got rid of libcrypto

5 files changed, 33 insertions, 26 deletions

diff --git a/src/libstrongswan/asn1/pem.c b/src/libstrongswan/asn1/pem.c
index 5f7ffa486..059795548 100755
--- a/src/libstrongswan/asn1/pem.c
+++ b/src/libstrongswan/asn1/pem.c
@@ -82,8 +82,8 @@ static bool find_boundary(const char* tag, chunk_t *line)
 /*
  * decrypts a passphrase protected encrypted data block
  */
-static bool pem_decrypt(chunk_t *blob, encryption_algorithm_t alg, size_t key_size,
-						 chunk_t *iv, chunk_t *passphrase)
+static status_t pem_decrypt(chunk_t *blob, encryption_algorithm_t alg, size_t key_size,
+							chunk_t *iv, chunk_t passphrase)
 {
 	hasher_t *hasher;
 	crypter_t *crypter;
@@ -93,10 +93,10 @@ static bool pem_decrypt(chunk_t *blob, encryption_algorithm_t alg, size_t key_si
 	chunk_t key = {alloca(key_size), key_size};
 	u_int8_t padding, *last_padding_pos, *first_padding_pos;
 	
-	if (passphrase == NULL || passphrase->len == 0)
+	if (passphrase.len == 0)
 	{
 		DBG1("  missing passphrase");
-		return FALSE;
+		return INVALID_ARG;
 	}
 
 	/* build key from passphrase and IV */
@@ -104,18 +104,18 @@ static bool pem_decrypt(chunk_t *blob, encryption_algorithm_t alg, size_t key_si
 	if (hasher == NULL)
 	{
 		DBG1("  MD5 hash algorithm not available");
-		return FALSE;
+		return NOT_SUPPORTED;
 	}
 	hash.len = hasher->get_hash_size(hasher);
 	hash.ptr = alloca(hash.len);
-	hasher->get_hash(hasher, *passphrase, NULL);
+	hasher->get_hash(hasher, passphrase, NULL);
 	hasher->get_hash(hasher, salt, hash.ptr);
 	memcpy(key.ptr, hash.ptr, hash.len);
 
 	if (key.len > hash.len)
 	{
 		hasher->get_hash(hasher, hash, NULL);
-		hasher->get_hash(hasher, *passphrase, NULL);
+		hasher->get_hash(hasher, passphrase, NULL);
 		hasher->get_hash(hasher, salt, hash.ptr);	
 		memcpy(key.ptr + hash.len, hash.ptr, key.len - hash.len);
 	}	
@@ -127,7 +127,7 @@ static bool pem_decrypt(chunk_t *blob, encryption_algorithm_t alg, size_t key_si
 	{
 		DBG1("  %N encryption algorithm not available",
 			 encryption_algorithm_names, alg);
-		return FALSE;
+		return NOT_SUPPORTED;
 	}
 	crypter->set_key(crypter, key);
 	
@@ -136,7 +136,7 @@ static bool pem_decrypt(chunk_t *blob, encryption_algorithm_t alg, size_t key_si
 	{
 		crypter->destroy(crypter);
 		DBG1("  data size is not multiple of block size");
-		return FALSE;
+		return PARSE_ERROR;
 	}
 	crypter->decrypt(crypter, *blob, *iv, &decrypted);
 	crypter->destroy(crypter);
@@ -154,12 +154,12 @@ static bool pem_decrypt(chunk_t *blob, encryption_algorithm_t alg, size_t key_si
 		if (*last_padding_pos != padding)
 		{
 			DBG1("  invalid passphrase");
-			return FALSE;
+			return INVALID_ARG;
 		}
 	}
 	/* remove padding */
 	blob->len -= padding;
-	return TRUE;
+	return SUCCESS;
 }
 
 /*  Converts a PEM encoded file into its binary form
@@ -167,7 +167,7 @@ static bool pem_decrypt(chunk_t *blob, encryption_algorithm_t alg, size_t key_si
  *  RFC 1421 Privacy Enhancement for Electronic Mail, February 1993
  *  RFC 934 Message Encapsulation, January 1985
  */
-bool pem_to_bin(chunk_t *blob, chunk_t *passphrase, bool *pgp)
+status_t pem_to_bin(chunk_t *blob, chunk_t passphrase, bool *pgp)
 {
 	typedef enum {
 		PEM_PRE    = 0,
@@ -237,17 +237,21 @@ bool pem_to_bin(chunk_t *blob, chunk_t *passphrase, bool *pgp)
 				DBG2("  %.*s", (int)line.len, line.ptr);
 				ugh = extract_parameter_value(&name, &value, &line);
 				if (ugh != NULL)
+				{
 					continue;
-
+				}
 				if (match("Proc-Type", &name) && *value.ptr == '4')
+				{
 					encrypted = TRUE;
+				}
 				else if (match("DEK-Info", &name))
 				{
 					chunk_t dek;
 
 					if (!extract_token(&dek, ',', &value))
+					{
 						dek = value;
-
+					}
 					if (match("DES-EDE3-CBC", &dek))
 					{
 						alg = ENCR_3DES;
@@ -272,7 +276,7 @@ bool pem_to_bin(chunk_t *blob, chunk_t *passphrase, bool *pgp)
 					{
 						DBG1("  encryption algorithm '%.s' not supported",
 							 dek.len, dek.ptr);
-						return FALSE;
+						return NOT_SUPPORTED;
 					}
 					eat_whitespace(&value);
 					iv = chunk_from_hex(value, iv.ptr);
@@ -315,11 +319,11 @@ bool pem_to_bin(chunk_t *blob, chunk_t *passphrase, bool *pgp)
 	if (state != PEM_POST)
 	{
 		DBG1("  file coded in unknown format, discarded");
-		return FALSE;
+		return PARSE_ERROR;
 	}
 	if (!encrypted)
 	{
-		return TRUE;
+		return SUCCESS;
 	}
 	return pem_decrypt(blob, alg, key_size, &iv, passphrase);
 	
@@ -335,7 +339,9 @@ bool pem_asn1_load_file(char *filename, chunk_t *passphrase,
 
 	if (fd)
 	{
+		chunk_t pass = chunk_empty;
 		int bytes;
+
 		fseek(fd, 0, SEEK_END );
 		blob->len = ftell(fd);
 		rewind(fd);
@@ -355,11 +361,12 @@ bool pem_asn1_load_file(char *filename, chunk_t *passphrase,
 
 		if (passphrase != NULL)
 		{
+			pass = *passphrase;
 			DBG4("  passphrase: %#B", passphrase);
 		}
 
 		/* try PEM format */
-		if (pem_to_bin(blob, passphrase, pgp))
+		if (pem_to_bin(blob, pass, pgp) == SUCCESS)
 		{
 			if (*pgp)
 			{
diff --git a/src/libstrongswan/asn1/pem.h b/src/libstrongswan/asn1/pem.h
index c9894859e..7385330d7 100755
--- a/src/libstrongswan/asn1/pem.h
+++ b/src/libstrongswan/asn1/pem.h
@@ -21,9 +21,9 @@
 
 #include <library.h>
 
-bool pem_to_bin(chunk_t *blob, chunk_t *passphrase, bool *pgp);
+status_t pem_to_bin(chunk_t *blob, chunk_t passphrase, bool *pgp);
 
-bool pem_asn1_load_file(char *filename, chunk_t *passphrase,
-						chunk_t *blob, bool *pgp);
+bool pem_asn1_load_file(char *filename, chunk_t *passphrase, chunk_t *blob,
+						bool *pgp);
 
 #endif /*PEM_H_ @} */
diff --git a/src/libstrongswan/plugins/pubkey/pubkey_public_key.c b/src/libstrongswan/plugins/pubkey/pubkey_public_key.c
index 2210f08ce..6d3ae66ab 100644
--- a/src/libstrongswan/plugins/pubkey/pubkey_public_key.c
+++ b/src/libstrongswan/plugins/pubkey/pubkey_public_key.c
@@ -145,7 +145,7 @@ static void add(private_builder_t *this, builder_part_t part, ...)
 				va_start(args, part);
 				pem = va_arg(args, char *);
 				blob = chunk_clone(chunk_create(pem, strlen(pem)));
-				if (pem_to_bin(&blob, &chunk_empty, &pgp))
+				if (pem_to_bin(&blob, chunk_empty, &pgp) == SUCCESS)
 				{
 					this->key = pubkey_public_key_load(chunk_clone(blob));
 				}
diff --git a/src/libstrongswan/plugins/twofish/twofish.c b/src/libstrongswan/plugins/twofish/twofish.c
index 0e01a92d2..44ffca69c 100644
--- a/src/libstrongswan/plugins/twofish/twofish.c
+++ b/src/libstrongswan/plugins/twofish/twofish.c
@@ -575,7 +575,7 @@ static const u8 calc_sb_tbl[512] = {
 
 /* Perform the key setup. */
 
-int twofish_set_key (TWOFISH_context *ctx,
+int twofish_set_key (twofish_context *ctx,
 			    const unsigned char *key, int key_len)
 {
 
@@ -788,7 +788,7 @@ int twofish_set_key (TWOFISH_context *ctx,
 
 /* Encrypt one block.  in and out may be the same. */
 
-int twofish_encrypt (TWOFISH_context *ctx,
+int twofish_encrypt (twofish_context *ctx,
 			    const u8 *in, u8 *out)
 {
 	/* The four 32-bit chunks of the text. */
@@ -824,7 +824,7 @@ int twofish_encrypt (TWOFISH_context *ctx,
 
 /* Decrypt one block.  in and out may be the same. */
 
-int twofish_decrypt (TWOFISH_context *ctx,
+int twofish_decrypt (twofish_context *ctx,
 			    const u8 *in, u8 *out)
 {
 	/* The four 32-bit chunks of the text. */
diff --git a/src/libstrongswan/plugins/twofish/twofish.h b/src/libstrongswan/plugins/twofish/twofish.h
index 4a1f7625c..6d399766b 100644
--- a/src/libstrongswan/plugins/twofish/twofish.h
+++ b/src/libstrongswan/plugins/twofish/twofish.h
@@ -11,7 +11,7 @@
  * subkeys, K[0] through K[7].	k holds the remaining, "round" subkeys.  Note
  * that k[i] corresponds to what the Twofish paper calls K[i+8].
  */
-typedef struct twofish_context {
+struct twofish_context {
 	u_int32_t s[4][256], w[8], k[32];
 };