diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/libcrypto/Makefile.am | 6 | ||||
| -rw-r--r-- | src/libcrypto/libsha2/Makefile.old | 21 | ||||
| -rw-r--r-- | src/libcrypto/libsha2/hmac_sha2.c | 32 | ||||
| -rw-r--r-- | src/libcrypto/libsha2/hmac_sha2.h | 17 | ||||
| -rw-r--r-- | src/libcrypto/libsha2/sha2.c | 437 | ||||
| -rw-r--r-- | src/libcrypto/libsha2/sha2.h | 52 | ||||
| -rw-r--r-- | src/pluto/Makefile.am | 3 | ||||
| -rw-r--r-- | src/pluto/alg/ike_alg_sha2.c | 51 | ||||
| -rw-r--r-- | src/pluto/crypto.c | 80 | ||||
| -rw-r--r-- | src/pluto/crypto.h | 50 | ||||
| -rw-r--r-- | src/pluto/ike_alg.c | 51 | ||||
| -rw-r--r-- | src/pluto/ike_alg.h | 6 | ||||
| -rw-r--r-- | src/pluto/md2.c | 237 | ||||
| -rw-r--r-- | src/pluto/md2.h | 72 | ||||
| -rw-r--r-- | src/pluto/md5.c | 385 | ||||
| -rw-r--r-- | src/pluto/md5.h | 75 | ||||
| -rw-r--r-- | src/pluto/pkcs1.c | 1 | ||||
| -rw-r--r-- | src/pluto/sha1.h | 16 | ||||
| -rw-r--r-- | src/scepclient/Makefile.am | 12 |
19 files changed, 42 insertions, 1562 deletions
diff --git a/src/libcrypto/Makefile.am b/src/libcrypto/Makefile.am index 4416c8daf..08f35a955 100644 --- a/src/libcrypto/Makefile.am +++ b/src/libcrypto/Makefile.am @@ -1,9 +1,9 @@ noinst_LIBRARIES = libcrypto.a libcrypto_a_SOURCES = \ libaes/aes_xcbc_mac.c libaes/aes_cbc.c libaes/aes_xcbc_mac.h libaes/aes_cbc.h libaes/aes.c libaes/aes.h \ -include/md32_common.h include/cbc_generic.h include/hmac_generic.h libblowfish/bf_skey.c libblowfish/blowfish.h \ -libblowfish/bf_pi.h libblowfish/bf_locl.h libblowfish/bf_enc.c libsha2/hmac_sha2.c libsha2/sha2.h libsha2/hmac_sha2.h \ -libsha2/sha2.c libserpent/serpent_cbc.c libserpent/serpent_cbc.h libserpent/serpent.c libserpent/serpent.h \ +include/md32_common.h include/cbc_generic.h include/hmac_generic.h \ +libblowfish/bf_skey.c libblowfish/blowfish.h libblowfish/bf_pi.h libblowfish/bf_locl.h libblowfish/bf_enc.c \ +libserpent/serpent_cbc.c libserpent/serpent_cbc.h libserpent/serpent.c libserpent/serpent.h \ libtwofish/twofish_cbc.h libtwofish/twofish_cbc.c libtwofish/twofish.c libtwofish/twofish.h libdes/des_enc.c \ libdes/podd.h libdes/sk.h libdes/set_key.c libdes/fcrypt_b.c libdes/fcrypt.c libdes/destest.c \ libdes/spr.h libdes/cbc_enc.c libdes/ecb_enc.c libdes/des_locl.h libdes/des_ver.h libdes/des.h diff --git a/src/libcrypto/libsha2/Makefile.old b/src/libcrypto/libsha2/Makefile.old deleted file mode 100644 index cee7e6109..000000000 --- a/src/libcrypto/libsha2/Makefile.old +++ /dev/null @@ -1,21 +0,0 @@ -CFLAGS=-O3 -fomit-frame-pointer -I../include $(EXTRA_CFLAGS) - -LIBOBJ := hmac_sha2.o sha2.o - -BLIB := libsha2.a - -.S.o: - $(CC) $(AFLAGS) -c $< -o $@ - -$(BLIB): $(LIBOBJ) - /bin/rm -f $(BLIB) - ar cr $(BLIB) $(LIBOBJ) - -if test -s /bin/ranlib; then /bin/ranlib $(BLIB); \ - else if test -s /usr/bin/ranlib; then /usr/bin/ranlib $(BLIB); \ - else exit 0; fi; fi - -test: test_main.o $(BLIB) - $(CC) -o $@ $^ - -clean: - rm -f *.[oa] core $(TARGET) test diff --git a/src/libcrypto/libsha2/hmac_sha2.c b/src/libcrypto/libsha2/hmac_sha2.c deleted file mode 100644 index ad107eb62..000000000 --- a/src/libcrypto/libsha2/hmac_sha2.c +++ /dev/null @@ -1,32 +0,0 @@ -#ifdef __KERNEL__ -#include <linux/types.h> -#include <linux/string.h> -#else -#include <sys/types.h> -#include <string.h> -#endif -#include "hmac_generic.h" -#include "sha2.h" -#include "hmac_sha2.h" - -void inline sha256_result(sha256_context *ctx, u_int8_t * hash, int hashlen) { - sha256_final(ctx); - memcpy(hash, &ctx->sha_out[0], hashlen); -} -void inline sha512_result(sha512_context *ctx, u_int8_t * hash, int hashlen) { - sha512_final(ctx); - memcpy(hash, &ctx->sha_out[0], hashlen); -} -HMAC_SET_KEY_IMPL (sha256_hmac_set_key, - sha256_hmac_context, SHA256_BLOCKSIZE, - sha256_init, sha256_write) -HMAC_HASH_IMPL (sha256_hmac_hash, - sha256_hmac_context, sha256_context, SHA256_HASHLEN, - sha256_write, sha256_result) - -HMAC_SET_KEY_IMPL (sha512_hmac_set_key, - sha512_hmac_context, SHA512_BLOCKSIZE, - sha512_init, sha512_write) -HMAC_HASH_IMPL (sha512_hmac_hash, - sha512_hmac_context, sha512_context, SHA512_HASHLEN, - sha512_write, sha512_result) diff --git a/src/libcrypto/libsha2/hmac_sha2.h b/src/libcrypto/libsha2/hmac_sha2.h deleted file mode 100644 index b7f8c747c..000000000 --- a/src/libcrypto/libsha2/hmac_sha2.h +++ /dev/null @@ -1,17 +0,0 @@ -typedef struct { - sha256_context ictx,octx; -} sha256_hmac_context; -typedef struct { - sha512_context ictx,octx; -} sha512_hmac_context; -#define SHA256_BLOCKSIZE 64 -#define SHA256_HASHLEN 32 -#define SHA384_BLOCKSIZE 128 /* XXX ok? */ -#define SHA384_HASHLEN 48 -#define SHA512_BLOCKSIZE 128 -#define SHA512_HASHLEN 64 - -void sha256_hmac_hash(sha256_hmac_context *hctx, const u_int8_t * dat, int len, u_int8_t * hash, int hashlen); -void sha256_hmac_set_key(sha256_hmac_context *hctx, const u_int8_t * key, int keylen); -void sha512_hmac_hash(sha512_hmac_context *hctx, const u_int8_t * dat, int len, u_int8_t * hash, int hashlen); -void sha512_hmac_set_key(sha512_hmac_context *hctx, const u_int8_t * key, int keylen); diff --git a/src/libcrypto/libsha2/sha2.c b/src/libcrypto/libsha2/sha2.c deleted file mode 100644 index 4debdad67..000000000 --- a/src/libcrypto/libsha2/sha2.c +++ /dev/null @@ -1,437 +0,0 @@ -/* - * sha512.c - * - * Written by Jari Ruusu, April 16 2001 - * - * Copyright 2001 by Jari Ruusu. - * Redistribution of this file is permitted under the GNU Public License. - */ - -#ifdef __KERNEL__ -#include <linux/string.h> -#include <linux/types.h> -#else -#include <string.h> -#include <sys/types.h> -#endif -#include "sha2.h" - -/* Define one or more of these. If none is defined, you get all of them */ -#if !defined(SHA256_NEEDED)&&!defined(SHA512_NEEDED)&&!defined(SHA384_NEEDED) -# define SHA256_NEEDED 1 -# define SHA512_NEEDED 1 -# define SHA384_NEEDED 1 -#endif - -#if defined(SHA256_NEEDED) -static const u_int32_t sha256_hashInit[8] = { - 0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c, - 0x1f83d9ab, 0x5be0cd19 -}; -static const u_int32_t sha256_K[64] = { - 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, - 0x923f82a4, 0xab1c5ed5, 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, - 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, 0xe49b69c1, 0xefbe4786, - 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, - 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, - 0x06ca6351, 0x14292967, 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, - 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, 0xa2bfe8a1, 0xa81a664b, - 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, - 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, - 0x5b9cca4f, 0x682e6ff3, 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, - 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2 -}; -#endif - -#if defined(SHA512_NEEDED) -static const u_int64_t sha512_hashInit[8] = { - 0x6a09e667f3bcc908ULL, 0xbb67ae8584caa73bULL, 0x3c6ef372fe94f82bULL, - 0xa54ff53a5f1d36f1ULL, 0x510e527fade682d1ULL, 0x9b05688c2b3e6c1fULL, - 0x1f83d9abfb41bd6bULL, 0x5be0cd19137e2179ULL -}; -#endif - -#if defined(SHA384_NEEDED) -static const u_int64_t sha384_hashInit[8] = { - 0xcbbb9d5dc1059ed8ULL, 0x629a292a367cd507ULL, 0x9159015a3070dd17ULL, - 0x152fecd8f70e5939ULL, 0x67332667ffc00b31ULL, 0x8eb44a8768581511ULL, - 0xdb0c2e0d64f98fa7ULL, 0x47b5481dbefa4fa4ULL -}; -#endif - -#if defined(SHA512_NEEDED) || defined(SHA384_NEEDED) -static const u_int64_t sha512_K[80] = { - 0x428a2f98d728ae22ULL, 0x7137449123ef65cdULL, 0xb5c0fbcfec4d3b2fULL, - 0xe9b5dba58189dbbcULL, 0x3956c25bf348b538ULL, 0x59f111f1b605d019ULL, - 0x923f82a4af194f9bULL, 0xab1c5ed5da6d8118ULL, 0xd807aa98a3030242ULL, - 0x12835b0145706fbeULL, 0x243185be4ee4b28cULL, 0x550c7dc3d5ffb4e2ULL, - 0x72be5d74f27b896fULL, 0x80deb1fe3b1696b1ULL, 0x9bdc06a725c71235ULL, - 0xc19bf174cf692694ULL, 0xe49b69c19ef14ad2ULL, 0xefbe4786384f25e3ULL, - 0x0fc19dc68b8cd5b5ULL, 0x240ca1cc77ac9c65ULL, 0x2de92c6f592b0275ULL, - 0x4a7484aa6ea6e483ULL, 0x5cb0a9dcbd41fbd4ULL, 0x76f988da831153b5ULL, - 0x983e5152ee66dfabULL, 0xa831c66d2db43210ULL, 0xb00327c898fb213fULL, - 0xbf597fc7beef0ee4ULL, 0xc6e00bf33da88fc2ULL, 0xd5a79147930aa725ULL, - 0x06ca6351e003826fULL, 0x142929670a0e6e70ULL, 0x27b70a8546d22ffcULL, - 0x2e1b21385c26c926ULL, 0x4d2c6dfc5ac42aedULL, 0x53380d139d95b3dfULL, - 0x650a73548baf63deULL, 0x766a0abb3c77b2a8ULL, 0x81c2c92e47edaee6ULL, - 0x92722c851482353bULL, 0xa2bfe8a14cf10364ULL, 0xa81a664bbc423001ULL, - 0xc24b8b70d0f89791ULL, 0xc76c51a30654be30ULL, 0xd192e819d6ef5218ULL, - 0xd69906245565a910ULL, 0xf40e35855771202aULL, 0x106aa07032bbd1b8ULL, - 0x19a4c116b8d2d0c8ULL, 0x1e376c085141ab53ULL, 0x2748774cdf8eeb99ULL, - 0x34b0bcb5e19b48a8ULL, 0x391c0cb3c5c95a63ULL, 0x4ed8aa4ae3418acbULL, - 0x5b9cca4f7763e373ULL, 0x682e6ff3d6b2b8a3ULL, 0x748f82ee5defb2fcULL, - 0x78a5636f43172f60ULL, 0x84c87814a1f0ab72ULL, 0x8cc702081a6439ecULL, - 0x90befffa23631e28ULL, 0xa4506cebde82bde9ULL, 0xbef9a3f7b2c67915ULL, - 0xc67178f2e372532bULL, 0xca273eceea26619cULL, 0xd186b8c721c0c207ULL, - 0xeada7dd6cde0eb1eULL, 0xf57d4f7fee6ed178ULL, 0x06f067aa72176fbaULL, - 0x0a637dc5a2c898a6ULL, 0x113f9804bef90daeULL, 0x1b710b35131c471bULL, - 0x28db77f523047d84ULL, 0x32caab7b40c72493ULL, 0x3c9ebe0a15c9bebcULL, - 0x431d67c49c100d4cULL, 0x4cc5d4becb3e42b6ULL, 0x597f299cfc657e2aULL, - 0x5fcb6fab3ad6faecULL, 0x6c44198c4a475817ULL -}; -#endif - -#define Ch(x,y,z) (((x) & (y)) ^ ((~(x)) & (z))) -#define Maj(x,y,z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z))) -#define R(x,y) ((y) >> (x)) - -#if defined(SHA256_NEEDED) -void sha256_init(sha256_context *ctx) -{ - memcpy(&ctx->sha_H[0], &sha256_hashInit[0], sizeof(ctx->sha_H)); - ctx->sha_blocks = 0; - ctx->sha_bufCnt = 0; -} - -#define S(x,y) (((y) >> (x)) | ((y) << (32 - (x)))) -#define uSig0(x) ((S(2,(x))) ^ (S(13,(x))) ^ (S(22,(x)))) -#define uSig1(x) ((S(6,(x))) ^ (S(11,(x))) ^ (S(25,(x)))) -#define lSig0(x) ((S(7,(x))) ^ (S(18,(x))) ^ (R(3,(x)))) -#define lSig1(x) ((S(17,(x))) ^ (S(19,(x))) ^ (R(10,(x)))) - -static void sha256_transform(sha256_context *ctx, const unsigned char *datap) -{ - register int j; - u_int32_t a, b, c, d, e, f, g, h; - u_int32_t T1, T2, W[64], Wm2, Wm15; - - /* read the data, big endian byte order */ - j = 0; - do { - W[j] = (((u_int32_t)(datap[0]))<<24) | (((u_int32_t)(datap[1]))<<16) | - (((u_int32_t)(datap[2]))<<8 ) | ((u_int32_t)(datap[3])); - datap += 4; - } while(++j < 16); - - /* initialize variables a...h */ - a = ctx->sha_H[0]; - b = ctx->sha_H[1]; - c = ctx->sha_H[2]; - d = ctx->sha_H[3]; - e = ctx->sha_H[4]; - f = ctx->sha_H[5]; - g = ctx->sha_H[6]; - h = ctx->sha_H[7]; - - /* apply compression function */ - j = 0; - do { - if(j >= 16) { - Wm2 = W[j - 2]; - Wm15 = W[j - 15]; - W[j] = lSig1(Wm2) + W[j - 7] + lSig0(Wm15) + W[j - 16]; - } - T1 = h + uSig1(e) + Ch(e,f,g) + sha256_K[j] + W[j]; - T2 = uSig0(a) + Maj(a,b,c); - h = g; g = f; f = e; - e = d + T1; - d = c; c = b; b = a; - a = T1 + T2; - } while(++j < 64); - - /* compute intermediate hash value */ - ctx->sha_H[0] += a; - ctx->sha_H[1] += b; - ctx->sha_H[2] += c; - ctx->sha_H[3] += d; - ctx->sha_H[4] += e; - ctx->sha_H[5] += f; - ctx->sha_H[6] += g; - ctx->sha_H[7] += h; - - ctx->sha_blocks++; -} - -void sha256_write(sha256_context *ctx, const unsigned char *datap, int length) -{ - while(length > 0) { - if(!ctx->sha_bufCnt) { - while(length >= sizeof(ctx->sha_out)) { - sha256_transform(ctx, datap); - datap += sizeof(ctx->sha_out); - length -= sizeof(ctx->sha_out); - } - if(!length) return; - } - ctx->sha_out[ctx->sha_bufCnt] = *datap++; - length--; - if(++ctx->sha_bufCnt == sizeof(ctx->sha_out)) { - sha256_transform(ctx, &ctx->sha_out[0]); - ctx->sha_bufCnt = 0; - } - } -} - -void sha256_final(sha256_context *ctx) -{ - register int j; - u_int64_t bitLength; - u_int32_t i; - unsigned char padByte, *datap; - - bitLength = (ctx->sha_blocks << 9) | (ctx->sha_bufCnt << 3); - padByte = 0x80; - sha256_write(ctx, &padByte, 1); - - /* pad extra space with zeroes */ - padByte = 0; - while(ctx->sha_bufCnt != 56) { - sha256_write(ctx, &padByte, 1); - } - - /* write bit length, big endian byte order */ - ctx->sha_out[56] = bitLength >> 56; - ctx->sha_out[57] = bitLength >> 48; - ctx->sha_out[58] = bitLength >> 40; - ctx->sha_out[59] = bitLength >> 32; - ctx->sha_out[60] = bitLength >> 24; - ctx->sha_out[61] = bitLength >> 16; - ctx->sha_out[62] = bitLength >> 8; - ctx->sha_out[63] = bitLength; - sha256_transform(ctx, &ctx->sha_out[0]); - - /* return results in ctx->sha_out[0...31] */ - datap = &ctx->sha_out[0]; - j = 0; - do { - i = ctx->sha_H[j]; - datap[0] = i >> 24; - datap[1] = i >> 16; - datap[2] = i >> 8; - datap[3] = i; - datap += 4; - } while(++j < 8); - - /* clear sensitive information */ - memset(&ctx->sha_out[32], 0, sizeof(sha256_context) - 32); -} - -void sha256_hash_buffer(unsigned char *ib, int ile, unsigned char *ob, int ole) -{ - sha256_context ctx; - - if(ole < 1) return; - memset(ob, 0, ole); - if(ole > 32) ole = 32; - sha256_init(&ctx); - sha256_write(&ctx, ib, ile); - sha256_final(&ctx); - memcpy(ob, &ctx.sha_out[0], ole); - memset(&ctx, 0, sizeof(ctx)); -} - -#endif - -#if defined(SHA512_NEEDED) -void sha512_init(sha512_context *ctx) -{ - memcpy(&ctx->sha_H[0], &sha512_hashInit[0], sizeof(ctx->sha_H)); - ctx->sha_blocks = 0; - ctx->sha_blocksMSB = 0; - ctx->sha_bufCnt = 0; -} -#endif - -#if defined(SHA512_NEEDED) || defined(SHA384_NEEDED) -#undef S -#undef uSig0 -#undef uSig1 -#undef lSig0 -#undef lSig1 -#define S(x,y) (((y) >> (x)) | ((y) << (64 - (x)))) -#define uSig0(x) ((S(28,(x))) ^ (S(34,(x))) ^ (S(39,(x)))) -#define uSig1(x) ((S(14,(x))) ^ (S(18,(x))) ^ (S(41,(x)))) -#define lSig0(x) ((S(1,(x))) ^ (S(8,(x))) ^ (R(7,(x)))) -#define lSig1(x) ((S(19,(x))) ^ (S(61,(x))) ^ (R(6,(x)))) - -static void sha512_transform(sha512_context *ctx, const unsigned char *datap) -{ - register int j; - u_int64_t a, b, c, d, e, f, g, h; - u_int64_t T1, T2, W[80], Wm2, Wm15; - - /* read the data, big endian byte order */ - j = 0; - do { - W[j] = (((u_int64_t)(datap[0]))<<56) | (((u_int64_t)(datap[1]))<<48) | - (((u_int64_t)(datap[2]))<<40) | (((u_int64_t)(datap[3]))<<32) | - (((u_int64_t)(datap[4]))<<24) | (((u_int64_t)(datap[5]))<<16) | - (((u_int64_t)(datap[6]))<<8 ) | ((u_int64_t)(datap[7])); - datap += 8; - } while(++j < 16); - - /* initialize variables a...h */ - a = ctx->sha_H[0]; - b = ctx->sha_H[1]; - c = ctx->sha_H[2]; - d = ctx->sha_H[3]; - e = ctx->sha_H[4]; - f = ctx->sha_H[5]; - g = ctx->sha_H[6]; - h = ctx->sha_H[7]; - - /* apply compression function */ - j = 0; - do { - if(j >= 16) { - Wm2 = W[j - 2]; - Wm15 = W[j - 15]; - W[j] = lSig1(Wm2) + W[j - 7] + lSig0(Wm15) + W[j - 16]; - } - T1 = h + uSig1(e) + Ch(e,f,g) + sha512_K[j] + W[j]; - T2 = uSig0(a) + Maj(a,b,c); - h = g; g = f; f = e; - e = d + T1; - d = c; c = b; b = a; - a = T1 + T2; - } while(++j < 80); - - /* compute intermediate hash value */ - ctx->sha_H[0] += a; - ctx->sha_H[1] += b; - ctx->sha_H[2] += c; - ctx->sha_H[3] += d; - ctx->sha_H[4] += e; - ctx->sha_H[5] += f; - ctx->sha_H[6] += g; - ctx->sha_H[7] += h; - - ctx->sha_blocks++; - if(!ctx->sha_blocks) ctx->sha_blocksMSB++; -} - -void sha512_write(sha512_context *ctx, const unsigned char *datap, int length) -{ - while(length > 0) { - if(!ctx->sha_bufCnt) { - while(length >= sizeof(ctx->sha_out)) { - sha512_transform(ctx, datap); - datap += sizeof(ctx->sha_out); - length -= sizeof(ctx->sha_out); - } - if(!length) return; - } - ctx->sha_out[ctx->sha_bufCnt] = *datap++; - length--; - if(++ctx->sha_bufCnt == sizeof(ctx->sha_out)) { - sha512_transform(ctx, &ctx->sha_out[0]); - ctx->sha_bufCnt = 0; - } - } -} - -void sha512_final(sha512_context *ctx) -{ - register int j; - u_int64_t bitLength, bitLengthMSB; - u_int64_t i; - unsigned char padByte, *datap; - - bitLength = (ctx->sha_blocks << 10) | (ctx->sha_bufCnt << 3); - bitLengthMSB = (ctx->sha_blocksMSB << 10) | (ctx->sha_blocks >> 54); - padByte = 0x80; - sha512_write(ctx, &padByte, 1); - - /* pad extra space with zeroes */ - padByte = 0; - while(ctx->sha_bufCnt != 112) { - sha512_write(ctx, &padByte, 1); - } - - /* write bit length, big endian byte order */ - ctx->sha_out[112] = bitLengthMSB >> 56; - ctx->sha_out[113] = bitLengthMSB >> 48; - ctx->sha_out[114] = bitLengthMSB >> 40; - ctx->sha_out[115] = bitLengthMSB >> 32; - ctx->sha_out[116] = bitLengthMSB >> 24; - ctx->sha_out[117] = bitLengthMSB >> 16; - ctx->sha_out[118] = bitLengthMSB >> 8; - ctx->sha_out[119] = bitLengthMSB; - ctx->sha_out[120] = bitLength >> 56; - ctx->sha_out[121] = bitLength >> 48; - ctx->sha_out[122] = bitLength >> 40; - ctx->sha_out[123] = bitLength >> 32; - ctx->sha_out[124] = bitLength >> 24; - ctx->sha_out[125] = bitLength >> 16; - ctx->sha_out[126] = bitLength >> 8; - ctx->sha_out[127] = bitLength; - sha512_transform(ctx, &ctx->sha_out[0]); - - /* return results in ctx->sha_out[0...63] */ - datap = &ctx->sha_out[0]; - j = 0; - do { - i = ctx->sha_H[j]; - datap[0] = i >> 56; - datap[1] = i >> 48; - datap[2] = i >> 40; - datap[3] = i >> 32; - datap[4] = i >> 24; - datap[5] = i >> 16; - datap[6] = i >> 8; - datap[7] = i; - datap += 8; - } while(++j < 8); - - /* clear sensitive information */ - memset(&ctx->sha_out[64], 0, sizeof(sha512_context) - 64); -} - -void sha512_hash_buffer(unsigned char *ib, int ile, unsigned char *ob, int ole) -{ - sha512_context ctx; - - if(ole < 1) return; - memset(ob, 0, ole); - if(ole > 64) ole = 64; - sha512_init(&ctx); - sha512_write(&ctx, ib, ile); - sha512_final(&ctx); - memcpy(ob, &ctx.sha_out[0], ole); - memset(&ctx, 0, sizeof(ctx)); -} -#endif - -#if defined(SHA384_NEEDED) -void sha384_init(sha512_context *ctx) -{ - memcpy(&ctx->sha_H[0], &sha384_hashInit[0], sizeof(ctx->sha_H)); - ctx->sha_blocks = 0; - ctx->sha_blocksMSB = 0; - ctx->sha_bufCnt = 0; -} - -void sha384_hash_buffer(unsigned char *ib, int ile, unsigned char *ob, int ole) -{ - sha512_context ctx; - - if(ole < 1) return; - memset(ob, 0, ole); - if(ole > 48) ole = 48; - sha384_init(&ctx); - sha512_write(&ctx, ib, ile); - sha512_final(&ctx); - memcpy(ob, &ctx.sha_out[0], ole); - memset(&ctx, 0, sizeof(ctx)); -} -#endif diff --git a/src/libcrypto/libsha2/sha2.h b/src/libcrypto/libsha2/sha2.h deleted file mode 100644 index 2dc03cfa8..000000000 --- a/src/libcrypto/libsha2/sha2.h +++ /dev/null @@ -1,52 +0,0 @@ -#ifndef _SHA2_H -#define _SHA2_H -/* - * sha512.h - * - * Written by Jari Ruusu, April 16 2001 - * - * Copyright 2001 by Jari Ruusu. - * Redistribution of this file is permitted under the GNU Public License. - */ - -#ifdef __KERNEL__ -#include <linux/types.h> -#else -#include <sys/types.h> -#endif - -typedef struct { - unsigned char sha_out[64]; /* results are here, bytes 0...31 */ - u_int32_t sha_H[8]; - u_int64_t sha_blocks; - int sha_bufCnt; -} sha256_context; - -typedef struct { - unsigned char sha_out[128]; /* results are here, bytes 0...63 */ - u_int64_t sha_H[8]; - u_int64_t sha_blocks; - u_int64_t sha_blocksMSB; - int sha_bufCnt; -} sha512_context; - -/* no sha384_context, use sha512_context */ - -/* 256 bit hash, provides 128 bits of security against collision attacks */ -extern void sha256_init(sha256_context *); -extern void sha256_write(sha256_context *, const unsigned char *, int); -extern void sha256_final(sha256_context *); -extern void sha256_hash_buffer(unsigned char *, int, unsigned char *, int); - -/* 512 bit hash, provides 256 bits of security against collision attacks */ -extern void sha512_init(sha512_context *); -extern void sha512_write(sha512_context *, const unsigned char *, int); -extern void sha512_final(sha512_context *); -extern void sha512_hash_buffer(unsigned char *, int, unsigned char *, int); - -/* 384 bit hash, provides 192 bits of security against collision attacks */ -extern void sha384_init(sha512_context *); -/* no sha384_write(), use sha512_write() */ -/* no sha384_final(), use sha512_final(), result in ctx->sha_out[0...47] */ -extern void sha384_hash_buffer(unsigned char *, int, unsigned char *, int); -#endif /* _SHA2_H */ diff --git a/src/pluto/Makefile.am b/src/pluto/Makefile.am index 23fa5423a..4d4c977b2 100644 --- a/src/pluto/Makefile.am +++ b/src/pluto/Makefile.am @@ -32,8 +32,6 @@ kernel_pfkey.c kernel_pfkey.h \ keys.c keys.h \ lex.c lex.h \ log.c log.h \ -md2.c md2.h \ -md5.c md5.h \ modecfg.c modecfg.h \ mp_defs.c mp_defs.h \ nat_traversal.c nat_traversal.h \ @@ -46,7 +44,6 @@ pkcs7.c pkcs7.h \ plutomain.c \ rcv_whack.c rcv_whack.h \ server.c server.h \ -sha1.c sha1.h \ smartcard.c smartcard.h \ spdb.c spdb.h \ state.c state.h \ diff --git a/src/pluto/alg/ike_alg_sha2.c b/src/pluto/alg/ike_alg_sha2.c index 6b7c8438c..41da10013 100644 --- a/src/pluto/alg/ike_alg_sha2.c +++ b/src/pluto/alg/ike_alg_sha2.c @@ -4,34 +4,14 @@ #include <sys/types.h> #include <freeswan.h> +#include <crypto/hashers/hasher.h> + #include "constants.h" #include "defs.h" #include "log.h" -#include "libsha2/sha2.h" #include "alg_info.h" #include "ike_alg.h" -static void -sha256_hash_final(u_char *hash, sha256_context *ctx) -{ - sha256_final(ctx); - memcpy(hash, ctx->sha_out, SHA2_256_DIGEST_SIZE); -} - -static void -sha384_hash_final(u_char *hash, sha512_context *ctx) -{ - sha512_final(ctx); - memcpy(hash, ctx->sha_out, SHA2_384_DIGEST_SIZE); -} - -static void -sha512_hash_final(u_char *hash, sha512_context *ctx) -{ - sha512_final(ctx); - memcpy(hash, ctx->sha_out, SHA2_512_DIGEST_SIZE); -} - /* SHA-256 hash test vectors * from "The Secure Hash Algorithm Validation System (SHAVS)" * July 22, 2004, Lawrence E. Bassham III, NIST @@ -572,42 +552,27 @@ struct hash_desc hash_desc_sha2_256 = { algo_type: IKE_ALG_HASH, algo_id: OAKLEY_SHA2_256, algo_next: NULL, - hash_ctx_size: sizeof(sha256_context), - hash_block_size: SHA2_256_BLOCK_SIZE, - hash_digest_size: SHA2_256_DIGEST_SIZE, + hash_digest_size: HASH_SIZE_SHA256, hash_testvectors: sha256_hash_testvectors, - hmac_testvectors: sha256_hmac_testvectors, - hash_init: (void (*)(void *))sha256_init, - hash_update: (void (*)(void *, const u_char *, size_t ))sha256_write, - hash_final:(void (*)(u_char *, void *))sha256_hash_final + hmac_testvectors: sha256_hmac_testvectors }; struct hash_desc hash_desc_sha2_384 = { algo_type: IKE_ALG_HASH, algo_id: OAKLEY_SHA2_384, algo_next: NULL, - hash_ctx_size: sizeof(sha512_context), - hash_block_size: SHA2_384_BLOCK_SIZE, - hash_digest_size: SHA2_384_DIGEST_SIZE, + hash_digest_size: HASH_SIZE_SHA384, hash_testvectors: sha384_hash_testvectors, - hmac_testvectors: sha384_hmac_testvectors, - hash_init: (void (*)(void *))sha384_init, - hash_update: (void (*)(void *, const u_char *, size_t ))sha512_write, - hash_final:(void (*)(u_char *, void *))sha384_hash_final + hmac_testvectors: sha384_hmac_testvectors }; struct hash_desc hash_desc_sha2_512 = { algo_type: IKE_ALG_HASH, algo_id: OAKLEY_SHA2_512, algo_next: NULL, - hash_ctx_size: sizeof(sha512_context), - hash_block_size: SHA2_512_BLOCK_SIZE, - hash_digest_size: SHA2_512_DIGEST_SIZE, + hash_digest_size: HASH_SIZE_SHA512, hash_testvectors: sha512_hash_testvectors, - hmac_testvectors: sha512_hmac_testvectors, - hash_init: (void (*)(void *))sha512_init, - hash_update: (void (*)(void *, const u_char *, size_t ))sha512_write, - hash_final:(void (*)(u_char *, void *))sha512_hash_final + hmac_testvectors: sha512_hmac_testvectors }; int ike_alg_sha2_init(void); diff --git a/src/pluto/crypto.c b/src/pluto/crypto.c index 6a885b885..579e257f2 100644 --- a/src/pluto/crypto.c +++ b/src/pluto/crypto.c @@ -24,6 +24,8 @@ #include <errno.h> +#include <crypto/hashers/hasher.h> + #include "constants.h" #include "defs.h" #include "state.h" @@ -298,14 +300,9 @@ static struct hash_desc crypto_hasher_md5 = algo_type: IKE_ALG_HASH, algo_id: OAKLEY_MD5, algo_next: NULL, - hash_ctx_size: sizeof(MD5_CTX), - hash_block_size: MD5_BLOCK_SIZE, - hash_digest_size: MD5_DIGEST_SIZE, + hash_digest_size: HASH_SIZE_MD5, hash_testvectors: md5_hash_testvectors, hmac_testvectors: md5_hmac_testvectors, - hash_init: (void (*)(void *)) MD5Init, - hash_update: (void (*)(void *, const u_int8_t *, size_t)) MD5Update, - hash_final: (void (*)(u_char *, void *)) MD5Final }; /* SHA-1 test vectors @@ -439,14 +436,9 @@ static struct hash_desc crypto_hasher_sha1 = algo_type: IKE_ALG_HASH, algo_id: OAKLEY_SHA, algo_next: NULL, - hash_ctx_size: sizeof(SHA1_CTX), - hash_block_size: SHA1_BLOCK_SIZE, - hash_digest_size: SHA1_DIGEST_SIZE, + hash_digest_size: HASH_SIZE_SHA1, hash_testvectors: sha1_hash_testvectors, - hmac_testvectors: sha1_hmac_testvectors, - hash_init: (void (*)(void *)) SHA1Init, - hash_update: (void (*)(void *, const u_int8_t *, size_t)) SHA1Update, - hash_final: (void (*)(u_char *, void *)) SHA1Final + hmac_testvectors: sha1_hmac_testvectors }; void init_crypto(void) @@ -565,68 +557,6 @@ void crypto_cbc_encrypt(const struct encrypt_desc *e, bool enc, u_int8_t *buf, */ } -/* HMAC package - * rfc2104.txt specifies how HMAC works. - */ - -void hmac_init(struct hmac_ctx *ctx, const struct hash_desc *h, - const u_char *key, size_t key_len) -{ - int k; - - ctx->h = h; - ctx->hmac_digest_size = h->hash_digest_size; - - /* Prepare the two pads for the HMAC */ - - memset(ctx->buf1, '\0', h->hash_block_size); - - if (key_len <= h->hash_block_size) - { - memcpy(ctx->buf1, key, key_len); - } - else - { - h->hash_init(&ctx->hash_ctx); - h->hash_update(&ctx->hash_ctx, key, key_len); - h->hash_final(ctx->buf1, &ctx->hash_ctx); - } - - memcpy(ctx->buf2, ctx->buf1, h->hash_block_size); - - for (k = 0; k < h->hash_block_size; k++) - { - ctx->buf1[k] ^= HMAC_IPAD; - ctx->buf2[k] ^= HMAC_OPAD; - } - - hmac_reinit(ctx); -} - -void hmac_reinit(struct hmac_ctx *ctx) -{ - ctx->h->hash_init(&ctx->hash_ctx); - ctx->h->hash_update(&ctx->hash_ctx, ctx->buf1, ctx->h->hash_block_size); -} - -void hmac_update(struct hmac_ctx *ctx, - const u_char *data, size_t data_len) -{ - ctx->h->hash_update(&ctx->hash_ctx, data, data_len); -} - -void hmac_final(u_char *output, struct hmac_ctx *ctx) -{ - const struct hash_desc *h = ctx->h; - - h->hash_final(output, &ctx->hash_ctx); - - h->hash_init(&ctx->hash_ctx); - h->hash_update(&ctx->hash_ctx, ctx->buf2, h->hash_block_size); - h->hash_update(&ctx->hash_ctx, output, h->hash_digest_size); - h->hash_final(output, &ctx->hash_ctx); -} - hash_algorithm_t oakley_to_hash_algorithm(int alg) { switch (alg) diff --git a/src/pluto/crypto.h b/src/pluto/crypto.h index 72df70ef6..4fc9b2356 100644 --- a/src/pluto/crypto.h +++ b/src/pluto/crypto.h @@ -17,9 +17,6 @@ #include <crypto/hashers/hasher.h> #include <crypto/prfs/prf.h> -#include "md5.h" -#include "sha1.h" -#include "libsha2/sha2.h" #include "ike_alg.h" extern void init_crypto(void); @@ -63,54 +60,7 @@ void crypto_cbc_encrypt(const struct encrypt_desc *e, bool enc, u_int8_t *buf, s /* unification of cryptographic hashing mechanisms */ -#ifndef NO_HASH_CTX -union hash_ctx { - MD5_CTX ctx_md5; - SHA1_CTX ctx_sha1; - sha256_context ctx_sha256; - sha512_context ctx_sha512; - }; - -/* HMAC package - * Note that hmac_ctx can be (and is) copied since there are - * no persistent pointers into it. - */ - -struct hmac_ctx { - const struct hash_desc *h; /* underlying hash function */ - size_t hmac_digest_size; /* copy of h->hash_digest_size */ - union hash_ctx hash_ctx; /* ctx for hash function */ - u_char buf1[MAX_HASH_BLOCK_SIZE]; - u_char buf2[MAX_HASH_BLOCK_SIZE]; - }; - -extern void hmac_init( - struct hmac_ctx *ctx, - const struct hash_desc *h, - const u_char *key, - size_t key_len); - -#define hmac_init_chunk(ctx, h, ch) hmac_init((ctx), (h), (ch).ptr, (ch).len) - -extern void hmac_reinit(struct hmac_ctx *ctx); /* saves recreating pads */ - -extern void hmac_update( - struct hmac_ctx *ctx, - const u_char *data, - size_t data_len); - -#define hmac_update_chunk(ctx, ch) hmac_update((ctx), (ch).ptr, (ch).len) - -extern void hmac_final(u_char *output, struct hmac_ctx *ctx); - -#define hmac_final_chunk(ch, name, ctx) { \ - free((ch).ptr); \ - (ch).len = (ctx)->hmac_digest_size; \ - (ch).ptr = malloc((ch).len); \ - hmac_final((ch).ptr, (ctx)); \ - } extern hash_algorithm_t oakley_to_hash_algorithm(int alg); extern pseudo_random_function_t oakley_to_prf(int alg); -#endif diff --git a/src/pluto/ike_alg.c b/src/pluto/ike_alg.c index 740bae8c1..5056e82ab 100644 --- a/src/pluto/ike_alg.c +++ b/src/pluto/ike_alg.c @@ -148,22 +148,6 @@ ike_alg_register_hash(struct hash_desc *hash_desc) return_on(ret,-EINVAL); } - if (hash_desc->hash_ctx_size > sizeof (union hash_ctx)) - { - plog ("ike_alg: hash alg=%d has ctx_size=%d > hash_ctx=%d" - , hash_desc->algo_id - , (int)hash_desc->hash_ctx_size - , (int)sizeof (union hash_ctx)); - return_on(ret,-EOVERFLOW); - } - - if (!(hash_desc->hash_init && hash_desc->hash_update && hash_desc->hash_final)) - { - plog ("ike_alg: hash alg=%d needs hash_init(), hash_update() and hash_final()" - , hash_desc->algo_id); - return_on(ret,-EINVAL); - } - alg_name = enum_name(&oakley_hash_names, hash_desc->algo_id); if (!alg_name) { @@ -447,25 +431,32 @@ ike_hash_test(const struct hash_desc *desc) if (desc->hash_testvectors == NULL) { - plog(" %s hash self-test not available", enum_name(&oakley_hash_names, desc->algo_id)); + plog(" %s hash self-test not available", + enum_name(&oakley_hash_names, desc->algo_id)); } else { int i; + hash_algorithm_t hash_alg; + hasher_t *hasher; + hash_alg = oakley_to_hash_algorithm(desc->algo_id); + hasher = lib->crypto->create_hasher(lib->crypto, hash_alg); + if (hasher == NULL) + { + plog(" %s hash function not available", + enum_name(&oakley_hash_names, desc->algo_id)); + return FALSE; + } + for (i = 0; desc->hash_testvectors[i].msg_digest != NULL; i++) { u_char digest[MAX_DIGEST_LEN]; chunk_t msg = { desc->hash_testvectors[i].msg, desc->hash_testvectors[i].msg_size }; - hash_algorithm_t hash_alg; - hasher_t *hasher; bool result; - hash_alg = oakley_to_hash_algorithm(desc->algo_id); - hasher = lib->crypto->create_hasher(lib->crypto, hash_alg); hasher->get_hash(hasher, msg, digest); - hasher->destroy(hasher); result = memeq(digest, desc->hash_testvectors[i].msg_digest , desc->hash_digest_size); DBG(DBG_CRYPT, @@ -473,8 +464,9 @@ ike_hash_test(const struct hash_desc *desc) ) hash_results &= result; } - plog(" %s hash self-test %s", enum_name(&oakley_hash_names, desc->algo_id) - , hash_results ? "passed":"failed"); + hasher->destroy(hasher); + plog(" %s hash self-test %s", enum_name(&oakley_hash_names, desc->algo_id), + hash_results ? "passed":"failed"); } if (desc->hmac_testvectors == NULL) @@ -484,6 +476,9 @@ ike_hash_test(const struct hash_desc *desc) else { int i; + pseudo_random_function_t prf_alg; + + prf_alg = oakley_to_prf(desc->algo_id); for (i = 0; desc->hmac_testvectors[i].hmac != NULL; i++) { @@ -492,12 +487,16 @@ ike_hash_test(const struct hash_desc *desc) desc->hmac_testvectors[i].key_size }; chunk_t msg = { desc->hmac_testvectors[i].msg, desc->hmac_testvectors[i].msg_size }; - pseudo_random_function_t prf_alg; prf_t *prf; bool result; - prf_alg = oakley_to_prf(desc->algo_id); prf = lib->crypto->create_prf(lib->crypto, prf_alg); + if (prf == NULL) + { + plog(" %s hmac function not available", + enum_name(&oakley_hash_names, desc->algo_id)); + return FALSE; + } prf->set_key(prf, key); prf->get_bytes(prf, msg, digest); prf->destroy(prf); diff --git a/src/pluto/ike_alg.h b/src/pluto/ike_alg.h index 5334ad8c0..3bf93b9f6 100644 --- a/src/pluto/ike_alg.h +++ b/src/pluto/ike_alg.h @@ -57,15 +57,9 @@ struct hash_desc { u_int16_t algo_type; u_int16_t algo_id; struct ike_alg *algo_next; - - size_t hash_ctx_size; - size_t hash_block_size; size_t hash_digest_size; const hash_testvector_t *hash_testvectors; const hmac_testvector_t *hmac_testvectors; - void (*hash_init)(void *ctx); - void (*hash_update)(void *ctx, const u_int8_t *in, size_t datasize); - void (*hash_final)(u_int8_t *out, void *ctx); }; #define IKE_ALG_ENCRYPT 0 diff --git a/src/pluto/md2.c b/src/pluto/md2.c deleted file mode 100644 index 8b0f166a5..000000000 --- a/src/pluto/md2.c +++ /dev/null @@ -1,237 +0,0 @@ -/* MD2C.C - RSA Data Security, Inc., MD2 message-digest algorithm - */ - -/* Copyright (C) 1990-2, RSA Data Security, Inc. Created 1990. All - rights reserved. - - License to copy and use this software is granted for - non-commercial Internet Privacy-Enhanced Mail provided that it is - identified as the "RSA Data Security, Inc. MD2 Message Digest - Algorithm" in all material mentioning or referencing this software - or this function. - - RSA Data Security, Inc. makes no representations concerning either - the merchantability of this software or the suitability of this - software for any particular purpose. It is provided "as is" - without express or implied warranty of any kind. - - These notices must be retained in any copies of any part of this - documentation and/or software. - */ - -#include "md2.h" - -#define HAVEMEMCOPY 1 /* use ISO C's memcpy and memset */ - -static void MD2Transform PROTO_LIST - ((unsigned char [16], unsigned char [16], const unsigned char [16])); - -#ifdef HAVEMEMCOPY -#include <memory.h> -#define MD2_memcpy memcpy -#define MD2_memset memset -#else -#ifdef HAVEBCOPY -#define MD2_memcpy(_a,_b,_c) memcpy((_a), (_b),(_c)) -#define MD2_memset(_a,_b,_c) memset((_a), '\0',(_c)) -#else -static void MD2_memcpy PROTO_LIST ((POINTER, CONST_POINTER, unsigned int)); -static void MD2_memset PROTO_LIST ((POINTER, int, unsigned int)); -#endif -#endif - -/* Permutation of 0..255 constructed from the digits of pi. It gives a - "random" nonlinear byte substitution operation. - */ -static unsigned char PI_SUBST[256] = { - 41, 46, 67, 201, 162, 216, 124, 1, 61, 54, 84, 161, 236, 240, 6, - 19, 98, 167, 5, 243, 192, 199, 115, 140, 152, 147, 43, 217, 188, - 76, 130, 202, 30, 155, 87, 60, 253, 212, 224, 22, 103, 66, 111, 24, - 138, 23, 229, 18, 190, 78, 196, 214, 218, 158, 222, 73, 160, 251, - 245, 142, 187, 47, 238, 122, 169, 104, 121, 145, 21, 178, 7, 63, - 148, 194, 16, 137, 11, 34, 95, 33, 128, 127, 93, 154, 90, 144, 50, - 39, 53, 62, 204, 231, 191, 247, 151, 3, 255, 25, 48, 179, 72, 165, - 181, 209, 215, 94, 146, 42, 172, 86, 170, 198, 79, 184, 56, 210, - 150, 164, 125, 182, 118, 252, 107, 226, 156, 116, 4, 241, 69, 157, - 112, 89, 100, 113, 135, 32, 134, 91, 207, 101, 230, 45, 168, 2, 27, - 96, 37, 173, 174, 176, 185, 246, 28, 70, 97, 105, 52, 64, 126, 15, - 85, 71, 163, 35, 221, 81, 175, 58, 195, 92, 249, 206, 186, 197, - 234, 38, 44, 83, 13, 110, 133, 40, 132, 9, 211, 223, 205, 244, 65, - 129, 77, 82, 106, 220, 55, 200, 108, 193, 171, 250, 36, 225, 123, - 8, 12, 189, 177, 74, 120, 136, 149, 139, 227, 99, 232, 109, 233, - 203, 213, 254, 59, 0, 29, 57, 242, 239, 183, 14, 102, 88, 208, 228, - 166, 119, 114, 248, 235, 117, 75, 10, 49, 68, 80, 180, 143, 237, - 31, 26, 219, 153, 141, 51, 159, 17, 131, 20 -}; - -static const unsigned char *PADDING[] = { - (const unsigned char *)"", - (const unsigned char *)"\001", - (const unsigned char *)"\002\002", - (const unsigned char *)"\003\003\003", - (const unsigned char *)"\004\004\004\004", - (const unsigned char *)"\005\005\005\005\005", - (const unsigned char *)"\006\006\006\006\006\006", - (const unsigned char *)"\007\007\007\007\007\007\007", - (const unsigned char *)"\010\010\010\010\010\010\010\010", - (const unsigned char *)"\011\011\011\011\011\011\011\011\011", - (const unsigned char *)"\012\012\012\012\012\012\012\012\012\012", - (const unsigned char *)"\013\013\013\013\013\013\013\013\013\013\013", - (const unsigned char *)"\014\014\014\014\014\014\014\014\014\014\014\014", - (const unsigned char *) - "\015\015\015\015\015\015\015\015\015\015\015\015\015", - (const unsigned char *) - "\016\016\016\016\016\016\016\016\016\016\016\016\016\016", - (const unsigned char *) - "\017\017\017\017\017\017\017\017\017\017\017\017\017\017\017", - (const unsigned char *) - "\020\020\020\020\020\020\020\020\020\020\020\020\020\020\020\020" -}; - -/* MD2 initialization. Begins an MD2 operation, writing a new context. - */ -void MD2Init (context) -MD2_CTX *context; /* context */ -{ - context->count = 0; - MD2_memset ((POINTER)context->state, 0, sizeof (context->state)); - MD2_memset - ((POINTER)context->checksum, 0, sizeof (context->checksum)); -} - -/* MD2 block update operation. Continues an MD2 message-digest - operation, processing another message block, and updating the - context. - */ -void MD2Update (context, input, inputLen) -MD2_CTX *context; /* context */ -const unsigned char *input; /* input block */ -unsigned int inputLen; /* length of input block */ -{ - unsigned int i, index, partLen; - - /* Update number of bytes mod 16 */ - index = context->count; - context->count = (index + inputLen) & 0xf; - - partLen = 16 - index; - - /* Transform as many times as possible. - */ - if (inputLen >= partLen) { - MD2_memcpy - ((POINTER)&context->buffer[index], (CONST_POINTER)input, partLen); - MD2Transform (context->state, context->checksum, context->buffer); - - for (i = partLen; i + 15 < inputLen; i += 16) - MD2Transform (context->state, context->checksum, &input[i]); - - index = 0; - } - else - i = 0; - - /* Buffer remaining input */ - MD2_memcpy - ((POINTER)&context->buffer[index], (CONST_POINTER)&input[i], - inputLen-i); -} - -/* MD2 finalization. Ends an MD2 message-digest operation, writing the - message digest and zeroizing the context. - */ -void MD2Final (digest, context) - -unsigned char digest[16]; /* message digest */ -MD2_CTX *context; /* context */ -{ - unsigned int index, padLen; - - /* Pad out to multiple of 16. - */ - index = context->count; - padLen = 16 - index; - MD2Update (context, PADDING[padLen], padLen); - - /* Extend with checksum */ - MD2Update (context, context->checksum, 16); - - /* Store state in digest */ - MD2_memcpy ((POINTER)digest, (POINTER)context->state, 16); - - /* Zeroize sensitive information. - */ - MD2_memset ((POINTER)context, 0, sizeof (*context)); -} - -/* MD2 basic transformation. Transforms state and updates checksum - based on block. - */ -static void MD2Transform (state, checksum, block) -unsigned char state[16]; -unsigned char checksum[16]; -const unsigned char block[16]; -{ - unsigned int i, j, t; - unsigned char x[48]; - - /* Form encryption block from state, block, state ^ block. - */ - MD2_memcpy ((POINTER)x, (CONST_POINTER)state, 16); - MD2_memcpy ((POINTER)x+16, (CONST_POINTER)block, 16); - for (i = 0; i < 16; i++) - x[i+32] = state[i] ^ block[i]; - - /* Encrypt block (18 rounds). - */ - t = 0; - for (i = 0; i < 18; i++) { - for (j = 0; j < 48; j++) - t = x[j] ^= PI_SUBST[t]; - t = (t + i) & 0xff; - } - - /* Save new state */ - MD2_memcpy ((POINTER)state, (POINTER)x, 16); - - /* Update checksum. - */ - t = checksum[15]; - for (i = 0; i < 16; i++) - t = checksum[i] ^= PI_SUBST[block[i] ^ t]; - - /* Zeroize sensitive information. - */ - MD2_memset ((POINTER)x, 0, sizeof (x)); -} - -#ifndef HAVEMEMCOPY -#ifndef HAVEBCOPY -/* Note: Replace "for loop" with standard memcpy if possible. - */ -static void MD2_memcpy (output, input, len) -POINTER output; -POINTER input; -unsigned int len; -{ - unsigned int i; - - for (i = 0; i < len; i++) - output[i] = input[i]; -} - -/* Note: Replace "for loop" with standard memset if possible. - */ -static void MD2_memset (output, value, len) -POINTER output; -int value; -unsigned int len; -{ - unsigned int i; - - for (i = 0; i < len; i++) - ((char *)output)[i] = (char)value; -} -#endif -#endif - diff --git a/src/pluto/md2.h b/src/pluto/md2.h deleted file mode 100644 index 52a7328d5..000000000 --- a/src/pluto/md2.h +++ /dev/null @@ -1,72 +0,0 @@ -#ifndef _GLOBAL_H_ -#define _GLOBAL_H_ -/* GLOBAL.H - RSAREF types and constants - */ - -/* PROTOTYPES should be set to one if and only if the compiler supports - function argument prototyping. - The following makes PROTOTYPES default to 0 if it has not already - been defined with C compiler flags. - */ -#ifndef PROTOTYPES -#define PROTOTYPES 1 -#endif - -/* POINTER defines a generic pointer type */ -typedef unsigned char *POINTER; -typedef const unsigned char *CONST_POINTER; - -/* UINT2 defines a two byte word */ -typedef unsigned short int UINT2; - -/* UINT4 defines a four byte word */ -typedef unsigned long int UINT4; - -/* PROTO_LIST is defined depending on how PROTOTYPES is defined above. - If using PROTOTYPES, then PROTO_LIST returns the list, otherwise it - returns an empty list. - */ - -#if PROTOTYPES -#define PROTO_LIST(list) list -#else -#define PROTO_LIST(list) () -#endif - -#endif - -/* MD2.H - header file for MD2C.C - */ - -/* Copyright (C) 1990-2, RSA Data Security, Inc. Created 1990. All - rights reserved. - - License to copy and use this software is granted for - non-commercial Internet Privacy-Enhanced Mail provided that it is - identified as the "RSA Data Security, Inc. MD2 Message Digest - Algorithm" in all material mentioning or referencing this software - or this function. - - RSA Data Security, Inc. makes no representations concerning either - the merchantability of this software or the suitability of this - software for any particular purpose. It is provided "as is" - without express or implied warranty of any kind. - - These notices must be retained in any copies of any part of this - documentation and/or software. - */ - -/* MD2 context. */ -typedef struct { - unsigned char state[16]; /* state */ - unsigned char checksum[16]; /* checksum */ - unsigned int count; /* number of bytes, modulo 16 */ - unsigned char buffer[16]; /* input buffer */ -} MD2_CTX; - -void MD2Init PROTO_LIST ((MD2_CTX *)); -void MD2Update PROTO_LIST - ((MD2_CTX *, const unsigned char *, unsigned int)); -void MD2Final PROTO_LIST ((unsigned char [16], MD2_CTX *)); - -#define _MD2_H_ diff --git a/src/pluto/md5.c b/src/pluto/md5.c deleted file mode 100644 index b220af551..000000000 --- a/src/pluto/md5.c +++ /dev/null @@ -1,385 +0,0 @@ -/* - * The rest of the code is derived from MD5C.C by RSADSI. Minor cosmetic - * changes to accomodate it in the kernel by ji. - * Minor changes to make 64 bit clean by Peter Onion (i.e. using u_int*_t). - */ - -/* MD5C.C - RSA Data Security, Inc., MD5 message-digest algorithm - */ - -/* Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All -rights reserved. - -License to copy and use this software is granted provided that it -is identified as the "RSA Data Security, Inc. MD5 Message-Digest -Algorithm" in all material mentioning or referencing this software -or this function. - -License is also granted to make and use derivative works provided -that such works are identified as "derived from the RSA Data -Security, Inc. MD5 Message-Digest Algorithm" in all material -mentioning or referencing the derived work. - -RSA Data Security, Inc. makes no representations concerning either -the merchantability of this software or the suitability of this -software for any particular purpose. It is provided "as is" -without express or implied warranty of any kind. - -These notices must be retained in any copies of any part of this -documentation and/or software. - */ - -/* - * Additions by JI - * - * HAVEMEMCOPY is defined if mem* routines are available - * - * HAVEHTON is defined if htons() and htonl() can be used - * for big/little endian conversions - * - */ - -#include <stddef.h> -#include <string.h> -#include <sys/types.h> /* for u_int*_t */ -#include <endian.h> /* sets BYTE_ORDER, LITTLE_ENDIAN, and BIG_ENDIAN */ - -#include "md5.h" - -#define HAVEMEMCOPY 1 /* use ISO C's memcpy and memset */ - -/* Constants for MD5Transform routine. - */ - -#define S11 7 -#define S12 12 -#define S13 17 -#define S14 22 -#define S21 5 -#define S22 9 -#define S23 14 -#define S24 20 -#define S31 4 -#define S32 11 -#define S33 16 -#define S34 23 -#define S41 6 -#define S42 10 -#define S43 15 -#define S44 21 - -#define MD5Transform _MD5Transform - -static void MD5Transform PROTO_LIST ((UINT4 [4], const unsigned char [64])); - -#if BYTE_ORDER == LITTLE_ENDIAN -#define Encode MD5_memcpy -#define Decode MD5_memcpy -#else -static void Encode PROTO_LIST - ((unsigned char *, UINT4 *, unsigned int)); -static void Decode PROTO_LIST - ((UINT4 *, unsigned char *, unsigned int)); -#endif - -#ifdef HAVEMEMCOPY -#include <memory.h> -#define MD5_memcpy memcpy -#define MD5_memset memset -#else -#ifdef HAVEBCOPY -#define MD5_memcpy(_a,_b,_c) memcpy((_a), (_b),(_c)) -#define MD5_memset(_a,_b,_c) memset((_a), '\0',(_c)) -#else -static void MD5_memcpy PROTO_LIST ((POINTER, POINTER, unsigned int)); -static void MD5_memset PROTO_LIST ((POINTER, int, unsigned int)); -#endif -#endif -static unsigned char PADDING[64] = { - 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 -}; - -/* F, G, H and I are basic MD5 functions. - */ -#define F(x, y, z) (((x) & (y)) | ((~x) & (z))) -#define G(x, y, z) (((x) & (z)) | ((y) & (~z))) -#define H(x, y, z) ((x) ^ (y) ^ (z)) -#define I(x, y, z) ((y) ^ ((x) | (~z))) - -/* ROTATE_LEFT rotates x left n bits. - */ -#define ROTATE_LEFT(x, n) (((x) << (n)) | ((x) >> (32-(n)))) - -/* FF, GG, HH, and II transformations for rounds 1, 2, 3, and 4. -Rotation is separate from addition to prevent recomputation. - */ -#define FF(a, b, c, d, x, s, ac) { \ - (a) += F ((b), (c), (d)) + (x) + (UINT4)(ac); \ - (a) = ROTATE_LEFT ((a), (s)); \ - (a) += (b); \ - } -#define GG(a, b, c, d, x, s, ac) { \ - (a) += G ((b), (c), (d)) + (x) + (UINT4)(ac); \ - (a) = ROTATE_LEFT ((a), (s)); \ - (a) += (b); \ - } -#define HH(a, b, c, d, x, s, ac) { \ - (a) += H ((b), (c), (d)) + (x) + (UINT4)(ac); \ - (a) = ROTATE_LEFT ((a), (s)); \ - (a) += (b); \ - } -#define II(a, b, c, d, x, s, ac) { \ - (a) += I ((b), (c), (d)) + (x) + (UINT4)(ac); \ - (a) = ROTATE_LEFT ((a), (s)); \ - (a) += (b); \ - } - -/* MD5 initialization. Begins an MD5 operation, writing a new context. - */ -void MD5Init (context) -MD5_CTX *context; /* context */ -{ - context->count[0] = context->count[1] = 0; - /* Load magic initialization constants. -*/ - context->state[0] = 0x67452301; - context->state[1] = 0xefcdab89; - context->state[2] = 0x98badcfe; - context->state[3] = 0x10325476; -} - -/* MD5 block update operation. Continues an MD5 message-digest - operation, processing another message block, and updating the - context. - */ -void MD5Update (context, input, inputLen) -MD5_CTX *context; /* context */ -const unsigned char *input; /* input block */ -UINT4 inputLen; /* length of input block */ -{ - UINT4 i; - unsigned int index, partLen; - - /* Compute number of bytes mod 64 */ - index = (unsigned int)((context->count[0] >> 3) & 0x3F); - - /* Update number of bits */ - if ((context->count[0] += (inputLen << 3)) < (inputLen << 3)) - context->count[1]++; - context->count[1] += (inputLen >> 29); - - partLen = 64 - index; - - /* Transform as many times as possible. */ - if (inputLen >= partLen) { - MD5_memcpy((POINTER)&context->buffer[index], (CONSTPOINTER)input, partLen); - MD5Transform (context->state, context->buffer); - - for (i = partLen; i + 63 < inputLen; i += 64) - MD5Transform (context->state, &input[i]); - - index = 0; - } - else - i = 0; - - /* Buffer remaining input */ - MD5_memcpy((POINTER)&context->buffer[index], (CONSTPOINTER)&input[i], inputLen-i); -} - -/* MD5 finalization. Ends an MD5 message-digest operation, writing the - the message digest and zeroizing the context. - */ -void MD5Final (digest, context) -unsigned char digest[16]; /* message digest */ -MD5_CTX *context; /* context */ -{ - unsigned char bits[8]; - unsigned int index, padLen; - - /* Save number of bits */ - Encode (bits, context->count, 8); - - /* Pad out to 56 mod 64. -*/ - index = (unsigned int)((context->count[0] >> 3) & 0x3f); - padLen = (index < 56) ? (56 - index) : (120 - index); - MD5Update (context, PADDING, padLen); - - /* Append length (before padding) */ - MD5Update (context, bits, 8); - - if (digest != NULL) /* Bill Simpson's padding */ - { - /* store state in digest */ - Encode (digest, context->state, 16); - - /* Zeroize sensitive information. - */ - MD5_memset ((POINTER)context, 0, sizeof (*context)); - } -} - -/* MD5 basic transformation. Transforms state based on block. - */ -static void MD5Transform (state, block) -UINT4 state[4]; -const unsigned char block[64]; -{ - UINT4 a = state[0], b = state[1], c = state[2], d = state[3], x[16]; - - Decode (x, block, 64); - - /* Round 1 */ - FF (a, b, c, d, x[ 0], S11, 0xd76aa478); /* 1 */ - FF (d, a, b, c, x[ 1], S12, 0xe8c7b756); /* 2 */ - FF (c, d, a, b, x[ 2], S13, 0x242070db); /* 3 */ - FF (b, c, d, a, x[ 3], S14, 0xc1bdceee); /* 4 */ - FF (a, b, c, d, x[ 4], S11, 0xf57c0faf); /* 5 */ - FF (d, a, b, c, x[ 5], S12, 0x4787c62a); /* 6 */ - FF (c, d, a, b, x[ 6], S13, 0xa8304613); /* 7 */ - FF (b, c, d, a, x[ 7], S14, 0xfd469501); /* 8 */ - FF (a, b, c, d, x[ 8], S11, 0x698098d8); /* 9 */ - FF (d, a, b, c, x[ 9], S12, 0x8b44f7af); /* 10 */ - FF (c, d, a, b, x[10], S13, 0xffff5bb1); /* 11 */ - FF (b, c, d, a, x[11], S14, 0x895cd7be); /* 12 */ - FF (a, b, c, d, x[12], S11, 0x6b901122); /* 13 */ - FF (d, a, b, c, x[13], S12, 0xfd987193); /* 14 */ - FF (c, d, a, b, x[14], S13, 0xa679438e); /* 15 */ - FF (b, c, d, a, x[15], S14, 0x49b40821); /* 16 */ - - /* Round 2 */ - GG (a, b, c, d, x[ 1], S21, 0xf61e2562); /* 17 */ - GG (d, a, b, c, x[ 6], S22, 0xc040b340); /* 18 */ - GG (c, d, a, b, x[11], S23, 0x265e5a51); /* 19 */ - GG (b, c, d, a, x[ 0], S24, 0xe9b6c7aa); /* 20 */ - GG (a, b, c, d, x[ 5], S21, 0xd62f105d); /* 21 */ - GG (d, a, b, c, x[10], S22, 0x2441453); /* 22 */ - GG (c, d, a, b, x[15], S23, 0xd8a1e681); /* 23 */ - GG (b, c, d, a, x[ 4], S24, 0xe7d3fbc8); /* 24 */ - GG (a, b, c, d, x[ 9], S21, 0x21e1cde6); /* 25 */ - GG (d, a, b, c, x[14], S22, 0xc33707d6); /* 26 */ - GG (c, d, a, b, x[ 3], S23, 0xf4d50d87); /* 27 */ - GG (b, c, d, a, x[ 8], S24, 0x455a14ed); /* 28 */ - GG (a, b, c, d, x[13], S21, 0xa9e3e905); /* 29 */ - GG (d, a, b, c, x[ 2], S22, 0xfcefa3f8); /* 30 */ - GG (c, d, a, b, x[ 7], S23, 0x676f02d9); /* 31 */ - GG (b, c, d, a, x[12], S24, 0x8d2a4c8a); /* 32 */ - - /* Round 3 */ - HH (a, b, c, d, x[ 5], S31, 0xfffa3942); /* 33 */ - HH (d, a, b, c, x[ 8], S32, 0x8771f681); /* 34 */ - HH (c, d, a, b, x[11], S33, 0x6d9d6122); /* 35 */ - HH (b, c, d, a, x[14], S34, 0xfde5380c); /* 36 */ - HH (a, b, c, d, x[ 1], S31, 0xa4beea44); /* 37 */ - HH (d, a, b, c, x[ 4], S32, 0x4bdecfa9); /* 38 */ - HH (c, d, a, b, x[ 7], S33, 0xf6bb4b60); /* 39 */ - HH (b, c, d, a, x[10], S34, 0xbebfbc70); /* 40 */ - HH (a, b, c, d, x[13], S31, 0x289b7ec6); /* 41 */ - HH (d, a, b, c, x[ 0], S32, 0xeaa127fa); /* 42 */ - HH (c, d, a, b, x[ 3], S33, 0xd4ef3085); /* 43 */ - HH (b, c, d, a, x[ 6], S34, 0x4881d05); /* 44 */ - HH (a, b, c, d, x[ 9], S31, 0xd9d4d039); /* 45 */ - HH (d, a, b, c, x[12], S32, 0xe6db99e5); /* 46 */ - HH (c, d, a, b, x[15], S33, 0x1fa27cf8); /* 47 */ - HH (b, c, d, a, x[ 2], S34, 0xc4ac5665); /* 48 */ - - /* Round 4 */ - II (a, b, c, d, x[ 0], S41, 0xf4292244); /* 49 */ - II (d, a, b, c, x[ 7], S42, 0x432aff97); /* 50 */ - II (c, d, a, b, x[14], S43, 0xab9423a7); /* 51 */ - II (b, c, d, a, x[ 5], S44, 0xfc93a039); /* 52 */ - II (a, b, c, d, x[12], S41, 0x655b59c3); /* 53 */ - II (d, a, b, c, x[ 3], S42, 0x8f0ccc92); /* 54 */ - II (c, d, a, b, x[10], S43, 0xffeff47d); /* 55 */ - II (b, c, d, a, x[ 1], S44, 0x85845dd1); /* 56 */ - II (a, b, c, d, x[ 8], S41, 0x6fa87e4f); /* 57 */ - II (d, a, b, c, x[15], S42, 0xfe2ce6e0); /* 58 */ - II (c, d, a, b, x[ 6], S43, 0xa3014314); /* 59 */ - II (b, c, d, a, x[13], S44, 0x4e0811a1); /* 60 */ - II (a, b, c, d, x[ 4], S41, 0xf7537e82); /* 61 */ - II (d, a, b, c, x[11], S42, 0xbd3af235); /* 62 */ - II (c, d, a, b, x[ 2], S43, 0x2ad7d2bb); /* 63 */ - II (b, c, d, a, x[ 9], S44, 0xeb86d391); /* 64 */ - - state[0] += a; - state[1] += b; - state[2] += c; - state[3] += d; - - /* Zeroize sensitive information. -*/ - MD5_memset ((POINTER)x, 0, sizeof (x)); -} - -#if BYTE_ORDER != LITTLE_ENDIAN - -/* Encodes input (UINT4) into output (unsigned char). Assumes len is - a multiple of 4. - */ -static void Encode (output, input, len) -unsigned char *output; -UINT4 *input; -unsigned int len; -{ - unsigned int i, j; - - for (i = 0, j = 0; j < len; i++, j += 4) { - output[j] = (unsigned char)(input[i] & 0xff); - output[j+1] = (unsigned char)((input[i] >> 8) & 0xff); - output[j+2] = (unsigned char)((input[i] >> 16) & 0xff); - output[j+3] = (unsigned char)((input[i] >> 24) & 0xff); - } -} - -/* Decodes input (unsigned char) into output (UINT4). Assumes len is - a multiple of 4. - */ -static void Decode (output, input, len) -UINT4 *output; -unsigned char *input; -unsigned int len; -{ - unsigned int i, j; - - for (i = 0, j = 0; j < len; i++, j += 4) - output[i] = ((UINT4)input[j]) | (((UINT4)input[j+1]) << 8) | - (((UINT4)input[j+2]) << 16) | (((UINT4)input[j+3]) << 24); -} - -#endif - -#ifndef HAVEMEMCOPY -#ifndef HAVEBCOPY -/* Note: Replace "for loop" with standard memcpy if possible. - */ - -static void MD5_memcpy (output, input, len) -POINTER output; -POINTER input; -unsigned int len; -{ - unsigned int i; - - for (i = 0; i < len; i++) - - output[i] = input[i]; -} - -/* Note: Replace "for loop" with standard memset if possible. - */ -static void MD5_memset (output, value, len) -POINTER output; -int value; -unsigned int len; -{ - unsigned int i; - - for (i = 0; i < len; i++) - ((char *)output)[i] = (char)value; -} -#endif -#endif - diff --git a/src/pluto/md5.h b/src/pluto/md5.h deleted file mode 100644 index a2c503cc7..000000000 --- a/src/pluto/md5.h +++ /dev/null @@ -1,75 +0,0 @@ -#ifndef _GLOBAL_H_ -#define _GLOBAL_H_ -/* GLOBAL.H - RSAREF types and constants - */ - -/* PROTOTYPES should be set to one if and only if the compiler supports - function argument prototyping. - The following makes PROTOTYPES default to 0 if it has not already - been defined with C compiler flags. - */ -#ifndef PROTOTYPES -#define PROTOTYPES 1 -#endif - -/* POINTER defines a generic pointer type */ -typedef unsigned char *POINTER; -typedef const unsigned char *CONSTPOINTER; - -/* UINT2 defines a two byte word */ -typedef u_int16_t UINT2; - -/* UINT4 defines a four byte word */ -typedef u_int32_t UINT4; - -/* PROTO_LIST is defined depending on how PROTOTYPES is defined above. - If using PROTOTYPES, then PROTO_LIST returns the list, otherwise it - returns an empty list. - */ - -#if PROTOTYPES -#define PROTO_LIST(list) list -#else -#define PROTO_LIST(list) () -#endif - -#endif - -/* MD5.H - header file for MD5C.C - */ - -/* Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All -rights reserved. - -License to copy and use this software is granted provided that it -is identified as the "RSA Data Security, Inc. MD5 Message-Digest -Algorithm" in all material mentioning or referencing this software -or this function. - -License is also granted to make and use derivative works provided -that such works are identified as "derived from the RSA Data -Security, Inc. MD5 Message-Digest Algorithm" in all material -mentioning or referencing the derived work. - -RSA Data Security, Inc. makes no representations concerning either -the merchantability of this software or the suitability of this -software for any particular purpose. It is provided "as is" -without express or implied warranty of any kind. - -These notices must be retained in any copies of any part of this -documentation and/or software. - */ - -/* MD5 context. */ -typedef struct { - UINT4 state[4]; /* state (ABCD) */ - UINT4 count[2]; /* number of bits, modulo 2^64 (lsb first) */ - unsigned char buffer[64]; /* input buffer */ -} MD5_CTX; - -void MD5Init PROTO_LIST ((MD5_CTX *)); -void MD5Update PROTO_LIST - ((MD5_CTX *, const unsigned char *, UINT4)); -void MD5Final PROTO_LIST ((unsigned char [16], MD5_CTX *)); - -#define _MD5_H_ diff --git a/src/pluto/pkcs1.c b/src/pluto/pkcs1.c index 6f2ab2268..ff8cf5f95 100644 --- a/src/pluto/pkcs1.c +++ b/src/pluto/pkcs1.c @@ -19,7 +19,6 @@ #include <string.h> #include <freeswan.h> -#include <libsha2/sha2.h> #include <library.h> #include <asn1/asn1.h> diff --git a/src/pluto/sha1.h b/src/pluto/sha1.h deleted file mode 100644 index 082e18ec0..000000000 --- a/src/pluto/sha1.h +++ /dev/null @@ -1,16 +0,0 @@ -/* -SHA-1 in C -By Steve Reid <steve@edmweb.com> -100% Public Domain -*/ - -typedef struct { - u_int32_t state[5]; - u_int32_t count[2]; - unsigned char buffer[64]; -} SHA1_CTX; - -void SHA1Transform(u_int32_t state[5], const unsigned char buffer[64]); -void SHA1Init(SHA1_CTX* context); -void SHA1Update(SHA1_CTX* context, const unsigned char* data, u_int32_t len); -void SHA1Final(unsigned char digest[20], SHA1_CTX* context); diff --git a/src/scepclient/Makefile.am b/src/scepclient/Makefile.am index 68570406e..081978553 100644 --- a/src/scepclient/Makefile.am +++ b/src/scepclient/Makefile.am @@ -29,8 +29,7 @@ LIBCRYPTOBUILDDIR=$(top_builddir)/src/libcrypto scepclient_LDADD = \ ca.o crl.o certs.o constants.o defs.o fetch.o id.o keys.o lex.o \ -md2.o md5.o mp_defs.o ocsp.o pem.o pgp.o pkcs1.o pkcs7.o sha1.o \ -smartcard.o x509.o \ +mp_defs.o ocsp.o pem.o pgp.o pkcs1.o pkcs7.o smartcard.o x509.o \ $(LIBSTRONGSWANBUILDDIR)/libstrongswan.la \ $(LIBFREESWANBUILDDIR)/libfreeswan.a \ $(LIBCRYPTOBUILDDIR)/libcrypto.a \ @@ -74,12 +73,6 @@ keys.o : $(PLUTODIR)/keys.c $(PLUTODIR)/keys.h lex.o : $(PLUTODIR)/lex.c $(PLUTODIR)/lex.h $(COMPILE) $(INCLUDES) -c -o $@ $< -md2.o : $(PLUTODIR)/md2.c $(PLUTODIR)/md2.h - $(COMPILE) $(INCLUDES) -c -o $@ $< - -md5.o : $(PLUTODIR)/md5.c $(PLUTODIR)/md5.h - $(COMPILE) $(INCLUDES) -c -o $@ $< - ocsp.o : $(PLUTODIR)/ocsp.c $(PLUTODIR)/ocsp.h $(COMPILE) $(INCLUDES) -c -o $@ $< @@ -95,9 +88,6 @@ pkcs1.o : $(PLUTODIR)/pkcs1.c $(PLUTODIR)/pkcs1.h pkcs7.o : $(PLUTODIR)/pkcs7.c $(PLUTODIR)/pkcs7.h $(COMPILE) $(INCLUDES) -c -o $@ $< -sha1.o : $(PLUTODIR)/sha1.c $(PLUTODIR)/sha1.h - $(COMPILE) $(INCLUDES) -c -o $@ $< - smartcard.o : $(PLUTODIR)/smartcard.c $(PLUTODIR)/smartcard.h $(COMPILE) $(INCLUDES) -c -o $@ $< |