned char *data ); int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data );
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#endif /* POLARSSL_MD_H */ #endif /* MBEDTLS_MD_H */

42
include/mbedtls/md2.h
View File

@ -1,5 +1,5 @@
/** /**
* \file md2.h * \file mbedtls_md2.h
* *
* \brief MD2 message digest algorithm (hash function) * \brief MD2 message digest algorithm (hash function)
* *
@ -21,20 +21,20 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_MD2_H #ifndef MBEDTLS_MD2_H
#define POLARSSL_MD2_H #define MBEDTLS_MD2_H
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h" #include "config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#include <stddef.h> #include <stddef.h>
#define POLARSSL_ERR_MD2_FILE_IO_ERROR -0x0070 /**< Read/write error in file. */ #define MBEDTLS_ERR_MD2_FILE_IO_ERROR -0x0070 /**< Read/write error in file. */
#if !defined(POLARSSL_MD2_ALT) #if !defined(MBEDTLS_MD2_ALT)
// Regular implementation // Regular implementation
// //
@ -52,28 +52,28 @@ typedef struct
unsigned char buffer[16]; /*!< data block being processed */ unsigned char buffer[16]; /*!< data block being processed */
size_t left; /*!< amount of data in buffer */ size_t left; /*!< amount of data in buffer */
} }
md2_context; mbedtls_md2_context;
/** /**
* \brief Initialize MD2 context * \brief Initialize MD2 context
* *
* \param ctx MD2 context to be initialized * \param ctx MD2 context to be initialized
*/ */
void md2_init( md2_context *ctx ); void mbedtls_md2_init( mbedtls_md2_context *ctx );
/** /**
* \brief Clear MD2 context * \brief Clear MD2 context
* *
* \param ctx MD2 context to be cleared * \param ctx MD2 context to be cleared
*/ */
void md2_free( md2_context *ctx ); void mbedtls_md2_free( mbedtls_md2_context *ctx );
/** /**
* \brief MD2 context setup * \brief MD2 context setup
* *
* \param ctx context to be initialized * \param ctx context to be initialized
*/ */
void md2_starts( md2_context *ctx ); void mbedtls_md2_starts( mbedtls_md2_context *ctx );
/** /**
* \brief MD2 process buffer * \brief MD2 process buffer
@ -82,7 +82,7 @@ void md2_starts( md2_context *ctx );
* \param input buffer holding the data * \param input buffer holding the data
* \param ilen length of the input data * \param ilen length of the input data
*/ */
void md2_update( md2_context *ctx, const unsigned char *input, size_t ilen ); void mbedtls_md2_update( mbedtls_md2_context *ctx, const unsigned char *input, size_t ilen );
/** /**
* \brief MD2 final digest * \brief MD2 final digest
@ -90,15 +90,15 @@ void md2_update( md2_context *ctx, const unsigned char *input, size_t ilen );
* \param ctx MD2 context * \param ctx MD2 context
* \param output MD2 checksum result * \param output MD2 checksum result
*/ */
void md2_finish( md2_context *ctx, unsigned char output[16] ); void mbedtls_md2_finish( mbedtls_md2_context *ctx, unsigned char output[16] );
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#else /* POLARSSL_MD2_ALT */ #else /* MBEDTLS_MD2_ALT */
#include "md2_alt.h" #include "md2_alt.h"
#endif /* POLARSSL_MD2_ALT */ #endif /* MBEDTLS_MD2_ALT */
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
@ -111,7 +111,7 @@ extern "C" {
* \param ilen length of the input data * \param ilen length of the input data
* \param output MD2 checksum result * \param output MD2 checksum result
*/ */
void md2( const unsigned char *input, size_t ilen, unsigned char output[16] ); void mbedtls_md2( const unsigned char *input, size_t ilen, unsigned char output[16] );
/** /**
* \brief Output = MD2( file contents ) * \brief Output = MD2( file contents )
@ -119,22 +119,22 @@ void md2( const unsigned char *input, size_t ilen, unsigned char output[16] );
* \param path input file name * \param path input file name
* \param output MD2 checksum result * \param output MD2 checksum result
* *
* \return 0 if successful, or POLARSSL_ERR_MD2_FILE_IO_ERROR * \return 0 if successful, or MBEDTLS_ERR_MD2_FILE_IO_ERROR
*/ */
int md2_file( const char *path, unsigned char output[16] ); int mbedtls_md2_file( const char *path, unsigned char output[16] );
/** /**
* \brief Checkup routine * \brief Checkup routine
* *
* \return 0 if successful, or 1 if the test failed * \return 0 if successful, or 1 if the test failed
*/ */
int md2_self_test( int verbose ); int mbedtls_md2_self_test( int verbose );
/* Internal use */ /* Internal use */
void md2_process( md2_context *ctx ); void mbedtls_md2_process( mbedtls_md2_context *ctx );
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#endif /* md2.h */ #endif /* mbedtls_md2.h */

42
include/mbedtls/md4.h
View File

@ -1,5 +1,5 @@
/** /**
* \file md4.h * \file mbedtls_md4.h
* *
* \brief MD4 message digest algorithm (hash function) * \brief MD4 message digest algorithm (hash function)
* *
@ -21,13 +21,13 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_MD4_H #ifndef MBEDTLS_MD4_H
#define POLARSSL_MD4_H #define MBEDTLS_MD4_H
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h" #include "config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#include <stddef.h> #include <stddef.h>
@ -39,9 +39,9 @@ typedef UINT32 uint32_t;
#include <inttypes.h> #include <inttypes.h>
#endif #endif
#define POLARSSL_ERR_MD4_FILE_IO_ERROR -0x0072 /**< Read/write error in file. */ #define MBEDTLS_ERR_MD4_FILE_IO_ERROR -0x0072 /**< Read/write error in file. */
#if !defined(POLARSSL_MD4_ALT) #if !defined(MBEDTLS_MD4_ALT)
// Regular implementation // Regular implementation
// //
@ -58,28 +58,28 @@ typedef struct
uint32_t state[4]; /*!< intermediate digest state */ uint32_t state[4]; /*!< intermediate digest state */
unsigned char buffer[64]; /*!< data block being processed */ unsigned char buffer[64]; /*!< data block being processed */
} }
md4_context; mbedtls_md4_context;
/** /**
* \brief Initialize MD4 context * \brief Initialize MD4 context
* *
* \param ctx MD4 context to be initialized * \param ctx MD4 context to be initialized
*/ */
void md4_init( md4_context *ctx ); void mbedtls_md4_init( mbedtls_md4_context *ctx );
/** /**
* \brief Clear MD4 context * \brief Clear MD4 context
* *
* \param ctx MD4 context to be cleared * \param ctx MD4 context to be cleared
*/ */
void md4_free( md4_context *ctx ); void mbedtls_md4_free( mbedtls_md4_context *ctx );
/** /**
* \brief MD4 context setup * \brief MD4 context setup
* *
* \param ctx context to be initialized * \param ctx context to be initialized
*/ */
void md4_starts( md4_context *ctx ); void mbedtls_md4_starts( mbedtls_md4_context *ctx );
/** /**
* \brief MD4 process buffer * \brief MD4 process buffer
@ -88,7 +88,7 @@ void md4_starts( md4_context *ctx );
* \param input buffer holding the data * \param input buffer holding the data
* \param ilen length of the input data * \param ilen length of the input data
*/ */
void md4_update( md4_context *ctx, const unsigned char *input, size_t ilen ); void mbedtls_md4_update( mbedtls_md4_context *ctx, const unsigned char *input, size_t ilen );
/** /**
* \brief MD4 final digest * \brief MD4 final digest
@ -96,15 +96,15 @@ void md4_update( md4_context *ctx, const unsigned char *input, size_t ilen );
* \param ctx MD4 context * \param ctx MD4 context
* \param output MD4 checksum result * \param output MD4 checksum result
*/ */
void md4_finish( md4_context *ctx, unsigned char output[16] ); void mbedtls_md4_finish( mbedtls_md4_context *ctx, unsigned char output[16] );
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#else /* POLARSSL_MD4_ALT */ #else /* MBEDTLS_MD4_ALT */
#include "md4_alt.h" #include "md4_alt.h"
#endif /* POLARSSL_MD4_ALT */ #endif /* MBEDTLS_MD4_ALT */
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
@ -117,7 +117,7 @@ extern "C" {
* \param ilen length of the input data * \param ilen length of the input data
* \param output MD4 checksum result * \param output MD4 checksum result
*/ */
void md4( const unsigned char *input, size_t ilen, unsigned char output[16] ); void mbedtls_md4( const unsigned char *input, size_t ilen, unsigned char output[16] );
/** /**
* \brief Output = MD4( file contents ) * \brief Output = MD4( file contents )
@ -125,22 +125,22 @@ void md4( const unsigned char *input, size_t ilen, unsigned char output[16] );
* \param path input file name * \param path input file name
* \param output MD4 checksum result * \param output MD4 checksum result
* *
* \return 0 if successful, or POLARSSL_ERR_MD4_FILE_IO_ERROR * \return 0 if successful, or MBEDTLS_ERR_MD4_FILE_IO_ERROR
*/ */
int md4_file( const char *path, unsigned char output[16] ); int mbedtls_md4_file( const char *path, unsigned char output[16] );
/** /**
* \brief Checkup routine * \brief Checkup routine
* *
* \return 0 if successful, or 1 if the test failed * \return 0 if successful, or 1 if the test failed
*/ */
int md4_self_test( int verbose ); int mbedtls_md4_self_test( int verbose );
/* Internal use */ /* Internal use */
void md4_process( md4_context *ctx, const unsigned char data[64] ); void mbedtls_md4_process( mbedtls_md4_context *ctx, const unsigned char data[64] );
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#endif /* md4.h */ #endif /* mbedtls_md4.h */

42
include/mbedtls/md5.h
View File

@ -1,5 +1,5 @@
/** /**
* \file md5.h * \file mbedtls_md5.h
* *
* \brief MD5 message digest algorithm (hash function) * \brief MD5 message digest algorithm (hash function)
* *
@ -21,13 +21,13 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_MD5_H #ifndef MBEDTLS_MD5_H
#define POLARSSL_MD5_H #define MBEDTLS_MD5_H
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h" #include "config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#include <stddef.h> #include <stddef.h>
@ -39,9 +39,9 @@ typedef UINT32 uint32_t;
#include <inttypes.h> #include <inttypes.h>
#endif #endif
#define POLARSSL_ERR_MD5_FILE_IO_ERROR -0x0074 /**< Read/write error in file. */ #define MBEDTLS_ERR_MD5_FILE_IO_ERROR -0x0074 /**< Read/write error in file. */
#if !defined(POLARSSL_MD5_ALT) #if !defined(MBEDTLS_MD5_ALT)
// Regular implementation // Regular implementation
// //
@ -58,28 +58,28 @@ typedef struct
uint32_t state[4]; /*!< intermediate digest state */ uint32_t state[4]; /*!< intermediate digest state */
unsigned char buffer[64]; /*!< data block being processed */ unsigned char buffer[64]; /*!< data block being processed */
} }
md5_context; mbedtls_md5_context;
/** /**
* \brief Initialize MD5 context * \brief Initialize MD5 context
* *
* \param ctx MD5 context to be initialized * \param ctx MD5 context to be initialized
*/ */
void md5_init( md5_context *ctx ); void mbedtls_md5_init( mbedtls_md5_context *ctx );
/** /**
* \brief Clear MD5 context * \brief Clear MD5 context
* *
* \param ctx MD5 context to be cleared * \param ctx MD5 context to be cleared
*/ */
void md5_free( md5_context *ctx ); void mbedtls_md5_free( mbedtls_md5_context *ctx );
/** /**
* \brief MD5 context setup * \brief MD5 context setup
* *
* \param ctx context to be initialized * \param ctx context to be initialized
*/ */
void md5_starts( md5_context *ctx ); void mbedtls_md5_starts( mbedtls_md5_context *ctx );
/** /**
* \brief MD5 process buffer * \brief MD5 process buffer
@ -88,7 +88,7 @@ void md5_starts( md5_context *ctx );
* \param input buffer holding the data * \param input buffer holding the data
* \param ilen length of the input data * \param ilen length of the input data
*/ */
void md5_update( md5_context *ctx, const unsigned char *input, size_t ilen ); void mbedtls_md5_update( mbedtls_md5_context *ctx, const unsigned char *input, size_t ilen );
/** /**
* \brief MD5 final digest * \brief MD5 final digest
@ -96,18 +96,18 @@ void md5_update( md5_context *ctx, const unsigned char *input, size_t ilen );
* \param ctx MD5 context * \param ctx MD5 context
* \param output MD5 checksum result * \param output MD5 checksum result
*/ */
void md5_finish( md5_context *ctx, unsigned char output[16] ); void mbedtls_md5_finish( mbedtls_md5_context *ctx, unsigned char output[16] );
/* Internal use */ /* Internal use */
void md5_process( md5_context *ctx, const unsigned char data[64] ); void mbedtls_md5_process( mbedtls_md5_context *ctx, const unsigned char data[64] );
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#else /* POLARSSL_MD5_ALT */ #else /* MBEDTLS_MD5_ALT */
#include "md5_alt.h" #include "md5_alt.h"
#endif /* POLARSSL_MD5_ALT */ #endif /* MBEDTLS_MD5_ALT */
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
@ -120,7 +120,7 @@ extern "C" {
* \param ilen length of the input data * \param ilen length of the input data
* \param output MD5 checksum result * \param output MD5 checksum result
*/ */
void md5( const unsigned char *input, size_t ilen, unsigned char output[16] ); void mbedtls_md5( const unsigned char *input, size_t ilen, unsigned char output[16] );
/** /**
* \brief Output = MD5( file contents ) * \brief Output = MD5( file contents )
@ -128,19 +128,19 @@ void md5( const unsigned char *input, size_t ilen, unsigned char output[16] );
* \param path input file name * \param path input file name
* \param output MD5 checksum result * \param output MD5 checksum result
* *
* \return 0 if successful, or POLARSSL_ERR_MD5_FILE_IO_ERROR * \return 0 if successful, or MBEDTLS_ERR_MD5_FILE_IO_ERROR
*/ */
int md5_file( const char *path, unsigned char output[16] ); int mbedtls_md5_file( const char *path, unsigned char output[16] );
/** /**
* \brief Checkup routine * \brief Checkup routine
* *
* \return 0 if successful, or 1 if the test failed * \return 0 if successful, or 1 if the test failed
*/ */
int md5_self_test( int verbose ); int mbedtls_md5_self_test( int verbose );
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#endif /* md5.h */ #endif /* mbedtls_md5.h */

46
include/mbedtls/md_wrap.h
View File

@ -25,13 +25,13 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_MD_WRAP_H #ifndef MBEDTLS_MD_WRAP_H
#define POLARSSL_MD_WRAP_H #define MBEDTLS_MD_WRAP_H
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h" #include "config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#include "md.h" #include "md.h"
@ -44,10 +44,10 @@ extern "C" {
* Message digest information. * Message digest information.
* Allows message digest functions to be called in a generic way. * Allows message digest functions to be called in a generic way.
*/ */
struct _md_info_t struct mbedtls_md_info_t
{ {
/** Digest identifier */ /** Digest identifier */
md_type_t type; mbedtls_md_type_t type;
/** Name of the message digest */ /** Name of the message digest */
const char * name; const char * name;
@ -84,32 +84,32 @@ struct _md_info_t
void (*process_func)( void *ctx, const unsigned char *input ); void (*process_func)( void *ctx, const unsigned char *input );
}; };
#if defined(POLARSSL_MD2_C) #if defined(MBEDTLS_MD2_C)
extern const md_info_t md2_info; extern const mbedtls_md_info_t mbedtls_md2_info;
#endif #endif
#if defined(POLARSSL_MD4_C) #if defined(MBEDTLS_MD4_C)
extern const md_info_t md4_info; extern const mbedtls_md_info_t mbedtls_md4_info;
#endif #endif
#if defined(POLARSSL_MD5_C) #if defined(MBEDTLS_MD5_C)
extern const md_info_t md5_info; extern const mbedtls_md_info_t mbedtls_md5_info;
#endif #endif
#if defined(POLARSSL_RIPEMD160_C) #if defined(MBEDTLS_RIPEMD160_C)
extern const md_info_t ripemd160_info; extern const mbedtls_md_info_t mbedtls_ripemd160_info;
#endif #endif
#if defined(POLARSSL_SHA1_C) #if defined(MBEDTLS_SHA1_C)
extern const md_info_t sha1_info; extern const mbedtls_md_info_t mbedtls_sha1_info;
#endif #endif
#if defined(POLARSSL_SHA256_C) #if defined(MBEDTLS_SHA256_C)
extern const md_info_t sha224_info; extern const mbedtls_md_info_t mbedtls_sha224_info;
extern const md_info_t sha256_info; extern const mbedtls_md_info_t mbedtls_sha256_info;
#endif #endif
#if defined(POLARSSL_SHA512_C) #if defined(MBEDTLS_SHA512_C)
extern const md_info_t sha384_info; extern const mbedtls_md_info_t mbedtls_sha384_info;
extern const md_info_t sha512_info; extern const mbedtls_md_info_t mbedtls_sha512_info;
#endif #endif
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#endif /* POLARSSL_MD_WRAP_H */ #endif /* MBEDTLS_MD_WRAP_H */

64
include/mbedtls/memory_buffer_alloc.h
View File

@ -21,13 +21,13 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_MEMORY_BUFFER_ALLOC_H #ifndef MBEDTLS_MEMORY_BUFFER_ALLOC_H
#define POLARSSL_MEMORY_BUFFER_ALLOC_H #define MBEDTLS_MEMORY_BUFFER_ALLOC_H
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h" #include "config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#include <stddef.h> #include <stddef.h>
@ -40,16 +40,16 @@
* \{ * \{
*/ */
#if !defined(POLARSSL_MEMORY_ALIGN_MULTIPLE) #if !defined(MBEDTLS_MEMORY_ALIGN_MULTIPLE)
#define POLARSSL_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */ #define MBEDTLS_MEMORY_ALIGN_MULTIPLE 4 /**< Align on multiples of this value */
#endif #endif
/* \} name SECTION: Module settings */ /* \} name SECTION: Module settings */
#define MEMORY_VERIFY_NONE 0 #define MBEDTLS_MEMORY_VERIFY_NONE 0
#define MEMORY_VERIFY_ALLOC (1 << 0) #define MBEDTLS_MEMORY_VERIFY_ALLOC (1 << 0)
#define MEMORY_VERIFY_FREE (1 << 1) #define MBEDTLS_MEMORY_VERIFY_FREE (1 << 1)
#define MEMORY_VERIFY_ALWAYS (MEMORY_VERIFY_ALLOC | MEMORY_VERIFY_FREE) #define MBEDTLS_MEMORY_VERIFY_ALWAYS (MBEDTLS_MEMORY_VERIFY_ALLOC | MBEDTLS_MEMORY_VERIFY_FREE)
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
@ -59,10 +59,10 @@ extern "C" {
* \brief Initialize use of stack-based memory allocator. * \brief Initialize use of stack-based memory allocator.
* The stack-based allocator does memory management inside the * The stack-based allocator does memory management inside the
* presented buffer and does not call malloc() and free(). * presented buffer and does not call malloc() and free().
* It sets the global polarssl_malloc() and polarssl_free() pointers * It sets the global mbedtls_malloc() and mbedtls_free() pointers
* to its own functions. * to its own functions.
* (Provided polarssl_malloc() and polarssl_free() are thread-safe if * (Provided mbedtls_malloc() and mbedtls_free() are thread-safe if
* POLARSSL_THREADING_C is defined) * MBEDTLS_THREADING_C is defined)
* *
* \note This code is not optimized and provides a straight-forward * \note This code is not optimized and provides a straight-forward
* implementation of a stack-based memory allocator. * implementation of a stack-based memory allocator.
@ -72,31 +72,31 @@ extern "C" {
* *
* \return 0 if successful * \return 0 if successful
*/ */
int memory_buffer_alloc_init( unsigned char *buf, size_t len ); int mbedtls_memory_buffer_alloc_init( unsigned char *buf, size_t len );
/** /**
* \brief Free the mutex for thread-safety and clear remaining memory * \brief Free the mutex for thread-safety and clear remaining memory
*/ */
void memory_buffer_alloc_free( void ); void mbedtls_memory_buffer_alloc_free( void );
/** /**
* \brief Determine when the allocator should automatically verify the state * \brief Determine when the allocator should automatically verify the state
* of the entire chain of headers / meta-data. * of the entire chain of headers / meta-data.
* (Default: MEMORY_VERIFY_NONE) * (Default: MBEDTLS_MEMORY_VERIFY_NONE)
* *
* \param verify One of MEMORY_VERIFY_NONE, MEMORY_VERIFY_ALLOC, * \param verify One of MBEDTLS_MEMORY_VERIFY_NONE, MBEDTLS_MEMORY_VERIFY_ALLOC,
* MEMORY_VERIFY_FREE or MEMORY_VERIFY_ALWAYS * MBEDTLS_MEMORY_VERIFY_FREE or MBEDTLS_MEMORY_VERIFY_ALWAYS
*/ */
void memory_buffer_set_verify( int verify ); void mbedtls_memory_buffer_set_verify( int verify );
#if defined(POLARSSL_MEMORY_DEBUG) #if defined(MBEDTLS_MEMORY_DEBUG)
/** /**
* \brief Print out the status of the allocated memory (primarily for use * \brief Print out the status of the allocated memory (primarily for use
* after a program should have de-allocated all memory) * after a program should have de-allocated all memory)
* Prints out a list of 'still allocated' blocks and their stack * Prints out a list of 'still allocated' blocks and their stack
* trace if POLARSSL_MEMORY_BACKTRACE is defined. * trace if MBEDTLS_MEMORY_BACKTRACE is defined.
*/ */
void memory_buffer_alloc_status( void ); void mbedtls_memory_buffer_alloc_status( void );
/** /**
* \brief Get the peak heap usage so far * \brief Get the peak heap usage so far
@ -104,12 +104,12 @@ void memory_buffer_alloc_status( void );
* \param max_used Peak number of bytes reauested by the application * \param max_used Peak number of bytes reauested by the application
* \param max_blocks Peak number of blocks reauested by the application * \param max_blocks Peak number of blocks reauested by the application
*/ */
void memory_buffer_alloc_max_get( size_t *max_used, size_t *max_blocks ); void mbedtls_memory_buffer_alloc_max_get( size_t *max_used, size_t *max_blocks );
/** /**
* \brief Reset peak statistics * \brief Reset peak statistics
*/ */
void memory_buffer_alloc_max_reset( void ); void mbedtls_memory_buffer_alloc_max_reset( void );
/** /**
* \brief Get the current heap usage * \brief Get the current heap usage
@ -117,29 +117,29 @@ void memory_buffer_alloc_max_reset( void );
* \param cur_used Number of bytes reauested by the application * \param cur_used Number of bytes reauested by the application
* \param cur_blocks Number of blocks reauested by the application * \param cur_blocks Number of blocks reauested by the application
*/ */
void memory_buffer_alloc_cur_get( size_t *cur_used, size_t *cur_blocks ); void mbedtls_memory_buffer_alloc_cur_get( size_t *cur_used, size_t *cur_blocks );
#endif /* POLARSSL_MEMORY_DEBUG */ #endif /* MBEDTLS_MEMORY_DEBUG */
/** /**
* \brief Verifies that all headers in the memory buffer are correct * \brief Verifies that all headers in the memory buffer are correct
* and contain sane values. Helps debug buffer-overflow errors. * and contain sane values. Helps debug buffer-overflow errors.
* *
* Prints out first failure if POLARSSL_MEMORY_DEBUG is defined. * Prints out first failure if MBEDTLS_MEMORY_DEBUG is defined.
* Prints out full header information if POLARSSL_MEMORY_DEBUG * Prints out full header information if MBEDTLS_MEMORY_DEBUG
* is defined. (Includes stack trace information for each block if * is defined. (Includes stack trace information for each block if
* POLARSSL_MEMORY_BACKTRACE is defined as well). * MBEDTLS_MEMORY_BACKTRACE is defined as well).
* *
* \returns 0 if verified, 1 otherwise * \returns 0 if verified, 1 otherwise
*/ */
int memory_buffer_alloc_verify( void ); int mbedtls_memory_buffer_alloc_verify( void );
#if defined(POLARSSL_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
/** /**
* \brief Checkup routine * \brief Checkup routine
* *
* \return 0 if successful, or 1 if a test failed * \return 0 if successful, or 1 if a test failed
*/ */
int memory_buffer_alloc_self_test( int verbose ); int mbedtls_memory_buffer_alloc_self_test( int verbose );
#endif #endif
#ifdef __cplusplus #ifdef __cplusplus

96
include/mbedtls/net.h
View File

@ -21,43 +21,43 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_NET_H #ifndef MBEDTLS_NET_H
#define POLARSSL_NET_H #define MBEDTLS_NET_H
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h" #include "config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#include <stddef.h> #include <stddef.h>
#if defined(POLARSSL_HAVE_TIME) #if defined(MBEDTLS_HAVE_TIME)
#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32) #if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32)
#include <basetsd.h> #include <basetsd.h>
typedef UINT32 uint32_t; typedef UINT32 uint32_t;
#else #else
#include <inttypes.h> #include <inttypes.h>
#endif #endif
#endif /* POLARSSL_HAVE_TIME */ #endif /* MBEDTLS_HAVE_TIME */
#define POLARSSL_ERR_NET_SOCKET_FAILED -0x0042 /**< Failed to open a socket. */ #define MBEDTLS_ERR_NET_SOCKET_FAILED -0x0042 /**< Failed to open a socket. */
#define POLARSSL_ERR_NET_CONNECT_FAILED -0x0044 /**< The connection to the given server / port failed. */ #define MBEDTLS_ERR_NET_CONNECT_FAILED -0x0044 /**< The connection to the given server / port failed. */
#define POLARSSL_ERR_NET_BIND_FAILED -0x0046 /**< Binding of the socket failed. */ #define MBEDTLS_ERR_NET_BIND_FAILED -0x0046 /**< Binding of the socket failed. */
#define POLARSSL_ERR_NET_LISTEN_FAILED -0x0048 /**< Could not listen on the socket. */ #define MBEDTLS_ERR_NET_LISTEN_FAILED -0x0048 /**< Could not listen on the socket. */
#define POLARSSL_ERR_NET_ACCEPT_FAILED -0x004A /**< Could not accept the incoming connection. */ #define MBEDTLS_ERR_NET_ACCEPT_FAILED -0x004A /**< Could not accept the incoming connection. */
#define POLARSSL_ERR_NET_RECV_FAILED -0x004C /**< Reading information from the socket failed. */ #define MBEDTLS_ERR_NET_RECV_FAILED -0x004C /**< Reading information from the socket failed. */
#define POLARSSL_ERR_NET_SEND_FAILED -0x004E /**< Sending information through the socket failed. */ #define MBEDTLS_ERR_NET_SEND_FAILED -0x004E /**< Sending information through the socket failed. */
#define POLARSSL_ERR_NET_CONN_RESET -0x0050 /**< Connection was reset by peer. */ #define MBEDTLS_ERR_NET_CONN_RESET -0x0050 /**< Connection was reset by peer. */
#define POLARSSL_ERR_NET_WANT_READ -0x0052 /**< Connection requires a read call. */ #define MBEDTLS_ERR_NET_WANT_READ -0x0052 /**< Connection requires a read call. */
#define POLARSSL_ERR_NET_WANT_WRITE -0x0054 /**< Connection requires a write call. */ #define MBEDTLS_ERR_NET_WANT_WRITE -0x0054 /**< Connection requires a write call. */
#define POLARSSL_ERR_NET_UNKNOWN_HOST -0x0056 /**< Failed to get an IP address for the given hostname. */ #define MBEDTLS_ERR_NET_UNKNOWN_HOST -0x0056 /**< Failed to get an IP address for the given hostname. */
#define POLARSSL_ERR_NET_TIMEOUT -0x0011 /**< The operation timed out. */ #define MBEDTLS_ERR_NET_TIMEOUT -0x0011 /**< The operation timed out. */
#define POLARSSL_NET_LISTEN_BACKLOG 10 /**< The backlog that listen() should use. */ #define MBEDTLS_NET_LISTEN_BACKLOG 10 /**< The backlog that listen() should use. */
#define NET_PROTO_TCP 0 /**< The TCP transport protocol */ #define MBEDTLS_NET_PROTO_TCP 0 /**< The TCP transport protocol */
#define NET_PROTO_UDP 1 /**< The UDP transport protocol */ #define MBEDTLS_NET_PROTO_UDP 1 /**< The UDP transport protocol */
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
@ -69,16 +69,16 @@ extern "C" {
* \param fd Socket to use * \param fd Socket to use
* \param host Host to connect to * \param host Host to connect to
* \param port Port to connect to * \param port Port to connect to
* \param proto Protocol: NET_PROTO_TCP or NET_PROTO_UDP * \param proto Protocol: MBEDTLS_NET_PROTO_TCP or MBEDTLS_NET_PROTO_UDP
* *
* \return 0 if successful, or one of: * \return 0 if successful, or one of:
* POLARSSL_ERR_NET_SOCKET_FAILED, * MBEDTLS_ERR_NET_SOCKET_FAILED,
* POLARSSL_ERR_NET_UNKNOWN_HOST, * MBEDTLS_ERR_NET_UNKNOWN_HOST,
* POLARSSL_ERR_NET_CONNECT_FAILED * MBEDTLS_ERR_NET_CONNECT_FAILED
* *
* \note Sets the socket in connected mode even with UDP. * \note Sets the socket in connected mode even with UDP.
*/ */
int net_connect( int *fd, const char *host, int port, int proto ); int mbedtls_net_connect( int *fd, const char *host, int port, int proto );
/** /**
* \brief Create a receiving socket on bind_ip:port in the chosen * \brief Create a receiving socket on bind_ip:port in the chosen
@ -87,17 +87,17 @@ int net_connect( int *fd, const char *host, int port, int proto );
* \param fd Socket to use * \param fd Socket to use
* \param bind_ip IP to bind to, can be NULL * \param bind_ip IP to bind to, can be NULL
* \param port Port number to use * \param port Port number to use
* \param proto Protocol: NET_PROTO_TCP or NET_PROTO_UDP * \param proto Protocol: MBEDTLS_NET_PROTO_TCP or MBEDTLS_NET_PROTO_UDP
* *
* \return 0 if successful, or one of: * \return 0 if successful, or one of:
* POLARSSL_ERR_NET_SOCKET_FAILED, * MBEDTLS_ERR_NET_SOCKET_FAILED,
* POLARSSL_ERR_NET_BIND_FAILED, * MBEDTLS_ERR_NET_BIND_FAILED,
* POLARSSL_ERR_NET_LISTEN_FAILED * MBEDTLS_ERR_NET_LISTEN_FAILED
* *
* \note Regardless of the protocol, opens the sockets and binds it. * \note Regardless of the protocol, opens the sockets and binds it.
* In addition, make the socket listening if protocol is TCP. * In addition, make the socket listening if protocol is TCP.
*/ */
int net_bind( int *fd, const char *bind_ip, int port, int proto ); int mbedtls_net_bind( int *fd, const char *bind_ip, int port, int proto );
/** /**
* \brief Accept a connection from a remote client * \brief Accept a connection from a remote client
@ -107,15 +107,15 @@ int net_bind( int *fd, const char *bind_ip, int port, int proto );
* \param client_ip Will contain the client IP address * \param client_ip Will contain the client IP address
* Must be at least 4 bytes, or 16 if IPv6 is supported * Must be at least 4 bytes, or 16 if IPv6 is supported
* *
* \return 0 if successful, POLARSSL_ERR_NET_ACCEPT_FAILED, or * \return 0 if successful, MBEDTLS_ERR_NET_ACCEPT_FAILED, or
* POLARSSL_ERR_NET_WANT_READ is bind_fd was set to * MBEDTLS_ERR_NET_WANT_READ is bind_fd was set to
* non-blocking and accept() is blocking. * non-blocking and accept() is blocking.
* *
* \note With UDP, connects the bind_fd to the client and just copy * \note With UDP, connects the bind_fd to the client and just copy
* its descriptor to client_fd. New clients will not be able * its descriptor to client_fd. New clients will not be able
* to connect until you close the socket and bind a new one. * to connect until you close the socket and bind a new one.
*/ */
int net_accept( int bind_fd, int *client_fd, void *client_ip ); int mbedtls_net_accept( int bind_fd, int *client_fd, void *client_ip );
/** /**
* \brief Set the socket blocking * \brief Set the socket blocking
@ -124,7 +124,7 @@ int net_accept( int bind_fd, int *client_fd, void *client_ip );
* *
* \return 0 if successful, or a non-zero error code * \return 0 if successful, or a non-zero error code
*/ */
int net_set_block( int fd ); int mbedtls_net_set_block( int fd );
/** /**
* \brief Set the socket non-blocking * \brief Set the socket non-blocking
@ -133,9 +133,9 @@ int net_set_block( int fd );
* *
* \return 0 if successful, or a non-zero error code * \return 0 if successful, or a non-zero error code
*/ */
int net_set_nonblock( int fd ); int mbedtls_net_set_nonblock( int fd );
#if defined(POLARSSL_HAVE_TIME) #if defined(MBEDTLS_HAVE_TIME)
/** /**
* \brief Portable usleep helper * \brief Portable usleep helper
* *
@ -144,7 +144,7 @@ int net_set_nonblock( int fd );
* \note Real amount of time slept will not be less than * \note Real amount of time slept will not be less than
* select()'s timeout granularity (typically, 10ms). * select()'s timeout granularity (typically, 10ms).
*/ */
void net_usleep( unsigned long usec ); void mbedtls_net_usleep( unsigned long usec );
#endif #endif
/** /**
@ -156,10 +156,10 @@ void net_usleep( unsigned long usec );
* \param len Maximum length of the buffer * \param len Maximum length of the buffer
* *
* \return This function returns the number of bytes received, * \return This function returns the number of bytes received,
* or a non-zero error code; POLARSSL_ERR_NET_WANT_READ * or a non-zero error code; MBEDTLS_ERR_NET_WANT_READ
* indicates read() is blocking. * indicates read() is blocking.
*/ */
int net_recv( void *ctx, unsigned char *buf, size_t len ); int mbedtls_net_recv( void *ctx, unsigned char *buf, size_t len );
/** /**
* \brief Write at most 'len' characters. If no error occurs, * \brief Write at most 'len' characters. If no error occurs,
@ -170,12 +170,12 @@ int net_recv( void *ctx, unsigned char *buf, size_t len );
* \param len The length of the buffer * \param len The length of the buffer
* *
* \return This function returns the number of bytes sent, * \return This function returns the number of bytes sent,
* or a non-zero error code; POLARSSL_ERR_NET_WANT_WRITE * or a non-zero error code; MBEDTLS_ERR_NET_WANT_WRITE
* indicates write() is blocking. * indicates write() is blocking.
*/ */
int net_send( void *ctx, const unsigned char *buf, size_t len ); int mbedtls_net_send( void *ctx, const unsigned char *buf, size_t len );
#if defined(POLARSSL_HAVE_TIME) #if defined(MBEDTLS_HAVE_TIME)
/** /**
* \brief Read at most 'len' characters, blocking for at most * \brief Read at most 'len' characters, blocking for at most
* 'timeout' seconds. If no error occurs, the actual amount * 'timeout' seconds. If no error occurs, the actual amount
@ -188,24 +188,24 @@ int net_send( void *ctx, const unsigned char *buf, size_t len );
* *
* \return This function returns the number of bytes received, * \return This function returns the number of bytes received,
* or a non-zero error code: * or a non-zero error code:
* POLARSSL_ERR_NET_TIMEOUT if the operation timed out, * MBEDTLS_ERR_NET_TIMEOUT if the operation timed out,
* POLARSSL_ERR_NET_WANT_READ if interrupted by a signal. * MBEDTLS_ERR_NET_WANT_READ if interrupted by a signal.
* *
* \note This function will block (until data becomes available or * \note This function will block (until data becomes available or
* timeout is reached) even if the socket is set to * timeout is reached) even if the socket is set to
* non-blocking. Handling timeouts with non-blocking reads * non-blocking. Handling timeouts with non-blocking reads
* requires a different strategy. * requires a different strategy.
*/ */
int net_recv_timeout( void *ctx, unsigned char *buf, size_t len, int mbedtls_net_recv_timeout( void *ctx, unsigned char *buf, size_t len,
uint32_t timeout ); uint32_t timeout );
#endif /* POLARSSL_HAVE_TIME */ #endif /* MBEDTLS_HAVE_TIME */
/** /**
* \brief Gracefully shutdown the connection * \brief Gracefully shutdown the connection
* *
* \param fd The socket to close * \param fd The socket to close
*/ */
void net_close( int fd ); void mbedtls_net_close( int fd );
#ifdef __cplusplus #ifdef __cplusplus
} }

406
include/mbedtls/oid.h
View File

@ -21,13 +21,13 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_OID_H #ifndef MBEDTLS_OID_H
#define POLARSSL_OID_H #define MBEDTLS_OID_H
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h" #include "config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#include "asn1.h" #include "asn1.h"
@ -35,238 +35,238 @@
#include <stddef.h> #include <stddef.h>
#if defined(POLARSSL_CIPHER_C) #if defined(MBEDTLS_CIPHER_C)
#include "cipher.h" #include "cipher.h"
#endif #endif
#if defined(POLARSSL_MD_C) #if defined(MBEDTLS_MD_C)
#include "md.h" #include "md.h"
#endif #endif
#if defined(POLARSSL_X509_USE_C) || defined(POLARSSL_X509_CREATE_C) #if defined(MBEDTLS_X509_USE_C) || defined(MBEDTLS_X509_CREATE_C)
#include "x509.h" #include "x509.h"
#endif #endif
#define POLARSSL_ERR_OID_NOT_FOUND -0x002E /**< OID is not found. */ #define MBEDTLS_ERR_OID_NOT_FOUND -0x002E /**< OID is not found. */
#define POLARSSL_ERR_OID_BUF_TOO_SMALL -0x000B /**< output buffer is too small */ #define MBEDTLS_ERR_OID_BUF_TOO_SMALL -0x000B /**< output buffer is too small */
/* /*
* Top level OID tuples * Top level OID tuples
*/ */
#define OID_ISO_MEMBER_BODIES "\x2a" /* {iso(1) member-body(2)} */ #define MBEDTLS_OID_ISO_MEMBER_BODIES "\x2a" /* {iso(1) member-body(2)} */
#define OID_ISO_IDENTIFIED_ORG "\x2b" /* {iso(1) identified-organization(3)} */ #define MBEDTLS_OID_ISO_IDENTIFIED_ORG "\x2b" /* {iso(1) identified-organization(3)} */
#define OID_ISO_CCITT_DS "\x55" /* {joint-iso-ccitt(2) ds(5)} */ #define MBEDTLS_OID_ISO_CCITT_DS "\x55" /* {joint-iso-ccitt(2) ds(5)} */
#define OID_ISO_ITU_COUNTRY "\x60" /* {joint-iso-itu-t(2) country(16)} */ #define MBEDTLS_OID_ISO_ITU_COUNTRY "\x60" /* {joint-iso-itu-t(2) country(16)} */
/* /*
* ISO Member bodies OID parts * ISO Member bodies OID parts
*/ */
#define OID_COUNTRY_US "\x86\x48" /* {us(840)} */ #define MBEDTLS_OID_COUNTRY_US "\x86\x48" /* {us(840)} */
#define OID_ORG_RSA_DATA_SECURITY "\x86\xf7\x0d" /* {rsadsi(113549)} */ #define MBEDTLS_OID_ORG_RSA_DATA_SECURITY "\x86\xf7\x0d" /* {rsadsi(113549)} */
#define OID_RSA_COMPANY OID_ISO_MEMBER_BODIES OID_COUNTRY_US \ #define MBEDTLS_OID_RSA_COMPANY MBEDTLS_OID_ISO_MEMBER_BODIES MBEDTLS_OID_COUNTRY_US \
OID_ORG_RSA_DATA_SECURITY /* {iso(1) member-body(2) us(840) rsadsi(113549)} */ MBEDTLS_OID_ORG_RSA_DATA_SECURITY /* {iso(1) member-body(2) us(840) rsadsi(113549)} */
#define OID_ORG_ANSI_X9_62 "\xce\x3d" /* ansi-X9-62(10045) */ #define MBEDTLS_OID_ORG_ANSI_X9_62 "\xce\x3d" /* ansi-X9-62(10045) */
#define OID_ANSI_X9_62 OID_ISO_MEMBER_BODIES OID_COUNTRY_US \ #define MBEDTLS_OID_ANSI_X9_62 MBEDTLS_OID_ISO_MEMBER_BODIES MBEDTLS_OID_COUNTRY_US \
OID_ORG_ANSI_X9_62 MBEDTLS_OID_ORG_ANSI_X9_62
/* /*
* ISO Identified organization OID parts * ISO Identified organization OID parts
*/ */
#define OID_ORG_DOD "\x06" /* {dod(6)} */ #define MBEDTLS_OID_ORG_DOD "\x06" /* {dod(6)} */
#define OID_ORG_OIW "\x0e" #define MBEDTLS_OID_ORG_OIW "\x0e"
#define OID_OIW_SECSIG OID_ORG_OIW "\x03" #define MBEDTLS_OID_OIW_SECSIG MBEDTLS_OID_ORG_OIW "\x03"
#define OID_OIW_SECSIG_ALG OID_OIW_SECSIG "\x02" #define MBEDTLS_OID_OIW_SECSIG_ALG MBEDTLS_OID_OIW_SECSIG "\x02"
#define OID_OIW_SECSIG_SHA1 OID_OIW_SECSIG_ALG "\x1a" #define MBEDTLS_OID_OIW_SECSIG_SHA1 MBEDTLS_OID_OIW_SECSIG_ALG "\x1a"
#define OID_ORG_CERTICOM "\x81\x04" /* certicom(132) */ #define MBEDTLS_OID_ORG_CERTICOM "\x81\x04" /* certicom(132) */
#define OID_CERTICOM OID_ISO_IDENTIFIED_ORG OID_ORG_CERTICOM #define MBEDTLS_OID_CERTICOM MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_ORG_CERTICOM
#define OID_ORG_TELETRUST "\x24" /* teletrust(36) */ #define MBEDTLS_OID_ORG_TELETRUST "\x24" /* teletrust(36) */
#define OID_TELETRUST OID_ISO_IDENTIFIED_ORG OID_ORG_TELETRUST #define MBEDTLS_OID_TELETRUST MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_ORG_TELETRUST
/* /*
* ISO ITU OID parts * ISO ITU OID parts
*/ */
#define OID_ORGANIZATION "\x01" /* {organization(1)} */ #define MBEDTLS_OID_ORGANIZATION "\x01" /* {organization(1)} */
#define OID_ISO_ITU_US_ORG OID_ISO_ITU_COUNTRY OID_COUNTRY_US OID_ORGANIZATION /* {joint-iso-itu-t(2) country(16) us(840) organization(1)} */ #define MBEDTLS_OID_ISO_ITU_US_ORG MBEDTLS_OID_ISO_ITU_COUNTRY MBEDTLS_OID_COUNTRY_US MBEDTLS_OID_ORGANIZATION /* {joint-iso-itu-t(2) country(16) us(840) organization(1)} */
#define OID_ORG_GOV "\x65" /* {gov(101)} */ #define MBEDTLS_OID_ORG_GOV "\x65" /* {gov(101)} */
#define OID_GOV OID_ISO_ITU_US_ORG OID_ORG_GOV /* {joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101)} */ #define MBEDTLS_OID_GOV MBEDTLS_OID_ISO_ITU_US_ORG MBEDTLS_OID_ORG_GOV /* {joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101)} */
#define OID_ORG_NETSCAPE "\x86\xF8\x42" /* {netscape(113730)} */ #define MBEDTLS_OID_ORG_NETSCAPE "\x86\xF8\x42" /* {netscape(113730)} */
#define OID_NETSCAPE OID_ISO_ITU_US_ORG OID_ORG_NETSCAPE /* Netscape OID {joint-iso-itu-t(2) country(16) us(840) organization(1) netscape(113730)} */ #define MBEDTLS_OID_NETSCAPE MBEDTLS_OID_ISO_ITU_US_ORG MBEDTLS_OID_ORG_NETSCAPE /* Netscape OID {joint-iso-itu-t(2) country(16) us(840) organization(1) netscape(113730)} */
/* ISO arc for standard certificate and CRL extensions */ /* ISO arc for standard certificate and CRL extensions */
#define OID_ID_CE OID_ISO_CCITT_DS "\x1D" /**< id-ce OBJECT IDENTIFIER ::= {joint-iso-ccitt(2) ds(5) 29} */ #define MBEDTLS_OID_ID_CE MBEDTLS_OID_ISO_CCITT_DS "\x1D" /**< id-ce OBJECT IDENTIFIER ::= {joint-iso-ccitt(2) ds(5) 29} */
/** /**
* Private Internet Extensions * Private Internet Extensions
* { iso(1) identified-organization(3) dod(6) internet(1) * { iso(1) identified-organization(3) dod(6) internet(1)
* security(5) mechanisms(5) pkix(7) } * security(5) mechanisms(5) pkix(7) }
*/ */
#define OID_PKIX OID_ISO_IDENTIFIED_ORG OID_ORG_DOD "\x01\x05\x05\x07" #define MBEDTLS_OID_PKIX MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_ORG_DOD "\x01\x05\x05\x07"
/* /*
* Arc for standard naming attributes * Arc for standard naming attributes
*/ */
#define OID_AT OID_ISO_CCITT_DS "\x04" /**< id-at OBJECT IDENTIFIER ::= {joint-iso-ccitt(2) ds(5) 4} */ #define MBEDTLS_OID_AT MBEDTLS_OID_ISO_CCITT_DS "\x04" /**< id-at OBJECT IDENTIFIER ::= {joint-iso-ccitt(2) ds(5) 4} */
#define OID_AT_CN OID_AT "\x03" /**< id-at-commonName AttributeType:= {id-at 3} */ #define MBEDTLS_OID_AT_CN MBEDTLS_OID_AT "\x03" /**< id-at-commonName AttributeType:= {id-at 3} */
#define OID_AT_SUR_NAME OID_AT "\x04" /**< id-at-surName AttributeType:= {id-at 4} */ #define MBEDTLS_OID_AT_SUR_NAME MBEDTLS_OID_AT "\x04" /**< id-at-surName AttributeType:= {id-at 4} */
#define OID_AT_SERIAL_NUMBER OID_AT "\x05" /**< id-at-serialNumber AttributeType:= {id-at 5} */ #define MBEDTLS_OID_AT_SERIAL_NUMBER MBEDTLS_OID_AT "\x05" /**< id-at-serialNumber AttributeType:= {id-at 5} */
#define OID_AT_COUNTRY OID_AT "\x06" /**< id-at-countryName AttributeType:= {id-at 6} */ #define MBEDTLS_OID_AT_COUNTRY MBEDTLS_OID_AT "\x06" /**< id-at-countryName AttributeType:= {id-at 6} */
#define OID_AT_LOCALITY OID_AT "\x07" /**< id-at-locality AttributeType:= {id-at 7} */ #define MBEDTLS_OID_AT_LOCALITY MBEDTLS_OID_AT "\x07" /**< id-at-locality AttributeType:= {id-at 7} */
#define OID_AT_STATE OID_AT "\x08" /**< id-at-state AttributeType:= {id-at 8} */ #define MBEDTLS_OID_AT_STATE MBEDTLS_OID_AT "\x08" /**< id-at-state AttributeType:= {id-at 8} */
#define OID_AT_ORGANIZATION OID_AT "\x0A" /**< id-at-organizationName AttributeType:= {id-at 10} */ #define MBEDTLS_OID_AT_ORGANIZATION MBEDTLS_OID_AT "\x0A" /**< id-at-organizationName AttributeType:= {id-at 10} */
#define OID_AT_ORG_UNIT OID_AT "\x0B" /**< id-at-organizationalUnitName AttributeType:= {id-at 11} */ #define MBEDTLS_OID_AT_ORG_UNIT MBEDTLS_OID_AT "\x0B" /**< id-at-organizationalUnitName AttributeType:= {id-at 11} */
#define OID_AT_TITLE OID_AT "\x0C" /**< id-at-title AttributeType:= {id-at 12} */ #define MBEDTLS_OID_AT_TITLE MBEDTLS_OID_AT "\x0C" /**< id-at-title AttributeType:= {id-at 12} */
#define OID_AT_POSTAL_ADDRESS OID_AT "\x10" /**< id-at-postalAddress AttributeType:= {id-at 16} */ #define MBEDTLS_OID_AT_POSTAL_ADDRESS MBEDTLS_OID_AT "\x10" /**< id-at-postalAddress AttributeType:= {id-at 16} */
#define OID_AT_POSTAL_CODE OID_AT "\x11" /**< id-at-postalCode AttributeType:= {id-at 17} */ #define MBEDTLS_OID_AT_POSTAL_CODE MBEDTLS_OID_AT "\x11" /**< id-at-postalCode AttributeType:= {id-at 17} */
#define OID_AT_GIVEN_NAME OID_AT "\x2A" /**< id-at-givenName AttributeType:= {id-at 42} */ #define MBEDTLS_OID_AT_GIVEN_NAME MBEDTLS_OID_AT "\x2A" /**< id-at-givenName AttributeType:= {id-at 42} */
#define OID_AT_INITIALS OID_AT "\x2B" /**< id-at-initials AttributeType:= {id-at 43} */ #define MBEDTLS_OID_AT_INITIALS MBEDTLS_OID_AT "\x2B" /**< id-at-initials AttributeType:= {id-at 43} */
#define OID_AT_GENERATION_QUALIFIER OID_AT "\x2C" /**< id-at-generationQualifier AttributeType:= {id-at 44} */ #define MBEDTLS_OID_AT_GENERATION_QUALIFIER MBEDTLS_OID_AT "\x2C" /**< id-at-generationQualifier AttributeType:= {id-at 44} */
#define OID_AT_UNIQUE_IDENTIFIER OID_AT "\x2D" /**< id-at-uniqueIdentifier AttributType:= {id-at 45} */ #define MBEDTLS_OID_AT_UNIQUE_IDENTIFIER MBEDTLS_OID_AT "\x2D" /**< id-at-uniqueIdentifier AttributType:= {id-at 45} */
#define OID_AT_DN_QUALIFIER OID_AT "\x2E" /**< id-at-dnQualifier AttributeType:= {id-at 46} */ #define MBEDTLS_OID_AT_DN_QUALIFIER MBEDTLS_OID_AT "\x2E" /**< id-at-dnQualifier AttributeType:= {id-at 46} */
#define OID_AT_PSEUDONYM OID_AT "\x41" /**< id-at-pseudonym AttributeType:= {id-at 65} */ #define MBEDTLS_OID_AT_PSEUDONYM MBEDTLS_OID_AT "\x41" /**< id-at-pseudonym AttributeType:= {id-at 65} */
#define OID_DOMAIN_COMPONENT "\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x19" /** id-domainComponent AttributeType:= {itu-t(0) data(9) pss(2342) ucl(19200300) pilot(100) pilotAttributeType(1) domainComponent(25)} */ #define MBEDTLS_OID_DOMAIN_COMPONENT "\x09\x92\x26\x89\x93\xF2\x2C\x64\x01\x19" /** id-domainComponent AttributeType:= {itu-t(0) data(9) pss(2342) ucl(19200300) pilot(100) pilotAttributeType(1) domainComponent(25)} */
/* /*
* OIDs for standard certificate extensions * OIDs for standard certificate extensions
*/ */
#define OID_AUTHORITY_KEY_IDENTIFIER OID_ID_CE "\x23" /**< id-ce-authorityKeyIdentifier OBJECT IDENTIFIER ::= { id-ce 35 } */ #define MBEDTLS_OID_AUTHORITY_KEY_IDENTIFIER MBEDTLS_OID_ID_CE "\x23" /**< id-ce-authorityKeyIdentifier OBJECT IDENTIFIER ::= { id-ce 35 } */
#define OID_SUBJECT_KEY_IDENTIFIER OID_ID_CE "\x0E" /**< id-ce-subjectKeyIdentifier OBJECT IDENTIFIER ::= { id-ce 14 } */ #define MBEDTLS_OID_SUBJECT_KEY_IDENTIFIER MBEDTLS_OID_ID_CE "\x0E" /**< id-ce-subjectKeyIdentifier OBJECT IDENTIFIER ::= { id-ce 14 } */
#define OID_KEY_USAGE OID_ID_CE "\x0F" /**< id-ce-keyUsage OBJECT IDENTIFIER ::= { id-ce 15 } */ #define MBEDTLS_OID_KEY_USAGE MBEDTLS_OID_ID_CE "\x0F" /**< id-ce-keyUsage OBJECT IDENTIFIER ::= { id-ce 15 } */
#define OID_CERTIFICATE_POLICIES OID_ID_CE "\x20" /**< id-ce-certificatePolicies OBJECT IDENTIFIER ::= { id-ce 32 } */ #define MBEDTLS_OID_CERTIFICATE_POLICIES MBEDTLS_OID_ID_CE "\x20" /**< id-ce-certificatePolicies OBJECT IDENTIFIER ::= { id-ce 32 } */
#define OID_POLICY_MAPPINGS OID_ID_CE "\x21" /**< id-ce-policyMappings OBJECT IDENTIFIER ::= { id-ce 33 } */ #define MBEDTLS_OID_POLICY_MAPPINGS MBEDTLS_OID_ID_CE "\x21" /**< id-ce-policyMappings OBJECT IDENTIFIER ::= { id-ce 33 } */
#define OID_SUBJECT_ALT_NAME OID_ID_CE "\x11" /**< id-ce-subjectAltName OBJECT IDENTIFIER ::= { id-ce 17 } */ #define MBEDTLS_OID_SUBJECT_ALT_NAME MBEDTLS_OID_ID_CE "\x11" /**< id-ce-subjectAltName OBJECT IDENTIFIER ::= { id-ce 17 } */
#define OID_ISSUER_ALT_NAME OID_ID_CE "\x12" /**< id-ce-issuerAltName OBJECT IDENTIFIER ::= { id-ce 18 } */ #define MBEDTLS_OID_ISSUER_ALT_NAME MBEDTLS_OID_ID_CE "\x12" /**< id-ce-issuerAltName OBJECT IDENTIFIER ::= { id-ce 18 } */
#define OID_SUBJECT_DIRECTORY_ATTRS OID_ID_CE "\x09" /**< id-ce-subjectDirectoryAttributes OBJECT IDENTIFIER ::= { id-ce 9 } */ #define MBEDTLS_OID_SUBJECT_DIRECTORY_ATTRS MBEDTLS_OID_ID_CE "\x09" /**< id-ce-subjectDirectoryAttributes OBJECT IDENTIFIER ::= { id-ce 9 } */
#define OID_BASIC_CONSTRAINTS OID_ID_CE "\x13" /**< id-ce-basicConstraints OBJECT IDENTIFIER ::= { id-ce 19 } */ #define MBEDTLS_OID_BASIC_CONSTRAINTS MBEDTLS_OID_ID_CE "\x13" /**< id-ce-basicConstraints OBJECT IDENTIFIER ::= { id-ce 19 } */
#define OID_NAME_CONSTRAINTS OID_ID_CE "\x1E" /**< id-ce-nameConstraints OBJECT IDENTIFIER ::= { id-ce 30 } */ #define MBEDTLS_OID_NAME_CONSTRAINTS MBEDTLS_OID_ID_CE "\x1E" /**< id-ce-nameConstraints OBJECT IDENTIFIER ::= { id-ce 30 } */
#define OID_POLICY_CONSTRAINTS OID_ID_CE "\x24" /**< id-ce-policyConstraints OBJECT IDENTIFIER ::= { id-ce 36 } */ #define MBEDTLS_OID_POLICY_CONSTRAINTS MBEDTLS_OID_ID_CE "\x24" /**< id-ce-policyConstraints OBJECT IDENTIFIER ::= { id-ce 36 } */
#define OID_EXTENDED_KEY_USAGE OID_ID_CE "\x25" /**< id-ce-extKeyUsage OBJECT IDENTIFIER ::= { id-ce 37 } */ #define MBEDTLS_OID_EXTENDED_KEY_USAGE MBEDTLS_OID_ID_CE "\x25" /**< id-ce-extKeyUsage OBJECT IDENTIFIER ::= { id-ce 37 } */
#define OID_CRL_DISTRIBUTION_POINTS OID_ID_CE "\x1F" /**< id-ce-cRLDistributionPoints OBJECT IDENTIFIER ::= { id-ce 31 } */ #define MBEDTLS_OID_CRL_DISTRIBUTION_POINTS MBEDTLS_OID_ID_CE "\x1F" /**< id-ce-cRLDistributionPoints OBJECT IDENTIFIER ::= { id-ce 31 } */
#define OID_INIHIBIT_ANYPOLICY OID_ID_CE "\x36" /**< id-ce-inhibitAnyPolicy OBJECT IDENTIFIER ::= { id-ce 54 } */ #define MBEDTLS_OID_INIHIBIT_ANYPOLICY MBEDTLS_OID_ID_CE "\x36" /**< id-ce-inhibitAnyPolicy OBJECT IDENTIFIER ::= { id-ce 54 } */
#define OID_FRESHEST_CRL OID_ID_CE "\x2E" /**< id-ce-freshestCRL OBJECT IDENTIFIER ::= { id-ce 46 } */ #define MBEDTLS_OID_FRESHEST_CRL MBEDTLS_OID_ID_CE "\x2E" /**< id-ce-freshestCRL OBJECT IDENTIFIER ::= { id-ce 46 } */
/* /*
* Netscape certificate extensions * Netscape certificate extensions
*/ */
#define OID_NS_CERT OID_NETSCAPE "\x01" #define MBEDTLS_OID_NS_CERT MBEDTLS_OID_NETSCAPE "\x01"
#define OID_NS_CERT_TYPE OID_NS_CERT "\x01" #define MBEDTLS_OID_NS_CERT_TYPE MBEDTLS_OID_NS_CERT "\x01"
#define OID_NS_BASE_URL OID_NS_CERT "\x02" #define MBEDTLS_OID_NS_BASE_URL MBEDTLS_OID_NS_CERT "\x02"
#define OID_NS_REVOCATION_URL OID_NS_CERT "\x03" #define MBEDTLS_OID_NS_REVOCATION_URL MBEDTLS_OID_NS_CERT "\x03"
#define OID_NS_CA_REVOCATION_URL OID_NS_CERT "\x04" #define MBEDTLS_OID_NS_CA_REVOCATION_URL MBEDTLS_OID_NS_CERT "\x04"
#define OID_NS_RENEWAL_URL OID_NS_CERT "\x07" #define MBEDTLS_OID_NS_RENEWAL_URL MBEDTLS_OID_NS_CERT "\x07"
#define OID_NS_CA_POLICY_URL OID_NS_CERT "\x08" #define MBEDTLS_OID_NS_CA_POLICY_URL MBEDTLS_OID_NS_CERT "\x08"
#define OID_NS_SSL_SERVER_NAME OID_NS_CERT "\x0C" #define MBEDTLS_OID_NS_SSL_SERVER_NAME MBEDTLS_OID_NS_CERT "\x0C"
#define OID_NS_COMMENT OID_NS_CERT "\x0D" #define MBEDTLS_OID_NS_COMMENT MBEDTLS_OID_NS_CERT "\x0D"
#define OID_NS_DATA_TYPE OID_NETSCAPE "\x02" #define MBEDTLS_OID_NS_DATA_TYPE MBEDTLS_OID_NETSCAPE "\x02"
#define OID_NS_CERT_SEQUENCE OID_NS_DATA_TYPE "\x05" #define MBEDTLS_OID_NS_CERT_SEQUENCE MBEDTLS_OID_NS_DATA_TYPE "\x05"
/* /*
* OIDs for CRL extensions * OIDs for CRL extensions
*/ */
#define OID_PRIVATE_KEY_USAGE_PERIOD OID_ID_CE "\x10" #define MBEDTLS_OID_PRIVATE_KEY_USAGE_PERIOD MBEDTLS_OID_ID_CE "\x10"
#define OID_CRL_NUMBER OID_ID_CE "\x14" /**< id-ce-cRLNumber OBJECT IDENTIFIER ::= { id-ce 20 } */ #define MBEDTLS_OID_CRL_NUMBER MBEDTLS_OID_ID_CE "\x14" /**< id-ce-cRLNumber OBJECT IDENTIFIER ::= { id-ce 20 } */
/* /*
* X.509 v3 Extended key usage OIDs * X.509 v3 Extended key usage OIDs
*/ */
#define OID_ANY_EXTENDED_KEY_USAGE OID_EXTENDED_KEY_USAGE "\x00" /**< anyExtendedKeyUsage OBJECT IDENTIFIER ::= { id-ce-extKeyUsage 0 } */ #define MBEDTLS_OID_ANY_EXTENDED_KEY_USAGE MBEDTLS_OID_EXTENDED_KEY_USAGE "\x00" /**< anyExtendedKeyUsage OBJECT IDENTIFIER ::= { id-ce-extKeyUsage 0 } */
#define OID_KP OID_PKIX "\x03" /**< id-kp OBJECT IDENTIFIER ::= { id-pkix 3 } */ #define MBEDTLS_OID_KP MBEDTLS_OID_PKIX "\x03" /**< id-kp OBJECT IDENTIFIER ::= { id-pkix 3 } */
#define OID_SERVER_AUTH OID_KP "\x01" /**< id-kp-serverAuth OBJECT IDENTIFIER ::= { id-kp 1 } */ #define MBEDTLS_OID_SERVER_AUTH MBEDTLS_OID_KP "\x01" /**< id-kp-serverAuth OBJECT IDENTIFIER ::= { id-kp 1 } */
#define OID_CLIENT_AUTH OID_KP "\x02" /**< id-kp-clientAuth OBJECT IDENTIFIER ::= { id-kp 2 } */ #define MBEDTLS_OID_CLIENT_AUTH MBEDTLS_OID_KP "\x02" /**< id-kp-clientAuth OBJECT IDENTIFIER ::= { id-kp 2 } */
#define OID_CODE_SIGNING OID_KP "\x03" /**< id-kp-codeSigning OBJECT IDENTIFIER ::= { id-kp 3 } */ #define MBEDTLS_OID_CODE_SIGNING MBEDTLS_OID_KP "\x03" /**< id-kp-codeSigning OBJECT IDENTIFIER ::= { id-kp 3 } */
#define OID_EMAIL_PROTECTION OID_KP "\x04" /**< id-kp-emailProtection OBJECT IDENTIFIER ::= { id-kp 4 } */ #define MBEDTLS_OID_EMAIL_PROTECTION MBEDTLS_OID_KP "\x04" /**< id-kp-emailProtection OBJECT IDENTIFIER ::= { id-kp 4 } */
#define OID_TIME_STAMPING OID_KP "\x08" /**< id-kp-timeStamping OBJECT IDENTIFIER ::= { id-kp 8 } */ #define MBEDTLS_OID_TIME_STAMPING MBEDTLS_OID_KP "\x08" /**< id-kp-timeStamping OBJECT IDENTIFIER ::= { id-kp 8 } */
#define OID_OCSP_SIGNING OID_KP "\x09" /**< id-kp-OCSPSigning OBJECT IDENTIFIER ::= { id-kp 9 } */ #define MBEDTLS_OID_OCSP_SIGNING MBEDTLS_OID_KP "\x09" /**< id-kp-OCSPSigning OBJECT IDENTIFIER ::= { id-kp 9 } */
/* /*
* PKCS definition OIDs * PKCS definition OIDs
*/ */
#define OID_PKCS OID_RSA_COMPANY "\x01" /**< pkcs OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) 1 } */ #define MBEDTLS_OID_PKCS MBEDTLS_OID_RSA_COMPANY "\x01" /**< pkcs OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) 1 } */
#define OID_PKCS1 OID_PKCS "\x01" /**< pkcs-1 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 1 } */ #define MBEDTLS_OID_PKCS1 MBEDTLS_OID_PKCS "\x01" /**< pkcs-1 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 1 } */
#define OID_PKCS5 OID_PKCS "\x05" /**< pkcs-5 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 5 } */ #define MBEDTLS_OID_PKCS5 MBEDTLS_OID_PKCS "\x05" /**< pkcs-5 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 5 } */
#define OID_PKCS9 OID_PKCS "\x09" /**< pkcs-9 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 9 } */ #define MBEDTLS_OID_PKCS9 MBEDTLS_OID_PKCS "\x09" /**< pkcs-9 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 9 } */
#define OID_PKCS12 OID_PKCS "\x0c" /**< pkcs-12 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 12 } */ #define MBEDTLS_OID_PKCS12 MBEDTLS_OID_PKCS "\x0c" /**< pkcs-12 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 12 } */
/* /*
* PKCS#1 OIDs * PKCS#1 OIDs
*/ */
#define OID_PKCS1_RSA OID_PKCS1 "\x01" /**< rsaEncryption OBJECT IDENTIFIER ::= { pkcs-1 1 } */ #define MBEDTLS_OID_PKCS1_RSA MBEDTLS_OID_PKCS1 "\x01" /**< rsaEncryption OBJECT IDENTIFIER ::= { pkcs-1 1 } */
#define OID_PKCS1_MD2 OID_PKCS1 "\x02" /**< md2WithRSAEncryption ::= { pkcs-1 2 } */ #define MBEDTLS_OID_PKCS1_MD2 MBEDTLS_OID_PKCS1 "\x02" /**< md2WithRSAEncryption ::= { pkcs-1 2 } */
#define OID_PKCS1_MD4 OID_PKCS1 "\x03" /**< md4WithRSAEncryption ::= { pkcs-1 3 } */ #define MBEDTLS_OID_PKCS1_MD4 MBEDTLS_OID_PKCS1 "\x03" /**< md4WithRSAEncryption ::= { pkcs-1 3 } */
#define OID_PKCS1_MD5 OID_PKCS1 "\x04" /**< md5WithRSAEncryption ::= { pkcs-1 4 } */ #define MBEDTLS_OID_PKCS1_MD5 MBEDTLS_OID_PKCS1 "\x04" /**< md5WithRSAEncryption ::= { pkcs-1 4 } */
#define OID_PKCS1_SHA1 OID_PKCS1 "\x05" /**< sha1WithRSAEncryption ::= { pkcs-1 5 } */ #define MBEDTLS_OID_PKCS1_SHA1 MBEDTLS_OID_PKCS1 "\x05" /**< sha1WithRSAEncryption ::= { pkcs-1 5 } */
#define OID_PKCS1_SHA224 OID_PKCS1 "\x0e" /**< sha224WithRSAEncryption ::= { pkcs-1 14 } */ #define MBEDTLS_OID_PKCS1_SHA224 MBEDTLS_OID_PKCS1 "\x0e" /**< sha224WithRSAEncryption ::= { pkcs-1 14 } */
#define OID_PKCS1_SHA256 OID_PKCS1 "\x0b" /**< sha256WithRSAEncryption ::= { pkcs-1 11 } */ #define MBEDTLS_OID_PKCS1_SHA256 MBEDTLS_OID_PKCS1 "\x0b" /**< sha256WithRSAEncryption ::= { pkcs-1 11 } */
#define OID_PKCS1_SHA384 OID_PKCS1 "\x0c" /**< sha384WithRSAEncryption ::= { pkcs-1 12 } */ #define MBEDTLS_OID_PKCS1_SHA384 MBEDTLS_OID_PKCS1 "\x0c" /**< sha384WithRSAEncryption ::= { pkcs-1 12 } */
#define OID_PKCS1_SHA512 OID_PKCS1 "\x0d" /**< sha512WithRSAEncryption ::= { pkcs-1 13 } */ #define MBEDTLS_OID_PKCS1_SHA512 MBEDTLS_OID_PKCS1 "\x0d" /**< sha512WithRSAEncryption ::= { pkcs-1 13 } */
#define OID_RSA_SHA_OBS "\x2B\x0E\x03\x02\x1D" #define MBEDTLS_OID_RSA_SHA_OBS "\x2B\x0E\x03\x02\x1D"
#define OID_PKCS9_EMAIL OID_PKCS9 "\x01" /**< emailAddress AttributeType ::= { pkcs-9 1 } */ #define MBEDTLS_OID_PKCS9_EMAIL MBEDTLS_OID_PKCS9 "\x01" /**< emailAddress AttributeType ::= { pkcs-9 1 } */
/* RFC 4055 */ /* RFC 4055 */
#define OID_RSASSA_PSS OID_PKCS1 "\x0a" /**< id-RSASSA-PSS ::= { pkcs-1 10 } */ #define MBEDTLS_OID_RSASSA_PSS MBEDTLS_OID_PKCS1 "\x0a" /**< id-RSASSA-PSS ::= { pkcs-1 10 } */
#define OID_MGF1 OID_PKCS1 "\x08" /**< id-mgf1 ::= { pkcs-1 8 } */ #define MBEDTLS_OID_MGF1 MBEDTLS_OID_PKCS1 "\x08" /**< id-mgf1 ::= { pkcs-1 8 } */
/* /*
* Digest algorithms * Digest algorithms
*/ */
#define OID_DIGEST_ALG_MD2 OID_RSA_COMPANY "\x02\x02" /**< id-md2 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 2 } */ #define MBEDTLS_OID_DIGEST_ALG_MD2 MBEDTLS_OID_RSA_COMPANY "\x02\x02" /**< id-mbedtls_md2 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 2 } */
#define OID_DIGEST_ALG_MD4 OID_RSA_COMPANY "\x02\x04" /**< id-md4 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 4 } */ #define MBEDTLS_OID_DIGEST_ALG_MD4 MBEDTLS_OID_RSA_COMPANY "\x02\x04" /**< id-mbedtls_md4 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 4 } */
#define OID_DIGEST_ALG_MD5 OID_RSA_COMPANY "\x02\x05" /**< id-md5 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 5 } */ #define MBEDTLS_OID_DIGEST_ALG_MD5 MBEDTLS_OID_RSA_COMPANY "\x02\x05" /**< id-mbedtls_md5 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 5 } */
#define OID_DIGEST_ALG_SHA1 OID_ISO_IDENTIFIED_ORG OID_OIW_SECSIG_SHA1 /**< id-sha1 OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 26 } */ #define MBEDTLS_OID_DIGEST_ALG_SHA1 MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_OIW_SECSIG_SHA1 /**< id-mbedtls_sha1 OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 26 } */
#define OID_DIGEST_ALG_SHA224 OID_GOV "\x03\x04\x02\x04" /**< id-sha224 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 4 } */ #define MBEDTLS_OID_DIGEST_ALG_SHA224 MBEDTLS_OID_GOV "\x03\x04\x02\x04" /**< id-sha224 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 4 } */
#define OID_DIGEST_ALG_SHA256 OID_GOV "\x03\x04\x02\x01" /**< id-sha256 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 1 } */ #define MBEDTLS_OID_DIGEST_ALG_SHA256 MBEDTLS_OID_GOV "\x03\x04\x02\x01" /**< id-mbedtls_sha256 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 1 } */
#define OID_DIGEST_ALG_SHA384 OID_GOV "\x03\x04\x02\x02" /**< id-sha384 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 2 } */ #define MBEDTLS_OID_DIGEST_ALG_SHA384 MBEDTLS_OID_GOV "\x03\x04\x02\x02" /**< id-sha384 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 2 } */
#define OID_DIGEST_ALG_SHA512 OID_GOV "\x03\x04\x02\x03" /**< id-sha512 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 3 } */ #define MBEDTLS_OID_DIGEST_ALG_SHA512 MBEDTLS_OID_GOV "\x03\x04\x02\x03" /**< id-mbedtls_sha512 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101) csor(3) nistalgorithm(4) hashalgs(2) 3 } */
#define OID_HMAC_SHA1 OID_RSA_COMPANY "\x02\x07" /**< id-hmacWithSHA1 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 7 } */ #define MBEDTLS_OID_HMAC_SHA1 MBEDTLS_OID_RSA_COMPANY "\x02\x07" /**< id-hmacWithSHA1 OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840) rsadsi(113549) digestAlgorithm(2) 7 } */
/* /*
* Encryption algorithms * Encryption algorithms
*/ */
#define OID_DES_CBC OID_ISO_IDENTIFIED_ORG OID_OIW_SECSIG_ALG "\x07" /**< desCBC OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 7 } */ #define MBEDTLS_OID_DES_CBC MBEDTLS_OID_ISO_IDENTIFIED_ORG MBEDTLS_OID_OIW_SECSIG_ALG "\x07" /**< desCBC OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 7 } */
#define OID_DES_EDE3_CBC OID_RSA_COMPANY "\x03\x07" /**< des-ede3-cbc OBJECT IDENTIFIER ::= { iso(1) member-body(2) -- us(840) rsadsi(113549) encryptionAlgorithm(3) 7 } */ #define MBEDTLS_OID_DES_EDE3_CBC MBEDTLS_OID_RSA_COMPANY "\x03\x07" /**< des-ede3-cbc OBJECT IDENTIFIER ::= { iso(1) member-body(2) -- us(840) rsadsi(113549) encryptionAlgorithm(3) 7 } */
/* /*
* PKCS#5 OIDs * PKCS#5 OIDs
*/ */
#define OID_PKCS5_PBKDF2 OID_PKCS5 "\x0c" /**< id-PBKDF2 OBJECT IDENTIFIER ::= {pkcs-5 12} */ #define MBEDTLS_OID_PKCS5_PBKDF2 MBEDTLS_OID_PKCS5 "\x0c" /**< id-PBKDF2 OBJECT IDENTIFIER ::= {pkcs-5 12} */
#define OID_PKCS5_PBES2 OID_PKCS5 "\x0d" /**< id-PBES2 OBJECT IDENTIFIER ::= {pkcs-5 13} */ #define MBEDTLS_OID_PKCS5_PBES2 MBEDTLS_OID_PKCS5 "\x0d" /**< id-PBES2 OBJECT IDENTIFIER ::= {pkcs-5 13} */
#define OID_PKCS5_PBMAC1 OID_PKCS5 "\x0e" /**< id-PBMAC1 OBJECT IDENTIFIER ::= {pkcs-5 14} */ #define MBEDTLS_OID_PKCS5_PBMAC1 MBEDTLS_OID_PKCS5 "\x0e" /**< id-PBMAC1 OBJECT IDENTIFIER ::= {pkcs-5 14} */
/* /*
* PKCS#5 PBES1 algorithms * PKCS#5 PBES1 algorithms
*/ */
#define OID_PKCS5_PBE_MD2_DES_CBC OID_PKCS5 "\x01" /**< pbeWithMD2AndDES-CBC OBJECT IDENTIFIER ::= {pkcs-5 1} */ #define MBEDTLS_OID_PKCS5_PBE_MD2_DES_CBC MBEDTLS_OID_PKCS5 "\x01" /**< pbeWithMD2AndDES-CBC OBJECT IDENTIFIER ::= {pkcs-5 1} */
#define OID_PKCS5_PBE_MD2_RC2_CBC OID_PKCS5 "\x04" /**< pbeWithMD2AndRC2-CBC OBJECT IDENTIFIER ::= {pkcs-5 4} */ #define MBEDTLS_OID_PKCS5_PBE_MD2_RC2_CBC MBEDTLS_OID_PKCS5 "\x04" /**< pbeWithMD2AndRC2-CBC OBJECT IDENTIFIER ::= {pkcs-5 4} */
#define OID_PKCS5_PBE_MD5_DES_CBC OID_PKCS5 "\x03" /**< pbeWithMD5AndDES-CBC OBJECT IDENTIFIER ::= {pkcs-5 3} */ #define MBEDTLS_OID_PKCS5_PBE_MD5_DES_CBC MBEDTLS_OID_PKCS5 "\x03" /**< pbeWithMD5AndDES-CBC OBJECT IDENTIFIER ::= {pkcs-5 3} */
#define OID_PKCS5_PBE_MD5_RC2_CBC OID_PKCS5 "\x06" /**< pbeWithMD5AndRC2-CBC OBJECT IDENTIFIER ::= {pkcs-5 6} */ #define MBEDTLS_OID_PKCS5_PBE_MD5_RC2_CBC MBEDTLS_OID_PKCS5 "\x06" /**< pbeWithMD5AndRC2-CBC OBJECT IDENTIFIER ::= {pkcs-5 6} */
#define OID_PKCS5_PBE_SHA1_DES_CBC OID_PKCS5 "\x0a" /**< pbeWithSHA1AndDES-CBC OBJECT IDENTIFIER ::= {pkcs-5 10} */ #define MBEDTLS_OID_PKCS5_PBE_SHA1_DES_CBC MBEDTLS_OID_PKCS5 "\x0a" /**< pbeWithSHA1AndDES-CBC OBJECT IDENTIFIER ::= {pkcs-5 10} */
#define OID_PKCS5_PBE_SHA1_RC2_CBC OID_PKCS5 "\x0b" /**< pbeWithSHA1AndRC2-CBC OBJECT IDENTIFIER ::= {pkcs-5 11} */ #define MBEDTLS_OID_PKCS5_PBE_SHA1_RC2_CBC MBEDTLS_OID_PKCS5 "\x0b" /**< pbeWithSHA1AndRC2-CBC OBJECT IDENTIFIER ::= {pkcs-5 11} */
/* /*
* PKCS#8 OIDs * PKCS#8 OIDs
*/ */
#define OID_PKCS9_CSR_EXT_REQ OID_PKCS9 "\x0e" /**< extensionRequest OBJECT IDENTIFIER ::= {pkcs-9 14} */ #define MBEDTLS_OID_PKCS9_CSR_EXT_REQ MBEDTLS_OID_PKCS9 "\x0e" /**< extensionRequest OBJECT IDENTIFIER ::= {pkcs-9 14} */
/* /*
* PKCS#12 PBE OIDs * PKCS#12 PBE OIDs
*/ */
#define OID_PKCS12_PBE OID_PKCS12 "\x01" /**< pkcs-12PbeIds OBJECT IDENTIFIER ::= {pkcs-12 1} */ #define MBEDTLS_OID_PKCS12_PBE MBEDTLS_OID_PKCS12 "\x01" /**< pkcs-12PbeIds OBJECT IDENTIFIER ::= {pkcs-12 1} */
#define OID_PKCS12_PBE_SHA1_RC4_128 OID_PKCS12_PBE "\x01" /**< pbeWithSHAAnd128BitRC4 OBJECT IDENTIFIER ::= {pkcs-12PbeIds 1} */ #define MBEDTLS_OID_PKCS12_PBE_SHA1_RC4_128 MBEDTLS_OID_PKCS12_PBE "\x01" /**< pbeWithSHAAnd128BitRC4 OBJECT IDENTIFIER ::= {pkcs-12PbeIds 1} */
#define OID_PKCS12_PBE_SHA1_RC4_40 OID_PKCS12_PBE "\x02" /**< pbeWithSHAAnd40BitRC4 OBJECT IDENTIFIER ::= {pkcs-12PbeIds 2} */ #define MBEDTLS_OID_PKCS12_PBE_SHA1_RC4_40 MBEDTLS_OID_PKCS12_PBE "\x02" /**< pbeWithSHAAnd40BitRC4 OBJECT IDENTIFIER ::= {pkcs-12PbeIds 2} */
#define OID_PKCS12_PBE_SHA1_DES3_EDE_CBC OID_PKCS12_PBE "\x03" /**< pbeWithSHAAnd3-KeyTripleDES-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 3} */ #define MBEDTLS_OID_PKCS12_PBE_SHA1_DES3_EDE_CBC MBEDTLS_OID_PKCS12_PBE "\x03" /**< pbeWithSHAAnd3-KeyTripleDES-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 3} */
#define OID_PKCS12_PBE_SHA1_DES2_EDE_CBC OID_PKCS12_PBE "\x04" /**< pbeWithSHAAnd2-KeyTripleDES-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 4} */ #define MBEDTLS_OID_PKCS12_PBE_SHA1_DES2_EDE_CBC MBEDTLS_OID_PKCS12_PBE "\x04" /**< pbeWithSHAAnd2-KeyTripleDES-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 4} */
#define OID_PKCS12_PBE_SHA1_RC2_128_CBC OID_PKCS12_PBE "\x05" /**< pbeWithSHAAnd128BitRC2-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 5} */ #define MBEDTLS_OID_PKCS12_PBE_SHA1_RC2_128_CBC MBEDTLS_OID_PKCS12_PBE "\x05" /**< pbeWithSHAAnd128BitRC2-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 5} */
#define OID_PKCS12_PBE_SHA1_RC2_40_CBC OID_PKCS12_PBE "\x06" /**< pbeWithSHAAnd40BitRC2-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 6} */ #define MBEDTLS_OID_PKCS12_PBE_SHA1_RC2_40_CBC MBEDTLS_OID_PKCS12_PBE "\x06" /**< pbeWithSHAAnd40BitRC2-CBC OBJECT IDENTIFIER ::= {pkcs-12PbeIds 6} */
/* /*
* EC key algorithms from RFC 5480 * EC key algorithms from RFC 5480
@ -274,12 +274,12 @@
/* id-ecPublicKey OBJECT IDENTIFIER ::= { /* id-ecPublicKey OBJECT IDENTIFIER ::= {
* iso(1) member-body(2) us(840) ansi-X9-62(10045) keyType(2) 1 } */ * iso(1) member-body(2) us(840) ansi-X9-62(10045) keyType(2) 1 } */
#define OID_EC_ALG_UNRESTRICTED OID_ANSI_X9_62 "\x02\01" #define MBEDTLS_OID_EC_ALG_UNRESTRICTED MBEDTLS_OID_ANSI_X9_62 "\x02\01"
/* id-ecDH OBJECT IDENTIFIER ::= { /* id-ecDH OBJECT IDENTIFIER ::= {
* iso(1) identified-organization(3) certicom(132) * iso(1) identified-organization(3) certicom(132)
* schemes(1) ecdh(12) } */ * schemes(1) ecdh(12) } */
#define OID_EC_ALG_ECDH OID_CERTICOM "\x01\x0c" #define MBEDTLS_OID_EC_ALG_ECDH MBEDTLS_OID_CERTICOM "\x01\x0c"
/* /*
* ECParameters namedCurve identifiers, from RFC 5480, RFC 5639, and SEC2 * ECParameters namedCurve identifiers, from RFC 5480, RFC 5639, and SEC2
@ -287,35 +287,35 @@
/* secp192r1 OBJECT IDENTIFIER ::= { /* secp192r1 OBJECT IDENTIFIER ::= {
* iso(1) member-body(2) us(840) ansi-X9-62(10045) curves(3) prime(1) 1 } */ * iso(1) member-body(2) us(840) ansi-X9-62(10045) curves(3) prime(1) 1 } */
#define OID_EC_GRP_SECP192R1 OID_ANSI_X9_62 "\x03\x01\x01" #define MBEDTLS_OID_EC_GRP_SECP192R1 MBEDTLS_OID_ANSI_X9_62 "\x03\x01\x01"
/* secp224r1 OBJECT IDENTIFIER ::= { /* secp224r1 OBJECT IDENTIFIER ::= {
* iso(1) identified-organization(3) certicom(132) curve(0) 33 } */ * iso(1) identified-organization(3) certicom(132) curve(0) 33 } */
#define OID_EC_GRP_SECP224R1 OID_CERTICOM "\x00\x21" #define MBEDTLS_OID_EC_GRP_SECP224R1 MBEDTLS_OID_CERTICOM "\x00\x21"
/* secp256r1 OBJECT IDENTIFIER ::= { /* secp256r1 OBJECT IDENTIFIER ::= {
* iso(1) member-body(2) us(840) ansi-X9-62(10045) curves(3) prime(1) 7 } */ * iso(1) member-body(2) us(840) ansi-X9-62(10045) curves(3) prime(1) 7 } */
#define OID_EC_GRP_SECP256R1 OID_ANSI_X9_62 "\x03\x01\x07" #define MBEDTLS_OID_EC_GRP_SECP256R1 MBEDTLS_OID_ANSI_X9_62 "\x03\x01\x07"
/* secp384r1 OBJECT IDENTIFIER ::= { /* secp384r1 OBJECT IDENTIFIER ::= {
* iso(1) identified-organization(3) certicom(132) curve(0) 34 } */ * iso(1) identified-organization(3) certicom(132) curve(0) 34 } */
#define OID_EC_GRP_SECP384R1 OID_CERTICOM "\x00\x22" #define MBEDTLS_OID_EC_GRP_SECP384R1 MBEDTLS_OID_CERTICOM "\x00\x22"
/* secp521r1 OBJECT IDENTIFIER ::= { /* secp521r1 OBJECT IDENTIFIER ::= {
* iso(1) identified-organization(3) certicom(132) curve(0) 35 } */ * iso(1) identified-organization(3) certicom(132) curve(0) 35 } */
#define OID_EC_GRP_SECP521R1 OID_CERTICOM "\x00\x23" #define MBEDTLS_OID_EC_GRP_SECP521R1 MBEDTLS_OID_CERTICOM "\x00\x23"
/* secp192k1 OBJECT IDENTIFIER ::= { /* secp192k1 OBJECT IDENTIFIER ::= {
* iso(1) identified-organization(3) certicom(132) curve(0) 31 } */ * iso(1) identified-organization(3) certicom(132) curve(0) 31 } */
#define OID_EC_GRP_SECP192K1 OID_CERTICOM "\x00\x1f" #define MBEDTLS_OID_EC_GRP_SECP192K1 MBEDTLS_OID_CERTICOM "\x00\x1f"
/* secp224k1 OBJECT IDENTIFIER ::= { /* secp224k1 OBJECT IDENTIFIER ::= {
* iso(1) identified-organization(3) certicom(132) curve(0) 32 } */ * iso(1) identified-organization(3) certicom(132) curve(0) 32 } */
#define OID_EC_GRP_SECP224K1 OID_CERTICOM "\x00\x20" #define MBEDTLS_OID_EC_GRP_SECP224K1 MBEDTLS_OID_CERTICOM "\x00\x20"
/* secp256k1 OBJECT IDENTIFIER ::= { /* secp256k1 OBJECT IDENTIFIER ::= {
* iso(1) identified-organization(3) certicom(132) curve(0) 10 } */ * iso(1) identified-organization(3) certicom(132) curve(0) 10 } */
#define OID_EC_GRP_SECP256K1 OID_CERTICOM "\x00\x0a" #define MBEDTLS_OID_EC_GRP_SECP256K1 MBEDTLS_OID_CERTICOM "\x00\x0a"
/* RFC 5639 4.1 /* RFC 5639 4.1
* ecStdCurvesAndGeneration OBJECT IDENTIFIER::= {iso(1) * ecStdCurvesAndGeneration OBJECT IDENTIFIER::= {iso(1)
@ -323,16 +323,16 @@
* algorithm(3) ecSign(2) 8} * algorithm(3) ecSign(2) 8}
* ellipticCurve OBJECT IDENTIFIER ::= {ecStdCurvesAndGeneration 1} * ellipticCurve OBJECT IDENTIFIER ::= {ecStdCurvesAndGeneration 1}
* versionOne OBJECT IDENTIFIER ::= {ellipticCurve 1} */ * versionOne OBJECT IDENTIFIER ::= {ellipticCurve 1} */
#define OID_EC_BRAINPOOL_V1 OID_TELETRUST "\x03\x03\x02\x08\x01\x01" #define MBEDTLS_OID_EC_BRAINPOOL_V1 MBEDTLS_OID_TELETRUST "\x03\x03\x02\x08\x01\x01"
/* brainpoolP256r1 OBJECT IDENTIFIER ::= {versionOne 7} */ /* brainpoolP256r1 OBJECT IDENTIFIER ::= {versionOne 7} */
#define OID_EC_GRP_BP256R1 OID_EC_BRAINPOOL_V1 "\x07" #define MBEDTLS_OID_EC_GRP_BP256R1 MBEDTLS_OID_EC_BRAINPOOL_V1 "\x07"
/* brainpoolP384r1 OBJECT IDENTIFIER ::= {versionOne 11} */ /* brainpoolP384r1 OBJECT IDENTIFIER ::= {versionOne 11} */
#define OID_EC_GRP_BP384R1 OID_EC_BRAINPOOL_V1 "\x0B" #define MBEDTLS_OID_EC_GRP_BP384R1 MBEDTLS_OID_EC_BRAINPOOL_V1 "\x0B"
/* brainpoolP512r1 OBJECT IDENTIFIER ::= {versionOne 13} */ /* brainpoolP512r1 OBJECT IDENTIFIER ::= {versionOne 13} */
#define OID_EC_GRP_BP512R1 OID_EC_BRAINPOOL_V1 "\x0D" #define MBEDTLS_OID_EC_GRP_BP512R1 MBEDTLS_OID_EC_BRAINPOOL_V1 "\x0D"
/* /*
* SEC1 C.1 * SEC1 C.1
@ -340,38 +340,38 @@
* prime-field OBJECT IDENTIFIER ::= { id-fieldType 1 } * prime-field OBJECT IDENTIFIER ::= { id-fieldType 1 }
* id-fieldType OBJECT IDENTIFIER ::= { ansi-X9-62 fieldType(1)} * id-fieldType OBJECT IDENTIFIER ::= { ansi-X9-62 fieldType(1)}
*/ */
#define OID_ANSI_X9_62_FIELD_TYPE OID_ANSI_X9_62 "\x01" #define MBEDTLS_OID_ANSI_X9_62_FIELD_TYPE MBEDTLS_OID_ANSI_X9_62 "\x01"
#define OID_ANSI_X9_62_PRIME_FIELD OID_ANSI_X9_62_FIELD_TYPE "\x01" #define MBEDTLS_OID_ANSI_X9_62_PRIME_FIELD MBEDTLS_OID_ANSI_X9_62_FIELD_TYPE "\x01"
/* /*
* ECDSA signature identifiers, from RFC 5480 * ECDSA signature identifiers, from RFC 5480
*/ */
#define OID_ANSI_X9_62_SIG OID_ANSI_X9_62 "\x04" /* signatures(4) */ #define MBEDTLS_OID_ANSI_X9_62_SIG MBEDTLS_OID_ANSI_X9_62 "\x04" /* signatures(4) */
#define OID_ANSI_X9_62_SIG_SHA2 OID_ANSI_X9_62_SIG "\x03" /* ecdsa-with-SHA2(3) */ #define MBEDTLS_OID_ANSI_X9_62_SIG_SHA2 MBEDTLS_OID_ANSI_X9_62_SIG "\x03" /* ecdsa-with-SHA2(3) */
/* ecdsa-with-SHA1 OBJECT IDENTIFIER ::= { /* ecdsa-with-SHA1 OBJECT IDENTIFIER ::= {
* iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4) 1 } */ * iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4) 1 } */
#define OID_ECDSA_SHA1 OID_ANSI_X9_62_SIG "\x01" #define MBEDTLS_OID_ECDSA_SHA1 MBEDTLS_OID_ANSI_X9_62_SIG "\x01"
/* ecdsa-with-SHA224 OBJECT IDENTIFIER ::= { /* ecdsa-with-SHA224 OBJECT IDENTIFIER ::= {
* iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4) * iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4)
* ecdsa-with-SHA2(3) 1 } */ * ecdsa-with-SHA2(3) 1 } */
#define OID_ECDSA_SHA224 OID_ANSI_X9_62_SIG_SHA2 "\x01" #define MBEDTLS_OID_ECDSA_SHA224 MBEDTLS_OID_ANSI_X9_62_SIG_SHA2 "\x01"
/* ecdsa-with-SHA256 OBJECT IDENTIFIER ::= { /* ecdsa-with-SHA256 OBJECT IDENTIFIER ::= {
* iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4) * iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4)
* ecdsa-with-SHA2(3) 2 } */ * ecdsa-with-SHA2(3) 2 } */
#define OID_ECDSA_SHA256 OID_ANSI_X9_62_SIG_SHA2 "\x02" #define MBEDTLS_OID_ECDSA_SHA256 MBEDTLS_OID_ANSI_X9_62_SIG_SHA2 "\x02"
/* ecdsa-with-SHA384 OBJECT IDENTIFIER ::= { /* ecdsa-with-SHA384 OBJECT IDENTIFIER ::= {
* iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4) * iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4)
* ecdsa-with-SHA2(3) 3 } */ * ecdsa-with-SHA2(3) 3 } */
#define OID_ECDSA_SHA384 OID_ANSI_X9_62_SIG_SHA2 "\x03" #define MBEDTLS_OID_ECDSA_SHA384 MBEDTLS_OID_ANSI_X9_62_SIG_SHA2 "\x03"
/* ecdsa-with-SHA512 OBJECT IDENTIFIER ::= { /* ecdsa-with-SHA512 OBJECT IDENTIFIER ::= {
* iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4) * iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4)
* ecdsa-with-SHA2(3) 4 } */ * ecdsa-with-SHA2(3) 4 } */
#define OID_ECDSA_SHA512 OID_ANSI_X9_62_SIG_SHA2 "\x04" #define MBEDTLS_OID_ECDSA_SHA512 MBEDTLS_OID_ANSI_X9_62_SIG_SHA2 "\x04"
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
@ -385,7 +385,7 @@ typedef struct {
size_t asn1_len; /*!< length of asn1 */ size_t asn1_len; /*!< length of asn1 */
const char *name; /*!< official name (e.g. from RFC) */ const char *name; /*!< official name (e.g. from RFC) */
const char *description; /*!< human friendly description */ const char *description; /*!< human friendly description */
} oid_descriptor_t; } mbedtls_oid_descriptor_t;
/** /**
* \brief Translate an ASN.1 OID into its numeric representation * \brief Translate an ASN.1 OID into its numeric representation
@ -396,20 +396,20 @@ typedef struct {
* \param oid OID to translate * \param oid OID to translate
* *
* \return Length of the string written (excluding final NULL) or * \return Length of the string written (excluding final NULL) or
* POLARSSL_ERR_OID_BUF_TOO_SMALL in case of error * MBEDTLS_ERR_OID_BUF_TOO_SMALL in case of error
*/ */
int oid_get_numeric_string( char *buf, size_t size, const asn1_buf *oid ); int mbedtls_oid_get_numeric_string( char *buf, size_t size, const mbedtls_asn1_buf *oid );
#if defined(POLARSSL_X509_USE_C) || defined(POLARSSL_X509_CREATE_C) #if defined(MBEDTLS_X509_USE_C) || defined(MBEDTLS_X509_CREATE_C)
/** /**
* \brief Translate an X.509 extension OID into local values * \brief Translate an X.509 extension OID into local values
* *
* \param oid OID to use * \param oid OID to use
* \param ext_type place to store the extension type * \param ext_type place to store the extension type
* *
* \return 0 if successful, or POLARSSL_ERR_OID_NOT_FOUND * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/ */
int oid_get_x509_ext_type( const asn1_buf *oid, int *ext_type ); int mbedtls_oid_get_x509_ext_type( const mbedtls_asn1_buf *oid, int *ext_type );
#endif #endif
/** /**
@ -419,9 +419,9 @@ int oid_get_x509_ext_type( const asn1_buf *oid, int *ext_type );
* \param oid OID to use * \param oid OID to use
* \param short_name place to store the string pointer * \param short_name place to store the string pointer
* *
* \return 0 if successful, or POLARSSL_ERR_OID_NOT_FOUND * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/ */
int oid_get_attr_short_name( const asn1_buf *oid, const char **short_name ); int mbedtls_oid_get_attr_short_name( const mbedtls_asn1_buf *oid, const char **short_name );
/** /**
* \brief Translate PublicKeyAlgorithm OID into pk_type * \brief Translate PublicKeyAlgorithm OID into pk_type
@ -429,9 +429,9 @@ int oid_get_attr_short_name( const asn1_buf *oid, const char **short_name );
* \param oid OID to use * \param oid OID to use
* \param pk_alg place to store public key algorithm * \param pk_alg place to store public key algorithm
* *
* \return 0 if successful, or POLARSSL_ERR_OID_NOT_FOUND * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/ */
int oid_get_pk_alg( const asn1_buf *oid, pk_type_t *pk_alg ); int mbedtls_oid_get_pk_alg( const mbedtls_asn1_buf *oid, mbedtls_pk_type_t *pk_alg );
/** /**
* \brief Translate pk_type into PublicKeyAlgorithm OID * \brief Translate pk_type into PublicKeyAlgorithm OID
@ -440,21 +440,21 @@ int oid_get_pk_alg( const asn1_buf *oid, pk_type_t *pk_alg );
* \param oid place to store ASN.1 OID string pointer * \param oid place to store ASN.1 OID string pointer
* \param olen length of the OID * \param olen length of the OID
* *
* \return 0 if successful, or POLARSSL_ERR_OID_NOT_FOUND * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/ */
int oid_get_oid_by_pk_alg( pk_type_t pk_alg, int mbedtls_oid_get_oid_by_pk_alg( mbedtls_pk_type_t pk_alg,
const char **oid, size_t *olen ); const char **oid, size_t *olen );
#if defined(POLARSSL_ECP_C) #if defined(MBEDTLS_ECP_C)
/** /**
* \brief Translate NamedCurve OID into an EC group identifier * \brief Translate NamedCurve OID into an EC group identifier
* *
* \param oid OID to use * \param oid OID to use
* \param grp_id place to store group id * \param grp_id place to store group id
* *
* \return 0 if successful, or POLARSSL_ERR_OID_NOT_FOUND * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/ */
int oid_get_ec_grp( const asn1_buf *oid, ecp_group_id *grp_id ); int mbedtls_oid_get_ec_grp( const mbedtls_asn1_buf *oid, mbedtls_ecp_group_id *grp_id );
/** /**
* \brief Translate EC group identifier into NamedCurve OID * \brief Translate EC group identifier into NamedCurve OID
@ -463,13 +463,13 @@ int oid_get_ec_grp( const asn1_buf *oid, ecp_group_id *grp_id );
* \param oid place to store ASN.1 OID string pointer * \param oid place to store ASN.1 OID string pointer
* \param olen length of the OID * \param olen length of the OID
* *
* \return 0 if successful, or POLARSSL_ERR_OID_NOT_FOUND * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/ */
int oid_get_oid_by_ec_grp( ecp_group_id grp_id, int mbedtls_oid_get_oid_by_ec_grp( mbedtls_ecp_group_id grp_id,
const char **oid, size_t *olen ); const char **oid, size_t *olen );
#endif /* POLARSSL_ECP_C */ #endif /* MBEDTLS_ECP_C */
#if defined(POLARSSL_MD_C) #if defined(MBEDTLS_MD_C)
/** /**
* \brief Translate SignatureAlgorithm OID into md_type and pk_type * \brief Translate SignatureAlgorithm OID into md_type and pk_type
* *
@ -477,10 +477,10 @@ int oid_get_oid_by_ec_grp( ecp_group_id grp_id,
* \param md_alg place to store message digest algorithm * \param md_alg place to store message digest algorithm
* \param pk_alg place to store public key algorithm * \param pk_alg place to store public key algorithm
* *
* \return 0 if successful, or POLARSSL_ERR_OID_NOT_FOUND * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/ */
int oid_get_sig_alg( const asn1_buf *oid, int mbedtls_oid_get_sig_alg( const mbedtls_asn1_buf *oid,
md_type_t *md_alg, pk_type_t *pk_alg ); mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg );
/** /**
* \brief Translate SignatureAlgorithm OID into description * \brief Translate SignatureAlgorithm OID into description
@ -488,9 +488,9 @@ int oid_get_sig_alg( const asn1_buf *oid,
* \param oid OID to use * \param oid OID to use
* \param desc place to store string pointer * \param desc place to store string pointer
* *
* \return 0 if successful, or POLARSSL_ERR_OID_NOT_FOUND * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/ */
int oid_get_sig_alg_desc( const asn1_buf *oid, const char **desc ); int mbedtls_oid_get_sig_alg_desc( const mbedtls_asn1_buf *oid, const char **desc );
/** /**
* \brief Translate md_type and pk_type into SignatureAlgorithm OID * \brief Translate md_type and pk_type into SignatureAlgorithm OID
@ -500,9 +500,9 @@ int oid_get_sig_alg_desc( const asn1_buf *oid, const char **desc );
* \param oid place to store ASN.1 OID string pointer * \param oid place to store ASN.1 OID string pointer
* \param olen length of the OID * \param olen length of the OID
* *
* \return 0 if successful, or POLARSSL_ERR_OID_NOT_FOUND * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/ */
int oid_get_oid_by_sig_alg( pk_type_t pk_alg, md_type_t md_alg, int mbedtls_oid_get_oid_by_sig_alg( mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg,
const char **oid, size_t *olen ); const char **oid, size_t *olen );
/** /**
@ -511,10 +511,10 @@ int oid_get_oid_by_sig_alg( pk_type_t pk_alg, md_type_t md_alg,
* \param oid OID to use * \param oid OID to use
* \param md_alg place to store message digest algorithm * \param md_alg place to store message digest algorithm
* *
* \return 0 if successful, or POLARSSL_ERR_OID_NOT_FOUND * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/ */
int oid_get_md_alg( const asn1_buf *oid, md_type_t *md_alg ); int mbedtls_oid_get_md_alg( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_alg );
#endif /* POLARSSL_MD_C */ #endif /* MBEDTLS_MD_C */
/** /**
* \brief Translate Extended Key Usage OID into description * \brief Translate Extended Key Usage OID into description
@ -522,9 +522,9 @@ int oid_get_md_alg( const asn1_buf *oid, md_type_t *md_alg );
* \param oid OID to use * \param oid OID to use
* \param desc place to store string pointer * \param desc place to store string pointer
* *
* \return 0 if successful, or POLARSSL_ERR_OID_NOT_FOUND * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/ */
int oid_get_extended_key_usage( const asn1_buf *oid, const char **desc ); int mbedtls_oid_get_extended_key_usage( const mbedtls_asn1_buf *oid, const char **desc );
/** /**
* \brief Translate md_type into hash algorithm OID * \brief Translate md_type into hash algorithm OID
@ -533,23 +533,23 @@ int oid_get_extended_key_usage( const asn1_buf *oid, const char **desc );
* \param oid place to store ASN.1 OID string pointer * \param oid place to store ASN.1 OID string pointer
* \param olen length of the OID * \param olen length of the OID
* *
* \return 0 if successful, or POLARSSL_ERR_OID_NOT_FOUND * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/ */
int oid_get_oid_by_md( md_type_t md_alg, const char **oid, size_t *olen ); int mbedtls_oid_get_oid_by_md( mbedtls_md_type_t md_alg, const char **oid, size_t *olen );
#if defined(POLARSSL_CIPHER_C) #if defined(MBEDTLS_CIPHER_C)
/** /**
* \brief Translate encryption algorithm OID into cipher_type * \brief Translate encryption algorithm OID into cipher_type
* *
* \param oid OID to use * \param oid OID to use
* \param cipher_alg place to store cipher algorithm * \param cipher_alg place to store cipher algorithm
* *
* \return 0 if successful, or POLARSSL_ERR_OID_NOT_FOUND * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/ */
int oid_get_cipher_alg( const asn1_buf *oid, cipher_type_t *cipher_alg ); int mbedtls_oid_get_cipher_alg( const mbedtls_asn1_buf *oid, mbedtls_cipher_type_t *cipher_alg );
#endif /* POLARSSL_CIPHER_C */ #endif /* MBEDTLS_CIPHER_C */
#if defined(POLARSSL_PKCS12_C) #if defined(MBEDTLS_PKCS12_C)
/** /**
* \brief Translate PKCS#12 PBE algorithm OID into md_type and * \brief Translate PKCS#12 PBE algorithm OID into md_type and
* cipher_type * cipher_type
@ -558,11 +558,11 @@ int oid_get_cipher_alg( const asn1_buf *oid, cipher_type_t *cipher_alg );
* \param md_alg place to store message digest algorithm * \param md_alg place to store message digest algorithm
* \param cipher_alg place to store cipher algorithm * \param cipher_alg place to store cipher algorithm
* *
* \return 0 if successful, or POLARSSL_ERR_OID_NOT_FOUND * \return 0 if successful, or MBEDTLS_ERR_OID_NOT_FOUND
*/ */
int oid_get_pkcs12_pbe_alg( const asn1_buf *oid, md_type_t *md_alg, int mbedtls_oid_get_pkcs12_pbe_alg( const mbedtls_asn1_buf *oid, mbedtls_md_type_t *md_alg,
cipher_type_t *cipher_alg ); mbedtls_cipher_type_t *cipher_alg );
#endif /* POLARSSL_PKCS12_C */ #endif /* MBEDTLS_PKCS12_C */
#ifdef __cplusplus #ifdef __cplusplus
} }

32
include/mbedtls/padlock.h
View File

@ -22,17 +22,17 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_PADLOCK_H #ifndef MBEDTLS_PADLOCK_H
#define POLARSSL_PADLOCK_H #define MBEDTLS_PADLOCK_H
#include "aes.h" #include "aes.h"
#define POLARSSL_ERR_PADLOCK_DATA_MISALIGNED -0x0030 /**< Input data should be aligned. */ #define MBEDTLS_ERR_PADLOCK_DATA_MISALIGNED -0x0030 /**< Input data should be aligned. */
#if defined(POLARSSL_HAVE_ASM) && defined(__GNUC__) && defined(__i386__) #if defined(MBEDTLS_HAVE_ASM) && defined(__GNUC__) && defined(__i386__)
#ifndef POLARSSL_HAVE_X86 #ifndef MBEDTLS_HAVE_X86
#define POLARSSL_HAVE_X86 #define MBEDTLS_HAVE_X86
#endif #endif
#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32) #if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32)
@ -42,12 +42,12 @@ typedef INT32 int32_t;
#include <inttypes.h> #include <inttypes.h>
#endif #endif
#define PADLOCK_RNG 0x000C #define MBEDTLS_PADLOCK_RNG 0x000C
#define PADLOCK_ACE 0x00C0 #define MBEDTLS_PADLOCK_ACE 0x00C0
#define PADLOCK_PHE 0x0C00 #define MBEDTLS_PADLOCK_PHE 0x0C00
#define PADLOCK_PMM 0x3000 #define MBEDTLS_PADLOCK_PMM 0x3000
#define PADLOCK_ALIGN16(x) (uint32_t *) (16 + ((int32_t) x & ~15)) #define MBEDTLS_PADLOCK_ALIGN16(x) (uint32_t *) (16 + ((int32_t) x & ~15))
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
@ -60,19 +60,19 @@ extern "C" {
* *
* \return 1 if CPU has support for the feature, 0 otherwise * \return 1 if CPU has support for the feature, 0 otherwise
*/ */
int padlock_supports( int feature ); int mbedtls_padlock_supports( int feature );
/** /**
* \brief PadLock AES-ECB block en(de)cryption * \brief PadLock AES-ECB block en(de)cryption
* *
* \param ctx AES context * \param ctx AES context
* \param mode AES_ENCRYPT or AES_DECRYPT * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT
* \param input 16-byte input block * \param input 16-byte input block
* \param output 16-byte output block * \param output 16-byte output block
* *
* \return 0 if success, 1 if operation failed * \return 0 if success, 1 if operation failed
*/ */
int padlock_xcryptecb( aes_context *ctx, int mbedtls_padlock_xcryptecb( mbedtls_aes_context *ctx,
int mode, int mode,
const unsigned char input[16], const unsigned char input[16],
unsigned char output[16] ); unsigned char output[16] );
@ -81,7 +81,7 @@ int padlock_xcryptecb( aes_context *ctx,
* \brief PadLock AES-CBC buffer en(de)cryption * \brief PadLock AES-CBC buffer en(de)cryption
* *
* \param ctx AES context * \param ctx AES context
* \param mode AES_ENCRYPT or AES_DECRYPT * \param mode MBEDTLS_AES_ENCRYPT or MBEDTLS_AES_DECRYPT
* \param length length of the input data * \param length length of the input data
* \param iv initialization vector (updated after use) * \param iv initialization vector (updated after use)
* \param input buffer holding the input data * \param input buffer holding the input data
@ -89,7 +89,7 @@ int padlock_xcryptecb( aes_context *ctx,
* *
* \return 0 if success, 1 if operation failed * \return 0 if success, 1 if operation failed
*/ */
int padlock_xcryptcbc( aes_context *ctx, int mbedtls_padlock_xcryptcbc( mbedtls_aes_context *ctx,
int mode, int mode,
size_t length, size_t length,
unsigned char iv[16], unsigned char iv[16],

46
include/mbedtls/pem.h
View File

@ -21,8 +21,8 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_PEM_H #ifndef MBEDTLS_PEM_H
#define POLARSSL_PEM_H #define MBEDTLS_PEM_H
#include <stddef.h> #include <stddef.h>
@ -32,22 +32,22 @@
* PEM data. * PEM data.
* \{ * \{
*/ */
#define POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT -0x1080 /**< No PEM header or footer found. */ #define MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT -0x1080 /**< No PEM header or footer found. */
#define POLARSSL_ERR_PEM_INVALID_DATA -0x1100 /**< PEM string is not as expected. */ #define MBEDTLS_ERR_PEM_INVALID_DATA -0x1100 /**< PEM string is not as expected. */
#define POLARSSL_ERR_PEM_MALLOC_FAILED -0x1180 /**< Failed to allocate memory. */ #define MBEDTLS_ERR_PEM_MALLOC_FAILED -0x1180 /**< Failed to allocate memory. */
#define POLARSSL_ERR_PEM_INVALID_ENC_IV -0x1200 /**< RSA IV is not in hex-format. */ #define MBEDTLS_ERR_PEM_INVALID_ENC_IV -0x1200 /**< RSA IV is not in hex-format. */
#define POLARSSL_ERR_PEM_UNKNOWN_ENC_ALG -0x1280 /**< Unsupported key encryption algorithm. */ #define MBEDTLS_ERR_PEM_UNKNOWN_ENC_ALG -0x1280 /**< Unsupported key encryption algorithm. */
#define POLARSSL_ERR_PEM_PASSWORD_REQUIRED -0x1300 /**< Private key password can't be empty. */ #define MBEDTLS_ERR_PEM_PASSWORD_REQUIRED -0x1300 /**< Private key password can't be empty. */
#define POLARSSL_ERR_PEM_PASSWORD_MISMATCH -0x1380 /**< Given private key password does not allow for correct decryption. */ #define MBEDTLS_ERR_PEM_PASSWORD_MISMATCH -0x1380 /**< Given private key password does not allow for correct decryption. */
#define POLARSSL_ERR_PEM_FEATURE_UNAVAILABLE -0x1400 /**< Unavailable feature, e.g. hashing/encryption combination. */ #define MBEDTLS_ERR_PEM_FEATURE_UNAVAILABLE -0x1400 /**< Unavailable feature, e.g. hashing/encryption combination. */
#define POLARSSL_ERR_PEM_BAD_INPUT_DATA -0x1480 /**< Bad input parameters to function. */ #define MBEDTLS_ERR_PEM_BAD_INPUT_DATA -0x1480 /**< Bad input parameters to function. */
/* \} name */ /* \} name */
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
#endif #endif
#if defined(POLARSSL_PEM_PARSE_C) #if defined(MBEDTLS_PEM_PARSE_C)
/** /**
* \brief PEM context structure * \brief PEM context structure
*/ */
@ -57,14 +57,14 @@ typedef struct
size_t buflen; /*!< length of the buffer */ size_t buflen; /*!< length of the buffer */
unsigned char *info; /*!< buffer for extra header information */ unsigned char *info; /*!< buffer for extra header information */
} }
pem_context; mbedtls_pem_context;
/** /**
* \brief PEM context setup * \brief PEM context setup
* *
* \param ctx context to be initialized * \param ctx context to be initialized
*/ */
void pem_init( pem_context *ctx ); void mbedtls_pem_init( mbedtls_pem_context *ctx );
/** /**
* \brief Read a buffer for PEM information and store the resulting * \brief Read a buffer for PEM information and store the resulting
@ -78,8 +78,8 @@ void pem_init( pem_context *ctx );
* \param pwdlen length of password * \param pwdlen length of password
* \param use_len destination for total length used (set after header is * \param use_len destination for total length used (set after header is
* correctly read, so unless you get * correctly read, so unless you get
* POLARSSL_ERR_PEM_BAD_INPUT_DATA or * MBEDTLS_ERR_PEM_BAD_INPUT_DATA or
* POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT, use_len is * MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT, use_len is
* the length to skip) * the length to skip)
* *
* \note Attempts to check password correctness by verifying if * \note Attempts to check password correctness by verifying if
@ -88,7 +88,7 @@ void pem_init( pem_context *ctx );
* *
* \return 0 on success, or a specific PEM error code * \return 0 on success, or a specific PEM error code
*/ */
int pem_read_buffer( pem_context *ctx, const char *header, const char *footer, int mbedtls_pem_read_buffer( mbedtls_pem_context *ctx, const char *header, const char *footer,
const unsigned char *data, const unsigned char *data,
const unsigned char *pwd, const unsigned char *pwd,
size_t pwdlen, size_t *use_len ); size_t pwdlen, size_t *use_len );
@ -98,10 +98,10 @@ int pem_read_buffer( pem_context *ctx, const char *header, const char *footer,
* *
* \param ctx context to be freed * \param ctx context to be freed
*/ */
void pem_free( pem_context *ctx ); void mbedtls_pem_free( mbedtls_pem_context *ctx );
#endif /* POLARSSL_PEM_PARSE_C */ #endif /* MBEDTLS_PEM_PARSE_C */
#if defined(POLARSSL_PEM_WRITE_C) #if defined(MBEDTLS_PEM_WRITE_C)
/** /**
* \brief Write a buffer of PEM information from a DER encoded * \brief Write a buffer of PEM information from a DER encoded
* buffer. * buffer.
@ -115,13 +115,13 @@ void pem_free( pem_context *ctx );
* \param olen total length written / required (if buf_len is not enough) * \param olen total length written / required (if buf_len is not enough)
* *
* \return 0 on success, or a specific PEM or BASE64 error code. On * \return 0 on success, or a specific PEM or BASE64 error code. On
* POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL olen is the required * MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL olen is the required
* size. * size.
*/ */
int pem_write_buffer( const char *header, const char *footer, int mbedtls_pem_write_buffer( const char *header, const char *footer,
const unsigned char *der_data, size_t der_len, const unsigned char *der_data, size_t der_len,
unsigned char *buf, size_t buf_len, size_t *olen ); unsigned char *buf, size_t buf_len, size_t *olen );
#endif /* POLARSSL_PEM_WRITE_C */ #endif /* MBEDTLS_PEM_WRITE_C */
#ifdef __cplusplus #ifdef __cplusplus
} }

266
include/mbedtls/pk.h
View File

@ -22,64 +22,64 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_PK_H #ifndef MBEDTLS_PK_H
#define POLARSSL_PK_H #define MBEDTLS_PK_H
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h" #include "config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#include "md.h" #include "md.h"
#if defined(POLARSSL_RSA_C) #if defined(MBEDTLS_RSA_C)
#include "rsa.h" #include "rsa.h"
#endif #endif
#if defined(POLARSSL_ECP_C) #if defined(MBEDTLS_ECP_C)
#include "ecp.h" #include "ecp.h"
#endif #endif
#if defined(POLARSSL_ECDSA_C) #if defined(MBEDTLS_ECDSA_C)
#include "ecdsa.h" #include "ecdsa.h"
#endif #endif
#define POLARSSL_ERR_PK_MALLOC_FAILED -0x2F80 /**< Memory alloation failed. */ #define MBEDTLS_ERR_PK_MALLOC_FAILED -0x2F80 /**< Memory alloation failed. */
#define POLARSSL_ERR_PK_TYPE_MISMATCH -0x2F00 /**< Type mismatch, eg attempt to encrypt with an ECDSA key */ #define MBEDTLS_ERR_PK_TYPE_MISMATCH -0x2F00 /**< Type mismatch, eg attempt to encrypt with an ECDSA key */
#define POLARSSL_ERR_PK_BAD_INPUT_DATA -0x2E80 /**< Bad input parameters to function. */ #define MBEDTLS_ERR_PK_BAD_INPUT_DATA -0x2E80 /**< Bad input parameters to function. */
#define POLARSSL_ERR_PK_FILE_IO_ERROR -0x2E00 /**< Read/write of file failed. */ #define MBEDTLS_ERR_PK_FILE_IO_ERROR -0x2E00 /**< Read/write of file failed. */
#define POLARSSL_ERR_PK_KEY_INVALID_VERSION -0x2D80 /**< Unsupported key version */ #define MBEDTLS_ERR_PK_KEY_INVALID_VERSION -0x2D80 /**< Unsupported key version */
#define POLARSSL_ERR_PK_KEY_INVALID_FORMAT -0x2D00 /**< Invalid key tag or value. */ #define MBEDTLS_ERR_PK_KEY_INVALID_FORMAT -0x2D00 /**< Invalid key tag or value. */
#define POLARSSL_ERR_PK_UNKNOWN_PK_ALG -0x2C80 /**< Key algorithm is unsupported (only RSA and EC are supported). */ #define MBEDTLS_ERR_PK_UNKNOWN_PK_ALG -0x2C80 /**< Key algorithm is unsupported (only RSA and EC are supported). */
#define POLARSSL_ERR_PK_PASSWORD_REQUIRED -0x2C00 /**< Private key password can't be empty. */ #define MBEDTLS_ERR_PK_PASSWORD_REQUIRED -0x2C00 /**< Private key password can't be empty. */
#define POLARSSL_ERR_PK_PASSWORD_MISMATCH -0x2B80 /**< Given private key password does not allow for correct decryption. */ #define MBEDTLS_ERR_PK_PASSWORD_MISMATCH -0x2B80 /**< Given private key password does not allow for correct decryption. */
#define POLARSSL_ERR_PK_INVALID_PUBKEY -0x2B00 /**< The pubkey tag or value is invalid (only RSA and EC are supported). */ #define MBEDTLS_ERR_PK_INVALID_PUBKEY -0x2B00 /**< The pubkey tag or value is invalid (only RSA and EC are supported). */
#define POLARSSL_ERR_PK_INVALID_ALG -0x2A80 /**< The algorithm tag or value is invalid. */ #define MBEDTLS_ERR_PK_INVALID_ALG -0x2A80 /**< The algorithm tag or value is invalid. */
#define POLARSSL_ERR_PK_UNKNOWN_NAMED_CURVE -0x2A00 /**< Elliptic curve is unsupported (only NIST curves are supported). */ #define MBEDTLS_ERR_PK_UNKNOWN_NAMED_CURVE -0x2A00 /**< Elliptic curve is unsupported (only NIST curves are supported). */
#define POLARSSL_ERR_PK_FEATURE_UNAVAILABLE -0x2980 /**< Unavailable feature, e.g. RSA disabled for RSA key. */ #define MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE -0x2980 /**< Unavailable feature, e.g. RSA disabled for RSA key. */
#define POLARSSL_ERR_PK_SIG_LEN_MISMATCH -0x2000 /**< The signature is valid but its length is less than expected. */ #define MBEDTLS_ERR_PK_SIG_LEN_MISMATCH -0x2000 /**< The signature is valid but its length is less than expected. */
#if defined(POLARSSL_RSA_C) #if defined(MBEDTLS_RSA_C)
/** /**
* Quick access to an RSA context inside a PK context. * Quick access to an RSA context inside a PK context.
* *
* \warning You must make sure the PK context actually holds an RSA context * \warning You must make sure the PK context actually holds an RSA context
* before using this macro! * before using this macro!
*/ */
#define pk_rsa( pk ) ( (rsa_context *) (pk).pk_ctx ) #define mbedtls_pk_rsa( pk ) ( (mbedtls_rsa_context *) (pk).pk_ctx )
#endif /* POLARSSL_RSA_C */ #endif /* MBEDTLS_RSA_C */
#if defined(POLARSSL_ECP_C) #if defined(MBEDTLS_ECP_C)
/** /**
* Quick access to an EC context inside a PK context. * Quick access to an EC context inside a PK context.
* *
* \warning You must make sure the PK context actually holds an EC context * \warning You must make sure the PK context actually holds an EC context
* before using this macro! * before using this macro!
*/ */
#define pk_ec( pk ) ( (ecp_keypair *) (pk).pk_ctx ) #define mbedtls_pk_ec( pk ) ( (mbedtls_ecp_keypair *) (pk).pk_ctx )
#endif /* POLARSSL_ECP_C */ #endif /* MBEDTLS_ECP_C */
#ifdef __cplusplus #ifdef __cplusplus
@ -90,76 +90,76 @@ extern "C" {
* \brief Public key types * \brief Public key types
*/ */
typedef enum { typedef enum {
POLARSSL_PK_NONE=0, MBEDTLS_PK_NONE=0,
POLARSSL_PK_RSA, MBEDTLS_PK_RSA,
POLARSSL_PK_ECKEY, MBEDTLS_PK_ECKEY,
POLARSSL_PK_ECKEY_DH, MBEDTLS_PK_ECKEY_DH,
POLARSSL_PK_ECDSA, MBEDTLS_PK_ECDSA,
POLARSSL_PK_RSA_ALT, MBEDTLS_PK_RSA_ALT,
POLARSSL_PK_RSASSA_PSS, MBEDTLS_PK_RSASSA_PSS,
} pk_type_t; } mbedtls_pk_type_t;
/** /**
* \brief Options for RSASSA-PSS signature verification. * \brief Options for RSASSA-PSS signature verification.
* See \c rsa_rsassa_pss_verify_ext() * See \c mbedtls_rsa_rsassa_pss_verify_ext()
*/ */
typedef struct typedef struct
{ {
md_type_t mgf1_hash_id; mbedtls_md_type_t mgf1_hash_id;
int expected_salt_len; int expected_salt_len;
} pk_rsassa_pss_options; } mbedtls_pk_rsassa_pss_options;
/** /**
* \brief Types for interfacing with the debug module * \brief Types for interfacing with the debug module
*/ */
typedef enum typedef enum
{ {
POLARSSL_PK_DEBUG_NONE = 0, MBEDTLS_PK_DEBUG_NONE = 0,
POLARSSL_PK_DEBUG_MPI, MBEDTLS_PK_DEBUG_MPI,
POLARSSL_PK_DEBUG_ECP, MBEDTLS_PK_DEBUG_ECP,
} pk_debug_type; } mbedtls_pk_debug_type;
/** /**
* \brief Item to send to the debug module * \brief Item to send to the debug module
*/ */
typedef struct typedef struct
{ {
pk_debug_type type; mbedtls_pk_debug_type type;
const char *name; const char *name;
void *value; void *value;
} pk_debug_item; } mbedtls_pk_debug_item;
/** Maximum number of item send for debugging, plus 1 */ /** Maximum number of item send for debugging, plus 1 */
#define POLARSSL_PK_DEBUG_MAX_ITEMS 3 #define MBEDTLS_PK_DEBUG_MAX_ITEMS 3
/** /**
* \brief Public key information and operations * \brief Public key information and operations
*/ */
typedef struct _pk_info_t pk_info_t; typedef struct mbedtls_pk_info_t mbedtls_pk_info_t;
/** /**
* \brief Public key container * \brief Public key container
*/ */
typedef struct typedef struct
{ {
const pk_info_t * pk_info; /**< Public key informations */ const mbedtls_pk_info_t * pk_info; /**< Public key informations */
void * pk_ctx; /**< Underlying public key context */ void * pk_ctx; /**< Underlying public key context */
} pk_context; } mbedtls_pk_context;
#if defined(POLARSSL_PK_RSA_ALT_SUPPORT) #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
/** /**
* \brief Types for RSA-alt abstraction * \brief Types for RSA-alt abstraction
*/ */
typedef int (*pk_rsa_alt_decrypt_func)( void *ctx, int mode, size_t *olen, typedef int (*mbedtls_pk_rsa_alt_decrypt_func)( void *ctx, int mode, size_t *olen,
const unsigned char *input, unsigned char *output, const unsigned char *input, unsigned char *output,
size_t output_max_len ); size_t output_max_len );
typedef int (*pk_rsa_alt_sign_func)( void *ctx, typedef int (*mbedtls_pk_rsa_alt_sign_func)( void *ctx,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
int mode, md_type_t md_alg, unsigned int hashlen, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen,
const unsigned char *hash, unsigned char *sig ); const unsigned char *hash, unsigned char *sig );
typedef size_t (*pk_rsa_alt_key_len_func)( void *ctx ); typedef size_t (*mbedtls_pk_rsa_alt_key_len_func)( void *ctx );
#endif /* POLARSSL_PK_RSA_ALT_SUPPORT */ #endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */
/** /**
* \brief Return information associated with the given PK type * \brief Return information associated with the given PK type
@ -168,17 +168,17 @@ typedef size_t (*pk_rsa_alt_key_len_func)( void *ctx );
* *
* \return The PK info associated with the type or NULL if not found. * \return The PK info associated with the type or NULL if not found.
*/ */
const pk_info_t *pk_info_from_type( pk_type_t pk_type ); const mbedtls_pk_info_t *mbedtls_pk_info_from_type( mbedtls_pk_type_t pk_type );
/** /**
* \brief Initialize a pk_context (as NONE) * \brief Initialize a mbedtls_pk_context (as NONE)
*/ */
void pk_init( pk_context *ctx ); void mbedtls_pk_init( mbedtls_pk_context *ctx );
/** /**
* \brief Free a pk_context * \brief Free a mbedtls_pk_context
*/ */
void pk_free( pk_context *ctx ); void mbedtls_pk_free( mbedtls_pk_context *ctx );
/** /**
* \brief Initialize a PK context with the information given * \brief Initialize a PK context with the information given
@ -188,15 +188,15 @@ void pk_free( pk_context *ctx );
* \param info Information to use * \param info Information to use
* *
* \return 0 on success, * \return 0 on success,
* POLARSSL_ERR_PK_BAD_INPUT_DATA on invalid input, * MBEDTLS_ERR_PK_BAD_INPUT_DATA on invalid input,
* POLARSSL_ERR_PK_MALLOC_FAILED on allocation failure. * MBEDTLS_ERR_PK_MALLOC_FAILED on allocation failure.
* *
* \note For contexts holding an RSA-alt key, use * \note For contexts holding an RSA-alt key, use
* \c pk_init_ctx_rsa_alt() instead. * \c mbedtls_pk_init_ctx_rsa_alt() instead.
*/ */
int pk_init_ctx( pk_context *ctx, const pk_info_t *info ); int mbedtls_pk_init_ctx( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info );
#if defined(POLARSSL_PK_RSA_ALT_SUPPORT) #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
/** /**
* \brief Initialize an RSA-alt context * \brief Initialize an RSA-alt context
* *
@ -206,16 +206,16 @@ int pk_init_ctx( pk_context *ctx, const pk_info_t *info );
* \param sign_func Signing function * \param sign_func Signing function
* \param key_len_func Function returning key length in bytes * \param key_len_func Function returning key length in bytes
* *
* \return 0 on success, or POLARSSL_ERR_PK_BAD_INPUT_DATA if the * \return 0 on success, or MBEDTLS_ERR_PK_BAD_INPUT_DATA if the
* context wasn't already initialized as RSA_ALT. * context wasn't already initialized as RSA_ALT.
* *
* \note This function replaces \c pk_init_ctx() for RSA-alt. * \note This function replaces \c mbedtls_pk_init_ctx() for RSA-alt.
*/ */
int pk_init_ctx_rsa_alt( pk_context *ctx, void * key, int mbedtls_pk_init_ctx_rsa_alt( mbedtls_pk_context *ctx, void * key,
pk_rsa_alt_decrypt_func decrypt_func, mbedtls_pk_rsa_alt_decrypt_func decrypt_func,
pk_rsa_alt_sign_func sign_func, mbedtls_pk_rsa_alt_sign_func sign_func,
pk_rsa_alt_key_len_func key_len_func ); mbedtls_pk_rsa_alt_key_len_func key_len_func );
#endif /* POLARSSL_PK_RSA_ALT_SUPPORT */ #endif /* MBEDTLS_PK_RSA_ALT_SUPPORT */
/** /**
* \brief Get the size in bits of the underlying key * \brief Get the size in bits of the underlying key
@ -224,7 +224,7 @@ int pk_init_ctx_rsa_alt( pk_context *ctx, void * key,
* *
* \return Key size in bits, or 0 on error * \return Key size in bits, or 0 on error
*/ */
size_t pk_get_size( const pk_context *ctx ); size_t mbedtls_pk_get_size( const mbedtls_pk_context *ctx );
/** /**
* \brief Get the length in bytes of the underlying key * \brief Get the length in bytes of the underlying key
@ -232,9 +232,9 @@ size_t pk_get_size( const pk_context *ctx );
* *
* \return Key length in bytes, or 0 on error * \return Key length in bytes, or 0 on error
*/ */
static inline size_t pk_get_len( const pk_context *ctx ) static inline size_t mbedtls_pk_get_len( const mbedtls_pk_context *ctx )
{ {
return( ( pk_get_size( ctx ) + 7 ) / 8 ); return( ( mbedtls_pk_get_size( ctx ) + 7 ) / 8 );
} }
/** /**
@ -246,7 +246,7 @@ static inline size_t pk_get_len( const pk_context *ctx )
* \return 0 if context can't do the operations, * \return 0 if context can't do the operations,
* 1 otherwise. * 1 otherwise.
*/ */
int pk_can_do( const pk_context *ctx, pk_type_t type ); int mbedtls_pk_can_do( const mbedtls_pk_context *ctx, mbedtls_pk_type_t type );
/** /**
* \brief Verify signature (including padding if relevant). * \brief Verify signature (including padding if relevant).
@ -259,20 +259,20 @@ int pk_can_do( const pk_context *ctx, pk_type_t type );
* \param sig_len Signature length * \param sig_len Signature length
* *
* \return 0 on success (signature is valid), * \return 0 on success (signature is valid),
* POLARSSL_ERR_PK_SIG_LEN_MISMATCH if the signature is * MBEDTLS_ERR_PK_SIG_LEN_MISMATCH if the signature is
* valid but its actual length is less than sig_len, * valid but its actual length is less than sig_len,
* or a specific error code. * or a specific error code.
* *
* \note For RSA keys, the default padding type is PKCS#1 v1.5. * \note For RSA keys, the default padding type is PKCS#1 v1.5.
* Use \c pk_verify_ext( POLARSSL_PK_RSASSA_PSS, ... ) * Use \c mbedtls_pk_verify_ext( MBEDTLS_PK_RSASSA_PSS, ... )
* to verify RSASSA_PSS signatures. * to verify RSASSA_PSS signatures.
* *
* \note If hash_len is 0, then the length associated with md_alg * \note If hash_len is 0, then the length associated with md_alg
* is used instead, or an error returned if it is invalid. * is used instead, or an error returned if it is invalid.
* *
* \note md_alg may be POLARSSL_MD_NONE, only if hash_len != 0 * \note md_alg may be MBEDTLS_MD_NONE, only if hash_len != 0
*/ */
int pk_verify( pk_context *ctx, md_type_t md_alg, int mbedtls_pk_verify( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
const unsigned char *hash, size_t hash_len, const unsigned char *hash, size_t hash_len,
const unsigned char *sig, size_t sig_len ); const unsigned char *sig, size_t sig_len );
@ -290,23 +290,23 @@ int pk_verify( pk_context *ctx, md_type_t md_alg,
* \param sig_len Signature length * \param sig_len Signature length
* *
* \return 0 on success (signature is valid), * \return 0 on success (signature is valid),
* POLARSSL_ERR_PK_TYPE_MISMATCH if the PK context can't be * MBEDTLS_ERR_PK_TYPE_MISMATCH if the PK context can't be
* used for this type of signatures, * used for this type of signatures,
* POLARSSL_ERR_PK_SIG_LEN_MISMATCH if the signature is * MBEDTLS_ERR_PK_SIG_LEN_MISMATCH if the signature is
* valid but its actual length is less than sig_len, * valid but its actual length is less than sig_len,
* or a specific error code. * or a specific error code.
* *
* \note If hash_len is 0, then the length associated with md_alg * \note If hash_len is 0, then the length associated with md_alg
* is used instead, or an error returned if it is invalid. * is used instead, or an error returned if it is invalid.
* *
* \note md_alg may be POLARSSL_MD_NONE, only if hash_len != 0 * \note md_alg may be MBEDTLS_MD_NONE, only if hash_len != 0
* *
* \note If type is POLARSSL_PK_RSASSA_PSS, then options must point * \note If type is MBEDTLS_PK_RSASSA_PSS, then options must point
* to a pk_rsassa_pss_options structure, * to a mbedtls_pk_rsassa_pss_options structure,
* otherwise it must be NULL. * otherwise it must be NULL.
*/ */
int pk_verify_ext( pk_type_t type, const void *options, int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options,
pk_context *ctx, md_type_t md_alg, mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
const unsigned char *hash, size_t hash_len, const unsigned char *hash, size_t hash_len,
const unsigned char *sig, size_t sig_len ); const unsigned char *sig, size_t sig_len );
@ -331,10 +331,10 @@ int pk_verify_ext( pk_type_t type, const void *options,
* \note If hash_len is 0, then the length associated with md_alg * \note If hash_len is 0, then the length associated with md_alg
* is used instead, or an error returned if it is invalid. * is used instead, or an error returned if it is invalid.
* *
* \note For RSA, md_alg may be POLARSSL_MD_NONE if hash_len != 0. * \note For RSA, md_alg may be MBEDTLS_MD_NONE if hash_len != 0.
* For ECDSA, md_alg may never be POLARSSL_MD_NONE. * For ECDSA, md_alg may never be MBEDTLS_MD_NONE.
*/ */
int pk_sign( pk_context *ctx, md_type_t md_alg, int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
const unsigned char *hash, size_t hash_len, const unsigned char *hash, size_t hash_len,
unsigned char *sig, size_t *sig_len, unsigned char *sig, size_t *sig_len,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
@ -355,7 +355,7 @@ int pk_sign( pk_context *ctx, md_type_t md_alg,
* *
* \return 0 on success, or a specific error code. * \return 0 on success, or a specific error code.
*/ */
int pk_decrypt( pk_context *ctx, int mbedtls_pk_decrypt( mbedtls_pk_context *ctx,
const unsigned char *input, size_t ilen, const unsigned char *input, size_t ilen,
unsigned char *output, size_t *olen, size_t osize, unsigned char *output, size_t *olen, size_t osize,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
@ -376,7 +376,7 @@ int pk_decrypt( pk_context *ctx,
* *
* \return 0 on success, or a specific error code. * \return 0 on success, or a specific error code.
*/ */
int pk_encrypt( pk_context *ctx, int mbedtls_pk_encrypt( mbedtls_pk_context *ctx,
const unsigned char *input, size_t ilen, const unsigned char *input, size_t ilen,
unsigned char *output, size_t *olen, size_t osize, unsigned char *output, size_t *olen, size_t osize,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ); int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
@ -387,9 +387,9 @@ int pk_encrypt( pk_context *ctx,
* \param pub Context holding a public key. * \param pub Context holding a public key.
* \param prv Context holding a private (and public) key. * \param prv Context holding a private (and public) key.
* *
* \return 0 on success or POLARSSL_ERR_PK_BAD_INPUT_DATA * \return 0 on success or MBEDTLS_ERR_PK_BAD_INPUT_DATA
*/ */
int pk_check_pair( const pk_context *pub, const pk_context *prv ); int mbedtls_pk_check_pair( const mbedtls_pk_context *pub, const mbedtls_pk_context *prv );
/** /**
* \brief Export debug information * \brief Export debug information
@ -397,9 +397,9 @@ int pk_check_pair( const pk_context *pub, const pk_context *prv );
* \param ctx Context to use * \param ctx Context to use
* \param items Place to write debug items * \param items Place to write debug items
* *
* \return 0 on success or POLARSSL_ERR_PK_BAD_INPUT_DATA * \return 0 on success or MBEDTLS_ERR_PK_BAD_INPUT_DATA
*/ */
int pk_debug( const pk_context *ctx, pk_debug_item *items ); int mbedtls_pk_debug( const mbedtls_pk_context *ctx, mbedtls_pk_debug_item *items );
/** /**
* \brief Access the type name * \brief Access the type name
@ -408,18 +408,18 @@ int pk_debug( const pk_context *ctx, pk_debug_item *items );
* *
* \return Type name on success, or "invalid PK" * \return Type name on success, or "invalid PK"
*/ */
const char * pk_get_name( const pk_context *ctx ); const char * mbedtls_pk_get_name( const mbedtls_pk_context *ctx );
/** /**
* \brief Get the key type * \brief Get the key type
* *
* \param ctx Context to use * \param ctx Context to use
* *
* \return Type on success, or POLARSSL_PK_NONE * \return Type on success, or MBEDTLS_PK_NONE
*/ */
pk_type_t pk_get_type( const pk_context *ctx ); mbedtls_pk_type_t mbedtls_pk_get_type( const mbedtls_pk_context *ctx );
#if defined(POLARSSL_PK_PARSE_C) #if defined(MBEDTLS_PK_PARSE_C)
/** \ingroup pk_module */ /** \ingroup pk_module */
/** /**
* \brief Parse a private key * \brief Parse a private key
@ -431,14 +431,14 @@ pk_type_t pk_get_type( const pk_context *ctx );
* \param pwdlen size of the password * \param pwdlen size of the password
* *
* \note On entry, ctx must be empty, either freshly initialised * \note On entry, ctx must be empty, either freshly initialised
* with pk_init() or reset with pk_free(). If you need a * with mbedtls_pk_init() or reset with mbedtls_pk_free(). If you need a
* specific key type, check the result with pk_can_do(). * specific key type, check the result with mbedtls_pk_can_do().
* *
* \note The key is also checked for correctness. * \note The key is also checked for correctness.
* *
* \return 0 if successful, or a specific PK or PEM error code * \return 0 if successful, or a specific PK or PEM error code
*/ */
int pk_parse_key( pk_context *ctx, int mbedtls_pk_parse_key( mbedtls_pk_context *ctx,
const unsigned char *key, size_t keylen, const unsigned char *key, size_t keylen,
const unsigned char *pwd, size_t pwdlen ); const unsigned char *pwd, size_t pwdlen );
@ -451,17 +451,17 @@ int pk_parse_key( pk_context *ctx,
* \param keylen size of the buffer * \param keylen size of the buffer
* *
* \note On entry, ctx must be empty, either freshly initialised * \note On entry, ctx must be empty, either freshly initialised
* with pk_init() or reset with pk_free(). If you need a * with mbedtls_pk_init() or reset with mbedtls_pk_free(). If you need a
* specific key type, check the result with pk_can_do(). * specific key type, check the result with mbedtls_pk_can_do().
* *
* \note The key is also checked for correctness. * \note The key is also checked for correctness.
* *
* \return 0 if successful, or a specific PK or PEM error code * \return 0 if successful, or a specific PK or PEM error code
*/ */
int pk_parse_public_key( pk_context *ctx, int mbedtls_pk_parse_public_key( mbedtls_pk_context *ctx,
const unsigned char *key, size_t keylen ); const unsigned char *key, size_t keylen );
#if defined(POLARSSL_FS_IO) #if defined(MBEDTLS_FS_IO)
/** \ingroup pk_module */ /** \ingroup pk_module */
/** /**
* \brief Load and parse a private key * \brief Load and parse a private key
@ -471,14 +471,14 @@ int pk_parse_public_key( pk_context *ctx,
* \param password password to decrypt the file (can be NULL) * \param password password to decrypt the file (can be NULL)
* *
* \note On entry, ctx must be empty, either freshly initialised * \note On entry, ctx must be empty, either freshly initialised
* with pk_init() or reset with pk_free(). If you need a * with mbedtls_pk_init() or reset with mbedtls_pk_free(). If you need a
* specific key type, check the result with pk_can_do(). * specific key type, check the result with mbedtls_pk_can_do().
* *
* \note The key is also checked for correctness. * \note The key is also checked for correctness.
* *
* \return 0 if successful, or a specific PK or PEM error code * \return 0 if successful, or a specific PK or PEM error code
*/ */
int pk_parse_keyfile( pk_context *ctx, int mbedtls_pk_parse_keyfile( mbedtls_pk_context *ctx,
const char *path, const char *password ); const char *path, const char *password );
/** \ingroup pk_module */ /** \ingroup pk_module */
@ -489,18 +489,18 @@ int pk_parse_keyfile( pk_context *ctx,
* \param path filename to read the private key from * \param path filename to read the private key from
* *
* \note On entry, ctx must be empty, either freshly initialised * \note On entry, ctx must be empty, either freshly initialised
* with pk_init() or reset with pk_free(). If you need a * with mbedtls_pk_init() or reset with mbedtls_pk_free(). If you need a
* specific key type, check the result with pk_can_do(). * specific key type, check the result with mbedtls_pk_can_do().
* *
* \note The key is also checked for correctness. * \note The key is also checked for correctness.
* *
* \return 0 if successful, or a specific PK or PEM error code * \return 0 if successful, or a specific PK or PEM error code
*/ */
int pk_parse_public_keyfile( pk_context *ctx, const char *path ); int mbedtls_pk_parse_public_keyfile( mbedtls_pk_context *ctx, const char *path );
#endif /* POLARSSL_FS_IO */ #endif /* MBEDTLS_FS_IO */
#endif /* POLARSSL_PK_PARSE_C */ #endif /* MBEDTLS_PK_PARSE_C */
#if defined(POLARSSL_PK_WRITE_C) #if defined(MBEDTLS_PK_WRITE_C)
/** /**
* \brief Write a private key to a PKCS#1 or SEC1 DER structure * \brief Write a private key to a PKCS#1 or SEC1 DER structure
* Note: data is written at the end of the buffer! Use the * Note: data is written at the end of the buffer! Use the
@ -514,7 +514,7 @@ int pk_parse_public_keyfile( pk_context *ctx, const char *path );
* \return length of data written if successful, or a specific * \return length of data written if successful, or a specific
* error code * error code
*/ */
int pk_write_key_der( pk_context *ctx, unsigned char *buf, size_t size ); int mbedtls_pk_write_key_der( mbedtls_pk_context *ctx, unsigned char *buf, size_t size );
/** /**
* \brief Write a public key to a SubjectPublicKeyInfo DER structure * \brief Write a public key to a SubjectPublicKeyInfo DER structure
@ -529,9 +529,9 @@ int pk_write_key_der( pk_context *ctx, unsigned char *buf, size_t size );
* \return length of data written if successful, or a specific * \return length of data written if successful, or a specific
* error code * error code
*/ */
int pk_write_pubkey_der( pk_context *ctx, unsigned char *buf, size_t size ); int mbedtls_pk_write_pubkey_der( mbedtls_pk_context *ctx, unsigned char *buf, size_t size );
#if defined(POLARSSL_PEM_WRITE_C) #if defined(MBEDTLS_PEM_WRITE_C)
/** /**
* \brief Write a public key to a PEM string * \brief Write a public key to a PEM string
* *
@ -541,7 +541,7 @@ int pk_write_pubkey_der( pk_context *ctx, unsigned char *buf, size_t size );
* *
* \return 0 successful, or a specific error code * \return 0 successful, or a specific error code
*/ */
int pk_write_pubkey_pem( pk_context *ctx, unsigned char *buf, size_t size ); int mbedtls_pk_write_pubkey_pem( mbedtls_pk_context *ctx, unsigned char *buf, size_t size );
/** /**
* \brief Write a private key to a PKCS#1 or SEC1 PEM string * \brief Write a private key to a PKCS#1 or SEC1 PEM string
@ -552,16 +552,16 @@ int pk_write_pubkey_pem( pk_context *ctx, unsigned char *buf, size_t size );
* *
* \return 0 successful, or a specific error code * \return 0 successful, or a specific error code
*/ */
int pk_write_key_pem( pk_context *ctx, unsigned char *buf, size_t size ); int mbedtls_pk_write_key_pem( mbedtls_pk_context *ctx, unsigned char *buf, size_t size );
#endif /* POLARSSL_PEM_WRITE_C */ #endif /* MBEDTLS_PEM_WRITE_C */
#endif /* POLARSSL_PK_WRITE_C */ #endif /* MBEDTLS_PK_WRITE_C */
/* /*
* WARNING: Low-level functions. You probably do not want to use these unless * WARNING: Low-level functions. You probably do not want to use these unless
* you are certain you do ;) * you are certain you do ;)
*/ */
#if defined(POLARSSL_PK_PARSE_C) #if defined(MBEDTLS_PK_PARSE_C)
/** /**
* \brief Parse a SubjectPublicKeyInfo DER structure * \brief Parse a SubjectPublicKeyInfo DER structure
* *
@ -571,11 +571,11 @@ int pk_write_key_pem( pk_context *ctx, unsigned char *buf, size_t size );
* *
* \return 0 if successful, or a specific PK error code * \return 0 if successful, or a specific PK error code
*/ */
int pk_parse_subpubkey( unsigned char **p, const unsigned char *end, int mbedtls_pk_parse_subpubkey( unsigned char **p, const unsigned char *end,
pk_context *pk ); mbedtls_pk_context *pk );
#endif /* POLARSSL_PK_PARSE_C */ #endif /* MBEDTLS_PK_PARSE_C */
#if defined(POLARSSL_PK_WRITE_C) #if defined(MBEDTLS_PK_WRITE_C)
/** /**
* \brief Write a subjectPublicKey to ASN.1 data * \brief Write a subjectPublicKey to ASN.1 data
* Note: function works backwards in data buffer * Note: function works backwards in data buffer
@ -586,20 +586,20 @@ int pk_parse_subpubkey( unsigned char **p, const unsigned char *end,
* *
* \return the length written or a negative error code * \return the length written or a negative error code
*/ */
int pk_write_pubkey( unsigned char **p, unsigned char *start, int mbedtls_pk_write_pubkey( unsigned char **p, unsigned char *start,
const pk_context *key ); const mbedtls_pk_context *key );
#endif /* POLARSSL_PK_WRITE_C */ #endif /* MBEDTLS_PK_WRITE_C */
/* /*
* Internal module functions. You probably do not want to use these unless you * Internal module functions. You probably do not want to use these unless you
* know you do. * know you do.
*/ */
#if defined(POLARSSL_FS_IO) #if defined(MBEDTLS_FS_IO)
int pk_load_file( const char *path, unsigned char **buf, size_t *n ); int mbedtls_pk_load_file( const char *path, unsigned char **buf, size_t *n );
#endif #endif
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#endif /* POLARSSL_PK_H */ #endif /* MBEDTLS_PK_H */

50
include/mbedtls/pk_wrap.h
View File

@ -22,21 +22,21 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_PK_WRAP_H #ifndef MBEDTLS_PK_WRAP_H
#define POLARSSL_PK_WRAP_H #define MBEDTLS_PK_WRAP_H
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h" #include "config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#include "pk.h" #include "pk.h"
struct _pk_info_t struct mbedtls_pk_info_t
{ {
/** Public key type */ /** Public key type */
pk_type_t type; mbedtls_pk_type_t type;
/** Type name */ /** Type name */
const char *name; const char *name;
@ -45,15 +45,15 @@ struct _pk_info_t
size_t (*get_size)( const void * ); size_t (*get_size)( const void * );
/** Tell if the context implements this type (e.g. ECKEY can do ECDSA) */ /** Tell if the context implements this type (e.g. ECKEY can do ECDSA) */
int (*can_do)( pk_type_t type ); int (*can_do)( mbedtls_pk_type_t type );
/** Verify signature */ /** Verify signature */
int (*verify_func)( void *ctx, md_type_t md_alg, int (*verify_func)( void *ctx, mbedtls_md_type_t md_alg,
const unsigned char *hash, size_t hash_len, const unsigned char *hash, size_t hash_len,
const unsigned char *sig, size_t sig_len ); const unsigned char *sig, size_t sig_len );
/** Make signature */ /** Make signature */
int (*sign_func)( void *ctx, md_type_t md_alg, int (*sign_func)( void *ctx, mbedtls_md_type_t md_alg,
const unsigned char *hash, size_t hash_len, const unsigned char *hash, size_t hash_len,
unsigned char *sig, size_t *sig_len, unsigned char *sig, size_t *sig_len,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
@ -81,35 +81,35 @@ struct _pk_info_t
void (*ctx_free_func)( void *ctx ); void (*ctx_free_func)( void *ctx );
/** Interface with the debug module */ /** Interface with the debug module */
void (*debug_func)( const void *ctx, pk_debug_item *items ); void (*debug_func)( const void *ctx, mbedtls_pk_debug_item *items );
}; };
#if defined(POLARSSL_PK_RSA_ALT_SUPPORT) #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
/* Container for RSA-alt */ /* Container for RSA-alt */
typedef struct typedef struct
{ {
void *key; void *key;
pk_rsa_alt_decrypt_func decrypt_func; mbedtls_pk_rsa_alt_decrypt_func decrypt_func;
pk_rsa_alt_sign_func sign_func; mbedtls_pk_rsa_alt_sign_func sign_func;
pk_rsa_alt_key_len_func key_len_func; mbedtls_pk_rsa_alt_key_len_func key_len_func;
} rsa_alt_context; } mbedtls_rsa_alt_context;
#endif #endif
#if defined(POLARSSL_RSA_C) #if defined(MBEDTLS_RSA_C)
extern const pk_info_t rsa_info; extern const mbedtls_pk_info_t mbedtls_rsa_info;
#endif #endif
#if defined(POLARSSL_ECP_C) #if defined(MBEDTLS_ECP_C)
extern const pk_info_t eckey_info; extern const mbedtls_pk_info_t mbedtls_eckey_info;
extern const pk_info_t eckeydh_info; extern const mbedtls_pk_info_t mbedtls_eckeydh_info;
#endif #endif
#if defined(POLARSSL_ECDSA_C) #if defined(MBEDTLS_ECDSA_C)
extern const pk_info_t ecdsa_info; extern const mbedtls_pk_info_t mbedtls_ecdsa_info;
#endif #endif
#if defined(POLARSSL_PK_RSA_ALT_SUPPORT) #if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
extern const pk_info_t rsa_alt_info; extern const mbedtls_pk_info_t mbedtls_rsa_alt_info;
#endif #endif
#endif /* POLARSSL_PK_WRAP_H */ #endif /* MBEDTLS_PK_WRAP_H */

58
include/mbedtls/pkcs11.h
View File

@ -23,16 +23,16 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_PKCS11_H #ifndef MBEDTLS_PKCS11_H
#define POLARSSL_PKCS11_H #define MBEDTLS_PKCS11_H
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h" #include "config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#if defined(POLARSSL_PKCS11_C) #if defined(MBEDTLS_PKCS11_C)
#include "x509_crt.h" #include "x509_crt.h"
@ -56,7 +56,7 @@ extern "C" {
typedef struct { typedef struct {
pkcs11h_certificate_t pkcs11h_cert; pkcs11h_certificate_t pkcs11h_cert;
int len; int len;
} pkcs11_context; } mbedtls_pkcs11_context;
/** /**
* Fill in a mbed TLS certificate, based on the given PKCS11 helper certificate. * Fill in a mbed TLS certificate, based on the given PKCS11 helper certificate.
@ -66,11 +66,11 @@ typedef struct {
* *
* \return 0 on success. * \return 0 on success.
*/ */
int pkcs11_x509_cert_init( x509_crt *cert, pkcs11h_certificate_t pkcs11h_cert ); int mbedtls_pkcs11_x509_cert_init( mbedtls_x509_crt *cert, pkcs11h_certificate_t pkcs11h_cert );
/** /**
* Initialise a pkcs11_context, storing the given certificate. Note that the * Initialise a mbedtls_pkcs11_context, storing the given certificate. Note that the
* pkcs11_context will take over control of the certificate, freeing it when * mbedtls_pkcs11_context will take over control of the certificate, freeing it when
* done. * done.
* *
* \param priv_key Private key structure to fill. * \param priv_key Private key structure to fill.
@ -78,7 +78,7 @@ int pkcs11_x509_cert_init( x509_crt *cert, pkcs11h_certificate_t pkcs11h_cert );
* *
* \return 0 on success * \return 0 on success
*/ */
int pkcs11_priv_key_init( pkcs11_context *priv_key, int mbedtls_pkcs11_priv_key_init( mbedtls_pkcs11_context *priv_key,
pkcs11h_certificate_t pkcs11_cert ); pkcs11h_certificate_t pkcs11_cert );
/** /**
@ -87,26 +87,26 @@ int pkcs11_priv_key_init( pkcs11_context *priv_key,
* *
* \param priv_key Private key structure to cleanup * \param priv_key Private key structure to cleanup
*/ */
void pkcs11_priv_key_free( pkcs11_context *priv_key ); void mbedtls_pkcs11_priv_key_free( mbedtls_pkcs11_context *priv_key );
/** /**
* \brief Do an RSA private key decrypt, then remove the message * \brief Do an RSA private key decrypt, then remove the message
* padding * padding
* *
* \param ctx PKCS #11 context * \param ctx PKCS #11 context
* \param mode must be RSA_PRIVATE, for compatibility with rsa.c's signature * \param mode must be MBEDTLS_RSA_PRIVATE, for compatibility with rsa.c's signature
* \param input buffer holding the encrypted data * \param input buffer holding the encrypted data
* \param output buffer that will hold the plaintext * \param output buffer that will hold the plaintext
* \param olen will contain the plaintext length * \param olen will contain the plaintext length
* \param output_max_len maximum length of the output buffer * \param output_max_len maximum length of the output buffer
* *
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code * \return 0 if successful, or an MBEDTLS_ERR_RSA_XXX error code
* *
* \note The output buffer must be as large as the size * \note The output buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used) otherwise * of ctx->N (eg. 128 bytes if RSA-1024 is used) otherwise
* an error is thrown. * an error is thrown.
*/ */
int pkcs11_decrypt( pkcs11_context *ctx, int mbedtls_pkcs11_decrypt( mbedtls_pkcs11_context *ctx,
int mode, size_t *olen, int mode, size_t *olen,
const unsigned char *input, const unsigned char *input,
unsigned char *output, unsigned char *output,
@ -116,21 +116,21 @@ int pkcs11_decrypt( pkcs11_context *ctx,
* \brief Do a private RSA to sign a message digest * \brief Do a private RSA to sign a message digest
* *
* \param ctx PKCS #11 context * \param ctx PKCS #11 context
* \param mode must be RSA_PRIVATE, for compatibility with rsa.c's signature * \param mode must be MBEDTLS_RSA_PRIVATE, for compatibility with rsa.c's signature
* \param md_alg a POLARSSL_MD_XXX (use POLARSSL_MD_NONE for signing raw data) * \param md_alg a MBEDTLS_MD_XXX (use MBEDTLS_MD_NONE for signing raw data)
* \param hashlen message digest length (for POLARSSL_MD_NONE only) * \param hashlen message digest length (for MBEDTLS_MD_NONE only)
* \param hash buffer holding the message digest * \param hash buffer holding the message digest
* \param sig buffer that will hold the ciphertext * \param sig buffer that will hold the ciphertext
* *
* \return 0 if the signing operation was successful, * \return 0 if the signing operation was successful,
* or an POLARSSL_ERR_RSA_XXX error code * or an MBEDTLS_ERR_RSA_XXX error code
* *
* \note The "sig" buffer must be as large as the size * \note The "sig" buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used). * of ctx->N (eg. 128 bytes if RSA-1024 is used).
*/ */
int pkcs11_sign( pkcs11_context *ctx, int mbedtls_pkcs11_sign( mbedtls_pkcs11_context *ctx,
int mode, int mode,
md_type_t md_alg, mbedtls_md_type_t md_alg,
unsigned int hashlen, unsigned int hashlen,
const unsigned char *hash, const unsigned char *hash,
unsigned char *sig ); unsigned char *sig );
@ -138,34 +138,34 @@ int pkcs11_sign( pkcs11_context *ctx,
/** /**
* SSL/TLS wrappers for PKCS#11 functions * SSL/TLS wrappers for PKCS#11 functions
*/ */
static inline int ssl_pkcs11_decrypt( void *ctx, int mode, size_t *olen, static inline int mbedtls_ssl_pkcs11_decrypt( void *ctx, int mode, size_t *olen,
const unsigned char *input, unsigned char *output, const unsigned char *input, unsigned char *output,
size_t output_max_len ) size_t output_max_len )
{ {
return pkcs11_decrypt( (pkcs11_context *) ctx, mode, olen, input, output, return mbedtls_pkcs11_decrypt( (mbedtls_pkcs11_context *) ctx, mode, olen, input, output,
output_max_len ); output_max_len );
} }
static inline int ssl_pkcs11_sign( void *ctx, static inline int mbedtls_ssl_pkcs11_sign( void *ctx,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
int mode, md_type_t md_alg, unsigned int hashlen, int mode, mbedtls_md_type_t md_alg, unsigned int hashlen,
const unsigned char *hash, unsigned char *sig ) const unsigned char *hash, unsigned char *sig )
{ {
((void) f_rng); ((void) f_rng);
((void) p_rng); ((void) p_rng);
return pkcs11_sign( (pkcs11_context *) ctx, mode, md_alg, return mbedtls_pkcs11_sign( (mbedtls_pkcs11_context *) ctx, mode, md_alg,
hashlen, hash, sig ); hashlen, hash, sig );
} }
static inline size_t ssl_pkcs11_key_len( void *ctx ) static inline size_t mbedtls_ssl_pkcs11_key_len( void *ctx )
{ {
return ( (pkcs11_context *) ctx )->len; return ( (mbedtls_pkcs11_context *) ctx )->len;
} }
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#endif /* POLARSSL_PKCS11_C */ #endif /* MBEDTLS_PKCS11_C */
#endif /* POLARSSL_PKCS11_H */ #endif /* MBEDTLS_PKCS11_H */

50
include/mbedtls/pkcs12.h
View File

@ -21,8 +21,8 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_PKCS12_H #ifndef MBEDTLS_PKCS12_H
#define POLARSSL_PKCS12_H #define MBEDTLS_PKCS12_H
#include "md.h" #include "md.h"
#include "cipher.h" #include "cipher.h"
@ -30,17 +30,17 @@
#include <stddef.h> #include <stddef.h>
#define POLARSSL_ERR_PKCS12_BAD_INPUT_DATA -0x1F80 /**< Bad input parameters to function. */ #define MBEDTLS_ERR_PKCS12_BAD_INPUT_DATA -0x1F80 /**< Bad input parameters to function. */
#define POLARSSL_ERR_PKCS12_FEATURE_UNAVAILABLE -0x1F00 /**< Feature not available, e.g. unsupported encryption scheme. */ #define MBEDTLS_ERR_PKCS12_FEATURE_UNAVAILABLE -0x1F00 /**< Feature not available, e.g. unsupported encryption scheme. */
#define POLARSSL_ERR_PKCS12_PBE_INVALID_FORMAT -0x1E80 /**< PBE ASN.1 data not as expected. */ #define MBEDTLS_ERR_PKCS12_PBE_INVALID_FORMAT -0x1E80 /**< PBE ASN.1 data not as expected. */
#define POLARSSL_ERR_PKCS12_PASSWORD_MISMATCH -0x1E00 /**< Given private key password does not allow for correct decryption. */ #define MBEDTLS_ERR_PKCS12_PASSWORD_MISMATCH -0x1E00 /**< Given private key password does not allow for correct decryption. */
#define PKCS12_DERIVE_KEY 1 /**< encryption/decryption key */ #define MBEDTLS_PKCS12_DERIVE_KEY 1 /**< encryption/decryption key */
#define PKCS12_DERIVE_IV 2 /**< initialization vector */ #define MBEDTLS_PKCS12_DERIVE_IV 2 /**< initialization vector */
#define PKCS12_DERIVE_MAC_KEY 3 /**< integrity / MAC key */ #define MBEDTLS_PKCS12_DERIVE_MAC_KEY 3 /**< integrity / MAC key */
#define PKCS12_PBE_DECRYPT 0 #define MBEDTLS_PKCS12_PBE_DECRYPT 0
#define PKCS12_PBE_ENCRYPT 1 #define MBEDTLS_PKCS12_PBE_ENCRYPT 1
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
@ -51,38 +51,38 @@ extern "C" {
* for pbeWithSHAAnd128BitRC4 * for pbeWithSHAAnd128BitRC4
* *
* \param pbe_params an ASN1 buffer containing the pkcs-12PbeParams structure * \param pbe_params an ASN1 buffer containing the pkcs-12PbeParams structure
* \param mode either PKCS12_PBE_ENCRYPT or PKCS12_PBE_DECRYPT * \param mode either MBEDTLS_PKCS12_PBE_ENCRYPT or MBEDTLS_PKCS12_PBE_DECRYPT
* \param pwd the password used (may be NULL if no password is used) * \param pwd the password used (may be NULL if no password is used)
* \param pwdlen length of the password (may be 0) * \param pwdlen length of the password (may be 0)
* \param input the input data * \param input the input data
* \param len data length * \param len data length
* \param output the output buffer * \param output the output buffer
* *
* \return 0 if successful, or a POLARSSL_ERR_XXX code * \return 0 if successful, or a MBEDTLS_ERR_XXX code
*/ */
int pkcs12_pbe_sha1_rc4_128( asn1_buf *pbe_params, int mode, int mbedtls_pkcs12_pbe_sha1_rc4_128( mbedtls_asn1_buf *pbe_params, int mode,
const unsigned char *pwd, size_t pwdlen, const unsigned char *pwd, size_t pwdlen,
const unsigned char *input, size_t len, const unsigned char *input, size_t len,
unsigned char *output ); unsigned char *output );
/** /**
* \brief PKCS12 Password Based function (encryption / decryption) * \brief PKCS12 Password Based function (encryption / decryption)
* for cipher-based and md-based PBE's * for cipher-based and mbedtls_md-based PBE's
* *
* \param pbe_params an ASN1 buffer containing the pkcs-12PbeParams structure * \param pbe_params an ASN1 buffer containing the pkcs-12PbeParams structure
* \param mode either PKCS12_PBE_ENCRYPT or PKCS12_PBE_DECRYPT * \param mode either MBEDTLS_PKCS12_PBE_ENCRYPT or MBEDTLS_PKCS12_PBE_DECRYPT
* \param cipher_type the cipher used * \param cipher_type the cipher used
* \param md_type the md used * \param md_type the mbedtls_md used
* \param pwd the password used (may be NULL if no password is used) * \param pwd the password used (may be NULL if no password is used)
* \param pwdlen length of the password (may be 0) * \param pwdlen length of the password (may be 0)
* \param input the input data * \param input the input data
* \param len data length * \param len data length
* \param output the output buffer * \param output the output buffer
* *
* \return 0 if successful, or a POLARSSL_ERR_XXX code * \return 0 if successful, or a MBEDTLS_ERR_XXX code
*/ */
int pkcs12_pbe( asn1_buf *pbe_params, int mode, int mbedtls_pkcs12_pbe( mbedtls_asn1_buf *pbe_params, int mode,
cipher_type_t cipher_type, md_type_t md_type, mbedtls_cipher_type_t cipher_type, mbedtls_md_type_t md_type,
const unsigned char *pwd, size_t pwdlen, const unsigned char *pwd, size_t pwdlen,
const unsigned char *input, size_t len, const unsigned char *input, size_t len,
unsigned char *output ); unsigned char *output );
@ -101,17 +101,17 @@ int pkcs12_pbe( asn1_buf *pbe_params, int mode,
* \param pwdlen length of the password (may be 0) * \param pwdlen length of the password (may be 0)
* \param salt salt buffer to use * \param salt salt buffer to use
* \param saltlen length of the salt * \param saltlen length of the salt
* \param md md type to use during the derivation * \param mbedtls_md mbedtls_md type to use during the derivation
* \param id id that describes the purpose (can be PKCS12_DERIVE_KEY, * \param id id that describes the purpose (can be MBEDTLS_PKCS12_DERIVE_KEY,
* PKCS12_DERIVE_IV or PKCS12_DERIVE_MAC_KEY) * MBEDTLS_PKCS12_DERIVE_IV or MBEDTLS_PKCS12_DERIVE_MAC_KEY)
* \param iterations number of iterations * \param iterations number of iterations
* *
* \return 0 if successful, or a MD, BIGNUM type error. * \return 0 if successful, or a MD, BIGNUM type error.
*/ */
int pkcs12_derivation( unsigned char *data, size_t datalen, int mbedtls_pkcs12_derivation( unsigned char *data, size_t datalen,
const unsigned char *pwd, size_t pwdlen, const unsigned char *pwd, size_t pwdlen,
const unsigned char *salt, size_t saltlen, const unsigned char *salt, size_t saltlen,
md_type_t md, int id, int iterations ); mbedtls_md_type_t mbedtls_md, int id, int iterations );
#ifdef __cplusplus #ifdef __cplusplus
} }

28
include/mbedtls/pkcs5.h
View File

@ -23,8 +23,8 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_PKCS5_H #ifndef MBEDTLS_PKCS5_H
#define POLARSSL_PKCS5_H #define MBEDTLS_PKCS5_H
#include "asn1.h" #include "asn1.h"
#include "md.h" #include "md.h"
@ -38,13 +38,13 @@ typedef UINT32 uint32_t;
#include <inttypes.h> #include <inttypes.h>
#endif #endif
#define POLARSSL_ERR_PKCS5_BAD_INPUT_DATA -0x3f80 /**< Bad input parameters to function. */ #define MBEDTLS_ERR_PKCS5_BAD_INPUT_DATA -0x3f80 /**< Bad input parameters to function. */
#define POLARSSL_ERR_PKCS5_INVALID_FORMAT -0x3f00 /**< Unexpected ASN.1 data. */ #define MBEDTLS_ERR_PKCS5_INVALID_FORMAT -0x3f00 /**< Unexpected ASN.1 data. */
#define POLARSSL_ERR_PKCS5_FEATURE_UNAVAILABLE -0x3e80 /**< Requested encryption or digest alg not available. */ #define MBEDTLS_ERR_PKCS5_FEATURE_UNAVAILABLE -0x3e80 /**< Requested encryption or digest alg not available. */
#define POLARSSL_ERR_PKCS5_PASSWORD_MISMATCH -0x3e00 /**< Given private key password does not allow for correct decryption. */ #define MBEDTLS_ERR_PKCS5_PASSWORD_MISMATCH -0x3e00 /**< Given private key password does not allow for correct decryption. */
#define PKCS5_DECRYPT 0 #define MBEDTLS_PKCS5_DECRYPT 0
#define PKCS5_ENCRYPT 1 #define MBEDTLS_PKCS5_ENCRYPT 1
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
@ -54,16 +54,16 @@ extern "C" {
* \brief PKCS#5 PBES2 function * \brief PKCS#5 PBES2 function
* *
* \param pbe_params the ASN.1 algorithm parameters * \param pbe_params the ASN.1 algorithm parameters
* \param mode either PKCS5_DECRYPT or PKCS5_ENCRYPT * \param mode either MBEDTLS_PKCS5_DECRYPT or MBEDTLS_PKCS5_ENCRYPT
* \param pwd password to use when generating key * \param pwd password to use when generating key
* \param pwdlen length of password * \param pwdlen length of password
* \param data data to process * \param data data to process
* \param datalen length of data * \param datalen length of data
* \param output output buffer * \param output output buffer
* *
* \returns 0 on success, or a POLARSSL_ERR_XXX code if verification fails. * \returns 0 on success, or a MBEDTLS_ERR_XXX code if verification fails.
*/ */
int pkcs5_pbes2( const asn1_buf *pbe_params, int mode, int mbedtls_pkcs5_pbes2( const mbedtls_asn1_buf *pbe_params, int mode,
const unsigned char *pwd, size_t pwdlen, const unsigned char *pwd, size_t pwdlen,
const unsigned char *data, size_t datalen, const unsigned char *data, size_t datalen,
unsigned char *output ); unsigned char *output );
@ -80,9 +80,9 @@ int pkcs5_pbes2( const asn1_buf *pbe_params, int mode,
* \param key_length Length of generated key * \param key_length Length of generated key
* \param output Generated key. Must be at least as big as key_length * \param output Generated key. Must be at least as big as key_length
* *
* \returns 0 on success, or a POLARSSL_ERR_XXX code if verification fails. * \returns 0 on success, or a MBEDTLS_ERR_XXX code if verification fails.
*/ */
int pkcs5_pbkdf2_hmac( md_context_t *ctx, const unsigned char *password, int mbedtls_pkcs5_pbkdf2_hmac( mbedtls_md_context_t *ctx, const unsigned char *password,
size_t plen, const unsigned char *salt, size_t slen, size_t plen, const unsigned char *salt, size_t slen,
unsigned int iteration_count, unsigned int iteration_count,
uint32_t key_length, unsigned char *output ); uint32_t key_length, unsigned char *output );
@ -92,7 +92,7 @@ int pkcs5_pbkdf2_hmac( md_context_t *ctx, const unsigned char *password,
* *
* \return 0 if successful, or 1 if the test failed * \return 0 if successful, or 1 if the test failed
*/ */
int pkcs5_self_test( int verbose ); int mbedtls_pkcs5_self_test( int verbose );
#ifdef __cplusplus #ifdef __cplusplus
} }

136
include/mbedtls/platform.h
View File

@ -21,13 +21,13 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_PLATFORM_H #ifndef MBEDTLS_PLATFORM_H
#define POLARSSL_PLATFORM_H #define MBEDTLS_PLATFORM_H
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h" #include "config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#ifdef __cplusplus #ifdef __cplusplus
@ -42,46 +42,46 @@ extern "C" {
* \{ * \{
*/ */
#if !defined(POLARSSL_PLATFORM_NO_STD_FUNCTIONS) #if !defined(MBEDTLS_PLATFORM_NO_STD_FUNCTIONS)
#include <stdio.h> #include <stdio.h>
#include <stdlib.h> #include <stdlib.h>
#if !defined(POLARSSL_PLATFORM_STD_SNPRINTF) #if !defined(MBEDTLS_PLATFORM_STD_SNPRINTF)
#define POLARSSL_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use */ #define MBEDTLS_PLATFORM_STD_SNPRINTF snprintf /**< Default snprintf to use */
#endif #endif
#if !defined(POLARSSL_PLATFORM_STD_PRINTF) #if !defined(MBEDTLS_PLATFORM_STD_PRINTF)
#define POLARSSL_PLATFORM_STD_PRINTF printf /**< Default printf to use */ #define MBEDTLS_PLATFORM_STD_PRINTF printf /**< Default printf to use */
#endif #endif
#if !defined(POLARSSL_PLATFORM_STD_FPRINTF) #if !defined(MBEDTLS_PLATFORM_STD_FPRINTF)
#define POLARSSL_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use */ #define MBEDTLS_PLATFORM_STD_FPRINTF fprintf /**< Default fprintf to use */
#endif #endif
#if !defined(POLARSSL_PLATFORM_STD_MALLOC) #if !defined(MBEDTLS_PLATFORM_STD_MALLOC)
#define POLARSSL_PLATFORM_STD_MALLOC malloc /**< Default allocator to use */ #define MBEDTLS_PLATFORM_STD_MALLOC malloc /**< Default allocator to use */
#endif #endif
#if !defined(POLARSSL_PLATFORM_STD_FREE) #if !defined(MBEDTLS_PLATFORM_STD_FREE)
#define POLARSSL_PLATFORM_STD_FREE free /**< Default free to use */ #define MBEDTLS_PLATFORM_STD_FREE free /**< Default free to use */
#endif #endif
#if !defined(POLARSSL_PLATFORM_STD_EXIT) #if !defined(MBEDTLS_PLATFORM_STD_EXIT)
#define POLARSSL_PLATFORM_STD_EXIT exit /**< Default free to use */ #define MBEDTLS_PLATFORM_STD_EXIT exit /**< Default free to use */
#endif #endif
#else /* POLARSSL_PLATFORM_NO_STD_FUNCTIONS */ #else /* MBEDTLS_PLATFORM_NO_STD_FUNCTIONS */
#if defined(POLARSSL_PLATFORM_STD_MEM_HDR) #if defined(MBEDTLS_PLATFORM_STD_MEM_HDR)
#include POLARSSL_PLATFORM_STD_MEM_HDR #include MBEDTLS_PLATFORM_STD_MEM_HDR
#endif #endif
#endif /* POLARSSL_PLATFORM_NO_STD_FUNCTIONS */ #endif /* MBEDTLS_PLATFORM_NO_STD_FUNCTIONS */
/* \} name SECTION: Module settings */ /* \} name SECTION: Module settings */
/* /*
* The function pointers for malloc and free * The function pointers for malloc and free
*/ */
#if defined(POLARSSL_PLATFORM_MEMORY) #if defined(MBEDTLS_PLATFORM_MEMORY)
#if defined(POLARSSL_PLATFORM_FREE_MACRO) && \ #if defined(MBEDTLS_PLATFORM_FREE_MACRO) && \
defined(POLARSSL_PLATFORM_MALLOC_MACRO) defined(MBEDTLS_PLATFORM_MALLOC_MACRO)
#define polarssl_free POLARSSL_PLATFORM_FREE_MACRO #define mbedtls_free MBEDTLS_PLATFORM_FREE_MACRO
#define polarssl_malloc POLARSSL_PLATFORM_MALLOC_MACRO #define mbedtls_malloc MBEDTLS_PLATFORM_MALLOC_MACRO
#else #else
extern void * (*polarssl_malloc)( size_t len ); extern void * (*mbedtls_malloc)( size_t len );
extern void (*polarssl_free)( void *ptr ); extern void (*mbedtls_free)( void *ptr );
/** /**
* \brief Set your own memory implementation function pointers * \brief Set your own memory implementation function pointers
@ -91,19 +91,19 @@ extern void (*polarssl_free)( void *ptr );
* *
* \return 0 if successful * \return 0 if successful
*/ */
int platform_set_malloc_free( void * (*malloc_func)( size_t ), int mbedtls_platform_set_malloc_free( void * (*malloc_func)( size_t ),
void (*free_func)( void * ) ); void (*free_func)( void * ) );
#endif /* POLARSSL_PLATFORM_FREE_MACRO && POLARSSL_PLATFORM_MALLOC_MACRO */ #endif /* MBEDTLS_PLATFORM_FREE_MACRO && MBEDTLS_PLATFORM_MALLOC_MACRO */
#else /* !POLARSSL_PLATFORM_MEMORY */ #else /* !MBEDTLS_PLATFORM_MEMORY */
#define polarssl_free free #define mbedtls_free free
#define polarssl_malloc malloc #define mbedtls_malloc malloc
#endif /* POLARSSL_PLATFORM_MEMORY && !POLARSSL_PLATFORM_{FREE,MALLOC}_MACRO */ #endif /* MBEDTLS_PLATFORM_MEMORY && !MBEDTLS_PLATFORM_{FREE,MALLOC}_MACRO */
/* /*
* The function pointers for fprintf * The function pointers for fprintf
*/ */
#if defined(POLARSSL_PLATFORM_FPRINTF_ALT) #if defined(MBEDTLS_PLATFORM_FPRINTF_ALT)
extern int (*polarssl_fprintf)( FILE *stream, const char *format, ... ); extern int (*mbedtls_fprintf)( FILE *stream, const char *format, ... );
/** /**
* \brief Set your own fprintf function pointer * \brief Set your own fprintf function pointer
@ -112,21 +112,21 @@ extern int (*polarssl_fprintf)( FILE *stream, const char *format, ... );
* *
* \return 0 * \return 0
*/ */
int platform_set_fprintf( int (*fprintf_func)( FILE *stream, const char *, int mbedtls_platform_set_fprintf( int (*fprintf_func)( FILE *stream, const char *,
... ) ); ... ) );
#else #else
#if defined(POLARSSL_PLATFORM_FPRINTF_MACRO) #if defined(MBEDTLS_PLATFORM_FPRINTF_MACRO)
#define polarssl_fprintf POLARSSL_PLATFORM_FPRINTF_MACRO #define mbedtls_fprintf MBEDTLS_PLATFORM_FPRINTF_MACRO
#else #else
#define polarssl_fprintf fprintf #define mbedtls_fprintf fprintf
#endif /* POLARSSL_PLATFORM_FPRINTF_MACRO */ #endif /* MBEDTLS_PLATFORM_FPRINTF_MACRO */
#endif /* POLARSSL_PLATFORM_FPRINTF_ALT */ #endif /* MBEDTLS_PLATFORM_FPRINTF_ALT */
/* /*
* The function pointers for printf * The function pointers for printf
*/ */
#if defined(POLARSSL_PLATFORM_PRINTF_ALT) #if defined(MBEDTLS_PLATFORM_PRINTF_ALT)
extern int (*polarssl_printf)( const char *format, ... ); extern int (*mbedtls_printf)( const char *format, ... );
/** /**
* \brief Set your own printf function pointer * \brief Set your own printf function pointer
@ -135,20 +135,20 @@ extern int (*polarssl_printf)( const char *format, ... );
* *
* \return 0 * \return 0
*/ */
int platform_set_printf( int (*printf_func)( const char *, ... ) ); int mbedtls_platform_set_printf( int (*printf_func)( const char *, ... ) );
#else /* !POLARSSL_PLATFORM_PRINTF_ALT */ #else /* !MBEDTLS_PLATFORM_PRINTF_ALT */
#if defined(POLARSSL_PLATFORM_PRINTF_MACRO) #if defined(MBEDTLS_PLATFORM_PRINTF_MACRO)
#define polarssl_printf POLARSSL_PLATFORM_PRINTF_MACRO #define mbedtls_printf MBEDTLS_PLATFORM_PRINTF_MACRO
#else #else
#define polarssl_printf printf #define mbedtls_printf printf
#endif /* POLARSSL_PLATFORM_PRINTF_MACRO */ #endif /* MBEDTLS_PLATFORM_PRINTF_MACRO */
#endif /* POLARSSL_PLATFORM_PRINTF_ALT */ #endif /* MBEDTLS_PLATFORM_PRINTF_ALT */
/* /*
* The function pointers for snprintf * The function pointers for snprintf
*/ */
#if defined(POLARSSL_PLATFORM_SNPRINTF_ALT) #if defined(MBEDTLS_PLATFORM_SNPRINTF_ALT)
extern int (*polarssl_snprintf)( char * s, size_t n, const char * format, ... ); extern int (*mbedtls_snprintf)( char * s, size_t n, const char * format, ... );
/** /**
* \brief Set your own snprintf function pointer * \brief Set your own snprintf function pointer
@ -157,21 +157,21 @@ extern int (*polarssl_snprintf)( char * s, size_t n, const char * format, ... );
* *
* \return 0 * \return 0
*/ */
int platform_set_snprintf( int (*snprintf_func)( char * s, size_t n, int mbedtls_platform_set_snprintf( int (*snprintf_func)( char * s, size_t n,
const char * format, ... ) ); const char * format, ... ) );
#else /* POLARSSL_PLATFORM_SNPRINTF_ALT */ #else /* MBEDTLS_PLATFORM_SNPRINTF_ALT */
#if defined(POLARSSL_PLATFORM_SNPRINTF_MACRO) #if defined(MBEDTLS_PLATFORM_SNPRINTF_MACRO)
#define polarssl_snprintf POLARSSL_PLATFORM_SNPRINTF_MACRO #define mbedtls_snprintf MBEDTLS_PLATFORM_SNPRINTF_MACRO
#else #else
#define polarssl_snprintf snprintf #define mbedtls_snprintf snprintf
#endif /* POLARSSL_PLATFORM_SNPRINTF_MACRO */ #endif /* MBEDTLS_PLATFORM_SNPRINTF_MACRO */
#endif /* POLARSSL_PLATFORM_SNPRINTF_ALT */ #endif /* MBEDTLS_PLATFORM_SNPRINTF_ALT */
/* /*
* The function pointers for exit * The function pointers for exit
*/ */
#if defined(POLARSSL_PLATFORM_EXIT_ALT) #if defined(MBEDTLS_PLATFORM_EXIT_ALT)
extern void (*polarssl_exit)( int status ); extern void (*mbedtls_exit)( int status );
/** /**
* \brief Set your own exit function pointer * \brief Set your own exit function pointer
@ -180,14 +180,14 @@ extern void (*polarssl_exit)( int status );
* *
* \return 0 * \return 0
*/ */
int platform_set_exit( void (*exit_func)( int status ) ); int mbedtls_platform_set_exit( void (*exit_func)( int status ) );
#else #else
#if defined(POLARSSL_PLATFORM_EXIT_MACRO) #if defined(MBEDTLS_PLATFORM_EXIT_MACRO)
#define polarssl_exit POLARSSL_PLATFORM_EXIT_MACRO #define mbedtls_exit MBEDTLS_PLATFORM_EXIT_MACRO
#else #else
#define polarssl_exit exit #define mbedtls_exit exit
#endif /* POLARSSL_PLATFORM_EXIT_MACRO */ #endif /* MBEDTLS_PLATFORM_EXIT_MACRO */
#endif /* POLARSSL_PLATFORM_EXIT_ALT */ #endif /* MBEDTLS_PLATFORM_EXIT_ALT */
#ifdef __cplusplus #ifdef __cplusplus
} }

46
include/mbedtls/ripemd160.h
View File

@ -1,5 +1,5 @@
/** /**
* \file ripemd160.h * \file mbedtls_ripemd160.h
* *
* \brief RIPE MD-160 message digest * \brief RIPE MD-160 message digest
* *
@ -21,13 +21,13 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_RIPEMD160_H #ifndef MBEDTLS_RIPEMD160_H
#define POLARSSL_RIPEMD160_H #define MBEDTLS_RIPEMD160_H
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h" #include "config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#include <stddef.h> #include <stddef.h>
@ -39,9 +39,9 @@ typedef UINT32 uint32_t;
#include <inttypes.h> #include <inttypes.h>
#endif #endif
#define POLARSSL_ERR_RIPEMD160_FILE_IO_ERROR -0x007E /**< Read/write error in file. */ #define MBEDTLS_ERR_RIPEMD160_FILE_IO_ERROR -0x007E /**< Read/write error in file. */
#if !defined(POLARSSL_RIPEMD160_ALT) #if !defined(MBEDTLS_RIPEMD160_ALT)
// Regular implementation // Regular implementation
// //
@ -58,28 +58,28 @@ typedef struct
uint32_t state[5]; /*!< intermediate digest state */ uint32_t state[5]; /*!< intermediate digest state */
unsigned char buffer[64]; /*!< data block being processed */ unsigned char buffer[64]; /*!< data block being processed */
} }
ripemd160_context; mbedtls_ripemd160_context;
/** /**
* \brief Initialize RIPEMD-160 context * \brief Initialize RIPEMD-160 context
* *
* \param ctx RIPEMD-160 context to be initialized * \param ctx RIPEMD-160 context to be initialized
*/ */
void ripemd160_init( ripemd160_context *ctx ); void mbedtls_ripemd160_init( mbedtls_ripemd160_context *ctx );
/** /**
* \brief Clear RIPEMD-160 context * \brief Clear RIPEMD-160 context
* *
* \param ctx RIPEMD-160 context to be cleared * \param ctx RIPEMD-160 context to be cleared
*/ */
void ripemd160_free( ripemd160_context *ctx ); void mbedtls_ripemd160_free( mbedtls_ripemd160_context *ctx );
/** /**
* \brief RIPEMD-160 context setup * \brief RIPEMD-160 context setup
* *
* \param ctx context to be initialized * \param ctx context to be initialized
*/ */
void ripemd160_starts( ripemd160_context *ctx ); void mbedtls_ripemd160_starts( mbedtls_ripemd160_context *ctx );
/** /**
* \brief RIPEMD-160 process buffer * \brief RIPEMD-160 process buffer
@ -88,7 +88,7 @@ void ripemd160_starts( ripemd160_context *ctx );
* \param input buffer holding the data * \param input buffer holding the data
* \param ilen length of the input data * \param ilen length of the input data
*/ */
void ripemd160_update( ripemd160_context *ctx, void mbedtls_ripemd160_update( mbedtls_ripemd160_context *ctx,
const unsigned char *input, size_t ilen ); const unsigned char *input, size_t ilen );
/** /**
@ -97,18 +97,18 @@ void ripemd160_update( ripemd160_context *ctx,
* \param ctx RIPEMD-160 context * \param ctx RIPEMD-160 context
* \param output RIPEMD-160 checksum result * \param output RIPEMD-160 checksum result
*/ */
void ripemd160_finish( ripemd160_context *ctx, unsigned char output[20] ); void mbedtls_ripemd160_finish( mbedtls_ripemd160_context *ctx, unsigned char output[20] );
/* Internal use */ /* Internal use */
void ripemd160_process( ripemd160_context *ctx, const unsigned char data[64] ); void mbedtls_ripemd160_process( mbedtls_ripemd160_context *ctx, const unsigned char data[64] );
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#else /* POLARSSL_RIPEMD160_ALT */ #else /* MBEDTLS_RIPEMD160_ALT */
#include "ripemd160.h" #include "ripemd160.h"
#endif /* POLARSSL_RIPEMD160_ALT */ #endif /* MBEDTLS_RIPEMD160_ALT */
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
@ -121,30 +121,30 @@ extern "C" {
* \param ilen length of the input data * \param ilen length of the input data
* \param output RIPEMD-160 checksum result * \param output RIPEMD-160 checksum result
*/ */
void ripemd160( const unsigned char *input, size_t ilen, void mbedtls_ripemd160( const unsigned char *input, size_t ilen,
unsigned char output[20] ); unsigned char output[20] );
#if defined(POLARSSL_FS_IO) #if defined(MBEDTLS_FS_IO)
/** /**
* \brief Output = RIPEMD-160( file contents ) * \brief Output = RIPEMD-160( file contents )
* *
* \param path input file name * \param path input file name
* \param output RIPEMD-160 checksum result * \param output RIPEMD-160 checksum result
* *
* \return 0 if successful, or POLARSSL_ERR_RIPEMD160_FILE_IO_ERROR * \return 0 if successful, or MBEDTLS_ERR_RIPEMD160_FILE_IO_ERROR
*/ */
int ripemd160_file( const char *path, unsigned char output[20] ); int mbedtls_ripemd160_file( const char *path, unsigned char output[20] );
#endif /* POLARSSL_FS_IO */ #endif /* MBEDTLS_FS_IO */
/** /**
* \brief Checkup routine * \brief Checkup routine
* *
* \return 0 if successful, or 1 if the test failed * \return 0 if successful, or 1 if the test failed
*/ */
int ripemd160_self_test( int verbose ); int mbedtls_ripemd160_self_test( int verbose );
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#endif /* ripemd160.h */ #endif /* mbedtls_ripemd160.h */

292
include/mbedtls/rsa.h
View File

@ -21,54 +21,54 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_RSA_H #ifndef MBEDTLS_RSA_H
#define POLARSSL_RSA_H #define MBEDTLS_RSA_H
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h" #include "config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#include "bignum.h" #include "bignum.h"
#include "md.h" #include "md.h"
#if defined(POLARSSL_THREADING_C) #if defined(MBEDTLS_THREADING_C)
#include "threading.h" #include "threading.h"
#endif #endif
/* /*
* RSA Error codes * RSA Error codes
*/ */
#define POLARSSL_ERR_RSA_BAD_INPUT_DATA -0x4080 /**< Bad input parameters to function. */ #define MBEDTLS_ERR_RSA_BAD_INPUT_DATA -0x4080 /**< Bad input parameters to function. */
#define POLARSSL_ERR_RSA_INVALID_PADDING -0x4100 /**< Input data contains invalid padding and is rejected. */ #define MBEDTLS_ERR_RSA_INVALID_PADDING -0x4100 /**< Input data contains invalid padding and is rejected. */
#define POLARSSL_ERR_RSA_KEY_GEN_FAILED -0x4180 /**< Something failed during generation of a key. */ #define MBEDTLS_ERR_RSA_KEY_GEN_FAILED -0x4180 /**< Something failed during generation of a key. */
#define POLARSSL_ERR_RSA_KEY_CHECK_FAILED -0x4200 /**< Key failed to pass the libraries validity check. */ #define MBEDTLS_ERR_RSA_KEY_CHECK_FAILED -0x4200 /**< Key failed to pass the libraries validity check. */
#define POLARSSL_ERR_RSA_PUBLIC_FAILED -0x4280 /**< The public key operation failed. */ #define MBEDTLS_ERR_RSA_PUBLIC_FAILED -0x4280 /**< The public key operation failed. */
#define POLARSSL_ERR_RSA_PRIVATE_FAILED -0x4300 /**< The private key operation failed. */ #define MBEDTLS_ERR_RSA_PRIVATE_FAILED -0x4300 /**< The private key operation failed. */
#define POLARSSL_ERR_RSA_VERIFY_FAILED -0x4380 /**< The PKCS#1 verification failed. */ #define MBEDTLS_ERR_RSA_VERIFY_FAILED -0x4380 /**< The PKCS#1 verification failed. */
#define POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE -0x4400 /**< The output buffer for decryption is not large enough. */ #define MBEDTLS_ERR_RSA_OUTPUT_TOO_LARGE -0x4400 /**< The output buffer for decryption is not large enough. */
#define POLARSSL_ERR_RSA_RNG_FAILED -0x4480 /**< The random generator failed to generate non-zeros. */ #define MBEDTLS_ERR_RSA_RNG_FAILED -0x4480 /**< The random generator failed to generate non-zeros. */
/* /*
* RSA constants * RSA constants
*/ */
#define RSA_PUBLIC 0 #define MBEDTLS_RSA_PUBLIC 0
#define RSA_PRIVATE 1 #define MBEDTLS_RSA_PRIVATE 1
#define RSA_PKCS_V15 0 #define MBEDTLS_RSA_PKCS_V15 0
#define RSA_PKCS_V21 1 #define MBEDTLS_RSA_PKCS_V21 1
#define RSA_SIGN 1 #define MBEDTLS_RSA_SIGN 1
#define RSA_CRYPT 2 #define MBEDTLS_RSA_CRYPT 2
#define RSA_SALT_LEN_ANY -1 #define MBEDTLS_RSA_SALT_LEN_ANY -1
/* /*
* The above constants may be used even if the RSA module is compile out, * The above constants may be used even if the RSA module is compile out,
* eg for alternative (PKCS#11) RSA implemenations in the PK layers. * eg for alternative (PKCS#11) RSA implemenations in the PK layers.
*/ */
#if defined(POLARSSL_RSA_C) #if defined(MBEDTLS_RSA_C)
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
@ -82,47 +82,47 @@ typedef struct
int ver; /*!< always 0 */ int ver; /*!< always 0 */
size_t len; /*!< size(N) in chars */ size_t len; /*!< size(N) in chars */
mpi N; /*!< public modulus */ mbedtls_mpi N; /*!< public modulus */
mpi E; /*!< public exponent */ mbedtls_mpi E; /*!< public exponent */
mpi D; /*!< private exponent */ mbedtls_mpi D; /*!< private exponent */
mpi P; /*!< 1st prime factor */ mbedtls_mpi P; /*!< 1st prime factor */
mpi Q; /*!< 2nd prime factor */ mbedtls_mpi Q; /*!< 2nd prime factor */
mpi DP; /*!< D % (P - 1) */ mbedtls_mpi DP; /*!< D % (P - 1) */
mpi DQ; /*!< D % (Q - 1) */ mbedtls_mpi DQ; /*!< D % (Q - 1) */
mpi QP; /*!< 1 / (Q % P) */ mbedtls_mpi QP; /*!< 1 / (Q % P) */
mpi RN; /*!< cached R^2 mod N */ mbedtls_mpi RN; /*!< cached R^2 mod N */
mpi RP; /*!< cached R^2 mod P */ mbedtls_mpi RP; /*!< cached R^2 mod P */
mpi RQ; /*!< cached R^2 mod Q */ mbedtls_mpi RQ; /*!< cached R^2 mod Q */
mpi Vi; /*!< cached blinding value */ mbedtls_mpi Vi; /*!< cached blinding value */
mpi Vf; /*!< cached un-blinding value */ mbedtls_mpi Vf; /*!< cached un-blinding value */
int padding; /*!< RSA_PKCS_V15 for 1.5 padding and int padding; /*!< MBEDTLS_RSA_PKCS_V15 for 1.5 padding and
RSA_PKCS_v21 for OAEP/PSS */ RSA_PKCS_v21 for OAEP/PSS */
int hash_id; /*!< Hash identifier of md_type_t as int hash_id; /*!< Hash identifier of mbedtls_md_type_t as
specified in the md.h header file specified in the mbedtls_md.h header file
for the EME-OAEP and EMSA-PSS for the EME-OAEP and EMSA-PSS
encoding */ encoding */
#if defined(POLARSSL_THREADING_C) #if defined(MBEDTLS_THREADING_C)
threading_mutex_t mutex; /*!< Thread-safety mutex */ mbedtls_threading_mutex_t mutex; /*!< Thread-safety mutex */
#endif #endif
} }
rsa_context; mbedtls_rsa_context;
/** /**
* \brief Initialize an RSA context * \brief Initialize an RSA context
* *
* Note: Set padding to RSA_PKCS_V21 for the RSAES-OAEP * Note: Set padding to MBEDTLS_RSA_PKCS_V21 for the RSAES-OAEP
* encryption scheme and the RSASSA-PSS signature scheme. * encryption scheme and the RSASSA-PSS signature scheme.
* *
* \param ctx RSA context to be initialized * \param ctx RSA context to be initialized
* \param padding RSA_PKCS_V15 or RSA_PKCS_V21 * \param padding MBEDTLS_RSA_PKCS_V15 or MBEDTLS_RSA_PKCS_V21
* \param hash_id RSA_PKCS_V21 hash identifier * \param hash_id MBEDTLS_RSA_PKCS_V21 hash identifier
* *
* \note The hash_id parameter is actually ignored * \note The hash_id parameter is actually ignored
* when using RSA_PKCS_V15 padding. * when using MBEDTLS_RSA_PKCS_V15 padding.
* *
* \note Choice of padding mode is strictly enforced for private key * \note Choice of padding mode is strictly enforced for private key
* operations, since there might be security concerns in * operations, since there might be security concerns in
@ -133,21 +133,21 @@ rsa_context;
* \note The chosen hash is always used for OEAP encryption. * \note The chosen hash is always used for OEAP encryption.
* For PSS signatures, it's always used for making signatures, * For PSS signatures, it's always used for making signatures,
* but can be overriden (and always is, if set to * but can be overriden (and always is, if set to
* POLARSSL_MD_NONE) for verifying them. * MBEDTLS_MD_NONE) for verifying them.
*/ */
void rsa_init( rsa_context *ctx, void mbedtls_rsa_init( mbedtls_rsa_context *ctx,
int padding, int padding,
int hash_id); int hash_id);
/** /**
* \brief Set padding for an already initialized RSA context * \brief Set padding for an already initialized RSA context
* See \c rsa_init() for details. * See \c mbedtls_rsa_init() for details.
* *
* \param ctx RSA context to be set * \param ctx RSA context to be set
* \param padding RSA_PKCS_V15 or RSA_PKCS_V21 * \param padding MBEDTLS_RSA_PKCS_V15 or MBEDTLS_RSA_PKCS_V21
* \param hash_id RSA_PKCS_V21 hash identifier * \param hash_id MBEDTLS_RSA_PKCS_V21 hash identifier
*/ */
void rsa_set_padding( rsa_context *ctx, int padding, int hash_id); void mbedtls_rsa_set_padding( mbedtls_rsa_context *ctx, int padding, int hash_id);
/** /**
* \brief Generate an RSA keypair * \brief Generate an RSA keypair
@ -158,12 +158,12 @@ void rsa_set_padding( rsa_context *ctx, int padding, int hash_id);
* \param nbits size of the public key in bits * \param nbits size of the public key in bits
* \param exponent public exponent (e.g., 65537) * \param exponent public exponent (e.g., 65537)
* *
* \note rsa_init() must be called beforehand to setup * \note mbedtls_rsa_init() must be called beforehand to setup
* the RSA context. * the RSA context.
* *
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code * \return 0 if successful, or an MBEDTLS_ERR_RSA_XXX error code
*/ */
int rsa_gen_key( rsa_context *ctx, int mbedtls_rsa_gen_key( mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng, void *p_rng,
unsigned int nbits, int exponent ); unsigned int nbits, int exponent );
@ -173,18 +173,18 @@ int rsa_gen_key( rsa_context *ctx,
* *
* \param ctx RSA context to be checked * \param ctx RSA context to be checked
* *
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code * \return 0 if successful, or an MBEDTLS_ERR_RSA_XXX error code
*/ */
int rsa_check_pubkey( const rsa_context *ctx ); int mbedtls_rsa_check_pubkey( const mbedtls_rsa_context *ctx );
/** /**
* \brief Check a private RSA key * \brief Check a private RSA key
* *
* \param ctx RSA context to be checked * \param ctx RSA context to be checked
* *
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code * \return 0 if successful, or an MBEDTLS_ERR_RSA_XXX error code
*/ */
int rsa_check_privkey( const rsa_context *ctx ); int mbedtls_rsa_check_privkey( const mbedtls_rsa_context *ctx );
/** /**
* \brief Check a public-private RSA key pair. * \brief Check a public-private RSA key pair.
@ -193,9 +193,9 @@ int rsa_check_privkey( const rsa_context *ctx );
* \param pub RSA context holding the public key * \param pub RSA context holding the public key
* \param prv RSA context holding the private key * \param prv RSA context holding the private key
* *
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code * \return 0 if successful, or an MBEDTLS_ERR_RSA_XXX error code
*/ */
int rsa_check_pub_priv( const rsa_context *pub, const rsa_context *prv ); int mbedtls_rsa_check_pub_priv( const mbedtls_rsa_context *pub, const mbedtls_rsa_context *prv );
/** /**
* \brief Do an RSA public key operation * \brief Do an RSA public key operation
@ -204,7 +204,7 @@ int rsa_check_pub_priv( const rsa_context *pub, const rsa_context *prv );
* \param input input buffer * \param input input buffer
* \param output output buffer * \param output output buffer
* *
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code * \return 0 if successful, or an MBEDTLS_ERR_RSA_XXX error code
* *
* \note This function does NOT take care of message * \note This function does NOT take care of message
* padding. Also, be sure to set input[0] = 0 or assure that * padding. Also, be sure to set input[0] = 0 or assure that
@ -213,7 +213,7 @@ int rsa_check_pub_priv( const rsa_context *pub, const rsa_context *prv );
* \note The input and output buffers must be large * \note The input and output buffers must be large
* enough (eg. 128 bytes if RSA-1024 is used). * enough (eg. 128 bytes if RSA-1024 is used).
*/ */
int rsa_public( rsa_context *ctx, int mbedtls_rsa_public( mbedtls_rsa_context *ctx,
const unsigned char *input, const unsigned char *input,
unsigned char *output ); unsigned char *output );
@ -226,12 +226,12 @@ int rsa_public( rsa_context *ctx,
* \param input input buffer * \param input input buffer
* \param output output buffer * \param output output buffer
* *
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code * \return 0 if successful, or an MBEDTLS_ERR_RSA_XXX error code
* *
* \note The input and output buffers must be large * \note The input and output buffers must be large
* enough (eg. 128 bytes if RSA-1024 is used). * enough (eg. 128 bytes if RSA-1024 is used).
*/ */
int rsa_private( rsa_context *ctx, int mbedtls_rsa_private( mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng, void *p_rng,
const unsigned char *input, const unsigned char *input,
@ -244,19 +244,19 @@ int rsa_private( rsa_context *ctx,
* *
* \param ctx RSA context * \param ctx RSA context
* \param f_rng RNG function (Needed for padding and PKCS#1 v2.1 encoding * \param f_rng RNG function (Needed for padding and PKCS#1 v2.1 encoding
* and RSA_PRIVATE) * and MBEDTLS_RSA_PRIVATE)
* \param p_rng RNG parameter * \param p_rng RNG parameter
* \param mode RSA_PUBLIC or RSA_PRIVATE * \param mode MBEDTLS_RSA_PUBLIC or MBEDTLS_RSA_PRIVATE
* \param ilen contains the plaintext length * \param ilen contains the plaintext length
* \param input buffer holding the data to be encrypted * \param input buffer holding the data to be encrypted
* \param output buffer that will hold the ciphertext * \param output buffer that will hold the ciphertext
* *
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code * \return 0 if successful, or an MBEDTLS_ERR_RSA_XXX error code
* *
* \note The output buffer must be as large as the size * \note The output buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used). * of ctx->N (eg. 128 bytes if RSA-1024 is used).
*/ */
int rsa_pkcs1_encrypt( rsa_context *ctx, int mbedtls_rsa_pkcs1_encrypt( mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng, void *p_rng,
int mode, size_t ilen, int mode, size_t ilen,
@ -267,19 +267,19 @@ int rsa_pkcs1_encrypt( rsa_context *ctx,
* \brief Perform a PKCS#1 v1.5 encryption (RSAES-PKCS1-v1_5-ENCRYPT) * \brief Perform a PKCS#1 v1.5 encryption (RSAES-PKCS1-v1_5-ENCRYPT)
* *
* \param ctx RSA context * \param ctx RSA context
* \param f_rng RNG function (Needed for padding and RSA_PRIVATE) * \param f_rng RNG function (Needed for padding and MBEDTLS_RSA_PRIVATE)
* \param p_rng RNG parameter * \param p_rng RNG parameter
* \param mode RSA_PUBLIC or RSA_PRIVATE * \param mode MBEDTLS_RSA_PUBLIC or MBEDTLS_RSA_PRIVATE
* \param ilen contains the plaintext length * \param ilen contains the plaintext length
* \param input buffer holding the data to be encrypted * \param input buffer holding the data to be encrypted
* \param output buffer that will hold the ciphertext * \param output buffer that will hold the ciphertext
* *
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code * \return 0 if successful, or an MBEDTLS_ERR_RSA_XXX error code
* *
* \note The output buffer must be as large as the size * \note The output buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used). * of ctx->N (eg. 128 bytes if RSA-1024 is used).
*/ */
int rsa_rsaes_pkcs1_v15_encrypt( rsa_context *ctx, int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng, void *p_rng,
int mode, size_t ilen, int mode, size_t ilen,
@ -291,21 +291,21 @@ int rsa_rsaes_pkcs1_v15_encrypt( rsa_context *ctx,
* *
* \param ctx RSA context * \param ctx RSA context
* \param f_rng RNG function (Needed for padding and PKCS#1 v2.1 encoding * \param f_rng RNG function (Needed for padding and PKCS#1 v2.1 encoding
* and RSA_PRIVATE) * and MBEDTLS_RSA_PRIVATE)
* \param p_rng RNG parameter * \param p_rng RNG parameter
* \param mode RSA_PUBLIC or RSA_PRIVATE * \param mode MBEDTLS_RSA_PUBLIC or MBEDTLS_RSA_PRIVATE
* \param label buffer holding the custom label to use * \param label buffer holding the custom label to use
* \param label_len contains the label length * \param label_len contains the label length
* \param ilen contains the plaintext length * \param ilen contains the plaintext length
* \param input buffer holding the data to be encrypted * \param input buffer holding the data to be encrypted
* \param output buffer that will hold the ciphertext * \param output buffer that will hold the ciphertext
* *
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code * \return 0 if successful, or an MBEDTLS_ERR_RSA_XXX error code
* *
* \note The output buffer must be as large as the size * \note The output buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used). * of ctx->N (eg. 128 bytes if RSA-1024 is used).
*/ */
int rsa_rsaes_oaep_encrypt( rsa_context *ctx, int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng, void *p_rng,
int mode, int mode,
@ -320,21 +320,21 @@ int rsa_rsaes_oaep_encrypt( rsa_context *ctx,
* the message padding * the message padding
* *
* \param ctx RSA context * \param ctx RSA context
* \param f_rng RNG function (Only needed for RSA_PRIVATE) * \param f_rng RNG function (Only needed for MBEDTLS_RSA_PRIVATE)
* \param p_rng RNG parameter * \param p_rng RNG parameter
* \param mode RSA_PUBLIC or RSA_PRIVATE * \param mode MBEDTLS_RSA_PUBLIC or MBEDTLS_RSA_PRIVATE
* \param olen will contain the plaintext length * \param olen will contain the plaintext length
* \param input buffer holding the encrypted data * \param input buffer holding the encrypted data
* \param output buffer that will hold the plaintext * \param output buffer that will hold the plaintext
* \param output_max_len maximum length of the output buffer * \param output_max_len maximum length of the output buffer
* *
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code * \return 0 if successful, or an MBEDTLS_ERR_RSA_XXX error code
* *
* \note The output buffer must be as large as the size * \note The output buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used) otherwise * of ctx->N (eg. 128 bytes if RSA-1024 is used) otherwise
* an error is thrown. * an error is thrown.
*/ */
int rsa_pkcs1_decrypt( rsa_context *ctx, int mbedtls_rsa_pkcs1_decrypt( mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng, void *p_rng,
int mode, size_t *olen, int mode, size_t *olen,
@ -346,21 +346,21 @@ int rsa_pkcs1_decrypt( rsa_context *ctx,
* \brief Perform a PKCS#1 v1.5 decryption (RSAES-PKCS1-v1_5-DECRYPT) * \brief Perform a PKCS#1 v1.5 decryption (RSAES-PKCS1-v1_5-DECRYPT)
* *
* \param ctx RSA context * \param ctx RSA context
* \param f_rng RNG function (Only needed for RSA_PRIVATE) * \param f_rng RNG function (Only needed for MBEDTLS_RSA_PRIVATE)
* \param p_rng RNG parameter * \param p_rng RNG parameter
* \param mode RSA_PUBLIC or RSA_PRIVATE * \param mode MBEDTLS_RSA_PUBLIC or MBEDTLS_RSA_PRIVATE
* \param olen will contain the plaintext length * \param olen will contain the plaintext length
* \param input buffer holding the encrypted data * \param input buffer holding the encrypted data
* \param output buffer that will hold the plaintext * \param output buffer that will hold the plaintext
* \param output_max_len maximum length of the output buffer * \param output_max_len maximum length of the output buffer
* *
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code * \return 0 if successful, or an MBEDTLS_ERR_RSA_XXX error code
* *
* \note The output buffer must be as large as the size * \note The output buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used) otherwise * of ctx->N (eg. 128 bytes if RSA-1024 is used) otherwise
* an error is thrown. * an error is thrown.
*/ */
int rsa_rsaes_pkcs1_v15_decrypt( rsa_context *ctx, int mbedtls_rsa_rsaes_pkcs1_v15_decrypt( mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng, void *p_rng,
int mode, size_t *olen, int mode, size_t *olen,
@ -372,9 +372,9 @@ int rsa_rsaes_pkcs1_v15_decrypt( rsa_context *ctx,
* \brief Perform a PKCS#1 v2.1 OAEP decryption (RSAES-OAEP-DECRYPT) * \brief Perform a PKCS#1 v2.1 OAEP decryption (RSAES-OAEP-DECRYPT)
* *
* \param ctx RSA context * \param ctx RSA context
* \param f_rng RNG function (Only needed for RSA_PRIVATE) * \param f_rng RNG function (Only needed for MBEDTLS_RSA_PRIVATE)
* \param p_rng RNG parameter * \param p_rng RNG parameter
* \param mode RSA_PUBLIC or RSA_PRIVATE * \param mode MBEDTLS_RSA_PUBLIC or MBEDTLS_RSA_PRIVATE
* \param label buffer holding the custom label to use * \param label buffer holding the custom label to use
* \param label_len contains the label length * \param label_len contains the label length
* \param olen will contain the plaintext length * \param olen will contain the plaintext length
@ -382,13 +382,13 @@ int rsa_rsaes_pkcs1_v15_decrypt( rsa_context *ctx,
* \param output buffer that will hold the plaintext * \param output buffer that will hold the plaintext
* \param output_max_len maximum length of the output buffer * \param output_max_len maximum length of the output buffer
* *
* \return 0 if successful, or an POLARSSL_ERR_RSA_XXX error code * \return 0 if successful, or an MBEDTLS_ERR_RSA_XXX error code
* *
* \note The output buffer must be as large as the size * \note The output buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used) otherwise * of ctx->N (eg. 128 bytes if RSA-1024 is used) otherwise
* an error is thrown. * an error is thrown.
*/ */
int rsa_rsaes_oaep_decrypt( rsa_context *ctx, int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng, void *p_rng,
int mode, int mode,
@ -405,28 +405,28 @@ int rsa_rsaes_oaep_decrypt( rsa_context *ctx,
* *
* \param ctx RSA context * \param ctx RSA context
* \param f_rng RNG function (Needed for PKCS#1 v2.1 encoding and for * \param f_rng RNG function (Needed for PKCS#1 v2.1 encoding and for
* RSA_PRIVATE) * MBEDTLS_RSA_PRIVATE)
* \param p_rng RNG parameter * \param p_rng RNG parameter
* \param mode RSA_PUBLIC or RSA_PRIVATE * \param mode MBEDTLS_RSA_PUBLIC or MBEDTLS_RSA_PRIVATE
* \param md_alg a POLARSSL_MD_XXX (use POLARSSL_MD_NONE for signing raw data) * \param md_alg a MBEDTLS_MD_XXX (use MBEDTLS_MD_NONE for signing raw data)
* \param hashlen message digest length (for POLARSSL_MD_NONE only) * \param hashlen message digest length (for MBEDTLS_MD_NONE only)
* \param hash buffer holding the message digest * \param hash buffer holding the message digest
* \param sig buffer that will hold the ciphertext * \param sig buffer that will hold the ciphertext
* *
* \return 0 if the signing operation was successful, * \return 0 if the signing operation was successful,
* or an POLARSSL_ERR_RSA_XXX error code * or an MBEDTLS_ERR_RSA_XXX error code
* *
* \note The "sig" buffer must be as large as the size * \note The "sig" buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used). * of ctx->N (eg. 128 bytes if RSA-1024 is used).
* *
* \note In case of PKCS#1 v2.1 encoding, see comments on * \note In case of PKCS#1 v2.1 encoding, see comments on
* \note \c rsa_rsassa_pss_sign() for details on md_alg and hash_id. * \note \c mbedtls_rsa_rsassa_pss_sign() for details on md_alg and hash_id.
*/ */
int rsa_pkcs1_sign( rsa_context *ctx, int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng, void *p_rng,
int mode, int mode,
md_type_t md_alg, mbedtls_md_type_t md_alg,
unsigned int hashlen, unsigned int hashlen,
const unsigned char *hash, const unsigned char *hash,
unsigned char *sig ); unsigned char *sig );
@ -435,25 +435,25 @@ int rsa_pkcs1_sign( rsa_context *ctx,
* \brief Perform a PKCS#1 v1.5 signature (RSASSA-PKCS1-v1_5-SIGN) * \brief Perform a PKCS#1 v1.5 signature (RSASSA-PKCS1-v1_5-SIGN)
* *
* \param ctx RSA context * \param ctx RSA context
* \param f_rng RNG function (Only needed for RSA_PRIVATE) * \param f_rng RNG function (Only needed for MBEDTLS_RSA_PRIVATE)
* \param p_rng RNG parameter * \param p_rng RNG parameter
* \param mode RSA_PUBLIC or RSA_PRIVATE * \param mode MBEDTLS_RSA_PUBLIC or MBEDTLS_RSA_PRIVATE
* \param md_alg a POLARSSL_MD_XXX (use POLARSSL_MD_NONE for signing raw data) * \param md_alg a MBEDTLS_MD_XXX (use MBEDTLS_MD_NONE for signing raw data)
* \param hashlen message digest length (for POLARSSL_MD_NONE only) * \param hashlen message digest length (for MBEDTLS_MD_NONE only)
* \param hash buffer holding the message digest * \param hash buffer holding the message digest
* \param sig buffer that will hold the ciphertext * \param sig buffer that will hold the ciphertext
* *
* \return 0 if the signing operation was successful, * \return 0 if the signing operation was successful,
* or an POLARSSL_ERR_RSA_XXX error code * or an MBEDTLS_ERR_RSA_XXX error code
* *
* \note The "sig" buffer must be as large as the size * \note The "sig" buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used). * of ctx->N (eg. 128 bytes if RSA-1024 is used).
*/ */
int rsa_rsassa_pkcs1_v15_sign( rsa_context *ctx, int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng, void *p_rng,
int mode, int mode,
md_type_t md_alg, mbedtls_md_type_t md_alg,
unsigned int hashlen, unsigned int hashlen,
const unsigned char *hash, const unsigned char *hash,
unsigned char *sig ); unsigned char *sig );
@ -463,16 +463,16 @@ int rsa_rsassa_pkcs1_v15_sign( rsa_context *ctx,
* *
* \param ctx RSA context * \param ctx RSA context
* \param f_rng RNG function (Needed for PKCS#1 v2.1 encoding and for * \param f_rng RNG function (Needed for PKCS#1 v2.1 encoding and for
* RSA_PRIVATE) * MBEDTLS_RSA_PRIVATE)
* \param p_rng RNG parameter * \param p_rng RNG parameter
* \param mode RSA_PUBLIC or RSA_PRIVATE * \param mode MBEDTLS_RSA_PUBLIC or MBEDTLS_RSA_PRIVATE
* \param md_alg a POLARSSL_MD_XXX (use POLARSSL_MD_NONE for signing raw data) * \param md_alg a MBEDTLS_MD_XXX (use MBEDTLS_MD_NONE for signing raw data)
* \param hashlen message digest length (for POLARSSL_MD_NONE only) * \param hashlen message digest length (for MBEDTLS_MD_NONE only)
* \param hash buffer holding the message digest * \param hash buffer holding the message digest
* \param sig buffer that will hold the ciphertext * \param sig buffer that will hold the ciphertext
* *
* \return 0 if the signing operation was successful, * \return 0 if the signing operation was successful,
* or an POLARSSL_ERR_RSA_XXX error code * or an MBEDTLS_ERR_RSA_XXX error code
* *
* \note The "sig" buffer must be as large as the size * \note The "sig" buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used). * of ctx->N (eg. 128 bytes if RSA-1024 is used).
@ -482,11 +482,11 @@ int rsa_rsassa_pkcs1_v15_sign( rsa_context *ctx,
* that is encoded. According to RFC 3447 it is advised to * that is encoded. According to RFC 3447 it is advised to
* keep both hashes the same. * keep both hashes the same.
*/ */
int rsa_rsassa_pss_sign( rsa_context *ctx, int mbedtls_rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng, void *p_rng,
int mode, int mode,
md_type_t md_alg, mbedtls_md_type_t md_alg,
unsigned int hashlen, unsigned int hashlen,
const unsigned char *hash, const unsigned char *hash,
unsigned char *sig ); unsigned char *sig );
@ -497,28 +497,28 @@ int rsa_rsassa_pss_sign( rsa_context *ctx,
* the message digest * the message digest
* *
* \param ctx points to an RSA public key * \param ctx points to an RSA public key
* \param f_rng RNG function (Only needed for RSA_PRIVATE) * \param f_rng RNG function (Only needed for MBEDTLS_RSA_PRIVATE)
* \param p_rng RNG parameter * \param p_rng RNG parameter
* \param mode RSA_PUBLIC or RSA_PRIVATE * \param mode MBEDTLS_RSA_PUBLIC or MBEDTLS_RSA_PRIVATE
* \param md_alg a POLARSSL_MD_XXX (use POLARSSL_MD_NONE for signing raw data) * \param md_alg a MBEDTLS_MD_XXX (use MBEDTLS_MD_NONE for signing raw data)
* \param hashlen message digest length (for POLARSSL_MD_NONE only) * \param hashlen message digest length (for MBEDTLS_MD_NONE only)
* \param hash buffer holding the message digest * \param hash buffer holding the message digest
* \param sig buffer holding the ciphertext * \param sig buffer holding the ciphertext
* *
* \return 0 if the verify operation was successful, * \return 0 if the verify operation was successful,
* or an POLARSSL_ERR_RSA_XXX error code * or an MBEDTLS_ERR_RSA_XXX error code
* *
* \note The "sig" buffer must be as large as the size * \note The "sig" buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used). * of ctx->N (eg. 128 bytes if RSA-1024 is used).
* *
* \note In case of PKCS#1 v2.1 encoding, see comments on * \note In case of PKCS#1 v2.1 encoding, see comments on
* \c rsa_rsassa_pss_verify() about md_alg and hash_id. * \c mbedtls_rsa_rsassa_pss_verify() about md_alg and hash_id.
*/ */
int rsa_pkcs1_verify( rsa_context *ctx, int mbedtls_rsa_pkcs1_verify( mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng, void *p_rng,
int mode, int mode,
md_type_t md_alg, mbedtls_md_type_t md_alg,
unsigned int hashlen, unsigned int hashlen,
const unsigned char *hash, const unsigned char *hash,
const unsigned char *sig ); const unsigned char *sig );
@ -527,25 +527,25 @@ int rsa_pkcs1_verify( rsa_context *ctx,
* \brief Perform a PKCS#1 v1.5 verification (RSASSA-PKCS1-v1_5-VERIFY) * \brief Perform a PKCS#1 v1.5 verification (RSASSA-PKCS1-v1_5-VERIFY)
* *
* \param ctx points to an RSA public key * \param ctx points to an RSA public key
* \param f_rng RNG function (Only needed for RSA_PRIVATE) * \param f_rng RNG function (Only needed for MBEDTLS_RSA_PRIVATE)
* \param p_rng RNG parameter * \param p_rng RNG parameter
* \param mode RSA_PUBLIC or RSA_PRIVATE * \param mode MBEDTLS_RSA_PUBLIC or MBEDTLS_RSA_PRIVATE
* \param md_alg a POLARSSL_MD_XXX (use POLARSSL_MD_NONE for signing raw data) * \param md_alg a MBEDTLS_MD_XXX (use MBEDTLS_MD_NONE for signing raw data)
* \param hashlen message digest length (for POLARSSL_MD_NONE only) * \param hashlen message digest length (for MBEDTLS_MD_NONE only)
* \param hash buffer holding the message digest * \param hash buffer holding the message digest
* \param sig buffer holding the ciphertext * \param sig buffer holding the ciphertext
* *
* \return 0 if the verify operation was successful, * \return 0 if the verify operation was successful,
* or an POLARSSL_ERR_RSA_XXX error code * or an MBEDTLS_ERR_RSA_XXX error code
* *
* \note The "sig" buffer must be as large as the size * \note The "sig" buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used). * of ctx->N (eg. 128 bytes if RSA-1024 is used).
*/ */
int rsa_rsassa_pkcs1_v15_verify( rsa_context *ctx, int mbedtls_rsa_rsassa_pkcs1_v15_verify( mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng, void *p_rng,
int mode, int mode,
md_type_t md_alg, mbedtls_md_type_t md_alg,
unsigned int hashlen, unsigned int hashlen,
const unsigned char *hash, const unsigned char *hash,
const unsigned char *sig ); const unsigned char *sig );
@ -555,16 +555,16 @@ int rsa_rsassa_pkcs1_v15_verify( rsa_context *ctx,
* (This is the "simple" version.) * (This is the "simple" version.)
* *
* \param ctx points to an RSA public key * \param ctx points to an RSA public key
* \param f_rng RNG function (Only needed for RSA_PRIVATE) * \param f_rng RNG function (Only needed for MBEDTLS_RSA_PRIVATE)
* \param p_rng RNG parameter * \param p_rng RNG parameter
* \param mode RSA_PUBLIC or RSA_PRIVATE * \param mode MBEDTLS_RSA_PUBLIC or MBEDTLS_RSA_PRIVATE
* \param md_alg a POLARSSL_MD_XXX (use POLARSSL_MD_NONE for signing raw data) * \param md_alg a MBEDTLS_MD_XXX (use MBEDTLS_MD_NONE for signing raw data)
* \param hashlen message digest length (for POLARSSL_MD_NONE only) * \param hashlen message digest length (for MBEDTLS_MD_NONE only)
* \param hash buffer holding the message digest * \param hash buffer holding the message digest
* \param sig buffer holding the ciphertext * \param sig buffer holding the ciphertext
* *
* \return 0 if the verify operation was successful, * \return 0 if the verify operation was successful,
* or an POLARSSL_ERR_RSA_XXX error code * or an MBEDTLS_ERR_RSA_XXX error code
* *
* \note The "sig" buffer must be as large as the size * \note The "sig" buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used). * of ctx->N (eg. 128 bytes if RSA-1024 is used).
@ -575,11 +575,11 @@ int rsa_rsassa_pkcs1_v15_verify( rsa_context *ctx,
* keep both hashes the same. If hash_id in the RSA context is * keep both hashes the same. If hash_id in the RSA context is
* unset, the md_alg from the function call is used. * unset, the md_alg from the function call is used.
*/ */
int rsa_rsassa_pss_verify( rsa_context *ctx, int mbedtls_rsa_rsassa_pss_verify( mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng, void *p_rng,
int mode, int mode,
md_type_t md_alg, mbedtls_md_type_t md_alg,
unsigned int hashlen, unsigned int hashlen,
const unsigned char *hash, const unsigned char *hash,
const unsigned char *sig ); const unsigned char *sig );
@ -589,33 +589,33 @@ int rsa_rsassa_pss_verify( rsa_context *ctx,
* (This is the version with "full" options.) * (This is the version with "full" options.)
* *
* \param ctx points to an RSA public key * \param ctx points to an RSA public key
* \param f_rng RNG function (Only needed for RSA_PRIVATE) * \param f_rng RNG function (Only needed for MBEDTLS_RSA_PRIVATE)
* \param p_rng RNG parameter * \param p_rng RNG parameter
* \param mode RSA_PUBLIC or RSA_PRIVATE * \param mode MBEDTLS_RSA_PUBLIC or MBEDTLS_RSA_PRIVATE
* \param md_alg a POLARSSL_MD_XXX (use POLARSSL_MD_NONE for signing raw data) * \param md_alg a MBEDTLS_MD_XXX (use MBEDTLS_MD_NONE for signing raw data)
* \param hashlen message digest length (for POLARSSL_MD_NONE only) * \param hashlen message digest length (for MBEDTLS_MD_NONE only)
* \param hash buffer holding the message digest * \param hash buffer holding the message digest
* \param mgf1_hash_id message digest used for mask generation * \param mgf1_hash_id message digest used for mask generation
* \param expected_salt_len Length of the salt used in padding, use * \param expected_salt_len Length of the salt used in padding, use
* RSA_SALT_LEN_ANY to accept any salt length * MBEDTLS_RSA_SALT_LEN_ANY to accept any salt length
* \param sig buffer holding the ciphertext * \param sig buffer holding the ciphertext
* *
* \return 0 if the verify operation was successful, * \return 0 if the verify operation was successful,
* or an POLARSSL_ERR_RSA_XXX error code * or an MBEDTLS_ERR_RSA_XXX error code
* *
* \note The "sig" buffer must be as large as the size * \note The "sig" buffer must be as large as the size
* of ctx->N (eg. 128 bytes if RSA-1024 is used). * of ctx->N (eg. 128 bytes if RSA-1024 is used).
* *
* \note The hash_id in the RSA context is ignored. * \note The hash_id in the RSA context is ignored.
*/ */
int rsa_rsassa_pss_verify_ext( rsa_context *ctx, int mbedtls_rsa_rsassa_pss_verify_ext( mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng, void *p_rng,
int mode, int mode,
md_type_t md_alg, mbedtls_md_type_t md_alg,
unsigned int hashlen, unsigned int hashlen,
const unsigned char *hash, const unsigned char *hash,
md_type_t mgf1_hash_id, mbedtls_md_type_t mgf1_hash_id,
int expected_salt_len, int expected_salt_len,
const unsigned char *sig ); const unsigned char *sig );
@ -626,28 +626,28 @@ int rsa_rsassa_pss_verify_ext( rsa_context *ctx,
* \param src Source context * \param src Source context
* *
* \return O on success, * \return O on success,
* POLARSSL_ERR_MPI_MALLOC_FAILED on memory allocation failure * MBEDTLS_ERR_MPI_MALLOC_FAILED on memory allocation failure
*/ */
int rsa_copy( rsa_context *dst, const rsa_context *src ); int mbedtls_rsa_copy( mbedtls_rsa_context *dst, const mbedtls_rsa_context *src );
/** /**
* \brief Free the components of an RSA key * \brief Free the components of an RSA key
* *
* \param ctx RSA Context to free * \param ctx RSA Context to free
*/ */
void rsa_free( rsa_context *ctx ); void mbedtls_rsa_free( mbedtls_rsa_context *ctx );
/** /**
* \brief Checkup routine * \brief Checkup routine
* *
* \return 0 if successful, or 1 if the test failed * \return 0 if successful, or 1 if the test failed
*/ */
int rsa_self_test( int verbose ); int mbedtls_rsa_self_test( int verbose );
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#endif /* POLARSSL_RSA_C */ #endif /* MBEDTLS_RSA_C */
#endif /* rsa.h */ #endif /* rsa.h */

42
include/mbedtls/sha1.h
View File

@ -1,5 +1,5 @@
/** /**
* \file sha1.h * \file mbedtls_sha1.h
* *
* \brief SHA-1 cryptographic hash function * \brief SHA-1 cryptographic hash function
* *
@ -21,13 +21,13 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_SHA1_H #ifndef MBEDTLS_SHA1_H
#define POLARSSL_SHA1_H #define MBEDTLS_SHA1_H
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h" #include "config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#include <stddef.h> #include <stddef.h>
@ -39,9 +39,9 @@ typedef UINT32 uint32_t;
#include <inttypes.h> #include <inttypes.h>
#endif #endif
#define POLARSSL_ERR_SHA1_FILE_IO_ERROR -0x0076 /**< Read/write error in file. */ #define MBEDTLS_ERR_SHA1_FILE_IO_ERROR -0x0076 /**< Read/write error in file. */
#if !defined(POLARSSL_SHA1_ALT) #if !defined(MBEDTLS_SHA1_ALT)
// Regular implementation // Regular implementation
// //
@ -58,28 +58,28 @@ typedef struct
uint32_t state[5]; /*!< intermediate digest state */ uint32_t state[5]; /*!< intermediate digest state */
unsigned char buffer[64]; /*!< data block being processed */ unsigned char buffer[64]; /*!< data block being processed */
} }
sha1_context; mbedtls_sha1_context;
/** /**
* \brief Initialize SHA-1 context * \brief Initialize SHA-1 context
* *
* \param ctx SHA-1 context to be initialized * \param ctx SHA-1 context to be initialized
*/ */
void sha1_init( sha1_context *ctx ); void mbedtls_sha1_init( mbedtls_sha1_context *ctx );
/** /**
* \brief Clear SHA-1 context * \brief Clear SHA-1 context
* *
* \param ctx SHA-1 context to be cleared * \param ctx SHA-1 context to be cleared
*/ */
void sha1_free( sha1_context *ctx ); void mbedtls_sha1_free( mbedtls_sha1_context *ctx );
/** /**
* \brief SHA-1 context setup * \brief SHA-1 context setup
* *
* \param ctx context to be initialized * \param ctx context to be initialized
*/ */
void sha1_starts( sha1_context *ctx ); void mbedtls_sha1_starts( mbedtls_sha1_context *ctx );
/** /**
* \brief SHA-1 process buffer * \brief SHA-1 process buffer
@ -88,7 +88,7 @@ void sha1_starts( sha1_context *ctx );
* \param input buffer holding the data * \param input buffer holding the data
* \param ilen length of the input data * \param ilen length of the input data
*/ */
void sha1_update( sha1_context *ctx, const unsigned char *input, size_t ilen ); void mbedtls_sha1_update( mbedtls_sha1_context *ctx, const unsigned char *input, size_t ilen );
/** /**
* \brief SHA-1 final digest * \brief SHA-1 final digest
@ -96,18 +96,18 @@ void sha1_update( sha1_context *ctx, const unsigned char *input, size_t ilen );
* \param ctx SHA-1 context * \param ctx SHA-1 context
* \param output SHA-1 checksum result * \param output SHA-1 checksum result
*/ */
void sha1_finish( sha1_context *ctx, unsigned char output[20] ); void mbedtls_sha1_finish( mbedtls_sha1_context *ctx, unsigned char output[20] );
/* Internal use */ /* Internal use */
void sha1_process( sha1_context *ctx, const unsigned char data[64] ); void mbedtls_sha1_process( mbedtls_sha1_context *ctx, const unsigned char data[64] );
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#else /* POLARSSL_SHA1_ALT */ #else /* MBEDTLS_SHA1_ALT */
#include "sha1_alt.h" #include "sha1_alt.h"
#endif /* POLARSSL_SHA1_ALT */ #endif /* MBEDTLS_SHA1_ALT */
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
@ -120,7 +120,7 @@ extern "C" {
* \param ilen length of the input data * \param ilen length of the input data
* \param output SHA-1 checksum result * \param output SHA-1 checksum result
*/ */
void sha1( const unsigned char *input, size_t ilen, unsigned char output[20] ); void mbedtls_sha1( const unsigned char *input, size_t ilen, unsigned char output[20] );
/** /**
* \brief Output = SHA-1( file contents ) * \brief Output = SHA-1( file contents )
@ -128,19 +128,19 @@ void sha1( const unsigned char *input, size_t ilen, unsigned char output[20] );
* \param path input file name * \param path input file name
* \param output SHA-1 checksum result * \param output SHA-1 checksum result
* *
* \return 0 if successful, or POLARSSL_ERR_SHA1_FILE_IO_ERROR * \return 0 if successful, or MBEDTLS_ERR_SHA1_FILE_IO_ERROR
*/ */
int sha1_file( const char *path, unsigned char output[20] ); int mbedtls_sha1_file( const char *path, unsigned char output[20] );
/** /**
* \brief Checkup routine * \brief Checkup routine
* *
* \return 0 if successful, or 1 if the test failed * \return 0 if successful, or 1 if the test failed
*/ */
int sha1_self_test( int verbose ); int mbedtls_sha1_self_test( int verbose );
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#endif /* sha1.h */ #endif /* mbedtls_sha1.h */

42
include/mbedtls/sha256.h
View File

@ -1,5 +1,5 @@
/** /**
* \file sha256.h * \file mbedtls_sha256.h
* *
* \brief SHA-224 and SHA-256 cryptographic hash function * \brief SHA-224 and SHA-256 cryptographic hash function
* *
@ -21,13 +21,13 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_SHA256_H #ifndef MBEDTLS_SHA256_H
#define POLARSSL_SHA256_H #define MBEDTLS_SHA256_H
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h" #include "config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#include <stddef.h> #include <stddef.h>
@ -39,9 +39,9 @@ typedef UINT32 uint32_t;
#include <inttypes.h> #include <inttypes.h>
#endif #endif
#define POLARSSL_ERR_SHA256_FILE_IO_ERROR -0x0078 /**< Read/write error in file. */ #define MBEDTLS_ERR_SHA256_FILE_IO_ERROR -0x0078 /**< Read/write error in file. */
#if !defined(POLARSSL_SHA256_ALT) #if !defined(MBEDTLS_SHA256_ALT)
// Regular implementation // Regular implementation
// //
@ -59,21 +59,21 @@ typedef struct
unsigned char buffer[64]; /*!< data block being processed */ unsigned char buffer[64]; /*!< data block being processed */
int is224; /*!< 0 => SHA-256, else SHA-224 */ int is224; /*!< 0 => SHA-256, else SHA-224 */
} }
sha256_context; mbedtls_sha256_context;
/** /**
* \brief Initialize SHA-256 context * \brief Initialize SHA-256 context
* *
* \param ctx SHA-256 context to be initialized * \param ctx SHA-256 context to be initialized
*/ */
void sha256_init( sha256_context *ctx ); void mbedtls_sha256_init( mbedtls_sha256_context *ctx );
/** /**
* \brief Clear SHA-256 context * \brief Clear SHA-256 context
* *
* \param ctx SHA-256 context to be cleared * \param ctx SHA-256 context to be cleared
*/ */
void sha256_free( sha256_context *ctx ); void mbedtls_sha256_free( mbedtls_sha256_context *ctx );
/** /**
* \brief SHA-256 context setup * \brief SHA-256 context setup
@ -81,7 +81,7 @@ void sha256_free( sha256_context *ctx );
* \param ctx context to be initialized * \param ctx context to be initialized
* \param is224 0 = use SHA256, 1 = use SHA224 * \param is224 0 = use SHA256, 1 = use SHA224
*/ */
void sha256_starts( sha256_context *ctx, int is224 ); void mbedtls_sha256_starts( mbedtls_sha256_context *ctx, int is224 );
/** /**
* \brief SHA-256 process buffer * \brief SHA-256 process buffer
@ -90,7 +90,7 @@ void sha256_starts( sha256_context *ctx, int is224 );
* \param input buffer holding the data * \param input buffer holding the data
* \param ilen length of the input data * \param ilen length of the input data
*/ */
void sha256_update( sha256_context *ctx, const unsigned char *input, void mbedtls_sha256_update( mbedtls_sha256_context *ctx, const unsigned char *input,
size_t ilen ); size_t ilen );
/** /**
@ -99,18 +99,18 @@ void sha256_update( sha256_context *ctx, const unsigned char *input,
* \param ctx SHA-256 context * \param ctx SHA-256 context
* \param output SHA-224/256 checksum result * \param output SHA-224/256 checksum result
*/ */
void sha256_finish( sha256_context *ctx, unsigned char output[32] ); void mbedtls_sha256_finish( mbedtls_sha256_context *ctx, unsigned char output[32] );
/* Internal use */ /* Internal use */
void sha256_process( sha256_context *ctx, const unsigned char data[64] ); void mbedtls_sha256_process( mbedtls_sha256_context *ctx, const unsigned char data[64] );
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#else /* POLARSSL_SHA256_ALT */ #else /* MBEDTLS_SHA256_ALT */
#include "sha256_alt.h" #include "sha256_alt.h"
#endif /* POLARSSL_SHA256_ALT */ #endif /* MBEDTLS_SHA256_ALT */
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
@ -124,7 +124,7 @@ extern "C" {
* \param output SHA-224/256 checksum result * \param output SHA-224/256 checksum result
* \param is224 0 = use SHA256, 1 = use SHA224 * \param is224 0 = use SHA256, 1 = use SHA224
*/ */
void sha256( const unsigned char *input, size_t ilen, void mbedtls_sha256( const unsigned char *input, size_t ilen,
unsigned char output[32], int is224 ); unsigned char output[32], int is224 );
/** /**
@ -134,19 +134,19 @@ void sha256( const unsigned char *input, size_t ilen,
* \param output SHA-224/256 checksum result * \param output SHA-224/256 checksum result
* \param is224 0 = use SHA256, 1 = use SHA224 * \param is224 0 = use SHA256, 1 = use SHA224
* *
* \return 0 if successful, or POLARSSL_ERR_SHA256_FILE_IO_ERROR * \return 0 if successful, or MBEDTLS_ERR_SHA256_FILE_IO_ERROR
*/ */
int sha256_file( const char *path, unsigned char output[32], int is224 ); int mbedtls_sha256_file( const char *path, unsigned char output[32], int is224 );
/** /**
* \brief Checkup routine * \brief Checkup routine
* *
* \return 0 if successful, or 1 if the test failed * \return 0 if successful, or 1 if the test failed
*/ */
int sha256_self_test( int verbose ); int mbedtls_sha256_self_test( int verbose );
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#endif /* sha256.h */ #endif /* mbedtls_sha256.h */

42
include/mbedtls/sha512.h
View File

@ -1,5 +1,5 @@
/** /**
* \file sha512.h * \file mbedtls_sha512.h
* *
* \brief SHA-384 and SHA-512 cryptographic hash function * \brief SHA-384 and SHA-512 cryptographic hash function
* *
@ -21,13 +21,13 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_SHA512_H #ifndef MBEDTLS_SHA512_H
#define POLARSSL_SHA512_H #define MBEDTLS_SHA512_H
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h" #include "config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#include <stddef.h> #include <stddef.h>
@ -38,9 +38,9 @@
#include <inttypes.h> #include <inttypes.h>
#endif #endif
#define POLARSSL_ERR_SHA512_FILE_IO_ERROR -0x007A /**< Read/write error in file. */ #define MBEDTLS_ERR_SHA512_FILE_IO_ERROR -0x007A /**< Read/write error in file. */
#if !defined(POLARSSL_SHA512_ALT) #if !defined(MBEDTLS_SHA512_ALT)
// Regular implementation // Regular implementation
// //
@ -58,21 +58,21 @@ typedef struct
unsigned char buffer[128]; /*!< data block being processed */ unsigned char buffer[128]; /*!< data block being processed */
int is384; /*!< 0 => SHA-512, else SHA-384 */ int is384; /*!< 0 => SHA-512, else SHA-384 */
} }
sha512_context; mbedtls_sha512_context;
/** /**
* \brief Initialize SHA-512 context * \brief Initialize SHA-512 context
* *
* \param ctx SHA-512 context to be initialized * \param ctx SHA-512 context to be initialized
*/ */
void sha512_init( sha512_context *ctx ); void mbedtls_sha512_init( mbedtls_sha512_context *ctx );
/** /**
* \brief Clear SHA-512 context * \brief Clear SHA-512 context
* *
* \param ctx SHA-512 context to be cleared * \param ctx SHA-512 context to be cleared
*/ */
void sha512_free( sha512_context *ctx ); void mbedtls_sha512_free( mbedtls_sha512_context *ctx );
/** /**
* \brief SHA-512 context setup * \brief SHA-512 context setup
@ -80,7 +80,7 @@ void sha512_free( sha512_context *ctx );
* \param ctx context to be initialized * \param ctx context to be initialized
* \param is384 0 = use SHA512, 1 = use SHA384 * \param is384 0 = use SHA512, 1 = use SHA384
*/ */
void sha512_starts( sha512_context *ctx, int is384 ); void mbedtls_sha512_starts( mbedtls_sha512_context *ctx, int is384 );
/** /**
* \brief SHA-512 process buffer * \brief SHA-512 process buffer
@ -89,7 +89,7 @@ void sha512_starts( sha512_context *ctx, int is384 );
* \param input buffer holding the data * \param input buffer holding the data
* \param ilen length of the input data * \param ilen length of the input data
*/ */
void sha512_update( sha512_context *ctx, const unsigned char *input, void mbedtls_sha512_update( mbedtls_sha512_context *ctx, const unsigned char *input,
size_t ilen ); size_t ilen );
/** /**
@ -98,15 +98,15 @@ void sha512_update( sha512_context *ctx, const unsigned char *input,
* \param ctx SHA-512 context * \param ctx SHA-512 context
* \param output SHA-384/512 checksum result * \param output SHA-384/512 checksum result
*/ */
void sha512_finish( sha512_context *ctx, unsigned char output[64] ); void mbedtls_sha512_finish( mbedtls_sha512_context *ctx, unsigned char output[64] );
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#else /* POLARSSL_SHA512_ALT */ #else /* MBEDTLS_SHA512_ALT */
#include "sha512_alt.h" #include "sha512_alt.h"
#endif /* POLARSSL_SHA512_ALT */ #endif /* MBEDTLS_SHA512_ALT */
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
@ -120,7 +120,7 @@ extern "C" {
* \param output SHA-384/512 checksum result * \param output SHA-384/512 checksum result
* \param is384 0 = use SHA512, 1 = use SHA384 * \param is384 0 = use SHA512, 1 = use SHA384
*/ */
void sha512( const unsigned char *input, size_t ilen, void mbedtls_sha512( const unsigned char *input, size_t ilen,
unsigned char output[64], int is384 ); unsigned char output[64], int is384 );
/** /**
@ -130,22 +130,22 @@ void sha512( const unsigned char *input, size_t ilen,
* \param output SHA-384/512 checksum result * \param output SHA-384/512 checksum result
* \param is384 0 = use SHA512, 1 = use SHA384 * \param is384 0 = use SHA512, 1 = use SHA384
* *
* \return 0 if successful, or POLARSSL_ERR_SHA512_FILE_IO_ERROR * \return 0 if successful, or MBEDTLS_ERR_SHA512_FILE_IO_ERROR
*/ */
int sha512_file( const char *path, unsigned char output[64], int is384 ); int mbedtls_sha512_file( const char *path, unsigned char output[64], int is384 );
/** /**
* \brief Checkup routine * \brief Checkup routine
* *
* \return 0 if successful, or 1 if the test failed * \return 0 if successful, or 1 if the test failed
*/ */
int sha512_self_test( int verbose ); int mbedtls_sha512_self_test( int verbose );
/* Internal use */ /* Internal use */
void sha512_process( sha512_context *ctx, const unsigned char data[128] ); void mbedtls_sha512_process( mbedtls_sha512_context *ctx, const unsigned char data[128] );
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#endif /* sha512.h */ #endif /* mbedtls_sha512.h */

1474
include/mbedtls/ssl.h
View File

File diff suppressed because it is too large Load Diff

62
include/mbedtls/ssl_cache.h
View File

@ -21,12 +21,12 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_SSL_CACHE_H #ifndef MBEDTLS_SSL_CACHE_H
#define POLARSSL_SSL_CACHE_H #define MBEDTLS_SSL_CACHE_H
#include "ssl.h" #include "ssl.h"
#if defined(POLARSSL_THREADING_C) #if defined(MBEDTLS_THREADING_C)
#include "threading.h" #include "threading.h"
#endif #endif
@ -38,12 +38,12 @@
* \{ * \{
*/ */
#if !defined(SSL_CACHE_DEFAULT_TIMEOUT) #if !defined(MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT)
#define SSL_CACHE_DEFAULT_TIMEOUT 86400 /*!< 1 day */ #define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /*!< 1 day */
#endif #endif
#if !defined(SSL_CACHE_DEFAULT_MAX_ENTRIES) #if !defined(MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES)
#define SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /*!< Maximum entries in cache */ #define MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /*!< Maximum entries in cache */
#endif #endif
/* \} name SECTION: Module settings */ /* \} name SECTION: Module settings */
@ -52,34 +52,34 @@
extern "C" { extern "C" {
#endif #endif
typedef struct _ssl_cache_context ssl_cache_context; typedef struct mbedtls_ssl_cache_context mbedtls_ssl_cache_context;
typedef struct _ssl_cache_entry ssl_cache_entry; typedef struct mbedtls_ssl_cache_entry mbedtls_ssl_cache_entry;
/** /**
* \brief This structure is used for storing cache entries * \brief This structure is used for storing cache entries
*/ */
struct _ssl_cache_entry struct mbedtls_ssl_cache_entry
{ {
#if defined(POLARSSL_HAVE_TIME) #if defined(MBEDTLS_HAVE_TIME)
time_t timestamp; /*!< entry timestamp */ time_t timestamp; /*!< entry timestamp */
#endif #endif
ssl_session session; /*!< entry session */ mbedtls_ssl_session session; /*!< entry session */
#if defined(POLARSSL_X509_CRT_PARSE_C) #if defined(MBEDTLS_X509_CRT_PARSE_C)
x509_buf peer_cert; /*!< entry peer_cert */ mbedtls_x509_buf peer_cert; /*!< entry peer_cert */
#endif #endif
ssl_cache_entry *next; /*!< chain pointer */ mbedtls_ssl_cache_entry *next; /*!< chain pointer */
}; };
/** /**
* \brief Cache context * \brief Cache context
*/ */
struct _ssl_cache_context struct mbedtls_ssl_cache_context
{ {
ssl_cache_entry *chain; /*!< start of the chain */ mbedtls_ssl_cache_entry *chain; /*!< start of the chain */
int timeout; /*!< cache entry timeout */ int timeout; /*!< cache entry timeout */
int max_entries; /*!< maximum entries */ int max_entries; /*!< maximum entries */
#if defined(POLARSSL_THREADING_C) #if defined(MBEDTLS_THREADING_C)
threading_mutex_t mutex; /*!< mutex */ mbedtls_threading_mutex_t mutex; /*!< mutex */
#endif #endif
}; };
@ -88,54 +88,54 @@ struct _ssl_cache_context
* *
* \param cache SSL cache context * \param cache SSL cache context
*/ */
void ssl_cache_init( ssl_cache_context *cache ); void mbedtls_ssl_cache_init( mbedtls_ssl_cache_context *cache );
/** /**
* \brief Cache get callback implementation * \brief Cache get callback implementation
* (Thread-safe if POLARSSL_THREADING_C is enabled) * (Thread-safe if MBEDTLS_THREADING_C is enabled)
* *
* \param data SSL cache context * \param data SSL cache context
* \param session session to retrieve entry for * \param session session to retrieve entry for
*/ */
int ssl_cache_get( void *data, ssl_session *session ); int mbedtls_ssl_cache_get( void *data, mbedtls_ssl_session *session );
/** /**
* \brief Cache set callback implementation * \brief Cache set callback implementation
* (Thread-safe if POLARSSL_THREADING_C is enabled) * (Thread-safe if MBEDTLS_THREADING_C is enabled)
* *
* \param data SSL cache context * \param data SSL cache context
* \param session session to store entry for * \param session session to store entry for
*/ */
int ssl_cache_set( void *data, const ssl_session *session ); int mbedtls_ssl_cache_set( void *data, const mbedtls_ssl_session *session );
#if defined(POLARSSL_HAVE_TIME) #if defined(MBEDTLS_HAVE_TIME)
/** /**
* \brief Set the cache timeout * \brief Set the cache timeout
* (Default: SSL_CACHE_DEFAULT_TIMEOUT (1 day)) * (Default: MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT (1 day))
* *
* A timeout of 0 indicates no timeout. * A timeout of 0 indicates no timeout.
* *
* \param cache SSL cache context * \param cache SSL cache context
* \param timeout cache entry timeout in seconds * \param timeout cache entry timeout in seconds
*/ */
void ssl_cache_set_timeout( ssl_cache_context *cache, int timeout ); void mbedtls_ssl_cache_set_timeout( mbedtls_ssl_cache_context *cache, int timeout );
#endif /* POLARSSL_HAVE_TIME */ #endif /* MBEDTLS_HAVE_TIME */
/** /**
* \brief Set the cache timeout * \brief Set the cache timeout
* (Default: SSL_CACHE_DEFAULT_MAX_ENTRIES (50)) * (Default: MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES (50))
* *
* \param cache SSL cache context * \param cache SSL cache context
* \param max cache entry maximum * \param max cache entry maximum
*/ */
void ssl_cache_set_max_entries( ssl_cache_context *cache, int max ); void mbedtls_ssl_cache_set_max_entries( mbedtls_ssl_cache_context *cache, int max );
/** /**
* \brief Free referenced items in a cache context and clear memory * \brief Free referenced items in a cache context and clear memory
* *
* \param cache SSL cache context * \param cache SSL cache context
*/ */
void ssl_cache_free( ssl_cache_context *cache ); void mbedtls_ssl_cache_free( mbedtls_ssl_cache_context *cache );
#ifdef __cplusplus #ifdef __cplusplus
} }

402
include/mbedtls/ssl_ciphersuites.h
View File

@ -21,8 +21,8 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_SSL_CIPHERSUITES_H #ifndef MBEDTLS_SSL_CIPHERSUITES_H
#define POLARSSL_SSL_CIPHERSUITES_H #define MBEDTLS_SSL_CIPHERSUITES_H
#include "pk.h" #include "pk.h"
#include "cipher.h" #include "cipher.h"
@ -35,247 +35,247 @@ extern "C" {
/* /*
* Supported ciphersuites (Official IANA names) * Supported ciphersuites (Official IANA names)
*/ */
#define TLS_RSA_WITH_NULL_MD5 0x01 /**< Weak! */ #define MBEDTLS_TLS_RSA_WITH_NULL_MD5 0x01 /**< Weak! */
#define TLS_RSA_WITH_NULL_SHA 0x02 /**< Weak! */ #define MBEDTLS_TLS_RSA_WITH_NULL_SHA 0x02 /**< Weak! */
#define TLS_RSA_WITH_RC4_128_MD5 0x04 #define MBEDTLS_TLS_RSA_WITH_RC4_128_MD5 0x04
#define TLS_RSA_WITH_RC4_128_SHA 0x05 #define MBEDTLS_TLS_RSA_WITH_RC4_128_SHA 0x05
#define TLS_RSA_WITH_DES_CBC_SHA 0x09 /**< Weak! Not in TLS 1.2 */ #define MBEDTLS_TLS_RSA_WITH_DES_CBC_SHA 0x09 /**< Weak! Not in TLS 1.2 */
#define TLS_RSA_WITH_3DES_EDE_CBC_SHA 0x0A #define MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA 0x0A
#define TLS_DHE_RSA_WITH_DES_CBC_SHA 0x15 /**< Weak! Not in TLS 1.2 */ #define MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA 0x15 /**< Weak! Not in TLS 1.2 */
#define TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA 0x16 #define MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA 0x16
#define TLS_PSK_WITH_NULL_SHA 0x2C /**< Weak! */ #define MBEDTLS_TLS_PSK_WITH_NULL_SHA 0x2C /**< Weak! */
#define TLS_DHE_PSK_WITH_NULL_SHA 0x2D /**< Weak! */ #define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA 0x2D /**< Weak! */
#define TLS_RSA_PSK_WITH_NULL_SHA 0x2E /**< Weak! */ #define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA 0x2E /**< Weak! */
#define TLS_RSA_WITH_AES_128_CBC_SHA 0x2F #define MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA 0x2F
#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA 0x33 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA 0x33
#define TLS_RSA_WITH_AES_256_CBC_SHA 0x35 #define MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA 0x35
#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA 0x39 #define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA 0x39
#define TLS_RSA_WITH_NULL_SHA256 0x3B /**< Weak! */ #define MBEDTLS_TLS_RSA_WITH_NULL_SHA256 0x3B /**< Weak! */
#define TLS_RSA_WITH_AES_128_CBC_SHA256 0x3C /**< TLS 1.2 */ #define MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 0x3C /**< TLS 1.2 */
#define TLS_RSA_WITH_AES_256_CBC_SHA256 0x3D /**< TLS 1.2 */ #define MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 0x3D /**< TLS 1.2 */
#define TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 0x41 #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 0x41
#define TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 0x45 #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 0x45
#define TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 0x67 /**< TLS 1.2 */ #define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 0x67 /**< TLS 1.2 */
#define TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 0x6B /**< TLS 1.2 */ #define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 0x6B /**< TLS 1.2 */
#define TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 0x84 #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 0x84
#define TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 0x88 #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 0x88
#define TLS_PSK_WITH_RC4_128_SHA 0x8A #define MBEDTLS_TLS_PSK_WITH_RC4_128_SHA 0x8A
#define TLS_PSK_WITH_3DES_EDE_CBC_SHA 0x8B #define MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA 0x8B
#define TLS_PSK_WITH_AES_128_CBC_SHA 0x8C #define MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA 0x8C
#define TLS_PSK_WITH_AES_256_CBC_SHA 0x8D #define MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA 0x8D
#define TLS_DHE_PSK_WITH_RC4_128_SHA 0x8E #define MBEDTLS_TLS_DHE_PSK_WITH_RC4_128_SHA 0x8E
#define TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA 0x8F #define MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA 0x8F
#define TLS_DHE_PSK_WITH_AES_128_CBC_SHA 0x90 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA 0x90
#define TLS_DHE_PSK_WITH_AES_256_CBC_SHA 0x91 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA 0x91
#define TLS_RSA_PSK_WITH_RC4_128_SHA 0x92 #define MBEDTLS_TLS_RSA_PSK_WITH_RC4_128_SHA 0x92
#define TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA 0x93 #define MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA 0x93
#define TLS_RSA_PSK_WITH_AES_128_CBC_SHA 0x94 #define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA 0x94
#define TLS_RSA_PSK_WITH_AES_256_CBC_SHA 0x95 #define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA 0x95
#define TLS_RSA_WITH_AES_128_GCM_SHA256 0x9C /**< TLS 1.2 */ #define MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 0x9C /**< TLS 1.2 */
#define TLS_RSA_WITH_AES_256_GCM_SHA384 0x9D /**< TLS 1.2 */ #define MBEDTLS_TLS_RSA_WITH_AES_256_GCM_SHA384 0x9D /**< TLS 1.2 */
#define TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 0x9E /**< TLS 1.2 */ #define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 0x9E /**< TLS 1.2 */
#define TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 0x9F /**< TLS 1.2 */ #define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 0x9F /**< TLS 1.2 */
#define TLS_PSK_WITH_AES_128_GCM_SHA256 0xA8 /**< TLS 1.2 */ #define MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 0xA8 /**< TLS 1.2 */
#define TLS_PSK_WITH_AES_256_GCM_SHA384 0xA9 /**< TLS 1.2 */ #define MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 0xA9 /**< TLS 1.2 */
#define TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 0xAA /**< TLS 1.2 */ #define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 0xAA /**< TLS 1.2 */
#define TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 0xAB /**< TLS 1.2 */ #define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 0xAB /**< TLS 1.2 */
#define TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 0xAC /**< TLS 1.2 */ #define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 0xAC /**< TLS 1.2 */
#define TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 0xAD /**< TLS 1.2 */ #define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 0xAD /**< TLS 1.2 */
#define TLS_PSK_WITH_AES_128_CBC_SHA256 0xAE #define MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256 0xAE
#define TLS_PSK_WITH_AES_256_CBC_SHA384 0xAF #define MBEDTLS_TLS_PSK_WITH_AES_256_CBC_SHA384 0xAF
#define TLS_PSK_WITH_NULL_SHA256 0xB0 /**< Weak! */ #define MBEDTLS_TLS_PSK_WITH_NULL_SHA256 0xB0 /**< Weak! */
#define TLS_PSK_WITH_NULL_SHA384 0xB1 /**< Weak! */ #define MBEDTLS_TLS_PSK_WITH_NULL_SHA384 0xB1 /**< Weak! */
#define TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 0xB2 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 0xB2
#define TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 0xB3 #define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 0xB3
#define TLS_DHE_PSK_WITH_NULL_SHA256 0xB4 /**< Weak! */ #define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA256 0xB4 /**< Weak! */
#define TLS_DHE_PSK_WITH_NULL_SHA384 0xB5 /**< Weak! */ #define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA384 0xB5 /**< Weak! */
#define TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 0xB6 #define MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 0xB6
#define TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 0xB7 #define MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 0xB7
#define TLS_RSA_PSK_WITH_NULL_SHA256 0xB8 /**< Weak! */ #define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA256 0xB8 /**< Weak! */
#define TLS_RSA_PSK_WITH_NULL_SHA384 0xB9 /**< Weak! */ #define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA384 0xB9 /**< Weak! */
#define TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBA /**< TLS 1.2 */ #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBA /**< TLS 1.2 */
#define TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBE /**< TLS 1.2 */ #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBE /**< TLS 1.2 */
#define TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC0 /**< TLS 1.2 */ #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC0 /**< TLS 1.2 */
#define TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC4 /**< TLS 1.2 */ #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC4 /**< TLS 1.2 */
#define TLS_ECDH_ECDSA_WITH_NULL_SHA 0xC001 /**< Weak! */ #define MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA 0xC001 /**< Weak! */
#define TLS_ECDH_ECDSA_WITH_RC4_128_SHA 0xC002 /**< Not in SSL3! */ #define MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA 0xC002 /**< Not in SSL3! */
#define TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA 0xC003 /**< Not in SSL3! */ #define MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA 0xC003 /**< Not in SSL3! */
#define TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA 0xC004 /**< Not in SSL3! */ #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA 0xC004 /**< Not in SSL3! */
#define TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 0xC005 /**< Not in SSL3! */ #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA 0xC005 /**< Not in SSL3! */
#define TLS_ECDHE_ECDSA_WITH_NULL_SHA 0xC006 /**< Weak! */ #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_NULL_SHA 0xC006 /**< Weak! */
#define TLS_ECDHE_ECDSA_WITH_RC4_128_SHA 0xC007 /**< Not in SSL3! */ #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA 0xC007 /**< Not in SSL3! */
#define TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA 0xC008 /**< Not in SSL3! */ #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA 0xC008 /**< Not in SSL3! */
#define TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 0xC009 /**< Not in SSL3! */ #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 0xC009 /**< Not in SSL3! */
#define TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 0xC00A /**< Not in SSL3! */ #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 0xC00A /**< Not in SSL3! */
#define TLS_ECDH_RSA_WITH_NULL_SHA 0xC00B /**< Weak! */ #define MBEDTLS_TLS_ECDH_RSA_WITH_NULL_SHA 0xC00B /**< Weak! */
#define TLS_ECDH_RSA_WITH_RC4_128_SHA 0xC00C /**< Not in SSL3! */ #define MBEDTLS_TLS_ECDH_RSA_WITH_RC4_128_SHA 0xC00C /**< Not in SSL3! */
#define TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA 0xC00D /**< Not in SSL3! */ #define MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA 0xC00D /**< Not in SSL3! */
#define TLS_ECDH_RSA_WITH_AES_128_CBC_SHA 0xC00E /**< Not in SSL3! */ #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA 0xC00E /**< Not in SSL3! */
#define TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 0xC00F /**< Not in SSL3! */ #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA 0xC00F /**< Not in SSL3! */
#define TLS_ECDHE_RSA_WITH_NULL_SHA 0xC010 /**< Weak! */ #define MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA 0xC010 /**< Weak! */
#define TLS_ECDHE_RSA_WITH_RC4_128_SHA 0xC011 /**< Not in SSL3! */ #define MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA 0xC011 /**< Not in SSL3! */
#define TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 0xC012 /**< Not in SSL3! */ #define MBEDTLS_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 0xC012 /**< Not in SSL3! */
#define TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 0xC013 /**< Not in SSL3! */ #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 0xC013 /**< Not in SSL3! */
#define TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 0xC014 /**< Not in SSL3! */ #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 0xC014 /**< Not in SSL3! */
#define TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 0xC023 /**< TLS 1.2 */ #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 0xC023 /**< TLS 1.2 */
#define TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 0xC024 /**< TLS 1.2 */ #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 0xC024 /**< TLS 1.2 */
#define TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 0xC025 /**< TLS 1.2 */ #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 0xC025 /**< TLS 1.2 */
#define TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 0xC026 /**< TLS 1.2 */ #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 0xC026 /**< TLS 1.2 */
#define TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 0xC027 /**< TLS 1.2 */ #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 0xC027 /**< TLS 1.2 */
#define TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 0xC028 /**< TLS 1.2 */ #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 0xC028 /**< TLS 1.2 */
#define TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 0xC029 /**< TLS 1.2 */ #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 0xC029 /**< TLS 1.2 */
#define TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 0xC02A /**< TLS 1.2 */ #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 0xC02A /**< TLS 1.2 */
#define TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 0xC02B /**< TLS 1.2 */ #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 0xC02B /**< TLS 1.2 */
#define TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 0xC02C /**< TLS 1.2 */ #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 0xC02C /**< TLS 1.2 */
#define TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 0xC02D /**< TLS 1.2 */ #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 0xC02D /**< TLS 1.2 */
#define TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 0xC02E /**< TLS 1.2 */ #define MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 0xC02E /**< TLS 1.2 */
#define TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 0xC02F /**< TLS 1.2 */ #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 0xC02F /**< TLS 1.2 */
#define TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 0xC030 /**< TLS 1.2 */ #define MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 0xC030 /**< TLS 1.2 */
#define TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 0xC031 /**< TLS 1.2 */ #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 0xC031 /**< TLS 1.2 */
#define TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 0xC032 /**< TLS 1.2 */ #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 0xC032 /**< TLS 1.2 */
#define TLS_ECDHE_PSK_WITH_RC4_128_SHA 0xC033 /**< Not in SSL3! */ #define MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA 0xC033 /**< Not in SSL3! */
#define TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA 0xC034 /**< Not in SSL3! */ #define MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA 0xC034 /**< Not in SSL3! */
#define TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA 0xC035 /**< Not in SSL3! */ #define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA 0xC035 /**< Not in SSL3! */
#define TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA 0xC036 /**< Not in SSL3! */ #define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA 0xC036 /**< Not in SSL3! */
#define TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 0xC037 /**< Not in SSL3! */ #define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 0xC037 /**< Not in SSL3! */
#define TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 0xC038 /**< Not in SSL3! */ #define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 0xC038 /**< Not in SSL3! */
#define TLS_ECDHE_PSK_WITH_NULL_SHA 0xC039 /**< Weak! No SSL3! */ #define MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA 0xC039 /**< Weak! No SSL3! */
#define TLS_ECDHE_PSK_WITH_NULL_SHA256 0xC03A /**< Weak! No SSL3! */ #define MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA256 0xC03A /**< Weak! No SSL3! */
#define TLS_ECDHE_PSK_WITH_NULL_SHA384 0xC03B /**< Weak! No SSL3! */ #define MBEDTLS_TLS_ECDHE_PSK_WITH_NULL_SHA384 0xC03B /**< Weak! No SSL3! */
#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0xC072 /**< Not in SSL3! */ #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0xC072 /**< Not in SSL3! */
#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0xC073 /**< Not in SSL3! */ #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0xC073 /**< Not in SSL3! */
#define TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0xC074 /**< Not in SSL3! */ #define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0xC074 /**< Not in SSL3! */
#define TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0xC075 /**< Not in SSL3! */ #define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0xC075 /**< Not in SSL3! */
#define TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xC076 /**< Not in SSL3! */ #define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xC076 /**< Not in SSL3! */
#define TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 0xC077 /**< Not in SSL3! */ #define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 0xC077 /**< Not in SSL3! */
#define TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xC078 /**< Not in SSL3! */ #define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xC078 /**< Not in SSL3! */
#define TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 0xC079 /**< Not in SSL3! */ #define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 0xC079 /**< Not in SSL3! */
#define TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC07A /**< TLS 1.2 */ #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC07A /**< TLS 1.2 */
#define TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC07B /**< TLS 1.2 */ #define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC07B /**< TLS 1.2 */
#define TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC07C /**< TLS 1.2 */ #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC07C /**< TLS 1.2 */
#define TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC07D /**< TLS 1.2 */ #define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC07D /**< TLS 1.2 */
#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 0xC086 /**< TLS 1.2 */ #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 0xC086 /**< TLS 1.2 */
#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 0xC087 /**< TLS 1.2 */ #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 0xC087 /**< TLS 1.2 */
#define TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 0xC088 /**< TLS 1.2 */ #define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 0xC088 /**< TLS 1.2 */
#define TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 0xC089 /**< TLS 1.2 */ #define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 0xC089 /**< TLS 1.2 */
#define TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC08A /**< TLS 1.2 */ #define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC08A /**< TLS 1.2 */
#define TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC08B /**< TLS 1.2 */ #define MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC08B /**< TLS 1.2 */
#define TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC08C /**< TLS 1.2 */ #define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC08C /**< TLS 1.2 */
#define TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC08D /**< TLS 1.2 */ #define MBEDTLS_TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC08D /**< TLS 1.2 */
#define TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC08E /**< TLS 1.2 */ #define MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC08E /**< TLS 1.2 */
#define TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC08F /**< TLS 1.2 */ #define MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC08F /**< TLS 1.2 */
#define TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC090 /**< TLS 1.2 */ #define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC090 /**< TLS 1.2 */
#define TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC091 /**< TLS 1.2 */ #define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC091 /**< TLS 1.2 */
#define TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC092 /**< TLS 1.2 */ #define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 0xC092 /**< TLS 1.2 */
#define TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC093 /**< TLS 1.2 */ #define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 0xC093 /**< TLS 1.2 */
#define TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC094 #define MBEDTLS_TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC094
#define TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC095 #define MBEDTLS_TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC095
#define TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC096 #define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC096
#define TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC097 #define MBEDTLS_TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC097
#define TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC098 #define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC098
#define TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC099 #define MBEDTLS_TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC099
#define TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC09A /**< Not in SSL3! */ #define MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC09A /**< Not in SSL3! */
#define TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC09B /**< Not in SSL3! */ #define MBEDTLS_TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC09B /**< Not in SSL3! */
#define TLS_RSA_WITH_AES_128_CCM 0xC09C /**< TLS 1.2 */ #define MBEDTLS_TLS_RSA_WITH_AES_128_CCM 0xC09C /**< TLS 1.2 */
#define TLS_RSA_WITH_AES_256_CCM 0xC09D /**< TLS 1.2 */ #define MBEDTLS_TLS_RSA_WITH_AES_256_CCM 0xC09D /**< TLS 1.2 */
#define TLS_DHE_RSA_WITH_AES_128_CCM 0xC09E /**< TLS 1.2 */ #define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM 0xC09E /**< TLS 1.2 */
#define TLS_DHE_RSA_WITH_AES_256_CCM 0xC09F /**< TLS 1.2 */ #define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM 0xC09F /**< TLS 1.2 */
#define TLS_RSA_WITH_AES_128_CCM_8 0xC0A0 /**< TLS 1.2 */ #define MBEDTLS_TLS_RSA_WITH_AES_128_CCM_8 0xC0A0 /**< TLS 1.2 */
#define TLS_RSA_WITH_AES_256_CCM_8 0xC0A1 /**< TLS 1.2 */ #define MBEDTLS_TLS_RSA_WITH_AES_256_CCM_8 0xC0A1 /**< TLS 1.2 */
#define TLS_DHE_RSA_WITH_AES_128_CCM_8 0xC0A2 /**< TLS 1.2 */ #define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8 0xC0A2 /**< TLS 1.2 */
#define TLS_DHE_RSA_WITH_AES_256_CCM_8 0xC0A3 /**< TLS 1.2 */ #define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM_8 0xC0A3 /**< TLS 1.2 */
#define TLS_PSK_WITH_AES_128_CCM 0xC0A4 /**< TLS 1.2 */ #define MBEDTLS_TLS_PSK_WITH_AES_128_CCM 0xC0A4 /**< TLS 1.2 */
#define TLS_PSK_WITH_AES_256_CCM 0xC0A5 /**< TLS 1.2 */ #define MBEDTLS_TLS_PSK_WITH_AES_256_CCM 0xC0A5 /**< TLS 1.2 */
#define TLS_DHE_PSK_WITH_AES_128_CCM 0xC0A6 /**< TLS 1.2 */ #define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM 0xC0A6 /**< TLS 1.2 */
#define TLS_DHE_PSK_WITH_AES_256_CCM 0xC0A7 /**< TLS 1.2 */ #define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM 0xC0A7 /**< TLS 1.2 */
#define TLS_PSK_WITH_AES_128_CCM_8 0xC0A8 /**< TLS 1.2 */ #define MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8 0xC0A8 /**< TLS 1.2 */
#define TLS_PSK_WITH_AES_256_CCM_8 0xC0A9 /**< TLS 1.2 */ #define MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8 0xC0A9 /**< TLS 1.2 */
#define TLS_DHE_PSK_WITH_AES_128_CCM_8 0xC0AA /**< TLS 1.2 */ #define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CCM_8 0xC0AA /**< TLS 1.2 */
#define TLS_DHE_PSK_WITH_AES_256_CCM_8 0xC0AB /**< TLS 1.2 */ #define MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CCM_8 0xC0AB /**< TLS 1.2 */
/* The last two are named with PSK_DHE in the RFC, which looks like a typo */ /* The last two are named with PSK_DHE in the RFC, which looks like a typo */
#define TLS_ECDHE_ECDSA_WITH_AES_128_CCM 0xC0AC /**< TLS 1.2 */ #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM 0xC0AC /**< TLS 1.2 */
#define TLS_ECDHE_ECDSA_WITH_AES_256_CCM 0xC0AD /**< TLS 1.2 */ #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM 0xC0AD /**< TLS 1.2 */
#define TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 0xC0AE /**< TLS 1.2 */ #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 0xC0AE /**< TLS 1.2 */
#define TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 0xC0AF /**< TLS 1.2 */ #define MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 0xC0AF /**< TLS 1.2 */
/* Reminder: update _ssl_premaster_secret when adding a new key exchange. /* Reminder: update mbedtls_ssl_premaster_secret when adding a new key exchange.
* Reminder: update POLARSSL_KEY_EXCHANGE__WITH_CERT__ENABLED below. * Reminder: update MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED below.
*/ */
typedef enum { typedef enum {
POLARSSL_KEY_EXCHANGE_NONE = 0, MBEDTLS_KEY_EXCHANGE_NONE = 0,
POLARSSL_KEY_EXCHANGE_RSA, MBEDTLS_KEY_EXCHANGE_RSA,
POLARSSL_KEY_EXCHANGE_DHE_RSA, MBEDTLS_KEY_EXCHANGE_DHE_RSA,
POLARSSL_KEY_EXCHANGE_ECDHE_RSA, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA,
POLARSSL_KEY_EXCHANGE_PSK, MBEDTLS_KEY_EXCHANGE_PSK,
POLARSSL_KEY_EXCHANGE_DHE_PSK, MBEDTLS_KEY_EXCHANGE_DHE_PSK,
POLARSSL_KEY_EXCHANGE_RSA_PSK, MBEDTLS_KEY_EXCHANGE_RSA_PSK,
POLARSSL_KEY_EXCHANGE_ECDHE_PSK, MBEDTLS_KEY_EXCHANGE_ECDHE_PSK,
POLARSSL_KEY_EXCHANGE_ECDH_RSA, MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
POLARSSL_KEY_EXCHANGE_ECDH_ECDSA, MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
} key_exchange_type_t; } mbedtls_key_exchange_type_t;
#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED) || \ #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \
defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) || \
defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \
defined(POLARSSL_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
defined(POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
#define POLARSSL_KEY_EXCHANGE__WITH_CERT__ENABLED #define MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED
#endif #endif
typedef struct _ssl_ciphersuite_t ssl_ciphersuite_t; typedef struct mbedtls_ssl_ciphersuite_t mbedtls_ssl_ciphersuite_t;
#define POLARSSL_CIPHERSUITE_WEAK 0x01 /**< Weak ciphersuite flag */ #define MBEDTLS_CIPHERSUITE_WEAK 0x01 /**< Weak ciphersuite flag */
#define POLARSSL_CIPHERSUITE_SHORT_TAG 0x02 /**< Short authentication tag, #define MBEDTLS_CIPHERSUITE_SHORT_TAG 0x02 /**< Short authentication tag,
eg for CCM_8 */ eg for CCM_8 */
#define POLARSSL_CIPHERSUITE_NODTLS 0x04 /**< Can't be used with DTLS */ #define MBEDTLS_CIPHERSUITE_NODTLS 0x04 /**< Can't be used with DTLS */
/** /**
* \brief This structure is used for storing ciphersuite information * \brief This structure is used for storing ciphersuite information
*/ */
struct _ssl_ciphersuite_t struct mbedtls_ssl_ciphersuite_t
{ {
int id; int id;
const char * name; const char * name;
cipher_type_t cipher; mbedtls_cipher_type_t cipher;
md_type_t mac; mbedtls_md_type_t mac;
key_exchange_type_t key_exchange; mbedtls_key_exchange_type_t key_exchange;
int min_major_ver; int min_major_ver;
int min_minor_ver; int min_minor_ver;
@ -285,17 +285,17 @@ struct _ssl_ciphersuite_t
unsigned char flags; unsigned char flags;
}; };
const int *ssl_list_ciphersuites( void ); const int *mbedtls_ssl_list_ciphersuites( void );
const ssl_ciphersuite_t *ssl_ciphersuite_from_string( const char *ciphersuite_name ); const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string( const char *ciphersuite_name );
const ssl_ciphersuite_t *ssl_ciphersuite_from_id( int ciphersuite_id ); const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuite_id );
#if defined(POLARSSL_PK_C) #if defined(MBEDTLS_PK_C)
pk_type_t ssl_get_ciphersuite_sig_pk_alg( const ssl_ciphersuite_t *info ); mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info );
#endif #endif
int ssl_ciphersuite_uses_ec( const ssl_ciphersuite_t *info ); int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info );
int ssl_ciphersuite_uses_psk( const ssl_ciphersuite_t *info ); int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info );
#ifdef __cplusplus #ifdef __cplusplus
} }

32
include/mbedtls/ssl_cookie.h
View File

@ -21,8 +21,8 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_SSL_COOKIE_H #ifndef MBEDTLS_SSL_COOKIE_H
#define POLARSSL_SSL_COOKIE_H #define MBEDTLS_SSL_COOKIE_H
#include "ssl.h" #include "ssl.h"
@ -33,8 +33,8 @@
* Either change them in config.h or define them on the compiler command line. * Either change them in config.h or define them on the compiler command line.
* \{ * \{
*/ */
#ifndef POLARSSL_SSL_COOKIE_TIMEOUT #ifndef MBEDTLS_SSL_COOKIE_TIMEOUT
#define POLARSSL_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */ #define MBEDTLS_SSL_COOKIE_TIMEOUT 60 /**< Default expiration delay of DTLS cookies, in seconds if HAVE_TIME, or in number of cookies issued */
#endif #endif
/* \} name SECTION: Module settings */ /* \} name SECTION: Module settings */
@ -48,52 +48,52 @@ extern "C" {
*/ */
typedef struct typedef struct
{ {
md_context_t hmac_ctx; /*!< context for the HMAC portion */ mbedtls_md_context_t hmac_ctx; /*!< context for the HMAC portion */
#if !defined(POLARSSL_HAVE_TIME) #if !defined(MBEDTLS_HAVE_TIME)
unsigned long serial; /*!< serial number for expiration */ unsigned long serial; /*!< serial number for expiration */
#endif #endif
unsigned long timeout; /*!< timeout delay, in seconds if HAVE_TIME, unsigned long timeout; /*!< timeout delay, in seconds if HAVE_TIME,
or in number of tickets issued */ or in number of tickets issued */
} ssl_cookie_ctx; } mbedtls_ssl_cookie_ctx;
/** /**
* \brief Initialize cookie context * \brief Initialize cookie context
*/ */
void ssl_cookie_init( ssl_cookie_ctx *ctx ); void mbedtls_ssl_cookie_init( mbedtls_ssl_cookie_ctx *ctx );
/** /**
* \brief Setup cookie context (generate keys) * \brief Setup cookie context (generate keys)
*/ */
int ssl_cookie_setup( ssl_cookie_ctx *ctx, int mbedtls_ssl_cookie_setup( mbedtls_ssl_cookie_ctx *ctx,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng );
/** /**
* \brief Set expiration delay for cookies * \brief Set expiration delay for cookies
* (Default POLARSSL_SSL_COOKIE_TIMEOUT) * (Default MBEDTLS_SSL_COOKIE_TIMEOUT)
* *
* \param ctx Cookie contex * \param ctx Cookie contex
* \param delay Delay, in seconds if HAVE_TIME, or in number of cookies * \param delay Delay, in seconds if HAVE_TIME, or in number of cookies
* issued in the meantime. * issued in the meantime.
* 0 to disable expiration (NOT recommended) * 0 to disable expiration (NOT recommended)
*/ */
void ssl_cookie_set_timeout( ssl_cookie_ctx *ctx, unsigned long delay ); void mbedtls_ssl_cookie_set_timeout( mbedtls_ssl_cookie_ctx *ctx, unsigned long delay );
/** /**
* \brief Free cookie context * \brief Free cookie context
*/ */
void ssl_cookie_free( ssl_cookie_ctx *ctx ); void mbedtls_ssl_cookie_free( mbedtls_ssl_cookie_ctx *ctx );
/** /**
* \brief Generate cookie, see \c ssl_cookie_write_t * \brief Generate cookie, see \c mbedtls_ssl_cookie_write_t
*/ */
ssl_cookie_write_t ssl_cookie_write; mbedtls_ssl_cookie_write_t mbedtls_ssl_cookie_write;
/** /**
* \brief Verify cookie, see \c ssl_cookie_write_t * \brief Verify cookie, see \c mbedtls_ssl_cookie_write_t
*/ */
ssl_cookie_check_t ssl_cookie_check; mbedtls_ssl_cookie_check_t mbedtls_ssl_cookie_check;
#ifdef __cplusplus #ifdef __cplusplus
} }

40
include/mbedtls/threading.h
View File

@ -21,13 +21,13 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_THREADING_H #ifndef MBEDTLS_THREADING_H
#define POLARSSL_THREADING_H #define MBEDTLS_THREADING_H
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h" #include "config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#include <stdlib.h> #include <stdlib.h>
@ -36,17 +36,17 @@
extern "C" { extern "C" {
#endif #endif
#define POLARSSL_ERR_THREADING_FEATURE_UNAVAILABLE -0x001A /**< The selected feature is not available. */ #define MBEDTLS_ERR_THREADING_FEATURE_UNAVAILABLE -0x001A /**< The selected feature is not available. */
#define POLARSSL_ERR_THREADING_BAD_INPUT_DATA -0x001C /**< Bad input parameters to function. */ #define MBEDTLS_ERR_THREADING_BAD_INPUT_DATA -0x001C /**< Bad input parameters to function. */
#define POLARSSL_ERR_THREADING_MUTEX_ERROR -0x001E /**< Locking / unlocking / free failed with error code. */ #define MBEDTLS_ERR_THREADING_MUTEX_ERROR -0x001E /**< Locking / unlocking / free failed with error code. */
#if defined(POLARSSL_THREADING_PTHREAD) #if defined(MBEDTLS_THREADING_PTHREAD)
#include <pthread.h> #include <pthread.h>
typedef pthread_mutex_t threading_mutex_t; typedef pthread_mutex_t mbedtls_threading_mutex_t;
#endif #endif
#if defined(POLARSSL_THREADING_ALT) #if defined(MBEDTLS_THREADING_ALT)
/* You should define the threading_mutex_t type in your header */ /* You should define the mbedtls_threading_mutex_t type in your header */
#include "threading_alt.h" #include "threading_alt.h"
/** /**
@ -60,21 +60,21 @@ typedef pthread_mutex_t threading_mutex_t;
* *
* \return 0 if successful * \return 0 if successful
*/ */
int threading_set_alt( int (*mutex_init)( threading_mutex_t * ), int mbedtls_threading_set_alt( int (*mutex_init)( mbedtls_threading_mutex_t * ),
int (*mutex_free)( threading_mutex_t * ), int (*mutex_free)( mbedtls_threading_mutex_t * ),
int (*mutex_lock)( threading_mutex_t * ), int (*mutex_lock)( mbedtls_threading_mutex_t * ),
int (*mutex_unlock)( threading_mutex_t * ) ); int (*mutex_unlock)( mbedtls_threading_mutex_t * ) );
#endif /* POLARSSL_THREADING_ALT */ #endif /* MBEDTLS_THREADING_ALT */
/* /*
* The function pointers for mutex_init, mutex_free, mutex_ and mutex_unlock * The function pointers for mutex_init, mutex_free, mutex_ and mutex_unlock
* *
* All these functions are expected to work or the result will be undefined. * All these functions are expected to work or the result will be undefined.
*/ */
extern int (*polarssl_mutex_init)( threading_mutex_t *mutex ); extern int (*mbedtls_mutex_init)( mbedtls_threading_mutex_t *mutex );
extern int (*polarssl_mutex_free)( threading_mutex_t *mutex ); extern int (*mbedtls_mutex_free)( mbedtls_threading_mutex_t *mutex );
extern int (*polarssl_mutex_lock)( threading_mutex_t *mutex ); extern int (*mbedtls_mutex_lock)( mbedtls_threading_mutex_t *mutex );
extern int (*polarssl_mutex_unlock)( threading_mutex_t *mutex ); extern int (*mbedtls_mutex_unlock)( mbedtls_threading_mutex_t *mutex );
#ifdef __cplusplus #ifdef __cplusplus
} }

32
include/mbedtls/timing.h
View File

@ -21,16 +21,16 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_TIMING_H #ifndef MBEDTLS_TIMING_H
#define POLARSSL_TIMING_H #define MBEDTLS_TIMING_H
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h" #include "config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#if !defined(POLARSSL_TIMING_ALT) #if !defined(MBEDTLS_TIMING_ALT)
// Regular implementation // Regular implementation
// //
@ -41,17 +41,17 @@ extern "C" {
/** /**
* \brief timer structure * \brief timer structure
*/ */
struct hr_time struct mbedtls_timing_hr_time
{ {
unsigned char opaque[32]; unsigned char opaque[32];
}; };
extern volatile int alarmed; extern volatile int mbedtls_timing_alarmed;
/** /**
* \brief Return the CPU cycle counter value * \brief Return the CPU cycle counter value
*/ */
unsigned long hardclock( void ); unsigned long mbedtls_timing_hardclock( void );
/** /**
* \brief Return the elapsed time in milliseconds * \brief Return the elapsed time in milliseconds
@ -59,41 +59,41 @@ unsigned long hardclock( void );
* \param val points to a timer structure * \param val points to a timer structure
* \param reset if set to 1, the timer is restarted * \param reset if set to 1, the timer is restarted
*/ */
unsigned long get_timer( struct hr_time *val, int reset ); unsigned long mbedtls_timing_get_timer( struct mbedtls_timing_hr_time *val, int reset );
/** /**
* \brief Setup an alarm clock * \brief Setup an alarm clock
* *
* \param seconds delay before the "alarmed" flag is set * \param seconds delay before the "mbedtls_timing_alarmed" flag is set
* *
* \warning Only one alarm at a time is supported. In a threaded * \warning Only one alarm at a time is supported. In a threaded
* context, this means one for the whole process, not one per * context, this means one for the whole process, not one per
* thread. * thread.
*/ */
void set_alarm( int seconds ); void mbedtls_set_alarm( int seconds );
/** /**
* \brief Sleep for a certain amount of time * \brief Sleep for a certain amount of time
* *
* \param milliseconds delay in milliseconds * \param milliseconds delay in milliseconds
*/ */
void m_sleep( int milliseconds ); void mbedtls_timing_m_sleep( int milliseconds );
#if defined(POLARSSL_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
/** /**
* \brief Checkup routine * \brief Checkup routine
* *
* \return 0 if successful, or 1 if a test failed * \return 0 if successful, or 1 if a test failed
*/ */
int timing_self_test( int verbose ); int mbedtls_timing_self_test( int verbose );
#endif #endif
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#else /* POLARSSL_TIMING_ALT */ #else /* MBEDTLS_TIMING_ALT */
#include "timing_alt.h" #include "timing_alt.h"
#endif /* POLARSSL_TIMING_ALT */ #endif /* MBEDTLS_TIMING_ALT */
#endif /* timing.h */ #endif /* timing.h */

34
include/mbedtls/version.h
View File

@ -25,33 +25,33 @@
* This set of compile-time defines and run-time variables can be used to * This set of compile-time defines and run-time variables can be used to
* determine the version number of the mbed TLS library used. * determine the version number of the mbed TLS library used.
*/ */
#ifndef POLARSSL_VERSION_H #ifndef MBEDTLS_VERSION_H
#define POLARSSL_VERSION_H #define MBEDTLS_VERSION_H
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h" #include "config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
/** /**
* The version number x.y.z is split into three parts. * The version number x.y.z is split into three parts.
* Major, Minor, Patchlevel * Major, Minor, Patchlevel
*/ */
#define POLARSSL_VERSION_MAJOR 1 #define MBEDTLS_VERSION_MAJOR 1
#define POLARSSL_VERSION_MINOR 4 #define MBEDTLS_VERSION_MINOR 4
#define POLARSSL_VERSION_PATCH 0 #define MBEDTLS_VERSION_PATCH 0
/** /**
* The single version number has the following structure: * The single version number has the following structure:
* MMNNPP00 * MMNNPP00
* Major version | Minor version | Patch version * Major version | Minor version | Patch version
*/ */
#define POLARSSL_VERSION_NUMBER 0x01040000 #define MBEDTLS_VERSION_NUMBER 0x01040000
#define POLARSSL_VERSION_STRING "1.4.0" #define MBEDTLS_VERSION_STRING "1.4.0"
#define POLARSSL_VERSION_STRING_FULL "mbed TLS 1.4.0" #define MBEDTLS_VERSION_STRING_FULL "mbed TLS 1.4.0"
#if defined(POLARSSL_VERSION_C) #if defined(MBEDTLS_VERSION_C)
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
@ -63,7 +63,7 @@ extern "C" {
* \return The constructed version number in the format * \return The constructed version number in the format
* MMNNPP00 (Major, Minor, Patch). * MMNNPP00 (Major, Minor, Patch).
*/ */
unsigned int version_get_number( void ); unsigned int mbedtls_version_get_number( void );
/** /**
* Get the version string ("x.y.z"). * Get the version string ("x.y.z").
@ -71,7 +71,7 @@ unsigned int version_get_number( void );
* \param string The string that will receive the value. * \param string The string that will receive the value.
* (Should be at least 9 bytes in size) * (Should be at least 9 bytes in size)
*/ */
void version_get_string( char *string ); void mbedtls_version_get_string( char *string );
/** /**
* Get the full version string ("mbed TLS x.y.z"). * Get the full version string ("mbed TLS x.y.z").
@ -82,7 +82,7 @@ void version_get_string( char *string );
* (So the buffer should be at least 18 bytes to receive this * (So the buffer should be at least 18 bytes to receive this
* version string). * version string).
*/ */
void version_get_string_full( char *string ); void mbedtls_version_get_string_full( char *string );
/** /**
* \brief Check if support for a feature was compiled into this * \brief Check if support for a feature was compiled into this
@ -94,18 +94,18 @@ void version_get_string_full( char *string );
* support", "mbed TLS modules" and "mbed TLS feature * support", "mbed TLS modules" and "mbed TLS feature
* support" in config.h * support" in config.h
* *
* \param feature The string for the define to check (e.g. "POLARSSL_AES_C") * \param feature The string for the define to check (e.g. "MBEDTLS_AES_C")
* *
* \return 0 if the feature is present, -1 if the feature is not * \return 0 if the feature is present, -1 if the feature is not
* present and -2 if support for feature checking as a whole * present and -2 if support for feature checking as a whole
* was not compiled in. * was not compiled in.
*/ */
int version_check_feature( const char *feature ); int mbedtls_version_check_feature( const char *feature );
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#endif /* POLARSSL_VERSION_C */ #endif /* MBEDTLS_VERSION_C */
#endif /* version.h */ #endif /* version.h */

230
include/mbedtls/x509.h
View File

@ -21,19 +21,19 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_X509_H #ifndef MBEDTLS_X509_H
#define POLARSSL_X509_H #define MBEDTLS_X509_H
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h" #include "config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#include "asn1.h" #include "asn1.h"
#include "pk.h" #include "pk.h"
#if defined(POLARSSL_RSA_C) #if defined(MBEDTLS_RSA_C)
#include "rsa.h" #include "rsa.h"
#endif #endif
@ -42,7 +42,7 @@
* \{ * \{
*/ */
#if !defined(POLARSSL_X509_MAX_INTERMEDIATE_CA) #if !defined(MBEDTLS_X509_MAX_INTERMEDIATE_CA)
/** /**
* Maximum number of intermediate CAs in a verification chain. * Maximum number of intermediate CAs in a verification chain.
* That is, maximum length of the chain, excluding the end-entity certificate * That is, maximum length of the chain, excluding the end-entity certificate
@ -51,75 +51,75 @@
* Set this to a low value to prevent an adversary from making you waste * Set this to a low value to prevent an adversary from making you waste
* resources verifying an overlong certificate chain. * resources verifying an overlong certificate chain.
*/ */
#define POLARSSL_X509_MAX_INTERMEDIATE_CA 8 #define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8
#endif #endif
/** /**
* \name X509 Error codes * \name X509 Error codes
* \{ * \{
*/ */
#define POLARSSL_ERR_X509_FEATURE_UNAVAILABLE -0x2080 /**< Unavailable feature, e.g. RSA hashing/encryption combination. */ #define MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE -0x2080 /**< Unavailable feature, e.g. RSA hashing/encryption combination. */
#define POLARSSL_ERR_X509_UNKNOWN_OID -0x2100 /**< Requested OID is unknown. */ #define MBEDTLS_ERR_X509_UNKNOWN_OID -0x2100 /**< Requested OID is unknown. */
#define POLARSSL_ERR_X509_INVALID_FORMAT -0x2180 /**< The CRT/CRL/CSR format is invalid, e.g. different type expected. */ #define MBEDTLS_ERR_X509_INVALID_FORMAT -0x2180 /**< The CRT/CRL/CSR format is invalid, e.g. different type expected. */
#define POLARSSL_ERR_X509_INVALID_VERSION -0x2200 /**< The CRT/CRL/CSR version element is invalid. */ #define MBEDTLS_ERR_X509_INVALID_VERSION -0x2200 /**< The CRT/CRL/CSR version element is invalid. */
#define POLARSSL_ERR_X509_INVALID_SERIAL -0x2280 /**< The serial tag or value is invalid. */ #define MBEDTLS_ERR_X509_INVALID_SERIAL -0x2280 /**< The serial tag or value is invalid. */
#define POLARSSL_ERR_X509_INVALID_ALG -0x2300 /**< The algorithm tag or value is invalid. */ #define MBEDTLS_ERR_X509_INVALID_ALG -0x2300 /**< The algorithm tag or value is invalid. */
#define POLARSSL_ERR_X509_INVALID_NAME -0x2380 /**< The name tag or value is invalid. */ #define MBEDTLS_ERR_X509_INVALID_NAME -0x2380 /**< The name tag or value is invalid. */
#define POLARSSL_ERR_X509_INVALID_DATE -0x2400 /**< The date tag or value is invalid. */ #define MBEDTLS_ERR_X509_INVALID_DATE -0x2400 /**< The date tag or value is invalid. */
#define POLARSSL_ERR_X509_INVALID_SIGNATURE -0x2480 /**< The signature tag or value invalid. */ #define MBEDTLS_ERR_X509_INVALID_SIGNATURE -0x2480 /**< The signature tag or value invalid. */
#define POLARSSL_ERR_X509_INVALID_EXTENSIONS -0x2500 /**< The extension tag or value is invalid. */ #define MBEDTLS_ERR_X509_INVALID_EXTENSIONS -0x2500 /**< The extension tag or value is invalid. */
#define POLARSSL_ERR_X509_UNKNOWN_VERSION -0x2580 /**< CRT/CRL/CSR has an unsupported version number. */ #define MBEDTLS_ERR_X509_UNKNOWN_VERSION -0x2580 /**< CRT/CRL/CSR has an unsupported version number. */
#define POLARSSL_ERR_X509_UNKNOWN_SIG_ALG -0x2600 /**< Signature algorithm (oid) is unsupported. */ #define MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG -0x2600 /**< Signature algorithm (oid) is unsupported. */
#define POLARSSL_ERR_X509_SIG_MISMATCH -0x2680 /**< Signature algorithms do not match. (see \c ::x509_crt sig_oid) */ #define MBEDTLS_ERR_X509_SIG_MISMATCH -0x2680 /**< Signature algorithms do not match. (see \c ::mbedtls_x509_crt sig_oid) */
#define POLARSSL_ERR_X509_CERT_VERIFY_FAILED -0x2700 /**< Certificate verification failed, e.g. CRL, CA or signature check failed. */ #define MBEDTLS_ERR_X509_CERT_VERIFY_FAILED -0x2700 /**< Certificate verification failed, e.g. CRL, CA or signature check failed. */
#define POLARSSL_ERR_X509_CERT_UNKNOWN_FORMAT -0x2780 /**< Format not recognized as DER or PEM. */ #define MBEDTLS_ERR_X509_CERT_UNKNOWN_FORMAT -0x2780 /**< Format not recognized as DER or PEM. */
#define POLARSSL_ERR_X509_BAD_INPUT_DATA -0x2800 /**< Input invalid. */ #define MBEDTLS_ERR_X509_BAD_INPUT_DATA -0x2800 /**< Input invalid. */
#define POLARSSL_ERR_X509_MALLOC_FAILED -0x2880 /**< Allocation of memory failed. */ #define MBEDTLS_ERR_X509_MALLOC_FAILED -0x2880 /**< Allocation of memory failed. */
#define POLARSSL_ERR_X509_FILE_IO_ERROR -0x2900 /**< Read/write of file failed. */ #define MBEDTLS_ERR_X509_FILE_IO_ERROR -0x2900 /**< Read/write of file failed. */
/* \} name */ /* \} name */
/** /**
* \name X509 Verify codes * \name X509 Verify codes
* \{ * \{
*/ */
#define BADCERT_EXPIRED 0x01 /**< The certificate validity has expired. */ #define MBEDTLS_BADCERT_EXPIRED 0x01 /**< The certificate validity has expired. */
#define BADCERT_REVOKED 0x02 /**< The certificate has been revoked (is on a CRL). */ #define MBEDTLS_X509_BADCERT_REVOKED 0x02 /**< The certificate has been revoked (is on a CRL). */
#define BADCERT_CN_MISMATCH 0x04 /**< The certificate Common Name (CN) does not match with the expected CN. */ #define MBEDTLS_X509_BADCERT_CN_MISMATCH 0x04 /**< The certificate Common Name (CN) does not match with the expected CN. */
#define BADCERT_NOT_TRUSTED 0x08 /**< The certificate is not correctly signed by the trusted CA. */ #define MBEDTLS_X509_BADCERT_NOT_TRUSTED 0x08 /**< The certificate is not correctly signed by the trusted CA. */
#define BADCRL_NOT_TRUSTED 0x10 /**< CRL is not correctly signed by the trusted CA. */ #define MBEDTLS_X509_BADCRL_NOT_TRUSTED 0x10 /**< CRL is not correctly signed by the trusted CA. */
#define BADCRL_EXPIRED 0x20 /**< CRL is expired. */ #define MBEDTLS_X509_BADCRL_EXPIRED 0x20 /**< CRL is expired. */
#define BADCERT_MISSING 0x40 /**< Certificate was missing. */ #define MBEDTLS_BADCERT_MISSING 0x40 /**< Certificate was missing. */
#define BADCERT_SKIP_VERIFY 0x80 /**< Certificate verification was skipped. */ #define MBEDTLS_BADCERT_SKIP_VERIFY 0x80 /**< Certificate verification was skipped. */
#define BADCERT_OTHER 0x0100 /**< Other reason (can be used by verify callback) */ #define MBEDTLS_BADCERT_OTHER 0x0100 /**< Other reason (can be used by verify callback) */
#define BADCERT_FUTURE 0x0200 /**< The certificate validity starts in the future. */ #define MBEDTLS_X509_BADCERT_FUTURE 0x0200 /**< The certificate validity starts in the future. */
#define BADCRL_FUTURE 0x0400 /**< The CRL is from the future */ #define MBEDTLS_BADCRL_FUTURE 0x0400 /**< The CRL is from the future */
/* \} name */ /* \} name */
/* \} addtogroup x509_module */ /* \} addtogroup x509_module */
/* /*
* X.509 v3 Key Usage Extension flags * X.509 v3 Key Usage Extension flags
*/ */
#define KU_DIGITAL_SIGNATURE (0x80) /* bit 0 */ #define MBEDTLS_X509_KU_DIGITAL_SIGNATURE (0x80) /* bit 0 */
#define KU_NON_REPUDIATION (0x40) /* bit 1 */ #define MBEDTLS_X509_KU_NON_REPUDIATION (0x40) /* bit 1 */
#define KU_KEY_ENCIPHERMENT (0x20) /* bit 2 */ #define MBEDTLS_KU_KEY_ENCIPHERMENT (0x20) /* bit 2 */
#define KU_DATA_ENCIPHERMENT (0x10) /* bit 3 */ #define MBEDTLS_KU_DATA_ENCIPHERMENT (0x10) /* bit 3 */
#define KU_KEY_AGREEMENT (0x08) /* bit 4 */ #define MBEDTLS_KU_KEY_AGREEMENT (0x08) /* bit 4 */
#define KU_KEY_CERT_SIGN (0x04) /* bit 5 */ #define MBEDTLS_X509_KU_KEY_CERT_SIGN (0x04) /* bit 5 */
#define KU_CRL_SIGN (0x02) /* bit 6 */ #define MBEDTLS_X509_KU_CRL_SIGN (0x02) /* bit 6 */
/* /*
* Netscape certificate types * Netscape certificate types
* (http://www.mozilla.org/projects/security/pki/nss/tech-notes/tn3.html) * (http://www.mozilla.org/projects/security/pki/nss/tech-notes/tn3.html)
*/ */
#define NS_CERT_TYPE_SSL_CLIENT (0x80) /* bit 0 */ #define MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT (0x80) /* bit 0 */
#define NS_CERT_TYPE_SSL_SERVER (0x40) /* bit 1 */ #define MBEDTLS_NS_CERT_TYPE_SSL_SERVER (0x40) /* bit 1 */
#define NS_CERT_TYPE_EMAIL (0x20) /* bit 2 */ #define MBEDTLS_X509_NS_CERT_TYPE_EMAIL (0x20) /* bit 2 */
#define NS_CERT_TYPE_OBJECT_SIGNING (0x10) /* bit 3 */ #define MBEDTLS_X509_NS_CERT_TYPE_OBJECT_SIGNING (0x10) /* bit 3 */
#define NS_CERT_TYPE_RESERVED (0x08) /* bit 4 */ #define MBEDTLS_X509_NS_CERT_TYPE_RESERVED (0x08) /* bit 4 */
#define NS_CERT_TYPE_SSL_CA (0x04) /* bit 5 */ #define MBEDTLS_NS_CERT_TYPE_SSL_CA (0x04) /* bit 5 */
#define NS_CERT_TYPE_EMAIL_CA (0x02) /* bit 6 */ #define MBEDTLS_NS_CERT_TYPE_EMAIL_CA (0x02) /* bit 6 */
#define NS_CERT_TYPE_OBJECT_SIGNING_CA (0x01) /* bit 7 */ #define MBEDTLS_NS_CERT_TYPE_OBJECT_SIGNING_CA (0x01) /* bit 7 */
/* /*
* X.509 extension types * X.509 extension types
@ -127,32 +127,32 @@
* Comments refer to the status for using certificates. Status can be * Comments refer to the status for using certificates. Status can be
* different for writing certificates or reading CRLs or CSRs. * different for writing certificates or reading CRLs or CSRs.
*/ */
#define EXT_AUTHORITY_KEY_IDENTIFIER (1 << 0) #define MBEDTLS_X509_EXT_AUTHORITY_KEY_IDENTIFIER (1 << 0)
#define EXT_SUBJECT_KEY_IDENTIFIER (1 << 1) #define MBEDTLS_EXT_SUBJECT_KEY_IDENTIFIER (1 << 1)
#define EXT_KEY_USAGE (1 << 2) /* Parsed but not used */ #define MBEDTLS_X509_EXT_KEY_USAGE (1 << 2) /* Parsed but not used */
#define EXT_CERTIFICATE_POLICIES (1 << 3) #define MBEDTLS_X509_EXT_CERTIFICATE_POLICIES (1 << 3)
#define EXT_POLICY_MAPPINGS (1 << 4) #define MBEDTLS_X509_EXT_POLICY_MAPPINGS (1 << 4)
#define EXT_SUBJECT_ALT_NAME (1 << 5) /* Supported (DNS) */ #define MBEDTLS_EXT_SUBJECT_ALT_NAME (1 << 5) /* Supported (DNS) */
#define EXT_ISSUER_ALT_NAME (1 << 6) #define MBEDTLS_EXT_ISSUER_ALT_NAME (1 << 6)
#define EXT_SUBJECT_DIRECTORY_ATTRS (1 << 7) #define MBEDTLS_X509_EXT_SUBJECT_DIRECTORY_ATTRS (1 << 7)
#define EXT_BASIC_CONSTRAINTS (1 << 8) /* Supported */ #define MBEDTLS_EXT_BASIC_CONSTRAINTS (1 << 8) /* Supported */
#define EXT_NAME_CONSTRAINTS (1 << 9) #define MBEDTLS_EXT_NAME_CONSTRAINTS (1 << 9)
#define EXT_POLICY_CONSTRAINTS (1 << 10) #define MBEDTLS_EXT_POLICY_CONSTRAINTS (1 << 10)
#define EXT_EXTENDED_KEY_USAGE (1 << 11) /* Parsed but not used */ #define MBEDTLS_X509_EXT_EXTENDED_KEY_USAGE (1 << 11) /* Parsed but not used */
#define EXT_CRL_DISTRIBUTION_POINTS (1 << 12) #define MBEDTLS_EXT_CRL_DISTRIBUTION_POINTS (1 << 12)
#define EXT_INIHIBIT_ANYPOLICY (1 << 13) #define MBEDTLS_X509_EXT_INIHIBIT_ANYPOLICY (1 << 13)
#define EXT_FRESHEST_CRL (1 << 14) #define MBEDTLS_EXT_FRESHEST_CRL (1 << 14)
#define EXT_NS_CERT_TYPE (1 << 16) /* Parsed (and then ?) */ #define MBEDTLS_X509_EXT_NS_CERT_TYPE (1 << 16) /* Parsed (and then ?) */
/* /*
* Storage format identifiers * Storage format identifiers
* Recognized formats: PEM and DER * Recognized formats: PEM and DER
*/ */
#define X509_FORMAT_DER 1 #define MBEDTLS_X509_FORMAT_DER 1
#define X509_FORMAT_PEM 2 #define MBEDTLS_X509_FORMAT_PEM 2
#define X509_MAX_DN_NAME_SIZE 256 /**< Maximum value size of a DN entry */ #define MBEDTLS_X509_MAX_DN_NAME_SIZE 256 /**< Maximum value size of a DN entry */
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
@ -170,31 +170,31 @@ extern "C" {
/** /**
* Type-length-value structure that allows for ASN1 using DER. * Type-length-value structure that allows for ASN1 using DER.
*/ */
typedef asn1_buf x509_buf; typedef mbedtls_asn1_buf mbedtls_x509_buf;
/** /**
* Container for ASN1 bit strings. * Container for ASN1 bit strings.
*/ */
typedef asn1_bitstring x509_bitstring; typedef mbedtls_asn1_bitstring mbedtls_x509_bitstring;
/** /**
* Container for ASN1 named information objects. * Container for ASN1 named information objects.
* It allows for Relative Distinguished Names (e.g. cn=localhost,ou=code,etc.). * It allows for Relative Distinguished Names (e.g. cn=localhost,ou=code,etc.).
*/ */
typedef asn1_named_data x509_name; typedef mbedtls_asn1_named_data mbedtls_x509_name;
/** /**
* Container for a sequence of ASN.1 items * Container for a sequence of ASN.1 items
*/ */
typedef asn1_sequence x509_sequence; typedef mbedtls_asn1_sequence mbedtls_x509_sequence;
/** Container for date and time (precision in seconds). */ /** Container for date and time (precision in seconds). */
typedef struct _x509_time typedef struct mbedtls_x509_time
{ {
int year, mon, day; /**< Date. */ int year, mon, day; /**< Date. */
int hour, min, sec; /**< Time. */ int hour, min, sec; /**< Time. */
} }
x509_time; mbedtls_x509_time;
/** \} name Structures for parsing X.509 certificates, CRLs and CSRs */ /** \} name Structures for parsing X.509 certificates, CRLs and CSRs */
/** \} addtogroup x509_module */ /** \} addtogroup x509_module */
@ -210,7 +210,7 @@ x509_time;
* \return The amount of data written to the buffer, or -1 in * \return The amount of data written to the buffer, or -1 in
* case of an error. * case of an error.
*/ */
int x509_dn_gets( char *buf, size_t size, const x509_name *dn ); int mbedtls_x509_dn_gets( char *buf, size_t size, const mbedtls_x509_name *dn );
/** /**
* \brief Store the certificate serial in printable form into buf; * \brief Store the certificate serial in printable form into buf;
@ -223,75 +223,75 @@ int x509_dn_gets( char *buf, size_t size, const x509_name *dn );
* \return The amount of data written to the buffer, or -1 in * \return The amount of data written to the buffer, or -1 in
* case of an error. * case of an error.
*/ */
int x509_serial_gets( char *buf, size_t size, const x509_buf *serial ); int mbedtls_x509_serial_gets( char *buf, size_t size, const mbedtls_x509_buf *serial );
/** /**
* \brief Check a given x509_time against the system time and check * \brief Check a given mbedtls_x509_time against the system time and check
* if it is not expired. * if it is not expired.
* *
* \param time x509_time to check * \param time mbedtls_x509_time to check
* *
* \return 0 if the x509_time is still valid, * \return 0 if the mbedtls_x509_time is still valid,
* 1 otherwise. * 1 otherwise.
*/ */
int x509_time_expired( const x509_time *time ); int mbedtls_x509_time_expired( const mbedtls_x509_time *time );
/** /**
* \brief Check a given x509_time against the system time and check * \brief Check a given mbedtls_x509_time against the system time and check
* if it is not from the future. * if it is not from the future.
* *
* \param time x509_time to check * \param time mbedtls_x509_time to check
* *
* \return 0 if the x509_time is already valid, * \return 0 if the mbedtls_x509_time is already valid,
* 1 otherwise. * 1 otherwise.
*/ */
int x509_time_future( const x509_time *time ); int mbedtls_x509_time_future( const mbedtls_x509_time *time );
/** /**
* \brief Checkup routine * \brief Checkup routine
* *
* \return 0 if successful, or 1 if the test failed * \return 0 if successful, or 1 if the test failed
*/ */
int x509_self_test( int verbose ); int mbedtls_x509_self_test( int verbose );
/* /*
* Internal module functions. You probably do not want to use these unless you * Internal module functions. You probably do not want to use these unless you
* know you do. * know you do.
*/ */
int x509_get_name( unsigned char **p, const unsigned char *end, int mbedtls_x509_get_name( unsigned char **p, const unsigned char *end,
x509_name *cur ); mbedtls_x509_name *cur );
int x509_get_alg_null( unsigned char **p, const unsigned char *end, int mbedtls_x509_get_alg_null( unsigned char **p, const unsigned char *end,
x509_buf *alg ); mbedtls_x509_buf *alg );
int x509_get_alg( unsigned char **p, const unsigned char *end, int mbedtls_x509_get_alg( unsigned char **p, const unsigned char *end,
x509_buf *alg, x509_buf *params ); mbedtls_x509_buf *alg, mbedtls_x509_buf *params );
#if defined(POLARSSL_X509_RSASSA_PSS_SUPPORT) #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
int x509_get_rsassa_pss_params( const x509_buf *params, int mbedtls_x509_get_rsassa_pss_params( const mbedtls_x509_buf *params,
md_type_t *md_alg, md_type_t *mgf_md, mbedtls_md_type_t *md_alg, mbedtls_md_type_t *mgf_md,
int *salt_len ); int *salt_len );
#endif #endif
int x509_get_sig( unsigned char **p, const unsigned char *end, x509_buf *sig ); int mbedtls_x509_get_sig( unsigned char **p, const unsigned char *end, mbedtls_x509_buf *sig );
int x509_get_sig_alg( const x509_buf *sig_oid, const x509_buf *sig_params, int mbedtls_x509_get_sig_alg( const mbedtls_x509_buf *sig_oid, const mbedtls_x509_buf *sig_params,
md_type_t *md_alg, pk_type_t *pk_alg, mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg,
void **sig_opts ); void **sig_opts );
int x509_get_time( unsigned char **p, const unsigned char *end, int mbedtls_x509_get_time( unsigned char **p, const unsigned char *end,
x509_time *time ); mbedtls_x509_time *time );
int x509_get_serial( unsigned char **p, const unsigned char *end, int mbedtls_x509_get_serial( unsigned char **p, const unsigned char *end,
x509_buf *serial ); mbedtls_x509_buf *serial );
int x509_get_ext( unsigned char **p, const unsigned char *end, int mbedtls_x509_get_ext( unsigned char **p, const unsigned char *end,
x509_buf *ext, int tag ); mbedtls_x509_buf *ext, int tag );
int x509_sig_alg_gets( char *buf, size_t size, const x509_buf *sig_oid, int mbedtls_x509_sig_alg_gets( char *buf, size_t size, const mbedtls_x509_buf *sig_oid,
pk_type_t pk_alg, md_type_t md_alg, mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg,
const void *sig_opts ); const void *sig_opts );
int x509_key_size_helper( char *buf, size_t size, const char *name ); int mbedtls_x509_key_size_helper( char *buf, size_t size, const char *name );
int x509_string_to_names( asn1_named_data **head, const char *name ); int mbedtls_x509_string_to_names( mbedtls_asn1_named_data **head, const char *name );
int x509_set_extension( asn1_named_data **head, const char *oid, size_t oid_len, int mbedtls_x509_set_extension( mbedtls_asn1_named_data **head, const char *oid, size_t oid_len,
int critical, const unsigned char *val, int critical, const unsigned char *val,
size_t val_len ); size_t val_len );
int x509_write_extensions( unsigned char **p, unsigned char *start, int mbedtls_x509_write_extensions( unsigned char **p, unsigned char *start,
asn1_named_data *first ); mbedtls_asn1_named_data *first );
int x509_write_names( unsigned char **p, unsigned char *start, int mbedtls_x509_write_names( unsigned char **p, unsigned char *start,
asn1_named_data *first ); mbedtls_asn1_named_data *first );
int x509_write_sig( unsigned char **p, unsigned char *start, int mbedtls_x509_write_sig( unsigned char **p, unsigned char *start,
const char *oid, size_t oid_len, const char *oid, size_t oid_len,
unsigned char *sig, size_t size ); unsigned char *sig, size_t size );

78
include/mbedtls/x509_crl.h
View File

@ -1,5 +1,5 @@
/** /**
* \file x509_crl.h * \file mbedtls_x509_crl.h
* *
* \brief X.509 certificate revocation list parsing * \brief X.509 certificate revocation list parsing
* *
@ -21,13 +21,13 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_X509_CRL_H #ifndef MBEDTLS_X509_CRL_H
#define POLARSSL_X509_CRL_H #define MBEDTLS_X509_CRL_H
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h" #include "config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#include "x509.h" #include "x509.h"
@ -49,52 +49,52 @@ extern "C" {
* Certificate revocation list entry. * Certificate revocation list entry.
* Contains the CA-specific serial numbers and revocation dates. * Contains the CA-specific serial numbers and revocation dates.
*/ */
typedef struct _x509_crl_entry typedef struct mbedtls_x509_crl_entry
{ {
x509_buf raw; mbedtls_x509_buf raw;
x509_buf serial; mbedtls_x509_buf serial;
x509_time revocation_date; mbedtls_x509_time revocation_date;
x509_buf entry_ext; mbedtls_x509_buf entry_ext;
struct _x509_crl_entry *next; struct mbedtls_x509_crl_entry *next;
} }
x509_crl_entry; mbedtls_x509_crl_entry;
/** /**
* Certificate revocation list structure. * Certificate revocation list structure.
* Every CRL may have multiple entries. * Every CRL may have multiple entries.
*/ */
typedef struct _x509_crl typedef struct mbedtls_x509_crl
{ {
x509_buf raw; /**< The raw certificate data (DER). */ mbedtls_x509_buf raw; /**< The raw certificate data (DER). */
x509_buf tbs; /**< The raw certificate body (DER). The part that is To Be Signed. */ mbedtls_x509_buf tbs; /**< The raw certificate body (DER). The part that is To Be Signed. */
int version; /**< CRL version (1=v1, 2=v2) */ int version; /**< CRL version (1=v1, 2=v2) */
x509_buf sig_oid; /**< CRL signature type identifier */ mbedtls_x509_buf sig_oid; /**< CRL signature type identifier */
x509_buf issuer_raw; /**< The raw issuer data (DER). */ mbedtls_x509_buf issuer_raw; /**< The raw issuer data (DER). */
x509_name issuer; /**< The parsed issuer data (named information object). */ mbedtls_x509_name issuer; /**< The parsed issuer data (named information object). */
x509_time this_update; mbedtls_x509_time this_update;
x509_time next_update; mbedtls_x509_time next_update;
x509_crl_entry entry; /**< The CRL entries containing the certificate revocation times for this CA. */ mbedtls_x509_crl_entry entry; /**< The CRL entries containing the certificate revocation times for this CA. */
x509_buf crl_ext; mbedtls_x509_buf crl_ext;
x509_buf sig_oid2; mbedtls_x509_buf sig_oid2;
x509_buf sig; mbedtls_x509_buf sig;
md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. POLARSSL_MD_SHA256 */ mbedtls_md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. MBEDTLS_MD_SHA256 */
pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */ mbedtls_pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. MBEDTLS_PK_RSA */
void *sig_opts; /**< Signature options to be passed to pk_verify_ext(), e.g. for RSASSA-PSS */ void *sig_opts; /**< Signature options to be passed to mbedtls_pk_verify_ext(), e.g. for RSASSA-PSS */
struct _x509_crl *next; struct mbedtls_x509_crl *next;
} }
x509_crl; mbedtls_x509_crl;
/** /**
* \brief Parse a DER-encoded CRL and append it to the chained list * \brief Parse a DER-encoded CRL and append it to the chained list
@ -105,7 +105,7 @@ x509_crl;
* *
* \return 0 if successful, or a specific X509 or PEM error code * \return 0 if successful, or a specific X509 or PEM error code
*/ */
int x509_crl_parse_der( x509_crl *chain, int mbedtls_x509_crl_parse_der( mbedtls_x509_crl *chain,
const unsigned char *buf, size_t buflen ); const unsigned char *buf, size_t buflen );
/** /**
* \brief Parse one or more CRLs and append them to the chained list * \brief Parse one or more CRLs and append them to the chained list
@ -118,9 +118,9 @@ int x509_crl_parse_der( x509_crl *chain,
* *
* \return 0 if successful, or a specific X509 or PEM error code * \return 0 if successful, or a specific X509 or PEM error code
*/ */
int x509_crl_parse( x509_crl *chain, const unsigned char *buf, size_t buflen ); int mbedtls_x509_crl_parse( mbedtls_x509_crl *chain, const unsigned char *buf, size_t buflen );
#if defined(POLARSSL_FS_IO) #if defined(MBEDTLS_FS_IO)
/** /**
* \brief Load one or more CRLs and append them to the chained list * \brief Load one or more CRLs and append them to the chained list
* *
@ -131,8 +131,8 @@ int x509_crl_parse( x509_crl *chain, const unsigned char *buf, size_t buflen );
* *
* \return 0 if successful, or a specific X509 or PEM error code * \return 0 if successful, or a specific X509 or PEM error code
*/ */
int x509_crl_parse_file( x509_crl *chain, const char *path ); int mbedtls_x509_crl_parse_file( mbedtls_x509_crl *chain, const char *path );
#endif /* POLARSSL_FS_IO */ #endif /* MBEDTLS_FS_IO */
/** /**
* \brief Returns an informational string about the CRL. * \brief Returns an informational string about the CRL.
@ -145,22 +145,22 @@ int x509_crl_parse_file( x509_crl *chain, const char *path );
* \return The amount of data written to the buffer, or -1 in * \return The amount of data written to the buffer, or -1 in
* case of an error. * case of an error.
*/ */
int x509_crl_info( char *buf, size_t size, const char *prefix, int mbedtls_x509_crl_info( char *buf, size_t size, const char *prefix,
const x509_crl *crl ); const mbedtls_x509_crl *crl );
/** /**
* \brief Initialize a CRL (chain) * \brief Initialize a CRL (chain)
* *
* \param crl CRL chain to initialize * \param crl CRL chain to initialize
*/ */
void x509_crl_init( x509_crl *crl ); void mbedtls_x509_crl_init( mbedtls_x509_crl *crl );
/** /**
* \brief Unallocate all CRL data * \brief Unallocate all CRL data
* *
* \param crl CRL chain to free * \param crl CRL chain to free
*/ */
void x509_crl_free( x509_crl *crl ); void mbedtls_x509_crl_free( mbedtls_x509_crl *crl );
/* \} name */ /* \} name */
/* \} addtogroup x509_module */ /* \} addtogroup x509_module */
@ -169,4 +169,4 @@ void x509_crl_free( x509_crl *crl );
} }
#endif #endif
#endif /* x509_crl.h */ #endif /* mbedtls_x509_crl.h */

242
include/mbedtls/x509_crt.h
View File

@ -1,5 +1,5 @@
/** /**
* \file x509_crt.h * \file mbedtls_x509_crt.h
* *
* \brief X.509 certificate parsing and writing * \brief X.509 certificate parsing and writing
* *
@ -21,13 +21,13 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_X509_CRT_H #ifndef MBEDTLS_X509_CRT_H
#define POLARSSL_X509_CRT_H #define MBEDTLS_X509_CRT_H
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h" #include "config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#include "x509.h" #include "x509.h"
@ -50,30 +50,30 @@ extern "C" {
/** /**
* Container for an X.509 certificate. The certificate may be chained. * Container for an X.509 certificate. The certificate may be chained.
*/ */
typedef struct _x509_crt typedef struct mbedtls_x509_crt
{ {
x509_buf raw; /**< The raw certificate data (DER). */ mbedtls_x509_buf raw; /**< The raw certificate data (DER). */
x509_buf tbs; /**< The raw certificate body (DER). The part that is To Be Signed. */ mbedtls_x509_buf tbs; /**< The raw certificate body (DER). The part that is To Be Signed. */
int version; /**< The X.509 version. (1=v1, 2=v2, 3=v3) */ int version; /**< The X.509 version. (1=v1, 2=v2, 3=v3) */
x509_buf serial; /**< Unique id for certificate issued by a specific CA. */ mbedtls_x509_buf serial; /**< Unique id for certificate issued by a specific CA. */
x509_buf sig_oid; /**< Signature algorithm, e.g. sha1RSA */ mbedtls_x509_buf sig_oid; /**< Signature algorithm, e.g. sha1RSA */
x509_buf issuer_raw; /**< The raw issuer data (DER). Used for quick comparison. */ mbedtls_x509_buf issuer_raw; /**< The raw issuer data (DER). Used for quick comparison. */
x509_buf subject_raw; /**< The raw subject data (DER). Used for quick comparison. */ mbedtls_x509_buf subject_raw; /**< The raw subject data (DER). Used for quick comparison. */
x509_name issuer; /**< The parsed issuer data (named information object). */ mbedtls_x509_name issuer; /**< The parsed issuer data (named information object). */
x509_name subject; /**< The parsed subject data (named information object). */ mbedtls_x509_name subject; /**< The parsed subject data (named information object). */
x509_time valid_from; /**< Start time of certificate validity. */ mbedtls_x509_time valid_from; /**< Start time of certificate validity. */
x509_time valid_to; /**< End time of certificate validity. */ mbedtls_x509_time valid_to; /**< End time of certificate validity. */
pk_context pk; /**< Container for the public key context. */ mbedtls_pk_context pk; /**< Container for the public key context. */
x509_buf issuer_id; /**< Optional X.509 v2/v3 issuer unique identifier. */ mbedtls_x509_buf issuer_id; /**< Optional X.509 v2/v3 issuer unique identifier. */
x509_buf subject_id; /**< Optional X.509 v2/v3 subject unique identifier. */ mbedtls_x509_buf subject_id; /**< Optional X.509 v2/v3 subject unique identifier. */
x509_buf v3_ext; /**< Optional X.509 v3 extensions. */ mbedtls_x509_buf v3_ext; /**< Optional X.509 v3 extensions. */
x509_sequence subject_alt_names; /**< Optional list of Subject Alternative Names (Only dNSName supported). */ mbedtls_x509_sequence subject_alt_names; /**< Optional list of Subject Alternative Names (Only dNSName supported). */
int ext_types; /**< Bit string containing detected and parsed extensions */ int ext_types; /**< Bit string containing detected and parsed extensions */
int ca_istrue; /**< Optional Basic Constraint extension value: 1 if this certificate belongs to a CA, 0 otherwise. */ int ca_istrue; /**< Optional Basic Constraint extension value: 1 if this certificate belongs to a CA, 0 otherwise. */
@ -81,45 +81,45 @@ typedef struct _x509_crt
unsigned int key_usage; /**< Optional key usage extension value: See the values in x509.h */ unsigned int key_usage; /**< Optional key usage extension value: See the values in x509.h */
x509_sequence ext_key_usage; /**< Optional list of extended key usage OIDs. */ mbedtls_x509_sequence ext_key_usage; /**< Optional list of extended key usage OIDs. */
unsigned char ns_cert_type; /**< Optional Netscape certificate type extension value: See the values in x509.h */ unsigned char ns_cert_type; /**< Optional Netscape certificate type extension value: See the values in x509.h */
x509_buf sig; /**< Signature: hash of the tbs part signed with the private key. */ mbedtls_x509_buf sig; /**< Signature: hash of the tbs part signed with the private key. */
md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. POLARSSL_MD_SHA256 */ mbedtls_md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. MBEDTLS_MD_SHA256 */
pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */ mbedtls_pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. MBEDTLS_PK_RSA */
void *sig_opts; /**< Signature options to be passed to pk_verify_ext(), e.g. for RSASSA-PSS */ void *sig_opts; /**< Signature options to be passed to mbedtls_pk_verify_ext(), e.g. for RSASSA-PSS */
struct _x509_crt *next; /**< Next certificate in the CA-chain. */ struct mbedtls_x509_crt *next; /**< Next certificate in the CA-chain. */
} }
x509_crt; mbedtls_x509_crt;
#define X509_CRT_VERSION_1 0 #define MBEDTLS_X509_CRT_VERSION_1 0
#define X509_CRT_VERSION_2 1 #define MBEDTLS_X509_CRT_VERSION_2 1
#define X509_CRT_VERSION_3 2 #define MBEDTLS_X509_CRT_VERSION_3 2
#define X509_RFC5280_MAX_SERIAL_LEN 32 #define MBEDTLS_X509_RFC5280_MAX_SERIAL_LEN 32
#define X509_RFC5280_UTC_TIME_LEN 15 #define MBEDTLS_X509_RFC5280_UTC_TIME_LEN 15
/** /**
* Container for writing a certificate (CRT) * Container for writing a certificate (CRT)
*/ */
typedef struct _x509write_cert typedef struct mbedtls_x509write_cert
{ {
int version; int version;
mpi serial; mbedtls_mpi serial;
pk_context *subject_key; mbedtls_pk_context *subject_key;
pk_context *issuer_key; mbedtls_pk_context *issuer_key;
asn1_named_data *subject; mbedtls_asn1_named_data *subject;
asn1_named_data *issuer; mbedtls_asn1_named_data *issuer;
md_type_t md_alg; mbedtls_md_type_t md_alg;
char not_before[X509_RFC5280_UTC_TIME_LEN + 1]; char not_before[MBEDTLS_X509_RFC5280_UTC_TIME_LEN + 1];
char not_after[X509_RFC5280_UTC_TIME_LEN + 1]; char not_after[MBEDTLS_X509_RFC5280_UTC_TIME_LEN + 1];
asn1_named_data *extensions; mbedtls_asn1_named_data *extensions;
} }
x509write_cert; mbedtls_x509write_cert;
#if defined(POLARSSL_X509_CRT_PARSE_C) #if defined(MBEDTLS_X509_CRT_PARSE_C)
/** /**
* \brief Parse a single DER formatted certificate and add it * \brief Parse a single DER formatted certificate and add it
* to the chained list. * to the chained list.
@ -130,7 +130,7 @@ x509write_cert;
* *
* \return 0 if successful, or a specific X509 or PEM error code * \return 0 if successful, or a specific X509 or PEM error code
*/ */
int x509_crt_parse_der( x509_crt *chain, const unsigned char *buf, int mbedtls_x509_crt_parse_der( mbedtls_x509_crt *chain, const unsigned char *buf,
size_t buflen ); size_t buflen );
/** /**
@ -147,9 +147,9 @@ int x509_crt_parse_der( x509_crt *chain, const unsigned char *buf,
* \return 0 if all certificates parsed successfully, a positive number * \return 0 if all certificates parsed successfully, a positive number
* if partly successful or a specific X509 or PEM error code * if partly successful or a specific X509 or PEM error code
*/ */
int x509_crt_parse( x509_crt *chain, const unsigned char *buf, size_t buflen ); int mbedtls_x509_crt_parse( mbedtls_x509_crt *chain, const unsigned char *buf, size_t buflen );
#if defined(POLARSSL_FS_IO) #if defined(MBEDTLS_FS_IO)
/** /**
* \brief Load one or more certificates and add them * \brief Load one or more certificates and add them
* to the chained list. Parses permissively. If some * to the chained list. Parses permissively. If some
@ -163,7 +163,7 @@ int x509_crt_parse( x509_crt *chain, const unsigned char *buf, size_t buflen );
* \return 0 if all certificates parsed successfully, a positive number * \return 0 if all certificates parsed successfully, a positive number
* if partly successful or a specific X509 or PEM error code * if partly successful or a specific X509 or PEM error code
*/ */
int x509_crt_parse_file( x509_crt *chain, const char *path ); int mbedtls_x509_crt_parse_file( mbedtls_x509_crt *chain, const char *path );
/** /**
* \brief Load one or more certificate files from a path and add them * \brief Load one or more certificate files from a path and add them
@ -173,7 +173,7 @@ int x509_crt_parse_file( x509_crt *chain, const char *path );
* correctly, the first error is returned. * correctly, the first error is returned.
* *
* \warning This function is NOT thread-safe unless * \warning This function is NOT thread-safe unless
* POLARSSL_THREADING_PTHREAD is defined. If you're using an * MBEDTLS_THREADING_PTHREAD is defined. If you're using an
* alternative threading implementation, you should either use * alternative threading implementation, you should either use
* this function only in the main thread, or mutex it. * this function only in the main thread, or mutex it.
* *
@ -183,8 +183,8 @@ int x509_crt_parse_file( x509_crt *chain, const char *path );
* \return 0 if all certificates parsed successfully, a positive number * \return 0 if all certificates parsed successfully, a positive number
* if partly successful or a specific X509 or PEM error code * if partly successful or a specific X509 or PEM error code
*/ */
int x509_crt_parse_path( x509_crt *chain, const char *path ); int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path );
#endif /* POLARSSL_FS_IO */ #endif /* MBEDTLS_FS_IO */
/** /**
* \brief Returns an informational string about the * \brief Returns an informational string about the
@ -198,8 +198,8 @@ int x509_crt_parse_path( x509_crt *chain, const char *path );
* \return The amount of data written to the buffer, or -1 in * \return The amount of data written to the buffer, or -1 in
* case of an error. * case of an error.
*/ */
int x509_crt_info( char *buf, size_t size, const char *prefix, int mbedtls_x509_crt_info( char *buf, size_t size, const char *prefix,
const x509_crt *crt ); const mbedtls_x509_crt *crt );
/** /**
* \brief Verify the certificate signature * \brief Verify the certificate signature
@ -209,7 +209,7 @@ int x509_crt_info( char *buf, size_t size, const char *prefix,
* the verification callback is called for each * the verification callback is called for each
* certificate in the chain (from the trust-ca down to the * certificate in the chain (from the trust-ca down to the
* presented crt). The parameters for the callback are: * presented crt). The parameters for the callback are:
* (void *parameter, x509_crt *crt, int certificate_depth, * (void *parameter, mbedtls_x509_crt *crt, int certificate_depth,
* int *flags). With the flags representing current flags for * int *flags). With the flags representing current flags for
* that specific certificate and the certificate depth from * that specific certificate and the certificate depth from
* the bottom (Peer cert depth = 0). * the bottom (Peer cert depth = 0).
@ -227,62 +227,62 @@ int x509_crt_info( char *buf, size_t size, const char *prefix,
* \param f_vrfy verification function * \param f_vrfy verification function
* \param p_vrfy verification parameter * \param p_vrfy verification parameter
* *
* \return 0 if successful or POLARSSL_ERR_X509_CERT_VERIFY_FAILED * \return 0 if successful or MBEDTLS_ERR_X509_CERT_VERIFY_FAILED
* in which case *flags will have one or more of * in which case *flags will have one or more of
* the following values set: * the following values set:
* BADCERT_EXPIRED -- * MBEDTLS_BADCERT_EXPIRED --
* BADCERT_REVOKED -- * MBEDTLS_X509_BADCERT_REVOKED --
* BADCERT_CN_MISMATCH -- * MBEDTLS_X509_BADCERT_CN_MISMATCH --
* BADCERT_NOT_TRUSTED * MBEDTLS_X509_BADCERT_NOT_TRUSTED
* or another error in case of a fatal error encountered * or another error in case of a fatal error encountered
* during the verification process. * during the verification process.
*/ */
int x509_crt_verify( x509_crt *crt, int mbedtls_x509_crt_verify( mbedtls_x509_crt *crt,
x509_crt *trust_ca, mbedtls_x509_crt *trust_ca,
x509_crl *ca_crl, mbedtls_x509_crl *ca_crl,
const char *cn, int *flags, const char *cn, int *flags,
int (*f_vrfy)(void *, x509_crt *, int, int *), int (*f_vrfy)(void *, mbedtls_x509_crt *, int, int *),
void *p_vrfy ); void *p_vrfy );
#if defined(POLARSSL_X509_CHECK_KEY_USAGE) #if defined(MBEDTLS_X509_CHECK_KEY_USAGE)
/** /**
* \brief Check usage of certificate against keyUsage extension. * \brief Check usage of certificate against keyUsage extension.
* *
* \param crt Leaf certificate used. * \param crt Leaf certificate used.
* \param usage Intended usage(s) (eg KU_KEY_ENCIPHERMENT before using the * \param usage Intended usage(s) (eg MBEDTLS_KU_KEY_ENCIPHERMENT before using the
* certificate to perform an RSA key exchange). * certificate to perform an RSA key exchange).
* *
* \return 0 is these uses of the certificate are allowed, * \return 0 is these uses of the certificate are allowed,
* POLARSSL_ERR_X509_BAD_INPUT_DATA if the keyUsage extension * MBEDTLS_ERR_X509_BAD_INPUT_DATA if the keyUsage extension
* is present but does not contain all the bits set in the * is present but does not contain all the bits set in the
* usage argument. * usage argument.
* *
* \note You should only call this function on leaf certificates, on * \note You should only call this function on leaf certificates, on
* (intermediate) CAs the keyUsage extension is automatically * (intermediate) CAs the keyUsage extension is automatically
* checked by \c x509_crt_verify(). * checked by \c mbedtls_x509_crt_verify().
*/ */
int x509_crt_check_key_usage( const x509_crt *crt, unsigned int usage ); int mbedtls_x509_crt_check_key_usage( const mbedtls_x509_crt *crt, unsigned int usage );
#endif /* POLARSSL_X509_CHECK_KEY_USAGE) */ #endif /* MBEDTLS_X509_CHECK_KEY_USAGE) */
#if defined(POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE) #if defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE)
/** /**
* \brief Check usage of certificate against extentedJeyUsage. * \brief Check usage of certificate against extentedJeyUsage.
* *
* \param crt Leaf certificate used. * \param crt Leaf certificate used.
* \param usage_oid Intended usage (eg OID_SERVER_AUTH or OID_CLIENT_AUTH). * \param usage_oid Intended usage (eg MBEDTLS_OID_SERVER_AUTH or MBEDTLS_OID_CLIENT_AUTH).
* \param usage_len Length of usage_oid (eg given by OID_SIZE()). * \param usage_len Length of usage_oid (eg given by MBEDTLS_OID_SIZE()).
* *
* \return 0 is this use of the certificate is allowed, * \return 0 is this use of the certificate is allowed,
* POLARSSL_ERR_X509_BAD_INPUT_DATA if not. * MBEDTLS_ERR_X509_BAD_INPUT_DATA if not.
* *
* \note Usually only makes sense on leaf certificates. * \note Usually only makes sense on leaf certificates.
*/ */
int x509_crt_check_extended_key_usage( const x509_crt *crt, int mbedtls_x509_crt_check_extended_key_usage( const mbedtls_x509_crt *crt,
const char *usage_oid, const char *usage_oid,
size_t usage_len ); size_t usage_len );
#endif /* POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE) */ #endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE) */
#if defined(POLARSSL_X509_CRL_PARSE_C) #if defined(MBEDTLS_X509_CRL_PARSE_C)
/** /**
* \brief Verify the certificate revocation status * \brief Verify the certificate revocation status
* *
@ -292,44 +292,44 @@ int x509_crt_check_extended_key_usage( const x509_crt *crt,
* \return 1 if the certificate is revoked, 0 otherwise * \return 1 if the certificate is revoked, 0 otherwise
* *
*/ */
int x509_crt_revoked( const x509_crt *crt, const x509_crl *crl ); int mbedtls_x509_crt_revoked( const mbedtls_x509_crt *crt, const mbedtls_x509_crl *crl );
#endif /* POLARSSL_X509_CRL_PARSE_C */ #endif /* MBEDTLS_X509_CRL_PARSE_C */
/** /**
* \brief Initialize a certificate (chain) * \brief Initialize a certificate (chain)
* *
* \param crt Certificate chain to initialize * \param crt Certificate chain to initialize
*/ */
void x509_crt_init( x509_crt *crt ); void mbedtls_x509_crt_init( mbedtls_x509_crt *crt );
/** /**
* \brief Unallocate all certificate data * \brief Unallocate all certificate data
* *
* \param crt Certificate chain to free * \param crt Certificate chain to free
*/ */
void x509_crt_free( x509_crt *crt ); void mbedtls_x509_crt_free( mbedtls_x509_crt *crt );
#endif /* POLARSSL_X509_CRT_PARSE_C */ #endif /* MBEDTLS_X509_CRT_PARSE_C */
/* \} name */ /* \} name */
/* \} addtogroup x509_module */ /* \} addtogroup x509_module */
#if defined(POLARSSL_X509_CRT_WRITE_C) #if defined(MBEDTLS_X509_CRT_WRITE_C)
/** /**
* \brief Initialize a CRT writing context * \brief Initialize a CRT writing context
* *
* \param ctx CRT context to initialize * \param ctx CRT context to initialize
*/ */
void x509write_crt_init( x509write_cert *ctx ); void mbedtls_x509write_crt_init( mbedtls_x509write_cert *ctx );
/** /**
* \brief Set the verion for a Certificate * \brief Set the verion for a Certificate
* Default: X509_CRT_VERSION_3 * Default: MBEDTLS_X509_CRT_VERSION_3
* *
* \param ctx CRT context to use * \param ctx CRT context to use
* \param version version to set (X509_CRT_VERSION_1, X509_CRT_VERSION_2 or * \param version version to set (MBEDTLS_X509_CRT_VERSION_1, MBEDTLS_X509_CRT_VERSION_2 or
* X509_CRT_VERSION_3) * MBEDTLS_X509_CRT_VERSION_3)
*/ */
void x509write_crt_set_version( x509write_cert *ctx, int version ); void mbedtls_x509write_crt_set_version( mbedtls_x509write_cert *ctx, int version );
/** /**
* \brief Set the serial number for a Certificate. * \brief Set the serial number for a Certificate.
@ -339,7 +339,7 @@ void x509write_crt_set_version( x509write_cert *ctx, int version );
* *
* \return 0 if successful * \return 0 if successful
*/ */
int x509write_crt_set_serial( x509write_cert *ctx, const mpi *serial ); int mbedtls_x509write_crt_set_serial( mbedtls_x509write_cert *ctx, const mbedtls_mpi *serial );
/** /**
* \brief Set the validity period for a Certificate * \brief Set the validity period for a Certificate
@ -355,7 +355,7 @@ int x509write_crt_set_serial( x509write_cert *ctx, const mpi *serial );
* \return 0 if timestamp was parsed successfully, or * \return 0 if timestamp was parsed successfully, or
* a specific error code * a specific error code
*/ */
int x509write_crt_set_validity( x509write_cert *ctx, const char *not_before, int mbedtls_x509write_crt_set_validity( mbedtls_x509write_cert *ctx, const char *not_before,
const char *not_after ); const char *not_after );
/** /**
@ -370,7 +370,7 @@ int x509write_crt_set_validity( x509write_cert *ctx, const char *not_before,
* \return 0 if issuer name was parsed successfully, or * \return 0 if issuer name was parsed successfully, or
* a specific error code * a specific error code
*/ */
int x509write_crt_set_issuer_name( x509write_cert *ctx, int mbedtls_x509write_crt_set_issuer_name( mbedtls_x509write_cert *ctx,
const char *issuer_name ); const char *issuer_name );
/** /**
@ -385,7 +385,7 @@ int x509write_crt_set_issuer_name( x509write_cert *ctx,
* \return 0 if subject name was parsed successfully, or * \return 0 if subject name was parsed successfully, or
* a specific error code * a specific error code
*/ */
int x509write_crt_set_subject_name( x509write_cert *ctx, int mbedtls_x509write_crt_set_subject_name( mbedtls_x509write_cert *ctx,
const char *subject_name ); const char *subject_name );
/** /**
@ -394,7 +394,7 @@ int x509write_crt_set_subject_name( x509write_cert *ctx,
* \param ctx CRT context to use * \param ctx CRT context to use
* \param key public key to include * \param key public key to include
*/ */
void x509write_crt_set_subject_key( x509write_cert *ctx, pk_context *key ); void mbedtls_x509write_crt_set_subject_key( mbedtls_x509write_cert *ctx, mbedtls_pk_context *key );
/** /**
* \brief Set the issuer key used for signing the certificate * \brief Set the issuer key used for signing the certificate
@ -402,16 +402,16 @@ void x509write_crt_set_subject_key( x509write_cert *ctx, pk_context *key );
* \param ctx CRT context to use * \param ctx CRT context to use
* \param key private key to sign with * \param key private key to sign with
*/ */
void x509write_crt_set_issuer_key( x509write_cert *ctx, pk_context *key ); void mbedtls_x509write_crt_set_issuer_key( mbedtls_x509write_cert *ctx, mbedtls_pk_context *key );
/** /**
* \brief Set the MD algorithm to use for the signature * \brief Set the MD algorithm to use for the signature
* (e.g. POLARSSL_MD_SHA1) * (e.g. MBEDTLS_MD_SHA1)
* *
* \param ctx CRT context to use * \param ctx CRT context to use
* \param md_alg MD algorithm to use * \param md_alg MD algorithm to use
*/ */
void x509write_crt_set_md_alg( x509write_cert *ctx, md_type_t md_alg ); void mbedtls_x509write_crt_set_md_alg( mbedtls_x509write_cert *ctx, mbedtls_md_type_t md_alg );
/** /**
* \brief Generic function to add to or replace an extension in the * \brief Generic function to add to or replace an extension in the
@ -424,9 +424,9 @@ void x509write_crt_set_md_alg( x509write_cert *ctx, md_type_t md_alg );
* \param val value of the extension OCTET STRING * \param val value of the extension OCTET STRING
* \param val_len length of the value data * \param val_len length of the value data
* *
* \return 0 if successful, or a POLARSSL_ERR_X509_MALLOC_FAILED * \return 0 if successful, or a MBEDTLS_ERR_X509_MALLOC_FAILED
*/ */
int x509write_crt_set_extension( x509write_cert *ctx, int mbedtls_x509write_crt_set_extension( mbedtls_x509write_cert *ctx,
const char *oid, size_t oid_len, const char *oid, size_t oid_len,
int critical, int critical,
const unsigned char *val, size_t val_len ); const unsigned char *val, size_t val_len );
@ -440,56 +440,56 @@ int x509write_crt_set_extension( x509write_cert *ctx,
* certificate (only for CA certificates, -1 is * certificate (only for CA certificates, -1 is
* inlimited) * inlimited)
* *
* \return 0 if successful, or a POLARSSL_ERR_X509_MALLOC_FAILED * \return 0 if successful, or a MBEDTLS_ERR_X509_MALLOC_FAILED
*/ */
int x509write_crt_set_basic_constraints( x509write_cert *ctx, int mbedtls_x509write_crt_set_basic_constraints( mbedtls_x509write_cert *ctx,
int is_ca, int max_pathlen ); int is_ca, int max_pathlen );
#if defined(POLARSSL_SHA1_C) #if defined(MBEDTLS_SHA1_C)
/** /**
* \brief Set the subjectKeyIdentifier extension for a CRT * \brief Set the subjectKeyIdentifier extension for a CRT
* Requires that x509write_crt_set_subject_key() has been * Requires that mbedtls_x509write_crt_set_subject_key() has been
* called before * called before
* *
* \param ctx CRT context to use * \param ctx CRT context to use
* *
* \return 0 if successful, or a POLARSSL_ERR_X509_MALLOC_FAILED * \return 0 if successful, or a MBEDTLS_ERR_X509_MALLOC_FAILED
*/ */
int x509write_crt_set_subject_key_identifier( x509write_cert *ctx ); int mbedtls_x509write_crt_set_subject_key_identifier( mbedtls_x509write_cert *ctx );
/** /**
* \brief Set the authorityKeyIdentifier extension for a CRT * \brief Set the authorityKeyIdentifier extension for a CRT
* Requires that x509write_crt_set_issuer_key() has been * Requires that mbedtls_x509write_crt_set_issuer_key() has been
* called before * called before
* *
* \param ctx CRT context to use * \param ctx CRT context to use
* *
* \return 0 if successful, or a POLARSSL_ERR_X509_MALLOC_FAILED * \return 0 if successful, or a MBEDTLS_ERR_X509_MALLOC_FAILED
*/ */
int x509write_crt_set_authority_key_identifier( x509write_cert *ctx ); int mbedtls_x509write_crt_set_authority_key_identifier( mbedtls_x509write_cert *ctx );
#endif /* POLARSSL_SHA1_C */ #endif /* MBEDTLS_SHA1_C */
/** /**
* \brief Set the Key Usage Extension flags * \brief Set the Key Usage Extension flags
* (e.g. KU_DIGITAL_SIGNATURE | KU_KEY_CERT_SIGN) * (e.g. MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_KEY_CERT_SIGN)
* *
* \param ctx CRT context to use * \param ctx CRT context to use
* \param key_usage key usage flags to set * \param key_usage key usage flags to set
* *
* \return 0 if successful, or POLARSSL_ERR_X509_MALLOC_FAILED * \return 0 if successful, or MBEDTLS_ERR_X509_MALLOC_FAILED
*/ */
int x509write_crt_set_key_usage( x509write_cert *ctx, unsigned char key_usage ); int mbedtls_x509write_crt_set_key_usage( mbedtls_x509write_cert *ctx, unsigned char key_usage );
/** /**
* \brief Set the Netscape Cert Type flags * \brief Set the Netscape Cert Type flags
* (e.g. NS_CERT_TYPE_SSL_CLIENT | NS_CERT_TYPE_EMAIL) * (e.g. MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT | MBEDTLS_X509_NS_CERT_TYPE_EMAIL)
* *
* \param ctx CRT context to use * \param ctx CRT context to use
* \param ns_cert_type Netscape Cert Type flags to set * \param ns_cert_type Netscape Cert Type flags to set
* *
* \return 0 if successful, or POLARSSL_ERR_X509_MALLOC_FAILED * \return 0 if successful, or MBEDTLS_ERR_X509_MALLOC_FAILED
*/ */
int x509write_crt_set_ns_cert_type( x509write_cert *ctx, int mbedtls_x509write_crt_set_ns_cert_type( mbedtls_x509write_cert *ctx,
unsigned char ns_cert_type ); unsigned char ns_cert_type );
/** /**
@ -497,7 +497,7 @@ int x509write_crt_set_ns_cert_type( x509write_cert *ctx,
* *
* \param ctx CRT context to free * \param ctx CRT context to free
*/ */
void x509write_crt_free( x509write_cert *ctx ); void mbedtls_x509write_crt_free( mbedtls_x509write_cert *ctx );
/** /**
* \brief Write a built up certificate to a X509 DER structure * \brief Write a built up certificate to a X509 DER structure
@ -519,11 +519,11 @@ void x509write_crt_free( x509write_cert *ctx );
* for countermeasures against timing attacks). * for countermeasures against timing attacks).
* ECDSA signatures always require a non-NULL f_rng. * ECDSA signatures always require a non-NULL f_rng.
*/ */
int x509write_crt_der( x509write_cert *ctx, unsigned char *buf, size_t size, int mbedtls_x509write_crt_der( mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng );
#if defined(POLARSSL_PEM_WRITE_C) #if defined(MBEDTLS_PEM_WRITE_C)
/** /**
* \brief Write a built up certificate to a X509 PEM string * \brief Write a built up certificate to a X509 PEM string
* *
@ -540,14 +540,14 @@ int x509write_crt_der( x509write_cert *ctx, unsigned char *buf, size_t size,
* for countermeasures against timing attacks). * for countermeasures against timing attacks).
* ECDSA signatures always require a non-NULL f_rng. * ECDSA signatures always require a non-NULL f_rng.
*/ */
int x509write_crt_pem( x509write_cert *ctx, unsigned char *buf, size_t size, int mbedtls_x509write_crt_pem( mbedtls_x509write_cert *ctx, unsigned char *buf, size_t size,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng );
#endif /* POLARSSL_PEM_WRITE_C */ #endif /* MBEDTLS_PEM_WRITE_C */
#endif /* POLARSSL_X509_CRT_WRITE_C */ #endif /* MBEDTLS_X509_CRT_WRITE_C */
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#endif /* x509_crt.h */ #endif /* mbedtls_x509_crt.h */

110
include/mbedtls/x509_csr.h
View File

@ -1,5 +1,5 @@
/** /**
* \file x509_csr.h * \file mbedtls_x509_csr.h
* *
* \brief X.509 certificate signing request parsing and writing * \brief X.509 certificate signing request parsing and writing
* *
@ -21,13 +21,13 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_X509_CSR_H #ifndef MBEDTLS_X509_CSR_H
#define POLARSSL_X509_CSR_H #define MBEDTLS_X509_CSR_H
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h" #include "config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#include "x509.h" #include "x509.h"
@ -48,39 +48,39 @@ extern "C" {
/** /**
* Certificate Signing Request (CSR) structure. * Certificate Signing Request (CSR) structure.
*/ */
typedef struct _x509_csr typedef struct mbedtls_x509_csr
{ {
x509_buf raw; /**< The raw CSR data (DER). */ mbedtls_x509_buf raw; /**< The raw CSR data (DER). */
x509_buf cri; /**< The raw CertificateRequestInfo body (DER). */ mbedtls_x509_buf cri; /**< The raw CertificateRequestInfo body (DER). */
int version; /**< CSR version (1=v1). */ int version; /**< CSR version (1=v1). */
x509_buf subject_raw; /**< The raw subject data (DER). */ mbedtls_x509_buf subject_raw; /**< The raw subject data (DER). */
x509_name subject; /**< The parsed subject data (named information object). */ mbedtls_x509_name subject; /**< The parsed subject data (named information object). */
pk_context pk; /**< Container for the public key context. */ mbedtls_pk_context pk; /**< Container for the public key context. */
x509_buf sig_oid; mbedtls_x509_buf sig_oid;
x509_buf sig; mbedtls_x509_buf sig;
md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. POLARSSL_MD_SHA256 */ mbedtls_md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. MBEDTLS_MD_SHA256 */
pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */ mbedtls_pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. MBEDTLS_PK_RSA */
void *sig_opts; /**< Signature options to be passed to pk_verify_ext(), e.g. for RSASSA-PSS */ void *sig_opts; /**< Signature options to be passed to mbedtls_pk_verify_ext(), e.g. for RSASSA-PSS */
} }
x509_csr; mbedtls_x509_csr;
/** /**
* Container for writing a CSR * Container for writing a CSR
*/ */
typedef struct _x509write_csr typedef struct mbedtls_x509write_csr
{ {
pk_context *key; mbedtls_pk_context *key;
asn1_named_data *subject; mbedtls_asn1_named_data *subject;
md_type_t md_alg; mbedtls_md_type_t md_alg;
asn1_named_data *extensions; mbedtls_asn1_named_data *extensions;
} }
x509write_csr; mbedtls_x509write_csr;
#if defined(POLARSSL_X509_CSR_PARSE_C) #if defined(MBEDTLS_X509_CSR_PARSE_C)
/** /**
* \brief Load a Certificate Signing Request (CSR) in DER format * \brief Load a Certificate Signing Request (CSR) in DER format
* *
@ -90,7 +90,7 @@ x509write_csr;
* *
* \return 0 if successful, or a specific X509 error code * \return 0 if successful, or a specific X509 error code
*/ */
int x509_csr_parse_der( x509_csr *csr, int mbedtls_x509_csr_parse_der( mbedtls_x509_csr *csr,
const unsigned char *buf, size_t buflen ); const unsigned char *buf, size_t buflen );
/** /**
@ -102,9 +102,9 @@ int x509_csr_parse_der( x509_csr *csr,
* *
* \return 0 if successful, or a specific X509 or PEM error code * \return 0 if successful, or a specific X509 or PEM error code
*/ */
int x509_csr_parse( x509_csr *csr, const unsigned char *buf, size_t buflen ); int mbedtls_x509_csr_parse( mbedtls_x509_csr *csr, const unsigned char *buf, size_t buflen );
#if defined(POLARSSL_FS_IO) #if defined(MBEDTLS_FS_IO)
/** /**
* \brief Load a Certificate Signing Request (CSR) * \brief Load a Certificate Signing Request (CSR)
* *
@ -113,8 +113,8 @@ int x509_csr_parse( x509_csr *csr, const unsigned char *buf, size_t buflen );
* *
* \return 0 if successful, or a specific X509 or PEM error code * \return 0 if successful, or a specific X509 or PEM error code
*/ */
int x509_csr_parse_file( x509_csr *csr, const char *path ); int mbedtls_x509_csr_parse_file( mbedtls_x509_csr *csr, const char *path );
#endif /* POLARSSL_FS_IO */ #endif /* MBEDTLS_FS_IO */
/** /**
* \brief Returns an informational string about the * \brief Returns an informational string about the
@ -128,34 +128,34 @@ int x509_csr_parse_file( x509_csr *csr, const char *path );
* \return The length of the string written (exluding the terminating * \return The length of the string written (exluding the terminating
* null byte), or a negative value in case of an error. * null byte), or a negative value in case of an error.
*/ */
int x509_csr_info( char *buf, size_t size, const char *prefix, int mbedtls_x509_csr_info( char *buf, size_t size, const char *prefix,
const x509_csr *csr ); const mbedtls_x509_csr *csr );
/** /**
* \brief Initialize a CSR * \brief Initialize a CSR
* *
* \param csr CSR to initialize * \param csr CSR to initialize
*/ */
void x509_csr_init( x509_csr *csr ); void mbedtls_x509_csr_init( mbedtls_x509_csr *csr );
/** /**
* \brief Unallocate all CSR data * \brief Unallocate all CSR data
* *
* \param csr CSR to free * \param csr CSR to free
*/ */
void x509_csr_free( x509_csr *csr ); void mbedtls_x509_csr_free( mbedtls_x509_csr *csr );
#endif /* POLARSSL_X509_CSR_PARSE_C */ #endif /* MBEDTLS_X509_CSR_PARSE_C */
/* \} name */ /* \} name */
/* \} addtogroup x509_module */ /* \} addtogroup x509_module */
#if defined(POLARSSL_X509_CSR_WRITE_C) #if defined(MBEDTLS_X509_CSR_WRITE_C)
/** /**
* \brief Initialize a CSR context * \brief Initialize a CSR context
* *
* \param ctx CSR context to initialize * \param ctx CSR context to initialize
*/ */
void x509write_csr_init( x509write_csr *ctx ); void mbedtls_x509write_csr_init( mbedtls_x509write_csr *ctx );
/** /**
* \brief Set the subject name for a CSR * \brief Set the subject name for a CSR
@ -169,7 +169,7 @@ void x509write_csr_init( x509write_csr *ctx );
* \return 0 if subject name was parsed successfully, or * \return 0 if subject name was parsed successfully, or
* a specific error code * a specific error code
*/ */
int x509write_csr_set_subject_name( x509write_csr *ctx, int mbedtls_x509write_csr_set_subject_name( mbedtls_x509write_csr *ctx,
const char *subject_name ); const char *subject_name );
/** /**
@ -179,38 +179,38 @@ int x509write_csr_set_subject_name( x509write_csr *ctx,
* \param ctx CSR context to use * \param ctx CSR context to use
* \param key Asymetric key to include * \param key Asymetric key to include
*/ */
void x509write_csr_set_key( x509write_csr *ctx, pk_context *key ); void mbedtls_x509write_csr_set_key( mbedtls_x509write_csr *ctx, mbedtls_pk_context *key );
/** /**
* \brief Set the MD algorithm to use for the signature * \brief Set the MD algorithm to use for the signature
* (e.g. POLARSSL_MD_SHA1) * (e.g. MBEDTLS_MD_SHA1)
* *
* \param ctx CSR context to use * \param ctx CSR context to use
* \param md_alg MD algorithm to use * \param md_alg MD algorithm to use
*/ */
void x509write_csr_set_md_alg( x509write_csr *ctx, md_type_t md_alg ); void mbedtls_x509write_csr_set_md_alg( mbedtls_x509write_csr *ctx, mbedtls_md_type_t md_alg );
/** /**
* \brief Set the Key Usage Extension flags * \brief Set the Key Usage Extension flags
* (e.g. KU_DIGITAL_SIGNATURE | KU_KEY_CERT_SIGN) * (e.g. MBEDTLS_X509_KU_DIGITAL_SIGNATURE | MBEDTLS_X509_KU_KEY_CERT_SIGN)
* *
* \param ctx CSR context to use * \param ctx CSR context to use
* \param key_usage key usage flags to set * \param key_usage key usage flags to set
* *
* \return 0 if successful, or POLARSSL_ERR_X509_MALLOC_FAILED * \return 0 if successful, or MBEDTLS_ERR_X509_MALLOC_FAILED
*/ */
int x509write_csr_set_key_usage( x509write_csr *ctx, unsigned char key_usage ); int mbedtls_x509write_csr_set_key_usage( mbedtls_x509write_csr *ctx, unsigned char key_usage );
/** /**
* \brief Set the Netscape Cert Type flags * \brief Set the Netscape Cert Type flags
* (e.g. NS_CERT_TYPE_SSL_CLIENT | NS_CERT_TYPE_EMAIL) * (e.g. MBEDTLS_X509_NS_CERT_TYPE_SSL_CLIENT | MBEDTLS_X509_NS_CERT_TYPE_EMAIL)
* *
* \param ctx CSR context to use * \param ctx CSR context to use
* \param ns_cert_type Netscape Cert Type flags to set * \param ns_cert_type Netscape Cert Type flags to set
* *
* \return 0 if successful, or POLARSSL_ERR_X509_MALLOC_FAILED * \return 0 if successful, or MBEDTLS_ERR_X509_MALLOC_FAILED
*/ */
int x509write_csr_set_ns_cert_type( x509write_csr *ctx, int mbedtls_x509write_csr_set_ns_cert_type( mbedtls_x509write_csr *ctx,
unsigned char ns_cert_type ); unsigned char ns_cert_type );
/** /**
@ -223,9 +223,9 @@ int x509write_csr_set_ns_cert_type( x509write_csr *ctx,
* \param val value of the extension OCTET STRING * \param val value of the extension OCTET STRING
* \param val_len length of the value data * \param val_len length of the value data
* *
* \return 0 if successful, or a POLARSSL_ERR_X509_MALLOC_FAILED * \return 0 if successful, or a MBEDTLS_ERR_X509_MALLOC_FAILED
*/ */
int x509write_csr_set_extension( x509write_csr *ctx, int mbedtls_x509write_csr_set_extension( mbedtls_x509write_csr *ctx,
const char *oid, size_t oid_len, const char *oid, size_t oid_len,
const unsigned char *val, size_t val_len ); const unsigned char *val, size_t val_len );
@ -234,7 +234,7 @@ int x509write_csr_set_extension( x509write_csr *ctx,
* *
* \param ctx CSR context to free * \param ctx CSR context to free
*/ */
void x509write_csr_free( x509write_csr *ctx ); void mbedtls_x509write_csr_free( mbedtls_x509write_csr *ctx );
/** /**
* \brief Write a CSR (Certificate Signing Request) to a * \brief Write a CSR (Certificate Signing Request) to a
@ -257,11 +257,11 @@ void x509write_csr_free( x509write_csr *ctx );
* for countermeasures against timing attacks). * for countermeasures against timing attacks).
* ECDSA signatures always require a non-NULL f_rng. * ECDSA signatures always require a non-NULL f_rng.
*/ */
int x509write_csr_der( x509write_csr *ctx, unsigned char *buf, size_t size, int mbedtls_x509write_csr_der( mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng );
#if defined(POLARSSL_PEM_WRITE_C) #if defined(MBEDTLS_PEM_WRITE_C)
/** /**
* \brief Write a CSR (Certificate Signing Request) to a * \brief Write a CSR (Certificate Signing Request) to a
* PEM string * PEM string
@ -279,14 +279,14 @@ int x509write_csr_der( x509write_csr *ctx, unsigned char *buf, size_t size,
* for couermeasures against timing attacks). * for couermeasures against timing attacks).
* ECDSA signatures always require a non-NULL f_rng. * ECDSA signatures always require a non-NULL f_rng.
*/ */
int x509write_csr_pem( x509write_csr *ctx, unsigned char *buf, size_t size, int mbedtls_x509write_csr_pem( mbedtls_x509write_csr *ctx, unsigned char *buf, size_t size,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ); void *p_rng );
#endif /* POLARSSL_PEM_WRITE_C */ #endif /* MBEDTLS_PEM_WRITE_C */
#endif /* POLARSSL_X509_CSR_WRITE_C */ #endif /* MBEDTLS_X509_CSR_WRITE_C */
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#endif /* x509_csr.h */ #endif /* mbedtls_x509_csr.h */

44
include/mbedtls/xtea.h
View File

@ -21,13 +21,13 @@
* with this program; if not, write to the Free Software Foundation, Inc., * with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#ifndef POLARSSL_XTEA_H #ifndef MBEDTLS_XTEA_H
#define POLARSSL_XTEA_H #define MBEDTLS_XTEA_H
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "config.h" #include "config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#include <stddef.h> #include <stddef.h>
@ -39,12 +39,12 @@ typedef UINT32 uint32_t;
#include <inttypes.h> #include <inttypes.h>
#endif #endif
#define XTEA_ENCRYPT 1 #define MBEDTLS_XTEA_ENCRYPT 1
#define XTEA_DECRYPT 0 #define MBEDTLS_XTEA_DECRYPT 0
#define POLARSSL_ERR_XTEA_INVALID_INPUT_LENGTH -0x0028 /**< The data input has an invalid length. */ #define MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH -0x0028 /**< The data input has an invalid length. */
#if !defined(POLARSSL_XTEA_ALT) #if !defined(MBEDTLS_XTEA_ALT)
// Regular implementation // Regular implementation
// //
@ -59,21 +59,21 @@ typedef struct
{ {
uint32_t k[4]; /*!< key */ uint32_t k[4]; /*!< key */
} }
xtea_context; mbedtls_xtea_context;
/** /**
* \brief Initialize XTEA context * \brief Initialize XTEA context
* *
* \param ctx XTEA context to be initialized * \param ctx XTEA context to be initialized
*/ */
void xtea_init( xtea_context *ctx ); void mbedtls_xtea_init( mbedtls_xtea_context *ctx );
/** /**
* \brief Clear XTEA context * \brief Clear XTEA context
* *
* \param ctx XTEA context to be cleared * \param ctx XTEA context to be cleared
*/ */
void xtea_free( xtea_context *ctx ); void mbedtls_xtea_free( mbedtls_xtea_context *ctx );
/** /**
* \brief XTEA key schedule * \brief XTEA key schedule
@ -81,52 +81,52 @@ void xtea_free( xtea_context *ctx );
* \param ctx XTEA context to be initialized * \param ctx XTEA context to be initialized
* \param key the secret key * \param key the secret key
*/ */
void xtea_setup( xtea_context *ctx, const unsigned char key[16] ); void mbedtls_xtea_setup( mbedtls_xtea_context *ctx, const unsigned char key[16] );
/** /**
* \brief XTEA cipher function * \brief XTEA cipher function
* *
* \param ctx XTEA context * \param ctx XTEA context
* \param mode XTEA_ENCRYPT or XTEA_DECRYPT * \param mode MBEDTLS_XTEA_ENCRYPT or MBEDTLS_XTEA_DECRYPT
* \param input 8-byte input block * \param input 8-byte input block
* \param output 8-byte output block * \param output 8-byte output block
* *
* \return 0 if successful * \return 0 if successful
*/ */
int xtea_crypt_ecb( xtea_context *ctx, int mbedtls_xtea_crypt_ecb( mbedtls_xtea_context *ctx,
int mode, int mode,
const unsigned char input[8], const unsigned char input[8],
unsigned char output[8] ); unsigned char output[8] );
#if defined(POLARSSL_CIPHER_MODE_CBC) #if defined(MBEDTLS_CIPHER_MODE_CBC)
/** /**
* \brief XTEA CBC cipher function * \brief XTEA CBC cipher function
* *
* \param ctx XTEA context * \param ctx XTEA context
* \param mode XTEA_ENCRYPT or XTEA_DECRYPT * \param mode MBEDTLS_XTEA_ENCRYPT or MBEDTLS_XTEA_DECRYPT
* \param length the length of input, multiple of 8 * \param length the length of input, multiple of 8
* \param iv initialization vector for CBC mode * \param iv initialization vector for CBC mode
* \param input input block * \param input input block
* \param output output block * \param output output block
* *
* \return 0 if successful, * \return 0 if successful,
* POLARSSL_ERR_XTEA_INVALID_INPUT_LENGTH if the length % 8 != 0 * MBEDTLS_ERR_XTEA_INVALID_INPUT_LENGTH if the length % 8 != 0
*/ */
int xtea_crypt_cbc( xtea_context *ctx, int mbedtls_xtea_crypt_cbc( mbedtls_xtea_context *ctx,
int mode, int mode,
size_t length, size_t length,
unsigned char iv[8], unsigned char iv[8],
const unsigned char *input, const unsigned char *input,
unsigned char *output); unsigned char *output);
#endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* MBEDTLS_CIPHER_MODE_CBC */
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#else /* POLARSSL_XTEA_ALT */ #else /* MBEDTLS_XTEA_ALT */
#include "xtea_alt.h" #include "xtea_alt.h"
#endif /* POLARSSL_XTEA_ALT */ #endif /* MBEDTLS_XTEA_ALT */
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
@ -137,7 +137,7 @@ extern "C" {
* *
* \return 0 if successful, or 1 if the test failed * \return 0 if successful, or 1 if the test failed
*/ */
int xtea_self_test( int verbose ); int mbedtls_xtea_self_test( int verbose );
#ifdef __cplusplus #ifdef __cplusplus
} }

274
library/aes.c
View File

@ -26,37 +26,37 @@
* http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf * http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
*/ */
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h" #include "mbedtls/config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#if defined(POLARSSL_AES_C) #if defined(MBEDTLS_AES_C)
#include <string.h> #include <string.h>
#include "mbedtls/aes.h" #include "mbedtls/aes.h"
#if defined(POLARSSL_PADLOCK_C) #if defined(MBEDTLS_PADLOCK_C)
#include "mbedtls/padlock.h" #include "mbedtls/padlock.h"
#endif #endif
#if defined(POLARSSL_AESNI_C) #if defined(MBEDTLS_AESNI_C)
#include "mbedtls/aesni.h" #include "mbedtls/aesni.h"
#endif #endif
#if defined(POLARSSL_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
#if defined(POLARSSL_PLATFORM_C) #if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h" #include "mbedtls/platform.h"
#else #else
#include <stdio.h> #include <stdio.h>
#define polarssl_printf printf #define mbedtls_printf printf
#endif /* POLARSSL_PLATFORM_C */ #endif /* MBEDTLS_PLATFORM_C */
#endif /* POLARSSL_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */
#if !defined(POLARSSL_AES_ALT) #if !defined(MBEDTLS_AES_ALT)
/* Implementation that should never be optimized out by the compiler */ /* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) { static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0; volatile unsigned char *p = v; while( n-- ) *p++ = 0;
} }
@ -83,12 +83,12 @@ static void polarssl_zeroize( void *v, size_t n ) {
} }
#endif #endif
#if defined(POLARSSL_PADLOCK_C) && \ #if defined(MBEDTLS_PADLOCK_C) && \
( defined(POLARSSL_HAVE_X86) || defined(PADLOCK_ALIGN16) ) ( defined(MBEDTLS_HAVE_X86) || defined(MBEDTLS_PADLOCK_ALIGN16) )
static int aes_padlock_ace = -1; static int aes_padlock_ace = -1;
#endif #endif
#if defined(POLARSSL_AES_ROM_TABLES) #if defined(MBEDTLS_AES_ROM_TABLES)
/* /*
* Forward S-box * Forward S-box
*/ */
@ -353,7 +353,7 @@ static const uint32_t RCON[10] =
0x0000001B, 0x00000036 0x0000001B, 0x00000036
}; };
#else /* POLARSSL_AES_ROM_TABLES */ #else /* MBEDTLS_AES_ROM_TABLES */
/* /*
* Forward S-box & tables * Forward S-box & tables
@ -463,31 +463,31 @@ static void aes_gen_tables( void )
} }
} }
#endif /* POLARSSL_AES_ROM_TABLES */ #endif /* MBEDTLS_AES_ROM_TABLES */
void aes_init( aes_context *ctx ) void mbedtls_aes_init( mbedtls_aes_context *ctx )
{ {
memset( ctx, 0, sizeof( aes_context ) ); memset( ctx, 0, sizeof( mbedtls_aes_context ) );
} }
void aes_free( aes_context *ctx ) void mbedtls_aes_free( mbedtls_aes_context *ctx )
{ {
if( ctx == NULL ) if( ctx == NULL )
return; return;
polarssl_zeroize( ctx, sizeof( aes_context ) ); mbedtls_zeroize( ctx, sizeof( mbedtls_aes_context ) );
} }
/* /*
* AES key schedule (encryption) * AES key schedule (encryption)
*/ */
int aes_setkey_enc( aes_context *ctx, const unsigned char *key, int mbedtls_aes_setkey_enc( mbedtls_aes_context *ctx, const unsigned char *key,
unsigned int keysize ) unsigned int keysize )
{ {
unsigned int i; unsigned int i;
uint32_t *RK; uint32_t *RK;
#if !defined(POLARSSL_AES_ROM_TABLES) #if !defined(MBEDTLS_AES_ROM_TABLES)
if( aes_init_done == 0 ) if( aes_init_done == 0 )
{ {
aes_gen_tables(); aes_gen_tables();
@ -501,22 +501,22 @@ int aes_setkey_enc( aes_context *ctx, const unsigned char *key,
case 128: ctx->nr = 10; break; case 128: ctx->nr = 10; break;
case 192: ctx->nr = 12; break; case 192: ctx->nr = 12; break;
case 256: ctx->nr = 14; break; case 256: ctx->nr = 14; break;
default : return( POLARSSL_ERR_AES_INVALID_KEY_LENGTH ); default : return( MBEDTLS_ERR_AES_INVALID_KEY_LENGTH );
} }
#if defined(POLARSSL_PADLOCK_C) && defined(PADLOCK_ALIGN16) #if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_PADLOCK_ALIGN16)
if( aes_padlock_ace == -1 ) if( aes_padlock_ace == -1 )
aes_padlock_ace = padlock_supports( PADLOCK_ACE ); aes_padlock_ace = mbedtls_padlock_supports( MBEDTLS_PADLOCK_ACE );
if( aes_padlock_ace ) if( aes_padlock_ace )
ctx->rk = RK = PADLOCK_ALIGN16( ctx->buf ); ctx->rk = RK = MBEDTLS_PADLOCK_ALIGN16( ctx->buf );
else else
#endif #endif
ctx->rk = RK = ctx->buf; ctx->rk = RK = ctx->buf;
#if defined(POLARSSL_AESNI_C) && defined(POLARSSL_HAVE_X86_64) #if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64)
if( aesni_supports( POLARSSL_AESNI_AES ) ) if( mbedtls_aesni_supports( MBEDTLS_AESNI_AES ) )
return( aesni_setkey_enc( (unsigned char *) ctx->rk, key, keysize ) ); return( mbedtls_aesni_setkey_enc( (unsigned char *) ctx->rk, key, keysize ) );
#endif #endif
for( i = 0; i < ( keysize >> 5 ); i++ ) for( i = 0; i < ( keysize >> 5 ); i++ )
@ -593,36 +593,36 @@ int aes_setkey_enc( aes_context *ctx, const unsigned char *key,
/* /*
* AES key schedule (decryption) * AES key schedule (decryption)
*/ */
int aes_setkey_dec( aes_context *ctx, const unsigned char *key, int mbedtls_aes_setkey_dec( mbedtls_aes_context *ctx, const unsigned char *key,
unsigned int keysize ) unsigned int keysize )
{ {
int i, j, ret; int i, j, ret;
aes_context cty; mbedtls_aes_context cty;
uint32_t *RK; uint32_t *RK;
uint32_t *SK; uint32_t *SK;
aes_init( &cty ); mbedtls_aes_init( &cty );
#if defined(POLARSSL_PADLOCK_C) && defined(PADLOCK_ALIGN16) #if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_PADLOCK_ALIGN16)
if( aes_padlock_ace == -1 ) if( aes_padlock_ace == -1 )
aes_padlock_ace = padlock_supports( PADLOCK_ACE ); aes_padlock_ace = mbedtls_padlock_supports( MBEDTLS_PADLOCK_ACE );
if( aes_padlock_ace ) if( aes_padlock_ace )
ctx->rk = RK = PADLOCK_ALIGN16( ctx->buf ); ctx->rk = RK = MBEDTLS_PADLOCK_ALIGN16( ctx->buf );
else else
#endif #endif
ctx->rk = RK = ctx->buf; ctx->rk = RK = ctx->buf;
/* Also checks keysize */ /* Also checks keysize */
if( ( ret = aes_setkey_enc( &cty, key, keysize ) ) != 0 ) if( ( ret = mbedtls_aes_setkey_enc( &cty, key, keysize ) ) != 0 )
goto exit; goto exit;
ctx->nr = cty.nr; ctx->nr = cty.nr;
#if defined(POLARSSL_AESNI_C) && defined(POLARSSL_HAVE_X86_64) #if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64)
if( aesni_supports( POLARSSL_AESNI_AES ) ) if( mbedtls_aesni_supports( MBEDTLS_AESNI_AES ) )
{ {
aesni_inverse_key( (unsigned char *) ctx->rk, mbedtls_aesni_inverse_key( (unsigned char *) ctx->rk,
(const unsigned char *) cty.rk, ctx->nr ); (const unsigned char *) cty.rk, ctx->nr );
goto exit; goto exit;
} }
@ -652,7 +652,7 @@ int aes_setkey_dec( aes_context *ctx, const unsigned char *key,
*RK++ = *SK++; *RK++ = *SK++;
exit: exit:
aes_free( &cty ); mbedtls_aes_free( &cty );
return( ret ); return( ret );
} }
@ -706,7 +706,7 @@ exit:
/* /*
* AES-ECB block encryption/decryption * AES-ECB block encryption/decryption
*/ */
int aes_crypt_ecb( aes_context *ctx, int mbedtls_aes_crypt_ecb( mbedtls_aes_context *ctx,
int mode, int mode,
const unsigned char input[16], const unsigned char input[16],
unsigned char output[16] ) unsigned char output[16] )
@ -714,15 +714,15 @@ int aes_crypt_ecb( aes_context *ctx,
int i; int i;
uint32_t *RK, X0, X1, X2, X3, Y0, Y1, Y2, Y3; uint32_t *RK, X0, X1, X2, X3, Y0, Y1, Y2, Y3;
#if defined(POLARSSL_AESNI_C) && defined(POLARSSL_HAVE_X86_64) #if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64)
if( aesni_supports( POLARSSL_AESNI_AES ) ) if( mbedtls_aesni_supports( MBEDTLS_AESNI_AES ) )
return( aesni_crypt_ecb( ctx, mode, input, output ) ); return( mbedtls_aesni_crypt_ecb( ctx, mode, input, output ) );
#endif #endif
#if defined(POLARSSL_PADLOCK_C) && defined(POLARSSL_HAVE_X86) #if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86)
if( aes_padlock_ace ) if( aes_padlock_ace )
{ {
if( padlock_xcryptecb( ctx, mode, input, output ) == 0 ) if( mbedtls_padlock_xcryptecb( ctx, mode, input, output ) == 0 )
return( 0 ); return( 0 );
// If padlock data misaligned, we just fall back to // If padlock data misaligned, we just fall back to
@ -738,7 +738,7 @@ int aes_crypt_ecb( aes_context *ctx,
GET_UINT32_LE( X2, input, 8 ); X2 ^= *RK++; GET_UINT32_LE( X2, input, 8 ); X2 ^= *RK++;
GET_UINT32_LE( X3, input, 12 ); X3 ^= *RK++; GET_UINT32_LE( X3, input, 12 ); X3 ^= *RK++;
if( mode == AES_DECRYPT ) if( mode == MBEDTLS_AES_DECRYPT )
{ {
for( i = ( ctx->nr >> 1 ) - 1; i > 0; i-- ) for( i = ( ctx->nr >> 1 ) - 1; i > 0; i-- )
{ {
@ -772,7 +772,7 @@ int aes_crypt_ecb( aes_context *ctx,
( (uint32_t) RSb[ ( Y1 >> 16 ) & 0xFF ] << 16 ) ^ ( (uint32_t) RSb[ ( Y1 >> 16 ) & 0xFF ] << 16 ) ^
( (uint32_t) RSb[ ( Y0 >> 24 ) & 0xFF ] << 24 ); ( (uint32_t) RSb[ ( Y0 >> 24 ) & 0xFF ] << 24 );
} }
else /* AES_ENCRYPT */ else /* MBEDTLS_AES_ENCRYPT */
{ {
for( i = ( ctx->nr >> 1 ) - 1; i > 0; i-- ) for( i = ( ctx->nr >> 1 ) - 1; i > 0; i-- )
{ {
@ -815,11 +815,11 @@ int aes_crypt_ecb( aes_context *ctx,
return( 0 ); return( 0 );
} }
#if defined(POLARSSL_CIPHER_MODE_CBC) #if defined(MBEDTLS_CIPHER_MODE_CBC)
/* /*
* AES-CBC buffer encryption/decryption * AES-CBC buffer encryption/decryption
*/ */
int aes_crypt_cbc( aes_context *ctx, int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
int mode, int mode,
size_t length, size_t length,
unsigned char iv[16], unsigned char iv[16],
@ -830,12 +830,12 @@ int aes_crypt_cbc( aes_context *ctx,
unsigned char temp[16]; unsigned char temp[16];
if( length % 16 ) if( length % 16 )
return( POLARSSL_ERR_AES_INVALID_INPUT_LENGTH ); return( MBEDTLS_ERR_AES_INVALID_INPUT_LENGTH );
#if defined(POLARSSL_PADLOCK_C) && defined(POLARSSL_HAVE_X86) #if defined(MBEDTLS_PADLOCK_C) && defined(MBEDTLS_HAVE_X86)
if( aes_padlock_ace ) if( aes_padlock_ace )
{ {
if( padlock_xcryptcbc( ctx, mode, length, iv, input, output ) == 0 ) if( mbedtls_padlock_xcryptcbc( ctx, mode, length, iv, input, output ) == 0 )
return( 0 ); return( 0 );
// If padlock data misaligned, we just fall back to // If padlock data misaligned, we just fall back to
@ -844,12 +844,12 @@ int aes_crypt_cbc( aes_context *ctx,
} }
#endif #endif
if( mode == AES_DECRYPT ) if( mode == MBEDTLS_AES_DECRYPT )
{ {
while( length > 0 ) while( length > 0 )
{ {
memcpy( temp, input, 16 ); memcpy( temp, input, 16 );
aes_crypt_ecb( ctx, mode, input, output ); mbedtls_aes_crypt_ecb( ctx, mode, input, output );
for( i = 0; i < 16; i++ ) for( i = 0; i < 16; i++ )
output[i] = (unsigned char)( output[i] ^ iv[i] ); output[i] = (unsigned char)( output[i] ^ iv[i] );
@ -868,7 +868,7 @@ int aes_crypt_cbc( aes_context *ctx,
for( i = 0; i < 16; i++ ) for( i = 0; i < 16; i++ )
output[i] = (unsigned char)( input[i] ^ iv[i] ); output[i] = (unsigned char)( input[i] ^ iv[i] );
aes_crypt_ecb( ctx, mode, output, output ); mbedtls_aes_crypt_ecb( ctx, mode, output, output );
memcpy( iv, output, 16 ); memcpy( iv, output, 16 );
input += 16; input += 16;
@ -879,13 +879,13 @@ int aes_crypt_cbc( aes_context *ctx,
return( 0 ); return( 0 );
} }
#endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(POLARSSL_CIPHER_MODE_CFB) #if defined(MBEDTLS_CIPHER_MODE_CFB)
/* /*
* AES-CFB128 buffer encryption/decryption * AES-CFB128 buffer encryption/decryption
*/ */
int aes_crypt_cfb128( aes_context *ctx, int mbedtls_aes_crypt_cfb128( mbedtls_aes_context *ctx,
int mode, int mode,
size_t length, size_t length,
size_t *iv_off, size_t *iv_off,
@ -896,12 +896,12 @@ int aes_crypt_cfb128( aes_context *ctx,
int c; int c;
size_t n = *iv_off; size_t n = *iv_off;
if( mode == AES_DECRYPT ) if( mode == MBEDTLS_AES_DECRYPT )
{ {
while( length-- ) while( length-- )
{ {
if( n == 0 ) if( n == 0 )
aes_crypt_ecb( ctx, AES_ENCRYPT, iv, iv ); mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, iv, iv );
c = *input++; c = *input++;
*output++ = (unsigned char)( c ^ iv[n] ); *output++ = (unsigned char)( c ^ iv[n] );
@ -915,7 +915,7 @@ int aes_crypt_cfb128( aes_context *ctx,
while( length-- ) while( length-- )
{ {
if( n == 0 ) if( n == 0 )
aes_crypt_ecb( ctx, AES_ENCRYPT, iv, iv ); mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, iv, iv );
iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ ); iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ );
@ -931,7 +931,7 @@ int aes_crypt_cfb128( aes_context *ctx,
/* /*
* AES-CFB8 buffer encryption/decryption * AES-CFB8 buffer encryption/decryption
*/ */
int aes_crypt_cfb8( aes_context *ctx, int mbedtls_aes_crypt_cfb8( mbedtls_aes_context *ctx,
int mode, int mode,
size_t length, size_t length,
unsigned char iv[16], unsigned char iv[16],
@ -944,14 +944,14 @@ int aes_crypt_cfb8( aes_context *ctx,
while( length-- ) while( length-- )
{ {
memcpy( ov, iv, 16 ); memcpy( ov, iv, 16 );
aes_crypt_ecb( ctx, AES_ENCRYPT, iv, iv ); mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, iv, iv );
if( mode == AES_DECRYPT ) if( mode == MBEDTLS_AES_DECRYPT )
ov[16] = *input; ov[16] = *input;
c = *output++ = (unsigned char)( iv[0] ^ *input++ ); c = *output++ = (unsigned char)( iv[0] ^ *input++ );
if( mode == AES_ENCRYPT ) if( mode == MBEDTLS_AES_ENCRYPT )
ov[16] = c; ov[16] = c;
memcpy( iv, ov + 1, 16 ); memcpy( iv, ov + 1, 16 );
@ -959,13 +959,13 @@ int aes_crypt_cfb8( aes_context *ctx,
return( 0 ); return( 0 );
} }
#endif /*POLARSSL_CIPHER_MODE_CFB */ #endif /*MBEDTLS_CIPHER_MODE_CFB */
#if defined(POLARSSL_CIPHER_MODE_CTR) #if defined(MBEDTLS_CIPHER_MODE_CTR)
/* /*
* AES-CTR buffer encryption/decryption * AES-CTR buffer encryption/decryption
*/ */
int aes_crypt_ctr( aes_context *ctx, int mbedtls_aes_crypt_ctr( mbedtls_aes_context *ctx,
size_t length, size_t length,
size_t *nc_off, size_t *nc_off,
unsigned char nonce_counter[16], unsigned char nonce_counter[16],
@ -979,7 +979,7 @@ int aes_crypt_ctr( aes_context *ctx,
while( length-- ) while( length-- )
{ {
if( n == 0 ) { if( n == 0 ) {
aes_crypt_ecb( ctx, AES_ENCRYPT, nonce_counter, stream_block ); mbedtls_aes_crypt_ecb( ctx, MBEDTLS_AES_ENCRYPT, nonce_counter, stream_block );
for( i = 16; i > 0; i-- ) for( i = 16; i > 0; i-- )
if( ++nonce_counter[i - 1] != 0 ) if( ++nonce_counter[i - 1] != 0 )
@ -995,11 +995,11 @@ int aes_crypt_ctr( aes_context *ctx,
return( 0 ); return( 0 );
} }
#endif /* POLARSSL_CIPHER_MODE_CTR */ #endif /* MBEDTLS_CIPHER_MODE_CTR */
#endif /* !POLARSSL_AES_ALT */ #endif /* !MBEDTLS_AES_ALT */
#if defined(POLARSSL_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
/* /*
* AES test vectors from: * AES test vectors from:
* *
@ -1025,7 +1025,7 @@ static const unsigned char aes_test_ecb_enc[3][16] =
0xFF, 0x30, 0xB4, 0xEA, 0x21, 0x63, 0x6D, 0xA4 } 0xFF, 0x30, 0xB4, 0xEA, 0x21, 0x63, 0x6D, 0xA4 }
}; };
#if defined(POLARSSL_CIPHER_MODE_CBC) #if defined(MBEDTLS_CIPHER_MODE_CBC)
static const unsigned char aes_test_cbc_dec[3][16] = static const unsigned char aes_test_cbc_dec[3][16] =
{ {
{ 0xFA, 0xCA, 0x37, 0xE0, 0xB0, 0xC8, 0x53, 0x73, { 0xFA, 0xCA, 0x37, 0xE0, 0xB0, 0xC8, 0x53, 0x73,
@ -1045,9 +1045,9 @@ static const unsigned char aes_test_cbc_enc[3][16] =
{ 0xFE, 0x3C, 0x53, 0x65, 0x3E, 0x2F, 0x45, 0xB5, { 0xFE, 0x3C, 0x53, 0x65, 0x3E, 0x2F, 0x45, 0xB5,
0x6F, 0xCD, 0x88, 0xB2, 0xCC, 0x89, 0x8F, 0xF0 } 0x6F, 0xCD, 0x88, 0xB2, 0xCC, 0x89, 0x8F, 0xF0 }
}; };
#endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(POLARSSL_CIPHER_MODE_CFB) #if defined(MBEDTLS_CIPHER_MODE_CFB)
/* /*
* AES-CFB128 test vectors from: * AES-CFB128 test vectors from:
* *
@ -1111,9 +1111,9 @@ static const unsigned char aes_test_cfb128_ct[3][64] =
0x75, 0xA3, 0x85, 0x74, 0x1A, 0xB9, 0xCE, 0xF8, 0x75, 0xA3, 0x85, 0x74, 0x1A, 0xB9, 0xCE, 0xF8,
0x20, 0x31, 0x62, 0x3D, 0x55, 0xB1, 0xE4, 0x71 } 0x20, 0x31, 0x62, 0x3D, 0x55, 0xB1, 0xE4, 0x71 }
}; };
#endif /* POLARSSL_CIPHER_MODE_CFB */ #endif /* MBEDTLS_CIPHER_MODE_CFB */
#if defined(POLARSSL_CIPHER_MODE_CTR) #if defined(MBEDTLS_CIPHER_MODE_CTR)
/* /*
* AES-CTR test vectors from: * AES-CTR test vectors from:
* *
@ -1174,32 +1174,32 @@ static const unsigned char aes_test_ctr_ct[3][48] =
static const int aes_test_ctr_len[3] = static const int aes_test_ctr_len[3] =
{ 16, 32, 36 }; { 16, 32, 36 };
#endif /* POLARSSL_CIPHER_MODE_CTR */ #endif /* MBEDTLS_CIPHER_MODE_CTR */
/* /*
* Checkup routine * Checkup routine
*/ */
int aes_self_test( int verbose ) int mbedtls_aes_self_test( int verbose )
{ {
int ret = 0, i, j, u, v; int ret = 0, i, j, u, v;
unsigned char key[32]; unsigned char key[32];
unsigned char buf[64]; unsigned char buf[64];
unsigned char iv[16]; unsigned char iv[16];
#if defined(POLARSSL_CIPHER_MODE_CBC) #if defined(MBEDTLS_CIPHER_MODE_CBC)
unsigned char prv[16]; unsigned char prv[16];
#endif #endif
#if defined(POLARSSL_CIPHER_MODE_CTR) || defined(POLARSSL_CIPHER_MODE_CFB) #if defined(MBEDTLS_CIPHER_MODE_CTR) || defined(MBEDTLS_CIPHER_MODE_CFB)
size_t offset; size_t offset;
#endif #endif
#if defined(POLARSSL_CIPHER_MODE_CTR) #if defined(MBEDTLS_CIPHER_MODE_CTR)
int len; int len;
unsigned char nonce_counter[16]; unsigned char nonce_counter[16];
unsigned char stream_block[16]; unsigned char stream_block[16];
#endif #endif
aes_context ctx; mbedtls_aes_context ctx;
memset( key, 0, 32 ); memset( key, 0, 32 );
aes_init( &ctx ); mbedtls_aes_init( &ctx );
/* /*
* ECB mode * ECB mode
@ -1210,22 +1210,22 @@ int aes_self_test( int verbose )
v = i & 1; v = i & 1;
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( " AES-ECB-%3d (%s): ", 128 + u * 64, mbedtls_printf( " AES-ECB-%3d (%s): ", 128 + u * 64,
( v == AES_DECRYPT ) ? "dec" : "enc" ); ( v == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" );
memset( buf, 0, 16 ); memset( buf, 0, 16 );
if( v == AES_DECRYPT ) if( v == MBEDTLS_AES_DECRYPT )
{ {
aes_setkey_dec( &ctx, key, 128 + u * 64 ); mbedtls_aes_setkey_dec( &ctx, key, 128 + u * 64 );
for( j = 0; j < 10000; j++ ) for( j = 0; j < 10000; j++ )
aes_crypt_ecb( &ctx, v, buf, buf ); mbedtls_aes_crypt_ecb( &ctx, v, buf, buf );
if( memcmp( buf, aes_test_ecb_dec[u], 16 ) != 0 ) if( memcmp( buf, aes_test_ecb_dec[u], 16 ) != 0 )
{ {
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "failed\n" ); mbedtls_printf( "failed\n" );
ret = 1; ret = 1;
goto exit; goto exit;
@ -1233,15 +1233,15 @@ int aes_self_test( int verbose )
} }
else else
{ {
aes_setkey_enc( &ctx, key, 128 + u * 64 ); mbedtls_aes_setkey_enc( &ctx, key, 128 + u * 64 );
for( j = 0; j < 10000; j++ ) for( j = 0; j < 10000; j++ )
aes_crypt_ecb( &ctx, v, buf, buf ); mbedtls_aes_crypt_ecb( &ctx, v, buf, buf );
if( memcmp( buf, aes_test_ecb_enc[u], 16 ) != 0 ) if( memcmp( buf, aes_test_ecb_enc[u], 16 ) != 0 )
{ {
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "failed\n" ); mbedtls_printf( "failed\n" );
ret = 1; ret = 1;
goto exit; goto exit;
@ -1249,13 +1249,13 @@ int aes_self_test( int verbose )
} }
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "passed\n" ); mbedtls_printf( "passed\n" );
} }
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "\n" ); mbedtls_printf( "\n" );
#if defined(POLARSSL_CIPHER_MODE_CBC) #if defined(MBEDTLS_CIPHER_MODE_CBC)
/* /*
* CBC mode * CBC mode
*/ */
@ -1265,24 +1265,24 @@ int aes_self_test( int verbose )
v = i & 1; v = i & 1;
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( " AES-CBC-%3d (%s): ", 128 + u * 64, mbedtls_printf( " AES-CBC-%3d (%s): ", 128 + u * 64,
( v == AES_DECRYPT ) ? "dec" : "enc" ); ( v == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" );
memset( iv , 0, 16 ); memset( iv , 0, 16 );
memset( prv, 0, 16 ); memset( prv, 0, 16 );
memset( buf, 0, 16 ); memset( buf, 0, 16 );
if( v == AES_DECRYPT ) if( v == MBEDTLS_AES_DECRYPT )
{ {
aes_setkey_dec( &ctx, key, 128 + u * 64 ); mbedtls_aes_setkey_dec( &ctx, key, 128 + u * 64 );
for( j = 0; j < 10000; j++ ) for( j = 0; j < 10000; j++ )
aes_crypt_cbc( &ctx, v, 16, iv, buf, buf ); mbedtls_aes_crypt_cbc( &ctx, v, 16, iv, buf, buf );
if( memcmp( buf, aes_test_cbc_dec[u], 16 ) != 0 ) if( memcmp( buf, aes_test_cbc_dec[u], 16 ) != 0 )
{ {
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "failed\n" ); mbedtls_printf( "failed\n" );
ret = 1; ret = 1;
goto exit; goto exit;
@ -1290,13 +1290,13 @@ int aes_self_test( int verbose )
} }
else else
{ {
aes_setkey_enc( &ctx, key, 128 + u * 64 ); mbedtls_aes_setkey_enc( &ctx, key, 128 + u * 64 );
for( j = 0; j < 10000; j++ ) for( j = 0; j < 10000; j++ )
{ {
unsigned char tmp[16]; unsigned char tmp[16];
aes_crypt_cbc( &ctx, v, 16, iv, buf, buf ); mbedtls_aes_crypt_cbc( &ctx, v, 16, iv, buf, buf );
memcpy( tmp, prv, 16 ); memcpy( tmp, prv, 16 );
memcpy( prv, buf, 16 ); memcpy( prv, buf, 16 );
@ -1306,7 +1306,7 @@ int aes_self_test( int verbose )
if( memcmp( prv, aes_test_cbc_enc[u], 16 ) != 0 ) if( memcmp( prv, aes_test_cbc_enc[u], 16 ) != 0 )
{ {
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "failed\n" ); mbedtls_printf( "failed\n" );
ret = 1; ret = 1;
goto exit; goto exit;
@ -1314,14 +1314,14 @@ int aes_self_test( int verbose )
} }
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "passed\n" ); mbedtls_printf( "passed\n" );
} }
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "\n" ); mbedtls_printf( "\n" );
#endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(POLARSSL_CIPHER_MODE_CFB) #if defined(MBEDTLS_CIPHER_MODE_CFB)
/* /*
* CFB128 mode * CFB128 mode
*/ */
@ -1331,24 +1331,24 @@ int aes_self_test( int verbose )
v = i & 1; v = i & 1;
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( " AES-CFB128-%3d (%s): ", 128 + u * 64, mbedtls_printf( " AES-CFB128-%3d (%s): ", 128 + u * 64,
( v == AES_DECRYPT ) ? "dec" : "enc" ); ( v == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" );
memcpy( iv, aes_test_cfb128_iv, 16 ); memcpy( iv, aes_test_cfb128_iv, 16 );
memcpy( key, aes_test_cfb128_key[u], 16 + u * 8 ); memcpy( key, aes_test_cfb128_key[u], 16 + u * 8 );
offset = 0; offset = 0;
aes_setkey_enc( &ctx, key, 128 + u * 64 ); mbedtls_aes_setkey_enc( &ctx, key, 128 + u * 64 );
if( v == AES_DECRYPT ) if( v == MBEDTLS_AES_DECRYPT )
{ {
memcpy( buf, aes_test_cfb128_ct[u], 64 ); memcpy( buf, aes_test_cfb128_ct[u], 64 );
aes_crypt_cfb128( &ctx, v, 64, &offset, iv, buf, buf ); mbedtls_aes_crypt_cfb128( &ctx, v, 64, &offset, iv, buf, buf );
if( memcmp( buf, aes_test_cfb128_pt, 64 ) != 0 ) if( memcmp( buf, aes_test_cfb128_pt, 64 ) != 0 )
{ {
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "failed\n" ); mbedtls_printf( "failed\n" );
ret = 1; ret = 1;
goto exit; goto exit;
@ -1357,12 +1357,12 @@ int aes_self_test( int verbose )
else else
{ {
memcpy( buf, aes_test_cfb128_pt, 64 ); memcpy( buf, aes_test_cfb128_pt, 64 );
aes_crypt_cfb128( &ctx, v, 64, &offset, iv, buf, buf ); mbedtls_aes_crypt_cfb128( &ctx, v, 64, &offset, iv, buf, buf );
if( memcmp( buf, aes_test_cfb128_ct[u], 64 ) != 0 ) if( memcmp( buf, aes_test_cfb128_ct[u], 64 ) != 0 )
{ {
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "failed\n" ); mbedtls_printf( "failed\n" );
ret = 1; ret = 1;
goto exit; goto exit;
@ -1370,14 +1370,14 @@ int aes_self_test( int verbose )
} }
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "passed\n" ); mbedtls_printf( "passed\n" );
} }
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "\n" ); mbedtls_printf( "\n" );
#endif /* POLARSSL_CIPHER_MODE_CFB */ #endif /* MBEDTLS_CIPHER_MODE_CFB */
#if defined(POLARSSL_CIPHER_MODE_CTR) #if defined(MBEDTLS_CIPHER_MODE_CTR)
/* /*
* CTR mode * CTR mode
*/ */
@ -1387,27 +1387,27 @@ int aes_self_test( int verbose )
v = i & 1; v = i & 1;
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( " AES-CTR-128 (%s): ", mbedtls_printf( " AES-CTR-128 (%s): ",
( v == AES_DECRYPT ) ? "dec" : "enc" ); ( v == MBEDTLS_AES_DECRYPT ) ? "dec" : "enc" );
memcpy( nonce_counter, aes_test_ctr_nonce_counter[u], 16 ); memcpy( nonce_counter, aes_test_ctr_nonce_counter[u], 16 );
memcpy( key, aes_test_ctr_key[u], 16 ); memcpy( key, aes_test_ctr_key[u], 16 );
offset = 0; offset = 0;
aes_setkey_enc( &ctx, key, 128 ); mbedtls_aes_setkey_enc( &ctx, key, 128 );
if( v == AES_DECRYPT ) if( v == MBEDTLS_AES_DECRYPT )
{ {
len = aes_test_ctr_len[u]; len = aes_test_ctr_len[u];
memcpy( buf, aes_test_ctr_ct[u], len ); memcpy( buf, aes_test_ctr_ct[u], len );
aes_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block, mbedtls_aes_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block,
buf, buf ); buf, buf );
if( memcmp( buf, aes_test_ctr_pt[u], len ) != 0 ) if( memcmp( buf, aes_test_ctr_pt[u], len ) != 0 )
{ {
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "failed\n" ); mbedtls_printf( "failed\n" );
ret = 1; ret = 1;
goto exit; goto exit;
@ -1418,13 +1418,13 @@ int aes_self_test( int verbose )
len = aes_test_ctr_len[u]; len = aes_test_ctr_len[u];
memcpy( buf, aes_test_ctr_pt[u], len ); memcpy( buf, aes_test_ctr_pt[u], len );
aes_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block, mbedtls_aes_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block,
buf, buf ); buf, buf );
if( memcmp( buf, aes_test_ctr_ct[u], len ) != 0 ) if( memcmp( buf, aes_test_ctr_ct[u], len ) != 0 )
{ {
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "failed\n" ); mbedtls_printf( "failed\n" );
ret = 1; ret = 1;
goto exit; goto exit;
@ -1432,21 +1432,21 @@ int aes_self_test( int verbose )
} }
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "passed\n" ); mbedtls_printf( "passed\n" );
} }
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "\n" ); mbedtls_printf( "\n" );
#endif /* POLARSSL_CIPHER_MODE_CTR */ #endif /* MBEDTLS_CIPHER_MODE_CTR */
ret = 0; ret = 0;
exit: exit:
aes_free( &ctx ); mbedtls_aes_free( &ctx );
return( ret ); return( ret );
} }
#endif /* POLARSSL_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */
#endif /* POLARSSL_AES_C */ #endif /* MBEDTLS_AES_C */

26
library/aesni.c
View File

@ -25,24 +25,24 @@
* [CLMUL-WP] http://software.intel.com/en-us/articles/intel-carry-less-multiplication-instruction-and-its-usage-for-computing-the-gcm-mode/ * [CLMUL-WP] http://software.intel.com/en-us/articles/intel-carry-less-multiplication-instruction-and-its-usage-for-computing-the-gcm-mode/
*/ */
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h" #include "mbedtls/config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#if defined(POLARSSL_AESNI_C) #if defined(MBEDTLS_AESNI_C)
#include "mbedtls/aesni.h" #include "mbedtls/aesni.h"
#include <string.h> #include <string.h>
#if defined(POLARSSL_HAVE_X86_64) #if defined(MBEDTLS_HAVE_X86_64)
/* /*
* AES-NI support detection routine * AES-NI support detection routine
*/ */
int aesni_supports( unsigned int what ) int mbedtls_aesni_supports( unsigned int what )
{ {
static int done = 0; static int done = 0;
static unsigned int c = 0; static unsigned int c = 0;
@ -89,7 +89,7 @@ int aesni_supports( unsigned int what )
/* /*
* AES-NI AES-ECB block en(de)cryption * AES-NI AES-ECB block en(de)cryption
*/ */
int aesni_crypt_ecb( aes_context *ctx, int mbedtls_aesni_crypt_ecb( mbedtls_aes_context *ctx,
int mode, int mode,
const unsigned char input[16], const unsigned char input[16],
unsigned char output[16] ) unsigned char output[16] )
@ -135,7 +135,7 @@ int aesni_crypt_ecb( aes_context *ctx,
* GCM multiplication: c = a times b in GF(2^128) * GCM multiplication: c = a times b in GF(2^128)
* Based on [CLMUL-WP] algorithms 1 (with equation 27) and 5. * Based on [CLMUL-WP] algorithms 1 (with equation 27) and 5.
*/ */
void aesni_gcm_mult( unsigned char c[16], void mbedtls_aesni_gcm_mult( unsigned char c[16],
const unsigned char a[16], const unsigned char a[16],
const unsigned char b[16] ) const unsigned char b[16] )
{ {
@ -246,7 +246,7 @@ void aesni_gcm_mult( unsigned char c[16],
/* /*
* Compute decryption round keys from encryption round keys * Compute decryption round keys from encryption round keys
*/ */
void aesni_inverse_key( unsigned char *invkey, void mbedtls_aesni_inverse_key( unsigned char *invkey,
const unsigned char *fwdkey, int nr ) const unsigned char *fwdkey, int nr )
{ {
unsigned char *ik = invkey; unsigned char *ik = invkey;
@ -423,7 +423,7 @@ static void aesni_setkey_enc_256( unsigned char *rk,
/* /*
* Main "loop" - Generating one more key than necessary, * Main "loop" - Generating one more key than necessary,
* see definition of aes_context.buf * see definition of mbedtls_aes_context.buf
*/ */
"2: \n\t" "2: \n\t"
AESKEYGENA xmm1_xmm2 ",0x01 \n\tcall 1b \n\t" AESKEYGENA xmm1_xmm2 ",0x01 \n\tcall 1b \n\t"
@ -441,7 +441,7 @@ static void aesni_setkey_enc_256( unsigned char *rk,
/* /*
* Key expansion, wrapper * Key expansion, wrapper
*/ */
int aesni_setkey_enc( unsigned char *rk, int mbedtls_aesni_setkey_enc( unsigned char *rk,
const unsigned char *key, const unsigned char *key,
size_t bits ) size_t bits )
{ {
@ -450,12 +450,12 @@ int aesni_setkey_enc( unsigned char *rk,
case 128: aesni_setkey_enc_128( rk, key ); break; case 128: aesni_setkey_enc_128( rk, key ); break;
case 192: aesni_setkey_enc_192( rk, key ); break; case 192: aesni_setkey_enc_192( rk, key ); break;
case 256: aesni_setkey_enc_256( rk, key ); break; case 256: aesni_setkey_enc_256( rk, key ); break;
default : return( POLARSSL_ERR_AES_INVALID_KEY_LENGTH ); default : return( MBEDTLS_ERR_AES_INVALID_KEY_LENGTH );
} }
return( 0 ); return( 0 );
} }
#endif /* POLARSSL_HAVE_X86_64 */ #endif /* MBEDTLS_HAVE_X86_64 */
#endif /* POLARSSL_AESNI_C */ #endif /* MBEDTLS_AESNI_C */

60
library/arc4.c
View File

@ -25,51 +25,51 @@
* http://groups.google.com/group/sci.crypt/msg/10a300c9d21afca0 * http://groups.google.com/group/sci.crypt/msg/10a300c9d21afca0
*/ */
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h" #include "mbedtls/config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#if defined(POLARSSL_ARC4_C) #if defined(MBEDTLS_ARC4_C)
#include "mbedtls/arc4.h" #include "mbedtls/arc4.h"
#include <string.h> #include <string.h>
#if defined(POLARSSL_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
#if defined(POLARSSL_PLATFORM_C) #if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h" #include "mbedtls/platform.h"
#else #else
#include <stdio.h> #include <stdio.h>
#define polarssl_printf printf #define mbedtls_printf printf
#endif /* POLARSSL_PLATFORM_C */ #endif /* MBEDTLS_PLATFORM_C */
#endif /* POLARSSL_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */
#if !defined(POLARSSL_ARC4_ALT) #if !defined(MBEDTLS_ARC4_ALT)
/* Implementation that should never be optimized out by the compiler */ /* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) { static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0; volatile unsigned char *p = v; while( n-- ) *p++ = 0;
} }
void arc4_init( arc4_context *ctx ) void mbedtls_arc4_init( mbedtls_arc4_context *ctx )
{ {
memset( ctx, 0, sizeof( arc4_context ) ); memset( ctx, 0, sizeof( mbedtls_arc4_context ) );
} }
void arc4_free( arc4_context *ctx ) void mbedtls_arc4_free( mbedtls_arc4_context *ctx )
{ {
if( ctx == NULL ) if( ctx == NULL )
return; return;
polarssl_zeroize( ctx, sizeof( arc4_context ) ); mbedtls_zeroize( ctx, sizeof( mbedtls_arc4_context ) );
} }
/* /*
* ARC4 key schedule * ARC4 key schedule
*/ */
void arc4_setup( arc4_context *ctx, const unsigned char *key, void mbedtls_arc4_setup( mbedtls_arc4_context *ctx, const unsigned char *key,
unsigned int keylen ) unsigned int keylen )
{ {
int i, j, a; int i, j, a;
@ -99,7 +99,7 @@ void arc4_setup( arc4_context *ctx, const unsigned char *key,
/* /*
* ARC4 cipher function * ARC4 cipher function
*/ */
int arc4_crypt( arc4_context *ctx, size_t length, const unsigned char *input, int mbedtls_arc4_crypt( mbedtls_arc4_context *ctx, size_t length, const unsigned char *input,
unsigned char *output ) unsigned char *output )
{ {
int x, y, a, b; int x, y, a, b;
@ -128,9 +128,9 @@ int arc4_crypt( arc4_context *ctx, size_t length, const unsigned char *input,
return( 0 ); return( 0 );
} }
#endif /* !POLARSSL_ARC4_ALT */ #endif /* !MBEDTLS_ARC4_ALT */
#if defined(POLARSSL_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
/* /*
* ARC4 tests vectors as posted by Eric Rescorla in sep. 1994: * ARC4 tests vectors as posted by Eric Rescorla in sep. 1994:
* *
@ -160,47 +160,47 @@ static const unsigned char arc4_test_ct[3][8] =
/* /*
* Checkup routine * Checkup routine
*/ */
int arc4_self_test( int verbose ) int mbedtls_arc4_self_test( int verbose )
{ {
int i, ret = 0; int i, ret = 0;
unsigned char ibuf[8]; unsigned char ibuf[8];
unsigned char obuf[8]; unsigned char obuf[8];
arc4_context ctx; mbedtls_arc4_context ctx;
arc4_init( &ctx ); mbedtls_arc4_init( &ctx );
for( i = 0; i < 3; i++ ) for( i = 0; i < 3; i++ )
{ {
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( " ARC4 test #%d: ", i + 1 ); mbedtls_printf( " ARC4 test #%d: ", i + 1 );
memcpy( ibuf, arc4_test_pt[i], 8 ); memcpy( ibuf, arc4_test_pt[i], 8 );
arc4_setup( &ctx, arc4_test_key[i], 8 ); mbedtls_arc4_setup( &ctx, arc4_test_key[i], 8 );
arc4_crypt( &ctx, 8, ibuf, obuf ); mbedtls_arc4_crypt( &ctx, 8, ibuf, obuf );
if( memcmp( obuf, arc4_test_ct[i], 8 ) != 0 ) if( memcmp( obuf, arc4_test_ct[i], 8 ) != 0 )
{ {
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "failed\n" ); mbedtls_printf( "failed\n" );
ret = 1; ret = 1;
goto exit; goto exit;
} }
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "passed\n" ); mbedtls_printf( "passed\n" );
} }
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "\n" ); mbedtls_printf( "\n" );
exit: exit:
arc4_free( &ctx ); mbedtls_arc4_free( &ctx );
return( ret ); return( ret );
} }
#endif /* POLARSSL_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */
#endif /* POLARSSL_ARC4_C */ #endif /* MBEDTLS_ARC4_C */

156
library/asn1parse.c
View File

@ -20,44 +20,44 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h" #include "mbedtls/config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#if defined(POLARSSL_ASN1_PARSE_C) #if defined(MBEDTLS_ASN1_PARSE_C)
#include "mbedtls/asn1.h" #include "mbedtls/asn1.h"
#include <string.h> #include <string.h>
#if defined(POLARSSL_BIGNUM_C) #if defined(MBEDTLS_BIGNUM_C)
#include "mbedtls/bignum.h" #include "mbedtls/bignum.h"
#endif #endif
#if defined(POLARSSL_PLATFORM_C) #if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h" #include "mbedtls/platform.h"
#else #else
#include <stdlib.h> #include <stdlib.h>
#define polarssl_malloc malloc #define mbedtls_malloc malloc
#define polarssl_free free #define mbedtls_free free
#endif #endif
/* Implementation that should never be optimized out by the compiler */ /* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) { static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0; volatile unsigned char *p = v; while( n-- ) *p++ = 0;
} }
/* /*
* ASN.1 DER decoding routines * ASN.1 DER decoding routines
*/ */
int asn1_get_len( unsigned char **p, int mbedtls_asn1_get_len( unsigned char **p,
const unsigned char *end, const unsigned char *end,
size_t *len ) size_t *len )
{ {
if( ( end - *p ) < 1 ) if( ( end - *p ) < 1 )
return( POLARSSL_ERR_ASN1_OUT_OF_DATA ); return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
if( ( **p & 0x80 ) == 0 ) if( ( **p & 0x80 ) == 0 )
*len = *(*p)++; *len = *(*p)++;
@ -67,7 +67,7 @@ int asn1_get_len( unsigned char **p,
{ {
case 1: case 1:
if( ( end - *p ) < 2 ) if( ( end - *p ) < 2 )
return( POLARSSL_ERR_ASN1_OUT_OF_DATA ); return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
*len = (*p)[1]; *len = (*p)[1];
(*p) += 2; (*p) += 2;
@ -75,7 +75,7 @@ int asn1_get_len( unsigned char **p,
case 2: case 2:
if( ( end - *p ) < 3 ) if( ( end - *p ) < 3 )
return( POLARSSL_ERR_ASN1_OUT_OF_DATA ); return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
*len = ( (size_t)(*p)[1] << 8 ) | (*p)[2]; *len = ( (size_t)(*p)[1] << 8 ) | (*p)[2];
(*p) += 3; (*p) += 3;
@ -83,7 +83,7 @@ int asn1_get_len( unsigned char **p,
case 3: case 3:
if( ( end - *p ) < 4 ) if( ( end - *p ) < 4 )
return( POLARSSL_ERR_ASN1_OUT_OF_DATA ); return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
*len = ( (size_t)(*p)[1] << 16 ) | *len = ( (size_t)(*p)[1] << 16 ) |
( (size_t)(*p)[2] << 8 ) | (*p)[3]; ( (size_t)(*p)[2] << 8 ) | (*p)[3];
@ -92,7 +92,7 @@ int asn1_get_len( unsigned char **p,
case 4: case 4:
if( ( end - *p ) < 5 ) if( ( end - *p ) < 5 )
return( POLARSSL_ERR_ASN1_OUT_OF_DATA ); return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
*len = ( (size_t)(*p)[1] << 24 ) | ( (size_t)(*p)[2] << 16 ) | *len = ( (size_t)(*p)[1] << 24 ) | ( (size_t)(*p)[2] << 16 ) |
( (size_t)(*p)[3] << 8 ) | (*p)[4]; ( (size_t)(*p)[3] << 8 ) | (*p)[4];
@ -100,43 +100,43 @@ int asn1_get_len( unsigned char **p,
break; break;
default: default:
return( POLARSSL_ERR_ASN1_INVALID_LENGTH ); return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
} }
} }
if( *len > (size_t) ( end - *p ) ) if( *len > (size_t) ( end - *p ) )
return( POLARSSL_ERR_ASN1_OUT_OF_DATA ); return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
return( 0 ); return( 0 );
} }
int asn1_get_tag( unsigned char **p, int mbedtls_asn1_get_tag( unsigned char **p,
const unsigned char *end, const unsigned char *end,
size_t *len, int tag ) size_t *len, int tag )
{ {
if( ( end - *p ) < 1 ) if( ( end - *p ) < 1 )
return( POLARSSL_ERR_ASN1_OUT_OF_DATA ); return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
if( **p != tag ) if( **p != tag )
return( POLARSSL_ERR_ASN1_UNEXPECTED_TAG ); return( MBEDTLS_ERR_ASN1_UNEXPECTED_TAG );
(*p)++; (*p)++;
return( asn1_get_len( p, end, len ) ); return( mbedtls_asn1_get_len( p, end, len ) );
} }
int asn1_get_bool( unsigned char **p, int mbedtls_asn1_get_bool( unsigned char **p,
const unsigned char *end, const unsigned char *end,
int *val ) int *val )
{ {
int ret; int ret;
size_t len; size_t len;
if( ( ret = asn1_get_tag( p, end, &len, ASN1_BOOLEAN ) ) != 0 ) if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_BOOLEAN ) ) != 0 )
return( ret ); return( ret );
if( len != 1 ) if( len != 1 )
return( POLARSSL_ERR_ASN1_INVALID_LENGTH ); return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
*val = ( **p != 0 ) ? 1 : 0; *val = ( **p != 0 ) ? 1 : 0;
(*p)++; (*p)++;
@ -144,18 +144,18 @@ int asn1_get_bool( unsigned char **p,
return( 0 ); return( 0 );
} }
int asn1_get_int( unsigned char **p, int mbedtls_asn1_get_int( unsigned char **p,
const unsigned char *end, const unsigned char *end,
int *val ) int *val )
{ {
int ret; int ret;
size_t len; size_t len;
if( ( ret = asn1_get_tag( p, end, &len, ASN1_INTEGER ) ) != 0 ) if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_INTEGER ) ) != 0 )
return( ret ); return( ret );
if( len > sizeof( int ) || ( **p & 0x80 ) != 0 ) if( len > sizeof( int ) || ( **p & 0x80 ) != 0 )
return( POLARSSL_ERR_ASN1_INVALID_LENGTH ); return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
*val = 0; *val = 0;
@ -168,43 +168,43 @@ int asn1_get_int( unsigned char **p,
return( 0 ); return( 0 );
} }
#if defined(POLARSSL_BIGNUM_C) #if defined(MBEDTLS_BIGNUM_C)
int asn1_get_mpi( unsigned char **p, int mbedtls_asn1_get_mpi( unsigned char **p,
const unsigned char *end, const unsigned char *end,
mpi *X ) mbedtls_mpi *X )
{ {
int ret; int ret;
size_t len; size_t len;
if( ( ret = asn1_get_tag( p, end, &len, ASN1_INTEGER ) ) != 0 ) if( ( ret = mbedtls_asn1_get_tag( p, end, &len, MBEDTLS_ASN1_INTEGER ) ) != 0 )
return( ret ); return( ret );
ret = mpi_read_binary( X, *p, len ); ret = mbedtls_mpi_read_binary( X, *p, len );
*p += len; *p += len;
return( ret ); return( ret );
} }
#endif /* POLARSSL_BIGNUM_C */ #endif /* MBEDTLS_BIGNUM_C */
int asn1_get_bitstring( unsigned char **p, const unsigned char *end, int mbedtls_asn1_get_bitstring( unsigned char **p, const unsigned char *end,
asn1_bitstring *bs) mbedtls_asn1_bitstring *bs)
{ {
int ret; int ret;
/* Certificate type is a single byte bitstring */ /* Certificate type is a single byte bitstring */
if( ( ret = asn1_get_tag( p, end, &bs->len, ASN1_BIT_STRING ) ) != 0 ) if( ( ret = mbedtls_asn1_get_tag( p, end, &bs->len, MBEDTLS_ASN1_BIT_STRING ) ) != 0 )
return( ret ); return( ret );
/* Check length, subtract one for actual bit string length */ /* Check length, subtract one for actual bit string length */
if( bs->len < 1 ) if( bs->len < 1 )
return( POLARSSL_ERR_ASN1_OUT_OF_DATA ); return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
bs->len -= 1; bs->len -= 1;
/* Get number of unused bits, ensure unused bits <= 7 */ /* Get number of unused bits, ensure unused bits <= 7 */
bs->unused_bits = **p; bs->unused_bits = **p;
if( bs->unused_bits > 7 ) if( bs->unused_bits > 7 )
return( POLARSSL_ERR_ASN1_INVALID_LENGTH ); return( MBEDTLS_ERR_ASN1_INVALID_LENGTH );
(*p)++; (*p)++;
/* Get actual bitstring */ /* Get actual bitstring */
@ -212,7 +212,7 @@ int asn1_get_bitstring( unsigned char **p, const unsigned char *end,
*p += bs->len; *p += bs->len;
if( *p != end ) if( *p != end )
return( POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
return( 0 ); return( 0 );
} }
@ -220,16 +220,16 @@ int asn1_get_bitstring( unsigned char **p, const unsigned char *end,
/* /*
* Get a bit string without unused bits * Get a bit string without unused bits
*/ */
int asn1_get_bitstring_null( unsigned char **p, const unsigned char *end, int mbedtls_asn1_get_bitstring_null( unsigned char **p, const unsigned char *end,
size_t *len ) size_t *len )
{ {
int ret; int ret;
if( ( ret = asn1_get_tag( p, end, len, ASN1_BIT_STRING ) ) != 0 ) if( ( ret = mbedtls_asn1_get_tag( p, end, len, MBEDTLS_ASN1_BIT_STRING ) ) != 0 )
return( ret ); return( ret );
if( (*len)-- < 2 || *(*p)++ != 0 ) if( (*len)-- < 2 || *(*p)++ != 0 )
return( POLARSSL_ERR_ASN1_INVALID_DATA ); return( MBEDTLS_ERR_ASN1_INVALID_DATA );
return( 0 ); return( 0 );
} }
@ -239,29 +239,29 @@ int asn1_get_bitstring_null( unsigned char **p, const unsigned char *end,
/* /*
* Parses and splits an ASN.1 "SEQUENCE OF <tag>" * Parses and splits an ASN.1 "SEQUENCE OF <tag>"
*/ */
int asn1_get_sequence_of( unsigned char **p, int mbedtls_asn1_get_sequence_of( unsigned char **p,
const unsigned char *end, const unsigned char *end,
asn1_sequence *cur, mbedtls_asn1_sequence *cur,
int tag) int tag)
{ {
int ret; int ret;
size_t len; size_t len;
asn1_buf *buf; mbedtls_asn1_buf *buf;
/* Get main sequence tag */ /* Get main sequence tag */
if( ( ret = asn1_get_tag( p, end, &len, if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
return( ret ); return( ret );
if( *p + len != end ) if( *p + len != end )
return( POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
while( *p < end ) while( *p < end )
{ {
buf = &(cur->buf); buf = &(cur->buf);
buf->tag = **p; buf->tag = **p;
if( ( ret = asn1_get_tag( p, end, &buf->len, tag ) ) != 0 ) if( ( ret = mbedtls_asn1_get_tag( p, end, &buf->len, tag ) ) != 0 )
return( ret ); return( ret );
buf->p = *p; buf->p = *p;
@ -270,12 +270,12 @@ int asn1_get_sequence_of( unsigned char **p,
/* Allocate and assign next pointer */ /* Allocate and assign next pointer */
if( *p < end ) if( *p < end )
{ {
cur->next = polarssl_malloc( sizeof( asn1_sequence ) ); cur->next = mbedtls_malloc( sizeof( mbedtls_asn1_sequence ) );
if( cur->next == NULL ) if( cur->next == NULL )
return( POLARSSL_ERR_ASN1_MALLOC_FAILED ); return( MBEDTLS_ERR_ASN1_MALLOC_FAILED );
memset( cur->next, 0, sizeof( asn1_sequence ) ); memset( cur->next, 0, sizeof( mbedtls_asn1_sequence ) );
cur = cur->next; cur = cur->next;
} }
@ -285,29 +285,29 @@ int asn1_get_sequence_of( unsigned char **p,
cur->next = NULL; cur->next = NULL;
if( *p != end ) if( *p != end )
return( POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
return( 0 ); return( 0 );
} }
int asn1_get_alg( unsigned char **p, int mbedtls_asn1_get_alg( unsigned char **p,
const unsigned char *end, const unsigned char *end,
asn1_buf *alg, asn1_buf *params ) mbedtls_asn1_buf *alg, mbedtls_asn1_buf *params )
{ {
int ret; int ret;
size_t len; size_t len;
if( ( ret = asn1_get_tag( p, end, &len, if( ( ret = mbedtls_asn1_get_tag( p, end, &len,
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
return( ret ); return( ret );
if( ( end - *p ) < 1 ) if( ( end - *p ) < 1 )
return( POLARSSL_ERR_ASN1_OUT_OF_DATA ); return( MBEDTLS_ERR_ASN1_OUT_OF_DATA );
alg->tag = **p; alg->tag = **p;
end = *p + len; end = *p + len;
if( ( ret = asn1_get_tag( p, end, &alg->len, ASN1_OID ) ) != 0 ) if( ( ret = mbedtls_asn1_get_tag( p, end, &alg->len, MBEDTLS_ASN1_OID ) ) != 0 )
return( ret ); return( ret );
alg->p = *p; alg->p = *p;
@ -315,67 +315,67 @@ int asn1_get_alg( unsigned char **p,
if( *p == end ) if( *p == end )
{ {
polarssl_zeroize( params, sizeof(asn1_buf) ); mbedtls_zeroize( params, sizeof(mbedtls_asn1_buf) );
return( 0 ); return( 0 );
} }
params->tag = **p; params->tag = **p;
(*p)++; (*p)++;
if( ( ret = asn1_get_len( p, end, &params->len ) ) != 0 ) if( ( ret = mbedtls_asn1_get_len( p, end, &params->len ) ) != 0 )
return( ret ); return( ret );
params->p = *p; params->p = *p;
*p += params->len; *p += params->len;
if( *p != end ) if( *p != end )
return( POLARSSL_ERR_ASN1_LENGTH_MISMATCH ); return( MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
return( 0 ); return( 0 );
} }
int asn1_get_alg_null( unsigned char **p, int mbedtls_asn1_get_alg_null( unsigned char **p,
const unsigned char *end, const unsigned char *end,
asn1_buf *alg ) mbedtls_asn1_buf *alg )
{ {
int ret; int ret;
asn1_buf params; mbedtls_asn1_buf params;
memset( &params, 0, sizeof(asn1_buf) ); memset( &params, 0, sizeof(mbedtls_asn1_buf) );
if( ( ret = asn1_get_alg( p, end, alg, &params ) ) != 0 ) if( ( ret = mbedtls_asn1_get_alg( p, end, alg, &params ) ) != 0 )
return( ret ); return( ret );
if( ( params.tag != ASN1_NULL && params.tag != 0 ) || params.len != 0 ) if( ( params.tag != MBEDTLS_ASN1_NULL && params.tag != 0 ) || params.len != 0 )
return( POLARSSL_ERR_ASN1_INVALID_DATA ); return( MBEDTLS_ERR_ASN1_INVALID_DATA );
return( 0 ); return( 0 );
} }
void asn1_free_named_data( asn1_named_data *cur ) void mbedtls_asn1_free_named_data( mbedtls_asn1_named_data *cur )
{ {
if( cur == NULL ) if( cur == NULL )
return; return;
polarssl_free( cur->oid.p ); mbedtls_free( cur->oid.p );
polarssl_free( cur->val.p ); mbedtls_free( cur->val.p );
polarssl_zeroize( cur, sizeof( asn1_named_data ) ); mbedtls_zeroize( cur, sizeof( mbedtls_asn1_named_data ) );
} }
void asn1_free_named_data_list( asn1_named_data **head ) void mbedtls_asn1_free_named_data_list( mbedtls_asn1_named_data **head )
{ {
asn1_named_data *cur; mbedtls_asn1_named_data *cur;
while( ( cur = *head ) != NULL ) while( ( cur = *head ) != NULL )
{ {
*head = cur->next; *head = cur->next;
asn1_free_named_data( cur ); mbedtls_asn1_free_named_data( cur );
polarssl_free( cur ); mbedtls_free( cur );
} }
} }
asn1_named_data *asn1_find_named_data( asn1_named_data *list, mbedtls_asn1_named_data *mbedtls_asn1_find_named_data( mbedtls_asn1_named_data *list,
const char *oid, size_t len ) const char *oid, size_t len )
{ {
while( list != NULL ) while( list != NULL )
@ -392,4 +392,4 @@ asn1_named_data *asn1_find_named_data( asn1_named_data *list,
return( list ); return( list );
} }
#endif /* POLARSSL_ASN1_PARSE_C */ #endif /* MBEDTLS_ASN1_PARSE_C */

152
library/asn1write.c
View File

@ -20,32 +20,32 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h" #include "mbedtls/config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#if defined(POLARSSL_ASN1_WRITE_C) #if defined(MBEDTLS_ASN1_WRITE_C)
#include "mbedtls/asn1write.h" #include "mbedtls/asn1write.h"
#include <string.h> #include <string.h>
#if defined(POLARSSL_PLATFORM_C) #if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h" #include "mbedtls/platform.h"
#else #else
#include <stdlib.h> #include <stdlib.h>
#define polarssl_malloc malloc #define mbedtls_malloc malloc
#define polarssl_free free #define mbedtls_free free
#endif #endif
int asn1_write_len( unsigned char **p, unsigned char *start, size_t len ) int mbedtls_asn1_write_len( unsigned char **p, unsigned char *start, size_t len )
{ {
if( len < 0x80 ) if( len < 0x80 )
{ {
if( *p - start < 1 ) if( *p - start < 1 )
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL ); return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
*--(*p) = (unsigned char) len; *--(*p) = (unsigned char) len;
return( 1 ); return( 1 );
@ -54,7 +54,7 @@ int asn1_write_len( unsigned char **p, unsigned char *start, size_t len )
if( len <= 0xFF ) if( len <= 0xFF )
{ {
if( *p - start < 2 ) if( *p - start < 2 )
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL ); return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
*--(*p) = (unsigned char) len; *--(*p) = (unsigned char) len;
*--(*p) = 0x81; *--(*p) = 0x81;
@ -62,7 +62,7 @@ int asn1_write_len( unsigned char **p, unsigned char *start, size_t len )
} }
if( *p - start < 3 ) if( *p - start < 3 )
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL ); return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
// We assume we never have lengths larger than 65535 bytes // We assume we never have lengths larger than 65535 bytes
// //
@ -73,23 +73,23 @@ int asn1_write_len( unsigned char **p, unsigned char *start, size_t len )
return( 3 ); return( 3 );
} }
int asn1_write_tag( unsigned char **p, unsigned char *start, unsigned char tag ) int mbedtls_asn1_write_tag( unsigned char **p, unsigned char *start, unsigned char tag )
{ {
if( *p - start < 1 ) if( *p - start < 1 )
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL ); return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
*--(*p) = tag; *--(*p) = tag;
return( 1 ); return( 1 );
} }
int asn1_write_raw_buffer( unsigned char **p, unsigned char *start, int mbedtls_asn1_write_raw_buffer( unsigned char **p, unsigned char *start,
const unsigned char *buf, size_t size ) const unsigned char *buf, size_t size )
{ {
size_t len = 0; size_t len = 0;
if( *p - start < (int) size ) if( *p - start < (int) size )
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL ); return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
len = size; len = size;
(*p) -= len; (*p) -= len;
@ -98,21 +98,21 @@ int asn1_write_raw_buffer( unsigned char **p, unsigned char *start,
return( (int) len ); return( (int) len );
} }
#if defined(POLARSSL_BIGNUM_C) #if defined(MBEDTLS_BIGNUM_C)
int asn1_write_mpi( unsigned char **p, unsigned char *start, const mpi *X ) int mbedtls_asn1_write_mpi( unsigned char **p, unsigned char *start, const mbedtls_mpi *X )
{ {
int ret; int ret;
size_t len = 0; size_t len = 0;
// Write the MPI // Write the MPI
// //
len = mpi_size( X ); len = mbedtls_mpi_size( X );
if( *p - start < (int) len ) if( *p - start < (int) len )
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL ); return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
(*p) -= len; (*p) -= len;
MPI_CHK( mpi_write_binary( X, *p, len ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( X, *p, len ) );
// DER format assumes 2s complement for numbers, so the leftmost bit // DER format assumes 2s complement for numbers, so the leftmost bit
// should be 0 for positive numbers and 1 for negative numbers. // should be 0 for positive numbers and 1 for negative numbers.
@ -120,50 +120,50 @@ int asn1_write_mpi( unsigned char **p, unsigned char *start, const mpi *X )
if( X->s ==1 && **p & 0x80 ) if( X->s ==1 && **p & 0x80 )
{ {
if( *p - start < 1 ) if( *p - start < 1 )
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL ); return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
*--(*p) = 0x00; *--(*p) = 0x00;
len += 1; len += 1;
} }
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) ); MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_INTEGER ) ); MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_INTEGER ) );
ret = (int) len; ret = (int) len;
cleanup: cleanup:
return( ret ); return( ret );
} }
#endif /* POLARSSL_BIGNUM_C */ #endif /* MBEDTLS_BIGNUM_C */
int asn1_write_null( unsigned char **p, unsigned char *start ) int mbedtls_asn1_write_null( unsigned char **p, unsigned char *start )
{ {
int ret; int ret;
size_t len = 0; size_t len = 0;
// Write NULL // Write NULL
// //
ASN1_CHK_ADD( len, asn1_write_len( p, start, 0) ); MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, 0) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_NULL ) ); MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_NULL ) );
return( (int) len ); return( (int) len );
} }
int asn1_write_oid( unsigned char **p, unsigned char *start, int mbedtls_asn1_write_oid( unsigned char **p, unsigned char *start,
const char *oid, size_t oid_len ) const char *oid, size_t oid_len )
{ {
int ret; int ret;
size_t len = 0; size_t len = 0;
ASN1_CHK_ADD( len, asn1_write_raw_buffer( p, start, MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start,
(const unsigned char *) oid, oid_len ) ); (const unsigned char *) oid, oid_len ) );
ASN1_CHK_ADD( len , asn1_write_len( p, start, len ) ); MBEDTLS_ASN1_CHK_ADD( len , mbedtls_asn1_write_len( p, start, len ) );
ASN1_CHK_ADD( len , asn1_write_tag( p, start, ASN1_OID ) ); MBEDTLS_ASN1_CHK_ADD( len , mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_OID ) );
return( (int) len ); return( (int) len );
} }
int asn1_write_algorithm_identifier( unsigned char **p, unsigned char *start, int mbedtls_asn1_write_algorithm_identifier( unsigned char **p, unsigned char *start,
const char *oid, size_t oid_len, const char *oid, size_t oid_len,
size_t par_len ) size_t par_len )
{ {
@ -171,37 +171,37 @@ int asn1_write_algorithm_identifier( unsigned char **p, unsigned char *start,
size_t len = 0; size_t len = 0;
if( par_len == 0 ) if( par_len == 0 )
ASN1_CHK_ADD( len, asn1_write_null( p, start ) ); MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_null( p, start ) );
else else
len += par_len; len += par_len;
ASN1_CHK_ADD( len, asn1_write_oid( p, start, oid, oid_len ) ); MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_oid( p, start, oid, oid_len ) );
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) ); MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start, MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start,
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ); MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) );
return( (int) len ); return( (int) len );
} }
int asn1_write_bool( unsigned char **p, unsigned char *start, int boolean ) int mbedtls_asn1_write_bool( unsigned char **p, unsigned char *start, int boolean )
{ {
int ret; int ret;
size_t len = 0; size_t len = 0;
if( *p - start < 1 ) if( *p - start < 1 )
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL ); return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
*--(*p) = (boolean) ? 1 : 0; *--(*p) = (boolean) ? 1 : 0;
len++; len++;
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) ); MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_BOOLEAN ) ); MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_BOOLEAN ) );
return( (int) len ); return( (int) len );
} }
int asn1_write_int( unsigned char **p, unsigned char *start, int val ) int mbedtls_asn1_write_int( unsigned char **p, unsigned char *start, int val )
{ {
int ret; int ret;
size_t len = 0; size_t len = 0;
@ -211,7 +211,7 @@ int asn1_write_int( unsigned char **p, unsigned char *start, int val )
// should be 0 for positive numbers and 1 for negative numbers. // should be 0 for positive numbers and 1 for negative numbers.
// //
if( *p - start < 1 ) if( *p - start < 1 )
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL ); return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
len += 1; len += 1;
*--(*p) = val; *--(*p) = val;
@ -219,49 +219,49 @@ int asn1_write_int( unsigned char **p, unsigned char *start, int val )
if( val > 0 && **p & 0x80 ) if( val > 0 && **p & 0x80 )
{ {
if( *p - start < 1 ) if( *p - start < 1 )
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL ); return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
*--(*p) = 0x00; *--(*p) = 0x00;
len += 1; len += 1;
} }
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) ); MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_INTEGER ) ); MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_INTEGER ) );
return( (int) len ); return( (int) len );
} }
int asn1_write_printable_string( unsigned char **p, unsigned char *start, int mbedtls_asn1_write_printable_string( unsigned char **p, unsigned char *start,
const char *text, size_t text_len ) const char *text, size_t text_len )
{ {
int ret; int ret;
size_t len = 0; size_t len = 0;
ASN1_CHK_ADD( len, asn1_write_raw_buffer( p, start, MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start,
(const unsigned char *) text, text_len ) ); (const unsigned char *) text, text_len ) );
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) ); MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_PRINTABLE_STRING ) ); MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_PRINTABLE_STRING ) );
return( (int) len ); return( (int) len );
} }
int asn1_write_ia5_string( unsigned char **p, unsigned char *start, int mbedtls_asn1_write_ia5_string( unsigned char **p, unsigned char *start,
const char *text, size_t text_len ) const char *text, size_t text_len )
{ {
int ret; int ret;
size_t len = 0; size_t len = 0;
ASN1_CHK_ADD( len, asn1_write_raw_buffer( p, start, MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start,
(const unsigned char *) text, text_len ) ); (const unsigned char *) text, text_len ) );
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) ); MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_IA5_STRING ) ); MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_IA5_STRING ) );
return( (int) len ); return( (int) len );
} }
int asn1_write_bitstring( unsigned char **p, unsigned char *start, int mbedtls_asn1_write_bitstring( unsigned char **p, unsigned char *start,
const unsigned char *buf, size_t bits ) const unsigned char *buf, size_t bits )
{ {
int ret; int ret;
@ -272,7 +272,7 @@ int asn1_write_bitstring( unsigned char **p, unsigned char *start,
// Calculate byte length // Calculate byte length
// //
if( *p - start < (int) size + 1 ) if( *p - start < (int) size + 1 )
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL ); return( MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
len = size + 1; len = size + 1;
(*p) -= size; (*p) -= size;
@ -282,58 +282,58 @@ int asn1_write_bitstring( unsigned char **p, unsigned char *start,
// //
*--(*p) = (unsigned char) (size * 8 - bits); *--(*p) = (unsigned char) (size * 8 - bits);
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) ); MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_BIT_STRING ) ); MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_BIT_STRING ) );
return( (int) len ); return( (int) len );
} }
int asn1_write_octet_string( unsigned char **p, unsigned char *start, int mbedtls_asn1_write_octet_string( unsigned char **p, unsigned char *start,
const unsigned char *buf, size_t size ) const unsigned char *buf, size_t size )
{ {
int ret; int ret;
size_t len = 0; size_t len = 0;
ASN1_CHK_ADD( len, asn1_write_raw_buffer( p, start, buf, size ) ); MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_raw_buffer( p, start, buf, size ) );
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) ); MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( p, start, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_OCTET_STRING ) ); MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( p, start, MBEDTLS_ASN1_OCTET_STRING ) );
return( (int) len ); return( (int) len );
} }
asn1_named_data *asn1_store_named_data( asn1_named_data **head, mbedtls_asn1_named_data *mbedtls_asn1_store_named_data( mbedtls_asn1_named_data **head,
const char *oid, size_t oid_len, const char *oid, size_t oid_len,
const unsigned char *val, const unsigned char *val,
size_t val_len ) size_t val_len )
{ {
asn1_named_data *cur; mbedtls_asn1_named_data *cur;
if( ( cur = asn1_find_named_data( *head, oid, oid_len ) ) == NULL ) if( ( cur = mbedtls_asn1_find_named_data( *head, oid, oid_len ) ) == NULL )
{ {
// Add new entry if not present yet based on OID // Add new entry if not present yet based on OID
// //
if( ( cur = polarssl_malloc( sizeof(asn1_named_data) ) ) == NULL ) if( ( cur = mbedtls_malloc( sizeof(mbedtls_asn1_named_data) ) ) == NULL )
return( NULL ); return( NULL );
memset( cur, 0, sizeof(asn1_named_data) ); memset( cur, 0, sizeof(mbedtls_asn1_named_data) );
cur->oid.len = oid_len; cur->oid.len = oid_len;
cur->oid.p = polarssl_malloc( oid_len ); cur->oid.p = mbedtls_malloc( oid_len );
if( cur->oid.p == NULL ) if( cur->oid.p == NULL )
{ {
polarssl_free( cur ); mbedtls_free( cur );
return( NULL ); return( NULL );
} }
memcpy( cur->oid.p, oid, oid_len ); memcpy( cur->oid.p, oid, oid_len );
cur->val.len = val_len; cur->val.len = val_len;
cur->val.p = polarssl_malloc( val_len ); cur->val.p = mbedtls_malloc( val_len );
if( cur->val.p == NULL ) if( cur->val.p == NULL )
{ {
polarssl_free( cur->oid.p ); mbedtls_free( cur->oid.p );
polarssl_free( cur ); mbedtls_free( cur );
return( NULL ); return( NULL );
} }
@ -344,15 +344,15 @@ asn1_named_data *asn1_store_named_data( asn1_named_data **head,
{ {
// Enlarge existing value buffer if needed // Enlarge existing value buffer if needed
// //
polarssl_free( cur->val.p ); mbedtls_free( cur->val.p );
cur->val.p = NULL; cur->val.p = NULL;
cur->val.len = val_len; cur->val.len = val_len;
cur->val.p = polarssl_malloc( val_len ); cur->val.p = mbedtls_malloc( val_len );
if( cur->val.p == NULL ) if( cur->val.p == NULL )
{ {
polarssl_free( cur->oid.p ); mbedtls_free( cur->oid.p );
polarssl_free( cur ); mbedtls_free( cur );
return( NULL ); return( NULL );
} }
} }
@ -362,4 +362,4 @@ asn1_named_data *asn1_store_named_data( asn1_named_data **head,
return( cur ); return( cur );
} }
#endif /* POLARSSL_ASN1_WRITE_C */ #endif /* MBEDTLS_ASN1_WRITE_C */

54
library/base64.c
View File

@ -20,13 +20,13 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h" #include "mbedtls/config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#if defined(POLARSSL_BASE64_C) #if defined(MBEDTLS_BASE64_C)
#include "mbedtls/base64.h" #include "mbedtls/base64.h"
@ -37,15 +37,15 @@ typedef UINT32 uint32_t;
#include <inttypes.h> #include <inttypes.h>
#endif #endif
#if defined(POLARSSL_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
#include <string.h> #include <string.h>
#if defined(POLARSSL_PLATFORM_C) #if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h" #include "mbedtls/platform.h"
#else #else
#include <stdio.h> #include <stdio.h>
#define polarssl_printf printf #define mbedtls_printf printf
#endif /* POLARSSL_PLATFORM_C */ #endif /* MBEDTLS_PLATFORM_C */
#endif /* POLARSSL_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */
static const unsigned char base64_enc_map[64] = static const unsigned char base64_enc_map[64] =
{ {
@ -78,7 +78,7 @@ static const unsigned char base64_dec_map[128] =
/* /*
* Encode a buffer into base64 format * Encode a buffer into base64 format
*/ */
int base64_encode( unsigned char *dst, size_t *dlen, int mbedtls_base64_encode( unsigned char *dst, size_t *dlen,
const unsigned char *src, size_t slen ) const unsigned char *src, size_t slen )
{ {
size_t i, n; size_t i, n;
@ -103,7 +103,7 @@ int base64_encode( unsigned char *dst, size_t *dlen,
if( *dlen < n + 1 ) if( *dlen < n + 1 )
{ {
*dlen = n + 1; *dlen = n + 1;
return( POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL ); return( MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL );
} }
n = ( slen / 3 ) * 3; n = ( slen / 3 ) * 3;
@ -144,7 +144,7 @@ int base64_encode( unsigned char *dst, size_t *dlen,
/* /*
* Decode a base64-formatted buffer * Decode a base64-formatted buffer
*/ */
int base64_decode( unsigned char *dst, size_t *dlen, int mbedtls_base64_decode( unsigned char *dst, size_t *dlen,
const unsigned char *src, size_t slen ) const unsigned char *src, size_t slen )
{ {
size_t i, n; size_t i, n;
@ -175,16 +175,16 @@ int base64_decode( unsigned char *dst, size_t *dlen,
/* Space inside a line is an error */ /* Space inside a line is an error */
if( x != 0 ) if( x != 0 )
return( POLARSSL_ERR_BASE64_INVALID_CHARACTER ); return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER );
if( src[i] == '=' && ++j > 2 ) if( src[i] == '=' && ++j > 2 )
return( POLARSSL_ERR_BASE64_INVALID_CHARACTER ); return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER );
if( src[i] > 127 || base64_dec_map[src[i]] == 127 ) if( src[i] > 127 || base64_dec_map[src[i]] == 127 )
return( POLARSSL_ERR_BASE64_INVALID_CHARACTER ); return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER );
if( base64_dec_map[src[i]] < 64 && j != 0 ) if( base64_dec_map[src[i]] < 64 && j != 0 )
return( POLARSSL_ERR_BASE64_INVALID_CHARACTER ); return( MBEDTLS_ERR_BASE64_INVALID_CHARACTER );
n++; n++;
} }
@ -198,7 +198,7 @@ int base64_decode( unsigned char *dst, size_t *dlen,
if( dst == NULL || *dlen < n ) if( dst == NULL || *dlen < n )
{ {
*dlen = n; *dlen = n;
return( POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL ); return( MBEDTLS_ERR_BASE64_BUFFER_TOO_SMALL );
} }
for( j = 3, n = x = 0, p = dst; i > 0; i--, src++ ) for( j = 3, n = x = 0, p = dst; i > 0; i--, src++ )
@ -223,7 +223,7 @@ int base64_decode( unsigned char *dst, size_t *dlen,
return( 0 ); return( 0 );
} }
#if defined(POLARSSL_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
static const unsigned char base64_test_dec[64] = static const unsigned char base64_test_dec[64] =
{ {
@ -244,48 +244,48 @@ static const unsigned char base64_test_enc[] =
/* /*
* Checkup routine * Checkup routine
*/ */
int base64_self_test( int verbose ) int mbedtls_base64_self_test( int verbose )
{ {
size_t len; size_t len;
const unsigned char *src; const unsigned char *src;
unsigned char buffer[128]; unsigned char buffer[128];
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( " Base64 encoding test: " ); mbedtls_printf( " Base64 encoding test: " );
len = sizeof( buffer ); len = sizeof( buffer );
src = base64_test_dec; src = base64_test_dec;
if( base64_encode( buffer, &len, src, 64 ) != 0 || if( mbedtls_base64_encode( buffer, &len, src, 64 ) != 0 ||
memcmp( base64_test_enc, buffer, 88 ) != 0 ) memcmp( base64_test_enc, buffer, 88 ) != 0 )
{ {
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "failed\n" ); mbedtls_printf( "failed\n" );
return( 1 ); return( 1 );
} }
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "passed\n Base64 decoding test: " ); mbedtls_printf( "passed\n Base64 decoding test: " );
len = sizeof( buffer ); len = sizeof( buffer );
src = base64_test_enc; src = base64_test_enc;
if( base64_decode( buffer, &len, src, 88 ) != 0 || if( mbedtls_base64_decode( buffer, &len, src, 88 ) != 0 ||
memcmp( base64_test_dec, buffer, 64 ) != 0 ) memcmp( base64_test_dec, buffer, 64 ) != 0 )
{ {
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "failed\n" ); mbedtls_printf( "failed\n" );
return( 1 ); return( 1 );
} }
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "passed\n\n" ); mbedtls_printf( "passed\n\n" );
return( 0 ); return( 0 );
} }
#endif /* POLARSSL_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */
#endif /* POLARSSL_BASE64_C */ #endif /* MBEDTLS_BASE64_C */

918
library/bignum.c
View File

File diff suppressed because it is too large Load Diff

134
library/blowfish.c
View File

@ -26,22 +26,22 @@
* *
*/ */
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h" #include "mbedtls/config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#if defined(POLARSSL_BLOWFISH_C) #if defined(MBEDTLS_BLOWFISH_C)
#include "mbedtls/blowfish.h" #include "mbedtls/blowfish.h"
#include <string.h> #include <string.h>
#if !defined(POLARSSL_BLOWFISH_ALT) #if !defined(MBEDTLS_BLOWFISH_ALT)
/* Implementation that should never be optimized out by the compiler */ /* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) { static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0; volatile unsigned char *p = v; while( n-- ) *p++ = 0;
} }
@ -68,7 +68,7 @@ static void polarssl_zeroize( void *v, size_t n ) {
} }
#endif #endif
static const uint32_t P[BLOWFISH_ROUNDS + 2] = { static const uint32_t P[MBEDTLS_BLOWFISH_ROUNDS + 2] = {
0x243F6A88L, 0x85A308D3L, 0x13198A2EL, 0x03707344L, 0x243F6A88L, 0x85A308D3L, 0x13198A2EL, 0x03707344L,
0xA4093822L, 0x299F31D0L, 0x082EFA98L, 0xEC4E6C89L, 0xA4093822L, 0x299F31D0L, 0x082EFA98L, 0xEC4E6C89L,
0x452821E6L, 0x38D01377L, 0xBE5466CFL, 0x34E90C6CL, 0x452821E6L, 0x38D01377L, 0xBE5466CFL, 0x34E90C6CL,
@ -79,7 +79,7 @@ static const uint32_t P[BLOWFISH_ROUNDS + 2] = {
/* declarations of data at the end of this file */ /* declarations of data at the end of this file */
static const uint32_t S[4][256]; static const uint32_t S[4][256];
static uint32_t F( blowfish_context *ctx, uint32_t x ) static uint32_t F( mbedtls_blowfish_context *ctx, uint32_t x )
{ {
unsigned short a, b, c, d; unsigned short a, b, c, d;
uint32_t y; uint32_t y;
@ -98,7 +98,7 @@ static uint32_t F( blowfish_context *ctx, uint32_t x )
return( y ); return( y );
} }
static void blowfish_enc( blowfish_context *ctx, uint32_t *xl, uint32_t *xr ) static void blowfish_enc( mbedtls_blowfish_context *ctx, uint32_t *xl, uint32_t *xr )
{ {
uint32_t Xl, Xr, temp; uint32_t Xl, Xr, temp;
short i; short i;
@ -106,7 +106,7 @@ static void blowfish_enc( blowfish_context *ctx, uint32_t *xl, uint32_t *xr )
Xl = *xl; Xl = *xl;
Xr = *xr; Xr = *xr;
for( i = 0; i < BLOWFISH_ROUNDS; ++i ) for( i = 0; i < MBEDTLS_BLOWFISH_ROUNDS; ++i )
{ {
Xl = Xl ^ ctx->P[i]; Xl = Xl ^ ctx->P[i];
Xr = F( ctx, Xl ) ^ Xr; Xr = F( ctx, Xl ) ^ Xr;
@ -120,14 +120,14 @@ static void blowfish_enc( blowfish_context *ctx, uint32_t *xl, uint32_t *xr )
Xl = Xr; Xl = Xr;
Xr = temp; Xr = temp;
Xr = Xr ^ ctx->P[BLOWFISH_ROUNDS]; Xr = Xr ^ ctx->P[MBEDTLS_BLOWFISH_ROUNDS];
Xl = Xl ^ ctx->P[BLOWFISH_ROUNDS + 1]; Xl = Xl ^ ctx->P[MBEDTLS_BLOWFISH_ROUNDS + 1];
*xl = Xl; *xl = Xl;
*xr = Xr; *xr = Xr;
} }
static void blowfish_dec( blowfish_context *ctx, uint32_t *xl, uint32_t *xr ) static void blowfish_dec( mbedtls_blowfish_context *ctx, uint32_t *xl, uint32_t *xr )
{ {
uint32_t Xl, Xr, temp; uint32_t Xl, Xr, temp;
short i; short i;
@ -135,7 +135,7 @@ static void blowfish_dec( blowfish_context *ctx, uint32_t *xl, uint32_t *xr )
Xl = *xl; Xl = *xl;
Xr = *xr; Xr = *xr;
for( i = BLOWFISH_ROUNDS + 1; i > 1; --i ) for( i = MBEDTLS_BLOWFISH_ROUNDS + 1; i > 1; --i )
{ {
Xl = Xl ^ ctx->P[i]; Xl = Xl ^ ctx->P[i];
Xr = F( ctx, Xl ) ^ Xr; Xr = F( ctx, Xl ) ^ Xr;
@ -156,32 +156,32 @@ static void blowfish_dec( blowfish_context *ctx, uint32_t *xl, uint32_t *xr )
*xr = Xr; *xr = Xr;
} }
void blowfish_init( blowfish_context *ctx ) void mbedtls_blowfish_init( mbedtls_blowfish_context *ctx )
{ {
memset( ctx, 0, sizeof( blowfish_context ) ); memset( ctx, 0, sizeof( mbedtls_blowfish_context ) );
} }
void blowfish_free( blowfish_context *ctx ) void mbedtls_blowfish_free( mbedtls_blowfish_context *ctx )
{ {
if( ctx == NULL ) if( ctx == NULL )
return; return;
polarssl_zeroize( ctx, sizeof( blowfish_context ) ); mbedtls_zeroize( ctx, sizeof( mbedtls_blowfish_context ) );
} }
/* /*
* Blowfish key schedule * Blowfish key schedule
*/ */
int blowfish_setkey( blowfish_context *ctx, const unsigned char *key, int mbedtls_blowfish_setkey( mbedtls_blowfish_context *ctx, const unsigned char *key,
unsigned int keysize ) unsigned int keysize )
{ {
unsigned int i, j, k; unsigned int i, j, k;
uint32_t data, datal, datar; uint32_t data, datal, datar;
if( keysize < BLOWFISH_MIN_KEY || keysize > BLOWFISH_MAX_KEY || if( keysize < MBEDTLS_BLOWFISH_MIN_KEY || keysize > MBEDTLS_BLOWFISH_MAX_KEY ||
( keysize % 8 ) ) ( keysize % 8 ) )
{ {
return( POLARSSL_ERR_BLOWFISH_INVALID_KEY_LENGTH ); return( MBEDTLS_ERR_BLOWFISH_INVALID_KEY_LENGTH );
} }
keysize >>= 3; keysize >>= 3;
@ -193,7 +193,7 @@ int blowfish_setkey( blowfish_context *ctx, const unsigned char *key,
} }
j = 0; j = 0;
for( i = 0; i < BLOWFISH_ROUNDS + 2; ++i ) for( i = 0; i < MBEDTLS_BLOWFISH_ROUNDS + 2; ++i )
{ {
data = 0x00000000; data = 0x00000000;
for( k = 0; k < 4; ++k ) for( k = 0; k < 4; ++k )
@ -208,7 +208,7 @@ int blowfish_setkey( blowfish_context *ctx, const unsigned char *key,
datal = 0x00000000; datal = 0x00000000;
datar = 0x00000000; datar = 0x00000000;
for( i = 0; i < BLOWFISH_ROUNDS + 2; i += 2 ) for( i = 0; i < MBEDTLS_BLOWFISH_ROUNDS + 2; i += 2 )
{ {
blowfish_enc( ctx, &datal, &datar ); blowfish_enc( ctx, &datal, &datar );
ctx->P[i] = datal; ctx->P[i] = datal;
@ -230,21 +230,21 @@ int blowfish_setkey( blowfish_context *ctx, const unsigned char *key,
/* /*
* Blowfish-ECB block encryption/decryption * Blowfish-ECB block encryption/decryption
*/ */
int blowfish_crypt_ecb( blowfish_context *ctx, int mbedtls_blowfish_crypt_ecb( mbedtls_blowfish_context *ctx,
int mode, int mode,
const unsigned char input[BLOWFISH_BLOCKSIZE], const unsigned char input[MBEDTLS_BLOWFISH_BLOCKSIZE],
unsigned char output[BLOWFISH_BLOCKSIZE] ) unsigned char output[MBEDTLS_BLOWFISH_BLOCKSIZE] )
{ {
uint32_t X0, X1; uint32_t X0, X1;
GET_UINT32_BE( X0, input, 0 ); GET_UINT32_BE( X0, input, 0 );
GET_UINT32_BE( X1, input, 4 ); GET_UINT32_BE( X1, input, 4 );
if( mode == BLOWFISH_DECRYPT ) if( mode == MBEDTLS_BLOWFISH_DECRYPT )
{ {
blowfish_dec( ctx, &X0, &X1 ); blowfish_dec( ctx, &X0, &X1 );
} }
else /* BLOWFISH_ENCRYPT */ else /* MBEDTLS_BLOWFISH_ENCRYPT */
{ {
blowfish_enc( ctx, &X0, &X1 ); blowfish_enc( ctx, &X0, &X1 );
} }
@ -255,87 +255,87 @@ int blowfish_crypt_ecb( blowfish_context *ctx,
return( 0 ); return( 0 );
} }
#if defined(POLARSSL_CIPHER_MODE_CBC) #if defined(MBEDTLS_CIPHER_MODE_CBC)
/* /*
* Blowfish-CBC buffer encryption/decryption * Blowfish-CBC buffer encryption/decryption
*/ */
int blowfish_crypt_cbc( blowfish_context *ctx, int mbedtls_blowfish_crypt_cbc( mbedtls_blowfish_context *ctx,
int mode, int mode,
size_t length, size_t length,
unsigned char iv[BLOWFISH_BLOCKSIZE], unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE],
const unsigned char *input, const unsigned char *input,
unsigned char *output ) unsigned char *output )
{ {
int i; int i;
unsigned char temp[BLOWFISH_BLOCKSIZE]; unsigned char temp[MBEDTLS_BLOWFISH_BLOCKSIZE];
if( length % BLOWFISH_BLOCKSIZE ) if( length % MBEDTLS_BLOWFISH_BLOCKSIZE )
return( POLARSSL_ERR_BLOWFISH_INVALID_INPUT_LENGTH ); return( MBEDTLS_ERR_BLOWFISH_INVALID_INPUT_LENGTH );
if( mode == BLOWFISH_DECRYPT ) if( mode == MBEDTLS_BLOWFISH_DECRYPT )
{ {
while( length > 0 ) while( length > 0 )
{ {
memcpy( temp, input, BLOWFISH_BLOCKSIZE ); memcpy( temp, input, MBEDTLS_BLOWFISH_BLOCKSIZE );
blowfish_crypt_ecb( ctx, mode, input, output ); mbedtls_blowfish_crypt_ecb( ctx, mode, input, output );
for( i = 0; i < BLOWFISH_BLOCKSIZE;i++ ) for( i = 0; i < MBEDTLS_BLOWFISH_BLOCKSIZE;i++ )
output[i] = (unsigned char)( output[i] ^ iv[i] ); output[i] = (unsigned char)( output[i] ^ iv[i] );
memcpy( iv, temp, BLOWFISH_BLOCKSIZE ); memcpy( iv, temp, MBEDTLS_BLOWFISH_BLOCKSIZE );
input += BLOWFISH_BLOCKSIZE; input += MBEDTLS_BLOWFISH_BLOCKSIZE;
output += BLOWFISH_BLOCKSIZE; output += MBEDTLS_BLOWFISH_BLOCKSIZE;
length -= BLOWFISH_BLOCKSIZE; length -= MBEDTLS_BLOWFISH_BLOCKSIZE;
} }
} }
else else
{ {
while( length > 0 ) while( length > 0 )
{ {
for( i = 0; i < BLOWFISH_BLOCKSIZE; i++ ) for( i = 0; i < MBEDTLS_BLOWFISH_BLOCKSIZE; i++ )
output[i] = (unsigned char)( input[i] ^ iv[i] ); output[i] = (unsigned char)( input[i] ^ iv[i] );
blowfish_crypt_ecb( ctx, mode, output, output ); mbedtls_blowfish_crypt_ecb( ctx, mode, output, output );
memcpy( iv, output, BLOWFISH_BLOCKSIZE ); memcpy( iv, output, MBEDTLS_BLOWFISH_BLOCKSIZE );
input += BLOWFISH_BLOCKSIZE; input += MBEDTLS_BLOWFISH_BLOCKSIZE;
output += BLOWFISH_BLOCKSIZE; output += MBEDTLS_BLOWFISH_BLOCKSIZE;
length -= BLOWFISH_BLOCKSIZE; length -= MBEDTLS_BLOWFISH_BLOCKSIZE;
} }
} }
return( 0 ); return( 0 );
} }
#endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(POLARSSL_CIPHER_MODE_CFB) #if defined(MBEDTLS_CIPHER_MODE_CFB)
/* /*
* Blowfish CFB buffer encryption/decryption * Blowfish CFB buffer encryption/decryption
*/ */
int blowfish_crypt_cfb64( blowfish_context *ctx, int mbedtls_blowfish_crypt_cfb64( mbedtls_blowfish_context *ctx,
int mode, int mode,
size_t length, size_t length,
size_t *iv_off, size_t *iv_off,
unsigned char iv[BLOWFISH_BLOCKSIZE], unsigned char iv[MBEDTLS_BLOWFISH_BLOCKSIZE],
const unsigned char *input, const unsigned char *input,
unsigned char *output ) unsigned char *output )
{ {
int c; int c;
size_t n = *iv_off; size_t n = *iv_off;
if( mode == BLOWFISH_DECRYPT ) if( mode == MBEDTLS_BLOWFISH_DECRYPT )
{ {
while( length-- ) while( length-- )
{ {
if( n == 0 ) if( n == 0 )
blowfish_crypt_ecb( ctx, BLOWFISH_ENCRYPT, iv, iv ); mbedtls_blowfish_crypt_ecb( ctx, MBEDTLS_BLOWFISH_ENCRYPT, iv, iv );
c = *input++; c = *input++;
*output++ = (unsigned char)( c ^ iv[n] ); *output++ = (unsigned char)( c ^ iv[n] );
iv[n] = (unsigned char) c; iv[n] = (unsigned char) c;
n = ( n + 1 ) % BLOWFISH_BLOCKSIZE; n = ( n + 1 ) % MBEDTLS_BLOWFISH_BLOCKSIZE;
} }
} }
else else
@ -343,11 +343,11 @@ int blowfish_crypt_cfb64( blowfish_context *ctx,
while( length-- ) while( length-- )
{ {
if( n == 0 ) if( n == 0 )
blowfish_crypt_ecb( ctx, BLOWFISH_ENCRYPT, iv, iv ); mbedtls_blowfish_crypt_ecb( ctx, MBEDTLS_BLOWFISH_ENCRYPT, iv, iv );
iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ ); iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ );
n = ( n + 1 ) % BLOWFISH_BLOCKSIZE; n = ( n + 1 ) % MBEDTLS_BLOWFISH_BLOCKSIZE;
} }
} }
@ -355,17 +355,17 @@ int blowfish_crypt_cfb64( blowfish_context *ctx,
return( 0 ); return( 0 );
} }
#endif /*POLARSSL_CIPHER_MODE_CFB */ #endif /*MBEDTLS_CIPHER_MODE_CFB */
#if defined(POLARSSL_CIPHER_MODE_CTR) #if defined(MBEDTLS_CIPHER_MODE_CTR)
/* /*
* Blowfish CTR buffer encryption/decryption * Blowfish CTR buffer encryption/decryption
*/ */
int blowfish_crypt_ctr( blowfish_context *ctx, int mbedtls_blowfish_crypt_ctr( mbedtls_blowfish_context *ctx,
size_t length, size_t length,
size_t *nc_off, size_t *nc_off,
unsigned char nonce_counter[BLOWFISH_BLOCKSIZE], unsigned char nonce_counter[MBEDTLS_BLOWFISH_BLOCKSIZE],
unsigned char stream_block[BLOWFISH_BLOCKSIZE], unsigned char stream_block[MBEDTLS_BLOWFISH_BLOCKSIZE],
const unsigned char *input, const unsigned char *input,
unsigned char *output ) unsigned char *output )
{ {
@ -375,24 +375,24 @@ int blowfish_crypt_ctr( blowfish_context *ctx,
while( length-- ) while( length-- )
{ {
if( n == 0 ) { if( n == 0 ) {
blowfish_crypt_ecb( ctx, BLOWFISH_ENCRYPT, nonce_counter, mbedtls_blowfish_crypt_ecb( ctx, MBEDTLS_BLOWFISH_ENCRYPT, nonce_counter,
stream_block ); stream_block );
for( i = BLOWFISH_BLOCKSIZE; i > 0; i-- ) for( i = MBEDTLS_BLOWFISH_BLOCKSIZE; i > 0; i-- )
if( ++nonce_counter[i - 1] != 0 ) if( ++nonce_counter[i - 1] != 0 )
break; break;
} }
c = *input++; c = *input++;
*output++ = (unsigned char)( c ^ stream_block[n] ); *output++ = (unsigned char)( c ^ stream_block[n] );
n = ( n + 1 ) % BLOWFISH_BLOCKSIZE; n = ( n + 1 ) % MBEDTLS_BLOWFISH_BLOCKSIZE;
} }
*nc_off = n; *nc_off = n;
return( 0 ); return( 0 );
} }
#endif /* POLARSSL_CIPHER_MODE_CTR */ #endif /* MBEDTLS_CIPHER_MODE_CTR */
static const uint32_t S[4][256] = { static const uint32_t S[4][256] = {
{ 0xD1310BA6L, 0x98DFB5ACL, 0x2FFD72DBL, 0xD01ADFB7L, { 0xD1310BA6L, 0x98DFB5ACL, 0x2FFD72DBL, 0xD01ADFB7L,
@ -653,5 +653,5 @@ static const uint32_t S[4][256] = {
0xB74E6132L, 0xCE77E25BL, 0x578FDFE3L, 0x3AC372E6L } 0xB74E6132L, 0xCE77E25BL, 0x578FDFE3L, 0x3AC372E6L }
}; };
#endif /* !POLARSSL_BLOWFISH_ALT */ #endif /* !MBEDTLS_BLOWFISH_ALT */
#endif /* POLARSSL_BLOWFISH_C */ #endif /* MBEDTLS_BLOWFISH_C */

178
library/camellia.c
View File

@ -26,31 +26,31 @@
* http://info.isl.ntt.co.jp/crypt/eng/camellia/dl/01espec.pdf * http://info.isl.ntt.co.jp/crypt/eng/camellia/dl/01espec.pdf
*/ */
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h" #include "mbedtls/config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#if defined(POLARSSL_CAMELLIA_C) #if defined(MBEDTLS_CAMELLIA_C)
#include "mbedtls/camellia.h" #include "mbedtls/camellia.h"
#include <string.h> #include <string.h>
#if defined(POLARSSL_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
#if defined(POLARSSL_PLATFORM_C) #if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h" #include "mbedtls/platform.h"
#else #else
#include <stdio.h> #include <stdio.h>
#define polarssl_printf printf #define mbedtls_printf printf
#endif /* POLARSSL_PLATFORM_C */ #endif /* MBEDTLS_PLATFORM_C */
#endif /* POLARSSL_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */
#if !defined(POLARSSL_CAMELLIA_ALT) #if !defined(MBEDTLS_CAMELLIA_ALT)
/* Implementation that should never be optimized out by the compiler */ /* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) { static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0; volatile unsigned char *p = v; while( n-- ) *p++ = 0;
} }
@ -87,7 +87,7 @@ static const unsigned char SIGMA_CHARS[6][8] =
{ 0xb0, 0x56, 0x88, 0xc2, 0xb3, 0xe6, 0xc1, 0xfd } { 0xb0, 0x56, 0x88, 0xc2, 0xb3, 0xe6, 0xc1, 0xfd }
}; };
#if defined(POLARSSL_CAMELLIA_SMALL_MEMORY) #if defined(MBEDTLS_CAMELLIA_SMALL_MEMORY)
static const unsigned char FSb[256] = static const unsigned char FSb[256] =
{ {
@ -114,7 +114,7 @@ static const unsigned char FSb[256] =
#define SBOX3(n) (unsigned char)((FSb[(n)] >> 1 ^ FSb[(n)] << 7) & 0xff) #define SBOX3(n) (unsigned char)((FSb[(n)] >> 1 ^ FSb[(n)] << 7) & 0xff)
#define SBOX4(n) FSb[((n) << 1 ^ (n) >> 7) &0xff] #define SBOX4(n) FSb[((n) << 1 ^ (n) >> 7) &0xff]
#else /* POLARSSL_CAMELLIA_SMALL_MEMORY */ #else /* MBEDTLS_CAMELLIA_SMALL_MEMORY */
static const unsigned char FSb[256] = static const unsigned char FSb[256] =
{ {
@ -201,7 +201,7 @@ static const unsigned char FSb4[256] =
#define SBOX3(n) FSb3[(n)] #define SBOX3(n) FSb3[(n)]
#define SBOX4(n) FSb4[(n)] #define SBOX4(n) FSb4[(n)]
#endif /* POLARSSL_CAMELLIA_SMALL_MEMORY */ #endif /* MBEDTLS_CAMELLIA_SMALL_MEMORY */
static const unsigned char shifts[2][4][4] = static const unsigned char shifts[2][4][4] =
{ {
@ -324,23 +324,23 @@ static void camellia_feistel( const uint32_t x[2], const uint32_t k[2],
z[1] ^= I0; z[1] ^= I0;
} }
void camellia_init( camellia_context *ctx ) void mbedtls_camellia_init( mbedtls_camellia_context *ctx )
{ {
memset( ctx, 0, sizeof( camellia_context ) ); memset( ctx, 0, sizeof( mbedtls_camellia_context ) );
} }
void camellia_free( camellia_context *ctx ) void mbedtls_camellia_free( mbedtls_camellia_context *ctx )
{ {
if( ctx == NULL ) if( ctx == NULL )
return; return;
polarssl_zeroize( ctx, sizeof( camellia_context ) ); mbedtls_zeroize( ctx, sizeof( mbedtls_camellia_context ) );
} }
/* /*
* Camellia key schedule (encryption) * Camellia key schedule (encryption)
*/ */
int camellia_setkey_enc( camellia_context *ctx, const unsigned char *key, int mbedtls_camellia_setkey_enc( mbedtls_camellia_context *ctx, const unsigned char *key,
unsigned int keysize ) unsigned int keysize )
{ {
int idx; int idx;
@ -361,7 +361,7 @@ int camellia_setkey_enc( camellia_context *ctx, const unsigned char *key,
case 128: ctx->nr = 3; idx = 0; break; case 128: ctx->nr = 3; idx = 0; break;
case 192: case 192:
case 256: ctx->nr = 4; idx = 1; break; case 256: ctx->nr = 4; idx = 1; break;
default : return( POLARSSL_ERR_CAMELLIA_INVALID_KEY_LENGTH ); default : return( MBEDTLS_ERR_CAMELLIA_INVALID_KEY_LENGTH );
} }
for( i = 0; i < keysize / 8; ++i ) for( i = 0; i < keysize / 8; ++i )
@ -445,19 +445,19 @@ int camellia_setkey_enc( camellia_context *ctx, const unsigned char *key,
/* /*
* Camellia key schedule (decryption) * Camellia key schedule (decryption)
*/ */
int camellia_setkey_dec( camellia_context *ctx, const unsigned char *key, int mbedtls_camellia_setkey_dec( mbedtls_camellia_context *ctx, const unsigned char *key,
unsigned int keysize ) unsigned int keysize )
{ {
int idx, ret; int idx, ret;
size_t i; size_t i;
camellia_context cty; mbedtls_camellia_context cty;
uint32_t *RK; uint32_t *RK;
uint32_t *SK; uint32_t *SK;
camellia_init( &cty ); mbedtls_camellia_init( &cty );
/* Also checks keysize */ /* Also checks keysize */
if( ( ret = camellia_setkey_enc( &cty, key, keysize ) ) != 0 ) if( ( ret = mbedtls_camellia_setkey_enc( &cty, key, keysize ) ) != 0 )
goto exit; goto exit;
ctx->nr = cty.nr; ctx->nr = cty.nr;
@ -485,7 +485,7 @@ int camellia_setkey_dec( camellia_context *ctx, const unsigned char *key,
*RK++ = *SK++; *RK++ = *SK++;
exit: exit:
camellia_free( &cty ); mbedtls_camellia_free( &cty );
return( ret ); return( ret );
} }
@ -493,7 +493,7 @@ exit:
/* /*
* Camellia-ECB block encryption/decryption * Camellia-ECB block encryption/decryption
*/ */
int camellia_crypt_ecb( camellia_context *ctx, int mbedtls_camellia_crypt_ecb( mbedtls_camellia_context *ctx,
int mode, int mode,
const unsigned char input[16], const unsigned char input[16],
unsigned char output[16] ) unsigned char output[16] )
@ -552,11 +552,11 @@ int camellia_crypt_ecb( camellia_context *ctx,
return( 0 ); return( 0 );
} }
#if defined(POLARSSL_CIPHER_MODE_CBC) #if defined(MBEDTLS_CIPHER_MODE_CBC)
/* /*
* Camellia-CBC buffer encryption/decryption * Camellia-CBC buffer encryption/decryption
*/ */
int camellia_crypt_cbc( camellia_context *ctx, int mbedtls_camellia_crypt_cbc( mbedtls_camellia_context *ctx,
int mode, int mode,
size_t length, size_t length,
unsigned char iv[16], unsigned char iv[16],
@ -567,14 +567,14 @@ int camellia_crypt_cbc( camellia_context *ctx,
unsigned char temp[16]; unsigned char temp[16];
if( length % 16 ) if( length % 16 )
return( POLARSSL_ERR_CAMELLIA_INVALID_INPUT_LENGTH ); return( MBEDTLS_ERR_CAMELLIA_INVALID_INPUT_LENGTH );
if( mode == CAMELLIA_DECRYPT ) if( mode == MBEDTLS_CAMELLIA_DECRYPT )
{ {
while( length > 0 ) while( length > 0 )
{ {
memcpy( temp, input, 16 ); memcpy( temp, input, 16 );
camellia_crypt_ecb( ctx, mode, input, output ); mbedtls_camellia_crypt_ecb( ctx, mode, input, output );
for( i = 0; i < 16; i++ ) for( i = 0; i < 16; i++ )
output[i] = (unsigned char)( output[i] ^ iv[i] ); output[i] = (unsigned char)( output[i] ^ iv[i] );
@ -593,7 +593,7 @@ int camellia_crypt_cbc( camellia_context *ctx,
for( i = 0; i < 16; i++ ) for( i = 0; i < 16; i++ )
output[i] = (unsigned char)( input[i] ^ iv[i] ); output[i] = (unsigned char)( input[i] ^ iv[i] );
camellia_crypt_ecb( ctx, mode, output, output ); mbedtls_camellia_crypt_ecb( ctx, mode, output, output );
memcpy( iv, output, 16 ); memcpy( iv, output, 16 );
input += 16; input += 16;
@ -604,13 +604,13 @@ int camellia_crypt_cbc( camellia_context *ctx,
return( 0 ); return( 0 );
} }
#endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(POLARSSL_CIPHER_MODE_CFB) #if defined(MBEDTLS_CIPHER_MODE_CFB)
/* /*
* Camellia-CFB128 buffer encryption/decryption * Camellia-CFB128 buffer encryption/decryption
*/ */
int camellia_crypt_cfb128( camellia_context *ctx, int mbedtls_camellia_crypt_cfb128( mbedtls_camellia_context *ctx,
int mode, int mode,
size_t length, size_t length,
size_t *iv_off, size_t *iv_off,
@ -621,12 +621,12 @@ int camellia_crypt_cfb128( camellia_context *ctx,
int c; int c;
size_t n = *iv_off; size_t n = *iv_off;
if( mode == CAMELLIA_DECRYPT ) if( mode == MBEDTLS_CAMELLIA_DECRYPT )
{ {
while( length-- ) while( length-- )
{ {
if( n == 0 ) if( n == 0 )
camellia_crypt_ecb( ctx, CAMELLIA_ENCRYPT, iv, iv ); mbedtls_camellia_crypt_ecb( ctx, MBEDTLS_CAMELLIA_ENCRYPT, iv, iv );
c = *input++; c = *input++;
*output++ = (unsigned char)( c ^ iv[n] ); *output++ = (unsigned char)( c ^ iv[n] );
@ -640,7 +640,7 @@ int camellia_crypt_cfb128( camellia_context *ctx,
while( length-- ) while( length-- )
{ {
if( n == 0 ) if( n == 0 )
camellia_crypt_ecb( ctx, CAMELLIA_ENCRYPT, iv, iv ); mbedtls_camellia_crypt_ecb( ctx, MBEDTLS_CAMELLIA_ENCRYPT, iv, iv );
iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ ); iv[n] = *output++ = (unsigned char)( iv[n] ^ *input++ );
@ -652,13 +652,13 @@ int camellia_crypt_cfb128( camellia_context *ctx,
return( 0 ); return( 0 );
} }
#endif /* POLARSSL_CIPHER_MODE_CFB */ #endif /* MBEDTLS_CIPHER_MODE_CFB */
#if defined(POLARSSL_CIPHER_MODE_CTR) #if defined(MBEDTLS_CIPHER_MODE_CTR)
/* /*
* Camellia-CTR buffer encryption/decryption * Camellia-CTR buffer encryption/decryption
*/ */
int camellia_crypt_ctr( camellia_context *ctx, int mbedtls_camellia_crypt_ctr( mbedtls_camellia_context *ctx,
size_t length, size_t length,
size_t *nc_off, size_t *nc_off,
unsigned char nonce_counter[16], unsigned char nonce_counter[16],
@ -672,7 +672,7 @@ int camellia_crypt_ctr( camellia_context *ctx,
while( length-- ) while( length-- )
{ {
if( n == 0 ) { if( n == 0 ) {
camellia_crypt_ecb( ctx, CAMELLIA_ENCRYPT, nonce_counter, mbedtls_camellia_crypt_ecb( ctx, MBEDTLS_CAMELLIA_ENCRYPT, nonce_counter,
stream_block ); stream_block );
for( i = 16; i > 0; i-- ) for( i = 16; i > 0; i-- )
@ -689,10 +689,10 @@ int camellia_crypt_ctr( camellia_context *ctx,
return( 0 ); return( 0 );
} }
#endif /* POLARSSL_CIPHER_MODE_CTR */ #endif /* MBEDTLS_CIPHER_MODE_CTR */
#endif /* !POLARSSL_CAMELLIA_ALT */ #endif /* !MBEDTLS_CAMELLIA_ALT */
#if defined(POLARSSL_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
/* /*
* Camellia test vectors from: * Camellia test vectors from:
@ -762,7 +762,7 @@ static const unsigned char camellia_test_ecb_cipher[3][CAMELLIA_TESTS_ECB][16] =
} }
}; };
#if defined(POLARSSL_CIPHER_MODE_CBC) #if defined(MBEDTLS_CIPHER_MODE_CBC)
#define CAMELLIA_TESTS_CBC 3 #define CAMELLIA_TESTS_CBC 3
static const unsigned char camellia_test_cbc_key[3][32] = static const unsigned char camellia_test_cbc_key[3][32] =
@ -824,9 +824,9 @@ static const unsigned char camellia_test_cbc_cipher[3][CAMELLIA_TESTS_CBC][16] =
0x33, 0x30, 0xCD, 0xF1, 0xB1, 0x86, 0x0A, 0x83 } 0x33, 0x30, 0xCD, 0xF1, 0xB1, 0x86, 0x0A, 0x83 }
} }
}; };
#endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(POLARSSL_CIPHER_MODE_CTR) #if defined(MBEDTLS_CIPHER_MODE_CTR)
/* /*
* Camellia-CTR test vectors from: * Camellia-CTR test vectors from:
* *
@ -887,28 +887,28 @@ static const unsigned char camellia_test_ctr_ct[3][48] =
static const int camellia_test_ctr_len[3] = static const int camellia_test_ctr_len[3] =
{ 16, 32, 36 }; { 16, 32, 36 };
#endif /* POLARSSL_CIPHER_MODE_CTR */ #endif /* MBEDTLS_CIPHER_MODE_CTR */
/* /*
* Checkup routine * Checkup routine
*/ */
int camellia_self_test( int verbose ) int mbedtls_camellia_self_test( int verbose )
{ {
int i, j, u, v; int i, j, u, v;
unsigned char key[32]; unsigned char key[32];
unsigned char buf[64]; unsigned char buf[64];
unsigned char src[16]; unsigned char src[16];
unsigned char dst[16]; unsigned char dst[16];
#if defined(POLARSSL_CIPHER_MODE_CBC) #if defined(MBEDTLS_CIPHER_MODE_CBC)
unsigned char iv[16]; unsigned char iv[16];
#endif #endif
#if defined(POLARSSL_CIPHER_MODE_CTR) #if defined(MBEDTLS_CIPHER_MODE_CTR)
size_t offset, len; size_t offset, len;
unsigned char nonce_counter[16]; unsigned char nonce_counter[16];
unsigned char stream_block[16]; unsigned char stream_block[16];
#endif #endif
camellia_context ctx; mbedtls_camellia_context ctx;
memset( key, 0, 32 ); memset( key, 0, 32 );
@ -917,41 +917,41 @@ int camellia_self_test( int verbose )
v = j & 1; v = j & 1;
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( " CAMELLIA-ECB-%3d (%s): ", 128 + u * 64, mbedtls_printf( " CAMELLIA-ECB-%3d (%s): ", 128 + u * 64,
(v == CAMELLIA_DECRYPT) ? "dec" : "enc"); (v == MBEDTLS_CAMELLIA_DECRYPT) ? "dec" : "enc");
for( i = 0; i < CAMELLIA_TESTS_ECB; i++ ) { for( i = 0; i < CAMELLIA_TESTS_ECB; i++ ) {
memcpy( key, camellia_test_ecb_key[u][i], 16 + 8 * u ); memcpy( key, camellia_test_ecb_key[u][i], 16 + 8 * u );
if( v == CAMELLIA_DECRYPT ) { if( v == MBEDTLS_CAMELLIA_DECRYPT ) {
camellia_setkey_dec( &ctx, key, 128 + u * 64 ); mbedtls_camellia_setkey_dec( &ctx, key, 128 + u * 64 );
memcpy( src, camellia_test_ecb_cipher[u][i], 16 ); memcpy( src, camellia_test_ecb_cipher[u][i], 16 );
memcpy( dst, camellia_test_ecb_plain[i], 16 ); memcpy( dst, camellia_test_ecb_plain[i], 16 );
} else { /* CAMELLIA_ENCRYPT */ } else { /* MBEDTLS_CAMELLIA_ENCRYPT */
camellia_setkey_enc( &ctx, key, 128 + u * 64 ); mbedtls_camellia_setkey_enc( &ctx, key, 128 + u * 64 );
memcpy( src, camellia_test_ecb_plain[i], 16 ); memcpy( src, camellia_test_ecb_plain[i], 16 );
memcpy( dst, camellia_test_ecb_cipher[u][i], 16 ); memcpy( dst, camellia_test_ecb_cipher[u][i], 16 );
} }
camellia_crypt_ecb( &ctx, v, src, buf ); mbedtls_camellia_crypt_ecb( &ctx, v, src, buf );
if( memcmp( buf, dst, 16 ) != 0 ) if( memcmp( buf, dst, 16 ) != 0 )
{ {
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "failed\n" ); mbedtls_printf( "failed\n" );
return( 1 ); return( 1 );
} }
} }
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "passed\n" ); mbedtls_printf( "passed\n" );
} }
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "\n" ); mbedtls_printf( "\n" );
#if defined(POLARSSL_CIPHER_MODE_CBC) #if defined(MBEDTLS_CIPHER_MODE_CBC)
/* /*
* CBC mode * CBC mode
*/ */
@ -961,51 +961,51 @@ int camellia_self_test( int verbose )
v = j & 1; v = j & 1;
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( " CAMELLIA-CBC-%3d (%s): ", 128 + u * 64, mbedtls_printf( " CAMELLIA-CBC-%3d (%s): ", 128 + u * 64,
( v == CAMELLIA_DECRYPT ) ? "dec" : "enc" ); ( v == MBEDTLS_CAMELLIA_DECRYPT ) ? "dec" : "enc" );
memcpy( src, camellia_test_cbc_iv, 16 ); memcpy( src, camellia_test_cbc_iv, 16 );
memcpy( dst, camellia_test_cbc_iv, 16 ); memcpy( dst, camellia_test_cbc_iv, 16 );
memcpy( key, camellia_test_cbc_key[u], 16 + 8 * u ); memcpy( key, camellia_test_cbc_key[u], 16 + 8 * u );
if( v == CAMELLIA_DECRYPT ) { if( v == MBEDTLS_CAMELLIA_DECRYPT ) {
camellia_setkey_dec( &ctx, key, 128 + u * 64 ); mbedtls_camellia_setkey_dec( &ctx, key, 128 + u * 64 );
} else { } else {
camellia_setkey_enc( &ctx, key, 128 + u * 64 ); mbedtls_camellia_setkey_enc( &ctx, key, 128 + u * 64 );
} }
for( i = 0; i < CAMELLIA_TESTS_CBC; i++ ) { for( i = 0; i < CAMELLIA_TESTS_CBC; i++ ) {
if( v == CAMELLIA_DECRYPT ) { if( v == MBEDTLS_CAMELLIA_DECRYPT ) {
memcpy( iv , src, 16 ); memcpy( iv , src, 16 );
memcpy( src, camellia_test_cbc_cipher[u][i], 16 ); memcpy( src, camellia_test_cbc_cipher[u][i], 16 );
memcpy( dst, camellia_test_cbc_plain[i], 16 ); memcpy( dst, camellia_test_cbc_plain[i], 16 );
} else { /* CAMELLIA_ENCRYPT */ } else { /* MBEDTLS_CAMELLIA_ENCRYPT */
memcpy( iv , dst, 16 ); memcpy( iv , dst, 16 );
memcpy( src, camellia_test_cbc_plain[i], 16 ); memcpy( src, camellia_test_cbc_plain[i], 16 );
memcpy( dst, camellia_test_cbc_cipher[u][i], 16 ); memcpy( dst, camellia_test_cbc_cipher[u][i], 16 );
} }
camellia_crypt_cbc( &ctx, v, 16, iv, src, buf ); mbedtls_camellia_crypt_cbc( &ctx, v, 16, iv, src, buf );
if( memcmp( buf, dst, 16 ) != 0 ) if( memcmp( buf, dst, 16 ) != 0 )
{ {
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "failed\n" ); mbedtls_printf( "failed\n" );
return( 1 ); return( 1 );
} }
} }
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "passed\n" ); mbedtls_printf( "passed\n" );
} }
#endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* MBEDTLS_CIPHER_MODE_CBC */
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "\n" ); mbedtls_printf( "\n" );
#if defined(POLARSSL_CIPHER_MODE_CTR) #if defined(MBEDTLS_CIPHER_MODE_CTR)
/* /*
* CTR mode * CTR mode
*/ */
@ -1015,27 +1015,27 @@ int camellia_self_test( int verbose )
v = i & 1; v = i & 1;
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( " CAMELLIA-CTR-128 (%s): ", mbedtls_printf( " CAMELLIA-CTR-128 (%s): ",
( v == CAMELLIA_DECRYPT ) ? "dec" : "enc" ); ( v == MBEDTLS_CAMELLIA_DECRYPT ) ? "dec" : "enc" );
memcpy( nonce_counter, camellia_test_ctr_nonce_counter[u], 16 ); memcpy( nonce_counter, camellia_test_ctr_nonce_counter[u], 16 );
memcpy( key, camellia_test_ctr_key[u], 16 ); memcpy( key, camellia_test_ctr_key[u], 16 );
offset = 0; offset = 0;
camellia_setkey_enc( &ctx, key, 128 ); mbedtls_camellia_setkey_enc( &ctx, key, 128 );
if( v == CAMELLIA_DECRYPT ) if( v == MBEDTLS_CAMELLIA_DECRYPT )
{ {
len = camellia_test_ctr_len[u]; len = camellia_test_ctr_len[u];
memcpy( buf, camellia_test_ctr_ct[u], len ); memcpy( buf, camellia_test_ctr_ct[u], len );
camellia_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block, mbedtls_camellia_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block,
buf, buf ); buf, buf );
if( memcmp( buf, camellia_test_ctr_pt[u], len ) != 0 ) if( memcmp( buf, camellia_test_ctr_pt[u], len ) != 0 )
{ {
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "failed\n" ); mbedtls_printf( "failed\n" );
return( 1 ); return( 1 );
} }
@ -1045,29 +1045,29 @@ int camellia_self_test( int verbose )
len = camellia_test_ctr_len[u]; len = camellia_test_ctr_len[u];
memcpy( buf, camellia_test_ctr_pt[u], len ); memcpy( buf, camellia_test_ctr_pt[u], len );
camellia_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block, mbedtls_camellia_crypt_ctr( &ctx, len, &offset, nonce_counter, stream_block,
buf, buf ); buf, buf );
if( memcmp( buf, camellia_test_ctr_ct[u], len ) != 0 ) if( memcmp( buf, camellia_test_ctr_ct[u], len ) != 0 )
{ {
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "failed\n" ); mbedtls_printf( "failed\n" );
return( 1 ); return( 1 );
} }
} }
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "passed\n" ); mbedtls_printf( "passed\n" );
} }
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "\n" ); mbedtls_printf( "\n" );
#endif /* POLARSSL_CIPHER_MODE_CTR */ #endif /* MBEDTLS_CIPHER_MODE_CTR */
return( 0 ); return( 0 );
} }
#endif /* POLARSSL_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */
#endif /* POLARSSL_CAMELLIA_C */ #endif /* MBEDTLS_CAMELLIA_C */

96
library/ccm.c
View File

@ -29,29 +29,29 @@
* RFC 5116 "An Interface and Algorithms for Authenticated Encryption" * RFC 5116 "An Interface and Algorithms for Authenticated Encryption"
*/ */
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h" #include "mbedtls/config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#if defined(POLARSSL_CCM_C) #if defined(MBEDTLS_CCM_C)
#include "mbedtls/ccm.h" #include "mbedtls/ccm.h"
#include <string.h> #include <string.h>
#if defined(POLARSSL_SELF_TEST) && defined(POLARSSL_AES_C) #if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
#if defined(POLARSSL_PLATFORM_C) #if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h" #include "mbedtls/platform.h"
#else #else
#include <stdio.h> #include <stdio.h>
#define polarssl_printf printf #define mbedtls_printf printf
#endif /* POLARSSL_PLATFORM_C */ #endif /* MBEDTLS_PLATFORM_C */
#endif /* POLARSSL_SELF_TEST && POLARSSL_AES_C */ #endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */
/* Implementation that should never be optimized out by the compiler */ /* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) { static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0; volatile unsigned char *p = v; while( n-- ) *p++ = 0;
} }
@ -61,28 +61,28 @@ static void polarssl_zeroize( void *v, size_t n ) {
/* /*
* Initialize context * Initialize context
*/ */
int ccm_init( ccm_context *ctx, cipher_id_t cipher, int mbedtls_ccm_init( mbedtls_ccm_context *ctx, mbedtls_cipher_id_t cipher,
const unsigned char *key, unsigned int keysize ) const unsigned char *key, unsigned int keysize )
{ {
int ret; int ret;
const cipher_info_t *cipher_info; const mbedtls_cipher_info_t *cipher_info;
memset( ctx, 0, sizeof( ccm_context ) ); memset( ctx, 0, sizeof( mbedtls_ccm_context ) );
cipher_init( &ctx->cipher_ctx ); mbedtls_cipher_init( &ctx->cipher_ctx );
cipher_info = cipher_info_from_values( cipher, keysize, POLARSSL_MODE_ECB ); cipher_info = mbedtls_cipher_info_from_values( cipher, keysize, MBEDTLS_MODE_ECB );
if( cipher_info == NULL ) if( cipher_info == NULL )
return( POLARSSL_ERR_CCM_BAD_INPUT ); return( MBEDTLS_ERR_CCM_BAD_INPUT );
if( cipher_info->block_size != 16 ) if( cipher_info->block_size != 16 )
return( POLARSSL_ERR_CCM_BAD_INPUT ); return( MBEDTLS_ERR_CCM_BAD_INPUT );
if( ( ret = cipher_init_ctx( &ctx->cipher_ctx, cipher_info ) ) != 0 ) if( ( ret = mbedtls_cipher_init_ctx( &ctx->cipher_ctx, cipher_info ) ) != 0 )
return( ret ); return( ret );
if( ( ret = cipher_setkey( &ctx->cipher_ctx, key, keysize, if( ( ret = mbedtls_cipher_setkey( &ctx->cipher_ctx, key, keysize,
POLARSSL_ENCRYPT ) ) != 0 ) MBEDTLS_ENCRYPT ) ) != 0 )
{ {
return( ret ); return( ret );
} }
@ -93,10 +93,10 @@ int ccm_init( ccm_context *ctx, cipher_id_t cipher,
/* /*
* Free context * Free context
*/ */
void ccm_free( ccm_context *ctx ) void mbedtls_ccm_free( mbedtls_ccm_context *ctx )
{ {
cipher_free( &ctx->cipher_ctx ); mbedtls_cipher_free( &ctx->cipher_ctx );
polarssl_zeroize( ctx, sizeof( ccm_context ) ); mbedtls_zeroize( ctx, sizeof( mbedtls_ccm_context ) );
} }
/* /*
@ -112,7 +112,7 @@ void ccm_free( ccm_context *ctx )
for( i = 0; i < 16; i++ ) \ for( i = 0; i < 16; i++ ) \
y[i] ^= b[i]; \ y[i] ^= b[i]; \
\ \
if( ( ret = cipher_update( &ctx->cipher_ctx, y, 16, y, &olen ) ) != 0 ) \ if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, y, 16, y, &olen ) ) != 0 ) \
return( ret ); return( ret );
/* /*
@ -121,7 +121,7 @@ void ccm_free( ccm_context *ctx )
* This avoids allocating one more 16 bytes buffer while allowing src == dst. * This avoids allocating one more 16 bytes buffer while allowing src == dst.
*/ */
#define CTR_CRYPT( dst, src, len ) \ #define CTR_CRYPT( dst, src, len ) \
if( ( ret = cipher_update( &ctx->cipher_ctx, ctr, 16, b, &olen ) ) != 0 ) \ if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctr, 16, b, &olen ) ) != 0 ) \
return( ret ); \ return( ret ); \
\ \
for( i = 0; i < len; i++ ) \ for( i = 0; i < len; i++ ) \
@ -130,7 +130,7 @@ void ccm_free( ccm_context *ctx )
/* /*
* Authenticated encryption or decryption * Authenticated encryption or decryption
*/ */
static int ccm_auth_crypt( ccm_context *ctx, int mode, size_t length, static int ccm_auth_crypt( mbedtls_ccm_context *ctx, int mode, size_t length,
const unsigned char *iv, size_t iv_len, const unsigned char *iv, size_t iv_len,
const unsigned char *add, size_t add_len, const unsigned char *add, size_t add_len,
const unsigned char *input, unsigned char *output, const unsigned char *input, unsigned char *output,
@ -152,14 +152,14 @@ static int ccm_auth_crypt( ccm_context *ctx, int mode, size_t length,
* 'length' checked later (when writing it to the first block) * 'length' checked later (when writing it to the first block)
*/ */
if( tag_len < 4 || tag_len > 16 || tag_len % 2 != 0 ) if( tag_len < 4 || tag_len > 16 || tag_len % 2 != 0 )
return( POLARSSL_ERR_CCM_BAD_INPUT ); return( MBEDTLS_ERR_CCM_BAD_INPUT );
/* Also implies q is within bounds */ /* Also implies q is within bounds */
if( iv_len < 7 || iv_len > 13 ) if( iv_len < 7 || iv_len > 13 )
return( POLARSSL_ERR_CCM_BAD_INPUT ); return( MBEDTLS_ERR_CCM_BAD_INPUT );
if( add_len > 0xFF00 ) if( add_len > 0xFF00 )
return( POLARSSL_ERR_CCM_BAD_INPUT ); return( MBEDTLS_ERR_CCM_BAD_INPUT );
/* /*
* First block B_0: * First block B_0:
@ -184,7 +184,7 @@ static int ccm_auth_crypt( ccm_context *ctx, int mode, size_t length,
b[15-i] = (unsigned char)( len_left & 0xFF ); b[15-i] = (unsigned char)( len_left & 0xFF );
if( len_left > 0 ) if( len_left > 0 )
return( POLARSSL_ERR_CCM_BAD_INPUT ); return( MBEDTLS_ERR_CCM_BAD_INPUT );
/* Start CBC-MAC with first block */ /* Start CBC-MAC with first block */
@ -298,7 +298,7 @@ static int ccm_auth_crypt( ccm_context *ctx, int mode, size_t length,
/* /*
* Authenticated encryption * Authenticated encryption
*/ */
int ccm_encrypt_and_tag( ccm_context *ctx, size_t length, int mbedtls_ccm_encrypt_and_tag( mbedtls_ccm_context *ctx, size_t length,
const unsigned char *iv, size_t iv_len, const unsigned char *iv, size_t iv_len,
const unsigned char *add, size_t add_len, const unsigned char *add, size_t add_len,
const unsigned char *input, unsigned char *output, const unsigned char *input, unsigned char *output,
@ -311,7 +311,7 @@ int ccm_encrypt_and_tag( ccm_context *ctx, size_t length,
/* /*
* Authenticated decryption * Authenticated decryption
*/ */
int ccm_auth_decrypt( ccm_context *ctx, size_t length, int mbedtls_ccm_auth_decrypt( mbedtls_ccm_context *ctx, size_t length,
const unsigned char *iv, size_t iv_len, const unsigned char *iv, size_t iv_len,
const unsigned char *add, size_t add_len, const unsigned char *add, size_t add_len,
const unsigned char *input, unsigned char *output, const unsigned char *input, unsigned char *output,
@ -335,15 +335,15 @@ int ccm_auth_decrypt( ccm_context *ctx, size_t length,
if( diff != 0 ) if( diff != 0 )
{ {
polarssl_zeroize( output, length ); mbedtls_zeroize( output, length );
return( POLARSSL_ERR_CCM_AUTH_FAILED ); return( MBEDTLS_ERR_CCM_AUTH_FAILED );
} }
return( 0 ); return( 0 );
} }
#if defined(POLARSSL_SELF_TEST) && defined(POLARSSL_AES_C) #if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
/* /*
* Examples 1 to 3 from SP800-38C Appendix C * Examples 1 to 3 from SP800-38C Appendix C
*/ */
@ -391,17 +391,17 @@ static const unsigned char res[NB_TESTS][32] = {
0x48, 0x43, 0x92, 0xfb, 0xc1, 0xb0, 0x99, 0x51 } 0x48, 0x43, 0x92, 0xfb, 0xc1, 0xb0, 0x99, 0x51 }
}; };
int ccm_self_test( int verbose ) int mbedtls_ccm_self_test( int verbose )
{ {
ccm_context ctx; mbedtls_ccm_context ctx;
unsigned char out[32]; unsigned char out[32];
size_t i; size_t i;
int ret; int ret;
if( ccm_init( &ctx, POLARSSL_CIPHER_ID_AES, key, 8 * sizeof key ) != 0 ) if( mbedtls_ccm_init( &ctx, MBEDTLS_CIPHER_ID_AES, key, 8 * sizeof key ) != 0 )
{ {
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( " CCM: setup failed" ); mbedtls_printf( " CCM: setup failed" );
return( 1 ); return( 1 );
} }
@ -409,9 +409,9 @@ int ccm_self_test( int verbose )
for( i = 0; i < NB_TESTS; i++ ) for( i = 0; i < NB_TESTS; i++ )
{ {
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( " CCM-AES #%u: ", (unsigned int) i + 1 ); mbedtls_printf( " CCM-AES #%u: ", (unsigned int) i + 1 );
ret = ccm_encrypt_and_tag( &ctx, msg_len[i], ret = mbedtls_ccm_encrypt_and_tag( &ctx, msg_len[i],
iv, iv_len[i], ad, add_len[i], iv, iv_len[i], ad, add_len[i],
msg, out, msg, out,
out + msg_len[i], tag_len[i] ); out + msg_len[i], tag_len[i] );
@ -420,12 +420,12 @@ int ccm_self_test( int verbose )
memcmp( out, res[i], msg_len[i] + tag_len[i] ) != 0 ) memcmp( out, res[i], msg_len[i] + tag_len[i] ) != 0 )
{ {
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "failed\n" ); mbedtls_printf( "failed\n" );
return( 1 ); return( 1 );
} }
ret = ccm_auth_decrypt( &ctx, msg_len[i], ret = mbedtls_ccm_auth_decrypt( &ctx, msg_len[i],
iv, iv_len[i], ad, add_len[i], iv, iv_len[i], ad, add_len[i],
res[i], out, res[i], out,
res[i] + msg_len[i], tag_len[i] ); res[i] + msg_len[i], tag_len[i] );
@ -434,23 +434,23 @@ int ccm_self_test( int verbose )
memcmp( out, msg, msg_len[i] ) != 0 ) memcmp( out, msg, msg_len[i] ) != 0 )
{ {
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "failed\n" ); mbedtls_printf( "failed\n" );
return( 1 ); return( 1 );
} }
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "passed\n" ); mbedtls_printf( "passed\n" );
} }
ccm_free( &ctx ); mbedtls_ccm_free( &ctx );
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "\n" ); mbedtls_printf( "\n" );
return( 0 ); return( 0 );
} }
#endif /* POLARSSL_SELF_TEST && POLARSSL_AES_C */ #endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */
#endif /* POLARSSL_CCM_C */ #endif /* MBEDTLS_CCM_C */

166
library/certs.c
View File

@ -20,17 +20,17 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h" #include "mbedtls/config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#include "mbedtls/certs.h" #include "mbedtls/certs.h"
#if defined(POLARSSL_CERTS_C) #if defined(MBEDTLS_CERTS_C)
#if defined(POLARSSL_ECDSA_C) #if defined(MBEDTLS_ECDSA_C)
#define TEST_CA_CRT_EC \ #define TEST_CA_CRT_EC \
"-----BEGIN CERTIFICATE-----\r\n" \ "-----BEGIN CERTIFICATE-----\r\n" \
"MIICUjCCAdegAwIBAgIJAMFD4n5iQ8zoMAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT\r\n" \ "MIICUjCCAdegAwIBAgIJAMFD4n5iQ8zoMAoGCCqGSM49BAMCMD4xCzAJBgNVBAYT\r\n" \
@ -47,9 +47,9 @@
"t4d0PCu412mUC6Nnd7izvtE2MgIxAP1nnJQjZ8BWukszFQDG48wxCCyci9qpdSMv\r\n" \ "t4d0PCu412mUC6Nnd7izvtE2MgIxAP1nnJQjZ8BWukszFQDG48wxCCyci9qpdSMv\r\n" \
"uCjn8pwUOkABXK8Mss90fzCfCEOtIA==\r\n" \ "uCjn8pwUOkABXK8Mss90fzCfCEOtIA==\r\n" \
"-----END CERTIFICATE-----\r\n" "-----END CERTIFICATE-----\r\n"
const char test_ca_crt_ec[] = TEST_CA_CRT_EC; const char mbedtls_test_ca_crt_ec[] = TEST_CA_CRT_EC;
const char test_ca_key_ec[] = const char mbedtls_test_ca_key_ec[] =
"-----BEGIN EC PRIVATE KEY-----\r\n" "-----BEGIN EC PRIVATE KEY-----\r\n"
"Proc-Type: 4,ENCRYPTED\r\n" "Proc-Type: 4,ENCRYPTED\r\n"
"DEK-Info: DES-EDE3-CBC,307EAB469933D64E\r\n" "DEK-Info: DES-EDE3-CBC,307EAB469933D64E\r\n"
@ -60,9 +60,9 @@ const char test_ca_key_ec[] =
"a77x/sY1Bvii8S9/XhDTb6pTMx06wzrm\r\n" "a77x/sY1Bvii8S9/XhDTb6pTMx06wzrm\r\n"
"-----END EC PRIVATE KEY-----\r\n"; "-----END EC PRIVATE KEY-----\r\n";
const char test_ca_pwd_ec[] = "PolarSSLTest"; const char mbedtls_test_ca_pwd_ec[] = "PolarSSLTest";
const char test_srv_crt_ec[] = const char mbedtls_test_srv_crt_ec[] =
"-----BEGIN CERTIFICATE-----\r\n" "-----BEGIN CERTIFICATE-----\r\n"
"MIICHzCCAaWgAwIBAgIBCTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G\r\n" "MIICHzCCAaWgAwIBAgIBCTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G\r\n"
"A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN\r\n" "A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN\r\n"
@ -78,14 +78,14 @@ const char test_srv_crt_ec[] =
"fGa5kHvHARBPc8YAIVIqDvHH1Q==\r\n" "fGa5kHvHARBPc8YAIVIqDvHH1Q==\r\n"
"-----END CERTIFICATE-----\r\n"; "-----END CERTIFICATE-----\r\n";
const char test_srv_key_ec[] = const char mbedtls_test_srv_key_ec[] =
"-----BEGIN EC PRIVATE KEY-----\r\n" "-----BEGIN EC PRIVATE KEY-----\r\n"
"MHcCAQEEIPEqEyB2AnCoPL/9U/YDHvdqXYbIogTywwyp6/UfDw6noAoGCCqGSM49\r\n" "MHcCAQEEIPEqEyB2AnCoPL/9U/YDHvdqXYbIogTywwyp6/UfDw6noAoGCCqGSM49\r\n"
"AwEHoUQDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO5QDYIxH/\r\n" "AwEHoUQDQgAEN8xW2XYJHlpyPsdZLf8gbu58+QaRdNCtFLX3aCJZYpJO5QDYIxH/\r\n"
"6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/w==\r\n" "6i/SNF1dFr2KiMJrdw1VzYoqDvoByLTt/w==\r\n"
"-----END EC PRIVATE KEY-----\r\n"; "-----END EC PRIVATE KEY-----\r\n";
const char test_cli_crt_ec[] = const char mbedtls_test_cli_crt_ec[] =
"-----BEGIN CERTIFICATE-----\r\n" "-----BEGIN CERTIFICATE-----\r\n"
"MIICLDCCAbKgAwIBAgIBDTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G\r\n" "MIICLDCCAbKgAwIBAgIBDTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G\r\n"
"A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN\r\n" "A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN\r\n"
@ -101,25 +101,25 @@ const char test_cli_crt_ec[] =
"LwjQje5PDGHfd3h9tP38Qknu5bJqws0md2KOKHyeV0U=\r\n" "LwjQje5PDGHfd3h9tP38Qknu5bJqws0md2KOKHyeV0U=\r\n"
"-----END CERTIFICATE-----\r\n"; "-----END CERTIFICATE-----\r\n";
const char test_cli_key_ec[] = const char mbedtls_test_cli_key_ec[] =
"-----BEGIN EC PRIVATE KEY-----\r\n" "-----BEGIN EC PRIVATE KEY-----\r\n"
"MHcCAQEEIPb3hmTxZ3/mZI3vyk7p3U3wBf+WIop6hDhkFzJhmLcqoAoGCCqGSM49\r\n" "MHcCAQEEIPb3hmTxZ3/mZI3vyk7p3U3wBf+WIop6hDhkFzJhmLcqoAoGCCqGSM49\r\n"
"AwEHoUQDQgAEV+WusXPf06y7k7iB/xKu7uZTrM5VU/Y0Dswu42MlC9+Y4vNcYDaW\r\n" "AwEHoUQDQgAEV+WusXPf06y7k7iB/xKu7uZTrM5VU/Y0Dswu42MlC9+Y4vNcYDaW\r\n"
"wNUYFHDlf5/VS0UY5bBs1Vz4lo+HcKPkxw==\r\n" "wNUYFHDlf5/VS0UY5bBs1Vz4lo+HcKPkxw==\r\n"
"-----END EC PRIVATE KEY-----\r\n"; "-----END EC PRIVATE KEY-----\r\n";
const size_t test_ca_crt_ec_len = sizeof( test_ca_crt_ec ); const size_t mbedtls_test_ca_crt_ec_len = sizeof( mbedtls_test_ca_crt_ec );
const size_t test_ca_key_ec_len = sizeof( test_ca_key_ec ); const size_t mbedtls_test_ca_key_ec_len = sizeof( mbedtls_test_ca_key_ec );
const size_t test_ca_pwd_ec_len = sizeof( test_ca_pwd_ec ) - 1; const size_t mbedtls_test_ca_pwd_ec_len = sizeof( mbedtls_test_ca_pwd_ec ) - 1;
const size_t test_srv_crt_ec_len = sizeof( test_srv_crt_ec ); const size_t mbedtls_test_srv_crt_ec_len = sizeof( mbedtls_test_srv_crt_ec );
const size_t test_srv_key_ec_len = sizeof( test_srv_key_ec ); const size_t mbedtls_test_srv_key_ec_len = sizeof( mbedtls_test_srv_key_ec );
const size_t test_cli_crt_ec_len = sizeof( test_cli_crt_ec ); const size_t mbedtls_test_cli_crt_ec_len = sizeof( mbedtls_test_cli_crt_ec );
const size_t test_cli_key_ec_len = sizeof( test_cli_key_ec ); const size_t mbedtls_test_cli_key_ec_len = sizeof( mbedtls_test_cli_key_ec );
#else #else
#define TEST_CA_CRT_EC #define TEST_CA_CRT_EC
#endif /* POLARSSL_ECDSA_C */ #endif /* MBEDTLS_ECDSA_C */
#if defined(POLARSSL_RSA_C) #if defined(MBEDTLS_RSA_C)
#define TEST_CA_CRT_RSA \ #define TEST_CA_CRT_RSA \
"-----BEGIN CERTIFICATE-----\r\n" \ "-----BEGIN CERTIFICATE-----\r\n" \
"MIIDhzCCAm+gAwIBAgIBADANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER\r\n" \ "MIIDhzCCAm+gAwIBAgIBADANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER\r\n" \
@ -142,9 +142,9 @@ const size_t test_cli_key_ec_len = sizeof( test_cli_key_ec );
"m/UTSLBNFNHesiTZeH31NcxYGdHSme9Nc/gfidRa0FLOCfWxRlFqAI47zG9jAQCZ\r\n" \ "m/UTSLBNFNHesiTZeH31NcxYGdHSme9Nc/gfidRa0FLOCfWxRlFqAI47zG9jAQCZ\r\n" \
"7Z2mCGDNMhjQc+BYcdnl0lPXjdDK6V0qCg1dVewhUBcW5gZKzV7e9+DpVA==\r\n" \ "7Z2mCGDNMhjQc+BYcdnl0lPXjdDK6V0qCg1dVewhUBcW5gZKzV7e9+DpVA==\r\n" \
"-----END CERTIFICATE-----\r\n" "-----END CERTIFICATE-----\r\n"
const char test_ca_crt_rsa[] = TEST_CA_CRT_RSA; const char mbedtls_test_ca_crt_rsa[] = TEST_CA_CRT_RSA;
const char test_ca_key_rsa[] = const char mbedtls_test_ca_key_rsa[] =
"-----BEGIN RSA PRIVATE KEY-----\r\n" "-----BEGIN RSA PRIVATE KEY-----\r\n"
"Proc-Type: 4,ENCRYPTED\r\n" "Proc-Type: 4,ENCRYPTED\r\n"
"DEK-Info: DES-EDE3-CBC,A8A95B05D5B7206B\r\n" "DEK-Info: DES-EDE3-CBC,A8A95B05D5B7206B\r\n"
@ -176,9 +176,9 @@ const char test_ca_key_rsa[] =
"P/eQiddSf0brnpiLJRh7qZrl9XuqYdpUqnoEdMAfotDOID8OtV7gt8a48ad8VPW2\r\n" "P/eQiddSf0brnpiLJRh7qZrl9XuqYdpUqnoEdMAfotDOID8OtV7gt8a48ad8VPW2\r\n"
"-----END RSA PRIVATE KEY-----\r\n"; "-----END RSA PRIVATE KEY-----\r\n";
const char test_ca_pwd_rsa[] = "PolarSSLTest"; const char mbedtls_test_ca_pwd_rsa[] = "PolarSSLTest";
const char test_srv_crt_rsa[] = const char mbedtls_test_srv_crt_rsa[] =
"-----BEGIN CERTIFICATE-----\r\n" "-----BEGIN CERTIFICATE-----\r\n"
"MIIDNzCCAh+gAwIBAgIBAjANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER\r\n" "MIIDNzCCAh+gAwIBAgIBAjANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER\r\n"
"MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n" "MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n"
@ -200,7 +200,7 @@ const char test_srv_crt_rsa[] =
"zhuYwjVuX6JHG0c=\r\n" "zhuYwjVuX6JHG0c=\r\n"
"-----END CERTIFICATE-----\r\n"; "-----END CERTIFICATE-----\r\n";
const char test_srv_key_rsa[] = const char mbedtls_test_srv_key_rsa[] =
"-----BEGIN RSA PRIVATE KEY-----\r\n" "-----BEGIN RSA PRIVATE KEY-----\r\n"
"MIIEpAIBAAKCAQEAwU2j3efNHdEE10lyuJmsDnjkOjxKzzoTFtBa5M2jAIin7h5r\r\n" "MIIEpAIBAAKCAQEAwU2j3efNHdEE10lyuJmsDnjkOjxKzzoTFtBa5M2jAIin7h5r\r\n"
"lqdStJDvLXJ6PiSa/LY0rCT1d+AmZIycsCh9odrqjObJHJa8/sEEUrM21KP64bF2\r\n" "lqdStJDvLXJ6PiSa/LY0rCT1d+AmZIycsCh9odrqjObJHJa8/sEEUrM21KP64bF2\r\n"
@ -229,7 +229,7 @@ const char test_srv_key_rsa[] =
"TB6l9VGoxJL4fyHnZb8L5gGvnB1bbD8cL6YPaDiOhcRseC9vBiEuVg==\r\n" "TB6l9VGoxJL4fyHnZb8L5gGvnB1bbD8cL6YPaDiOhcRseC9vBiEuVg==\r\n"
"-----END RSA PRIVATE KEY-----\r\n"; "-----END RSA PRIVATE KEY-----\r\n";
const char test_cli_crt_rsa[] = const char mbedtls_test_cli_crt_rsa[] =
"-----BEGIN CERTIFICATE-----\r\n" "-----BEGIN CERTIFICATE-----\r\n"
"MIIDPzCCAiegAwIBAgIBBDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER\r\n" "MIIDPzCCAiegAwIBAgIBBDANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER\r\n"
"MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n" "MA8GA1UEChMIUG9sYXJTU0wxGTAXBgNVBAMTEFBvbGFyU1NMIFRlc3QgQ0EwHhcN\r\n"
@ -251,7 +251,7 @@ const char test_cli_crt_rsa[] =
"D+stpAKiQLAWaAusIWKYEyw9MQ==\r\n" "D+stpAKiQLAWaAusIWKYEyw9MQ==\r\n"
"-----END CERTIFICATE-----\r\n"; "-----END CERTIFICATE-----\r\n";
const char test_cli_key_rsa[] = const char mbedtls_test_cli_key_rsa[] =
"-----BEGIN RSA PRIVATE KEY-----\r\n" "-----BEGIN RSA PRIVATE KEY-----\r\n"
"MIIEpAIBAAKCAQEAyHTEzLn5tXnpRdkUYLB9u5Pyax6fM60Nj4o8VmXl3ETZzGaF\r\n" "MIIEpAIBAAKCAQEAyHTEzLn5tXnpRdkUYLB9u5Pyax6fM60Nj4o8VmXl3ETZzGaF\r\n"
"B9X4J7BKNdBjngpuG7fa8H6r7gwQk4ZJGDTzqCrSV/Uu1C93KYRhTYJQj6eVSHD1\r\n" "B9X4J7BKNdBjngpuG7fa8H6r7gwQk4ZJGDTzqCrSV/Uu1C93KYRhTYJQj6eVSHD1\r\n"
@ -280,83 +280,83 @@ const char test_cli_key_rsa[] =
"8u4ytY0F+Vlanj5lm3TaoHSVF1+NWPyOTiwevIECGKwSxvlki4fDAA==\r\n" "8u4ytY0F+Vlanj5lm3TaoHSVF1+NWPyOTiwevIECGKwSxvlki4fDAA==\r\n"
"-----END RSA PRIVATE KEY-----\r\n"; "-----END RSA PRIVATE KEY-----\r\n";
const size_t test_ca_crt_rsa_len = sizeof( test_ca_crt_rsa ); const size_t mbedtls_test_ca_crt_rsa_len = sizeof( mbedtls_test_ca_crt_rsa );
const size_t test_ca_key_rsa_len = sizeof( test_ca_key_rsa ); const size_t mbedtls_test_ca_key_rsa_len = sizeof( mbedtls_test_ca_key_rsa );
const size_t test_ca_pwd_rsa_len = sizeof( test_ca_pwd_rsa ) - 1; const size_t mbedtls_test_ca_pwd_rsa_len = sizeof( mbedtls_test_ca_pwd_rsa ) - 1;
const size_t test_srv_crt_rsa_len = sizeof( test_srv_crt_rsa ); const size_t mbedtls_test_srv_crt_rsa_len = sizeof( mbedtls_test_srv_crt_rsa );
const size_t test_srv_key_rsa_len = sizeof( test_srv_key_rsa ); const size_t mbedtls_test_srv_key_rsa_len = sizeof( mbedtls_test_srv_key_rsa );
const size_t test_cli_crt_rsa_len = sizeof( test_cli_crt_rsa ); const size_t mbedtls_test_cli_crt_rsa_len = sizeof( mbedtls_test_cli_crt_rsa );
const size_t test_cli_key_rsa_len = sizeof( test_cli_key_rsa ); const size_t mbedtls_test_cli_key_rsa_len = sizeof( mbedtls_test_cli_key_rsa );
#else #else
#define TEST_CA_CRT_RSA #define TEST_CA_CRT_RSA
#endif /* POLARSSL_RSA_C */ #endif /* MBEDTLS_RSA_C */
#if defined(POLARSSL_DHM_C) #if defined(MBEDTLS_DHM_C)
const char test_dhm_params[] = const char mbedtls_test_dhm_params[] =
"-----BEGIN DH PARAMETERS-----\r\n" "-----BEGIN DH PARAMETERS-----\r\n"
"MIGHAoGBAJ419DBEOgmQTzo5qXl5fQcN9TN455wkOL7052HzxxRVMyhYmwQcgJvh\r\n" "MIGHAoGBAJ419DBEOgmQTzo5qXl5fQcN9TN455wkOL7052HzxxRVMyhYmwQcgJvh\r\n"
"1sa18fyfR9OiVEMYglOpkqVoGLN7qd5aQNNi5W7/C+VBdHTBJcGZJyyP5B3qcz32\r\n" "1sa18fyfR9OiVEMYglOpkqVoGLN7qd5aQNNi5W7/C+VBdHTBJcGZJyyP5B3qcz32\r\n"
"9mLJKudlVudV0Qxk5qUJaPZ/xupz0NyoVpviuiBOI1gNi8ovSXWzAgEC\r\n" "9mLJKudlVudV0Qxk5qUJaPZ/xupz0NyoVpviuiBOI1gNi8ovSXWzAgEC\r\n"
"-----END DH PARAMETERS-----\r\n"; "-----END DH PARAMETERS-----\r\n";
const size_t test_dhm_params_len = sizeof( test_dhm_params ); const size_t mbedtls_test_dhm_params_len = sizeof( mbedtls_test_dhm_params );
#endif #endif
#if defined(POLARSSL_PEM_PARSE_C) #if defined(MBEDTLS_PEM_PARSE_C)
/* Concatenation of all available CA certificates */ /* Concatenation of all available CA certificates */
const char test_cas_pem[] = TEST_CA_CRT_RSA TEST_CA_CRT_EC; const char mbedtls_test_cas_pem[] = TEST_CA_CRT_RSA TEST_CA_CRT_EC;
const size_t test_cas_pem_len = sizeof( test_cas_pem ); const size_t mbedtls_test_cas_pem_len = sizeof( mbedtls_test_cas_pem );
#endif #endif
/* List of all available CA certificates */ /* List of all available CA certificates */
const char * test_cas[] = { const char * mbedtls_test_cas[] = {
#if defined(POLARSSL_RSA_C) #if defined(MBEDTLS_RSA_C)
test_ca_crt_rsa, mbedtls_test_ca_crt_rsa,
#endif #endif
#if defined(POLARSSL_ECDSA_C) #if defined(MBEDTLS_ECDSA_C)
test_ca_crt_ec, mbedtls_test_ca_crt_ec,
#endif #endif
NULL NULL
}; };
const size_t test_cas_len[] = { const size_t mbedtls_test_cas_len[] = {
#if defined(POLARSSL_RSA_C) #if defined(MBEDTLS_RSA_C)
sizeof( test_ca_crt_rsa_len ), sizeof( mbedtls_test_ca_crt_rsa_len ),
#endif #endif
#if defined(POLARSSL_ECDSA_C) #if defined(MBEDTLS_ECDSA_C)
sizeof( test_ca_crt_ec_len ), sizeof( mbedtls_test_ca_crt_ec_len ),
#endif #endif
0 0
}; };
#if defined(POLARSSL_RSA_C) #if defined(MBEDTLS_RSA_C)
const char *test_ca_crt = test_ca_crt_rsa; const char *mbedtls_test_ca_crt = mbedtls_test_ca_crt_rsa;
const char *test_ca_key = test_ca_key_rsa; const char *mbedtls_test_ca_key = mbedtls_test_ca_key_rsa;
const char *test_ca_pwd = test_ca_pwd_rsa; const char *mbedtls_test_ca_pwd = mbedtls_test_ca_pwd_rsa;
const char *test_srv_crt = test_srv_crt_rsa; const char *mbedtls_test_srv_crt = mbedtls_test_srv_crt_rsa;
const char *test_srv_key = test_srv_key_rsa; const char *mbedtls_test_srv_key = mbedtls_test_srv_key_rsa;
const char *test_cli_crt = test_cli_crt_rsa; const char *mbedtls_test_cli_crt = mbedtls_test_cli_crt_rsa;
const char *test_cli_key = test_cli_key_rsa; const char *mbedtls_test_cli_key = mbedtls_test_cli_key_rsa;
const size_t test_ca_crt_len = sizeof( test_ca_crt_rsa ); const size_t mbedtls_test_ca_crt_len = sizeof( mbedtls_test_ca_crt_rsa );
const size_t test_ca_key_len = sizeof( test_ca_key_rsa ); const size_t mbedtls_test_ca_key_len = sizeof( mbedtls_test_ca_key_rsa );
const size_t test_ca_pwd_len = sizeof( test_ca_pwd_rsa ) - 1; const size_t mbedtls_test_ca_pwd_len = sizeof( mbedtls_test_ca_pwd_rsa ) - 1;
const size_t test_srv_crt_len = sizeof( test_srv_crt_rsa ); const size_t mbedtls_test_srv_crt_len = sizeof( mbedtls_test_srv_crt_rsa );
const size_t test_srv_key_len = sizeof( test_srv_key_rsa ); const size_t mbedtls_test_srv_key_len = sizeof( mbedtls_test_srv_key_rsa );
const size_t test_cli_crt_len = sizeof( test_cli_crt_rsa ); const size_t mbedtls_test_cli_crt_len = sizeof( mbedtls_test_cli_crt_rsa );
const size_t test_cli_key_len = sizeof( test_cli_key_rsa ); const size_t mbedtls_test_cli_key_len = sizeof( mbedtls_test_cli_key_rsa );
#else /* ! POLARSSL_RSA_C, so POLARSSL_ECDSA_C */ #else /* ! MBEDTLS_RSA_C, so MBEDTLS_ECDSA_C */
const char *test_ca_crt = test_ca_crt_ec; const char *mbedtls_test_ca_crt = mbedtls_test_ca_crt_ec;
const char *test_ca_key = test_ca_key_ec; const char *mbedtls_test_ca_key = mbedtls_test_ca_key_ec;
const char *test_ca_pwd = test_ca_pwd_ec; const char *mbedtls_test_ca_pwd = mbedtls_test_ca_pwd_ec;
const char *test_srv_crt = test_srv_crt_ec; const char *mbedtls_test_srv_crt = mbedtls_test_srv_crt_ec;
const char *test_srv_key = test_srv_key_ec; const char *mbedtls_test_srv_key = mbedtls_test_srv_key_ec;
const char *test_cli_crt = test_cli_crt_ec; const char *mbedtls_test_cli_crt = mbedtls_test_cli_crt_ec;
const char *test_cli_key = test_cli_key_ec; const char *mbedtls_test_cli_key = mbedtls_test_cli_key_ec;
const size_t test_ca_crt_len = sizeof( test_ca_crt_ec ); const size_t mbedtls_test_ca_crt_len = sizeof( mbedtls_test_ca_crt_ec );
const size_t test_ca_key_len = sizeof( test_ca_key_ec ); const size_t mbedtls_test_ca_key_len = sizeof( mbedtls_test_ca_key_ec );
const size_t test_ca_pwd_len = sizeof( test_ca_pwd_ec ) - 1; const size_t mbedtls_test_ca_pwd_len = sizeof( mbedtls_test_ca_pwd_ec ) - 1;
const size_t test_srv_crt_len = sizeof( test_srv_crt_ec ); const size_t mbedtls_test_srv_crt_len = sizeof( mbedtls_test_srv_crt_ec );
const size_t test_srv_key_len = sizeof( test_srv_key_ec ); const size_t mbedtls_test_srv_key_len = sizeof( mbedtls_test_srv_key_ec );
const size_t test_cli_crt_len = sizeof( test_cli_crt_ec ); const size_t mbedtls_test_cli_crt_len = sizeof( mbedtls_test_cli_crt_ec );
const size_t test_cli_key_len = sizeof( test_cli_key_ec ); const size_t mbedtls_test_cli_key_len = sizeof( mbedtls_test_cli_key_ec );
#endif /* POLARSSL_RSA_C */ #endif /* MBEDTLS_RSA_C */
#endif /* POLARSSL_CERTS_C */ #endif /* MBEDTLS_CERTS_C */

392
library/cipher.c
View File

@ -24,13 +24,13 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h" #include "mbedtls/config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#if defined(POLARSSL_CIPHER_C) #if defined(MBEDTLS_CIPHER_C)
#include "mbedtls/cipher.h" #include "mbedtls/cipher.h"
#include "mbedtls/cipher_wrap.h" #include "mbedtls/cipher_wrap.h"
@ -38,16 +38,16 @@
#include <stdlib.h> #include <stdlib.h>
#include <string.h> #include <string.h>
#if defined(POLARSSL_GCM_C) #if defined(MBEDTLS_GCM_C)
#include "mbedtls/gcm.h" #include "mbedtls/gcm.h"
#endif #endif
#if defined(POLARSSL_CCM_C) #if defined(MBEDTLS_CCM_C)
#include "mbedtls/ccm.h" #include "mbedtls/ccm.h"
#endif #endif
#if defined(POLARSSL_ARC4_C) || defined(POLARSSL_CIPHER_NULL_CIPHER) #if defined(MBEDTLS_ARC4_C) || defined(MBEDTLS_CIPHER_NULL_CIPHER)
#define POLARSSL_CIPHER_MODE_STREAM #define MBEDTLS_CIPHER_MODE_STREAM
#endif #endif
#if defined(_MSC_VER) && !defined strcasecmp && !defined(EFIX64) && \ #if defined(_MSC_VER) && !defined strcasecmp && !defined(EFIX64) && \
@ -56,21 +56,21 @@
#endif #endif
/* Implementation that should never be optimized out by the compiler */ /* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) { static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0; volatile unsigned char *p = v; while( n-- ) *p++ = 0;
} }
static int supported_init = 0; static int supported_init = 0;
const int *cipher_list( void ) const int *mbedtls_cipher_list( void )
{ {
const cipher_definition_t *def; const mbedtls_cipher_definition_t *def;
int *type; int *type;
if( ! supported_init ) if( ! supported_init )
{ {
def = cipher_definitions; def = mbedtls_cipher_definitions;
type = supported_ciphers; type = mbedtls_cipher_supported;
while( def->type != 0 ) while( def->type != 0 )
*type++ = (*def++).type; *type++ = (*def++).type;
@ -80,41 +80,41 @@ const int *cipher_list( void )
supported_init = 1; supported_init = 1;
} }
return( supported_ciphers ); return( mbedtls_cipher_supported );
} }
const cipher_info_t *cipher_info_from_type( const cipher_type_t cipher_type ) const mbedtls_cipher_info_t *mbedtls_cipher_info_from_type( const mbedtls_cipher_type_t cipher_type )
{ {
const cipher_definition_t *def; const mbedtls_cipher_definition_t *def;
for( def = cipher_definitions; def->info != NULL; def++ ) for( def = mbedtls_cipher_definitions; def->info != NULL; def++ )
if( def->type == cipher_type ) if( def->type == cipher_type )
return( def->info ); return( def->info );
return( NULL ); return( NULL );
} }
const cipher_info_t *cipher_info_from_string( const char *cipher_name ) const mbedtls_cipher_info_t *mbedtls_cipher_info_from_string( const char *cipher_name )
{ {
const cipher_definition_t *def; const mbedtls_cipher_definition_t *def;
if( NULL == cipher_name ) if( NULL == cipher_name )
return( NULL ); return( NULL );
for( def = cipher_definitions; def->info != NULL; def++ ) for( def = mbedtls_cipher_definitions; def->info != NULL; def++ )
if( ! strcasecmp( def->info->name, cipher_name ) ) if( ! strcasecmp( def->info->name, cipher_name ) )
return( def->info ); return( def->info );
return( NULL ); return( NULL );
} }
const cipher_info_t *cipher_info_from_values( const cipher_id_t cipher_id, const mbedtls_cipher_info_t *mbedtls_cipher_info_from_values( const mbedtls_cipher_id_t cipher_id,
int key_length, int key_length,
const cipher_mode_t mode ) const mbedtls_cipher_mode_t mode )
{ {
const cipher_definition_t *def; const mbedtls_cipher_definition_t *def;
for( def = cipher_definitions; def->info != NULL; def++ ) for( def = mbedtls_cipher_definitions; def->info != NULL; def++ )
if( def->info->base->cipher == cipher_id && if( def->info->base->cipher == cipher_id &&
def->info->key_length == (unsigned) key_length && def->info->key_length == (unsigned) key_length &&
def->info->mode == mode ) def->info->mode == mode )
@ -123,12 +123,12 @@ const cipher_info_t *cipher_info_from_values( const cipher_id_t cipher_id,
return( NULL ); return( NULL );
} }
void cipher_init( cipher_context_t *ctx ) void mbedtls_cipher_init( mbedtls_cipher_context_t *ctx )
{ {
memset( ctx, 0, sizeof( cipher_context_t ) ); memset( ctx, 0, sizeof( mbedtls_cipher_context_t ) );
} }
void cipher_free( cipher_context_t *ctx ) void mbedtls_cipher_free( mbedtls_cipher_context_t *ctx )
{ {
if( ctx == NULL ) if( ctx == NULL )
return; return;
@ -136,45 +136,45 @@ void cipher_free( cipher_context_t *ctx )
if( ctx->cipher_ctx ) if( ctx->cipher_ctx )
ctx->cipher_info->base->ctx_free_func( ctx->cipher_ctx ); ctx->cipher_info->base->ctx_free_func( ctx->cipher_ctx );
polarssl_zeroize( ctx, sizeof(cipher_context_t) ); mbedtls_zeroize( ctx, sizeof(mbedtls_cipher_context_t) );
} }
int cipher_init_ctx( cipher_context_t *ctx, const cipher_info_t *cipher_info ) int mbedtls_cipher_init_ctx( mbedtls_cipher_context_t *ctx, const mbedtls_cipher_info_t *cipher_info )
{ {
if( NULL == cipher_info || NULL == ctx ) if( NULL == cipher_info || NULL == ctx )
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
memset( ctx, 0, sizeof( cipher_context_t ) ); memset( ctx, 0, sizeof( mbedtls_cipher_context_t ) );
if( NULL == ( ctx->cipher_ctx = cipher_info->base->ctx_alloc_func() ) ) if( NULL == ( ctx->cipher_ctx = cipher_info->base->ctx_alloc_func() ) )
return( POLARSSL_ERR_CIPHER_ALLOC_FAILED ); return( MBEDTLS_ERR_CIPHER_ALLOC_FAILED );
ctx->cipher_info = cipher_info; ctx->cipher_info = cipher_info;
#if defined(POLARSSL_CIPHER_MODE_WITH_PADDING) #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
/* /*
* Ignore possible errors caused by a cipher mode that doesn't use padding * Ignore possible errors caused by a cipher mode that doesn't use padding
*/ */
#if defined(POLARSSL_CIPHER_PADDING_PKCS7) #if defined(MBEDTLS_CIPHER_PADDING_PKCS7)
(void) cipher_set_padding_mode( ctx, POLARSSL_PADDING_PKCS7 ); (void) mbedtls_cipher_set_padding_mode( ctx, MBEDTLS_PADDING_PKCS7 );
#else #else
(void) cipher_set_padding_mode( ctx, POLARSSL_PADDING_NONE ); (void) mbedtls_cipher_set_padding_mode( ctx, MBEDTLS_PADDING_NONE );
#endif #endif
#endif /* POLARSSL_CIPHER_MODE_WITH_PADDING */ #endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
return( 0 ); return( 0 );
} }
int cipher_setkey( cipher_context_t *ctx, const unsigned char *key, int mbedtls_cipher_setkey( mbedtls_cipher_context_t *ctx, const unsigned char *key,
int key_length, const operation_t operation ) int key_length, const mbedtls_operation_t operation )
{ {
if( NULL == ctx || NULL == ctx->cipher_info ) if( NULL == ctx || NULL == ctx->cipher_info )
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
if( ( ctx->cipher_info->flags & POLARSSL_CIPHER_VARIABLE_KEY_LEN ) == 0 && if( ( ctx->cipher_info->flags & MBEDTLS_CIPHER_VARIABLE_KEY_LEN ) == 0 &&
(int) ctx->cipher_info->key_length != key_length ) (int) ctx->cipher_info->key_length != key_length )
{ {
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
} }
ctx->key_length = key_length; ctx->key_length = key_length;
@ -183,34 +183,34 @@ int cipher_setkey( cipher_context_t *ctx, const unsigned char *key,
/* /*
* For CFB and CTR mode always use the encryption key schedule * For CFB and CTR mode always use the encryption key schedule
*/ */
if( POLARSSL_ENCRYPT == operation || if( MBEDTLS_ENCRYPT == operation ||
POLARSSL_MODE_CFB == ctx->cipher_info->mode || MBEDTLS_MODE_CFB == ctx->cipher_info->mode ||
POLARSSL_MODE_CTR == ctx->cipher_info->mode ) MBEDTLS_MODE_CTR == ctx->cipher_info->mode )
{ {
return ctx->cipher_info->base->setkey_enc_func( ctx->cipher_ctx, key, return ctx->cipher_info->base->setkey_enc_func( ctx->cipher_ctx, key,
ctx->key_length ); ctx->key_length );
} }
if( POLARSSL_DECRYPT == operation ) if( MBEDTLS_DECRYPT == operation )
return ctx->cipher_info->base->setkey_dec_func( ctx->cipher_ctx, key, return ctx->cipher_info->base->setkey_dec_func( ctx->cipher_ctx, key,
ctx->key_length ); ctx->key_length );
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
} }
int cipher_set_iv( cipher_context_t *ctx, int mbedtls_cipher_set_iv( mbedtls_cipher_context_t *ctx,
const unsigned char *iv, size_t iv_len ) const unsigned char *iv, size_t iv_len )
{ {
size_t actual_iv_size; size_t actual_iv_size;
if( NULL == ctx || NULL == ctx->cipher_info || NULL == iv ) if( NULL == ctx || NULL == ctx->cipher_info || NULL == iv )
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
/* avoid buffer overflow in ctx->iv */ /* avoid buffer overflow in ctx->iv */
if( iv_len > POLARSSL_MAX_IV_LENGTH ) if( iv_len > MBEDTLS_MAX_IV_LENGTH )
return( POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE ); return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
if( ( ctx->cipher_info->flags & POLARSSL_CIPHER_VARIABLE_IV_LEN ) != 0 ) if( ( ctx->cipher_info->flags & MBEDTLS_CIPHER_VARIABLE_IV_LEN ) != 0 )
actual_iv_size = iv_len; actual_iv_size = iv_len;
else else
{ {
@ -218,7 +218,7 @@ int cipher_set_iv( cipher_context_t *ctx,
/* avoid reading past the end of input buffer */ /* avoid reading past the end of input buffer */
if( actual_iv_size > iv_len ) if( actual_iv_size > iv_len )
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
} }
memcpy( ctx->iv, iv, actual_iv_size ); memcpy( ctx->iv, iv, actual_iv_size );
@ -227,49 +227,49 @@ int cipher_set_iv( cipher_context_t *ctx,
return( 0 ); return( 0 );
} }
int cipher_reset( cipher_context_t *ctx ) int mbedtls_cipher_reset( mbedtls_cipher_context_t *ctx )
{ {
if( NULL == ctx || NULL == ctx->cipher_info ) if( NULL == ctx || NULL == ctx->cipher_info )
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
ctx->unprocessed_len = 0; ctx->unprocessed_len = 0;
return( 0 ); return( 0 );
} }
#if defined(POLARSSL_GCM_C) #if defined(MBEDTLS_GCM_C)
int cipher_update_ad( cipher_context_t *ctx, int mbedtls_cipher_update_ad( mbedtls_cipher_context_t *ctx,
const unsigned char *ad, size_t ad_len ) const unsigned char *ad, size_t ad_len )
{ {
if( NULL == ctx || NULL == ctx->cipher_info ) if( NULL == ctx || NULL == ctx->cipher_info )
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
if( POLARSSL_MODE_GCM == ctx->cipher_info->mode ) if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode )
{ {
return gcm_starts( (gcm_context *) ctx->cipher_ctx, ctx->operation, return mbedtls_gcm_starts( (mbedtls_gcm_context *) ctx->cipher_ctx, ctx->operation,
ctx->iv, ctx->iv_size, ad, ad_len ); ctx->iv, ctx->iv_size, ad, ad_len );
} }
return( 0 ); return( 0 );
} }
#endif /* POLARSSL_GCM_C */ #endif /* MBEDTLS_GCM_C */
int cipher_update( cipher_context_t *ctx, const unsigned char *input, int mbedtls_cipher_update( mbedtls_cipher_context_t *ctx, const unsigned char *input,
size_t ilen, unsigned char *output, size_t *olen ) size_t ilen, unsigned char *output, size_t *olen )
{ {
int ret; int ret;
if( NULL == ctx || NULL == ctx->cipher_info || NULL == olen ) if( NULL == ctx || NULL == ctx->cipher_info || NULL == olen )
{ {
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
} }
*olen = 0; *olen = 0;
if( ctx->cipher_info->mode == POLARSSL_MODE_ECB ) if( ctx->cipher_info->mode == MBEDTLS_MODE_ECB )
{ {
if( ilen != cipher_get_block_size( ctx ) ) if( ilen != mbedtls_cipher_get_block_size( ctx ) )
return( POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED ); return( MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED );
*olen = ilen; *olen = ilen;
@ -282,33 +282,33 @@ int cipher_update( cipher_context_t *ctx, const unsigned char *input,
return( 0 ); return( 0 );
} }
#if defined(POLARSSL_GCM_C) #if defined(MBEDTLS_GCM_C)
if( ctx->cipher_info->mode == POLARSSL_MODE_GCM ) if( ctx->cipher_info->mode == MBEDTLS_MODE_GCM )
{ {
*olen = ilen; *olen = ilen;
return gcm_update( (gcm_context *) ctx->cipher_ctx, ilen, input, return mbedtls_gcm_update( (mbedtls_gcm_context *) ctx->cipher_ctx, ilen, input,
output ); output );
} }
#endif #endif
if( input == output && if( input == output &&
( ctx->unprocessed_len != 0 || ilen % cipher_get_block_size( ctx ) ) ) ( ctx->unprocessed_len != 0 || ilen % mbedtls_cipher_get_block_size( ctx ) ) )
{ {
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
} }
#if defined(POLARSSL_CIPHER_MODE_CBC) #if defined(MBEDTLS_CIPHER_MODE_CBC)
if( ctx->cipher_info->mode == POLARSSL_MODE_CBC ) if( ctx->cipher_info->mode == MBEDTLS_MODE_CBC )
{ {
size_t copy_len = 0; size_t copy_len = 0;
/* /*
* If there is not enough data for a full block, cache it. * If there is not enough data for a full block, cache it.
*/ */
if( ( ctx->operation == POLARSSL_DECRYPT && if( ( ctx->operation == MBEDTLS_DECRYPT &&
ilen + ctx->unprocessed_len <= cipher_get_block_size( ctx ) ) || ilen + ctx->unprocessed_len <= mbedtls_cipher_get_block_size( ctx ) ) ||
( ctx->operation == POLARSSL_ENCRYPT && ( ctx->operation == MBEDTLS_ENCRYPT &&
ilen + ctx->unprocessed_len < cipher_get_block_size( ctx ) ) ) ilen + ctx->unprocessed_len < mbedtls_cipher_get_block_size( ctx ) ) )
{ {
memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ), input, memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ), input,
ilen ); ilen );
@ -322,20 +322,20 @@ int cipher_update( cipher_context_t *ctx, const unsigned char *input,
*/ */
if( ctx->unprocessed_len != 0 ) if( ctx->unprocessed_len != 0 )
{ {
copy_len = cipher_get_block_size( ctx ) - ctx->unprocessed_len; copy_len = mbedtls_cipher_get_block_size( ctx ) - ctx->unprocessed_len;
memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ), input, memcpy( &( ctx->unprocessed_data[ctx->unprocessed_len] ), input,
copy_len ); copy_len );
if( 0 != ( ret = ctx->cipher_info->base->cbc_func( ctx->cipher_ctx, if( 0 != ( ret = ctx->cipher_info->base->cbc_func( ctx->cipher_ctx,
ctx->operation, cipher_get_block_size( ctx ), ctx->iv, ctx->operation, mbedtls_cipher_get_block_size( ctx ), ctx->iv,
ctx->unprocessed_data, output ) ) ) ctx->unprocessed_data, output ) ) )
{ {
return( ret ); return( ret );
} }
*olen += cipher_get_block_size( ctx ); *olen += mbedtls_cipher_get_block_size( ctx );
output += cipher_get_block_size( ctx ); output += mbedtls_cipher_get_block_size( ctx );
ctx->unprocessed_len = 0; ctx->unprocessed_len = 0;
input += copy_len; input += copy_len;
@ -347,9 +347,9 @@ int cipher_update( cipher_context_t *ctx, const unsigned char *input,
*/ */
if( 0 != ilen ) if( 0 != ilen )
{ {
copy_len = ilen % cipher_get_block_size( ctx ); copy_len = ilen % mbedtls_cipher_get_block_size( ctx );
if( copy_len == 0 && ctx->operation == POLARSSL_DECRYPT ) if( copy_len == 0 && ctx->operation == MBEDTLS_DECRYPT )
copy_len = cipher_get_block_size( ctx ); copy_len = mbedtls_cipher_get_block_size( ctx );
memcpy( ctx->unprocessed_data, &( input[ilen - copy_len] ), memcpy( ctx->unprocessed_data, &( input[ilen - copy_len] ),
copy_len ); copy_len );
@ -374,10 +374,10 @@ int cipher_update( cipher_context_t *ctx, const unsigned char *input,
return( 0 ); return( 0 );
} }
#endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* MBEDTLS_CIPHER_MODE_CBC */
#if defined(POLARSSL_CIPHER_MODE_CFB) #if defined(MBEDTLS_CIPHER_MODE_CFB)
if( ctx->cipher_info->mode == POLARSSL_MODE_CFB ) if( ctx->cipher_info->mode == MBEDTLS_MODE_CFB )
{ {
if( 0 != ( ret = ctx->cipher_info->base->cfb_func( ctx->cipher_ctx, if( 0 != ( ret = ctx->cipher_info->base->cfb_func( ctx->cipher_ctx,
ctx->operation, ilen, &ctx->unprocessed_len, ctx->iv, ctx->operation, ilen, &ctx->unprocessed_len, ctx->iv,
@ -390,10 +390,10 @@ int cipher_update( cipher_context_t *ctx, const unsigned char *input,
return( 0 ); return( 0 );
} }
#endif /* POLARSSL_CIPHER_MODE_CFB */ #endif /* MBEDTLS_CIPHER_MODE_CFB */
#if defined(POLARSSL_CIPHER_MODE_CTR) #if defined(MBEDTLS_CIPHER_MODE_CTR)
if( ctx->cipher_info->mode == POLARSSL_MODE_CTR ) if( ctx->cipher_info->mode == MBEDTLS_MODE_CTR )
{ {
if( 0 != ( ret = ctx->cipher_info->base->ctr_func( ctx->cipher_ctx, if( 0 != ( ret = ctx->cipher_info->base->ctr_func( ctx->cipher_ctx,
ilen, &ctx->unprocessed_len, ctx->iv, ilen, &ctx->unprocessed_len, ctx->iv,
@ -406,10 +406,10 @@ int cipher_update( cipher_context_t *ctx, const unsigned char *input,
return( 0 ); return( 0 );
} }
#endif /* POLARSSL_CIPHER_MODE_CTR */ #endif /* MBEDTLS_CIPHER_MODE_CTR */
#if defined(POLARSSL_CIPHER_MODE_STREAM) #if defined(MBEDTLS_CIPHER_MODE_STREAM)
if( ctx->cipher_info->mode == POLARSSL_MODE_STREAM ) if( ctx->cipher_info->mode == MBEDTLS_MODE_STREAM )
{ {
if( 0 != ( ret = ctx->cipher_info->base->stream_func( ctx->cipher_ctx, if( 0 != ( ret = ctx->cipher_info->base->stream_func( ctx->cipher_ctx,
ilen, input, output ) ) ) ilen, input, output ) ) )
@ -421,13 +421,13 @@ int cipher_update( cipher_context_t *ctx, const unsigned char *input,
return( 0 ); return( 0 );
} }
#endif /* POLARSSL_CIPHER_MODE_STREAM */ #endif /* MBEDTLS_CIPHER_MODE_STREAM */
return( POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE ); return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
} }
#if defined(POLARSSL_CIPHER_MODE_WITH_PADDING) #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
#if defined(POLARSSL_CIPHER_PADDING_PKCS7) #if defined(MBEDTLS_CIPHER_PADDING_PKCS7)
/* /*
* PKCS7 (and PKCS5) padding: fill with ll bytes, with ll = padding_len * PKCS7 (and PKCS5) padding: fill with ll bytes, with ll = padding_len
*/ */
@ -448,7 +448,7 @@ static int get_pkcs_padding( unsigned char *input, size_t input_len,
unsigned char padding_len, bad = 0; unsigned char padding_len, bad = 0;
if( NULL == input || NULL == data_len ) if( NULL == input || NULL == data_len )
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
padding_len = input[input_len - 1]; padding_len = input[input_len - 1];
*data_len = input_len - padding_len; *data_len = input_len - padding_len;
@ -463,11 +463,11 @@ static int get_pkcs_padding( unsigned char *input, size_t input_len,
for( i = 0; i < input_len; i++ ) for( i = 0; i < input_len; i++ )
bad |= ( input[i] ^ padding_len ) * ( i >= pad_idx ); bad |= ( input[i] ^ padding_len ) * ( i >= pad_idx );
return( POLARSSL_ERR_CIPHER_INVALID_PADDING * ( bad != 0 ) ); return( MBEDTLS_ERR_CIPHER_INVALID_PADDING * ( bad != 0 ) );
} }
#endif /* POLARSSL_CIPHER_PADDING_PKCS7 */ #endif /* MBEDTLS_CIPHER_PADDING_PKCS7 */
#if defined(POLARSSL_CIPHER_PADDING_ONE_AND_ZEROS) #if defined(MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS)
/* /*
* One and zeros padding: fill with 80 00 ... 00 * One and zeros padding: fill with 80 00 ... 00
*/ */
@ -489,7 +489,7 @@ static int get_one_and_zeros_padding( unsigned char *input, size_t input_len,
unsigned char done = 0, prev_done, bad; unsigned char done = 0, prev_done, bad;
if( NULL == input || NULL == data_len ) if( NULL == input || NULL == data_len )
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
bad = 0xFF; bad = 0xFF;
*data_len = 0; *data_len = 0;
@ -501,12 +501,12 @@ static int get_one_and_zeros_padding( unsigned char *input, size_t input_len,
bad &= ( input[i-1] ^ 0x80 ) | ( done == prev_done ); bad &= ( input[i-1] ^ 0x80 ) | ( done == prev_done );
} }
return( POLARSSL_ERR_CIPHER_INVALID_PADDING * ( bad != 0 ) ); return( MBEDTLS_ERR_CIPHER_INVALID_PADDING * ( bad != 0 ) );
} }
#endif /* POLARSSL_CIPHER_PADDING_ONE_AND_ZEROS */ #endif /* MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS */
#if defined(POLARSSL_CIPHER_PADDING_ZEROS_AND_LEN) #if defined(MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN)
/* /*
* Zeros and len padding: fill with 00 ... 00 ll, where ll is padding length * Zeros and len padding: fill with 00 ... 00 ll, where ll is padding length
*/ */
@ -528,7 +528,7 @@ static int get_zeros_and_len_padding( unsigned char *input, size_t input_len,
unsigned char padding_len, bad = 0; unsigned char padding_len, bad = 0;
if( NULL == input || NULL == data_len ) if( NULL == input || NULL == data_len )
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
padding_len = input[input_len - 1]; padding_len = input[input_len - 1];
*data_len = input_len - padding_len; *data_len = input_len - padding_len;
@ -542,11 +542,11 @@ static int get_zeros_and_len_padding( unsigned char *input, size_t input_len,
for( i = 0; i < input_len - 1; i++ ) for( i = 0; i < input_len - 1; i++ )
bad |= input[i] * ( i >= pad_idx ); bad |= input[i] * ( i >= pad_idx );
return( POLARSSL_ERR_CIPHER_INVALID_PADDING * ( bad != 0 ) ); return( MBEDTLS_ERR_CIPHER_INVALID_PADDING * ( bad != 0 ) );
} }
#endif /* POLARSSL_CIPHER_PADDING_ZEROS_AND_LEN */ #endif /* MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN */
#if defined(POLARSSL_CIPHER_PADDING_ZEROS) #if defined(MBEDTLS_CIPHER_PADDING_ZEROS)
/* /*
* Zero padding: fill with 00 ... 00 * Zero padding: fill with 00 ... 00
*/ */
@ -566,7 +566,7 @@ static int get_zeros_padding( unsigned char *input, size_t input_len,
unsigned char done = 0, prev_done; unsigned char done = 0, prev_done;
if( NULL == input || NULL == data_len ) if( NULL == input || NULL == data_len )
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
*data_len = 0; *data_len = 0;
for( i = input_len; i > 0; i-- ) for( i = input_len; i > 0; i-- )
@ -578,70 +578,70 @@ static int get_zeros_padding( unsigned char *input, size_t input_len,
return( 0 ); return( 0 );
} }
#endif /* POLARSSL_CIPHER_PADDING_ZEROS */ #endif /* MBEDTLS_CIPHER_PADDING_ZEROS */
/* /*
* No padding: don't pad :) * No padding: don't pad :)
* *
* There is no add_padding function (check for NULL in cipher_finish) * There is no add_padding function (check for NULL in mbedtls_cipher_finish)
* but a trivial get_padding function * but a trivial get_padding function
*/ */
static int get_no_padding( unsigned char *input, size_t input_len, static int get_no_padding( unsigned char *input, size_t input_len,
size_t *data_len ) size_t *data_len )
{ {
if( NULL == input || NULL == data_len ) if( NULL == input || NULL == data_len )
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
*data_len = input_len; *data_len = input_len;
return( 0 ); return( 0 );
} }
#endif /* POLARSSL_CIPHER_MODE_WITH_PADDING */ #endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
int cipher_finish( cipher_context_t *ctx, int mbedtls_cipher_finish( mbedtls_cipher_context_t *ctx,
unsigned char *output, size_t *olen ) unsigned char *output, size_t *olen )
{ {
if( NULL == ctx || NULL == ctx->cipher_info || NULL == olen ) if( NULL == ctx || NULL == ctx->cipher_info || NULL == olen )
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
*olen = 0; *olen = 0;
if( POLARSSL_MODE_CFB == ctx->cipher_info->mode || if( MBEDTLS_MODE_CFB == ctx->cipher_info->mode ||
POLARSSL_MODE_CTR == ctx->cipher_info->mode || MBEDTLS_MODE_CTR == ctx->cipher_info->mode ||
POLARSSL_MODE_GCM == ctx->cipher_info->mode || MBEDTLS_MODE_GCM == ctx->cipher_info->mode ||
POLARSSL_MODE_STREAM == ctx->cipher_info->mode ) MBEDTLS_MODE_STREAM == ctx->cipher_info->mode )
{ {
return( 0 ); return( 0 );
} }
if( POLARSSL_MODE_ECB == ctx->cipher_info->mode ) if( MBEDTLS_MODE_ECB == ctx->cipher_info->mode )
{ {
if( ctx->unprocessed_len != 0 ) if( ctx->unprocessed_len != 0 )
return( POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED ); return( MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED );
return( 0 ); return( 0 );
} }
#if defined(POLARSSL_CIPHER_MODE_CBC) #if defined(MBEDTLS_CIPHER_MODE_CBC)
if( POLARSSL_MODE_CBC == ctx->cipher_info->mode ) if( MBEDTLS_MODE_CBC == ctx->cipher_info->mode )
{ {
int ret = 0; int ret = 0;
if( POLARSSL_ENCRYPT == ctx->operation ) if( MBEDTLS_ENCRYPT == ctx->operation )
{ {
/* check for 'no padding' mode */ /* check for 'no padding' mode */
if( NULL == ctx->add_padding ) if( NULL == ctx->add_padding )
{ {
if( 0 != ctx->unprocessed_len ) if( 0 != ctx->unprocessed_len )
return( POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED ); return( MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED );
return( 0 ); return( 0 );
} }
ctx->add_padding( ctx->unprocessed_data, cipher_get_iv_size( ctx ), ctx->add_padding( ctx->unprocessed_data, mbedtls_cipher_get_iv_size( ctx ),
ctx->unprocessed_len ); ctx->unprocessed_len );
} }
else if( cipher_get_block_size( ctx ) != ctx->unprocessed_len ) else if( mbedtls_cipher_get_block_size( ctx ) != ctx->unprocessed_len )
{ {
/* /*
* For decrypt operations, expect a full block, * For decrypt operations, expect a full block,
@ -650,118 +650,118 @@ int cipher_finish( cipher_context_t *ctx,
if( NULL == ctx->add_padding && 0 == ctx->unprocessed_len ) if( NULL == ctx->add_padding && 0 == ctx->unprocessed_len )
return( 0 ); return( 0 );
return( POLARSSL_ERR_CIPHER_FULL_BLOCK_EXPECTED ); return( MBEDTLS_ERR_CIPHER_FULL_BLOCK_EXPECTED );
} }
/* cipher block */ /* cipher block */
if( 0 != ( ret = ctx->cipher_info->base->cbc_func( ctx->cipher_ctx, if( 0 != ( ret = ctx->cipher_info->base->cbc_func( ctx->cipher_ctx,
ctx->operation, cipher_get_block_size( ctx ), ctx->iv, ctx->operation, mbedtls_cipher_get_block_size( ctx ), ctx->iv,
ctx->unprocessed_data, output ) ) ) ctx->unprocessed_data, output ) ) )
{ {
return( ret ); return( ret );
} }
/* Set output size for decryption */ /* Set output size for decryption */
if( POLARSSL_DECRYPT == ctx->operation ) if( MBEDTLS_DECRYPT == ctx->operation )
return ctx->get_padding( output, cipher_get_block_size( ctx ), return ctx->get_padding( output, mbedtls_cipher_get_block_size( ctx ),
olen ); olen );
/* Set output size for encryption */ /* Set output size for encryption */
*olen = cipher_get_block_size( ctx ); *olen = mbedtls_cipher_get_block_size( ctx );
return( 0 ); return( 0 );
} }
#else #else
((void) output); ((void) output);
#endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* MBEDTLS_CIPHER_MODE_CBC */
return( POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE ); return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
} }
#if defined(POLARSSL_CIPHER_MODE_WITH_PADDING) #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
int cipher_set_padding_mode( cipher_context_t *ctx, cipher_padding_t mode ) int mbedtls_cipher_set_padding_mode( mbedtls_cipher_context_t *ctx, mbedtls_cipher_padding_t mode )
{ {
if( NULL == ctx || if( NULL == ctx ||
POLARSSL_MODE_CBC != ctx->cipher_info->mode ) MBEDTLS_MODE_CBC != ctx->cipher_info->mode )
{ {
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
} }
switch( mode ) switch( mode )
{ {
#if defined(POLARSSL_CIPHER_PADDING_PKCS7) #if defined(MBEDTLS_CIPHER_PADDING_PKCS7)
case POLARSSL_PADDING_PKCS7: case MBEDTLS_PADDING_PKCS7:
ctx->add_padding = add_pkcs_padding; ctx->add_padding = add_pkcs_padding;
ctx->get_padding = get_pkcs_padding; ctx->get_padding = get_pkcs_padding;
break; break;
#endif #endif
#if defined(POLARSSL_CIPHER_PADDING_ONE_AND_ZEROS) #if defined(MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS)
case POLARSSL_PADDING_ONE_AND_ZEROS: case MBEDTLS_PADDING_ONE_AND_ZEROS:
ctx->add_padding = add_one_and_zeros_padding; ctx->add_padding = add_one_and_zeros_padding;
ctx->get_padding = get_one_and_zeros_padding; ctx->get_padding = get_one_and_zeros_padding;
break; break;
#endif #endif
#if defined(POLARSSL_CIPHER_PADDING_ZEROS_AND_LEN) #if defined(MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN)
case POLARSSL_PADDING_ZEROS_AND_LEN: case MBEDTLS_PADDING_ZEROS_AND_LEN:
ctx->add_padding = add_zeros_and_len_padding; ctx->add_padding = add_zeros_and_len_padding;
ctx->get_padding = get_zeros_and_len_padding; ctx->get_padding = get_zeros_and_len_padding;
break; break;
#endif #endif
#if defined(POLARSSL_CIPHER_PADDING_ZEROS) #if defined(MBEDTLS_CIPHER_PADDING_ZEROS)
case POLARSSL_PADDING_ZEROS: case MBEDTLS_PADDING_ZEROS:
ctx->add_padding = add_zeros_padding; ctx->add_padding = add_zeros_padding;
ctx->get_padding = get_zeros_padding; ctx->get_padding = get_zeros_padding;
break; break;
#endif #endif
case POLARSSL_PADDING_NONE: case MBEDTLS_PADDING_NONE:
ctx->add_padding = NULL; ctx->add_padding = NULL;
ctx->get_padding = get_no_padding; ctx->get_padding = get_no_padding;
break; break;
default: default:
return( POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE ); return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
} }
return( 0 ); return( 0 );
} }
#endif /* POLARSSL_CIPHER_MODE_WITH_PADDING */ #endif /* MBEDTLS_CIPHER_MODE_WITH_PADDING */
#if defined(POLARSSL_GCM_C) #if defined(MBEDTLS_GCM_C)
int cipher_write_tag( cipher_context_t *ctx, int mbedtls_cipher_write_tag( mbedtls_cipher_context_t *ctx,
unsigned char *tag, size_t tag_len ) unsigned char *tag, size_t tag_len )
{ {
if( NULL == ctx || NULL == ctx->cipher_info || NULL == tag ) if( NULL == ctx || NULL == ctx->cipher_info || NULL == tag )
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
if( POLARSSL_ENCRYPT != ctx->operation ) if( MBEDTLS_ENCRYPT != ctx->operation )
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
if( POLARSSL_MODE_GCM == ctx->cipher_info->mode ) if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode )
return gcm_finish( (gcm_context *) ctx->cipher_ctx, tag, tag_len ); return mbedtls_gcm_finish( (mbedtls_gcm_context *) ctx->cipher_ctx, tag, tag_len );
return( 0 ); return( 0 );
} }
int cipher_check_tag( cipher_context_t *ctx, int mbedtls_cipher_check_tag( mbedtls_cipher_context_t *ctx,
const unsigned char *tag, size_t tag_len ) const unsigned char *tag, size_t tag_len )
{ {
int ret; int ret;
if( NULL == ctx || NULL == ctx->cipher_info || if( NULL == ctx || NULL == ctx->cipher_info ||
POLARSSL_DECRYPT != ctx->operation ) MBEDTLS_DECRYPT != ctx->operation )
{ {
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
} }
if( POLARSSL_MODE_GCM == ctx->cipher_info->mode ) if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode )
{ {
unsigned char check_tag[16]; unsigned char check_tag[16];
size_t i; size_t i;
int diff; int diff;
if( tag_len > sizeof( check_tag ) ) if( tag_len > sizeof( check_tag ) )
return( POLARSSL_ERR_CIPHER_BAD_INPUT_DATA ); return( MBEDTLS_ERR_CIPHER_BAD_INPUT_DATA );
if( 0 != ( ret = gcm_finish( (gcm_context *) ctx->cipher_ctx, if( 0 != ( ret = mbedtls_gcm_finish( (mbedtls_gcm_context *) ctx->cipher_ctx,
check_tag, tag_len ) ) ) check_tag, tag_len ) ) )
{ {
return( ret ); return( ret );
@ -772,19 +772,19 @@ int cipher_check_tag( cipher_context_t *ctx,
diff |= tag[i] ^ check_tag[i]; diff |= tag[i] ^ check_tag[i];
if( diff != 0 ) if( diff != 0 )
return( POLARSSL_ERR_CIPHER_AUTH_FAILED ); return( MBEDTLS_ERR_CIPHER_AUTH_FAILED );
return( 0 ); return( 0 );
} }
return( 0 ); return( 0 );
} }
#endif /* POLARSSL_GCM_C */ #endif /* MBEDTLS_GCM_C */
/* /*
* Packet-oriented wrapper for non-AEAD modes * Packet-oriented wrapper for non-AEAD modes
*/ */
int cipher_crypt( cipher_context_t *ctx, int mbedtls_cipher_crypt( mbedtls_cipher_context_t *ctx,
const unsigned char *iv, size_t iv_len, const unsigned char *iv, size_t iv_len,
const unsigned char *input, size_t ilen, const unsigned char *input, size_t ilen,
unsigned char *output, size_t *olen ) unsigned char *output, size_t *olen )
@ -792,16 +792,16 @@ int cipher_crypt( cipher_context_t *ctx,
int ret; int ret;
size_t finish_olen; size_t finish_olen;
if( ( ret = cipher_set_iv( ctx, iv, iv_len ) ) != 0 ) if( ( ret = mbedtls_cipher_set_iv( ctx, iv, iv_len ) ) != 0 )
return( ret ); return( ret );
if( ( ret = cipher_reset( ctx ) ) != 0 ) if( ( ret = mbedtls_cipher_reset( ctx ) ) != 0 )
return( ret ); return( ret );
if( ( ret = cipher_update( ctx, input, ilen, output, olen ) ) != 0 ) if( ( ret = mbedtls_cipher_update( ctx, input, ilen, output, olen ) ) != 0 )
return( ret ); return( ret );
if( ( ret = cipher_finish( ctx, output + *olen, &finish_olen ) ) != 0 ) if( ( ret = mbedtls_cipher_finish( ctx, output + *olen, &finish_olen ) ) != 0 )
return( ret ); return( ret );
*olen += finish_olen; *olen += finish_olen;
@ -809,84 +809,84 @@ int cipher_crypt( cipher_context_t *ctx,
return( 0 ); return( 0 );
} }
#if defined(POLARSSL_CIPHER_MODE_AEAD) #if defined(MBEDTLS_CIPHER_MODE_AEAD)
/* /*
* Packet-oriented encryption for AEAD modes * Packet-oriented encryption for AEAD modes
*/ */
int cipher_auth_encrypt( cipher_context_t *ctx, int mbedtls_cipher_auth_encrypt( mbedtls_cipher_context_t *ctx,
const unsigned char *iv, size_t iv_len, const unsigned char *iv, size_t iv_len,
const unsigned char *ad, size_t ad_len, const unsigned char *ad, size_t ad_len,
const unsigned char *input, size_t ilen, const unsigned char *input, size_t ilen,
unsigned char *output, size_t *olen, unsigned char *output, size_t *olen,
unsigned char *tag, size_t tag_len ) unsigned char *tag, size_t tag_len )
{ {
#if defined(POLARSSL_GCM_C) #if defined(MBEDTLS_GCM_C)
if( POLARSSL_MODE_GCM == ctx->cipher_info->mode ) if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode )
{ {
*olen = ilen; *olen = ilen;
return( gcm_crypt_and_tag( ctx->cipher_ctx, GCM_ENCRYPT, ilen, return( mbedtls_gcm_crypt_and_tag( ctx->cipher_ctx, MBEDTLS_GCM_ENCRYPT, ilen,
iv, iv_len, ad, ad_len, input, output, iv, iv_len, ad, ad_len, input, output,
tag_len, tag ) ); tag_len, tag ) );
} }
#endif /* POLARSSL_GCM_C */ #endif /* MBEDTLS_GCM_C */
#if defined(POLARSSL_CCM_C) #if defined(MBEDTLS_CCM_C)
if( POLARSSL_MODE_CCM == ctx->cipher_info->mode ) if( MBEDTLS_MODE_CCM == ctx->cipher_info->mode )
{ {
*olen = ilen; *olen = ilen;
return( ccm_encrypt_and_tag( ctx->cipher_ctx, ilen, return( mbedtls_ccm_encrypt_and_tag( ctx->cipher_ctx, ilen,
iv, iv_len, ad, ad_len, input, output, iv, iv_len, ad, ad_len, input, output,
tag, tag_len ) ); tag, tag_len ) );
} }
#endif /* POLARSSL_CCM_C */ #endif /* MBEDTLS_CCM_C */
return( POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE ); return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
} }
/* /*
* Packet-oriented decryption for AEAD modes * Packet-oriented decryption for AEAD modes
*/ */
int cipher_auth_decrypt( cipher_context_t *ctx, int mbedtls_cipher_auth_decrypt( mbedtls_cipher_context_t *ctx,
const unsigned char *iv, size_t iv_len, const unsigned char *iv, size_t iv_len,
const unsigned char *ad, size_t ad_len, const unsigned char *ad, size_t ad_len,
const unsigned char *input, size_t ilen, const unsigned char *input, size_t ilen,
unsigned char *output, size_t *olen, unsigned char *output, size_t *olen,
const unsigned char *tag, size_t tag_len ) const unsigned char *tag, size_t tag_len )
{ {
#if defined(POLARSSL_GCM_C) #if defined(MBEDTLS_GCM_C)
if( POLARSSL_MODE_GCM == ctx->cipher_info->mode ) if( MBEDTLS_MODE_GCM == ctx->cipher_info->mode )
{ {
int ret; int ret;
*olen = ilen; *olen = ilen;
ret = gcm_auth_decrypt( ctx->cipher_ctx, ilen, ret = mbedtls_gcm_auth_decrypt( ctx->cipher_ctx, ilen,
iv, iv_len, ad, ad_len, iv, iv_len, ad, ad_len,
tag, tag_len, input, output ); tag, tag_len, input, output );
if( ret == POLARSSL_ERR_GCM_AUTH_FAILED ) if( ret == MBEDTLS_ERR_GCM_AUTH_FAILED )
ret = POLARSSL_ERR_CIPHER_AUTH_FAILED; ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED;
return( ret ); return( ret );
} }
#endif /* POLARSSL_GCM_C */ #endif /* MBEDTLS_GCM_C */
#if defined(POLARSSL_CCM_C) #if defined(MBEDTLS_CCM_C)
if( POLARSSL_MODE_CCM == ctx->cipher_info->mode ) if( MBEDTLS_MODE_CCM == ctx->cipher_info->mode )
{ {
int ret; int ret;
*olen = ilen; *olen = ilen;
ret = ccm_auth_decrypt( ctx->cipher_ctx, ilen, ret = mbedtls_ccm_auth_decrypt( ctx->cipher_ctx, ilen,
iv, iv_len, ad, ad_len, iv, iv_len, ad, ad_len,
input, output, tag, tag_len ); input, output, tag, tag_len );
if( ret == POLARSSL_ERR_CCM_AUTH_FAILED ) if( ret == MBEDTLS_ERR_CCM_AUTH_FAILED )
ret = POLARSSL_ERR_CIPHER_AUTH_FAILED; ret = MBEDTLS_ERR_CIPHER_AUTH_FAILED;
return( ret ); return( ret );
} }
#endif /* POLARSSL_CCM_C */ #endif /* MBEDTLS_CCM_C */
return( POLARSSL_ERR_CIPHER_FEATURE_UNAVAILABLE ); return( MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE );
} }
#endif /* POLARSSL_CIPHER_MODE_AEAD */ #endif /* MBEDTLS_CIPHER_MODE_AEAD */
#endif /* POLARSSL_CIPHER_C */ #endif /* MBEDTLS_CIPHER_C */

962
library/cipher_wrap.c
View File

File diff suppressed because it is too large Load Diff

262
library/ctr_drbg.c
View File

@ -25,33 +25,33 @@
* http://csrc.nist.gov/publications/nistpubs/800-90/SP800-90revised_March2007.pdf * http://csrc.nist.gov/publications/nistpubs/800-90/SP800-90revised_March2007.pdf
*/ */
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h" #include "mbedtls/config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#if defined(POLARSSL_CTR_DRBG_C) #if defined(MBEDTLS_CTR_DRBG_C)
#include "mbedtls/ctr_drbg.h" #include "mbedtls/ctr_drbg.h"
#include <string.h> #include <string.h>
#if defined(POLARSSL_FS_IO) #if defined(MBEDTLS_FS_IO)
#include <stdio.h> #include <stdio.h>
#endif #endif
#if defined(POLARSSL_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
#if defined(POLARSSL_PLATFORM_C) #if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h" #include "mbedtls/platform.h"
#else #else
#include <stdio.h> #include <stdio.h>
#define polarssl_printf printf #define mbedtls_printf printf
#endif /* POLARSSL_PLATFORM_C */ #endif /* MBEDTLS_PLATFORM_C */
#endif /* POLARSSL_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */
/* Implementation that should never be optimized out by the compiler */ /* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) { static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0; volatile unsigned char *p = v; while( n-- ) *p++ = 0;
} }
@ -59,8 +59,8 @@ static void polarssl_zeroize( void *v, size_t n ) {
* Non-public function wrapped by ctr_crbg_init(). Necessary to allow NIST * Non-public function wrapped by ctr_crbg_init(). Necessary to allow NIST
* tests to succeed (which require known length fixed entropy) * tests to succeed (which require known length fixed entropy)
*/ */
int ctr_drbg_init_entropy_len( int mbedtls_ctr_drbg_init_entropy_len(
ctr_drbg_context *ctx, mbedtls_ctr_drbg_context *ctx,
int (*f_entropy)(void *, unsigned char *, size_t), int (*f_entropy)(void *, unsigned char *, size_t),
void *p_entropy, void *p_entropy,
const unsigned char *custom, const unsigned char *custom,
@ -68,60 +68,60 @@ int ctr_drbg_init_entropy_len(
size_t entropy_len ) size_t entropy_len )
{ {
int ret; int ret;
unsigned char key[CTR_DRBG_KEYSIZE]; unsigned char key[MBEDTLS_CTR_DRBG_KEYSIZE];
memset( ctx, 0, sizeof(ctr_drbg_context) ); memset( ctx, 0, sizeof(mbedtls_ctr_drbg_context) );
memset( key, 0, CTR_DRBG_KEYSIZE ); memset( key, 0, MBEDTLS_CTR_DRBG_KEYSIZE );
aes_init( &ctx->aes_ctx ); mbedtls_aes_init( &ctx->aes_ctx );
ctx->f_entropy = f_entropy; ctx->f_entropy = f_entropy;
ctx->p_entropy = p_entropy; ctx->p_entropy = p_entropy;
ctx->entropy_len = entropy_len; ctx->entropy_len = entropy_len;
ctx->reseed_interval = CTR_DRBG_RESEED_INTERVAL; ctx->reseed_interval = MBEDTLS_CTR_DRBG_RESEED_INTERVAL;
/* /*
* Initialize with an empty key * Initialize with an empty key
*/ */
aes_setkey_enc( &ctx->aes_ctx, key, CTR_DRBG_KEYBITS ); mbedtls_aes_setkey_enc( &ctx->aes_ctx, key, MBEDTLS_CTR_DRBG_KEYBITS );
if( ( ret = ctr_drbg_reseed( ctx, custom, len ) ) != 0 ) if( ( ret = mbedtls_ctr_drbg_reseed( ctx, custom, len ) ) != 0 )
return( ret ); return( ret );
return( 0 ); return( 0 );
} }
int ctr_drbg_init( ctr_drbg_context *ctx, int mbedtls_ctr_drbg_init( mbedtls_ctr_drbg_context *ctx,
int (*f_entropy)(void *, unsigned char *, size_t), int (*f_entropy)(void *, unsigned char *, size_t),
void *p_entropy, void *p_entropy,
const unsigned char *custom, const unsigned char *custom,
size_t len ) size_t len )
{ {
return( ctr_drbg_init_entropy_len( ctx, f_entropy, p_entropy, custom, len, return( mbedtls_ctr_drbg_init_entropy_len( ctx, f_entropy, p_entropy, custom, len,
CTR_DRBG_ENTROPY_LEN ) ); MBEDTLS_CTR_DRBG_ENTROPY_LEN ) );
} }
void ctr_drbg_free( ctr_drbg_context *ctx ) void mbedtls_ctr_drbg_free( mbedtls_ctr_drbg_context *ctx )
{ {
if( ctx == NULL ) if( ctx == NULL )
return; return;
aes_free( &ctx->aes_ctx ); mbedtls_aes_free( &ctx->aes_ctx );
polarssl_zeroize( ctx, sizeof( ctr_drbg_context ) ); mbedtls_zeroize( ctx, sizeof( mbedtls_ctr_drbg_context ) );
} }
void ctr_drbg_set_prediction_resistance( ctr_drbg_context *ctx, int resistance ) void mbedtls_ctr_drbg_set_prediction_resistance( mbedtls_ctr_drbg_context *ctx, int resistance )
{ {
ctx->prediction_resistance = resistance; ctx->prediction_resistance = resistance;
} }
void ctr_drbg_set_entropy_len( ctr_drbg_context *ctx, size_t len ) void mbedtls_ctr_drbg_set_entropy_len( mbedtls_ctr_drbg_context *ctx, size_t len )
{ {
ctx->entropy_len = len; ctx->entropy_len = len;
} }
void ctr_drbg_set_reseed_interval( ctr_drbg_context *ctx, int interval ) void mbedtls_ctr_drbg_set_reseed_interval( mbedtls_ctr_drbg_context *ctx, int interval )
{ {
ctx->reseed_interval = interval; ctx->reseed_interval = interval;
} }
@ -129,21 +129,21 @@ void ctr_drbg_set_reseed_interval( ctr_drbg_context *ctx, int interval )
static int block_cipher_df( unsigned char *output, static int block_cipher_df( unsigned char *output,
const unsigned char *data, size_t data_len ) const unsigned char *data, size_t data_len )
{ {
unsigned char buf[CTR_DRBG_MAX_SEED_INPUT + CTR_DRBG_BLOCKSIZE + 16]; unsigned char buf[MBEDTLS_CTR_DRBG_MAX_SEED_INPUT + MBEDTLS_CTR_DRBG_BLOCKSIZE + 16];
unsigned char tmp[CTR_DRBG_SEEDLEN]; unsigned char tmp[MBEDTLS_CTR_DRBG_SEEDLEN];
unsigned char key[CTR_DRBG_KEYSIZE]; unsigned char key[MBEDTLS_CTR_DRBG_KEYSIZE];
unsigned char chain[CTR_DRBG_BLOCKSIZE]; unsigned char chain[MBEDTLS_CTR_DRBG_BLOCKSIZE];
unsigned char *p, *iv; unsigned char *p, *iv;
aes_context aes_ctx; mbedtls_aes_context aes_ctx;
int i, j; int i, j;
size_t buf_len, use_len; size_t buf_len, use_len;
if( data_len > CTR_DRBG_MAX_SEED_INPUT ) if( data_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT )
return( POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG ); return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG );
memset( buf, 0, CTR_DRBG_MAX_SEED_INPUT + CTR_DRBG_BLOCKSIZE + 16 ); memset( buf, 0, MBEDTLS_CTR_DRBG_MAX_SEED_INPUT + MBEDTLS_CTR_DRBG_BLOCKSIZE + 16 );
aes_init( &aes_ctx ); mbedtls_aes_init( &aes_ctx );
/* /*
* Construct IV (16 bytes) and S in buffer * Construct IV (16 bytes) and S in buffer
@ -152,44 +152,44 @@ static int block_cipher_df( unsigned char *output,
* data || 0x80 * data || 0x80
* (Total is padded to a multiple of 16-bytes with zeroes) * (Total is padded to a multiple of 16-bytes with zeroes)
*/ */
p = buf + CTR_DRBG_BLOCKSIZE; p = buf + MBEDTLS_CTR_DRBG_BLOCKSIZE;
*p++ = ( data_len >> 24 ) & 0xff; *p++ = ( data_len >> 24 ) & 0xff;
*p++ = ( data_len >> 16 ) & 0xff; *p++ = ( data_len >> 16 ) & 0xff;
*p++ = ( data_len >> 8 ) & 0xff; *p++ = ( data_len >> 8 ) & 0xff;
*p++ = ( data_len ) & 0xff; *p++ = ( data_len ) & 0xff;
p += 3; p += 3;
*p++ = CTR_DRBG_SEEDLEN; *p++ = MBEDTLS_CTR_DRBG_SEEDLEN;
memcpy( p, data, data_len ); memcpy( p, data, data_len );
p[data_len] = 0x80; p[data_len] = 0x80;
buf_len = CTR_DRBG_BLOCKSIZE + 8 + data_len + 1; buf_len = MBEDTLS_CTR_DRBG_BLOCKSIZE + 8 + data_len + 1;
for( i = 0; i < CTR_DRBG_KEYSIZE; i++ ) for( i = 0; i < MBEDTLS_CTR_DRBG_KEYSIZE; i++ )
key[i] = i; key[i] = i;
aes_setkey_enc( &aes_ctx, key, CTR_DRBG_KEYBITS ); mbedtls_aes_setkey_enc( &aes_ctx, key, MBEDTLS_CTR_DRBG_KEYBITS );
/* /*
* Reduce data to CTR_DRBG_SEEDLEN bytes of data * Reduce data to MBEDTLS_CTR_DRBG_SEEDLEN bytes of data
*/ */
for( j = 0; j < CTR_DRBG_SEEDLEN; j += CTR_DRBG_BLOCKSIZE ) for( j = 0; j < MBEDTLS_CTR_DRBG_SEEDLEN; j += MBEDTLS_CTR_DRBG_BLOCKSIZE )
{ {
p = buf; p = buf;
memset( chain, 0, CTR_DRBG_BLOCKSIZE ); memset( chain, 0, MBEDTLS_CTR_DRBG_BLOCKSIZE );
use_len = buf_len; use_len = buf_len;
while( use_len > 0 ) while( use_len > 0 )
{ {
for( i = 0; i < CTR_DRBG_BLOCKSIZE; i++ ) for( i = 0; i < MBEDTLS_CTR_DRBG_BLOCKSIZE; i++ )
chain[i] ^= p[i]; chain[i] ^= p[i];
p += CTR_DRBG_BLOCKSIZE; p += MBEDTLS_CTR_DRBG_BLOCKSIZE;
use_len -= ( use_len >= CTR_DRBG_BLOCKSIZE ) ? use_len -= ( use_len >= MBEDTLS_CTR_DRBG_BLOCKSIZE ) ?
CTR_DRBG_BLOCKSIZE : use_len; MBEDTLS_CTR_DRBG_BLOCKSIZE : use_len;
aes_crypt_ecb( &aes_ctx, AES_ENCRYPT, chain, chain ); mbedtls_aes_crypt_ecb( &aes_ctx, MBEDTLS_AES_ENCRYPT, chain, chain );
} }
memcpy( tmp + j, chain, CTR_DRBG_BLOCKSIZE ); memcpy( tmp + j, chain, MBEDTLS_CTR_DRBG_BLOCKSIZE );
/* /*
* Update IV * Update IV
@ -200,87 +200,87 @@ static int block_cipher_df( unsigned char *output,
/* /*
* Do final encryption with reduced data * Do final encryption with reduced data
*/ */
aes_setkey_enc( &aes_ctx, tmp, CTR_DRBG_KEYBITS ); mbedtls_aes_setkey_enc( &aes_ctx, tmp, MBEDTLS_CTR_DRBG_KEYBITS );
iv = tmp + CTR_DRBG_KEYSIZE; iv = tmp + MBEDTLS_CTR_DRBG_KEYSIZE;
p = output; p = output;
for( j = 0; j < CTR_DRBG_SEEDLEN; j += CTR_DRBG_BLOCKSIZE ) for( j = 0; j < MBEDTLS_CTR_DRBG_SEEDLEN; j += MBEDTLS_CTR_DRBG_BLOCKSIZE )
{ {
aes_crypt_ecb( &aes_ctx, AES_ENCRYPT, iv, iv ); mbedtls_aes_crypt_ecb( &aes_ctx, MBEDTLS_AES_ENCRYPT, iv, iv );
memcpy( p, iv, CTR_DRBG_BLOCKSIZE ); memcpy( p, iv, MBEDTLS_CTR_DRBG_BLOCKSIZE );
p += CTR_DRBG_BLOCKSIZE; p += MBEDTLS_CTR_DRBG_BLOCKSIZE;
} }
aes_free( &aes_ctx ); mbedtls_aes_free( &aes_ctx );
return( 0 ); return( 0 );
} }
static int ctr_drbg_update_internal( ctr_drbg_context *ctx, static int ctr_drbg_update_internal( mbedtls_ctr_drbg_context *ctx,
const unsigned char data[CTR_DRBG_SEEDLEN] ) const unsigned char data[MBEDTLS_CTR_DRBG_SEEDLEN] )
{ {
unsigned char tmp[CTR_DRBG_SEEDLEN]; unsigned char tmp[MBEDTLS_CTR_DRBG_SEEDLEN];
unsigned char *p = tmp; unsigned char *p = tmp;
int i, j; int i, j;
memset( tmp, 0, CTR_DRBG_SEEDLEN ); memset( tmp, 0, MBEDTLS_CTR_DRBG_SEEDLEN );
for( j = 0; j < CTR_DRBG_SEEDLEN; j += CTR_DRBG_BLOCKSIZE ) for( j = 0; j < MBEDTLS_CTR_DRBG_SEEDLEN; j += MBEDTLS_CTR_DRBG_BLOCKSIZE )
{ {
/* /*
* Increase counter * Increase counter
*/ */
for( i = CTR_DRBG_BLOCKSIZE; i > 0; i-- ) for( i = MBEDTLS_CTR_DRBG_BLOCKSIZE; i > 0; i-- )
if( ++ctx->counter[i - 1] != 0 ) if( ++ctx->counter[i - 1] != 0 )
break; break;
/* /*
* Crypt counter block * Crypt counter block
*/ */
aes_crypt_ecb( &ctx->aes_ctx, AES_ENCRYPT, ctx->counter, p ); mbedtls_aes_crypt_ecb( &ctx->aes_ctx, MBEDTLS_AES_ENCRYPT, ctx->counter, p );
p += CTR_DRBG_BLOCKSIZE; p += MBEDTLS_CTR_DRBG_BLOCKSIZE;
} }
for( i = 0; i < CTR_DRBG_SEEDLEN; i++ ) for( i = 0; i < MBEDTLS_CTR_DRBG_SEEDLEN; i++ )
tmp[i] ^= data[i]; tmp[i] ^= data[i];
/* /*
* Update key and counter * Update key and counter
*/ */
aes_setkey_enc( &ctx->aes_ctx, tmp, CTR_DRBG_KEYBITS ); mbedtls_aes_setkey_enc( &ctx->aes_ctx, tmp, MBEDTLS_CTR_DRBG_KEYBITS );
memcpy( ctx->counter, tmp + CTR_DRBG_KEYSIZE, CTR_DRBG_BLOCKSIZE ); memcpy( ctx->counter, tmp + MBEDTLS_CTR_DRBG_KEYSIZE, MBEDTLS_CTR_DRBG_BLOCKSIZE );
return( 0 ); return( 0 );
} }
void ctr_drbg_update( ctr_drbg_context *ctx, void mbedtls_ctr_drbg_update( mbedtls_ctr_drbg_context *ctx,
const unsigned char *additional, size_t add_len ) const unsigned char *additional, size_t add_len )
{ {
unsigned char add_input[CTR_DRBG_SEEDLEN]; unsigned char add_input[MBEDTLS_CTR_DRBG_SEEDLEN];
if( add_len > 0 ) if( add_len > 0 )
{ {
/* MAX_INPUT would be more logical here, but we have to match /* MAX_INPUT would be more logical here, but we have to match
* block_cipher_df()'s limits since we can't propagate errors */ * block_cipher_df()'s limits since we can't propagate errors */
if( add_len > CTR_DRBG_MAX_SEED_INPUT ) if( add_len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT )
add_len = CTR_DRBG_MAX_SEED_INPUT; add_len = MBEDTLS_CTR_DRBG_MAX_SEED_INPUT;
block_cipher_df( add_input, additional, add_len ); block_cipher_df( add_input, additional, add_len );
ctr_drbg_update_internal( ctx, add_input ); ctr_drbg_update_internal( ctx, add_input );
} }
} }
int ctr_drbg_reseed( ctr_drbg_context *ctx, int mbedtls_ctr_drbg_reseed( mbedtls_ctr_drbg_context *ctx,
const unsigned char *additional, size_t len ) const unsigned char *additional, size_t len )
{ {
unsigned char seed[CTR_DRBG_MAX_SEED_INPUT]; unsigned char seed[MBEDTLS_CTR_DRBG_MAX_SEED_INPUT];
size_t seedlen = 0; size_t seedlen = 0;
if( ctx->entropy_len + len > CTR_DRBG_MAX_SEED_INPUT ) if( ctx->entropy_len + len > MBEDTLS_CTR_DRBG_MAX_SEED_INPUT )
return( POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG ); return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG );
memset( seed, 0, CTR_DRBG_MAX_SEED_INPUT ); memset( seed, 0, MBEDTLS_CTR_DRBG_MAX_SEED_INPUT );
/* /*
* Gather entropy_len bytes of entropy to seed state * Gather entropy_len bytes of entropy to seed state
@ -288,7 +288,7 @@ int ctr_drbg_reseed( ctr_drbg_context *ctx,
if( 0 != ctx->f_entropy( ctx->p_entropy, seed, if( 0 != ctx->f_entropy( ctx->p_entropy, seed,
ctx->entropy_len ) ) ctx->entropy_len ) )
{ {
return( POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED ); return( MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED );
} }
seedlen += ctx->entropy_len; seedlen += ctx->entropy_len;
@ -316,30 +316,30 @@ int ctr_drbg_reseed( ctr_drbg_context *ctx,
return( 0 ); return( 0 );
} }
int ctr_drbg_random_with_add( void *p_rng, int mbedtls_ctr_drbg_random_with_add( void *p_rng,
unsigned char *output, size_t output_len, unsigned char *output, size_t output_len,
const unsigned char *additional, size_t add_len ) const unsigned char *additional, size_t add_len )
{ {
int ret = 0; int ret = 0;
ctr_drbg_context *ctx = (ctr_drbg_context *) p_rng; mbedtls_ctr_drbg_context *ctx = (mbedtls_ctr_drbg_context *) p_rng;
unsigned char add_input[CTR_DRBG_SEEDLEN]; unsigned char add_input[MBEDTLS_CTR_DRBG_SEEDLEN];
unsigned char *p = output; unsigned char *p = output;
unsigned char tmp[CTR_DRBG_BLOCKSIZE]; unsigned char tmp[MBEDTLS_CTR_DRBG_BLOCKSIZE];
int i; int i;
size_t use_len; size_t use_len;
if( output_len > CTR_DRBG_MAX_REQUEST ) if( output_len > MBEDTLS_CTR_DRBG_MAX_REQUEST )
return( POLARSSL_ERR_CTR_DRBG_REQUEST_TOO_BIG ); return( MBEDTLS_ERR_CTR_DRBG_REQUEST_TOO_BIG );
if( add_len > CTR_DRBG_MAX_INPUT ) if( add_len > MBEDTLS_CTR_DRBG_MAX_INPUT )
return( POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG ); return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG );
memset( add_input, 0, CTR_DRBG_SEEDLEN ); memset( add_input, 0, MBEDTLS_CTR_DRBG_SEEDLEN );
if( ctx->reseed_counter > ctx->reseed_interval || if( ctx->reseed_counter > ctx->reseed_interval ||
ctx->prediction_resistance ) ctx->prediction_resistance )
{ {
if( ( ret = ctr_drbg_reseed( ctx, additional, add_len ) ) != 0 ) if( ( ret = mbedtls_ctr_drbg_reseed( ctx, additional, add_len ) ) != 0 )
return( ret ); return( ret );
add_len = 0; add_len = 0;
@ -356,16 +356,16 @@ int ctr_drbg_random_with_add( void *p_rng,
/* /*
* Increase counter * Increase counter
*/ */
for( i = CTR_DRBG_BLOCKSIZE; i > 0; i-- ) for( i = MBEDTLS_CTR_DRBG_BLOCKSIZE; i > 0; i-- )
if( ++ctx->counter[i - 1] != 0 ) if( ++ctx->counter[i - 1] != 0 )
break; break;
/* /*
* Crypt counter block * Crypt counter block
*/ */
aes_crypt_ecb( &ctx->aes_ctx, AES_ENCRYPT, ctx->counter, tmp ); mbedtls_aes_crypt_ecb( &ctx->aes_ctx, MBEDTLS_AES_ENCRYPT, ctx->counter, tmp );
use_len = ( output_len > CTR_DRBG_BLOCKSIZE ) ? CTR_DRBG_BLOCKSIZE : use_len = ( output_len > MBEDTLS_CTR_DRBG_BLOCKSIZE ) ? MBEDTLS_CTR_DRBG_BLOCKSIZE :
output_len; output_len;
/* /*
* Copy random block to destination * Copy random block to destination
@ -382,27 +382,27 @@ int ctr_drbg_random_with_add( void *p_rng,
return( 0 ); return( 0 );
} }
int ctr_drbg_random( void *p_rng, unsigned char *output, size_t output_len ) int mbedtls_ctr_drbg_random( void *p_rng, unsigned char *output, size_t output_len )
{ {
return ctr_drbg_random_with_add( p_rng, output, output_len, NULL, 0 ); return mbedtls_ctr_drbg_random_with_add( p_rng, output, output_len, NULL, 0 );
} }
#if defined(POLARSSL_FS_IO) #if defined(MBEDTLS_FS_IO)
int ctr_drbg_write_seed_file( ctr_drbg_context *ctx, const char *path ) int mbedtls_ctr_drbg_write_seed_file( mbedtls_ctr_drbg_context *ctx, const char *path )
{ {
int ret = POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR; int ret = MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR;
FILE *f; FILE *f;
unsigned char buf[ CTR_DRBG_MAX_INPUT ]; unsigned char buf[ MBEDTLS_CTR_DRBG_MAX_INPUT ];
if( ( f = fopen( path, "wb" ) ) == NULL ) if( ( f = fopen( path, "wb" ) ) == NULL )
return( POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR ); return( MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR );
if( ( ret = ctr_drbg_random( ctx, buf, CTR_DRBG_MAX_INPUT ) ) != 0 ) if( ( ret = mbedtls_ctr_drbg_random( ctx, buf, MBEDTLS_CTR_DRBG_MAX_INPUT ) ) != 0 )
goto exit; goto exit;
if( fwrite( buf, 1, CTR_DRBG_MAX_INPUT, f ) != CTR_DRBG_MAX_INPUT ) if( fwrite( buf, 1, MBEDTLS_CTR_DRBG_MAX_INPUT, f ) != MBEDTLS_CTR_DRBG_MAX_INPUT )
{ {
ret = POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR; ret = MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR;
goto exit; goto exit;
} }
@ -413,40 +413,40 @@ exit:
return( ret ); return( ret );
} }
int ctr_drbg_update_seed_file( ctr_drbg_context *ctx, const char *path ) int mbedtls_ctr_drbg_update_seed_file( mbedtls_ctr_drbg_context *ctx, const char *path )
{ {
FILE *f; FILE *f;
size_t n; size_t n;
unsigned char buf[ CTR_DRBG_MAX_INPUT ]; unsigned char buf[ MBEDTLS_CTR_DRBG_MAX_INPUT ];
if( ( f = fopen( path, "rb" ) ) == NULL ) if( ( f = fopen( path, "rb" ) ) == NULL )
return( POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR ); return( MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR );
fseek( f, 0, SEEK_END ); fseek( f, 0, SEEK_END );
n = (size_t) ftell( f ); n = (size_t) ftell( f );
fseek( f, 0, SEEK_SET ); fseek( f, 0, SEEK_SET );
if( n > CTR_DRBG_MAX_INPUT ) if( n > MBEDTLS_CTR_DRBG_MAX_INPUT )
{ {
fclose( f ); fclose( f );
return( POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG ); return( MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG );
} }
if( fread( buf, 1, n, f ) != n ) if( fread( buf, 1, n, f ) != n )
{ {
fclose( f ); fclose( f );
return( POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR ); return( MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR );
} }
fclose( f ); fclose( f );
ctr_drbg_update( ctx, buf, n ); mbedtls_ctr_drbg_update( ctx, buf, n );
return( ctr_drbg_write_seed_file( ctx, path ) ); return( mbedtls_ctr_drbg_write_seed_file( ctx, path ) );
} }
#endif /* POLARSSL_FS_IO */ #endif /* MBEDTLS_FS_IO */
#if defined(POLARSSL_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
static const unsigned char entropy_source_pr[96] = static const unsigned char entropy_source_pr[96] =
{ 0xc1, 0x80, 0x81, 0xa6, 0x5d, 0x44, 0x02, 0x16, { 0xc1, 0x80, 0x81, 0xa6, 0x5d, 0x44, 0x02, 0x16,
@ -501,57 +501,57 @@ static int ctr_drbg_self_test_entropy( void *data, unsigned char *buf,
#define CHK( c ) if( (c) != 0 ) \ #define CHK( c ) if( (c) != 0 ) \
{ \ { \
if( verbose != 0 ) \ if( verbose != 0 ) \
polarssl_printf( "failed\n" ); \ mbedtls_printf( "failed\n" ); \
return( 1 ); \ return( 1 ); \
} }
/* /*
* Checkup routine * Checkup routine
*/ */
int ctr_drbg_self_test( int verbose ) int mbedtls_ctr_drbg_self_test( int verbose )
{ {
ctr_drbg_context ctx; mbedtls_ctr_drbg_context ctx;
unsigned char buf[16]; unsigned char buf[16];
/* /*
* Based on a NIST CTR_DRBG test vector (PR = True) * Based on a NIST CTR_DRBG test vector (PR = True)
*/ */
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( " CTR_DRBG (PR = TRUE) : " ); mbedtls_printf( " CTR_DRBG (PR = TRUE) : " );
test_offset = 0; test_offset = 0;
CHK( ctr_drbg_init_entropy_len( &ctx, ctr_drbg_self_test_entropy, CHK( mbedtls_ctr_drbg_init_entropy_len( &ctx, ctr_drbg_self_test_entropy,
(void *) entropy_source_pr, nonce_pers_pr, 16, 32 ) ); (void *) entropy_source_pr, nonce_pers_pr, 16, 32 ) );
ctr_drbg_set_prediction_resistance( &ctx, CTR_DRBG_PR_ON ); mbedtls_ctr_drbg_set_prediction_resistance( &ctx, MBEDTLS_CTR_DRBG_PR_ON );
CHK( ctr_drbg_random( &ctx, buf, CTR_DRBG_BLOCKSIZE ) ); CHK( mbedtls_ctr_drbg_random( &ctx, buf, MBEDTLS_CTR_DRBG_BLOCKSIZE ) );
CHK( ctr_drbg_random( &ctx, buf, CTR_DRBG_BLOCKSIZE ) ); CHK( mbedtls_ctr_drbg_random( &ctx, buf, MBEDTLS_CTR_DRBG_BLOCKSIZE ) );
CHK( memcmp( buf, result_pr, CTR_DRBG_BLOCKSIZE ) ); CHK( memcmp( buf, result_pr, MBEDTLS_CTR_DRBG_BLOCKSIZE ) );
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "passed\n" ); mbedtls_printf( "passed\n" );
/* /*
* Based on a NIST CTR_DRBG test vector (PR = FALSE) * Based on a NIST CTR_DRBG test vector (PR = FALSE)
*/ */
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( " CTR_DRBG (PR = FALSE): " ); mbedtls_printf( " CTR_DRBG (PR = FALSE): " );
test_offset = 0; test_offset = 0;
CHK( ctr_drbg_init_entropy_len( &ctx, ctr_drbg_self_test_entropy, CHK( mbedtls_ctr_drbg_init_entropy_len( &ctx, ctr_drbg_self_test_entropy,
(void *) entropy_source_nopr, nonce_pers_nopr, 16, 32 ) ); (void *) entropy_source_nopr, nonce_pers_nopr, 16, 32 ) );
CHK( ctr_drbg_random( &ctx, buf, 16 ) ); CHK( mbedtls_ctr_drbg_random( &ctx, buf, 16 ) );
CHK( ctr_drbg_reseed( &ctx, NULL, 0 ) ); CHK( mbedtls_ctr_drbg_reseed( &ctx, NULL, 0 ) );
CHK( ctr_drbg_random( &ctx, buf, 16 ) ); CHK( mbedtls_ctr_drbg_random( &ctx, buf, 16 ) );
CHK( memcmp( buf, result_nopr, 16 ) ); CHK( memcmp( buf, result_nopr, 16 ) );
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "passed\n" ); mbedtls_printf( "passed\n" );
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "\n" ); mbedtls_printf( "\n" );
return( 0 ); return( 0 );
} }
#endif /* POLARSSL_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */
#endif /* POLARSSL_CTR_DRBG_C */ #endif /* MBEDTLS_CTR_DRBG_C */

156
library/debug.c
View File

@ -20,13 +20,13 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h" #include "mbedtls/config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#if defined(POLARSSL_DEBUG_C) #if defined(MBEDTLS_DEBUG_C)
#include "mbedtls/debug.h" #include "mbedtls/debug.h"
@ -44,26 +44,26 @@
#endif #endif
#endif /* _MSC_VER */ #endif /* _MSC_VER */
#if defined(POLARSSL_PLATFORM_C) #if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h" #include "mbedtls/platform.h"
#else #else
#define polarssl_snprintf snprintf #define mbedtls_snprintf snprintf
#endif #endif
static int debug_log_mode = POLARSSL_DEBUG_DFL_MODE; static int debug_log_mode = MBEDTLS_DEBUG_DFL_MODE;
static int debug_threshold = 0; static int debug_threshold = 0;
void debug_set_log_mode( int log_mode ) void mbedtls_debug_set_log_mode( int log_mode )
{ {
debug_log_mode = log_mode; debug_log_mode = log_mode;
} }
void debug_set_threshold( int threshold ) void mbedtls_debug_set_threshold( int threshold )
{ {
debug_threshold = threshold; debug_threshold = threshold;
} }
char *debug_fmt( const char *format, ... ) char *mbedtls_debug_fmt( const char *format, ... )
{ {
va_list argp; va_list argp;
static char str[512]; static char str[512];
@ -77,7 +77,7 @@ char *debug_fmt( const char *format, ... )
return( str ); return( str );
} }
void debug_print_msg( const ssl_context *ssl, int level, void mbedtls_debug_print_msg( const mbedtls_ssl_context *ssl, int level,
const char *file, int line, const char *text ) const char *file, int line, const char *text )
{ {
char str[512]; char str[512];
@ -86,18 +86,18 @@ void debug_print_msg( const ssl_context *ssl, int level,
if( ssl->f_dbg == NULL || level > debug_threshold ) if( ssl->f_dbg == NULL || level > debug_threshold )
return; return;
if( debug_log_mode == POLARSSL_DEBUG_LOG_RAW ) if( debug_log_mode == MBEDTLS_DEBUG_LOG_RAW )
{ {
ssl->f_dbg( ssl->p_dbg, level, text ); ssl->f_dbg( ssl->p_dbg, level, text );
return; return;
} }
polarssl_snprintf( str, maxlen, "%s(%04d): %s\n", file, line, text ); mbedtls_snprintf( str, maxlen, "%s(%04d): %s\n", file, line, text );
str[maxlen] = '\0'; str[maxlen] = '\0';
ssl->f_dbg( ssl->p_dbg, level, str ); ssl->f_dbg( ssl->p_dbg, level, str );
} }
void debug_print_ret( const ssl_context *ssl, int level, void mbedtls_debug_print_ret( const mbedtls_ssl_context *ssl, int level,
const char *file, int line, const char *file, int line,
const char *text, int ret ) const char *text, int ret )
{ {
@ -108,17 +108,17 @@ void debug_print_ret( const ssl_context *ssl, int level,
if( ssl->f_dbg == NULL || level > debug_threshold ) if( ssl->f_dbg == NULL || level > debug_threshold )
return; return;
if( debug_log_mode == POLARSSL_DEBUG_LOG_FULL ) if( debug_log_mode == MBEDTLS_DEBUG_LOG_FULL )
idx = polarssl_snprintf( str, maxlen, "%s(%04d): ", file, line ); idx = mbedtls_snprintf( str, maxlen, "%s(%04d): ", file, line );
polarssl_snprintf( str + idx, maxlen - idx, "%s() returned %d (-0x%04x)\n", mbedtls_snprintf( str + idx, maxlen - idx, "%s() returned %d (-0x%04x)\n",
text, ret, -ret ); text, ret, -ret );
str[maxlen] = '\0'; str[maxlen] = '\0';
ssl->f_dbg( ssl->p_dbg, level, str ); ssl->f_dbg( ssl->p_dbg, level, str );
} }
void debug_print_buf( const ssl_context *ssl, int level, void mbedtls_debug_print_buf( const mbedtls_ssl_context *ssl, int level,
const char *file, int line, const char *text, const char *file, int line, const char *text,
const unsigned char *buf, size_t len ) const unsigned char *buf, size_t len )
{ {
@ -129,10 +129,10 @@ void debug_print_buf( const ssl_context *ssl, int level,
if( ssl->f_dbg == NULL || level > debug_threshold ) if( ssl->f_dbg == NULL || level > debug_threshold )
return; return;
if( debug_log_mode == POLARSSL_DEBUG_LOG_FULL ) if( debug_log_mode == MBEDTLS_DEBUG_LOG_FULL )
idx = polarssl_snprintf( str, maxlen, "%s(%04d): ", file, line ); idx = mbedtls_snprintf( str, maxlen, "%s(%04d): ", file, line );
polarssl_snprintf( str + idx, maxlen - idx, "dumping '%s' (%u bytes)\n", mbedtls_snprintf( str + idx, maxlen - idx, "dumping '%s' (%u bytes)\n",
text, (unsigned int) len ); text, (unsigned int) len );
str[maxlen] = '\0'; str[maxlen] = '\0';
@ -149,22 +149,22 @@ void debug_print_buf( const ssl_context *ssl, int level,
{ {
if( i > 0 ) if( i > 0 )
{ {
polarssl_snprintf( str + idx, maxlen - idx, " %s\n", txt ); mbedtls_snprintf( str + idx, maxlen - idx, " %s\n", txt );
ssl->f_dbg( ssl->p_dbg, level, str ); ssl->f_dbg( ssl->p_dbg, level, str );
idx = 0; idx = 0;
memset( txt, 0, sizeof( txt ) ); memset( txt, 0, sizeof( txt ) );
} }
if( debug_log_mode == POLARSSL_DEBUG_LOG_FULL ) if( debug_log_mode == MBEDTLS_DEBUG_LOG_FULL )
idx = polarssl_snprintf( str, maxlen, "%s(%04d): ", file, line ); idx = mbedtls_snprintf( str, maxlen, "%s(%04d): ", file, line );
idx += polarssl_snprintf( str + idx, maxlen - idx, "%04x: ", idx += mbedtls_snprintf( str + idx, maxlen - idx, "%04x: ",
(unsigned int) i ); (unsigned int) i );
} }
idx += polarssl_snprintf( str + idx, maxlen - idx, " %02x", idx += mbedtls_snprintf( str + idx, maxlen - idx, " %02x",
(unsigned int) buf[i] ); (unsigned int) buf[i] );
txt[i % 16] = ( buf[i] > 31 && buf[i] < 127 ) ? buf[i] : '.' ; txt[i % 16] = ( buf[i] > 31 && buf[i] < 127 ) ? buf[i] : '.' ;
} }
@ -172,17 +172,17 @@ void debug_print_buf( const ssl_context *ssl, int level,
if( len > 0 ) if( len > 0 )
{ {
for( /* i = i */; i % 16 != 0; i++ ) for( /* i = i */; i % 16 != 0; i++ )
idx += polarssl_snprintf( str + idx, maxlen - idx, " " ); idx += mbedtls_snprintf( str + idx, maxlen - idx, " " );
polarssl_snprintf( str + idx, maxlen - idx, " %s\n", txt ); mbedtls_snprintf( str + idx, maxlen - idx, " %s\n", txt );
ssl->f_dbg( ssl->p_dbg, level, str ); ssl->f_dbg( ssl->p_dbg, level, str );
} }
} }
#if defined(POLARSSL_ECP_C) #if defined(MBEDTLS_ECP_C)
void debug_print_ecp( const ssl_context *ssl, int level, void mbedtls_debug_print_ecp( const mbedtls_ssl_context *ssl, int level,
const char *file, int line, const char *file, int line,
const char *text, const ecp_point *X ) const char *text, const mbedtls_ecp_point *X )
{ {
char str[512]; char str[512];
int maxlen = sizeof( str ) - 1; int maxlen = sizeof( str ) - 1;
@ -190,20 +190,20 @@ void debug_print_ecp( const ssl_context *ssl, int level,
if( ssl->f_dbg == NULL || level > debug_threshold ) if( ssl->f_dbg == NULL || level > debug_threshold )
return; return;
polarssl_snprintf( str, maxlen, "%s(X)", text ); mbedtls_snprintf( str, maxlen, "%s(X)", text );
str[maxlen] = '\0'; str[maxlen] = '\0';
debug_print_mpi( ssl, level, file, line, str, &X->X ); mbedtls_debug_print_mpi( ssl, level, file, line, str, &X->X );
polarssl_snprintf( str, maxlen, "%s(Y)", text ); mbedtls_snprintf( str, maxlen, "%s(Y)", text );
str[maxlen] = '\0'; str[maxlen] = '\0';
debug_print_mpi( ssl, level, file, line, str, &X->Y ); mbedtls_debug_print_mpi( ssl, level, file, line, str, &X->Y );
} }
#endif /* POLARSSL_ECP_C */ #endif /* MBEDTLS_ECP_C */
#if defined(POLARSSL_BIGNUM_C) #if defined(MBEDTLS_BIGNUM_C)
void debug_print_mpi( const ssl_context *ssl, int level, void mbedtls_debug_print_mpi( const mbedtls_ssl_context *ssl, int level,
const char *file, int line, const char *file, int line,
const char *text, const mpi *X ) const char *text, const mbedtls_mpi *X )
{ {
char str[512]; char str[512];
int j, k, maxlen = sizeof( str ) - 1, zeros = 1; int j, k, maxlen = sizeof( str ) - 1, zeros = 1;
@ -216,15 +216,15 @@ void debug_print_mpi( const ssl_context *ssl, int level,
if( X->p[n] != 0 ) if( X->p[n] != 0 )
break; break;
for( j = ( sizeof(t_uint) << 3 ) - 1; j >= 0; j-- ) for( j = ( sizeof(mbedtls_mpi_uint) << 3 ) - 1; j >= 0; j-- )
if( ( ( X->p[n] >> j ) & 1 ) != 0 ) if( ( ( X->p[n] >> j ) & 1 ) != 0 )
break; break;
if( debug_log_mode == POLARSSL_DEBUG_LOG_FULL ) if( debug_log_mode == MBEDTLS_DEBUG_LOG_FULL )
idx = polarssl_snprintf( str, maxlen, "%s(%04d): ", file, line ); idx = mbedtls_snprintf( str, maxlen, "%s(%04d): ", file, line );
polarssl_snprintf( str + idx, maxlen - idx, "value of '%s' (%d bits) is:\n", mbedtls_snprintf( str + idx, maxlen - idx, "value of '%s' (%d bits) is:\n",
text, (int) ( ( n * ( sizeof(t_uint) << 3 ) ) + j + 1 ) ); text, (int) ( ( n * ( sizeof(mbedtls_mpi_uint) << 3 ) ) + j + 1 ) );
str[maxlen] = '\0'; str[maxlen] = '\0';
ssl->f_dbg( ssl->p_dbg, level, str ); ssl->f_dbg( ssl->p_dbg, level, str );
@ -235,7 +235,7 @@ void debug_print_mpi( const ssl_context *ssl, int level,
if( zeros && X->p[i - 1] == 0 ) if( zeros && X->p[i - 1] == 0 )
continue; continue;
for( k = sizeof( t_uint ) - 1; k >= 0; k-- ) for( k = sizeof( mbedtls_mpi_uint ) - 1; k >= 0; k-- )
{ {
if( zeros && ( ( X->p[i - 1] >> ( k << 3 ) ) & 0xFF ) == 0 ) if( zeros && ( ( X->p[i - 1] >> ( k << 3 ) ) & 0xFF ) == 0 )
continue; continue;
@ -246,16 +246,16 @@ void debug_print_mpi( const ssl_context *ssl, int level,
{ {
if( j > 0 ) if( j > 0 )
{ {
polarssl_snprintf( str + idx, maxlen - idx, "\n" ); mbedtls_snprintf( str + idx, maxlen - idx, "\n" );
ssl->f_dbg( ssl->p_dbg, level, str ); ssl->f_dbg( ssl->p_dbg, level, str );
idx = 0; idx = 0;
} }
if( debug_log_mode == POLARSSL_DEBUG_LOG_FULL ) if( debug_log_mode == MBEDTLS_DEBUG_LOG_FULL )
idx = polarssl_snprintf( str, maxlen, "%s(%04d): ", file, line ); idx = mbedtls_snprintf( str, maxlen, "%s(%04d): ", file, line );
} }
idx += polarssl_snprintf( str + idx, maxlen - idx, " %02x", (unsigned int) idx += mbedtls_snprintf( str + idx, maxlen - idx, " %02x", (unsigned int)
( X->p[i - 1] >> ( k << 3 ) ) & 0xFF ); ( X->p[i - 1] >> ( k << 3 ) ) & 0xFF );
j++; j++;
@ -265,59 +265,59 @@ void debug_print_mpi( const ssl_context *ssl, int level,
if( zeros == 1 ) if( zeros == 1 )
{ {
if( debug_log_mode == POLARSSL_DEBUG_LOG_FULL ) if( debug_log_mode == MBEDTLS_DEBUG_LOG_FULL )
{ {
idx = polarssl_snprintf( str, maxlen, "%s(%04d): ", file, line ); idx = mbedtls_snprintf( str, maxlen, "%s(%04d): ", file, line );
} }
idx += polarssl_snprintf( str + idx, maxlen - idx, " 00" ); idx += mbedtls_snprintf( str + idx, maxlen - idx, " 00" );
} }
polarssl_snprintf( str + idx, maxlen - idx, "\n" ); mbedtls_snprintf( str + idx, maxlen - idx, "\n" );
ssl->f_dbg( ssl->p_dbg, level, str ); ssl->f_dbg( ssl->p_dbg, level, str );
} }
#endif /* POLARSSL_BIGNUM_C */ #endif /* MBEDTLS_BIGNUM_C */
#if defined(POLARSSL_X509_CRT_PARSE_C) #if defined(MBEDTLS_X509_CRT_PARSE_C)
static void debug_print_pk( const ssl_context *ssl, int level, static void debug_print_pk( const mbedtls_ssl_context *ssl, int level,
const char *file, int line, const char *file, int line,
const char *text, const pk_context *pk ) const char *text, const mbedtls_pk_context *pk )
{ {
size_t i; size_t i;
pk_debug_item items[POLARSSL_PK_DEBUG_MAX_ITEMS]; mbedtls_pk_debug_item items[MBEDTLS_PK_DEBUG_MAX_ITEMS];
char name[16]; char name[16];
memset( items, 0, sizeof( items ) ); memset( items, 0, sizeof( items ) );
if( pk_debug( pk, items ) != 0 ) if( mbedtls_pk_debug( pk, items ) != 0 )
{ {
debug_print_msg( ssl, level, file, line, "invalid PK context" ); mbedtls_debug_print_msg( ssl, level, file, line, "invalid PK context" );
return; return;
} }
for( i = 0; i < POLARSSL_PK_DEBUG_MAX_ITEMS; i++ ) for( i = 0; i < MBEDTLS_PK_DEBUG_MAX_ITEMS; i++ )
{ {
if( items[i].type == POLARSSL_PK_DEBUG_NONE ) if( items[i].type == MBEDTLS_PK_DEBUG_NONE )
return; return;
polarssl_snprintf( name, sizeof( name ), "%s%s", text, items[i].name ); mbedtls_snprintf( name, sizeof( name ), "%s%s", text, items[i].name );
name[sizeof( name ) - 1] = '\0'; name[sizeof( name ) - 1] = '\0';
if( items[i].type == POLARSSL_PK_DEBUG_MPI ) if( items[i].type == MBEDTLS_PK_DEBUG_MPI )
debug_print_mpi( ssl, level, file, line, name, items[i].value ); mbedtls_debug_print_mpi( ssl, level, file, line, name, items[i].value );
else else
#if defined(POLARSSL_ECP_C) #if defined(MBEDTLS_ECP_C)
if( items[i].type == POLARSSL_PK_DEBUG_ECP ) if( items[i].type == MBEDTLS_PK_DEBUG_ECP )
debug_print_ecp( ssl, level, file, line, name, items[i].value ); mbedtls_debug_print_ecp( ssl, level, file, line, name, items[i].value );
else else
#endif #endif
debug_print_msg( ssl, level, file, line, "should not happen" ); mbedtls_debug_print_msg( ssl, level, file, line, "should not happen" );
} }
} }
void debug_print_crt( const ssl_context *ssl, int level, void mbedtls_debug_print_crt( const mbedtls_ssl_context *ssl, int level,
const char *file, int line, const char *file, int line,
const char *text, const x509_crt *crt ) const char *text, const mbedtls_x509_crt *crt )
{ {
char str[1024], prefix[64]; char str[1024], prefix[64];
int i = 0, maxlen = sizeof( prefix ) - 1, idx = 0; int i = 0, maxlen = sizeof( prefix ) - 1, idx = 0;
@ -325,9 +325,9 @@ void debug_print_crt( const ssl_context *ssl, int level,
if( ssl->f_dbg == NULL || crt == NULL || level > debug_threshold ) if( ssl->f_dbg == NULL || crt == NULL || level > debug_threshold )
return; return;
if( debug_log_mode == POLARSSL_DEBUG_LOG_FULL ) if( debug_log_mode == MBEDTLS_DEBUG_LOG_FULL )
{ {
polarssl_snprintf( prefix, maxlen, "%s(%04d): ", file, line ); mbedtls_snprintf( prefix, maxlen, "%s(%04d): ", file, line );
prefix[maxlen] = '\0'; prefix[maxlen] = '\0';
} }
else else
@ -338,12 +338,12 @@ void debug_print_crt( const ssl_context *ssl, int level,
while( crt != NULL ) while( crt != NULL )
{ {
char buf[1024]; char buf[1024];
x509_crt_info( buf, sizeof( buf ) - 1, prefix, crt ); mbedtls_x509_crt_info( buf, sizeof( buf ) - 1, prefix, crt );
if( debug_log_mode == POLARSSL_DEBUG_LOG_FULL ) if( debug_log_mode == MBEDTLS_DEBUG_LOG_FULL )
idx = polarssl_snprintf( str, maxlen, "%s(%04d): ", file, line ); idx = mbedtls_snprintf( str, maxlen, "%s(%04d): ", file, line );
polarssl_snprintf( str + idx, maxlen - idx, "%s #%d:\n%s", mbedtls_snprintf( str + idx, maxlen - idx, "%s #%d:\n%s",
text, ++i, buf ); text, ++i, buf );
str[maxlen] = '\0'; str[maxlen] = '\0';
@ -354,6 +354,6 @@ void debug_print_crt( const ssl_context *ssl, int level,
crt = crt->next; crt = crt->next;
} }
} }
#endif /* POLARSSL_X509_CRT_PARSE_C */ #endif /* MBEDTLS_X509_CRT_PARSE_C */
#endif /* POLARSSL_DEBUG_C */ #endif /* MBEDTLS_DEBUG_C */

216
library/des.c
View File

@ -26,31 +26,31 @@
* http://csrc.nist.gov/publications/fips/fips46-3/fips46-3.pdf * http://csrc.nist.gov/publications/fips/fips46-3/fips46-3.pdf
*/ */
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h" #include "mbedtls/config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#if defined(POLARSSL_DES_C) #if defined(MBEDTLS_DES_C)
#include "mbedtls/des.h" #include "mbedtls/des.h"
#include <string.h> #include <string.h>
#if defined(POLARSSL_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
#if defined(POLARSSL_PLATFORM_C) #if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h" #include "mbedtls/platform.h"
#else #else
#include <stdio.h> #include <stdio.h>
#define polarssl_printf printf #define mbedtls_printf printf
#endif /* POLARSSL_PLATFORM_C */ #endif /* MBEDTLS_PLATFORM_C */
#endif /* POLARSSL_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */
#if !defined(POLARSSL_DES_ALT) #if !defined(MBEDTLS_DES_ALT)
/* Implementation that should never be optimized out by the compiler */ /* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) { static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0; volatile unsigned char *p = v; while( n-- ) *p++ = 0;
} }
@ -307,30 +307,30 @@ static const uint32_t RHs[16] =
#define SWAP(a,b) { uint32_t t = a; a = b; b = t; t = 0; } #define SWAP(a,b) { uint32_t t = a; a = b; b = t; t = 0; }
void des_init( des_context *ctx ) void mbedtls_des_init( mbedtls_des_context *ctx )
{ {
memset( ctx, 0, sizeof( des_context ) ); memset( ctx, 0, sizeof( mbedtls_des_context ) );
} }
void des_free( des_context *ctx ) void mbedtls_des_free( mbedtls_des_context *ctx )
{ {
if( ctx == NULL ) if( ctx == NULL )
return; return;
polarssl_zeroize( ctx, sizeof( des_context ) ); mbedtls_zeroize( ctx, sizeof( mbedtls_des_context ) );
} }
void des3_init( des3_context *ctx ) void mbedtls_des3_init( mbedtls_des3_context *ctx )
{ {
memset( ctx, 0, sizeof( des3_context ) ); memset( ctx, 0, sizeof( mbedtls_des3_context ) );
} }
void des3_free( des3_context *ctx ) void mbedtls_des3_free( mbedtls_des3_context *ctx )
{ {
if( ctx == NULL ) if( ctx == NULL )
return; return;
polarssl_zeroize( ctx, sizeof( des3_context ) ); mbedtls_zeroize( ctx, sizeof( mbedtls_des3_context ) );
} }
static const unsigned char odd_parity_table[128] = { 1, 2, 4, 7, 8, static const unsigned char odd_parity_table[128] = { 1, 2, 4, 7, 8,
@ -344,22 +344,22 @@ static const unsigned char odd_parity_table[128] = { 1, 2, 4, 7, 8,
227, 229, 230, 233, 234, 236, 239, 241, 242, 244, 247, 248, 251, 253, 227, 229, 230, 233, 234, 236, 239, 241, 242, 244, 247, 248, 251, 253,
254 }; 254 };
void des_key_set_parity( unsigned char key[DES_KEY_SIZE] ) void mbedtls_des_key_set_parity( unsigned char key[MBEDTLS_DES_KEY_SIZE] )
{ {
int i; int i;
for( i = 0; i < DES_KEY_SIZE; i++ ) for( i = 0; i < MBEDTLS_DES_KEY_SIZE; i++ )
key[i] = odd_parity_table[key[i] / 2]; key[i] = odd_parity_table[key[i] / 2];
} }
/* /*
* Check the given key's parity, returns 1 on failure, 0 on SUCCESS * Check the given key's parity, returns 1 on failure, 0 on SUCCESS
*/ */
int des_key_check_key_parity( const unsigned char key[DES_KEY_SIZE] ) int mbedtls_des_key_check_key_parity( const unsigned char key[MBEDTLS_DES_KEY_SIZE] )
{ {
int i; int i;
for( i = 0; i < DES_KEY_SIZE; i++ ) for( i = 0; i < MBEDTLS_DES_KEY_SIZE; i++ )
if( key[i] != odd_parity_table[key[i] / 2] ) if( key[i] != odd_parity_table[key[i] / 2] )
return( 1 ); return( 1 );
@ -389,7 +389,7 @@ int des_key_check_key_parity( const unsigned char key[DES_KEY_SIZE] )
#define WEAK_KEY_COUNT 16 #define WEAK_KEY_COUNT 16
static const unsigned char weak_key_table[WEAK_KEY_COUNT][DES_KEY_SIZE] = static const unsigned char weak_key_table[WEAK_KEY_COUNT][MBEDTLS_DES_KEY_SIZE] =
{ {
{ 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 }, { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
{ 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE }, { 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE },
@ -410,18 +410,18 @@ static const unsigned char weak_key_table[WEAK_KEY_COUNT][DES_KEY_SIZE] =
{ 0xFE, 0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1 } { 0xFE, 0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1 }
}; };
int des_key_check_weak( const unsigned char key[DES_KEY_SIZE] ) int mbedtls_des_key_check_weak( const unsigned char key[MBEDTLS_DES_KEY_SIZE] )
{ {
int i; int i;
for( i = 0; i < WEAK_KEY_COUNT; i++ ) for( i = 0; i < WEAK_KEY_COUNT; i++ )
if( memcmp( weak_key_table[i], key, DES_KEY_SIZE) == 0 ) if( memcmp( weak_key_table[i], key, MBEDTLS_DES_KEY_SIZE) == 0 )
return( 1 ); return( 1 );
return( 0 ); return( 0 );
} }
static void des_setkey( uint32_t SK[32], const unsigned char key[DES_KEY_SIZE] ) static void des_setkey( uint32_t SK[32], const unsigned char key[MBEDTLS_DES_KEY_SIZE] )
{ {
int i; int i;
uint32_t X, Y, T; uint32_t X, Y, T;
@ -493,7 +493,7 @@ static void des_setkey( uint32_t SK[32], const unsigned char key[DES_KEY_SIZE] )
/* /*
* DES key schedule (56-bit, encryption) * DES key schedule (56-bit, encryption)
*/ */
int des_setkey_enc( des_context *ctx, const unsigned char key[DES_KEY_SIZE] ) int mbedtls_des_setkey_enc( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] )
{ {
des_setkey( ctx->sk, key ); des_setkey( ctx->sk, key );
@ -503,7 +503,7 @@ int des_setkey_enc( des_context *ctx, const unsigned char key[DES_KEY_SIZE] )
/* /*
* DES key schedule (56-bit, decryption) * DES key schedule (56-bit, decryption)
*/ */
int des_setkey_dec( des_context *ctx, const unsigned char key[DES_KEY_SIZE] ) int mbedtls_des_setkey_dec( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] )
{ {
int i; int i;
@ -520,7 +520,7 @@ int des_setkey_dec( des_context *ctx, const unsigned char key[DES_KEY_SIZE] )
static void des3_set2key( uint32_t esk[96], static void des3_set2key( uint32_t esk[96],
uint32_t dsk[96], uint32_t dsk[96],
const unsigned char key[DES_KEY_SIZE*2] ) const unsigned char key[MBEDTLS_DES_KEY_SIZE*2] )
{ {
int i; int i;
@ -546,13 +546,13 @@ static void des3_set2key( uint32_t esk[96],
/* /*
* Triple-DES key schedule (112-bit, encryption) * Triple-DES key schedule (112-bit, encryption)
*/ */
int des3_set2key_enc( des3_context *ctx, int mbedtls_des3_set2key_enc( mbedtls_des3_context *ctx,
const unsigned char key[DES_KEY_SIZE * 2] ) const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2] )
{ {
uint32_t sk[96]; uint32_t sk[96];
des3_set2key( ctx->sk, sk, key ); des3_set2key( ctx->sk, sk, key );
polarssl_zeroize( sk, sizeof( sk ) ); mbedtls_zeroize( sk, sizeof( sk ) );
return( 0 ); return( 0 );
} }
@ -560,13 +560,13 @@ int des3_set2key_enc( des3_context *ctx,
/* /*
* Triple-DES key schedule (112-bit, decryption) * Triple-DES key schedule (112-bit, decryption)
*/ */
int des3_set2key_dec( des3_context *ctx, int mbedtls_des3_set2key_dec( mbedtls_des3_context *ctx,
const unsigned char key[DES_KEY_SIZE * 2] ) const unsigned char key[MBEDTLS_DES_KEY_SIZE * 2] )
{ {
uint32_t sk[96]; uint32_t sk[96];
des3_set2key( sk, ctx->sk, key ); des3_set2key( sk, ctx->sk, key );
polarssl_zeroize( sk, sizeof( sk ) ); mbedtls_zeroize( sk, sizeof( sk ) );
return( 0 ); return( 0 );
} }
@ -597,13 +597,13 @@ static void des3_set3key( uint32_t esk[96],
/* /*
* Triple-DES key schedule (168-bit, encryption) * Triple-DES key schedule (168-bit, encryption)
*/ */
int des3_set3key_enc( des3_context *ctx, int mbedtls_des3_set3key_enc( mbedtls_des3_context *ctx,
const unsigned char key[DES_KEY_SIZE * 3] ) const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3] )
{ {
uint32_t sk[96]; uint32_t sk[96];
des3_set3key( ctx->sk, sk, key ); des3_set3key( ctx->sk, sk, key );
polarssl_zeroize( sk, sizeof( sk ) ); mbedtls_zeroize( sk, sizeof( sk ) );
return( 0 ); return( 0 );
} }
@ -611,13 +611,13 @@ int des3_set3key_enc( des3_context *ctx,
/* /*
* Triple-DES key schedule (168-bit, decryption) * Triple-DES key schedule (168-bit, decryption)
*/ */
int des3_set3key_dec( des3_context *ctx, int mbedtls_des3_set3key_dec( mbedtls_des3_context *ctx,
const unsigned char key[DES_KEY_SIZE * 3] ) const unsigned char key[MBEDTLS_DES_KEY_SIZE * 3] )
{ {
uint32_t sk[96]; uint32_t sk[96];
des3_set3key( sk, ctx->sk, key ); des3_set3key( sk, ctx->sk, key );
polarssl_zeroize( sk, sizeof( sk ) ); mbedtls_zeroize( sk, sizeof( sk ) );
return( 0 ); return( 0 );
} }
@ -625,7 +625,7 @@ int des3_set3key_dec( des3_context *ctx,
/* /*
* DES-ECB block encryption/decryption * DES-ECB block encryption/decryption
*/ */
int des_crypt_ecb( des_context *ctx, int mbedtls_des_crypt_ecb( mbedtls_des_context *ctx,
const unsigned char input[8], const unsigned char input[8],
unsigned char output[8] ) unsigned char output[8] )
{ {
@ -653,11 +653,11 @@ int des_crypt_ecb( des_context *ctx,
return( 0 ); return( 0 );
} }
#if defined(POLARSSL_CIPHER_MODE_CBC) #if defined(MBEDTLS_CIPHER_MODE_CBC)
/* /*
* DES-CBC buffer encryption/decryption * DES-CBC buffer encryption/decryption
*/ */
int des_crypt_cbc( des_context *ctx, int mbedtls_des_crypt_cbc( mbedtls_des_context *ctx,
int mode, int mode,
size_t length, size_t length,
unsigned char iv[8], unsigned char iv[8],
@ -668,16 +668,16 @@ int des_crypt_cbc( des_context *ctx,
unsigned char temp[8]; unsigned char temp[8];
if( length % 8 ) if( length % 8 )
return( POLARSSL_ERR_DES_INVALID_INPUT_LENGTH ); return( MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH );
if( mode == DES_ENCRYPT ) if( mode == MBEDTLS_DES_ENCRYPT )
{ {
while( length > 0 ) while( length > 0 )
{ {
for( i = 0; i < 8; i++ ) for( i = 0; i < 8; i++ )
output[i] = (unsigned char)( input[i] ^ iv[i] ); output[i] = (unsigned char)( input[i] ^ iv[i] );
des_crypt_ecb( ctx, output, output ); mbedtls_des_crypt_ecb( ctx, output, output );
memcpy( iv, output, 8 ); memcpy( iv, output, 8 );
input += 8; input += 8;
@ -685,12 +685,12 @@ int des_crypt_cbc( des_context *ctx,
length -= 8; length -= 8;
} }
} }
else /* DES_DECRYPT */ else /* MBEDTLS_DES_DECRYPT */
{ {
while( length > 0 ) while( length > 0 )
{ {
memcpy( temp, input, 8 ); memcpy( temp, input, 8 );
des_crypt_ecb( ctx, input, output ); mbedtls_des_crypt_ecb( ctx, input, output );
for( i = 0; i < 8; i++ ) for( i = 0; i < 8; i++ )
output[i] = (unsigned char)( output[i] ^ iv[i] ); output[i] = (unsigned char)( output[i] ^ iv[i] );
@ -705,12 +705,12 @@ int des_crypt_cbc( des_context *ctx,
return( 0 ); return( 0 );
} }
#endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* MBEDTLS_CIPHER_MODE_CBC */
/* /*
* 3DES-ECB block encryption/decryption * 3DES-ECB block encryption/decryption
*/ */
int des3_crypt_ecb( des3_context *ctx, int mbedtls_des3_crypt_ecb( mbedtls_des3_context *ctx,
const unsigned char input[8], const unsigned char input[8],
unsigned char output[8] ) unsigned char output[8] )
{ {
@ -750,11 +750,11 @@ int des3_crypt_ecb( des3_context *ctx,
return( 0 ); return( 0 );
} }
#if defined(POLARSSL_CIPHER_MODE_CBC) #if defined(MBEDTLS_CIPHER_MODE_CBC)
/* /*
* 3DES-CBC buffer encryption/decryption * 3DES-CBC buffer encryption/decryption
*/ */
int des3_crypt_cbc( des3_context *ctx, int mbedtls_des3_crypt_cbc( mbedtls_des3_context *ctx,
int mode, int mode,
size_t length, size_t length,
unsigned char iv[8], unsigned char iv[8],
@ -765,16 +765,16 @@ int des3_crypt_cbc( des3_context *ctx,
unsigned char temp[8]; unsigned char temp[8];
if( length % 8 ) if( length % 8 )
return( POLARSSL_ERR_DES_INVALID_INPUT_LENGTH ); return( MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH );
if( mode == DES_ENCRYPT ) if( mode == MBEDTLS_DES_ENCRYPT )
{ {
while( length > 0 ) while( length > 0 )
{ {
for( i = 0; i < 8; i++ ) for( i = 0; i < 8; i++ )
output[i] = (unsigned char)( input[i] ^ iv[i] ); output[i] = (unsigned char)( input[i] ^ iv[i] );
des3_crypt_ecb( ctx, output, output ); mbedtls_des3_crypt_ecb( ctx, output, output );
memcpy( iv, output, 8 ); memcpy( iv, output, 8 );
input += 8; input += 8;
@ -782,12 +782,12 @@ int des3_crypt_cbc( des3_context *ctx,
length -= 8; length -= 8;
} }
} }
else /* DES_DECRYPT */ else /* MBEDTLS_DES_DECRYPT */
{ {
while( length > 0 ) while( length > 0 )
{ {
memcpy( temp, input, 8 ); memcpy( temp, input, 8 );
des3_crypt_ecb( ctx, input, output ); mbedtls_des3_crypt_ecb( ctx, input, output );
for( i = 0; i < 8; i++ ) for( i = 0; i < 8; i++ )
output[i] = (unsigned char)( output[i] ^ iv[i] ); output[i] = (unsigned char)( output[i] ^ iv[i] );
@ -802,11 +802,11 @@ int des3_crypt_cbc( des3_context *ctx,
return( 0 ); return( 0 );
} }
#endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* MBEDTLS_CIPHER_MODE_CBC */
#endif /* !POLARSSL_DES_ALT */ #endif /* !MBEDTLS_DES_ALT */
#if defined(POLARSSL_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
/* /*
* DES and 3DES test vectors from: * DES and 3DES test vectors from:
* *
@ -838,7 +838,7 @@ static const unsigned char des3_test_ecb_enc[3][8] =
{ 0xDD, 0x17, 0xE8, 0xB8, 0xB4, 0x37, 0xD2, 0x32 } { 0xDD, 0x17, 0xE8, 0xB8, 0xB4, 0x37, 0xD2, 0x32 }
}; };
#if defined(POLARSSL_CIPHER_MODE_CBC) #if defined(MBEDTLS_CIPHER_MODE_CBC)
static const unsigned char des3_test_iv[8] = static const unsigned char des3_test_iv[8] =
{ {
0x12, 0x34, 0x56, 0x78, 0x90, 0xAB, 0xCD, 0xEF, 0x12, 0x34, 0x56, 0x78, 0x90, 0xAB, 0xCD, 0xEF,
@ -857,24 +857,24 @@ static const unsigned char des3_test_cbc_enc[3][8] =
{ 0x35, 0x76, 0x11, 0x56, 0x5F, 0xA1, 0x8E, 0x4D }, { 0x35, 0x76, 0x11, 0x56, 0x5F, 0xA1, 0x8E, 0x4D },
{ 0xCB, 0x19, 0x1F, 0x85, 0xD1, 0xED, 0x84, 0x39 } { 0xCB, 0x19, 0x1F, 0x85, 0xD1, 0xED, 0x84, 0x39 }
}; };
#endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* MBEDTLS_CIPHER_MODE_CBC */
/* /*
* Checkup routine * Checkup routine
*/ */
int des_self_test( int verbose ) int mbedtls_des_self_test( int verbose )
{ {
int i, j, u, v, ret = 0; int i, j, u, v, ret = 0;
des_context ctx; mbedtls_des_context ctx;
des3_context ctx3; mbedtls_des3_context ctx3;
unsigned char buf[8]; unsigned char buf[8];
#if defined(POLARSSL_CIPHER_MODE_CBC) #if defined(MBEDTLS_CIPHER_MODE_CBC)
unsigned char prv[8]; unsigned char prv[8];
unsigned char iv[8]; unsigned char iv[8];
#endif #endif
des_init( &ctx ); mbedtls_des_init( &ctx );
des3_init( &ctx3 ); mbedtls_des3_init( &ctx3 );
/* /*
* ECB mode * ECB mode
*/ */
@ -884,36 +884,36 @@ int des_self_test( int verbose )
v = i & 1; v = i & 1;
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( " DES%c-ECB-%3d (%s): ", mbedtls_printf( " DES%c-ECB-%3d (%s): ",
( u == 0 ) ? ' ' : '3', 56 + u * 56, ( u == 0 ) ? ' ' : '3', 56 + u * 56,
( v == DES_DECRYPT ) ? "dec" : "enc" ); ( v == MBEDTLS_DES_DECRYPT ) ? "dec" : "enc" );
memcpy( buf, des3_test_buf, 8 ); memcpy( buf, des3_test_buf, 8 );
switch( i ) switch( i )
{ {
case 0: case 0:
des_setkey_dec( &ctx, des3_test_keys ); mbedtls_des_setkey_dec( &ctx, des3_test_keys );
break; break;
case 1: case 1:
des_setkey_enc( &ctx, des3_test_keys ); mbedtls_des_setkey_enc( &ctx, des3_test_keys );
break; break;
case 2: case 2:
des3_set2key_dec( &ctx3, des3_test_keys ); mbedtls_des3_set2key_dec( &ctx3, des3_test_keys );
break; break;
case 3: case 3:
des3_set2key_enc( &ctx3, des3_test_keys ); mbedtls_des3_set2key_enc( &ctx3, des3_test_keys );
break; break;
case 4: case 4:
des3_set3key_dec( &ctx3, des3_test_keys ); mbedtls_des3_set3key_dec( &ctx3, des3_test_keys );
break; break;
case 5: case 5:
des3_set3key_enc( &ctx3, des3_test_keys ); mbedtls_des3_set3key_enc( &ctx3, des3_test_keys );
break; break;
default: default:
@ -923,31 +923,31 @@ int des_self_test( int verbose )
for( j = 0; j < 10000; j++ ) for( j = 0; j < 10000; j++ )
{ {
if( u == 0 ) if( u == 0 )
des_crypt_ecb( &ctx, buf, buf ); mbedtls_des_crypt_ecb( &ctx, buf, buf );
else else
des3_crypt_ecb( &ctx3, buf, buf ); mbedtls_des3_crypt_ecb( &ctx3, buf, buf );
} }
if( ( v == DES_DECRYPT && if( ( v == MBEDTLS_DES_DECRYPT &&
memcmp( buf, des3_test_ecb_dec[u], 8 ) != 0 ) || memcmp( buf, des3_test_ecb_dec[u], 8 ) != 0 ) ||
( v != DES_DECRYPT && ( v != MBEDTLS_DES_DECRYPT &&
memcmp( buf, des3_test_ecb_enc[u], 8 ) != 0 ) ) memcmp( buf, des3_test_ecb_enc[u], 8 ) != 0 ) )
{ {
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "failed\n" ); mbedtls_printf( "failed\n" );
ret = 1; ret = 1;
goto exit; goto exit;
} }
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "passed\n" ); mbedtls_printf( "passed\n" );
} }
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "\n" ); mbedtls_printf( "\n" );
#if defined(POLARSSL_CIPHER_MODE_CBC) #if defined(MBEDTLS_CIPHER_MODE_CBC)
/* /*
* CBC mode * CBC mode
*/ */
@ -957,9 +957,9 @@ int des_self_test( int verbose )
v = i & 1; v = i & 1;
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( " DES%c-CBC-%3d (%s): ", mbedtls_printf( " DES%c-CBC-%3d (%s): ",
( u == 0 ) ? ' ' : '3', 56 + u * 56, ( u == 0 ) ? ' ' : '3', 56 + u * 56,
( v == DES_DECRYPT ) ? "dec" : "enc" ); ( v == MBEDTLS_DES_DECRYPT ) ? "dec" : "enc" );
memcpy( iv, des3_test_iv, 8 ); memcpy( iv, des3_test_iv, 8 );
memcpy( prv, des3_test_iv, 8 ); memcpy( prv, des3_test_iv, 8 );
@ -968,41 +968,41 @@ int des_self_test( int verbose )
switch( i ) switch( i )
{ {
case 0: case 0:
des_setkey_dec( &ctx, des3_test_keys ); mbedtls_des_setkey_dec( &ctx, des3_test_keys );
break; break;
case 1: case 1:
des_setkey_enc( &ctx, des3_test_keys ); mbedtls_des_setkey_enc( &ctx, des3_test_keys );
break; break;
case 2: case 2:
des3_set2key_dec( &ctx3, des3_test_keys ); mbedtls_des3_set2key_dec( &ctx3, des3_test_keys );
break; break;
case 3: case 3:
des3_set2key_enc( &ctx3, des3_test_keys ); mbedtls_des3_set2key_enc( &ctx3, des3_test_keys );
break; break;
case 4: case 4:
des3_set3key_dec( &ctx3, des3_test_keys ); mbedtls_des3_set3key_dec( &ctx3, des3_test_keys );
break; break;
case 5: case 5:
des3_set3key_enc( &ctx3, des3_test_keys ); mbedtls_des3_set3key_enc( &ctx3, des3_test_keys );
break; break;
default: default:
return( 1 ); return( 1 );
} }
if( v == DES_DECRYPT ) if( v == MBEDTLS_DES_DECRYPT )
{ {
for( j = 0; j < 10000; j++ ) for( j = 0; j < 10000; j++ )
{ {
if( u == 0 ) if( u == 0 )
des_crypt_cbc( &ctx, v, 8, iv, buf, buf ); mbedtls_des_crypt_cbc( &ctx, v, 8, iv, buf, buf );
else else
des3_crypt_cbc( &ctx3, v, 8, iv, buf, buf ); mbedtls_des3_crypt_cbc( &ctx3, v, 8, iv, buf, buf );
} }
} }
else else
@ -1012,9 +1012,9 @@ int des_self_test( int verbose )
unsigned char tmp[8]; unsigned char tmp[8];
if( u == 0 ) if( u == 0 )
des_crypt_cbc( &ctx, v, 8, iv, buf, buf ); mbedtls_des_crypt_cbc( &ctx, v, 8, iv, buf, buf );
else else
des3_crypt_cbc( &ctx3, v, 8, iv, buf, buf ); mbedtls_des3_crypt_cbc( &ctx3, v, 8, iv, buf, buf );
memcpy( tmp, prv, 8 ); memcpy( tmp, prv, 8 );
memcpy( prv, buf, 8 ); memcpy( prv, buf, 8 );
@ -1024,33 +1024,33 @@ int des_self_test( int verbose )
memcpy( buf, prv, 8 ); memcpy( buf, prv, 8 );
} }
if( ( v == DES_DECRYPT && if( ( v == MBEDTLS_DES_DECRYPT &&
memcmp( buf, des3_test_cbc_dec[u], 8 ) != 0 ) || memcmp( buf, des3_test_cbc_dec[u], 8 ) != 0 ) ||
( v != DES_DECRYPT && ( v != MBEDTLS_DES_DECRYPT &&
memcmp( buf, des3_test_cbc_enc[u], 8 ) != 0 ) ) memcmp( buf, des3_test_cbc_enc[u], 8 ) != 0 ) )
{ {
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "failed\n" ); mbedtls_printf( "failed\n" );
ret = 1; ret = 1;
goto exit; goto exit;
} }
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "passed\n" ); mbedtls_printf( "passed\n" );
} }
#endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* MBEDTLS_CIPHER_MODE_CBC */
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "\n" ); mbedtls_printf( "\n" );
exit: exit:
des_free( &ctx ); mbedtls_des_free( &ctx );
des3_free( &ctx3 ); mbedtls_des3_free( &ctx3 );
return( ret ); return( ret );
} }
#endif /* POLARSSL_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */
#endif /* POLARSSL_DES_C */ #endif /* MBEDTLS_DES_C */

286
library/dhm.c
View File

@ -25,61 +25,61 @@
* http://www.cacr.math.uwaterloo.ca/hac/ (chapter 12) * http://www.cacr.math.uwaterloo.ca/hac/ (chapter 12)
*/ */
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h" #include "mbedtls/config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#if defined(POLARSSL_DHM_C) #if defined(MBEDTLS_DHM_C)
#include "mbedtls/dhm.h" #include "mbedtls/dhm.h"
#include <string.h> #include <string.h>
#if defined(POLARSSL_PEM_PARSE_C) #if defined(MBEDTLS_PEM_PARSE_C)
#include "mbedtls/pem.h" #include "mbedtls/pem.h"
#endif #endif
#if defined(POLARSSL_ASN1_PARSE_C) #if defined(MBEDTLS_ASN1_PARSE_C)
#include "mbedtls/asn1.h" #include "mbedtls/asn1.h"
#endif #endif
#if defined(POLARSSL_PLATFORM_C) #if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h" #include "mbedtls/platform.h"
#else #else
#include <stdlib.h> #include <stdlib.h>
#include <stdio.h> #include <stdio.h>
#define polarssl_printf printf #define mbedtls_printf printf
#define polarssl_malloc malloc #define mbedtls_malloc malloc
#define polarssl_free free #define mbedtls_free free
#endif #endif
/* Implementation that should never be optimized out by the compiler */ /* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) { static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0; volatile unsigned char *p = v; while( n-- ) *p++ = 0;
} }
/* /*
* helper to validate the mpi size and import it * helper to validate the mbedtls_mpi size and import it
*/ */
static int dhm_read_bignum( mpi *X, static int dhm_read_bignum( mbedtls_mpi *X,
unsigned char **p, unsigned char **p,
const unsigned char *end ) const unsigned char *end )
{ {
int ret, n; int ret, n;
if( end - *p < 2 ) if( end - *p < 2 )
return( POLARSSL_ERR_DHM_BAD_INPUT_DATA ); return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA );
n = ( (*p)[0] << 8 ) | (*p)[1]; n = ( (*p)[0] << 8 ) | (*p)[1];
(*p) += 2; (*p) += 2;
if( (int)( end - *p ) < n ) if( (int)( end - *p ) < n )
return( POLARSSL_ERR_DHM_BAD_INPUT_DATA ); return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA );
if( ( ret = mpi_read_binary( X, *p, n ) ) != 0 ) if( ( ret = mbedtls_mpi_read_binary( X, *p, n ) ) != 0 )
return( POLARSSL_ERR_DHM_READ_PARAMS_FAILED + ret ); return( MBEDTLS_ERR_DHM_READ_PARAMS_FAILED + ret );
(*p) += n; (*p) += n;
@ -95,36 +95,36 @@ static int dhm_read_bignum( mpi *X,
* http://www.cl.cam.ac.uk/~rja14/Papers/psandqs.pdf * http://www.cl.cam.ac.uk/~rja14/Papers/psandqs.pdf
* http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2643 * http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2643
*/ */
static int dhm_check_range( const mpi *param, const mpi *P ) static int dhm_check_range( const mbedtls_mpi *param, const mbedtls_mpi *P )
{ {
mpi L, U; mbedtls_mpi L, U;
int ret = POLARSSL_ERR_DHM_BAD_INPUT_DATA; int ret = MBEDTLS_ERR_DHM_BAD_INPUT_DATA;
mpi_init( &L ); mpi_init( &U ); mbedtls_mpi_init( &L ); mbedtls_mpi_init( &U );
MPI_CHK( mpi_lset( &L, 2 ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &L, 2 ) );
MPI_CHK( mpi_sub_int( &U, P, 2 ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_sub_int( &U, P, 2 ) );
if( mpi_cmp_mpi( param, &L ) >= 0 && if( mbedtls_mpi_cmp_mpi( param, &L ) >= 0 &&
mpi_cmp_mpi( param, &U ) <= 0 ) mbedtls_mpi_cmp_mpi( param, &U ) <= 0 )
{ {
ret = 0; ret = 0;
} }
cleanup: cleanup:
mpi_free( &L ); mpi_free( &U ); mbedtls_mpi_free( &L ); mbedtls_mpi_free( &U );
return( ret ); return( ret );
} }
void dhm_init( dhm_context *ctx ) void mbedtls_dhm_init( mbedtls_dhm_context *ctx )
{ {
memset( ctx, 0, sizeof( dhm_context ) ); memset( ctx, 0, sizeof( mbedtls_dhm_context ) );
} }
/* /*
* Parse the ServerKeyExchange parameters * Parse the ServerKeyExchange parameters
*/ */
int dhm_read_params( dhm_context *ctx, int mbedtls_dhm_read_params( mbedtls_dhm_context *ctx,
unsigned char **p, unsigned char **p,
const unsigned char *end ) const unsigned char *end )
{ {
@ -138,7 +138,7 @@ int dhm_read_params( dhm_context *ctx,
if( ( ret = dhm_check_range( &ctx->GY, &ctx->P ) ) != 0 ) if( ( ret = dhm_check_range( &ctx->GY, &ctx->P ) ) != 0 )
return( ret ); return( ret );
ctx->len = mpi_size( &ctx->P ); ctx->len = mbedtls_mpi_size( &ctx->P );
return( 0 ); return( 0 );
} }
@ -146,7 +146,7 @@ int dhm_read_params( dhm_context *ctx,
/* /*
* Setup and write the ServerKeyExchange parameters * Setup and write the ServerKeyExchange parameters
*/ */
int dhm_make_params( dhm_context *ctx, int x_size, int mbedtls_dhm_make_params( mbedtls_dhm_context *ctx, int x_size,
unsigned char *output, size_t *olen, unsigned char *output, size_t *olen,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ) void *p_rng )
@ -155,28 +155,28 @@ int dhm_make_params( dhm_context *ctx, int x_size,
size_t n1, n2, n3; size_t n1, n2, n3;
unsigned char *p; unsigned char *p;
if( mpi_cmp_int( &ctx->P, 0 ) == 0 ) if( mbedtls_mpi_cmp_int( &ctx->P, 0 ) == 0 )
return( POLARSSL_ERR_DHM_BAD_INPUT_DATA ); return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA );
/* /*
* Generate X as large as possible ( < P ) * Generate X as large as possible ( < P )
*/ */
do do
{ {
mpi_fill_random( &ctx->X, x_size, f_rng, p_rng ); mbedtls_mpi_fill_random( &ctx->X, x_size, f_rng, p_rng );
while( mpi_cmp_mpi( &ctx->X, &ctx->P ) >= 0 ) while( mbedtls_mpi_cmp_mpi( &ctx->X, &ctx->P ) >= 0 )
MPI_CHK( mpi_shift_r( &ctx->X, 1 ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &ctx->X, 1 ) );
if( count++ > 10 ) if( count++ > 10 )
return( POLARSSL_ERR_DHM_MAKE_PARAMS_FAILED ); return( MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED );
} }
while( dhm_check_range( &ctx->X, &ctx->P ) != 0 ); while( dhm_check_range( &ctx->X, &ctx->P ) != 0 );
/* /*
* Calculate GX = G^X mod P * Calculate GX = G^X mod P
*/ */
MPI_CHK( mpi_exp_mod( &ctx->GX, &ctx->G, &ctx->X, MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &ctx->GX, &ctx->G, &ctx->X,
&ctx->P , &ctx->RP ) ); &ctx->P , &ctx->RP ) );
if( ( ret = dhm_check_range( &ctx->GX, &ctx->P ) ) != 0 ) if( ( ret = dhm_check_range( &ctx->GX, &ctx->P ) ) != 0 )
@ -186,13 +186,13 @@ int dhm_make_params( dhm_context *ctx, int x_size,
* export P, G, GX * export P, G, GX
*/ */
#define DHM_MPI_EXPORT(X,n) \ #define DHM_MPI_EXPORT(X,n) \
MPI_CHK( mpi_write_binary( X, p + 2, n ) ); \ MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( X, p + 2, n ) ); \
*p++ = (unsigned char)( n >> 8 ); \ *p++ = (unsigned char)( n >> 8 ); \
*p++ = (unsigned char)( n ); p += n; *p++ = (unsigned char)( n ); p += n;
n1 = mpi_size( &ctx->P ); n1 = mbedtls_mpi_size( &ctx->P );
n2 = mpi_size( &ctx->G ); n2 = mbedtls_mpi_size( &ctx->G );
n3 = mpi_size( &ctx->GX ); n3 = mbedtls_mpi_size( &ctx->GX );
p = output; p = output;
DHM_MPI_EXPORT( &ctx->P , n1 ); DHM_MPI_EXPORT( &ctx->P , n1 );
@ -206,7 +206,7 @@ int dhm_make_params( dhm_context *ctx, int x_size,
cleanup: cleanup:
if( ret != 0 ) if( ret != 0 )
return( POLARSSL_ERR_DHM_MAKE_PARAMS_FAILED + ret ); return( MBEDTLS_ERR_DHM_MAKE_PARAMS_FAILED + ret );
return( 0 ); return( 0 );
} }
@ -214,16 +214,16 @@ cleanup:
/* /*
* Import the peer's public value G^Y * Import the peer's public value G^Y
*/ */
int dhm_read_public( dhm_context *ctx, int mbedtls_dhm_read_public( mbedtls_dhm_context *ctx,
const unsigned char *input, size_t ilen ) const unsigned char *input, size_t ilen )
{ {
int ret; int ret;
if( ctx == NULL || ilen < 1 || ilen > ctx->len ) if( ctx == NULL || ilen < 1 || ilen > ctx->len )
return( POLARSSL_ERR_DHM_BAD_INPUT_DATA ); return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA );
if( ( ret = mpi_read_binary( &ctx->GY, input, ilen ) ) != 0 ) if( ( ret = mbedtls_mpi_read_binary( &ctx->GY, input, ilen ) ) != 0 )
return( POLARSSL_ERR_DHM_READ_PUBLIC_FAILED + ret ); return( MBEDTLS_ERR_DHM_READ_PUBLIC_FAILED + ret );
return( 0 ); return( 0 );
} }
@ -231,7 +231,7 @@ int dhm_read_public( dhm_context *ctx,
/* /*
* Create own private value X and export G^X * Create own private value X and export G^X
*/ */
int dhm_make_public( dhm_context *ctx, int x_size, int mbedtls_dhm_make_public( mbedtls_dhm_context *ctx, int x_size,
unsigned char *output, size_t olen, unsigned char *output, size_t olen,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ) void *p_rng )
@ -239,38 +239,38 @@ int dhm_make_public( dhm_context *ctx, int x_size,
int ret, count = 0; int ret, count = 0;
if( ctx == NULL || olen < 1 || olen > ctx->len ) if( ctx == NULL || olen < 1 || olen > ctx->len )
return( POLARSSL_ERR_DHM_BAD_INPUT_DATA ); return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA );
if( mpi_cmp_int( &ctx->P, 0 ) == 0 ) if( mbedtls_mpi_cmp_int( &ctx->P, 0 ) == 0 )
return( POLARSSL_ERR_DHM_BAD_INPUT_DATA ); return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA );
/* /*
* generate X and calculate GX = G^X mod P * generate X and calculate GX = G^X mod P
*/ */
do do
{ {
mpi_fill_random( &ctx->X, x_size, f_rng, p_rng ); mbedtls_mpi_fill_random( &ctx->X, x_size, f_rng, p_rng );
while( mpi_cmp_mpi( &ctx->X, &ctx->P ) >= 0 ) while( mbedtls_mpi_cmp_mpi( &ctx->X, &ctx->P ) >= 0 )
MPI_CHK( mpi_shift_r( &ctx->X, 1 ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &ctx->X, 1 ) );
if( count++ > 10 ) if( count++ > 10 )
return( POLARSSL_ERR_DHM_MAKE_PUBLIC_FAILED ); return( MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED );
} }
while( dhm_check_range( &ctx->X, &ctx->P ) != 0 ); while( dhm_check_range( &ctx->X, &ctx->P ) != 0 );
MPI_CHK( mpi_exp_mod( &ctx->GX, &ctx->G, &ctx->X, MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &ctx->GX, &ctx->G, &ctx->X,
&ctx->P , &ctx->RP ) ); &ctx->P , &ctx->RP ) );
if( ( ret = dhm_check_range( &ctx->GX, &ctx->P ) ) != 0 ) if( ( ret = dhm_check_range( &ctx->GX, &ctx->P ) ) != 0 )
return( ret ); return( ret );
MPI_CHK( mpi_write_binary( &ctx->GX, output, olen ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &ctx->GX, output, olen ) );
cleanup: cleanup:
if( ret != 0 ) if( ret != 0 )
return( POLARSSL_ERR_DHM_MAKE_PUBLIC_FAILED + ret ); return( MBEDTLS_ERR_DHM_MAKE_PUBLIC_FAILED + ret );
return( 0 ); return( 0 );
} }
@ -281,7 +281,7 @@ cleanup:
* DSS, and other systems. In : Advances in Cryptology-CRYPTO'96. Springer * DSS, and other systems. In : Advances in Cryptology-CRYPTO'96. Springer
* Berlin Heidelberg, 1996. p. 104-113. * Berlin Heidelberg, 1996. p. 104-113.
*/ */
static int dhm_update_blinding( dhm_context *ctx, static int dhm_update_blinding( mbedtls_dhm_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
{ {
int ret, count; int ret, count;
@ -290,11 +290,11 @@ static int dhm_update_blinding( dhm_context *ctx,
* Don't use any blinding the first time a particular X is used, * Don't use any blinding the first time a particular X is used,
* but remember it to use blinding next time. * but remember it to use blinding next time.
*/ */
if( mpi_cmp_mpi( &ctx->X, &ctx->pX ) != 0 ) if( mbedtls_mpi_cmp_mpi( &ctx->X, &ctx->pX ) != 0 )
{ {
MPI_CHK( mpi_copy( &ctx->pX, &ctx->X ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &ctx->pX, &ctx->X ) );
MPI_CHK( mpi_lset( &ctx->Vi, 1 ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &ctx->Vi, 1 ) );
MPI_CHK( mpi_lset( &ctx->Vf, 1 ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_lset( &ctx->Vf, 1 ) );
return( 0 ); return( 0 );
} }
@ -303,13 +303,13 @@ static int dhm_update_blinding( dhm_context *ctx,
* Ok, we need blinding. Can we re-use existing values? * Ok, we need blinding. Can we re-use existing values?
* If yes, just update them by squaring them. * If yes, just update them by squaring them.
*/ */
if( mpi_cmp_int( &ctx->Vi, 1 ) != 0 ) if( mbedtls_mpi_cmp_int( &ctx->Vi, 1 ) != 0 )
{ {
MPI_CHK( mpi_mul_mpi( &ctx->Vi, &ctx->Vi, &ctx->Vi ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->Vi, &ctx->Vi, &ctx->Vi ) );
MPI_CHK( mpi_mod_mpi( &ctx->Vi, &ctx->Vi, &ctx->P ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->Vi, &ctx->Vi, &ctx->P ) );
MPI_CHK( mpi_mul_mpi( &ctx->Vf, &ctx->Vf, &ctx->Vf ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->Vf, &ctx->Vf, &ctx->Vf ) );
MPI_CHK( mpi_mod_mpi( &ctx->Vf, &ctx->Vf, &ctx->P ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->Vf, &ctx->Vf, &ctx->P ) );
return( 0 ); return( 0 );
} }
@ -322,19 +322,19 @@ static int dhm_update_blinding( dhm_context *ctx,
count = 0; count = 0;
do do
{ {
mpi_fill_random( &ctx->Vi, mpi_size( &ctx->P ), f_rng, p_rng ); mbedtls_mpi_fill_random( &ctx->Vi, mbedtls_mpi_size( &ctx->P ), f_rng, p_rng );
while( mpi_cmp_mpi( &ctx->Vi, &ctx->P ) >= 0 ) while( mbedtls_mpi_cmp_mpi( &ctx->Vi, &ctx->P ) >= 0 )
MPI_CHK( mpi_shift_r( &ctx->Vi, 1 ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &ctx->Vi, 1 ) );
if( count++ > 10 ) if( count++ > 10 )
return( POLARSSL_ERR_MPI_NOT_ACCEPTABLE ); return( MBEDTLS_ERR_MPI_NOT_ACCEPTABLE );
} }
while( mpi_cmp_int( &ctx->Vi, 1 ) <= 0 ); while( mbedtls_mpi_cmp_int( &ctx->Vi, 1 ) <= 0 );
/* Vf = Vi^-X mod P */ /* Vf = Vi^-X mod P */
MPI_CHK( mpi_inv_mod( &ctx->Vf, &ctx->Vi, &ctx->P ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &ctx->Vf, &ctx->Vi, &ctx->P ) );
MPI_CHK( mpi_exp_mod( &ctx->Vf, &ctx->Vf, &ctx->X, &ctx->P, &ctx->RP ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &ctx->Vf, &ctx->Vf, &ctx->X, &ctx->P, &ctx->RP ) );
cleanup: cleanup:
return( ret ); return( ret );
@ -343,52 +343,52 @@ cleanup:
/* /*
* Derive and export the shared secret (G^Y)^X mod P * Derive and export the shared secret (G^Y)^X mod P
*/ */
int dhm_calc_secret( dhm_context *ctx, int mbedtls_dhm_calc_secret( mbedtls_dhm_context *ctx,
unsigned char *output, size_t *olen, unsigned char *output, size_t *olen,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ) void *p_rng )
{ {
int ret; int ret;
mpi GYb; mbedtls_mpi GYb;
if( ctx == NULL || *olen < ctx->len ) if( ctx == NULL || *olen < ctx->len )
return( POLARSSL_ERR_DHM_BAD_INPUT_DATA ); return( MBEDTLS_ERR_DHM_BAD_INPUT_DATA );
if( ( ret = dhm_check_range( &ctx->GY, &ctx->P ) ) != 0 ) if( ( ret = dhm_check_range( &ctx->GY, &ctx->P ) ) != 0 )
return( ret ); return( ret );
mpi_init( &GYb ); mbedtls_mpi_init( &GYb );
/* Blind peer's value */ /* Blind peer's value */
if( f_rng != NULL ) if( f_rng != NULL )
{ {
MPI_CHK( dhm_update_blinding( ctx, f_rng, p_rng ) ); MBEDTLS_MPI_CHK( dhm_update_blinding( ctx, f_rng, p_rng ) );
MPI_CHK( mpi_mul_mpi( &GYb, &ctx->GY, &ctx->Vi ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &GYb, &ctx->GY, &ctx->Vi ) );
MPI_CHK( mpi_mod_mpi( &GYb, &GYb, &ctx->P ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &GYb, &GYb, &ctx->P ) );
} }
else else
MPI_CHK( mpi_copy( &GYb, &ctx->GY ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_copy( &GYb, &ctx->GY ) );
/* Do modular exponentiation */ /* Do modular exponentiation */
MPI_CHK( mpi_exp_mod( &ctx->K, &GYb, &ctx->X, MBEDTLS_MPI_CHK( mbedtls_mpi_exp_mod( &ctx->K, &GYb, &ctx->X,
&ctx->P, &ctx->RP ) ); &ctx->P, &ctx->RP ) );
/* Unblind secret value */ /* Unblind secret value */
if( f_rng != NULL ) if( f_rng != NULL )
{ {
MPI_CHK( mpi_mul_mpi( &ctx->K, &ctx->K, &ctx->Vf ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &ctx->K, &ctx->K, &ctx->Vf ) );
MPI_CHK( mpi_mod_mpi( &ctx->K, &ctx->K, &ctx->P ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &ctx->K, &ctx->K, &ctx->P ) );
} }
*olen = mpi_size( &ctx->K ); *olen = mbedtls_mpi_size( &ctx->K );
MPI_CHK( mpi_write_binary( &ctx->K, output, *olen ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &ctx->K, output, *olen ) );
cleanup: cleanup:
mpi_free( &GYb ); mbedtls_mpi_free( &GYb );
if( ret != 0 ) if( ret != 0 )
return( POLARSSL_ERR_DHM_CALC_SECRET_FAILED + ret ); return( MBEDTLS_ERR_DHM_CALC_SECRET_FAILED + ret );
return( 0 ); return( 0 );
} }
@ -396,32 +396,32 @@ cleanup:
/* /*
* Free the components of a DHM key * Free the components of a DHM key
*/ */
void dhm_free( dhm_context *ctx ) void mbedtls_dhm_free( mbedtls_dhm_context *ctx )
{ {
mpi_free( &ctx->pX); mpi_free( &ctx->Vf ); mpi_free( &ctx->Vi ); mbedtls_mpi_free( &ctx->pX); mbedtls_mpi_free( &ctx->Vf ); mbedtls_mpi_free( &ctx->Vi );
mpi_free( &ctx->RP ); mpi_free( &ctx->K ); mpi_free( &ctx->GY ); mbedtls_mpi_free( &ctx->RP ); mbedtls_mpi_free( &ctx->K ); mbedtls_mpi_free( &ctx->GY );
mpi_free( &ctx->GX ); mpi_free( &ctx->X ); mpi_free( &ctx->G ); mbedtls_mpi_free( &ctx->GX ); mbedtls_mpi_free( &ctx->X ); mbedtls_mpi_free( &ctx->G );
mpi_free( &ctx->P ); mbedtls_mpi_free( &ctx->P );
polarssl_zeroize( ctx, sizeof( dhm_context ) ); mbedtls_zeroize( ctx, sizeof( mbedtls_dhm_context ) );
} }
#if defined(POLARSSL_ASN1_PARSE_C) #if defined(MBEDTLS_ASN1_PARSE_C)
/* /*
* Parse DHM parameters * Parse DHM parameters
*/ */
int dhm_parse_dhm( dhm_context *dhm, const unsigned char *dhmin, int mbedtls_dhm_parse_dhm( mbedtls_dhm_context *dhm, const unsigned char *dhmin,
size_t dhminlen ) size_t dhminlen )
{ {
int ret; int ret;
size_t len; size_t len;
unsigned char *p, *end; unsigned char *p, *end;
#if defined(POLARSSL_PEM_PARSE_C) #if defined(MBEDTLS_PEM_PARSE_C)
pem_context pem; mbedtls_pem_context pem;
pem_init( &pem ); mbedtls_pem_init( &pem );
ret = pem_read_buffer( &pem, ret = mbedtls_pem_read_buffer( &pem,
"-----BEGIN DH PARAMETERS-----", "-----BEGIN DH PARAMETERS-----",
"-----END DH PARAMETERS-----", "-----END DH PARAMETERS-----",
dhmin, NULL, 0, &dhminlen ); dhmin, NULL, 0, &dhminlen );
@ -433,13 +433,13 @@ int dhm_parse_dhm( dhm_context *dhm, const unsigned char *dhmin,
*/ */
dhminlen = pem.buflen; dhminlen = pem.buflen;
} }
else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT ) else if( ret != MBEDTLS_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
goto exit; goto exit;
p = ( ret == 0 ) ? pem.buf : (unsigned char *) dhmin; p = ( ret == 0 ) ? pem.buf : (unsigned char *) dhmin;
#else #else
p = (unsigned char *) dhmin; p = (unsigned char *) dhmin;
#endif /* POLARSSL_PEM_PARSE_C */ #endif /* MBEDTLS_PEM_PARSE_C */
end = p + dhminlen; end = p + dhminlen;
/* /*
@ -448,44 +448,44 @@ int dhm_parse_dhm( dhm_context *dhm, const unsigned char *dhmin,
* generator INTEGER, -- g * generator INTEGER, -- g
* } * }
*/ */
if( ( ret = asn1_get_tag( &p, end, &len, if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
{ {
ret = POLARSSL_ERR_DHM_INVALID_FORMAT + ret; ret = MBEDTLS_ERR_DHM_INVALID_FORMAT + ret;
goto exit; goto exit;
} }
end = p + len; end = p + len;
if( ( ret = asn1_get_mpi( &p, end, &dhm->P ) ) != 0 || if( ( ret = mbedtls_asn1_get_mpi( &p, end, &dhm->P ) ) != 0 ||
( ret = asn1_get_mpi( &p, end, &dhm->G ) ) != 0 ) ( ret = mbedtls_asn1_get_mpi( &p, end, &dhm->G ) ) != 0 )
{ {
ret = POLARSSL_ERR_DHM_INVALID_FORMAT + ret; ret = MBEDTLS_ERR_DHM_INVALID_FORMAT + ret;
goto exit; goto exit;
} }
if( p != end ) if( p != end )
{ {
ret = POLARSSL_ERR_DHM_INVALID_FORMAT + ret = MBEDTLS_ERR_DHM_INVALID_FORMAT +
POLARSSL_ERR_ASN1_LENGTH_MISMATCH; MBEDTLS_ERR_ASN1_LENGTH_MISMATCH;
goto exit; goto exit;
} }
ret = 0; ret = 0;
dhm->len = mpi_size( &dhm->P ); dhm->len = mbedtls_mpi_size( &dhm->P );
exit: exit:
#if defined(POLARSSL_PEM_PARSE_C) #if defined(MBEDTLS_PEM_PARSE_C)
pem_free( &pem ); mbedtls_pem_free( &pem );
#endif #endif
if( ret != 0 ) if( ret != 0 )
dhm_free( dhm ); mbedtls_dhm_free( dhm );
return( ret ); return( ret );
} }
#if defined(POLARSSL_FS_IO) #if defined(MBEDTLS_FS_IO)
/* /*
* Load all data from a file into a given buffer. * Load all data from a file into a given buffer.
*/ */
@ -495,30 +495,30 @@ static int load_file( const char *path, unsigned char **buf, size_t *n )
long size; long size;
if( ( f = fopen( path, "rb" ) ) == NULL ) if( ( f = fopen( path, "rb" ) ) == NULL )
return( POLARSSL_ERR_DHM_FILE_IO_ERROR ); return( MBEDTLS_ERR_DHM_FILE_IO_ERROR );
fseek( f, 0, SEEK_END ); fseek( f, 0, SEEK_END );
if( ( size = ftell( f ) ) == -1 ) if( ( size = ftell( f ) ) == -1 )
{ {
fclose( f ); fclose( f );
return( POLARSSL_ERR_DHM_FILE_IO_ERROR ); return( MBEDTLS_ERR_DHM_FILE_IO_ERROR );
} }
fseek( f, 0, SEEK_SET ); fseek( f, 0, SEEK_SET );
*n = (size_t) size; *n = (size_t) size;
if( *n + 1 == 0 || if( *n + 1 == 0 ||
( *buf = polarssl_malloc( *n + 1 ) ) == NULL ) ( *buf = mbedtls_malloc( *n + 1 ) ) == NULL )
{ {
fclose( f ); fclose( f );
return( POLARSSL_ERR_DHM_MALLOC_FAILED ); return( MBEDTLS_ERR_DHM_MALLOC_FAILED );
} }
if( fread( *buf, 1, *n, f ) != *n ) if( fread( *buf, 1, *n, f ) != *n )
{ {
fclose( f ); fclose( f );
polarssl_free( *buf ); mbedtls_free( *buf );
return( POLARSSL_ERR_DHM_FILE_IO_ERROR ); return( MBEDTLS_ERR_DHM_FILE_IO_ERROR );
} }
fclose( f ); fclose( f );
@ -531,7 +531,7 @@ static int load_file( const char *path, unsigned char **buf, size_t *n )
/* /*
* Load and parse DHM parameters * Load and parse DHM parameters
*/ */
int dhm_parse_dhmfile( dhm_context *dhm, const char *path ) int mbedtls_dhm_parse_dhmfile( mbedtls_dhm_context *dhm, const char *path )
{ {
int ret; int ret;
size_t n; size_t n;
@ -540,59 +540,59 @@ int dhm_parse_dhmfile( dhm_context *dhm, const char *path )
if( ( ret = load_file( path, &buf, &n ) ) != 0 ) if( ( ret = load_file( path, &buf, &n ) ) != 0 )
return( ret ); return( ret );
ret = dhm_parse_dhm( dhm, buf, n ); ret = mbedtls_dhm_parse_dhm( dhm, buf, n );
polarssl_zeroize( buf, n + 1 ); mbedtls_zeroize( buf, n + 1 );
polarssl_free( buf ); mbedtls_free( buf );
return( ret ); return( ret );
} }
#endif /* POLARSSL_FS_IO */ #endif /* MBEDTLS_FS_IO */
#endif /* POLARSSL_ASN1_PARSE_C */ #endif /* MBEDTLS_ASN1_PARSE_C */
#if defined(POLARSSL_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
#include "mbedtls/certs.h" #include "mbedtls/certs.h"
/* /*
* Checkup routine * Checkup routine
*/ */
int dhm_self_test( int verbose ) int mbedtls_dhm_self_test( int verbose )
{ {
#if defined(POLARSSL_CERTS_C) #if defined(MBEDTLS_CERTS_C)
int ret; int ret;
dhm_context dhm; mbedtls_dhm_context dhm;
dhm_init( &dhm ); mbedtls_dhm_init( &dhm );
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( " DHM parameter load: " ); mbedtls_printf( " DHM parameter load: " );
if( ( ret = dhm_parse_dhm( &dhm, (const unsigned char *) test_dhm_params, if( ( ret = mbedtls_dhm_parse_dhm( &dhm, (const unsigned char *) mbedtls_test_dhm_params,
strlen( test_dhm_params ) ) ) != 0 ) strlen( mbedtls_test_dhm_params ) ) ) != 0 )
{ {
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "failed\n" ); mbedtls_printf( "failed\n" );
ret = 1; ret = 1;
goto exit; goto exit;
} }
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "passed\n\n" ); mbedtls_printf( "passed\n\n" );
exit: exit:
dhm_free( &dhm ); mbedtls_dhm_free( &dhm );
return( ret ); return( ret );
#else #else
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( " DHM parameter load: skipped\n" ); mbedtls_printf( " DHM parameter load: skipped\n" );
return( 0 ); return( 0 );
#endif /* POLARSSL_CERTS_C */ #endif /* MBEDTLS_CERTS_C */
} }
#endif /* POLARSSL_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */
#endif /* POLARSSL_DHM_C */ #endif /* MBEDTLS_DHM_C */

118
library/ecdh.c
View File

@ -27,58 +27,58 @@
* RFC 4492 * RFC 4492
*/ */
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h" #include "mbedtls/config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#if defined(POLARSSL_ECDH_C) #if defined(MBEDTLS_ECDH_C)
#include "mbedtls/ecdh.h" #include "mbedtls/ecdh.h"
#include <string.h> #include <string.h>
/* /*
* Generate public key: simple wrapper around ecp_gen_keypair * Generate public key: simple wrapper around mbedtls_ecp_gen_keypair
*/ */
int ecdh_gen_public( ecp_group *grp, mpi *d, ecp_point *Q, int mbedtls_ecdh_gen_public( mbedtls_ecp_group *grp, mbedtls_mpi *d, mbedtls_ecp_point *Q,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ) void *p_rng )
{ {
return ecp_gen_keypair( grp, d, Q, f_rng, p_rng ); return mbedtls_ecp_gen_keypair( grp, d, Q, f_rng, p_rng );
} }
/* /*
* Compute shared secret (SEC1 3.3.1) * Compute shared secret (SEC1 3.3.1)
*/ */
int ecdh_compute_shared( ecp_group *grp, mpi *z, int mbedtls_ecdh_compute_shared( mbedtls_ecp_group *grp, mbedtls_mpi *z,
const ecp_point *Q, const mpi *d, const mbedtls_ecp_point *Q, const mbedtls_mpi *d,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ) void *p_rng )
{ {
int ret; int ret;
ecp_point P; mbedtls_ecp_point P;
ecp_point_init( &P ); mbedtls_ecp_point_init( &P );
/* /*
* Make sure Q is a valid pubkey before using it * Make sure Q is a valid pubkey before using it
*/ */
MPI_CHK( ecp_check_pubkey( grp, Q ) ); MBEDTLS_MPI_CHK( mbedtls_ecp_check_pubkey( grp, Q ) );
MPI_CHK( ecp_mul( grp, &P, d, Q, f_rng, p_rng ) ); MBEDTLS_MPI_CHK( mbedtls_ecp_mul( grp, &P, d, Q, f_rng, p_rng ) );
if( ecp_is_zero( &P ) ) if( mbedtls_ecp_is_zero( &P ) )
{ {
ret = POLARSSL_ERR_ECP_BAD_INPUT_DATA; ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
goto cleanup; goto cleanup;
} }
MPI_CHK( mpi_copy( z, &P.X ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_copy( z, &P.X ) );
cleanup: cleanup:
ecp_point_free( &P ); mbedtls_ecp_point_free( &P );
return( ret ); return( ret );
} }
@ -86,27 +86,27 @@ cleanup:
/* /*
* Initialize context * Initialize context
*/ */
void ecdh_init( ecdh_context *ctx ) void mbedtls_ecdh_init( mbedtls_ecdh_context *ctx )
{ {
memset( ctx, 0, sizeof( ecdh_context ) ); memset( ctx, 0, sizeof( mbedtls_ecdh_context ) );
} }
/* /*
* Free context * Free context
*/ */
void ecdh_free( ecdh_context *ctx ) void mbedtls_ecdh_free( mbedtls_ecdh_context *ctx )
{ {
if( ctx == NULL ) if( ctx == NULL )
return; return;
ecp_group_free( &ctx->grp ); mbedtls_ecp_group_free( &ctx->grp );
ecp_point_free( &ctx->Q ); mbedtls_ecp_point_free( &ctx->Q );
ecp_point_free( &ctx->Qp ); mbedtls_ecp_point_free( &ctx->Qp );
ecp_point_free( &ctx->Vi ); mbedtls_ecp_point_free( &ctx->Vi );
ecp_point_free( &ctx->Vf ); mbedtls_ecp_point_free( &ctx->Vf );
mpi_free( &ctx->d ); mbedtls_mpi_free( &ctx->d );
mpi_free( &ctx->z ); mbedtls_mpi_free( &ctx->z );
mpi_free( &ctx->_d ); mbedtls_mpi_free( &ctx->_d );
} }
/* /*
@ -116,7 +116,7 @@ void ecdh_free( ecdh_context *ctx )
* ECPoint public; * ECPoint public;
* } ServerECDHParams; * } ServerECDHParams;
*/ */
int ecdh_make_params( ecdh_context *ctx, size_t *olen, int mbedtls_ecdh_make_params( mbedtls_ecdh_context *ctx, size_t *olen,
unsigned char *buf, size_t blen, unsigned char *buf, size_t blen,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ) void *p_rng )
@ -125,20 +125,20 @@ int ecdh_make_params( ecdh_context *ctx, size_t *olen,
size_t grp_len, pt_len; size_t grp_len, pt_len;
if( ctx == NULL || ctx->grp.pbits == 0 ) if( ctx == NULL || ctx->grp.pbits == 0 )
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA ); return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
if( ( ret = ecdh_gen_public( &ctx->grp, &ctx->d, &ctx->Q, f_rng, p_rng ) ) if( ( ret = mbedtls_ecdh_gen_public( &ctx->grp, &ctx->d, &ctx->Q, f_rng, p_rng ) )
!= 0 ) != 0 )
return( ret ); return( ret );
if( ( ret = ecp_tls_write_group( &ctx->grp, &grp_len, buf, blen ) ) if( ( ret = mbedtls_ecp_tls_write_group( &ctx->grp, &grp_len, buf, blen ) )
!= 0 ) != 0 )
return( ret ); return( ret );
buf += grp_len; buf += grp_len;
blen -= grp_len; blen -= grp_len;
if( ( ret = ecp_tls_write_point( &ctx->grp, &ctx->Q, ctx->point_format, if( ( ret = mbedtls_ecp_tls_write_point( &ctx->grp, &ctx->Q, ctx->point_format,
&pt_len, buf, blen ) ) != 0 ) &pt_len, buf, blen ) ) != 0 )
return( ret ); return( ret );
@ -153,15 +153,15 @@ int ecdh_make_params( ecdh_context *ctx, size_t *olen,
* ECPoint public; * ECPoint public;
* } ServerECDHParams; * } ServerECDHParams;
*/ */
int ecdh_read_params( ecdh_context *ctx, int mbedtls_ecdh_read_params( mbedtls_ecdh_context *ctx,
const unsigned char **buf, const unsigned char *end ) const unsigned char **buf, const unsigned char *end )
{ {
int ret; int ret;
if( ( ret = ecp_tls_read_group( &ctx->grp, buf, end - *buf ) ) != 0 ) if( ( ret = mbedtls_ecp_tls_read_group( &ctx->grp, buf, end - *buf ) ) != 0 )
return( ret ); return( ret );
if( ( ret = ecp_tls_read_point( &ctx->grp, &ctx->Qp, buf, end - *buf ) ) if( ( ret = mbedtls_ecp_tls_read_point( &ctx->grp, &ctx->Qp, buf, end - *buf ) )
!= 0 ) != 0 )
return( ret ); return( ret );
@ -171,24 +171,24 @@ int ecdh_read_params( ecdh_context *ctx,
/* /*
* Get parameters from a keypair * Get parameters from a keypair
*/ */
int ecdh_get_params( ecdh_context *ctx, const ecp_keypair *key, int mbedtls_ecdh_get_params( mbedtls_ecdh_context *ctx, const mbedtls_ecp_keypair *key,
ecdh_side side ) mbedtls_ecdh_side side )
{ {
int ret; int ret;
if( ( ret = ecp_group_copy( &ctx->grp, &key->grp ) ) != 0 ) if( ( ret = mbedtls_ecp_group_copy( &ctx->grp, &key->grp ) ) != 0 )
return( ret ); return( ret );
/* If it's not our key, just import the public part as Qp */ /* If it's not our key, just import the public part as Qp */
if( side == POLARSSL_ECDH_THEIRS ) if( side == MBEDTLS_ECDH_THEIRS )
return( ecp_copy( &ctx->Qp, &key->Q ) ); return( mbedtls_ecp_copy( &ctx->Qp, &key->Q ) );
/* Our key: import public (as Q) and private parts */ /* Our key: import public (as Q) and private parts */
if( side != POLARSSL_ECDH_OURS ) if( side != MBEDTLS_ECDH_OURS )
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA ); return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
if( ( ret = ecp_copy( &ctx->Q, &key->Q ) ) != 0 || if( ( ret = mbedtls_ecp_copy( &ctx->Q, &key->Q ) ) != 0 ||
( ret = mpi_copy( &ctx->d, &key->d ) ) != 0 ) ( ret = mbedtls_mpi_copy( &ctx->d, &key->d ) ) != 0 )
return( ret ); return( ret );
return( 0 ); return( 0 );
@ -197,7 +197,7 @@ int ecdh_get_params( ecdh_context *ctx, const ecp_keypair *key,
/* /*
* Setup and export the client public value * Setup and export the client public value
*/ */
int ecdh_make_public( ecdh_context *ctx, size_t *olen, int mbedtls_ecdh_make_public( mbedtls_ecdh_context *ctx, size_t *olen,
unsigned char *buf, size_t blen, unsigned char *buf, size_t blen,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ) void *p_rng )
@ -205,33 +205,33 @@ int ecdh_make_public( ecdh_context *ctx, size_t *olen,
int ret; int ret;
if( ctx == NULL || ctx->grp.pbits == 0 ) if( ctx == NULL || ctx->grp.pbits == 0 )
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA ); return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
if( ( ret = ecdh_gen_public( &ctx->grp, &ctx->d, &ctx->Q, f_rng, p_rng ) ) if( ( ret = mbedtls_ecdh_gen_public( &ctx->grp, &ctx->d, &ctx->Q, f_rng, p_rng ) )
!= 0 ) != 0 )
return( ret ); return( ret );
return ecp_tls_write_point( &ctx->grp, &ctx->Q, ctx->point_format, return mbedtls_ecp_tls_write_point( &ctx->grp, &ctx->Q, ctx->point_format,
olen, buf, blen ); olen, buf, blen );
} }
/* /*
* Parse and import the client's public value * Parse and import the client's public value
*/ */
int ecdh_read_public( ecdh_context *ctx, int mbedtls_ecdh_read_public( mbedtls_ecdh_context *ctx,
const unsigned char *buf, size_t blen ) const unsigned char *buf, size_t blen )
{ {
int ret; int ret;
const unsigned char *p = buf; const unsigned char *p = buf;
if( ctx == NULL ) if( ctx == NULL )
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA ); return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
if( ( ret = ecp_tls_read_point( &ctx->grp, &ctx->Qp, &p, blen ) ) != 0 ) if( ( ret = mbedtls_ecp_tls_read_point( &ctx->grp, &ctx->Qp, &p, blen ) ) != 0 )
return( ret ); return( ret );
if( (size_t)( p - buf ) != blen ) if( (size_t)( p - buf ) != blen )
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA ); return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
return( 0 ); return( 0 );
} }
@ -239,7 +239,7 @@ int ecdh_read_public( ecdh_context *ctx,
/* /*
* Derive and export the shared secret * Derive and export the shared secret
*/ */
int ecdh_calc_secret( ecdh_context *ctx, size_t *olen, int mbedtls_ecdh_calc_secret( mbedtls_ecdh_context *ctx, size_t *olen,
unsigned char *buf, size_t blen, unsigned char *buf, size_t blen,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ) void *p_rng )
@ -247,19 +247,19 @@ int ecdh_calc_secret( ecdh_context *ctx, size_t *olen,
int ret; int ret;
if( ctx == NULL ) if( ctx == NULL )
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA ); return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
if( ( ret = ecdh_compute_shared( &ctx->grp, &ctx->z, &ctx->Qp, &ctx->d, if( ( ret = mbedtls_ecdh_compute_shared( &ctx->grp, &ctx->z, &ctx->Qp, &ctx->d,
f_rng, p_rng ) ) != 0 ) f_rng, p_rng ) ) != 0 )
{ {
return( ret ); return( ret );
} }
if( mpi_size( &ctx->z ) > blen ) if( mbedtls_mpi_size( &ctx->z ) > blen )
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA ); return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
*olen = ctx->grp.pbits / 8 + ( ( ctx->grp.pbits % 8 ) != 0 ); *olen = ctx->grp.pbits / 8 + ( ( ctx->grp.pbits % 8 ) != 0 );
return mpi_write_binary( &ctx->z, buf, *olen ); return mbedtls_mpi_write_binary( &ctx->z, buf, *olen );
} }
#endif /* POLARSSL_ECDH_C */ #endif /* MBEDTLS_ECDH_C */

278
library/ecdsa.c
View File

@ -26,20 +26,20 @@
* SEC1 http://www.secg.org/index.php?action=secg,docs_secg * SEC1 http://www.secg.org/index.php?action=secg,docs_secg
*/ */
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h" #include "mbedtls/config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#if defined(POLARSSL_ECDSA_C) #if defined(MBEDTLS_ECDSA_C)
#include "mbedtls/ecdsa.h" #include "mbedtls/ecdsa.h"
#include "mbedtls/asn1write.h" #include "mbedtls/asn1write.h"
#include <string.h> #include <string.h>
#if defined(POLARSSL_ECDSA_DETERMINISTIC) #if defined(MBEDTLS_ECDSA_DETERMINISTIC)
#include "mbedtls/hmac_drbg.h" #include "mbedtls/hmac_drbg.h"
#endif #endif
@ -47,20 +47,20 @@
* Derive a suitable integer for group grp from a buffer of length len * Derive a suitable integer for group grp from a buffer of length len
* SEC1 4.1.3 step 5 aka SEC1 4.1.4 step 3 * SEC1 4.1.3 step 5 aka SEC1 4.1.4 step 3
*/ */
static int derive_mpi( const ecp_group *grp, mpi *x, static int derive_mpi( const mbedtls_ecp_group *grp, mbedtls_mpi *x,
const unsigned char *buf, size_t blen ) const unsigned char *buf, size_t blen )
{ {
int ret; int ret;
size_t n_size = ( grp->nbits + 7 ) / 8; size_t n_size = ( grp->nbits + 7 ) / 8;
size_t use_size = blen > n_size ? n_size : blen; size_t use_size = blen > n_size ? n_size : blen;
MPI_CHK( mpi_read_binary( x, buf, use_size ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( x, buf, use_size ) );
if( use_size * 8 > grp->nbits ) if( use_size * 8 > grp->nbits )
MPI_CHK( mpi_shift_r( x, use_size * 8 - grp->nbits ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( x, use_size * 8 - grp->nbits ) );
/* While at it, reduce modulo N */ /* While at it, reduce modulo N */
if( mpi_cmp_mpi( x, &grp->N ) >= 0 ) if( mbedtls_mpi_cmp_mpi( x, &grp->N ) >= 0 )
MPI_CHK( mpi_sub_mpi( x, x, &grp->N ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_sub_mpi( x, x, &grp->N ) );
cleanup: cleanup:
return( ret ); return( ret );
@ -70,20 +70,20 @@ cleanup:
* Compute ECDSA signature of a hashed message (SEC1 4.1.3) * Compute ECDSA signature of a hashed message (SEC1 4.1.3)
* Obviously, compared to SEC1 4.1.3, we skip step 4 (hash message) * Obviously, compared to SEC1 4.1.3, we skip step 4 (hash message)
*/ */
int ecdsa_sign( ecp_group *grp, mpi *r, mpi *s, int mbedtls_ecdsa_sign( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s,
const mpi *d, const unsigned char *buf, size_t blen, const mbedtls_mpi *d, const unsigned char *buf, size_t blen,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
{ {
int ret, key_tries, sign_tries, blind_tries; int ret, key_tries, sign_tries, blind_tries;
ecp_point R; mbedtls_ecp_point R;
mpi k, e, t; mbedtls_mpi k, e, t;
/* Fail cleanly on curves such as Curve25519 that can't be used for ECDSA */ /* Fail cleanly on curves such as Curve25519 that can't be used for ECDSA */
if( grp->N.p == NULL ) if( grp->N.p == NULL )
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA ); return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
ecp_point_init( &R ); mbedtls_ecp_point_init( &R );
mpi_init( &k ); mpi_init( &e ); mpi_init( &t ); mbedtls_mpi_init( &k ); mbedtls_mpi_init( &e ); mbedtls_mpi_init( &t );
sign_tries = 0; sign_tries = 0;
do do
@ -95,21 +95,21 @@ int ecdsa_sign( ecp_group *grp, mpi *r, mpi *s,
key_tries = 0; key_tries = 0;
do do
{ {
MPI_CHK( ecp_gen_keypair( grp, &k, &R, f_rng, p_rng ) ); MBEDTLS_MPI_CHK( mbedtls_ecp_gen_keypair( grp, &k, &R, f_rng, p_rng ) );
MPI_CHK( mpi_mod_mpi( r, &R.X, &grp->N ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( r, &R.X, &grp->N ) );
if( key_tries++ > 10 ) if( key_tries++ > 10 )
{ {
ret = POLARSSL_ERR_ECP_RANDOM_FAILED; ret = MBEDTLS_ERR_ECP_RANDOM_FAILED;
goto cleanup; goto cleanup;
} }
} }
while( mpi_cmp_int( r, 0 ) == 0 ); while( mbedtls_mpi_cmp_int( r, 0 ) == 0 );
/* /*
* Step 5: derive MPI from hashed message * Step 5: derive MPI from hashed message
*/ */
MPI_CHK( derive_mpi( grp, &e, buf, blen ) ); MBEDTLS_MPI_CHK( derive_mpi( grp, &e, buf, blen ) );
/* /*
* Generate a random value to blind inv_mod in next step, * Generate a random value to blind inv_mod in next step,
@ -119,143 +119,143 @@ int ecdsa_sign( ecp_group *grp, mpi *r, mpi *s,
do do
{ {
size_t n_size = ( grp->nbits + 7 ) / 8; size_t n_size = ( grp->nbits + 7 ) / 8;
MPI_CHK( mpi_fill_random( &t, n_size, f_rng, p_rng ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_fill_random( &t, n_size, f_rng, p_rng ) );
MPI_CHK( mpi_shift_r( &t, 8 * n_size - grp->nbits ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_shift_r( &t, 8 * n_size - grp->nbits ) );
/* See ecp_gen_keypair() */ /* See mbedtls_ecp_gen_keypair() */
if( ++blind_tries > 30 ) if( ++blind_tries > 30 )
return( POLARSSL_ERR_ECP_RANDOM_FAILED ); return( MBEDTLS_ERR_ECP_RANDOM_FAILED );
} }
while( mpi_cmp_int( &t, 1 ) < 0 || while( mbedtls_mpi_cmp_int( &t, 1 ) < 0 ||
mpi_cmp_mpi( &t, &grp->N ) >= 0 ); mbedtls_mpi_cmp_mpi( &t, &grp->N ) >= 0 );
/* /*
* Step 6: compute s = (e + r * d) / k = t (e + rd) / (kt) mod n * Step 6: compute s = (e + r * d) / k = t (e + rd) / (kt) mod n
*/ */
MPI_CHK( mpi_mul_mpi( s, r, d ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( s, r, d ) );
MPI_CHK( mpi_add_mpi( &e, &e, s ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_add_mpi( &e, &e, s ) );
MPI_CHK( mpi_mul_mpi( &e, &e, &t ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &e, &e, &t ) );
MPI_CHK( mpi_mul_mpi( &k, &k, &t ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &k, &k, &t ) );
MPI_CHK( mpi_inv_mod( s, &k, &grp->N ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( s, &k, &grp->N ) );
MPI_CHK( mpi_mul_mpi( s, s, &e ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( s, s, &e ) );
MPI_CHK( mpi_mod_mpi( s, s, &grp->N ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( s, s, &grp->N ) );
if( sign_tries++ > 10 ) if( sign_tries++ > 10 )
{ {
ret = POLARSSL_ERR_ECP_RANDOM_FAILED; ret = MBEDTLS_ERR_ECP_RANDOM_FAILED;
goto cleanup; goto cleanup;
} }
} }
while( mpi_cmp_int( s, 0 ) == 0 ); while( mbedtls_mpi_cmp_int( s, 0 ) == 0 );
cleanup: cleanup:
ecp_point_free( &R ); mbedtls_ecp_point_free( &R );
mpi_free( &k ); mpi_free( &e ); mpi_free( &t ); mbedtls_mpi_free( &k ); mbedtls_mpi_free( &e ); mbedtls_mpi_free( &t );
return( ret ); return( ret );
} }
#if defined(POLARSSL_ECDSA_DETERMINISTIC) #if defined(MBEDTLS_ECDSA_DETERMINISTIC)
/* /*
* Deterministic signature wrapper * Deterministic signature wrapper
*/ */
int ecdsa_sign_det( ecp_group *grp, mpi *r, mpi *s, int mbedtls_ecdsa_sign_det( mbedtls_ecp_group *grp, mbedtls_mpi *r, mbedtls_mpi *s,
const mpi *d, const unsigned char *buf, size_t blen, const mbedtls_mpi *d, const unsigned char *buf, size_t blen,
md_type_t md_alg ) mbedtls_md_type_t md_alg )
{ {
int ret; int ret;
hmac_drbg_context rng_ctx; mbedtls_hmac_drbg_context rng_ctx;
unsigned char data[2 * POLARSSL_ECP_MAX_BYTES]; unsigned char data[2 * MBEDTLS_ECP_MAX_BYTES];
size_t grp_len = ( grp->nbits + 7 ) / 8; size_t grp_len = ( grp->nbits + 7 ) / 8;
const md_info_t *md_info; const mbedtls_md_info_t *md_info;
mpi h; mbedtls_mpi h;
if( ( md_info = md_info_from_type( md_alg ) ) == NULL ) if( ( md_info = mbedtls_md_info_from_type( md_alg ) ) == NULL )
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA ); return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
mpi_init( &h ); mbedtls_mpi_init( &h );
memset( &rng_ctx, 0, sizeof( hmac_drbg_context ) ); memset( &rng_ctx, 0, sizeof( mbedtls_hmac_drbg_context ) );
/* Use private key and message hash (reduced) to initialize HMAC_DRBG */ /* Use private key and message hash (reduced) to initialize HMAC_DRBG */
MPI_CHK( mpi_write_binary( d, data, grp_len ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( d, data, grp_len ) );
MPI_CHK( derive_mpi( grp, &h, buf, blen ) ); MBEDTLS_MPI_CHK( derive_mpi( grp, &h, buf, blen ) );
MPI_CHK( mpi_write_binary( &h, data + grp_len, grp_len ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &h, data + grp_len, grp_len ) );
hmac_drbg_init_buf( &rng_ctx, md_info, data, 2 * grp_len ); mbedtls_hmac_drbg_init_buf( &rng_ctx, md_info, data, 2 * grp_len );
ret = ecdsa_sign( grp, r, s, d, buf, blen, ret = mbedtls_ecdsa_sign( grp, r, s, d, buf, blen,
hmac_drbg_random, &rng_ctx ); mbedtls_hmac_drbg_random, &rng_ctx );
cleanup: cleanup:
hmac_drbg_free( &rng_ctx ); mbedtls_hmac_drbg_free( &rng_ctx );
mpi_free( &h ); mbedtls_mpi_free( &h );
return( ret ); return( ret );
} }
#endif /* POLARSSL_ECDSA_DETERMINISTIC */ #endif /* MBEDTLS_ECDSA_DETERMINISTIC */
/* /*
* Verify ECDSA signature of hashed message (SEC1 4.1.4) * Verify ECDSA signature of hashed message (SEC1 4.1.4)
* Obviously, compared to SEC1 4.1.3, we skip step 2 (hash message) * Obviously, compared to SEC1 4.1.3, we skip step 2 (hash message)
*/ */
int ecdsa_verify( ecp_group *grp, int mbedtls_ecdsa_verify( mbedtls_ecp_group *grp,
const unsigned char *buf, size_t blen, const unsigned char *buf, size_t blen,
const ecp_point *Q, const mpi *r, const mpi *s) const mbedtls_ecp_point *Q, const mbedtls_mpi *r, const mbedtls_mpi *s)
{ {
int ret; int ret;
mpi e, s_inv, u1, u2; mbedtls_mpi e, s_inv, u1, u2;
ecp_point R, P; mbedtls_ecp_point R, P;
ecp_point_init( &R ); ecp_point_init( &P ); mbedtls_ecp_point_init( &R ); mbedtls_ecp_point_init( &P );
mpi_init( &e ); mpi_init( &s_inv ); mpi_init( &u1 ); mpi_init( &u2 ); mbedtls_mpi_init( &e ); mbedtls_mpi_init( &s_inv ); mbedtls_mpi_init( &u1 ); mbedtls_mpi_init( &u2 );
/* Fail cleanly on curves such as Curve25519 that can't be used for ECDSA */ /* Fail cleanly on curves such as Curve25519 that can't be used for ECDSA */
if( grp->N.p == NULL ) if( grp->N.p == NULL )
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA ); return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
/* /*
* Step 1: make sure r and s are in range 1..n-1 * Step 1: make sure r and s are in range 1..n-1
*/ */
if( mpi_cmp_int( r, 1 ) < 0 || mpi_cmp_mpi( r, &grp->N ) >= 0 || if( mbedtls_mpi_cmp_int( r, 1 ) < 0 || mbedtls_mpi_cmp_mpi( r, &grp->N ) >= 0 ||
mpi_cmp_int( s, 1 ) < 0 || mpi_cmp_mpi( s, &grp->N ) >= 0 ) mbedtls_mpi_cmp_int( s, 1 ) < 0 || mbedtls_mpi_cmp_mpi( s, &grp->N ) >= 0 )
{ {
ret = POLARSSL_ERR_ECP_VERIFY_FAILED; ret = MBEDTLS_ERR_ECP_VERIFY_FAILED;
goto cleanup; goto cleanup;
} }
/* /*
* Additional precaution: make sure Q is valid * Additional precaution: make sure Q is valid
*/ */
MPI_CHK( ecp_check_pubkey( grp, Q ) ); MBEDTLS_MPI_CHK( mbedtls_ecp_check_pubkey( grp, Q ) );
/* /*
* Step 3: derive MPI from hashed message * Step 3: derive MPI from hashed message
*/ */
MPI_CHK( derive_mpi( grp, &e, buf, blen ) ); MBEDTLS_MPI_CHK( derive_mpi( grp, &e, buf, blen ) );
/* /*
* Step 4: u1 = e / s mod n, u2 = r / s mod n * Step 4: u1 = e / s mod n, u2 = r / s mod n
*/ */
MPI_CHK( mpi_inv_mod( &s_inv, s, &grp->N ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_inv_mod( &s_inv, s, &grp->N ) );
MPI_CHK( mpi_mul_mpi( &u1, &e, &s_inv ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &u1, &e, &s_inv ) );
MPI_CHK( mpi_mod_mpi( &u1, &u1, &grp->N ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &u1, &u1, &grp->N ) );
MPI_CHK( mpi_mul_mpi( &u2, r, &s_inv ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_mul_mpi( &u2, r, &s_inv ) );
MPI_CHK( mpi_mod_mpi( &u2, &u2, &grp->N ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &u2, &u2, &grp->N ) );
/* /*
* Step 5: R = u1 G + u2 Q * Step 5: R = u1 G + u2 Q
* *
* Since we're not using any secret data, no need to pass a RNG to * Since we're not using any secret data, no need to pass a RNG to
* ecp_mul() for countermesures. * mbedtls_ecp_mul() for countermesures.
*/ */
MPI_CHK( ecp_mul( grp, &R, &u1, &grp->G, NULL, NULL ) ); MBEDTLS_MPI_CHK( mbedtls_ecp_mul( grp, &R, &u1, &grp->G, NULL, NULL ) );
MPI_CHK( ecp_mul( grp, &P, &u2, Q, NULL, NULL ) ); MBEDTLS_MPI_CHK( mbedtls_ecp_mul( grp, &P, &u2, Q, NULL, NULL ) );
MPI_CHK( ecp_add( grp, &R, &R, &P ) ); MBEDTLS_MPI_CHK( mbedtls_ecp_add( grp, &R, &R, &P ) );
if( ecp_is_zero( &R ) ) if( mbedtls_ecp_is_zero( &R ) )
{ {
ret = POLARSSL_ERR_ECP_VERIFY_FAILED; ret = MBEDTLS_ERR_ECP_VERIFY_FAILED;
goto cleanup; goto cleanup;
} }
@ -263,20 +263,20 @@ int ecdsa_verify( ecp_group *grp,
* Step 6: convert xR to an integer (no-op) * Step 6: convert xR to an integer (no-op)
* Step 7: reduce xR mod n (gives v) * Step 7: reduce xR mod n (gives v)
*/ */
MPI_CHK( mpi_mod_mpi( &R.X, &R.X, &grp->N ) ); MBEDTLS_MPI_CHK( mbedtls_mpi_mod_mpi( &R.X, &R.X, &grp->N ) );
/* /*
* Step 8: check if v (that is, R.X) is equal to r * Step 8: check if v (that is, R.X) is equal to r
*/ */
if( mpi_cmp_mpi( &R.X, r ) != 0 ) if( mbedtls_mpi_cmp_mpi( &R.X, r ) != 0 )
{ {
ret = POLARSSL_ERR_ECP_VERIFY_FAILED; ret = MBEDTLS_ERR_ECP_VERIFY_FAILED;
goto cleanup; goto cleanup;
} }
cleanup: cleanup:
ecp_point_free( &R ); ecp_point_free( &P ); mbedtls_ecp_point_free( &R ); mbedtls_ecp_point_free( &P );
mpi_free( &e ); mpi_free( &s_inv ); mpi_free( &u1 ); mpi_free( &u2 ); mbedtls_mpi_free( &e ); mbedtls_mpi_free( &s_inv ); mbedtls_mpi_free( &u1 ); mbedtls_mpi_free( &u2 );
return( ret ); return( ret );
} }
@ -284,20 +284,20 @@ cleanup:
/* /*
* Convert a signature (given by context) to ASN.1 * Convert a signature (given by context) to ASN.1
*/ */
static int ecdsa_signature_to_asn1( const mpi *r, const mpi *s, static int ecdsa_signature_to_asn1( const mbedtls_mpi *r, const mbedtls_mpi *s,
unsigned char *sig, size_t *slen ) unsigned char *sig, size_t *slen )
{ {
int ret; int ret;
unsigned char buf[POLARSSL_ECDSA_MAX_LEN]; unsigned char buf[MBEDTLS_ECDSA_MAX_LEN];
unsigned char *p = buf + sizeof( buf ); unsigned char *p = buf + sizeof( buf );
size_t len = 0; size_t len = 0;
ASN1_CHK_ADD( len, asn1_write_mpi( &p, buf, s ) ); MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &p, buf, s ) );
ASN1_CHK_ADD( len, asn1_write_mpi( &p, buf, r ) ); MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_mpi( &p, buf, r ) );
ASN1_CHK_ADD( len, asn1_write_len( &p, buf, len ) ); MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_len( &p, buf, len ) );
ASN1_CHK_ADD( len, asn1_write_tag( &p, buf, MBEDTLS_ASN1_CHK_ADD( len, mbedtls_asn1_write_tag( &p, buf,
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ); MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) );
memcpy( sig, p, len ); memcpy( sig, p, len );
*slen = len; *slen = len;
@ -308,48 +308,48 @@ static int ecdsa_signature_to_asn1( const mpi *r, const mpi *s,
/* /*
* Compute and write signature * Compute and write signature
*/ */
int ecdsa_write_signature( ecdsa_context *ctx, md_type_t md_alg, int mbedtls_ecdsa_write_signature( mbedtls_ecdsa_context *ctx, mbedtls_md_type_t md_alg,
const unsigned char *hash, size_t hlen, const unsigned char *hash, size_t hlen,
unsigned char *sig, size_t *slen, unsigned char *sig, size_t *slen,
int (*f_rng)(void *, unsigned char *, size_t), int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng ) void *p_rng )
{ {
int ret; int ret;
mpi r, s; mbedtls_mpi r, s;
mpi_init( &r ); mbedtls_mpi_init( &r );
mpi_init( &s ); mbedtls_mpi_init( &s );
#if defined(POLARSSL_ECDSA_DETERMINISTIC) #if defined(MBEDTLS_ECDSA_DETERMINISTIC)
(void) f_rng; (void) f_rng;
(void) p_rng; (void) p_rng;
MPI_CHK( ecdsa_sign_det( &ctx->grp, &r, &s, &ctx->d, MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign_det( &ctx->grp, &r, &s, &ctx->d,
hash, hlen, md_alg ) ); hash, hlen, md_alg ) );
#else #else
(void) md_alg; (void) md_alg;
MPI_CHK( ecdsa_sign( &ctx->grp, &r, &s, &ctx->d, MBEDTLS_MPI_CHK( mbedtls_ecdsa_sign( &ctx->grp, &r, &s, &ctx->d,
hash, hlen, f_rng, p_rng ) ); hash, hlen, f_rng, p_rng ) );
#endif #endif
MPI_CHK( ecdsa_signature_to_asn1( &r, &s, sig, slen ) ); MBEDTLS_MPI_CHK( ecdsa_signature_to_asn1( &r, &s, sig, slen ) );
cleanup: cleanup:
mpi_free( &r ); mbedtls_mpi_free( &r );
mpi_free( &s ); mbedtls_mpi_free( &s );
return( ret ); return( ret );
} }
#if ! defined(POLARSSL_DEPRECATED_REMOVED) && \ #if ! defined(MBEDTLS_DEPRECATED_REMOVED) && \
defined(POLARSSL_ECDSA_DETERMINISTIC) defined(MBEDTLS_ECDSA_DETERMINISTIC)
int ecdsa_write_signature_det( ecdsa_context *ctx, int mbedtls_ecdsa_write_signature_det( mbedtls_ecdsa_context *ctx,
const unsigned char *hash, size_t hlen, const unsigned char *hash, size_t hlen,
unsigned char *sig, size_t *slen, unsigned char *sig, size_t *slen,
md_type_t md_alg ) mbedtls_md_type_t md_alg )
{ {
return( ecdsa_write_signature( ctx, md_alg, hash, hlen, sig, slen, return( mbedtls_ecdsa_write_signature( ctx, md_alg, hash, hlen, sig, slen,
NULL, NULL ) ); NULL, NULL ) );
} }
#endif #endif
@ -357,7 +357,7 @@ int ecdsa_write_signature_det( ecdsa_context *ctx,
/* /*
* Read and check signature * Read and check signature
*/ */
int ecdsa_read_signature( ecdsa_context *ctx, int mbedtls_ecdsa_read_signature( mbedtls_ecdsa_context *ctx,
const unsigned char *hash, size_t hlen, const unsigned char *hash, size_t hlen,
const unsigned char *sig, size_t slen ) const unsigned char *sig, size_t slen )
{ {
@ -365,42 +365,42 @@ int ecdsa_read_signature( ecdsa_context *ctx,
unsigned char *p = (unsigned char *) sig; unsigned char *p = (unsigned char *) sig;
const unsigned char *end = sig + slen; const unsigned char *end = sig + slen;
size_t len; size_t len;
mpi r, s; mbedtls_mpi r, s;
mpi_init( &r ); mbedtls_mpi_init( &r );
mpi_init( &s ); mbedtls_mpi_init( &s );
if( ( ret = asn1_get_tag( &p, end, &len, if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 ) MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
{ {
ret += POLARSSL_ERR_ECP_BAD_INPUT_DATA; ret += MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
goto cleanup; goto cleanup;
} }
if( p + len != end ) if( p + len != end )
{ {
ret = POLARSSL_ERR_ECP_BAD_INPUT_DATA + ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA +
POLARSSL_ERR_ASN1_LENGTH_MISMATCH; MBEDTLS_ERR_ASN1_LENGTH_MISMATCH;
goto cleanup; goto cleanup;
} }
if( ( ret = asn1_get_mpi( &p, end, &r ) ) != 0 || if( ( ret = mbedtls_asn1_get_mpi( &p, end, &r ) ) != 0 ||
( ret = asn1_get_mpi( &p, end, &s ) ) != 0 ) ( ret = mbedtls_asn1_get_mpi( &p, end, &s ) ) != 0 )
{ {
ret += POLARSSL_ERR_ECP_BAD_INPUT_DATA; ret += MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
goto cleanup; goto cleanup;
} }
if( ( ret = ecdsa_verify( &ctx->grp, hash, hlen, if( ( ret = mbedtls_ecdsa_verify( &ctx->grp, hash, hlen,
&ctx->Q, &r, &s ) ) != 0 ) &ctx->Q, &r, &s ) ) != 0 )
goto cleanup; goto cleanup;
if( p != end ) if( p != end )
ret = POLARSSL_ERR_ECP_SIG_LEN_MISMATCH; ret = MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH;
cleanup: cleanup:
mpi_free( &r ); mbedtls_mpi_free( &r );
mpi_free( &s ); mbedtls_mpi_free( &s );
return( ret ); return( ret );
} }
@ -408,25 +408,25 @@ cleanup:
/* /*
* Generate key pair * Generate key pair
*/ */
int ecdsa_genkey( ecdsa_context *ctx, ecp_group_id gid, int mbedtls_ecdsa_genkey( mbedtls_ecdsa_context *ctx, mbedtls_ecp_group_id gid,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng ) int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
{ {
return( ecp_use_known_dp( &ctx->grp, gid ) || return( mbedtls_ecp_use_known_dp( &ctx->grp, gid ) ||
ecp_gen_keypair( &ctx->grp, &ctx->d, &ctx->Q, f_rng, p_rng ) ); mbedtls_ecp_gen_keypair( &ctx->grp, &ctx->d, &ctx->Q, f_rng, p_rng ) );
} }
/* /*
* Set context from an ecp_keypair * Set context from an mbedtls_ecp_keypair
*/ */
int ecdsa_from_keypair( ecdsa_context *ctx, const ecp_keypair *key ) int mbedtls_ecdsa_from_keypair( mbedtls_ecdsa_context *ctx, const mbedtls_ecp_keypair *key )
{ {
int ret; int ret;
if( ( ret = ecp_group_copy( &ctx->grp, &key->grp ) ) != 0 || if( ( ret = mbedtls_ecp_group_copy( &ctx->grp, &key->grp ) ) != 0 ||
( ret = mpi_copy( &ctx->d, &key->d ) ) != 0 || ( ret = mbedtls_mpi_copy( &ctx->d, &key->d ) ) != 0 ||
( ret = ecp_copy( &ctx->Q, &key->Q ) ) != 0 ) ( ret = mbedtls_ecp_copy( &ctx->Q, &key->Q ) ) != 0 )
{ {
ecdsa_free( ctx ); mbedtls_ecdsa_free( ctx );
} }
return( ret ); return( ret );
@ -435,17 +435,17 @@ int ecdsa_from_keypair( ecdsa_context *ctx, const ecp_keypair *key )
/* /*
* Initialize context * Initialize context
*/ */
void ecdsa_init( ecdsa_context *ctx ) void mbedtls_ecdsa_init( mbedtls_ecdsa_context *ctx )
{ {
ecp_keypair_init( ctx ); mbedtls_ecp_keypair_init( ctx );
} }
/* /*
* Free context * Free context
*/ */
void ecdsa_free( ecdsa_context *ctx ) void mbedtls_ecdsa_free( mbedtls_ecdsa_context *ctx )
{ {
ecp_keypair_free( ctx ); mbedtls_ecp_keypair_free( ctx );
} }
#endif /* POLARSSL_ECDSA_C */ #endif /* MBEDTLS_ECDSA_C */

1230
library/ecp.c
View File

File diff suppressed because it is too large Load Diff

614
library/ecp_curves.c
View File

File diff suppressed because it is too large Load Diff

268
library/entropy.c
View File

@ -20,101 +20,101 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h" #include "mbedtls/config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#if defined(POLARSSL_ENTROPY_C) #if defined(MBEDTLS_ENTROPY_C)
#include "mbedtls/entropy.h" #include "mbedtls/entropy.h"
#include "mbedtls/entropy_poll.h" #include "mbedtls/entropy_poll.h"
#include <string.h> #include <string.h>
#if defined(POLARSSL_FS_IO) #if defined(MBEDTLS_FS_IO)
#include <stdio.h> #include <stdio.h>
#endif #endif
#if defined(POLARSSL_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
#if defined(POLARSSL_PLATFORM_C) #if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h" #include "mbedtls/platform.h"
#else #else
#include <stdio.h> #include <stdio.h>
#define polarssl_printf printf #define mbedtls_printf printf
#endif /* POLARSSL_PLATFORM_C */ #endif /* MBEDTLS_PLATFORM_C */
#endif /* POLARSSL_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */
#if defined(POLARSSL_HAVEGE_C) #if defined(MBEDTLS_HAVEGE_C)
#include "mbedtls/havege.h" #include "mbedtls/havege.h"
#endif #endif
/* Implementation that should never be optimized out by the compiler */ /* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) { static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0; volatile unsigned char *p = v; while( n-- ) *p++ = 0;
} }
#define ENTROPY_MAX_LOOP 256 /**< Maximum amount to loop before error */ #define ENTROPY_MAX_LOOP 256 /**< Maximum amount to loop before error */
void entropy_init( entropy_context *ctx ) void mbedtls_entropy_init( mbedtls_entropy_context *ctx )
{ {
memset( ctx, 0, sizeof(entropy_context) ); memset( ctx, 0, sizeof(mbedtls_entropy_context) );
#if defined(POLARSSL_THREADING_C) #if defined(MBEDTLS_THREADING_C)
polarssl_mutex_init( &ctx->mutex ); mbedtls_mutex_init( &ctx->mutex );
#endif #endif
#if defined(POLARSSL_ENTROPY_SHA512_ACCUMULATOR) #if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
sha512_starts( &ctx->accumulator, 0 ); mbedtls_sha512_starts( &ctx->accumulator, 0 );
#else #else
sha256_starts( &ctx->accumulator, 0 ); mbedtls_sha256_starts( &ctx->accumulator, 0 );
#endif #endif
#if defined(POLARSSL_HAVEGE_C) #if defined(MBEDTLS_HAVEGE_C)
havege_init( &ctx->havege_data ); mbedtls_havege_init( &ctx->havege_data );
#endif #endif
#if !defined(POLARSSL_NO_DEFAULT_ENTROPY_SOURCES) #if !defined(MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES)
#if !defined(POLARSSL_NO_PLATFORM_ENTROPY) #if !defined(MBEDTLS_NO_PLATFORM_ENTROPY)
entropy_add_source( ctx, platform_entropy_poll, NULL, mbedtls_entropy_add_source( ctx, mbedtls_platform_entropy_poll, NULL,
ENTROPY_MIN_PLATFORM ); MBEDTLS_ENTROPY_MIN_PLATFORM );
#endif #endif
#if defined(POLARSSL_TIMING_C) #if defined(MBEDTLS_TIMING_C)
entropy_add_source( ctx, hardclock_poll, NULL, ENTROPY_MIN_HARDCLOCK ); mbedtls_entropy_add_source( ctx, mbedtls_hardclock_poll, NULL, MBEDTLS_ENTROPY_MIN_HARDCLOCK );
#endif #endif
#if defined(POLARSSL_HAVEGE_C) #if defined(MBEDTLS_HAVEGE_C)
entropy_add_source( ctx, havege_poll, &ctx->havege_data, mbedtls_entropy_add_source( ctx, mbedtls_havege_poll, &ctx->havege_data,
ENTROPY_MIN_HAVEGE ); MBEDTLS_ENTROPY_MIN_HAVEGE );
#endif #endif
#endif /* POLARSSL_NO_DEFAULT_ENTROPY_SOURCES */ #endif /* MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES */
} }
void entropy_free( entropy_context *ctx ) void mbedtls_entropy_free( mbedtls_entropy_context *ctx )
{ {
#if defined(POLARSSL_HAVEGE_C) #if defined(MBEDTLS_HAVEGE_C)
havege_free( &ctx->havege_data ); mbedtls_havege_free( &ctx->havege_data );
#endif #endif
polarssl_zeroize( ctx, sizeof( entropy_context ) ); mbedtls_zeroize( ctx, sizeof( mbedtls_entropy_context ) );
#if defined(POLARSSL_THREADING_C) #if defined(MBEDTLS_THREADING_C)
polarssl_mutex_free( &ctx->mutex ); mbedtls_mutex_free( &ctx->mutex );
#endif #endif
} }
int entropy_add_source( entropy_context *ctx, int mbedtls_entropy_add_source( mbedtls_entropy_context *ctx,
f_source_ptr f_source, void *p_source, mbedtls_entropy_f_source_ptr f_source, void *p_source,
size_t threshold ) size_t threshold )
{ {
int index, ret = 0; int index, ret = 0;
#if defined(POLARSSL_THREADING_C) #if defined(MBEDTLS_THREADING_C)
if( ( ret = polarssl_mutex_lock( &ctx->mutex ) ) != 0 ) if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 )
return( ret ); return( ret );
#endif #endif
index = ctx->source_count; index = ctx->source_count;
if( index >= ENTROPY_MAX_SOURCES ) if( index >= MBEDTLS_ENTROPY_MAX_SOURCES )
{ {
ret = POLARSSL_ERR_ENTROPY_MAX_SOURCES; ret = MBEDTLS_ERR_ENTROPY_MAX_SOURCES;
goto exit; goto exit;
} }
@ -125,9 +125,9 @@ int entropy_add_source( entropy_context *ctx,
ctx->source_count++; ctx->source_count++;
exit: exit:
#if defined(POLARSSL_THREADING_C) #if defined(MBEDTLS_THREADING_C)
if( polarssl_mutex_unlock( &ctx->mutex ) != 0 ) if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 )
return( POLARSSL_ERR_THREADING_MUTEX_ERROR ); return( MBEDTLS_ERR_THREADING_MUTEX_ERROR );
#endif #endif
return( ret ); return( ret );
@ -136,54 +136,54 @@ exit:
/* /*
* Entropy accumulator update * Entropy accumulator update
*/ */
static int entropy_update( entropy_context *ctx, unsigned char source_id, static int entropy_update( mbedtls_entropy_context *ctx, unsigned char source_id,
const unsigned char *data, size_t len ) const unsigned char *data, size_t len )
{ {
unsigned char header[2]; unsigned char header[2];
unsigned char tmp[ENTROPY_BLOCK_SIZE]; unsigned char tmp[MBEDTLS_ENTROPY_BLOCK_SIZE];
size_t use_len = len; size_t use_len = len;
const unsigned char *p = data; const unsigned char *p = data;
if( use_len > ENTROPY_BLOCK_SIZE ) if( use_len > MBEDTLS_ENTROPY_BLOCK_SIZE )
{ {
#if defined(POLARSSL_ENTROPY_SHA512_ACCUMULATOR) #if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
sha512( data, len, tmp, 0 ); mbedtls_sha512( data, len, tmp, 0 );
#else #else
sha256( data, len, tmp, 0 ); mbedtls_sha256( data, len, tmp, 0 );
#endif #endif
p = tmp; p = tmp;
use_len = ENTROPY_BLOCK_SIZE; use_len = MBEDTLS_ENTROPY_BLOCK_SIZE;
} }
header[0] = source_id; header[0] = source_id;
header[1] = use_len & 0xFF; header[1] = use_len & 0xFF;
#if defined(POLARSSL_ENTROPY_SHA512_ACCUMULATOR) #if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
sha512_update( &ctx->accumulator, header, 2 ); mbedtls_sha512_update( &ctx->accumulator, header, 2 );
sha512_update( &ctx->accumulator, p, use_len ); mbedtls_sha512_update( &ctx->accumulator, p, use_len );
#else #else
sha256_update( &ctx->accumulator, header, 2 ); mbedtls_sha256_update( &ctx->accumulator, header, 2 );
sha256_update( &ctx->accumulator, p, use_len ); mbedtls_sha256_update( &ctx->accumulator, p, use_len );
#endif #endif
return( 0 ); return( 0 );
} }
int entropy_update_manual( entropy_context *ctx, int mbedtls_entropy_update_manual( mbedtls_entropy_context *ctx,
const unsigned char *data, size_t len ) const unsigned char *data, size_t len )
{ {
int ret; int ret;
#if defined(POLARSSL_THREADING_C) #if defined(MBEDTLS_THREADING_C)
if( ( ret = polarssl_mutex_lock( &ctx->mutex ) ) != 0 ) if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 )
return( ret ); return( ret );
#endif #endif
ret = entropy_update( ctx, ENTROPY_SOURCE_MANUAL, data, len ); ret = entropy_update( ctx, MBEDTLS_ENTROPY_SOURCE_MANUAL, data, len );
#if defined(POLARSSL_THREADING_C) #if defined(MBEDTLS_THREADING_C)
if( polarssl_mutex_unlock( &ctx->mutex ) != 0 ) if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 )
return( POLARSSL_ERR_THREADING_MUTEX_ERROR ); return( MBEDTLS_ERR_THREADING_MUTEX_ERROR );
#endif #endif
return( ret ); return( ret );
@ -192,14 +192,14 @@ int entropy_update_manual( entropy_context *ctx,
/* /*
* Run through the different sources to add entropy to our accumulator * Run through the different sources to add entropy to our accumulator
*/ */
static int entropy_gather_internal( entropy_context *ctx ) static int entropy_gather_internal( mbedtls_entropy_context *ctx )
{ {
int ret, i; int ret, i;
unsigned char buf[ENTROPY_MAX_GATHER]; unsigned char buf[MBEDTLS_ENTROPY_MAX_GATHER];
size_t olen; size_t olen;
if( ctx->source_count == 0 ) if( ctx->source_count == 0 )
return( POLARSSL_ERR_ENTROPY_NO_SOURCES_DEFINED ); return( MBEDTLS_ERR_ENTROPY_NO_SOURCES_DEFINED );
/* /*
* Run through our entropy sources * Run through our entropy sources
@ -208,7 +208,7 @@ static int entropy_gather_internal( entropy_context *ctx )
{ {
olen = 0; olen = 0;
if( ( ret = ctx->source[i].f_source( ctx->source[i].p_source, if( ( ret = ctx->source[i].f_source( ctx->source[i].p_source,
buf, ENTROPY_MAX_GATHER, &olen ) ) != 0 ) buf, MBEDTLS_ENTROPY_MAX_GATHER, &olen ) ) != 0 )
{ {
return( ret ); return( ret );
} }
@ -229,36 +229,36 @@ static int entropy_gather_internal( entropy_context *ctx )
/* /*
* Thread-safe wrapper for entropy_gather_internal() * Thread-safe wrapper for entropy_gather_internal()
*/ */
int entropy_gather( entropy_context *ctx ) int mbedtls_entropy_gather( mbedtls_entropy_context *ctx )
{ {
int ret; int ret;
#if defined(POLARSSL_THREADING_C) #if defined(MBEDTLS_THREADING_C)
if( ( ret = polarssl_mutex_lock( &ctx->mutex ) ) != 0 ) if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 )
return( ret ); return( ret );
#endif #endif
ret = entropy_gather_internal( ctx ); ret = entropy_gather_internal( ctx );
#if defined(POLARSSL_THREADING_C) #if defined(MBEDTLS_THREADING_C)
if( polarssl_mutex_unlock( &ctx->mutex ) != 0 ) if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 )
return( POLARSSL_ERR_THREADING_MUTEX_ERROR ); return( MBEDTLS_ERR_THREADING_MUTEX_ERROR );
#endif #endif
return( ret ); return( ret );
} }
int entropy_func( void *data, unsigned char *output, size_t len ) int mbedtls_entropy_func( void *data, unsigned char *output, size_t len )
{ {
int ret, count = 0, i, reached; int ret, count = 0, i, reached;
entropy_context *ctx = (entropy_context *) data; mbedtls_entropy_context *ctx = (mbedtls_entropy_context *) data;
unsigned char buf[ENTROPY_BLOCK_SIZE]; unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE];
if( len > ENTROPY_BLOCK_SIZE ) if( len > MBEDTLS_ENTROPY_BLOCK_SIZE )
return( POLARSSL_ERR_ENTROPY_SOURCE_FAILED ); return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
#if defined(POLARSSL_THREADING_C) #if defined(MBEDTLS_THREADING_C)
if( ( ret = polarssl_mutex_lock( &ctx->mutex ) ) != 0 ) if( ( ret = mbedtls_mutex_lock( &ctx->mutex ) ) != 0 )
return( ret ); return( ret );
#endif #endif
@ -269,7 +269,7 @@ int entropy_func( void *data, unsigned char *output, size_t len )
{ {
if( count++ > ENTROPY_MAX_LOOP ) if( count++ > ENTROPY_MAX_LOOP )
{ {
ret = POLARSSL_ERR_ENTROPY_SOURCE_FAILED; ret = MBEDTLS_ERR_ENTROPY_SOURCE_FAILED;
goto exit; goto exit;
} }
@ -284,37 +284,37 @@ int entropy_func( void *data, unsigned char *output, size_t len )
} }
while( reached != ctx->source_count ); while( reached != ctx->source_count );
memset( buf, 0, ENTROPY_BLOCK_SIZE ); memset( buf, 0, MBEDTLS_ENTROPY_BLOCK_SIZE );
#if defined(POLARSSL_ENTROPY_SHA512_ACCUMULATOR) #if defined(MBEDTLS_ENTROPY_SHA512_ACCUMULATOR)
sha512_finish( &ctx->accumulator, buf ); mbedtls_sha512_finish( &ctx->accumulator, buf );
/* /*
* Reset accumulator and counters and recycle existing entropy * Reset accumulator and counters and recycle existing entropy
*/ */
memset( &ctx->accumulator, 0, sizeof( sha512_context ) ); memset( &ctx->accumulator, 0, sizeof( mbedtls_sha512_context ) );
sha512_starts( &ctx->accumulator, 0 ); mbedtls_sha512_starts( &ctx->accumulator, 0 );
sha512_update( &ctx->accumulator, buf, ENTROPY_BLOCK_SIZE ); mbedtls_sha512_update( &ctx->accumulator, buf, MBEDTLS_ENTROPY_BLOCK_SIZE );
/* /*
* Perform second SHA-512 on entropy * Perform second SHA-512 on entropy
*/ */
sha512( buf, ENTROPY_BLOCK_SIZE, buf, 0 ); mbedtls_sha512( buf, MBEDTLS_ENTROPY_BLOCK_SIZE, buf, 0 );
#else /* POLARSSL_ENTROPY_SHA512_ACCUMULATOR */ #else /* MBEDTLS_ENTROPY_SHA512_ACCUMULATOR */
sha256_finish( &ctx->accumulator, buf ); mbedtls_sha256_finish( &ctx->accumulator, buf );
/* /*
* Reset accumulator and counters and recycle existing entropy * Reset accumulator and counters and recycle existing entropy
*/ */
memset( &ctx->accumulator, 0, sizeof( sha256_context ) ); memset( &ctx->accumulator, 0, sizeof( mbedtls_sha256_context ) );
sha256_starts( &ctx->accumulator, 0 ); mbedtls_sha256_starts( &ctx->accumulator, 0 );
sha256_update( &ctx->accumulator, buf, ENTROPY_BLOCK_SIZE ); mbedtls_sha256_update( &ctx->accumulator, buf, MBEDTLS_ENTROPY_BLOCK_SIZE );
/* /*
* Perform second SHA-256 on entropy * Perform second SHA-256 on entropy
*/ */
sha256( buf, ENTROPY_BLOCK_SIZE, buf, 0 ); mbedtls_sha256( buf, MBEDTLS_ENTROPY_BLOCK_SIZE, buf, 0 );
#endif /* POLARSSL_ENTROPY_SHA512_ACCUMULATOR */ #endif /* MBEDTLS_ENTROPY_SHA512_ACCUMULATOR */
for( i = 0; i < ctx->source_count; i++ ) for( i = 0; i < ctx->source_count; i++ )
ctx->source[i].size = 0; ctx->source[i].size = 0;
@ -324,30 +324,30 @@ int entropy_func( void *data, unsigned char *output, size_t len )
ret = 0; ret = 0;
exit: exit:
#if defined(POLARSSL_THREADING_C) #if defined(MBEDTLS_THREADING_C)
if( polarssl_mutex_unlock( &ctx->mutex ) != 0 ) if( mbedtls_mutex_unlock( &ctx->mutex ) != 0 )
return( POLARSSL_ERR_THREADING_MUTEX_ERROR ); return( MBEDTLS_ERR_THREADING_MUTEX_ERROR );
#endif #endif
return( ret ); return( ret );
} }
#if defined(POLARSSL_FS_IO) #if defined(MBEDTLS_FS_IO)
int entropy_write_seed_file( entropy_context *ctx, const char *path ) int mbedtls_entropy_write_seed_file( mbedtls_entropy_context *ctx, const char *path )
{ {
int ret = POLARSSL_ERR_ENTROPY_FILE_IO_ERROR; int ret = MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR;
FILE *f; FILE *f;
unsigned char buf[ENTROPY_BLOCK_SIZE]; unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE];
if( ( f = fopen( path, "wb" ) ) == NULL ) if( ( f = fopen( path, "wb" ) ) == NULL )
return( POLARSSL_ERR_ENTROPY_FILE_IO_ERROR ); return( MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR );
if( ( ret = entropy_func( ctx, buf, ENTROPY_BLOCK_SIZE ) ) != 0 ) if( ( ret = mbedtls_entropy_func( ctx, buf, MBEDTLS_ENTROPY_BLOCK_SIZE ) ) != 0 )
goto exit; goto exit;
if( fwrite( buf, 1, ENTROPY_BLOCK_SIZE, f ) != ENTROPY_BLOCK_SIZE ) if( fwrite( buf, 1, MBEDTLS_ENTROPY_BLOCK_SIZE, f ) != MBEDTLS_ENTROPY_BLOCK_SIZE )
{ {
ret = POLARSSL_ERR_ENTROPY_FILE_IO_ERROR; ret = MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR;
goto exit; goto exit;
} }
@ -358,37 +358,37 @@ exit:
return( ret ); return( ret );
} }
int entropy_update_seed_file( entropy_context *ctx, const char *path ) int mbedtls_entropy_update_seed_file( mbedtls_entropy_context *ctx, const char *path )
{ {
FILE *f; FILE *f;
size_t n; size_t n;
unsigned char buf[ ENTROPY_MAX_SEED_SIZE ]; unsigned char buf[ MBEDTLS_ENTROPY_MAX_SEED_SIZE ];
if( ( f = fopen( path, "rb" ) ) == NULL ) if( ( f = fopen( path, "rb" ) ) == NULL )
return( POLARSSL_ERR_ENTROPY_FILE_IO_ERROR ); return( MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR );
fseek( f, 0, SEEK_END ); fseek( f, 0, SEEK_END );
n = (size_t) ftell( f ); n = (size_t) ftell( f );
fseek( f, 0, SEEK_SET ); fseek( f, 0, SEEK_SET );
if( n > ENTROPY_MAX_SEED_SIZE ) if( n > MBEDTLS_ENTROPY_MAX_SEED_SIZE )
n = ENTROPY_MAX_SEED_SIZE; n = MBEDTLS_ENTROPY_MAX_SEED_SIZE;
if( fread( buf, 1, n, f ) != n ) if( fread( buf, 1, n, f ) != n )
{ {
fclose( f ); fclose( f );
return( POLARSSL_ERR_ENTROPY_FILE_IO_ERROR ); return( MBEDTLS_ERR_ENTROPY_FILE_IO_ERROR );
} }
fclose( f ); fclose( f );
entropy_update_manual( ctx, buf, n ); mbedtls_entropy_update_manual( ctx, buf, n );
return( entropy_write_seed_file( ctx, path ) ); return( mbedtls_entropy_write_seed_file( ctx, path ) );
} }
#endif /* POLARSSL_FS_IO */ #endif /* MBEDTLS_FS_IO */
#if defined(POLARSSL_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
/* /*
* Dummy source function * Dummy source function
*/ */
@ -408,31 +408,31 @@ static int entropy_dummy_source( void *data, unsigned char *output,
* test that the functions don't cause errors and write the correct * test that the functions don't cause errors and write the correct
* amount of data to buffers. * amount of data to buffers.
*/ */
int entropy_self_test( int verbose ) int mbedtls_entropy_self_test( int verbose )
{ {
int ret = 0; int ret = 0;
entropy_context ctx; mbedtls_entropy_context ctx;
unsigned char buf[ENTROPY_BLOCK_SIZE] = { 0 }; unsigned char buf[MBEDTLS_ENTROPY_BLOCK_SIZE] = { 0 };
unsigned char acc[ENTROPY_BLOCK_SIZE] = { 0 }; unsigned char acc[MBEDTLS_ENTROPY_BLOCK_SIZE] = { 0 };
size_t i, j; size_t i, j;
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( " ENTROPY test: " ); mbedtls_printf( " ENTROPY test: " );
entropy_init( &ctx ); mbedtls_entropy_init( &ctx );
ret = entropy_add_source( &ctx, entropy_dummy_source, NULL, 16 ); ret = mbedtls_entropy_add_source( &ctx, entropy_dummy_source, NULL, 16 );
if( ret != 0 ) if( ret != 0 )
goto cleanup; goto cleanup;
if( ( ret = entropy_gather( &ctx ) ) != 0 ) if( ( ret = mbedtls_entropy_gather( &ctx ) ) != 0 )
goto cleanup; goto cleanup;
if( ( ret = entropy_update_manual( &ctx, buf, sizeof buf ) ) != 0 ) if( ( ret = mbedtls_entropy_update_manual( &ctx, buf, sizeof buf ) ) != 0 )
goto cleanup; goto cleanup;
/* /*
* To test that entropy_func writes correct number of bytes: * To test that mbedtls_entropy_func writes correct number of bytes:
* - use the whole buffer and rely on ASan to detect overruns * - use the whole buffer and rely on ASan to detect overruns
* - collect entropy 8 times and OR the result in an accumulator: * - collect entropy 8 times and OR the result in an accumulator:
* any byte should then be 0 with probably 2^(-64), so requiring * any byte should then be 0 with probably 2^(-64), so requiring
@ -441,7 +441,7 @@ int entropy_self_test( int verbose )
*/ */
for( i = 0; i < 8; i++ ) for( i = 0; i < 8; i++ )
{ {
if( ( ret = entropy_func( &ctx, buf, sizeof( buf ) ) ) != 0 ) if( ( ret = mbedtls_entropy_func( &ctx, buf, sizeof( buf ) ) ) != 0 )
goto cleanup; goto cleanup;
for( j = 0; j < sizeof( buf ); j++ ) for( j = 0; j < sizeof( buf ); j++ )
@ -458,20 +458,20 @@ int entropy_self_test( int verbose )
} }
cleanup: cleanup:
entropy_free( &ctx ); mbedtls_entropy_free( &ctx );
if( verbose != 0 ) if( verbose != 0 )
{ {
if( ret != 0 ) if( ret != 0 )
polarssl_printf( "failed\n" ); mbedtls_printf( "failed\n" );
else else
polarssl_printf( "passed\n" ); mbedtls_printf( "passed\n" );
polarssl_printf( "\n" ); mbedtls_printf( "\n" );
} }
return( ret != 0 ); return( ret != 0 );
} }
#endif /* POLARSSL_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */
#endif /* POLARSSL_ENTROPY_C */ #endif /* MBEDTLS_ENTROPY_C */

52
library/entropy_poll.c
View File

@ -20,26 +20,26 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h" #include "mbedtls/config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#if defined(POLARSSL_ENTROPY_C) #if defined(MBEDTLS_ENTROPY_C)
#include "mbedtls/entropy.h" #include "mbedtls/entropy.h"
#include "mbedtls/entropy_poll.h" #include "mbedtls/entropy_poll.h"
#if defined(POLARSSL_TIMING_C) #if defined(MBEDTLS_TIMING_C)
#include <string.h> #include <string.h>
#include "mbedtls/timing.h" #include "mbedtls/timing.h"
#endif #endif
#if defined(POLARSSL_HAVEGE_C) #if defined(MBEDTLS_HAVEGE_C)
#include "mbedtls/havege.h" #include "mbedtls/havege.h"
#endif #endif
#if !defined(POLARSSL_NO_PLATFORM_ENTROPY) #if !defined(MBEDTLS_NO_PLATFORM_ENTROPY)
#if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32) #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
#if !defined(_WIN32_WINNT) #if !defined(_WIN32_WINNT)
@ -48,7 +48,7 @@
#include <windows.h> #include <windows.h>
#include <wincrypt.h> #include <wincrypt.h>
int platform_entropy_poll( void *data, unsigned char *output, size_t len, int mbedtls_platform_entropy_poll( void *data, unsigned char *output, size_t len,
size_t *olen ) size_t *olen )
{ {
HCRYPTPROV provider; HCRYPTPROV provider;
@ -58,11 +58,11 @@ int platform_entropy_poll( void *data, unsigned char *output, size_t len,
if( CryptAcquireContext( &provider, NULL, NULL, if( CryptAcquireContext( &provider, NULL, NULL,
PROV_RSA_FULL, CRYPT_VERIFYCONTEXT ) == FALSE ) PROV_RSA_FULL, CRYPT_VERIFYCONTEXT ) == FALSE )
{ {
return( POLARSSL_ERR_ENTROPY_SOURCE_FAILED ); return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
} }
if( CryptGenRandom( provider, (DWORD) len, output ) == FALSE ) if( CryptGenRandom( provider, (DWORD) len, output ) == FALSE )
return( POLARSSL_ERR_ENTROPY_SOURCE_FAILED ); return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
CryptReleaseContext( provider, 0 ); CryptReleaseContext( provider, 0 );
*olen = len; *olen = len;
@ -93,14 +93,14 @@ static int getrandom_wrapper( void *buf, size_t buflen, unsigned int flags )
#include <errno.h> #include <errno.h>
int platform_entropy_poll( void *data, int mbedtls_platform_entropy_poll( void *data,
unsigned char *output, size_t len, size_t *olen ) unsigned char *output, size_t len, size_t *olen )
{ {
int ret; int ret;
((void) data); ((void) data);
if( ( ret = getrandom_wrapper( output, len, 0 ) ) < 0 ) if( ( ret = getrandom_wrapper( output, len, 0 ) ) < 0 )
return( POLARSSL_ERR_ENTROPY_SOURCE_FAILED ); return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
*olen = ret; *olen = ret;
return( 0 ); return( 0 );
@ -110,7 +110,7 @@ int platform_entropy_poll( void *data,
#include <stdio.h> #include <stdio.h>
int platform_entropy_poll( void *data, int mbedtls_platform_entropy_poll( void *data,
unsigned char *output, size_t len, size_t *olen ) unsigned char *output, size_t len, size_t *olen )
{ {
FILE *file; FILE *file;
@ -121,13 +121,13 @@ int platform_entropy_poll( void *data,
file = fopen( "/dev/urandom", "rb" ); file = fopen( "/dev/urandom", "rb" );
if( file == NULL ) if( file == NULL )
return( POLARSSL_ERR_ENTROPY_SOURCE_FAILED ); return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
ret = fread( output, 1, len, file ); ret = fread( output, 1, len, file );
if( ret != len ) if( ret != len )
{ {
fclose( file ); fclose( file );
return( POLARSSL_ERR_ENTROPY_SOURCE_FAILED ); return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
} }
fclose( file ); fclose( file );
@ -137,13 +137,13 @@ int platform_entropy_poll( void *data,
} }
#endif /* HAVE_GETRANDOM */ #endif /* HAVE_GETRANDOM */
#endif /* _WIN32 && !EFIX64 && !EFI32 */ #endif /* _WIN32 && !EFIX64 && !EFI32 */
#endif /* !POLARSSL_NO_PLATFORM_ENTROPY */ #endif /* !MBEDTLS_NO_PLATFORM_ENTROPY */
#if defined(POLARSSL_TIMING_C) #if defined(MBEDTLS_TIMING_C)
int hardclock_poll( void *data, int mbedtls_hardclock_poll( void *data,
unsigned char *output, size_t len, size_t *olen ) unsigned char *output, size_t len, size_t *olen )
{ {
unsigned long timer = hardclock(); unsigned long timer = mbedtls_timing_hardclock();
((void) data); ((void) data);
*olen = 0; *olen = 0;
@ -155,22 +155,22 @@ int hardclock_poll( void *data,
return( 0 ); return( 0 );
} }
#endif /* POLARSSL_TIMING_C */ #endif /* MBEDTLS_TIMING_C */
#if defined(POLARSSL_HAVEGE_C) #if defined(MBEDTLS_HAVEGE_C)
int havege_poll( void *data, int mbedtls_havege_poll( void *data,
unsigned char *output, size_t len, size_t *olen ) unsigned char *output, size_t len, size_t *olen )
{ {
havege_state *hs = (havege_state *) data; mbedtls_havege_state *hs = (mbedtls_havege_state *) data;
*olen = 0; *olen = 0;
if( havege_random( hs, output, len ) != 0 ) if( mbedtls_havege_random( hs, output, len ) != 0 )
return( POLARSSL_ERR_ENTROPY_SOURCE_FAILED ); return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
*olen = len; *olen = len;
return( 0 ); return( 0 );
} }
#endif /* POLARSSL_HAVEGE_C */ #endif /* MBEDTLS_HAVEGE_C */
#endif /* POLARSSL_ENTROPY_C */ #endif /* MBEDTLS_ENTROPY_C */

1020
library/error.c
View File

File diff suppressed because it is too large Load Diff

196
library/gcm.c
View File

@ -30,30 +30,30 @@
* [MGV] 4.1, pp. 12-13, to enhance speed without using too much memory. * [MGV] 4.1, pp. 12-13, to enhance speed without using too much memory.
*/ */
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h" #include "mbedtls/config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#if defined(POLARSSL_GCM_C) #if defined(MBEDTLS_GCM_C)
#include "mbedtls/gcm.h" #include "mbedtls/gcm.h"
#include <string.h> #include <string.h>
#if defined(POLARSSL_AESNI_C) #if defined(MBEDTLS_AESNI_C)
#include "mbedtls/aesni.h" #include "mbedtls/aesni.h"
#endif #endif
#if defined(POLARSSL_SELF_TEST) && defined(POLARSSL_AES_C) #if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
#if defined(POLARSSL_PLATFORM_C) #if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h" #include "mbedtls/platform.h"
#else #else
#include <stdio.h> #include <stdio.h>
#define polarssl_printf printf #define mbedtls_printf printf
#endif /* POLARSSL_PLATFORM_C */ #endif /* MBEDTLS_PLATFORM_C */
#endif /* POLARSSL_SELF_TEST && POLARSSL_AES_C */ #endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */
/* /*
* 32-bit integer manipulation macros (big endian) * 32-bit integer manipulation macros (big endian)
@ -79,7 +79,7 @@
#endif #endif
/* Implementation that should never be optimized out by the compiler */ /* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) { static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0; volatile unsigned char *p = v; while( n-- ) *p++ = 0;
} }
@ -91,7 +91,7 @@ static void polarssl_zeroize( void *v, size_t n ) {
* is the high-order bit of HH corresponds to P^0 and the low-order bit of HL * is the high-order bit of HH corresponds to P^0 and the low-order bit of HL
* corresponds to P^127. * corresponds to P^127.
*/ */
static int gcm_gen_table( gcm_context *ctx ) static int gcm_gen_table( mbedtls_gcm_context *ctx )
{ {
int ret, i, j; int ret, i, j;
uint64_t hi, lo; uint64_t hi, lo;
@ -100,7 +100,7 @@ static int gcm_gen_table( gcm_context *ctx )
size_t olen = 0; size_t olen = 0;
memset( h, 0, 16 ); memset( h, 0, 16 );
if( ( ret = cipher_update( &ctx->cipher_ctx, h, 16, h, &olen ) ) != 0 ) if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, h, 16, h, &olen ) ) != 0 )
return( ret ); return( ret );
/* pack h as two 64-bits ints, big-endian */ /* pack h as two 64-bits ints, big-endian */
@ -116,9 +116,9 @@ static int gcm_gen_table( gcm_context *ctx )
ctx->HL[8] = vl; ctx->HL[8] = vl;
ctx->HH[8] = vh; ctx->HH[8] = vh;
#if defined(POLARSSL_AESNI_C) && defined(POLARSSL_HAVE_X86_64) #if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64)
/* With CLMUL support, we need only h, not the rest of the table */ /* With CLMUL support, we need only h, not the rest of the table */
if( aesni_supports( POLARSSL_AESNI_CLMUL ) ) if( mbedtls_aesni_supports( MBEDTLS_AESNI_CLMUL ) )
return( 0 ); return( 0 );
#endif #endif
@ -151,28 +151,28 @@ static int gcm_gen_table( gcm_context *ctx )
return( 0 ); return( 0 );
} }
int gcm_init( gcm_context *ctx, cipher_id_t cipher, const unsigned char *key, int mbedtls_gcm_init( mbedtls_gcm_context *ctx, mbedtls_cipher_id_t cipher, const unsigned char *key,
unsigned int keysize ) unsigned int keysize )
{ {
int ret; int ret;
const cipher_info_t *cipher_info; const mbedtls_cipher_info_t *cipher_info;
memset( ctx, 0, sizeof(gcm_context) ); memset( ctx, 0, sizeof(mbedtls_gcm_context) );
cipher_init( &ctx->cipher_ctx ); mbedtls_cipher_init( &ctx->cipher_ctx );
cipher_info = cipher_info_from_values( cipher, keysize, POLARSSL_MODE_ECB ); cipher_info = mbedtls_cipher_info_from_values( cipher, keysize, MBEDTLS_MODE_ECB );
if( cipher_info == NULL ) if( cipher_info == NULL )
return( POLARSSL_ERR_GCM_BAD_INPUT ); return( MBEDTLS_ERR_GCM_BAD_INPUT );
if( cipher_info->block_size != 16 ) if( cipher_info->block_size != 16 )
return( POLARSSL_ERR_GCM_BAD_INPUT ); return( MBEDTLS_ERR_GCM_BAD_INPUT );
if( ( ret = cipher_init_ctx( &ctx->cipher_ctx, cipher_info ) ) != 0 ) if( ( ret = mbedtls_cipher_init_ctx( &ctx->cipher_ctx, cipher_info ) ) != 0 )
return( ret ); return( ret );
if( ( ret = cipher_setkey( &ctx->cipher_ctx, key, keysize, if( ( ret = mbedtls_cipher_setkey( &ctx->cipher_ctx, key, keysize,
POLARSSL_ENCRYPT ) ) != 0 ) MBEDTLS_ENCRYPT ) ) != 0 )
{ {
return( ret ); return( ret );
} }
@ -200,15 +200,15 @@ static const uint64_t last4[16] =
* Sets output to x times H using the precomputed tables. * Sets output to x times H using the precomputed tables.
* x and output are seen as elements of GF(2^128) as in [MGV]. * x and output are seen as elements of GF(2^128) as in [MGV].
*/ */
static void gcm_mult( gcm_context *ctx, const unsigned char x[16], static void gcm_mult( mbedtls_gcm_context *ctx, const unsigned char x[16],
unsigned char output[16] ) unsigned char output[16] )
{ {
int i = 0; int i = 0;
unsigned char lo, hi, rem; unsigned char lo, hi, rem;
uint64_t zh, zl; uint64_t zh, zl;
#if defined(POLARSSL_AESNI_C) && defined(POLARSSL_HAVE_X86_64) #if defined(MBEDTLS_AESNI_C) && defined(MBEDTLS_HAVE_X86_64)
if( aesni_supports( POLARSSL_AESNI_CLMUL ) ) { if( mbedtls_aesni_supports( MBEDTLS_AESNI_CLMUL ) ) {
unsigned char h[16]; unsigned char h[16];
PUT_UINT32_BE( ctx->HH[8] >> 32, h, 0 ); PUT_UINT32_BE( ctx->HH[8] >> 32, h, 0 );
@ -216,10 +216,10 @@ static void gcm_mult( gcm_context *ctx, const unsigned char x[16],
PUT_UINT32_BE( ctx->HL[8] >> 32, h, 8 ); PUT_UINT32_BE( ctx->HL[8] >> 32, h, 8 );
PUT_UINT32_BE( ctx->HL[8], h, 12 ); PUT_UINT32_BE( ctx->HL[8], h, 12 );
aesni_gcm_mult( output, x, h ); mbedtls_aesni_gcm_mult( output, x, h );
return; return;
} }
#endif /* POLARSSL_AESNI_C && POLARSSL_HAVE_X86_64 */ #endif /* MBEDTLS_AESNI_C && MBEDTLS_HAVE_X86_64 */
lo = x[15] & 0xf; lo = x[15] & 0xf;
@ -256,7 +256,7 @@ static void gcm_mult( gcm_context *ctx, const unsigned char x[16],
PUT_UINT32_BE( zl, output, 12 ); PUT_UINT32_BE( zl, output, 12 );
} }
int gcm_starts( gcm_context *ctx, int mbedtls_gcm_starts( mbedtls_gcm_context *ctx,
int mode, int mode,
const unsigned char *iv, const unsigned char *iv,
size_t iv_len, size_t iv_len,
@ -273,7 +273,7 @@ int gcm_starts( gcm_context *ctx,
if( ( (uint64_t) iv_len ) >> 61 != 0 || if( ( (uint64_t) iv_len ) >> 61 != 0 ||
( (uint64_t) add_len ) >> 61 != 0 ) ( (uint64_t) add_len ) >> 61 != 0 )
{ {
return( POLARSSL_ERR_GCM_BAD_INPUT ); return( MBEDTLS_ERR_GCM_BAD_INPUT );
} }
memset( ctx->y, 0x00, sizeof(ctx->y) ); memset( ctx->y, 0x00, sizeof(ctx->y) );
@ -313,7 +313,7 @@ int gcm_starts( gcm_context *ctx,
gcm_mult( ctx, ctx->y, ctx->y ); gcm_mult( ctx, ctx->y, ctx->y );
} }
if( ( ret = cipher_update( &ctx->cipher_ctx, ctx->y, 16, ctx->base_ectr, if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctx->y, 16, ctx->base_ectr,
&olen ) ) != 0 ) &olen ) ) != 0 )
{ {
return( ret ); return( ret );
@ -337,7 +337,7 @@ int gcm_starts( gcm_context *ctx,
return( 0 ); return( 0 );
} }
int gcm_update( gcm_context *ctx, int mbedtls_gcm_update( mbedtls_gcm_context *ctx,
size_t length, size_t length,
const unsigned char *input, const unsigned char *input,
unsigned char *output ) unsigned char *output )
@ -350,14 +350,14 @@ int gcm_update( gcm_context *ctx,
size_t use_len, olen = 0; size_t use_len, olen = 0;
if( output > input && (size_t) ( output - input ) < length ) if( output > input && (size_t) ( output - input ) < length )
return( POLARSSL_ERR_GCM_BAD_INPUT ); return( MBEDTLS_ERR_GCM_BAD_INPUT );
/* Total length is restricted to 2^39 - 256 bits, ie 2^36 - 2^5 bytes /* Total length is restricted to 2^39 - 256 bits, ie 2^36 - 2^5 bytes
* Also check for possible overflow */ * Also check for possible overflow */
if( ctx->len + length < ctx->len || if( ctx->len + length < ctx->len ||
(uint64_t) ctx->len + length > 0x03FFFFE0ull ) (uint64_t) ctx->len + length > 0x03FFFFE0ull )
{ {
return( POLARSSL_ERR_GCM_BAD_INPUT ); return( MBEDTLS_ERR_GCM_BAD_INPUT );
} }
ctx->len += length; ctx->len += length;
@ -371,7 +371,7 @@ int gcm_update( gcm_context *ctx,
if( ++ctx->y[i - 1] != 0 ) if( ++ctx->y[i - 1] != 0 )
break; break;
if( ( ret = cipher_update( &ctx->cipher_ctx, ctx->y, 16, ectr, if( ( ret = mbedtls_cipher_update( &ctx->cipher_ctx, ctx->y, 16, ectr,
&olen ) ) != 0 ) &olen ) ) != 0 )
{ {
return( ret ); return( ret );
@ -379,10 +379,10 @@ int gcm_update( gcm_context *ctx,
for( i = 0; i < use_len; i++ ) for( i = 0; i < use_len; i++ )
{ {
if( ctx->mode == GCM_DECRYPT ) if( ctx->mode == MBEDTLS_GCM_DECRYPT )
ctx->buf[i] ^= p[i]; ctx->buf[i] ^= p[i];
out_p[i] = ectr[i] ^ p[i]; out_p[i] = ectr[i] ^ p[i];
if( ctx->mode == GCM_ENCRYPT ) if( ctx->mode == MBEDTLS_GCM_ENCRYPT )
ctx->buf[i] ^= out_p[i]; ctx->buf[i] ^= out_p[i];
} }
@ -396,7 +396,7 @@ int gcm_update( gcm_context *ctx,
return( 0 ); return( 0 );
} }
int gcm_finish( gcm_context *ctx, int mbedtls_gcm_finish( mbedtls_gcm_context *ctx,
unsigned char *tag, unsigned char *tag,
size_t tag_len ) size_t tag_len )
{ {
@ -406,7 +406,7 @@ int gcm_finish( gcm_context *ctx,
uint64_t orig_add_len = ctx->add_len * 8; uint64_t orig_add_len = ctx->add_len * 8;
if( tag_len > 16 || tag_len < 4 ) if( tag_len > 16 || tag_len < 4 )
return( POLARSSL_ERR_GCM_BAD_INPUT ); return( MBEDTLS_ERR_GCM_BAD_INPUT );
if( tag_len != 0 ) if( tag_len != 0 )
memcpy( tag, ctx->base_ectr, tag_len ); memcpy( tag, ctx->base_ectr, tag_len );
@ -432,7 +432,7 @@ int gcm_finish( gcm_context *ctx,
return( 0 ); return( 0 );
} }
int gcm_crypt_and_tag( gcm_context *ctx, int mbedtls_gcm_crypt_and_tag( mbedtls_gcm_context *ctx,
int mode, int mode,
size_t length, size_t length,
const unsigned char *iv, const unsigned char *iv,
@ -446,19 +446,19 @@ int gcm_crypt_and_tag( gcm_context *ctx,
{ {
int ret; int ret;
if( ( ret = gcm_starts( ctx, mode, iv, iv_len, add, add_len ) ) != 0 ) if( ( ret = mbedtls_gcm_starts( ctx, mode, iv, iv_len, add, add_len ) ) != 0 )
return( ret ); return( ret );
if( ( ret = gcm_update( ctx, length, input, output ) ) != 0 ) if( ( ret = mbedtls_gcm_update( ctx, length, input, output ) ) != 0 )
return( ret ); return( ret );
if( ( ret = gcm_finish( ctx, tag, tag_len ) ) != 0 ) if( ( ret = mbedtls_gcm_finish( ctx, tag, tag_len ) ) != 0 )
return( ret ); return( ret );
return( 0 ); return( 0 );
} }
int gcm_auth_decrypt( gcm_context *ctx, int mbedtls_gcm_auth_decrypt( mbedtls_gcm_context *ctx,
size_t length, size_t length,
const unsigned char *iv, const unsigned char *iv,
size_t iv_len, size_t iv_len,
@ -474,7 +474,7 @@ int gcm_auth_decrypt( gcm_context *ctx,
size_t i; size_t i;
int diff; int diff;
if( ( ret = gcm_crypt_and_tag( ctx, GCM_DECRYPT, length, if( ( ret = mbedtls_gcm_crypt_and_tag( ctx, MBEDTLS_GCM_DECRYPT, length,
iv, iv_len, add, add_len, iv, iv_len, add, add_len,
input, output, tag_len, check_tag ) ) != 0 ) input, output, tag_len, check_tag ) ) != 0 )
{ {
@ -487,20 +487,20 @@ int gcm_auth_decrypt( gcm_context *ctx,
if( diff != 0 ) if( diff != 0 )
{ {
polarssl_zeroize( output, length ); mbedtls_zeroize( output, length );
return( POLARSSL_ERR_GCM_AUTH_FAILED ); return( MBEDTLS_ERR_GCM_AUTH_FAILED );
} }
return( 0 ); return( 0 );
} }
void gcm_free( gcm_context *ctx ) void mbedtls_gcm_free( mbedtls_gcm_context *ctx )
{ {
cipher_free( &ctx->cipher_ctx ); mbedtls_cipher_free( &ctx->cipher_ctx );
polarssl_zeroize( ctx, sizeof( gcm_context ) ); mbedtls_zeroize( ctx, sizeof( mbedtls_gcm_context ) );
} }
#if defined(POLARSSL_SELF_TEST) && defined(POLARSSL_AES_C) #if defined(MBEDTLS_SELF_TEST) && defined(MBEDTLS_AES_C)
/* /*
* AES-GCM test vectors from: * AES-GCM test vectors from:
* *
@ -728,13 +728,13 @@ static const unsigned char tag[MAX_TESTS * 3][16] =
0xc8, 0xb5, 0xd4, 0xcf, 0x5a, 0xe9, 0xf1, 0x9a }, 0xc8, 0xb5, 0xd4, 0xcf, 0x5a, 0xe9, 0xf1, 0x9a },
}; };
int gcm_self_test( int verbose ) int mbedtls_gcm_self_test( int verbose )
{ {
gcm_context ctx; mbedtls_gcm_context ctx;
unsigned char buf[64]; unsigned char buf[64];
unsigned char tag_buf[16]; unsigned char tag_buf[16];
int i, j, ret; int i, j, ret;
cipher_id_t cipher = POLARSSL_CIPHER_ID_AES; mbedtls_cipher_id_t cipher = MBEDTLS_CIPHER_ID_AES;
for( j = 0; j < 3; j++ ) for( j = 0; j < 3; j++ )
{ {
@ -743,12 +743,12 @@ int gcm_self_test( int verbose )
for( i = 0; i < MAX_TESTS; i++ ) for( i = 0; i < MAX_TESTS; i++ )
{ {
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( " AES-GCM-%3d #%d (%s): ", mbedtls_printf( " AES-GCM-%3d #%d (%s): ",
key_len, i, "enc" ); key_len, i, "enc" );
gcm_init( &ctx, cipher, key[key_index[i]], key_len ); mbedtls_gcm_init( &ctx, cipher, key[key_index[i]], key_len );
ret = gcm_crypt_and_tag( &ctx, GCM_ENCRYPT, ret = mbedtls_gcm_crypt_and_tag( &ctx, MBEDTLS_GCM_ENCRYPT,
pt_len[i], pt_len[i],
iv[iv_index[i]], iv_len[i], iv[iv_index[i]], iv_len[i],
additional[add_index[i]], add_len[i], additional[add_index[i]], add_len[i],
@ -759,23 +759,23 @@ int gcm_self_test( int verbose )
memcmp( tag_buf, tag[j * 6 + i], 16 ) != 0 ) memcmp( tag_buf, tag[j * 6 + i], 16 ) != 0 )
{ {
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "failed\n" ); mbedtls_printf( "failed\n" );
return( 1 ); return( 1 );
} }
gcm_free( &ctx ); mbedtls_gcm_free( &ctx );
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "passed\n" ); mbedtls_printf( "passed\n" );
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( " AES-GCM-%3d #%d (%s): ", mbedtls_printf( " AES-GCM-%3d #%d (%s): ",
key_len, i, "dec" ); key_len, i, "dec" );
gcm_init( &ctx, cipher, key[key_index[i]], key_len ); mbedtls_gcm_init( &ctx, cipher, key[key_index[i]], key_len );
ret = gcm_crypt_and_tag( &ctx, GCM_DECRYPT, ret = mbedtls_gcm_crypt_and_tag( &ctx, MBEDTLS_GCM_DECRYPT,
pt_len[i], pt_len[i],
iv[iv_index[i]], iv_len[i], iv[iv_index[i]], iv_len[i],
additional[add_index[i]], add_len[i], additional[add_index[i]], add_len[i],
@ -786,29 +786,29 @@ int gcm_self_test( int verbose )
memcmp( tag_buf, tag[j * 6 + i], 16 ) != 0 ) memcmp( tag_buf, tag[j * 6 + i], 16 ) != 0 )
{ {
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "failed\n" ); mbedtls_printf( "failed\n" );
return( 1 ); return( 1 );
} }
gcm_free( &ctx ); mbedtls_gcm_free( &ctx );
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "passed\n" ); mbedtls_printf( "passed\n" );
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( " AES-GCM-%3d #%d split (%s): ", mbedtls_printf( " AES-GCM-%3d #%d split (%s): ",
key_len, i, "enc" ); key_len, i, "enc" );
gcm_init( &ctx, cipher, key[key_index[i]], key_len ); mbedtls_gcm_init( &ctx, cipher, key[key_index[i]], key_len );
ret = gcm_starts( &ctx, GCM_ENCRYPT, ret = mbedtls_gcm_starts( &ctx, MBEDTLS_GCM_ENCRYPT,
iv[iv_index[i]], iv_len[i], iv[iv_index[i]], iv_len[i],
additional[add_index[i]], add_len[i] ); additional[add_index[i]], add_len[i] );
if( ret != 0 ) if( ret != 0 )
{ {
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "failed\n" ); mbedtls_printf( "failed\n" );
return( 1 ); return( 1 );
} }
@ -816,66 +816,66 @@ int gcm_self_test( int verbose )
if( pt_len[i] > 32 ) if( pt_len[i] > 32 )
{ {
size_t rest_len = pt_len[i] - 32; size_t rest_len = pt_len[i] - 32;
ret = gcm_update( &ctx, 32, pt[pt_index[i]], buf ); ret = mbedtls_gcm_update( &ctx, 32, pt[pt_index[i]], buf );
if( ret != 0 ) if( ret != 0 )
{ {
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "failed\n" ); mbedtls_printf( "failed\n" );
return( 1 ); return( 1 );
} }
ret = gcm_update( &ctx, rest_len, pt[pt_index[i]] + 32, ret = mbedtls_gcm_update( &ctx, rest_len, pt[pt_index[i]] + 32,
buf + 32 ); buf + 32 );
if( ret != 0 ) if( ret != 0 )
{ {
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "failed\n" ); mbedtls_printf( "failed\n" );
return( 1 ); return( 1 );
} }
} }
else else
{ {
ret = gcm_update( &ctx, pt_len[i], pt[pt_index[i]], buf ); ret = mbedtls_gcm_update( &ctx, pt_len[i], pt[pt_index[i]], buf );
if( ret != 0 ) if( ret != 0 )
{ {
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "failed\n" ); mbedtls_printf( "failed\n" );
return( 1 ); return( 1 );
} }
} }
ret = gcm_finish( &ctx, tag_buf, 16 ); ret = mbedtls_gcm_finish( &ctx, tag_buf, 16 );
if( ret != 0 || if( ret != 0 ||
memcmp( buf, ct[j * 6 + i], pt_len[i] ) != 0 || memcmp( buf, ct[j * 6 + i], pt_len[i] ) != 0 ||
memcmp( tag_buf, tag[j * 6 + i], 16 ) != 0 ) memcmp( tag_buf, tag[j * 6 + i], 16 ) != 0 )
{ {
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "failed\n" ); mbedtls_printf( "failed\n" );
return( 1 ); return( 1 );
} }
gcm_free( &ctx ); mbedtls_gcm_free( &ctx );
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "passed\n" ); mbedtls_printf( "passed\n" );
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( " AES-GCM-%3d #%d split (%s): ", mbedtls_printf( " AES-GCM-%3d #%d split (%s): ",
key_len, i, "dec" ); key_len, i, "dec" );
gcm_init( &ctx, cipher, key[key_index[i]], key_len ); mbedtls_gcm_init( &ctx, cipher, key[key_index[i]], key_len );
ret = gcm_starts( &ctx, GCM_DECRYPT, ret = mbedtls_gcm_starts( &ctx, MBEDTLS_GCM_DECRYPT,
iv[iv_index[i]], iv_len[i], iv[iv_index[i]], iv_len[i],
additional[add_index[i]], add_len[i] ); additional[add_index[i]], add_len[i] );
if( ret != 0 ) if( ret != 0 )
{ {
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "failed\n" ); mbedtls_printf( "failed\n" );
return( 1 ); return( 1 );
} }
@ -883,62 +883,62 @@ int gcm_self_test( int verbose )
if( pt_len[i] > 32 ) if( pt_len[i] > 32 )
{ {
size_t rest_len = pt_len[i] - 32; size_t rest_len = pt_len[i] - 32;
ret = gcm_update( &ctx, 32, ct[j * 6 + i], buf ); ret = mbedtls_gcm_update( &ctx, 32, ct[j * 6 + i], buf );
if( ret != 0 ) if( ret != 0 )
{ {
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "failed\n" ); mbedtls_printf( "failed\n" );
return( 1 ); return( 1 );
} }
ret = gcm_update( &ctx, rest_len, ct[j * 6 + i] + 32, ret = mbedtls_gcm_update( &ctx, rest_len, ct[j * 6 + i] + 32,
buf + 32 ); buf + 32 );
if( ret != 0 ) if( ret != 0 )
{ {
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "failed\n" ); mbedtls_printf( "failed\n" );
return( 1 ); return( 1 );
} }
} }
else else
{ {
ret = gcm_update( &ctx, pt_len[i], ct[j * 6 + i], buf ); ret = mbedtls_gcm_update( &ctx, pt_len[i], ct[j * 6 + i], buf );
if( ret != 0 ) if( ret != 0 )
{ {
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "failed\n" ); mbedtls_printf( "failed\n" );
return( 1 ); return( 1 );
} }
} }
ret = gcm_finish( &ctx, tag_buf, 16 ); ret = mbedtls_gcm_finish( &ctx, tag_buf, 16 );
if( ret != 0 || if( ret != 0 ||
memcmp( buf, pt[pt_index[i]], pt_len[i] ) != 0 || memcmp( buf, pt[pt_index[i]], pt_len[i] ) != 0 ||
memcmp( tag_buf, tag[j * 6 + i], 16 ) != 0 ) memcmp( tag_buf, tag[j * 6 + i], 16 ) != 0 )
{ {
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "failed\n" ); mbedtls_printf( "failed\n" );
return( 1 ); return( 1 );
} }
gcm_free( &ctx ); mbedtls_gcm_free( &ctx );
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "passed\n" ); mbedtls_printf( "passed\n" );
} }
} }
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "\n" ); mbedtls_printf( "\n" );
return( 0 ); return( 0 );
} }
#endif /* POLARSSL_SELF_TEST && POLARSSL_AES_C */ #endif /* MBEDTLS_SELF_TEST && MBEDTLS_AES_C */
#endif /* POLARSSL_GCM_C */ #endif /* MBEDTLS_GCM_C */

36
library/havege.c
View File

@ -27,13 +27,13 @@
* Contact: seznec(at)irisa_dot_fr - orocheco(at)irisa_dot_fr * Contact: seznec(at)irisa_dot_fr - orocheco(at)irisa_dot_fr
*/ */
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h" #include "mbedtls/config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#if defined(POLARSSL_HAVEGE_C) #if defined(MBEDTLS_HAVEGE_C)
#include "mbedtls/havege.h" #include "mbedtls/havege.h"
#include "mbedtls/timing.h" #include "mbedtls/timing.h"
@ -41,7 +41,7 @@
#include <string.h> #include <string.h>
/* Implementation that should never be optimized out by the compiler */ /* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) { static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0; volatile unsigned char *p = v; while( n-- ) *p++ = 0;
} }
@ -82,7 +82,7 @@ static void polarssl_zeroize( void *v, size_t n ) {
PTX = (PT1 >> 18) & 7; \ PTX = (PT1 >> 18) & 7; \
PT1 &= 0x1FFF; \ PT1 &= 0x1FFF; \
PT2 &= 0x1FFF; \ PT2 &= 0x1FFF; \
CLK = (int) hardclock(); \ CLK = (int) mbedtls_timing_hardclock(); \
\ \
i = 0; \ i = 0; \
A = &WALK[PT1 ]; RES[i++] ^= *A; \ A = &WALK[PT1 ]; RES[i++] ^= *A; \
@ -105,7 +105,7 @@ static void polarssl_zeroize( void *v, size_t n ) {
\ \
IN = (*A >> (5)) ^ (*A << (27)) ^ CLK; \ IN = (*A >> (5)) ^ (*A << (27)) ^ CLK; \
*A = (*B >> (6)) ^ (*B << (26)) ^ CLK; \ *A = (*B >> (6)) ^ (*B << (26)) ^ CLK; \
*B = IN; CLK = (int) hardclock(); \ *B = IN; CLK = (int) mbedtls_timing_hardclock(); \
*C = (*C >> (7)) ^ (*C << (25)) ^ CLK; \ *C = (*C >> (7)) ^ (*C << (25)) ^ CLK; \
*D = (*D >> (8)) ^ (*D << (24)) ^ CLK; \ *D = (*D >> (8)) ^ (*D << (24)) ^ CLK; \
\ \
@ -156,12 +156,12 @@ static void polarssl_zeroize( void *v, size_t n ) {
PT1 ^= (PT2 ^ 0x10) & 0x10; \ PT1 ^= (PT2 ^ 0x10) & 0x10; \
\ \
for( n++, i = 0; i < 16; i++ ) \ for( n++, i = 0; i < 16; i++ ) \
hs->pool[n % COLLECT_SIZE] ^= RES[i]; hs->pool[n % MBEDTLS_HAVEGE_COLLECT_SIZE] ^= RES[i];
/* /*
* Entropy gathering function * Entropy gathering function
*/ */
static void havege_fill( havege_state *hs ) static void havege_fill( mbedtls_havege_state *hs )
{ {
int i, n = 0; int i, n = 0;
int U1, U2, *A, *B, *C, *D; int U1, U2, *A, *B, *C, *D;
@ -177,7 +177,7 @@ static void havege_fill( havege_state *hs )
memset( RES, 0, sizeof( RES ) ); memset( RES, 0, sizeof( RES ) );
while( n < COLLECT_SIZE * 4 ) while( n < MBEDTLS_HAVEGE_COLLECT_SIZE * 4 )
{ {
ONE_ITERATION ONE_ITERATION
ONE_ITERATION ONE_ITERATION
@ -189,35 +189,35 @@ static void havege_fill( havege_state *hs )
hs->PT2 = PT2; hs->PT2 = PT2;
hs->offset[0] = 0; hs->offset[0] = 0;
hs->offset[1] = COLLECT_SIZE / 2; hs->offset[1] = MBEDTLS_HAVEGE_COLLECT_SIZE / 2;
} }
/* /*
* HAVEGE initialization * HAVEGE initialization
*/ */
void havege_init( havege_state *hs ) void mbedtls_havege_init( mbedtls_havege_state *hs )
{ {
memset( hs, 0, sizeof( havege_state ) ); memset( hs, 0, sizeof( mbedtls_havege_state ) );
havege_fill( hs ); havege_fill( hs );
} }
void havege_free( havege_state *hs ) void mbedtls_havege_free( mbedtls_havege_state *hs )
{ {
if( hs == NULL ) if( hs == NULL )
return; return;
polarssl_zeroize( hs, sizeof( havege_state ) ); mbedtls_zeroize( hs, sizeof( mbedtls_havege_state ) );
} }
/* /*
* HAVEGE rand function * HAVEGE rand function
*/ */
int havege_random( void *p_rng, unsigned char *buf, size_t len ) int mbedtls_havege_random( void *p_rng, unsigned char *buf, size_t len )
{ {
int val; int val;
size_t use_len; size_t use_len;
havege_state *hs = (havege_state *) p_rng; mbedtls_havege_state *hs = (mbedtls_havege_state *) p_rng;
unsigned char *p = buf; unsigned char *p = buf;
while( len > 0 ) while( len > 0 )
@ -226,7 +226,7 @@ int havege_random( void *p_rng, unsigned char *buf, size_t len )
if( use_len > sizeof(int) ) if( use_len > sizeof(int) )
use_len = sizeof(int); use_len = sizeof(int);
if( hs->offset[1] >= COLLECT_SIZE ) if( hs->offset[1] >= MBEDTLS_HAVEGE_COLLECT_SIZE )
havege_fill( hs ); havege_fill( hs );
val = hs->pool[hs->offset[0]++]; val = hs->pool[hs->offset[0]++];
@ -241,4 +241,4 @@ int havege_random( void *p_rng, unsigned char *buf, size_t len )
return( 0 ); return( 0 );
} }
#endif /* POLARSSL_HAVEGE_C */ #endif /* MBEDTLS_HAVEGE_C */

218
library/hmac_drbg.c
View File

@ -26,78 +26,78 @@
* References below are based on rev. 1 (January 2012). * References below are based on rev. 1 (January 2012).
*/ */
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h" #include "mbedtls/config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#if defined(POLARSSL_HMAC_DRBG_C) #if defined(MBEDTLS_HMAC_DRBG_C)
#include "mbedtls/hmac_drbg.h" #include "mbedtls/hmac_drbg.h"
#include <string.h> #include <string.h>
#if defined(POLARSSL_FS_IO) #if defined(MBEDTLS_FS_IO)
#include <stdio.h> #include <stdio.h>
#endif #endif
#if defined(POLARSSL_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
#if defined(POLARSSL_PLATFORM_C) #if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h" #include "mbedtls/platform.h"
#else #else
#include <stdio.h> #include <stdio.h>
#define polarssl_printf printf #define mbedtls_printf printf
#endif /* POLARSSL_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */
#endif /* POLARSSL_PLATFORM_C */ #endif /* MBEDTLS_PLATFORM_C */
/* Implementation that should never be optimized out by the compiler */ /* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) { static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0; volatile unsigned char *p = v; while( n-- ) *p++ = 0;
} }
/* /*
* HMAC_DRBG update, using optional additional data (10.1.2.2) * HMAC_DRBG update, using optional additional data (10.1.2.2)
*/ */
void hmac_drbg_update( hmac_drbg_context *ctx, void mbedtls_hmac_drbg_update( mbedtls_hmac_drbg_context *ctx,
const unsigned char *additional, size_t add_len ) const unsigned char *additional, size_t add_len )
{ {
size_t md_len = md_get_size( ctx->md_ctx.md_info ); size_t md_len = mbedtls_md_get_size( ctx->md_ctx.md_info );
unsigned char rounds = ( additional != NULL && add_len != 0 ) ? 2 : 1; unsigned char rounds = ( additional != NULL && add_len != 0 ) ? 2 : 1;
unsigned char sep[1]; unsigned char sep[1];
unsigned char K[POLARSSL_MD_MAX_SIZE]; unsigned char K[MBEDTLS_MD_MAX_SIZE];
for( sep[0] = 0; sep[0] < rounds; sep[0]++ ) for( sep[0] = 0; sep[0] < rounds; sep[0]++ )
{ {
/* Step 1 or 4 */ /* Step 1 or 4 */
md_hmac_reset( &ctx->md_ctx ); mbedtls_md_hmac_reset( &ctx->md_ctx );
md_hmac_update( &ctx->md_ctx, ctx->V, md_len ); mbedtls_md_hmac_update( &ctx->md_ctx, ctx->V, md_len );
md_hmac_update( &ctx->md_ctx, sep, 1 ); mbedtls_md_hmac_update( &ctx->md_ctx, sep, 1 );
if( rounds == 2 ) if( rounds == 2 )
md_hmac_update( &ctx->md_ctx, additional, add_len ); mbedtls_md_hmac_update( &ctx->md_ctx, additional, add_len );
md_hmac_finish( &ctx->md_ctx, K ); mbedtls_md_hmac_finish( &ctx->md_ctx, K );
/* Step 2 or 5 */ /* Step 2 or 5 */
md_hmac_starts( &ctx->md_ctx, K, md_len ); mbedtls_md_hmac_starts( &ctx->md_ctx, K, md_len );
md_hmac_update( &ctx->md_ctx, ctx->V, md_len ); mbedtls_md_hmac_update( &ctx->md_ctx, ctx->V, md_len );
md_hmac_finish( &ctx->md_ctx, ctx->V ); mbedtls_md_hmac_finish( &ctx->md_ctx, ctx->V );
} }
} }
/* /*
* Simplified HMAC_DRBG initialisation (for use with deterministic ECDSA) * Simplified HMAC_DRBG initialisation (for use with deterministic ECDSA)
*/ */
int hmac_drbg_init_buf( hmac_drbg_context *ctx, int mbedtls_hmac_drbg_init_buf( mbedtls_hmac_drbg_context *ctx,
const md_info_t * md_info, const mbedtls_md_info_t * md_info,
const unsigned char *data, size_t data_len ) const unsigned char *data, size_t data_len )
{ {
int ret; int ret;
memset( ctx, 0, sizeof( hmac_drbg_context ) ); memset( ctx, 0, sizeof( mbedtls_hmac_drbg_context ) );
md_init( &ctx->md_ctx ); mbedtls_md_init( &ctx->md_ctx );
if( ( ret = md_setup( &ctx->md_ctx, md_info, 1 ) ) != 0 ) if( ( ret = mbedtls_md_setup( &ctx->md_ctx, md_info, 1 ) ) != 0 )
return( ret ); return( ret );
/* /*
@ -105,10 +105,10 @@ int hmac_drbg_init_buf( hmac_drbg_context *ctx,
* Use the V memory location, which is currently all 0, to initialize the * Use the V memory location, which is currently all 0, to initialize the
* MD context with an all-zero key. Then set V to its initial value. * MD context with an all-zero key. Then set V to its initial value.
*/ */
md_hmac_starts( &ctx->md_ctx, ctx->V, md_get_size( md_info ) ); mbedtls_md_hmac_starts( &ctx->md_ctx, ctx->V, mbedtls_md_get_size( md_info ) );
memset( ctx->V, 0x01, md_get_size( md_info ) ); memset( ctx->V, 0x01, mbedtls_md_get_size( md_info ) );
hmac_drbg_update( ctx, data, data_len ); mbedtls_hmac_drbg_update( ctx, data, data_len );
return( 0 ); return( 0 );
} }
@ -116,24 +116,24 @@ int hmac_drbg_init_buf( hmac_drbg_context *ctx,
/* /*
* HMAC_DRBG reseeding: 10.1.2.4 (arabic) + 9.2 (Roman) * HMAC_DRBG reseeding: 10.1.2.4 (arabic) + 9.2 (Roman)
*/ */
int hmac_drbg_reseed( hmac_drbg_context *ctx, int mbedtls_hmac_drbg_reseed( mbedtls_hmac_drbg_context *ctx,
const unsigned char *additional, size_t len ) const unsigned char *additional, size_t len )
{ {
unsigned char seed[POLARSSL_HMAC_DRBG_MAX_SEED_INPUT]; unsigned char seed[MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT];
size_t seedlen; size_t seedlen;
/* III. Check input length */ /* III. Check input length */
if( len > POLARSSL_HMAC_DRBG_MAX_INPUT || if( len > MBEDTLS_HMAC_DRBG_MAX_INPUT ||
ctx->entropy_len + len > POLARSSL_HMAC_DRBG_MAX_SEED_INPUT ) ctx->entropy_len + len > MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT )
{ {
return( POLARSSL_ERR_HMAC_DRBG_INPUT_TOO_BIG ); return( MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG );
} }
memset( seed, 0, POLARSSL_HMAC_DRBG_MAX_SEED_INPUT ); memset( seed, 0, MBEDTLS_HMAC_DRBG_MAX_SEED_INPUT );
/* IV. Gather entropy_len bytes of entropy for the seed */ /* IV. Gather entropy_len bytes of entropy for the seed */
if( ctx->f_entropy( ctx->p_entropy, seed, ctx->entropy_len ) != 0 ) if( ctx->f_entropy( ctx->p_entropy, seed, ctx->entropy_len ) != 0 )
return( POLARSSL_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED ); return( MBEDTLS_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED );
seedlen = ctx->entropy_len; seedlen = ctx->entropy_len;
@ -145,7 +145,7 @@ int hmac_drbg_reseed( hmac_drbg_context *ctx,
} }
/* 2. Update state */ /* 2. Update state */
hmac_drbg_update( ctx, seed, seedlen ); mbedtls_hmac_drbg_update( ctx, seed, seedlen );
/* 3. Reset reseed_counter */ /* 3. Reset reseed_counter */
ctx->reseed_counter = 1; ctx->reseed_counter = 1;
@ -157,8 +157,8 @@ int hmac_drbg_reseed( hmac_drbg_context *ctx,
/* /*
* HMAC_DRBG initialisation (10.1.2.3 + 9.1) * HMAC_DRBG initialisation (10.1.2.3 + 9.1)
*/ */
int hmac_drbg_init( hmac_drbg_context *ctx, int mbedtls_hmac_drbg_init( mbedtls_hmac_drbg_context *ctx,
const md_info_t * md_info, const mbedtls_md_info_t * md_info,
int (*f_entropy)(void *, unsigned char *, size_t), int (*f_entropy)(void *, unsigned char *, size_t),
void *p_entropy, void *p_entropy,
const unsigned char *custom, const unsigned char *custom,
@ -167,27 +167,27 @@ int hmac_drbg_init( hmac_drbg_context *ctx,
int ret; int ret;
size_t entropy_len, md_size; size_t entropy_len, md_size;
memset( ctx, 0, sizeof( hmac_drbg_context ) ); memset( ctx, 0, sizeof( mbedtls_hmac_drbg_context ) );
md_init( &ctx->md_ctx ); mbedtls_md_init( &ctx->md_ctx );
if( ( ret = md_setup( &ctx->md_ctx, md_info, 1 ) ) != 0 ) if( ( ret = mbedtls_md_setup( &ctx->md_ctx, md_info, 1 ) ) != 0 )
return( ret ); return( ret );
md_size = md_get_size( md_info ); md_size = mbedtls_md_get_size( md_info );
/* /*
* Set initial working state. * Set initial working state.
* Use the V memory location, which is currently all 0, to initialize the * Use the V memory location, which is currently all 0, to initialize the
* MD context with an all-zero key. Then set V to its initial value. * MD context with an all-zero key. Then set V to its initial value.
*/ */
md_hmac_starts( &ctx->md_ctx, ctx->V, md_size ); mbedtls_md_hmac_starts( &ctx->md_ctx, ctx->V, md_size );
memset( ctx->V, 0x01, md_size ); memset( ctx->V, 0x01, md_size );
ctx->f_entropy = f_entropy; ctx->f_entropy = f_entropy;
ctx->p_entropy = p_entropy; ctx->p_entropy = p_entropy;
ctx->reseed_interval = POLARSSL_HMAC_DRBG_RESEED_INTERVAL; ctx->reseed_interval = MBEDTLS_HMAC_DRBG_RESEED_INTERVAL;
/* /*
* See SP800-57 5.6.1 (p. 65-66) for the security strength provided by * See SP800-57 5.6.1 (p. 65-66) for the security strength provided by
@ -206,7 +206,7 @@ int hmac_drbg_init( hmac_drbg_context *ctx,
*/ */
ctx->entropy_len = entropy_len * 3 / 2; ctx->entropy_len = entropy_len * 3 / 2;
if( ( ret = hmac_drbg_reseed( ctx, custom, len ) ) != 0 ) if( ( ret = mbedtls_hmac_drbg_reseed( ctx, custom, len ) ) != 0 )
return( ret ); return( ret );
ctx->entropy_len = entropy_len; ctx->entropy_len = entropy_len;
@ -217,7 +217,7 @@ int hmac_drbg_init( hmac_drbg_context *ctx,
/* /*
* Set prediction resistance * Set prediction resistance
*/ */
void hmac_drbg_set_prediction_resistance( hmac_drbg_context *ctx, void mbedtls_hmac_drbg_set_prediction_resistance( mbedtls_hmac_drbg_context *ctx,
int resistance ) int resistance )
{ {
ctx->prediction_resistance = resistance; ctx->prediction_resistance = resistance;
@ -226,7 +226,7 @@ void hmac_drbg_set_prediction_resistance( hmac_drbg_context *ctx,
/* /*
* Set entropy length grabbed for reseeds * Set entropy length grabbed for reseeds
*/ */
void hmac_drbg_set_entropy_len( hmac_drbg_context *ctx, size_t len ) void mbedtls_hmac_drbg_set_entropy_len( mbedtls_hmac_drbg_context *ctx, size_t len )
{ {
ctx->entropy_len = len; ctx->entropy_len = len;
} }
@ -234,7 +234,7 @@ void hmac_drbg_set_entropy_len( hmac_drbg_context *ctx, size_t len )
/* /*
* Set reseed interval * Set reseed interval
*/ */
void hmac_drbg_set_reseed_interval( hmac_drbg_context *ctx, int interval ) void mbedtls_hmac_drbg_set_reseed_interval( mbedtls_hmac_drbg_context *ctx, int interval )
{ {
ctx->reseed_interval = interval; ctx->reseed_interval = interval;
} }
@ -243,30 +243,30 @@ void hmac_drbg_set_reseed_interval( hmac_drbg_context *ctx, int interval )
* HMAC_DRBG random function with optional additional data: * HMAC_DRBG random function with optional additional data:
* 10.1.2.5 (arabic) + 9.3 (Roman) * 10.1.2.5 (arabic) + 9.3 (Roman)
*/ */
int hmac_drbg_random_with_add( void *p_rng, int mbedtls_hmac_drbg_random_with_add( void *p_rng,
unsigned char *output, size_t out_len, unsigned char *output, size_t out_len,
const unsigned char *additional, size_t add_len ) const unsigned char *additional, size_t add_len )
{ {
int ret; int ret;
hmac_drbg_context *ctx = (hmac_drbg_context *) p_rng; mbedtls_hmac_drbg_context *ctx = (mbedtls_hmac_drbg_context *) p_rng;
size_t md_len = md_get_size( ctx->md_ctx.md_info ); size_t md_len = mbedtls_md_get_size( ctx->md_ctx.md_info );
size_t left = out_len; size_t left = out_len;
unsigned char *out = output; unsigned char *out = output;
/* II. Check request length */ /* II. Check request length */
if( out_len > POLARSSL_HMAC_DRBG_MAX_REQUEST ) if( out_len > MBEDTLS_HMAC_DRBG_MAX_REQUEST )
return( POLARSSL_ERR_HMAC_DRBG_REQUEST_TOO_BIG ); return( MBEDTLS_ERR_HMAC_DRBG_REQUEST_TOO_BIG );
/* III. Check input length */ /* III. Check input length */
if( add_len > POLARSSL_HMAC_DRBG_MAX_INPUT ) if( add_len > MBEDTLS_HMAC_DRBG_MAX_INPUT )
return( POLARSSL_ERR_HMAC_DRBG_INPUT_TOO_BIG ); return( MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG );
/* 1. (aka VII and IX) Check reseed counter and PR */ /* 1. (aka VII and IX) Check reseed counter and PR */
if( ctx->f_entropy != NULL && /* For no-reseeding instances */ if( ctx->f_entropy != NULL && /* For no-reseeding instances */
( ctx->prediction_resistance == POLARSSL_HMAC_DRBG_PR_ON || ( ctx->prediction_resistance == MBEDTLS_HMAC_DRBG_PR_ON ||
ctx->reseed_counter > ctx->reseed_interval ) ) ctx->reseed_counter > ctx->reseed_interval ) )
{ {
if( ( ret = hmac_drbg_reseed( ctx, additional, add_len ) ) != 0 ) if( ( ret = mbedtls_hmac_drbg_reseed( ctx, additional, add_len ) ) != 0 )
return( ret ); return( ret );
add_len = 0; /* VII.4 */ add_len = 0; /* VII.4 */
@ -274,16 +274,16 @@ int hmac_drbg_random_with_add( void *p_rng,
/* 2. Use additional data if any */ /* 2. Use additional data if any */
if( additional != NULL && add_len != 0 ) if( additional != NULL && add_len != 0 )
hmac_drbg_update( ctx, additional, add_len ); mbedtls_hmac_drbg_update( ctx, additional, add_len );
/* 3, 4, 5. Generate bytes */ /* 3, 4, 5. Generate bytes */
while( left != 0 ) while( left != 0 )
{ {
size_t use_len = left > md_len ? md_len : left; size_t use_len = left > md_len ? md_len : left;
md_hmac_reset( &ctx->md_ctx ); mbedtls_md_hmac_reset( &ctx->md_ctx );
md_hmac_update( &ctx->md_ctx, ctx->V, md_len ); mbedtls_md_hmac_update( &ctx->md_ctx, ctx->V, md_len );
md_hmac_finish( &ctx->md_ctx, ctx->V ); mbedtls_md_hmac_finish( &ctx->md_ctx, ctx->V );
memcpy( out, ctx->V, use_len ); memcpy( out, ctx->V, use_len );
out += use_len; out += use_len;
@ -291,7 +291,7 @@ int hmac_drbg_random_with_add( void *p_rng,
} }
/* 6. Update */ /* 6. Update */
hmac_drbg_update( ctx, additional, add_len ); mbedtls_hmac_drbg_update( ctx, additional, add_len );
/* 7. Update reseed counter */ /* 7. Update reseed counter */
ctx->reseed_counter++; ctx->reseed_counter++;
@ -303,40 +303,40 @@ int hmac_drbg_random_with_add( void *p_rng,
/* /*
* HMAC_DRBG random function * HMAC_DRBG random function
*/ */
int hmac_drbg_random( void *p_rng, unsigned char *output, size_t out_len ) int mbedtls_hmac_drbg_random( void *p_rng, unsigned char *output, size_t out_len )
{ {
return( hmac_drbg_random_with_add( p_rng, output, out_len, NULL, 0 ) ); return( mbedtls_hmac_drbg_random_with_add( p_rng, output, out_len, NULL, 0 ) );
} }
/* /*
* Free an HMAC_DRBG context * Free an HMAC_DRBG context
*/ */
void hmac_drbg_free( hmac_drbg_context *ctx ) void mbedtls_hmac_drbg_free( mbedtls_hmac_drbg_context *ctx )
{ {
if( ctx == NULL ) if( ctx == NULL )
return; return;
md_free( &ctx->md_ctx ); mbedtls_md_free( &ctx->md_ctx );
polarssl_zeroize( ctx, sizeof( hmac_drbg_context ) ); mbedtls_zeroize( ctx, sizeof( mbedtls_hmac_drbg_context ) );
} }
#if defined(POLARSSL_FS_IO) #if defined(MBEDTLS_FS_IO)
int hmac_drbg_write_seed_file( hmac_drbg_context *ctx, const char *path ) int mbedtls_hmac_drbg_write_seed_file( mbedtls_hmac_drbg_context *ctx, const char *path )
{ {
int ret; int ret;
FILE *f; FILE *f;
unsigned char buf[ POLARSSL_HMAC_DRBG_MAX_INPUT ]; unsigned char buf[ MBEDTLS_HMAC_DRBG_MAX_INPUT ];
if( ( f = fopen( path, "wb" ) ) == NULL ) if( ( f = fopen( path, "wb" ) ) == NULL )
return( POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR ); return( MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR );
if( ( ret = hmac_drbg_random( ctx, buf, sizeof( buf ) ) ) != 0 ) if( ( ret = mbedtls_hmac_drbg_random( ctx, buf, sizeof( buf ) ) ) != 0 )
goto exit; goto exit;
if( fwrite( buf, 1, sizeof( buf ), f ) != sizeof( buf ) ) if( fwrite( buf, 1, sizeof( buf ), f ) != sizeof( buf ) )
{ {
ret = POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR; ret = MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR;
goto exit; goto exit;
} }
@ -347,49 +347,49 @@ exit:
return( ret ); return( ret );
} }
int hmac_drbg_update_seed_file( hmac_drbg_context *ctx, const char *path ) int mbedtls_hmac_drbg_update_seed_file( mbedtls_hmac_drbg_context *ctx, const char *path )
{ {
FILE *f; FILE *f;
size_t n; size_t n;
unsigned char buf[ POLARSSL_HMAC_DRBG_MAX_INPUT ]; unsigned char buf[ MBEDTLS_HMAC_DRBG_MAX_INPUT ];
if( ( f = fopen( path, "rb" ) ) == NULL ) if( ( f = fopen( path, "rb" ) ) == NULL )
return( POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR ); return( MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR );
fseek( f, 0, SEEK_END ); fseek( f, 0, SEEK_END );
n = (size_t) ftell( f ); n = (size_t) ftell( f );
fseek( f, 0, SEEK_SET ); fseek( f, 0, SEEK_SET );
if( n > POLARSSL_HMAC_DRBG_MAX_INPUT ) if( n > MBEDTLS_HMAC_DRBG_MAX_INPUT )
{ {
fclose( f ); fclose( f );
return( POLARSSL_ERR_HMAC_DRBG_INPUT_TOO_BIG ); return( MBEDTLS_ERR_HMAC_DRBG_INPUT_TOO_BIG );
} }
if( fread( buf, 1, n, f ) != n ) if( fread( buf, 1, n, f ) != n )
{ {
fclose( f ); fclose( f );
return( POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR ); return( MBEDTLS_ERR_HMAC_DRBG_FILE_IO_ERROR );
} }
fclose( f ); fclose( f );
hmac_drbg_update( ctx, buf, n ); mbedtls_hmac_drbg_update( ctx, buf, n );
return( hmac_drbg_write_seed_file( ctx, path ) ); return( mbedtls_hmac_drbg_write_seed_file( ctx, path ) );
} }
#endif /* POLARSSL_FS_IO */ #endif /* MBEDTLS_FS_IO */
#if defined(POLARSSL_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
#if !defined(POLARSSL_SHA1_C) #if !defined(MBEDTLS_SHA1_C)
/* Dummy checkup routine */ /* Dummy checkup routine */
int hmac_drbg_self_test( int verbose ) int mbedtls_hmac_drbg_self_test( int verbose )
{ {
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "\n" ); mbedtls_printf( "\n" );
return( 0 ); return( 0 );
} }
@ -442,63 +442,63 @@ static int hmac_drbg_self_test_entropy( void *data,
#define CHK( c ) if( (c) != 0 ) \ #define CHK( c ) if( (c) != 0 ) \
{ \ { \
if( verbose != 0 ) \ if( verbose != 0 ) \
polarssl_printf( "failed\n" ); \ mbedtls_printf( "failed\n" ); \
return( 1 ); \ return( 1 ); \
} }
/* /*
* Checkup routine for HMAC_DRBG with SHA-1 * Checkup routine for HMAC_DRBG with SHA-1
*/ */
int hmac_drbg_self_test( int verbose ) int mbedtls_hmac_drbg_self_test( int verbose )
{ {
hmac_drbg_context ctx; mbedtls_hmac_drbg_context ctx;
unsigned char buf[OUTPUT_LEN]; unsigned char buf[OUTPUT_LEN];
const md_info_t *md_info = md_info_from_type( POLARSSL_MD_SHA1 ); const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 );
/* /*
* PR = True * PR = True
*/ */
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( " HMAC_DRBG (PR = True) : " ); mbedtls_printf( " HMAC_DRBG (PR = True) : " );
test_offset = 0; test_offset = 0;
CHK( hmac_drbg_init( &ctx, md_info, CHK( mbedtls_hmac_drbg_init( &ctx, md_info,
hmac_drbg_self_test_entropy, (void *) entropy_pr, hmac_drbg_self_test_entropy, (void *) entropy_pr,
NULL, 0 ) ); NULL, 0 ) );
hmac_drbg_set_prediction_resistance( &ctx, POLARSSL_HMAC_DRBG_PR_ON ); mbedtls_hmac_drbg_set_prediction_resistance( &ctx, MBEDTLS_HMAC_DRBG_PR_ON );
CHK( hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) ); CHK( mbedtls_hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) );
CHK( hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) ); CHK( mbedtls_hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) );
CHK( memcmp( buf, result_pr, OUTPUT_LEN ) ); CHK( memcmp( buf, result_pr, OUTPUT_LEN ) );
hmac_drbg_free( &ctx ); mbedtls_hmac_drbg_free( &ctx );
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "passed\n" ); mbedtls_printf( "passed\n" );
/* /*
* PR = False * PR = False
*/ */
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( " HMAC_DRBG (PR = False) : " ); mbedtls_printf( " HMAC_DRBG (PR = False) : " );
test_offset = 0; test_offset = 0;
CHK( hmac_drbg_init( &ctx, md_info, CHK( mbedtls_hmac_drbg_init( &ctx, md_info,
hmac_drbg_self_test_entropy, (void *) entropy_nopr, hmac_drbg_self_test_entropy, (void *) entropy_nopr,
NULL, 0 ) ); NULL, 0 ) );
CHK( hmac_drbg_reseed( &ctx, NULL, 0 ) ); CHK( mbedtls_hmac_drbg_reseed( &ctx, NULL, 0 ) );
CHK( hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) ); CHK( mbedtls_hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) );
CHK( hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) ); CHK( mbedtls_hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) );
CHK( memcmp( buf, result_nopr, OUTPUT_LEN ) ); CHK( memcmp( buf, result_nopr, OUTPUT_LEN ) );
hmac_drbg_free( &ctx ); mbedtls_hmac_drbg_free( &ctx );
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "passed\n" ); mbedtls_printf( "passed\n" );
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "\n" ); mbedtls_printf( "\n" );
return( 0 ); return( 0 );
} }
#endif /* POLARSSL_SHA1_C */ #endif /* MBEDTLS_SHA1_C */
#endif /* POLARSSL_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */
#endif /* POLARSSL_HMAC_DRBG_C */ #endif /* MBEDTLS_HMAC_DRBG_C */

250
library/md.c
View File

@ -1,5 +1,5 @@
/** /**
* \file md.c * \file mbedtls_md.c
* *
* \brief Generic message digest wrapper for mbed TLS * \brief Generic message digest wrapper for mbed TLS
* *
@ -24,23 +24,23 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h" #include "mbedtls/config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#if defined(POLARSSL_MD_C) #if defined(MBEDTLS_MD_C)
#include "mbedtls/md.h" #include "mbedtls/md.h"
#include "mbedtls/md_wrap.h" #include "mbedtls/md_wrap.h"
#if defined(POLARSSL_PLATFORM_C) #if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h" #include "mbedtls/platform.h"
#else #else
#include <stdlib.h> #include <stdlib.h>
#define polarssl_malloc malloc #define mbedtls_malloc malloc
#define polarssl_free free #define mbedtls_free free
#endif #endif
#include <string.h> #include <string.h>
@ -51,138 +51,138 @@
#endif #endif
/* Implementation that should never be optimized out by the compiler */ /* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) { static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0; volatile unsigned char *p = v; while( n-- ) *p++ = 0;
} }
static const int supported_digests[] = { static const int supported_digests[] = {
#if defined(POLARSSL_SHA512_C) #if defined(MBEDTLS_SHA512_C)
POLARSSL_MD_SHA512, MBEDTLS_MD_SHA512,
POLARSSL_MD_SHA384, MBEDTLS_MD_SHA384,
#endif #endif
#if defined(POLARSSL_SHA256_C) #if defined(MBEDTLS_SHA256_C)
POLARSSL_MD_SHA256, MBEDTLS_MD_SHA256,
POLARSSL_MD_SHA224, MBEDTLS_MD_SHA224,
#endif #endif
#if defined(POLARSSL_SHA1_C) #if defined(MBEDTLS_SHA1_C)
POLARSSL_MD_SHA1, MBEDTLS_MD_SHA1,
#endif #endif
#if defined(POLARSSL_RIPEMD160_C) #if defined(MBEDTLS_RIPEMD160_C)
POLARSSL_MD_RIPEMD160, MBEDTLS_MD_RIPEMD160,
#endif #endif
#if defined(POLARSSL_MD5_C) #if defined(MBEDTLS_MD5_C)
POLARSSL_MD_MD5, MBEDTLS_MD_MD5,
#endif #endif
#if defined(POLARSSL_MD4_C) #if defined(MBEDTLS_MD4_C)
POLARSSL_MD_MD4, MBEDTLS_MD_MD4,
#endif #endif
#if defined(POLARSSL_MD2_C) #if defined(MBEDTLS_MD2_C)
POLARSSL_MD_MD2, MBEDTLS_MD_MD2,
#endif #endif
POLARSSL_MD_NONE MBEDTLS_MD_NONE
}; };
const int *md_list( void ) const int *mbedtls_md_list( void )
{ {
return( supported_digests ); return( supported_digests );
} }
const md_info_t *md_info_from_string( const char *md_name ) const mbedtls_md_info_t *mbedtls_md_info_from_string( const char *md_name )
{ {
if( NULL == md_name ) if( NULL == md_name )
return( NULL ); return( NULL );
/* Get the appropriate digest information */ /* Get the appropriate digest information */
#if defined(POLARSSL_MD2_C) #if defined(MBEDTLS_MD2_C)
if( !strcasecmp( "MD2", md_name ) ) if( !strcasecmp( "MD2", md_name ) )
return md_info_from_type( POLARSSL_MD_MD2 ); return mbedtls_md_info_from_type( MBEDTLS_MD_MD2 );
#endif #endif
#if defined(POLARSSL_MD4_C) #if defined(MBEDTLS_MD4_C)
if( !strcasecmp( "MD4", md_name ) ) if( !strcasecmp( "MD4", md_name ) )
return md_info_from_type( POLARSSL_MD_MD4 ); return mbedtls_md_info_from_type( MBEDTLS_MD_MD4 );
#endif #endif
#if defined(POLARSSL_MD5_C) #if defined(MBEDTLS_MD5_C)
if( !strcasecmp( "MD5", md_name ) ) if( !strcasecmp( "MD5", md_name ) )
return md_info_from_type( POLARSSL_MD_MD5 ); return mbedtls_md_info_from_type( MBEDTLS_MD_MD5 );
#endif #endif
#if defined(POLARSSL_RIPEMD160_C) #if defined(MBEDTLS_RIPEMD160_C)
if( !strcasecmp( "RIPEMD160", md_name ) ) if( !strcasecmp( "RIPEMD160", md_name ) )
return md_info_from_type( POLARSSL_MD_RIPEMD160 ); return mbedtls_md_info_from_type( MBEDTLS_MD_RIPEMD160 );
#endif #endif
#if defined(POLARSSL_SHA1_C) #if defined(MBEDTLS_SHA1_C)
if( !strcasecmp( "SHA1", md_name ) || !strcasecmp( "SHA", md_name ) ) if( !strcasecmp( "SHA1", md_name ) || !strcasecmp( "SHA", md_name ) )
return md_info_from_type( POLARSSL_MD_SHA1 ); return mbedtls_md_info_from_type( MBEDTLS_MD_SHA1 );
#endif #endif
#if defined(POLARSSL_SHA256_C) #if defined(MBEDTLS_SHA256_C)
if( !strcasecmp( "SHA224", md_name ) ) if( !strcasecmp( "SHA224", md_name ) )
return md_info_from_type( POLARSSL_MD_SHA224 ); return mbedtls_md_info_from_type( MBEDTLS_MD_SHA224 );
if( !strcasecmp( "SHA256", md_name ) ) if( !strcasecmp( "SHA256", md_name ) )
return md_info_from_type( POLARSSL_MD_SHA256 ); return mbedtls_md_info_from_type( MBEDTLS_MD_SHA256 );
#endif #endif
#if defined(POLARSSL_SHA512_C) #if defined(MBEDTLS_SHA512_C)
if( !strcasecmp( "SHA384", md_name ) ) if( !strcasecmp( "SHA384", md_name ) )
return md_info_from_type( POLARSSL_MD_SHA384 ); return mbedtls_md_info_from_type( MBEDTLS_MD_SHA384 );
if( !strcasecmp( "SHA512", md_name ) ) if( !strcasecmp( "SHA512", md_name ) )
return md_info_from_type( POLARSSL_MD_SHA512 ); return mbedtls_md_info_from_type( MBEDTLS_MD_SHA512 );
#endif #endif
return( NULL ); return( NULL );
} }
const md_info_t *md_info_from_type( md_type_t md_type ) const mbedtls_md_info_t *mbedtls_md_info_from_type( mbedtls_md_type_t md_type )
{ {
switch( md_type ) switch( md_type )
{ {
#if defined(POLARSSL_MD2_C) #if defined(MBEDTLS_MD2_C)
case POLARSSL_MD_MD2: case MBEDTLS_MD_MD2:
return( &md2_info ); return( &mbedtls_md2_info );
#endif #endif
#if defined(POLARSSL_MD4_C) #if defined(MBEDTLS_MD4_C)
case POLARSSL_MD_MD4: case MBEDTLS_MD_MD4:
return( &md4_info ); return( &mbedtls_md4_info );
#endif #endif
#if defined(POLARSSL_MD5_C) #if defined(MBEDTLS_MD5_C)
case POLARSSL_MD_MD5: case MBEDTLS_MD_MD5:
return( &md5_info ); return( &mbedtls_md5_info );
#endif #endif
#if defined(POLARSSL_RIPEMD160_C) #if defined(MBEDTLS_RIPEMD160_C)
case POLARSSL_MD_RIPEMD160: case MBEDTLS_MD_RIPEMD160:
return( &ripemd160_info ); return( &mbedtls_ripemd160_info );
#endif #endif
#if defined(POLARSSL_SHA1_C) #if defined(MBEDTLS_SHA1_C)
case POLARSSL_MD_SHA1: case MBEDTLS_MD_SHA1:
return( &sha1_info ); return( &mbedtls_sha1_info );
#endif #endif
#if defined(POLARSSL_SHA256_C) #if defined(MBEDTLS_SHA256_C)
case POLARSSL_MD_SHA224: case MBEDTLS_MD_SHA224:
return( &sha224_info ); return( &mbedtls_sha224_info );
case POLARSSL_MD_SHA256: case MBEDTLS_MD_SHA256:
return( &sha256_info ); return( &mbedtls_sha256_info );
#endif #endif
#if defined(POLARSSL_SHA512_C) #if defined(MBEDTLS_SHA512_C)
case POLARSSL_MD_SHA384: case MBEDTLS_MD_SHA384:
return( &sha384_info ); return( &mbedtls_sha384_info );
case POLARSSL_MD_SHA512: case MBEDTLS_MD_SHA512:
return( &sha512_info ); return( &mbedtls_sha512_info );
#endif #endif
default: default:
return( NULL ); return( NULL );
} }
} }
void md_init( md_context_t *ctx ) void mbedtls_md_init( mbedtls_md_context_t *ctx )
{ {
memset( ctx, 0, sizeof( md_context_t ) ); memset( ctx, 0, sizeof( mbedtls_md_context_t ) );
} }
void md_free( md_context_t *ctx ) void mbedtls_md_free( mbedtls_md_context_t *ctx )
{ {
if( ctx == NULL || ctx->md_info == NULL ) if( ctx == NULL || ctx->md_info == NULL )
return; return;
@ -192,35 +192,35 @@ void md_free( md_context_t *ctx )
if( ctx->hmac_ctx != NULL ) if( ctx->hmac_ctx != NULL )
{ {
polarssl_zeroize( ctx->hmac_ctx, 2 * ctx->md_info->block_size ); mbedtls_zeroize( ctx->hmac_ctx, 2 * ctx->md_info->block_size );
polarssl_free( ctx->hmac_ctx ); mbedtls_free( ctx->hmac_ctx );
} }
polarssl_zeroize( ctx, sizeof( md_context_t ) ); mbedtls_zeroize( ctx, sizeof( mbedtls_md_context_t ) );
} }
#if ! defined(POLARSSL_DEPRECATED_REMOVED) #if ! defined(MBEDTLS_DEPRECATED_REMOVED)
int md_init_ctx( md_context_t *ctx, const md_info_t *md_info ) int mbedtls_md_init_ctx( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info )
{ {
return md_setup( ctx, md_info, 1 ); return mbedtls_md_setup( ctx, md_info, 1 );
} }
#endif #endif
int md_setup( md_context_t *ctx, const md_info_t *md_info, int hmac ) int mbedtls_md_setup( mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info, int hmac )
{ {
if( md_info == NULL || ctx == NULL ) if( md_info == NULL || ctx == NULL )
return( POLARSSL_ERR_MD_BAD_INPUT_DATA ); return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
if( ( ctx->md_ctx = md_info->ctx_alloc_func() ) == NULL ) if( ( ctx->md_ctx = md_info->ctx_alloc_func() ) == NULL )
return( POLARSSL_ERR_MD_ALLOC_FAILED ); return( MBEDTLS_ERR_MD_ALLOC_FAILED );
if( hmac != 0 ) if( hmac != 0 )
{ {
ctx->hmac_ctx = polarssl_malloc( 2 * md_info->block_size ); ctx->hmac_ctx = mbedtls_malloc( 2 * md_info->block_size );
if( ctx->hmac_ctx == NULL ) if( ctx->hmac_ctx == NULL )
{ {
md_info->ctx_free_func( ctx->md_ctx ); md_info->ctx_free_func( ctx->md_ctx );
return( POLARSSL_ERR_MD_ALLOC_FAILED ); return( MBEDTLS_ERR_MD_ALLOC_FAILED );
} }
} }
@ -229,78 +229,78 @@ int md_setup( md_context_t *ctx, const md_info_t *md_info, int hmac )
return( 0 ); return( 0 );
} }
int md_starts( md_context_t *ctx ) int mbedtls_md_starts( mbedtls_md_context_t *ctx )
{ {
if( ctx == NULL || ctx->md_info == NULL ) if( ctx == NULL || ctx->md_info == NULL )
return( POLARSSL_ERR_MD_BAD_INPUT_DATA ); return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
ctx->md_info->starts_func( ctx->md_ctx ); ctx->md_info->starts_func( ctx->md_ctx );
return( 0 ); return( 0 );
} }
int md_update( md_context_t *ctx, const unsigned char *input, size_t ilen ) int mbedtls_md_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen )
{ {
if( ctx == NULL || ctx->md_info == NULL ) if( ctx == NULL || ctx->md_info == NULL )
return( POLARSSL_ERR_MD_BAD_INPUT_DATA ); return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
ctx->md_info->update_func( ctx->md_ctx, input, ilen ); ctx->md_info->update_func( ctx->md_ctx, input, ilen );
return( 0 ); return( 0 );
} }
int md_finish( md_context_t *ctx, unsigned char *output ) int mbedtls_md_finish( mbedtls_md_context_t *ctx, unsigned char *output )
{ {
if( ctx == NULL || ctx->md_info == NULL ) if( ctx == NULL || ctx->md_info == NULL )
return( POLARSSL_ERR_MD_BAD_INPUT_DATA ); return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
ctx->md_info->finish_func( ctx->md_ctx, output ); ctx->md_info->finish_func( ctx->md_ctx, output );
return( 0 ); return( 0 );
} }
int md( const md_info_t *md_info, const unsigned char *input, size_t ilen, int mbedtls_md( const mbedtls_md_info_t *md_info, const unsigned char *input, size_t ilen,
unsigned char *output ) unsigned char *output )
{ {
if( md_info == NULL ) if( md_info == NULL )
return( POLARSSL_ERR_MD_BAD_INPUT_DATA ); return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
md_info->digest_func( input, ilen, output ); md_info->digest_func( input, ilen, output );
return( 0 ); return( 0 );
} }
int md_file( const md_info_t *md_info, const char *path, unsigned char *output ) int mbedtls_md_file( const mbedtls_md_info_t *md_info, const char *path, unsigned char *output )
{ {
#if defined(POLARSSL_FS_IO) #if defined(MBEDTLS_FS_IO)
int ret; int ret;
#endif #endif
if( md_info == NULL ) if( md_info == NULL )
return( POLARSSL_ERR_MD_BAD_INPUT_DATA ); return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
#if defined(POLARSSL_FS_IO) #if defined(MBEDTLS_FS_IO)
ret = md_info->file_func( path, output ); ret = md_info->file_func( path, output );
if( ret != 0 ) if( ret != 0 )
return( POLARSSL_ERR_MD_FILE_IO_ERROR + ret ); return( MBEDTLS_ERR_MD_FILE_IO_ERROR + ret );
return( ret ); return( ret );
#else #else
((void) path); ((void) path);
((void) output); ((void) output);
return( POLARSSL_ERR_MD_FEATURE_UNAVAILABLE ); return( MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE );
#endif /* POLARSSL_FS_IO */ #endif /* MBEDTLS_FS_IO */
} }
int md_hmac_starts( md_context_t *ctx, const unsigned char *key, size_t keylen ) int mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const unsigned char *key, size_t keylen )
{ {
unsigned char sum[POLARSSL_MD_MAX_SIZE]; unsigned char sum[MBEDTLS_MD_MAX_SIZE];
unsigned char *ipad, *opad; unsigned char *ipad, *opad;
size_t i; size_t i;
if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL ) if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
return( POLARSSL_ERR_MD_BAD_INPUT_DATA ); return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
if( keylen > (size_t) ctx->md_info->block_size ) if( keylen > (size_t) ctx->md_info->block_size )
{ {
@ -324,7 +324,7 @@ int md_hmac_starts( md_context_t *ctx, const unsigned char *key, size_t keylen )
opad[i] = (unsigned char)( opad[i] ^ key[i] ); opad[i] = (unsigned char)( opad[i] ^ key[i] );
} }
polarssl_zeroize( sum, sizeof( sum ) ); mbedtls_zeroize( sum, sizeof( sum ) );
ctx->md_info->starts_func( ctx->md_ctx ); ctx->md_info->starts_func( ctx->md_ctx );
ctx->md_info->update_func( ctx->md_ctx, ipad, ctx->md_info->block_size ); ctx->md_info->update_func( ctx->md_ctx, ipad, ctx->md_info->block_size );
@ -332,23 +332,23 @@ int md_hmac_starts( md_context_t *ctx, const unsigned char *key, size_t keylen )
return( 0 ); return( 0 );
} }
int md_hmac_update( md_context_t *ctx, const unsigned char *input, size_t ilen ) int mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const unsigned char *input, size_t ilen )
{ {
if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL ) if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
return( POLARSSL_ERR_MD_BAD_INPUT_DATA ); return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
ctx->md_info->update_func( ctx->md_ctx, input, ilen ); ctx->md_info->update_func( ctx->md_ctx, input, ilen );
return( 0 ); return( 0 );
} }
int md_hmac_finish( md_context_t *ctx, unsigned char *output ) int mbedtls_md_hmac_finish( mbedtls_md_context_t *ctx, unsigned char *output )
{ {
unsigned char tmp[POLARSSL_MD_MAX_SIZE]; unsigned char tmp[MBEDTLS_MD_MAX_SIZE];
unsigned char *opad; unsigned char *opad;
if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL ) if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
return( POLARSSL_ERR_MD_BAD_INPUT_DATA ); return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
opad = (unsigned char *) ctx->hmac_ctx + ctx->md_info->block_size; opad = (unsigned char *) ctx->hmac_ctx + ctx->md_info->block_size;
@ -361,12 +361,12 @@ int md_hmac_finish( md_context_t *ctx, unsigned char *output )
return( 0 ); return( 0 );
} }
int md_hmac_reset( md_context_t *ctx ) int mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx )
{ {
unsigned char *ipad; unsigned char *ipad;
if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL ) if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL )
return( POLARSSL_ERR_MD_BAD_INPUT_DATA ); return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
ipad = (unsigned char *) ctx->hmac_ctx; ipad = (unsigned char *) ctx->hmac_ctx;
@ -376,41 +376,41 @@ int md_hmac_reset( md_context_t *ctx )
return( 0 ); return( 0 );
} }
int md_hmac( const md_info_t *md_info, const unsigned char *key, size_t keylen, int mbedtls_md_hmac( const mbedtls_md_info_t *md_info, const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen, const unsigned char *input, size_t ilen,
unsigned char *output ) unsigned char *output )
{ {
md_context_t ctx; mbedtls_md_context_t ctx;
int ret; int ret;
if( md_info == NULL ) if( md_info == NULL )
return( POLARSSL_ERR_MD_BAD_INPUT_DATA ); return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
md_init( &ctx ); mbedtls_md_init( &ctx );
if( ( ret = md_setup( &ctx, md_info, 1 ) ) != 0 ) if( ( ret = mbedtls_md_setup( &ctx, md_info, 1 ) ) != 0 )
return( ret ); return( ret );
md_hmac_starts( &ctx, key, keylen ); mbedtls_md_hmac_starts( &ctx, key, keylen );
md_hmac_update( &ctx, input, ilen ); mbedtls_md_hmac_update( &ctx, input, ilen );
md_hmac_finish( &ctx, output ); mbedtls_md_hmac_finish( &ctx, output );
md_free( &ctx ); mbedtls_md_free( &ctx );
return( 0 ); return( 0 );
} }
int md_process( md_context_t *ctx, const unsigned char *data ) int mbedtls_md_process( mbedtls_md_context_t *ctx, const unsigned char *data )
{ {
if( ctx == NULL || ctx->md_info == NULL ) if( ctx == NULL || ctx->md_info == NULL )
return( POLARSSL_ERR_MD_BAD_INPUT_DATA ); return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
ctx->md_info->process_func( ctx->md_ctx, data ); ctx->md_info->process_func( ctx->md_ctx, data );
return( 0 ); return( 0 );
} }
unsigned char md_get_size( const md_info_t *md_info ) unsigned char mbedtls_md_get_size( const mbedtls_md_info_t *md_info )
{ {
if( md_info == NULL ) if( md_info == NULL )
return( 0 ); return( 0 );
@ -418,15 +418,15 @@ unsigned char md_get_size( const md_info_t *md_info )
return md_info->size; return md_info->size;
} }
md_type_t md_get_type( const md_info_t *md_info ) mbedtls_md_type_t mbedtls_md_get_type( const mbedtls_md_info_t *md_info )
{ {
if( md_info == NULL ) if( md_info == NULL )
return( POLARSSL_MD_NONE ); return( MBEDTLS_MD_NONE );
return md_info->type; return md_info->type;
} }
const char *md_get_name( const md_info_t *md_info ) const char *mbedtls_md_get_name( const mbedtls_md_info_t *md_info )
{ {
if( md_info == NULL ) if( md_info == NULL )
return( NULL ); return( NULL );
@ -434,4 +434,4 @@ const char *md_get_name( const md_info_t *md_info )
return md_info->name; return md_info->name;
} }
#endif /* POLARSSL_MD_C */ #endif /* MBEDTLS_MD_C */

104
library/md2.c
View File

@ -26,37 +26,37 @@
* http://www.ietf.org/rfc/rfc1319.txt * http://www.ietf.org/rfc/rfc1319.txt
*/ */
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h" #include "mbedtls/config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#if defined(POLARSSL_MD2_C) #if defined(MBEDTLS_MD2_C)
#include "mbedtls/md2.h" #include "mbedtls/md2.h"
#include <string.h> #include <string.h>
#if defined(POLARSSL_FS_IO) #if defined(MBEDTLS_FS_IO)
#include <stdio.h> #include <stdio.h>
#endif #endif
#if defined(POLARSSL_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
#if defined(POLARSSL_PLATFORM_C) #if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h" #include "mbedtls/platform.h"
#else #else
#include <stdio.h> #include <stdio.h>
#define polarssl_printf printf #define mbedtls_printf printf
#endif /* POLARSSL_PLATFORM_C */ #endif /* MBEDTLS_PLATFORM_C */
#endif /* POLARSSL_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */
/* Implementation that should never be optimized out by the compiler */ /* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) { static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0; volatile unsigned char *p = v; while( n-- ) *p++ = 0;
} }
#if !defined(POLARSSL_MD2_ALT) #if !defined(MBEDTLS_MD2_ALT)
static const unsigned char PI_SUBST[256] = static const unsigned char PI_SUBST[256] =
{ {
@ -88,23 +88,23 @@ static const unsigned char PI_SUBST[256] =
0x8D, 0x33, 0x9F, 0x11, 0x83, 0x14 0x8D, 0x33, 0x9F, 0x11, 0x83, 0x14
}; };
void md2_init( md2_context *ctx ) void mbedtls_md2_init( mbedtls_md2_context *ctx )
{ {
memset( ctx, 0, sizeof( md2_context ) ); memset( ctx, 0, sizeof( mbedtls_md2_context ) );
} }
void md2_free( md2_context *ctx ) void mbedtls_md2_free( mbedtls_md2_context *ctx )
{ {
if( ctx == NULL ) if( ctx == NULL )
return; return;
polarssl_zeroize( ctx, sizeof( md2_context ) ); mbedtls_zeroize( ctx, sizeof( mbedtls_md2_context ) );
} }
/* /*
* MD2 context setup * MD2 context setup
*/ */
void md2_starts( md2_context *ctx ) void mbedtls_md2_starts( mbedtls_md2_context *ctx )
{ {
memset( ctx->cksum, 0, 16 ); memset( ctx->cksum, 0, 16 );
memset( ctx->state, 0, 46 ); memset( ctx->state, 0, 46 );
@ -112,8 +112,8 @@ void md2_starts( md2_context *ctx )
ctx->left = 0; ctx->left = 0;
} }
#if !defined(POLARSSL_MD2_PROCESS_ALT) #if !defined(MBEDTLS_MD2_PROCESS_ALT)
void md2_process( md2_context *ctx ) void mbedtls_md2_process( mbedtls_md2_context *ctx )
{ {
int i, j; int i, j;
unsigned char t = 0; unsigned char t = 0;
@ -146,12 +146,12 @@ void md2_process( md2_context *ctx )
t = ctx->cksum[i]; t = ctx->cksum[i];
} }
} }
#endif /* !POLARSSL_MD2_PROCESS_ALT */ #endif /* !MBEDTLS_MD2_PROCESS_ALT */
/* /*
* MD2 process buffer * MD2 process buffer
*/ */
void md2_update( md2_context *ctx, const unsigned char *input, size_t ilen ) void mbedtls_md2_update( mbedtls_md2_context *ctx, const unsigned char *input, size_t ilen )
{ {
size_t fill; size_t fill;
@ -171,7 +171,7 @@ void md2_update( md2_context *ctx, const unsigned char *input, size_t ilen )
if( ctx->left == 16 ) if( ctx->left == 16 )
{ {
ctx->left = 0; ctx->left = 0;
md2_process( ctx ); mbedtls_md2_process( ctx );
} }
} }
} }
@ -179,7 +179,7 @@ void md2_update( md2_context *ctx, const unsigned char *input, size_t ilen )
/* /*
* MD2 final digest * MD2 final digest
*/ */
void md2_finish( md2_context *ctx, unsigned char output[16] ) void mbedtls_md2_finish( mbedtls_md2_context *ctx, unsigned char output[16] )
{ {
size_t i; size_t i;
unsigned char x; unsigned char x;
@ -189,65 +189,65 @@ void md2_finish( md2_context *ctx, unsigned char output[16] )
for( i = ctx->left; i < 16; i++ ) for( i = ctx->left; i < 16; i++ )
ctx->buffer[i] = x; ctx->buffer[i] = x;
md2_process( ctx ); mbedtls_md2_process( ctx );
memcpy( ctx->buffer, ctx->cksum, 16 ); memcpy( ctx->buffer, ctx->cksum, 16 );
md2_process( ctx ); mbedtls_md2_process( ctx );
memcpy( output, ctx->state, 16 ); memcpy( output, ctx->state, 16 );
} }
#endif /* !POLARSSL_MD2_ALT */ #endif /* !MBEDTLS_MD2_ALT */
/* /*
* output = MD2( input buffer ) * output = MD2( input buffer )
*/ */
void md2( const unsigned char *input, size_t ilen, unsigned char output[16] ) void mbedtls_md2( const unsigned char *input, size_t ilen, unsigned char output[16] )
{ {
md2_context ctx; mbedtls_md2_context ctx;
md2_init( &ctx ); mbedtls_md2_init( &ctx );
md2_starts( &ctx ); mbedtls_md2_starts( &ctx );
md2_update( &ctx, input, ilen ); mbedtls_md2_update( &ctx, input, ilen );
md2_finish( &ctx, output ); mbedtls_md2_finish( &ctx, output );
md2_free( &ctx ); mbedtls_md2_free( &ctx );
} }
#if defined(POLARSSL_FS_IO) #if defined(MBEDTLS_FS_IO)
/* /*
* output = MD2( file contents ) * output = MD2( file contents )
*/ */
int md2_file( const char *path, unsigned char output[16] ) int mbedtls_md2_file( const char *path, unsigned char output[16] )
{ {
FILE *f; FILE *f;
size_t n; size_t n;
md2_context ctx; mbedtls_md2_context ctx;
unsigned char buf[1024]; unsigned char buf[1024];
if( ( f = fopen( path, "rb" ) ) == NULL ) if( ( f = fopen( path, "rb" ) ) == NULL )
return( POLARSSL_ERR_MD2_FILE_IO_ERROR ); return( MBEDTLS_ERR_MD2_FILE_IO_ERROR );
md2_init( &ctx ); mbedtls_md2_init( &ctx );
md2_starts( &ctx ); mbedtls_md2_starts( &ctx );
while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 ) while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
md2_update( &ctx, buf, n ); mbedtls_md2_update( &ctx, buf, n );
md2_finish( &ctx, output ); mbedtls_md2_finish( &ctx, output );
md2_free( &ctx ); mbedtls_md2_free( &ctx );
if( ferror( f ) != 0 ) if( ferror( f ) != 0 )
{ {
fclose( f ); fclose( f );
return( POLARSSL_ERR_MD2_FILE_IO_ERROR ); return( MBEDTLS_ERR_MD2_FILE_IO_ERROR );
} }
fclose( f ); fclose( f );
return( 0 ); return( 0 );
} }
#endif /* POLARSSL_FS_IO */ #endif /* MBEDTLS_FS_IO */
#if defined(POLARSSL_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
/* /*
* RFC 1319 test vectors * RFC 1319 test vectors
@ -285,7 +285,7 @@ static const unsigned char md2_test_sum[7][16] =
/* /*
* Checkup routine * Checkup routine
*/ */
int md2_self_test( int verbose ) int mbedtls_md2_self_test( int verbose )
{ {
int i; int i;
unsigned char md2sum[16]; unsigned char md2sum[16];
@ -293,29 +293,29 @@ int md2_self_test( int verbose )
for( i = 0; i < 7; i++ ) for( i = 0; i < 7; i++ )
{ {
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( " MD2 test #%d: ", i + 1 ); mbedtls_printf( " MD2 test #%d: ", i + 1 );
md2( (unsigned char *) md2_test_str[i], mbedtls_md2( (unsigned char *) md2_test_str[i],
strlen( md2_test_str[i] ), md2sum ); strlen( md2_test_str[i] ), md2sum );
if( memcmp( md2sum, md2_test_sum[i], 16 ) != 0 ) if( memcmp( md2sum, md2_test_sum[i], 16 ) != 0 )
{ {
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "failed\n" ); mbedtls_printf( "failed\n" );
return( 1 ); return( 1 );
} }
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "passed\n" ); mbedtls_printf( "passed\n" );
} }
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "\n" ); mbedtls_printf( "\n" );
return( 0 ); return( 0 );
} }
#endif /* POLARSSL_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */
#endif /* POLARSSL_MD2_C */ #endif /* MBEDTLS_MD2_C */

106
library/md4.c
View File

@ -26,37 +26,37 @@
* http://www.ietf.org/rfc/rfc1320.txt * http://www.ietf.org/rfc/rfc1320.txt
*/ */
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h" #include "mbedtls/config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#if defined(POLARSSL_MD4_C) #if defined(MBEDTLS_MD4_C)
#include "mbedtls/md4.h" #include "mbedtls/md4.h"
#include <string.h> #include <string.h>
#if defined(POLARSSL_FS_IO) #if defined(MBEDTLS_FS_IO)
#include <stdio.h> #include <stdio.h>
#endif #endif
#if defined(POLARSSL_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
#if defined(POLARSSL_PLATFORM_C) #if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h" #include "mbedtls/platform.h"
#else #else
#include <stdio.h> #include <stdio.h>
#define polarssl_printf printf #define mbedtls_printf printf
#endif /* POLARSSL_PLATFORM_C */ #endif /* MBEDTLS_PLATFORM_C */
#endif /* POLARSSL_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */
/* Implementation that should never be optimized out by the compiler */ /* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) { static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0; volatile unsigned char *p = v; while( n-- ) *p++ = 0;
} }
#if !defined(POLARSSL_MD4_ALT) #if !defined(MBEDTLS_MD4_ALT)
/* /*
* 32-bit integer manipulation macros (little endian) * 32-bit integer manipulation macros (little endian)
@ -81,23 +81,23 @@ static void polarssl_zeroize( void *v, size_t n ) {
} }
#endif #endif
void md4_init( md4_context *ctx ) void mbedtls_md4_init( mbedtls_md4_context *ctx )
{ {
memset( ctx, 0, sizeof( md4_context ) ); memset( ctx, 0, sizeof( mbedtls_md4_context ) );
} }
void md4_free( md4_context *ctx ) void mbedtls_md4_free( mbedtls_md4_context *ctx )
{ {
if( ctx == NULL ) if( ctx == NULL )
return; return;
polarssl_zeroize( ctx, sizeof( md4_context ) ); mbedtls_zeroize( ctx, sizeof( mbedtls_md4_context ) );
} }
/* /*
* MD4 context setup * MD4 context setup
*/ */
void md4_starts( md4_context *ctx ) void mbedtls_md4_starts( mbedtls_md4_context *ctx )
{ {
ctx->total[0] = 0; ctx->total[0] = 0;
ctx->total[1] = 0; ctx->total[1] = 0;
@ -108,8 +108,8 @@ void md4_starts( md4_context *ctx )
ctx->state[3] = 0x10325476; ctx->state[3] = 0x10325476;
} }
#if !defined(POLARSSL_MD4_PROCESS_ALT) #if !defined(MBEDTLS_MD4_PROCESS_ALT)
void md4_process( md4_context *ctx, const unsigned char data[64] ) void mbedtls_md4_process( mbedtls_md4_context *ctx, const unsigned char data[64] )
{ {
uint32_t X[16], A, B, C, D; uint32_t X[16], A, B, C, D;
@ -211,12 +211,12 @@ void md4_process( md4_context *ctx, const unsigned char data[64] )
ctx->state[2] += C; ctx->state[2] += C;
ctx->state[3] += D; ctx->state[3] += D;
} }
#endif /* !POLARSSL_MD4_PROCESS_ALT */ #endif /* !MBEDTLS_MD4_PROCESS_ALT */
/* /*
* MD4 process buffer * MD4 process buffer
*/ */
void md4_update( md4_context *ctx, const unsigned char *input, size_t ilen ) void mbedtls_md4_update( mbedtls_md4_context *ctx, const unsigned char *input, size_t ilen )
{ {
size_t fill; size_t fill;
uint32_t left; uint32_t left;
@ -237,7 +237,7 @@ void md4_update( md4_context *ctx, const unsigned char *input, size_t ilen )
{ {
memcpy( (void *) (ctx->buffer + left), memcpy( (void *) (ctx->buffer + left),
(void *) input, fill ); (void *) input, fill );
md4_process( ctx, ctx->buffer ); mbedtls_md4_process( ctx, ctx->buffer );
input += fill; input += fill;
ilen -= fill; ilen -= fill;
left = 0; left = 0;
@ -245,7 +245,7 @@ void md4_update( md4_context *ctx, const unsigned char *input, size_t ilen )
while( ilen >= 64 ) while( ilen >= 64 )
{ {
md4_process( ctx, input ); mbedtls_md4_process( ctx, input );
input += 64; input += 64;
ilen -= 64; ilen -= 64;
} }
@ -268,7 +268,7 @@ static const unsigned char md4_padding[64] =
/* /*
* MD4 final digest * MD4 final digest
*/ */
void md4_finish( md4_context *ctx, unsigned char output[16] ) void mbedtls_md4_finish( mbedtls_md4_context *ctx, unsigned char output[16] )
{ {
uint32_t last, padn; uint32_t last, padn;
uint32_t high, low; uint32_t high, low;
@ -284,8 +284,8 @@ void md4_finish( md4_context *ctx, unsigned char output[16] )
last = ctx->total[0] & 0x3F; last = ctx->total[0] & 0x3F;
padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last ); padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
md4_update( ctx, (unsigned char *) md4_padding, padn ); mbedtls_md4_update( ctx, (unsigned char *) md4_padding, padn );
md4_update( ctx, msglen, 8 ); mbedtls_md4_update( ctx, msglen, 8 );
PUT_UINT32_LE( ctx->state[0], output, 0 ); PUT_UINT32_LE( ctx->state[0], output, 0 );
PUT_UINT32_LE( ctx->state[1], output, 4 ); PUT_UINT32_LE( ctx->state[1], output, 4 );
@ -293,57 +293,57 @@ void md4_finish( md4_context *ctx, unsigned char output[16] )
PUT_UINT32_LE( ctx->state[3], output, 12 ); PUT_UINT32_LE( ctx->state[3], output, 12 );
} }
#endif /* !POLARSSL_MD4_ALT */ #endif /* !MBEDTLS_MD4_ALT */
/* /*
* output = MD4( input buffer ) * output = MD4( input buffer )
*/ */
void md4( const unsigned char *input, size_t ilen, unsigned char output[16] ) void mbedtls_md4( const unsigned char *input, size_t ilen, unsigned char output[16] )
{ {
md4_context ctx; mbedtls_md4_context ctx;
md4_init( &ctx ); mbedtls_md4_init( &ctx );
md4_starts( &ctx ); mbedtls_md4_starts( &ctx );
md4_update( &ctx, input, ilen ); mbedtls_md4_update( &ctx, input, ilen );
md4_finish( &ctx, output ); mbedtls_md4_finish( &ctx, output );
md4_free( &ctx ); mbedtls_md4_free( &ctx );
} }
#if defined(POLARSSL_FS_IO) #if defined(MBEDTLS_FS_IO)
/* /*
* output = MD4( file contents ) * output = MD4( file contents )
*/ */
int md4_file( const char *path, unsigned char output[16] ) int mbedtls_md4_file( const char *path, unsigned char output[16] )
{ {
FILE *f; FILE *f;
size_t n; size_t n;
md4_context ctx; mbedtls_md4_context ctx;
unsigned char buf[1024]; unsigned char buf[1024];
if( ( f = fopen( path, "rb" ) ) == NULL ) if( ( f = fopen( path, "rb" ) ) == NULL )
return( POLARSSL_ERR_MD4_FILE_IO_ERROR ); return( MBEDTLS_ERR_MD4_FILE_IO_ERROR );
md4_init( &ctx ); mbedtls_md4_init( &ctx );
md4_starts( &ctx ); mbedtls_md4_starts( &ctx );
while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 ) while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
md4_update( &ctx, buf, n ); mbedtls_md4_update( &ctx, buf, n );
md4_finish( &ctx, output ); mbedtls_md4_finish( &ctx, output );
md4_free( &ctx ); mbedtls_md4_free( &ctx );
if( ferror( f ) != 0 ) if( ferror( f ) != 0 )
{ {
fclose( f ); fclose( f );
return( POLARSSL_ERR_MD4_FILE_IO_ERROR ); return( MBEDTLS_ERR_MD4_FILE_IO_ERROR );
} }
fclose( f ); fclose( f );
return( 0 ); return( 0 );
} }
#endif /* POLARSSL_FS_IO */ #endif /* MBEDTLS_FS_IO */
#if defined(POLARSSL_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
/* /*
* RFC 1320 test vectors * RFC 1320 test vectors
@ -381,7 +381,7 @@ static const unsigned char md4_test_sum[7][16] =
/* /*
* Checkup routine * Checkup routine
*/ */
int md4_self_test( int verbose ) int mbedtls_md4_self_test( int verbose )
{ {
int i; int i;
unsigned char md4sum[16]; unsigned char md4sum[16];
@ -389,29 +389,29 @@ int md4_self_test( int verbose )
for( i = 0; i < 7; i++ ) for( i = 0; i < 7; i++ )
{ {
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( " MD4 test #%d: ", i + 1 ); mbedtls_printf( " MD4 test #%d: ", i + 1 );
md4( (unsigned char *) md4_test_str[i], mbedtls_md4( (unsigned char *) md4_test_str[i],
strlen( md4_test_str[i] ), md4sum ); strlen( md4_test_str[i] ), md4sum );
if( memcmp( md4sum, md4_test_sum[i], 16 ) != 0 ) if( memcmp( md4sum, md4_test_sum[i], 16 ) != 0 )
{ {
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "failed\n" ); mbedtls_printf( "failed\n" );
return( 1 ); return( 1 );
} }
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "passed\n" ); mbedtls_printf( "passed\n" );
} }
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "\n" ); mbedtls_printf( "\n" );
return( 0 ); return( 0 );
} }
#endif /* POLARSSL_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */
#endif /* POLARSSL_MD4_C */ #endif /* MBEDTLS_MD4_C */

106
library/md5.c
View File

@ -25,37 +25,37 @@
* http://www.ietf.org/rfc/rfc1321.txt * http://www.ietf.org/rfc/rfc1321.txt
*/ */
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h" #include "mbedtls/config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#if defined(POLARSSL_MD5_C) #if defined(MBEDTLS_MD5_C)
#include "mbedtls/md5.h" #include "mbedtls/md5.h"
#include <string.h> #include <string.h>
#if defined(POLARSSL_FS_IO) #if defined(MBEDTLS_FS_IO)
#include <stdio.h> #include <stdio.h>
#endif #endif
#if defined(POLARSSL_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
#if defined(POLARSSL_PLATFORM_C) #if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h" #include "mbedtls/platform.h"
#else #else
#include <stdio.h> #include <stdio.h>
#define polarssl_printf printf #define mbedtls_printf printf
#endif /* POLARSSL_PLATFORM_C */ #endif /* MBEDTLS_PLATFORM_C */
#endif /* POLARSSL_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */
/* Implementation that should never be optimized out by the compiler */ /* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) { static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0; volatile unsigned char *p = v; while( n-- ) *p++ = 0;
} }
#if !defined(POLARSSL_MD5_ALT) #if !defined(MBEDTLS_MD5_ALT)
/* /*
* 32-bit integer manipulation macros (little endian) * 32-bit integer manipulation macros (little endian)
@ -80,23 +80,23 @@ static void polarssl_zeroize( void *v, size_t n ) {
} }
#endif #endif
void md5_init( md5_context *ctx ) void mbedtls_md5_init( mbedtls_md5_context *ctx )
{ {
memset( ctx, 0, sizeof( md5_context ) ); memset( ctx, 0, sizeof( mbedtls_md5_context ) );
} }
void md5_free( md5_context *ctx ) void mbedtls_md5_free( mbedtls_md5_context *ctx )
{ {
if( ctx == NULL ) if( ctx == NULL )
return; return;
polarssl_zeroize( ctx, sizeof( md5_context ) ); mbedtls_zeroize( ctx, sizeof( mbedtls_md5_context ) );
} }
/* /*
* MD5 context setup * MD5 context setup
*/ */
void md5_starts( md5_context *ctx ) void mbedtls_md5_starts( mbedtls_md5_context *ctx )
{ {
ctx->total[0] = 0; ctx->total[0] = 0;
ctx->total[1] = 0; ctx->total[1] = 0;
@ -107,8 +107,8 @@ void md5_starts( md5_context *ctx )
ctx->state[3] = 0x10325476; ctx->state[3] = 0x10325476;
} }
#if !defined(POLARSSL_MD5_PROCESS_ALT) #if !defined(MBEDTLS_MD5_PROCESS_ALT)
void md5_process( md5_context *ctx, const unsigned char data[64] ) void mbedtls_md5_process( mbedtls_md5_context *ctx, const unsigned char data[64] )
{ {
uint32_t X[16], A, B, C, D; uint32_t X[16], A, B, C, D;
@ -230,12 +230,12 @@ void md5_process( md5_context *ctx, const unsigned char data[64] )
ctx->state[2] += C; ctx->state[2] += C;
ctx->state[3] += D; ctx->state[3] += D;
} }
#endif /* !POLARSSL_MD5_PROCESS_ALT */ #endif /* !MBEDTLS_MD5_PROCESS_ALT */
/* /*
* MD5 process buffer * MD5 process buffer
*/ */
void md5_update( md5_context *ctx, const unsigned char *input, size_t ilen ) void mbedtls_md5_update( mbedtls_md5_context *ctx, const unsigned char *input, size_t ilen )
{ {
size_t fill; size_t fill;
uint32_t left; uint32_t left;
@ -255,7 +255,7 @@ void md5_update( md5_context *ctx, const unsigned char *input, size_t ilen )
if( left && ilen >= fill ) if( left && ilen >= fill )
{ {
memcpy( (void *) (ctx->buffer + left), input, fill ); memcpy( (void *) (ctx->buffer + left), input, fill );
md5_process( ctx, ctx->buffer ); mbedtls_md5_process( ctx, ctx->buffer );
input += fill; input += fill;
ilen -= fill; ilen -= fill;
left = 0; left = 0;
@ -263,7 +263,7 @@ void md5_update( md5_context *ctx, const unsigned char *input, size_t ilen )
while( ilen >= 64 ) while( ilen >= 64 )
{ {
md5_process( ctx, input ); mbedtls_md5_process( ctx, input );
input += 64; input += 64;
ilen -= 64; ilen -= 64;
} }
@ -285,7 +285,7 @@ static const unsigned char md5_padding[64] =
/* /*
* MD5 final digest * MD5 final digest
*/ */
void md5_finish( md5_context *ctx, unsigned char output[16] ) void mbedtls_md5_finish( mbedtls_md5_context *ctx, unsigned char output[16] )
{ {
uint32_t last, padn; uint32_t last, padn;
uint32_t high, low; uint32_t high, low;
@ -301,8 +301,8 @@ void md5_finish( md5_context *ctx, unsigned char output[16] )
last = ctx->total[0] & 0x3F; last = ctx->total[0] & 0x3F;
padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last ); padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
md5_update( ctx, md5_padding, padn ); mbedtls_md5_update( ctx, md5_padding, padn );
md5_update( ctx, msglen, 8 ); mbedtls_md5_update( ctx, msglen, 8 );
PUT_UINT32_LE( ctx->state[0], output, 0 ); PUT_UINT32_LE( ctx->state[0], output, 0 );
PUT_UINT32_LE( ctx->state[1], output, 4 ); PUT_UINT32_LE( ctx->state[1], output, 4 );
@ -310,57 +310,57 @@ void md5_finish( md5_context *ctx, unsigned char output[16] )
PUT_UINT32_LE( ctx->state[3], output, 12 ); PUT_UINT32_LE( ctx->state[3], output, 12 );
} }
#endif /* !POLARSSL_MD5_ALT */ #endif /* !MBEDTLS_MD5_ALT */
/* /*
* output = MD5( input buffer ) * output = MD5( input buffer )
*/ */
void md5( const unsigned char *input, size_t ilen, unsigned char output[16] ) void mbedtls_md5( const unsigned char *input, size_t ilen, unsigned char output[16] )
{ {
md5_context ctx; mbedtls_md5_context ctx;
md5_init( &ctx ); mbedtls_md5_init( &ctx );
md5_starts( &ctx ); mbedtls_md5_starts( &ctx );
md5_update( &ctx, input, ilen ); mbedtls_md5_update( &ctx, input, ilen );
md5_finish( &ctx, output ); mbedtls_md5_finish( &ctx, output );
md5_free( &ctx ); mbedtls_md5_free( &ctx );
} }
#if defined(POLARSSL_FS_IO) #if defined(MBEDTLS_FS_IO)
/* /*
* output = MD5( file contents ) * output = MD5( file contents )
*/ */
int md5_file( const char *path, unsigned char output[16] ) int mbedtls_md5_file( const char *path, unsigned char output[16] )
{ {
FILE *f; FILE *f;
size_t n; size_t n;
md5_context ctx; mbedtls_md5_context ctx;
unsigned char buf[1024]; unsigned char buf[1024];
if( ( f = fopen( path, "rb" ) ) == NULL ) if( ( f = fopen( path, "rb" ) ) == NULL )
return( POLARSSL_ERR_MD5_FILE_IO_ERROR ); return( MBEDTLS_ERR_MD5_FILE_IO_ERROR );
md5_init( &ctx ); mbedtls_md5_init( &ctx );
md5_starts( &ctx ); mbedtls_md5_starts( &ctx );
while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 ) while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
md5_update( &ctx, buf, n ); mbedtls_md5_update( &ctx, buf, n );
md5_finish( &ctx, output ); mbedtls_md5_finish( &ctx, output );
md5_free( &ctx ); mbedtls_md5_free( &ctx );
if( ferror( f ) != 0 ) if( ferror( f ) != 0 )
{ {
fclose( f ); fclose( f );
return( POLARSSL_ERR_MD5_FILE_IO_ERROR ); return( MBEDTLS_ERR_MD5_FILE_IO_ERROR );
} }
fclose( f ); fclose( f );
return( 0 ); return( 0 );
} }
#endif /* POLARSSL_FS_IO */ #endif /* MBEDTLS_FS_IO */
#if defined(POLARSSL_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
/* /*
* RFC 1321 test vectors * RFC 1321 test vectors
*/ */
@ -402,7 +402,7 @@ static const unsigned char md5_test_sum[7][16] =
/* /*
* Checkup routine * Checkup routine
*/ */
int md5_self_test( int verbose ) int mbedtls_md5_self_test( int verbose )
{ {
int i; int i;
unsigned char md5sum[16]; unsigned char md5sum[16];
@ -410,28 +410,28 @@ int md5_self_test( int verbose )
for( i = 0; i < 7; i++ ) for( i = 0; i < 7; i++ )
{ {
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( " MD5 test #%d: ", i + 1 ); mbedtls_printf( " MD5 test #%d: ", i + 1 );
md5( md5_test_buf[i], md5_test_buflen[i], md5sum ); mbedtls_md5( md5_test_buf[i], md5_test_buflen[i], md5sum );
if( memcmp( md5sum, md5_test_sum[i], 16 ) != 0 ) if( memcmp( md5sum, md5_test_sum[i], 16 ) != 0 )
{ {
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "failed\n" ); mbedtls_printf( "failed\n" );
return( 1 ); return( 1 );
} }
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "passed\n" ); mbedtls_printf( "passed\n" );
} }
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "\n" ); mbedtls_printf( "\n" );
return( 0 ); return( 0 );
} }
#endif /* POLARSSL_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */
#endif /* POLARSSL_MD5_C */ #endif /* MBEDTLS_MD5_C */

308
library/md_wrap.c
View File

@ -24,441 +24,441 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h" #include "mbedtls/config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#if defined(POLARSSL_MD_C) #if defined(MBEDTLS_MD_C)
#include "mbedtls/md_wrap.h" #include "mbedtls/md_wrap.h"
#if defined(POLARSSL_MD2_C) #if defined(MBEDTLS_MD2_C)
#include "mbedtls/md2.h" #include "mbedtls/md2.h"
#endif #endif
#if defined(POLARSSL_MD4_C) #if defined(MBEDTLS_MD4_C)
#include "mbedtls/md4.h" #include "mbedtls/md4.h"
#endif #endif
#if defined(POLARSSL_MD5_C) #if defined(MBEDTLS_MD5_C)
#include "mbedtls/md5.h" #include "mbedtls/md5.h"
#endif #endif
#if defined(POLARSSL_RIPEMD160_C) #if defined(MBEDTLS_RIPEMD160_C)
#include "mbedtls/ripemd160.h" #include "mbedtls/ripemd160.h"
#endif #endif
#if defined(POLARSSL_SHA1_C) #if defined(MBEDTLS_SHA1_C)
#include "mbedtls/sha1.h" #include "mbedtls/sha1.h"
#endif #endif
#if defined(POLARSSL_SHA256_C) #if defined(MBEDTLS_SHA256_C)
#include "mbedtls/sha256.h" #include "mbedtls/sha256.h"
#endif #endif
#if defined(POLARSSL_SHA512_C) #if defined(MBEDTLS_SHA512_C)
#include "mbedtls/sha512.h" #include "mbedtls/sha512.h"
#endif #endif
#if defined(POLARSSL_PLATFORM_C) #if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h" #include "mbedtls/platform.h"
#else #else
#include <stdlib.h> #include <stdlib.h>
#define polarssl_malloc malloc #define mbedtls_malloc malloc
#define polarssl_free free #define mbedtls_free free
#endif #endif
/* Implementation that should never be optimized out by the compiler */ /* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) { static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0; volatile unsigned char *p = v; while( n-- ) *p++ = 0;
} }
#if defined(POLARSSL_MD2_C) #if defined(MBEDTLS_MD2_C)
static void md2_starts_wrap( void *ctx ) static void md2_starts_wrap( void *ctx )
{ {
md2_starts( (md2_context *) ctx ); mbedtls_md2_starts( (mbedtls_md2_context *) ctx );
} }
static void md2_update_wrap( void *ctx, const unsigned char *input, static void md2_update_wrap( void *ctx, const unsigned char *input,
size_t ilen ) size_t ilen )
{ {
md2_update( (md2_context *) ctx, input, ilen ); mbedtls_md2_update( (mbedtls_md2_context *) ctx, input, ilen );
} }
static void md2_finish_wrap( void *ctx, unsigned char *output ) static void md2_finish_wrap( void *ctx, unsigned char *output )
{ {
md2_finish( (md2_context *) ctx, output ); mbedtls_md2_finish( (mbedtls_md2_context *) ctx, output );
} }
static int md2_file_wrap( const char *path, unsigned char *output ) static int md2_file_wrap( const char *path, unsigned char *output )
{ {
#if defined(POLARSSL_FS_IO) #if defined(MBEDTLS_FS_IO)
return md2_file( path, output ); return mbedtls_md2_file( path, output );
#else #else
((void) path); ((void) path);
((void) output); ((void) output);
return( POLARSSL_ERR_MD_FEATURE_UNAVAILABLE ); return( MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE );
#endif #endif
} }
static void * md2_ctx_alloc( void ) static void * md2_ctx_alloc( void )
{ {
return polarssl_malloc( sizeof( md2_context ) ); return mbedtls_malloc( sizeof( mbedtls_md2_context ) );
} }
static void md2_ctx_free( void *ctx ) static void md2_ctx_free( void *ctx )
{ {
polarssl_zeroize( ctx, sizeof( md2_context ) ); mbedtls_zeroize( ctx, sizeof( mbedtls_md2_context ) );
polarssl_free( ctx ); mbedtls_free( ctx );
} }
static void md2_process_wrap( void *ctx, const unsigned char *data ) static void md2_process_wrap( void *ctx, const unsigned char *data )
{ {
((void) data); ((void) data);
md2_process( (md2_context *) ctx ); mbedtls_md2_process( (mbedtls_md2_context *) ctx );
} }
const md_info_t md2_info = { const mbedtls_md_info_t mbedtls_md2_info = {
POLARSSL_MD_MD2, MBEDTLS_MD_MD2,
"MD2", "MD2",
16, 16,
16, 16,
md2_starts_wrap, md2_starts_wrap,
md2_update_wrap, md2_update_wrap,
md2_finish_wrap, md2_finish_wrap,
md2, mbedtls_md2,
md2_file_wrap, md2_file_wrap,
md2_ctx_alloc, md2_ctx_alloc,
md2_ctx_free, md2_ctx_free,
md2_process_wrap, md2_process_wrap,
}; };
#endif /* POLARSSL_MD2_C */ #endif /* MBEDTLS_MD2_C */
#if defined(POLARSSL_MD4_C) #if defined(MBEDTLS_MD4_C)
static void md4_starts_wrap( void *ctx ) static void md4_starts_wrap( void *ctx )
{ {
md4_starts( (md4_context *) ctx ); mbedtls_md4_starts( (mbedtls_md4_context *) ctx );
} }
static void md4_update_wrap( void *ctx, const unsigned char *input, static void md4_update_wrap( void *ctx, const unsigned char *input,
size_t ilen ) size_t ilen )
{ {
md4_update( (md4_context *) ctx, input, ilen ); mbedtls_md4_update( (mbedtls_md4_context *) ctx, input, ilen );
} }
static void md4_finish_wrap( void *ctx, unsigned char *output ) static void md4_finish_wrap( void *ctx, unsigned char *output )
{ {
md4_finish( (md4_context *) ctx, output ); mbedtls_md4_finish( (mbedtls_md4_context *) ctx, output );
} }
static int md4_file_wrap( const char *path, unsigned char *output ) static int md4_file_wrap( const char *path, unsigned char *output )
{ {
#if defined(POLARSSL_FS_IO) #if defined(MBEDTLS_FS_IO)
return md4_file( path, output ); return mbedtls_md4_file( path, output );
#else #else
((void) path); ((void) path);
((void) output); ((void) output);
return( POLARSSL_ERR_MD_FEATURE_UNAVAILABLE ); return( MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE );
#endif #endif
} }
static void *md4_ctx_alloc( void ) static void *md4_ctx_alloc( void )
{ {
return polarssl_malloc( sizeof( md4_context ) ); return mbedtls_malloc( sizeof( mbedtls_md4_context ) );
} }
static void md4_ctx_free( void *ctx ) static void md4_ctx_free( void *ctx )
{ {
polarssl_zeroize( ctx, sizeof( md4_context ) ); mbedtls_zeroize( ctx, sizeof( mbedtls_md4_context ) );
polarssl_free( ctx ); mbedtls_free( ctx );
} }
static void md4_process_wrap( void *ctx, const unsigned char *data ) static void md4_process_wrap( void *ctx, const unsigned char *data )
{ {
md4_process( (md4_context *) ctx, data ); mbedtls_md4_process( (mbedtls_md4_context *) ctx, data );
} }
const md_info_t md4_info = { const mbedtls_md_info_t mbedtls_md4_info = {
POLARSSL_MD_MD4, MBEDTLS_MD_MD4,
"MD4", "MD4",
16, 16,
64, 64,
md4_starts_wrap, md4_starts_wrap,
md4_update_wrap, md4_update_wrap,
md4_finish_wrap, md4_finish_wrap,
md4, mbedtls_md4,
md4_file_wrap, md4_file_wrap,
md4_ctx_alloc, md4_ctx_alloc,
md4_ctx_free, md4_ctx_free,
md4_process_wrap, md4_process_wrap,
}; };
#endif /* POLARSSL_MD4_C */ #endif /* MBEDTLS_MD4_C */
#if defined(POLARSSL_MD5_C) #if defined(MBEDTLS_MD5_C)
static void md5_starts_wrap( void *ctx ) static void md5_starts_wrap( void *ctx )
{ {
md5_starts( (md5_context *) ctx ); mbedtls_md5_starts( (mbedtls_md5_context *) ctx );
} }
static void md5_update_wrap( void *ctx, const unsigned char *input, static void md5_update_wrap( void *ctx, const unsigned char *input,
size_t ilen ) size_t ilen )
{ {
md5_update( (md5_context *) ctx, input, ilen ); mbedtls_md5_update( (mbedtls_md5_context *) ctx, input, ilen );
} }
static void md5_finish_wrap( void *ctx, unsigned char *output ) static void md5_finish_wrap( void *ctx, unsigned char *output )
{ {
md5_finish( (md5_context *) ctx, output ); mbedtls_md5_finish( (mbedtls_md5_context *) ctx, output );
} }
static int md5_file_wrap( const char *path, unsigned char *output ) static int md5_file_wrap( const char *path, unsigned char *output )
{ {
#if defined(POLARSSL_FS_IO) #if defined(MBEDTLS_FS_IO)
return md5_file( path, output ); return mbedtls_md5_file( path, output );
#else #else
((void) path); ((void) path);
((void) output); ((void) output);
return( POLARSSL_ERR_MD_FEATURE_UNAVAILABLE ); return( MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE );
#endif #endif
} }
static void * md5_ctx_alloc( void ) static void * md5_ctx_alloc( void )
{ {
return polarssl_malloc( sizeof( md5_context ) ); return mbedtls_malloc( sizeof( mbedtls_md5_context ) );
} }
static void md5_ctx_free( void *ctx ) static void md5_ctx_free( void *ctx )
{ {
polarssl_zeroize( ctx, sizeof( md5_context ) ); mbedtls_zeroize( ctx, sizeof( mbedtls_md5_context ) );
polarssl_free( ctx ); mbedtls_free( ctx );
} }
static void md5_process_wrap( void *ctx, const unsigned char *data ) static void md5_process_wrap( void *ctx, const unsigned char *data )
{ {
md5_process( (md5_context *) ctx, data ); mbedtls_md5_process( (mbedtls_md5_context *) ctx, data );
} }
const md_info_t md5_info = { const mbedtls_md_info_t mbedtls_md5_info = {
POLARSSL_MD_MD5, MBEDTLS_MD_MD5,
"MD5", "MD5",
16, 16,
64, 64,
md5_starts_wrap, md5_starts_wrap,
md5_update_wrap, md5_update_wrap,
md5_finish_wrap, md5_finish_wrap,
md5, mbedtls_md5,
md5_file_wrap, md5_file_wrap,
md5_ctx_alloc, md5_ctx_alloc,
md5_ctx_free, md5_ctx_free,
md5_process_wrap, md5_process_wrap,
}; };
#endif /* POLARSSL_MD5_C */ #endif /* MBEDTLS_MD5_C */
#if defined(POLARSSL_RIPEMD160_C) #if defined(MBEDTLS_RIPEMD160_C)
static void ripemd160_starts_wrap( void *ctx ) static void ripemd160_starts_wrap( void *ctx )
{ {
ripemd160_starts( (ripemd160_context *) ctx ); mbedtls_ripemd160_starts( (mbedtls_ripemd160_context *) ctx );
} }
static void ripemd160_update_wrap( void *ctx, const unsigned char *input, static void ripemd160_update_wrap( void *ctx, const unsigned char *input,
size_t ilen ) size_t ilen )
{ {
ripemd160_update( (ripemd160_context *) ctx, input, ilen ); mbedtls_ripemd160_update( (mbedtls_ripemd160_context *) ctx, input, ilen );
} }
static void ripemd160_finish_wrap( void *ctx, unsigned char *output ) static void ripemd160_finish_wrap( void *ctx, unsigned char *output )
{ {
ripemd160_finish( (ripemd160_context *) ctx, output ); mbedtls_ripemd160_finish( (mbedtls_ripemd160_context *) ctx, output );
} }
static int ripemd160_file_wrap( const char *path, unsigned char *output ) static int ripemd160_file_wrap( const char *path, unsigned char *output )
{ {
#if defined(POLARSSL_FS_IO) #if defined(MBEDTLS_FS_IO)
return ripemd160_file( path, output ); return mbedtls_ripemd160_file( path, output );
#else #else
((void) path); ((void) path);
((void) output); ((void) output);
return( POLARSSL_ERR_MD_FEATURE_UNAVAILABLE ); return( MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE );
#endif #endif
} }
static void * ripemd160_ctx_alloc( void ) static void * ripemd160_ctx_alloc( void )
{ {
ripemd160_context *ctx; mbedtls_ripemd160_context *ctx;
ctx = polarssl_malloc( sizeof( ripemd160_context ) ); ctx = mbedtls_malloc( sizeof( mbedtls_ripemd160_context ) );
if( ctx == NULL ) if( ctx == NULL )
return( NULL ); return( NULL );
ripemd160_init( ctx ); mbedtls_ripemd160_init( ctx );
return( ctx ); return( ctx );
} }
static void ripemd160_ctx_free( void *ctx ) static void ripemd160_ctx_free( void *ctx )
{ {
ripemd160_free( (ripemd160_context *) ctx ); mbedtls_ripemd160_free( (mbedtls_ripemd160_context *) ctx );
polarssl_free( ctx ); mbedtls_free( ctx );
} }
static void ripemd160_process_wrap( void *ctx, const unsigned char *data ) static void ripemd160_process_wrap( void *ctx, const unsigned char *data )
{ {
ripemd160_process( (ripemd160_context *) ctx, data ); mbedtls_ripemd160_process( (mbedtls_ripemd160_context *) ctx, data );
} }
const md_info_t ripemd160_info = { const mbedtls_md_info_t mbedtls_ripemd160_info = {
POLARSSL_MD_RIPEMD160, MBEDTLS_MD_RIPEMD160,
"RIPEMD160", "RIPEMD160",
20, 20,
64, 64,
ripemd160_starts_wrap, ripemd160_starts_wrap,
ripemd160_update_wrap, ripemd160_update_wrap,
ripemd160_finish_wrap, ripemd160_finish_wrap,
ripemd160, mbedtls_ripemd160,
ripemd160_file_wrap, ripemd160_file_wrap,
ripemd160_ctx_alloc, ripemd160_ctx_alloc,
ripemd160_ctx_free, ripemd160_ctx_free,
ripemd160_process_wrap, ripemd160_process_wrap,
}; };
#endif /* POLARSSL_RIPEMD160_C */ #endif /* MBEDTLS_RIPEMD160_C */
#if defined(POLARSSL_SHA1_C) #if defined(MBEDTLS_SHA1_C)
static void sha1_starts_wrap( void *ctx ) static void sha1_starts_wrap( void *ctx )
{ {
sha1_starts( (sha1_context *) ctx ); mbedtls_sha1_starts( (mbedtls_sha1_context *) ctx );
} }
static void sha1_update_wrap( void *ctx, const unsigned char *input, static void sha1_update_wrap( void *ctx, const unsigned char *input,
size_t ilen ) size_t ilen )
{ {
sha1_update( (sha1_context *) ctx, input, ilen ); mbedtls_sha1_update( (mbedtls_sha1_context *) ctx, input, ilen );
} }
static void sha1_finish_wrap( void *ctx, unsigned char *output ) static void sha1_finish_wrap( void *ctx, unsigned char *output )
{ {
sha1_finish( (sha1_context *) ctx, output ); mbedtls_sha1_finish( (mbedtls_sha1_context *) ctx, output );
} }
static int sha1_file_wrap( const char *path, unsigned char *output ) static int sha1_file_wrap( const char *path, unsigned char *output )
{ {
#if defined(POLARSSL_FS_IO) #if defined(MBEDTLS_FS_IO)
return sha1_file( path, output ); return mbedtls_sha1_file( path, output );
#else #else
((void) path); ((void) path);
((void) output); ((void) output);
return( POLARSSL_ERR_MD_FEATURE_UNAVAILABLE ); return( MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE );
#endif #endif
} }
static void * sha1_ctx_alloc( void ) static void * sha1_ctx_alloc( void )
{ {
sha1_context *ctx; mbedtls_sha1_context *ctx;
ctx = polarssl_malloc( sizeof( sha1_context ) ); ctx = mbedtls_malloc( sizeof( mbedtls_sha1_context ) );
if( ctx == NULL ) if( ctx == NULL )
return( NULL ); return( NULL );
sha1_init( ctx ); mbedtls_sha1_init( ctx );
return( ctx ); return( ctx );
} }
static void sha1_ctx_free( void *ctx ) static void sha1_ctx_free( void *ctx )
{ {
sha1_free( (sha1_context *) ctx ); mbedtls_sha1_free( (mbedtls_sha1_context *) ctx );
polarssl_free( ctx ); mbedtls_free( ctx );
} }
static void sha1_process_wrap( void *ctx, const unsigned char *data ) static void sha1_process_wrap( void *ctx, const unsigned char *data )
{ {
sha1_process( (sha1_context *) ctx, data ); mbedtls_sha1_process( (mbedtls_sha1_context *) ctx, data );
} }
const md_info_t sha1_info = { const mbedtls_md_info_t mbedtls_sha1_info = {
POLARSSL_MD_SHA1, MBEDTLS_MD_SHA1,
"SHA1", "SHA1",
20, 20,
64, 64,
sha1_starts_wrap, sha1_starts_wrap,
sha1_update_wrap, sha1_update_wrap,
sha1_finish_wrap, sha1_finish_wrap,
sha1, mbedtls_sha1,
sha1_file_wrap, sha1_file_wrap,
sha1_ctx_alloc, sha1_ctx_alloc,
sha1_ctx_free, sha1_ctx_free,
sha1_process_wrap, sha1_process_wrap,
}; };
#endif /* POLARSSL_SHA1_C */ #endif /* MBEDTLS_SHA1_C */
/* /*
* Wrappers for generic message digests * Wrappers for generic message digests
*/ */
#if defined(POLARSSL_SHA256_C) #if defined(MBEDTLS_SHA256_C)
static void sha224_starts_wrap( void *ctx ) static void sha224_starts_wrap( void *ctx )
{ {
sha256_starts( (sha256_context *) ctx, 1 ); mbedtls_sha256_starts( (mbedtls_sha256_context *) ctx, 1 );
} }
static void sha224_update_wrap( void *ctx, const unsigned char *input, static void sha224_update_wrap( void *ctx, const unsigned char *input,
size_t ilen ) size_t ilen )
{ {
sha256_update( (sha256_context *) ctx, input, ilen ); mbedtls_sha256_update( (mbedtls_sha256_context *) ctx, input, ilen );
} }
static void sha224_finish_wrap( void *ctx, unsigned char *output ) static void sha224_finish_wrap( void *ctx, unsigned char *output )
{ {
sha256_finish( (sha256_context *) ctx, output ); mbedtls_sha256_finish( (mbedtls_sha256_context *) ctx, output );
} }
static void sha224_wrap( const unsigned char *input, size_t ilen, static void sha224_wrap( const unsigned char *input, size_t ilen,
unsigned char *output ) unsigned char *output )
{ {
sha256( input, ilen, output, 1 ); mbedtls_sha256( input, ilen, output, 1 );
} }
static int sha224_file_wrap( const char *path, unsigned char *output ) static int sha224_file_wrap( const char *path, unsigned char *output )
{ {
#if defined(POLARSSL_FS_IO) #if defined(MBEDTLS_FS_IO)
return sha256_file( path, output, 1 ); return mbedtls_sha256_file( path, output, 1 );
#else #else
((void) path); ((void) path);
((void) output); ((void) output);
return( POLARSSL_ERR_MD_FEATURE_UNAVAILABLE ); return( MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE );
#endif #endif
} }
static void * sha224_ctx_alloc( void ) static void * sha224_ctx_alloc( void )
{ {
return polarssl_malloc( sizeof( sha256_context ) ); return mbedtls_malloc( sizeof( mbedtls_sha256_context ) );
} }
static void sha224_ctx_free( void *ctx ) static void sha224_ctx_free( void *ctx )
{ {
polarssl_zeroize( ctx, sizeof( sha256_context ) ); mbedtls_zeroize( ctx, sizeof( mbedtls_sha256_context ) );
polarssl_free( ctx ); mbedtls_free( ctx );
} }
static void sha224_process_wrap( void *ctx, const unsigned char *data ) static void sha224_process_wrap( void *ctx, const unsigned char *data )
{ {
sha256_process( (sha256_context *) ctx, data ); mbedtls_sha256_process( (mbedtls_sha256_context *) ctx, data );
} }
const md_info_t sha224_info = { const mbedtls_md_info_t mbedtls_sha224_info = {
POLARSSL_MD_SHA224, MBEDTLS_MD_SHA224,
"SHA224", "SHA224",
28, 28,
64, 64,
@ -474,63 +474,63 @@ const md_info_t sha224_info = {
static void sha256_starts_wrap( void *ctx ) static void sha256_starts_wrap( void *ctx )
{ {
sha256_starts( (sha256_context *) ctx, 0 ); mbedtls_sha256_starts( (mbedtls_sha256_context *) ctx, 0 );
} }
static void sha256_update_wrap( void *ctx, const unsigned char *input, static void sha256_update_wrap( void *ctx, const unsigned char *input,
size_t ilen ) size_t ilen )
{ {
sha256_update( (sha256_context *) ctx, input, ilen ); mbedtls_sha256_update( (mbedtls_sha256_context *) ctx, input, ilen );
} }
static void sha256_finish_wrap( void *ctx, unsigned char *output ) static void sha256_finish_wrap( void *ctx, unsigned char *output )
{ {
sha256_finish( (sha256_context *) ctx, output ); mbedtls_sha256_finish( (mbedtls_sha256_context *) ctx, output );
} }
static void sha256_wrap( const unsigned char *input, size_t ilen, static void sha256_wrap( const unsigned char *input, size_t ilen,
unsigned char *output ) unsigned char *output )
{ {
sha256( input, ilen, output, 0 ); mbedtls_sha256( input, ilen, output, 0 );
} }
static int sha256_file_wrap( const char *path, unsigned char *output ) static int sha256_file_wrap( const char *path, unsigned char *output )
{ {
#if defined(POLARSSL_FS_IO) #if defined(MBEDTLS_FS_IO)
return sha256_file( path, output, 0 ); return mbedtls_sha256_file( path, output, 0 );
#else #else
((void) path); ((void) path);
((void) output); ((void) output);
return( POLARSSL_ERR_MD_FEATURE_UNAVAILABLE ); return( MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE );
#endif #endif
} }
static void * sha256_ctx_alloc( void ) static void * sha256_ctx_alloc( void )
{ {
sha256_context *ctx; mbedtls_sha256_context *ctx;
ctx = polarssl_malloc( sizeof( sha256_context ) ); ctx = mbedtls_malloc( sizeof( mbedtls_sha256_context ) );
if( ctx == NULL ) if( ctx == NULL )
return( NULL ); return( NULL );
sha256_init( ctx ); mbedtls_sha256_init( ctx );
return( ctx ); return( ctx );
} }
static void sha256_ctx_free( void *ctx ) static void sha256_ctx_free( void *ctx )
{ {
sha256_free( (sha256_context *) ctx ); mbedtls_sha256_free( (mbedtls_sha256_context *) ctx );
polarssl_free( ctx ); mbedtls_free( ctx );
} }
static void sha256_process_wrap( void *ctx, const unsigned char *data ) static void sha256_process_wrap( void *ctx, const unsigned char *data )
{ {
sha256_process( (sha256_context *) ctx, data ); mbedtls_sha256_process( (mbedtls_sha256_context *) ctx, data );
} }
const md_info_t sha256_info = { const mbedtls_md_info_t mbedtls_sha256_info = {
POLARSSL_MD_SHA256, MBEDTLS_MD_SHA256,
"SHA256", "SHA256",
32, 32,
64, 64,
@ -544,61 +544,61 @@ const md_info_t sha256_info = {
sha256_process_wrap, sha256_process_wrap,
}; };
#endif /* POLARSSL_SHA256_C */ #endif /* MBEDTLS_SHA256_C */
#if defined(POLARSSL_SHA512_C) #if defined(MBEDTLS_SHA512_C)
static void sha384_starts_wrap( void *ctx ) static void sha384_starts_wrap( void *ctx )
{ {
sha512_starts( (sha512_context *) ctx, 1 ); mbedtls_sha512_starts( (mbedtls_sha512_context *) ctx, 1 );
} }
static void sha384_update_wrap( void *ctx, const unsigned char *input, static void sha384_update_wrap( void *ctx, const unsigned char *input,
size_t ilen ) size_t ilen )
{ {
sha512_update( (sha512_context *) ctx, input, ilen ); mbedtls_sha512_update( (mbedtls_sha512_context *) ctx, input, ilen );
} }
static void sha384_finish_wrap( void *ctx, unsigned char *output ) static void sha384_finish_wrap( void *ctx, unsigned char *output )
{ {
sha512_finish( (sha512_context *) ctx, output ); mbedtls_sha512_finish( (mbedtls_sha512_context *) ctx, output );
} }
static void sha384_wrap( const unsigned char *input, size_t ilen, static void sha384_wrap( const unsigned char *input, size_t ilen,
unsigned char *output ) unsigned char *output )
{ {
sha512( input, ilen, output, 1 ); mbedtls_sha512( input, ilen, output, 1 );
} }
static int sha384_file_wrap( const char *path, unsigned char *output ) static int sha384_file_wrap( const char *path, unsigned char *output )
{ {
#if defined(POLARSSL_FS_IO) #if defined(MBEDTLS_FS_IO)
return sha512_file( path, output, 1 ); return mbedtls_sha512_file( path, output, 1 );
#else #else
((void) path); ((void) path);
((void) output); ((void) output);
return( POLARSSL_ERR_MD_FEATURE_UNAVAILABLE ); return( MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE );
#endif #endif
} }
static void * sha384_ctx_alloc( void ) static void * sha384_ctx_alloc( void )
{ {
return polarssl_malloc( sizeof( sha512_context ) ); return mbedtls_malloc( sizeof( mbedtls_sha512_context ) );
} }
static void sha384_ctx_free( void *ctx ) static void sha384_ctx_free( void *ctx )
{ {
polarssl_zeroize( ctx, sizeof( sha512_context ) ); mbedtls_zeroize( ctx, sizeof( mbedtls_sha512_context ) );
polarssl_free( ctx ); mbedtls_free( ctx );
} }
static void sha384_process_wrap( void *ctx, const unsigned char *data ) static void sha384_process_wrap( void *ctx, const unsigned char *data )
{ {
sha512_process( (sha512_context *) ctx, data ); mbedtls_sha512_process( (mbedtls_sha512_context *) ctx, data );
} }
const md_info_t sha384_info = { const mbedtls_md_info_t mbedtls_sha384_info = {
POLARSSL_MD_SHA384, MBEDTLS_MD_SHA384,
"SHA384", "SHA384",
48, 48,
128, 128,
@ -614,63 +614,63 @@ const md_info_t sha384_info = {
static void sha512_starts_wrap( void *ctx ) static void sha512_starts_wrap( void *ctx )
{ {
sha512_starts( (sha512_context *) ctx, 0 ); mbedtls_sha512_starts( (mbedtls_sha512_context *) ctx, 0 );
} }
static void sha512_update_wrap( void *ctx, const unsigned char *input, static void sha512_update_wrap( void *ctx, const unsigned char *input,
size_t ilen ) size_t ilen )
{ {
sha512_update( (sha512_context *) ctx, input, ilen ); mbedtls_sha512_update( (mbedtls_sha512_context *) ctx, input, ilen );
} }
static void sha512_finish_wrap( void *ctx, unsigned char *output ) static void sha512_finish_wrap( void *ctx, unsigned char *output )
{ {
sha512_finish( (sha512_context *) ctx, output ); mbedtls_sha512_finish( (mbedtls_sha512_context *) ctx, output );
} }
static void sha512_wrap( const unsigned char *input, size_t ilen, static void sha512_wrap( const unsigned char *input, size_t ilen,
unsigned char *output ) unsigned char *output )
{ {
sha512( input, ilen, output, 0 ); mbedtls_sha512( input, ilen, output, 0 );
} }
static int sha512_file_wrap( const char *path, unsigned char *output ) static int sha512_file_wrap( const char *path, unsigned char *output )
{ {
#if defined(POLARSSL_FS_IO) #if defined(MBEDTLS_FS_IO)
return sha512_file( path, output, 0 ); return mbedtls_sha512_file( path, output, 0 );
#else #else
((void) path); ((void) path);
((void) output); ((void) output);
return( POLARSSL_ERR_MD_FEATURE_UNAVAILABLE ); return( MBEDTLS_ERR_MD_FEATURE_UNAVAILABLE );
#endif #endif
} }
static void * sha512_ctx_alloc( void ) static void * sha512_ctx_alloc( void )
{ {
sha512_context *ctx; mbedtls_sha512_context *ctx;
ctx = polarssl_malloc( sizeof( sha512_context ) ); ctx = mbedtls_malloc( sizeof( mbedtls_sha512_context ) );
if( ctx == NULL ) if( ctx == NULL )
return( NULL ); return( NULL );
sha512_init( ctx ); mbedtls_sha512_init( ctx );
return( ctx ); return( ctx );
} }
static void sha512_ctx_free( void *ctx ) static void sha512_ctx_free( void *ctx )
{ {
sha512_free( (sha512_context *) ctx ); mbedtls_sha512_free( (mbedtls_sha512_context *) ctx );
polarssl_free( ctx ); mbedtls_free( ctx );
} }
static void sha512_process_wrap( void *ctx, const unsigned char *data ) static void sha512_process_wrap( void *ctx, const unsigned char *data )
{ {
sha512_process( (sha512_context *) ctx, data ); mbedtls_sha512_process( (mbedtls_sha512_context *) ctx, data );
} }
const md_info_t sha512_info = { const mbedtls_md_info_t mbedtls_sha512_info = {
POLARSSL_MD_SHA512, MBEDTLS_MD_SHA512,
"SHA512", "SHA512",
64, 64,
128, 128,
@ -684,6 +684,6 @@ const md_info_t sha512_info = {
sha512_process_wrap, sha512_process_wrap,
}; };
#endif /* POLARSSL_SHA512_C */ #endif /* MBEDTLS_SHA512_C */
#endif /* POLARSSL_MD_C */ #endif /* MBEDTLS_MD_C */

292
library/memory_buffer_alloc.c
View File

@ -20,31 +20,31 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/ */
#if !defined(POLARSSL_CONFIG_FILE) #if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h" #include "mbedtls/config.h"
#else #else
#include POLARSSL_CONFIG_FILE #include MBEDTLS_CONFIG_FILE
#endif #endif
#if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C) #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C)
#include "mbedtls/memory_buffer_alloc.h" #include "mbedtls/memory_buffer_alloc.h"
/* No need for the header guard as POLARSSL_MEMORY_BUFFER_ALLOC_C /* No need for the header guard as MBEDTLS_MEMORY_BUFFER_ALLOC_C
is dependent upon POLARSSL_PLATFORM_C */ is dependent upon MBEDTLS_PLATFORM_C */
#include "mbedtls/platform.h" #include "mbedtls/platform.h"
#include <string.h> #include <string.h>
#if defined(POLARSSL_MEMORY_BACKTRACE) #if defined(MBEDTLS_MEMORY_BACKTRACE)
#include <execinfo.h> #include <execinfo.h>
#endif #endif
#if defined(POLARSSL_THREADING_C) #if defined(MBEDTLS_THREADING_C)
#include "mbedtls/threading.h" #include "mbedtls/threading.h"
#endif #endif
/* Implementation that should never be optimized out by the compiler */ /* Implementation that should never be optimized out by the compiler */
static void polarssl_zeroize( void *v, size_t n ) { static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0; volatile unsigned char *p = v; while( n-- ) *p++ = 0;
} }
@ -62,7 +62,7 @@ struct _memory_header
memory_header *next; memory_header *next;
memory_header *prev_free; memory_header *prev_free;
memory_header *next_free; memory_header *next_free;
#if defined(POLARSSL_MEMORY_BACKTRACE) #if defined(MBEDTLS_MEMORY_BACKTRACE)
char **trace; char **trace;
size_t trace_count; size_t trace_count;
#endif #endif
@ -76,7 +76,7 @@ typedef struct
memory_header *first; memory_header *first;
memory_header *first_free; memory_header *first_free;
int verify; int verify;
#if defined(POLARSSL_MEMORY_DEBUG) #if defined(MBEDTLS_MEMORY_DEBUG)
size_t malloc_count; size_t malloc_count;
size_t free_count; size_t free_count;
size_t total_used; size_t total_used;
@ -84,33 +84,33 @@ typedef struct
size_t header_count; size_t header_count;
size_t maximum_header_count; size_t maximum_header_count;
#endif #endif
#if defined(POLARSSL_THREADING_C) #if defined(MBEDTLS_THREADING_C)
threading_mutex_t mutex; mbedtls_threading_mutex_t mutex;
#endif #endif
} }
buffer_alloc_ctx; buffer_alloc_ctx;
static buffer_alloc_ctx heap; static buffer_alloc_ctx heap;
#if defined(POLARSSL_MEMORY_DEBUG) #if defined(MBEDTLS_MEMORY_DEBUG)
static void debug_header( memory_header *hdr ) static void debug_header( memory_header *hdr )
{ {
#if defined(POLARSSL_MEMORY_BACKTRACE) #if defined(MBEDTLS_MEMORY_BACKTRACE)
size_t i; size_t i;
#endif #endif
polarssl_fprintf( stderr, "HDR: PTR(%10zu), PREV(%10zu), NEXT(%10zu), " mbedtls_fprintf( stderr, "HDR: PTR(%10zu), PREV(%10zu), NEXT(%10zu), "
"ALLOC(%zu), SIZE(%10zu)\n", "ALLOC(%zu), SIZE(%10zu)\n",
(size_t) hdr, (size_t) hdr->prev, (size_t) hdr->next, (size_t) hdr, (size_t) hdr->prev, (size_t) hdr->next,
hdr->alloc, hdr->size ); hdr->alloc, hdr->size );
polarssl_fprintf( stderr, " FPREV(%10zu), FNEXT(%10zu)\n", mbedtls_fprintf( stderr, " FPREV(%10zu), FNEXT(%10zu)\n",
(size_t) hdr->prev_free, (size_t) hdr->next_free ); (size_t) hdr->prev_free, (size_t) hdr->next_free );
#if defined(POLARSSL_MEMORY_BACKTRACE) #if defined(MBEDTLS_MEMORY_BACKTRACE)
polarssl_fprintf( stderr, "TRACE: \n" ); mbedtls_fprintf( stderr, "TRACE: \n" );
for( i = 0; i < hdr->trace_count; i++ ) for( i = 0; i < hdr->trace_count; i++ )
polarssl_fprintf( stderr, "%s\n", hdr->trace[i] ); mbedtls_fprintf( stderr, "%s\n", hdr->trace[i] );
polarssl_fprintf( stderr, "\n" ); mbedtls_fprintf( stderr, "\n" );
#endif #endif
} }
@ -118,14 +118,14 @@ static void debug_chain()
{ {
memory_header *cur = heap.first; memory_header *cur = heap.first;
polarssl_fprintf( stderr, "\nBlock list\n" ); mbedtls_fprintf( stderr, "\nBlock list\n" );
while( cur != NULL ) while( cur != NULL )
{ {
debug_header( cur ); debug_header( cur );
cur = cur->next; cur = cur->next;
} }
polarssl_fprintf( stderr, "Free list\n" ); mbedtls_fprintf( stderr, "Free list\n" );
cur = heap.first_free; cur = heap.first_free;
while( cur != NULL ) while( cur != NULL )
@ -134,46 +134,46 @@ static void debug_chain()
cur = cur->next_free; cur = cur->next_free;
} }
} }
#endif /* POLARSSL_MEMORY_DEBUG */ #endif /* MBEDTLS_MEMORY_DEBUG */
static int verify_header( memory_header *hdr ) static int verify_header( memory_header *hdr )
{ {
if( hdr->magic1 != MAGIC1 ) if( hdr->magic1 != MAGIC1 )
{ {
#if defined(POLARSSL_MEMORY_DEBUG) #if defined(MBEDTLS_MEMORY_DEBUG)
polarssl_fprintf( stderr, "FATAL: MAGIC1 mismatch\n" ); mbedtls_fprintf( stderr, "FATAL: MAGIC1 mismatch\n" );
#endif #endif
return( 1 ); return( 1 );
} }
if( hdr->magic2 != MAGIC2 ) if( hdr->magic2 != MAGIC2 )
{ {
#if defined(POLARSSL_MEMORY_DEBUG) #if defined(MBEDTLS_MEMORY_DEBUG)
polarssl_fprintf( stderr, "FATAL: MAGIC2 mismatch\n" ); mbedtls_fprintf( stderr, "FATAL: MAGIC2 mismatch\n" );
#endif #endif
return( 1 ); return( 1 );
} }
if( hdr->alloc > 1 ) if( hdr->alloc > 1 )
{ {
#if defined(POLARSSL_MEMORY_DEBUG) #if defined(MBEDTLS_MEMORY_DEBUG)
polarssl_fprintf( stderr, "FATAL: alloc has illegal value\n" ); mbedtls_fprintf( stderr, "FATAL: alloc has illegal value\n" );
#endif #endif
return( 1 ); return( 1 );
} }
if( hdr->prev != NULL && hdr->prev == hdr->next ) if( hdr->prev != NULL && hdr->prev == hdr->next )
{ {
#if defined(POLARSSL_MEMORY_DEBUG) #if defined(MBEDTLS_MEMORY_DEBUG)
polarssl_fprintf( stderr, "FATAL: prev == next\n" ); mbedtls_fprintf( stderr, "FATAL: prev == next\n" );
#endif #endif
return( 1 ); return( 1 );
} }
if( hdr->prev_free != NULL && hdr->prev_free == hdr->next_free ) if( hdr->prev_free != NULL && hdr->prev_free == hdr->next_free )
{ {
#if defined(POLARSSL_MEMORY_DEBUG) #if defined(MBEDTLS_MEMORY_DEBUG)
polarssl_fprintf( stderr, "FATAL: prev_free == next_free\n" ); mbedtls_fprintf( stderr, "FATAL: prev_free == next_free\n" );
#endif #endif
return( 1 ); return( 1 );
} }
@ -187,8 +187,8 @@ static int verify_chain()
if( verify_header( heap.first ) != 0 ) if( verify_header( heap.first ) != 0 )
{ {
#if defined(POLARSSL_MEMORY_DEBUG) #if defined(MBEDTLS_MEMORY_DEBUG)
polarssl_fprintf( stderr, "FATAL: verification of first header " mbedtls_fprintf( stderr, "FATAL: verification of first header "
"failed\n" ); "failed\n" );
#endif #endif
return( 1 ); return( 1 );
@ -196,8 +196,8 @@ static int verify_chain()
if( heap.first->prev != NULL ) if( heap.first->prev != NULL )
{ {
#if defined(POLARSSL_MEMORY_DEBUG) #if defined(MBEDTLS_MEMORY_DEBUG)
polarssl_fprintf( stderr, "FATAL: verification failed: " mbedtls_fprintf( stderr, "FATAL: verification failed: "
"first->prev != NULL\n" ); "first->prev != NULL\n" );
#endif #endif
return( 1 ); return( 1 );
@ -207,8 +207,8 @@ static int verify_chain()
{ {
if( verify_header( cur ) != 0 ) if( verify_header( cur ) != 0 )
{ {
#if defined(POLARSSL_MEMORY_DEBUG) #if defined(MBEDTLS_MEMORY_DEBUG)
polarssl_fprintf( stderr, "FATAL: verification of header " mbedtls_fprintf( stderr, "FATAL: verification of header "
"failed\n" ); "failed\n" );
#endif #endif
return( 1 ); return( 1 );
@ -216,8 +216,8 @@ static int verify_chain()
if( cur->prev != prv ) if( cur->prev != prv )
{ {
#if defined(POLARSSL_MEMORY_DEBUG) #if defined(MBEDTLS_MEMORY_DEBUG)
polarssl_fprintf( stderr, "FATAL: verification failed: " mbedtls_fprintf( stderr, "FATAL: verification failed: "
"cur->prev != prv\n" ); "cur->prev != prv\n" );
#endif #endif
return( 1 ); return( 1 );
@ -234,7 +234,7 @@ static void *buffer_alloc_malloc( size_t len )
{ {
memory_header *new, *cur = heap.first_free; memory_header *new, *cur = heap.first_free;
unsigned char *p; unsigned char *p;
#if defined(POLARSSL_MEMORY_BACKTRACE) #if defined(MBEDTLS_MEMORY_BACKTRACE)
void *trace_buffer[MAX_BT]; void *trace_buffer[MAX_BT];
size_t trace_cnt; size_t trace_cnt;
#endif #endif
@ -242,10 +242,10 @@ static void *buffer_alloc_malloc( size_t len )
if( heap.buf == NULL || heap.first == NULL ) if( heap.buf == NULL || heap.first == NULL )
return( NULL ); return( NULL );
if( len % POLARSSL_MEMORY_ALIGN_MULTIPLE ) if( len % MBEDTLS_MEMORY_ALIGN_MULTIPLE )
{ {
len -= len % POLARSSL_MEMORY_ALIGN_MULTIPLE; len -= len % MBEDTLS_MEMORY_ALIGN_MULTIPLE;
len += POLARSSL_MEMORY_ALIGN_MULTIPLE; len += MBEDTLS_MEMORY_ALIGN_MULTIPLE;
} }
// Find block that fits // Find block that fits
@ -263,21 +263,21 @@ static void *buffer_alloc_malloc( size_t len )
if( cur->alloc != 0 ) if( cur->alloc != 0 )
{ {
#if defined(POLARSSL_MEMORY_DEBUG) #if defined(MBEDTLS_MEMORY_DEBUG)
polarssl_fprintf( stderr, "FATAL: block in free_list but allocated " mbedtls_fprintf( stderr, "FATAL: block in free_list but allocated "
"data\n" ); "data\n" );
#endif #endif
polarssl_exit( 1 ); mbedtls_exit( 1 );
} }
#if defined(POLARSSL_MEMORY_DEBUG) #if defined(MBEDTLS_MEMORY_DEBUG)
heap.malloc_count++; heap.malloc_count++;
#endif #endif
// Found location, split block if > memory_header + 4 room left // Found location, split block if > memory_header + 4 room left
// //
if( cur->size - len < sizeof(memory_header) + if( cur->size - len < sizeof(memory_header) +
POLARSSL_MEMORY_ALIGN_MULTIPLE ) MBEDTLS_MEMORY_ALIGN_MULTIPLE )
{ {
cur->alloc = 1; cur->alloc = 1;
@ -294,19 +294,19 @@ static void *buffer_alloc_malloc( size_t len )
cur->prev_free = NULL; cur->prev_free = NULL;
cur->next_free = NULL; cur->next_free = NULL;
#if defined(POLARSSL_MEMORY_DEBUG) #if defined(MBEDTLS_MEMORY_DEBUG)
heap.total_used += cur->size; heap.total_used += cur->size;
if( heap.total_used > heap.maximum_used ) if( heap.total_used > heap.maximum_used )
heap.maximum_used = heap.total_used; heap.maximum_used = heap.total_used;
#endif #endif
#if defined(POLARSSL_MEMORY_BACKTRACE) #if defined(MBEDTLS_MEMORY_BACKTRACE)
trace_cnt = backtrace( trace_buffer, MAX_BT ); trace_cnt = backtrace( trace_buffer, MAX_BT );
cur->trace = backtrace_symbols( trace_buffer, trace_cnt ); cur->trace = backtrace_symbols( trace_buffer, trace_cnt );
cur->trace_count = trace_cnt; cur->trace_count = trace_cnt;
#endif #endif
if( ( heap.verify & MEMORY_VERIFY_ALLOC ) && verify_chain() != 0 ) if( ( heap.verify & MBEDTLS_MEMORY_VERIFY_ALLOC ) && verify_chain() != 0 )
polarssl_exit( 1 ); mbedtls_exit( 1 );
return( ( (unsigned char *) cur ) + sizeof(memory_header) ); return( ( (unsigned char *) cur ) + sizeof(memory_header) );
} }
@ -318,7 +318,7 @@ static void *buffer_alloc_malloc( size_t len )
new->alloc = 0; new->alloc = 0;
new->prev = cur; new->prev = cur;
new->next = cur->next; new->next = cur->next;
#if defined(POLARSSL_MEMORY_BACKTRACE) #if defined(MBEDTLS_MEMORY_BACKTRACE)
new->trace = NULL; new->trace = NULL;
new->trace_count = 0; new->trace_count = 0;
#endif #endif
@ -346,7 +346,7 @@ static void *buffer_alloc_malloc( size_t len )
cur->prev_free = NULL; cur->prev_free = NULL;
cur->next_free = NULL; cur->next_free = NULL;
#if defined(POLARSSL_MEMORY_DEBUG) #if defined(MBEDTLS_MEMORY_DEBUG)
heap.header_count++; heap.header_count++;
if( heap.header_count > heap.maximum_header_count ) if( heap.header_count > heap.maximum_header_count )
heap.maximum_header_count = heap.header_count; heap.maximum_header_count = heap.header_count;
@ -354,14 +354,14 @@ static void *buffer_alloc_malloc( size_t len )
if( heap.total_used > heap.maximum_used ) if( heap.total_used > heap.maximum_used )
heap.maximum_used = heap.total_used; heap.maximum_used = heap.total_used;
#endif #endif
#if defined(POLARSSL_MEMORY_BACKTRACE) #if defined(MBEDTLS_MEMORY_BACKTRACE)
trace_cnt = backtrace( trace_buffer, MAX_BT ); trace_cnt = backtrace( trace_buffer, MAX_BT );
cur->trace = backtrace_symbols( trace_buffer, trace_cnt ); cur->trace = backtrace_symbols( trace_buffer, trace_cnt );
cur->trace_count = trace_cnt; cur->trace_count = trace_cnt;
#endif #endif
if( ( heap.verify & MEMORY_VERIFY_ALLOC ) && verify_chain() != 0 ) if( ( heap.verify & MBEDTLS_MEMORY_VERIFY_ALLOC ) && verify_chain() != 0 )
polarssl_exit( 1 ); mbedtls_exit( 1 );
return( ( (unsigned char *) cur ) + sizeof(memory_header) ); return( ( (unsigned char *) cur ) + sizeof(memory_header) );
} }
@ -376,31 +376,31 @@ static void buffer_alloc_free( void *ptr )
if( p < heap.buf || p > heap.buf + heap.len ) if( p < heap.buf || p > heap.buf + heap.len )
{ {
#if defined(POLARSSL_MEMORY_DEBUG) #if defined(MBEDTLS_MEMORY_DEBUG)
polarssl_fprintf( stderr, "FATAL: polarssl_free() outside of managed " mbedtls_fprintf( stderr, "FATAL: mbedtls_free() outside of managed "
"space\n" ); "space\n" );
#endif #endif
polarssl_exit( 1 ); mbedtls_exit( 1 );
} }
p -= sizeof(memory_header); p -= sizeof(memory_header);
hdr = (memory_header *) p; hdr = (memory_header *) p;
if( verify_header( hdr ) != 0 ) if( verify_header( hdr ) != 0 )
polarssl_exit( 1 ); mbedtls_exit( 1 );
if( hdr->alloc != 1 ) if( hdr->alloc != 1 )
{ {
#if defined(POLARSSL_MEMORY_DEBUG) #if defined(MBEDTLS_MEMORY_DEBUG)
polarssl_fprintf( stderr, "FATAL: polarssl_free() on unallocated " mbedtls_fprintf( stderr, "FATAL: mbedtls_free() on unallocated "
"data\n" ); "data\n" );
#endif #endif
polarssl_exit( 1 ); mbedtls_exit( 1 );
} }
hdr->alloc = 0; hdr->alloc = 0;
#if defined(POLARSSL_MEMORY_DEBUG) #if defined(MBEDTLS_MEMORY_DEBUG)
heap.free_count++; heap.free_count++;
heap.total_used -= hdr->size; heap.total_used -= hdr->size;
#endif #endif
@ -409,7 +409,7 @@ static void buffer_alloc_free( void *ptr )
// //
if( hdr->prev != NULL && hdr->prev->alloc == 0 ) if( hdr->prev != NULL && hdr->prev->alloc == 0 )
{ {
#if defined(POLARSSL_MEMORY_DEBUG) #if defined(MBEDTLS_MEMORY_DEBUG)
heap.header_count--; heap.header_count--;
#endif #endif
hdr->prev->size += sizeof(memory_header) + hdr->size; hdr->prev->size += sizeof(memory_header) + hdr->size;
@ -420,7 +420,7 @@ static void buffer_alloc_free( void *ptr )
if( hdr->next != NULL ) if( hdr->next != NULL )
hdr->next->prev = hdr; hdr->next->prev = hdr;
#if defined(POLARSSL_MEMORY_BACKTRACE) #if defined(MBEDTLS_MEMORY_BACKTRACE)
free( old->trace ); free( old->trace );
#endif #endif
memset( old, 0, sizeof(memory_header) ); memset( old, 0, sizeof(memory_header) );
@ -430,7 +430,7 @@ static void buffer_alloc_free( void *ptr )
// //
if( hdr->next != NULL && hdr->next->alloc == 0 ) if( hdr->next != NULL && hdr->next->alloc == 0 )
{ {
#if defined(POLARSSL_MEMORY_DEBUG) #if defined(MBEDTLS_MEMORY_DEBUG)
heap.header_count--; heap.header_count--;
#endif #endif
hdr->size += sizeof(memory_header) + hdr->next->size; hdr->size += sizeof(memory_header) + hdr->next->size;
@ -462,7 +462,7 @@ static void buffer_alloc_free( void *ptr )
if( hdr->next != NULL ) if( hdr->next != NULL )
hdr->next->prev = hdr; hdr->next->prev = hdr;
#if defined(POLARSSL_MEMORY_BACKTRACE) #if defined(MBEDTLS_MEMORY_BACKTRACE)
free( old->trace ); free( old->trace );
#endif #endif
memset( old, 0, sizeof(memory_header) ); memset( old, 0, sizeof(memory_header) );
@ -479,29 +479,29 @@ static void buffer_alloc_free( void *ptr )
heap.first_free = hdr; heap.first_free = hdr;
} }
#if defined(POLARSSL_MEMORY_BACKTRACE) #if defined(MBEDTLS_MEMORY_BACKTRACE)
hdr->trace = NULL; hdr->trace = NULL;
hdr->trace_count = 0; hdr->trace_count = 0;
#endif #endif
if( ( heap.verify & MEMORY_VERIFY_FREE ) && verify_chain() != 0 ) if( ( heap.verify & MBEDTLS_MEMORY_VERIFY_FREE ) && verify_chain() != 0 )
polarssl_exit( 1 ); mbedtls_exit( 1 );
} }
void memory_buffer_set_verify( int verify ) void mbedtls_memory_buffer_set_verify( int verify )
{ {
heap.verify = verify; heap.verify = verify;
} }
int memory_buffer_alloc_verify() int mbedtls_memory_buffer_alloc_verify()
{ {
return verify_chain(); return verify_chain();
} }
#if defined(POLARSSL_MEMORY_DEBUG) #if defined(MBEDTLS_MEMORY_DEBUG)
void memory_buffer_alloc_status() void mbedtls_memory_buffer_alloc_status()
{ {
polarssl_fprintf( stderr, mbedtls_fprintf( stderr,
"Current use: %zu blocks / %zu bytes, max: %zu blocks / " "Current use: %zu blocks / %zu bytes, max: %zu blocks / "
"%zu bytes (total %zu bytes), malloc / free: %zu / %zu\n", "%zu bytes (total %zu bytes), malloc / free: %zu / %zu\n",
heap.header_count, heap.total_used, heap.header_count, heap.total_used,
@ -511,71 +511,71 @@ void memory_buffer_alloc_status()
heap.malloc_count, heap.free_count ); heap.malloc_count, heap.free_count );
if( heap.first->next == NULL ) if( heap.first->next == NULL )
polarssl_fprintf( stderr, "All memory de-allocated in stack buffer\n" ); mbedtls_fprintf( stderr, "All memory de-allocated in stack buffer\n" );
else else
{ {
polarssl_fprintf( stderr, "Memory currently allocated:\n" ); mbedtls_fprintf( stderr, "Memory currently allocated:\n" );
debug_chain(); debug_chain();
} }
} }
void memory_buffer_alloc_max_get( size_t *max_used, size_t *max_blocks ) void mbedtls_memory_buffer_alloc_max_get( size_t *max_used, size_t *max_blocks )
{ {
*max_used = heap.maximum_used; *max_used = heap.maximum_used;
*max_blocks = heap.maximum_header_count; *max_blocks = heap.maximum_header_count;
} }
void memory_buffer_alloc_max_reset( void ) void mbedtls_memory_buffer_alloc_max_reset( void )
{ {
heap.maximum_used = 0; heap.maximum_used = 0;
heap.maximum_header_count = 0; heap.maximum_header_count = 0;
} }
void memory_buffer_alloc_cur_get( size_t *cur_used, size_t *cur_blocks ) void mbedtls_memory_buffer_alloc_cur_get( size_t *cur_used, size_t *cur_blocks )
{ {
*cur_used = heap.total_used; *cur_used = heap.total_used;
*cur_blocks = heap.header_count; *cur_blocks = heap.header_count;
} }
#endif /* POLARSSL_MEMORY_DEBUG */ #endif /* MBEDTLS_MEMORY_DEBUG */
#if defined(POLARSSL_THREADING_C) #if defined(MBEDTLS_THREADING_C)
static void *buffer_alloc_malloc_mutexed( size_t len ) static void *buffer_alloc_malloc_mutexed( size_t len )
{ {
void *buf; void *buf;
polarssl_mutex_lock( &heap.mutex ); mbedtls_mutex_lock( &heap.mutex );
buf = buffer_alloc_malloc( len ); buf = buffer_alloc_malloc( len );
polarssl_mutex_unlock( &heap.mutex ); mbedtls_mutex_unlock( &heap.mutex );
return( buf ); return( buf );
} }
static void buffer_alloc_free_mutexed( void *ptr ) static void buffer_alloc_free_mutexed( void *ptr )
{ {
polarssl_mutex_lock( &heap.mutex ); mbedtls_mutex_lock( &heap.mutex );
buffer_alloc_free( ptr ); buffer_alloc_free( ptr );
polarssl_mutex_unlock( &heap.mutex ); mbedtls_mutex_unlock( &heap.mutex );
} }
#endif /* POLARSSL_THREADING_C */ #endif /* MBEDTLS_THREADING_C */
int memory_buffer_alloc_init( unsigned char *buf, size_t len ) int mbedtls_memory_buffer_alloc_init( unsigned char *buf, size_t len )
{ {
memset( &heap, 0, sizeof(buffer_alloc_ctx) ); memset( &heap, 0, sizeof(buffer_alloc_ctx) );
memset( buf, 0, len ); memset( buf, 0, len );
#if defined(POLARSSL_THREADING_C) #if defined(MBEDTLS_THREADING_C)
polarssl_mutex_init( &heap.mutex ); mbedtls_mutex_init( &heap.mutex );
platform_set_malloc_free( buffer_alloc_malloc_mutexed, mbedtls_platform_set_malloc_free( buffer_alloc_malloc_mutexed,
buffer_alloc_free_mutexed ); buffer_alloc_free_mutexed );
#else #else
platform_set_malloc_free( buffer_alloc_malloc, buffer_alloc_free ); mbedtls_platform_set_malloc_free( buffer_alloc_malloc, buffer_alloc_free );
#endif #endif
if( (size_t) buf % POLARSSL_MEMORY_ALIGN_MULTIPLE ) if( (size_t) buf % MBEDTLS_MEMORY_ALIGN_MULTIPLE )
{ {
/* Adjust len first since buf is used in the computation */ /* Adjust len first since buf is used in the computation */
len -= POLARSSL_MEMORY_ALIGN_MULTIPLE len -= MBEDTLS_MEMORY_ALIGN_MULTIPLE
- (size_t) buf % POLARSSL_MEMORY_ALIGN_MULTIPLE; - (size_t) buf % MBEDTLS_MEMORY_ALIGN_MULTIPLE;
buf += POLARSSL_MEMORY_ALIGN_MULTIPLE buf += MBEDTLS_MEMORY_ALIGN_MULTIPLE
- (size_t) buf % POLARSSL_MEMORY_ALIGN_MULTIPLE; - (size_t) buf % MBEDTLS_MEMORY_ALIGN_MULTIPLE;
} }
heap.buf = buf; heap.buf = buf;
@ -589,21 +589,21 @@ int memory_buffer_alloc_init( unsigned char *buf, size_t len )
return( 0 ); return( 0 );
} }
void memory_buffer_alloc_free() void mbedtls_memory_buffer_alloc_free()
{ {
#if defined(POLARSSL_THREADING_C) #if defined(MBEDTLS_THREADING_C)
polarssl_mutex_free( &heap.mutex ); mbedtls_mutex_free( &heap.mutex );
#endif #endif
polarssl_zeroize( &heap, sizeof(buffer_alloc_ctx) ); mbedtls_zeroize( &heap, sizeof(buffer_alloc_ctx) );
} }
#if defined(POLARSSL_SELF_TEST) #if defined(MBEDTLS_SELF_TEST)
static int check_pointer( void *p ) static int check_pointer( void *p )
{ {
if( p == NULL ) if( p == NULL )
return( -1 ); return( -1 );
if( (size_t) p % POLARSSL_MEMORY_ALIGN_MULTIPLE != 0 ) if( (size_t) p % MBEDTLS_MEMORY_ALIGN_MULTIPLE != 0 )
return( -1 ); return( -1 );
return( 0 ); return( 0 );
@ -612,7 +612,7 @@ static int check_pointer( void *p )
static int check_all_free( ) static int check_all_free( )
{ {
if( if(
#if defined(POLARSSL_MEMORY_DEBUG) #if defined(MBEDTLS_MEMORY_DEBUG)
heap.total_used != 0 || heap.total_used != 0 ||
#endif #endif
heap.first != heap.first_free || heap.first != heap.first_free ||
@ -628,107 +628,107 @@ static int check_all_free( )
if( ! (condition) ) \ if( ! (condition) ) \
{ \ { \
if( verbose != 0 ) \ if( verbose != 0 ) \
polarssl_printf( "failed\n" ); \ mbedtls_printf( "failed\n" ); \
\ \
ret = 1; \ ret = 1; \
goto cleanup; \ goto cleanup; \
} }
int memory_buffer_alloc_self_test( int verbose ) int mbedtls_memory_buffer_alloc_self_test( int verbose )
{ {
unsigned char buf[1024]; unsigned char buf[1024];
unsigned char *p, *q, *r, *end; unsigned char *p, *q, *r, *end;
int ret = 0; int ret = 0;
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( " MBA test #1 (basic alloc-free cycle): " ); mbedtls_printf( " MBA test #1 (basic alloc-free cycle): " );
memory_buffer_alloc_init( buf, sizeof( buf ) ); mbedtls_memory_buffer_alloc_init( buf, sizeof( buf ) );
p = polarssl_malloc( 1 ); p = mbedtls_malloc( 1 );
q = polarssl_malloc( 128 ); q = mbedtls_malloc( 128 );
r = polarssl_malloc( 16 ); r = mbedtls_malloc( 16 );
TEST_ASSERT( check_pointer( p ) == 0 && TEST_ASSERT( check_pointer( p ) == 0 &&
check_pointer( q ) == 0 && check_pointer( q ) == 0 &&
check_pointer( r ) == 0 ); check_pointer( r ) == 0 );
polarssl_free( r ); mbedtls_free( r );
polarssl_free( q ); mbedtls_free( q );
polarssl_free( p ); mbedtls_free( p );
TEST_ASSERT( check_all_free( ) == 0 ); TEST_ASSERT( check_all_free( ) == 0 );
/* Memorize end to compare with the next test */ /* Memorize end to compare with the next test */
end = heap.buf + heap.len; end = heap.buf + heap.len;
memory_buffer_alloc_free( ); mbedtls_memory_buffer_alloc_free( );
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "passed\n" ); mbedtls_printf( "passed\n" );
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( " MBA test #2 (buf not aligned): " ); mbedtls_printf( " MBA test #2 (buf not aligned): " );
memory_buffer_alloc_init( buf + 1, sizeof( buf ) - 1 ); mbedtls_memory_buffer_alloc_init( buf + 1, sizeof( buf ) - 1 );
TEST_ASSERT( heap.buf + heap.len == end ); TEST_ASSERT( heap.buf + heap.len == end );
p = polarssl_malloc( 1 ); p = mbedtls_malloc( 1 );
q = polarssl_malloc( 128 ); q = mbedtls_malloc( 128 );
r = polarssl_malloc( 16 ); r = mbedtls_malloc( 16 );
TEST_ASSERT( check_pointer( p ) == 0 && TEST_ASSERT( check_pointer( p ) == 0 &&
check_pointer( q ) == 0 && check_pointer( q ) == 0 &&
check_pointer( r ) == 0 ); check_pointer( r ) == 0 );
polarssl_free( r ); mbedtls_free( r );
polarssl_free( q ); mbedtls_free( q );
polarssl_free( p ); mbedtls_free( p );
TEST_ASSERT( check_all_free( ) == 0 ); TEST_ASSERT( check_all_free( ) == 0 );
memory_buffer_alloc_free( ); mbedtls_memory_buffer_alloc_free( );
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "passed\n" ); mbedtls_printf( "passed\n" );
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( " MBA test #3 (full): " ); mbedtls_printf( " MBA test #3 (full): " );
memory_buffer_alloc_init( buf, sizeof( buf ) ); mbedtls_memory_buffer_alloc_init( buf, sizeof( buf ) );
p = polarssl_malloc( sizeof( buf ) - sizeof( memory_header ) ); p = mbedtls_malloc( sizeof( buf ) - sizeof( memory_header ) );
TEST_ASSERT( check_pointer( p ) == 0 ); TEST_ASSERT( check_pointer( p ) == 0 );
TEST_ASSERT( polarssl_malloc( 1 ) == NULL ); TEST_ASSERT( mbedtls_malloc( 1 ) == NULL );
polarssl_free( p ); mbedtls_free( p );
p = polarssl_malloc( sizeof( buf ) - 2 * sizeof( memory_header ) - 16 ); p = mbedtls_malloc( sizeof( buf ) - 2 * sizeof( memory_header ) - 16 );
q = polarssl_malloc( 16 ); q = mbedtls_malloc( 16 );
TEST_ASSERT( check_pointer( p ) == 0 && check_pointer( q ) == 0 ); TEST_ASSERT( check_pointer( p ) == 0 && check_pointer( q ) == 0 );
TEST_ASSERT( polarssl_malloc( 1 ) == NULL ); TEST_ASSERT( mbedtls_malloc( 1 ) == NULL );
polarssl_free( q ); mbedtls_free( q );
TEST_ASSERT( polarssl_malloc( 17 ) == NULL ); TEST_ASSERT( mbedtls_malloc( 17 ) == NULL );
polarssl_free( p ); mbedtls_free( p );
TEST_ASSERT( check_all_free( ) == 0 ); TEST_ASSERT( check_all_free( ) == 0 );
memory_buffer_alloc_free( ); mbedtls_memory_buffer_alloc_free( );
if( verbose != 0 ) if( verbose != 0 )
polarssl_printf( "passed\n" ); mbedtls_printf( "passed\n" );
cleanup: cleanup:
memory_buffer_alloc_free( ); mbedtls_memory_buffer_alloc_free( );
return( ret ); return( ret );
} }
#endif /* POLARSSL_SELF_TEST */ #endif /* MBEDTLS_SELF_TEST */
#endif /* POLARSSL_MEMORY_BUFFER_ALLOC_C */ #endif /* MBEDTLS_MEMORY_BUFFER_ALLOC_C */

Some files were not shown because too many files have changed in this diff Show More