40 changes: 0 additions & 40 deletions Externals/polarssl/README
View file

This file was deleted.

87 changes: 87 additions & 0 deletions Externals/polarssl/README.rst
View file
@@ -0,0 +1,87 @@
===================
README for PolarSSL
===================

Compiling
=========

There are currently three active build systems within the PolarSSL releases:

- Make
- CMake
- Microsoft Visual Studio

The main system used for development is CMake. That system is always the most up-to-date. The others should reflect all changes present in the CMake build system, but some features are not ported there by default.

Make
----

We intentionally only use the absolute minimum of **Make** functionality, as we have discovered that a lot of **Make** features are not supported on all different implementations of Make on different platforms. As such, the Makefiles sometimes require some handwork or `export` statements in order to work for your platform.

In order to build the source using Make, just enter at the command line:

make

In order to run the tests, enter:

make check

Depending on your platform, you might run into some issues. Please check the Makefiles in *library/*, *programs/* and *tests/* for options to manually add or remove for specific platforms. You can also check `the PolarSSL Knowledge Base <https://polarssl.org/kb>`_ for articles on your platform or issue.

In case you find that you need to do something else as well, please let us know what, so we can add it to the KB.

CMake
-----

In order to build the source using CMake, just enter at the command line:

cmake .

make

There are 3 different active build modes specified within the CMake buildsystem:

- Release.
This generates the default code without any unnecessary information in the binary files.
- Debug.
This generates debug information and disables optimization of the code.
- Coverage.
This generates code coverage information in addition to debug information.

Switching build modes in CMake is simple. For debug mode, enter at the command line:

cmake -D CMAKE_BUILD_TYPE:String="Debug" .

In order to run the tests, enter:

make test

Microsoft Visual Studio
-----------------------

The build files for Microsoft Visual Studio are generated for Visual Studio 6.0 all future Visual Studio's should be able to open and use this older version of the build files.

The workspace 'polarssl.dsw' contains all the basic projects needed to build the library and all the programs. The files in tests are not generated and compiled, as these need a perl environment as well.

Example programs
================

We've included example programs for a lot of different features and uses in *programs/*. Most programs only focus on a single feature or usage scenario, so keep that in mind when copying parts of the code.

Tests
=====

PolarSSL includes a elaborate test suite in *tests/* that initially requires Perl to generate the tests files (e.g. *test_suite_mpi.c*). These files are generates from a **function file** (e.g. *suites/test_suite_mpi.function*) and a **data file** (e.g. *suites/test_suite_mpi.data*). The **function file** contains the template for each test function. The **data file** contains the test cases, specified as parameters that should be pushed into a template function.

Contributing
============

#. `Check for open issues <https://github.com/polarssl/polarssl/issues>`_ or
`start a discussion <https://polarssl.org/discussions>`_ around a feature
idea or a bug.
#. Fork the `PolarSSL repository on Github <https://github.com/polarssl/polarssl>`_
to start making your changes.
#. Write a test which shows that the bug was fixed or that the feature works
as expected.
#. Send a pull request and bug us until it gets merged and published. We will
include your name in the ChangeLog :)
11 changes: 11 additions & 0 deletions Externals/polarssl/include/CMakeLists.txt
View file
@@ -0,0 +1,11 @@
option(INSTALL_POLARSSL_HEADERS "Install PolarSSL headers." ON)

if(INSTALL_POLARSSL_HEADERS)

file(GLOB headers "polarssl/*.h")

install(FILES ${headers}
DESTINATION include/polarssl
PERMISSIONS OWNER_READ OWNER_WRITE GROUP_READ WORLD_READ)

endif(INSTALL_POLARSSL_HEADERS)
43 changes: 37 additions & 6 deletions Externals/polarssl/include/polarssl/aes.h
View file
Expand Up @@ -31,13 +31,14 @@

#include <string.h>

#ifdef _MSC_VER
#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32)
#include <basetsd.h>
typedef UINT32 uint32_t;
#else
#include <inttypes.h>
#endif

/* padlock.c and aesni.c rely on these values! */
#define AES_ENCRYPT 1
#define AES_DECRYPT 0

Expand All @@ -48,8 +49,17 @@ typedef UINT32 uint32_t;
// Regular implementation
//

#ifdef __cplusplus
extern "C" {
#endif

/**
* \brief AES context structure
*
* \note buf is able to hold 32 extra bytes, which can be used:
* - for alignment purposes if VIA padlock is used, and/or
* - to simplify key expansion in the 256-bit case by
* generating an extra round key
*/
typedef struct
{
Expand All @@ -59,10 +69,6 @@ typedef struct
}
aes_context;

#ifdef __cplusplus
extern "C" {
#endif

/**
* \brief AES key schedule (encryption)
*
Expand Down Expand Up @@ -100,6 +106,7 @@ int aes_crypt_ecb( aes_context *ctx,
const unsigned char input[16],
unsigned char output[16] );

#if defined(POLARSSL_CIPHER_MODE_CBC)
/**
* \brief AES-CBC buffer encryption/decryption
* Length should be a multiple of the block
Expand All @@ -120,6 +127,7 @@ int aes_crypt_cbc( aes_context *ctx,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output );
#endif /* POLARSSL_CIPHER_MODE_CBC */

/**
* \brief AES-CFB128 buffer encryption/decryption.
Expand All @@ -128,7 +136,6 @@ int aes_crypt_cbc( aes_context *ctx,
* both encryption and decryption. So a context initialized with
* aes_setkey_enc() for both AES_ENCRYPT and AES_DECRYPT.
*
* both
* \param ctx AES context
* \param mode AES_ENCRYPT or AES_DECRYPT
* \param length length of the input data
Expand All @@ -147,6 +154,29 @@ int aes_crypt_cfb128( aes_context *ctx,
const unsigned char *input,
unsigned char *output );

/**
* \brief AES-CFB8 buffer encryption/decryption.
*
* Note: Due to the nature of CFB you should use the same key schedule for
* both encryption and decryption. So a context initialized with
* aes_setkey_enc() for both AES_ENCRYPT and AES_DECRYPT.
*
* \param ctx AES context
* \param mode AES_ENCRYPT or AES_DECRYPT
* \param length length of the input data
* \param iv initialization vector (updated after use)
* \param input buffer holding the input data
* \param output buffer holding the output data
*
* \return 0 if successful
*/
int aes_crypt_cfb8( aes_context *ctx,
int mode,
size_t length,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output );

/**
* \brief AES-CTR buffer encryption/decryption
*
Expand All @@ -156,6 +186,7 @@ int aes_crypt_cfb128( aes_context *ctx,
* both encryption and decryption. So a context initialized with
* aes_setkey_enc() for both AES_ENCRYPT and AES_DECRYPT.
*
* \param ctx AES context
* \param length The length of the data
* \param nc_off The offset in the current stream_block (for resuming
* within current cipher stream). The offset pointer to
Expand Down
107 changes: 107 additions & 0 deletions Externals/polarssl/include/polarssl/aesni.h
View file
@@ -0,0 +1,107 @@
/**
* \file aesni.h
*
* \brief AES-NI for hardware AES acceleration on some Intel processors
*
* Copyright (C) 2013, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_AESNI_H
#define POLARSSL_AESNI_H

#include "aes.h"

#define POLARSSL_AESNI_AES 0x02000000u
#define POLARSSL_AESNI_CLMUL 0x00000002u

#if defined(POLARSSL_HAVE_ASM) && defined(__GNUC__) && \
( defined(__amd64__) || defined(__x86_64__) ) && \
! defined(POLARSSL_HAVE_X86_64)
#define POLARSSL_HAVE_X86_64
#endif

#if defined(POLARSSL_HAVE_X86_64)

/**
* \brief AES-NI features detection routine
*
* \param what The feature to detect
* (POLARSSL_AESNI_AES or POLARSSL_AESNI_CLMUL)
*
* \return 1 if CPU has support for the feature, 0 otherwise
*/
int aesni_supports( unsigned int what );

/**
* \brief AES-NI AES-ECB block en(de)cryption
*
* \param ctx AES context
* \param mode AES_ENCRYPT or AES_DECRYPT
* \param input 16-byte input block
* \param output 16-byte output block
*
* \return 0 on success (cannot fail)
*/
int aesni_crypt_ecb( aes_context *ctx,
int mode,
const unsigned char input[16],
unsigned char output[16] );

/**
* \brief GCM multiplication: c = a * b in GF(2^128)
*
* \param c Result
* \param a First operand
* \param b Second operand
*
* \note Both operands and result are bit strings interpreted as
* elements of GF(2^128) as per the GCM spec.
*/
void aesni_gcm_mult( unsigned char c[16],
const unsigned char a[16],
const unsigned char b[16] );

/**
* \brief Compute decryption round keys from encryption round keys
*
* \param invkey Round keys for the equivalent inverse cipher
* \param fwdkey Original round keys (for encryption)
* \param nr Number of rounds (that is, number of round keys minus one)
*/
void aesni_inverse_key( unsigned char *invkey,
const unsigned char *fwdkey, int nr );

/**
* \brief Perform key expansion (for encryption)
*
* \param rk Destination buffer where the round keys are written
* \param key Encryption key
* \param bits Key size in bits (must be 128, 192 or 256)
*
* \return 0 if successful, or POLARSSL_ERR_AES_INVALID_KEY_LENGTH
*/
int aesni_setkey_enc( unsigned char *rk,
const unsigned char *key,
size_t bits );

#endif /* POLARSSL_HAVE_X86_64 */

#endif /* POLARSSL_AESNI_H */
10 changes: 5 additions & 5 deletions Externals/polarssl/include/polarssl/arc4.h
View file
Expand Up @@ -35,6 +35,10 @@
// Regular implementation
//

#ifdef __cplusplus
extern "C" {
#endif

/**
* \brief ARC4 context structure
*/
Expand All @@ -46,16 +50,12 @@ typedef struct
}
arc4_context;

#ifdef __cplusplus
extern "C" {
#endif

/**
* \brief ARC4 key schedule
*
* \param ctx ARC4 context to be initialized
* \param key the secret key
* \param keylen length of the key
* \param keylen length of the key, in bytes
*/
void arc4_setup( arc4_context *ctx, const unsigned char *key, unsigned int keylen );

Expand Down
123 changes: 108 additions & 15 deletions Externals/polarssl/include/polarssl/asn1.h
View file
Expand Up @@ -3,7 +3,7 @@
*
* \brief Generic ASN.1 parsing
*
* Copyright (C) 2006-2011, Brainspark B.V.
* Copyright (C) 2006-2013, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
Expand Down Expand Up @@ -93,6 +93,14 @@
/** Returns the size of the binary string, without the trailing \\0 */
#define OID_SIZE(x) (sizeof(x) - 1)

/** Compares two asn1_buf structures for the same OID. Only works for
* 'defined' oid_str values (OID_HMAC_SHA1), you cannot use a 'unsigned
* char *oid' here!
*/
#define OID_CMP(oid_str, oid_buf) \
( ( OID_SIZE(oid_str) == (oid_buf)->len ) && \
memcmp( (oid_str), (oid_buf)->p, (oid_buf)->len) == 0 )

#ifdef __cplusplus
extern "C" {
#endif
Expand Down Expand Up @@ -135,8 +143,19 @@ typedef struct _asn1_sequence
asn1_sequence;

/**
* Get the length of an ASN.1 element.
* Updates the pointer to immediately behind the length.
* Container for a sequence or list of 'named' ASN.1 data items
*/
typedef struct _asn1_named_data
{
asn1_buf oid; /**< The object identifier. */
asn1_buf val; /**< The named value. */
struct _asn1_named_data *next; /**< The next entry in the sequence. */
}
asn1_named_data;

/**
* \brief Get the length of an ASN.1 element.
* Updates the pointer to immediately behind the length.
*
* \param p The position in the ASN.1 data
* \param end End of data
Expand All @@ -151,8 +170,8 @@ int asn1_get_len( unsigned char **p,
size_t *len );

/**
* Get the tag and length of the tag. Check for the requested tag.
* Updates the pointer to immediately behind the tag and length.
* \brief Get the tag and length of the tag. Check for the requested tag.
* Updates the pointer to immediately behind the tag and length.
*
* \param p The position in the ASN.1 data
* \param end End of data
Expand All @@ -167,8 +186,8 @@ int asn1_get_tag( unsigned char **p,
size_t *len, int tag );

/**
* Retrieve a boolean ASN.1 tag and its value.
* Updates the pointer to immediately behind the full tag.
* \brief Retrieve a boolean ASN.1 tag and its value.
* Updates the pointer to immediately behind the full tag.
*
* \param p The position in the ASN.1 data
* \param end End of data
Expand All @@ -181,8 +200,8 @@ int asn1_get_bool( unsigned char **p,
int *val );

/**
* Retrieve an integer ASN.1 tag and its value.
* Updates the pointer to immediately behind the full tag.
* \brief Retrieve an integer ASN.1 tag and its value.
* Updates the pointer to immediately behind the full tag.
*
* \param p The position in the ASN.1 data
* \param end End of data
Expand All @@ -195,8 +214,8 @@ int asn1_get_int( unsigned char **p,
int *val );

/**
* Retrieve a bitstring ASN.1 tag and its value.
* Updates the pointer to immediately behind the full tag.
* \brief Retrieve a bitstring ASN.1 tag and its value.
* Updates the pointer to immediately behind the full tag.
*
* \param p The position in the ASN.1 data
* \param end End of data
Expand All @@ -208,8 +227,22 @@ int asn1_get_bitstring( unsigned char **p, const unsigned char *end,
asn1_bitstring *bs);

/**
* Parses and splits an ASN.1 "SEQUENCE OF <tag>"
* Updated the pointer to immediately behind the full sequence tag.
* \brief Retrieve a bitstring ASN.1 tag without unused bits and its
* value.
* Updates the pointer to the beginning of the bit/octet string.
*
* \param p The position in the ASN.1 data
* \param end End of data
* \param len Length of the actual bit/octect string in bytes
*
* \return 0 if successful or a specific ASN.1 error code.
*/
int asn1_get_bitstring_null( unsigned char **p, const unsigned char *end,
size_t *len );

/**
* \brief Parses and splits an ASN.1 "SEQUENCE OF <tag>"
* Updated the pointer to immediately behind the full sequence tag.
*
* \param p The position in the ASN.1 data
* \param end End of data
Expand All @@ -225,8 +258,8 @@ int asn1_get_sequence_of( unsigned char **p,

#if defined(POLARSSL_BIGNUM_C)
/**
* Retrieve a MPI value from an integer ASN.1 tag.
* Updates the pointer to immediately behind the full tag.
* \brief Retrieve a MPI value from an integer ASN.1 tag.
* Updates the pointer to immediately behind the full tag.
*
* \param p The position in the ASN.1 data
* \param end End of data
Expand All @@ -239,6 +272,66 @@ int asn1_get_mpi( unsigned char **p,
mpi *X );
#endif

/**
* \brief Retrieve an AlgorithmIdentifier ASN.1 sequence.
* Updates the pointer to immediately behind the full
* AlgorithmIdentifier.
*
* \param p The position in the ASN.1 data
* \param end End of data
* \param alg The buffer to receive the OID
* \param params The buffer to receive the params (if any)
*
* \return 0 if successful or a specific ASN.1 or MPI error code.
*/
int asn1_get_alg( unsigned char **p,
const unsigned char *end,
asn1_buf *alg, asn1_buf *params );

/**
* \brief Retrieve an AlgorithmIdentifier ASN.1 sequence with NULL or no
* params.
* Updates the pointer to immediately behind the full
* AlgorithmIdentifier.
*
* \param p The position in the ASN.1 data
* \param end End of data
* \param alg The buffer to receive the OID
*
* \return 0 if successful or a specific ASN.1 or MPI error code.
*/
int asn1_get_alg_null( unsigned char **p,
const unsigned char *end,
asn1_buf *alg );

/**
* \brief Find a specific named_data entry in a sequence or list based on
* the OID.
*
* \param list The list to seek through
* \param oid The OID to look for
* \param len Size of the OID
*
* \return NULL if not found, or a pointer to the existing entry.
*/
asn1_named_data *asn1_find_named_data( asn1_named_data *list,
const char *oid, size_t len );

/**
* \brief Free a asn1_named_data entry
*
* \param entry The named data entry to free
*/
void asn1_free_named_data( asn1_named_data *entry );

/**
* \brief Free all entries in a asn1_named_data list
* Head will be set to NULL
*
* \param head Pointer to the head of the list of named data entries to free
*/
void asn1_free_named_data_list( asn1_named_data **head );

#ifdef __cplusplus
}
#endif
Expand Down
207 changes: 201 additions & 6 deletions Externals/polarssl/include/polarssl/asn1write.h
View file
Expand Up @@ -3,7 +3,7 @@
*
* \brief ASN.1 buffer writing functionality
*
* Copyright (C) 2006-2012, Brainspark B.V.
* Copyright (C) 2006-2013, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
Expand All @@ -29,18 +29,213 @@

#include "asn1.h"

#define ASN1_CHK_ADD(g, f) if( ( ret = f ) < 0 ) return( ret ); else g += ret
#define ASN1_CHK_ADD(g, f) do { if( ( ret = f ) < 0 ) return( ret ); else g += ret; } while( 0 )

#ifdef __cplusplus
extern "C" {
#endif

/**
* \brief Write a length field in ASN.1 format
* Note: function works backwards in data buffer
*
* \param p reference to current position pointer
* \param start start of the buffer (for bounds-checking)
* \param len the length to write
*
* \return the length written or a negative error code
*/
int asn1_write_len( unsigned char **p, unsigned char *start, size_t len );

/**
* \brief Write a ASN.1 tag in ASN.1 format
* Note: function works backwards in data buffer
*
* \param p reference to current position pointer
* \param start start of the buffer (for bounds-checking)
* \param tag the tag to write
*
* \return the length written or a negative error code
*/
int asn1_write_tag( unsigned char **p, unsigned char *start, unsigned char tag );

/**
* \brief Write raw buffer data
* Note: function works backwards in data buffer
*
* \param p reference to current position pointer
* \param start start of the buffer (for bounds-checking)
* \param buf data buffer to write
* \param size length of the data buffer
*
* \return the length written or a negative error code
*/
int asn1_write_raw_buffer( unsigned char **p, unsigned char *start,
const unsigned char *buf, size_t size );

#if defined(POLARSSL_BIGNUM_C)
/**
* \brief Write a big number (ASN1_INTEGER) in ASN.1 format
* Note: function works backwards in data buffer
*
* \param p reference to current position pointer
* \param start start of the buffer (for bounds-checking)
* \param X the MPI to write
*
* \return the length written or a negative error code
*/
int asn1_write_mpi( unsigned char **p, unsigned char *start, mpi *X );
#endif

/**
* \brief Write a NULL tag (ASN1_NULL) with zero data in ASN.1 format
* Note: function works backwards in data buffer
*
* \param p reference to current position pointer
* \param start start of the buffer (for bounds-checking)
*
* \return the length written or a negative error code
*/
int asn1_write_null( unsigned char **p, unsigned char *start );
int asn1_write_oid( unsigned char **p, unsigned char *start, char *oid );
int asn1_write_algorithm_identifier( unsigned char **p, unsigned char *start, char *algorithm_oid );

/**
* \brief Write an OID tag (ASN1_OID) and data in ASN.1 format
* Note: function works backwards in data buffer
*
* \param p reference to current position pointer
* \param start start of the buffer (for bounds-checking)
* \param oid the OID to write
* \param oid_len length of the OID
*
* \return the length written or a negative error code
*/
int asn1_write_oid( unsigned char **p, unsigned char *start,
const char *oid, size_t oid_len );

/**
* \brief Write an AlgorithmIdentifier sequence in ASN.1 format
* Note: function works backwards in data buffer
*
* \param p reference to current position pointer
* \param start start of the buffer (for bounds-checking)
* \param oid the OID of the algorithm
* \param oid_len length of the OID
* \param par_len length of parameters, which must be already written.
* If 0, NULL parameters are added
*
* \return the length written or a negative error code
*/
int asn1_write_algorithm_identifier( unsigned char **p, unsigned char *start,
const char *oid, size_t oid_len,
size_t par_len );

/**
* \brief Write a boolean tag (ASN1_BOOLEAN) and value in ASN.1 format
* Note: function works backwards in data buffer
*
* \param p reference to current position pointer
* \param start start of the buffer (for bounds-checking)
* \param boolean 0 or 1
*
* \return the length written or a negative error code
*/
int asn1_write_bool( unsigned char **p, unsigned char *start, int boolean );

/**
* \brief Write an int tag (ASN1_INTEGER) and value in ASN.1 format
* Note: function works backwards in data buffer
*
* \param p reference to current position pointer
* \param start start of the buffer (for bounds-checking)
* \param val the integer value
*
* \return the length written or a negative error code
*/
int asn1_write_int( unsigned char **p, unsigned char *start, int val );

/**
* \brief Write a printable string tag (ASN1_PRINTABLE_STRING) and
* value in ASN.1 format
* Note: function works backwards in data buffer
*
* \param p reference to current position pointer
* \param start start of the buffer (for bounds-checking)
* \param text the text to write
* \param text_len length of the text
*
* \return the length written or a negative error code
*/
int asn1_write_printable_string( unsigned char **p, unsigned char *start,
char *text );
const char *text, size_t text_len );

/**
* \brief Write an IA5 string tag (ASN1_IA5_STRING) and
* value in ASN.1 format
* Note: function works backwards in data buffer
*
* \param p reference to current position pointer
* \param start start of the buffer (for bounds-checking)
* \param text the text to write
* \param text_len length of the text
*
* \return the length written or a negative error code
*/
int asn1_write_ia5_string( unsigned char **p, unsigned char *start,
char *text );
const char *text, size_t text_len );

/**
* \brief Write a bitstring tag (ASN1_BIT_STRING) and
* value in ASN.1 format
* Note: function works backwards in data buffer
*
* \param p reference to current position pointer
* \param start start of the buffer (for bounds-checking)
* \param buf the bitstring
* \param bits the total number of bits in the bitstring
*
* \return the length written or a negative error code
*/
int asn1_write_bitstring( unsigned char **p, unsigned char *start,
const unsigned char *buf, size_t bits );

/**
* \brief Write an octet string tag (ASN1_OCTET_STRING) and
* value in ASN.1 format
* Note: function works backwards in data buffer
*
* \param p reference to current position pointer
* \param start start of the buffer (for bounds-checking)
* \param buf data buffer to write
* \param size length of the data buffer
*
* \return the length written or a negative error code
*/
int asn1_write_octet_string( unsigned char **p, unsigned char *start,
const unsigned char *buf, size_t size );

/**
* \brief Create or find a specific named_data entry for writing in a
* sequence or list based on the OID. If not already in there,
* a new entry is added to the head of the list.
* Warning: Destructive behaviour for the val data!
*
* \param list Pointer to the location of the head of the list to seek
* through (will be updated in case of a new entry)
* \param oid The OID to look for
* \param oid_len Size of the OID
* \param val Data to store (can be NULL if you want to fill it by hand)
* \param val_len Minimum length of the data buffer needed
*
* \return NULL if if there was a memory allocation error, or a pointer
* to the new / existing entry.
*/
asn1_named_data *asn1_store_named_data( asn1_named_data **list,
const char *oid, size_t oid_len,
const unsigned char *val,
size_t val_len );

#ifdef __cplusplus
}
#endif

#endif /* POLARSSL_ASN1_WRITE_H */
8 changes: 4 additions & 4 deletions Externals/polarssl/include/polarssl/base64.h
View file
Expand Up @@ -3,7 +3,7 @@
*
* \brief RFC 1521 base64 encoding/decoding
*
* Copyright (C) 2006-2010, Brainspark B.V.
* Copyright (C) 2006-2013, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
Expand Down Expand Up @@ -57,7 +57,7 @@ int base64_encode( unsigned char *dst, size_t *dlen,
/**
* \brief Decode a base64-formatted buffer
*
* \param dst destination buffer
* \param dst destination buffer (can be NULL for checking size)
* \param dlen size of the buffer
* \param src source buffer
* \param slen amount of data to be decoded
Expand All @@ -67,8 +67,8 @@ int base64_encode( unsigned char *dst, size_t *dlen,
* not correct. *dlen is always updated to reflect the amount
* of data that has (or would have) been written.
*
* \note Call this function with *dlen = 0 to obtain the
* required buffer size in *dlen
* \note Call this function with *dst = NULL or *dlen = 0 to obtain
* the required buffer size in *dlen
*/
int base64_decode( unsigned char *dst, size_t *dlen,
const unsigned char *src, size_t slen );
Expand Down
85 changes: 72 additions & 13 deletions Externals/polarssl/include/polarssl/bignum.h
View file
Expand Up @@ -32,7 +32,7 @@

#include "config.h"

#ifdef _MSC_VER
#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32)
#include <basetsd.h>
#if (_MSC_VER <= 1200)
typedef signed short int16_t;
Expand All @@ -58,7 +58,7 @@ typedef UINT64 uint64_t;
#define POLARSSL_ERR_MPI_NOT_ACCEPTABLE -0x000E /**< The input arguments are not acceptable. */
#define POLARSSL_ERR_MPI_MALLOC_FAILED -0x0010 /**< Memory allocation failed. */

#define MPI_CHK(f) if( ( ret = f ) != 0 ) goto cleanup
#define MPI_CHK(f) do { if( ( ret = f ) != 0 ) goto cleanup; } while( 0 )

/*
* Maximum size MPIs are allowed to grow to in number of limbs.
Expand Down Expand Up @@ -127,21 +127,30 @@ typedef uint16_t t_uint;
typedef uint32_t t_udbl;
#define POLARSSL_HAVE_UDBL
#else
#if ( defined(_MSC_VER) && defined(_M_AMD64) )
/*
* 32-bit integers can be forced on 64-bit arches (eg. for testing purposes)
* by defining POLARSSL_HAVE_INT32 and undefining POARSSL_HAVE_ASM
*/
#if ( ! defined(POLARSSL_HAVE_INT32) && \
defined(_MSC_VER) && defined(_M_AMD64) )
#define POLARSSL_HAVE_INT64
typedef int64_t t_sint;
typedef uint64_t t_uint;
#else
#if ( defined(__GNUC__) && ( \
#if ( ! defined(POLARSSL_HAVE_INT32) && \
defined(__GNUC__) && ( \
defined(__amd64__) || defined(__x86_64__) || \
defined(__ppc64__) || defined(__powerpc64__) || \
defined(__ia64__) || defined(__alpha__) || \
(defined(__sparc__) && defined(__arch64__)) || \
defined(__s390x__) ) )
#define POLARSSL_HAVE_INT64
typedef int64_t t_sint;
typedef uint64_t t_uint;
typedef unsigned int t_udbl __attribute__((mode(TI)));
#define POLARSSL_HAVE_UDBL
#else
#define POLARSSL_HAVE_INT32
typedef int32_t t_sint;
typedef uint32_t t_uint;
#if ( defined(_MSC_VER) && defined(_M_IX86) )
Expand All @@ -158,6 +167,10 @@ typedef uint32_t t_udbl;
#endif /* POLARSSL_HAVE_INT16 */
#endif /* POLARSSL_HAVE_INT8 */

#ifdef __cplusplus
extern "C" {
#endif

/**
* \brief MPI structure
*/
Expand All @@ -169,10 +182,6 @@ typedef struct
}
mpi;

#ifdef __cplusplus
extern "C" {
#endif

/**
* \brief Initialize one MPI
*
Expand All @@ -198,6 +207,17 @@ void mpi_free( mpi *X );
*/
int mpi_grow( mpi *X, size_t nblimbs );

/**
* \brief Resize down, keeping at least the specified number of limbs
*
* \param X MPI to shrink
* \param nblimbs The minimum number of limbs to keep
*
* \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed
*/
int mpi_shrink( mpi *X, size_t nblimbs );

/**
* \brief Copy the contents of Y into X
*
Expand All @@ -217,6 +237,44 @@ int mpi_copy( mpi *X, const mpi *Y );
*/
void mpi_swap( mpi *X, mpi *Y );

/**
* \brief Safe conditional assignement X = Y if assign is 1
*
* \param X MPI to conditionally assign to
* \param Y Value to be assigned
* \param assign 1: perform the assignment, 0: keep X's original value
*
* \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed,
*
* \note This function is equivalent to
* if( assign ) mpi_copy( X, Y );
* except that it avoids leaking any information about whether
* the assignment was done or not (the above code may leak
* information through branch prediction and/or memory access
* patterns analysis).
*/
int mpi_safe_cond_assign( mpi *X, const mpi *Y, unsigned char assign );

/**
* \brief Safe conditional swap X <-> Y if swap is 1
*
* \param X First mpi value
* \param Y Second mpi value
* \param assign 1: perform the swap, 0: keep X and Y's original values
*
* \return 0 if successful,
* POLARSSL_ERR_MPI_MALLOC_FAILED if memory allocation failed,
*
* \note This function is equivalent to
* if( assign ) mpi_swap( X, Y );
* except that it avoids leaking any information about whether
* the assignment was done or not (the above code may leak
* information through branch prediction and/or memory access
* patterns analysis).
*/
int mpi_safe_cond_swap( mpi *X, mpi *Y, unsigned char assign );

/**
* \brief Set value from integer
*
Expand Down Expand Up @@ -433,7 +491,7 @@ int mpi_cmp_int( const mpi *X, t_sint z );
int mpi_add_abs( mpi *X, const mpi *A, const mpi *B );

/**
* \brief Unsigned substraction: X = |A| - |B|
* \brief Unsigned subtraction: X = |A| - |B|
*
* \param X Destination MPI
* \param A Left-hand MPI
Expand All @@ -457,7 +515,7 @@ int mpi_sub_abs( mpi *X, const mpi *A, const mpi *B );
int mpi_add_mpi( mpi *X, const mpi *A, const mpi *B );

/**
* \brief Signed substraction: X = A - B
* \brief Signed subtraction: X = A - B
*
* \param X Destination MPI
* \param A Left-hand MPI
Expand All @@ -481,7 +539,7 @@ int mpi_sub_mpi( mpi *X, const mpi *A, const mpi *B );
int mpi_add_int( mpi *X, const mpi *A, t_sint b );

/**
* \brief Signed substraction: X = A - b
* \brief Signed subtraction: X = A - b
*
* \param X Destination MPI
* \param A Left-hand MPI
Expand All @@ -506,8 +564,9 @@ int mpi_mul_mpi( mpi *X, const mpi *A, const mpi *B );

/**
* \brief Baseline multiplication: X = A * b
* Note: b is an unsigned integer type, thus
* Negative values of b are ignored.
* Note: despite the functon signature, b is treated as a
* t_uint. Negative values of b are treated as large positive
* values.
*
* \param X Destination MPI
* \param A Left-hand MPI
Expand Down
18 changes: 12 additions & 6 deletions Externals/polarssl/include/polarssl/blowfish.h
View file
Expand Up @@ -31,7 +31,7 @@

#include <string.h>

#ifdef _MSC_VER
#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32)
#include <basetsd.h>
typedef UINT32 uint32_t;
#else
Expand All @@ -52,6 +52,10 @@ typedef UINT32 uint32_t;
// Regular implementation
//

#ifdef __cplusplus
extern "C" {
#endif

/**
* \brief Blowfish context structure
*/
Expand All @@ -62,10 +66,6 @@ typedef struct
}
blowfish_context;

#ifdef __cplusplus
extern "C" {
#endif

/**
* \brief Blowfish key schedule
*
Expand All @@ -92,6 +92,7 @@ int blowfish_crypt_ecb( blowfish_context *ctx,
const unsigned char input[BLOWFISH_BLOCKSIZE],
unsigned char output[BLOWFISH_BLOCKSIZE] );

#if defined(POLARSSL_CIPHER_MODE_CBC)
/**
* \brief Blowfish-CBC buffer encryption/decryption
* Length should be a multiple of the block
Expand All @@ -112,11 +113,12 @@ int blowfish_crypt_cbc( blowfish_context *ctx,
unsigned char iv[BLOWFISH_BLOCKSIZE],
const unsigned char *input,
unsigned char *output );
#endif /* POLARSSL_CIPHER_MODE_CBC */

#if defined(POLARSSL_CIPHER_MODE_CFB)
/**
* \brief Blowfish CFB buffer encryption/decryption.
*
* both
* \param ctx Blowfish context
* \param mode BLOWFISH_ENCRYPT or BLOWFISH_DECRYPT
* \param length length of the input data
Expand All @@ -134,12 +136,15 @@ int blowfish_crypt_cfb64( blowfish_context *ctx,
unsigned char iv[BLOWFISH_BLOCKSIZE],
const unsigned char *input,
unsigned char *output );
#endif /*POLARSSL_CIPHER_MODE_CFB */

#if defined(POLARSSL_CIPHER_MODE_CTR)
/**
* \brief Blowfish-CTR buffer encryption/decryption
*
* Warning: You have to keep the maximum use of your counter in mind!
*
* \param ctx Blowfish context
* \param length The length of the data
* \param nc_off The offset in the current stream_block (for resuming
* within current cipher stream). The offset pointer to
Expand All @@ -159,6 +164,7 @@ int blowfish_crypt_ctr( blowfish_context *ctx,
unsigned char stream_block[BLOWFISH_BLOCKSIZE],
const unsigned char *input,
unsigned char *output );
#endif /* POLARSSL_CIPHER_MODE_CTR */

#ifdef __cplusplus
}
Expand Down
682 changes: 392 additions & 290 deletions Externals/polarssl/include/polarssl/bn_mul.h
View file

Large diffs are not rendered by default.

19 changes: 13 additions & 6 deletions Externals/polarssl/include/polarssl/camellia.h
View file
Expand Up @@ -31,7 +31,7 @@

#include <string.h>

#ifdef _MSC_VER
#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32)
#include <basetsd.h>
typedef UINT32 uint32_t;
#else
Expand All @@ -48,6 +48,10 @@ typedef UINT32 uint32_t;
// Regular implementation
//

#ifdef __cplusplus
extern "C" {
#endif

/**
* \brief CAMELLIA context structure
*/
Expand All @@ -58,10 +62,6 @@ typedef struct
}
camellia_context;

#ifdef __cplusplus
extern "C" {
#endif

/**
* \brief CAMELLIA key schedule (encryption)
*
Expand Down Expand Up @@ -99,6 +99,7 @@ int camellia_crypt_ecb( camellia_context *ctx,
const unsigned char input[16],
unsigned char output[16] );

#if defined(POLARSSL_CIPHER_MODE_CBC)
/**
* \brief CAMELLIA-CBC buffer encryption/decryption
* Length should be a multiple of the block
Expand All @@ -119,7 +120,9 @@ int camellia_crypt_cbc( camellia_context *ctx,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output );
#endif /* POLARSSL_CIPHER_MODE_CBC */

#if defined(POLARSSL_CIPHER_MODE_CFB)
/**
* \brief CAMELLIA-CFB128 buffer encryption/decryption
*
Expand All @@ -134,7 +137,7 @@ int camellia_crypt_cbc( camellia_context *ctx,
* \param iv initialization vector (updated after use)
* \param input buffer holding the input data
* \param output buffer holding the output data
*
*
* \return 0 if successful, or POLARSSL_ERR_CAMELLIA_INVALID_INPUT_LENGTH
*/
int camellia_crypt_cfb128( camellia_context *ctx,
Expand All @@ -144,7 +147,9 @@ int camellia_crypt_cfb128( camellia_context *ctx,
unsigned char iv[16],
const unsigned char *input,
unsigned char *output );
#endif /* POLARSSL_CIPHER_MODE_CFB */

#if defined(POLARSSL_CIPHER_MODE_CTR)
/**
* \brief CAMELLIA-CTR buffer encryption/decryption
*
Expand All @@ -154,6 +159,7 @@ int camellia_crypt_cfb128( camellia_context *ctx,
* both encryption and decryption. So a context initialized with
* camellia_setkey_enc() for both CAMELLIA_ENCRYPT and CAMELLIA_DECRYPT.
*
* \param ctx CAMELLIA context
* \param length The length of the data
* \param nc_off The offset in the current stream_block (for resuming
* within current cipher stream). The offset pointer to
Expand All @@ -173,6 +179,7 @@ int camellia_crypt_ctr( camellia_context *ctx,
unsigned char stream_block[16],
const unsigned char *input,
unsigned char *output );
#endif /* POLARSSL_CIPHER_MODE_CTR */

#ifdef __cplusplus
}
Expand Down
44 changes: 37 additions & 7 deletions Externals/polarssl/include/polarssl/certs.h
View file
Expand Up @@ -31,14 +31,44 @@
extern "C" {
#endif

extern const char test_ca_crt[];
extern const char test_ca_key[];
extern const char test_ca_pwd[];
extern const char test_srv_crt[];
extern const char test_srv_key[];
extern const char test_cli_crt[];
extern const char test_cli_key[];
/* Concatenation of all available CA certificates */
extern const char test_ca_list[];

/*
* Convenience for users who just want a certificate:
* RSA by default, or ECDSA if RSA i not available
*/
extern const char *test_ca_crt;
extern const char *test_ca_key;
extern const char *test_ca_pwd;
extern const char *test_srv_crt;
extern const char *test_srv_key;
extern const char *test_cli_crt;
extern const char *test_cli_key;

#if defined(POLARSSL_ECDSA_C)
extern const char test_ca_crt_ec[];
extern const char test_ca_key_ec[];
extern const char test_ca_pwd_ec[];
extern const char test_srv_crt_ec[];
extern const char test_srv_key_ec[];
extern const char test_cli_crt_ec[];
extern const char test_cli_key_ec[];
#endif

#if defined(POLARSSL_RSA_C)
extern const char test_ca_crt_rsa[];
extern const char test_ca_key_rsa[];
extern const char test_ca_pwd_rsa[];
extern const char test_srv_crt_rsa[];
extern const char test_srv_key_rsa[];
extern const char test_cli_crt_rsa[];
extern const char test_cli_key_rsa[];
#endif

#if defined(POLARSSL_DHM_C)
extern const char test_dhm_params[];
#endif

#ifdef __cplusplus
}
Expand Down
211 changes: 190 additions & 21 deletions Externals/polarssl/include/polarssl/cipher.h
View file

Large diffs are not rendered by default.

70 changes: 8 additions & 62 deletions Externals/polarssl/include/polarssl/cipher_wrap.h
View file
Expand Up @@ -5,7 +5,7 @@
*
* \author Adriaan de Jong <dejong@fox-it.com>
*
* Copyright (C) 2006-2012, Brainspark B.V.
* Copyright (C) 2006-2013, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
Expand Down Expand Up @@ -36,69 +36,15 @@
extern "C" {
#endif

#if defined(POLARSSL_AES_C)
typedef struct
{
cipher_type_t type;
const cipher_info_t *info;
} cipher_definition_t;

extern const cipher_info_t aes_128_cbc_info;
extern const cipher_info_t aes_192_cbc_info;
extern const cipher_info_t aes_256_cbc_info;
extern const cipher_definition_t cipher_definitions[];

#if defined(POLARSSL_CIPHER_MODE_CFB)
extern const cipher_info_t aes_128_cfb128_info;
extern const cipher_info_t aes_192_cfb128_info;
extern const cipher_info_t aes_256_cfb128_info;
#endif /* POLARSSL_CIPHER_MODE_CFB */

#if defined(POLARSSL_CIPHER_MODE_CTR)
extern const cipher_info_t aes_128_ctr_info;
extern const cipher_info_t aes_192_ctr_info;
extern const cipher_info_t aes_256_ctr_info;
#endif /* POLARSSL_CIPHER_MODE_CTR */

#endif /* defined(POLARSSL_AES_C) */

#if defined(POLARSSL_CAMELLIA_C)

extern const cipher_info_t camellia_128_cbc_info;
extern const cipher_info_t camellia_192_cbc_info;
extern const cipher_info_t camellia_256_cbc_info;

#if defined(POLARSSL_CIPHER_MODE_CFB)
extern const cipher_info_t camellia_128_cfb128_info;
extern const cipher_info_t camellia_192_cfb128_info;
extern const cipher_info_t camellia_256_cfb128_info;
#endif /* POLARSSL_CIPHER_MODE_CFB */

#if defined(POLARSSL_CIPHER_MODE_CTR)
extern const cipher_info_t camellia_128_ctr_info;
extern const cipher_info_t camellia_192_ctr_info;
extern const cipher_info_t camellia_256_ctr_info;
#endif /* POLARSSL_CIPHER_MODE_CTR */

#endif /* defined(POLARSSL_CAMELLIA_C) */

#if defined(POLARSSL_DES_C)

extern const cipher_info_t des_cbc_info;
extern const cipher_info_t des_ede_cbc_info;
extern const cipher_info_t des_ede3_cbc_info;

#endif /* defined(POLARSSL_DES_C) */

#if defined(POLARSSL_BLOWFISH_C)
extern const cipher_info_t blowfish_cbc_info;

#if defined(POLARSSL_CIPHER_MODE_CFB)
extern const cipher_info_t blowfish_cfb64_info;
#endif /* POLARSSL_CIPHER_MODE_CFB */

#if defined(POLARSSL_CIPHER_MODE_CTR)
extern const cipher_info_t blowfish_ctr_info;
#endif /* POLARSSL_CIPHER_MODE_CTR */
#endif /* defined(POLARSSL_BLOWFISH_C) */

#if defined(POLARSSL_CIPHER_NULL_CIPHER)
extern const cipher_info_t null_cipher_info;
#endif /* defined(POLARSSL_CIPHER_NULL_CIPHER) */
extern int supported_ciphers[];

#ifdef __cplusplus
}
Expand Down
385 changes: 385 additions & 0 deletions Externals/polarssl/include/polarssl/compat-1.2.h
View file
@@ -0,0 +1,385 @@
/**
* \file compat-1.2.h
*
* \brief Backwards compatibility header for PolarSSL-1.2 from PolarSSL-1.3
*
* Copyright (C) 2006-2013, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_COMPAT_1_2_H
#define POLARSSL_COMPAT_1_2_H

#include "config.h"

// Comment out to disable prototype change warnings
#define SHOW_PROTOTYPE_CHANGE_WARNINGS

#if defined(_MSC_VER) && !defined(inline)
#define inline _inline
#else
#if defined(__ARMCC_VERSION) && !defined(inline)
#define inline __inline
#endif /* __ARMCC_VERSION */
#endif /* _MSC_VER */

#if defined(_MSC_VER)
// MSVC does not support #warning
#undef SHOW_PROTOTYPE_CHANGE_WARNINGS
#endif

#if defined(SHOW_PROTOTYPE_CHANGE_WARNINGS)
#warning "You can disable these warnings by commenting SHOW_PROTOTYPE_CHANGE_WARNINGS in compat-1.2.h"
#endif

#if defined(POLARSSL_SHA256_C)
#define POLARSSL_SHA2_C
#include "sha256.h"

/*
* SHA-2 -> SHA-256
*/
typedef sha256_context sha2_context;

static inline void sha2_starts( sha256_context *ctx, int is224 ) {
sha256_starts( ctx, is224 );
}
static inline void sha2_update( sha256_context *ctx, const unsigned char *input,
size_t ilen ) {
sha256_update( ctx, input, ilen );
}
static inline void sha2_finish( sha256_context *ctx, unsigned char output[32] ) {
sha256_finish( ctx, output );
}
static inline int sha2_file( const char *path, unsigned char output[32], int is224 ) {
return sha256_file( path, output, is224 );
}
static inline void sha2( const unsigned char *input, size_t ilen,
unsigned char output[32], int is224 ) {
sha256( input, ilen, output, is224 );
}
static inline void sha2_hmac_starts( sha256_context *ctx, const unsigned char *key,
size_t keylen, int is224 ) {
sha256_hmac_starts( ctx, key, keylen, is224 );
}
static inline void sha2_hmac_update( sha256_context *ctx, const unsigned char *input, size_t ilen ) {
sha256_hmac_update( ctx, input, ilen );
}
static inline void sha2_hmac_finish( sha256_context *ctx, unsigned char output[32] ) {
sha256_hmac_finish( ctx, output );
}
static inline void sha2_hmac_reset( sha256_context *ctx ) {
sha256_hmac_reset( ctx );
}
static inline void sha2_hmac( const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen,
unsigned char output[32], int is224 ) {
sha256_hmac( key, keylen, input, ilen, output, is224 );
}
static inline int sha2_self_test( int verbose ) {
return sha256_self_test( verbose );
}
#endif /* POLARSSL_SHA256_C */

#if defined(POLARSSL_SHA512_C)
#define POLARSSL_SHA4_C
#include "sha512.h"

/*
* SHA-4 -> SHA-512
*/
typedef sha512_context sha4_context;

static inline void sha4_starts( sha512_context *ctx, int is384 ) {
sha512_starts( ctx, is384 );
}
static inline void sha4_update( sha512_context *ctx, const unsigned char *input,
size_t ilen ) {
sha512_update( ctx, input, ilen );
}
static inline void sha4_finish( sha512_context *ctx, unsigned char output[64] ) {
sha512_finish( ctx, output );
}
static inline int sha4_file( const char *path, unsigned char output[64], int is384 ) {
return sha512_file( path, output, is384 );
}
static inline void sha4( const unsigned char *input, size_t ilen,
unsigned char output[32], int is384 ) {
sha512( input, ilen, output, is384 );
}
static inline void sha4_hmac_starts( sha512_context *ctx, const unsigned char *key,
size_t keylen, int is384 ) {
sha512_hmac_starts( ctx, key, keylen, is384 );
}
static inline void sha4_hmac_update( sha512_context *ctx, const unsigned char *input, size_t ilen ) {
sha512_hmac_update( ctx, input, ilen );
}
static inline void sha4_hmac_finish( sha512_context *ctx, unsigned char output[64] ) {
sha512_hmac_finish( ctx, output );
}
static inline void sha4_hmac_reset( sha512_context *ctx ) {
sha512_hmac_reset( ctx );
}
static inline void sha4_hmac( const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen,
unsigned char output[64], int is384 ) {
sha512_hmac( key, keylen, input, ilen, output, is384 );
}
static inline int sha4_self_test( int verbose ) {
return sha512_self_test( verbose );
}
#endif /* POLARSSL_SHA512_C */

#if defined(POLARSSL_CIPHER_C)
#if defined(SHOW_PROTOTYPE_CHANGE_WARNINGS)
#warning "cipher_reset() prototype changed. Manual change required if used"
#endif
#endif

#if defined(POLARSSL_RSA_C)
#define SIG_RSA_RAW POLARSSL_MD_NONE
#define SIG_RSA_MD2 POLARSSL_MD_MD2
#define SIG_RSA_MD4 POLARSSL_MD_MD4
#define SIG_RSA_MD5 POLARSSL_MD_MD5
#define SIG_RSA_SHA1 POLARSSL_MD_SHA1
#define SIG_RSA_SHA224 POLARSSL_MD_SHA224
#define SIG_RSA_SHA256 POLARSSL_MD_SHA256
#define SIG_RSA_SHA384 POLARSSL_MD_SHA384
#define SIG_RSA_SHA512 POLARSSL_MD_SHA512
#if defined(SHOW_PROTOTYPE_CHANGE_WARNINGS)
#warning "rsa_pkcs1_verify() prototype changed. Manual change required if used"
#warning "rsa_pkcs1_decrypt() prototype changed. Manual change required if used"
#endif
#endif

#if defined(POLARSSL_DHM_C)
#if defined(SHOW_PROTOTYPE_CHANGE_WARNINGS)
#warning "dhm_calc_secret() prototype changed. Manual change required if used"
#endif
#endif

#if defined(POLARSSL_GCM_C)
#if defined(SHOW_PROTOTYPE_CHANGE_WARNINGS)
#warning "gcm_init() prototype changed. Manual change required if used"
#endif
#endif

#if defined(POLARSSL_SSL_CLI_C)
#if defined(SHOW_PROTOTYPE_CHANGE_WARNINGS)
#warning "ssl_set_own_cert() prototype changed. Change to ssl_set_own_cert_rsa(). Manual change required if used"
#endif
#endif

#if defined(POLARSSL_X509_USE_C) || defined(POLARSSL_X509_CREATE_C)
#include "x509.h"

#define POLARSSL_ERR_X509_CERT_INVALID_FORMAT POLARSSL_ERR_X509_INVALID_FORMAT
#define POLARSSL_ERR_X509_CERT_INVALID_VERSION POLARSSL_ERR_X509_INVALID_VERSION
#define POLARSSL_ERR_X509_CERT_INVALID_ALG POLARSSL_ERR_X509_INVALID_ALG
#define POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG POLARSSL_ERR_X509_UNKNOWN_SIG_ALG
#define POLARSSL_ERR_X509_CERT_INVALID_NAME POLARSSL_ERR_X509_INVALID_NAME
#define POLARSSL_ERR_X509_CERT_INVALID_DATE POLARSSL_ERR_X509_INVALID_DATE
#define POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS POLARSSL_ERR_X509_INVALID_EXTENSIONS
#define POLARSSL_ERR_X509_CERT_SIG_MISMATCH POLARSSL_ERR_X509_SIG_MISMATCH
#define POLARSSL_ERR_X509_CERT_INVALID_SIGNATURE POLARSSL_ERR_X509_INVALID_SIGNATURE
#define POLARSSL_ERR_X509_CERT_INVALID_SERIAL POLARSSL_ERR_X509_INVALID_SERIAL
#define POLARSSL_ERR_X509_CERT_UNKNOWN_VERSION POLARSSL_ERR_X509_UNKNOWN_VERSION

static inline int x509parse_serial_gets( char *buf, size_t size, const x509_buf *serial ) {
return x509_serial_gets( buf, size, serial );
}
static inline int x509parse_dn_gets( char *buf, size_t size, const x509_name *dn ) {
return x509_dn_gets( buf, size, dn );
}
static inline int x509parse_time_expired( const x509_time *time ) {
return x509_time_expired( time );
}
#endif /* POLARSSL_X509_USE_C || POLARSSL_X509_CREATE_C */

#if defined(POLARSSL_X509_CRT_PARSE_C)
#define POLARSSL_X509_PARSE_C
#include "x509_crt.h"
typedef x509_crt x509_cert;

static inline int x509parse_crt_der( x509_cert *chain, const unsigned char *buf,
size_t buflen ) {
return x509_crt_parse_der( chain, buf, buflen );
}
static inline int x509parse_crt( x509_cert *chain, const unsigned char *buf, size_t buflen ) {
return x509_crt_parse( chain, buf, buflen );
}
static inline int x509parse_crtfile( x509_cert *chain, const char *path ) {
return x509_crt_parse_file( chain, path );
}
static inline int x509parse_crtpath( x509_cert *chain, const char *path ) {
return x509_crt_parse_path( chain, path );
}
static inline int x509parse_cert_info( char *buf, size_t size, const char *prefix,
const x509_cert *crt ) {
return x509_crt_info( buf, size, prefix, crt );
}
static inline int x509parse_verify( x509_cert *crt, x509_cert *trust_ca,
x509_crl *ca_crl, const char *cn, int *flags,
int (*f_vrfy)(void *, x509_cert *, int, int *),
void *p_vrfy ) {
return x509_crt_verify( crt, trust_ca, ca_crl, cn, flags, f_vrfy, p_vrfy );
}
static inline int x509parse_revoked( const x509_cert *crt, const x509_crl *crl ) {
return x509_crt_revoked( crt, crl );
}
static inline void x509_free( x509_cert *crt ) {
x509_crt_free( crt );
}
#endif /* POLARSSL_X509_CRT_PARSE_C */

#if defined(POLARSSL_X509_CRL_PARSE_C)
#define POLARSSL_X509_PARSE_C
#include "x509_crl.h"
static inline int x509parse_crl( x509_crl *chain, const unsigned char *buf, size_t buflen ) {
return x509_crl_parse( chain, buf, buflen );
}
static inline int x509parse_crlfile( x509_crl *chain, const char *path ) {
return x509_crl_parse_file( chain, path );
}
static inline int x509parse_crl_info( char *buf, size_t size, const char *prefix,
const x509_crl *crl ) {
return x509_crl_info( buf, size, prefix, crl );
}
#endif /* POLARSSL_X509_CRL_PARSE_C */

#if defined(POLARSSL_X509_CSR_PARSE_C)
#define POLARSSL_X509_PARSE_C
#include "x509_csr.h"
static inline int x509parse_csr( x509_csr *csr, const unsigned char *buf, size_t buflen ) {
return x509_csr_parse( csr, buf, buflen );
}
static inline int x509parse_csrfile( x509_csr *csr, const char *path ) {
return x509_csr_parse_file( csr, path );
}
static inline int x509parse_csr_info( char *buf, size_t size, const char *prefix,
const x509_csr *csr ) {
return x509_csr_info( buf, size, prefix, csr );
}
#endif /* POLARSSL_X509_CSR_PARSE_C */

#if defined(POLARSSL_SSL_TLS_C)
#include "ssl_ciphersuites.h"

#define ssl_default_ciphersuites ssl_list_ciphersuites()
#endif

#if defined(POLARSSL_PK_PARSE_C) && defined(POLARSSL_RSA_C)
#include "rsa.h"
#include "pk.h"

#define POLARSSL_ERR_X509_PASSWORD_MISMATCH POLARSSL_ERR_PK_PASSWORD_MISMATCH
#define POLARSSL_ERR_X509_KEY_INVALID_FORMAT POLARSSL_ERR_PK_KEY_INVALID_FORMAT
#define POLARSSL_ERR_X509_UNKNOWN_PK_ALG POLARSSL_ERR_PK_UNKNOWN_PK_ALG
#define POLARSSL_ERR_X509_CERT_INVALID_PUBKEY POLARSSL_ERR_PK_INVALID_PUBKEY

#if defined(POLARSSL_FS_IO)
static inline int x509parse_keyfile( rsa_context *rsa, const char *path,
const char *pwd ) {
int ret;
pk_context pk;
pk_init( &pk );
ret = pk_parse_keyfile( &pk, path, pwd );
if( ret == 0 && ! pk_can_do( &pk, POLARSSL_PK_RSA ) )
ret = POLARSSL_ERR_PK_TYPE_MISMATCH;
if( ret == 0 )
rsa_copy( rsa, pk_rsa( pk ) );
else
rsa_free( rsa );
pk_free( &pk );
return( ret );
}
static inline int x509parse_public_keyfile( rsa_context *rsa, const char *path ) {
int ret;
pk_context pk;
pk_init( &pk );
ret = pk_parse_public_keyfile( &pk, path );
if( ret == 0 && ! pk_can_do( &pk, POLARSSL_PK_RSA ) )
ret = POLARSSL_ERR_PK_TYPE_MISMATCH;
if( ret == 0 )
rsa_copy( rsa, pk_rsa( pk ) );
else
rsa_free( rsa );
pk_free( &pk );
return( ret );
}
#endif /* POLARSSL_FS_IO */

static inline int x509parse_key( rsa_context *rsa, const unsigned char *key,
size_t keylen,
const unsigned char *pwd, size_t pwdlen ) {
int ret;
pk_context pk;
pk_init( &pk );
ret = pk_parse_key( &pk, key, keylen, pwd, pwdlen );
if( ret == 0 && ! pk_can_do( &pk, POLARSSL_PK_RSA ) )
ret = POLARSSL_ERR_PK_TYPE_MISMATCH;
if( ret == 0 )
rsa_copy( rsa, pk_rsa( pk ) );
else
rsa_free( rsa );
pk_free( &pk );
return( ret );
}

static inline int x509parse_public_key( rsa_context *rsa,
const unsigned char *key, size_t keylen )
{
int ret;
pk_context pk;
pk_init( &pk );
ret = pk_parse_public_key( &pk, key, keylen );
if( ret == 0 && ! pk_can_do( &pk, POLARSSL_PK_RSA ) )
ret = POLARSSL_ERR_PK_TYPE_MISMATCH;
if( ret == 0 )
rsa_copy( rsa, pk_rsa( pk ) );
else
rsa_free( rsa );
pk_free( &pk );
return( ret );
}
#endif /* POLARSSL_PK_PARSE_C && POLARSSL_RSA_C */

#if defined(POLARSSL_PK_WRITE_C) && defined(POLARSSL_RSA_C)
#include "pk.h"
static inline int x509_write_pubkey_der( unsigned char *buf, size_t len, rsa_context *rsa ) {
int ret;
pk_context ctx;
if( ( ret = pk_init_ctx( &ctx, pk_info_from_type( POLARSSL_PK_RSA ) ) ) != 0 ) return( ret );
if( ( ret = rsa_copy( pk_rsa( ctx ), rsa ) ) != 0 ) return( ret );
ret = pk_write_pubkey_der( &ctx, buf, len );
pk_free( &ctx );
return( ret );
}
static inline int x509_write_key_der( unsigned char *buf, size_t len, rsa_context *rsa ) {
int ret;
pk_context ctx;
if( ( ret = pk_init_ctx( &ctx, pk_info_from_type( POLARSSL_PK_RSA ) ) ) != 0 ) return( ret );
if( ( ret = rsa_copy( pk_rsa( ctx ), rsa ) ) != 0 ) return( ret );
ret = pk_write_key_der( &ctx, buf, len );
pk_free( &ctx );
return( ret );
}
#endif /* POLARSSL_PK_WRITE_C && POLARSSL_RSA_C */
#endif /* compat-1.2.h */
1,467 changes: 1,328 additions & 139 deletions Externals/polarssl/include/polarssl/config.h
View file

Large diffs are not rendered by default.

11 changes: 10 additions & 1 deletion Externals/polarssl/include/polarssl/ctr_drbg.h
View file
Expand Up @@ -43,7 +43,11 @@
/**< The seed length (counter + AES key) */

#if !defined(POLARSSL_CONFIG_OPTIONS)
#define CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default */
#if defined(POLARSSL_SHA512_C)
#define CTR_DRBG_ENTROPY_LEN 48 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */
#else
#define CTR_DRBG_ENTROPY_LEN 32 /**< Amount of entropy used per seed by default (48 with SHA-512, 32 with SHA-256) */
#endif
#define CTR_DRBG_RESEED_INTERVAL 10000 /**< Interval before reseed is performed by default */
#define CTR_DRBG_MAX_INPUT 256 /**< Maximum number of additional input bytes */
#define CTR_DRBG_MAX_REQUEST 1024 /**< Maximum number of requested bytes per call */
Expand Down Expand Up @@ -197,6 +201,7 @@ int ctr_drbg_random( void *p_rng,
/**
* \brief Write a seed file
*
* \param ctx CTR_DRBG context
* \param path Name of the file
*
* \return 0 if successful, 1 on file error, or
Expand All @@ -208,6 +213,7 @@ int ctr_drbg_write_seed_file( ctr_drbg_context *ctx, const char *path );
* \brief Read and update a seed file. Seed is added to this
* instance
*
* \param ctx CTR_DRBG context
* \param path Name of the file
*
* \return 0 if successful, 1 on file error,
Expand All @@ -224,6 +230,9 @@ int ctr_drbg_update_seed_file( ctr_drbg_context *ctx, const char *path );
*/
int ctr_drbg_self_test( int verbose );

/* Internal functions (do not call directly) */
int ctr_drbg_init_entropy_len( ctr_drbg_context *, int (*)(void *, unsigned char *, size_t), void *, const unsigned char *, size_t, size_t );

#ifdef __cplusplus
}
#endif
Expand Down
25 changes: 24 additions & 1 deletion Externals/polarssl/include/polarssl/debug.h
View file
Expand Up @@ -29,6 +29,9 @@

#include "config.h"
#include "ssl.h"
#if defined(POLARSSL_ECP_C)
#include "ecp.h"
#endif

#if defined(POLARSSL_DEBUG_C)

Expand All @@ -41,18 +44,28 @@
#define SSL_DEBUG_BUF( level, text, buf, len ) \
debug_print_buf( ssl, level, __FILE__, __LINE__, text, buf, len );

#if defined(POLARSSL_BIGNUM_C)
#define SSL_DEBUG_MPI( level, text, X ) \
debug_print_mpi( ssl, level, __FILE__, __LINE__, text, X );
#endif

#if defined(POLARSSL_ECP_C)
#define SSL_DEBUG_ECP( level, text, X ) \
debug_print_ecp( ssl, level, __FILE__, __LINE__, text, X );
#endif

#if defined(POLARSSL_X509_CRT_PARSE_C)
#define SSL_DEBUG_CRT( level, text, crt ) \
debug_print_crt( ssl, level, __FILE__, __LINE__, text, crt );
#endif

#else

#define SSL_DEBUG_MSG( level, args ) do { } while( 0 )
#define SSL_DEBUG_RET( level, text, ret ) do { } while( 0 )
#define SSL_DEBUG_BUF( level, text, buf, len ) do { } while( 0 )
#define SSL_DEBUG_MPI( level, text, X ) do { } while( 0 )
#define SSL_DEBUG_ECP( level, text, X ) do { } while( 0 )
#define SSL_DEBUG_CRT( level, text, crt ) do { } while( 0 )

#endif
Expand All @@ -74,13 +87,23 @@ void debug_print_buf( const ssl_context *ssl, int level,
const char *file, int line, const char *text,
unsigned char *buf, size_t len );

#if defined(POLARSSL_BIGNUM_C)
void debug_print_mpi( const ssl_context *ssl, int level,
const char *file, int line,
const char *text, const mpi *X );
#endif

#if defined(POLARSSL_ECP_C)
void debug_print_ecp( const ssl_context *ssl, int level,
const char *file, int line,
const char *text, const ecp_point *X );
#endif

#if defined(POLARSSL_X509_CRT_PARSE_C)
void debug_print_crt( const ssl_context *ssl, int level,
const char *file, int line,
const char *text, const x509_cert *crt );
const char *text, const x509_crt *crt );
#endif

#ifdef __cplusplus
}
Expand Down
14 changes: 9 additions & 5 deletions Externals/polarssl/include/polarssl/des.h
View file
Expand Up @@ -31,7 +31,7 @@

#include <string.h>

#ifdef _MSC_VER
#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32)
#include <basetsd.h>
typedef UINT32 uint32_t;
#else
Expand All @@ -49,6 +49,10 @@ typedef UINT32 uint32_t;
// Regular implementation
//

#ifdef __cplusplus
extern "C" {
#endif

/**
* \brief DES context structure
*/
Expand All @@ -69,10 +73,6 @@ typedef struct
}
des3_context;

#ifdef __cplusplus
extern "C" {
#endif

/**
* \brief Set key parity on the given key to odd.
*
Expand Down Expand Up @@ -177,6 +177,7 @@ int des_crypt_ecb( des_context *ctx,
const unsigned char input[8],
unsigned char output[8] );

#if defined(POLARSSL_CIPHER_MODE_CBC)
/**
* \brief DES-CBC buffer encryption/decryption
*
Expand All @@ -193,6 +194,7 @@ int des_crypt_cbc( des_context *ctx,
unsigned char iv[8],
const unsigned char *input,
unsigned char *output );
#endif /* POLARSSL_CIPHER_MODE_CBC */

/**
* \brief 3DES-ECB block encryption/decryption
Expand All @@ -207,6 +209,7 @@ int des3_crypt_ecb( des3_context *ctx,
const unsigned char input[8],
unsigned char output[8] );

#if defined(POLARSSL_CIPHER_MODE_CBC)
/**
* \brief 3DES-CBC buffer encryption/decryption
*
Expand All @@ -225,6 +228,7 @@ int des3_crypt_cbc( des3_context *ctx,
unsigned char iv[8],
const unsigned char *input,
unsigned char *output );
#endif /* POLARSSL_CIPHER_MODE_CBC */

#ifdef __cplusplus
}
Expand Down
56 changes: 50 additions & 6 deletions Externals/polarssl/include/polarssl/dhm.h
View file
Expand Up @@ -3,7 +3,7 @@
*
* \brief Diffie-Hellman-Merkle key exchange
*
* Copyright (C) 2006-2010, Brainspark B.V.
* Copyright (C) 2006-2013, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
Expand Down Expand Up @@ -38,6 +38,9 @@
#define POLARSSL_ERR_DHM_READ_PUBLIC_FAILED -0x3200 /**< Reading of the public values failed. */
#define POLARSSL_ERR_DHM_MAKE_PUBLIC_FAILED -0x3280 /**< Making of the public value failed. */
#define POLARSSL_ERR_DHM_CALC_SECRET_FAILED -0x3300 /**< Calculation of the DHM secret failed. */
#define POLARSSL_ERR_DHM_INVALID_FORMAT -0x3380 /**< The ASN.1 data is not formatted correctly. */
#define POLARSSL_ERR_DHM_MALLOC_FAILED -0x3400 /**< Allocation of memory failed. */
#define POLARSSL_ERR_DHM_FILE_IO_ERROR -0x3480 /**< Read/write of file failed. */

/**
* RFC 3526 defines a number of standardized Diffie-Hellman groups
Expand Down Expand Up @@ -130,6 +133,10 @@
"EDFE72FE9B6AA4BD7B5A0F1C71CFFF4C19C418E1F6EC0179"\
"81BC087F2A7065B384B890D3191F2BFA"

#ifdef __cplusplus
extern "C" {
#endif

/**
* \brief DHM context structure
*/
Expand All @@ -143,13 +150,12 @@ typedef struct
mpi GY; /*!< peer = G^Y mod P */
mpi K; /*!< key = GY^X mod P */
mpi RP; /*!< cached R^2 mod P */
mpi Vi; /*!< blinding value */
mpi Vf; /*!< un-blinding value */
mpi pX; /*!< previous X */
}
dhm_context;

#ifdef __cplusplus
extern "C" {
#endif

/**
* \brief Parse the ServerKeyExchange parameters
*
Expand Down Expand Up @@ -219,17 +225,55 @@ int dhm_make_public( dhm_context *ctx, int x_size,
* \param ctx DHM context
* \param output destination buffer
* \param olen number of chars written
* \param f_rng RNG function, for blinding purposes
* \param p_rng RNG parameter
*
* \return 0 if successful, or an POLARSSL_ERR_DHM_XXX error code
*
* \note If non-NULL, f_rng is used to blind the input as
* countermeasure against timing attacks. Blinding is
* automatically used if and only if our secret value X is
* re-used and costs nothing otherwise, so it is recommended
* to always pass a non-NULL f_rng argument.
*/
int dhm_calc_secret( dhm_context *ctx,
unsigned char *output, size_t *olen );
unsigned char *output, size_t *olen,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );

/**
* \brief Free the components of a DHM key
*/
void dhm_free( dhm_context *ctx );

#if defined(POLARSSL_ASN1_PARSE_C)
/** \ingroup x509_module */
/**
* \brief Parse DHM parameters
*
* \param dhm DHM context to be initialized
* \param dhmin input buffer
* \param dhminlen size of the buffer
*
* \return 0 if successful, or a specific DHM or PEM error code
*/
int dhm_parse_dhm( dhm_context *dhm, const unsigned char *dhmin,
size_t dhminlen );

#if defined(POLARSSL_FS_IO)
/** \ingroup x509_module */
/**
* \brief Load and parse DHM parameters
*
* \param dhm DHM context to be initialized
* \param path filename to read the DHM Parameters from
*
* \return 0 if successful, or a specific DHM or PEM error code
*/
int dhm_parse_dhmfile( dhm_context *dhm, const char *path );
#endif /* POLARSSL_FS_IO */
#endif /* POLARSSL_ASN1_PARSE_C */

/**
* \brief Checkup routine
*
Expand Down
215 changes: 215 additions & 0 deletions Externals/polarssl/include/polarssl/ecdh.h
View file
@@ -0,0 +1,215 @@
/**
* \file ecdh.h
*
* \brief Elliptic curve Diffie-Hellman
*
* Copyright (C) 2006-2013, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_ECDH_H
#define POLARSSL_ECDH_H

#include "ecp.h"

#ifdef __cplusplus
extern "C" {
#endif

/**
* When importing from an EC key, select if it is our key or the peer's key
*/
typedef enum
{
POLARSSL_ECDH_OURS,
POLARSSL_ECDH_THEIRS,
} ecdh_side;

/**
* \brief ECDH context structure
*/
typedef struct
{
ecp_group grp; /*!< ellipitic curve used */
mpi d; /*!< our secret value */
ecp_point Q; /*!< our public value */
ecp_point Qp; /*!< peer's public value */
mpi z; /*!< shared secret */
int point_format; /*!< format for point export */
ecp_point Vi; /*!< blinding value (for later) */
ecp_point Vf; /*!< un-blinding value (for later) */
mpi _d; /*!< previous d */
}
ecdh_context;

/**
* \brief Generate a public key
*
* \param grp ECP group
* \param d Destination MPI (secret exponent)
* \param Q Destination point (public key)
* \param f_rng RNG function
* \param p_rng RNG parameter
*
* \return 0 if successful,
* or a POLARSSL_ERR_ECP_XXX or POLARSSL_MPI_XXX error code
*/
int ecdh_gen_public( ecp_group *grp, mpi *d, ecp_point *Q,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );

/**
* \brief Compute shared secret
*
* \param grp ECP group
* \param z Destination MPI (shared secret)
* \param Q Public key from other party
* \param d Our secret exponent
* \param f_rng RNG function (see notes)
* \param p_rng RNG parameter
*
* \return 0 if successful,
* or a POLARSSL_ERR_ECP_XXX or POLARSSL_MPI_XXX error code
*
* \note If f_rng is not NULL, it is used to implement
* countermeasures against potential elaborate timing
* attacks, see \c ecp_mul() for details.
*/
int ecdh_compute_shared( ecp_group *grp, mpi *z,
const ecp_point *Q, const mpi *d,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );

/**
* \brief Initialize context
*
* \param ctx Context to initialize
*/
void ecdh_init( ecdh_context *ctx );

/**
* \brief Free context
*
* \param ctx Context to free
*/
void ecdh_free( ecdh_context *ctx );

/**
* \brief Setup and write the ServerKeyExhange parameters
*
* \param ctx ECDH context
* \param olen number of chars written
* \param buf destination buffer
* \param blen length of buffer
* \param f_rng RNG function
* \param p_rng RNG parameter
*
* \note This function assumes that ctx->grp has already been
* properly set (for example using ecp_use_known_dp).
*
* \return 0 if successful, or an POLARSSL_ERR_ECP_XXX error code
*/
int ecdh_make_params( ecdh_context *ctx, size_t *olen,
unsigned char *buf, size_t blen,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );

/**
* \brief Parse the ServerKeyExhange parameters
*
* \param ctx ECDH context
* \param buf pointer to start of input buffer
* \param end one past end of buffer
*
* \return 0 if successful, or an POLARSSL_ERR_ECP_XXX error code
*/
int ecdh_read_params( ecdh_context *ctx,
const unsigned char **buf, const unsigned char *end );

/**
* \brief Setup an ECDH context from an EC key
*
* \param ctx ECDH constext to set
* \param key EC key to use
* \param side Is it our key (1) or the peer's key (0) ?
*
* \return 0 if successful, or an POLARSSL_ERR_ECP_XXX error code
*/
int ecdh_get_params( ecdh_context *ctx, const ecp_keypair *key,
ecdh_side side );

/**
* \brief Setup and export the client's public value
*
* \param ctx ECDH context
* \param olen number of bytes actually written
* \param buf destination buffer
* \param blen size of destination buffer
* \param f_rng RNG function
* \param p_rng RNG parameter
*
* \return 0 if successful, or an POLARSSL_ERR_ECP_XXX error code
*/
int ecdh_make_public( ecdh_context *ctx, size_t *olen,
unsigned char *buf, size_t blen,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );

/**
* \brief Parse and import the client's public value
*
* \param ctx ECDH context
* \param buf start of input buffer
* \param blen length of input buffer
*
* \return 0 if successful, or an POLARSSL_ERR_ECP_XXX error code
*/
int ecdh_read_public( ecdh_context *ctx,
const unsigned char *buf, size_t blen );

/**
* \brief Derive and export the shared secret
*
* \param ctx ECDH context
* \param olen number of bytes written
* \param buf destination buffer
* \param blen buffer length
* \param f_rng RNG function, see notes for \c ecdh_compute_shared()
* \param p_rng RNG parameter
*
* \return 0 if successful, or an POLARSSL_ERR_ECP_XXX error code
*/
int ecdh_calc_secret( ecdh_context *ctx, size_t *olen,
unsigned char *buf, size_t blen,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );

/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
*/
int ecdh_self_test( int verbose );

#ifdef __cplusplus
}
#endif

#endif
234 changes: 234 additions & 0 deletions Externals/polarssl/include/polarssl/ecdsa.h
View file
@@ -0,0 +1,234 @@
/**
* \file ecdsa.h
*
* \brief Elliptic curve DSA
*
* Copyright (C) 2006-2013, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
*
* All rights reserved.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#ifndef POLARSSL_ECDSA_H
#define POLARSSL_ECDSA_H

#include "ecp.h"

#if defined(POLARSSL_ECDSA_DETERMINISTIC)
#include "polarssl/md.h"
#endif

/**
* \brief ECDSA context structure
*
* \note Purposefully begins with the same members as struct ecp_keypair.
*/
typedef struct
{
ecp_group grp; /*!< ellipitic curve used */
mpi d; /*!< secret signature key */
ecp_point Q; /*!< public signature key */
mpi r; /*!< first integer from signature */
mpi s; /*!< second integer from signature */
}
ecdsa_context;

#ifdef __cplusplus
extern "C" {
#endif

/**
* \brief Compute ECDSA signature of a previously hashed message
*
* \param grp ECP group
* \param r First output integer
* \param s Second output integer
* \param d Private signing key
* \param buf Message hash
* \param blen Length of buf
* \param f_rng RNG function
* \param p_rng RNG parameter
*
* \return 0 if successful,
* or a POLARSSL_ERR_ECP_XXX or POLARSSL_MPI_XXX error code
*/
int ecdsa_sign( ecp_group *grp, mpi *r, mpi *s,
const mpi *d, const unsigned char *buf, size_t blen,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );

#if defined(POLARSSL_ECDSA_DETERMINISTIC)
/**
* \brief Compute ECDSA signature of a previously hashed message
* (deterministic version)
*
* \param grp ECP group
* \param r First output integer
* \param s Second output integer
* \param d Private signing key
* \param buf Message hash
* \param blen Length of buf
* \param md_alg MD algorithm used to hash the message
*
* \return 0 if successful,
* or a POLARSSL_ERR_ECP_XXX or POLARSSL_MPI_XXX error code
*/
int ecdsa_sign_det( ecp_group *grp, mpi *r, mpi *s,
const mpi *d, const unsigned char *buf, size_t blen,
md_type_t md_alg );
#endif

/**
* \brief Verify ECDSA signature of a previously hashed message
*
* \param grp ECP group
* \param buf Message hash
* \param blen Length of buf
* \param Q Public key to use for verification
* \param r First integer of the signature
* \param s Second integer of the signature
*
* \return 0 if successful,
* POLARSSL_ERR_ECP_BAD_INPUT_DATA if signature is invalid
* or a POLARSSL_ERR_ECP_XXX or POLARSSL_MPI_XXX error code
*/
int ecdsa_verify( ecp_group *grp,
const unsigned char *buf, size_t blen,
const ecp_point *Q, const mpi *r, const mpi *s);

/**
* \brief Compute ECDSA signature and write it to buffer,
* serialized as defined in RFC 4492 page 20.
* (Not thread-safe to use same context in multiple threads)
*
* \param ctx ECDSA context
* \param hash Message hash
* \param hlen Length of hash
* \param sig Buffer that will hold the signature
* \param slen Length of the signature written
* \param f_rng RNG function
* \param p_rng RNG parameter
*
* \note The "sig" buffer must be at least as large as twice the
* size of the curve used, plus 7 (eg. 71 bytes if a 256-bit
* curve is used).
*
* \return 0 if successful,
* or a POLARSSL_ERR_ECP, POLARSSL_ERR_MPI or
* POLARSSL_ERR_ASN1 error code
*/
int ecdsa_write_signature( ecdsa_context *ctx,
const unsigned char *hash, size_t hlen,
unsigned char *sig, size_t *slen,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng );

#if defined(POLARSSL_ECDSA_DETERMINISTIC)
/**
* \brief Compute ECDSA signature and write it to buffer,
* serialized as defined in RFC 4492 page 20.
* Deterministic version, RFC 6979.
* (Not thread-safe to use same context in multiple threads)
*
* \param ctx ECDSA context
* \param hash Message hash
* \param hlen Length of hash
* \param sig Buffer that will hold the signature
* \param slen Length of the signature written
* \param md_alg MD algorithm used to hash the message
*
* \note The "sig" buffer must be at least as large as twice the
* size of the curve used, plus 7 (eg. 71 bytes if a 256-bit
* curve is used).
*
* \return 0 if successful,
* or a POLARSSL_ERR_ECP, POLARSSL_ERR_MPI or
* POLARSSL_ERR_ASN1 error code
*/
int ecdsa_write_signature_det( ecdsa_context *ctx,
const unsigned char *hash, size_t hlen,
unsigned char *sig, size_t *slen,
md_type_t md_alg );
#endif

/**
* \brief Read and verify an ECDSA signature
*
* \param ctx ECDSA context
* \param hash Message hash
* \param hlen Size of hash
* \param sig Signature to read and verify
* \param slen Size of sig
*
* \return 0 if successful,
* POLARSSL_ERR_ECP_BAD_INPUT_DATA if signature is invalid
* or a POLARSSL_ERR_ECP or POLARSSL_ERR_MPI error code
*/
int ecdsa_read_signature( ecdsa_context *ctx,
const unsigned char *hash, size_t hlen,
const unsigned char *sig, size_t slen );

/**
* \brief Generate an ECDSA keypair on the given curve
*
* \param ctx ECDSA context in which the keypair should be stored
* \param gid Group (elliptic curve) to use. One of the various
* POLARSSL_ECP_DP_XXX macros depending on configuration.
* \param f_rng RNG function
* \param p_rng RNG parameter
*
* \return 0 on success, or a POLARSSL_ERR_ECP code.
*/
int ecdsa_genkey( ecdsa_context *ctx, ecp_group_id gid,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );

/**
* \brief Set an ECDSA context from an EC key pair
*
* \param ctx ECDSA context to set
* \param key EC key to use
*
* \return 0 on success, or a POLARSSL_ERR_ECP code.
*/
int ecdsa_from_keypair( ecdsa_context *ctx, const ecp_keypair *key );

/**
* \brief Initialize context
*
* \param ctx Context to initialize
*/
void ecdsa_init( ecdsa_context *ctx );

/**
* \brief Free context
*
* \param ctx Context to free
*/
void ecdsa_free( ecdsa_context *ctx );

/**
* \brief Checkup routine
*
* \return 0 if successful, or 1 if the test failed
*/
int ecdsa_self_test( int verbose );

#ifdef __cplusplus
}
#endif

#endif
620 changes: 620 additions & 0 deletions Externals/polarssl/include/polarssl/ecp.h
View file

Large diffs are not rendered by default.

41 changes: 37 additions & 4 deletions Externals/polarssl/include/polarssl/entropy.h
View file
Expand Up @@ -31,7 +31,20 @@

#include "config.h"

#include "sha4.h"
#if defined(POLARSSL_SHA512_C)
#include "sha512.h"
#define POLARSSL_ENTROPY_SHA512_ACCUMULATOR
#else
#if defined(POLARSSL_SHA256_C)
#define POLARSSL_ENTROPY_SHA256_ACCUMULATOR
#include "sha256.h"
#endif
#endif

#if defined(POLARSSL_THREADING_C)
#include "threading.h"
#endif

#if defined(POLARSSL_HAVEGE_C)
#include "havege.h"
#endif
Expand All @@ -45,7 +58,11 @@
#define ENTROPY_MAX_GATHER 128 /**< Maximum amount requested from entropy sources */
#endif /* !POLARSSL_CONFIG_OPTIONS */

#if defined(POLARSSL_ENTROPY_SHA512_ACCUMULATOR)
#define ENTROPY_BLOCK_SIZE 64 /**< Block size of entropy accumulator (SHA-512) */
#else
#define ENTROPY_BLOCK_SIZE 32 /**< Block size of entropy accumulator (SHA-256) */
#endif

#define ENTROPY_SOURCE_MANUAL ENTROPY_MAX_SOURCES

Expand All @@ -64,7 +81,8 @@ extern "C" {
* \return 0 if no critical failures occurred,
* POLARSSL_ERR_ENTROPY_SOURCE_FAILED otherwise
*/
typedef int (*f_source_ptr)(void *, unsigned char *, size_t, size_t *);
typedef int (*f_source_ptr)(void *data, unsigned char *output, size_t len,
size_t *olen);

/**
* \brief Entropy source state
Expand All @@ -81,14 +99,21 @@ source_state;
/**
* \brief Entropy context structure
*/
typedef struct
typedef struct
{
sha4_context accumulator;
#if defined(POLARSSL_ENTROPY_SHA512_ACCUMULATOR)
sha512_context accumulator;
#else
sha256_context accumulator;
#endif
int source_count;
source_state source[ENTROPY_MAX_SOURCES];
#if defined(POLARSSL_HAVEGE_C)
havege_state havege_data;
#endif
#if defined(POLARSSL_THREADING_C)
threading_mutex_t mutex; /*!< mutex */
#endif
}
entropy_context;

Expand All @@ -99,6 +124,13 @@ entropy_context;
*/
void entropy_init( entropy_context *ctx );

/**
* \brief Free the data in the context
*
* \param ctx Entropy context to free
*/
void entropy_free( entropy_context *ctx );

/**
* \brief Adds an entropy source to poll
*
Expand All @@ -125,6 +157,7 @@ int entropy_gather( entropy_context *ctx );

/**
* \brief Retrieve entropy from the accumulator (Max ENTROPY_BLOCK_SIZE)
* (Thread-safe if POLARSSL_THREADING_C is enabled)
*
* \param data Entropy context
* \param output Buffer to fill
Expand Down
37 changes: 23 additions & 14 deletions Externals/polarssl/include/polarssl/error.h
View file
Expand Up @@ -3,7 +3,7 @@
*
* \brief Error to string translation
*
* Copyright (C) 2006-2010, Brainspark B.V.
* Copyright (C) 2006-2013, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
Expand Down Expand Up @@ -53,10 +53,12 @@
* MPI 7 0x0002-0x0010
* GCM 2 0x0012-0x0014
* BLOWFISH 2 0x0016-0x0018
* THREADING 3 0x001A-0x001E
* AES 2 0x0020-0x0022
* CAMELLIA 2 0x0024-0x0026
* XTEA 1 0x0028-0x0028
* BASE64 2 0x002A-0x002C
* OID 1 0x002E-0x002E
* PADLOCK 1 0x0030-0x0030
* DES 1 0x0032-0x0032
* CTR_DBRG 3 0x0034-0x003A
Expand All @@ -67,21 +69,24 @@
* MD4 1 0x0072-0x0072
* MD5 1 0x0074-0x0074
* SHA1 1 0x0076-0x0076
* SHA2 1 0x0078-0x0078
* SHA4 1 0x007A-0x007A
* SHA256 1 0x0078-0x0078
* SHA512 1 0x007A-0x007A
* PBKDF2 1 0x007C-0x007C
*
* High-level module nr (3 bits - 0x1...-0x8...)
* Name ID Nr of Errors
* PEM 1 9
* PKCS#12 1 4 (Started from top)
* X509 2 23
* DHM 3 6
* PKCS5 3 4 (Started from top)
* RSA 4 9
* MD 5 4
* CIPHER 6 5
* SSL 6 2 (Started from top)
* SSL 7 31
* Name ID Nr of Errors
* PEM 1 9
* PKCS#12 1 4 (Started from top)
* X509 2 18
* PK 2 13 (Started from top)
* DHM 3 9
* PKCS5 3 4 (Started from top)
* RSA 4 9
* ECP 4 7 (Started from top)
* MD 5 4
* CIPHER 6 6
* SSL 6 8 (Started from top)
* SSL 7 31
*
* Module dependent error code (5 bits 0x.08.-0x.F8.)
*/
Expand All @@ -99,7 +104,11 @@ extern "C" {
* \param buffer buffer to place representation in
* \param buflen length of the buffer
*/
void polarssl_strerror( int errnum, char *buffer, size_t buflen );

#if defined(POLARSSL_ERROR_STRERROR_BC)
void error_strerror( int errnum, char *buffer, size_t buflen );
#endif

#ifdef __cplusplus
}
Expand Down
102 changes: 87 additions & 15 deletions Externals/polarssl/include/polarssl/gcm.h
View file
@@ -1,9 +1,9 @@
/**
* \file gcm.h
*
* \brief Galois/Counter mode for AES
* \brief Galois/Counter mode for 128-bit block ciphers
*
* Copyright (C) 2006-2012, Brainspark B.V.
* Copyright (C) 2006-2013, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
Expand All @@ -27,10 +27,11 @@
#ifndef POLARSSL_GCM_H
#define POLARSSL_GCM_H

#include "aes.h"
#include "cipher.h"

#ifdef _MSC_VER
#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32)
#include <basetsd.h>
typedef UINT32 uint32_t;
typedef UINT64 uint64_t;
#else
#include <stdint.h>
Expand All @@ -42,33 +43,41 @@ typedef UINT64 uint64_t;
#define POLARSSL_ERR_GCM_AUTH_FAILED -0x0012 /**< Authenticated decryption failed. */
#define POLARSSL_ERR_GCM_BAD_INPUT -0x0014 /**< Bad input parameters to function. */

#ifdef __cplusplus
extern "C" {
#endif

/**
* \brief GCM context structure
*/
typedef struct {
aes_context aes_ctx; /*!< AES context used */
cipher_context_t cipher_ctx;/*!< cipher context used */
uint64_t HL[16]; /*!< Precalculated HTable */
uint64_t HH[16]; /*!< Precalculated HTable */
uint64_t len; /*!< Total data length */
uint64_t add_len; /*!< Total add length */
unsigned char base_ectr[16];/*!< First ECTR for tag */
unsigned char y[16]; /*!< Y working value */
unsigned char buf[16]; /*!< buf working value */
int mode; /*!< Encrypt or Decrypt */
}
gcm_context;

#ifdef __cplusplus
extern "C" {
#endif

/**
* \brief GCM initialization (encryption)
*
* \param ctx GCM context to be initialized
* \param cipher cipher to use (a 128-bit block cipher)
* \param key encryption key
* \param keysize must be 128, 192 or 256
*
* \return 0 if successful, or POLARSSL_ERR_AES_INVALID_KEY_LENGTH
* \return 0 if successful, or a cipher specific error code
*/
int gcm_init( gcm_context *ctx, const unsigned char *key, unsigned int keysize );
int gcm_init( gcm_context *ctx, cipher_id_t cipher, const unsigned char *key,
unsigned int keysize );

/**
* \brief GCM buffer encryption/decryption using AES
* \brief GCM buffer encryption/decryption using a block cipher
*
* \note On encryption, the output buffer can be the same as the input buffer.
* On decryption, the output buffer cannot be the same as input buffer.
Expand Down Expand Up @@ -102,7 +111,7 @@ int gcm_crypt_and_tag( gcm_context *ctx,
unsigned char *tag );

/**
* \brief GCM buffer authenticated decryption using AES
* \brief GCM buffer authenticated decryption using a block cipher
*
* \note On decryption, the output buffer cannot be the same as input buffer.
* If buffers overlap, the output buffer must trail at least 8 bytes
Expand All @@ -115,7 +124,7 @@ int gcm_crypt_and_tag( gcm_context *ctx,
* \param add additional data
* \param add_len length of additional data
* \param tag buffer holding the tag
* \param tag_len length of the tag
* \param tag_len length of the tag
* \param input buffer holding the input data
* \param output buffer for holding the output data
*
Expand All @@ -128,11 +137,74 @@ int gcm_auth_decrypt( gcm_context *ctx,
size_t iv_len,
const unsigned char *add,
size_t add_len,
const unsigned char *tag,
const unsigned char *tag,
size_t tag_len,
const unsigned char *input,
unsigned char *output );

/**
* \brief Generic GCM stream start function
*
* \param ctx GCM context
* \param mode GCM_ENCRYPT or GCM_DECRYPT
* \param iv initialization vector
* \param iv_len length of IV
* \param add additional data (or NULL if length is 0)
* \param add_len length of additional data
*
* \return 0 if successful
*/
int gcm_starts( gcm_context *ctx,
int mode,
const unsigned char *iv,
size_t iv_len,
const unsigned char *add,
size_t add_len );

/**
* \brief Generic GCM update function. Encrypts/decrypts using the
* given GCM context. Expects input to be a multiple of 16
* bytes! Only the last call before gcm_finish() can be less
* than 16 bytes!
*
* \note On decryption, the output buffer cannot be the same as input buffer.
* If buffers overlap, the output buffer must trail at least 8 bytes
* behind the input buffer.
*
* \param ctx GCM context
* \param length length of the input data
* \param input buffer holding the input data
* \param output buffer for holding the output data
*
* \return 0 if successful or POLARSSL_ERR_GCM_BAD_INPUT
*/
int gcm_update( gcm_context *ctx,
size_t length,
const unsigned char *input,
unsigned char *output );

/**
* \brief Generic GCM finalisation function. Wraps up the GCM stream
* and generates the tag. The tag can have a maximum length of
* 16 bytes.
*
* \param ctx GCM context
* \param tag buffer for holding the tag (may be NULL if tag_len is 0)
* \param tag_len length of the tag to generate
*
* \return 0 if successful or POLARSSL_ERR_GCM_BAD_INPUT
*/
int gcm_finish( gcm_context *ctx,
unsigned char *tag,
size_t tag_len );

/**
* \brief Free a GCM context and underlying cipher sub-context
*
* \param ctx GCM context to free
*/
void gcm_free( gcm_context *ctx );

/**
* \brief Checkup routine
*
Expand Down
10 changes: 5 additions & 5 deletions Externals/polarssl/include/polarssl/havege.h
View file
Expand Up @@ -3,7 +3,7 @@
*
* \brief HAVEGE: HArdware Volatile Entropy Gathering and Expansion
*
* Copyright (C) 2006-2010, Brainspark B.V.
* Copyright (C) 2006-2013, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
Expand Down Expand Up @@ -31,6 +31,10 @@

#define COLLECT_SIZE 1024

#ifdef __cplusplus
extern "C" {
#endif

/**
* \brief HAVEGE state structure
*/
Expand All @@ -42,10 +46,6 @@ typedef struct
}
havege_state;

#ifdef __cplusplus
extern "C" {
#endif

/**
* \brief HAVEGE initialization
*
Expand Down
20 changes: 15 additions & 5 deletions Externals/polarssl/include/polarssl/md.h
View file
Expand Up @@ -5,7 +5,7 @@
*
* \author Adriaan de Jong <dejong@fox-it.com>
*
* Copyright (C) 2006-2011, Brainspark B.V.
* Copyright (C) 2006-2013, Brainspark B.V.
*
* This file is part of PolarSSL (http://www.polarssl.org)
* Lead Maintainer: Paul Bakker <polarssl_maintainer at polarssl.org>
Expand Down Expand Up @@ -44,6 +44,10 @@
#define POLARSSL_ERR_MD_ALLOC_FAILED -0x5180 /**< Failed to allocate memory. */
#define POLARSSL_ERR_MD_FILE_IO_ERROR -0x5200 /**< Opening or reading of file failed. */

#ifdef __cplusplus
extern "C" {
#endif

typedef enum {
POLARSSL_MD_NONE=0,
POLARSSL_MD_MD2,
Expand All @@ -54,9 +58,14 @@ typedef enum {
POLARSSL_MD_SHA256,
POLARSSL_MD_SHA384,
POLARSSL_MD_SHA512,
POLARSSL_MD_RIPEMD160,
} md_type_t;

#if defined(POLARSSL_SHA512_C)
#define POLARSSL_MD_MAX_SIZE 64 /* longest known is SHA512 */
#else
#define POLARSSL_MD_MAX_SIZE 32 /* longest known is SHA256 or less */
#endif

/**
* Message digest information. Allows message digest functions to be called
Expand Down Expand Up @@ -111,6 +120,8 @@ typedef struct {
/** Free the given context */
void (*ctx_free_func)( void *ctx );

/** Internal use only */
void (*process_func)( void *ctx, const unsigned char *input );
} md_info_t;

/**
Expand All @@ -129,10 +140,6 @@ typedef struct {
NULL, /* md_ctx */ \
}

#ifdef __cplusplus
extern "C" {
#endif

/**
* \brief Returns the list of digests supported by the generic digest module.
*
Expand Down Expand Up @@ -356,6 +363,9 @@ int md_hmac( const md_info_t *md_info, const unsigned char *key, size_t keylen,
const unsigned char *input, size_t ilen,
unsigned char *output );

/* Internal use */
int md_process( md_context_t *ctx, const unsigned char *data );

#ifdef __cplusplus
}
#endif
Expand Down
11 changes: 7 additions & 4 deletions Externals/polarssl/include/polarssl/md2.h
View file
Expand Up @@ -37,6 +37,10 @@
// Regular implementation
//

#ifdef __cplusplus
extern "C" {
#endif

/**
* \brief MD2 context structure
*/
Expand All @@ -52,10 +56,6 @@ typedef struct
}
md2_context;

#ifdef __cplusplus
extern "C" {
#endif

/**
* \brief MD2 context setup
*
Expand Down Expand Up @@ -164,6 +164,9 @@ void md2_hmac( const unsigned char *key, size_t keylen,
*/
int md2_self_test( int verbose );

/* Internal use */
void md2_process( md2_context *ctx );

#ifdef __cplusplus
}
#endif
Expand Down
13 changes: 8 additions & 5 deletions Externals/polarssl/include/polarssl/md4.h
View file
Expand Up @@ -31,7 +31,7 @@

#include <string.h>

#ifdef _MSC_VER
#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32)
#include <basetsd.h>
typedef UINT32 uint32_t;
#else
Expand All @@ -44,6 +44,10 @@ typedef UINT32 uint32_t;
// Regular implementation
//

#ifdef __cplusplus
extern "C" {
#endif

/**
* \brief MD4 context structure
*/
Expand All @@ -58,10 +62,6 @@ typedef struct
}
md4_context;

#ifdef __cplusplus
extern "C" {
#endif

/**
* \brief MD4 context setup
*
Expand Down Expand Up @@ -170,6 +170,9 @@ void md4_hmac( const unsigned char *key, size_t keylen,
*/
int md4_self_test( int verbose );

/* Internal use */
void md4_process( md4_context *ctx, const unsigned char data[64] );

#ifdef __cplusplus
}
#endif
Expand Down
10 changes: 5 additions & 5 deletions Externals/polarssl/include/polarssl/md5.h
View file
Expand Up @@ -31,7 +31,7 @@

#include <string.h>

#ifdef _MSC_VER
#if defined(_MSC_VER) && !defined(EFIX64) && !defined(EFI32)
#include <basetsd.h>
typedef UINT32 uint32_t;
#else
Expand All @@ -44,6 +44,10 @@ typedef UINT32 uint32_t;
// Regular implementation
//

#ifdef __cplusplus
extern "C" {
#endif

/**
* \brief MD5 context structure
*/
Expand All @@ -58,10 +62,6 @@ typedef struct
}
md5_context;

#ifdef __cplusplus
extern "C" {
#endif

/**
* \brief MD5 context setup
*
Expand Down
7 changes: 5 additions & 2 deletions Externals/polarssl/include/polarssl/md_wrap.h
View file
Expand Up @@ -45,14 +45,17 @@ extern const md_info_t md4_info;
#if defined(POLARSSL_MD5_C)
extern const md_info_t md5_info;
#endif
#if defined(POLARSSL_RIPEMD160_C)
extern const md_info_t ripemd160_info;
#endif
#if defined(POLARSSL_SHA1_C)
extern const md_info_t sha1_info;
#endif
#if defined(POLARSSL_SHA2_C)
#if defined(POLARSSL_SHA256_C)
extern const md_info_t sha224_info;
extern const md_info_t sha256_info;
#endif
#if defined(POLARSSL_SHA4_C)
#if defined(POLARSSL_SHA512_C)
extern const md_info_t sha384_info;
extern const md_info_t sha512_info;
#endif
Expand Down