mirror of
https://github.com/polyfractal/rustl8710.git
synced 2026-07-05 19:05:41 +00:00
Initial checkin
This commit is contained in:
parent
d4f581cea3
commit
34016a7bd3
1285 changed files with 536346 additions and 0 deletions
|
|
@ -0,0 +1,73 @@
|
|||
|
||||
include $(MAKE_INCLUDE_GEN)
|
||||
|
||||
.PHONY: all clean
|
||||
|
||||
#*****************************************************************************#
|
||||
# VARIABLES #
|
||||
#*****************************************************************************#
|
||||
|
||||
|
||||
MODULE_IFLAGS += -I../../include -fno-tree-switch-conversion
|
||||
|
||||
GLOBAL_CFLAGS += -DCONFIG_SSL_ROM
|
||||
|
||||
#*****************************************************************************#
|
||||
# Object FILE LIST #
|
||||
#*****************************************************************************#
|
||||
OBJS =
|
||||
|
||||
ROM_CSRC = aes.o \
|
||||
arc4.o \
|
||||
asn1parse.o \
|
||||
asn1write.o \
|
||||
base64.o \
|
||||
bignum.o \
|
||||
ctr_drbg.o \
|
||||
des.o \
|
||||
dhm.o \
|
||||
ecdh.o \
|
||||
ecdsa.o \
|
||||
ecp.o \
|
||||
ecp_curves.o \
|
||||
hmac_drbg.o \
|
||||
md.o \
|
||||
md_wrap.o \
|
||||
md5.o \
|
||||
oid.o \
|
||||
pem.o \
|
||||
pk.o \
|
||||
pk_wrap.o \
|
||||
pkwrite.o \
|
||||
rsa.o \
|
||||
sha1.o \
|
||||
sha256.o \
|
||||
sha512.o \
|
||||
../../../ssl_ram_map/rom/rom_ssl_ram_map.o
|
||||
|
||||
OBJS = $(ROM_CSRC)
|
||||
|
||||
#*****************************************************************************#
|
||||
# RULES TO GENERATE TARGETS #
|
||||
#*****************************************************************************#
|
||||
|
||||
# Define the Rules to build the core targets
|
||||
all: CORE_TARGETS RENAME_ROM_OBJS COPY_ROM_OBJS
|
||||
|
||||
|
||||
#*****************************************************************************#
|
||||
# GENERATE OBJECT FILE
|
||||
#*****************************************************************************#
|
||||
CORE_TARGETS: $(OBJS) $(ASM_OBJS)
|
||||
|
||||
|
||||
#*****************************************************************************#
|
||||
# RULES TO CLEAN TARGETS #
|
||||
#*****************************************************************************#
|
||||
clean:
|
||||
$(REMOVE) *.o
|
||||
$(REMOVE) *.i
|
||||
$(REMOVE) *.s
|
||||
$(REMOVE) *.d
|
||||
|
||||
-include $(DEPS)
|
||||
1625
component/common/network/ssl/polarssl-1.3.8/library/rom/aes.c
Normal file
1625
component/common/network/ssl/polarssl-1.3.8/library/rom/aes.c
Normal file
File diff suppressed because it is too large
Load diff
213
component/common/network/ssl/polarssl-1.3.8/library/rom/arc4.c
Normal file
213
component/common/network/ssl/polarssl-1.3.8/library/rom/arc4.c
Normal file
|
|
@ -0,0 +1,213 @@
|
|||
/*
|
||||
* An implementation of the ARCFOUR algorithm
|
||||
*
|
||||
* Copyright (C) 2006-2014, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
/*
|
||||
* The ARCFOUR algorithm was publicly disclosed on 94/09.
|
||||
*
|
||||
* http://groups.google.com/group/sci.crypt/msg/10a300c9d21afca0
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#include "polarssl/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_ARC4_C)
|
||||
|
||||
#include "polarssl/arc4.h"
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#include "polarssl/platform.h"
|
||||
#else
|
||||
#define polarssl_printf printf
|
||||
#endif
|
||||
|
||||
#if !defined(POLARSSL_ARC4_ALT)
|
||||
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static void polarssl_zeroize( void *v, size_t n ) {
|
||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void arc4_init( arc4_context *ctx )
|
||||
{
|
||||
memset( ctx, 0, sizeof( arc4_context ) );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void arc4_free( arc4_context *ctx )
|
||||
{
|
||||
if( ctx == NULL )
|
||||
return;
|
||||
|
||||
polarssl_zeroize( ctx, sizeof( arc4_context ) );
|
||||
}
|
||||
|
||||
/*
|
||||
* ARC4 key schedule
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void arc4_setup( arc4_context *ctx, const unsigned char *key,
|
||||
unsigned int keylen )
|
||||
{
|
||||
int i, j, a;
|
||||
unsigned int k;
|
||||
unsigned char *m;
|
||||
|
||||
ctx->x = 0;
|
||||
ctx->y = 0;
|
||||
m = ctx->m;
|
||||
|
||||
for( i = 0; i < 256; i++ )
|
||||
m[i] = (unsigned char) i;
|
||||
|
||||
j = k = 0;
|
||||
|
||||
for( i = 0; i < 256; i++, k++ )
|
||||
{
|
||||
if( k >= keylen ) k = 0;
|
||||
|
||||
a = m[i];
|
||||
j = ( j + a + key[k] ) & 0xFF;
|
||||
m[i] = m[j];
|
||||
m[j] = (unsigned char) a;
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
* ARC4 cipher function
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int arc4_crypt( arc4_context *ctx, size_t length, const unsigned char *input,
|
||||
unsigned char *output )
|
||||
{
|
||||
int x, y, a, b;
|
||||
size_t i;
|
||||
unsigned char *m;
|
||||
|
||||
x = ctx->x;
|
||||
y = ctx->y;
|
||||
m = ctx->m;
|
||||
|
||||
for( i = 0; i < length; i++ )
|
||||
{
|
||||
x = ( x + 1 ) & 0xFF; a = m[x];
|
||||
y = ( y + a ) & 0xFF; b = m[y];
|
||||
|
||||
m[x] = (unsigned char) b;
|
||||
m[y] = (unsigned char) a;
|
||||
|
||||
output[i] = (unsigned char)
|
||||
( input[i] ^ m[(unsigned char)( a + b )] );
|
||||
}
|
||||
|
||||
ctx->x = x;
|
||||
ctx->y = y;
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
#endif /* !POLARSSL_ARC4_ALT */
|
||||
|
||||
#if defined(POLARSSL_SELF_TEST)
|
||||
|
||||
#include <string.h>
|
||||
#include <stdio.h>
|
||||
|
||||
/*
|
||||
* ARC4 tests vectors as posted by Eric Rescorla in sep. 1994:
|
||||
*
|
||||
* http://groups.google.com/group/comp.security.misc/msg/10a300c9d21afca0
|
||||
*/
|
||||
static const unsigned char arc4_test_key[3][8] =
|
||||
{
|
||||
{ 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF },
|
||||
{ 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF },
|
||||
{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }
|
||||
};
|
||||
|
||||
static const unsigned char arc4_test_pt[3][8] =
|
||||
{
|
||||
{ 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF },
|
||||
{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
|
||||
{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }
|
||||
};
|
||||
|
||||
static const unsigned char arc4_test_ct[3][8] =
|
||||
{
|
||||
{ 0x75, 0xB7, 0x87, 0x80, 0x99, 0xE0, 0xC5, 0x96 },
|
||||
{ 0x74, 0x94, 0xC2, 0xE7, 0x10, 0x4B, 0x08, 0x79 },
|
||||
{ 0xDE, 0x18, 0x89, 0x41, 0xA3, 0x37, 0x5D, 0x3A }
|
||||
};
|
||||
|
||||
/*
|
||||
* Checkup routine
|
||||
*/
|
||||
int arc4_self_test( int verbose )
|
||||
{
|
||||
int i, ret = 0;
|
||||
unsigned char ibuf[8];
|
||||
unsigned char obuf[8];
|
||||
arc4_context ctx;
|
||||
|
||||
arc4_init( &ctx );
|
||||
|
||||
for( i = 0; i < 3; i++ )
|
||||
{
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( " ARC4 test #%d: ", i + 1 );
|
||||
|
||||
memcpy( ibuf, arc4_test_pt[i], 8 );
|
||||
|
||||
arc4_setup( &ctx, arc4_test_key[i], 8 );
|
||||
arc4_crypt( &ctx, 8, ibuf, obuf );
|
||||
|
||||
if( memcmp( obuf, arc4_test_ct[i], 8 ) != 0 )
|
||||
{
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( "failed\n" );
|
||||
|
||||
ret = 1;
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( "passed\n" );
|
||||
}
|
||||
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( "\n" );
|
||||
|
||||
exit:
|
||||
arc4_free( &ctx );
|
||||
|
||||
return( ret );
|
||||
}
|
||||
|
||||
#endif /* POLARSSL_SELF_TEST */
|
||||
|
||||
#endif /* POLARSSL_ARC4_C */
|
||||
|
|
@ -0,0 +1,404 @@
|
|||
/*
|
||||
* Generic ASN.1 parsing
|
||||
*
|
||||
* Copyright (C) 2006-2014, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#include "polarssl/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_ASN1_PARSE_C)
|
||||
|
||||
#include "polarssl/asn1.h"
|
||||
|
||||
#if defined(POLARSSL_BIGNUM_C)
|
||||
#include "polarssl/bignum.h"
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#include "polarssl/platform.h"
|
||||
#else
|
||||
#define polarssl_malloc malloc
|
||||
#define polarssl_free free
|
||||
#endif
|
||||
|
||||
#include <string.h>
|
||||
#include <stdlib.h>
|
||||
|
||||
/*
|
||||
* ASN.1 DER decoding routines
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int asn1_get_len( unsigned char **p,
|
||||
const unsigned char *end,
|
||||
size_t *len )
|
||||
{
|
||||
if( ( end - *p ) < 1 )
|
||||
return( POLARSSL_ERR_ASN1_OUT_OF_DATA );
|
||||
|
||||
if( ( **p & 0x80 ) == 0 )
|
||||
*len = *(*p)++;
|
||||
else
|
||||
{
|
||||
switch( **p & 0x7F )
|
||||
{
|
||||
case 1:
|
||||
if( ( end - *p ) < 2 )
|
||||
return( POLARSSL_ERR_ASN1_OUT_OF_DATA );
|
||||
|
||||
*len = (*p)[1];
|
||||
(*p) += 2;
|
||||
break;
|
||||
|
||||
case 2:
|
||||
if( ( end - *p ) < 3 )
|
||||
return( POLARSSL_ERR_ASN1_OUT_OF_DATA );
|
||||
|
||||
*len = ( (*p)[1] << 8 ) | (*p)[2];
|
||||
(*p) += 3;
|
||||
break;
|
||||
|
||||
case 3:
|
||||
if( ( end - *p ) < 4 )
|
||||
return( POLARSSL_ERR_ASN1_OUT_OF_DATA );
|
||||
|
||||
*len = ( (*p)[1] << 16 ) | ( (*p)[2] << 8 ) | (*p)[3];
|
||||
(*p) += 4;
|
||||
break;
|
||||
|
||||
case 4:
|
||||
if( ( end - *p ) < 5 )
|
||||
return( POLARSSL_ERR_ASN1_OUT_OF_DATA );
|
||||
|
||||
*len = ( (*p)[1] << 24 ) | ( (*p)[2] << 16 ) | ( (*p)[3] << 8 ) |
|
||||
(*p)[4];
|
||||
(*p) += 5;
|
||||
break;
|
||||
|
||||
default:
|
||||
return( POLARSSL_ERR_ASN1_INVALID_LENGTH );
|
||||
}
|
||||
}
|
||||
|
||||
if( *len > (size_t) ( end - *p ) )
|
||||
return( POLARSSL_ERR_ASN1_OUT_OF_DATA );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int asn1_get_tag( unsigned char **p,
|
||||
const unsigned char *end,
|
||||
size_t *len, int tag )
|
||||
{
|
||||
if( ( end - *p ) < 1 )
|
||||
return( POLARSSL_ERR_ASN1_OUT_OF_DATA );
|
||||
|
||||
if( **p != tag )
|
||||
return( POLARSSL_ERR_ASN1_UNEXPECTED_TAG );
|
||||
|
||||
(*p)++;
|
||||
|
||||
return( asn1_get_len( p, end, len ) );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int asn1_get_bool( unsigned char **p,
|
||||
const unsigned char *end,
|
||||
int *val )
|
||||
{
|
||||
int ret;
|
||||
size_t len;
|
||||
|
||||
if( ( ret = asn1_get_tag( p, end, &len, ASN1_BOOLEAN ) ) != 0 )
|
||||
return( ret );
|
||||
|
||||
if( len != 1 )
|
||||
return( POLARSSL_ERR_ASN1_INVALID_LENGTH );
|
||||
|
||||
*val = ( **p != 0 ) ? 1 : 0;
|
||||
(*p)++;
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int asn1_get_int( unsigned char **p,
|
||||
const unsigned char *end,
|
||||
int *val )
|
||||
{
|
||||
int ret;
|
||||
size_t len;
|
||||
|
||||
if( ( ret = asn1_get_tag( p, end, &len, ASN1_INTEGER ) ) != 0 )
|
||||
return( ret );
|
||||
|
||||
if( len > sizeof( int ) || ( **p & 0x80 ) != 0 )
|
||||
return( POLARSSL_ERR_ASN1_INVALID_LENGTH );
|
||||
|
||||
*val = 0;
|
||||
|
||||
while( len-- > 0 )
|
||||
{
|
||||
*val = ( *val << 8 ) | **p;
|
||||
(*p)++;
|
||||
}
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_BIGNUM_C)
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int asn1_get_mpi( unsigned char **p,
|
||||
const unsigned char *end,
|
||||
mpi *X )
|
||||
{
|
||||
int ret;
|
||||
size_t len;
|
||||
|
||||
if( ( ret = asn1_get_tag( p, end, &len, ASN1_INTEGER ) ) != 0 )
|
||||
return( ret );
|
||||
|
||||
ret = mpi_read_binary( X, *p, len );
|
||||
|
||||
*p += len;
|
||||
|
||||
return( ret );
|
||||
}
|
||||
#endif /* POLARSSL_BIGNUM_C */
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int asn1_get_bitstring( unsigned char **p, const unsigned char *end,
|
||||
asn1_bitstring *bs)
|
||||
{
|
||||
int ret;
|
||||
|
||||
/* Certificate type is a single byte bitstring */
|
||||
if( ( ret = asn1_get_tag( p, end, &bs->len, ASN1_BIT_STRING ) ) != 0 )
|
||||
return( ret );
|
||||
|
||||
/* Check length, subtract one for actual bit string length */
|
||||
if( bs->len < 1 )
|
||||
return( POLARSSL_ERR_ASN1_OUT_OF_DATA );
|
||||
bs->len -= 1;
|
||||
|
||||
/* Get number of unused bits, ensure unused bits <= 7 */
|
||||
bs->unused_bits = **p;
|
||||
if( bs->unused_bits > 7 )
|
||||
return( POLARSSL_ERR_ASN1_INVALID_LENGTH );
|
||||
(*p)++;
|
||||
|
||||
/* Get actual bitstring */
|
||||
bs->p = *p;
|
||||
*p += bs->len;
|
||||
|
||||
if( *p != end )
|
||||
return( POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
/*
|
||||
* Get a bit string without unused bits
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int asn1_get_bitstring_null( unsigned char **p, const unsigned char *end,
|
||||
size_t *len )
|
||||
{
|
||||
int ret;
|
||||
|
||||
if( ( ret = asn1_get_tag( p, end, len, ASN1_BIT_STRING ) ) != 0 )
|
||||
return( ret );
|
||||
|
||||
if( (*len)-- < 2 || *(*p)++ != 0 )
|
||||
return( POLARSSL_ERR_ASN1_INVALID_DATA );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
|
||||
|
||||
/*
|
||||
* Parses and splits an ASN.1 "SEQUENCE OF <tag>"
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int asn1_get_sequence_of( unsigned char **p,
|
||||
const unsigned char *end,
|
||||
asn1_sequence *cur,
|
||||
int tag)
|
||||
{
|
||||
int ret;
|
||||
size_t len;
|
||||
asn1_buf *buf;
|
||||
|
||||
/* Get main sequence tag */
|
||||
if( ( ret = asn1_get_tag( p, end, &len,
|
||||
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
|
||||
return( ret );
|
||||
|
||||
if( *p + len != end )
|
||||
return( POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
|
||||
|
||||
while( *p < end )
|
||||
{
|
||||
buf = &(cur->buf);
|
||||
buf->tag = **p;
|
||||
|
||||
if( ( ret = asn1_get_tag( p, end, &buf->len, tag ) ) != 0 )
|
||||
return( ret );
|
||||
|
||||
buf->p = *p;
|
||||
*p += buf->len;
|
||||
|
||||
/* Allocate and assign next pointer */
|
||||
if( *p < end )
|
||||
{
|
||||
cur->next = (asn1_sequence *) polarssl_malloc(
|
||||
sizeof( asn1_sequence ) );
|
||||
|
||||
if( cur->next == NULL )
|
||||
return( POLARSSL_ERR_ASN1_MALLOC_FAILED );
|
||||
|
||||
cur = cur->next;
|
||||
}
|
||||
}
|
||||
|
||||
/* Set final sequence entry's next pointer to NULL */
|
||||
cur->next = NULL;
|
||||
|
||||
if( *p != end )
|
||||
return( POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int asn1_get_alg( unsigned char **p,
|
||||
const unsigned char *end,
|
||||
asn1_buf *alg, asn1_buf *params )
|
||||
{
|
||||
int ret;
|
||||
size_t len;
|
||||
|
||||
if( ( ret = asn1_get_tag( p, end, &len,
|
||||
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
|
||||
return( ret );
|
||||
|
||||
if( ( end - *p ) < 1 )
|
||||
return( POLARSSL_ERR_ASN1_OUT_OF_DATA );
|
||||
|
||||
alg->tag = **p;
|
||||
end = *p + len;
|
||||
|
||||
if( ( ret = asn1_get_tag( p, end, &alg->len, ASN1_OID ) ) != 0 )
|
||||
return( ret );
|
||||
|
||||
alg->p = *p;
|
||||
*p += alg->len;
|
||||
|
||||
if( *p == end )
|
||||
{
|
||||
memset( params, 0, sizeof(asn1_buf) );
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
params->tag = **p;
|
||||
(*p)++;
|
||||
|
||||
if( ( ret = asn1_get_len( p, end, ¶ms->len ) ) != 0 )
|
||||
return( ret );
|
||||
|
||||
params->p = *p;
|
||||
*p += params->len;
|
||||
|
||||
if( *p != end )
|
||||
return( POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int asn1_get_alg_null( unsigned char **p,
|
||||
const unsigned char *end,
|
||||
asn1_buf *alg )
|
||||
{
|
||||
int ret;
|
||||
asn1_buf params;
|
||||
|
||||
memset( ¶ms, 0, sizeof(asn1_buf) );
|
||||
|
||||
if( ( ret = asn1_get_alg( p, end, alg, ¶ms ) ) != 0 )
|
||||
return( ret );
|
||||
|
||||
if( ( params.tag != ASN1_NULL && params.tag != 0 ) || params.len != 0 )
|
||||
return( POLARSSL_ERR_ASN1_INVALID_DATA );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void asn1_free_named_data( asn1_named_data *cur )
|
||||
{
|
||||
if( cur == NULL )
|
||||
return;
|
||||
|
||||
polarssl_free( cur->oid.p );
|
||||
polarssl_free( cur->val.p );
|
||||
|
||||
memset( cur, 0, sizeof( asn1_named_data ) );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void asn1_free_named_data_list( asn1_named_data **head )
|
||||
{
|
||||
asn1_named_data *cur;
|
||||
|
||||
while( ( cur = *head ) != NULL )
|
||||
{
|
||||
*head = cur->next;
|
||||
asn1_free_named_data( cur );
|
||||
polarssl_free( cur );
|
||||
}
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
asn1_named_data *asn1_find_named_data( asn1_named_data *list,
|
||||
const char *oid, size_t len )
|
||||
{
|
||||
while( list != NULL )
|
||||
{
|
||||
if( list->oid.len == len &&
|
||||
memcmp( list->oid.p, oid, len ) == 0 )
|
||||
{
|
||||
break;
|
||||
}
|
||||
|
||||
list = list->next;
|
||||
}
|
||||
|
||||
return( list );
|
||||
}
|
||||
|
||||
#endif /* POLARSSL_ASN1_PARSE_C */
|
||||
|
|
@ -0,0 +1,380 @@
|
|||
/*
|
||||
* ASN.1 buffer writing functionality
|
||||
*
|
||||
* Copyright (C) 2006-2014, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#include "polarssl/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_ASN1_WRITE_C)
|
||||
|
||||
#include "polarssl/asn1write.h"
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#include "polarssl/platform.h"
|
||||
#else
|
||||
#include <stdlib.h>
|
||||
#define polarssl_malloc malloc
|
||||
#define polarssl_free free
|
||||
#endif
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int asn1_write_len( unsigned char **p, unsigned char *start, size_t len )
|
||||
{
|
||||
if( len < 0x80 )
|
||||
{
|
||||
if( *p - start < 1 )
|
||||
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
|
||||
|
||||
*--(*p) = (unsigned char) len;
|
||||
return( 1 );
|
||||
}
|
||||
|
||||
if( len <= 0xFF )
|
||||
{
|
||||
if( *p - start < 2 )
|
||||
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
|
||||
|
||||
*--(*p) = (unsigned char) len;
|
||||
*--(*p) = 0x81;
|
||||
return( 2 );
|
||||
}
|
||||
|
||||
if( *p - start < 3 )
|
||||
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
|
||||
|
||||
// We assume we never have lengths larger than 65535 bytes
|
||||
//
|
||||
*--(*p) = len % 256;
|
||||
*--(*p) = ( len / 256 ) % 256;
|
||||
*--(*p) = 0x82;
|
||||
|
||||
return( 3 );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int asn1_write_tag( unsigned char **p, unsigned char *start, unsigned char tag )
|
||||
{
|
||||
if( *p - start < 1 )
|
||||
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
|
||||
|
||||
*--(*p) = tag;
|
||||
|
||||
return( 1 );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int asn1_write_raw_buffer( unsigned char **p, unsigned char *start,
|
||||
const unsigned char *buf, size_t size )
|
||||
{
|
||||
size_t len = 0;
|
||||
|
||||
if( *p - start < (int) size )
|
||||
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
|
||||
|
||||
len = size;
|
||||
(*p) -= len;
|
||||
memcpy( *p, buf, len );
|
||||
|
||||
return( (int) len );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_BIGNUM_C)
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int asn1_write_mpi( unsigned char **p, unsigned char *start, mpi *X )
|
||||
{
|
||||
int ret;
|
||||
size_t len = 0;
|
||||
|
||||
// Write the MPI
|
||||
//
|
||||
len = mpi_size( X );
|
||||
|
||||
if( *p - start < (int) len )
|
||||
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
|
||||
|
||||
(*p) -= len;
|
||||
MPI_CHK( mpi_write_binary( X, *p, len ) );
|
||||
|
||||
// DER format assumes 2s complement for numbers, so the leftmost bit
|
||||
// should be 0 for positive numbers and 1 for negative numbers.
|
||||
//
|
||||
if( X->s ==1 && **p & 0x80 )
|
||||
{
|
||||
if( *p - start < 1 )
|
||||
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
|
||||
|
||||
*--(*p) = 0x00;
|
||||
len += 1;
|
||||
}
|
||||
|
||||
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_INTEGER ) );
|
||||
|
||||
ret = (int) len;
|
||||
|
||||
cleanup:
|
||||
return( ret );
|
||||
}
|
||||
#endif /* POLARSSL_BIGNUM_C */
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int asn1_write_null( unsigned char **p, unsigned char *start )
|
||||
{
|
||||
int ret;
|
||||
size_t len = 0;
|
||||
|
||||
// Write NULL
|
||||
//
|
||||
ASN1_CHK_ADD( len, asn1_write_len( p, start, 0) );
|
||||
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_NULL ) );
|
||||
|
||||
return( (int) len );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int asn1_write_oid( unsigned char **p, unsigned char *start,
|
||||
const char *oid, size_t oid_len )
|
||||
{
|
||||
int ret;
|
||||
size_t len = 0;
|
||||
|
||||
ASN1_CHK_ADD( len, asn1_write_raw_buffer( p, start,
|
||||
(const unsigned char *) oid, oid_len ) );
|
||||
ASN1_CHK_ADD( len , asn1_write_len( p, start, len ) );
|
||||
ASN1_CHK_ADD( len , asn1_write_tag( p, start, ASN1_OID ) );
|
||||
|
||||
return( (int) len );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int asn1_write_algorithm_identifier( unsigned char **p, unsigned char *start,
|
||||
const char *oid, size_t oid_len,
|
||||
size_t par_len )
|
||||
{
|
||||
int ret;
|
||||
size_t len = 0;
|
||||
|
||||
if( par_len == 0 )
|
||||
ASN1_CHK_ADD( len, asn1_write_null( p, start ) );
|
||||
else
|
||||
len += par_len;
|
||||
|
||||
ASN1_CHK_ADD( len, asn1_write_oid( p, start, oid, oid_len ) );
|
||||
|
||||
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_tag( p, start,
|
||||
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) );
|
||||
|
||||
return( (int) len );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int asn1_write_bool( unsigned char **p, unsigned char *start, int boolean )
|
||||
{
|
||||
int ret;
|
||||
size_t len = 0;
|
||||
|
||||
if( *p - start < 1 )
|
||||
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
|
||||
|
||||
*--(*p) = (boolean) ? 1 : 0;
|
||||
len++;
|
||||
|
||||
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_BOOLEAN ) );
|
||||
|
||||
return( (int) len );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int asn1_write_int( unsigned char **p, unsigned char *start, int val )
|
||||
{
|
||||
int ret;
|
||||
size_t len = 0;
|
||||
|
||||
// TODO negative values and values larger than 128
|
||||
// DER format assumes 2s complement for numbers, so the leftmost bit
|
||||
// should be 0 for positive numbers and 1 for negative numbers.
|
||||
//
|
||||
if( *p - start < 1 )
|
||||
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
|
||||
|
||||
len += 1;
|
||||
*--(*p) = val;
|
||||
|
||||
if( val > 0 && **p & 0x80 )
|
||||
{
|
||||
if( *p - start < 1 )
|
||||
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
|
||||
|
||||
*--(*p) = 0x00;
|
||||
len += 1;
|
||||
}
|
||||
|
||||
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_INTEGER ) );
|
||||
|
||||
return( (int) len );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int asn1_write_printable_string( unsigned char **p, unsigned char *start,
|
||||
const char *text, size_t text_len )
|
||||
{
|
||||
int ret;
|
||||
size_t len = 0;
|
||||
|
||||
ASN1_CHK_ADD( len, asn1_write_raw_buffer( p, start,
|
||||
(const unsigned char *) text, text_len ) );
|
||||
|
||||
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_PRINTABLE_STRING ) );
|
||||
|
||||
return( (int) len );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int asn1_write_ia5_string( unsigned char **p, unsigned char *start,
|
||||
const char *text, size_t text_len )
|
||||
{
|
||||
int ret;
|
||||
size_t len = 0;
|
||||
|
||||
ASN1_CHK_ADD( len, asn1_write_raw_buffer( p, start,
|
||||
(const unsigned char *) text, text_len ) );
|
||||
|
||||
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_IA5_STRING ) );
|
||||
|
||||
return( (int) len );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int asn1_write_bitstring( unsigned char **p, unsigned char *start,
|
||||
const unsigned char *buf, size_t bits )
|
||||
{
|
||||
int ret;
|
||||
size_t len = 0, size;
|
||||
|
||||
size = ( bits / 8 ) + ( ( bits % 8 ) ? 1 : 0 );
|
||||
|
||||
// Calculate byte length
|
||||
//
|
||||
if( *p - start < (int) size + 1 )
|
||||
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
|
||||
|
||||
len = size + 1;
|
||||
(*p) -= size;
|
||||
memcpy( *p, buf, size );
|
||||
|
||||
// Write unused bits
|
||||
//
|
||||
*--(*p) = (unsigned char) (size * 8 - bits);
|
||||
|
||||
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_BIT_STRING ) );
|
||||
|
||||
return( (int) len );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int asn1_write_octet_string( unsigned char **p, unsigned char *start,
|
||||
const unsigned char *buf, size_t size )
|
||||
{
|
||||
int ret;
|
||||
size_t len = 0;
|
||||
|
||||
ASN1_CHK_ADD( len, asn1_write_raw_buffer( p, start, buf, size ) );
|
||||
|
||||
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_OCTET_STRING ) );
|
||||
|
||||
return( (int) len );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
asn1_named_data *asn1_store_named_data( asn1_named_data **head,
|
||||
const char *oid, size_t oid_len,
|
||||
const unsigned char *val,
|
||||
size_t val_len )
|
||||
{
|
||||
asn1_named_data *cur;
|
||||
|
||||
if( ( cur = asn1_find_named_data( *head, oid, oid_len ) ) == NULL )
|
||||
{
|
||||
// Add new entry if not present yet based on OID
|
||||
//
|
||||
if( ( cur = polarssl_malloc( sizeof(asn1_named_data) ) ) == NULL )
|
||||
return( NULL );
|
||||
|
||||
memset( cur, 0, sizeof(asn1_named_data) );
|
||||
|
||||
cur->oid.len = oid_len;
|
||||
cur->oid.p = polarssl_malloc( oid_len );
|
||||
if( cur->oid.p == NULL )
|
||||
{
|
||||
polarssl_free( cur );
|
||||
return( NULL );
|
||||
}
|
||||
|
||||
cur->val.len = val_len;
|
||||
cur->val.p = polarssl_malloc( val_len );
|
||||
if( cur->val.p == NULL )
|
||||
{
|
||||
polarssl_free( cur->oid.p );
|
||||
polarssl_free( cur );
|
||||
return( NULL );
|
||||
}
|
||||
|
||||
memcpy( cur->oid.p, oid, oid_len );
|
||||
|
||||
cur->next = *head;
|
||||
*head = cur;
|
||||
}
|
||||
else if( cur->val.len < val_len )
|
||||
{
|
||||
// Enlarge existing value buffer if needed
|
||||
//
|
||||
polarssl_free( cur->val.p );
|
||||
cur->val.p = NULL;
|
||||
|
||||
cur->val.len = val_len;
|
||||
cur->val.p = polarssl_malloc( val_len );
|
||||
if( cur->val.p == NULL )
|
||||
{
|
||||
polarssl_free( cur->oid.p );
|
||||
polarssl_free( cur );
|
||||
return( NULL );
|
||||
}
|
||||
}
|
||||
|
||||
if( val != NULL )
|
||||
memcpy( cur->val.p, val, val_len );
|
||||
|
||||
return( cur );
|
||||
}
|
||||
#endif /* POLARSSL_ASN1_WRITE_C */
|
||||
277
component/common/network/ssl/polarssl-1.3.8/library/rom/base64.c
Normal file
277
component/common/network/ssl/polarssl-1.3.8/library/rom/base64.c
Normal file
|
|
@ -0,0 +1,277 @@
|
|||
/*
|
||||
* RFC 1521 base64 encoding/decoding
|
||||
*
|
||||
* Copyright (C) 2006-2014, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#include "polarssl/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_BASE64_C)
|
||||
|
||||
#include "polarssl/base64.h"
|
||||
|
||||
#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32)
|
||||
#include <basetsd.h>
|
||||
typedef UINT32 uint32_t;
|
||||
#else
|
||||
#include <inttypes.h>
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#include "polarssl/platform.h"
|
||||
#else
|
||||
#define polarssl_printf printf
|
||||
#endif
|
||||
|
||||
SSL_ROM_DATA_SECTION
|
||||
static const unsigned char base64_enc_map[64] =
|
||||
{
|
||||
'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J',
|
||||
'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T',
|
||||
'U', 'V', 'W', 'X', 'Y', 'Z', 'a', 'b', 'c', 'd',
|
||||
'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n',
|
||||
'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x',
|
||||
'y', 'z', '0', '1', '2', '3', '4', '5', '6', '7',
|
||||
'8', '9', '+', '/'
|
||||
};
|
||||
|
||||
SSL_ROM_DATA_SECTION
|
||||
static const unsigned char base64_dec_map[128] =
|
||||
{
|
||||
127, 127, 127, 127, 127, 127, 127, 127, 127, 127,
|
||||
127, 127, 127, 127, 127, 127, 127, 127, 127, 127,
|
||||
127, 127, 127, 127, 127, 127, 127, 127, 127, 127,
|
||||
127, 127, 127, 127, 127, 127, 127, 127, 127, 127,
|
||||
127, 127, 127, 62, 127, 127, 127, 63, 52, 53,
|
||||
54, 55, 56, 57, 58, 59, 60, 61, 127, 127,
|
||||
127, 64, 127, 127, 127, 0, 1, 2, 3, 4,
|
||||
5, 6, 7, 8, 9, 10, 11, 12, 13, 14,
|
||||
15, 16, 17, 18, 19, 20, 21, 22, 23, 24,
|
||||
25, 127, 127, 127, 127, 127, 127, 26, 27, 28,
|
||||
29, 30, 31, 32, 33, 34, 35, 36, 37, 38,
|
||||
39, 40, 41, 42, 43, 44, 45, 46, 47, 48,
|
||||
49, 50, 51, 127, 127, 127, 127, 127
|
||||
};
|
||||
|
||||
/*
|
||||
* Encode a buffer into base64 format
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int base64_encode( unsigned char *dst, size_t *dlen,
|
||||
const unsigned char *src, size_t slen )
|
||||
{
|
||||
size_t i, n;
|
||||
int C1, C2, C3;
|
||||
unsigned char *p;
|
||||
|
||||
if( slen == 0 )
|
||||
return( 0 );
|
||||
|
||||
n = ( slen << 3 ) / 6;
|
||||
|
||||
switch( ( slen << 3 ) - ( n * 6 ) )
|
||||
{
|
||||
case 2: n += 3; break;
|
||||
case 4: n += 2; break;
|
||||
default: break;
|
||||
}
|
||||
|
||||
if( *dlen < n + 1 )
|
||||
{
|
||||
*dlen = n + 1;
|
||||
return( POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL );
|
||||
}
|
||||
|
||||
n = ( slen / 3 ) * 3;
|
||||
|
||||
for( i = 0, p = dst; i < n; i += 3 )
|
||||
{
|
||||
C1 = *src++;
|
||||
C2 = *src++;
|
||||
C3 = *src++;
|
||||
|
||||
*p++ = base64_enc_map[(C1 >> 2) & 0x3F];
|
||||
*p++ = base64_enc_map[(((C1 & 3) << 4) + (C2 >> 4)) & 0x3F];
|
||||
*p++ = base64_enc_map[(((C2 & 15) << 2) + (C3 >> 6)) & 0x3F];
|
||||
*p++ = base64_enc_map[C3 & 0x3F];
|
||||
}
|
||||
|
||||
if( i < slen )
|
||||
{
|
||||
C1 = *src++;
|
||||
C2 = ( ( i + 1 ) < slen ) ? *src++ : 0;
|
||||
|
||||
*p++ = base64_enc_map[(C1 >> 2) & 0x3F];
|
||||
*p++ = base64_enc_map[(((C1 & 3) << 4) + (C2 >> 4)) & 0x3F];
|
||||
|
||||
if( ( i + 1 ) < slen )
|
||||
*p++ = base64_enc_map[((C2 & 15) << 2) & 0x3F];
|
||||
else *p++ = '=';
|
||||
|
||||
*p++ = '=';
|
||||
}
|
||||
|
||||
*dlen = p - dst;
|
||||
*p = 0;
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
/*
|
||||
* Decode a base64-formatted buffer
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int base64_decode( unsigned char *dst, size_t *dlen,
|
||||
const unsigned char *src, size_t slen )
|
||||
{
|
||||
size_t i, n;
|
||||
uint32_t j, x;
|
||||
unsigned char *p;
|
||||
|
||||
for( i = n = j = 0; i < slen; i++ )
|
||||
{
|
||||
if( ( slen - i ) >= 2 &&
|
||||
src[i] == '\r' && src[i + 1] == '\n' )
|
||||
continue;
|
||||
|
||||
if( src[i] == '\n' )
|
||||
continue;
|
||||
|
||||
if( src[i] == '=' && ++j > 2 )
|
||||
return( POLARSSL_ERR_BASE64_INVALID_CHARACTER );
|
||||
|
||||
if( src[i] > 127 || base64_dec_map[src[i]] == 127 )
|
||||
return( POLARSSL_ERR_BASE64_INVALID_CHARACTER );
|
||||
|
||||
if( base64_dec_map[src[i]] < 64 && j != 0 )
|
||||
return( POLARSSL_ERR_BASE64_INVALID_CHARACTER );
|
||||
|
||||
n++;
|
||||
}
|
||||
|
||||
if( n == 0 )
|
||||
return( 0 );
|
||||
|
||||
n = ( ( n * 6 ) + 7 ) >> 3;
|
||||
n -= j;
|
||||
|
||||
if( dst == NULL || *dlen < n )
|
||||
{
|
||||
*dlen = n;
|
||||
return( POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL );
|
||||
}
|
||||
|
||||
for( j = 3, n = x = 0, p = dst; i > 0; i--, src++ )
|
||||
{
|
||||
if( *src == '\r' || *src == '\n' )
|
||||
continue;
|
||||
|
||||
j -= ( base64_dec_map[*src] == 64 );
|
||||
x = ( x << 6 ) | ( base64_dec_map[*src] & 0x3F );
|
||||
|
||||
if( ++n == 4 )
|
||||
{
|
||||
n = 0;
|
||||
if( j > 0 ) *p++ = (unsigned char)( x >> 16 );
|
||||
if( j > 1 ) *p++ = (unsigned char)( x >> 8 );
|
||||
if( j > 2 ) *p++ = (unsigned char)( x );
|
||||
}
|
||||
}
|
||||
|
||||
*dlen = p - dst;
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_SELF_TEST)
|
||||
|
||||
#include <string.h>
|
||||
#include <stdio.h>
|
||||
|
||||
static const unsigned char base64_test_dec[64] =
|
||||
{
|
||||
0x24, 0x48, 0x6E, 0x56, 0x87, 0x62, 0x5A, 0xBD,
|
||||
0xBF, 0x17, 0xD9, 0xA2, 0xC4, 0x17, 0x1A, 0x01,
|
||||
0x94, 0xED, 0x8F, 0x1E, 0x11, 0xB3, 0xD7, 0x09,
|
||||
0x0C, 0xB6, 0xE9, 0x10, 0x6F, 0x22, 0xEE, 0x13,
|
||||
0xCA, 0xB3, 0x07, 0x05, 0x76, 0xC9, 0xFA, 0x31,
|
||||
0x6C, 0x08, 0x34, 0xFF, 0x8D, 0xC2, 0x6C, 0x38,
|
||||
0x00, 0x43, 0xE9, 0x54, 0x97, 0xAF, 0x50, 0x4B,
|
||||
0xD1, 0x41, 0xBA, 0x95, 0x31, 0x5A, 0x0B, 0x97
|
||||
};
|
||||
|
||||
static const unsigned char base64_test_enc[] =
|
||||
"JEhuVodiWr2/F9mixBcaAZTtjx4Rs9cJDLbpEG8i7hPK"
|
||||
"swcFdsn6MWwINP+Nwmw4AEPpVJevUEvRQbqVMVoLlw==";
|
||||
|
||||
/*
|
||||
* Checkup routine
|
||||
*/
|
||||
int base64_self_test( int verbose )
|
||||
{
|
||||
size_t len;
|
||||
const unsigned char *src;
|
||||
unsigned char buffer[128];
|
||||
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( " Base64 encoding test: " );
|
||||
|
||||
len = sizeof( buffer );
|
||||
src = base64_test_dec;
|
||||
|
||||
if( base64_encode( buffer, &len, src, 64 ) != 0 ||
|
||||
memcmp( base64_test_enc, buffer, 88 ) != 0 )
|
||||
{
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( "failed\n" );
|
||||
|
||||
return( 1 );
|
||||
}
|
||||
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( "passed\n Base64 decoding test: " );
|
||||
|
||||
len = sizeof( buffer );
|
||||
src = base64_test_enc;
|
||||
|
||||
if( base64_decode( buffer, &len, src, 88 ) != 0 ||
|
||||
memcmp( base64_test_dec, buffer, 64 ) != 0 )
|
||||
{
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( "failed\n" );
|
||||
|
||||
return( 1 );
|
||||
}
|
||||
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( "passed\n\n" );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
#endif /* POLARSSL_SELF_TEST */
|
||||
|
||||
#endif /* POLARSSL_BASE64_C */
|
||||
2400
component/common/network/ssl/polarssl-1.3.8/library/rom/bignum.c
Normal file
2400
component/common/network/ssl/polarssl-1.3.8/library/rom/bignum.c
Normal file
File diff suppressed because it is too large
Load diff
|
|
@ -0,0 +1,564 @@
|
|||
/*
|
||||
* CTR_DRBG implementation based on AES-256 (NIST SP 800-90)
|
||||
*
|
||||
* Copyright (C) 2006-2014, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
/*
|
||||
* The NIST SP 800-90 DRBGs are described in the following publucation.
|
||||
*
|
||||
* http://csrc.nist.gov/publications/nistpubs/800-90/SP800-90revised_March2007.pdf
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#include "polarssl/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_CTR_DRBG_C)
|
||||
|
||||
#include "polarssl/ctr_drbg.h"
|
||||
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
#include <stdio.h>
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#include "polarssl/platform.h"
|
||||
#else
|
||||
#define polarssl_printf printf
|
||||
#endif
|
||||
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static void polarssl_zeroize( void *v, size_t n ) {
|
||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||
}
|
||||
|
||||
/*
|
||||
* Non-public function wrapped by ctr_crbg_init(). Necessary to allow NIST
|
||||
* tests to succeed (which require known length fixed entropy)
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int ctr_drbg_init_entropy_len(
|
||||
ctr_drbg_context *ctx,
|
||||
int (*f_entropy)(void *, unsigned char *, size_t),
|
||||
void *p_entropy,
|
||||
const unsigned char *custom,
|
||||
size_t len,
|
||||
size_t entropy_len )
|
||||
{
|
||||
int ret;
|
||||
unsigned char key[CTR_DRBG_KEYSIZE];
|
||||
|
||||
memset( ctx, 0, sizeof(ctr_drbg_context) );
|
||||
memset( key, 0, CTR_DRBG_KEYSIZE );
|
||||
|
||||
aes_init( &ctx->aes_ctx );
|
||||
|
||||
ctx->f_entropy = f_entropy;
|
||||
ctx->p_entropy = p_entropy;
|
||||
|
||||
ctx->entropy_len = entropy_len;
|
||||
ctx->reseed_interval = CTR_DRBG_RESEED_INTERVAL;
|
||||
|
||||
/*
|
||||
* Initialize with an empty key
|
||||
*/
|
||||
aes_setkey_enc( &ctx->aes_ctx, key, CTR_DRBG_KEYBITS );
|
||||
|
||||
if( ( ret = ctr_drbg_reseed( ctx, custom, len ) ) != 0 )
|
||||
return( ret );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int ctr_drbg_init( ctr_drbg_context *ctx,
|
||||
int (*f_entropy)(void *, unsigned char *, size_t),
|
||||
void *p_entropy,
|
||||
const unsigned char *custom,
|
||||
size_t len )
|
||||
{
|
||||
return( ctr_drbg_init_entropy_len( ctx, f_entropy, p_entropy, custom, len,
|
||||
CTR_DRBG_ENTROPY_LEN ) );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void ctr_drbg_free( ctr_drbg_context *ctx )
|
||||
{
|
||||
if( ctx == NULL )
|
||||
return;
|
||||
|
||||
aes_free( &ctx->aes_ctx );
|
||||
polarssl_zeroize( ctx, sizeof( ctr_drbg_context ) );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void ctr_drbg_set_prediction_resistance( ctr_drbg_context *ctx, int resistance )
|
||||
{
|
||||
ctx->prediction_resistance = resistance;
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void ctr_drbg_set_entropy_len( ctr_drbg_context *ctx, size_t len )
|
||||
{
|
||||
ctx->entropy_len = len;
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void ctr_drbg_set_reseed_interval( ctr_drbg_context *ctx, int interval )
|
||||
{
|
||||
ctx->reseed_interval = interval;
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static int block_cipher_df( unsigned char *output,
|
||||
const unsigned char *data, size_t data_len )
|
||||
{
|
||||
unsigned char buf[CTR_DRBG_MAX_SEED_INPUT + CTR_DRBG_BLOCKSIZE + 16];
|
||||
unsigned char tmp[CTR_DRBG_SEEDLEN];
|
||||
unsigned char key[CTR_DRBG_KEYSIZE];
|
||||
unsigned char chain[CTR_DRBG_BLOCKSIZE];
|
||||
unsigned char *p, *iv;
|
||||
aes_context aes_ctx;
|
||||
|
||||
int i, j;
|
||||
size_t buf_len, use_len;
|
||||
|
||||
memset( buf, 0, CTR_DRBG_MAX_SEED_INPUT + CTR_DRBG_BLOCKSIZE + 16 );
|
||||
aes_init( &aes_ctx );
|
||||
|
||||
/*
|
||||
* Construct IV (16 bytes) and S in buffer
|
||||
* IV = Counter (in 32-bits) padded to 16 with zeroes
|
||||
* S = Length input string (in 32-bits) || Length of output (in 32-bits) ||
|
||||
* data || 0x80
|
||||
* (Total is padded to a multiple of 16-bytes with zeroes)
|
||||
*/
|
||||
p = buf + CTR_DRBG_BLOCKSIZE;
|
||||
*p++ = ( data_len >> 24 ) & 0xff;
|
||||
*p++ = ( data_len >> 16 ) & 0xff;
|
||||
*p++ = ( data_len >> 8 ) & 0xff;
|
||||
*p++ = ( data_len ) & 0xff;
|
||||
p += 3;
|
||||
*p++ = CTR_DRBG_SEEDLEN;
|
||||
memcpy( p, data, data_len );
|
||||
p[data_len] = 0x80;
|
||||
|
||||
buf_len = CTR_DRBG_BLOCKSIZE + 8 + data_len + 1;
|
||||
|
||||
for( i = 0; i < CTR_DRBG_KEYSIZE; i++ )
|
||||
key[i] = i;
|
||||
|
||||
aes_setkey_enc( &aes_ctx, key, CTR_DRBG_KEYBITS );
|
||||
|
||||
/*
|
||||
* Reduce data to POLARSSL_CTR_DRBG_SEEDLEN bytes of data
|
||||
*/
|
||||
for( j = 0; j < CTR_DRBG_SEEDLEN; j += CTR_DRBG_BLOCKSIZE )
|
||||
{
|
||||
p = buf;
|
||||
memset( chain, 0, CTR_DRBG_BLOCKSIZE );
|
||||
use_len = buf_len;
|
||||
|
||||
while( use_len > 0 )
|
||||
{
|
||||
for( i = 0; i < CTR_DRBG_BLOCKSIZE; i++ )
|
||||
chain[i] ^= p[i];
|
||||
p += CTR_DRBG_BLOCKSIZE;
|
||||
use_len -= ( use_len >= CTR_DRBG_BLOCKSIZE ) ?
|
||||
CTR_DRBG_BLOCKSIZE : use_len;
|
||||
|
||||
aes_crypt_ecb( &aes_ctx, AES_ENCRYPT, chain, chain );
|
||||
}
|
||||
|
||||
memcpy( tmp + j, chain, CTR_DRBG_BLOCKSIZE );
|
||||
|
||||
/*
|
||||
* Update IV
|
||||
*/
|
||||
buf[3]++;
|
||||
}
|
||||
|
||||
/*
|
||||
* Do final encryption with reduced data
|
||||
*/
|
||||
aes_setkey_enc( &aes_ctx, tmp, CTR_DRBG_KEYBITS );
|
||||
iv = tmp + CTR_DRBG_KEYSIZE;
|
||||
p = output;
|
||||
|
||||
for( j = 0; j < CTR_DRBG_SEEDLEN; j += CTR_DRBG_BLOCKSIZE )
|
||||
{
|
||||
aes_crypt_ecb( &aes_ctx, AES_ENCRYPT, iv, iv );
|
||||
memcpy( p, iv, CTR_DRBG_BLOCKSIZE );
|
||||
p += CTR_DRBG_BLOCKSIZE;
|
||||
}
|
||||
|
||||
aes_free( &aes_ctx );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static int ctr_drbg_update_internal( ctr_drbg_context *ctx,
|
||||
const unsigned char data[CTR_DRBG_SEEDLEN] )
|
||||
{
|
||||
unsigned char tmp[CTR_DRBG_SEEDLEN];
|
||||
unsigned char *p = tmp;
|
||||
int i, j;
|
||||
|
||||
memset( tmp, 0, CTR_DRBG_SEEDLEN );
|
||||
|
||||
for( j = 0; j < CTR_DRBG_SEEDLEN; j += CTR_DRBG_BLOCKSIZE )
|
||||
{
|
||||
/*
|
||||
* Increase counter
|
||||
*/
|
||||
for( i = CTR_DRBG_BLOCKSIZE; i > 0; i-- )
|
||||
if( ++ctx->counter[i - 1] != 0 )
|
||||
break;
|
||||
|
||||
/*
|
||||
* Crypt counter block
|
||||
*/
|
||||
aes_crypt_ecb( &ctx->aes_ctx, AES_ENCRYPT, ctx->counter, p );
|
||||
|
||||
p += CTR_DRBG_BLOCKSIZE;
|
||||
}
|
||||
|
||||
for( i = 0; i < CTR_DRBG_SEEDLEN; i++ )
|
||||
tmp[i] ^= data[i];
|
||||
|
||||
/*
|
||||
* Update key and counter
|
||||
*/
|
||||
aes_setkey_enc( &ctx->aes_ctx, tmp, CTR_DRBG_KEYBITS );
|
||||
memcpy( ctx->counter, tmp + CTR_DRBG_KEYSIZE, CTR_DRBG_BLOCKSIZE );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void ctr_drbg_update( ctr_drbg_context *ctx,
|
||||
const unsigned char *additional, size_t add_len )
|
||||
{
|
||||
unsigned char add_input[CTR_DRBG_SEEDLEN];
|
||||
|
||||
if( add_len > 0 )
|
||||
{
|
||||
block_cipher_df( add_input, additional, add_len );
|
||||
ctr_drbg_update_internal( ctx, add_input );
|
||||
}
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int ctr_drbg_reseed( ctr_drbg_context *ctx,
|
||||
const unsigned char *additional, size_t len )
|
||||
{
|
||||
unsigned char seed[CTR_DRBG_MAX_SEED_INPUT];
|
||||
size_t seedlen = 0;
|
||||
|
||||
if( ctx->entropy_len + len > CTR_DRBG_MAX_SEED_INPUT )
|
||||
return( POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG );
|
||||
|
||||
memset( seed, 0, CTR_DRBG_MAX_SEED_INPUT );
|
||||
|
||||
/*
|
||||
* Gather entropy_len bytes of entropy to seed state
|
||||
*/
|
||||
if( 0 != ctx->f_entropy( ctx->p_entropy, seed,
|
||||
ctx->entropy_len ) )
|
||||
{
|
||||
return( POLARSSL_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED );
|
||||
}
|
||||
|
||||
seedlen += ctx->entropy_len;
|
||||
|
||||
/*
|
||||
* Add additional data
|
||||
*/
|
||||
if( additional && len )
|
||||
{
|
||||
memcpy( seed + seedlen, additional, len );
|
||||
seedlen += len;
|
||||
}
|
||||
|
||||
/*
|
||||
* Reduce to 384 bits
|
||||
*/
|
||||
block_cipher_df( seed, seed, seedlen );
|
||||
|
||||
/*
|
||||
* Update state
|
||||
*/
|
||||
ctr_drbg_update_internal( ctx, seed );
|
||||
ctx->reseed_counter = 1;
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int ctr_drbg_random_with_add( void *p_rng,
|
||||
unsigned char *output, size_t output_len,
|
||||
const unsigned char *additional, size_t add_len )
|
||||
{
|
||||
int ret = 0;
|
||||
ctr_drbg_context *ctx = (ctr_drbg_context *) p_rng;
|
||||
unsigned char add_input[CTR_DRBG_SEEDLEN];
|
||||
unsigned char *p = output;
|
||||
unsigned char tmp[CTR_DRBG_BLOCKSIZE];
|
||||
int i;
|
||||
size_t use_len;
|
||||
|
||||
if( output_len > CTR_DRBG_MAX_REQUEST )
|
||||
return( POLARSSL_ERR_CTR_DRBG_REQUEST_TOO_BIG );
|
||||
|
||||
if( add_len > CTR_DRBG_MAX_INPUT )
|
||||
return( POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG );
|
||||
|
||||
memset( add_input, 0, CTR_DRBG_SEEDLEN );
|
||||
|
||||
if( ctx->reseed_counter > ctx->reseed_interval ||
|
||||
ctx->prediction_resistance )
|
||||
{
|
||||
if( ( ret = ctr_drbg_reseed( ctx, additional, add_len ) ) != 0 )
|
||||
return( ret );
|
||||
|
||||
add_len = 0;
|
||||
}
|
||||
|
||||
if( add_len > 0 )
|
||||
{
|
||||
block_cipher_df( add_input, additional, add_len );
|
||||
ctr_drbg_update_internal( ctx, add_input );
|
||||
}
|
||||
|
||||
while( output_len > 0 )
|
||||
{
|
||||
/*
|
||||
* Increase counter
|
||||
*/
|
||||
for( i = CTR_DRBG_BLOCKSIZE; i > 0; i-- )
|
||||
if( ++ctx->counter[i - 1] != 0 )
|
||||
break;
|
||||
|
||||
/*
|
||||
* Crypt counter block
|
||||
*/
|
||||
aes_crypt_ecb( &ctx->aes_ctx, AES_ENCRYPT, ctx->counter, tmp );
|
||||
|
||||
use_len = ( output_len > CTR_DRBG_BLOCKSIZE ) ? CTR_DRBG_BLOCKSIZE :
|
||||
output_len;
|
||||
/*
|
||||
* Copy random block to destination
|
||||
*/
|
||||
memcpy( p, tmp, use_len );
|
||||
p += use_len;
|
||||
output_len -= use_len;
|
||||
}
|
||||
|
||||
ctr_drbg_update_internal( ctx, add_input );
|
||||
|
||||
ctx->reseed_counter++;
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int ctr_drbg_random( void *p_rng, unsigned char *output, size_t output_len )
|
||||
{
|
||||
return ctr_drbg_random_with_add( p_rng, output, output_len, NULL, 0 );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int ctr_drbg_write_seed_file( ctr_drbg_context *ctx, const char *path )
|
||||
{
|
||||
int ret = POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR;
|
||||
FILE *f;
|
||||
unsigned char buf[ CTR_DRBG_MAX_INPUT ];
|
||||
|
||||
if( ( f = fopen( path, "wb" ) ) == NULL )
|
||||
return( POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR );
|
||||
|
||||
if( ( ret = ctr_drbg_random( ctx, buf, CTR_DRBG_MAX_INPUT ) ) != 0 )
|
||||
goto exit;
|
||||
|
||||
if( fwrite( buf, 1, CTR_DRBG_MAX_INPUT, f ) != CTR_DRBG_MAX_INPUT )
|
||||
{
|
||||
ret = POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR;
|
||||
goto exit;
|
||||
}
|
||||
|
||||
ret = 0;
|
||||
|
||||
exit:
|
||||
fclose( f );
|
||||
return( ret );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int ctr_drbg_update_seed_file( ctr_drbg_context *ctx, const char *path )
|
||||
{
|
||||
FILE *f;
|
||||
size_t n;
|
||||
unsigned char buf[ CTR_DRBG_MAX_INPUT ];
|
||||
|
||||
if( ( f = fopen( path, "rb" ) ) == NULL )
|
||||
return( POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR );
|
||||
|
||||
fseek( f, 0, SEEK_END );
|
||||
n = (size_t) ftell( f );
|
||||
fseek( f, 0, SEEK_SET );
|
||||
|
||||
if( n > CTR_DRBG_MAX_INPUT )
|
||||
{
|
||||
fclose( f );
|
||||
return( POLARSSL_ERR_CTR_DRBG_INPUT_TOO_BIG );
|
||||
}
|
||||
|
||||
if( fread( buf, 1, n, f ) != n )
|
||||
{
|
||||
fclose( f );
|
||||
return( POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR );
|
||||
}
|
||||
|
||||
fclose( f );
|
||||
|
||||
ctr_drbg_update( ctx, buf, n );
|
||||
|
||||
return( ctr_drbg_write_seed_file( ctx, path ) );
|
||||
}
|
||||
#endif /* POLARSSL_FS_IO */
|
||||
|
||||
#if defined(POLARSSL_SELF_TEST)
|
||||
|
||||
#include <stdio.h>
|
||||
|
||||
static unsigned char entropy_source_pr[96] =
|
||||
{ 0xc1, 0x80, 0x81, 0xa6, 0x5d, 0x44, 0x02, 0x16,
|
||||
0x19, 0xb3, 0xf1, 0x80, 0xb1, 0xc9, 0x20, 0x02,
|
||||
0x6a, 0x54, 0x6f, 0x0c, 0x70, 0x81, 0x49, 0x8b,
|
||||
0x6e, 0xa6, 0x62, 0x52, 0x6d, 0x51, 0xb1, 0xcb,
|
||||
0x58, 0x3b, 0xfa, 0xd5, 0x37, 0x5f, 0xfb, 0xc9,
|
||||
0xff, 0x46, 0xd2, 0x19, 0xc7, 0x22, 0x3e, 0x95,
|
||||
0x45, 0x9d, 0x82, 0xe1, 0xe7, 0x22, 0x9f, 0x63,
|
||||
0x31, 0x69, 0xd2, 0x6b, 0x57, 0x47, 0x4f, 0xa3,
|
||||
0x37, 0xc9, 0x98, 0x1c, 0x0b, 0xfb, 0x91, 0x31,
|
||||
0x4d, 0x55, 0xb9, 0xe9, 0x1c, 0x5a, 0x5e, 0xe4,
|
||||
0x93, 0x92, 0xcf, 0xc5, 0x23, 0x12, 0xd5, 0x56,
|
||||
0x2c, 0x4a, 0x6e, 0xff, 0xdc, 0x10, 0xd0, 0x68 };
|
||||
|
||||
static unsigned char entropy_source_nopr[64] =
|
||||
{ 0x5a, 0x19, 0x4d, 0x5e, 0x2b, 0x31, 0x58, 0x14,
|
||||
0x54, 0xde, 0xf6, 0x75, 0xfb, 0x79, 0x58, 0xfe,
|
||||
0xc7, 0xdb, 0x87, 0x3e, 0x56, 0x89, 0xfc, 0x9d,
|
||||
0x03, 0x21, 0x7c, 0x68, 0xd8, 0x03, 0x38, 0x20,
|
||||
0xf9, 0xe6, 0x5e, 0x04, 0xd8, 0x56, 0xf3, 0xa9,
|
||||
0xc4, 0x4a, 0x4c, 0xbd, 0xc1, 0xd0, 0x08, 0x46,
|
||||
0xf5, 0x98, 0x3d, 0x77, 0x1c, 0x1b, 0x13, 0x7e,
|
||||
0x4e, 0x0f, 0x9d, 0x8e, 0xf4, 0x09, 0xf9, 0x2e };
|
||||
|
||||
static const unsigned char nonce_pers_pr[16] =
|
||||
{ 0xd2, 0x54, 0xfc, 0xff, 0x02, 0x1e, 0x69, 0xd2,
|
||||
0x29, 0xc9, 0xcf, 0xad, 0x85, 0xfa, 0x48, 0x6c };
|
||||
|
||||
static const unsigned char nonce_pers_nopr[16] =
|
||||
{ 0x1b, 0x54, 0xb8, 0xff, 0x06, 0x42, 0xbf, 0xf5,
|
||||
0x21, 0xf1, 0x5c, 0x1c, 0x0b, 0x66, 0x5f, 0x3f };
|
||||
|
||||
static const unsigned char result_pr[16] =
|
||||
{ 0x34, 0x01, 0x16, 0x56, 0xb4, 0x29, 0x00, 0x8f,
|
||||
0x35, 0x63, 0xec, 0xb5, 0xf2, 0x59, 0x07, 0x23 };
|
||||
|
||||
static const unsigned char result_nopr[16] =
|
||||
{ 0xa0, 0x54, 0x30, 0x3d, 0x8a, 0x7e, 0xa9, 0x88,
|
||||
0x9d, 0x90, 0x3e, 0x07, 0x7c, 0x6f, 0x21, 0x8f };
|
||||
|
||||
static size_t test_offset;
|
||||
static int ctr_drbg_self_test_entropy( void *data, unsigned char *buf,
|
||||
size_t len )
|
||||
{
|
||||
const unsigned char *p = data;
|
||||
memcpy( buf, p + test_offset, len );
|
||||
test_offset += len;
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
#define CHK( c ) if( (c) != 0 ) \
|
||||
{ \
|
||||
if( verbose != 0 ) \
|
||||
polarssl_printf( "failed\n" ); \
|
||||
return( 1 ); \
|
||||
}
|
||||
|
||||
/*
|
||||
* Checkup routine
|
||||
*/
|
||||
int ctr_drbg_self_test( int verbose )
|
||||
{
|
||||
ctr_drbg_context ctx;
|
||||
unsigned char buf[16];
|
||||
|
||||
/*
|
||||
* Based on a NIST CTR_DRBG test vector (PR = True)
|
||||
*/
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( " CTR_DRBG (PR = TRUE) : " );
|
||||
|
||||
test_offset = 0;
|
||||
CHK( ctr_drbg_init_entropy_len( &ctx, ctr_drbg_self_test_entropy,
|
||||
entropy_source_pr, nonce_pers_pr, 16, 32 ) );
|
||||
ctr_drbg_set_prediction_resistance( &ctx, CTR_DRBG_PR_ON );
|
||||
CHK( ctr_drbg_random( &ctx, buf, CTR_DRBG_BLOCKSIZE ) );
|
||||
CHK( ctr_drbg_random( &ctx, buf, CTR_DRBG_BLOCKSIZE ) );
|
||||
CHK( memcmp( buf, result_pr, CTR_DRBG_BLOCKSIZE ) );
|
||||
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( "passed\n" );
|
||||
|
||||
/*
|
||||
* Based on a NIST CTR_DRBG test vector (PR = FALSE)
|
||||
*/
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( " CTR_DRBG (PR = FALSE): " );
|
||||
|
||||
test_offset = 0;
|
||||
CHK( ctr_drbg_init_entropy_len( &ctx, ctr_drbg_self_test_entropy,
|
||||
entropy_source_nopr, nonce_pers_nopr, 16, 32 ) );
|
||||
CHK( ctr_drbg_random( &ctx, buf, 16 ) );
|
||||
CHK( ctr_drbg_reseed( &ctx, NULL, 0 ) );
|
||||
CHK( ctr_drbg_random( &ctx, buf, 16 ) );
|
||||
CHK( memcmp( buf, result_nopr, 16 ) );
|
||||
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( "passed\n" );
|
||||
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( "\n" );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
#endif /* POLARSSL_SELF_TEST */
|
||||
|
||||
#endif /* POLARSSL_CTR_DRBG_C */
|
||||
1263
component/common/network/ssl/polarssl-1.3.8/library/rom/des.c
Normal file
1263
component/common/network/ssl/polarssl-1.3.8/library/rom/des.c
Normal file
File diff suppressed because it is too large
Load diff
613
component/common/network/ssl/polarssl-1.3.8/library/rom/dhm.c
Normal file
613
component/common/network/ssl/polarssl-1.3.8/library/rom/dhm.c
Normal file
|
|
@ -0,0 +1,613 @@
|
|||
/*
|
||||
* Diffie-Hellman-Merkle key exchange
|
||||
*
|
||||
* Copyright (C) 2006-2014, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
/*
|
||||
* Reference:
|
||||
*
|
||||
* http://www.cacr.math.uwaterloo.ca/hac/ (chapter 12)
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#include "polarssl/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_DHM_C)
|
||||
|
||||
#include "polarssl/dhm.h"
|
||||
|
||||
#if defined(POLARSSL_PEM_PARSE_C)
|
||||
#include "polarssl/pem.h"
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_ASN1_PARSE_C)
|
||||
#include "polarssl/asn1.h"
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#include "polarssl/platform.h"
|
||||
#else
|
||||
#include <stdlib.h>
|
||||
#define polarssl_printf printf
|
||||
#define polarssl_malloc malloc
|
||||
#define polarssl_free free
|
||||
#endif
|
||||
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static void polarssl_zeroize( void *v, size_t n ) {
|
||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||
}
|
||||
|
||||
/*
|
||||
* helper to validate the mpi size and import it
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static int dhm_read_bignum( mpi *X,
|
||||
unsigned char **p,
|
||||
const unsigned char *end )
|
||||
{
|
||||
int ret, n;
|
||||
|
||||
if( end - *p < 2 )
|
||||
return( POLARSSL_ERR_DHM_BAD_INPUT_DATA );
|
||||
|
||||
n = ( (*p)[0] << 8 ) | (*p)[1];
|
||||
(*p) += 2;
|
||||
|
||||
if( (int)( end - *p ) < n )
|
||||
return( POLARSSL_ERR_DHM_BAD_INPUT_DATA );
|
||||
|
||||
if( ( ret = mpi_read_binary( X, *p, n ) ) != 0 )
|
||||
return( POLARSSL_ERR_DHM_READ_PARAMS_FAILED + ret );
|
||||
|
||||
(*p) += n;
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
/*
|
||||
* Verify sanity of parameter with regards to P
|
||||
*
|
||||
* Parameter should be: 2 <= public_param <= P - 2
|
||||
*
|
||||
* For more information on the attack, see:
|
||||
* http://www.cl.cam.ac.uk/~rja14/Papers/psandqs.pdf
|
||||
* http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2643
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static int dhm_check_range( const mpi *param, const mpi *P )
|
||||
{
|
||||
mpi L, U;
|
||||
int ret = POLARSSL_ERR_DHM_BAD_INPUT_DATA;
|
||||
|
||||
mpi_init( &L ); mpi_init( &U );
|
||||
|
||||
MPI_CHK( mpi_lset( &L, 2 ) );
|
||||
MPI_CHK( mpi_sub_int( &U, P, 2 ) );
|
||||
|
||||
if( mpi_cmp_mpi( param, &L ) >= 0 &&
|
||||
mpi_cmp_mpi( param, &U ) <= 0 )
|
||||
{
|
||||
ret = 0;
|
||||
}
|
||||
|
||||
cleanup:
|
||||
mpi_free( &L ); mpi_free( &U );
|
||||
return( ret );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void dhm_init( dhm_context *ctx )
|
||||
{
|
||||
memset( ctx, 0, sizeof( dhm_context ) );
|
||||
}
|
||||
|
||||
/*
|
||||
* Parse the ServerKeyExchange parameters
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int dhm_read_params( dhm_context *ctx,
|
||||
unsigned char **p,
|
||||
const unsigned char *end )
|
||||
{
|
||||
int ret;
|
||||
|
||||
if( ( ret = dhm_read_bignum( &ctx->P, p, end ) ) != 0 ||
|
||||
( ret = dhm_read_bignum( &ctx->G, p, end ) ) != 0 ||
|
||||
( ret = dhm_read_bignum( &ctx->GY, p, end ) ) != 0 )
|
||||
return( ret );
|
||||
|
||||
if( ( ret = dhm_check_range( &ctx->GY, &ctx->P ) ) != 0 )
|
||||
return( ret );
|
||||
|
||||
ctx->len = mpi_size( &ctx->P );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
/*
|
||||
* Setup and write the ServerKeyExchange parameters
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int dhm_make_params( dhm_context *ctx, int x_size,
|
||||
unsigned char *output, size_t *olen,
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng )
|
||||
{
|
||||
int ret, count = 0;
|
||||
size_t n1, n2, n3;
|
||||
unsigned char *p;
|
||||
|
||||
if( mpi_cmp_int( &ctx->P, 0 ) == 0 )
|
||||
return( POLARSSL_ERR_DHM_BAD_INPUT_DATA );
|
||||
|
||||
/*
|
||||
* Generate X as large as possible ( < P )
|
||||
*/
|
||||
do
|
||||
{
|
||||
mpi_fill_random( &ctx->X, x_size, f_rng, p_rng );
|
||||
|
||||
while( mpi_cmp_mpi( &ctx->X, &ctx->P ) >= 0 )
|
||||
MPI_CHK( mpi_shift_r( &ctx->X, 1 ) );
|
||||
|
||||
if( count++ > 10 )
|
||||
return( POLARSSL_ERR_DHM_MAKE_PARAMS_FAILED );
|
||||
}
|
||||
while( dhm_check_range( &ctx->X, &ctx->P ) != 0 );
|
||||
|
||||
/*
|
||||
* Calculate GX = G^X mod P
|
||||
*/
|
||||
MPI_CHK( mpi_exp_mod( &ctx->GX, &ctx->G, &ctx->X,
|
||||
&ctx->P , &ctx->RP ) );
|
||||
|
||||
if( ( ret = dhm_check_range( &ctx->GX, &ctx->P ) ) != 0 )
|
||||
return( ret );
|
||||
|
||||
/*
|
||||
* export P, G, GX
|
||||
*/
|
||||
#define DHM_MPI_EXPORT(X,n) \
|
||||
MPI_CHK( mpi_write_binary( X, p + 2, n ) ); \
|
||||
*p++ = (unsigned char)( n >> 8 ); \
|
||||
*p++ = (unsigned char)( n ); p += n;
|
||||
|
||||
n1 = mpi_size( &ctx->P );
|
||||
n2 = mpi_size( &ctx->G );
|
||||
n3 = mpi_size( &ctx->GX );
|
||||
|
||||
p = output;
|
||||
DHM_MPI_EXPORT( &ctx->P , n1 );
|
||||
DHM_MPI_EXPORT( &ctx->G , n2 );
|
||||
DHM_MPI_EXPORT( &ctx->GX, n3 );
|
||||
|
||||
*olen = p - output;
|
||||
|
||||
ctx->len = n1;
|
||||
|
||||
cleanup:
|
||||
|
||||
if( ret != 0 )
|
||||
return( POLARSSL_ERR_DHM_MAKE_PARAMS_FAILED + ret );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
/*
|
||||
* Import the peer's public value G^Y
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int dhm_read_public( dhm_context *ctx,
|
||||
const unsigned char *input, size_t ilen )
|
||||
{
|
||||
int ret;
|
||||
|
||||
if( ctx == NULL || ilen < 1 || ilen > ctx->len )
|
||||
return( POLARSSL_ERR_DHM_BAD_INPUT_DATA );
|
||||
|
||||
if( ( ret = mpi_read_binary( &ctx->GY, input, ilen ) ) != 0 )
|
||||
return( POLARSSL_ERR_DHM_READ_PUBLIC_FAILED + ret );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
/*
|
||||
* Create own private value X and export G^X
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int dhm_make_public( dhm_context *ctx, int x_size,
|
||||
unsigned char *output, size_t olen,
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng )
|
||||
{
|
||||
int ret, count = 0;
|
||||
|
||||
if( ctx == NULL || olen < 1 || olen > ctx->len )
|
||||
return( POLARSSL_ERR_DHM_BAD_INPUT_DATA );
|
||||
|
||||
if( mpi_cmp_int( &ctx->P, 0 ) == 0 )
|
||||
return( POLARSSL_ERR_DHM_BAD_INPUT_DATA );
|
||||
|
||||
/*
|
||||
* generate X and calculate GX = G^X mod P
|
||||
*/
|
||||
do
|
||||
{
|
||||
mpi_fill_random( &ctx->X, x_size, f_rng, p_rng );
|
||||
|
||||
while( mpi_cmp_mpi( &ctx->X, &ctx->P ) >= 0 )
|
||||
MPI_CHK( mpi_shift_r( &ctx->X, 1 ) );
|
||||
|
||||
if( count++ > 10 )
|
||||
return( POLARSSL_ERR_DHM_MAKE_PUBLIC_FAILED );
|
||||
}
|
||||
while( dhm_check_range( &ctx->X, &ctx->P ) != 0 );
|
||||
|
||||
MPI_CHK( mpi_exp_mod( &ctx->GX, &ctx->G, &ctx->X,
|
||||
&ctx->P , &ctx->RP ) );
|
||||
|
||||
if( ( ret = dhm_check_range( &ctx->GX, &ctx->P ) ) != 0 )
|
||||
return( ret );
|
||||
|
||||
MPI_CHK( mpi_write_binary( &ctx->GX, output, olen ) );
|
||||
|
||||
cleanup:
|
||||
|
||||
if( ret != 0 )
|
||||
return( POLARSSL_ERR_DHM_MAKE_PUBLIC_FAILED + ret );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
/*
|
||||
* Use the blinding method and optimisation suggested in section 10 of:
|
||||
* KOCHER, Paul C. Timing attacks on implementations of Diffie-Hellman, RSA,
|
||||
* DSS, and other systems. In : Advances in Cryptology—CRYPTO’96. Springer
|
||||
* Berlin Heidelberg, 1996. p. 104-113.
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static int dhm_update_blinding( dhm_context *ctx,
|
||||
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
|
||||
{
|
||||
int ret, count;
|
||||
|
||||
/*
|
||||
* Don't use any blinding the first time a particular X is used,
|
||||
* but remember it to use blinding next time.
|
||||
*/
|
||||
if( mpi_cmp_mpi( &ctx->X, &ctx->pX ) != 0 )
|
||||
{
|
||||
MPI_CHK( mpi_copy( &ctx->pX, &ctx->X ) );
|
||||
MPI_CHK( mpi_lset( &ctx->Vi, 1 ) );
|
||||
MPI_CHK( mpi_lset( &ctx->Vf, 1 ) );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
/*
|
||||
* Ok, we need blinding. Can we re-use existing values?
|
||||
* If yes, just update them by squaring them.
|
||||
*/
|
||||
if( mpi_cmp_int( &ctx->Vi, 1 ) != 0 )
|
||||
{
|
||||
MPI_CHK( mpi_mul_mpi( &ctx->Vi, &ctx->Vi, &ctx->Vi ) );
|
||||
MPI_CHK( mpi_mod_mpi( &ctx->Vi, &ctx->Vi, &ctx->P ) );
|
||||
|
||||
MPI_CHK( mpi_mul_mpi( &ctx->Vf, &ctx->Vf, &ctx->Vf ) );
|
||||
MPI_CHK( mpi_mod_mpi( &ctx->Vf, &ctx->Vf, &ctx->P ) );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
/*
|
||||
* We need to generate blinding values from scratch
|
||||
*/
|
||||
|
||||
/* Vi = random( 2, P-1 ) */
|
||||
count = 0;
|
||||
do
|
||||
{
|
||||
mpi_fill_random( &ctx->Vi, mpi_size( &ctx->P ), f_rng, p_rng );
|
||||
|
||||
while( mpi_cmp_mpi( &ctx->Vi, &ctx->P ) >= 0 )
|
||||
MPI_CHK( mpi_shift_r( &ctx->Vi, 1 ) );
|
||||
|
||||
if( count++ > 10 )
|
||||
return( POLARSSL_ERR_MPI_NOT_ACCEPTABLE );
|
||||
}
|
||||
while( mpi_cmp_int( &ctx->Vi, 1 ) <= 0 );
|
||||
|
||||
/* Vf = Vi^-X mod P */
|
||||
MPI_CHK( mpi_inv_mod( &ctx->Vf, &ctx->Vi, &ctx->P ) );
|
||||
MPI_CHK( mpi_exp_mod( &ctx->Vf, &ctx->Vf, &ctx->X, &ctx->P, &ctx->RP ) );
|
||||
|
||||
cleanup:
|
||||
return( ret );
|
||||
}
|
||||
|
||||
/*
|
||||
* Derive and export the shared secret (G^Y)^X mod P
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int dhm_calc_secret( dhm_context *ctx,
|
||||
unsigned char *output, size_t *olen,
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng )
|
||||
{
|
||||
int ret;
|
||||
mpi GYb;
|
||||
|
||||
if( ctx == NULL || *olen < ctx->len )
|
||||
return( POLARSSL_ERR_DHM_BAD_INPUT_DATA );
|
||||
|
||||
if( ( ret = dhm_check_range( &ctx->GY, &ctx->P ) ) != 0 )
|
||||
return( ret );
|
||||
|
||||
mpi_init( &GYb );
|
||||
|
||||
/* Blind peer's value */
|
||||
if( f_rng != NULL )
|
||||
{
|
||||
MPI_CHK( dhm_update_blinding( ctx, f_rng, p_rng ) );
|
||||
MPI_CHK( mpi_mul_mpi( &GYb, &ctx->GY, &ctx->Vi ) );
|
||||
MPI_CHK( mpi_mod_mpi( &GYb, &GYb, &ctx->P ) );
|
||||
}
|
||||
else
|
||||
MPI_CHK( mpi_copy( &GYb, &ctx->GY ) );
|
||||
|
||||
/* Do modular exponentiation */
|
||||
MPI_CHK( mpi_exp_mod( &ctx->K, &GYb, &ctx->X,
|
||||
&ctx->P, &ctx->RP ) );
|
||||
|
||||
/* Unblind secret value */
|
||||
if( f_rng != NULL )
|
||||
{
|
||||
MPI_CHK( mpi_mul_mpi( &ctx->K, &ctx->K, &ctx->Vf ) );
|
||||
MPI_CHK( mpi_mod_mpi( &ctx->K, &ctx->K, &ctx->P ) );
|
||||
}
|
||||
|
||||
*olen = mpi_size( &ctx->K );
|
||||
|
||||
MPI_CHK( mpi_write_binary( &ctx->K, output, *olen ) );
|
||||
|
||||
cleanup:
|
||||
mpi_free( &GYb );
|
||||
|
||||
if( ret != 0 )
|
||||
return( POLARSSL_ERR_DHM_CALC_SECRET_FAILED + ret );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
/*
|
||||
* Free the components of a DHM key
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void dhm_free( dhm_context *ctx )
|
||||
{
|
||||
mpi_free( &ctx->pX); mpi_free( &ctx->Vf ); mpi_free( &ctx->Vi );
|
||||
mpi_free( &ctx->RP ); mpi_free( &ctx->K ); mpi_free( &ctx->GY );
|
||||
mpi_free( &ctx->GX ); mpi_free( &ctx->X ); mpi_free( &ctx->G );
|
||||
mpi_free( &ctx->P );
|
||||
|
||||
polarssl_zeroize( ctx, sizeof( dhm_context ) );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_ASN1_PARSE_C)
|
||||
/*
|
||||
* Parse DHM parameters
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int dhm_parse_dhm( dhm_context *dhm, const unsigned char *dhmin,
|
||||
size_t dhminlen )
|
||||
{
|
||||
int ret;
|
||||
size_t len;
|
||||
unsigned char *p, *end;
|
||||
#if defined(POLARSSL_PEM_PARSE_C)
|
||||
pem_context pem;
|
||||
|
||||
pem_init( &pem );
|
||||
|
||||
ret = pem_read_buffer( &pem,
|
||||
"-----BEGIN DH PARAMETERS-----",
|
||||
"-----END DH PARAMETERS-----",
|
||||
dhmin, NULL, 0, &dhminlen );
|
||||
|
||||
if( ret == 0 )
|
||||
{
|
||||
/*
|
||||
* Was PEM encoded
|
||||
*/
|
||||
dhminlen = pem.buflen;
|
||||
}
|
||||
else if( ret != POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT )
|
||||
goto exit;
|
||||
|
||||
p = ( ret == 0 ) ? pem.buf : (unsigned char *) dhmin;
|
||||
#else
|
||||
p = (unsigned char *) dhmin;
|
||||
#endif /* POLARSSL_PEM_PARSE_C */
|
||||
end = p + dhminlen;
|
||||
|
||||
/*
|
||||
* DHParams ::= SEQUENCE {
|
||||
* prime INTEGER, -- P
|
||||
* generator INTEGER, -- g
|
||||
* }
|
||||
*/
|
||||
if( ( ret = asn1_get_tag( &p, end, &len,
|
||||
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
|
||||
{
|
||||
ret = POLARSSL_ERR_DHM_INVALID_FORMAT + ret;
|
||||
goto exit;
|
||||
}
|
||||
|
||||
end = p + len;
|
||||
|
||||
if( ( ret = asn1_get_mpi( &p, end, &dhm->P ) ) != 0 ||
|
||||
( ret = asn1_get_mpi( &p, end, &dhm->G ) ) != 0 )
|
||||
{
|
||||
ret = POLARSSL_ERR_DHM_INVALID_FORMAT + ret;
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( p != end )
|
||||
{
|
||||
ret = POLARSSL_ERR_DHM_INVALID_FORMAT +
|
||||
POLARSSL_ERR_ASN1_LENGTH_MISMATCH;
|
||||
goto exit;
|
||||
}
|
||||
|
||||
ret = 0;
|
||||
|
||||
dhm->len = mpi_size( &dhm->P );
|
||||
|
||||
exit:
|
||||
#if defined(POLARSSL_PEM_PARSE_C)
|
||||
pem_free( &pem );
|
||||
#endif
|
||||
if( ret != 0 )
|
||||
dhm_free( dhm );
|
||||
|
||||
return( ret );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
/*
|
||||
* Load all data from a file into a given buffer.
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static int load_file( const char *path, unsigned char **buf, size_t *n )
|
||||
{
|
||||
FILE *f;
|
||||
long size;
|
||||
|
||||
if( ( f = fopen( path, "rb" ) ) == NULL )
|
||||
return( POLARSSL_ERR_DHM_FILE_IO_ERROR );
|
||||
|
||||
fseek( f, 0, SEEK_END );
|
||||
if( ( size = ftell( f ) ) == -1 )
|
||||
{
|
||||
fclose( f );
|
||||
return( POLARSSL_ERR_DHM_FILE_IO_ERROR );
|
||||
}
|
||||
fseek( f, 0, SEEK_SET );
|
||||
|
||||
*n = (size_t) size;
|
||||
|
||||
if( *n + 1 == 0 ||
|
||||
( *buf = (unsigned char *) polarssl_malloc( *n + 1 ) ) == NULL )
|
||||
{
|
||||
fclose( f );
|
||||
return( POLARSSL_ERR_DHM_MALLOC_FAILED );
|
||||
}
|
||||
|
||||
if( fread( *buf, 1, *n, f ) != *n )
|
||||
{
|
||||
fclose( f );
|
||||
polarssl_free( *buf );
|
||||
return( POLARSSL_ERR_DHM_FILE_IO_ERROR );
|
||||
}
|
||||
|
||||
fclose( f );
|
||||
|
||||
(*buf)[*n] = '\0';
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
/*
|
||||
* Load and parse DHM parameters
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int dhm_parse_dhmfile( dhm_context *dhm, const char *path )
|
||||
{
|
||||
int ret;
|
||||
size_t n;
|
||||
unsigned char *buf;
|
||||
|
||||
if( ( ret = load_file( path, &buf, &n ) ) != 0 )
|
||||
return( ret );
|
||||
|
||||
ret = dhm_parse_dhm( dhm, buf, n );
|
||||
|
||||
polarssl_zeroize( buf, n + 1 );
|
||||
polarssl_free( buf );
|
||||
|
||||
return( ret );
|
||||
}
|
||||
#endif /* POLARSSL_FS_IO */
|
||||
#endif /* POLARSSL_ASN1_PARSE_C */
|
||||
|
||||
#if defined(POLARSSL_SELF_TEST)
|
||||
|
||||
#include "polarssl/certs.h"
|
||||
|
||||
/*
|
||||
* Checkup routine
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int dhm_self_test( int verbose )
|
||||
{
|
||||
#if defined(POLARSSL_CERTS_C)
|
||||
int ret;
|
||||
dhm_context dhm;
|
||||
|
||||
dhm_init( &dhm );
|
||||
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( " DHM parameter load: " );
|
||||
|
||||
if( ( ret = dhm_parse_dhm( &dhm, (const unsigned char *) test_dhm_params,
|
||||
strlen( test_dhm_params ) ) ) != 0 )
|
||||
{
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( "failed\n" );
|
||||
|
||||
ret = 1;
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( "passed\n\n" );
|
||||
|
||||
exit:
|
||||
dhm_free( &dhm );
|
||||
|
||||
return( ret );
|
||||
#else
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( " DHM parameter load: skipped\n" );
|
||||
|
||||
return( 0 );
|
||||
#endif /* POLARSSL_CERTS_C */
|
||||
}
|
||||
|
||||
#endif /* POLARSSL_SELF_TEST */
|
||||
|
||||
#endif /* POLARSSL_DHM_C */
|
||||
290
component/common/network/ssl/polarssl-1.3.8/library/rom/ecdh.c
Normal file
290
component/common/network/ssl/polarssl-1.3.8/library/rom/ecdh.c
Normal file
|
|
@ -0,0 +1,290 @@
|
|||
/*
|
||||
* Elliptic curve Diffie-Hellman
|
||||
*
|
||||
* Copyright (C) 2006-2014, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
/*
|
||||
* References:
|
||||
*
|
||||
* SEC1 http://www.secg.org/index.php?action=secg,docs_secg
|
||||
* RFC 4492
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#include "polarssl/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_ECDH_C)
|
||||
|
||||
#include "polarssl/ecdh.h"
|
||||
|
||||
/*
|
||||
* Generate public key: simple wrapper around ecp_gen_keypair
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int ecdh_gen_public( ecp_group *grp, mpi *d, ecp_point *Q,
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng )
|
||||
{
|
||||
return ecp_gen_keypair( grp, d, Q, f_rng, p_rng );
|
||||
}
|
||||
|
||||
/*
|
||||
* Compute shared secret (SEC1 3.3.1)
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int ecdh_compute_shared( ecp_group *grp, mpi *z,
|
||||
const ecp_point *Q, const mpi *d,
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng )
|
||||
{
|
||||
int ret;
|
||||
ecp_point P;
|
||||
|
||||
ecp_point_init( &P );
|
||||
|
||||
/*
|
||||
* Make sure Q is a valid pubkey before using it
|
||||
*/
|
||||
MPI_CHK( ecp_check_pubkey( grp, Q ) );
|
||||
|
||||
MPI_CHK( ecp_mul( grp, &P, d, Q, f_rng, p_rng ) );
|
||||
|
||||
if( ecp_is_zero( &P ) )
|
||||
{
|
||||
ret = POLARSSL_ERR_ECP_BAD_INPUT_DATA;
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
MPI_CHK( mpi_copy( z, &P.X ) );
|
||||
|
||||
cleanup:
|
||||
ecp_point_free( &P );
|
||||
|
||||
return( ret );
|
||||
}
|
||||
|
||||
/*
|
||||
* Initialize context
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void ecdh_init( ecdh_context *ctx )
|
||||
{
|
||||
memset( ctx, 0, sizeof( ecdh_context ) );
|
||||
}
|
||||
|
||||
/*
|
||||
* Free context
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void ecdh_free( ecdh_context *ctx )
|
||||
{
|
||||
if( ctx == NULL )
|
||||
return;
|
||||
|
||||
ecp_group_free( &ctx->grp );
|
||||
ecp_point_free( &ctx->Q );
|
||||
ecp_point_free( &ctx->Qp );
|
||||
ecp_point_free( &ctx->Vi );
|
||||
ecp_point_free( &ctx->Vf );
|
||||
mpi_free( &ctx->d );
|
||||
mpi_free( &ctx->z );
|
||||
mpi_free( &ctx->_d );
|
||||
}
|
||||
|
||||
/*
|
||||
* Setup and write the ServerKeyExhange parameters (RFC 4492)
|
||||
* struct {
|
||||
* ECParameters curve_params;
|
||||
* ECPoint public;
|
||||
* } ServerECDHParams;
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int ecdh_make_params( ecdh_context *ctx, size_t *olen,
|
||||
unsigned char *buf, size_t blen,
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng )
|
||||
{
|
||||
int ret;
|
||||
size_t grp_len, pt_len;
|
||||
|
||||
if( ctx == NULL || ctx->grp.pbits == 0 )
|
||||
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA );
|
||||
|
||||
if( ( ret = ecdh_gen_public( &ctx->grp, &ctx->d, &ctx->Q, f_rng, p_rng ) )
|
||||
!= 0 )
|
||||
return( ret );
|
||||
|
||||
if( ( ret = ecp_tls_write_group( &ctx->grp, &grp_len, buf, blen ) )
|
||||
!= 0 )
|
||||
return( ret );
|
||||
|
||||
buf += grp_len;
|
||||
blen -= grp_len;
|
||||
|
||||
if( ( ret = ecp_tls_write_point( &ctx->grp, &ctx->Q, ctx->point_format,
|
||||
&pt_len, buf, blen ) ) != 0 )
|
||||
return( ret );
|
||||
|
||||
*olen = grp_len + pt_len;
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
/*
|
||||
* Read the ServerKeyExhange parameters (RFC 4492)
|
||||
* struct {
|
||||
* ECParameters curve_params;
|
||||
* ECPoint public;
|
||||
* } ServerECDHParams;
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int ecdh_read_params( ecdh_context *ctx,
|
||||
const unsigned char **buf, const unsigned char *end )
|
||||
{
|
||||
int ret;
|
||||
|
||||
if( ( ret = ecp_tls_read_group( &ctx->grp, buf, end - *buf ) ) != 0 )
|
||||
return( ret );
|
||||
|
||||
if( ( ret = ecp_tls_read_point( &ctx->grp, &ctx->Qp, buf, end - *buf ) )
|
||||
!= 0 )
|
||||
return( ret );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
/*
|
||||
* Get parameters from a keypair
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int ecdh_get_params( ecdh_context *ctx, const ecp_keypair *key,
|
||||
ecdh_side side )
|
||||
{
|
||||
int ret;
|
||||
|
||||
if( ( ret = ecp_group_copy( &ctx->grp, &key->grp ) ) != 0 )
|
||||
return( ret );
|
||||
|
||||
/* If it's not our key, just import the public part as Qp */
|
||||
if( side == POLARSSL_ECDH_THEIRS )
|
||||
return( ecp_copy( &ctx->Qp, &key->Q ) );
|
||||
|
||||
/* Our key: import public (as Q) and private parts */
|
||||
if( side != POLARSSL_ECDH_OURS )
|
||||
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA );
|
||||
|
||||
if( ( ret = ecp_copy( &ctx->Q, &key->Q ) ) != 0 ||
|
||||
( ret = mpi_copy( &ctx->d, &key->d ) ) != 0 )
|
||||
return( ret );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
/*
|
||||
* Setup and export the client public value
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int ecdh_make_public( ecdh_context *ctx, size_t *olen,
|
||||
unsigned char *buf, size_t blen,
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng )
|
||||
{
|
||||
int ret;
|
||||
|
||||
if( ctx == NULL || ctx->grp.pbits == 0 )
|
||||
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA );
|
||||
|
||||
if( ( ret = ecdh_gen_public( &ctx->grp, &ctx->d, &ctx->Q, f_rng, p_rng ) )
|
||||
!= 0 )
|
||||
return( ret );
|
||||
|
||||
return ecp_tls_write_point( &ctx->grp, &ctx->Q, ctx->point_format,
|
||||
olen, buf, blen );
|
||||
}
|
||||
|
||||
/*
|
||||
* Parse and import the client's public value
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int ecdh_read_public( ecdh_context *ctx,
|
||||
const unsigned char *buf, size_t blen )
|
||||
{
|
||||
int ret;
|
||||
const unsigned char *p = buf;
|
||||
|
||||
if( ctx == NULL )
|
||||
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA );
|
||||
|
||||
if( ( ret = ecp_tls_read_point( &ctx->grp, &ctx->Qp, &p, blen ) ) != 0 )
|
||||
return( ret );
|
||||
|
||||
if( (size_t)( p - buf ) != blen )
|
||||
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
/*
|
||||
* Derive and export the shared secret
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int ecdh_calc_secret( ecdh_context *ctx, size_t *olen,
|
||||
unsigned char *buf, size_t blen,
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng )
|
||||
{
|
||||
int ret;
|
||||
|
||||
if( ctx == NULL )
|
||||
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA );
|
||||
|
||||
if( ( ret = ecdh_compute_shared( &ctx->grp, &ctx->z, &ctx->Qp, &ctx->d,
|
||||
f_rng, p_rng ) ) != 0 )
|
||||
{
|
||||
return( ret );
|
||||
}
|
||||
|
||||
if( mpi_size( &ctx->z ) > blen )
|
||||
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA );
|
||||
|
||||
*olen = ctx->grp.pbits / 8 + ( ( ctx->grp.pbits % 8 ) != 0 );
|
||||
return mpi_write_binary( &ctx->z, buf, *olen );
|
||||
}
|
||||
|
||||
|
||||
#if defined(POLARSSL_SELF_TEST)
|
||||
|
||||
/*
|
||||
* Checkup routine
|
||||
*/
|
||||
int ecdh_self_test( int verbose )
|
||||
{
|
||||
((void) verbose );
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
#endif /* POLARSSL_SELF_TEST */
|
||||
|
||||
#endif /* POLARSSL_ECDH_C */
|
||||
516
component/common/network/ssl/polarssl-1.3.8/library/rom/ecdsa.c
Normal file
516
component/common/network/ssl/polarssl-1.3.8/library/rom/ecdsa.c
Normal file
|
|
@ -0,0 +1,516 @@
|
|||
/*
|
||||
* Elliptic curve DSA
|
||||
*
|
||||
* Copyright (C) 2006-2014, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
/*
|
||||
* References:
|
||||
*
|
||||
* SEC1 http://www.secg.org/index.php?action=secg,docs_secg
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#include "polarssl/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_ECDSA_C)
|
||||
|
||||
#include "polarssl/ecdsa.h"
|
||||
#include "polarssl/asn1write.h"
|
||||
|
||||
#if defined(POLARSSL_ECDSA_DETERMINISTIC)
|
||||
#include "polarssl/hmac_drbg.h"
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_ECDSA_DETERMINISTIC)
|
||||
/*
|
||||
* This a hopefully temporary compatibility function.
|
||||
*
|
||||
* Since we can't ensure the caller will pass a valid md_alg before the next
|
||||
* interface change, try to pick up a decent md by size.
|
||||
*
|
||||
* Argument is the minimum size in bytes of the MD output.
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static const md_info_t *md_info_by_size( size_t min_size )
|
||||
{
|
||||
const md_info_t *md_cur, *md_picked = NULL;
|
||||
const int *md_alg;
|
||||
|
||||
for( md_alg = md_list(); *md_alg != 0; md_alg++ )
|
||||
{
|
||||
if( ( md_cur = md_info_from_type( *md_alg ) ) == NULL ||
|
||||
(size_t) md_cur->size < min_size ||
|
||||
( md_picked != NULL && md_cur->size > md_picked->size ) )
|
||||
continue;
|
||||
|
||||
md_picked = md_cur;
|
||||
}
|
||||
|
||||
return( md_picked );
|
||||
}
|
||||
#endif /* POLARSSL_ECDSA_DETERMINISTIC */
|
||||
|
||||
/*
|
||||
* Derive a suitable integer for group grp from a buffer of length len
|
||||
* SEC1 4.1.3 step 5 aka SEC1 4.1.4 step 3
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static int derive_mpi( const ecp_group *grp, mpi *x,
|
||||
const unsigned char *buf, size_t blen )
|
||||
{
|
||||
int ret;
|
||||
size_t n_size = ( grp->nbits + 7 ) / 8;
|
||||
size_t use_size = blen > n_size ? n_size : blen;
|
||||
|
||||
MPI_CHK( mpi_read_binary( x, buf, use_size ) );
|
||||
if( use_size * 8 > grp->nbits )
|
||||
MPI_CHK( mpi_shift_r( x, use_size * 8 - grp->nbits ) );
|
||||
|
||||
/* While at it, reduce modulo N */
|
||||
if( mpi_cmp_mpi( x, &grp->N ) >= 0 )
|
||||
MPI_CHK( mpi_sub_mpi( x, x, &grp->N ) );
|
||||
|
||||
cleanup:
|
||||
return( ret );
|
||||
}
|
||||
|
||||
/*
|
||||
* Compute ECDSA signature of a hashed message (SEC1 4.1.3)
|
||||
* Obviously, compared to SEC1 4.1.3, we skip step 4 (hash message)
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int ecdsa_sign( ecp_group *grp, mpi *r, mpi *s,
|
||||
const mpi *d, const unsigned char *buf, size_t blen,
|
||||
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
|
||||
{
|
||||
int ret, key_tries, sign_tries, blind_tries;
|
||||
ecp_point R;
|
||||
mpi k, e, t;
|
||||
|
||||
/* Fail cleanly on curves such as Curve25519 that can't be used for ECDSA */
|
||||
if( grp->N.p == NULL )
|
||||
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA );
|
||||
|
||||
ecp_point_init( &R );
|
||||
mpi_init( &k ); mpi_init( &e ); mpi_init( &t );
|
||||
|
||||
sign_tries = 0;
|
||||
do
|
||||
{
|
||||
/*
|
||||
* Steps 1-3: generate a suitable ephemeral keypair
|
||||
* and set r = xR mod n
|
||||
*/
|
||||
key_tries = 0;
|
||||
do
|
||||
{
|
||||
MPI_CHK( ecp_gen_keypair( grp, &k, &R, f_rng, p_rng ) );
|
||||
MPI_CHK( mpi_mod_mpi( r, &R.X, &grp->N ) );
|
||||
|
||||
if( key_tries++ > 10 )
|
||||
{
|
||||
ret = POLARSSL_ERR_ECP_RANDOM_FAILED;
|
||||
goto cleanup;
|
||||
}
|
||||
}
|
||||
while( mpi_cmp_int( r, 0 ) == 0 );
|
||||
|
||||
/*
|
||||
* Step 5: derive MPI from hashed message
|
||||
*/
|
||||
MPI_CHK( derive_mpi( grp, &e, buf, blen ) );
|
||||
|
||||
/*
|
||||
* Generate a random value to blind inv_mod in next step,
|
||||
* avoiding a potential timing leak.
|
||||
*/
|
||||
blind_tries = 0;
|
||||
do
|
||||
{
|
||||
size_t n_size = ( grp->nbits + 7 ) / 8;
|
||||
MPI_CHK( mpi_fill_random( &t, n_size, f_rng, p_rng ) );
|
||||
MPI_CHK( mpi_shift_r( &t, 8 * n_size - grp->nbits ) );
|
||||
|
||||
/* See ecp_gen_keypair() */
|
||||
if( ++blind_tries > 30 )
|
||||
return( POLARSSL_ERR_ECP_RANDOM_FAILED );
|
||||
}
|
||||
while( mpi_cmp_int( &t, 1 ) < 0 ||
|
||||
mpi_cmp_mpi( &t, &grp->N ) >= 0 );
|
||||
|
||||
/*
|
||||
* Step 6: compute s = (e + r * d) / k = t (e + rd) / (kt) mod n
|
||||
*/
|
||||
MPI_CHK( mpi_mul_mpi( s, r, d ) );
|
||||
MPI_CHK( mpi_add_mpi( &e, &e, s ) );
|
||||
MPI_CHK( mpi_mul_mpi( &e, &e, &t ) );
|
||||
MPI_CHK( mpi_mul_mpi( &k, &k, &t ) );
|
||||
MPI_CHK( mpi_inv_mod( s, &k, &grp->N ) );
|
||||
MPI_CHK( mpi_mul_mpi( s, s, &e ) );
|
||||
MPI_CHK( mpi_mod_mpi( s, s, &grp->N ) );
|
||||
|
||||
if( sign_tries++ > 10 )
|
||||
{
|
||||
ret = POLARSSL_ERR_ECP_RANDOM_FAILED;
|
||||
goto cleanup;
|
||||
}
|
||||
}
|
||||
while( mpi_cmp_int( s, 0 ) == 0 );
|
||||
|
||||
cleanup:
|
||||
ecp_point_free( &R );
|
||||
mpi_free( &k ); mpi_free( &e ); mpi_free( &t );
|
||||
|
||||
return( ret );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_ECDSA_DETERMINISTIC)
|
||||
/*
|
||||
* Deterministic signature wrapper
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int ecdsa_sign_det( ecp_group *grp, mpi *r, mpi *s,
|
||||
const mpi *d, const unsigned char *buf, size_t blen,
|
||||
md_type_t md_alg )
|
||||
{
|
||||
int ret;
|
||||
hmac_drbg_context rng_ctx;
|
||||
unsigned char data[2 * POLARSSL_ECP_MAX_BYTES];
|
||||
size_t grp_len = ( grp->nbits + 7 ) / 8;
|
||||
const md_info_t *md_info;
|
||||
mpi h;
|
||||
|
||||
/* Temporary fallback */
|
||||
if( md_alg == POLARSSL_MD_NONE )
|
||||
md_info = md_info_by_size( blen );
|
||||
else
|
||||
md_info = md_info_from_type( md_alg );
|
||||
|
||||
if( md_info == NULL )
|
||||
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA );
|
||||
|
||||
mpi_init( &h );
|
||||
memset( &rng_ctx, 0, sizeof( hmac_drbg_context ) );
|
||||
|
||||
/* Use private key and message hash (reduced) to initialize HMAC_DRBG */
|
||||
MPI_CHK( mpi_write_binary( d, data, grp_len ) );
|
||||
MPI_CHK( derive_mpi( grp, &h, buf, blen ) );
|
||||
MPI_CHK( mpi_write_binary( &h, data + grp_len, grp_len ) );
|
||||
hmac_drbg_init_buf( &rng_ctx, md_info, data, 2 * grp_len );
|
||||
|
||||
ret = ecdsa_sign( grp, r, s, d, buf, blen,
|
||||
hmac_drbg_random, &rng_ctx );
|
||||
|
||||
cleanup:
|
||||
hmac_drbg_free( &rng_ctx );
|
||||
mpi_free( &h );
|
||||
|
||||
return( ret );
|
||||
}
|
||||
#endif /* POLARSSL_ECDSA_DETERMINISTIC */
|
||||
|
||||
/*
|
||||
* Verify ECDSA signature of hashed message (SEC1 4.1.4)
|
||||
* Obviously, compared to SEC1 4.1.3, we skip step 2 (hash message)
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int ecdsa_verify( ecp_group *grp,
|
||||
const unsigned char *buf, size_t blen,
|
||||
const ecp_point *Q, const mpi *r, const mpi *s)
|
||||
{
|
||||
int ret;
|
||||
mpi e, s_inv, u1, u2;
|
||||
ecp_point R, P;
|
||||
|
||||
ecp_point_init( &R ); ecp_point_init( &P );
|
||||
mpi_init( &e ); mpi_init( &s_inv ); mpi_init( &u1 ); mpi_init( &u2 );
|
||||
|
||||
/* Fail cleanly on curves such as Curve25519 that can't be used for ECDSA */
|
||||
if( grp->N.p == NULL )
|
||||
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA );
|
||||
|
||||
/*
|
||||
* Step 1: make sure r and s are in range 1..n-1
|
||||
*/
|
||||
if( mpi_cmp_int( r, 1 ) < 0 || mpi_cmp_mpi( r, &grp->N ) >= 0 ||
|
||||
mpi_cmp_int( s, 1 ) < 0 || mpi_cmp_mpi( s, &grp->N ) >= 0 )
|
||||
{
|
||||
ret = POLARSSL_ERR_ECP_VERIFY_FAILED;
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
/*
|
||||
* Additional precaution: make sure Q is valid
|
||||
*/
|
||||
MPI_CHK( ecp_check_pubkey( grp, Q ) );
|
||||
|
||||
/*
|
||||
* Step 3: derive MPI from hashed message
|
||||
*/
|
||||
MPI_CHK( derive_mpi( grp, &e, buf, blen ) );
|
||||
|
||||
/*
|
||||
* Step 4: u1 = e / s mod n, u2 = r / s mod n
|
||||
*/
|
||||
MPI_CHK( mpi_inv_mod( &s_inv, s, &grp->N ) );
|
||||
|
||||
MPI_CHK( mpi_mul_mpi( &u1, &e, &s_inv ) );
|
||||
MPI_CHK( mpi_mod_mpi( &u1, &u1, &grp->N ) );
|
||||
|
||||
MPI_CHK( mpi_mul_mpi( &u2, r, &s_inv ) );
|
||||
MPI_CHK( mpi_mod_mpi( &u2, &u2, &grp->N ) );
|
||||
|
||||
/*
|
||||
* Step 5: R = u1 G + u2 Q
|
||||
*
|
||||
* Since we're not using any secret data, no need to pass a RNG to
|
||||
* ecp_mul() for countermesures.
|
||||
*/
|
||||
MPI_CHK( ecp_mul( grp, &R, &u1, &grp->G, NULL, NULL ) );
|
||||
MPI_CHK( ecp_mul( grp, &P, &u2, Q, NULL, NULL ) );
|
||||
MPI_CHK( ecp_add( grp, &R, &R, &P ) );
|
||||
|
||||
if( ecp_is_zero( &R ) )
|
||||
{
|
||||
ret = POLARSSL_ERR_ECP_VERIFY_FAILED;
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
/*
|
||||
* Step 6: convert xR to an integer (no-op)
|
||||
* Step 7: reduce xR mod n (gives v)
|
||||
*/
|
||||
MPI_CHK( mpi_mod_mpi( &R.X, &R.X, &grp->N ) );
|
||||
|
||||
/*
|
||||
* Step 8: check if v (that is, R.X) is equal to r
|
||||
*/
|
||||
if( mpi_cmp_mpi( &R.X, r ) != 0 )
|
||||
{
|
||||
ret = POLARSSL_ERR_ECP_VERIFY_FAILED;
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
cleanup:
|
||||
ecp_point_free( &R ); ecp_point_free( &P );
|
||||
mpi_free( &e ); mpi_free( &s_inv ); mpi_free( &u1 ); mpi_free( &u2 );
|
||||
|
||||
return( ret );
|
||||
}
|
||||
|
||||
/*
|
||||
* RFC 4492 page 20:
|
||||
*
|
||||
* Ecdsa-Sig-Value ::= SEQUENCE {
|
||||
* r INTEGER,
|
||||
* s INTEGER
|
||||
* }
|
||||
*
|
||||
* Size is at most
|
||||
* 1 (tag) + 1 (len) + 1 (initial 0) + ECP_MAX_BYTES for each of r and s,
|
||||
* twice that + 1 (tag) + 2 (len) for the sequence
|
||||
* (assuming ECP_MAX_BYTES is less than 126 for r and s,
|
||||
* and less than 124 (total len <= 255) for the sequence)
|
||||
*/
|
||||
#if POLARSSL_ECP_MAX_BYTES > 124
|
||||
#error "POLARSSL_ECP_MAX_BYTES bigger than expected, please fix MAX_SIG_LEN"
|
||||
#endif
|
||||
#define MAX_SIG_LEN ( 3 + 2 * ( 2 + POLARSSL_ECP_MAX_BYTES ) )
|
||||
|
||||
/*
|
||||
* Convert a signature (given by context) to ASN.1
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static int ecdsa_signature_to_asn1( ecdsa_context *ctx,
|
||||
unsigned char *sig, size_t *slen )
|
||||
{
|
||||
int ret;
|
||||
unsigned char buf[MAX_SIG_LEN];
|
||||
unsigned char *p = buf + sizeof( buf );
|
||||
size_t len = 0;
|
||||
|
||||
ASN1_CHK_ADD( len, asn1_write_mpi( &p, buf, &ctx->s ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_mpi( &p, buf, &ctx->r ) );
|
||||
|
||||
ASN1_CHK_ADD( len, asn1_write_len( &p, buf, len ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_tag( &p, buf,
|
||||
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) );
|
||||
|
||||
memcpy( sig, p, len );
|
||||
*slen = len;
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
/*
|
||||
* Compute and write signature
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int ecdsa_write_signature( ecdsa_context *ctx,
|
||||
const unsigned char *hash, size_t hlen,
|
||||
unsigned char *sig, size_t *slen,
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng )
|
||||
{
|
||||
int ret;
|
||||
|
||||
if( ( ret = ecdsa_sign( &ctx->grp, &ctx->r, &ctx->s, &ctx->d,
|
||||
hash, hlen, f_rng, p_rng ) ) != 0 )
|
||||
{
|
||||
return( ret );
|
||||
}
|
||||
|
||||
return( ecdsa_signature_to_asn1( ctx, sig, slen ) );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_ECDSA_DETERMINISTIC)
|
||||
/*
|
||||
* Compute and write signature deterministically
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int ecdsa_write_signature_det( ecdsa_context *ctx,
|
||||
const unsigned char *hash, size_t hlen,
|
||||
unsigned char *sig, size_t *slen,
|
||||
md_type_t md_alg )
|
||||
{
|
||||
int ret;
|
||||
|
||||
if( ( ret = ecdsa_sign_det( &ctx->grp, &ctx->r, &ctx->s, &ctx->d,
|
||||
hash, hlen, md_alg ) ) != 0 )
|
||||
{
|
||||
return( ret );
|
||||
}
|
||||
|
||||
return( ecdsa_signature_to_asn1( ctx, sig, slen ) );
|
||||
}
|
||||
#endif /* POLARSSL_ECDSA_DETERMINISTIC */
|
||||
|
||||
/*
|
||||
* Read and check signature
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int ecdsa_read_signature( ecdsa_context *ctx,
|
||||
const unsigned char *hash, size_t hlen,
|
||||
const unsigned char *sig, size_t slen )
|
||||
{
|
||||
int ret;
|
||||
unsigned char *p = (unsigned char *) sig;
|
||||
const unsigned char *end = sig + slen;
|
||||
size_t len;
|
||||
|
||||
if( ( ret = asn1_get_tag( &p, end, &len,
|
||||
ASN1_CONSTRUCTED | ASN1_SEQUENCE ) ) != 0 )
|
||||
{
|
||||
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA + ret );
|
||||
}
|
||||
|
||||
if( p + len != end )
|
||||
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA +
|
||||
POLARSSL_ERR_ASN1_LENGTH_MISMATCH );
|
||||
|
||||
if( ( ret = asn1_get_mpi( &p, end, &ctx->r ) ) != 0 ||
|
||||
( ret = asn1_get_mpi( &p, end, &ctx->s ) ) != 0 )
|
||||
return( POLARSSL_ERR_ECP_BAD_INPUT_DATA + ret );
|
||||
|
||||
if( ( ret = ecdsa_verify( &ctx->grp, hash, hlen,
|
||||
&ctx->Q, &ctx->r, &ctx->s ) ) != 0 )
|
||||
return( ret );
|
||||
|
||||
if( p != end )
|
||||
return( POLARSSL_ERR_ECP_SIG_LEN_MISMATCH );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
/*
|
||||
* Generate key pair
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int ecdsa_genkey( ecdsa_context *ctx, ecp_group_id gid,
|
||||
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
|
||||
{
|
||||
return( ecp_use_known_dp( &ctx->grp, gid ) ||
|
||||
ecp_gen_keypair( &ctx->grp, &ctx->d, &ctx->Q, f_rng, p_rng ) );
|
||||
}
|
||||
|
||||
/*
|
||||
* Set context from an ecp_keypair
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int ecdsa_from_keypair( ecdsa_context *ctx, const ecp_keypair *key )
|
||||
{
|
||||
int ret;
|
||||
|
||||
if( ( ret = ecp_group_copy( &ctx->grp, &key->grp ) ) != 0 ||
|
||||
( ret = mpi_copy( &ctx->d, &key->d ) ) != 0 ||
|
||||
( ret = ecp_copy( &ctx->Q, &key->Q ) ) != 0 )
|
||||
{
|
||||
ecdsa_free( ctx );
|
||||
}
|
||||
|
||||
return( ret );
|
||||
}
|
||||
|
||||
/*
|
||||
* Initialize context
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void ecdsa_init( ecdsa_context *ctx )
|
||||
{
|
||||
ecp_group_init( &ctx->grp );
|
||||
mpi_init( &ctx->d );
|
||||
ecp_point_init( &ctx->Q );
|
||||
mpi_init( &ctx->r );
|
||||
mpi_init( &ctx->s );
|
||||
}
|
||||
|
||||
/*
|
||||
* Free context
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void ecdsa_free( ecdsa_context *ctx )
|
||||
{
|
||||
ecp_group_free( &ctx->grp );
|
||||
mpi_free( &ctx->d );
|
||||
ecp_point_free( &ctx->Q );
|
||||
mpi_free( &ctx->r );
|
||||
mpi_free( &ctx->s );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_SELF_TEST)
|
||||
|
||||
/*
|
||||
* Checkup routine
|
||||
*/
|
||||
int ecdsa_self_test( int verbose )
|
||||
{
|
||||
((void) verbose );
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
#endif /* POLARSSL_SELF_TEST */
|
||||
|
||||
#endif /* POLARSSL_ECDSA_C */
|
||||
2080
component/common/network/ssl/polarssl-1.3.8/library/rom/ecp.c
Normal file
2080
component/common/network/ssl/polarssl-1.3.8/library/rom/ecp.c
Normal file
File diff suppressed because it is too large
Load diff
1461
component/common/network/ssl/polarssl-1.3.8/library/rom/ecp_curves.c
Normal file
1461
component/common/network/ssl/polarssl-1.3.8/library/rom/ecp_curves.c
Normal file
File diff suppressed because it is too large
Load diff
|
|
@ -0,0 +1,515 @@
|
|||
/*
|
||||
* HMAC_DRBG implementation (NIST SP 800-90)
|
||||
*
|
||||
* Copyright (C) 2014, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
/*
|
||||
* The NIST SP 800-90A DRBGs are described in the following publication.
|
||||
* http://csrc.nist.gov/publications/nistpubs/800-90A/SP800-90A.pdf
|
||||
* References below are based on rev. 1 (January 2012).
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#include "polarssl/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_HMAC_DRBG_C)
|
||||
|
||||
#include "polarssl/hmac_drbg.h"
|
||||
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
#include <stdio.h>
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#include "polarssl/platform.h"
|
||||
#else
|
||||
#define polarssl_printf printf
|
||||
#endif
|
||||
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static void polarssl_zeroize( void *v, size_t n ) {
|
||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||
}
|
||||
|
||||
/*
|
||||
* HMAC_DRBG update, using optional additional data (10.1.2.2)
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void hmac_drbg_update( hmac_drbg_context *ctx,
|
||||
const unsigned char *additional, size_t add_len )
|
||||
{
|
||||
size_t md_len = ctx->md_ctx.md_info->size;
|
||||
unsigned char rounds = ( additional != NULL && add_len != 0 ) ? 2 : 1;
|
||||
unsigned char sep[1];
|
||||
unsigned char K[POLARSSL_MD_MAX_SIZE];
|
||||
|
||||
for( sep[0] = 0; sep[0] < rounds; sep[0]++ )
|
||||
{
|
||||
/* Step 1 or 4 */
|
||||
md_hmac_reset( &ctx->md_ctx );
|
||||
md_hmac_update( &ctx->md_ctx, ctx->V, md_len );
|
||||
md_hmac_update( &ctx->md_ctx, sep, 1 );
|
||||
if( rounds == 2 )
|
||||
md_hmac_update( &ctx->md_ctx, additional, add_len );
|
||||
md_hmac_finish( &ctx->md_ctx, K );
|
||||
|
||||
/* Step 2 or 5 */
|
||||
md_hmac_starts( &ctx->md_ctx, K, md_len );
|
||||
md_hmac_update( &ctx->md_ctx, ctx->V, md_len );
|
||||
md_hmac_finish( &ctx->md_ctx, ctx->V );
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
* Simplified HMAC_DRBG initialisation (for use with deterministic ECDSA)
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int hmac_drbg_init_buf( hmac_drbg_context *ctx,
|
||||
const md_info_t * md_info,
|
||||
const unsigned char *data, size_t data_len )
|
||||
{
|
||||
int ret;
|
||||
|
||||
memset( ctx, 0, sizeof( hmac_drbg_context ) );
|
||||
|
||||
md_init( &ctx->md_ctx );
|
||||
|
||||
if( ( ret = md_init_ctx( &ctx->md_ctx, md_info ) ) != 0 )
|
||||
return( ret );
|
||||
|
||||
/*
|
||||
* Set initial working state.
|
||||
* Use the V memory location, which is currently all 0, to initialize the
|
||||
* MD context with an all-zero key. Then set V to its initial value.
|
||||
*/
|
||||
md_hmac_starts( &ctx->md_ctx, ctx->V, md_info->size );
|
||||
memset( ctx->V, 0x01, md_info->size );
|
||||
|
||||
hmac_drbg_update( ctx, data, data_len );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
/*
|
||||
* HMAC_DRBG reseeding: 10.1.2.4 (arabic) + 9.2 (Roman)
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int hmac_drbg_reseed( hmac_drbg_context *ctx,
|
||||
const unsigned char *additional, size_t len )
|
||||
{
|
||||
unsigned char seed[POLARSSL_HMAC_DRBG_MAX_SEED_INPUT];
|
||||
size_t seedlen;
|
||||
|
||||
/* III. Check input length */
|
||||
if( len > POLARSSL_HMAC_DRBG_MAX_INPUT ||
|
||||
ctx->entropy_len + len > POLARSSL_HMAC_DRBG_MAX_SEED_INPUT )
|
||||
{
|
||||
return( POLARSSL_ERR_HMAC_DRBG_INPUT_TOO_BIG );
|
||||
}
|
||||
|
||||
memset( seed, 0, POLARSSL_HMAC_DRBG_MAX_SEED_INPUT );
|
||||
|
||||
/* IV. Gather entropy_len bytes of entropy for the seed */
|
||||
if( ctx->f_entropy( ctx->p_entropy, seed, ctx->entropy_len ) != 0 )
|
||||
return( POLARSSL_ERR_HMAC_DRBG_ENTROPY_SOURCE_FAILED );
|
||||
|
||||
seedlen = ctx->entropy_len;
|
||||
|
||||
/* 1. Concatenate entropy and additional data if any */
|
||||
if( additional != NULL && len != 0 )
|
||||
{
|
||||
memcpy( seed + seedlen, additional, len );
|
||||
seedlen += len;
|
||||
}
|
||||
|
||||
/* 2. Update state */
|
||||
hmac_drbg_update( ctx, seed, seedlen );
|
||||
|
||||
/* 3. Reset reseed_counter */
|
||||
ctx->reseed_counter = 1;
|
||||
|
||||
/* 4. Done */
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
/*
|
||||
* HMAC_DRBG initialisation (10.1.2.3 + 9.1)
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int hmac_drbg_init( hmac_drbg_context *ctx,
|
||||
const md_info_t * md_info,
|
||||
int (*f_entropy)(void *, unsigned char *, size_t),
|
||||
void *p_entropy,
|
||||
const unsigned char *custom,
|
||||
size_t len )
|
||||
{
|
||||
int ret;
|
||||
size_t entropy_len;
|
||||
|
||||
memset( ctx, 0, sizeof( hmac_drbg_context ) );
|
||||
|
||||
md_init( &ctx->md_ctx );
|
||||
|
||||
if( ( ret = md_init_ctx( &ctx->md_ctx, md_info ) ) != 0 )
|
||||
return( ret );
|
||||
|
||||
/*
|
||||
* Set initial working state.
|
||||
* Use the V memory location, which is currently all 0, to initialize the
|
||||
* MD context with an all-zero key. Then set V to its initial value.
|
||||
*/
|
||||
md_hmac_starts( &ctx->md_ctx, ctx->V, md_info->size );
|
||||
memset( ctx->V, 0x01, md_info->size );
|
||||
|
||||
ctx->f_entropy = f_entropy;
|
||||
ctx->p_entropy = p_entropy;
|
||||
|
||||
ctx->reseed_interval = POLARSSL_HMAC_DRBG_RESEED_INTERVAL;
|
||||
|
||||
/*
|
||||
* See SP800-57 5.6.1 (p. 65-66) for the security strength provided by
|
||||
* each hash function, then according to SP800-90A rev1 10.1 table 2,
|
||||
* min_entropy_len (in bits) is security_strength.
|
||||
*
|
||||
* (This also matches the sizes used in the NIST test vectors.)
|
||||
*/
|
||||
entropy_len = md_info->size <= 20 ? 16 : /* 160-bits hash -> 128 bits */
|
||||
md_info->size <= 28 ? 24 : /* 224-bits hash -> 192 bits */
|
||||
32; /* better (256+) -> 256 bits */
|
||||
|
||||
/*
|
||||
* For initialisation, use more entropy to emulate a nonce
|
||||
* (Again, matches test vectors.)
|
||||
*/
|
||||
ctx->entropy_len = entropy_len * 3 / 2;
|
||||
|
||||
if( ( ret = hmac_drbg_reseed( ctx, custom, len ) ) != 0 )
|
||||
return( ret );
|
||||
|
||||
ctx->entropy_len = entropy_len;
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
/*
|
||||
* Set prediction resistance
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void hmac_drbg_set_prediction_resistance( hmac_drbg_context *ctx,
|
||||
int resistance )
|
||||
{
|
||||
ctx->prediction_resistance = resistance;
|
||||
}
|
||||
|
||||
/*
|
||||
* Set entropy length grabbed for reseeds
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void hmac_drbg_set_entropy_len( hmac_drbg_context *ctx, size_t len )
|
||||
{
|
||||
ctx->entropy_len = len;
|
||||
}
|
||||
|
||||
/*
|
||||
* Set reseed interval
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void hmac_drbg_set_reseed_interval( hmac_drbg_context *ctx, int interval )
|
||||
{
|
||||
ctx->reseed_interval = interval;
|
||||
}
|
||||
|
||||
/*
|
||||
* HMAC_DRBG random function with optional additional data:
|
||||
* 10.1.2.5 (arabic) + 9.3 (Roman)
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int hmac_drbg_random_with_add( void *p_rng,
|
||||
unsigned char *output, size_t out_len,
|
||||
const unsigned char *additional, size_t add_len )
|
||||
{
|
||||
int ret;
|
||||
hmac_drbg_context *ctx = (hmac_drbg_context *) p_rng;
|
||||
size_t md_len = md_get_size( ctx->md_ctx.md_info );
|
||||
size_t left = out_len;
|
||||
unsigned char *out = output;
|
||||
|
||||
/* II. Check request length */
|
||||
if( out_len > POLARSSL_HMAC_DRBG_MAX_REQUEST )
|
||||
return( POLARSSL_ERR_HMAC_DRBG_REQUEST_TOO_BIG );
|
||||
|
||||
/* III. Check input length */
|
||||
if( add_len > POLARSSL_HMAC_DRBG_MAX_INPUT )
|
||||
return( POLARSSL_ERR_HMAC_DRBG_INPUT_TOO_BIG );
|
||||
|
||||
/* 1. (aka VII and IX) Check reseed counter and PR */
|
||||
if( ctx->f_entropy != NULL && /* For no-reseeding instances */
|
||||
( ctx->prediction_resistance == POLARSSL_HMAC_DRBG_PR_ON ||
|
||||
ctx->reseed_counter > ctx->reseed_interval ) )
|
||||
{
|
||||
if( ( ret = hmac_drbg_reseed( ctx, additional, add_len ) ) != 0 )
|
||||
return( ret );
|
||||
|
||||
add_len = 0; /* VII.4 */
|
||||
}
|
||||
|
||||
/* 2. Use additional data if any */
|
||||
if( additional != NULL && add_len != 0 )
|
||||
hmac_drbg_update( ctx, additional, add_len );
|
||||
|
||||
/* 3, 4, 5. Generate bytes */
|
||||
while( left != 0 )
|
||||
{
|
||||
size_t use_len = left > md_len ? md_len : left;
|
||||
|
||||
md_hmac_reset( &ctx->md_ctx );
|
||||
md_hmac_update( &ctx->md_ctx, ctx->V, md_len );
|
||||
md_hmac_finish( &ctx->md_ctx, ctx->V );
|
||||
|
||||
memcpy( out, ctx->V, use_len );
|
||||
out += use_len;
|
||||
left -= use_len;
|
||||
}
|
||||
|
||||
/* 6. Update */
|
||||
hmac_drbg_update( ctx, additional, add_len );
|
||||
|
||||
/* 7. Update reseed counter */
|
||||
ctx->reseed_counter++;
|
||||
|
||||
/* 8. Done */
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
/*
|
||||
* HMAC_DRBG random function
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int hmac_drbg_random( void *p_rng, unsigned char *output, size_t out_len )
|
||||
{
|
||||
return( hmac_drbg_random_with_add( p_rng, output, out_len, NULL, 0 ) );
|
||||
}
|
||||
|
||||
/*
|
||||
* Free an HMAC_DRBG context
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void hmac_drbg_free( hmac_drbg_context *ctx )
|
||||
{
|
||||
if( ctx == NULL )
|
||||
return;
|
||||
|
||||
md_free_ctx( &ctx->md_ctx );
|
||||
|
||||
polarssl_zeroize( ctx, sizeof( hmac_drbg_context ) );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int hmac_drbg_write_seed_file( hmac_drbg_context *ctx, const char *path )
|
||||
{
|
||||
int ret;
|
||||
FILE *f;
|
||||
unsigned char buf[ POLARSSL_HMAC_DRBG_MAX_INPUT ];
|
||||
|
||||
if( ( f = fopen( path, "wb" ) ) == NULL )
|
||||
return( POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR );
|
||||
|
||||
if( ( ret = hmac_drbg_random( ctx, buf, sizeof( buf ) ) ) != 0 )
|
||||
goto exit;
|
||||
|
||||
if( fwrite( buf, 1, sizeof( buf ), f ) != sizeof( buf ) )
|
||||
{
|
||||
ret = POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR;
|
||||
goto exit;
|
||||
}
|
||||
|
||||
ret = 0;
|
||||
|
||||
exit:
|
||||
fclose( f );
|
||||
return( ret );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int hmac_drbg_update_seed_file( hmac_drbg_context *ctx, const char *path )
|
||||
{
|
||||
FILE *f;
|
||||
size_t n;
|
||||
unsigned char buf[ POLARSSL_HMAC_DRBG_MAX_INPUT ];
|
||||
|
||||
if( ( f = fopen( path, "rb" ) ) == NULL )
|
||||
return( POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR );
|
||||
|
||||
fseek( f, 0, SEEK_END );
|
||||
n = (size_t) ftell( f );
|
||||
fseek( f, 0, SEEK_SET );
|
||||
|
||||
if( n > POLARSSL_HMAC_DRBG_MAX_INPUT )
|
||||
{
|
||||
fclose( f );
|
||||
return( POLARSSL_ERR_HMAC_DRBG_INPUT_TOO_BIG );
|
||||
}
|
||||
|
||||
if( fread( buf, 1, n, f ) != n )
|
||||
{
|
||||
fclose( f );
|
||||
return( POLARSSL_ERR_HMAC_DRBG_FILE_IO_ERROR );
|
||||
}
|
||||
|
||||
fclose( f );
|
||||
|
||||
hmac_drbg_update( ctx, buf, n );
|
||||
|
||||
return( hmac_drbg_write_seed_file( ctx, path ) );
|
||||
}
|
||||
#endif /* POLARSSL_FS_IO */
|
||||
|
||||
|
||||
#if defined(POLARSSL_SELF_TEST)
|
||||
|
||||
#include <stdio.h>
|
||||
|
||||
#if !defined(POLARSSL_SHA1_C)
|
||||
/* Dummy checkup routine */
|
||||
int hmac_drbg_self_test( int verbose )
|
||||
{
|
||||
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( "\n" );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
#else
|
||||
|
||||
#define OUTPUT_LEN 80
|
||||
|
||||
/* From a NIST PR=true test vector */
|
||||
static unsigned char entropy_pr[] = {
|
||||
0xa0, 0xc9, 0xab, 0x58, 0xf1, 0xe2, 0xe5, 0xa4, 0xde, 0x3e, 0xbd, 0x4f,
|
||||
0xf7, 0x3e, 0x9c, 0x5b, 0x64, 0xef, 0xd8, 0xca, 0x02, 0x8c, 0xf8, 0x11,
|
||||
0x48, 0xa5, 0x84, 0xfe, 0x69, 0xab, 0x5a, 0xee, 0x42, 0xaa, 0x4d, 0x42,
|
||||
0x17, 0x60, 0x99, 0xd4, 0x5e, 0x13, 0x97, 0xdc, 0x40, 0x4d, 0x86, 0xa3,
|
||||
0x7b, 0xf5, 0x59, 0x54, 0x75, 0x69, 0x51, 0xe4 };
|
||||
static const unsigned char result_pr[OUTPUT_LEN] = {
|
||||
0x9a, 0x00, 0xa2, 0xd0, 0x0e, 0xd5, 0x9b, 0xfe, 0x31, 0xec, 0xb1, 0x39,
|
||||
0x9b, 0x60, 0x81, 0x48, 0xd1, 0x96, 0x9d, 0x25, 0x0d, 0x3c, 0x1e, 0x94,
|
||||
0x10, 0x10, 0x98, 0x12, 0x93, 0x25, 0xca, 0xb8, 0xfc, 0xcc, 0x2d, 0x54,
|
||||
0x73, 0x19, 0x70, 0xc0, 0x10, 0x7a, 0xa4, 0x89, 0x25, 0x19, 0x95, 0x5e,
|
||||
0x4b, 0xc6, 0x00, 0x1d, 0x7f, 0x4e, 0x6a, 0x2b, 0xf8, 0xa3, 0x01, 0xab,
|
||||
0x46, 0x05, 0x5c, 0x09, 0xa6, 0x71, 0x88, 0xf1, 0xa7, 0x40, 0xee, 0xf3,
|
||||
0xe1, 0x5c, 0x02, 0x9b, 0x44, 0xaf, 0x03, 0x44 };
|
||||
|
||||
/* From a NIST PR=false test vector */
|
||||
static unsigned char entropy_nopr[] = {
|
||||
0x79, 0x34, 0x9b, 0xbf, 0x7c, 0xdd, 0xa5, 0x79, 0x95, 0x57, 0x86, 0x66,
|
||||
0x21, 0xc9, 0x13, 0x83, 0x11, 0x46, 0x73, 0x3a, 0xbf, 0x8c, 0x35, 0xc8,
|
||||
0xc7, 0x21, 0x5b, 0x5b, 0x96, 0xc4, 0x8e, 0x9b, 0x33, 0x8c, 0x74, 0xe3,
|
||||
0xe9, 0x9d, 0xfe, 0xdf };
|
||||
static const unsigned char result_nopr[OUTPUT_LEN] = {
|
||||
0xc6, 0xa1, 0x6a, 0xb8, 0xd4, 0x20, 0x70, 0x6f, 0x0f, 0x34, 0xab, 0x7f,
|
||||
0xec, 0x5a, 0xdc, 0xa9, 0xd8, 0xca, 0x3a, 0x13, 0x3e, 0x15, 0x9c, 0xa6,
|
||||
0xac, 0x43, 0xc6, 0xf8, 0xa2, 0xbe, 0x22, 0x83, 0x4a, 0x4c, 0x0a, 0x0a,
|
||||
0xff, 0xb1, 0x0d, 0x71, 0x94, 0xf1, 0xc1, 0xa5, 0xcf, 0x73, 0x22, 0xec,
|
||||
0x1a, 0xe0, 0x96, 0x4e, 0xd4, 0xbf, 0x12, 0x27, 0x46, 0xe0, 0x87, 0xfd,
|
||||
0xb5, 0xb3, 0xe9, 0x1b, 0x34, 0x93, 0xd5, 0xbb, 0x98, 0xfa, 0xed, 0x49,
|
||||
0xe8, 0x5f, 0x13, 0x0f, 0xc8, 0xa4, 0x59, 0xb7 };
|
||||
|
||||
/* "Entropy" from buffer */
|
||||
static size_t test_offset;
|
||||
static int hmac_drbg_self_test_entropy( void *data,
|
||||
unsigned char *buf, size_t len )
|
||||
{
|
||||
const unsigned char *p = data;
|
||||
memcpy( buf, p + test_offset, len );
|
||||
test_offset += len;
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
#define CHK( c ) if( (c) != 0 ) \
|
||||
{ \
|
||||
if( verbose != 0 ) \
|
||||
polarssl_printf( "failed\n" ); \
|
||||
return( 1 ); \
|
||||
}
|
||||
|
||||
/*
|
||||
* Checkup routine for HMAC_DRBG with SHA-1
|
||||
*/
|
||||
int hmac_drbg_self_test( int verbose )
|
||||
{
|
||||
hmac_drbg_context ctx;
|
||||
unsigned char buf[OUTPUT_LEN];
|
||||
const md_info_t *md_info = md_info_from_type( POLARSSL_MD_SHA1 );
|
||||
|
||||
/*
|
||||
* PR = True
|
||||
*/
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( " HMAC_DRBG (PR = True) : " );
|
||||
|
||||
test_offset = 0;
|
||||
CHK( hmac_drbg_init( &ctx, md_info,
|
||||
hmac_drbg_self_test_entropy, entropy_pr,
|
||||
NULL, 0 ) );
|
||||
hmac_drbg_set_prediction_resistance( &ctx, POLARSSL_HMAC_DRBG_PR_ON );
|
||||
CHK( hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) );
|
||||
CHK( hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) );
|
||||
CHK( memcmp( buf, result_pr, OUTPUT_LEN ) );
|
||||
hmac_drbg_free( &ctx );
|
||||
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( "passed\n" );
|
||||
|
||||
/*
|
||||
* PR = False
|
||||
*/
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( " HMAC_DRBG (PR = False) : " );
|
||||
|
||||
test_offset = 0;
|
||||
CHK( hmac_drbg_init( &ctx, md_info,
|
||||
hmac_drbg_self_test_entropy, entropy_nopr,
|
||||
NULL, 0 ) );
|
||||
CHK( hmac_drbg_reseed( &ctx, NULL, 0 ) );
|
||||
CHK( hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) );
|
||||
CHK( hmac_drbg_random( &ctx, buf, OUTPUT_LEN ) );
|
||||
CHK( memcmp( buf, result_nopr, OUTPUT_LEN ) );
|
||||
hmac_drbg_free( &ctx );
|
||||
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( "passed\n" );
|
||||
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( "\n" );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
#endif /* POLARSSL_SHA1_C */
|
||||
#endif /* POLARSSL_SELF_TEST */
|
||||
|
||||
#endif /* POLARSSL_HMAC_DRBG_C */
|
||||
361
component/common/network/ssl/polarssl-1.3.8/library/rom/md.c
Normal file
361
component/common/network/ssl/polarssl-1.3.8/library/rom/md.c
Normal file
|
|
@ -0,0 +1,361 @@
|
|||
/**
|
||||
* \file md.c
|
||||
*
|
||||
* \brief Generic message digest wrapper for PolarSSL
|
||||
*
|
||||
* \author Adriaan de Jong <dejong@fox-it.com>
|
||||
*
|
||||
* Copyright (C) 2006-2014, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#include "polarssl/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_MD_C)
|
||||
|
||||
#include "polarssl/md.h"
|
||||
#include "polarssl/md_wrap.h"
|
||||
|
||||
#include <stdlib.h>
|
||||
|
||||
#if defined(_MSC_VER) && !defined strcasecmp && !defined(EFIX64) && \
|
||||
!defined(EFI32)
|
||||
#define strcasecmp _stricmp
|
||||
#endif
|
||||
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static void polarssl_zeroize( void *v, size_t n ) {
|
||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||
}
|
||||
|
||||
SSL_ROM_DATA_SECTION
|
||||
static const int supported_digests[] = {
|
||||
|
||||
#if defined(POLARSSL_SHA512_C)
|
||||
POLARSSL_MD_SHA384,
|
||||
POLARSSL_MD_SHA512,
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_SHA256_C)
|
||||
POLARSSL_MD_SHA224,
|
||||
POLARSSL_MD_SHA256,
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_SHA1_C)
|
||||
POLARSSL_MD_SHA1,
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_RIPEMD160_C)
|
||||
POLARSSL_MD_RIPEMD160,
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_MD5_C)
|
||||
POLARSSL_MD_MD5,
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_MD4_C)
|
||||
POLARSSL_MD_MD4,
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_MD2_C)
|
||||
POLARSSL_MD_MD2,
|
||||
#endif
|
||||
|
||||
POLARSSL_MD_NONE
|
||||
};
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
const int *md_list( void )
|
||||
{
|
||||
return( supported_digests );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
const md_info_t *md_info_from_string( const char *md_name )
|
||||
{
|
||||
if( NULL == md_name )
|
||||
return( NULL );
|
||||
|
||||
/* Get the appropriate digest information */
|
||||
#if defined(POLARSSL_MD2_C)
|
||||
if( !strcasecmp( "MD2", md_name ) )
|
||||
return md_info_from_type( POLARSSL_MD_MD2 );
|
||||
#endif
|
||||
#if defined(POLARSSL_MD4_C)
|
||||
if( !strcasecmp( "MD4", md_name ) )
|
||||
return md_info_from_type( POLARSSL_MD_MD4 );
|
||||
#endif
|
||||
#if defined(POLARSSL_MD5_C)
|
||||
if( !strcasecmp( "MD5", md_name ) )
|
||||
return md_info_from_type( POLARSSL_MD_MD5 );
|
||||
#endif
|
||||
#if defined(POLARSSL_RIPEMD160_C)
|
||||
if( !strcasecmp( "RIPEMD160", md_name ) )
|
||||
return md_info_from_type( POLARSSL_MD_RIPEMD160 );
|
||||
#endif
|
||||
#if defined(POLARSSL_SHA1_C)
|
||||
if( !strcasecmp( "SHA1", md_name ) || !strcasecmp( "SHA", md_name ) )
|
||||
return md_info_from_type( POLARSSL_MD_SHA1 );
|
||||
#endif
|
||||
#if defined(POLARSSL_SHA256_C)
|
||||
if( !strcasecmp( "SHA224", md_name ) )
|
||||
return md_info_from_type( POLARSSL_MD_SHA224 );
|
||||
if( !strcasecmp( "SHA256", md_name ) )
|
||||
return md_info_from_type( POLARSSL_MD_SHA256 );
|
||||
#endif
|
||||
#if defined(POLARSSL_SHA512_C)
|
||||
if( !strcasecmp( "SHA384", md_name ) )
|
||||
return md_info_from_type( POLARSSL_MD_SHA384 );
|
||||
if( !strcasecmp( "SHA512", md_name ) )
|
||||
return md_info_from_type( POLARSSL_MD_SHA512 );
|
||||
#endif
|
||||
return( NULL );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
const md_info_t *md_info_from_type( md_type_t md_type )
|
||||
{
|
||||
switch( md_type )
|
||||
{
|
||||
#if defined(POLARSSL_MD2_C)
|
||||
case POLARSSL_MD_MD2:
|
||||
return( &md2_info );
|
||||
#endif
|
||||
#if defined(POLARSSL_MD4_C)
|
||||
case POLARSSL_MD_MD4:
|
||||
return( &md4_info );
|
||||
#endif
|
||||
#if defined(POLARSSL_MD5_C)
|
||||
case POLARSSL_MD_MD5:
|
||||
return( &md5_info );
|
||||
#endif
|
||||
#if defined(POLARSSL_RIPEMD160_C)
|
||||
case POLARSSL_MD_RIPEMD160:
|
||||
return( &ripemd160_info );
|
||||
#endif
|
||||
#if defined(POLARSSL_SHA1_C)
|
||||
case POLARSSL_MD_SHA1:
|
||||
return( &sha1_info );
|
||||
#endif
|
||||
#if defined(POLARSSL_SHA256_C)
|
||||
case POLARSSL_MD_SHA224:
|
||||
return( &sha224_info );
|
||||
case POLARSSL_MD_SHA256:
|
||||
return( &sha256_info );
|
||||
#endif
|
||||
#if defined(POLARSSL_SHA512_C)
|
||||
case POLARSSL_MD_SHA384:
|
||||
return( &sha384_info );
|
||||
case POLARSSL_MD_SHA512:
|
||||
return( &sha512_info );
|
||||
#endif
|
||||
default:
|
||||
return( NULL );
|
||||
}
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void md_init( md_context_t *ctx )
|
||||
{
|
||||
memset( ctx, 0, sizeof( md_context_t ) );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void md_free( md_context_t *ctx )
|
||||
{
|
||||
if( ctx == NULL )
|
||||
return;
|
||||
|
||||
if( ctx->md_ctx )
|
||||
ctx->md_info->ctx_free_func( ctx->md_ctx );
|
||||
|
||||
polarssl_zeroize( ctx, sizeof( md_context_t ) );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int md_init_ctx( md_context_t *ctx, const md_info_t *md_info )
|
||||
{
|
||||
if( md_info == NULL || ctx == NULL )
|
||||
return( POLARSSL_ERR_MD_BAD_INPUT_DATA );
|
||||
|
||||
memset( ctx, 0, sizeof( md_context_t ) );
|
||||
|
||||
if( ( ctx->md_ctx = md_info->ctx_alloc_func() ) == NULL )
|
||||
return( POLARSSL_ERR_MD_ALLOC_FAILED );
|
||||
|
||||
ctx->md_info = md_info;
|
||||
|
||||
md_info->starts_func( ctx->md_ctx );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int md_free_ctx( md_context_t *ctx )
|
||||
{
|
||||
md_free( ctx );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int md_starts( md_context_t *ctx )
|
||||
{
|
||||
if( ctx == NULL || ctx->md_info == NULL )
|
||||
return( POLARSSL_ERR_MD_BAD_INPUT_DATA );
|
||||
|
||||
ctx->md_info->starts_func( ctx->md_ctx );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int md_update( md_context_t *ctx, const unsigned char *input, size_t ilen )
|
||||
{
|
||||
if( ctx == NULL || ctx->md_info == NULL )
|
||||
return( POLARSSL_ERR_MD_BAD_INPUT_DATA );
|
||||
|
||||
ctx->md_info->update_func( ctx->md_ctx, input, ilen );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int md_finish( md_context_t *ctx, unsigned char *output )
|
||||
{
|
||||
if( ctx == NULL || ctx->md_info == NULL )
|
||||
return( POLARSSL_ERR_MD_BAD_INPUT_DATA );
|
||||
|
||||
ctx->md_info->finish_func( ctx->md_ctx, output );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int md( const md_info_t *md_info, const unsigned char *input, size_t ilen,
|
||||
unsigned char *output )
|
||||
{
|
||||
if( md_info == NULL )
|
||||
return( POLARSSL_ERR_MD_BAD_INPUT_DATA );
|
||||
|
||||
md_info->digest_func( input, ilen, output );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int md_file( const md_info_t *md_info, const char *path, unsigned char *output )
|
||||
{
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
int ret;
|
||||
#endif
|
||||
|
||||
if( md_info == NULL )
|
||||
return( POLARSSL_ERR_MD_BAD_INPUT_DATA );
|
||||
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
ret = md_info->file_func( path, output );
|
||||
if( ret != 0 )
|
||||
return( POLARSSL_ERR_MD_FILE_IO_ERROR + ret );
|
||||
|
||||
return( ret );
|
||||
#else
|
||||
((void) path);
|
||||
((void) output);
|
||||
|
||||
return( POLARSSL_ERR_MD_FEATURE_UNAVAILABLE );
|
||||
#endif /* POLARSSL_FS_IO */
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int md_hmac_starts( md_context_t *ctx, const unsigned char *key, size_t keylen )
|
||||
{
|
||||
if( ctx == NULL || ctx->md_info == NULL )
|
||||
return( POLARSSL_ERR_MD_BAD_INPUT_DATA );
|
||||
|
||||
ctx->md_info->hmac_starts_func( ctx->md_ctx, key, keylen );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int md_hmac_update( md_context_t *ctx, const unsigned char *input, size_t ilen )
|
||||
{
|
||||
if( ctx == NULL || ctx->md_info == NULL )
|
||||
return( POLARSSL_ERR_MD_BAD_INPUT_DATA );
|
||||
|
||||
ctx->md_info->hmac_update_func( ctx->md_ctx, input, ilen );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int md_hmac_finish( md_context_t *ctx, unsigned char *output )
|
||||
{
|
||||
if( ctx == NULL || ctx->md_info == NULL )
|
||||
return( POLARSSL_ERR_MD_BAD_INPUT_DATA );
|
||||
|
||||
ctx->md_info->hmac_finish_func( ctx->md_ctx, output );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int md_hmac_reset( md_context_t *ctx )
|
||||
{
|
||||
if( ctx == NULL || ctx->md_info == NULL )
|
||||
return( POLARSSL_ERR_MD_BAD_INPUT_DATA );
|
||||
|
||||
ctx->md_info->hmac_reset_func( ctx->md_ctx );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int md_hmac( const md_info_t *md_info, const unsigned char *key, size_t keylen,
|
||||
const unsigned char *input, size_t ilen,
|
||||
unsigned char *output )
|
||||
{
|
||||
if( md_info == NULL )
|
||||
return( POLARSSL_ERR_MD_BAD_INPUT_DATA );
|
||||
|
||||
md_info->hmac_func( key, keylen, input, ilen, output );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int md_process( md_context_t *ctx, const unsigned char *data )
|
||||
{
|
||||
if( ctx == NULL || ctx->md_info == NULL )
|
||||
return( POLARSSL_ERR_MD_BAD_INPUT_DATA );
|
||||
|
||||
ctx->md_info->process_func( ctx->md_ctx, data );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
#endif /* POLARSSL_MD_C */
|
||||
630
component/common/network/ssl/polarssl-1.3.8/library/rom/md5.c
Normal file
630
component/common/network/ssl/polarssl-1.3.8/library/rom/md5.c
Normal file
|
|
@ -0,0 +1,630 @@
|
|||
/*
|
||||
* RFC 1321 compliant MD5 implementation
|
||||
*
|
||||
* Copyright (C) 2006-2014, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
/*
|
||||
* The MD5 algorithm was designed by Ron Rivest in 1991.
|
||||
*
|
||||
* http://www.ietf.org/rfc/rfc1321.txt
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#include "polarssl/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_MD5_C)
|
||||
|
||||
#include "polarssl/md5.h"
|
||||
|
||||
#if defined(POLARSSL_FS_IO) || defined(POLARSSL_SELF_TEST)
|
||||
#include <stdio.h>
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#include "polarssl/platform.h"
|
||||
#else
|
||||
#define polarssl_printf printf
|
||||
#endif
|
||||
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static void polarssl_zeroize( void *v, size_t n ) {
|
||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||
}
|
||||
|
||||
#if !defined(POLARSSL_MD5_ALT)
|
||||
|
||||
/*
|
||||
* 32-bit integer manipulation macros (little endian)
|
||||
*/
|
||||
#ifndef GET_UINT32_LE
|
||||
#define GET_UINT32_LE(n,b,i) \
|
||||
{ \
|
||||
(n) = ( (uint32_t) (b)[(i) ] ) \
|
||||
| ( (uint32_t) (b)[(i) + 1] << 8 ) \
|
||||
| ( (uint32_t) (b)[(i) + 2] << 16 ) \
|
||||
| ( (uint32_t) (b)[(i) + 3] << 24 ); \
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifndef PUT_UINT32_LE
|
||||
#define PUT_UINT32_LE(n,b,i) \
|
||||
{ \
|
||||
(b)[(i) ] = (unsigned char) ( (n) ); \
|
||||
(b)[(i) + 1] = (unsigned char) ( (n) >> 8 ); \
|
||||
(b)[(i) + 2] = (unsigned char) ( (n) >> 16 ); \
|
||||
(b)[(i) + 3] = (unsigned char) ( (n) >> 24 ); \
|
||||
}
|
||||
#endif
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void md5_init( md5_context *ctx )
|
||||
{
|
||||
memset( ctx, 0, sizeof( md5_context ) );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void md5_free( md5_context *ctx )
|
||||
{
|
||||
if( ctx == NULL )
|
||||
return;
|
||||
|
||||
polarssl_zeroize( ctx, sizeof( md5_context ) );
|
||||
}
|
||||
|
||||
/*
|
||||
* MD5 context setup
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void md5_starts( md5_context *ctx )
|
||||
{
|
||||
ctx->total[0] = 0;
|
||||
ctx->total[1] = 0;
|
||||
|
||||
ctx->state[0] = 0x67452301;
|
||||
ctx->state[1] = 0xEFCDAB89;
|
||||
ctx->state[2] = 0x98BADCFE;
|
||||
ctx->state[3] = 0x10325476;
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void md5_process( md5_context *ctx, const unsigned char data[64] )
|
||||
{
|
||||
uint32_t X[16], A, B, C, D;
|
||||
|
||||
GET_UINT32_LE( X[ 0], data, 0 );
|
||||
GET_UINT32_LE( X[ 1], data, 4 );
|
||||
GET_UINT32_LE( X[ 2], data, 8 );
|
||||
GET_UINT32_LE( X[ 3], data, 12 );
|
||||
GET_UINT32_LE( X[ 4], data, 16 );
|
||||
GET_UINT32_LE( X[ 5], data, 20 );
|
||||
GET_UINT32_LE( X[ 6], data, 24 );
|
||||
GET_UINT32_LE( X[ 7], data, 28 );
|
||||
GET_UINT32_LE( X[ 8], data, 32 );
|
||||
GET_UINT32_LE( X[ 9], data, 36 );
|
||||
GET_UINT32_LE( X[10], data, 40 );
|
||||
GET_UINT32_LE( X[11], data, 44 );
|
||||
GET_UINT32_LE( X[12], data, 48 );
|
||||
GET_UINT32_LE( X[13], data, 52 );
|
||||
GET_UINT32_LE( X[14], data, 56 );
|
||||
GET_UINT32_LE( X[15], data, 60 );
|
||||
|
||||
#define S(x,n) ((x << n) | ((x & 0xFFFFFFFF) >> (32 - n)))
|
||||
|
||||
#define P(a,b,c,d,k,s,t) \
|
||||
{ \
|
||||
a += F(b,c,d) + X[k] + t; a = S(a,s) + b; \
|
||||
}
|
||||
|
||||
A = ctx->state[0];
|
||||
B = ctx->state[1];
|
||||
C = ctx->state[2];
|
||||
D = ctx->state[3];
|
||||
|
||||
#define F(x,y,z) (z ^ (x & (y ^ z)))
|
||||
|
||||
P( A, B, C, D, 0, 7, 0xD76AA478 );
|
||||
P( D, A, B, C, 1, 12, 0xE8C7B756 );
|
||||
P( C, D, A, B, 2, 17, 0x242070DB );
|
||||
P( B, C, D, A, 3, 22, 0xC1BDCEEE );
|
||||
P( A, B, C, D, 4, 7, 0xF57C0FAF );
|
||||
P( D, A, B, C, 5, 12, 0x4787C62A );
|
||||
P( C, D, A, B, 6, 17, 0xA8304613 );
|
||||
P( B, C, D, A, 7, 22, 0xFD469501 );
|
||||
P( A, B, C, D, 8, 7, 0x698098D8 );
|
||||
P( D, A, B, C, 9, 12, 0x8B44F7AF );
|
||||
P( C, D, A, B, 10, 17, 0xFFFF5BB1 );
|
||||
P( B, C, D, A, 11, 22, 0x895CD7BE );
|
||||
P( A, B, C, D, 12, 7, 0x6B901122 );
|
||||
P( D, A, B, C, 13, 12, 0xFD987193 );
|
||||
P( C, D, A, B, 14, 17, 0xA679438E );
|
||||
P( B, C, D, A, 15, 22, 0x49B40821 );
|
||||
|
||||
#undef F
|
||||
|
||||
#define F(x,y,z) (y ^ (z & (x ^ y)))
|
||||
|
||||
P( A, B, C, D, 1, 5, 0xF61E2562 );
|
||||
P( D, A, B, C, 6, 9, 0xC040B340 );
|
||||
P( C, D, A, B, 11, 14, 0x265E5A51 );
|
||||
P( B, C, D, A, 0, 20, 0xE9B6C7AA );
|
||||
P( A, B, C, D, 5, 5, 0xD62F105D );
|
||||
P( D, A, B, C, 10, 9, 0x02441453 );
|
||||
P( C, D, A, B, 15, 14, 0xD8A1E681 );
|
||||
P( B, C, D, A, 4, 20, 0xE7D3FBC8 );
|
||||
P( A, B, C, D, 9, 5, 0x21E1CDE6 );
|
||||
P( D, A, B, C, 14, 9, 0xC33707D6 );
|
||||
P( C, D, A, B, 3, 14, 0xF4D50D87 );
|
||||
P( B, C, D, A, 8, 20, 0x455A14ED );
|
||||
P( A, B, C, D, 13, 5, 0xA9E3E905 );
|
||||
P( D, A, B, C, 2, 9, 0xFCEFA3F8 );
|
||||
P( C, D, A, B, 7, 14, 0x676F02D9 );
|
||||
P( B, C, D, A, 12, 20, 0x8D2A4C8A );
|
||||
|
||||
#undef F
|
||||
|
||||
#define F(x,y,z) (x ^ y ^ z)
|
||||
|
||||
P( A, B, C, D, 5, 4, 0xFFFA3942 );
|
||||
P( D, A, B, C, 8, 11, 0x8771F681 );
|
||||
P( C, D, A, B, 11, 16, 0x6D9D6122 );
|
||||
P( B, C, D, A, 14, 23, 0xFDE5380C );
|
||||
P( A, B, C, D, 1, 4, 0xA4BEEA44 );
|
||||
P( D, A, B, C, 4, 11, 0x4BDECFA9 );
|
||||
P( C, D, A, B, 7, 16, 0xF6BB4B60 );
|
||||
P( B, C, D, A, 10, 23, 0xBEBFBC70 );
|
||||
P( A, B, C, D, 13, 4, 0x289B7EC6 );
|
||||
P( D, A, B, C, 0, 11, 0xEAA127FA );
|
||||
P( C, D, A, B, 3, 16, 0xD4EF3085 );
|
||||
P( B, C, D, A, 6, 23, 0x04881D05 );
|
||||
P( A, B, C, D, 9, 4, 0xD9D4D039 );
|
||||
P( D, A, B, C, 12, 11, 0xE6DB99E5 );
|
||||
P( C, D, A, B, 15, 16, 0x1FA27CF8 );
|
||||
P( B, C, D, A, 2, 23, 0xC4AC5665 );
|
||||
|
||||
#undef F
|
||||
|
||||
#define F(x,y,z) (y ^ (x | ~z))
|
||||
|
||||
P( A, B, C, D, 0, 6, 0xF4292244 );
|
||||
P( D, A, B, C, 7, 10, 0x432AFF97 );
|
||||
P( C, D, A, B, 14, 15, 0xAB9423A7 );
|
||||
P( B, C, D, A, 5, 21, 0xFC93A039 );
|
||||
P( A, B, C, D, 12, 6, 0x655B59C3 );
|
||||
P( D, A, B, C, 3, 10, 0x8F0CCC92 );
|
||||
P( C, D, A, B, 10, 15, 0xFFEFF47D );
|
||||
P( B, C, D, A, 1, 21, 0x85845DD1 );
|
||||
P( A, B, C, D, 8, 6, 0x6FA87E4F );
|
||||
P( D, A, B, C, 15, 10, 0xFE2CE6E0 );
|
||||
P( C, D, A, B, 6, 15, 0xA3014314 );
|
||||
P( B, C, D, A, 13, 21, 0x4E0811A1 );
|
||||
P( A, B, C, D, 4, 6, 0xF7537E82 );
|
||||
P( D, A, B, C, 11, 10, 0xBD3AF235 );
|
||||
P( C, D, A, B, 2, 15, 0x2AD7D2BB );
|
||||
P( B, C, D, A, 9, 21, 0xEB86D391 );
|
||||
|
||||
#undef F
|
||||
|
||||
ctx->state[0] += A;
|
||||
ctx->state[1] += B;
|
||||
ctx->state[2] += C;
|
||||
ctx->state[3] += D;
|
||||
}
|
||||
|
||||
/*
|
||||
* MD5 process buffer
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void md5_update( md5_context *ctx, const unsigned char *input, size_t ilen )
|
||||
{
|
||||
size_t fill;
|
||||
uint32_t left;
|
||||
|
||||
if( ilen == 0 )
|
||||
return;
|
||||
|
||||
left = ctx->total[0] & 0x3F;
|
||||
fill = 64 - left;
|
||||
|
||||
ctx->total[0] += (uint32_t) ilen;
|
||||
ctx->total[0] &= 0xFFFFFFFF;
|
||||
|
||||
if( ctx->total[0] < (uint32_t) ilen )
|
||||
ctx->total[1]++;
|
||||
|
||||
if( left && ilen >= fill )
|
||||
{
|
||||
memcpy( (void *) (ctx->buffer + left), input, fill );
|
||||
md5_process( ctx, ctx->buffer );
|
||||
input += fill;
|
||||
ilen -= fill;
|
||||
left = 0;
|
||||
}
|
||||
|
||||
while( ilen >= 64 )
|
||||
{
|
||||
md5_process( ctx, input );
|
||||
input += 64;
|
||||
ilen -= 64;
|
||||
}
|
||||
|
||||
if( ilen > 0 )
|
||||
{
|
||||
memcpy( (void *) (ctx->buffer + left), input, ilen );
|
||||
}
|
||||
}
|
||||
|
||||
SSL_ROM_DATA_SECTION
|
||||
static const unsigned char md5_padding[64] =
|
||||
{
|
||||
0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
|
||||
};
|
||||
|
||||
/*
|
||||
* MD5 final digest
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void md5_finish( md5_context *ctx, unsigned char output[16] )
|
||||
{
|
||||
uint32_t last, padn;
|
||||
uint32_t high, low;
|
||||
unsigned char msglen[8];
|
||||
|
||||
high = ( ctx->total[0] >> 29 )
|
||||
| ( ctx->total[1] << 3 );
|
||||
low = ( ctx->total[0] << 3 );
|
||||
|
||||
PUT_UINT32_LE( low, msglen, 0 );
|
||||
PUT_UINT32_LE( high, msglen, 4 );
|
||||
|
||||
last = ctx->total[0] & 0x3F;
|
||||
padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
|
||||
|
||||
md5_update( ctx, md5_padding, padn );
|
||||
md5_update( ctx, msglen, 8 );
|
||||
|
||||
PUT_UINT32_LE( ctx->state[0], output, 0 );
|
||||
PUT_UINT32_LE( ctx->state[1], output, 4 );
|
||||
PUT_UINT32_LE( ctx->state[2], output, 8 );
|
||||
PUT_UINT32_LE( ctx->state[3], output, 12 );
|
||||
}
|
||||
|
||||
#endif /* !POLARSSL_MD5_ALT */
|
||||
|
||||
/*
|
||||
* output = MD5( input buffer )
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void md5( const unsigned char *input, size_t ilen, unsigned char output[16] )
|
||||
{
|
||||
md5_context ctx;
|
||||
|
||||
md5_init( &ctx );
|
||||
md5_starts( &ctx );
|
||||
md5_update( &ctx, input, ilen );
|
||||
md5_finish( &ctx, output );
|
||||
md5_free( &ctx );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
/*
|
||||
* output = MD5( file contents )
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int md5_file( const char *path, unsigned char output[16] )
|
||||
{
|
||||
FILE *f;
|
||||
size_t n;
|
||||
md5_context ctx;
|
||||
unsigned char buf[1024];
|
||||
|
||||
if( ( f = fopen( path, "rb" ) ) == NULL )
|
||||
return( POLARSSL_ERR_MD5_FILE_IO_ERROR );
|
||||
|
||||
md5_init( &ctx );
|
||||
md5_starts( &ctx );
|
||||
|
||||
while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
|
||||
md5_update( &ctx, buf, n );
|
||||
|
||||
md5_finish( &ctx, output );
|
||||
md5_free( &ctx );
|
||||
|
||||
if( ferror( f ) != 0 )
|
||||
{
|
||||
fclose( f );
|
||||
return( POLARSSL_ERR_MD5_FILE_IO_ERROR );
|
||||
}
|
||||
|
||||
fclose( f );
|
||||
return( 0 );
|
||||
}
|
||||
#endif /* POLARSSL_FS_IO */
|
||||
|
||||
/*
|
||||
* MD5 HMAC context setup
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void md5_hmac_starts( md5_context *ctx, const unsigned char *key,
|
||||
size_t keylen )
|
||||
{
|
||||
size_t i;
|
||||
unsigned char sum[16];
|
||||
|
||||
if( keylen > 64 )
|
||||
{
|
||||
md5( key, keylen, sum );
|
||||
keylen = 16;
|
||||
key = sum;
|
||||
}
|
||||
|
||||
memset( ctx->ipad, 0x36, 64 );
|
||||
memset( ctx->opad, 0x5C, 64 );
|
||||
|
||||
for( i = 0; i < keylen; i++ )
|
||||
{
|
||||
ctx->ipad[i] = (unsigned char)( ctx->ipad[i] ^ key[i] );
|
||||
ctx->opad[i] = (unsigned char)( ctx->opad[i] ^ key[i] );
|
||||
}
|
||||
|
||||
md5_starts( ctx );
|
||||
md5_update( ctx, ctx->ipad, 64 );
|
||||
|
||||
polarssl_zeroize( sum, sizeof( sum ) );
|
||||
}
|
||||
|
||||
/*
|
||||
* MD5 HMAC process buffer
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void md5_hmac_update( md5_context *ctx, const unsigned char *input,
|
||||
size_t ilen )
|
||||
{
|
||||
md5_update( ctx, input, ilen );
|
||||
}
|
||||
|
||||
/*
|
||||
* MD5 HMAC final digest
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void md5_hmac_finish( md5_context *ctx, unsigned char output[16] )
|
||||
{
|
||||
unsigned char tmpbuf[16];
|
||||
|
||||
md5_finish( ctx, tmpbuf );
|
||||
md5_starts( ctx );
|
||||
md5_update( ctx, ctx->opad, 64 );
|
||||
md5_update( ctx, tmpbuf, 16 );
|
||||
md5_finish( ctx, output );
|
||||
|
||||
polarssl_zeroize( tmpbuf, sizeof( tmpbuf ) );
|
||||
}
|
||||
|
||||
/*
|
||||
* MD5 HMAC context reset
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void md5_hmac_reset( md5_context *ctx )
|
||||
{
|
||||
md5_starts( ctx );
|
||||
md5_update( ctx, ctx->ipad, 64 );
|
||||
}
|
||||
|
||||
/*
|
||||
* output = HMAC-MD5( hmac key, input buffer )
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void md5_hmac( const unsigned char *key, size_t keylen,
|
||||
const unsigned char *input, size_t ilen,
|
||||
unsigned char output[16] )
|
||||
{
|
||||
md5_context ctx;
|
||||
|
||||
md5_init( &ctx );
|
||||
md5_hmac_starts( &ctx, key, keylen );
|
||||
md5_hmac_update( &ctx, input, ilen );
|
||||
md5_hmac_finish( &ctx, output );
|
||||
md5_free( &ctx );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_SELF_TEST)
|
||||
/*
|
||||
* RFC 1321 test vectors
|
||||
*/
|
||||
static unsigned char md5_test_buf[7][81] =
|
||||
{
|
||||
{ "" },
|
||||
{ "a" },
|
||||
{ "abc" },
|
||||
{ "message digest" },
|
||||
{ "abcdefghijklmnopqrstuvwxyz" },
|
||||
{ "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789" },
|
||||
{ "12345678901234567890123456789012345678901234567890123456789012" \
|
||||
"345678901234567890" }
|
||||
};
|
||||
|
||||
static const int md5_test_buflen[7] =
|
||||
{
|
||||
0, 1, 3, 14, 26, 62, 80
|
||||
};
|
||||
|
||||
static const unsigned char md5_test_sum[7][16] =
|
||||
{
|
||||
{ 0xD4, 0x1D, 0x8C, 0xD9, 0x8F, 0x00, 0xB2, 0x04,
|
||||
0xE9, 0x80, 0x09, 0x98, 0xEC, 0xF8, 0x42, 0x7E },
|
||||
{ 0x0C, 0xC1, 0x75, 0xB9, 0xC0, 0xF1, 0xB6, 0xA8,
|
||||
0x31, 0xC3, 0x99, 0xE2, 0x69, 0x77, 0x26, 0x61 },
|
||||
{ 0x90, 0x01, 0x50, 0x98, 0x3C, 0xD2, 0x4F, 0xB0,
|
||||
0xD6, 0x96, 0x3F, 0x7D, 0x28, 0xE1, 0x7F, 0x72 },
|
||||
{ 0xF9, 0x6B, 0x69, 0x7D, 0x7C, 0xB7, 0x93, 0x8D,
|
||||
0x52, 0x5A, 0x2F, 0x31, 0xAA, 0xF1, 0x61, 0xD0 },
|
||||
{ 0xC3, 0xFC, 0xD3, 0xD7, 0x61, 0x92, 0xE4, 0x00,
|
||||
0x7D, 0xFB, 0x49, 0x6C, 0xCA, 0x67, 0xE1, 0x3B },
|
||||
{ 0xD1, 0x74, 0xAB, 0x98, 0xD2, 0x77, 0xD9, 0xF5,
|
||||
0xA5, 0x61, 0x1C, 0x2C, 0x9F, 0x41, 0x9D, 0x9F },
|
||||
{ 0x57, 0xED, 0xF4, 0xA2, 0x2B, 0xE3, 0xC9, 0x55,
|
||||
0xAC, 0x49, 0xDA, 0x2E, 0x21, 0x07, 0xB6, 0x7A }
|
||||
};
|
||||
|
||||
/*
|
||||
* RFC 2202 test vectors
|
||||
*/
|
||||
static unsigned char md5_hmac_test_key[7][26] =
|
||||
{
|
||||
{ "\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B" },
|
||||
{ "Jefe" },
|
||||
{ "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" },
|
||||
{ "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10"
|
||||
"\x11\x12\x13\x14\x15\x16\x17\x18\x19" },
|
||||
{ "\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C" },
|
||||
{ "" }, /* 0xAA 80 times */
|
||||
{ "" }
|
||||
};
|
||||
|
||||
static const int md5_hmac_test_keylen[7] =
|
||||
{
|
||||
16, 4, 16, 25, 16, 80, 80
|
||||
};
|
||||
|
||||
static unsigned char md5_hmac_test_buf[7][74] =
|
||||
{
|
||||
{ "Hi There" },
|
||||
{ "what do ya want for nothing?" },
|
||||
{ "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
|
||||
"\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
|
||||
"\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
|
||||
"\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
|
||||
"\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" },
|
||||
{ "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
|
||||
"\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
|
||||
"\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
|
||||
"\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
|
||||
"\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" },
|
||||
{ "Test With Truncation" },
|
||||
{ "Test Using Larger Than Block-Size Key - Hash Key First" },
|
||||
{ "Test Using Larger Than Block-Size Key and Larger"
|
||||
" Than One Block-Size Data" }
|
||||
};
|
||||
|
||||
static const int md5_hmac_test_buflen[7] =
|
||||
{
|
||||
8, 28, 50, 50, 20, 54, 73
|
||||
};
|
||||
|
||||
static const unsigned char md5_hmac_test_sum[7][16] =
|
||||
{
|
||||
{ 0x92, 0x94, 0x72, 0x7A, 0x36, 0x38, 0xBB, 0x1C,
|
||||
0x13, 0xF4, 0x8E, 0xF8, 0x15, 0x8B, 0xFC, 0x9D },
|
||||
{ 0x75, 0x0C, 0x78, 0x3E, 0x6A, 0xB0, 0xB5, 0x03,
|
||||
0xEA, 0xA8, 0x6E, 0x31, 0x0A, 0x5D, 0xB7, 0x38 },
|
||||
{ 0x56, 0xBE, 0x34, 0x52, 0x1D, 0x14, 0x4C, 0x88,
|
||||
0xDB, 0xB8, 0xC7, 0x33, 0xF0, 0xE8, 0xB3, 0xF6 },
|
||||
{ 0x69, 0x7E, 0xAF, 0x0A, 0xCA, 0x3A, 0x3A, 0xEA,
|
||||
0x3A, 0x75, 0x16, 0x47, 0x46, 0xFF, 0xAA, 0x79 },
|
||||
{ 0x56, 0x46, 0x1E, 0xF2, 0x34, 0x2E, 0xDC, 0x00,
|
||||
0xF9, 0xBA, 0xB9, 0x95 },
|
||||
{ 0x6B, 0x1A, 0xB7, 0xFE, 0x4B, 0xD7, 0xBF, 0x8F,
|
||||
0x0B, 0x62, 0xE6, 0xCE, 0x61, 0xB9, 0xD0, 0xCD },
|
||||
{ 0x6F, 0x63, 0x0F, 0xAD, 0x67, 0xCD, 0xA0, 0xEE,
|
||||
0x1F, 0xB1, 0xF5, 0x62, 0xDB, 0x3A, 0xA5, 0x3E }
|
||||
};
|
||||
|
||||
/*
|
||||
* Checkup routine
|
||||
*/
|
||||
int md5_self_test( int verbose )
|
||||
{
|
||||
int i, buflen;
|
||||
unsigned char buf[1024];
|
||||
unsigned char md5sum[16];
|
||||
md5_context ctx;
|
||||
|
||||
for( i = 0; i < 7; i++ )
|
||||
{
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( " MD5 test #%d: ", i + 1 );
|
||||
|
||||
md5( md5_test_buf[i], md5_test_buflen[i], md5sum );
|
||||
|
||||
if( memcmp( md5sum, md5_test_sum[i], 16 ) != 0 )
|
||||
{
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( "failed\n" );
|
||||
|
||||
return( 1 );
|
||||
}
|
||||
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( "passed\n" );
|
||||
}
|
||||
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( "\n" );
|
||||
|
||||
for( i = 0; i < 7; i++ )
|
||||
{
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( " HMAC-MD5 test #%d: ", i + 1 );
|
||||
|
||||
if( i == 5 || i == 6 )
|
||||
{
|
||||
memset( buf, '\xAA', buflen = 80 );
|
||||
md5_hmac_starts( &ctx, buf, buflen );
|
||||
}
|
||||
else
|
||||
md5_hmac_starts( &ctx, md5_hmac_test_key[i],
|
||||
md5_hmac_test_keylen[i] );
|
||||
|
||||
md5_hmac_update( &ctx, md5_hmac_test_buf[i],
|
||||
md5_hmac_test_buflen[i] );
|
||||
|
||||
md5_hmac_finish( &ctx, md5sum );
|
||||
|
||||
buflen = ( i == 4 ) ? 12 : 16;
|
||||
|
||||
if( memcmp( md5sum, md5_hmac_test_sum[i], buflen ) != 0 )
|
||||
{
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( "failed\n" );
|
||||
|
||||
return( 1 );
|
||||
}
|
||||
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( "passed\n" );
|
||||
}
|
||||
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( "\n" );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
#endif /* POLARSSL_SELF_TEST */
|
||||
|
||||
#endif /* POLARSSL_MD5_C */
|
||||
1072
component/common/network/ssl/polarssl-1.3.8/library/rom/md_wrap.c
Normal file
1072
component/common/network/ssl/polarssl-1.3.8/library/rom/md_wrap.c
Normal file
File diff suppressed because it is too large
Load diff
695
component/common/network/ssl/polarssl-1.3.8/library/rom/oid.c
Normal file
695
component/common/network/ssl/polarssl-1.3.8/library/rom/oid.c
Normal file
|
|
@ -0,0 +1,695 @@
|
|||
/**
|
||||
* \file oid.c
|
||||
*
|
||||
* \brief Object Identifier (OID) database
|
||||
*
|
||||
* Copyright (C) 2006-2014, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#include "polarssl/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_OID_C)
|
||||
|
||||
#include "polarssl/oid.h"
|
||||
#include "polarssl/rsa.h"
|
||||
|
||||
#if defined(POLARSSL_X509_USE_C) || defined(POLARSSL_X509_CREATE_C)
|
||||
#include "polarssl/x509.h"
|
||||
#endif
|
||||
|
||||
#include <stdio.h>
|
||||
|
||||
/*
|
||||
* Macro to automatically add the size of #define'd OIDs
|
||||
*/
|
||||
#define ADD_LEN(s) s, OID_SIZE(s)
|
||||
|
||||
/*
|
||||
* Macro to generate an internal function for oid_XXX_from_asn1() (used by
|
||||
* the other functions)
|
||||
*/
|
||||
#define FN_OID_TYPED_FROM_ASN1( TYPE_T, NAME, LIST ) \
|
||||
SSL_ROM_TEXT_SECTION static const TYPE_T * oid_ ## NAME ## _from_asn1( const asn1_buf *oid ) \
|
||||
{ \
|
||||
const TYPE_T *p = LIST; \
|
||||
const oid_descriptor_t *cur = (const oid_descriptor_t *) p; \
|
||||
if( p == NULL || oid == NULL ) return( NULL ); \
|
||||
while( cur->asn1 != NULL ) { \
|
||||
if( cur->asn1_len == oid->len && \
|
||||
memcmp( cur->asn1, oid->p, oid->len ) == 0 ) { \
|
||||
return( p ); \
|
||||
} \
|
||||
p++; \
|
||||
cur = (const oid_descriptor_t *) p; \
|
||||
} \
|
||||
return( NULL ); \
|
||||
}
|
||||
|
||||
/*
|
||||
* Macro to generate a function for retrieving a single attribute from the
|
||||
* descriptor of an oid_descriptor_t wrapper.
|
||||
*/
|
||||
#define FN_OID_GET_DESCRIPTOR_ATTR1(FN_NAME, TYPE_T, TYPE_NAME, ATTR1_TYPE, ATTR1) \
|
||||
SSL_ROM_TEXT_SECTION int FN_NAME( const asn1_buf *oid, ATTR1_TYPE * ATTR1 ) \
|
||||
{ \
|
||||
const TYPE_T *data = oid_ ## TYPE_NAME ## _from_asn1( oid ); \
|
||||
if( data == NULL ) return( POLARSSL_ERR_OID_NOT_FOUND ); \
|
||||
*ATTR1 = data->descriptor.ATTR1; \
|
||||
return( 0 ); \
|
||||
}
|
||||
|
||||
/*
|
||||
* Macro to generate a function for retrieving a single attribute from an
|
||||
* oid_descriptor_t wrapper.
|
||||
*/
|
||||
#define FN_OID_GET_ATTR1(FN_NAME, TYPE_T, TYPE_NAME, ATTR1_TYPE, ATTR1) \
|
||||
SSL_ROM_TEXT_SECTION int FN_NAME( const asn1_buf *oid, ATTR1_TYPE * ATTR1 ) \
|
||||
{ \
|
||||
const TYPE_T *data = oid_ ## TYPE_NAME ## _from_asn1( oid ); \
|
||||
if( data == NULL ) return( POLARSSL_ERR_OID_NOT_FOUND ); \
|
||||
*ATTR1 = data->ATTR1; \
|
||||
return( 0 ); \
|
||||
}
|
||||
|
||||
/*
|
||||
* Macro to generate a function for retrieving two attributes from an
|
||||
* oid_descriptor_t wrapper.
|
||||
*/
|
||||
#define FN_OID_GET_ATTR2(FN_NAME, TYPE_T, TYPE_NAME, ATTR1_TYPE, ATTR1, \
|
||||
ATTR2_TYPE, ATTR2) \
|
||||
SSL_ROM_TEXT_SECTION int FN_NAME( const asn1_buf *oid, ATTR1_TYPE * ATTR1, ATTR2_TYPE * ATTR2 ) \
|
||||
{ \
|
||||
const TYPE_T *data = oid_ ## TYPE_NAME ## _from_asn1( oid ); \
|
||||
if( data == NULL ) return( POLARSSL_ERR_OID_NOT_FOUND ); \
|
||||
*ATTR1 = data->ATTR1; \
|
||||
*ATTR2 = data->ATTR2; \
|
||||
return( 0 ); \
|
||||
}
|
||||
|
||||
/*
|
||||
* Macro to generate a function for retrieving the OID based on a single
|
||||
* attribute from a oid_descriptor_t wrapper.
|
||||
*/
|
||||
#define FN_OID_GET_OID_BY_ATTR1(FN_NAME, TYPE_T, LIST, ATTR1_TYPE, ATTR1) \
|
||||
SSL_ROM_TEXT_SECTION int FN_NAME( ATTR1_TYPE ATTR1, const char **oid, size_t *olen ) \
|
||||
{ \
|
||||
const TYPE_T *cur = LIST; \
|
||||
while( cur->descriptor.asn1 != NULL ) { \
|
||||
if( cur->ATTR1 == ATTR1 ) { \
|
||||
*oid = cur->descriptor.asn1; \
|
||||
*olen = cur->descriptor.asn1_len; \
|
||||
return( 0 ); \
|
||||
} \
|
||||
cur++; \
|
||||
} \
|
||||
return( POLARSSL_ERR_OID_NOT_FOUND ); \
|
||||
}
|
||||
|
||||
/*
|
||||
* Macro to generate a function for retrieving the OID based on two
|
||||
* attributes from a oid_descriptor_t wrapper.
|
||||
*/
|
||||
#define FN_OID_GET_OID_BY_ATTR2(FN_NAME, TYPE_T, LIST, ATTR1_TYPE, ATTR1, \
|
||||
ATTR2_TYPE, ATTR2) \
|
||||
SSL_ROM_TEXT_SECTION int FN_NAME( ATTR1_TYPE ATTR1, ATTR2_TYPE ATTR2, const char **oid , \
|
||||
size_t *olen ) \
|
||||
{ \
|
||||
const TYPE_T *cur = LIST; \
|
||||
while( cur->descriptor.asn1 != NULL ) { \
|
||||
if( cur->ATTR1 == ATTR1 && cur->ATTR2 == ATTR2 ) { \
|
||||
*oid = cur->descriptor.asn1; \
|
||||
*olen = cur->descriptor.asn1_len; \
|
||||
return( 0 ); \
|
||||
} \
|
||||
cur++; \
|
||||
} \
|
||||
return( POLARSSL_ERR_OID_NOT_FOUND ); \
|
||||
}
|
||||
|
||||
/*
|
||||
* For X520 attribute types
|
||||
*/
|
||||
typedef struct {
|
||||
oid_descriptor_t descriptor;
|
||||
const char *short_name;
|
||||
} oid_x520_attr_t;
|
||||
|
||||
SSL_ROM_DATA_SECTION
|
||||
static const oid_x520_attr_t oid_x520_attr_type[] =
|
||||
{
|
||||
{
|
||||
{ ADD_LEN( OID_AT_CN ), "id-at-commonName", "Common Name" },
|
||||
"CN",
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_AT_COUNTRY ), "id-at-countryName", "Country" },
|
||||
"C",
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_AT_LOCALITY ), "id-at-locality", "Locality" },
|
||||
"L",
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_AT_STATE ), "id-at-state", "State" },
|
||||
"ST",
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_AT_ORGANIZATION ),"id-at-organizationName", "Organization" },
|
||||
"O",
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_AT_ORG_UNIT ), "id-at-organizationalUnitName", "Org Unit" },
|
||||
"OU",
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_PKCS9_EMAIL ), "emailAddress", "E-mail address" },
|
||||
"emailAddress",
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_AT_SERIAL_NUMBER ),"id-at-serialNumber", "Serial number" },
|
||||
"serialNumber",
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_AT_POSTAL_ADDRESS ),"id-at-postalAddress", "Postal address" },
|
||||
"postalAddress",
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_AT_POSTAL_CODE ), "id-at-postalCode", "Postal code" },
|
||||
"postalCode",
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_AT_SUR_NAME ), "id-at-surName", "Surname" },
|
||||
"SN",
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_AT_GIVEN_NAME ), "id-at-givenName", "Given name" },
|
||||
"GN",
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_AT_INITIALS ), "id-at-initials", "Initials" },
|
||||
"initials",
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_AT_GENERATION_QUALIFIER ), "id-at-generationQualifier", "Generation qualifier" },
|
||||
"generationQualifier",
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_AT_TITLE ), "id-at-title", "Title" },
|
||||
"title",
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_AT_DN_QUALIFIER ),"id-at-dnQualifier", "Distinguished Name qualifier" },
|
||||
"dnQualifier",
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_AT_PSEUDONYM ), "id-at-pseudonym", "Pseudonym" },
|
||||
"pseudonym",
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_DOMAIN_COMPONENT ), "id-domainComponent", "Domain component" },
|
||||
"DC",
|
||||
},
|
||||
{
|
||||
{ NULL, 0, NULL, NULL },
|
||||
NULL,
|
||||
}
|
||||
};
|
||||
|
||||
FN_OID_TYPED_FROM_ASN1(oid_x520_attr_t, x520_attr, oid_x520_attr_type);
|
||||
FN_OID_GET_ATTR1(oid_get_attr_short_name, oid_x520_attr_t, x520_attr, const char *, short_name);
|
||||
|
||||
#if defined(POLARSSL_X509_USE_C) || defined(POLARSSL_X509_CREATE_C)
|
||||
/*
|
||||
* For X509 extensions
|
||||
*/
|
||||
typedef struct {
|
||||
oid_descriptor_t descriptor;
|
||||
int ext_type;
|
||||
} oid_x509_ext_t;
|
||||
|
||||
SSL_ROM_DATA_SECTION
|
||||
static const oid_x509_ext_t oid_x509_ext[] =
|
||||
{
|
||||
{
|
||||
{ ADD_LEN( OID_BASIC_CONSTRAINTS ), "id-ce-basicConstraints", "Basic Constraints" },
|
||||
EXT_BASIC_CONSTRAINTS,
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_KEY_USAGE ), "id-ce-keyUsage", "Key Usage" },
|
||||
EXT_KEY_USAGE,
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_EXTENDED_KEY_USAGE ), "id-ce-keyUsage", "Extended Key Usage" },
|
||||
EXT_EXTENDED_KEY_USAGE,
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_SUBJECT_ALT_NAME ), "id-ce-subjectAltName", "Subject Alt Name" },
|
||||
EXT_SUBJECT_ALT_NAME,
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_NS_CERT_TYPE ), "id-netscape-certtype", "Netscape Certificate Type" },
|
||||
EXT_NS_CERT_TYPE,
|
||||
},
|
||||
{
|
||||
{ NULL, 0, NULL, NULL },
|
||||
0,
|
||||
},
|
||||
};
|
||||
|
||||
FN_OID_TYPED_FROM_ASN1(oid_x509_ext_t, x509_ext, oid_x509_ext);
|
||||
FN_OID_GET_ATTR1(oid_get_x509_ext_type, oid_x509_ext_t, x509_ext, int, ext_type);
|
||||
|
||||
SSL_ROM_DATA_SECTION
|
||||
static const oid_descriptor_t oid_ext_key_usage[] =
|
||||
{
|
||||
{ ADD_LEN( OID_SERVER_AUTH ), "id-kp-serverAuth", "TLS Web Server Authentication" },
|
||||
{ ADD_LEN( OID_CLIENT_AUTH ), "id-kp-clientAuth", "TLS Web Client Authentication" },
|
||||
{ ADD_LEN( OID_CODE_SIGNING ), "id-kp-codeSigning", "Code Signing" },
|
||||
{ ADD_LEN( OID_EMAIL_PROTECTION ), "id-kp-emailProtection", "E-mail Protection" },
|
||||
{ ADD_LEN( OID_TIME_STAMPING ), "id-kp-timeStamping", "Time Stamping" },
|
||||
{ ADD_LEN( OID_OCSP_SIGNING ), "id-kp-OCSPSigning", "OCSP Signing" },
|
||||
{ NULL, 0, NULL, NULL },
|
||||
};
|
||||
|
||||
FN_OID_TYPED_FROM_ASN1(oid_descriptor_t, ext_key_usage, oid_ext_key_usage);
|
||||
FN_OID_GET_ATTR1(oid_get_extended_key_usage, oid_descriptor_t, ext_key_usage, const char *, description);
|
||||
#endif /* POLARSSL_X509_USE_C || POLARSSL_X509_CREATE_C */
|
||||
|
||||
#if defined(POLARSSL_MD_C)
|
||||
/*
|
||||
* For SignatureAlgorithmIdentifier
|
||||
*/
|
||||
typedef struct {
|
||||
oid_descriptor_t descriptor;
|
||||
md_type_t md_alg;
|
||||
pk_type_t pk_alg;
|
||||
} oid_sig_alg_t;
|
||||
|
||||
SSL_ROM_DATA_SECTION
|
||||
static const oid_sig_alg_t oid_sig_alg[] =
|
||||
{
|
||||
{
|
||||
{ ADD_LEN( OID_PKCS1_MD2 ), "md2WithRSAEncryption", "RSA with MD2" },
|
||||
POLARSSL_MD_MD2, POLARSSL_PK_RSA,
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_PKCS1_MD4 ), "md4WithRSAEncryption", "RSA with MD4" },
|
||||
POLARSSL_MD_MD4, POLARSSL_PK_RSA,
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_PKCS1_MD5 ), "md5WithRSAEncryption", "RSA with MD5" },
|
||||
POLARSSL_MD_MD5, POLARSSL_PK_RSA,
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_PKCS1_SHA1 ), "sha-1WithRSAEncryption", "RSA with SHA1" },
|
||||
POLARSSL_MD_SHA1, POLARSSL_PK_RSA,
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_PKCS1_SHA224 ), "sha224WithRSAEncryption", "RSA with SHA-224" },
|
||||
POLARSSL_MD_SHA224, POLARSSL_PK_RSA,
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_PKCS1_SHA256 ), "sha256WithRSAEncryption", "RSA with SHA-256" },
|
||||
POLARSSL_MD_SHA256, POLARSSL_PK_RSA,
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_PKCS1_SHA384 ), "sha384WithRSAEncryption", "RSA with SHA-384" },
|
||||
POLARSSL_MD_SHA384, POLARSSL_PK_RSA,
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_PKCS1_SHA512 ), "sha512WithRSAEncryption", "RSA with SHA-512" },
|
||||
POLARSSL_MD_SHA512, POLARSSL_PK_RSA,
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_RSA_SHA_OBS ), "sha-1WithRSAEncryption", "RSA with SHA1" },
|
||||
POLARSSL_MD_SHA1, POLARSSL_PK_RSA,
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_ECDSA_SHA1 ), "ecdsa-with-SHA1", "ECDSA with SHA1" },
|
||||
POLARSSL_MD_SHA1, POLARSSL_PK_ECDSA,
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_ECDSA_SHA224 ), "ecdsa-with-SHA224", "ECDSA with SHA224" },
|
||||
POLARSSL_MD_SHA224, POLARSSL_PK_ECDSA,
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_ECDSA_SHA256 ), "ecdsa-with-SHA256", "ECDSA with SHA256" },
|
||||
POLARSSL_MD_SHA256, POLARSSL_PK_ECDSA,
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_ECDSA_SHA384 ), "ecdsa-with-SHA384", "ECDSA with SHA384" },
|
||||
POLARSSL_MD_SHA384, POLARSSL_PK_ECDSA,
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_ECDSA_SHA512 ), "ecdsa-with-SHA512", "ECDSA with SHA512" },
|
||||
POLARSSL_MD_SHA512, POLARSSL_PK_ECDSA,
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_RSASSA_PSS ), "RSASSA-PSS", "RSASSA-PSS" },
|
||||
POLARSSL_MD_NONE, POLARSSL_PK_RSASSA_PSS,
|
||||
},
|
||||
{
|
||||
{ NULL, 0, NULL, NULL },
|
||||
(md_type_t)0, (pk_type_t)0,
|
||||
},
|
||||
};
|
||||
|
||||
FN_OID_TYPED_FROM_ASN1(oid_sig_alg_t, sig_alg, oid_sig_alg);
|
||||
FN_OID_GET_DESCRIPTOR_ATTR1(oid_get_sig_alg_desc, oid_sig_alg_t, sig_alg, const char *, description);
|
||||
FN_OID_GET_ATTR2(oid_get_sig_alg, oid_sig_alg_t, sig_alg, md_type_t, md_alg, pk_type_t, pk_alg);
|
||||
FN_OID_GET_OID_BY_ATTR2(oid_get_oid_by_sig_alg, oid_sig_alg_t, oid_sig_alg, pk_type_t, pk_alg, md_type_t, md_alg);
|
||||
#endif /* POLARSSL_MD_C */
|
||||
|
||||
/*
|
||||
* For PublicKeyInfo (PKCS1, RFC 5480)
|
||||
*/
|
||||
typedef struct {
|
||||
oid_descriptor_t descriptor;
|
||||
pk_type_t pk_alg;
|
||||
} oid_pk_alg_t;
|
||||
|
||||
SSL_ROM_DATA_SECTION
|
||||
static const oid_pk_alg_t oid_pk_alg[] =
|
||||
{
|
||||
{
|
||||
{ ADD_LEN( OID_PKCS1_RSA ), "rsaEncryption", "RSA" },
|
||||
POLARSSL_PK_RSA,
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_EC_ALG_UNRESTRICTED ), "id-ecPublicKey", "Generic EC key" },
|
||||
POLARSSL_PK_ECKEY,
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_EC_ALG_ECDH ), "id-ecDH", "EC key for ECDH" },
|
||||
POLARSSL_PK_ECKEY_DH,
|
||||
},
|
||||
{
|
||||
{ NULL, 0, NULL, NULL },
|
||||
(pk_type_t)0,
|
||||
},
|
||||
};
|
||||
|
||||
FN_OID_TYPED_FROM_ASN1(oid_pk_alg_t, pk_alg, oid_pk_alg);
|
||||
FN_OID_GET_ATTR1(oid_get_pk_alg, oid_pk_alg_t, pk_alg, pk_type_t, pk_alg);
|
||||
FN_OID_GET_OID_BY_ATTR1(oid_get_oid_by_pk_alg, oid_pk_alg_t, oid_pk_alg, pk_type_t, pk_alg);
|
||||
|
||||
#if defined(POLARSSL_ECP_C)
|
||||
/*
|
||||
* For namedCurve (RFC 5480)
|
||||
*/
|
||||
typedef struct {
|
||||
oid_descriptor_t descriptor;
|
||||
ecp_group_id grp_id;
|
||||
} oid_ecp_grp_t;
|
||||
|
||||
SSL_ROM_DATA_SECTION
|
||||
static const oid_ecp_grp_t oid_ecp_grp[] =
|
||||
{
|
||||
{
|
||||
{ ADD_LEN( OID_EC_GRP_SECP192R1 ), "secp192r1", "secp192r1" },
|
||||
POLARSSL_ECP_DP_SECP192R1,
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_EC_GRP_SECP224R1 ), "secp224r1", "secp224r1" },
|
||||
POLARSSL_ECP_DP_SECP224R1,
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_EC_GRP_SECP256R1 ), "secp256r1", "secp256r1" },
|
||||
POLARSSL_ECP_DP_SECP256R1,
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_EC_GRP_SECP384R1 ), "secp384r1", "secp384r1" },
|
||||
POLARSSL_ECP_DP_SECP384R1,
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_EC_GRP_SECP521R1 ), "secp521r1", "secp521r1" },
|
||||
POLARSSL_ECP_DP_SECP521R1,
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_EC_GRP_SECP192K1 ), "secp192k1", "secp192k1" },
|
||||
POLARSSL_ECP_DP_SECP192K1,
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_EC_GRP_SECP224K1 ), "secp224k1", "secp224k1" },
|
||||
POLARSSL_ECP_DP_SECP224K1,
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_EC_GRP_SECP256K1 ), "secp256k1", "secp256k1" },
|
||||
POLARSSL_ECP_DP_SECP256K1,
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_EC_GRP_BP256R1 ), "brainpoolP256r1","brainpool256r1" },
|
||||
POLARSSL_ECP_DP_BP256R1,
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_EC_GRP_BP384R1 ), "brainpoolP384r1","brainpool384r1" },
|
||||
POLARSSL_ECP_DP_BP384R1,
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_EC_GRP_BP512R1 ), "brainpoolP512r1","brainpool512r1" },
|
||||
POLARSSL_ECP_DP_BP512R1,
|
||||
},
|
||||
{
|
||||
{ NULL, 0, NULL, NULL },
|
||||
0,
|
||||
},
|
||||
};
|
||||
|
||||
FN_OID_TYPED_FROM_ASN1(oid_ecp_grp_t, grp_id, oid_ecp_grp);
|
||||
FN_OID_GET_ATTR1(oid_get_ec_grp, oid_ecp_grp_t, grp_id, ecp_group_id, grp_id);
|
||||
FN_OID_GET_OID_BY_ATTR1(oid_get_oid_by_ec_grp, oid_ecp_grp_t, oid_ecp_grp, ecp_group_id, grp_id);
|
||||
#endif /* POLARSSL_ECP_C */
|
||||
|
||||
#if defined(POLARSSL_CIPHER_C)
|
||||
/*
|
||||
* For PKCS#5 PBES2 encryption algorithm
|
||||
*/
|
||||
typedef struct {
|
||||
oid_descriptor_t descriptor;
|
||||
cipher_type_t cipher_alg;
|
||||
} oid_cipher_alg_t;
|
||||
|
||||
SSL_ROM_DATA_SECTION
|
||||
static const oid_cipher_alg_t oid_cipher_alg[] =
|
||||
{
|
||||
{
|
||||
{ ADD_LEN( OID_DES_CBC ), "desCBC", "DES-CBC" },
|
||||
POLARSSL_CIPHER_DES_CBC,
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_DES_EDE3_CBC ), "des-ede3-cbc", "DES-EDE3-CBC" },
|
||||
POLARSSL_CIPHER_DES_EDE3_CBC,
|
||||
},
|
||||
{
|
||||
{ NULL, 0, NULL, NULL },
|
||||
(cipher_type_t)0,
|
||||
},
|
||||
};
|
||||
|
||||
FN_OID_TYPED_FROM_ASN1(oid_cipher_alg_t, cipher_alg, oid_cipher_alg);
|
||||
FN_OID_GET_ATTR1(oid_get_cipher_alg, oid_cipher_alg_t, cipher_alg, cipher_type_t, cipher_alg);
|
||||
#endif /* POLARSSL_CIPHER_C */
|
||||
|
||||
#if defined(POLARSSL_MD_C)
|
||||
/*
|
||||
* For digestAlgorithm
|
||||
*/
|
||||
typedef struct {
|
||||
oid_descriptor_t descriptor;
|
||||
md_type_t md_alg;
|
||||
} oid_md_alg_t;
|
||||
|
||||
SSL_ROM_DATA_SECTION
|
||||
static const oid_md_alg_t oid_md_alg[] =
|
||||
{
|
||||
{
|
||||
{ ADD_LEN( OID_DIGEST_ALG_MD2 ), "id-md2", "MD2" },
|
||||
POLARSSL_MD_MD2,
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_DIGEST_ALG_MD4 ), "id-md4", "MD4" },
|
||||
POLARSSL_MD_MD4,
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_DIGEST_ALG_MD5 ), "id-md5", "MD5" },
|
||||
POLARSSL_MD_MD5,
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_DIGEST_ALG_SHA1 ), "id-sha1", "SHA-1" },
|
||||
POLARSSL_MD_SHA1,
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_DIGEST_ALG_SHA224 ), "id-sha224", "SHA-224" },
|
||||
POLARSSL_MD_SHA224,
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_DIGEST_ALG_SHA256 ), "id-sha256", "SHA-256" },
|
||||
POLARSSL_MD_SHA256,
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_DIGEST_ALG_SHA384 ), "id-sha384", "SHA-384" },
|
||||
POLARSSL_MD_SHA384,
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_DIGEST_ALG_SHA512 ), "id-sha512", "SHA-512" },
|
||||
POLARSSL_MD_SHA512,
|
||||
},
|
||||
{
|
||||
{ NULL, 0, NULL, NULL },
|
||||
(md_type_t)0,
|
||||
},
|
||||
};
|
||||
|
||||
FN_OID_TYPED_FROM_ASN1(oid_md_alg_t, md_alg, oid_md_alg);
|
||||
FN_OID_GET_ATTR1(oid_get_md_alg, oid_md_alg_t, md_alg, md_type_t, md_alg);
|
||||
FN_OID_GET_OID_BY_ATTR1(oid_get_oid_by_md, oid_md_alg_t, oid_md_alg, md_type_t, md_alg);
|
||||
#endif /* POLARSSL_MD_C */
|
||||
|
||||
#if defined(POLARSSL_PKCS12_C)
|
||||
/*
|
||||
* For PKCS#12 PBEs
|
||||
*/
|
||||
typedef struct {
|
||||
oid_descriptor_t descriptor;
|
||||
md_type_t md_alg;
|
||||
cipher_type_t cipher_alg;
|
||||
} oid_pkcs12_pbe_alg_t;
|
||||
|
||||
SSL_ROM_DATA_SECTION
|
||||
static const oid_pkcs12_pbe_alg_t oid_pkcs12_pbe_alg[] =
|
||||
{
|
||||
{
|
||||
{ ADD_LEN( OID_PKCS12_PBE_SHA1_DES3_EDE_CBC ), "pbeWithSHAAnd3-KeyTripleDES-CBC", "PBE with SHA1 and 3-Key 3DES" },
|
||||
POLARSSL_MD_SHA1, POLARSSL_CIPHER_DES_EDE3_CBC,
|
||||
},
|
||||
{
|
||||
{ ADD_LEN( OID_PKCS12_PBE_SHA1_DES2_EDE_CBC ), "pbeWithSHAAnd2-KeyTripleDES-CBC", "PBE with SHA1 and 2-Key 3DES" },
|
||||
POLARSSL_MD_SHA1, POLARSSL_CIPHER_DES_EDE_CBC,
|
||||
},
|
||||
{
|
||||
{ NULL, 0, NULL, NULL },
|
||||
0, 0,
|
||||
},
|
||||
};
|
||||
|
||||
FN_OID_TYPED_FROM_ASN1(oid_pkcs12_pbe_alg_t, pkcs12_pbe_alg, oid_pkcs12_pbe_alg);
|
||||
FN_OID_GET_ATTR2(oid_get_pkcs12_pbe_alg, oid_pkcs12_pbe_alg_t, pkcs12_pbe_alg, md_type_t, md_alg, cipher_type_t, cipher_alg);
|
||||
#endif /* POLARSSL_PKCS12_C */
|
||||
|
||||
#if defined(_MSC_VER) && !defined snprintf && !defined(EFIX64) && \
|
||||
!defined(EFI32)
|
||||
#include <stdarg.h>
|
||||
|
||||
#if !defined vsnprintf
|
||||
#define vsnprintf _vsnprintf
|
||||
#endif // vsnprintf
|
||||
|
||||
/*
|
||||
* Windows _snprintf and _vsnprintf are not compatible to linux versions.
|
||||
* Result value is not size of buffer needed, but -1 if no fit is possible.
|
||||
*
|
||||
* This fuction tries to 'fix' this by at least suggesting enlarging the
|
||||
* size by 20.
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static int compat_snprintf( char *str, size_t size, const char *format, ... )
|
||||
{
|
||||
va_list ap;
|
||||
int res = -1;
|
||||
|
||||
va_start( ap, format );
|
||||
|
||||
res = vsnprintf( str, size, format, ap );
|
||||
|
||||
va_end( ap );
|
||||
|
||||
// No quick fix possible
|
||||
if( res < 0 )
|
||||
return( (int) size + 20 );
|
||||
|
||||
return( res );
|
||||
}
|
||||
|
||||
#define snprintf compat_snprintf
|
||||
#endif /* _MSC_VER && !snprintf && !EFIX64 && !EFI32 */
|
||||
|
||||
#define SAFE_SNPRINTF() \
|
||||
{ \
|
||||
if( ret == -1 ) \
|
||||
return( POLARSSL_ERR_OID_BUF_TOO_SMALL ); \
|
||||
\
|
||||
if( (unsigned int) ret >= n ) { \
|
||||
p[n - 1] = '\0'; \
|
||||
return( POLARSSL_ERR_OID_BUF_TOO_SMALL ); \
|
||||
} \
|
||||
\
|
||||
n -= (unsigned int) ret; \
|
||||
p += (unsigned int) ret; \
|
||||
}
|
||||
|
||||
/* Return the x.y.z.... style numeric string for the given OID */
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int oid_get_numeric_string( char *buf, size_t size,
|
||||
const asn1_buf *oid )
|
||||
{
|
||||
int ret;
|
||||
size_t i, n;
|
||||
unsigned int value;
|
||||
char *p;
|
||||
|
||||
p = buf;
|
||||
n = size;
|
||||
|
||||
/* First byte contains first two dots */
|
||||
if( oid->len > 0 )
|
||||
{
|
||||
ret = snprintf( p, n, "%d.%d", oid->p[0] / 40, oid->p[0] % 40 );
|
||||
SAFE_SNPRINTF();
|
||||
}
|
||||
|
||||
value = 0;
|
||||
for( i = 1; i < oid->len; i++ )
|
||||
{
|
||||
/* Prevent overflow in value. */
|
||||
if( ( ( value << 7 ) >> 7 ) != value )
|
||||
return( POLARSSL_ERR_OID_BUF_TOO_SMALL );
|
||||
|
||||
value <<= 7;
|
||||
value += oid->p[i] & 0x7F;
|
||||
|
||||
if( !( oid->p[i] & 0x80 ) )
|
||||
{
|
||||
/* Last byte */
|
||||
ret = snprintf( p, n, ".%d", value );
|
||||
SAFE_SNPRINTF();
|
||||
value = 0;
|
||||
}
|
||||
}
|
||||
|
||||
return( (int) ( size - n ) );
|
||||
}
|
||||
|
||||
#endif /* POLARSSL_OID_C */
|
||||
455
component/common/network/ssl/polarssl-1.3.8/library/rom/pem.c
Normal file
455
component/common/network/ssl/polarssl-1.3.8/library/rom/pem.c
Normal file
|
|
@ -0,0 +1,455 @@
|
|||
/*
|
||||
* Privacy Enhanced Mail (PEM) decoding
|
||||
*
|
||||
* Copyright (C) 2006-2014, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#include "polarssl/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PEM_PARSE_C) || defined(POLARSSL_PEM_WRITE_C)
|
||||
#include "polarssl/pem.h"
|
||||
#include "polarssl/base64.h"
|
||||
#include "polarssl/des.h"
|
||||
#include "polarssl/aes.h"
|
||||
#include "polarssl/md5.h"
|
||||
#include "polarssl/cipher.h"
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#include "polarssl/platform.h"
|
||||
#else
|
||||
#define polarssl_malloc malloc
|
||||
#define polarssl_free free
|
||||
#endif
|
||||
|
||||
#include <stdlib.h>
|
||||
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static void polarssl_zeroize( void *v, size_t n ) {
|
||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_PEM_PARSE_C)
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void pem_init( pem_context *ctx )
|
||||
{
|
||||
memset( ctx, 0, sizeof( pem_context ) );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_MD5_C) && defined(POLARSSL_CIPHER_MODE_CBC) && \
|
||||
( defined(POLARSSL_DES_C) || defined(POLARSSL_AES_C) )
|
||||
/*
|
||||
* Read a 16-byte hex string and convert it to binary
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static int pem_get_iv( const unsigned char *s, unsigned char *iv,
|
||||
size_t iv_len )
|
||||
{
|
||||
size_t i, j, k;
|
||||
|
||||
memset( iv, 0, iv_len );
|
||||
|
||||
for( i = 0; i < iv_len * 2; i++, s++ )
|
||||
{
|
||||
if( *s >= '0' && *s <= '9' ) j = *s - '0'; else
|
||||
if( *s >= 'A' && *s <= 'F' ) j = *s - '7'; else
|
||||
if( *s >= 'a' && *s <= 'f' ) j = *s - 'W'; else
|
||||
return( POLARSSL_ERR_PEM_INVALID_ENC_IV );
|
||||
|
||||
k = ( ( i & 1 ) != 0 ) ? j : j << 4;
|
||||
|
||||
iv[i >> 1] = (unsigned char)( iv[i >> 1] | k );
|
||||
}
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static void pem_pbkdf1( unsigned char *key, size_t keylen,
|
||||
unsigned char *iv,
|
||||
const unsigned char *pwd, size_t pwdlen )
|
||||
{
|
||||
md5_context md5_ctx;
|
||||
unsigned char md5sum[16];
|
||||
size_t use_len;
|
||||
|
||||
md5_init( &md5_ctx );
|
||||
|
||||
/*
|
||||
* key[ 0..15] = MD5(pwd || IV)
|
||||
*/
|
||||
md5_starts( &md5_ctx );
|
||||
md5_update( &md5_ctx, pwd, pwdlen );
|
||||
md5_update( &md5_ctx, iv, 8 );
|
||||
md5_finish( &md5_ctx, md5sum );
|
||||
|
||||
if( keylen <= 16 )
|
||||
{
|
||||
memcpy( key, md5sum, keylen );
|
||||
|
||||
md5_free( &md5_ctx );
|
||||
polarssl_zeroize( md5sum, 16 );
|
||||
return;
|
||||
}
|
||||
|
||||
memcpy( key, md5sum, 16 );
|
||||
|
||||
/*
|
||||
* key[16..23] = MD5(key[ 0..15] || pwd || IV])
|
||||
*/
|
||||
md5_starts( &md5_ctx );
|
||||
md5_update( &md5_ctx, md5sum, 16 );
|
||||
md5_update( &md5_ctx, pwd, pwdlen );
|
||||
md5_update( &md5_ctx, iv, 8 );
|
||||
md5_finish( &md5_ctx, md5sum );
|
||||
|
||||
use_len = 16;
|
||||
if( keylen < 32 )
|
||||
use_len = keylen - 16;
|
||||
|
||||
memcpy( key + 16, md5sum, use_len );
|
||||
|
||||
md5_free( &md5_ctx );
|
||||
polarssl_zeroize( md5sum, 16 );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_DES_C)
|
||||
/*
|
||||
* Decrypt with DES-CBC, using PBKDF1 for key derivation
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static void pem_des_decrypt( unsigned char des_iv[8],
|
||||
unsigned char *buf, size_t buflen,
|
||||
const unsigned char *pwd, size_t pwdlen )
|
||||
{
|
||||
des_context des_ctx;
|
||||
unsigned char des_key[8];
|
||||
|
||||
des_init( &des_ctx );
|
||||
|
||||
pem_pbkdf1( des_key, 8, des_iv, pwd, pwdlen );
|
||||
|
||||
des_setkey_dec( &des_ctx, des_key );
|
||||
des_crypt_cbc( &des_ctx, DES_DECRYPT, buflen,
|
||||
des_iv, buf, buf );
|
||||
|
||||
des_free( &des_ctx );
|
||||
polarssl_zeroize( des_key, 8 );
|
||||
}
|
||||
|
||||
/*
|
||||
* Decrypt with 3DES-CBC, using PBKDF1 for key derivation
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static void pem_des3_decrypt( unsigned char des3_iv[8],
|
||||
unsigned char *buf, size_t buflen,
|
||||
const unsigned char *pwd, size_t pwdlen )
|
||||
{
|
||||
des3_context des3_ctx;
|
||||
unsigned char des3_key[24];
|
||||
|
||||
des3_init( &des3_ctx );
|
||||
|
||||
pem_pbkdf1( des3_key, 24, des3_iv, pwd, pwdlen );
|
||||
|
||||
des3_set3key_dec( &des3_ctx, des3_key );
|
||||
des3_crypt_cbc( &des3_ctx, DES_DECRYPT, buflen,
|
||||
des3_iv, buf, buf );
|
||||
|
||||
des3_free( &des3_ctx );
|
||||
polarssl_zeroize( des3_key, 24 );
|
||||
}
|
||||
#endif /* POLARSSL_DES_C */
|
||||
|
||||
#if defined(POLARSSL_AES_C)
|
||||
/*
|
||||
* Decrypt with AES-XXX-CBC, using PBKDF1 for key derivation
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static void pem_aes_decrypt( unsigned char aes_iv[16], unsigned int keylen,
|
||||
unsigned char *buf, size_t buflen,
|
||||
const unsigned char *pwd, size_t pwdlen )
|
||||
{
|
||||
aes_context aes_ctx;
|
||||
unsigned char aes_key[32];
|
||||
|
||||
aes_init( &aes_ctx );
|
||||
|
||||
pem_pbkdf1( aes_key, keylen, aes_iv, pwd, pwdlen );
|
||||
|
||||
aes_setkey_dec( &aes_ctx, aes_key, keylen * 8 );
|
||||
aes_crypt_cbc( &aes_ctx, AES_DECRYPT, buflen,
|
||||
aes_iv, buf, buf );
|
||||
|
||||
aes_free( &aes_ctx );
|
||||
polarssl_zeroize( aes_key, keylen );
|
||||
}
|
||||
#endif /* POLARSSL_AES_C */
|
||||
|
||||
#endif /* POLARSSL_MD5_C && POLARSSL_CIPHER_MODE_CBC &&
|
||||
( POLARSSL_AES_C || POLARSSL_DES_C ) */
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int pem_read_buffer( pem_context *ctx, const char *header, const char *footer,
|
||||
const unsigned char *data, const unsigned char *pwd,
|
||||
size_t pwdlen, size_t *use_len )
|
||||
{
|
||||
int ret, enc;
|
||||
size_t len;
|
||||
unsigned char *buf;
|
||||
const unsigned char *s1, *s2, *end;
|
||||
#if defined(POLARSSL_MD5_C) && defined(POLARSSL_CIPHER_MODE_CBC) && \
|
||||
( defined(POLARSSL_DES_C) || defined(POLARSSL_AES_C) )
|
||||
unsigned char pem_iv[16];
|
||||
cipher_type_t enc_alg = POLARSSL_CIPHER_NONE;
|
||||
#else
|
||||
((void) pwd);
|
||||
((void) pwdlen);
|
||||
#endif /* POLARSSL_MD5_C && POLARSSL_CIPHER_MODE_CBC &&
|
||||
( POLARSSL_AES_C || POLARSSL_DES_C ) */
|
||||
|
||||
if( ctx == NULL )
|
||||
return( POLARSSL_ERR_PEM_BAD_INPUT_DATA );
|
||||
|
||||
s1 = (unsigned char *) strstr( (const char *) data, header );
|
||||
|
||||
if( s1 == NULL )
|
||||
return( POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT );
|
||||
|
||||
s2 = (unsigned char *) strstr( (const char *) data, footer );
|
||||
|
||||
if( s2 == NULL || s2 <= s1 )
|
||||
return( POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT );
|
||||
|
||||
s1 += strlen( header );
|
||||
if( *s1 == '\r' ) s1++;
|
||||
if( *s1 == '\n' ) s1++;
|
||||
else return( POLARSSL_ERR_PEM_NO_HEADER_FOOTER_PRESENT );
|
||||
|
||||
end = s2;
|
||||
end += strlen( footer );
|
||||
if( *end == '\r' ) end++;
|
||||
if( *end == '\n' ) end++;
|
||||
*use_len = end - data;
|
||||
|
||||
enc = 0;
|
||||
|
||||
if( memcmp( s1, "Proc-Type: 4,ENCRYPTED", 22 ) == 0 )
|
||||
{
|
||||
#if defined(POLARSSL_MD5_C) && defined(POLARSSL_CIPHER_MODE_CBC) && \
|
||||
( defined(POLARSSL_DES_C) || defined(POLARSSL_AES_C) )
|
||||
enc++;
|
||||
|
||||
s1 += 22;
|
||||
if( *s1 == '\r' ) s1++;
|
||||
if( *s1 == '\n' ) s1++;
|
||||
else return( POLARSSL_ERR_PEM_INVALID_DATA );
|
||||
|
||||
|
||||
#if defined(POLARSSL_DES_C)
|
||||
if( memcmp( s1, "DEK-Info: DES-EDE3-CBC,", 23 ) == 0 )
|
||||
{
|
||||
enc_alg = POLARSSL_CIPHER_DES_EDE3_CBC;
|
||||
|
||||
s1 += 23;
|
||||
if( pem_get_iv( s1, pem_iv, 8 ) != 0 )
|
||||
return( POLARSSL_ERR_PEM_INVALID_ENC_IV );
|
||||
|
||||
s1 += 16;
|
||||
}
|
||||
else if( memcmp( s1, "DEK-Info: DES-CBC,", 18 ) == 0 )
|
||||
{
|
||||
enc_alg = POLARSSL_CIPHER_DES_CBC;
|
||||
|
||||
s1 += 18;
|
||||
if( pem_get_iv( s1, pem_iv, 8) != 0 )
|
||||
return( POLARSSL_ERR_PEM_INVALID_ENC_IV );
|
||||
|
||||
s1 += 16;
|
||||
}
|
||||
#endif /* POLARSSL_DES_C */
|
||||
|
||||
#if defined(POLARSSL_AES_C)
|
||||
if( memcmp( s1, "DEK-Info: AES-", 14 ) == 0 )
|
||||
{
|
||||
if( memcmp( s1, "DEK-Info: AES-128-CBC,", 22 ) == 0 )
|
||||
enc_alg = POLARSSL_CIPHER_AES_128_CBC;
|
||||
else if( memcmp( s1, "DEK-Info: AES-192-CBC,", 22 ) == 0 )
|
||||
enc_alg = POLARSSL_CIPHER_AES_192_CBC;
|
||||
else if( memcmp( s1, "DEK-Info: AES-256-CBC,", 22 ) == 0 )
|
||||
enc_alg = POLARSSL_CIPHER_AES_256_CBC;
|
||||
else
|
||||
return( POLARSSL_ERR_PEM_UNKNOWN_ENC_ALG );
|
||||
|
||||
s1 += 22;
|
||||
if( pem_get_iv( s1, pem_iv, 16 ) != 0 )
|
||||
return( POLARSSL_ERR_PEM_INVALID_ENC_IV );
|
||||
|
||||
s1 += 32;
|
||||
}
|
||||
#endif /* POLARSSL_AES_C */
|
||||
|
||||
if( enc_alg == POLARSSL_CIPHER_NONE )
|
||||
return( POLARSSL_ERR_PEM_UNKNOWN_ENC_ALG );
|
||||
|
||||
if( *s1 == '\r' ) s1++;
|
||||
if( *s1 == '\n' ) s1++;
|
||||
else return( POLARSSL_ERR_PEM_INVALID_DATA );
|
||||
#else
|
||||
return( POLARSSL_ERR_PEM_FEATURE_UNAVAILABLE );
|
||||
#endif /* POLARSSL_MD5_C && POLARSSL_CIPHER_MODE_CBC &&
|
||||
( POLARSSL_AES_C || POLARSSL_DES_C ) */
|
||||
}
|
||||
|
||||
len = 0;
|
||||
ret = base64_decode( NULL, &len, s1, s2 - s1 );
|
||||
|
||||
if( ret == POLARSSL_ERR_BASE64_INVALID_CHARACTER )
|
||||
return( POLARSSL_ERR_PEM_INVALID_DATA + ret );
|
||||
|
||||
if( ( buf = (unsigned char *) polarssl_malloc( len ) ) == NULL )
|
||||
return( POLARSSL_ERR_PEM_MALLOC_FAILED );
|
||||
|
||||
if( ( ret = base64_decode( buf, &len, s1, s2 - s1 ) ) != 0 )
|
||||
{
|
||||
polarssl_free( buf );
|
||||
return( POLARSSL_ERR_PEM_INVALID_DATA + ret );
|
||||
}
|
||||
|
||||
if( enc != 0 )
|
||||
{
|
||||
#if defined(POLARSSL_MD5_C) && defined(POLARSSL_CIPHER_MODE_CBC) && \
|
||||
( defined(POLARSSL_DES_C) || defined(POLARSSL_AES_C) )
|
||||
if( pwd == NULL )
|
||||
{
|
||||
polarssl_free( buf );
|
||||
return( POLARSSL_ERR_PEM_PASSWORD_REQUIRED );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_DES_C)
|
||||
if( enc_alg == POLARSSL_CIPHER_DES_EDE3_CBC )
|
||||
pem_des3_decrypt( pem_iv, buf, len, pwd, pwdlen );
|
||||
else if( enc_alg == POLARSSL_CIPHER_DES_CBC )
|
||||
pem_des_decrypt( pem_iv, buf, len, pwd, pwdlen );
|
||||
#endif /* POLARSSL_DES_C */
|
||||
|
||||
#if defined(POLARSSL_AES_C)
|
||||
if( enc_alg == POLARSSL_CIPHER_AES_128_CBC )
|
||||
pem_aes_decrypt( pem_iv, 16, buf, len, pwd, pwdlen );
|
||||
else if( enc_alg == POLARSSL_CIPHER_AES_192_CBC )
|
||||
pem_aes_decrypt( pem_iv, 24, buf, len, pwd, pwdlen );
|
||||
else if( enc_alg == POLARSSL_CIPHER_AES_256_CBC )
|
||||
pem_aes_decrypt( pem_iv, 32, buf, len, pwd, pwdlen );
|
||||
#endif /* POLARSSL_AES_C */
|
||||
|
||||
/*
|
||||
* The result will be ASN.1 starting with a SEQUENCE tag, with 1 to 3
|
||||
* length bytes (allow 4 to be sure) in all known use cases.
|
||||
*
|
||||
* Use that as heurisitic to try detecting password mismatchs.
|
||||
*/
|
||||
if( len <= 2 || buf[0] != 0x30 || buf[1] > 0x83 )
|
||||
{
|
||||
polarssl_free( buf );
|
||||
return( POLARSSL_ERR_PEM_PASSWORD_MISMATCH );
|
||||
}
|
||||
#else
|
||||
polarssl_free( buf );
|
||||
return( POLARSSL_ERR_PEM_FEATURE_UNAVAILABLE );
|
||||
#endif /* POLARSSL_MD5_C && POLARSSL_CIPHER_MODE_CBC &&
|
||||
( POLARSSL_AES_C || POLARSSL_DES_C ) */
|
||||
}
|
||||
|
||||
ctx->buf = buf;
|
||||
ctx->buflen = len;
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void pem_free( pem_context *ctx )
|
||||
{
|
||||
polarssl_free( ctx->buf );
|
||||
polarssl_free( ctx->info );
|
||||
|
||||
polarssl_zeroize( ctx, sizeof( pem_context ) );
|
||||
}
|
||||
#endif /* POLARSSL_PEM_PARSE_C */
|
||||
|
||||
#if defined(POLARSSL_PEM_WRITE_C)
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int pem_write_buffer( const char *header, const char *footer,
|
||||
const unsigned char *der_data, size_t der_len,
|
||||
unsigned char *buf, size_t buf_len, size_t *olen )
|
||||
{
|
||||
int ret;
|
||||
unsigned char *encode_buf, *c, *p = buf;
|
||||
size_t len = 0, use_len = 0, add_len = 0;
|
||||
|
||||
base64_encode( NULL, &use_len, der_data, der_len );
|
||||
add_len = strlen( header ) + strlen( footer ) + ( use_len / 64 ) + 1;
|
||||
|
||||
if( use_len + add_len > buf_len )
|
||||
{
|
||||
*olen = use_len + add_len;
|
||||
return( POLARSSL_ERR_BASE64_BUFFER_TOO_SMALL );
|
||||
}
|
||||
|
||||
if( ( encode_buf = polarssl_malloc( use_len ) ) == NULL )
|
||||
return( POLARSSL_ERR_PEM_MALLOC_FAILED );
|
||||
|
||||
if( ( ret = base64_encode( encode_buf, &use_len, der_data,
|
||||
der_len ) ) != 0 )
|
||||
{
|
||||
polarssl_free( encode_buf );
|
||||
return( ret );
|
||||
}
|
||||
|
||||
memcpy( p, header, strlen( header ) );
|
||||
p += strlen( header );
|
||||
c = encode_buf;
|
||||
|
||||
while( use_len )
|
||||
{
|
||||
len = ( use_len > 64 ) ? 64 : use_len;
|
||||
memcpy( p, c, len );
|
||||
use_len -= len;
|
||||
p += len;
|
||||
c += len;
|
||||
*p++ = '\n';
|
||||
}
|
||||
|
||||
memcpy( p, footer, strlen( footer ) );
|
||||
p += strlen( footer );
|
||||
|
||||
*p++ = '\0';
|
||||
*olen = p - buf;
|
||||
|
||||
polarssl_free( encode_buf );
|
||||
return( 0 );
|
||||
}
|
||||
#endif /* POLARSSL_PEM_WRITE_C */
|
||||
#endif /* POLARSSL_PEM_PARSE_C || POLARSSL_PEM_WRITE_C */
|
||||
368
component/common/network/ssl/polarssl-1.3.8/library/rom/pk.c
Normal file
368
component/common/network/ssl/polarssl-1.3.8/library/rom/pk.c
Normal file
|
|
@ -0,0 +1,368 @@
|
|||
/*
|
||||
* Public Key abstraction layer
|
||||
*
|
||||
* Copyright (C) 2006-2014, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#include "polarssl/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PK_C)
|
||||
|
||||
#include "polarssl/pk.h"
|
||||
#include "polarssl/pk_wrap.h"
|
||||
|
||||
#if defined(POLARSSL_RSA_C)
|
||||
#include "polarssl/rsa.h"
|
||||
#endif
|
||||
#if defined(POLARSSL_ECP_C)
|
||||
#include "polarssl/ecp.h"
|
||||
#endif
|
||||
#if defined(POLARSSL_ECDSA_C)
|
||||
#include "polarssl/ecdsa.h"
|
||||
#endif
|
||||
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static void polarssl_zeroize( void *v, size_t n ) {
|
||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||
}
|
||||
|
||||
/*
|
||||
* Initialise a pk_context
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void pk_init( pk_context *ctx )
|
||||
{
|
||||
if( ctx == NULL )
|
||||
return;
|
||||
|
||||
ctx->pk_info = NULL;
|
||||
ctx->pk_ctx = NULL;
|
||||
}
|
||||
|
||||
/*
|
||||
* Free (the components of) a pk_context
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void pk_free( pk_context *ctx )
|
||||
{
|
||||
if( ctx == NULL || ctx->pk_info == NULL )
|
||||
return;
|
||||
|
||||
ctx->pk_info->ctx_free_func( ctx->pk_ctx );
|
||||
|
||||
polarssl_zeroize( ctx, sizeof( pk_context ) );
|
||||
}
|
||||
|
||||
/*
|
||||
* Get pk_info structure from type
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
const pk_info_t * pk_info_from_type( pk_type_t pk_type )
|
||||
{
|
||||
switch( pk_type ) {
|
||||
#if defined(POLARSSL_RSA_C)
|
||||
case POLARSSL_PK_RSA:
|
||||
return( &rsa_info );
|
||||
#endif
|
||||
#if defined(POLARSSL_ECP_C)
|
||||
case POLARSSL_PK_ECKEY:
|
||||
return( &eckey_info );
|
||||
case POLARSSL_PK_ECKEY_DH:
|
||||
return( &eckeydh_info );
|
||||
#endif
|
||||
#if defined(POLARSSL_ECDSA_C)
|
||||
case POLARSSL_PK_ECDSA:
|
||||
return( &ecdsa_info );
|
||||
#endif
|
||||
/* POLARSSL_PK_RSA_ALT omitted on purpose */
|
||||
default:
|
||||
return( NULL );
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
* Initialise context
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int pk_init_ctx( pk_context *ctx, const pk_info_t *info )
|
||||
{
|
||||
if( ctx == NULL || info == NULL || ctx->pk_info != NULL )
|
||||
return( POLARSSL_ERR_PK_BAD_INPUT_DATA );
|
||||
|
||||
if( ( ctx->pk_ctx = info->ctx_alloc_func() ) == NULL )
|
||||
return( POLARSSL_ERR_PK_MALLOC_FAILED );
|
||||
|
||||
ctx->pk_info = info;
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
/*
|
||||
* Initialize an RSA-alt context
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int pk_init_ctx_rsa_alt( pk_context *ctx, void * key,
|
||||
pk_rsa_alt_decrypt_func decrypt_func,
|
||||
pk_rsa_alt_sign_func sign_func,
|
||||
pk_rsa_alt_key_len_func key_len_func )
|
||||
{
|
||||
rsa_alt_context *rsa_alt;
|
||||
const pk_info_t *info = &rsa_alt_info;
|
||||
|
||||
if( ctx == NULL || ctx->pk_info != NULL )
|
||||
return( POLARSSL_ERR_PK_BAD_INPUT_DATA );
|
||||
|
||||
if( ( ctx->pk_ctx = info->ctx_alloc_func() ) == NULL )
|
||||
return( POLARSSL_ERR_PK_MALLOC_FAILED );
|
||||
|
||||
ctx->pk_info = info;
|
||||
|
||||
rsa_alt = (rsa_alt_context *) ctx->pk_ctx;
|
||||
|
||||
rsa_alt->key = key;
|
||||
rsa_alt->decrypt_func = decrypt_func;
|
||||
rsa_alt->sign_func = sign_func;
|
||||
rsa_alt->key_len_func = key_len_func;
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
/*
|
||||
* Tell if a PK can do the operations of the given type
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int pk_can_do( pk_context *ctx, pk_type_t type )
|
||||
{
|
||||
/* null or NONE context can't do anything */
|
||||
if( ctx == NULL || ctx->pk_info == NULL )
|
||||
return( 0 );
|
||||
|
||||
return( ctx->pk_info->can_do( type ) );
|
||||
}
|
||||
|
||||
/*
|
||||
* Helper for pk_sign and pk_verify
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static inline int pk_hashlen_helper( md_type_t md_alg, size_t *hash_len )
|
||||
{
|
||||
const md_info_t *md_info;
|
||||
|
||||
if( *hash_len != 0 )
|
||||
return( 0 );
|
||||
|
||||
if( ( md_info = md_info_from_type( md_alg ) ) == NULL )
|
||||
return( -1 );
|
||||
|
||||
*hash_len = md_info->size;
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
/*
|
||||
* Verify a signature
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int pk_verify( pk_context *ctx, md_type_t md_alg,
|
||||
const unsigned char *hash, size_t hash_len,
|
||||
const unsigned char *sig, size_t sig_len )
|
||||
{
|
||||
if( ctx == NULL || ctx->pk_info == NULL ||
|
||||
pk_hashlen_helper( md_alg, &hash_len ) != 0 )
|
||||
return( POLARSSL_ERR_PK_BAD_INPUT_DATA );
|
||||
|
||||
if( ctx->pk_info->verify_func == NULL )
|
||||
return( POLARSSL_ERR_PK_TYPE_MISMATCH );
|
||||
|
||||
return( ctx->pk_info->verify_func( ctx->pk_ctx, md_alg, hash, hash_len,
|
||||
sig, sig_len ) );
|
||||
}
|
||||
|
||||
/*
|
||||
* Verify a signature with options
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int pk_verify_ext( pk_type_t type, const void *options,
|
||||
pk_context *ctx, md_type_t md_alg,
|
||||
const unsigned char *hash, size_t hash_len,
|
||||
const unsigned char *sig, size_t sig_len )
|
||||
{
|
||||
if( ctx == NULL || ctx->pk_info == NULL )
|
||||
return( POLARSSL_ERR_PK_BAD_INPUT_DATA );
|
||||
|
||||
if( ! pk_can_do( ctx, type ) )
|
||||
return( POLARSSL_ERR_PK_TYPE_MISMATCH );
|
||||
|
||||
if( type == POLARSSL_PK_RSASSA_PSS )
|
||||
{
|
||||
#if defined(POLARSSL_RSA_C) && defined(POLARSSL_PKCS1_V21)
|
||||
int ret;
|
||||
const pk_rsassa_pss_options *pss_opts;
|
||||
|
||||
if( options == NULL )
|
||||
return( POLARSSL_ERR_PK_BAD_INPUT_DATA );
|
||||
|
||||
pss_opts = (const pk_rsassa_pss_options *) options;
|
||||
|
||||
if( sig_len < pk_get_len( ctx ) )
|
||||
return( POLARSSL_ERR_RSA_VERIFY_FAILED );
|
||||
|
||||
ret = rsa_rsassa_pss_verify_ext( pk_rsa( *ctx ),
|
||||
NULL, NULL, RSA_PUBLIC,
|
||||
md_alg, hash_len, hash,
|
||||
pss_opts->mgf1_hash_id,
|
||||
pss_opts->expected_salt_len,
|
||||
sig );
|
||||
if( ret != 0 )
|
||||
return( ret );
|
||||
|
||||
if( sig_len > pk_get_len( ctx ) )
|
||||
return( POLARSSL_ERR_PK_SIG_LEN_MISMATCH );
|
||||
|
||||
return( 0 );
|
||||
#else
|
||||
return( POLARSSL_ERR_PK_FEATURE_UNAVAILABLE );
|
||||
#endif
|
||||
}
|
||||
|
||||
/* General case: no options */
|
||||
if( options != NULL )
|
||||
return( POLARSSL_ERR_PK_BAD_INPUT_DATA );
|
||||
|
||||
return( pk_verify( ctx, md_alg, hash, hash_len, sig, sig_len ) );
|
||||
}
|
||||
|
||||
/*
|
||||
* Make a signature
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int pk_sign( pk_context *ctx, md_type_t md_alg,
|
||||
const unsigned char *hash, size_t hash_len,
|
||||
unsigned char *sig, size_t *sig_len,
|
||||
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
|
||||
{
|
||||
if( ctx == NULL || ctx->pk_info == NULL ||
|
||||
pk_hashlen_helper( md_alg, &hash_len ) != 0 )
|
||||
return( POLARSSL_ERR_PK_BAD_INPUT_DATA );
|
||||
|
||||
if( ctx->pk_info->sign_func == NULL )
|
||||
return( POLARSSL_ERR_PK_TYPE_MISMATCH );
|
||||
|
||||
return( ctx->pk_info->sign_func( ctx->pk_ctx, md_alg, hash, hash_len,
|
||||
sig, sig_len, f_rng, p_rng ) );
|
||||
}
|
||||
|
||||
/*
|
||||
* Decrypt message
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int pk_decrypt( pk_context *ctx,
|
||||
const unsigned char *input, size_t ilen,
|
||||
unsigned char *output, size_t *olen, size_t osize,
|
||||
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
|
||||
{
|
||||
if( ctx == NULL || ctx->pk_info == NULL )
|
||||
return( POLARSSL_ERR_PK_BAD_INPUT_DATA );
|
||||
|
||||
if( ctx->pk_info->decrypt_func == NULL )
|
||||
return( POLARSSL_ERR_PK_TYPE_MISMATCH );
|
||||
|
||||
return( ctx->pk_info->decrypt_func( ctx->pk_ctx, input, ilen,
|
||||
output, olen, osize, f_rng, p_rng ) );
|
||||
}
|
||||
|
||||
/*
|
||||
* Encrypt message
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int pk_encrypt( pk_context *ctx,
|
||||
const unsigned char *input, size_t ilen,
|
||||
unsigned char *output, size_t *olen, size_t osize,
|
||||
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
|
||||
{
|
||||
if( ctx == NULL || ctx->pk_info == NULL )
|
||||
return( POLARSSL_ERR_PK_BAD_INPUT_DATA );
|
||||
|
||||
if( ctx->pk_info->encrypt_func == NULL )
|
||||
return( POLARSSL_ERR_PK_TYPE_MISMATCH );
|
||||
|
||||
return( ctx->pk_info->encrypt_func( ctx->pk_ctx, input, ilen,
|
||||
output, olen, osize, f_rng, p_rng ) );
|
||||
}
|
||||
|
||||
/*
|
||||
* Get key size in bits
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
size_t pk_get_size( const pk_context *ctx )
|
||||
{
|
||||
if( ctx == NULL || ctx->pk_info == NULL )
|
||||
return( 0 );
|
||||
|
||||
return( ctx->pk_info->get_size( ctx->pk_ctx ) );
|
||||
}
|
||||
|
||||
/*
|
||||
* Export debug information
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int pk_debug( const pk_context *ctx, pk_debug_item *items )
|
||||
{
|
||||
if( ctx == NULL || ctx->pk_info == NULL )
|
||||
return( POLARSSL_ERR_PK_BAD_INPUT_DATA );
|
||||
|
||||
if( ctx->pk_info->debug_func == NULL )
|
||||
return( POLARSSL_ERR_PK_TYPE_MISMATCH );
|
||||
|
||||
ctx->pk_info->debug_func( ctx->pk_ctx, items );
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
/*
|
||||
* Access the PK type name
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
const char * pk_get_name( const pk_context *ctx )
|
||||
{
|
||||
if( ctx == NULL || ctx->pk_info == NULL )
|
||||
return( "invalid PK" );
|
||||
|
||||
return( ctx->pk_info->name );
|
||||
}
|
||||
|
||||
/*
|
||||
* Access the PK type
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
pk_type_t pk_get_type( const pk_context *ctx )
|
||||
{
|
||||
if( ctx == NULL || ctx->pk_info == NULL )
|
||||
return( POLARSSL_PK_NONE );
|
||||
|
||||
return( ctx->pk_info->type );
|
||||
}
|
||||
|
||||
#endif /* POLARSSL_PK_C */
|
||||
|
|
@ -0,0 +1,485 @@
|
|||
/*
|
||||
* Public Key abstraction layer: wrapper functions
|
||||
*
|
||||
* Copyright (C) 2006-2014, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#include "polarssl/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PK_C)
|
||||
|
||||
#include "polarssl/pk_wrap.h"
|
||||
|
||||
/* Even if RSA not activated, for the sake of RSA-alt */
|
||||
#include "polarssl/rsa.h"
|
||||
|
||||
#if defined(POLARSSL_ECP_C)
|
||||
#include "polarssl/ecp.h"
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_ECDSA_C)
|
||||
#include "polarssl/ecdsa.h"
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#include "polarssl/platform.h"
|
||||
#else
|
||||
#include <stdlib.h>
|
||||
#define polarssl_malloc malloc
|
||||
#define polarssl_free free
|
||||
#endif
|
||||
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static void polarssl_zeroize( void *v, size_t n ) {
|
||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_RSA_C)
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static int rsa_can_do( pk_type_t type )
|
||||
{
|
||||
return( type == POLARSSL_PK_RSA ||
|
||||
type == POLARSSL_PK_RSASSA_PSS );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static size_t rsa_get_size( const void *ctx )
|
||||
{
|
||||
return( 8 * ((const rsa_context *) ctx)->len );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static int rsa_verify_wrap( void *ctx, md_type_t md_alg,
|
||||
const unsigned char *hash, size_t hash_len,
|
||||
const unsigned char *sig, size_t sig_len )
|
||||
{
|
||||
int ret;
|
||||
|
||||
if( sig_len < ((rsa_context *) ctx)->len )
|
||||
return( POLARSSL_ERR_RSA_VERIFY_FAILED );
|
||||
|
||||
if( ( ret = rsa_pkcs1_verify( (rsa_context *) ctx, NULL, NULL,
|
||||
RSA_PUBLIC, md_alg,
|
||||
(unsigned int) hash_len, hash, sig ) ) != 0 )
|
||||
return( ret );
|
||||
|
||||
if( sig_len > ((rsa_context *) ctx)->len )
|
||||
return( POLARSSL_ERR_PK_SIG_LEN_MISMATCH );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static int rsa_sign_wrap( void *ctx, md_type_t md_alg,
|
||||
const unsigned char *hash, size_t hash_len,
|
||||
unsigned char *sig, size_t *sig_len,
|
||||
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
|
||||
{
|
||||
*sig_len = ((rsa_context *) ctx)->len;
|
||||
|
||||
return( rsa_pkcs1_sign( (rsa_context *) ctx, f_rng, p_rng, RSA_PRIVATE,
|
||||
md_alg, (unsigned int) hash_len, hash, sig ) );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static int rsa_decrypt_wrap( void *ctx,
|
||||
const unsigned char *input, size_t ilen,
|
||||
unsigned char *output, size_t *olen, size_t osize,
|
||||
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
|
||||
{
|
||||
if( ilen != ((rsa_context *) ctx)->len )
|
||||
return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
|
||||
|
||||
return( rsa_pkcs1_decrypt( (rsa_context *) ctx, f_rng, p_rng,
|
||||
RSA_PRIVATE, olen, input, output, osize ) );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static int rsa_encrypt_wrap( void *ctx,
|
||||
const unsigned char *input, size_t ilen,
|
||||
unsigned char *output, size_t *olen, size_t osize,
|
||||
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
|
||||
{
|
||||
((void) osize);
|
||||
|
||||
*olen = ((rsa_context *) ctx)->len;
|
||||
|
||||
return( rsa_pkcs1_encrypt( (rsa_context *) ctx,
|
||||
f_rng, p_rng, RSA_PUBLIC, ilen, input, output ) );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static void *rsa_alloc_wrap( void )
|
||||
{
|
||||
void *ctx = polarssl_malloc( sizeof( rsa_context ) );
|
||||
|
||||
if( ctx != NULL )
|
||||
rsa_init( (rsa_context *) ctx, 0, 0 );
|
||||
|
||||
return( ctx );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static void rsa_free_wrap( void *ctx )
|
||||
{
|
||||
rsa_free( (rsa_context *) ctx );
|
||||
polarssl_free( ctx );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static void rsa_debug( const void *ctx, pk_debug_item *items )
|
||||
{
|
||||
items->type = POLARSSL_PK_DEBUG_MPI;
|
||||
items->name = "rsa.N";
|
||||
items->value = &( ((rsa_context *) ctx)->N );
|
||||
|
||||
items++;
|
||||
|
||||
items->type = POLARSSL_PK_DEBUG_MPI;
|
||||
items->name = "rsa.E";
|
||||
items->value = &( ((rsa_context *) ctx)->E );
|
||||
}
|
||||
|
||||
SSL_ROM_DATA_SECTION
|
||||
const pk_info_t rsa_info = {
|
||||
POLARSSL_PK_RSA,
|
||||
"RSA",
|
||||
rsa_get_size,
|
||||
rsa_can_do,
|
||||
rsa_verify_wrap,
|
||||
rsa_sign_wrap,
|
||||
rsa_decrypt_wrap,
|
||||
rsa_encrypt_wrap,
|
||||
rsa_alloc_wrap,
|
||||
rsa_free_wrap,
|
||||
rsa_debug,
|
||||
};
|
||||
#endif /* POLARSSL_RSA_C */
|
||||
|
||||
#if defined(POLARSSL_ECP_C)
|
||||
/*
|
||||
* Generic EC key
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static int eckey_can_do( pk_type_t type )
|
||||
{
|
||||
return( type == POLARSSL_PK_ECKEY ||
|
||||
type == POLARSSL_PK_ECKEY_DH ||
|
||||
type == POLARSSL_PK_ECDSA );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static size_t eckey_get_size( const void *ctx )
|
||||
{
|
||||
return( ((ecp_keypair *) ctx)->grp.pbits );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_ECDSA_C)
|
||||
/* Forward declarations */
|
||||
static int ecdsa_verify_wrap( void *ctx, md_type_t md_alg,
|
||||
const unsigned char *hash, size_t hash_len,
|
||||
const unsigned char *sig, size_t sig_len );
|
||||
|
||||
static int ecdsa_sign_wrap( void *ctx, md_type_t md_alg,
|
||||
const unsigned char *hash, size_t hash_len,
|
||||
unsigned char *sig, size_t *sig_len,
|
||||
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static int eckey_verify_wrap( void *ctx, md_type_t md_alg,
|
||||
const unsigned char *hash, size_t hash_len,
|
||||
const unsigned char *sig, size_t sig_len )
|
||||
{
|
||||
int ret;
|
||||
ecdsa_context ecdsa;
|
||||
|
||||
ecdsa_init( &ecdsa );
|
||||
|
||||
if( ( ret = ecdsa_from_keypair( &ecdsa, ctx ) ) == 0 )
|
||||
ret = ecdsa_verify_wrap( &ecdsa, md_alg, hash, hash_len, sig, sig_len );
|
||||
|
||||
ecdsa_free( &ecdsa );
|
||||
|
||||
return( ret );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static int eckey_sign_wrap( void *ctx, md_type_t md_alg,
|
||||
const unsigned char *hash, size_t hash_len,
|
||||
unsigned char *sig, size_t *sig_len,
|
||||
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
|
||||
{
|
||||
int ret;
|
||||
ecdsa_context ecdsa;
|
||||
|
||||
ecdsa_init( &ecdsa );
|
||||
|
||||
if( ( ret = ecdsa_from_keypair( &ecdsa, ctx ) ) == 0 )
|
||||
ret = ecdsa_sign_wrap( &ecdsa, md_alg, hash, hash_len, sig, sig_len,
|
||||
f_rng, p_rng );
|
||||
|
||||
ecdsa_free( &ecdsa );
|
||||
|
||||
return( ret );
|
||||
}
|
||||
|
||||
#endif /* POLARSSL_ECDSA_C */
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static void *eckey_alloc_wrap( void )
|
||||
{
|
||||
void *ctx = polarssl_malloc( sizeof( ecp_keypair ) );
|
||||
|
||||
if( ctx != NULL )
|
||||
ecp_keypair_init( ctx );
|
||||
|
||||
return( ctx );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static void eckey_free_wrap( void *ctx )
|
||||
{
|
||||
ecp_keypair_free( (ecp_keypair *) ctx );
|
||||
polarssl_free( ctx );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static void eckey_debug( const void *ctx, pk_debug_item *items )
|
||||
{
|
||||
items->type = POLARSSL_PK_DEBUG_ECP;
|
||||
items->name = "eckey.Q";
|
||||
items->value = &( ((ecp_keypair *) ctx)->Q );
|
||||
}
|
||||
|
||||
SSL_ROM_DATA_SECTION
|
||||
const pk_info_t eckey_info = {
|
||||
POLARSSL_PK_ECKEY,
|
||||
"EC",
|
||||
eckey_get_size,
|
||||
eckey_can_do,
|
||||
#if defined(POLARSSL_ECDSA_C)
|
||||
eckey_verify_wrap,
|
||||
eckey_sign_wrap,
|
||||
#else
|
||||
NULL,
|
||||
NULL,
|
||||
#endif
|
||||
NULL,
|
||||
NULL,
|
||||
eckey_alloc_wrap,
|
||||
eckey_free_wrap,
|
||||
eckey_debug,
|
||||
};
|
||||
|
||||
/*
|
||||
* EC key restricted to ECDH
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static int eckeydh_can_do( pk_type_t type )
|
||||
{
|
||||
return( type == POLARSSL_PK_ECKEY ||
|
||||
type == POLARSSL_PK_ECKEY_DH );
|
||||
}
|
||||
|
||||
SSL_ROM_DATA_SECTION
|
||||
const pk_info_t eckeydh_info = {
|
||||
POLARSSL_PK_ECKEY_DH,
|
||||
"EC_DH",
|
||||
eckey_get_size, /* Same underlying key structure */
|
||||
eckeydh_can_do,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
eckey_alloc_wrap, /* Same underlying key structure */
|
||||
eckey_free_wrap, /* Same underlying key structure */
|
||||
eckey_debug, /* Same underlying key structure */
|
||||
};
|
||||
#endif /* POLARSSL_ECP_C */
|
||||
|
||||
#if defined(POLARSSL_ECDSA_C)
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static int ecdsa_can_do( pk_type_t type )
|
||||
{
|
||||
return( type == POLARSSL_PK_ECDSA );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static int ecdsa_verify_wrap( void *ctx, md_type_t md_alg,
|
||||
const unsigned char *hash, size_t hash_len,
|
||||
const unsigned char *sig, size_t sig_len )
|
||||
{
|
||||
int ret;
|
||||
((void) md_alg);
|
||||
|
||||
ret = ecdsa_read_signature( (ecdsa_context *) ctx,
|
||||
hash, hash_len, sig, sig_len );
|
||||
|
||||
if( ret == POLARSSL_ERR_ECP_SIG_LEN_MISMATCH )
|
||||
return( POLARSSL_ERR_PK_SIG_LEN_MISMATCH );
|
||||
|
||||
return( ret );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static int ecdsa_sign_wrap( void *ctx, md_type_t md_alg,
|
||||
const unsigned char *hash, size_t hash_len,
|
||||
unsigned char *sig, size_t *sig_len,
|
||||
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
|
||||
{
|
||||
/* Use deterministic ECDSA by default if available */
|
||||
#if defined(POLARSSL_ECDSA_DETERMINISTIC)
|
||||
((void) f_rng);
|
||||
((void) p_rng);
|
||||
|
||||
return( ecdsa_write_signature_det( (ecdsa_context *) ctx,
|
||||
hash, hash_len, sig, sig_len, md_alg ) );
|
||||
#else
|
||||
((void) md_alg);
|
||||
|
||||
return( ecdsa_write_signature( (ecdsa_context *) ctx,
|
||||
hash, hash_len, sig, sig_len, f_rng, p_rng ) );
|
||||
#endif /* POLARSSL_ECDSA_DETERMINISTIC */
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static void *ecdsa_alloc_wrap( void )
|
||||
{
|
||||
void *ctx = polarssl_malloc( sizeof( ecdsa_context ) );
|
||||
|
||||
if( ctx != NULL )
|
||||
ecdsa_init( (ecdsa_context *) ctx );
|
||||
|
||||
return( ctx );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static void ecdsa_free_wrap( void *ctx )
|
||||
{
|
||||
ecdsa_free( (ecdsa_context *) ctx );
|
||||
polarssl_free( ctx );
|
||||
}
|
||||
|
||||
SSL_ROM_DATA_SECTION
|
||||
const pk_info_t ecdsa_info = {
|
||||
POLARSSL_PK_ECDSA,
|
||||
"ECDSA",
|
||||
eckey_get_size, /* Compatible key structures */
|
||||
ecdsa_can_do,
|
||||
ecdsa_verify_wrap,
|
||||
ecdsa_sign_wrap,
|
||||
NULL,
|
||||
NULL,
|
||||
ecdsa_alloc_wrap,
|
||||
ecdsa_free_wrap,
|
||||
eckey_debug, /* Compatible key structures */
|
||||
};
|
||||
#endif /* POLARSSL_ECDSA_C */
|
||||
|
||||
/*
|
||||
* Support for alternative RSA-private implementations
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static int rsa_alt_can_do( pk_type_t type )
|
||||
{
|
||||
return( type == POLARSSL_PK_RSA );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static size_t rsa_alt_get_size( const void *ctx )
|
||||
{
|
||||
const rsa_alt_context *rsa_alt = (const rsa_alt_context *) ctx;
|
||||
|
||||
return( 8 * rsa_alt->key_len_func( rsa_alt->key ) );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static int rsa_alt_sign_wrap( void *ctx, md_type_t md_alg,
|
||||
const unsigned char *hash, size_t hash_len,
|
||||
unsigned char *sig, size_t *sig_len,
|
||||
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
|
||||
{
|
||||
rsa_alt_context *rsa_alt = (rsa_alt_context *) ctx;
|
||||
|
||||
*sig_len = rsa_alt->key_len_func( rsa_alt->key );
|
||||
|
||||
return( rsa_alt->sign_func( rsa_alt->key, f_rng, p_rng, RSA_PRIVATE,
|
||||
md_alg, (unsigned int) hash_len, hash, sig ) );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static int rsa_alt_decrypt_wrap( void *ctx,
|
||||
const unsigned char *input, size_t ilen,
|
||||
unsigned char *output, size_t *olen, size_t osize,
|
||||
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
|
||||
{
|
||||
rsa_alt_context *rsa_alt = (rsa_alt_context *) ctx;
|
||||
|
||||
((void) f_rng);
|
||||
((void) p_rng);
|
||||
|
||||
if( ilen != rsa_alt->key_len_func( rsa_alt->key ) )
|
||||
return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
|
||||
|
||||
return( rsa_alt->decrypt_func( rsa_alt->key,
|
||||
RSA_PRIVATE, olen, input, output, osize ) );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static void *rsa_alt_alloc_wrap( void )
|
||||
{
|
||||
void *ctx = polarssl_malloc( sizeof( rsa_alt_context ) );
|
||||
|
||||
if( ctx != NULL )
|
||||
memset( ctx, 0, sizeof( rsa_alt_context ) );
|
||||
|
||||
return( ctx );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static void rsa_alt_free_wrap( void *ctx )
|
||||
{
|
||||
polarssl_zeroize( ctx, sizeof( rsa_alt_context ) );
|
||||
polarssl_free( ctx );
|
||||
}
|
||||
|
||||
SSL_ROM_DATA_SECTION
|
||||
const pk_info_t rsa_alt_info = {
|
||||
POLARSSL_PK_RSA_ALT,
|
||||
"RSA-alt",
|
||||
rsa_alt_get_size,
|
||||
rsa_alt_can_do,
|
||||
NULL,
|
||||
rsa_alt_sign_wrap,
|
||||
rsa_alt_decrypt_wrap,
|
||||
NULL,
|
||||
rsa_alt_alloc_wrap,
|
||||
rsa_alt_free_wrap,
|
||||
NULL,
|
||||
};
|
||||
|
||||
#endif /* POLARSSL_PK_C */
|
||||
|
|
@ -0,0 +1,366 @@
|
|||
/*
|
||||
* Public Key layer for writing key files and structures
|
||||
*
|
||||
* Copyright (C) 2006-2014, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#include "polarssl/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PK_WRITE_C)
|
||||
|
||||
#include "polarssl/pk.h"
|
||||
#include "polarssl/asn1write.h"
|
||||
#include "polarssl/oid.h"
|
||||
|
||||
#if defined(POLARSSL_RSA_C)
|
||||
#include "polarssl/rsa.h"
|
||||
#endif
|
||||
#if defined(POLARSSL_ECP_C)
|
||||
#include "polarssl/ecp.h"
|
||||
#endif
|
||||
#if defined(POLARSSL_ECDSA_C)
|
||||
#include "polarssl/ecdsa.h"
|
||||
#endif
|
||||
#if defined(POLARSSL_PEM_WRITE_C)
|
||||
#include "polarssl/pem.h"
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#include "polarssl/platform.h"
|
||||
#else
|
||||
#include <stdlib.h>
|
||||
#define polarssl_malloc malloc
|
||||
#define polarssl_free free
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_RSA_C)
|
||||
/*
|
||||
* RSAPublicKey ::= SEQUENCE {
|
||||
* modulus INTEGER, -- n
|
||||
* publicExponent INTEGER -- e
|
||||
* }
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static int pk_write_rsa_pubkey( unsigned char **p, unsigned char *start,
|
||||
rsa_context *rsa )
|
||||
{
|
||||
int ret;
|
||||
size_t len = 0;
|
||||
|
||||
ASN1_CHK_ADD( len, asn1_write_mpi( p, start, &rsa->E ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_mpi( p, start, &rsa->N ) );
|
||||
|
||||
ASN1_CHK_ADD( len, asn1_write_len( p, start, len ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_tag( p, start, ASN1_CONSTRUCTED |
|
||||
ASN1_SEQUENCE ) );
|
||||
|
||||
return( (int) len );
|
||||
}
|
||||
#endif /* POLARSSL_RSA_C */
|
||||
|
||||
#if defined(POLARSSL_ECP_C)
|
||||
/*
|
||||
* EC public key is an EC point
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static int pk_write_ec_pubkey( unsigned char **p, unsigned char *start,
|
||||
ecp_keypair *ec )
|
||||
{
|
||||
int ret;
|
||||
size_t len = 0;
|
||||
unsigned char buf[POLARSSL_ECP_MAX_PT_LEN];
|
||||
|
||||
if( ( ret = ecp_point_write_binary( &ec->grp, &ec->Q,
|
||||
POLARSSL_ECP_PF_UNCOMPRESSED,
|
||||
&len, buf, sizeof( buf ) ) ) != 0 )
|
||||
{
|
||||
return( ret );
|
||||
}
|
||||
|
||||
if( *p - start < (int) len )
|
||||
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
|
||||
|
||||
*p -= len;
|
||||
memcpy( *p, buf, len );
|
||||
|
||||
return( (int) len );
|
||||
}
|
||||
|
||||
/*
|
||||
* ECParameters ::= CHOICE {
|
||||
* namedCurve OBJECT IDENTIFIER
|
||||
* }
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static int pk_write_ec_param( unsigned char **p, unsigned char *start,
|
||||
ecp_keypair *ec )
|
||||
{
|
||||
int ret;
|
||||
size_t len = 0;
|
||||
const char *oid;
|
||||
size_t oid_len;
|
||||
|
||||
if( ( ret = oid_get_oid_by_ec_grp( ec->grp.id, &oid, &oid_len ) ) != 0 )
|
||||
return( ret );
|
||||
|
||||
ASN1_CHK_ADD( len, asn1_write_oid( p, start, oid, oid_len ) );
|
||||
|
||||
return( (int) len );
|
||||
}
|
||||
#endif /* POLARSSL_ECP_C */
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int pk_write_pubkey( unsigned char **p, unsigned char *start,
|
||||
const pk_context *key )
|
||||
{
|
||||
int ret;
|
||||
size_t len = 0;
|
||||
|
||||
#if defined(POLARSSL_RSA_C)
|
||||
if( pk_get_type( key ) == POLARSSL_PK_RSA )
|
||||
ASN1_CHK_ADD( len, pk_write_rsa_pubkey( p, start, pk_rsa( *key ) ) );
|
||||
else
|
||||
#endif
|
||||
#if defined(POLARSSL_ECP_C)
|
||||
if( pk_get_type( key ) == POLARSSL_PK_ECKEY )
|
||||
ASN1_CHK_ADD( len, pk_write_ec_pubkey( p, start, pk_ec( *key ) ) );
|
||||
else
|
||||
#endif
|
||||
return( POLARSSL_ERR_PK_FEATURE_UNAVAILABLE );
|
||||
|
||||
return( (int) len );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int pk_write_pubkey_der( pk_context *key, unsigned char *buf, size_t size )
|
||||
{
|
||||
int ret;
|
||||
unsigned char *c;
|
||||
size_t len = 0, par_len = 0, oid_len;
|
||||
const char *oid;
|
||||
|
||||
c = buf + size;
|
||||
|
||||
ASN1_CHK_ADD( len, pk_write_pubkey( &c, buf, key ) );
|
||||
|
||||
if( c - buf < 1 )
|
||||
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
|
||||
|
||||
/*
|
||||
* SubjectPublicKeyInfo ::= SEQUENCE {
|
||||
* algorithm AlgorithmIdentifier,
|
||||
* subjectPublicKey BIT STRING }
|
||||
*/
|
||||
*--c = 0;
|
||||
len += 1;
|
||||
|
||||
ASN1_CHK_ADD( len, asn1_write_len( &c, buf, len ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_tag( &c, buf, ASN1_BIT_STRING ) );
|
||||
|
||||
if( ( ret = oid_get_oid_by_pk_alg( pk_get_type( key ),
|
||||
&oid, &oid_len ) ) != 0 )
|
||||
{
|
||||
return( ret );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_ECP_C)
|
||||
if( pk_get_type( key ) == POLARSSL_PK_ECKEY )
|
||||
{
|
||||
ASN1_CHK_ADD( par_len, pk_write_ec_param( &c, buf, pk_ec( *key ) ) );
|
||||
}
|
||||
#endif
|
||||
|
||||
ASN1_CHK_ADD( len, asn1_write_algorithm_identifier( &c, buf, oid, oid_len,
|
||||
par_len ) );
|
||||
|
||||
ASN1_CHK_ADD( len, asn1_write_len( &c, buf, len ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_tag( &c, buf, ASN1_CONSTRUCTED |
|
||||
ASN1_SEQUENCE ) );
|
||||
|
||||
return( (int) len );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int pk_write_key_der( pk_context *key, unsigned char *buf, size_t size )
|
||||
{
|
||||
int ret;
|
||||
unsigned char *c = buf + size;
|
||||
size_t len = 0;
|
||||
|
||||
#if defined(POLARSSL_RSA_C)
|
||||
if( pk_get_type( key ) == POLARSSL_PK_RSA )
|
||||
{
|
||||
rsa_context *rsa = pk_rsa( *key );
|
||||
|
||||
ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->QP ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->DQ ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->DP ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->Q ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->P ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->D ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->E ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &rsa->N ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_int( &c, buf, 0 ) );
|
||||
|
||||
ASN1_CHK_ADD( len, asn1_write_len( &c, buf, len ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_tag( &c, buf, ASN1_CONSTRUCTED |
|
||||
ASN1_SEQUENCE ) );
|
||||
}
|
||||
else
|
||||
#endif /* POLARSSL_RSA_C */
|
||||
#if defined(POLARSSL_ECP_C)
|
||||
if( pk_get_type( key ) == POLARSSL_PK_ECKEY )
|
||||
{
|
||||
ecp_keypair *ec = pk_ec( *key );
|
||||
size_t pub_len = 0, par_len = 0;
|
||||
|
||||
/*
|
||||
* RFC 5915, or SEC1 Appendix C.4
|
||||
*
|
||||
* ECPrivateKey ::= SEQUENCE {
|
||||
* version INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
|
||||
* privateKey OCTET STRING,
|
||||
* parameters [0] ECParameters {{ NamedCurve }} OPTIONAL,
|
||||
* publicKey [1] BIT STRING OPTIONAL
|
||||
* }
|
||||
*/
|
||||
|
||||
/* publicKey */
|
||||
ASN1_CHK_ADD( pub_len, pk_write_ec_pubkey( &c, buf, ec ) );
|
||||
|
||||
if( c - buf < 1 )
|
||||
return( POLARSSL_ERR_ASN1_BUF_TOO_SMALL );
|
||||
*--c = 0;
|
||||
pub_len += 1;
|
||||
|
||||
ASN1_CHK_ADD( pub_len, asn1_write_len( &c, buf, pub_len ) );
|
||||
ASN1_CHK_ADD( pub_len, asn1_write_tag( &c, buf, ASN1_BIT_STRING ) );
|
||||
|
||||
ASN1_CHK_ADD( pub_len, asn1_write_len( &c, buf, pub_len ) );
|
||||
ASN1_CHK_ADD( pub_len, asn1_write_tag( &c, buf,
|
||||
ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 1 ) );
|
||||
len += pub_len;
|
||||
|
||||
/* parameters */
|
||||
ASN1_CHK_ADD( par_len, pk_write_ec_param( &c, buf, ec ) );
|
||||
|
||||
ASN1_CHK_ADD( par_len, asn1_write_len( &c, buf, par_len ) );
|
||||
ASN1_CHK_ADD( par_len, asn1_write_tag( &c, buf,
|
||||
ASN1_CONTEXT_SPECIFIC | ASN1_CONSTRUCTED | 0 ) );
|
||||
len += par_len;
|
||||
|
||||
/* privateKey: write as MPI then fix tag */
|
||||
ASN1_CHK_ADD( len, asn1_write_mpi( &c, buf, &ec->d ) );
|
||||
*c = ASN1_OCTET_STRING;
|
||||
|
||||
/* version */
|
||||
ASN1_CHK_ADD( len, asn1_write_int( &c, buf, 1 ) );
|
||||
|
||||
ASN1_CHK_ADD( len, asn1_write_len( &c, buf, len ) );
|
||||
ASN1_CHK_ADD( len, asn1_write_tag( &c, buf, ASN1_CONSTRUCTED |
|
||||
ASN1_SEQUENCE ) );
|
||||
}
|
||||
else
|
||||
#endif /* POLARSSL_ECP_C */
|
||||
return( POLARSSL_ERR_PK_FEATURE_UNAVAILABLE );
|
||||
|
||||
return( (int) len );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_PEM_WRITE_C)
|
||||
|
||||
#define PEM_BEGIN_PUBLIC_KEY "-----BEGIN PUBLIC KEY-----\n"
|
||||
#define PEM_END_PUBLIC_KEY "-----END PUBLIC KEY-----\n"
|
||||
|
||||
#define PEM_BEGIN_PRIVATE_KEY_RSA "-----BEGIN RSA PRIVATE KEY-----\n"
|
||||
#define PEM_END_PRIVATE_KEY_RSA "-----END RSA PRIVATE KEY-----\n"
|
||||
#define PEM_BEGIN_PRIVATE_KEY_EC "-----BEGIN EC PRIVATE KEY-----\n"
|
||||
#define PEM_END_PRIVATE_KEY_EC "-----END EC PRIVATE KEY-----\n"
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int pk_write_pubkey_pem( pk_context *key, unsigned char *buf, size_t size )
|
||||
{
|
||||
int ret;
|
||||
unsigned char output_buf[4096];
|
||||
size_t olen = 0;
|
||||
|
||||
if( ( ret = pk_write_pubkey_der( key, output_buf,
|
||||
sizeof(output_buf) ) ) < 0 )
|
||||
{
|
||||
return( ret );
|
||||
}
|
||||
|
||||
if( ( ret = pem_write_buffer( PEM_BEGIN_PUBLIC_KEY, PEM_END_PUBLIC_KEY,
|
||||
output_buf + sizeof(output_buf) - ret,
|
||||
ret, buf, size, &olen ) ) != 0 )
|
||||
{
|
||||
return( ret );
|
||||
}
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int pk_write_key_pem( pk_context *key, unsigned char *buf, size_t size )
|
||||
{
|
||||
int ret;
|
||||
unsigned char output_buf[4096];
|
||||
const char *begin, *end;
|
||||
size_t olen = 0;
|
||||
|
||||
if( ( ret = pk_write_key_der( key, output_buf, sizeof(output_buf) ) ) < 0 )
|
||||
return( ret );
|
||||
|
||||
#if defined(POLARSSL_RSA_C)
|
||||
if( pk_get_type( key ) == POLARSSL_PK_RSA )
|
||||
{
|
||||
begin = PEM_BEGIN_PRIVATE_KEY_RSA;
|
||||
end = PEM_END_PRIVATE_KEY_RSA;
|
||||
}
|
||||
else
|
||||
#endif
|
||||
#if defined(POLARSSL_ECP_C)
|
||||
if( pk_get_type( key ) == POLARSSL_PK_ECKEY )
|
||||
{
|
||||
begin = PEM_BEGIN_PRIVATE_KEY_EC;
|
||||
end = PEM_END_PRIVATE_KEY_EC;
|
||||
}
|
||||
else
|
||||
#endif
|
||||
return( POLARSSL_ERR_PK_FEATURE_UNAVAILABLE );
|
||||
|
||||
if( ( ret = pem_write_buffer( begin, end,
|
||||
output_buf + sizeof(output_buf) - ret,
|
||||
ret, buf, size, &olen ) ) != 0 )
|
||||
{
|
||||
return( ret );
|
||||
}
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
#endif /* POLARSSL_PEM_WRITE_C */
|
||||
|
||||
#endif /* POLARSSL_PK_WRITE_C */
|
||||
1689
component/common/network/ssl/polarssl-1.3.8/library/rom/rsa.c
Normal file
1689
component/common/network/ssl/polarssl-1.3.8/library/rom/rsa.c
Normal file
File diff suppressed because it is too large
Load diff
676
component/common/network/ssl/polarssl-1.3.8/library/rom/sha1.c
Normal file
676
component/common/network/ssl/polarssl-1.3.8/library/rom/sha1.c
Normal file
|
|
@ -0,0 +1,676 @@
|
|||
/*
|
||||
* FIPS-180-1 compliant SHA-1 implementation
|
||||
*
|
||||
* Copyright (C) 2006-2014, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
/*
|
||||
* The SHA-1 standard was published by NIST in 1993.
|
||||
*
|
||||
* http://www.itl.nist.gov/fipspubs/fip180-1.htm
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#include "polarssl/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_SHA1_C)
|
||||
|
||||
#include "polarssl/sha1.h"
|
||||
|
||||
#if defined(POLARSSL_FS_IO) || defined(POLARSSL_SELF_TEST)
|
||||
#include <stdio.h>
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#include "polarssl/platform.h"
|
||||
#else
|
||||
#define polarssl_printf printf
|
||||
#endif
|
||||
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static void polarssl_zeroize( void *v, size_t n ) {
|
||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||
}
|
||||
|
||||
#if !defined(POLARSSL_SHA1_ALT)
|
||||
|
||||
/*
|
||||
* 32-bit integer manipulation macros (big endian)
|
||||
*/
|
||||
#ifndef GET_UINT32_BE
|
||||
#define GET_UINT32_BE(n,b,i) \
|
||||
{ \
|
||||
(n) = ( (uint32_t) (b)[(i) ] << 24 ) \
|
||||
| ( (uint32_t) (b)[(i) + 1] << 16 ) \
|
||||
| ( (uint32_t) (b)[(i) + 2] << 8 ) \
|
||||
| ( (uint32_t) (b)[(i) + 3] ); \
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifndef PUT_UINT32_BE
|
||||
#define PUT_UINT32_BE(n,b,i) \
|
||||
{ \
|
||||
(b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
|
||||
(b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
|
||||
(b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
|
||||
(b)[(i) + 3] = (unsigned char) ( (n) ); \
|
||||
}
|
||||
#endif
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void sha1_init( sha1_context *ctx )
|
||||
{
|
||||
memset( ctx, 0, sizeof( sha1_context ) );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void sha1_free( sha1_context *ctx )
|
||||
{
|
||||
if( ctx == NULL )
|
||||
return;
|
||||
|
||||
polarssl_zeroize( ctx, sizeof( sha1_context ) );
|
||||
}
|
||||
|
||||
/*
|
||||
* SHA-1 context setup
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void sha1_starts( sha1_context *ctx )
|
||||
{
|
||||
ctx->total[0] = 0;
|
||||
ctx->total[1] = 0;
|
||||
|
||||
ctx->state[0] = 0x67452301;
|
||||
ctx->state[1] = 0xEFCDAB89;
|
||||
ctx->state[2] = 0x98BADCFE;
|
||||
ctx->state[3] = 0x10325476;
|
||||
ctx->state[4] = 0xC3D2E1F0;
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void sha1_process( sha1_context *ctx, const unsigned char data[64] )
|
||||
{
|
||||
uint32_t temp, W[16], A, B, C, D, E;
|
||||
|
||||
GET_UINT32_BE( W[ 0], data, 0 );
|
||||
GET_UINT32_BE( W[ 1], data, 4 );
|
||||
GET_UINT32_BE( W[ 2], data, 8 );
|
||||
GET_UINT32_BE( W[ 3], data, 12 );
|
||||
GET_UINT32_BE( W[ 4], data, 16 );
|
||||
GET_UINT32_BE( W[ 5], data, 20 );
|
||||
GET_UINT32_BE( W[ 6], data, 24 );
|
||||
GET_UINT32_BE( W[ 7], data, 28 );
|
||||
GET_UINT32_BE( W[ 8], data, 32 );
|
||||
GET_UINT32_BE( W[ 9], data, 36 );
|
||||
GET_UINT32_BE( W[10], data, 40 );
|
||||
GET_UINT32_BE( W[11], data, 44 );
|
||||
GET_UINT32_BE( W[12], data, 48 );
|
||||
GET_UINT32_BE( W[13], data, 52 );
|
||||
GET_UINT32_BE( W[14], data, 56 );
|
||||
GET_UINT32_BE( W[15], data, 60 );
|
||||
|
||||
#define S(x,n) ((x << n) | ((x & 0xFFFFFFFF) >> (32 - n)))
|
||||
|
||||
#define R(t) \
|
||||
( \
|
||||
temp = W[( t - 3 ) & 0x0F] ^ W[( t - 8 ) & 0x0F] ^ \
|
||||
W[( t - 14 ) & 0x0F] ^ W[ t & 0x0F], \
|
||||
( W[t & 0x0F] = S(temp,1) ) \
|
||||
)
|
||||
|
||||
#define P(a,b,c,d,e,x) \
|
||||
{ \
|
||||
e += S(a,5) + F(b,c,d) + K + x; b = S(b,30); \
|
||||
}
|
||||
|
||||
A = ctx->state[0];
|
||||
B = ctx->state[1];
|
||||
C = ctx->state[2];
|
||||
D = ctx->state[3];
|
||||
E = ctx->state[4];
|
||||
|
||||
#define F(x,y,z) (z ^ (x & (y ^ z)))
|
||||
#define K 0x5A827999
|
||||
|
||||
P( A, B, C, D, E, W[0] );
|
||||
P( E, A, B, C, D, W[1] );
|
||||
P( D, E, A, B, C, W[2] );
|
||||
P( C, D, E, A, B, W[3] );
|
||||
P( B, C, D, E, A, W[4] );
|
||||
P( A, B, C, D, E, W[5] );
|
||||
P( E, A, B, C, D, W[6] );
|
||||
P( D, E, A, B, C, W[7] );
|
||||
P( C, D, E, A, B, W[8] );
|
||||
P( B, C, D, E, A, W[9] );
|
||||
P( A, B, C, D, E, W[10] );
|
||||
P( E, A, B, C, D, W[11] );
|
||||
P( D, E, A, B, C, W[12] );
|
||||
P( C, D, E, A, B, W[13] );
|
||||
P( B, C, D, E, A, W[14] );
|
||||
P( A, B, C, D, E, W[15] );
|
||||
P( E, A, B, C, D, R(16) );
|
||||
P( D, E, A, B, C, R(17) );
|
||||
P( C, D, E, A, B, R(18) );
|
||||
P( B, C, D, E, A, R(19) );
|
||||
|
||||
#undef K
|
||||
#undef F
|
||||
|
||||
#define F(x,y,z) (x ^ y ^ z)
|
||||
#define K 0x6ED9EBA1
|
||||
|
||||
P( A, B, C, D, E, R(20) );
|
||||
P( E, A, B, C, D, R(21) );
|
||||
P( D, E, A, B, C, R(22) );
|
||||
P( C, D, E, A, B, R(23) );
|
||||
P( B, C, D, E, A, R(24) );
|
||||
P( A, B, C, D, E, R(25) );
|
||||
P( E, A, B, C, D, R(26) );
|
||||
P( D, E, A, B, C, R(27) );
|
||||
P( C, D, E, A, B, R(28) );
|
||||
P( B, C, D, E, A, R(29) );
|
||||
P( A, B, C, D, E, R(30) );
|
||||
P( E, A, B, C, D, R(31) );
|
||||
P( D, E, A, B, C, R(32) );
|
||||
P( C, D, E, A, B, R(33) );
|
||||
P( B, C, D, E, A, R(34) );
|
||||
P( A, B, C, D, E, R(35) );
|
||||
P( E, A, B, C, D, R(36) );
|
||||
P( D, E, A, B, C, R(37) );
|
||||
P( C, D, E, A, B, R(38) );
|
||||
P( B, C, D, E, A, R(39) );
|
||||
|
||||
#undef K
|
||||
#undef F
|
||||
|
||||
#define F(x,y,z) ((x & y) | (z & (x | y)))
|
||||
#define K 0x8F1BBCDC
|
||||
|
||||
P( A, B, C, D, E, R(40) );
|
||||
P( E, A, B, C, D, R(41) );
|
||||
P( D, E, A, B, C, R(42) );
|
||||
P( C, D, E, A, B, R(43) );
|
||||
P( B, C, D, E, A, R(44) );
|
||||
P( A, B, C, D, E, R(45) );
|
||||
P( E, A, B, C, D, R(46) );
|
||||
P( D, E, A, B, C, R(47) );
|
||||
P( C, D, E, A, B, R(48) );
|
||||
P( B, C, D, E, A, R(49) );
|
||||
P( A, B, C, D, E, R(50) );
|
||||
P( E, A, B, C, D, R(51) );
|
||||
P( D, E, A, B, C, R(52) );
|
||||
P( C, D, E, A, B, R(53) );
|
||||
P( B, C, D, E, A, R(54) );
|
||||
P( A, B, C, D, E, R(55) );
|
||||
P( E, A, B, C, D, R(56) );
|
||||
P( D, E, A, B, C, R(57) );
|
||||
P( C, D, E, A, B, R(58) );
|
||||
P( B, C, D, E, A, R(59) );
|
||||
|
||||
#undef K
|
||||
#undef F
|
||||
|
||||
#define F(x,y,z) (x ^ y ^ z)
|
||||
#define K 0xCA62C1D6
|
||||
|
||||
P( A, B, C, D, E, R(60) );
|
||||
P( E, A, B, C, D, R(61) );
|
||||
P( D, E, A, B, C, R(62) );
|
||||
P( C, D, E, A, B, R(63) );
|
||||
P( B, C, D, E, A, R(64) );
|
||||
P( A, B, C, D, E, R(65) );
|
||||
P( E, A, B, C, D, R(66) );
|
||||
P( D, E, A, B, C, R(67) );
|
||||
P( C, D, E, A, B, R(68) );
|
||||
P( B, C, D, E, A, R(69) );
|
||||
P( A, B, C, D, E, R(70) );
|
||||
P( E, A, B, C, D, R(71) );
|
||||
P( D, E, A, B, C, R(72) );
|
||||
P( C, D, E, A, B, R(73) );
|
||||
P( B, C, D, E, A, R(74) );
|
||||
P( A, B, C, D, E, R(75) );
|
||||
P( E, A, B, C, D, R(76) );
|
||||
P( D, E, A, B, C, R(77) );
|
||||
P( C, D, E, A, B, R(78) );
|
||||
P( B, C, D, E, A, R(79) );
|
||||
|
||||
#undef K
|
||||
#undef F
|
||||
|
||||
ctx->state[0] += A;
|
||||
ctx->state[1] += B;
|
||||
ctx->state[2] += C;
|
||||
ctx->state[3] += D;
|
||||
ctx->state[4] += E;
|
||||
}
|
||||
|
||||
/*
|
||||
* SHA-1 process buffer
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void sha1_update( sha1_context *ctx, const unsigned char *input, size_t ilen )
|
||||
{
|
||||
size_t fill;
|
||||
uint32_t left;
|
||||
|
||||
if( ilen == 0 )
|
||||
return;
|
||||
|
||||
left = ctx->total[0] & 0x3F;
|
||||
fill = 64 - left;
|
||||
|
||||
ctx->total[0] += (uint32_t) ilen;
|
||||
ctx->total[0] &= 0xFFFFFFFF;
|
||||
|
||||
if( ctx->total[0] < (uint32_t) ilen )
|
||||
ctx->total[1]++;
|
||||
|
||||
if( left && ilen >= fill )
|
||||
{
|
||||
memcpy( (void *) (ctx->buffer + left), input, fill );
|
||||
sha1_process( ctx, ctx->buffer );
|
||||
input += fill;
|
||||
ilen -= fill;
|
||||
left = 0;
|
||||
}
|
||||
|
||||
while( ilen >= 64 )
|
||||
{
|
||||
sha1_process( ctx, input );
|
||||
input += 64;
|
||||
ilen -= 64;
|
||||
}
|
||||
|
||||
if( ilen > 0 )
|
||||
memcpy( (void *) (ctx->buffer + left), input, ilen );
|
||||
}
|
||||
|
||||
SSL_ROM_DATA_SECTION
|
||||
static const unsigned char sha1_padding[64] =
|
||||
{
|
||||
0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
|
||||
};
|
||||
|
||||
/*
|
||||
* SHA-1 final digest
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void sha1_finish( sha1_context *ctx, unsigned char output[20] )
|
||||
{
|
||||
uint32_t last, padn;
|
||||
uint32_t high, low;
|
||||
unsigned char msglen[8];
|
||||
|
||||
high = ( ctx->total[0] >> 29 )
|
||||
| ( ctx->total[1] << 3 );
|
||||
low = ( ctx->total[0] << 3 );
|
||||
|
||||
PUT_UINT32_BE( high, msglen, 0 );
|
||||
PUT_UINT32_BE( low, msglen, 4 );
|
||||
|
||||
last = ctx->total[0] & 0x3F;
|
||||
padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
|
||||
|
||||
sha1_update( ctx, sha1_padding, padn );
|
||||
sha1_update( ctx, msglen, 8 );
|
||||
|
||||
PUT_UINT32_BE( ctx->state[0], output, 0 );
|
||||
PUT_UINT32_BE( ctx->state[1], output, 4 );
|
||||
PUT_UINT32_BE( ctx->state[2], output, 8 );
|
||||
PUT_UINT32_BE( ctx->state[3], output, 12 );
|
||||
PUT_UINT32_BE( ctx->state[4], output, 16 );
|
||||
}
|
||||
|
||||
#endif /* !POLARSSL_SHA1_ALT */
|
||||
|
||||
/*
|
||||
* output = SHA-1( input buffer )
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void sha1( const unsigned char *input, size_t ilen, unsigned char output[20] )
|
||||
{
|
||||
sha1_context ctx;
|
||||
|
||||
sha1_init( &ctx );
|
||||
sha1_starts( &ctx );
|
||||
sha1_update( &ctx, input, ilen );
|
||||
sha1_finish( &ctx, output );
|
||||
sha1_free( &ctx );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
/*
|
||||
* output = SHA-1( file contents )
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int sha1_file( const char *path, unsigned char output[20] )
|
||||
{
|
||||
FILE *f;
|
||||
size_t n;
|
||||
sha1_context ctx;
|
||||
unsigned char buf[1024];
|
||||
|
||||
if( ( f = fopen( path, "rb" ) ) == NULL )
|
||||
return( POLARSSL_ERR_SHA1_FILE_IO_ERROR );
|
||||
|
||||
sha1_init( &ctx );
|
||||
sha1_starts( &ctx );
|
||||
|
||||
while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
|
||||
sha1_update( &ctx, buf, n );
|
||||
|
||||
sha1_finish( &ctx, output );
|
||||
sha1_free( &ctx );
|
||||
|
||||
if( ferror( f ) != 0 )
|
||||
{
|
||||
fclose( f );
|
||||
return( POLARSSL_ERR_SHA1_FILE_IO_ERROR );
|
||||
}
|
||||
|
||||
fclose( f );
|
||||
return( 0 );
|
||||
}
|
||||
#endif /* POLARSSL_FS_IO */
|
||||
|
||||
/*
|
||||
* SHA-1 HMAC context setup
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void sha1_hmac_starts( sha1_context *ctx, const unsigned char *key,
|
||||
size_t keylen )
|
||||
{
|
||||
size_t i;
|
||||
unsigned char sum[20];
|
||||
|
||||
if( keylen > 64 )
|
||||
{
|
||||
sha1( key, keylen, sum );
|
||||
keylen = 20;
|
||||
key = sum;
|
||||
}
|
||||
|
||||
memset( ctx->ipad, 0x36, 64 );
|
||||
memset( ctx->opad, 0x5C, 64 );
|
||||
|
||||
for( i = 0; i < keylen; i++ )
|
||||
{
|
||||
ctx->ipad[i] = (unsigned char)( ctx->ipad[i] ^ key[i] );
|
||||
ctx->opad[i] = (unsigned char)( ctx->opad[i] ^ key[i] );
|
||||
}
|
||||
|
||||
sha1_starts( ctx );
|
||||
sha1_update( ctx, ctx->ipad, 64 );
|
||||
|
||||
polarssl_zeroize( sum, sizeof( sum ) );
|
||||
}
|
||||
|
||||
/*
|
||||
* SHA-1 HMAC process buffer
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void sha1_hmac_update( sha1_context *ctx, const unsigned char *input,
|
||||
size_t ilen )
|
||||
{
|
||||
sha1_update( ctx, input, ilen );
|
||||
}
|
||||
|
||||
/*
|
||||
* SHA-1 HMAC final digest
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void sha1_hmac_finish( sha1_context *ctx, unsigned char output[20] )
|
||||
{
|
||||
unsigned char tmpbuf[20];
|
||||
|
||||
sha1_finish( ctx, tmpbuf );
|
||||
sha1_starts( ctx );
|
||||
sha1_update( ctx, ctx->opad, 64 );
|
||||
sha1_update( ctx, tmpbuf, 20 );
|
||||
sha1_finish( ctx, output );
|
||||
|
||||
polarssl_zeroize( tmpbuf, sizeof( tmpbuf ) );
|
||||
}
|
||||
|
||||
/*
|
||||
* SHA1 HMAC context reset
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void sha1_hmac_reset( sha1_context *ctx )
|
||||
{
|
||||
sha1_starts( ctx );
|
||||
sha1_update( ctx, ctx->ipad, 64 );
|
||||
}
|
||||
|
||||
/*
|
||||
* output = HMAC-SHA-1( hmac key, input buffer )
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void sha1_hmac( const unsigned char *key, size_t keylen,
|
||||
const unsigned char *input, size_t ilen,
|
||||
unsigned char output[20] )
|
||||
{
|
||||
sha1_context ctx;
|
||||
|
||||
sha1_init( &ctx );
|
||||
sha1_hmac_starts( &ctx, key, keylen );
|
||||
sha1_hmac_update( &ctx, input, ilen );
|
||||
sha1_hmac_finish( &ctx, output );
|
||||
sha1_free( &ctx );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_SELF_TEST)
|
||||
/*
|
||||
* FIPS-180-1 test vectors
|
||||
*/
|
||||
static unsigned char sha1_test_buf[3][57] =
|
||||
{
|
||||
{ "abc" },
|
||||
{ "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" },
|
||||
{ "" }
|
||||
};
|
||||
|
||||
static const int sha1_test_buflen[3] =
|
||||
{
|
||||
3, 56, 1000
|
||||
};
|
||||
|
||||
static const unsigned char sha1_test_sum[3][20] =
|
||||
{
|
||||
{ 0xA9, 0x99, 0x3E, 0x36, 0x47, 0x06, 0x81, 0x6A, 0xBA, 0x3E,
|
||||
0x25, 0x71, 0x78, 0x50, 0xC2, 0x6C, 0x9C, 0xD0, 0xD8, 0x9D },
|
||||
{ 0x84, 0x98, 0x3E, 0x44, 0x1C, 0x3B, 0xD2, 0x6E, 0xBA, 0xAE,
|
||||
0x4A, 0xA1, 0xF9, 0x51, 0x29, 0xE5, 0xE5, 0x46, 0x70, 0xF1 },
|
||||
{ 0x34, 0xAA, 0x97, 0x3C, 0xD4, 0xC4, 0xDA, 0xA4, 0xF6, 0x1E,
|
||||
0xEB, 0x2B, 0xDB, 0xAD, 0x27, 0x31, 0x65, 0x34, 0x01, 0x6F }
|
||||
};
|
||||
|
||||
/*
|
||||
* RFC 2202 test vectors
|
||||
*/
|
||||
static unsigned char sha1_hmac_test_key[7][26] =
|
||||
{
|
||||
{ "\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B"
|
||||
"\x0B\x0B\x0B\x0B" },
|
||||
{ "Jefe" },
|
||||
{ "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
|
||||
"\xAA\xAA\xAA\xAA" },
|
||||
{ "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10"
|
||||
"\x11\x12\x13\x14\x15\x16\x17\x18\x19" },
|
||||
{ "\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C"
|
||||
"\x0C\x0C\x0C\x0C" },
|
||||
{ "" }, /* 0xAA 80 times */
|
||||
{ "" }
|
||||
};
|
||||
|
||||
static const int sha1_hmac_test_keylen[7] =
|
||||
{
|
||||
20, 4, 20, 25, 20, 80, 80
|
||||
};
|
||||
|
||||
static unsigned char sha1_hmac_test_buf[7][74] =
|
||||
{
|
||||
{ "Hi There" },
|
||||
{ "what do ya want for nothing?" },
|
||||
{ "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
|
||||
"\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
|
||||
"\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
|
||||
"\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
|
||||
"\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" },
|
||||
{ "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
|
||||
"\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
|
||||
"\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
|
||||
"\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
|
||||
"\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" },
|
||||
{ "Test With Truncation" },
|
||||
{ "Test Using Larger Than Block-Size Key - Hash Key First" },
|
||||
{ "Test Using Larger Than Block-Size Key and Larger"
|
||||
" Than One Block-Size Data" }
|
||||
};
|
||||
|
||||
static const int sha1_hmac_test_buflen[7] =
|
||||
{
|
||||
8, 28, 50, 50, 20, 54, 73
|
||||
};
|
||||
|
||||
static const unsigned char sha1_hmac_test_sum[7][20] =
|
||||
{
|
||||
{ 0xB6, 0x17, 0x31, 0x86, 0x55, 0x05, 0x72, 0x64, 0xE2, 0x8B,
|
||||
0xC0, 0xB6, 0xFB, 0x37, 0x8C, 0x8E, 0xF1, 0x46, 0xBE, 0x00 },
|
||||
{ 0xEF, 0xFC, 0xDF, 0x6A, 0xE5, 0xEB, 0x2F, 0xA2, 0xD2, 0x74,
|
||||
0x16, 0xD5, 0xF1, 0x84, 0xDF, 0x9C, 0x25, 0x9A, 0x7C, 0x79 },
|
||||
{ 0x12, 0x5D, 0x73, 0x42, 0xB9, 0xAC, 0x11, 0xCD, 0x91, 0xA3,
|
||||
0x9A, 0xF4, 0x8A, 0xA1, 0x7B, 0x4F, 0x63, 0xF1, 0x75, 0xD3 },
|
||||
{ 0x4C, 0x90, 0x07, 0xF4, 0x02, 0x62, 0x50, 0xC6, 0xBC, 0x84,
|
||||
0x14, 0xF9, 0xBF, 0x50, 0xC8, 0x6C, 0x2D, 0x72, 0x35, 0xDA },
|
||||
{ 0x4C, 0x1A, 0x03, 0x42, 0x4B, 0x55, 0xE0, 0x7F, 0xE7, 0xF2,
|
||||
0x7B, 0xE1 },
|
||||
{ 0xAA, 0x4A, 0xE5, 0xE1, 0x52, 0x72, 0xD0, 0x0E, 0x95, 0x70,
|
||||
0x56, 0x37, 0xCE, 0x8A, 0x3B, 0x55, 0xED, 0x40, 0x21, 0x12 },
|
||||
{ 0xE8, 0xE9, 0x9D, 0x0F, 0x45, 0x23, 0x7D, 0x78, 0x6D, 0x6B,
|
||||
0xBA, 0xA7, 0x96, 0x5C, 0x78, 0x08, 0xBB, 0xFF, 0x1A, 0x91 }
|
||||
};
|
||||
|
||||
/*
|
||||
* Checkup routine
|
||||
*/
|
||||
int sha1_self_test( int verbose )
|
||||
{
|
||||
int i, j, buflen, ret = 0;
|
||||
unsigned char buf[1024];
|
||||
unsigned char sha1sum[20];
|
||||
sha1_context ctx;
|
||||
|
||||
sha1_init( &ctx );
|
||||
|
||||
/*
|
||||
* SHA-1
|
||||
*/
|
||||
for( i = 0; i < 3; i++ )
|
||||
{
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( " SHA-1 test #%d: ", i + 1 );
|
||||
|
||||
sha1_starts( &ctx );
|
||||
|
||||
if( i == 2 )
|
||||
{
|
||||
memset( buf, 'a', buflen = 1000 );
|
||||
|
||||
for( j = 0; j < 1000; j++ )
|
||||
sha1_update( &ctx, buf, buflen );
|
||||
}
|
||||
else
|
||||
sha1_update( &ctx, sha1_test_buf[i],
|
||||
sha1_test_buflen[i] );
|
||||
|
||||
sha1_finish( &ctx, sha1sum );
|
||||
|
||||
if( memcmp( sha1sum, sha1_test_sum[i], 20 ) != 0 )
|
||||
{
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( "failed\n" );
|
||||
|
||||
ret = 1;
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( "passed\n" );
|
||||
}
|
||||
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( "\n" );
|
||||
|
||||
for( i = 0; i < 7; i++ )
|
||||
{
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( " HMAC-SHA-1 test #%d: ", i + 1 );
|
||||
|
||||
if( i == 5 || i == 6 )
|
||||
{
|
||||
memset( buf, '\xAA', buflen = 80 );
|
||||
sha1_hmac_starts( &ctx, buf, buflen );
|
||||
}
|
||||
else
|
||||
sha1_hmac_starts( &ctx, sha1_hmac_test_key[i],
|
||||
sha1_hmac_test_keylen[i] );
|
||||
|
||||
sha1_hmac_update( &ctx, sha1_hmac_test_buf[i],
|
||||
sha1_hmac_test_buflen[i] );
|
||||
|
||||
sha1_hmac_finish( &ctx, sha1sum );
|
||||
|
||||
buflen = ( i == 4 ) ? 12 : 20;
|
||||
|
||||
if( memcmp( sha1sum, sha1_hmac_test_sum[i], buflen ) != 0 )
|
||||
{
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( "failed\n" );
|
||||
|
||||
ret = 1;
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( "passed\n" );
|
||||
}
|
||||
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( "\n" );
|
||||
|
||||
exit:
|
||||
sha1_free( &ctx );
|
||||
|
||||
return( ret );
|
||||
}
|
||||
|
||||
#endif /* POLARSSL_SELF_TEST */
|
||||
|
||||
#endif /* POLARSSL_SHA1_C */
|
||||
757
component/common/network/ssl/polarssl-1.3.8/library/rom/sha256.c
Normal file
757
component/common/network/ssl/polarssl-1.3.8/library/rom/sha256.c
Normal file
|
|
@ -0,0 +1,757 @@
|
|||
/*
|
||||
* FIPS-180-2 compliant SHA-256 implementation
|
||||
*
|
||||
* Copyright (C) 2006-2014, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
/*
|
||||
* The SHA-256 Secure Hash Standard was published by NIST in 2002.
|
||||
*
|
||||
* http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#include "polarssl/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_SHA256_C)
|
||||
|
||||
#include "polarssl/sha256.h"
|
||||
|
||||
#if defined(POLARSSL_FS_IO) || defined(POLARSSL_SELF_TEST)
|
||||
#include <stdio.h>
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#include "polarssl/platform.h"
|
||||
#else
|
||||
#define polarssl_printf printf
|
||||
#endif
|
||||
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static void polarssl_zeroize( void *v, size_t n ) {
|
||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||
}
|
||||
|
||||
#if !defined(POLARSSL_SHA256_ALT)
|
||||
|
||||
/*
|
||||
* 32-bit integer manipulation macros (big endian)
|
||||
*/
|
||||
#ifndef GET_UINT32_BE
|
||||
#define GET_UINT32_BE(n,b,i) \
|
||||
{ \
|
||||
(n) = ( (uint32_t) (b)[(i) ] << 24 ) \
|
||||
| ( (uint32_t) (b)[(i) + 1] << 16 ) \
|
||||
| ( (uint32_t) (b)[(i) + 2] << 8 ) \
|
||||
| ( (uint32_t) (b)[(i) + 3] ); \
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifndef PUT_UINT32_BE
|
||||
#define PUT_UINT32_BE(n,b,i) \
|
||||
{ \
|
||||
(b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
|
||||
(b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
|
||||
(b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
|
||||
(b)[(i) + 3] = (unsigned char) ( (n) ); \
|
||||
}
|
||||
#endif
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void sha256_init( sha256_context *ctx )
|
||||
{
|
||||
memset( ctx, 0, sizeof( sha256_context ) );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void sha256_free( sha256_context *ctx )
|
||||
{
|
||||
if( ctx == NULL )
|
||||
return;
|
||||
|
||||
polarssl_zeroize( ctx, sizeof( sha256_context ) );
|
||||
}
|
||||
|
||||
/*
|
||||
* SHA-256 context setup
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void sha256_starts( sha256_context *ctx, int is224 )
|
||||
{
|
||||
ctx->total[0] = 0;
|
||||
ctx->total[1] = 0;
|
||||
|
||||
if( is224 == 0 )
|
||||
{
|
||||
/* SHA-256 */
|
||||
ctx->state[0] = 0x6A09E667;
|
||||
ctx->state[1] = 0xBB67AE85;
|
||||
ctx->state[2] = 0x3C6EF372;
|
||||
ctx->state[3] = 0xA54FF53A;
|
||||
ctx->state[4] = 0x510E527F;
|
||||
ctx->state[5] = 0x9B05688C;
|
||||
ctx->state[6] = 0x1F83D9AB;
|
||||
ctx->state[7] = 0x5BE0CD19;
|
||||
}
|
||||
else
|
||||
{
|
||||
/* SHA-224 */
|
||||
ctx->state[0] = 0xC1059ED8;
|
||||
ctx->state[1] = 0x367CD507;
|
||||
ctx->state[2] = 0x3070DD17;
|
||||
ctx->state[3] = 0xF70E5939;
|
||||
ctx->state[4] = 0xFFC00B31;
|
||||
ctx->state[5] = 0x68581511;
|
||||
ctx->state[6] = 0x64F98FA7;
|
||||
ctx->state[7] = 0xBEFA4FA4;
|
||||
}
|
||||
|
||||
ctx->is224 = is224;
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void sha256_process( sha256_context *ctx, const unsigned char data[64] )
|
||||
{
|
||||
uint32_t temp1, temp2, W[64];
|
||||
uint32_t A, B, C, D, E, F, G, H;
|
||||
|
||||
GET_UINT32_BE( W[ 0], data, 0 );
|
||||
GET_UINT32_BE( W[ 1], data, 4 );
|
||||
GET_UINT32_BE( W[ 2], data, 8 );
|
||||
GET_UINT32_BE( W[ 3], data, 12 );
|
||||
GET_UINT32_BE( W[ 4], data, 16 );
|
||||
GET_UINT32_BE( W[ 5], data, 20 );
|
||||
GET_UINT32_BE( W[ 6], data, 24 );
|
||||
GET_UINT32_BE( W[ 7], data, 28 );
|
||||
GET_UINT32_BE( W[ 8], data, 32 );
|
||||
GET_UINT32_BE( W[ 9], data, 36 );
|
||||
GET_UINT32_BE( W[10], data, 40 );
|
||||
GET_UINT32_BE( W[11], data, 44 );
|
||||
GET_UINT32_BE( W[12], data, 48 );
|
||||
GET_UINT32_BE( W[13], data, 52 );
|
||||
GET_UINT32_BE( W[14], data, 56 );
|
||||
GET_UINT32_BE( W[15], data, 60 );
|
||||
|
||||
#define SHR(x,n) ((x & 0xFFFFFFFF) >> n)
|
||||
#define ROTR(x,n) (SHR(x,n) | (x << (32 - n)))
|
||||
|
||||
#define S0(x) (ROTR(x, 7) ^ ROTR(x,18) ^ SHR(x, 3))
|
||||
#define S1(x) (ROTR(x,17) ^ ROTR(x,19) ^ SHR(x,10))
|
||||
|
||||
#define S2(x) (ROTR(x, 2) ^ ROTR(x,13) ^ ROTR(x,22))
|
||||
#define S3(x) (ROTR(x, 6) ^ ROTR(x,11) ^ ROTR(x,25))
|
||||
|
||||
#define F0(x,y,z) ((x & y) | (z & (x | y)))
|
||||
#define F1(x,y,z) (z ^ (x & (y ^ z)))
|
||||
|
||||
#define R(t) \
|
||||
( \
|
||||
W[t] = S1(W[t - 2]) + W[t - 7] + \
|
||||
S0(W[t - 15]) + W[t - 16] \
|
||||
)
|
||||
|
||||
#define P(a,b,c,d,e,f,g,h,x,K) \
|
||||
{ \
|
||||
temp1 = h + S3(e) + F1(e,f,g) + K + x; \
|
||||
temp2 = S2(a) + F0(a,b,c); \
|
||||
d += temp1; h = temp1 + temp2; \
|
||||
}
|
||||
|
||||
A = ctx->state[0];
|
||||
B = ctx->state[1];
|
||||
C = ctx->state[2];
|
||||
D = ctx->state[3];
|
||||
E = ctx->state[4];
|
||||
F = ctx->state[5];
|
||||
G = ctx->state[6];
|
||||
H = ctx->state[7];
|
||||
|
||||
P( A, B, C, D, E, F, G, H, W[ 0], 0x428A2F98 );
|
||||
P( H, A, B, C, D, E, F, G, W[ 1], 0x71374491 );
|
||||
P( G, H, A, B, C, D, E, F, W[ 2], 0xB5C0FBCF );
|
||||
P( F, G, H, A, B, C, D, E, W[ 3], 0xE9B5DBA5 );
|
||||
P( E, F, G, H, A, B, C, D, W[ 4], 0x3956C25B );
|
||||
P( D, E, F, G, H, A, B, C, W[ 5], 0x59F111F1 );
|
||||
P( C, D, E, F, G, H, A, B, W[ 6], 0x923F82A4 );
|
||||
P( B, C, D, E, F, G, H, A, W[ 7], 0xAB1C5ED5 );
|
||||
P( A, B, C, D, E, F, G, H, W[ 8], 0xD807AA98 );
|
||||
P( H, A, B, C, D, E, F, G, W[ 9], 0x12835B01 );
|
||||
P( G, H, A, B, C, D, E, F, W[10], 0x243185BE );
|
||||
P( F, G, H, A, B, C, D, E, W[11], 0x550C7DC3 );
|
||||
P( E, F, G, H, A, B, C, D, W[12], 0x72BE5D74 );
|
||||
P( D, E, F, G, H, A, B, C, W[13], 0x80DEB1FE );
|
||||
P( C, D, E, F, G, H, A, B, W[14], 0x9BDC06A7 );
|
||||
P( B, C, D, E, F, G, H, A, W[15], 0xC19BF174 );
|
||||
P( A, B, C, D, E, F, G, H, R(16), 0xE49B69C1 );
|
||||
P( H, A, B, C, D, E, F, G, R(17), 0xEFBE4786 );
|
||||
P( G, H, A, B, C, D, E, F, R(18), 0x0FC19DC6 );
|
||||
P( F, G, H, A, B, C, D, E, R(19), 0x240CA1CC );
|
||||
P( E, F, G, H, A, B, C, D, R(20), 0x2DE92C6F );
|
||||
P( D, E, F, G, H, A, B, C, R(21), 0x4A7484AA );
|
||||
P( C, D, E, F, G, H, A, B, R(22), 0x5CB0A9DC );
|
||||
P( B, C, D, E, F, G, H, A, R(23), 0x76F988DA );
|
||||
P( A, B, C, D, E, F, G, H, R(24), 0x983E5152 );
|
||||
P( H, A, B, C, D, E, F, G, R(25), 0xA831C66D );
|
||||
P( G, H, A, B, C, D, E, F, R(26), 0xB00327C8 );
|
||||
P( F, G, H, A, B, C, D, E, R(27), 0xBF597FC7 );
|
||||
P( E, F, G, H, A, B, C, D, R(28), 0xC6E00BF3 );
|
||||
P( D, E, F, G, H, A, B, C, R(29), 0xD5A79147 );
|
||||
P( C, D, E, F, G, H, A, B, R(30), 0x06CA6351 );
|
||||
P( B, C, D, E, F, G, H, A, R(31), 0x14292967 );
|
||||
P( A, B, C, D, E, F, G, H, R(32), 0x27B70A85 );
|
||||
P( H, A, B, C, D, E, F, G, R(33), 0x2E1B2138 );
|
||||
P( G, H, A, B, C, D, E, F, R(34), 0x4D2C6DFC );
|
||||
P( F, G, H, A, B, C, D, E, R(35), 0x53380D13 );
|
||||
P( E, F, G, H, A, B, C, D, R(36), 0x650A7354 );
|
||||
P( D, E, F, G, H, A, B, C, R(37), 0x766A0ABB );
|
||||
P( C, D, E, F, G, H, A, B, R(38), 0x81C2C92E );
|
||||
P( B, C, D, E, F, G, H, A, R(39), 0x92722C85 );
|
||||
P( A, B, C, D, E, F, G, H, R(40), 0xA2BFE8A1 );
|
||||
P( H, A, B, C, D, E, F, G, R(41), 0xA81A664B );
|
||||
P( G, H, A, B, C, D, E, F, R(42), 0xC24B8B70 );
|
||||
P( F, G, H, A, B, C, D, E, R(43), 0xC76C51A3 );
|
||||
P( E, F, G, H, A, B, C, D, R(44), 0xD192E819 );
|
||||
P( D, E, F, G, H, A, B, C, R(45), 0xD6990624 );
|
||||
P( C, D, E, F, G, H, A, B, R(46), 0xF40E3585 );
|
||||
P( B, C, D, E, F, G, H, A, R(47), 0x106AA070 );
|
||||
P( A, B, C, D, E, F, G, H, R(48), 0x19A4C116 );
|
||||
P( H, A, B, C, D, E, F, G, R(49), 0x1E376C08 );
|
||||
P( G, H, A, B, C, D, E, F, R(50), 0x2748774C );
|
||||
P( F, G, H, A, B, C, D, E, R(51), 0x34B0BCB5 );
|
||||
P( E, F, G, H, A, B, C, D, R(52), 0x391C0CB3 );
|
||||
P( D, E, F, G, H, A, B, C, R(53), 0x4ED8AA4A );
|
||||
P( C, D, E, F, G, H, A, B, R(54), 0x5B9CCA4F );
|
||||
P( B, C, D, E, F, G, H, A, R(55), 0x682E6FF3 );
|
||||
P( A, B, C, D, E, F, G, H, R(56), 0x748F82EE );
|
||||
P( H, A, B, C, D, E, F, G, R(57), 0x78A5636F );
|
||||
P( G, H, A, B, C, D, E, F, R(58), 0x84C87814 );
|
||||
P( F, G, H, A, B, C, D, E, R(59), 0x8CC70208 );
|
||||
P( E, F, G, H, A, B, C, D, R(60), 0x90BEFFFA );
|
||||
P( D, E, F, G, H, A, B, C, R(61), 0xA4506CEB );
|
||||
P( C, D, E, F, G, H, A, B, R(62), 0xBEF9A3F7 );
|
||||
P( B, C, D, E, F, G, H, A, R(63), 0xC67178F2 );
|
||||
|
||||
ctx->state[0] += A;
|
||||
ctx->state[1] += B;
|
||||
ctx->state[2] += C;
|
||||
ctx->state[3] += D;
|
||||
ctx->state[4] += E;
|
||||
ctx->state[5] += F;
|
||||
ctx->state[6] += G;
|
||||
ctx->state[7] += H;
|
||||
}
|
||||
|
||||
/*
|
||||
* SHA-256 process buffer
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void sha256_update( sha256_context *ctx, const unsigned char *input,
|
||||
size_t ilen )
|
||||
{
|
||||
size_t fill;
|
||||
uint32_t left;
|
||||
|
||||
if( ilen == 0 )
|
||||
return;
|
||||
|
||||
left = ctx->total[0] & 0x3F;
|
||||
fill = 64 - left;
|
||||
|
||||
ctx->total[0] += (uint32_t) ilen;
|
||||
ctx->total[0] &= 0xFFFFFFFF;
|
||||
|
||||
if( ctx->total[0] < (uint32_t) ilen )
|
||||
ctx->total[1]++;
|
||||
|
||||
if( left && ilen >= fill )
|
||||
{
|
||||
memcpy( (void *) (ctx->buffer + left), input, fill );
|
||||
sha256_process( ctx, ctx->buffer );
|
||||
input += fill;
|
||||
ilen -= fill;
|
||||
left = 0;
|
||||
}
|
||||
|
||||
while( ilen >= 64 )
|
||||
{
|
||||
sha256_process( ctx, input );
|
||||
input += 64;
|
||||
ilen -= 64;
|
||||
}
|
||||
|
||||
if( ilen > 0 )
|
||||
memcpy( (void *) (ctx->buffer + left), input, ilen );
|
||||
}
|
||||
|
||||
SSL_ROM_DATA_SECTION
|
||||
static const unsigned char sha256_padding[64] =
|
||||
{
|
||||
0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
|
||||
};
|
||||
|
||||
/*
|
||||
* SHA-256 final digest
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void sha256_finish( sha256_context *ctx, unsigned char output[32] )
|
||||
{
|
||||
uint32_t last, padn;
|
||||
uint32_t high, low;
|
||||
unsigned char msglen[8];
|
||||
|
||||
high = ( ctx->total[0] >> 29 )
|
||||
| ( ctx->total[1] << 3 );
|
||||
low = ( ctx->total[0] << 3 );
|
||||
|
||||
PUT_UINT32_BE( high, msglen, 0 );
|
||||
PUT_UINT32_BE( low, msglen, 4 );
|
||||
|
||||
last = ctx->total[0] & 0x3F;
|
||||
padn = ( last < 56 ) ? ( 56 - last ) : ( 120 - last );
|
||||
|
||||
sha256_update( ctx, sha256_padding, padn );
|
||||
sha256_update( ctx, msglen, 8 );
|
||||
|
||||
PUT_UINT32_BE( ctx->state[0], output, 0 );
|
||||
PUT_UINT32_BE( ctx->state[1], output, 4 );
|
||||
PUT_UINT32_BE( ctx->state[2], output, 8 );
|
||||
PUT_UINT32_BE( ctx->state[3], output, 12 );
|
||||
PUT_UINT32_BE( ctx->state[4], output, 16 );
|
||||
PUT_UINT32_BE( ctx->state[5], output, 20 );
|
||||
PUT_UINT32_BE( ctx->state[6], output, 24 );
|
||||
|
||||
if( ctx->is224 == 0 )
|
||||
PUT_UINT32_BE( ctx->state[7], output, 28 );
|
||||
}
|
||||
|
||||
#endif /* !POLARSSL_SHA256_ALT */
|
||||
|
||||
/*
|
||||
* output = SHA-256( input buffer )
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void sha256( const unsigned char *input, size_t ilen,
|
||||
unsigned char output[32], int is224 )
|
||||
{
|
||||
sha256_context ctx;
|
||||
|
||||
sha256_init( &ctx );
|
||||
sha256_starts( &ctx, is224 );
|
||||
sha256_update( &ctx, input, ilen );
|
||||
sha256_finish( &ctx, output );
|
||||
sha256_free( &ctx );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
/*
|
||||
* output = SHA-256( file contents )
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int sha256_file( const char *path, unsigned char output[32], int is224 )
|
||||
{
|
||||
FILE *f;
|
||||
size_t n;
|
||||
sha256_context ctx;
|
||||
unsigned char buf[1024];
|
||||
|
||||
if( ( f = fopen( path, "rb" ) ) == NULL )
|
||||
return( POLARSSL_ERR_SHA256_FILE_IO_ERROR );
|
||||
|
||||
sha256_init( &ctx );
|
||||
sha256_starts( &ctx, is224 );
|
||||
|
||||
while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
|
||||
sha256_update( &ctx, buf, n );
|
||||
|
||||
sha256_finish( &ctx, output );
|
||||
sha256_free( &ctx );
|
||||
|
||||
if( ferror( f ) != 0 )
|
||||
{
|
||||
fclose( f );
|
||||
return( POLARSSL_ERR_SHA256_FILE_IO_ERROR );
|
||||
}
|
||||
|
||||
fclose( f );
|
||||
return( 0 );
|
||||
}
|
||||
#endif /* POLARSSL_FS_IO */
|
||||
|
||||
/*
|
||||
* SHA-256 HMAC context setup
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void sha256_hmac_starts( sha256_context *ctx, const unsigned char *key,
|
||||
size_t keylen, int is224 )
|
||||
{
|
||||
size_t i;
|
||||
unsigned char sum[32];
|
||||
|
||||
if( keylen > 64 )
|
||||
{
|
||||
sha256( key, keylen, sum, is224 );
|
||||
keylen = ( is224 ) ? 28 : 32;
|
||||
key = sum;
|
||||
}
|
||||
|
||||
memset( ctx->ipad, 0x36, 64 );
|
||||
memset( ctx->opad, 0x5C, 64 );
|
||||
|
||||
for( i = 0; i < keylen; i++ )
|
||||
{
|
||||
ctx->ipad[i] = (unsigned char)( ctx->ipad[i] ^ key[i] );
|
||||
ctx->opad[i] = (unsigned char)( ctx->opad[i] ^ key[i] );
|
||||
}
|
||||
|
||||
sha256_starts( ctx, is224 );
|
||||
sha256_update( ctx, ctx->ipad, 64 );
|
||||
|
||||
polarssl_zeroize( sum, sizeof( sum ) );
|
||||
}
|
||||
|
||||
/*
|
||||
* SHA-256 HMAC process buffer
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void sha256_hmac_update( sha256_context *ctx, const unsigned char *input,
|
||||
size_t ilen )
|
||||
{
|
||||
sha256_update( ctx, input, ilen );
|
||||
}
|
||||
|
||||
/*
|
||||
* SHA-256 HMAC final digest
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void sha256_hmac_finish( sha256_context *ctx, unsigned char output[32] )
|
||||
{
|
||||
int is224, hlen;
|
||||
unsigned char tmpbuf[32];
|
||||
|
||||
is224 = ctx->is224;
|
||||
hlen = ( is224 == 0 ) ? 32 : 28;
|
||||
|
||||
sha256_finish( ctx, tmpbuf );
|
||||
sha256_starts( ctx, is224 );
|
||||
sha256_update( ctx, ctx->opad, 64 );
|
||||
sha256_update( ctx, tmpbuf, hlen );
|
||||
sha256_finish( ctx, output );
|
||||
|
||||
polarssl_zeroize( tmpbuf, sizeof( tmpbuf ) );
|
||||
}
|
||||
|
||||
/*
|
||||
* SHA-256 HMAC context reset
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void sha256_hmac_reset( sha256_context *ctx )
|
||||
{
|
||||
sha256_starts( ctx, ctx->is224 );
|
||||
sha256_update( ctx, ctx->ipad, 64 );
|
||||
}
|
||||
|
||||
/*
|
||||
* output = HMAC-SHA-256( hmac key, input buffer )
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void sha256_hmac( const unsigned char *key, size_t keylen,
|
||||
const unsigned char *input, size_t ilen,
|
||||
unsigned char output[32], int is224 )
|
||||
{
|
||||
sha256_context ctx;
|
||||
|
||||
sha256_init( &ctx );
|
||||
sha256_hmac_starts( &ctx, key, keylen, is224 );
|
||||
sha256_hmac_update( &ctx, input, ilen );
|
||||
sha256_hmac_finish( &ctx, output );
|
||||
sha256_free( &ctx );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_SELF_TEST)
|
||||
/*
|
||||
* FIPS-180-2 test vectors
|
||||
*/
|
||||
static unsigned char sha256_test_buf[3][57] =
|
||||
{
|
||||
{ "abc" },
|
||||
{ "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" },
|
||||
{ "" }
|
||||
};
|
||||
|
||||
static const int sha256_test_buflen[3] =
|
||||
{
|
||||
3, 56, 1000
|
||||
};
|
||||
|
||||
static const unsigned char sha256_test_sum[6][32] =
|
||||
{
|
||||
/*
|
||||
* SHA-224 test vectors
|
||||
*/
|
||||
{ 0x23, 0x09, 0x7D, 0x22, 0x34, 0x05, 0xD8, 0x22,
|
||||
0x86, 0x42, 0xA4, 0x77, 0xBD, 0xA2, 0x55, 0xB3,
|
||||
0x2A, 0xAD, 0xBC, 0xE4, 0xBD, 0xA0, 0xB3, 0xF7,
|
||||
0xE3, 0x6C, 0x9D, 0xA7 },
|
||||
{ 0x75, 0x38, 0x8B, 0x16, 0x51, 0x27, 0x76, 0xCC,
|
||||
0x5D, 0xBA, 0x5D, 0xA1, 0xFD, 0x89, 0x01, 0x50,
|
||||
0xB0, 0xC6, 0x45, 0x5C, 0xB4, 0xF5, 0x8B, 0x19,
|
||||
0x52, 0x52, 0x25, 0x25 },
|
||||
{ 0x20, 0x79, 0x46, 0x55, 0x98, 0x0C, 0x91, 0xD8,
|
||||
0xBB, 0xB4, 0xC1, 0xEA, 0x97, 0x61, 0x8A, 0x4B,
|
||||
0xF0, 0x3F, 0x42, 0x58, 0x19, 0x48, 0xB2, 0xEE,
|
||||
0x4E, 0xE7, 0xAD, 0x67 },
|
||||
|
||||
/*
|
||||
* SHA-256 test vectors
|
||||
*/
|
||||
{ 0xBA, 0x78, 0x16, 0xBF, 0x8F, 0x01, 0xCF, 0xEA,
|
||||
0x41, 0x41, 0x40, 0xDE, 0x5D, 0xAE, 0x22, 0x23,
|
||||
0xB0, 0x03, 0x61, 0xA3, 0x96, 0x17, 0x7A, 0x9C,
|
||||
0xB4, 0x10, 0xFF, 0x61, 0xF2, 0x00, 0x15, 0xAD },
|
||||
{ 0x24, 0x8D, 0x6A, 0x61, 0xD2, 0x06, 0x38, 0xB8,
|
||||
0xE5, 0xC0, 0x26, 0x93, 0x0C, 0x3E, 0x60, 0x39,
|
||||
0xA3, 0x3C, 0xE4, 0x59, 0x64, 0xFF, 0x21, 0x67,
|
||||
0xF6, 0xEC, 0xED, 0xD4, 0x19, 0xDB, 0x06, 0xC1 },
|
||||
{ 0xCD, 0xC7, 0x6E, 0x5C, 0x99, 0x14, 0xFB, 0x92,
|
||||
0x81, 0xA1, 0xC7, 0xE2, 0x84, 0xD7, 0x3E, 0x67,
|
||||
0xF1, 0x80, 0x9A, 0x48, 0xA4, 0x97, 0x20, 0x0E,
|
||||
0x04, 0x6D, 0x39, 0xCC, 0xC7, 0x11, 0x2C, 0xD0 }
|
||||
};
|
||||
|
||||
/*
|
||||
* RFC 4231 test vectors
|
||||
*/
|
||||
static unsigned char sha256_hmac_test_key[7][26] =
|
||||
{
|
||||
{ "\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B"
|
||||
"\x0B\x0B\x0B\x0B" },
|
||||
{ "Jefe" },
|
||||
{ "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
|
||||
"\xAA\xAA\xAA\xAA" },
|
||||
{ "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10"
|
||||
"\x11\x12\x13\x14\x15\x16\x17\x18\x19" },
|
||||
{ "\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C"
|
||||
"\x0C\x0C\x0C\x0C" },
|
||||
{ "" }, /* 0xAA 131 times */
|
||||
{ "" }
|
||||
};
|
||||
|
||||
static const int sha256_hmac_test_keylen[7] =
|
||||
{
|
||||
20, 4, 20, 25, 20, 131, 131
|
||||
};
|
||||
|
||||
static unsigned char sha256_hmac_test_buf[7][153] =
|
||||
{
|
||||
{ "Hi There" },
|
||||
{ "what do ya want for nothing?" },
|
||||
{ "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
|
||||
"\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
|
||||
"\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
|
||||
"\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
|
||||
"\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" },
|
||||
{ "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
|
||||
"\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
|
||||
"\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
|
||||
"\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
|
||||
"\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" },
|
||||
{ "Test With Truncation" },
|
||||
{ "Test Using Larger Than Block-Size Key - Hash Key First" },
|
||||
{ "This is a test using a larger than block-size key "
|
||||
"and a larger than block-size data. The key needs to "
|
||||
"be hashed before being used by the HMAC algorithm." }
|
||||
};
|
||||
|
||||
static const int sha256_hmac_test_buflen[7] =
|
||||
{
|
||||
8, 28, 50, 50, 20, 54, 152
|
||||
};
|
||||
|
||||
static const unsigned char sha256_hmac_test_sum[14][32] =
|
||||
{
|
||||
/*
|
||||
* HMAC-SHA-224 test vectors
|
||||
*/
|
||||
{ 0x89, 0x6F, 0xB1, 0x12, 0x8A, 0xBB, 0xDF, 0x19,
|
||||
0x68, 0x32, 0x10, 0x7C, 0xD4, 0x9D, 0xF3, 0x3F,
|
||||
0x47, 0xB4, 0xB1, 0x16, 0x99, 0x12, 0xBA, 0x4F,
|
||||
0x53, 0x68, 0x4B, 0x22 },
|
||||
{ 0xA3, 0x0E, 0x01, 0x09, 0x8B, 0xC6, 0xDB, 0xBF,
|
||||
0x45, 0x69, 0x0F, 0x3A, 0x7E, 0x9E, 0x6D, 0x0F,
|
||||
0x8B, 0xBE, 0xA2, 0xA3, 0x9E, 0x61, 0x48, 0x00,
|
||||
0x8F, 0xD0, 0x5E, 0x44 },
|
||||
{ 0x7F, 0xB3, 0xCB, 0x35, 0x88, 0xC6, 0xC1, 0xF6,
|
||||
0xFF, 0xA9, 0x69, 0x4D, 0x7D, 0x6A, 0xD2, 0x64,
|
||||
0x93, 0x65, 0xB0, 0xC1, 0xF6, 0x5D, 0x69, 0xD1,
|
||||
0xEC, 0x83, 0x33, 0xEA },
|
||||
{ 0x6C, 0x11, 0x50, 0x68, 0x74, 0x01, 0x3C, 0xAC,
|
||||
0x6A, 0x2A, 0xBC, 0x1B, 0xB3, 0x82, 0x62, 0x7C,
|
||||
0xEC, 0x6A, 0x90, 0xD8, 0x6E, 0xFC, 0x01, 0x2D,
|
||||
0xE7, 0xAF, 0xEC, 0x5A },
|
||||
{ 0x0E, 0x2A, 0xEA, 0x68, 0xA9, 0x0C, 0x8D, 0x37,
|
||||
0xC9, 0x88, 0xBC, 0xDB, 0x9F, 0xCA, 0x6F, 0xA8 },
|
||||
{ 0x95, 0xE9, 0xA0, 0xDB, 0x96, 0x20, 0x95, 0xAD,
|
||||
0xAE, 0xBE, 0x9B, 0x2D, 0x6F, 0x0D, 0xBC, 0xE2,
|
||||
0xD4, 0x99, 0xF1, 0x12, 0xF2, 0xD2, 0xB7, 0x27,
|
||||
0x3F, 0xA6, 0x87, 0x0E },
|
||||
{ 0x3A, 0x85, 0x41, 0x66, 0xAC, 0x5D, 0x9F, 0x02,
|
||||
0x3F, 0x54, 0xD5, 0x17, 0xD0, 0xB3, 0x9D, 0xBD,
|
||||
0x94, 0x67, 0x70, 0xDB, 0x9C, 0x2B, 0x95, 0xC9,
|
||||
0xF6, 0xF5, 0x65, 0xD1 },
|
||||
|
||||
/*
|
||||
* HMAC-SHA-256 test vectors
|
||||
*/
|
||||
{ 0xB0, 0x34, 0x4C, 0x61, 0xD8, 0xDB, 0x38, 0x53,
|
||||
0x5C, 0xA8, 0xAF, 0xCE, 0xAF, 0x0B, 0xF1, 0x2B,
|
||||
0x88, 0x1D, 0xC2, 0x00, 0xC9, 0x83, 0x3D, 0xA7,
|
||||
0x26, 0xE9, 0x37, 0x6C, 0x2E, 0x32, 0xCF, 0xF7 },
|
||||
{ 0x5B, 0xDC, 0xC1, 0x46, 0xBF, 0x60, 0x75, 0x4E,
|
||||
0x6A, 0x04, 0x24, 0x26, 0x08, 0x95, 0x75, 0xC7,
|
||||
0x5A, 0x00, 0x3F, 0x08, 0x9D, 0x27, 0x39, 0x83,
|
||||
0x9D, 0xEC, 0x58, 0xB9, 0x64, 0xEC, 0x38, 0x43 },
|
||||
{ 0x77, 0x3E, 0xA9, 0x1E, 0x36, 0x80, 0x0E, 0x46,
|
||||
0x85, 0x4D, 0xB8, 0xEB, 0xD0, 0x91, 0x81, 0xA7,
|
||||
0x29, 0x59, 0x09, 0x8B, 0x3E, 0xF8, 0xC1, 0x22,
|
||||
0xD9, 0x63, 0x55, 0x14, 0xCE, 0xD5, 0x65, 0xFE },
|
||||
{ 0x82, 0x55, 0x8A, 0x38, 0x9A, 0x44, 0x3C, 0x0E,
|
||||
0xA4, 0xCC, 0x81, 0x98, 0x99, 0xF2, 0x08, 0x3A,
|
||||
0x85, 0xF0, 0xFA, 0xA3, 0xE5, 0x78, 0xF8, 0x07,
|
||||
0x7A, 0x2E, 0x3F, 0xF4, 0x67, 0x29, 0x66, 0x5B },
|
||||
{ 0xA3, 0xB6, 0x16, 0x74, 0x73, 0x10, 0x0E, 0xE0,
|
||||
0x6E, 0x0C, 0x79, 0x6C, 0x29, 0x55, 0x55, 0x2B },
|
||||
{ 0x60, 0xE4, 0x31, 0x59, 0x1E, 0xE0, 0xB6, 0x7F,
|
||||
0x0D, 0x8A, 0x26, 0xAA, 0xCB, 0xF5, 0xB7, 0x7F,
|
||||
0x8E, 0x0B, 0xC6, 0x21, 0x37, 0x28, 0xC5, 0x14,
|
||||
0x05, 0x46, 0x04, 0x0F, 0x0E, 0xE3, 0x7F, 0x54 },
|
||||
{ 0x9B, 0x09, 0xFF, 0xA7, 0x1B, 0x94, 0x2F, 0xCB,
|
||||
0x27, 0x63, 0x5F, 0xBC, 0xD5, 0xB0, 0xE9, 0x44,
|
||||
0xBF, 0xDC, 0x63, 0x64, 0x4F, 0x07, 0x13, 0x93,
|
||||
0x8A, 0x7F, 0x51, 0x53, 0x5C, 0x3A, 0x35, 0xE2 }
|
||||
};
|
||||
|
||||
/*
|
||||
* Checkup routine
|
||||
*/
|
||||
int sha256_self_test( int verbose )
|
||||
{
|
||||
int i, j, k, buflen, ret = 0;
|
||||
unsigned char buf[1024];
|
||||
unsigned char sha256sum[32];
|
||||
sha256_context ctx;
|
||||
|
||||
sha256_init( &ctx );
|
||||
|
||||
for( i = 0; i < 6; i++ )
|
||||
{
|
||||
j = i % 3;
|
||||
k = i < 3;
|
||||
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( " SHA-%d test #%d: ", 256 - k * 32, j + 1 );
|
||||
|
||||
sha256_starts( &ctx, k );
|
||||
|
||||
if( j == 2 )
|
||||
{
|
||||
memset( buf, 'a', buflen = 1000 );
|
||||
|
||||
for( j = 0; j < 1000; j++ )
|
||||
sha256_update( &ctx, buf, buflen );
|
||||
}
|
||||
else
|
||||
sha256_update( &ctx, sha256_test_buf[j],
|
||||
sha256_test_buflen[j] );
|
||||
|
||||
sha256_finish( &ctx, sha256sum );
|
||||
|
||||
if( memcmp( sha256sum, sha256_test_sum[i], 32 - k * 4 ) != 0 )
|
||||
{
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( "failed\n" );
|
||||
|
||||
ret = 1;
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( "passed\n" );
|
||||
}
|
||||
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( "\n" );
|
||||
|
||||
for( i = 0; i < 14; i++ )
|
||||
{
|
||||
j = i % 7;
|
||||
k = i < 7;
|
||||
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( " HMAC-SHA-%d test #%d: ", 256 - k * 32, j + 1 );
|
||||
|
||||
if( j == 5 || j == 6 )
|
||||
{
|
||||
memset( buf, '\xAA', buflen = 131 );
|
||||
sha256_hmac_starts( &ctx, buf, buflen, k );
|
||||
}
|
||||
else
|
||||
sha256_hmac_starts( &ctx, sha256_hmac_test_key[j],
|
||||
sha256_hmac_test_keylen[j], k );
|
||||
|
||||
sha256_hmac_update( &ctx, sha256_hmac_test_buf[j],
|
||||
sha256_hmac_test_buflen[j] );
|
||||
|
||||
sha256_hmac_finish( &ctx, sha256sum );
|
||||
|
||||
buflen = ( j == 4 ) ? 16 : 32 - k * 4;
|
||||
|
||||
if( memcmp( sha256sum, sha256_hmac_test_sum[i], buflen ) != 0 )
|
||||
{
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( "failed\n" );
|
||||
|
||||
ret = 1;
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( "passed\n" );
|
||||
}
|
||||
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( "\n" );
|
||||
|
||||
exit:
|
||||
sha256_free( &ctx );
|
||||
|
||||
return( ret );
|
||||
}
|
||||
|
||||
#endif /* POLARSSL_SELF_TEST */
|
||||
|
||||
#endif /* POLARSSL_SHA256_C */
|
||||
812
component/common/network/ssl/polarssl-1.3.8/library/rom/sha512.c
Normal file
812
component/common/network/ssl/polarssl-1.3.8/library/rom/sha512.c
Normal file
|
|
@ -0,0 +1,812 @@
|
|||
/*
|
||||
* FIPS-180-2 compliant SHA-384/512 implementation
|
||||
*
|
||||
* Copyright (C) 2006-2014, Brainspark B.V.
|
||||
*
|
||||
* This file is part of PolarSSL (http://www.polarssl.org)
|
||||
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
|
||||
*
|
||||
* All rights reserved.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 2 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License along
|
||||
* with this program; if not, write to the Free Software Foundation, Inc.,
|
||||
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
*/
|
||||
/*
|
||||
* The SHA-512 Secure Hash Standard was published by NIST in 2002.
|
||||
*
|
||||
* http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf
|
||||
*/
|
||||
|
||||
#if !defined(POLARSSL_CONFIG_FILE)
|
||||
#include "polarssl/config.h"
|
||||
#else
|
||||
#include POLARSSL_CONFIG_FILE
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_SHA512_C)
|
||||
|
||||
#include "polarssl/sha512.h"
|
||||
|
||||
#if defined(POLARSSL_FS_IO) || defined(POLARSSL_SELF_TEST)
|
||||
#include <stdio.h>
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PLATFORM_C)
|
||||
#include "polarssl/platform.h"
|
||||
#else
|
||||
#define polarssl_printf printf
|
||||
#endif
|
||||
|
||||
/* Implementation that should never be optimized out by the compiler */
|
||||
SSL_ROM_TEXT_SECTION
|
||||
static void polarssl_zeroize( void *v, size_t n ) {
|
||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||
}
|
||||
|
||||
#if !defined(POLARSSL_SHA512_ALT)
|
||||
|
||||
/*
|
||||
* 64-bit integer manipulation macros (big endian)
|
||||
*/
|
||||
#ifndef GET_UINT64_BE
|
||||
#define GET_UINT64_BE(n,b,i) \
|
||||
{ \
|
||||
(n) = ( (uint64_t) (b)[(i) ] << 56 ) \
|
||||
| ( (uint64_t) (b)[(i) + 1] << 48 ) \
|
||||
| ( (uint64_t) (b)[(i) + 2] << 40 ) \
|
||||
| ( (uint64_t) (b)[(i) + 3] << 32 ) \
|
||||
| ( (uint64_t) (b)[(i) + 4] << 24 ) \
|
||||
| ( (uint64_t) (b)[(i) + 5] << 16 ) \
|
||||
| ( (uint64_t) (b)[(i) + 6] << 8 ) \
|
||||
| ( (uint64_t) (b)[(i) + 7] ); \
|
||||
}
|
||||
#endif /* GET_UINT64_BE */
|
||||
|
||||
#ifndef PUT_UINT64_BE
|
||||
#define PUT_UINT64_BE(n,b,i) \
|
||||
{ \
|
||||
(b)[(i) ] = (unsigned char) ( (n) >> 56 ); \
|
||||
(b)[(i) + 1] = (unsigned char) ( (n) >> 48 ); \
|
||||
(b)[(i) + 2] = (unsigned char) ( (n) >> 40 ); \
|
||||
(b)[(i) + 3] = (unsigned char) ( (n) >> 32 ); \
|
||||
(b)[(i) + 4] = (unsigned char) ( (n) >> 24 ); \
|
||||
(b)[(i) + 5] = (unsigned char) ( (n) >> 16 ); \
|
||||
(b)[(i) + 6] = (unsigned char) ( (n) >> 8 ); \
|
||||
(b)[(i) + 7] = (unsigned char) ( (n) ); \
|
||||
}
|
||||
#endif /* PUT_UINT64_BE */
|
||||
|
||||
/*
|
||||
* Round constants
|
||||
*/
|
||||
SSL_ROM_DATA_SECTION
|
||||
static const uint64_t K[80] =
|
||||
{
|
||||
UL64(0x428A2F98D728AE22), UL64(0x7137449123EF65CD),
|
||||
UL64(0xB5C0FBCFEC4D3B2F), UL64(0xE9B5DBA58189DBBC),
|
||||
UL64(0x3956C25BF348B538), UL64(0x59F111F1B605D019),
|
||||
UL64(0x923F82A4AF194F9B), UL64(0xAB1C5ED5DA6D8118),
|
||||
UL64(0xD807AA98A3030242), UL64(0x12835B0145706FBE),
|
||||
UL64(0x243185BE4EE4B28C), UL64(0x550C7DC3D5FFB4E2),
|
||||
UL64(0x72BE5D74F27B896F), UL64(0x80DEB1FE3B1696B1),
|
||||
UL64(0x9BDC06A725C71235), UL64(0xC19BF174CF692694),
|
||||
UL64(0xE49B69C19EF14AD2), UL64(0xEFBE4786384F25E3),
|
||||
UL64(0x0FC19DC68B8CD5B5), UL64(0x240CA1CC77AC9C65),
|
||||
UL64(0x2DE92C6F592B0275), UL64(0x4A7484AA6EA6E483),
|
||||
UL64(0x5CB0A9DCBD41FBD4), UL64(0x76F988DA831153B5),
|
||||
UL64(0x983E5152EE66DFAB), UL64(0xA831C66D2DB43210),
|
||||
UL64(0xB00327C898FB213F), UL64(0xBF597FC7BEEF0EE4),
|
||||
UL64(0xC6E00BF33DA88FC2), UL64(0xD5A79147930AA725),
|
||||
UL64(0x06CA6351E003826F), UL64(0x142929670A0E6E70),
|
||||
UL64(0x27B70A8546D22FFC), UL64(0x2E1B21385C26C926),
|
||||
UL64(0x4D2C6DFC5AC42AED), UL64(0x53380D139D95B3DF),
|
||||
UL64(0x650A73548BAF63DE), UL64(0x766A0ABB3C77B2A8),
|
||||
UL64(0x81C2C92E47EDAEE6), UL64(0x92722C851482353B),
|
||||
UL64(0xA2BFE8A14CF10364), UL64(0xA81A664BBC423001),
|
||||
UL64(0xC24B8B70D0F89791), UL64(0xC76C51A30654BE30),
|
||||
UL64(0xD192E819D6EF5218), UL64(0xD69906245565A910),
|
||||
UL64(0xF40E35855771202A), UL64(0x106AA07032BBD1B8),
|
||||
UL64(0x19A4C116B8D2D0C8), UL64(0x1E376C085141AB53),
|
||||
UL64(0x2748774CDF8EEB99), UL64(0x34B0BCB5E19B48A8),
|
||||
UL64(0x391C0CB3C5C95A63), UL64(0x4ED8AA4AE3418ACB),
|
||||
UL64(0x5B9CCA4F7763E373), UL64(0x682E6FF3D6B2B8A3),
|
||||
UL64(0x748F82EE5DEFB2FC), UL64(0x78A5636F43172F60),
|
||||
UL64(0x84C87814A1F0AB72), UL64(0x8CC702081A6439EC),
|
||||
UL64(0x90BEFFFA23631E28), UL64(0xA4506CEBDE82BDE9),
|
||||
UL64(0xBEF9A3F7B2C67915), UL64(0xC67178F2E372532B),
|
||||
UL64(0xCA273ECEEA26619C), UL64(0xD186B8C721C0C207),
|
||||
UL64(0xEADA7DD6CDE0EB1E), UL64(0xF57D4F7FEE6ED178),
|
||||
UL64(0x06F067AA72176FBA), UL64(0x0A637DC5A2C898A6),
|
||||
UL64(0x113F9804BEF90DAE), UL64(0x1B710B35131C471B),
|
||||
UL64(0x28DB77F523047D84), UL64(0x32CAAB7B40C72493),
|
||||
UL64(0x3C9EBE0A15C9BEBC), UL64(0x431D67C49C100D4C),
|
||||
UL64(0x4CC5D4BECB3E42B6), UL64(0x597F299CFC657E2A),
|
||||
UL64(0x5FCB6FAB3AD6FAEC), UL64(0x6C44198C4A475817)
|
||||
};
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void sha512_init( sha512_context *ctx )
|
||||
{
|
||||
memset( ctx, 0, sizeof( sha512_context ) );
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void sha512_free( sha512_context *ctx )
|
||||
{
|
||||
if( ctx == NULL )
|
||||
return;
|
||||
|
||||
polarssl_zeroize( ctx, sizeof( sha512_context ) );
|
||||
}
|
||||
|
||||
/*
|
||||
* SHA-512 context setup
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void sha512_starts( sha512_context *ctx, int is384 )
|
||||
{
|
||||
ctx->total[0] = 0;
|
||||
ctx->total[1] = 0;
|
||||
|
||||
if( is384 == 0 )
|
||||
{
|
||||
/* SHA-512 */
|
||||
ctx->state[0] = UL64(0x6A09E667F3BCC908);
|
||||
ctx->state[1] = UL64(0xBB67AE8584CAA73B);
|
||||
ctx->state[2] = UL64(0x3C6EF372FE94F82B);
|
||||
ctx->state[3] = UL64(0xA54FF53A5F1D36F1);
|
||||
ctx->state[4] = UL64(0x510E527FADE682D1);
|
||||
ctx->state[5] = UL64(0x9B05688C2B3E6C1F);
|
||||
ctx->state[6] = UL64(0x1F83D9ABFB41BD6B);
|
||||
ctx->state[7] = UL64(0x5BE0CD19137E2179);
|
||||
}
|
||||
else
|
||||
{
|
||||
/* SHA-384 */
|
||||
ctx->state[0] = UL64(0xCBBB9D5DC1059ED8);
|
||||
ctx->state[1] = UL64(0x629A292A367CD507);
|
||||
ctx->state[2] = UL64(0x9159015A3070DD17);
|
||||
ctx->state[3] = UL64(0x152FECD8F70E5939);
|
||||
ctx->state[4] = UL64(0x67332667FFC00B31);
|
||||
ctx->state[5] = UL64(0x8EB44A8768581511);
|
||||
ctx->state[6] = UL64(0xDB0C2E0D64F98FA7);
|
||||
ctx->state[7] = UL64(0x47B5481DBEFA4FA4);
|
||||
}
|
||||
|
||||
ctx->is384 = is384;
|
||||
}
|
||||
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void sha512_process( sha512_context *ctx, const unsigned char data[128] )
|
||||
{
|
||||
int i;
|
||||
uint64_t temp1, temp2, W[80];
|
||||
uint64_t A, B, C, D, E, F, G, H;
|
||||
|
||||
#define SHR(x,n) (x >> n)
|
||||
#define ROTR(x,n) (SHR(x,n) | (x << (64 - n)))
|
||||
|
||||
#define S0(x) (ROTR(x, 1) ^ ROTR(x, 8) ^ SHR(x, 7))
|
||||
#define S1(x) (ROTR(x,19) ^ ROTR(x,61) ^ SHR(x, 6))
|
||||
|
||||
#define S2(x) (ROTR(x,28) ^ ROTR(x,34) ^ ROTR(x,39))
|
||||
#define S3(x) (ROTR(x,14) ^ ROTR(x,18) ^ ROTR(x,41))
|
||||
|
||||
#define F0(x,y,z) ((x & y) | (z & (x | y)))
|
||||
#define F1(x,y,z) (z ^ (x & (y ^ z)))
|
||||
|
||||
#define P(a,b,c,d,e,f,g,h,x,K) \
|
||||
{ \
|
||||
temp1 = h + S3(e) + F1(e,f,g) + K + x; \
|
||||
temp2 = S2(a) + F0(a,b,c); \
|
||||
d += temp1; h = temp1 + temp2; \
|
||||
}
|
||||
|
||||
for( i = 0; i < 16; i++ )
|
||||
{
|
||||
GET_UINT64_BE( W[i], data, i << 3 );
|
||||
}
|
||||
|
||||
for( ; i < 80; i++ )
|
||||
{
|
||||
W[i] = S1(W[i - 2]) + W[i - 7] +
|
||||
S0(W[i - 15]) + W[i - 16];
|
||||
}
|
||||
|
||||
A = ctx->state[0];
|
||||
B = ctx->state[1];
|
||||
C = ctx->state[2];
|
||||
D = ctx->state[3];
|
||||
E = ctx->state[4];
|
||||
F = ctx->state[5];
|
||||
G = ctx->state[6];
|
||||
H = ctx->state[7];
|
||||
i = 0;
|
||||
|
||||
do
|
||||
{
|
||||
P( A, B, C, D, E, F, G, H, W[i], K[i] ); i++;
|
||||
P( H, A, B, C, D, E, F, G, W[i], K[i] ); i++;
|
||||
P( G, H, A, B, C, D, E, F, W[i], K[i] ); i++;
|
||||
P( F, G, H, A, B, C, D, E, W[i], K[i] ); i++;
|
||||
P( E, F, G, H, A, B, C, D, W[i], K[i] ); i++;
|
||||
P( D, E, F, G, H, A, B, C, W[i], K[i] ); i++;
|
||||
P( C, D, E, F, G, H, A, B, W[i], K[i] ); i++;
|
||||
P( B, C, D, E, F, G, H, A, W[i], K[i] ); i++;
|
||||
}
|
||||
while( i < 80 );
|
||||
|
||||
ctx->state[0] += A;
|
||||
ctx->state[1] += B;
|
||||
ctx->state[2] += C;
|
||||
ctx->state[3] += D;
|
||||
ctx->state[4] += E;
|
||||
ctx->state[5] += F;
|
||||
ctx->state[6] += G;
|
||||
ctx->state[7] += H;
|
||||
}
|
||||
|
||||
/*
|
||||
* SHA-512 process buffer
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void sha512_update( sha512_context *ctx, const unsigned char *input,
|
||||
size_t ilen )
|
||||
{
|
||||
size_t fill;
|
||||
unsigned int left;
|
||||
|
||||
if( ilen == 0 )
|
||||
return;
|
||||
|
||||
left = (unsigned int) (ctx->total[0] & 0x7F);
|
||||
fill = 128 - left;
|
||||
|
||||
ctx->total[0] += (uint64_t) ilen;
|
||||
|
||||
if( ctx->total[0] < (uint64_t) ilen )
|
||||
ctx->total[1]++;
|
||||
|
||||
if( left && ilen >= fill )
|
||||
{
|
||||
memcpy( (void *) (ctx->buffer + left), input, fill );
|
||||
sha512_process( ctx, ctx->buffer );
|
||||
input += fill;
|
||||
ilen -= fill;
|
||||
left = 0;
|
||||
}
|
||||
|
||||
while( ilen >= 128 )
|
||||
{
|
||||
sha512_process( ctx, input );
|
||||
input += 128;
|
||||
ilen -= 128;
|
||||
}
|
||||
|
||||
if( ilen > 0 )
|
||||
memcpy( (void *) (ctx->buffer + left), input, ilen );
|
||||
}
|
||||
|
||||
SSL_ROM_DATA_SECTION
|
||||
static const unsigned char sha512_padding[128] =
|
||||
{
|
||||
0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
|
||||
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
|
||||
};
|
||||
|
||||
/*
|
||||
* SHA-512 final digest
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void sha512_finish( sha512_context *ctx, unsigned char output[64] )
|
||||
{
|
||||
size_t last, padn;
|
||||
uint64_t high, low;
|
||||
unsigned char msglen[16];
|
||||
|
||||
high = ( ctx->total[0] >> 61 )
|
||||
| ( ctx->total[1] << 3 );
|
||||
low = ( ctx->total[0] << 3 );
|
||||
|
||||
PUT_UINT64_BE( high, msglen, 0 );
|
||||
PUT_UINT64_BE( low, msglen, 8 );
|
||||
|
||||
last = (size_t)( ctx->total[0] & 0x7F );
|
||||
padn = ( last < 112 ) ? ( 112 - last ) : ( 240 - last );
|
||||
|
||||
sha512_update( ctx, sha512_padding, padn );
|
||||
sha512_update( ctx, msglen, 16 );
|
||||
|
||||
PUT_UINT64_BE( ctx->state[0], output, 0 );
|
||||
PUT_UINT64_BE( ctx->state[1], output, 8 );
|
||||
PUT_UINT64_BE( ctx->state[2], output, 16 );
|
||||
PUT_UINT64_BE( ctx->state[3], output, 24 );
|
||||
PUT_UINT64_BE( ctx->state[4], output, 32 );
|
||||
PUT_UINT64_BE( ctx->state[5], output, 40 );
|
||||
|
||||
if( ctx->is384 == 0 )
|
||||
{
|
||||
PUT_UINT64_BE( ctx->state[6], output, 48 );
|
||||
PUT_UINT64_BE( ctx->state[7], output, 56 );
|
||||
}
|
||||
}
|
||||
|
||||
#endif /* !POLARSSL_SHA512_ALT */
|
||||
|
||||
/*
|
||||
* output = SHA-512( input buffer )
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void sha512( const unsigned char *input, size_t ilen,
|
||||
unsigned char output[64], int is384 )
|
||||
{
|
||||
sha512_context ctx;
|
||||
|
||||
sha512_init( &ctx );
|
||||
sha512_starts( &ctx, is384 );
|
||||
sha512_update( &ctx, input, ilen );
|
||||
sha512_finish( &ctx, output );
|
||||
sha512_free( &ctx );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
/*
|
||||
* output = SHA-512( file contents )
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
int sha512_file( const char *path, unsigned char output[64], int is384 )
|
||||
{
|
||||
FILE *f;
|
||||
size_t n;
|
||||
sha512_context ctx;
|
||||
unsigned char buf[1024];
|
||||
|
||||
if( ( f = fopen( path, "rb" ) ) == NULL )
|
||||
return( POLARSSL_ERR_SHA512_FILE_IO_ERROR );
|
||||
|
||||
sha512_init( &ctx );
|
||||
sha512_starts( &ctx, is384 );
|
||||
|
||||
while( ( n = fread( buf, 1, sizeof( buf ), f ) ) > 0 )
|
||||
sha512_update( &ctx, buf, n );
|
||||
|
||||
sha512_finish( &ctx, output );
|
||||
sha512_free( &ctx );
|
||||
|
||||
if( ferror( f ) != 0 )
|
||||
{
|
||||
fclose( f );
|
||||
return( POLARSSL_ERR_SHA512_FILE_IO_ERROR );
|
||||
}
|
||||
|
||||
fclose( f );
|
||||
return( 0 );
|
||||
}
|
||||
#endif /* POLARSSL_FS_IO */
|
||||
|
||||
/*
|
||||
* SHA-512 HMAC context setup
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void sha512_hmac_starts( sha512_context *ctx, const unsigned char *key,
|
||||
size_t keylen, int is384 )
|
||||
{
|
||||
size_t i;
|
||||
unsigned char sum[64];
|
||||
|
||||
if( keylen > 128 )
|
||||
{
|
||||
sha512( key, keylen, sum, is384 );
|
||||
keylen = ( is384 ) ? 48 : 64;
|
||||
key = sum;
|
||||
}
|
||||
|
||||
memset( ctx->ipad, 0x36, 128 );
|
||||
memset( ctx->opad, 0x5C, 128 );
|
||||
|
||||
for( i = 0; i < keylen; i++ )
|
||||
{
|
||||
ctx->ipad[i] = (unsigned char)( ctx->ipad[i] ^ key[i] );
|
||||
ctx->opad[i] = (unsigned char)( ctx->opad[i] ^ key[i] );
|
||||
}
|
||||
|
||||
sha512_starts( ctx, is384 );
|
||||
sha512_update( ctx, ctx->ipad, 128 );
|
||||
|
||||
polarssl_zeroize( sum, sizeof( sum ) );
|
||||
}
|
||||
|
||||
/*
|
||||
* SHA-512 HMAC process buffer
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void sha512_hmac_update( sha512_context *ctx,
|
||||
const unsigned char *input, size_t ilen )
|
||||
{
|
||||
sha512_update( ctx, input, ilen );
|
||||
}
|
||||
|
||||
/*
|
||||
* SHA-512 HMAC final digest
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void sha512_hmac_finish( sha512_context *ctx, unsigned char output[64] )
|
||||
{
|
||||
int is384, hlen;
|
||||
unsigned char tmpbuf[64];
|
||||
|
||||
is384 = ctx->is384;
|
||||
hlen = ( is384 == 0 ) ? 64 : 48;
|
||||
|
||||
sha512_finish( ctx, tmpbuf );
|
||||
sha512_starts( ctx, is384 );
|
||||
sha512_update( ctx, ctx->opad, 128 );
|
||||
sha512_update( ctx, tmpbuf, hlen );
|
||||
sha512_finish( ctx, output );
|
||||
|
||||
polarssl_zeroize( tmpbuf, sizeof( tmpbuf ) );
|
||||
}
|
||||
|
||||
/*
|
||||
* SHA-512 HMAC context reset
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void sha512_hmac_reset( sha512_context *ctx )
|
||||
{
|
||||
sha512_starts( ctx, ctx->is384 );
|
||||
sha512_update( ctx, ctx->ipad, 128 );
|
||||
}
|
||||
|
||||
/*
|
||||
* output = HMAC-SHA-512( hmac key, input buffer )
|
||||
*/
|
||||
SSL_ROM_TEXT_SECTION
|
||||
void sha512_hmac( const unsigned char *key, size_t keylen,
|
||||
const unsigned char *input, size_t ilen,
|
||||
unsigned char output[64], int is384 )
|
||||
{
|
||||
sha512_context ctx;
|
||||
|
||||
sha512_init( &ctx );
|
||||
sha512_hmac_starts( &ctx, key, keylen, is384 );
|
||||
sha512_hmac_update( &ctx, input, ilen );
|
||||
sha512_hmac_finish( &ctx, output );
|
||||
sha512_free( &ctx );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_SELF_TEST)
|
||||
|
||||
/*
|
||||
* FIPS-180-2 test vectors
|
||||
*/
|
||||
static unsigned char sha512_test_buf[3][113] =
|
||||
{
|
||||
{ "abc" },
|
||||
{ "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmn"
|
||||
"hijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" },
|
||||
{ "" }
|
||||
};
|
||||
|
||||
static const int sha512_test_buflen[3] =
|
||||
{
|
||||
3, 112, 1000
|
||||
};
|
||||
|
||||
static const unsigned char sha512_test_sum[6][64] =
|
||||
{
|
||||
/*
|
||||
* SHA-384 test vectors
|
||||
*/
|
||||
{ 0xCB, 0x00, 0x75, 0x3F, 0x45, 0xA3, 0x5E, 0x8B,
|
||||
0xB5, 0xA0, 0x3D, 0x69, 0x9A, 0xC6, 0x50, 0x07,
|
||||
0x27, 0x2C, 0x32, 0xAB, 0x0E, 0xDE, 0xD1, 0x63,
|
||||
0x1A, 0x8B, 0x60, 0x5A, 0x43, 0xFF, 0x5B, 0xED,
|
||||
0x80, 0x86, 0x07, 0x2B, 0xA1, 0xE7, 0xCC, 0x23,
|
||||
0x58, 0xBA, 0xEC, 0xA1, 0x34, 0xC8, 0x25, 0xA7 },
|
||||
{ 0x09, 0x33, 0x0C, 0x33, 0xF7, 0x11, 0x47, 0xE8,
|
||||
0x3D, 0x19, 0x2F, 0xC7, 0x82, 0xCD, 0x1B, 0x47,
|
||||
0x53, 0x11, 0x1B, 0x17, 0x3B, 0x3B, 0x05, 0xD2,
|
||||
0x2F, 0xA0, 0x80, 0x86, 0xE3, 0xB0, 0xF7, 0x12,
|
||||
0xFC, 0xC7, 0xC7, 0x1A, 0x55, 0x7E, 0x2D, 0xB9,
|
||||
0x66, 0xC3, 0xE9, 0xFA, 0x91, 0x74, 0x60, 0x39 },
|
||||
{ 0x9D, 0x0E, 0x18, 0x09, 0x71, 0x64, 0x74, 0xCB,
|
||||
0x08, 0x6E, 0x83, 0x4E, 0x31, 0x0A, 0x4A, 0x1C,
|
||||
0xED, 0x14, 0x9E, 0x9C, 0x00, 0xF2, 0x48, 0x52,
|
||||
0x79, 0x72, 0xCE, 0xC5, 0x70, 0x4C, 0x2A, 0x5B,
|
||||
0x07, 0xB8, 0xB3, 0xDC, 0x38, 0xEC, 0xC4, 0xEB,
|
||||
0xAE, 0x97, 0xDD, 0xD8, 0x7F, 0x3D, 0x89, 0x85 },
|
||||
|
||||
/*
|
||||
* SHA-512 test vectors
|
||||
*/
|
||||
{ 0xDD, 0xAF, 0x35, 0xA1, 0x93, 0x61, 0x7A, 0xBA,
|
||||
0xCC, 0x41, 0x73, 0x49, 0xAE, 0x20, 0x41, 0x31,
|
||||
0x12, 0xE6, 0xFA, 0x4E, 0x89, 0xA9, 0x7E, 0xA2,
|
||||
0x0A, 0x9E, 0xEE, 0xE6, 0x4B, 0x55, 0xD3, 0x9A,
|
||||
0x21, 0x92, 0x99, 0x2A, 0x27, 0x4F, 0xC1, 0xA8,
|
||||
0x36, 0xBA, 0x3C, 0x23, 0xA3, 0xFE, 0xEB, 0xBD,
|
||||
0x45, 0x4D, 0x44, 0x23, 0x64, 0x3C, 0xE8, 0x0E,
|
||||
0x2A, 0x9A, 0xC9, 0x4F, 0xA5, 0x4C, 0xA4, 0x9F },
|
||||
{ 0x8E, 0x95, 0x9B, 0x75, 0xDA, 0xE3, 0x13, 0xDA,
|
||||
0x8C, 0xF4, 0xF7, 0x28, 0x14, 0xFC, 0x14, 0x3F,
|
||||
0x8F, 0x77, 0x79, 0xC6, 0xEB, 0x9F, 0x7F, 0xA1,
|
||||
0x72, 0x99, 0xAE, 0xAD, 0xB6, 0x88, 0x90, 0x18,
|
||||
0x50, 0x1D, 0x28, 0x9E, 0x49, 0x00, 0xF7, 0xE4,
|
||||
0x33, 0x1B, 0x99, 0xDE, 0xC4, 0xB5, 0x43, 0x3A,
|
||||
0xC7, 0xD3, 0x29, 0xEE, 0xB6, 0xDD, 0x26, 0x54,
|
||||
0x5E, 0x96, 0xE5, 0x5B, 0x87, 0x4B, 0xE9, 0x09 },
|
||||
{ 0xE7, 0x18, 0x48, 0x3D, 0x0C, 0xE7, 0x69, 0x64,
|
||||
0x4E, 0x2E, 0x42, 0xC7, 0xBC, 0x15, 0xB4, 0x63,
|
||||
0x8E, 0x1F, 0x98, 0xB1, 0x3B, 0x20, 0x44, 0x28,
|
||||
0x56, 0x32, 0xA8, 0x03, 0xAF, 0xA9, 0x73, 0xEB,
|
||||
0xDE, 0x0F, 0xF2, 0x44, 0x87, 0x7E, 0xA6, 0x0A,
|
||||
0x4C, 0xB0, 0x43, 0x2C, 0xE5, 0x77, 0xC3, 0x1B,
|
||||
0xEB, 0x00, 0x9C, 0x5C, 0x2C, 0x49, 0xAA, 0x2E,
|
||||
0x4E, 0xAD, 0xB2, 0x17, 0xAD, 0x8C, 0xC0, 0x9B }
|
||||
};
|
||||
|
||||
/*
|
||||
* RFC 4231 test vectors
|
||||
*/
|
||||
static unsigned char sha512_hmac_test_key[7][26] =
|
||||
{
|
||||
{ "\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B\x0B"
|
||||
"\x0B\x0B\x0B\x0B" },
|
||||
{ "Jefe" },
|
||||
{ "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
|
||||
"\xAA\xAA\xAA\xAA" },
|
||||
{ "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10"
|
||||
"\x11\x12\x13\x14\x15\x16\x17\x18\x19" },
|
||||
{ "\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C\x0C"
|
||||
"\x0C\x0C\x0C\x0C" },
|
||||
{ "" }, /* 0xAA 131 times */
|
||||
{ "" }
|
||||
};
|
||||
|
||||
static const int sha512_hmac_test_keylen[7] =
|
||||
{
|
||||
20, 4, 20, 25, 20, 131, 131
|
||||
};
|
||||
|
||||
static unsigned char sha512_hmac_test_buf[7][153] =
|
||||
{
|
||||
{ "Hi There" },
|
||||
{ "what do ya want for nothing?" },
|
||||
{ "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
|
||||
"\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
|
||||
"\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
|
||||
"\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
|
||||
"\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" },
|
||||
{ "\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
|
||||
"\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
|
||||
"\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
|
||||
"\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD"
|
||||
"\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD\xCD" },
|
||||
{ "Test With Truncation" },
|
||||
{ "Test Using Larger Than Block-Size Key - Hash Key First" },
|
||||
{ "This is a test using a larger than block-size key "
|
||||
"and a larger than block-size data. The key needs to "
|
||||
"be hashed before being used by the HMAC algorithm." }
|
||||
};
|
||||
|
||||
static const int sha512_hmac_test_buflen[7] =
|
||||
{
|
||||
8, 28, 50, 50, 20, 54, 152
|
||||
};
|
||||
|
||||
static const unsigned char sha512_hmac_test_sum[14][64] =
|
||||
{
|
||||
/*
|
||||
* HMAC-SHA-384 test vectors
|
||||
*/
|
||||
{ 0xAF, 0xD0, 0x39, 0x44, 0xD8, 0x48, 0x95, 0x62,
|
||||
0x6B, 0x08, 0x25, 0xF4, 0xAB, 0x46, 0x90, 0x7F,
|
||||
0x15, 0xF9, 0xDA, 0xDB, 0xE4, 0x10, 0x1E, 0xC6,
|
||||
0x82, 0xAA, 0x03, 0x4C, 0x7C, 0xEB, 0xC5, 0x9C,
|
||||
0xFA, 0xEA, 0x9E, 0xA9, 0x07, 0x6E, 0xDE, 0x7F,
|
||||
0x4A, 0xF1, 0x52, 0xE8, 0xB2, 0xFA, 0x9C, 0xB6 },
|
||||
{ 0xAF, 0x45, 0xD2, 0xE3, 0x76, 0x48, 0x40, 0x31,
|
||||
0x61, 0x7F, 0x78, 0xD2, 0xB5, 0x8A, 0x6B, 0x1B,
|
||||
0x9C, 0x7E, 0xF4, 0x64, 0xF5, 0xA0, 0x1B, 0x47,
|
||||
0xE4, 0x2E, 0xC3, 0x73, 0x63, 0x22, 0x44, 0x5E,
|
||||
0x8E, 0x22, 0x40, 0xCA, 0x5E, 0x69, 0xE2, 0xC7,
|
||||
0x8B, 0x32, 0x39, 0xEC, 0xFA, 0xB2, 0x16, 0x49 },
|
||||
{ 0x88, 0x06, 0x26, 0x08, 0xD3, 0xE6, 0xAD, 0x8A,
|
||||
0x0A, 0xA2, 0xAC, 0xE0, 0x14, 0xC8, 0xA8, 0x6F,
|
||||
0x0A, 0xA6, 0x35, 0xD9, 0x47, 0xAC, 0x9F, 0xEB,
|
||||
0xE8, 0x3E, 0xF4, 0xE5, 0x59, 0x66, 0x14, 0x4B,
|
||||
0x2A, 0x5A, 0xB3, 0x9D, 0xC1, 0x38, 0x14, 0xB9,
|
||||
0x4E, 0x3A, 0xB6, 0xE1, 0x01, 0xA3, 0x4F, 0x27 },
|
||||
{ 0x3E, 0x8A, 0x69, 0xB7, 0x78, 0x3C, 0x25, 0x85,
|
||||
0x19, 0x33, 0xAB, 0x62, 0x90, 0xAF, 0x6C, 0xA7,
|
||||
0x7A, 0x99, 0x81, 0x48, 0x08, 0x50, 0x00, 0x9C,
|
||||
0xC5, 0x57, 0x7C, 0x6E, 0x1F, 0x57, 0x3B, 0x4E,
|
||||
0x68, 0x01, 0xDD, 0x23, 0xC4, 0xA7, 0xD6, 0x79,
|
||||
0xCC, 0xF8, 0xA3, 0x86, 0xC6, 0x74, 0xCF, 0xFB },
|
||||
{ 0x3A, 0xBF, 0x34, 0xC3, 0x50, 0x3B, 0x2A, 0x23,
|
||||
0xA4, 0x6E, 0xFC, 0x61, 0x9B, 0xAE, 0xF8, 0x97 },
|
||||
{ 0x4E, 0xCE, 0x08, 0x44, 0x85, 0x81, 0x3E, 0x90,
|
||||
0x88, 0xD2, 0xC6, 0x3A, 0x04, 0x1B, 0xC5, 0xB4,
|
||||
0x4F, 0x9E, 0xF1, 0x01, 0x2A, 0x2B, 0x58, 0x8F,
|
||||
0x3C, 0xD1, 0x1F, 0x05, 0x03, 0x3A, 0xC4, 0xC6,
|
||||
0x0C, 0x2E, 0xF6, 0xAB, 0x40, 0x30, 0xFE, 0x82,
|
||||
0x96, 0x24, 0x8D, 0xF1, 0x63, 0xF4, 0x49, 0x52 },
|
||||
{ 0x66, 0x17, 0x17, 0x8E, 0x94, 0x1F, 0x02, 0x0D,
|
||||
0x35, 0x1E, 0x2F, 0x25, 0x4E, 0x8F, 0xD3, 0x2C,
|
||||
0x60, 0x24, 0x20, 0xFE, 0xB0, 0xB8, 0xFB, 0x9A,
|
||||
0xDC, 0xCE, 0xBB, 0x82, 0x46, 0x1E, 0x99, 0xC5,
|
||||
0xA6, 0x78, 0xCC, 0x31, 0xE7, 0x99, 0x17, 0x6D,
|
||||
0x38, 0x60, 0xE6, 0x11, 0x0C, 0x46, 0x52, 0x3E },
|
||||
|
||||
/*
|
||||
* HMAC-SHA-512 test vectors
|
||||
*/
|
||||
{ 0x87, 0xAA, 0x7C, 0xDE, 0xA5, 0xEF, 0x61, 0x9D,
|
||||
0x4F, 0xF0, 0xB4, 0x24, 0x1A, 0x1D, 0x6C, 0xB0,
|
||||
0x23, 0x79, 0xF4, 0xE2, 0xCE, 0x4E, 0xC2, 0x78,
|
||||
0x7A, 0xD0, 0xB3, 0x05, 0x45, 0xE1, 0x7C, 0xDE,
|
||||
0xDA, 0xA8, 0x33, 0xB7, 0xD6, 0xB8, 0xA7, 0x02,
|
||||
0x03, 0x8B, 0x27, 0x4E, 0xAE, 0xA3, 0xF4, 0xE4,
|
||||
0xBE, 0x9D, 0x91, 0x4E, 0xEB, 0x61, 0xF1, 0x70,
|
||||
0x2E, 0x69, 0x6C, 0x20, 0x3A, 0x12, 0x68, 0x54 },
|
||||
{ 0x16, 0x4B, 0x7A, 0x7B, 0xFC, 0xF8, 0x19, 0xE2,
|
||||
0xE3, 0x95, 0xFB, 0xE7, 0x3B, 0x56, 0xE0, 0xA3,
|
||||
0x87, 0xBD, 0x64, 0x22, 0x2E, 0x83, 0x1F, 0xD6,
|
||||
0x10, 0x27, 0x0C, 0xD7, 0xEA, 0x25, 0x05, 0x54,
|
||||
0x97, 0x58, 0xBF, 0x75, 0xC0, 0x5A, 0x99, 0x4A,
|
||||
0x6D, 0x03, 0x4F, 0x65, 0xF8, 0xF0, 0xE6, 0xFD,
|
||||
0xCA, 0xEA, 0xB1, 0xA3, 0x4D, 0x4A, 0x6B, 0x4B,
|
||||
0x63, 0x6E, 0x07, 0x0A, 0x38, 0xBC, 0xE7, 0x37 },
|
||||
{ 0xFA, 0x73, 0xB0, 0x08, 0x9D, 0x56, 0xA2, 0x84,
|
||||
0xEF, 0xB0, 0xF0, 0x75, 0x6C, 0x89, 0x0B, 0xE9,
|
||||
0xB1, 0xB5, 0xDB, 0xDD, 0x8E, 0xE8, 0x1A, 0x36,
|
||||
0x55, 0xF8, 0x3E, 0x33, 0xB2, 0x27, 0x9D, 0x39,
|
||||
0xBF, 0x3E, 0x84, 0x82, 0x79, 0xA7, 0x22, 0xC8,
|
||||
0x06, 0xB4, 0x85, 0xA4, 0x7E, 0x67, 0xC8, 0x07,
|
||||
0xB9, 0x46, 0xA3, 0x37, 0xBE, 0xE8, 0x94, 0x26,
|
||||
0x74, 0x27, 0x88, 0x59, 0xE1, 0x32, 0x92, 0xFB },
|
||||
{ 0xB0, 0xBA, 0x46, 0x56, 0x37, 0x45, 0x8C, 0x69,
|
||||
0x90, 0xE5, 0xA8, 0xC5, 0xF6, 0x1D, 0x4A, 0xF7,
|
||||
0xE5, 0x76, 0xD9, 0x7F, 0xF9, 0x4B, 0x87, 0x2D,
|
||||
0xE7, 0x6F, 0x80, 0x50, 0x36, 0x1E, 0xE3, 0xDB,
|
||||
0xA9, 0x1C, 0xA5, 0xC1, 0x1A, 0xA2, 0x5E, 0xB4,
|
||||
0xD6, 0x79, 0x27, 0x5C, 0xC5, 0x78, 0x80, 0x63,
|
||||
0xA5, 0xF1, 0x97, 0x41, 0x12, 0x0C, 0x4F, 0x2D,
|
||||
0xE2, 0xAD, 0xEB, 0xEB, 0x10, 0xA2, 0x98, 0xDD },
|
||||
{ 0x41, 0x5F, 0xAD, 0x62, 0x71, 0x58, 0x0A, 0x53,
|
||||
0x1D, 0x41, 0x79, 0xBC, 0x89, 0x1D, 0x87, 0xA6 },
|
||||
{ 0x80, 0xB2, 0x42, 0x63, 0xC7, 0xC1, 0xA3, 0xEB,
|
||||
0xB7, 0x14, 0x93, 0xC1, 0xDD, 0x7B, 0xE8, 0xB4,
|
||||
0x9B, 0x46, 0xD1, 0xF4, 0x1B, 0x4A, 0xEE, 0xC1,
|
||||
0x12, 0x1B, 0x01, 0x37, 0x83, 0xF8, 0xF3, 0x52,
|
||||
0x6B, 0x56, 0xD0, 0x37, 0xE0, 0x5F, 0x25, 0x98,
|
||||
0xBD, 0x0F, 0xD2, 0x21, 0x5D, 0x6A, 0x1E, 0x52,
|
||||
0x95, 0xE6, 0x4F, 0x73, 0xF6, 0x3F, 0x0A, 0xEC,
|
||||
0x8B, 0x91, 0x5A, 0x98, 0x5D, 0x78, 0x65, 0x98 },
|
||||
{ 0xE3, 0x7B, 0x6A, 0x77, 0x5D, 0xC8, 0x7D, 0xBA,
|
||||
0xA4, 0xDF, 0xA9, 0xF9, 0x6E, 0x5E, 0x3F, 0xFD,
|
||||
0xDE, 0xBD, 0x71, 0xF8, 0x86, 0x72, 0x89, 0x86,
|
||||
0x5D, 0xF5, 0xA3, 0x2D, 0x20, 0xCD, 0xC9, 0x44,
|
||||
0xB6, 0x02, 0x2C, 0xAC, 0x3C, 0x49, 0x82, 0xB1,
|
||||
0x0D, 0x5E, 0xEB, 0x55, 0xC3, 0xE4, 0xDE, 0x15,
|
||||
0x13, 0x46, 0x76, 0xFB, 0x6D, 0xE0, 0x44, 0x60,
|
||||
0x65, 0xC9, 0x74, 0x40, 0xFA, 0x8C, 0x6A, 0x58 }
|
||||
};
|
||||
|
||||
/*
|
||||
* Checkup routine
|
||||
*/
|
||||
int sha512_self_test( int verbose )
|
||||
{
|
||||
int i, j, k, buflen, ret = 0;
|
||||
unsigned char buf[1024];
|
||||
unsigned char sha512sum[64];
|
||||
sha512_context ctx;
|
||||
|
||||
sha512_init( &ctx );
|
||||
|
||||
for( i = 0; i < 6; i++ )
|
||||
{
|
||||
j = i % 3;
|
||||
k = i < 3;
|
||||
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( " SHA-%d test #%d: ", 512 - k * 128, j + 1 );
|
||||
|
||||
sha512_starts( &ctx, k );
|
||||
|
||||
if( j == 2 )
|
||||
{
|
||||
memset( buf, 'a', buflen = 1000 );
|
||||
|
||||
for( j = 0; j < 1000; j++ )
|
||||
sha512_update( &ctx, buf, buflen );
|
||||
}
|
||||
else
|
||||
sha512_update( &ctx, sha512_test_buf[j],
|
||||
sha512_test_buflen[j] );
|
||||
|
||||
sha512_finish( &ctx, sha512sum );
|
||||
|
||||
if( memcmp( sha512sum, sha512_test_sum[i], 64 - k * 16 ) != 0 )
|
||||
{
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( "failed\n" );
|
||||
|
||||
ret = 1;
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( "passed\n" );
|
||||
}
|
||||
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( "\n" );
|
||||
|
||||
for( i = 0; i < 14; i++ )
|
||||
{
|
||||
j = i % 7;
|
||||
k = i < 7;
|
||||
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( " HMAC-SHA-%d test #%d: ", 512 - k * 128, j + 1 );
|
||||
|
||||
if( j == 5 || j == 6 )
|
||||
{
|
||||
memset( buf, '\xAA', buflen = 131 );
|
||||
sha512_hmac_starts( &ctx, buf, buflen, k );
|
||||
}
|
||||
else
|
||||
sha512_hmac_starts( &ctx, sha512_hmac_test_key[j],
|
||||
sha512_hmac_test_keylen[j], k );
|
||||
|
||||
sha512_hmac_update( &ctx, sha512_hmac_test_buf[j],
|
||||
sha512_hmac_test_buflen[j] );
|
||||
|
||||
sha512_hmac_finish( &ctx, sha512sum );
|
||||
|
||||
buflen = ( j == 4 ) ? 16 : 64 - k * 16;
|
||||
|
||||
if( memcmp( sha512sum, sha512_hmac_test_sum[i], buflen ) != 0 )
|
||||
{
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( "failed\n" );
|
||||
|
||||
ret = 1;
|
||||
goto exit;
|
||||
}
|
||||
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( "passed\n" );
|
||||
}
|
||||
|
||||
if( verbose != 0 )
|
||||
polarssl_printf( "\n" );
|
||||
|
||||
exit:
|
||||
sha512_free( &ctx );
|
||||
|
||||
return( ret );
|
||||
}
|
||||
|
||||
#endif /* POLARSSL_SELF_TEST */
|
||||
|
||||
#endif /* POLARSSL_SHA512_C */
|
||||
Loading…
Add table
Add a link
Reference in a new issue