aboutsummaryrefslogtreecommitdiffstats
path: root/Source/lib/crypto
diff options
context:
space:
mode:
Diffstat (limited to 'Source/lib/crypto')
-rw-r--r--Source/lib/crypto/Makefile.transforms37
-rw-r--r--Source/lib/crypto/crypters/Makefile.crypters23
-rw-r--r--Source/lib/crypto/crypters/aes_cbc_crypter.c1627
-rw-r--r--Source/lib/crypto/crypters/aes_cbc_crypter.h61
-rw-r--r--Source/lib/crypto/crypters/crypter.c63
-rw-r--r--Source/lib/crypto/crypters/crypter.h153
-rw-r--r--Source/lib/crypto/diffie_hellman.c615
-rw-r--r--Source/lib/crypto/diffie_hellman.h149
-rw-r--r--Source/lib/crypto/hashers/Makefile.hashers27
-rw-r--r--Source/lib/crypto/hashers/hasher.c60
-rw-r--r--Source/lib/crypto/hashers/hasher.h147
-rw-r--r--Source/lib/crypto/hashers/md5_hasher.c394
-rw-r--r--Source/lib/crypto/hashers/md5_hasher.h60
-rw-r--r--Source/lib/crypto/hashers/sha1_hasher.c269
-rw-r--r--Source/lib/crypto/hashers/sha1_hasher.h60
-rw-r--r--Source/lib/crypto/hmac.c209
-rw-r--r--Source/lib/crypto/hmac.h118
-rw-r--r--Source/lib/crypto/prf_plus.c157
-rw-r--r--Source/lib/crypto/prf_plus.h93
-rw-r--r--Source/lib/crypto/prfs/Makefile.prfs23
-rw-r--r--Source/lib/crypto/prfs/hmac_prf.c117
-rw-r--r--Source/lib/crypto/prfs/hmac_prf.h64
-rw-r--r--Source/lib/crypto/prfs/prf.c67
-rw-r--r--Source/lib/crypto/prfs/prf.h136
-rw-r--r--Source/lib/crypto/rsa/Makefile.rsa23
-rw-r--r--Source/lib/crypto/rsa/rsa_private_key.c772
-rw-r--r--Source/lib/crypto/rsa/rsa_private_key.h185
-rw-r--r--Source/lib/crypto/rsa/rsa_public_key.c458
-rw-r--r--Source/lib/crypto/rsa/rsa_public_key.h153
-rw-r--r--Source/lib/crypto/signers/Makefile.signers23
-rw-r--r--Source/lib/crypto/signers/hmac_signer.c169
-rw-r--r--Source/lib/crypto/signers/hmac_signer.h58
-rw-r--r--Source/lib/crypto/signers/signer.c59
-rw-r--r--Source/lib/crypto/signers/signer.h147
-rwxr-xr-xSource/lib/crypto/x509.c937
-rwxr-xr-xSource/lib/crypto/x509.h136
36 files changed, 0 insertions, 7849 deletions
diff --git a/Source/lib/crypto/Makefile.transforms b/Source/lib/crypto/Makefile.transforms
deleted file mode 100644
index af0b147da..000000000
--- a/Source/lib/crypto/Makefile.transforms
+++ /dev/null
@@ -1,37 +0,0 @@
-# Copyright (C) 2005 Jan Hutter, Martin Willi
-# Hochschule fuer Technik Rapperswil
-#
-# This program is free software; you can redistribute it and/or modify it
-# under the terms of the GNU General Public License as published by the
-# Free Software Foundation; either version 2 of the License, or (at your
-# option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-#
-# This program is distributed in the hope that it will be useful, but
-# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-# for more details.
-#
-
-CRYPTO_DIR= $(LIB_DIR)crypto/
-
-include $(CRYPTO_DIR)crypters/Makefile.crypters
-include $(CRYPTO_DIR)hashers/Makefile.hashers
-include $(CRYPTO_DIR)prfs/Makefile.prfs
-include $(CRYPTO_DIR)signers/Makefile.signers
-include $(CRYPTO_DIR)rsa/Makefile.rsa
-
-LIB_OBJS+= $(BUILD_DIR)diffie_hellman.o
-$(BUILD_DIR)diffie_hellman.o : $(CRYPTO_DIR)diffie_hellman.c $(CRYPTO_DIR)diffie_hellman.h
- $(CC) $(CFLAGS) -c -o $@ $<
-
-LIB_OBJS+= $(BUILD_DIR)hmac.o
-$(BUILD_DIR)hmac.o : $(CRYPTO_DIR)hmac.c $(CRYPTO_DIR)hmac.h
- $(CC) $(CFLAGS) -c -o $@ $<
-
-LIB_OBJS+= $(BUILD_DIR)prf_plus.o
-$(BUILD_DIR)prf_plus.o : $(CRYPTO_DIR)prf_plus.c $(CRYPTO_DIR)prf_plus.h
- $(CC) $(CFLAGS) -c -o $@ $<
-
-LIB_OBJS+= $(BUILD_DIR)x509.o
-$(BUILD_DIR)x509.o : $(CRYPTO_DIR)x509.c $(CRYPTO_DIR)x509.h
- $(CC) $(CFLAGS) -c -o $@ $<
diff --git a/Source/lib/crypto/crypters/Makefile.crypters b/Source/lib/crypto/crypters/Makefile.crypters
deleted file mode 100644
index 612477de8..000000000
--- a/Source/lib/crypto/crypters/Makefile.crypters
+++ /dev/null
@@ -1,23 +0,0 @@
-# Copyright (C) 2005 Jan Hutter, Martin Willi
-# Hochschule fuer Technik Rapperswil
-#
-# This program is free software; you can redistribute it and/or modify it
-# under the terms of the GNU General Public License as published by the
-# Free Software Foundation; either version 2 of the License, or (at your
-# option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-#
-# This program is distributed in the hope that it will be useful, but
-# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-# for more details.
-#
-
-CRYPTERS_DIR= $(CRYPTO_DIR)crypters/
-
-LIB_OBJS+= $(BUILD_DIR)crypter.o
-$(BUILD_DIR)crypter.o : $(CRYPTERS_DIR)crypter.c $(CRYPTERS_DIR)crypter.h
- $(CC) $(CFLAGS) -c -o $@ $<
-
-LIB_OBJS+= $(BUILD_DIR)aes_cbc_crypter.o
-$(BUILD_DIR)aes_cbc_crypter.o : $(CRYPTERS_DIR)aes_cbc_crypter.c $(CRYPTERS_DIR)aes_cbc_crypter.h
- $(CC) $(CFLAGS) -c -o $@ $<
diff --git a/Source/lib/crypto/crypters/aes_cbc_crypter.c b/Source/lib/crypto/crypters/aes_cbc_crypter.c
deleted file mode 100644
index 9b7b07c62..000000000
--- a/Source/lib/crypto/crypters/aes_cbc_crypter.c
+++ /dev/null
@@ -1,1627 +0,0 @@
-/**
- * @file aes_cbc_crypter.c
- *
- * @brief Implementation of aes_cbc_crypter_t
- *
- */
-
- /*
- * Copyright (C) 2001 Dr B. R. Gladman <brg@gladman.uk.net>
- * Copyright (C) 2005 Jan Hutter, Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include "aes_cbc_crypter.h"
-
-
-
-/*
- * The number of key schedule words for different block and key lengths
- * allowing for method of computation which requires the length to be a
- * multiple of the key length. This version of AES implementation supports
- * all three keylengths 16, 24 and 32 bytes!
- *
- * Nk = 4 6 8
- * -------------
- * Nb = 4 | 60 60 64
- * 6 | 96 90 96
- * 8 | 120 120 120
- */
-#define AES_KS_LENGTH 120
-#define AES_RC_LENGTH 29
-
-#define AES_BLOCK_SIZE 16
-
-typedef struct private_aes_cbc_crypter_t private_aes_cbc_crypter_t;
-
-/**
- * @brief Class implementing the AES symmetric encryption algorithm.
- *
- * @ingroup crypters
- */
-struct private_aes_cbc_crypter_t {
-
- /**
- * Public part of this class.
- */
- aes_cbc_crypter_t public;
-
- /**
- * Number of words in the key input block.
- */
- u_int32_t aes_Nkey;
-
- /**
- * The number of cipher rounds.
- */
- u_int32_t aes_Nrnd;
-
- /**
- * The encryption key schedule.
- */
- u_int32_t aes_e_key[AES_KS_LENGTH];
-
- /**
- * The decryption key schedule.
- */
- u_int32_t aes_d_key[AES_KS_LENGTH];
-
- /**
- * The number of columns in the cipher state.
- */
- u_int32_t aes_Ncol;
-
- /**
- * Key size of this AES cypher object.
- */
- u_int32_t key_size;
-
- /**
- * Decrypts a block.
- *
- * No memory gets allocated.
- *
- * @param this calling object
- * @param[in] in_blk block to decrypt
- * @param[out] out_blk decrypted data are written to this location
- */
- void (*decrypt_block) (const private_aes_cbc_crypter_t *this, const unsigned char in_blk[], unsigned char out_blk[]);
-
- /**
- * Encrypts a block.
- *
- * No memory gets allocated.
- *
- * @param this calling object
- * @param[in] in_blk block to encrypt
- * @param[out] out_blk encrypted data are written to this location
- */
- void (*encrypt_block) (const private_aes_cbc_crypter_t *this, const unsigned char in_blk[], unsigned char out_blk[]);
-};
-
-
-/* ugly macro stuff */
-
-/* 1. Define UNROLL for full loop unrolling in encryption and decryption.
- * 2. Define PARTIAL_UNROLL to unroll two loops in encryption and decryption.
- * 3. Define FIXED_TABLES for compiled rather than dynamic tables.
- * 4. Define FF_TABLES to use tables for field multiplies and inverses.
- * Do not enable this without understanding stack space requirements.
- * 5. Define ARRAYS to use arrays to hold the local state block. If this
- * is not defined, individually declared 32-bit words are used.
- * 6. Define FAST_VARIABLE if a high speed variable block implementation
- * is needed (essentially three separate fixed block size code sequences)
- * 7. Define either ONE_TABLE or FOUR_TABLES for a fast table driven
- * version using 1 table (2 kbytes of table space) or 4 tables (8
- * kbytes of table space) for higher speed.
- * 8. Define either ONE_LR_TABLE or FOUR_LR_TABLES for a further speed
- * increase by using tables for the last rounds but with more table
- * space (2 or 8 kbytes extra).
- * 9. If neither ONE_TABLE nor FOUR_TABLES is defined, a compact but
- * slower version is provided.
- * 10. If fast decryption key scheduling is needed define ONE_IM_TABLE
- * or FOUR_IM_TABLES for higher speed (2 or 8 kbytes extra).
- */
-
-#define UNROLL
-//#define PARTIAL_UNROLL
-
-#define FIXED_TABLES
-//#define FF_TABLES
-//#define ARRAYS
-#define FAST_VARIABLE
-
-//#define ONE_TABLE
-#define FOUR_TABLES
-
-//#define ONE_LR_TABLE
-#define FOUR_LR_TABLES
-
-//#define ONE_IM_TABLE
-#define FOUR_IM_TABLES
-
-#if defined(UNROLL) && defined (PARTIAL_UNROLL)
-#error both UNROLL and PARTIAL_UNROLL are defined
-#endif
-
-#if defined(ONE_TABLE) && defined (FOUR_TABLES)
-#error both ONE_TABLE and FOUR_TABLES are defined
-#endif
-
-#if defined(ONE_LR_TABLE) && defined (FOUR_LR_TABLES)
-#error both ONE_LR_TABLE and FOUR_LR_TABLES are defined
-#endif
-
-#if defined(ONE_IM_TABLE) && defined (FOUR_IM_TABLES)
-#error both ONE_IM_TABLE and FOUR_IM_TABLES are defined
-#endif
-
-#if defined(AES_BLOCK_SIZE) && AES_BLOCK_SIZE != 16 && AES_BLOCK_SIZE != 24 && AES_BLOCK_SIZE != 32
-#error an illegal block size has been specified
-#endif
-
-/**
- * Rotates bytes within words by n positions, moving bytes
- * to higher index positions with wrap around into low positions.
- */
-#define upr(x,n) (((x) << 8 * (n)) | ((x) >> (32 - 8 * (n))))
-/**
- * Moves bytes by n positions to higher index positions in
- * words but without wrap around.
- */
-#define ups(x,n) ((x) << 8 * (n))
-
-/**
- * Extracts a byte from a word.
- */
-#define bval(x,n) ((unsigned char)((x) >> 8 * (n)))
-#define bytes2word(b0, b1, b2, b3) \
- ((u_int32_t)(b3) << 24 | (u_int32_t)(b2) << 16 | (u_int32_t)(b1) << 8 | (b0))
-
-
-/* little endian processor without data alignment restrictions: AES_LE_OK */
-/* original code: i386 */
-#if defined(i386) || defined(_I386) || defined(__i386__) || defined(__i386)
-#define AES_LE_OK 1
-/* added (tested): alpha --jjo */
-#elif defined(__alpha__)|| defined (__alpha)
-#define AES_LE_OK 1
-/* added (tested): ia64 --jjo */
-#elif defined(__ia64__)|| defined (__ia64)
-#define AES_LE_OK 1
-#endif
-
-#ifdef AES_LE_OK
-/* little endian processor without data alignment restrictions */
-#define word_in(x) *(u_int32_t*)(x)
-#define const_word_in(x) *(const u_int32_t*)(x)
-#define word_out(x,v) *(u_int32_t*)(x) = (v)
-#define const_word_out(x,v) *(const u_int32_t*)(x) = (v)
-#else
-/* slower but generic big endian or with data alignment restrictions */
-/* some additional "const" touches to stop "gcc -Wcast-qual" complains --jjo */
-#define word_in(x) ((u_int32_t)(((unsigned char *)(x))[0])|((u_int32_t)(((unsigned char *)(x))[1])<<8)|((u_int32_t)(((unsigned char *)(x))[2])<<16)|((u_int32_t)(((unsigned char *)(x))[3])<<24))
-#define const_word_in(x) ((const u_int32_t)(((const unsigned char *)(x))[0])|((const u_int32_t)(((const unsigned char *)(x))[1])<<8)|((const u_int32_t)(((const unsigned char *)(x))[2])<<16)|((const u_int32_t)(((const unsigned char *)(x))[3])<<24))
-#define word_out(x,v) ((unsigned char *)(x))[0]=(v),((unsigned char *)(x))[1]=((v)>>8),((unsigned char *)(x))[2]=((v)>>16),((unsigned char *)(x))[3]=((v)>>24)
-#define const_word_out(x,v) ((const unsigned char *)(x))[0]=(v),((const unsigned char *)(x))[1]=((v)>>8),((const unsigned char *)(x))[2]=((v)>>16),((const unsigned char *)(x))[3]=((v)>>24)
-#endif
-
-// Disable at least some poor combinations of options
-
-#if !defined(ONE_TABLE) && !defined(FOUR_TABLES)
-#define FIXED_TABLES
-#undef UNROLL
-#undef ONE_LR_TABLE
-#undef FOUR_LR_TABLES
-#undef ONE_IM_TABLE
-#undef FOUR_IM_TABLES
-#elif !defined(FOUR_TABLES)
-#ifdef FOUR_LR_TABLES
-#undef FOUR_LR_TABLES
-#define ONE_LR_TABLE
-#endif
-#ifdef FOUR_IM_TABLES
-#undef FOUR_IM_TABLES
-#define ONE_IM_TABLE
-#endif
-#elif !defined(AES_BLOCK_SIZE)
-#if defined(UNROLL)
-#define PARTIAL_UNROLL
-#undef UNROLL
-#endif
-#endif
-
-// the finite field modular polynomial and elements
-
-#define ff_poly 0x011b
-#define ff_hi 0x80
-
-// multiply four bytes in GF(2^8) by 'x' {02} in parallel
-
-#define m1 0x80808080
-#define m2 0x7f7f7f7f
-#define m3 0x0000001b
-#define FFmulX(x) ((((x) & m2) << 1) ^ ((((x) & m1) >> 7) * m3))
-
-// The following defines provide alternative definitions of FFmulX that might
-// give improved performance if a fast 32-bit multiply is not available. Note
-// that a temporary variable u needs to be defined where FFmulX is used.
-
-// #define FFmulX(x) (u = (x) & m1, u |= (u >> 1), ((x) & m2) << 1) ^ ((u >> 3) | (u >> 6))
-// #define m4 0x1b1b1b1b
-// #define FFmulX(x) (u = (x) & m1, ((x) & m2) << 1) ^ ((u - (u >> 7)) & m4)
-
-// perform column mix operation on four bytes in parallel
-
-#define fwd_mcol(x) (f2 = FFmulX(x), f2 ^ upr(x ^ f2,3) ^ upr(x,2) ^ upr(x,1))
-
-#if defined(FIXED_TABLES)
-
-// the S-Box table
-
-static const unsigned char s_box[256] =
-{
- 0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5,
- 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76,
- 0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0,
- 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0,
- 0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc,
- 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15,
- 0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a,
- 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75,
- 0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0,
- 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84,
- 0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b,
- 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf,
- 0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85,
- 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8,
- 0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5,
- 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2,
- 0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17,
- 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73,
- 0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88,
- 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb,
- 0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c,
- 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79,
- 0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9,
- 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08,
- 0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6,
- 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a,
- 0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e,
- 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e,
- 0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94,
- 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf,
- 0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68,
- 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
-};
-
-// the inverse S-Box table
-
-static const unsigned char inv_s_box[256] =
-{
- 0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38,
- 0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb,
- 0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87,
- 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb,
- 0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d,
- 0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e,
- 0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2,
- 0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25,
- 0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16,
- 0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92,
- 0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda,
- 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84,
- 0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a,
- 0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06,
- 0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02,
- 0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b,
- 0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea,
- 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73,
- 0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85,
- 0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e,
- 0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89,
- 0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b,
- 0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20,
- 0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4,
- 0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31,
- 0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f,
- 0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d,
- 0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef,
- 0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0,
- 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61,
- 0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26,
- 0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d
-};
-
-#define w0(p) 0x000000##p
-
-// Number of elements required in this table for different
-// block and key lengths is:
-//
-// Nk = 4 6 8
-// ----------
-// Nb = 4 | 10 8 7
-// 6 | 19 12 11
-// 8 | 29 19 14
-//
-// this table can be a table of bytes if the key schedule
-// code is adjusted accordingly
-
-static const u_int32_t rcon_tab[29] =
-{
- w0(01), w0(02), w0(04), w0(08),
- w0(10), w0(20), w0(40), w0(80),
- w0(1b), w0(36), w0(6c), w0(d8),
- w0(ab), w0(4d), w0(9a), w0(2f),
- w0(5e), w0(bc), w0(63), w0(c6),
- w0(97), w0(35), w0(6a), w0(d4),
- w0(b3), w0(7d), w0(fa), w0(ef),
- w0(c5)
-};
-
-#undef w0
-
-#define r0(p,q,r,s) 0x##p##q##r##s
-#define r1(p,q,r,s) 0x##q##r##s##p
-#define r2(p,q,r,s) 0x##r##s##p##q
-#define r3(p,q,r,s) 0x##s##p##q##r
-#define w0(p) 0x000000##p
-#define w1(p) 0x0000##p##00
-#define w2(p) 0x00##p##0000
-#define w3(p) 0x##p##000000
-
-#if defined(FIXED_TABLES) && (defined(ONE_TABLE) || defined(FOUR_TABLES))
-
-// data for forward tables (other than last round)
-
-#define f_table \
- r(a5,63,63,c6), r(84,7c,7c,f8), r(99,77,77,ee), r(8d,7b,7b,f6),\
- r(0d,f2,f2,ff), r(bd,6b,6b,d6), r(b1,6f,6f,de), r(54,c5,c5,91),\
- r(50,30,30,60), r(03,01,01,02), r(a9,67,67,ce), r(7d,2b,2b,56),\
- r(19,fe,fe,e7), r(62,d7,d7,b5), r(e6,ab,ab,4d), r(9a,76,76,ec),\
- r(45,ca,ca,8f), r(9d,82,82,1f), r(40,c9,c9,89), r(87,7d,7d,fa),\
- r(15,fa,fa,ef), r(eb,59,59,b2), r(c9,47,47,8e), r(0b,f0,f0,fb),\
- r(ec,ad,ad,41), r(67,d4,d4,b3), r(fd,a2,a2,5f), r(ea,af,af,45),\
- r(bf,9c,9c,23), r(f7,a4,a4,53), r(96,72,72,e4), r(5b,c0,c0,9b),\
- r(c2,b7,b7,75), r(1c,fd,fd,e1), r(ae,93,93,3d), r(6a,26,26,4c),\
- r(5a,36,36,6c), r(41,3f,3f,7e), r(02,f7,f7,f5), r(4f,cc,cc,83),\
- r(5c,34,34,68), r(f4,a5,a5,51), r(34,e5,e5,d1), r(08,f1,f1,f9),\
- r(93,71,71,e2), r(73,d8,d8,ab), r(53,31,31,62), r(3f,15,15,2a),\
- r(0c,04,04,08), r(52,c7,c7,95), r(65,23,23,46), r(5e,c3,c3,9d),\
- r(28,18,18,30), r(a1,96,96,37), r(0f,05,05,0a), r(b5,9a,9a,2f),\
- r(09,07,07,0e), r(36,12,12,24), r(9b,80,80,1b), r(3d,e2,e2,df),\
- r(26,eb,eb,cd), r(69,27,27,4e), r(cd,b2,b2,7f), r(9f,75,75,ea),\
- r(1b,09,09,12), r(9e,83,83,1d), r(74,2c,2c,58), r(2e,1a,1a,34),\
- r(2d,1b,1b,36), r(b2,6e,6e,dc), r(ee,5a,5a,b4), r(fb,a0,a0,5b),\
- r(f6,52,52,a4), r(4d,3b,3b,76), r(61,d6,d6,b7), r(ce,b3,b3,7d),\
- r(7b,29,29,52), r(3e,e3,e3,dd), r(71,2f,2f,5e), r(97,84,84,13),\
- r(f5,53,53,a6), r(68,d1,d1,b9), r(00,00,00,00), r(2c,ed,ed,c1),\
- r(60,20,20,40), r(1f,fc,fc,e3), r(c8,b1,b1,79), r(ed,5b,5b,b6),\
- r(be,6a,6a,d4), r(46,cb,cb,8d), r(d9,be,be,67), r(4b,39,39,72),\
- r(de,4a,4a,94), r(d4,4c,4c,98), r(e8,58,58,b0), r(4a,cf,cf,85),\
- r(6b,d0,d0,bb), r(2a,ef,ef,c5), r(e5,aa,aa,4f), r(16,fb,fb,ed),\
- r(c5,43,43,86), r(d7,4d,4d,9a), r(55,33,33,66), r(94,85,85,11),\
- r(cf,45,45,8a), r(10,f9,f9,e9), r(06,02,02,04), r(81,7f,7f,fe),\
- r(f0,50,50,a0), r(44,3c,3c,78), r(ba,9f,9f,25), r(e3,a8,a8,4b),\
- r(f3,51,51,a2), r(fe,a3,a3,5d), r(c0,40,40,80), r(8a,8f,8f,05),\
- r(ad,92,92,3f), r(bc,9d,9d,21), r(48,38,38,70), r(04,f5,f5,f1),\
- r(df,bc,bc,63), r(c1,b6,b6,77), r(75,da,da,af), r(63,21,21,42),\
- r(30,10,10,20), r(1a,ff,ff,e5), r(0e,f3,f3,fd), r(6d,d2,d2,bf),\
- r(4c,cd,cd,81), r(14,0c,0c,18), r(35,13,13,26), r(2f,ec,ec,c3),\
- r(e1,5f,5f,be), r(a2,97,97,35), r(cc,44,44,88), r(39,17,17,2e),\
- r(57,c4,c4,93), r(f2,a7,a7,55), r(82,7e,7e,fc), r(47,3d,3d,7a),\
- r(ac,64,64,c8), r(e7,5d,5d,ba), r(2b,19,19,32), r(95,73,73,e6),\
- r(a0,60,60,c0), r(98,81,81,19), r(d1,4f,4f,9e), r(7f,dc,dc,a3),\
- r(66,22,22,44), r(7e,2a,2a,54), r(ab,90,90,3b), r(83,88,88,0b),\
- r(ca,46,46,8c), r(29,ee,ee,c7), r(d3,b8,b8,6b), r(3c,14,14,28),\
- r(79,de,de,a7), r(e2,5e,5e,bc), r(1d,0b,0b,16), r(76,db,db,ad),\
- r(3b,e0,e0,db), r(56,32,32,64), r(4e,3a,3a,74), r(1e,0a,0a,14),\
- r(db,49,49,92), r(0a,06,06,0c), r(6c,24,24,48), r(e4,5c,5c,b8),\
- r(5d,c2,c2,9f), r(6e,d3,d3,bd), r(ef,ac,ac,43), r(a6,62,62,c4),\
- r(a8,91,91,39), r(a4,95,95,31), r(37,e4,e4,d3), r(8b,79,79,f2),\
- r(32,e7,e7,d5), r(43,c8,c8,8b), r(59,37,37,6e), r(b7,6d,6d,da),\
- r(8c,8d,8d,01), r(64,d5,d5,b1), r(d2,4e,4e,9c), r(e0,a9,a9,49),\
- r(b4,6c,6c,d8), r(fa,56,56,ac), r(07,f4,f4,f3), r(25,ea,ea,cf),\
- r(af,65,65,ca), r(8e,7a,7a,f4), r(e9,ae,ae,47), r(18,08,08,10),\
- r(d5,ba,ba,6f), r(88,78,78,f0), r(6f,25,25,4a), r(72,2e,2e,5c),\
- r(24,1c,1c,38), r(f1,a6,a6,57), r(c7,b4,b4,73), r(51,c6,c6,97),\
- r(23,e8,e8,cb), r(7c,dd,dd,a1), r(9c,74,74,e8), r(21,1f,1f,3e),\
- r(dd,4b,4b,96), r(dc,bd,bd,61), r(86,8b,8b,0d), r(85,8a,8a,0f),\
- r(90,70,70,e0), r(42,3e,3e,7c), r(c4,b5,b5,71), r(aa,66,66,cc),\
- r(d8,48,48,90), r(05,03,03,06), r(01,f6,f6,f7), r(12,0e,0e,1c),\
- r(a3,61,61,c2), r(5f,35,35,6a), r(f9,57,57,ae), r(d0,b9,b9,69),\
- r(91,86,86,17), r(58,c1,c1,99), r(27,1d,1d,3a), r(b9,9e,9e,27),\
- r(38,e1,e1,d9), r(13,f8,f8,eb), r(b3,98,98,2b), r(33,11,11,22),\
- r(bb,69,69,d2), r(70,d9,d9,a9), r(89,8e,8e,07), r(a7,94,94,33),\
- r(b6,9b,9b,2d), r(22,1e,1e,3c), r(92,87,87,15), r(20,e9,e9,c9),\
- r(49,ce,ce,87), r(ff,55,55,aa), r(78,28,28,50), r(7a,df,df,a5),\
- r(8f,8c,8c,03), r(f8,a1,a1,59), r(80,89,89,09), r(17,0d,0d,1a),\
- r(da,bf,bf,65), r(31,e6,e6,d7), r(c6,42,42,84), r(b8,68,68,d0),\
- r(c3,41,41,82), r(b0,99,99,29), r(77,2d,2d,5a), r(11,0f,0f,1e),\
- r(cb,b0,b0,7b), r(fc,54,54,a8), r(d6,bb,bb,6d), r(3a,16,16,2c)
-
-// data for inverse tables (other than last round)
-
-#define i_table \
- r(50,a7,f4,51), r(53,65,41,7e), r(c3,a4,17,1a), r(96,5e,27,3a),\
- r(cb,6b,ab,3b), r(f1,45,9d,1f), r(ab,58,fa,ac), r(93,03,e3,4b),\
- r(55,fa,30,20), r(f6,6d,76,ad), r(91,76,cc,88), r(25,4c,02,f5),\
- r(fc,d7,e5,4f), r(d7,cb,2a,c5), r(80,44,35,26), r(8f,a3,62,b5),\
- r(49,5a,b1,de), r(67,1b,ba,25), r(98,0e,ea,45), r(e1,c0,fe,5d),\
- r(02,75,2f,c3), r(12,f0,4c,81), r(a3,97,46,8d), r(c6,f9,d3,6b),\
- r(e7,5f,8f,03), r(95,9c,92,15), r(eb,7a,6d,bf), r(da,59,52,95),\
- r(2d,83,be,d4), r(d3,21,74,58), r(29,69,e0,49), r(44,c8,c9,8e),\
- r(6a,89,c2,75), r(78,79,8e,f4), r(6b,3e,58,99), r(dd,71,b9,27),\
- r(b6,4f,e1,be), r(17,ad,88,f0), r(66,ac,20,c9), r(b4,3a,ce,7d),\
- r(18,4a,df,63), r(82,31,1a,e5), r(60,33,51,97), r(45,7f,53,62),\
- r(e0,77,64,b1), r(84,ae,6b,bb), r(1c,a0,81,fe), r(94,2b,08,f9),\
- r(58,68,48,70), r(19,fd,45,8f), r(87,6c,de,94), r(b7,f8,7b,52),\
- r(23,d3,73,ab), r(e2,02,4b,72), r(57,8f,1f,e3), r(2a,ab,55,66),\
- r(07,28,eb,b2), r(03,c2,b5,2f), r(9a,7b,c5,86), r(a5,08,37,d3),\
- r(f2,87,28,30), r(b2,a5,bf,23), r(ba,6a,03,02), r(5c,82,16,ed),\
- r(2b,1c,cf,8a), r(92,b4,79,a7), r(f0,f2,07,f3), r(a1,e2,69,4e),\
- r(cd,f4,da,65), r(d5,be,05,06), r(1f,62,34,d1), r(8a,fe,a6,c4),\
- r(9d,53,2e,34), r(a0,55,f3,a2), r(32,e1,8a,05), r(75,eb,f6,a4),\
- r(39,ec,83,0b), r(aa,ef,60,40), r(06,9f,71,5e), r(51,10,6e,bd),\
- r(f9,8a,21,3e), r(3d,06,dd,96), r(ae,05,3e,dd), r(46,bd,e6,4d),\
- r(b5,8d,54,91), r(05,5d,c4,71), r(6f,d4,06,04), r(ff,15,50,60),\
- r(24,fb,98,19), r(97,e9,bd,d6), r(cc,43,40,89), r(77,9e,d9,67),\
- r(bd,42,e8,b0), r(88,8b,89,07), r(38,5b,19,e7), r(db,ee,c8,79),\
- r(47,0a,7c,a1), r(e9,0f,42,7c), r(c9,1e,84,f8), r(00,00,00,00),\
- r(83,86,80,09), r(48,ed,2b,32), r(ac,70,11,1e), r(4e,72,5a,6c),\
- r(fb,ff,0e,fd), r(56,38,85,0f), r(1e,d5,ae,3d), r(27,39,2d,36),\
- r(64,d9,0f,0a), r(21,a6,5c,68), r(d1,54,5b,9b), r(3a,2e,36,24),\
- r(b1,67,0a,0c), r(0f,e7,57,93), r(d2,96,ee,b4), r(9e,91,9b,1b),\
- r(4f,c5,c0,80), r(a2,20,dc,61), r(69,4b,77,5a), r(16,1a,12,1c),\
- r(0a,ba,93,e2), r(e5,2a,a0,c0), r(43,e0,22,3c), r(1d,17,1b,12),\
- r(0b,0d,09,0e), r(ad,c7,8b,f2), r(b9,a8,b6,2d), r(c8,a9,1e,14),\
- r(85,19,f1,57), r(4c,07,75,af), r(bb,dd,99,ee), r(fd,60,7f,a3),\
- r(9f,26,01,f7), r(bc,f5,72,5c), r(c5,3b,66,44), r(34,7e,fb,5b),\
- r(76,29,43,8b), r(dc,c6,23,cb), r(68,fc,ed,b6), r(63,f1,e4,b8),\
- r(ca,dc,31,d7), r(10,85,63,42), r(40,22,97,13), r(20,11,c6,84),\
- r(7d,24,4a,85), r(f8,3d,bb,d2), r(11,32,f9,ae), r(6d,a1,29,c7),\
- r(4b,2f,9e,1d), r(f3,30,b2,dc), r(ec,52,86,0d), r(d0,e3,c1,77),\
- r(6c,16,b3,2b), r(99,b9,70,a9), r(fa,48,94,11), r(22,64,e9,47),\
- r(c4,8c,fc,a8), r(1a,3f,f0,a0), r(d8,2c,7d,56), r(ef,90,33,22),\
- r(c7,4e,49,87), r(c1,d1,38,d9), r(fe,a2,ca,8c), r(36,0b,d4,98),\
- r(cf,81,f5,a6), r(28,de,7a,a5), r(26,8e,b7,da), r(a4,bf,ad,3f),\
- r(e4,9d,3a,2c), r(0d,92,78,50), r(9b,cc,5f,6a), r(62,46,7e,54),\
- r(c2,13,8d,f6), r(e8,b8,d8,90), r(5e,f7,39,2e), r(f5,af,c3,82),\
- r(be,80,5d,9f), r(7c,93,d0,69), r(a9,2d,d5,6f), r(b3,12,25,cf),\
- r(3b,99,ac,c8), r(a7,7d,18,10), r(6e,63,9c,e8), r(7b,bb,3b,db),\
- r(09,78,26,cd), r(f4,18,59,6e), r(01,b7,9a,ec), r(a8,9a,4f,83),\
- r(65,6e,95,e6), r(7e,e6,ff,aa), r(08,cf,bc,21), r(e6,e8,15,ef),\
- r(d9,9b,e7,ba), r(ce,36,6f,4a), r(d4,09,9f,ea), r(d6,7c,b0,29),\
- r(af,b2,a4,31), r(31,23,3f,2a), r(30,94,a5,c6), r(c0,66,a2,35),\
- r(37,bc,4e,74), r(a6,ca,82,fc), r(b0,d0,90,e0), r(15,d8,a7,33),\
- r(4a,98,04,f1), r(f7,da,ec,41), r(0e,50,cd,7f), r(2f,f6,91,17),\
- r(8d,d6,4d,76), r(4d,b0,ef,43), r(54,4d,aa,cc), r(df,04,96,e4),\
- r(e3,b5,d1,9e), r(1b,88,6a,4c), r(b8,1f,2c,c1), r(7f,51,65,46),\
- r(04,ea,5e,9d), r(5d,35,8c,01), r(73,74,87,fa), r(2e,41,0b,fb),\
- r(5a,1d,67,b3), r(52,d2,db,92), r(33,56,10,e9), r(13,47,d6,6d),\
- r(8c,61,d7,9a), r(7a,0c,a1,37), r(8e,14,f8,59), r(89,3c,13,eb),\
- r(ee,27,a9,ce), r(35,c9,61,b7), r(ed,e5,1c,e1), r(3c,b1,47,7a),\
- r(59,df,d2,9c), r(3f,73,f2,55), r(79,ce,14,18), r(bf,37,c7,73),\
- r(ea,cd,f7,53), r(5b,aa,fd,5f), r(14,6f,3d,df), r(86,db,44,78),\
- r(81,f3,af,ca), r(3e,c4,68,b9), r(2c,34,24,38), r(5f,40,a3,c2),\
- r(72,c3,1d,16), r(0c,25,e2,bc), r(8b,49,3c,28), r(41,95,0d,ff),\
- r(71,01,a8,39), r(de,b3,0c,08), r(9c,e4,b4,d8), r(90,c1,56,64),\
- r(61,84,cb,7b), r(70,b6,32,d5), r(74,5c,6c,48), r(42,57,b8,d0)
-
-// generate the required tables in the desired endian format
-
-#undef r
-#define r r0
-
-#if defined(ONE_TABLE)
-static const u_int32_t ft_tab[256] =
- { f_table };
-#elif defined(FOUR_TABLES)
-static const u_int32_t ft_tab[4][256] =
-{ { f_table },
-#undef r
-#define r r1
- { f_table },
-#undef r
-#define r r2
- { f_table },
-#undef r
-#define r r3
- { f_table }
-};
-#endif
-
-#undef r
-#define r r0
-#if defined(ONE_TABLE)
-static const u_int32_t it_tab[256] =
- { i_table };
-#elif defined(FOUR_TABLES)
-static const u_int32_t it_tab[4][256] =
-{ { i_table },
-#undef r
-#define r r1
- { i_table },
-#undef r
-#define r r2
- { i_table },
-#undef r
-#define r r3
- { i_table }
-};
-#endif
-
-#endif
-
-#if defined(FIXED_TABLES) && (defined(ONE_LR_TABLE) || defined(FOUR_LR_TABLES))
-
-// data for inverse tables (last round)
-
-#define li_table \
- w(52), w(09), w(6a), w(d5), w(30), w(36), w(a5), w(38),\
- w(bf), w(40), w(a3), w(9e), w(81), w(f3), w(d7), w(fb),\
- w(7c), w(e3), w(39), w(82), w(9b), w(2f), w(ff), w(87),\
- w(34), w(8e), w(43), w(44), w(c4), w(de), w(e9), w(cb),\
- w(54), w(7b), w(94), w(32), w(a6), w(c2), w(23), w(3d),\
- w(ee), w(4c), w(95), w(0b), w(42), w(fa), w(c3), w(4e),\
- w(08), w(2e), w(a1), w(66), w(28), w(d9), w(24), w(b2),\
- w(76), w(5b), w(a2), w(49), w(6d), w(8b), w(d1), w(25),\
- w(72), w(f8), w(f6), w(64), w(86), w(68), w(98), w(16),\
- w(d4), w(a4), w(5c), w(cc), w(5d), w(65), w(b6), w(92),\
- w(6c), w(70), w(48), w(50), w(fd), w(ed), w(b9), w(da),\
- w(5e), w(15), w(46), w(57), w(a7), w(8d), w(9d), w(84),\
- w(90), w(d8), w(ab), w(00), w(8c), w(bc), w(d3), w(0a),\
- w(f7), w(e4), w(58), w(05), w(b8), w(b3), w(45), w(06),\
- w(d0), w(2c), w(1e), w(8f), w(ca), w(3f), w(0f), w(02),\
- w(c1), w(af), w(bd), w(03), w(01), w(13), w(8a), w(6b),\
- w(3a), w(91), w(11), w(41), w(4f), w(67), w(dc), w(ea),\
- w(97), w(f2), w(cf), w(ce), w(f0), w(b4), w(e6), w(73),\
- w(96), w(ac), w(74), w(22), w(e7), w(ad), w(35), w(85),\
- w(e2), w(f9), w(37), w(e8), w(1c), w(75), w(df), w(6e),\
- w(47), w(f1), w(1a), w(71), w(1d), w(29), w(c5), w(89),\
- w(6f), w(b7), w(62), w(0e), w(aa), w(18), w(be), w(1b),\
- w(fc), w(56), w(3e), w(4b), w(c6), w(d2), w(79), w(20),\
- w(9a), w(db), w(c0), w(fe), w(78), w(cd), w(5a), w(f4),\
- w(1f), w(dd), w(a8), w(33), w(88), w(07), w(c7), w(31),\
- w(b1), w(12), w(10), w(59), w(27), w(80), w(ec), w(5f),\
- w(60), w(51), w(7f), w(a9), w(19), w(b5), w(4a), w(0d),\
- w(2d), w(e5), w(7a), w(9f), w(93), w(c9), w(9c), w(ef),\
- w(a0), w(e0), w(3b), w(4d), w(ae), w(2a), w(f5), w(b0),\
- w(c8), w(eb), w(bb), w(3c), w(83), w(53), w(99), w(61),\
- w(17), w(2b), w(04), w(7e), w(ba), w(77), w(d6), w(26),\
- w(e1), w(69), w(14), w(63), w(55), w(21), w(0c), w(7d),
-
-// generate the required tables in the desired endian format
-
-#undef r
-#define r(p,q,r,s) w0(q)
-#if defined(ONE_LR_TABLE)
-static const u_int32_t fl_tab[256] =
- { f_table };
-#elif defined(FOUR_LR_TABLES)
-static const u_int32_t fl_tab[4][256] =
-{ { f_table },
-#undef r
-#define r(p,q,r,s) w1(q)
- { f_table },
-#undef r
-#define r(p,q,r,s) w2(q)
- { f_table },
-#undef r
-#define r(p,q,r,s) w3(q)
- { f_table }
-};
-#endif
-
-#undef w
-#define w w0
-#if defined(ONE_LR_TABLE)
-static const u_int32_t il_tab[256] =
- { li_table };
-#elif defined(FOUR_LR_TABLES)
-static const u_int32_t il_tab[4][256] =
-{ { li_table },
-#undef w
-#define w w1
- { li_table },
-#undef w
-#define w w2
- { li_table },
-#undef w
-#define w w3
- { li_table }
-};
-#endif
-
-#endif
-
-#if defined(FIXED_TABLES) && (defined(ONE_IM_TABLE) || defined(FOUR_IM_TABLES))
-
-#define m_table \
- r(00,00,00,00), r(0b,0d,09,0e), r(16,1a,12,1c), r(1d,17,1b,12),\
- r(2c,34,24,38), r(27,39,2d,36), r(3a,2e,36,24), r(31,23,3f,2a),\
- r(58,68,48,70), r(53,65,41,7e), r(4e,72,5a,6c), r(45,7f,53,62),\
- r(74,5c,6c,48), r(7f,51,65,46), r(62,46,7e,54), r(69,4b,77,5a),\
- r(b0,d0,90,e0), r(bb,dd,99,ee), r(a6,ca,82,fc), r(ad,c7,8b,f2),\
- r(9c,e4,b4,d8), r(97,e9,bd,d6), r(8a,fe,a6,c4), r(81,f3,af,ca),\
- r(e8,b8,d8,90), r(e3,b5,d1,9e), r(fe,a2,ca,8c), r(f5,af,c3,82),\
- r(c4,8c,fc,a8), r(cf,81,f5,a6), r(d2,96,ee,b4), r(d9,9b,e7,ba),\
- r(7b,bb,3b,db), r(70,b6,32,d5), r(6d,a1,29,c7), r(66,ac,20,c9),\
- r(57,8f,1f,e3), r(5c,82,16,ed), r(41,95,0d,ff), r(4a,98,04,f1),\
- r(23,d3,73,ab), r(28,de,7a,a5), r(35,c9,61,b7), r(3e,c4,68,b9),\
- r(0f,e7,57,93), r(04,ea,5e,9d), r(19,fd,45,8f), r(12,f0,4c,81),\
- r(cb,6b,ab,3b), r(c0,66,a2,35), r(dd,71,b9,27), r(d6,7c,b0,29),\
- r(e7,5f,8f,03), r(ec,52,86,0d), r(f1,45,9d,1f), r(fa,48,94,11),\
- r(93,03,e3,4b), r(98,0e,ea,45), r(85,19,f1,57), r(8e,14,f8,59),\
- r(bf,37,c7,73), r(b4,3a,ce,7d), r(a9,2d,d5,6f), r(a2,20,dc,61),\
- r(f6,6d,76,ad), r(fd,60,7f,a3), r(e0,77,64,b1), r(eb,7a,6d,bf),\
- r(da,59,52,95), r(d1,54,5b,9b), r(cc,43,40,89), r(c7,4e,49,87),\
- r(ae,05,3e,dd), r(a5,08,37,d3), r(b8,1f,2c,c1), r(b3,12,25,cf),\
- r(82,31,1a,e5), r(89,3c,13,eb), r(94,2b,08,f9), r(9f,26,01,f7),\
- r(46,bd,e6,4d), r(4d,b0,ef,43), r(50,a7,f4,51), r(5b,aa,fd,5f),\
- r(6a,89,c2,75), r(61,84,cb,7b), r(7c,93,d0,69), r(77,9e,d9,67),\
- r(1e,d5,ae,3d), r(15,d8,a7,33), r(08,cf,bc,21), r(03,c2,b5,2f),\
- r(32,e1,8a,05), r(39,ec,83,0b), r(24,fb,98,19), r(2f,f6,91,17),\
- r(8d,d6,4d,76), r(86,db,44,78), r(9b,cc,5f,6a), r(90,c1,56,64),\
- r(a1,e2,69,4e), r(aa,ef,60,40), r(b7,f8,7b,52), r(bc,f5,72,5c),\
- r(d5,be,05,06), r(de,b3,0c,08), r(c3,a4,17,1a), r(c8,a9,1e,14),\
- r(f9,8a,21,3e), r(f2,87,28,30), r(ef,90,33,22), r(e4,9d,3a,2c),\
- r(3d,06,dd,96), r(36,0b,d4,98), r(2b,1c,cf,8a), r(20,11,c6,84),\
- r(11,32,f9,ae), r(1a,3f,f0,a0), r(07,28,eb,b2), r(0c,25,e2,bc),\
- r(65,6e,95,e6), r(6e,63,9c,e8), r(73,74,87,fa), r(78,79,8e,f4),\
- r(49,5a,b1,de), r(42,57,b8,d0), r(5f,40,a3,c2), r(54,4d,aa,cc),\
- r(f7,da,ec,41), r(fc,d7,e5,4f), r(e1,c0,fe,5d), r(ea,cd,f7,53),\
- r(db,ee,c8,79), r(d0,e3,c1,77), r(cd,f4,da,65), r(c6,f9,d3,6b),\
- r(af,b2,a4,31), r(a4,bf,ad,3f), r(b9,a8,b6,2d), r(b2,a5,bf,23),\
- r(83,86,80,09), r(88,8b,89,07), r(95,9c,92,15), r(9e,91,9b,1b),\
- r(47,0a,7c,a1), r(4c,07,75,af), r(51,10,6e,bd), r(5a,1d,67,b3),\
- r(6b,3e,58,99), r(60,33,51,97), r(7d,24,4a,85), r(76,29,43,8b),\
- r(1f,62,34,d1), r(14,6f,3d,df), r(09,78,26,cd), r(02,75,2f,c3),\
- r(33,56,10,e9), r(38,5b,19,e7), r(25,4c,02,f5), r(2e,41,0b,fb),\
- r(8c,61,d7,9a), r(87,6c,de,94), r(9a,7b,c5,86), r(91,76,cc,88),\
- r(a0,55,f3,a2), r(ab,58,fa,ac), r(b6,4f,e1,be), r(bd,42,e8,b0),\
- r(d4,09,9f,ea), r(df,04,96,e4), r(c2,13,8d,f6), r(c9,1e,84,f8),\
- r(f8,3d,bb,d2), r(f3,30,b2,dc), r(ee,27,a9,ce), r(e5,2a,a0,c0),\
- r(3c,b1,47,7a), r(37,bc,4e,74), r(2a,ab,55,66), r(21,a6,5c,68),\
- r(10,85,63,42), r(1b,88,6a,4c), r(06,9f,71,5e), r(0d,92,78,50),\
- r(64,d9,0f,0a), r(6f,d4,06,04), r(72,c3,1d,16), r(79,ce,14,18),\
- r(48,ed,2b,32), r(43,e0,22,3c), r(5e,f7,39,2e), r(55,fa,30,20),\
- r(01,b7,9a,ec), r(0a,ba,93,e2), r(17,ad,88,f0), r(1c,a0,81,fe),\
- r(2d,83,be,d4), r(26,8e,b7,da), r(3b,99,ac,c8), r(30,94,a5,c6),\
- r(59,df,d2,9c), r(52,d2,db,92), r(4f,c5,c0,80), r(44,c8,c9,8e),\
- r(75,eb,f6,a4), r(7e,e6,ff,aa), r(63,f1,e4,b8), r(68,fc,ed,b6),\
- r(b1,67,0a,0c), r(ba,6a,03,02), r(a7,7d,18,10), r(ac,70,11,1e),\
- r(9d,53,2e,34), r(96,5e,27,3a), r(8b,49,3c,28), r(80,44,35,26),\
- r(e9,0f,42,7c), r(e2,02,4b,72), r(ff,15,50,60), r(f4,18,59,6e),\
- r(c5,3b,66,44), r(ce,36,6f,4a), r(d3,21,74,58), r(d8,2c,7d,56),\
- r(7a,0c,a1,37), r(71,01,a8,39), r(6c,16,b3,2b), r(67,1b,ba,25),\
- r(56,38,85,0f), r(5d,35,8c,01), r(40,22,97,13), r(4b,2f,9e,1d),\
- r(22,64,e9,47), r(29,69,e0,49), r(34,7e,fb,5b), r(3f,73,f2,55),\
- r(0e,50,cd,7f), r(05,5d,c4,71), r(18,4a,df,63), r(13,47,d6,6d),\
- r(ca,dc,31,d7), r(c1,d1,38,d9), r(dc,c6,23,cb), r(d7,cb,2a,c5),\
- r(e6,e8,15,ef), r(ed,e5,1c,e1), r(f0,f2,07,f3), r(fb,ff,0e,fd),\
- r(92,b4,79,a7), r(99,b9,70,a9), r(84,ae,6b,bb), r(8f,a3,62,b5),\
- r(be,80,5d,9f), r(b5,8d,54,91), r(a8,9a,4f,83), r(a3,97,46,8d)
-
-#undef r
-#define r r0
-
-#if defined(ONE_IM_TABLE)
-static const u_int32_t im_tab[256] =
- { m_table };
-#elif defined(FOUR_IM_TABLES)
-static const u_int32_t im_tab[4][256] =
-{ { m_table },
-#undef r
-#define r r1
- { m_table },
-#undef r
-#define r r2
- { m_table },
-#undef r
-#define r r3
- { m_table }
-};
-#endif
-
-#endif
-
-#else
-
-static int tab_gen = 0;
-
-static unsigned char s_box[256]; // the S box
-static unsigned char inv_s_box[256]; // the inverse S box
-static u_int32_t rcon_tab[AES_RC_LENGTH]; // table of round constants
-
-#if defined(ONE_TABLE)
-static u_int32_t ft_tab[256];
-static u_int32_t it_tab[256];
-#elif defined(FOUR_TABLES)
-static u_int32_t ft_tab[4][256];
-static u_int32_t it_tab[4][256];
-#endif
-
-#if defined(ONE_LR_TABLE)
-static u_int32_t fl_tab[256];
-static u_int32_t il_tab[256];
-#elif defined(FOUR_LR_TABLES)
-static u_int32_t fl_tab[4][256];
-static u_int32_t il_tab[4][256];
-#endif
-
-#if defined(ONE_IM_TABLE)
-static u_int32_t im_tab[256];
-#elif defined(FOUR_IM_TABLES)
-static u_int32_t im_tab[4][256];
-#endif
-
-// Generate the tables for the dynamic table option
-
-#if !defined(FF_TABLES)
-
-// It will generally be sensible to use tables to compute finite
-// field multiplies and inverses but where memory is scarse this
-// code might sometimes be better.
-
-// return 2 ^ (n - 1) where n is the bit number of the highest bit
-// set in x with x in the range 1 < x < 0x00000200. This form is
-// used so that locals within FFinv can be bytes rather than words
-
-static unsigned char hibit(const u_int32_t x)
-{ unsigned char r = (unsigned char)((x >> 1) | (x >> 2));
-
- r |= (r >> 2);
- r |= (r >> 4);
- return (r + 1) >> 1;
-}
-
-// return the inverse of the finite field element x
-
-static unsigned char FFinv(const unsigned char x)
-{ unsigned char p1 = x, p2 = 0x1b, n1 = hibit(x), n2 = 0x80, v1 = 1, v2 = 0;
-
- if(x < 2) return x;
-
- for(;;)
- {
- if(!n1) return v1;
-
- while(n2 >= n1)
- {
- n2 /= n1; p2 ^= p1 * n2; v2 ^= v1 * n2; n2 = hibit(p2);
- }
-
- if(!n2) return v2;
-
- while(n1 >= n2)
- {
- n1 /= n2; p1 ^= p2 * n1; v1 ^= v2 * n1; n1 = hibit(p1);
- }
- }
-}
-
-// define the finite field multiplies required for Rijndael
-
-#define FFmul02(x) ((((x) & 0x7f) << 1) ^ ((x) & 0x80 ? 0x1b : 0))
-#define FFmul03(x) ((x) ^ FFmul02(x))
-#define FFmul09(x) ((x) ^ FFmul02(FFmul02(FFmul02(x))))
-#define FFmul0b(x) ((x) ^ FFmul02((x) ^ FFmul02(FFmul02(x))))
-#define FFmul0d(x) ((x) ^ FFmul02(FFmul02((x) ^ FFmul02(x))))
-#define FFmul0e(x) FFmul02((x) ^ FFmul02((x) ^ FFmul02(x)))
-
-#else
-
-#define FFinv(x) ((x) ? pow[255 - log[x]]: 0)
-
-#define FFmul02(x) (x ? pow[log[x] + 0x19] : 0)
-#define FFmul03(x) (x ? pow[log[x] + 0x01] : 0)
-#define FFmul09(x) (x ? pow[log[x] + 0xc7] : 0)
-#define FFmul0b(x) (x ? pow[log[x] + 0x68] : 0)
-#define FFmul0d(x) (x ? pow[log[x] + 0xee] : 0)
-#define FFmul0e(x) (x ? pow[log[x] + 0xdf] : 0)
-
-#endif
-
-// The forward and inverse affine transformations used in the S-box
-
-#define fwd_affine(x) \
- (w = (u_int32_t)x, w ^= (w<<1)^(w<<2)^(w<<3)^(w<<4), 0x63^(unsigned char)(w^(w>>8)))
-
-#define inv_affine(x) \
- (w = (u_int32_t)x, w = (w<<1)^(w<<3)^(w<<6), 0x05^(unsigned char)(w^(w>>8)))
-
-static void gen_tabs(void)
-{ u_int32_t i, w;
-
-#if defined(FF_TABLES)
-
- unsigned char pow[512], log[256];
-
- // log and power tables for GF(2^8) finite field with
- // 0x011b as modular polynomial - the simplest primitive
- // root is 0x03, used here to generate the tables
-
- i = 0; w = 1;
- do
- {
- pow[i] = (unsigned char)w;
- pow[i + 255] = (unsigned char)w;
- log[w] = (unsigned char)i++;
- w ^= (w << 1) ^ (w & ff_hi ? ff_poly : 0);
- }
- while (w != 1);
-
-#endif
-
- for(i = 0, w = 1; i < AES_RC_LENGTH; ++i)
- {
- rcon_tab[i] = bytes2word(w, 0, 0, 0);
- w = (w << 1) ^ (w & ff_hi ? ff_poly : 0);
- }
-
- for(i = 0; i < 256; ++i)
- { unsigned char b;
-
- s_box[i] = b = fwd_affine(FFinv((unsigned char)i));
-
- w = bytes2word(b, 0, 0, 0);
-#if defined(ONE_LR_TABLE)
- fl_tab[i] = w;
-#elif defined(FOUR_LR_TABLES)
- fl_tab[0][i] = w;
- fl_tab[1][i] = upr(w,1);
- fl_tab[2][i] = upr(w,2);
- fl_tab[3][i] = upr(w,3);
-#endif
- w = bytes2word(FFmul02(b), b, b, FFmul03(b));
-#if defined(ONE_TABLE)
- ft_tab[i] = w;
-#elif defined(FOUR_TABLES)
- ft_tab[0][i] = w;
- ft_tab[1][i] = upr(w,1);
- ft_tab[2][i] = upr(w,2);
- ft_tab[3][i] = upr(w,3);
-#endif
- inv_s_box[i] = b = FFinv(inv_affine((unsigned char)i));
-
- w = bytes2word(b, 0, 0, 0);
-#if defined(ONE_LR_TABLE)
- il_tab[i] = w;
-#elif defined(FOUR_LR_TABLES)
- il_tab[0][i] = w;
- il_tab[1][i] = upr(w,1);
- il_tab[2][i] = upr(w,2);
- il_tab[3][i] = upr(w,3);
-#endif
- w = bytes2word(FFmul0e(b), FFmul09(b), FFmul0d(b), FFmul0b(b));
-#if defined(ONE_TABLE)
- it_tab[i] = w;
-#elif defined(FOUR_TABLES)
- it_tab[0][i] = w;
- it_tab[1][i] = upr(w,1);
- it_tab[2][i] = upr(w,2);
- it_tab[3][i] = upr(w,3);
-#endif
-#if defined(ONE_IM_TABLE)
- im_tab[b] = w;
-#elif defined(FOUR_IM_TABLES)
- im_tab[0][b] = w;
- im_tab[1][b] = upr(w,1);
- im_tab[2][b] = upr(w,2);
- im_tab[3][b] = upr(w,3);
-#endif
-
- }
-}
-
-#endif
-
-#define no_table(x,box,vf,rf,c) bytes2word( \
- box[bval(vf(x,0,c),rf(0,c))], \
- box[bval(vf(x,1,c),rf(1,c))], \
- box[bval(vf(x,2,c),rf(2,c))], \
- box[bval(vf(x,3,c),rf(3,c))])
-
-#define one_table(x,op,tab,vf,rf,c) \
- ( tab[bval(vf(x,0,c),rf(0,c))] \
- ^ op(tab[bval(vf(x,1,c),rf(1,c))],1) \
- ^ op(tab[bval(vf(x,2,c),rf(2,c))],2) \
- ^ op(tab[bval(vf(x,3,c),rf(3,c))],3))
-
-#define four_tables(x,tab,vf,rf,c) \
- ( tab[0][bval(vf(x,0,c),rf(0,c))] \
- ^ tab[1][bval(vf(x,1,c),rf(1,c))] \
- ^ tab[2][bval(vf(x,2,c),rf(2,c))] \
- ^ tab[3][bval(vf(x,3,c),rf(3,c))])
-
-#define vf1(x,r,c) (x)
-#define rf1(r,c) (r)
-#define rf2(r,c) ((r-c)&3)
-
-#if defined(FOUR_LR_TABLES)
-#define ls_box(x,c) four_tables(x,fl_tab,vf1,rf2,c)
-#elif defined(ONE_LR_TABLE)
-#define ls_box(x,c) one_table(x,upr,fl_tab,vf1,rf2,c)
-#else
-#define ls_box(x,c) no_table(x,s_box,vf1,rf2,c)
-#endif
-
-#if defined(FOUR_IM_TABLES)
-#define inv_mcol(x) four_tables(x,im_tab,vf1,rf1,0)
-#elif defined(ONE_IM_TABLE)
-#define inv_mcol(x) one_table(x,upr,im_tab,vf1,rf1,0)
-#else
-#define inv_mcol(x) \
- (f9 = (x),f2 = FFmulX(f9), f4 = FFmulX(f2), f8 = FFmulX(f4), f9 ^= f8, \
- f2 ^= f4 ^ f8 ^ upr(f2 ^ f9,3) ^ upr(f4 ^ f9,2) ^ upr(f9,1))
-#endif
-
-#define nc (this->aes_Ncol)
-
-// Initialise the key schedule from the user supplied key. The key
-// length is now specified in bytes - 16, 24 or 32 as appropriate.
-// This corresponds to bit lengths of 128, 192 and 256 bits, and
-// to Nk values of 4, 6 and 8 respectively.
-
-#define mx(t,f) (*t++ = inv_mcol(*f),f++)
-#define cp(t,f) *t++ = *f++
-
-#if AES_BLOCK_SIZE == 16
-#define cpy(d,s) cp(d,s); cp(d,s); cp(d,s); cp(d,s)
-#define mix(d,s) mx(d,s); mx(d,s); mx(d,s); mx(d,s)
-#elif AES_BLOCK_SIZE == 24
-#define cpy(d,s) cp(d,s); cp(d,s); cp(d,s); cp(d,s); \
- cp(d,s); cp(d,s)
-#define mix(d,s) mx(d,s); mx(d,s); mx(d,s); mx(d,s); \
- mx(d,s); mx(d,s)
-#elif AES_BLOCK_SIZE == 32
-#define cpy(d,s) cp(d,s); cp(d,s); cp(d,s); cp(d,s); \
- cp(d,s); cp(d,s); cp(d,s); cp(d,s)
-#define mix(d,s) mx(d,s); mx(d,s); mx(d,s); mx(d,s); \
- mx(d,s); mx(d,s); mx(d,s); mx(d,s)
-#else
-
-#define cpy(d,s) \
-switch(nc) \
-{ case 8: cp(d,s); cp(d,s); \
- case 6: cp(d,s); cp(d,s); \
- case 4: cp(d,s); cp(d,s); \
- cp(d,s); cp(d,s); \
-}
-
-#define mix(d,s) \
-switch(nc) \
-{ case 8: mx(d,s); mx(d,s); \
- case 6: mx(d,s); mx(d,s); \
- case 4: mx(d,s); mx(d,s); \
- mx(d,s); mx(d,s); \
-}
-
-#endif
-
-// y = output word, x = input word, r = row, c = column
-// for r = 0, 1, 2 and 3 = column accessed for row r
-
-#if defined(ARRAYS)
-#define s(x,c) x[c]
-#else
-#define s(x,c) x##c
-#endif
-
-// I am grateful to Frank Yellin for the following constructions
-// which, given the column (c) of the output state variable that
-// is being computed, return the input state variables which are
-// needed for each row (r) of the state
-
-// For the fixed block size options, compilers reduce these two
-// expressions to fixed variable references. For variable block
-// size code conditional clauses will sometimes be returned
-
-#define unused 77 // Sunset Strip
-
-#define fwd_var(x,r,c) \
- ( r==0 ? \
- ( c==0 ? s(x,0) \
- : c==1 ? s(x,1) \
- : c==2 ? s(x,2) \
- : c==3 ? s(x,3) \
- : c==4 ? s(x,4) \
- : c==5 ? s(x,5) \
- : c==6 ? s(x,6) \
- : s(x,7)) \
- : r==1 ? \
- ( c==0 ? s(x,1) \
- : c==1 ? s(x,2) \
- : c==2 ? s(x,3) \
- : c==3 ? nc==4 ? s(x,0) : s(x,4) \
- : c==4 ? s(x,5) \
- : c==5 ? nc==8 ? s(x,6) : s(x,0) \
- : c==6 ? s(x,7) \
- : s(x,0)) \
- : r==2 ? \
- ( c==0 ? nc==8 ? s(x,3) : s(x,2) \
- : c==1 ? nc==8 ? s(x,4) : s(x,3) \
- : c==2 ? nc==4 ? s(x,0) : nc==8 ? s(x,5) : s(x,4) \
- : c==3 ? nc==4 ? s(x,1) : nc==8 ? s(x,6) : s(x,5) \
- : c==4 ? nc==8 ? s(x,7) : s(x,0) \
- : c==5 ? nc==8 ? s(x,0) : s(x,1) \
- : c==6 ? s(x,1) \
- : s(x,2)) \
- : \
- ( c==0 ? nc==8 ? s(x,4) : s(x,3) \
- : c==1 ? nc==4 ? s(x,0) : nc==8 ? s(x,5) : s(x,4) \
- : c==2 ? nc==4 ? s(x,1) : nc==8 ? s(x,6) : s(x,5) \
- : c==3 ? nc==4 ? s(x,2) : nc==8 ? s(x,7) : s(x,0) \
- : c==4 ? nc==8 ? s(x,0) : s(x,1) \
- : c==5 ? nc==8 ? s(x,1) : s(x,2) \
- : c==6 ? s(x,2) \
- : s(x,3)))
-
-#define inv_var(x,r,c) \
- ( r==0 ? \
- ( c==0 ? s(x,0) \
- : c==1 ? s(x,1) \
- : c==2 ? s(x,2) \
- : c==3 ? s(x,3) \
- : c==4 ? s(x,4) \
- : c==5 ? s(x,5) \
- : c==6 ? s(x,6) \
- : s(x,7)) \
- : r==1 ? \
- ( c==0 ? nc==4 ? s(x,3) : nc==8 ? s(x,7) : s(x,5) \
- : c==1 ? s(x,0) \
- : c==2 ? s(x,1) \
- : c==3 ? s(x,2) \
- : c==4 ? s(x,3) \
- : c==5 ? s(x,4) \
- : c==6 ? s(x,5) \
- : s(x,6)) \
- : r==2 ? \
- ( c==0 ? nc==4 ? s(x,2) : nc==8 ? s(x,5) : s(x,4) \
- : c==1 ? nc==4 ? s(x,3) : nc==8 ? s(x,6) : s(x,5) \
- : c==2 ? nc==8 ? s(x,7) : s(x,0) \
- : c==3 ? nc==8 ? s(x,0) : s(x,1) \
- : c==4 ? nc==8 ? s(x,1) : s(x,2) \
- : c==5 ? nc==8 ? s(x,2) : s(x,3) \
- : c==6 ? s(x,3) \
- : s(x,4)) \
- : \
- ( c==0 ? nc==4 ? s(x,1) : nc==8 ? s(x,4) : s(x,3) \
- : c==1 ? nc==4 ? s(x,2) : nc==8 ? s(x,5) : s(x,4) \
- : c==2 ? nc==4 ? s(x,3) : nc==8 ? s(x,6) : s(x,5) \
- : c==3 ? nc==8 ? s(x,7) : s(x,0) \
- : c==4 ? nc==8 ? s(x,0) : s(x,1) \
- : c==5 ? nc==8 ? s(x,1) : s(x,2) \
- : c==6 ? s(x,2) \
- : s(x,3)))
-
-#define si(y,x,k,c) s(y,c) = const_word_in(x + 4 * c) ^ k[c]
-#define so(y,x,c) word_out(y + 4 * c, s(x,c))
-
-#if defined(FOUR_TABLES)
-#define fwd_rnd(y,x,k,c) s(y,c)= (k)[c] ^ four_tables(x,ft_tab,fwd_var,rf1,c)
-#define inv_rnd(y,x,k,c) s(y,c)= (k)[c] ^ four_tables(x,it_tab,inv_var,rf1,c)
-#elif defined(ONE_TABLE)
-#define fwd_rnd(y,x,k,c) s(y,c)= (k)[c] ^ one_table(x,upr,ft_tab,fwd_var,rf1,c)
-#define inv_rnd(y,x,k,c) s(y,c)= (k)[c] ^ one_table(x,upr,it_tab,inv_var,rf1,c)
-#else
-#define fwd_rnd(y,x,k,c) s(y,c) = fwd_mcol(no_table(x,s_box,fwd_var,rf1,c)) ^ (k)[c]
-#define inv_rnd(y,x,k,c) s(y,c) = inv_mcol(no_table(x,inv_s_box,inv_var,rf1,c) ^ (k)[c])
-#endif
-
-#if defined(FOUR_LR_TABLES)
-#define fwd_lrnd(y,x,k,c) s(y,c)= (k)[c] ^ four_tables(x,fl_tab,fwd_var,rf1,c)
-#define inv_lrnd(y,x,k,c) s(y,c)= (k)[c] ^ four_tables(x,il_tab,inv_var,rf1,c)
-#elif defined(ONE_LR_TABLE)
-#define fwd_lrnd(y,x,k,c) s(y,c)= (k)[c] ^ one_table(x,ups,fl_tab,fwd_var,rf1,c)
-#define inv_lrnd(y,x,k,c) s(y,c)= (k)[c] ^ one_table(x,ups,il_tab,inv_var,rf1,c)
-#else
-#define fwd_lrnd(y,x,k,c) s(y,c) = no_table(x,s_box,fwd_var,rf1,c) ^ (k)[c]
-#define inv_lrnd(y,x,k,c) s(y,c) = no_table(x,inv_s_box,inv_var,rf1,c) ^ (k)[c]
-#endif
-
-#if AES_BLOCK_SIZE == 16
-
-#if defined(ARRAYS)
-#define locals(y,x) x[4],y[4]
-#else
-#define locals(y,x) x##0,x##1,x##2,x##3,y##0,y##1,y##2,y##3
-// the following defines prevent the compiler requiring the declaration
-// of generated but unused variables in the fwd_var and inv_var macros
-#define b04 unused
-#define b05 unused
-#define b06 unused
-#define b07 unused
-#define b14 unused
-#define b15 unused
-#define b16 unused
-#define b17 unused
-#endif
-#define l_copy(y, x) s(y,0) = s(x,0); s(y,1) = s(x,1); \
- s(y,2) = s(x,2); s(y,3) = s(x,3);
-#define state_in(y,x,k) si(y,x,k,0); si(y,x,k,1); si(y,x,k,2); si(y,x,k,3)
-#define state_out(y,x) so(y,x,0); so(y,x,1); so(y,x,2); so(y,x,3)
-#define round(rm,y,x,k) rm(y,x,k,0); rm(y,x,k,1); rm(y,x,k,2); rm(y,x,k,3)
-
-#elif AES_BLOCK_SIZE == 24
-
-#if defined(ARRAYS)
-#define locals(y,x) x[6],y[6]
-#else
-#define locals(y,x) x##0,x##1,x##2,x##3,x##4,x##5, \
- y##0,y##1,y##2,y##3,y##4,y##5
-#define b06 unused
-#define b07 unused
-#define b16 unused
-#define b17 unused
-#endif
-#define l_copy(y, x) s(y,0) = s(x,0); s(y,1) = s(x,1); \
- s(y,2) = s(x,2); s(y,3) = s(x,3); \
- s(y,4) = s(x,4); s(y,5) = s(x,5);
-#define state_in(y,x,k) si(y,x,k,0); si(y,x,k,1); si(y,x,k,2); \
- si(y,x,k,3); si(y,x,k,4); si(y,x,k,5)
-#define state_out(y,x) so(y,x,0); so(y,x,1); so(y,x,2); \
- so(y,x,3); so(y,x,4); so(y,x,5)
-#define round(rm,y,x,k) rm(y,x,k,0); rm(y,x,k,1); rm(y,x,k,2); \
- rm(y,x,k,3); rm(y,x,k,4); rm(y,x,k,5)
-#else
-
-#if defined(ARRAYS)
-#define locals(y,x) x[8],y[8]
-#else
-#define locals(y,x) x##0,x##1,x##2,x##3,x##4,x##5,x##6,x##7, \
- y##0,y##1,y##2,y##3,y##4,y##5,y##6,y##7
-#endif
-#define l_copy(y, x) s(y,0) = s(x,0); s(y,1) = s(x,1); \
- s(y,2) = s(x,2); s(y,3) = s(x,3); \
- s(y,4) = s(x,4); s(y,5) = s(x,5); \
- s(y,6) = s(x,6); s(y,7) = s(x,7);
-
-#if AES_BLOCK_SIZE == 32
-
-#define state_in(y,x,k) si(y,x,k,0); si(y,x,k,1); si(y,x,k,2); si(y,x,k,3); \
- si(y,x,k,4); si(y,x,k,5); si(y,x,k,6); si(y,x,k,7)
-#define state_out(y,x) so(y,x,0); so(y,x,1); so(y,x,2); so(y,x,3); \
- so(y,x,4); so(y,x,5); so(y,x,6); so(y,x,7)
-#define round(rm,y,x,k) rm(y,x,k,0); rm(y,x,k,1); rm(y,x,k,2); rm(y,x,k,3); \
- rm(y,x,k,4); rm(y,x,k,5); rm(y,x,k,6); rm(y,x,k,7)
-#else
-
-#define state_in(y,x,k) \
-switch(nc) \
-{ case 8: si(y,x,k,7); si(y,x,k,6); \
- case 6: si(y,x,k,5); si(y,x,k,4); \
- case 4: si(y,x,k,3); si(y,x,k,2); \
- si(y,x,k,1); si(y,x,k,0); \
-}
-
-#define state_out(y,x) \
-switch(nc) \
-{ case 8: so(y,x,7); so(y,x,6); \
- case 6: so(y,x,5); so(y,x,4); \
- case 4: so(y,x,3); so(y,x,2); \
- so(y,x,1); so(y,x,0); \
-}
-
-#if defined(FAST_VARIABLE)
-
-#define round(rm,y,x,k) \
-switch(nc) \
-{ case 8: rm(y,x,k,7); rm(y,x,k,6); \
- rm(y,x,k,5); rm(y,x,k,4); \
- rm(y,x,k,3); rm(y,x,k,2); \
- rm(y,x,k,1); rm(y,x,k,0); \
- break; \
- case 6: rm(y,x,k,5); rm(y,x,k,4); \
- rm(y,x,k,3); rm(y,x,k,2); \
- rm(y,x,k,1); rm(y,x,k,0); \
- break; \
- case 4: rm(y,x,k,3); rm(y,x,k,2); \
- rm(y,x,k,1); rm(y,x,k,0); \
- break; \
-}
-#else
-
-#define round(rm,y,x,k) \
-switch(nc) \
-{ case 8: rm(y,x,k,7); rm(y,x,k,6); \
- case 6: rm(y,x,k,5); rm(y,x,k,4); \
- case 4: rm(y,x,k,3); rm(y,x,k,2); \
- rm(y,x,k,1); rm(y,x,k,0); \
-}
-
-#endif
-
-#endif
-#endif
-
-/**
- * Implementation of private_aes_cbc_crypter_t.encrypt_block.
- */
-static void encrypt_block(const private_aes_cbc_crypter_t *this, const unsigned char in_blk[], unsigned char out_blk[])
-{ u_int32_t locals(b0, b1);
- const u_int32_t *kp = this->aes_e_key;
-
-#if !defined(ONE_TABLE) && !defined(FOUR_TABLES)
- u_int32_t f2;
-#endif
-
- state_in(b0, in_blk, kp); kp += nc;
-
-#if defined(UNROLL)
-
- switch(this->aes_Nrnd)
- {
- case 14: round(fwd_rnd, b1, b0, kp );
- round(fwd_rnd, b0, b1, kp + nc ); kp += 2 * nc;
- case 12: round(fwd_rnd, b1, b0, kp );
- round(fwd_rnd, b0, b1, kp + nc ); kp += 2 * nc;
- case 10: round(fwd_rnd, b1, b0, kp );
- round(fwd_rnd, b0, b1, kp + nc);
- round(fwd_rnd, b1, b0, kp + 2 * nc);
- round(fwd_rnd, b0, b1, kp + 3 * nc);
- round(fwd_rnd, b1, b0, kp + 4 * nc);
- round(fwd_rnd, b0, b1, kp + 5 * nc);
- round(fwd_rnd, b1, b0, kp + 6 * nc);
- round(fwd_rnd, b0, b1, kp + 7 * nc);
- round(fwd_rnd, b1, b0, kp + 8 * nc);
- round(fwd_lrnd, b0, b1, kp + 9 * nc);
- }
-
-#elif defined(PARTIAL_UNROLL)
- { u_int32_t rnd;
-
- for(rnd = 0; rnd < (this->aes_Nrnd >> 1) - 1; ++rnd)
- {
- round(fwd_rnd, b1, b0, kp);
- round(fwd_rnd, b0, b1, kp + nc); kp += 2 * nc;
- }
-
- round(fwd_rnd, b1, b0, kp);
- round(fwd_lrnd, b0, b1, kp + nc);
- }
-#else
- { u_int32_t rnd;
-
- for(rnd = 0; rnd < this->aes_Nrnd - 1; ++rnd)
- {
- round(fwd_rnd, b1, b0, kp);
- l_copy(b0, b1); kp += nc;
- }
-
- round(fwd_lrnd, b0, b1, kp);
- }
-#endif
-
- state_out(out_blk, b0);
-}
-
-/**
- * Implementation of private_aes_cbc_crypter_t.decrypt_block.
- */
-static void decrypt_block(const private_aes_cbc_crypter_t *this, const unsigned char in_blk[], unsigned char out_blk[])
-{ u_int32_t locals(b0, b1);
- const u_int32_t *kp = this->aes_d_key;
-
-#if !defined(ONE_TABLE) && !defined(FOUR_TABLES)
- u_int32_t f2, f4, f8, f9;
-#endif
-
- state_in(b0, in_blk, kp); kp += nc;
-
-#if defined(UNROLL)
-
- switch(this->aes_Nrnd)
- {
- case 14: round(inv_rnd, b1, b0, kp );
- round(inv_rnd, b0, b1, kp + nc ); kp += 2 * nc;
- case 12: round(inv_rnd, b1, b0, kp );
- round(inv_rnd, b0, b1, kp + nc ); kp += 2 * nc;
- case 10: round(inv_rnd, b1, b0, kp );
- round(inv_rnd, b0, b1, kp + nc);
- round(inv_rnd, b1, b0, kp + 2 * nc);
- round(inv_rnd, b0, b1, kp + 3 * nc);
- round(inv_rnd, b1, b0, kp + 4 * nc);
- round(inv_rnd, b0, b1, kp + 5 * nc);
- round(inv_rnd, b1, b0, kp + 6 * nc);
- round(inv_rnd, b0, b1, kp + 7 * nc);
- round(inv_rnd, b1, b0, kp + 8 * nc);
- round(inv_lrnd, b0, b1, kp + 9 * nc);
- }
-
-#elif defined(PARTIAL_UNROLL)
- { u_int32_t rnd;
-
- for(rnd = 0; rnd < (this->aes_Nrnd >> 1) - 1; ++rnd)
- {
- round(inv_rnd, b1, b0, kp);
- round(inv_rnd, b0, b1, kp + nc); kp += 2 * nc;
- }
-
- round(inv_rnd, b1, b0, kp);
- round(inv_lrnd, b0, b1, kp + nc);
- }
-#else
- { u_int32_t rnd;
-
- for(rnd = 0; rnd < this->aes_Nrnd - 1; ++rnd)
- {
- round(inv_rnd, b1, b0, kp);
- l_copy(b0, b1); kp += nc;
- }
-
- round(inv_lrnd, b0, b1, kp);
- }
-#endif
-
- state_out(out_blk, b0);
-}
-
-/**
- * Implementation of crypter_t.decrypt.
- */
-static status_t decrypt (private_aes_cbc_crypter_t *this, chunk_t data, chunk_t iv, chunk_t *decrypted)
-{
- int ret, pos;
- const u_int32_t *iv_i;
- u_int8_t *in, *out;
-
- ret = data.len;
- if (((data.len) % 16) != 0)
- {
- /* data length must be padded to a multiple of blocksize */
- return INVALID_ARG;
- }
-
- decrypted->ptr = malloc(data.len);
- if (decrypted->ptr == NULL)
- {
- return OUT_OF_RES;
- }
- decrypted->len = data.len;
-
- in = data.ptr;
- out = decrypted->ptr;
-
- pos=data.len-16;
- in+=pos;
- out+=pos;
- while(pos>=0) {
- this->decrypt_block(this,in,out);
- if (pos==0)
- iv_i=(const u_int32_t*) (iv.ptr);
- else
- iv_i=(const u_int32_t*) (in-16);
- *((u_int32_t *)(&out[ 0])) ^= iv_i[0];
- *((u_int32_t *)(&out[ 4])) ^= iv_i[1];
- *((u_int32_t *)(&out[ 8])) ^= iv_i[2];
- *((u_int32_t *)(&out[12])) ^= iv_i[3];
- in-=16;
- out-=16;
- pos-=16;
- }
-
- return SUCCESS;
-}
-
-
-/**
- * Implementation of crypter_t.decrypt.
- */
-static status_t encrypt (private_aes_cbc_crypter_t *this, chunk_t data, chunk_t iv, chunk_t *encrypted)
-{
- int ret, pos;
- const u_int32_t *iv_i;
- u_int8_t *in, *out;
-
- ret = data.len;
- if (((data.len) % 16) != 0)
- {
- /* data length must be padded to a multiple of blocksize */
- return INVALID_ARG;
- }
-
- encrypted->ptr = malloc(data.len);
- if (encrypted->ptr == NULL)
- {
- return OUT_OF_RES;
- }
- encrypted->len = data.len;
-
- in = data.ptr;
- out = encrypted->ptr;
-
- pos=0;
- while(pos<data.len)
- {
- if (pos==0)
- iv_i=(const u_int32_t*) iv.ptr;
- else
- iv_i=(const u_int32_t*) (out-16);
- *((u_int32_t *)(&out[ 0])) = iv_i[0]^*((const u_int32_t *)(&in[ 0]));
- *((u_int32_t *)(&out[ 4])) = iv_i[1]^*((const u_int32_t *)(&in[ 4]));
- *((u_int32_t *)(&out[ 8])) = iv_i[2]^*((const u_int32_t *)(&in[ 8]));
- *((u_int32_t *)(&out[12])) = iv_i[3]^*((const u_int32_t *)(&in[12]));
- this->encrypt_block(this,out,out);
- in+=16;
- out+=16;
- pos+=16;
- }
- return SUCCESS;
-}
-
-/**
- * Implementation of crypter_t.get_block_size.
- */
-static size_t get_block_size (private_aes_cbc_crypter_t *this)
-{
- return AES_BLOCK_SIZE;
-}
-
-/**
- * Implementation of crypter_t.get_key_size.
- */
-static size_t get_key_size (private_aes_cbc_crypter_t *this)
-{
- return this->key_size;
-}
-
-/**
- * Implementation of crypter_t.set_key.
- */
-static status_t set_key (private_aes_cbc_crypter_t *this, chunk_t key)
-{
- u_int32_t *kf, *kt, rci, f = 0;
- u_int8_t *in_key = key.ptr;
-
- if (key.len != this->key_size)
- {
- return INVALID_ARG;
- }
-
- this->aes_Nrnd = (this->aes_Nkey > (this->aes_Ncol) ? this->aes_Nkey : (this->aes_Ncol)) + 6;
-
- this->aes_e_key[0] = const_word_in(in_key );
- this->aes_e_key[1] = const_word_in(in_key + 4);
- this->aes_e_key[2] = const_word_in(in_key + 8);
- this->aes_e_key[3] = const_word_in(in_key + 12);
-
- kf = this->aes_e_key;
- kt = kf + nc * (this->aes_Nrnd + 1) - this->aes_Nkey;
- rci = 0;
-
- switch(this->aes_Nkey)
- {
- case 4: do
- { kf[4] = kf[0] ^ ls_box(kf[3],3) ^ rcon_tab[rci++];
- kf[5] = kf[1] ^ kf[4];
- kf[6] = kf[2] ^ kf[5];
- kf[7] = kf[3] ^ kf[6];
- kf += 4;
- }
- while(kf < kt);
- break;
-
- case 6: this->aes_e_key[4] = const_word_in(in_key + 16);
- this->aes_e_key[5] = const_word_in(in_key + 20);
- do
- { kf[ 6] = kf[0] ^ ls_box(kf[5],3) ^ rcon_tab[rci++];
- kf[ 7] = kf[1] ^ kf[ 6];
- kf[ 8] = kf[2] ^ kf[ 7];
- kf[ 9] = kf[3] ^ kf[ 8];
- kf[10] = kf[4] ^ kf[ 9];
- kf[11] = kf[5] ^ kf[10];
- kf += 6;
- }
- while(kf < kt);
- break;
-
- case 8: this->aes_e_key[4] = const_word_in(in_key + 16);
- this->aes_e_key[5] = const_word_in(in_key + 20);
- this->aes_e_key[6] = const_word_in(in_key + 24);
- this->aes_e_key[7] = const_word_in(in_key + 28);
- do
- { kf[ 8] = kf[0] ^ ls_box(kf[7],3) ^ rcon_tab[rci++];
- kf[ 9] = kf[1] ^ kf[ 8];
- kf[10] = kf[2] ^ kf[ 9];
- kf[11] = kf[3] ^ kf[10];
- kf[12] = kf[4] ^ ls_box(kf[11],0);
- kf[13] = kf[5] ^ kf[12];
- kf[14] = kf[6] ^ kf[13];
- kf[15] = kf[7] ^ kf[14];
- kf += 8;
- }
- while (kf < kt);
- break;
- }
-
- if(!f)
- {
- u_int32_t i;
-
- kt = this->aes_d_key + nc * this->aes_Nrnd;
- kf = this->aes_e_key;
-
- cpy(kt, kf); kt -= 2 * nc;
-
- for(i = 1; i < this->aes_Nrnd; ++i)
- {
-#if defined(ONE_TABLE) || defined(FOUR_TABLES)
-#if !defined(ONE_IM_TABLE) && !defined(FOUR_IM_TABLES)
- u_int32_t f2, f4, f8, f9;
-#endif
- mix(kt, kf);
-#else
- cpy(kt, kf);
-#endif
- kt -= 2 * nc;
- }
- cpy(kt, kf);
- }
-
- return SUCCESS;
-}
-
-/**
- * Implementation of crypter_t.destroy and aes_cbc_crypter_t.destroy.
- */
-static void destroy (private_aes_cbc_crypter_t *this)
-{
- free(this);
-}
-
-/*
- * Described in header
- */
-aes_cbc_crypter_t *aes_cbc_crypter_create(size_t key_size)
-{
- private_aes_cbc_crypter_t *this = malloc_thing(private_aes_cbc_crypter_t);
-
- #if !defined(FIXED_TABLES)
- if(!tab_gen) { gen_tabs(); tab_gen = 1; }
- #endif
-
- this->key_size = key_size;
- switch(key_size) {
- case 32: /* bytes */
- this->aes_Ncol = 8;
- this->aes_Nkey = 8;
- break;
- case 24: /* bytes */
- this->aes_Ncol = 6;
- this->aes_Nkey = 6;
- break;
- case 16: /* bytes */
- this->aes_Ncol = 4;
- this->aes_Nkey = 4;
- break;
- default:
- free(this);
- return NULL;
- }
-
- /* functions of crypter_t interface */
- this->public.crypter_interface.encrypt = (status_t (*) (crypter_t *, chunk_t,chunk_t, chunk_t *)) encrypt;
- this->public.crypter_interface.decrypt = (status_t (*) (crypter_t *, chunk_t , chunk_t, chunk_t *)) decrypt;
- this->public.crypter_interface.get_block_size = (size_t (*) (crypter_t *)) get_block_size;
- this->public.crypter_interface.get_key_size = (size_t (*) (crypter_t *)) get_key_size;
- this->public.crypter_interface.set_key = (status_t (*) (crypter_t *,chunk_t)) set_key;
- this->public.crypter_interface.destroy = (void (*) (crypter_t *)) destroy;
-
- /* private functions */
- this->decrypt_block = decrypt_block;
- this->encrypt_block = encrypt_block;
-
- return &(this->public);
-}
diff --git a/Source/lib/crypto/crypters/aes_cbc_crypter.h b/Source/lib/crypto/crypters/aes_cbc_crypter.h
deleted file mode 100644
index d7a3c0f5b..000000000
--- a/Source/lib/crypto/crypters/aes_cbc_crypter.h
+++ /dev/null
@@ -1,61 +0,0 @@
-/**
- * @file aes_cbc_crypter.h
- *
- * @brief Interface of aes_cbc_crypter_t
- *
- */
-
-/*
- * Copyright (C) 2001 Dr B. R. Gladman <brg@gladman.uk.net>
- * Copyright (C) 2005 Jan Hutter, Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#ifndef AES_CBC_CRYPTER_H_
-#define AES_CBC_CRYPTER_H_
-
-#include <crypto/crypters/crypter.h>
-
-
-typedef struct aes_cbc_crypter_t aes_cbc_crypter_t;
-
-/**
- * @brief Class implementing the AES symmetric encryption algorithm.
- *
- * @b Constructors:
- * - aes_cbc_crypter_create()
- *
- * @ingroup crypters
- */
-struct aes_cbc_crypter_t {
-
- /**
- * The crypter_t interface.
- */
- crypter_t crypter_interface;
-};
-
-/**
- * @brief Constructor to create aes_cbc_crypter_t objects.
- *
- * Supported key sizes are: 16, 24 or 32.
- *
- * @param key_size key size in bytes
- * @return
- * - aes_cbc_crypter_t object
- * - NULL if key size not supported
- */
-aes_cbc_crypter_t *aes_cbc_crypter_create(size_t key_size);
-
-
-#endif /* AES_CBC_CRYPTER_H_ */
diff --git a/Source/lib/crypto/crypters/crypter.c b/Source/lib/crypto/crypters/crypter.c
deleted file mode 100644
index 827d10228..000000000
--- a/Source/lib/crypto/crypters/crypter.c
+++ /dev/null
@@ -1,63 +0,0 @@
-/**
- * @file crypter.c
- *
- * @brief Generic constructor for crypter_t.
- *
- */
-
-/*
- * Copyright (C) 2005 Jan Hutter, Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-
-#include "crypter.h"
-
-#include <crypto/crypters/aes_cbc_crypter.h>
-
-
-/**
- * String mappings for encryption_algorithm_t.
- */
-mapping_t encryption_algorithm_m[] = {
-{ENCR_UNDEFINED, "ENCR_UNDEFINED"},
-{ENCR_DES_IV64, "ENCR_DES_IV64"},
-{ENCR_DES, "ENCR_DES"},
-{ENCR_3DES, "ENCR_3DES"},
-{ENCR_RC5, "ENCR_RC5"},
-{ENCR_IDEA, "ENCR_IDEA"},
-{ENCR_CAST, "ENCR_CAST"},
-{ENCR_BLOWFISH, "ENCR_BLOWFISH"},
-{ENCR_3IDEA, "ENCR_3IDEA"},
-{ENCR_DES_IV32, "ENCR_DES_IV32"},
-{ENCR_NULL, "ENCR_NULL"},
-{ENCR_AES_CBC, "ENCR_AES_CBC"},
-{ENCR_AES_CTR, "ENCR_AES_CTR"},
-{MAPPING_END, NULL}
-};
-
-/*
- * Described in header.
- */
-crypter_t *crypter_create(encryption_algorithm_t encryption_algorithm, size_t key_size)
-{
- switch (encryption_algorithm)
- {
- case ENCR_AES_CBC:
- {
- return (crypter_t*)aes_cbc_crypter_create(key_size);
- }
- default:
- return NULL;
- }
-}
diff --git a/Source/lib/crypto/crypters/crypter.h b/Source/lib/crypto/crypters/crypter.h
deleted file mode 100644
index 9c219f5cc..000000000
--- a/Source/lib/crypto/crypters/crypter.h
+++ /dev/null
@@ -1,153 +0,0 @@
-/**
- * @file crypter.h
- *
- * @brief Interface crypter_t
- *
- */
-
-/*
- * Copyright (C) 2005 Jan Hutter, Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#ifndef CRYPTER_H_
-#define CRYPTER_H_
-
-#include <types.h>
-
-typedef enum encryption_algorithm_t encryption_algorithm_t;
-
-/**
- * @brief Encryption algorithm, as in IKEv2 RFC 3.3.2.
- *
- * Currently only the following algorithms are implemented and therefore supported:
- * - ENCR_AES_CBC
- *
- * @todo Implement more enryption algorithms, such as 3DES
- *
- * @ingroup crypters
- */
-enum encryption_algorithm_t {
- ENCR_UNDEFINED = 1024,
- ENCR_DES_IV64 = 1,
- ENCR_DES = 2,
- ENCR_3DES = 3,
- ENCR_RC5 = 4,
- ENCR_IDEA = 5,
- ENCR_CAST = 6,
- ENCR_BLOWFISH = 7,
- ENCR_3IDEA = 8,
- ENCR_DES_IV32 = 9,
- ENCR_NULL = 11,
- /**
- * Implemented in class aes_cbc_crypter_t.
- */
- ENCR_AES_CBC = 12,
- ENCR_AES_CTR = 13
-};
-
-/**
- * String mappings for encryption_algorithm_t.
- */
-extern mapping_t encryption_algorithm_m[];
-
-
-typedef struct crypter_t crypter_t;
-
-/**
- * @brief Generic interface for symmetric encryption algorithms.
- *
- * @b Constructors:
- * - crypter_create()
- *
- * @ingroup crypters
- */
-struct crypter_t {
- /**
- * @brief Encrypt a chunk of data and allocate space for the encrypted value.
- *
- * @param this calling object
- * @param data data to encrypt
- * @param iv initializing vector
- * @param[out] encrypted pointer where the encrypted bytes will be written
- * @return
- * - SUCCESS
- * - INVALID_ARG if data size not a multiple of block size
- */
- status_t (*encrypt) (crypter_t *this, chunk_t data, chunk_t iv, chunk_t *encrypted);
-
- /**
- * @brief Decrypt a chunk of data and allocate space for the decrypted value.
- *
- * @param this calling object
- * @param data data to decrypt
- * @param iv initializing vector
- * @param[out] encrypted pointer where the decrypted bytes will be written
- * @return
- * - SUCCESS
- * - INVALID_ARG if data size not a multiple of block size
- */
- status_t (*decrypt) (crypter_t *this, chunk_t data, chunk_t iv, chunk_t *decrypted);
-
- /**
- * @brief Get the block size of this crypter_t object.
- *
- * @param this calling object
- * @return block size in bytes
- */
- size_t (*get_block_size) (crypter_t *this);
-
- /**
- * @brief Get the key size of this crypter_t object.
- *
- * @param this calling object
- * @return key size in bytes
- */
- size_t (*get_key_size) (crypter_t *this);
-
- /**
- * @brief Set the key for this crypter_t object.
- *
- * @param this calling object
- * @param key key to set
- * @return
- * - SUCCESS
- * - INVALID_ARG if key length invalid
- */
- status_t (*set_key) (crypter_t *this, chunk_t key);
-
- /**
- * @brief Destroys a crypter_t object.
- *
- * @param this calling object
- */
- void (*destroy) (crypter_t *this);
-};
-
-/**
- * @brief Generic constructor for crypter_t objects.
- *
- * Currently only the following algorithms are implemented and therefore supported:
- * - ENCR_AES_CBC
- *
- * The key_size is ignored for algorithms with fixed key size.
- *
- * @param encryption_algorithm Algorithm to use for crypter
- * @param key_size size of the key in bytes
- * @return
- * - crypter_t object
- * - NULL if encryption algorithm/key_size is not supported
- */
-crypter_t *crypter_create(encryption_algorithm_t encryption_algorithm, size_t key_size);
-
-#endif /*CRYPTER_H_*/
diff --git a/Source/lib/crypto/diffie_hellman.c b/Source/lib/crypto/diffie_hellman.c
deleted file mode 100644
index e458fb80f..000000000
--- a/Source/lib/crypto/diffie_hellman.c
+++ /dev/null
@@ -1,615 +0,0 @@
-/**
- * @file diffie_hellman.c
- *
- * @brief Implementation of diffie_hellman_t.
- *
- */
-
-/*
- * Copyright (C) 1998-2002 D. Hugh Redelmeier.
- * Copyright (C) 1999, 2000, 2001 Henry Spencer.
- * Copyright (C) 2005 Jan Hutter, Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include <gmp.h>
-#include <stdio.h>
-
-#include "diffie_hellman.h"
-
-#include <daemon.h>
-#include <utils/randomizer.h>
-
-
-/**
- * String mappings for diffie_hellman_group_t.
- */
-mapping_t diffie_hellman_group_m[] = {
- {MODP_UNDEFINED, "MODP_UNDEFINED"},
- {MODP_768_BIT, "MODP_768_BIT"},
- {MODP_1024_BIT, "MODP_1024_BIT"},
- {MODP_1536_BIT, "MODP_1536_BIT"},
- {MODP_2048_BIT, "MODP_2048_BIT"},
- {MODP_3072_BIT, "MODP_3072_BIT"},
- {MODP_4096_BIT, "MODP_4096_BIT"},
- {MODP_6144_BIT, "MODP_6144_BIT"},
- {MODP_8192_BIT, "MODP_8192_BIT"},
- {MAPPING_END, NULL}
-};
-
-
-/**
- * Modulus of Group 1 (MODP_768_BIT).
- */
-static u_int8_t group1_modulus[] = {
- 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34,
- 0xC4,0xC6,0x62,0x8B,0x80 ,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,
- 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
- 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37,
- 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,
- 0xF4,0x4C,0x42,0xE9,0xA6,0x3A,0x36,0x20,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF
-};
-
-/**
- * Modulus of Group 2 (MODP_1024_BIT).
- */
-static u_int8_t group2_modulus[] = {
- 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34,
- 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,
- 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
- 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37,
- 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,
- 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
- 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6,
- 0x49,0x28,0x66,0x51,0xEC,0xE6,0x53,0x81,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF
-};
-
-/**
- * Modulus of Group 5 (MODP_1536_BIT).
- */
-static u_int8_t group5_modulus[] = {
- 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34,
- 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,
- 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
- 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37,
- 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,
- 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
- 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6,
- 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,
- 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
- 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB,
- 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,
- 0xF1,0x74,0x6C,0x08,0xCA,0x23,0x73,0x27,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF
-};
-/**
- * Modulus of Group 14 (MODP_2048_BIT).
- */
-static u_int8_t group14_modulus[] = {
- 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34,
- 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,
- 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
- 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37,
- 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,
- 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
- 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6,
- 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,
- 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
- 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB,
- 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,
- 0xF1,0x74,0x6C,0x08,0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B,
- 0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,0xEC,0x07,0xA2,0x8F,
- 0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18,
- 0x39,0x95,0x49,0x7C,0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10,
- 0x15,0x72,0x8E,0x5A,0x8A,0xAC,0xAA,0x68,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF
-};
-
-/**
- * Modulus of Group 15 (MODP_3072_BIT).
- */
-static u_int8_t group15_modulus[] = {
- 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34,
- 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,
- 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
- 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37,
- 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,
- 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
- 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6,
- 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,
- 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
- 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB,
- 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,
- 0xF1,0x74,0x6C,0x08,0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B,
- 0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,0xEC,0x07,0xA2,0x8F,
- 0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18,
- 0x39,0x95,0x49,0x7C,0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10,
- 0x15,0x72,0x8E,0x5A,0x8A,0xAA,0xC4,0x2D,0xAD,0x33,0x17,0x0D,0x04,0x50,0x7A,0x33,
- 0xA8,0x55,0x21,0xAB,0xDF,0x1C,0xBA,0x64,0xEC,0xFB,0x85,0x04,0x58,0xDB,0xEF,0x0A,
- 0x8A,0xEA,0x71,0x57,0x5D,0x06,0x0C,0x7D,0xB3,0x97,0x0F,0x85,0xA6,0xE1,0xE4,0xC7,
- 0xAB,0xF5,0xAE,0x8C,0xDB,0x09,0x33,0xD7,0x1E,0x8C,0x94,0xE0,0x4A,0x25,0x61,0x9D,
- 0xCE,0xE3,0xD2,0x26,0x1A,0xD2,0xEE,0x6B,0xF1,0x2F,0xFA,0x06,0xD9,0x8A,0x08,0x64,
- 0xD8,0x76,0x02,0x73,0x3E,0xC8,0x6A,0x64,0x52,0x1F,0x2B,0x18,0x17,0x7B,0x20,0x0C,
- 0xBB,0xE1,0x17,0x57,0x7A,0x61,0x5D,0x6C,0x77,0x09,0x88,0xC0,0xBA,0xD9,0x46,0xE2,
- 0x08,0xE2,0x4F,0xA0,0x74,0xE5,0xAB,0x31,0x43,0xDB,0x5B,0xFC,0xE0,0xFD,0x10,0x8E,
- 0x4B,0x82,0xD1,0x20,0xA9,0x3A,0xD2,0xCA,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF
-};
-
-/**
- * Modulus of Group 16 (MODP_4096_BIT).
- */
-static u_int8_t group16_modulus[] = {
- 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34,
- 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,
- 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
- 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37,
- 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,
- 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
- 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6,
- 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,
- 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
- 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB,
- 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,
- 0xF1,0x74,0x6C,0x08,0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B,
- 0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,0xEC,0x07,0xA2,0x8F,
- 0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18,
- 0x39,0x95,0x49,0x7C,0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10,
- 0x15,0x72,0x8E,0x5A,0x8A,0xAA,0xC4,0x2D,0xAD,0x33,0x17,0x0D,0x04,0x50,0x7A,0x33,
- 0xA8,0x55,0x21,0xAB,0xDF,0x1C,0xBA,0x64,0xEC,0xFB,0x85,0x04,0x58,0xDB,0xEF,0x0A,
- 0x8A,0xEA,0x71,0x57,0x5D,0x06,0x0C,0x7D,0xB3,0x97,0x0F,0x85,0xA6,0xE1,0xE4,0xC7,
- 0xAB,0xF5,0xAE,0x8C,0xDB,0x09,0x33,0xD7,0x1E,0x8C,0x94,0xE0,0x4A,0x25,0x61,0x9D,
- 0xCE,0xE3,0xD2,0x26,0x1A,0xD2,0xEE,0x6B,0xF1,0x2F,0xFA,0x06,0xD9,0x8A,0x08,0x64,
- 0xD8,0x76,0x02,0x73,0x3E,0xC8,0x6A,0x64,0x52,0x1F,0x2B,0x18,0x17,0x7B,0x20,0x0C,
- 0xBB,0xE1,0x17,0x57,0x7A,0x61,0x5D,0x6C,0x77,0x09,0x88,0xC0,0xBA,0xD9,0x46,0xE2,
- 0x08,0xE2,0x4F,0xA0,0x74,0xE5,0xAB,0x31,0x43,0xDB,0x5B,0xFC,0xE0,0xFD,0x10,0x8E,
- 0x4B,0x82,0xD1,0x20,0xA9,0x21,0x08,0x01,0x1A,0x72,0x3C,0x12,0xA7,0x87,0xE6,0xD7,
- 0x88,0x71,0x9A,0x10,0xBD,0xBA,0x5B,0x26,0x99,0xC3,0x27,0x18,0x6A,0xF4,0xE2,0x3C,
- 0x1A,0x94,0x68,0x34,0xB6,0x15,0x0B,0xDA,0x25,0x83,0xE9,0xCA,0x2A,0xD4,0x4C,0xE8,
- 0xDB,0xBB,0xC2,0xDB,0x04,0xDE,0x8E,0xF9,0x2E,0x8E,0xFC,0x14,0x1F,0xBE,0xCA,0xA6,
- 0x28,0x7C,0x59,0x47,0x4E,0x6B,0xC0,0x5D,0x99,0xB2,0x96,0x4F,0xA0,0x90,0xC3,0xA2,
- 0x23,0x3B,0xA1,0x86,0x51,0x5B,0xE7,0xED,0x1F,0x61,0x29,0x70,0xCE,0xE2,0xD7,0xAF,
- 0xB8,0x1B,0xDD,0x76,0x21,0x70,0x48,0x1C,0xD0,0x06,0x91,0x27,0xD5,0xB0,0x5A,0xA9,
- 0x93,0xB4,0xEA,0x98,0x8D,0x8F,0xDD,0xC1,0x86,0xFF,0xB7,0xDC,0x90,0xA6,0xC0,0x8F,
- 0x4D,0xF4,0x35,0xC9,0x34,0x06,0x31,0x99,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF
-};
-
-/**
- * Modulus of Group 17 (MODP_6144_BIT).
- */
-static u_int8_t group17_modulus[] = {
- 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34,
- 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,
- 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
- 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37,
- 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,
- 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
- 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6,
- 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,
- 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
- 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB,
- 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,
- 0xF1,0x74,0x6C,0x08,0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B,
- 0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,0xEC,0x07,0xA2,0x8F,
- 0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18,
- 0x39,0x95,0x49,0x7C,0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10,
- 0x15,0x72,0x8E,0x5A,0x8A,0xAA,0xC4,0x2D,0xAD,0x33,0x17,0x0D,0x04,0x50,0x7A,0x33,
- 0xA8,0x55,0x21,0xAB,0xDF,0x1C,0xBA,0x64,0xEC,0xFB,0x85,0x04,0x58,0xDB,0xEF,0x0A,
- 0x8A,0xEA,0x71,0x57,0x5D,0x06,0x0C,0x7D,0xB3,0x97,0x0F,0x85,0xA6,0xE1,0xE4,0xC7,
- 0xAB,0xF5,0xAE,0x8C,0xDB,0x09,0x33,0xD7,0x1E,0x8C,0x94,0xE0,0x4A,0x25,0x61,0x9D,
- 0xCE,0xE3,0xD2,0x26,0x1A,0xD2,0xEE,0x6B,0xF1,0x2F,0xFA,0x06,0xD9,0x8A,0x08,0x64,
- 0xD8,0x76,0x02,0x73,0x3E,0xC8,0x6A,0x64,0x52,0x1F,0x2B,0x18,0x17,0x7B,0x20,0x0C,
- 0xBB,0xE1,0x17,0x57,0x7A,0x61,0x5D,0x6C,0x77,0x09,0x88,0xC0,0xBA,0xD9,0x46,0xE2,
- 0x08,0xE2,0x4F,0xA0,0x74,0xE5,0xAB,0x31,0x43,0xDB,0x5B,0xFC,0xE0,0xFD,0x10,0x8E,
- 0x4B,0x82,0xD1,0x20,0xA9,0x21,0x08,0x01,0x1A,0x72,0x3C,0x12,0xA7,0x87,0xE6,0xD7,
- 0x88,0x71,0x9A,0x10,0xBD,0xBA,0x5B,0x26,0x99,0xC3,0x27,0x18,0x6A,0xF4,0xE2,0x3C,
- 0x1A,0x94,0x68,0x34,0xB6,0x15,0x0B,0xDA,0x25,0x83,0xE9,0xCA,0x2A,0xD4,0x4C,0xE8,
- 0xDB,0xBB,0xC2,0xDB,0x04,0xDE,0x8E,0xF9,0x2E,0x8E,0xFC,0x14,0x1F,0xBE,0xCA,0xA6,
- 0x28,0x7C,0x59,0x47,0x4E,0x6B,0xC0,0x5D,0x99,0xB2,0x96,0x4F,0xA0,0x90,0xC3,0xA2,
- 0x23,0x3B,0xA1,0x86,0x51,0x5B,0xE7,0xED,0x1F,0x61,0x29,0x70,0xCE,0xE2,0xD7,0xAF,
- 0xB8,0x1B,0xDD,0x76,0x21,0x70,0x48,0x1C,0xD0,0x06,0x91,0x27,0xD5,0xB0,0x5A,0xA9,
- 0x93,0xB4,0xEA,0x98,0x8D,0x8F,0xDD,0xC1,0x86,0xFF,0xB7,0xDC,0x90,0xA6,0xC0,0x8F,
- 0x4D,0xF4,0x35,0xC9,0x34,0x02,0x84,0x92,0x36,0xC3,0xFA,0xB4,0xD2,0x7C,0x70,0x26,
- 0xC1,0xD4,0xDC,0xB2,0x60,0x26,0x46,0xDE,0xC9,0x75,0x1E,0x76,0x3D,0xBA,0x37,0xBD,
- 0xF8,0xFF,0x94,0x06,0xAD,0x9E,0x53,0x0E,0xE5,0xDB,0x38,0x2F,0x41,0x30,0x01,0xAE,
- 0xB0,0x6A,0x53,0xED,0x90,0x27,0xD8,0x31,0x17,0x97,0x27,0xB0,0x86,0x5A,0x89,0x18,
- 0xDA,0x3E,0xDB,0xEB,0xCF,0x9B,0x14,0xED,0x44,0xCE,0x6C,0xBA,0xCE,0xD4,0xBB,0x1B,
- 0xDB,0x7F,0x14,0x47,0xE6,0xCC,0x25,0x4B,0x33,0x20,0x51,0x51,0x2B,0xD7,0xAF,0x42,
- 0x6F,0xB8,0xF4,0x01,0x37,0x8C,0xD2,0xBF,0x59,0x83,0xCA,0x01,0xC6,0x4B,0x92,0xEC,
- 0xF0,0x32,0xEA,0x15,0xD1,0x72,0x1D,0x03,0xF4,0x82,0xD7,0xCE,0x6E,0x74,0xFE,0xF6,
- 0xD5,0x5E,0x70,0x2F,0x46,0x98,0x0C,0x82,0xB5,0xA8,0x40,0x31,0x90,0x0B,0x1C,0x9E,
- 0x59,0xE7,0xC9,0x7F,0xBE,0xC7,0xE8,0xF3,0x23,0xA9,0x7A,0x7E,0x36,0xCC,0x88,0xBE,
- 0x0F,0x1D,0x45,0xB7,0xFF,0x58,0x5A,0xC5,0x4B,0xD4,0x07,0xB2,0x2B,0x41,0x54,0xAA,
- 0xCC,0x8F,0x6D,0x7E,0xBF,0x48,0xE1,0xD8,0x14,0xCC,0x5E,0xD2,0x0F,0x80,0x37,0xE0,
- 0xA7,0x97,0x15,0xEE,0xF2,0x9B,0xE3,0x28,0x06,0xA1,0xD5,0x8B,0xB7,0xC5,0xDA,0x76,
- 0xF5,0x50,0xAA,0x3D,0x8A,0x1F,0xBF,0xF0,0xEB,0x19,0xCC,0xB1,0xA3,0x13,0xD5,0x5C,
- 0xDA,0x56,0xC9,0xEC,0x2E,0xF2,0x96,0x32,0x38,0x7F,0xE8,0xD7,0x6E,0x3C,0x04,0x68,
- 0x04,0x3E,0x8F,0x66,0x3F,0x48,0x60,0xEE,0x12,0xBF,0x2D,0x5B,0x0B,0x74,0x74,0xD6,
- 0xE6,0x94,0xF9,0x1E,0x6D,0xCC,0x40,0x24,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF
-};
-
-/**
- * Modulus of Group 18 (MODP_8192_BIT).
- */
-static u_int8_t group18_modulus[] = {
- 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34,
- 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74,
- 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD,
- 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37,
- 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6,
- 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED,
- 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6,
- 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05,
- 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F,
- 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB,
- 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04,
- 0xF1,0x74,0x6C,0x08,0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B,
- 0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,0xEC,0x07,0xA2,0x8F,
- 0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18,
- 0x39,0x95,0x49,0x7C,0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10,
- 0x15,0x72,0x8E,0x5A,0x8A,0xAA,0xC4,0x2D,0xAD,0x33,0x17,0x0D,0x04,0x50,0x7A,0x33,
- 0xA8,0x55,0x21,0xAB,0xDF,0x1C,0xBA,0x64,0xEC,0xFB,0x85,0x04,0x58,0xDB,0xEF,0x0A,
- 0x8A,0xEA,0x71,0x57,0x5D,0x06,0x0C,0x7D,0xB3,0x97,0x0F,0x85,0xA6,0xE1,0xE4,0xC7,
- 0xAB,0xF5,0xAE,0x8C,0xDB,0x09,0x33,0xD7,0x1E,0x8C,0x94,0xE0,0x4A,0x25,0x61,0x9D,
- 0xCE,0xE3,0xD2,0x26,0x1A,0xD2,0xEE,0x6B,0xF1,0x2F,0xFA,0x06,0xD9,0x8A,0x08,0x64,
- 0xD8,0x76,0x02,0x73,0x3E,0xC8,0x6A,0x64,0x52,0x1F,0x2B,0x18,0x17,0x7B,0x20,0x0C,
- 0xBB,0xE1,0x17,0x57,0x7A,0x61,0x5D,0x6C,0x77,0x09,0x88,0xC0,0xBA,0xD9,0x46,0xE2,
- 0x08,0xE2,0x4F,0xA0,0x74,0xE5,0xAB,0x31,0x43,0xDB,0x5B,0xFC,0xE0,0xFD,0x10,0x8E,
- 0x4B,0x82,0xD1,0x20,0xA9,0x21,0x08,0x01,0x1A,0x72,0x3C,0x12,0xA7,0x87,0xE6,0xD7,
- 0x88,0x71,0x9A,0x10,0xBD,0xBA,0x5B,0x26,0x99,0xC3,0x27,0x18,0x6A,0xF4,0xE2,0x3C,
- 0x1A,0x94,0x68,0x34,0xB6,0x15,0x0B,0xDA,0x25,0x83,0xE9,0xCA,0x2A,0xD4,0x4C,0xE8,
- 0xDB,0xBB,0xC2,0xDB,0x04,0xDE,0x8E,0xF9,0x2E,0x8E,0xFC,0x14,0x1F,0xBE,0xCA,0xA6,
- 0x28,0x7C,0x59,0x47,0x4E,0x6B,0xC0,0x5D,0x99,0xB2,0x96,0x4F,0xA0,0x90,0xC3,0xA2,
- 0x23,0x3B,0xA1,0x86,0x51,0x5B,0xE7,0xED,0x1F,0x61,0x29,0x70,0xCE,0xE2,0xD7,0xAF,
- 0xB8,0x1B,0xDD,0x76,0x21,0x70,0x48,0x1C,0xD0,0x06,0x91,0x27,0xD5,0xB0,0x5A,0xA9,
- 0x93,0xB4,0xEA,0x98,0x8D,0x8F,0xDD,0xC1,0x86,0xFF,0xB7,0xDC,0x90,0xA6,0xC0,0x8F,
- 0x4D,0xF4,0x35,0xC9,0x34,0x02,0x84,0x92,0x36,0xC3,0xFA,0xB4,0xD2,0x7C,0x70,0x26,
- 0xC1,0xD4,0xDC,0xB2,0x60,0x26,0x46,0xDE,0xC9,0x75,0x1E,0x76,0x3D,0xBA,0x37,0xBD,
- 0xF8,0xFF,0x94,0x06,0xAD,0x9E,0x53,0x0E,0xE5,0xDB,0x38,0x2F,0x41,0x30,0x01,0xAE,
- 0xB0,0x6A,0x53,0xED,0x90,0x27,0xD8,0x31,0x17,0x97,0x27,0xB0,0x86,0x5A,0x89,0x18,
- 0xDA,0x3E,0xDB,0xEB,0xCF,0x9B,0x14,0xED,0x44,0xCE,0x6C,0xBA,0xCE,0xD4,0xBB,0x1B,
- 0xDB,0x7F,0x14,0x47,0xE6,0xCC,0x25,0x4B,0x33,0x20,0x51,0x51,0x2B,0xD7,0xAF,0x42,
- 0x6F,0xB8,0xF4,0x01,0x37,0x8C,0xD2,0xBF,0x59,0x83,0xCA,0x01,0xC6,0x4B,0x92,0xEC,
- 0xF0,0x32,0xEA,0x15,0xD1,0x72,0x1D,0x03,0xF4,0x82,0xD7,0xCE,0x6E,0x74,0xFE,0xF6,
- 0xD5,0x5E,0x70,0x2F,0x46,0x98,0x0C,0x82,0xB5,0xA8,0x40,0x31,0x90,0x0B,0x1C,0x9E,
- 0x59,0xE7,0xC9,0x7F,0xBE,0xC7,0xE8,0xF3,0x23,0xA9,0x7A,0x7E,0x36,0xCC,0x88,0xBE,
- 0x0F,0x1D,0x45,0xB7,0xFF,0x58,0x5A,0xC5,0x4B,0xD4,0x07,0xB2,0x2B,0x41,0x54,0xAA,
- 0xCC,0x8F,0x6D,0x7E,0xBF,0x48,0xE1,0xD8,0x14,0xCC,0x5E,0xD2,0x0F,0x80,0x37,0xE0,
- 0xA7,0x97,0x15,0xEE,0xF2,0x9B,0xE3,0x28,0x06,0xA1,0xD5,0x8B,0xB7,0xC5,0xDA,0x76,
- 0xF5,0x50,0xAA,0x3D,0x8A,0x1F,0xBF,0xF0,0xEB,0x19,0xCC,0xB1,0xA3,0x13,0xD5,0x5C,
- 0xDA,0x56,0xC9,0xEC,0x2E,0xF2,0x96,0x32,0x38,0x7F,0xE8,0xD7,0x6E,0x3C,0x04,0x68,
- 0x04,0x3E,0x8F,0x66,0x3F,0x48,0x60,0xEE,0x12,0xBF,0x2D,0x5B,0x0B,0x74,0x74,0xD6,
- 0xE6,0x94,0xF9,0x1E,0x6D,0xBE,0x11,0x59,0x74,0xA3,0x92,0x6F,0x12,0xFE,0xE5,0xE4,
- 0x38,0x77,0x7C,0xB6,0xA9,0x32,0xDF,0x8C,0xD8,0xBE,0xC4,0xD0,0x73,0xB9,0x31,0xBA,
- 0x3B,0xC8,0x32,0xB6,0x8D,0x9D,0xD3,0x00,0x74,0x1F,0xA7,0xBF,0x8A,0xFC,0x47,0xED,
- 0x25,0x76,0xF6,0x93,0x6B,0xA4,0x24,0x66,0x3A,0xAB,0x63,0x9C,0x5A,0xE4,0xF5,0x68,
- 0x34,0x23,0xB4,0x74,0x2B,0xF1,0xC9,0x78,0x23,0x8F,0x16,0xCB,0xE3,0x9D,0x65,0x2D,
- 0xE3,0xFD,0xB8,0xBE,0xFC,0x84,0x8A,0xD9,0x22,0x22,0x2E,0x04,0xA4,0x03,0x7C,0x07,
- 0x13,0xEB,0x57,0xA8,0x1A,0x23,0xF0,0xC7,0x34,0x73,0xFC,0x64,0x6C,0xEA,0x30,0x6B,
- 0x4B,0xCB,0xC8,0x86,0x2F,0x83,0x85,0xDD,0xFA,0x9D,0x4B,0x7F,0xA2,0xC0,0x87,0xE8,
- 0x79,0x68,0x33,0x03,0xED,0x5B,0xDD,0x3A,0x06,0x2B,0x3C,0xF5,0xB3,0xA2,0x78,0xA6,
- 0x6D,0x2A,0x13,0xF8,0x3F,0x44,0xF8,0x2D,0xDF,0x31,0x0E,0xE0,0x74,0xAB,0x6A,0x36,
- 0x45,0x97,0xE8,0x99,0xA0,0x25,0x5D,0xC1,0x64,0xF3,0x1C,0xC5,0x08,0x46,0x85,0x1D,
- 0xF9,0xAB,0x48,0x19,0x5D,0xED,0x7E,0xA1,0xB1,0xD5,0x10,0xBD,0x7E,0xE7,0x4D,0x73,
- 0xFA,0xF3,0x6B,0xC3,0x1E,0xCF,0xA2,0x68,0x35,0x90,0x46,0xF4,0xEB,0x87,0x9F,0x92,
- 0x40,0x09,0x43,0x8B,0x48,0x1C,0x6C,0xD7,0x88,0x9A,0x00,0x2E,0xD5,0xEE,0x38,0x2B,
- 0xC9,0x19,0x0D,0xA6,0xFC,0x02,0x6E,0x47,0x95,0x58,0xE4,0x47,0x56,0x77,0xE9,0xAA,
- 0x9E,0x30,0x50,0xE2,0x76,0x56,0x94,0xDF,0xC8,0x1F,0x56,0xE8,0x80,0xB9,0x6E,0x71,
- 0x60,0xC9,0x80,0xDD,0x98,0xED,0xD3,0xDF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
-};
-
-typedef struct modulus_info_entry_t modulus_info_entry_t;
-
-/**
- * Entry of the modulus list.
- */
-struct modulus_info_entry_t {
- /**
- * Group number as it is defined in file transform_substructure.h.
- */
- diffie_hellman_group_t group;
-
- /**
- * Pointer to first byte of modulus (network order).
- */
- u_int8_t *modulus;
-
- /*
- * Length of modulus in bytes.
- */
- size_t modulus_length;
-
- /*
- * Generator value.
- */
- u_int16_t generator;
-};
-
-
-/**
- * All supported modulus values.
- */
-static modulus_info_entry_t modulus_info_entries[] = {
- {MODP_768_BIT,group1_modulus,sizeof(group1_modulus),2},
- {MODP_1024_BIT,group2_modulus,sizeof(group2_modulus),2},
- {MODP_1536_BIT,group5_modulus,sizeof(group5_modulus),2},
- {MODP_2048_BIT,group14_modulus,sizeof(group14_modulus),2},
- {MODP_3072_BIT,group15_modulus,sizeof(group15_modulus),2},
- {MODP_4096_BIT,group16_modulus,sizeof(group16_modulus),2},
- {MODP_6144_BIT,group17_modulus,sizeof(group17_modulus),2},
- {MODP_8192_BIT,group18_modulus,sizeof(group18_modulus),2},
-};
-
-typedef struct private_diffie_hellman_t private_diffie_hellman_t;
-
-/**
- * Private data of an diffie_hellman_t object.
- *
- */
-struct private_diffie_hellman_t {
- /**
- * Public diffie_hellman_t interface.
- */
- diffie_hellman_t public;
-
- /**
- * Diffie Hellman group number.
- */
- u_int16_t dh_group_number;
-
- /**
- * Modulus.
- */
- mpz_t modulus;
-
- /**
- * Modulus length.
- */
- size_t modulus_length;
-
- /*
- * Generator value.
- */
- u_int16_t generator;
-
- /**
- * My private value .
- */
- mpz_t my_private_value;
-
- /**
- * My public value.
- */
- mpz_t my_public_value;
-
- /**
- * Other public value.
- */
- mpz_t other_public_value;
-
- /**
- * Shared secret.
- */
- mpz_t shared_secret;
-
- /**
- * True if shared secret is computed and stored in my_public_value.
- */
- bool shared_secret_is_computed;
-
- /**
- * Sets the modulus for a specific diffie hellman group.
- *
- * @param this calling object
- * @return
- * SUCCESS if modulus could be found
- * NOT_FOUND if modulus not supported
- */
- status_t (*set_modulus) (private_diffie_hellman_t *this);
-
- /**
- * Makes sure my public value is computed.
- *
- * @param this calling object
- */
- void (*compute_public_value) (private_diffie_hellman_t *this);
-
- /**
- * Computes shared secret (other public value must be available).
- *
- * @param this calling object
- */
- void (*compute_shared_secret) (private_diffie_hellman_t *this);
-};
-
-/**
- * Implementation of private_diffie_hellman_t.set_modulus.
- */
-static status_t set_modulus(private_diffie_hellman_t *this)
-{
- int i;
- status_t status = NOT_FOUND;
-
- for (i = 0; i < (sizeof(modulus_info_entries) / sizeof(modulus_info_entry_t)); i++)
- {
- if (modulus_info_entries[i].group == this->dh_group_number)
- {
- chunk_t modulus_chunk;
- modulus_chunk.ptr = modulus_info_entries[i].modulus;
- modulus_chunk.len = modulus_info_entries[i].modulus_length;
- mpz_import(this->modulus, modulus_chunk.len, 1, 1, 1, 0, modulus_chunk.ptr);
- this->modulus_length = modulus_chunk.len;
- this->generator = modulus_info_entries[i].generator;
- status = SUCCESS;
- break;
- }
- }
- return status;
-}
-
-/**
- * Implementation of diffie_hellman_t.set_other_public_value.
- */
-static void set_other_public_value(private_diffie_hellman_t *this,chunk_t public_value)
-{
- mpz_import(this->other_public_value, public_value.len, 1, 1, 1, 0, public_value.ptr);
- this->compute_shared_secret(this);
-}
-
-/**
- * Implementation of diffie_hellman_t.get_other_public_value.
- */
-static status_t get_other_public_value(private_diffie_hellman_t *this,chunk_t *public_value)
-{
- if (!this->shared_secret_is_computed)
- {
- return FAILED;
- }
- public_value->len = this->modulus_length;
- public_value->ptr = mpz_export(NULL, NULL, 1, public_value->len, 1, 0, this->other_public_value);
- return SUCCESS;
-}
-
-/**
- * Implementation of private_diffie_hellman_t.compute_shared_secret.
- */
-static void compute_shared_secret (private_diffie_hellman_t *this)
-{
- /* initialize my public value */
- mpz_init(this->shared_secret);
- /* calculate my public value */
- mpz_powm(this->shared_secret,this->other_public_value,this->my_private_value,this->modulus);
-
- this->shared_secret_is_computed = TRUE;
-}
-
-/**
- * Implementation of private_diffie_hellman_t.compute_public_value.
- */
-static void compute_public_value (private_diffie_hellman_t *this)
-{
- mpz_t generator;
- /* initialize generator and set it*/
- mpz_init_set_ui (generator,this->generator);
- /* initialize my public value */
- mpz_init(this->my_public_value);
- /* calculate my public value */
- mpz_powm(this->my_public_value,generator,this->my_private_value,this->modulus);
- /* generator not used anymore */
- mpz_clear(generator);
-}
-
-/**
- * Implementation of diffie_hellman_t.get_my_public_value.
- */
-static void get_my_public_value(private_diffie_hellman_t *this,chunk_t *public_value)
-{
- public_value->len = this->modulus_length;
- public_value->ptr = mpz_export(NULL, NULL, 1, public_value->len, 1, 0, this->my_public_value);
-}
-
-/**
- * Implementation of diffie_hellman_t.get_shared_secret.
- */
-static status_t get_shared_secret(private_diffie_hellman_t *this,chunk_t *secret)
-{
- if (!this->shared_secret_is_computed)
- {
- return FAILED;
- }
- secret->len = this->modulus_length;
- secret->ptr = mpz_export(NULL, NULL, 1, secret->len, 1, 0, this->shared_secret);
- return SUCCESS;
-}
-
-/**
- * Implementation of diffie_hellman_t.get_dh_group.
- */
-static diffie_hellman_group_t get_dh_group(private_diffie_hellman_t *this)
-{
- return this->dh_group_number;
-}
-
-/**
- * Implementation of diffie_hellman_t.destroy.
- */
-static void destroy(private_diffie_hellman_t *this)
-{
- mpz_clear(this->modulus);
- mpz_clear(this->my_private_value);
- mpz_clear(this->my_public_value);
- mpz_clear(this->other_public_value);
-
- if (this->shared_secret_is_computed)
- {
- /* other public value gets initialized together with shared secret */
- mpz_clear(this->shared_secret);
- }
- free(this);
-}
-
-/*
- * Described in header.
- */
-diffie_hellman_t *diffie_hellman_create(diffie_hellman_group_t dh_group_number)
-{
- private_diffie_hellman_t *this = malloc_thing(private_diffie_hellman_t);
- randomizer_t *randomizer;
- chunk_t random_bytes;
-
- /* public functions */
- this->public.get_shared_secret = (status_t (*)(diffie_hellman_t *, chunk_t *)) get_shared_secret;
- this->public.set_other_public_value = (void (*)(diffie_hellman_t *, chunk_t )) set_other_public_value;
- this->public.get_other_public_value = (status_t (*)(diffie_hellman_t *, chunk_t *)) get_other_public_value;
- this->public.get_my_public_value = (void (*)(diffie_hellman_t *, chunk_t *)) get_my_public_value;
- this->public.get_dh_group = (diffie_hellman_group_t (*)(diffie_hellman_t *)) get_dh_group;
- this->public.destroy = (void (*)(diffie_hellman_t *)) destroy;
-
- /* private functions */
- this->set_modulus = set_modulus;
- this->compute_public_value = compute_public_value;
- this->compute_shared_secret = compute_shared_secret;
-
- /* private variables */
- this->dh_group_number = dh_group_number;
- mpz_init(this->modulus);
- mpz_init(this->other_public_value);
- mpz_init(this->my_private_value);
-
- /* set this->modulus */
- if (this->set_modulus(this) != SUCCESS)
- {
- free(this);
- return NULL;
- }
- randomizer = randomizer_create();
- if (randomizer == NULL)
- {
- free(this);
- return NULL;
- }
- if (randomizer->allocate_pseudo_random_bytes(randomizer, this->modulus_length, &random_bytes) != SUCCESS)
- {
- randomizer->destroy(randomizer);
- free(this);
- return NULL;
- }
-
- mpz_import(this->my_private_value, random_bytes.len, 1, 1, 1, 0, random_bytes.ptr);
- chunk_free(&random_bytes);
-
- randomizer->destroy(randomizer);
-
- this->compute_public_value(this);
-
- this->shared_secret_is_computed = FALSE;
-
- return &(this->public);
-}
diff --git a/Source/lib/crypto/diffie_hellman.h b/Source/lib/crypto/diffie_hellman.h
deleted file mode 100644
index 48a165557..000000000
--- a/Source/lib/crypto/diffie_hellman.h
+++ /dev/null
@@ -1,149 +0,0 @@
-/**
- * @file diffie_hellman.h
- *
- * @brief Interface of diffie_hellman_t.
- *
- */
-
-/*
- * Copyright (C) 2005 Jan Hutter, Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#ifndef DIFFIE_HELLMAN_H_
-#define DIFFIE_HELLMAN_H_
-
-#include <types.h>
-
-
-typedef enum diffie_hellman_group_t diffie_hellman_group_t;
-
-/**
- * @brief Diffie-Hellman group.
- *
- * The modulus (or group) to use for a Diffie-Hellman calculation.
- *
- * See IKEv2 RFC 3.3.2 and RFC 3526.
- *
- * @ingroup transforms
- */
-enum diffie_hellman_group_t {
- MODP_UNDEFINED = 1024,
- MODP_768_BIT = 1,
- MODP_1024_BIT = 2,
- MODP_1536_BIT = 5,
- MODP_2048_BIT = 14,
- MODP_3072_BIT = 15,
- MODP_4096_BIT = 16,
- MODP_6144_BIT = 17,
- MODP_8192_BIT = 18
-};
-
-/**
- * String mappings for diffie_hellman_group_t.
- */
-extern mapping_t diffie_hellman_group_m[];
-
-
-typedef struct diffie_hellman_t diffie_hellman_t;
-
-/**
- * @brief Implementation of the widely used Diffie-Hellman algorithm.
- *
- * @b Constructors:
- * - diffie_hellman_create()
- *
- * @ingroup transforms
- */
-struct diffie_hellman_t {
-
- /**
- * @brief Returns the shared secret of this diffie hellman exchange.
- *
- * @warning Space for returned secret is allocated and must be
- * freed by the caller.
- *
- * @param this calling diffie_hellman_t object
- * @param[out] secret shared secret will be written into this chunk
- * @return
- * - SUCCESS
- * - FAILED if not both DH values are set
- */
- status_t (*get_shared_secret) (diffie_hellman_t *this, chunk_t *secret);
-
- /**
- * @brief Sets the public value of partner.
- *
- * chunk gets cloned and can be destroyed afterwards.
- *
- * @param this calling diffie_hellman_t object
- * @param public_value public value of partner
- */
- void (*set_other_public_value) (diffie_hellman_t *this, chunk_t public_value);
-
- /**
- * @brief Gets the public value of partner.
- *
- * @warning Space for returned chunk is allocated and must be
- * freed by the caller.
- *
- * @param this calling diffie_hellman_t object
- * @param[out] public_value public value of partner is stored at this location
- * @return
- * - SUCCESS
- * - FAILED if other public value not set
- */
- status_t (*get_other_public_value) (diffie_hellman_t *this, chunk_t *public_value);
-
- /**
- * @brief Gets the public value of caller
- *
- * @warning Space for returned chunk is allocated and must be
- * freed by the caller.
- *
- * @param this calling diffie_hellman_t object
- * @param[out] public_value public value of caller is stored at this location
- */
- void (*get_my_public_value) (diffie_hellman_t *this, chunk_t *public_value);
-
- /**
- * @brief Get the DH group used.
- *
- * @param this calling diffie_hellman_t object
- * @return DH group set in construction
- */
- diffie_hellman_group_t (*get_dh_group) (diffie_hellman_t *this);
-
- /**
- * @brief Destroys an diffie_hellman_t object.
- *
- * @param this diffie_hellman_t object to destroy
- */
- void (*destroy) (diffie_hellman_t *this);
-};
-
-/**
- * @brief Creates a new diffie_hellman_t object.
- *
- * The first diffie hellman public value gets automatically created.
- *
- * @param dh_group_number Diffie Hellman group number to use
- * @return
- * - diffie_hellman_t object
- * - NULL if dh group not supported
- *
- * @ingroup transforms
- */
-diffie_hellman_t *diffie_hellman_create(diffie_hellman_group_t dh_group_number);
-
-#endif /*DIFFIE_HELLMAN_H_*/
diff --git a/Source/lib/crypto/hashers/Makefile.hashers b/Source/lib/crypto/hashers/Makefile.hashers
deleted file mode 100644
index e05d41af3..000000000
--- a/Source/lib/crypto/hashers/Makefile.hashers
+++ /dev/null
@@ -1,27 +0,0 @@
-# Copyright (C) 2005 Jan Hutter, Martin Willi
-# Hochschule fuer Technik Rapperswil
-#
-# This program is free software; you can redistribute it and/or modify it
-# under the terms of the GNU General Public License as published by the
-# Free Software Foundation; either version 2 of the License, or (at your
-# option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-#
-# This program is distributed in the hope that it will be useful, but
-# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-# for more details.
-#
-
-HASHERS_DIR= $(CRYPTO_DIR)hashers/
-
-LIB_OBJS+= $(BUILD_DIR)hasher.o
-$(BUILD_DIR)hasher.o : $(HASHERS_DIR)hasher.c $(HASHERS_DIR)hasher.h
- $(CC) $(CFLAGS) -c -o $@ $<
-
-LIB_OBJS+= $(BUILD_DIR)sha1_hasher.o
-$(BUILD_DIR)sha1_hasher.o : $(HASHERS_DIR)sha1_hasher.c $(HASHERS_DIR)sha1_hasher.h
- $(CC) $(CFLAGS) -c -o $@ $<
-
-LIB_OBJS+= $(BUILD_DIR)md5_hasher.o
-$(BUILD_DIR)md5_hasher.o : $(HASHERS_DIR)md5_hasher.c $(HASHERS_DIR)md5_hasher.h
- $(CC) $(CFLAGS) -c -o $@ $<
diff --git a/Source/lib/crypto/hashers/hasher.c b/Source/lib/crypto/hashers/hasher.c
deleted file mode 100644
index c15f41804..000000000
--- a/Source/lib/crypto/hashers/hasher.c
+++ /dev/null
@@ -1,60 +0,0 @@
-/**
- * @file hasher.c
- *
- * @brief Generic constructor for hasher_t.
- *
- */
-
-/*
- * Copyright (C) 2005 Jan Hutter, Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-
-#include "hasher.h"
-
-#include <crypto/hashers/sha1_hasher.h>
-#include <crypto/hashers/md5_hasher.h>
-
-/**
- * String mappings for hash_algorithm_t.
- */
-mapping_t hash_algorithm_m[] = {
- {HASH_MD2,"HASH_MD2"},
- {HASH_MD5,"HASH_MD5"},
- {HASH_SHA1,"HASH_SHA1"},
- {HASH_SHA256,"HASH_SHA256"},
- {HASH_SHA384,"HASH_SHA384"},
- {HASH_SHA512,"HASH_SHA512"},
- {MAPPING_END, NULL}
-};
-
-/*
- * Described in header.
- */
-hasher_t *hasher_create(hash_algorithm_t hash_algorithm)
-{
- switch (hash_algorithm)
- {
- case HASH_SHA1:
- {
- return (hasher_t*)sha1_hasher_create();
- }
- case HASH_MD5:
- {
- return (hasher_t*)md5_hasher_create();
- }
- default:
- return NULL;
- }
-}
diff --git a/Source/lib/crypto/hashers/hasher.h b/Source/lib/crypto/hashers/hasher.h
deleted file mode 100644
index 24683c01b..000000000
--- a/Source/lib/crypto/hashers/hasher.h
+++ /dev/null
@@ -1,147 +0,0 @@
-/**
- * @file hasher.h
- *
- * @brief Interface hasher_t.
- *
- */
-
-/*
- * Copyright (C) 2005 Jan Hutter, Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#ifndef HASHER_H_
-#define HASHER_H_
-
-
-#include <types.h>
-
-
-typedef enum hash_algorithm_t hash_algorithm_t;
-
-/**
- * @brief Algorithms to use for hashing.
- *
- * Currently only the following algorithms are implemented and therefore supported:
- * - HASH_MD5
- * - HASH_SHA1
- *
- * @ingroup hashers
- *
- */
-enum hash_algorithm_t {
- HASH_MD2,
- /**
- * Implemented in class md5_hasher_t.
- */
- HASH_MD5,
- /**
- * Implemented in class sha1_hasher_t.
- */
- HASH_SHA1,
- HASH_SHA256,
- HASH_SHA384,
- HASH_SHA512,
-};
-
-/**
- * String mappings for hash_algorithm_t.
- */
-extern mapping_t hash_algorithm_m[];
-
-
-typedef struct hasher_t hasher_t;
-
-/**
- * @brief Generic interface for all hash functions.
- *
- * @b Constructors:
- * - hasher_create()
- * - md5_hasher_create()
- * - sha1_hasher_create()
- *
- * @see
- * - md5_hasher_t
- * - sha1_hasher_t
- *
- * @todo Implement more hash algorithms
- *
- * @ingroup hashers
- */
-struct hasher_t {
- /**
- * @brief Hash data and write it in the buffer.
- *
- * If the parameter hash is NULL, no result is written back
- * an more data can be appended to already hashed data.
- * If not, the result is written back and the hasher is reseted.
- *
- * @warning: the hash output parameter must hold at least
- * hash_t.get_block_size bytes.
- *
- * @param this calling object
- * @param data data to hash
- * @param[out] hash pointer where the hash will be written
- */
- void (*get_hash) (hasher_t *this, chunk_t data, u_int8_t *hash);
-
- /**
- * @brief Hash data and allocate space for the hash.
- *
- * If the parameter hash is NULL, no result is written back
- * an more data can be appended to already hashed data.
- * If not, the result is written back and the hasher is reseted.
- *
- * @param this calling object
- * @param data chunk with data to hash
- * @param[out] hash chunk which will hold allocated hash
- */
- void (*allocate_hash) (hasher_t *this, chunk_t data, chunk_t *hash);
-
- /**
- * @brief Get the size of the resulting hash.
- *
- * @param this calling object
- * @return hash size in bytes
- */
- size_t (*get_hash_size) (hasher_t *this);
-
- /**
- * @brief Resets the hashers state, which allows
- * computation of a completely new hash.
- *
- * @param this calling object
- */
- void (*reset) (hasher_t *this);
-
- /**
- * @brief Destroys a hasher object.
- *
- * @param this calling object
- */
- void (*destroy) (hasher_t *this);
-};
-
-/**
- * @brief Generic interface to create a hasher_t.
- *
- * @param hash_algorithm Algorithm to use for hashing
- * @return
- * - hasher_t object
- * - NULL if algorithm not supported
- *
- * @ingroup hashers
- */
-hasher_t *hasher_create(hash_algorithm_t hash_algorithm);
-
-#endif /*HASHER_H_*/
diff --git a/Source/lib/crypto/hashers/md5_hasher.c b/Source/lib/crypto/hashers/md5_hasher.c
deleted file mode 100644
index bd3ab0c62..000000000
--- a/Source/lib/crypto/hashers/md5_hasher.c
+++ /dev/null
@@ -1,394 +0,0 @@
-/**
- * @file md5_hasher.c
- *
- * @brief Implementation of md5_hasher_t.
- *
- */
-
-/*
- * Copyright (C) 2005 Jan Hutter, Martin Willi
- * Hochschule fuer Technik Rapperswil
- * Copyright (C) 1991-1992, RSA Data Security, Inc. Created 1991.
- * All rights reserved.
- *
- * Derived from the RSA Data Security, Inc. MD5 Message-Digest Algorithm.
- * Ported to fulfill hasher_t interface.
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include <string.h>
-
-#include "md5_hasher.h"
-
-#include <definitions.h>
-
-#define BLOCK_SIZE_MD5 16
-
-
-/* Constants for MD5Transform routine. */
-#define S11 7
-#define S12 12
-#define S13 17
-#define S14 22
-#define S21 5
-#define S22 9
-#define S23 14
-#define S24 20
-#define S31 4
-#define S32 11
-#define S33 16
-#define S34 23
-#define S41 6
-#define S42 10
-#define S43 15
-#define S44 21
-
-static u_int8_t PADDING[64] = {
- 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
-};
-
-/*
- * ugly macro stuff
- */
-/* F, G, H and I are basic MD5 functions.
- */
-#define F(x, y, z) (((x) & (y)) | ((~x) & (z)))
-#define G(x, y, z) (((x) & (z)) | ((y) & (~z)))
-#define H(x, y, z) ((x) ^ (y) ^ (z))
-#define I(x, y, z) ((y) ^ ((x) | (~z)))
-
-/* ROTATE_LEFT rotates x left n bits.
- */
-#define ROTATE_LEFT(x, n) (((x) << (n)) | ((x) >> (32-(n))))
-
-/* FF, GG, HH, and II transformations for rounds 1, 2, 3, and 4.
-Rotation is separate from addition to prevent recomputation.
- */
-#define FF(a, b, c, d, x, s, ac) { \
- (a) += F ((b), (c), (d)) + (x) + (u_int32_t)(ac); \
- (a) = ROTATE_LEFT ((a), (s)); \
- (a) += (b); \
- }
-#define GG(a, b, c, d, x, s, ac) { \
- (a) += G ((b), (c), (d)) + (x) + (u_int32_t)(ac); \
- (a) = ROTATE_LEFT ((a), (s)); \
- (a) += (b); \
- }
-#define HH(a, b, c, d, x, s, ac) { \
- (a) += H ((b), (c), (d)) + (x) + (u_int32_t)(ac); \
- (a) = ROTATE_LEFT ((a), (s)); \
- (a) += (b); \
- }
-#define II(a, b, c, d, x, s, ac) { \
- (a) += I ((b), (c), (d)) + (x) + (u_int32_t)(ac); \
- (a) = ROTATE_LEFT ((a), (s)); \
- (a) += (b); \
- }
-
-
-
-typedef struct private_md5_hasher_t private_md5_hasher_t;
-
-/**
- * Private data structure with hasing context.
- */
-struct private_md5_hasher_t {
- /**
- * Public interface for this hasher.
- */
- md5_hasher_t public;
-
- /*
- * State of the hasher.
- */
- u_int32_t state[5];
- u_int32_t count[2];
- u_int8_t buffer[64];
-};
-
-
-#if BYTE_ORDER != LITTLE_ENDIAN
-
-/* Encodes input (u_int32_t) into output (u_int8_t). Assumes len is
- * a multiple of 4.
- */
-static void Encode (u_int8_t *output, u_int32_t *input, size_t *len)
-{
- size_t i, j;
-
- for (i = 0, j = 0; j < len; i++, j += 4)
- {
- output[j] = (u_int8_t)(input[i] & 0xff);
- output[j+1] = (u_int8_t)((input[i] >> 8) & 0xff);
- output[j+2] = (u_int8_t)((input[i] >> 16) & 0xff);
- output[j+3] = (u_int8_t)((input[i] >> 24) & 0xff);
- }
-}
-
-/* Decodes input (u_int8_t) into output (u_int32_t). Assumes len is
- * a multiple of 4.
- */
-static void Decode(u_int32_t *output, u_int8_t *input, size_t len)
-{
- size_t i, j;
-
- for (i = 0, j = 0; j < len; i++, j += 4)
- {
- output[i] = ((u_int32_t)input[j]) | (((u_int32_t)input[j+1]) << 8) |
- (((u_int32_t)input[j+2]) << 16) | (((u_int32_t)input[j+3]) << 24);
- }
-}
-
-#elif BYTE_ORDER == LITTLE_ENDIAN
- #define Encode memcpy
- #define Decode memcpy
-#endif
-
-/* MD5 basic transformation. Transforms state based on block.
- */
-static void MD5Transform(u_int32_t state[4], u_int8_t block[64])
-{
- u_int32_t a = state[0], b = state[1], c = state[2], d = state[3], x[16];
-
- Decode(x, block, 64);
-
- /* Round 1 */
- FF (a, b, c, d, x[ 0], S11, 0xd76aa478); /* 1 */
- FF (d, a, b, c, x[ 1], S12, 0xe8c7b756); /* 2 */
- FF (c, d, a, b, x[ 2], S13, 0x242070db); /* 3 */
- FF (b, c, d, a, x[ 3], S14, 0xc1bdceee); /* 4 */
- FF (a, b, c, d, x[ 4], S11, 0xf57c0faf); /* 5 */
- FF (d, a, b, c, x[ 5], S12, 0x4787c62a); /* 6 */
- FF (c, d, a, b, x[ 6], S13, 0xa8304613); /* 7 */
- FF (b, c, d, a, x[ 7], S14, 0xfd469501); /* 8 */
- FF (a, b, c, d, x[ 8], S11, 0x698098d8); /* 9 */
- FF (d, a, b, c, x[ 9], S12, 0x8b44f7af); /* 10 */
- FF (c, d, a, b, x[10], S13, 0xffff5bb1); /* 11 */
- FF (b, c, d, a, x[11], S14, 0x895cd7be); /* 12 */
- FF (a, b, c, d, x[12], S11, 0x6b901122); /* 13 */
- FF (d, a, b, c, x[13], S12, 0xfd987193); /* 14 */
- FF (c, d, a, b, x[14], S13, 0xa679438e); /* 15 */
- FF (b, c, d, a, x[15], S14, 0x49b40821); /* 16 */
-
- /* Round 2 */
- GG (a, b, c, d, x[ 1], S21, 0xf61e2562); /* 17 */
- GG (d, a, b, c, x[ 6], S22, 0xc040b340); /* 18 */
- GG (c, d, a, b, x[11], S23, 0x265e5a51); /* 19 */
- GG (b, c, d, a, x[ 0], S24, 0xe9b6c7aa); /* 20 */
- GG (a, b, c, d, x[ 5], S21, 0xd62f105d); /* 21 */
- GG (d, a, b, c, x[10], S22, 0x2441453); /* 22 */
- GG (c, d, a, b, x[15], S23, 0xd8a1e681); /* 23 */
- GG (b, c, d, a, x[ 4], S24, 0xe7d3fbc8); /* 24 */
- GG (a, b, c, d, x[ 9], S21, 0x21e1cde6); /* 25 */
- GG (d, a, b, c, x[14], S22, 0xc33707d6); /* 26 */
- GG (c, d, a, b, x[ 3], S23, 0xf4d50d87); /* 27 */
- GG (b, c, d, a, x[ 8], S24, 0x455a14ed); /* 28 */
- GG (a, b, c, d, x[13], S21, 0xa9e3e905); /* 29 */
- GG (d, a, b, c, x[ 2], S22, 0xfcefa3f8); /* 30 */
- GG (c, d, a, b, x[ 7], S23, 0x676f02d9); /* 31 */
- GG (b, c, d, a, x[12], S24, 0x8d2a4c8a); /* 32 */
-
- /* Round 3 */
- HH (a, b, c, d, x[ 5], S31, 0xfffa3942); /* 33 */
- HH (d, a, b, c, x[ 8], S32, 0x8771f681); /* 34 */
- HH (c, d, a, b, x[11], S33, 0x6d9d6122); /* 35 */
- HH (b, c, d, a, x[14], S34, 0xfde5380c); /* 36 */
- HH (a, b, c, d, x[ 1], S31, 0xa4beea44); /* 37 */
- HH (d, a, b, c, x[ 4], S32, 0x4bdecfa9); /* 38 */
- HH (c, d, a, b, x[ 7], S33, 0xf6bb4b60); /* 39 */
- HH (b, c, d, a, x[10], S34, 0xbebfbc70); /* 40 */
- HH (a, b, c, d, x[13], S31, 0x289b7ec6); /* 41 */
- HH (d, a, b, c, x[ 0], S32, 0xeaa127fa); /* 42 */
- HH (c, d, a, b, x[ 3], S33, 0xd4ef3085); /* 43 */
- HH (b, c, d, a, x[ 6], S34, 0x4881d05); /* 44 */
- HH (a, b, c, d, x[ 9], S31, 0xd9d4d039); /* 45 */
- HH (d, a, b, c, x[12], S32, 0xe6db99e5); /* 46 */
- HH (c, d, a, b, x[15], S33, 0x1fa27cf8); /* 47 */
- HH (b, c, d, a, x[ 2], S34, 0xc4ac5665); /* 48 */
-
- /* Round 4 */
- II (a, b, c, d, x[ 0], S41, 0xf4292244); /* 49 */
- II (d, a, b, c, x[ 7], S42, 0x432aff97); /* 50 */
- II (c, d, a, b, x[14], S43, 0xab9423a7); /* 51 */
- II (b, c, d, a, x[ 5], S44, 0xfc93a039); /* 52 */
- II (a, b, c, d, x[12], S41, 0x655b59c3); /* 53 */
- II (d, a, b, c, x[ 3], S42, 0x8f0ccc92); /* 54 */
- II (c, d, a, b, x[10], S43, 0xffeff47d); /* 55 */
- II (b, c, d, a, x[ 1], S44, 0x85845dd1); /* 56 */
- II (a, b, c, d, x[ 8], S41, 0x6fa87e4f); /* 57 */
- II (d, a, b, c, x[15], S42, 0xfe2ce6e0); /* 58 */
- II (c, d, a, b, x[ 6], S43, 0xa3014314); /* 59 */
- II (b, c, d, a, x[13], S44, 0x4e0811a1); /* 60 */
- II (a, b, c, d, x[ 4], S41, 0xf7537e82); /* 61 */
- II (d, a, b, c, x[11], S42, 0xbd3af235); /* 62 */
- II (c, d, a, b, x[ 2], S43, 0x2ad7d2bb); /* 63 */
- II (b, c, d, a, x[ 9], S44, 0xeb86d391); /* 64 */
-
- state[0] += a;
- state[1] += b;
- state[2] += c;
- state[3] += d;
-}
-
-/* MD5 block update operation. Continues an MD5 message-digest
- * operation, processing another message block, and updating the
- * context.
- */
-static void MD5Update(private_md5_hasher_t *this, u_int8_t *input, size_t inputLen)
-{
- u_int32_t i;
- size_t index, partLen;
-
- /* Compute number of bytes mod 64 */
- index = (u_int8_t)((this->count[0] >> 3) & 0x3F);
-
- /* Update number of bits */
- if ((this->count[0] += (inputLen << 3)) < (inputLen << 3))
- {
- this->count[1]++;
- }
- this->count[1] += (inputLen >> 29);
-
- partLen = 64 - index;
-
- /* Transform as many times as possible. */
- if (inputLen >= partLen)
- {
- memcpy(&this->buffer[index], input, partLen);
- MD5Transform (this->state, this->buffer);
-
- for (i = partLen; i + 63 < inputLen; i += 64)
- {
- MD5Transform (this->state, &input[i]);
- }
- index = 0;
- }
- else
- {
- i = 0;
- }
-
- /* Buffer remaining input */
- memcpy(&this->buffer[index], &input[i], inputLen-i);
-}
-
-/* MD5 finalization. Ends an MD5 message-digest operation, writing the
- * the message digest and zeroizing the context.
- */
-static void MD5Final (private_md5_hasher_t *this, u_int8_t digest[16])
-{
- u_int8_t bits[8];
- size_t index, padLen;
-
- /* Save number of bits */
- Encode (bits, this->count, 8);
-
- /* Pad out to 56 mod 64. */
- index = (size_t)((this->count[0] >> 3) & 0x3f);
- padLen = (index < 56) ? (56 - index) : (120 - index);
- MD5Update (this, PADDING, padLen);
-
- /* Append length (before padding) */
- MD5Update (this, bits, 8);
-
- if (digest != NULL) /* Bill Simpson's padding */
- {
- /* store state in digest */
- Encode (digest, this->state, 16);
- }
-}
-
-
-
-/**
- * Implementation of hasher_t.get_hash.
- */
-static void get_hash(private_md5_hasher_t *this, chunk_t chunk, u_int8_t *buffer)
-{
- MD5Update(this, chunk.ptr, chunk.len);
- if (buffer != NULL)
- {
- MD5Final(this, buffer);
- this->public.hasher_interface.reset(&(this->public.hasher_interface));
- }
-}
-
-
-/**
- * Implementation of hasher_t.allocate_hash.
- */
-static void allocate_hash(private_md5_hasher_t *this, chunk_t chunk, chunk_t *hash)
-{
- chunk_t allocated_hash;
-
- MD5Update(this, chunk.ptr, chunk.len);
- if (hash != NULL)
- {
- allocated_hash.ptr = malloc(BLOCK_SIZE_MD5);
- allocated_hash.len = BLOCK_SIZE_MD5;
-
- MD5Final(this, allocated_hash.ptr);
- this->public.hasher_interface.reset(&(this->public.hasher_interface));
-
- *hash = allocated_hash;
- }
-}
-
-/**
- * Implementation of hasher_t.get_hash_size.
- */
-static size_t get_hash_size(private_md5_hasher_t *this)
-{
- return BLOCK_SIZE_MD5;
-}
-
-/**
- * Implementation of hasher_t.reset.
- */
-static void reset(private_md5_hasher_t *this)
-{
- this->state[0] = 0x67452301;
- this->state[1] = 0xefcdab89;
- this->state[2] = 0x98badcfe;
- this->state[3] = 0x10325476;
- this->count[0] = 0;
- this->count[1] = 0;
-}
-
-/**
- * Implementation of hasher_t.destroy.
- */
-static void destroy(private_md5_hasher_t *this)
-{
- free(this);
-}
-
-/*
- * Described in header.
- */
-md5_hasher_t *md5_hasher_create()
-{
- private_md5_hasher_t *this = malloc_thing(private_md5_hasher_t);
-
- this->public.hasher_interface.get_hash = (void (*) (hasher_t*, chunk_t, u_int8_t*))get_hash;
- this->public.hasher_interface.allocate_hash = (void (*) (hasher_t*, chunk_t, chunk_t*))allocate_hash;
- this->public.hasher_interface.get_hash_size = (size_t (*) (hasher_t*))get_hash_size;
- this->public.hasher_interface.reset = (void (*) (hasher_t*))reset;
- this->public.hasher_interface.destroy = (void (*) (hasher_t*))destroy;
-
- /* initialize */
- this->public.hasher_interface.reset(&(this->public.hasher_interface));
-
- return &(this->public);
-}
diff --git a/Source/lib/crypto/hashers/md5_hasher.h b/Source/lib/crypto/hashers/md5_hasher.h
deleted file mode 100644
index 1e6d95d19..000000000
--- a/Source/lib/crypto/hashers/md5_hasher.h
+++ /dev/null
@@ -1,60 +0,0 @@
-/**
- * @file md5_hasher.h
- *
- * @brief Interface for md5_hasher_t.
- *
- */
-
-/*
- * Copyright (C) 2005 Jan Hutter, Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#ifndef MD5_HASHER_H_
-#define MD5_HASHER_H_
-
-#include <crypto/hashers/hasher.h>
-
-
-typedef struct md5_hasher_t md5_hasher_t;
-
-/**
- * @brief Implementation of hasher_t interface using the
- * MD5 algorithm.
- *
- * @b Constructors:
- * - hasher_create() using HASH_MD5 as algorithm
- * - md5_hasher_create()
- *
- * @see hasher_t
- *
- * @ingroup hashers
- */
-struct md5_hasher_t {
-
- /**
- * Generic hasher_t interface for this hasher.
- */
- hasher_t hasher_interface;
-};
-
-/**
- * @brief Creates a new md5_hasher_t.
- *
- * @return md5_hasher_t object
- *
- * @ingroup hashers
- */
-md5_hasher_t *md5_hasher_create();
-
-#endif /*MD5_HASHER_H_*/
diff --git a/Source/lib/crypto/hashers/sha1_hasher.c b/Source/lib/crypto/hashers/sha1_hasher.c
deleted file mode 100644
index 2b82ef4ba..000000000
--- a/Source/lib/crypto/hashers/sha1_hasher.c
+++ /dev/null
@@ -1,269 +0,0 @@
-/**
- * @file sha1_hasher.c
- *
- * @brief Implementation of hasher_sha_t.
- *
- */
-
-/*
- * Copyright (C) 2005 Jan Hutter, Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * Ported from Steve Reid's <steve@edmweb.com> implementation
- * "SHA1 in C" found in strongSwan.
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include <string.h>
-
-#include "sha1_hasher.h"
-
-#include <definitions.h>
-
-#define BLOCK_SIZE_SHA1 20
-
-/*
- * ugly macro stuff
- */
-#define rol(value, bits) (((value) << (bits)) | ((value) >> (32 - (bits))))
-
-#if BYTE_ORDER == LITTLE_ENDIAN
- #define blk0(i) (block->l[i] = (rol(block->l[i],24)&0xFF00FF00) |(rol(block->l[i],8)&0x00FF00FF))
-#elif BYTE_ORDER == BIG_ENDIAN
- #define blk0(i) block->l[i]
-#else
- #error "Endianness not defined!"
-#endif
-#define blk(i) (block->l[i&15] = rol(block->l[(i+13)&15]^block->l[(i+8)&15] ^block->l[(i+2)&15]^block->l[i&15],1))
-
-/* (R0+R1), R2, R3, R4 are the different operations used in SHA1 */
-#define R0(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk0(i)+0x5A827999+rol(v,5);w=rol(w,30);
-#define R1(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk(i)+0x5A827999+rol(v,5);w=rol(w,30);
-#define R2(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0x6ED9EBA1+rol(v,5);w=rol(w,30);
-#define R3(v,w,x,y,z,i) z+=(((w|x)&y)|(w&x))+blk(i)+0x8F1BBCDC+rol(v,5);w=rol(w,30);
-#define R4(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0xCA62C1D6+rol(v,5);w=rol(w,30);
-
-
-typedef struct private_sha1_hasher_t private_sha1_hasher_t;
-
-/**
- * Private data structure with hasing context.
- */
-struct private_sha1_hasher_t {
- /**
- * Public interface for this hasher.
- */
- sha1_hasher_t public;
-
- /*
- * State of the hasher.
- */
- u_int32_t state[5];
- u_int32_t count[2];
- u_int8_t buffer[64];
-};
-
-/*
- * Hash a single 512-bit block. This is the core of the algorithm. *
- */
-static void SHA1Transform(u_int32_t state[5], const unsigned char buffer[64])
-{
- u_int32_t a, b, c, d, e;
- typedef union {
- u_int8_t c[64];
- u_int32_t l[16];
- } CHAR64LONG16;
- CHAR64LONG16 block[1]; /* use array to appear as a pointer */
- memcpy(block, buffer, 64);
-
- /* Copy context->state[] to working vars */
- a = state[0];
- b = state[1];
- c = state[2];
- d = state[3];
- e = state[4];
- /* 4 rounds of 20 operations each. Loop unrolled. */
- R0(a,b,c,d,e, 0); R0(e,a,b,c,d, 1); R0(d,e,a,b,c, 2); R0(c,d,e,a,b, 3);
- R0(b,c,d,e,a, 4); R0(a,b,c,d,e, 5); R0(e,a,b,c,d, 6); R0(d,e,a,b,c, 7);
- R0(c,d,e,a,b, 8); R0(b,c,d,e,a, 9); R0(a,b,c,d,e,10); R0(e,a,b,c,d,11);
- R0(d,e,a,b,c,12); R0(c,d,e,a,b,13); R0(b,c,d,e,a,14); R0(a,b,c,d,e,15);
- R1(e,a,b,c,d,16); R1(d,e,a,b,c,17); R1(c,d,e,a,b,18); R1(b,c,d,e,a,19);
- R2(a,b,c,d,e,20); R2(e,a,b,c,d,21); R2(d,e,a,b,c,22); R2(c,d,e,a,b,23);
- R2(b,c,d,e,a,24); R2(a,b,c,d,e,25); R2(e,a,b,c,d,26); R2(d,e,a,b,c,27);
- R2(c,d,e,a,b,28); R2(b,c,d,e,a,29); R2(a,b,c,d,e,30); R2(e,a,b,c,d,31);
- R2(d,e,a,b,c,32); R2(c,d,e,a,b,33); R2(b,c,d,e,a,34); R2(a,b,c,d,e,35);
- R2(e,a,b,c,d,36); R2(d,e,a,b,c,37); R2(c,d,e,a,b,38); R2(b,c,d,e,a,39);
- R3(a,b,c,d,e,40); R3(e,a,b,c,d,41); R3(d,e,a,b,c,42); R3(c,d,e,a,b,43);
- R3(b,c,d,e,a,44); R3(a,b,c,d,e,45); R3(e,a,b,c,d,46); R3(d,e,a,b,c,47);
- R3(c,d,e,a,b,48); R3(b,c,d,e,a,49); R3(a,b,c,d,e,50); R3(e,a,b,c,d,51);
- R3(d,e,a,b,c,52); R3(c,d,e,a,b,53); R3(b,c,d,e,a,54); R3(a,b,c,d,e,55);
- R3(e,a,b,c,d,56); R3(d,e,a,b,c,57); R3(c,d,e,a,b,58); R3(b,c,d,e,a,59);
- R4(a,b,c,d,e,60); R4(e,a,b,c,d,61); R4(d,e,a,b,c,62); R4(c,d,e,a,b,63);
- R4(b,c,d,e,a,64); R4(a,b,c,d,e,65); R4(e,a,b,c,d,66); R4(d,e,a,b,c,67);
- R4(c,d,e,a,b,68); R4(b,c,d,e,a,69); R4(a,b,c,d,e,70); R4(e,a,b,c,d,71);
- R4(d,e,a,b,c,72); R4(c,d,e,a,b,73); R4(b,c,d,e,a,74); R4(a,b,c,d,e,75);
- R4(e,a,b,c,d,76); R4(d,e,a,b,c,77); R4(c,d,e,a,b,78); R4(b,c,d,e,a,79);
- /* Add the working vars back into context.state[] */
- state[0] += a;
- state[1] += b;
- state[2] += c;
- state[3] += d;
- state[4] += e;
- /* Wipe variables */
- a = b = c = d = e = 0;
- memset(block, '\0', sizeof(block));
-}
-
-/*
- * Run your data through this.
- */
-static void SHA1Update(private_sha1_hasher_t* this, u_int8_t *data, u_int32_t len)
-{
- u_int32_t i;
- u_int32_t j;
-
- j = this->count[0];
- if ((this->count[0] += len << 3) < j)
- {
- this->count[1]++;
- }
- this->count[1] += (len>>29);
- j = (j >> 3) & 63;
- if ((j + len) > 63)
- {
- memcpy(&this->buffer[j], data, (i = 64-j));
- SHA1Transform(this->state, this->buffer);
- for ( ; i + 63 < len; i += 64)
- {
- SHA1Transform(this->state, &data[i]);
- }
- j = 0;
- }
- else
- {
- i = 0;
- }
- memcpy(&this->buffer[j], &data[i], len - i);
-}
-
-
-/*
- * Add padding and return the message digest.
- */
-static void SHA1Final(private_sha1_hasher_t *this, u_int8_t *digest)
-{
- u_int32_t i;
- u_int8_t finalcount[8];
- u_int8_t c;
-
- for (i = 0; i < 8; i++)
- {
- finalcount[i] = (u_int8_t)((this->count[(i >= 4 ? 0 : 1)]
- >> ((3-(i & 3)) * 8) ) & 255); /* Endian independent */
- }
- c = 0200;
- SHA1Update(this, &c, 1);
- while ((this->count[0] & 504) != 448)
- {
- c = 0000;
- SHA1Update(this, &c, 1);
- }
- SHA1Update(this, finalcount, 8); /* Should cause a SHA1Transform() */
- for (i = 0; i < 20; i++)
- {
- digest[i] = (u_int8_t)((this->state[i>>2] >> ((3-(i & 3)) * 8) ) & 255);
- }
-}
-
-
-/**
- * Implementation of hasher_t.get_hash.
- */
-static void get_hash(private_sha1_hasher_t *this, chunk_t chunk, u_int8_t *buffer)
-{
- SHA1Update(this, chunk.ptr, chunk.len);
- if (buffer != NULL)
- {
- SHA1Final(this, buffer);
- this->public.hasher_interface.reset(&(this->public.hasher_interface));
- }
-}
-
-
-/**
- * Implementation of hasher_t.allocate_hash.
- */
-static void allocate_hash(private_sha1_hasher_t *this, chunk_t chunk, chunk_t *hash)
-{
- chunk_t allocated_hash;
-
- SHA1Update(this, chunk.ptr, chunk.len);
- if (hash != NULL)
- {
- allocated_hash.ptr = malloc(BLOCK_SIZE_SHA1);
- allocated_hash.len = BLOCK_SIZE_SHA1;
-
- SHA1Final(this, allocated_hash.ptr);
- this->public.hasher_interface.reset(&(this->public.hasher_interface));
-
- *hash = allocated_hash;
- }
-}
-
-/**
- * Implementation of hasher_t.get_hash_size.
- */
-static size_t get_hash_size(private_sha1_hasher_t *this)
-{
- return BLOCK_SIZE_SHA1;
-}
-
-/**
- * Implementation of hasher_t.reset.
- */
-static void reset(private_sha1_hasher_t *this)
-{
- this->state[0] = 0x67452301;
- this->state[1] = 0xEFCDAB89;
- this->state[2] = 0x98BADCFE;
- this->state[3] = 0x10325476;
- this->state[4] = 0xC3D2E1F0;
- this->count[0] = 0;
- this->count[1] = 0;
-}
-/**
- * Implementation of hasher_t.destroy.
- */
-static void destroy(private_sha1_hasher_t *this)
-{
- free(this);
-}
-
-
-/*
- * Described in header.
- */
-sha1_hasher_t *sha1_hasher_create()
-{
- private_sha1_hasher_t *this = malloc_thing(private_sha1_hasher_t);
-
- this->public.hasher_interface.get_hash = (void (*) (hasher_t*, chunk_t, u_int8_t*))get_hash;
- this->public.hasher_interface.allocate_hash = (void (*) (hasher_t*, chunk_t, chunk_t*))allocate_hash;
- this->public.hasher_interface.get_hash_size = (size_t (*) (hasher_t*))get_hash_size;
- this->public.hasher_interface.reset = (void (*) (hasher_t*))reset;
- this->public.hasher_interface.destroy = (void (*) (hasher_t*))destroy;
-
- /* initialize */
- this->public.hasher_interface.reset(&(this->public.hasher_interface));
-
- return &(this->public);
-}
diff --git a/Source/lib/crypto/hashers/sha1_hasher.h b/Source/lib/crypto/hashers/sha1_hasher.h
deleted file mode 100644
index 5124ea1a8..000000000
--- a/Source/lib/crypto/hashers/sha1_hasher.h
+++ /dev/null
@@ -1,60 +0,0 @@
-/**
- * @file sha1_hasher.h
- *
- * @brief Interface of sha1_hasher_t
- *
- */
-
-/*
- * Copyright (C) 2005 Jan Hutter, Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#ifndef SHA1_HASHER_H_
-#define SHA1_HASHER_H_
-
-#include <crypto/hashers/hasher.h>
-
-
-typedef struct sha1_hasher_t sha1_hasher_t;
-
-/**
- * @brief Implementation of hasher_t interface using the
- * SHA1 algorithm.
- *
- * @b Constructors:
- * - hasher_create() using HASH_SHA1 as algorithm
- * - sha1_hasher_create()
- *
- * @see hasher_t
- *
- * @ingroup hashers
- */
-struct sha1_hasher_t {
-
- /**
- * Generic hasher_t interface for this hasher.
- */
- hasher_t hasher_interface;
-};
-
-/**
- * @brief Creates a new sha1_hasher_t.
- *
- * @return sha1_hasher_t object
- *
- * @ingroup hashers
- */
-sha1_hasher_t *sha1_hasher_create();
-
-#endif /*SHA1_HASHER_H_*/
diff --git a/Source/lib/crypto/hmac.c b/Source/lib/crypto/hmac.c
deleted file mode 100644
index bb8880770..000000000
--- a/Source/lib/crypto/hmac.c
+++ /dev/null
@@ -1,209 +0,0 @@
-/**
- * @file hmac.c
- *
- * @brief Implementation of hmac_t.
- */
-
-/*
- * Copyright (C) 2005 Jan Hutter, Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General hmac License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General hmac License
- * for more details.
- */
-
-#include <string.h>
-
-#include "hmac.h"
-
-
-typedef struct private_hmac_t private_hmac_t;
-
-/**
- * Private data of a hmac_t object.
- *
- * The variable names are the same as in the RFC.
- */
-struct private_hmac_t {
- /**
- * Public hmac_t interface.
- */
- hmac_t hmac;
-
- /**
- * Block size, as in RFC.
- */
- u_int8_t b;
-
- /**
- * Hash function.
- */
- hasher_t *h;
-
- /**
- * Previously xor'ed key using opad.
- */
- chunk_t opaded_key;
-
- /**
- * Previously xor'ed key using ipad.
- */
- chunk_t ipaded_key;
-};
-
-/**
- * Implementation of hmac_t.get_mac.
- */
-static void get_mac(private_hmac_t *this, chunk_t data, u_int8_t *out)
-{
- /* H(K XOR opad, H(K XOR ipad, text))
- *
- * if out is NULL, we append text to the inner hash.
- * else, we complete the inner and do the outer.
- *
- */
-
- u_int8_t buffer[this->h->get_hash_size(this->h)];
- chunk_t inner;
-
- if (out == NULL)
- {
- /* append data to inner */
- this->h->get_hash(this->h, data, NULL);
- }
- else
- {
- /* append and do outer hash */
- inner.ptr = buffer;
- inner.len = this->h->get_hash_size(this->h);
-
- /* complete inner */
- this->h->get_hash(this->h, data, buffer);
-
- /* do outer */
- this->h->get_hash(this->h, this->opaded_key, NULL);
- this->h->get_hash(this->h, inner, out);
-
- /* reinit for next call */
- this->h->get_hash(this->h, this->ipaded_key, NULL);
- }
-}
-
-/**
- * Implementation of hmac_t.allocate_mac.
- */
-static void allocate_mac(private_hmac_t *this, chunk_t data, chunk_t *out)
-{
- /* allocate space and use get_mac */
- if (out == NULL)
- {
- /* append mode */
- this->hmac.get_mac(&(this->hmac), data, NULL);
- }
- else
- {
- out->len = this->h->get_hash_size(this->h);
- out->ptr = malloc(out->len);
- this->hmac.get_mac(&(this->hmac), data, out->ptr);
- }
-}
-
-/**
- * Implementation of hmac_t.get_block_size.
- */
-static size_t get_block_size(private_hmac_t *this)
-{
- return this->h->get_hash_size(this->h);
-}
-
-/**
- * Implementation of hmac_t.set_key.
- */
-static void set_key(private_hmac_t *this, chunk_t key)
-{
- int i;
- u_int8_t buffer[this->b];
-
- memset(buffer, 0, this->b);
-
- if (key.len > this->b)
- {
- /* if key is too long, it will be hashed */
- this->h->get_hash(this->h, key, buffer);
- }
- else
- {
- /* if not, just copy it in our pre-padded k */
- memcpy(buffer, key.ptr, key.len);
- }
-
- /* apply ipad and opad to key */
- for (i = 0; i < this->b; i++)
- {
- this->ipaded_key.ptr[i] = buffer[i] ^ 0x36;
- this->opaded_key.ptr[i] = buffer[i] ^ 0x5C;
- }
-
- /* begin hashing of inner pad */
- this->h->reset(this->h);
- this->h->get_hash(this->h, this->ipaded_key, NULL);
-}
-
-/**
- * Implementation of hmac_t.destroy.
- */
-static void destroy(private_hmac_t *this)
-{
- this->h->destroy(this->h);
- free(this->opaded_key.ptr);
- free(this->ipaded_key.ptr);
- free(this);
-}
-
-/*
- * Described in header
- */
-hmac_t *hmac_create(hash_algorithm_t hash_algorithm)
-{
- private_hmac_t *this;
-
- this = malloc_thing(private_hmac_t);
-
- /* set hmac_t methods */
- this->hmac.get_mac = (void (*)(hmac_t *,chunk_t,u_int8_t*))get_mac;
- this->hmac.allocate_mac = (void (*)(hmac_t *,chunk_t,chunk_t*))allocate_mac;
- this->hmac.get_block_size = (size_t (*)(hmac_t *))get_block_size;
- this->hmac.set_key = (void (*)(hmac_t *,chunk_t))set_key;
- this->hmac.destroy = (void (*)(hmac_t *))destroy;
-
- /* set b, according to hasher */
- switch (hash_algorithm)
- {
- case HASH_SHA1:
- case HASH_MD5:
- this->b = 64;
- break;
- default:
- free(this);
- return NULL;
- }
-
- /* build the hasher */
- this->h = hasher_create(hash_algorithm);
-
- /* build ipad and opad */
- this->opaded_key.ptr = malloc(this->b);
- this->opaded_key.len = this->b;
-
- this->ipaded_key.ptr = malloc(this->b);
- this->ipaded_key.len = this->b;
-
- return &(this->hmac);
-}
diff --git a/Source/lib/crypto/hmac.h b/Source/lib/crypto/hmac.h
deleted file mode 100644
index 8945fc1fc..000000000
--- a/Source/lib/crypto/hmac.h
+++ /dev/null
@@ -1,118 +0,0 @@
-/**
- * @file hmac.h
- *
- * @brief Interface of hmac_t.
- */
-
-/*
- * Copyright (C) 2005 Jan Hutter, Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#ifndef HMAC_H_
-#define HMAC_H_
-
-#include <crypto/hashers/hasher.h>
-#include <definitions.h>
-
-
-typedef struct hmac_t hmac_t;
-
-/**
- * @brief Message authentication using hash functions.
- *
- * This class implements the message authenticaion algorithm
- * described in RFC2104. It uses a hash function, wich must
- * be implemented as a hasher_t class.
- *
- * See http://www.faqs.org/rfcs/rfc2104.html for RFC.
- * @see
- * - hasher_t
- * - prf_hmac_t
- *
- * @b Constructors:
- * - hmac_create()
- *
- * @ingroup transforms
- */
-struct hmac_t {
- /**
- * @brief Generate message authentication code.
- *
- * If buffer is NULL, no result is given back. A next call will
- * append the data to already supplied data. If buffer is not NULL,
- * the mac of all apended data is calculated, returned and the
- * state of the hmac_t is reseted.
- *
- * @param this calling object
- * @param data chunk of data to authenticate
- * @param[out] buffer pointer where the generated bytes will be written
- */
- void (*get_mac) (hmac_t *this, chunk_t data, u_int8_t *buffer);
-
- /**
- * @brief Generates message authentication code and
- * allocate space for them.
- *
- * If chunk is NULL, no result is given back. A next call will
- * append the data to already supplied. If chunk is not NULL,
- * the mac of all apended data is calculated, returned and the
- * state of the hmac_t reset;
- *
- * @param this calling object
- * @param data chunk of data to authenticate
- * @param[out] chunk chunk which will hold generated bytes
- */
- void (*allocate_mac) (hmac_t *this, chunk_t data, chunk_t *chunk);
-
- /**
- * @brief Get the block size of this hmac_t object.
- *
- * @param this calling object
- * @return block size in bytes
- */
- size_t (*get_block_size) (hmac_t *this);
-
- /**
- * @brief Set the key for this hmac_t object.
- *
- * Any key length is accepted.
- *
- * @param this calling object
- * @param key key to set
- */
- void (*set_key) (hmac_t *this, chunk_t key);
-
- /**
- * @brief Destroys a hmac_t object.
- *
- * @param this calling object
- */
- void (*destroy) (hmac_t *this);
-};
-
-/**
- * @brief Creates a new hmac_t object.
- *
- * Creates a hasher_t object internally.
- *
- * @param hash_algorithm hash algorithm to use
- * @return
- * - hmac_t object
- * - NULL if hash algorithm is not supported
- *
- * @ingroup transforms
- */
-hmac_t *hmac_create(hash_algorithm_t hash_algorithm);
-
-#endif /*HMAC_H_*/
diff --git a/Source/lib/crypto/prf_plus.c b/Source/lib/crypto/prf_plus.c
deleted file mode 100644
index d408d0517..000000000
--- a/Source/lib/crypto/prf_plus.c
+++ /dev/null
@@ -1,157 +0,0 @@
-/**
- * @file prf_plus.c
- *
- * @brief Implementation of prf_plus_t.
- *
- */
-
-/*
- * Copyright (C) 2005 Jan Hutter, Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include <string.h>
-
-#include "prf_plus.h"
-
-#include <definitions.h>
-
-typedef struct private_prf_plus_t private_prf_plus_t;
-
-/**
- * Private data of an prf_plus_t object.
- *
- */
-struct private_prf_plus_t {
- /**
- * Public interface of prf_plus_t.
- */
- prf_plus_t public;
-
- /**
- * PRF to use.
- */
- prf_t *prf;
-
- /**
- * Initial seed.
- */
- chunk_t seed;
-
- /**
- * Buffer to store current PRF result.
- */
- chunk_t buffer;
-
- /**
- * Already given out bytes in current buffer.
- */
- size_t given_out;
-
- /**
- * Octet which will be appended to the seed.
- */
- u_int8_t appending_octet;
-};
-
-/**
- * Implementation of prf_plus_t.get_bytes.
- */
-static void get_bytes(private_prf_plus_t *this, size_t length, u_int8_t *buffer)
-{
- chunk_t appending_chunk;
- size_t bytes_in_round;
- size_t total_bytes_written = 0;
-
- appending_chunk.ptr = &(this->appending_octet);
- appending_chunk.len = 1;
-
- while (length > 0)
- { /* still more to do... */
- if (this->buffer.len == this->given_out)
- { /* no bytes left in buffer, get next*/
- this->prf->get_bytes(this->prf, this->buffer, NULL);
- this->prf->get_bytes(this->prf, this->seed, NULL);
- this->prf->get_bytes(this->prf, appending_chunk, this->buffer.ptr);
- this->given_out = 0;
- this->appending_octet++;
- }
- /* how many bytes can we write in this round ? */
- bytes_in_round = min(length, this->buffer.len - this->given_out);
- /* copy bytes from buffer with offset */
- memcpy(buffer + total_bytes_written, this->buffer.ptr + this->given_out, bytes_in_round);
-
- length -= bytes_in_round;
- this->given_out += bytes_in_round;
- total_bytes_written += bytes_in_round;
- }
-}
-
-/**
- * Implementation of prf_plus_t.allocate_bytes.
- */
-static void allocate_bytes(private_prf_plus_t *this, size_t length, chunk_t *chunk)
-{
- chunk->ptr = malloc(length);
- chunk->len = length;
- this->public.get_bytes(&(this->public), length, chunk->ptr);
-}
-
-/**
- * Implementation of prf_plus_t.destroy.
- */
-static void destroy(private_prf_plus_t *this)
-{
- free(this->buffer.ptr);
- free(this->seed.ptr);
- free(this);
-}
-
-/*
- * Description in header.
- */
-prf_plus_t *prf_plus_create(prf_t *prf, chunk_t seed)
-{
- private_prf_plus_t *this;
- chunk_t appending_chunk;
-
- this = malloc_thing(private_prf_plus_t);
-
- /* set public methods */
- this->public.get_bytes = (void (*)(prf_plus_t *,size_t,u_int8_t*))get_bytes;
- this->public.allocate_bytes = (void (*)(prf_plus_t *,size_t,chunk_t*))allocate_bytes;
- this->public.destroy = (void (*)(prf_plus_t *))destroy;
-
- /* take over prf */
- this->prf = prf;
-
- /* allocate buffer for prf output */
- this->buffer.len = prf->get_block_size(prf);
- this->buffer.ptr = malloc(this->buffer.len);
-
- this->appending_octet = 0x01;
-
- /* clone seed */
- this->seed.ptr = clalloc(seed.ptr, seed.len);
- this->seed.len = seed.len;
-
- /* do the first run */
- appending_chunk.ptr = &(this->appending_octet);
- appending_chunk.len = 1;
- this->prf->get_bytes(this->prf, this->seed, NULL);
- this->prf->get_bytes(this->prf, appending_chunk, this->buffer.ptr);
- this->given_out = 0;
- this->appending_octet++;
-
- return &(this->public);
-}
diff --git a/Source/lib/crypto/prf_plus.h b/Source/lib/crypto/prf_plus.h
deleted file mode 100644
index bdcd01966..000000000
--- a/Source/lib/crypto/prf_plus.h
+++ /dev/null
@@ -1,93 +0,0 @@
-/**
- * @file prf_plus.h
- *
- * @brief Interface for prf_plus.h.
- *
- */
-
-/*
- * Copyright (C) 2005 Jan Hutter, Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#ifndef PRF_PLUS_H_
-#define PRF_PLUS_H_
-
-
-#include <crypto/prfs/prf.h>
-
-
-typedef struct prf_plus_t prf_plus_t;
-
-/**
- * @brief Implementation of the prf+ function described in IKEv2 RFC.
- *
- * This class implements the prf+ algorithm. Internally it uses a pseudo random
- * function, which implements the prf_t interface.
- *
- * See IKEv2 RFC 2.13.
- *
- * @b Constructors:
- * - prf_plus_create()
- *
- * @ingroup transforms
- */
-struct prf_plus_t {
- /**
- * @brief Get pseudo random bytes.
- *
- * Get the next few bytes of the prf+ output. Space
- * must be allocated by the caller.
- *
- * @param this calling object
- * @param length number of bytes to get
- * @param[out] buffer pointer where the generated bytes will be written
- */
- void (*get_bytes) (prf_plus_t *this, size_t length, u_int8_t *buffer);
-
- /**
- * @brief Allocate pseudo random bytes.
- *
- * Get the next few bytes of the prf+ output. This function
- * will allocate the required space.
- *
- * @param this calling object
- * @param length number of bytes to get
- * @param[out] chunk chunk which will hold generated bytes
- */
- void (*allocate_bytes) (prf_plus_t *this, size_t length, chunk_t *chunk);
-
- /**
- * @brief Destroys a prf_plus_t object.
- *
- * @param this calling object
- */
- void (*destroy) (prf_plus_t *this);
-};
-
-/**
- * @brief Creates a new prf_plus_t object.
- *
- * Seed will be cloned. prf will
- * not be cloned, must be destroyed outside after
- * prf_plus_t usage.
- *
- * @param prf prf object to use
- * @param seed input seed for prf
- * @return prf_plus_t object
- *
- * @ingroup transforms
- */
-prf_plus_t *prf_plus_create(prf_t *prf, chunk_t seed);
-
-#endif /*PRF_PLUS_H_*/
diff --git a/Source/lib/crypto/prfs/Makefile.prfs b/Source/lib/crypto/prfs/Makefile.prfs
deleted file mode 100644
index a98894346..000000000
--- a/Source/lib/crypto/prfs/Makefile.prfs
+++ /dev/null
@@ -1,23 +0,0 @@
-# Copyright (C) 2005 Jan Hutter, Martin Willi
-# Hochschule fuer Technik Rapperswil
-#
-# This program is free software; you can redistribute it and/or modify it
-# under the terms of the GNU General Public License as published by the
-# Free Software Foundation; either version 2 of the License, or (at your
-# option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-#
-# This program is distributed in the hope that it will be useful, but
-# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-# for more details.
-#
-
-PRFS_DIR= $(CRYPTO_DIR)prfs/
-
-LIB_OBJS+= $(BUILD_DIR)prf.o
-$(BUILD_DIR)prf.o : $(PRFS_DIR)prf.c $(PRFS_DIR)prf.h
- $(CC) $(CFLAGS) -c -o $@ $<
-
-LIB_OBJS+= $(BUILD_DIR)hmac_prf.o
-$(BUILD_DIR)hmac_prf.o : $(PRFS_DIR)hmac_prf.c $(PRFS_DIR)hmac_prf.h
- $(CC) $(CFLAGS) -c -o $@ $<
diff --git a/Source/lib/crypto/prfs/hmac_prf.c b/Source/lib/crypto/prfs/hmac_prf.c
deleted file mode 100644
index 2a7d34a3a..000000000
--- a/Source/lib/crypto/prfs/hmac_prf.c
+++ /dev/null
@@ -1,117 +0,0 @@
-/**
- * @file hmac_prf.c
- *
- * @brief Implementation for hmac_prf_t.
- *
- */
-
-/*
- * Copyright (C) 2005 Jan Hutter, Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include "hmac_prf.h"
-
-#include <crypto/hmac.h>
-
-
-typedef struct private_hmac_prf_t private_hmac_prf_t;
-
-/**
- * Private data of a hma_prf_t object.
- */
-struct private_hmac_prf_t {
- /**
- * Public hmac_prf_t interface.
- */
- hmac_prf_t public;
-
- /**
- * Hmac to use for generation.
- */
- hmac_t *hmac;
-};
-
-/**
- * Implementation of prf_t.get_bytes.
- */
-static void get_bytes(private_hmac_prf_t *this, chunk_t seed, u_int8_t *buffer)
-{
- this->hmac->get_mac(this->hmac, seed, buffer);
-}
-
-/**
- * Implementation of prf_t.allocate_bytes.
- */
-static void allocate_bytes(private_hmac_prf_t *this, chunk_t seed, chunk_t *chunk)
-{
- this->hmac->allocate_mac(this->hmac, seed, chunk);
-}
-
-/**
- * Implementation of prf_t.get_block_size.
- */
-static size_t get_block_size(private_hmac_prf_t *this)
-{
- return this->hmac->get_block_size(this->hmac);
-}
-
-/**
- * Implementation of prf_t.get_block_size.
- */
-static size_t get_key_size(private_hmac_prf_t *this)
-{
- /* for HMAC prfs, IKEv2 uses block size as key size */
- return this->hmac->get_block_size(this->hmac);
-}
-
-/**
- * Implementation of prf_t.set_key.
- */
-static void set_key(private_hmac_prf_t *this, chunk_t key)
-{
- this->hmac->set_key(this->hmac, key);
-}
-
-/**
- * Implementation of prf_t.destroy.
- */
-static void destroy(private_hmac_prf_t *this)
-{
- free(this);
- this->hmac->destroy(this->hmac);
-}
-
-/*
- * Described in header.
- */
-hmac_prf_t *hmac_prf_create(hash_algorithm_t hash_algorithm)
-{
- private_hmac_prf_t *this = malloc_thing(private_hmac_prf_t);
-
- this->public.prf_interface.get_bytes = (void (*) (prf_t *,chunk_t,u_int8_t*))get_bytes;
- this->public.prf_interface.allocate_bytes = (void (*) (prf_t*,chunk_t,chunk_t*))allocate_bytes;
- this->public.prf_interface.get_block_size = (size_t (*) (prf_t*))get_block_size;
- this->public.prf_interface.get_key_size = (size_t (*) (prf_t*))get_key_size;
- this->public.prf_interface.set_key = (void (*) (prf_t *,chunk_t))set_key;
- this->public.prf_interface.destroy = (void (*) (prf_t *))destroy;
-
- this->hmac = hmac_create(hash_algorithm);
- if (this->hmac == NULL)
- {
- free(this);
- return NULL;
- }
-
- return &(this->public);
-}
diff --git a/Source/lib/crypto/prfs/hmac_prf.h b/Source/lib/crypto/prfs/hmac_prf.h
deleted file mode 100644
index 3a68960f7..000000000
--- a/Source/lib/crypto/prfs/hmac_prf.h
+++ /dev/null
@@ -1,64 +0,0 @@
-/**
- * @file hmac_prf.h
- *
- * @brief Interface of hmac_prf_t.
- *
- */
-
-/*
- * Copyright (C) 2005 Jan Hutter, Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#ifndef PRF_HMAC_H_
-#define PRF_HMAC_H_
-
-#include <types.h>
-#include <crypto/prfs/prf.h>
-#include <crypto/hashers/hasher.h>
-
-typedef struct hmac_prf_t hmac_prf_t;
-
-/**
- * @brief Implementation of prf_t interface using the
- * HMAC algorithm.
- *
- * This simply wraps a hmac_t in a prf_t. More a question of
- * interface matching.
- *
- * @b Constructors:
- * - hmac_prf_create()
- *
- * @ingroup prfs
- */
-struct hmac_prf_t {
-
- /**
- * Generic prf_t interface for this hmac_prf_t class.
- */
- prf_t prf_interface;
-};
-
-/**
- * @brief Creates a new hmac_prf_t object.
- *
- * @param hash_algorithm hmac's hash algorithm
- * @return
- * - hmac_prf_t object
- * - NULL if hash not supported
- *
- * @ingroup prfs
- */
-hmac_prf_t *hmac_prf_create(hash_algorithm_t hash_algorithm);
-
-#endif /*PRF_HMAC_SHA1_H_*/
diff --git a/Source/lib/crypto/prfs/prf.c b/Source/lib/crypto/prfs/prf.c
deleted file mode 100644
index bb7015e64..000000000
--- a/Source/lib/crypto/prfs/prf.c
+++ /dev/null
@@ -1,67 +0,0 @@
-/**
- * @file prf.c
- *
- * @brief Generic constructor for all prf_t
- *
- */
-
-/*
- * Copyright (C) 2005 Jan Hutter, Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-
-#include "prf.h"
-
-#include <crypto/hashers/hasher.h>
-#include <crypto/prfs/hmac_prf.h>
-
-
-/**
- * String mappings for encryption_algorithm_t.
- */
-mapping_t pseudo_random_function_m[] = {
-{PRF_UNDEFINED, "PRF_UNDEFINED"},
-{PRF_HMAC_MD5, "PRF_HMAC_MD5"},
-{PRF_HMAC_SHA1, "PRF_HMAC_SHA1"},
-{PRF_HMAC_TIGER, "PRF_HMAC_TIGER"},
-{PRF_AES128_CBC, "PRF_AES128_CBC"},
-{MAPPING_END, NULL}
-};
-
-/*
- * Described in header.
- */
-prf_t *prf_create(pseudo_random_function_t pseudo_random_function)
-{
- switch (pseudo_random_function)
- {
- case PRF_HMAC_SHA1:
- {
- return (prf_t*)hmac_prf_create(HASH_SHA1);
- }
- case PRF_HMAC_MD5:
- {
- return (prf_t*)hmac_prf_create(HASH_MD5);
- }
- case PRF_HMAC_TIGER:
- case PRF_AES128_CBC:
- default:
- return NULL;
- }
-}
-
-
-
-
-
diff --git a/Source/lib/crypto/prfs/prf.h b/Source/lib/crypto/prfs/prf.h
deleted file mode 100644
index b1c1e6a66..000000000
--- a/Source/lib/crypto/prfs/prf.h
+++ /dev/null
@@ -1,136 +0,0 @@
-/**
- * @file prf.h
- *
- * @brief Interface prf_t.
- *
- */
-
-/*
- * Copyright (C) 2005 Jan Hutter, Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#ifndef PRF_H_
-#define PRF_H_
-
-#include <types.h>
-
-typedef enum pseudo_random_function_t pseudo_random_function_t;
-
-/**
- * @brief Pseudo random function, as in IKEv2 RFC 3.3.2.
- *
- * Currently only the following algorithms are implemented and therefore supported:
- * - PRF_HMAC_MD5
- * - PRF_HMAC_SHA1
- *
- * @ingroup prfs
- */
-enum pseudo_random_function_t {
- PRF_UNDEFINED = 1024,
- /**
- * Implemented in class hmac_prf_t.
- */
- PRF_HMAC_MD5 = 1,
- /**
- * Implemented in class hmac_prf_t.
- */
- PRF_HMAC_SHA1 = 2,
- PRF_HMAC_TIGER = 3,
- PRF_AES128_CBC = 4
-};
-
-/**
- * String mappings for encryption_algorithm_t.
- */
-extern mapping_t pseudo_random_function_m[];
-
-
-typedef struct prf_t prf_t;
-
-/**
- * @brief Generic interface for pseudo-random-functions.
- *
- * @b Constructors:
- * - prf_create()
- * - hmac_prf_create()
- *
- * @todo Implement more prf algorithms
- *
- * @ingroup prfs
- */
-struct prf_t {
- /**
- * @brief Generates pseudo random bytes and writes them
- * in the buffer.
- *
- * @param this calling object
- * @param seed a chunk containing the seed for the next bytes
- * @param[out] buffer pointer where the generated bytes will be written
- */
- void (*get_bytes) (prf_t *this, chunk_t seed, u_int8_t *buffer);
-
- /**
- * @brief Generates pseudo random bytes and allocate space for them.
- *
- * @param this calling object
- * @param seed a chunk containing the seed for the next bytes
- * @param[out] chunk chunk which will hold generated bytes
- */
- void (*allocate_bytes) (prf_t *this, chunk_t seed, chunk_t *chunk);
-
- /**
- * @brief Get the block size of this prf_t object.
- *
- * @param this calling object
- * @return block size in bytes
- */
- size_t (*get_block_size) (prf_t *this);
-
- /**
- * @brief Get the key size of this prf_t object.
- *
- * @param this calling object
- * @return key size in bytes
- */
- size_t (*get_key_size) (prf_t *this);
-
- /**
- * @brief Set the key for this prf_t object.
- *
- * @param this calling object
- * @param key key to set
- */
- void (*set_key) (prf_t *this, chunk_t key);
-
- /**
- * @brief Destroys a prf object.
- *
- * @param this calling object
- */
- void (*destroy) (prf_t *this);
-};
-
-/**
- * @brief Generic constructor for a prf_t oject.
- *
- * @param pseudo_random_function Algorithm to use
- * @return
- * - prf_t object
- * - NULL if prf algorithm not supported
- *
- * @ingroup prfs
- */
-prf_t *prf_create(pseudo_random_function_t pseudo_random_function);
-
-#endif /*PRF_H_*/
diff --git a/Source/lib/crypto/rsa/Makefile.rsa b/Source/lib/crypto/rsa/Makefile.rsa
deleted file mode 100644
index 1a0204c83..000000000
--- a/Source/lib/crypto/rsa/Makefile.rsa
+++ /dev/null
@@ -1,23 +0,0 @@
-# Copyright (C) 2005 Jan Hutter, Martin Willi
-# Hochschule fuer Technik Rapperswil
-#
-# This program is free software; you can redistribute it and/or modify it
-# under the terms of the GNU General Public License as published by the
-# Free Software Foundation; either version 2 of the License, or (at your
-# option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-#
-# This program is distributed in the hope that it will be useful, but
-# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-# for more details.
-#
-
-RSA_DIR= $(CRYPTO_DIR)rsa/
-
-LIB_OBJS+= $(BUILD_DIR)rsa_private_key.o
-$(BUILD_DIR)rsa_private_key.o : $(RSA_DIR)rsa_private_key.c $(RSA_DIR)rsa_private_key.h
- $(CC) $(CFLAGS) -c -o $@ $<
-
-LIB_OBJS+= $(BUILD_DIR)rsa_public_key.o
-$(BUILD_DIR)rsa_public_key.o : $(RSA_DIR)rsa_public_key.c $(RSA_DIR)rsa_public_key.h
- $(CC) $(CFLAGS) -c -o $@ $< \ No newline at end of file
diff --git a/Source/lib/crypto/rsa/rsa_private_key.c b/Source/lib/crypto/rsa/rsa_private_key.c
deleted file mode 100644
index 358653f0e..000000000
--- a/Source/lib/crypto/rsa/rsa_private_key.c
+++ /dev/null
@@ -1,772 +0,0 @@
-/**
- * @file rsa_private_key.c
- *
- * @brief Implementation of rsa_private_key_t.
- *
- */
-
-/*
- * Copyright (C) 2005 Jan Hutter, Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include <gmp.h>
-#include <sys/stat.h>
-#include <unistd.h>
-#include <string.h>
-
-#include "rsa_private_key.h"
-
-#include <daemon.h>
-#include <asn1/asn1.h>
-
-/*
- * Oids for hash algorithms are defined in
- * rsa_public_key.c.
- */
-extern u_int8_t md2_oid[18];
-extern u_int8_t md5_oid[18];
-extern u_int8_t sha1_oid[15];
-extern u_int8_t sha256_oid[19];
-extern u_int8_t sha384_oid[19];
-extern u_int8_t sha512_oid[19];
-
-
-/**
- * Public exponent to use for key generation.
- */
-#define PUBLIC_EXPONENT 0x10001
-
-
-typedef struct private_rsa_private_key_t private_rsa_private_key_t;
-
-/**
- * Private data of a rsa_private_key_t object.
- */
-struct private_rsa_private_key_t {
- /**
- * Public interface for this signer.
- */
- rsa_private_key_t public;
-
- /**
- * Version of key, as encoded in PKCS#1
- */
- u_int version;
-
- /**
- * Public modulus.
- */
- mpz_t n;
-
- /**
- * Public exponent.
- */
- mpz_t e;
-
- /**
- * Private prime 1.
- */
- mpz_t p;
-
- /**
- * Private Prime 2.
- */
- mpz_t q;
-
- /**
- * Private exponent.
- */
- mpz_t d;
-
- /**
- * Private exponent 1.
- */
- mpz_t exp1;
-
- /**
- * Private exponent 2.
- */
- mpz_t exp2;
-
- /**
- * Private coefficient.
- */
- mpz_t coeff;
-
- /**
- * Keysize in bytes.
- */
- size_t k;
-
- /**
- * @brief Implements the RSADP algorithm specified in PKCS#1.
- *
- * @param this calling object
- * @param data data to process
- * @return processed data
- */
- chunk_t (*rsadp) (private_rsa_private_key_t *this, chunk_t data);
-
- /**
- * @brief Implements the RSASP1 algorithm specified in PKCS#1.
- * @param this calling object
- * @param data data to process
- * @return processed data
- */
- chunk_t (*rsasp1) (private_rsa_private_key_t *this, chunk_t data);
-
- /**
- * @brief Generate a prime value.
- *
- * @param this calling object
- * @param prime_size size of the prime, in bytes
- * @param[out] prime uninitialized mpz
- */
- status_t (*compute_prime) (private_rsa_private_key_t *this, size_t prime_size, mpz_t *prime);
-
-};
-
-/* ASN.1 definition of a PKCS#1 RSA private key */
-static const asn1Object_t privkey_objects[] = {
- { 0, "RSAPrivateKey", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
- { 1, "version", ASN1_INTEGER, ASN1_BODY }, /* 1 */
- { 1, "modulus", ASN1_INTEGER, ASN1_BODY }, /* 2 */
- { 1, "publicExponent", ASN1_INTEGER, ASN1_BODY }, /* 3 */
- { 1, "privateExponent", ASN1_INTEGER, ASN1_BODY }, /* 4 */
- { 1, "prime1", ASN1_INTEGER, ASN1_BODY }, /* 5 */
- { 1, "prime2", ASN1_INTEGER, ASN1_BODY }, /* 6 */
- { 1, "exponent1", ASN1_INTEGER, ASN1_BODY }, /* 7 */
- { 1, "exponent2", ASN1_INTEGER, ASN1_BODY }, /* 8 */
- { 1, "coefficient", ASN1_INTEGER, ASN1_BODY }, /* 9 */
- { 1, "otherPrimeInfos", ASN1_SEQUENCE, ASN1_OPT |
- ASN1_LOOP }, /* 10 */
- { 2, "otherPrimeInfo", ASN1_SEQUENCE, ASN1_NONE }, /* 11 */
- { 3, "prime", ASN1_INTEGER, ASN1_BODY }, /* 12 */
- { 3, "exponent", ASN1_INTEGER, ASN1_BODY }, /* 13 */
- { 3, "coefficient", ASN1_INTEGER, ASN1_BODY }, /* 14 */
- { 1, "end opt or loop", ASN1_EOC, ASN1_END } /* 15 */
-};
-
-#define PRIV_KEY_VERSION 1
-#define PRIV_KEY_MODULUS 2
-#define PRIV_KEY_PUB_EXP 3
-#define PRIV_KEY_PRIV_EXP 4
-#define PRIV_KEY_PRIME1 5
-#define PRIV_KEY_PRIME2 6
-#define PRIV_KEY_EXP1 7
-#define PRIV_KEY_EXP2 8
-#define PRIV_KEY_COEFF 9
-#define PRIV_KEY_ROOF 16
-
-static private_rsa_private_key_t *rsa_private_key_create_empty();
-
-/**
- * Implementation of private_rsa_private_key_t.compute_prime.
- */
-static status_t compute_prime(private_rsa_private_key_t *this, size_t prime_size, mpz_t *prime)
-{
- randomizer_t *randomizer;
- chunk_t random_bytes;
- status_t status;
-
- randomizer = randomizer_create();
- mpz_init(*prime);
-
- do
- {
- status = randomizer->allocate_random_bytes(randomizer, prime_size, &random_bytes);
- if (status != SUCCESS)
- {
- randomizer->destroy(randomizer);
- mpz_clear(*prime);
- return FAILED;
- }
-
- /* make sure most significant bit is set */
- random_bytes.ptr[0] = random_bytes.ptr[0] | 0x80;
-
- /* convert chunk to mpz value */
- mpz_import(*prime, random_bytes.len, 1, 1, 1, 0, random_bytes.ptr);
-
- /* get next prime */
- mpz_nextprime (*prime, *prime);
-
- free(random_bytes.ptr);
- }
- /* check if it isnt too large */
- while (((mpz_sizeinbase(*prime, 2) + 7) / 8) > prime_size);
-
- randomizer->destroy(randomizer);
- return SUCCESS;
-}
-
-/**
- * Implementation of private_rsa_private_key_t.rsadp and private_rsa_private_key_t.rsasp1.
- */
-static chunk_t rsadp(private_rsa_private_key_t *this, chunk_t data)
-{
- mpz_t t1, t2;
- chunk_t decrypted;
-
- mpz_init(t1);
- mpz_init(t2);
-
- mpz_import(t1, data.len, 1, 1, 1, 0, data.ptr);
-
- mpz_powm(t2, t1, this->exp1, this->p); /* m1 = c^dP mod p */
- mpz_powm(t1, t1, this->exp2, this->q); /* m2 = c^dQ mod Q */
- mpz_sub(t2, t2, t1); /* h = qInv (m1 - m2) mod p */
- mpz_mod(t2, t2, this->p);
- mpz_mul(t2, t2, this->coeff);
- mpz_mod(t2, t2, this->p);
-
- mpz_mul(t2, t2, this->q); /* m = m2 + h q */
- mpz_add(t1, t1, t2);
-
- decrypted.len = this->k;
- decrypted.ptr = mpz_export(NULL, NULL, 1, decrypted.len, 1, 0, t1);
-
- mpz_clear(t1);
- mpz_clear(t2);
-
- return decrypted;
-}
-
-/**
- * Implementation of rsa_private_key.build_emsa_signature.
- */
-static status_t build_emsa_pkcs1_signature(private_rsa_private_key_t *this, hash_algorithm_t hash_algorithm, chunk_t data, chunk_t *signature)
-{
- hasher_t *hasher;
- chunk_t hash;
- chunk_t oid;
- chunk_t em;
-
- /* get oid string prepended to hash */
- switch (hash_algorithm)
- {
- case HASH_MD2:
- {
- oid.ptr = md2_oid;
- oid.len = sizeof(md2_oid);
- break;
- }
- case HASH_MD5:
- {
- oid.ptr = md5_oid;
- oid.len = sizeof(md5_oid);
- break;
- }
- case HASH_SHA1:
- {
- oid.ptr = sha1_oid;
- oid.len = sizeof(sha1_oid);
- break;
- }
- case HASH_SHA256:
- {
- oid.ptr = sha256_oid;
- oid.len = sizeof(sha256_oid);
- break;
- }
- case HASH_SHA384:
- {
- oid.ptr = sha384_oid;
- oid.len = sizeof(sha384_oid);
- break;
- }
- case HASH_SHA512:
- {
- oid.ptr = sha512_oid;
- oid.len = sizeof(sha512_oid);
- break;
- }
- default:
- {
- return NOT_SUPPORTED;
- }
- }
-
- /* get hasher */
- hasher = hasher_create(hash_algorithm);
- if (hasher == NULL)
- {
- return NOT_SUPPORTED;
- }
-
- /* build hash */
- hasher->allocate_hash(hasher, data, &hash);
- hasher->destroy(hasher);
-
- /* build chunk to rsa-decrypt:
- * EM = 0x00 || 0x01 || PS || 0x00 || T.
- * PS = 0xFF padding, with length to fill em
- * T = oid || hash
- */
- em.len = this->k;
- em.ptr = malloc(em.len);
-
- /* fill em with padding */
- memset(em.ptr, 0xFF, em.len);
- /* set magic bytes */
- *(em.ptr) = 0x00;
- *(em.ptr+1) = 0x01;
- *(em.ptr + em.len - hash.len - oid.len - 1) = 0x00;
- /* set hash */
- memcpy(em.ptr + em.len - hash.len, hash.ptr, hash.len);
- /* set oid */
- memcpy(em.ptr + em.len - hash.len - oid.len, oid.ptr, oid.len);
-
- /* build signature */
- *signature = this->rsasp1(this, em);
-
- free(hash.ptr);
- free(em.ptr);
-
- return SUCCESS;
-}
-
-/**
- * Implementation of rsa_private_key.get_key.
- */
-static status_t get_key(private_rsa_private_key_t *this, chunk_t *key)
-{
- chunk_t n, e, p, q, d, exp1, exp2, coeff;
-
- n.len = this->k;
- n.ptr = mpz_export(NULL, NULL, 1, n.len, 1, 0, this->n);
- e.len = this->k;
- e.ptr = mpz_export(NULL, NULL, 1, e.len, 1, 0, this->e);
- p.len = this->k;
- p.ptr = mpz_export(NULL, NULL, 1, p.len, 1, 0, this->p);
- q.len = this->k;
- q.ptr = mpz_export(NULL, NULL, 1, q.len, 1, 0, this->q);
- d.len = this->k;
- d.ptr = mpz_export(NULL, NULL, 1, d.len, 1, 0, this->d);
- exp1.len = this->k;
- exp1.ptr = mpz_export(NULL, NULL, 1, exp1.len, 1, 0, this->exp1);
- exp2.len = this->k;
- exp2.ptr = mpz_export(NULL, NULL, 1, exp2.len, 1, 0, this->exp2);
- coeff.len = this->k;
- coeff.ptr = mpz_export(NULL, NULL, 1, coeff.len, 1, 0, this->coeff);
-
- key->len = this->k * 8;
- key->ptr = malloc(key->len);
- memcpy(key->ptr + this->k * 0, n.ptr , n.len);
- memcpy(key->ptr + this->k * 1, e.ptr, e.len);
- memcpy(key->ptr + this->k * 2, p.ptr, p.len);
- memcpy(key->ptr + this->k * 3, q.ptr, q.len);
- memcpy(key->ptr + this->k * 4, d.ptr, d.len);
- memcpy(key->ptr + this->k * 5, exp1.ptr, exp1.len);
- memcpy(key->ptr + this->k * 6, exp2.ptr, exp2.len);
- memcpy(key->ptr + this->k * 7, coeff.ptr, coeff.len);
-
- free(n.ptr);
- free(e.ptr);
- free(p.ptr);
- free(q.ptr);
- free(d.ptr);
- free(exp1.ptr);
- free(exp2.ptr);
- free(coeff.ptr);
-
- return SUCCESS;
-}
-
-/**
- * Implementation of rsa_private_key.save_key.
- */
-static status_t save_key(private_rsa_private_key_t *this, char *file)
-{
- return NOT_SUPPORTED;
-}
-
-/**
- * Implementation of rsa_private_key.get_public_key.
- */
-rsa_public_key_t *get_public_key(private_rsa_private_key_t *this)
-{
- return NULL;
-}
-
-/**
- * Implementation of rsa_private_key.belongs_to.
- */
-static bool belongs_to(private_rsa_private_key_t *this, rsa_public_key_t *public)
-{
- if (mpz_cmp(this->n, *public->get_modulus(public)) == 0)
- {
- return TRUE;
- }
- return FALSE;
-}
-
-/**
- * Check the loaded key if it is valid and usable
- * TODO: Log errors
- */
-static status_t check(private_rsa_private_key_t *this)
-{
- mpz_t t, u, q1;
- status_t status = SUCCESS;
-
- /* PKCS#1 1.5 section 6 requires modulus to have at least 12 octets.
- * We actually require more (for security).
- */
- if (this->k < 512/8)
- {
- return FAILED;
- }
-
- /* we picked a max modulus size to simplify buffer allocation */
- if (this->k > 8192/8)
- {
- return FAILED;
- }
-
- mpz_init(t);
- mpz_init(u);
- mpz_init(q1);
-
- /* check that n == p * q */
- mpz_mul(u, this->p, this->q);
- if (mpz_cmp(u, this->n) != 0)
- {
- status = FAILED;
- }
-
- /* check that e divides neither p-1 nor q-1 */
- mpz_sub_ui(t, this->p, 1);
- mpz_mod(t, t, this->e);
- if (mpz_cmp_ui(t, 0) == 0)
- {
- status = FAILED;
- }
-
- mpz_sub_ui(t, this->q, 1);
- mpz_mod(t, t, this->e);
- if (mpz_cmp_ui(t, 0) == 0)
- {
- status = FAILED;
- }
-
- /* check that d is e^-1 (mod lcm(p-1, q-1)) */
- /* see PKCS#1v2, aka RFC 2437, for the "lcm" */
- mpz_sub_ui(q1, this->q, 1);
- mpz_sub_ui(u, this->p, 1);
- mpz_gcd(t, u, q1); /* t := gcd(p-1, q-1) */
- mpz_mul(u, u, q1); /* u := (p-1) * (q-1) */
- mpz_divexact(u, u, t); /* u := lcm(p-1, q-1) */
-
- mpz_mul(t, this->d, this->e);
- mpz_mod(t, t, u);
- if (mpz_cmp_ui(t, 1) != 0)
- {
- status = FAILED;
- }
-
- /* check that exp1 is d mod (p-1) */
- mpz_sub_ui(u, this->p, 1);
- mpz_mod(t, this->d, u);
- if (mpz_cmp(t, this->exp1) != 0)
- {
- status = FAILED;
- }
-
- /* check that exp2 is d mod (q-1) */
- mpz_sub_ui(u, this->q, 1);
- mpz_mod(t, this->d, u);
- if (mpz_cmp(t, this->exp2) != 0)
- {
- status = FAILED;
- }
-
- /* check that coeff is (q^-1) mod p */
- mpz_mul(t, this->coeff, this->q);
- mpz_mod(t, t, this->p);
- if (mpz_cmp_ui(t, 1) != 0)
- {
- status = FAILED;
- }
-
- mpz_clear(t);
- mpz_clear(u);
- mpz_clear(q1);
- return status;
-}
-
-/**
- * Implementation of rsa_private_key.clone.
- */
-static rsa_private_key_t* _clone(private_rsa_private_key_t *this)
-{
- private_rsa_private_key_t *clone = rsa_private_key_create_empty();
-
- mpz_init_set(clone->n, this->n);
- mpz_init_set(clone->e, this->e);
- mpz_init_set(clone->p, this->p);
- mpz_init_set(clone->q, this->q);
- mpz_init_set(clone->d, this->d);
- mpz_init_set(clone->exp1, this->exp1);
- mpz_init_set(clone->exp2, this->exp2);
- mpz_init_set(clone->coeff, this->coeff);
- clone->k = this->k;
-
- return &clone->public;
-}
-
-/**
- * Implementation of rsa_private_key.destroy.
- */
-static void destroy(private_rsa_private_key_t *this)
-{
- mpz_clear(this->n);
- mpz_clear(this->e);
- mpz_clear(this->p);
- mpz_clear(this->q);
- mpz_clear(this->d);
- mpz_clear(this->exp1);
- mpz_clear(this->exp2);
- mpz_clear(this->coeff);
- free(this);
-}
-
-/**
- * Internal generic constructor
- */
-static private_rsa_private_key_t *rsa_private_key_create_empty()
-{
- private_rsa_private_key_t *this = malloc_thing(private_rsa_private_key_t);
-
- /* public functions */
- this->public.build_emsa_pkcs1_signature = (status_t (*) (rsa_private_key_t*,hash_algorithm_t,chunk_t,chunk_t*))build_emsa_pkcs1_signature;
- this->public.get_key = (status_t (*) (rsa_private_key_t*,chunk_t*))get_key;
- this->public.save_key = (status_t (*) (rsa_private_key_t*,char*))save_key;
- this->public.get_public_key = (rsa_public_key_t *(*) (rsa_private_key_t*))get_public_key;
- this->public.belongs_to = (bool (*) (rsa_private_key_t*,rsa_public_key_t*))belongs_to;
- this->public.clone = (rsa_private_key_t*(*)(rsa_private_key_t*))_clone;
- this->public.destroy = (void (*) (rsa_private_key_t*))destroy;
-
- /* private functions */
- this->rsadp = rsadp;
- this->rsasp1 = rsadp; /* same algorithm */
- this->compute_prime = compute_prime;
-
- return this;
-}
-
-/*
- * See header
- */
-rsa_private_key_t *rsa_private_key_create(size_t key_size)
-{
- mpz_t p, q, n, e, d, exp1, exp2, coeff;
- mpz_t m, q1, t;
- private_rsa_private_key_t *this;
-
- this = rsa_private_key_create_empty();
- key_size = key_size / 8;
-
- /* Get values of primes p and q */
- if (this->compute_prime(this, key_size/2, &p) != SUCCESS)
- {
- free(this);
- return NULL;
- }
- if (this->compute_prime(this, key_size/2, &q) != SUCCESS)
- {
- mpz_clear(p);
- free(this);
- return NULL;
- }
-
- mpz_init(t);
- mpz_init(n);
- mpz_init(d);
- mpz_init(exp1);
- mpz_init(exp2);
- mpz_init(coeff);
-
- /* Swapping Primes so p is larger then q */
- if (mpz_cmp(p, q) < 0)
- {
- mpz_set(t, p);
- mpz_set(p, q);
- mpz_set(q, t);
- }
-
- mpz_mul(n, p, q); /* n = p*q */
- mpz_init_set_ui(e, PUBLIC_EXPONENT); /* assign public exponent */
- mpz_init_set(m, p); /* m = p */
- mpz_sub_ui(m, m, 1); /* m = m -1 */
- mpz_init_set(q1, q); /* q1 = q */
- mpz_sub_ui(q1, q1, 1); /* q1 = q1 -1 */
- mpz_gcd(t, m, q1); /* t = gcd(p-1, q-1) */
- mpz_mul(m, m, q1); /* m = (p-1)*(q-1) */
- mpz_divexact(m, m, t); /* m = m / t */
- mpz_gcd(t, m, e); /* t = gcd(m, e) (greatest common divisor) */
-
- mpz_invert(d, e, m); /* e has an inverse mod m */
- if (mpz_cmp_ui(d, 0) < 0) /* make sure d is positive */
- {
- mpz_add(d, d, m);
- }
- mpz_sub_ui(t, p, 1); /* t = p-1 */
- mpz_mod(exp1, d, t); /* exp1 = d mod p-1 */
- mpz_sub_ui(t, q, 1); /* t = q-1 */
- mpz_mod(exp2, d, t); /* exp2 = d mod q-1 */
-
- mpz_invert(coeff, q, p); /* coeff = q^-1 mod p */
- if (mpz_cmp_ui(coeff, 0) < 0) /* make coeff d is positive */
- {
- mpz_add(coeff, coeff, p);
- }
-
- mpz_clear(q1);
- mpz_clear(m);
- mpz_clear(t);
-
- /* apply values */
- *(this->p) = *p;
- *(this->q) = *q;
- *(this->n) = *n;
- *(this->e) = *e;
- *(this->d) = *d;
- *(this->exp1) = *exp1;
- *(this->exp2) = *exp2;
- *(this->coeff) = *coeff;
-
- /* set key size in bytes */
- this->k = key_size;
-
- return &this->public;
-}
-
-/*
- * see header
- */
-rsa_private_key_t *rsa_private_key_create_from_chunk(chunk_t blob)
-{
- asn1_ctx_t ctx;
- chunk_t object;
- u_int level;
- int objectID = 0;
- private_rsa_private_key_t *this;
-
- this = rsa_private_key_create_empty();
-
- mpz_init(this->n);
- mpz_init(this->e);
- mpz_init(this->p);
- mpz_init(this->q);
- mpz_init(this->d);
- mpz_init(this->exp1);
- mpz_init(this->exp2);
- mpz_init(this->coeff);
-
- asn1_init(&ctx, blob, 0, FALSE);
-
- while (objectID < PRIV_KEY_ROOF)
- {
- if (!extract_object(privkey_objects, &objectID, &object, &level, &ctx))
- {
- destroy(this);
- return FALSE;
- }
- switch (objectID)
- {
- case PRIV_KEY_VERSION:
- if (object.len > 0 && *object.ptr != 0)
- {
- destroy(this);
- return NULL;
- }
- break;
- case PRIV_KEY_MODULUS:
- mpz_import(this->n, object.len, 1, 1, 1, 0, object.ptr);
- break;
- case PRIV_KEY_PUB_EXP:
- mpz_import(this->e, object.len, 1, 1, 1, 0, object.ptr);
- break;
- case PRIV_KEY_PRIV_EXP:
- mpz_import(this->d, object.len, 1, 1, 1, 0, object.ptr);
- break;
- case PRIV_KEY_PRIME1:
- mpz_import(this->p, object.len, 1, 1, 1, 0, object.ptr);
- break;
- case PRIV_KEY_PRIME2:
- mpz_import(this->q, object.len, 1, 1, 1, 0, object.ptr);
- break;
- case PRIV_KEY_EXP1:
- mpz_import(this->exp1, object.len, 1, 1, 1, 0, object.ptr);
- break;
- case PRIV_KEY_EXP2:
- mpz_import(this->exp2, object.len, 1, 1, 1, 0, object.ptr);
- break;
- case PRIV_KEY_COEFF:
- mpz_import(this->coeff, object.len, 1, 1, 1, 0, object.ptr);
- break;
- }
- objectID++;
- }
-
- this->k = (mpz_sizeinbase(this->n, 2) + 7) / 8;
-
- if (check(this) != SUCCESS)
- {
- destroy(this);
- return NULL;
- }
- else
- {
- return &this->public;
- }
-}
-
-/*
- * see header
- * TODO: PEM files
- */
-rsa_private_key_t *rsa_private_key_create_from_file(char *filename, char *passphrase)
-{
- chunk_t chunk;
- struct stat stb;
- FILE *file;
- char *buffer;
-
- if (stat(filename, &stb) == -1)
- {
- return NULL;
- }
-
- buffer = alloca(stb.st_size);
-
- file = fopen(filename, "r");
- if (file == NULL)
- {
- return NULL;
- }
-
- if (fread(buffer, stb.st_size, 1, file) != 1)
- {
- fclose(file);
- return NULL;
- }
- fclose(file);
-
- chunk.ptr = buffer;
- chunk.len = stb.st_size;
-
- return rsa_private_key_create_from_chunk(chunk);
-}
diff --git a/Source/lib/crypto/rsa/rsa_private_key.h b/Source/lib/crypto/rsa/rsa_private_key.h
deleted file mode 100644
index b3b8ae87f..000000000
--- a/Source/lib/crypto/rsa/rsa_private_key.h
+++ /dev/null
@@ -1,185 +0,0 @@
-/**
- * @file rsa_private_key.h
- *
- * @brief Interface of rsa_private_key_t.
- *
- */
-
-/*
- * Copyright (C) 2005 Jan Hutter, Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#ifndef RSA_PRIVATE_KEY_H_
-#define RSA_PRIVATE_KEY_H_
-
-#include <types.h>
-#include <definitions.h>
-#include <crypto/rsa/rsa_public_key.h>
-#include <crypto/hashers/hasher.h>
-
-
-typedef struct rsa_private_key_t rsa_private_key_t;
-
-/**
- * @brief RSA private key with associated functions.
- *
- * Currently only supports signing using EMSA encoding.
- *
- * @b Constructors:
- * - rsa_private_key_create()
- * - rsa_private_key_create_from_chunk()
- * - rsa_private_key_create_from_file()
- *
- * @see rsa_public_key_t
- *
- * @todo Implement get_key(), save_key(), get_public_key()
- *
- * @ingroup rsa
- */
-struct rsa_private_key_t {
-
- /**
- * @brief Build a signature over a chunk using EMSA-PKCS1 encoding.
- *
- * This signature creates a hash using the specified hash algorithm, concatenates
- * it with an ASN1-OID of the hash algorithm and runs the RSASP1 function
- * on it.
- *
- * @param this calling object
- * @param hash_algorithm hash algorithm to use for hashing
- * @param data data to sign
- * @param[out] signature allocated signature
- * @return
- * - SUCCESS
- * - INVALID_STATE, if key not set
- * - NOT_SUPPORTED, if hash algorithm not supported
- */
- status_t (*build_emsa_pkcs1_signature) (rsa_private_key_t *this, hash_algorithm_t hash_algorithm, chunk_t data, chunk_t *signature);
-
- /**
- * @brief Gets the key.
- *
- * UNIMPLEMENTED!
- *
- * @param this calling object
- * @param key key (in a propriarity format)
- * @return
- * - SUCCESS
- * - INVALID_STATE, if key not set
- */
- status_t (*get_key) (rsa_private_key_t *this, chunk_t *key);
-
- /**
- * @brief Saves a key to a file.
- *
- * Not implemented!
- *
- * @param this calling object
- * @param file file to which the key should be written.
- * @return NOT_SUPPORTED
- */
- status_t (*save_key) (rsa_private_key_t *this, char *file);
-
- /**
- * @brief Generate a new key.
- *
- * Generates a new private_key with specified key size
- *
- * @param this calling object
- * @param key_size size of the key in bits
- * @return
- * - SUCCESS
- * - INVALID_ARG if key_size invalid
- */
- status_t (*generate_key) (rsa_private_key_t *this, size_t key_size);
-
- /**
- * @brief Create a rsa_public_key_t with the public
- * parts of the key.
- *
- * @param this calling object
- * @return public_key
- */
- rsa_public_key_t *(*get_public_key) (rsa_private_key_t *this);
-
- /**
- * @brief Check if a private key belongs to a public key.
- *
- * Compares the public part of the private key with the
- * public key, return TRUE if it equals.
- *
- * @param this private key
- * @param public public key
- * @return TRUE, if keys belong together
- */
- bool (*belongs_to) (rsa_private_key_t *this, rsa_public_key_t *public);
-
- /**
- * @brief Clone the private key.
- *
- * @param this private key to clone
- * @return clone of this
- */
- rsa_private_key_t *(*clone) (rsa_private_key_t *this);
-
- /**
- * @brief Destroys the private key.
- *
- * @param this private key to destroy
- */
- void (*destroy) (rsa_private_key_t *this);
-};
-
-/**
- * @brief Generate a new RSA key with specified key lenght.
- *
- * @param key_size size of the key in bits
- * @return generated rsa_private_key_t.
- *
- * @ingroup rsa
- */
-rsa_private_key_t *rsa_private_key_create(size_t key_size);
-
-/**
- * @brief Load an RSA private key from a chunk.
- *
- * Load a key from a chunk, encoded as described in PKCS#1
- * (ASN1 DER encoded).
- *
- * @param chunk chunk containing the DER encoded key
- * @return loaded rsa_private_key_t, or NULL
- *
- * @ingroup rsa
- */
-rsa_private_key_t *rsa_private_key_create_from_chunk(chunk_t chunk);
-
-/**
- * @brief Load an RSA private key from a file.
- *
- * Load a key from a file, which is either in a unencrypted binary
- * format (DER), or in a (encrypted) PEM format. The supplied
- * passphrase is used to decrypt an ecrypted key.
- *
- * @param filename filename which holds the key
- * @param passphrase optional passphase for decryption
- * @return loaded rsa_private_key_t, or NULL
- *
- * @todo Implement PEM file loading
- * @todo Implement key decryption
- *
- * @ingroup rsa
- */
-rsa_private_key_t *rsa_private_key_create_from_file(char *filename, char *passphrase);
-
-#endif /*RSA_PRIVATE_KEY_H_*/
diff --git a/Source/lib/crypto/rsa/rsa_public_key.c b/Source/lib/crypto/rsa/rsa_public_key.c
deleted file mode 100644
index 6601b6cda..000000000
--- a/Source/lib/crypto/rsa/rsa_public_key.c
+++ /dev/null
@@ -1,458 +0,0 @@
-/**
- * @file rsa_public_key.c
- *
- * @brief Implementation of rsa_public_key_t.
- *
- */
-
-/*
- * Copyright (C) 2005 Jan Hutter, Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include <gmp.h>
-#include <sys/stat.h>
-#include <unistd.h>
-#include <string.h>
-
-#include "rsa_public_key.h"
-
-#include <daemon.h>
-#include <crypto/hashers/hasher.h>
-#include <asn1/asn1.h>
-
-/*
- * For simplicity,
- * we use these predefined values for
- * hash algorithm OIDs. These also contain
- * the length of the following hash.
- * These values are also used in rsa_private_key.c.
- * TODO: We may move them in asn1 sometime...
- */
-
-u_int8_t md2_oid[] = {
- 0x30,0x20,0x30,0x0c,0x06,0x08,0x2a,0x86,
- 0x48,0x86,0xf7,0x0d,0x02,0x02,0x05,0x00,
- 0x04,0x10
-};
-
-u_int8_t md5_oid[] = {
- 0x30,0x20,0x30,0x0c,0x06,0x08,0x2a,0x86,
- 0x48,0x86,0xf7,0x0d,0x02,0x05,0x05,0x00,
- 0x04,0x10
-};
-
-u_int8_t sha1_oid[] = {
- 0x30,0x21,0x30,0x09,0x06,0x05,0x2b,0x0e,
- 0x03,0x02,0x1a,0x05,0x00,0x04,0x14
-};
-
-u_int8_t sha256_oid[] = {
- 0x30,0x31,0x30,0x0d,0x06,0x09,0x60,0x86,
- 0x48,0x01,0x65,0x03,0x04,0x02,0x01,0x05,
- 0x00,0x04,0x20
-};
-
-u_int8_t sha384_oid[] = {
- 0x30,0x41,0x30,0x0d,0x06,0x09,0x60,0x86,
- 0x48,0x01,0x65,0x03,0x04,0x02,0x02,0x05,
- 0x00,0x04,0x30
-};
-
-u_int8_t sha512_oid[] = {
- 0x30,0x51,0x30,0x0d,0x06,0x09,0x60,0x86,
- 0x48,0x01,0x65,0x03,0x04,0x02,0x03,0x05,
- 0x00,0x04,0x40
-};
-
-/* ASN.1 definition public key */
-static const asn1Object_t pubkey_objects[] = {
- { 0, "RSAPublicKey", ASN1_SEQUENCE, ASN1_OBJ }, /* 0 */
- { 1, "modulus", ASN1_INTEGER, ASN1_BODY }, /* 1 */
- { 1, "publicExponent", ASN1_INTEGER, ASN1_BODY }, /* 2 */
-};
-
-#define PUB_KEY_RSA_PUBLIC_KEY 0
-#define PUB_KEY_MODULUS 1
-#define PUB_KEY_EXPONENT 2
-#define PUB_KEY_ROOF 3
-
-typedef struct private_rsa_public_key_t private_rsa_public_key_t;
-
-/**
- * Private data structure with signing context.
- */
-struct private_rsa_public_key_t {
- /**
- * Public interface for this signer.
- */
- rsa_public_key_t public;
-
- /**
- * Public modulus.
- */
- mpz_t n;
-
- /**
- * Public exponent.
- */
- mpz_t e;
-
- /**
- * Keysize in bytes.
- */
- size_t k;
-
- /**
- * @brief Implements the RSAEP algorithm specified in PKCS#1.
- *
- * @param this calling object
- * @param data data to process
- * @return processed data
- */
- chunk_t (*rsaep) (private_rsa_public_key_t *this, chunk_t data);
-
- /**
- * @brief Implements the RSASVP1 algorithm specified in PKCS#1.
- *
- * @param this calling object
- * @param data data to process
- * @return processed data
- */
- chunk_t (*rsavp1) (private_rsa_public_key_t *this, chunk_t data);
-};
-
-
-typedef struct rsa_public_key_info_t rsa_public_key_info_t;
-
-/**
- * KeyInfo, as it appears in a public key file
- */
-struct rsa_public_key_info_t {
- /**
- * Algorithm for this key
- */
- chunk_t algorithm_oid;
-
- /**
- * Public key, parseable with rsa_public_key_rules
- */
- chunk_t public_key;
-};
-
-private_rsa_public_key_t *rsa_public_key_create_empty();
-
-/**
- * Implementation of private_rsa_public_key_t.rsaep and private_rsa_public_key_t.rsavp1
- */
-static chunk_t rsaep(private_rsa_public_key_t *this, chunk_t data)
-{
- mpz_t m, c;
- chunk_t encrypted;
-
- mpz_init(c);
- mpz_init(m);
-
- mpz_import(m, data.len, 1, 1, 1, 0, data.ptr);
-
- mpz_powm(c, m, this->e, this->n);
-
- encrypted.len = this->k;
- encrypted.ptr = mpz_export(NULL, NULL, 1, encrypted.len, 1, 0, c);
-
- mpz_clear(c);
- mpz_clear(m);
-
- return encrypted;
-}
-
-/**
- * Implementation of rsa_public_key.verify_emsa_pkcs1_signature.
- */
-static status_t verify_emsa_pkcs1_signature(private_rsa_public_key_t *this, chunk_t data, chunk_t signature)
-{
- hasher_t *hasher = NULL;
- chunk_t hash;
- chunk_t em;
- u_int8_t *pos;
-
- if (signature.len > this->k)
- {
- return INVALID_ARG;
- }
-
- /* unpack signature */
- em = this->rsavp1(this, signature);
-
- /* result should look like this:
- * EM = 0x00 || 0x01 || PS || 0x00 || T.
- * PS = 0xFF padding, with length to fill em
- * T = oid || hash
- */
-
- /* check magic bytes */
- if ((*(em.ptr) != 0x00) ||
- (*(em.ptr+1) != 0x01))
- {
- free(em.ptr);
- return FAILED;
- }
-
- /* find magic 0x00 */
- pos = em.ptr + 2;
- while (pos <= em.ptr + em.len)
- {
- if (*pos == 0x00)
- {
- /* found magic byte, stop */
- pos++;
- break;
- }
- else if (*pos != 0xFF)
- {
- /* bad padding, decryption failed ?!*/
- free(em.ptr);
- return FAILED;
- }
- pos++;
- }
-
- if (pos + 20 > em.ptr + em.len)
- {
- /* not enought room for oid compare */
- free(em.ptr);
- return FAILED;
- }
-
- if (memcmp(md2_oid, pos, sizeof(md2_oid)) == 0)
- {
- hasher = hasher_create(HASH_MD2);
- pos += sizeof(md2_oid);
- }
- else if (memcmp(md5_oid, pos, sizeof(md5_oid)) == 0)
- {
- hasher = hasher_create(HASH_MD5);
- pos += sizeof(md5_oid);
- }
- else if (memcmp(sha1_oid, pos, sizeof(sha1_oid)) == 0)
- {
- hasher = hasher_create(HASH_SHA1);
- pos += sizeof(sha1_oid);
- }
- else if (memcmp(sha256_oid, pos, sizeof(sha256_oid)) == 0)
- {
- hasher = hasher_create(HASH_SHA256);
- pos += sizeof(sha256_oid);
- }
- else if (memcmp(sha384_oid, pos, sizeof(sha384_oid)) == 0)
- {
- hasher = hasher_create(HASH_SHA384);
- pos += sizeof(sha384_oid);
- }
- else if (memcmp(sha512_oid, pos, sizeof(sha512_oid)) == 0)
- {
- hasher = hasher_create(HASH_SHA512);
- pos += sizeof(sha512_oid);
- }
-
- if (hasher == NULL)
- {
- /* not supported hash algorithm */
- free(em.ptr);
- return NOT_SUPPORTED;
- }
-
- if (pos + hasher->get_hash_size(hasher) != em.ptr + em.len)
- {
- /* bad length */
- free(em.ptr);
- hasher->destroy(hasher);
- return FAILED;
- }
-
- /* build own hash for a compare */
- hasher->allocate_hash(hasher, data, &hash);
- hasher->destroy(hasher);
-
- if (memcmp(hash.ptr, pos, hash.len) != 0)
- {
- /* hash does not equal */
- free(hash.ptr);
- free(em.ptr);
- return FAILED;
-
- }
-
- /* seems good */
- free(hash.ptr);
- free(em.ptr);
- return SUCCESS;
-}
-
-/**
- * Implementation of rsa_public_key.get_key.
- */
-static status_t get_key(private_rsa_public_key_t *this, chunk_t *key)
-{
- chunk_t n, e;
-
- n.len = this->k;
- n.ptr = mpz_export(NULL, NULL, 1, n.len, 1, 0, this->n);
- e.len = this->k;
- e.ptr = mpz_export(NULL, NULL, 1, e.len, 1, 0, this->e);
-
- key->len = this->k * 2;
- key->ptr = malloc(key->len);
- memcpy(key->ptr, n.ptr, n.len);
- memcpy(key->ptr + n.len, e.ptr, e.len);
- free(n.ptr);
- free(e.ptr);
-
- return SUCCESS;
-}
-
-/**
- * Implementation of rsa_public_key.save_key.
- */
-static status_t save_key(private_rsa_public_key_t *this, char *file)
-{
- return NOT_SUPPORTED;
-}
-
-/**
- * Implementation of rsa_public_key.get_modulus.
- */
-static mpz_t *get_modulus(private_rsa_public_key_t *this)
-{
- return &this->n;
-}
-
-/**
- * Implementation of rsa_public_key.clone.
- */
-static rsa_public_key_t* _clone(private_rsa_public_key_t *this)
-{
- private_rsa_public_key_t *clone = rsa_public_key_create_empty();
-
- mpz_init_set(clone->n, this->n);
- mpz_init_set(clone->e, this->e);
- clone->k = this->k;
-
- return &clone->public;
-}
-
-/**
- * Implementation of rsa_public_key.destroy.
- */
-static void destroy(private_rsa_public_key_t *this)
-{
- mpz_clear(this->n);
- mpz_clear(this->e);
- free(this);
-}
-
-/**
- * Generic private constructor
- */
-private_rsa_public_key_t *rsa_public_key_create_empty()
-{
- private_rsa_public_key_t *this = malloc_thing(private_rsa_public_key_t);
-
- /* public functions */
- this->public.verify_emsa_pkcs1_signature = (status_t (*) (rsa_public_key_t*,chunk_t,chunk_t))verify_emsa_pkcs1_signature;
- this->public.get_key = (status_t (*) (rsa_public_key_t*,chunk_t*))get_key;
- this->public.save_key = (status_t (*) (rsa_public_key_t*,char*))save_key;
- this->public.get_modulus = (mpz_t *(*) (rsa_public_key_t*))get_modulus;
- this->public.clone = (rsa_public_key_t* (*) (rsa_public_key_t*))_clone;
- this->public.destroy = (void (*) (rsa_public_key_t*))destroy;
-
- /* private functions */
- this->rsaep = rsaep;
- this->rsavp1 = rsaep; /* same algorithm */
-
- return this;
-}
-
-/*
- * See header
- */
-rsa_public_key_t *rsa_public_key_create_from_chunk(chunk_t blob)
-{
- asn1_ctx_t ctx;
- chunk_t object;
- u_int level;
- int objectID = 0;
- private_rsa_public_key_t *this;
-
- this = rsa_public_key_create_empty();
- mpz_init(this->n);
- mpz_init(this->e);
-
- asn1_init(&ctx, blob, 0, FALSE);
-
- while (objectID < PUB_KEY_ROOF)
- {
- if (!extract_object(pubkey_objects, &objectID, &object, &level, &ctx))
- {
- destroy(this);
- return FALSE;
- }
- switch (objectID)
- {
- case PUB_KEY_MODULUS:
- mpz_import(this->n, object.len, 1, 1, 1, 0, object.ptr);
- break;
- case PUB_KEY_EXPONENT:
- mpz_import(this->e, object.len, 1, 1, 1, 0, object.ptr);
- break;
- }
- objectID++;
- }
-
- this->k = (mpz_sizeinbase(this->n, 2) + 7) / 8;
- return &this->public;
-}
-
-/*
- * See header
- */
-rsa_public_key_t *rsa_public_key_create_from_file(char *filename)
-{
- struct stat stb;
- FILE *file;
- char *buffer;
- chunk_t chunk;
-
- if (stat(filename, &stb) == -1)
- {
- return NULL;
- }
-
- buffer = alloca(stb.st_size);
-
- file = fopen(filename, "r");
- if (file == NULL)
- {
- return NULL;
- }
-
- if (fread(buffer, stb.st_size, 1, file) != 1)
- {
- return NULL;
- }
-
- chunk.ptr = buffer;
- chunk.len = stb.st_size;
-
- return rsa_public_key_create_from_chunk(chunk);
-}
diff --git a/Source/lib/crypto/rsa/rsa_public_key.h b/Source/lib/crypto/rsa/rsa_public_key.h
deleted file mode 100644
index ef79153d6..000000000
--- a/Source/lib/crypto/rsa/rsa_public_key.h
+++ /dev/null
@@ -1,153 +0,0 @@
-/**
- * @file rsa_public_key.h
- *
- * @brief Interface of rsa_public_key_t.
- *
- */
-
-/*
- * Copyright (C) 2005 Jan Hutter, Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#ifndef RSA_PUBLIC_KEY_H_
-#define RSA_PUBLIC_KEY_H_
-
-#include <gmp.h>
-
-#include <types.h>
-#include <definitions.h>
-
-
-typedef struct rsa_public_key_t rsa_public_key_t;
-
-/**
- * @brief RSA public key with associated functions.
- *
- * Currently only supports signature verification using
- * the EMSA encoding (see PKCS1)
- *
- * @b Constructors:
- * - rsa_public_key_create_from_chunk()
- * - rsa_public_key_create_from_file()
- * - rsa_private_key_t.get_public_key()
- *
- * @see rsa_private_key_t
- *
- * @todo Implement getkey() and savekey()
- *
- * @ingroup rsa
- */
-struct rsa_public_key_t {
-
- /**
- * @brief Verify a EMSA-PKCS1 encodined signature.
- *
- * Processes the supplied signature with the RSAVP1 function,
- * selects the hash algorithm form the resultign ASN1-OID and
- * verifies the hash against the supplied data.
- *
- * @param this rsa_public_key to use
- * @param data data to sign
- * @param signature signature to verify
- * @return
- * - SUCCESS, if signature ok
- * - INVALID_STATE, if key not set
- * - NOT_SUPPORTED, if hash algorithm not supported
- * - INVALID_ARG, if signature is not a signature
- * - FAILED if signature invalid or unable to verify
- */
- status_t (*verify_emsa_pkcs1_signature) (rsa_public_key_t *this, chunk_t data, chunk_t signature);
-
- /**
- * @brief Gets the key.
- *
- * Currently uses a proprietary format which is only inteded
- * for testing. This should be replaced with a proper
- * ASN1 encoded key format, when charon gets the ASN1
- * capabilities.
- *
- * @param this calling object
- * @param key key (in a propriarity format)
- * @return
- * - SUCCESS
- * - INVALID_STATE, if key not set
- */
- status_t (*get_key) (rsa_public_key_t *this, chunk_t *key);
-
- /**
- * @brief Saves a key to a file.
- *
- * Not implemented!
- *
- * @param this calling object
- * @param file file to which the key should be written.
- * @return NOT_SUPPORTED
- */
- status_t (*save_key) (rsa_public_key_t *this, char *file);
-
- /**
- * @brief Get the modulus of the key.
- *
- * @param this calling object
- * @return modulus (n) of the key
- */
- mpz_t *(*get_modulus) (rsa_public_key_t *this);
-
- /**
- * @brief Clone the public key.
- *
- * @param this public key to clone
- * @return clone of this
- */
- rsa_public_key_t *(*clone) (rsa_public_key_t *this);
-
- /**
- * @brief Destroys the public key.
- *
- * @param this public key to destroy
- */
- void (*destroy) (rsa_public_key_t *this);
-};
-
-/**
- * @brief Load an RSA public key from a chunk.
- *
- * Load a key from a chunk, encoded in the more frequently
- * used PublicKeyInfo struct (ASN1 DER encoded).
- *
- * @param chunk chunk containing the DER encoded key
- * @return loaded rsa_public_key_t, or NULL
- *
- * @todo Check OID in PublicKeyInfo
- *
- * @ingroup rsa
- */
-rsa_public_key_t *rsa_public_key_create_from_chunk(chunk_t chunk);
-
-/**
- * @brief Load an RSA public key from a file.
- *
- * Load a key from a file, which is either in binary
- * format (DER), or in PEM format.
- *
- * @param filename filename which holds the key
- * @return loaded rsa_public_key_t, or NULL
- *
- * @todo Implement PEM file loading
- *
- * @ingroup rsa
- */
-rsa_public_key_t *rsa_public_key_create_from_file(char *filename);
-
-#endif /*RSA_PUBLIC_KEY_H_*/
diff --git a/Source/lib/crypto/signers/Makefile.signers b/Source/lib/crypto/signers/Makefile.signers
deleted file mode 100644
index 8f161a09d..000000000
--- a/Source/lib/crypto/signers/Makefile.signers
+++ /dev/null
@@ -1,23 +0,0 @@
-# Copyright (C) 2005 Jan Hutter, Martin Willi
-# Hochschule fuer Technik Rapperswil
-#
-# This program is free software; you can redistribute it and/or modify it
-# under the terms of the GNU General Public License as published by the
-# Free Software Foundation; either version 2 of the License, or (at your
-# option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
-#
-# This program is distributed in the hope that it will be useful, but
-# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-# for more details.
-#
-
-SIGNERS_DIR= $(CRYPTO_DIR)signers/
-
-LIB_OBJS+= $(BUILD_DIR)signer.o
-$(BUILD_DIR)signer.o : $(SIGNERS_DIR)signer.c $(SIGNERS_DIR)signer.h
- $(CC) $(CFLAGS) -c -o $@ $<
-
-LIB_OBJS+= $(BUILD_DIR)hmac_signer.o
-$(BUILD_DIR)hmac_signer.o : $(SIGNERS_DIR)hmac_signer.c $(SIGNERS_DIR)hmac_signer.h
- $(CC) $(CFLAGS) -c -o $@ $<
diff --git a/Source/lib/crypto/signers/hmac_signer.c b/Source/lib/crypto/signers/hmac_signer.c
deleted file mode 100644
index cb7d08244..000000000
--- a/Source/lib/crypto/signers/hmac_signer.c
+++ /dev/null
@@ -1,169 +0,0 @@
-/**
- * @file hmac_signer.c
- *
- * @brief Implementation of hmac_signer_t.
- *
- */
-
-/*
- * Copyright (C) 2005 Jan Hutter, Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include <string.h>
-
-#include "hmac_signer.h"
-
-#include <crypto/prfs/hmac_prf.h>
-
-/**
- * This class represents a hmac signer with 12 byte (96 bit) output.
- */
-#define BLOCK_SIZE 12
-
-typedef struct private_hmac_signer_t private_hmac_signer_t;
-
-/**
- * Private data structure with signing context.
- */
-struct private_hmac_signer_t {
- /**
- * Public interface of hmac_signer_t.
- */
- hmac_signer_t public;
-
- /*
- * Assigned hmac function.
- */
- prf_t *hmac_prf;
-};
-
-/**
- * Implementation of signer_t.get_signature.
- */
-static void get_signature (private_hmac_signer_t *this, chunk_t data, u_int8_t *buffer)
-{
- u_int8_t full_mac[this->hmac_prf->get_block_size(this->hmac_prf)];
-
- this->hmac_prf->get_bytes(this->hmac_prf,data,full_mac);
-
- /* copy mac aka signature :-) */
- memcpy(buffer,full_mac,BLOCK_SIZE);
-}
-
-/**
- * Implementation of signer_t.allocate_signature.
- */
-static void allocate_signature (private_hmac_signer_t *this, chunk_t data, chunk_t *chunk)
-{
- chunk_t signature;
- u_int8_t full_mac[this->hmac_prf->get_block_size(this->hmac_prf)];
-
- this->hmac_prf->get_bytes(this->hmac_prf,data,full_mac);
-
- signature.ptr = malloc(BLOCK_SIZE);
- signature.len = BLOCK_SIZE;
-
- /* copy signature */
- memcpy(signature.ptr,full_mac,BLOCK_SIZE);
-
- *chunk = signature;
-}
-
-/**
- * Implementation of signer_t.verify_signature.
- */
-static bool verify_signature (private_hmac_signer_t *this, chunk_t data, chunk_t signature)
-{
- u_int8_t full_mac[this->hmac_prf->get_block_size(this->hmac_prf)];
-
- this->hmac_prf->get_bytes(this->hmac_prf,data,full_mac);
-
- if (signature.len != BLOCK_SIZE)
- {
- return FALSE;
- }
-
- /* compare mac aka signature :-) */
- if (memcmp(signature.ptr,full_mac,BLOCK_SIZE) == 0)
- {
- return TRUE;
- }
- else
- {
- return FALSE;
- }
-}
-
-/**
- * Implementation of signer_t.get_key_size.
- */
-static size_t get_key_size (private_hmac_signer_t *this)
-{
- /* for HMAC signer, IKEv2 uses block size as key size */
- return this->hmac_prf->get_block_size(this->hmac_prf);
-}
-
-/**
- * Implementation of signer_t.get_block_size.
- */
-static size_t get_block_size (private_hmac_signer_t *this)
-{
- return BLOCK_SIZE;
-}
-
-/**
- * Implementation of signer_t.set_key.
- */
-static void set_key (private_hmac_signer_t *this, chunk_t key)
-{
- this->hmac_prf->set_key(this->hmac_prf,key);
-}
-
-/**
- * Implementation of signer_t.destroy.
- */
-static status_t destroy(private_hmac_signer_t *this)
-{
- this->hmac_prf->destroy(this->hmac_prf);
- free(this);
- return SUCCESS;
-}
-
-/*
- * Described in header
- */
-hmac_signer_t *hmac_signer_create(hash_algorithm_t hash_algoritm)
-{
- private_hmac_signer_t *this = malloc_thing(private_hmac_signer_t);
-
- this->hmac_prf = (prf_t *) hmac_prf_create(hash_algoritm);
-
- if (this->hmac_prf == NULL)
- {
- /* algorithm not supported */
- free(this);
- return NULL;
- }
-
- /* interface functions */
- this->public.signer_interface.get_signature = (void (*) (signer_t*, chunk_t, u_int8_t*))get_signature;
- this->public.signer_interface.allocate_signature = (void (*) (signer_t*, chunk_t, chunk_t*))allocate_signature;
- this->public.signer_interface.verify_signature = (bool (*) (signer_t*, chunk_t, chunk_t))verify_signature;
- this->public.signer_interface.get_key_size = (size_t (*) (signer_t*))get_key_size;
- this->public.signer_interface.get_block_size = (size_t (*) (signer_t*))get_block_size;
- this->public.signer_interface.set_key = (void (*) (signer_t*,chunk_t))set_key;
- this->public.signer_interface.destroy = (void (*) (signer_t*))destroy;
-
- return &(this->public);
-}
diff --git a/Source/lib/crypto/signers/hmac_signer.h b/Source/lib/crypto/signers/hmac_signer.h
deleted file mode 100644
index 62427167e..000000000
--- a/Source/lib/crypto/signers/hmac_signer.h
+++ /dev/null
@@ -1,58 +0,0 @@
-/**
- * @file hmac_signer.h
- *
- * @brief Interface of hmac_signer_t.
- *
- */
-
-/*
- * Copyright (C) 2005 Jan Hutter, Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#ifndef HMAC_SIGNER_H_
-#define HMAC_SIGNER_H_
-
-#include <crypto/signers/signer.h>
-#include <crypto/hashers/hasher.h>
-
-typedef struct hmac_signer_t hmac_signer_t;
-
-/**
- * @brief Implementation of signer_t interface using the
- * HMAC algorithm in combination with either MD5 or SHA1.
- *
- * @ingroup signers
- */
-struct hmac_signer_t {
-
- /**
- * generic signer_t interface for this signer
- */
- signer_t signer_interface;
-};
-
-/**
- * @brief Creates a new hmac_signer_t.
- *
- * @param hash_algoritm Hash algorithm to use with signer
- * @return
- * - hmac_signer_t
- * - NULL if hash algorithm not supported
- *
- * @ingroup signers
- */
-hmac_signer_t *hmac_signer_create(hash_algorithm_t hash_algoritm);
-
-
-#endif /*HMAC_SIGNER_H_*/
diff --git a/Source/lib/crypto/signers/signer.c b/Source/lib/crypto/signers/signer.c
deleted file mode 100644
index 3e6378957..000000000
--- a/Source/lib/crypto/signers/signer.c
+++ /dev/null
@@ -1,59 +0,0 @@
-/**
- * @file signer.c
- *
- * @brief Implementation of generic signer_t constructor.
- *
- */
-
-/*
- * Copyright (C) 2005 Jan Hutter, Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include "signer.h"
-
-#include <crypto/signers/hmac_signer.h>
-
-/**
- * String mappings for integrity_algorithm_t.
- */
-mapping_t integrity_algorithm_m[] = {
- {AUTH_UNDEFINED, "AUTH_UNDEFINED"},
- {AUTH_HMAC_MD5_96, "AUTH_HMAC_MD5_96"},
- {AUTH_HMAC_SHA1_96, "AUTH_HMAC_SHA1_96"},
- {AUTH_DES_MAC, "AUTH_DES_MAC"},
- {AUTH_KPDK_MD5, "AUTH_KPDK_MD5"},
- {AUTH_AES_XCBC_96, "AUTH_AES_XCBC_96"},
- {MAPPING_END, NULL}
-};
-
-
-/*
- * Described in header.
- */
-signer_t *signer_create(integrity_algorithm_t integrity_algorithm)
-{
- switch(integrity_algorithm)
- {
- case AUTH_HMAC_SHA1_96:
- {
- return ((signer_t *) hmac_signer_create(HASH_SHA1));
- }
- case AUTH_HMAC_MD5_96:
- {
- return ((signer_t *) hmac_signer_create(HASH_MD5));
- }
- default:
- return NULL;
- }
-}
diff --git a/Source/lib/crypto/signers/signer.h b/Source/lib/crypto/signers/signer.h
deleted file mode 100644
index 9625af813..000000000
--- a/Source/lib/crypto/signers/signer.h
+++ /dev/null
@@ -1,147 +0,0 @@
-/**
- * @file signer.h
- *
- * @brief Interface for signer_t.
- *
- */
-
-/*
- * Copyright (C) 2005 Jan Hutter, Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#ifndef SIGNER_H_
-#define SIGNER_H_
-
-#include <types.h>
-#include <definitions.h>
-
-typedef enum integrity_algorithm_t integrity_algorithm_t;
-
-/**
- * @brief Integrity algorithm, as in IKEv2 RFC 3.3.2.
- *
- * Currently only the following algorithms are implemented and therefore supported:
- * - AUTH_HMAC_MD5_96
- * - AUTH_HMAC_SHA1_96
- *
- * @ingroup signers
- */
-enum integrity_algorithm_t {
- AUTH_UNDEFINED = 1024,
- /**
- * Implemented in class hmac_signer_t.
- */
- AUTH_HMAC_MD5_96 = 1,
- /**
- * Implemented in class hmac_signer_t.
- */
- AUTH_HMAC_SHA1_96 = 2,
- AUTH_DES_MAC = 3,
- AUTH_KPDK_MD5 = 4,
- AUTH_AES_XCBC_96 = 5
-};
-
-/**
- * String mappings for integrity_algorithm_t.
- */
-extern mapping_t integrity_algorithm_m[];
-
-
-typedef struct signer_t signer_t;
-
-/**
- * @brief Generig interface for a symmetric signature algorithm.
- *
- * @b Constructors:
- * - signer_create()
- * - hmac_signer_create()
- *
- * @todo Implement more integrity algorithms
- *
- * @ingroup signers
- */
-struct signer_t {
- /**
- * @brief Generate a signature.
- *
- * @param this calling object
- * @param data a chunk containing the data to sign
- * @param[out] buffer pointer where the signature will be written
- */
- void (*get_signature) (signer_t *this, chunk_t data, u_int8_t *buffer);
-
- /**
- * @brief Generate a signature and allocate space for it.
- *
- * @param this calling object
- * @param data a chunk containing the data to sign
- * @param[out] chunk chunk which will hold the allocated signature
- */
- void (*allocate_signature) (signer_t *this, chunk_t data, chunk_t *chunk);
-
- /**
- * @brief Verify a signature.
- *
- * @param this calling object
- * @param data a chunk containing the data to verify
- * @param signature a chunk containing the signature
- * @return TRUE, if signature is valid, FALSE otherwise
- */
- bool (*verify_signature) (signer_t *this, chunk_t data, chunk_t signature);
-
- /**
- * @brief Get the block size of this signature algorithm.
- *
- * @param this calling object
- * @return block size in bytes
- */
- size_t (*get_block_size) (signer_t *this);
-
- /**
- * @brief Get the key size of the signature algorithm.
- *
- * @param this calling object
- * @return key size in bytes
- */
- size_t (*get_key_size) (signer_t *this);
-
- /**
- * @brief Set the key for this object.
- *
- * @param this calling object
- * @param key key to set
- */
- void (*set_key) (signer_t *this, chunk_t key);
-
- /**
- * @brief Destroys a signer_t object.
- *
- * @param this calling object
- */
- void (*destroy) (signer_t *this);
-};
-
-/**
- * @brief Creates a new signer_t object.
- *
- * @param integrity_algorithm Algorithm to use for signing and verifying.
- * @return
- * - signer_t object
- * - NULL if signer not supported
- *
- * @ingroup signers
- */
-signer_t *signer_create(integrity_algorithm_t integrity_algorithm);
-
-#endif /*SIGNER_H_*/
diff --git a/Source/lib/crypto/x509.c b/Source/lib/crypto/x509.c
deleted file mode 100755
index 86a595618..000000000
--- a/Source/lib/crypto/x509.c
+++ /dev/null
@@ -1,937 +0,0 @@
-/**
- * @file x509.c
- *
- * @brief Implementation of x509_t.
- *
- */
-
-/*
- * Copyright (C) 2006 Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#include <gmp.h>
-#include <sys/stat.h>
-#include <unistd.h>
-#include <string.h>
-
-#include "x509.h"
-
-#include <daemon.h>
-#include <asn1/asn1.h>
-#include <asn1/oid.h>
-#include <utils/logger_manager.h>
-
-typedef const char *err_t; /* error message, or NULL for success */
-
-
-#define BUF_LEN 512
-#define RSA_MIN_OCTETS (512 / 8)
-#define RSA_MIN_OCTETS_UGH "RSA modulus too small for security: less than 512 bits"
-#define RSA_MAX_OCTETS (8192 / 8)
-#define RSA_MAX_OCTETS_UGH "RSA modulus too large: more than 8192 bits"
-
-logger_t *logger;
-
-typedef enum generalNames_t generalNames_t;
-
-/**
- * Different kinds of generalNames
- */
-enum generalNames_t {
- GN_OTHER_NAME = 0,
- GN_RFC822_NAME = 1,
- GN_DNS_NAME = 2,
- GN_X400_ADDRESS = 3,
- GN_DIRECTORY_NAME = 4,
- GN_EDI_PARTY_NAME = 5,
- GN_URI = 6,
- GN_IP_ADDRESS = 7,
- GN_REGISTERED_ID = 8,
-};
-
-typedef struct generalName_t generalName_t;
-
-/**
- * A generalName, chainable in a list
- */
-struct generalName_t {
- generalName_t *next;
- generalNames_t kind;
- chunk_t name;
-};
-
-typedef struct private_x509_t private_x509_t;
-
-/**
- * Private data of a x509_t object.
- */
-struct private_x509_t {
- /**
- * Public interface for this certificate.
- */
- x509_t public;
-
- /**
- * Version of the X509 certificate
- */
- u_int version;
-
- /**
- * ID representing the certificates subject
- */
- identification_t *subject;
-
- /**
- * ID representing the certificate issuer
- */
- identification_t *issuer;
-
- /**
- * List of identification_t's representing subjectAltNames
- */
- linked_list_t *subjectAltNames;
-
- /**
- * List of identification_t's representing issuerAltNames
- */
- linked_list_t *issuerAltNames;
-
- /**
- * List of identification_t's representing crlDistributionPoints
- */
- linked_list_t *crlDistributionPoints;
-
- /**
- * Type of the subjects Key (currently RSA only)
- */
- auth_method_t subjectPublicKeyAlgorithm;
-
-
- /**
- * Subjects RSA public key, if subjectPublicKeyAlgorithm == RSA
- */
- rsa_public_key_t *public_key;
-
-
-
-
- time_t installed;
- u_char authority_flags;
- chunk_t x509;
- chunk_t tbsCertificate;
- chunk_t serialNumber;
- /* signature */
- int sigAlg;
- /* validity */
- time_t notBefore;
- time_t notAfter;
- /* subjectPublicKeyInfo */
- chunk_t subjectPublicKey;
- /* issuerUniqueID */
- /* subjectUniqueID */
- /* v3 extensions */
- /* extension */
- /* extension */
- /* extnID */
- /* critical */
- /* extnValue */
- bool isCA;
- bool isOcspSigner; /* ocsp */
- chunk_t subjectKeyID;
- chunk_t authKeyID;
- chunk_t authKeySerialNumber;
- chunk_t accessLocation; /* ocsp */
- /* signatureAlgorithm */
- int algorithm;
- chunk_t signature;
-};
-
-/**
- * ASN.1 definition of a basicConstraints extension
- */
-static const asn1Object_t basicConstraintsObjects[] = {
- { 0, "basicConstraints", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
- { 1, "CA", ASN1_BOOLEAN, ASN1_DEF|ASN1_BODY }, /* 1 */
- { 1, "pathLenConstraint", ASN1_INTEGER, ASN1_OPT|ASN1_BODY }, /* 2 */
- { 1, "end opt", ASN1_EOC, ASN1_END } /* 3 */
-};
-#define BASIC_CONSTRAINTS_CA 1
-#define BASIC_CONSTRAINTS_ROOF 4
-
-/**
- * ASN.1 definition of time
- */
-static const asn1Object_t timeObjects[] = {
- { 0, "utcTime", ASN1_UTCTIME, ASN1_OPT|ASN1_BODY }, /* 0 */
- { 0, "end opt", ASN1_EOC, ASN1_END }, /* 1 */
- { 0, "generalizeTime",ASN1_GENERALIZEDTIME, ASN1_OPT|ASN1_BODY }, /* 2 */
- { 0, "end opt", ASN1_EOC, ASN1_END } /* 3 */
-};
-#define TIME_UTC 0
-#define TIME_GENERALIZED 2
-#define TIME_ROOF 4
-
-/**
- * ASN.1 definition of a keyIdentifier
- */
-static const asn1Object_t keyIdentifierObjects[] = {
- { 0, "keyIdentifier", ASN1_OCTET_STRING, ASN1_BODY } /* 0 */
-};
-
-/**
- * ASN.1 definition of a authorityKeyIdentifier extension
- */
-static const asn1Object_t authorityKeyIdentifierObjects[] = {
- { 0, "authorityKeyIdentifier", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */
- { 1, "keyIdentifier", ASN1_CONTEXT_S_0, ASN1_OPT|ASN1_OBJ }, /* 1 */
- { 1, "end opt", ASN1_EOC, ASN1_END }, /* 2 */
- { 1, "authorityCertIssuer", ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_OBJ }, /* 3 */
- { 1, "end opt", ASN1_EOC, ASN1_END }, /* 4 */
- { 1, "authorityCertSerialNumber",ASN1_CONTEXT_S_2, ASN1_OPT|ASN1_BODY }, /* 5 */
- { 1, "end opt", ASN1_EOC, ASN1_END } /* 6 */
-};
-#define AUTH_KEY_ID_KEY_ID 1
-#define AUTH_KEY_ID_CERT_ISSUER 3
-#define AUTH_KEY_ID_CERT_SERIAL 5
-#define AUTH_KEY_ID_ROOF 7
-
-/**
- * ASN.1 definition of a authorityInfoAccess extension
- */
-static const asn1Object_t authorityInfoAccessObjects[] = {
- { 0, "authorityInfoAccess", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
- { 1, "accessDescription", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
- { 2, "accessMethod", ASN1_OID, ASN1_BODY }, /* 2 */
- { 2, "accessLocation", ASN1_EOC, ASN1_RAW }, /* 3 */
- { 0, "end loop", ASN1_EOC, ASN1_END } /* 4 */
-};
-#define AUTH_INFO_ACCESS_METHOD 2
-#define AUTH_INFO_ACCESS_LOCATION 3
-#define AUTH_INFO_ACCESS_ROOF 5
-
-/**
- * ASN.1 definition of a extendedKeyUsage extension
- */
-static const asn1Object_t extendedKeyUsageObjects[] = {
- { 0, "extendedKeyUsage", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
- { 1, "keyPurposeID", ASN1_OID, ASN1_BODY }, /* 1 */
- { 0, "end loop", ASN1_EOC, ASN1_END }, /* 2 */
-};
-
-#define EXT_KEY_USAGE_PURPOSE_ID 1
-#define EXT_KEY_USAGE_ROOF 3
-
-/**
- * ASN.1 definition of generalNames
- */
-static const asn1Object_t generalNamesObjects[] = {
- { 0, "generalNames", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
- { 1, "generalName", ASN1_EOC, ASN1_RAW }, /* 1 */
- { 0, "end loop", ASN1_EOC, ASN1_END } /* 2 */
-};
-#define GENERAL_NAMES_GN 1
-#define GENERAL_NAMES_ROOF 3
-
-
-/**
- * ASN.1 definition of crlDistributionPoints
- */
-static const asn1Object_t crlDistributionPointsObjects[] = {
- { 0, "crlDistributionPoints", ASN1_SEQUENCE, ASN1_LOOP }, /* 0 */
- { 1, "DistributionPoint", ASN1_SEQUENCE, ASN1_NONE }, /* 1 */
- { 2, "distributionPoint", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_LOOP }, /* 2 */
- { 3, "fullName", ASN1_CONTEXT_C_0, ASN1_OPT|ASN1_OBJ }, /* 3 */
- { 3, "end choice", ASN1_EOC, ASN1_END }, /* 4 */
- { 3, "nameRelToCRLIssuer",ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_BODY }, /* 5 */
- { 3, "end choice", ASN1_EOC, ASN1_END }, /* 6 */
- { 2, "end opt", ASN1_EOC, ASN1_END }, /* 7 */
- { 2, "reasons", ASN1_CONTEXT_C_1, ASN1_OPT|ASN1_BODY }, /* 8 */
- { 2, "end opt", ASN1_EOC, ASN1_END }, /* 9 */
- { 2, "crlIssuer", ASN1_CONTEXT_C_2, ASN1_OPT|ASN1_BODY }, /* 10 */
- { 2, "end opt", ASN1_EOC, ASN1_END }, /* 11 */
- { 0, "end loop", ASN1_EOC, ASN1_END }, /* 12 */
-};
-#define CRL_DIST_POINTS_FULLNAME 3
-#define CRL_DIST_POINTS_ROOF 13
-
-/**
- * ASN.1 definition of an X.509v3 x509
- */
-static const asn1Object_t certObjects[] = {
- { 0, "x509", ASN1_SEQUENCE, ASN1_OBJ }, /* 0 */
- { 1, "tbsCertificate", ASN1_SEQUENCE, ASN1_OBJ }, /* 1 */
- { 2, "DEFAULT v1", ASN1_CONTEXT_C_0, ASN1_DEF }, /* 2 */
- { 3, "version", ASN1_INTEGER, ASN1_BODY }, /* 3 */
- { 2, "serialNumber", ASN1_INTEGER, ASN1_BODY }, /* 4 */
- { 2, "signature", ASN1_EOC, ASN1_RAW }, /* 5 */
- { 2, "issuer", ASN1_SEQUENCE, ASN1_OBJ }, /* 6 */
- { 2, "validity", ASN1_SEQUENCE, ASN1_NONE }, /* 7 */
- { 3, "notBefore", ASN1_EOC, ASN1_RAW }, /* 8 */
- { 3, "notAfter", ASN1_EOC, ASN1_RAW }, /* 9 */
- { 2, "subject", ASN1_SEQUENCE, ASN1_OBJ }, /* 10 */
- { 2, "subjectPublicKeyInfo",ASN1_SEQUENCE, ASN1_NONE }, /* 11 */
- { 3, "algorithm", ASN1_EOC, ASN1_RAW }, /* 12 */
- { 3, "subjectPublicKey", ASN1_BIT_STRING, ASN1_NONE }, /* 13 */
- { 4, "RSAPublicKey", ASN1_SEQUENCE, ASN1_RAW }, /* 14 */
- { 2, "issuerUniqueID", ASN1_CONTEXT_C_1, ASN1_OPT }, /* 15 */
- { 2, "end opt", ASN1_EOC, ASN1_END }, /* 16 */
- { 2, "subjectUniqueID", ASN1_CONTEXT_C_2, ASN1_OPT }, /* 17 */
- { 2, "end opt", ASN1_EOC, ASN1_END }, /* 18 */
- { 2, "optional extensions", ASN1_CONTEXT_C_3, ASN1_OPT }, /* 19 */
- { 3, "extensions", ASN1_SEQUENCE, ASN1_LOOP }, /* 20 */
- { 4, "extension", ASN1_SEQUENCE, ASN1_NONE }, /* 21 */
- { 5, "extnID", ASN1_OID, ASN1_BODY }, /* 22 */
- { 5, "critical", ASN1_BOOLEAN, ASN1_DEF|ASN1_BODY }, /* 23 */
- { 5, "extnValue", ASN1_OCTET_STRING, ASN1_BODY }, /* 24 */
- { 3, "end loop", ASN1_EOC, ASN1_END }, /* 25 */
- { 2, "end opt", ASN1_EOC, ASN1_END }, /* 26 */
- { 1, "signatureAlgorithm", ASN1_EOC, ASN1_RAW }, /* 27 */
- { 1, "signatureValue", ASN1_BIT_STRING, ASN1_BODY } /* 28 */
-};
-#define X509_OBJ_CERTIFICATE 0
-#define X509_OBJ_TBS_CERTIFICATE 1
-#define X509_OBJ_VERSION 3
-#define X509_OBJ_SERIAL_NUMBER 4
-#define X509_OBJ_SIG_ALG 5
-#define X509_OBJ_ISSUER 6
-#define X509_OBJ_NOT_BEFORE 8
-#define X509_OBJ_NOT_AFTER 9
-#define X509_OBJ_SUBJECT 10
-#define X509_OBJ_SUBJECT_PUBLIC_KEY_ALGORITHM 12
-#define X509_OBJ_SUBJECT_PUBLIC_KEY 13
-#define X509_OBJ_RSA_PUBLIC_KEY 14
-#define X509_OBJ_EXTN_ID 22
-#define X509_OBJ_CRITICAL 23
-#define X509_OBJ_EXTN_VALUE 24
-#define X509_OBJ_ALGORITHM 27
-#define X509_OBJ_SIGNATURE 28
-#define X509_OBJ_ROOF 29
-
-
-static u_char ASN1_subjectAltName_oid_str[] = {
- 0x06, 0x03, 0x55, 0x1D, 0x11
-};
-
-static const chunk_t ASN1_subjectAltName_oid = chunk_from_buf(ASN1_subjectAltName_oid_str);
-
-
-/**
- * compare two X.509 x509s by comparing their signatures
- */
-static bool equals(private_x509_t *this, private_x509_t *other)
-{
- return chunk_equals(this->signature, other->signature);
-}
-
-/**
- * encode a linked list of subjectAltNames
- */
-chunk_t build_subjectAltNames(generalName_t *subjectAltNames)
-{
- u_char *pos;
- chunk_t names;
- size_t len = 0;
- generalName_t *gn = subjectAltNames;
-
- /* compute the total size of the ASN.1 attributes object */
- while (gn != NULL)
- {
- len += gn->name.len;
- gn = gn->next;
- }
-
- pos = build_asn1_object(&names, ASN1_SEQUENCE, len);
-
- gn = subjectAltNames;
- while (gn != NULL)
- {
- memcpy(pos, gn->name.ptr, gn->name.len);
- pos += gn->name.len;
- gn = gn->next;
- }
-
- return asn1_wrap(ASN1_SEQUENCE, "cm",
- ASN1_subjectAltName_oid,
- asn1_wrap(ASN1_OCTET_STRING, "m", names)
- );
-}
-
-/**
- * free the dynamic memory used to store generalNames
- */
-void free_generalNames(generalName_t* gn, bool free_name)
-{
- while (gn != NULL)
- {
- generalName_t *gn_top = gn;
- if (free_name)
- {
- free(gn->name.ptr);
- }
- gn = gn->next;
- free(gn_top);
- }
-}
-
-/**
- * extracts the basicConstraints extension
- */
-static bool parse_basicConstraints(chunk_t blob, int level0)
-{
- asn1_ctx_t ctx;
- chunk_t object;
- u_int level;
- int objectID = 0;
- bool isCA = FALSE;
-
- asn1_init(&ctx, blob, level0, FALSE);
-
- while (objectID < BASIC_CONSTRAINTS_ROOF) {
-
- if (!extract_object(basicConstraintsObjects, &objectID, &object,&level, &ctx))
- {
- break;
- }
- if (objectID == BASIC_CONSTRAINTS_CA)
- {
- isCA = object.len && *object.ptr;
- logger->log(logger, RAW|LEVEL1, " %s", isCA ? "TRUE" : "FALSE");
- }
- objectID++;
- }
- return isCA;
-}
-
-/**
- * extracts one or several GNs and puts them into a chained list
- */
-static void parse_generalNames(chunk_t blob, int level0, bool implicit, linked_list_t *list)
-{
- asn1_ctx_t ctx;
- chunk_t object;
- u_int level;
- int objectID = 0;
-
- asn1_init(&ctx, blob, level0, implicit);
-
- while (objectID < GENERAL_NAMES_ROOF)
- {
- if (!extract_object(generalNamesObjects, &objectID, &object, &level, &ctx))
- return;
-
- if (objectID == GENERAL_NAMES_GN)
- {
- list->insert_last(list, identification_create_from_encoding(ID_DER_ASN1_GN, object));
- }
- objectID++;
- }
- return;
-}
-
-/**
- * extracts and converts a UTCTIME or GENERALIZEDTIME object
- */
-time_t parse_time(chunk_t blob, int level0)
-{
- asn1_ctx_t ctx;
- chunk_t object;
- u_int level;
- int objectID = 0;
-
- asn1_init(&ctx, blob, level0, FALSE);
-
- while (objectID < TIME_ROOF)
- {
- if (!extract_object(timeObjects, &objectID, &object, &level, &ctx))
- return 0;
-
- if (objectID == TIME_UTC || objectID == TIME_GENERALIZED)
- {
- return asn1totime(&object, (objectID == TIME_UTC)
- ? ASN1_UTCTIME : ASN1_GENERALIZEDTIME);
- }
- objectID++;
- }
- return 0;
-}
-
-/**
- * extracts a keyIdentifier
- */
-static chunk_t parse_keyIdentifier(chunk_t blob, int level0, bool implicit)
-{
- asn1_ctx_t ctx;
- chunk_t object;
- u_int level;
- int objectID = 0;
-
- asn1_init(&ctx, blob, level0, implicit);
-
- extract_object(keyIdentifierObjects, &objectID, &object, &level, &ctx);
- return object;
-}
-
-/**
- * extracts an authoritykeyIdentifier
- */
-void parse_authorityKeyIdentifier(chunk_t blob, int level0 , chunk_t *authKeyID, chunk_t *authKeySerialNumber)
-{
- asn1_ctx_t ctx;
- chunk_t object;
- u_int level;
- int objectID = 0;
-
- asn1_init(&ctx, blob, level0, FALSE);
- while (objectID < AUTH_KEY_ID_ROOF)
- {
- if (!extract_object(authorityKeyIdentifierObjects, &objectID, &object, &level, &ctx))
- {
- return;
- }
- switch (objectID)
- {
- case AUTH_KEY_ID_KEY_ID:
- *authKeyID = parse_keyIdentifier(object, level+1, TRUE);
- break;
- case AUTH_KEY_ID_CERT_ISSUER:
- {
- /* TODO: parse_generalNames(object, level+1, TRUE); */
- break;
- }
- case AUTH_KEY_ID_CERT_SERIAL:
- *authKeySerialNumber = object;
- break;
- default:
- break;
- }
- objectID++;
- }
-}
-
-/**
- * extracts an authorityInfoAcess location
- */
-static void parse_authorityInfoAccess(chunk_t blob, int level0, chunk_t *accessLocation)
-{
- asn1_ctx_t ctx;
- chunk_t object;
- u_int level;
- int objectID = 0;
-
- u_int accessMethod = OID_UNKNOWN;
-
- asn1_init(&ctx, blob, level0, FALSE);
- while (objectID < AUTH_INFO_ACCESS_ROOF)
- {
- if (!extract_object(authorityInfoAccessObjects, &objectID, &object, &level, &ctx))
- {
- return;
- }
- switch (objectID)
- {
- case AUTH_INFO_ACCESS_METHOD:
- accessMethod = known_oid(object);
- break;
- case AUTH_INFO_ACCESS_LOCATION:
- {
- switch (accessMethod)
- {
- case OID_OCSP:
- if (*object.ptr == ASN1_CONTEXT_S_6)
- {
- if (asn1_length(&object) == ASN1_INVALID_LENGTH)
- {
- return;
- }
- logger->log(logger, RAW|LEVEL1, " '%.*s'",(int)object.len, object.ptr);
- /* only HTTP(S) URIs accepted */
- if (strncasecmp(object.ptr, "http", 4) == 0)
- {
- *accessLocation = object;
- return;
- }
- }
- logger->log(logger, ERROR|LEVEL2, "ignoring OCSP InfoAccessLocation with unkown protocol");
- break;
- default:
- /* unkown accessMethod, ignoring */
- break;
- }
- break;
- }
- default:
- break;
- }
- objectID++;
- }
-}
-
-/**
- * extracts extendedKeyUsage OIDs
- */
-static bool parse_extendedKeyUsage(chunk_t blob, int level0)
-{
- asn1_ctx_t ctx;
- chunk_t object;
- u_int level;
- int objectID = 0;
-
- asn1_init(&ctx, blob, level0, FALSE);
- while (objectID < EXT_KEY_USAGE_ROOF)
- {
- if (!extract_object(extendedKeyUsageObjects, &objectID, &object, &level, &ctx))
- {
- return FALSE;
- }
- if (objectID == EXT_KEY_USAGE_PURPOSE_ID &&
- known_oid(object) == OID_OCSP_SIGNING)
- {
- return TRUE;
- }
- objectID++;
- }
- return FALSE;
-}
-
-/**
- * extracts one or several crlDistributionPoints and puts them into
- * a chained list
- */
-static void parse_crlDistributionPoints(chunk_t blob, int level0, linked_list_t *list)
-{
- asn1_ctx_t ctx;
- chunk_t object;
- u_int level;
- int objectID = 0;
-
- asn1_init(&ctx, blob, level0, FALSE);
- while (objectID < CRL_DIST_POINTS_ROOF)
- {
- if (!extract_object(crlDistributionPointsObjects, &objectID, &object, &level, &ctx))
- {
- return;
- }
- if (objectID == CRL_DIST_POINTS_FULLNAME)
- {
- /* append extracted generalNames to existing chained list */
- parse_generalNames(object, level+1, TRUE, list);
-
- }
- objectID++;
- }
-}
-
-
-/**
- * Parses an X.509v3 x509
- */
-bool parse_x509cert(chunk_t blob, u_int level0, private_x509_t *cert)
-{
- asn1_ctx_t ctx;
- bool critical;
- chunk_t object;
- u_int level;
- u_int extn_oid = OID_UNKNOWN;
- int objectID = 0;
-
- asn1_init(&ctx, blob, level0, FALSE);
- while (objectID < X509_OBJ_ROOF)
- {
- if (!extract_object(certObjects, &objectID, &object, &level, &ctx))
- {
- return FALSE;
- }
- /* those objects which will parsed further need the next higher level */
- level++;
- switch (objectID) {
- case X509_OBJ_CERTIFICATE:
- cert->x509 = object;
- break;
- case X509_OBJ_TBS_CERTIFICATE:
- cert->tbsCertificate = object;
- break;
- case X509_OBJ_VERSION:
- cert->version = (object.len) ? (1+(u_int)*object.ptr) : 1;
- logger->log(logger, RAW|LEVEL1, " v%d", cert->version);
- break;
- case X509_OBJ_SERIAL_NUMBER:
- cert->serialNumber = object;
- break;
- case X509_OBJ_SIG_ALG:
- cert->sigAlg = parse_algorithmIdentifier(object, level, NULL);
- break;
- case X509_OBJ_ISSUER:
- cert->issuer = identification_create_from_encoding(ID_DER_ASN1_DN, object);
- break;
- case X509_OBJ_NOT_BEFORE:
- cert->notBefore = parse_time(object, level);
- break;
- case X509_OBJ_NOT_AFTER:
- cert->notAfter = parse_time(object, level);
- break;
- case X509_OBJ_SUBJECT:
- cert->subject = identification_create_from_encoding(ID_DER_ASN1_DN, object);
- break;
- case X509_OBJ_SUBJECT_PUBLIC_KEY_ALGORITHM:
- if (parse_algorithmIdentifier(object, level, NULL) == OID_RSA_ENCRYPTION)
- {
- cert->subjectPublicKeyAlgorithm = RSA_DIGITAL_SIGNATURE;
- }
- else
- {
- logger->log(logger, ERROR|LEVEL1, " unsupported public key algorithm");
- return FALSE;
- }
- break;
- case X509_OBJ_SUBJECT_PUBLIC_KEY:
- if (ctx.blobs[4].len > 0 && *ctx.blobs[4].ptr == 0x00)
- {
- /* skip initial bit string octet defining 0 unused bits */
- ctx.blobs[4].ptr++; ctx.blobs[4].len--;
- }
- else
- {
- logger->log(logger, ERROR|LEVEL1, " invalid RSA public key format");
- return FALSE;
- }
- break;
- case X509_OBJ_RSA_PUBLIC_KEY:
- cert->subjectPublicKey = object;
- break;
- case X509_OBJ_EXTN_ID:
- extn_oid = known_oid(object);
- break;
- case X509_OBJ_CRITICAL:
- critical = object.len && *object.ptr;
- logger->log(logger, ERROR|LEVEL1, " %s", critical ? "TRUE" : "FALSE");
- break;
- case X509_OBJ_EXTN_VALUE:
- {
- switch (extn_oid) {
- case OID_SUBJECT_KEY_ID:
- cert->subjectKeyID = parse_keyIdentifier(object, level, FALSE);
- break;
- case OID_SUBJECT_ALT_NAME:
- parse_generalNames(object, level, FALSE, cert->subjectAltNames);
- break;
- case OID_BASIC_CONSTRAINTS:
- cert->isCA = parse_basicConstraints(object, level);
- break;
- case OID_CRL_DISTRIBUTION_POINTS:
- parse_crlDistributionPoints(object, level, cert->crlDistributionPoints);
- break;
- case OID_AUTHORITY_KEY_ID:
- parse_authorityKeyIdentifier(object, level , &cert->authKeyID, &cert->authKeySerialNumber);
- break;
- case OID_AUTHORITY_INFO_ACCESS:
- parse_authorityInfoAccess(object, level, &cert->accessLocation);
- break;
- case OID_EXTENDED_KEY_USAGE:
- cert->isOcspSigner = parse_extendedKeyUsage(object, level);
- break;
- case OID_NS_REVOCATION_URL:
- case OID_NS_CA_REVOCATION_URL:
- case OID_NS_CA_POLICY_URL:
- case OID_NS_COMMENT:
- if (!parse_asn1_simple_object(&object, ASN1_IA5STRING , level, oid_names[extn_oid].name))
- {
- return FALSE;
- }
- break;
- default:
- break;
- }
- break;
- }
- case X509_OBJ_ALGORITHM:
- cert->algorithm = parse_algorithmIdentifier(object, level, NULL);
- break;
- case X509_OBJ_SIGNATURE:
- cert->signature = object;
- break;
- default:
- break;
- }
- objectID++;
- }
- time(&cert->installed);
- return TRUE;
-}
-
-/**
- * verify the validity of a x509 by
- * checking the notBefore and notAfter dates
- */
-err_t check_validity(const private_x509_t *cert, time_t *until)
-{
- time_t current_time;
-
- time(&current_time);
-
- if (cert->notAfter < *until)
- {
- *until = cert->notAfter;
- }
- if (current_time < cert->notBefore)
- {
- return "x509 is not valid yet";
- }
- if (current_time > cert->notAfter)
- {
- return "x509 has expired";
- }
- else
- {
- return NULL;
- }
-}
-
-/**
- * Implements x509_t.get_public_key
- */
-static rsa_public_key_t *get_public_key(private_x509_t *this)
-{
- return this->public_key->clone(this->public_key);;
-}
-
-/**
- * Implements x509_t.get_subject
- */
-static identification_t *get_subject(private_x509_t *this)
-{
- return this->subject;
-}
-
-/**
- * Implements x509_t.get_issuer
- */
-static identification_t *get_issuer(private_x509_t *this)
-{
- return this->issuer;
-}
-
-/**
- * destroy
- */
-static void destroy(private_x509_t *this)
-{
- identification_t *id;
- while (this->subjectAltNames->remove_last(this->subjectAltNames, (void**)&id) == SUCCESS)
- {
- id->destroy(id);
- }
- this->subjectAltNames->destroy(this->subjectAltNames);
- while (this->issuerAltNames->remove_last(this->issuerAltNames, (void**)&id) == SUCCESS)
- {
- id->destroy(id);
- }
- this->issuerAltNames->destroy(this->issuerAltNames);
- while (this->crlDistributionPoints->remove_last(this->crlDistributionPoints, (void**)&id) == SUCCESS)
- {
- id->destroy(id);
- }
- this->crlDistributionPoints->destroy(this->crlDistributionPoints);
- if (this->issuer)
- {
- this->issuer->destroy(this->issuer);
- }
- if (this->subject)
- {
- this->subject->destroy(this->subject);
- }
- if (this->public_key)
- {
- this->public_key->destroy(this->public_key);
- }
- free(this);
-}
-
-/*
- * Described in header.
- */
-x509_t *x509_create_from_chunk(chunk_t chunk)
-{
- private_x509_t *this = malloc_thing(private_x509_t);
-
- /* public functions */
- this->public.equals = (bool (*) (x509_t*,x509_t*))equals;
- this->public.destroy = (void (*) (x509_t*))destroy;
- this->public.get_public_key = (rsa_public_key_t* (*) (x509_t*))get_public_key;
- this->public.get_subject = (identification_t* (*) (x509_t*))get_subject;
- this->public.get_issuer = (identification_t* (*) (x509_t*))get_issuer;
-
- /* initialize */
- this->subjectPublicKey = CHUNK_INITIALIZER;
- this->public_key = NULL;
- this->subject = NULL;
- this->issuer = NULL;
- this->subjectAltNames = linked_list_create(this->subjectAltNames);
- this->issuerAltNames = linked_list_create(this->issuerAltNames);
- this->crlDistributionPoints = linked_list_create(this->crlDistributionPoints);
-
- /* we do not use a per-instance logger right now, since its not always accessible */
- logger = logger_manager->get_logger(logger_manager, ASN1);
-
- if (!is_asn1(chunk) ||
- !parse_x509cert(chunk, 0, this))
- {
- destroy(this);
- return NULL;
- }
-
- this->public_key = rsa_public_key_create_from_chunk(this->subjectPublicKey);
- if (this->public_key == NULL)
- {
- destroy(this);
- return NULL;
- }
-
- return &this->public;
-}
-
-/*
- * Described in header.
- */
-x509_t *x509_create_from_file(char *filename)
-{
- struct stat stb;
- FILE *file;
- char *buffer;
- chunk_t chunk;
-
- if (stat(filename, &stb) == -1)
- {
- return NULL;
- }
-
- buffer = alloca(stb.st_size);
-
- file = fopen(filename, "r");
- if (file == NULL)
- {
- return NULL;
- }
-
- if (fread(buffer, stb.st_size, 1, file) == -1)
- {
- fclose(file);
- return NULL;
- }
- fclose(file);
-
- chunk.ptr = buffer;
- chunk.len = stb.st_size;
-
- return x509_create_from_chunk(chunk);
-}
diff --git a/Source/lib/crypto/x509.h b/Source/lib/crypto/x509.h
deleted file mode 100755
index 077238eab..000000000
--- a/Source/lib/crypto/x509.h
+++ /dev/null
@@ -1,136 +0,0 @@
-/**
- * @file x509.h
- *
- * @brief Interface of x509_t.
- *
- */
-
-/*
- * Copyright (C) 2006 Martin Willi
- * Hochschule fuer Technik Rapperswil
- *
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * for more details.
- */
-
-#ifndef X509_H_
-#define X509_H_
-
-#include <types.h>
-#include <definitions.h>
-#include <crypto/rsa/rsa_public_key.h>
-#include <utils/identification.h>
-#include <utils/iterator.h>
-
-
-typedef struct x509_t x509_t;
-
-/**
- * @brief X509 certificate.
- *
- * @b Constructors:
- * - x509_create_from_chunk()
- * - x509_create_from_file()
- *
- * @todo more code cleanup needed!
- * @todo fix unimplemented functions...
- * @todo handle memory management
- *
- * @ingroup transforms
- */
-struct x509_t {
-
- /**
- * @brief Get the RSA public key from the certificate.
- *
- * @param this calling object
- * @return public_key
- */
- rsa_public_key_t *(*get_public_key) (x509_t *this);
-
- /**
- * @brief Get the certificate issuers ID.
- *
- * The resulting ID is always a identification_t
- * of type ID_DER_ASN1_DN.
- *
- * @param this calling object
- * @return issuers ID
- */
- identification_t *(*get_issuer) (x509_t *this);
-
- /**
- * @brief Get the subjects ID.
- *
- * The resulting ID is always a identification_t
- * of type ID_DER_ASN1_DN.
- *
- * @param this calling object
- * @return subjects ID
- */
- identification_t *(*get_subject) (x509_t *this);
-
- /**
- * @brief Check if a certificate is valid.
- *
- * This function uses the issuers public key to verify
- * the validity of a certificate.
- *
- * @todo implement!
- */
- bool (*verify) (x509_t *this, rsa_public_key_t *signer);
-
- /**
- * @brief Get the key identifier of the public key.
- *
- * @todo implement!
- */
- chunk_t (*get_subject_key_identifier) (x509_t *this);
-
- /**
- * @brief Compare two certificates.
- *
- * Comparison is done via the certificates signature.
- *
- * @param this first cert for compare
- * @param other second cert for compare
- * @return TRUE if signature is equal
- */
- bool (*equals) (x509_t *this, x509_t *other);
-
- /**
- * @brief Destroys the certificate.
- *
- * @param this certificate to destroy
- */
- void (*destroy) (x509_t *this);
-};
-
-/**
- * @brief Read a x509 certificate from a DER encoded blob.
- *
- * @param chunk chunk containing DER encoded data
- * @return created x509_t certificate, or NULL if invalid.
- *
- * @ingroup transforms
- */
-x509_t *x509_create_from_chunk(chunk_t chunk);
-
-/**
- * @brief Read a x509 certificate from a DER encoded file.
- *
- * @param filename file containing DER encoded data
- * @return created x509_t certificate, or NULL if invalid.
- *
- * @ingroup transforms
- */
-x509_t *x509_create_from_file(char *filename);
-
-#endif /* X509_H_ */