rename des to hcrypto
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20466 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
@@ -0,0 +1 @@
|
||||
Makefile.in
|
||||
@@ -0,0 +1,974 @@
|
||||
2007-04-20 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* test_crypto.in: try generate a couple of rsa keys of
|
||||
diffrent (random) sizes, spelling.
|
||||
|
||||
* test_rsa.c: try generate a couple of rsa keys of
|
||||
diffrent (random) sizes.
|
||||
|
||||
2007-04-19 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* mdtest.c: stop leaking memory
|
||||
|
||||
* test_imath.c: fix warnings, make test into function.
|
||||
|
||||
* test_imath.c: shortest program causing the problem.
|
||||
|
||||
* test_imath.c: basic imath test
|
||||
|
||||
2007-04-18 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* test_cipher.c (test_cipher): avoid leaking memory
|
||||
|
||||
2007-04-17 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* rsa.c: plug memory leak
|
||||
|
||||
2007-04-16 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* Makefile.am: CLEANFILES += test.file
|
||||
|
||||
2007-04-15 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* Makefile.am: Add randi.h.
|
||||
|
||||
2007-04-11 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* rsa.c: spelling.
|
||||
|
||||
2007-02-01 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* rand.c: Name the random file ~/.rnd, this is the same as
|
||||
OpenSSL.
|
||||
|
||||
2007-01-31 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* rand-egd.c: Make get_bytes static.
|
||||
|
||||
* rand.c (RAND_write_file): default to failure.
|
||||
|
||||
2007-01-30 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* rand.c: Implement RAND_file_name.
|
||||
|
||||
* test_rand.c: test RAND_file_name().
|
||||
|
||||
* rand.c: Provide dummy implementation of RAND_file_name.
|
||||
|
||||
* rand.h: add RAND_file_name
|
||||
|
||||
2007-01-21 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* Makefile.am: clean more files
|
||||
|
||||
* rand-egd.c: access private functions though the RAND_METHOD
|
||||
switch, move global egd function to rand-egd.c
|
||||
|
||||
* rand-fortuna.c: access private functions though the RAND_METHOD
|
||||
switch
|
||||
|
||||
* rand-unix.c: unexport private functions.
|
||||
|
||||
* randi.h: Unexport internal functions.
|
||||
|
||||
* rand.c: access private functions though the RAND_METHOD switch,
|
||||
don't truncate the seed-file, move global egd function to
|
||||
rand-egd.c
|
||||
|
||||
* test_crypto.in: add basic random tests
|
||||
|
||||
* rand-egd.c: SGI cc doesn' like return void_returning_function();
|
||||
in a void returning function.
|
||||
|
||||
2007-01-20 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* test_rand.c: Allow select rand method.
|
||||
|
||||
* rand-unix.c: expose _hc_rand_unix_status
|
||||
|
||||
* randi.h: expose _hc_rand_unix_status and the internal
|
||||
RAND_METHODs
|
||||
|
||||
* rand.c: Implement RAND_load_file and RAND_write_file. Select
|
||||
UNIX random device if available, otherwise use Fortuna.
|
||||
|
||||
* Add EGD/PRNGD support
|
||||
|
||||
2007-01-17 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* fortuna: Add fortuna based on Marko Kreen's pgcrypt, no enabled yet
|
||||
|
||||
2007-01-11 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* test_rsa.c: if RAND is unhappy, don't run the tests.
|
||||
|
||||
* test_engine_dso.c: if RAND is unhappy, don't run the tests.
|
||||
|
||||
* imath/imath.c: Update to imath-1.8 from Michael Fromberger
|
||||
|
||||
Fixed a bug in s_udiv() affecting the computation of quotient
|
||||
digits. Thanks to Love Åstrand for isolating this bug. Also in
|
||||
this release, defining USELLONG=Y or USELLONG=N on the command
|
||||
line for make will switch support for the "long long" data type on
|
||||
or off without having to edit the Makefile. The default is still
|
||||
to permit use of "long long", even though the type is not standard
|
||||
ANSI C90.
|
||||
|
||||
* imath/imath.c (s_udiv): Allocate one more for q, remove debug
|
||||
printfs
|
||||
|
||||
2007-01-10 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* imath/imath.c (s_udiv): make a copy of a and b before we start
|
||||
to make sure there is something un-tainted to print in cause of
|
||||
failure. XXX remove this delta
|
||||
(s_embar): make static
|
||||
|
||||
2007-01-09 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* rsa.c: Correct the test if the rsa is a complete RSA private
|
||||
key.
|
||||
|
||||
2007-01-08 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* imath/imath.c: More verbose debugging in case of assertion
|
||||
failure. XXX temporary for AIX problem.
|
||||
|
||||
2007-01-06 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* rsa-imath.c: Fix a silly typo, and with that enable CRT since
|
||||
now it works.
|
||||
|
||||
* rsa-imath.c: With this crt works, but something is wrong in the
|
||||
key generation, so keep it turned off for now.
|
||||
|
||||
* test_rsa.c: Allow testing effect of key-blinding
|
||||
|
||||
* test_rsa.c: Add timing info to rsa keygen.
|
||||
|
||||
* rsa-imath.c: don't include <imath/rsamath.h>
|
||||
|
||||
2007-01-05 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* imath: prune off stuff we dont use
|
||||
|
||||
* imath/import.sh: Prune off stuff we don't use from imathsource
|
||||
|
||||
* Makefile.am: Prune off stuff we don't use from imathsource
|
||||
|
||||
* rsa-imath.c: Use mp_int_exptmod directly.
|
||||
|
||||
* imath/iprime.c: Use a larger table of small primes, cut down
|
||||
genenration in best cases to half compared to using a small table.
|
||||
|
||||
* rsa.h: add RSA_FLAG_NO_BLINDING
|
||||
|
||||
* rsa-imath.c: Add keyblinding, add a commented out CRT based RSA.
|
||||
|
||||
* rsa.c: Add iqmp.
|
||||
|
||||
2007-01-04 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* rsa.c: add missing ;
|
||||
|
||||
* rsa.c: Add i2d_RSAPrivateKey.
|
||||
|
||||
* rsa.h: Add i2d_RSAPrivateKey.
|
||||
|
||||
* test_rsa.c: test RSA_generate_key_ex
|
||||
|
||||
* rsa-imath.c: Add imath_rsa_generate_key.
|
||||
|
||||
2006-12-31 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* rsa.c: add RSA_generate_key_ex
|
||||
|
||||
* rsa.h: add RSA_generate_key_ex
|
||||
|
||||
2006-12-07 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* Makefile.am: CLEANFILES += test_crypto
|
||||
|
||||
2006-12-06 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* Makefile.am: Add rsakey.der to EXTRA_DIST.
|
||||
|
||||
2006-12-05 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* Makefile.am: Add test_crypto.in to EXTRA_DIST.
|
||||
|
||||
* test_crypto.in: Add more spaces to allow sh to parse this
|
||||
|
||||
* test_rsa.c: Explain what the fixed "sha1" checksum test tries to
|
||||
test.
|
||||
|
||||
* test_crypto.in: test rsa, dh and engine code
|
||||
|
||||
2006-12-04 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* Makefile.am: rsa and crypto engine test cases
|
||||
|
||||
* test_rsa.c: Make faster and less verbose
|
||||
|
||||
* rsakey.der: test rsa key
|
||||
|
||||
* test_rsa.c: Test rsa operations
|
||||
|
||||
* rsa-imath.c: Fix the rsa-decrypt failed case that been hauting
|
||||
me for a while.
|
||||
|
||||
2006-12-02 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* rsa-imath.c: Use mp_int_to_binary to encode bignums
|
||||
|
||||
* rsa-imath.c: Check if header is there
|
||||
|
||||
2006-11-27 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* rsa-imath.c: Return -1 for failure.
|
||||
|
||||
* rsa-imath.c: Its ok with smaller signatures.
|
||||
|
||||
* rsa-imath.c: Split error codes for now
|
||||
|
||||
2006-10-22 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* rsa.c: Try to not leak memory.
|
||||
|
||||
2006-10-21 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* rand-unix.c (unix_bytes): read until the other side give us all
|
||||
or fail.
|
||||
|
||||
* imath: import imath-1.7, fixes buffer overrun problems
|
||||
|
||||
* rsa.c (RSA_free): free the whole key
|
||||
|
||||
* test_engine_dso.c: Add more dh tests.
|
||||
|
||||
2006-10-20 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* imath/imath.c: Allocate more bits.
|
||||
|
||||
* dh-imath.c (dh_compute_key): fix signness test
|
||||
|
||||
* dh-imath.c: Try harder to generate a good keypair.
|
||||
|
||||
* dh-imath.c: Return -1 dh_compute_key on failure, pointed out by
|
||||
Olga Kornievskaia.
|
||||
|
||||
2006-10-19 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* Makefile.am: Add hash.h and des-tables.h.
|
||||
|
||||
* dh.c (DH_compute_key): return -1 on bad public key.
|
||||
|
||||
* rsa.c: remove stray ;
|
||||
|
||||
* engine.c: Does function typecasts instead of void * type-casts.
|
||||
|
||||
* evp.c: Does function typecasts instead of void * type-casts.
|
||||
|
||||
2006-10-16 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* Makefile.am: add rand-unix.c
|
||||
|
||||
* rand.c: Move out rand-unix functions from the core lib.
|
||||
|
||||
* rand-unix.c: Move out rand-unix functions from the core lib.
|
||||
|
||||
2006-10-15 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* hmac.c (HMAC_CTX_cleanup): destroy the EVP_MD_CTX, so it will be
|
||||
freed.
|
||||
|
||||
2006-10-14 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* bn.c: Drop heim_any.h, prefix der primitives with der_
|
||||
|
||||
* rsa.c: Drop heim_any.h.
|
||||
|
||||
2006-10-11 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* rsa.c (RSA_free): Call the meth->finish before releasing the
|
||||
engine.
|
||||
|
||||
2006-10-06 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* imath/imath.c: Cast argument to ctype(3) functions to (unsigned
|
||||
char).
|
||||
|
||||
* imath/imrat.c: Cast argument to ctype(3) functions to (unsigned
|
||||
char).
|
||||
|
||||
2006-09-22 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* ui.c (read_string): Try to not call signaction for signal 0 and
|
||||
use NSIG if it exists to determin how many signals there exists,
|
||||
also, only restore those signalhandlers that we got out.
|
||||
|
||||
Bug reported by and patch tested by Harald Barth.
|
||||
|
||||
2006-09-15 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* rsa-imath.c: Add commeted out test that exponent is > 3
|
||||
|
||||
2006-05-13 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* bn.c (BN_rand): avoid shadowing.
|
||||
|
||||
2006-05-12 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* rsa-imath.c: Fix the last one of the asserts.
|
||||
|
||||
2006-05-08 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* rand.c (get_device_fd): use /dev/urandom first.
|
||||
|
||||
* rctest.c: Less "pointer targets in passing argument differ in
|
||||
signedness" warnings.
|
||||
|
||||
* rc2test.c: Less "pointer targets in passing argument differ in
|
||||
signedness" warnings.
|
||||
|
||||
2006-05-07 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* rsa-imath.c: Fix a off by one.
|
||||
|
||||
* test_engine_dso.c: print the lengths when they don't match.
|
||||
|
||||
* engine.c (ENGINE_load_builtin_engines): use RSA_imath_method for
|
||||
the building engine.
|
||||
|
||||
* rsa.h: expose RSA_imath_method
|
||||
|
||||
* rsa.c (RSA_check_key): Do sign/verify instead.
|
||||
|
||||
* dsa.c: rename the DSA_METHOD
|
||||
|
||||
* dh.c: rename the DH_METHOD
|
||||
|
||||
* dh-imath.c: rename the DH_METHOD
|
||||
|
||||
* rsa.c: Default to use rsa-imath.
|
||||
|
||||
* Makefile.am: Add rsa-imath.c to libhcrypto
|
||||
|
||||
* rsa-imath.c: Add RSA support using imath.
|
||||
|
||||
2006-05-06 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* imath: Add imath-1.1.9
|
||||
|
||||
* dh.h: Expose DH_imath_method.
|
||||
|
||||
* Makefile.am: Add imath source, add test_engine_dso to TESTS.
|
||||
|
||||
* engine.c: Lets say we have RSA_null_method(), not really
|
||||
useable, but still.
|
||||
|
||||
* test_engine_dso.c: If there are no arguments, use the internal
|
||||
engine.
|
||||
|
||||
* engine.h: Cpp rename some ENGINE symbols.
|
||||
|
||||
* engine.c (ENGINE_load_builtin_engines): Load the internal
|
||||
engine.
|
||||
|
||||
* dh.c: Default to use DH-imath.
|
||||
|
||||
* dh.c (DH_check_pubkey): describe what the function do
|
||||
|
||||
2006-05-05 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* dh.c (DH_compute_key): check return status value from
|
||||
DH_check_pubkey
|
||||
|
||||
* Rename u_intXX_t to uintXX_t
|
||||
|
||||
2006-04-24 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* pkcs5.c: include <krb5-types.h>
|
||||
|
||||
* evp.c: Sprinkel some assertions.
|
||||
|
||||
* des.c: Move assertion and add another restriction, used as hint
|
||||
to beam that its ok
|
||||
|
||||
2006-04-23 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* rsa.c (RSA_check_key): don't do any checking if there is no
|
||||
private key
|
||||
|
||||
* engine.c (add_engine): reassign engines variable after realloc
|
||||
|
||||
2006-04-21 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* evp.h: Add EVP_get_cipherbyname, unbreak EVP_BytesToKey
|
||||
|
||||
* evp.h: Add prototype for EVP_BytesToKey
|
||||
|
||||
* evp.c: Add stub for EVP_BytesToKey
|
||||
|
||||
2006-04-20 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* dh.h: Add cpp-rename for DH_check_pubkey
|
||||
|
||||
2006-04-17 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* rand.h: Add more RAND functions.
|
||||
|
||||
* rand.c: Split out unix /dev/random to a RAND_METHOD
|
||||
|
||||
* engine.h: add RAND support
|
||||
|
||||
* engine.c: add RAND support
|
||||
|
||||
* evp.h: s/rc4_64/rc2_64/
|
||||
|
||||
* rand.c: Add RAND_METHOD and some associated functions.
|
||||
|
||||
* rand.h: Add RAND_METHOD and some associated functions.
|
||||
|
||||
* test_bn.c: Test BN_rand
|
||||
|
||||
2006-04-16 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* engine.c (ENGINE_by_dso): less printf
|
||||
|
||||
* rsa.h (i2d_RSAPublicKey): fix prototype
|
||||
|
||||
* rsa.c (i2d_RSAPublicKey): fix prototype
|
||||
|
||||
2006-04-15 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* evp.h: Add EVP_rc2_64_cbc
|
||||
|
||||
* evp.c: Add EVP_rc2_64_cbc
|
||||
|
||||
* evp.h: Add SHA-256 symbols.
|
||||
|
||||
* evp.c: Add SHA-256.
|
||||
|
||||
* sha.h: Add SHA-256 symbols.
|
||||
|
||||
* mdtest.c: Test SHA-256.
|
||||
|
||||
* sha256.c: Inital (naive) SHA-256 implementation.
|
||||
|
||||
2006-04-14 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* des.c (DES_cfb64_encrypt): add asserts that the *num pointers is
|
||||
>= 0, because if it is, its a programmer error.
|
||||
|
||||
2006-04-09 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* rc2.c (RC2_set_key): abort on erroneous input (len <= 0) size
|
||||
that will case out out bound indexing, and its invalid input.
|
||||
|
||||
* rsa.c: Make compile again.
|
||||
|
||||
2006-04-03 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* rsa.c: Implement i2d_RSAPublicKey
|
||||
|
||||
* rsa.h: Add i2d_RSAPublicKey
|
||||
|
||||
2006-03-07 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* Makefile.am: EVP interface depends on dlopen, add it to LIBFLAGS
|
||||
|
||||
2006-02-28 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* Makefile.am: Add pkcs5 files.
|
||||
|
||||
* test_pkcs5.c: Testcases for pkcs5 pbe2.
|
||||
|
||||
* pkcs5.c (PKCS5_PBKDF2_HMAC_SHA1): new function.
|
||||
|
||||
* hmac.c: Digest key when it exceeds block size, not when it
|
||||
exceeds the size of the output block.
|
||||
|
||||
2006-02-16 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* rand.c (RAND_bytes): Don't abort() on failure, return error.
|
||||
|
||||
* bn.c (BN_rand): check return value from RAND_bytes
|
||||
|
||||
2006-01-18 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* dh.c (DH_compute_key): check public key
|
||||
|
||||
* dh.h: Add DH_check_pubkey and defines it uses.
|
||||
|
||||
* dh.c (DH_check_pubkey): New function.
|
||||
|
||||
* bn.c: Remove unused fragment.
|
||||
|
||||
* test_bn.c: Compare numbers with BN_cmp().
|
||||
|
||||
2006-01-17 David Love <fx@gnu.org>
|
||||
|
||||
* bn.c: Include <limits.h>.
|
||||
|
||||
2006-01-13 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* *.h: use #include <hcrypto/...>
|
||||
|
||||
* Makefile.am: provide a symlink so the directory hcrypto/ seems
|
||||
to exists
|
||||
|
||||
* engine.h: Expose dsa symbols
|
||||
|
||||
* Makefile.am: Rename library to hcrypto and install headerfiles
|
||||
in hcrypto/.
|
||||
|
||||
* test_pkcs12.c: Test for PKCS12_key_gen.
|
||||
|
||||
* hmac.h: Drop HMAC_CTX_create and HMAC_CTX_destroy.
|
||||
|
||||
* engine.c (ENGINE_add_conf_module): Also load DH
|
||||
|
||||
* dh.h: Reorder includes to avoid compile errors, provide
|
||||
DH_new_method().
|
||||
|
||||
* dh.c: Indent.
|
||||
|
||||
* bn.c: BN_get_negative was really named BN_is_negative, a comment
|
||||
confused me.
|
||||
|
||||
* bn.h: BN_get_negative was really named BN_is_negative, a comment
|
||||
confused me.
|
||||
|
||||
* pkcs12.h: Add PKCS12_key_gen().
|
||||
|
||||
* pkcs12.c: Add PKCS12_key_gen().
|
||||
|
||||
* Makefile.am: Add test_cipher, test_pkcs12, add pkcs12.[ch].
|
||||
|
||||
* evp.c: Rename rc2_40_cbc internal variable to something better.
|
||||
Unbreak des-ede3-cbc.
|
||||
|
||||
2006-01-11 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* test_bn.c: Test BN_uadd.
|
||||
|
||||
* bn.c (BN_rand): don't leak memory on failure, catch malloc(0)
|
||||
case
|
||||
|
||||
* bn.c (BN_rand): clear the bits above the bits that user
|
||||
requested.
|
||||
(BN_uadd): new function.
|
||||
|
||||
* bn.h (BN_uadd): new function.
|
||||
|
||||
2006-01-10 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* evp.c (EVP_CIPHER_CTX_cleanup): clean up less aggressively
|
||||
|
||||
* Makefile.am (check_PROGRAMS): add test_hmac
|
||||
|
||||
* test_hmac.c: Simple regression test for HMAC.
|
||||
|
||||
* hmac.c: Make hmac work.
|
||||
|
||||
* evp.c: return the right blocksize for digests.
|
||||
|
||||
2006-01-09 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* test_engine_dso.c: Add test for DH.
|
||||
|
||||
* dh.c: Add DH_new_method, add ENGINE refcounting.
|
||||
|
||||
* engine.[ch]: Add ENGINE_set_default_DH and ENGINE_get_default_DH
|
||||
|
||||
* test_engine_dso.c: Add test for RSA encryption.
|
||||
|
||||
2006-01-08 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* test_engine_dso.c: Add test for RSA.
|
||||
|
||||
* implement enough glue to support OpenSSLs EVP, RSA, DSA, DH,
|
||||
HMAC, RAND and ENGINE interfaces for use in hx509. rename all
|
||||
symbols to start with hc_ to avoid clobbering namespaces. contains
|
||||
no RSA/DH/DSA code, just glue to support using dynamic
|
||||
ENGINE. hx509 supports this via pkcs11 and there is a gmp ENGINE
|
||||
module supporting RSA. Also contains a MD2 digest for completion.
|
||||
|
||||
2005-07-20 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* des.c,des.h,rnd_keys.c: change unsigned char * to void *
|
||||
|
||||
2005-06-30 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* rnd_keys.c: const poision for unwriteable strings
|
||||
|
||||
2005-06-19 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* des.c,aes.c,rc2.c: Rename parameter, as encrypt shadows a
|
||||
global, from Andrew Bartlett
|
||||
|
||||
2005-06-02 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* rnd_keys.c: Include <stdlib.h> for srandom/random.
|
||||
|
||||
2005-05-29 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* des.c (DES_cbc_cksum): init u to make sure it have a value in
|
||||
case of the empty in data
|
||||
|
||||
* destest.c: add test for the empty password ""
|
||||
|
||||
2005-05-27 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* rctest.c (cipher3): used unsigned char to avoid problems with
|
||||
platforms using "signed char"
|
||||
|
||||
2005-05-13 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* rc2.c: use unsigned char to avoid signess warning
|
||||
|
||||
* des.c: use unsigned char to avoid signess warning
|
||||
|
||||
* aes.c (AES_cbc_encrypt): use unsigned char to avoid signess
|
||||
warning
|
||||
|
||||
2005-05-03 Dave Love <fx@gnu.org>
|
||||
|
||||
* mdtest.c: Fix typo for HAVE_STDLIB_H.
|
||||
|
||||
2005-05-03 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* rnd_keys.c: Enabled to build on cygwin, based on patch from
|
||||
David Love <fx@gnu.org>
|
||||
|
||||
2005-05-02 Dave Love <fx@gnu.org>
|
||||
|
||||
* mdtest.c: Include <krb5-types.h>.
|
||||
|
||||
2005-04-30 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* ui.c: Include <des.h>.
|
||||
(UI_UTIL_read_pw_string): make the prompt argument const.
|
||||
|
||||
* des.h (UI_UTIL_read_pw_string): make the prompt argument const
|
||||
|
||||
* ui.c (UI_UTIL_read_pw_string): remove unused variable plen
|
||||
|
||||
* des.c: replace <strings.h> with <string.h>
|
||||
|
||||
2005-04-29 Dave Love <fx@gnu.org>
|
||||
|
||||
* Makefile.am: Add LIB_roken.
|
||||
|
||||
2005-04-27 Dave Love <fx@gnu.org>
|
||||
|
||||
* sha.c: Include hash.h first.
|
||||
|
||||
* md4.c: Include hash.h first.
|
||||
|
||||
* md5.c: Include hash.h first.
|
||||
|
||||
* hash.h: Include krb5-types.h
|
||||
|
||||
2005-04-26 Dave Love <fx@gnu.org>
|
||||
|
||||
* mdtest.c: Maybe include stdlib.h
|
||||
|
||||
2005-04-10 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* sha.h,md5.h, md4.h: don't include bit types, the user must do
|
||||
that #ifdef wrap
|
||||
|
||||
* aes.h: #ifdef wrap
|
||||
|
||||
2005-03-23 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* des.h: fix prototype for DES_random_key
|
||||
|
||||
* rnd_keys.c: fix prototype for DES_random_key
|
||||
|
||||
* des.[ch]: provide compatibility function DES_key_sched, same as
|
||||
DES_set_key
|
||||
|
||||
2005-03-20 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* destest.c: include config.h and protect some headers
|
||||
|
||||
* rnd_keys.c: move <des.h> to after include <krb5-types.h> so the
|
||||
C99 integer types exists
|
||||
|
||||
2005-03-14 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* des.c: add DES_set_key_checked
|
||||
|
||||
* des.h: add DES_set_key_checked
|
||||
|
||||
2005-03-01 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* des-tables.h: Add the missing file
|
||||
|
||||
2005-02-23 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* ui.c: remove dependency on asprintf
|
||||
|
||||
* Makefile.am: make destest only once
|
||||
|
||||
* Replace the eay DES code with key scheule setup code by me and DES
|
||||
s-box and p permutation from Richard Outerbridge implemtation (in
|
||||
public domain). The DES modes are implemented by me. ui.c code are
|
||||
from appl/login.
|
||||
|
||||
The implementation is about 3 times slower then Eric for encryption,
|
||||
and about the same speed for key setup.
|
||||
|
||||
|
||||
2004-08-10 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* rnd_keys.c (DES_rand_data): also try /dev/arandom
|
||||
|
||||
2004-06-02 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* rnd_keys.c: don't include krb4 headers
|
||||
|
||||
* rijndael-alg-fst.c: don't include krb4 headers
|
||||
|
||||
* aes.c: don't include krb4 headers
|
||||
|
||||
* aes.h: define AES_{EN,DE}CRYPT; remove #ifdefs, this is an
|
||||
installed file
|
||||
|
||||
2004-04-25 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* rc2.c: handle non blocksized cbc messages
|
||||
|
||||
* aes.[ch]: add AES_cbc_encrypt
|
||||
|
||||
2004-04-24 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* rc2test.c: test vectors from RFC2268
|
||||
|
||||
* rc2.c (RC2_set_key): rewrite the mask calculation
|
||||
|
||||
* rc2.c (RC2_set_key): handle keys where effective bits are
|
||||
diffrent from keylength
|
||||
|
||||
2004-04-23 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* rc2.c: rc2 implementation
|
||||
|
||||
* rc2.h: rc2 implementation
|
||||
|
||||
* rc2test.c: rc2 implementation
|
||||
|
||||
* Makefile.am: rc2 implementation
|
||||
|
||||
2004-03-25 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* Makefile.am: new arcfour implementation
|
||||
|
||||
* rc4.c: implemented from description in
|
||||
draft-kaukonen-cipher-arcfour-03.txt
|
||||
|
||||
* rc4.h: replace with new implementation
|
||||
|
||||
* rc4_enc.c rc4_skey.c: remove
|
||||
|
||||
* rctest.c: test for arcfour
|
||||
|
||||
2003-12-07 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* rnd_keys.c: uninitialized variable, from Panasas Inc
|
||||
|
||||
2003-09-03 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* md4.c (MD4_Final): make the function threadsafe by removing
|
||||
static on the local variable zeros
|
||||
|
||||
* md5.c (MD5_Final): make the function threadsafe by removing
|
||||
static on the local variable zeros
|
||||
|
||||
* switch to the DES_ api, dont provide any compat glue
|
||||
|
||||
2003-08-27 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* sha.c: make the function threadsafe by removing static on the
|
||||
local variable zeros
|
||||
|
||||
2003-07-23 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* rijndael-alg-fst.h,rijndael-alg-fst.c,aes.c,aes.h:
|
||||
Makefile.am: add AES support
|
||||
|
||||
2003-03-19 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* des.1: sunOS -> SunOS, from jmc <jmc@prioris.mini.pw.edu.pl>
|
||||
|
||||
2003-03-19 Love Hörnquist Åstrand <lha@it.su.se>
|
||||
|
||||
* des.1: spelling, from <jmc@prioris.mini.pw.edu.pl>
|
||||
|
||||
2002-08-28 Johan Danielsson <joda@pdc.kth.se>
|
||||
|
||||
* read_pwd.c: move NeXT SGTTY stuff here
|
||||
|
||||
2001-05-17 Assar Westerlund <assar@sics.se>
|
||||
|
||||
* Makefile.am: bump version to 3:1:0
|
||||
|
||||
2001-05-11 Assar Westerlund <assar@sics.se>
|
||||
|
||||
* str2key.c (des_string_to_key, des_string_to_2keys): avoid weak
|
||||
keys
|
||||
|
||||
2001-02-16 Assar Westerlund <assar@sics.se>
|
||||
|
||||
* set_key.c: correct weak keys and update comment
|
||||
|
||||
2001-02-14 Assar Westerlund <assar@sics.se>
|
||||
|
||||
* set_key.c: correct the two last weak keys in accordance with
|
||||
FIPS 74. noted by <jhutz@cmu.edu>
|
||||
|
||||
2001-01-30 Assar Westerlund <assar@sics.se>
|
||||
|
||||
* Makefile.am (libdes_la_LDFLAGS): bump version to 3:0:0
|
||||
|
||||
2000-10-19 Assar Westerlund <assar@sics.se>
|
||||
|
||||
* Makefile.in (LIBSRC, LIBOBJ): add rc4* and enc_{read,write}
|
||||
files so that this library contains the same things as libdes in
|
||||
Heimdal
|
||||
|
||||
2000-08-16 Assar Westerlund <assar@sics.se>
|
||||
|
||||
* Makefile.am: bump version to 2:1:0
|
||||
|
||||
2000-08-03 Johan Danielsson <joda@pdc.kth.se>
|
||||
|
||||
* enc_writ.c: BSIZE -> des_BSIZE to avoid conflicts with AIX
|
||||
jfs/fsparam.h
|
||||
|
||||
* enc_read.c: BSIZE -> des_BSIZE to avoid conflicts with AIX
|
||||
jfs/fsparam.h
|
||||
|
||||
* des_locl.h: BSIZE -> des_BSIZE to avoid conflicts with AIX
|
||||
jfs/fsparam.h
|
||||
|
||||
2000-02-07 Assar Westerlund <assar@sics.se>
|
||||
|
||||
* Makefile.am: set version to 2:0:0
|
||||
|
||||
2000-01-26 Assar Westerlund <assar@sics.se>
|
||||
|
||||
* mdtest.c: update to pseudo-standard APIs for md4,md5,sha.
|
||||
* md4.c, md4.h, md5.c, md5.h, sha.c, sha.h: move to the
|
||||
pseudo-standard APIs
|
||||
|
||||
1999-12-06 Assar Westerlund <assar@sics.se>
|
||||
|
||||
* Makefile.am: set version to 1:0:1
|
||||
|
||||
1999-11-29 Assar Westerlund <assar@sics.se>
|
||||
|
||||
* fcrypt.c (crypt_md5): add trailing $
|
||||
|
||||
1999-11-13 Assar Westerlund <assar@sics.se>
|
||||
|
||||
* Makefile.am (include_HEADERS): add rc4.h
|
||||
(libdes_la_SOURCES): add rc4_skey.c
|
||||
|
||||
1999-10-28 Assar Westerlund <assar@sics.se>
|
||||
|
||||
* md5crypt_test.c: change the test case. apparently we should not
|
||||
include $ after the salt. also make it print more useful stuff
|
||||
when failing.
|
||||
|
||||
1999-10-20 Assar Westerlund <assar@sics.se>
|
||||
|
||||
* Makefile.am: bump version to 0:2:0
|
||||
|
||||
1999-09-21 Johan Danielsson <joda@pdc.kth.se>
|
||||
|
||||
* des.h: make this work with mips 64-bit abi
|
||||
|
||||
1999-08-14 Johan Danielsson <joda@pdc.kth.se>
|
||||
|
||||
* fcrypt.c (crypt_md5): don't use snprintf
|
||||
|
||||
1999-08-13 Assar Westerlund <assar@sics.se>
|
||||
|
||||
* Makefile.am: add md5crypt_test
|
||||
|
||||
* Makefile.in: add md5crypt_test
|
||||
|
||||
* md5crypt_test.c: test md5 crypt
|
||||
|
||||
* fcrypt.c: always enable md5 crypt
|
||||
|
||||
1999-07-26 Johan Danielsson <joda@pdc.kth.se>
|
||||
|
||||
* Makefile.am: bump version number (changes to md*, sha)
|
||||
|
||||
1999-06-15 Assar Westerlund <assar@sics.se>
|
||||
|
||||
* sha.c (swap_u_int32_t): add _CRAY
|
||||
|
||||
Sat Apr 10 23:02:30 1999 Johan Danielsson <joda@hella.pdc.kth.se>
|
||||
|
||||
* destest.c: fixes for crays
|
||||
|
||||
Thu Apr 1 11:26:38 1999 Johan Danielsson <joda@hella.pdc.kth.se>
|
||||
|
||||
* Makefile.am: noinst_PROGRAMS -> check_PROGRAMS; add TESTS; don't
|
||||
build rpw, and speed
|
||||
|
||||
Mon Mar 22 20:16:26 1999 Johan Danielsson <joda@hella.pdc.kth.se>
|
||||
|
||||
* Makefile.am: hash.h
|
||||
|
||||
* sha.c: use hash.h; fixes for crays
|
||||
|
||||
* md5.c: use hash.h; fixes for crays
|
||||
|
||||
* md4.c: use hash.h; fixes for crays
|
||||
|
||||
* hash.h: common stuff from md4, md5, and sha1
|
||||
|
||||
Sat Mar 20 00:16:53 1999 Assar Westerlund <assar@sics.se>
|
||||
|
||||
* rnd_keys.c (des_rand_data): move declaration to get rid of
|
||||
warning
|
||||
|
||||
Thu Mar 18 11:22:28 1999 Johan Danielsson <joda@hella.pdc.kth.se>
|
||||
|
||||
* Makefile.am: include Makefile.am.common
|
||||
|
||||
Mon Mar 15 17:36:41 1999 Johan Danielsson <joda@hella.pdc.kth.se>
|
||||
|
||||
* rnd_keys.c (des_rand_data): if not using setitimer, block
|
||||
SIGCHLD around fork(), also make sure we get the status of the
|
||||
child process
|
||||
(fake_signal): emulate signal using sigaction
|
||||
|
||||
Tue Jan 12 05:06:54 1999 Assar Westerlund <assar@sics.se>
|
||||
|
||||
* des.h: sparcv9 is also 64 bits, use `unsigned int' instead of
|
||||
`unsigned long'
|
||||
|
||||
Sun Nov 22 10:40:09 1998 Assar Westerlund <assar@sics.se>
|
||||
|
||||
* Makefile.in (WFLAGS): set
|
||||
|
||||
Mon May 25 05:24:56 1998 Assar Westerlund <assar@sics.se>
|
||||
|
||||
* Makefile.in (clean): try to remove shared library debris
|
||||
|
||||
Sun Apr 19 09:50:53 1998 Assar Westerlund <assar@sics.se>
|
||||
|
||||
* Makefile.in: add symlink magic for linux
|
||||
|
||||
Sun Nov 9 07:14:45 1997 Assar Westerlund <assar@sics.se>
|
||||
|
||||
* mdtest.c: print out old and new string
|
||||
|
||||
@@ -0,0 +1,108 @@
|
||||
The hunt for getting a DES with plain BSD license w/o advertisement clause
|
||||
==========================================================================
|
||||
|
||||
$Id$
|
||||
|
||||
This all feels very silly given that DES is about 30 years old and now
|
||||
is deprecated.
|
||||
|
||||
Helpful documents on the way:
|
||||
|
||||
Schider's crypto wasn't that useful since it only told how to do DES,
|
||||
not how to do des fast or how to not use DES. I find this to be a
|
||||
common thread in the book, it explain each tool in great detail, but
|
||||
not its limitations.
|
||||
|
||||
Dag Arne Osvik: Efficient Implementation of the Data Encryption Standard
|
||||
|
||||
Some threads on sci.crypto was also useful.
|
||||
|
||||
PC1 transformations
|
||||
===================
|
||||
|
||||
|
||||
Getting the PC1 bit mangling working was hard, I never got it to work.
|
||||
|
||||
Printning out the bit usage made me realize a lookup table could be
|
||||
used since only 12 bits are used from the first half and 16 from the
|
||||
second.
|
||||
|
||||
01110000 01110000 01110000 01110000 01111000 01111000 01111000 01111000
|
||||
00001111 00001111 00001111 00001111 00000111 00000111 00000111 00000111
|
||||
|
||||
The pattern is getting more obvious if its printed out where the bits
|
||||
are coming from.
|
||||
|
||||
8 16 24 - - - - -
|
||||
7 15 23 - - - - -
|
||||
6 14 22 - - - - -
|
||||
5 13 21 - - - - -
|
||||
4 12 20 28 - - - -
|
||||
3 11 19 27 - - - -
|
||||
2 10 18 26 - - - -
|
||||
1 9 17 25 - - - -
|
||||
|
||||
- - - 60 56 48 40 -
|
||||
- - - 59 55 47 39 -
|
||||
- - - 58 54 46 38 -
|
||||
- - - 57 53 45 37 -
|
||||
- - - - 52 44 36 -
|
||||
- - - - 51 43 35 -
|
||||
- - - - 50 42 34 -
|
||||
- - - - 49 41 33 -
|
||||
|
||||
Only 3 bits-table is needed for the first half and 4 bits for the
|
||||
second half because they are on diffrent shift offsets.
|
||||
|
||||
So to get the bitpattern bit-pattern
|
||||
|
||||
gen_pattern("pc1_c_3", 7, [ 5, 13, 21 ], 0, 0x1000000);
|
||||
gen_pattern("pc1_c_4", 15, [ 1, 9, 17, 25 ], 0, 0x1000000);
|
||||
gen_pattern("pc1_d_3", 7, [ 49, 41, 33 ], 32, 0x1000000);
|
||||
gen_pattern("pc1_d_4", 15, [ 57, 53, 45, 37 ], 32, 0x1000000);
|
||||
|
||||
PC2 transformations
|
||||
===================
|
||||
|
||||
PC2 is also a table lookup, since its a 24 bit field, I use 4 6-bit
|
||||
lookup tables. Printing the reverse of the PC2 table reveal that some
|
||||
of the bits are not used, namely (9, 18, 22, 25) from c and (7, 10,
|
||||
15, 26) from d.
|
||||
|
||||
pc2 from c
|
||||
----------
|
||||
|
||||
5 24 7 16 6 10 20
|
||||
18 - 12 3 15 23 1
|
||||
9 19 2 - 14 22 11
|
||||
- 13 4 - 17 21 8
|
||||
|
||||
pc2 from d
|
||||
----------
|
||||
|
||||
51 35 31 52 39 45 -
|
||||
50 32 - 43 36 29 48
|
||||
- 41 38 47 33 40 42
|
||||
49 37 30 46 - 34 44
|
||||
|
||||
So we generate tables for that too.
|
||||
|
||||
gen_pattern("pc2_c_1", 63, [ 5, 24, 7, 16, 6, 10 ], 0, 0x800000);
|
||||
gen_pattern("pc2_c_2", 63, [ 20, 18, 12, 3, 15, 23 ], 0, 0x800000);
|
||||
gen_pattern("pc2_c_3", 63, [ 1, 9, 19, 2, 14, 22 ], 0, 0x800000);
|
||||
gen_pattern("pc2_c_4", 63, [ 11, 13, 4, 17, 21, 8 ], 0, 0x800000);
|
||||
|
||||
gen_pattern("pc2_d_1", 63, [ 51, 35, 31, 52, 39, 45 ], 28, 0x800000);
|
||||
gen_pattern("pc2_d_2", 63, [ 50, 32, 43, 36, 29, 48 ], 28, 0x800000);
|
||||
gen_pattern("pc2_d_3", 63, [ 41, 38, 47, 33, 40, 42 ], 28, 0x800000);
|
||||
gen_pattern("pc2_d_4", 63, [ 49, 37, 30, 46, 34, 44 ], 28, 0x800000);
|
||||
|
||||
|
||||
SBOX transformations
|
||||
====================
|
||||
|
||||
The SBOX transformations are 6 bit to 4 bit transformations.
|
||||
|
||||
Here I grew tired and used Richard Outerbridge SBOXes. Thank you
|
||||
Richard.
|
||||
|
||||
@@ -0,0 +1,156 @@
|
||||
# $Id$
|
||||
|
||||
include $(top_srcdir)/Makefile.am.common
|
||||
|
||||
lib_LTLIBRARIES = libhcrypto.la
|
||||
libhcrypto_la_LDFLAGS = -version-info 4:0:0
|
||||
libhcrypto_la_LIBADD = \
|
||||
$(top_builddir)/lib/asn1/libasn1.la \
|
||||
$(LIB_dlopen) \
|
||||
$(LIBADD_roken)
|
||||
|
||||
hcryptoincludedir = $(includedir)/hcrypto
|
||||
buildhcryptoinclude = $(buildinclude)/hcrypto
|
||||
|
||||
hcryptoinclude_HEADERS = \
|
||||
aes.h \
|
||||
bn.h \
|
||||
des.h \
|
||||
dh.h \
|
||||
dsa.h \
|
||||
engine.h \
|
||||
evp.h \
|
||||
hmac.h \
|
||||
md2.h \
|
||||
md4.h \
|
||||
md5.h \
|
||||
pkcs12.h \
|
||||
rand.h \
|
||||
rc2.h \
|
||||
rc4.h \
|
||||
rsa.h \
|
||||
sha.h \
|
||||
ui.h
|
||||
|
||||
install-build-headers:: $(hcryptoinclude_HEADERS)
|
||||
@foo='$(hcryptoinclude_HEADERS)'; \
|
||||
for f in $$foo; do \
|
||||
f=`basename $$f`; \
|
||||
if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \
|
||||
else file="$$f"; fi; \
|
||||
if cmp -s $$file $(buildhcryptoinclude)/$$f 2> /dev/null ; then \
|
||||
: ; else \
|
||||
echo "cp $$file $(buildhcryptoinclude)/$$f";\
|
||||
cp $$file $(buildhcryptoinclude)/$$f; \
|
||||
fi ; \
|
||||
done
|
||||
|
||||
PROGRAM_TESTS = \
|
||||
destest \
|
||||
mdtest \
|
||||
rc2test \
|
||||
rctest \
|
||||
test_bn \
|
||||
test_cipher \
|
||||
test_engine_dso \
|
||||
test_hmac \
|
||||
test_imath \
|
||||
test_pkcs5 \
|
||||
test_pkcs12
|
||||
|
||||
SCRIPT_TESTS = \
|
||||
test_crypto
|
||||
|
||||
noinst_PROGRAMS = test_rand
|
||||
|
||||
check_PROGRAMS = $(PROGRAM_TESTS) test_rsa
|
||||
check_SCRIPTS = $(SCRIPT_TESTS)
|
||||
|
||||
TESTS = $(PROGRAM_TESTS) $(SCRIPT_TESTS)
|
||||
|
||||
LDADD = $(lib_LTLIBRARIES) $(LIB_roken)
|
||||
|
||||
libhcrypto_la_SOURCES = \
|
||||
$(imathsource) \
|
||||
aes.c \
|
||||
aes.h \
|
||||
bn.c \
|
||||
bn.h \
|
||||
des-tables.h \
|
||||
des.c \
|
||||
des.h \
|
||||
dh.c \
|
||||
dh.h \
|
||||
dh-imath.c \
|
||||
dsa.c \
|
||||
dsa.h \
|
||||
evp.c \
|
||||
evp.h \
|
||||
engine.c \
|
||||
engine.h \
|
||||
hash.h \
|
||||
hmac.c \
|
||||
hmac.h \
|
||||
md2.c \
|
||||
md2.h \
|
||||
md4.c \
|
||||
md4.h \
|
||||
md5.c \
|
||||
md5.h \
|
||||
pkcs5.c \
|
||||
pkcs12.c \
|
||||
rand.c \
|
||||
rand.h \
|
||||
randi.h \
|
||||
rand-fortuna.c \
|
||||
rand-egd.c \
|
||||
rand-unix.c \
|
||||
rc2.c \
|
||||
rc2.h \
|
||||
rc4.c \
|
||||
rc4.h \
|
||||
rijndael-alg-fst.c \
|
||||
rijndael-alg-fst.h \
|
||||
rnd_keys.c \
|
||||
rsa.c \
|
||||
rsa-imath.c \
|
||||
rsa.h \
|
||||
sha.c \
|
||||
sha.h \
|
||||
sha256.c \
|
||||
ui.c \
|
||||
ui.h
|
||||
|
||||
imathsource = \
|
||||
imath/imath.c \
|
||||
imath/imath.h \
|
||||
imath/iprime.c \
|
||||
imath/iprime.h
|
||||
|
||||
$(libhcrypto_la_OBJECTS): hcrypto-link
|
||||
|
||||
hcrypto-link:
|
||||
$(LN_S) $(srcdir)/../hcrypto hcrypto
|
||||
touch hcrypto-link
|
||||
|
||||
do_subst = sed -e 's,[@]srcdir[@],$(srcdir),g'
|
||||
|
||||
test_crypto: test_crypto.in Makefile
|
||||
$(do_subst) < $(srcdir)/test_crypto.in > test_crypto.tmp
|
||||
chmod +x test_crypto.tmp
|
||||
mv test_crypto.tmp test_crypto
|
||||
|
||||
CLEANFILES = \
|
||||
crypto-test \
|
||||
crypto-test2 \
|
||||
error \
|
||||
hcrypto \
|
||||
hcrypto-link \
|
||||
test.file \
|
||||
test_crypto \
|
||||
test_crypto.tmp \
|
||||
test_crypto.tmp
|
||||
|
||||
EXTRA_DIST = \
|
||||
rsakey.der \
|
||||
test_crypto.in
|
||||
@@ -0,0 +1,124 @@
|
||||
/*
|
||||
* Copyright (c) 2003 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include "config.h"
|
||||
|
||||
RCSID("$Id$");
|
||||
#endif
|
||||
|
||||
#ifdef KRB5
|
||||
#include <krb5-types.h>
|
||||
#endif
|
||||
|
||||
#include <string.h>
|
||||
|
||||
#include "rijndael-alg-fst.h"
|
||||
#include "aes.h"
|
||||
|
||||
int
|
||||
AES_set_encrypt_key(const unsigned char *userkey, const int bits, AES_KEY *key)
|
||||
{
|
||||
key->rounds = rijndaelKeySetupEnc(key->key, userkey, bits);
|
||||
if (key->rounds == 0)
|
||||
return -1;
|
||||
return 0;
|
||||
}
|
||||
|
||||
int
|
||||
AES_set_decrypt_key(const unsigned char *userkey, const int bits, AES_KEY *key)
|
||||
{
|
||||
key->rounds = rijndaelKeySetupDec(key->key, userkey, bits);
|
||||
if (key->rounds == 0)
|
||||
return -1;
|
||||
return 0;
|
||||
}
|
||||
|
||||
void
|
||||
AES_encrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key)
|
||||
{
|
||||
rijndaelEncrypt(key->key, key->rounds, in, out);
|
||||
}
|
||||
|
||||
void
|
||||
AES_decrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key)
|
||||
{
|
||||
rijndaelDecrypt(key->key, key->rounds, in, out);
|
||||
}
|
||||
|
||||
void
|
||||
AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
|
||||
unsigned long size, const AES_KEY *key,
|
||||
unsigned char *iv, int forward_encrypt)
|
||||
{
|
||||
unsigned char tmp[AES_BLOCK_SIZE];
|
||||
int i;
|
||||
|
||||
if (forward_encrypt) {
|
||||
while (size >= AES_BLOCK_SIZE) {
|
||||
for (i = 0; i < AES_BLOCK_SIZE; i++)
|
||||
tmp[i] = in[i] ^ iv[i];
|
||||
AES_encrypt(tmp, out, key);
|
||||
memcpy(iv, out, AES_BLOCK_SIZE);
|
||||
size -= AES_BLOCK_SIZE;
|
||||
in += AES_BLOCK_SIZE;
|
||||
out += AES_BLOCK_SIZE;
|
||||
}
|
||||
if (size) {
|
||||
for (i = 0; i < size; i++)
|
||||
tmp[i] = in[i] ^ iv[i];
|
||||
for (i = size; i < AES_BLOCK_SIZE; i++)
|
||||
tmp[i] = iv[i];
|
||||
AES_encrypt(tmp, out, key);
|
||||
memcpy(iv, out, AES_BLOCK_SIZE);
|
||||
}
|
||||
} else {
|
||||
while (size >= AES_BLOCK_SIZE) {
|
||||
memcpy(tmp, in, AES_BLOCK_SIZE);
|
||||
AES_decrypt(tmp, out, key);
|
||||
for (i = 0; i < AES_BLOCK_SIZE; i++)
|
||||
out[i] ^= iv[i];
|
||||
memcpy(iv, tmp, AES_BLOCK_SIZE);
|
||||
size -= AES_BLOCK_SIZE;
|
||||
in += AES_BLOCK_SIZE;
|
||||
out += AES_BLOCK_SIZE;
|
||||
}
|
||||
if (size) {
|
||||
memcpy(tmp, in, AES_BLOCK_SIZE);
|
||||
AES_decrypt(tmp, out, key);
|
||||
for (i = 0; i < size; i++)
|
||||
out[i] ^= iv[i];
|
||||
memcpy(iv, tmp, AES_BLOCK_SIZE);
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,71 @@
|
||||
/*
|
||||
* Copyright (c) 2003-2004 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
/* $Id$ */
|
||||
|
||||
#ifndef HEIM_AES_H
|
||||
#define HEIM_AES_H 1
|
||||
|
||||
/* symbol renaming */
|
||||
#define AES_set_encrypt_key hc_AES_set_encrypt_key
|
||||
#define AES_set_decrypt_key hc_AES_decrypt_key
|
||||
#define AES_encrypt hc_AES_encrypt
|
||||
#define AES_decrypt hc_AES_decrypt
|
||||
#define AES_cbc_encrypt hc_AES_cbc_encrypt
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
#define AES_BLOCK_SIZE 16
|
||||
#define AES_MAXNR 14
|
||||
|
||||
#define AES_ENCRYPT 1
|
||||
#define AES_DECRYPT 0
|
||||
|
||||
typedef struct aes_key {
|
||||
uint32_t key[(AES_MAXNR+1)*4];
|
||||
int rounds;
|
||||
} AES_KEY;
|
||||
|
||||
int AES_set_encrypt_key(const unsigned char *, const int, AES_KEY *);
|
||||
int AES_set_decrypt_key(const unsigned char *, const int, AES_KEY *);
|
||||
|
||||
void AES_encrypt(const unsigned char *, unsigned char *, const AES_KEY *);
|
||||
void AES_decrypt(const unsigned char *, unsigned char *, const AES_KEY *);
|
||||
|
||||
void AES_cbc_encrypt(const unsigned char *, unsigned char *,
|
||||
const unsigned long, const AES_KEY *,
|
||||
unsigned char *, int);
|
||||
|
||||
#endif /* HEIM_AES_H */
|
||||
@@ -0,0 +1,445 @@
|
||||
/*
|
||||
* Copyright (c) 2006 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include <config.h>
|
||||
#endif
|
||||
|
||||
RCSID("$Id$");
|
||||
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <limits.h>
|
||||
|
||||
#include <krb5-types.h>
|
||||
#include <rfc2459_asn1.h> /* XXX */
|
||||
#include <der.h>
|
||||
|
||||
#include <bn.h>
|
||||
#include <rand.h>
|
||||
#include <hex.h>
|
||||
|
||||
BIGNUM *
|
||||
BN_new(void)
|
||||
{
|
||||
heim_integer *hi;
|
||||
hi = calloc(1, sizeof(*hi));
|
||||
return (BIGNUM *)hi;
|
||||
}
|
||||
|
||||
void
|
||||
BN_free(BIGNUM *bn)
|
||||
{
|
||||
BN_clear(bn);
|
||||
free(bn);
|
||||
}
|
||||
|
||||
void
|
||||
BN_clear(BIGNUM *bn)
|
||||
{
|
||||
heim_integer *hi = (heim_integer *)bn;
|
||||
if (hi->data) {
|
||||
memset(hi->data, 0, hi->length);
|
||||
free(hi->data);
|
||||
}
|
||||
memset(hi, 0, sizeof(*hi));
|
||||
}
|
||||
|
||||
void
|
||||
BN_clear_free(BIGNUM *bn)
|
||||
{
|
||||
BN_free(bn);
|
||||
}
|
||||
|
||||
BIGNUM *
|
||||
BN_dup(const BIGNUM *bn)
|
||||
{
|
||||
BIGNUM *b = BN_new();
|
||||
if (der_copy_heim_integer((const heim_integer *)bn, (heim_integer *)b)) {
|
||||
BN_free(b);
|
||||
return NULL;
|
||||
}
|
||||
return b;
|
||||
}
|
||||
|
||||
/*
|
||||
* If the caller really want to know the number of bits used, subtract
|
||||
* one from the length, multiply by 8, and then lookup in the table
|
||||
* how many bits the hightest byte uses.
|
||||
*/
|
||||
int
|
||||
BN_num_bits(const BIGNUM *bn)
|
||||
{
|
||||
static unsigned char num2bits[256] = {
|
||||
0,1,2,2,3,3,3,3,4,4,4,4,4,4,4,4, 5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,
|
||||
6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6, 6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,
|
||||
7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7, 7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,
|
||||
7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7, 7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,
|
||||
8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8, 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
|
||||
8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8, 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
|
||||
8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8, 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
|
||||
8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8, 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
|
||||
};
|
||||
const heim_integer *i = (const void *)bn;
|
||||
if (i->length == 0)
|
||||
return 0;
|
||||
return (i->length - 1) * 8 + num2bits[((unsigned char *)i->data)[0]];
|
||||
}
|
||||
|
||||
int
|
||||
BN_num_bytes(const BIGNUM *bn)
|
||||
{
|
||||
return ((const heim_integer *)bn)->length;
|
||||
}
|
||||
|
||||
/*
|
||||
* Ignore negative flag.
|
||||
*/
|
||||
|
||||
BIGNUM *
|
||||
BN_bin2bn(const void *s, int len, BIGNUM *bn)
|
||||
{
|
||||
heim_integer *hi = (void *)bn;
|
||||
|
||||
if (len < 0)
|
||||
return NULL;
|
||||
|
||||
if (hi == NULL) {
|
||||
hi = (heim_integer *)BN_new();
|
||||
if (hi == NULL)
|
||||
return NULL;
|
||||
}
|
||||
if (hi->data)
|
||||
BN_clear((BIGNUM *)hi);
|
||||
hi->negative = 0;
|
||||
hi->data = malloc(len);
|
||||
if (hi->data == NULL && len != 0) {
|
||||
if (bn == NULL)
|
||||
BN_free((BIGNUM *)hi);
|
||||
return NULL;
|
||||
}
|
||||
hi->length = len;
|
||||
memcpy(hi->data, s, len);
|
||||
return (BIGNUM *)hi;
|
||||
}
|
||||
|
||||
int
|
||||
BN_bn2bin(const BIGNUM *bn, void *to)
|
||||
{
|
||||
const heim_integer *hi = (const void *)bn;
|
||||
memcpy(to, hi->data, hi->length);
|
||||
return hi->length;
|
||||
}
|
||||
|
||||
int
|
||||
BN_hex2bn(BIGNUM **bnp, const char *in)
|
||||
{
|
||||
int negative;
|
||||
ssize_t ret;
|
||||
size_t len;
|
||||
void *data;
|
||||
|
||||
len = strlen(in);
|
||||
data = malloc(len);
|
||||
if (data == NULL)
|
||||
return 0;
|
||||
|
||||
if (*in == '-') {
|
||||
negative = 1;
|
||||
in++;
|
||||
} else
|
||||
negative = 0;
|
||||
|
||||
ret = hex_decode(in, data, len);
|
||||
if (ret < 0) {
|
||||
free(data);
|
||||
return 0;
|
||||
}
|
||||
|
||||
*bnp = BN_bin2bn(data, ret, NULL);
|
||||
free(data);
|
||||
if (*bnp == NULL)
|
||||
return 0;
|
||||
BN_set_negative(*bnp, negative);
|
||||
return 1;
|
||||
}
|
||||
|
||||
char *
|
||||
BN_bn2hex(const BIGNUM *bn)
|
||||
{
|
||||
ssize_t ret;
|
||||
size_t len;
|
||||
void *data;
|
||||
char *str;
|
||||
|
||||
len = BN_num_bytes(bn);
|
||||
data = malloc(len);
|
||||
if (data == NULL)
|
||||
return 0;
|
||||
|
||||
len = BN_bn2bin(bn, data);
|
||||
|
||||
ret = hex_encode(data, len, &str);
|
||||
free(data);
|
||||
if (ret < 0)
|
||||
return 0;
|
||||
|
||||
return str;
|
||||
}
|
||||
|
||||
int
|
||||
BN_cmp(const BIGNUM *bn1, const BIGNUM *bn2)
|
||||
{
|
||||
return der_heim_integer_cmp((const heim_integer *)bn1,
|
||||
(const heim_integer *)bn2);
|
||||
}
|
||||
|
||||
void
|
||||
BN_set_negative(BIGNUM *bn, int flag)
|
||||
{
|
||||
((heim_integer *)bn)->negative = (flag ? 1 : 0);
|
||||
}
|
||||
|
||||
int
|
||||
BN_is_negative(BIGNUM *bn)
|
||||
{
|
||||
return ((heim_integer *)bn)->negative ? 1 : 0;
|
||||
}
|
||||
|
||||
static const unsigned char is_set[8] = { 1, 2, 4, 8, 16, 32, 64, 128 };
|
||||
|
||||
int
|
||||
BN_is_bit_set(const BIGNUM *bn, int bit)
|
||||
{
|
||||
heim_integer *hi = (heim_integer *)bn;
|
||||
unsigned char *p = hi->data;
|
||||
|
||||
if ((bit / 8) > hi->length || hi->length == 0)
|
||||
return 0;
|
||||
|
||||
return p[hi->length - 1 - (bit / 8)] & is_set[bit % 8];
|
||||
}
|
||||
|
||||
int
|
||||
BN_set_bit(BIGNUM *bn, int bit)
|
||||
{
|
||||
heim_integer *hi = (heim_integer *)bn;
|
||||
unsigned char *p;
|
||||
|
||||
if ((bit / 8) > hi->length || hi->length == 0) {
|
||||
size_t len = (bit + 7) / 8;
|
||||
void *d = realloc(hi->data, len);
|
||||
if (d == NULL)
|
||||
return 0;
|
||||
hi->data = d;
|
||||
p = hi->data;
|
||||
memset(&p[hi->length], 0, len);
|
||||
hi->length = len;
|
||||
} else
|
||||
p = hi->data;
|
||||
|
||||
p[hi->length - 1 - (bit / 8)] |= is_set[bit % 8];
|
||||
return 1;
|
||||
}
|
||||
|
||||
int
|
||||
BN_clear_bit(BIGNUM *bn, int bit)
|
||||
{
|
||||
heim_integer *hi = (heim_integer *)bn;
|
||||
unsigned char *p = hi->data;
|
||||
|
||||
if ((bit / 8) > hi->length || hi->length == 0)
|
||||
return 0;
|
||||
|
||||
p[hi->length - 1 - (bit / 8)] &= (unsigned char)(~(is_set[bit % 8]));
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
int
|
||||
BN_set_word(BIGNUM *bn, unsigned long num)
|
||||
{
|
||||
unsigned char p[sizeof(num)];
|
||||
unsigned long num2;
|
||||
int i, len;
|
||||
|
||||
for (num2 = num, i = 0; num2 > 0; i++)
|
||||
num2 = num2 >> 8;
|
||||
|
||||
len = i - 1;
|
||||
for (; i > 0; i--) {
|
||||
p[i - 1] = (num & 0xff);
|
||||
num = num >> 8;
|
||||
}
|
||||
|
||||
bn = BN_bin2bn(p, len + 1, bn);
|
||||
return bn != NULL;
|
||||
}
|
||||
|
||||
unsigned long
|
||||
BN_get_word(const BIGNUM *bn)
|
||||
{
|
||||
heim_integer *hi = (heim_integer *)bn;
|
||||
unsigned long num = 0;
|
||||
int i;
|
||||
|
||||
if (hi->negative || hi->length > sizeof(num))
|
||||
return ULONG_MAX;
|
||||
|
||||
for (i = 0; i < hi->length; i++)
|
||||
num = ((unsigned char *)hi->data)[i] | (num << 8);
|
||||
return num;
|
||||
}
|
||||
|
||||
int
|
||||
BN_rand(BIGNUM *bn, int bits, int top, int bottom)
|
||||
{
|
||||
size_t len = (bits + 7) / 8;
|
||||
heim_integer *i = (heim_integer *)bn;
|
||||
|
||||
BN_clear(bn);
|
||||
|
||||
i->negative = 0;
|
||||
i->data = malloc(len);
|
||||
if (i->data == NULL && len != 0)
|
||||
return 0;
|
||||
i->length = len;
|
||||
|
||||
if (RAND_bytes(i->data, i->length) != 1) {
|
||||
free(i->data);
|
||||
i->data = NULL;
|
||||
return 0;
|
||||
}
|
||||
|
||||
{
|
||||
size_t j = len * 8;
|
||||
while(j > bits) {
|
||||
BN_clear_bit(bn, j - 1);
|
||||
j--;
|
||||
}
|
||||
}
|
||||
|
||||
if (top == -1) {
|
||||
;
|
||||
} else if (top == 0 && bits > 0) {
|
||||
BN_set_bit(bn, bits - 1);
|
||||
} else if (top == 1 && bits > 1) {
|
||||
BN_set_bit(bn, bits - 1);
|
||||
BN_set_bit(bn, bits - 2);
|
||||
} else {
|
||||
BN_clear(bn);
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (bottom && bits > 0)
|
||||
BN_set_bit(bn, 0);
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
int
|
||||
BN_uadd(BIGNUM *res, const BIGNUM *a, const BIGNUM *b)
|
||||
{
|
||||
const heim_integer *ai = (const heim_integer *)a;
|
||||
const heim_integer *bi = (const heim_integer *)b;
|
||||
const unsigned char *ap, *bp;
|
||||
unsigned char *cp;
|
||||
heim_integer ci;
|
||||
int carry = 0;
|
||||
ssize_t len;
|
||||
|
||||
if (ai->negative && bi->negative)
|
||||
return 0;
|
||||
if (ai->length < bi->length) {
|
||||
const heim_integer *si = bi;
|
||||
bi = ai; ai = si;
|
||||
}
|
||||
|
||||
ci.negative = 0;
|
||||
ci.length = ai->length + 1;
|
||||
ci.data = malloc(ci.length);
|
||||
if (ci.data == NULL)
|
||||
return 0;
|
||||
|
||||
ap = &((const unsigned char *)ai->data)[ai->length - 1];
|
||||
bp = &((const unsigned char *)bi->data)[bi->length - 1];
|
||||
cp = &((unsigned char *)ci.data)[ci.length - 1];
|
||||
|
||||
for (len = bi->length; len > 0; len--) {
|
||||
carry = *ap + *bp + carry;
|
||||
*cp = carry & 0xff;
|
||||
carry = (carry & ~0xff) ? 1 : 0;
|
||||
ap--; bp--; cp--;
|
||||
}
|
||||
for (len = ai->length - bi->length; len > 0; len--) {
|
||||
carry = *ap + carry;
|
||||
*cp = carry & 0xff;
|
||||
carry = (carry & ~0xff) ? 1 : 0;
|
||||
ap--; cp--;
|
||||
}
|
||||
if (!carry)
|
||||
memmove(cp, cp + 1, --ci.length);
|
||||
else
|
||||
*cp = carry;
|
||||
|
||||
BN_clear(res);
|
||||
*((heim_integer *)res) = ci;
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* Callback when doing slow generation of numbers, like primes.
|
||||
*/
|
||||
|
||||
void
|
||||
BN_GENCB_set(BN_GENCB *gencb, int (*cb_2)(int, int, BN_GENCB *), void *ctx)
|
||||
{
|
||||
gencb->ver = 2;
|
||||
gencb->cb.cb_2 = cb_2;
|
||||
gencb->arg = ctx;
|
||||
}
|
||||
|
||||
int
|
||||
BN_GENCB_call(BN_GENCB *cb, int a, int b)
|
||||
{
|
||||
if (cb == NULL || cb->cb.cb_2 == NULL)
|
||||
return 1;
|
||||
return cb->cb.cb_2(a, b, cb);
|
||||
}
|
||||
@@ -0,0 +1,121 @@
|
||||
/*
|
||||
* Copyright (c) 2006 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
/*
|
||||
* $Id$
|
||||
*/
|
||||
|
||||
#ifndef _HEIM_BN_H
|
||||
#define _HEIM_BN_H 1
|
||||
|
||||
/* symbol renaming */
|
||||
#define BN_GENCB_call hc_BN_GENCB_call
|
||||
#define BN_GENCB_set hc_BN_GENCB_set
|
||||
#define BN_bin2bn hc_BN_bin2bn
|
||||
#define BN_bn2bin hc_BN_bn2bin
|
||||
#define BN_bn2hex hc_BN_bn2hex
|
||||
#define BN_clear hc_BN_clear
|
||||
#define BN_clear_bit hc_BN_clear_bit
|
||||
#define BN_clear_free hc_BN_clear_free
|
||||
#define BN_cmp hc_BN_cmp
|
||||
#define BN_dup hc_BN_dup
|
||||
#define BN_free hc_BN_free
|
||||
#define BN_is_negative hc_BN_is_negative
|
||||
#define BN_get_word hc_BN_get_word
|
||||
#define BN_hex2bn hc_BN_hex2bn
|
||||
#define BN_is_bit_set hc_BN_is_bit_set
|
||||
#define BN_new hc_BN_new
|
||||
#define BN_num_bits hc_BN_num_bits
|
||||
#define BN_num_bytes hc_BN_num_bytes
|
||||
#define BN_rand hc_BN_rand
|
||||
#define BN_set_bit hc_BN_set_bit
|
||||
#define BN_set_negative hc_BN_set_negative
|
||||
#define BN_set_word hc_BN_set_word
|
||||
#define BN_uadd hc_BN_uadd
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
typedef void BIGNUM;
|
||||
typedef struct BN_GENCB BN_GENCB;
|
||||
typedef void BN_CTX;
|
||||
typedef void BN_MONT_CTX;
|
||||
typedef void BN_BLINDING;
|
||||
|
||||
struct BN_GENCB {
|
||||
unsigned int ver;
|
||||
void *arg;
|
||||
union {
|
||||
int (*cb_2)(int, int, BN_GENCB *);
|
||||
} cb;
|
||||
};
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
BIGNUM *BN_new(void);
|
||||
void BN_free(BIGNUM *);
|
||||
void BN_clear_free(BIGNUM *);
|
||||
void BN_clear(BIGNUM *);
|
||||
BIGNUM *BN_dup(const BIGNUM *);
|
||||
|
||||
int BN_num_bits(const BIGNUM *);
|
||||
int BN_num_bytes(const BIGNUM *);
|
||||
|
||||
int BN_cmp(const BIGNUM *, const BIGNUM *);
|
||||
|
||||
void BN_set_negative(BIGNUM *, int);
|
||||
int BN_is_negative(BIGNUM *);
|
||||
|
||||
int BN_is_bit_set(const BIGNUM *, int);
|
||||
int BN_set_bit(BIGNUM *, int);
|
||||
int BN_clear_bit(BIGNUM *, int);
|
||||
|
||||
int BN_set_word(BIGNUM *, unsigned long);
|
||||
unsigned long BN_get_word(const BIGNUM *);
|
||||
|
||||
BIGNUM *BN_bin2bn(const void *,int len,BIGNUM *);
|
||||
int BN_bn2bin(const BIGNUM *, void *);
|
||||
int BN_hex2bn(BIGNUM **, const char *);
|
||||
char * BN_bn2hex(const BIGNUM *);
|
||||
|
||||
int BN_uadd(BIGNUM *, const BIGNUM *, const BIGNUM *);
|
||||
|
||||
int BN_rand(BIGNUM *, int, int, int);
|
||||
|
||||
void BN_GENCB_set(BN_GENCB *, int (*)(int, int, BN_GENCB *), void *);
|
||||
int BN_GENCB_call(BN_GENCB *, int, int);
|
||||
|
||||
#endif
|
||||
@@ -0,0 +1,196 @@
|
||||
/* GENERATE FILE from gen-des.pl, do not edit */
|
||||
|
||||
/* pc1_c_3 bit pattern 5 13 21 */
|
||||
static int pc1_c_3[8] = {
|
||||
0x00000000, 0x00000010, 0x00001000, 0x00001010,
|
||||
0x00100000, 0x00100010, 0x00101000, 0x00101010
|
||||
};
|
||||
/* pc1_c_4 bit pattern 1 9 17 25 */
|
||||
static int pc1_c_4[16] = {
|
||||
0x00000000, 0x00000001, 0x00000100, 0x00000101,
|
||||
0x00010000, 0x00010001, 0x00010100, 0x00010101,
|
||||
0x01000000, 0x01000001, 0x01000100, 0x01000101,
|
||||
0x01010000, 0x01010001, 0x01010100, 0x01010101
|
||||
};
|
||||
/* pc1_d_3 bit pattern 49 41 33 */
|
||||
static int pc1_d_3[8] = {
|
||||
0x00000000, 0x01000000, 0x00010000, 0x01010000,
|
||||
0x00000100, 0x01000100, 0x00010100, 0x01010100
|
||||
};
|
||||
/* pc1_d_4 bit pattern 57 53 45 37 */
|
||||
static int pc1_d_4[16] = {
|
||||
0x00000000, 0x00100000, 0x00001000, 0x00101000,
|
||||
0x00000010, 0x00100010, 0x00001010, 0x00101010,
|
||||
0x00000001, 0x00100001, 0x00001001, 0x00101001,
|
||||
0x00000011, 0x00100011, 0x00001011, 0x00101011
|
||||
};
|
||||
/* pc2_c_1 bit pattern 5 24 7 16 6 10 */
|
||||
static int pc2_c_1[64] = {
|
||||
0x00000000, 0x00004000, 0x00040000, 0x00044000,
|
||||
0x00000100, 0x00004100, 0x00040100, 0x00044100,
|
||||
0x00020000, 0x00024000, 0x00060000, 0x00064000,
|
||||
0x00020100, 0x00024100, 0x00060100, 0x00064100,
|
||||
0x00000001, 0x00004001, 0x00040001, 0x00044001,
|
||||
0x00000101, 0x00004101, 0x00040101, 0x00044101,
|
||||
0x00020001, 0x00024001, 0x00060001, 0x00064001,
|
||||
0x00020101, 0x00024101, 0x00060101, 0x00064101,
|
||||
0x00080000, 0x00084000, 0x000c0000, 0x000c4000,
|
||||
0x00080100, 0x00084100, 0x000c0100, 0x000c4100,
|
||||
0x000a0000, 0x000a4000, 0x000e0000, 0x000e4000,
|
||||
0x000a0100, 0x000a4100, 0x000e0100, 0x000e4100,
|
||||
0x00080001, 0x00084001, 0x000c0001, 0x000c4001,
|
||||
0x00080101, 0x00084101, 0x000c0101, 0x000c4101,
|
||||
0x000a0001, 0x000a4001, 0x000e0001, 0x000e4001,
|
||||
0x000a0101, 0x000a4101, 0x000e0101, 0x000e4101
|
||||
};
|
||||
/* pc2_c_2 bit pattern 20 18 12 3 15 23 */
|
||||
static int pc2_c_2[64] = {
|
||||
0x00000000, 0x00000002, 0x00000200, 0x00000202,
|
||||
0x00200000, 0x00200002, 0x00200200, 0x00200202,
|
||||
0x00001000, 0x00001002, 0x00001200, 0x00001202,
|
||||
0x00201000, 0x00201002, 0x00201200, 0x00201202,
|
||||
0x00000040, 0x00000042, 0x00000240, 0x00000242,
|
||||
0x00200040, 0x00200042, 0x00200240, 0x00200242,
|
||||
0x00001040, 0x00001042, 0x00001240, 0x00001242,
|
||||
0x00201040, 0x00201042, 0x00201240, 0x00201242,
|
||||
0x00000010, 0x00000012, 0x00000210, 0x00000212,
|
||||
0x00200010, 0x00200012, 0x00200210, 0x00200212,
|
||||
0x00001010, 0x00001012, 0x00001210, 0x00001212,
|
||||
0x00201010, 0x00201012, 0x00201210, 0x00201212,
|
||||
0x00000050, 0x00000052, 0x00000250, 0x00000252,
|
||||
0x00200050, 0x00200052, 0x00200250, 0x00200252,
|
||||
0x00001050, 0x00001052, 0x00001250, 0x00001252,
|
||||
0x00201050, 0x00201052, 0x00201250, 0x00201252
|
||||
};
|
||||
/* pc2_c_3 bit pattern 1 9 19 2 14 22 */
|
||||
static int pc2_c_3[64] = {
|
||||
0x00000000, 0x00000004, 0x00000400, 0x00000404,
|
||||
0x00400000, 0x00400004, 0x00400400, 0x00400404,
|
||||
0x00000020, 0x00000024, 0x00000420, 0x00000424,
|
||||
0x00400020, 0x00400024, 0x00400420, 0x00400424,
|
||||
0x00008000, 0x00008004, 0x00008400, 0x00008404,
|
||||
0x00408000, 0x00408004, 0x00408400, 0x00408404,
|
||||
0x00008020, 0x00008024, 0x00008420, 0x00008424,
|
||||
0x00408020, 0x00408024, 0x00408420, 0x00408424,
|
||||
0x00800000, 0x00800004, 0x00800400, 0x00800404,
|
||||
0x00c00000, 0x00c00004, 0x00c00400, 0x00c00404,
|
||||
0x00800020, 0x00800024, 0x00800420, 0x00800424,
|
||||
0x00c00020, 0x00c00024, 0x00c00420, 0x00c00424,
|
||||
0x00808000, 0x00808004, 0x00808400, 0x00808404,
|
||||
0x00c08000, 0x00c08004, 0x00c08400, 0x00c08404,
|
||||
0x00808020, 0x00808024, 0x00808420, 0x00808424,
|
||||
0x00c08020, 0x00c08024, 0x00c08420, 0x00c08424
|
||||
};
|
||||
/* pc2_c_4 bit pattern 11 13 4 17 21 8 */
|
||||
static int pc2_c_4[64] = {
|
||||
0x00000000, 0x00010000, 0x00000008, 0x00010008,
|
||||
0x00000080, 0x00010080, 0x00000088, 0x00010088,
|
||||
0x00100000, 0x00110000, 0x00100008, 0x00110008,
|
||||
0x00100080, 0x00110080, 0x00100088, 0x00110088,
|
||||
0x00000800, 0x00010800, 0x00000808, 0x00010808,
|
||||
0x00000880, 0x00010880, 0x00000888, 0x00010888,
|
||||
0x00100800, 0x00110800, 0x00100808, 0x00110808,
|
||||
0x00100880, 0x00110880, 0x00100888, 0x00110888,
|
||||
0x00002000, 0x00012000, 0x00002008, 0x00012008,
|
||||
0x00002080, 0x00012080, 0x00002088, 0x00012088,
|
||||
0x00102000, 0x00112000, 0x00102008, 0x00112008,
|
||||
0x00102080, 0x00112080, 0x00102088, 0x00112088,
|
||||
0x00002800, 0x00012800, 0x00002808, 0x00012808,
|
||||
0x00002880, 0x00012880, 0x00002888, 0x00012888,
|
||||
0x00102800, 0x00112800, 0x00102808, 0x00112808,
|
||||
0x00102880, 0x00112880, 0x00102888, 0x00112888
|
||||
};
|
||||
/* pc2_d_1 bit pattern 51 35 31 52 39 45 */
|
||||
static int pc2_d_1[64] = {
|
||||
0x00000000, 0x00000080, 0x00002000, 0x00002080,
|
||||
0x00000001, 0x00000081, 0x00002001, 0x00002081,
|
||||
0x00200000, 0x00200080, 0x00202000, 0x00202080,
|
||||
0x00200001, 0x00200081, 0x00202001, 0x00202081,
|
||||
0x00020000, 0x00020080, 0x00022000, 0x00022080,
|
||||
0x00020001, 0x00020081, 0x00022001, 0x00022081,
|
||||
0x00220000, 0x00220080, 0x00222000, 0x00222080,
|
||||
0x00220001, 0x00220081, 0x00222001, 0x00222081,
|
||||
0x00000002, 0x00000082, 0x00002002, 0x00002082,
|
||||
0x00000003, 0x00000083, 0x00002003, 0x00002083,
|
||||
0x00200002, 0x00200082, 0x00202002, 0x00202082,
|
||||
0x00200003, 0x00200083, 0x00202003, 0x00202083,
|
||||
0x00020002, 0x00020082, 0x00022002, 0x00022082,
|
||||
0x00020003, 0x00020083, 0x00022003, 0x00022083,
|
||||
0x00220002, 0x00220082, 0x00222002, 0x00222082,
|
||||
0x00220003, 0x00220083, 0x00222003, 0x00222083
|
||||
};
|
||||
/* pc2_d_2 bit pattern 50 32 43 36 29 48 */
|
||||
static int pc2_d_2[64] = {
|
||||
0x00000000, 0x00000010, 0x00800000, 0x00800010,
|
||||
0x00010000, 0x00010010, 0x00810000, 0x00810010,
|
||||
0x00000200, 0x00000210, 0x00800200, 0x00800210,
|
||||
0x00010200, 0x00010210, 0x00810200, 0x00810210,
|
||||
0x00100000, 0x00100010, 0x00900000, 0x00900010,
|
||||
0x00110000, 0x00110010, 0x00910000, 0x00910010,
|
||||
0x00100200, 0x00100210, 0x00900200, 0x00900210,
|
||||
0x00110200, 0x00110210, 0x00910200, 0x00910210,
|
||||
0x00000004, 0x00000014, 0x00800004, 0x00800014,
|
||||
0x00010004, 0x00010014, 0x00810004, 0x00810014,
|
||||
0x00000204, 0x00000214, 0x00800204, 0x00800214,
|
||||
0x00010204, 0x00010214, 0x00810204, 0x00810214,
|
||||
0x00100004, 0x00100014, 0x00900004, 0x00900014,
|
||||
0x00110004, 0x00110014, 0x00910004, 0x00910014,
|
||||
0x00100204, 0x00100214, 0x00900204, 0x00900214,
|
||||
0x00110204, 0x00110214, 0x00910204, 0x00910214
|
||||
};
|
||||
/* pc2_d_3 bit pattern 41 38 47 33 40 42 */
|
||||
static int pc2_d_3[64] = {
|
||||
0x00000000, 0x00000400, 0x00001000, 0x00001400,
|
||||
0x00080000, 0x00080400, 0x00081000, 0x00081400,
|
||||
0x00000020, 0x00000420, 0x00001020, 0x00001420,
|
||||
0x00080020, 0x00080420, 0x00081020, 0x00081420,
|
||||
0x00004000, 0x00004400, 0x00005000, 0x00005400,
|
||||
0x00084000, 0x00084400, 0x00085000, 0x00085400,
|
||||
0x00004020, 0x00004420, 0x00005020, 0x00005420,
|
||||
0x00084020, 0x00084420, 0x00085020, 0x00085420,
|
||||
0x00000800, 0x00000c00, 0x00001800, 0x00001c00,
|
||||
0x00080800, 0x00080c00, 0x00081800, 0x00081c00,
|
||||
0x00000820, 0x00000c20, 0x00001820, 0x00001c20,
|
||||
0x00080820, 0x00080c20, 0x00081820, 0x00081c20,
|
||||
0x00004800, 0x00004c00, 0x00005800, 0x00005c00,
|
||||
0x00084800, 0x00084c00, 0x00085800, 0x00085c00,
|
||||
0x00004820, 0x00004c20, 0x00005820, 0x00005c20,
|
||||
0x00084820, 0x00084c20, 0x00085820, 0x00085c20
|
||||
};
|
||||
/* pc2_d_4 bit pattern 49 37 30 46 34 44 */
|
||||
static int pc2_d_4[64] = {
|
||||
0x00000000, 0x00000100, 0x00040000, 0x00040100,
|
||||
0x00000040, 0x00000140, 0x00040040, 0x00040140,
|
||||
0x00400000, 0x00400100, 0x00440000, 0x00440100,
|
||||
0x00400040, 0x00400140, 0x00440040, 0x00440140,
|
||||
0x00008000, 0x00008100, 0x00048000, 0x00048100,
|
||||
0x00008040, 0x00008140, 0x00048040, 0x00048140,
|
||||
0x00408000, 0x00408100, 0x00448000, 0x00448100,
|
||||
0x00408040, 0x00408140, 0x00448040, 0x00448140,
|
||||
0x00000008, 0x00000108, 0x00040008, 0x00040108,
|
||||
0x00000048, 0x00000148, 0x00040048, 0x00040148,
|
||||
0x00400008, 0x00400108, 0x00440008, 0x00440108,
|
||||
0x00400048, 0x00400148, 0x00440048, 0x00440148,
|
||||
0x00008008, 0x00008108, 0x00048008, 0x00048108,
|
||||
0x00008048, 0x00008148, 0x00048048, 0x00048148,
|
||||
0x00408008, 0x00408108, 0x00448008, 0x00448108,
|
||||
0x00408048, 0x00408148, 0x00448048, 0x00448148
|
||||
};
|
||||
static unsigned char odd_parity[256] = {
|
||||
1, 1, 2, 2, 4, 4, 7, 7, 8, 8, 11, 11, 13, 13, 14, 14,
|
||||
16, 16, 19, 19, 21, 21, 22, 22, 25, 25, 26, 26, 28, 28, 31, 31,
|
||||
32, 32, 35, 35, 37, 37, 38, 38, 41, 41, 42, 42, 44, 44, 47, 47,
|
||||
49, 49, 50, 50, 52, 52, 55, 55, 56, 56, 59, 59, 61, 61, 62, 62,
|
||||
64, 64, 67, 67, 69, 69, 70, 70, 73, 73, 74, 74, 76, 76, 79, 79,
|
||||
81, 81, 82, 82, 84, 84, 87, 87, 88, 88, 91, 91, 93, 93, 94, 94,
|
||||
97, 97, 98, 98,100,100,103,103,104,104,107,107,109,109,110,110,
|
||||
112,112,115,115,117,117,118,118,121,121,122,122,124,124,127,127,
|
||||
128,128,131,131,133,133,134,134,137,137,138,138,140,140,143,143,
|
||||
145,145,146,146,148,148,151,151,152,152,155,155,157,157,158,158,
|
||||
161,161,162,162,164,164,167,167,168,168,171,171,173,173,174,174,
|
||||
176,176,179,179,181,181,182,182,185,185,186,186,188,188,191,191,
|
||||
193,193,194,194,196,196,199,199,200,200,203,203,205,205,206,206,
|
||||
208,208,211,211,213,213,214,214,217,217,218,218,220,220,223,223,
|
||||
224,224,227,227,229,229,230,230,233,233,234,234,236,236,239,239,
|
||||
241,241,242,242,244,244,247,247,248,248,251,251,253,253,254,254,
|
||||
};
|
||||
@@ -0,0 +1,967 @@
|
||||
/*
|
||||
* Copyright (c) 2005 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
/*
|
||||
* The document that got me started for real was "Efficient
|
||||
* Implementation of the Data Encryption Standard" by Dag Arne Osvik.
|
||||
* I never got to the PC1 transformation was working, instead I used
|
||||
* table-lookup was used for all key schedule setup. The document was
|
||||
* very useful since it de-mystified other implementations for me.
|
||||
*
|
||||
* The core DES function (SBOX + P transformation) is from Richard
|
||||
* Outerbridge public domain DES implementation. My sanity is saved
|
||||
* thanks to his work. Thank you Richard.
|
||||
*/
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include <config.h>
|
||||
RCSID("$Id$");
|
||||
#endif
|
||||
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <krb5-types.h>
|
||||
#include <assert.h>
|
||||
|
||||
#include "des.h"
|
||||
#include "ui.h"
|
||||
|
||||
static void desx(uint32_t [2], DES_key_schedule *, int);
|
||||
static void IP(uint32_t [2]);
|
||||
static void FP(uint32_t [2]);
|
||||
|
||||
#include "des-tables.h"
|
||||
|
||||
#define ROTATE_LEFT28(x,one) \
|
||||
if (one) { \
|
||||
x = ( ((x)<<(1)) & 0xffffffe) | ((x) >> 27); \
|
||||
} else { \
|
||||
x = ( ((x)<<(2)) & 0xffffffc) | ((x) >> 26); \
|
||||
}
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
int
|
||||
DES_set_odd_parity(DES_cblock *key)
|
||||
{
|
||||
int i;
|
||||
for (i = 0; i < DES_CBLOCK_LEN; i++)
|
||||
(*key)[i] = odd_parity[(*key)[i]];
|
||||
return 0;
|
||||
}
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
/* FIPS 74 */
|
||||
static DES_cblock weak_keys[] = {
|
||||
{0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01}, /* weak keys */
|
||||
{0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE},
|
||||
{0x1F,0x1F,0x1F,0x1F,0x0E,0x0E,0x0E,0x0E},
|
||||
{0xE0,0xE0,0xE0,0xE0,0xF1,0xF1,0xF1,0xF1},
|
||||
{0x01,0xFE,0x01,0xFE,0x01,0xFE,0x01,0xFE}, /* semi-weak keys */
|
||||
{0xFE,0x01,0xFE,0x01,0xFE,0x01,0xFE,0x01},
|
||||
{0x1F,0xE0,0x1F,0xE0,0x0E,0xF1,0x0E,0xF1},
|
||||
{0xE0,0x1F,0xE0,0x1F,0xF1,0x0E,0xF1,0x0E},
|
||||
{0x01,0xE0,0x01,0xE0,0x01,0xF1,0x01,0xF1},
|
||||
{0xE0,0x01,0xE0,0x01,0xF1,0x01,0xF1,0x01},
|
||||
{0x1F,0xFE,0x1F,0xFE,0x0E,0xFE,0x0E,0xFE},
|
||||
{0xFE,0x1F,0xFE,0x1F,0xFE,0x0E,0xFE,0x0E},
|
||||
{0x01,0x1F,0x01,0x1F,0x01,0x0E,0x01,0x0E},
|
||||
{0x1F,0x01,0x1F,0x01,0x0E,0x01,0x0E,0x01},
|
||||
{0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1,0xFE},
|
||||
{0xFE,0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1}
|
||||
};
|
||||
|
||||
int
|
||||
DES_is_weak_key(DES_cblock *key)
|
||||
{
|
||||
int i;
|
||||
|
||||
for (i = 0; i < sizeof(weak_keys)/sizeof(weak_keys[0]); i++) {
|
||||
if (memcmp(weak_keys[i], key, DES_CBLOCK_LEN) == 0)
|
||||
return 1;
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
int
|
||||
DES_set_key(DES_cblock *key, DES_key_schedule *ks)
|
||||
{
|
||||
uint32_t t1, t2;
|
||||
uint32_t c, d;
|
||||
int shifts[16] = { 1, 1, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 1 };
|
||||
uint32_t *k = &ks->ks[0];
|
||||
int i;
|
||||
|
||||
t1 = (*key)[0] << 24 | (*key)[1] << 16 | (*key)[2] << 8 | (*key)[3];
|
||||
t2 = (*key)[4] << 24 | (*key)[5] << 16 | (*key)[6] << 8 | (*key)[7];
|
||||
|
||||
c = (pc1_c_3[(t1 >> (5 )) & 0x7] << 3)
|
||||
| (pc1_c_3[(t1 >> (5 + 8 )) & 0x7] << 2)
|
||||
| (pc1_c_3[(t1 >> (5 + 8 + 8 )) & 0x7] << 1)
|
||||
| (pc1_c_3[(t1 >> (5 + 8 + 8 + 8)) & 0x7] << 0)
|
||||
| (pc1_c_4[(t2 >> (4 )) & 0xf] << 3)
|
||||
| (pc1_c_4[(t2 >> (4 + 8 )) & 0xf] << 2)
|
||||
| (pc1_c_4[(t2 >> (4 + 8 + 8 )) & 0xf] << 1)
|
||||
| (pc1_c_4[(t2 >> (4 + 8 + 8 + 8)) & 0xf] << 0);
|
||||
|
||||
|
||||
d = (pc1_d_3[(t2 >> (1 )) & 0x7] << 3)
|
||||
| (pc1_d_3[(t2 >> (1 + 8 )) & 0x7] << 2)
|
||||
| (pc1_d_3[(t2 >> (1 + 8 + 8 )) & 0x7] << 1)
|
||||
| (pc1_d_3[(t2 >> (1 + 8 + 8 + 8)) & 0x7] << 0)
|
||||
| (pc1_d_4[(t1 >> (1 )) & 0xf] << 3)
|
||||
| (pc1_d_4[(t1 >> (1 + 8 )) & 0xf] << 2)
|
||||
| (pc1_d_4[(t1 >> (1 + 8 + 8 )) & 0xf] << 1)
|
||||
| (pc1_d_4[(t1 >> (1 + 8 + 8 + 8)) & 0xf] << 0);
|
||||
|
||||
for (i = 0; i < 16; i++) {
|
||||
uint32_t kc, kd;
|
||||
|
||||
ROTATE_LEFT28(c, shifts[i]);
|
||||
ROTATE_LEFT28(d, shifts[i]);
|
||||
|
||||
kc = pc2_c_1[(c >> 22) & 0x3f] |
|
||||
pc2_c_2[((c >> 16) & 0x30) | ((c >> 15) & 0xf)] |
|
||||
pc2_c_3[((c >> 9 ) & 0x3c) | ((c >> 8 ) & 0x3)] |
|
||||
pc2_c_4[((c >> 2 ) & 0x20) | ((c >> 1) & 0x18) | (c & 0x7)];
|
||||
kd = pc2_d_1[(d >> 22) & 0x3f] |
|
||||
pc2_d_2[((d >> 15) & 0x30) | ((d >> 14) & 0xf)] |
|
||||
pc2_d_3[ (d >> 7 ) & 0x3f] |
|
||||
pc2_d_4[((d >> 1 ) & 0x3c) | ((d ) & 0x3)];
|
||||
|
||||
/* Change to byte order used by the S boxes */
|
||||
*k = (kc & 0x00fc0000L) << 6;
|
||||
*k |= (kc & 0x00000fc0L) << 10;
|
||||
*k |= (kd & 0x00fc0000L) >> 10;
|
||||
*k++ |= (kd & 0x00000fc0L) >> 6;
|
||||
*k = (kc & 0x0003f000L) << 12;
|
||||
*k |= (kc & 0x0000003fL) << 16;
|
||||
*k |= (kd & 0x0003f000L) >> 4;
|
||||
*k++ |= (kd & 0x0000003fL);
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
int
|
||||
DES_set_key_checked(DES_cblock *key, DES_key_schedule *ks)
|
||||
{
|
||||
if (DES_is_weak_key(key)) {
|
||||
memset(ks, 0, sizeof(*ks));
|
||||
return 1;
|
||||
}
|
||||
return DES_set_key(key, ks);
|
||||
}
|
||||
|
||||
/*
|
||||
* Compatibility function for eay libdes
|
||||
*/
|
||||
|
||||
int
|
||||
DES_key_sched(DES_cblock *key, DES_key_schedule *ks)
|
||||
{
|
||||
return DES_set_key(key, ks);
|
||||
}
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
static void
|
||||
load(const unsigned char *b, uint32_t v[2])
|
||||
{
|
||||
v[0] = b[0] << 24;
|
||||
v[0] |= b[1] << 16;
|
||||
v[0] |= b[2] << 8;
|
||||
v[0] |= b[3] << 0;
|
||||
v[1] = b[4] << 24;
|
||||
v[1] |= b[5] << 16;
|
||||
v[1] |= b[6] << 8;
|
||||
v[1] |= b[7] << 0;
|
||||
}
|
||||
|
||||
static void
|
||||
store(const uint32_t v[2], unsigned char *b)
|
||||
{
|
||||
b[0] = (v[0] >> 24) & 0xff;
|
||||
b[1] = (v[0] >> 16) & 0xff;
|
||||
b[2] = (v[0] >> 8) & 0xff;
|
||||
b[3] = (v[0] >> 0) & 0xff;
|
||||
b[4] = (v[1] >> 24) & 0xff;
|
||||
b[5] = (v[1] >> 16) & 0xff;
|
||||
b[6] = (v[1] >> 8) & 0xff;
|
||||
b[7] = (v[1] >> 0) & 0xff;
|
||||
}
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
void
|
||||
DES_encrypt(uint32_t u[2], DES_key_schedule *ks, int forward_encrypt)
|
||||
{
|
||||
IP(u);
|
||||
desx(u, ks, forward_encrypt);
|
||||
FP(u);
|
||||
}
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
void
|
||||
DES_ecb_encrypt(DES_cblock *input, DES_cblock *output,
|
||||
DES_key_schedule *ks, int forward_encrypt)
|
||||
{
|
||||
uint32_t u[2];
|
||||
load(*input, u);
|
||||
DES_encrypt(u, ks, forward_encrypt);
|
||||
store(u, *output);
|
||||
}
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
void
|
||||
DES_cbc_encrypt(const void *in, void *out, long length,
|
||||
DES_key_schedule *ks, DES_cblock *iv, int forward_encrypt)
|
||||
{
|
||||
const unsigned char *input = in;
|
||||
unsigned char *output = out;
|
||||
uint32_t u[2];
|
||||
uint32_t uiv[2];
|
||||
|
||||
load(*iv, uiv);
|
||||
|
||||
if (forward_encrypt) {
|
||||
while (length >= DES_CBLOCK_LEN) {
|
||||
load(input, u);
|
||||
u[0] ^= uiv[0]; u[1] ^= uiv[1];
|
||||
DES_encrypt(u, ks, 1);
|
||||
uiv[0] = u[0]; uiv[1] = u[1];
|
||||
store(u, output);
|
||||
|
||||
length -= DES_CBLOCK_LEN;
|
||||
input += DES_CBLOCK_LEN;
|
||||
output += DES_CBLOCK_LEN;
|
||||
}
|
||||
if (length) {
|
||||
unsigned char tmp[DES_CBLOCK_LEN];
|
||||
memcpy(tmp, input, length);
|
||||
memset(tmp + length, 0, DES_CBLOCK_LEN - length);
|
||||
load(tmp, u);
|
||||
u[0] ^= uiv[0]; u[1] ^= uiv[1];
|
||||
DES_encrypt(u, ks, 1);
|
||||
store(u, output);
|
||||
}
|
||||
} else {
|
||||
uint32_t t[2];
|
||||
while (length >= DES_CBLOCK_LEN) {
|
||||
load(input, u);
|
||||
t[0] = u[0]; t[1] = u[1];
|
||||
DES_encrypt(u, ks, 0);
|
||||
u[0] ^= uiv[0]; u[1] ^= uiv[1];
|
||||
store(u, output);
|
||||
uiv[0] = t[0]; uiv[1] = t[1];
|
||||
|
||||
length -= DES_CBLOCK_LEN;
|
||||
input += DES_CBLOCK_LEN;
|
||||
output += DES_CBLOCK_LEN;
|
||||
}
|
||||
if (length) {
|
||||
unsigned char tmp[DES_CBLOCK_LEN];
|
||||
memcpy(tmp, input, length);
|
||||
memset(tmp + length, 0, DES_CBLOCK_LEN - length);
|
||||
load(tmp, u);
|
||||
DES_encrypt(u, ks, 0);
|
||||
u[0] ^= uiv[0]; u[1] ^= uiv[1];
|
||||
store(u, output);
|
||||
}
|
||||
}
|
||||
uiv[0] = 0; u[0] = 0; uiv[1] = 0; u[1] = 0;
|
||||
}
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
void
|
||||
DES_pcbc_encrypt(const void *in, void *out, long length,
|
||||
DES_key_schedule *ks, DES_cblock *iv, int forward_encrypt)
|
||||
{
|
||||
const unsigned char *input = in;
|
||||
unsigned char *output = out;
|
||||
uint32_t u[2];
|
||||
uint32_t uiv[2];
|
||||
|
||||
load(*iv, uiv);
|
||||
|
||||
if (forward_encrypt) {
|
||||
uint32_t t[2];
|
||||
while (length >= DES_CBLOCK_LEN) {
|
||||
load(input, u);
|
||||
t[0] = u[0]; t[1] = u[1];
|
||||
u[0] ^= uiv[0]; u[1] ^= uiv[1];
|
||||
DES_encrypt(u, ks, 1);
|
||||
uiv[0] = u[0] ^ t[0]; uiv[1] = u[1] ^ t[1];
|
||||
store(u, output);
|
||||
|
||||
length -= DES_CBLOCK_LEN;
|
||||
input += DES_CBLOCK_LEN;
|
||||
output += DES_CBLOCK_LEN;
|
||||
}
|
||||
if (length) {
|
||||
unsigned char tmp[DES_CBLOCK_LEN];
|
||||
memcpy(tmp, input, length);
|
||||
memset(tmp + length, 0, DES_CBLOCK_LEN - length);
|
||||
load(tmp, u);
|
||||
u[0] ^= uiv[0]; u[1] ^= uiv[1];
|
||||
DES_encrypt(u, ks, 1);
|
||||
store(u, output);
|
||||
}
|
||||
} else {
|
||||
uint32_t t[2];
|
||||
while (length >= DES_CBLOCK_LEN) {
|
||||
load(input, u);
|
||||
t[0] = u[0]; t[1] = u[1];
|
||||
DES_encrypt(u, ks, 0);
|
||||
u[0] ^= uiv[0]; u[1] ^= uiv[1];
|
||||
store(u, output);
|
||||
uiv[0] = t[0] ^ u[0]; uiv[1] = t[1] ^ u[1];
|
||||
|
||||
length -= DES_CBLOCK_LEN;
|
||||
input += DES_CBLOCK_LEN;
|
||||
output += DES_CBLOCK_LEN;
|
||||
}
|
||||
if (length) {
|
||||
unsigned char tmp[DES_CBLOCK_LEN];
|
||||
memcpy(tmp, input, length);
|
||||
memset(tmp + length, 0, DES_CBLOCK_LEN - length);
|
||||
load(tmp, u);
|
||||
DES_encrypt(u, ks, 0);
|
||||
u[0] ^= uiv[0]; u[1] ^= uiv[1];
|
||||
}
|
||||
}
|
||||
uiv[0] = 0; u[0] = 0; uiv[1] = 0; u[1] = 0;
|
||||
}
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
static void
|
||||
_des3_encrypt(uint32_t u[2], DES_key_schedule *ks1, DES_key_schedule *ks2,
|
||||
DES_key_schedule *ks3, int forward_encrypt)
|
||||
{
|
||||
IP(u);
|
||||
if (forward_encrypt) {
|
||||
desx(u, ks1, 1); /* IP + FP cancel out each other */
|
||||
desx(u, ks2, 0);
|
||||
desx(u, ks3, 1);
|
||||
} else {
|
||||
desx(u, ks3, 0);
|
||||
desx(u, ks2, 1);
|
||||
desx(u, ks1, 0);
|
||||
}
|
||||
FP(u);
|
||||
}
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
void
|
||||
DES_ecb3_encrypt(DES_cblock *input,
|
||||
DES_cblock *output,
|
||||
DES_key_schedule *ks1,
|
||||
DES_key_schedule *ks2,
|
||||
DES_key_schedule *ks3,
|
||||
int forward_encrypt)
|
||||
{
|
||||
uint32_t u[2];
|
||||
load(*input, u);
|
||||
_des3_encrypt(u, ks1, ks2, ks3, forward_encrypt);
|
||||
store(u, *output);
|
||||
return;
|
||||
}
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
void
|
||||
DES_ede3_cbc_encrypt(const void *in, void *out,
|
||||
long length, DES_key_schedule *ks1,
|
||||
DES_key_schedule *ks2, DES_key_schedule *ks3,
|
||||
DES_cblock *iv, int forward_encrypt)
|
||||
{
|
||||
const unsigned char *input = in;
|
||||
unsigned char *output = out;
|
||||
uint32_t u[2];
|
||||
uint32_t uiv[2];
|
||||
|
||||
load(*iv, uiv);
|
||||
|
||||
if (forward_encrypt) {
|
||||
while (length >= DES_CBLOCK_LEN) {
|
||||
load(input, u);
|
||||
u[0] ^= uiv[0]; u[1] ^= uiv[1];
|
||||
_des3_encrypt(u, ks1, ks2, ks3, 1);
|
||||
uiv[0] = u[0]; uiv[1] = u[1];
|
||||
store(u, output);
|
||||
|
||||
length -= DES_CBLOCK_LEN;
|
||||
input += DES_CBLOCK_LEN;
|
||||
output += DES_CBLOCK_LEN;
|
||||
}
|
||||
if (length) {
|
||||
unsigned char tmp[DES_CBLOCK_LEN];
|
||||
memcpy(tmp, input, length);
|
||||
memset(tmp + length, 0, DES_CBLOCK_LEN - length);
|
||||
load(tmp, u);
|
||||
u[0] ^= uiv[0]; u[1] ^= uiv[1];
|
||||
_des3_encrypt(u, ks1, ks2, ks3, 1);
|
||||
store(u, output);
|
||||
}
|
||||
} else {
|
||||
uint32_t t[2];
|
||||
while (length >= DES_CBLOCK_LEN) {
|
||||
load(input, u);
|
||||
t[0] = u[0]; t[1] = u[1];
|
||||
_des3_encrypt(u, ks1, ks2, ks3, 0);
|
||||
u[0] ^= uiv[0]; u[1] ^= uiv[1];
|
||||
store(u, output);
|
||||
uiv[0] = t[0]; uiv[1] = t[1];
|
||||
|
||||
length -= DES_CBLOCK_LEN;
|
||||
input += DES_CBLOCK_LEN;
|
||||
output += DES_CBLOCK_LEN;
|
||||
}
|
||||
if (length) {
|
||||
unsigned char tmp[DES_CBLOCK_LEN];
|
||||
memcpy(tmp, input, length);
|
||||
memset(tmp + length, 0, DES_CBLOCK_LEN - length);
|
||||
load(tmp, u);
|
||||
_des3_encrypt(u, ks1, ks2, ks3, 0);
|
||||
u[0] ^= uiv[0]; u[1] ^= uiv[1];
|
||||
store(u, output);
|
||||
}
|
||||
}
|
||||
store(uiv, *iv);
|
||||
uiv[0] = 0; u[0] = 0; uiv[1] = 0; u[1] = 0;
|
||||
}
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
void
|
||||
DES_cfb64_encrypt(const void *in, void *out,
|
||||
long length, DES_key_schedule *ks, DES_cblock *iv,
|
||||
int *num, int forward_encrypt)
|
||||
{
|
||||
const unsigned char *input = in;
|
||||
unsigned char *output = out;
|
||||
unsigned char tmp[DES_CBLOCK_LEN];
|
||||
uint32_t uiv[2];
|
||||
|
||||
load(*iv, uiv);
|
||||
|
||||
assert(*num >= 0 && *num < DES_CBLOCK_LEN);
|
||||
|
||||
if (forward_encrypt) {
|
||||
int i = *num;
|
||||
|
||||
while (length > 0) {
|
||||
if (i == 0)
|
||||
DES_encrypt(uiv, ks, 1);
|
||||
store(uiv, tmp);
|
||||
for (; i < DES_CBLOCK_LEN && i < length; i++) {
|
||||
output[i] = tmp[i] ^ input[i];
|
||||
}
|
||||
if (i == DES_CBLOCK_LEN)
|
||||
load(output, uiv);
|
||||
output += i;
|
||||
input += i;
|
||||
length -= i;
|
||||
if (i == DES_CBLOCK_LEN)
|
||||
i = 0;
|
||||
}
|
||||
store(uiv, *iv);
|
||||
*num = i;
|
||||
} else {
|
||||
int i = *num;
|
||||
unsigned char c;
|
||||
|
||||
while (length > 0) {
|
||||
if (i == 0) {
|
||||
DES_encrypt(uiv, ks, 1);
|
||||
store(uiv, tmp);
|
||||
}
|
||||
for (; i < DES_CBLOCK_LEN && i < length; i++) {
|
||||
c = input[i];
|
||||
output[i] = tmp[i] ^ input[i];
|
||||
(*iv)[i] = c;
|
||||
}
|
||||
output += i;
|
||||
input += i;
|
||||
length -= i;
|
||||
if (i == DES_CBLOCK_LEN) {
|
||||
i = 0;
|
||||
load(*iv, uiv);
|
||||
}
|
||||
}
|
||||
store(uiv, *iv);
|
||||
*num = i;
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
uint32_t
|
||||
DES_cbc_cksum(const void *in, DES_cblock *output,
|
||||
long length, DES_key_schedule *ks, DES_cblock *iv)
|
||||
{
|
||||
const unsigned char *input = in;
|
||||
uint32_t uiv[2];
|
||||
uint32_t u[2] = { 0, 0 };
|
||||
|
||||
load(*iv, uiv);
|
||||
|
||||
while (length >= DES_CBLOCK_LEN) {
|
||||
load(input, u);
|
||||
u[0] ^= uiv[0]; u[1] ^= uiv[1];
|
||||
DES_encrypt(u, ks, 1);
|
||||
uiv[0] = u[0]; uiv[1] = u[1];
|
||||
|
||||
length -= DES_CBLOCK_LEN;
|
||||
input += DES_CBLOCK_LEN;
|
||||
}
|
||||
if (length) {
|
||||
unsigned char tmp[DES_CBLOCK_LEN];
|
||||
memcpy(tmp, input, length);
|
||||
memset(tmp + length, 0, DES_CBLOCK_LEN - length);
|
||||
load(tmp, u);
|
||||
u[0] ^= uiv[0]; u[1] ^= uiv[1];
|
||||
DES_encrypt(u, ks, 1);
|
||||
}
|
||||
if (output)
|
||||
store(u, *output);
|
||||
|
||||
uiv[0] = 0; u[0] = 0; uiv[1] = 0;
|
||||
return u[1];
|
||||
}
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
static unsigned char
|
||||
bitswap8(unsigned char b)
|
||||
{
|
||||
unsigned char r = 0;
|
||||
int i;
|
||||
for (i = 0; i < 8; i++) {
|
||||
r = r << 1 | (b & 1);
|
||||
b = b >> 1;
|
||||
}
|
||||
return r;
|
||||
}
|
||||
|
||||
void
|
||||
DES_string_to_key(const char *str, DES_cblock *key)
|
||||
{
|
||||
const unsigned char *s;
|
||||
unsigned char *k;
|
||||
DES_key_schedule ks;
|
||||
size_t i, len;
|
||||
|
||||
memset(key, 0, sizeof(*key));
|
||||
k = *key;
|
||||
s = (const unsigned char *)str;
|
||||
|
||||
len = strlen(str);
|
||||
for (i = 0; i < len; i++) {
|
||||
if ((i % 16) < 8)
|
||||
k[i % 8] ^= s[i] << 1;
|
||||
else
|
||||
k[7 - (i % 8)] ^= bitswap8(s[i]);
|
||||
}
|
||||
DES_set_odd_parity(key);
|
||||
if (DES_is_weak_key(key))
|
||||
k[7] ^= 0xF0;
|
||||
DES_set_key(key, &ks);
|
||||
DES_cbc_cksum(s, key, len, &ks, key);
|
||||
memset(&ks, 0, sizeof(ks));
|
||||
DES_set_odd_parity(key);
|
||||
if (DES_is_weak_key(key))
|
||||
k[7] ^= 0xF0;
|
||||
}
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
int
|
||||
DES_read_password(DES_cblock *key, char *prompt, int verify)
|
||||
{
|
||||
char buf[512];
|
||||
int ret;
|
||||
|
||||
ret = UI_UTIL_read_pw_string(buf, sizeof(buf) - 1, prompt, verify);
|
||||
if (ret == 0)
|
||||
DES_string_to_key(buf, key);
|
||||
return ret;
|
||||
}
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
void
|
||||
_DES_ipfp_test(void)
|
||||
{
|
||||
DES_cblock k = "\x01\x02\x04\x08\x10\x20\x40\x80", k2;
|
||||
uint32_t u[2] = { 1, 0 };
|
||||
IP(u);
|
||||
FP(u);
|
||||
IP(u);
|
||||
FP(u);
|
||||
if (u[0] != 1 || u[1] != 0)
|
||||
abort();
|
||||
|
||||
load(k, u);
|
||||
store(u, k2);
|
||||
if (memcmp(k, k2, 8) != 0)
|
||||
abort();
|
||||
}
|
||||
|
||||
/* D3DES (V5.09) -
|
||||
*
|
||||
* A portable, public domain, version of the Data Encryption Standard.
|
||||
*
|
||||
* Written with Symantec's THINK (Lightspeed) C by Richard Outerbridge.
|
||||
* Thanks to: Dan Hoey for his excellent Initial and Inverse permutation
|
||||
* code; Jim Gillogly & Phil Karn for the DES key schedule code; Dennis
|
||||
* Ferguson, Eric Young and Dana How for comparing notes; and Ray Lau,
|
||||
* for humouring me on.
|
||||
*
|
||||
* Copyright (c) 1988,1989,1990,1991,1992 by Richard Outerbridge.
|
||||
* (GEnie : OUTER; CIS : [71755,204]) Graven Imagery, 1992.
|
||||
*/
|
||||
|
||||
static uint32_t SP1[64] = {
|
||||
0x01010400L, 0x00000000L, 0x00010000L, 0x01010404L,
|
||||
0x01010004L, 0x00010404L, 0x00000004L, 0x00010000L,
|
||||
0x00000400L, 0x01010400L, 0x01010404L, 0x00000400L,
|
||||
0x01000404L, 0x01010004L, 0x01000000L, 0x00000004L,
|
||||
0x00000404L, 0x01000400L, 0x01000400L, 0x00010400L,
|
||||
0x00010400L, 0x01010000L, 0x01010000L, 0x01000404L,
|
||||
0x00010004L, 0x01000004L, 0x01000004L, 0x00010004L,
|
||||
0x00000000L, 0x00000404L, 0x00010404L, 0x01000000L,
|
||||
0x00010000L, 0x01010404L, 0x00000004L, 0x01010000L,
|
||||
0x01010400L, 0x01000000L, 0x01000000L, 0x00000400L,
|
||||
0x01010004L, 0x00010000L, 0x00010400L, 0x01000004L,
|
||||
0x00000400L, 0x00000004L, 0x01000404L, 0x00010404L,
|
||||
0x01010404L, 0x00010004L, 0x01010000L, 0x01000404L,
|
||||
0x01000004L, 0x00000404L, 0x00010404L, 0x01010400L,
|
||||
0x00000404L, 0x01000400L, 0x01000400L, 0x00000000L,
|
||||
0x00010004L, 0x00010400L, 0x00000000L, 0x01010004L };
|
||||
|
||||
static uint32_t SP2[64] = {
|
||||
0x80108020L, 0x80008000L, 0x00008000L, 0x00108020L,
|
||||
0x00100000L, 0x00000020L, 0x80100020L, 0x80008020L,
|
||||
0x80000020L, 0x80108020L, 0x80108000L, 0x80000000L,
|
||||
0x80008000L, 0x00100000L, 0x00000020L, 0x80100020L,
|
||||
0x00108000L, 0x00100020L, 0x80008020L, 0x00000000L,
|
||||
0x80000000L, 0x00008000L, 0x00108020L, 0x80100000L,
|
||||
0x00100020L, 0x80000020L, 0x00000000L, 0x00108000L,
|
||||
0x00008020L, 0x80108000L, 0x80100000L, 0x00008020L,
|
||||
0x00000000L, 0x00108020L, 0x80100020L, 0x00100000L,
|
||||
0x80008020L, 0x80100000L, 0x80108000L, 0x00008000L,
|
||||
0x80100000L, 0x80008000L, 0x00000020L, 0x80108020L,
|
||||
0x00108020L, 0x00000020L, 0x00008000L, 0x80000000L,
|
||||
0x00008020L, 0x80108000L, 0x00100000L, 0x80000020L,
|
||||
0x00100020L, 0x80008020L, 0x80000020L, 0x00100020L,
|
||||
0x00108000L, 0x00000000L, 0x80008000L, 0x00008020L,
|
||||
0x80000000L, 0x80100020L, 0x80108020L, 0x00108000L };
|
||||
|
||||
static uint32_t SP3[64] = {
|
||||
0x00000208L, 0x08020200L, 0x00000000L, 0x08020008L,
|
||||
0x08000200L, 0x00000000L, 0x00020208L, 0x08000200L,
|
||||
0x00020008L, 0x08000008L, 0x08000008L, 0x00020000L,
|
||||
0x08020208L, 0x00020008L, 0x08020000L, 0x00000208L,
|
||||
0x08000000L, 0x00000008L, 0x08020200L, 0x00000200L,
|
||||
0x00020200L, 0x08020000L, 0x08020008L, 0x00020208L,
|
||||
0x08000208L, 0x00020200L, 0x00020000L, 0x08000208L,
|
||||
0x00000008L, 0x08020208L, 0x00000200L, 0x08000000L,
|
||||
0x08020200L, 0x08000000L, 0x00020008L, 0x00000208L,
|
||||
0x00020000L, 0x08020200L, 0x08000200L, 0x00000000L,
|
||||
0x00000200L, 0x00020008L, 0x08020208L, 0x08000200L,
|
||||
0x08000008L, 0x00000200L, 0x00000000L, 0x08020008L,
|
||||
0x08000208L, 0x00020000L, 0x08000000L, 0x08020208L,
|
||||
0x00000008L, 0x00020208L, 0x00020200L, 0x08000008L,
|
||||
0x08020000L, 0x08000208L, 0x00000208L, 0x08020000L,
|
||||
0x00020208L, 0x00000008L, 0x08020008L, 0x00020200L };
|
||||
|
||||
static uint32_t SP4[64] = {
|
||||
0x00802001L, 0x00002081L, 0x00002081L, 0x00000080L,
|
||||
0x00802080L, 0x00800081L, 0x00800001L, 0x00002001L,
|
||||
0x00000000L, 0x00802000L, 0x00802000L, 0x00802081L,
|
||||
0x00000081L, 0x00000000L, 0x00800080L, 0x00800001L,
|
||||
0x00000001L, 0x00002000L, 0x00800000L, 0x00802001L,
|
||||
0x00000080L, 0x00800000L, 0x00002001L, 0x00002080L,
|
||||
0x00800081L, 0x00000001L, 0x00002080L, 0x00800080L,
|
||||
0x00002000L, 0x00802080L, 0x00802081L, 0x00000081L,
|
||||
0x00800080L, 0x00800001L, 0x00802000L, 0x00802081L,
|
||||
0x00000081L, 0x00000000L, 0x00000000L, 0x00802000L,
|
||||
0x00002080L, 0x00800080L, 0x00800081L, 0x00000001L,
|
||||
0x00802001L, 0x00002081L, 0x00002081L, 0x00000080L,
|
||||
0x00802081L, 0x00000081L, 0x00000001L, 0x00002000L,
|
||||
0x00800001L, 0x00002001L, 0x00802080L, 0x00800081L,
|
||||
0x00002001L, 0x00002080L, 0x00800000L, 0x00802001L,
|
||||
0x00000080L, 0x00800000L, 0x00002000L, 0x00802080L };
|
||||
|
||||
static uint32_t SP5[64] = {
|
||||
0x00000100L, 0x02080100L, 0x02080000L, 0x42000100L,
|
||||
0x00080000L, 0x00000100L, 0x40000000L, 0x02080000L,
|
||||
0x40080100L, 0x00080000L, 0x02000100L, 0x40080100L,
|
||||
0x42000100L, 0x42080000L, 0x00080100L, 0x40000000L,
|
||||
0x02000000L, 0x40080000L, 0x40080000L, 0x00000000L,
|
||||
0x40000100L, 0x42080100L, 0x42080100L, 0x02000100L,
|
||||
0x42080000L, 0x40000100L, 0x00000000L, 0x42000000L,
|
||||
0x02080100L, 0x02000000L, 0x42000000L, 0x00080100L,
|
||||
0x00080000L, 0x42000100L, 0x00000100L, 0x02000000L,
|
||||
0x40000000L, 0x02080000L, 0x42000100L, 0x40080100L,
|
||||
0x02000100L, 0x40000000L, 0x42080000L, 0x02080100L,
|
||||
0x40080100L, 0x00000100L, 0x02000000L, 0x42080000L,
|
||||
0x42080100L, 0x00080100L, 0x42000000L, 0x42080100L,
|
||||
0x02080000L, 0x00000000L, 0x40080000L, 0x42000000L,
|
||||
0x00080100L, 0x02000100L, 0x40000100L, 0x00080000L,
|
||||
0x00000000L, 0x40080000L, 0x02080100L, 0x40000100L };
|
||||
|
||||
static uint32_t SP6[64] = {
|
||||
0x20000010L, 0x20400000L, 0x00004000L, 0x20404010L,
|
||||
0x20400000L, 0x00000010L, 0x20404010L, 0x00400000L,
|
||||
0x20004000L, 0x00404010L, 0x00400000L, 0x20000010L,
|
||||
0x00400010L, 0x20004000L, 0x20000000L, 0x00004010L,
|
||||
0x00000000L, 0x00400010L, 0x20004010L, 0x00004000L,
|
||||
0x00404000L, 0x20004010L, 0x00000010L, 0x20400010L,
|
||||
0x20400010L, 0x00000000L, 0x00404010L, 0x20404000L,
|
||||
0x00004010L, 0x00404000L, 0x20404000L, 0x20000000L,
|
||||
0x20004000L, 0x00000010L, 0x20400010L, 0x00404000L,
|
||||
0x20404010L, 0x00400000L, 0x00004010L, 0x20000010L,
|
||||
0x00400000L, 0x20004000L, 0x20000000L, 0x00004010L,
|
||||
0x20000010L, 0x20404010L, 0x00404000L, 0x20400000L,
|
||||
0x00404010L, 0x20404000L, 0x00000000L, 0x20400010L,
|
||||
0x00000010L, 0x00004000L, 0x20400000L, 0x00404010L,
|
||||
0x00004000L, 0x00400010L, 0x20004010L, 0x00000000L,
|
||||
0x20404000L, 0x20000000L, 0x00400010L, 0x20004010L };
|
||||
|
||||
static uint32_t SP7[64] = {
|
||||
0x00200000L, 0x04200002L, 0x04000802L, 0x00000000L,
|
||||
0x00000800L, 0x04000802L, 0x00200802L, 0x04200800L,
|
||||
0x04200802L, 0x00200000L, 0x00000000L, 0x04000002L,
|
||||
0x00000002L, 0x04000000L, 0x04200002L, 0x00000802L,
|
||||
0x04000800L, 0x00200802L, 0x00200002L, 0x04000800L,
|
||||
0x04000002L, 0x04200000L, 0x04200800L, 0x00200002L,
|
||||
0x04200000L, 0x00000800L, 0x00000802L, 0x04200802L,
|
||||
0x00200800L, 0x00000002L, 0x04000000L, 0x00200800L,
|
||||
0x04000000L, 0x00200800L, 0x00200000L, 0x04000802L,
|
||||
0x04000802L, 0x04200002L, 0x04200002L, 0x00000002L,
|
||||
0x00200002L, 0x04000000L, 0x04000800L, 0x00200000L,
|
||||
0x04200800L, 0x00000802L, 0x00200802L, 0x04200800L,
|
||||
0x00000802L, 0x04000002L, 0x04200802L, 0x04200000L,
|
||||
0x00200800L, 0x00000000L, 0x00000002L, 0x04200802L,
|
||||
0x00000000L, 0x00200802L, 0x04200000L, 0x00000800L,
|
||||
0x04000002L, 0x04000800L, 0x00000800L, 0x00200002L };
|
||||
|
||||
static uint32_t SP8[64] = {
|
||||
0x10001040L, 0x00001000L, 0x00040000L, 0x10041040L,
|
||||
0x10000000L, 0x10001040L, 0x00000040L, 0x10000000L,
|
||||
0x00040040L, 0x10040000L, 0x10041040L, 0x00041000L,
|
||||
0x10041000L, 0x00041040L, 0x00001000L, 0x00000040L,
|
||||
0x10040000L, 0x10000040L, 0x10001000L, 0x00001040L,
|
||||
0x00041000L, 0x00040040L, 0x10040040L, 0x10041000L,
|
||||
0x00001040L, 0x00000000L, 0x00000000L, 0x10040040L,
|
||||
0x10000040L, 0x10001000L, 0x00041040L, 0x00040000L,
|
||||
0x00041040L, 0x00040000L, 0x10041000L, 0x00001000L,
|
||||
0x00000040L, 0x10040040L, 0x00001000L, 0x00041040L,
|
||||
0x10001000L, 0x00000040L, 0x10000040L, 0x10040000L,
|
||||
0x10040040L, 0x10000000L, 0x00040000L, 0x10001040L,
|
||||
0x00000000L, 0x10041040L, 0x00040040L, 0x10000040L,
|
||||
0x10040000L, 0x10001000L, 0x10001040L, 0x00000000L,
|
||||
0x10041040L, 0x00041000L, 0x00041000L, 0x00001040L,
|
||||
0x00001040L, 0x00040040L, 0x10000000L, 0x10041000L };
|
||||
|
||||
static void
|
||||
IP(uint32_t v[2])
|
||||
{
|
||||
uint32_t work;
|
||||
|
||||
work = ((v[0] >> 4) ^ v[1]) & 0x0f0f0f0fL;
|
||||
v[1] ^= work;
|
||||
v[0] ^= (work << 4);
|
||||
work = ((v[0] >> 16) ^ v[1]) & 0x0000ffffL;
|
||||
v[1] ^= work;
|
||||
v[0] ^= (work << 16);
|
||||
work = ((v[1] >> 2) ^ v[0]) & 0x33333333L;
|
||||
v[0] ^= work;
|
||||
v[1] ^= (work << 2);
|
||||
work = ((v[1] >> 8) ^ v[0]) & 0x00ff00ffL;
|
||||
v[0] ^= work;
|
||||
v[1] ^= (work << 8);
|
||||
v[1] = ((v[1] << 1) | ((v[1] >> 31) & 1L)) & 0xffffffffL;
|
||||
work = (v[0] ^ v[1]) & 0xaaaaaaaaL;
|
||||
v[0] ^= work;
|
||||
v[1] ^= work;
|
||||
v[0] = ((v[0] << 1) | ((v[0] >> 31) & 1L)) & 0xffffffffL;
|
||||
}
|
||||
|
||||
static void
|
||||
FP(uint32_t v[2])
|
||||
{
|
||||
uint32_t work;
|
||||
|
||||
v[0] = (v[0] << 31) | (v[0] >> 1);
|
||||
work = (v[1] ^ v[0]) & 0xaaaaaaaaL;
|
||||
v[1] ^= work;
|
||||
v[0] ^= work;
|
||||
v[1] = (v[1] << 31) | (v[1] >> 1);
|
||||
work = ((v[1] >> 8) ^ v[0]) & 0x00ff00ffL;
|
||||
v[0] ^= work;
|
||||
v[1] ^= (work << 8);
|
||||
work = ((v[1] >> 2) ^ v[0]) & 0x33333333L;
|
||||
v[0] ^= work;
|
||||
v[1] ^= (work << 2);
|
||||
work = ((v[0] >> 16) ^ v[1]) & 0x0000ffffL;
|
||||
v[1] ^= work;
|
||||
v[0] ^= (work << 16);
|
||||
work = ((v[0] >> 4) ^ v[1]) & 0x0f0f0f0fL;
|
||||
v[1] ^= work;
|
||||
v[0] ^= (work << 4);
|
||||
}
|
||||
|
||||
static void
|
||||
desx(uint32_t block[2], DES_key_schedule *ks, int forward_encrypt)
|
||||
{
|
||||
uint32_t *keys;
|
||||
uint32_t fval, work, right, left;
|
||||
int round;
|
||||
|
||||
left = block[0];
|
||||
right = block[1];
|
||||
|
||||
if (forward_encrypt) {
|
||||
keys = &ks->ks[0];
|
||||
|
||||
for( round = 0; round < 8; round++ ) {
|
||||
work = (right << 28) | (right >> 4);
|
||||
work ^= *keys++;
|
||||
fval = SP7[ work & 0x3fL];
|
||||
fval |= SP5[(work >> 8) & 0x3fL];
|
||||
fval |= SP3[(work >> 16) & 0x3fL];
|
||||
fval |= SP1[(work >> 24) & 0x3fL];
|
||||
work = right ^ *keys++;
|
||||
fval |= SP8[ work & 0x3fL];
|
||||
fval |= SP6[(work >> 8) & 0x3fL];
|
||||
fval |= SP4[(work >> 16) & 0x3fL];
|
||||
fval |= SP2[(work >> 24) & 0x3fL];
|
||||
left ^= fval;
|
||||
work = (left << 28) | (left >> 4);
|
||||
work ^= *keys++;
|
||||
fval = SP7[ work & 0x3fL];
|
||||
fval |= SP5[(work >> 8) & 0x3fL];
|
||||
fval |= SP3[(work >> 16) & 0x3fL];
|
||||
fval |= SP1[(work >> 24) & 0x3fL];
|
||||
work = left ^ *keys++;
|
||||
fval |= SP8[ work & 0x3fL];
|
||||
fval |= SP6[(work >> 8) & 0x3fL];
|
||||
fval |= SP4[(work >> 16) & 0x3fL];
|
||||
fval |= SP2[(work >> 24) & 0x3fL];
|
||||
right ^= fval;
|
||||
}
|
||||
} else {
|
||||
keys = &ks->ks[30];
|
||||
|
||||
for( round = 0; round < 8; round++ ) {
|
||||
work = (right << 28) | (right >> 4);
|
||||
work ^= *keys++;
|
||||
fval = SP7[ work & 0x3fL];
|
||||
fval |= SP5[(work >> 8) & 0x3fL];
|
||||
fval |= SP3[(work >> 16) & 0x3fL];
|
||||
fval |= SP1[(work >> 24) & 0x3fL];
|
||||
work = right ^ *keys++;
|
||||
fval |= SP8[ work & 0x3fL];
|
||||
fval |= SP6[(work >> 8) & 0x3fL];
|
||||
fval |= SP4[(work >> 16) & 0x3fL];
|
||||
fval |= SP2[(work >> 24) & 0x3fL];
|
||||
left ^= fval;
|
||||
work = (left << 28) | (left >> 4);
|
||||
keys -= 4;
|
||||
work ^= *keys++;
|
||||
fval = SP7[ work & 0x3fL];
|
||||
fval |= SP5[(work >> 8) & 0x3fL];
|
||||
fval |= SP3[(work >> 16) & 0x3fL];
|
||||
fval |= SP1[(work >> 24) & 0x3fL];
|
||||
work = left ^ *keys++;
|
||||
fval |= SP8[ work & 0x3fL];
|
||||
fval |= SP6[(work >> 8) & 0x3fL];
|
||||
fval |= SP4[(work >> 16) & 0x3fL];
|
||||
fval |= SP2[(work >> 24) & 0x3fL];
|
||||
right ^= fval;
|
||||
keys -= 4;
|
||||
}
|
||||
}
|
||||
block[0] = right;
|
||||
block[1] = left;
|
||||
}
|
||||
@@ -0,0 +1,124 @@
|
||||
/*
|
||||
* Copyright (c) 2005 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
/* $Id$ */
|
||||
|
||||
#ifndef _DESperate_H
|
||||
#define _DESperate_H 1
|
||||
|
||||
/* symbol renaming */
|
||||
#define DES_set_odd_parity hc_DES_set_odd_parity
|
||||
#define DES_is_weak_key hc_DES_is_weak_key
|
||||
#define DES_key_sched hc_DES_key_sched
|
||||
#define DES_set_key hc_DES_set_key
|
||||
#define DES_set_key_checked hc_DES_set_key_checked
|
||||
#define DES_set_key_sched hc_DES_set_key_sched
|
||||
#define DES_new_random_key hc_DES_new_random_key
|
||||
#define DES_string_to_key hc_DES_string_to_key
|
||||
#define DES_read_password hc_DES_read_password
|
||||
#define DES_rand_data hc_DES_rand_data
|
||||
#define DES_set_random_generator_seed hc_DES_set_random_generator_seed
|
||||
#define DES_generate_random_block hc_DES_generate_random_block
|
||||
#define DES_set_sequence_number hc_DES_set_sequence_number
|
||||
#define DES_init_random_number_generator hc_DES_init_random_number_generator
|
||||
#define DES_random_key hc_DES_random_key
|
||||
#define DES_encrypt hc_DES_encrypt
|
||||
#define DES_ecb_encrypt hc_DES_ecb_encrypt
|
||||
#define DES_ecb3_encrypt hc_DES_ecb3_encrypt
|
||||
#define DES_pcbc_encrypt hc_DES_pcbc_encrypt
|
||||
#define DES_cbc_encrypt hc_DES_cbc_encrypt
|
||||
#define DES_cbc_cksum hc_DES_cbc_cksum
|
||||
#define DES_ede3_cbc_encrypt hc_DES_ede3_cbc_encrypt
|
||||
#define DES_cfb64_encrypt hc_DES_cfb64_encrypt
|
||||
#define _DES_ipfp_test _hc_DES_ipfp_test
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
#define DES_CBLOCK_LEN 8
|
||||
#define DES_KEY_SZ 8
|
||||
|
||||
#define DES_ENCRYPT 1
|
||||
#define DES_DECRYPT 0
|
||||
|
||||
typedef unsigned char DES_cblock[DES_CBLOCK_LEN];
|
||||
typedef struct DES_key_schedule
|
||||
{
|
||||
uint32_t ks[32];
|
||||
} DES_key_schedule;
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
int DES_set_odd_parity(DES_cblock *);
|
||||
int DES_is_weak_key(DES_cblock *);
|
||||
int DES_set_key(DES_cblock *, DES_key_schedule *);
|
||||
int DES_set_key_checked(DES_cblock *, DES_key_schedule *);
|
||||
int DES_key_sched(DES_cblock *, DES_key_schedule *);
|
||||
int DES_new_random_key(DES_cblock *);
|
||||
void DES_string_to_key(const char *, DES_cblock *);
|
||||
int DES_read_password(DES_cblock *, char *, int);
|
||||
|
||||
void DES_rand_data(void *, int);
|
||||
void DES_set_random_generator_seed(DES_cblock *);
|
||||
void DES_generate_random_block(DES_cblock *);
|
||||
void DES_set_sequence_number(void *);
|
||||
void DES_init_random_number_generator(DES_cblock *);
|
||||
void DES_random_key(DES_cblock *);
|
||||
|
||||
|
||||
void DES_encrypt(uint32_t [2], DES_key_schedule *, int);
|
||||
void DES_ecb_encrypt(DES_cblock *, DES_cblock *, DES_key_schedule *, int);
|
||||
void DES_ecb3_encrypt(DES_cblock *,DES_cblock *, DES_key_schedule *,
|
||||
DES_key_schedule *, DES_key_schedule *, int);
|
||||
void DES_pcbc_encrypt(const void *, void *, long,
|
||||
DES_key_schedule *, DES_cblock *, int);
|
||||
void DES_cbc_encrypt(const void *, void *, long,
|
||||
DES_key_schedule *, DES_cblock *, int);
|
||||
void DES_ede3_cbc_encrypt(const void *, void *, long,
|
||||
DES_key_schedule *, DES_key_schedule *,
|
||||
DES_key_schedule *, DES_cblock *, int);
|
||||
void DES_cfb64_encrypt(const void *, void *, long,
|
||||
DES_key_schedule *, DES_cblock *, int *, int);
|
||||
|
||||
|
||||
uint32_t DES_cbc_cksum(const void *, DES_cblock *,
|
||||
long, DES_key_schedule *, DES_cblock *);
|
||||
|
||||
|
||||
void _DES_ipfp_test(void);
|
||||
|
||||
|
||||
#endif /* _DESperate_H */
|
||||
@@ -0,0 +1,589 @@
|
||||
/*
|
||||
* Copyright (c) 2005 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include "config.h"
|
||||
RCSID("$Id$");
|
||||
#endif
|
||||
|
||||
#ifdef KRB5
|
||||
#include <krb5-types.h>
|
||||
#endif
|
||||
|
||||
#include <string.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#ifdef HAVE_UNISTD_H
|
||||
#include <unistd.h>
|
||||
#endif
|
||||
|
||||
#include <err.h>
|
||||
|
||||
#include "des.h"
|
||||
|
||||
static void
|
||||
ecb_test(char key[8], char in[8], char out[8])
|
||||
{
|
||||
unsigned char k[8], indata[8], outdata[8], outdata2[8], ansdata[8];
|
||||
DES_key_schedule s;
|
||||
|
||||
memcpy(k, key, 8);
|
||||
DES_set_odd_parity(&k);
|
||||
memcpy(indata, in, 8);
|
||||
memcpy(ansdata, out, 8);
|
||||
DES_set_key(&k, &s);
|
||||
DES_ecb_encrypt(&indata, &outdata, &s, 1);
|
||||
if (memcmp(outdata, ansdata, sizeof(ansdata)) != 0)
|
||||
errx(1, "des: encrypt");
|
||||
DES_ecb_encrypt(&outdata, &outdata2, &s, 0);
|
||||
if (memcmp(indata, outdata2, sizeof(outdata2)) != 0)
|
||||
errx(1, "des: decrypt");
|
||||
}
|
||||
|
||||
static void
|
||||
ebc3_test(char key1[8], char key2[8], char key3[8], char in[8], char out[8])
|
||||
{
|
||||
unsigned char k1[8], k2[8], k3[8],
|
||||
indata[8], outdata[8], outdata2[8], ansdata[8];
|
||||
DES_key_schedule s1, s2, s3;
|
||||
|
||||
memcpy(k1, key1, 8);
|
||||
memcpy(k2, key2, 8);
|
||||
memcpy(k3, key3, 8);
|
||||
memcpy(indata, in, 8);
|
||||
memcpy(ansdata, out, 8);
|
||||
DES_set_key(&k1, &s1);
|
||||
DES_set_key(&k2, &s2);
|
||||
DES_set_key(&k3, &s3);
|
||||
DES_ecb3_encrypt(&indata, &outdata, &s1, &s2, &s3, 1);
|
||||
if (memcmp(outdata, ansdata, sizeof(ansdata)) != 0)
|
||||
errx(1, "des3: encrypt");
|
||||
DES_ecb3_encrypt(&outdata, &outdata2, &s1, &s2, &s3, 0);
|
||||
if (memcmp(indata, outdata2, sizeof(outdata2)) != 0)
|
||||
errx(1, "des3: decrypt");
|
||||
}
|
||||
|
||||
static void
|
||||
cbc_test(char key1[8], char iv[8], char in[24], char out[24])
|
||||
{
|
||||
unsigned char k1[8],
|
||||
indata[24], outdata[24], outdata2[24], ansdata[24];
|
||||
DES_key_schedule s1;
|
||||
DES_cblock ivdata;
|
||||
|
||||
memcpy(k1, key1, 8);
|
||||
memcpy(ivdata, iv, 8);
|
||||
memcpy(indata, in, 24);
|
||||
memcpy(ansdata, out, 24);
|
||||
DES_set_key(&k1, &s1);
|
||||
DES_cbc_encrypt(indata, outdata, 24, &s1, &ivdata, 1);
|
||||
if (memcmp(outdata, ansdata, sizeof(ansdata)) != 0)
|
||||
errx(1, "cbc: encrypt");
|
||||
DES_cbc_encrypt(outdata, outdata2, 24, &s1, &ivdata, 0);
|
||||
if (memcmp(indata, outdata2, sizeof(outdata2)) != 0)
|
||||
errx(1, "cbc: decrypt");
|
||||
}
|
||||
|
||||
static void
|
||||
cfb64_test(char key1[8], char iv[8], char in[23], char out[23])
|
||||
{
|
||||
unsigned char k1[8],
|
||||
indata[23], outdata[23], outdata2[23], ansdata[23];
|
||||
DES_key_schedule s1;
|
||||
DES_cblock ivdata;
|
||||
int num;
|
||||
|
||||
memcpy(k1, key1, 8);
|
||||
memcpy(indata, in, 23);
|
||||
memcpy(ansdata, out, 23);
|
||||
DES_set_key(&k1, &s1);
|
||||
num = 0;
|
||||
memcpy(ivdata, iv, 8);
|
||||
DES_cfb64_encrypt(indata, outdata, 23, &s1, &ivdata, &num, 1);
|
||||
if (memcmp(outdata, ansdata, sizeof(ansdata)) != 0)
|
||||
errx(1, "cfb64: encrypt");
|
||||
num = 0;
|
||||
memcpy(ivdata, iv, 8);
|
||||
DES_cfb64_encrypt(outdata, outdata2, 23, &s1, &ivdata, &num, 0);
|
||||
if (memcmp(indata, outdata2, sizeof(outdata2)) != 0)
|
||||
errx(1, "cfb64: decrypt");
|
||||
}
|
||||
|
||||
static void
|
||||
cbc3_test(char key1[8], char key2[8], char key3[8],
|
||||
char iv[8], char in[24], char out[24])
|
||||
{
|
||||
unsigned char k1[8], k2[8], k3[8],
|
||||
indata[24], outdata[24], outdata2[24], ansdata[24];
|
||||
DES_key_schedule s1, s2, s3;
|
||||
DES_cblock ivdata, ivec_copy;
|
||||
|
||||
memcpy(k1, key1, 8);
|
||||
memcpy(k2, key2, 8);
|
||||
memcpy(k3, key3, 8);
|
||||
memcpy(ivdata, iv, 8);
|
||||
memcpy(indata, in, 24);
|
||||
memcpy(ansdata, out, 24);
|
||||
DES_set_key(&k1, &s1);
|
||||
DES_set_key(&k2, &s2);
|
||||
DES_set_key(&k3, &s3);
|
||||
memcpy(&ivec_copy, &ivdata, sizeof(ivec_copy));
|
||||
DES_ede3_cbc_encrypt(indata, outdata, 24,
|
||||
&s1, &s2, &s3, &ivec_copy, 1);
|
||||
if (memcmp(outdata, ansdata, sizeof(ansdata)) != 0)
|
||||
errx(1, "cbc3: encrypt");
|
||||
memcpy(&ivec_copy, &ivdata, sizeof(ivec_copy));
|
||||
DES_ede3_cbc_encrypt(outdata, outdata2, 24,
|
||||
&s1, &s2, &s3, &ivec_copy, 0);
|
||||
if (memcmp(indata, outdata2, sizeof(outdata2)) != 0)
|
||||
errx(1, "cbc3: decrypt");
|
||||
}
|
||||
|
||||
|
||||
static void
|
||||
pcbc_test(char key1[8], char iv[8], char in[24], char out[24])
|
||||
{
|
||||
unsigned char k1[8],
|
||||
indata[24], outdata[24], outdata2[24], ansdata[24];
|
||||
DES_key_schedule s1;
|
||||
DES_cblock ivdata;
|
||||
|
||||
memcpy(k1, key1, 8);
|
||||
memcpy(ivdata, iv, 8);
|
||||
memcpy(indata, in, 24);
|
||||
memcpy(ansdata, out, 24);
|
||||
DES_set_key(&k1, &s1);
|
||||
DES_pcbc_encrypt(indata, outdata, 24, &s1, &ivdata, 1);
|
||||
if (memcmp(outdata, ansdata, sizeof(ansdata)) != 0)
|
||||
errx(1, "pcbc: encrypt");
|
||||
DES_pcbc_encrypt(outdata, outdata2, 24, &s1, &ivdata, 0);
|
||||
if (memcmp(indata, outdata2, sizeof(outdata2)) != 0)
|
||||
errx(1, "pcbc: decrypt");
|
||||
}
|
||||
|
||||
static void
|
||||
cbc_cksum(char key1[8], char iv[8], char *in, size_t len,
|
||||
uint32_t ret, char out[8])
|
||||
{
|
||||
unsigned char k1[8], indata[24], ansdata[8];
|
||||
DES_key_schedule s1;
|
||||
DES_cblock ivdata, outdata;
|
||||
uint32_t r;
|
||||
|
||||
memcpy(k1, key1, 8);
|
||||
memcpy(ivdata, iv, 8);
|
||||
memcpy(indata, in, len);
|
||||
memcpy(ansdata, out, 8);
|
||||
DES_set_key(&k1, &s1);
|
||||
r = DES_cbc_cksum(indata, &outdata, len, &s1, &ivdata);
|
||||
if (ret != r)
|
||||
errx(1, "cbc_cksum: cksum error");
|
||||
if (memcmp(outdata, ansdata, sizeof(ansdata)) != 0)
|
||||
errx(1, "cbc_cksum: checksum");
|
||||
}
|
||||
|
||||
static void
|
||||
s2k(char *password, const char *salt, char akey[8])
|
||||
{
|
||||
DES_cblock k;
|
||||
size_t l = strlen(password) + strlen(salt);
|
||||
char *pw = malloc(l + 1);
|
||||
strcpy(pw, password);
|
||||
strcat(pw, salt);
|
||||
|
||||
DES_string_to_key(pw, &k);
|
||||
if (memcmp(akey, &k, 8) != 0)
|
||||
errx(1, "key wrong for '%s'", pw);
|
||||
free(pw);
|
||||
}
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
int
|
||||
main(int argc, char **argv)
|
||||
{
|
||||
_DES_ipfp_test();
|
||||
|
||||
ecb_test("\x31\x16\xe3\x57\x97\xa8\x68\xe5",
|
||||
"\xbb\xe4\x48\x6e\xdf\x9a\x05\x4f",
|
||||
"\xa8\x82\xa0\x15\x76\xeb\xfd\xc7");
|
||||
ecb_test("\xfe\x4a\x19\xa1\x45\xa7\xb9\xd0",
|
||||
"\x2a\x67\x3c\x07\x59\x4d\xde\xb8",
|
||||
"\x9d\x61\xd5\x1c\xd7\xd0\xd3\x8b");
|
||||
ecb_test("\xbf\x13\x25\xec\xa4\xbc\x1a\x54",
|
||||
"\x16\xa5\xd9\x30\x0f\x55\x20\x71",
|
||||
"\x04\x44\x6c\xe0\x32\x32\x78\xd2");
|
||||
|
||||
ebc3_test("\x7c\x2f\x79\xd5\xb5\x37\x01\xcb",
|
||||
"\xb9\xbc\x86\xea\x04\x45\xab\x2c",
|
||||
"\x19\x1c\xcd\x83\x8a\x29\x97\x3e",
|
||||
"\x87\x03\x59\xdd\xf4\xc6\xeb\xb7",
|
||||
"\xcc\x72\x66\x85\xed\xa2\xee\x09");
|
||||
ebc3_test("\x10\x34\x32\x4c\xc4\x9b\x57\x5b",
|
||||
"\xb0\x6e\xb6\x26\xd6\x52\x2c\x15",
|
||||
"\xa7\x64\xf8\x20\xc1\x89\x73\xc1",
|
||||
"\x37\xa4\xad\x4d\x76\xee\x7c\x02",
|
||||
"\xdf\xb9\x2b\x99\x59\x71\xc4\x89");
|
||||
ebc3_test("\xf8\xa7\xfd\xe6\x6d\x73\x34\x26",
|
||||
"\x4c\xbf\x40\x5d\x5d\xf4\x31\xef",
|
||||
"\x04\xdf\xf2\x58\xd0\x5e\x54\x68",
|
||||
"\x44\x2a\xa2\x19\xbd\x0a\x2b\x61",
|
||||
"\x17\x26\x39\xd5\xd5\xd9\x40\x71");
|
||||
ebc3_test("\x13\x5e\x23\x07\x2c\x16\x0d\x25",
|
||||
"\x64\x6d\x2f\xe0\x68\xa8\x16\x75",
|
||||
"\x7c\x7c\x19\x64\xbc\xae\xe0\x0e",
|
||||
"\x7b\x8c\x76\x76\xb0\x95\x7f\xed",
|
||||
"\xe2\x6e\x05\x1d\xdc\x74\xc1\xb7");
|
||||
ebc3_test("\xbc\x92\x32\xb6\x68\x0d\x73\x19",
|
||||
"\x70\xef\x98\x19\xe9\xec\x04\x1c",
|
||||
"\x02\x4c\x75\x08\xce\xc4\x34\x16",
|
||||
"\x73\xab\x28\x69\x6a\x20\x2f\x99",
|
||||
"\x3b\xb1\x2d\xb6\x21\x0a\x44\xca");
|
||||
ebc3_test("\x01\x98\x16\xea\x85\xd5\x3b\x8a",
|
||||
"\x73\x23\xb5\x49\xd9\x10\x5b\xea",
|
||||
"\xb6\xc4\xce\xc4\x89\x92\x0e\x15",
|
||||
"\xd9\x35\xcf\x21\x47\x7b\xdf\xb5",
|
||||
"\xa1\x71\x57\x1f\x1e\x84\x08\xac");
|
||||
ebc3_test("\x58\x6d\xbc\x04\x70\x4f\xe6\x3e",
|
||||
"\xcd\x76\x26\x01\xae\xce\x0b\xe5",
|
||||
"\xf2\x4f\x64\x16\x8f\x0d\x4f\x6b",
|
||||
"\xa7\x0d\xa0\x56\xa0\x8b\x2a\x77",
|
||||
"\xe5\x12\x9b\x8a\x92\xc8\xdd\xe1");
|
||||
ebc3_test("\x40\xd6\xad\x43\x52\x23\xa7\xcd",
|
||||
"\x04\x19\xae\x94\xce\x46\x31\xd3",
|
||||
"\x45\x6e\x3b\xb5\x4f\x37\x5e\x9d",
|
||||
"\xbd\xb0\x60\x75\x91\x02\x48\xf4",
|
||||
"\xb5\xa1\xe6\x4b\x4e\xa3\x8c\x4b");
|
||||
ebc3_test("\x91\xab\x80\x9b\x97\xf4\x58\x5e",
|
||||
"\xc2\x68\x46\x61\x9e\x04\xa1\x29",
|
||||
"\xc7\xe5\x5b\x32\xcb\x43\xc8\xa4",
|
||||
"\x31\x38\x90\x1c\xc8\x78\x12\x50",
|
||||
"\xf8\x65\xae\xa1\xdf\x4e\xbf\xa8");
|
||||
|
||||
cbc_test("\x57\x98\x7a\x8a\x29\x7c\xc1\xad",
|
||||
"\xe1\x28\x69\x58\xd6\x91\x9f\x4e",
|
||||
"\xa0\x11\x1a\xdd\xeb\x62\xb8\x9e\x28\x08\x6e\x0b\x6d\x6d\x57\x31\x1b\x4c\x82\x4c\xc3\x19\xe0\x93",
|
||||
"\x42\xa5\x2f\x26\xbb\x92\x3a\x6b\x64\xe0\x3b\x1a\x33\x5a\x9c\x2b\xc8\xd9\x41\x37\x8d\x3e\x58\xbf");
|
||||
cbc_test("\x23\xd6\xec\x86\x86\x4f\x02\xcd",
|
||||
"\xfe\x8e\xa4\x07\x35\x41\x14\x99",
|
||||
"\xe3\xc2\x5d\x6e\x81\xae\xa0\xe8\xc8\xdd\xd2\x0d\xf4\x26\x90\x10\xca\x8c\x07\x58\xb2\x17\xcc\x1a",
|
||||
"\x97\xb9\xbc\xa6\xd1\x98\xc1\x7f\x4b\xac\x61\x8a\x16\xec\x1f\xee\x28\x6f\xe8\x25\xf0\x41\xbc\xde");
|
||||
cbc_test("\x07\xe5\xc8\x52\xba\x3d\xef\xcd",
|
||||
"\xa9\x21\x3e\x84\x44\x7c\xce\x1a",
|
||||
"\xfc\x03\x72\x30\xb0\xcb\xe8\x99\x21\x54\x4d\xfa\x86\xdd\x99\xe1\x96\xe7\x7c\xb5\xbd\x5b\x6f\xd0",
|
||||
"\x27\x76\x66\x62\x1f\xcf\x48\xdb\x15\x11\x73\x8b\xe0\xc9\xbd\x2b\x40\xae\x0c\x35\xeb\x93\xa3\x1c");
|
||||
cbc_test("\xef\x2f\x07\xd6\x2f\x70\x4f\x68",
|
||||
"\x16\x1e\xaf\x87\x3a\x83\x9f\x33",
|
||||
"\xb8\x4c\xb3\xbf\xfa\x5d\xa9\xc7\x1c\x15\x8d\x39\xf2\x29\xf5\x5a\x3d\x21\x0d\x61\x05\xaa\x48\x92",
|
||||
"\x51\x85\x2f\xad\x67\xb6\x0a\x15\xb8\x73\x15\xf1\x79\x9d\xed\xf5\x6c\x11\x22\xe5\x48\x51\xab\xae");
|
||||
cbc_test("\xd0\x2c\x68\xc1\xe6\xb0\x76\x98",
|
||||
"\xc7\x4f\x31\xa9\x5d\xd5\x5b\xcc",
|
||||
"\x9d\x4b\x2a\x54\x60\xf1\xb0\x10\x34\x87\xdc\x25\xa5\x80\x6c\x4d\x0c\x7f\x53\x37\x58\x42\xc7\x26",
|
||||
"\x79\xc5\xf0\x21\x0d\x7a\x38\xc0\x66\x9a\x07\x2f\xa4\x9c\x1f\xbb\x66\x4d\x6c\x86\x5b\x47\x44\x60");
|
||||
cbc_test("\xd6\xe3\x75\x92\xb0\x8f\x45\x70",
|
||||
"\xdc\xc6\xab\x3e\xf2\x7e\x13\xd6",
|
||||
"\x38\x57\x27\x0a\xef\x74\x94\x82\x92\xfa\x28\xed\xff\x24\x1e\x0e\x8f\xaa\x9e\x24\x2f\x41\x65\x78",
|
||||
"\x1d\xcc\x07\x55\xe8\xea\xd1\x08\x55\x11\x72\xfe\xdb\xdf\xa0\xc9\xb6\x3a\x2e\xdf\xf0\x67\xd3\xf4");
|
||||
cbc_test("\xb3\xbc\xb5\x61\x04\xda\x1a\x34",
|
||||
"\x8e\x4e\xa5\x8a\xeb\x6a\xea\xbb",
|
||||
"\x72\x73\x51\xe0\x58\xc5\x2e\xe1\x64\x10\x05\x59\x64\x70\x3f\xbe\x43\xa2\xed\x7a\x5d\x1b\x9c\xc7",
|
||||
"\xa6\xb2\xf2\xea\x96\x62\xfb\x2f\x2a\x6a\xa1\x2f\x8e\xe1\x12\xd2\xe4\x82\x4c\xc1\x00\x74\x9c\x8f");
|
||||
cbc_test("\x8f\xdf\x01\x89\xfe\x13\x9b\x2c",
|
||||
"\x66\x18\xf8\x80\xa1\x3b\x1b\x91",
|
||||
"\x32\xdb\xae\xa7\x3b\x77\xb2\x6e\xcc\xa5\xa1\x2e\x15\x19\x49\x83\x2f\xfb\x94\xcc\xd1\xa1\x4b\x02",
|
||||
"\x47\x31\xca\x04\x4d\x1a\x24\x39\xda\x71\xc5\xb8\x7f\xea\x79\xf5\x43\xa6\x53\x15\x78\x84\x34\x75");
|
||||
cbc_test("\xe5\x34\xb6\x75\x68\x07\x70\x85",
|
||||
"\x73\x98\x29\xf7\x7a\xe7\xe7\xb7",
|
||||
"\x9c\x9e\x4c\xa6\x62\x21\xc4\x15\x47\x43\xd5\xf2\x3a\xf3\xfd\xb5\x53\xa7\x16\x9e\xa6\x4f\x0d\xac",
|
||||
"\x81\x2d\xa4\x99\x60\xbf\x9c\xf4\x46\x1d\xee\xc6\xb0\xe1\x4a\x29\xea\xfd\xce\x4b\xa1\x45\x93\x7b");
|
||||
|
||||
cbc3_test("\x61\xcb\x8c\xb0\x32\x2a\xc2\x5d",
|
||||
"\x98\xe3\x49\xc1\x0d\xb5\x67\xce",
|
||||
"\xf2\x43\x10\x61\x85\x6b\xa7\x15",
|
||||
"\x65\xf5\x8f\x1a\x2b\x33\xf2\xb5",
|
||||
"\x8c\x06\xe0\x60\x68\x25\x9c\x95\x81\x46\xda\x41\x9d\xa8\x9c\x49\x2f\xee\x33\x35\x95\x11\xbd\xa0",
|
||||
"\x93\x27\xed\xc7\x35\xb9\xe5\x3c\x7b\x10\x3e\x39\x01\x41\x61\x04\xe7\xf2\xd9\x63\x96\xca\x57\xf1");
|
||||
cbc3_test("\x15\x61\x6b\x76\xae\x0e\x98\x01",
|
||||
"\x76\xce\x9d\x94\xa7\xe3\x73\xa4",
|
||||
"\x19\xd9\x15\x98\x9b\xba\x83\x40",
|
||||
"\x60\xef\xc2\xc6\xa2\x40\x01\xc7",
|
||||
"\x8b\x4d\xf4\x37\xad\x1c\xc2\x4e\xcc\xc4\x4b\x17\x67\xf7\xfa\xec\xf8\x94\x6f\x7a\x84\x56\x81\x09",
|
||||
"\x68\xdf\x82\xcb\xd9\xcd\x3d\xca\x12\x0e\x2e\x39\xba\xf7\x5a\x8c\x41\xbd\x6f\x9d\x85\xfe\x1b\x1d");
|
||||
cbc3_test("\xd5\x2a\x4f\xa4\x13\x9e\x73\x15",
|
||||
"\x6d\x75\xa8\x15\x07\xd3\x7c\x79",
|
||||
"\xd5\xe0\xa7\x91\xf8\xf2\x9d\xcd",
|
||||
"\x4c\xdb\x56\xb8\x6f\x0e\x2a\x59",
|
||||
"\xbe\x64\x20\x24\x7d\x2b\x6b\xf4\xd9\xc0\xa0\x9b\x8d\x88\x6e\x50\x6f\xf8\xb6\x4a\x7e\x52\x52\x93",
|
||||
"\x01\x83\x75\x7b\xd6\x03\xff\xd8\xe9\x6d\x6c\x92\x24\x25\x35\xfa\x43\x4c\x40\xff\xec\xb0\x8b\x50");
|
||||
cbc3_test("\x02\xad\x13\x31\xd5\xd6\xef\x7c",
|
||||
"\x86\x3e\x02\xce\x94\x97\x37\xba",
|
||||
"\x01\x07\x20\x04\xf8\x92\xb6\xb3",
|
||||
"\x26\x79\x1b\xef\x90\x54\xd6\xc1",
|
||||
"\x55\xee\xea\x81\x42\x8b\xbf\xfb\x6c\x14\xec\xbd\xba\x55\x0d\xc4\xd2\xd6\xf0\xea\xd1\x03\xde\x5b",
|
||||
"\x69\x49\xc5\x48\x4f\xda\x03\x90\x84\xef\x86\xd2\x98\xa7\xae\xfa\x17\x35\x7e\x06\xbd\xd3\x51\x0b");
|
||||
cbc3_test("\x3d\x9b\xae\x5b\x7f\x91\x85\xe0",
|
||||
"\xdf\x07\xb3\xdf\x97\x0b\x43\x80",
|
||||
"\xe3\x46\x58\xd9\x68\x79\xb3\xae",
|
||||
"\xd4\x27\xee\x5d\x73\xb1\x82\xf5",
|
||||
"\x44\x86\x9a\xa6\x79\x2d\x9e\x94\x11\x6c\x7b\xc6\xe8\xef\x63\x95\x71\xc6\x62\x20\x43\x87\xaf\x65",
|
||||
"\xc2\xf5\xbc\x91\xc5\x7c\x69\xb2\x05\xcc\x28\x92\xc1\x96\x5a\xc2\xcb\x0c\x71\xc7\x51\x7d\x0c\xcc");
|
||||
cbc3_test("\x43\x8c\x23\x92\xd5\x92\x67\xfb",
|
||||
"\x5b\x5e\xb0\x31\x1c\x9d\x5d\x10",
|
||||
"\x8a\xa2\x16\x64\xd6\xa4\xc4\x5b",
|
||||
"\x06\xc5\xdd\xa3\x4a\x2b\x37\xb7",
|
||||
"\x99\xd5\x76\xee\x7c\x4d\xcc\x18\x39\x78\x16\x7c\xcc\x1a\x0a\x27\xdb\xf1\x5f\xe1\x87\x86\xb7\x2c",
|
||||
"\x91\xbe\xaf\x79\xd0\x14\x7c\x05\x60\x1c\x7e\xd6\x22\x15\xac\xed\xf3\x78\xa5\xc7\x52\xa0\x60\x49");
|
||||
cbc3_test("\x80\xc2\x86\x7a\x51\x45\x29\x1c",
|
||||
"\xc7\xfd\xad\xd0\x7c\x4a\xd0\x3e",
|
||||
"\xe6\x89\x98\xfe\x01\x67\x20\x89",
|
||||
"\x5c\x23\xe4\x26\x82\x27\xad\xeb",
|
||||
"\xa1\x38\x4e\xf1\x07\x1a\xdd\x25\x47\xe6\xda\x9d\xa9\xfe\x98\x55\x05\x95\x75\xc2\x59\x18\xcf\xf1",
|
||||
"\x36\x58\xea\xc5\xf8\x41\xa7\x49\xe8\x22\x75\xfe\xb6\x8b\xdd\x0d\xf0\x66\x42\xe6\x84\x23\x29\xff");
|
||||
cbc3_test("\xbc\x68\x54\x85\x2c\xc1\xe0\x07",
|
||||
"\x7c\x6e\x34\x04\x6b\x91\xc4\x54",
|
||||
"\x9d\xa4\xda\xa1\xda\x6d\xdc\xd3",
|
||||
"\x1c\x3d\xa9\x41\xa2\xe5\xff\x8a",
|
||||
"\x0a\x58\xff\x5a\xec\xc1\x7e\x94\x24\xf4\x4f\xdc\x5b\x29\xe2\x78\x62\x8a\xd2\xe2\xd7\x45\x54\x17",
|
||||
"\x80\x68\xa6\xed\x87\x40\xd5\x32\xd2\xb8\x32\x61\x35\xae\xae\xf7\x14\x1f\x98\xdb\xba\x21\x4f\x9f");
|
||||
cbc3_test("\xa1\x2a\x7a\x67\xfe\xea\xd3\xe3",
|
||||
"\x70\xe5\xd5\x4c\xf1\xce\x4c\x26",
|
||||
"\x75\x4c\x85\x16\xb5\xc8\x07\xe9",
|
||||
"\x4c\xa4\xb5\xdd\x86\x86\x70\x5a",
|
||||
"\x0d\x07\xfd\x23\xc1\x1d\x65\xd8\xb2\x79\xb8\xa3\xc5\x8e\x47\xbe\x0f\xed\x7b\x15\x43\xe9\x7c\x5e",
|
||||
"\xde\x17\xfe\x05\x43\x80\x85\xd0\x9c\x60\xe0\xbe\x8d\xa2\x65\x0e\x63\x02\x72\xb6\xf3\x7d\xda\x90");
|
||||
|
||||
|
||||
pcbc_test("\xe3\xf2\xb0\x26\x7c\x4a\x94\x80",
|
||||
"\x40\x08\x4c\x44\xa3\xb5\xf7\x97",
|
||||
"\xe7\xbd\x54\xa1\xbb\x48\x67\xcd\xe0\xee\xff\x8d\x3d\x25\x2b\xf0\x61\x48\xbe\xf2\x63\x5d\xce\x4a",
|
||||
"\xf5\xe9\x48\xdc\xb8\x61\x39\xa9\x90\x27\xec\x09\x23\x50\xe0\xa9\x78\xb2\x1c\x29\x3c\xa7\x6c\x88");
|
||||
pcbc_test("\xfd\x54\x2a\x5b\x97\xa4\x5b\x52",
|
||||
"\x37\x36\x6e\x22\x7e\x66\x08\x8c",
|
||||
"\xe4\x2d\x81\x88\x86\xb2\x44\x55\x80\x3d\x3c\xbd\x42\x9f\x5d\xdb\x4b\x63\x23\x1c\x31\x13\xa6\x0f",
|
||||
"\x9c\x9f\x65\x05\x79\x91\x71\x96\x82\x2a\xc0\xe5\xa0\x6f\x71\xab\x68\x32\xd4\xd7\x5e\x38\x38\xf6");
|
||||
pcbc_test("\x25\x91\x08\xe5\x57\x85\xb6\x20",
|
||||
"\x47\x6e\xbe\x9f\xb9\x6b\x55\xe9",
|
||||
"\x44\xfd\xdd\x42\x07\x99\xf0\x8f\xdb\xa5\x14\x1e\x76\x07\x90\x5b\x29\x10\x21\xb9\x7e\xac\xc7\x77",
|
||||
"\x88\x4f\xdc\x6e\x37\x5e\x4e\xac\x8d\x3f\x9d\xd1\x82\x51\x65\xf5\xf9\x08\xa7\xac\x01\x61\x19\x85");
|
||||
pcbc_test("\x6d\x43\xc7\x9d\x6b\x97\x64\x40",
|
||||
"\x56\xfb\xcb\xb3\x97\xb5\x70\x13",
|
||||
"\x54\x67\xa9\x42\x86\x85\x81\x8f\xb4\x72\xa2\x5f\x2d\x90\xbb\x5c\xb5\xb9\x9b\x71\x8f\x2b\xae\x05",
|
||||
"\x2c\xd1\x63\x6f\x11\x1d\x5e\x40\x8c\x47\x49\x12\x31\x48\xb7\x12\x4c\xc1\x6a\xaf\x0e\x33\x11\xe1");
|
||||
pcbc_test("\x3b\xa2\xbc\xd5\x5d\x9d\xdf\x73",
|
||||
"\x43\xb7\x26\x71\xce\x6d\x97\xac",
|
||||
"\x4e\xf6\x7d\xd7\xfc\x6b\x35\x54\xae\xc9\xfe\xf7\xb7\x1e\x47\xa5\x61\x44\x50\xb3\xe4\xe8\x7d\xdc",
|
||||
"\x4d\xda\xbd\xad\xc4\xde\xdc\xf4\xfc\xbd\xfc\xa7\xbd\xe4\x7e\x73\x28\xc5\x5c\xd0\x9a\x35\x39\xa6");
|
||||
pcbc_test("\x46\x9e\xda\xdf\x0d\x97\x8a\xd3",
|
||||
"\x6c\x9f\xdf\xc0\x48\x3b\xa5\x17",
|
||||
"\xb9\xd8\x99\x61\x67\xf3\xec\xa9\xc1\x29\xa3\x8b\x63\xe2\xc2\x28\xaf\x56\x2d\x39\x1d\xeb\x7c\xbc",
|
||||
"\x70\x5d\xd4\x54\x90\xb9\x6c\x0c\x93\x96\x6a\x4a\x4e\xb8\x80\xce\xb3\xcd\x64\xa7\x6c\xb2\xe4\xc9");
|
||||
pcbc_test("\x31\x89\x51\x38\x2f\x97\xfe\xef",
|
||||
"\x17\xdc\xf8\xde\xcc\x8f\x40\x3e",
|
||||
"\xef\xcf\xe9\x9e\x11\xd8\x35\xdf\x58\x11\xd0\x0a\x68\xce\xe1\x6b\xb5\xca\x68\x47\xb7\xb9\x9a\x34",
|
||||
"\x3a\x93\x47\x3c\x1b\xa9\xeb\x88\x13\xfd\x1b\xd8\x76\xb5\xd3\xe2\xb8\x83\x10\x56\x68\xab\xe1\x28");
|
||||
pcbc_test("\xba\x1c\x70\x94\x62\x10\x19\xda",
|
||||
"\x7a\x8b\xc0\x9e\x00\xbb\x7e\xcb",
|
||||
"\x30\x74\x6b\xa6\xd6\x07\xae\x44\xd6\x5c\xe6\x18\x97\x90\xaa\x08\xcb\xa8\xf4\x8b\xea\x8b\x4f\xe6",
|
||||
"\x0a\x77\x24\x7c\xcd\xf8\x06\x01\x20\x02\x14\x33\xd6\xf4\x4e\x89\xc0\x38\x65\x44\x6b\x9c\x92\x16");
|
||||
pcbc_test("\xfe\x97\xf2\x6d\x8f\x0d\x86\x94",
|
||||
"\x30\x8a\x7d\x9b\xf4\x28\x6e\x84",
|
||||
"\x82\xb0\x9b\x42\xf6\xdc\x38\x41\x41\x03\x60\x28\x7f\x90\x08\x8b\x6c\x55\xe7\x76\xcd\xa7\xae\xbc",
|
||||
"\x35\x0b\xf1\xc0\x56\x64\x6f\x7b\x3e\x1f\xd1\x90\xbd\xda\x10\xb1\xd1\x49\xc6\x62\x5f\xf9\x6c\xf9");
|
||||
|
||||
|
||||
cbc_cksum("\x58\x83\x67\xfb\xdf\x51\x7c\xfd",
|
||||
"\x46\x0a\xa5\x94\x6b\xd6\xaa\x91",
|
||||
"\x15\x0b\x16\x3a\x56\x79\x33\xdf\x6e\xa0\xd9\x54\x14\x7b\x37\xa9\xb1\x15\xe1\x28\xfe\x35\xe9\x34",
|
||||
24,
|
||||
0x16466788,
|
||||
"\xa7\xbd\x2a\x1b\x16\x46\x67\x88");
|
||||
cbc_cksum("\xf1\xe0\x91\x1c\xfe\x10\xe5\xb5",
|
||||
"\x9c\xc6\x7d\xf3\x3e\x58\x40\x06",
|
||||
"\x9c\x90\x88\xfe\x9c\x38\xc0\xd5\xaa\xc6\xf2\xc2\x7d\x00\xf6\x5f\xbd\x87\x25\xbe\x41\x64\x9f\xb7",
|
||||
24,
|
||||
0xd8a127cc,
|
||||
"\x93\x5d\x75\x62\xd8\xa1\x27\xcc");
|
||||
cbc_cksum("\x20\xbf\xdc\xd5\x5b\x9d\xc8\x79",
|
||||
"\x68\xdc\xe2\xfa\x18\xb3\xa9\xe0",
|
||||
"\xef\xba\xc4\x8b\x78\xc2\x02\xc2\x74\x71\x9f\xfa\x4b\xa2\x8a\xe5\xfb\x82\x3d\x48\xcf\x28\x08\x42",
|
||||
24,
|
||||
0x45236285,
|
||||
"\xc0\xb9\x2c\x86\x45\x23\x62\x85");
|
||||
cbc_cksum("\x31\x6d\xa8\xc2\x43\x16\x64\xea",
|
||||
"\x7b\x5e\x9f\x7c\xb8\xa3\xbd\x89",
|
||||
"\x8a\xd4\xe4\x77\xbb\x45\x17\x3d\xd2\xef\xe6\xb9\x65\x8b\xb3\xa9\x28\xef\xd7\x0c\xa8\x47\x5d\xb8",
|
||||
24,
|
||||
0x3f021cb2,
|
||||
"\x10\x94\x4c\x2f\x3f\x02\x1c\xb2");
|
||||
cbc_cksum("\xd5\x75\x51\x8f\xc8\x97\x1a\xc4",
|
||||
"\xbc\x7a\x70\x58\xae\x29\x60\x3a",
|
||||
"\x8d\x2c\x70\xdb\x53\xda\x0f\x50\xd9\xb5\x81\x18\x26\x66\x84\xda\xf6\x32\xa0\xe5\xf9\x09\xfd\x35",
|
||||
24,
|
||||
0x2f64dd4f,
|
||||
"\x89\xe4\x70\x0d\x2f\x64\xdd\x4f");
|
||||
cbc_cksum("\xda\x6e\x32\x80\x20\xbc\x67\x54",
|
||||
"\xf4\x93\x86\x43\x29\x57\x6e\xec",
|
||||
"\xfe\xd8\xfe\xad\x4e\x05\xd8\xb8\x9b\x9f\xaa\xa5\x90\x6d\xcb\xff\x40\xab\xc5\x25\x2b\xda\xa7\x09",
|
||||
24,
|
||||
0x6281ce23,
|
||||
"\xa1\x88\xc2\x3d\x62\x81\xce\x23");
|
||||
cbc_cksum("\xb6\xc7\x75\x8a\xfb\xd3\xf8\xad",
|
||||
"\xf1\x4f\xd7\x39\x4b\xec\xa3\x99",
|
||||
"\x31\xd0\x45\x9d\x62\xe3\x49\xbb\x58\xc2\x58\xbe\x13\x51\x1e\x3f\x54\xe5\x31\x7d\xd0\x94\x57\x7a",
|
||||
24,
|
||||
0x09c7ee4e,
|
||||
"\x2f\x40\xb3\xd2\x09\xc7\xee\x4e");
|
||||
cbc_cksum("\xa8\x4f\x16\xf4\x89\x3d\xf7\xec",
|
||||
"\x04\x78\xbc\xd3\x4f\x32\xfd\x46",
|
||||
"\xe5\x44\x30\x5e\x55\xa3\x08\xe9\xcd\xd1\xbe\x63\x66\x26\x27\x62\xc3\x4f\x2a\x50\x69\x21\x24\xde",
|
||||
24,
|
||||
0xdf3357c7,
|
||||
"\xa8\x6e\x80\x3b\xdf\x33\x57\xc7");
|
||||
cbc_cksum("\xd6\x4f\x40\xef\x8a\x2a\xf1\x20",
|
||||
"\xd5\x40\xe7\x86\x36\x26\x79\xc9",
|
||||
"\xcc\x74\x2b\x78\xca\x47\xb0\xd3\xe6\x72\x42\x76\xee\x80\xb0\xe5\x78\x12\x3b\x4e\x76\x91\xda\x1a",
|
||||
24,
|
||||
0x14a5029a,
|
||||
"\x33\xd2\xb5\x8a\x14\xa5\x02\x9a");
|
||||
|
||||
cbc_cksum("\xfb\x89\xa1\x9d\xa7\xec\xc1\x5e",
|
||||
"\x9c\x7f\x47\xd0\x79\x5d\x4b\x97",
|
||||
"\xb6\x8b\x48\xe0\x01\x78\xec\x50\x7f\xf1\xfd\xd2\x87\x76\xba\x4b\x9c\x5c\xc7\x25",
|
||||
20,
|
||||
0xa1471604,
|
||||
"\x39\x5b\x7d\xb1\xa1\x47\x16\x04");
|
||||
cbc_cksum("\x70\xb3\xc4\x0b\x5b\x4f\x98\xe5",
|
||||
"\x86\xc0\x05\x1a\xd5\x8f\x78\x2c",
|
||||
"\xef\x01\x7b\xd8\xff\x68\x5d\x66\xb6\xbe\xd8\xf5\xb9\xed\x4e\xec\xe3\x3c\x12\xc5",
|
||||
20,
|
||||
0xc4b74f9a,
|
||||
"\x2b\x07\xe3\x90\xc4\xb7\x4f\x9a");
|
||||
cbc_cksum("\xfe\x04\xcb\xfe\xef\x34\xe9\x58",
|
||||
"\xd9\x28\xae\xc0\x2c\xd3\xf6\xb0",
|
||||
"\x24\x25\x9b\x67\xda\x76\xa6\x64\x6f\x31\x94\x18\x2e\x06\x71\x82\xaf\xbd\x86\x63",
|
||||
20,
|
||||
0xbd7c84e6,
|
||||
"\x70\x3e\x91\xf5\xbd\x7c\x84\xe6");
|
||||
cbc_cksum("\x10\xc2\x70\x94\x9b\x16\x20\x1c",
|
||||
"\x62\xed\x5a\x48\x6c\xf3\x51\xa0",
|
||||
"\x90\x3e\x06\xc1\x63\x6a\x1f\x1a\xfe\x9d\x74\xb6\x13\xde\x62\xd2\x6f\x19\x37\x25",
|
||||
20,
|
||||
0x26761f96,
|
||||
"\x8b\x6a\x9c\x85\x26\x76\x1f\x96");
|
||||
cbc_cksum("\x61\x32\x7c\x7f\x31\xc7\x98\xe6",
|
||||
"\xd9\xba\x0d\x9d\x9e\xa3\xcc\x66",
|
||||
"\x98\x8f\xc6\x5a\x54\x04\x63\xd9\x53\x86\x5d\x75\x53\x48\xcc\xa3\x00\x7a\x12\xe5",
|
||||
20,
|
||||
0xf0f6ad33,
|
||||
"\x6a\xfb\xed\xd3\xf0\xf6\xad\x33");
|
||||
cbc_cksum("\x85\xdf\x01\x2c\xab\x3b\xec\x13",
|
||||
"\xc6\x44\x87\x5b\x78\x2a\x74\x92",
|
||||
"\x8b\xf5\x0d\xff\x5c\xb3\xc1\xcd\x9e\xf7\xb8\x8e\x3b\xf8\x61\x4d\x26\x6a\x7b\xe8",
|
||||
20,
|
||||
0x7acfe214,
|
||||
"\x52\xb7\x05\xe9\x7a\xcf\xe2\x14");
|
||||
cbc_cksum("\x49\xdf\xb0\x16\x7f\xec\x10\x52",
|
||||
"\x09\xa3\x36\x8f\xe9\xe0\x06\x19",
|
||||
"\x3a\x0f\x66\xf7\x7a\x47\x34\xe4\xaa\x09\x36\x90\xe9\x90\x19\xff\x99\x94\x92\x04",
|
||||
20,
|
||||
0x9a3a59bb,
|
||||
"\xd3\xe2\xce\xfc\x9a\x3a\x59\xbb");
|
||||
cbc_cksum("\x5b\xbf\x4c\xc8\xce\xf4\x51\x1a",
|
||||
"\x7c\xee\xc0\x5a\x20\x2b\x10\x22",
|
||||
"\x05\x1d\xec\xdb\x30\x73\xf2\x21\xbf\x64\xe0\x5f\xdf\x02\x79\xe9\x47\xf2\x9c\x4e",
|
||||
20,
|
||||
0xaf9d3602,
|
||||
"\xaa\xf3\xa2\x5a\xaf\x9d\x36\x02");
|
||||
cbc_cksum("\xad\xda\xa2\x19\x6d\x37\xda\x67",
|
||||
"\xb2\x10\x0f\xd5\xda\xdd\x17\xfc",
|
||||
"\x44\x02\x6b\xd6\xd4\x8c\x42\x58\x8b\x59\x35\xce\xd7\x04\x6b\x35\xa6\x5f\x28\x97",
|
||||
20,
|
||||
0xd112a978,
|
||||
"\xb2\x5f\x6a\x07\xd1\x12\xa9\x78");
|
||||
|
||||
|
||||
s2k("potatoe", "WHITEHOUSE.GOVdanny",
|
||||
"\xdf\x3d\x32\xa7\x4f\xd9\x2a\x01");
|
||||
s2k("password", "ATHENA.MIT.EDUraeburn",
|
||||
"\xCB\xC2\x2F\xAE\x23\x52\x98\xE3");
|
||||
s2k("\xf0\x9d\x84\x9e", "EXAMPLE.COMpianist",
|
||||
"\x4f\xfb\x26\xba\xb0\xcd\x94\x13");
|
||||
s2k("NNNN6666", "FFFFAAAA",
|
||||
"\xc4\xbf\x6b\x25\xad\xf7\xa4\xf8");
|
||||
s2k("", "",
|
||||
"\x01\x01\x01\x01\x01\x01\x01\xf1");
|
||||
|
||||
if (1) {
|
||||
cfb64_test("\x45\xc2\x0b\x01\x40\x08\x13\x8a",
|
||||
"\x9a\xef\xf4\x37\x41\x69\x0b\xd6",
|
||||
"\x5d\x12\x5d\xf5\xae\x1d\xc6\x47\x21\xd3\x16\xba\x45\x0e\x9d\x4c\x00\xfd\xf8\x64\xca\x69\x67",
|
||||
"\xff\x99\x06\xd8\xe9\xbc\xae\x7e\xde\x49\x7b\x34\x5d\xa0\x74\x61\x9b\x6f\x70\x38\x40\x40\xba");
|
||||
cfb64_test("\xdc\xe9\x51\xc4\x0b\xad\x85\xa8",
|
||||
"\xf5\x56\x6c\xef\x42\xed\x9f\xa8",
|
||||
"\x7d\xe5\xeb\x04\x5c\xaf\x8c\x5b\xf4\x88\xba\x4a\x99\x6a\x3a\x79\xc0\x88\x01\x05\xac\x98\x3c",
|
||||
"\x53\x87\x11\xc4\xa6\xf3\x1e\x67\x56\xfc\x8c\x63\xf0\x2e\xd9\x0e\x4a\x86\x8e\x5b\xa7\xde\xcf");
|
||||
cfb64_test("\x25\xf7\xa7\x0e\x85\x4f\x5b\xb6",
|
||||
"\x83\xae\x73\x03\xea\xeb\x82\x05",
|
||||
"\x1b\x80\x23\xdc\x61\x23\xa7\xde\x80\xf6\xec\xb1\xc1\x6d\x3e\x59\x1f\x76\x6d\xdf\xfa\x42\xc7",
|
||||
"\xe2\xf7\x8d\x2f\x86\xce\x1f\xfc\xdb\x82\xb9\xb5\x9c\xa9\xf4\x9c\x2b\x3f\x34\x6c\x83\xf7\x7e");
|
||||
cfb64_test("\xab\xd5\xd3\x68\xf1\x2c\x0e\x0d",
|
||||
"\x8a\xea\xe8\xc0\xad\xb9\x51\x83",
|
||||
"\x3d\xcb\x7d\xcf\x57\xa6\xf6\x16\x4f\x34\xb6\x5f\xc2\xa9\xf0\xec\x90\xc5\x43\xa0\x19\xfc\x3f",
|
||||
"\xe9\x2c\x22\x20\xd4\x27\x90\x89\x40\x08\x4a\x23\x4d\x41\x05\x67\xe1\xde\xf5\x0b\x8b\x96\xb1");
|
||||
cfb64_test("\x92\x38\xd3\xfd\x61\x83\x92\x0e",
|
||||
"\x25\xb6\x34\x51\x6d\x6a\x35\xa2",
|
||||
"\x98\x55\xab\x2a\xa2\x9e\xcf\xf4\x92\xdf\xb4\xc6\xc1\x34\x55\xf6\x13\x85\x4c\x50\xdc\x82\x1e",
|
||||
"\x87\x96\x47\xa6\xcd\xff\xda\xd2\xad\x88\xaa\x25\xbd\xcd\x72\x61\x37\x14\x42\x14\xc7\x4b\x7f");
|
||||
cfb64_test("\xf4\xcb\x97\xad\xef\x7f\x80\xb0",
|
||||
"\xfc\xa0\x7d\xb6\x75\xb8\x48\xea",
|
||||
"\xc2\x1e\x16\x2b\xb7\xcf\xc6\xa0\x4b\x76\x75\x61\x49\x66\x0d\xce\xd2\x12\xf2\x98\x07\x2f\xac",
|
||||
"\xe2\x20\xbf\x29\x5b\x34\x20\x2a\x2e\x99\xa5\x50\x97\x1b\x4b\x18\xb4\xd6\x87\x35\x7b\x5f\x43");
|
||||
cfb64_test("\x3b\x1c\x15\xec\xb9\x5e\xe0\xda",
|
||||
"\x7d\x94\x23\x76\x96\x72\x62\xf4",
|
||||
"\x5d\x83\xdb\x76\x52\x46\xa7\x84\x0a\x71\x2c\x09\x40\xbd\x3d\x75\x73\x28\x0b\x22\x07\x6f\x8a",
|
||||
"\xf1\x01\x8f\xe2\x32\x35\xe6\x06\xcf\xbb\xe4\x15\x9e\x4e\xf0\xe8\x2e\xcd\xac\xbf\xa6\xc2\xec");
|
||||
cfb64_test("\xc2\xcd\x76\x79\x7f\x51\xce\x86",
|
||||
"\x38\xcf\x55\x7d\x0c\xd5\x35\xfe",
|
||||
"\xc7\xe5\xe8\x1d\x19\x09\x9f\xd5\xdb\x89\x26\xc1\xf1\xc1\x18\x50\xcf\x8b\xf2\xe1\x87\xeb\xe6",
|
||||
"\xd4\x5d\xca\x30\xb9\x41\xfa\x36\x83\xfc\x40\x2d\xd2\xe8\x94\x38\x49\xc8\xa3\x35\xb7\x5d\x9c");
|
||||
cfb64_test("\x67\xfd\xc4\x31\x45\x40\xf7\xea",
|
||||
"\xb9\x29\xe6\x78\xdd\x1a\x13\x84",
|
||||
"\x12\x9b\xe5\xb3\xdd\x42\x6f\x45\x86\x97\x25\x87\x05\xee\x7e\x57\x8f\x22\x79\xb3\x22\xa2\x95",
|
||||
"\x38\xef\x49\xbc\xdd\xbb\x6b\x73\xc0\xd7\xa6\x70\xe0\x1b\xde\x8d\xe6\xb4\xc6\x69\xca\x5e\x1e");
|
||||
}
|
||||
|
||||
|
||||
return 0;
|
||||
}
|
||||
@@ -0,0 +1,243 @@
|
||||
/*
|
||||
* Copyright (c) 2006 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include <config.h>
|
||||
#endif
|
||||
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <dh.h>
|
||||
|
||||
#include <roken.h>
|
||||
|
||||
#include "imath/imath.h"
|
||||
|
||||
RCSID("$Id$");
|
||||
|
||||
static void
|
||||
BN2mpz(mpz_t *s, const BIGNUM *bn)
|
||||
{
|
||||
size_t len;
|
||||
void *p;
|
||||
|
||||
len = BN_num_bytes(bn);
|
||||
p = malloc(len);
|
||||
BN_bn2bin(bn, p);
|
||||
mp_int_read_unsigned(s, p, len);
|
||||
free(p);
|
||||
}
|
||||
|
||||
|
||||
static BIGNUM *
|
||||
mpz2BN(mpz_t *s)
|
||||
{
|
||||
size_t size;
|
||||
BIGNUM *bn;
|
||||
void *p;
|
||||
|
||||
size = mp_int_unsigned_len(s);
|
||||
p = malloc(size);
|
||||
if (p == NULL && size != 0)
|
||||
return NULL;
|
||||
mp_int_to_unsigned(s, p, size);
|
||||
|
||||
bn = BN_bin2bn(p, size, NULL);
|
||||
free(p);
|
||||
return bn;
|
||||
}
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
#define DH_NUM_TRIES 10
|
||||
|
||||
static int
|
||||
dh_generate_key(DH *dh)
|
||||
{
|
||||
mpz_t pub, priv_key, g, p;
|
||||
int have_private_key = (dh->priv_key != NULL);
|
||||
int codes, times = 0;
|
||||
mp_result res;
|
||||
|
||||
if (dh->p == NULL || dh->g == NULL)
|
||||
return 0;
|
||||
|
||||
while (times++ < DH_NUM_TRIES) {
|
||||
if (!have_private_key) {
|
||||
size_t bits = BN_num_bits(dh->p);
|
||||
|
||||
if (dh->priv_key)
|
||||
BN_free(dh->priv_key);
|
||||
|
||||
dh->priv_key = BN_new();
|
||||
if (dh->priv_key == NULL)
|
||||
return 0;
|
||||
if (!BN_rand(dh->priv_key, bits - 1, 0, 0)) {
|
||||
BN_clear_free(dh->priv_key);
|
||||
dh->priv_key = NULL;
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
if (dh->pub_key)
|
||||
BN_free(dh->pub_key);
|
||||
|
||||
mp_int_init(&pub);
|
||||
mp_int_init(&priv_key);
|
||||
mp_int_init(&g);
|
||||
mp_int_init(&p);
|
||||
|
||||
BN2mpz(&priv_key, dh->priv_key);
|
||||
BN2mpz(&g, dh->g);
|
||||
BN2mpz(&p, dh->p);
|
||||
|
||||
res = mp_int_exptmod(&g, &priv_key, &p, &pub);
|
||||
|
||||
mp_int_clear(&priv_key);
|
||||
mp_int_clear(&g);
|
||||
mp_int_clear(&p);
|
||||
if (res != MP_OK)
|
||||
continue;
|
||||
|
||||
dh->pub_key = mpz2BN(&pub);
|
||||
mp_int_clear(&pub);
|
||||
if (dh->pub_key == NULL)
|
||||
return 0;
|
||||
|
||||
if (DH_check_pubkey(dh, dh->pub_key, &codes) && codes == 0)
|
||||
break;
|
||||
if (have_private_key)
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (times >= DH_NUM_TRIES) {
|
||||
if (!have_private_key && dh->priv_key) {
|
||||
BN_free(dh->priv_key);
|
||||
dh->priv_key = NULL;
|
||||
}
|
||||
if (dh->pub_key) {
|
||||
BN_free(dh->pub_key);
|
||||
dh->pub_key = NULL;
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int
|
||||
dh_compute_key(unsigned char *shared, const BIGNUM * pub, DH *dh)
|
||||
{
|
||||
mpz_t s, priv_key, p, peer_pub;
|
||||
size_t size = 0;
|
||||
mp_result res;
|
||||
|
||||
if (dh->pub_key == NULL || dh->g == NULL || dh->priv_key == NULL)
|
||||
return -1;
|
||||
|
||||
mp_int_init(&p);
|
||||
BN2mpz(&p, dh->p);
|
||||
|
||||
mp_int_init(&peer_pub);
|
||||
BN2mpz(&peer_pub, pub);
|
||||
|
||||
/* check if peers pubkey is reasonable */
|
||||
if (MP_SIGN(&peer_pub) == MP_NEG
|
||||
|| mp_int_compare(&peer_pub, &p) >= 0
|
||||
|| mp_int_compare_value(&peer_pub, 1) <= 0)
|
||||
{
|
||||
mp_int_clear(&p);
|
||||
mp_int_clear(&peer_pub);
|
||||
return -1;
|
||||
}
|
||||
|
||||
mp_int_init(&priv_key);
|
||||
BN2mpz(&priv_key, dh->priv_key);
|
||||
|
||||
mp_int_init(&s);
|
||||
|
||||
mp_int_exptmod(&peer_pub, &priv_key, &p, &s);
|
||||
|
||||
mp_int_clear(&p);
|
||||
mp_int_clear(&peer_pub);
|
||||
mp_int_clear(&priv_key);
|
||||
|
||||
size = mp_int_unsigned_len(&s);
|
||||
res = mp_int_to_unsigned(&s, shared, size);
|
||||
mp_int_clear(&s);
|
||||
|
||||
return (res == MP_OK) ? size : -1;
|
||||
}
|
||||
|
||||
static int
|
||||
dh_generate_params(DH *dh, int a, int b, BN_GENCB *callback)
|
||||
{
|
||||
/* groups should already be known, we don't care about this */
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int
|
||||
dh_init(DH *dh)
|
||||
{
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int
|
||||
dh_finish(DH *dh)
|
||||
{
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
const DH_METHOD hc_dh_imath_method = {
|
||||
"hcrypto imath DH",
|
||||
dh_generate_key,
|
||||
dh_compute_key,
|
||||
NULL,
|
||||
dh_init,
|
||||
dh_finish,
|
||||
0,
|
||||
NULL,
|
||||
dh_generate_params
|
||||
};
|
||||
|
||||
const DH_METHOD *
|
||||
DH_imath_method(void)
|
||||
{
|
||||
return &hc_dh_imath_method;
|
||||
}
|
||||
@@ -0,0 +1,294 @@
|
||||
/*
|
||||
* Copyright (c) 2006 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include <config.h>
|
||||
#endif
|
||||
|
||||
RCSID("$Id$");
|
||||
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <dh.h>
|
||||
|
||||
#include <roken.h>
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
DH *
|
||||
DH_new(void)
|
||||
{
|
||||
return DH_new_method(NULL);
|
||||
}
|
||||
|
||||
DH *
|
||||
DH_new_method(ENGINE *engine)
|
||||
{
|
||||
DH *dh;
|
||||
|
||||
dh = calloc(1, sizeof(*dh));
|
||||
if (dh == NULL)
|
||||
return NULL;
|
||||
|
||||
dh->references = 1;
|
||||
|
||||
if (engine) {
|
||||
ENGINE_up_ref(engine);
|
||||
dh->engine = engine;
|
||||
} else {
|
||||
dh->engine = ENGINE_get_default_DH();
|
||||
}
|
||||
|
||||
if (dh->engine) {
|
||||
dh->meth = ENGINE_get_DH(dh->engine);
|
||||
if (dh->meth == NULL) {
|
||||
ENGINE_finish(engine);
|
||||
free(dh);
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
|
||||
if (dh->meth == NULL)
|
||||
dh->meth = DH_get_default_method();
|
||||
|
||||
(*dh->meth->init)(dh);
|
||||
|
||||
return dh;
|
||||
}
|
||||
|
||||
void
|
||||
DH_free(DH *dh)
|
||||
{
|
||||
if (dh->references <= 0)
|
||||
abort();
|
||||
|
||||
if (--dh->references > 0)
|
||||
return;
|
||||
|
||||
(*dh->meth->finish)(dh);
|
||||
|
||||
if (dh->engine)
|
||||
ENGINE_finish(dh->engine);
|
||||
|
||||
#define free_if(f) if (f) { BN_free(f); }
|
||||
free_if(dh->p);
|
||||
free_if(dh->g);
|
||||
free_if(dh->pub_key);
|
||||
free_if(dh->priv_key);
|
||||
free_if(dh->q);
|
||||
free_if(dh->j);
|
||||
free_if(dh->counter);
|
||||
#undef free_if
|
||||
|
||||
memset(dh, 0, sizeof(*dh));
|
||||
free(dh);
|
||||
}
|
||||
|
||||
int
|
||||
DH_up_ref(DH *dh)
|
||||
{
|
||||
return ++dh->references;
|
||||
}
|
||||
|
||||
int
|
||||
DH_size(const DH *dh)
|
||||
{
|
||||
return BN_num_bytes(dh->p);
|
||||
}
|
||||
|
||||
int
|
||||
DH_set_ex_data(DH *dh, int idx, void *data)
|
||||
{
|
||||
dh->ex_data.sk = data;
|
||||
return 1;
|
||||
}
|
||||
|
||||
void *
|
||||
DH_get_ex_data(DH *dh, int idx)
|
||||
{
|
||||
return dh->ex_data.sk;
|
||||
}
|
||||
|
||||
int
|
||||
DH_generate_parameters_ex(DH *dh, int prime_len, int generator, BN_GENCB *cb)
|
||||
{
|
||||
if (dh->meth->generate_params)
|
||||
return dh->meth->generate_params(dh, prime_len, generator, cb);
|
||||
return 0;
|
||||
}
|
||||
|
||||
/*
|
||||
* Check that
|
||||
*
|
||||
* pub_key > 1 and pub_key < p - 1
|
||||
*
|
||||
* to avoid small subgroups attack.
|
||||
*/
|
||||
|
||||
int
|
||||
DH_check_pubkey(const DH *dh, const BIGNUM *pub_key, int *codes)
|
||||
{
|
||||
BIGNUM *bn = NULL, *sum = NULL;
|
||||
int ret = 0;
|
||||
|
||||
*codes = 0;
|
||||
|
||||
bn = BN_new();
|
||||
if (bn == NULL)
|
||||
goto out;
|
||||
|
||||
if (!BN_set_word(bn, 1))
|
||||
goto out;
|
||||
|
||||
if (BN_cmp(bn, pub_key) >= 0)
|
||||
*codes |= DH_CHECK_PUBKEY_TOO_SMALL;
|
||||
|
||||
sum = BN_new();
|
||||
if (sum == NULL)
|
||||
goto out;
|
||||
|
||||
BN_uadd(sum, pub_key, bn);
|
||||
|
||||
if (BN_cmp(sum, dh->p) >= 0)
|
||||
*codes |= DH_CHECK_PUBKEY_TOO_LARGE;
|
||||
|
||||
ret = 1;
|
||||
out:
|
||||
if (bn)
|
||||
BN_free(bn);
|
||||
if (sum)
|
||||
BN_free(sum);
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
int
|
||||
DH_generate_key(DH *dh)
|
||||
{
|
||||
return dh->meth->generate_key(dh);
|
||||
}
|
||||
|
||||
int
|
||||
DH_compute_key(unsigned char *shared_key,
|
||||
const BIGNUM *peer_pub_key, DH *dh)
|
||||
{
|
||||
int codes;
|
||||
|
||||
if (!DH_check_pubkey(dh, peer_pub_key, &codes) || codes != 0)
|
||||
return -1;
|
||||
|
||||
return dh->meth->compute_key(shared_key, peer_pub_key, dh);
|
||||
}
|
||||
|
||||
int
|
||||
DH_set_method(DH *dh, const DH_METHOD *method)
|
||||
{
|
||||
(*dh->meth->finish)(dh);
|
||||
if (dh->engine) {
|
||||
ENGINE_finish(dh->engine);
|
||||
dh->engine = NULL;
|
||||
}
|
||||
dh->meth = method;
|
||||
(*dh->meth->init)(dh);
|
||||
return 1;
|
||||
}
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
static int
|
||||
dh_null_generate_key(DH *dh)
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int
|
||||
dh_null_compute_key(unsigned char *shared,const BIGNUM *pub, DH *dh)
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int
|
||||
dh_null_init(DH *dh)
|
||||
{
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int
|
||||
dh_null_finish(DH *dh)
|
||||
{
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int
|
||||
dh_null_generate_params(DH *dh, int prime_num, int len, BN_GENCB *cb)
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
|
||||
static const DH_METHOD dh_null_method = {
|
||||
"hcrypto null DH",
|
||||
dh_null_generate_key,
|
||||
dh_null_compute_key,
|
||||
NULL,
|
||||
dh_null_init,
|
||||
dh_null_finish,
|
||||
0,
|
||||
NULL,
|
||||
dh_null_generate_params
|
||||
};
|
||||
|
||||
extern const DH_METHOD hc_dh_imath_method;
|
||||
static const DH_METHOD *dh_default_method = &hc_dh_imath_method;
|
||||
|
||||
const DH_METHOD *
|
||||
DH_null_method(void)
|
||||
{
|
||||
return &dh_null_method;
|
||||
}
|
||||
|
||||
void
|
||||
DH_set_default_method(const DH_METHOD *meth)
|
||||
{
|
||||
dh_default_method = meth;
|
||||
}
|
||||
|
||||
const DH_METHOD *
|
||||
DH_get_default_method(void)
|
||||
{
|
||||
return dh_default_method;
|
||||
}
|
||||
|
||||
@@ -0,0 +1,141 @@
|
||||
/*
|
||||
* Copyright (c) 2006 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
/*
|
||||
* $Id$
|
||||
*/
|
||||
|
||||
#ifndef _HEIM_DH_H
|
||||
#define _HEIM_DH_H 1
|
||||
|
||||
/* symbol renaming */
|
||||
#define DH_null_method hc_DH_null_method
|
||||
#define DH_imath_method hc_DH_imath_method
|
||||
#define DH_new hc_DH_new
|
||||
#define DH_new_method hc_DH_new_method
|
||||
#define DH_free hc_DH_free
|
||||
#define DH_up_ref hc_DH_up_ref
|
||||
#define DH_size hc_DH_size
|
||||
#define DH_set_default_method hc_DH_set_default_method
|
||||
#define DH_get_default_method hc_DH_get_default_method
|
||||
#define DH_set_method hc_DH_set_method
|
||||
#define DH_get_method hc_DH_get_method
|
||||
#define DH_set_ex_data hc_DH_set_ex_data
|
||||
#define DH_get_ex_data hc_DH_get_ex_data
|
||||
#define DH_generate_parameters_ex hc_DH_generate_parameters_ex
|
||||
#define DH_check_pubkey hc_DH_check_pubkey
|
||||
#define DH_generate_key hc_DH_generate_key
|
||||
#define DH_compute_key hc_DH_compute_key
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
typedef struct DH DH;
|
||||
typedef struct DH_METHOD DH_METHOD;
|
||||
|
||||
#include <hcrypto/bn.h>
|
||||
#include <hcrypto/engine.h>
|
||||
|
||||
struct DH_METHOD {
|
||||
const char *name;
|
||||
int (*generate_key)(DH *);
|
||||
int (*compute_key)(unsigned char *,const BIGNUM *,DH *);
|
||||
int (*bn_mod_exp)(const DH *, BIGNUM *, const BIGNUM *,
|
||||
const BIGNUM *, const BIGNUM *, BN_CTX *,
|
||||
BN_MONT_CTX *);
|
||||
int (*init)(DH *);
|
||||
int (*finish)(DH *);
|
||||
int flags;
|
||||
void *app_data;
|
||||
int (*generate_params)(DH *, int, int, BN_GENCB *);
|
||||
};
|
||||
|
||||
struct DH {
|
||||
int pad;
|
||||
int version;
|
||||
BIGNUM *p;
|
||||
BIGNUM *g;
|
||||
long length;
|
||||
BIGNUM *pub_key;
|
||||
BIGNUM *priv_key;
|
||||
int flags;
|
||||
void *method_mont_p;
|
||||
BIGNUM *q;
|
||||
BIGNUM *j;
|
||||
void *seed;
|
||||
int seedlen;
|
||||
BIGNUM *counter;
|
||||
int references;
|
||||
struct CRYPTO_EX_DATA {
|
||||
void *sk;
|
||||
int dummy;
|
||||
} ex_data;
|
||||
const DH_METHOD *meth;
|
||||
ENGINE *engine;
|
||||
};
|
||||
|
||||
/* DH_check_pubkey return codes in `codes' argument. */
|
||||
#define DH_CHECK_PUBKEY_TOO_SMALL 1
|
||||
#define DH_CHECK_PUBKEY_TOO_LARGE 2
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
const DH_METHOD *DH_null_method(void);
|
||||
const DH_METHOD *DH_imath_method(void);
|
||||
|
||||
DH * DH_new(void);
|
||||
DH * DH_new_method(ENGINE *);
|
||||
void DH_free(DH *);
|
||||
int DH_up_ref(DH *);
|
||||
|
||||
int DH_size(const DH *);
|
||||
|
||||
|
||||
void DH_set_default_method(const DH_METHOD *);
|
||||
const DH_METHOD *
|
||||
DH_get_default_method(void);
|
||||
int DH_set_method(DH *, const DH_METHOD *);
|
||||
|
||||
int DH_set_ex_data(DH *, int, void *);
|
||||
void * DH_get_ex_data(DH *, int);
|
||||
|
||||
int DH_generate_parameters_ex(DH *, int, int, BN_GENCB *);
|
||||
int DH_check_pubkey(const DH *, const BIGNUM *, int *);
|
||||
int DH_generate_key(DH *);
|
||||
int DH_compute_key(unsigned char *,const BIGNUM *,DH *);
|
||||
|
||||
#endif /* _HEIM_DH_H */
|
||||
|
||||
@@ -0,0 +1,52 @@
|
||||
/*
|
||||
* Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include <config.h>
|
||||
RCSID("$Id$");
|
||||
#endif
|
||||
|
||||
#include <Windows.h>
|
||||
|
||||
BOOL WINAPI
|
||||
DllMain (HANDLE hInst,
|
||||
ULONG reason,
|
||||
LPVOID lpReserved)
|
||||
{
|
||||
switch(reason) {
|
||||
case DLL_PROCESS_ATTACH:
|
||||
case DLL_PROCESS_DETACH:
|
||||
default:
|
||||
return TRUE;
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,125 @@
|
||||
/*
|
||||
* Copyright (c) 2006 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include <config.h>
|
||||
#endif
|
||||
|
||||
RCSID("$Id$");
|
||||
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <dsa.h>
|
||||
|
||||
#include <roken.h>
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
DSA *
|
||||
DSA_new(void)
|
||||
{
|
||||
DSA *dsa = calloc(1, sizeof(*dsa));
|
||||
dsa->meth = rk_UNCONST(DSA_get_default_method());
|
||||
dsa->references = 1;
|
||||
return dsa;
|
||||
}
|
||||
|
||||
void
|
||||
DSA_free(DSA *dsa)
|
||||
{
|
||||
if (dsa->references <= 0)
|
||||
abort();
|
||||
|
||||
if (--dsa->references > 0)
|
||||
return;
|
||||
|
||||
(*dsa->meth->finish)(dsa);
|
||||
|
||||
#define free_if(f) if (f) { BN_free(f); }
|
||||
free_if(dsa->p);
|
||||
free_if(dsa->q);
|
||||
free_if(dsa->g);
|
||||
free_if(dsa->pub_key);
|
||||
free_if(dsa->priv_key);
|
||||
free_if(dsa->kinv);
|
||||
free_if(dsa->r);
|
||||
#undef free_if
|
||||
|
||||
memset(dsa, 0, sizeof(*dsa));
|
||||
free(dsa);
|
||||
|
||||
}
|
||||
|
||||
int
|
||||
DSA_up_ref(DSA *dsa)
|
||||
{
|
||||
return ++dsa->references;
|
||||
}
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
static const DSA_METHOD dsa_null_method = {
|
||||
"hcrypto null DSA"
|
||||
};
|
||||
|
||||
const DSA_METHOD *
|
||||
DSA_null_method(void)
|
||||
{
|
||||
return &dsa_null_method;
|
||||
}
|
||||
|
||||
|
||||
const DSA_METHOD *dsa_default_mech = &dsa_null_method;
|
||||
|
||||
void
|
||||
DSA_set_default_method(const DSA_METHOD *mech)
|
||||
{
|
||||
dsa_default_mech = mech;
|
||||
}
|
||||
|
||||
const DSA_METHOD *
|
||||
DSA_get_default_method(void)
|
||||
{
|
||||
return dsa_default_mech;
|
||||
}
|
||||
|
||||
int
|
||||
DSA_verify(int type, const unsigned char * digest, int digest_len,
|
||||
const unsigned char *sig, int sig_len, DSA *dsa)
|
||||
{
|
||||
return -1;
|
||||
}
|
||||
@@ -0,0 +1,140 @@
|
||||
/*
|
||||
* Copyright (c) 2006 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
/*
|
||||
* $Id$
|
||||
*/
|
||||
|
||||
#ifndef _HEIM_DSA_H
|
||||
#define _HEIM_DSA_H 1
|
||||
|
||||
#include <hcrypto/bn.h>
|
||||
|
||||
/* symbol renaming */
|
||||
#define DSA_null_method hc_DSA_null_method
|
||||
#define DSA_new hc_DSA_new
|
||||
#define DSA_free hc_DSA_free
|
||||
#define DSA_up_ref hc_DSA_up_ref
|
||||
#define DSA_set_default_method hc_DSA_set_default_method
|
||||
#define DSA_get_default_method hc_DSA_get_default_method
|
||||
#define DSA_set_method hc_DSA_set_method
|
||||
#define DSA_get_method hc_DSA_get_method
|
||||
#define DSA_set_app_data hc_DSA_set_app_data
|
||||
#define DSA_get_app_data hc_DSA_get_app_data
|
||||
#define DSA_size hc_DSA_size
|
||||
#define DSA_verify hc_DSA_verify
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
|
||||
typedef struct DSA DSA;
|
||||
typedef struct DSA_METHOD DSA_METHOD;
|
||||
typedef struct DSA_SIG DSA_SIG;
|
||||
|
||||
struct DSA_SIG {
|
||||
BIGNUM *r;
|
||||
BIGNUM *s;
|
||||
};
|
||||
|
||||
struct DSA_METHOD {
|
||||
const char *name;
|
||||
DSA_SIG * (*dsa_do_sign)(const unsigned char *, int, DSA *);
|
||||
int (*dsa_sign_setup)(DSA *, BN_CTX *, BIGNUM **, BIGNUM **);
|
||||
int (*dsa_do_verify)(const unsigned char *, int, DSA_SIG *, DSA *);
|
||||
int (*dsa_mod_exp)(DSA *, BIGNUM *, BIGNUM *, BIGNUM *,
|
||||
BIGNUM *, BIGNUM *, BIGNUM *, BN_CTX *,
|
||||
BN_MONT_CTX *);
|
||||
int (*bn_mod_exp)(DSA *, BIGNUM *, BIGNUM *, const BIGNUM *,
|
||||
const BIGNUM *, BN_CTX *,
|
||||
BN_MONT_CTX *);
|
||||
int (*init)(DSA *);
|
||||
int (*finish)(DSA *);
|
||||
int flags;
|
||||
void *app_data;
|
||||
};
|
||||
|
||||
struct DSA {
|
||||
int pad;
|
||||
long version;
|
||||
int write_params;
|
||||
BIGNUM *p;
|
||||
BIGNUM *q;
|
||||
BIGNUM *g;
|
||||
|
||||
BIGNUM *pub_key;
|
||||
BIGNUM *priv_key;
|
||||
|
||||
BIGNUM *kinv;
|
||||
BIGNUM *r;
|
||||
int flags;
|
||||
void *method_mont_p;
|
||||
int references;
|
||||
struct dsa_CRYPTO_EX_DATA {
|
||||
void *sk;
|
||||
int dummy;
|
||||
} ex_data;
|
||||
const DSA_METHOD *meth;
|
||||
void *engine;
|
||||
};
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
const DSA_METHOD *DSA_null_method(void);
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
DSA * DSA_new(void);
|
||||
void DSA_free(DSA *);
|
||||
int DSA_up_ref(DSA *);
|
||||
|
||||
void DSA_set_default_method(const DSA_METHOD *);
|
||||
const DSA_METHOD * DSA_get_default_method(void);
|
||||
|
||||
const DSA_METHOD * DSA_get_method(const DSA *);
|
||||
int DSA_set_method(DSA *, const DSA_METHOD *);
|
||||
|
||||
void DSA_set_app_data(DSA *, void *arg);
|
||||
void * DSA_get_app_data(DSA *);
|
||||
|
||||
int DSA_size(const DSA *);
|
||||
|
||||
int DSA_verify(int, const unsigned char *, int,
|
||||
const unsigned char *, int, DSA *);
|
||||
|
||||
#endif /* _HEIM_DSA_H */
|
||||
@@ -0,0 +1,345 @@
|
||||
/*
|
||||
* Copyright (c) 2006 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include <config.h>
|
||||
#endif
|
||||
|
||||
RCSID("$Id$");
|
||||
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
|
||||
#include <engine.h>
|
||||
|
||||
#ifdef HAVE_DLFCN_H
|
||||
#include <dlfcn.h>
|
||||
#ifndef RTLD_NOW
|
||||
#define RTLD_NOW 0
|
||||
#endif
|
||||
#endif
|
||||
|
||||
struct hc_engine {
|
||||
int references;
|
||||
char *name;
|
||||
char *id;
|
||||
void (*destroy)(ENGINE *);
|
||||
const RSA_METHOD *rsa;
|
||||
const DH_METHOD *dh;
|
||||
const RAND_METHOD *rand;
|
||||
};
|
||||
|
||||
int
|
||||
ENGINE_finish(ENGINE *engine)
|
||||
{
|
||||
if (engine->references-- <= 0)
|
||||
abort();
|
||||
if (engine->references > 0)
|
||||
return 1;
|
||||
|
||||
if (engine->name)
|
||||
free(engine->name);
|
||||
if (engine->id)
|
||||
free(engine->id);
|
||||
if(engine->destroy)
|
||||
(*engine->destroy)(engine);
|
||||
|
||||
memset(engine, 0, sizeof(engine));
|
||||
engine->references = -1;
|
||||
|
||||
|
||||
free(engine);
|
||||
return 1;
|
||||
}
|
||||
|
||||
int
|
||||
ENGINE_up_ref(ENGINE *engine)
|
||||
{
|
||||
if (engine->references < 0)
|
||||
abort();
|
||||
engine->references++;
|
||||
return 1;
|
||||
}
|
||||
|
||||
int
|
||||
ENGINE_set_id(ENGINE *engine, const char *id)
|
||||
{
|
||||
engine->id = strdup(id);
|
||||
return (engine->id == NULL) ? 0 : 1;
|
||||
}
|
||||
|
||||
int
|
||||
ENGINE_set_name(ENGINE *engine, const char *name)
|
||||
{
|
||||
engine->name = strdup(name);
|
||||
return (engine->name == NULL) ? 0 : 1;
|
||||
}
|
||||
|
||||
int
|
||||
ENGINE_set_RSA(ENGINE *engine, const RSA_METHOD *method)
|
||||
{
|
||||
engine->rsa = method;
|
||||
return 1;
|
||||
}
|
||||
|
||||
int
|
||||
ENGINE_set_DH(ENGINE *engine, const DH_METHOD *method)
|
||||
{
|
||||
engine->dh = method;
|
||||
return 1;
|
||||
}
|
||||
|
||||
int
|
||||
ENGINE_set_destroy_function(ENGINE *e, void (*destroy)(ENGINE *))
|
||||
{
|
||||
e->destroy = destroy;
|
||||
return 1;
|
||||
}
|
||||
|
||||
const char *
|
||||
ENGINE_get_id(const ENGINE *engine)
|
||||
{
|
||||
return engine->id;
|
||||
}
|
||||
|
||||
const char *
|
||||
ENGINE_get_name(const ENGINE *engine)
|
||||
{
|
||||
return engine->name;
|
||||
}
|
||||
|
||||
const RSA_METHOD *
|
||||
ENGINE_get_RSA(const ENGINE *engine)
|
||||
{
|
||||
return engine->rsa;
|
||||
}
|
||||
|
||||
const DH_METHOD *
|
||||
ENGINE_get_DH(const ENGINE *engine)
|
||||
{
|
||||
return engine->dh;
|
||||
}
|
||||
|
||||
const RAND_METHOD *
|
||||
ENGINE_get_RAND(const ENGINE *engine)
|
||||
{
|
||||
return engine->rand;
|
||||
}
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
#define SG_default_engine(type) \
|
||||
static ENGINE *type##_engine; \
|
||||
int \
|
||||
ENGINE_set_default_##type(ENGINE *engine) \
|
||||
{ \
|
||||
if (type##_engine) \
|
||||
ENGINE_finish(type##_engine); \
|
||||
type##_engine = engine; \
|
||||
if (type##_engine) \
|
||||
ENGINE_up_ref(type##_engine); \
|
||||
return 1; \
|
||||
} \
|
||||
ENGINE * \
|
||||
ENGINE_get_default_##type(void) \
|
||||
{ \
|
||||
if (type##_engine) \
|
||||
ENGINE_up_ref(type##_engine); \
|
||||
return type##_engine; \
|
||||
}
|
||||
|
||||
SG_default_engine(RSA)
|
||||
SG_default_engine(DH)
|
||||
|
||||
#undef SG_default_engine
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
static ENGINE **engines;
|
||||
static unsigned int num_engines;
|
||||
|
||||
static int
|
||||
add_engine(ENGINE *engine)
|
||||
{
|
||||
ENGINE **d, *dup;
|
||||
|
||||
dup = ENGINE_by_id(engine->id);
|
||||
if (dup) {
|
||||
ENGINE_finish(dup);
|
||||
return 0;
|
||||
}
|
||||
|
||||
d = realloc(engines, (num_engines + 1) * sizeof(*engines));
|
||||
if (d == NULL)
|
||||
return 1;
|
||||
engines = d;
|
||||
engines[num_engines++] = engine;
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
void
|
||||
ENGINE_load_builtin_engines(void)
|
||||
{
|
||||
ENGINE *engine;
|
||||
int ret;
|
||||
|
||||
engine = calloc(1, sizeof(*engine));
|
||||
if (engine == NULL)
|
||||
return;
|
||||
|
||||
ENGINE_set_id(engine, "builtin");
|
||||
ENGINE_set_name(engine,
|
||||
"Heimdal crypto builtin engine version " PACKAGE_VERSION);
|
||||
ENGINE_set_RSA(engine, RSA_imath_method());
|
||||
ENGINE_set_DH(engine, DH_imath_method());
|
||||
|
||||
ret = add_engine(engine);
|
||||
if (ret != 1)
|
||||
ENGINE_finish(engine);
|
||||
}
|
||||
|
||||
ENGINE *
|
||||
ENGINE_by_dso(const char *path, const char *id)
|
||||
{
|
||||
#ifdef HAVE_DLOPEN
|
||||
ENGINE *engine;
|
||||
void *handle;
|
||||
int ret;
|
||||
|
||||
engine = calloc(1, sizeof(*engine));
|
||||
if (engine == NULL)
|
||||
return NULL;
|
||||
|
||||
handle = dlopen(path, RTLD_NOW);
|
||||
if (handle == NULL) {
|
||||
/* printf("error: %s\n", dlerror()); */
|
||||
free(engine);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
{
|
||||
unsigned long version;
|
||||
openssl_v_check v_check;
|
||||
|
||||
v_check = (openssl_v_check)dlsym(handle, "v_check");
|
||||
if (v_check == NULL) {
|
||||
dlclose(handle);
|
||||
free(engine);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
version = (*v_check)(OPENSSL_DYNAMIC_VERSION);
|
||||
if (version == 0) {
|
||||
dlclose(handle);
|
||||
free(engine);
|
||||
return NULL;
|
||||
}
|
||||
}
|
||||
|
||||
{
|
||||
openssl_bind_engine bind_engine;
|
||||
|
||||
bind_engine = (openssl_bind_engine)dlsym(handle, "bind_engine");
|
||||
if (bind_engine == NULL) {
|
||||
dlclose(handle);
|
||||
free(engine);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
ret = (*bind_engine)(engine, id, NULL); /* XXX fix third arg */
|
||||
if (ret != 1) {
|
||||
dlclose(handle);
|
||||
free(engine);
|
||||
return NULL;
|
||||
}
|
||||
}
|
||||
|
||||
ENGINE_up_ref(engine);
|
||||
|
||||
ret = add_engine(engine);
|
||||
if (ret != 1) {
|
||||
dlclose(handle);
|
||||
ENGINE_finish(engine);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
return engine;
|
||||
#else
|
||||
return NULL;
|
||||
#endif
|
||||
}
|
||||
|
||||
ENGINE *
|
||||
ENGINE_by_id(const char *id)
|
||||
{
|
||||
int i;
|
||||
|
||||
for (i = 0; i < num_engines; i++) {
|
||||
if (strcmp(id, engines[i]->id) == 0) {
|
||||
ENGINE_up_ref(engines[i]);
|
||||
return engines[i];
|
||||
}
|
||||
}
|
||||
return NULL;
|
||||
}
|
||||
|
||||
void
|
||||
ENGINE_add_conf_module(void)
|
||||
{
|
||||
ENGINE *engine;
|
||||
|
||||
/*
|
||||
* XXX Parse configuration file instead
|
||||
*/
|
||||
|
||||
engine = ENGINE_by_dso("/usr/heimdal/lib/hc-modules/hc-gmp.so", NULL);
|
||||
if (engine == NULL)
|
||||
return;
|
||||
{
|
||||
const RSA_METHOD *method = ENGINE_get_RSA(engine);
|
||||
if (method)
|
||||
RSA_set_default_method(method);
|
||||
}
|
||||
{
|
||||
const DH_METHOD *method = ENGINE_get_DH(engine);
|
||||
if (method)
|
||||
DH_set_default_method(method);
|
||||
}
|
||||
|
||||
}
|
||||
@@ -0,0 +1,103 @@
|
||||
/*
|
||||
* Copyright (c) 2006 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
/*
|
||||
* $Id$
|
||||
*/
|
||||
|
||||
#ifndef _HEIM_ENGINE_H
|
||||
#define _HEIM_ENGINE_H 1
|
||||
|
||||
/* symbol renaming */
|
||||
#define ENGINE_add_conf_module hc_ENGINE_add_conf_module
|
||||
#define ENGINE_by_dso hc_ENGINE_by_dso
|
||||
#define ENGINE_by_id hc_ENGINE_by_id
|
||||
#define ENGINE_finish hc_ENGINE_finish
|
||||
#define ENGINE_get_DH hc_ENGINE_get_DH
|
||||
#define ENGINE_get_RSA hc_ENGINE_get_RSA
|
||||
#define ENGINE_get_RAND hc_ENGINE_get_RAND
|
||||
#define ENGINE_get_id hc_ENGINE_get_id
|
||||
#define ENGINE_get_name hc_ENGINE_get_name
|
||||
#define ENGINE_load_builtin_engines hc_ENGINE_load_builtin_engines
|
||||
#define ENGINE_set_DH hc_ENGINE_set_DH
|
||||
#define ENGINE_set_RSA hc_ENGINE_set_RSA
|
||||
#define ENGINE_set_id hc_ENGINE_set_id
|
||||
#define ENGINE_set_name hc_ENGINE_set_name
|
||||
#define ENGINE_set_destroy_function hc_ENGINE_set_destroy_function
|
||||
#define ENGINE_up_ref hc_ENGINE_up_ref
|
||||
#define ENGINE_get_default_DH hc_ENGINE_get_default_DH
|
||||
#define ENGINE_get_default_RSA hc_ENGINE_get_default_RSA
|
||||
#define ENGINE_set_default_DH hc_ENGINE_set_default_DH
|
||||
#define ENGINE_set_default_RSA hc_ENGINE_set_default_RSA
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
typedef struct hc_engine ENGINE;
|
||||
|
||||
#include <hcrypto/rsa.h>
|
||||
#include <hcrypto/dsa.h>
|
||||
#include <hcrypto/dh.h>
|
||||
#include <hcrypto/rand.h>
|
||||
|
||||
#define OPENSSL_DYNAMIC_VERSION (unsigned long)0x00020000
|
||||
|
||||
typedef int (*openssl_bind_engine)(ENGINE *, const char *, const void *);
|
||||
typedef unsigned long (*openssl_v_check)(unsigned long);
|
||||
|
||||
void ENGINE_add_conf_module(void);
|
||||
void ENGINE_load_builtin_engines(void);
|
||||
ENGINE *ENGINE_by_id(const char *);
|
||||
ENGINE *ENGINE_by_dso(const char *, const char *);
|
||||
int ENGINE_finish(ENGINE *);
|
||||
int ENGINE_up_ref(ENGINE *);
|
||||
int ENGINE_set_id(ENGINE *, const char *);
|
||||
int ENGINE_set_name(ENGINE *, const char *);
|
||||
int ENGINE_set_RSA(ENGINE *, const RSA_METHOD *);
|
||||
int ENGINE_set_DH(ENGINE *, const DH_METHOD *);
|
||||
int ENGINE_set_destroy_function(ENGINE *, void (*)(ENGINE *));
|
||||
|
||||
const char * ENGINE_get_id(const ENGINE *);
|
||||
const char * ENGINE_get_name(const ENGINE *);
|
||||
const RSA_METHOD * ENGINE_get_RSA(const ENGINE *);
|
||||
const DH_METHOD * ENGINE_get_DH(const ENGINE *);
|
||||
const RAND_METHOD * ENGINE_get_RAND(const ENGINE *);
|
||||
|
||||
int ENGINE_set_default_RSA(ENGINE *);
|
||||
ENGINE * ENGINE_get_default_RSA(void);
|
||||
int ENGINE_set_default_DH(ENGINE *);
|
||||
ENGINE * ENGINE_get_default_DH(void);
|
||||
|
||||
|
||||
#endif /* _HEIM_ENGINE_H */
|
||||
@@ -0,0 +1,905 @@
|
||||
#include <sys/types.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <assert.h>
|
||||
|
||||
#include <evp.h>
|
||||
|
||||
#include <krb5-types.h>
|
||||
|
||||
#include <aes.h>
|
||||
#include <des.h>
|
||||
#include <sha.h>
|
||||
#include <rc2.h>
|
||||
#include <rc4.h>
|
||||
#include <md2.h>
|
||||
#include <md4.h>
|
||||
#include <md5.h>
|
||||
|
||||
typedef int (*evp_md_init)(EVP_MD_CTX *);
|
||||
typedef int (*evp_md_update)(EVP_MD_CTX *,const void *, size_t);
|
||||
typedef int (*evp_md_final)(void *, EVP_MD_CTX *);
|
||||
typedef int (*evp_md_cleanup)(EVP_MD_CTX *);
|
||||
|
||||
struct hc_evp_md {
|
||||
int hash_size;
|
||||
int block_size;
|
||||
int ctx_size;
|
||||
evp_md_init init;
|
||||
evp_md_update update;
|
||||
evp_md_final final;
|
||||
evp_md_cleanup cleanup;
|
||||
};
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
size_t
|
||||
EVP_MD_size(const EVP_MD *md)
|
||||
{
|
||||
return md->hash_size;
|
||||
}
|
||||
|
||||
size_t
|
||||
EVP_MD_block_size(const EVP_MD *md)
|
||||
{
|
||||
return md->block_size;
|
||||
}
|
||||
|
||||
EVP_MD_CTX *
|
||||
EVP_MD_CTX_create(void)
|
||||
{
|
||||
return calloc(1, sizeof(EVP_MD_CTX));
|
||||
}
|
||||
|
||||
void
|
||||
EVP_MD_CTX_init(EVP_MD_CTX *ctx)
|
||||
{
|
||||
memset(ctx, 0, sizeof(*ctx));
|
||||
}
|
||||
|
||||
void
|
||||
EVP_MD_CTX_destroy(EVP_MD_CTX *ctx)
|
||||
{
|
||||
EVP_MD_CTX_cleanup(ctx);
|
||||
free(ctx);
|
||||
}
|
||||
|
||||
int
|
||||
EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx)
|
||||
{
|
||||
if (ctx->md && ctx->md->cleanup)
|
||||
(ctx->md->cleanup)(ctx);
|
||||
ctx->md = NULL;
|
||||
ctx->engine = NULL;
|
||||
free(ctx->ptr);
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
||||
const EVP_MD *
|
||||
EVP_MD_CTX_md(EVP_MD_CTX *ctx)
|
||||
{
|
||||
return ctx->md;
|
||||
}
|
||||
|
||||
size_t
|
||||
EVP_MD_CTX_size(EVP_MD_CTX *ctx)
|
||||
{
|
||||
return EVP_MD_size(ctx->md);
|
||||
}
|
||||
|
||||
size_t
|
||||
EVP_MD_CTX_block_size(EVP_MD_CTX *ctx)
|
||||
{
|
||||
return EVP_MD_block_size(ctx->md);
|
||||
}
|
||||
|
||||
int
|
||||
EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *md, ENGINE *engine)
|
||||
{
|
||||
if (ctx->md != md || ctx->engine != engine) {
|
||||
EVP_MD_CTX_cleanup(ctx);
|
||||
ctx->md = md;
|
||||
ctx->engine = engine;
|
||||
|
||||
ctx->ptr = calloc(1, md->ctx_size);
|
||||
if (ctx->ptr == NULL)
|
||||
return 0;
|
||||
}
|
||||
(ctx->md->init)(ctx->ptr);
|
||||
return 1;
|
||||
}
|
||||
|
||||
int
|
||||
EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t size)
|
||||
{
|
||||
(ctx->md->update)(ctx->ptr, data, size);
|
||||
return 1;
|
||||
}
|
||||
|
||||
int
|
||||
EVP_DigestFinal_ex(EVP_MD_CTX *ctx, void *hash, unsigned int *size)
|
||||
{
|
||||
(ctx->md->final)(hash, ctx->ptr);
|
||||
if (size)
|
||||
*size = ctx->md->hash_size;
|
||||
return 1;
|
||||
}
|
||||
|
||||
int
|
||||
EVP_Digest(const void *data, size_t dsize, void *hash, unsigned int *hsize,
|
||||
const EVP_MD *md, ENGINE *engine)
|
||||
{
|
||||
EVP_MD_CTX *ctx;
|
||||
int ret;
|
||||
|
||||
ctx = EVP_MD_CTX_create();
|
||||
if (ctx == NULL)
|
||||
return 0;
|
||||
ret = EVP_DigestInit_ex(ctx, md, engine);
|
||||
if (ret != 1)
|
||||
return ret;
|
||||
ret = EVP_DigestUpdate(ctx, data, dsize);
|
||||
if (ret != 1)
|
||||
return ret;
|
||||
ret = EVP_DigestFinal_ex(ctx, hash, hsize);
|
||||
if (ret != 1)
|
||||
return ret;
|
||||
EVP_MD_CTX_destroy(ctx);
|
||||
return 1;
|
||||
}
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
const EVP_MD *
|
||||
EVP_sha256(void)
|
||||
{
|
||||
static const struct hc_evp_md sha256 = {
|
||||
32,
|
||||
64,
|
||||
sizeof(SHA256_CTX),
|
||||
(evp_md_init)SHA256_Init,
|
||||
(evp_md_update)SHA256_Update,
|
||||
(evp_md_final)SHA256_Final,
|
||||
NULL
|
||||
};
|
||||
return &sha256;
|
||||
}
|
||||
|
||||
static const struct hc_evp_md sha1 = {
|
||||
20,
|
||||
64,
|
||||
sizeof(SHA_CTX),
|
||||
(evp_md_init)SHA1_Init,
|
||||
(evp_md_update)SHA1_Update,
|
||||
(evp_md_final)SHA1_Final,
|
||||
NULL
|
||||
};
|
||||
|
||||
const EVP_MD *
|
||||
EVP_sha1(void)
|
||||
{
|
||||
return &sha1;
|
||||
}
|
||||
|
||||
const EVP_MD *
|
||||
EVP_sha(void)
|
||||
{
|
||||
return &sha1;
|
||||
}
|
||||
|
||||
const EVP_MD *
|
||||
EVP_md5(void)
|
||||
{
|
||||
static const struct hc_evp_md md5 = {
|
||||
16,
|
||||
64,
|
||||
sizeof(MD5_CTX),
|
||||
(evp_md_init)MD5_Init,
|
||||
(evp_md_update)MD5_Update,
|
||||
(evp_md_final)MD5_Final,
|
||||
NULL
|
||||
};
|
||||
return &md5;
|
||||
}
|
||||
|
||||
const EVP_MD *
|
||||
EVP_md4(void)
|
||||
{
|
||||
static const struct hc_evp_md md4 = {
|
||||
16,
|
||||
64,
|
||||
sizeof(MD4_CTX),
|
||||
(evp_md_init)MD4_Init,
|
||||
(evp_md_update)MD4_Update,
|
||||
(evp_md_final)MD4_Final,
|
||||
NULL
|
||||
};
|
||||
return &md4;
|
||||
}
|
||||
|
||||
const EVP_MD *
|
||||
EVP_md2(void)
|
||||
{
|
||||
static const struct hc_evp_md md2 = {
|
||||
16,
|
||||
16,
|
||||
sizeof(MD2_CTX),
|
||||
(evp_md_init)MD2_Init,
|
||||
(evp_md_update)MD2_Update,
|
||||
(evp_md_final)MD2_Final,
|
||||
NULL
|
||||
};
|
||||
return &md2;
|
||||
}
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
static void
|
||||
null_Init (void *m)
|
||||
{
|
||||
}
|
||||
static void
|
||||
null_Update (void *m, const void * data, size_t size)
|
||||
{
|
||||
}
|
||||
static void
|
||||
null_Final(void *res, struct md5 *m)
|
||||
{
|
||||
}
|
||||
|
||||
const EVP_MD *
|
||||
EVP_md_null(void)
|
||||
{
|
||||
static const struct hc_evp_md null = {
|
||||
0,
|
||||
0,
|
||||
0,
|
||||
(evp_md_init)null_Init,
|
||||
(evp_md_update)null_Update,
|
||||
(evp_md_final)null_Final,
|
||||
NULL
|
||||
};
|
||||
return &null;
|
||||
}
|
||||
|
||||
#if 0
|
||||
void EVP_MD_CTX_init(EVP_MD_CTX *ctx);
|
||||
int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);
|
||||
int EVP_DigestFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s);
|
||||
int EVP_SignFinal(EVP_MD_CTX *, void *, size_t *, EVP_PKEY *);
|
||||
int EVP_VerifyFinal(EVP_MD_CTX *, const void *, size_t, EVP_PKEY *);
|
||||
#endif
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
size_t
|
||||
EVP_CIPHER_block_size(const EVP_CIPHER *c)
|
||||
{
|
||||
return c->block_size;
|
||||
}
|
||||
|
||||
size_t
|
||||
EVP_CIPHER_key_length(const EVP_CIPHER *c)
|
||||
{
|
||||
return c->key_len;
|
||||
}
|
||||
|
||||
size_t
|
||||
EVP_CIPHER_iv_length(const EVP_CIPHER *c)
|
||||
{
|
||||
return c->iv_len;
|
||||
}
|
||||
|
||||
void
|
||||
EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *c)
|
||||
{
|
||||
memset(c, 0, sizeof(*c));
|
||||
}
|
||||
|
||||
int
|
||||
EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c)
|
||||
{
|
||||
if (c->cipher && c->cipher->cleanup)
|
||||
c->cipher->cleanup(c);
|
||||
if (c->cipher_data) {
|
||||
free(c->cipher_data);
|
||||
c->cipher_data = NULL;
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
|
||||
#if 0
|
||||
int
|
||||
EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int length)
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
|
||||
int
|
||||
EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *c, int pad)
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
#endif
|
||||
|
||||
const EVP_CIPHER *
|
||||
EVP_CIPHER_CTX_cipher(EVP_CIPHER_CTX *ctx)
|
||||
{
|
||||
return ctx->cipher;
|
||||
}
|
||||
|
||||
size_t
|
||||
EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx)
|
||||
{
|
||||
return EVP_CIPHER_block_size(ctx->cipher);
|
||||
}
|
||||
|
||||
size_t
|
||||
EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx)
|
||||
{
|
||||
return EVP_CIPHER_key_length(ctx->cipher);
|
||||
}
|
||||
|
||||
size_t
|
||||
EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx)
|
||||
{
|
||||
return EVP_CIPHER_iv_length(ctx->cipher);
|
||||
}
|
||||
|
||||
unsigned long
|
||||
EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx)
|
||||
{
|
||||
return ctx->cipher->flags;
|
||||
}
|
||||
|
||||
int
|
||||
EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx)
|
||||
{
|
||||
return EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_MODE;
|
||||
}
|
||||
|
||||
void *
|
||||
EVP_CIPHER_CTX_get_app_data(EVP_CIPHER_CTX *ctx)
|
||||
{
|
||||
return ctx->app_data;
|
||||
}
|
||||
|
||||
void
|
||||
EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data)
|
||||
{
|
||||
ctx->app_data = data;
|
||||
}
|
||||
|
||||
int
|
||||
EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *c, ENGINE *engine,
|
||||
const void *key, const void *iv, int encp)
|
||||
{
|
||||
if (encp == -1)
|
||||
encp = ctx->encrypt;
|
||||
else
|
||||
ctx->encrypt = (encp ? 1 : 0);
|
||||
|
||||
if (c && (c != ctx->cipher)) {
|
||||
EVP_CIPHER_CTX_cleanup(ctx);
|
||||
ctx->cipher = c;
|
||||
ctx->key_len = c->key_len;
|
||||
|
||||
ctx->cipher_data = malloc(c->ctx_size);
|
||||
if (ctx->cipher_data == NULL && c->ctx_size != 0)
|
||||
return 0;
|
||||
|
||||
} else if (ctx->cipher == NULL) {
|
||||
/* reuse of cipher, but not any cipher ever set! */
|
||||
return 0;
|
||||
}
|
||||
|
||||
switch (EVP_CIPHER_CTX_flags(ctx)) {
|
||||
case EVP_CIPH_CBC_MODE:
|
||||
|
||||
assert(EVP_CIPHER_CTX_iv_length(ctx) <= sizeof(ctx->iv));
|
||||
|
||||
if (iv)
|
||||
memcpy(ctx->oiv, iv, EVP_CIPHER_CTX_iv_length(ctx));
|
||||
memcpy(ctx->iv, ctx->oiv, EVP_CIPHER_CTX_iv_length(ctx));
|
||||
break;
|
||||
default:
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT))
|
||||
ctx->cipher->init(ctx, key, iv, encp);
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
int
|
||||
EVP_Cipher(EVP_CIPHER_CTX *ctx, void *out, const void *in,size_t size)
|
||||
{
|
||||
return ctx->cipher->do_cipher(ctx, out, in, size);
|
||||
}
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
static int
|
||||
enc_null_init(EVP_CIPHER_CTX *ctx,
|
||||
const unsigned char * key,
|
||||
const unsigned char * iv,
|
||||
int encp)
|
||||
{
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int
|
||||
enc_null_do_cipher(EVP_CIPHER_CTX *ctx,
|
||||
unsigned char *out,
|
||||
const unsigned char *in,
|
||||
unsigned int size)
|
||||
{
|
||||
memmove(out, in, size);
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int
|
||||
enc_null_cleanup(EVP_CIPHER_CTX *ctx)
|
||||
{
|
||||
return 1;
|
||||
}
|
||||
|
||||
const EVP_CIPHER *
|
||||
EVP_enc_null(void)
|
||||
{
|
||||
static const EVP_CIPHER enc_null = {
|
||||
0,
|
||||
0,
|
||||
0,
|
||||
0,
|
||||
EVP_CIPH_CBC_MODE,
|
||||
enc_null_init,
|
||||
enc_null_do_cipher,
|
||||
enc_null_cleanup,
|
||||
0,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL
|
||||
};
|
||||
return &enc_null;
|
||||
}
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
struct rc2_cbc {
|
||||
unsigned int maximum_effective_key;
|
||||
RC2_KEY key;
|
||||
};
|
||||
|
||||
static int
|
||||
rc2_init(EVP_CIPHER_CTX *ctx,
|
||||
const unsigned char * key,
|
||||
const unsigned char * iv,
|
||||
int encp)
|
||||
{
|
||||
struct rc2_cbc *k = ctx->cipher_data;
|
||||
k->maximum_effective_key = EVP_CIPHER_CTX_key_length(ctx) * 8;
|
||||
RC2_set_key(&k->key,
|
||||
EVP_CIPHER_CTX_key_length(ctx),
|
||||
key,
|
||||
k->maximum_effective_key);
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int
|
||||
rc2_do_cipher(EVP_CIPHER_CTX *ctx,
|
||||
unsigned char *out,
|
||||
const unsigned char *in,
|
||||
unsigned int size)
|
||||
{
|
||||
struct rc2_cbc *k = ctx->cipher_data;
|
||||
RC2_cbc_encrypt(in, out, size, &k->key, ctx->iv, ctx->encrypt);
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int
|
||||
rc2_cleanup(EVP_CIPHER_CTX *ctx)
|
||||
{
|
||||
memset(ctx->cipher_data, 0, sizeof(struct rc2_cbc));
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
||||
const EVP_CIPHER *
|
||||
EVP_rc2_cbc(void)
|
||||
{
|
||||
static const EVP_CIPHER rc2_cbc = {
|
||||
0,
|
||||
RC2_BLOCK_SIZE,
|
||||
RC2_KEY_LENGTH,
|
||||
RC2_BLOCK_SIZE,
|
||||
EVP_CIPH_CBC_MODE,
|
||||
rc2_init,
|
||||
rc2_do_cipher,
|
||||
rc2_cleanup,
|
||||
sizeof(struct rc2_cbc),
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL
|
||||
};
|
||||
return &rc2_cbc;
|
||||
}
|
||||
|
||||
const EVP_CIPHER *
|
||||
EVP_rc2_40_cbc(void)
|
||||
{
|
||||
static const EVP_CIPHER rc2_40_cbc = {
|
||||
0,
|
||||
RC2_BLOCK_SIZE,
|
||||
5,
|
||||
RC2_BLOCK_SIZE,
|
||||
EVP_CIPH_CBC_MODE,
|
||||
rc2_init,
|
||||
rc2_do_cipher,
|
||||
rc2_cleanup,
|
||||
sizeof(struct rc2_cbc),
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL
|
||||
};
|
||||
return &rc2_40_cbc;
|
||||
}
|
||||
|
||||
const EVP_CIPHER *
|
||||
EVP_rc2_64_cbc(void)
|
||||
{
|
||||
static const EVP_CIPHER rc2_64_cbc = {
|
||||
0,
|
||||
RC2_BLOCK_SIZE,
|
||||
8,
|
||||
RC2_BLOCK_SIZE,
|
||||
EVP_CIPH_CBC_MODE,
|
||||
rc2_init,
|
||||
rc2_do_cipher,
|
||||
rc2_cleanup,
|
||||
sizeof(struct rc2_cbc),
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL
|
||||
};
|
||||
return &rc2_64_cbc;
|
||||
}
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
const EVP_CIPHER *
|
||||
EVP_rc4(void)
|
||||
{
|
||||
printf("evp rc4\n");
|
||||
abort();
|
||||
return NULL;
|
||||
}
|
||||
|
||||
const EVP_CIPHER *
|
||||
EVP_rc4_40(void)
|
||||
{
|
||||
printf("evp rc4_40\n");
|
||||
abort();
|
||||
return NULL;
|
||||
}
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
struct des_ede3_cbc {
|
||||
DES_key_schedule ks[3];
|
||||
};
|
||||
|
||||
static int
|
||||
des_ede3_cbc_init(EVP_CIPHER_CTX *ctx,
|
||||
const unsigned char * key,
|
||||
const unsigned char * iv,
|
||||
int encp)
|
||||
{
|
||||
struct des_ede3_cbc *k = ctx->cipher_data;
|
||||
|
||||
DES_key_sched((DES_cblock *)(key), &k->ks[0]);
|
||||
DES_key_sched((DES_cblock *)(key + 8), &k->ks[1]);
|
||||
DES_key_sched((DES_cblock *)(key + 16), &k->ks[2]);
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int
|
||||
des_ede3_cbc_do_cipher(EVP_CIPHER_CTX *ctx,
|
||||
unsigned char *out,
|
||||
const unsigned char *in,
|
||||
unsigned int size)
|
||||
{
|
||||
struct des_ede3_cbc *k = ctx->cipher_data;
|
||||
DES_ede3_cbc_encrypt(in, out, size,
|
||||
&k->ks[0], &k->ks[1], &k->ks[2],
|
||||
(DES_cblock *)ctx->iv, ctx->encrypt);
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int
|
||||
des_ede3_cbc_cleanup(EVP_CIPHER_CTX *ctx)
|
||||
{
|
||||
memset(ctx->cipher_data, 0, sizeof(struct des_ede3_cbc));
|
||||
return 1;
|
||||
}
|
||||
|
||||
const EVP_CIPHER *
|
||||
EVP_des_ede3_cbc(void)
|
||||
{
|
||||
static const EVP_CIPHER des_ede3_cbc = {
|
||||
0,
|
||||
8,
|
||||
24,
|
||||
8,
|
||||
EVP_CIPH_CBC_MODE,
|
||||
des_ede3_cbc_init,
|
||||
des_ede3_cbc_do_cipher,
|
||||
des_ede3_cbc_cleanup,
|
||||
sizeof(struct des_ede3_cbc),
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL
|
||||
};
|
||||
return &des_ede3_cbc;
|
||||
}
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
static int
|
||||
aes_init(EVP_CIPHER_CTX *ctx,
|
||||
const unsigned char * key,
|
||||
const unsigned char * iv,
|
||||
int encp)
|
||||
{
|
||||
AES_KEY *k = ctx->cipher_data;
|
||||
if (ctx->encrypt)
|
||||
AES_set_encrypt_key(key, ctx->cipher->key_len * 8, k);
|
||||
else
|
||||
AES_set_decrypt_key(key, ctx->cipher->key_len * 8, k);
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int
|
||||
aes_do_cipher(EVP_CIPHER_CTX *ctx,
|
||||
unsigned char *out,
|
||||
const unsigned char *in,
|
||||
unsigned int size)
|
||||
{
|
||||
AES_KEY *k = ctx->cipher_data;
|
||||
AES_cbc_encrypt(in, out, size, k, ctx->iv, ctx->encrypt);
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int
|
||||
aes_cleanup(EVP_CIPHER_CTX *ctx)
|
||||
{
|
||||
memset(ctx->cipher_data, 0, sizeof(AES_KEY));
|
||||
return 1;
|
||||
}
|
||||
|
||||
const EVP_CIPHER *
|
||||
EVP_aes_128_cbc(void)
|
||||
{
|
||||
static const EVP_CIPHER aes_128_cbc = {
|
||||
0,
|
||||
16,
|
||||
16,
|
||||
16,
|
||||
EVP_CIPH_CBC_MODE,
|
||||
aes_init,
|
||||
aes_do_cipher,
|
||||
aes_cleanup,
|
||||
sizeof(AES_KEY),
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL
|
||||
};
|
||||
return &aes_128_cbc;
|
||||
}
|
||||
|
||||
const EVP_CIPHER *
|
||||
EVP_aes_192_cbc(void)
|
||||
{
|
||||
static const EVP_CIPHER aes_192_cbc = {
|
||||
0,
|
||||
16,
|
||||
24,
|
||||
16,
|
||||
EVP_CIPH_CBC_MODE,
|
||||
aes_init,
|
||||
aes_do_cipher,
|
||||
aes_cleanup,
|
||||
sizeof(AES_KEY),
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL
|
||||
};
|
||||
return &aes_192_cbc;
|
||||
}
|
||||
|
||||
|
||||
const EVP_CIPHER *
|
||||
EVP_aes_256_cbc(void)
|
||||
{
|
||||
static const EVP_CIPHER aes_256_cbc = {
|
||||
0,
|
||||
16,
|
||||
32,
|
||||
16,
|
||||
EVP_CIPH_CBC_MODE,
|
||||
aes_init,
|
||||
aes_do_cipher,
|
||||
aes_cleanup,
|
||||
sizeof(AES_KEY),
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL
|
||||
};
|
||||
return &aes_256_cbc;
|
||||
}
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
static const struct cipher_name {
|
||||
const char *name;
|
||||
const EVP_CIPHER *(*func)(void);
|
||||
} cipher_name[] = {
|
||||
{ "des-ede3-cbc", EVP_des_ede3_cbc },
|
||||
{ "aes-128-cbc", EVP_aes_128_cbc },
|
||||
{ "aes-192-cbc", EVP_aes_192_cbc },
|
||||
{ "aes-256-cbc", EVP_aes_256_cbc }
|
||||
};
|
||||
|
||||
|
||||
const EVP_CIPHER *
|
||||
EVP_get_cipherbyname(const char *name)
|
||||
{
|
||||
int i;
|
||||
for (i = 0; i < sizeof(cipher_name)/sizeof(cipher_name[0]); i++) {
|
||||
if (strcasecmp(cipher_name[i].name, name) == 0)
|
||||
return (*cipher_name[i].func)();
|
||||
}
|
||||
return NULL;
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
#ifndef min
|
||||
#define min(a,b) (((a)>(b))?(b):(a))
|
||||
#endif
|
||||
|
||||
int
|
||||
EVP_BytesToKey(const EVP_CIPHER *type,
|
||||
const EVP_MD *md,
|
||||
const void *salt,
|
||||
const void *data, size_t datalen,
|
||||
unsigned int count,
|
||||
void *keydata,
|
||||
void *ivdata)
|
||||
{
|
||||
int ivlen, keylen, first = 0;
|
||||
unsigned int mds = 0, i;
|
||||
unsigned char *key = keydata;
|
||||
unsigned char *iv = ivdata;
|
||||
unsigned char *buf;
|
||||
EVP_MD_CTX c;
|
||||
|
||||
keylen = EVP_CIPHER_key_length(type);
|
||||
ivlen = EVP_CIPHER_iv_length(type);
|
||||
|
||||
if (data == NULL)
|
||||
return keylen;
|
||||
|
||||
buf = malloc(EVP_MD_size(md));
|
||||
if (buf == NULL)
|
||||
return -1;
|
||||
|
||||
EVP_MD_CTX_init(&c);
|
||||
|
||||
first = 1;
|
||||
while (1) {
|
||||
EVP_DigestInit_ex(&c, md, NULL);
|
||||
if (!first)
|
||||
EVP_DigestUpdate(&c, buf, mds);
|
||||
first = 0;
|
||||
EVP_DigestUpdate(&c,data,datalen);
|
||||
|
||||
#define PKCS5_SALT_LEN 8
|
||||
|
||||
if (salt)
|
||||
EVP_DigestUpdate(&c, salt, PKCS5_SALT_LEN);
|
||||
|
||||
EVP_DigestFinal_ex(&c, buf, &mds);
|
||||
assert(mds == EVP_MD_size(md));
|
||||
|
||||
for (i = 1; i < count; i++) {
|
||||
EVP_DigestInit_ex(&c, md, NULL);
|
||||
EVP_DigestUpdate(&c, buf, mds);
|
||||
EVP_DigestFinal_ex(&c, buf, &mds);
|
||||
assert(mds == EVP_MD_size(md));
|
||||
}
|
||||
|
||||
i = 0;
|
||||
if (keylen) {
|
||||
size_t sz = min(keylen, mds);
|
||||
if (key) {
|
||||
memcpy(key, buf, sz);
|
||||
key += sz;
|
||||
}
|
||||
keylen -= sz;
|
||||
i += sz;
|
||||
}
|
||||
if (ivlen && mds > i) {
|
||||
size_t sz = min(ivlen, (mds - i));
|
||||
if (iv) {
|
||||
memcpy(iv, &buf[i], sz);
|
||||
iv += sz;
|
||||
}
|
||||
ivlen -= sz;
|
||||
}
|
||||
if (keylen == 0 && ivlen == 0)
|
||||
break;
|
||||
}
|
||||
|
||||
EVP_MD_CTX_cleanup(&c);
|
||||
free(buf);
|
||||
|
||||
return EVP_CIPHER_key_length(type);
|
||||
}
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
void
|
||||
OpenSSL_add_all_algorithms(void)
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
void
|
||||
OpenSSL_add_all_algorithms_conf(void)
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
void
|
||||
OpenSSL_add_all_algorithms_noconf(void)
|
||||
{
|
||||
return;
|
||||
}
|
||||
@@ -0,0 +1,255 @@
|
||||
/*
|
||||
* Copyright (c) 2005 - 2006 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
/* $Id$ */
|
||||
|
||||
#ifndef HEIM_EVP_H
|
||||
#define HEIM_EVP_H 1
|
||||
|
||||
#include <hcrypto/engine.h>
|
||||
|
||||
/* symbol renaming */
|
||||
#define EVP_CIPHER_CTX_block_size hc_EVP_CIPHER_CTX_block_size
|
||||
#define EVP_CIPHER_CTX_cipher hc_EVP_CIPHER_CTX_cipher
|
||||
#define EVP_CIPHER_CTX_cleanup hc_EVP_CIPHER_CTX_cleanup
|
||||
#define EVP_CIPHER_CTX_flags hc_EVP_CIPHER_CTX_flags
|
||||
#define EVP_CIPHER_CTX_get_app_data hc_EVP_CIPHER_CTX_get_app_data
|
||||
#define EVP_CIPHER_CTX_init hc_EVP_CIPHER_CTX_init
|
||||
#define EVP_CIPHER_CTX_iv_length hc_EVP_CIPHER_CTX_iv_length
|
||||
#define EVP_CIPHER_CTX_key_length hc_EVP_CIPHER_CTX_key_length
|
||||
#define EVP_CIPHER_CTX_mode hc_EVP_CIPHER_CTX_mode
|
||||
#define EVP_CIPHER_CTX_set_app_data hc_EVP_CIPHER_CTX_set_app_data
|
||||
#define EVP_CIPHER_CTX_set_key_length hc_EVP_CIPHER_CTX_set_key_length
|
||||
#define EVP_CIPHER_CTX_set_padding hc_EVP_CIPHER_CTX_set_padding
|
||||
#define EVP_CIPHER_block_size hc_EVP_CIPHER_block_size
|
||||
#define EVP_CIPHER_iv_length hc_EVP_CIPHER_iv_length
|
||||
#define EVP_CIPHER_key_length hc_EVP_CIPHER_key_length
|
||||
#define EVP_Cipher hc_EVP_Cipher
|
||||
#define EVP_CipherInit_ex hc_EVP_CipherInit_ex
|
||||
#define EVP_Digest hc_EVP_Digest
|
||||
#define EVP_DigestFinal_ex hc_EVP_DigestFinal_ex
|
||||
#define EVP_DigestInit_ex hc_EVP_DigestInit_ex
|
||||
#define EVP_DigestUpdate hc_EVP_DigestUpdate
|
||||
#define EVP_MD_CTX_block_size hc_EVP_MD_CTX_block_size
|
||||
#define EVP_MD_CTX_cleanup hc_EVP_MD_CTX_cleanup
|
||||
#define EVP_MD_CTX_create hc_EVP_MD_CTX_create
|
||||
#define EVP_MD_CTX_init hc_EVP_MD_CTX_init
|
||||
#define EVP_MD_CTX_destroy hc_EVP_MD_CTX_destroy
|
||||
#define EVP_MD_CTX_md hc_EVP_MD_CTX_md
|
||||
#define EVP_MD_CTX_size hc_EVP_MD_CTX_size
|
||||
#define EVP_MD_block_size hc_EVP_MD_block_size
|
||||
#define EVP_MD_size hc_EVP_MD_size
|
||||
#define EVP_aes_128_cbc hc_EVP_aes_128_cbc
|
||||
#define EVP_aes_192_cbc hc_EVP_aes_192_cbc
|
||||
#define EVP_aes_256_cbc hc_EVP_aes_256_cbc
|
||||
#define EVP_des_ede3_cbc hc_EVP_des_ede3_cbc
|
||||
#define EVP_enc_null hc_EVP_enc_null
|
||||
#define EVP_md2 hc_EVP_md2
|
||||
#define EVP_md4 hc_EVP_md4
|
||||
#define EVP_md5 hc_EVP_md5
|
||||
#define EVP_md_null hc_EVP_md_null
|
||||
#define EVP_rc2_40_cbc hc_EVP_rc2_40_cbc
|
||||
#define EVP_rc2_64_cbc hc_EVP_rc2_64_cbc
|
||||
#define EVP_rc2_cbc hc_EVP_rc2_cbc
|
||||
#define EVP_rc4 hc_EVP_rc4
|
||||
#define EVP_rc4_40 hc_EVP_rc4_40
|
||||
#define EVP_sha hc_EVP_sha
|
||||
#define EVP_sha1 hc_EVP_sha1
|
||||
#define EVP_sha256 hc_EVP_sha256
|
||||
#define PKCS5_PBKDF2_HMAC_SHA1 hc_PKCS5_PBKDF2_HMAC_SHA1
|
||||
#define EVP_BytesToKey hc_EVP_BytesToKey
|
||||
#define EVP_get_cipherbyname hc_EVP_get_cipherbyname
|
||||
#define OpenSSL_add_all_algorithms hc_OpenSSL_add_all_algorithms
|
||||
#define OpenSSL_add_all_algorithms_conf hc_OpenSSL_add_all_algorithms_conf
|
||||
#define OpenSSL_add_all_algorithms_noconf hc_OpenSSL_add_all_algorithms_noconf
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
typedef struct hc_EVP_MD_CTX EVP_MD_CTX;
|
||||
typedef struct hc_evp_pkey EVP_PKEY;
|
||||
typedef struct hc_evp_md EVP_MD;
|
||||
typedef struct hc_CIPHER EVP_CIPHER;
|
||||
typedef struct hc_CIPHER_CTX EVP_CIPHER_CTX;
|
||||
|
||||
#define EVP_MAX_IV_LENGTH 16
|
||||
#define EVP_MAX_BLOCK_LENGTH 32
|
||||
|
||||
#define EVP_MAX_MD_SIZE 64
|
||||
|
||||
struct hc_CIPHER {
|
||||
int nid;
|
||||
int block_size;
|
||||
int key_len;
|
||||
int iv_len;
|
||||
unsigned long flags;
|
||||
/* The lowest 3 bits is used as integer field for the mode the
|
||||
* cipher is used in (use EVP_CIPHER.._mode() to extract the
|
||||
* mode). The rest of the flag field is a bitfield.
|
||||
*/
|
||||
#define EVP_CIPH_CBC_MODE 2
|
||||
#define EVP_CIPH_MODE 0x7
|
||||
|
||||
#define EVP_CIPH_ALWAYS_CALL_INIT 0x20
|
||||
|
||||
int (*init)(EVP_CIPHER_CTX*,const unsigned char*,const unsigned char*,int);
|
||||
int (*do_cipher)(EVP_CIPHER_CTX *, unsigned char *,
|
||||
const unsigned char *, unsigned int);
|
||||
int (*cleanup)(EVP_CIPHER_CTX *);
|
||||
int ctx_size;
|
||||
void *set_asn1_parameters;
|
||||
void *get_asn1_parameters;
|
||||
void *ctrl;
|
||||
void *app_data;
|
||||
};
|
||||
|
||||
struct hc_CIPHER_CTX {
|
||||
const EVP_CIPHER *cipher;
|
||||
ENGINE *engine;
|
||||
int encrypt;
|
||||
int buf_len;
|
||||
unsigned char oiv[EVP_MAX_IV_LENGTH];
|
||||
unsigned char iv[EVP_MAX_IV_LENGTH];
|
||||
unsigned char buf[EVP_MAX_BLOCK_LENGTH];
|
||||
int num;
|
||||
void *app_data;
|
||||
int key_len;
|
||||
unsigned long flags;
|
||||
void *cipher_data;
|
||||
int final_used;
|
||||
int block_mask;
|
||||
unsigned char final[EVP_MAX_BLOCK_LENGTH];
|
||||
};
|
||||
|
||||
struct hc_EVP_MD_CTX {
|
||||
const EVP_MD *md;
|
||||
ENGINE *engine;
|
||||
void *ptr;
|
||||
};
|
||||
|
||||
/*
|
||||
* Avaible crypto algs
|
||||
*/
|
||||
|
||||
const EVP_MD *EVP_md_null(void);
|
||||
const EVP_MD *EVP_md2(void);
|
||||
const EVP_MD *EVP_md4(void);
|
||||
const EVP_MD *EVP_md5(void);
|
||||
const EVP_MD *EVP_sha(void);
|
||||
const EVP_MD *EVP_sha1(void);
|
||||
const EVP_MD *EVP_sha256(void);
|
||||
|
||||
const EVP_CIPHER * EVP_aes_128_cbc(void);
|
||||
const EVP_CIPHER * EVP_aes_192_cbc(void);
|
||||
const EVP_CIPHER * EVP_aes_256_cbc(void);
|
||||
const EVP_CIPHER * EVP_des_ede3_cbc(void);
|
||||
const EVP_CIPHER * EVP_enc_null(void);
|
||||
const EVP_CIPHER * EVP_rc2_40_cbc(void);
|
||||
const EVP_CIPHER * EVP_rc2_64_cbc(void);
|
||||
const EVP_CIPHER * EVP_rc2_cbc(void);
|
||||
const EVP_CIPHER * EVP_rc4(void);
|
||||
const EVP_CIPHER * EVP_rc4_40(void);
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
size_t EVP_MD_size(const EVP_MD *);
|
||||
size_t EVP_MD_block_size(const EVP_MD *);
|
||||
|
||||
const EVP_MD *
|
||||
EVP_MD_CTX_md(EVP_MD_CTX *);
|
||||
size_t EVP_MD_CTX_size(EVP_MD_CTX *);
|
||||
size_t EVP_MD_CTX_block_size(EVP_MD_CTX *);
|
||||
|
||||
EVP_MD_CTX *
|
||||
EVP_MD_CTX_create(void);
|
||||
void EVP_MD_CTX_init(EVP_MD_CTX *);
|
||||
void EVP_MD_CTX_destroy(EVP_MD_CTX *);
|
||||
int EVP_MD_CTX_cleanup(EVP_MD_CTX *);
|
||||
|
||||
int EVP_DigestInit_ex(EVP_MD_CTX *, const EVP_MD *, ENGINE *);
|
||||
int EVP_DigestUpdate(EVP_MD_CTX *,const void *, size_t);
|
||||
int EVP_DigestFinal_ex(EVP_MD_CTX *, void *, unsigned int *);
|
||||
int EVP_Digest(const void *, size_t, void *, unsigned int *,
|
||||
const EVP_MD *, ENGINE *);
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
const EVP_CIPHER *
|
||||
EVP_get_cipherbyname(const char *);
|
||||
|
||||
size_t EVP_CIPHER_block_size(const EVP_CIPHER *);
|
||||
size_t EVP_CIPHER_key_length(const EVP_CIPHER *);
|
||||
size_t EVP_CIPHER_iv_length(const EVP_CIPHER *);
|
||||
|
||||
void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *);
|
||||
int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *);
|
||||
int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *, int);
|
||||
int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *, int);
|
||||
unsigned long
|
||||
EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *);
|
||||
int EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *);
|
||||
|
||||
const EVP_CIPHER *
|
||||
EVP_CIPHER_CTX_cipher(EVP_CIPHER_CTX *);
|
||||
size_t EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *);
|
||||
size_t EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *);
|
||||
size_t EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *);
|
||||
void * EVP_CIPHER_CTX_get_app_data(EVP_CIPHER_CTX *);
|
||||
void EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *, void *);
|
||||
|
||||
int EVP_CipherInit_ex(EVP_CIPHER_CTX *,const EVP_CIPHER *, ENGINE *,
|
||||
const void *, const void *, int);
|
||||
|
||||
int EVP_Cipher(EVP_CIPHER_CTX *,void *,const void *,size_t);
|
||||
|
||||
int PKCS5_PBKDF2_HMAC_SHA1(const void *, size_t, const void *, size_t,
|
||||
unsigned long, size_t, void *);
|
||||
|
||||
int EVP_BytesToKey(const EVP_CIPHER *, const EVP_MD *,
|
||||
const void *, const void *, size_t,
|
||||
unsigned int, void *, void *);
|
||||
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
void OpenSSL_add_all_algorithms(void);
|
||||
void OpenSSL_add_all_algorithms_conf(void);
|
||||
void OpenSSL_add_all_algorithms_noconf(void);
|
||||
|
||||
#endif /* HEIM_EVP_H */
|
||||
@@ -0,0 +1,217 @@
|
||||
#!/usr/pkg/bin/perl
|
||||
#
|
||||
# $Id$
|
||||
|
||||
use strict;
|
||||
|
||||
print "/* GENERATE FILE from gen-des.pl, do not edit */\n\n";
|
||||
|
||||
my $gen = 1;
|
||||
|
||||
sub gen_pattern
|
||||
{
|
||||
my $n = shift;
|
||||
my $r = shift;
|
||||
my $a = shift;
|
||||
my $o = shift;
|
||||
my $s = shift;
|
||||
print "/* $n bit pattern ";
|
||||
foreach my $k (@$a) {
|
||||
print "$k ";
|
||||
}
|
||||
print "*/\n";
|
||||
print "static int $n\[", $r + 1, "\] = {\n ";
|
||||
foreach my $i (0..$r) {
|
||||
my $j = 0;
|
||||
my $b = 1;
|
||||
foreach my $k (reverse @$a) {
|
||||
if ($i & $b) {
|
||||
$j |= ($s >>($k - $o - 1));
|
||||
}
|
||||
$b = $b << 1;
|
||||
}
|
||||
printf "0x%08x", $j;
|
||||
print ", " if ($i != $r);
|
||||
if (($i % 4) == 3) {
|
||||
print "\n";
|
||||
print " " if ($i != $r);
|
||||
}
|
||||
}
|
||||
print "};\n";
|
||||
}
|
||||
|
||||
if ($gen) {
|
||||
gen_pattern("pc1_c_3", 7, [ 5, 13, 21 ], 0, 0x1000000);
|
||||
gen_pattern("pc1_c_4", 15, [ 1, 9, 17, 25 ], 0, 0x1000000);
|
||||
gen_pattern("pc1_d_3", 7, [ 49, 41, 33 ], 32, 0x1000000);
|
||||
gen_pattern("pc1_d_4", 15, [ 57, 53, 45, 37 ], 32, 0x1000000);
|
||||
|
||||
gen_pattern("pc2_c_1", 63, [ 5, 24, 7, 16, 6, 10 ], 0, 0x800000);
|
||||
gen_pattern("pc2_c_2", 63, [ 20, 18, 12, 3, 15, 23 ], 0, 0x800000);
|
||||
gen_pattern("pc2_c_3", 63, [ 1, 9, 19, 2, 14, 22 ], 0, 0x800000);
|
||||
gen_pattern("pc2_c_4", 63, [ 11, 13, 4, 17, 21, 8 ], 0, 0x800000);
|
||||
|
||||
gen_pattern("pc2_d_1", 63, [ 51, 35, 31, 52, 39, 45 ], 28, 0x800000);
|
||||
gen_pattern("pc2_d_2", 63, [ 50, 32, 43, 36, 29, 48 ], 28, 0x800000);
|
||||
gen_pattern("pc2_d_3", 63, [ 41, 38, 47, 33, 40, 42 ], 28, 0x800000);
|
||||
gen_pattern("pc2_d_4", 63, [ 49, 37, 30, 46, 34, 44 ], 28, 0x800000);
|
||||
}
|
||||
|
||||
sub
|
||||
pbox_mutation
|
||||
{
|
||||
my $n = shift;
|
||||
my $res = 0;
|
||||
|
||||
my @pbox = (
|
||||
16, 7, 20, 21,
|
||||
29, 12, 28, 17,
|
||||
1, 15, 23, 26,
|
||||
5, 18, 31, 10,
|
||||
2, 8, 24, 14,
|
||||
32, 27, 3, 9,
|
||||
19, 13, 30, 6,
|
||||
22, 11, 4, 25
|
||||
);
|
||||
|
||||
foreach my $i (0..31) {
|
||||
if ($n & (1 << ($pbox[$i] - 1))) {
|
||||
# print "$i ", ($pbox[$i] - 1), "\n";
|
||||
$res |= 1 << $i;
|
||||
}
|
||||
}
|
||||
|
||||
return $res;
|
||||
}
|
||||
|
||||
|
||||
my @S1 = (
|
||||
14, 4, 13, 1, 2, 15, 11, 8, 3, 10, 6, 12, 5, 9, 0, 7,
|
||||
0, 15, 7, 4, 14, 2, 13, 1, 10, 6, 12, 11, 9, 5, 3, 8,
|
||||
4, 1, 14, 8, 13, 6, 2, 11, 15, 12, 9, 7, 3, 10, 5, 0,
|
||||
15, 12, 8, 2, 4, 9, 1, 7, 5, 11, 3, 14, 10, 0, 6, 13,
|
||||
);
|
||||
my @S2 = (
|
||||
15, 1, 8, 14, 6, 11, 3, 4, 9, 7, 2, 13, 12, 0, 5, 10,
|
||||
3, 13, 4, 7, 15, 2, 8, 14, 12, 0, 1, 10, 6, 9, 11, 5,
|
||||
0, 14, 7, 11, 10, 4, 13, 1, 5, 8, 12, 6, 9, 3, 2, 15,
|
||||
13, 8, 10, 1, 3, 15, 4, 2, 11, 6, 7, 12, 0, 5, 14, 9,
|
||||
);
|
||||
my @S3 = (
|
||||
10, 0, 9, 14, 6, 3, 15, 5, 1, 13, 12, 7, 11, 4, 2, 8,
|
||||
13, 7, 0, 9, 3, 4, 6, 10, 2, 8, 5, 14, 12, 11, 15, 1,
|
||||
13, 6, 4, 9, 8, 15, 3, 0, 11, 1, 2, 12, 5, 10, 14, 7,
|
||||
1, 10, 13, 0, 6, 9, 8, 7, 4, 15, 14, 3, 11, 5, 2, 12,
|
||||
);
|
||||
my @S4 = (
|
||||
7, 13, 14, 3, 0, 6, 9, 10, 1, 2, 8, 5, 11, 12, 4, 15,
|
||||
13, 8, 11, 5, 6, 15, 0, 3, 4, 7, 2, 12, 1, 10, 14, 9,
|
||||
10, 6, 9, 0, 12, 11, 7, 13, 15, 1, 3, 14, 5, 2, 8, 4,
|
||||
3, 15, 0, 6, 10, 1, 13, 8, 9, 4, 5, 11, 12, 7, 2, 14,
|
||||
);
|
||||
my @S5 = (
|
||||
2, 12, 4, 1, 7, 10, 11, 6, 8, 5, 3, 15, 13, 0, 14, 9,
|
||||
14, 11, 2, 12, 4, 7, 13, 1, 5, 0, 15, 10, 3, 9, 8, 6,
|
||||
4, 2, 1, 11, 10, 13, 7, 8, 15, 9, 12, 5, 6, 3, 0, 14,
|
||||
11, 8, 12, 7, 1, 14, 2, 13, 6, 15, 0, 9, 10, 4, 5, 3,
|
||||
);
|
||||
my @S6 = (
|
||||
12, 1, 10, 15, 9, 2, 6, 8, 0, 13, 3, 4, 14, 7, 5, 11,
|
||||
10, 15, 4, 2, 7, 12, 9, 5, 6, 1, 13, 14, 0, 11, 3, 8,
|
||||
9, 14, 15, 5, 2, 8, 12, 3, 7, 0, 4, 10, 1, 13, 11, 6,
|
||||
4, 3, 2, 12, 9, 5, 15, 10, 11, 14, 1, 7, 6, 0, 8, 13,
|
||||
);
|
||||
my @S7 = (
|
||||
4, 11, 2, 14, 15, 0, 8, 13, 3, 12, 9, 7, 5, 10, 6, 1,
|
||||
13, 0, 11, 7, 4, 9, 1, 10, 14, 3, 5, 12, 2, 15, 8, 6,
|
||||
1, 4, 11, 13, 12, 3, 7, 14, 10, 15, 6, 8, 0, 5, 9, 2,
|
||||
6, 11, 13, 8, 1, 4, 10, 7, 9, 5, 0, 15, 14, 2, 3, 12,
|
||||
);
|
||||
|
||||
my @S8 = (
|
||||
13, 2, 8, 4, 6, 15, 11, 1, 10, 9, 3, 14, 5, 0, 12, 7,
|
||||
1, 15, 13, 8, 10, 3, 7, 4, 12, 5, 6, 11, 0, 14, 9, 2,
|
||||
7, 11, 4, 1, 9, 12, 14, 2, 0, 6, 10, 13, 15, 3, 5, 8,
|
||||
2, 1, 14, 7, 4, 10, 8, 13, 15, 12, 9, 0, 3, 5, 6, 11,
|
||||
);
|
||||
|
||||
my @SBox = ( \@S1, \@S2, \@S3, \@S4, \@S5, \@S6, \@S7, \@S8 );
|
||||
|
||||
sub
|
||||
one_num_in_one_sbox
|
||||
{
|
||||
my $i = shift;
|
||||
my $n = shift;
|
||||
my $r = shift;
|
||||
|
||||
my $index = (($n & 1) << 4) | (($n & 0x20)) |
|
||||
(($n >> 1) & 0x1) << 0 |
|
||||
(($n >> 2) & 0x1) << 1 |
|
||||
(($n >> 3) & 0x1) << 2 |
|
||||
(($n >> 4) & 0x1) << 3;
|
||||
|
||||
die "argh" if ($index > 63 || $index < 0);
|
||||
|
||||
my $S = $SBox[$i - 1];
|
||||
my $val = $$S[$index];
|
||||
|
||||
my $res = $val << (($i - 1) * 4);
|
||||
|
||||
my $p = &pbox_mutation($res);
|
||||
|
||||
print " $r ";
|
||||
|
||||
# $p = ($p >> $r) | ($p << (32 - $r - 1));
|
||||
|
||||
printf "0x%08x", $p;
|
||||
print ", " if ($n != 63 or 1);
|
||||
if (($n % 4) == 3) {
|
||||
print " /* $i */" if ($n == 3);
|
||||
print "\n";
|
||||
print "\t" if ($n != 63);
|
||||
}
|
||||
}
|
||||
|
||||
sub
|
||||
one_sbox
|
||||
{
|
||||
my $i = shift;
|
||||
my $s = 0;
|
||||
|
||||
# print "static uint32_t sbox". $i ."[] = {\n\t";
|
||||
print "\t";
|
||||
foreach my $n (0..63) {
|
||||
one_num_in_one_sbox($i, $n, $s);
|
||||
}
|
||||
print "\n";
|
||||
# print "};\n";
|
||||
}
|
||||
|
||||
if ($gen and 0) {
|
||||
foreach my $sbox (7, 1, 3, 5, 4, 6, 8, 2) {
|
||||
one_sbox($sbox, 1);
|
||||
}
|
||||
}
|
||||
|
||||
#my $num = 1;
|
||||
#printf "pbox: %d -> 0x%08x\n", $num, pbox_mutation($num);
|
||||
#$num = 0xc000000;
|
||||
#printf "pbox: 0x%08x -> 0x%08x\n", $num, pbox_mutation($num);
|
||||
|
||||
print "static unsigned char odd_parity[256] = { \n";
|
||||
foreach my $i (0..255) {
|
||||
my $num = 0;
|
||||
foreach my $b (1..7) {
|
||||
$num++ if (($i >> $b) & 1);
|
||||
}
|
||||
my $t;
|
||||
if (($num & 1) == 0) {
|
||||
$t = $i | 1;
|
||||
} else {
|
||||
$t = 0xfe & $i;
|
||||
}
|
||||
printf "%3d,", $t;
|
||||
printf "\n" if (($i % 16) == 15);
|
||||
|
||||
};
|
||||
print " };\n";
|
||||
@@ -0,0 +1,71 @@
|
||||
/*
|
||||
* Copyright (c) 1999 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of KTH nor the names of its contributors may be
|
||||
* used to endorse or promote products derived from this software without
|
||||
* specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY
|
||||
* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
||||
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE
|
||||
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
|
||||
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
|
||||
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
|
||||
* BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
|
||||
* WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
|
||||
* OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
|
||||
* ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */
|
||||
|
||||
/* $Id$ */
|
||||
|
||||
/* stuff in common between md4, md5, and sha1 */
|
||||
|
||||
#ifndef __hash_h__
|
||||
#define __hash_h__
|
||||
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <stddef.h>
|
||||
#ifdef KRB5
|
||||
#include <krb5-types.h>
|
||||
#endif
|
||||
|
||||
#ifndef min
|
||||
#define min(a,b) (((a)>(b))?(b):(a))
|
||||
#endif
|
||||
|
||||
/* Vector Crays doesn't have a good 32-bit type, or more precisely,
|
||||
int32_t as defined by <bind/bitypes.h> isn't 32 bits, and we don't
|
||||
want to depend in being able to redefine this type. To cope with
|
||||
this we have to clamp the result in some places to [0,2^32); no
|
||||
need to do this on other machines. Did I say this was a mess?
|
||||
*/
|
||||
|
||||
#ifdef _CRAY
|
||||
#define CRAYFIX(X) ((X) & 0xffffffff)
|
||||
#else
|
||||
#define CRAYFIX(X) (X)
|
||||
#endif
|
||||
|
||||
static inline uint32_t
|
||||
cshift (uint32_t x, unsigned int n)
|
||||
{
|
||||
x = CRAYFIX(x);
|
||||
return CRAYFIX((x << n) | (x >> (32 - n)));
|
||||
}
|
||||
|
||||
#endif /* __hash_h__ */
|
||||
@@ -0,0 +1,122 @@
|
||||
#include <sys/types.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <hmac.h>
|
||||
|
||||
void
|
||||
HMAC_CTX_init(HMAC_CTX *ctx)
|
||||
{
|
||||
memset(ctx, 0, sizeof(*ctx));
|
||||
}
|
||||
|
||||
void
|
||||
HMAC_CTX_cleanup(HMAC_CTX *ctx)
|
||||
{
|
||||
if (ctx->buf) {
|
||||
memset(ctx->buf, 0, ctx->key_length);
|
||||
free(ctx->buf);
|
||||
ctx->buf = NULL;
|
||||
}
|
||||
if (ctx->opad) {
|
||||
memset(ctx->ipad, 0, ctx->key_length);
|
||||
free(ctx->opad);
|
||||
ctx->opad = NULL;
|
||||
}
|
||||
if (ctx->ipad) {
|
||||
memset(ctx->ipad, 0, ctx->key_length);
|
||||
free(ctx->ipad);
|
||||
ctx->ipad = NULL;
|
||||
}
|
||||
if (ctx->ctx) {
|
||||
EVP_MD_CTX_destroy(ctx->ctx);
|
||||
ctx->ctx = NULL;
|
||||
}
|
||||
}
|
||||
|
||||
size_t
|
||||
HMAC_size(const HMAC_CTX *ctx)
|
||||
{
|
||||
return EVP_MD_size(ctx->md);
|
||||
}
|
||||
|
||||
void
|
||||
HMAC_Init_ex(HMAC_CTX *ctx,
|
||||
const void *key,
|
||||
size_t keylen,
|
||||
const EVP_MD *md,
|
||||
ENGINE *engine)
|
||||
{
|
||||
unsigned char *p;
|
||||
size_t i;
|
||||
|
||||
if (ctx->md != md) {
|
||||
ctx->md = md;
|
||||
if (ctx->buf)
|
||||
free (ctx->buf);
|
||||
ctx->key_length = EVP_MD_size(ctx->md);
|
||||
ctx->buf = malloc(ctx->key_length);
|
||||
}
|
||||
#if 0
|
||||
ctx->engine = engine;
|
||||
#endif
|
||||
|
||||
if (keylen > EVP_MD_block_size(ctx->md)) {
|
||||
EVP_Digest(key, keylen, ctx->buf, NULL, ctx->md, engine);
|
||||
key = ctx->buf;
|
||||
keylen = EVP_MD_size(ctx->md);
|
||||
}
|
||||
|
||||
if (ctx->opad)
|
||||
free(ctx->opad);
|
||||
if (ctx->ipad)
|
||||
free(ctx->ipad);
|
||||
|
||||
ctx->opad = malloc(EVP_MD_block_size(ctx->md));
|
||||
ctx->ipad = malloc(EVP_MD_block_size(ctx->md));
|
||||
memset(ctx->ipad, 0x36, EVP_MD_block_size(ctx->md));
|
||||
memset(ctx->opad, 0x5c, EVP_MD_block_size(ctx->md));
|
||||
|
||||
for (i = 0, p = ctx->ipad; i < keylen; i++)
|
||||
p[i] ^= ((const unsigned char *)key)[i];
|
||||
for (i = 0, p = ctx->opad; i < keylen; i++)
|
||||
p[i] ^= ((const unsigned char *)key)[i];
|
||||
|
||||
ctx->ctx = EVP_MD_CTX_create();
|
||||
|
||||
EVP_DigestInit_ex(ctx->ctx, ctx->md, ctx->engine);
|
||||
EVP_DigestUpdate(ctx->ctx, ctx->ipad, EVP_MD_block_size(ctx->md));
|
||||
}
|
||||
|
||||
void
|
||||
HMAC_Update(HMAC_CTX *ctx, const void *data, size_t len)
|
||||
{
|
||||
EVP_DigestUpdate(ctx->ctx, data, len);
|
||||
}
|
||||
|
||||
void
|
||||
HMAC_Final(HMAC_CTX *ctx, void *md, unsigned int *len)
|
||||
{
|
||||
EVP_DigestFinal_ex(ctx->ctx, ctx->buf, NULL);
|
||||
|
||||
EVP_DigestInit_ex(ctx->ctx, ctx->md, ctx->engine);
|
||||
EVP_DigestUpdate(ctx->ctx, ctx->opad, EVP_MD_block_size(ctx->md));
|
||||
EVP_DigestUpdate(ctx->ctx, ctx->buf, ctx->key_length);
|
||||
EVP_DigestFinal_ex(ctx->ctx, md, len);
|
||||
}
|
||||
|
||||
void *
|
||||
HMAC(const EVP_MD *md,
|
||||
const void *key, size_t key_size,
|
||||
const void *data, size_t data_size,
|
||||
void *hash, unsigned int *hash_len)
|
||||
{
|
||||
HMAC_CTX ctx;
|
||||
|
||||
HMAC_CTX_init(&ctx);
|
||||
HMAC_Init_ex(&ctx, key, key_size, md, NULL);
|
||||
HMAC_Update(&ctx, data, data_size);
|
||||
HMAC_Final(&ctx, hash, hash_len);
|
||||
HMAC_CTX_cleanup(&ctx);
|
||||
return hash;
|
||||
}
|
||||
@@ -0,0 +1,82 @@
|
||||
/*
|
||||
* Copyright (c) 2005 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
/* $Id$ */
|
||||
|
||||
#ifndef HEIM_HMAC_H
|
||||
#define HEIM_HMAC_H 1
|
||||
|
||||
#include <hcrypto/evp.h>
|
||||
|
||||
/* symbol renaming */
|
||||
#define HMAC_CTX_init hc_HMAC_CTX_init
|
||||
#define HMAC_CTX_cleanup hc_HMAC_CTX_cleanup
|
||||
#define HMAC_size hc_HMAC_size
|
||||
#define HMAC_Init_ex hc_HMAC_Init_ex
|
||||
#define HMAC_Update hc_HMAC_Update
|
||||
#define HMAC_Final hc_HMAC_Final
|
||||
#define HMAC hc_HMAC
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
#define HMAC_MAX_MD_CBLOCK 64
|
||||
|
||||
typedef struct hc_HMAC_CTX HMAC_CTX;
|
||||
|
||||
struct hc_HMAC_CTX {
|
||||
const EVP_MD *md;
|
||||
ENGINE *engine;
|
||||
EVP_MD_CTX *ctx;
|
||||
size_t key_length;
|
||||
void *opad;
|
||||
void *ipad;
|
||||
void *buf;
|
||||
};
|
||||
|
||||
|
||||
void HMAC_CTX_init(HMAC_CTX *);
|
||||
void HMAC_CTX_cleanup(HMAC_CTX *ctx);
|
||||
|
||||
size_t HMAC_size(const HMAC_CTX *ctx);
|
||||
|
||||
void HMAC_Init_ex(HMAC_CTX *, const void *, size_t,
|
||||
const EVP_MD *, ENGINE *);
|
||||
void HMAC_Update(HMAC_CTX *ctx, const void *data, size_t len);
|
||||
void HMAC_Final(HMAC_CTX *ctx, void *md, unsigned int *len);
|
||||
|
||||
void * HMAC(const EVP_MD *evp_md, const void *key, size_t key_len,
|
||||
const void *data, size_t n, void *md, unsigned int *md_len);
|
||||
|
||||
#endif /* HEIM_HMAC_H */
|
||||
@@ -0,0 +1,21 @@
|
||||
IMath is Copyright 2002-2007 Michael J. Fromberger
|
||||
You may use it subject to the following Licensing Terms:
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining
|
||||
a copy of this software and associated documentation files (the
|
||||
"Software"), to deal in the Software without restriction, including
|
||||
without limitation the rights to use, copy, modify, merge, publish,
|
||||
distribute, sublicense, and/or sell copies of the Software, and to
|
||||
permit persons to whom the Software is furnished to do so, subject to
|
||||
the following conditions:
|
||||
|
||||
The above copyright notice and this permission notice shall be
|
||||
included in all copies or substantial portions of the Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
||||
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
||||
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
|
||||
IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
|
||||
CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
|
||||
TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
|
||||
SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
||||
Executable
+3240
File diff suppressed because it is too large
Load Diff
Executable
+220
@@ -0,0 +1,220 @@
|
||||
/*
|
||||
Name: imath.h
|
||||
Purpose: Arbitrary precision integer arithmetic routines.
|
||||
Author: M. J. Fromberger <http://www.dartmouth.edu/~sting/>
|
||||
Info: $Id$
|
||||
|
||||
Copyright (C) 2002 Michael J. Fromberger, All Rights Reserved.
|
||||
|
||||
Permission is hereby granted, free of charge, to any person
|
||||
obtaining a copy of this software and associated documentation files
|
||||
(the "Software"), to deal in the Software without restriction,
|
||||
including without limitation the rights to use, copy, modify, merge,
|
||||
publish, distribute, sublicense, and/or sell copies of the Software,
|
||||
and to permit persons to whom the Software is furnished to do so,
|
||||
subject to the following conditions:
|
||||
|
||||
The above copyright notice and this permission notice shall be
|
||||
included in all copies or substantial portions of the Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
||||
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
||||
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
||||
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
|
||||
BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
|
||||
ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
|
||||
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
||||
SOFTWARE.
|
||||
*/
|
||||
|
||||
#ifndef IMATH_H_
|
||||
#define IMATH_H_
|
||||
|
||||
#include <limits.h>
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
typedef unsigned char mp_sign;
|
||||
typedef unsigned int mp_size;
|
||||
typedef int mp_result;
|
||||
#ifdef USE_LONG_LONG
|
||||
typedef unsigned int mp_digit;
|
||||
typedef unsigned long long mp_word;
|
||||
#else
|
||||
typedef unsigned short mp_digit;
|
||||
typedef unsigned int mp_word;
|
||||
#endif
|
||||
|
||||
typedef struct mpz {
|
||||
mp_digit single;
|
||||
mp_digit *digits;
|
||||
mp_size alloc;
|
||||
mp_size used;
|
||||
mp_sign sign;
|
||||
} mpz_t, *mp_int;
|
||||
|
||||
#define MP_DIGITS(Z) ((Z)->digits)
|
||||
#define MP_ALLOC(Z) ((Z)->alloc)
|
||||
#define MP_USED(Z) ((Z)->used)
|
||||
#define MP_SIGN(Z) ((Z)->sign)
|
||||
|
||||
extern const mp_result MP_OK;
|
||||
extern const mp_result MP_FALSE;
|
||||
extern const mp_result MP_TRUE;
|
||||
extern const mp_result MP_MEMORY;
|
||||
extern const mp_result MP_RANGE;
|
||||
extern const mp_result MP_UNDEF;
|
||||
extern const mp_result MP_TRUNC;
|
||||
extern const mp_result MP_BADARG;
|
||||
|
||||
#define MP_DIGIT_BIT (sizeof(mp_digit) * CHAR_BIT)
|
||||
#define MP_WORD_BIT (sizeof(mp_word) * CHAR_BIT)
|
||||
|
||||
#ifdef USE_LONG_LONG
|
||||
# ifndef ULONG_LONG_MAX
|
||||
# ifdef ULLONG_MAX
|
||||
# define ULONG_LONG_MAX ULLONG_MAX
|
||||
# else
|
||||
# error "Maximum value of unsigned long long not defined!"
|
||||
# endif
|
||||
# endif
|
||||
# define MP_DIGIT_MAX (ULONG_MAX * 1ULL)
|
||||
# define MP_WORD_MAX ULONG_LONG_MAX
|
||||
#else
|
||||
# define MP_DIGIT_MAX (USHRT_MAX * 1UL)
|
||||
# define MP_WORD_MAX (UINT_MAX * 1UL)
|
||||
#endif
|
||||
|
||||
#define MP_MIN_RADIX 2
|
||||
#define MP_MAX_RADIX 36
|
||||
|
||||
/* Values with fewer than this many significant digits use the
|
||||
standard multiplication algorithm; otherwise, a recursive algorithm
|
||||
is used. Choose a value to suit your platform.
|
||||
*/
|
||||
#define MP_MULT_THRESH 32
|
||||
|
||||
#define MP_DEFAULT_PREC 8 /* default memory allocation, in digits */
|
||||
|
||||
extern const mp_sign MP_NEG;
|
||||
extern const mp_sign MP_ZPOS;
|
||||
|
||||
#define mp_int_is_odd(Z) ((Z)->digits[0] & 1)
|
||||
#define mp_int_is_even(Z) !((Z)->digits[0] & 1)
|
||||
|
||||
mp_result mp_int_init(mp_int z);
|
||||
mp_int mp_int_alloc(void);
|
||||
mp_result mp_int_init_size(mp_int z, mp_size prec);
|
||||
mp_result mp_int_init_copy(mp_int z, mp_int old);
|
||||
mp_result mp_int_init_value(mp_int z, int value);
|
||||
mp_result mp_int_set_value(mp_int z, int value);
|
||||
void mp_int_clear(mp_int z);
|
||||
void mp_int_free(mp_int z);
|
||||
|
||||
mp_result mp_int_copy(mp_int a, mp_int c); /* c = a */
|
||||
void mp_int_swap(mp_int a, mp_int c); /* swap a, c */
|
||||
void mp_int_zero(mp_int z); /* z = 0 */
|
||||
mp_result mp_int_abs(mp_int a, mp_int c); /* c = |a| */
|
||||
mp_result mp_int_neg(mp_int a, mp_int c); /* c = -a */
|
||||
mp_result mp_int_add(mp_int a, mp_int b, mp_int c); /* c = a + b */
|
||||
mp_result mp_int_add_value(mp_int a, int value, mp_int c);
|
||||
mp_result mp_int_sub(mp_int a, mp_int b, mp_int c); /* c = a - b */
|
||||
mp_result mp_int_sub_value(mp_int a, int value, mp_int c);
|
||||
mp_result mp_int_mul(mp_int a, mp_int b, mp_int c); /* c = a * b */
|
||||
mp_result mp_int_mul_value(mp_int a, int value, mp_int c);
|
||||
mp_result mp_int_mul_pow2(mp_int a, int p2, mp_int c);
|
||||
mp_result mp_int_sqr(mp_int a, mp_int c); /* c = a * a */
|
||||
mp_result mp_int_div(mp_int a, mp_int b, /* q = a / b */
|
||||
mp_int q, mp_int r); /* r = a % b */
|
||||
mp_result mp_int_div_value(mp_int a, int value, /* q = a / value */
|
||||
mp_int q, int *r); /* r = a % value */
|
||||
mp_result mp_int_div_pow2(mp_int a, int p2, /* q = a / 2^p2 */
|
||||
mp_int q, mp_int r); /* r = q % 2^p2 */
|
||||
mp_result mp_int_mod(mp_int a, mp_int m, mp_int c); /* c = a % m */
|
||||
#define mp_int_mod_value(A, V, R) mp_int_div_value((A), (V), 0, (R))
|
||||
mp_result mp_int_expt(mp_int a, int b, mp_int c); /* c = a^b */
|
||||
mp_result mp_int_expt_value(int a, int b, mp_int c); /* c = a^b */
|
||||
|
||||
int mp_int_compare(mp_int a, mp_int b); /* a <=> b */
|
||||
int mp_int_compare_unsigned(mp_int a, mp_int b); /* |a| <=> |b| */
|
||||
int mp_int_compare_zero(mp_int z); /* a <=> 0 */
|
||||
int mp_int_compare_value(mp_int z, int value); /* a <=> v */
|
||||
|
||||
/* Returns true if v|a, false otherwise (including errors) */
|
||||
int mp_int_divisible_value(mp_int a, int v);
|
||||
|
||||
/* Returns k >= 0 such that z = 2^k, if one exists; otherwise < 0 */
|
||||
int mp_int_is_pow2(mp_int z);
|
||||
|
||||
mp_result mp_int_exptmod(mp_int a, mp_int b, mp_int m,
|
||||
mp_int c); /* c = a^b (mod m) */
|
||||
mp_result mp_int_exptmod_evalue(mp_int a, int value,
|
||||
mp_int m, mp_int c); /* c = a^v (mod m) */
|
||||
mp_result mp_int_exptmod_bvalue(int value, mp_int b,
|
||||
mp_int m, mp_int c); /* c = v^b (mod m) */
|
||||
mp_result mp_int_exptmod_known(mp_int a, mp_int b,
|
||||
mp_int m, mp_int mu,
|
||||
mp_int c); /* c = a^b (mod m) */
|
||||
mp_result mp_int_redux_const(mp_int m, mp_int c);
|
||||
|
||||
mp_result mp_int_invmod(mp_int a, mp_int m, mp_int c); /* c = 1/a (mod m) */
|
||||
|
||||
mp_result mp_int_gcd(mp_int a, mp_int b, mp_int c); /* c = gcd(a, b) */
|
||||
|
||||
mp_result mp_int_egcd(mp_int a, mp_int b, mp_int c, /* c = gcd(a, b) */
|
||||
mp_int x, mp_int y); /* c = ax + by */
|
||||
|
||||
mp_result mp_int_sqrt(mp_int a, mp_int c); /* c = floor(sqrt(q)) */
|
||||
|
||||
/* Convert to an int, if representable (returns MP_RANGE if not). */
|
||||
mp_result mp_int_to_int(mp_int z, int *out);
|
||||
|
||||
/* Convert to nul-terminated string with the specified radix, writing at
|
||||
most limit characters including the nul terminator */
|
||||
mp_result mp_int_to_string(mp_int z, mp_size radix,
|
||||
char *str, int limit);
|
||||
|
||||
/* Return the number of characters required to represent
|
||||
z in the given radix. May over-estimate. */
|
||||
mp_result mp_int_string_len(mp_int z, mp_size radix);
|
||||
|
||||
/* Read zero-terminated string into z */
|
||||
mp_result mp_int_read_string(mp_int z, mp_size radix, const char *str);
|
||||
mp_result mp_int_read_cstring(mp_int z, mp_size radix, const char *str,
|
||||
char **end);
|
||||
|
||||
/* Return the number of significant bits in z */
|
||||
mp_result mp_int_count_bits(mp_int z);
|
||||
|
||||
/* Convert z to two's complement binary, writing at most limit bytes */
|
||||
mp_result mp_int_to_binary(mp_int z, unsigned char *buf, int limit);
|
||||
|
||||
/* Read a two's complement binary value into z from the given buffer */
|
||||
mp_result mp_int_read_binary(mp_int z, unsigned char *buf, int len);
|
||||
|
||||
/* Return the number of bytes required to represent z in binary. */
|
||||
mp_result mp_int_binary_len(mp_int z);
|
||||
|
||||
/* Convert z to unsigned binary, writing at most limit bytes */
|
||||
mp_result mp_int_to_unsigned(mp_int z, unsigned char *buf, int limit);
|
||||
|
||||
/* Read an unsigned binary value into z from the given buffer */
|
||||
mp_result mp_int_read_unsigned(mp_int z, unsigned char *buf, int len);
|
||||
|
||||
/* Return the number of bytes required to represent z as unsigned output */
|
||||
mp_result mp_int_unsigned_len(mp_int z);
|
||||
|
||||
/* Return a statically allocated string describing error code res */
|
||||
const char *mp_error_string(mp_result res);
|
||||
|
||||
#if DEBUG
|
||||
void s_print(char *tag, mp_int z);
|
||||
void s_print_buf(char *tag, mp_digit *buf, mp_size num);
|
||||
#endif
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
#endif /* end IMATH_H_ */
|
||||
@@ -0,0 +1,26 @@
|
||||
#!/bin/sh
|
||||
# $Id$
|
||||
|
||||
dir=$1
|
||||
|
||||
if test ! -f "$dir"/imdrover.c ; then
|
||||
echo $dir doesnt seem to contain imath
|
||||
exit 1
|
||||
fi
|
||||
|
||||
rm *.[ch]
|
||||
|
||||
headers=`grep ^HDRS "$dir"/Makefile |sed 's/^HDRS=//' | sed 's/imdrover.h//'`
|
||||
code=`echo $headers | sed 's/imrat.h//g'`
|
||||
code=`echo $headers | sed 's/rsamath.h//g'`
|
||||
code=`echo $headers | sed 's/\.h/.c/g'`
|
||||
|
||||
for a in $headers $code LICENSE ; do
|
||||
cp "$dir"/"$a" .
|
||||
done
|
||||
|
||||
echo "imathsource = \\"
|
||||
for a in $headers $code ; do
|
||||
echo " imath/$a \\"
|
||||
done | sort
|
||||
|
||||
Executable
+186
@@ -0,0 +1,186 @@
|
||||
/*
|
||||
Name: iprime.c
|
||||
Purpose: Pseudoprimality testing routines
|
||||
Author: M. J. Fromberger <http://www.dartmouth.edu/~sting/>
|
||||
Info: $Id$
|
||||
|
||||
Copyright (C) 2002 Michael J. Fromberger, All Rights Reserved.
|
||||
|
||||
Permission is hereby granted, free of charge, to any person
|
||||
obtaining a copy of this software and associated documentation files
|
||||
(the "Software"), to deal in the Software without restriction,
|
||||
including without limitation the rights to use, copy, modify, merge,
|
||||
publish, distribute, sublicense, and/or sell copies of the Software,
|
||||
and to permit persons to whom the Software is furnished to do so,
|
||||
subject to the following conditions:
|
||||
|
||||
The above copyright notice and this permission notice shall be
|
||||
included in all copies or substantial portions of the Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
||||
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
||||
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
||||
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
|
||||
BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
|
||||
ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
|
||||
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
||||
SOFTWARE.
|
||||
*/
|
||||
|
||||
#include "iprime.h"
|
||||
#include <stdlib.h>
|
||||
|
||||
static const int s_ptab[] = {
|
||||
3, 5, 7, 11, 13, 17, 19, 23, 29, 31, 37, 41, 43,
|
||||
47, 53, 59, 61, 67, 71, 73, 79, 83, 89, 97, 101,
|
||||
103, 107, 109, 113, 127, 131, 137, 139, 149, 151,
|
||||
157, 163, 167, 173, 179, 181, 191, 193, 197, 199,
|
||||
211, 223, 227, 229, 233, 239, 241, 251, 257, 263,
|
||||
269, 271, 277, 281, 283, 293, 307, 311, 313, 317,
|
||||
331, 337, 347, 349, 353, 359, 367, 373, 379, 383,
|
||||
389, 397, 401, 409, 419, 421, 431, 433, 439, 443,
|
||||
449, 457, 461, 463, 467, 479, 487, 491, 499, 503,
|
||||
509, 521, 523, 541, 547, 557, 563, 569, 571, 577,
|
||||
587, 593, 599, 601, 607, 613, 617, 619, 631, 641,
|
||||
643, 647, 653, 659, 661, 673, 677, 683, 691, 701,
|
||||
709, 719, 727, 733, 739, 743, 751, 757, 761, 769,
|
||||
773, 787, 797, 809, 811, 821, 823, 827, 829, 839,
|
||||
853, 857, 859, 863, 877, 881, 883, 887, 907, 911,
|
||||
919, 929, 937, 941, 947, 953, 967, 971, 977, 983,
|
||||
991, 997, 1009, 1013, 1019, 1021, 1031, 1033,
|
||||
1039, 1049, 1051, 1061, 1063, 1069, 1087, 1091,
|
||||
1093, 1097, 1103, 1109, 1117, 1123, 1129, 1151,
|
||||
1153, 1163, 1171, 1181, 1187, 1193, 1201, 1213,
|
||||
1217, 1223, 1229, 1231, 1237, 1249, 1259, 1277,
|
||||
1279, 1283, 1289, 1291, 1297, 1301, 1303, 1307,
|
||||
1319, 1321, 1327, 1361, 1367, 1373, 1381, 1399,
|
||||
1409, 1423, 1427, 1429, 1433, 1439, 1447, 1451,
|
||||
1453, 1459, 1471, 1481, 1483, 1487, 1489, 1493,
|
||||
1499, 1511, 1523, 1531, 1543, 1549, 1553, 1559,
|
||||
1567, 1571, 1579, 1583, 1597, 1601, 1607, 1609,
|
||||
1613, 1619, 1621, 1627, 1637, 1657, 1663, 1667,
|
||||
1669, 1693, 1697, 1699, 1709, 1721, 1723, 1733,
|
||||
1741, 1747, 1753, 1759, 1777, 1783, 1787, 1789,
|
||||
1801, 1811, 1823, 1831, 1847, 1861, 1867, 1871,
|
||||
1873, 1877, 1879, 1889, 1901, 1907, 1913, 1931,
|
||||
1933, 1949, 1951, 1973, 1979, 1987, 1993, 1997,
|
||||
1999, 2003, 2011, 2017, 2027, 2029, 2039, 2053,
|
||||
2063, 2069, 2081, 2083, 2087, 2089, 2099, 2111,
|
||||
2113, 2129, 2131, 2137, 2141, 2143, 2153, 2161,
|
||||
2179, 2203, 2207, 2213, 2221, 2237, 2239, 2243,
|
||||
2251, 2267, 2269, 2273, 2281, 2287, 2293, 2297,
|
||||
2309, 2311, 2333, 2339, 2341, 2347, 2351, 2357,
|
||||
2371, 2377, 2381, 2383, 2389, 2393, 2399, 2411,
|
||||
2417, 2423, 2437, 2441, 2447, 2459, 2467, 2473,
|
||||
2477, 2503, 2521, 2531, 2539, 2543, 2549, 2551,
|
||||
2557, 2579, 2591, 2593, 2609, 2617, 2621, 2633,
|
||||
2647, 2657, 2659, 2663, 2671, 2677, 2683, 2687,
|
||||
2689, 2693, 2699, 2707, 2711, 2713, 2719, 2729,
|
||||
2731, 2741, 2749, 2753, 2767, 2777, 2789, 2791,
|
||||
2797, 2801, 2803, 2819, 2833, 2837, 2843, 2851,
|
||||
2857, 2861, 2879, 2887, 2897, 2903, 2909, 2917,
|
||||
2927, 2939, 2953, 2957, 2963, 2969, 2971, 2999,
|
||||
3001, 3011, 3019, 3023, 3037, 3041, 3049, 3061,
|
||||
3067, 3079, 3083, 3089, 3109, 3119, 3121, 3137,
|
||||
3163, 3167, 3169, 3181, 3187, 3191, 3203, 3209,
|
||||
3217, 3221, 3229, 3251, 3253, 3257, 3259, 3271,
|
||||
3299, 3301, 3307, 3313, 3319, 3323, 3329, 3331,
|
||||
3343, 3347, 3359, 3361, 3371, 3373, 3389, 3391,
|
||||
3407, 3413, 3433, 3449, 3457, 3461, 3463, 3467,
|
||||
3469, 3491, 3499, 3511, 3517, 3527, 3529, 3533,
|
||||
3539, 3541, 3547, 3557, 3559, 3571, 3581, 3583,
|
||||
3593, 3607, 3613, 3617, 3623, 3631, 3637, 3643,
|
||||
3659, 3671, 3673, 3677, 3691, 3697, 3701, 3709,
|
||||
3719, 3727, 3733, 3739, 3761, 3767, 3769, 3779,
|
||||
3793, 3797, 3803, 3821, 3823, 3833, 3847, 3851,
|
||||
3853, 3863, 3877, 3881, 3889, 3907, 3911, 3917,
|
||||
3919, 3923, 3929, 3931, 3943, 3947, 3967, 3989,
|
||||
4001, 4003, 4007, 4013, 4019, 4021, 4027, 4049,
|
||||
4051, 4057, 4073, 4079, 4091, 4093, 4099, 4111,
|
||||
4127, 4129, 4133, 4139, 4153, 4157, 4159, 4177,
|
||||
4201, 4211, 4217, 4219, 4229, 4231, 4241, 4243,
|
||||
4253, 4259, 4261, 4271, 4273, 4283, 4289, 4297,
|
||||
4327, 4337, 4339, 4349, 4357, 4363, 4373, 4391,
|
||||
4397, 4409, 4421, 4423, 4441, 4447, 4451, 4457,
|
||||
4463, 4481, 4483, 4493, 4507, 4513, 4517, 4519,
|
||||
4523, 4547, 4549, 4561, 4567, 4583, 4591, 4597,
|
||||
4603, 4621, 4637, 4639, 4643, 4649, 4651, 4657,
|
||||
4663, 4673, 4679, 4691, 4703, 4721, 4723, 4729,
|
||||
4733, 4751, 4759, 4783, 4787, 4789, 4793, 4799,
|
||||
4801, 4813, 4817, 4831, 4861, 4871, 4877, 4889,
|
||||
4903, 4909, 4919, 4931, 4933, 4937, 4943, 4951,
|
||||
4957, 4967, 4969, 4973, 4987, 4993, 4999
|
||||
};
|
||||
static const int s_ptab_size = sizeof(s_ptab)/sizeof(s_ptab[0]);
|
||||
|
||||
|
||||
/* {{{ mp_int_is_prime(z) */
|
||||
|
||||
/* Test whether z is likely to be prime:
|
||||
MP_TRUE means it is probably prime
|
||||
MP_FALSE means it is definitely composite
|
||||
*/
|
||||
mp_result mp_int_is_prime(mp_int z)
|
||||
{
|
||||
int i, rem;
|
||||
mp_result res;
|
||||
|
||||
/* First check for divisibility by small primes; this eliminates a
|
||||
large number of composite candidates quickly
|
||||
*/
|
||||
for(i = 0; i < s_ptab_size; ++i) {
|
||||
if((res = mp_int_div_value(z, s_ptab[i], NULL, &rem)) != MP_OK)
|
||||
return res;
|
||||
|
||||
if(rem == 0)
|
||||
return MP_FALSE;
|
||||
}
|
||||
|
||||
/* Now try Fermat's test for several prime witnesses (since we now
|
||||
know from the above that z is not a multiple of any of them)
|
||||
*/
|
||||
{
|
||||
mpz_t tmp;
|
||||
|
||||
if((res = mp_int_init(&tmp)) != MP_OK) return res;
|
||||
|
||||
for(i = 0; i < 10 && i < s_ptab_size; ++i) {
|
||||
if((res = mp_int_exptmod_bvalue(s_ptab[i], z, z, &tmp)) != MP_OK)
|
||||
return res;
|
||||
|
||||
if(mp_int_compare_value(&tmp, s_ptab[i]) != 0) {
|
||||
mp_int_clear(&tmp);
|
||||
return MP_FALSE;
|
||||
}
|
||||
}
|
||||
|
||||
mp_int_clear(&tmp);
|
||||
}
|
||||
|
||||
return MP_TRUE;
|
||||
}
|
||||
|
||||
/* }}} */
|
||||
|
||||
/* {{{ mp_int_find_prime(z) */
|
||||
|
||||
/* Find the first apparent prime in ascending order from z */
|
||||
mp_result mp_int_find_prime(mp_int z)
|
||||
{
|
||||
mp_result res;
|
||||
|
||||
if(mp_int_is_even(z) && ((res = mp_int_add_value(z, 1, z)) != MP_OK))
|
||||
return res;
|
||||
|
||||
while((res = mp_int_is_prime(z)) == MP_FALSE) {
|
||||
if((res = mp_int_add_value(z, 2, z)) != MP_OK)
|
||||
break;
|
||||
|
||||
}
|
||||
|
||||
return res;
|
||||
}
|
||||
|
||||
/* }}} */
|
||||
|
||||
/* Here there be dragons */
|
||||
Executable
+51
@@ -0,0 +1,51 @@
|
||||
/*
|
||||
Name: iprime.h
|
||||
Purpose: Pseudoprimality testing routines
|
||||
Author: M. J. Fromberger <http://www.dartmouth.edu/~sting/>
|
||||
Info: $Id$
|
||||
|
||||
Copyright (C) 2002 Michael J. Fromberger, All Rights Reserved.
|
||||
|
||||
Permission is hereby granted, free of charge, to any person
|
||||
obtaining a copy of this software and associated documentation files
|
||||
(the "Software"), to deal in the Software without restriction,
|
||||
including without limitation the rights to use, copy, modify, merge,
|
||||
publish, distribute, sublicense, and/or sell copies of the Software,
|
||||
and to permit persons to whom the Software is furnished to do so,
|
||||
subject to the following conditions:
|
||||
|
||||
The above copyright notice and this permission notice shall be
|
||||
included in all copies or substantial portions of the Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
||||
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
||||
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
||||
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
|
||||
BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
|
||||
ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
|
||||
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
||||
SOFTWARE.
|
||||
*/
|
||||
|
||||
#ifndef IPRIME_H_
|
||||
#define IPRIME_H_
|
||||
|
||||
#include "imath.h"
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/* Test whether z is likely to be prime
|
||||
MP_YES means it is probably prime
|
||||
MP_NO means it is definitely composite
|
||||
*/
|
||||
mp_result mp_int_is_prime(mp_int z);
|
||||
|
||||
/* Find the first apparent prime in ascending order from z */
|
||||
mp_result mp_int_find_prime(mp_int z);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
#endif /* IPRIME_H_ */
|
||||
@@ -0,0 +1,138 @@
|
||||
/*
|
||||
* Copyright (c) 2006 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include "config.h"
|
||||
|
||||
RCSID("$Id$");
|
||||
#endif
|
||||
|
||||
#include "hash.h"
|
||||
#include "md2.h"
|
||||
|
||||
static const unsigned char subst[256] = {
|
||||
41, 46, 67, 201, 162, 216, 124, 1, 61, 54, 84, 161, 236, 240, 6,
|
||||
19, 98, 167, 5, 243, 192, 199, 115, 140, 152, 147, 43, 217, 188,
|
||||
76, 130, 202, 30, 155, 87, 60, 253, 212, 224, 22, 103, 66, 111, 24,
|
||||
138, 23, 229, 18, 190, 78, 196, 214, 218, 158, 222, 73, 160, 251,
|
||||
245, 142, 187, 47, 238, 122, 169, 104, 121, 145, 21, 178, 7, 63,
|
||||
148, 194, 16, 137, 11, 34, 95, 33, 128, 127, 93, 154, 90, 144, 50,
|
||||
39, 53, 62, 204, 231, 191, 247, 151, 3, 255, 25, 48, 179, 72, 165,
|
||||
181, 209, 215, 94, 146, 42, 172, 86, 170, 198, 79, 184, 56, 210,
|
||||
150, 164, 125, 182, 118, 252, 107, 226, 156, 116, 4, 241, 69, 157,
|
||||
112, 89, 100, 113, 135, 32, 134, 91, 207, 101, 230, 45, 168, 2, 27,
|
||||
96, 37, 173, 174, 176, 185, 246, 28, 70, 97, 105, 52, 64, 126, 15,
|
||||
85, 71, 163, 35, 221, 81, 175, 58, 195, 92, 249, 206, 186, 197,
|
||||
234, 38, 44, 83, 13, 110, 133, 40, 132, 9, 211, 223, 205, 244, 65,
|
||||
129, 77, 82, 106, 220, 55, 200, 108, 193, 171, 250, 36, 225, 123,
|
||||
8, 12, 189, 177, 74, 120, 136, 149, 139, 227, 99, 232, 109, 233,
|
||||
203, 213, 254, 59, 0, 29, 57, 242, 239, 183, 14, 102, 88, 208, 228,
|
||||
166, 119, 114, 248, 235, 117, 75, 10, 49, 68, 80, 180, 143, 237,
|
||||
31, 26, 219, 153, 141, 51, 159, 17, 131, 20
|
||||
};
|
||||
|
||||
void
|
||||
MD2_Init (struct md2 *m)
|
||||
{
|
||||
memset(m, 0, sizeof(*m));
|
||||
}
|
||||
|
||||
static void
|
||||
calc(struct md2 *m, const void *v)
|
||||
{
|
||||
unsigned char x[48], L;
|
||||
const unsigned char *p = v;
|
||||
int i, j, t;
|
||||
|
||||
L = m->checksum[15];
|
||||
for (i = 0; i < 16; i++)
|
||||
L = m->checksum[i] ^= subst[p[i] ^ L];
|
||||
|
||||
for (i = 0; i < 16; i++) {
|
||||
x[i] = m->state[i];
|
||||
x[i + 16] = p[i];
|
||||
x[i + 32] = x[i] ^ p[i];
|
||||
}
|
||||
|
||||
t = 0;
|
||||
for (i = 0; i < 18; i++) {
|
||||
for (j = 0; j < 48; j++)
|
||||
t = x[j] ^= subst[t];
|
||||
t = (t + i) & 0xff;
|
||||
}
|
||||
|
||||
memcpy(m->state, x, 16);
|
||||
memset(x, 0, sizeof(x));
|
||||
}
|
||||
|
||||
void
|
||||
MD2_Update (struct md2 *m, const void *v, size_t len)
|
||||
{
|
||||
size_t idx = m->len & 0xf;
|
||||
const unsigned char *p = v;
|
||||
|
||||
m->len += len;
|
||||
if (len + idx >= 16) {
|
||||
if (idx) {
|
||||
memcpy(m->data + idx, p, 16 - idx);
|
||||
calc(m, m->data);
|
||||
p += 16;
|
||||
len -= 16 - idx;
|
||||
}
|
||||
while (len >= 16) {
|
||||
calc(m, p);
|
||||
p += 16;
|
||||
len -= 16;
|
||||
}
|
||||
idx = 0;
|
||||
}
|
||||
|
||||
memcpy(m->data + idx, p, len);
|
||||
}
|
||||
|
||||
void
|
||||
MD2_Final (void *res, struct md2 *m)
|
||||
{
|
||||
unsigned char pad[16];
|
||||
size_t padlen;
|
||||
|
||||
padlen = 16 - (m->len % 16);
|
||||
memset(pad, padlen, padlen);
|
||||
|
||||
MD2_Update(m, pad, padlen);
|
||||
memcpy(pad, m->checksum, 16);
|
||||
MD2_Update(m, pad, 16);
|
||||
|
||||
memcpy(res, m->state, MD2_DIGEST_LENGTH);
|
||||
memset(m, 0, sizeof(m));
|
||||
}
|
||||
@@ -0,0 +1,63 @@
|
||||
/*
|
||||
* Copyright (c) 2006 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
/* $Id$ */
|
||||
|
||||
#ifndef HEIM_MD2_H
|
||||
#define HEIM_MD2_H 1
|
||||
|
||||
/* symbol renaming */
|
||||
#define MD2_Init hc_MD2_Init
|
||||
#define MD2_Update hc_MD2_Update
|
||||
#define MD2_Final hc_MD2_Final
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
#define MD2_DIGEST_LENGTH 16
|
||||
|
||||
struct md2 {
|
||||
size_t len;
|
||||
unsigned char data[16]; /* stored unalligned data between Update's */
|
||||
unsigned char checksum[16];
|
||||
unsigned char state[16]; /* lower 16 bytes of X */
|
||||
};
|
||||
|
||||
typedef struct md2 MD2_CTX;
|
||||
|
||||
void MD2_Init (struct md2 *m);
|
||||
void MD2_Update (struct md2 *m, const void *p, size_t len);
|
||||
void MD2_Final (void *res, struct md2 *m);
|
||||
|
||||
#endif /* HEIM_MD2_H */
|
||||
@@ -0,0 +1,250 @@
|
||||
/*
|
||||
* Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include "config.h"
|
||||
|
||||
RCSID("$Id$");
|
||||
#endif
|
||||
|
||||
#include "hash.h"
|
||||
#include "md4.h"
|
||||
|
||||
#define A m->counter[0]
|
||||
#define B m->counter[1]
|
||||
#define C m->counter[2]
|
||||
#define D m->counter[3]
|
||||
#define X data
|
||||
|
||||
void
|
||||
MD4_Init (struct md4 *m)
|
||||
{
|
||||
m->sz[0] = 0;
|
||||
m->sz[1] = 0;
|
||||
D = 0x10325476;
|
||||
C = 0x98badcfe;
|
||||
B = 0xefcdab89;
|
||||
A = 0x67452301;
|
||||
}
|
||||
|
||||
#define F(x,y,z) CRAYFIX((x & y) | (~x & z))
|
||||
#define G(x,y,z) ((x & y) | (x & z) | (y & z))
|
||||
#define H(x,y,z) (x ^ y ^ z)
|
||||
|
||||
#define DOIT(a,b,c,d,k,s,i,OP) \
|
||||
a = cshift(a + OP(b,c,d) + X[k] + i, s)
|
||||
|
||||
#define DO1(a,b,c,d,k,s,i) DOIT(a,b,c,d,k,s,i,F)
|
||||
#define DO2(a,b,c,d,k,s,i) DOIT(a,b,c,d,k,s,i,G)
|
||||
#define DO3(a,b,c,d,k,s,i) DOIT(a,b,c,d,k,s,i,H)
|
||||
|
||||
static inline void
|
||||
calc (struct md4 *m, uint32_t *data)
|
||||
{
|
||||
uint32_t AA, BB, CC, DD;
|
||||
|
||||
AA = A;
|
||||
BB = B;
|
||||
CC = C;
|
||||
DD = D;
|
||||
|
||||
/* Round 1 */
|
||||
|
||||
DO1(A,B,C,D,0,3,0);
|
||||
DO1(D,A,B,C,1,7,0);
|
||||
DO1(C,D,A,B,2,11,0);
|
||||
DO1(B,C,D,A,3,19,0);
|
||||
|
||||
DO1(A,B,C,D,4,3,0);
|
||||
DO1(D,A,B,C,5,7,0);
|
||||
DO1(C,D,A,B,6,11,0);
|
||||
DO1(B,C,D,A,7,19,0);
|
||||
|
||||
DO1(A,B,C,D,8,3,0);
|
||||
DO1(D,A,B,C,9,7,0);
|
||||
DO1(C,D,A,B,10,11,0);
|
||||
DO1(B,C,D,A,11,19,0);
|
||||
|
||||
DO1(A,B,C,D,12,3,0);
|
||||
DO1(D,A,B,C,13,7,0);
|
||||
DO1(C,D,A,B,14,11,0);
|
||||
DO1(B,C,D,A,15,19,0);
|
||||
|
||||
/* Round 2 */
|
||||
|
||||
DO2(A,B,C,D,0,3,0x5A827999);
|
||||
DO2(D,A,B,C,4,5,0x5A827999);
|
||||
DO2(C,D,A,B,8,9,0x5A827999);
|
||||
DO2(B,C,D,A,12,13,0x5A827999);
|
||||
|
||||
DO2(A,B,C,D,1,3,0x5A827999);
|
||||
DO2(D,A,B,C,5,5,0x5A827999);
|
||||
DO2(C,D,A,B,9,9,0x5A827999);
|
||||
DO2(B,C,D,A,13,13,0x5A827999);
|
||||
|
||||
DO2(A,B,C,D,2,3,0x5A827999);
|
||||
DO2(D,A,B,C,6,5,0x5A827999);
|
||||
DO2(C,D,A,B,10,9,0x5A827999);
|
||||
DO2(B,C,D,A,14,13,0x5A827999);
|
||||
|
||||
DO2(A,B,C,D,3,3,0x5A827999);
|
||||
DO2(D,A,B,C,7,5,0x5A827999);
|
||||
DO2(C,D,A,B,11,9,0x5A827999);
|
||||
DO2(B,C,D,A,15,13,0x5A827999);
|
||||
|
||||
/* Round 3 */
|
||||
|
||||
DO3(A,B,C,D,0,3,0x6ED9EBA1);
|
||||
DO3(D,A,B,C,8,9,0x6ED9EBA1);
|
||||
DO3(C,D,A,B,4,11,0x6ED9EBA1);
|
||||
DO3(B,C,D,A,12,15,0x6ED9EBA1);
|
||||
|
||||
DO3(A,B,C,D,2,3,0x6ED9EBA1);
|
||||
DO3(D,A,B,C,10,9,0x6ED9EBA1);
|
||||
DO3(C,D,A,B,6,11,0x6ED9EBA1);
|
||||
DO3(B,C,D,A,14,15,0x6ED9EBA1);
|
||||
|
||||
DO3(A,B,C,D,1,3,0x6ED9EBA1);
|
||||
DO3(D,A,B,C,9,9,0x6ED9EBA1);
|
||||
DO3(C,D,A,B,5,11,0x6ED9EBA1);
|
||||
DO3(B,C,D,A,13,15,0x6ED9EBA1);
|
||||
|
||||
DO3(A,B,C,D,3,3,0x6ED9EBA1);
|
||||
DO3(D,A,B,C,11,9,0x6ED9EBA1);
|
||||
DO3(C,D,A,B,7,11,0x6ED9EBA1);
|
||||
DO3(B,C,D,A,15,15,0x6ED9EBA1);
|
||||
|
||||
A += AA;
|
||||
B += BB;
|
||||
C += CC;
|
||||
D += DD;
|
||||
}
|
||||
|
||||
/*
|
||||
* From `Performance analysis of MD5' by Joseph D. Touch <touch@isi.edu>
|
||||
*/
|
||||
|
||||
#if defined(WORDS_BIGENDIAN)
|
||||
static inline uint32_t
|
||||
swap_uint32_t (uint32_t t)
|
||||
{
|
||||
uint32_t temp1, temp2;
|
||||
|
||||
temp1 = cshift(t, 16);
|
||||
temp2 = temp1 >> 8;
|
||||
temp1 &= 0x00ff00ff;
|
||||
temp2 &= 0x00ff00ff;
|
||||
temp1 <<= 8;
|
||||
return temp1 | temp2;
|
||||
}
|
||||
#endif
|
||||
|
||||
struct x32{
|
||||
unsigned int a:32;
|
||||
unsigned int b:32;
|
||||
};
|
||||
|
||||
void
|
||||
MD4_Update (struct md4 *m, const void *v, size_t len)
|
||||
{
|
||||
const unsigned char *p = v;
|
||||
size_t old_sz = m->sz[0];
|
||||
size_t offset;
|
||||
|
||||
m->sz[0] += len * 8;
|
||||
if (m->sz[0] < old_sz)
|
||||
++m->sz[1];
|
||||
offset = (old_sz / 8) % 64;
|
||||
while(len > 0) {
|
||||
size_t l = min(len, 64 - offset);
|
||||
memcpy(m->save + offset, p, l);
|
||||
offset += l;
|
||||
p += l;
|
||||
len -= l;
|
||||
if(offset == 64) {
|
||||
#if defined(WORDS_BIGENDIAN)
|
||||
int i;
|
||||
uint32_t current[16];
|
||||
struct x32 *u = (struct x32*)m->save;
|
||||
for(i = 0; i < 8; i++){
|
||||
current[2*i+0] = swap_uint32_t(u[i].a);
|
||||
current[2*i+1] = swap_uint32_t(u[i].b);
|
||||
}
|
||||
calc(m, current);
|
||||
#else
|
||||
calc(m, (uint32_t*)m->save);
|
||||
#endif
|
||||
offset = 0;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
void
|
||||
MD4_Final (void *res, struct md4 *m)
|
||||
{
|
||||
unsigned char zeros[72];
|
||||
unsigned offset = (m->sz[0] / 8) % 64;
|
||||
unsigned int dstart = (120 - offset - 1) % 64 + 1;
|
||||
|
||||
*zeros = 0x80;
|
||||
memset (zeros + 1, 0, sizeof(zeros) - 1);
|
||||
zeros[dstart+0] = (m->sz[0] >> 0) & 0xff;
|
||||
zeros[dstart+1] = (m->sz[0] >> 8) & 0xff;
|
||||
zeros[dstart+2] = (m->sz[0] >> 16) & 0xff;
|
||||
zeros[dstart+3] = (m->sz[0] >> 24) & 0xff;
|
||||
zeros[dstart+4] = (m->sz[1] >> 0) & 0xff;
|
||||
zeros[dstart+5] = (m->sz[1] >> 8) & 0xff;
|
||||
zeros[dstart+6] = (m->sz[1] >> 16) & 0xff;
|
||||
zeros[dstart+7] = (m->sz[1] >> 24) & 0xff;
|
||||
MD4_Update (m, zeros, dstart + 8);
|
||||
{
|
||||
int i;
|
||||
unsigned char *r = (unsigned char *)res;
|
||||
|
||||
for (i = 0; i < 4; ++i) {
|
||||
r[4*i] = m->counter[i] & 0xFF;
|
||||
r[4*i+1] = (m->counter[i] >> 8) & 0xFF;
|
||||
r[4*i+2] = (m->counter[i] >> 16) & 0xFF;
|
||||
r[4*i+3] = (m->counter[i] >> 24) & 0xFF;
|
||||
}
|
||||
}
|
||||
#if 0
|
||||
{
|
||||
int i;
|
||||
uint32_t *r = (uint32_t *)res;
|
||||
|
||||
for (i = 0; i < 4; ++i)
|
||||
r[i] = swap_uint32_t (m->counter[i]);
|
||||
}
|
||||
#endif
|
||||
}
|
||||
@@ -0,0 +1,62 @@
|
||||
/*
|
||||
* Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
/* $Id$ */
|
||||
|
||||
#ifndef HEIM_MD4_H
|
||||
#define HEIM_MD4_H 1
|
||||
|
||||
/* symbol renaming */
|
||||
#define MD4_Init hc_MD4_Init
|
||||
#define MD4_Update hc_MD4_Update
|
||||
#define MD4_Final hc_MD4_Final
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
#define MD4_DIGEST_LENGTH 16
|
||||
|
||||
struct md4 {
|
||||
unsigned int sz[2];
|
||||
uint32_t counter[4];
|
||||
unsigned char save[64];
|
||||
};
|
||||
|
||||
typedef struct md4 MD4_CTX;
|
||||
|
||||
void MD4_Init (struct md4 *m);
|
||||
void MD4_Update (struct md4 *m, const void *p, size_t len);
|
||||
void MD4_Final (void *res, struct md4 *m);
|
||||
|
||||
#endif /* HEIM_MD4_H */
|
||||
@@ -0,0 +1,274 @@
|
||||
/*
|
||||
* Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include "config.h"
|
||||
|
||||
RCSID("$Id$");
|
||||
#endif
|
||||
|
||||
#include "hash.h"
|
||||
#include "md5.h"
|
||||
|
||||
#define A m->counter[0]
|
||||
#define B m->counter[1]
|
||||
#define C m->counter[2]
|
||||
#define D m->counter[3]
|
||||
#define X data
|
||||
|
||||
void
|
||||
MD5_Init (struct md5 *m)
|
||||
{
|
||||
m->sz[0] = 0;
|
||||
m->sz[1] = 0;
|
||||
D = 0x10325476;
|
||||
C = 0x98badcfe;
|
||||
B = 0xefcdab89;
|
||||
A = 0x67452301;
|
||||
}
|
||||
|
||||
#define F(x,y,z) CRAYFIX((x & y) | (~x & z))
|
||||
#define G(x,y,z) CRAYFIX((x & z) | (y & ~z))
|
||||
#define H(x,y,z) (x ^ y ^ z)
|
||||
#define I(x,y,z) CRAYFIX(y ^ (x | ~z))
|
||||
|
||||
#define DOIT(a,b,c,d,k,s,i,OP) \
|
||||
a = b + cshift(a + OP(b,c,d) + X[k] + (i), s)
|
||||
|
||||
#define DO1(a,b,c,d,k,s,i) DOIT(a,b,c,d,k,s,i,F)
|
||||
#define DO2(a,b,c,d,k,s,i) DOIT(a,b,c,d,k,s,i,G)
|
||||
#define DO3(a,b,c,d,k,s,i) DOIT(a,b,c,d,k,s,i,H)
|
||||
#define DO4(a,b,c,d,k,s,i) DOIT(a,b,c,d,k,s,i,I)
|
||||
|
||||
static inline void
|
||||
calc (struct md5 *m, uint32_t *data)
|
||||
{
|
||||
uint32_t AA, BB, CC, DD;
|
||||
|
||||
AA = A;
|
||||
BB = B;
|
||||
CC = C;
|
||||
DD = D;
|
||||
|
||||
/* Round 1 */
|
||||
|
||||
DO1(A,B,C,D,0,7,0xd76aa478);
|
||||
DO1(D,A,B,C,1,12,0xe8c7b756);
|
||||
DO1(C,D,A,B,2,17,0x242070db);
|
||||
DO1(B,C,D,A,3,22,0xc1bdceee);
|
||||
|
||||
DO1(A,B,C,D,4,7,0xf57c0faf);
|
||||
DO1(D,A,B,C,5,12,0x4787c62a);
|
||||
DO1(C,D,A,B,6,17,0xa8304613);
|
||||
DO1(B,C,D,A,7,22,0xfd469501);
|
||||
|
||||
DO1(A,B,C,D,8,7,0x698098d8);
|
||||
DO1(D,A,B,C,9,12,0x8b44f7af);
|
||||
DO1(C,D,A,B,10,17,0xffff5bb1);
|
||||
DO1(B,C,D,A,11,22,0x895cd7be);
|
||||
|
||||
DO1(A,B,C,D,12,7,0x6b901122);
|
||||
DO1(D,A,B,C,13,12,0xfd987193);
|
||||
DO1(C,D,A,B,14,17,0xa679438e);
|
||||
DO1(B,C,D,A,15,22,0x49b40821);
|
||||
|
||||
/* Round 2 */
|
||||
|
||||
DO2(A,B,C,D,1,5,0xf61e2562);
|
||||
DO2(D,A,B,C,6,9,0xc040b340);
|
||||
DO2(C,D,A,B,11,14,0x265e5a51);
|
||||
DO2(B,C,D,A,0,20,0xe9b6c7aa);
|
||||
|
||||
DO2(A,B,C,D,5,5,0xd62f105d);
|
||||
DO2(D,A,B,C,10,9,0x2441453);
|
||||
DO2(C,D,A,B,15,14,0xd8a1e681);
|
||||
DO2(B,C,D,A,4,20,0xe7d3fbc8);
|
||||
|
||||
DO2(A,B,C,D,9,5,0x21e1cde6);
|
||||
DO2(D,A,B,C,14,9,0xc33707d6);
|
||||
DO2(C,D,A,B,3,14,0xf4d50d87);
|
||||
DO2(B,C,D,A,8,20,0x455a14ed);
|
||||
|
||||
DO2(A,B,C,D,13,5,0xa9e3e905);
|
||||
DO2(D,A,B,C,2,9,0xfcefa3f8);
|
||||
DO2(C,D,A,B,7,14,0x676f02d9);
|
||||
DO2(B,C,D,A,12,20,0x8d2a4c8a);
|
||||
|
||||
/* Round 3 */
|
||||
|
||||
DO3(A,B,C,D,5,4,0xfffa3942);
|
||||
DO3(D,A,B,C,8,11,0x8771f681);
|
||||
DO3(C,D,A,B,11,16,0x6d9d6122);
|
||||
DO3(B,C,D,A,14,23,0xfde5380c);
|
||||
|
||||
DO3(A,B,C,D,1,4,0xa4beea44);
|
||||
DO3(D,A,B,C,4,11,0x4bdecfa9);
|
||||
DO3(C,D,A,B,7,16,0xf6bb4b60);
|
||||
DO3(B,C,D,A,10,23,0xbebfbc70);
|
||||
|
||||
DO3(A,B,C,D,13,4,0x289b7ec6);
|
||||
DO3(D,A,B,C,0,11,0xeaa127fa);
|
||||
DO3(C,D,A,B,3,16,0xd4ef3085);
|
||||
DO3(B,C,D,A,6,23,0x4881d05);
|
||||
|
||||
DO3(A,B,C,D,9,4,0xd9d4d039);
|
||||
DO3(D,A,B,C,12,11,0xe6db99e5);
|
||||
DO3(C,D,A,B,15,16,0x1fa27cf8);
|
||||
DO3(B,C,D,A,2,23,0xc4ac5665);
|
||||
|
||||
/* Round 4 */
|
||||
|
||||
DO4(A,B,C,D,0,6,0xf4292244);
|
||||
DO4(D,A,B,C,7,10,0x432aff97);
|
||||
DO4(C,D,A,B,14,15,0xab9423a7);
|
||||
DO4(B,C,D,A,5,21,0xfc93a039);
|
||||
|
||||
DO4(A,B,C,D,12,6,0x655b59c3);
|
||||
DO4(D,A,B,C,3,10,0x8f0ccc92);
|
||||
DO4(C,D,A,B,10,15,0xffeff47d);
|
||||
DO4(B,C,D,A,1,21,0x85845dd1);
|
||||
|
||||
DO4(A,B,C,D,8,6,0x6fa87e4f);
|
||||
DO4(D,A,B,C,15,10,0xfe2ce6e0);
|
||||
DO4(C,D,A,B,6,15,0xa3014314);
|
||||
DO4(B,C,D,A,13,21,0x4e0811a1);
|
||||
|
||||
DO4(A,B,C,D,4,6,0xf7537e82);
|
||||
DO4(D,A,B,C,11,10,0xbd3af235);
|
||||
DO4(C,D,A,B,2,15,0x2ad7d2bb);
|
||||
DO4(B,C,D,A,9,21,0xeb86d391);
|
||||
|
||||
A += AA;
|
||||
B += BB;
|
||||
C += CC;
|
||||
D += DD;
|
||||
}
|
||||
|
||||
/*
|
||||
* From `Performance analysis of MD5' by Joseph D. Touch <touch@isi.edu>
|
||||
*/
|
||||
|
||||
#if defined(WORDS_BIGENDIAN)
|
||||
static inline uint32_t
|
||||
swap_uint32_t (uint32_t t)
|
||||
{
|
||||
uint32_t temp1, temp2;
|
||||
|
||||
temp1 = cshift(t, 16);
|
||||
temp2 = temp1 >> 8;
|
||||
temp1 &= 0x00ff00ff;
|
||||
temp2 &= 0x00ff00ff;
|
||||
temp1 <<= 8;
|
||||
return temp1 | temp2;
|
||||
}
|
||||
#endif
|
||||
|
||||
struct x32{
|
||||
unsigned int a:32;
|
||||
unsigned int b:32;
|
||||
};
|
||||
|
||||
void
|
||||
MD5_Update (struct md5 *m, const void *v, size_t len)
|
||||
{
|
||||
const unsigned char *p = v;
|
||||
size_t old_sz = m->sz[0];
|
||||
size_t offset;
|
||||
|
||||
m->sz[0] += len * 8;
|
||||
if (m->sz[0] < old_sz)
|
||||
++m->sz[1];
|
||||
offset = (old_sz / 8) % 64;
|
||||
while(len > 0){
|
||||
size_t l = min(len, 64 - offset);
|
||||
memcpy(m->save + offset, p, l);
|
||||
offset += l;
|
||||
p += l;
|
||||
len -= l;
|
||||
if(offset == 64){
|
||||
#if defined(WORDS_BIGENDIAN)
|
||||
int i;
|
||||
uint32_t current[16];
|
||||
struct x32 *u = (struct x32*)m->save;
|
||||
for(i = 0; i < 8; i++){
|
||||
current[2*i+0] = swap_uint32_t(u[i].a);
|
||||
current[2*i+1] = swap_uint32_t(u[i].b);
|
||||
}
|
||||
calc(m, current);
|
||||
#else
|
||||
calc(m, (uint32_t*)m->save);
|
||||
#endif
|
||||
offset = 0;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
void
|
||||
MD5_Final (void *res, struct md5 *m)
|
||||
{
|
||||
unsigned char zeros[72];
|
||||
unsigned offset = (m->sz[0] / 8) % 64;
|
||||
unsigned int dstart = (120 - offset - 1) % 64 + 1;
|
||||
|
||||
*zeros = 0x80;
|
||||
memset (zeros + 1, 0, sizeof(zeros) - 1);
|
||||
zeros[dstart+0] = (m->sz[0] >> 0) & 0xff;
|
||||
zeros[dstart+1] = (m->sz[0] >> 8) & 0xff;
|
||||
zeros[dstart+2] = (m->sz[0] >> 16) & 0xff;
|
||||
zeros[dstart+3] = (m->sz[0] >> 24) & 0xff;
|
||||
zeros[dstart+4] = (m->sz[1] >> 0) & 0xff;
|
||||
zeros[dstart+5] = (m->sz[1] >> 8) & 0xff;
|
||||
zeros[dstart+6] = (m->sz[1] >> 16) & 0xff;
|
||||
zeros[dstart+7] = (m->sz[1] >> 24) & 0xff;
|
||||
MD5_Update (m, zeros, dstart + 8);
|
||||
{
|
||||
int i;
|
||||
unsigned char *r = (unsigned char *)res;
|
||||
|
||||
for (i = 0; i < 4; ++i) {
|
||||
r[4*i] = m->counter[i] & 0xFF;
|
||||
r[4*i+1] = (m->counter[i] >> 8) & 0xFF;
|
||||
r[4*i+2] = (m->counter[i] >> 16) & 0xFF;
|
||||
r[4*i+3] = (m->counter[i] >> 24) & 0xFF;
|
||||
}
|
||||
}
|
||||
#if 0
|
||||
{
|
||||
int i;
|
||||
uint32_t *r = (uint32_t *)res;
|
||||
|
||||
for (i = 0; i < 4; ++i)
|
||||
r[i] = swap_uint32_t (m->counter[i]);
|
||||
}
|
||||
#endif
|
||||
}
|
||||
@@ -0,0 +1,62 @@
|
||||
/*
|
||||
* Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
/* $Id$ */
|
||||
|
||||
#ifndef HEIM_MD5_H
|
||||
#define HEIM_MD5_H 1
|
||||
|
||||
/* symbol renaming */
|
||||
#define MD5_Init hc_MD5_Init
|
||||
#define MD5_Update hc_MD5_Update
|
||||
#define MD5_Final hc_MD5_Final
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
#define MD5_DIGEST_LENGTH 16
|
||||
|
||||
struct md5 {
|
||||
unsigned int sz[2];
|
||||
uint32_t counter[4];
|
||||
unsigned char save[64];
|
||||
};
|
||||
|
||||
typedef struct md5 MD5_CTX;
|
||||
|
||||
void MD5_Init (struct md5 *m);
|
||||
void MD5_Update (struct md5 *m, const void *p, size_t len);
|
||||
void MD5_Final (void *res, struct md5 *m); /* uint32_t res[4] */
|
||||
|
||||
#endif /* HEIM_MD5_H */
|
||||
@@ -0,0 +1,80 @@
|
||||
/*
|
||||
* Copyright (c) 1999 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include <config.h>
|
||||
RCSID("$Id$");
|
||||
#endif
|
||||
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <des.h>
|
||||
|
||||
struct test {
|
||||
const char *str;
|
||||
const char *salt;
|
||||
const char *result;
|
||||
} tests[] = {
|
||||
{"Hello world!", "$1$saltstring", "$1$saltstri$YMyguxXMBpd2TEZ.vS/3q1"},
|
||||
{NULL, NULL, NULL}
|
||||
};
|
||||
|
||||
static int
|
||||
do_test (void)
|
||||
{
|
||||
struct test *t;
|
||||
int res = 0;
|
||||
|
||||
for (t = tests; t->str != NULL; ++t) {
|
||||
const char *c;
|
||||
|
||||
c = crypt (t->str, t->salt);
|
||||
|
||||
if (strcmp (c, t->result) != 0) {
|
||||
res = 1;
|
||||
printf ("should have been: \"%s\"\n", t->result);
|
||||
printf ("result was: \"%s\"\n", c);
|
||||
}
|
||||
}
|
||||
if (res)
|
||||
printf ("failed\n");
|
||||
else
|
||||
printf ("success\n");
|
||||
return res;
|
||||
}
|
||||
|
||||
int
|
||||
main (void)
|
||||
{
|
||||
return do_test ();
|
||||
}
|
||||
@@ -0,0 +1,358 @@
|
||||
/*
|
||||
* Copyright (c) 1995 - 2002 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include <config.h>
|
||||
RCSID("$Id$");
|
||||
#endif
|
||||
|
||||
#include <stdio.h>
|
||||
#ifdef HAVE_STDLIB_H
|
||||
#include <stdlib.h>
|
||||
#endif
|
||||
#include <string.h>
|
||||
#ifdef KRB5
|
||||
#include <krb5-types.h>
|
||||
#endif
|
||||
#include <md2.h>
|
||||
#include <md4.h>
|
||||
#include <md5.h>
|
||||
#include <sha.h>
|
||||
#include <evp.h>
|
||||
|
||||
#define ONE_MILLION_A "one million a's"
|
||||
|
||||
struct hash_foo {
|
||||
const char *name;
|
||||
size_t psize;
|
||||
size_t hsize;
|
||||
void (*init)(void*);
|
||||
void (*update)(void*, const void*, size_t);
|
||||
void (*final)(void*, void*);
|
||||
const EVP_MD * (*evp)(void);
|
||||
} md2 = {
|
||||
"MD2",
|
||||
sizeof(MD2_CTX),
|
||||
16,
|
||||
(void (*)(void*))MD2_Init,
|
||||
(void (*)(void*,const void*, size_t))MD2_Update,
|
||||
(void (*)(void*, void*))MD2_Final,
|
||||
EVP_md2
|
||||
}, md4 = {
|
||||
"MD4",
|
||||
sizeof(MD4_CTX),
|
||||
16,
|
||||
(void (*)(void*))MD4_Init,
|
||||
(void (*)(void*,const void*, size_t))MD4_Update,
|
||||
(void (*)(void*, void*))MD4_Final,
|
||||
EVP_md4
|
||||
}, md5 = {
|
||||
"MD5",
|
||||
sizeof(MD5_CTX),
|
||||
16,
|
||||
(void (*)(void*))MD5_Init,
|
||||
(void (*)(void*,const void*, size_t))MD5_Update,
|
||||
(void (*)(void*, void*))MD5_Final,
|
||||
EVP_md5
|
||||
}, sha1 = {
|
||||
"SHA-1",
|
||||
sizeof(struct sha),
|
||||
20,
|
||||
(void (*)(void*))SHA1_Init,
|
||||
(void (*)(void*,const void*, size_t))SHA1_Update,
|
||||
(void (*)(void*, void*))SHA1_Final,
|
||||
EVP_sha1
|
||||
};
|
||||
struct hash_foo sha256 = {
|
||||
"SHA-256",
|
||||
sizeof(SHA256_CTX),
|
||||
32,
|
||||
(void (*)(void*))SHA256_Init,
|
||||
(void (*)(void*,const void*, size_t))SHA256_Update,
|
||||
(void (*)(void*, void*))SHA256_Final,
|
||||
EVP_sha256
|
||||
};
|
||||
#ifdef HAVE_SHA384
|
||||
struct hash_foo sha384 = {
|
||||
"SHA-384",
|
||||
sizeof(struct sha512),
|
||||
48,
|
||||
(void (*)(void*))SHA384_Init,
|
||||
(void (*)(void*,const void*, size_t))SHA384_Update,
|
||||
(void (*)(void*, void*))SHA384_Final
|
||||
};
|
||||
#endif
|
||||
#ifdef HAVE_SHA512
|
||||
struct hash_foo sha512 = {
|
||||
"SHA-512",
|
||||
sizeof(struct sha512),
|
||||
64,
|
||||
(void (*)(void*))SHA512_Init,
|
||||
(void (*)(void*,const void*, size_t))SHA512_Update,
|
||||
(void (*)(void*, void*))SHA512_Final
|
||||
};
|
||||
#endif
|
||||
|
||||
struct test {
|
||||
char *str;
|
||||
unsigned char hash[64];
|
||||
};
|
||||
|
||||
struct test md2_tests[] = {
|
||||
{"",
|
||||
"\x83\x50\xe5\xa3\xe2\x4c\x15\x3d\xf2\x27\x5c\x9f\x80\x69\x27\x73" },
|
||||
{"a",
|
||||
"\x32\xec\x01\xec\x4a\x6d\xac\x72\xc0\xab\x96\xfb\x34\xc0\xb5\xd1" },
|
||||
{"abc",
|
||||
"\xda\x85\x3b\x0d\x3f\x88\xd9\x9b\x30\x28\x3a\x69\xe6\xde\xd6\xbb" },
|
||||
{"message digest",
|
||||
"\xab\x4f\x49\x6b\xfb\x2a\x53\x0b\x21\x9f\xf3\x30\x31\xfe\x06\xb0" },
|
||||
{"abcdefghijklmnopqrstuvwxyz",
|
||||
"\x4e\x8d\xdf\xf3\x65\x02\x92\xab\x5a\x41\x08\xc3\xaa\x47\x94\x0b" },
|
||||
{"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
|
||||
"\xda\x33\xde\xf2\xa4\x2d\xf1\x39\x75\x35\x28\x46\xc3\x03\x38\xcd" },
|
||||
{"12345678901234567890123456789012345678901234567890123456789012345678901234567890",
|
||||
"\xd5\x97\x6f\x79\xd8\x3d\x3a\x0d\xc9\x80\x6c\x3c\x66\xf3\xef\xd8" },
|
||||
{NULL }
|
||||
};
|
||||
|
||||
struct test md4_tests[] = {
|
||||
{"",
|
||||
{0x31, 0xd6, 0xcf, 0xe0, 0xd1, 0x6a, 0xe9, 0x31, 0xb7, 0x3c, 0x59,
|
||||
0xd7, 0xe0, 0xc0, 0x89, 0xc0}},
|
||||
{"a",
|
||||
{0xbd, 0xe5, 0x2c, 0xb3, 0x1d, 0xe3, 0x3e, 0x46, 0x24, 0x5e, 0x05,
|
||||
0xfb, 0xdb, 0xd6, 0xfb, 0x24}},
|
||||
{"abc",
|
||||
{0xa4, 0x48, 0x01, 0x7a, 0xaf, 0x21, 0xd8, 0x52, 0x5f, 0xc1, 0x0a, 0xe8, 0x7a, 0xa6, 0x72, 0x9d}},
|
||||
{"message digest",
|
||||
{0xd9, 0x13, 0x0a, 0x81, 0x64, 0x54, 0x9f, 0xe8, 0x18, 0x87, 0x48, 0x06, 0xe1, 0xc7, 0x01, 0x4b}},
|
||||
{"abcdefghijklmnopqrstuvwxyz", {0xd7, 0x9e, 0x1c, 0x30, 0x8a, 0xa5, 0xbb, 0xcd, 0xee, 0xa8, 0xed, 0x63, 0xdf, 0x41, 0x2d, 0xa9, }},
|
||||
{"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
|
||||
{0x04, 0x3f, 0x85, 0x82, 0xf2, 0x41, 0xdb, 0x35, 0x1c, 0xe6, 0x27, 0xe1, 0x53, 0xe7, 0xf0, 0xe4}},
|
||||
{"12345678901234567890123456789012345678901234567890123456789012345678901234567890",
|
||||
{0xe3, 0x3b, 0x4d, 0xdc, 0x9c, 0x38, 0xf2, 0x19, 0x9c, 0x3e, 0x7b, 0x16, 0x4f, 0xcc, 0x05, 0x36, }},
|
||||
{NULL, { 0x0 }}};
|
||||
|
||||
struct test md5_tests[] = {
|
||||
{"", {0xd4, 0x1d, 0x8c, 0xd9, 0x8f, 0x00, 0xb2, 0x04, 0xe9, 0x80, 0x09, 0x98, 0xec, 0xf8, 0x42, 0x7e}},
|
||||
{"a", {0x0c, 0xc1, 0x75, 0xb9, 0xc0, 0xf1, 0xb6, 0xa8, 0x31, 0xc3, 0x99, 0xe2, 0x69, 0x77, 0x26, 0x61}},
|
||||
{"abc", {0x90, 0x01, 0x50, 0x98, 0x3c, 0xd2, 0x4f, 0xb0, 0xd6, 0x96, 0x3f, 0x7d, 0x28, 0xe1, 0x7f, 0x72}},
|
||||
{"message digest", {0xf9, 0x6b, 0x69, 0x7d, 0x7c, 0xb7, 0x93, 0x8d, 0x52, 0x5a, 0x2f, 0x31, 0xaa, 0xf1, 0x61, 0xd0}},
|
||||
{"abcdefghijklmnopqrstuvwxyz", {0xc3, 0xfc, 0xd3, 0xd7, 0x61, 0x92, 0xe4, 0x00, 0x7d, 0xfb, 0x49, 0x6c, 0xca, 0x67, 0xe1, 0x3b}},
|
||||
{"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", {0xd1, 0x74, 0xab, 0x98, 0xd2, 0x77, 0xd9, 0xf5, 0xa5, 0x61, 0x1c, 0x2c, 0x9f, 0x41, 0x9d, 0x9f}},
|
||||
{"12345678901234567890123456789012345678901234567890123456789012345678901234567890", {0x57, 0xed, 0xf4, 0xa2, 0x2b, 0xe3, 0xc9, 0x55, 0xac, 0x49, 0xda, 0x2e, 0x21, 0x07, 0xb6, 0x7a}},
|
||||
{NULL, { 0x0 }}};
|
||||
|
||||
struct test sha1_tests[] = {
|
||||
{ "abc",
|
||||
{0xA9, 0x99, 0x3E, 0x36, 0x47, 0x06, 0x81, 0x6A,
|
||||
0xBA, 0x3E, 0x25, 0x71, 0x78, 0x50, 0xC2, 0x6C,
|
||||
0x9C, 0xD0, 0xD8, 0x9D}},
|
||||
{ "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
|
||||
{0x84, 0x98, 0x3E, 0x44, 0x1C, 0x3B, 0xD2, 0x6E,
|
||||
0xBA, 0xAE, 0x4A, 0xA1, 0xF9, 0x51, 0x29, 0xE5,
|
||||
0xE5, 0x46, 0x70, 0xF1}},
|
||||
{ ONE_MILLION_A,
|
||||
{0x34, 0xaa, 0x97, 0x3c, 0xd4, 0xc4, 0xda, 0xa4,
|
||||
0xf6, 0x1e, 0xeb, 0x2b, 0xdb, 0xad, 0x27, 0x31,
|
||||
0x65, 0x34, 0x01, 0x6f}},
|
||||
{ NULL }
|
||||
};
|
||||
|
||||
struct test sha256_tests[] = {
|
||||
{ "abc",
|
||||
{ 0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea,
|
||||
0x41, 0x41, 0x40, 0xde, 0x5d, 0xae, 0x22, 0x23,
|
||||
0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c,
|
||||
0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad }},
|
||||
{ "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
|
||||
{ 0x24, 0x8d, 0x6a, 0x61, 0xd2, 0x06, 0x38, 0xb8,
|
||||
0xe5, 0xc0, 0x26, 0x93, 0x0c, 0x3e, 0x60, 0x39,
|
||||
0xa3, 0x3c, 0xe4, 0x59, 0x64, 0xff, 0x21, 0x67,
|
||||
0xf6, 0xec, 0xed, 0xd4, 0x19, 0xdb, 0x06, 0xc1 }},
|
||||
{ ONE_MILLION_A,
|
||||
{0xcd,0xc7,0x6e,0x5c, 0x99,0x14,0xfb,0x92,
|
||||
0x81,0xa1,0xc7,0xe2, 0x84,0xd7,0x3e,0x67,
|
||||
0xf1,0x80,0x9a,0x48, 0xa4,0x97,0x20,0x0e,
|
||||
0x04,0x6d,0x39,0xcc, 0xc7,0x11,0x2c,0xd0 }},
|
||||
{ NULL }
|
||||
};
|
||||
|
||||
#ifdef HAVE_SHA384
|
||||
struct test sha384_tests[] = {
|
||||
{ "abc",
|
||||
{ 0xcb,0x00,0x75,0x3f,0x45,0xa3,0x5e,0x8b,
|
||||
0xb5,0xa0,0x3d,0x69,0x9a,0xc6,0x50,0x07,
|
||||
0x27,0x2c,0x32,0xab,0x0e,0xde,0xd1,0x63,
|
||||
0x1a,0x8b,0x60,0x5a,0x43,0xff,0x5b,0xed,
|
||||
0x80,0x86,0x07,0x2b,0xa1,0xe7,0xcc,0x23,
|
||||
0x58,0xba,0xec,0xa1,0x34,0xc8,0x25,0xa7}},
|
||||
{ "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmno"
|
||||
"ijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu",
|
||||
{ 0x09,0x33,0x0c,0x33,0xf7,0x11,0x47,0xe8,
|
||||
0x3d,0x19,0x2f,0xc7,0x82,0xcd,0x1b,0x47,
|
||||
0x53,0x11,0x1b,0x17,0x3b,0x3b,0x05,0xd2,
|
||||
0x2f,0xa0,0x80,0x86,0xe3,0xb0,0xf7,0x12,
|
||||
0xfc,0xc7,0xc7,0x1a,0x55,0x7e,0x2d,0xb9,
|
||||
0x66,0xc3,0xe9,0xfa,0x91,0x74,0x60,0x39}},
|
||||
{ ONE_MILLION_A,
|
||||
{ 0x9d,0x0e,0x18,0x09,0x71,0x64,0x74,0xcb,
|
||||
0x08,0x6e,0x83,0x4e,0x31,0x0a,0x4a,0x1c,
|
||||
0xed,0x14,0x9e,0x9c,0x00,0xf2,0x48,0x52,
|
||||
0x79,0x72,0xce,0xc5,0x70,0x4c,0x2a,0x5b,
|
||||
0x07,0xb8,0xb3,0xdc,0x38,0xec,0xc4,0xeb,
|
||||
0xae,0x97,0xdd,0xd8,0x7f,0x3d,0x89,0x85}},
|
||||
{NULL}
|
||||
};
|
||||
#endif
|
||||
#ifdef HAVE_SHA512
|
||||
struct test sha512_tests[] = {
|
||||
{ "abc",
|
||||
{ 0xdd,0xaf,0x35,0xa1,0x93,0x61,0x7a,0xba,
|
||||
0xcc,0x41,0x73,0x49,0xae,0x20,0x41,0x31,
|
||||
0x12,0xe6,0xfa,0x4e,0x89,0xa9,0x7e,0xa2,
|
||||
0x0a,0x9e,0xee,0xe6,0x4b,0x55,0xd3,0x9a,
|
||||
0x21,0x92,0x99,0x2a,0x27,0x4f,0xc1,0xa8,
|
||||
0x36,0xba,0x3c,0x23,0xa3,0xfe,0xeb,0xbd,
|
||||
0x45,0x4d,0x44,0x23,0x64,0x3c,0xe8,0x0e,
|
||||
0x2a,0x9a,0xc9,0x4f,0xa5,0x4c,0xa4,0x9f }},
|
||||
{ "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmno"
|
||||
"ijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu",
|
||||
{ 0x8e,0x95,0x9b,0x75,0xda,0xe3,0x13,0xda,
|
||||
0x8c,0xf4,0xf7,0x28,0x14,0xfc,0x14,0x3f,
|
||||
0x8f,0x77,0x79,0xc6,0xeb,0x9f,0x7f,0xa1,
|
||||
0x72,0x99,0xae,0xad,0xb6,0x88,0x90,0x18,
|
||||
0x50,0x1d,0x28,0x9e,0x49,0x00,0xf7,0xe4,
|
||||
0x33,0x1b,0x99,0xde,0xc4,0xb5,0x43,0x3a,
|
||||
0xc7,0xd3,0x29,0xee,0xb6,0xdd,0x26,0x54,
|
||||
0x5e,0x96,0xe5,0x5b,0x87,0x4b,0xe9,0x09 }},
|
||||
{ ONE_MILLION_A,
|
||||
{ 0xe7,0x18,0x48,0x3d,0x0c,0xe7,0x69,0x64,
|
||||
0x4e,0x2e,0x42,0xc7,0xbc,0x15,0xb4,0x63,
|
||||
0x8e,0x1f,0x98,0xb1,0x3b,0x20,0x44,0x28,
|
||||
0x56,0x32,0xa8,0x03,0xaf,0xa9,0x73,0xeb,
|
||||
0xde,0x0f,0xf2,0x44,0x87,0x7e,0xa6,0x0a,
|
||||
0x4c,0xb0,0x43,0x2c,0xe5,0x77,0xc3,0x1b,
|
||||
0xeb,0x00,0x9c,0x5c,0x2c,0x49,0xaa,0x2e,
|
||||
0x4e,0xad,0xb2,0x17,0xad,0x8c,0xc0,0x9b }},
|
||||
{ NULL }
|
||||
};
|
||||
#endif
|
||||
|
||||
static int
|
||||
hash_test (struct hash_foo *hash, struct test *tests)
|
||||
{
|
||||
struct test *t;
|
||||
EVP_MD_CTX ectx;
|
||||
unsigned int esize;
|
||||
void *ctx = malloc(hash->psize);
|
||||
unsigned char *res = malloc(hash->hsize);
|
||||
|
||||
printf ("%s... ", hash->name);
|
||||
for (t = tests; t->str; ++t) {
|
||||
char buf[1000];
|
||||
|
||||
EVP_MD_CTX_init(&ectx);
|
||||
EVP_DigestInit_ex(&ectx, hash->evp(), NULL);
|
||||
|
||||
(*hash->init)(ctx);
|
||||
if(strcmp(t->str, ONE_MILLION_A) == 0) {
|
||||
int i;
|
||||
memset(buf, 'a', sizeof(buf));
|
||||
for(i = 0; i < 1000; i++) {
|
||||
(*hash->update)(ctx, buf, sizeof(buf));
|
||||
EVP_DigestUpdate(&ectx, buf, sizeof(buf));
|
||||
}
|
||||
} else {
|
||||
(*hash->update)(ctx, (unsigned char *)t->str, strlen(t->str));
|
||||
EVP_DigestUpdate(&ectx, t->str, strlen(t->str));
|
||||
}
|
||||
|
||||
(*hash->final) (res, ctx);
|
||||
if (memcmp (res, t->hash, hash->hsize) != 0) {
|
||||
int i;
|
||||
|
||||
printf ("%s(\"%s\") failed\n", hash->name, t->str);
|
||||
printf("should be: ");
|
||||
for(i = 0; i < hash->hsize; ++i) {
|
||||
if(i > 0 && (i % 16) == 0)
|
||||
printf("\n ");
|
||||
printf("%02x ", t->hash[i]);
|
||||
}
|
||||
printf("\nresult was: ");
|
||||
for(i = 0; i < hash->hsize; ++i) {
|
||||
if(i > 0 && (i % 16) == 0)
|
||||
printf("\n ");
|
||||
printf("%02x ", res[i]);
|
||||
}
|
||||
printf("\n");
|
||||
return 1;
|
||||
}
|
||||
|
||||
EVP_DigestFinal_ex(&ectx, res, &esize);
|
||||
EVP_MD_CTX_cleanup(&ectx);
|
||||
|
||||
if (hash->hsize != esize) {
|
||||
printf("EVP %s returned wrong hash size\n", hash->name);
|
||||
return 1;
|
||||
}
|
||||
|
||||
if (memcmp (res, t->hash, hash->hsize) != 0) {
|
||||
printf("EVP %s failed here old function where successful!\n",
|
||||
hash->name);
|
||||
return 1;
|
||||
}
|
||||
}
|
||||
free(ctx);
|
||||
printf ("success\n");
|
||||
return 0;
|
||||
}
|
||||
|
||||
int
|
||||
main (void)
|
||||
{
|
||||
return
|
||||
hash_test(&md2, md2_tests) +
|
||||
hash_test(&md4, md4_tests) +
|
||||
hash_test(&md5, md5_tests) +
|
||||
hash_test(&sha1, sha1_tests)
|
||||
+ hash_test(&sha256, sha256_tests)
|
||||
#ifdef HAVE_SHA384
|
||||
+ hash_test(&sha384, sha384_tests)
|
||||
#endif
|
||||
#ifdef HAVE_SHA512
|
||||
+ hash_test(&sha512, sha512_tests)
|
||||
#endif
|
||||
;
|
||||
}
|
||||
Binary file not shown.
@@ -0,0 +1,34 @@
|
||||
; CLW file contains information for the MFC ClassWizard
|
||||
|
||||
[General Info]
|
||||
Version=1
|
||||
LastClass=
|
||||
LastTemplate=CDialog
|
||||
NewFileInclude1=#include "stdafx.h"
|
||||
NewFileInclude2=#include "passwd_dialog.h"
|
||||
LastPage=0
|
||||
|
||||
ClassCount=0
|
||||
|
||||
ResourceCount=2
|
||||
Resource1=IDD_DIALOG1
|
||||
Resource2=IDD_PASSWD_DIALOG
|
||||
|
||||
[DLG:IDD_DIALOG1]
|
||||
Type=1
|
||||
ControlCount=6
|
||||
Control1=IDOK,button,1342242817
|
||||
Control2=IDCANCEL,button,1342242816
|
||||
Control3=IDC_STATIC,static,1342308352
|
||||
Control4=IDC_STATIC,static,1342308352
|
||||
Control5=IDC_EDIT1,edit,1350631552
|
||||
Control6=IDC_EDIT2,edit,1350631584
|
||||
|
||||
[DLG:IDD_PASSWD_DIALOG]
|
||||
Type=1
|
||||
ControlCount=4
|
||||
Control1=IDC_PASSWD_EDIT,edit,1350631456
|
||||
Control2=IDOK,button,1342242817
|
||||
Control3=IDCANCEL,button,1342242816
|
||||
Control4=IDC_STATIC,static,1342177280
|
||||
|
||||
@@ -0,0 +1,143 @@
|
||||
//Microsoft Developer Studio generated resource script.
|
||||
//
|
||||
#include "resource.h"
|
||||
|
||||
#define APSTUDIO_READONLY_SYMBOLS
|
||||
/////////////////////////////////////////////////////////////////////////////
|
||||
//
|
||||
// Generated from the TEXTINCLUDE 2 resource.
|
||||
//
|
||||
#include "afxres.h"
|
||||
|
||||
/////////////////////////////////////////////////////////////////////////////
|
||||
#undef APSTUDIO_READONLY_SYMBOLS
|
||||
|
||||
/////////////////////////////////////////////////////////////////////////////
|
||||
// Swedish resources
|
||||
|
||||
#if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_SVE)
|
||||
#ifdef _WIN32
|
||||
LANGUAGE LANG_SWEDISH, SUBLANG_DEFAULT
|
||||
#pragma code_page(1252)
|
||||
#endif //_WIN32
|
||||
|
||||
/////////////////////////////////////////////////////////////////////////////
|
||||
//
|
||||
// Dialog
|
||||
//
|
||||
|
||||
IDD_PASSWD_DIALOG DIALOG DISCARDABLE 0, 0, 186, 66
|
||||
STYLE DS_ABSALIGN | DS_MODALFRAME | DS_SETFOREGROUND | DS_CENTER | WS_POPUP |
|
||||
WS_VISIBLE | WS_CAPTION
|
||||
CAPTION "Password query"
|
||||
FONT 8, "MS Sans Serif"
|
||||
BEGIN
|
||||
EDITTEXT IDC_PASSWD_EDIT,30,22,125,14,ES_PASSWORD
|
||||
DEFPUSHBUTTON "OK",IDOK,30,45,50,14
|
||||
PUSHBUTTON "Cancel",IDCANCEL,105,45,50,14
|
||||
LTEXT "Please insert password:",IDC_STATIC,30,13,87,8,NOT
|
||||
WS_GROUP
|
||||
END
|
||||
|
||||
|
||||
/////////////////////////////////////////////////////////////////////////////
|
||||
//
|
||||
// DESIGNINFO
|
||||
//
|
||||
|
||||
#ifdef APSTUDIO_INVOKED
|
||||
GUIDELINES DESIGNINFO DISCARDABLE
|
||||
BEGIN
|
||||
IDD_PASSWD_DIALOG, DIALOG
|
||||
BEGIN
|
||||
LEFTMARGIN, 7
|
||||
RIGHTMARGIN, 179
|
||||
TOPMARGIN, 7
|
||||
BOTTOMMARGIN, 59
|
||||
END
|
||||
END
|
||||
#endif // APSTUDIO_INVOKED
|
||||
|
||||
|
||||
#ifdef APSTUDIO_INVOKED
|
||||
/////////////////////////////////////////////////////////////////////////////
|
||||
//
|
||||
// TEXTINCLUDE
|
||||
//
|
||||
|
||||
1 TEXTINCLUDE DISCARDABLE
|
||||
BEGIN
|
||||
"resource.h\0"
|
||||
END
|
||||
|
||||
2 TEXTINCLUDE DISCARDABLE
|
||||
BEGIN
|
||||
"#include ""afxres.h""\r\n"
|
||||
"\0"
|
||||
END
|
||||
|
||||
3 TEXTINCLUDE DISCARDABLE
|
||||
BEGIN
|
||||
"\r\n"
|
||||
"\0"
|
||||
END
|
||||
|
||||
#endif // APSTUDIO_INVOKED
|
||||
|
||||
|
||||
#ifndef _MAC
|
||||
/////////////////////////////////////////////////////////////////////////////
|
||||
//
|
||||
// Version
|
||||
//
|
||||
|
||||
VS_VERSION_INFO VERSIONINFO
|
||||
FILEVERSION 1,0,0,1
|
||||
PRODUCTVERSION 1,0,0,1
|
||||
FILEFLAGSMASK 0x3fL
|
||||
#ifdef _DEBUG
|
||||
FILEFLAGS 0x1L
|
||||
#else
|
||||
FILEFLAGS 0x0L
|
||||
#endif
|
||||
FILEOS 0x40004L
|
||||
FILETYPE 0x2L
|
||||
FILESUBTYPE 0x0L
|
||||
BEGIN
|
||||
BLOCK "StringFileInfo"
|
||||
BEGIN
|
||||
BLOCK "040904b0"
|
||||
BEGIN
|
||||
VALUE "CompanyName", "Royal Institute of Technology (KTH)\0"
|
||||
VALUE "FileDescription", "des\0"
|
||||
VALUE "FileVersion", "4, 0, 9, 9\0"
|
||||
VALUE "InternalName", "des\0"
|
||||
VALUE "LegalCopyright", "Copyright © 1996 - 1998 Royal Institute of Technology (KTH)\0"
|
||||
VALUE "OriginalFilename", "des.dll\0"
|
||||
VALUE "ProductName", "KTH Kerberos\0"
|
||||
VALUE "ProductVersion", "4,0,9,9\0"
|
||||
END
|
||||
END
|
||||
BLOCK "VarFileInfo"
|
||||
BEGIN
|
||||
VALUE "Translation", 0x409, 1200
|
||||
END
|
||||
END
|
||||
|
||||
#endif // !_MAC
|
||||
|
||||
#endif // Swedish resources
|
||||
/////////////////////////////////////////////////////////////////////////////
|
||||
|
||||
|
||||
|
||||
#ifndef APSTUDIO_INVOKED
|
||||
/////////////////////////////////////////////////////////////////////////////
|
||||
//
|
||||
// Generated from the TEXTINCLUDE 3 resource.
|
||||
//
|
||||
|
||||
|
||||
/////////////////////////////////////////////////////////////////////////////
|
||||
#endif // not APSTUDIO_INVOKED
|
||||
|
||||
Binary file not shown.
@@ -0,0 +1,92 @@
|
||||
/*
|
||||
* Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
/* passwd_dlg.c - Dialog boxes for Windows95/NT
|
||||
* Author: Jörgen Karlsson - d93-jka@nada.kth.se
|
||||
* Date: June 1996
|
||||
*/
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include <config.h>
|
||||
RCSID("$Id$");
|
||||
#endif
|
||||
|
||||
#ifdef WIN32 /* Visual C++ 4.0 (Windows95/NT) */
|
||||
#include <Windows.h>
|
||||
#include "passwd_dlg.h"
|
||||
#include "Resource.h"
|
||||
#define passwdBufSZ 64
|
||||
|
||||
char passwd[passwdBufSZ];
|
||||
|
||||
BOOL CALLBACK
|
||||
pwd_dialog_proc(HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lParam)
|
||||
{
|
||||
switch(uMsg)
|
||||
{
|
||||
case WM_COMMAND:
|
||||
switch(wParam)
|
||||
{
|
||||
case IDOK:
|
||||
if(!GetDlgItemText(hwndDlg,IDC_PASSWD_EDIT, passwd, passwdBufSZ))
|
||||
EndDialog(hwndDlg, IDCANCEL);
|
||||
case IDCANCEL:
|
||||
EndDialog(hwndDlg, wParam);
|
||||
return TRUE;
|
||||
}
|
||||
}
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
|
||||
/* return 0 if ok, 1 otherwise */
|
||||
int
|
||||
pwd_dialog(char *buf, int size)
|
||||
{
|
||||
int i;
|
||||
HWND wnd = GetActiveWindow();
|
||||
HANDLE hInst = GetModuleHandle("des");
|
||||
switch(DialogBox(hInst,MAKEINTRESOURCE(IDD_PASSWD_DIALOG),wnd,pwd_dialog_proc))
|
||||
{
|
||||
case IDOK:
|
||||
strlcpy(buf, passwd, size);
|
||||
memset (passwd, 0, sizeof(passwd));
|
||||
return 0;
|
||||
case IDCANCEL:
|
||||
default:
|
||||
memset (passwd, 0, sizeof(passwd));
|
||||
return 1;
|
||||
}
|
||||
}
|
||||
|
||||
#endif /* WIN32 */
|
||||
@@ -0,0 +1,47 @@
|
||||
/*
|
||||
* Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
/* passwd_dlg.h - Dialog boxes for Windows95/NT
|
||||
* Author: Jörgen Karlsson - d93-jka@nada.kth.se
|
||||
* Date: June 1996
|
||||
*/
|
||||
|
||||
/* $Id$ */
|
||||
|
||||
#ifndef PASSWD_DLG_H
|
||||
#define PASSWD_DLG_H
|
||||
|
||||
int pwd_dialog(char *buf, int size);
|
||||
|
||||
|
||||
#endif /* PASSWD_DLG_H */
|
||||
@@ -0,0 +1,145 @@
|
||||
/*
|
||||
* Copyright (c) 2006 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include <config.h>
|
||||
#endif
|
||||
|
||||
RCSID("$Id$");
|
||||
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <assert.h>
|
||||
|
||||
#include <pkcs12.h>
|
||||
#include <bn.h>
|
||||
|
||||
#include <roken.h>
|
||||
|
||||
int
|
||||
PKCS12_key_gen(const void *key, size_t keylen,
|
||||
const void *salt, size_t saltlen,
|
||||
int id, int iteration, size_t outkeysize,
|
||||
void *out, const EVP_MD *md)
|
||||
{
|
||||
unsigned char *v, *I, hash[EVP_MAX_MD_SIZE];
|
||||
unsigned int size, size_I = 0;
|
||||
unsigned char idc = id;
|
||||
EVP_MD_CTX ctx;
|
||||
unsigned char *outp = out;
|
||||
int i, vlen;
|
||||
|
||||
EVP_MD_CTX_init(&ctx);
|
||||
|
||||
vlen = EVP_MD_block_size(md);
|
||||
v = malloc(vlen + 1);
|
||||
if (v == NULL)
|
||||
return 0;
|
||||
|
||||
I = calloc(1, vlen * 2);
|
||||
if (I == NULL) {
|
||||
free(v);
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (salt && saltlen > 0) {
|
||||
for (i = 0; i < vlen; i++)
|
||||
I[i] = ((unsigned char*)salt)[i % saltlen];
|
||||
size_I += vlen;
|
||||
}
|
||||
if (key && keylen > 0) {
|
||||
for (i = 0; i < vlen / 2; i++) {
|
||||
I[(i * 2) + size_I] = 0;
|
||||
I[(i * 2) + size_I + 1] = ((unsigned char*)key)[i % (keylen + 1)];
|
||||
}
|
||||
size_I += vlen;
|
||||
}
|
||||
|
||||
while (1) {
|
||||
BIGNUM *bnB, *bnOne;
|
||||
|
||||
if (!EVP_DigestInit_ex(&ctx, md, NULL))
|
||||
return 0;
|
||||
for (i = 0; i < vlen; i++)
|
||||
EVP_DigestUpdate(&ctx, &idc, 1);
|
||||
EVP_DigestUpdate(&ctx, I, size_I);
|
||||
EVP_DigestFinal_ex(&ctx, hash, &size);
|
||||
|
||||
for (i = 1; i < iteration; i++)
|
||||
EVP_Digest(hash, size, hash, &size, md, NULL);
|
||||
|
||||
memcpy(outp, hash, min(outkeysize, size));
|
||||
if (outkeysize < size)
|
||||
break;
|
||||
outkeysize -= size;
|
||||
outp += size;
|
||||
|
||||
for (i = 0; i < vlen; i++)
|
||||
v[i] = hash[i % size];
|
||||
|
||||
bnB = BN_bin2bn(v, vlen, NULL);
|
||||
bnOne = BN_new();
|
||||
BN_set_word(bnOne, 1);
|
||||
|
||||
BN_uadd(bnB, bnB, bnOne);
|
||||
|
||||
for (i = 0; i < vlen * 2; i += vlen) {
|
||||
BIGNUM *bnI;
|
||||
int j;
|
||||
|
||||
bnI = BN_bin2bn(I + i, vlen, NULL);
|
||||
|
||||
BN_uadd(bnI, bnI, bnB);
|
||||
|
||||
j = BN_num_bytes(bnI);
|
||||
if (j > vlen) {
|
||||
assert(j == vlen + 1);
|
||||
BN_bn2bin(bnI, v);
|
||||
memcpy(I + i, v + 1, vlen);
|
||||
} else {
|
||||
memset(I + i, 0, vlen - j);
|
||||
BN_bn2bin(bnI, I + i + vlen - j);
|
||||
}
|
||||
BN_free(bnI);
|
||||
}
|
||||
BN_free(bnB);
|
||||
BN_free(bnOne);
|
||||
size_I = vlen * 2;
|
||||
}
|
||||
|
||||
EVP_MD_CTX_cleanup(&ctx);
|
||||
free(I);
|
||||
free(v);
|
||||
|
||||
return 1;
|
||||
}
|
||||
@@ -0,0 +1,57 @@
|
||||
/*
|
||||
* Copyright (c) 2006 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
/*
|
||||
* $Id$
|
||||
*/
|
||||
|
||||
#ifndef _HEIM_PKCS12_H
|
||||
#define _HEIM_PKCS12_H 1
|
||||
|
||||
/* symbol renaming */
|
||||
#define PKCS12_key_gen hc_PKCS12_key_gen
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
#include <hcrypto/evp.h>
|
||||
|
||||
#define PKCS12_KEY_ID 1
|
||||
#define PKCS12_IV_ID 2
|
||||
|
||||
int PKCS12_key_gen(const void *, size_t, const void *,
|
||||
size_t, int, int, size_t, void *, const EVP_MD *);
|
||||
|
||||
|
||||
#endif /* _HEIM_PKCS12_H */
|
||||
@@ -0,0 +1,116 @@
|
||||
/*
|
||||
* Copyright (c) 2006 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include <config.h>
|
||||
#endif
|
||||
|
||||
RCSID("$Id$");
|
||||
|
||||
#ifdef KRB5
|
||||
#include <krb5-types.h>
|
||||
#endif
|
||||
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
|
||||
#include <evp.h>
|
||||
#include <hmac.h>
|
||||
|
||||
#include <roken.h>
|
||||
|
||||
int
|
||||
PKCS5_PBKDF2_HMAC_SHA1(const void * password, size_t password_len,
|
||||
const void * salt, size_t salt_len,
|
||||
unsigned long iter,
|
||||
size_t keylen, void *key)
|
||||
{
|
||||
size_t datalen, leftofkey, checksumsize;
|
||||
char *data, *tmpcksum;
|
||||
uint32_t keypart;
|
||||
const EVP_MD *md;
|
||||
unsigned long i;
|
||||
int j;
|
||||
char *p;
|
||||
unsigned int hmacsize;
|
||||
|
||||
md = EVP_sha1();
|
||||
checksumsize = EVP_MD_size(md);
|
||||
datalen = salt_len + 4;
|
||||
|
||||
tmpcksum = malloc(checksumsize + datalen);
|
||||
if (tmpcksum == NULL)
|
||||
return 0;
|
||||
|
||||
data = &tmpcksum[checksumsize];
|
||||
|
||||
memcpy(data, salt, salt_len);
|
||||
|
||||
keypart = 1;
|
||||
leftofkey = keylen;
|
||||
p = key;
|
||||
|
||||
while (leftofkey) {
|
||||
int len;
|
||||
|
||||
if (leftofkey > checksumsize)
|
||||
len = checksumsize;
|
||||
else
|
||||
len = leftofkey;
|
||||
|
||||
data[datalen - 4] = (keypart >> 24) & 0xff;
|
||||
data[datalen - 3] = (keypart >> 16) & 0xff;
|
||||
data[datalen - 2] = (keypart >> 8) & 0xff;
|
||||
data[datalen - 1] = (keypart) & 0xff;
|
||||
|
||||
HMAC(md, password, password_len, data, datalen,
|
||||
tmpcksum, &hmacsize);
|
||||
|
||||
memcpy(p, tmpcksum, len);
|
||||
for (i = 1; i < iter; i++) {
|
||||
HMAC(md, password, password_len, tmpcksum, checksumsize,
|
||||
tmpcksum, &hmacsize);
|
||||
|
||||
for (j = 0; j < len; j++)
|
||||
p[j] ^= tmpcksum[j];
|
||||
}
|
||||
|
||||
p += len;
|
||||
leftofkey -= len;
|
||||
keypart++;
|
||||
}
|
||||
|
||||
free(tmpcksum);
|
||||
|
||||
return 1;
|
||||
}
|
||||
@@ -0,0 +1,262 @@
|
||||
/*
|
||||
* Copyright (c) 2007 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include <config.h>
|
||||
#endif
|
||||
|
||||
RCSID("$Id$");
|
||||
|
||||
#include <sys/types.h>
|
||||
#ifdef HAVE_SYS_UN_H
|
||||
#include <sys/un.h>
|
||||
#endif
|
||||
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#ifdef HAVE_UNISTD_H
|
||||
#include <unistd.h>
|
||||
#endif
|
||||
#include <assert.h>
|
||||
|
||||
#include <rand.h>
|
||||
#include <randi.h>
|
||||
|
||||
#include <roken.h>
|
||||
|
||||
static const char *egd_path = "/var/run/egd-pool";
|
||||
|
||||
#define MAX_EGD_DATA 255
|
||||
|
||||
static int
|
||||
connect_egd(const char *path)
|
||||
{
|
||||
struct sockaddr_un addr;
|
||||
int fd;
|
||||
|
||||
memset(&addr, 0, sizeof(addr));
|
||||
|
||||
if (strlen(path) > sizeof(addr.sun_path))
|
||||
return -1;
|
||||
|
||||
addr.sun_family = AF_UNIX;
|
||||
strlcpy(addr.sun_path, path, sizeof(addr.sun_path));
|
||||
|
||||
fd = socket(AF_UNIX, SOCK_STREAM, 0);
|
||||
if (fd < 0)
|
||||
return -1;
|
||||
|
||||
if (connect(fd, (struct sockaddr *)&addr, sizeof(addr)) != 0) {
|
||||
close(fd);
|
||||
return -1;
|
||||
}
|
||||
|
||||
return fd;
|
||||
}
|
||||
|
||||
static int
|
||||
get_entropy(int fd, void *data, size_t len)
|
||||
{
|
||||
unsigned char msg[2];
|
||||
|
||||
assert(len <= MAX_EGD_DATA);
|
||||
|
||||
msg[0] = 0x02; /* read blocking data */
|
||||
msg[1] = len; /* wanted length */
|
||||
|
||||
if (net_write(fd, msg, sizeof(msg)) != sizeof(msg))
|
||||
return 0;
|
||||
|
||||
if (net_read(fd, data, len) != len)
|
||||
return 0;
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int
|
||||
put_entropy(int fd, const void *data, size_t len)
|
||||
{
|
||||
unsigned char msg[4];
|
||||
|
||||
assert (len <= MAX_EGD_DATA);
|
||||
|
||||
msg[0] = 0x03; /* write data */
|
||||
msg[1] = 0; /* dummy */
|
||||
msg[2] = 0; /* entropy */
|
||||
msg[3] = len; /* length */
|
||||
|
||||
if (net_write(fd, msg, sizeof(msg)) != sizeof(msg))
|
||||
return 0;
|
||||
if (net_write(fd, data, len) != len)
|
||||
return 0;
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
static void
|
||||
egd_seed(const void *indata, int size)
|
||||
{
|
||||
size_t len;
|
||||
int fd, ret = 1;
|
||||
|
||||
fd = connect_egd(egd_path);
|
||||
if (fd < 0)
|
||||
return;
|
||||
|
||||
while(size) {
|
||||
len = size;
|
||||
if (len > MAX_EGD_DATA)
|
||||
len = MAX_EGD_DATA;
|
||||
ret = put_entropy(fd, indata, len);
|
||||
if (ret != 1)
|
||||
break;
|
||||
indata = ((unsigned char *)indata) + len;
|
||||
size -= len;
|
||||
}
|
||||
close(fd);
|
||||
}
|
||||
|
||||
static int
|
||||
get_bytes(const char *path, unsigned char *outdata, int size)
|
||||
{
|
||||
size_t len;
|
||||
int fd, ret = 1;
|
||||
|
||||
if (path == NULL)
|
||||
path = egd_path;
|
||||
|
||||
fd = connect_egd(path);
|
||||
if (fd < 0)
|
||||
return 0;
|
||||
|
||||
while(size) {
|
||||
len = size;
|
||||
if (len > MAX_EGD_DATA)
|
||||
len = MAX_EGD_DATA;
|
||||
ret = get_entropy(fd, outdata, len);
|
||||
if (ret != 1)
|
||||
break;
|
||||
outdata += len;
|
||||
size -= len;
|
||||
}
|
||||
close(fd);
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
static int
|
||||
egd_bytes(unsigned char *outdata, int size)
|
||||
{
|
||||
return get_bytes(NULL, outdata, size);
|
||||
}
|
||||
|
||||
static void
|
||||
egd_cleanup(void)
|
||||
{
|
||||
}
|
||||
|
||||
static void
|
||||
egd_add(const void *indata, int size, double entropi)
|
||||
{
|
||||
egd_seed(indata, size);
|
||||
}
|
||||
|
||||
static int
|
||||
egd_pseudorand(unsigned char *outdata, int size)
|
||||
{
|
||||
return get_bytes(NULL, outdata, size);
|
||||
}
|
||||
|
||||
static int
|
||||
egd_status(void)
|
||||
{
|
||||
int fd;
|
||||
fd = connect_egd(egd_path);
|
||||
if (fd < 0)
|
||||
return 0;
|
||||
close(fd);
|
||||
return 1;
|
||||
}
|
||||
|
||||
const RAND_METHOD hc_rand_egd_method = {
|
||||
egd_seed,
|
||||
egd_bytes,
|
||||
egd_cleanup,
|
||||
egd_add,
|
||||
egd_pseudorand,
|
||||
egd_status
|
||||
};
|
||||
|
||||
const RAND_METHOD *
|
||||
RAND_egd_method(void)
|
||||
{
|
||||
return &hc_rand_egd_method;
|
||||
}
|
||||
|
||||
|
||||
int
|
||||
RAND_egd(const char *filename)
|
||||
{
|
||||
return RAND_egd_bytes(filename, 128);
|
||||
}
|
||||
|
||||
int
|
||||
RAND_egd_bytes(const char *filename, int size)
|
||||
{
|
||||
void *data;
|
||||
int ret;
|
||||
|
||||
if (size <= 0)
|
||||
return 0;
|
||||
|
||||
data = malloc(size);
|
||||
if (data == NULL)
|
||||
return 0;
|
||||
|
||||
ret = get_bytes(filename, data, size);
|
||||
if (ret != 1) {
|
||||
free(data);
|
||||
return ret;
|
||||
}
|
||||
|
||||
RAND_seed(data, size);
|
||||
|
||||
memset(data, 0, sizeof(data));
|
||||
free(data);
|
||||
|
||||
return 1;
|
||||
}
|
||||
@@ -0,0 +1,563 @@
|
||||
/*
|
||||
* fortuna.c
|
||||
* Fortuna-like PRNG.
|
||||
*
|
||||
* Copyright (c) 2005 Marko Kreen
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $PostgreSQL: pgsql/contrib/pgcrypto/fortuna.c,v 1.8 2006/10/04 00:29:46 momjian Exp $
|
||||
*/
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include <config.h>
|
||||
#endif
|
||||
|
||||
RCSID("$Id$");
|
||||
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <rand.h>
|
||||
|
||||
#include <roken.h>
|
||||
|
||||
#include "randi.h"
|
||||
#include "aes.h"
|
||||
#include "sha.h"
|
||||
|
||||
/*
|
||||
* Why Fortuna-like: There does not seem to be any definitive reference
|
||||
* on Fortuna in the net. Instead this implementation is based on
|
||||
* following references:
|
||||
*
|
||||
* http://en.wikipedia.org/wiki/Fortuna_(PRNG)
|
||||
* - Wikipedia article
|
||||
* http://jlcooke.ca/random/
|
||||
* - Jean-Luc Cooke Fortuna-based /dev/random driver for Linux.
|
||||
*/
|
||||
|
||||
/*
|
||||
* There is some confusion about whether and how to carry forward
|
||||
* the state of the pools. Seems like original Fortuna does not
|
||||
* do it, resetting hash after each request. I guess expecting
|
||||
* feeding to happen more often that requesting. This is absolutely
|
||||
* unsuitable for pgcrypto, as nothing asynchronous happens here.
|
||||
*
|
||||
* J.L. Cooke fixed this by feeding previous hash to new re-initialized
|
||||
* hash context.
|
||||
*
|
||||
* Fortuna predecessor Yarrow requires ability to query intermediate
|
||||
* 'final result' from hash, without affecting it.
|
||||
*
|
||||
* This implementation uses the Yarrow method - asking intermediate
|
||||
* results, but continuing with old state.
|
||||
*/
|
||||
|
||||
|
||||
/*
|
||||
* Algorithm parameters
|
||||
*/
|
||||
|
||||
#define NUM_POOLS 32
|
||||
|
||||
/* in microseconds */
|
||||
#define RESEED_INTERVAL 100000 /* 0.1 sec */
|
||||
|
||||
/* for one big request, reseed after this many bytes */
|
||||
#define RESEED_BYTES (1024*1024)
|
||||
|
||||
/*
|
||||
* Skip reseed if pool 0 has less than this many
|
||||
* bytes added since last reseed.
|
||||
*/
|
||||
#define POOL0_FILL (256/8)
|
||||
|
||||
/*
|
||||
* Algorithm constants
|
||||
*/
|
||||
|
||||
/* Both cipher key size and hash result size */
|
||||
#define BLOCK 32
|
||||
|
||||
/* cipher block size */
|
||||
#define CIPH_BLOCK 16
|
||||
|
||||
/* for internal wrappers */
|
||||
#define MD_CTX SHA256_CTX
|
||||
#define CIPH_CTX AES_KEY
|
||||
|
||||
struct fortuna_state
|
||||
{
|
||||
unsigned char counter[CIPH_BLOCK];
|
||||
unsigned char result[CIPH_BLOCK];
|
||||
unsigned char key[BLOCK];
|
||||
MD_CTX pool[NUM_POOLS];
|
||||
CIPH_CTX ciph;
|
||||
unsigned reseed_count;
|
||||
struct timeval last_reseed_time;
|
||||
unsigned pool0_bytes;
|
||||
unsigned rnd_pos;
|
||||
int tricks_done;
|
||||
};
|
||||
typedef struct fortuna_state FState;
|
||||
|
||||
|
||||
/*
|
||||
* Use our own wrappers here.
|
||||
* - Need to get intermediate result from digest, without affecting it.
|
||||
* - Need re-set key on a cipher context.
|
||||
* - Algorithms are guaranteed to exist.
|
||||
* - No memory allocations.
|
||||
*/
|
||||
|
||||
static void
|
||||
ciph_init(CIPH_CTX * ctx, const unsigned char *key, int klen)
|
||||
{
|
||||
AES_set_encrypt_key(key, klen * 8, ctx);
|
||||
}
|
||||
|
||||
static void
|
||||
ciph_encrypt(CIPH_CTX * ctx, const unsigned char *in, unsigned char *out)
|
||||
{
|
||||
AES_encrypt(in, out, ctx);
|
||||
}
|
||||
|
||||
static void
|
||||
md_init(MD_CTX * ctx)
|
||||
{
|
||||
SHA256_Init(ctx);
|
||||
}
|
||||
|
||||
static void
|
||||
md_update(MD_CTX * ctx, const unsigned char *data, int len)
|
||||
{
|
||||
SHA256_Update(ctx, data, len);
|
||||
}
|
||||
|
||||
static void
|
||||
md_result(MD_CTX * ctx, unsigned char *dst)
|
||||
{
|
||||
SHA256_CTX tmp;
|
||||
|
||||
memcpy(&tmp, ctx, sizeof(*ctx));
|
||||
SHA256_Final(dst, &tmp);
|
||||
memset(&tmp, 0, sizeof(tmp));
|
||||
}
|
||||
|
||||
/*
|
||||
* initialize state
|
||||
*/
|
||||
static void
|
||||
init_state(FState * st)
|
||||
{
|
||||
int i;
|
||||
|
||||
memset(st, 0, sizeof(*st));
|
||||
for (i = 0; i < NUM_POOLS; i++)
|
||||
md_init(&st->pool[i]);
|
||||
}
|
||||
|
||||
/*
|
||||
* Endianess does not matter.
|
||||
* It just needs to change without repeating.
|
||||
*/
|
||||
static void
|
||||
inc_counter(FState * st)
|
||||
{
|
||||
uint32_t *val = (uint32_t *) st->counter;
|
||||
|
||||
if (++val[0])
|
||||
return;
|
||||
if (++val[1])
|
||||
return;
|
||||
if (++val[2])
|
||||
return;
|
||||
++val[3];
|
||||
}
|
||||
|
||||
/*
|
||||
* This is called 'cipher in counter mode'.
|
||||
*/
|
||||
static void
|
||||
encrypt_counter(FState * st, unsigned char *dst)
|
||||
{
|
||||
ciph_encrypt(&st->ciph, st->counter, dst);
|
||||
inc_counter(st);
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* The time between reseed must be at least RESEED_INTERVAL
|
||||
* microseconds.
|
||||
*/
|
||||
static int
|
||||
enough_time_passed(FState * st)
|
||||
{
|
||||
int ok;
|
||||
struct timeval tv;
|
||||
struct timeval *last = &st->last_reseed_time;
|
||||
|
||||
gettimeofday(&tv, NULL);
|
||||
|
||||
/* check how much time has passed */
|
||||
ok = 0;
|
||||
if (tv.tv_sec > last->tv_sec + 1)
|
||||
ok = 1;
|
||||
else if (tv.tv_sec == last->tv_sec + 1)
|
||||
{
|
||||
if (1000000 + tv.tv_usec - last->tv_usec >= RESEED_INTERVAL)
|
||||
ok = 1;
|
||||
}
|
||||
else if (tv.tv_usec - last->tv_usec >= RESEED_INTERVAL)
|
||||
ok = 1;
|
||||
|
||||
/* reseed will happen, update last_reseed_time */
|
||||
if (ok)
|
||||
memcpy(last, &tv, sizeof(tv));
|
||||
|
||||
memset(&tv, 0, sizeof(tv));
|
||||
|
||||
return ok;
|
||||
}
|
||||
|
||||
/*
|
||||
* generate new key from all the pools
|
||||
*/
|
||||
static void
|
||||
reseed(FState * st)
|
||||
{
|
||||
unsigned k;
|
||||
unsigned n;
|
||||
MD_CTX key_md;
|
||||
unsigned char buf[BLOCK];
|
||||
|
||||
/* set pool as empty */
|
||||
st->pool0_bytes = 0;
|
||||
|
||||
/*
|
||||
* Both #0 and #1 reseed would use only pool 0. Just skip #0 then.
|
||||
*/
|
||||
n = ++st->reseed_count;
|
||||
|
||||
/*
|
||||
* The goal: use k-th pool only 1/(2^k) of the time.
|
||||
*/
|
||||
md_init(&key_md);
|
||||
for (k = 0; k < NUM_POOLS; k++)
|
||||
{
|
||||
md_result(&st->pool[k], buf);
|
||||
md_update(&key_md, buf, BLOCK);
|
||||
|
||||
if (n & 1 || !n)
|
||||
break;
|
||||
n >>= 1;
|
||||
}
|
||||
|
||||
/* add old key into mix too */
|
||||
md_update(&key_md, st->key, BLOCK);
|
||||
|
||||
/* now we have new key */
|
||||
md_result(&key_md, st->key);
|
||||
|
||||
/* use new key */
|
||||
ciph_init(&st->ciph, st->key, BLOCK);
|
||||
|
||||
memset(&key_md, 0, sizeof(key_md));
|
||||
memset(buf, 0, BLOCK);
|
||||
}
|
||||
|
||||
/*
|
||||
* Pick a random pool. This uses key bytes as random source.
|
||||
*/
|
||||
static unsigned
|
||||
get_rand_pool(FState * st)
|
||||
{
|
||||
unsigned rnd;
|
||||
|
||||
/*
|
||||
* This slightly prefers lower pools - thats OK.
|
||||
*/
|
||||
rnd = st->key[st->rnd_pos] % NUM_POOLS;
|
||||
|
||||
st->rnd_pos++;
|
||||
if (st->rnd_pos >= BLOCK)
|
||||
st->rnd_pos = 0;
|
||||
|
||||
return rnd;
|
||||
}
|
||||
|
||||
/*
|
||||
* update pools
|
||||
*/
|
||||
static void
|
||||
add_entropy(FState * st, const unsigned char *data, unsigned len)
|
||||
{
|
||||
unsigned pos;
|
||||
unsigned char hash[BLOCK];
|
||||
MD_CTX md;
|
||||
|
||||
/* hash given data */
|
||||
md_init(&md);
|
||||
md_update(&md, data, len);
|
||||
md_result(&md, hash);
|
||||
|
||||
/*
|
||||
* Make sure the pool 0 is initialized, then update randomly.
|
||||
*/
|
||||
if (st->reseed_count == 0)
|
||||
pos = 0;
|
||||
else
|
||||
pos = get_rand_pool(st);
|
||||
md_update(&st->pool[pos], hash, BLOCK);
|
||||
|
||||
if (pos == 0)
|
||||
st->pool0_bytes += len;
|
||||
|
||||
memset(hash, 0, BLOCK);
|
||||
memset(&md, 0, sizeof(md));
|
||||
}
|
||||
|
||||
/*
|
||||
* Just take 2 next blocks as new key
|
||||
*/
|
||||
static void
|
||||
rekey(FState * st)
|
||||
{
|
||||
encrypt_counter(st, st->key);
|
||||
encrypt_counter(st, st->key + CIPH_BLOCK);
|
||||
ciph_init(&st->ciph, st->key, BLOCK);
|
||||
}
|
||||
|
||||
/*
|
||||
* Hide public constants. (counter, pools > 0)
|
||||
*
|
||||
* This can also be viewed as spreading the startup
|
||||
* entropy over all of the components.
|
||||
*/
|
||||
static void
|
||||
startup_tricks(FState * st)
|
||||
{
|
||||
int i;
|
||||
unsigned char buf[BLOCK];
|
||||
|
||||
/* Use next block as counter. */
|
||||
encrypt_counter(st, st->counter);
|
||||
|
||||
/* Now shuffle pools, excluding #0 */
|
||||
for (i = 1; i < NUM_POOLS; i++)
|
||||
{
|
||||
encrypt_counter(st, buf);
|
||||
encrypt_counter(st, buf + CIPH_BLOCK);
|
||||
md_update(&st->pool[i], buf, BLOCK);
|
||||
}
|
||||
memset(buf, 0, BLOCK);
|
||||
|
||||
/* Hide the key. */
|
||||
rekey(st);
|
||||
|
||||
/* This can be done only once. */
|
||||
st->tricks_done = 1;
|
||||
}
|
||||
|
||||
static void
|
||||
extract_data(FState * st, unsigned count, unsigned char *dst)
|
||||
{
|
||||
unsigned n;
|
||||
unsigned block_nr = 0;
|
||||
|
||||
/* Should we reseed? */
|
||||
if (st->pool0_bytes >= POOL0_FILL || st->reseed_count == 0)
|
||||
if (enough_time_passed(st))
|
||||
reseed(st);
|
||||
|
||||
/* Do some randomization on first call */
|
||||
if (!st->tricks_done)
|
||||
startup_tricks(st);
|
||||
|
||||
while (count > 0)
|
||||
{
|
||||
/* produce bytes */
|
||||
encrypt_counter(st, st->result);
|
||||
|
||||
/* copy result */
|
||||
if (count > CIPH_BLOCK)
|
||||
n = CIPH_BLOCK;
|
||||
else
|
||||
n = count;
|
||||
memcpy(dst, st->result, n);
|
||||
dst += n;
|
||||
count -= n;
|
||||
|
||||
/* must not give out too many bytes with one key */
|
||||
block_nr++;
|
||||
if (block_nr > (RESEED_BYTES / CIPH_BLOCK))
|
||||
{
|
||||
rekey(st);
|
||||
block_nr = 0;
|
||||
}
|
||||
}
|
||||
/* Set new key for next request. */
|
||||
rekey(st);
|
||||
}
|
||||
|
||||
/*
|
||||
* public interface
|
||||
*/
|
||||
|
||||
static FState main_state;
|
||||
static int init_done;
|
||||
static int have_entropy;
|
||||
|
||||
/*
|
||||
* Try our best to do an inital seed
|
||||
*/
|
||||
#define INIT_BYTES 128
|
||||
|
||||
static int
|
||||
fortuna_reseed(void)
|
||||
{
|
||||
int entropy_p = 0;
|
||||
|
||||
if (!init_done)
|
||||
abort();
|
||||
|
||||
{
|
||||
unsigned char buf[INIT_BYTES];
|
||||
if ((*hc_rand_unix_method.bytes)(buf, sizeof(buf)) == 1) {
|
||||
add_entropy(&main_state, buf, sizeof(buf));
|
||||
entropy_p = 1;
|
||||
memset(buf, 0, sizeof(buf));
|
||||
}
|
||||
}
|
||||
#ifdef HAVE_ARC4RANDOM
|
||||
{
|
||||
uint32_t buf[INIT_BYTES / sizeof(uint32_t)];
|
||||
int i;
|
||||
|
||||
for (i = 0; i < sizeof(buf)/sizeof(buf[0]); i++)
|
||||
buf[i] = arc4random();
|
||||
add_entropy(&main_state, (void *)buf, sizeof(buf));
|
||||
entropy_p = 1;
|
||||
}
|
||||
#endif
|
||||
/*
|
||||
* Only to get egd entropy if /dev/random or arc4rand failed since
|
||||
* it can be horribly slow to generate new bits.
|
||||
*/
|
||||
if (!entropy_p) {
|
||||
unsigned char buf[INIT_BYTES];
|
||||
if ((*hc_rand_egd_method.bytes)(buf, sizeof(buf)) == 1) {
|
||||
add_entropy(&main_state, buf, sizeof(buf));
|
||||
entropy_p = 1;
|
||||
memset(buf, 0, sizeof(buf));
|
||||
}
|
||||
}
|
||||
{
|
||||
pid_t pid = getpid();
|
||||
add_entropy(&main_state, (void *)&pid, sizeof(pid));
|
||||
}
|
||||
{
|
||||
struct timeval tv;
|
||||
gettimeofday(&tv, NULL);
|
||||
add_entropy(&main_state, (void *)&tv, sizeof(tv));
|
||||
}
|
||||
{
|
||||
uid_t u = getuid();
|
||||
add_entropy(&main_state, (void *)&u, sizeof(u));
|
||||
}
|
||||
return entropy_p;
|
||||
}
|
||||
|
||||
static int
|
||||
fortuna_init(void)
|
||||
{
|
||||
if (!init_done)
|
||||
{
|
||||
init_state(&main_state);
|
||||
init_done = 1;
|
||||
}
|
||||
if (!have_entropy)
|
||||
have_entropy = fortuna_reseed();
|
||||
return (init_done && have_entropy);
|
||||
}
|
||||
|
||||
|
||||
|
||||
static void
|
||||
fortuna_seed(const void *indata, int size)
|
||||
{
|
||||
fortuna_init();
|
||||
add_entropy(&main_state, indata, size);
|
||||
if (size >= INIT_BYTES)
|
||||
have_entropy = 1;
|
||||
}
|
||||
|
||||
static int
|
||||
fortuna_bytes(unsigned char *outdata, int size)
|
||||
{
|
||||
if (!fortuna_init())
|
||||
return 0;
|
||||
extract_data(&main_state, size, outdata);
|
||||
return 1;
|
||||
}
|
||||
|
||||
static void
|
||||
fortuna_cleanup(void)
|
||||
{
|
||||
init_done = 0;
|
||||
have_entropy = 0;
|
||||
memset(&main_state, 0, sizeof(main_state));
|
||||
}
|
||||
|
||||
static void
|
||||
fortuna_add(const void *indata, int size, double entropi)
|
||||
{
|
||||
fortuna_seed(indata, size);
|
||||
}
|
||||
|
||||
static int
|
||||
fortuna_pseudorand(unsigned char *outdata, int size)
|
||||
{
|
||||
return fortuna_bytes(outdata, size);
|
||||
}
|
||||
|
||||
static int
|
||||
fortuna_status(void)
|
||||
{
|
||||
return fortuna_init() ? 1 : 0;
|
||||
}
|
||||
|
||||
const RAND_METHOD hc_rand_fortuna_method = {
|
||||
fortuna_seed,
|
||||
fortuna_bytes,
|
||||
fortuna_cleanup,
|
||||
fortuna_add,
|
||||
fortuna_pseudorand,
|
||||
fortuna_status
|
||||
};
|
||||
|
||||
const RAND_METHOD *
|
||||
RAND_fortuna_method(void)
|
||||
{
|
||||
return &hc_rand_fortuna_method;
|
||||
}
|
||||
@@ -0,0 +1,161 @@
|
||||
/*
|
||||
* Copyright (c) 2006 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include <config.h>
|
||||
#endif
|
||||
|
||||
RCSID("$Id$");
|
||||
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <rand.h>
|
||||
|
||||
#include <roken.h>
|
||||
|
||||
#include "randi.h"
|
||||
|
||||
/*
|
||||
* Unix /dev/random
|
||||
*/
|
||||
|
||||
static int
|
||||
get_device_fd(int flags)
|
||||
{
|
||||
static const char *rnd_devices[] = {
|
||||
"/dev/urandom",
|
||||
"/dev/random",
|
||||
"/dev/srandom",
|
||||
"/dev/arandom",
|
||||
NULL
|
||||
};
|
||||
const char **p;
|
||||
|
||||
for(p = rnd_devices; *p; p++) {
|
||||
int fd = open(*p, flags | O_NDELAY);
|
||||
if(fd >= 0)
|
||||
return fd;
|
||||
}
|
||||
return -1;
|
||||
}
|
||||
|
||||
static void
|
||||
unix_seed(const void *indata, int size)
|
||||
{
|
||||
int fd;
|
||||
|
||||
if (size <= 0)
|
||||
return;
|
||||
|
||||
fd = get_device_fd(O_WRONLY);
|
||||
if (fd < 0)
|
||||
return;
|
||||
|
||||
write(fd, indata, size);
|
||||
close(fd);
|
||||
|
||||
}
|
||||
|
||||
static int
|
||||
unix_bytes(unsigned char *outdata, int size)
|
||||
{
|
||||
ssize_t count;
|
||||
int fd;
|
||||
|
||||
if (size <= 0)
|
||||
return 0;
|
||||
|
||||
fd = get_device_fd(O_RDONLY);
|
||||
if (fd < 0)
|
||||
return 0;
|
||||
|
||||
while (size > 0) {
|
||||
count = read (fd, outdata, size);
|
||||
if (count < 0 && errno == EINTR)
|
||||
continue;
|
||||
else if (count <= 0) {
|
||||
close(fd);
|
||||
return 0;
|
||||
}
|
||||
outdata += count;
|
||||
size -= count;
|
||||
}
|
||||
close(fd);
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
static void
|
||||
unix_cleanup(void)
|
||||
{
|
||||
}
|
||||
|
||||
static void
|
||||
unix_add(const void *indata, int size, double entropi)
|
||||
{
|
||||
unix_seed(indata, size);
|
||||
}
|
||||
|
||||
static int
|
||||
unix_pseudorand(unsigned char *outdata, int size)
|
||||
{
|
||||
return unix_bytes(outdata, size);
|
||||
}
|
||||
|
||||
static int
|
||||
unix_status(void)
|
||||
{
|
||||
int fd;
|
||||
|
||||
fd = get_device_fd(O_RDONLY);
|
||||
if (fd < 0)
|
||||
return 0;
|
||||
close(fd);
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
const RAND_METHOD hc_rand_unix_method = {
|
||||
unix_seed,
|
||||
unix_bytes,
|
||||
unix_cleanup,
|
||||
unix_add,
|
||||
unix_pseudorand,
|
||||
unix_status
|
||||
};
|
||||
|
||||
const RAND_METHOD *
|
||||
RAND_unix_method(void)
|
||||
{
|
||||
return &hc_rand_unix_method;
|
||||
}
|
||||
@@ -0,0 +1,215 @@
|
||||
/*
|
||||
* Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include <config.h>
|
||||
#endif
|
||||
|
||||
RCSID("$Id$");
|
||||
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <rand.h>
|
||||
#include <randi.h>
|
||||
|
||||
#include <roken.h>
|
||||
|
||||
#ifndef O_BINARY
|
||||
#define O_BINARY 0
|
||||
#endif
|
||||
|
||||
|
||||
const static RAND_METHOD *selected_meth = NULL;
|
||||
|
||||
static void
|
||||
init_method(void)
|
||||
{
|
||||
if (selected_meth != NULL)
|
||||
return;
|
||||
|
||||
if ((*hc_rand_unix_method.status)() == 1)
|
||||
selected_meth = &hc_rand_unix_method;
|
||||
else
|
||||
selected_meth = &hc_rand_fortuna_method;
|
||||
}
|
||||
|
||||
void
|
||||
RAND_seed(const void *indata, size_t size)
|
||||
{
|
||||
init_method();
|
||||
(*selected_meth->seed)(indata, size);
|
||||
}
|
||||
|
||||
int
|
||||
RAND_bytes(void *outdata, size_t size)
|
||||
{
|
||||
init_method();
|
||||
return (*selected_meth->bytes)(outdata, size);
|
||||
}
|
||||
|
||||
void
|
||||
RAND_cleanup(void)
|
||||
{
|
||||
init_method();
|
||||
(*selected_meth->cleanup)();
|
||||
}
|
||||
|
||||
void
|
||||
RAND_add(const void *indata, size_t size, double entropi)
|
||||
{
|
||||
init_method();
|
||||
(*selected_meth->add)(indata, size, entropi);
|
||||
}
|
||||
|
||||
int
|
||||
RAND_pseudo_bytes(void *outdata, size_t size)
|
||||
{
|
||||
init_method();
|
||||
return (*selected_meth->pseudorand)(outdata, size);
|
||||
}
|
||||
|
||||
int
|
||||
RAND_status(void)
|
||||
{
|
||||
init_method();
|
||||
return (*selected_meth->status)();
|
||||
}
|
||||
|
||||
int
|
||||
RAND_set_rand_method(const RAND_METHOD *meth)
|
||||
{
|
||||
selected_meth = meth;
|
||||
return 1;
|
||||
}
|
||||
|
||||
const RAND_METHOD *
|
||||
RAND_get_rand_method(void)
|
||||
{
|
||||
return selected_meth;
|
||||
}
|
||||
|
||||
int
|
||||
RAND_set_rand_engine(ENGINE *engine)
|
||||
{
|
||||
return 1;
|
||||
}
|
||||
|
||||
#define RAND_FILE_SIZE 1024
|
||||
|
||||
int
|
||||
RAND_load_file(const char *filename, size_t size)
|
||||
{
|
||||
unsigned char buf[128];
|
||||
size_t len;
|
||||
ssize_t slen;
|
||||
int fd;
|
||||
|
||||
fd = open(filename, O_RDONLY | O_BINARY, 0600);
|
||||
if (fd < 0)
|
||||
return 0;
|
||||
|
||||
len = 0;
|
||||
while(len < size) {
|
||||
slen = read(fd, buf, sizeof(buf));
|
||||
if (slen <= 0)
|
||||
break;
|
||||
RAND_seed(buf, slen);
|
||||
len += slen;
|
||||
}
|
||||
close(fd);
|
||||
|
||||
return len ? 1 : 0;
|
||||
}
|
||||
|
||||
int
|
||||
RAND_write_file(const char *filename)
|
||||
{
|
||||
unsigned char buf[128];
|
||||
size_t len;
|
||||
int res = 0, fd;
|
||||
|
||||
fd = open(filename, O_WRONLY | O_CREAT | O_BINARY, 0600);
|
||||
if (fd < 0)
|
||||
return 0;
|
||||
|
||||
len = 0;
|
||||
while(len < RAND_FILE_SIZE) {
|
||||
res = RAND_bytes(buf, sizeof(buf));
|
||||
if (res != 1)
|
||||
break;
|
||||
if (write(fd, buf, sizeof(buf)) != sizeof(buf)) {
|
||||
res = 0;
|
||||
break;
|
||||
}
|
||||
len += sizeof(buf);
|
||||
}
|
||||
|
||||
close(fd);
|
||||
|
||||
return res;
|
||||
}
|
||||
|
||||
const char *
|
||||
RAND_file_name(char *filename, size_t size)
|
||||
{
|
||||
const char *e = NULL;
|
||||
int pathp = 0, ret;
|
||||
|
||||
if (!issuid()) {
|
||||
e = getenv("RANDFILE");
|
||||
if (e == NULL) {
|
||||
e = getenv("HOME");
|
||||
if (e)
|
||||
pathp = 1;
|
||||
}
|
||||
}
|
||||
if (e == NULL) {
|
||||
struct passwd *pw = getpwuid(getuid());
|
||||
if (pw) {
|
||||
e = pw->pw_dir;
|
||||
pathp = 1;
|
||||
}
|
||||
}
|
||||
if (e == NULL)
|
||||
return NULL;
|
||||
|
||||
if (pathp)
|
||||
ret = snprintf(filename, size, "%s/.rnd", e);
|
||||
else
|
||||
ret = snprintf(filename, size, "%s", e);
|
||||
|
||||
if (ret <= 0 || ret >= size)
|
||||
return NULL;
|
||||
|
||||
return filename;
|
||||
}
|
||||
@@ -0,0 +1,108 @@
|
||||
|
||||
/*
|
||||
* Copyright (c) 2006 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
/*
|
||||
* $Id$
|
||||
*/
|
||||
|
||||
#ifndef _HEIM_RAND_H
|
||||
#define _HEIM_RAND_H 1
|
||||
|
||||
typedef struct RAND_METHOD RAND_METHOD;
|
||||
|
||||
#include <hcrypto/bn.h>
|
||||
#include <hcrypto/engine.h>
|
||||
|
||||
/* symbol renaming */
|
||||
#define RAND_bytes hc_RAND_bytes
|
||||
#define RAND_pseudo_bytes hc_RAND_pseudo_bytes
|
||||
#define RAND_seed hc_RAND_seed
|
||||
#define RAND_cleanup hc_RAND_cleanup
|
||||
#define RAND_add hc_RAND_add
|
||||
#define RAND_set_rand_method hc_RAND_set_rand_method
|
||||
#define RAND_get_rand_method hc_RAND_get_rand_method
|
||||
#define RAND_set_rand_engine hc_RAND_set_rand_engine
|
||||
#define RAND_file_name hc_RAND_file_name
|
||||
#define RAND_load_file hc_RAND_load_file
|
||||
#define RAND_write_file hc_RAND_write_file
|
||||
#define RAND_status hc_RAND_status
|
||||
#define RAND_egd hc_RAND_egd
|
||||
#define RAND_egd_bytes hc_RAND_egd_bytes
|
||||
#define RAND_fortuna_method hc_RAND_fortuna_method
|
||||
#define RAND_egd_method hc_RAND_egd_method
|
||||
#define RAND_unix_method hc_RAND_unix_method
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
struct RAND_METHOD
|
||||
{
|
||||
void (*seed)(const void *, int);
|
||||
int (*bytes)(unsigned char *, int);
|
||||
void (*cleanup)(void);
|
||||
void (*add)(const void *, int, double);
|
||||
int (*pseudorand)(unsigned char *, int);
|
||||
int (*status)(void);
|
||||
};
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
int RAND_bytes(void *, size_t num);
|
||||
int RAND_pseudo_bytes(void *, size_t);
|
||||
void RAND_seed(const void *, size_t);
|
||||
void RAND_cleanup(void);
|
||||
void RAND_add(const void *, size_t, double);
|
||||
|
||||
int RAND_set_rand_method(const RAND_METHOD *);
|
||||
const RAND_METHOD *
|
||||
RAND_get_rand_method(void);
|
||||
int RAND_set_rand_engine(ENGINE *);
|
||||
|
||||
const char *
|
||||
RAND_file_name(char *, size_t);
|
||||
int RAND_load_file(const char *, size_t);
|
||||
int RAND_write_file(const char *);
|
||||
int RAND_status(void);
|
||||
int RAND_egd(const char *);
|
||||
int RAND_egd_bytes(const char *, int);
|
||||
|
||||
|
||||
const RAND_METHOD * RAND_fortuna_method(void);
|
||||
const RAND_METHOD * RAND_unix_method(void);
|
||||
const RAND_METHOD * RAND_egd_method(void);
|
||||
|
||||
#endif /* _HEIM_RAND_H */
|
||||
@@ -0,0 +1,45 @@
|
||||
/*
|
||||
* Copyright (c) 2007 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
/*
|
||||
* $Id$
|
||||
*/
|
||||
|
||||
#ifndef _HEIM_RANDI_H
|
||||
#define _HEIM_RANDI_H 1
|
||||
|
||||
extern const RAND_METHOD hc_rand_fortuna_method;
|
||||
extern const RAND_METHOD hc_rand_unix_method;
|
||||
extern const RAND_METHOD hc_rand_egd_method;
|
||||
|
||||
#endif /* _HEIM_RANDI_H */
|
||||
@@ -0,0 +1,245 @@
|
||||
/*
|
||||
* Copyright (c) 2004 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include <config.h>
|
||||
RCSID("$Id$");
|
||||
#endif
|
||||
|
||||
#include "rc2.h"
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
|
||||
/*
|
||||
* Implemented from Peter Gutmann's "Specification for Ron Rivests Cipher No.2"
|
||||
* rfc2268 and "On the Design and Security of RC2" was also useful.
|
||||
*/
|
||||
|
||||
static unsigned int Sbox[256] = {
|
||||
0xd9, 0x78, 0xf9, 0xc4, 0x19, 0xdd, 0xb5, 0xed,
|
||||
0x28, 0xe9, 0xfd, 0x79, 0x4a, 0xa0, 0xd8, 0x9d,
|
||||
0xc6, 0x7e, 0x37, 0x83, 0x2b, 0x76, 0x53, 0x8e,
|
||||
0x62, 0x4c, 0x64, 0x88, 0x44, 0x8b, 0xfb, 0xa2,
|
||||
0x17, 0x9a, 0x59, 0xf5, 0x87, 0xb3, 0x4f, 0x13,
|
||||
0x61, 0x45, 0x6d, 0x8d, 0x09, 0x81, 0x7d, 0x32,
|
||||
0xbd, 0x8f, 0x40, 0xeb, 0x86, 0xb7, 0x7b, 0x0b,
|
||||
0xf0, 0x95, 0x21, 0x22, 0x5c, 0x6b, 0x4e, 0x82,
|
||||
0x54, 0xd6, 0x65, 0x93, 0xce, 0x60, 0xb2, 0x1c,
|
||||
0x73, 0x56, 0xc0, 0x14, 0xa7, 0x8c, 0xf1, 0xdc,
|
||||
0x12, 0x75, 0xca, 0x1f, 0x3b, 0xbe, 0xe4, 0xd1,
|
||||
0x42, 0x3d, 0xd4, 0x30, 0xa3, 0x3c, 0xb6, 0x26,
|
||||
0x6f, 0xbf, 0x0e, 0xda, 0x46, 0x69, 0x07, 0x57,
|
||||
0x27, 0xf2, 0x1d, 0x9b, 0xbc, 0x94, 0x43, 0x03,
|
||||
0xf8, 0x11, 0xc7, 0xf6, 0x90, 0xef, 0x3e, 0xe7,
|
||||
0x06, 0xc3, 0xd5, 0x2f, 0xc8, 0x66, 0x1e, 0xd7,
|
||||
0x08, 0xe8, 0xea, 0xde, 0x80, 0x52, 0xee, 0xf7,
|
||||
0x84, 0xaa, 0x72, 0xac, 0x35, 0x4d, 0x6a, 0x2a,
|
||||
0x96, 0x1a, 0xd2, 0x71, 0x5a, 0x15, 0x49, 0x74,
|
||||
0x4b, 0x9f, 0xd0, 0x5e, 0x04, 0x18, 0xa4, 0xec,
|
||||
0xc2, 0xe0, 0x41, 0x6e, 0x0f, 0x51, 0xcb, 0xcc,
|
||||
0x24, 0x91, 0xaf, 0x50, 0xa1, 0xf4, 0x70, 0x39,
|
||||
0x99, 0x7c, 0x3a, 0x85, 0x23, 0xb8, 0xb4, 0x7a,
|
||||
0xfc, 0x02, 0x36, 0x5b, 0x25, 0x55, 0x97, 0x31,
|
||||
0x2d, 0x5d, 0xfa, 0x98, 0xe3, 0x8a, 0x92, 0xae,
|
||||
0x05, 0xdf, 0x29, 0x10, 0x67, 0x6c, 0xba, 0xc9,
|
||||
0xd3, 0x00, 0xe6, 0xcf, 0xe1, 0x9e, 0xa8, 0x2c,
|
||||
0x63, 0x16, 0x01, 0x3f, 0x58, 0xe2, 0x89, 0xa9,
|
||||
0x0d, 0x38, 0x34, 0x1b, 0xab, 0x33, 0xff, 0xb0,
|
||||
0xbb, 0x48, 0x0c, 0x5f, 0xb9, 0xb1, 0xcd, 0x2e,
|
||||
0xc5, 0xf3, 0xdb, 0x47, 0xe5, 0xa5, 0x9c, 0x77,
|
||||
0x0a, 0xa6, 0x20, 0x68, 0xfe, 0x7f, 0xc1, 0xad
|
||||
};
|
||||
|
||||
void
|
||||
RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits)
|
||||
{
|
||||
unsigned char k[128];
|
||||
int j, T8, TM;
|
||||
|
||||
if (len <= 0)
|
||||
abort();
|
||||
if (len > 128)
|
||||
len = 128;
|
||||
if (bits <= 0 || bits > 1024)
|
||||
bits = 1024;
|
||||
|
||||
for (j = 0; j < len; j++)
|
||||
k[j] = data[j];
|
||||
for (; j < 128; j++)
|
||||
k[j] = Sbox[(k[j - len] + k[j - 1]) & 0xff];
|
||||
|
||||
T8 = (bits + 7) / 8;
|
||||
j = (8*T8 - bits);
|
||||
TM = 0xff >> j;
|
||||
|
||||
k[128 - T8] = Sbox[k[128 - T8] & TM];
|
||||
|
||||
for (j = 127 - T8; j >= 0; j--)
|
||||
k[j] = Sbox[k[j + 1] ^ k[j + T8]];
|
||||
|
||||
for (j = 0; j < 64; j++)
|
||||
key->data[j] = k[(j * 2) + 0] | (k[(j * 2) + 1] << 8);
|
||||
memset(k, 0, sizeof(k));
|
||||
}
|
||||
|
||||
#define ROT16L(w,n) ((w<<n)|(w>>(16-n)))
|
||||
#define ROT16R(w,n) ((w>>n)|(w<<(16-n)))
|
||||
|
||||
void
|
||||
RC2_encryptc(unsigned char *in, unsigned char *out, const RC2_KEY *key)
|
||||
{
|
||||
int i, j;
|
||||
int w0, w1, w2, w3;
|
||||
int t0, t1, t2, t3;
|
||||
|
||||
w0 = in[0] | (in[1] << 8);
|
||||
w1 = in[2] | (in[3] << 8);
|
||||
w2 = in[4] | (in[5] << 8);
|
||||
w3 = in[6] | (in[7] << 8);
|
||||
|
||||
for (i = 0; i < 16; i++) {
|
||||
j = i * 4;
|
||||
t0 = (w0 + (w1 & ~w3) + (w2 & w3) + key->data[j + 0]) & 0xffff;
|
||||
w0 = ROT16L(t0, 1);
|
||||
t1 = (w1 + (w2 & ~w0) + (w3 & w0) + key->data[j + 1]) & 0xffff;
|
||||
w1 = ROT16L(t1, 2);
|
||||
t2 = (w2 + (w3 & ~w1) + (w0 & w1) + key->data[j + 2]) & 0xffff;
|
||||
w2 = ROT16L(t2, 3);
|
||||
t3 = (w3 + (w0 & ~w2) + (w1 & w2) + key->data[j + 3]) & 0xffff;
|
||||
w3 = ROT16L(t3, 5);
|
||||
if(i == 4 || i == 10) {
|
||||
w0 += key->data[w3 & 63];
|
||||
w1 += key->data[w0 & 63];
|
||||
w2 += key->data[w1 & 63];
|
||||
w3 += key->data[w2 & 63];
|
||||
}
|
||||
}
|
||||
|
||||
out[0] = w0 & 0xff;
|
||||
out[1] = (w0 >> 8) & 0xff;
|
||||
out[2] = w1 & 0xff;
|
||||
out[3] = (w1 >> 8) & 0xff;
|
||||
out[4] = w2 & 0xff;
|
||||
out[5] = (w2 >> 8) & 0xff;
|
||||
out[6] = w3 & 0xff;
|
||||
out[7] = (w3 >> 8) & 0xff;
|
||||
}
|
||||
|
||||
void
|
||||
RC2_decryptc(unsigned char *in, unsigned char *out, const RC2_KEY *key)
|
||||
{
|
||||
int i, j;
|
||||
int w0, w1, w2, w3;
|
||||
int t0, t1, t2, t3;
|
||||
|
||||
w0 = in[0] | (in[1] << 8);
|
||||
w1 = in[2] | (in[3] << 8);
|
||||
w2 = in[4] | (in[5] << 8);
|
||||
w3 = in[6] | (in[7] << 8);
|
||||
|
||||
for (i = 15; i >= 0; i--) {
|
||||
j = i * 4;
|
||||
|
||||
if(i == 4 || i == 10) {
|
||||
w3 = (w3 - key->data[w2 & 63]) & 0xffff;
|
||||
w2 = (w2 - key->data[w1 & 63]) & 0xffff;
|
||||
w1 = (w1 - key->data[w0 & 63]) & 0xffff;
|
||||
w0 = (w0 - key->data[w3 & 63]) & 0xffff;
|
||||
}
|
||||
|
||||
t3 = ROT16R(w3, 5);
|
||||
w3 = (t3 - (w0 & ~w2) - (w1 & w2) - key->data[j + 3]) & 0xffff;
|
||||
t2 = ROT16R(w2, 3);
|
||||
w2 = (t2 - (w3 & ~w1) - (w0 & w1) - key->data[j + 2]) & 0xffff;
|
||||
t1 = ROT16R(w1, 2);
|
||||
w1 = (t1 - (w2 & ~w0) - (w3 & w0) - key->data[j + 1]) & 0xffff;
|
||||
t0 = ROT16R(w0, 1);
|
||||
w0 = (t0 - (w1 & ~w3) - (w2 & w3) - key->data[j + 0]) & 0xffff;
|
||||
|
||||
}
|
||||
out[0] = w0 & 0xff;
|
||||
out[1] = (w0 >> 8) & 0xff;
|
||||
out[2] = w1 & 0xff;
|
||||
out[3] = (w1 >> 8) & 0xff;
|
||||
out[4] = w2 & 0xff;
|
||||
out[5] = (w2 >> 8) & 0xff;
|
||||
out[6] = w3 & 0xff;
|
||||
out[7] = (w3 >> 8) & 0xff;
|
||||
}
|
||||
|
||||
void
|
||||
RC2_cbc_encrypt(const unsigned char *in, unsigned char *out, long size,
|
||||
RC2_KEY *key, unsigned char *iv, int forward_encrypt)
|
||||
{
|
||||
unsigned char tmp[RC2_BLOCK_SIZE];
|
||||
int i;
|
||||
|
||||
if (forward_encrypt) {
|
||||
while (size >= RC2_BLOCK_SIZE) {
|
||||
for (i = 0; i < RC2_BLOCK_SIZE; i++)
|
||||
tmp[i] = in[i] ^ iv[i];
|
||||
RC2_encryptc(tmp, out, key);
|
||||
memcpy(iv, out, RC2_BLOCK_SIZE);
|
||||
size -= RC2_BLOCK_SIZE;
|
||||
in += RC2_BLOCK_SIZE;
|
||||
out += RC2_BLOCK_SIZE;
|
||||
}
|
||||
if (size) {
|
||||
for (i = 0; i < size; i++)
|
||||
tmp[i] = in[i] ^ iv[i];
|
||||
for (i = size; i < RC2_BLOCK_SIZE; i++)
|
||||
tmp[i] = iv[i];
|
||||
RC2_encryptc(tmp, out, key);
|
||||
memcpy(iv, out, RC2_BLOCK_SIZE);
|
||||
}
|
||||
} else {
|
||||
while (size >= RC2_BLOCK_SIZE) {
|
||||
memcpy(tmp, in, RC2_BLOCK_SIZE);
|
||||
RC2_decryptc(tmp, out, key);
|
||||
for (i = 0; i < RC2_BLOCK_SIZE; i++)
|
||||
out[i] ^= iv[i];
|
||||
memcpy(iv, tmp, RC2_BLOCK_SIZE);
|
||||
size -= RC2_BLOCK_SIZE;
|
||||
in += RC2_BLOCK_SIZE;
|
||||
out += RC2_BLOCK_SIZE;
|
||||
}
|
||||
if (size) {
|
||||
memcpy(tmp, in, RC2_BLOCK_SIZE);
|
||||
RC2_decryptc(tmp, out, key);
|
||||
for (i = 0; i < size; i++)
|
||||
out[i] ^= iv[i];
|
||||
memcpy(iv, tmp, RC2_BLOCK_SIZE);
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,71 @@
|
||||
/*
|
||||
* Copyright (c) 2004 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
/* $Id$ */
|
||||
|
||||
/* symbol renaming */
|
||||
#define RC2_set_key hc_RC2_set_key
|
||||
#define RC2_encryptc hc_RC2_encryptc
|
||||
#define RC2_decryptc hc_RC2_decryptc
|
||||
#define RC2_cbc_encrypt hc_RC2_cbc_encrypt
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
#define RC2_ENCRYPT 1
|
||||
#define RC2_DECRYPT 0
|
||||
|
||||
#define RC2_BLOCK_SIZE 8
|
||||
#define RC2_BLOCK RC2_BLOCK_SIZE
|
||||
#define RC2_KEY_LENGTH 16
|
||||
|
||||
typedef struct rc2_key {
|
||||
unsigned int data[64];
|
||||
} RC2_KEY;
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
void RC2_set_key(RC2_KEY *, int, const unsigned char *,int);
|
||||
|
||||
void RC2_encryptc(unsigned char *, unsigned char *, const RC2_KEY *);
|
||||
void RC2_decryptc(unsigned char *, unsigned char *, const RC2_KEY *);
|
||||
|
||||
void RC2_cbc_encrypt(const unsigned char *, unsigned char *, long,
|
||||
RC2_KEY *, unsigned char *, int);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
@@ -0,0 +1,172 @@
|
||||
/*
|
||||
* Copyright (c) 2004 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include <config.h>
|
||||
RCSID("$Id$");
|
||||
#endif
|
||||
|
||||
#include <rc2.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
|
||||
struct {
|
||||
const void *key;
|
||||
const int keylen;
|
||||
const int bitsize;
|
||||
const void *plain;
|
||||
const void *cipher;
|
||||
} tests[] = {
|
||||
{
|
||||
"\x00\x00\x00\x00\x00\x00\x00\x00"
|
||||
"\x00\x00\x00\x00\x00\x00\x00\x00",
|
||||
16,
|
||||
0,
|
||||
"\x00\x00\x00\x00\x00\x00\x00\x00",
|
||||
"\x1C\x19\x8A\x83\x8D\xF0\x28\xB7"
|
||||
},
|
||||
{
|
||||
"\x00\x00\x00\x00\x00\x00\x00\x00"
|
||||
"\x00\x00\x00\x00\x00\x00\x00\x01",
|
||||
16,
|
||||
0,
|
||||
"\x00\x00\x00\x00\x00\x00\x00\x00",
|
||||
"\x21\x82\x9C\x78\xA9\xF9\xC0\x74"
|
||||
},
|
||||
{
|
||||
"\x00\x00\x00\x00\x00\x00\x00\x00"
|
||||
"\x00\x00\x00\x00\x00\x00\x00\x00",
|
||||
16,
|
||||
0,
|
||||
"\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF",
|
||||
"\x13\xDB\x35\x17\xD3\x21\x86\x9E"
|
||||
},
|
||||
{
|
||||
"\x00\x01\x02\x03\x04\x05\x06\x07"
|
||||
"\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F",
|
||||
16,
|
||||
0,
|
||||
"\x00\x00\x00\x00\x00\x00\x00\x00",
|
||||
"\x50\xDC\x01\x62\xBD\x75\x7F\x31"
|
||||
},
|
||||
{
|
||||
"\x00\x00\x00\x00\x00\x00\x00\x00",
|
||||
8,
|
||||
63,
|
||||
"\x00\x00\x00\x00\x00\x00\x00\x00",
|
||||
"\xeb\xb7\x73\xf9\x93\x27\x8e\xff"
|
||||
},
|
||||
{
|
||||
"\xff\xff\xff\xff\xff\xff\xff\xff",
|
||||
8,
|
||||
64,
|
||||
"\xff\xff\xff\xff\xff\xff\xff\xff",
|
||||
"\x27\x8b\x27\xe4\x2e\x2f\x0d\x49"
|
||||
},
|
||||
{
|
||||
"\x88",
|
||||
1,
|
||||
64,
|
||||
"\x00\x00\x00\x00\x00\x00\x00\x00",
|
||||
"\x61\xa8\xa2\x44\xad\xac\xcc\xf0"
|
||||
}
|
||||
};
|
||||
|
||||
const unsigned char cbc_key[16] =
|
||||
"\x00\x00\x00\x00\x00\x00\x00\x00"
|
||||
"\x00\x00\x00\x00\x00\x00\x00\x00";
|
||||
const char cbc_iv[8] =
|
||||
"\x01\x01\x01\x01\x01\x01\x01\x01";
|
||||
const unsigned char cbc_in_data[32] =
|
||||
"\x20\x20\x20\x20\x20\x20\x20\x20"
|
||||
"\x20\x20\x20\x20\x20\x20\x20\x20"
|
||||
"\x20\x20\x20\x20\x20\x20\x20\x20"
|
||||
"\x20\x20\x20\x20\x20\x20\x20\x20";
|
||||
|
||||
const char out_iv[8] = "\x00\x78\x1b\x6\xff\xb9\xfa\xe";
|
||||
|
||||
const char cbc_out_data[32] =
|
||||
"\xb4\x3f\x89\x15\x69\x68\xda\x79"
|
||||
"\x29\xab\x5f\x78\xc5\xba\x15\x82"
|
||||
"\x80\x89\x57\x1b\xbe\x57\x2f\xdc"
|
||||
"\x00\x78\x1b\x06\xff\xb9\xfa\x0e";
|
||||
|
||||
int
|
||||
main(int argc, char **argv)
|
||||
{
|
||||
RC2_KEY key;
|
||||
unsigned char t[8];
|
||||
unsigned char out[40];
|
||||
int i;
|
||||
|
||||
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) {
|
||||
RC2_set_key(&key, tests[i].keylen, tests[i].key, tests[i].bitsize);
|
||||
|
||||
memcpy(t, tests[i].plain, 8);
|
||||
RC2_encryptc(t, t, &key);
|
||||
if (memcmp(t, tests[i].cipher, 8) != 0) {
|
||||
printf("encrypt %d\n", i);
|
||||
exit(1);
|
||||
}
|
||||
RC2_decryptc(t, t, &key);
|
||||
if (memcmp(t, tests[i].plain, 8) != 0) {
|
||||
printf("decrypt: %d\n", i);
|
||||
exit(1);
|
||||
}
|
||||
}
|
||||
|
||||
/* cbc test */
|
||||
|
||||
RC2_set_key(&key, 16, cbc_key, 0);
|
||||
memcpy(t, cbc_iv, 8);
|
||||
RC2_cbc_encrypt(cbc_in_data, out, 32, &key, t, 1);
|
||||
|
||||
if (memcmp(out_iv, t, 8) != 0)
|
||||
abort();
|
||||
|
||||
if (memcmp(out, cbc_out_data, 32) != 0) {
|
||||
printf("cbc test encrypt\n");
|
||||
exit(1);
|
||||
}
|
||||
|
||||
memcpy(t, cbc_iv, 8);
|
||||
RC2_cbc_encrypt(out, out, 32, &key, t, 0);
|
||||
|
||||
if (memcmp(cbc_in_data, out, 32) != 0) {
|
||||
printf("cbc test decrypt \n");
|
||||
exit(1);
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
@@ -0,0 +1,82 @@
|
||||
/*
|
||||
* Copyright (c) 2004 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
/* implemented from description in draft-kaukonen-cipher-arcfour-03.txt */
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include "config.h"
|
||||
|
||||
RCSID("$Id$");
|
||||
#endif
|
||||
|
||||
#include <rc4.h>
|
||||
|
||||
#define SWAP(k,x,y) \
|
||||
{ unsigned int _t; \
|
||||
_t = k->state[x]; \
|
||||
k->state[x] = k->state[y]; \
|
||||
k->state[y] = _t; \
|
||||
}
|
||||
|
||||
void
|
||||
RC4_set_key(RC4_KEY *key, const int len, unsigned char *data)
|
||||
{
|
||||
int i, j;
|
||||
|
||||
for (i = 0; i < 256; i++)
|
||||
key->state[i] = i;
|
||||
for (i = 0, j = 0; i < 256; i++) {
|
||||
j = (j + key->state[i] + data[i % len]) % 256;
|
||||
SWAP(key, i, j);
|
||||
}
|
||||
key->x = key->y = 0;
|
||||
}
|
||||
|
||||
void
|
||||
RC4(RC4_KEY *key, const int len, const unsigned char *in, unsigned char *out)
|
||||
{
|
||||
int i, t;
|
||||
unsigned x, y;
|
||||
|
||||
x = key->x;
|
||||
y = key->y;
|
||||
for (i = 0; i < len; i++) {
|
||||
x = (x + 1) % 256;
|
||||
y = (y + key->state[x]) % 256;
|
||||
SWAP(key, x, y);
|
||||
t = (key->state[x] + key->state[y]) % 256;
|
||||
*out++ = key->state[t] ^ *in++;
|
||||
}
|
||||
key->x = x;
|
||||
key->y = y;
|
||||
}
|
||||
@@ -0,0 +1,46 @@
|
||||
/*
|
||||
* Copyright (c) 2004 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
/* $Id$ */
|
||||
|
||||
/* symbol renaming */
|
||||
#define RC4_set_key hc_RC4_set_key
|
||||
#define RC4 hc_RC4
|
||||
|
||||
typedef struct rc4_key {
|
||||
unsigned int x, y;
|
||||
unsigned int state[256];
|
||||
} RC4_KEY;
|
||||
|
||||
void RC4_set_key(RC4_KEY *, const int, unsigned char *);
|
||||
void RC4(RC4_KEY *, const int, const unsigned char *, unsigned char *);
|
||||
@@ -0,0 +1,166 @@
|
||||
/*
|
||||
* Copyright (c) 2004 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include <config.h>
|
||||
RCSID("$Id$");
|
||||
#endif
|
||||
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <rc4.h>
|
||||
|
||||
static unsigned char plain1[8] =
|
||||
{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
|
||||
static unsigned char key1[8] =
|
||||
{ 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF };
|
||||
static unsigned char cipher1[8] =
|
||||
{ 0x74, 0x94, 0xC2, 0xE7, 0x10, 0x4B, 0x08, 0x79 };
|
||||
|
||||
static unsigned char plain2[5] =
|
||||
{ 0xdc, 0xee, 0x4c, 0xf9, 0x2c };
|
||||
static unsigned char key2[5] =
|
||||
{ 0x61, 0x8a, 0x63, 0xd2, 0xfb };
|
||||
static unsigned char cipher2[5] =
|
||||
{ 0xf1, 0x38, 0x29, 0xc9, 0xde };
|
||||
|
||||
static unsigned char plain3[] =
|
||||
{
|
||||
0x52, 0x75, 0x69, 0x73, 0x6c, 0x69, 0x6e, 0x6e,
|
||||
0x75, 0x6e, 0x20, 0x6c, 0x61, 0x75, 0x6c, 0x75,
|
||||
0x20, 0x6b, 0x6f, 0x72, 0x76, 0x69, 0x73, 0x73,
|
||||
0x73, 0x61, 0x6e, 0x69, 0x2c, 0x20, 0x74, 0xe4,
|
||||
0x68, 0x6b, 0xe4, 0x70, 0xe4, 0x69, 0x64, 0x65,
|
||||
0x6e, 0x20, 0x70, 0xe4, 0xe4, 0x6c, 0x6c, 0xe4,
|
||||
0x20, 0x74, 0xe4, 0x79, 0x73, 0x69, 0x6b, 0x75,
|
||||
0x75, 0x2e, 0x20, 0x4b, 0x65, 0x73, 0xe4, 0x79,
|
||||
0xf6, 0x6e, 0x20, 0x6f, 0x6e, 0x20, 0x6f, 0x6e,
|
||||
0x6e, 0x69, 0x20, 0x6f, 0x6d, 0x61, 0x6e, 0x61,
|
||||
0x6e, 0x69, 0x2c, 0x20, 0x6b, 0x61, 0x73, 0x6b,
|
||||
0x69, 0x73, 0x61, 0x76, 0x75, 0x75, 0x6e, 0x20,
|
||||
0x6c, 0x61, 0x61, 0x6b, 0x73, 0x6f, 0x74, 0x20,
|
||||
0x76, 0x65, 0x72, 0x68, 0x6f, 0x75, 0x75, 0x2e,
|
||||
0x20, 0x45, 0x6e, 0x20, 0x6d, 0x61, 0x20, 0x69,
|
||||
0x6c, 0x6f, 0x69, 0x74, 0x73, 0x65, 0x2c, 0x20,
|
||||
0x73, 0x75, 0x72, 0x65, 0x20, 0x68, 0x75, 0x6f,
|
||||
0x6b, 0x61, 0x61, 0x2c, 0x20, 0x6d, 0x75, 0x74,
|
||||
0x74, 0x61, 0x20, 0x6d, 0x65, 0x74, 0x73, 0xe4,
|
||||
0x6e, 0x20, 0x74, 0x75, 0x6d, 0x6d, 0x75, 0x75,
|
||||
0x73, 0x20, 0x6d, 0x75, 0x6c, 0x6c, 0x65, 0x20,
|
||||
0x74, 0x75, 0x6f, 0x6b, 0x61, 0x61, 0x2e, 0x20,
|
||||
0x50, 0x75, 0x75, 0x6e, 0x74, 0x6f, 0x20, 0x70,
|
||||
0x69, 0x6c, 0x76, 0x65, 0x6e, 0x2c, 0x20, 0x6d,
|
||||
0x69, 0x20, 0x68, 0x75, 0x6b, 0x6b, 0x75, 0x75,
|
||||
0x2c, 0x20, 0x73, 0x69, 0x69, 0x6e, 0x74, 0x6f,
|
||||
0x20, 0x76, 0x61, 0x72, 0x61, 0x6e, 0x20, 0x74,
|
||||
0x75, 0x75, 0x6c, 0x69, 0x73, 0x65, 0x6e, 0x2c,
|
||||
0x20, 0x6d, 0x69, 0x20, 0x6e, 0x75, 0x6b, 0x6b,
|
||||
0x75, 0x75, 0x2e, 0x20, 0x54, 0x75, 0x6f, 0x6b,
|
||||
0x73, 0x75, 0x74, 0x20, 0x76, 0x61, 0x6e, 0x61,
|
||||
0x6d, 0x6f, 0x6e, 0x20, 0x6a, 0x61, 0x20, 0x76,
|
||||
0x61, 0x72, 0x6a, 0x6f, 0x74, 0x20, 0x76, 0x65,
|
||||
0x65, 0x6e, 0x2c, 0x20, 0x6e, 0x69, 0x69, 0x73,
|
||||
0x74, 0xe4, 0x20, 0x73, 0x79, 0x64, 0xe4, 0x6d,
|
||||
0x65, 0x6e, 0x69, 0x20, 0x6c, 0x61, 0x75, 0x6c,
|
||||
0x75, 0x6e, 0x20, 0x74, 0x65, 0x65, 0x6e, 0x2e,
|
||||
0x20, 0x2d, 0x20, 0x45, 0x69, 0x6e, 0x6f, 0x20,
|
||||
0x4c, 0x65, 0x69, 0x6e, 0x6f };
|
||||
|
||||
static unsigned char key3[16] =
|
||||
{ 0x29, 0x04, 0x19, 0x72, 0xfb, 0x42, 0xba, 0x5f,
|
||||
0xc7, 0x12, 0x77, 0x12, 0xf1, 0x38, 0x29, 0xc9 };
|
||||
|
||||
const unsigned char cipher3[] =
|
||||
{ 0x35, 0x81, 0x86, 0x99, 0x90, 0x01, 0xe6, 0xb5,
|
||||
0xda, 0xf0, 0x5e, 0xce, 0xeb, 0x7e, 0xee, 0x21,
|
||||
0xe0, 0x68, 0x9c, 0x1f, 0x00, 0xee, 0xa8, 0x1f,
|
||||
0x7d, 0xd2, 0xca, 0xae, 0xe1, 0xd2, 0x76, 0x3e,
|
||||
0x68, 0xaf, 0x0e, 0xad, 0x33, 0xd6, 0x6c, 0x26,
|
||||
0x8b, 0xc9, 0x46, 0xc4, 0x84, 0xfb, 0xe9, 0x4c,
|
||||
0x5f, 0x5e, 0x0b, 0x86, 0xa5, 0x92, 0x79, 0xe4,
|
||||
0xf8, 0x24, 0xe7, 0xa6, 0x40, 0xbd, 0x22, 0x32,
|
||||
0x10, 0xb0, 0xa6, 0x11, 0x60, 0xb7, 0xbc, 0xe9,
|
||||
0x86, 0xea, 0x65, 0x68, 0x80, 0x03, 0x59, 0x6b,
|
||||
0x63, 0x0a, 0x6b, 0x90, 0xf8, 0xe0, 0xca, 0xf6,
|
||||
0x91, 0x2a, 0x98, 0xeb, 0x87, 0x21, 0x76, 0xe8,
|
||||
0x3c, 0x20, 0x2c, 0xaa, 0x64, 0x16, 0x6d, 0x2c,
|
||||
0xce, 0x57, 0xff, 0x1b, 0xca, 0x57, 0xb2, 0x13,
|
||||
0xf0, 0xed, 0x1a, 0xa7, 0x2f, 0xb8, 0xea, 0x52,
|
||||
0xb0, 0xbe, 0x01, 0xcd, 0x1e, 0x41, 0x28, 0x67,
|
||||
0x72, 0x0b, 0x32, 0x6e, 0xb3, 0x89, 0xd0, 0x11,
|
||||
0xbd, 0x70, 0xd8, 0xaf, 0x03, 0x5f, 0xb0, 0xd8,
|
||||
0x58, 0x9d, 0xbc, 0xe3, 0xc6, 0x66, 0xf5, 0xea,
|
||||
0x8d, 0x4c, 0x79, 0x54, 0xc5, 0x0c, 0x3f, 0x34,
|
||||
0x0b, 0x04, 0x67, 0xf8, 0x1b, 0x42, 0x59, 0x61,
|
||||
0xc1, 0x18, 0x43, 0x07, 0x4d, 0xf6, 0x20, 0xf2,
|
||||
0x08, 0x40, 0x4b, 0x39, 0x4c, 0xf9, 0xd3, 0x7f,
|
||||
0xf5, 0x4b, 0x5f, 0x1a, 0xd8, 0xf6, 0xea, 0x7d,
|
||||
0xa3, 0xc5, 0x61, 0xdf, 0xa7, 0x28, 0x1f, 0x96,
|
||||
0x44, 0x63, 0xd2, 0xcc, 0x35, 0xa4, 0xd1, 0xb0,
|
||||
0x34, 0x90, 0xde, 0xc5, 0x1b, 0x07, 0x11, 0xfb,
|
||||
0xd6, 0xf5, 0x5f, 0x79, 0x23, 0x4d, 0x5b, 0x7c,
|
||||
0x76, 0x66, 0x22, 0xa6, 0x6d, 0xe9, 0x2b, 0xe9,
|
||||
0x96, 0x46, 0x1d, 0x5e, 0x4d, 0xc8, 0x78, 0xef,
|
||||
0x9b, 0xca, 0x03, 0x05, 0x21, 0xe8, 0x35, 0x1e,
|
||||
0x4b, 0xae, 0xd2, 0xfd, 0x04, 0xf9, 0x46, 0x73,
|
||||
0x68, 0xc4, 0xad, 0x6a, 0xc1, 0x86, 0xd0, 0x82,
|
||||
0x45, 0xb2, 0x63, 0xa2, 0x66, 0x6d, 0x1f, 0x6c,
|
||||
0x54, 0x20, 0xf1, 0x59, 0x9d, 0xfd, 0x9f, 0x43,
|
||||
0x89, 0x21, 0xc2, 0xf5, 0xa4, 0x63, 0x93, 0x8c,
|
||||
0xe0, 0x98, 0x22, 0x65, 0xee, 0xf7, 0x01, 0x79,
|
||||
0xbc, 0x55, 0x3f, 0x33, 0x9e, 0xb1, 0xa4, 0xc1,
|
||||
0xaf, 0x5f, 0x6a, 0x54, 0x7f };
|
||||
|
||||
int
|
||||
main (void)
|
||||
{
|
||||
unsigned char buf[1024];
|
||||
RC4_KEY key;
|
||||
|
||||
RC4_set_key(&key, 8, key1);
|
||||
RC4(&key, 8, plain1, buf);
|
||||
if (memcmp(buf, cipher1, 8) != 0)
|
||||
return 1;
|
||||
|
||||
RC4_set_key(&key, 5, key2);
|
||||
RC4(&key, 5, plain2, buf);
|
||||
if (memcmp(buf, cipher2, 5) != 0)
|
||||
return 1;
|
||||
|
||||
RC4_set_key(&key, 16, key3);
|
||||
RC4(&key, 309, plain3, buf);
|
||||
if (memcmp(buf, cipher3, 309) != 0)
|
||||
return 1;
|
||||
|
||||
return 0;
|
||||
}
|
||||
@@ -0,0 +1,18 @@
|
||||
//{{NO_DEPENDENCIES}}
|
||||
// Microsoft Developer Studio generated include file.
|
||||
// Used by passwd_dialog.rc
|
||||
//
|
||||
#define IDD_PASSWD_DIALOG 101
|
||||
#define IDC_EDIT1 1000
|
||||
#define IDC_PASSWD_EDIT 1001
|
||||
|
||||
// Next default values for new objects
|
||||
//
|
||||
#ifdef APSTUDIO_INVOKED
|
||||
#ifndef APSTUDIO_READONLY_SYMBOLS
|
||||
#define _APS_NEXT_RESOURCE_VALUE 102
|
||||
#define _APS_NEXT_COMMAND_VALUE 40001
|
||||
#define _APS_NEXT_CONTROL_VALUE 1002
|
||||
#define _APS_NEXT_SYMED_VALUE 101
|
||||
#endif
|
||||
#endif
|
||||
File diff suppressed because it is too large
Load Diff
@@ -0,0 +1,46 @@
|
||||
/* $NetBSD: rijndael-alg-fst.h,v 1.2 2000/10/02 17:19:15 itojun Exp $ */
|
||||
/* $KAME: rijndael-alg-fst.h,v 1.5 2003/07/15 10:47:16 itojun Exp $ */
|
||||
/**
|
||||
* rijndael-alg-fst.h
|
||||
*
|
||||
* @version 3.0 (December 2000)
|
||||
*
|
||||
* Optimised ANSI C code for the Rijndael cipher (now AES)
|
||||
*
|
||||
* @author Vincent Rijmen <vincent.rijmen@esat.kuleuven.ac.be>
|
||||
* @author Antoon Bosselaers <antoon.bosselaers@esat.kuleuven.ac.be>
|
||||
* @author Paulo Barreto <paulo.barreto@terra.com.br>
|
||||
*
|
||||
* This code is hereby placed in the public domain.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS
|
||||
* OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
||||
* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE
|
||||
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
|
||||
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
|
||||
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
|
||||
* BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
|
||||
* WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
|
||||
* OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
|
||||
* EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
*/
|
||||
#ifndef __RIJNDAEL_ALG_FST_H
|
||||
#define __RIJNDAEL_ALG_FST_H
|
||||
|
||||
/* symbol renaming */
|
||||
#define rijndaelKeySetupEnc _hc_rijndaelKeySetupEnc
|
||||
#define rijndaelKeySetupDec _hc_rijndaelKeySetupDec
|
||||
#define rijndaelEncrypt _hc_rijndaelEncrypt
|
||||
#define rijndaelDecrypt _hc_rijndaelDecrypt
|
||||
|
||||
#define RIJNDAEL_MAXKC (256/32)
|
||||
#define RIJNDAEL_MAXKB (256/8)
|
||||
#define RIJNDAEL_MAXNR 14
|
||||
|
||||
int rijndaelKeySetupEnc(uint32_t rk[/*4*(Nr + 1)*/], const uint8_t cipherKey[], int keyBits);
|
||||
int rijndaelKeySetupDec(uint32_t rk[/*4*(Nr + 1)*/], const uint8_t cipherKey[], int keyBits);
|
||||
void rijndaelEncrypt(const uint32_t rk[/*4*(Nr + 1)*/], int Nr, const uint8_t pt[16], uint8_t ct[16]);
|
||||
void rijndaelDecrypt(const uint32_t rk[/*4*(Nr + 1)*/], int Nr, const uint8_t ct[16], uint8_t pt[16]);
|
||||
|
||||
#endif /* __RIJNDAEL_ALG_FST_H */
|
||||
@@ -0,0 +1,509 @@
|
||||
/*
|
||||
* Copyright (c) 1995, 1996, 1997, 1999 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include "config.h"
|
||||
|
||||
RCSID("$Id$");
|
||||
#endif
|
||||
|
||||
#ifdef KRB5
|
||||
#include <krb5-types.h>
|
||||
#endif
|
||||
#include <des.h>
|
||||
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
|
||||
#ifdef TIME_WITH_SYS_TIME
|
||||
#include <sys/time.h>
|
||||
#include <time.h>
|
||||
#elif defined(HAVE_SYS_TIME_H)
|
||||
#include <sys/time.h>
|
||||
#else
|
||||
#include <time.h>
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_SYS_TYPES_H
|
||||
#include <sys/types.h>
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_UNISTD_H
|
||||
#include <unistd.h>
|
||||
#endif
|
||||
#ifdef HAVE_IO_H
|
||||
#include <io.h>
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_SIGNAL_H
|
||||
#include <signal.h>
|
||||
#endif
|
||||
#ifdef HAVE_FCNTL_H
|
||||
#include <fcntl.h>
|
||||
#endif
|
||||
|
||||
/*
|
||||
* Generate "random" data by checksumming a file.
|
||||
*
|
||||
* Returns -1 if there were any problems with permissions or I/O
|
||||
* errors.
|
||||
*/
|
||||
static
|
||||
int
|
||||
sumFile (const char *name, int len, void *res)
|
||||
{
|
||||
uint32_t sum[2] = { 0, 0 };
|
||||
uint32_t buf[1024*2];
|
||||
int fd, i;
|
||||
|
||||
fd = open (name, 0);
|
||||
if (fd < 0)
|
||||
return -1;
|
||||
|
||||
while (len > 0)
|
||||
{
|
||||
int n = read(fd, buf, sizeof(buf));
|
||||
if (n < 0)
|
||||
{
|
||||
close(fd);
|
||||
return n;
|
||||
}
|
||||
for (i = 0; i < (n/sizeof(buf[0])); i++)
|
||||
{
|
||||
sum[0] += buf[i];
|
||||
i++;
|
||||
sum[1] += buf[i];
|
||||
}
|
||||
len -= n;
|
||||
}
|
||||
close (fd);
|
||||
memcpy (res, &sum, sizeof(sum));
|
||||
return 0;
|
||||
}
|
||||
|
||||
#if 0
|
||||
static
|
||||
int
|
||||
md5sumFile (const char *name, int len, int32_t sum[4])
|
||||
{
|
||||
int32_t buf[1024*2];
|
||||
int fd, cnt;
|
||||
struct md5 md5;
|
||||
|
||||
fd = open (name, 0);
|
||||
if (fd < 0)
|
||||
return -1;
|
||||
|
||||
md5_init(&md5);
|
||||
while (len > 0)
|
||||
{
|
||||
int n = read(fd, buf, sizeof(buf));
|
||||
if (n < 0)
|
||||
{
|
||||
close(fd);
|
||||
return n;
|
||||
}
|
||||
md5_update(&md5, buf, n);
|
||||
len -= n;
|
||||
}
|
||||
md5_finito(&md5, (unsigned char *)sum);
|
||||
close (fd);
|
||||
return 0;
|
||||
}
|
||||
#endif
|
||||
|
||||
/*
|
||||
* Create a sequence of random 64 bit blocks.
|
||||
* The sequence is indexed with a long long and
|
||||
* based on an initial des key used as a seed.
|
||||
*/
|
||||
static DES_key_schedule sequence_seed;
|
||||
static uint32_t sequence_index[2];
|
||||
|
||||
/*
|
||||
* Random number generator based on ideas from truerand in cryptolib
|
||||
* as described on page 424 in Applied Cryptography 2 ed. by Bruce
|
||||
* Schneier.
|
||||
*/
|
||||
|
||||
static volatile int counter;
|
||||
static volatile unsigned char *gdata; /* Global data */
|
||||
static volatile int igdata; /* Index into global data */
|
||||
static int gsize;
|
||||
|
||||
#if !defined(WIN32) && !defined(__EMX__) && !defined(__OS2__) && !defined(__CYGWIN32__)
|
||||
/* Visual C++ 4.0 (Windows95/NT) */
|
||||
|
||||
static
|
||||
RETSIGTYPE
|
||||
sigALRM(int sig)
|
||||
{
|
||||
if (igdata < gsize)
|
||||
gdata[igdata++] ^= counter & 0xff;
|
||||
|
||||
#ifndef HAVE_SIGACTION
|
||||
signal(SIGALRM, sigALRM); /* Reinstall SysV signal handler */
|
||||
#endif
|
||||
SIGRETURN(0);
|
||||
}
|
||||
|
||||
#endif
|
||||
|
||||
#if !defined(HAVE_RANDOM) && defined(HAVE_RAND)
|
||||
#ifndef srandom
|
||||
#define srandom srand
|
||||
#endif
|
||||
#ifndef random
|
||||
#define random rand
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#if !defined(HAVE_SETITIMER) || defined(WIN32) || defined(__EMX__) || defined(__OS2__) || defined(__CYGWIN32__)
|
||||
static void
|
||||
des_not_rand_data(unsigned char *data, int size)
|
||||
{
|
||||
int i;
|
||||
|
||||
srandom (time (NULL));
|
||||
|
||||
for(i = 0; i < size; ++i)
|
||||
data[i] ^= random() % 0x100;
|
||||
}
|
||||
#endif
|
||||
|
||||
#if !defined(WIN32) && !defined(__EMX__) && !defined(__OS2__) && !defined(__CYGWIN32__)
|
||||
|
||||
#ifndef HAVE_SETITIMER
|
||||
static void
|
||||
pacemaker(struct timeval *tv)
|
||||
{
|
||||
fd_set fds;
|
||||
pid_t pid;
|
||||
pid = getppid();
|
||||
while(1){
|
||||
FD_ZERO(&fds);
|
||||
FD_SET(0, &fds);
|
||||
select(1, &fds, NULL, NULL, tv);
|
||||
kill(pid, SIGALRM);
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_SIGACTION
|
||||
/* XXX ugly hack, should perhaps use function from roken */
|
||||
static RETSIGTYPE
|
||||
(*fake_signal(int sig, RETSIGTYPE (*f)(int)))(int)
|
||||
{
|
||||
struct sigaction sa, osa;
|
||||
sa.sa_handler = f;
|
||||
sa.sa_flags = 0;
|
||||
sigemptyset(&sa.sa_mask);
|
||||
sigaction(sig, &sa, &osa);
|
||||
return osa.sa_handler;
|
||||
}
|
||||
#define signal(S, F) fake_signal((S), (F))
|
||||
#endif
|
||||
|
||||
/*
|
||||
* Generate size bytes of "random" data using timed interrupts.
|
||||
* It takes about 40ms/byte random data.
|
||||
* It's not neccessary to be root to run it.
|
||||
*/
|
||||
void
|
||||
DES_rand_data(void *outdata, int size)
|
||||
{
|
||||
unsigned char *data = outdata;
|
||||
struct itimerval tv, otv;
|
||||
RETSIGTYPE (*osa)(int);
|
||||
int i, j;
|
||||
#ifndef HAVE_SETITIMER
|
||||
RETSIGTYPE (*ochld)(int);
|
||||
pid_t pid;
|
||||
#endif
|
||||
const char *rnd_devices[] = {"/dev/random",
|
||||
"/dev/srandom",
|
||||
"/dev/urandom",
|
||||
"/dev/arandom",
|
||||
NULL};
|
||||
const char **p;
|
||||
|
||||
for(p = rnd_devices; *p; p++) {
|
||||
int fd = open(*p, O_RDONLY | O_NDELAY);
|
||||
|
||||
if(fd >= 0 && read(fd, data, size) == size) {
|
||||
close(fd);
|
||||
return;
|
||||
}
|
||||
close(fd);
|
||||
}
|
||||
|
||||
/* Paranoia? Initialize data from /dev/mem if we can read it. */
|
||||
if (size >= 8)
|
||||
sumFile("/dev/mem", (1024*1024*2), data);
|
||||
|
||||
gdata = data;
|
||||
gsize = size;
|
||||
igdata = 0;
|
||||
|
||||
osa = signal(SIGALRM, sigALRM);
|
||||
|
||||
/* Start timer */
|
||||
tv.it_value.tv_sec = 0;
|
||||
tv.it_value.tv_usec = 10 * 1000; /* 10 ms */
|
||||
tv.it_interval = tv.it_value;
|
||||
#ifdef HAVE_SETITIMER
|
||||
setitimer(ITIMER_REAL, &tv, &otv);
|
||||
#else
|
||||
ochld = signal(SIGCHLD, SIG_IGN);
|
||||
pid = fork();
|
||||
if(pid == -1){
|
||||
signal(SIGCHLD, ochld != SIG_ERR ? ochld : SIG_DFL);
|
||||
des_not_rand_data(data, size);
|
||||
return;
|
||||
}
|
||||
if(pid == 0)
|
||||
pacemaker(&tv.it_interval);
|
||||
#endif
|
||||
|
||||
for(i = 0; i < 4; i++) {
|
||||
for (igdata = 0; igdata < size;) /* igdata++ in sigALRM */
|
||||
counter++;
|
||||
for (j = 0; j < size; j++) /* Only use 2 bits each lap */
|
||||
gdata[j] = (gdata[j]>>2) | (gdata[j]<<6);
|
||||
}
|
||||
#ifdef HAVE_SETITIMER
|
||||
setitimer(ITIMER_REAL, &otv, 0);
|
||||
#else
|
||||
kill(pid, SIGKILL);
|
||||
while(waitpid(pid, NULL, 0) != pid);
|
||||
signal(SIGCHLD, ochld != SIG_ERR ? ochld : SIG_DFL);
|
||||
#endif
|
||||
signal(SIGALRM, osa != SIG_ERR ? osa : SIG_DFL);
|
||||
}
|
||||
#else
|
||||
void
|
||||
DES_rand_data(unsigned char *p, int s)
|
||||
{
|
||||
des_not_rand_data (p, s);
|
||||
}
|
||||
#endif
|
||||
|
||||
void
|
||||
DES_generate_random_block(DES_cblock *block)
|
||||
{
|
||||
DES_rand_data((unsigned char *)block, sizeof(*block));
|
||||
}
|
||||
|
||||
#define DES_rand_data_key hc_DES_rand_data_key
|
||||
|
||||
void
|
||||
DES_rand_data_key(DES_cblock *key);
|
||||
|
||||
/*
|
||||
* Generate a "random" DES key.
|
||||
*/
|
||||
void
|
||||
DES_rand_data_key(DES_cblock *key)
|
||||
{
|
||||
unsigned char data[8];
|
||||
DES_key_schedule sched;
|
||||
do {
|
||||
DES_rand_data(data, sizeof(data));
|
||||
DES_rand_data((unsigned char*)key, sizeof(DES_cblock));
|
||||
DES_set_odd_parity(key);
|
||||
DES_set_key(key, &sched);
|
||||
DES_ecb_encrypt(&data, key, &sched, DES_ENCRYPT);
|
||||
memset(&data, 0, sizeof(data));
|
||||
memset(&sched, 0, sizeof(sched));
|
||||
DES_set_odd_parity(key);
|
||||
} while(DES_is_weak_key(key));
|
||||
}
|
||||
|
||||
/*
|
||||
* Generate "random" data by checksumming /dev/mem
|
||||
*
|
||||
* It's neccessary to be root to run it. Returns -1 if there were any
|
||||
* problems with permissions.
|
||||
*/
|
||||
|
||||
#define DES_mem_rand8 hc_DES_mem_rand8
|
||||
|
||||
int
|
||||
DES_mem_rand8(unsigned char *data);
|
||||
|
||||
int
|
||||
DES_mem_rand8(unsigned char *data)
|
||||
{
|
||||
return 1;
|
||||
}
|
||||
|
||||
/*
|
||||
* In case the generator does not get initialized use this as fallback.
|
||||
*/
|
||||
static int initialized;
|
||||
|
||||
static void
|
||||
do_initialize(void)
|
||||
{
|
||||
DES_cblock default_seed;
|
||||
do {
|
||||
DES_generate_random_block(&default_seed);
|
||||
DES_set_odd_parity(&default_seed);
|
||||
} while (DES_is_weak_key(&default_seed));
|
||||
DES_init_random_number_generator(&default_seed);
|
||||
}
|
||||
|
||||
#define zero_long_long(ll) do { ll[0] = ll[1] = 0; } while (0)
|
||||
|
||||
#define incr_long_long(ll) do { if (++ll[0] == 0) ++ll[1]; } while (0)
|
||||
|
||||
#define set_sequence_number(ll) \
|
||||
memcpy((char *)sequence_index, (ll), sizeof(sequence_index));
|
||||
|
||||
/*
|
||||
* Set the sequnce number to this value (a long long).
|
||||
*/
|
||||
void
|
||||
DES_set_sequence_number(void *ll)
|
||||
{
|
||||
set_sequence_number(ll);
|
||||
}
|
||||
|
||||
/*
|
||||
* Set the generator seed and reset the sequence number to 0.
|
||||
*/
|
||||
void
|
||||
DES_set_random_generator_seed(DES_cblock *seed)
|
||||
{
|
||||
DES_set_key(seed, &sequence_seed);
|
||||
zero_long_long(sequence_index);
|
||||
initialized = 1;
|
||||
}
|
||||
|
||||
/*
|
||||
* Generate a sequence of random des keys
|
||||
* using the random block sequence, fixup
|
||||
* parity and skip weak keys.
|
||||
*/
|
||||
int
|
||||
DES_new_random_key(DES_cblock *key)
|
||||
{
|
||||
if (!initialized)
|
||||
do_initialize();
|
||||
|
||||
do {
|
||||
DES_ecb_encrypt((DES_cblock *) sequence_index,
|
||||
key,
|
||||
&sequence_seed,
|
||||
DES_ENCRYPT);
|
||||
incr_long_long(sequence_index);
|
||||
/* random key must have odd parity and not be weak */
|
||||
DES_set_odd_parity(key);
|
||||
} while (DES_is_weak_key(key));
|
||||
return(0);
|
||||
}
|
||||
|
||||
/*
|
||||
* des_init_random_number_generator:
|
||||
*
|
||||
* Initialize the sequence of random 64 bit blocks. The input seed
|
||||
* can be a secret key since it should be well hidden and is also not
|
||||
* kept.
|
||||
*
|
||||
*/
|
||||
void
|
||||
DES_init_random_number_generator(DES_cblock *seed)
|
||||
{
|
||||
struct timeval now;
|
||||
DES_cblock uniq;
|
||||
DES_cblock new_key;
|
||||
|
||||
gettimeofday(&now, (struct timezone *)0);
|
||||
DES_generate_random_block(&uniq);
|
||||
|
||||
/* Pick a unique random key from the shared sequence. */
|
||||
DES_set_random_generator_seed(seed);
|
||||
set_sequence_number((unsigned char *)&uniq);
|
||||
DES_new_random_key(&new_key);
|
||||
|
||||
/* Select a new nonshared sequence, */
|
||||
DES_set_random_generator_seed(&new_key);
|
||||
|
||||
/* and use the current time to pick a key for the new sequence. */
|
||||
set_sequence_number((unsigned char *)&now);
|
||||
DES_new_random_key(&new_key);
|
||||
DES_set_random_generator_seed(&new_key);
|
||||
}
|
||||
|
||||
/* This is for backwards compatibility. */
|
||||
void
|
||||
DES_random_key(DES_cblock *ret)
|
||||
{
|
||||
DES_new_random_key(ret);
|
||||
}
|
||||
|
||||
#ifdef TESTRUN
|
||||
int
|
||||
main()
|
||||
{
|
||||
unsigned char data[8];
|
||||
int i;
|
||||
|
||||
while (1)
|
||||
{
|
||||
if (sumFile("/dev/mem", (1024*1024*8), data) != 0)
|
||||
{ perror("sumFile"); exit(1); }
|
||||
for (i = 0; i < 8; i++)
|
||||
printf("%02x", data[i]);
|
||||
printf("\n");
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef TESTRUN2
|
||||
int
|
||||
main()
|
||||
{
|
||||
DES_cblock data;
|
||||
int i;
|
||||
|
||||
while (1)
|
||||
{
|
||||
do_initialize();
|
||||
DES_random_key(data);
|
||||
for (i = 0; i < 8; i++)
|
||||
printf("%02x", data[i]);
|
||||
printf("\n");
|
||||
}
|
||||
}
|
||||
#endif
|
||||
@@ -0,0 +1,661 @@
|
||||
/*
|
||||
* Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include <config.h>
|
||||
#endif
|
||||
|
||||
RCSID("$Id$");
|
||||
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <krb5-types.h>
|
||||
#include <assert.h>
|
||||
|
||||
#include <rsa.h>
|
||||
|
||||
#include <roken.h>
|
||||
|
||||
#include "imath/imath.h"
|
||||
#include "imath/iprime.h"
|
||||
|
||||
static void
|
||||
BN2mpz(mpz_t *s, const BIGNUM *bn)
|
||||
{
|
||||
size_t len;
|
||||
void *p;
|
||||
|
||||
mp_int_init(s);
|
||||
|
||||
len = BN_num_bytes(bn);
|
||||
p = malloc(len);
|
||||
BN_bn2bin(bn, p);
|
||||
mp_int_read_unsigned(s, p, len);
|
||||
free(p);
|
||||
}
|
||||
|
||||
static BIGNUM *
|
||||
mpz2BN(mpz_t *s)
|
||||
{
|
||||
size_t size;
|
||||
BIGNUM *bn;
|
||||
void *p;
|
||||
|
||||
size = mp_int_unsigned_len(s);
|
||||
p = malloc(size);
|
||||
if (p == NULL && size != 0)
|
||||
return NULL;
|
||||
mp_int_to_unsigned(s, p, size);
|
||||
|
||||
bn = BN_bin2bn(p, size, NULL);
|
||||
free(p);
|
||||
return bn;
|
||||
}
|
||||
|
||||
static int random_num(mp_int, size_t);
|
||||
|
||||
static void
|
||||
setup_blind(mp_int n, mp_int b, mp_int bi)
|
||||
{
|
||||
mp_int_init(b);
|
||||
mp_int_init(bi);
|
||||
random_num(b, mp_int_count_bits(n));
|
||||
mp_int_mod(b, n, b);
|
||||
mp_int_invmod(b, n, bi);
|
||||
}
|
||||
|
||||
static void
|
||||
blind(mp_int in, mp_int b, mp_int e, mp_int n)
|
||||
{
|
||||
mpz_t t1;
|
||||
mp_int_init(&t1);
|
||||
/* in' = (in * b^e) mod n */
|
||||
mp_int_exptmod(b, e, n, &t1);
|
||||
mp_int_mul(&t1, in, in);
|
||||
mp_int_mod(in, n, in);
|
||||
mp_int_clear(&t1);
|
||||
}
|
||||
|
||||
static void
|
||||
unblind(mp_int out, mp_int bi, mp_int n)
|
||||
{
|
||||
/* out' = (out * 1/b) mod n */
|
||||
mp_int_mul(out, bi, out);
|
||||
mp_int_mod(out, n, out);
|
||||
}
|
||||
|
||||
static mp_result
|
||||
rsa_private_calculate(mp_int in, mp_int p, mp_int q,
|
||||
mp_int dmp1, mp_int dmq1, mp_int iqmp,
|
||||
mp_int out)
|
||||
{
|
||||
mpz_t vp, vq, u;
|
||||
mp_int_init(&vp); mp_int_init(&vq); mp_int_init(&u);
|
||||
|
||||
/* vq = c ^ (d mod (q - 1)) mod q */
|
||||
/* vp = c ^ (d mod (p - 1)) mod p */
|
||||
mp_int_mod(in, p, &u);
|
||||
mp_int_exptmod(&u, dmp1, p, &vp);
|
||||
mp_int_mod(in, q, &u);
|
||||
mp_int_exptmod(&u, dmq1, q, &vq);
|
||||
|
||||
/* C2 = 1/q mod p (iqmp) */
|
||||
/* u = (vp - vq)C2 mod p. */
|
||||
mp_int_sub(&vp, &vq, &u);
|
||||
if (mp_int_compare_zero(&u) < 0)
|
||||
mp_int_add(&u, p, &u);
|
||||
mp_int_mul(&u, iqmp, &u);
|
||||
mp_int_mod(&u, p, &u);
|
||||
|
||||
/* c ^ d mod n = vq + u q */
|
||||
mp_int_mul(&u, q, &u);
|
||||
mp_int_add(&u, &vq, out);
|
||||
|
||||
mp_int_clear(&vp);
|
||||
mp_int_clear(&vq);
|
||||
mp_int_clear(&u);
|
||||
|
||||
return MP_OK;
|
||||
}
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
static int
|
||||
imath_rsa_public_encrypt(int flen, const unsigned char* from,
|
||||
unsigned char* to, RSA* rsa, int padding)
|
||||
{
|
||||
unsigned char *p, *p0;
|
||||
mp_result res;
|
||||
size_t size, padlen;
|
||||
mpz_t enc, dec, n, e;
|
||||
|
||||
if (padding != RSA_PKCS1_PADDING)
|
||||
return -1;
|
||||
|
||||
size = RSA_size(rsa);
|
||||
|
||||
if (size < RSA_PKCS1_PADDING_SIZE || size - RSA_PKCS1_PADDING_SIZE < flen)
|
||||
return -2;
|
||||
|
||||
BN2mpz(&n, rsa->n);
|
||||
BN2mpz(&e, rsa->e);
|
||||
|
||||
p = p0 = malloc(size - 1);
|
||||
if (p0 == NULL) {
|
||||
mp_int_clear(&e);
|
||||
mp_int_clear(&n);
|
||||
return -3;
|
||||
}
|
||||
|
||||
padlen = size - flen - 3;
|
||||
assert(padlen >= 8);
|
||||
|
||||
*p++ = 2;
|
||||
if (RAND_bytes(p, padlen) != 1) {
|
||||
mp_int_clear(&e);
|
||||
mp_int_clear(&n);
|
||||
free(p0);
|
||||
return -4;
|
||||
}
|
||||
while(padlen) {
|
||||
if (*p == 0)
|
||||
*p = 1;
|
||||
padlen--;
|
||||
p++;
|
||||
}
|
||||
*p++ = 0;
|
||||
memcpy(p, from, flen);
|
||||
p += flen;
|
||||
assert((p - p0) == size - 1);
|
||||
|
||||
mp_int_init(&enc);
|
||||
mp_int_init(&dec);
|
||||
mp_int_read_unsigned(&dec, p0, size - 1);
|
||||
free(p0);
|
||||
|
||||
res = mp_int_exptmod(&dec, &e, &n, &enc);
|
||||
|
||||
mp_int_clear(&dec);
|
||||
mp_int_clear(&e);
|
||||
mp_int_clear(&n);
|
||||
{
|
||||
size_t ssize;
|
||||
ssize = mp_int_unsigned_len(&enc);
|
||||
assert(size >= ssize);
|
||||
mp_int_to_unsigned(&enc, to, ssize);
|
||||
size = ssize;
|
||||
}
|
||||
mp_int_clear(&enc);
|
||||
|
||||
return size;
|
||||
}
|
||||
|
||||
static int
|
||||
imath_rsa_public_decrypt(int flen, const unsigned char* from,
|
||||
unsigned char* to, RSA* rsa, int padding)
|
||||
{
|
||||
unsigned char *p;
|
||||
mp_result res;
|
||||
size_t size;
|
||||
mpz_t s, us, n, e;
|
||||
|
||||
if (padding != RSA_PKCS1_PADDING)
|
||||
return -1;
|
||||
|
||||
if (flen > RSA_size(rsa))
|
||||
return -2;
|
||||
|
||||
BN2mpz(&n, rsa->n);
|
||||
BN2mpz(&e, rsa->e);
|
||||
|
||||
#if 0
|
||||
/* Check that the exponent is larger then 3 */
|
||||
if (mp_int_compare_value(&e, 3) <= 0) {
|
||||
mp_int_clear(&n);
|
||||
mp_int_clear(&e);
|
||||
return -3;
|
||||
}
|
||||
#endif
|
||||
|
||||
mp_int_init(&s);
|
||||
mp_int_init(&us);
|
||||
mp_int_read_unsigned(&s, rk_UNCONST(from), flen);
|
||||
|
||||
if (mp_int_compare(&s, &n) >= 0) {
|
||||
mp_int_clear(&n);
|
||||
mp_int_clear(&e);
|
||||
return -4;
|
||||
}
|
||||
|
||||
res = mp_int_exptmod(&s, &e, &n, &us);
|
||||
|
||||
mp_int_clear(&s);
|
||||
mp_int_clear(&n);
|
||||
mp_int_clear(&e);
|
||||
|
||||
if (res != MP_OK)
|
||||
return -5;
|
||||
p = to;
|
||||
|
||||
|
||||
size = mp_int_unsigned_len(&us);
|
||||
assert(size <= RSA_size(rsa));
|
||||
mp_int_to_unsigned(&us, p, size);
|
||||
|
||||
mp_int_clear(&us);
|
||||
|
||||
/* head zero was skipped by mp_int_to_unsigned */
|
||||
if (*p == 0)
|
||||
return -6;
|
||||
if (*p != 1)
|
||||
return -7;
|
||||
size--; p++;
|
||||
while (size && *p == 0xff) {
|
||||
size--; p++;
|
||||
}
|
||||
if (size == 0 || *p != 0)
|
||||
return -8;
|
||||
size--; p++;
|
||||
|
||||
memmove(to, p, size);
|
||||
|
||||
return size;
|
||||
}
|
||||
|
||||
static int
|
||||
imath_rsa_private_encrypt(int flen, const unsigned char* from,
|
||||
unsigned char* to, RSA* rsa, int padding)
|
||||
{
|
||||
unsigned char *p, *p0;
|
||||
mp_result res;
|
||||
size_t size;
|
||||
mpz_t in, out, n, e, b, bi;
|
||||
int blinding = (rsa->flags & RSA_FLAG_NO_BLINDING) == 0;
|
||||
|
||||
if (padding != RSA_PKCS1_PADDING)
|
||||
return -1;
|
||||
|
||||
size = RSA_size(rsa);
|
||||
|
||||
if (size < RSA_PKCS1_PADDING_SIZE || size - RSA_PKCS1_PADDING_SIZE < flen)
|
||||
return -2;
|
||||
|
||||
p0 = p = malloc(size);
|
||||
*p++ = 0;
|
||||
*p++ = 1;
|
||||
memset(p, 0xff, size - flen - 3);
|
||||
p += size - flen - 3;
|
||||
*p++ = 0;
|
||||
memcpy(p, from, flen);
|
||||
p += flen;
|
||||
assert((p - p0) == size);
|
||||
|
||||
BN2mpz(&n, rsa->n);
|
||||
BN2mpz(&e, rsa->e);
|
||||
|
||||
mp_int_init(&in);
|
||||
mp_int_init(&out);
|
||||
mp_int_read_unsigned(&in, p0, size);
|
||||
free(p0);
|
||||
|
||||
if(mp_int_compare_zero(&in) < 0 ||
|
||||
mp_int_compare(&in, &n) >= 0) {
|
||||
size = 0;
|
||||
goto out;
|
||||
}
|
||||
|
||||
if (blinding) {
|
||||
setup_blind(&n, &b, &bi);
|
||||
blind(&in, &b, &e, &n);
|
||||
}
|
||||
|
||||
if (rsa->p && rsa->q && rsa->dmp1 && rsa->dmq1 && rsa->iqmp) {
|
||||
mpz_t p, q, dmp1, dmq1, iqmp;
|
||||
|
||||
BN2mpz(&p, rsa->p);
|
||||
BN2mpz(&q, rsa->q);
|
||||
BN2mpz(&dmp1, rsa->dmp1);
|
||||
BN2mpz(&dmq1, rsa->dmq1);
|
||||
BN2mpz(&iqmp, rsa->iqmp);
|
||||
|
||||
res = rsa_private_calculate(&in, &p, &q, &dmp1, &dmq1, &iqmp, &out);
|
||||
|
||||
mp_int_clear(&p);
|
||||
mp_int_clear(&q);
|
||||
mp_int_clear(&dmp1);
|
||||
mp_int_clear(&dmq1);
|
||||
mp_int_clear(&iqmp);
|
||||
} else {
|
||||
mpz_t d;
|
||||
|
||||
BN2mpz(&d, rsa->d);
|
||||
res = mp_int_exptmod(&in, &d, &n, &out);
|
||||
mp_int_clear(&d);
|
||||
if (res != MP_OK) {
|
||||
size = 0;
|
||||
goto out;
|
||||
}
|
||||
}
|
||||
|
||||
if (blinding) {
|
||||
unblind(&out, &bi, &n);
|
||||
mp_int_clear(&b);
|
||||
mp_int_clear(&bi);
|
||||
}
|
||||
|
||||
{
|
||||
size_t ssize;
|
||||
ssize = mp_int_unsigned_len(&out);
|
||||
assert(size >= ssize);
|
||||
mp_int_to_unsigned(&out, to, size);
|
||||
size = ssize;
|
||||
}
|
||||
|
||||
out:
|
||||
mp_int_clear(&e);
|
||||
mp_int_clear(&n);
|
||||
mp_int_clear(&in);
|
||||
mp_int_clear(&out);
|
||||
|
||||
return size;
|
||||
}
|
||||
|
||||
static int
|
||||
imath_rsa_private_decrypt(int flen, const unsigned char* from,
|
||||
unsigned char* to, RSA* rsa, int padding)
|
||||
{
|
||||
unsigned char *ptr;
|
||||
mp_result res;
|
||||
size_t size;
|
||||
mpz_t in, out, n, e, b, bi;
|
||||
int blinding = (rsa->flags & RSA_FLAG_NO_BLINDING) == 0;
|
||||
|
||||
if (padding != RSA_PKCS1_PADDING)
|
||||
return -1;
|
||||
|
||||
size = RSA_size(rsa);
|
||||
if (flen > size)
|
||||
return -2;
|
||||
|
||||
mp_int_init(&in);
|
||||
mp_int_init(&out);
|
||||
|
||||
BN2mpz(&n, rsa->n);
|
||||
BN2mpz(&e, rsa->e);
|
||||
|
||||
res = mp_int_read_unsigned(&in, rk_UNCONST(from), flen);
|
||||
if (res != MP_OK) {
|
||||
size = -1;
|
||||
goto out;
|
||||
}
|
||||
|
||||
if(mp_int_compare_zero(&in) < 0 ||
|
||||
mp_int_compare(&in, &n) >= 0) {
|
||||
size = 0;
|
||||
goto out;
|
||||
}
|
||||
|
||||
if (blinding) {
|
||||
setup_blind(&n, &b, &bi);
|
||||
blind(&in, &b, &e, &n);
|
||||
}
|
||||
|
||||
if (rsa->p && rsa->q && rsa->dmp1 && rsa->dmq1 && rsa->iqmp) {
|
||||
mpz_t p, q, dmp1, dmq1, iqmp;
|
||||
|
||||
BN2mpz(&p, rsa->p);
|
||||
BN2mpz(&q, rsa->q);
|
||||
BN2mpz(&dmp1, rsa->dmp1);
|
||||
BN2mpz(&dmq1, rsa->dmq1);
|
||||
BN2mpz(&iqmp, rsa->iqmp);
|
||||
|
||||
res = rsa_private_calculate(&in, &p, &q, &dmp1, &dmq1, &iqmp, &out);
|
||||
|
||||
mp_int_clear(&p);
|
||||
mp_int_clear(&q);
|
||||
mp_int_clear(&dmp1);
|
||||
mp_int_clear(&dmq1);
|
||||
mp_int_clear(&iqmp);
|
||||
} else {
|
||||
mpz_t d;
|
||||
|
||||
if(mp_int_compare_zero(&in) < 0 ||
|
||||
mp_int_compare(&in, &n) >= 0)
|
||||
return MP_RANGE;
|
||||
|
||||
BN2mpz(&d, rsa->d);
|
||||
res = mp_int_exptmod(&in, &d, &n, &out);
|
||||
mp_int_clear(&d);
|
||||
if (res != MP_OK) {
|
||||
size = 0;
|
||||
goto out;
|
||||
}
|
||||
}
|
||||
|
||||
if (blinding) {
|
||||
unblind(&out, &bi, &n);
|
||||
mp_int_clear(&b);
|
||||
mp_int_clear(&bi);
|
||||
}
|
||||
|
||||
ptr = to;
|
||||
{
|
||||
size_t ssize;
|
||||
ssize = mp_int_unsigned_len(&out);
|
||||
assert(size >= ssize);
|
||||
mp_int_to_unsigned(&out, ptr, ssize);
|
||||
size = ssize;
|
||||
}
|
||||
|
||||
/* head zero was skipped by mp_int_to_unsigned */
|
||||
if (*ptr != 2)
|
||||
return -3;
|
||||
size--; ptr++;
|
||||
while (size && *ptr != 0) {
|
||||
size--; ptr++;
|
||||
}
|
||||
if (size == 0)
|
||||
return -4;
|
||||
size--; ptr++;
|
||||
|
||||
memmove(to, ptr, size);
|
||||
|
||||
out:
|
||||
mp_int_clear(&e);
|
||||
mp_int_clear(&n);
|
||||
mp_int_clear(&in);
|
||||
mp_int_clear(&out);
|
||||
|
||||
return size;
|
||||
}
|
||||
|
||||
static int
|
||||
random_num(mp_int num, size_t len)
|
||||
{
|
||||
unsigned char *p;
|
||||
mp_result res;
|
||||
|
||||
len = (len + 7) / 8;
|
||||
p = malloc(len);
|
||||
if (p == NULL)
|
||||
return 1;
|
||||
if (RAND_bytes(p, len) != 1) {
|
||||
free(p);
|
||||
return 1;
|
||||
}
|
||||
res = mp_int_read_unsigned(num, p, len);
|
||||
free(p);
|
||||
if (res != MP_OK)
|
||||
return 1;
|
||||
return 0;
|
||||
}
|
||||
|
||||
#define CHECK(f, v) if ((f) != (v)) { goto out; }
|
||||
|
||||
static int
|
||||
imath_rsa_generate_key(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb)
|
||||
{
|
||||
mpz_t el, p, q, n, d, dmp1, dmq1, iqmp, t1, t2, t3;
|
||||
int counter, ret;
|
||||
|
||||
if (bits < 789)
|
||||
return -1;
|
||||
|
||||
ret = -1;
|
||||
|
||||
mp_int_init(&el);
|
||||
mp_int_init(&p);
|
||||
mp_int_init(&q);
|
||||
mp_int_init(&n);
|
||||
mp_int_init(&d);
|
||||
mp_int_init(&dmp1);
|
||||
mp_int_init(&dmq1);
|
||||
mp_int_init(&iqmp);
|
||||
mp_int_init(&t1);
|
||||
mp_int_init(&t2);
|
||||
mp_int_init(&t3);
|
||||
|
||||
BN2mpz(&el, e);
|
||||
|
||||
/* generate p and q so that p != q and bits(pq) ~ bits */
|
||||
counter = 0;
|
||||
do {
|
||||
BN_GENCB_call(cb, 2, counter++);
|
||||
CHECK(random_num(&p, bits / 2 + 1), 0);
|
||||
CHECK(mp_int_find_prime(&p), MP_TRUE);
|
||||
|
||||
CHECK(mp_int_sub_value(&p, 1, &t1), MP_OK);
|
||||
CHECK(mp_int_gcd(&t1, &el, &t2), MP_OK);
|
||||
} while(mp_int_compare_value(&t2, 1) != 0);
|
||||
|
||||
BN_GENCB_call(cb, 3, 0);
|
||||
|
||||
counter = 0;
|
||||
do {
|
||||
BN_GENCB_call(cb, 2, counter++);
|
||||
CHECK(random_num(&q, bits / 2 + 1), 0);
|
||||
CHECK(mp_int_find_prime(&q), MP_TRUE);
|
||||
|
||||
if (mp_int_compare(&p, &q) == 0) /* don't let p and q be the same */
|
||||
continue;
|
||||
|
||||
CHECK(mp_int_sub_value(&q, 1, &t1), MP_OK);
|
||||
CHECK(mp_int_gcd(&t1, &el, &t2), MP_OK);
|
||||
} while(mp_int_compare_value(&t2, 1) != 0);
|
||||
|
||||
/* make p > q */
|
||||
if (mp_int_compare(&p, &q) < 0)
|
||||
mp_int_swap(&p, &q);
|
||||
|
||||
BN_GENCB_call(cb, 3, 1);
|
||||
|
||||
/* calculate n, n = p * q */
|
||||
CHECK(mp_int_mul(&p, &q, &n), MP_OK);
|
||||
|
||||
/* calculate d, d = 1/e mod (p - 1)(q - 1) */
|
||||
CHECK(mp_int_sub_value(&p, 1, &t1), MP_OK);
|
||||
CHECK(mp_int_sub_value(&q, 1, &t2), MP_OK);
|
||||
CHECK(mp_int_mul(&t1, &t2, &t3), MP_OK);
|
||||
CHECK(mp_int_invmod(&el, &t3, &d), MP_OK);
|
||||
|
||||
/* calculate dmp1 dmp1 = d mod (p-1) */
|
||||
CHECK(mp_int_mod(&d, &t1, &dmp1), MP_OK);
|
||||
/* calculate dmq1 dmq1 = d mod (q-1) */
|
||||
CHECK(mp_int_mod(&d, &t2, &dmq1), MP_OK);
|
||||
/* calculate iqmp iqmp = 1/q mod p */
|
||||
CHECK(mp_int_invmod(&q, &p, &iqmp), MP_OK);
|
||||
|
||||
/* fill in RSA key */
|
||||
|
||||
rsa->e = mpz2BN(&el);
|
||||
rsa->p = mpz2BN(&p);
|
||||
rsa->q = mpz2BN(&q);
|
||||
rsa->n = mpz2BN(&n);
|
||||
rsa->d = mpz2BN(&d);
|
||||
rsa->dmp1 = mpz2BN(&dmp1);
|
||||
rsa->dmq1 = mpz2BN(&dmq1);
|
||||
rsa->iqmp = mpz2BN(&iqmp);
|
||||
|
||||
ret = 1;
|
||||
out:
|
||||
mp_int_clear(&el);
|
||||
mp_int_clear(&p);
|
||||
mp_int_clear(&q);
|
||||
mp_int_clear(&n);
|
||||
mp_int_clear(&d);
|
||||
mp_int_clear(&dmp1);
|
||||
mp_int_clear(&dmq1);
|
||||
mp_int_clear(&iqmp);
|
||||
mp_int_clear(&t1);
|
||||
mp_int_clear(&t2);
|
||||
mp_int_clear(&t3);
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
static int
|
||||
imath_rsa_init(RSA *rsa)
|
||||
{
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int
|
||||
imath_rsa_finish(RSA *rsa)
|
||||
{
|
||||
return 1;
|
||||
}
|
||||
|
||||
const RSA_METHOD hc_rsa_imath_method = {
|
||||
"hcrypto imath RSA",
|
||||
imath_rsa_public_encrypt,
|
||||
imath_rsa_public_decrypt,
|
||||
imath_rsa_private_encrypt,
|
||||
imath_rsa_private_decrypt,
|
||||
NULL,
|
||||
NULL,
|
||||
imath_rsa_init,
|
||||
imath_rsa_finish,
|
||||
0,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
imath_rsa_generate_key
|
||||
};
|
||||
|
||||
const RSA_METHOD *
|
||||
RSA_imath_method(void)
|
||||
{
|
||||
return &hc_rsa_imath_method;
|
||||
}
|
||||
@@ -0,0 +1,472 @@
|
||||
/*
|
||||
* Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include <config.h>
|
||||
#endif
|
||||
|
||||
RCSID("$Id$");
|
||||
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <krb5-types.h>
|
||||
#include <rfc2459_asn1.h>
|
||||
|
||||
#include <rsa.h>
|
||||
|
||||
#include <roken.h>
|
||||
|
||||
RSA *
|
||||
RSA_new(void)
|
||||
{
|
||||
return RSA_new_method(NULL);
|
||||
}
|
||||
|
||||
RSA *
|
||||
RSA_new_method(ENGINE *engine)
|
||||
{
|
||||
RSA *rsa;
|
||||
|
||||
rsa = calloc(1, sizeof(*rsa));
|
||||
if (rsa == NULL)
|
||||
return NULL;
|
||||
|
||||
rsa->references = 1;
|
||||
|
||||
if (engine) {
|
||||
ENGINE_up_ref(engine);
|
||||
rsa->engine = engine;
|
||||
} else {
|
||||
rsa->engine = ENGINE_get_default_RSA();
|
||||
}
|
||||
|
||||
if (rsa->engine) {
|
||||
rsa->meth = ENGINE_get_RSA(rsa->engine);
|
||||
if (rsa->meth == NULL) {
|
||||
ENGINE_finish(engine);
|
||||
free(rsa);
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
|
||||
if (rsa->meth == NULL)
|
||||
rsa->meth = rk_UNCONST(RSA_get_default_method());
|
||||
|
||||
(*rsa->meth->init)(rsa);
|
||||
|
||||
return rsa;
|
||||
}
|
||||
|
||||
|
||||
void
|
||||
RSA_free(RSA *rsa)
|
||||
{
|
||||
if (rsa->references <= 0)
|
||||
abort();
|
||||
|
||||
if (--rsa->references > 0)
|
||||
return;
|
||||
|
||||
(*rsa->meth->finish)(rsa);
|
||||
|
||||
if (rsa->engine)
|
||||
ENGINE_finish(rsa->engine);
|
||||
|
||||
#define free_if(f) if (f) { BN_free(f); }
|
||||
free_if(rsa->n);
|
||||
free_if(rsa->e);
|
||||
free_if(rsa->d);
|
||||
free_if(rsa->p);
|
||||
free_if(rsa->q);
|
||||
free_if(rsa->dmp1);
|
||||
free_if(rsa->dmq1);
|
||||
free_if(rsa->iqmp);
|
||||
#undef free_if
|
||||
|
||||
memset(rsa, 0, sizeof(*rsa));
|
||||
free(rsa);
|
||||
}
|
||||
|
||||
int
|
||||
RSA_up_ref(RSA *rsa)
|
||||
{
|
||||
return ++rsa->references;
|
||||
}
|
||||
|
||||
const RSA_METHOD *
|
||||
RSA_get_method(const RSA *rsa)
|
||||
{
|
||||
return rsa->meth;
|
||||
}
|
||||
|
||||
int
|
||||
RSA_set_method(RSA *rsa, const RSA_METHOD *method)
|
||||
{
|
||||
(*rsa->meth->finish)(rsa);
|
||||
|
||||
if (rsa->engine) {
|
||||
ENGINE_finish(rsa->engine);
|
||||
rsa->engine = NULL;
|
||||
}
|
||||
|
||||
rsa->meth = method;
|
||||
(*rsa->meth->init)(rsa);
|
||||
return 1;
|
||||
}
|
||||
|
||||
int
|
||||
RSA_set_app_data(RSA *rsa, void *arg)
|
||||
{
|
||||
rsa->ex_data.sk = arg;
|
||||
return 1;
|
||||
}
|
||||
|
||||
void *
|
||||
RSA_get_app_data(RSA *rsa)
|
||||
{
|
||||
return rsa->ex_data.sk;
|
||||
}
|
||||
|
||||
int
|
||||
RSA_check_key(const RSA *key)
|
||||
{
|
||||
static const unsigned char inbuf[] = "hello, world!";
|
||||
RSA *rsa = rk_UNCONST(key);
|
||||
void *buffer;
|
||||
int ret;
|
||||
|
||||
/*
|
||||
* XXX I have no clue how to implement this w/o a bignum library.
|
||||
* Well, when we have a RSA key pair, we can try to encrypt/sign
|
||||
* and then decrypt/verify.
|
||||
*/
|
||||
|
||||
if ((rsa->d == NULL || rsa->n == NULL) &&
|
||||
(rsa->p == NULL || rsa->q || rsa->dmp1 == NULL || rsa->dmq1 == NULL || rsa->iqmp == NULL))
|
||||
return 0;
|
||||
|
||||
buffer = malloc(RSA_size(rsa));
|
||||
if (buffer == NULL)
|
||||
return 0;
|
||||
|
||||
ret = RSA_private_encrypt(sizeof(inbuf), inbuf, buffer,
|
||||
rsa, RSA_PKCS1_PADDING);
|
||||
if (ret == -1) {
|
||||
free(buffer);
|
||||
return 0;
|
||||
}
|
||||
|
||||
ret = RSA_public_decrypt(ret, buffer, buffer,
|
||||
rsa, RSA_PKCS1_PADDING);
|
||||
if (ret == -1) {
|
||||
free(buffer);
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (ret == sizeof(inbuf) && memcmp(buffer, inbuf, sizeof(inbuf)) == 0) {
|
||||
free(buffer);
|
||||
return 1;
|
||||
}
|
||||
free(buffer);
|
||||
return 0;
|
||||
}
|
||||
|
||||
int
|
||||
RSA_size(const RSA *rsa)
|
||||
{
|
||||
return BN_num_bytes(rsa->n);
|
||||
}
|
||||
|
||||
#define RSAFUNC(name, body) \
|
||||
int \
|
||||
name(int flen,const unsigned char* f, unsigned char* t, RSA* r, int p){\
|
||||
return body; \
|
||||
}
|
||||
|
||||
RSAFUNC(RSA_public_encrypt, (r)->meth->rsa_pub_enc(flen, f, t, r, p))
|
||||
RSAFUNC(RSA_public_decrypt, (r)->meth->rsa_pub_dec(flen, f, t, r, p))
|
||||
RSAFUNC(RSA_private_encrypt, (r)->meth->rsa_priv_enc(flen, f, t, r, p))
|
||||
RSAFUNC(RSA_private_decrypt, (r)->meth->rsa_priv_dec(flen, f, t, r, p))
|
||||
|
||||
/* XXX */
|
||||
int
|
||||
RSA_sign(int type, const unsigned char *from, unsigned int flen,
|
||||
unsigned char *to, unsigned int *tlen, RSA *rsa)
|
||||
{
|
||||
return -1;
|
||||
}
|
||||
|
||||
int
|
||||
RSA_verify(int type, const unsigned char *from, unsigned int flen,
|
||||
unsigned char *to, unsigned int tlen, RSA *rsa)
|
||||
{
|
||||
return -1;
|
||||
}
|
||||
|
||||
/*
|
||||
* A NULL RSA_METHOD that returns failure for all operations. This is
|
||||
* used as the default RSA method if we don't have any native
|
||||
* support.
|
||||
*/
|
||||
|
||||
static RSAFUNC(null_rsa_public_encrypt, -1)
|
||||
static RSAFUNC(null_rsa_public_decrypt, -1)
|
||||
static RSAFUNC(null_rsa_private_encrypt, -1)
|
||||
static RSAFUNC(null_rsa_private_decrypt, -1)
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
int
|
||||
RSA_generate_key_ex(RSA *r, int bits, BIGNUM *e, BN_GENCB *cb)
|
||||
{
|
||||
if (r->meth->rsa_keygen)
|
||||
return (*r->meth->rsa_keygen)(r, bits, e, cb);
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
static int
|
||||
null_rsa_init(RSA *rsa)
|
||||
{
|
||||
return 1;
|
||||
}
|
||||
|
||||
static int
|
||||
null_rsa_finish(RSA *rsa)
|
||||
{
|
||||
return 1;
|
||||
}
|
||||
|
||||
static const RSA_METHOD rsa_null_method = {
|
||||
"hcrypto null RSA",
|
||||
null_rsa_public_encrypt,
|
||||
null_rsa_public_decrypt,
|
||||
null_rsa_private_encrypt,
|
||||
null_rsa_private_decrypt,
|
||||
NULL,
|
||||
NULL,
|
||||
null_rsa_init,
|
||||
null_rsa_finish,
|
||||
0,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL
|
||||
};
|
||||
|
||||
const RSA_METHOD *
|
||||
RSA_null_method(void)
|
||||
{
|
||||
return &rsa_null_method;
|
||||
}
|
||||
|
||||
extern const RSA_METHOD hc_rsa_imath_method;
|
||||
static const RSA_METHOD *default_rsa_method = &hc_rsa_imath_method;
|
||||
|
||||
const RSA_METHOD *
|
||||
RSA_get_default_method(void)
|
||||
{
|
||||
return default_rsa_method;
|
||||
}
|
||||
|
||||
void
|
||||
RSA_set_default_method(const RSA_METHOD *meth)
|
||||
{
|
||||
default_rsa_method = meth;
|
||||
}
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
static BIGNUM *
|
||||
heim_int2BN(const heim_integer *i)
|
||||
{
|
||||
BIGNUM *bn;
|
||||
|
||||
bn = BN_bin2bn(i->data, i->length, NULL);
|
||||
if (bn)
|
||||
BN_set_negative(bn, i->negative);
|
||||
return bn;
|
||||
}
|
||||
|
||||
static int
|
||||
bn2heim_int(BIGNUM *bn, heim_integer *integer)
|
||||
{
|
||||
integer->length = BN_num_bytes(bn);
|
||||
integer->data = malloc(integer->length);
|
||||
if (integer->data == NULL) {
|
||||
integer->length = 0;
|
||||
return ENOMEM;
|
||||
}
|
||||
BN_bn2bin(bn, integer->data);
|
||||
integer->negative = BN_is_negative(bn);
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
RSA *
|
||||
d2i_RSAPrivateKey(RSA *rsa, const unsigned char **pp, size_t len)
|
||||
{
|
||||
RSAPrivateKey data;
|
||||
RSA *k = rsa;
|
||||
size_t size;
|
||||
int ret;
|
||||
|
||||
ret = decode_RSAPrivateKey(*pp, len, &data, &size);
|
||||
if (ret)
|
||||
return NULL;
|
||||
|
||||
*pp += size;
|
||||
|
||||
if (k == NULL) {
|
||||
k = RSA_new();
|
||||
if (k == NULL) {
|
||||
free_RSAPrivateKey(&data);
|
||||
return NULL;
|
||||
}
|
||||
}
|
||||
|
||||
k->n = heim_int2BN(&data.modulus);
|
||||
k->e = heim_int2BN(&data.publicExponent);
|
||||
k->d = heim_int2BN(&data.privateExponent);
|
||||
k->p = heim_int2BN(&data.prime1);
|
||||
k->q = heim_int2BN(&data.prime2);
|
||||
k->dmp1 = heim_int2BN(&data.exponent1);
|
||||
k->dmq1 = heim_int2BN(&data.exponent2);
|
||||
k->iqmp = heim_int2BN(&data.coefficient);
|
||||
free_RSAPrivateKey(&data);
|
||||
|
||||
if (k->n == NULL || k->e == NULL || k->d == NULL || k->p == NULL ||
|
||||
k->q == NULL || k->dmp1 == NULL || k->dmq1 == NULL || k->iqmp == NULL)
|
||||
{
|
||||
RSA_free(k);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
return k;
|
||||
}
|
||||
|
||||
int
|
||||
i2d_RSAPrivateKey(RSA *rsa, unsigned char **pp)
|
||||
{
|
||||
RSAPrivateKey data;
|
||||
size_t size;
|
||||
int ret;
|
||||
|
||||
if (rsa->n == NULL || rsa->e == NULL || rsa->d == NULL || rsa->p == NULL ||
|
||||
rsa->q == NULL || rsa->dmp1 == NULL || rsa->dmq1 == NULL ||
|
||||
rsa->iqmp == NULL)
|
||||
return -1;
|
||||
|
||||
memset(&data, 0, sizeof(data));
|
||||
|
||||
ret = bn2heim_int(rsa->n, &data.modulus);
|
||||
ret |= bn2heim_int(rsa->e, &data.publicExponent);
|
||||
ret |= bn2heim_int(rsa->d, &data.privateExponent);
|
||||
ret |= bn2heim_int(rsa->p, &data.prime1);
|
||||
ret |= bn2heim_int(rsa->q, &data.prime2);
|
||||
ret |= bn2heim_int(rsa->dmp1, &data.exponent1);
|
||||
ret |= bn2heim_int(rsa->dmq1, &data.exponent2);
|
||||
ret |= bn2heim_int(rsa->iqmp, &data.coefficient);
|
||||
if (ret) {
|
||||
free_RSAPrivateKey(&data);
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (pp == NULL) {
|
||||
size = length_RSAPrivateKey(&data);
|
||||
free_RSAPrivateKey(&data);
|
||||
} else {
|
||||
void *p;
|
||||
size_t len;
|
||||
|
||||
ASN1_MALLOC_ENCODE(RSAPrivateKey, p, len, &data, &size, ret);
|
||||
free_RSAPrivateKey(&data);
|
||||
if (ret)
|
||||
return -1;
|
||||
if (len != size)
|
||||
abort();
|
||||
|
||||
memcpy(*pp, p, size);
|
||||
free(p);
|
||||
|
||||
*pp += size;
|
||||
|
||||
}
|
||||
return size;
|
||||
}
|
||||
|
||||
int
|
||||
i2d_RSAPublicKey(RSA *rsa, unsigned char **pp)
|
||||
{
|
||||
RSAPublicKey data;
|
||||
size_t size;
|
||||
int ret;
|
||||
|
||||
memset(&data, 0, sizeof(data));
|
||||
|
||||
if (bn2heim_int(rsa->n, &data.modulus) ||
|
||||
bn2heim_int(rsa->e, &data.publicExponent))
|
||||
{
|
||||
free_RSAPublicKey(&data);
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (pp == NULL) {
|
||||
size = length_RSAPublicKey(&data);
|
||||
free_RSAPublicKey(&data);
|
||||
} else {
|
||||
void *p;
|
||||
size_t len;
|
||||
|
||||
ASN1_MALLOC_ENCODE(RSAPublicKey, p, len, &data, &size, ret);
|
||||
free_RSAPublicKey(&data);
|
||||
if (ret)
|
||||
return -1;
|
||||
if (len != size)
|
||||
abort();
|
||||
|
||||
memcpy(*pp, p, size);
|
||||
free(p);
|
||||
|
||||
*pp += size;
|
||||
}
|
||||
|
||||
return size;
|
||||
}
|
||||
@@ -0,0 +1,175 @@
|
||||
/*
|
||||
* Copyright (c) 2006 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
/*
|
||||
* $Id$
|
||||
*/
|
||||
|
||||
#ifndef _HEIM_RSA_H
|
||||
#define _HEIM_RSA_H 1
|
||||
|
||||
/* symbol renaming */
|
||||
#define RSA_null_method hc_RSA_null_method
|
||||
#define RSA_imath_method hc_RSA_imath_method
|
||||
#define RSA_new hc_RSA_new
|
||||
#define RSA_new_method hc_RSA_new_method
|
||||
#define RSA_free hc_RSA_free
|
||||
#define RSA_up_ref hc_RSA_up_ref
|
||||
#define RSA_set_default_method hc_RSA_set_default_method
|
||||
#define RSA_get_default_method hc_RSA_get_default_method
|
||||
#define RSA_set_method hc_RSA_set_method
|
||||
#define RSA_get_method hc_RSA_get_method
|
||||
#define RSA_set_app_data hc_RSA_set_app_data
|
||||
#define RSA_get_app_data hc_RSA_get_app_data
|
||||
#define RSA_check_key hc_RSA_check_key
|
||||
#define RSA_size hc_RSA_size
|
||||
#define RSA_public_encrypt hc_RSA_public_encrypt
|
||||
#define RSA_public_decrypt hc_RSA_public_decrypt
|
||||
#define RSA_private_encrypt hc_RSA_private_encrypt
|
||||
#define RSA_private_decrypt hc_RSA_private_decrypt
|
||||
#define RSA_sign hc_RSA_sign
|
||||
#define RSA_verify hc_RSA_verify
|
||||
#define RSA_generate_key_ex hc_RSA_generate_key_ex
|
||||
#define d2i_RSAPrivateKey hc_d2i_RSAPrivateKey
|
||||
#define i2d_RSAPrivateKey hc_i2d_RSAPrivateKey
|
||||
#define i2d_RSAPublicKey hc_i2d_RSAPublicKey
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
typedef struct RSA RSA;
|
||||
typedef struct RSA_METHOD RSA_METHOD;
|
||||
|
||||
#include <hcrypto/bn.h>
|
||||
#include <hcrypto/engine.h>
|
||||
|
||||
struct RSA_METHOD {
|
||||
const char *name;
|
||||
int (*rsa_pub_enc)(int,const unsigned char *, unsigned char *, RSA *,int);
|
||||
int (*rsa_pub_dec)(int,const unsigned char *, unsigned char *, RSA *,int);
|
||||
int (*rsa_priv_enc)(int,const unsigned char *, unsigned char *, RSA *,int);
|
||||
int (*rsa_priv_dec)(int,const unsigned char *, unsigned char *, RSA *,int);
|
||||
void *rsa_mod_exp;
|
||||
void *bn_mod_exp;
|
||||
int (*init)(RSA *rsa);
|
||||
int (*finish)(RSA *rsa);
|
||||
int flags;
|
||||
char *app_data;
|
||||
int (*rsa_sign)(int, const unsigned char *, unsigned int,
|
||||
unsigned char *, unsigned int *, const RSA *);
|
||||
int (*rsa_verify)(int, const unsigned char *, unsigned int,
|
||||
unsigned char *, unsigned int, const RSA *);
|
||||
int (*rsa_keygen)(RSA *, int, BIGNUM *, BN_GENCB *);
|
||||
};
|
||||
|
||||
struct RSA {
|
||||
int pad;
|
||||
long version;
|
||||
const RSA_METHOD *meth;
|
||||
void *engine;
|
||||
BIGNUM *n;
|
||||
BIGNUM *e;
|
||||
BIGNUM *d;
|
||||
BIGNUM *p;
|
||||
BIGNUM *q;
|
||||
BIGNUM *dmp1;
|
||||
BIGNUM *dmq1;
|
||||
BIGNUM *iqmp;
|
||||
struct rsa_CRYPTO_EX_DATA {
|
||||
void *sk;
|
||||
int dummy;
|
||||
} ex_data;
|
||||
int references;
|
||||
int flags;
|
||||
void *_method_mod_n;
|
||||
void *_method_mod_p;
|
||||
void *_method_mod_q;
|
||||
|
||||
char *bignum_data;
|
||||
void *blinding;
|
||||
void *mt_blinding;
|
||||
};
|
||||
|
||||
#define RSA_FLAG_NO_BLINDING 0x0080
|
||||
|
||||
#define RSA_PKCS1_PADDING 1
|
||||
#define RSA_PKCS1_OAEP_PADDING 4
|
||||
#define RSA_PKCS1_PADDING_SIZE 11
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
const RSA_METHOD *RSA_null_method(void);
|
||||
const RSA_METHOD *RSA_imath_method(void);
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
RSA * RSA_new(void);
|
||||
RSA * RSA_new_method(ENGINE *);
|
||||
void RSA_free(RSA *);
|
||||
int RSA_up_ref(RSA *);
|
||||
|
||||
void RSA_set_default_method(const RSA_METHOD *);
|
||||
const RSA_METHOD * RSA_get_default_method(void);
|
||||
|
||||
const RSA_METHOD * RSA_get_method(const RSA *);
|
||||
int RSA_set_method(RSA *, const RSA_METHOD *);
|
||||
|
||||
int RSA_set_app_data(RSA *, void *arg);
|
||||
void * RSA_get_app_data(RSA *);
|
||||
|
||||
int RSA_check_key(const RSA *);
|
||||
int RSA_size(const RSA *);
|
||||
|
||||
int RSA_public_encrypt(int,const unsigned char*,unsigned char*,RSA *,int);
|
||||
int RSA_private_encrypt(int,const unsigned char*,unsigned char*,RSA *,int);
|
||||
int RSA_public_decrypt(int,const unsigned char*,unsigned char*,RSA *,int);
|
||||
int RSA_private_decrypt(int,const unsigned char*,unsigned char*,RSA *,int);
|
||||
|
||||
int RSA_sign(int, const unsigned char *, unsigned int,
|
||||
unsigned char *, unsigned int *, RSA *);
|
||||
int RSA_verify(int, const unsigned char *, unsigned int,
|
||||
unsigned char *, unsigned int, RSA *);
|
||||
|
||||
int RSA_generate_key_ex(RSA *, int, BIGNUM *, BN_GENCB *);
|
||||
|
||||
RSA * d2i_RSAPrivateKey(RSA *, const unsigned char **, size_t);
|
||||
int i2d_RSAPrivateKey(RSA *, unsigned char **);
|
||||
|
||||
int i2d_RSAPublicKey(RSA *, unsigned char **);
|
||||
|
||||
#endif /* _HEIM_RSA_H */
|
||||
Binary file not shown.
@@ -0,0 +1,300 @@
|
||||
/*
|
||||
* Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include "config.h"
|
||||
|
||||
RCSID("$Id$");
|
||||
#endif
|
||||
|
||||
#include "hash.h"
|
||||
#include "sha.h"
|
||||
|
||||
#define A m->counter[0]
|
||||
#define B m->counter[1]
|
||||
#define C m->counter[2]
|
||||
#define D m->counter[3]
|
||||
#define E m->counter[4]
|
||||
#define X data
|
||||
|
||||
void
|
||||
SHA1_Init (struct sha *m)
|
||||
{
|
||||
m->sz[0] = 0;
|
||||
m->sz[1] = 0;
|
||||
A = 0x67452301;
|
||||
B = 0xefcdab89;
|
||||
C = 0x98badcfe;
|
||||
D = 0x10325476;
|
||||
E = 0xc3d2e1f0;
|
||||
}
|
||||
|
||||
|
||||
#define F0(x,y,z) CRAYFIX((x & y) | (~x & z))
|
||||
#define F1(x,y,z) (x ^ y ^ z)
|
||||
#define F2(x,y,z) ((x & y) | (x & z) | (y & z))
|
||||
#define F3(x,y,z) F1(x,y,z)
|
||||
|
||||
#define K0 0x5a827999
|
||||
#define K1 0x6ed9eba1
|
||||
#define K2 0x8f1bbcdc
|
||||
#define K3 0xca62c1d6
|
||||
|
||||
#define DO(t,f,k) \
|
||||
do { \
|
||||
uint32_t temp; \
|
||||
\
|
||||
temp = cshift(AA, 5) + f(BB,CC,DD) + EE + data[t] + k; \
|
||||
EE = DD; \
|
||||
DD = CC; \
|
||||
CC = cshift(BB, 30); \
|
||||
BB = AA; \
|
||||
AA = temp; \
|
||||
} while(0)
|
||||
|
||||
static inline void
|
||||
calc (struct sha *m, uint32_t *in)
|
||||
{
|
||||
uint32_t AA, BB, CC, DD, EE;
|
||||
uint32_t data[80];
|
||||
int i;
|
||||
|
||||
AA = A;
|
||||
BB = B;
|
||||
CC = C;
|
||||
DD = D;
|
||||
EE = E;
|
||||
|
||||
for (i = 0; i < 16; ++i)
|
||||
data[i] = in[i];
|
||||
for (i = 16; i < 80; ++i)
|
||||
data[i] = cshift(data[i-3] ^ data[i-8] ^ data[i-14] ^ data[i-16], 1);
|
||||
|
||||
/* t=[0,19] */
|
||||
|
||||
DO(0,F0,K0);
|
||||
DO(1,F0,K0);
|
||||
DO(2,F0,K0);
|
||||
DO(3,F0,K0);
|
||||
DO(4,F0,K0);
|
||||
DO(5,F0,K0);
|
||||
DO(6,F0,K0);
|
||||
DO(7,F0,K0);
|
||||
DO(8,F0,K0);
|
||||
DO(9,F0,K0);
|
||||
DO(10,F0,K0);
|
||||
DO(11,F0,K0);
|
||||
DO(12,F0,K0);
|
||||
DO(13,F0,K0);
|
||||
DO(14,F0,K0);
|
||||
DO(15,F0,K0);
|
||||
DO(16,F0,K0);
|
||||
DO(17,F0,K0);
|
||||
DO(18,F0,K0);
|
||||
DO(19,F0,K0);
|
||||
|
||||
/* t=[20,39] */
|
||||
|
||||
DO(20,F1,K1);
|
||||
DO(21,F1,K1);
|
||||
DO(22,F1,K1);
|
||||
DO(23,F1,K1);
|
||||
DO(24,F1,K1);
|
||||
DO(25,F1,K1);
|
||||
DO(26,F1,K1);
|
||||
DO(27,F1,K1);
|
||||
DO(28,F1,K1);
|
||||
DO(29,F1,K1);
|
||||
DO(30,F1,K1);
|
||||
DO(31,F1,K1);
|
||||
DO(32,F1,K1);
|
||||
DO(33,F1,K1);
|
||||
DO(34,F1,K1);
|
||||
DO(35,F1,K1);
|
||||
DO(36,F1,K1);
|
||||
DO(37,F1,K1);
|
||||
DO(38,F1,K1);
|
||||
DO(39,F1,K1);
|
||||
|
||||
/* t=[40,59] */
|
||||
|
||||
DO(40,F2,K2);
|
||||
DO(41,F2,K2);
|
||||
DO(42,F2,K2);
|
||||
DO(43,F2,K2);
|
||||
DO(44,F2,K2);
|
||||
DO(45,F2,K2);
|
||||
DO(46,F2,K2);
|
||||
DO(47,F2,K2);
|
||||
DO(48,F2,K2);
|
||||
DO(49,F2,K2);
|
||||
DO(50,F2,K2);
|
||||
DO(51,F2,K2);
|
||||
DO(52,F2,K2);
|
||||
DO(53,F2,K2);
|
||||
DO(54,F2,K2);
|
||||
DO(55,F2,K2);
|
||||
DO(56,F2,K2);
|
||||
DO(57,F2,K2);
|
||||
DO(58,F2,K2);
|
||||
DO(59,F2,K2);
|
||||
|
||||
/* t=[60,79] */
|
||||
|
||||
DO(60,F3,K3);
|
||||
DO(61,F3,K3);
|
||||
DO(62,F3,K3);
|
||||
DO(63,F3,K3);
|
||||
DO(64,F3,K3);
|
||||
DO(65,F3,K3);
|
||||
DO(66,F3,K3);
|
||||
DO(67,F3,K3);
|
||||
DO(68,F3,K3);
|
||||
DO(69,F3,K3);
|
||||
DO(70,F3,K3);
|
||||
DO(71,F3,K3);
|
||||
DO(72,F3,K3);
|
||||
DO(73,F3,K3);
|
||||
DO(74,F3,K3);
|
||||
DO(75,F3,K3);
|
||||
DO(76,F3,K3);
|
||||
DO(77,F3,K3);
|
||||
DO(78,F3,K3);
|
||||
DO(79,F3,K3);
|
||||
|
||||
A += AA;
|
||||
B += BB;
|
||||
C += CC;
|
||||
D += DD;
|
||||
E += EE;
|
||||
}
|
||||
|
||||
/*
|
||||
* From `Performance analysis of MD5' by Joseph D. Touch <touch@isi.edu>
|
||||
*/
|
||||
|
||||
#if !defined(WORDS_BIGENDIAN) || defined(_CRAY)
|
||||
static inline uint32_t
|
||||
swap_uint32_t (uint32_t t)
|
||||
{
|
||||
#define ROL(x,n) ((x)<<(n))|((x)>>(32-(n)))
|
||||
uint32_t temp1, temp2;
|
||||
|
||||
temp1 = cshift(t, 16);
|
||||
temp2 = temp1 >> 8;
|
||||
temp1 &= 0x00ff00ff;
|
||||
temp2 &= 0x00ff00ff;
|
||||
temp1 <<= 8;
|
||||
return temp1 | temp2;
|
||||
}
|
||||
#endif
|
||||
|
||||
struct x32{
|
||||
unsigned int a:32;
|
||||
unsigned int b:32;
|
||||
};
|
||||
|
||||
void
|
||||
SHA1_Update (struct sha *m, const void *v, size_t len)
|
||||
{
|
||||
const unsigned char *p = v;
|
||||
size_t old_sz = m->sz[0];
|
||||
size_t offset;
|
||||
|
||||
m->sz[0] += len * 8;
|
||||
if (m->sz[0] < old_sz)
|
||||
++m->sz[1];
|
||||
offset = (old_sz / 8) % 64;
|
||||
while(len > 0){
|
||||
size_t l = min(len, 64 - offset);
|
||||
memcpy(m->save + offset, p, l);
|
||||
offset += l;
|
||||
p += l;
|
||||
len -= l;
|
||||
if(offset == 64){
|
||||
#if !defined(WORDS_BIGENDIAN) || defined(_CRAY)
|
||||
int i;
|
||||
uint32_t current[16];
|
||||
struct x32 *u = (struct x32*)m->save;
|
||||
for(i = 0; i < 8; i++){
|
||||
current[2*i+0] = swap_uint32_t(u[i].a);
|
||||
current[2*i+1] = swap_uint32_t(u[i].b);
|
||||
}
|
||||
calc(m, current);
|
||||
#else
|
||||
calc(m, (uint32_t*)m->save);
|
||||
#endif
|
||||
offset = 0;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
void
|
||||
SHA1_Final (void *res, struct sha *m)
|
||||
{
|
||||
unsigned char zeros[72];
|
||||
unsigned offset = (m->sz[0] / 8) % 64;
|
||||
unsigned int dstart = (120 - offset - 1) % 64 + 1;
|
||||
|
||||
*zeros = 0x80;
|
||||
memset (zeros + 1, 0, sizeof(zeros) - 1);
|
||||
zeros[dstart+7] = (m->sz[0] >> 0) & 0xff;
|
||||
zeros[dstart+6] = (m->sz[0] >> 8) & 0xff;
|
||||
zeros[dstart+5] = (m->sz[0] >> 16) & 0xff;
|
||||
zeros[dstart+4] = (m->sz[0] >> 24) & 0xff;
|
||||
zeros[dstart+3] = (m->sz[1] >> 0) & 0xff;
|
||||
zeros[dstart+2] = (m->sz[1] >> 8) & 0xff;
|
||||
zeros[dstart+1] = (m->sz[1] >> 16) & 0xff;
|
||||
zeros[dstart+0] = (m->sz[1] >> 24) & 0xff;
|
||||
SHA1_Update (m, zeros, dstart + 8);
|
||||
{
|
||||
int i;
|
||||
unsigned char *r = (unsigned char*)res;
|
||||
|
||||
for (i = 0; i < 5; ++i) {
|
||||
r[4*i+3] = m->counter[i] & 0xFF;
|
||||
r[4*i+2] = (m->counter[i] >> 8) & 0xFF;
|
||||
r[4*i+1] = (m->counter[i] >> 16) & 0xFF;
|
||||
r[4*i] = (m->counter[i] >> 24) & 0xFF;
|
||||
}
|
||||
}
|
||||
#if 0
|
||||
{
|
||||
int i;
|
||||
uint32_t *r = (uint32_t *)res;
|
||||
|
||||
for (i = 0; i < 5; ++i)
|
||||
r[i] = swap_uint32_t (m->counter[i]);
|
||||
}
|
||||
#endif
|
||||
}
|
||||
@@ -0,0 +1,83 @@
|
||||
/*
|
||||
* Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
/* $Id$ */
|
||||
|
||||
#ifndef HEIM_SHA_H
|
||||
#define HEIM_SHA_H 1
|
||||
|
||||
/* symbol renaming */
|
||||
#define SHA1_Init hc_SHA1_Init
|
||||
#define SHA1_Update hc_SHA1_Update
|
||||
#define SHA1_Final hc_SHA1_Final
|
||||
#define SHA256_Init hc_SHA256_Init
|
||||
#define SHA256_Update hc_SHA256_Update
|
||||
#define SHA256_Final hc_SHA256_Final
|
||||
|
||||
/*
|
||||
* SHA-1
|
||||
*/
|
||||
|
||||
#define SHA_DIGEST_LENGTH 20
|
||||
|
||||
struct sha {
|
||||
unsigned int sz[2];
|
||||
uint32_t counter[5];
|
||||
unsigned char save[64];
|
||||
};
|
||||
|
||||
typedef struct sha SHA_CTX;
|
||||
|
||||
void SHA1_Init (struct sha *m);
|
||||
void SHA1_Update (struct sha *m, const void *v, size_t len);
|
||||
void SHA1_Final (void *res, struct sha *m);
|
||||
|
||||
/*
|
||||
* SHA-2 256
|
||||
*/
|
||||
|
||||
#define SHA256_DIGEST_LENGTH 32
|
||||
|
||||
struct hc_sha256state {
|
||||
unsigned int sz[2];
|
||||
uint32_t counter[8];
|
||||
unsigned char save[64];
|
||||
};
|
||||
|
||||
typedef struct hc_sha256state SHA256_CTX;
|
||||
|
||||
void SHA256_Init (SHA256_CTX *);
|
||||
void SHA256_Update (SHA256_CTX *, const void *, size_t);
|
||||
void SHA256_Final (void *, SHA256_CTX *);
|
||||
|
||||
#endif /* HEIM_SHA_H */
|
||||
@@ -0,0 +1,233 @@
|
||||
/*
|
||||
* Copyright (c) 2006 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include "config.h"
|
||||
|
||||
RCSID("$Id$");
|
||||
#endif
|
||||
|
||||
#include "hash.h"
|
||||
#include "sha.h"
|
||||
|
||||
#define Ch(x,y,z) (((x) & (y)) ^ ((~(x)) & (z)))
|
||||
#define Maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
|
||||
|
||||
#define ROTR(x,n) (((x)>>(n)) | ((x) << (32 - (n))))
|
||||
|
||||
#define Sigma0(x) (ROTR(x,2) ^ ROTR(x,13) ^ ROTR(x,22))
|
||||
#define Sigma1(x) (ROTR(x,6) ^ ROTR(x,11) ^ ROTR(x,25))
|
||||
#define sigma0(x) (ROTR(x,7) ^ ROTR(x,18) ^ ((x)>>3))
|
||||
#define sigma1(x) (ROTR(x,17) ^ ROTR(x,19) ^ ((x)>>10))
|
||||
|
||||
#define A m->counter[0]
|
||||
#define B m->counter[1]
|
||||
#define C m->counter[2]
|
||||
#define D m->counter[3]
|
||||
#define E m->counter[4]
|
||||
#define F m->counter[5]
|
||||
#define G m->counter[6]
|
||||
#define H m->counter[7]
|
||||
|
||||
static const uint32_t constant_256[64] = {
|
||||
0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5,
|
||||
0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
|
||||
0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
|
||||
0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
|
||||
0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc,
|
||||
0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
|
||||
0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7,
|
||||
0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
|
||||
0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
|
||||
0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
|
||||
0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3,
|
||||
0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
|
||||
0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5,
|
||||
0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
|
||||
0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
|
||||
0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
|
||||
};
|
||||
|
||||
void
|
||||
SHA256_Init (SHA256_CTX *m)
|
||||
{
|
||||
m->sz[0] = 0;
|
||||
m->sz[1] = 0;
|
||||
A = 0x6a09e667;
|
||||
B = 0xbb67ae85;
|
||||
C = 0x3c6ef372;
|
||||
D = 0xa54ff53a;
|
||||
E = 0x510e527f;
|
||||
F = 0x9b05688c;
|
||||
G = 0x1f83d9ab;
|
||||
H = 0x5be0cd19;
|
||||
}
|
||||
|
||||
static void
|
||||
calc (SHA256_CTX *m, uint32_t *in)
|
||||
{
|
||||
uint32_t AA, BB, CC, DD, EE, FF, GG, HH;
|
||||
uint32_t data[64];
|
||||
int i;
|
||||
|
||||
AA = A;
|
||||
BB = B;
|
||||
CC = C;
|
||||
DD = D;
|
||||
EE = E;
|
||||
FF = F;
|
||||
GG = G;
|
||||
HH = H;
|
||||
|
||||
for (i = 0; i < 16; ++i)
|
||||
data[i] = in[i];
|
||||
for (i = 16; i < 64; ++i)
|
||||
data[i] = sigma1(data[i-2]) + data[i-7] +
|
||||
sigma0(data[i-15]) + data[i - 16];
|
||||
|
||||
for (i = 0; i < 64; i++) {
|
||||
uint32_t T1, T2;
|
||||
|
||||
T1 = HH + Sigma1(EE) + Ch(EE, FF, GG) + constant_256[i] + data[i];
|
||||
T2 = Sigma0(AA) + Maj(AA,BB,CC);
|
||||
|
||||
HH = GG;
|
||||
GG = FF;
|
||||
FF = EE;
|
||||
EE = DD + T1;
|
||||
DD = CC;
|
||||
CC = BB;
|
||||
BB = AA;
|
||||
AA = T1 + T2;
|
||||
}
|
||||
|
||||
A += AA;
|
||||
B += BB;
|
||||
C += CC;
|
||||
D += DD;
|
||||
E += EE;
|
||||
F += FF;
|
||||
G += GG;
|
||||
H += HH;
|
||||
}
|
||||
|
||||
/*
|
||||
* From `Performance analysis of MD5' by Joseph D. Touch <touch@isi.edu>
|
||||
*/
|
||||
|
||||
#if !defined(WORDS_BIGENDIAN) || defined(_CRAY)
|
||||
static inline uint32_t
|
||||
swap_uint32_t (uint32_t t)
|
||||
{
|
||||
#define ROL(x,n) ((x)<<(n))|((x)>>(32-(n)))
|
||||
uint32_t temp1, temp2;
|
||||
|
||||
temp1 = cshift(t, 16);
|
||||
temp2 = temp1 >> 8;
|
||||
temp1 &= 0x00ff00ff;
|
||||
temp2 &= 0x00ff00ff;
|
||||
temp1 <<= 8;
|
||||
return temp1 | temp2;
|
||||
}
|
||||
#endif
|
||||
|
||||
struct x32{
|
||||
unsigned int a:32;
|
||||
unsigned int b:32;
|
||||
};
|
||||
|
||||
void
|
||||
SHA256_Update (SHA256_CTX *m, const void *v, size_t len)
|
||||
{
|
||||
const unsigned char *p = v;
|
||||
size_t old_sz = m->sz[0];
|
||||
size_t offset;
|
||||
|
||||
m->sz[0] += len * 8;
|
||||
if (m->sz[0] < old_sz)
|
||||
++m->sz[1];
|
||||
offset = (old_sz / 8) % 64;
|
||||
while(len > 0){
|
||||
size_t l = min(len, 64 - offset);
|
||||
memcpy(m->save + offset, p, l);
|
||||
offset += l;
|
||||
p += l;
|
||||
len -= l;
|
||||
if(offset == 64){
|
||||
#if !defined(WORDS_BIGENDIAN) || defined(_CRAY)
|
||||
int i;
|
||||
uint32_t current[16];
|
||||
struct x32 *u = (struct x32*)m->save;
|
||||
for(i = 0; i < 8; i++){
|
||||
current[2*i+0] = swap_uint32_t(u[i].a);
|
||||
current[2*i+1] = swap_uint32_t(u[i].b);
|
||||
}
|
||||
calc(m, current);
|
||||
#else
|
||||
calc(m, (uint32_t*)m->save);
|
||||
#endif
|
||||
offset = 0;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
void
|
||||
SHA256_Final (void *res, SHA256_CTX *m)
|
||||
{
|
||||
unsigned char zeros[72];
|
||||
unsigned offset = (m->sz[0] / 8) % 64;
|
||||
unsigned int dstart = (120 - offset - 1) % 64 + 1;
|
||||
|
||||
*zeros = 0x80;
|
||||
memset (zeros + 1, 0, sizeof(zeros) - 1);
|
||||
zeros[dstart+7] = (m->sz[0] >> 0) & 0xff;
|
||||
zeros[dstart+6] = (m->sz[0] >> 8) & 0xff;
|
||||
zeros[dstart+5] = (m->sz[0] >> 16) & 0xff;
|
||||
zeros[dstart+4] = (m->sz[0] >> 24) & 0xff;
|
||||
zeros[dstart+3] = (m->sz[1] >> 0) & 0xff;
|
||||
zeros[dstart+2] = (m->sz[1] >> 8) & 0xff;
|
||||
zeros[dstart+1] = (m->sz[1] >> 16) & 0xff;
|
||||
zeros[dstart+0] = (m->sz[1] >> 24) & 0xff;
|
||||
SHA256_Update (m, zeros, dstart + 8);
|
||||
{
|
||||
int i;
|
||||
unsigned char *r = (unsigned char*)res;
|
||||
|
||||
for (i = 0; i < 8; ++i) {
|
||||
r[4*i+3] = m->counter[i] & 0xFF;
|
||||
r[4*i+2] = (m->counter[i] >> 8) & 0xFF;
|
||||
r[4*i+1] = (m->counter[i] >> 16) & 0xFF;
|
||||
r[4*i] = (m->counter[i] >> 24) & 0xFF;
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,354 @@
|
||||
/*
|
||||
* Copyright (c) 2006 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include <config.h>
|
||||
#endif
|
||||
|
||||
#ifdef RCSID
|
||||
RCSID("$Id$");
|
||||
#endif
|
||||
|
||||
#include <sys/types.h>
|
||||
#include <limits.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
|
||||
#include <bn.h>
|
||||
|
||||
static int
|
||||
set_get(unsigned long num)
|
||||
{
|
||||
BIGNUM *bn;
|
||||
|
||||
bn = BN_new();
|
||||
if (!BN_set_word(bn, num))
|
||||
return 1;
|
||||
|
||||
if (BN_get_word(bn) != num)
|
||||
return 1;
|
||||
|
||||
BN_free(bn);
|
||||
return 0;
|
||||
}
|
||||
|
||||
#define CHECK(x) do { ret += x; } while(0)
|
||||
|
||||
static int
|
||||
test_BN_set_get(void)
|
||||
{
|
||||
int ret = 0;
|
||||
CHECK(set_get(0));
|
||||
CHECK(set_get(1));
|
||||
CHECK(set_get(0xff));
|
||||
CHECK(set_get(0x1ff));
|
||||
CHECK(set_get(0xffff));
|
||||
CHECK(set_get(0xf000));
|
||||
CHECK(set_get(ULONG_MAX / 2));
|
||||
CHECK(set_get(ULONG_MAX - 1));
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
static int
|
||||
test_BN_bit(void)
|
||||
{
|
||||
BIGNUM *bn;
|
||||
int ret = 0;
|
||||
|
||||
bn = BN_new();
|
||||
|
||||
/* test setting and getting of "word" */
|
||||
if (!BN_set_word(bn, 1))
|
||||
return 1;
|
||||
if (!BN_is_bit_set(bn, 0))
|
||||
ret += 1;
|
||||
if (!BN_is_bit_set(bn, 0))
|
||||
ret += 1;
|
||||
|
||||
if (!BN_set_word(bn, 2))
|
||||
return 1;
|
||||
if (!BN_is_bit_set(bn, 1))
|
||||
ret += 1;
|
||||
|
||||
if (!BN_set_word(bn, 3))
|
||||
return 1;
|
||||
if (!BN_is_bit_set(bn, 0))
|
||||
ret += 1;
|
||||
if (!BN_is_bit_set(bn, 1))
|
||||
ret += 1;
|
||||
|
||||
if (!BN_set_word(bn, 0x100))
|
||||
return 1;
|
||||
if (!BN_is_bit_set(bn, 8))
|
||||
ret += 1;
|
||||
|
||||
if (!BN_set_word(bn, 0x1000))
|
||||
return 1;
|
||||
if (!BN_is_bit_set(bn, 12))
|
||||
ret += 1;
|
||||
|
||||
/* test bitsetting */
|
||||
if (!BN_set_word(bn, 1))
|
||||
return 1;
|
||||
if (!BN_set_bit(bn, 1))
|
||||
return 1;
|
||||
if (BN_get_word(bn) != 3)
|
||||
return 1;
|
||||
if (!BN_clear_bit(bn, 0))
|
||||
return 1;
|
||||
if (BN_get_word(bn) != 2)
|
||||
return 1;
|
||||
|
||||
/* test bitsetting past end of current end */
|
||||
BN_clear(bn);
|
||||
if (!BN_set_bit(bn, 12))
|
||||
return 1;
|
||||
if (BN_get_word(bn) != 0x1000)
|
||||
return 1;
|
||||
|
||||
/* test bit and byte counting functions */
|
||||
if (BN_num_bits(bn) != 13)
|
||||
return 1;
|
||||
if (BN_num_bytes(bn) != 2)
|
||||
return 1;
|
||||
|
||||
BN_free(bn);
|
||||
return ret;
|
||||
}
|
||||
|
||||
struct ietest {
|
||||
char *data;
|
||||
size_t len;
|
||||
unsigned long num;
|
||||
} ietests[] = {
|
||||
{ "", 0, 0 },
|
||||
{ "\x01", 1, 1 },
|
||||
{ "\x02", 1, 2 },
|
||||
{ "\xf2", 1, 0xf2 },
|
||||
{ "\x01\x00", 2, 256 }
|
||||
};
|
||||
|
||||
static int
|
||||
test_BN_import_export(void)
|
||||
{
|
||||
BIGNUM *bn;
|
||||
int ret = 0;
|
||||
int i;
|
||||
|
||||
bn = BN_new();
|
||||
|
||||
for (i = 0; i < sizeof(ietests)/sizeof(ietests[0]); i++) {
|
||||
size_t len;
|
||||
unsigned char *p;
|
||||
if (!BN_bin2bn((unsigned char*)ietests[i].data, ietests[i].len, bn))
|
||||
return 1;
|
||||
if (BN_get_word(bn) != ietests[i].num)
|
||||
return 1;
|
||||
len = BN_num_bytes(bn);
|
||||
if (len != ietests[i].len)
|
||||
return 1;
|
||||
p = malloc(len + 1);
|
||||
p[len] = 0xf4;
|
||||
BN_bn2bin(bn, p);
|
||||
if (p[len] != 0xf4)
|
||||
return 1;
|
||||
if (memcmp(p, ietests[i].data, ietests[i].len) != 0)
|
||||
return 1;
|
||||
free(p);
|
||||
}
|
||||
|
||||
BN_free(bn);
|
||||
return ret;
|
||||
}
|
||||
|
||||
static int
|
||||
test_BN_uadd(void)
|
||||
{
|
||||
BIGNUM *a, *b, *c;
|
||||
char *p;
|
||||
|
||||
a = BN_new();
|
||||
b = BN_new();
|
||||
c = BN_new();
|
||||
|
||||
BN_set_word(a, 1);
|
||||
BN_set_word(b, 2);
|
||||
|
||||
BN_uadd(c, a, b);
|
||||
|
||||
if (BN_get_word(c) != 3)
|
||||
return 1;
|
||||
|
||||
BN_uadd(c, b, a);
|
||||
|
||||
if (BN_get_word(c) != 3)
|
||||
return 1;
|
||||
|
||||
BN_set_word(b, 0xff);
|
||||
|
||||
BN_uadd(c, a, b);
|
||||
if (BN_get_word(c) != 0x100)
|
||||
return 1;
|
||||
|
||||
BN_uadd(c, b, a);
|
||||
if (BN_get_word(c) != 0x100)
|
||||
return 1;
|
||||
|
||||
BN_set_word(a, 0xff);
|
||||
|
||||
BN_uadd(c, a, b);
|
||||
if (BN_get_word(c) != 0x1fe)
|
||||
return 1;
|
||||
|
||||
BN_uadd(c, b, a);
|
||||
if (BN_get_word(c) != 0x1fe)
|
||||
return 1;
|
||||
|
||||
|
||||
BN_free(a);
|
||||
BN_free(b);
|
||||
|
||||
BN_hex2bn(&a, "50212A3B611D46642C825A16A354CE0FD4D85DD2");
|
||||
BN_hex2bn(&b, "84B6C7E8D28ACA1614954DA");
|
||||
|
||||
BN_uadd(c, b, a);
|
||||
p = BN_bn2hex(c);
|
||||
if (strcmp(p, "50212A3B611D466434CDC695307D7AB13621B2AC") != 0) {
|
||||
free(p);
|
||||
return 1;
|
||||
}
|
||||
|
||||
BN_uadd(c, a, b);
|
||||
p = BN_bn2hex(c);
|
||||
if (strcmp(p, "50212A3B611D466434CDC695307D7AB13621B2AC") != 0) {
|
||||
free(p);
|
||||
return 1;
|
||||
}
|
||||
|
||||
free(p);
|
||||
|
||||
BN_free(a);
|
||||
BN_free(b);
|
||||
BN_free(c);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int
|
||||
test_BN_cmp(void)
|
||||
{
|
||||
BIGNUM *a, *b;
|
||||
|
||||
a = BN_new();
|
||||
b = BN_new();
|
||||
|
||||
if (!BN_set_word(a, 1))
|
||||
return 1;
|
||||
if (!BN_set_word(b, 1))
|
||||
return 1;
|
||||
|
||||
if (BN_cmp(a, b) != 0)
|
||||
return 1;
|
||||
if (BN_cmp(b, a) != 0)
|
||||
return 1;
|
||||
|
||||
if (!BN_set_word(b, 2))
|
||||
return 1;
|
||||
|
||||
if (BN_cmp(a, b) >= 0)
|
||||
return 1;
|
||||
if (BN_cmp(b, a) <= 0)
|
||||
return 1;
|
||||
|
||||
BN_set_negative(b, 1);
|
||||
|
||||
if (BN_cmp(a, b) <= 0)
|
||||
return 1;
|
||||
if (BN_cmp(b, a) >= 0)
|
||||
return 1;
|
||||
|
||||
BN_free(a);
|
||||
BN_free(b);
|
||||
|
||||
BN_hex2bn(&a, "50212A3B611D46642C825A16A354CE0FD4D85DD1");
|
||||
BN_hex2bn(&b, "50212A3B611D46642C825A16A354CE0FD4D85DD2");
|
||||
|
||||
if (BN_cmp(a, b) >= 0)
|
||||
return 1;
|
||||
if (BN_cmp(b, a) <= 0)
|
||||
return 1;
|
||||
|
||||
BN_set_negative(b, 1);
|
||||
|
||||
if (BN_cmp(a, b) <= 0)
|
||||
return 1;
|
||||
if (BN_cmp(b, a) >= 0)
|
||||
return 1;
|
||||
|
||||
BN_free(a);
|
||||
BN_free(b);
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int
|
||||
test_BN_rand(void)
|
||||
{
|
||||
BIGNUM *bn;
|
||||
|
||||
bn = BN_new();
|
||||
if (bn == NULL)
|
||||
return 1;
|
||||
|
||||
if (!BN_rand(bn, 1024, 0, 0))
|
||||
return 1;
|
||||
|
||||
BN_free(bn);
|
||||
return 0;
|
||||
}
|
||||
|
||||
int
|
||||
main(int argc, char **argv)
|
||||
{
|
||||
int ret = 0;
|
||||
|
||||
ret += test_BN_set_get();
|
||||
ret += test_BN_bit();
|
||||
ret += test_BN_import_export();
|
||||
ret += test_BN_uadd();
|
||||
ret += test_BN_cmp();
|
||||
ret += test_BN_rand();
|
||||
|
||||
return ret;
|
||||
}
|
||||
@@ -0,0 +1,146 @@
|
||||
/*
|
||||
* Copyright (c) 2006 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include <config.h>
|
||||
#endif
|
||||
|
||||
#ifdef RCSID
|
||||
RCSID("$Id$");
|
||||
#endif
|
||||
|
||||
#include <sys/types.h>
|
||||
#include <limits.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
|
||||
#include <evp.h>
|
||||
|
||||
struct tests {
|
||||
void *key;
|
||||
size_t keysize;
|
||||
void *iv;
|
||||
size_t datasize;
|
||||
void *indata;
|
||||
void *outdata;
|
||||
size_t outdatasize;
|
||||
};
|
||||
|
||||
struct tests aes_tests[] = {
|
||||
{ "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
|
||||
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
|
||||
32,
|
||||
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
|
||||
16,
|
||||
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
|
||||
"\xdc\x95\xc0\x78\xa2\x40\x89\x89\xad\x48\xa2\x14\x92\x84\x20\x87"
|
||||
}
|
||||
};
|
||||
|
||||
struct tests rc2_40_tests[] = {
|
||||
{ "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
|
||||
16,
|
||||
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
|
||||
16,
|
||||
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
|
||||
"\xc0\xb8\xff\xa5\xd6\xeb\xc9\x62\xcc\x52\x5f\xfe\x9a\x3c\x97\xe6"
|
||||
}
|
||||
};
|
||||
|
||||
struct tests des_ede3_cbc_tests[] = {
|
||||
{ "1917ffe6bb772efc297643bc63567e9a002e4d431d5ffd58",
|
||||
24,
|
||||
"\xbf\x9a\x12\xb7\x26\x69\xfd\x05",
|
||||
16,
|
||||
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
|
||||
"\x9d\x50\xf4\xc6\x01\xdb\x45\x49\x11\x8f\x36\x06\x06\x08\x2e\xe5"
|
||||
}
|
||||
};
|
||||
|
||||
|
||||
static int
|
||||
test_cipher(const EVP_CIPHER *c, struct tests *t)
|
||||
{
|
||||
EVP_CIPHER_CTX ectx;
|
||||
EVP_CIPHER_CTX dctx;
|
||||
void *d;
|
||||
|
||||
EVP_CIPHER_CTX_init(&ectx);
|
||||
EVP_CIPHER_CTX_init(&dctx);
|
||||
|
||||
if (!EVP_CipherInit_ex(&ectx, c, NULL, t->key, t->iv, 1))
|
||||
return 1;
|
||||
if (!EVP_CipherInit_ex(&dctx, c, NULL, t->key, t->iv, 0))
|
||||
return 1;
|
||||
|
||||
d = malloc(t->datasize);
|
||||
|
||||
if (!EVP_Cipher(&ectx, d, t->indata, t->datasize))
|
||||
return 1;
|
||||
|
||||
if (memcmp(d, t->outdata, t->datasize) != 0) {
|
||||
printf("encrypt not the same\n");
|
||||
return 1;
|
||||
}
|
||||
|
||||
if (!EVP_Cipher(&dctx, d, d, t->datasize))
|
||||
return 1;
|
||||
|
||||
if (memcmp(d, t->indata, t->datasize) != 0) {
|
||||
printf("decrypt not the same\n");
|
||||
return 1;
|
||||
}
|
||||
|
||||
EVP_CIPHER_CTX_cleanup(&ectx);
|
||||
EVP_CIPHER_CTX_cleanup(&dctx);
|
||||
free(d);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int
|
||||
main(int argc, char **argv)
|
||||
{
|
||||
int ret = 0;
|
||||
int i;
|
||||
|
||||
for (i = 0; i < sizeof(aes_tests)/sizeof(aes_tests[0]); i++)
|
||||
ret += test_cipher(EVP_aes_256_cbc(), &aes_tests[i]);
|
||||
for (i = 0; i < sizeof(rc2_40_tests)/sizeof(rc2_40_tests[0]); i++)
|
||||
ret += test_cipher(EVP_rc2_40_cbc(), &rc2_40_tests[i]);
|
||||
for (i = 0; i < sizeof(rc2_40_tests)/sizeof(rc2_40_tests[0]); i++)
|
||||
ret += test_cipher(EVP_des_ede3_cbc(), &des_ede3_cbc_tests[i]);
|
||||
|
||||
return ret;
|
||||
}
|
||||
@@ -0,0 +1,70 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan
|
||||
# (Royal Institute of Technology, Stockholm, Sweden).
|
||||
# All rights reserved.
|
||||
#
|
||||
# Redistribution and use in source and binary forms, with or without
|
||||
# modification, are permitted provided that the following conditions
|
||||
# are met:
|
||||
#
|
||||
# 1. Redistributions of source code must retain the above copyright
|
||||
# notice, this list of conditions and the following disclaimer.
|
||||
#
|
||||
# 2. Redistributions in binary form must reproduce the above copyright
|
||||
# notice, this list of conditions and the following disclaimer in the
|
||||
# documentation and/or other materials provided with the distribution.
|
||||
#
|
||||
# 3. Neither the name of the Institute nor the names of its contributors
|
||||
# may be used to endorse or promote products derived from this software
|
||||
# without specific prior written permission.
|
||||
#
|
||||
# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
# SUCH DAMAGE.
|
||||
#
|
||||
# $Id$
|
||||
#
|
||||
|
||||
srcdir="@srcdir@"
|
||||
|
||||
rsa="${TESTS_ENVIRONMENT} ./test_rsa"
|
||||
engine="${TESTS_ENVIRONMENT} ./test_engine_dso"
|
||||
rand="${TESTS_ENVIRONMENT} ./test_rand"
|
||||
|
||||
${rsa} --key=${srcdir}/rsakey.der || \
|
||||
{ echo "rsa test failed" ; exit 1; }
|
||||
|
||||
${engine} --rsa=${srcdir}/rsakey.der || \
|
||||
{ echo "engine test failed" ; exit 1; }
|
||||
|
||||
${rsa} --loops=4 || { echo "rsa test for 4 loops failed" ; exit 1; }
|
||||
|
||||
for a in unix fortuna egd ;do
|
||||
${rand} --method=${a} crypto-test 2>error
|
||||
res=$?
|
||||
if test "X$res" != X0 ; then
|
||||
grep "random not ready yet" error || exit 1
|
||||
echo "random method $a out for lunch"
|
||||
continue
|
||||
fi
|
||||
${rand} --method=${a} crypto-test2 2>error
|
||||
res=$?
|
||||
if test "X$res" != X0 ; then
|
||||
grep "random not ready yet" error || exit 1
|
||||
echo "random metod $a out for dinner"
|
||||
continue
|
||||
fi
|
||||
cmp crypto-test crypto-test2 && { echo "rand output same!" ; exit 1; }
|
||||
done
|
||||
|
||||
|
||||
exit 0
|
||||
@@ -0,0 +1,333 @@
|
||||
/*
|
||||
* Copyright (c) 2006 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include <config.h>
|
||||
#endif
|
||||
|
||||
#ifdef RCSID
|
||||
RCSID("$Id$");
|
||||
#endif
|
||||
|
||||
#include <stdio.h>
|
||||
|
||||
#include <roken.h>
|
||||
#include <getarg.h>
|
||||
|
||||
#include <engine.h>
|
||||
#include <evp.h>
|
||||
|
||||
struct {
|
||||
const char *cpriv;
|
||||
const char *cpub;
|
||||
const char *spriv;
|
||||
const char *spub;
|
||||
} dhtests[] = {
|
||||
{
|
||||
"5C0946275D07223AEAF04301D964498F3285946057B4C50D13B4FE12C88DFD8D499DD3CC00C1BC17C0D343F2FE053C9F53389110551715B1EDF261A0314485C4835D01F7B8894027D534A2D81D63619D2F58C9864AC9816086B3FF75C01B3FAFF355425AB7369A6ABDC8B633F0A0DC4D29B50F364E7594B297183D14E5CDC05D",
|
||||
"2D66DC5998B7AEE3332DC1061C6E6F6CF0FCCD74534187E2CDC9ACBCADF0FC9D5900451F44832A762F01E9CEEF1CBD7D69D020AC524D09FAD087DFADEAC36C845157B83937B51C8DB7F500C3C54FB2A05E074E40BA982186E7FEB2534EDDB387D5480AAA355B398CCAD0886F3952C3718490B7884FA67BD8B6943CDDA20134C6",
|
||||
"42644BA7CF74689E18BA72BF80FCA674D1A2ADF81795EB3828E67C30E42ABD07A8E90E27F046189FAC122D915276870B72427388EAAB5D06994FC38885BBACCEA1CFC45951B730D73C1A8F83208CD1351746601648C11D70BC95B817C86E4A5C40D633654615041C7934BB3CAF4E02754D542033DB024E94C7E561A29ED0C6EC",
|
||||
"C233633AB116E2DB20B4E08DA42DE8766293E6D9042F7A2C2A2F34F18FE66010B074CCF3C9B03EF27B14F0746B738AF22776224161D767D96AEC230A1DFA6DECFFCE9FED23B96F50CCB0093E59817AD0CEAEB7993AB5764679948BFB1293C9560B07AA3DFA229E341EB17C9FAE0B1D483082461D2DDBCEEE6FE7C0A34D96F66D"
|
||||
},
|
||||
{
|
||||
"76295C1280B890970F0F7EB01BBD9C5DF9BB8F590EB384A39EBF85CD141451407F955FD1D39012AA1F8BA53FD6A5A37CB2835CEDB27D1EBF1FE8AC9F2FFD628BD9BF7B8DD77CB80C8DC0A75F4567C7700442B26972833EB9738A8728A1FC274C59CED5E3ADA224B46711112AAA1CB831D2D6125E183ADA4F805A05024C9C6DDB",
|
||||
"1E0AB5EBAAC7985FE67A574447FAE58AE4CB95416278D4C239A789D4532FA8E6F82BA10BE411D8A0A06B9E1DECE704466B3523496A8A4165B97FBCFB9CE9C4FF2DEEE786BA046E8C270FA8A9055D2F6E42EDDB32C73CF7875551A56EB69C0F14A3745745845B81C347401B27D074C60C5177BA9C14BBB1C8C219B78E15126EF8",
|
||||
"68D84A8F92082F113542CFD990DEEFAD9C7EFA545268F8B3EBDF4CCBAF2865CF03EF60044EB4AF4154E6804CC2BDD673B801507446CEFC692DA577B6DC6E0272B7B081A1BEFDC2A4FAC83DB8845E3DA0D1B64DB33AA2164FEDB08A01E815336BD58F4E6DE6A265468E61C8C988B8AEC0D52DB714448DDC007E7C3382C07357DB",
|
||||
"393815D507A2EF80DE2D0F2A55AAB1C25B870ACA3FC97438B4336CBF979BF9A4F8DA1B61C667129F9123045E07E24976040EC5E2368DD4EF70690102D74E900B260D3826256FD473733A7569BF514652AB78C48C334FDCA26C44ABF322643AF15BFF693A37BB2C19CA9FE5F1537FCFE2B24CF74D4E57060D35ABF115B4B6CD21"
|
||||
},
|
||||
{
|
||||
"7307D6C3CB874327A95F7A6A91C336CEAA086736525DF3F8EC49497CF444C68D264EB70CD6904FE56E240EEF34E6C5177911C478A7F250A0F54183BCBE64B42BAB5D019E73E2F17C095C211E4815E6BA5FDD72786AF987ABBC9109ECEEF439AF9E2141D5222CE7DC0152D8E9A6CCCE301D21A7D1D6ACB9B91B5E28379C91890D",
|
||||
"83FBD7BFFDF415BBB7E21D399CB2F36A61AFDBAFC542E428E444C66AA03617C0C55C639FE2428905B57035892AE1BD2C4060E807D9E003B0C204FFC8FDD69CC8ADE7A8E18DCBFFF64E3EF9DA2C117390374241466E48A020A1B2F575AE42C233F8BD357B8331CC203E0345DFC19C73E6F1F70B6C2786E681D73BF48B15FE9992",
|
||||
"61BCF748BB05A48861578B8CB1855200B2E62A40E126BD7323E5B714645A54A2C8761EE39EE39BA6D2FE19B688168EDEA6DC5056400B5315ED299E7926176B887012E58634D78F05D7BCF0E1B81B1B41F5F8EF0B0711D3A64F9A317DD183AE039A4D3BE02A515892362F8C7BB6EB6434BB25418A438ED33D50C475122CBBE862",
|
||||
"7DB8D69D1605D9812B7F2F3E92BCEEB3426FEEE3265A174D71B2B6E16B332B43DF0B3C2FA152E48DE2FAC110D8CECE122C3398558E7987B27CACE12722C0032AC7E7766A9BCC881BA35B9DB9E751BD4E51F7683DE092F6C1D4DD937CDCE9C16E6F7D77CC6AAD806E4082E8E22E28592C4D78256354393FE831E811E03ED0A81A"
|
||||
},
|
||||
{
|
||||
"60C18B62F786DE6A4A8B13EB6DA2380B4C6731F861C715D9496DCF4A9F01CD33DDB52F1AB4D1F820FAF7AD4EFEB66586F7F08135714B13D77FE652B9EEAB2C543596A9ED307C1629CF535DD14AB22F081AE4ADF7A3E0BC7B33E0EC7A7306F9A737F55807974B5E1B7B6394BD0373917128B43A17757B34BAE1B600763E957F75",
|
||||
"0DEDA337C38EA005D5B8567EAB681CE91892C2C62C9D42BF748FBFE681E11F25D98280E42E1539A10EEE9177EF2F40216987936AF19D9B5EBE22EEAC27242D77CE3A5061F2E5CFACF15CD0F80E736AE8642252FE91E129DE3C78CFB85A0B1BB87B059CBB24483444F8A07244F4E89370BA78D58BD409DFBB3D41921B8879B9C7",
|
||||
"462C0707CF3366C2242A808CFDB79B77E8B3AF9D796583EB9CCD7BF4E8792AB0A818E49FFE53CA241F56988F825B366BF1E78481F8086A123259B9D83AC643E85845BF6B2C5412FFDDFAA8C9ED203CA4B3C1BFD777286099976472FA15B3CCC8418CF162F03C0C3E85D7EFC5CF5ACB9B2C039CCF3A1A9C6BB6B9C09C18D86CBD",
|
||||
"56DB382EDB8C2D95934D20261CE1A37090B0802D451E647DB1DA3B73CDB5A878EAD598A8817302449370F9D45E34F5C45F73D02BF4EB2B3712A8665F446F5D2B774039E5444AB74807859FA58DF9EBA4B12BA4545ACED827E4ED64CC71F937D64A1033BC43403F2490C1B715A74822B8D50A72A102213F0CF7A1B98B771B34C4"
|
||||
},
|
||||
{
|
||||
"61B7321207F4A73646E43E99221F902D2F38095E84CE7346A1510FE71BA7B9B34DCB6609E4DDDA8C82426E82D1C23F1E761130ECE4638D77554A7618E1608625049328FCC1F8845CA9A88E847106B01BD31EF6500E3C7EE81A048924BEAA3EDF367E5F4575341206C7A76427571898294B07BD918D4C2642854CC89D439042E5",
|
||||
"29AA38E63E4DD7C651E25DEC7A5A53E48114F52813793D36A9DBDD4F7C06FC38406E330764E0B2AFD811C39D857EA5F904105360E06856DC0780C7D61C53165833F0AEA15CB54732DE113F44C8FCFB86F4A876DD42D7A55356D91C0173F2B012680FB54C13EF54B65DF4AEDE2E13419B1316435187CEF07D44DB3DF57C4703FD",
|
||||
"5ED5AFB04CBFEE43EF3D9B60A57080831563648A2380D98F1EA4A96CF153903A40A2E564DED87E7254DF3270568AB952BF6F400681DD6AD919C9B06AC0F45F0646BCF37B217191AA0B7B7BED226B61F48B46DEA2E5A09E41F316583823A38A60FFD79085F43F60D98871ECA1A0F667701425094E88885A81DE9DA6C293E95060",
|
||||
"4DE4F24EAA3E2790FBCB1B13C2ED0EFD846EC33154DBEBBEFD895E1399B3617D55EC2CE8D71CF380B55D93636FEF741328D6B1E224D46F8A8B60A41D08DD86E88DE806AA781791364E6D88BF68571BF5D8C35CB04BA302227B7E4CB6A67AB7510ACBCDBF2F8A95EB5DEE693CCA5CC425A0F1CA2D18C369A767906A2477E32704"
|
||||
}
|
||||
};
|
||||
|
||||
static void
|
||||
dh_test(DH *server, DH *client)
|
||||
{
|
||||
void *skey, *ckey;
|
||||
int ssize, csize;
|
||||
|
||||
skey = emalloc(DH_size(server));
|
||||
ckey = emalloc(DH_size(client));
|
||||
|
||||
ssize = DH_compute_key(skey, client->pub_key, server);
|
||||
if (ssize == -1)
|
||||
errx(1, "DH_compute_key failed for server");
|
||||
csize = DH_compute_key(ckey, server->pub_key, client);
|
||||
if (csize == -1)
|
||||
errx(1, "DH_compute_key failed for client");
|
||||
|
||||
if (ssize != csize)
|
||||
errx(1, "DH_compute_key size mismatch");
|
||||
|
||||
if (memcmp(skey, ckey, csize) != 0)
|
||||
errx(1, "DH_compute_key key mismatch");
|
||||
|
||||
free(skey);
|
||||
free(ckey);
|
||||
}
|
||||
|
||||
|
||||
static int version_flag;
|
||||
static int help_flag;
|
||||
static char *id_flag;
|
||||
static char *rsa_flag;
|
||||
static int dh_flag = 1;
|
||||
|
||||
static struct getargs args[] = {
|
||||
{ "id", 0, arg_string, &id_flag,
|
||||
"selects the engine id", "engine-id" },
|
||||
{ "rsa", 0, arg_string, &rsa_flag,
|
||||
"tests RSA modes", "private-rsa-der-file" },
|
||||
{ "dh", 0, arg_negative_flag, &dh_flag,
|
||||
"test dh", NULL },
|
||||
{ "version", 0, arg_flag, &version_flag,
|
||||
"print version", NULL },
|
||||
{ "help", 0, arg_flag, &help_flag,
|
||||
NULL, NULL }
|
||||
};
|
||||
|
||||
static void
|
||||
usage (int ret)
|
||||
{
|
||||
arg_printusage (args,
|
||||
sizeof(args)/sizeof(*args),
|
||||
NULL,
|
||||
"filename.so");
|
||||
exit (ret);
|
||||
}
|
||||
|
||||
int
|
||||
main(int argc, char **argv)
|
||||
{
|
||||
ENGINE *engine = NULL;
|
||||
int idx = 0;
|
||||
int have_rsa, have_dh;
|
||||
|
||||
setprogname(argv[0]);
|
||||
|
||||
if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &idx))
|
||||
usage(1);
|
||||
|
||||
if (help_flag)
|
||||
usage(0);
|
||||
|
||||
if(version_flag){
|
||||
print_version(NULL);
|
||||
exit(0);
|
||||
}
|
||||
|
||||
argc -= idx;
|
||||
argv += idx;
|
||||
|
||||
OpenSSL_add_all_algorithms();
|
||||
|
||||
if (argc == 0) {
|
||||
OpenSSL_add_all_algorithms();
|
||||
ENGINE_load_builtin_engines();
|
||||
engine = ENGINE_by_id("builtin");
|
||||
} else {
|
||||
engine = ENGINE_by_dso(argv[0], id_flag);
|
||||
}
|
||||
if (engine == NULL)
|
||||
errx(1, "ENGINE_by_dso failed");
|
||||
|
||||
printf("name: %s\n", ENGINE_get_name(engine));
|
||||
printf("id: %s\n", ENGINE_get_id(engine));
|
||||
have_rsa = ENGINE_get_RSA(engine) != NULL;
|
||||
have_dh = ENGINE_get_DH(engine) != NULL;
|
||||
printf("RSA: %s", have_rsa ? "yes," : "no");
|
||||
if (have_rsa)
|
||||
printf(" %s", ENGINE_get_RSA(engine)->name);
|
||||
printf("\n");
|
||||
printf("DH: %s", have_dh ? "yes," : "no");
|
||||
if (have_dh)
|
||||
printf(" %s", ENGINE_get_DH(engine)->name);
|
||||
printf("\n");
|
||||
|
||||
if (RAND_status() != 1)
|
||||
errx(77, "no functional random device, can't execute tests");
|
||||
|
||||
if (rsa_flag && have_rsa) {
|
||||
unsigned char buf[1024 * 4];
|
||||
const unsigned char *p;
|
||||
size_t size;
|
||||
int keylen;
|
||||
RSA *rsa;
|
||||
FILE *f;
|
||||
|
||||
f = fopen(rsa_flag, "r");
|
||||
if (f == NULL)
|
||||
err(1, "could not open file %s", rsa_flag);
|
||||
|
||||
size = fread(buf, 1, sizeof(buf), f);
|
||||
if (size == 0)
|
||||
err(1, "failed to read file %s", rsa_flag);
|
||||
if (size == sizeof(buf))
|
||||
err(1, "key too long in file %s!", rsa_flag);
|
||||
fclose(f);
|
||||
|
||||
p = buf;
|
||||
rsa = d2i_RSAPrivateKey(NULL, &p, size);
|
||||
if (rsa == NULL)
|
||||
err(1, "failed to parse key in file %s", rsa_flag);
|
||||
|
||||
RSA_set_method(rsa, ENGINE_get_RSA(engine));
|
||||
|
||||
/*
|
||||
* try rsa signing
|
||||
*/
|
||||
|
||||
memcpy(buf, "hejsan", 7);
|
||||
keylen = RSA_private_encrypt(7, buf, buf, rsa, RSA_PKCS1_PADDING);
|
||||
if (keylen <= 0)
|
||||
errx(1, "failed to private encrypt");
|
||||
|
||||
keylen = RSA_public_decrypt(keylen, buf, buf, rsa, RSA_PKCS1_PADDING);
|
||||
if (keylen <= 0)
|
||||
errx(1, "failed to public decrypt");
|
||||
|
||||
if (keylen != 7)
|
||||
errx(1, "output buffer not same length: %d", (int)keylen);
|
||||
|
||||
if (memcmp(buf, "hejsan", 7) != 0)
|
||||
errx(1, "string not the same after decryption");
|
||||
|
||||
/*
|
||||
* try rsa encryption
|
||||
*/
|
||||
|
||||
memcpy(buf, "hejsan", 7);
|
||||
keylen = RSA_public_encrypt(7, buf, buf, rsa, RSA_PKCS1_PADDING);
|
||||
if (keylen <= 0)
|
||||
errx(1, "failed to public encrypt");
|
||||
|
||||
keylen = RSA_private_decrypt(keylen, buf, buf, rsa, RSA_PKCS1_PADDING);
|
||||
if (keylen <= 0)
|
||||
errx(1, "failed to private decrypt");
|
||||
|
||||
if (keylen != 7)
|
||||
errx(1, "output buffer not same length: %d", (int)keylen);
|
||||
|
||||
if (memcmp(buf, "hejsan", 7) != 0)
|
||||
errx(1, "string not the same after decryption");
|
||||
|
||||
RSA_free(rsa);
|
||||
|
||||
printf("rsa test passed\n");
|
||||
|
||||
}
|
||||
|
||||
if (dh_flag) {
|
||||
DH *server, *client;
|
||||
int i;
|
||||
|
||||
/* RFC2412-MODP-group2 */
|
||||
const char *p =
|
||||
"FFFFFFFF" "FFFFFFFF" "C90FDAA2" "2168C234" "C4C6628B" "80DC1CD1"
|
||||
"29024E08" "8A67CC74" "020BBEA6" "3B139B22" "514A0879" "8E3404DD"
|
||||
"EF9519B3" "CD3A431B" "302B0A6D" "F25F1437" "4FE1356D" "6D51C245"
|
||||
"E485B576" "625E7EC6" "F44C42E9" "A637ED6B" "0BFF5CB6" "F406B7ED"
|
||||
"EE386BFB" "5A899FA5" "AE9F2411" "7C4B1FE6" "49286651" "ECE65381"
|
||||
"FFFFFFFF" "FFFFFFFF";
|
||||
const char *g = "02";
|
||||
|
||||
/*
|
||||
* Try generated keys
|
||||
*/
|
||||
|
||||
for (i = 0; i < 10; i++) {
|
||||
server = DH_new_method(engine);
|
||||
client = DH_new_method(engine);
|
||||
|
||||
BN_hex2bn(&server->p, p);
|
||||
BN_hex2bn(&client->p, p);
|
||||
BN_hex2bn(&server->g, g);
|
||||
BN_hex2bn(&client->g, g);
|
||||
|
||||
if (!DH_generate_key(server))
|
||||
errx(1, "DH_generate_key failed for server");
|
||||
if (!DH_generate_key(client))
|
||||
errx(1, "DH_generate_key failed for client");
|
||||
|
||||
dh_test(server, client);
|
||||
|
||||
DH_free(server);
|
||||
DH_free(client);
|
||||
}
|
||||
/*
|
||||
* Try known result
|
||||
*/
|
||||
|
||||
for (i = 0; i < sizeof(dhtests)/sizeof(dhtests[0]); i++) {
|
||||
|
||||
server = DH_new_method(engine);
|
||||
client = DH_new_method(engine);
|
||||
|
||||
BN_hex2bn(&server->p, p);
|
||||
BN_hex2bn(&client->p, p);
|
||||
BN_hex2bn(&server->g, g);
|
||||
BN_hex2bn(&client->g, g);
|
||||
|
||||
BN_hex2bn(&client->priv_key, dhtests[i].cpriv);
|
||||
BN_hex2bn(&client->pub_key, dhtests[i].cpub);
|
||||
BN_hex2bn(&server->priv_key, dhtests[i].spriv);
|
||||
BN_hex2bn(&server->pub_key, dhtests[i].spub);
|
||||
|
||||
dh_test(server, client);
|
||||
|
||||
DH_free(server);
|
||||
DH_free(client);
|
||||
}
|
||||
|
||||
printf("DH test passed\n");
|
||||
}
|
||||
|
||||
ENGINE_finish(engine);
|
||||
|
||||
return 0;
|
||||
}
|
||||
@@ -0,0 +1,81 @@
|
||||
/*
|
||||
* Copyright (c) 2006 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include <config.h>
|
||||
#endif
|
||||
|
||||
#ifdef RCSID
|
||||
RCSID("$Id$");
|
||||
#endif
|
||||
|
||||
#include <sys/types.h>
|
||||
#include <limits.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
|
||||
#include <hmac.h>
|
||||
#include <evp.h>
|
||||
|
||||
int
|
||||
main(int argc, char **argv)
|
||||
{
|
||||
unsigned char buf[4] = { 0, 0, 0, 0 };
|
||||
char hmackey[] = "hello-world";
|
||||
size_t hmackey_size = sizeof(hmackey);
|
||||
unsigned int hmaclen;
|
||||
unsigned char hmac[EVP_MAX_MD_SIZE];
|
||||
HMAC_CTX c;
|
||||
|
||||
char answer[20] = "\x2c\xfa\x32\xb7\x2b\x8a\xf6\xdf\xcf\xda"
|
||||
"\x6f\xd1\x52\x4d\x54\x58\x73\x0f\xf3\x24";
|
||||
|
||||
HMAC_CTX_init(&c);
|
||||
HMAC_Init_ex(&c, hmackey, hmackey_size, EVP_sha1(), NULL);
|
||||
HMAC_Update(&c, buf, sizeof(buf));
|
||||
HMAC_Final(&c, hmac, &hmaclen);
|
||||
HMAC_CTX_cleanup(&c);
|
||||
|
||||
if (hmaclen != 20) {
|
||||
printf("hmaclen = %d\n", (int)hmaclen);
|
||||
return 1;
|
||||
}
|
||||
|
||||
if (memcmp(hmac, answer, hmaclen) != 0) {
|
||||
printf("wrong answer\n");
|
||||
return 1;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
@@ -0,0 +1,76 @@
|
||||
/*
|
||||
* Copyright (c) 2007 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#include <config.h>
|
||||
RCSID("$Id$");
|
||||
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <err.h>
|
||||
|
||||
#include "imath/imath.h"
|
||||
|
||||
static void
|
||||
umr_exptmod(void)
|
||||
{
|
||||
mp_result res;
|
||||
mpz_t tmp, z;
|
||||
|
||||
res = mp_int_init(&tmp);
|
||||
if (res != MP_OK)
|
||||
errx(1, "ini_init");
|
||||
|
||||
res = mp_int_init(&z);
|
||||
if (res != MP_OK)
|
||||
errx(1, "ini_init");
|
||||
|
||||
res = mp_int_read_unsigned(&z, (void*)
|
||||
"\x31\xD2\xA3\x66\xB0\x82\xD2\x61\x20\x85\xDF\xAE\x14\x73\x7C\x3A\xF5\x87\xCE\xED\xD6\x46\xBB\x45\x7C\xAF\x0F\x32\x56\xA7\x93\x87\x79\x36\xED\x29\xB8\xBF\x8B\xD8\x45\x6A\x87\x59\xDD\x03\x93\xD2\x8A\x61\xC0\x61\xA7\x7B\xA6\x24\x2A\xB6\x56\x80\x5D\xE9\x07\xD6\x1F\xF4\x00\xD7\xB4\x8B\xB0\xF9\xF5\x37\x52\xD2\x3A\xE5\xA5\xC4\x46\x65\x25\xEE\xE0\xCC\x12\x0A\x82\x68\x8B\xDF\x51\x92\xB5\x70\x87\xB5\x47\x3B\x40\xF7\x34\x35\x2E\x86\x08\x68\x6B\xAD\x2D\xB1\x12\x52\x9F\xF2\x1E\xB1\xFC\xA0\x19\x87\x7F\x6A\x1A\x35\xDA\xA1", 128);
|
||||
if (res != MP_OK)
|
||||
errx(1, "int_read");
|
||||
|
||||
res = mp_int_exptmod_bvalue(3, &z, &z, &tmp);
|
||||
if (res != MP_OK)
|
||||
errx(1, "exptmod_bvalue");
|
||||
|
||||
mp_int_clear(&tmp);
|
||||
mp_int_clear(&z);
|
||||
}
|
||||
|
||||
int
|
||||
main(int argc, char **argv)
|
||||
{
|
||||
umr_exptmod();
|
||||
|
||||
return 0;
|
||||
}
|
||||
@@ -0,0 +1,128 @@
|
||||
/*
|
||||
* Copyright (c) 2006 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include <config.h>
|
||||
#endif
|
||||
|
||||
#ifdef RCSID
|
||||
RCSID("$Id$");
|
||||
#endif
|
||||
|
||||
#include <sys/types.h>
|
||||
#include <limits.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
|
||||
#include <pkcs12.h>
|
||||
#include <evp.h>
|
||||
|
||||
struct tests {
|
||||
int id;
|
||||
const char *password;
|
||||
void *salt;
|
||||
size_t saltsize;
|
||||
int iterations;
|
||||
size_t keylen;
|
||||
const EVP_MD * (*md)(void);
|
||||
void *key;
|
||||
};
|
||||
|
||||
struct tests p12_pbe_tests[] = {
|
||||
{ PKCS12_KEY_ID,
|
||||
"foobar",
|
||||
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
|
||||
16,
|
||||
100,
|
||||
16,
|
||||
EVP_sha1,
|
||||
"\x79\x95\xbf\x3f\x1c\x6d\xe\xe8\xd3\x71\xc4\x94\xd\xb\x18\xb5"
|
||||
},
|
||||
{ PKCS12_KEY_ID,
|
||||
"foobar",
|
||||
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
|
||||
16,
|
||||
2048,
|
||||
24,
|
||||
EVP_sha1,
|
||||
"\x0b\xb5\xe\xa6\x71\x0d\x0c\xf7\x44\xe\xe1\x9b\xb5\xdf\xf1\xdc\x4f\xb0\xca\xe\xee\x4f\xb9\xfd"
|
||||
},
|
||||
{ PKCS12_IV_ID,
|
||||
"foobar",
|
||||
"\x3c\xdf\x84\x32\x59\xd3\xda\x69",
|
||||
8,
|
||||
2048,
|
||||
8,
|
||||
EVP_sha1,
|
||||
"\xbf\x9a\x12\xb7\x26\x69\xfd\x05"
|
||||
}
|
||||
|
||||
};
|
||||
|
||||
static int
|
||||
test_pkcs12_pbe(struct tests *t)
|
||||
{
|
||||
void *key;
|
||||
|
||||
key = malloc(t->keylen);
|
||||
|
||||
if (!PKCS12_key_gen(t->password, strlen(t->password),
|
||||
t->salt, t->saltsize,
|
||||
t->id, t->iterations, t->keylen,
|
||||
key, t->md()))
|
||||
{
|
||||
printf("key_gen failed\n");
|
||||
return 1;
|
||||
}
|
||||
|
||||
if (memcmp(t->key, key, t->keylen) != 0) {
|
||||
printf("incorrect key\n");
|
||||
free(key);
|
||||
return 1;
|
||||
}
|
||||
free(key);
|
||||
return 0;
|
||||
}
|
||||
|
||||
int
|
||||
main(int argc, char **argv)
|
||||
{
|
||||
int ret = 0;
|
||||
int i;
|
||||
|
||||
for (i = 0; i < sizeof(p12_pbe_tests)/sizeof(p12_pbe_tests[0]); i++)
|
||||
ret += test_pkcs12_pbe(&p12_pbe_tests[i]);
|
||||
|
||||
return ret;
|
||||
}
|
||||
@@ -0,0 +1,158 @@
|
||||
/*
|
||||
* Copyright (c) 2006 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include <config.h>
|
||||
#endif
|
||||
|
||||
#ifdef RCSID
|
||||
RCSID("$Id$");
|
||||
#endif
|
||||
|
||||
#include <sys/types.h>
|
||||
#include <limits.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <err.h>
|
||||
|
||||
#include <evp.h>
|
||||
|
||||
struct tests {
|
||||
const char *password;
|
||||
const char *salt;
|
||||
int iterations;
|
||||
const void *pbkdf2_128;
|
||||
const void *pbkdf2_256;
|
||||
};
|
||||
|
||||
|
||||
const struct tests pkcs5_tests[] = {
|
||||
{ "password",
|
||||
"ATHENA.MIT.EDUraeburn",
|
||||
1,
|
||||
"\xcd\xed\xb5\x28\x1b\xb2\xf8\x01\x56\x5a\x11\x22\xb2\x56\x35\x15",
|
||||
"\xcd\xed\xb5\x28\x1b\xb2\xf8\x01\x56\x5a\x11\x22\xb2\x56\x35\x15"
|
||||
"\x0a\xd1\xf7\xa0\x4b\xb9\xf3\xa3\x33\xec\xc0\xe2\xe1\xf7\x08\x37"
|
||||
},
|
||||
{ "password",
|
||||
"ATHENA.MIT.EDUraeburn",
|
||||
2,
|
||||
"\x01\xdb\xee\x7f\x4a\x9e\x24\x3e\x98\x8b\x62\xc7\x3c\xda\x93\x5d",
|
||||
"\x01\xdb\xee\x7f\x4a\x9e\x24\x3e\x98\x8b\x62\xc7\x3c\xda\x93\x5d"
|
||||
"\xa0\x53\x78\xb9\x32\x44\xec\x8f\x48\xa9\x9e\x61\xad\x79\x9d\x86"
|
||||
},
|
||||
{ "password",
|
||||
"ATHENA.MIT.EDUraeburn",
|
||||
1200,
|
||||
"\x5c\x08\xeb\x61\xfd\xf7\x1e\x4e\x4e\xc3\xcf\x6b\xa1\xf5\x51\x2b",
|
||||
"\x5c\x08\xeb\x61\xfd\xf7\x1e\x4e\x4e\xc3\xcf\x6b\xa1\xf5\x51\x2b"
|
||||
"\xa7\xe5\x2d\xdb\xc5\xe5\x14\x2f\x70\x8a\x31\xe2\xe6\x2b\x1e\x13"
|
||||
},
|
||||
{
|
||||
"password", "\x12\x34\x56\x78\x78\x56\x34\x12",
|
||||
5,
|
||||
"\xd1\xda\xa7\x86\x15\xf2\x87\xe6\xa1\xc8\xb1\x20\xd7\x06\x2a\x49",
|
||||
"\xd1\xda\xa7\x86\x15\xf2\x87\xe6\xa1\xc8\xb1\x20\xd7\x06\x2a\x49"
|
||||
"\x3f\x98\xd2\x03\xe6\xbe\x49\xa6\xad\xf4\xfa\x57\x4b\x6e\x64\xee"
|
||||
},
|
||||
{
|
||||
"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
|
||||
"pass phrase equals block size",
|
||||
1200,
|
||||
"\x13\x9c\x30\xc0\x96\x6b\xc3\x2b\xa5\x5f\xdb\xf2\x12\x53\x0a\xc9",
|
||||
"\x13\x9c\x30\xc0\x96\x6b\xc3\x2b\xa5\x5f\xdb\xf2\x12\x53\x0a\xc9"
|
||||
"\xc5\xec\x59\xf1\xa4\x52\xf5\xcc\x9a\xd9\x40\xfe\xa0\x59\x8e\xd1"
|
||||
},
|
||||
{
|
||||
"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
|
||||
"pass phrase exceeds block size",
|
||||
1200,
|
||||
"\x9c\xca\xd6\xd4\x68\x77\x0c\xd5\x1b\x10\xe6\xa6\x87\x21\xbe\x61",
|
||||
"\x9c\xca\xd6\xd4\x68\x77\x0c\xd5\x1b\x10\xe6\xa6\x87\x21\xbe\x61"
|
||||
"\x1a\x8b\x4d\x28\x26\x01\xdb\x3b\x36\xbe\x92\x46\x91\x5e\xc8\x2a"
|
||||
},
|
||||
{
|
||||
"\xf0\x9d\x84\x9e" /* g-clef */,
|
||||
"EXAMPLE.COMpianist",
|
||||
50,
|
||||
"\x6b\x9c\xf2\x6d\x45\x45\x5a\x43\xa5\xb8\xbb\x27\x6a\x40\x3b\x39",
|
||||
"\x6b\x9c\xf2\x6d\x45\x45\x5a\x43\xa5\xb8\xbb\x27\x6a\x40\x3b\x39"
|
||||
"\xe7\xfe\x37\xa0\xc4\x1e\x02\xc2\x81\xff\x30\x69\xe1\xe9\x4f\x52"
|
||||
}
|
||||
};
|
||||
|
||||
static int
|
||||
test_pkcs5_pbe2(const struct tests *t)
|
||||
{
|
||||
unsigned char key[32];
|
||||
int ret, error = 0;
|
||||
|
||||
ret = PKCS5_PBKDF2_HMAC_SHA1(t->password, strlen(t->password),
|
||||
t->salt, strlen(t->salt),
|
||||
t->iterations,
|
||||
16, key);
|
||||
if (ret != 1)
|
||||
errx(1, "PKCS5_PBKDF2_HMAC_SHA1: %d", ret);
|
||||
|
||||
if (memcmp(t->pbkdf2_128, key, 16) != 0) {
|
||||
printf("incorrect 128 key\n");
|
||||
error++;
|
||||
}
|
||||
|
||||
ret = PKCS5_PBKDF2_HMAC_SHA1(t->password, strlen(t->password),
|
||||
t->salt, strlen(t->salt),
|
||||
t->iterations,
|
||||
32, key);
|
||||
if (ret != 1)
|
||||
errx(1, "PKCS5_PBKDF2_HMAC_SHA1: %d", ret);
|
||||
|
||||
if (memcmp(t->pbkdf2_256, key, 32) != 0) {
|
||||
printf("incorrect 256 key\n");
|
||||
error++;
|
||||
}
|
||||
|
||||
return error;
|
||||
}
|
||||
|
||||
int
|
||||
main(int argc, char **argv)
|
||||
{
|
||||
int ret = 0;
|
||||
int i;
|
||||
|
||||
for (i = 0; i < sizeof(pkcs5_tests)/sizeof(pkcs5_tests[0]); i++)
|
||||
ret += test_pkcs5_pbe2(&pkcs5_tests[i]);
|
||||
|
||||
return ret;
|
||||
}
|
||||
@@ -0,0 +1,146 @@
|
||||
/*
|
||||
* Copyright (c) 2007 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include <config.h>
|
||||
#endif
|
||||
|
||||
#ifdef RCSID
|
||||
RCSID("$Id$");
|
||||
#endif
|
||||
|
||||
#include <stdio.h>
|
||||
|
||||
#include <roken.h>
|
||||
#include <getarg.h>
|
||||
|
||||
#include "rand.h"
|
||||
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
static int version_flag;
|
||||
static int help_flag;
|
||||
static int len = 1024 * 1024;
|
||||
static char *rand_method;
|
||||
|
||||
static struct getargs args[] = {
|
||||
{ "length", 0, arg_integer, &len,
|
||||
"length", NULL },
|
||||
{ "method", 0, arg_string, &rand_method,
|
||||
"method", NULL },
|
||||
{ "version", 0, arg_flag, &version_flag,
|
||||
"print version", NULL },
|
||||
{ "help", 0, arg_flag, &help_flag,
|
||||
NULL, NULL }
|
||||
};
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
static void
|
||||
usage (int ret)
|
||||
{
|
||||
arg_printusage (args,
|
||||
sizeof(args)/sizeof(args[0]),
|
||||
NULL,
|
||||
"out-random-file");
|
||||
exit (ret);
|
||||
}
|
||||
|
||||
int
|
||||
main(int argc, char **argv)
|
||||
{
|
||||
int idx = 0;
|
||||
char *buffer;
|
||||
char path[MAXPATHLEN];
|
||||
|
||||
setprogname(argv[0]);
|
||||
|
||||
if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &idx))
|
||||
usage(1);
|
||||
|
||||
if (help_flag)
|
||||
usage(0);
|
||||
|
||||
if(version_flag){
|
||||
print_version(NULL);
|
||||
exit(0);
|
||||
}
|
||||
|
||||
argc -= idx;
|
||||
argv += idx;
|
||||
|
||||
if (argc < 1)
|
||||
usage(1);
|
||||
|
||||
buffer = emalloc(len);
|
||||
|
||||
if (rand_method) {
|
||||
if (strcasecmp(rand_method, "fortuna") == 0)
|
||||
RAND_set_rand_method(RAND_fortuna_method());
|
||||
else if (strcasecmp(rand_method, "unix") == 0)
|
||||
RAND_set_rand_method(RAND_unix_method());
|
||||
else if (strcasecmp(rand_method, "egd") == 0)
|
||||
RAND_set_rand_method(RAND_egd_method());
|
||||
else
|
||||
errx(1, "unknown method %s", rand_method);
|
||||
}
|
||||
|
||||
if (RAND_file_name(path, sizeof(path)) == NULL)
|
||||
errx(1, "RAND_file_name failed");
|
||||
|
||||
if (RAND_status() != 1)
|
||||
errx(1, "random not ready yet");
|
||||
|
||||
if (RAND_bytes(buffer, len) != 1)
|
||||
errx(1, "RAND_bytes");
|
||||
|
||||
rk_dumpdata(argv[0], buffer, len);
|
||||
|
||||
free(buffer);
|
||||
|
||||
if (RAND_write_file("test.file") != 1)
|
||||
errx(1, "RAND_write_file");
|
||||
if (RAND_load_file("test.file", 1024) != 1)
|
||||
errx(1, "RAND_load_file");
|
||||
|
||||
return 0;
|
||||
}
|
||||
@@ -0,0 +1,376 @@
|
||||
/*
|
||||
* Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include <config.h>
|
||||
#endif
|
||||
|
||||
#ifdef RCSID
|
||||
RCSID("$Id$");
|
||||
#endif
|
||||
|
||||
#include <stdio.h>
|
||||
|
||||
#include <roken.h>
|
||||
#include <getarg.h>
|
||||
|
||||
#include <engine.h>
|
||||
#include <evp.h>
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
static int version_flag;
|
||||
static int help_flag;
|
||||
static int time_keygen;
|
||||
static char *time_key;
|
||||
static int key_blinding = 1;
|
||||
static char *rsa_key;
|
||||
static char *id_flag;
|
||||
static int loops = 1;
|
||||
|
||||
static struct getargs args[] = {
|
||||
{ "loops", 0, arg_integer, &loops,
|
||||
"number of loops", "loops" },
|
||||
{ "id", 0, arg_string, &id_flag,
|
||||
"selects the engine id", "engine-id" },
|
||||
{ "time-keygen", 0, arg_flag, &time_keygen,
|
||||
"time rsa generation", NULL },
|
||||
{ "time-key", 0, arg_string, &time_key,
|
||||
"rsa key file", NULL },
|
||||
{ "key-blinding", 0, arg_negative_flag, &key_blinding,
|
||||
"key blinding", NULL },
|
||||
{ "key", 0, arg_string, &rsa_key,
|
||||
"rsa key file", NULL },
|
||||
{ "version", 0, arg_flag, &version_flag,
|
||||
"print version", NULL },
|
||||
{ "help", 0, arg_flag, &help_flag,
|
||||
NULL, NULL }
|
||||
};
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
static void
|
||||
check_rsa(const unsigned char *in, size_t len, RSA *rsa, int padding)
|
||||
{
|
||||
unsigned char *res, *res2;
|
||||
int keylen;
|
||||
|
||||
res = malloc(RSA_size(rsa));
|
||||
if (res == NULL)
|
||||
errx(1, "res: ENOMEM");
|
||||
|
||||
res2 = malloc(RSA_size(rsa));
|
||||
if (res2 == NULL)
|
||||
errx(1, "res2: ENOMEM");
|
||||
|
||||
/* signing */
|
||||
|
||||
keylen = RSA_private_encrypt(len, in, res, rsa, padding);
|
||||
if (keylen <= 0)
|
||||
errx(1, "failed to private encrypt: %d %d", (int)len, (int)keylen);
|
||||
|
||||
if (keylen > RSA_size(rsa))
|
||||
errx(1, "keylen > RSA_size(rsa)");
|
||||
|
||||
keylen = RSA_public_decrypt(keylen, res, res2, rsa, padding);
|
||||
if (keylen <= 0)
|
||||
errx(1, "failed to public decrypt: %d", (int)keylen);
|
||||
|
||||
if (keylen != len)
|
||||
errx(1, "output buffer not same length: %d", (int)keylen);
|
||||
|
||||
if (memcmp(res2, in, len) != 0)
|
||||
errx(1, "string not the same after decryption");
|
||||
|
||||
/* encryption */
|
||||
|
||||
keylen = RSA_public_encrypt(len, in, res, rsa, padding);
|
||||
if (keylen <= 0)
|
||||
errx(1, "failed to public encrypt: %d", (int)keylen);
|
||||
|
||||
if (keylen > RSA_size(rsa))
|
||||
errx(1, "keylen > RSA_size(rsa)");
|
||||
|
||||
keylen = RSA_private_decrypt(keylen, res, res2, rsa, padding);
|
||||
if (keylen <= 0)
|
||||
errx(1, "failed to private decrypt: %d", (int)keylen);
|
||||
|
||||
if (keylen != len)
|
||||
errx(1, "output buffer not same length: %d", (int)keylen);
|
||||
|
||||
if (memcmp(res2, in, len) != 0)
|
||||
errx(1, "string not the same after decryption");
|
||||
|
||||
free(res);
|
||||
free(res2);
|
||||
}
|
||||
|
||||
static int
|
||||
cb_func(int a, int b, BN_GENCB *c)
|
||||
{
|
||||
return 1;
|
||||
}
|
||||
|
||||
static RSA *
|
||||
read_key(ENGINE *engine, const char *rsa_key)
|
||||
{
|
||||
unsigned char buf[1024 * 4];
|
||||
const unsigned char *p;
|
||||
size_t size;
|
||||
RSA *rsa;
|
||||
FILE *f;
|
||||
|
||||
f = fopen(rsa_key, "r");
|
||||
if (f == NULL)
|
||||
err(1, "could not open file %s", rsa_key);
|
||||
|
||||
size = fread(buf, 1, sizeof(buf), f);
|
||||
fclose(f);
|
||||
if (size == 0)
|
||||
err(1, "failed to read file %s", rsa_key);
|
||||
if (size == sizeof(buf))
|
||||
err(1, "key too long in file %s!", rsa_key);
|
||||
|
||||
p = buf;
|
||||
rsa = d2i_RSAPrivateKey(NULL, &p, size);
|
||||
if (rsa == NULL)
|
||||
err(1, "failed to parse key in file %s", rsa_key);
|
||||
|
||||
RSA_set_method(rsa, ENGINE_get_RSA(engine));
|
||||
|
||||
if (!key_blinding)
|
||||
rsa->flags |= RSA_FLAG_NO_BLINDING;
|
||||
|
||||
return rsa;
|
||||
}
|
||||
|
||||
/*
|
||||
*
|
||||
*/
|
||||
|
||||
static void
|
||||
usage (int ret)
|
||||
{
|
||||
arg_printusage (args,
|
||||
sizeof(args)/sizeof(*args),
|
||||
NULL,
|
||||
"filename.so");
|
||||
exit (ret);
|
||||
}
|
||||
|
||||
int
|
||||
main(int argc, char **argv)
|
||||
{
|
||||
ENGINE *engine = NULL;
|
||||
int i, j, idx = 0;
|
||||
RSA *rsa;
|
||||
|
||||
setprogname(argv[0]);
|
||||
|
||||
if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &idx))
|
||||
usage(1);
|
||||
|
||||
if (help_flag)
|
||||
usage(0);
|
||||
|
||||
if(version_flag){
|
||||
print_version(NULL);
|
||||
exit(0);
|
||||
}
|
||||
|
||||
argc -= idx;
|
||||
argv += idx;
|
||||
|
||||
OpenSSL_add_all_algorithms();
|
||||
|
||||
if (argc == 0) {
|
||||
OpenSSL_add_all_algorithms();
|
||||
ENGINE_load_builtin_engines();
|
||||
engine = ENGINE_by_id("builtin");
|
||||
} else {
|
||||
engine = ENGINE_by_dso(argv[0], id_flag);
|
||||
}
|
||||
if (engine == NULL)
|
||||
errx(1, "ENGINE_by_dso failed");
|
||||
|
||||
if (ENGINE_get_RSA(engine) == NULL)
|
||||
return 77;
|
||||
|
||||
printf("rsa %s\n", ENGINE_get_RSA(engine)->name);
|
||||
|
||||
if (RAND_status() != 1)
|
||||
errx(77, "no functional random device, refusing to run tests");
|
||||
|
||||
if (time_keygen) {
|
||||
struct timeval tv1, tv2;
|
||||
const int num = 10;
|
||||
BIGNUM *e;
|
||||
|
||||
rsa = RSA_new_method(engine);
|
||||
if (!key_blinding)
|
||||
rsa->flags |= RSA_FLAG_NO_BLINDING;
|
||||
|
||||
e = BN_new();
|
||||
BN_set_word(e, 0x10001);
|
||||
|
||||
gettimeofday(&tv1, NULL);
|
||||
|
||||
for (i = 0; i < num; i++) {
|
||||
rsa = RSA_new_method(engine);
|
||||
if (RSA_generate_key_ex(rsa, 1024, e, NULL) != 1)
|
||||
errx(1, "RSA_generate_key_ex");
|
||||
RSA_free(rsa);
|
||||
}
|
||||
|
||||
gettimeofday(&tv2, NULL);
|
||||
timevalsub(&tv2, &tv1);
|
||||
|
||||
printf("time %lu.%06lu\n",
|
||||
(unsigned long)tv2.tv_sec,
|
||||
(unsigned long)tv2.tv_usec);
|
||||
|
||||
BN_free(e);
|
||||
ENGINE_finish(engine);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (time_key) {
|
||||
const int size = 20;
|
||||
const int num = 128;
|
||||
struct timeval tv1, tv2;
|
||||
unsigned char *p;
|
||||
|
||||
rsa = read_key(engine, time_key);
|
||||
|
||||
p = emalloc(num * size);
|
||||
|
||||
RAND_bytes(p, num * size);
|
||||
|
||||
gettimeofday(&tv1, NULL);
|
||||
for (i = 0; i < num; i++)
|
||||
check_rsa(p + (i * size), size, rsa, RSA_PKCS1_PADDING);
|
||||
gettimeofday(&tv2, NULL);
|
||||
|
||||
timevalsub(&tv2, &tv1);
|
||||
|
||||
printf("time %lu.%06lu\n",
|
||||
(unsigned long)tv2.tv_sec,
|
||||
(unsigned long)tv2.tv_usec);
|
||||
|
||||
RSA_free(rsa);
|
||||
ENGINE_finish(engine);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (rsa_key) {
|
||||
rsa = read_key(engine, rsa_key);
|
||||
|
||||
/*
|
||||
* Assuming that you use the RSA key in the distribution, this
|
||||
* test will generate a signature have a starting zero and thus
|
||||
* will generate a checksum that is 127 byte instead of the
|
||||
* checksum that is 128 byte (like the key).
|
||||
*/
|
||||
{
|
||||
const unsigned char sha1[20] = {
|
||||
0x6d, 0x33, 0xf9, 0x40, 0x75, 0x5b, 0x4e, 0xc5, 0x90, 0x35,
|
||||
0x48, 0xab, 0x75, 0x02, 0x09, 0x76, 0x9a, 0xb4, 0x7d, 0x6b
|
||||
};
|
||||
|
||||
check_rsa(sha1, sizeof(sha1), rsa, RSA_PKCS1_PADDING);
|
||||
}
|
||||
|
||||
for (i = 0; i < 128; i++) {
|
||||
unsigned char sha1[20];
|
||||
|
||||
RAND_bytes(sha1, sizeof(sha1));
|
||||
check_rsa(sha1, sizeof(sha1), rsa, RSA_PKCS1_PADDING);
|
||||
}
|
||||
for (i = 0; i < 128; i++) {
|
||||
unsigned char des3[21];
|
||||
|
||||
RAND_bytes(des3, sizeof(des3));
|
||||
check_rsa(des3, sizeof(des3), rsa, RSA_PKCS1_PADDING);
|
||||
}
|
||||
for (i = 0; i < 128; i++) {
|
||||
unsigned char aes[32];
|
||||
|
||||
RAND_bytes(aes, sizeof(aes));
|
||||
check_rsa(aes, sizeof(aes), rsa, RSA_PKCS1_PADDING);
|
||||
}
|
||||
|
||||
RSA_free(rsa);
|
||||
}
|
||||
|
||||
for (i = 0; i < loops; i++) {
|
||||
BN_GENCB cb;
|
||||
BIGNUM *e;
|
||||
unsigned int n;
|
||||
|
||||
rsa = RSA_new_method(engine);
|
||||
if (!key_blinding)
|
||||
rsa->flags |= RSA_FLAG_NO_BLINDING;
|
||||
|
||||
e = BN_new();
|
||||
BN_set_word(e, 0x10001);
|
||||
|
||||
BN_GENCB_set(&cb, cb_func, NULL);
|
||||
|
||||
RAND_bytes(&n, sizeof(n));
|
||||
n &= 0x1ff;
|
||||
n += 1024;
|
||||
|
||||
if (RSA_generate_key_ex(rsa, n, e, &cb) != 1)
|
||||
errx(1, "RSA_generate_key_ex");
|
||||
|
||||
BN_free(e);
|
||||
|
||||
for (j = 0; j < 8; j++) {
|
||||
unsigned char sha1[20];
|
||||
RAND_bytes(sha1, sizeof(sha1));
|
||||
check_rsa(sha1, sizeof(sha1), rsa, RSA_PKCS1_PADDING);
|
||||
}
|
||||
|
||||
RSA_free(rsa);
|
||||
}
|
||||
|
||||
ENGINE_finish(engine);
|
||||
|
||||
return 0;
|
||||
}
|
||||
@@ -0,0 +1,164 @@
|
||||
/*
|
||||
* Copyright (c) 1997 - 2000, 2005 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
#ifdef HAVE_CONFIG_H
|
||||
#include <config.h>
|
||||
RCSID("$Id$");
|
||||
#endif
|
||||
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <signal.h>
|
||||
#include <termios.h>
|
||||
#include <roken.h>
|
||||
|
||||
#include <ui.h>
|
||||
|
||||
static sig_atomic_t intr_flag;
|
||||
|
||||
static void
|
||||
intr(int sig)
|
||||
{
|
||||
intr_flag++;
|
||||
}
|
||||
|
||||
#ifndef NSIG
|
||||
#define NSIG 47
|
||||
#endif
|
||||
|
||||
static int
|
||||
read_string(const char *preprompt, const char *prompt,
|
||||
char *buf, size_t len, int echo)
|
||||
{
|
||||
struct sigaction sigs[NSIG];
|
||||
int oksigs[NSIG];
|
||||
struct sigaction sa;
|
||||
FILE *tty;
|
||||
int ret = 0;
|
||||
int of = 0;
|
||||
int i;
|
||||
int c;
|
||||
char *p;
|
||||
|
||||
struct termios t_new, t_old;
|
||||
|
||||
memset(&oksigs, 0, sizeof(oksigs));
|
||||
|
||||
memset(&sa, 0, sizeof(sa));
|
||||
sa.sa_handler = intr;
|
||||
sigemptyset(&sa.sa_mask);
|
||||
sa.sa_flags = 0;
|
||||
for(i = 1; i < sizeof(sigs) / sizeof(sigs[0]); i++)
|
||||
if (i != SIGALRM)
|
||||
if (sigaction(i, &sa, &sigs[i]) == 0)
|
||||
oksigs[i] = 1;
|
||||
|
||||
if((tty = fopen("/dev/tty", "r")) == NULL)
|
||||
tty = stdin;
|
||||
|
||||
fprintf(stderr, "%s%s", preprompt, prompt);
|
||||
fflush(stderr);
|
||||
|
||||
if(echo == 0){
|
||||
tcgetattr(fileno(tty), &t_old);
|
||||
memcpy(&t_new, &t_old, sizeof(t_new));
|
||||
t_new.c_lflag &= ~ECHO;
|
||||
tcsetattr(fileno(tty), TCSANOW, &t_new);
|
||||
}
|
||||
intr_flag = 0;
|
||||
p = buf;
|
||||
while(intr_flag == 0){
|
||||
c = getc(tty);
|
||||
if(c == EOF){
|
||||
if(!ferror(tty))
|
||||
ret = 1;
|
||||
break;
|
||||
}
|
||||
if(c == '\n')
|
||||
break;
|
||||
if(of == 0)
|
||||
*p++ = c;
|
||||
of = (p == buf + len);
|
||||
}
|
||||
if(of)
|
||||
p--;
|
||||
*p = 0;
|
||||
|
||||
if(echo == 0){
|
||||
printf("\n");
|
||||
tcsetattr(fileno(tty), TCSANOW, &t_old);
|
||||
}
|
||||
|
||||
if(tty != stdin)
|
||||
fclose(tty);
|
||||
|
||||
for(i = 1; i < sizeof(sigs) / sizeof(sigs[0]); i++)
|
||||
if (oksigs[i])
|
||||
sigaction(i, &sigs[i], NULL);
|
||||
|
||||
if(ret)
|
||||
return -3;
|
||||
if(intr_flag)
|
||||
return -2;
|
||||
if(of)
|
||||
return -1;
|
||||
return 0;
|
||||
}
|
||||
|
||||
int
|
||||
UI_UTIL_read_pw_string(char *buf, int length, const char *prompt, int verify)
|
||||
{
|
||||
int ret;
|
||||
|
||||
ret = read_string("", prompt, buf, length, 0);
|
||||
if (ret)
|
||||
return ret;
|
||||
|
||||
if (verify) {
|
||||
char *buf2;
|
||||
buf2 = malloc(length);
|
||||
if (buf2 == NULL)
|
||||
return 1;
|
||||
|
||||
ret = read_string("Verify password - ", prompt, buf2, length, 0);
|
||||
if (ret) {
|
||||
free(buf2);
|
||||
return ret;
|
||||
}
|
||||
if (strcmp(buf2, buf) != 0)
|
||||
ret = 1;
|
||||
free(buf2);
|
||||
}
|
||||
return ret;
|
||||
}
|
||||
@@ -0,0 +1,45 @@
|
||||
/*
|
||||
* Copyright (c) 2005 Kungliga Tekniska Högskolan
|
||||
* (Royal Institute of Technology, Stockholm, Sweden).
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
*
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
*
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
*
|
||||
* 3. Neither the name of the Institute nor the names of its contributors
|
||||
* may be used to endorse or promote products derived from this software
|
||||
* without specific prior written permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*/
|
||||
|
||||
/* $Id$ */
|
||||
|
||||
#ifndef _HEIM_UI_H
|
||||
#define _HEIM_UI_H 1
|
||||
|
||||
/* symbol renaming */
|
||||
#define UI_UTIL_read_pw_string hc_UI_UTIL_read_pw_string
|
||||
|
||||
int UI_UTIL_read_pw_string(char *, int, const char *, int); /* XXX */
|
||||
|
||||
#endif /* _HEIM_UI_H */
|
||||
|
||||
Reference in New Issue
Block a user